From bugzilla-daemon at icedtea.classpath.org  Sat Mar  1 00:39:07 2014
From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org)
Date: Sat, 01 Mar 2014 08:39:07 +0000
Subject: [Bug 1689] New: Java crashes everytime I attempt to run a junit test
	within eclipse
Message-ID: <bug-1689-30@http.icedtea.classpath.org/bugzilla/>

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1689

            Bug ID: 1689
           Summary: Java crashes everytime I attempt to run a junit test
                    within eclipse
           Product: IcedTea
           Version: unspecified
          Hardware: x86_64
                OS: Linux
            Status: NEW
          Severity: enhancement
          Priority: P5
         Component: GCJWebPlugin
          Assignee: dbhole at redhat.com
          Reporter: mjoh44 at yahoo.com
                CC: unassigned at icedtea.classpath.org

Created attachment 1033
  --> http://icedtea.classpath.org/bugzilla/attachment.cgi?id=1033&action=edit
this is the report produced again and again (I've 6 of these stored up now)

all tests are set to fail except one and I don't yet have an assert in it.  It
most surely has errors which I was hoping to start fixing but I can never get
to the detailed error screen because java crashes every time I run the file and
it consistently produces the error in the attached file.

Env = Kepler on Ubuntu 13.10 the jvm is 7.5.1

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140301/9feceae3/attachment-0001.html 

From bugzilla-daemon at icedtea.classpath.org  Sat Mar  1 00:40:55 2014
From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org)
Date: Sat, 01 Mar 2014 08:40:55 +0000
Subject: [Bug 1689] Java crashes everytime I attempt to run a junit test
	within eclipse
In-Reply-To: <bug-1689-30@http.icedtea.classpath.org/bugzilla/>
References: <bug-1689-30@http.icedtea.classpath.org/bugzilla/>
Message-ID: <bug-1689-30-g5cfhKuWqc@http.icedtea.classpath.org/bugzilla/>

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1689

Marc Johnson <mjoh44 at yahoo.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
           Priority|P5                          |P1
          Component|GCJWebPlugin                |JamVM
            Version|unspecified                 |7-1.5
           Assignee|dbhole at redhat.com           |xerxes at zafena.se
           Severity|enhancement                 |blocker

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140301/50f28c64/attachment.html 

From stefan at complang.tuwien.ac.at  Sat Mar  1 00:47:59 2014
From: stefan at complang.tuwien.ac.at (Stefan Ring)
Date: Sat, 1 Mar 2014 09:47:59 +0100
Subject: building icedtea-7 on ARM
In-Reply-To: <CAN0CFw1+c5LJfoq4tWR861xdKiPmO8_0r4VmiGj5Ju=QRumx2A@mail.gmail.com>
References: <CAN0CFw0brhBBDHCLOtShMoe5vxk2JAvdQpAmytcVqTrgqTcKRw@mail.gmail.com>
	<1241533863.7170362.1392994965027.JavaMail.zimbra@redhat.com>
	<CAN0CFw0CXzZBPkB336d5uiiLaW8H0xZyz-i+O63DtteuzLh9nA@mail.gmail.com>
	<1221527868.7353353.1393018267203.JavaMail.zimbra@redhat.com>
	<CAN0CFw1YpYHmN7J-mBhkKEsZDAFEacv0ZuSwKM20FVW656RdwQ@mail.gmail.com>
	<2014632566.7363280.1393020299728.JavaMail.zimbra@redhat.com>
	<CAN0CFw3L4cs6wPBQy-u8L+7cqNL0ms6daD1P14Mu7AoeWNKnGg@mail.gmail.com>
	<CAN0CFw2k31ExgSuBYCbrVezECG1jmWZ1P9nVw-KdF=SGucybQg@mail.gmail.com>
	<1816561120.8183412.1393257720538.JavaMail.zimbra@redhat.com>
	<CAN0CFw3evw9fkX_yjbD24FCpu-mgdX1jnuiyLjauVMxBhp=f7w@mail.gmail.com>
	<CAN0CFw1+c5LJfoq4tWR861xdKiPmO8_0r4VmiGj5Ju=QRumx2A@mail.gmail.com>
Message-ID: <CAAxjCEzUyuRDM1DS6y=X7+znPXL6_UNch7CxuvgE9kfLbEkSeA@mail.gmail.com>

On Fri, Feb 28, 2014 at 4:33 PM, Grant <emailgrant at gmail.com> wrote:
>> You're right, sorry.  I deleted and re-added the java overlay and
>> tried again but it fails with:
>
>
> Is this compiling for anyone else on ARM?  Any idea on my error?
>
> [javac] Exception in thread "main" java.lang.NoSuchMethodError:
> java.util.Locale.getDefault(Ljava/util/Locale$Category;)Ljava/util/Locale;

Current icedtea7 builds for me on both Fedora (17, softfloat) and
Ubuntu (quantal, hardfloat) without troubles, but I don?t know
anything about Gentoo.

From bugzilla-daemon at icedtea.classpath.org  Sat Mar  1 00:54:05 2014
From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org)
Date: Sat, 01 Mar 2014 08:54:05 +0000
Subject: [Bug 1689] Java crashes everytime I attempt to run a junit test
	within eclipse
In-Reply-To: <bug-1689-30@http.icedtea.classpath.org/bugzilla/>
References: <bug-1689-30@http.icedtea.classpath.org/bugzilla/>
Message-ID: <bug-1689-30-2M3yUr7RuQ@http.icedtea.classpath.org/bugzilla/>

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1689

--- Comment #1 from Marc Johnson <mjoh44 at yahoo.com> ---
A few more details.  It's not my code at all.  I commented out the one method
for the the class under testing so none were implemented and it still failed.

I further had a private class in the test file that I commented out as well, so
essentially the junit 4 class is just a few stubs and the error is still
hapenning.

I have a different file under test with nothing but stubs and it too crashes.

I am using the standard junit tester on eclipse even though this is an android
project.  right now I'm testing underlying logic written only in java that
doesn't access any part of the dalvik code (there is some in the class under
test but this is strictly java code with imports below
import java.io.BufferedReader;
import java.io.BufferedWriter;
import java.io.IOException;
import java.io.InputStreamReader;
import java.io.OutputStreamWriter;
import java.text.SimpleDateFormat;
import java.util.ArrayList;
import java.util.Date;

import com.pastelplanet.playmyday.framework.FileIO;

The FileIO implementation within the project has an Android implementation but
is itself an interface, so I created the private generic java implementation
and there were no code errors/warnings to speak of.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140301/6d2142c3/attachment.html 

From yasu at ysfactory.dip.jp  Sat Mar  1 06:07:06 2014
From: yasu at ysfactory.dip.jp (Yasumasa Suenaga)
Date: Sat, 01 Mar 2014 23:07:06 +0900
Subject: JDK-8036003: Add variable not to separate debug information.
In-Reply-To: <53112019.9050504@oracle.com>
References: <20140228091835.58EB8C21F24@msgw007-05.ocn.ad.jp>	<53106F4A.8030905@oracle.com>
	<53109772.9070808@oracle.com> <5310AD70.2070908@ysfactory.dip.jp>
	<53112019.9050504@oracle.com>
Message-ID: <5311E98A.1020004@ysfactory.dip.jp>

Hi David,

> 1. Generating debug symbols in the binaries (via gcc -g or whatever)
> 2. Generating debuginfo files (zipped or not) (FDS)
> 3. Stripping debug symbols from the binaries (strip-policy)
> 
> It may be that we don't have clean separation between them, and if so
> that should be fixed, but I don't see the current proposal as the way
> forward.

Currently, 1. depends 2. If FDS set to disable, debug symbols (-g) are not
generated.
SEPARATED_DEBUGINFO_FILES which my patch provides can separate them.


> Also there may well be differences between how things are handled on the
> JDK side and hotspot side.

libjvm, libjsig. libsaproc are built with each makefiles in hotspot/make .
Other native library is built with make/common/NativeCompilation.gmk .

Additionally strip command is executed in "image" target which is defined
in jdk/make/Images.gmk . This "strip" ignores STRIP_POLICY . Thus ELF binaries 
which are contained in JDK/JRE images are stripped when we execute "images"
or "all" target.


So I change:

 1. Separating to add "-g" option to compiler from executing objcopy.
 2. jdk/make/Images.gmk regards STRIP_POLICY.


As I mentioned earlier, this issue is related to RPM.
So I hope to fix it before JDK8 GA is released.


Thanks,

Yasumasa


On 2014/03/01 8:47, David Holmes wrote:
> On 1/03/2014 1:38 AM, Yasumasa Suenaga wrote:
>>> The proper way to fix this is to disable FDS.
>>
>> Does this mean I have to pass --disable-debug-symbols to configure ?
>> I've added comment to JDK-8036003, I think if we pass --disable-debug-symbols
>> to configure, gcc/g++ is not passed -g option. "-g" is needed to generate
>> debuginfo.
> 
> There are three pieces to all of this:
> 
> 1. Generating debug symbols in the binaries (via gcc -g or whatever)
> 2. Generating debuginfo files (zipped or not) (FDS)
> 3. Stripping debug symbols from the binaries (strip-policy)
> 
> It may be that we don't have clean separation between them, and if so
> that should be fixed, but I don't see the current proposal as the way
> forward.
> 
> Also there may well be differences between how things are handled on the
> JDK side and hotspot side.
> 
> I will try to look closer if I get a chance but my time is limited at
> the moment.
> 
> David
> 
>>
>> Thanks,
>>
>> Yasumasa
>>
>>
>> On 2014/02/28 23:04, Daniel D. Daugherty wrote:
>>> The proper way to fix this is to disable FDS. We should not need
>>> yet another option to control debug info.
>>>
>>> Dan
>>>
>>>
>>> On 2/28/14 4:13 AM, David Holmes wrote:
>>>> Hi,
>>>>
>>>> As I put in the bug report this seems way too complicated. Seems to me
>>>> all you need to do to get what you want is not use FDS and not strip the
>>>> symbols from the binary. The former is trivial. The latter is more
>>>> awkward as the strip policy stuff does not work as I would want it to
>>>> work, but still doable.
>>>>
>>>> David
>>>>
>>>> On 28/02/2014 7:18 PM, Yasumasa Suenaga wrote:
>>>>> Hi all,
>>>>>
>>>>>
>>>>> Currently, configure script can accept --disable-debug-symbols and
>>>>> --disable-zip-debug-info as controlling to generate debug information.
>>>>> However, current makefiles cannot build ELF binaries which is contained
>>>>> debug information with "images" target.
>>>>>
>>>>> Some Linux distros use RPM as package manager.
>>>>> RPM is built by rpmbuild command, it strips symbols and debug information
>>>>> during to generate rpm packages.
>>>>> https://fedoraproject.org/wiki/Packaging:Debuginfo
>>>>>
>>>>> For example, OpenJDK8 in Fedora20 ships libjvm.so and libjvm.debuginfo .
>>>>> libjvm.debuginfo is generated in OpenJDK's makefiles, however it does not
>>>>> contain debug information. Actual debug information is shipped by OpenJDK
>>>>> debuginfo package.
>>>>> This packaging is important when we have to debug JVM/JNI libraries.
>>>>> If we want to use debugging tools (GDB, SystemTap, etc...), they may requires
>>>>> debuginfo package. Debuggee (e.g. libjvm.so) points libjvm.so.debug which is
>>>>> located at sub directory in /usr/lib/debug . It is defined in ELF section
>>>>> (.note.gnu.build-id) of libjvm.so . However libjvm.so.debug does not contain
>>>>> valid debug information. We need to access libjvm.debuginfo.debug at same location.
>>>>>
>>>>>
>>>>> When we think to build OpenJDK rpm packages, we have to build ELF binaries
>>>>> which contain all debug information. we should not to separate debug information.
>>>>>
>>>>>
>>>>> Thus I want to add a variable "SEPARATED_DEBUGINFO_FILES" .
>>>>> If we pass "SEPARATED_DEBUGINFO_FILES=false" to make command, "make" does not
>>>>> execute objcopy command for generating debuginfo binaries.
>>>>>
>>>>> If we build rpm packages, we also have to add "STRIP_POLICY=no_strip" to arguments
>>>>> of make command. Or ELF binaries will be stripped.
>>>>>
>>>>>
>>>>> I've uploaded webrev for this enhancement.
>>>>> This is separated 3-part: top of forest, hotspot, jdk
>>>>> http://cr.openjdk.java.net/~ysuenaga/JDK-8036003/
>>>>>
>>>>> Please review it and sponsoring!
>>>>>
>>>>>
>>>>> Thanks,
>>>>>
>>>>> Yasumasa
>>>>>
>>>>>
>>>>> P.S.
>>>>>       I tried to add SEPARATED_DEBUGINFO_FILES as a configure option like
>>>>>       "--disable-separated-debug-info" .
>>>>>       I ran configure which is located at jdk9/dev directory after I ran autoconf
>>>>>       and common/autoconf/autogen.sh. However it failed.
>>>>>
>>>>>       I guess this is caused by changeset as below.
>>>>>          JDK-8035495: Improvements in autoconf integration
>>>>>          http://hg.openjdk.java.net/jdk9/dev/rev/6e29cd9ac2b4
>>>>>
>>>>>       This changes add "CHECKME" option to configure script. However, this changes
>>>>>       affects "configure" only. It should change "configure.ac" .
>>>>>
>>>
>>
> 


From gnu.andrew at redhat.com  Sat Mar  1 08:56:48 2014
From: gnu.andrew at redhat.com (Andrew Hughes)
Date: Sat, 1 Mar 2014 11:56:48 -0500 (EST)
Subject: building icedtea-7 on ARM
In-Reply-To: <CAN0CFw1+c5LJfoq4tWR861xdKiPmO8_0r4VmiGj5Ju=QRumx2A@mail.gmail.com>
References: <CAN0CFw0brhBBDHCLOtShMoe5vxk2JAvdQpAmytcVqTrgqTcKRw@mail.gmail.com>
	<CAN0CFw1YpYHmN7J-mBhkKEsZDAFEacv0ZuSwKM20FVW656RdwQ@mail.gmail.com>
	<2014632566.7363280.1393020299728.JavaMail.zimbra@redhat.com>
	<CAN0CFw3L4cs6wPBQy-u8L+7cqNL0ms6daD1P14Mu7AoeWNKnGg@mail.gmail.com>
	<CAN0CFw2k31ExgSuBYCbrVezECG1jmWZ1P9nVw-KdF=SGucybQg@mail.gmail.com>
	<1816561120.8183412.1393257720538.JavaMail.zimbra@redhat.com>
	<CAN0CFw3evw9fkX_yjbD24FCpu-mgdX1jnuiyLjauVMxBhp=f7w@mail.gmail.com>
	<CAN0CFw1+c5LJfoq4tWR861xdKiPmO8_0r4VmiGj5Ju=QRumx2A@mail.gmail.com>
Message-ID: <259945663.11929660.1393693008938.JavaMail.zimbra@redhat.com>



----- Original Message -----
> >>> >>> Should the PAX issue be fixed in HEAD?
> >>> >>>
> >>> >>> - Grant
> >>> >>>
> >>> >>
> >>> >> Should be now if you update.
> >>> >
> >>> >
> >>> > I get the following:
> >>>
> >>> I just noticed the icedtea-7.9999.ebuild has been updated so I'm
> >>> trying that now.  I get the following error from the ebuild:
> >>>
> >>> !!! A file is not listed in the Manifest:
> >>> '/var/lib/layman/java/dev-java/icedtea/files/openjdk6-prefer_source.patch'
> >>>
> >>> But the fix is easy:
> >>>
> >>> # ebuild icedtea-7.9999.ebuild manifest
> >>>
> >>
> >> There's no such file...
> >
> >
> > You're right, sorry.  I deleted and re-added the java overlay and
> > tried again but it fails with:
> 
> 
> Is this compiling for anyone else on ARM?  Any idea on my error?
> 
> [javac] Exception in thread "main" java.lang.NoSuchMethodError:
> java.util.Locale.getDefault(Ljava/util/Locale$Category;)Ljava/util/Locale;
> 
> - Grant
> 
> 
> > [echo] +---------------------------------------+
> >      [echo] + Starting ant project jaxws +
> >      [echo] +---------------------------------------+
> >
> > -javac-jar-exists:
> >
> > sanity:
> >      [echo] Sanity Settings:
> >      [echo] ant.home=/usr/share/ant-core
> >      [echo] ant.version=Apache Ant(TM) version 1.9.1 compiled on
> > February 20 2014
> >      [echo] ant.java.version=1.6
> >      [echo] java.home=/usr/lib/icedtea6/jre
> >      [echo] java.version=1.6.0_29
> >      [echo] os.name=Linux
> >      [echo] os.arch=arm
> >      [echo] os.version=3.13.3-gentoo
> >      [echo]
> >      bootstrap.dir=/var/tmp/portage/dev-java/icedtea-7.9999/work/icedtea-9999/openjdk.build-boot/langtools/dist/bootstrap
> >      [echo]
> >      javac.jar=/var/tmp/portage/dev-java/icedtea-7.9999/work/icedtea-9999/openjdk.build-boot/langtools/dist/bootstrap/lib/javac.jar
> >      [echo]
> >      langtools.jar=/var/tmp/portage/dev-java/icedtea-7.9999/work/icedtea-9999/openjdk.build-boot/langtools/dist/lib/classes.jar
> >      [echo] javac.memoryInitialSize=256m
> >      [echo] javac.memoryMaximumSize=512m
> >      [echo] javac.source=7
> >      [echo] javac.debug=true
> >      [echo] javac.target=7
> >      [echo] javac.version.opt=
> >      [echo] javac.lint.opts=
> >      [echo] javac.no.jdk.warnings=-XDignore.symbol.file=true
> >      [echo]
> >      output.dir=/var/tmp/portage/dev-java/icedtea-7.9999/work/icedtea-9999/openjdk.build-boot/jaxws
> >      [echo]
> >      build.dir=/var/tmp/portage/dev-java/icedtea-7.9999/work/icedtea-9999/openjdk.build-boot/jaxws/build
> >      [echo]
> >      dist.dir=/var/tmp/portage/dev-java/icedtea-7.9999/work/icedtea-9999/openjdk.build-boot/jaxws/dist
> >      [echo]
> >      jdk.topdir=/var/tmp/portage/dev-java/icedtea-7.9999/work/icedtea-9999/openjdk-boot/jdk
> >      [echo]
> >      jdk.gensrcdir=/var/tmp/portage/dev-java/icedtea-7.9999/work/icedtea-9999/generated.build
> >      [echo]
> >
> > init:
> >     [mkdir] Created dir:
> > /var/tmp/portage/dev-java/icedtea-7.9999/work/icedtea-9999/openjdk.build-boot/jaxws/build
> >     [mkdir] Created dir:
> > /var/tmp/portage/dev-java/icedtea-7.9999/work/icedtea-9999/openjdk.build-boot/jaxws/build/classes
> >     [mkdir] Created dir:
> > /var/tmp/portage/dev-java/icedtea-7.9999/work/icedtea-9999/openjdk.build-boot/jaxws/dist
> >     [mkdir] Created dir:
> > /var/tmp/portage/dev-java/icedtea-7.9999/work/icedtea-9999/openjdk.build-boot/jaxws/dist/lib
> >
> > compile:
> >     [javac] Compiling 2749 source files to
> > /var/tmp/portage/dev-java/icedtea-7.9999/work/icedtea-9999/openjdk.build-boot/jaxws/build/classes
> >     [javac] Exception in thread "main" java.lang.NoSuchMethodError:
> > java.util.Locale.getDefault(Ljava/util/Locale$Category;)Ljava/util/Locale;
> >     [javac]     at java.text.MessageFormat.<init>(MessageFormat.java:362)
> >     [javac]     at java.text.MessageFormat.format(MessageFormat.java:835)
> >     [javac]     at
> > com.sun.tools.javac.util.JavacMessages.getLocalizedString(JavacMessages.java:200)
> >     [javac]     at
> > com.sun.tools.javac.util.JavacMessages.getLocalizedString(JavacMessages.java:141)
> >     [javac]     at
> > com.sun.tools.javac.util.JavacMessages.getLocalizedString(JavacMessages.java:135)
> >     [javac]     at
> > com.sun.tools.javac.main.Main.getLocalizedString(Main.java:585)
> >     [javac]     at com.sun.tools.javac.main.Main.bugMessage(Main.java:503)
> >     [javac]     at com.sun.tools.javac.main.Main.compile(Main.java:484)
> >     [javac]     at com.sun.tools.javac.main.Main.compile(Main.java:353)
> >     [javac]     at com.sun.tools.javac.main.Main.compile(Main.java:342)
> >     [javac]     at com.sun.tools.javac.main.Main.compile(Main.java:333)
> >     [javac]     at com.sun.tools.javac.Main.compile(Main.java:76)
> >     [javac]     at com.sun.tools.javac.Main.main(Main.java:61)
> >
> > BUILD FAILED
> > /var/tmp/portage/dev-java/icedtea-7.9999/work/icedtea-9999/openjdk-boot/jaxws/build.xml:155:
> > Compile failed; see the compiler error output for details.
> >
> > Total time: 9 minutes 2 seconds
> > make[4]: *** [all] Error 1
> > make[4]: Leaving directory
> > `/var/tmp/portage/dev-java/icedtea-7.9999/work/icedtea-9999/openjdk-boot/jaxws/make'
> > make[3]: *** [jaxws-build] Error 2
> > make[3]: Leaving directory
> > `/var/tmp/portage/dev-java/icedtea-7.9999/work/icedtea-9999/openjdk-boot'
> > make[2]: *** [build_product_image] Error 2
> > make[2]: Leaving directory
> > `/var/tmp/portage/dev-java/icedtea-7.9999/work/icedtea-9999/openjdk-boot'
> > make[1]: *** [jdk_only] Error 2
> > make[1]: Leaving directory
> > `/var/tmp/portage/dev-java/icedtea-7.9999/work/icedtea-9999/openjdk-boot'
> > make: *** [stamps/icedtea-boot.stamp] Error 2
> >
> > - Grant
> 

I think this may be related to the build VM. I'll try and replicate it next week,
but in the meantime, you could try using JAVA_PKG_FORCE_VM=gcj-jdk.
-- 
Andrew :)

Free Java Software Engineer
Red Hat, Inc. (http://www.redhat.com)

PGP Key: 248BDC07 (https://keys.indymedia.org/)
Fingerprint = EC5A 1F5E C0AD 1D15 8F1F  8F91 3B96 A578 248B DC07


From emailgrant at gmail.com  Sat Mar  1 13:42:55 2014
From: emailgrant at gmail.com (Grant)
Date: Sat, 1 Mar 2014 13:42:55 -0800
Subject: building icedtea-7 on ARM
In-Reply-To: <259945663.11929660.1393693008938.JavaMail.zimbra@redhat.com>
References: <CAN0CFw0brhBBDHCLOtShMoe5vxk2JAvdQpAmytcVqTrgqTcKRw@mail.gmail.com>
	<CAN0CFw1YpYHmN7J-mBhkKEsZDAFEacv0ZuSwKM20FVW656RdwQ@mail.gmail.com>
	<2014632566.7363280.1393020299728.JavaMail.zimbra@redhat.com>
	<CAN0CFw3L4cs6wPBQy-u8L+7cqNL0ms6daD1P14Mu7AoeWNKnGg@mail.gmail.com>
	<CAN0CFw2k31ExgSuBYCbrVezECG1jmWZ1P9nVw-KdF=SGucybQg@mail.gmail.com>
	<1816561120.8183412.1393257720538.JavaMail.zimbra@redhat.com>
	<CAN0CFw3evw9fkX_yjbD24FCpu-mgdX1jnuiyLjauVMxBhp=f7w@mail.gmail.com>
	<CAN0CFw1+c5LJfoq4tWR861xdKiPmO8_0r4VmiGj5Ju=QRumx2A@mail.gmail.com>
	<259945663.11929660.1393693008938.JavaMail.zimbra@redhat.com>
Message-ID: <CAN0CFw3rmJmPuTcWH87uoQWv6guApdH+NY5OAUBn4eGt8BVu0g@mail.gmail.com>

>> Is this compiling for anyone else on ARM?  Any idea on my error?
>>
>> [javac] Exception in thread "main" java.lang.NoSuchMethodError:
>> java.util.Locale.getDefault(Ljava/util/Locale$Category;)Ljava/util/Locale;
>>
> I think this may be related to the build VM. I'll try and replicate it next week,
> but in the meantime, you could try using JAVA_PKG_FORCE_VM=gcj-jdk.


I think that worked but now I'm back to an error I recognize from
previously.  Should the ebuild in Gentoo's java overlay be up to date
and working?  Here's the error:


touch stamps/add-tzdata-support-boot.stamp
mkdir -p /var/tmp/portage/dev-java/icedtea-7.9999/work/icedtea-9999/cryptocheck.build
/var/tmp/portage/dev-java/icedtea-7.9999/work/icedtea-9999/bootstrap/jdk1.6.0/bin/javac
-g -encoding utf-8    -source 7 -target 7 \
  -d /var/tmp/portage/dev-java/icedtea-7.9999/work/icedtea-9999/cryptocheck.build
./TestCryptoLevel.java
Annotation processing got disabled, since it requires a 1.6 compliant JVM
mkdir -p stamps
touch stamps/cryptocheck.stamp
if [ -e /var/tmp/portage/dev-java/icedtea-7.9999/work/icedtea-9999/openjdk.build-boot/j2sdk-image/bin/java
] ; then \
  /var/tmp/portage/dev-java/icedtea-7.9999/work/icedtea-9999/openjdk.build-boot/j2sdk-image/bin/java
-cp /var/tmp/portage/dev-java/icedtea-7.9999/work/icedtea-9999/cryptocheck.build
TestCryptoLevel ; \
fi
Exception in thread "main" java.lang.NullPointerException
        at java.lang.Throwable.fillInStackTrace(Throwable.java:783)
        at java.lang.Throwable.<init>(Throwable.java:250)
        at java.lang.Exception.<init>(Exception.java:54)
        at java.lang.RuntimeException.<init>(RuntimeException.java:51)
        at java.lang.NullPointerException.<init>(NullPointerException.java:60)
        at TestCryptoLevel.main(TestCryptoLevel.java:46)
make: *** [stamps/check-crypto-boot.stamp] Error 1

- Grant

From bugzilla-daemon at icedtea.classpath.org  Sat Mar  1 19:53:13 2014
From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org)
Date: Sun, 02 Mar 2014 03:53:13 +0000
Subject: [Bug 1690] New: runescape autosetup crashes
Message-ID: <bug-1690-30@http.icedtea.classpath.org/bugzilla/>

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1690

            Bug ID: 1690
           Summary: runescape autosetup crashes
           Product: IcedTea
           Version: unspecified
          Hardware: 64-bit
                OS: Linux
            Status: NEW
          Severity: normal
          Priority: P5
         Component: IcedTea
          Assignee: gnu.andrew at redhat.com
          Reporter: eric.13246 at gmail.com
                CC: unassigned at icedtea.classpath.org

Created attachment 1034
  --> http://icedtea.classpath.org/bugzilla/attachment.cgi?id=1034&action=edit
Log file of Java after a crash

After an update of the game, the Auto Setup (for graphics and the likes)
stopped working correctly for me. I'm on Linux Mint 16 with Firefox 27.0.1 and
with the following version of Java ("java -version" response):

java version "1.7.0_51"
OpenJDK Runtime Environment (IcedTea 2.4.4) (7u51-2.4.4-0ubuntu0.13.10.1)
OpenJDK 64-Bit Server VM (build 24.45-b08, mixed mode)

Before the update of the game (or of Java, I'm not sure), the Autosetup worked
fine. It was asked the first time I started the game and the graphics were
setup correctly. Now the game asks me to Autosetup every time I start it and it
often crashes on the first and second try. On the third time, the game doesn't
crash, but the graphics are set to the lowest level.

After Autosetup, the game is set to use OpenGL for graphics. Now, it defaults
to Software, a very slow alternative.

The problem can be reproduced (well, on my machine at least). Here's what I'm
doing (you have to be on Linux to reproduce this):
1. Go on www.runescape.com/game
2. Wait for the game to fetch updates.
3. On first run, the game will ask you to click the Auto Setup button. Click
it.
4. At this point, the game either loads properly or freezes Firefox. In my
case, Firefox freezes and I can't do anything else but the "killall firefox"
command.

I included a log file of Java to help with finding the bug (if there is any).

Since I'm not sure where the problem comes from, I hope you can excuse me if
the problem is not coming from Java or IcedTea.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140302/d5131513/attachment.html 

From yasu at ysfactory.dip.jp  Sun Mar  2 06:01:10 2014
From: yasu at ysfactory.dip.jp (Yasumasa Suenaga)
Date: Sun, 02 Mar 2014 23:01:10 +0900
Subject: JDK-8036003: Add variable not to separate debug information.
In-Reply-To: <F5BA0EF7-4D11-4C14-8294-5154300D5DE5@oracle.com>
References: <20140228091835.58EB8C21F24@msgw007-05.ocn.ad.jp>	<53106F4A.8030905@oracle.com>
	<53109772.9070808@oracle.com> <5310AD70.2070908@ysfactory.dip.jp>
	<53112019.9050504@oracle.com> <5311E98A.1020004@ysfactory.dip.jp>
	<F5BA0EF7-4D11-4C14-8294-5154300D5DE5@oracle.com>
Message-ID: <531339A6.3050806@ysfactory.dip.jp>

HI Mike,

> - I would expect that the flow is something like an extended version of https://blogs.oracle.com/dbx/entry/creating_separate_debug_info :
>    1.  Compile source files with some form of "-g"
>    2.  Create separate debug files for object files.
>    3.  Strip object files.
>    4.  Add gnu_debuglink to object files.
>    5.  Link library or executable which should carry along links to debuginfo.
>    6a. Debugging, testing, profiling, etc. by developers.
>    6b. Packaging for program bits and debuginfo.
>    7.  Testing and Use.

rpmbuild will execute 2 to 4 implicitly,
Modern ELF binary has .note.gnu.build-id section.
Debugging tools (e.g. GDB and SA in JDK) use this section for finding debuginfo files.

If OpenJDK8 which is shipped by RPM is crashed and we want to analyze core image,
we have to merge debuginfo and executable at first (e.g. eu-unstrip command).
GDB and SA can find valid debuginfo through .note.gnu.debug-id or .gnu_debuglink section.
But these tools can find /usr/lib/debug/<path to executables>/<executable name>.debug .
They are cannot find *.debuginfo which are made by makefiles in OpenJDK tree.


Yasumasa


On 2014/03/02 8:08, Mike Duigou wrote:
> 
> On Mar 1 2014, at 06:07 , Yasumasa Suenaga<yasu at ysfactory.dip.jp>  wrote:
> 
>> Hi David,
>>
>>> 1. Generating debug symbols in the binaries (via gcc -g or whatever)
>>> 2. Generating debuginfo files (zipped or not) (FDS)
>>> 3. Stripping debug symbols from the binaries (strip-policy)
>>>
>>> It may be that we don't have clean separation between them, and if so
>>> that should be fixed, but I don't see the current proposal as the way
>>> forward.
>>
>> Currently, 1. depends 2. If FDS set to disable, debug symbols (-g) are not
>> generated.
>> SEPARATED_DEBUGINFO_FILES which my patch provides can separate them.
> 
> I think David's list (kudos) is very helpful as I haven't seen the requirements articulated this clearly anywhere else.
> 
> Some comments:
> 
> - Are there important tools that cannot deal with external debuginfo files? If we can put debuginfo into external files why would we ever want unstripped binaries? Is strip policy really necessary? Strip policy would seem to only be necessary if there are tools which can't handle external debuginfo. Assuming that everything can use external debuginfo then the policy would be to strip everything.
> 
> Do I understand correctly that rpmbuild can only deal with unstripped binaries and generates the stripped rpm package and debuginfo package. It sounds kind of strange that find-debuginfo.sh wouldn't be able to use already generated debuginfo files.
> 
> - I would expect that the flow is something like an extended version of https://blogs.oracle.com/dbx/entry/creating_separate_debug_info :
>    1.  Compile source files with some form of "-g"
>    2.  Create separate debug files for object files.
>    3.  Strip object files.
>    4.  Add gnu_debuglink to object files.
>    5.  Link library or executable which should carry along links to debuginfo.
>    6a. Debugging, testing, profiling, etc. by developers.
>    6b. Packaging for program bits and debuginfo.
>    7.  Testing and Use.
> 
> Hopefully I didn't get any of those steps in the wrong order. What are the "you-cant-get-there-from-here" gaps and breakdowns from implementing this process?
> 
> - Whether for the FDS debug symbols or RPM debuginfo packaging it seems that the default debug level isn't quite right. I believe that in both cases what's wanted is abbreviated debug info, mostly function names and line number tables, for building stack traces. This is not the debug info that is currently generated.
> 
> There are four basic alternatives for levels of debug info:
> 1. (-g0)  No debug info whatsoever.
>     Only exported functions and globals will have names.
> 2. (-g1)  Abbreviated debug info.
>     All functions have names and line number information. This seems to be what is needed by both FDS and RPM debuginfo files to produce nice stack traces.
> 3. (-g)   Default debugging info.
>     Adds macro expansions and local variable names. Suitable for source level debugging.
> 4. (-g3 or -gdwarf-4 -fvar-tracking-assignments). Full debugging info.
>     Most suitable for source level debugging including debugging of optimized code. It is not clear that anyone would want to build the entire product with this option.
> 
> Compilations are currently done with a mix of -g, -g1, and -gstabs. It would be good to rationalize this somewhat and provide a mechanism for developers to tweak generated debugging output for files or components.
> 
> - Eventual alignment with http://gcc.gnu.org/wiki/DebugFission on some platforms?
> 
>> So I change:
>>
>> 1. Separating to add "-g" option to compiler from executing objcopy.
>> 2. jdk/make/Images.gmk regards STRIP_POLICY.
>>
>>
>> As I mentioned earlier, this issue is related to RPM.
>> So I hope to fix it before JDK8 GA is released.
> 
> This won't happen (at least not for Java 8u0). Java 8 is already late in it's final candidate stage. It is too late for the initial Java 8 release to consider this magnitude of change. In any event, since the Java 8 rampdown began back in November, any change would first have to be applied to Java 9 and then approved for backport to a Java 8 or an update release (and it is also possibly too late for 8u20).
> 
> Inability to include your suggested change in Java 8 or 8u20 is in no way a rejection of the ideas or contribution, it's merely a normal consequence of timelines and process.
> 
> Mike


From bugzilla-daemon at icedtea.classpath.org  Sun Mar  2 16:21:46 2014
From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org)
Date: Mon, 03 Mar 2014 00:21:46 +0000
Subject: [Bug 1687] Failure of plugin in connecting to WebEx on a Fedora 20
	64-bit plus Firefox 27
In-Reply-To: <bug-1687-30@http.icedtea.classpath.org/bugzilla/>
References: <bug-1687-30@http.icedtea.classpath.org/bugzilla/>
Message-ID: <bug-1687-30-EF6bjOhJgN@http.icedtea.classpath.org/bugzilla/>

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1687

Thomas Fitzsimmons <fitzsim at fitzsim.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |fitzsim at fitzsim.org

--- Comment #4 from Thomas Fitzsimmons <fitzsim at fitzsim.org> ---
Do these workarounds make WebEx work for you?

http://negativo17.org/enabling-cisco-webex-in-fedora-19-x86_64-and-i686/

They worked for me on Fedora 18 i686.  Unfortunately, I didn't track the
IcedTea-Web and WebEx versions precisely, but from what I remember I had WebEx
working fine, then recently (late January 2014) it stopped loading with a
similar exception to the one you pasted, and the above-linked workarounds fixed
it.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140303/415dfc45/attachment.html 

From david.holmes at oracle.com  Sun Mar  2 20:39:23 2014
From: david.holmes at oracle.com (David Holmes)
Date: Mon, 03 Mar 2014 14:39:23 +1000
Subject: JDK-8036003: Add variable not to separate debug information.
In-Reply-To: <5311E98A.1020004@ysfactory.dip.jp>
References: <20140228091835.58EB8C21F24@msgw007-05.ocn.ad.jp>	<53106F4A.8030905@oracle.com>	<53109772.9070808@oracle.com>
	<5310AD70.2070908@ysfactory.dip.jp>	<53112019.9050504@oracle.com>
	<5311E98A.1020004@ysfactory.dip.jp>
Message-ID: <5314077B.9060908@oracle.com>

Hi,

On 2/03/2014 12:07 AM, Yasumasa Suenaga wrote:
> Hi David,
> 
>> 1. Generating debug symbols in the binaries (via gcc -g or whatever)
>> 2. Generating debuginfo files (zipped or not) (FDS)
>> 3. Stripping debug symbols from the binaries (strip-policy)
>>
>> It may be that we don't have clean separation between them, and if so
>> that should be fixed, but I don't see the current proposal as the way
>> forward.
> 
> Currently, 1. depends 2. If FDS set to disable, debug symbols (-g) are not
> generated.

Okay. That would seem potentially inconvenient but not really critical.
You simply enable FDS (the mere existence of the debuginfo files
"shouldn't" cause a problem). Then you only need to address #3 -
strip-policy.

> SEPARATED_DEBUGINFO_FILES which my patch provides can separate them.
> 
> 
>> Also there may well be differences between how things are handled on the
>> JDK side and hotspot side.
> 
> libjvm, libjsig. libsaproc are built with each makefiles in hotspot/make .
> Other native library is built with make/common/NativeCompilation.gmk .
> 
> Additionally strip command is executed in "image" target which is defined
> in jdk/make/Images.gmk . This "strip" ignores STRIP_POLICY . Thus ELF binaries
> which are contained in JDK/JRE images are stripped when we execute "images"
> or "all" target.

strip is also applied to the JVM libraries as part of the hotspot build.
What occurs in the JDK "images" is additional to that.The hotspot build
honors the STRIP_POLICY.

It appears that STRIP_POLICY is not considered in the new build, though
it was for the old. But perhaps I'm missing it somewhere in the autoconf
settings? That aside it seems that you should be able to set
POST_STRIP_CMD to "" avoid stripping.

Moving forward I think we would need to expose the strip-policy via a
configure option and have that pass STRIP_POLICY through to both hotspot
and the Images target.

> 
> So I change:
> 
>   1. Separating to add "-g" option to compiler from executing objcopy.
>   2. jdk/make/Images.gmk regards STRIP_POLICY.
> 
> 
> As I mentioned earlier, this issue is related to RPM.
> So I hope to fix it before JDK8 GA is released.

As Mike said there is no chance of any changes to this getting into 8
GA. But if these are your own builds I'm not sure that is an issue
anyway. That said, as per the above I think you can achieve what you
want by enabling FDS but set STRIP_POLICY to none, and set
POST_STRIP_CMD to empty.

Thanks,
David

> 
> Thanks,
> 
> Yasumasa
> 
> 
> On 2014/03/01 8:47, David Holmes wrote:
>> On 1/03/2014 1:38 AM, Yasumasa Suenaga wrote:
>>>> The proper way to fix this is to disable FDS.
>>>
>>> Does this mean I have to pass --disable-debug-symbols to configure ?
>>> I've added comment to JDK-8036003, I think if we pass --disable-debug-symbols
>>> to configure, gcc/g++ is not passed -g option. "-g" is needed to generate
>>> debuginfo.
>>
>> There are three pieces to all of this:
>>
>> 1. Generating debug symbols in the binaries (via gcc -g or whatever)
>> 2. Generating debuginfo files (zipped or not) (FDS)
>> 3. Stripping debug symbols from the binaries (strip-policy)
>>
>> It may be that we don't have clean separation between them, and if so
>> that should be fixed, but I don't see the current proposal as the way
>> forward.
>>
>> Also there may well be differences between how things are handled on the
>> JDK side and hotspot side.
>>
>> I will try to look closer if I get a chance but my time is limited at
>> the moment.
>>
>> David
>>
>>>
>>> Thanks,
>>>
>>> Yasumasa
>>>
>>>
>>> On 2014/02/28 23:04, Daniel D. Daugherty wrote:
>>>> The proper way to fix this is to disable FDS. We should not need
>>>> yet another option to control debug info.
>>>>
>>>> Dan
>>>>
>>>>
>>>> On 2/28/14 4:13 AM, David Holmes wrote:
>>>>> Hi,
>>>>>
>>>>> As I put in the bug report this seems way too complicated. Seems to me
>>>>> all you need to do to get what you want is not use FDS and not strip the
>>>>> symbols from the binary. The former is trivial. The latter is more
>>>>> awkward as the strip policy stuff does not work as I would want it to
>>>>> work, but still doable.
>>>>>
>>>>> David
>>>>>
>>>>> On 28/02/2014 7:18 PM, Yasumasa Suenaga wrote:
>>>>>> Hi all,
>>>>>>
>>>>>>
>>>>>> Currently, configure script can accept --disable-debug-symbols and
>>>>>> --disable-zip-debug-info as controlling to generate debug information.
>>>>>> However, current makefiles cannot build ELF binaries which is contained
>>>>>> debug information with "images" target.
>>>>>>
>>>>>> Some Linux distros use RPM as package manager.
>>>>>> RPM is built by rpmbuild command, it strips symbols and debug information
>>>>>> during to generate rpm packages.
>>>>>> https://fedoraproject.org/wiki/Packaging:Debuginfo
>>>>>>
>>>>>> For example, OpenJDK8 in Fedora20 ships libjvm.so and libjvm.debuginfo .
>>>>>> libjvm.debuginfo is generated in OpenJDK's makefiles, however it does not
>>>>>> contain debug information. Actual debug information is shipped by OpenJDK
>>>>>> debuginfo package.
>>>>>> This packaging is important when we have to debug JVM/JNI libraries.
>>>>>> If we want to use debugging tools (GDB, SystemTap, etc...), they may requires
>>>>>> debuginfo package. Debuggee (e.g. libjvm.so) points libjvm.so.debug which is
>>>>>> located at sub directory in /usr/lib/debug . It is defined in ELF section
>>>>>> (.note.gnu.build-id) of libjvm.so . However libjvm.so.debug does not contain
>>>>>> valid debug information. We need to access libjvm.debuginfo.debug at same location.
>>>>>>
>>>>>>
>>>>>> When we think to build OpenJDK rpm packages, we have to build ELF binaries
>>>>>> which contain all debug information. we should not to separate debug information.
>>>>>>
>>>>>>
>>>>>> Thus I want to add a variable "SEPARATED_DEBUGINFO_FILES" .
>>>>>> If we pass "SEPARATED_DEBUGINFO_FILES=false" to make command, "make" does not
>>>>>> execute objcopy command for generating debuginfo binaries.
>>>>>>
>>>>>> If we build rpm packages, we also have to add "STRIP_POLICY=no_strip" to arguments
>>>>>> of make command. Or ELF binaries will be stripped.
>>>>>>
>>>>>>
>>>>>> I've uploaded webrev for this enhancement.
>>>>>> This is separated 3-part: top of forest, hotspot, jdk
>>>>>> http://cr.openjdk.java.net/~ysuenaga/JDK-8036003/
>>>>>>
>>>>>> Please review it and sponsoring!
>>>>>>
>>>>>>
>>>>>> Thanks,
>>>>>>
>>>>>> Yasumasa
>>>>>>
>>>>>>
>>>>>> P.S.
>>>>>>        I tried to add SEPARATED_DEBUGINFO_FILES as a configure option like
>>>>>>        "--disable-separated-debug-info" .
>>>>>>        I ran configure which is located at jdk9/dev directory after I ran autoconf
>>>>>>        and common/autoconf/autogen.sh. However it failed.
>>>>>>
>>>>>>        I guess this is caused by changeset as below.
>>>>>>           JDK-8035495: Improvements in autoconf integration
>>>>>>           http://hg.openjdk.java.net/jdk9/dev/rev/6e29cd9ac2b4
>>>>>>
>>>>>>        This changes add "CHECKME" option to configure script. However, this changes
>>>>>>        affects "configure" only. It should change "configure.ac" .
>>>>>>
>>>>
>>>
>>
> 

From jvanek at redhat.com  Sun Mar  2 23:39:13 2014
From: jvanek at redhat.com (Jiri Vanek)
Date: Mon, 03 Mar 2014 08:39:13 +0100
Subject: [icedtea-web] RFC: PR1676: Add useLegacyMergeSort to JNLP
	properties
In-Reply-To: <20140228183830.GD1965@redhat.com>
References: <20140228183830.GD1965@redhat.com>
Message-ID: <531431A1.20709@redhat.com>

On 02/28/2014 07:38 PM, Omair Majid wrote:
> Hi,
>
> The attached patch is a one-line fix for PR1676 [1]. It adds
> java.util.Arrays.useLegacyMergeSort to the list of secure properties
> that all applications can read or write to. This property is used for
> application compatibility with Java 6.
>
> Any comments or suggestions?
>
> Thanks,
> Omair
>
> [1] http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1676
>

Should be ok. Feel free to backport to 1.4 too if you wont.

Thanx!
   J.

From jvanek at redhat.com  Sun Mar  2 23:51:45 2014
From: jvanek at redhat.com (Jiri Vanek)
Date: Mon, 03 Mar 2014 08:51:45 +0100
Subject: [icedtea-web] RFC: PR857: Don't set look and feel multiple times
In-Reply-To: <20140228230710.GA18442@redhat.com>
References: <20140228230710.GA18442@redhat.com>
Message-ID: <53143491.7020802@redhat.com>

On 03/01/2014 12:07 AM, Omair Majid wrote:
> Hi,
>
> The attached patch is a fix for PR857. The idea is quite simple: make
> sure UIManager.setLookAndFeel() is called at most once (and ideally
> exactly once) before any UI is shown.
>
> There are a few code paths that can cause UIManager.setLookAndFell to be
> invoked multiple times:
>
> - AboutDialog (only on entry from a class other than Boot)
> - SecurityDialog
> - PolicyEditor (only on entry from ControlPanel)
>
> CertificateViewer calls JNLPRuntime.initialize() which already calls
> UIManager.setLookAndFeel. So I have removed the direct call from
> CertificateViewer.
>
> Also, JNLPRuntime.initialize currently calls setLookAndFeel after
> displaying a JavaConsole. This is alos fixed.
>
> Thoughts?
>

ouch, that an old one!


However - the original one - http://icedtea.classpath.org/bugzilla/attachment.cgi?id=640&action=diff 
- (the confirmed one)  is quite different, why so?

Also   " Don't set look and feel multiple times" do not sound proper to me, it is still set two 
times. Can't there be only one place to do so? There *should* be. I'm sometimes thinking about one 
clear way where to do all preinit work common for both plugin and javaws....

Although this is copypaste:
+                } catch (Exception e) {
+                    // if it fails, not a problem
+                }
I would rather log the exception.

and althoug this is c&p to,
+        try {
+            UIManager.setLookAndFeel(UIManager.getSystemLookAndFeelClassName());
+        } catch (Exception e) {
+            OutputController.getLogger().log(OutputController.Level.ERROR_ALL, e);
+        }
+
I would ratehr log this exception in debug only (default) =?
-            OutputController.getLogger().log(OutputController.Level.ERROR_ALL, e);
+            OutputController.getLogger().log(e);


Thanx!

J.

From aph at redhat.com  Mon Mar  3 01:41:33 2014
From: aph at redhat.com (Andrew Haley)
Date: Mon, 03 Mar 2014 09:41:33 +0000
Subject: JDK-8036003: Add variable not to separate debug information.
In-Reply-To: <20140228091835.58EB8C21F24@msgw007-05.ocn.ad.jp>
References: <20140228091835.58EB8C21F24@msgw007-05.ocn.ad.jp>
Message-ID: <53144E4D.8080606@redhat.com>

On 02/28/2014 09:18 AM, Yasumasa Suenaga wrote:
> For example, OpenJDK8 in Fedora20 ships libjvm.so and libjvm.debuginfo .
> libjvm.debuginfo is generated in OpenJDK's makefiles, however it does not
> contain debug information. Actual debug information is shipped by OpenJDK
> debuginfo package.

That's a bug in Fedora's build.  We should fix it.

Andrew.


From aph at redhat.com  Mon Mar  3 01:46:38 2014
From: aph at redhat.com (Andrew Haley)
Date: Mon, 03 Mar 2014 09:46:38 +0000
Subject: JDK-8036003: Add variable not to separate debug information.
In-Reply-To: <F5BA0EF7-4D11-4C14-8294-5154300D5DE5@oracle.com>
References: <20140228091835.58EB8C21F24@msgw007-05.ocn.ad.jp>	<53106F4A.8030905@oracle.com>	<53109772.9070808@oracle.com>
	<5310AD70.2070908@ysfactory.dip.jp>	<53112019.9050504@oracle.com>
	<5311E98A.1020004@ysfactory.dip.jp>
	<F5BA0EF7-4D11-4C14-8294-5154300D5DE5@oracle.com>
Message-ID: <53144F7E.5000105@redhat.com>

On 03/01/2014 11:08 PM, Mike Duigou wrote:

> Do I understand correctly that rpmbuild can only deal with
> unstripped binaries and generates the stripped rpm package and
> debuginfo package.

Exactly.  OpenJDK generating separate debuginfo files is very
inconvenient for RPM builds.

> It sounds kind of strange that find-debuginfo.sh wouldn't be able to
> use already generated debuginfo files.

The OpenJDK build can't have any idea of what debuginfo files the
distro runtime requires, and indeed this may change.  There is more
than one mechanism for finding debuginfo.  Separating debuginfo is not
something that we want the OpenJDK build to do, and the most useful
thing that we could have is a switch to turn all of OpenJDK's
stripping and separate debuginfo off.  I expect the same applies to
all distros.

Andrew.

From yasu at ysfactory.dip.jp  Mon Mar  3 04:04:51 2014
From: yasu at ysfactory.dip.jp (Yasumasa Suenaga)
Date: Mon, 03 Mar 2014 21:04:51 +0900
Subject: JDK-8036003: Add variable not to separate debug information.
In-Reply-To: <5314077B.9060908@oracle.com>
References: <20140228091835.58EB8C21F24@msgw007-05.ocn.ad.jp>	<53106F4A.8030905@oracle.com>	<53109772.9070808@oracle.com>
	<5310AD70.2070908@ysfactory.dip.jp>	<53112019.9050504@oracle.com>
	<5311E98A.1020004@ysfactory.dip.jp> <5314077B.9060908@oracle.com>
Message-ID: <53146FE3.9040205@ysfactory.dip.jp>

Hi David,

> Moving forward I think we would need to expose the strip-policy via a
> configure option and have that pass STRIP_POLICY through to both hotspot
> and the Images target.

I want you to do so :-)
Additionally, 

>>> 1. Generating debug symbols in the binaries (via gcc -g or whatever)
>>> 2. Generating debuginfo files (zipped or not) (FDS)
>>> 3. Stripping debug symbols from the binaries (strip-policy)

I think that FDS should be separated 1 from 2.
That is more useful for building OpenJDK.


> That said, as per the above I think you can achieve what you
> want by enabling FDS but set STRIP_POLICY to none, and set
> POST_STRIP_CMD to empty.

I tried:

  $ make images STRIP_POLICY=no_strip POST_STRIP_CMD=""

I was able to get binaries which is included debug information.


Thanks,

Yasumasa

On 2014/03/03 13:39, David Holmes wrote:
> Hi,
> 
> On 2/03/2014 12:07 AM, Yasumasa Suenaga wrote:
>> Hi David,
>>
>>> 1. Generating debug symbols in the binaries (via gcc -g or whatever)
>>> 2. Generating debuginfo files (zipped or not) (FDS)
>>> 3. Stripping debug symbols from the binaries (strip-policy)
>>>
>>> It may be that we don't have clean separation between them, and if so
>>> that should be fixed, but I don't see the current proposal as the way
>>> forward.
>>
>> Currently, 1. depends 2. If FDS set to disable, debug symbols (-g) are not
>> generated.
> 
> Okay. That would seem potentially inconvenient but not really critical.
> You simply enable FDS (the mere existence of the debuginfo files
> "shouldn't" cause a problem). Then you only need to address #3 -
> strip-policy.
> 
>> SEPARATED_DEBUGINFO_FILES which my patch provides can separate them.
>>
>>
>>> Also there may well be differences between how things are handled on the
>>> JDK side and hotspot side.
>>
>> libjvm, libjsig. libsaproc are built with each makefiles in hotspot/make .
>> Other native library is built with make/common/NativeCompilation.gmk .
>>
>> Additionally strip command is executed in "image" target which is defined
>> in jdk/make/Images.gmk . This "strip" ignores STRIP_POLICY . Thus ELF binaries
>> which are contained in JDK/JRE images are stripped when we execute "images"
>> or "all" target.
> 
> strip is also applied to the JVM libraries as part of the hotspot build.
> What occurs in the JDK "images" is additional to that.The hotspot build
> honors the STRIP_POLICY.
> 
> It appears that STRIP_POLICY is not considered in the new build, though
> it was for the old. But perhaps I'm missing it somewhere in the autoconf
> settings? That aside it seems that you should be able to set
> POST_STRIP_CMD to "" avoid stripping.
> 
> Moving forward I think we would need to expose the strip-policy via a
> configure option and have that pass STRIP_POLICY through to both hotspot
> and the Images target.
> 
>>
>> So I change:
>>
>>    1. Separating to add "-g" option to compiler from executing objcopy.
>>    2. jdk/make/Images.gmk regards STRIP_POLICY.
>>
>>
>> As I mentioned earlier, this issue is related to RPM.
>> So I hope to fix it before JDK8 GA is released.
> 
> As Mike said there is no chance of any changes to this getting into 8
> GA. But if these are your own builds I'm not sure that is an issue
> anyway. That said, as per the above I think you can achieve what you
> want by enabling FDS but set STRIP_POLICY to none, and set
> POST_STRIP_CMD to empty.
> 
> Thanks,
> David
> 
>>
>> Thanks,
>>
>> Yasumasa
>>
>>
>> On 2014/03/01 8:47, David Holmes wrote:
>>> On 1/03/2014 1:38 AM, Yasumasa Suenaga wrote:
>>>>> The proper way to fix this is to disable FDS.
>>>>
>>>> Does this mean I have to pass --disable-debug-symbols to configure ?
>>>> I've added comment to JDK-8036003, I think if we pass --disable-debug-symbols
>>>> to configure, gcc/g++ is not passed -g option. "-g" is needed to generate
>>>> debuginfo.
>>>
>>> There are three pieces to all of this:
>>>
>>> 1. Generating debug symbols in the binaries (via gcc -g or whatever)
>>> 2. Generating debuginfo files (zipped or not) (FDS)
>>> 3. Stripping debug symbols from the binaries (strip-policy)
>>>
>>> It may be that we don't have clean separation between them, and if so
>>> that should be fixed, but I don't see the current proposal as the way
>>> forward.
>>>
>>> Also there may well be differences between how things are handled on the
>>> JDK side and hotspot side.
>>>
>>> I will try to look closer if I get a chance but my time is limited at
>>> the moment.
>>>
>>> David
>>>
>>>>
>>>> Thanks,
>>>>
>>>> Yasumasa
>>>>
>>>>
>>>> On 2014/02/28 23:04, Daniel D. Daugherty wrote:
>>>>> The proper way to fix this is to disable FDS. We should not need
>>>>> yet another option to control debug info.
>>>>>
>>>>> Dan
>>>>>
>>>>>
>>>>> On 2/28/14 4:13 AM, David Holmes wrote:
>>>>>> Hi,
>>>>>>
>>>>>> As I put in the bug report this seems way too complicated. Seems to me
>>>>>> all you need to do to get what you want is not use FDS and not strip the
>>>>>> symbols from the binary. The former is trivial. The latter is more
>>>>>> awkward as the strip policy stuff does not work as I would want it to
>>>>>> work, but still doable.
>>>>>>
>>>>>> David
>>>>>>
>>>>>> On 28/02/2014 7:18 PM, Yasumasa Suenaga wrote:
>>>>>>> Hi all,
>>>>>>>
>>>>>>>
>>>>>>> Currently, configure script can accept --disable-debug-symbols and
>>>>>>> --disable-zip-debug-info as controlling to generate debug information.
>>>>>>> However, current makefiles cannot build ELF binaries which is contained
>>>>>>> debug information with "images" target.
>>>>>>>
>>>>>>> Some Linux distros use RPM as package manager.
>>>>>>> RPM is built by rpmbuild command, it strips symbols and debug information
>>>>>>> during to generate rpm packages.
>>>>>>> https://fedoraproject.org/wiki/Packaging:Debuginfo
>>>>>>>
>>>>>>> For example, OpenJDK8 in Fedora20 ships libjvm.so and libjvm.debuginfo .
>>>>>>> libjvm.debuginfo is generated in OpenJDK's makefiles, however it does not
>>>>>>> contain debug information. Actual debug information is shipped by OpenJDK
>>>>>>> debuginfo package.
>>>>>>> This packaging is important when we have to debug JVM/JNI libraries.
>>>>>>> If we want to use debugging tools (GDB, SystemTap, etc...), they may requires
>>>>>>> debuginfo package. Debuggee (e.g. libjvm.so) points libjvm.so.debug which is
>>>>>>> located at sub directory in /usr/lib/debug . It is defined in ELF section
>>>>>>> (.note.gnu.build-id) of libjvm.so . However libjvm.so.debug does not contain
>>>>>>> valid debug information. We need to access libjvm.debuginfo.debug at same location.
>>>>>>>
>>>>>>>
>>>>>>> When we think to build OpenJDK rpm packages, we have to build ELF binaries
>>>>>>> which contain all debug information. we should not to separate debug information.
>>>>>>>
>>>>>>>
>>>>>>> Thus I want to add a variable "SEPARATED_DEBUGINFO_FILES" .
>>>>>>> If we pass "SEPARATED_DEBUGINFO_FILES=false" to make command, "make" does not
>>>>>>> execute objcopy command for generating debuginfo binaries.
>>>>>>>
>>>>>>> If we build rpm packages, we also have to add "STRIP_POLICY=no_strip" to arguments
>>>>>>> of make command. Or ELF binaries will be stripped.
>>>>>>>
>>>>>>>
>>>>>>> I've uploaded webrev for this enhancement.
>>>>>>> This is separated 3-part: top of forest, hotspot, jdk
>>>>>>> http://cr.openjdk.java.net/~ysuenaga/JDK-8036003/
>>>>>>>
>>>>>>> Please review it and sponsoring!
>>>>>>>
>>>>>>>
>>>>>>> Thanks,
>>>>>>>
>>>>>>> Yasumasa
>>>>>>>
>>>>>>>
>>>>>>> P.S.
>>>>>>>         I tried to add SEPARATED_DEBUGINFO_FILES as a configure option like
>>>>>>>         "--disable-separated-debug-info" .
>>>>>>>         I ran configure which is located at jdk9/dev directory after I ran autoconf
>>>>>>>         and common/autoconf/autogen.sh. However it failed.
>>>>>>>
>>>>>>>         I guess this is caused by changeset as below.
>>>>>>>            JDK-8035495: Improvements in autoconf integration
>>>>>>>            http://hg.openjdk.java.net/jdk9/dev/rev/6e29cd9ac2b4
>>>>>>>
>>>>>>>         This changes add "CHECKME" option to configure script. However, this changes
>>>>>>>         affects "configure" only. It should change "configure.ac" .
>>>>>>>
>>>>>
>>>>
>>>
>>
> 


From yasu at ysfactory.dip.jp  Mon Mar  3 04:04:59 2014
From: yasu at ysfactory.dip.jp (Yasumasa Suenaga)
Date: Mon, 03 Mar 2014 21:04:59 +0900
Subject: JDK-8036003: Add variable not to separate debug information.
In-Reply-To: <53144F7E.5000105@redhat.com>
References: <20140228091835.58EB8C21F24@msgw007-05.ocn.ad.jp>	<53106F4A.8030905@oracle.com>	<53109772.9070808@oracle.com>
	<5310AD70.2070908@ysfactory.dip.jp>	<53112019.9050504@oracle.com>
	<5311E98A.1020004@ysfactory.dip.jp>
	<F5BA0EF7-4D11-4C14-8294-5154300D5DE5@oracle.com>
	<53144F7E.5000105@redhat.com>
Message-ID: <53146FEB.8050300@ysfactory.dip.jp>

Hi Andrew,

> Separating debuginfo is not
> something that we want the OpenJDK build to do, and the most useful
> thing that we could have is a switch to turn all of OpenJDK's
> stripping and separate debuginfo off.  I expect the same applies to
> all distros.

My patch provides "SEPARATED_DEBUGINFO_FILES" as a switch of separating
debuginfo files, and affects "STRIP_POILCY" in HotSpot and other ELF
binaries.


> I expect the same applies to all distros.

We need to pass ' STRIP_POLICY=no_strip POST_STRIP_CMD="" ' to make
command as David said.
And we need to pick up binaries which are NOT named ".debuginfo" or
".diz" suffix.


Thanks,

Yasumasa

On 2014/03/03 18:46, Andrew Haley wrote:
> On 03/01/2014 11:08 PM, Mike Duigou wrote:
> 
>> Do I understand correctly that rpmbuild can only deal with
>> unstripped binaries and generates the stripped rpm package and
>> debuginfo package.
> 
> Exactly.  OpenJDK generating separate debuginfo files is very
> inconvenient for RPM builds.
> 
>> It sounds kind of strange that find-debuginfo.sh wouldn't be able to
>> use already generated debuginfo files.
> 
> The OpenJDK build can't have any idea of what debuginfo files the
> distro runtime requires, and indeed this may change.  There is more
> than one mechanism for finding debuginfo.  Separating debuginfo is not
> something that we want the OpenJDK build to do, and the most useful
> thing that we could have is a switch to turn all of OpenJDK's
> stripping and separate debuginfo off.  I expect the same applies to
> all distros.
> 
> Andrew.
> 


From ptisnovs at icedtea.classpath.org  Mon Mar  3 04:17:12 2014
From: ptisnovs at icedtea.classpath.org (ptisnovs at icedtea.classpath.org)
Date: Mon, 03 Mar 2014 12:17:12 +0000
Subject: /hg/gfx-test: Eight new tests added into BitBitAffineIdentityTra...
Message-ID: <hg.e839356ee2da.1393849032.-6248649288953172555@icedtea.classpath.org>

changeset e839356ee2da in /hg/gfx-test
details: http://icedtea.classpath.org/hg/gfx-test?cmd=changeset;node=e839356ee2da
author: Pavel Tisnovsky <ptisnovs at redhat.com>
date: Mon Mar 03 13:17:49 2014 +0100

	Eight new tests added into BitBitAffineIdentityTransformOp.java.


diffstat:

 ChangeLog                                                       |    5 +
 src/org/gfxtest/testsuites/BitBltAffineIdentityTransformOp.java |  112 ++++++++++
 2 files changed, 117 insertions(+), 0 deletions(-)

diffs (134 lines):

diff -r 830c798b8e25 -r e839356ee2da ChangeLog
--- a/ChangeLog	Fri Feb 28 11:07:00 2014 +0100
+++ b/ChangeLog	Mon Mar 03 13:17:49 2014 +0100
@@ -1,3 +1,8 @@
+2014-03-03  Pavel Tisnovsky  <ptisnovs at redhat.com>
+
+	* src/org/gfxtest/testsuites/BitBltAffineIdentityTransformOp.java:
+	Eight new tests added into BitBitAffineIdentityTransformOp.java:
+
 2014-02-28  Pavel Tisnovsky  <ptisnovs at redhat.com>
 
 	* src/org/gfxtest/testsuites/CAGOperationsOnChordAndRectangle.java:
diff -r 830c798b8e25 -r e839356ee2da src/org/gfxtest/testsuites/BitBltAffineIdentityTransformOp.java
--- a/src/org/gfxtest/testsuites/BitBltAffineIdentityTransformOp.java	Fri Feb 28 11:07:00 2014 +0100
+++ b/src/org/gfxtest/testsuites/BitBltAffineIdentityTransformOp.java	Mon Mar 03 13:17:49 2014 +0100
@@ -3375,6 +3375,118 @@
     }
 
     /**
+     * Test basic BitBlt operation for diagonal checker buffered image with type TYPE_USHORT_555_RGB.
+     *
+     * @param image
+     *            image used as a destination for BitBlt-type operations
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testBitBltDiagonalCheckerBufferedImageTypeUshort555RGBIdentifyTranspormationOp1(TestImage image, Graphics2D graphics2d)
+    {
+        return doBitBltDiagonalCheckerBufferedImageTypeUshort555RGB(image, graphics2d, IdentifyTranspormationOp1);
+    }
+
+    /**
+     * Test basic BitBlt operation for diagonal checker buffered image with type TYPE_USHORT_555_RGB.
+     *
+     * @param image
+     *            image used as a destination for BitBlt-type operations
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testBitBltDiagonalCheckerBufferedImageTypeUshort555RGBIdentifyTranspormationOp2(TestImage image, Graphics2D graphics2d)
+    {
+        return doBitBltDiagonalCheckerBufferedImageTypeUshort555RGB(image, graphics2d, IdentifyTranspormationOp2);
+    }
+
+    /**
+     * Test basic BitBlt operation for diagonal checker buffered image with type TYPE_USHORT_555_RGB.
+     *
+     * @param image
+     *            image used as a destination for BitBlt-type operations
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testBitBltDiagonalCheckerBufferedImageTypeUshort555RGBIdentifyTranspormationOp3(TestImage image, Graphics2D graphics2d)
+    {
+        return doBitBltDiagonalCheckerBufferedImageTypeUshort555RGB(image, graphics2d, IdentifyTranspormationOp3);
+    }
+
+    /**
+     * Test basic BitBlt operation for diagonal checker buffered image with type TYPE_USHORT_555_RGB.
+     *
+     * @param image
+     *            image used as a destination for BitBlt-type operations
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testBitBltDiagonalCheckerBufferedImageTypeUshort555RGBIdentifyTranspormationOp4(TestImage image, Graphics2D graphics2d)
+    {
+        return doBitBltDiagonalCheckerBufferedImageTypeUshort555RGB(image, graphics2d, IdentifyTranspormationOp4);
+    }
+
+    /**
+     * Test basic BitBlt operation for diagonal checker buffered image with type TYPE_USHORT_555_RGB.
+     *
+     * @param image
+     *            image used as a destination for BitBlt-type operations
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testBitBltDiagonalCheckerBufferedImageTypeUshort555RGBIdentifyTranspormationOp5(TestImage image, Graphics2D graphics2d)
+    {
+        return doBitBltDiagonalCheckerBufferedImageTypeUshort555RGB(image, graphics2d, IdentifyTranspormationOp5);
+    }
+
+    /**
+     * Test basic BitBlt operation for diagonal checker buffered image with type TYPE_USHORT_555_RGB.
+     *
+     * @param image
+     *            image used as a destination for BitBlt-type operations
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testBitBltDiagonalCheckerBufferedImageTypeUshort555RGBIdentifyTranspormationOp6(TestImage image, Graphics2D graphics2d)
+    {
+        return doBitBltDiagonalCheckerBufferedImageTypeUshort555RGB(image, graphics2d, IdentifyTranspormationOp6);
+    }
+
+    /**
+     * Test basic BitBlt operation for diagonal checker buffered image with type TYPE_USHORT_565_RGB.
+     *
+     * @param image
+     *            image used as a destination for BitBlt-type operations
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testBitBltDiagonalCheckerBufferedImageTypeUshort565RGBIdentifyTranspormationOp1(TestImage image, Graphics2D graphics2d)
+    {
+        return doBitBltDiagonalCheckerBufferedImageTypeUshort565RGB(image, graphics2d, IdentifyTranspormationOp1);
+    }
+
+    /**
+     * Test basic BitBlt operation for diagonal checker buffered image with type TYPE_USHORT_555_RGB.
+     *
+     * @param image
+     *            image used as a destination for BitBlt-type operations
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testBitBltDiagonalCheckerBufferedImageTypeUshort565RGBIdentifyTranspormationOp2(TestImage image, Graphics2D graphics2d)
+    {
+        return doBitBltDiagonalCheckerBufferedImageTypeUshort565RGB(image, graphics2d, IdentifyTranspormationOp2);
+    }
+
+    /**
      * Entry point to the test suite.
      *
      * @param args not used in this case

From ptisnovs at icedtea.classpath.org  Mon Mar  3 04:20:58 2014
From: ptisnovs at icedtea.classpath.org (ptisnovs at icedtea.classpath.org)
Date: Mon, 03 Mar 2014 12:20:58 +0000
Subject: /hg/rhino-tests: Added new test testGetResourceAsStreamPositiveT...
Message-ID: <hg.9a2ccd2993cb.1393849258.-6019694633368342460@icedtea.classpath.org>

changeset 9a2ccd2993cb in /hg/rhino-tests
details: http://icedtea.classpath.org/hg/rhino-tests?cmd=changeset;node=9a2ccd2993cb
author: Pavel Tisnovsky <ptisnovs at redhat.com>
date: Mon Mar 03 13:21:10 2014 +0100

	Added new test testGetResourceAsStreamPositiveTest into CompiledScriptClassTest.


diffstat:

 ChangeLog                                       |   6 ++
 src/org/RhinoTests/CompiledScriptClassTest.java |  61 +++++++++++++++++++++++++
 2 files changed, 67 insertions(+), 0 deletions(-)

diffs (84 lines):

diff -r 3758c6b6d899 -r 9a2ccd2993cb ChangeLog
--- a/ChangeLog	Fri Feb 28 11:12:48 2014 +0100
+++ b/ChangeLog	Mon Mar 03 13:21:10 2014 +0100
@@ -1,3 +1,9 @@
+2014-03-03  Pavel Tisnovsky  <ptisnovs at redhat.com>
+
+	* src/org/RhinoTests/CompiledScriptClassTest.java:
+	Added new test testGetResourceAsStreamPositiveTest into
+	CompiledScriptClassTest.
+
 2014-02-28  Pavel Tisnovsky  <ptisnovs at redhat.com>
 
 	* src/org/RhinoTests/SimpleBindingsClassTest.java:
diff -r 3758c6b6d899 -r 9a2ccd2993cb src/org/RhinoTests/CompiledScriptClassTest.java
--- a/src/org/RhinoTests/CompiledScriptClassTest.java	Fri Feb 28 11:12:48 2014 +0100
+++ b/src/org/RhinoTests/CompiledScriptClassTest.java	Mon Mar 03 13:21:10 2014 +0100
@@ -1923,6 +1923,67 @@
     }
 
     /**
+     * Test for method javax.script.CompiledScript.getClass().getResourcePositiveTest()
+     */
+    protected void testGetResourcePositiveTest() {
+        Object resource;
+        resource = this.compiledScriptClass.getResource("/org/RhinoTests/AbstractScriptEngineClassTest.class");
+        assertNotNull(resource, "getResource(\"/org/RhinoTests/AbstractScriptEngineClassTest.class\") returns null");
+        resource = this.compiledScriptClass.getResource("/org/RhinoTests/BaseRhinoTest.class");
+        assertNotNull(resource, "getResource(\"/org/RhinoTests/BaseRhinoTest.class\") returns null");
+        resource = this.compiledScriptClass.getResource("/org/RhinoTests/BindingsClassTest.class");
+        assertNotNull(resource, "getResource(\"/org/RhinoTests/BindingsClassTest.class\") returns null");
+        resource = this.compiledScriptClass.getResource("/org/RhinoTests/BindingsTest.class");
+        assertNotNull(resource, "getResource(\"/org/RhinoTests/BindingsTest.class\") returns null");
+        resource = this.compiledScriptClass.getResource("/org/RhinoTests/CompilableClassTest.class");
+        assertNotNull(resource, "getResource(\"/org/RhinoTests/CompilableClassTest.class\") returns null");
+        resource = this.compiledScriptClass.getResource("/org/RhinoTests/CompilableTest.class");
+        assertNotNull(resource, "getResource(\"/org/RhinoTests/CompilableTest.class\") returns null");
+        resource = this.compiledScriptClass.getResource("/org/RhinoTests/CompiledScriptClassTest.class");
+        assertNotNull(resource, "getResource(\"/org/RhinoTests/CompiledScriptClassTest.class\") returns null");
+        resource = this.compiledScriptClass.getResource("/org/RhinoTests/CompiledScriptTest.class");
+        assertNotNull(resource, "getResource(\"/org/RhinoTests/CompiledScriptTest.class\") returns null");
+        resource = this.compiledScriptClass.getResource("/org/RhinoTests/Constants.class");
+        assertNotNull(resource, "getResource(\"/org/RhinoTests/Constants.class\") returns null");
+        resource = this.compiledScriptClass.getResource("/org/RhinoTests/InvocableClassTest.class");
+        assertNotNull(resource, "getResource(\"/org/RhinoTests/InvocableClassTest.class\") returns null");
+        resource = this.compiledScriptClass.getResource("/org/RhinoTests/InvocableTest.class");
+        assertNotNull(resource, "getResource(\"/org/RhinoTests/InvocableTest.class\") returns null");
+        resource = this.compiledScriptClass.getResource("/org/RhinoTests/JavaScriptSnippets.class");
+        assertNotNull(resource, "getResource(\"/org/RhinoTests/JavaScriptSnippets.class\") returns null");
+        resource = this.compiledScriptClass.getResource("/org/RhinoTests/JavaScriptsTest.class");
+        assertNotNull(resource, "getResource(\"/org/RhinoTests/JavaScriptsTest.class\") returns null");
+        resource = this.compiledScriptClass.getResource("/org/RhinoTests/ScriptContextClassTest.class");
+        assertNotNull(resource, "getResource(\"/org/RhinoTests/ScriptContextClassTest.class\") returns null");
+        resource = this.compiledScriptClass.getResource("/org/RhinoTests/ScriptContextTest.class");
+        assertNotNull(resource, "getResource(\"/org/RhinoTests/ScriptContextTest.class\") returns null");
+        resource = this.compiledScriptClass.getResource("/org/RhinoTests/ScriptEngineClassTest.class");
+        assertNotNull(resource, "getResource(\"/org/RhinoTests/ScriptEngineClassTest.class\") returns null");
+        resource = this.compiledScriptClass.getResource("/org/RhinoTests/ScriptEngineFactoryClassTest.class");
+        assertNotNull(resource, "getResource(\"/org/RhinoTests/ScriptEngineFactoryClassTest.class\") returns null");
+        resource = this.compiledScriptClass.getResource("/org/RhinoTests/ScriptEngineFactoryTest.class");
+        assertNotNull(resource, "getResource(\"/org/RhinoTests/ScriptEngineFactoryTest.class\") returns null");
+        resource = this.compiledScriptClass.getResource("/org/RhinoTests/ScriptEngineManagerClassTest.class");
+        assertNotNull(resource, "getResource(\"/org/RhinoTests/ScriptEngineManagerClassTest.class\") returns null");
+        resource = this.compiledScriptClass.getResource("/org/RhinoTests/ScriptEngineManagerTest.class");
+        assertNotNull(resource, "getResource(\"/org/RhinoTests/ScriptEngineManagerTest.class\") returns null");
+        resource = this.compiledScriptClass.getResource("/org/RhinoTests/ScriptEngineTest.class");
+        assertNotNull(resource, "getResource(\"/org/RhinoTests/ScriptEngineTest.class\") returns null");
+        resource = this.compiledScriptClass.getResource("/org/RhinoTests/ScriptExceptionClassTest.class");
+        assertNotNull(resource, "getResource(\"/org/RhinoTests/ScriptExceptionClassTest.class\") returns null");
+        resource = this.compiledScriptClass.getResource("/org/RhinoTests/ScriptExceptionTest.class");
+        assertNotNull(resource, "getResource(\"/org/RhinoTests/ScriptExceptionTest.class\") returns null");
+        resource = this.compiledScriptClass.getResource("/org/RhinoTests/SimpleBindingsClassTest.class");
+        assertNotNull(resource, "getResource(\"/org/RhinoTests/SimpleBindingsClassTest.class\") returns null");
+        resource = this.compiledScriptClass.getResource("/org/RhinoTests/SimpleBindingsTest.class");
+        assertNotNull(resource, "getResource(\"/org/RhinoTests/SimpleBindingsTest.class\") returns null");
+        resource = this.compiledScriptClass.getResource("/org/RhinoTests/SimpleScriptContextClassTest.class");
+        assertNotNull(resource, "getResource(\"/org/RhinoTests/SimpleScriptContextClassTest.class\") returns null");
+        resource = this.compiledScriptClass.getResource("/org/RhinoTests/SimpleScriptContextTest.class");
+        assertNotNull(resource, "getResource(\"/org/RhinoTests/SimpleScriptContextTest.class\") returns null");
+    }
+
+    /**
      * Test for instanceof operator applied to a class javax.script.CompiledScript
      */
     @SuppressWarnings("cast")

From daniel.daugherty at oracle.com  Mon Mar  3 06:56:38 2014
From: daniel.daugherty at oracle.com (Daniel D. Daugherty)
Date: Mon, 03 Mar 2014 07:56:38 -0700
Subject: JDK-8036003: Add variable not to separate debug information.
In-Reply-To: <F5BA0EF7-4D11-4C14-8294-5154300D5DE5@oracle.com>
References: <20140228091835.58EB8C21F24@msgw007-05.ocn.ad.jp>	<53106F4A.8030905@oracle.com>
	<53109772.9070808@oracle.com> <5310AD70.2070908@ysfactory.dip.jp>
	<53112019.9050504@oracle.com> <5311E98A.1020004@ysfactory.dip.jp>
	<F5BA0EF7-4D11-4C14-8294-5154300D5DE5@oracle.com>
Message-ID: <53149826.7030106@oracle.com>

I think we're having a problem with not all replies making it
to all the aliases. Yasumasa's reply to David below that Mike
is replying to did not arrive on any of the aliases that I'm
on... Folks need to remember to reply to all of the aliases...


On 3/1/14 4:08 PM, Mike Duigou wrote:
> On Mar 1 2014, at 06:07 , Yasumasa Suenaga <yasu at ysfactory.dip.jp> wrote:
>
>> Hi David,
>>
>>> 1. Generating debug symbols in the binaries (via gcc -g or whatever)
>>> 2. Generating debuginfo files (zipped or not) (FDS)
>>> 3. Stripping debug symbols from the binaries (strip-policy)
>>>
>>> It may be that we don't have clean separation between them, and if so
>>> that should be fixed, but I don't see the current proposal as the way
>>> forward.
>> Currently, 1. depends 2. If FDS set to disable, debug symbols (-g) are not
>> generated.

Bit of history here. When FDS is disabled, the build system is
supposed to go back to what was there prior to the FDS project.
On Linux, one of the debug configs didn't actually have any
debugging flags enabled (debug or fastdebug, I don't remember
which). So when I implemented FDS, disabling FDS meant no
debug info. Bug in the original? You betcha.


>> SEPARATED_DEBUGINFO_FILES which my patch provides can separate them.
> I think David's list (kudos) is very helpful as I haven't seen the requirements articulated this clearly anywhere else.
>
> Some comments:
>
> - Are there important tools that cannot deal with external debuginfo files?

Not that I'm aware of. There have been bugs in the way gobjcopy
is extracting the debuginfo into the separate files, but no
complete failures as far as I know...


>  If we can put debuginfo into external files why would we ever want unstripped binaries?

We deliver minimal stripped binaries so that can have stack traces
with some amount of information in them when the debuginfo files
are not available. We have not yet figured out how to implement
minimal stripping on Windows so Windows hs_err_pid files have no
symbols in them when the debuginfo bundles are not present.


>  Is strip policy really necessary?

Yes. STRIP_POLICY allows folks to configure what they want
for the build that they are doing. It is also meant to map
to the Oracle policy where we were granted a waiver to
deliver minimal symbols in FDS project.


> Strip policy would seem to only be necessary if there are tools which can't handle external debuginfo. Assuming that everything can use external debuginfo then the policy would be to strip everything.

No you don't want to strip everything. See above aboutminimal
info in stack traces.


> Do I understand correctly that rpmbuild can only deal with unstripped binaries and generates the stripped rpm package and debuginfo package. It sounds kind of strange that find-debuginfo.sh wouldn't be able to use already generated debuginfo files.
>
> - I would expect that the flow is something like an extended version of https://blogs.oracle.com/dbx/entry/creating_separate_debug_info :
>   1.  Compile source files with some form of "-g"
>   2.  Create separate debug files for object files.
>   3.  Strip object files.
>   4.  Add gnu_debuglink to object files.
>   5.  Link library or executable which should carry along links to debuginfo.
>   6a. Debugging, testing, profiling, etc. by developers.
>   6b. Packaging for program bits and debuginfo.
>   7.  Testing and Use.
>
> Hopefully I didn't get any of those steps in the wrong order. What are the "you-cant-get-there-from-here" gaps and breakdowns from implementing this process?
>
> - Whether for the FDS debug symbols or RPM debuginfo packaging it seems that the default debug level isn't quite right. I believe that in both cases what's wanted is abbreviated debug info, mostly function names and line number tables, for building stack traces. This is not the debug info that is currently generated.

It's STRIP_POLICY=min_strip that leaves the minimal
debug info attached to the binaries and the more
complete debug info in left in the debuginfo file(s).
And I'll disagree about only wanting abbreviated debug
info in the separate debuginfo files.


> There are four basic alternatives for levels of debug info:
> 1. (-g0)  No debug info whatsoever.
>    Only exported functions and globals will have names. 
> 2. (-g1)  Abbreviated debug info. 
>    All functions have names and line number information. This seems to be what is needed by both FDS and RPM debuginfo files to produce nice stack traces. 
> 3. (-g)   Default debugging info. 
>    Adds macro expansions and local variable names. Suitable for source level debugging.
> 4. (-g3 or -gdwarf-4 -fvar-tracking-assignments). Full debugging info. 
>    Most suitable for source level debugging including debugging of optimized code. It is not clear that anyone would want to build the entire product with this option.
>
> Compilations are currently done with a mix of -g, -g1, and -gstabs. It would be good to rationalize this somewhat and provide a mechanism for developers to tweak generated debugging output for files or components.

There is a whole boatload of history behind using STABS or
DWARF or -g1 and usually (at least in HotSpot) there are
comments in the Makefiles explaining the sometimes arcane
reasons why these choices were made...

On Linux there is a special option DEBUG_BINARIES that is
used to specify '-g' for everything. I believe the magic
incantation for making RPM happy is something like:

DEBUG_BINARIES=true
FULL_DEBUG_SYMBOLS=0
STRIP_POLICY=none
ALT_OBJCOPY=/does_not_exist

The combination of FULL_DEBUG_SYMBOLS=0 and ALT_OBJCOPY=/does_not_exist
disables FDS for all build configs and reverts to pre-FDS make logic.
STRIP_POLICY=none says don't do any stripping. DEBUG_BINARIES=true says
ignore all the other logic about which debug options and just do '-g'.

I've accidentally broken DEBUG_BINARIES at least once, but I usually
get pinged by the Red Hat folks when I do...

Dan



> - Eventual alignment with http://gcc.gnu.org/wiki/DebugFission on some platforms?
>
>> So I change:
>>
>> 1. Separating to add "-g" option to compiler from executing objcopy.
>> 2. jdk/make/Images.gmk regards STRIP_POLICY.
>>
>>
>> As I mentioned earlier, this issue is related to RPM.
>> So I hope to fix it before JDK8 GA is released.
> This won't happen (at least not for Java 8u0). Java 8 is already late in it's final candidate stage. It is too late for the initial Java 8 release to consider this magnitude of change. In any event, since the Java 8 rampdown began back in November, any change would first have to be applied to Java 9 and then approved for backport to a Java 8 or an update release (and it is also possibly too late for 8u20).  
>
> Inability to include your suggested change in Java 8 or 8u20 is in no way a rejection of the ideas or contribution, it's merely a normal consequence of timelines and process.
>
> Mike


From bugzilla-daemon at icedtea.classpath.org  Mon Mar  3 07:26:12 2014
From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org)
Date: Mon, 03 Mar 2014 15:26:12 +0000
Subject: [Bug 1692] New: SIGSEV crash when installing xtext in eclipse
Message-ID: <bug-1692-30@http.icedtea.classpath.org/bugzilla/>

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1692

            Bug ID: 1692
           Summary: SIGSEV crash when installing xtext in eclipse
           Product: IcedTea
           Version: unspecified
          Hardware: x86_64
                OS: Linux
            Status: NEW
          Severity: major
          Priority: P5
         Component: IcedTea
          Assignee: gnu.andrew at redhat.com
          Reporter: b.murauer at gmail.com
                CC: unassigned at icedtea.classpath.org

Created attachment 1039
  --> http://icedtea.classpath.org/bugzilla/attachment.cgi?id=1039&action=edit
java error log

Steps to reproduce:
clean install of Linux Mint 16 KDE
updated OS as far as possible
installed eclipse using repos (version 3.8.1 debbuild)
eclipse starts fine, no problems. 
installing the xtext plugin from eclipse software repository
after accepting license agreement and hitting "install", eclipse crashes with
attatched error message
also tried with installing PHP-Plugin, same crash

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140303/68223e02/attachment.html 

From bugzilla-daemon at icedtea.classpath.org  Mon Mar  3 07:28:09 2014
From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org)
Date: Mon, 03 Mar 2014 15:28:09 +0000
Subject: [Bug 1692] SIGSEV crash when installing plugin in eclipse
In-Reply-To: <bug-1692-30@http.icedtea.classpath.org/bugzilla/>
References: <bug-1692-30@http.icedtea.classpath.org/bugzilla/>
Message-ID: <bug-1692-30-edQbFoERw8@http.icedtea.classpath.org/bugzilla/>

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1692

Benjamin Murauer <b.murauer at gmail.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
            Summary|SIGSEV crash when           |SIGSEV crash when
                   |installing xtext in eclipse |installing plugin in
                   |                            |eclipse

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140303/3e2a661c/attachment.html 

From mike.duigou at oracle.com  Sat Mar  1 15:08:56 2014
From: mike.duigou at oracle.com (Mike Duigou)
Date: Sat, 1 Mar 2014 15:08:56 -0800
Subject: JDK-8036003: Add variable not to separate debug information.
In-Reply-To: <5311E98A.1020004@ysfactory.dip.jp>
References: <20140228091835.58EB8C21F24@msgw007-05.ocn.ad.jp>	<53106F4A.8030905@oracle.com>
	<53109772.9070808@oracle.com> <5310AD70.2070908@ysfactory.dip.jp>
	<53112019.9050504@oracle.com> <5311E98A.1020004@ysfactory.dip.jp>
Message-ID: <F5BA0EF7-4D11-4C14-8294-5154300D5DE5@oracle.com>


On Mar 1 2014, at 06:07 , Yasumasa Suenaga <yasu at ysfactory.dip.jp> wrote:

> Hi David,
> 
>> 1. Generating debug symbols in the binaries (via gcc -g or whatever)
>> 2. Generating debuginfo files (zipped or not) (FDS)
>> 3. Stripping debug symbols from the binaries (strip-policy)
>> 
>> It may be that we don't have clean separation between them, and if so
>> that should be fixed, but I don't see the current proposal as the way
>> forward.
> 
> Currently, 1. depends 2. If FDS set to disable, debug symbols (-g) are not
> generated.
> SEPARATED_DEBUGINFO_FILES which my patch provides can separate them.

I think David's list (kudos) is very helpful as I haven't seen the requirements articulated this clearly anywhere else.

Some comments:

- Are there important tools that cannot deal with external debuginfo files? If we can put debuginfo into external files why would we ever want unstripped binaries? Is strip policy really necessary? Strip policy would seem to only be necessary if there are tools which can't handle external debuginfo. Assuming that everything can use external debuginfo then the policy would be to strip everything.

Do I understand correctly that rpmbuild can only deal with unstripped binaries and generates the stripped rpm package and debuginfo package. It sounds kind of strange that find-debuginfo.sh wouldn't be able to use already generated debuginfo files.

- I would expect that the flow is something like an extended version of https://blogs.oracle.com/dbx/entry/creating_separate_debug_info :
  1.  Compile source files with some form of "-g"
  2.  Create separate debug files for object files.
  3.  Strip object files.
  4.  Add gnu_debuglink to object files.
  5.  Link library or executable which should carry along links to debuginfo.
  6a. Debugging, testing, profiling, etc. by developers.
  6b. Packaging for program bits and debuginfo.
  7.  Testing and Use.

Hopefully I didn't get any of those steps in the wrong order. What are the "you-cant-get-there-from-here" gaps and breakdowns from implementing this process?

- Whether for the FDS debug symbols or RPM debuginfo packaging it seems that the default debug level isn't quite right. I believe that in both cases what's wanted is abbreviated debug info, mostly function names and line number tables, for building stack traces. This is not the debug info that is currently generated.

There are four basic alternatives for levels of debug info:
1. (-g0)  No debug info whatsoever.
   Only exported functions and globals will have names. 
2. (-g1)  Abbreviated debug info. 
   All functions have names and line number information. This seems to be what is needed by both FDS and RPM debuginfo files to produce nice stack traces. 
3. (-g)   Default debugging info. 
   Adds macro expansions and local variable names. Suitable for source level debugging.
4. (-g3 or -gdwarf-4 -fvar-tracking-assignments). Full debugging info. 
   Most suitable for source level debugging including debugging of optimized code. It is not clear that anyone would want to build the entire product with this option.

Compilations are currently done with a mix of -g, -g1, and -gstabs. It would be good to rationalize this somewhat and provide a mechanism for developers to tweak generated debugging output for files or components.

- Eventual alignment with http://gcc.gnu.org/wiki/DebugFission on some platforms?

> So I change:
> 
> 1. Separating to add "-g" option to compiler from executing objcopy.
> 2. jdk/make/Images.gmk regards STRIP_POLICY.
> 
> 
> As I mentioned earlier, this issue is related to RPM.
> So I hope to fix it before JDK8 GA is released.

This won't happen (at least not for Java 8u0). Java 8 is already late in it's final candidate stage. It is too late for the initial Java 8 release to consider this magnitude of change. In any event, since the Java 8 rampdown began back in November, any change would first have to be applied to Java 9 and then approved for backport to a Java 8 or an update release (and it is also possibly too late for 8u20).  

Inability to include your suggested change in Java 8 or 8u20 is in no way a rejection of the ideas or contribution, it's merely a normal consequence of timelines and process.

Mike

From jvanek at redhat.com  Mon Mar  3 08:24:20 2014
From: jvanek at redhat.com (Jiri Vanek)
Date: Mon, 03 Mar 2014 17:24:20 +0100
Subject: [rfc][icedtea-web] Unsigned applet security dialog abstraction
In-Reply-To: <5310A809.1010502@redhat.com>
References: <530FA52F.6090204@redhat.com> <53106D32.4080707@redhat.com>
	<5310A809.1010502@redhat.com>
Message-ID: <5314ACB4.70800@redhat.com>

On 02/28/2014 04:15 PM, Andrew Azores wrote:
> On 02/28/2014 06:04 AM, Jiri Vanek wrote:
>>
>> The renaming patch is ok to go, unless you wont to rename it to general ExecuteAction (see bottom
>> of email)
>>
>> Code itself looks good. Only nit:
>>
>> +        } catch (Exception e) {
>> +            e.printStackTrace();
>> +            throw e;
>> +        }
>>
>> Whats that? print and rethrow:-) why? only one of it should be enough or not. Anyway, print stack
>> trace is forbidden. Use ServerAccess.log* rather.
>
> This is in the tests, right? That's the only place I can find a match in the patches. Anyway - not
> sure what I was doing here, honestly. The exception doesn't even need to be caught and printed, does
> it? It's a JUnit @BeforeClass method, so if it throws an exception, will this be logged anyway? New
> tests attached, but the only difference is the try/catch there has been removed altogether.

I have already noted some issues when BeforClass throw an exception. If something will be noted....

>
>>
>> One general comment to idea itself. I was thinking about reusing this dialogue for
>> http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#app_library (And
>> maybe some more ) but it forces few more generalizations:
>>  - it should depend on jnlpfile, not on plugin bridge. (But this should not prevent the dialogue
>> from some cations if it is instance of plugin bridge)\
>
> I already reduced most of the dependency on PluginBridge over JNLPFile, but I think with the new
> abstraction patch I've removed it entirely.
>
>>  - it should use also  title of application
>>  - the help have to be adapted
>>  (maybe some acces to disable/enable some controls or similar..)
>>
>> From the quick glance those should be not hard to achieve. Do you wont to include it in this
>> refactoring, or later? Eg when I will use this. Probably something now, something later on demand...
>
> These are both probably worthy but as a separate changeset, especially making the controls generally
> enable/disable-able.

marking your words ;)

>
>>
>> Also in sound of those refactoings, I'm thinking if it is correct to use ExtendedAppletsSecurity
>> table as it is now.
>>  - you wont to reuse it for partially signed yes applets yes?
>
> Yes. It already works just fine as far as I've been able to tell in my testing. I suppose there
> might be a conflict if somehow one applet goes from being partially signed to unsigned or
> vice-versa, while it already has a remembered entry in the table... I hadn't even thought of that
> case before. It just seems to me that normally there shouldn't be any collision having them together
> in the same table. But your solution below helps with this anyway.

Yes this was also my background idea. That suddnely( without letting user know) will be allowed 
newly partialy signed applet.

Your reply  persuaded me to the  "definitely requires extra work to be done" as I noted.

>
>>  - I wont to use it for Application-Library-Allowable-Codebase
>>  - currently it is used for unsigned applet wont to run
>>
>> Your usecase is probably ok, and with some compromising it can reuse current table. But definitely
>> not the my one:(
>
> Yours definitely requires extra work to be done ;)
>
>>
>> So I was thinking about extending the format for some flag "purpose" (rather then  to have new table)
>> eg:
>> from current resolution timestamp url-regex jars:
>> y 1393582488549 \Qhttp://www.walter-fendt.de/ph14e/forceresol.htm\E
>> \Qhttp://www.walter-fendt.de/ph14_jar/\E Ph14English.jar,ZerlKraft.jar
>> to
>> y ACACA 1393582488549 \Qhttp://www.walter-fendt.de/ph14e/forceresol.htm\E
>> \Qhttp://www.walter-fendt.de/ph14_jar/\E Ph14English.jar,ZerlKraft.jar
>> or
>> y UNSIGNED 1393582488549 \Qhttp://www.walter-fendt.de/ph14e/forceresol.htm\E
>> \Qhttp://www.walter-fendt.de/ph14_jar/\E Ph14English.jar,ZerlKraft.jar
>> or
>> y PARTIALLY 1393582488549 \Qhttp://www.walter-fendt.de/ph14e/forceresol.htm\E
>> \Qhttp://www.walter-fendt.de/ph14_jar/\E Ph14English.jar,ZerlKraft.jar
>>
>> so:
>> resolution purpose timestamp url-regex jars
>> or similar,
>>
>>
>> What do you think?
>>
>>
>>
>>
>>
>> J.
>
> This sounds okay, I suppose. It should come with some pretty heaving renaming of the action storage
> classes though, because their names are really getting inaccurate with this kind of change. I would
> like to reuse the table if possible rather than create new one(s), and this seems like a reasonable
> way to do it I think? There will need to be some "migration" done to the table as well, but older
> tables that don't have this field should just have it filled in with UNSIGNED, so it shouldn't be
> too hard to work out.

The backward compatibility will not be issue. Issue is to design it properly for new usecases :)

>
> "tests2" has the try/catch removed, "abstraction_pluginbridge_deps" just changes a few occurrences
> of PluginBridge to JNLPFile, and "renames" hasn't been changed but is included for convenience.
>


Ok for head, some more work needed before 1.5 release.


From aazores at icedtea.classpath.org  Mon Mar  3 08:38:01 2014
From: aazores at icedtea.classpath.org (aazores at icedtea.classpath.org)
Date: Mon, 03 Mar 2014 16:38:01 +0000
Subject: /hg/icedtea-web: Unsigned applet warning dialog abstracted and g...
Message-ID: <hg.61bfad46e9cc.1393864681.8643924302249223276@icedtea.classpath.org>

changeset 61bfad46e9cc in /hg/icedtea-web
details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=61bfad46e9cc
author: Andrew Azores <aazores at redhat.com>
date: Mon Mar 03 11:36:14 2014 -0500

	Unsigned applet warning dialog abstracted and generalized

	UnsignedAppletTrustWarningPanel logic moved into new abstract parent class
	AppTrustWarningPanel for reusability.
	* netx/net/sourceforge/jnlp/security/AppTrustWarningDialog.java: new class
	* netx/net/sourceforge/jnlp/security/AppTrustWarningPanel.java: new class
	* netx/net/sourceforge/jnlp/security/UnsignedAppletTrustWarningPanel.java:
	major refactor into subclass of AppTrustWarningPanel
	* netx/net/sourceforge/jnlp/security/SecurityDialogs.java:
	(UnsignedWarningAction) references changed to AppSigningWarningAction
	* netx/net/sourceforge/jnlp/security/UnsignedAppletTrustWarningDialog.java: same
	* tests/netx/unit/net/sourceforge/jnlp/security/AppTrustWarningPanelTest.java:
	new tests for AppTrustWarningPanel
	* netx/net/sourceforge/jnlp/security/appletextendedsecurity/ExecuteUnsignedApplet.java:
	renamed, changed all references
	* netx/net/sourceforge/jnlp/security/appletextendedsecurity/ExecuteAppletAction.java:
	(ExecuteUnsignedApplet) renamed to this
	* netx/net/sourceforge/jnlp/controlpanel/UnsignedAppletActionTableModel.java:
	(ExecuteAppletAction) changed references
	* netx/net/sourceforge/jnlp/controlpanel/UnsignedAppletsTrustingListPanel.java:
	(ExecuteAppletAction) changed references
	* netx/net/sourceforge/jnlp/security/appletextendedsecurity/UnsignedAppletActionEntry.java:
	(ExecuteAppletAction) changed references
	* netx/net/sourceforge/jnlp/security/appletextendedsecurity/UnsignedAppletTrustConfirmation.java:
	(ExecuteAppletAction) changed references
	* netx/net/sourceforge/jnlp/security/appletextendedsecurity/impl/UnsignedAppletActionStorageExtendedImpl.java:
	(ExecuteAppletAction) changed references
	* netx/net/sourceforge/jnlp/security/appletextendedsecurity/impl/UnsignedAppletActionStorageImpl.java:
	(ExecuteAppletAction) changed references


diffstat:

 ChangeLog                                                                                                   |   30 +
 netx/net/sourceforge/jnlp/controlpanel/UnsignedAppletActionTableModel.java                                  |    8 +-
 netx/net/sourceforge/jnlp/controlpanel/UnsignedAppletsTrustingListPanel.java                                |   38 +-
 netx/net/sourceforge/jnlp/security/AppTrustWarningDialog.java                                               |   68 ++
 netx/net/sourceforge/jnlp/security/AppTrustWarningPanel.java                                                |  321 ++++++++++
 netx/net/sourceforge/jnlp/security/SecurityDialog.java                                                      |    2 +-
 netx/net/sourceforge/jnlp/security/SecurityDialogs.java                                                     |   11 +-
 netx/net/sourceforge/jnlp/security/UnsignedAppletTrustWarningDialog.java                                    |   10 +-
 netx/net/sourceforge/jnlp/security/UnsignedAppletTrustWarningPanel.java                                     |  280 +-------
 netx/net/sourceforge/jnlp/security/appletextendedsecurity/ExecuteAppletAction.java                          |   90 ++
 netx/net/sourceforge/jnlp/security/appletextendedsecurity/ExecuteUnsignedApplet.java                        |   90 --
 netx/net/sourceforge/jnlp/security/appletextendedsecurity/UnsignedAppletActionEntry.java                    |   10 +-
 netx/net/sourceforge/jnlp/security/appletextendedsecurity/UnsignedAppletTrustConfirmation.java              |   57 +-
 netx/net/sourceforge/jnlp/security/appletextendedsecurity/impl/UnsignedAppletActionStorageExtendedImpl.java |    6 +-
 netx/net/sourceforge/jnlp/security/appletextendedsecurity/impl/UnsignedAppletActionStorageImpl.java         |    6 +-
 tests/netx/unit/net/sourceforge/jnlp/security/AppTrustWarningPanelTest.java                                 |  130 ++++
 16 files changed, 755 insertions(+), 402 deletions(-)

diffs (truncated from 1554 to 500 lines):

diff -r ededca6b0659 -r 61bfad46e9cc ChangeLog
--- a/ChangeLog	Fri Feb 28 16:45:24 2014 -0500
+++ b/ChangeLog	Mon Mar 03 11:36:14 2014 -0500
@@ -1,3 +1,33 @@
+2014-03-03  Andrew Azores  <aazores at redhat.com>
+
+	UnsignedAppletTrustWarningPanel logic moved into new abstract parent class
+	AppTrustWarningPanel for reusability.
+	* netx/net/sourceforge/jnlp/security/AppTrustWarningDialog.java: new class
+	* netx/net/sourceforge/jnlp/security/AppTrustWarningPanel.java: new class
+	* netx/net/sourceforge/jnlp/security/UnsignedAppletTrustWarningPanel.java:
+	major refactor into subclass of AppTrustWarningPanel
+	* netx/net/sourceforge/jnlp/security/SecurityDialogs.java:
+	(UnsignedWarningAction) references changed to AppSigningWarningAction
+	* netx/net/sourceforge/jnlp/security/UnsignedAppletTrustWarningDialog.java: same
+	* tests/netx/unit/net/sourceforge/jnlp/security/AppTrustWarningPanelTest.java:
+	new tests for AppTrustWarningPanel
+	* netx/net/sourceforge/jnlp/security/appletextendedsecurity/ExecuteUnsignedApplet.java:
+	renamed, changed all references
+	* netx/net/sourceforge/jnlp/security/appletextendedsecurity/ExecuteAppletAction.java:
+	(ExecuteUnsignedApplet) renamed to this
+	* netx/net/sourceforge/jnlp/controlpanel/UnsignedAppletActionTableModel.java:
+	(ExecuteAppletAction) changed references
+	* netx/net/sourceforge/jnlp/controlpanel/UnsignedAppletsTrustingListPanel.java:
+	(ExecuteAppletAction) changed references
+	* netx/net/sourceforge/jnlp/security/appletextendedsecurity/UnsignedAppletActionEntry.java:
+	(ExecuteAppletAction) changed references
+	* netx/net/sourceforge/jnlp/security/appletextendedsecurity/UnsignedAppletTrustConfirmation.java:
+	(ExecuteAppletAction) changed references
+	* netx/net/sourceforge/jnlp/security/appletextendedsecurity/impl/UnsignedAppletActionStorageExtendedImpl.java:
+	(ExecuteAppletAction) changed references
+	* netx/net/sourceforge/jnlp/security/appletextendedsecurity/impl/UnsignedAppletActionStorageImpl.java:
+	(ExecuteAppletAction) changed references
+
 2014-02-28  Andrew Azores  <aazores at redhat.com>
 
 	Added "Sandbox" button to CertWarning dialogs, allowing signed applets
diff -r ededca6b0659 -r 61bfad46e9cc netx/net/sourceforge/jnlp/controlpanel/UnsignedAppletActionTableModel.java
--- a/netx/net/sourceforge/jnlp/controlpanel/UnsignedAppletActionTableModel.java	Fri Feb 28 16:45:24 2014 -0500
+++ b/netx/net/sourceforge/jnlp/controlpanel/UnsignedAppletActionTableModel.java	Mon Mar 03 11:36:14 2014 -0500
@@ -39,7 +39,7 @@
 import javax.swing.event.TableModelEvent;
 import javax.swing.table.AbstractTableModel;
 import net.sourceforge.jnlp.runtime.Translator;
-import net.sourceforge.jnlp.security.appletextendedsecurity.ExecuteUnsignedApplet;
+import net.sourceforge.jnlp.security.appletextendedsecurity.ExecuteAppletAction;
 import net.sourceforge.jnlp.security.appletextendedsecurity.UnsignedAppletActionEntry;
 import net.sourceforge.jnlp.security.appletextendedsecurity.UrlRegEx;
 import net.sourceforge.jnlp.security.appletextendedsecurity.impl.UnsignedAppletActionStorageExtendedImpl;
@@ -75,7 +75,7 @@
     @Override
     public Class<?> getColumnClass(int columnIndex) {
         if (columnIndex == 0) {
-            return ExecuteUnsignedApplet.class;
+            return ExecuteAppletAction.class;
         }
         if (columnIndex == 1) {
             return Date.class;
@@ -145,7 +145,7 @@
         int i = getRowCount()-1;
         String s = "\\Qhttp://localhost:80/\\E.*";
         back.add(new UnsignedAppletActionEntry(
-                ExecuteUnsignedApplet.NEVER,
+                ExecuteAppletAction.NEVER,
                 new Date(),
                 new UrlRegEx(s),
                 new UrlRegEx(s),
@@ -174,7 +174,7 @@
         fireTableRowsDeleted(0, i);
     }
 
-    void removeByBehaviour(ExecuteUnsignedApplet unsignedAppletAction) {
+    void removeByBehaviour(ExecuteAppletAction unsignedAppletAction) {
         int i = getRowCount()-1;
         if (i<0){
             return;
diff -r ededca6b0659 -r 61bfad46e9cc netx/net/sourceforge/jnlp/controlpanel/UnsignedAppletsTrustingListPanel.java
--- a/netx/net/sourceforge/jnlp/controlpanel/UnsignedAppletsTrustingListPanel.java	Fri Feb 28 16:45:24 2014 -0500
+++ b/netx/net/sourceforge/jnlp/controlpanel/UnsignedAppletsTrustingListPanel.java	Mon Mar 03 11:36:14 2014 -0500
@@ -75,7 +75,7 @@
 import net.sourceforge.jnlp.config.DeploymentConfiguration;
 import net.sourceforge.jnlp.runtime.Translator;
 import net.sourceforge.jnlp.security.appletextendedsecurity.AppletSecurityLevel;
-import net.sourceforge.jnlp.security.appletextendedsecurity.ExecuteUnsignedApplet;
+import net.sourceforge.jnlp.security.appletextendedsecurity.ExecuteAppletAction;
 import net.sourceforge.jnlp.security.appletextendedsecurity.ExtendedAppletSecurityHelp;
 import net.sourceforge.jnlp.security.appletextendedsecurity.UnsignedAppletActionEntry;
 import net.sourceforge.jnlp.security.appletextendedsecurity.UrlRegEx;
@@ -520,16 +520,16 @@
             removeSelectedFromTable(currentTable);
         }
         if (deleteTypeComboBox.getSelectedIndex() == 1) {
-            removeByBehaviour(ExecuteUnsignedApplet.ALWAYS);
+            removeByBehaviour(ExecuteAppletAction.ALWAYS);
         }
         if (deleteTypeComboBox.getSelectedIndex() == 2) {
-            removeByBehaviour(ExecuteUnsignedApplet.NEVER);
+            removeByBehaviour(ExecuteAppletAction.NEVER);
         }
         if (deleteTypeComboBox.getSelectedIndex() == 3) {
-            removeByBehaviour(ExecuteUnsignedApplet.YES);
+            removeByBehaviour(ExecuteAppletAction.YES);
         }
         if (deleteTypeComboBox.getSelectedIndex() == 4) {
-            removeByBehaviour(ExecuteUnsignedApplet.NO);
+            removeByBehaviour(ExecuteAppletAction.NO);
         }
         if (deleteTypeComboBox.getSelectedIndex() == 5) {
             removeAllItemsFromTable(currentTable, customModel);
@@ -701,7 +701,7 @@
             public TableCellEditor getCellEditor(int row, int column) {
                 int columnx = convertColumnIndexToModel(column);
                 if (columnx == 0) {
-                    return new DefaultCellEditor(new JComboBox(new ExecuteUnsignedApplet[]{ExecuteUnsignedApplet.ALWAYS, ExecuteUnsignedApplet.NEVER, ExecuteUnsignedApplet.YES, ExecuteUnsignedApplet.NO}));
+                    return new DefaultCellEditor(new JComboBox(new ExecuteAppletAction[]{ExecuteAppletAction.ALWAYS, ExecuteAppletAction.NEVER, ExecuteAppletAction.YES, ExecuteAppletAction.NO}));
                 }
                 if (columnx == 2) {
                     column = convertColumnIndexToModel(column);
@@ -758,7 +758,7 @@
 
     }
 
-    private void removeByBehaviour(ExecuteUnsignedApplet unsignedAppletAction) {
+    private void removeByBehaviour(ExecuteAppletAction unsignedAppletAction) {
         UnsignedAppletActionEntry[] items = currentModel.back.toArray();
         if (askBeforeActionCheckBox.isSelected()) {
             List<UnsignedAppletActionEntry> toBeDeleted = new ArrayList<UnsignedAppletActionEntry>();
@@ -904,16 +904,16 @@
 
             @Override
             public boolean include(Entry<? extends UnsignedAppletActionTableModel, ? extends Integer> entry) {
-                ExecuteUnsignedApplet o = (ExecuteUnsignedApplet) entry.getModel().getValueAt(entry.getIdentifier(), 0);
-                return (o.equals(ExecuteUnsignedApplet.ALWAYS) || o.equals(ExecuteUnsignedApplet.NEVER));
+                ExecuteAppletAction o = (ExecuteAppletAction) entry.getModel().getValueAt(entry.getIdentifier(), 0);
+                return (o.equals(ExecuteAppletAction.ALWAYS) || o.equals(ExecuteAppletAction.NEVER));
             }
         }
 
         private static final class ShowPermanentA extends MyCommonSorter {
             @Override
             public boolean include(Entry<? extends UnsignedAppletActionTableModel, ? extends Integer> entry) {
-                ExecuteUnsignedApplet o = (ExecuteUnsignedApplet) entry.getModel().getValueAt(entry.getIdentifier(), 0);
-                return (o.equals(ExecuteUnsignedApplet.ALWAYS));
+                ExecuteAppletAction o = (ExecuteAppletAction) entry.getModel().getValueAt(entry.getIdentifier(), 0);
+                return (o.equals(ExecuteAppletAction.ALWAYS));
             }
         }
 
@@ -921,8 +921,8 @@
 
             @Override
             public boolean include(Entry<? extends UnsignedAppletActionTableModel, ? extends Integer> entry) {
-                ExecuteUnsignedApplet o = (ExecuteUnsignedApplet) entry.getModel().getValueAt(entry.getIdentifier(), 0);
-                return (o.equals(ExecuteUnsignedApplet.NEVER));
+                ExecuteAppletAction o = (ExecuteAppletAction) entry.getModel().getValueAt(entry.getIdentifier(), 0);
+                return (o.equals(ExecuteAppletAction.NEVER));
             }
         }
 
@@ -930,8 +930,8 @@
 
             @Override
             public boolean include(Entry<? extends UnsignedAppletActionTableModel, ? extends Integer> entry) {
-                ExecuteUnsignedApplet o = (ExecuteUnsignedApplet) entry.getModel().getValueAt(entry.getIdentifier(), 0);
-                return (o.equals(ExecuteUnsignedApplet.YES) || o.equals(ExecuteUnsignedApplet.NO));
+                ExecuteAppletAction o = (ExecuteAppletAction) entry.getModel().getValueAt(entry.getIdentifier(), 0);
+                return (o.equals(ExecuteAppletAction.YES) || o.equals(ExecuteAppletAction.NO));
             }
         }
 
@@ -939,8 +939,8 @@
 
             @Override
             public boolean include(Entry<? extends UnsignedAppletActionTableModel, ? extends Integer> entry) {
-                ExecuteUnsignedApplet o = (ExecuteUnsignedApplet) entry.getModel().getValueAt(entry.getIdentifier(), 0);
-                return (o.equals(ExecuteUnsignedApplet.YES));
+                ExecuteAppletAction o = (ExecuteAppletAction) entry.getModel().getValueAt(entry.getIdentifier(), 0);
+                return (o.equals(ExecuteAppletAction.YES));
             }
            
             
@@ -950,8 +950,8 @@
 
             @Override
             public boolean include(Entry<? extends UnsignedAppletActionTableModel, ? extends Integer> entry) {
-                ExecuteUnsignedApplet o = (ExecuteUnsignedApplet) entry.getModel().getValueAt(entry.getIdentifier(), 0);
-                return (o.equals(ExecuteUnsignedApplet.NO));
+                ExecuteAppletAction o = (ExecuteAppletAction) entry.getModel().getValueAt(entry.getIdentifier(), 0);
+                return (o.equals(ExecuteAppletAction.NO));
             }
             
         }
diff -r ededca6b0659 -r 61bfad46e9cc netx/net/sourceforge/jnlp/security/AppTrustWarningDialog.java
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/netx/net/sourceforge/jnlp/security/AppTrustWarningDialog.java	Mon Mar 03 11:36:14 2014 -0500
@@ -0,0 +1,68 @@
+/* Copyright (C) 2013 Red Hat, Inc.
+
+This file is part of IcedTea.
+
+IcedTea is free software; you can redistribute it and/or
+modify it under the terms of the GNU General Public License as published by
+the Free Software Foundation, version 2.
+
+IcedTea is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with IcedTea; see the file COPYING.  If not, write to
+the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version.
+ */
+
+package net.sourceforge.jnlp.security;
+
+import net.sourceforge.jnlp.JNLPFile;
+import net.sourceforge.jnlp.security.AppTrustWarningPanel.ActionChoiceListener;
+import net.sourceforge.jnlp.security.AppTrustWarningPanel.AppSigningWarningAction;
+
+/**
+ * A panel that confirms that the user is OK with unsigned code running.
+ */
+public class AppTrustWarningDialog extends SecurityDialogPanel {
+
+    private AppTrustWarningDialog(final SecurityDialog dialog) {
+        super(dialog);
+    }
+
+    public static AppTrustWarningDialog unsigned(final SecurityDialog dialog, final JNLPFile file) {
+        final AppTrustWarningDialog warningDialog = new AppTrustWarningDialog(dialog);
+        warningDialog.add(new UnsignedAppletTrustWarningPanel(file, warningDialog.getActionChoiceListener()));
+        return warningDialog;
+    }
+
+    private ActionChoiceListener getActionChoiceListener() {
+        return new ActionChoiceListener() {
+            @Override
+            public void actionChosen(final AppSigningWarningAction action) {
+                parent.setValue(action);
+                parent.dispose();
+            }
+        };
+    }
+
+}
diff -r ededca6b0659 -r 61bfad46e9cc netx/net/sourceforge/jnlp/security/AppTrustWarningPanel.java
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/netx/net/sourceforge/jnlp/security/AppTrustWarningPanel.java	Mon Mar 03 11:36:14 2014 -0500
@@ -0,0 +1,321 @@
+/* Copyright (C) 2013 Red Hat, Inc.
+
+This file is part of IcedTea.
+
+IcedTea is free software; you can redistribute it and/or
+modify it under the terms of the GNU General Public License as published by
+the Free Software Foundation, version 2.
+
+IcedTea is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with IcedTea; see the file COPYING.  If not, write to
+the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version.
+ */
+
+package net.sourceforge.jnlp.security;
+
+import static net.sourceforge.jnlp.runtime.Translator.R;
+
+import java.awt.BorderLayout;
+import java.awt.Color;
+import java.awt.Dimension;
+import java.awt.FlowLayout;
+import java.awt.Font;
+import java.awt.GridLayout;
+import java.awt.event.ActionEvent;
+import java.awt.event.ActionListener;
+
+import javax.swing.BorderFactory;
+import javax.swing.BoxLayout;
+import javax.swing.ButtonGroup;
+import javax.swing.ImageIcon;
+import javax.swing.JButton;
+import javax.swing.JCheckBox;
+import javax.swing.JDialog;
+import javax.swing.JLabel;
+import javax.swing.JPanel;
+import javax.swing.JRadioButton;
+import javax.swing.SwingConstants;
+
+import net.sourceforge.jnlp.JNLPFile;
+import net.sourceforge.jnlp.PluginBridge;
+import net.sourceforge.jnlp.security.appletextendedsecurity.ExecuteAppletAction;
+import net.sourceforge.jnlp.security.appletextendedsecurity.ExtendedAppletSecurityHelp;
+import net.sourceforge.jnlp.util.ScreenFinder;
+
+/*
+ * This class is meant to provide a common layout and functionality for warning dialogs
+ * that appear when the user needs to confirm the running of applets/applications.
+ * Subclasses include UnsignedAppletTrustWarningPanel, for unsigned plugin applets, and
+ * PartiallySignedAppTrustWarningPanel, for partially signed JNLP applications as well as
+ * plugin applets. New implementations should be added to the unit test at
+ * unit/net/sourceforge/jnlp/security/AppTrustWarningPanelTest
+ */
+public abstract class AppTrustWarningPanel extends JPanel {
+
+    /*
+     * Details of decided action.
+     */
+    public static class AppSigningWarningAction {
+        private ExecuteAppletAction action;
+        private boolean applyToCodeBase;
+
+        public AppSigningWarningAction(ExecuteAppletAction action,
+                boolean applyToCodeBase) {
+            this.action = action;
+            this.applyToCodeBase = applyToCodeBase;
+        }
+
+        public ExecuteAppletAction getAction() {
+            return action;
+        }
+
+        public boolean rememberForCodeBase() {
+            return applyToCodeBase;
+        }
+    }
+
+    /*
+     * Callback for when action is decided.
+     */
+    public static interface ActionChoiceListener {
+        void actionChosen(AppSigningWarningAction action);
+    }
+
+    protected int PANE_WIDTH = 500;
+
+    protected int TOP_PANEL_HEIGHT = 60;
+    protected int INFO_PANEL_HEIGHT = 140;
+    protected int INFO_PANEL_HINT_HEIGHT = 25;
+    protected int QUESTION_PANEL_HEIGHT = 35;
+
+    private JButton allowButton;
+    private JButton rejectButton;
+    private JButton helpButton;
+    private JCheckBox permanencyCheckBox;
+    private JRadioButton applyToAppletButton;
+    private JRadioButton applyToCodeBaseButton;
+
+    protected JNLPFile file;
+
+    private ActionChoiceListener actionChoiceListener;
+
+    /*
+     * Subclasses should call addComponents() IMMEDIATELY after calling the super() constructor!
+     */
+    public AppTrustWarningPanel(JNLPFile file, ActionChoiceListener actionChoiceListener) {
+        this.file = file;
+        this.actionChoiceListener = actionChoiceListener;
+    }
+
+    /*
+     * Provides an image to be displayed near the upper left corner of the dialog.
+     */
+    protected abstract ImageIcon getInfoImage();
+
+    /*
+     * Provides a short description of why the dialog is appearing. The message is expected to be HTML-formatted.
+     */
+    protected abstract String getTopPanelText();
+
+    /*
+     * Provides in-depth information on why the dialog is appearing. The message is expected to be HTML-formatted.
+     */
+    protected abstract String getInfoPanelText();
+
+    /*
+     * This provides the text for the final prompt to the user. The message is expected to be HTML formatted.
+     * The user's action is a direct response to this question.
+     */
+    protected abstract String getQuestionPanelText();
+
+    public JButton getAllowButton() {
+        return allowButton;
+    }
+
+    public JButton getRejectButton() {
+        return rejectButton;
+    }
+
+    protected static String htmlWrap(String text) {
+        return "<html>" + text + "</html>";
+    }
+
+    private void setupTopPanel() {
+        final String topLabelText = getTopPanelText();
+
+        JLabel topLabel = new JLabel(topLabelText, getInfoImage(),
+                SwingConstants.LEFT);
+        topLabel.setFont(new Font(topLabel.getFont().toString(), Font.BOLD, 12));
+
+        JPanel topPanel = new JPanel(new BorderLayout());
+        topPanel.setBackground(Color.WHITE);
+        topPanel.add(topLabel, BorderLayout.CENTER);
+        topPanel.setPreferredSize(new Dimension(PANE_WIDTH, TOP_PANEL_HEIGHT));
+        topPanel.setBorder(BorderFactory.createEmptyBorder(10, 10, 10, 10));
+
+        add(topPanel);
+    }
+
+    private void setupInfoPanel() {
+        String infoLabelText = getInfoPanelText();
+        int panelHeight = INFO_PANEL_HEIGHT + INFO_PANEL_HINT_HEIGHT;
+
+        JLabel infoLabel = new JLabel(infoLabelText);
+        JPanel infoPanel = new JPanel(new BorderLayout());
+        infoPanel.add(infoLabel, BorderLayout.CENTER);
+        infoPanel.setPreferredSize(new Dimension(PANE_WIDTH, panelHeight));
+        infoPanel.setBorder(BorderFactory.createEmptyBorder(10, 10, 10, 10));
+
+        add(infoPanel);
+    }
+
+    private void setupQuestionsPanel() {
+        JPanel questionPanel = new JPanel(new BorderLayout());
+
+        final String questionPanelText = getQuestionPanelText();
+        questionPanel.add(new JLabel(questionPanelText), BorderLayout.EAST);
+
+        questionPanel.setPreferredSize(new Dimension(PANE_WIDTH, QUESTION_PANEL_HEIGHT));
+        questionPanel.setBorder(BorderFactory.createEmptyBorder(0, 10, 0, 10));
+
+        add(questionPanel);
+    }
+
+    private JPanel createMatchOptionsPanel() {
+        JPanel matchOptionsPanel = new JPanel(new FlowLayout(FlowLayout.RIGHT));
+
+        ButtonGroup group = new ButtonGroup();
+        applyToAppletButton = new JRadioButton(R("SRememberAppletOnly"));
+        applyToAppletButton.setSelected(true);
+        applyToAppletButton.setEnabled(false); // Start disabled until 'Remember this option' is selected
+
+        applyToCodeBaseButton = new JRadioButton(htmlWrap(R("SRememberCodebase", file.getCodeBase())));
+        applyToCodeBaseButton.setEnabled(false);
+
+        group.add(applyToAppletButton);
+        group.add(applyToCodeBaseButton);
+
+        matchOptionsPanel.add(applyToAppletButton);
+        matchOptionsPanel.add(applyToCodeBaseButton);
+
+        return matchOptionsPanel;
+    }
+
+    private JPanel createCheckBoxPanel() {
+        JPanel checkBoxPanel = new JPanel(new FlowLayout(FlowLayout.LEFT));
+
+        permanencyCheckBox = new JCheckBox(htmlWrap(R("SRememberOption")));
+        permanencyCheckBox.addActionListener(permanencyListener());
+        checkBoxPanel.add(permanencyCheckBox);

From omajid at icedtea.classpath.org  Mon Mar  3 09:23:43 2014
From: omajid at icedtea.classpath.org (omajid at icedtea.classpath.org)
Date: Mon, 03 Mar 2014 17:23:43 +0000
Subject: /hg/icedtea-web: PR1676: Add useLegacyMergeSort to JNLP properties
Message-ID: <hg.3381129e3ae2.1393867423.8643924302249223276@icedtea.classpath.org>

changeset 3381129e3ae2 in /hg/icedtea-web
details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=3381129e3ae2
author: Omair Majid <omajid at redhat.com>
date: Mon Mar 03 12:21:19 2014 -0500

	PR1676: Add useLegacyMergeSort to JNLP properties

	2014-03-03  Omair Majid  <omajid at redhat.com>

	    PR1676
	    * netx/net/sourceforge/jnlp/SecurityDesc.java: Add permission to
	    read/write useLegacyMergeSort.


diffstat:

 ChangeLog                                   |  6 ++++++
 netx/net/sourceforge/jnlp/SecurityDesc.java |  1 +
 2 files changed, 7 insertions(+), 0 deletions(-)

diffs (24 lines):

diff -r 61bfad46e9cc -r 3381129e3ae2 ChangeLog
--- a/ChangeLog	Mon Mar 03 11:36:14 2014 -0500
+++ b/ChangeLog	Mon Mar 03 12:21:19 2014 -0500
@@ -1,3 +1,9 @@
+2014-03-03  Omair Majid  <omajid at redhat.com>
+
+	PR1676
+	* netx/net/sourceforge/jnlp/SecurityDesc.java: Add permission to
+	read/write useLegacyMergeSort.
+
 2014-03-03  Andrew Azores  <aazores at redhat.com>
 
 	UnsignedAppletTrustWarningPanel logic moved into new abstract parent class
diff -r 61bfad46e9cc -r 3381129e3ae2 netx/net/sourceforge/jnlp/SecurityDesc.java
--- a/netx/net/sourceforge/jnlp/SecurityDesc.java	Mon Mar 03 11:36:14 2014 -0500
+++ b/netx/net/sourceforge/jnlp/SecurityDesc.java	Mon Mar 03 12:21:19 2014 -0500
@@ -88,6 +88,7 @@
     private static Permission sandboxPermissions[] = {
             new SocketPermission("localhost:1024-", "listen"),
             // new SocketPermission("<DownloadHost>", "connect, accept"), // added by code
+            new PropertyPermission("java.util.Arrays.useLegacyMergeSort", "read,write"),
             new PropertyPermission("java.version", "read"),
             new PropertyPermission("java.vendor", "read"),
             new PropertyPermission("java.vendor.url", "read"),

From bugzilla-daemon at icedtea.classpath.org  Mon Mar  3 09:23:51 2014
From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org)
Date: Mon, 03 Mar 2014 17:23:51 +0000
Subject: [Bug 1676] enhance the list of secure jnlp properties to support
	useLegacyMergeSort
In-Reply-To: <bug-1676-30@http.icedtea.classpath.org/bugzilla/>
References: <bug-1676-30@http.icedtea.classpath.org/bugzilla/>
Message-ID: <bug-1676-30-4Wmoe3QTNz@http.icedtea.classpath.org/bugzilla/>

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1676

--- Comment #1 from hg commits <mercurial at icedtea.classpath.org> ---
details:
http://icedtea.classpath.org//hg/icedtea-web?cmd=changeset;node=3381129e3ae2
author: Omair Majid <omajid at redhat.com>
date: Mon Mar 03 12:21:19 2014 -0500

    PR1676: Add useLegacyMergeSort to JNLP properties

    2014-03-03  Omair Majid  <omajid at redhat.com>

        PR1676
        * netx/net/sourceforge/jnlp/SecurityDesc.java: Add permission to
        read/write useLegacyMergeSort.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140303/cffc60b1/attachment.html 

From omajid at redhat.com  Mon Mar  3 09:42:55 2014
From: omajid at redhat.com (Omair Majid)
Date: Mon, 3 Mar 2014 12:42:55 -0500
Subject: [icedtea-web] RFC: PR857: Don't set look and feel multiple times
In-Reply-To: <53143491.7020802@redhat.com>
References: <20140228230710.GA18442@redhat.com> <53143491.7020802@redhat.com>
Message-ID: <20140303174255.GD2045@redhat.com>

* Jiri Vanek <jvanek at redhat.com> [2014-03-03 02:51]:
> On 03/01/2014 12:07 AM, Omair Majid wrote:
> >Hi,
> >
> >The attached patch is a fix for PR857. The idea is quite simple: make
> >sure UIManager.setLookAndFeel() is called at most once (and ideally
> >exactly once) before any UI is shown.
> >
> >There are a few code paths that can cause UIManager.setLookAndFell to be
> >invoked multiple times:
> >
> >- AboutDialog (only on entry from a class other than Boot)
> >- SecurityDialog
> >- PolicyEditor (only on entry from ControlPanel)
> >
> >CertificateViewer calls JNLPRuntime.initialize() which already calls
> >UIManager.setLookAndFeel. So I have removed the direct call from
> >CertificateViewer.
> >
> >Also, JNLPRuntime.initialize currently calls setLookAndFeel after
> >displaying a JavaConsole. This is alos fixed.
> >
> >Thoughts?
> >
> 
> ouch, that an old one!
> 
> 
> However - the original one - http://icedtea.classpath.org/bugzilla/attachment.cgi?id=640&action=diff
> - (the confirmed one)  is quite different, why so?

For a couple of reasons:
- The reporter only tested one code path (the main plugin/javaws code
  path)
- I went through more code this time and noticed more subtle issues,
  including cases where setting the look and feel is completely
  redundant.

> Also   " Don't set look and feel multiple times" do not sound proper
> to me, it is still set two times.

I don't follow. It is set exactly once in (a shared code path) in the
case of plugins/javaws: in JNLPRuntime.initialize().

> Can't there be only one place to do so?

No, unless you want to have exactly one entry point for icedtea-web that then selects what to run:
- javaws
- plugin
- about dialog
- controlpanel
- certificate viewer
- policy editor

> I would rather log the exception.
> 
> I would ratehr log this exception in debug only (default) =?
> -            OutputController.getLogger().log(OutputController.Level.ERROR_ALL, e);
> +            OutputController.getLogger().log(e);

Fixed.

Thanks,
Omair

-- 
PGP Key: 66484681 (http://pgp.mit.edu/)
Fingerprint = F072 555B 0A17 3957 4E95  0056 F286 F14F 6648 4681
-------------- next part --------------
diff --git a/ChangeLog b/ChangeLog
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,21 @@
+2014-03-03  Omair Majid  <omajid at redhat.com>
+
+	PR857
+	* netx/net/sourceforge/jnlp/about/AboutDialog.java
+	(run): Do not set look and feel.
+	* netx/net/sourceforge/jnlp/runtime/Boot.java
+	(main) <about>: Set look and feel before displaying dialog.
+	* netx/net/sourceforge/jnlp/runtime/JNLPRuntime.java
+	(initialize): Set look and feel before any UI is created.
+	* netx/net/sourceforge/jnlp/security/SecurityDialog.java
+	(init): Do not set look and feel.
+	(setSystemLookAndFeel): Removed.
+	* netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java
+	(createInstance): Do not set look and feel.
+	* netx/net/sourceforge/jnlp/security/viewer/CertificateViewer.java
+	(showCertificateViewer): Do not set look and feel.
+	(setSystemLookAndFeel): Removed.
+
 2014-03-03  Omair Majid  <omajid at redhat.com>
 
 	PR1676
diff --git a/netx/net/sourceforge/jnlp/about/AboutDialog.java b/netx/net/sourceforge/jnlp/about/AboutDialog.java
--- a/netx/net/sourceforge/jnlp/about/AboutDialog.java
+++ b/netx/net/sourceforge/jnlp/about/AboutDialog.java
@@ -175,11 +175,6 @@
 
     @Override
     public void run() {
-        try {
-            UIManager.setLookAndFeel(UIManager.getSystemLookAndFeelClassName());
-        } catch (Exception e) {
-        }
-
         layoutWindow();
         ScreenFinder.centerWindowsToCurrentScreen(frame);
         frame.setVisible(true);
diff --git a/netx/net/sourceforge/jnlp/runtime/Boot.java b/netx/net/sourceforge/jnlp/runtime/Boot.java
--- a/netx/net/sourceforge/jnlp/runtime/Boot.java
+++ b/netx/net/sourceforge/jnlp/runtime/Boot.java
@@ -28,6 +28,8 @@
 import java.util.List;
 import java.util.Map;
 
+import javax.swing.UIManager;
+
 import net.sourceforge.jnlp.LaunchException;
 import net.sourceforge.jnlp.Launcher;
 import net.sourceforge.jnlp.ParserSettings;
@@ -161,6 +163,11 @@
             if (null != getOption("-headless")) {
                 JNLPRuntime.exit(0);
             } else {
+                try {
+                    UIManager.setLookAndFeel(UIManager.getSystemLookAndFeelClassName());
+                } catch (Exception e) {
+                    OutputController.getLogger().log("Unable to set system look and feel");
+                }
                 OutputController.getLogger().printOutLn(R("BLaunchAbout"));
                 AboutDialog.display();
                 return;
diff --git a/netx/net/sourceforge/jnlp/runtime/JNLPRuntime.java b/netx/net/sourceforge/jnlp/runtime/JNLPRuntime.java
--- a/netx/net/sourceforge/jnlp/runtime/JNLPRuntime.java
+++ b/netx/net/sourceforge/jnlp/runtime/JNLPRuntime.java
@@ -195,6 +195,12 @@
     public static void initialize(boolean isApplication) throws IllegalStateException {
         checkInitialized();
 
+        try {
+            UIManager.setLookAndFeel(UIManager.getSystemLookAndFeelClassName());
+        } catch (Exception e) {
+            OutputController.getLogger().log("Unable to set system look and feel");
+        }
+
         if (JavaConsole.canShowOnStartup(isApplication)) {
             JavaConsole.getConsole().showConsoleLater();
         }
@@ -236,12 +242,6 @@
         policy = new JNLPPolicy();
         security = new JNLPSecurityManager(); // side effect: create JWindow
 
-        try {
-            UIManager.setLookAndFeel(UIManager.getSystemLookAndFeelClassName());
-        } catch (Exception e) {
-            OutputController.getLogger().log(OutputController.Level.ERROR_ALL, e);
-        }
-
         doMainAppContextHacks();
 
         if (securityEnabled) {
diff --git a/netx/net/sourceforge/jnlp/security/SecurityDialog.java b/netx/net/sourceforge/jnlp/security/SecurityDialog.java
--- a/netx/net/sourceforge/jnlp/security/SecurityDialog.java
+++ b/netx/net/sourceforge/jnlp/security/SecurityDialog.java
@@ -216,8 +216,6 @@
     }
 
     private void initDialog() {
-        setSystemLookAndFeel();
-
         String dialogTitle = "";
         if (dialogType == DialogType.CERT_WARNING) {
             if (accessType == AccessType.VERIFIED)
@@ -346,17 +344,6 @@
         super.dispose();
     }
 
-    /**
-     * Updates the look and feel of the window to be the system look and feel
-     */
-    protected void setSystemLookAndFeel() {
-        try {
-            UIManager.setLookAndFeel(UIManager.getSystemLookAndFeelClassName());
-        } catch (Exception e) {
-            //don't worry if we can't.
-        }
-    }
-
     private final List<ActionListener> listeners = new CopyOnWriteArrayList<ActionListener>();
 
     /**
diff --git a/netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java b/netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java
--- a/netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java
+++ b/netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java
@@ -917,11 +917,6 @@
     }
 
     public static PolicyEditor createInstance(final String filepath) {
-        try {
-            UIManager.setLookAndFeel(UIManager.getSystemLookAndFeelClassName());
-        } catch (final Exception e) {
-            // not really important, so just ignore
-        }
         return new PolicyEditor(filepath);
     }
 
diff --git a/netx/net/sourceforge/jnlp/security/viewer/CertificateViewer.java b/netx/net/sourceforge/jnlp/security/viewer/CertificateViewer.java
--- a/netx/net/sourceforge/jnlp/security/viewer/CertificateViewer.java
+++ b/netx/net/sourceforge/jnlp/security/viewer/CertificateViewer.java
@@ -100,7 +100,6 @@
 
     public static void showCertificateViewer() throws Exception {
         JNLPRuntime.initialize(true);
-        setSystemLookAndFeel();
 
         CertificateViewer cv = new CertificateViewer();
         cv.setResizable(true);
@@ -109,14 +108,6 @@
         cv.dispose();
     }
 
-    private static void setSystemLookAndFeel() {
-        try {
-            UIManager.setLookAndFeel(UIManager.getSystemLookAndFeelClassName());
-        } catch (Exception e) {
-            // don't worry if we can't.
-        }
-    }
-
     public static void main(String[] args) throws Exception {
         CertificateViewer.showCertificateViewer();
     }

From bugzilla-daemon at icedtea.classpath.org  Mon Mar  3 10:02:36 2014
From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org)
Date: Mon, 03 Mar 2014 18:02:36 +0000
Subject: [Bug 1692] SIGSEV crash when installing plugin in eclipse
In-Reply-To: <bug-1692-30@http.icedtea.classpath.org/bugzilla/>
References: <bug-1692-30@http.icedtea.classpath.org/bugzilla/>
Message-ID: <bug-1692-30-ldTDiJqLci@http.icedtea.classpath.org/bugzilla/>

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1692

--- Comment #1 from Benjamin Murauer <b.murauer at gmail.com> ---
With a downloaded eclipse 4.3.2 Kepler v.2 no error occur during plugin
installation.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140303/a730c716/attachment.html 

From omajid at redhat.com  Mon Mar  3 11:01:03 2014
From: omajid at redhat.com (Omair Majid)
Date: Mon, 3 Mar 2014 14:01:03 -0500
Subject: JDK-8036003: Add variable not to separate debug information.
In-Reply-To: <53144E4D.8080606@redhat.com>
References: <20140228091835.58EB8C21F24@msgw007-05.ocn.ad.jp>
	<53144E4D.8080606@redhat.com>
Message-ID: <20140303190102.GE2045@redhat.com>

* Andrew Haley <aph at redhat.com> [2014-03-03 04:43]:
> On 02/28/2014 09:18 AM, Yasumasa Suenaga wrote:
> > For example, OpenJDK8 in Fedora20 ships libjvm.so and libjvm.debuginfo .
> > libjvm.debuginfo is generated in OpenJDK's makefiles, however it does not
> > contain debug information. Actual debug information is shipped by OpenJDK
> > debuginfo package.
> 
> That's a bug in Fedora's build.  We should fix it.

This should fix it:
http://pkgs.fedoraproject.org/cgit/java-1.8.0-openjdk.git/commit/?id=1734315551d634b7467f28788d90595b467ea5eb

Thanks,
Omair

-- 
PGP Key: 66484681 (http://pgp.mit.edu/)
Fingerprint = F072 555B 0A17 3957 4E95  0056 F286 F14F 6648 4681

From omajid at redhat.com  Mon Mar  3 11:11:18 2014
From: omajid at redhat.com (Omair Majid)
Date: Mon, 3 Mar 2014 14:11:18 -0500
Subject: JDK-8036003: Add variable not to separate debug information.
In-Reply-To: <53149826.7030106@oracle.com>
References: <20140228091835.58EB8C21F24@msgw007-05.ocn.ad.jp>
	<53106F4A.8030905@oracle.com> <53109772.9070808@oracle.com>
	<5310AD70.2070908@ysfactory.dip.jp> <53112019.9050504@oracle.com>
	<5311E98A.1020004@ysfactory.dip.jp>
	<F5BA0EF7-4D11-4C14-8294-5154300D5DE5@oracle.com>
	<53149826.7030106@oracle.com>
Message-ID: <20140303191118.GF2045@redhat.com>

Hi,

* Daniel D. Daugherty <daniel.daugherty at oracle.com> [2014-03-03 09:57]:
> On 3/1/14 4:08 PM, Mike Duigou wrote:
> >  If we can put debuginfo into external files why would we ever want unstripped binaries?
> 
> We deliver minimal stripped binaries so that can have stack traces
> with some amount of information in them when the debuginfo files
> are not available. We have not yet figured out how to implement
> minimal stripping on Windows so Windows hs_err_pid files have no
> symbols in them when the debuginfo bundles are not present.

Am I reading it right that when tools (like RPM) strip the debug
information from these binaries, hotspot will break completely when it
tries to generate a stack trace on crash?

Thanks,
Omair

-- 
PGP Key: 66484681 (http://pgp.mit.edu/)
Fingerprint = F072 555B 0A17 3957 4E95  0056 F286 F14F 6648 4681

From daniel.daugherty at oracle.com  Mon Mar  3 11:20:38 2014
From: daniel.daugherty at oracle.com (Daniel D. Daugherty)
Date: Mon, 03 Mar 2014 12:20:38 -0700
Subject: JDK-8036003: Add variable not to separate debug information.
In-Reply-To: <20140303191118.GF2045@redhat.com>
References: <20140228091835.58EB8C21F24@msgw007-05.ocn.ad.jp>
	<53106F4A.8030905@oracle.com> <53109772.9070808@oracle.com>
	<5310AD70.2070908@ysfactory.dip.jp> <53112019.9050504@oracle.com>
	<5311E98A.1020004@ysfactory.dip.jp>
	<F5BA0EF7-4D11-4C14-8294-5154300D5DE5@oracle.com>
	<53149826.7030106@oracle.com> <20140303191118.GF2045@redhat.com>
Message-ID: <5314D606.70804@oracle.com>

On 3/3/14 12:11 PM, Omair Majid wrote:
> Hi,
>
> * Daniel D. Daugherty <daniel.daugherty at oracle.com> [2014-03-03 09:57]:
>> On 3/1/14 4:08 PM, Mike Duigou wrote:
>>>   If we can put debuginfo into external files why would we ever want unstripped binaries?
>> We deliver minimal stripped binaries so that can have stack traces
>> with some amount of information in them when the debuginfo files
>> are not available. We have not yet figured out how to implement
>> minimal stripping on Windows so Windows hs_err_pid files have no
>> symbols in them when the debuginfo bundles are not present.
> Am I reading it right that when tools (like RPM) strip the debug
> information from these binaries, hotspot will break completely when it
> tries to generate a stack trace on crash?

Not quite. If you follow this process:

- use gobjcopy to copy debug info from libjvm.so -> libjvm.debuginfo
- use gobjcopy to tell libjvm.so that debug info is found in 
libjvm.debuginfo
- strip libjvm.so (I don't remember the strip everything option)

then you can still get symbols in your crashes as long as you have
BOTH libjvm.so and libjvm.debuginfo. However, if you are in a
situation where you don't have libjvm.debuginfo, then you do not
get symbols in your crashes.

When I did the Full Debug Symbols (FDS) project, I copied complete
debug info from libjvm.so -> libjvm.debuginfo and left minimal
debug info in libjvm.so so that you could still get symbols on
crashes on Linux and Solaris when the libjvm.debuginfo files
were not present.

Dan


>
> Thanks,
> Omair
>


From omajid at redhat.com  Mon Mar  3 13:49:24 2014
From: omajid at redhat.com (Omair Majid)
Date: Mon, 3 Mar 2014 16:49:24 -0500
Subject: JDK-8036003: Add variable not to separate debug information.
In-Reply-To: <53112019.9050504@oracle.com>
References: <20140228091835.58EB8C21F24@msgw007-05.ocn.ad.jp>
	<53106F4A.8030905@oracle.com> <53109772.9070808@oracle.com>
	<5310AD70.2070908@ysfactory.dip.jp> <53112019.9050504@oracle.com>
Message-ID: <20140303214923.GA26825@redhat.com>

* David Holmes <david.holmes at oracle.com> [2014-02-28 18:48]:
> There are three pieces to all of this:
> 
> 1. Generating debug symbols in the binaries (via gcc -g or whatever)
> 2. Generating debuginfo files (zipped or not) (FDS)
> 3. Stripping debug symbols from the binaries (strip-policy)
> 
> It may be that we don't have clean separation between them, and if so
> that should be fixed, but I don't see the current proposal as the way
> forward.

Any chance we could clean up the names too? It's not obvious to me why
FDS means 'generating debuginfo files'.

What do folks think of modifying the OPENJDK build to use this as the
settings for the options above by default.

1. Yes
2. No
3. No

> Also there may well be differences between how things are handled on the
> JDK side and hotspot side.

Is there any chance of this becoming consistent between hotspot and JDK?
It would be much nicer if concepts like strip-policy were consistent
between hotspot and the rest of the JDK.

Thanks,
Omair

-- 
PGP Key: 66484681 (http://pgp.mit.edu/)
Fingerprint = F072 555B 0A17 3957 4E95  0056 F286 F14F 6648 4681

From aazores at redhat.com  Mon Mar  3 14:04:44 2014
From: aazores at redhat.com (Andrew Azores)
Date: Mon, 03 Mar 2014 17:04:44 -0500
Subject: [rfc][icedtea-web] AppTrustWarningPanel applet title, controls
Message-ID: <5314FC7C.3070607@redhat.com>

Hi,

This patch adds a label to AppTrustWarningPanel displaying 
applet/application titles, makes it so that the action performed by the 
Help button can be overridden easily, and finally makes it so that 
subclasses can easily add (or remove or reorder) the buttons in the 
button panel. This is particularly useful for the next related patch 
coming after this, which will be the new PartiallySigned Dialog, with 
Sandbox button.

ChangeLog:
* netx/net/sourceforge/jnlp/resources/Messages.properties: 
(SAppletTitle) new
message
* netx/net/sourceforge/jnlp/security/AppTrustWarningPanel.java: 
(buttons) new
list of UI buttons. (getAllowButton, getRejectButton, addComponents) 
made final.
(createButtonPanel) uses list of buttons rather than hardcoded. (helpButton)
action made configurable.

Thanks,

-- 
Andrew A

-------------- next part --------------
A non-text attachment was scrubbed...
Name: partially-signed-abstraction-touchup.patch
Type: text/x-patch
Size: 6893 bytes
Desc: not available
Url : http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140303/8dcb0bd4/partially-signed-abstraction-touchup.patch 

From daniel.daugherty at oracle.com  Mon Mar  3 19:02:34 2014
From: daniel.daugherty at oracle.com (Daniel D. Daugherty)
Date: Mon, 03 Mar 2014 20:02:34 -0700
Subject: JDK-8036003: Add variable not to separate debug information.
In-Reply-To: <20140303214923.GA26825@redhat.com>
References: <20140228091835.58EB8C21F24@msgw007-05.ocn.ad.jp>
	<53106F4A.8030905@oracle.com> <53109772.9070808@oracle.com>
	<5310AD70.2070908@ysfactory.dip.jp> <53112019.9050504@oracle.com>
	<20140303214923.GA26825@redhat.com>
Message-ID: <5315424A.4080201@oracle.com>

On 3/3/14 2:49 PM, Omair Majid wrote:
> * David Holmes <david.holmes at oracle.com> [2014-02-28 18:48]:
>> There are three pieces to all of this:
>>
>> 1. Generating debug symbols in the binaries (via gcc -g or whatever)
>> 2. Generating debuginfo files (zipped or not) (FDS)
>> 3. Stripping debug symbols from the binaries (strip-policy)
>>
>> It may be that we don't have clean separation between them, and if so
>> that should be fixed, but I don't see the current proposal as the way
>> forward.
> Any chance we could clean up the names too? It's not obvious to me why
> FDS means 'generating debuginfo files'.

FDS stands for Full Debug Symbols and is defined that way in
quite a few Makefiles... We just call it FDS for short...


> What do folks think of modifying the OPENJDK build to use this as the
> settings for the options above by default.
>
> 1. Yes
> 2. No
> 3. No

Whatever we do here has be architecturallyconsistent across the
various OpenJDK platforms. The above settings would not work well
on non-Linux platforms so I'm not in favor of doing that.

However, I don't have a problem with providing support for config'ing
a build to work with the downstream Linux repos...


>> Also there may well be differences between how things are handled on the
>> JDK side and hotspot side.
> Is there any chance of this becoming consistent between hotspot and JDK?
> It would be much nicer if concepts like strip-policy were consistent
> between hotspot and the rest of the JDK.

When I did the Full Debug Symbols (FDS) project, I made it architecturally
consistent  between the HotSpot and JDK sides. Since the new build system
has arrived, something of the consistency has been broken and I haven't
been back on the JDK side to see what happened...

Dan


>
> Thanks,
> Omair
>


From ptisnovs at icedtea.classpath.org  Tue Mar  4 02:03:47 2014
From: ptisnovs at icedtea.classpath.org (ptisnovs at icedtea.classpath.org)
Date: Tue, 04 Mar 2014 10:03:47 +0000
Subject: /hg/gfx-test: Eight new tests added into BitBltAffineQuadrantRot...
Message-ID: <hg.219ddc3bf108.1393927427.-6248649288953172555@icedtea.classpath.org>

changeset 219ddc3bf108 in /hg/gfx-test
details: http://icedtea.classpath.org/hg/gfx-test?cmd=changeset;node=219ddc3bf108
author: Pavel Tisnovsky <ptisnovs at redhat.com>
date: Tue Mar 04 11:04:28 2014 +0100

	Eight new tests added into BitBltAffineQuadrantRotateTransformOp.


diffstat:

 ChangeLog                                                             |    5 +
 src/org/gfxtest/testsuites/BitBltAffineQuadrantRotateTransformOp.java |  112 ++++++++++
 2 files changed, 117 insertions(+), 0 deletions(-)

diffs (134 lines):

diff -r e839356ee2da -r 219ddc3bf108 ChangeLog
--- a/ChangeLog	Mon Mar 03 13:17:49 2014 +0100
+++ b/ChangeLog	Tue Mar 04 11:04:28 2014 +0100
@@ -1,3 +1,8 @@
+2014-03-04  Pavel Tisnovsky  <ptisnovs at redhat.com>
+
+	* src/org/gfxtest/testsuites/BitBltAffineQuadrantRotateTransformOp.java:
+	Eight new tests added into BitBltAffineQuadrantRotateTransformOp.
+
 2014-03-03  Pavel Tisnovsky  <ptisnovs at redhat.com>
 
 	* src/org/gfxtest/testsuites/BitBltAffineIdentityTransformOp.java:
diff -r e839356ee2da -r 219ddc3bf108 src/org/gfxtest/testsuites/BitBltAffineQuadrantRotateTransformOp.java
--- a/src/org/gfxtest/testsuites/BitBltAffineQuadrantRotateTransformOp.java	Mon Mar 03 13:17:49 2014 +0100
+++ b/src/org/gfxtest/testsuites/BitBltAffineQuadrantRotateTransformOp.java	Tue Mar 04 11:04:28 2014 +0100
@@ -669,6 +669,118 @@
     }
 
     /**
+     * Test basic BitBlt operation for empty buffered image with type TYPE_CUSTOM.
+     *
+     * @param image
+     *            image used as a destination for BitBlt-type operations
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testBitBltEmptyBufferedImageTypeCustomRotateTransformation4Nearest1Op(TestImage image, Graphics2D graphics2d)
+    {
+        return doBitBltEmptyBufferedImageTypeCustom(image, graphics2d, RotateTransformationNearest1Op[4]);
+    }
+
+    /**
+      Test basic BitBlt operation for empty buffered image with type TYPE_CUSTOM.
+     *
+     * @param image
+     *            image used as a destination for BitBlt-type operations
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testBitBltEmptyBufferedImageTypeCustomRotateTransformation5Nearest1Op(TestImage image, Graphics2D graphics2d)
+    {
+        return doBitBltEmptyBufferedImageTypeCustom(image, graphics2d, RotateTransformationNearest1Op[5]);
+    }
+
+    /**
+     * Test basic BitBlt operation for empty buffered image with type TYPE_INT_ARGB.
+     *
+     * @param image
+     *            image used as a destination for BitBlt-type operations
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testBitBltEmptyBufferedImageTypeIntARGBRotateTransformation0Nearest1Op(TestImage image, Graphics2D graphics2d)
+    {
+        return doBitBltEmptyBufferedImageTypeIntARGB(image, graphics2d, RotateTransformationNearest1Op[0]);
+    }
+
+    /**
+     * Test basic BitBlt operation for empty buffered image with type TYPE_INT_ARGB.
+     *
+     * @param image
+     *            image used as a destination for BitBlt-type operations
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testBitBltEmptyBufferedImageTypeIntARGBRotateTransformation1Nearest1Op(TestImage image, Graphics2D graphics2d)
+    {
+        return doBitBltEmptyBufferedImageTypeIntARGB(image, graphics2d, RotateTransformationNearest1Op[1]);
+    }
+
+    /**
+     * Test basic BitBlt operation for empty buffered image with type TYPE_INT_ARGB.
+     *
+     * @param image
+     *            image used as a destination for BitBlt-type operations
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testBitBltEmptyBufferedImageTypeIntARGBRotateTransformation2Nearest1Op(TestImage image, Graphics2D graphics2d)
+    {
+        return doBitBltEmptyBufferedImageTypeIntARGB(image, graphics2d, RotateTransformationNearest1Op[2]);
+    }
+
+    /**
+     * Test basic BitBlt operation for empty buffered image with type TYPE_INT_ARGB.
+     *
+     * @param image
+     *            image used as a destination for BitBlt-type operations
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testBitBltEmptyBufferedImageTypeIntARGBRotateTransformation3Nearest1Op(TestImage image, Graphics2D graphics2d)
+    {
+        return doBitBltEmptyBufferedImageTypeIntARGB(image, graphics2d, RotateTransformationNearest1Op[3]);
+    }
+
+    /**
+     * Test basic BitBlt operation for empty buffered image with type TYPE_INT_ARGB.
+     *
+     * @param image
+     *            image used as a destination for BitBlt-type operations
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testBitBltEmptyBufferedImageTypeIntARGBRotateTransformation4Nearest1Op(TestImage image, Graphics2D graphics2d)
+    {
+        return doBitBltEmptyBufferedImageTypeIntARGB(image, graphics2d, RotateTransformationNearest1Op[4]);
+    }
+
+    /**
+      Test basic BitBlt operation for empty buffered image with type TYPE_INT_ARGB.
+     *
+     * @param image
+     *            image used as a destination for BitBlt-type operations
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testBitBltEmptyBufferedImageTypeIntARGBRotateTransformation5Nearest1Op(TestImage image, Graphics2D graphics2d)
+    {
+        return doBitBltEmptyBufferedImageTypeIntARGB(image, graphics2d, RotateTransformationNearest1Op[5]);
+    }
+
+    /**
      * Test basic BitBlt operation for checker buffered image with type TYPE_3BYTE_BGR.
      *
      * @param image

From ptisnovs at icedtea.classpath.org  Tue Mar  4 02:41:21 2014
From: ptisnovs at icedtea.classpath.org (ptisnovs at icedtea.classpath.org)
Date: Tue, 04 Mar 2014 10:41:21 +0000
Subject: /hg/rhino-tests: Added new test testGetResourceAsStreamPositiveT...
Message-ID: <hg.c7bc5728b4a1.1393929681.-6019694633368342460@icedtea.classpath.org>

changeset c7bc5728b4a1 in /hg/rhino-tests
details: http://icedtea.classpath.org/hg/rhino-tests?cmd=changeset;node=c7bc5728b4a1
author: Pavel Tisnovsky <ptisnovs at redhat.com>
date: Tue Mar 04 11:42:00 2014 +0100

	Added new test testGetResourceAsStreamPositiveTest into ScriptEngineFactoryClassTest.


diffstat:

 ChangeLog                                            |   6 ++
 src/org/RhinoTests/ScriptEngineFactoryClassTest.java |  60 ++++++++++++++++++++
 2 files changed, 66 insertions(+), 0 deletions(-)

diffs (83 lines):

diff -r 9a2ccd2993cb -r c7bc5728b4a1 ChangeLog
--- a/ChangeLog	Mon Mar 03 13:21:10 2014 +0100
+++ b/ChangeLog	Tue Mar 04 11:42:00 2014 +0100
@@ -1,3 +1,9 @@
+2014-03-04  Pavel Tisnovsky  <ptisnovs at redhat.com>
+
+	* src/org/RhinoTests/ScriptEngineFactoryClassTest.java:
+	Added new test testGetResourceAsStreamPositiveTest into
+	ScriptEngineFactoryClassTest.
+
 2014-03-03  Pavel Tisnovsky  <ptisnovs at redhat.com>
 
 	* src/org/RhinoTests/CompiledScriptClassTest.java:
diff -r 9a2ccd2993cb -r c7bc5728b4a1 src/org/RhinoTests/ScriptEngineFactoryClassTest.java
--- a/src/org/RhinoTests/ScriptEngineFactoryClassTest.java	Mon Mar 03 13:21:10 2014 +0100
+++ b/src/org/RhinoTests/ScriptEngineFactoryClassTest.java	Tue Mar 04 11:42:00 2014 +0100
@@ -1787,6 +1787,66 @@
     }
 
     /**
+     * Test for method javax.script.ScriptEngineFactory.getClass().getResourceAsStreamNegativeTest()
+     */
+    protected void testGetResourceAsStreamNegativeTest() {
+        Object stream = null;
+        stream = this.scriptEngineFactoryClass.getResourceAsStream("/org/RhinoTests/AbstractScriptEngineClassTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/AbstractScriptEngineClassTest.class\") returns null");
+        stream = this.scriptEngineFactoryClass.getResourceAsStream("/org/RhinoTests/BaseRhinoTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/BaseRhinoTest.class\") returns null");
+        stream = this.scriptEngineFactoryClass.getResourceAsStream("/org/RhinoTests/BindingsClassTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/BindingsClassTest.class\") returns null");
+        stream = this.scriptEngineFactoryClass.getResourceAsStream("/org/RhinoTests/BindingsTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/BindingsTest.class\") returns null");
+        stream = this.scriptEngineFactoryClass.getResourceAsStream("/org/RhinoTests/CompilableClassTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/CompilableClassTest.class\") returns null");
+        stream = this.scriptEngineFactoryClass.getResourceAsStream("/org/RhinoTests/CompilableTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/CompilableTest.class\") returns null");
+        stream = this.scriptEngineFactoryClass.getResourceAsStream("/org/RhinoTests/CompiledScriptClassTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/CompiledScriptClassTest.class\") returns null");
+        stream = this.scriptEngineFactoryClass.getResourceAsStream("/org/RhinoTests/CompiledScriptTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/CompiledScriptTest.class\") returns null");
+        stream = this.scriptEngineFactoryClass.getResourceAsStream("/org/RhinoTests/Constants.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/Constants.class\") returns null");
+        stream = this.scriptEngineFactoryClass.getResourceAsStream("/org/RhinoTests/InvocableClassTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/InvocableClassTest.class\") returns null");
+        stream = this.scriptEngineFactoryClass.getResourceAsStream("/org/RhinoTests/InvocableTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/InvocableTest.class\") returns null");
+        stream = this.scriptEngineFactoryClass.getResourceAsStream("/org/RhinoTests/JavaScriptSnippets.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/JavaScriptSnippets.class\") returns null");
+        stream = this.scriptEngineFactoryClass.getResourceAsStream("/org/RhinoTests/JavaScriptsTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/JavaScriptsTest.class\") returns null");
+        stream = this.scriptEngineFactoryClass.getResourceAsStream("/org/RhinoTests/ScriptContextClassTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/ScriptContextClassTest.class\") returns null");
+        stream = this.scriptEngineFactoryClass.getResourceAsStream("/org/RhinoTests/ScriptContextTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/ScriptContextTest.class\") returns null");
+        stream = this.scriptEngineFactoryClass.getResourceAsStream("/org/RhinoTests/ScriptEngineClassTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/ScriptEngineClassTest.class\") returns null");
+        stream = this.scriptEngineFactoryClass.getResourceAsStream("/org/RhinoTests/ScriptEngineFactoryClassTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/ScriptEngineFactoryClassTest.class\") returns null");
+        stream = this.scriptEngineFactoryClass.getResourceAsStream("/org/RhinoTests/ScriptEngineFactoryTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/ScriptEngineFactoryTest.class\") returns null");
+        stream = this.scriptEngineFactoryClass.getResourceAsStream("/org/RhinoTests/ScriptEngineManagerClassTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/ScriptEngineManagerClassTest.class\") returns null");
+        stream = this.scriptEngineFactoryClass.getResourceAsStream("/org/RhinoTests/ScriptEngineManagerTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/ScriptEngineManagerTest.class\") returns null");
+        stream = this.scriptEngineFactoryClass.getResourceAsStream("/org/RhinoTests/ScriptEngineTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/ScriptEngineTest.class\") returns null");
+        stream = this.scriptEngineFactoryClass.getResourceAsStream("/org/RhinoTests/ScriptExceptionClassTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/ScriptExceptionClassTest.class\") returns null");
+        stream = this.scriptEngineFactoryClass.getResourceAsStream("/org/RhinoTests/ScriptExceptionTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/ScriptExceptionTest.class\") returns null");
+        stream = this.scriptEngineFactoryClass.getResourceAsStream("/org/RhinoTests/SimpleBindingsClassTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/SimpleBindingsClassTest.class\") returns null");
+        stream = this.scriptEngineFactoryClass.getResourceAsStream("/org/RhinoTests/SimpleBindingsTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/SimpleBindingsTest.class\") returns null");
+        stream = this.scriptEngineFactoryClass.getResourceAsStream("/org/RhinoTests/SimpleScriptContextClassTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/SimpleScriptContextClassTest.class\") returns null");
+        stream = this.scriptEngineFactoryClass.getResourceAsStream("/org/RhinoTests/SimpleScriptContextTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/SimpleScriptContextTest.class\") returns null");
+    }
+    /**
      * Test for instanceof operator applied to a class javax.script.ScriptEngineFactory
      */
     @SuppressWarnings("cast")

From jvanek at redhat.com  Tue Mar  4 04:15:17 2014
From: jvanek at redhat.com (Jiri Vanek)
Date: Tue, 04 Mar 2014 13:15:17 +0100
Subject: [icedtea-web] RFC: PR857: Don't set look and feel multiple times
In-Reply-To: <20140303174255.GD2045@redhat.com>
References: <20140228230710.GA18442@redhat.com> <53143491.7020802@redhat.com>
	<20140303174255.GD2045@redhat.com>
Message-ID: <5315C3D5.4050102@redhat.com>

On 03/03/2014 06:42 PM, Omair Majid wrote:
> * Jiri Vanek <jvanek at redhat.com> [2014-03-03 02:51]:
>> On 03/01/2014 12:07 AM, Omair Majid wrote:
>>> Hi,
>>>
>>> The attached patch is a fix for PR857. The idea is quite simple: make
>>> sure UIManager.setLookAndFeel() is called at most once (and ideally
>>> exactly once) before any UI is shown.
>>>
>>> There are a few code paths that can cause UIManager.setLookAndFell to be
>>> invoked multiple times:
>>>
>>> - AboutDialog (only on entry from a class other than Boot)
>>> - SecurityDialog
>>> - PolicyEditor (only on entry from ControlPanel)
>>>
>>> CertificateViewer calls JNLPRuntime.initialize() which already calls
>>> UIManager.setLookAndFeel. So I have removed the direct call from
>>> CertificateViewer.
>>>
>>> Also, JNLPRuntime.initialize currently calls setLookAndFeel after
>>> displaying a JavaConsole. This is alos fixed.
>>>
>>> Thoughts?
>>>
>>
>> ouch, that an old one!
>>
>>
>> However - the original one - http://icedtea.classpath.org/bugzilla/attachment.cgi?id=640&action=diff
>> - (the confirmed one)  is quite different, why so?
>
> For a couple of reasons:
> - The reporter only tested one code path (the main plugin/javaws code
>    path)
> - I went through more code this time and noticed more subtle issues,
>    including cases where setting the look and feel is completely
>    redundant.
>
>> Also   " Don't set look and feel multiple times" do not sound proper
>> to me, it is still set two times.
>
> I don't follow. It is set exactly once in (a shared code path) in the
> case of plugins/javaws: in JNLPRuntime.initialize().
>
>> Can't there be only one place to do so?
>
> No, unless you want to have exactly one entry point for icedtea-web that then selects what to run:
> - javaws
> - plugin
> - about dialog
> - controlpanel
> - certificate viewer
> - policy editor
>
>> I would rather log the exception.
>>
>> I would ratehr log this exception in debug only (default) =?
>> -            OutputController.getLogger().log(OutputController.Level.ERROR_ALL, e);
>> +            OutputController.getLogger().log(e);
>
> Fixed.


hmm. Then it is probably ok. If your conscience is clear, feel free to push.

But I still can see:
diff --git a/netx/net/sourceforge/jnlp/runtime/Boot.java b/netx/net/sourceforge/jnlp/runtime/Boot.java
--- a/netx/net/sourceforge/jnlp/runtime/Boot.java
+++ b/netx/net/sourceforge/jnlp/runtime/Boot.java
@@ -28,6 +28,8 @@
  import java.util.List;
  import java.util.Map;

+import javax.swing.UIManager;
+
  import net.sourceforge.jnlp.LaunchException;
  import net.sourceforge.jnlp.Launcher;
  import net.sourceforge.jnlp.ParserSettings;
@@ -161,6 +163,11 @@
              if (null != getOption("-headless")) {
                  JNLPRuntime.exit(0);
              } else {
+                try {
+                    UIManager.setLookAndFeel(UIManager.getSystemLookAndFeelClassName());
+                } catch (Exception e) {
+                    OutputController.getLogger().log("Unable to set system look and feel");
+                }
                  OutputController.getLogger().printOutLn(R("BLaunchAbout"));
                  AboutDialog.display();
                  return;
diff --git a/netx/net/sourceforge/jnlp/runtime/JNLPRuntime.java 
b/netx/net/sourceforge/jnlp/runtime/JNLPRuntime.java
--- a/netx/net/sourceforge/jnlp/runtime/JNLPRuntime.java
+++ b/netx/net/sourceforge/jnlp/runtime/JNLPRuntime.java
@@ -195,6 +195,12 @@
      public static void initialize(boolean isApplication) throws IllegalStateException {
          checkInitialized();

+        try {
+            UIManager.setLookAndFeel(UIManager.getSystemLookAndFeelClassName());
+        } catch (Exception e) {
+            OutputController.getLogger().log("Unable to set system look and feel");
+        }
+
          if (JavaConsole.canShowOnStartup(isApplication)) {
              JavaConsole.getConsole().showConsoleLater();
          }


It looks like duplication. Well it nitpicking to wont it unify somehow....Feel free to act as you 
wish. It probably just my personal issue that it looks nasty to me :)
However - It really can not be set before for both in common??


Sorry for nitpicking.

J.


From jvanek at redhat.com  Tue Mar  4 04:56:13 2014
From: jvanek at redhat.com (Jiri Vanek)
Date: Tue, 04 Mar 2014 13:56:13 +0100
Subject: [rfc][icedtea-web] Move all security dialogues' panels
	implementation into separate subpackage.
In-Reply-To: <530DF32C.4040005@redhat.com>
References: <530DF32C.4040005@redhat.com>
Message-ID: <5315CD6D.7060600@redhat.com>

On 02/26/2014 02:59 PM, Jiri Vanek wrote:
> Move all security dialogues' panels implementation into separate subpackage.
>
> The dialogues are really multiplying, and the package of net/sourceforge/jnlp/security/ is overrun.
> This refactoring is moving all implementations of security dialogues' panels into
> net/sourceforge/jnlp/security/dialogues/
>
> The only real change of code is
>
>
> -    protected void setValue(Object value) {
> +    public void setValue(Object value) {
>           OutputController.getLogger().log("Setting value:" + value);
>           this.value = value;
>       }
>
> in netx/net/sourceforge/jnlp/security/SecurityDialog.java
>
> Which seems tome better then move netx/net/sourceforge/jnlp/security/SecurityDialog.java to
> netx/net/sourceforge/jnlp/security/dialogues/SecurityDialog.java
>
> If somebody cares, this patch is applicable also to 1.4 but backports to Panes are not common. Is
> anybody for/against the refactoring of 1.4 too?
>
> Best regards from CZ
>    J.

ping?

The dialogues multiply....
Now I'm even in mode to move all AppTrustWarningPanel derived panels to separate subpackage too...

J.

From jvanek at redhat.com  Tue Mar  4 05:02:59 2014
From: jvanek at redhat.com (Jiri Vanek)
Date: Tue, 04 Mar 2014 14:02:59 +0100
Subject: [rfc][icedtea-web] minor tests improvements - starTest and removed
	unused imports
Message-ID: <5315CF03.5000003@redhat.com>

AIS

Although startests for base classes were presented, the test for matcher and plain star was missing. 
When the ALACA will be in, also this test will be enlarged for * and path.

J.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: starTests.diff
Type: text/x-patch
Size: 2159 bytes
Desc: not available
Url : http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140304/04a93398/starTests.diff 

From jvanek at redhat.com  Tue Mar  4 06:56:15 2014
From: jvanek at redhat.com (Jiri Vanek)
Date: Tue, 04 Mar 2014 15:56:15 +0100
Subject: [rfc][icedtea-web] fixed  AppTrustWarningPanel "hidding buttons"
Message-ID: <5315E98F.1020108@redhat.com>

Hi!

The AppTrustWarningPanel have bad behavior when is getting smaller.  The buttons hide under panel, 
which is adapted to page url width. This can be sometimes long.  So buttons disappear always.

On screenshois both bad (lower) and new version (upper).

J.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: fixedDialogue.patch
Type: text/x-patch
Size: 3338 bytes
Desc: not available
Url : http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140304/7849a832/fixedDialogue-0001.patch 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Screenshot.png
Type: image/png
Size: 95778 bytes
Desc: not available
Url : http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140304/7849a832/Screenshot-0001.png 

From omajid at icedtea.classpath.org  Tue Mar  4 07:35:45 2014
From: omajid at icedtea.classpath.org (omajid at icedtea.classpath.org)
Date: Tue, 04 Mar 2014 15:35:45 +0000
Subject: /hg/icedtea-web: PR857: Don't set look and feel multiple times
Message-ID: <hg.07d7757eda0c.1393947345.8643924302249223276@icedtea.classpath.org>

changeset 07d7757eda0c in /hg/icedtea-web
details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=07d7757eda0c
author: Omair Majid <omajid at redhat.com>
date: Tue Mar 04 10:35:17 2014 -0500

	PR857: Don't set look and feel multiple times

	2014-03-03  Omair Majid  <omajid at redhat.com>

	    PR857
	    * netx/net/sourceforge/jnlp/about/AboutDialog.java
	    (run): Do not set look and feel.
	    * netx/net/sourceforge/jnlp/runtime/Boot.java
	    (main) <about>: Set look and feel before displaying dialog.
	    * netx/net/sourceforge/jnlp/runtime/JNLPRuntime.java
	    (initialize): Set look and feel before any UI is created.
	    * netx/net/sourceforge/jnlp/security/SecurityDialog.java
	    (init): Do not set look and feel.
	    (setSystemLookAndFeel): Removed.
	    * netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java
	    (createInstance): Do not set look and feel.
	    * netx/net/sourceforge/jnlp/security/viewer/CertificateViewer.java
	    (showCertificateViewer): Do not set look and feel.
	    (setSystemLookAndFeel): Removed.


diffstat:

 ChangeLog                                                         |  18 ++++++++++
 netx/net/sourceforge/jnlp/about/AboutDialog.java                  |   5 --
 netx/net/sourceforge/jnlp/runtime/Boot.java                       |   7 +++
 netx/net/sourceforge/jnlp/runtime/JNLPRuntime.java                |  12 +++---
 netx/net/sourceforge/jnlp/security/SecurityDialog.java            |  13 -------
 netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java |   5 --
 netx/net/sourceforge/jnlp/security/viewer/CertificateViewer.java  |   9 -----
 7 files changed, 31 insertions(+), 38 deletions(-)

diffs (164 lines):

diff -r 3381129e3ae2 -r 07d7757eda0c ChangeLog
--- a/ChangeLog	Mon Mar 03 12:21:19 2014 -0500
+++ b/ChangeLog	Tue Mar 04 10:35:17 2014 -0500
@@ -1,3 +1,21 @@
+2014-03-03  Omair Majid  <omajid at redhat.com>
+
+	PR857
+	* netx/net/sourceforge/jnlp/about/AboutDialog.java
+	(run): Do not set look and feel.
+	* netx/net/sourceforge/jnlp/runtime/Boot.java
+	(main) <about>: Set look and feel before displaying dialog.
+	* netx/net/sourceforge/jnlp/runtime/JNLPRuntime.java
+	(initialize): Set look and feel before any UI is created.
+	* netx/net/sourceforge/jnlp/security/SecurityDialog.java
+	(init): Do not set look and feel.
+	(setSystemLookAndFeel): Removed.
+	* netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java
+	(createInstance): Do not set look and feel.
+	* netx/net/sourceforge/jnlp/security/viewer/CertificateViewer.java
+	(showCertificateViewer): Do not set look and feel.
+	(setSystemLookAndFeel): Removed.
+
 2014-03-03  Omair Majid  <omajid at redhat.com>
 
 	PR1676
diff -r 3381129e3ae2 -r 07d7757eda0c netx/net/sourceforge/jnlp/about/AboutDialog.java
--- a/netx/net/sourceforge/jnlp/about/AboutDialog.java	Mon Mar 03 12:21:19 2014 -0500
+++ b/netx/net/sourceforge/jnlp/about/AboutDialog.java	Tue Mar 04 10:35:17 2014 -0500
@@ -175,11 +175,6 @@
 
     @Override
     public void run() {
-        try {
-            UIManager.setLookAndFeel(UIManager.getSystemLookAndFeelClassName());
-        } catch (Exception e) {
-        }
-
         layoutWindow();
         ScreenFinder.centerWindowsToCurrentScreen(frame);
         frame.setVisible(true);
diff -r 3381129e3ae2 -r 07d7757eda0c netx/net/sourceforge/jnlp/runtime/Boot.java
--- a/netx/net/sourceforge/jnlp/runtime/Boot.java	Mon Mar 03 12:21:19 2014 -0500
+++ b/netx/net/sourceforge/jnlp/runtime/Boot.java	Tue Mar 04 10:35:17 2014 -0500
@@ -28,6 +28,8 @@
 import java.util.List;
 import java.util.Map;
 
+import javax.swing.UIManager;
+
 import net.sourceforge.jnlp.LaunchException;
 import net.sourceforge.jnlp.Launcher;
 import net.sourceforge.jnlp.ParserSettings;
@@ -161,6 +163,11 @@
             if (null != getOption("-headless")) {
                 JNLPRuntime.exit(0);
             } else {
+                try {
+                    UIManager.setLookAndFeel(UIManager.getSystemLookAndFeelClassName());
+                } catch (Exception e) {
+                    OutputController.getLogger().log("Unable to set system look and feel");
+                }
                 OutputController.getLogger().printOutLn(R("BLaunchAbout"));
                 AboutDialog.display();
                 return;
diff -r 3381129e3ae2 -r 07d7757eda0c netx/net/sourceforge/jnlp/runtime/JNLPRuntime.java
--- a/netx/net/sourceforge/jnlp/runtime/JNLPRuntime.java	Mon Mar 03 12:21:19 2014 -0500
+++ b/netx/net/sourceforge/jnlp/runtime/JNLPRuntime.java	Tue Mar 04 10:35:17 2014 -0500
@@ -195,6 +195,12 @@
     public static void initialize(boolean isApplication) throws IllegalStateException {
         checkInitialized();
 
+        try {
+            UIManager.setLookAndFeel(UIManager.getSystemLookAndFeelClassName());
+        } catch (Exception e) {
+            OutputController.getLogger().log("Unable to set system look and feel");
+        }
+
         if (JavaConsole.canShowOnStartup(isApplication)) {
             JavaConsole.getConsole().showConsoleLater();
         }
@@ -236,12 +242,6 @@
         policy = new JNLPPolicy();
         security = new JNLPSecurityManager(); // side effect: create JWindow
 
-        try {
-            UIManager.setLookAndFeel(UIManager.getSystemLookAndFeelClassName());
-        } catch (Exception e) {
-            OutputController.getLogger().log(OutputController.Level.ERROR_ALL, e);
-        }
-
         doMainAppContextHacks();
 
         if (securityEnabled) {
diff -r 3381129e3ae2 -r 07d7757eda0c netx/net/sourceforge/jnlp/security/SecurityDialog.java
--- a/netx/net/sourceforge/jnlp/security/SecurityDialog.java	Mon Mar 03 12:21:19 2014 -0500
+++ b/netx/net/sourceforge/jnlp/security/SecurityDialog.java	Tue Mar 04 10:35:17 2014 -0500
@@ -216,8 +216,6 @@
     }
 
     private void initDialog() {
-        setSystemLookAndFeel();
-
         String dialogTitle = "";
         if (dialogType == DialogType.CERT_WARNING) {
             if (accessType == AccessType.VERIFIED)
@@ -346,17 +344,6 @@
         super.dispose();
     }
 
-    /**
-     * Updates the look and feel of the window to be the system look and feel
-     */
-    protected void setSystemLookAndFeel() {
-        try {
-            UIManager.setLookAndFeel(UIManager.getSystemLookAndFeelClassName());
-        } catch (Exception e) {
-            //don't worry if we can't.
-        }
-    }
-
     private final List<ActionListener> listeners = new CopyOnWriteArrayList<ActionListener>();
 
     /**
diff -r 3381129e3ae2 -r 07d7757eda0c netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java
--- a/netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java	Mon Mar 03 12:21:19 2014 -0500
+++ b/netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java	Tue Mar 04 10:35:17 2014 -0500
@@ -917,11 +917,6 @@
     }
 
     public static PolicyEditor createInstance(final String filepath) {
-        try {
-            UIManager.setLookAndFeel(UIManager.getSystemLookAndFeelClassName());
-        } catch (final Exception e) {
-            // not really important, so just ignore
-        }
         return new PolicyEditor(filepath);
     }
 
diff -r 3381129e3ae2 -r 07d7757eda0c netx/net/sourceforge/jnlp/security/viewer/CertificateViewer.java
--- a/netx/net/sourceforge/jnlp/security/viewer/CertificateViewer.java	Mon Mar 03 12:21:19 2014 -0500
+++ b/netx/net/sourceforge/jnlp/security/viewer/CertificateViewer.java	Tue Mar 04 10:35:17 2014 -0500
@@ -100,7 +100,6 @@
 
     public static void showCertificateViewer() throws Exception {
         JNLPRuntime.initialize(true);
-        setSystemLookAndFeel();
 
         CertificateViewer cv = new CertificateViewer();
         cv.setResizable(true);
@@ -109,14 +108,6 @@
         cv.dispose();
     }
 
-    private static void setSystemLookAndFeel() {
-        try {
-            UIManager.setLookAndFeel(UIManager.getSystemLookAndFeelClassName());
-        } catch (Exception e) {
-            // don't worry if we can't.
-        }
-    }
-
     public static void main(String[] args) throws Exception {
         CertificateViewer.showCertificateViewer();
     }

From bugzilla-daemon at icedtea.classpath.org  Tue Mar  4 07:36:00 2014
From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org)
Date: Tue, 04 Mar 2014 15:36:00 +0000
Subject: [Bug 857] gtk look and feel setting causes javaws to hang if
	accessibility used
In-Reply-To: <bug-857-30@http.icedtea.classpath.org/bugzilla/>
References: <bug-857-30@http.icedtea.classpath.org/bugzilla/>
Message-ID: <bug-857-30-0MSGZgsDvQ@http.icedtea.classpath.org/bugzilla/>

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=857

--- Comment #11 from hg commits <mercurial at icedtea.classpath.org> ---
details:
http://icedtea.classpath.org//hg/icedtea-web?cmd=changeset;node=07d7757eda0c
author: Omair Majid <omajid at redhat.com>
date: Tue Mar 04 10:35:17 2014 -0500

    PR857: Don't set look and feel multiple times

    2014-03-03  Omair Majid  <omajid at redhat.com>

        PR857
        * netx/net/sourceforge/jnlp/about/AboutDialog.java
        (run): Do not set look and feel.
        * netx/net/sourceforge/jnlp/runtime/Boot.java
        (main) <about>: Set look and feel before displaying dialog.
        * netx/net/sourceforge/jnlp/runtime/JNLPRuntime.java
        (initialize): Set look and feel before any UI is created.
        * netx/net/sourceforge/jnlp/security/SecurityDialog.java
        (init): Do not set look and feel.
        (setSystemLookAndFeel): Removed.
        * netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java
        (createInstance): Do not set look and feel.
        * netx/net/sourceforge/jnlp/security/viewer/CertificateViewer.java
        (showCertificateViewer): Do not set look and feel.
        (setSystemLookAndFeel): Removed.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140304/df2e0dcd/attachment.html 

From bugzilla-daemon at icedtea.classpath.org  Tue Mar  4 08:01:00 2014
From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org)
Date: Tue, 04 Mar 2014 16:01:00 +0000
Subject: [Bug 1652] Fatal: Read Error: Could not read or parse the JNLP file.
In-Reply-To: <bug-1652-30@http.icedtea.classpath.org/bugzilla/>
References: <bug-1652-30@http.icedtea.classpath.org/bugzilla/>
Message-ID: <bug-1652-30-WrouTegP32@http.icedtea.classpath.org/bugzilla/>

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1652

Omair Majid <omajid at redhat.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |RESOLVED
         Resolution|---                         |WORKSFORME

--- Comment #3 from Omair Majid <omajid at redhat.com> ---
Since this works in HEAD already, closing as WORKSFORME.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140304/e415e079/attachment.html 

From bugzilla-daemon at icedtea.classpath.org  Tue Mar  4 08:05:07 2014
From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org)
Date: Tue, 04 Mar 2014 16:05:07 +0000
Subject: [Bug 1606] jnlp href value stripped of url parameters
In-Reply-To: <bug-1606-30@http.icedtea.classpath.org/bugzilla/>
References: <bug-1606-30@http.icedtea.classpath.org/bugzilla/>
Message-ID: <bug-1606-30-E8QsCYuxhl@http.icedtea.classpath.org/bugzilla/>

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1606

Omair Majid <omajid at redhat.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
           Assignee|omajid at redhat.com           |jvanek at redhat.com

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140304/39075d29/attachment.html 

From bugzilla-daemon at icedtea.classpath.org  Tue Mar  4 08:09:22 2014
From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org)
Date: Tue, 04 Mar 2014 16:09:22 +0000
Subject: [Bug 1614] javaws fails on special character in jnlp
In-Reply-To: <bug-1614-30@http.icedtea.classpath.org/bugzilla/>
References: <bug-1614-30@http.icedtea.classpath.org/bugzilla/>
Message-ID: <bug-1614-30-2qTlUAu8Pe@http.icedtea.classpath.org/bugzilla/>

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1614

--- Comment #3 from Omair Majid <omajid at redhat.com> ---
(In reply to Thomas Taylor from comment #0)
> Tried to play on ecribbage.com from Ubuntu and could not. Problem seems to
> be with special line-break codes in the jnlp file.

Yeah, & is used to start entities in XML. This file is malformed XML.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140304/2ac11f7a/attachment.html 

From aazores at icedtea.classpath.org  Tue Mar  4 08:11:03 2014
From: aazores at icedtea.classpath.org (aazores at icedtea.classpath.org)
Date: Tue, 04 Mar 2014 16:11:03 +0000
Subject: /hg/icedtea-web: AppTrustWarningPanel buttons made more flexible
Message-ID: <hg.d8407ab3635c.1393949463.8643924302249223276@icedtea.classpath.org>

changeset d8407ab3635c in /hg/icedtea-web
details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=d8407ab3635c
author: Andrew Azores <aazores at redhat.com>
date: Tue Mar 04 11:10:51 2014 -0500

	AppTrustWarningPanel buttons made more flexible

	* netx/net/sourceforge/jnlp/resources/Messages.properties:
	(SAppletTitle) new message
	* netx/net/sourceforge/jnlp/security/AppTrustWarningPanel.java:
	(buttons) new list of UI buttons. (getAllowButton, getRejectButton,
	addComponents) made final.
	(createButtonPanel) uses list of buttons rather than hardcoded.
	(helpButton) action made configurable.


diffstat:

 ChangeLog                                                    |  10 +
 netx/net/sourceforge/jnlp/resources/Messages.properties      |   1 +
 netx/net/sourceforge/jnlp/security/AppTrustWarningPanel.java |  82 +++++++----
 3 files changed, 60 insertions(+), 33 deletions(-)

diffs (181 lines):

diff -r 07d7757eda0c -r d8407ab3635c ChangeLog
--- a/ChangeLog	Tue Mar 04 10:35:17 2014 -0500
+++ b/ChangeLog	Tue Mar 04 11:10:51 2014 -0500
@@ -1,3 +1,13 @@
+2014-03-04  Andrew Azores  <aazores at redhat.com>
+
+	* netx/net/sourceforge/jnlp/resources/Messages.properties:
+	(SAppletTitle) new message
+	* netx/net/sourceforge/jnlp/security/AppTrustWarningPanel.java:
+	(buttons) new list of UI buttons. (getAllowButton, getRejectButton,
+	addComponents) made final.
+	(createButtonPanel) uses list of buttons rather than hardcoded.
+	(helpButton) action made configurable.
+
 2014-03-03  Omair Majid  <omajid at redhat.com>
 
 	PR857
diff -r 07d7757eda0c -r d8407ab3635c netx/net/sourceforge/jnlp/resources/Messages.properties
--- a/netx/net/sourceforge/jnlp/resources/Messages.properties	Tue Mar 04 10:35:17 2014 -0500
+++ b/netx/net/sourceforge/jnlp/resources/Messages.properties	Tue Mar 04 11:10:51 2014 -0500
@@ -264,6 +264,7 @@
 SNotAllSignedQuestion=Do you wish to proceed and run this application anyway?
 SAuthenticationPrompt=The {0} server at {1} is requesting authentication. It says "{2}"
 SJNLPFileIsNotSigned=This application contains a digital signature in which the launching JNLP file is not signed.
+SAppletTitle=Applet title: {0}
 
 # Security - used for the More Information dialog
 SBadKeyUsage=Resources contain entries whose signer certificate's KeyUsage extension doesn't allow code signing.
diff -r 07d7757eda0c -r d8407ab3635c netx/net/sourceforge/jnlp/security/AppTrustWarningPanel.java
--- a/netx/net/sourceforge/jnlp/security/AppTrustWarningPanel.java	Tue Mar 04 10:35:17 2014 -0500
+++ b/netx/net/sourceforge/jnlp/security/AppTrustWarningPanel.java	Tue Mar 04 11:10:51 2014 -0500
@@ -46,6 +46,8 @@
 import java.awt.GridLayout;
 import java.awt.event.ActionEvent;
 import java.awt.event.ActionListener;
+import java.util.ArrayList;
+import java.util.List;
 
 import javax.swing.BorderFactory;
 import javax.swing.BoxLayout;
@@ -60,7 +62,6 @@
 import javax.swing.SwingConstants;
 
 import net.sourceforge.jnlp.JNLPFile;
-import net.sourceforge.jnlp.PluginBridge;
 import net.sourceforge.jnlp.security.appletextendedsecurity.ExecuteAppletAction;
 import net.sourceforge.jnlp.security.appletextendedsecurity.ExtendedAppletSecurityHelp;
 import net.sourceforge.jnlp.util.ScreenFinder;
@@ -111,16 +112,17 @@
     protected int INFO_PANEL_HINT_HEIGHT = 25;
     protected int QUESTION_PANEL_HEIGHT = 35;
 
-    private JButton allowButton;
-    private JButton rejectButton;
-    private JButton helpButton;
-    private JCheckBox permanencyCheckBox;
-    private JRadioButton applyToAppletButton;
-    private JRadioButton applyToCodeBaseButton;
+    protected List<JButton> buttons;
+    protected JButton allowButton;
+    protected JButton rejectButton;
+    protected JButton helpButton;
+    protected JCheckBox permanencyCheckBox;
+    protected JRadioButton applyToAppletButton;
+    protected JRadioButton applyToCodeBaseButton;
 
     protected JNLPFile file;
 
-    private ActionChoiceListener actionChoiceListener;
+    protected ActionChoiceListener actionChoiceListener;
 
     /*
      * Subclasses should call addComponents() IMMEDIATELY after calling the super() constructor!
@@ -128,6 +130,20 @@
     public AppTrustWarningPanel(JNLPFile file, ActionChoiceListener actionChoiceListener) {
         this.file = file;
         this.actionChoiceListener = actionChoiceListener;
+        this.buttons = new ArrayList<JButton>();
+
+        allowButton = new JButton(R("ButProceed"));
+        rejectButton = new JButton(R("ButCancel"));
+        helpButton = new JButton(R("APPEXTSECguiPanelHelpButton"));
+
+        allowButton.addActionListener(chosenActionSetter(true));
+        rejectButton.addActionListener(chosenActionSetter(false));
+
+        helpButton.addActionListener(getHelpButtonAction());
+
+        buttons.add(allowButton);
+        buttons.add(rejectButton);
+        buttons.add(helpButton);
     }
 
     /*
@@ -151,15 +167,26 @@
      */
     protected abstract String getQuestionPanelText();
 
-    public JButton getAllowButton() {
+    public final JButton getAllowButton() {
         return allowButton;
     }
 
-    public JButton getRejectButton() {
+    public final JButton getRejectButton() {
         return rejectButton;
     }
 
-    protected static String htmlWrap(String text) {
+    protected ActionListener getHelpButtonAction() {
+        return new ActionListener() {
+
+            public void actionPerformed(ActionEvent e) {
+                JDialog d = new ExtendedAppletSecurityHelp(null, false, "dialogue");
+                ScreenFinder.centerWindowsToCurrentScreen(d);
+                d.setVisible(true);
+            }
+        };
+    }
+
+    protected static final String htmlWrap(String text) {
         return "<html>" + text + "</html>";
     }
 
@@ -180,11 +207,16 @@
     }
 
     private void setupInfoPanel() {
+        String titleText = R("SAppletTitle", file.getTitle());
+        JLabel titleLabel = new JLabel(titleText);
+        titleLabel.setFont(new Font(titleLabel.getFont().getName(), Font.BOLD, 18));
+
         String infoLabelText = getInfoPanelText();
-        int panelHeight = INFO_PANEL_HEIGHT + INFO_PANEL_HINT_HEIGHT;
+        JLabel infoLabel = new JLabel(infoLabelText);
 
-        JLabel infoLabel = new JLabel(infoLabelText);
+        int panelHeight = titleLabel.getHeight() + INFO_PANEL_HEIGHT + INFO_PANEL_HINT_HEIGHT;
         JPanel infoPanel = new JPanel(new BorderLayout());
+        infoPanel.add(titleLabel, BorderLayout.PAGE_START);
         infoPanel.add(infoLabel, BorderLayout.CENTER);
         infoPanel.setPreferredSize(new Dimension(PANE_WIDTH, panelHeight));
         infoPanel.setBorder(BorderFactory.createEmptyBorder(10, 10, 10, 10));
@@ -237,25 +269,9 @@
     private JPanel createButtonPanel() {
         JPanel buttonPanel = new JPanel(new FlowLayout(FlowLayout.RIGHT));
 
-        allowButton = new JButton(R("ButProceed"));
-        rejectButton = new JButton(R("ButCancel"));
-        helpButton = new JButton(R("APPEXTSECguiPanelHelpButton"));
-
-        allowButton.addActionListener(chosenActionSetter(true));
-        rejectButton.addActionListener(chosenActionSetter(false));
-
-        helpButton.addActionListener(new ActionListener() {
-
-            public void actionPerformed(ActionEvent e) {
-                JDialog d = new ExtendedAppletSecurityHelp(null, false, "dialogue");
-                ScreenFinder.centerWindowsToCurrentScreen(d);
-                d.setVisible(true);
-            }
-        });
-
-        buttonPanel.add(allowButton);
-        buttonPanel.add(rejectButton);
-        buttonPanel.add(helpButton);
+        for (final JButton button : buttons) {
+            buttonPanel.add(button);
+        }
 
         buttonPanel.setBorder(BorderFactory.createEmptyBorder(0, 10, 10, 10));
 
@@ -280,7 +296,7 @@
      * Creates the actual GUI components, and adds it to this panel. This should be called by all subclasses
      * IMMEDIATELY after calling the super() constructor!
      */
-    protected void addComponents() {
+    protected final void addComponents() {
         setLayout(new BoxLayout(this, BoxLayout.Y_AXIS));
 
         setupTopPanel();

From bugzilla-daemon at icedtea.classpath.org  Tue Mar  4 08:49:22 2014
From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org)
Date: Tue, 04 Mar 2014 16:49:22 +0000
Subject: [Bug 1689] Java crashes everytime I attempt to run a junit test
	within eclipse
In-Reply-To: <bug-1689-30@http.icedtea.classpath.org/bugzilla/>
References: <bug-1689-30@http.icedtea.classpath.org/bugzilla/>
Message-ID: <bug-1689-30-4W35Z7aeqc@http.icedtea.classpath.org/bugzilla/>

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1689

Andrew Haley <aph at redhat.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |aph at redhat.com

--- Comment #2 from Andrew Haley <aph at redhat.com> ---
It seems to me that you are using a jarfile that contains classes for system
objects (e.g. java.lang.String) that is not compatible with OpenJDK.

-Xbootclasspath:/home/marc/android-sdks/platforms/android-15/android.jar

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140304/e0ea1c81/attachment.html 

From bugzilla-daemon at icedtea.classpath.org  Tue Mar  4 09:26:56 2014
From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org)
Date: Tue, 04 Mar 2014 17:26:56 +0000
Subject: [Bug 1625] Dell iDRAC virtual console: icedtea does not find
	trusted.certs and trusted.jssecerts (fails to look into
	~/.icedtea/security)
In-Reply-To: <bug-1625-30@http.icedtea.classpath.org/bugzilla/>
References: <bug-1625-30@http.icedtea.classpath.org/bugzilla/>
Message-ID: <bug-1625-30-Tx5HVRtVZy@http.icedtea.classpath.org/bugzilla/>

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1625

Omair Majid <omajid at redhat.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
           Assignee|omajid at redhat.com           |jvanek at redhat.com

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140304/776c21cd/attachment.html 

From bugzilla-daemon at icedtea.classpath.org  Tue Mar  4 09:28:03 2014
From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org)
Date: Tue, 04 Mar 2014 17:28:03 +0000
Subject: [Bug 1583] XML Parse error?
In-Reply-To: <bug-1583-30@http.icedtea.classpath.org/bugzilla/>
References: <bug-1583-30@http.icedtea.classpath.org/bugzilla/>
Message-ID: <bug-1583-30-GztcYVYham@http.icedtea.classpath.org/bugzilla/>

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1583

Omair Majid <omajid at redhat.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
           Assignee|omajid at redhat.com           |jvanek at redhat.com

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140304/b894729f/attachment.html 

From aazores at redhat.com  Tue Mar  4 14:07:09 2014
From: aazores at redhat.com (Andrew Azores)
Date: Tue, 04 Mar 2014 17:07:09 -0500
Subject: [rfc][icedtea-web] New PartiallySigned Dialog
Message-ID: <53164E8D.90101@redhat.com>

Hi,

This patch introduces a new PartiallySigned dialog to replace the 
NotAllSigned prompt. This new dialog uses the same abstracted parent 
class that was pulled out of the Unsigned dialog, so it uses the same 
remembered action storage and has the same general look and feel. This 
dialog also has a Sandbox button, just like CertWarningPane recently 
gained for fully signed applets, which allows partially signed ones to 
also be run with only sandbox permissions. Some more security info is 
also present on the dialog, eg the applet's publisher and codebase. Not 
yet included is a new Help text for this dialog, but this can be written 
up separately IMO. Right now it will just display the same Help as the 
Unsigned dialog.

ChangeLog:
Added new PartiallySigned Dialog to replace NotAllSignedWarningPane.
Also includes a Sandbox button.
* netx/net/sourceforge/jnlp/resources/Messages.properties:
(APPEXTSecunsignedAppletActionSandbox, LPartiallySignedApplet,
LPartiallySignedAppletUserDenied) new messages
* netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java:
Logic added for displaying new PartiallySigned dialog.
(showNotAllSignedDialog) removed. (getSigningState) new method.
(promptUserOnPartialSigning, userPromptedForPartialSigning) new methods for
SecurityDelegate.
* netx/net/sourceforge/jnlp/security/AppTrustWarningDialog.java:
(partiallySigned) new method
* netx/net/sourceforge/jnlp/security/AppTrustWarningPanel.java:
(chosenActionSetter) refactored to allow Sandbox action. 
(setupInfoPanel) applet
title made overrideable by subclasses
* netx/net/sourceforge/jnlp/security/SecurityDialog.java: 
(NOTALLSIGNED_WARNING)
renamed PARTIALLYSIGNED_WARNING, display new dialog rather than old
* netx/net/sourceforge/jnlp/security/SecurityDialogs.java: 
(NOTALLSIGNED_WARNING)
renamed PARTIALLYSIGNED_WARNING. (showNotAllSignedWarningDialog) removed.
(showPartiallySignedWarningDialog) new method
* 
netx/net/sourceforge/jnlp/security/appletextendedsecurity/ExecuteAppletAction.java:
Added Sandbox action
* 
netx/net/sourceforge/jnlp/security/appletextendedsecurity/UnsignedAppletTrustConfirmation.java:
(checkPartiallySignedWithUserIfRequired) new method
* 
tests/reproducers/custom/SignedAppletCodebaseLoading/testcases/SignedAppletCodebaseLoadingTests.java:
test now passes since dialog will not appear if applet security is set 
to Low.
KnownToFail removed.
* 
tests/reproducers/custom/SignedAppletExternalMainClass/testcases/SignedAppletExternalMainClassTest.java:
same
* 
netx/net/sourceforge/jnlp/security/PartiallySignedAppTrustWarningPanel.java:
new class
* netx/net/sourceforge/jnlp/security/NotAllSignedWarningPane.java: deleted
in favour of PartiallySignedAppTrustWarningPanel

Thanks,

-- 
Andrew A

-------------- next part --------------
A non-text attachment was scrubbed...
Name: partially-signed-dialog.patch
Type: text/x-patch
Size: 36956 bytes
Desc: not available
Url : http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140304/c8201b95/partially-signed-dialog-0001.patch 

From aazores at redhat.com  Tue Mar  4 14:12:38 2014
From: aazores at redhat.com (Andrew Azores)
Date: Tue, 04 Mar 2014 17:12:38 -0500
Subject: [rfc][icedtea-web] fixed  AppTrustWarningPanel "hidding buttons"
In-Reply-To: <5315E98F.1020108@redhat.com>
References: <5315E98F.1020108@redhat.com>
Message-ID: <53164FD6.7060906@redhat.com>

On 03/04/2014 09:56 AM, Jiri Vanek wrote:
> Hi!
>
> The AppTrustWarningPanel have bad behavior when is getting smaller.  
> The buttons hide under panel, which is adapted to page url width. This 
> can be sometimes long.  So buttons disappear always.
>
> On screenshois both bad (lower) and new version (upper).
>
> J.

Is the last hunk of the patch (new main method) supposed to be there... 
? Otherwise, looks good to me.

Thanks,

-- 
Andrew A


From aazores at redhat.com  Tue Mar  4 14:14:13 2014
From: aazores at redhat.com (Andrew Azores)
Date: Tue, 04 Mar 2014 17:14:13 -0500
Subject: [rfc][icedtea-web] minor tests improvements - starTest and removed
	unused imports
In-Reply-To: <5315CF03.5000003@redhat.com>
References: <5315CF03.5000003@redhat.com>
Message-ID: <53165035.4010804@redhat.com>

On 03/04/2014 08:02 AM, Jiri Vanek wrote:
> AIS
>
> Although startests for base classes were presented, the test for 
> matcher and plain star was missing. When the ALACA will be in, also 
> this test will be enlarged for * and path.
>
> J.

Looks fine.

Thanks,

-- 
Andrew A


From aazores at redhat.com  Tue Mar  4 14:20:09 2014
From: aazores at redhat.com (Andrew Azores)
Date: Tue, 04 Mar 2014 17:20:09 -0500
Subject: [rfc][icedtea-web] Move all security dialogues' panels
	implementation into separate subpackage.
In-Reply-To: <530DF32C.4040005@redhat.com>
References: <530DF32C.4040005@redhat.com>
Message-ID: <53165199.30101@redhat.com>

On 02/26/2014 08:59 AM, Jiri Vanek wrote:
> Move all security dialogues' panels implementation into separate 
> subpackage.
>
> The dialogues are really multiplying, and the package of 
> net/sourceforge/jnlp/security/ is overrun.
> This refactoring is moving all implementations of security dialogues' 
> panels into net/sourceforge/jnlp/security/dialogues/

Yea, this is a good idea. Nit: it should be "dialogs", not "dialogues". 
Dialog is for windows that pop up prompting you for stuff, Dialogue 
means actual conversation between people ;)

>
> The only real change of code is
>
>
> -    protected void setValue(Object value) {
> +    public void setValue(Object value) {
>          OutputController.getLogger().log("Setting value:" + value);
>          this.value = value;
>      }
>
> in netx/net/sourceforge/jnlp/security/SecurityDialog.java
>
> Which seems tome better then move 
> netx/net/sourceforge/jnlp/security/SecurityDialog.java to 
> netx/net/sourceforge/jnlp/security/dialogues/SecurityDialog.java

Seems fine to me.

>
> If somebody cares, this patch is applicable also to 1.4 but backports 
> to Panes are not common. Is anybody for/against the refactoring of 1.4 
> too?
>
> Best regards from CZ
>   J.

I don't see much point to it, but if you or anyone else want to do it 
then go ahead I suppose.

I'll call this OK to push when the newest added classes are also taken 
into account, and preferably you change the new subpackage name as well. 
Unfortunately I just sent another new dialog out for review before 
getting to this, so that one isn't in the new subpackage either.

Thanks,

-- 
Andrew A


From aazores at redhat.com  Tue Mar  4 14:22:05 2014
From: aazores at redhat.com (Andrew Azores)
Date: Tue, 04 Mar 2014 17:22:05 -0500
Subject: [rfc][icedtea-web] following permissions attribute
In-Reply-To: <530CCFE4.2040008@redhat.com>
References: <530CCFE4.2040008@redhat.com>
Message-ID: <5316520D.9020705@redhat.com>

On 02/25/2014 12:16 PM, Jiri Vanek wrote:
> AIS
>
> http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#permissions 
>
>
> Please, any reviewer, read the specification. It appeared to be tricky 
> to transform its spoken language to algorithm... Well at least default 
> was specified without fog :(
>
> Thanx for any comments!
>   J.
>
> not sure how with unittests, but reproducers are on the way...

Are you just looking for additional help figuring out what the spec is 
trying to define? Or was a patch forgotten here?

Thanks,

-- 
Andrew A


From aazores at redhat.com  Tue Mar  4 14:22:58 2014
From: aazores at redhat.com (Andrew Azores)
Date: Tue, 04 Mar 2014 17:22:58 -0500
Subject: [rfc][icedtea-web] have  bash in shebang instead of sh or get
	rid of bashism
In-Reply-To: <530E0C94.6070606@redhat.com>
References: <530E0C94.6070606@redhat.com>
Message-ID: <53165242.9000308@redhat.com>

On 02/26/2014 10:47 AM, Jiri Vanek wrote:
> After short discussion with Omair, we agreed that this
>
>     http://icedtea.classpath.org/hg/release/icedtea-web-1.4/rev/8f13202ea201 
>
>
> IS probably better then get rid of bashism completely.
>
> So I would like to forward-port this patch to head.
>
> ok?

Fine by me.

Thanks,

-- 
Andrew A


From aazores at redhat.com  Tue Mar  4 14:26:37 2014
From: aazores at redhat.com (Andrew Azores)
Date: Tue, 04 Mar 2014 17:26:37 -0500
Subject: [rfc][icedtea-web] save  runn urls to property
In-Reply-To: <5304C60C.5070608@redhat.com>
References: <5304C60C.5070608@redhat.com>
Message-ID: <5316531D.7010304@redhat.com>

On 02/19/2014 09:56 AM, Jiri Vanek wrote:
> hi!
>
> As java abrt connector is sending quite good reports, the url, on 
> which I can reproduce the issue is missing. So always my first 
> question in bug is "may you please post url" ?
>
> Also java connector is printing out system properties. So it crossed 
> my mind to store the launched jnlps/htmls for this usage. I have quite 
> mixed feelings about it but do not have it makes java-abrt-connector a 
> bit useless (users donot care to much about auto generated bugs)
>  - see https://bugzilla.redhat.com/show_bug.cgi?id=1060390
>
> This needs also some more work on java-abrt-conenctor - see 
> https://github.com/jfilak/abrt-java-connector/issues/34
>
> J.

I like the intent behind the patch but I don't know if I really like 
using system properties for this :/ not that I have any better ideas off 
the top of my head. But this just does not seem to me like what the 
properties are meant to be used for. It seems like nobody else is 
chiming in with any better ideas, and you're right that the automatic 
bug reports are a little bit useless without something like this, so if 
you have no better implementations in mind then I suppose this will have 
to suffice.

Thanks,

-- 
Andrew A


From jvanek at redhat.com  Wed Mar  5 06:19:46 2014
From: jvanek at redhat.com (Jiri Vanek)
Date: Wed, 05 Mar 2014 15:19:46 +0100
Subject: [rfc][icedtea-web] save  runn urls to property
In-Reply-To: <5316531D.7010304@redhat.com>
References: <5304C60C.5070608@redhat.com> <5316531D.7010304@redhat.com>
Message-ID: <53173282.7020401@redhat.com>

On 03/04/2014 11:26 PM, Andrew Azores wrote:
> On 02/19/2014 09:56 AM, Jiri Vanek wrote:
>> hi!
>>
>> As java abrt connector is sending quite good reports, the url, on which I can reproduce the issue is missing. So always my first question in bug is "may you please post url" ?
>>
>> Also java connector is printing out system properties. So it crossed my mind to store the launched jnlps/htmls for this usage. I have quite mixed feelings about it but do not have it makes java-abrt-connector a bit useless (users donot care to much about auto generated bugs)
>> - see https://bugzilla.redhat.com/show_bug.cgi?id=1060390
>>
>> This needs also some more work on java-abrt-conenctor - see https://github.com/jfilak/abrt-java-connector/issues/34
>>
>> J.
>
> I like the intent behind the patch but I don't know if I really like using system properties for this :/

I'm not sure with them too:(

 > not that I have any better ideas off the top of my head.

The abrt agent can actually do anything. My another idea is to store it in some static (private) variable. The whitleist in issue 34 will then be package.class fieldName

 > But this just does not seem to me like what the properties are meant to be used for.

Agree. And my concern is that with this, *maybe* (but probably) all appelts which can read properties, will be able to spy history.

I have commented also https://github.com/jfilak/abrt-java-connector/issues/34
> It seems like nobody else is chiming in with any better ideas, and you're right that the automatic bug reports are a little bit useless without something like this, so if you have no better implementations in mind then I suppose this will have to suffice.

What do you thnk about this approach? (otherwise it will be same)
Thank you!

J.

From jvanek at redhat.com  Wed Mar  5 06:22:18 2014
From: jvanek at redhat.com (Jiri Vanek)
Date: Wed, 05 Mar 2014 15:22:18 +0100
Subject: [rfc][icedtea-web] following permissions attribute
In-Reply-To: <5316520D.9020705@redhat.com>
References: <530CCFE4.2040008@redhat.com> <5316520D.9020705@redhat.com>
Message-ID: <5317331A.90405@redhat.com>

On 03/04/2014 11:22 PM, Andrew Azores wrote:
> On 02/25/2014 12:16 PM, Jiri Vanek wrote:
>> AIS
>>
>> http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#permissions
>>
>> Please, any reviewer, read the specification. It appeared to be tricky to transform its spoken language to algorithm... Well at least default was specified without fog :(
>>
>> Thanx for any comments!
>> J.
>>
>> not sure how with unittests, but reproducers are on the way...
>
> Are you just looking for additional help figuring out what the spec is trying to define? Or was a patch forgotten here?
>

Crap. Sorry. Forgot to attach aptch :(
-------------- next part --------------
A non-text attachment was scrubbed...
Name: permissionAttribute_01.patch
Type: text/x-patch
Size: 15350 bytes
Desc: not available
Url : http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140305/5956aa4e/permissionAttribute_01-0001.patch 

From aazores at redhat.com  Wed Mar  5 06:16:07 2014
From: aazores at redhat.com (Andrew Azores)
Date: Wed, 05 Mar 2014 09:16:07 -0500
Subject: [rfc][icedtea-web] save  runn urls to property
In-Reply-To: <53173282.7020401@redhat.com>
References: <5304C60C.5070608@redhat.com> <5316531D.7010304@redhat.com>
	<53173282.7020401@redhat.com>
Message-ID: <531731A7.6000006@redhat.com>

On 03/05/2014 09:19 AM, Jiri Vanek wrote:
> On 03/04/2014 11:26 PM, Andrew Azores wrote:
>> On 02/19/2014 09:56 AM, Jiri Vanek wrote:
>>> hi!
>>>
>>> As java abrt connector is sending quite good reports, the url, on 
>>> which I can reproduce the issue is missing. So always my first 
>>> question in bug is "may you please post url" ?
>>>
>>> Also java connector is printing out system properties. So it crossed 
>>> my mind to store the launched jnlps/htmls for this usage. I have 
>>> quite mixed feelings about it but do not have it makes 
>>> java-abrt-connector a bit useless (users donot care to much about 
>>> auto generated bugs)
>>> - see https://bugzilla.redhat.com/show_bug.cgi?id=1060390
>>>
>>> This needs also some more work on java-abrt-conenctor - see 
>>> https://github.com/jfilak/abrt-java-connector/issues/34
>>>
>>> J.
>>
>> I like the intent behind the patch but I don't know if I really like 
>> using system properties for this :/
>
> I'm not sure with them too:(
>
> > not that I have any better ideas off the top of my head.
>
> The abrt agent can actually do anything. My another idea is to store 
> it in some static (private) variable. The whitleist in issue 34 will 
> then be package.class fieldName

I didn't know that this would be an option. This sounds much, much 
better to me.

>
> > But this just does not seem to me like what the properties are meant 
> to be used for.
>
> Agree. And my concern is that with this, *maybe* (but probably) all 
> appelts which can read properties, will be able to spy history.

Yea, and this is really not a good mechanism to be providing.

>
> I have commented also 
> https://github.com/jfilak/abrt-java-connector/issues/34
>> It seems like nobody else is chiming in with any better ideas, and 
>> you're right that the automatic bug reports are a little bit useless 
>> without something like this, so if you have no better implementations 
>> in mind then I suppose this will have to suffice.
>
> What do you thnk about this approach? (otherwise it will be same)
> Thank you!
>
> J.

Thanks,

-- 
Andrew A


From jvanek at redhat.com  Wed Mar  5 06:29:09 2014
From: jvanek at redhat.com (Jiri Vanek)
Date: Wed, 05 Mar 2014 15:29:09 +0100
Subject: [rfc][icedtea-web] have  bash in shebang instead of sh or get
	rid of bashism
In-Reply-To: <53165242.9000308@redhat.com>
References: <530E0C94.6070606@redhat.com> <53165242.9000308@redhat.com>
Message-ID: <531734B5.9040105@redhat.com>

On 03/04/2014 11:22 PM, Andrew Azores wrote:
> On 02/26/2014 10:47 AM, Jiri Vanek wrote:
>> After short discussion with Omair, we agreed that this
>>
>> http://icedtea.classpath.org/hg/release/icedtea-web-1.4/rev/8f13202ea201
>>
>> IS probably better then get rid of bashism completely.
>>
>> So I would like to forward-port this patch to head.
>>
>> ok?
>
> Fine by me.
>
> Thanks,
>

Thanx. Pushed.

The configure check for /bin/bash is needed for .configure now. But I'm not sure how it will affect windows. Actually I have no idea how windows are building ITW :(

J.


From aazores at redhat.com  Wed Mar  5 06:21:58 2014
From: aazores at redhat.com (Andrew Azores)
Date: Wed, 05 Mar 2014 09:21:58 -0500
Subject: [rfc][icedtea-web] have  bash in shebang instead of sh or get
	rid of bashism
In-Reply-To: <531734B5.9040105@redhat.com>
References: <530E0C94.6070606@redhat.com> <53165242.9000308@redhat.com>
	<531734B5.9040105@redhat.com>
Message-ID: <53173306.6000906@redhat.com>

On 03/05/2014 09:29 AM, Jiri Vanek wrote:
> On 03/04/2014 11:22 PM, Andrew Azores wrote:
>> On 02/26/2014 10:47 AM, Jiri Vanek wrote:
>>> After short discussion with Omair, we agreed that this
>>>
>>> http://icedtea.classpath.org/hg/release/icedtea-web-1.4/rev/8f13202ea201 
>>>
>>>
>>> IS probably better then get rid of bashism completely.
>>>
>>> So I would like to forward-port this patch to head.
>>>
>>> ok?
>>
>> Fine by me.
>>
>> Thanks,
>>
>
> Thanx. Pushed.
>
> The configure check for /bin/bash is needed for .configure now. But 
> I'm not sure how it will affect windows. Actually I have no idea how 
> windows are building ITW :(
>
> J.
>

Probably with Cygwin or something, I'd guess?

Thanks,

-- 
Andrew A


From jvanek at redhat.com  Wed Mar  5 06:35:34 2014
From: jvanek at redhat.com (Jiri Vanek)
Date: Wed, 05 Mar 2014 15:35:34 +0100
Subject: [rfc][icedtea-web] fixed  AppTrustWarningPanel "hidding buttons"
In-Reply-To: <53164FD6.7060906@redhat.com>
References: <5315E98F.1020108@redhat.com> <53164FD6.7060906@redhat.com>
Message-ID: <53173636.8020505@redhat.com>

On 03/04/2014 11:12 PM, Andrew Azores wrote:
> On 03/04/2014 09:56 AM, Jiri Vanek wrote:
>> Hi!
>>
>> The AppTrustWarningPanel have bad behavior when is getting smaller. The buttons hide under panel, which is adapted to page url width. This can be sometimes long. So buttons disappear always.
>>
>> On screenshois both bad (lower) and new version (upper).
>>
>> J.
>
> Is the last hunk of the patch (new main method) supposed to be there... ? Otherwise, looks good to me.

Yes, it was. Pushed.

Thanx!

J.

From jvanek at icedtea.classpath.org  Wed Mar  5 06:39:16 2014
From: jvanek at icedtea.classpath.org (jvanek at icedtea.classpath.org)
Date: Wed, 05 Mar 2014 14:39:16 +0000
Subject: /hg/icedtea-web: 3 new changesets
Message-ID: <hg.6334973af853.1394030356.8643924302249223276@icedtea.classpath.org>

changeset 6334973af853 in /hg/icedtea-web
details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=6334973af853
author: Jiri Vanek <jvanek at redhat.com>
date: Wed Mar 05 15:27:53 2014 +0100

	Use bash as shebang in launchers.in


changeset 01e20acaf6af in /hg/icedtea-web
details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=01e20acaf6af
author: Jiri Vanek <jvanek at redhat.com>
date: Wed Mar 05 15:34:24 2014 +0100

	added test for plain * in ClasspathMatcher.ClasspathMatchers.compile()


changeset 907fe0c8a3fa in /hg/icedtea-web
details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=907fe0c8a3fa
author: Jiri Vanek <jvanek at redhat.com>
date: Wed Mar 05 15:43:03 2014 +0100

	Fixed layout of AppTrustWarningPanel so buttons do not disappear under radioboxes.


diffstat:

 ChangeLog                                                                   |  18 ++++++++++
 launcher/launchers.in                                                       |   2 +-
 netx/net/sourceforge/jnlp/security/AppTrustWarningPanel.java                |  13 +++---
 netx/net/sourceforge/jnlp/security/UnsignedAppletTrustWarningPanel.java     |  12 ++++++
 tests/netx/unit/net/sourceforge/jnlp/security/AppTrustWarningPanelTest.java |  15 ++------
 tests/netx/unit/net/sourceforge/jnlp/util/ClasspathMatcherTest.java         |   9 +++++
 6 files changed, 51 insertions(+), 18 deletions(-)

diffs (156 lines):

diff -r d8407ab3635c -r 907fe0c8a3fa ChangeLog
--- a/ChangeLog	Tue Mar 04 11:10:51 2014 -0500
+++ b/ChangeLog	Wed Mar 05 15:43:03 2014 +0100
@@ -1,3 +1,21 @@
+2014-03-05  Jiri Vanek  <jvanek at redhat.com>
+
+	* netx/net/sourceforge/jnlp/security/AppTrustWarningPanel.java: fixed
+	layout so buttons do not disappear under radioboxes.
+	* netx/net/sourceforge/jnlp/security/UnsignedAppletTrustWarningPanel.java:
+	added testable main method.	
+
+2014-03-05  Jiri Vanek  <jvanek at redhat.com>
+
+	* tests/netx/unit/net/sourceforge/jnlp/security/AppTrustWarningPanelTest.java:
+	removed unused imports
+	* tests/netx/unit/net/sourceforge/jnlp/util/ClasspathMatcherTest.java:
+	added test for plain * in ClasspathMatcher.ClasspathMatchers.compile()
+
+2014-03-05  Matthias Klose  <doko at ubuntu.com>
+
+	* launcher/launchers.in: Use bash as shebang.
+
 2014-03-04  Andrew Azores  <aazores at redhat.com>
 
 	* netx/net/sourceforge/jnlp/resources/Messages.properties:
diff -r d8407ab3635c -r 907fe0c8a3fa launcher/launchers.in
--- a/launcher/launchers.in	Tue Mar 04 11:10:51 2014 -0500
+++ b/launcher/launchers.in	Wed Mar 05 15:43:03 2014 +0100
@@ -1,4 +1,4 @@
-#!/bin/sh
+#!/bin/bash
 
 JAVA=@JAVA@
 LAUNCHER_BOOTCLASSPATH=@LAUNCHER_BOOTCLASSPATH@
diff -r d8407ab3635c -r 907fe0c8a3fa netx/net/sourceforge/jnlp/security/AppTrustWarningPanel.java
--- a/netx/net/sourceforge/jnlp/security/AppTrustWarningPanel.java	Tue Mar 04 11:10:51 2014 -0500
+++ b/netx/net/sourceforge/jnlp/security/AppTrustWarningPanel.java	Wed Mar 05 15:43:03 2014 +0100
@@ -237,7 +237,7 @@
     }
 
     private JPanel createMatchOptionsPanel() {
-        JPanel matchOptionsPanel = new JPanel(new FlowLayout(FlowLayout.RIGHT));
+        JPanel matchOptionsPanel = new JPanel(new FlowLayout(FlowLayout.LEFT));
 
         ButtonGroup group = new ButtonGroup();
         applyToAppletButton = new JRadioButton(R("SRememberAppletOnly"));
@@ -257,11 +257,12 @@
     }
 
     private JPanel createCheckBoxPanel() {
-        JPanel checkBoxPanel = new JPanel(new FlowLayout(FlowLayout.LEFT));
+        JPanel checkBoxPanel = new JPanel(new BorderLayout());
 
         permanencyCheckBox = new JCheckBox(htmlWrap(R("SRememberOption")));
         permanencyCheckBox.addActionListener(permanencyListener());
-        checkBoxPanel.add(permanencyCheckBox);
+        checkBoxPanel.setBorder(BorderFactory.createEmptyBorder(0, 15, 0, 0));
+        checkBoxPanel.add(permanencyCheckBox,  BorderLayout.SOUTH);
 
         return checkBoxPanel;
     }
@@ -282,11 +283,11 @@
     private void setupButtonAndCheckBoxPanel() {
         JPanel outerPanel = new JPanel(new BorderLayout());
         JPanel rememberPanel = new JPanel(new GridLayout(2 /*rows*/, 1 /*column*/));
-        rememberPanel.add(createCheckBoxPanel());
         rememberPanel.add(createMatchOptionsPanel());
-        rememberPanel.setBorder(BorderFactory.createEmptyBorder(10, 10, 10, 10));
+        rememberPanel.setBorder(BorderFactory.createEmptyBorder(0, 10, 0, 10));
 
-        outerPanel.add(rememberPanel, BorderLayout.WEST);
+        outerPanel.add(createCheckBoxPanel(), BorderLayout.WEST);
+        outerPanel.add(rememberPanel, BorderLayout.SOUTH);
         outerPanel.add(createButtonPanel(), BorderLayout.EAST);
 
         add(outerPanel);
diff -r d8407ab3635c -r 907fe0c8a3fa netx/net/sourceforge/jnlp/security/UnsignedAppletTrustWarningPanel.java
--- a/netx/net/sourceforge/jnlp/security/UnsignedAppletTrustWarningPanel.java	Tue Mar 04 11:10:51 2014 -0500
+++ b/netx/net/sourceforge/jnlp/security/UnsignedAppletTrustWarningPanel.java	Wed Mar 05 15:43:03 2014 +0100
@@ -36,9 +36,12 @@
 
 package net.sourceforge.jnlp.security;
 
+import java.awt.BorderLayout;
+import java.net.URL;
 import static net.sourceforge.jnlp.runtime.Translator.R;
 
 import javax.swing.ImageIcon;
+import javax.swing.JFrame;
 import net.sourceforge.jnlp.JNLPFile;
 import net.sourceforge.jnlp.security.appletextendedsecurity.ExecuteAppletAction;
 import net.sourceforge.jnlp.security.appletextendedsecurity.UnsignedAppletTrustConfirmation;
@@ -90,5 +93,14 @@
     protected String getQuestionPanelText() {
         return htmlWrap(R(getQuestionPanelTextKey()));
     }
+    
+    public static void main(String[] args) throws Exception {
+        UnsignedAppletTrustWarningPanel w = new UnsignedAppletTrustWarningPanel(new JNLPFile(new URL("http://www.geogebra.org/webstart/geogebra.jnlp")), null);
+        JFrame f = new JFrame();
+        f.setSize(600, 400);
+        f.add(w, BorderLayout.CENTER);
+        f.setDefaultCloseOperation(JFrame.EXIT_ON_CLOSE);
+        f.setVisible(true);
+    }
 
 }
diff -r d8407ab3635c -r 907fe0c8a3fa tests/netx/unit/net/sourceforge/jnlp/security/AppTrustWarningPanelTest.java
--- a/tests/netx/unit/net/sourceforge/jnlp/security/AppTrustWarningPanelTest.java	Tue Mar 04 11:10:51 2014 -0500
+++ b/tests/netx/unit/net/sourceforge/jnlp/security/AppTrustWarningPanelTest.java	Wed Mar 05 15:43:03 2014 +0100
@@ -1,24 +1,17 @@
 package net.sourceforge.jnlp.security;
 
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertFalse;
-import static org.junit.Assert.assertNotNull;
-import static org.junit.Assert.assertTrue;
-
 import java.net.URL;
 import java.util.ArrayList;
 import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
-
 import javax.swing.JButton;
-
 import net.sourceforge.jnlp.PluginBridge;
 import net.sourceforge.jnlp.PluginParameters;
-import net.sourceforge.jnlp.security.SecurityDialogs.AccessType;
-import net.sourceforge.jnlp.security.SecurityDialogs.DialogType;
-import net.sourceforge.jnlp.tools.JarCertVerifier;
-
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertTrue;
 import org.junit.BeforeClass;
 import org.junit.Test;
 
diff -r d8407ab3635c -r 907fe0c8a3fa tests/netx/unit/net/sourceforge/jnlp/util/ClasspathMatcherTest.java
--- a/tests/netx/unit/net/sourceforge/jnlp/util/ClasspathMatcherTest.java	Tue Mar 04 11:10:51 2014 -0500
+++ b/tests/netx/unit/net/sourceforge/jnlp/util/ClasspathMatcherTest.java	Wed Mar 05 15:43:03 2014 +0100
@@ -556,4 +556,13 @@
         Assert.assertFalse(cps2.matches(new URL("http://bb.cz")));
         
     }
+    
+    @Test
+    public void testStar() throws MalformedURLException {
+        ClasspathMatchers cps1  = ClasspathMatcher.ClasspathMatchers.compile("*");
+        Assert.assertTrue(cps1.matches(new URL("http://whatever.anywher/something/at.some")));
+        Assert.assertTrue(cps1.matches(new URL("http://whatever.anywher/something/at")));
+        Assert.assertTrue(cps1.matches(new URL("http://whatever.anywher/")));
+        Assert.assertTrue(cps1.matches(new URL("http://whatever.anywher")));
+    }
 }

From aazores at redhat.com  Wed Mar  5 07:02:16 2014
From: aazores at redhat.com (Andrew Azores)
Date: Wed, 05 Mar 2014 10:02:16 -0500
Subject: [rfc][icedtea-web] implemented
	Application-Library-Allowable-Codebase Attribute
In-Reply-To: <530F71CF.4040207@redhat.com>
References: <530F71CF.4040207@redhat.com>
Message-ID: <53173C78.5050204@redhat.com>

On 02/27/2014 12:11 PM, Jiri Vanek wrote:
> hi!
>
> Implementation of -  Application-Library-Allowable-Codebase Attribute. 
> Well it grow a bit.
>
> The implementation itself, is as straightforward as terrible 
> "specification" allowed  (please reviwer, study the specification too:( )
>
> However, many workarounds were needed:
>
>  *  netx/net/sourceforge/jnlp/JNLPFile.java and 
> netx/net/sourceforge/jnlp/util/ClasspathMatcher.java : It appeared, 
> that this attribute honors path in pattern. Luckily the matcher was 
> prepared for it, and now it is just conditionally enabled.
>
> * dialogues - still the same with one detail  - the remember option do 
> not work. I'm not sure if I wont to use already implemented whitelist 
> from Extended Applets Security... Well  why not? Becasue all alowed 
> appelts will be able to run rmeote context...But well.. why not? If I 
> will reuse it, then MatchingALACAttributePanel will be reworked.

Are you talking about using AppTrustWarningPanel? ;)

>
> * netx/net/sourceforge/jnlp/util/UrlUtils.java - this was most unlucky 
> - two new utility methods - to remove name filename from url path, and 
> to compare urls no meter if there is tailing slash.
>  - the exctraction of name is for puposes to find the uri of its 
> location, which is then matched against attribute
>  - the comparison without tailing slash is not so clear - There is 
> only one suecase of it :
>
> +        if (usedUrls.size() == 1) {
> +            if (UrlUtils.equalsIgnoreLastSlash(usedUrls.toArray(new 
> URL[]{})[0], codebase)
> +                    && 
> UrlUtils.equalsIgnoreLastSlash(usedUrls.toArray(new URL[]{})[0], 
> documentBase)) {
> +                //all resoources are from codebase or document base. 
> it is ok to proceeed.
> +                OutputController.getLogger().log("All applications 
> resources (" + usedUrls.toArray(new URL[]{})[0] + ") are from 
> codebas/documentbase " + codebase + "/" + documentBase + ", skipping 
> Application-Library-Allowable-Codebase Attribute check.");
> +                return;
> +            }
> +        }
>
>
> It happened that different applications have or have not the trailing 
> slash On codebase and so the implementation of removeFileName was 
> burdened by keep trailing slash or not. This is workarround.
>
>

Nit here: why "new URL[]{}" ? Why not "new URL[0]" ?

>
> *however* I'm a hesitating how to deal with it in Matcher. I adapted 
> it (if compare of paths is true) that some.url/some/path matches both 
> some.url/some/path/ and some.url/some/path, but some.url/some/path/ do 
> not match some.url/some/path (matches only some.url/some/path/)
> I consider it as lowest evil....:(
>
> All should be unittested as much as possible.
> I'm still taking deep breath before doing reproducers for both this 
> and permissions.
>
>
> Thanx in advance,
>  J.

Rest of comments here:

Messages.properties:
> # missing Application-Library-Allowable-Codebase dialogue
> ALACAMissingMainTitle=Application <span color='red'> {0} </span> \
> form codebase <span color='red'> {1} </span> is missing the  
> Application-Library-Allowable-Codebase attribute. \
> The resources this applications is opening are from remote 
> locations:<br/> {2} <br/>Are you sure to run this application to?
"This application uses resources from the following remote locations: 
{2} Are you sure you want to run this application?"
> ALACAMissingInfo=For more information you can visit:<br/>\
> <a 
> href="http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#app_library"> 
> \
> http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#app_library</a> 
> <br/> \
> and<br/> <a 
> href="http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/no_redeploy.html"> 
> \
> http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/no_redeploy.html</a>
> # matching Application-Library-Allowable-Codebase dialogue
> ALACAMatchingMainTitle=Application <span color='red'> {0} </span> \
> form codebase <span color='red'> {1} </span> is requiring valid 
> resources from different locations:<br/>{2} <br/> \
> Those resources are expected to be loaded. Do you agree to run this 
> application?
> ALACAMatchingInfo=For more information you can visit:<br/>\
> <a 
> href="http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#app_library"> 
> \
> http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#app_library</a> 
> <br/> \
> and<br/> <a 
> href="http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/no_redeploy.html"> 
> \
> http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/no_redeploy.html</a>

JNLPClassLoader:
> //do this check for unsigned apps? imho yes
> //if 
> (security.getSecurityType().equals(SecurityDesc.SANDBOX_PERMISSIONS)){
> //    return; /*when app isnot signed, then skip this check*/
> //}
Why should we do this check for unsigned? The spec specifies it's for 
"signed RIAs", and I don't think it's necessary to enforce it for 
unsigned. Partially signed is questionable. Anyway, this check would be 
better if it used the "signing" field instead, which has type 
SigningState and is meant for exactly this kind of check. There's also 
the new SecurityDelegate inner class (which was added after you sent 
this patch, I know), and maybe this whole method or at least large parts 
of it should be inside there instead.
> +        URL documentBase = null;
> +        if (file instanceof PluginBridge) {
> +            documentBase = ((PluginBridge) file).getSourceLocation();
> +        }
> +        if (documentBase == null) {
> +            documentBase = file.getCodeBase();
> +        }

         URL documentBase;
         if (file instanceof PluginBridge) {
             documentBase = ((PluginBridge) file).getSourceLocation();
         } else {
             documentBase = file.getCodeBase();
         }

This would be preferable, no?

> +        for (int i = 0; i < resourcesDescs.length; i++) {
> +            ResourcesDesc resourcesDesc = resourcesDescs[i];
> +                for (int j = 0; j < ex.length; j++) {
> +                    ExtensionDesc extensionDesc = ex[j];
> +                for (int k = 0; k < jars.length; k++) {
> +                    JARDesc jarDesc = jars[k];

Why not use for-each loops?

> +            ExtensionDesc[] ex = resourcesDesc.getExtensions();
> +            if (ex != null) {
> +            JARDesc[] jars = resourcesDesc.getJARs();
> +            if (jars != null) {

I think the null checks here are over-defensive. These methods appear to 
be designed to return empty arrays if there is no matching resource, not 
null.

> +        if (att == null) {
> +            int a = 
> SecurityDialogs.showMissingALACAttributePanel(file.getTitle(), 
> documentBase, usedUrls);
> +            if (a != 0) {

I'll come back to this later...

> +                throw new LaunchException("The application is using 
> resources from elsewhere then its base is, have missing 
> Application-Library-Allowable-Codebase attribute and you forbifd it to 
> run");

"The application uses non-codebase resources, has no 
Application-Library-Allowable-Codebase Attribute, and was blocked from 
running by the user"
Should these new LaunchException explanations not go in Messages.properties?

> +                    throw new LaunchException("The resource from " + 
> foundUrl + " do not have any match in 
> Application-Library-Allowable-Codebase Attribute " + att + ". Thats 
> fatal");

"The resource from " + foundUrl + " does not match the  location in 
Application-Library-Allowable-Codebase Attribute " + att + ". Blocking 
the application from running."

> +            throw new LaunchException("The application is using 
> resources from elsewhere then its base is which are matching 
> Application-Library-Allowable-Codebase attribute  but you forbifd it 
> to run");

"The application uses non-codebase resources, which do match its 
Application-Library-Allowable-Codebase Attribute, but was blocked from 
running by the user."


MatchingALACAttributePanel and MissingALACAttributePanel:

Why do these need main methods? Can you make an abstract parent class 
and have them subclass it? It seems like most of the code is shared.


SecurityDialogs:
> +     public static int showMissingALACAttributePanel(String title, 
> URL codeBase, Set<URL> remoteUrls) {
> +
> +        if (!shouldPromptUser()) {
> +            return 1;
> +        }
> +
> +        SecurityDialogMessage message = new SecurityDialogMessage();
> +        message.dialogType = DialogType.MISSING_ALACA;
> +        message.extras = new Object[]{title, codeBase.toString(), 
> UrlUtils.setOfUrlsToHtmlList(remoteUrls)};
> +        Object selectedValue = getUserResponse(message);
> +
> +        // result 0 = Yes, 1 = No
> +        if (selectedValue instanceof Integer) {
> +            // If the selected value can be cast to Integer, use that 
> value
> +            return ((Integer) selectedValue).intValue();
> +        } else {
> +            // Otherwise default to "no"
> +            return 1;
> +        }
> +    }
> +
> +     public static int showMatchingALACAttributePanel(String title, 
> URL codeBase, Set<URL> remoteUrls) {
> +
> +        if (!shouldPromptUser()) {
> +            return 1;
> +        }
> +
> +        SecurityDialogMessage message = new SecurityDialogMessage();
> +        message.dialogType = DialogType.MATCHING_ALACA;
> +        message.extras = new Object[]{title, codeBase.toString(), 
> UrlUtils.setOfUrlsToHtmlList(remoteUrls)};
> +        Object selectedValue = getUserResponse(message);
> +
> +        // result 0 = Yes, 1 = No
> +        if (selectedValue instanceof Integer) {
> +            // If the selected value can be cast to Integer, use that 
> value
> +            return ((Integer) selectedValue).intValue();
> +        } else {
> +            // Otherwise default to "no"
> +            return 1;
> +        }
> +    }

Please use either getIntegerResponseAsBoolean or 
getIntegerResponseAsAppletAction rather than returning 0/1 as ints for 
yes/no.


Thanks,

-- 
Andrew A


From aazores at redhat.com  Wed Mar  5 07:21:23 2014
From: aazores at redhat.com (Andrew Azores)
Date: Wed, 05 Mar 2014 10:21:23 -0500
Subject: [rfc][icedtea-web] following permissions attribute
In-Reply-To: <5317331A.90405@redhat.com>
References: <530CCFE4.2040008@redhat.com> <5316520D.9020705@redhat.com>
	<5317331A.90405@redhat.com>
Message-ID: <531740F3.2040102@redhat.com>

On 03/05/2014 09:22 AM, Jiri Vanek wrote:
> On 03/04/2014 11:22 PM, Andrew Azores wrote:
>> On 02/25/2014 12:16 PM, Jiri Vanek wrote:
>>> AIS
>>>
>>> http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#permissions 
>>>
>>>
>>> Please, any reviewer, read the specification. It appeared to be 
>>> tricky to transform its spoken language to algorithm... Well at 
>>> least default was specified without fog :(
>>>
>>> Thanx for any comments!
>>> J.
>>>
>>> not sure how with unittests, but reproducers are on the way...
>>
>> Are you just looking for additional help figuring out what the spec 
>> is trying to define? Or was a patch forgotten here?
>>
>
> Crap. Sorry. Forgot to attach aptch :(

Messages.properties:
> +# missing permissions dialogue
> +MissingPermissionsMainTitle=Application <span color='red'> {0} </span> \
> +form codebase <span color='red'> {1} </span> is missing the 
> permissions attribute. \
> +Applications without this attribute should not be trusted. Do you 
> allow this application to run?
"Do you want to run this application?" or "Do you wish to allow this 
application to run?"
> +MissingPermissionsInfo=For more information you can visit:<br/>\
> +<a 
> href="http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#permissions"> 
> \
> +http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#permissions</a> 
> <br/> \
> +and<br/> <a 
> href="http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/no_redeploy.html"> 
> \
> +http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/no_redeploy.html</a>


JNLPClassLoader:
> +        Boolean permissions = 
> file.getManifestsAttributes().isSandboxForced();

I'm not liking the use of the boxed type here... true/false/null is kind 
of ugly. Can an enum be made for the three states, rather than actually 
using null as an acceptable value? I know this isn't directly relevant 
to this patch, though.

> +                throw new LaunchException("Your Extended applets 
> security is at 'Very high', and this applicationis missing the 
> 'permissions' attribute in manifest. This is fatal");
> +                    throw new LaunchException("Your Extended applets 
> security is at 'high' and this applicationis missing the 'permissions' 
> attribute in manifest. And you have refused to run it.");

"applicationis" - missing a space. Should this go in Messages.properties?

And please consider moving this method into the new SecurityDelegate as 
well (which is newer than this patch, I know)



SecurityDialogs:
> +     public static int showMissingPermissionsAttributeDialogue(String 
> title, URL codeBase) {
> +
> +        if (!shouldPromptUser()) {
> +            return 1;
> +        }
> +
> +        SecurityDialogMessage message = new SecurityDialogMessage();
> +        message.dialogType = 
> DialogType.UNSIGNED_EAS_NO_PERMISSIONS_WARNING;
> +        message.extras = new Object[]{title, codeBase.toExternalForm()};
> +        Object selectedValue = getUserResponse(message);
> +
> +        // result 0 = Yes, 1 = No
> +        if (selectedValue instanceof Integer) {
> +            // If the selected value can be cast to Integer, use that 
> value
> +            return ((Integer) selectedValue).intValue();
> +        } else {
> +            // Otherwise default to "cancel"
> +            return 1;
> +        }
> +    }

As in the ALAC review, return a boolean or AppletAction here instead please.

Thanks,

-- 
Andrew A


From thomas at m3y3r.de  Wed Mar  5 07:29:35 2014
From: thomas at m3y3r.de (Thomas Meyer)
Date: Wed, 05 Mar 2014 16:29:35 +0100
Subject: [icedtea-web] plugin hangs in xcb_wait_for_reply
In-Reply-To: <530AF4F0.50400@redhat.com>
References: <1393162615.4301.5.camel@localhost.localdomain>
	<530AF4F0.50400@redhat.com>
Message-ID: <1394033375.8394.7.camel@localhost.localdomain>

Am Montag, den 24.02.2014, 08:29 +0100 schrieb Jiri Vanek:
> On 02/23/2014 02:36 PM, Thomas Meyer wrote:
> > Hi,
> >
> > The icedtea-web plugin hangs on my computer in xcb_wait_for_reply while
> > trying to init the GTK look and feel:
> >
> > I'm using this version:
> > Name       : icedtea-web
> > Architektur : x86_64
> > Version    : 1.4.2
> > Ausgabe    : 0.fc20
> > Gr??e : 1.1 M
> 
> How is it reproducible?

It seems that all java programs using the GTK L&F suffer from this hang
in xcb on my machine!

I just tried to run jedit with GTK L&F and it also hangs and waits for
some xcb/X server reply.

Can somebody reproduce this error on Fedora 20 with a multi-monitor
setup?

> 
> Personally I don know why the look and feel is used there anyway? It have probably its place in 
> Various dialogues, but the usage in jnlpruntime is a little bit confusing.
> 
> How does it behave when you remove those lines?

Behaviour is the same, as my system default L&F seems to be the GTK one.
I explicitly need to set the L&F in the deployment descriptor like this,
to make it work for me on Fedora 20:

$ cat .icedtea/deployment.properties
#Netx deployment configuration
#Wed Mar 05 15:22:26 CET 2014
swing.systemlaf=javax.swing.plaf.metal.MetalLookAndFeel
deployment.security.level=ASK_UNSIGNED

btw. providing JVM option
-Dswing.systemlaf=javax.swing.plaf.metal.MetalLookAndFeel via the
icetea-web setting program (itweb-settings) doesn't work as the "=" is
expanded to "\="...

> 
> Thankx,
> 
>   J.
> >
> > Thread 16 (Thread 0x7f73bc4eb700 (LWP 14468)):
> > #0  0x0000003623aea9dd in poll () from /lib64/libc.so.6
> > #1  0x0000003627209f72 in poll (__timeout=-1, __nfds=1,
> > __fds=0x7f73bc4ea0e0)
> >      at /usr/include/bits/poll2.h:46
> > #2  _xcb_conn_wait (c=c at entry=0x7f73b82a6c20,
> > cond=cond at entry=0x7f73bc4ea160,
> >      vector=vector at entry=0x0, count=count at entry=0x0) at xcb_conn.c:414
> > #3  0x000000362720b44f in wait_for_reply (c=c at entry=0x7f73b82a6c20,
> > request=112,
> >      e=e at entry=0x7f73bc4ea220) at xcb_in.c:399
> > #4  0x000000362720b562 in xcb_wait_for_reply (c=c at entry=0x7f73b82a6c20,
> > request=112,
> >      e=e at entry=0x7f73bc4ea220) at xcb_in.c:429
> > #5  0x0000003626e43017 in _XReply (dpy=dpy at entry=0x7f73b82a59d0,
> >      rep=rep at entry=0x7f73bc4ea270, extra=extra at entry=0,
> > discard=discard at entry=1)
> >      at xcb_io.c:602
> > #6  0x0000003626e38f04 in XQueryExtension
> > (dpy=dpy at entry=0x7f73b82a59d0,
> >      name=name at entry=0x362e20c724 "XInputExtension",
> >      major_opcode=major_opcode at entry=0x7f73bc4ea2e4,
> >      first_event=first_event at entry=0x7f73bc4ea2e8,
> >      first_error=first_error at entry=0x7f73bc4ea2ec) at QuExt.c:48
> > #7  0x0000003626e2ccc2 in XInitExtension (dpy=0x7f73b82a59d0,
> >      name=0x362e20c724 "XInputExtension") at InitExt.c:47
> > #8  0x000000362760d07f in XextAddDisplay () from /lib64/libXext.so.6
> > #9  0x000000362e207313 in XInput_find_display
> > (dpy=dpy at entry=0x7f73b82a59d0) at XExtInt.c:223
> > #10 0x000000362e205c19 in XListInputDevices (dpy=0x7f73b82a59d0,
> > ndevices=0x7f73bc4ea46c)
> >      at XListDev.c:184
> > #11 0x0000003e3c87d684 in _gdk_input_common_init ()
> > from /lib64/libgdk-x11-2.0.so.0
> > #12 0x0000003e3c8516df in gdk_display_open ()
> > from /lib64/libgdk-x11-2.0.so.0
> > #13 0x0000003e3c81f03d in gdk_display_open_default_libgtk_only ()
> >     from /lib64/libgdk-x11-2.0.so.0
> > #14 0x0000003e3cd45aa4 in gtk_init_check ()
> > from /lib64/libgtk-x11-2.0.so.0
> > #15 0x00007f73b339e3c1 in gtk2_load ()
> >
> > from /usr/lib/jvm/java-1.7.0-openjdk-1.7.0.60-2.4.5.1.fc20.x86_64/jre/lib/amd64/xawt/libmawt.so
> > #16 0x00007f73b3386c6b in Java_sun_awt_UNIXToolkit_load_1gtk ()
> >
> > from /usr/lib/jvm/java-1.7.0-openjdk-1.7.0.60-2.4.5.1.fc20.x86_64/jre/lib/amd64/xawt/libmawt.so
> > #17 0x00007f73b49d304c in ?? ()
> > #18 0x00007f73bc4ea640 in ?? ()
> > #19 0x00000007f6045368 in ?? ()
> > #20 0x00007f73bc4ea698 in ?? ()
> > #21 0x00000007f6046ce0 in ?? ()
> > #22 0x0000000000000000 in ?? ()
> >
> > Probably in net.sourceforge.jnlp.runtime.JNLPRuntime in the
> > UIManager.setLookAndFeel() call.
> >
> >
> > any ideas?
> >
> >
> > Maybe these threads are related?
> > Thread 2 (Thread 0x7f73b2577700 (LWP 14492)):
> > #0  0x0000003623aea9dd in poll () from /lib64/libc.so.6
> > #1  0x00000036266495b4 in g_main_context_iterate.isra.24 ()
> > from /lib64/libglib-2.0.so.0
> > #2  0x0000003626649a3a in g_main_loop_run ()
> > from /lib64/libglib-2.0.so.0
> > #3  0x00007f73b2bcfbb9 in jni_main_loop ()
> > from /usr/lib/jvm/java-1.7.0-openjdk-1.7.0.60-2.4.5.1.fc20.x86_64/jre/lib/amd64/libatk-wrapper.so
> > #4  0x000000362666ea45 in g_thread_proxy () from /lib64/libglib-2.0.so.0
> > #5  0x0000003624607f33 in start_thread () from /lib64/libpthread.so.0
> > #6  0x0000003623af4ded in clone () from /lib64/libc.so.6
> >
> > Thread 1 (Thread 0x7f73bd2c9740 (LWP 14465)):
> > #0  0x0000003624609297 in pthread_join () from /lib64/libpthread.so.0
> > #1  0x0000003fc5a096d5 in ContinueInNewThread0 ()
> >
> > from /usr/lib/jvm/java-1.7.0-openjdk-1.7.0.60-2.4.5.1.fc20.x86_64/jre-abrt/bin/../lib/amd64/jli/libjli.so
> > #2  0x0000003fc5a04307 in ContinueInNewThread ()
> >
> > from /usr/lib/jvm/java-1.7.0-openjdk-1.7.0.60-2.4.5.1.fc20.x86_64/jre-abrt/bin/../lib/amd64/jli/libjli.so
> > #3  0x0000003fc5a04db9 in JLI_Launch ()
> >
> > from /usr/lib/jvm/java-1.7.0-openjdk-1.7.0.60-2.4.5.1.fc20.x86_64/jre-abrt/bin/../lib/amd64/jli/libjli.so
> > #4  0x0000000000400685 in main ()
> >
> >
> 




From jvanek at icedtea.classpath.org  Wed Mar  5 07:33:06 2014
From: jvanek at icedtea.classpath.org (jvanek at icedtea.classpath.org)
Date: Wed, 05 Mar 2014 15:33:06 +0000
Subject: /hg/icedtea-web: All security dialogs moved to appropriate package
Message-ID: <hg.0a36108ce4b9.1394033586.8643924302249223276@icedtea.classpath.org>

changeset 0a36108ce4b9 in /hg/icedtea-web
details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=0a36108ce4b9
author: Jiri Vanek <jvanek at redhat.com>
date: Wed Mar 05 16:41:06 2014 +0100

	All security dialogs moved to appropriate package


diffstat:

 ChangeLog                                                                                                |   40 +
 netx/net/sourceforge/jnlp/security/AccessWarningPane.java                                                |  213 ------
 netx/net/sourceforge/jnlp/security/AppTrustWarningDialog.java                                            |   68 -
 netx/net/sourceforge/jnlp/security/AppTrustWarningPanel.java                                             |  338 ---------
 netx/net/sourceforge/jnlp/security/AppletWarningPane.java                                                |  114 ---
 netx/net/sourceforge/jnlp/security/CertWarningPane.java                                                  |  319 ---------
 netx/net/sourceforge/jnlp/security/CertificateUtils.java                                                 |    5 -
 netx/net/sourceforge/jnlp/security/CertsInfoPane.java                                                    |  347 ---------
 netx/net/sourceforge/jnlp/security/HttpsCertVerifier.java                                                |    1 +
 netx/net/sourceforge/jnlp/security/KeyStores.java                                                        |    2 +-
 netx/net/sourceforge/jnlp/security/MoreInfoPane.java                                                     |  125 ---
 netx/net/sourceforge/jnlp/security/NotAllSignedWarningPane.java                                          |  114 ---
 netx/net/sourceforge/jnlp/security/PasswordAuthenticationPane.java                                       |  182 -----
 netx/net/sourceforge/jnlp/security/SecurityDialog.java                                                   |   14 +-
 netx/net/sourceforge/jnlp/security/SecurityDialogMessageHandler.java                                     |    1 -
 netx/net/sourceforge/jnlp/security/SecurityDialogPanel.java                                              |  119 ---
 netx/net/sourceforge/jnlp/security/SecurityDialogs.java                                                  |    2 +-
 netx/net/sourceforge/jnlp/security/SingleCertInfoPane.java                                               |   76 --
 netx/net/sourceforge/jnlp/security/UnsignedAppletTrustWarningDialog.java                                 |   63 -
 netx/net/sourceforge/jnlp/security/UnsignedAppletTrustWarningPanel.java                                  |  106 ---
 netx/net/sourceforge/jnlp/security/appletextendedsecurity/UnsignedAppletTrustConfirmation.java           |    2 +-
 netx/net/sourceforge/jnlp/security/dialogs/AccessWarningPane.java                                        |  216 ++++++
 netx/net/sourceforge/jnlp/security/dialogs/AppletWarningPane.java                                        |  116 +++
 netx/net/sourceforge/jnlp/security/dialogs/CertWarningPane.java                                          |  325 +++++++++
 netx/net/sourceforge/jnlp/security/dialogs/CertsInfoPane.java                                            |  350 ++++++++++
 netx/net/sourceforge/jnlp/security/dialogs/MoreInfoPane.java                                             |  128 +++
 netx/net/sourceforge/jnlp/security/dialogs/NotAllSignedWarningPane.java                                  |  115 +++
 netx/net/sourceforge/jnlp/security/dialogs/PasswordAuthenticationPane.java                               |  185 +++++
 netx/net/sourceforge/jnlp/security/dialogs/SecurityDialogPanel.java                                      |  121 +++
 netx/net/sourceforge/jnlp/security/dialogs/SingleCertInfoPane.java                                       |   81 ++
 netx/net/sourceforge/jnlp/security/dialogs/apptrustwarningpanel/AppTrustWarningDialog.java               |   70 ++
 netx/net/sourceforge/jnlp/security/dialogs/apptrustwarningpanel/AppTrustWarningPanel.java                |  339 +++++++++
 netx/net/sourceforge/jnlp/security/dialogs/apptrustwarningpanel/UnsignedAppletTrustWarningDialog.java    |   65 +
 netx/net/sourceforge/jnlp/security/dialogs/apptrustwarningpanel/UnsignedAppletTrustWarningPanel.java     |  106 +++
 tests/netx/unit/net/sourceforge/jnlp/security/AppTrustWarningPanelTest.java                              |  123 ---
 tests/netx/unit/net/sourceforge/jnlp/security/dialogs/apptrustwarningpanel/AppTrustWarningPanelTest.java |  125 +++
 tests/netx/unit/net/sourceforge/jnlp/util/ClasspathMatcherTest.java                                      |   16 +-
 37 files changed, 2405 insertions(+), 2327 deletions(-)

diffs (truncated from 4956 to 500 lines):

diff -r 907fe0c8a3fa -r 0a36108ce4b9 ChangeLog
--- a/ChangeLog	Wed Mar 05 15:43:03 2014 +0100
+++ b/ChangeLog	Wed Mar 05 16:41:06 2014 +0100
@@ -1,3 +1,43 @@
+2014-03-05  Jiri Vanek  <jvanek at redhat.com>
+
+	All security dialogs moved to appropriate package
+	* netx/net/sourceforge/jnlp/security/AccessWarningPane.java: to
+	* netx/net/sourceforge/jnlp/security/dialogs/AccessWarningPane.java:
+	* netx/net/sourceforge/jnlp/security/AppletWarningPane.java: to
+	* netx/net/sourceforge/jnlp/security/dialogs/AppletWarningPane.java:
+	* netx/net/sourceforge/jnlp/security/CertWarningPane.java: to
+	* netx/net/sourceforge/jnlp/security/dialogs/CertWarningPane.java
+	* netx/net/sourceforge/jnlp/security/CertsInfoPane.java: to
+	* netx/net/sourceforge/jnlp/security/dialogs/CertsInfoPane.java:
+	* netx/net/sourceforge/jnlp/security/MoreInfoPane.java: to
+	* netx/net/sourceforge/jnlp/security/dialogs/MoreInfoPane.java:
+	* netx/net/sourceforge/jnlp/security/NotAllSignedWarningPane.java: to
+	* netx/net/sourceforge/jnlp/security/dialogs/NotAllSignedWarningPane.java:
+	* netx/net/sourceforge/jnlp/security/PasswordAuthenticationPane.java: to
+	* netx/net/sourceforge/jnlp/security/dialogs/PasswordAuthenticationPane.java:
+	* netx/net/sourceforge/jnlp/security/SecurityDialogPanel.java: to
+	* netx/net/sourceforge/jnlp/security/dialogs/SecurityDialogPanel.java:
+	* netx/net/sourceforge/jnlp/security/SingleCertInfoPane.java: to
+	* netx/net/sourceforge/jnlp/security/dialogs/SingleCertInfoPane.java:
+	* netx/net/sourceforge/jnlp/security/AppTrustWarningDialog.java: to
+	* netx/net/sourceforge/jnlp/security/dialogs/apptrustwarningpanel/AppTrustWarningDialog.java:
+	* netx/net/sourceforge/jnlp/security/AppTrustWarningPanel.java: to
+	* netx/net/sourceforge/jnlp/security/dialogs/apptrustwarningpanel/AppTrustWarningPanel.java:
+	* netx/net/sourceforge/jnlp/security/UnsignedAppletTrustWarningDialog.java: to
+	* netx/net/sourceforge/jnlp/security/dialogs/apptrustwarningpanel/UnsignedAppletTrustWarningDialog.java:
+	* netx/net/sourceforge/jnlp/security/UnsignedAppletTrustWarningPanel.java: to
+	* netx/net/sourceforge/jnlp/security/dialogs/apptrustwarningpanel/UnsignedAppletTrustWarningPanel.java:
+	* tests/netx/unit/net/sourceforge/jnlp/security/AppTrustWarningPanelTest.java: to
+	* tests/netx/unit/net/sourceforge/jnlp/security/dialogs/apptrustwarningpanel/AppTrustWarningPanelTest.java:
+	* tests/netx/unit/net/sourceforge/jnlp/util/ClasspathMatcherTest.java: necessary changes
+	* netx/net/sourceforge/jnlp/security/appletextendedsecurity/UnsignedAppletTrustConfirmation.java: necessary changes
+	* netx/net/sourceforge/jnlp/security/SecurityDialogs.java: necessary changes
+	* netx/net/sourceforge/jnlp/security/SecurityDialogMessageHandler.java: necessary changes
+	* netx/net/sourceforge/jnlp/security/SecurityDialog.java: necessary changes
+	* netx/net/sourceforge/jnlp/security/KeyStores.java: necessary changes
+	* netx/net/sourceforge/jnlp/security/HttpsCertVerifier.java: necessary changes
+	* netx/net/sourceforge/jnlp/security/CertificateUtils.java: necessary changes
+
 2014-03-05  Jiri Vanek  <jvanek at redhat.com>
 
 	* netx/net/sourceforge/jnlp/security/AppTrustWarningPanel.java: fixed
diff -r 907fe0c8a3fa -r 0a36108ce4b9 netx/net/sourceforge/jnlp/security/AccessWarningPane.java
--- a/netx/net/sourceforge/jnlp/security/AccessWarningPane.java	Wed Mar 05 15:43:03 2014 +0100
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,213 +0,0 @@
-/* AccessWarningPane.java
-   Copyright (C) 2008 Red Hat, Inc.
-
-This file is part of IcedTea.
-
-IcedTea is free software; you can redistribute it and/or
-modify it under the terms of the GNU General Public License as published by
-the Free Software Foundation, version 2.
-
-IcedTea is distributed in the hope that it will be useful,
-but WITHOUT ANY WARRANTY; without even the implied warranty of
-MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-General Public License for more details.
-
-You should have received a copy of the GNU General Public License
-along with IcedTea; see the file COPYING.  If not, write to
-the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
-02110-1301 USA.
-
-Linking this library statically or dynamically with other modules is
-making a combined work based on this library.  Thus, the terms and
-conditions of the GNU General Public License cover the whole
-combination.
-
-As a special exception, the copyright holders of this library give you
-permission to link this library with independent modules to produce an
-executable, regardless of the license terms of these independent
-modules, and to copy and distribute the resulting executable under
-terms of your choice, provided that you also meet, for each linked
-independent module, the terms and conditions of the license of that
-module.  An independent module is a module which is not derived from
-or based on this library.  If you modify this library, you may extend
-this exception to your version of the library, but you are not
-obligated to do so.  If you do not wish to do so, delete this
-exception statement from your version.
-*/
-
-package net.sourceforge.jnlp.security;
-
-import static net.sourceforge.jnlp.runtime.Translator.R;
-
-import java.awt.BorderLayout;
-import java.awt.Color;
-import java.awt.Dimension;
-import java.awt.FlowLayout;
-import java.awt.Font;
-import java.awt.GridLayout;
-import java.awt.event.ActionEvent;
-import java.awt.event.ActionListener;
-
-import javax.swing.BorderFactory;
-import javax.swing.BoxLayout;
-import javax.swing.ImageIcon;
-import javax.swing.JButton;
-import javax.swing.JCheckBox;
-import javax.swing.JLabel;
-import javax.swing.JPanel;
-import javax.swing.SwingConstants;
-
-import net.sourceforge.jnlp.JNLPFile;
-import net.sourceforge.jnlp.security.SecurityDialogs.AccessType;
-import net.sourceforge.jnlp.util.FileUtils;
-
-/**
- * Provides a panel to show inside a SecurityDialog. These dialogs are
- * used to warn the user when either signed code (with or without signing
- * issues) is going to be run, or when service permission (file, clipboard,
- * printer, etc) is needed with unsigned code.
- *
- * @author <a href="mailto:jsumali at redhat.com">Joshua Sumali</a>
- */
-public class AccessWarningPane extends SecurityDialogPanel {
-
-    JCheckBox alwaysAllow;
-    Object[] extras;
-
-    public AccessWarningPane(SecurityDialog x, CertVerifier certVerifier) {
-        super(x, certVerifier);
-        addComponents();
-    }
-
-    public AccessWarningPane(SecurityDialog x, Object[] extras, CertVerifier certVerifier) {
-        super(x, certVerifier);
-        this.extras = extras;
-        addComponents();
-    }
-
-    /**
-     * Creates the actual GUI components, and adds it to this panel
-     */
-    private void addComponents() {
-        AccessType type = parent.getAccessType();
-        JNLPFile file = parent.getFile();
-
-        String name = "";
-        String publisher = "";
-        String from = "";
-
-        //We don't worry about exceptions when trying to fill in
-        //these strings -- we just want to fill in as many as possible.
-        try {
-            name = file.getInformation().getTitle() != null ? file.getInformation().getTitle() : R("SNoAssociatedCertificate");
-        } catch (Exception e) {
-        }
-
-        try {
-            publisher = file.getInformation().getVendor() != null ? 
-                    file.getInformation().getVendor() + " " + R("SUnverified") : 
-                    R("SNoAssociatedCertificate");
-        } catch (Exception e) {
-        }
-
-        try {
-            from = !file.getInformation().getHomepage().toString().equals("") ? file.getInformation().getHomepage().toString() : file.getSourceLocation().getAuthority();
-        } catch (Exception e) {
-            from = file.getSourceLocation().getAuthority();
-        }
-
-        //Top label
-        String topLabelText = "";
-        switch (type) {
-            case READ_FILE:
-                if (extras != null && extras.length > 0 && extras[0] instanceof String) {
-                    topLabelText = R("SFileReadAccess", FileUtils.displayablePath((String) extras[0]));
-                } else {
-                    topLabelText = R("SFileReadAccess", R("AFileOnTheMachine"));
-                }
-                break;
-            case WRITE_FILE:
-                if (extras != null && extras.length > 0 && extras[0] instanceof String) {
-                    topLabelText = R("SFileWriteAccess", FileUtils.displayablePath((String) extras[0]));
-                } else {
-                    topLabelText = R("SFileWriteAccess", R("AFileOnTheMachine"));
-                }
-                break;
-            case CREATE_DESTKOP_SHORTCUT:
-                topLabelText = R("SDesktopShortcut");
-                break;
-            case CLIPBOARD_READ:
-                topLabelText = R("SClipboardReadAccess");
-                break;
-            case CLIPBOARD_WRITE:
-                topLabelText = R("SClipboardWriteAccess");
-                break;
-            case PRINTER:
-                topLabelText = R("SPrinterAccess");
-                break;
-            case NETWORK:
-                if (extras != null && extras.length >= 0)
-                    topLabelText = R("SNetworkAccess", extras[0]);
-                else
-                    topLabelText = R("SNetworkAccess", "(address here)");
-        }
-
-        ImageIcon icon = new ImageIcon((new sun.misc.Launcher()).getClassLoader().getResource("net/sourceforge/jnlp/resources/question.png"));
-        JLabel topLabel = new JLabel(htmlWrap(topLabelText), icon, SwingConstants.LEFT);
-        topLabel.setFont(new Font(topLabel.getFont().toString(),
-                        Font.BOLD, 12));
-        JPanel topPanel = new JPanel(new BorderLayout());
-        topPanel.setBackground(Color.WHITE);
-        topPanel.add(topLabel, BorderLayout.CENTER);
-        topPanel.setPreferredSize(new Dimension(450, 100));
-        topPanel.setBorder(BorderFactory.createEmptyBorder(10, 10, 10, 10));
-
-        //application info
-        JLabel nameLabel = new JLabel(R("Name") + ":   " + name);
-        nameLabel.setBorder(BorderFactory.createEmptyBorder(5, 5, 5, 5));
-        JLabel publisherLabel = new JLabel(R("Publisher") + ": " + publisher);
-        publisherLabel.setBorder(BorderFactory.createEmptyBorder(5, 5, 5, 5));
-        JLabel fromLabel = new JLabel(R("From") + ":   " + from);
-        fromLabel.setBorder(BorderFactory.createEmptyBorder(5, 5, 5, 5));
-
-        alwaysAllow = new JCheckBox(R("AlwaysAllowAction"));
-        alwaysAllow.setEnabled(false);
-
-        JPanel infoPanel = new JPanel(new GridLayout(4, 1));
-        infoPanel.add(nameLabel);
-        infoPanel.add(publisherLabel);
-        infoPanel.add(fromLabel);
-        infoPanel.add(alwaysAllow);
-        infoPanel.setBorder(BorderFactory.createEmptyBorder(25, 25, 25, 25));
-
-        //run and cancel buttons
-        JPanel buttonPanel = new JPanel(new FlowLayout(FlowLayout.RIGHT));
-
-        JButton run = new JButton(R("ButAllow"));
-        JButton cancel = new JButton(R("ButCancel"));
-        run.addActionListener(createSetValueListener(parent, 0));
-        run.addActionListener(new CheckBoxListener());
-        cancel.addActionListener(createSetValueListener(parent, 1));
-        initialFocusComponent = cancel;
-        buttonPanel.add(run);
-        buttonPanel.add(cancel);
-        buttonPanel.setBorder(BorderFactory.createEmptyBorder(10, 10, 10, 10));
-
-        //all of the above
-        setLayout(new BoxLayout(this, BoxLayout.Y_AXIS));
-        add(topPanel);
-        add(infoPanel);
-        add(buttonPanel);
-
-    }
-
-    private class CheckBoxListener implements ActionListener {
-        public void actionPerformed(ActionEvent e) {
-            if (alwaysAllow != null && alwaysAllow.isSelected()) {
-                // TODO: somehow tell the ApplicationInstance
-                // to stop asking for permission
-            }
-        }
-    }
-
-}
diff -r 907fe0c8a3fa -r 0a36108ce4b9 netx/net/sourceforge/jnlp/security/AppTrustWarningDialog.java
--- a/netx/net/sourceforge/jnlp/security/AppTrustWarningDialog.java	Wed Mar 05 15:43:03 2014 +0100
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,68 +0,0 @@
-/* Copyright (C) 2013 Red Hat, Inc.
-
-This file is part of IcedTea.
-
-IcedTea is free software; you can redistribute it and/or
-modify it under the terms of the GNU General Public License as published by
-the Free Software Foundation, version 2.
-
-IcedTea is distributed in the hope that it will be useful,
-but WITHOUT ANY WARRANTY; without even the implied warranty of
-MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-General Public License for more details.
-
-You should have received a copy of the GNU General Public License
-along with IcedTea; see the file COPYING.  If not, write to
-the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
-02110-1301 USA.
-
-Linking this library statically or dynamically with other modules is
-making a combined work based on this library.  Thus, the terms and
-conditions of the GNU General Public License cover the whole
-combination.
-
-As a special exception, the copyright holders of this library give you
-permission to link this library with independent modules to produce an
-executable, regardless of the license terms of these independent
-modules, and to copy and distribute the resulting executable under
-terms of your choice, provided that you also meet, for each linked
-independent module, the terms and conditions of the license of that
-module.  An independent module is a module which is not derived from
-or based on this library.  If you modify this library, you may extend
-this exception to your version of the library, but you are not
-obligated to do so.  If you do not wish to do so, delete this
-exception statement from your version.
- */
-
-package net.sourceforge.jnlp.security;
-
-import net.sourceforge.jnlp.JNLPFile;
-import net.sourceforge.jnlp.security.AppTrustWarningPanel.ActionChoiceListener;
-import net.sourceforge.jnlp.security.AppTrustWarningPanel.AppSigningWarningAction;
-
-/**
- * A panel that confirms that the user is OK with unsigned code running.
- */
-public class AppTrustWarningDialog extends SecurityDialogPanel {
-
-    private AppTrustWarningDialog(final SecurityDialog dialog) {
-        super(dialog);
-    }
-
-    public static AppTrustWarningDialog unsigned(final SecurityDialog dialog, final JNLPFile file) {
-        final AppTrustWarningDialog warningDialog = new AppTrustWarningDialog(dialog);
-        warningDialog.add(new UnsignedAppletTrustWarningPanel(file, warningDialog.getActionChoiceListener()));
-        return warningDialog;
-    }
-
-    private ActionChoiceListener getActionChoiceListener() {
-        return new ActionChoiceListener() {
-            @Override
-            public void actionChosen(final AppSigningWarningAction action) {
-                parent.setValue(action);
-                parent.dispose();
-            }
-        };
-    }
-
-}
diff -r 907fe0c8a3fa -r 0a36108ce4b9 netx/net/sourceforge/jnlp/security/AppTrustWarningPanel.java
--- a/netx/net/sourceforge/jnlp/security/AppTrustWarningPanel.java	Wed Mar 05 15:43:03 2014 +0100
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,338 +0,0 @@
-/* Copyright (C) 2013 Red Hat, Inc.
-
-This file is part of IcedTea.
-
-IcedTea is free software; you can redistribute it and/or
-modify it under the terms of the GNU General Public License as published by
-the Free Software Foundation, version 2.
-
-IcedTea is distributed in the hope that it will be useful,
-but WITHOUT ANY WARRANTY; without even the implied warranty of
-MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-General Public License for more details.
-
-You should have received a copy of the GNU General Public License
-along with IcedTea; see the file COPYING.  If not, write to
-the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
-02110-1301 USA.
-
-Linking this library statically or dynamically with other modules is
-making a combined work based on this library.  Thus, the terms and
-conditions of the GNU General Public License cover the whole
-combination.
-
-As a special exception, the copyright holders of this library give you
-permission to link this library with independent modules to produce an
-executable, regardless of the license terms of these independent
-modules, and to copy and distribute the resulting executable under
-terms of your choice, provided that you also meet, for each linked
-independent module, the terms and conditions of the license of that
-module.  An independent module is a module which is not derived from
-or based on this library.  If you modify this library, you may extend
-this exception to your version of the library, but you are not
-obligated to do so.  If you do not wish to do so, delete this
-exception statement from your version.
- */
-
-package net.sourceforge.jnlp.security;
-
-import static net.sourceforge.jnlp.runtime.Translator.R;
-
-import java.awt.BorderLayout;
-import java.awt.Color;
-import java.awt.Dimension;
-import java.awt.FlowLayout;
-import java.awt.Font;
-import java.awt.GridLayout;
-import java.awt.event.ActionEvent;
-import java.awt.event.ActionListener;
-import java.util.ArrayList;
-import java.util.List;
-
-import javax.swing.BorderFactory;
-import javax.swing.BoxLayout;
-import javax.swing.ButtonGroup;
-import javax.swing.ImageIcon;
-import javax.swing.JButton;
-import javax.swing.JCheckBox;
-import javax.swing.JDialog;
-import javax.swing.JLabel;
-import javax.swing.JPanel;
-import javax.swing.JRadioButton;
-import javax.swing.SwingConstants;
-
-import net.sourceforge.jnlp.JNLPFile;
-import net.sourceforge.jnlp.security.appletextendedsecurity.ExecuteAppletAction;
-import net.sourceforge.jnlp.security.appletextendedsecurity.ExtendedAppletSecurityHelp;
-import net.sourceforge.jnlp.util.ScreenFinder;
-
-/*
- * This class is meant to provide a common layout and functionality for warning dialogs
- * that appear when the user needs to confirm the running of applets/applications.
- * Subclasses include UnsignedAppletTrustWarningPanel, for unsigned plugin applets, and
- * PartiallySignedAppTrustWarningPanel, for partially signed JNLP applications as well as
- * plugin applets. New implementations should be added to the unit test at
- * unit/net/sourceforge/jnlp/security/AppTrustWarningPanelTest
- */
-public abstract class AppTrustWarningPanel extends JPanel {
-
-    /*
-     * Details of decided action.
-     */
-    public static class AppSigningWarningAction {
-        private ExecuteAppletAction action;
-        private boolean applyToCodeBase;
-
-        public AppSigningWarningAction(ExecuteAppletAction action,
-                boolean applyToCodeBase) {
-            this.action = action;
-            this.applyToCodeBase = applyToCodeBase;
-        }
-
-        public ExecuteAppletAction getAction() {
-            return action;
-        }
-
-        public boolean rememberForCodeBase() {
-            return applyToCodeBase;
-        }
-    }
-
-    /*
-     * Callback for when action is decided.
-     */
-    public static interface ActionChoiceListener {
-        void actionChosen(AppSigningWarningAction action);
-    }
-
-    protected int PANE_WIDTH = 500;
-
-    protected int TOP_PANEL_HEIGHT = 60;
-    protected int INFO_PANEL_HEIGHT = 140;
-    protected int INFO_PANEL_HINT_HEIGHT = 25;
-    protected int QUESTION_PANEL_HEIGHT = 35;
-
-    protected List<JButton> buttons;
-    protected JButton allowButton;
-    protected JButton rejectButton;
-    protected JButton helpButton;
-    protected JCheckBox permanencyCheckBox;
-    protected JRadioButton applyToAppletButton;
-    protected JRadioButton applyToCodeBaseButton;
-
-    protected JNLPFile file;
-
-    protected ActionChoiceListener actionChoiceListener;
-
-    /*
-     * Subclasses should call addComponents() IMMEDIATELY after calling the super() constructor!
-     */
-    public AppTrustWarningPanel(JNLPFile file, ActionChoiceListener actionChoiceListener) {
-        this.file = file;
-        this.actionChoiceListener = actionChoiceListener;
-        this.buttons = new ArrayList<JButton>();
-
-        allowButton = new JButton(R("ButProceed"));
-        rejectButton = new JButton(R("ButCancel"));
-        helpButton = new JButton(R("APPEXTSECguiPanelHelpButton"));
-
-        allowButton.addActionListener(chosenActionSetter(true));
-        rejectButton.addActionListener(chosenActionSetter(false));
-
-        helpButton.addActionListener(getHelpButtonAction());
-
-        buttons.add(allowButton);
-        buttons.add(rejectButton);
-        buttons.add(helpButton);
-    }
-
-    /*
-     * Provides an image to be displayed near the upper left corner of the dialog.
-     */
-    protected abstract ImageIcon getInfoImage();
-
-    /*
-     * Provides a short description of why the dialog is appearing. The message is expected to be HTML-formatted.
-     */
-    protected abstract String getTopPanelText();
-
-    /*
-     * Provides in-depth information on why the dialog is appearing. The message is expected to be HTML-formatted.

From jvanek at redhat.com  Wed Mar  5 07:42:26 2014
From: jvanek at redhat.com (Jiri Vanek)
Date: Wed, 05 Mar 2014 16:42:26 +0100
Subject: [rfc][icedtea-web] fixing the not downlaoded href in jnlpfile
In-Reply-To: <53174396.7000808@redhat.com>
References: <52FB93A4.4000100@redhat.com> <53174396.7000808@redhat.com>
Message-ID: <531745E2.9030608@redhat.com>

On 03/05/2014 04:32 PM, Andrew Azores wrote:
> On 02/12/2014 10:30 AM, Jiri Vanek wrote:
>> the hreffed jnlp file was not used if its caller was remote file. This patch should fix it.
>>
>>
>> J.
>>
>> please note the changed reproducer. The change is exactly coresponding with I changed in Luncher. So I hope it is correct.
>>
>> The living reproducer can be the https://java.net/downloads/electric/electric.jnlp from yesterdays Fatal: Read Error: Could not read or parse the JNLP file thread
>
> electric.jnlp doesn't seem to work with or without this patch.
>
> Thanks,
>

Yes it is not.It have invalid certificates.
The patch works, if electricity downlaod all encessary jnl/jars.

J.

From aazores at redhat.com  Wed Mar  5 07:32:38 2014
From: aazores at redhat.com (Andrew Azores)
Date: Wed, 05 Mar 2014 10:32:38 -0500
Subject: [rfc][icedtea-web] fixing the not downlaoded href in jnlpfile
In-Reply-To: <52FB93A4.4000100@redhat.com>
References: <52FB93A4.4000100@redhat.com>
Message-ID: <53174396.7000808@redhat.com>

On 02/12/2014 10:30 AM, Jiri Vanek wrote:
> the hreffed jnlp file was not used if its caller was remote file. This 
> patch should fix it.
>
>
> J.
>
> please note the changed reproducer. The change is exactly 
> coresponding  with I changed in Luncher. So I hope it is correct.
>
> The living reproducer can be the 
> https://java.net/downloads/electric/electric.jnlp from  yesterdays 
>  Fatal: Read Error: Could not read or parse the JNLP file thread

electric.jnlp doesn't seem to work with or without this patch.

Thanks,

-- 
Andrew A


From aazores at redhat.com  Wed Mar  5 08:08:59 2014
From: aazores at redhat.com (Andrew Azores)
Date: Wed, 05 Mar 2014 11:08:59 -0500
Subject: [rfc][icedtea-web] fixing the not downlaoded href in jnlpfile
In-Reply-To: <531745E2.9030608@redhat.com>
References: <52FB93A4.4000100@redhat.com> <53174396.7000808@redhat.com>
	<531745E2.9030608@redhat.com>
Message-ID: <53174C1B.9040505@redhat.com>

On 03/05/2014 10:42 AM, Jiri Vanek wrote:
> On 03/05/2014 04:32 PM, Andrew Azores wrote:
>> On 02/12/2014 10:30 AM, Jiri Vanek wrote:
>>> the hreffed jnlp file was not used if its caller was remote file. 
>>> This patch should fix it.
>>>
>>>
>>> J.
>>>
>>> please note the changed reproducer. The change is exactly 
>>> coresponding with I changed in Luncher. So I hope it is correct.
>>>
>>> The living reproducer can be the 
>>> https://java.net/downloads/electric/electric.jnlp from yesterdays 
>>> Fatal: Read Error: Could not read or parse the JNLP file thread
>>
>> electric.jnlp doesn't seem to work with or without this patch.
>>
>> Thanks,
>>
>
> Yes it is not.It have invalid certificates.
> The patch works, if electricity downlaod all encessary jnl/jars.
>
> J.

Okay to push then.

Thanks,

-- 
Andrew A


From jvanek at redhat.com  Wed Mar  5 08:23:19 2014
From: jvanek at redhat.com (Jiri Vanek)
Date: Wed, 05 Mar 2014 17:23:19 +0100
Subject: [rfc][icedtea-web] save  runn urls to property
In-Reply-To: <531731A7.6000006@redhat.com>
References: <5304C60C.5070608@redhat.com> <5316531D.7010304@redhat.com>
	<53173282.7020401@redhat.com> <531731A7.6000006@redhat.com>
Message-ID: <53174F77.2070209@redhat.com>

On 03/05/2014 03:16 PM, Andrew Azores wrote:
> On 03/05/2014 09:19 AM, Jiri Vanek wrote:
>> On 03/04/2014 11:26 PM, Andrew Azores wrote:
>>> On 02/19/2014 09:56 AM, Jiri Vanek wrote:
>>>> hi!
>>>>
>>>> As java abrt connector is sending quite good reports, the url, on which I can reproduce the issue is missing. So always my first question in bug is "may you please post url" ?
>>>>
>>>> Also java connector is printing out system properties. So it crossed my mind to store the launched jnlps/htmls for this usage. I have quite mixed feelings about it but do not have it makes java-abrt-connector a bit useless (users donot care to much about auto generated bugs)
>>>> - see https://bugzilla.redhat.com/show_bug.cgi?id=1060390
>>>>
>>>> This needs also some more work on java-abrt-conenctor - see https://github.com/jfilak/abrt-java-connector/issues/34
>>>>
>>>> J.
>>>
>>> I like the intent behind the patch but I don't know if I really like using system properties for this :/
>>
>> I'm not sure with them too:(
>>
>> > not that I have any better ideas off the top of my head.
>>
>> The abrt agent can actually do anything. My another idea is to store it in some static (private) variable. The whitleist in issue 34 will then be package.class fieldName
>
> I didn't know that this would be an option. This sounds much, much better to me.
>
>>
>> > But this just does not seem to me like what the properties are meant to be used for.
>>
>> Agree. And my concern is that with this, *maybe* (but probably) all appelts which can read properties, will be able to spy history.
>
> Yea, and this is really not a good mechanism to be providing.
>
>>
>> I have commented also https://github.com/jfilak/abrt-java-connector/issues/34
>>> It seems like nobody else is chiming in with any better ideas, and you're right that the automatic bug reports are a little bit useless without something like this, so if you have no better implementations in mind then I suppose this will have to suffice.
>>
>> What do you thnk about this approach? (otherwise it will be same)
>> Thank you!
>>

So here is version with field.

the whitelist then will be:
netx.net.sourceforge.jnlp.runtime.JNLPRuntime history


J
-------------- next part --------------
A non-text attachment was scrubbed...
Name: saveRatherToPRivateField.patch
Type: text/x-patch
Size: 2505 bytes
Desc: not available
Url : http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140305/44fc961d/saveRatherToPRivateField.patch 

From aazores at redhat.com  Wed Mar  5 08:24:28 2014
From: aazores at redhat.com (Andrew Azores)
Date: Wed, 05 Mar 2014 11:24:28 -0500
Subject: [rfc][icedtea-web] save  runn urls to property
In-Reply-To: <53174F77.2070209@redhat.com>
References: <5304C60C.5070608@redhat.com> <5316531D.7010304@redhat.com>
	<53173282.7020401@redhat.com> <531731A7.6000006@redhat.com>
	<53174F77.2070209@redhat.com>
Message-ID: <53174FBC.6080407@redhat.com>

On 03/05/2014 11:23 AM, Jiri Vanek wrote:
> On 03/05/2014 03:16 PM, Andrew Azores wrote:
>> On 03/05/2014 09:19 AM, Jiri Vanek wrote:
>>> On 03/04/2014 11:26 PM, Andrew Azores wrote:
>>>> On 02/19/2014 09:56 AM, Jiri Vanek wrote:
>>>>> hi!
>>>>>
>>>>> As java abrt connector is sending quite good reports, the url, on 
>>>>> which I can reproduce the issue is missing. So always my first 
>>>>> question in bug is "may you please post url" ?
>>>>>
>>>>> Also java connector is printing out system properties. So it 
>>>>> crossed my mind to store the launched jnlps/htmls for this usage. 
>>>>> I have quite mixed feelings about it but do not have it makes 
>>>>> java-abrt-connector a bit useless (users donot care to much about 
>>>>> auto generated bugs)
>>>>> - see https://bugzilla.redhat.com/show_bug.cgi?id=1060390
>>>>>
>>>>> This needs also some more work on java-abrt-conenctor - see 
>>>>> https://github.com/jfilak/abrt-java-connector/issues/34
>>>>>
>>>>> J.
>>>>
>>>> I like the intent behind the patch but I don't know if I really 
>>>> like using system properties for this :/
>>>
>>> I'm not sure with them too:(
>>>
>>> > not that I have any better ideas off the top of my head.
>>>
>>> The abrt agent can actually do anything. My another idea is to store 
>>> it in some static (private) variable. The whitleist in issue 34 will 
>>> then be package.class fieldName
>>
>> I didn't know that this would be an option. This sounds much, much 
>> better to me.
>>
>>>
>>> > But this just does not seem to me like what the properties are 
>>> meant to be used for.
>>>
>>> Agree. And my concern is that with this, *maybe* (but probably) all 
>>> appelts which can read properties, will be able to spy history.
>>
>> Yea, and this is really not a good mechanism to be providing.
>>
>>>
>>> I have commented also 
>>> https://github.com/jfilak/abrt-java-connector/issues/34
>>>> It seems like nobody else is chiming in with any better ideas, and 
>>>> you're right that the automatic bug reports are a little bit 
>>>> useless without something like this, so if you have no better 
>>>> implementations in mind then I suppose this will have to suffice.
>>>
>>> What do you thnk about this approach? (otherwise it will be same)
>>> Thank you!
>>>
>
> So here is version with field.
>
> the whitelist then will be:
> netx.net.sourceforge.jnlp.runtime.JNLPRuntime history
>
>
> J

Yes, this looks so much better to me. Assuming abrt-connector can't just 
call an arbitrary method rather than reading a field, I think this is ok 
to push. If it can call a method though, it would probably be better to 
store the URLs as a Set and then return it as a String on demand. But if 
this isn't possible then storing it as a String is good enough.

Thanks,

-- 
Andrew A


From omajid at redhat.com  Wed Mar  5 08:33:58 2014
From: omajid at redhat.com (Omair Majid)
Date: Wed, 5 Mar 2014 11:33:58 -0500
Subject: [rfc][icedtea-web] save  runn urls to property
In-Reply-To: <53174F77.2070209@redhat.com>
References: <5304C60C.5070608@redhat.com> <5316531D.7010304@redhat.com>
	<53173282.7020401@redhat.com> <531731A7.6000006@redhat.com>
	<53174F77.2070209@redhat.com>
Message-ID: <20140305163358.GE2011@redhat.com>

Hi,

* Jiri Vanek <jvanek at redhat.com> [2014-03-05 11:16]:

> diff -r 0a36108ce4b9 netx/net/sourceforge/jnlp/runtime/JNLPRuntime.java

> +    /*urls lunching this application*/
> +    private static String history = "";

> +    public static void saveHistory(String documentBase) {
> +        //java-abrt-connector can print out specific application String field, it is good to save visited urls for reproduce purposes
> +        //for javaws we can read the destination jnlp from commandline
> +        //hoever for plugin (url arrive via pipes)? Also for plugin ve can not be sure which opened tab/window
> +        //have casued the crash,. Thats why the individual urls are added, not repalced.

Would it make more sense to put this comment on the field? If I am
trying to find the reason for existence of a field, I am more likely to
look at the field first than the code that touches it.

> diff -r 0a36108ce4b9 plugin/icedteanp/java/sun/applet/PluginAppletViewer.java

>                              "Height = ", height, "\n",
>                              "DocumentBase = ", documentBase, "\n",
>                              "Params = ", paramString);
> +        JNLPRuntime.saveHistory(documentBase);
>  
>          PluginAppletPanelFactory factory = new PluginAppletPanelFactory();
>          AppletMessageHandler amh = new AppletMessageHandler("appletviewer");

Will this work correctly when multiple applets are initializing? Is
thread safety something we have to consider?

Thanks,
Omair

-- 
PGP Key: 66484681 (http://pgp.mit.edu/)
Fingerprint = F072 555B 0A17 3957 4E95  0056 F286 F14F 6648 4681

From jvanek at redhat.com  Wed Mar  5 08:53:39 2014
From: jvanek at redhat.com (Jiri Vanek)
Date: Wed, 05 Mar 2014 17:53:39 +0100
Subject: [rfc][icedtea-web] save  runn urls to property
In-Reply-To: <20140305163358.GE2011@redhat.com>
References: <5304C60C.5070608@redhat.com> <5316531D.7010304@redhat.com>
	<53173282.7020401@redhat.com> <531731A7.6000006@redhat.com>
	<53174F77.2070209@redhat.com> <20140305163358.GE2011@redhat.com>
Message-ID: <53175693.3010607@redhat.com>

On 03/05/2014 05:33 PM, Omair Majid wrote:
> Hi,
>
> * Jiri Vanek<jvanek at redhat.com>  [2014-03-05 11:16]:
>
>> diff -r 0a36108ce4b9 netx/net/sourceforge/jnlp/runtime/JNLPRuntime.java
>
>> +    /*urls lunching this application*/
>> +    private static String history = "";
>
>> +    public static void saveHistory(String documentBase) {
>> +        //java-abrt-connector can print out specific application String field, it is good to save visited urls for reproduce purposes
>> +        //for javaws we can read the destination jnlp from commandline
>> +        //hoever for plugin (url arrive via pipes)? Also for plugin ve can not be sure which opened tab/window
>> +        //have casued the crash,. Thats why the individual urls are added, not repalced.
>
> Would it make more sense to put this comment on the field? If I am
> trying to find the reason for existence of a field, I am more likely to
> look at the field first than the code that touches it.

Sure.
>
>> diff -r 0a36108ce4b9 plugin/icedteanp/java/sun/applet/PluginAppletViewer.java
>
>>                               "Height = ", height, "\n",
>>                               "DocumentBase = ", documentBase, "\n",
>>                               "Params = ", paramString);
>> +        JNLPRuntime.saveHistory(documentBase);
>>
>>           PluginAppletPanelFactory factory = new PluginAppletPanelFactory();
>>           AppletMessageHandler amh = new AppletMessageHandler("appletviewer");
>
> Will this work correctly when multiple applets are initializing? Is
> thread safety something we have to consider?
>

Well. It is handled in message consumer thread. So it should be perfectly safe.
But I would guess synchronised keyword for saveHistroy will not harm if you insists.

J.

From aazores at redhat.com  Wed Mar  5 09:01:22 2014
From: aazores at redhat.com (Andrew Azores)
Date: Wed, 05 Mar 2014 12:01:22 -0500
Subject: [rfc][icedtea-web][policyeditor] Parsing enhancements and unit tests
Message-ID: <53175862.8080408@redhat.com>

Hi,

The previous thread was diverging into two quite different patches, so 
I'm splitting it.

This patch improves parsing, especially handling of comments, and adds a 
lot of new unit testing for this. A few small bugs were found and fixed 
along the way.

ChangeLog:
* NEWS: added entry for PolicyEditor
* netx/net/sourceforge/jnlp/security/policyeditor/CustomPermission.java:
(fromString) use regexes to parse
* netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java:
(file) keep reference to File rather than String filePath. (getPermissions)
returns empty map rather than null.  (setComponentMnemonic) new method.
(getCustomPermissions) new function. (openAndParsePolicyFile) check for
OpenFileResult FAILURE and NOT_FILE rather than null
* 
netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditorPermissions.java:
(fromString) use regexes to parse
* netx/net/sourceforge/jnlp/util/FileUtils.java:
(testDirectoryPermissions) add check for getCanonicalFile and null
safeguarding. (testFilePermissions) add check for getCanonicalFile and
return FAILURE rather than null
* 
tests/netx/unit/net/sourceforge/jnlp/security/policyeditor/CustomPermissionTest.java:
(testMissingQuotationMarks) new test
* 
tests/netx/unit/net/sourceforge/jnlp/security/policyeditor/PolicyEditorTest.java:
(testReturnedCustomPermissionsSetIsCopy,
testCodebaseTrailingSlashesDoNotMatch) new tests
* 
tests/netx/unit/net/sourceforge/jnlp/security/policyeditor/PolicyEditorParsingTest.java:
new tests

Thanks,

-- 
Andrew A

-------------- next part --------------
A non-text attachment was scrubbed...
Name: policy-editor-parsing-tests.patch
Type: text/x-patch
Size: 50577 bytes
Desc: not available
Url : http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140305/242e212f/policy-editor-parsing-tests-0001.patch 

From bugzilla-daemon at icedtea.classpath.org  Wed Mar  5 10:54:38 2014
From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org)
Date: Wed, 05 Mar 2014 18:54:38 +0000
Subject: [Bug 1687] Failure of plugin in connecting to WebEx on a Fedora 20
	64-bit plus Firefox 27
In-Reply-To: <bug-1687-30@http.icedtea.classpath.org/bugzilla/>
References: <bug-1687-30@http.icedtea.classpath.org/bugzilla/>
Message-ID: <bug-1687-30-ST0B1JJiwC@http.icedtea.classpath.org/bugzilla/>

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1687

--- Comment #5 from Andrew Azores <aazores at redhat.com> ---
(In reply to Harish Pillay from comment #3)
> I just tested it on another site:
> http://stilllistener.addr.com/checkpoint1/Java/ and the 2nd Java applet on
> that page (towards the bottom) failed as well and the stack trace is:
> 
> IcedTea-Web Plugin version: 1.4.2 (fedora-0.fc20-x86_64)
> Sat Mar 01 06:26:53 SGT 2014
> java.lang.NullPointerException
> 	at net.sourceforge.jnlp.NetxPanel.runLoader(NetxPanel.java:116)
> 	at sun.applet.AppletPanel.run(AppletPanel.java:380)
> 	at java.lang.Thread.run(Thread.java:744)

This happens occasionally, it's an intermittent problem unrelated to your
original bug report.

I'm still unable to determine what's causing the failure for you and one other
person here who I asked. It works fine for myself and most other users. Is
there anything you did in particular to come across this error? Does the WebEx
test page at [1] work for you?

[1] http://www.webex.com/test-meeting.html

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140305/33635b6f/attachment.html 

From aazores at redhat.com  Wed Mar  5 13:57:34 2014
From: aazores at redhat.com (Andrew Azores)
Date: Wed, 05 Mar 2014 16:57:34 -0500
Subject: [rfc][icedtea-web] javaws -version flag
Message-ID: <53179DCE.6070405@redhat.com>

Hi,

Adds a -version flag that simply prints out "icedtea-web $version" and 
exits. "-about -headless" sort of does this already, but it also 
includes a mini license.

Thanks,

-- 
Andrew A

-------------- next part --------------
A non-text attachment was scrubbed...
Name: javaws-version.patch
Type: text/x-patch
Size: 2715 bytes
Desc: not available
Url : http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140305/2dec8243/javaws-version.patch 

From bugzilla-daemon at icedtea.classpath.org  Thu Mar  6 00:05:42 2014
From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org)
Date: Thu, 06 Mar 2014 08:05:42 +0000
Subject: [Bug 1693] New: Could not find Xt -   Try installing libXt-devel
Message-ID: <bug-1693-30@http.icedtea.classpath.org/bugzilla/>

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1693

            Bug ID: 1693
           Summary: Could not find Xt -   Try installing libXt-devel
           Product: IcedTea
           Version: 6-1.12.8
          Hardware: 64-bit
                OS: Linux
            Status: NEW
          Severity: major
          Priority: P5
         Component: IcedTea
          Assignee: gnu.andrew at redhat.com
          Reporter: hiteckh at hotmail.com
                CC: unassigned at icedtea.classpath.org

the libXt is already installed however i still get this error when trying to
build through this command:

LLVM_CONFIG=/home/stde/Documents/icedtea6-1.12.8/llvm/Debug+Asserts/bin/llvm-config
./configure --enable-shark --disable-system-gif --disable-system-lcms
--disable-system-kerberos

checking for XT... no
configure: error: Could not find Xt -   Try installing libXt-devel.

best regards,

Hamza

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140306/a30e9191/attachment.html 

From bugzilla-daemon at icedtea.classpath.org  Thu Mar  6 00:45:57 2014
From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org)
Date: Thu, 06 Mar 2014 08:45:57 +0000
Subject: [Bug 1693] Could not find Xt -   Try installing libXt-devel
In-Reply-To: <bug-1693-30@http.icedtea.classpath.org/bugzilla/>
References: <bug-1693-30@http.icedtea.classpath.org/bugzilla/>
Message-ID: <bug-1693-30-jlZRDv2a9V@http.icedtea.classpath.org/bugzilla/>

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1693

Xerxes R?nby <xerxes at zafena.se> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |xerxes at zafena.se
           Severity|major                       |normal

--- Comment #1 from Xerxes R?nby <xerxes at zafena.se> ---
please include the following:
Which OS you are building icedtea?
Which version of libxt headers you are using?
Where are the libxt headers installed on your system?

For example on Debian you need to install both the libxt and libxt-dev package.

Many linux distributions has a way to download all build dependencies for
icedtea based on the distributions source package information.
example on debian you can install all/most of the build dependencies for
icedtea-6 by running.
apt-get build-dep openjdk-6

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140306/36e71428/attachment.html 

From bugzilla-daemon at icedtea.classpath.org  Thu Mar  6 03:44:11 2014
From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org)
Date: Thu, 06 Mar 2014 11:44:11 +0000
Subject: [Bug 1693] Could not find Xt -   Try installing libXt-devel
In-Reply-To: <bug-1693-30@http.icedtea.classpath.org/bugzilla/>
References: <bug-1693-30@http.icedtea.classpath.org/bugzilla/>
Message-ID: <bug-1693-30-yHAp6GnXw6@http.icedtea.classpath.org/bugzilla/>

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1693

--- Comment #2 from Hamza <hiteckh at hotmail.com> ---
Hi,
Thanks for the reply,

The OS I have is openSuse 13.1
I have libXt6 installed version 1.1.4-2.1.2  they are installed in:
/usr/lib64/libXt.so.6

I have also libXt-devel installed version 1.1.4-2.1.2 they are installed in:
/usr/include/X11
/usr/lib64/libXt.so
/usr/lib64/pkgconfig/xt.pc

Best Regards,
Hamza

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140306/c7abd8b4/attachment.html 

From jvanek at redhat.com  Thu Mar  6 04:43:42 2014
From: jvanek at redhat.com (Jiri Vanek)
Date: Thu, 06 Mar 2014 13:43:42 +0100
Subject: [rfc][icedtea-web] javaws -version flag
In-Reply-To: <53179DCE.6070405@redhat.com>
References: <53179DCE.6070405@redhat.com>
Message-ID: <53186D7E.8010608@redhat.com>

On 03/05/2014 10:57 PM, Andrew Azores wrote:
> Hi,
>
> Adds a -version flag that simply prints out "icedtea-web $version" and exits. "-about -headless" sort of does this already, but it also includes a mini license.
>
> Thanks,
>
Well if you wish., NEWS entry is missing. Otherwise ok to go.


We really *have to* add an generated man pages in as close future as possible....


J.

From jvanek at redhat.com  Thu Mar  6 06:07:46 2014
From: jvanek at redhat.com (Jiri Vanek)
Date: Thu, 06 Mar 2014 15:07:46 +0100
Subject: [rfc][icedtea-web][policyeditor] Parsing enhancements and unit
	tests
In-Reply-To: <53175862.8080408@redhat.com>
References: <53175862.8080408@redhat.com>
Message-ID: <53188132.2040009@redhat.com>

On 03/05/2014 06:01 PM, Andrew Azores wrote:
> Hi,
>
> The previous thread was diverging into two quite different patches, so I'm splitting it.
>
> This patch improves parsing, especially handling of comments, and adds a lot of new unit testing for this. A few small bugs were found and fixed along the way.
>

The Messages.properties changes are missing in in-pathc chagelog

public static CustomPermission fromString - more more and more tests. Try to hack yourself.  But generally ok.
Well the comment is poem-writer's masterpiece :) But better then nothing :)
The [\\w.] do not osund correct. The dot should be escaped to match dot, not any char. Or not? So this part will be:
[[\\w\\.]+\\w+] (nottested - to match [java.][io.][permissions] and nto eg dsgfgogfdsgjsfdghjsfd[hj as now :)
The content of quotes may be anything, ok? What about content to be qutes itself? (not jsut ${} eg?
The first quotes are mandatory, and the scond not? As far as I read from regex.
Why is compiled patter not global constant? It should be. It will not need recompile each launch time... Then there can be also some tests only to the regex itself.


Why is the  CustomPermission.fromStirng copypasted to PolicyEditorPermissions ???

Quick glance over tests is ook.

Thanx!
   J.

From aazores at icedtea.classpath.org  Thu Mar  6 06:18:52 2014
From: aazores at icedtea.classpath.org (aazores at icedtea.classpath.org)
Date: Thu, 06 Mar 2014 14:18:52 +0000
Subject: /hg/icedtea-web: Add -version flag
Message-ID: <hg.bbf4cc4319da.1394115532.8643924302249223276@icedtea.classpath.org>

changeset bbf4cc4319da in /hg/icedtea-web
details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=bbf4cc4319da
author: Andrew Azores <aazores at redhat.com>
date: Thu Mar 06 09:18:35 2014 -0500

	Add -version flag

	* NEWS: added -version flag entry
	* netx/net/sourceforge/jnlp/resources/Messages.properties: (BOVersion)
	new message for command line -version flag
	* netx/net/sourceforge/jnlp/runtime/Boot.java: (main) added "-version"
	flag


diffstat:

 ChangeLog                                               |   8 ++++++++
 NEWS                                                    |   1 +
 netx/net/sourceforge/jnlp/resources/Messages.properties |   1 +
 netx/net/sourceforge/jnlp/runtime/Boot.java             |  10 ++++++++--
 4 files changed, 18 insertions(+), 2 deletions(-)

diffs (85 lines):

diff -r 0a36108ce4b9 -r bbf4cc4319da ChangeLog
--- a/ChangeLog	Wed Mar 05 16:41:06 2014 +0100
+++ b/ChangeLog	Thu Mar 06 09:18:35 2014 -0500
@@ -1,3 +1,11 @@
+2014-03-06  Andrew Azores  <aazores at redhat.com>
+
+	* NEWS: added -version flag entry
+	* netx/net/sourceforge/jnlp/resources/Messages.properties: (BOVersion)
+	new message for command line -version flag
+	* netx/net/sourceforge/jnlp/runtime/Boot.java: (main) added "-version"
+	flag
+
 2014-03-05  Jiri Vanek  <jvanek at redhat.com>
 
 	All security dialogs moved to appropriate package
diff -r 0a36108ce4b9 -r bbf4cc4319da NEWS
--- a/NEWS	Wed Mar 05 16:41:06 2014 +0100
+++ b/NEWS	Thu Mar 06 09:18:35 2014 -0500
@@ -16,6 +16,7 @@
 * Dialogs center on screen before becoming visible
 * Support for u45 and u51 new manifest attributes (Application-Name, Codebase)
 * Custom applet permission policies panel in itweb-settings control panel
+* javaws -version flag
 * Cache Viewer
   - Can be closed by ESC key
   - Enabling and disabling of operational buttons is handled properly
diff -r 0a36108ce4b9 -r bbf4cc4319da netx/net/sourceforge/jnlp/resources/Messages.properties
--- a/netx/net/sourceforge/jnlp/resources/Messages.properties	Wed Mar 05 16:41:06 2014 +0100
+++ b/netx/net/sourceforge/jnlp/resources/Messages.properties	Thu Mar 06 09:18:35 2014 -0500
@@ -209,6 +209,7 @@
 BOLicense   = Display the GPL license and exit.
 BOVerbose   = Enable verbose output.
 BOAbout     = Shows a sample application.
+BOVersion   = Print the IcedTea-Web version and exit.
 BONosecurity= Disables the secure runtime environment.
 BONoupdate  = Disables checking for updates.
 BOHeadless  = Disables download window, other UIs.
diff -r 0a36108ce4b9 -r bbf4cc4319da netx/net/sourceforge/jnlp/runtime/Boot.java
--- a/netx/net/sourceforge/jnlp/runtime/Boot.java	Wed Mar 05 16:41:06 2014 +0100
+++ b/netx/net/sourceforge/jnlp/runtime/Boot.java	Thu Mar 06 09:18:35 2014 -0500
@@ -63,6 +63,8 @@
     public static final String name = Boot.class.getPackage().getImplementationTitle();
     public static final String version = Boot.class.getPackage().getImplementationVersion();
 
+    private static final String nameAndVersion = name + " " + version;
+
     private static final String miniLicense = "\n"
             + "   netx - an open-source JNLP client.\n"
             + "   Copyright (C) 2001-2003 Jon A. Maxwell (JAM)\n"
@@ -83,7 +85,7 @@
             + "\n";
 
     private static final String itwInfoMessage = ""
-            + name + " " + version
+            + nameAndVersion
             + "\n\n*  "
             + R("BAboutITW")
             + "\n*  "
@@ -102,6 +104,7 @@
             + "  -viewer               " + R("BOViewer") + "\n"
             + "\n"
             + "run-options:" + "\n"
+            + "  -version              " + R("BOVersion") + "\n"
             + "  -arg arg              " + R("BOArg") + "\n"
             + "  -param name=value     " + R("BOParam") + "\n"
             + "  -property name=value  " + R("BOProperty") + "\n"
@@ -138,14 +141,17 @@
         DeploymentConfiguration.move14AndOlderFilesTo15StructureCatched();
 
         if (null != getOption("-viewer")) {
-
             try {
                 CertificateViewer.main(null);
                 JNLPRuntime.exit(0);
             } catch (Exception e) {
                 OutputController.getLogger().log(OutputController.Level.ERROR_ALL, e);
             }
+        }
 
+        if (null != getOption("-version")) {
+            OutputController.getLogger().printOutLn(nameAndVersion);
+            JNLPRuntime.exit(0);
         }
 
         if (null != getOption("-license")) {

From bugzilla-daemon at icedtea.classpath.org  Thu Mar  6 07:49:13 2014
From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org)
Date: Thu, 06 Mar 2014 15:49:13 +0000
Subject: [Bug 1695] New: FileURLConnection inputstream isn't closed
Message-ID: <bug-1695-30@http.icedtea.classpath.org/bugzilla/>

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1695

            Bug ID: 1695
           Summary: FileURLConnection inputstream isn't closed
           Product: IcedTea
           Version: 6-1.13.1
          Hardware: x86_64
                OS: Linux
            Status: NEW
          Severity: major
          Priority: P5
         Component: IcedTea
          Assignee: gnu.andrew at redhat.com
          Reporter: stephan.meisinger at opitec.com
                CC: unassigned at icedtea.classpath.org

if an application calls getHeaderField(String) in
org.jboss.net.protocol.file.FileURLConnection 
an FileInputStream is generated. The handle stays open as a member variable. 

If the Connection is closed -> the handle stays open. 

so please overload the method 
void close() {
 super(close);
 if(is != null) {
   is.close();
 }
}

This could be a unintended functional change and could be avoided by adding a
flag "isStreamRead". This flag is set to true when stream is returned by 

public synchronized InputStream getInputStream();

void close() {
 super(close);
 if(is != null && !isStreamRead) {
   is.close();
 }
}

This is issue is also available in IceTea7.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140306/73ac9ffe/attachment.html 

From omajid at redhat.com  Thu Mar  6 07:59:11 2014
From: omajid at redhat.com (Omair Majid)
Date: Thu, 6 Mar 2014 10:59:11 -0500
Subject: [rfc][icedtea-web] javaws -version flag
In-Reply-To: <53186D7E.8010608@redhat.com>
References: <53179DCE.6070405@redhat.com>
 <53186D7E.8010608@redhat.com>
Message-ID: <20140306155911.GB1968@redhat.com>

* Jiri Vanek <jvanek at redhat.com> [2014-03-06 07:36]:
> On 03/05/2014 10:57 PM, Andrew Azores wrote:
> >Adds a -version flag that simply prints out "icedtea-web $version"
> >and exits. "-about -headless" sort of does this already, but it also
> >includes a mini license.
> >
> We really *have to* add an generated man pages in as close future as possible....

But since we only have a pre-written man page (netx/javaws.1) can you
please update that with this patch too?

Thanks,
Omair

-- 
PGP Key: 66484681 (http://pgp.mit.edu/)
Fingerprint = F072 555B 0A17 3957 4E95  0056 F286 F14F 6648 4681

From jvanek at redhat.com  Thu Mar  6 08:19:06 2014
From: jvanek at redhat.com (Jiri Vanek)
Date: Thu, 06 Mar 2014 17:19:06 +0100
Subject: [rfc][icedtea-web] New PartiallySigned Dialog
In-Reply-To: <53164E8D.90101@redhat.com>
References: <53164E8D.90101@redhat.com>
Message-ID: <53189FFA.3000404@redhat.com>

On 03/04/2014 11:07 PM, Andrew Azores wrote:
> Hi,
>
> This patch introduces a new PartiallySigned dialog to replace the NotAllSigned prompt. This new dialog uses the same abstracted parent class that was pulled out of the Unsigned dialog, so it uses the same remembered action storage and has the same general look and feel. This dialog also has a Sandbox button, just like CertWarningPane recently gained for fully signed applets, which allows partially signed ones to also be run with only sandbox permissions. Some more security info is also present on the dialog, eg the applet's publisher and codebase. Not yet included is a new Help text for this dialog, but this can be written up separately IMO. Right now it will just display the same Help as the Unsigned dialog.
>
> ChangeLog:
> Added new PartiallySigned Dialog to replace NotAllSignedWarningPane.
> Also includes a Sandbox button.
> * netx/net/sourceforge/jnlp/resources/Messages.properties:
> (APPEXTSecunsignedAppletActionSandbox, LPartiallySignedApplet,
> LPartiallySignedAppletUserDenied) new messages
> * netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java:
> Logic added for displaying new PartiallySigned dialog.
> (showNotAllSignedDialog) removed. (getSigningState) new method.
> (promptUserOnPartialSigning, userPromptedForPartialSigning) new methods for
> SecurityDelegate.
> * netx/net/sourceforge/jnlp/security/AppTrustWarningDialog.java:
> (partiallySigned) new method
> * netx/net/sourceforge/jnlp/security/AppTrustWarningPanel.java:
> (chosenActionSetter) refactored to allow Sandbox action. (setupInfoPanel) applet
> title made overrideable by subclasses
> * netx/net/sourceforge/jnlp/security/SecurityDialog.java: (NOTALLSIGNED_WARNING)
> renamed PARTIALLYSIGNED_WARNING, display new dialog rather than old
> * netx/net/sourceforge/jnlp/security/SecurityDialogs.java: (NOTALLSIGNED_WARNING)
> renamed PARTIALLYSIGNED_WARNING. (showNotAllSignedWarningDialog) removed.
> (showPartiallySignedWarningDialog) new method
> * netx/net/sourceforge/jnlp/security/appletextendedsecurity/ExecuteAppletAction.java:
> Added Sandbox action
> * netx/net/sourceforge/jnlp/security/appletextendedsecurity/UnsignedAppletTrustConfirmation.java:
> (checkPartiallySignedWithUserIfRequired) new method
> * tests/reproducers/custom/SignedAppletCodebaseLoading/testcases/SignedAppletCodebaseLoadingTests.java:
> test now passes since dialog will not appear if applet security is set to Low.
> KnownToFail removed.
> * tests/reproducers/custom/SignedAppletExternalMainClass/testcases/SignedAppletExternalMainClassTest.java:
> same
> * netx/net/sourceforge/jnlp/security/PartiallySignedAppTrustWarningPanel.java:
> new class
> * netx/net/sourceforge/jnlp/security/NotAllSignedWarningPane.java: deleted
> in favour of PartiallySignedAppTrustWarningPanel
>
> Thanks,
>
Ouch - "legacy" dialogs packages? :) Please dont forget to adapt changelog. For patch I think there will be more rounds. Also pls move your new dialogue to proper pacage.package

General thoughts:

SANDBOX_ALWAYS is not (going to be) supported? If so, the checbox and radiobuttons should be disabled (I have not noted it but I could overlook). But I' +1 to support SANDBOX_ALWAYS
  - if this will be supported, then there is going to be fun with the sandbox+custom policies saving :)

The removal of NotAllSignedWarningPane is not compelte. Please check also used Trasnlator.R keys. If they are dangling, please rmeove them from all Messages*.properties

You have removed:
-    @KnownToFail
-        assertTrue("NotAllSigned dialog will appear if this test runs. Remove this exception and KnownToFail "
-                + "when a proper replacement is in place", false);

How come? I think partialy signed dialogue should appear always, no matter of EAS level.
Or not?

+    protected String getAppletTitle() {
+        return R("SAppletTitle", file.getTitle());
+    }

(And few more methods about title) Wasn't this handled in previous push?

Can we have some testing main method as I added recently for unsigned warnng dialogue?


hmmm . . . I ahve just spotted usage of
type = AccessType.SIGNING_ERROR;
In this case this dialogue have sense also for JNLP files.
Then ~/icedtea-web-image/bin/javaws -allowredirect  http://java.net/projects/electric/downloads/download/WebStartFiles/electricAnt.jnlp would be an example... But it is something for think about for future work.



+    private String getSigningInfo() {
+        CertInformation info = jcv.getCertInformation(jcv.getCertPath(null));
+
+        AccessType type;
+        if (info != null && info.isRootInCacerts() && !info.hasSigningIssues()) {
+            type = AccessType.VERIFIED;
+        } else if (info != null && info.isRootInCacerts()) {
+            type = AccessType.SIGNING_ERROR;
+        } else {
+            type = AccessType.UNVERIFIED;
+        }
+
+        String mainText = "";
+        switch (type) {
+            case VERIFIED:
+                mainText = R("SSigVerified");
+                break;
+            case UNVERIFIED:
+                mainText = R("SSigUnverified");
+                break;
+            case SIGNING_ERROR:
+                mainText = R("SSignatureError");
+                break;
+        }
+
+        return mainText;
+    }

ouh thats looong way to return one of three strings :)


Good work otherwise,
   Thanx
    J.

From jvanek at redhat.com  Thu Mar  6 08:22:32 2014
From: jvanek at redhat.com (Jiri Vanek)
Date: Thu, 06 Mar 2014 17:22:32 +0100
Subject: [rfc][icedtea-web] javaws -version flag
In-Reply-To: <20140306155911.GB1968@redhat.com>
References: <53179DCE.6070405@redhat.com> <53186D7E.8010608@redhat.com>
	<20140306155911.GB1968@redhat.com>
Message-ID: <5318A0C8.5090507@redhat.com>

On 03/06/2014 04:59 PM, Omair Majid wrote:
> * Jiri Vanek<jvanek at redhat.com>  [2014-03-06 07:36]:
>> On 03/05/2014 10:57 PM, Andrew Azores wrote:
>>> Adds a -version flag that simply prints out "icedtea-web $version"
>>> and exits. "-about -headless" sort of does this already, but it also
>>> includes a mini license.
>>>
>> We really *have to* add an generated man pages in as close future as possible....
>
> But since we only have a pre-written man page (netx/javaws.1) can you
> please update that with this patch too?
>

I dont think it is worthy. The current man pages are really *outdated* :(


J.

From omajid at redhat.com  Thu Mar  6 08:15:52 2014
From: omajid at redhat.com (Omair Majid)
Date: Thu, 6 Mar 2014 11:15:52 -0500
Subject: [rfc][icedtea-web] javaws -version flag
In-Reply-To: <5318A0C8.5090507@redhat.com>
References: <53179DCE.6070405@redhat.com> <53186D7E.8010608@redhat.com>
	<20140306155911.GB1968@redhat.com> <5318A0C8.5090507@redhat.com>
Message-ID: <20140306161552.GC1968@redhat.com>

* Jiri Vanek <jvanek at redhat.com> [2014-03-06 11:14]:
> I dont think it is worthy. The current man pages are really *outdated* :(

I don't follow. If the pages are outdated, shouldn't we fix that by
updating them? Are we abandoning the man pages?

Thanks,
Omair

-- 
PGP Key: 66484681 (http://pgp.mit.edu/)
Fingerprint = F072 555B 0A17 3957 4E95  0056 F286 F14F 6648 4681

From jvanek at redhat.com  Thu Mar  6 08:37:14 2014
From: jvanek at redhat.com (Jiri Vanek)
Date: Thu, 06 Mar 2014 17:37:14 +0100
Subject: [rfc][icedtea-web] javaws -version flag
In-Reply-To: <20140306161552.GC1968@redhat.com>
References: <53179DCE.6070405@redhat.com> <53186D7E.8010608@redhat.com>
	<20140306155911.GB1968@redhat.com> <5318A0C8.5090507@redhat.com>
	<20140306161552.GC1968@redhat.com>
Message-ID: <5318A43A.5080305@redhat.com>

On 03/06/2014 05:15 PM, Omair Majid wrote:
> * Jiri Vanek<jvanek at redhat.com>  [2014-03-06 11:14]:
>> I dont think it is worthy. The current man pages are really *outdated* :(
>
> I don't follow. If the pages are outdated, shouldn't we fix that by
> updating them? Are we abandoning the man pages?
>

Yes we should. Only the good will is missing. First half of previous 8 months I was ignoring them willingly, because I hoped to have the generated ones prepared for 1.5.
But this task was moved to 1.6 due to new D-I-D attributes

Also you may note - icedtea=web man page is missing (it is jsut copy of current (outdated) javaws.1), itw-settings manpage is missing - and it is HUGE man page, and newly policyeditor is missing.

For javaws x icedtea-web man page see a bug in bugzilla. I have jsut spend 10 minutes by trying to connect to bugzilal without sucess[1]


J.

[1] https://bugzilla.redhat.com/show_bug.cgi?id=948443 it appeared just before press "sent" :)

From omajid at redhat.com  Thu Mar  6 08:52:33 2014
From: omajid at redhat.com (Omair Majid)
Date: Thu, 6 Mar 2014 11:52:33 -0500
Subject: [rfc][icedtea-web] javaws -version flag
In-Reply-To: <5318A43A.5080305@redhat.com>
References: <53179DCE.6070405@redhat.com> <53186D7E.8010608@redhat.com>
	<20140306155911.GB1968@redhat.com> <5318A0C8.5090507@redhat.com>
	<20140306161552.GC1968@redhat.com> <5318A43A.5080305@redhat.com>
Message-ID: <20140306165233.GD1968@redhat.com>

* Jiri Vanek <jvanek at redhat.com> [2014-03-06 11:29]:
> On 03/06/2014 05:15 PM, Omair Majid wrote:
> >* Jiri Vanek<jvanek at redhat.com>  [2014-03-06 11:14]:
> >>I dont think it is worthy. The current man pages are really *outdated* :(
> >
> >I don't follow. If the pages are outdated, shouldn't we fix that by
> >updating them? Are we abandoning the man pages?
> >
> 
> Yes we should. Only the good will is missing.

Abandoning man pages for 'good will'? I don't follow. If anything, we
make things harder for users.

>  First half of previous 8 months I was ignoring them willingly,
>  because I hoped to have the generated ones prepared for 1.5.

I don't know if generated ones are the magic bullet you think they are.
Either way you have to write the documentation. And some parts of the
documentation don't belong in code. Still, generated or not, we need
some place where users can find documentation.

> But this task was moved to 1.6 due to new D-I-D attributes

I would like to think that features are not considered 'complete' unless
they are documented.

> Also you may note - icedtea=web man page is missing (it is jsut copy
> of current (outdated) javaws.1)

I thought only the commands themselves have man pages. There is no
command named `icedtea-web` so there is no man page for it.
There is no man page for `mercurial` either, but there is for `hg`.

Where is this copy of javaws.1? I don't see it in our repo, and I don't
see it when I `make install`.

> , itw-settings manpage is missing - and
> it is HUGE man page, and newly policyeditor is missing.

For self-explanatory GUIs, I am not sure we need detailed man pages.
They mostly make sense for command line programs that take lots of
arguments and/or options so the options and arguments are properly
documented. Aside from the basics ('run itw-settings using the command
itw-settings', 'itw-settings allows you to modify setings graphically',
'file bugs at this bug tracker', 'config files are located here'), what
else do we need?

> For javaws x icedtea-web man page see a bug in bugzilla. I have jsut
> spend 10 minutes by trying to connect to bugzilal without sucess[1]

It's a private bug, but when I do log in, I don't actually see anything,
just your comment saying that you have linked icedtea-web.1 to javaws.1.
I think that's not ideal because:

- Man pages document binaries rather than packages
- You are completely leaving out the plugin :(

Thanks,
Omair

-- 
PGP Key: 66484681 (http://pgp.mit.edu/)
Fingerprint = F072 555B 0A17 3957 4E95  0056 F286 F14F 6648 4681

From jvanek at redhat.com  Thu Mar  6 09:39:05 2014
From: jvanek at redhat.com (Jiri Vanek)
Date: Thu, 06 Mar 2014 18:39:05 +0100
Subject: [rfc][icedtea-web] javaws -version flag
In-Reply-To: <20140306165233.GD1968@redhat.com>
References: <53179DCE.6070405@redhat.com> <53186D7E.8010608@redhat.com>
	<20140306155911.GB1968@redhat.com> <5318A0C8.5090507@redhat.com>
	<20140306161552.GC1968@redhat.com> <5318A43A.5080305@redhat.com>
	<20140306165233.GD1968@redhat.com>
Message-ID: <5318B2B9.8060009@redhat.com>

On 03/06/2014 05:52 PM, Omair Majid wrote:
> * Jiri Vanek<jvanek at redhat.com>  [2014-03-06 11:29]:
>> On 03/06/2014 05:15 PM, Omair Majid wrote:
>>> * Jiri Vanek<jvanek at redhat.com>   [2014-03-06 11:14]:
>>>> I dont think it is worthy. The current man pages are really *outdated* :(
>>>
>>> I don't follow. If the pages are outdated, shouldn't we fix that by
>>> updating them? Are we abandoning the man pages?
>>>
>>
>> Yes we should. Only the good will is missing.
>
> Abandoning man pages for 'good will'? I don't follow. If anything, we
> make things harder for users.

No. You misunderstood me completely. The will to maintain them is missing. I 100% agree that they are necessary.
>
>>   First half of previous 8 months I was ignoring them willingly,
>>   because I hoped to have the generated ones prepared for 1.5.
>
> I don't know if generated ones are the magic bullet you think they are.
> Either way you have to write the documentation. And some parts of the
> documentation don't belong in code. Still, generated or not, we need
> some place where users can find documentation.

100% yes, and the man pages are th way to go.


They may be the magic bullet if I fulfil my idea.

Some of the content will be reused from -help (especially the cmd switches). They will be easily localisable  from properties, and also runtiem help will be possible to generate from them.
Defintly the way to go. Also I think the maintainability  will be much better.

>
>> But this task was moved to 1.6 due to new D-I-D attributes
>
> I would like to think that features are not considered 'complete' unless
> they are documented.

I would guess the urls in error messgaes and hints in news are ok. And those exists. What else do you recommend?
>
>> Also you may note - icedtea=web man page is missing (it is jsut copy
>> of current (outdated) javaws.1)
>
> I thought only the commands themselves have man pages. There is no
> command named `icedtea-web` so there is no man page for it.
> There is no man page for `mercurial` either, but there is for `hg`.
>
> Where is this copy of javaws.1? I don't see it in our repo, and I don't
> see it when I `make install`.

Right. Right now there is only javaws.1 Imho two more are misisng. And manpage for "package name" is good recomandation. It can be jsut see javaws + expalinig alternatives, or something more general. Also it may be spec patch only.
>
>> , itw-settings manpage is missing - and
>> it is HUGE man page, and newly policyeditor is missing.
>
> For self-explanatory GUIs, I am not sure we need detailed man pages.
> They mostly make sense for command line programs that take lots of

Self expalantory???  The itw-settings have incredible cmd line support!

For policieditor we may argue, but at least mentioning that it have --help (again, same with man page => generate) and the only argument expected is filename.

> arguments and/or options so the options and arguments are properly
> documented. Aside from the basics ('run itw-settings using the command
> itw-settings', 'itw-settings allows you to modify setings graphically',
> 'file bugs at this bug tracker', 'config files are located here'), what
> else do we need?
>

Well this with config files is good idea. Another good reason for generated mn pages (as defautls are in source codes)

>> For javaws x icedtea-web man page see a bug in bugzilla. I have jsut
>> spend 10 minutes by trying to connect to bugzilal without sucess[1]
>
> It's a private bug, but when I do log in, I don't actually see anything,
> just your comment saying that you have linked icedtea-web.1 to javaws.1.
> I think that's not ideal because:
>
> - Man pages document binaries rather than packages
> - You are completely leaving out the plugin :(


hmhmh.. Well thats true. Then the few lines above "see javaws + expalinig alternatives" + "and plugin" may be a solution here.



J.

From omajid at redhat.com  Thu Mar  6 10:00:04 2014
From: omajid at redhat.com (Omair Majid)
Date: Thu, 6 Mar 2014 13:00:04 -0500
Subject: [rfc][icedtea-web] javaws -version flag
In-Reply-To: <5318B2B9.8060009@redhat.com>
References: <53179DCE.6070405@redhat.com> <53186D7E.8010608@redhat.com>
	<20140306155911.GB1968@redhat.com> <5318A0C8.5090507@redhat.com>
	<20140306161552.GC1968@redhat.com> <5318A43A.5080305@redhat.com>
	<20140306165233.GD1968@redhat.com> <5318B2B9.8060009@redhat.com>
Message-ID: <20140306180003.GG1968@redhat.com>

* Jiri Vanek <jvanek at redhat.com> [2014-03-06 12:30]:
> No. You misunderstood me completely. The will to maintain them is
> missing. I 100% agree that they are necessary.

Ah, well that's a different matter. I will try and help.

> On 03/06/2014 05:52 PM, Omair Majid wrote:
> >* Jiri Vanek<jvanek at redhat.com>  [2014-03-06 11:29]:
> >>  First half of previous 8 months I was ignoring them willingly,
> >>  because I hoped to have the generated ones prepared for 1.5.
> >
> >I don't know if generated ones are the magic bullet you think they are.
> >Either way you have to write the documentation. And some parts of the
> >documentation don't belong in code. Still, generated or not, we need
> >some place where users can find documentation.
> 
> 100% yes, and the man pages are th way to go.
> 
> They may be the magic bullet if I fulfil my idea.

Fair enough. My original suggestion was: let's add a tiny fix (document
-version) while we wait for the bigger (and better) fix (the
auto-generated man pages).

> Right. Right now there is only javaws.1 Imho two more are misisng. And
> manpage for "package name" is good recomandation.

I am not so sure. `man man` says:

"man is the system's manual pager. Each page argument given to man is
normally the name of a program, utility or function"

`javaws` qualifies as a program, but does icedtea-web?

Isn't a README the more appropriate place for this? Do you know of
examples where there is a man page for a package where package name is
different from the binary name?

Any way, if you want to add more documentation and maintain it, that's
perfectly fine with me :)

> It can be jsut see javaws + expalinig alternatives, or something more
> general. Also it may be spec patch only.

*If* we decide that this it not very useful upstream, maybe we should
encourage downstream to follow? 

> >>, itw-settings manpage is missing - and
> >>it is HUGE man page, and newly policyeditor is missing.
> >
> >For self-explanatory GUIs, I am not sure we need detailed man pages.
> >They mostly make sense for command line programs that take lots of
> 
> Self expalantory???  The itw-settings have incredible cmd line support!

Haha. I wrote that :)

I meant that it's fairly simple to document the cli bits (there's only 4
or so commands, right) and the GUI is self-explanatory. So the man page
shouldn't be that large.

Thanks,
Omair

-- 
PGP Key: 66484681 (http://pgp.mit.edu/)
Fingerprint = F072 555B 0A17 3957 4E95  0056 F286 F14F 6648 4681

From omajid at redhat.com  Thu Mar  6 09:12:57 2014
From: omajid at redhat.com (Omair Majid)
Date: Thu, 6 Mar 2014 12:12:57 -0500
Subject: [rfc][icedtea-web] javaws -version flag
In-Reply-To: <20140306165233.GD1968@redhat.com>
References: <53179DCE.6070405@redhat.com> <53186D7E.8010608@redhat.com>
	<20140306155911.GB1968@redhat.com> <5318A0C8.5090507@redhat.com>
	<20140306161552.GC1968@redhat.com> <5318A43A.5080305@redhat.com>
	<20140306165233.GD1968@redhat.com>
Message-ID: <20140306171257.GE1968@redhat.com>

* Omair Majid <omajid at redhat.com> [2014-03-06 12:11]:
> Where is this copy of javaws.1? I don't see it in our repo, and I don't
> see it when I `make install`.

s/javaws.1/icedtea-web.1/

Thanks,
Omair

-- 
PGP Key: 66484681 (http://pgp.mit.edu/)
Fingerprint = F072 555B 0A17 3957 4E95  0056 F286 F14F 6648 4681

From aazores at redhat.com  Thu Mar  6 12:18:17 2014
From: aazores at redhat.com (Andrew Azores)
Date: Thu, 6 Mar 2014 15:18:17 -0500 (EST)
Subject: [rfc][icedtea-web][policyeditor] Parsing enhancements and unit
	tests
In-Reply-To: <53188132.2040009@redhat.com>
References: <53175862.8080408@redhat.com> <53188132.2040009@redhat.com>
Message-ID: <1223389579.366317.1394137097401.JavaMail.zimbra@redhat.com>

Thanks for review! Hopefully the new attached patch is nicer.

Thanks,

Andrew A

----- Original Message -----
From: "Jiri Vanek" <jvanek at redhat.com>
To: "Andrew Azores" <aazores at redhat.com>
Cc: "IcedTea" <distro-pkg-dev at openjdk.java.net>
Sent: Thursday, March 6, 2014 9:07:46 AM
Subject: Re: [rfc][icedtea-web][policyeditor] Parsing enhancements and unit tests

On 03/05/2014 06:01 PM, Andrew Azores wrote:
> Hi,
>
> The previous thread was diverging into two quite different patches, so I'm splitting it.
>
> This patch improves parsing, especially handling of comments, and adds a lot of new unit testing for this. A few small bugs were found and fixed along the way.
>

The Messages.properties changes are missing in in-pathc chagelog

public static CustomPermission fromString - more more and more tests. Try to hack yourself.  But generally ok.
Well the comment is poem-writer's masterpiece :) But better then nothing :)
The [\\w.] do not osund correct. The dot should be escaped to match dot, not any char. Or not? So this part will be:
[[\\w\\.]+\\w+] (nottested - to match [java.][io.][permissions] and nto eg dsgfgogfdsgjsfdghjsfd[hj as now :)
The content of quotes may be anything, ok? What about content to be qutes itself? (not jsut ${} eg?
The first quotes are mandatory, and the scond not? As far as I read from regex.
Why is compiled patter not global constant? It should be. It will not need recompile each launch time... Then there can be also some tests only to the regex itself.


Why is the  CustomPermission.fromStirng copypasted to PolicyEditorPermissions ???

Quick glance over tests is ook.

Thanx!
   J.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: policy-editor-parsing-tests.patch
Type: text/x-patch
Size: 53575 bytes
Desc: not available
Url : http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140306/78e05e8e/policy-editor-parsing-tests-0001.patch 

From jvanek at redhat.com  Fri Mar  7 02:44:41 2014
From: jvanek at redhat.com (Jiri Vanek)
Date: Fri, 07 Mar 2014 11:44:41 +0100
Subject: [rfc] [cedtea-web] upated javawsman page was: Re: [rfc][icedtea-web]
	javaws -version flag
In-Reply-To: <20140306180003.GG1968@redhat.com>
References: <53179DCE.6070405@redhat.com> <53186D7E.8010608@redhat.com>
	<20140306155911.GB1968@redhat.com> <5318A0C8.5090507@redhat.com>
	<20140306161552.GC1968@redhat.com> <5318A43A.5080305@redhat.com>
	<20140306165233.GD1968@redhat.com> <5318B2B9.8060009@redhat.com>
	<20140306180003.GG1968@redhat.com>
Message-ID: <5319A319.90707@redhat.com>

Some updates to javaws man page.. Is there any voulenteer for icedtea-web, policyeditor and 
itw-settings ? :))

J.
On 03/06/2014 07:00 PM, Omair Majid wrote:
> * Jiri Vanek <jvanek at redhat.com> [2014-03-06 12:30]:
>> No. You misunderstood me completely. The will to maintain them is
>> missing. I 100% agree that they are necessary.
>
> Ah, well that's a different matter. I will try and help.
>
>> On 03/06/2014 05:52 PM, Omair Majid wrote:
>>> * Jiri Vanek<jvanek at redhat.com>  [2014-03-06 11:29]:
>>>>   First half of previous 8 months I was ignoring them willingly,
>>>>   because I hoped to have the generated ones prepared for 1.5.
>>>
>>> I don't know if generated ones are the magic bullet you think they are.
>>> Either way you have to write the documentation. And some parts of the
>>> documentation don't belong in code. Still, generated or not, we need
>>> some place where users can find documentation.
>>
>> 100% yes, and the man pages are th way to go.
>>
>> They may be the magic bullet if I fulfil my idea.
>
> Fair enough. My original suggestion was: let's add a tiny fix (document
> -version) while we wait for the bigger (and better) fix (the
> auto-generated man pages).
>
>> Right. Right now there is only javaws.1 Imho two more are misisng. And
>> manpage for "package name" is good recomandation.
>
> I am not so sure. `man man` says:
>
> "man is the system's manual pager. Each page argument given to man is
> normally the name of a program, utility or function"
>
> `javaws` qualifies as a program, but does icedtea-web?
>
> Isn't a README the more appropriate place for this? Do you know of
> examples where there is a man page for a package where package name is
> different from the binary name?
>
> Any way, if you want to add more documentation and maintain it, that's
> perfectly fine with me :)
>
>> It can be jsut see javaws + expalinig alternatives, or something more
>> general. Also it may be spec patch only.
>
> *If* we decide that this it not very useful upstream, maybe we should
> encourage downstream to follow?
>
>>>> , itw-settings manpage is missing - and
>>>> it is HUGE man page, and newly policyeditor is missing.
>>>
>>> For self-explanatory GUIs, I am not sure we need detailed man pages.
>>> They mostly make sense for command line programs that take lots of
>>
>> Self expalantory???  The itw-settings have incredible cmd line support!
>
> Haha. I wrote that :)
>
> I meant that it's fairly simple to document the cli bits (there's only 4
> or so commands, right) and the GUI is self-explanatory. So the man page
> shouldn't be that large.
>
> Thanks,
> Omair
>

-------------- next part --------------
A non-text attachment was scrubbed...
Name: minorFixes-man.patch
Type: text/x-patch
Size: 3236 bytes
Desc: not available
Url : http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140307/39487d7d/minorFixes-man.patch 

From jvanek at redhat.com  Fri Mar  7 02:51:01 2014
From: jvanek at redhat.com (Jiri Vanek)
Date: Fri, 07 Mar 2014 11:51:01 +0100
Subject: [rfc][icedtea-web] /bin/bash check for configure time Re:
	[rfc][icedtea-web]
	have  bash in shebang instead of sh or get rid of bashism
In-Reply-To: <531734B5.9040105@redhat.com>
References: <530E0C94.6070606@redhat.com> <53165242.9000308@redhat.com>
	<531734B5.9040105@redhat.com>
Message-ID: <5319A495.7090601@redhat.com>

On 03/05/2014 03:29 PM, Jiri Vanek wrote:
> On 03/04/2014 11:22 PM, Andrew Azores wrote:
>> On 02/26/2014 10:47 AM, Jiri Vanek wrote:
>>> After short discussion with Omair, we agreed that this
>>>
>>> http://icedtea.classpath.org/hg/release/icedtea-web-1.4/rev/8f13202ea201
>>>
>>> IS probably better then get rid of bashism completely.
>>>
>>> So I would like to forward-port this patch to head.
>>>
>>> ok?
>>
>> Fine by me.
>>
>> Thanks,
>>
>
> Thanx. Pushed.
>
> The configure check for /bin/bash is needed for .configure now. But I'm not sure how it will affect
> windows. Actually I have no idea how windows are building ITW :(
>
> J.
>

Well /bin/bash is used also for generation of htmls. So this is really needed.

J.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: minorFixes-bashCheck.patch
Type: text/x-patch
Size: 491 bytes
Desc: not available
Url : http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140307/05ce6f1e/minorFixes-bashCheck.patch 

From ptisnovs at icedtea.classpath.org  Fri Mar  7 04:08:43 2014
From: ptisnovs at icedtea.classpath.org (ptisnovs at icedtea.classpath.org)
Date: Fri, 07 Mar 2014 12:08:43 +0000
Subject: /hg/gfx-test: Eight new tests added into BitBltUsingBgColor test...
Message-ID: <hg.154d24fa3f31.1394194123.-6248649288953172555@icedtea.classpath.org>

changeset 154d24fa3f31 in /hg/gfx-test
details: http://icedtea.classpath.org/hg/gfx-test?cmd=changeset;node=154d24fa3f31
author: Pavel Tisnovsky <ptisnovs at redhat.com>
date: Fri Mar 07 13:09:25 2014 +0100

	Eight new tests added into BitBltUsingBgColor test suite.


diffstat:

 ChangeLog                                          |    5 +
 src/org/gfxtest/testsuites/BitBltUsingBgColor.java |  120 +++++++++++++++++++++
 2 files changed, 125 insertions(+), 0 deletions(-)

diffs (142 lines):

diff -r 219ddc3bf108 -r 154d24fa3f31 ChangeLog
--- a/ChangeLog	Tue Mar 04 11:04:28 2014 +0100
+++ b/ChangeLog	Fri Mar 07 13:09:25 2014 +0100
@@ -1,3 +1,8 @@
+2014-03-07  Pavel Tisnovsky  <ptisnovs at redhat.com>
+
+	* src/org/gfxtest/testsuites/BitBltUsingBgColor.java:
+	Eight new tests added into BitBltUsingBgColor test suite.
+
 2014-03-04  Pavel Tisnovsky  <ptisnovs at redhat.com>
 
 	* src/org/gfxtest/testsuites/BitBltAffineQuadrantRotateTransformOp.java:
diff -r 219ddc3bf108 -r 154d24fa3f31 src/org/gfxtest/testsuites/BitBltUsingBgColor.java
--- a/src/org/gfxtest/testsuites/BitBltUsingBgColor.java	Tue Mar 04 11:04:28 2014 +0100
+++ b/src/org/gfxtest/testsuites/BitBltUsingBgColor.java	Fri Mar 07 13:09:25 2014 +0100
@@ -5552,6 +5552,126 @@
     }
 
     /**
+     * Test basic BitBlt operation for diagonal checker buffered image with type TYPE_USHORT_555_RGB.
+     * Background color is set to Color.cyan.
+     *
+     * @param image
+     *            image to be used as a destination for BitBlt-type operations
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testBitBltDiagonalCheckerBufferedImageTypeUshort555RGBBackgroundCyan(TestImage image, Graphics2D graphics2d)
+    {
+        return doBitBltDiagonalCheckerBufferedImageTypeUshort555RGB(image, graphics2d, Color.cyan);
+    }
+
+    /**
+     * Test basic BitBlt operation for diagonal checker buffered image with type TYPE_USHORT_555_RGB.
+     * Background color is set to Color.red.
+     *
+     * @param image
+     *            image to be used as a destination for BitBlt-type operations
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testBitBltDiagonalCheckerBufferedImageTypeUshort555RGBBackgroundRed(TestImage image, Graphics2D graphics2d)
+    {
+        return doBitBltDiagonalCheckerBufferedImageTypeUshort555RGB(image, graphics2d, Color.red);
+    }
+
+    /**
+     * Test basic BitBlt operation for diagonal checker buffered image with type TYPE_USHORT_555_RGB.
+     * Background color is set to Color.magenta.
+     *
+     * @param image
+     *            image to be used as a destination for BitBlt-type operations
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testBitBltDiagonalCheckerBufferedImageTypeUshort555RGBBackgroundMagenta(TestImage image, Graphics2D graphics2d)
+    {
+        return doBitBltDiagonalCheckerBufferedImageTypeUshort555RGB(image, graphics2d, Color.magenta);
+    }
+
+    /**
+     * Test basic BitBlt operation for diagonal checker buffered image with type TYPE_USHORT_555_RGB.
+     * Background color is set to Color.yellow.
+     *
+     * @param image
+     *            image to be used as a destination for BitBlt-type operations
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testBitBltDiagonalCheckerBufferedImageTypeUshort555RGBBackgroundYellow(TestImage image, Graphics2D graphics2d)
+    {
+        return doBitBltDiagonalCheckerBufferedImageTypeUshort555RGB(image, graphics2d, Color.yellow);
+    }
+
+    /**
+     * Test basic BitBlt operation for diagonal checker buffered image with type TYPE_USHORT_555_RGB.
+     * Background color is set to Color.white.
+     *
+     * @param image
+     *            image to be used as a destination for BitBlt-type operations
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testBitBltDiagonalCheckerBufferedImageTypeUshort555RGBBackgroundWhite(TestImage image, Graphics2D graphics2d)
+    {
+        return doBitBltDiagonalCheckerBufferedImageTypeUshort555RGB(image, graphics2d, Color.white);
+    }
+
+    /**
+     * Test basic BitBlt operation for diagonal checker buffered image with type TYPE_USHORT_565_RGB.
+     * Background color is set to Color.black.
+     *
+     * @param image
+     *            image to be used as a destination for BitBlt-type operations
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testBitBltDiagonalCheckerBufferedImageTypeUshort565RGBBackgroundBlack(TestImage image, Graphics2D graphics2d)
+    {
+        return doBitBltDiagonalCheckerBufferedImageTypeUshort565RGB(image, graphics2d, Color.black);
+    }
+
+    /**
+     * Test basic BitBlt operation for diagonal checker buffered image with type TYPE_USHORT_565_RGB.
+     * Background color is set to Color.blue.
+     *
+     * @param image
+     *            image to be used as a destination for BitBlt-type operations
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testBitBltDiagonalCheckerBufferedImageTypeUshort565RGBBackgroundBlue(TestImage image, Graphics2D graphics2d)
+    {
+        return doBitBltDiagonalCheckerBufferedImageTypeUshort565RGB(image, graphics2d, Color.blue);
+    }
+
+    /**
+     * Test basic BitBlt operation for diagonal checker buffered image with type TYPE_USHORT_565_RGB.
+     * Background color is set to Color.green.
+     *
+     * @param image
+     *            image to be used as a destination for BitBlt-type operations
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testBitBltDiagonalCheckerBufferedImageTypeUshort565RGBBackgroundGreen(TestImage image, Graphics2D graphics2d)
+    {
+        return doBitBltDiagonalCheckerBufferedImageTypeUshort565RGB(image, graphics2d, Color.green);
+    }
+
+    /**
      * Entry point to the test suite.
      *
      * @param args not used in this case

From ptisnovs at icedtea.classpath.org  Fri Mar  7 04:20:32 2014
From: ptisnovs at icedtea.classpath.org (ptisnovs at icedtea.classpath.org)
Date: Fri, 07 Mar 2014 12:20:32 +0000
Subject: /hg/rhino-tests: Added new tests testGetResourceAsStreamPositiov...
Message-ID: <hg.482d9f98ee40.1394194832.-6019694633368342460@icedtea.classpath.org>

changeset 482d9f98ee40 in /hg/rhino-tests
details: http://icedtea.classpath.org/hg/rhino-tests?cmd=changeset;node=482d9f98ee40
author: Pavel Tisnovsky <ptisnovs at redhat.com>
date: Fri Mar 07 13:21:16 2014 +0100

	Added new tests testGetResourceAsStreamPositioveTest and
	toStringTest into SimpleBindingsClassTest.


diffstat:

 ChangeLog                                       |   6 ++++++
 src/org/RhinoTests/SimpleBindingsClassTest.java |  18 ++++++++++++++++++
 2 files changed, 24 insertions(+), 0 deletions(-)

diffs (41 lines):

diff -r c7bc5728b4a1 -r 482d9f98ee40 ChangeLog
--- a/ChangeLog	Tue Mar 04 11:42:00 2014 +0100
+++ b/ChangeLog	Fri Mar 07 13:21:16 2014 +0100
@@ -1,3 +1,9 @@
+2014-03-07  Pavel Tisnovsky  <ptisnovs at redhat.com>
+
+	* src/org/RhinoTests/SimpleBindingsClassTest.java:
+	Added new tests testGetResourceAsStreamPositioveTest and
+	toStringTest into SimpleBindingsClassTest.
+
 2014-03-04  Pavel Tisnovsky  <ptisnovs at redhat.com>
 
 	* src/org/RhinoTests/ScriptEngineFactoryClassTest.java:
diff -r c7bc5728b4a1 -r 482d9f98ee40 src/org/RhinoTests/SimpleBindingsClassTest.java
--- a/src/org/RhinoTests/SimpleBindingsClassTest.java	Tue Mar 04 11:42:00 2014 +0100
+++ b/src/org/RhinoTests/SimpleBindingsClassTest.java	Fri Mar 07 13:21:16 2014 +0100
@@ -2154,6 +2154,24 @@
     }
 
     /**
+     * Test for method javax.script.SimpleBindings.getClass().getResourceAsStreamPositiveTest()
+     */
+    protected void testGetResourceAsStreamPositiveTest() {
+        Object stream;
+        stream = this.simpleBindingsClass.getResourceAsStream("/org/RhinoTests/AbstractScriptEngineClassTest.class");
+        assertNotNull(stream, "getResourceAsStream(\"/org/RhinoTests/AbstractScriptEngineClassTest.class\") returns null");
+    }
+
+    /**
+     * Test for method javax.script.SimpleBindings.getClass().toString()
+     */
+    protected void testToString() {
+        String asString;
+        asString = this.simpleBindingsClass.toString();
+        assertEquals("class javax.script.SimpleBindings", asString, "wrong toString() return value");
+    }
+
+    /**
      * Test for instanceof operator applied to a class javax.script.SimpleBindings
      */
     @SuppressWarnings("cast")

From jvanek at redhat.com  Fri Mar  7 04:40:28 2014
From: jvanek at redhat.com (Jiri Vanek)
Date: Fri, 07 Mar 2014 13:40:28 +0100
Subject: [rfc][icedtea-web] set location for jnlpHreffed jnlp file correctly
	(rh1072013)
Message-ID: <5319BE3C.2030008@redhat.com>

When plugin is using jnlpHref to start, the location of jnlp file is not stored properly.  When one 
wonts to use it, he got NPE. Proably only usecase when this is visible is signature by jnlp (then 
tmplate have nothing to match)

However  I have not made the http://www.arcadeflex.com/releases/v0.36.4/launch.php?id=134 run :(

Now it is dying with itself :

Exception in thread "Thread-8" java.security.AccessControlException: Applets may not call System.exit()
	at net.sourceforge.jnlp.runtime.JNLPSecurityManager.checkExit(JNLPSecurityManager.java:391)
	at javax.swing.JFrame.setDefaultCloseOperation(JFrame.java:388)
	at arcadeflex.UrlDownloadProgress.initComponents(UrlDownloadProgress.java:46)
	at arcadeflex.UrlDownloadProgress.<init>(UrlDownloadProgress.java:28)
	at arcadeflex.osdepend.main(osdepend.java:75)
	at arcadeflex.MainApplet$1.run(MainApplet.java:78)
	at java.lang.Thread.run(Thread.java:744)

Andrew, can your policy enhancement grant exit System.exit? Just worthy to try :)


J.


ps: reproducers for this are missing.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: fixedUnsetLocationForJnlpHref.patch
Type: text/x-patch
Size: 676 bytes
Desc: not available
Url : http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140307/8d73c303/fixedUnsetLocationForJnlpHref.patch 

From jvanek at redhat.com  Fri Mar  7 04:56:15 2014
From: jvanek at redhat.com (Jiri Vanek)
Date: Fri, 07 Mar 2014 13:56:15 +0100
Subject: Upcoming release of icedtea-web 1.5
Message-ID: <5319C1EF.2020801@redhat.com>

Hi All!

I would like to announce, that  deadline for icedtea-web 1.5 to be released should match start of 
April. 1st April sounds good, doesn't it ?-)  But Few days later should be still ok.

Please count with head branch freezing  in last week before release  - an week for testing - so 
pushes in this week will be only for for translation files  and regression fixes.
According to my knowledge 1.5 is healthy now. Also I'm  continually pushing it alive into 
fedora-rawhide. And well, no one complains :)

Also please note I will be  off  17-19.3.

The reason for  start of April is that 16.4 is Oracle CPU. This my cause another month of delay, 
which would be unbearable.

Thank you for understanding.


J

From jvanek at redhat.com  Fri Mar  7 05:24:09 2014
From: jvanek at redhat.com (Jiri Vanek)
Date: Fri, 07 Mar 2014 14:24:09 +0100
Subject: [rfc][icedtea-web][policyeditor] Parsing enhancements and unit
	tests
In-Reply-To: <1223389579.366317.1394137097401.JavaMail.zimbra@redhat.com>
References: <53175862.8080408@redhat.com> <53188132.2040009@redhat.com>
	<1223389579.366317.1394137097401.JavaMail.zimbra@redhat.com>
Message-ID: <5319C879.4090903@redhat.com>

The messages.properties changes are still not listed in changelog.


This is probably nit, but:
+        final Matcher targetMatcher = PolicyEditorPermissions.TARGET_PERMISSION.matcher(string);
+        final Matcher actionMatcher = PolicyEditorPermissions.ACTIONS_PERMISSION.matcher(string);
+        if (!targetMatcher.matches() && !actionMatcher.matches()) {
+            return null;
+        }
+
+        final String typeStr, targetStr, actionsStr;
+
+        if (actionMatcher.matches()) {
+            typeStr = actionMatcher.group(1);
+            targetStr = actionMatcher.group(2);
+            actionsStr = actionMatcher.group(3);
+        } else {
+        	typeStr = targetMatcher.group(1);
+            targetStr = targetMatcher.group(2);
+            actionsStr = "";
          }

the first matcher is needed only when second one fails. Maybe would be nice to remove the 
unnecessary matching.

similar for PolicyEditorPermissions which is still suspiciously similar:(


The chnage [\\w.] -> [\\w\\.]  looks enough :)



Thanx!
J.
On 03/06/2014 09:18 PM, Andrew Azores wrote:
> Thanks for review! Hopefully the new attached patch is nicer.
>
> Thanks,
>
> Andrew A
>
> ----- Original Message -----
> From: "Jiri Vanek" <jvanek at redhat.com>
> To: "Andrew Azores" <aazores at redhat.com>
> Cc: "IcedTea" <distro-pkg-dev at openjdk.java.net>
> Sent: Thursday, March 6, 2014 9:07:46 AM
> Subject: Re: [rfc][icedtea-web][policyeditor] Parsing enhancements and unit tests
>
> On 03/05/2014 06:01 PM, Andrew Azores wrote:
>> Hi,
>>
>> The previous thread was diverging into two quite different patches, so I'm splitting it.
>>
>> This patch improves parsing, especially handling of comments, and adds a lot of new unit testing for this. A few small bugs were found and fixed along the way.
>>
>
> The Messages.properties changes are missing in in-pathc chagelog
>
> public static CustomPermission fromString - more more and more tests. Try to hack yourself.  But generally ok.
> Well the comment is poem-writer's masterpiece :) But better then nothing :)
> The [\\w.] do not osund correct. The dot should be escaped to match dot, not any char. Or not? So this part will be:
> [[\\w\\.]+\\w+] (nottested - to match [java.][io.][permissions] and nto eg dsgfgogfdsgjsfdghjsfd[hj as now :)
> The content of quotes may be anything, ok? What about content to be qutes itself? (not jsut ${} eg?
> The first quotes are mandatory, and the scond not? As far as I read from regex.
> Why is compiled patter not global constant? It should be. It will not need recompile each launch time... Then there can be also some tests only to the regex itself.
>
>
> Why is the  CustomPermission.fromStirng copypasted to PolicyEditorPermissions ???
>
> Quick glance over tests is ook.
>
> Thanx!
>     J.
>


From jvanek at redhat.com  Fri Mar  7 07:21:29 2014
From: jvanek at redhat.com (Jiri Vanek)
Date: Fri, 07 Mar 2014 16:21:29 +0100
Subject: [rfc][icedtea-web] save  runn urls to property
In-Reply-To: <53174F77.2070209@redhat.com>
References: <5304C60C.5070608@redhat.com>
	<5316531D.7010304@redhat.com>	<53173282.7020401@redhat.com>
	<531731A7.6000006@redhat.com> <53174F77.2070209@redhat.com>
Message-ID: <5319E3F9.9020405@redhat.com>

On 03/05/2014 05:23 PM, Jiri Vanek wrote:
> On 03/05/2014 03:16 PM, Andrew Azores wrote:
>> On 03/05/2014 09:19 AM, Jiri Vanek wrote:
>>> On 03/04/2014 11:26 PM, Andrew Azores wrote:
>>>> On 02/19/2014 09:56 AM, Jiri Vanek wrote:
>>>>> hi!
>>>>>
>>>>> As java abrt connector is sending quite good reports, the url, on which I can reproduce the
>>>>> issue is missing. So always my first question in bug is "may you please post url" ?
>>>>>
>>>>> Also java connector is printing out system properties. So it crossed my mind to store the
>>>>> launched jnlps/htmls for this usage. I have quite mixed feelings about it but do not have it
>>>>> makes java-abrt-connector a bit useless (users donot care to much about auto generated bugs)
>>>>> - see https://bugzilla.redhat.com/show_bug.cgi?id=1060390
>>>>>
>>>>> This needs also some more work on java-abrt-conenctor - see
>>>>> https://github.com/jfilak/abrt-java-connector/issues/34
>>>>>
>>>>> J.
>>>>
>>>> I like the intent behind the patch but I don't know if I really like using system properties for
>>>> this :/
>>>
>>> I'm not sure with them too:(
>>>
>>> > not that I have any better ideas off the top of my head.
>>>
>>> The abrt agent can actually do anything. My another idea is to store it in some static (private)
>>> variable. The whitleist in issue 34 will then be package.class fieldName
>>
>> I didn't know that this would be an option. This sounds much, much better to me.
>>
>>>
>>> > But this just does not seem to me like what the properties are meant to be used for.
>>>
>>> Agree. And my concern is that with this, *maybe* (but probably) all appelts which can read
>>> properties, will be able to spy history.
>>
>> Yea, and this is really not a good mechanism to be providing.
>>
>>>
>>> I have commented also https://github.com/jfilak/abrt-java-connector/issues/34
>>>> It seems like nobody else is chiming in with any better ideas, and you're right that the
>>>> automatic bug reports are a little bit useless without something like this, so if you have no
>>>> better implementations in mind then I suppose this will have to suffice.
>>>
>>> What do you thnk about this approach? (otherwise it will be same)
>>> Thank you!
>>>
>
> So here is version with field.

  So here is version with method. We agreed on it today With Jakub.

Andrew, I.m still using the string. Although I was thinking about usage of:
         if (!history.contains(documentBase)){
             JNLPRuntime.history += " " + documentBase + " ";
         }
I think it can be interesting to know number of reloads.
Also I wont to have string since begining (not set - method -> sting) as any logic after OOM error, 
can be undoable. But String will be still possible to dig.


>
> the whitelist then will be:
> netx.net.sourceforge.jnlp.runtime.JNLPRuntime history

netx.net.sourceforge.jnlp.runtime.JNLPRuntime getHistory

(or whatever, but it is still private method)

The comment is added as Omair wonted. The synchronization was *not* added.  I really think it do not 
belongs here.


J.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: abrtMethod.diff
Type: text/x-patch
Size: 2655 bytes
Desc: not available
Url : http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140307/4b5b6027/abrtMethod.diff 

From omajid at redhat.com  Fri Mar  7 07:57:25 2014
From: omajid at redhat.com (Omair Majid)
Date: Fri, 7 Mar 2014 10:57:25 -0500
Subject: [rfc] [cedtea-web] upated javawsman page was: Re:
	[rfc][icedtea-web] javaws -version flag
In-Reply-To: <5319A319.90707@redhat.com>
References: <53179DCE.6070405@redhat.com> <53186D7E.8010608@redhat.com>
	<20140306155911.GB1968@redhat.com> <5318A0C8.5090507@redhat.com>
	<20140306161552.GC1968@redhat.com> <5318A43A.5080305@redhat.com>
	<20140306165233.GD1968@redhat.com> <5318B2B9.8060009@redhat.com>
	<20140306180003.GG1968@redhat.com> <5319A319.90707@redhat.com>
Message-ID: <20140307155724.GA24571@redhat.com>

* Jiri Vanek <jvanek at redhat.com> [2014-03-07 05:44]:
>  .SH FILES
> -~/.icedtea/deployment.properties specifies the settings used by javaws
> +~/.config/icedtea-web/deployment.properties specifies the settings used by javaws
> +
> +~/.config/icedtea-web/log (may be set to different location by you) contains file log files (if enabled).
> +itw-cplugin-date_time.log for native part of plugin, itw-javantx-date_time.log for everything else.
> +
> +~/.config/icedtea-web/security/java.policy contains granted permissions for selected usnigned apps
> +
> +~/.config/icedtea-web/security/trusted.*certs contains various stored certificates
> +
> +~/.cache/icedtea-web/cache contains cached runtime entries (amy be changed by you)
> +
> +~/.cache/icedtea-web/pcache contains saved applicatin data
> +
> +~/.cache/icedtea-web/tmp contains temporary runtime files

You might want to use XDG_* variables for `.cache` and `.config` too.
Looks fine, though.

Cheers,
Omair

-- 
PGP Key: 66484681 (http://pgp.mit.edu/)
Fingerprint = F072 555B 0A17 3957 4E95  0056 F286 F14F 6648 4681

From andrew at icedtea.classpath.org  Sat Mar  8 18:06:52 2014
From: andrew at icedtea.classpath.org (andrew at icedtea.classpath.org)
Date: Sat, 08 Mar 2014 18:06:52 +0000
Subject: /hg/icedtea7: 2 new changesets
Message-ID: <hg.ae136889742c.1394302012.2873452341184383833@icedtea.classpath.org>

changeset ae136889742c in /hg/icedtea7
details: http://icedtea.classpath.org/hg/icedtea7?cmd=changeset;node=ae136889742c
author: Andrew John Hughes <gnu_andrew at member.fsf.org>
date: Sat Mar 08 18:05:26 2014 +0000

	Add support for the AArch64 port HotSpot.

	2014-03-07  Andrew John Hughes  <gnu.andrew at member.fsf.org>

		* patches/systemtap_gc.patch: Moved to...
		* Makefile.am: Make systemtap_gc.patch HotSpot-dependent.
		* hotspot.map: Add aarch64 HotSpot.
		* patches/hotspot/aarch64/systemtap_gc.patch:
		New patch against AArch64 HotSpot tarball.
		* patches/hotspot/default/systemtap_gc.patch:
		... here.


changeset b1043cc0cd82 in /hg/icedtea7
details: http://icedtea.classpath.org/hg/icedtea7?cmd=changeset;node=b1043cc0cd82
author: Andrew John Hughes <gnu_andrew at member.fsf.org>
date: Sat Mar 08 18:06:34 2014 +0000

	Default libpcsc usage to off, so others can be used at run-time.

	2014-03-07  Andrew John Hughes  <gnu.andrew at member.fsf.org>

		* acinclude:
		(IT_CHECK_FOR_PCSC): Default to off.


diffstat:

 ChangeLog                                  |   15 +
 Makefile.am                                |    2 +-
 acinclude.m4                               |    2 +-
 hotspot.map                                |    1 +
 patches/hotspot/aarch64/systemtap_gc.patch |  373 ++++++++++++++++++++++++++++
 patches/hotspot/default/systemtap_gc.patch |  379 +++++++++++++++++++++++++++++
 patches/systemtap_gc.patch                 |  379 -----------------------------
 7 files changed, 770 insertions(+), 381 deletions(-)

diffs (truncated from 1196 to 500 lines):

diff -r 74d5e26fce82 -r b1043cc0cd82 ChangeLog
--- a/ChangeLog	Mon Feb 24 16:19:53 2014 +0000
+++ b/ChangeLog	Sat Mar 08 18:06:34 2014 +0000
@@ -1,3 +1,18 @@
+2014-03-07  Andrew John Hughes  <gnu.andrew at member.fsf.org>
+
+	* acinclude:
+	(IT_CHECK_FOR_PCSC): Default to off.
+
+2014-03-07  Andrew John Hughes  <gnu.andrew at member.fsf.org>
+
+	* patches/systemtap_gc.patch: Moved to...
+	* Makefile.am: Make systemtap_gc.patch HotSpot-dependent.
+	* hotspot.map: Add aarch64 HotSpot.
+	* patches/hotspot/aarch64/systemtap_gc.patch:
+	New patch against AArch64 HotSpot tarball.
+	* patches/hotspot/default/systemtap_gc.patch:
+	... here.
+
 2014-02-24  Andrew John Hughes  <gnu.andrew at member.fsf.org>
 
 	* NEWS: Add Gentoo bug reference for
diff -r 74d5e26fce82 -r b1043cc0cd82 Makefile.am
--- a/Makefile.am	Mon Feb 24 16:19:53 2014 +0000
+++ b/Makefile.am	Sat Mar 08 18:06:34 2014 +0000
@@ -290,7 +290,7 @@
 
 if ENABLE_SYSTEMTAP
 ICEDTEA_PATCHES += \
-	patches/systemtap_gc.patch
+	patches/hotspot/$(HSBUILD)/systemtap_gc.patch
 endif
 
 if ENABLE_NSS
diff -r 74d5e26fce82 -r b1043cc0cd82 acinclude.m4
--- a/acinclude.m4	Mon Feb 24 16:19:53 2014 +0000
+++ b/acinclude.m4	Sat Mar 08 18:06:34 2014 +0000
@@ -2219,7 +2219,7 @@
     ENABLE_SYSTEM_PCSC="${enableval}"
   ],
   [
-    ENABLE_SYSTEM_PCSC="yes"
+    ENABLE_SYSTEM_PCSC="no"
   ])
   AC_MSG_RESULT(${ENABLE_SYSTEM_PCSC})
   if test x"${ENABLE_SYSTEM_PCSC}" = "xyes"; then
diff -r 74d5e26fce82 -r b1043cc0cd82 hotspot.map
--- a/hotspot.map	Mon Feb 24 16:19:53 2014 +0000
+++ b/hotspot.map	Sat Mar 08 18:06:34 2014 +0000
@@ -1,2 +1,3 @@
 # version url changeset sha256sum
 default http://icedtea.classpath.org/hg/icedtea7-forest/hotspot f30e87f16d90 871fa08b8e9d7a2958cee844f940752c39b1946146dc382c005269e86b687a49
+aarch64 http://hg.openjdk.java.net/aarch64-port/jdk7u/hotspot 22910135cca6 477cd13f7fbe34d6dd878bbdb1e16f73b4b22e0e78d049d98f3c9cce8c193a1a
diff -r 74d5e26fce82 -r b1043cc0cd82 patches/hotspot/aarch64/systemtap_gc.patch
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/patches/hotspot/aarch64/systemtap_gc.patch	Sat Mar 08 18:06:34 2014 +0000
@@ -0,0 +1,373 @@
+diff -Nru openjdk.orig/hotspot/src/share/vm/compiler/oopMap.cpp openjdk/hotspot/src/share/vm/compiler/oopMap.cpp
+--- openjdk.orig/hotspot/src/share/vm/compiler/oopMap.cpp	2014-03-06 09:11:53.000000000 +0000
++++ openjdk/hotspot/src/share/vm/compiler/oopMap.cpp	2014-03-07 04:29:33.230530073 +0000
+@@ -33,9 +33,13 @@
+ #include "memory/resourceArea.hpp"
+ #include "runtime/frame.inline.hpp"
+ #include "runtime/signature.hpp"
++#include "utilities/dtrace.hpp"
+ #ifdef COMPILER1
+ #include "c1/c1_Defs.hpp"
+ #endif
++#ifndef USDT2
++  HS_DTRACE_PROBE_DECL1(provider, gc__collection__delete, *uintptr_t);
++#endif /* !USDT2 */
+ 
+ // OopMapStream
+ 
+@@ -677,6 +681,9 @@
+                     " - Derived: " INTPTR_FORMAT "  Base: " INTPTR_FORMAT " (Offset: %d)",
+           derived_loc, (address)*derived_loc, (address)base, offset);
+     }
++#ifndef USDT2
++  HS_DTRACE_PROBE1(hotspot, gc__collection__delete, entry);
++#endif /* !USDT2 */
+ 
+     // Delete entry
+     delete entry;
+diff -Nru openjdk.orig/hotspot/src/share/vm/gc_implementation/concurrentMarkSweep/concurrentMarkSweepGeneration.cpp openjdk/hotspot/src/share/vm/gc_implementation/concurrentMarkSweep/concurrentMarkSweepGeneration.cpp
+--- openjdk.orig/hotspot/src/share/vm/gc_implementation/concurrentMarkSweep/concurrentMarkSweepGeneration.cpp	2014-03-06 09:11:53.000000000 +0000
++++ openjdk/hotspot/src/share/vm/gc_implementation/concurrentMarkSweep/concurrentMarkSweepGeneration.cpp	2014-03-07 04:29:33.234530133 +0000
+@@ -62,6 +62,12 @@
+ #include "runtime/vmThread.hpp"
+ #include "services/memoryService.hpp"
+ #include "services/runtimeService.hpp"
++#include "utilities/dtrace.hpp"
++
++#ifndef USDT2
++  HS_DTRACE_PROBE_DECL4(provider, gc__collection__contig__begin, bool, bool, size_t, bool);
++  HS_DTRACE_PROBE_DECL4(provider, gc__collection__contig__end, bool, bool, size_t, bool);
++#endif /* !USDT2 */
+ 
+ // statics
+ CMSCollector* ConcurrentMarkSweepGeneration::_collector = NULL;
+@@ -1642,7 +1648,13 @@
+                                             size_t size,
+                                             bool   tlab)
+ {
++#ifndef USDT2
++  HS_DTRACE_PROBE4(hotspot, gc__collection__contig__begin, full, clear_all_soft_refs, size, tlab);
++#endif /* !USDT2 */
+   collector()->collect(full, clear_all_soft_refs, size, tlab);
++#ifndef USDT2
++  HS_DTRACE_PROBE4(hotspot, gc__collection__contig__end, full, clear_all_soft_refs, size, tlab);
++#endif /* !USDT2 */
+ }
+ 
+ void CMSCollector::collect(bool   full,
+diff -Nru openjdk.orig/hotspot/src/share/vm/gc_implementation/g1/g1MarkSweep.cpp openjdk/hotspot/src/share/vm/gc_implementation/g1/g1MarkSweep.cpp
+--- openjdk.orig/hotspot/src/share/vm/gc_implementation/g1/g1MarkSweep.cpp	2014-03-06 09:11:53.000000000 +0000
++++ openjdk/hotspot/src/share/vm/gc_implementation/g1/g1MarkSweep.cpp	2014-03-07 04:33:00.601620772 +0000
+@@ -49,8 +49,13 @@
+ #include "runtime/thread.hpp"
+ #include "runtime/vmThread.hpp"
+ #include "utilities/copy.hpp"
++#include "utilities/dtrace.hpp"
+ #include "utilities/events.hpp"
+ 
++#ifndef USDT2
++  HS_DTRACE_PROBE_DECL2(provider, gc__collection__G1__begin, *uintptr_t, *uintptr_t);
++  HS_DTRACE_PROBE_DECL2(provider, gc__collection__G1__end, *uintptr_t, *uintptr_t);
++ #endif /* !USDT2 */ 
+ class HeapRegion;
+ 
+ void G1MarkSweep::invoke_at_safepoint(ReferenceProcessor* rp,
+@@ -84,6 +89,9 @@
+   // The marking doesn't preserve the marks of biased objects.
+   BiasedLocking::preserve_marks();
+ 
++#ifndef USDT2
++  HS_DTRACE_PROBE2(hotspot, gc__collection__G1__begin, &sh, sh->gc_cause());
++#endif /* !USDT2 */
+   mark_sweep_phase1(marked_for_unloading, clear_all_softrefs);
+ 
+   mark_sweep_phase2();
+@@ -99,6 +107,9 @@
+   BiasedLocking::restore_marks();
+   GenMarkSweep::deallocate_stacks();
+ 
++#ifndef USDT2
++  HS_DTRACE_PROBE2(hotspot, gc__collection__G1__end, &sh, sh->gc_cause());
++#endif /* !USDT2 */
+   // "free at last gc" is calculated from these.
+   // CHF: cheating for now!!!
+   //  Universe::set_heap_capacity_at_last_gc(Universe::heap()->capacity());
+diff -Nru openjdk.orig/hotspot/src/share/vm/gc_implementation/parallelScavenge/parallelScavengeHeap.cpp openjdk/hotspot/src/share/vm/gc_implementation/parallelScavenge/parallelScavengeHeap.cpp
+--- openjdk.orig/hotspot/src/share/vm/gc_implementation/parallelScavenge/parallelScavengeHeap.cpp	2014-03-06 09:11:53.000000000 +0000
++++ openjdk/hotspot/src/share/vm/gc_implementation/parallelScavenge/parallelScavengeHeap.cpp	2014-03-07 04:31:58.396693660 +0000
+@@ -43,8 +43,14 @@
+ #include "runtime/java.hpp"
+ #include "runtime/vmThread.hpp"
+ #include "services/memTracker.hpp"
++#include "utilities/dtrace.hpp"
+ #include "utilities/vmError.hpp"
+ 
++#ifndef USDT2
++  HS_DTRACE_PROBE_DECL2(provider, gc__collection__parscavenge__heap__begin, *uintptr_t, *uintptr_t);
++  HS_DTRACE_PROBE_DECL2(provider, gc__collection__parscavenge__heap__end, *uintptr_t, *uintptr_t);
++#endif /* !USDT2 */
++
+ PSYoungGen*  ParallelScavengeHeap::_young_gen = NULL;
+ PSOldGen*    ParallelScavengeHeap::_old_gen = NULL;
+ PSAdaptiveSizePolicy* ParallelScavengeHeap::_size_policy = NULL;
+@@ -530,7 +536,13 @@
+   }
+ 
+   VM_ParallelGCSystemGC op(gc_count, full_gc_count, cause);
++#ifndef USDT2
++  HS_DTRACE_PROBE2(hotspot, gc__collection__parscavenge__heap__begin, &op, cause);
++#endif /* !USDT2 */
+   VMThread::execute(&op);
++#ifndef USDT2
++  HS_DTRACE_PROBE2(hotspot, gc__collection__parscavenge__heap__end, &op, cause);
++#endif /* !USDT2 */
+ }
+ 
+ void ParallelScavengeHeap::oop_iterate(ExtendedOopClosure* cl) {
+diff -Nru openjdk.orig/hotspot/src/share/vm/gc_implementation/parallelScavenge/psParallelCompact.cpp openjdk/hotspot/src/share/vm/gc_implementation/parallelScavenge/psParallelCompact.cpp
+--- openjdk.orig/hotspot/src/share/vm/gc_implementation/parallelScavenge/psParallelCompact.cpp	2014-03-06 09:11:53.000000000 +0000
++++ openjdk/hotspot/src/share/vm/gc_implementation/parallelScavenge/psParallelCompact.cpp	2014-03-07 04:29:33.234530133 +0000
+@@ -56,11 +56,18 @@
+ #include "services/management.hpp"
+ #include "services/memoryService.hpp"
+ #include "services/memTracker.hpp"
++#include "utilities/dtrace.hpp"
+ #include "utilities/events.hpp"
+ #include "utilities/stack.inline.hpp"
+ 
+ #include <math.h>
+ 
++#ifndef USDT2
++  HS_DTRACE_PROBE_DECL2(provider, gc__collection__ParallelCompact__clear, *uintptr_t, *uintptr_t);
++  HS_DTRACE_PROBE_DECL2(provider, gc__collection__parallel__collect, *uintptr_t, *uintptr_t);
++  HS_DTRACE_PROBE_DECL4(provider, gc__collection__move, *uintptr_t, *uintptr_t, *uintptr_t, *uintptr_t);
++#endif /* !USDT2 */
++
+ // All sizes are in HeapWords.
+ const size_t ParallelCompactData::Log2RegionSize  = 16; // 64K words
+ const size_t ParallelCompactData::RegionSize      = (size_t)1 << Log2RegionSize;
+@@ -451,6 +458,9 @@
+ 
+ void ParallelCompactData::clear()
+ {
++#ifndef USDT2
++  HS_DTRACE_PROBE2(hotspot, gc__collection__ParallelCompact__clear, &_region_data, _region_data->data_location());
++#endif /* !USDT2 */
+   memset(_region_data, 0, _region_vspace->committed_size());
+   memset(_block_data, 0, _block_vspace->committed_size());
+ }
+@@ -1977,6 +1987,9 @@
+          "should be in vm thread");
+ 
+   ParallelScavengeHeap* heap = gc_heap();
++#ifndef USDT2
++  HS_DTRACE_PROBE2(hotspot, gc__collection__parallel__collect, heap, heap->gc_cause());
++#endif /* !USDT2 */
+   GCCause::Cause gc_cause = heap->gc_cause();
+   assert(!heap->is_gc_active(), "not reentrant");
+ 
+@@ -3269,6 +3282,9 @@
+   // past the end of the partial object entering the region (if any).
+   HeapWord* const dest_addr = sd.partial_obj_end(dp_region);
+   HeapWord* const new_top = _space_info[space_id].new_top();
++#ifndef USDT2
++  HS_DTRACE_PROBE4(hotspot, gc__collection__move, &beg_addr, &end_addr, &dest_addr, &new_top);
++#endif /* !USDT2 */
+   assert(new_top >= dest_addr, "bad new_top value");
+   const size_t words = pointer_delta(new_top, dest_addr);
+ 
+diff -Nru openjdk.orig/hotspot/src/share/vm/gc_implementation/parallelScavenge/psScavenge.cpp openjdk/hotspot/src/share/vm/gc_implementation/parallelScavenge/psScavenge.cpp
+--- openjdk.orig/hotspot/src/share/vm/gc_implementation/parallelScavenge/psScavenge.cpp	2014-03-06 09:11:53.000000000 +0000
++++ openjdk/hotspot/src/share/vm/gc_implementation/parallelScavenge/psScavenge.cpp	2014-03-07 04:29:33.234530133 +0000
+@@ -54,8 +54,17 @@
+ #include "runtime/vmThread.hpp"
+ #include "runtime/vm_operations.hpp"
+ #include "services/memoryService.hpp"
++#include "utilities/dtrace.hpp"
+ #include "utilities/stack.inline.hpp"
+ 
++#ifndef USDT2
++  HS_DTRACE_PROBE_DECL2(provider, gc__collection__PSScavenge__begin, *uintptr_t, *uintptr_t);
++  HS_DTRACE_PROBE_DECL2(provider, gc__collection__PSScavenge__end, *uintptr_t, *uintptr_t);
++  HS_DTRACE_PROBE_DECL2(provider, gc__collection__PSParallelCompact__begin, *uintptr_t, *uintptr_t);
++  HS_DTRACE_PROBE_DECL2(provider, gc__collection__PSParallelCompact__end, *uintptr_t, *uintptr_t);
++  HS_DTRACE_PROBE_DECL2(provider, gc__collection__PSMarkSweep__begin, *uintptr_t, *uintptr_t);
++  HS_DTRACE_PROBE_DECL2(provider, gc__collection__PSMarkSweep__end, *uintptr_t, *uintptr_t);
++#endif /* !USDT2 */
+ 
+ HeapWord*                  PSScavenge::_to_space_top_before_gc = NULL;
+ int                        PSScavenge::_consecutive_skipped_scavenges = 0;
+@@ -228,7 +237,13 @@
+   PSAdaptiveSizePolicy* policy = heap->size_policy();
+   IsGCActiveMark mark;
+ 
++#ifndef USDT2
++  HS_DTRACE_PROBE2(hotspot, gc__collection__PSScavenge__begin, &heap, heap->gc_cause());
++#endif /* !USDT2 */
+   const bool scavenge_done = PSScavenge::invoke_no_policy();
++#ifndef USDT2
++  HS_DTRACE_PROBE2(hotspot, gc__collection__PSScavenge__end, &heap, heap->gc_cause());
++#endif /* !USDT2 */
+   const bool need_full_gc = !scavenge_done ||
+     policy->should_full_GC(heap->old_gen()->free_in_bytes());
+   bool full_gc_done = false;
+@@ -245,9 +260,21 @@
+     const bool clear_all_softrefs = cp->should_clear_all_soft_refs();
+ 
+     if (UseParallelOldGC) {
++#ifndef USDT2
++  HS_DTRACE_PROBE2(hotspot, gc__collection__PSParallelCompact__begin, &heap, heap->gc_cause());
++#endif /* !USDT2 */
+       full_gc_done = PSParallelCompact::invoke_no_policy(clear_all_softrefs);
++#ifndef USDT2
++  HS_DTRACE_PROBE2(hotspot, gc__collection__PSParallelCompact__end, &heap, heap->gc_cause());
++#endif /* !USDT2 */
+     } else {
++#ifndef USDT2
++  HS_DTRACE_PROBE2(hotspot, gc__collection__PSMarkSweep__begin, &heap, heap->gc_cause());
++#endif /* !USDT2 */
+       full_gc_done = PSMarkSweep::invoke_no_policy(clear_all_softrefs);
++#ifndef USDT2
++  HS_DTRACE_PROBE2(hotspot, gc__collection__PSMarkSweep__end, &heap, heap->gc_cause());
++#endif /* !USDT2 */
+     }
+   }
+ 
+diff -Nru openjdk.orig/hotspot/src/share/vm/gc_implementation/parNew/parNewGeneration.cpp openjdk/hotspot/src/share/vm/gc_implementation/parNew/parNewGeneration.cpp
+--- openjdk.orig/hotspot/src/share/vm/gc_implementation/parNew/parNewGeneration.cpp	2014-03-06 09:11:53.000000000 +0000
++++ openjdk/hotspot/src/share/vm/gc_implementation/parNew/parNewGeneration.cpp	2014-03-07 04:29:33.234530133 +0000
+@@ -54,6 +54,12 @@
+ #include "utilities/copy.hpp"
+ #include "utilities/globalDefinitions.hpp"
+ #include "utilities/workgroup.hpp"
++#include "utilities/dtrace.hpp"
++
++#ifndef USDT2
++  HS_DTRACE_PROBE_DECL4(provider, gc__collection__parnew__begin, bool, bool, size_t, bool);
++  HS_DTRACE_PROBE_DECL4(provider, gc__collection__parnew__end, bool, bool, size_t, bool);
++#endif /* !USDT2 */
+ 
+ #ifdef _MSC_VER
+ #pragma warning( push )
+@@ -911,6 +917,9 @@
+                                bool   clear_all_soft_refs,
+                                size_t size,
+                                bool   is_tlab) {
++#ifndef USDT2
++  HS_DTRACE_PROBE4(hotspot, gc__collection__parnew__begin, full, clear_all_soft_refs, size, is_tlab);
++#endif  /* !USDT2 */
+   assert(full || size > 0, "otherwise we don't want to collect");
+ 
+   GenCollectedHeap* gch = GenCollectedHeap::heap();
+@@ -1061,6 +1070,10 @@
+     gch->print_heap_change(gch_prev_used);
+   }
+ 
++#ifndef USDT2
++  HS_DTRACE_PROBE4(hotspot, gc__collection__parnew__end, full, clear_all_soft_refs, size, is_tlab);
++#endif  /* !USDT2 */
++
+   if (PrintGCDetails && ParallelGCVerbose) {
+     TASKQUEUE_STATS_ONLY(thread_state_set.print_termination_stats());
+     TASKQUEUE_STATS_ONLY(thread_state_set.print_taskqueue_stats());
+diff -Nru openjdk.orig/hotspot/src/share/vm/memory/defNewGeneration.cpp openjdk/hotspot/src/share/vm/memory/defNewGeneration.cpp
+--- openjdk.orig/hotspot/src/share/vm/memory/defNewGeneration.cpp	2014-03-06 09:11:53.000000000 +0000
++++ openjdk/hotspot/src/share/vm/memory/defNewGeneration.cpp	2014-03-07 04:31:15.676056944 +0000
+@@ -44,8 +44,13 @@
+ #include "runtime/java.hpp"
+ #include "runtime/thread.inline.hpp"
+ #include "utilities/copy.hpp"
++#include "utilities/dtrace.hpp"
+ #include "utilities/stack.inline.hpp"
+ 
++#ifndef USDT2
++  HS_DTRACE_PROBE_DECL4(provider, gc__collection__defnew__begin, bool, bool, size_t, bool);
++  HS_DTRACE_PROBE_DECL4(provider, gc__collection__defnew__end, bool, bool, size_t, bool);
++#endif /* !USDT2 */
+ //
+ // DefNewGeneration functions.
+ 
+@@ -558,6 +563,9 @@
+                                bool   clear_all_soft_refs,
+                                size_t size,
+                                bool   is_tlab) {
++#ifndef USDT2
++  HS_DTRACE_PROBE4(hotspot, gc__collection__defnew__begin, full, clear_all_soft_refs, size, is_tlab);
++#endif  /* !USDT2 */
+   assert(full || size > 0, "otherwise we don't want to collect");
+ 
+   GenCollectedHeap* gch = GenCollectedHeap::heap();
+@@ -706,6 +714,10 @@
+   jlong now = os::javaTimeNanos() / NANOSECS_PER_MILLISEC;
+   update_time_of_last_gc(now);
+ 
++#ifndef USDT2
++  HS_DTRACE_PROBE4(hotspot, gc__collection__defnew__end, full, clear_all_soft_refs, size, is_tlab);
++#endif  /* !USDT2 */
++
+   gch->trace_heap_after_gc(&gc_tracer);
+   gc_tracer.report_tenuring_threshold(tenuring_threshold());
+ 
+diff -Nru openjdk.orig/hotspot/src/share/vm/memory/generation.cpp openjdk/hotspot/src/share/vm/memory/generation.cpp
+--- openjdk.orig/hotspot/src/share/vm/memory/generation.cpp	2014-03-06 09:11:53.000000000 +0000
++++ openjdk/hotspot/src/share/vm/memory/generation.cpp	2014-03-07 04:29:33.234530133 +0000
+@@ -41,8 +41,14 @@
+ #include "oops/oop.inline.hpp"
+ #include "runtime/java.hpp"
+ #include "utilities/copy.hpp"
++#include "utilities/dtrace.hpp"
+ #include "utilities/events.hpp"
+ 
++#ifndef USDT2
++  HS_DTRACE_PROBE_DECL4(provider, gc__collection__contig__begin, bool, bool, size_t, bool);
++  HS_DTRACE_PROBE_DECL4(provider, gc__collection__contig__end, bool, bool, size_t, bool);
++#endif /* !USDT2 */
++
+ Generation::Generation(ReservedSpace rs, size_t initial_size, int level) :
+   _level(level),
+   _ref_processor(NULL) {
+@@ -640,7 +646,13 @@
+   SerialOldTracer* gc_tracer = GenMarkSweep::gc_tracer();
+   gc_tracer->report_gc_start(gch->gc_cause(), gc_timer->gc_start());
+ 
++#ifndef USDT2
++  HS_DTRACE_PROBE4(hotspot, gc__collection__contig__begin, full, clear_all_soft_refs, size, is_tlab);
++#endif  /* !USDT2 */
+   GenMarkSweep::invoke_at_safepoint(_level, ref_processor(), clear_all_soft_refs);
++#ifndef USDT2
++  HS_DTRACE_PROBE4(hotspot, gc__collection__contig__end, full, clear_all_soft_refs, size, is_tlab);
++#endif  /* !USDT2 */
+ 
+   gc_timer->register_gc_end();
+ 
+diff -Nru openjdk.orig/hotspot/src/share/vm/memory/tenuredGeneration.cpp openjdk/hotspot/src/share/vm/memory/tenuredGeneration.cpp
+--- openjdk.orig/hotspot/src/share/vm/memory/tenuredGeneration.cpp	2014-03-06 09:11:53.000000000 +0000
++++ openjdk/hotspot/src/share/vm/memory/tenuredGeneration.cpp	2014-03-07 04:30:33.691431197 +0000
+@@ -34,6 +34,12 @@
+ #include "oops/oop.inline.hpp"
+ #include "runtime/java.hpp"
+ #include "utilities/macros.hpp"
++#include "utilities/dtrace.hpp"
++
++#ifndef USDT2
++  HS_DTRACE_PROBE_DECL4(provider, gc__collection__tenured__begin, bool, bool, size_t, bool);
++  HS_DTRACE_PROBE_DECL4(provider, gc__collection__tenured__end, bool, bool, size_t, bool);
++#endif /* !USDT2 */
+ 
+ TenuredGeneration::TenuredGeneration(ReservedSpace rs,
+                                      size_t initial_byte_size, int level,
+@@ -152,8 +158,14 @@
+                                 size_t size,
+                                 bool   is_tlab) {
+   retire_alloc_buffers_before_full_gc();
++#ifndef USDT2
++  HS_DTRACE_PROBE4(hotspot, gc__collection__tenured__begin, full, clear_all_soft_refs, size, is_tlab);
++#endif  /* !USDT2 */
+   OneContigSpaceCardGeneration::collect(full, clear_all_soft_refs,
+                                         size, is_tlab);
++#ifndef USDT2
++  HS_DTRACE_PROBE4(hotspot, gc__collection__tenured__end, full, clear_all_soft_refs, size, is_tlab);
++#endif  /* !USDT2 */
+ }
+ 
+ void TenuredGeneration::compute_new_size() {
diff -r 74d5e26fce82 -r b1043cc0cd82 patches/hotspot/default/systemtap_gc.patch
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/patches/hotspot/default/systemtap_gc.patch	Sat Mar 08 18:06:34 2014 +0000
@@ -0,0 +1,379 @@
+diff -Nru openjdk.orig/hotspot/src/share/vm/compiler/oopMap.cpp openjdk/hotspot/src/share/vm/compiler/oopMap.cpp
+--- openjdk.orig/hotspot/src/share/vm/compiler/oopMap.cpp	2014-01-23 23:25:39.000000000 +0000
++++ openjdk/hotspot/src/share/vm/compiler/oopMap.cpp	2014-01-24 04:36:46.878006161 +0000
+@@ -33,9 +33,13 @@
+ #include "memory/resourceArea.hpp"
+ #include "runtime/frame.inline.hpp"
+ #include "runtime/signature.hpp"
++#include "utilities/dtrace.hpp"
+ #ifdef COMPILER1
+ #include "c1/c1_Defs.hpp"
+ #endif
++#ifndef USDT2
++  HS_DTRACE_PROBE_DECL1(provider, gc__collection__delete, *uintptr_t);
++#endif /* !USDT2 */
+ 
+ // OopMapStream
+ 
+@@ -677,6 +681,9 @@
+                     " - Derived: " INTPTR_FORMAT "  Base: " INTPTR_FORMAT " (Offset: %d)",
+           derived_loc, (address)*derived_loc, (address)base, offset);
+     }
++#ifndef USDT2
++  HS_DTRACE_PROBE1(hotspot, gc__collection__delete, entry);
++#endif /* !USDT2 */
+ 
+     // Delete entry
+     delete entry;
+diff -Nru openjdk.orig/hotspot/src/share/vm/gc_implementation/concurrentMarkSweep/concurrentMarkSweepGeneration.cpp openjdk/hotspot/src/share/vm/gc_implementation/concurrentMarkSweep/concurrentMarkSweepGeneration.cpp
+--- openjdk.orig/hotspot/src/share/vm/gc_implementation/concurrentMarkSweep/concurrentMarkSweepGeneration.cpp	2014-01-23 23:25:39.000000000 +0000
++++ openjdk/hotspot/src/share/vm/gc_implementation/concurrentMarkSweep/concurrentMarkSweepGeneration.cpp	2014-01-24 04:36:46.878006161 +0000
+@@ -59,6 +59,12 @@
+ #include "runtime/vmThread.hpp"
+ #include "services/memoryService.hpp"
+ #include "services/runtimeService.hpp"
++#include "utilities/dtrace.hpp"
++
++#ifndef USDT2
++  HS_DTRACE_PROBE_DECL4(provider, gc__collection__contig__begin, bool, bool, size_t, bool);
++  HS_DTRACE_PROBE_DECL4(provider, gc__collection__contig__end, bool, bool, size_t, bool);
++#endif /* !USDT2 */
+ 
+ // statics
+ CMSCollector* ConcurrentMarkSweepGeneration::_collector = NULL;
+@@ -1647,7 +1653,13 @@
+                                             size_t size,
+                                             bool   tlab)
+ {
++#ifndef USDT2
++  HS_DTRACE_PROBE4(hotspot, gc__collection__contig__begin, full, clear_all_soft_refs, size, tlab);
++#endif /* !USDT2 */
+   collector()->collect(full, clear_all_soft_refs, size, tlab);
++#ifndef USDT2
++  HS_DTRACE_PROBE4(hotspot, gc__collection__contig__end, full, clear_all_soft_refs, size, tlab);
++#endif /* !USDT2 */
+ }
+ 
+ void CMSCollector::collect(bool   full,
+diff -Nru openjdk.orig/hotspot/src/share/vm/gc_implementation/g1/g1MarkSweep.cpp openjdk/hotspot/src/share/vm/gc_implementation/g1/g1MarkSweep.cpp
+--- openjdk.orig/hotspot/src/share/vm/gc_implementation/g1/g1MarkSweep.cpp	2014-01-23 23:25:39.000000000 +0000
++++ openjdk/hotspot/src/share/vm/gc_implementation/g1/g1MarkSweep.cpp	2014-01-24 04:36:46.878006161 +0000
+@@ -50,8 +50,13 @@
+ #include "runtime/thread.hpp"
+ #include "runtime/vmThread.hpp"
+ #include "utilities/copy.hpp"
++#include "utilities/dtrace.hpp"
+ #include "utilities/events.hpp"

From aazores at redhat.com  Sat Mar  8 03:58:20 2014
From: aazores at redhat.com (Andrew Azores)
Date: Fri, 7 Mar 2014 22:58:20 -0500 (EST)
Subject: [rfc][icedtea-web] set location for jnlpHreffed jnlp file
	correctly	(rh1072013)
In-Reply-To: <5319BE3C.2030008@redhat.com>
References: <5319BE3C.2030008@redhat.com>
Message-ID: <1475322847.984388.1394251100947.JavaMail.zimbra@redhat.com>

No, I don't think there's any way to make applets able to call System.exit() with the custom policies. Not with the way JNLPSecurityManager is currently written. I can't think of a valid reason an applet would need to be able to kill the JVM though... so I don't think it's worth modifying the security manager to allow this.

Patch itself looks good to me.

Thanks,

Andrew A

----- Original Message -----
From: "Jiri Vanek" <jvanek at redhat.com>
To: "IcedTea Distro List" <distro-pkg-dev at openjdk.java.net>
Sent: Friday, March 7, 2014 7:40:28 AM
Subject: [rfc][icedtea-web] set location for jnlpHreffed jnlp file correctly	(rh1072013)

When plugin is using jnlpHref to start, the location of jnlp file is not stored properly.  When one 
wonts to use it, he got NPE. Proably only usecase when this is visible is signature by jnlp (then 
tmplate have nothing to match)

However  I have not made the http://www.arcadeflex.com/releases/v0.36.4/launch.php?id=134 run :(

Now it is dying with itself :

Exception in thread "Thread-8" java.security.AccessControlException: Applets may not call System.exit()
	at net.sourceforge.jnlp.runtime.JNLPSecurityManager.checkExit(JNLPSecurityManager.java:391)
	at javax.swing.JFrame.setDefaultCloseOperation(JFrame.java:388)
	at arcadeflex.UrlDownloadProgress.initComponents(UrlDownloadProgress.java:46)
	at arcadeflex.UrlDownloadProgress.<init>(UrlDownloadProgress.java:28)
	at arcadeflex.osdepend.main(osdepend.java:75)
	at arcadeflex.MainApplet$1.run(MainApplet.java:78)
	at java.lang.Thread.run(Thread.java:744)

Andrew, can your policy enhancement grant exit System.exit? Just worthy to try :)


J.


ps: reproducers for this are missing.


From aazores at redhat.com  Sat Mar  8 03:59:15 2014
From: aazores at redhat.com (Andrew Azores)
Date: Fri, 7 Mar 2014 22:59:15 -0500 (EST)
Subject: [rfc] [cedtea-web] upated javawsman page was: Re:
	[rfc][icedtea-web] javaws -version flag
In-Reply-To: <5319A319.90707@redhat.com>
References: <53179DCE.6070405@redhat.com> <5318A0C8.5090507@redhat.com>
	<20140306161552.GC1968@redhat.com> <5318A43A.5080305@redhat.com>
	<20140306165233.GD1968@redhat.com> <5318B2B9.8060009@redhat.com>
	<20140306180003.GG1968@redhat.com> <5319A319.90707@redhat.com>
Message-ID: <208916506.984399.1394251155320.JavaMail.zimbra@redhat.com>

I have no idea how to write a man page, but PolicyEditor's should be quite short and simple. Good opportunity for me to learn?

Thanks,

Andrew A

----- Original Message -----
From: "Jiri Vanek" <jvanek at redhat.com>
To: "Omair Majid" <omajid at redhat.com>
Cc: "Andrew Azores" <aazores at redhat.com>, "IcedTea" <distro-pkg-dev at openjdk.java.net>
Sent: Friday, March 7, 2014 5:44:41 AM
Subject: [rfc] [cedtea-web] upated javawsman page was: Re: [rfc][icedtea-web] javaws -version flag

Some updates to javaws man page.. Is there any voulenteer for icedtea-web, policyeditor and 
itw-settings ? :))

J.
On 03/06/2014 07:00 PM, Omair Majid wrote:
> * Jiri Vanek <jvanek at redhat.com> [2014-03-06 12:30]:
>> No. You misunderstood me completely. The will to maintain them is
>> missing. I 100% agree that they are necessary.
>
> Ah, well that's a different matter. I will try and help.
>
>> On 03/06/2014 05:52 PM, Omair Majid wrote:
>>> * Jiri Vanek<jvanek at redhat.com>  [2014-03-06 11:29]:
>>>>   First half of previous 8 months I was ignoring them willingly,
>>>>   because I hoped to have the generated ones prepared for 1.5.
>>>
>>> I don't know if generated ones are the magic bullet you think they are.
>>> Either way you have to write the documentation. And some parts of the
>>> documentation don't belong in code. Still, generated or not, we need
>>> some place where users can find documentation.
>>
>> 100% yes, and the man pages are th way to go.
>>
>> They may be the magic bullet if I fulfil my idea.
>
> Fair enough. My original suggestion was: let's add a tiny fix (document
> -version) while we wait for the bigger (and better) fix (the
> auto-generated man pages).
>
>> Right. Right now there is only javaws.1 Imho two more are misisng. And
>> manpage for "package name" is good recomandation.
>
> I am not so sure. `man man` says:
>
> "man is the system's manual pager. Each page argument given to man is
> normally the name of a program, utility or function"
>
> `javaws` qualifies as a program, but does icedtea-web?
>
> Isn't a README the more appropriate place for this? Do you know of
> examples where there is a man page for a package where package name is
> different from the binary name?
>
> Any way, if you want to add more documentation and maintain it, that's
> perfectly fine with me :)
>
>> It can be jsut see javaws + expalinig alternatives, or something more
>> general. Also it may be spec patch only.
>
> *If* we decide that this it not very useful upstream, maybe we should
> encourage downstream to follow?
>
>>>> , itw-settings manpage is missing - and
>>>> it is HUGE man page, and newly policyeditor is missing.
>>>
>>> For self-explanatory GUIs, I am not sure we need detailed man pages.
>>> They mostly make sense for command line programs that take lots of
>>
>> Self expalantory???  The itw-settings have incredible cmd line support!
>
> Haha. I wrote that :)
>
> I meant that it's fairly simple to document the cli bits (there's only 4
> or so commands, right) and the GUI is self-explanatory. So the man page
> shouldn't be that large.
>
> Thanks,
> Omair
>


From aazores at redhat.com  Sat Mar  8 03:52:21 2014
From: aazores at redhat.com (Andrew Azores)
Date: Fri, 7 Mar 2014 22:52:21 -0500 (EST)
Subject: [rfc][icedtea-web] save  runn urls to property
In-Reply-To: <5319E3F9.9020405@redhat.com>
References: <5304C60C.5070608@redhat.com> <5316531D.7010304@redhat.com>
	<53173282.7020401@redhat.com> <531731A7.6000006@redhat.com>
	<53174F77.2070209@redhat.com> <5319E3F9.9020405@redhat.com>
Message-ID: <1903193196.984297.1394250741270.JavaMail.zimbra@redhat.com>

Fair enough on the Set argument. IMO this looks pretty good, but maybe wait to see if Omair has any comments still before pushing.

Thanks,

Andrew A

----- Original Message -----
From: "Jiri Vanek" <jvanek at redhat.com>
To: "Andrew Azores" <aazores at redhat.com>
Cc: "Jakub Filak" <jfilak at redhat.com>, "IcedTea Distro List" <distro-pkg-dev at openjdk.java.net>, "Omair Majid" <omajid at redhat.com>
Sent: Friday, March 7, 2014 10:21:29 AM
Subject: Re: [rfc][icedtea-web] save  runn urls to property

On 03/05/2014 05:23 PM, Jiri Vanek wrote:
> On 03/05/2014 03:16 PM, Andrew Azores wrote:
>> On 03/05/2014 09:19 AM, Jiri Vanek wrote:
>>> On 03/04/2014 11:26 PM, Andrew Azores wrote:
>>>> On 02/19/2014 09:56 AM, Jiri Vanek wrote:
>>>>> hi!
>>>>>
>>>>> As java abrt connector is sending quite good reports, the url, on which I can reproduce the
>>>>> issue is missing. So always my first question in bug is "may you please post url" ?
>>>>>
>>>>> Also java connector is printing out system properties. So it crossed my mind to store the
>>>>> launched jnlps/htmls for this usage. I have quite mixed feelings about it but do not have it
>>>>> makes java-abrt-connector a bit useless (users donot care to much about auto generated bugs)
>>>>> - see https://bugzilla.redhat.com/show_bug.cgi?id=1060390
>>>>>
>>>>> This needs also some more work on java-abrt-conenctor - see
>>>>> https://github.com/jfilak/abrt-java-connector/issues/34
>>>>>
>>>>> J.
>>>>
>>>> I like the intent behind the patch but I don't know if I really like using system properties for
>>>> this :/
>>>
>>> I'm not sure with them too:(
>>>
>>> > not that I have any better ideas off the top of my head.
>>>
>>> The abrt agent can actually do anything. My another idea is to store it in some static (private)
>>> variable. The whitleist in issue 34 will then be package.class fieldName
>>
>> I didn't know that this would be an option. This sounds much, much better to me.
>>
>>>
>>> > But this just does not seem to me like what the properties are meant to be used for.
>>>
>>> Agree. And my concern is that with this, *maybe* (but probably) all appelts which can read
>>> properties, will be able to spy history.
>>
>> Yea, and this is really not a good mechanism to be providing.
>>
>>>
>>> I have commented also https://github.com/jfilak/abrt-java-connector/issues/34
>>>> It seems like nobody else is chiming in with any better ideas, and you're right that the
>>>> automatic bug reports are a little bit useless without something like this, so if you have no
>>>> better implementations in mind then I suppose this will have to suffice.
>>>
>>> What do you thnk about this approach? (otherwise it will be same)
>>> Thank you!
>>>
>
> So here is version with field.

  So here is version with method. We agreed on it today With Jakub.

Andrew, I.m still using the string. Although I was thinking about usage of:
         if (!history.contains(documentBase)){
             JNLPRuntime.history += " " + documentBase + " ";
         }
I think it can be interesting to know number of reloads.
Also I wont to have string since begining (not set - method -> sting) as any logic after OOM error, 
can be undoable. But String will be still possible to dig.


>
> the whitelist then will be:
> netx.net.sourceforge.jnlp.runtime.JNLPRuntime history

netx.net.sourceforge.jnlp.runtime.JNLPRuntime getHistory

(or whatever, but it is still private method)

The comment is added as Omair wonted. The synchronization was *not* added.  I really think it do not 
belongs here.


J.

From aazores at redhat.com  Sat Mar  8 04:07:23 2014
From: aazores at redhat.com (Andrew Azores)
Date: Fri, 7 Mar 2014 23:07:23 -0500 (EST)
Subject: [rfc][icedtea-web][policyeditor] Parsing enhancements and unit
	tests
In-Reply-To: <5319C879.4090903@redhat.com>
References: <53175862.8080408@redhat.com> <53188132.2040009@redhat.com>
	<1223389579.366317.1394137097401.JavaMail.zimbra@redhat.com>
	<5319C879.4090903@redhat.com>
Message-ID: <1438278964.984533.1394251643115.JavaMail.zimbra@redhat.com>

Well, I guess I could make one matcher, check if it matches, and then if not, make the other and check with it, but how much does it really matter... ? I think the intention is clearer, having the conjunction in the first if check. I doubt it will make much of a perfomance difference for most users, unless they end up with much more massive custom policy files than I'm expecting.

And of course the CustomPermission and PolicyEditorPermissions fromString() methods are "suspiciously" similar - they are both reading from the same source and attempting to parse into more or less the same end result. Why would they be really different? I guess the logic is mostly the same so they could be given a parent class or some utility method.

Thanks,

Andrew A

----- Original Message -----
From: "Jiri Vanek" <jvanek at redhat.com>
To: "Andrew Azores" <aazores at redhat.com>
Cc: "IcedTea" <distro-pkg-dev at openjdk.java.net>
Sent: Friday, March 7, 2014 8:24:09 AM
Subject: Re: [rfc][icedtea-web][policyeditor] Parsing enhancements and unit tests

The messages.properties changes are still not listed in changelog.


This is probably nit, but:
+        final Matcher targetMatcher = PolicyEditorPermissions.TARGET_PERMISSION.matcher(string);
+        final Matcher actionMatcher = PolicyEditorPermissions.ACTIONS_PERMISSION.matcher(string);
+        if (!targetMatcher.matches() && !actionMatcher.matches()) {
+            return null;
+        }
+
+        final String typeStr, targetStr, actionsStr;
+
+        if (actionMatcher.matches()) {
+            typeStr = actionMatcher.group(1);
+            targetStr = actionMatcher.group(2);
+            actionsStr = actionMatcher.group(3);
+        } else {
+        	typeStr = targetMatcher.group(1);
+            targetStr = targetMatcher.group(2);
+            actionsStr = "";
          }

the first matcher is needed only when second one fails. Maybe would be nice to remove the 
unnecessary matching.

similar for PolicyEditorPermissions which is still suspiciously similar:(


The chnage [\\w.] -> [\\w\\.]  looks enough :)



Thanx!
J.
On 03/06/2014 09:18 PM, Andrew Azores wrote:
> Thanks for review! Hopefully the new attached patch is nicer.
>
> Thanks,
>
> Andrew A
>
> ----- Original Message -----
> From: "Jiri Vanek" <jvanek at redhat.com>
> To: "Andrew Azores" <aazores at redhat.com>
> Cc: "IcedTea" <distro-pkg-dev at openjdk.java.net>
> Sent: Thursday, March 6, 2014 9:07:46 AM
> Subject: Re: [rfc][icedtea-web][policyeditor] Parsing enhancements and unit tests
>
> On 03/05/2014 06:01 PM, Andrew Azores wrote:
>> Hi,
>>
>> The previous thread was diverging into two quite different patches, so I'm splitting it.
>>
>> This patch improves parsing, especially handling of comments, and adds a lot of new unit testing for this. A few small bugs were found and fixed along the way.
>>
>
> The Messages.properties changes are missing in in-pathc chagelog
>
> public static CustomPermission fromString - more more and more tests. Try to hack yourself.  But generally ok.
> Well the comment is poem-writer's masterpiece :) But better then nothing :)
> The [\\w.] do not osund correct. The dot should be escaped to match dot, not any char. Or not? So this part will be:
> [[\\w\\.]+\\w+] (nottested - to match [java.][io.][permissions] and nto eg dsgfgogfdsgjsfdghjsfd[hj as now :)
> The content of quotes may be anything, ok? What about content to be qutes itself? (not jsut ${} eg?
> The first quotes are mandatory, and the scond not? As far as I read from regex.
> Why is compiled patter not global constant? It should be. It will not need recompile each launch time... Then there can be also some tests only to the regex itself.
>
>
> Why is the  CustomPermission.fromStirng copypasted to PolicyEditorPermissions ???
>
> Quick glance over tests is ook.
>
> Thanx!
>     J.
>


From omajid at redhat.com  Sat Mar  8 00:28:09 2014
From: omajid at redhat.com (Omair Majid)
Date: Fri, 7 Mar 2014 19:28:09 -0500
Subject: [icedtea-web] RFC: man page for itweb-settings
Message-ID: <20140308002809.GG24571@redhat.com>

Hi,

This is a very simple man page for itweb-settings. Okay to push?

Thanks,
Omair

-- 
PGP Key: 66484681 (http://pgp.mit.edu/)
Fingerprint = F072 555B 0A17 3957 4E95  0056 F286 F14F 6648 4681
-------------- next part --------------
diff --git a/ChangeLog b/ChangeLog
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,8 @@
+2014-03-07  Omair Majid <omajid at redhat.com>
+
+	* Makefile.am (install-data-local): Install itweb-settings.1.
+	* netx/itweb-settings.1: New file.
+
 2014-03-06  Andrew Azores  <aazores at redhat.com>
 
 	* NEWS: added -version flag entry
diff --git a/Makefile.am b/Makefile.am
--- a/Makefile.am
+++ b/Makefile.am
@@ -256,6 +256,7 @@
 install-data-local:
 	${mkinstalldirs} -d $(DESTDIR)$(mandir)/man1
 	${INSTALL_DATA} $(NETX_SRCDIR)/javaws.1 $(DESTDIR)$(mandir)/man1
+	${INSTALL_DATA} $(NETX_SRCDIR)/itweb-settings.1 $(DESTDIR)$(mandir)/man1
 if ENABLE_DOCS
 	${mkinstalldirs} $(DESTDIR)$(htmldir)
 	(cd ${abs_top_builddir}/docs/netx; \
diff --git a/netx/itweb-settings.1 b/netx/itweb-settings.1
new file mode 100644
--- /dev/null
+++ b/netx/itweb-settings.1
@@ -0,0 +1,79 @@
+.TH itweb-settings 1 "07 Mar 2014"
+.SH NAME
+itweb-settings - view and modify settings for
+.B
+javaws
+and the browser plugin
+
+.SH SYNOPSYS
+.B itweb-settings
+.br
+.B itweb-settings
+[options] command arguments
+.SH DESCRIPTION
+.B itweb-settings
+is a command line and a GUI program to modify and edit settings used by the
+icedtea-web implementation of
+.B javaws
+and the browser plugin.
+
+If executed without any arguments, it starts up a GUI. Otherwise, it tries to
+do what is specified in the argument.
+
+The command-line allows quickly searching, making a copy of and modifying
+specific settings without having to hunt through a UI.
+
+.SH OPTIONS
+
+.TP 12
+--help
+Shows some helpful information about the program
+
+.SH COMMANDS
+
+.TP 12
+list
+Shows a list of all settings.
+.TP
+get <name>
+Shows the value of the named setting.
+.TP
+info <name>
+Shows additional information about the named setting. Includes a description,
+the current value, the possible values, and the source of the setting.
+.TP
+set <name> <value>
+Sets the setting to the new value, after checking that it is an appropriate
+value.
+.TP
+reset all
+Resets all settings to their original values.
+.TP
+reset <name>
+Resets the named setting to its original value.
+.TP
+check <name>
+Checks that the current value of the setting is a valid value.
+
+.SH EXAMPLES
+
+.TP
+.B itweb-settings
+
+Show the GUI editor
+
+.SH FILES
+~/$XDG_CONFIG_DIR/deployment.properties specifies the settings used
+
+.SH BUGS
+There arent any known bugs. If you come across one, please file it at
+    http://icedtea.classpath.org/bugzilla/
+
+.SH AUTHOR
+Written and maintained by the IcedTea contributors.
+
+.SH SEE ALSO
+.BR javaws (1),
+.BR java (1)
+.br
+http://icedtea.classpath.org/wiki/IcedTea-Web

From stefan.reich.maker.of.eye at googlemail.com  Sun Mar  9 15:03:15 2014
From: stefan.reich.maker.of.eye at googlemail.com (Stefan Reich)
Date: Sun, 9 Mar 2014 16:03:15 +0100
Subject: How to have WebStart create start menu items (on Linux)?
Message-ID: <CAC2-jLG-i31oSBh5ngvkwiY5LrgyS+rpbgFQY3++KC=hTWutSg@mail.gmail.com>

I have successfully deployed a WebStart app on both Windows and IcedTea.

Just about the only thing I'm missing (- apart from a certificate from a CA
that I can afford - ) is to place entries in the start menu.

It's Peppermint Linux, so the application in question is lxpanel I believe.

I have always found the way that lxpanel collects its applications to be
intellectually quite unpenetrable.

But anyways - WebStart/IcedTea should be able to do it, right? I am getting
a desktop short cut alright, just none in the start menu.

Here's my JNLP file: http://tinybrain.de:8080/webstart/webstart.jnlp

Many greetings,
Stefan

And here's a copy:

<?xml version="1.0" encoding="utf-8"?>
<!-- JNLP File for TinyBrain -->
<jnlp
        spec="6.0+"
        codebase="http://tinybrain.de:8080/webstart"
        href="webstart.jnlp">
    <information>
        <title>TinyBrain - a brain for your computer</title>
        <vendor>TinyBrain.de (Stefan Reich)</vendor>
        <homepage href="http://tinybrain.de/"/>
        <description>A brain for your computer that can talk.</description>
        <icon href="brainfsck.jpg"/>
        <icon kind="splash" href="brainfsck.jpg"/>
        <offline-allowed />
        <shortcut online="false" install="true">
            <desktop />
            <menu submenu="TinyBrain" />
        </shortcut>
    </information>
    <security>
        <all-permissions />
    </security>
    <resources>
        <j2se version="1.6+" java-vm-args="-mx32m"/>
        <jar href="magic.jar"/>
    </resources>
    <application-desc main-class="trayicon" />
</jnlp>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140309/d5257ee7/attachment.html>

From ptisnovs at icedtea.classpath.org  Mon Mar 10 10:23:18 2014
From: ptisnovs at icedtea.classpath.org (ptisnovs at icedtea.classpath.org)
Date: Mon, 10 Mar 2014 10:23:18 +0000
Subject: /hg/gfx-test: Eight new tests added into CAGOperationsOnTwoTouch...
Message-ID: <hg.6c11c8263a23.1394446998.-6248649288953172555@icedtea.classpath.org>

changeset 6c11c8263a23 in /hg/gfx-test
details: http://icedtea.classpath.org/hg/gfx-test?cmd=changeset;node=6c11c8263a23
author: Pavel Tisnovsky <ptisnovs at redhat.com>
date: Mon Mar 10 11:23:57 2014 +0100

	Eight new tests added into CAGOperationsOnTwoTouchingCircles.


diffstat:

 ChangeLog                                                         |    5 +
 src/org/gfxtest/testsuites/CAGOperationsOnTwoTouchingCircles.java |  200 ++++++++++
 2 files changed, 205 insertions(+), 0 deletions(-)

diffs (222 lines):

diff -r 154d24fa3f31 -r 6c11c8263a23 ChangeLog
--- a/ChangeLog	Fri Mar 07 13:09:25 2014 +0100
+++ b/ChangeLog	Mon Mar 10 11:23:57 2014 +0100
@@ -1,3 +1,8 @@
+2014-03-10  Pavel Tisnovsky  <ptisnovs at redhat.com>
+
+	* src/org/gfxtest/testsuites/CAGOperationsOnTwoTouchingCircles.java:
+	Eight new tests added into CAGOperationsOnTwoTouchingCircles.
+
 2014-03-07  Pavel Tisnovsky  <ptisnovs at redhat.com>
 
 	* src/org/gfxtest/testsuites/BitBltUsingBgColor.java:
diff -r 154d24fa3f31 -r 6c11c8263a23 src/org/gfxtest/testsuites/CAGOperationsOnTwoTouchingCircles.java
--- a/src/org/gfxtest/testsuites/CAGOperationsOnTwoTouchingCircles.java	Fri Mar 07 13:09:25 2014 +0100
+++ b/src/org/gfxtest/testsuites/CAGOperationsOnTwoTouchingCircles.java	Mon Mar 10 11:23:57 2014 +0100
@@ -1407,6 +1407,206 @@
         return TestResult.PASSED;
     }
 
+    /**
+     * Checks the process of creating and rendering new geometric shape
+     * constructed from two touching circles using Xor operator. The shape is rendered
+     * using texture paint (fill).
+     * 
+     * @param image
+     *            image to which area is to be drawn
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testXorTextureFillUsingDiagonalCheckerTexture(TestImage image, Graphics2D graphics2d)
+    {
+        // set stroke color
+        CommonRenderingStyles.setStrokeColor(graphics2d);
+        // set fill color
+        CommonRenderingStyles.setTextureFillUsingDiagonalCheckerTexture(image, graphics2d);
+        // create area using union operator
+        Area area = CommonCAGOperations.createAreaFromTwoTouchingCirclesUsingXorOperator(image);
+        // draw the area
+        graphics2d.fill(area);
+        // test result
+        return TestResult.PASSED;
+    }
+
+    /**
+     * Checks the process of creating and rendering new geometric shape
+     * constructed from two touching circles using union operator. The shape is rendered
+     * using texture paint (fill).
+     * 
+     * @param image
+     *            image to which area is to be drawn
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testUnionTextureFillUsingGridTexture(TestImage image, Graphics2D graphics2d)
+    {
+        // set stroke color
+        CommonRenderingStyles.setStrokeColor(graphics2d);
+        // set fill color
+        CommonRenderingStyles.setTextureFillUsingGridTexture(image, graphics2d);
+        // create area using union operator
+        Area area = CommonCAGOperations.createAreaFromTwoTouchingCirclesUsingUnionOperator(image);
+        // draw the area
+        graphics2d.fill(area);
+        // test result
+        return TestResult.PASSED;
+    }
+
+    /**
+     * Checks the process of creating and rendering new geometric shape
+     * constructed from two touching circles using subtract operator. The shape is rendered
+     * using texture paint (fill).
+     * 
+     * @param image
+     *            image to which area is to be drawn
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testSubtractTextureFillUsingGridTexture(TestImage image, Graphics2D graphics2d)
+    {
+        // set stroke color
+        CommonRenderingStyles.setStrokeColor(graphics2d);
+        // set fill color
+        CommonRenderingStyles.setTextureFillUsingGridTexture(image, graphics2d);
+        // create area using subtract operator
+        Area area = CommonCAGOperations.createAreaFromTwoTouchingCirclesUsingSubtractOperator(image);
+        // draw the area
+        graphics2d.fill(area);
+        // test result
+        return TestResult.PASSED;
+    }
+
+    /**
+     * Checks the process of creating and rendering new geometric shape
+     * constructed from two touching circles using inverse subtract operator. The shape is rendered
+     * using texture paint (fill).
+     * 
+     * @param image
+     *            image to which area is to be drawn
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testInverseSubtractTextureFillUsingGridTexture(TestImage image, Graphics2D graphics2d)
+    {
+        // set stroke color
+        CommonRenderingStyles.setStrokeColor(graphics2d);
+        // set fill color
+        CommonRenderingStyles.setTextureFillUsingGridTexture(image, graphics2d);
+        // create area using inverse subtract operator
+        Area area = CommonCAGOperations.createAreaFromTwoTouchingCirclesUsingInverseSubtractOperator(image);
+        // draw the area
+        graphics2d.fill(area);
+        // test result
+        return TestResult.PASSED;
+    }
+
+    /**
+     * Checks the process of creating and rendering new geometric shape
+     * constructed from two touching circles using intersect operator. The shape is rendered
+     * using texture paint (fill).
+     * 
+     * @param image
+     *            image to which area is to be drawn
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testIntersectTextureFillUsingGridTexture(TestImage image, Graphics2D graphics2d)
+    {
+        // set stroke color
+        CommonRenderingStyles.setStrokeColor(graphics2d);
+        // set fill color
+        CommonRenderingStyles.setTextureFillUsingGridTexture(image, graphics2d);
+        // create area using union operator
+        Area area = CommonCAGOperations.createAreaFromTwoTouchingCirclesUsingIntersectOperator(image);
+        // draw the area
+        graphics2d.fill(area);
+        // test result
+        return TestResult.PASSED;
+    }
+
+    /**
+     * Checks the process of creating and rendering new geometric shape
+     * constructed from two touching circles using Xor operator. The shape is rendered
+     * using texture paint (fill).
+     * 
+     * @param image
+     *            image to which area is to be drawn
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testXorTextureFillUsingGridTexture(TestImage image, Graphics2D graphics2d)
+    {
+        // set stroke color
+        CommonRenderingStyles.setStrokeColor(graphics2d);
+        // set fill color
+        CommonRenderingStyles.setTextureFillUsingGridTexture(image, graphics2d);
+        // create area using union operator
+        Area area = CommonCAGOperations.createAreaFromTwoTouchingCirclesUsingXorOperator(image);
+        // draw the area
+        graphics2d.fill(area);
+        // test result
+        return TestResult.PASSED;
+    }
+
+    /**
+     * Checks the process of creating and rendering new geometric shape
+     * constructed from two touching circles using union operator. The shape is rendered
+     * using texture paint (fill).
+     * 
+     * @param image
+     *            image to which area is to be drawn
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testUnionTextureFillUsingDiagonalGridTexture(TestImage image, Graphics2D graphics2d)
+    {
+        // set stroke color
+        CommonRenderingStyles.setStrokeColor(graphics2d);
+        // set fill color
+        CommonRenderingStyles.setTextureFillUsingDiagonalGridTexture(image, graphics2d);
+        // create area using union operator
+        Area area = CommonCAGOperations.createAreaFromTwoTouchingCirclesUsingUnionOperator(image);
+        // draw the area
+        graphics2d.fill(area);
+        // test result
+        return TestResult.PASSED;
+    }
+
+    /**
+     * Checks the process of creating and rendering new geometric shape
+     * constructed from two touching circles using subtract operator. The shape is rendered
+     * using texture paint (fill).
+     * 
+     * @param image
+     *            image to which area is to be drawn
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testSubtractTextureFillUsingDiagonalGridTexture(TestImage image, Graphics2D graphics2d)
+    {
+        // set stroke color
+        CommonRenderingStyles.setStrokeColor(graphics2d);
+        // set fill color
+        CommonRenderingStyles.setTextureFillUsingDiagonalGridTexture(image, graphics2d);
+        // create area using subtract operator
+        Area area = CommonCAGOperations.createAreaFromTwoTouchingCirclesUsingSubtractOperator(image);
+        // draw the area
+        graphics2d.fill(area);
+        // test result
+        return TestResult.PASSED;
+    }
+
         // create area using union operator
         Area area = CommonCAGOperations.createAreaFromTwoTouchingCirclesUsingUnionOperator(image);
         // draw the area

From ptisnovs at icedtea.classpath.org  Mon Mar 10 10:29:04 2014
From: ptisnovs at icedtea.classpath.org (ptisnovs at icedtea.classpath.org)
Date: Mon, 10 Mar 2014 10:29:04 +0000
Subject: /hg/rhino-tests: Two new tests added into CompiledScriptClassTest.
Message-ID: <hg.3452613adb44.1394447344.-6019694633368342460@icedtea.classpath.org>

changeset 3452613adb44 in /hg/rhino-tests
details: http://icedtea.classpath.org/hg/rhino-tests?cmd=changeset;node=3452613adb44
author: Pavel Tisnovsky <ptisnovs at redhat.com>
date: Mon Mar 10 11:29:46 2014 +0100

	Two new tests added into CompiledScriptClassTest.


diffstat:

 ChangeLog                                       |   5 +++++
 src/org/RhinoTests/CompiledScriptClassTest.java |  21 +++++++++++++++++++++
 2 files changed, 26 insertions(+), 0 deletions(-)

diffs (50 lines):

diff -r 482d9f98ee40 -r 3452613adb44 ChangeLog
--- a/ChangeLog	Fri Mar 07 13:21:16 2014 +0100
+++ b/ChangeLog	Mon Mar 10 11:29:46 2014 +0100
@@ -1,3 +1,8 @@
+2014-03-10  Pavel Tisnovsky  <ptisnovs at redhat.com>
+
+	* src/org/RhinoTests/CompiledScriptClassTest.java:
+	Two new tests added into CompiledScriptClassTest.
+
 2014-03-07  Pavel Tisnovsky  <ptisnovs at redhat.com>
 
 	* src/org/RhinoTests/SimpleBindingsClassTest.java:
diff -r 482d9f98ee40 -r 3452613adb44 src/org/RhinoTests/CompiledScriptClassTest.java
--- a/src/org/RhinoTests/CompiledScriptClassTest.java	Fri Mar 07 13:21:16 2014 +0100
+++ b/src/org/RhinoTests/CompiledScriptClassTest.java	Mon Mar 10 11:29:46 2014 +0100
@@ -1923,6 +1923,14 @@
     }
 
     /**
+     * Test for method javax.script.CompiledScript.getClass().getResourceNegativeTest()
+     */
+    protected void testGetResourceNegativeTest() {
+        Object resource = this.compiledScriptClass.getResource("unknown");
+        assertNull(resource, "getResource() does not return null");
+    }
+
+    /**
      * Test for method javax.script.CompiledScript.getClass().getResourcePositiveTest()
      */
     protected void testGetResourcePositiveTest() {
@@ -1984,6 +1992,19 @@
     }
 
     /**
+     * Test for method javax.script.CompiledScript.getClass().getResourceAsStreamNPETest()
+     */
+    protected void testGetResourceAsStreamNPETest() {
+        try {
+            Object resource = this.compiledScriptClass.getResourceAsStream(null);
+            throw new AssertionError("NullPointerException expected!");
+        }
+        catch (NullPointerException e) {
+            //This is OK OK
+        }
+    }
+
+    /**
      * Test for instanceof operator applied to a class javax.script.CompiledScript
      */
     @SuppressWarnings("cast")

From jvanek at redhat.com  Mon Mar 10 12:25:20 2014
From: jvanek at redhat.com (Jiri Vanek)
Date: Mon, 10 Mar 2014 13:25:20 +0100
Subject: [rfc][icedtea-web][policyeditor] Parsing enhancements and unit
	tests
In-Reply-To: <1438278964.984533.1394251643115.JavaMail.zimbra@redhat.com>
References: <53175862.8080408@redhat.com> <53188132.2040009@redhat.com>
	<1223389579.366317.1394137097401.JavaMail.zimbra@redhat.com>
	<5319C879.4090903@redhat.com>
	<1438278964.984533.1394251643115.JavaMail.zimbra@redhat.com>
Message-ID: <531DAF30.3010204@redhat.com>

On 03/08/2014 05:07 AM, Andrew Azores wrote:
> Well, I guess I could make one matcher, check if it matches, and then if not, make the other and check with it, but how much does it really matter... ? I think the intention is clearer, having the conjunction in the first if check. I doubt it will make much of a perfomance difference for most users,
 > unless they end up with much more massive custom policy files than I'm expecting.

Well its not about the performance of this method, but about ITW as a whole. Consider such a redundant calls in each method. They will mutliply runtime later unbearable.
>
> And of course the CustomPermission and PolicyEditorPermissions fromString() methods are "suspiciously" similar

Then why they dont share an code?

 > - they are both reading from the same source and attempting to parse into more or less the same end result. Why would they be really different? I guess the logic is mostly the same so they could be given a parent class or some utility method.

Please eleaborate on this two hunks a bit.

>
> Thanks,
>
> Andrew A
>
> ----- Original Message -----
> From: "Jiri Vanek"<jvanek at redhat.com>
> To: "Andrew Azores"<aazores at redhat.com>
> Cc: "IcedTea"<distro-pkg-dev at openjdk.java.net>
> Sent: Friday, March 7, 2014 8:24:09 AM
> Subject: Re: [rfc][icedtea-web][policyeditor] Parsing enhancements and unit tests
>
> The messages.properties changes are still not listed in changelog.
and dont forget^ O:)

>
> This is probably nit, but:
> +        final Matcher targetMatcher = PolicyEditorPermissions.TARGET_PERMISSION.matcher(string);
> +        final Matcher actionMatcher = PolicyEditorPermissions.ACTIONS_PERMISSION.matcher(string);
> +        if (!targetMatcher.matches()&&  !actionMatcher.matches()) {
> +            return null;
> +        }
> +
> +        final String typeStr, targetStr, actionsStr;
> +
> +        if (actionMatcher.matches()) {
> +            typeStr = actionMatcher.group(1);
> +            targetStr = actionMatcher.group(2);
> +            actionsStr = actionMatcher.group(3);
> +        } else {
> +        	typeStr = targetMatcher.group(1);
> +            targetStr = targetMatcher.group(2);
> +            actionsStr = "";
>            }
>
> the first matcher is needed only when second one fails. Maybe would be nice to remove the
> unnecessary matching.
>
> similar for PolicyEditorPermissions which is still suspiciously similar:(
>
>
> The chnage [\\w.] ->  [\\w\\.]  looks enough :)
>
>
>
> Thanx!
> J.
> On 03/06/2014 09:18 PM, Andrew Azores wrote:
>> Thanks for review! Hopefully the new attached patch is nicer.
>>
>> Thanks,
>>
>> Andrew A
>>
>> ----- Original Message -----
>> From: "Jiri Vanek"<jvanek at redhat.com>
>> To: "Andrew Azores"<aazores at redhat.com>
>> Cc: "IcedTea"<distro-pkg-dev at openjdk.java.net>
>> Sent: Thursday, March 6, 2014 9:07:46 AM
>> Subject: Re: [rfc][icedtea-web][policyeditor] Parsing enhancements and unit tests
>>
>> On 03/05/2014 06:01 PM, Andrew Azores wrote:
>>> Hi,
>>>
>>> The previous thread was diverging into two quite different patches, so I'm splitting it.
>>>
>>> This patch improves parsing, especially handling of comments, and adds a lot of new unit testing for this. A few small bugs were found and fixed along the way.
>>>
>>
>> The Messages.properties changes are missing in in-pathc chagelog
>>
>> public static CustomPermission fromString - more more and more tests. Try to hack yourself.  But generally ok.
>> Well the comment is poem-writer's masterpiece :) But better then nothing :)
>> The [\\w.] do not osund correct. The dot should be escaped to match dot, not any char. Or not? So this part will be:
>> [[\\w\\.]+\\w+] (nottested - to match [java.][io.][permissions] and nto eg dsgfgogfdsgjsfdghjsfd[hj as now :)
>> The content of quotes may be anything, ok? What about content to be qutes itself? (not jsut ${} eg?
>> The first quotes are mandatory, and the scond not? As far as I read from regex.
>> Why is compiled patter not global constant? It should be. It will not need recompile each launch time... Then there can be also some tests only to the regex itself.
>>
>>
>> Why is the  CustomPermission.fromStirng copypasted to PolicyEditorPermissions ???
>>
>> Quick glance over tests is ook.
>>
>> Thanx!
>>      J.
>>
>


From jvanek at redhat.com  Mon Mar 10 12:35:15 2014
From: jvanek at redhat.com (Jiri Vanek)
Date: Mon, 10 Mar 2014 13:35:15 +0100
Subject: [rfc] [cedtea-web] upated javawsman page was: Re:
	[rfc][icedtea-web] javaws -version flag
In-Reply-To: <208916506.984399.1394251155320.JavaMail.zimbra@redhat.com>
References: <53179DCE.6070405@redhat.com> <5318A0C8.5090507@redhat.com>
	<20140306161552.GC1968@redhat.com> <5318A43A.5080305@redhat.com>
	<20140306165233.GD1968@redhat.com> <5318B2B9.8060009@redhat.com>
	<20140306180003.GG1968@redhat.com> <5319A319.90707@redhat.com>
	<208916506.984399.1394251155320.JavaMail.zimbra@redhat.com>
Message-ID: <531DB183.1080402@redhat.com>

On 03/08/2014 04:59 AM, Andrew Azores wrote:
> I have no idea how to write a man page, but PolicyEditor's should be quite short and simple. Good opportunity for me to learn?

Yes O:)

You can follow Omairs work - [icedtea-web] RFC: man page for itweb-settings

Your is just much  simpler. Please don't forge to highlit policytool (as it have quite good manpage) at least as see also (but maybe in description is worthy too)


J.
>
> Thanks,
>
> Andrew A
>
> ----- Original Message -----
> From: "Jiri Vanek"<jvanek at redhat.com>
> To: "Omair Majid"<omajid at redhat.com>
> Cc: "Andrew Azores"<aazores at redhat.com>, "IcedTea"<distro-pkg-dev at openjdk.java.net>
> Sent: Friday, March 7, 2014 5:44:41 AM
> Subject: [rfc] [cedtea-web] upated javawsman page was: Re: [rfc][icedtea-web] javaws -version flag
>
> Some updates to javaws man page.. Is there any voulenteer for icedtea-web, policyeditor and
> itw-settings ? :))
>
> J.
> On 03/06/2014 07:00 PM, Omair Majid wrote:
>> * Jiri Vanek<jvanek at redhat.com>  [2014-03-06 12:30]:
>>> No. You misunderstood me completely. The will to maintain them is
>>> missing. I 100% agree that they are necessary.
>>
>> Ah, well that's a different matter. I will try and help.
>>
>>> On 03/06/2014 05:52 PM, Omair Majid wrote:
>>>> * Jiri Vanek<jvanek at redhat.com>   [2014-03-06 11:29]:
>>>>>    First half of previous 8 months I was ignoring them willingly,
>>>>>    because I hoped to have the generated ones prepared for 1.5.
>>>>
>>>> I don't know if generated ones are the magic bullet you think they are.
>>>> Either way you have to write the documentation. And some parts of the
>>>> documentation don't belong in code. Still, generated or not, we need
>>>> some place where users can find documentation.
>>>
>>> 100% yes, and the man pages are th way to go.
>>>
>>> They may be the magic bullet if I fulfil my idea.
>>
>> Fair enough. My original suggestion was: let's add a tiny fix (document
>> -version) while we wait for the bigger (and better) fix (the
>> auto-generated man pages).
>>
>>> Right. Right now there is only javaws.1 Imho two more are misisng. And
>>> manpage for "package name" is good recomandation.
>>
>> I am not so sure. `man man` says:
>>
>> "man is the system's manual pager. Each page argument given to man is
>> normally the name of a program, utility or function"
>>
>> `javaws` qualifies as a program, but does icedtea-web?
>>
>> Isn't a README the more appropriate place for this? Do you know of
>> examples where there is a man page for a package where package name is
>> different from the binary name?
>>
>> Any way, if you want to add more documentation and maintain it, that's
>> perfectly fine with me :)
>>
>>> It can be jsut see javaws + expalinig alternatives, or something more
>>> general. Also it may be spec patch only.
>>
>> *If* we decide that this it not very useful upstream, maybe we should
>> encourage downstream to follow?
>>
>>>>> , itw-settings manpage is missing - and
>>>>> it is HUGE man page, and newly policyeditor is missing.
>>>>
>>>> For self-explanatory GUIs, I am not sure we need detailed man pages.
>>>> They mostly make sense for command line programs that take lots of
>>>
>>> Self expalantory???  The itw-settings have incredible cmd line support!
>>
>> Haha. I wrote that :)
>>
>> I meant that it's fairly simple to document the cli bits (there's only 4
>> or so commands, right) and the GUI is self-explanatory. So the man page
>> shouldn't be that large.
>>
>> Thanks,
>> Omair
>>
>


From jvanek at redhat.com  Mon Mar 10 13:03:34 2014
From: jvanek at redhat.com (Jiri Vanek)
Date: Mon, 10 Mar 2014 14:03:34 +0100
Subject: [icedtea-web] RFC: man page for itweb-settings
In-Reply-To: <20140308002809.GG24571@redhat.com>
References: <20140308002809.GG24571@redhat.com>
Message-ID: <531DB826.7040400@redhat.com>

On 03/08/2014 01:28 AM, Omair Majid wrote:
> Hi,
>
> This is a very simple man page for itweb-settings. Okay to push?
>
> Thanks,
> Omair
>

Yes please.

One nit. The --help is actually not correct.

Itw-settings handles any unrecognised argument as request for help.

So I would:
  - not confuse with "--" but say just
+.TP 12
+help

  - Also It would be probably good to mention that anything (not just "help") will print info.

ALso "Shows some helpful information about the program" hmhmh do not .. well sound :)
Maybe Prints out general information about supported program, commands and basic usage.

Also:
+.SH EXAMPLES

Cna contains exmaple ot two :)

Feel free to push as it is or with anything above  fixed. I'm insists only on not confusing with "--".


Thanx  for taking it ;)
   J.



From jvanek at icedtea.classpath.org  Mon Mar 10 13:58:03 2014
From: jvanek at icedtea.classpath.org (jvanek at icedtea.classpath.org)
Date: Mon, 10 Mar 2014 13:58:03 +0000
Subject: /hg/icedtea-web: PluginBridge's (fileLocation) of JNLPFile is no...
Message-ID: <hg.ffc228f3c71f.1394459884.8643924302249223276@icedtea.classpath.org>

changeset ffc228f3c71f in /hg/icedtea-web
details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=ffc228f3c71f
author: Jiri Vanek <jvanek at redhat.com>
date: Mon Mar 10 15:05:42 2014 +0100

	PluginBridge's (fileLocation) of JNLPFile is now properly set in constructor if not existing. Fixed rhbz#1072013


diffstat:

 ChangeLog                                   |  6 ++++++
 netx/net/sourceforge/jnlp/PluginBridge.java |  3 +++
 2 files changed, 9 insertions(+), 0 deletions(-)

diffs (26 lines):

diff -r bbf4cc4319da -r ffc228f3c71f ChangeLog
--- a/ChangeLog	Thu Mar 06 09:18:35 2014 -0500
+++ b/ChangeLog	Mon Mar 10 15:05:42 2014 +0100
@@ -1,3 +1,9 @@
+2014-03-10  Jiri Vanek  <jvanek at redhat.com>
+
+	Fixed rhbz#1072013
+	* netx/net/sourceforge/jnlp/PluginBridge.java: The (fileLocation) of
+	JNLPFile is now properly set in constructor if not existing.
+
 2014-03-06  Andrew Azores  <aazores at redhat.com>
 
 	* NEWS: added -version flag entry
diff -r bbf4cc4319da -r ffc228f3c71f netx/net/sourceforge/jnlp/PluginBridge.java
--- a/netx/net/sourceforge/jnlp/PluginBridge.java	Thu Mar 06 09:18:35 2014 -0500
+++ b/netx/net/sourceforge/jnlp/PluginBridge.java	Mon Mar 10 15:05:42 2014 +0100
@@ -101,6 +101,9 @@
                 // value is a complete URL, it will replace codeBase's context.
                 ParserSettings defaultSettings = new ParserSettings();
                 URL jnlp = new URL(codeBase, params.getJNLPHref());
+                if (fileLocation == null){
+                    fileLocation = jnlp;
+                }
                 JNLPFile jnlpFile = null;
 
                 if (params.getJNLPEmbedded() != null) {

From jvanek at redhat.com  Mon Mar 10 14:08:35 2014
From: jvanek at redhat.com (Jiri Vanek)
Date: Mon, 10 Mar 2014 15:08:35 +0100
Subject: [rfc][icedtea-web] set location for jnlpHreffed jnlp file
	correctly (rh1072013)
In-Reply-To: <1475322847.984388.1394251100947.JavaMail.zimbra@redhat.com>
References: <5319BE3C.2030008@redhat.com>
	<1475322847.984388.1394251100947.JavaMail.zimbra@redhat.com>
Message-ID: <531DC763.8090501@redhat.com>

On 03/08/2014 04:58 AM, Andrew Azores wrote:
> No, I don't think there's any way to make applets able to call System.exit() with the custom policies. Not with the way JNLPSecurityManager is currently written. I can't think of a valid reason an applet would need to be able to kill the JVM though... so I don't think it's worth modifying the security manager to allow this.
>
Well. I was thinking moreover if it is usable as workaround before upstream removes the call.

But this lead me to idea - why is system.exit not checked against policies as all other stuff?
But I can probably answer - because there is no such policy?


> Patch itself looks good to me.

Thanx, pushed.
>
> Thanks,
>
> Andrew A
>
> ----- Original Message -----
> From: "Jiri Vanek"<jvanek at redhat.com>
> To: "IcedTea Distro List"<distro-pkg-dev at openjdk.java.net>
> Sent: Friday, March 7, 2014 7:40:28 AM
> Subject: [rfc][icedtea-web] set location for jnlpHreffed jnlp file correctly	(rh1072013)
>
> When plugin is using jnlpHref to start, the location of jnlp file is not stored properly.  When one
> wonts to use it, he got NPE. Proably only usecase when this is visible is signature by jnlp (then
> tmplate have nothing to match)
>
> However  I have not made the http://www.arcadeflex.com/releases/v0.36.4/launch.php?id=134 run :(
>
> Now it is dying with itself :
>
> Exception in thread "Thread-8" java.security.AccessControlException: Applets may not call System.exit()
> 	at net.sourceforge.jnlp.runtime.JNLPSecurityManager.checkExit(JNLPSecurityManager.java:391)
> 	at javax.swing.JFrame.setDefaultCloseOperation(JFrame.java:388)
> 	at arcadeflex.UrlDownloadProgress.initComponents(UrlDownloadProgress.java:46)
> 	at arcadeflex.UrlDownloadProgress.<init>(UrlDownloadProgress.java:28)
> 	at arcadeflex.osdepend.main(osdepend.java:75)
> 	at arcadeflex.MainApplet$1.run(MainApplet.java:78)
> 	at java.lang.Thread.run(Thread.java:744)
>
> Andrew, can your policy enhancement grant exit System.exit? Just worthy to try :)
>
>
> J.
>
>
> ps: reproducers for this are missing.
>


From aazores at redhat.com  Mon Mar 10 14:22:51 2014
From: aazores at redhat.com (Andrew Azores)
Date: Mon, 10 Mar 2014 10:22:51 -0400
Subject: [rfc][icedtea-web] set location for jnlpHreffed jnlp file
	correctly (rh1072013)
In-Reply-To: <531DC763.8090501@redhat.com>
References: <5319BE3C.2030008@redhat.com>
	<1475322847.984388.1394251100947.JavaMail.zimbra@redhat.com>
	<531DC763.8090501@redhat.com>
Message-ID: <531DCABB.2090507@redhat.com>

On 03/10/2014 10:08 AM, Jiri Vanek wrote:
> On 03/08/2014 04:58 AM, Andrew Azores wrote:
>> No, I don't think there's any way to make applets able to call 
>> System.exit() with the custom policies. Not with the way 
>> JNLPSecurityManager is currently written. I can't think of a valid 
>> reason an applet would need to be able to kill the JVM though... so I 
>> don't think it's worth modifying the security manager to allow this.
>>
> Well. I was thinking moreover if it is usable as workaround before 
> upstream removes the call.
>
> But this lead me to idea - why is system.exit not checked against 
> policies as all other stuff?
> But I can probably answer - because there is no such policy?
>

http://docs.oracle.com/javase/7/docs/api/java/lang/RuntimePermission.html

There is a permission that's meant for this (exitVM), but it's 
supposedly automatically granted, which implies any thread can exit the 
VM if it wants to. This would explain why JNLPSecurityManager doesn't 
rely on this permission to determine whether applets/applications are 
allowed to exit.

Thanks,

-- 
Andrew A


From jvanek at icedtea.classpath.org  Mon Mar 10 14:41:48 2014
From: jvanek at icedtea.classpath.org (jvanek at icedtea.classpath.org)
Date: Mon, 10 Mar 2014 14:41:48 +0000
Subject: /hg/icedtea-web: Actualized man page for javaws
Message-ID: <hg.2217cdd13ad6.1394462508.8643924302249223276@icedtea.classpath.org>

changeset 2217cdd13ad6 in /hg/icedtea-web
details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=2217cdd13ad6
author: Jiri Vanek <jvanek at redhat.com>
date: Mon Mar 10 15:48:24 2014 +0100

	Actualized man page for javaws


diffstat:

 ChangeLog     |   5 +++++
 netx/javaws.1 |  52 +++++++++++++++++++++++++++++++++++++++-------------
 2 files changed, 44 insertions(+), 13 deletions(-)

diffs (110 lines):

diff -r ffc228f3c71f -r 2217cdd13ad6 ChangeLog
--- a/ChangeLog	Mon Mar 10 15:05:42 2014 +0100
+++ b/ChangeLog	Mon Mar 10 15:48:24 2014 +0100
@@ -1,3 +1,8 @@
+2014-03-10  Jiri Vanek  <jvanek at redhat.com>
+
+	Actualized man page for javaws
+	* netx/javaws.1: made sync with current state
+
 2014-03-10  Jiri Vanek  <jvanek at redhat.com>
 
 	Fixed rhbz#1072013
diff -r ffc228f3c71f -r 2217cdd13ad6 netx/javaws.1
--- a/netx/javaws.1	Mon Mar 10 15:05:42 2014 +0100
+++ b/netx/javaws.1	Mon Mar 10 15:48:24 2014 +0100
@@ -34,8 +34,7 @@
 options can be used to change this behaviour.
 .TP 12
 \-about
-Shows a sample application that can be used to test the basic functionality
-of this implementation.
+Shows about dialog.
 .TP
 \-viewer
 Shows the trusted certificate viewer. This allows a user to list, examine, remove
@@ -49,8 +48,8 @@
 .PP
 In the default mode, the following run-options can be used:
 .TP 12
-\-basedir dir
-Directory where the cache and certificates to be used are stored.
+\-version
+Prints out version and exit
 .TP
 \-arg arg
 Adds an application argument before launching.
@@ -85,13 +84,23 @@
 .B javaws
 to abort.
 .TP
-\-umask=value
-Sets the umask for files created by an application.
+\-xml
+The jnlp files will be checked more strictly for XML validity
+.TP
+\-allowredirect
+Allow to follow 301, 302, 303, 307 and 308 redirections for javaws
+applications
 .TP
 \-Xnofork
 Do not create another JVM, even if the JNLP file asks for running in
 a separate JVM. This is useful for debugging.
 .TP
+\-Xclearcache
+Clean the JNLP application cache.
+.TP
+\-Xignoreheaders
+Skip jar header verification.
+.TP
 \-Jjava-option
 This passes along java-option to the java binary that is running
 javaws. For example, to make javaws run with a max heap size
@@ -101,23 +110,40 @@
 Print a help message and exit.
 
 .SH FILES
-~/.icedtea/deployment.properties specifies the settings used by javaws
+$XDG_CONFIG_DIR/icedtea-web/deployment.properties specifies the settings used by javaws
+
+$XDG_CONFIG_DIR/icedtea-web/log (may be set to different location by you) contains file log files (if enabled).
+itw-cplugin-date_time.log for native part of plugin, itw-javantx-date_time.log for everything else.
+
+$XDG_CONFIG_DIR/icedtea-web/security/java.policy contains granted permissions for selected unsigned apps
+
+$XDG_CONFIG_DIR/icedtea-web/security/trusted.*certs contains various stored certificates
+
+$XDG_CACHE_DIR/icedtea-web/cache contains cached runtime entries (amy be changed by you)
+
+$XDG_CACHE_DIR/icedtea-web/pcache contains saved application data
+
+$XDG_CACHE_DIR/icedtea-web/tmp contains temporary runtime files
+
+$XDG_RUNTIME_DIR/icedteaplugin-user-*/ contains in and out pipe for native<->java communication and
+(if enabled) debugging pipe
+
+Where $XDG_CONFIG_DIR, $XDG_CACHE_DIR and $XDG_RUNTIME_DIR are set as ~/.config, ~/.cache and /tmp or /var/tmp if not set.
 
 .SH BUGS
 There arent any known bugs. If you come across one, please file it at
     http://icedtea.classpath.org/bugzilla/
 .br
-Please run javaws in verbose mode and include that output along
-with the jnlp file when filing out the bug report.
+Please run javaws in debug (-verbose switch or itw-settings setting or ICEDTEAPLUGIN_DEBUG variable set to true)
+mode and include that output (best is from java console) with URL to jnlp or html file
+(ot the jnlp/html file or application itself)  when filing out the bug report.
 
 .SH AUTHOR
 Originally written by Jon. A. Maxwell.
 .br
-Currently maintained by the IcedTea contributors.
+Currently maintained by the IcedTea contributors. See javaws -about for more info
 
 .SH SEE ALSO
 .BR java (1)
 .br
-http://icedtea.classpath.org/
-.br
-http://jnlp.sourceforge.net/netx/
+http://icedtea.classpath.org/wiki/IcedTea-Web

From jvanek at icedtea.classpath.org  Mon Mar 10 14:54:35 2014
From: jvanek at icedtea.classpath.org (jvanek at icedtea.classpath.org)
Date: Mon, 10 Mar 2014 14:54:35 +0000
Subject: /hg/icedtea-web: Added getter for java-abrt-connector on demand ...
Message-ID: <hg.bc97499d95f4.1394463275.8643924302249223276@icedtea.classpath.org>

changeset bc97499d95f4 in /hg/icedtea-web
details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=bc97499d95f4
author: Jiri Vanek <jvanek at redhat.com>
date: Mon Mar 10 16:02:39 2014 +0100

	Added getter for java-abrt-connector on demand whitelist of fields


diffstat:

 ChangeLog                                                |  10 ++++++
 netx/net/sourceforge/jnlp/Launcher.java                  |   3 +-
 netx/net/sourceforge/jnlp/runtime/JNLPRuntime.java       |  24 ++++++++++++++++
 plugin/icedteanp/java/sun/applet/PluginAppletViewer.java |   2 +
 4 files changed, 37 insertions(+), 2 deletions(-)

diffs (93 lines):

diff -r 2217cdd13ad6 -r bc97499d95f4 ChangeLog
--- a/ChangeLog	Mon Mar 10 15:48:24 2014 +0100
+++ b/ChangeLog	Mon Mar 10 16:02:39 2014 +0100
@@ -1,3 +1,13 @@
+2014-03-10  Jiri Vanek  <jvanek at redhat.com>
+
+	Added getter for java-abrt-connector on demand whitelist of fields.
+	* netx/net/sourceforge/jnlp/Launcher.java: (launch) saving (location.toExternalForm())
+	via JNLPRuntime.saveHistory
+	* netx/net/sourceforge/jnlp/runtime/JNLPRuntime.java: (history) new static field
+	with getter (getHistory) and "setter" (saveHistory)
+	* plugin/icedteanp/java/sun/applet/PluginAppletViewer.java: (handleInitializationMessage)
+	saving (documentBase) via JNLPRuntime.saveHistory
+
 2014-03-10  Jiri Vanek  <jvanek at redhat.com>
 
 	Actualized man page for javaws
diff -r 2217cdd13ad6 -r bc97499d95f4 netx/net/sourceforge/jnlp/Launcher.java
--- a/netx/net/sourceforge/jnlp/Launcher.java	Mon Mar 10 15:48:24 2014 +0100
+++ b/netx/net/sourceforge/jnlp/Launcher.java	Mon Mar 10 16:02:39 2014 +0100
@@ -281,6 +281,7 @@
      * @return the application instance
      */
     public ApplicationInstance launch(URL location) throws LaunchException {
+        JNLPRuntime.saveHistory(location.toExternalForm());
         return launch(fromUrl(location));
     }
 
@@ -944,6 +945,4 @@
 
     };
 
- 
-
 }
diff -r 2217cdd13ad6 -r bc97499d95f4 netx/net/sourceforge/jnlp/runtime/JNLPRuntime.java
--- a/netx/net/sourceforge/jnlp/runtime/JNLPRuntime.java	Mon Mar 10 15:48:24 2014 +0100
+++ b/netx/net/sourceforge/jnlp/runtime/JNLPRuntime.java	Mon Mar 10 16:02:39 2014 +0100
@@ -91,6 +91,14 @@
         loadResources();
     }
 
+    /**
+     * java-abrt-connector can print out specific application String method, it is good to save visited urls for reproduce purposes.
+     * For javaws we can read the destination jnlp from commandline
+     * However for plugin (url arrive via pipes). Also for plugin we can not be sure which opened tab/window
+     * have caused the crash. Thats why the individual urls are added, not replaced.
+     */
+    private static String history = "";
+
     /** the localized resource strings */
     private static ResourceBundle resources;
 
@@ -831,4 +839,20 @@
         OutputController.getLogger().close();
         System.exit(i);
     }
+
+
+    public static void saveHistory(String documentBase) {
+        JNLPRuntime.history += " " + documentBase + " ";
+    }
+
+    /**
+     * Used by java-abrt-connector via reflection
+     * @return history
+     */
+    private static String getHistory() {
+        return history;
+    }
+    
+    
+
 }
diff -r 2217cdd13ad6 -r bc97499d95f4 plugin/icedteanp/java/sun/applet/PluginAppletViewer.java
--- a/plugin/icedteanp/java/sun/applet/PluginAppletViewer.java	Mon Mar 10 15:48:24 2014 +0100
+++ b/plugin/icedteanp/java/sun/applet/PluginAppletViewer.java	Mon Mar 10 16:02:39 2014 +0100
@@ -118,6 +118,7 @@
 import sun.misc.Ref;
 
 import com.sun.jndi.toolkit.url.UrlUtil;
+import net.sourceforge.jnlp.runtime.JNLPRuntime;
 import net.sourceforge.jnlp.util.logging.OutputController;
 
 /*
@@ -467,6 +468,7 @@
                             "Height = ", height, "\n",
                             "DocumentBase = ", documentBase, "\n",
                             "Params = ", paramString);
+        JNLPRuntime.saveHistory(documentBase);
 
         PluginAppletPanelFactory factory = new PluginAppletPanelFactory();
         AppletMessageHandler amh = new AppletMessageHandler("appletviewer");

From aazores at redhat.com  Mon Mar 10 15:03:54 2014
From: aazores at redhat.com (Andrew Azores)
Date: Mon, 10 Mar 2014 11:03:54 -0400
Subject: [rfc][icedtea-web][policyeditor] Parsing enhancements and unit
	tests
In-Reply-To: <531DAF30.3010204@redhat.com>
References: <53175862.8080408@redhat.com> <53188132.2040009@redhat.com>
	<1223389579.366317.1394137097401.JavaMail.zimbra@redhat.com>
	<5319C879.4090903@redhat.com>
	<1438278964.984533.1394251643115.JavaMail.zimbra@redhat.com>
	<531DAF30.3010204@redhat.com>
Message-ID: <531DD45A.2030800@redhat.com>

On 03/10/2014 08:25 AM, Jiri Vanek wrote:
> On 03/08/2014 05:07 AM, Andrew Azores wrote:
>> Well, I guess I could make one matcher, check if it matches, and then 
>> if not, make the other and check with it, but how much does it really 
>> matter... ? I think the intention is clearer, having the conjunction 
>> in the first if check. I doubt it will make much of a perfomance 
>> difference for most users,
> > unless they end up with much more massive custom policy files than 
> I'm expecting.
>
> Well its not about the performance of this method, but about ITW as a 
> whole. Consider such a redundant calls in each method. They will 
> mutliply runtime later unbearable.

Bordering on premature optimization here IMO, but I made the change anyway.

>>
>> And of course the CustomPermission and PolicyEditorPermissions 
>> fromString() methods are "suspiciously" similar
>
> Then why they dont share an code?
>
> > - they are both reading from the same source and attempting to parse 
> into more or less the same end result. Why would they be really 
> different? I guess the logic is mostly the same so they could be given 
> a parent class or some utility method.
>
> Please eleaborate on this two hunks a bit.

PolicyEditorPermissions now uses CustomPermission as an intermediate 
form, which is a little funny sounding, but CustomPermission is really 
just a holder for the three attributes a permission entry has, and 
PolicyEditorPermissions just enumerates specific combinations that are 
presented as checkboxes in the GUI. So it actually does make sense. From 
this perspective, CustomPermission's name might make more sense as 
something like BasicPermission, but from the perspective of the 
PolicyEditor itself, CustomPermission is a more informative name, so I'd 
rather keep the name as-is.

>
>>
>> Thanks,
>>
>> Andrew A
>>
>> ----- Original Message -----
>> From: "Jiri Vanek"<jvanek at redhat.com>
>> To: "Andrew Azores"<aazores at redhat.com>
>> Cc: "IcedTea"<distro-pkg-dev at openjdk.java.net>
>> Sent: Friday, March 7, 2014 8:24:09 AM
>> Subject: Re: [rfc][icedtea-web][policyeditor] Parsing enhancements 
>> and unit tests
>>
>> The messages.properties changes are still not listed in changelog.
> and dont forget^ O:)

Yes, remembered this time :)

Thanks,

-- 
Andrew A

-------------- next part --------------
A non-text attachment was scrubbed...
Name: policy-editor-parsing-tests-2.patch
Type: text/x-patch
Size: 55342 bytes
Desc: not available
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140310/af8ab3d0/policy-editor-parsing-tests-2-0001.patch>

From omajid at redhat.com  Mon Mar 10 15:08:39 2014
From: omajid at redhat.com (Omair Majid)
Date: Mon, 10 Mar 2014 11:08:39 -0400
Subject: [rfc][icedtea-web] set location for jnlpHreffed jnlp file
	correctly (rh1072013)
In-Reply-To: <531DC763.8090501@redhat.com>
References: <5319BE3C.2030008@redhat.com>
	<1475322847.984388.1394251100947.JavaMail.zimbra@redhat.com>
	<531DC763.8090501@redhat.com>
Message-ID: <20140310150839.GD2011@redhat.com>

* Jiri Vanek <jvanek at redhat.com> [2014-03-10 10:16]:
> On 03/08/2014 04:58 AM, Andrew Azores wrote:
> >No, I don't think there's any way to make applets able to call
> >System.exit() with the custom policies. Not with the way
> >JNLPSecurityManager is currently written. I can't think of a valid
> >reason an applet would need to be able to kill the JVM though... so I
> >don't think it's worth modifying the security manager to allow this.
> >

> Well. I was thinking moreover if it is usable as workaround before
> upstream removes the call.
> 
> But this lead me to idea - why is system.exit not checked against
> policies as all other stuff?  But I can probably answer - because
> there is no such policy?

The exit permission is not granted by default to applets. This is
because all applets that are running in the browser share a single JVM.
If one applet calls System.exit(), all applets will die. This is
something we do not want, so we don't grant that permission.

For javaws, the security manager handles this permission like any other,
allowing sufficiently privileged applications to override it.

Thanks,
Omair

-- 
PGP Key: 66484681 (http://pgp.mit.edu/)
Fingerprint = F072 555B 0A17 3957 4E95  0056 F286 F14F 6648 4681

From jvanek at redhat.com  Mon Mar 10 15:44:37 2014
From: jvanek at redhat.com (Jiri Vanek)
Date: Mon, 10 Mar 2014 16:44:37 +0100
Subject: [rfc][icedtea-web] set location for jnlpHreffed jnlp file
	correctly (rh1072013)
In-Reply-To: <20140310150839.GD2011@redhat.com>
References: <5319BE3C.2030008@redhat.com>
	<1475322847.984388.1394251100947.JavaMail.zimbra@redhat.com>
	<531DC763.8090501@redhat.com> <20140310150839.GD2011@redhat.com>
Message-ID: <531DDDE5.6090109@redhat.com>

On 03/10/2014 04:08 PM, Omair Majid wrote:
> * Jiri Vanek<jvanek at redhat.com>  [2014-03-10 10:16]:
>> On 03/08/2014 04:58 AM, Andrew Azores wrote:
>>> No, I don't think there's any way to make applets able to call
>>> System.exit() with the custom policies. Not with the way
>>> JNLPSecurityManager is currently written. I can't think of a valid
>>> reason an applet would need to be able to kill the JVM though... so I
>>> don't think it's worth modifying the security manager to allow this.
>>>
>
>> Well. I was thinking moreover if it is usable as workaround before
>> upstream removes the call.
>>
>> But this lead me to idea - why is system.exit not checked against
>> policies as all other stuff?  But I can probably answer - because
>> there is no such policy?
>
> The exit permission is not granted by default to applets. This is
> because all applets that are running in the browser share a single JVM.
> If one applet calls System.exit(), all applets will die. This is
> something we do not want, so we don't grant that permission.
>
> For javaws, the security manager handles this permission like any other,
> allowing sufficiently privileged applications to override it.
>
>

Yes, I know this. I was thinking if user can allow i as workaround via custom permissions for special cases (like this one). But

 >
 > http://docs.oracle.com/javase/7/docs/api/java/lang/RuntimePermission.html
 >
 > There is a permission that's meant for this (exitVM), but it's supposedly automatically granted, which implies any thread can exit the VM if it wants to. This would explain why JNLPSecurityManager doesn't rely on this permission to determine whether applets/applications are allowed to exit.
 >

, apparently it is not possible, because default permission is "allowed".

J

From jvanek at redhat.com  Mon Mar 10 15:50:01 2014
From: jvanek at redhat.com (Jiri Vanek)
Date: Mon, 10 Mar 2014 16:50:01 +0100
Subject: [rfc][icedtea-web][policyeditor] Parsing enhancements and unit
	tests
In-Reply-To: <531DD45A.2030800@redhat.com>
References: <53175862.8080408@redhat.com> <53188132.2040009@redhat.com>
	<1223389579.366317.1394137097401.JavaMail.zimbra@redhat.com>
	<5319C879.4090903@redhat.com>
	<1438278964.984533.1394251643115.JavaMail.zimbra@redhat.com>
	<531DAF30.3010204@redhat.com> <531DD45A.2030800@redhat.com>
Message-ID: <531DDF29.9000307@redhat.com>

On 03/10/2014 04:03 PM, Andrew Azores wrote:
> On 03/10/2014 08:25 AM, Jiri Vanek wrote:
>> On 03/08/2014 05:07 AM, Andrew Azores wrote:
>>> Well, I guess I could make one matcher, check if it matches, and then if not, make the other and check with it, but how much does it really matter... ? I think the intention is clearer, having the conjunction in the first if check. I doubt it will make much of a perfomance difference for most users,
>> > unless they end up with much more massive custom policy files than I'm expecting.
>>
>> Well its not about the performance of this method, but about ITW as a whole. Consider such a redundant calls in each method. They will mutliply runtime later unbearable.
>
> Bordering on premature optimization here IMO, but I made the change anyway.
>

ZZZZ :)) I would write it still much differently, but nvm. Even ^ was nitpicking. Sorry.
ok for head.


>>>
>>> And of course the CustomPermission and PolicyEditorPermissions fromString() methods are "suspiciously" similar
>>
>> Then why they dont share an code?
>>
>> > - they are both reading from the same source and attempting to parse into more or less the same end result. Why would they be really different? I guess the logic is mostly the same so they could be given a parent class or some utility method.
>>
>> Please eleaborate on this two hunks a bit.
>
> PolicyEditorPermissions now uses CustomPermission as an intermediate form, which is a little funny sounding, but CustomPermission is really just a holder for the three attributes a permission entry has, and PolicyEditorPermissions just enumerates specific combinations that are presented as checkboxes in the GUI. So it actually does make sense. From this perspective, CustomPermission's name might make more sense as something like BasicPermission, but from the perspective of the PolicyEditor itself, CustomPermission is a more informative name, so I'd rather keep the name as-is.
>
>>
>>>
>>> Thanks,
>>>
>>> Andrew A
>>>
>>> ----- Original Message -----
>>> From: "Jiri Vanek"<jvanek at redhat.com>
>>> To: "Andrew Azores"<aazores at redhat.com>
>>> Cc: "IcedTea"<distro-pkg-dev at openjdk.java.net>
>>> Sent: Friday, March 7, 2014 8:24:09 AM
>>> Subject: Re: [rfc][icedtea-web][policyeditor] Parsing enhancements and unit tests
>>>
>>> The messages.properties changes are still not listed in changelog.
>> and dont forget^ O:)
>
> Yes, remembered this time :)
>
> Thanks,
>


From omajid at icedtea.classpath.org  Mon Mar 10 15:57:23 2014
From: omajid at icedtea.classpath.org (omajid at icedtea.classpath.org)
Date: Mon, 10 Mar 2014 15:57:23 +0000
Subject: /hg/icedtea-web: Add man page for itweb-settings
Message-ID: <hg.2157f0e06002.1394467043.8643924302249223276@icedtea.classpath.org>

changeset 2157f0e06002 in /hg/icedtea-web
details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=2157f0e06002
author: Omair Majid <omajid at redhat.com>
date: Mon Mar 10 11:57:12 2014 -0400

	Add man page for itweb-settings

	2014-03-10  Omair Majid  <omajid at redhat.com>

	    * Makefile.am (install-data-local): Install itweb-settings.1.
	    * netx/itweb-settings.1: New file.


diffstat:

 ChangeLog             |   5 ++
 Makefile.am           |   1 +
 netx/itweb-settings.1 |  90 +++++++++++++++++++++++++++++++++++++++++++++++++++
 3 files changed, 96 insertions(+), 0 deletions(-)

diffs (117 lines):

diff -r bc97499d95f4 -r 2157f0e06002 ChangeLog
--- a/ChangeLog	Mon Mar 10 16:02:39 2014 +0100
+++ b/ChangeLog	Mon Mar 10 11:57:12 2014 -0400
@@ -1,3 +1,8 @@
+2014-03-10  Omair Majid  <omajid at redhat.com>
+
+	* Makefile.am (install-data-local): Install itweb-settings.1.
+	* netx/itweb-settings.1: New file.
+
 2014-03-10  Jiri Vanek  <jvanek at redhat.com>
 
 	Added getter for java-abrt-connector on demand whitelist of fields.
diff -r bc97499d95f4 -r 2157f0e06002 Makefile.am
--- a/Makefile.am	Mon Mar 10 16:02:39 2014 +0100
+++ b/Makefile.am	Mon Mar 10 11:57:12 2014 -0400
@@ -256,6 +256,7 @@
 install-data-local:
 	${mkinstalldirs} -d $(DESTDIR)$(mandir)/man1
 	${INSTALL_DATA} $(NETX_SRCDIR)/javaws.1 $(DESTDIR)$(mandir)/man1
+	${INSTALL_DATA} $(NETX_SRCDIR)/itweb-settings.1 $(DESTDIR)$(mandir)/man1
 if ENABLE_DOCS
 	${mkinstalldirs} $(DESTDIR)$(htmldir)
 	(cd ${abs_top_builddir}/docs/netx; \
diff -r bc97499d95f4 -r 2157f0e06002 netx/itweb-settings.1
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/netx/itweb-settings.1	Mon Mar 10 11:57:12 2014 -0400
@@ -0,0 +1,90 @@
+.TH itweb-settings 1 "07 Mar 2014"
+
+.SH NAME
+
+itweb-settings - view and modify settings for
+.B
+javaws
+and the browser plugin
+
+.SH SYNOPSYS
+
+.B itweb-settings
+.br
+.B itweb-settings
+command arguments
+.SH DESCRIPTION
+.B itweb-settings
+is a command line and a GUI program to modify and edit settings used by the
+icedtea-web implementation of
+.B javaws
+and the browser plugin.
+
+If executed without any arguments, it starts up a GUI. Otherwise, it tries to
+do what is specified in the argument.
+
+The command-line allows quickly searching, making a copy of and modifying
+specific settings without having to hunt through a UI.
+
+
+.SH COMMANDS
+
+.TP
+help
+Prints out information about supported command, descriptions and basic usage.
+.TP 12
+list
+Shows a list of all settings.
+.TP
+get <name>
+Shows the value of the named setting.
+.TP
+info <name>
+Shows additional information about the named setting. Includes a description,
+the current value, the possible values, and the source of the setting.
+.TP
+set <name> <value>
+Sets the setting to the new value, after checking that it is an appropriate
+value.
+.TP
+reset all
+Resets all settings to their original values.
+.TP
+reset <name>
+Resets the named setting to its original value.
+.TP
+check <name>
+Checks that the current value of the setting is a valid value.
+
+.SH EXAMPLES
+
+.TP
+itweb-settings
+
+Show the GUI editor
+
+.TP
+itweb-settings reset deployment.proxy.type
+
+Resets the value of 'deployment.proxy.type' setting.
+
+
+.SH FILES
+
+$XDG_CONFIG_HOME/icedtea-web/deployment.properties specifies the settings used
+
+.SH BUGS
+
+There arent any known bugs. If you come across one, please file it at
+    http://icedtea.classpath.org/bugzilla/
+
+.SH AUTHOR
+
+Written and maintained by the IcedTea contributors.
+
+.SH SEE ALSO
+
+.BR javaws (1),
+.BR java (1)
+.br
+http://icedtea.classpath.org/wiki/IcedTea-Web

From omajid at redhat.com  Mon Mar 10 16:00:57 2014
From: omajid at redhat.com (Omair Majid)
Date: Mon, 10 Mar 2014 12:00:57 -0400
Subject: [icedtea-web] RFC: man page for itweb-settings
In-Reply-To: <531DB826.7040400@redhat.com>
References: <20140308002809.GG24571@redhat.com> <531DB826.7040400@redhat.com>
Message-ID: <20140310160056.GE2011@redhat.com>

* Jiri Vanek <jvanek at redhat.com> [2014-03-10 08:55]:
> On 03/08/2014 01:28 AM, Omair Majid wrote:
> >This is a very simple man page for itweb-settings. Okay to push?
> 
> So I would:
>  - not confuse with "--" but say just
> +.TP 12
> +help

Done.

>  - Also It would be probably good to mention that anything (not just "help") will print info.

I think this is pretty common convention, no? If a program sees an
argument it doesn't recognize, it complains and prints help info. I
haven't added it yet, but I can if you still think this is worth
mentioning explicitly.

> ALso "Shows some helpful information about the program" hmhmh do not .. well sound :)
> Maybe Prints out general information about supported program, commands and basic usage.

Should be fixed now.

> Also:
> +.SH EXAMPLES
> 
> Cna contains exmaple ot two :)

Now it has an all of 2 examples :)

> Feel free to push as it is or with anything above  fixed. I'm insists
> only on not confusing with "--".

Pushed: http://icedtea.classpath.org/hg/icedtea-web/rev/2157f0e06002

Thanks,
Omair

-- 
PGP Key: 66484681 (http://pgp.mit.edu/)
Fingerprint = F072 555B 0A17 3957 4E95  0056 F286 F14F 6648 4681

From aazores at redhat.com  Mon Mar 10 16:07:07 2014
From: aazores at redhat.com (Andrew Azores)
Date: Mon, 10 Mar 2014 12:07:07 -0400
Subject: [rfc][icedtea-web] New PartiallySigned Dialog
In-Reply-To: <53189FFA.3000404@redhat.com>
References: <53164E8D.90101@redhat.com> <53189FFA.3000404@redhat.com>
Message-ID: <531DE32B.90300@redhat.com>

On 03/06/2014 11:19 AM, Jiri Vanek wrote:
> On 03/04/2014 11:07 PM, Andrew Azores wrote:
>> Hi,
>>
>> This patch introduces a new PartiallySigned dialog to replace the 
>> NotAllSigned prompt. This new dialog uses the same abstracted parent 
>> class that was pulled out of the Unsigned dialog, so it uses the same 
>> remembered action storage and has the same general look and feel. 
>> This dialog also has a Sandbox button, just like CertWarningPane 
>> recently gained for fully signed applets, which allows partially 
>> signed ones to also be run with only sandbox permissions. Some more 
>> security info is also present on the dialog, eg the applet's 
>> publisher and codebase. Not yet included is a new Help text for this 
>> dialog, but this can be written up separately IMO. Right now it will 
>> just display the same Help as the Unsigned dialog.
>>
>> ChangeLog:
>> Added new PartiallySigned Dialog to replace NotAllSignedWarningPane.
>> Also includes a Sandbox button.
>> * netx/net/sourceforge/jnlp/resources/Messages.properties:
>> (APPEXTSecunsignedAppletActionSandbox, LPartiallySignedApplet,
>> LPartiallySignedAppletUserDenied) new messages
>> * netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java:
>> Logic added for displaying new PartiallySigned dialog.
>> (showNotAllSignedDialog) removed. (getSigningState) new method.
>> (promptUserOnPartialSigning, userPromptedForPartialSigning) new 
>> methods for
>> SecurityDelegate.
>> * netx/net/sourceforge/jnlp/security/AppTrustWarningDialog.java:
>> (partiallySigned) new method
>> * netx/net/sourceforge/jnlp/security/AppTrustWarningPanel.java:
>> (chosenActionSetter) refactored to allow Sandbox action. 
>> (setupInfoPanel) applet
>> title made overrideable by subclasses
>> * netx/net/sourceforge/jnlp/security/SecurityDialog.java: 
>> (NOTALLSIGNED_WARNING)
>> renamed PARTIALLYSIGNED_WARNING, display new dialog rather than old
>> * netx/net/sourceforge/jnlp/security/SecurityDialogs.java: 
>> (NOTALLSIGNED_WARNING)
>> renamed PARTIALLYSIGNED_WARNING. (showNotAllSignedWarningDialog) 
>> removed.
>> (showPartiallySignedWarningDialog) new method
>> * 
>> netx/net/sourceforge/jnlp/security/appletextendedsecurity/ExecuteAppletAction.java:
>> Added Sandbox action
>> * 
>> netx/net/sourceforge/jnlp/security/appletextendedsecurity/UnsignedAppletTrustConfirmation.java:
>> (checkPartiallySignedWithUserIfRequired) new method
>> * 
>> tests/reproducers/custom/SignedAppletCodebaseLoading/testcases/SignedAppletCodebaseLoadingTests.java:
>> test now passes since dialog will not appear if applet security is 
>> set to Low.
>> KnownToFail removed.
>> * 
>> tests/reproducers/custom/SignedAppletExternalMainClass/testcases/SignedAppletExternalMainClassTest.java:
>> same
>> * 
>> netx/net/sourceforge/jnlp/security/PartiallySignedAppTrustWarningPanel.java:
>> new class
>> * netx/net/sourceforge/jnlp/security/NotAllSignedWarningPane.java: 
>> deleted
>> in favour of PartiallySignedAppTrustWarningPanel
>>
>> Thanks,
>>
> Ouch - "legacy" dialogs packages? :) Please dont forget to adapt 
> changelog. For patch I think there will be more rounds. Also pls move 
> your new dialogue to proper pacage.package

Updated.

>
> General thoughts:
>
> SANDBOX_ALWAYS is not (going to be) supported? If so, the checbox and 
> radiobuttons should be disabled (I have not noted it but I could 
> overlook). But I' +1 to support SANDBOX_ALWAYS

It's supported here. It's disabled for CertWarningPane ie fully signed 
just because in that case we aren't using the nice extended security 
action storage - it just uses the certificate keystore, so there wasn't 
a clean and easy way to incorporate remembering the sandbox decision, as 
far as I could tell. But since this one is based off of the Extended 
Applet Security stuff, remembering this action is no problem.

>  - if this will be supported, then there is going to be fun with the 
> sandbox+custom policies saving :)

What do you mean? It will allow partially signed applets to always be 
run with a user-defined set of extra permissions above the sandbox level 
but below all-permission. This was the exact overarching objective of 
all of these patches.

>
> The removal of NotAllSignedWarningPane is not compelte. Please check 
> also used Trasnlator.R keys. If they are dangling, please rmeove them 
> from all Messages*.properties

They were being reused in the PartiallySigned dialog, so no removals. I 
renamed them though.

>
> You have removed:
> -    @KnownToFail
> -        assertTrue("NotAllSigned dialog will appear if this test 
> runs. Remove this exception and KnownToFail "
> -                + "when a proper replacement is in place", false);
>
> How come? I think partialy signed dialogue should appear always, no 
> matter of EAS level.
> Or not?

I can see the motivation behind having it always appear, since partially 
signed applets seem to be the most inherently untrustworthy class, but 
from a user perspective it also seems like it makes little sense for 
only these applets to have a dialog appear. Maybe a new, even lower 
level could be made to display no dialogs ever, and partially signed 
will appear at any level above this? I'm not sure this is really worthwhile.

>
> +    protected String getAppletTitle() {
> +        return R("SAppletTitle", file.getTitle());
> +    }
>
> (And few more methods about title) Wasn't this handled in previous push?

Not sure what you mean.

>
> Can we have some testing main method as I added recently for unsigned 
> warnng dialogue?

It will be messy, since it will require a mocked SecurityDialog, which 
only has package-private constructors, and these classes are no longer 
in the same package.

>
>
> hmmm . . . I ahve just spotted usage of
> type = AccessType.SIGNING_ERROR;

Where?

> In this case this dialogue have sense also for JNLP files.
> Then ~/icedtea-web-image/bin/javaws -allowredirect 
> http://java.net/projects/electric/downloads/download/WebStartFiles/electricAnt.jnlp 
> would be an example... But it is something for think about for future 
> work.
>

Yes, this dialog is built to depend only on JNLPFile, not PluginBridge, 
and JNLPClassLoader's checks that cause it to appear are also not 
restricted only for browser applets.

>
>
> +    private String getSigningInfo() {
> +        CertInformation info = 
> jcv.getCertInformation(jcv.getCertPath(null));
> +
> +        AccessType type;
> +        if (info != null && info.isRootInCacerts() && 
> !info.hasSigningIssues()) {
> +            type = AccessType.VERIFIED;
> +        } else if (info != null && info.isRootInCacerts()) {
> +            type = AccessType.SIGNING_ERROR;
> +        } else {
> +            type = AccessType.UNVERIFIED;
> +        }
> +
> +        String mainText = "";
> +        switch (type) {
> +            case VERIFIED:
> +                mainText = R("SSigVerified");
> +                break;
> +            case UNVERIFIED:
> +                mainText = R("SSigUnverified");
> +                break;
> +            case SIGNING_ERROR:
> +                mainText = R("SSignatureError");
> +                break;
> +        }
> +
> +        return mainText;
> +    }
>
> ouh thats looong way to return one of three strings :)
>
>
> Good work otherwise,
>   Thanx
>    J.

Yea, what the heck was I doing there... jeez. Thanks for pointing this out.

Thanks,

-- 
Andrew A

-------------- next part --------------
A non-text attachment was scrubbed...
Name: partially-signed-dialog-new-packages.patch
Type: text/x-patch
Size: 46414 bytes
Desc: not available
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140310/9ebae4f6/partially-signed-dialog-new-packages-0001.patch>

From aazores at icedtea.classpath.org  Mon Mar 10 16:18:05 2014
From: aazores at icedtea.classpath.org (aazores at icedtea.classpath.org)
Date: Mon, 10 Mar 2014 16:18:05 +0000
Subject: /hg/icedtea-web: PolicyEditor parsing enhancements, new tests, a...
Message-ID: <hg.17c6e5a59602.1394468285.8643924302249223276@icedtea.classpath.org>

changeset 17c6e5a59602 in /hg/icedtea-web
details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=17c6e5a59602
author: Andrew Azores <aazores at redhat.com>
date: Mon Mar 10 12:17:56 2014 -0400

	PolicyEditor parsing enhancements, new tests, and bug fixes

	* NEWS: added entry for PolicyEditor
	* netx/net/sourceforge/jnlp/resources/Messages.properties:
	(PESaveAsMenuItemMnemonic, PEExitMenuItemMnemonic) changed mnemonic keys
	due to masking with ctrl rather than alt
	* netx/net/sourceforge/jnlp/security/policyeditor/CustomPermission.java:
	(ACTIONS_PERMISSION, TARGET_PERMISSION, fromString) use regexes to parse
	* netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java:
	(file) keep reference to File rather than String filePath. (getPermissions)
	returns empty map rather than null. (setComponentMnemonic) new method.
	(getCustomPermissions) new function. (openAndParsePolicyFile) check for
	OpenFileResult FAILURE and NOT_FILE rather than null. (setupLayout) File,
	Save, SaveAs, and Exit items modifier mask changed to Ctrl rather than Alt
	* netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditorPermissions.java:
	(fromString) use regexes to parse, using CustomPermission as intermediate
	representation
	* netx/net/sourceforge/jnlp/util/FileUtils.java:
	(testDirectoryPermissions) add check for getCanonicalFile and null
	safeguarding. (testFilePermissions) add check for getCanonicalFile and
	return FAILURE rather than null
	* tests/netx/unit/net/sourceforge/jnlp/security/policyeditor/CustomPermissionTest.java:
	(testMissingQuotationMarks) new test
	* tests/netx/unit/net/sourceforge/jnlp/security/policyeditor/PolicyEditorTest.java:
	(testReturnedCustomPermissionsSetIsCopy,
	testCodebaseTrailingSlashesDoNotMatch) new tests
	* tests/netx/unit/net/sourceforge/jnlp/security/policyeditor/PolicyEditorParsingTest.java:
	new tests


diffstat:

 ChangeLog                                                                                   |   30 +
 NEWS                                                                                        |    1 +
 netx/net/sourceforge/jnlp/resources/Messages.properties                                     |    8 +-
 netx/net/sourceforge/jnlp/security/policyeditor/CustomPermission.java                       |   52 +-
 netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java                           |  214 +++++-
 netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditorPermissions.java                |   35 +-
 netx/net/sourceforge/jnlp/util/FileUtils.java                                               |   22 +-
 tests/netx/unit/net/sourceforge/jnlp/security/policyeditor/CustomPermissionTest.java        |   48 +-
 tests/netx/unit/net/sourceforge/jnlp/security/policyeditor/PolicyEditorParsingTest.java     |  290 ++++++++++
 tests/netx/unit/net/sourceforge/jnlp/security/policyeditor/PolicyEditorPermissionsTest.java |   41 +
 tests/netx/unit/net/sourceforge/jnlp/security/policyeditor/PolicyEditorTest.java            |   21 +
 11 files changed, 644 insertions(+), 118 deletions(-)

diffs (truncated from 1168 to 500 lines):

diff -r 2157f0e06002 -r 17c6e5a59602 ChangeLog
--- a/ChangeLog	Mon Mar 10 11:57:12 2014 -0400
+++ b/ChangeLog	Mon Mar 10 12:17:56 2014 -0400
@@ -1,3 +1,33 @@
+2014-03-10  Andrew Azores  <aazores at redhat.com>
+
+	PolicyEditor parsing enhancements, new tests, and bugfixes
+	* NEWS: added entry for PolicyEditor
+	* netx/net/sourceforge/jnlp/resources/Messages.properties:
+	(PESaveAsMenuItemMnemonic, PEExitMenuItemMnemonic) changed mnemonic keys
+	due to masking with ctrl rather than alt
+	* netx/net/sourceforge/jnlp/security/policyeditor/CustomPermission.java:
+	(ACTIONS_PERMISSION, TARGET_PERMISSION, fromString) use regexes to parse
+	* netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java:
+	(file) keep reference to File rather than String filePath. (getPermissions)
+	returns empty map rather than null. (setComponentMnemonic) new method.
+	(getCustomPermissions) new function. (openAndParsePolicyFile) check for
+	OpenFileResult FAILURE and NOT_FILE rather than null. (setupLayout) File,
+	Save, SaveAs, and Exit items modifier mask changed to Ctrl rather than Alt
+	* netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditorPermissions.java:
+	(fromString) use regexes to parse, using CustomPermission as intermediate
+	representation
+	* netx/net/sourceforge/jnlp/util/FileUtils.java:
+	(testDirectoryPermissions) add check for getCanonicalFile and null
+	safeguarding. (testFilePermissions) add check for getCanonicalFile and
+	return FAILURE rather than null
+	* tests/netx/unit/net/sourceforge/jnlp/security/policyeditor/CustomPermissionTest.java:
+	(testMissingQuotationMarks) new test
+	* tests/netx/unit/net/sourceforge/jnlp/security/policyeditor/PolicyEditorTest.java:
+	(testReturnedCustomPermissionsSetIsCopy,
+	testCodebaseTrailingSlashesDoNotMatch) new tests
+	* tests/netx/unit/net/sourceforge/jnlp/security/policyeditor/PolicyEditorParsingTest.java:
+	new tests
+
 2014-03-10  Omair Majid  <omajid at redhat.com>
 
 	* Makefile.am (install-data-local): Install itweb-settings.1.
diff -r 2157f0e06002 -r 17c6e5a59602 NEWS
--- a/NEWS	Mon Mar 10 11:57:12 2014 -0400
+++ b/NEWS	Mon Mar 10 12:17:56 2014 -0400
@@ -17,6 +17,7 @@
 * Support for u45 and u51 new manifest attributes (Application-Name, Codebase)
 * Custom applet permission policies panel in itweb-settings control panel
 * javaws -version flag
+* New PolicyEditor for easily adding/removing permissions to individual applets
 * Cache Viewer
   - Can be closed by ESC key
   - Enabling and disabling of operational buttons is handled properly
diff -r 2157f0e06002 -r 17c6e5a59602 netx/net/sourceforge/jnlp/resources/Messages.properties
--- a/netx/net/sourceforge/jnlp/resources/Messages.properties	Mon Mar 10 11:57:12 2014 -0400
+++ b/netx/net/sourceforge/jnlp/resources/Messages.properties	Mon Mar 10 12:17:56 2014 -0400
@@ -519,10 +519,10 @@
 PEOpenMenuItemMnemonic=79
 # S
 PESaveMenuItemMnemonic=83
-# V
-PESaveAsMenuItemMnemonic=86
-# E
-PEExitMenuItemMnemonic=69
+# A
+PESaveAsMenuItemMnemonic=65
+# X
+PEExitMenuItemMnemonic=88
 # U
 PECustomPermissionsItemMnemonic=85
 
diff -r 2157f0e06002 -r 17c6e5a59602 netx/net/sourceforge/jnlp/security/policyeditor/CustomPermission.java
--- a/netx/net/sourceforge/jnlp/security/policyeditor/CustomPermission.java	Mon Mar 10 11:57:12 2014 -0400
+++ b/netx/net/sourceforge/jnlp/security/policyeditor/CustomPermission.java	Mon Mar 10 12:17:56 2014 -0400
@@ -36,6 +36,9 @@
 
 package net.sourceforge.jnlp.security.policyeditor;
 
+import java.util.regex.Matcher;
+import java.util.regex.Pattern;
+
 /**
  * This class models a permission entry in a policy file which is not included
  * in the default set of permissions used by the PolicyEditor, ie, permissions
@@ -43,6 +46,18 @@
  */
 public class CustomPermission implements Comparable<CustomPermission> {
 
+    /* Matches eg 'permission java.io.FilePermission "${user.home}${/}*", "read";'
+     * eg permissions that have a permission type, target, and actions set.
+     */
+    public static final Pattern ACTIONS_PERMISSION =
+            Pattern.compile("\\s*permission\\s+([\\w\\.]+)\\s+\"([^\"]+)\",\\s*\"([^\"]*)\";.*");
+
+    /* Matches eg 'permission java.lang.RuntimePermission "queuePrintJob";'
+     * eg permissions that have a permission type and target, but no actions.
+     */
+    public static final Pattern TARGET_PERMISSION =
+            Pattern.compile("\\s*permission\\s+([\\w\\.]+)\\s+\"([^\"]+)\";.*");
+
     public final String type, target, actions;
 
     /**
@@ -63,16 +78,23 @@
      * @return a CustomPermission representing this string
      */
     public static CustomPermission fromString(final String string) {
-        final String[] parts = string.trim().split(" ");
-        if (!parts[0].equals("permission") || parts.length < 3 || !string.trim().endsWith(";")) {
-            return null;
+        final String typeStr, targetStr, actionsStr;
+
+        final Matcher actionMatcher = ACTIONS_PERMISSION.matcher(string);
+        if (actionMatcher.matches()) {
+            typeStr = actionMatcher.group(1);
+            targetStr = actionMatcher.group(2);
+            actionsStr = actionMatcher.group(3);
+        } else {
+            final Matcher targetMatcher = TARGET_PERMISSION.matcher(string);
+            if (!targetMatcher.matches()) {
+                return null;
+            }
+            typeStr = targetMatcher.group(1);
+            targetStr = targetMatcher.group(2);
+            actionsStr = "";
         }
-        final String typeStr = removeQuotes(parts[1]);
-        final String targetStr = removeQuotes(removeSemicolon(removeComma(parts[2])));
-        String actionsStr = "";
-        if (parts.length > 3) {
-            actionsStr = removeQuotes(removeSemicolon(parts[3]));
-        }
+
         return new CustomPermission(typeStr, targetStr, actionsStr);
     }
 
@@ -96,18 +118,6 @@
         return sb.toString();
     }
 
-    private static String removeQuotes(final String string) {
-        return string.replaceAll("\"", "");
-    }
-
-    private static String removeSemicolon(final String string) {
-        return string.replaceAll(";", "");
-    }
-
-    private static String removeComma(final String string) {
-        return string.replaceAll(",", "");
-    }
-
     @Override
     public int compareTo(final CustomPermission o) {
         if (this == o) {
diff -r 2157f0e06002 -r 17c6e5a59602 netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java
--- a/netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java	Mon Mar 10 11:57:12 2014 -0400
+++ b/netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java	Mon Mar 10 12:17:56 2014 -0400
@@ -56,6 +56,7 @@
 import java.util.Arrays;
 import java.util.Calendar;
 import java.util.Collection;
+import java.util.Collections;
 import java.util.HashMap;
 import java.util.HashSet;
 import java.util.List;
@@ -66,6 +67,7 @@
 import java.util.regex.Pattern;
 
 import javax.swing.AbstractAction;
+import javax.swing.AbstractButton;
 import javax.swing.Action;
 import javax.swing.DefaultListModel;
 import javax.swing.JButton;
@@ -146,7 +148,7 @@
 
     private static final String AUTOGENERATED_NOTICE = "/* DO NOT MODIFY! AUTO-GENERATED */";
 
-    private String filePath;
+    private File file;
     private boolean changesMade = false;
     private boolean closed = false;
     private final Map<String, Map<PolicyEditorPermissions, Boolean>> codebasePermissionsMap = new HashMap<String, Map<PolicyEditorPermissions, Boolean>>();
@@ -169,10 +171,6 @@
         super();
         setLayout(new GridBagLayout());
 
-        this.filePath = filepath;
-
-        fileChooser = new JFileChooser(filePath);
-
         for (final PolicyEditorPermissions perm : PolicyEditorPermissions.values()) {
             final JCheckBox box = new JCheckBox();
             box.setText(perm.getName());
@@ -180,16 +178,14 @@
             checkboxMap.put(perm, box);
         }
 
-        if (filePath != null) {
-            try {
-                new URL("file://" + filePath);
-                openAndParsePolicyFile();
-            } catch (final MalformedURLException e) {
-                OutputController.getLogger().log(e);
-                FileUtils.showCouldNotOpenFilepathDialog(weakThis.get(), filepath);
-            }
+        if (filepath != null) {
+            file = new File(filepath);
+            openAndParsePolicyFile();
         }
 
+        fileChooser = new JFileChooser(file);
+        fileChooser.setFileHidingEnabled(false);
+
         initializeMapForCodebase("");
         listModel.addElement(R("PEGlobalSettings"));
         updateCheckboxes("");
@@ -197,15 +193,15 @@
         okButtonAction = new ActionListener() {
             @Override
             public void actionPerformed(final ActionEvent event) {
-                if (filePath == null) {
+                if (file == null) {
                     final int choice = fileChooser.showOpenDialog(weakThis.get());
                     if (choice == JFileChooser.APPROVE_OPTION) {
-                        filePath = fileChooser.getSelectedFile().getAbsolutePath();
+                        file = fileChooser.getSelectedFile();
                     }
                 }
 
                 // May still be null if user cancelled the file chooser
-                if (filePath != null) {
+                if (file != null) {
                     savePolicyFile();
                 }
             }
@@ -253,7 +249,7 @@
                 }
                 final int choice = fileChooser.showOpenDialog(weakThis.get());
                 if (choice == JFileChooser.APPROVE_OPTION) {
-                    filePath = fileChooser.getSelectedFile().getAbsolutePath();
+                    file = fileChooser.getSelectedFile();
                     openAndParsePolicyFile();
                 }
             }
@@ -264,7 +260,7 @@
             public void actionPerformed(final ActionEvent e) {
                 final int choice = fileChooser.showSaveDialog(weakThis.get());
                 if (choice == JFileChooser.APPROVE_OPTION) {
-                    filePath = fileChooser.getSelectedFile().getAbsolutePath();
+                    file = fileChooser.getSelectedFile();
                     savePolicyFile();
                 }
             }
@@ -315,10 +311,18 @@
         closed = true;
     }
 
+    /**
+     * Check if the PolicyEditor instance has been visually closed
+     * @return if the PolicyEditor instance has been closed
+     */
     public boolean isClosed() {
         return closed;
     }
 
+    /**
+     * Called by the Custom Policy Viewer on its parent Policy Editor when
+     * the Custom Policy Viewer is closing
+     */
     void customPolicyViewerClosing() {
         cpViewer = null;
     }
@@ -341,6 +345,26 @@
      * @param action to be performed
      * @param identifier an identifier for the action
      */
+    private void setAccelerator(final String trigger, final int modifiers, final Action action, final String identifier) {
+        final int trig;
+        try {
+            trig = Integer.parseInt(trigger);
+        } catch (final NumberFormatException nfe) {
+            OutputController.getLogger().log("Unable to set accelerator action \""
+                    + identifier + "\" for trigger \"" + trigger + "\"");
+            OutputController.getLogger().log(nfe);
+            return;
+        }
+        setAccelerator(trig, modifiers, action, identifier);
+    }
+
+    /**
+     * Set a key accelerator
+     * @param trigger the accelerator key
+     * @param modifiers Alt, Ctrl, or other modifiers to be held with the trigger
+     * @param action to be performed
+     * @param identifier an identifier for the action
+     */
     private void setAccelerator(final int trigger, final int modifiers, final Action action, final String identifier) {
         final KeyStroke key = KeyStroke.getKeyStroke(trigger, modifiers);
         final JRootPane root = getRootPane();
@@ -371,7 +395,7 @@
                 interactivelyAddCodebase();
             }
         };
-        setAccelerator(Integer.parseInt(R("PEAddCodebaseMnemonic")), ActionEvent.ALT_MASK, act, "AddCodebaseAccelerator");
+        setAccelerator(R("PEAddCodebaseMnemonic"), ActionEvent.ALT_MASK, act, "AddCodebaseAccelerator");
     }
 
     /**
@@ -384,7 +408,7 @@
                 removeCodebase((String) list.getSelectedValue());
             }
         };
-        setAccelerator(Integer.parseInt(R("PERemoveCodebaseMnemonic")), ActionEvent.ALT_MASK, act, "RemoveCodebaseAccelerator");
+        setAccelerator(R("PERemoveCodebaseMnemonic"), ActionEvent.ALT_MASK, act, "RemoveCodebaseAccelerator");
     }
 
     /**
@@ -397,7 +421,7 @@
                 savePolicyFile();
             }
         };
-        setAccelerator(Integer.parseInt(R("PEOkButtonMnemonic")), ActionEvent.ALT_MASK, act, "OkButtonAccelerator");
+        setAccelerator(R("PEOkButtonMnemonic"), ActionEvent.ALT_MASK, act, "OkButtonAccelerator");
     }
 
     /**
@@ -410,7 +434,7 @@
                 quit();
             }
         };
-        setAccelerator(Integer.parseInt(R("PECancelButtonMnemonic")), ActionEvent.ALT_MASK, act, "CancelButtonAccelerator");
+        setAccelerator(R("PECancelButtonMnemonic"), ActionEvent.ALT_MASK, act, "CancelButtonAccelerator");
     }
 
     /**
@@ -533,7 +557,29 @@
      * @return a map of permissions to whether these permissions are set for the given codebase
      */
     public Map<PolicyEditorPermissions, Boolean> getPermissions(final String codebase) {
-        return new HashMap<PolicyEditorPermissions, Boolean>(codebasePermissionsMap.get(codebase));
+        final Map<PolicyEditorPermissions, Boolean> permissions = codebasePermissionsMap.get(codebase);
+        if (permissions != null) {
+            return new HashMap<PolicyEditorPermissions, Boolean>(permissions);
+        } else {
+            final Map<PolicyEditorPermissions, Boolean> blank = new HashMap<PolicyEditorPermissions, Boolean>();
+            for (final PolicyEditorPermissions perm : PolicyEditorPermissions.values()) {
+                blank.put(perm, false);
+            }
+            return blank;
+        }
+    }
+
+    /**
+     * @param codebase the codebase to query
+     * @return a collection of CustomPermissions granted to the given codebase
+     */
+    public Collection<CustomPermission> getCustomPermissions(final String codebase) {
+        final Collection<CustomPermission> permissions = customPermissionsMap.get(codebase);
+        if (permissions != null) {
+            return new HashSet<CustomPermission>(permissions);
+        } else {
+            return Collections.emptySet();
+        }
     }
 
     /**
@@ -558,37 +604,53 @@
     }
 
     /**
+     * Set a mnemonic key for a menu item or button
+     * @param component the component for which to set a mnemonic
+     * @param mnemonic the mnemonic to set
+     */
+    private void setComponentMnemonic(final AbstractButton component, final String mnemonic) {
+        final int trig;
+        try {
+            trig = Integer.parseInt(mnemonic);
+        } catch (final NumberFormatException nfe) {
+            OutputController.getLogger().log(nfe);
+            return;
+        }
+        component.setMnemonic(trig);
+    }
+
+    /**
      * Lay out all controls, tooltips, etc.
      */
     private void setupLayout() {
         final JMenu fileMenu = new JMenu(R("PEFileMenu"));
-        fileMenu.setMnemonic(Integer.parseInt(R("PEFileMenuMnemonic")));
+        setComponentMnemonic(fileMenu, R("PEFileMenuMnemonic"));
         final JMenuItem openItem = new JMenuItem(R("PEOpenMenuItem"));
-        openItem.setMnemonic(Integer.parseInt(R("PEOpenMenuItemMnemonic")));
-        openItem.setAccelerator(KeyStroke.getKeyStroke(openItem.getMnemonic(), ActionEvent.ALT_MASK));
+        setComponentMnemonic(openItem, R("PEOpenMenuItemMnemonic"));
+        openItem.setAccelerator(KeyStroke.getKeyStroke(openItem.getMnemonic(), ActionEvent.CTRL_MASK));
         openItem.addActionListener(openButtonAction);
         fileMenu.add(openItem);
         final JMenuItem saveItem = new JMenuItem(R("PESaveMenuItem"));
-        saveItem.setMnemonic(Integer.parseInt(R("PESaveMenuItemMnemonic")));
-        saveItem.setAccelerator(KeyStroke.getKeyStroke(saveItem.getMnemonic(), ActionEvent.ALT_MASK));
+        setComponentMnemonic(saveItem, R("PESaveMenuItemMnemonic"));
+        saveItem.setAccelerator(KeyStroke.getKeyStroke(saveItem.getMnemonic(), ActionEvent.CTRL_MASK));
         saveItem.addActionListener(okButtonAction);
         fileMenu.add(saveItem);
         final JMenuItem saveAsItem = new JMenuItem(R("PESaveAsMenuItem"));
-        saveAsItem.setMnemonic(Integer.parseInt(R("PESaveAsMenuItemMnemonic")));
-        saveAsItem.setAccelerator(KeyStroke.getKeyStroke(saveAsItem.getMnemonic(), ActionEvent.ALT_MASK));
+        setComponentMnemonic(saveAsItem, R("PESaveAsMenuItemMnemonic"));
+        saveAsItem.setAccelerator(KeyStroke.getKeyStroke(saveAsItem.getMnemonic(), ActionEvent.CTRL_MASK));
         saveAsItem.addActionListener(saveAsButtonAction);
         fileMenu.add(saveAsItem);
         final JMenuItem exitItem = new JMenuItem(R("PEExitMenuItem"));
-        exitItem.setMnemonic(Integer.parseInt(R("PEExitMenuItemMnemonic")));
-        exitItem.setAccelerator(KeyStroke.getKeyStroke(exitItem.getMnemonic(), ActionEvent.ALT_MASK));
+        setComponentMnemonic(exitItem, R("PEExitMenuItemMnemonic"));
+        exitItem.setAccelerator(KeyStroke.getKeyStroke(exitItem.getMnemonic(), ActionEvent.CTRL_MASK));
         exitItem.addActionListener(closeButtonAction);
         fileMenu.add(exitItem);
         menuBar.add(fileMenu);
 
         final JMenu viewMenu = new JMenu(R("PEViewMenu"));
-        viewMenu.setMnemonic(Integer.parseInt(R("PEViewMenuMnemonic")));
+        setComponentMnemonic(viewMenu, R("PEViewMenuMnemonic"));
         final JMenuItem customPermissionsItem = new JMenuItem(R("PECustomPermissionsItem"));
-        customPermissionsItem.setMnemonic(Integer.parseInt(R("PECustomPermissionsItemMnemonic")));
+        setComponentMnemonic(customPermissionsItem, R("PECustomPermissionsItemMnemonic"));
         customPermissionsItem.setAccelerator(KeyStroke.getKeyStroke(customPermissionsItem.getMnemonic(), ActionEvent.ALT_MASK));
         customPermissionsItem.addActionListener(viewCustomButtonAction);
 
@@ -668,34 +730,40 @@
         addCodebaseButtonConstraints.fill = GridBagConstraints.HORIZONTAL;
         addCodebaseButtonConstraints.gridx = 0;
         addCodebaseButtonConstraints.gridy = listConstraints.gridy + listConstraints.gridheight + 1;
-        addCodebaseButton.setMnemonic(Integer.parseInt(R("PEAddCodebaseMnemonic")));
+        setComponentMnemonic(addCodebaseButton, R("PEAddCodebaseMnemonic"));
         add(addCodebaseButton, addCodebaseButtonConstraints);
 
         final GridBagConstraints removeCodebaseButtonConstraints = new GridBagConstraints();
         removeCodebaseButtonConstraints.fill = GridBagConstraints.HORIZONTAL;
         removeCodebaseButtonConstraints.gridx = addCodebaseButtonConstraints.gridx + 1;
         removeCodebaseButtonConstraints.gridy = addCodebaseButtonConstraints.gridy;
-        removeCodebaseButton.setMnemonic(Integer.parseInt(R("PERemoveCodebaseMnemonic")));
+        setComponentMnemonic(removeCodebaseButton, R("PERemoveCodebaseMnemonic"));
         add(removeCodebaseButton, removeCodebaseButtonConstraints);
 
         final GridBagConstraints okButtonConstraints = new GridBagConstraints();
         okButtonConstraints.fill = GridBagConstraints.HORIZONTAL;
         okButtonConstraints.gridx = removeCodebaseButtonConstraints.gridx + 2;
         okButtonConstraints.gridy = removeCodebaseButtonConstraints.gridy;
-        okButton.setMnemonic(Integer.parseInt(R("PEOkButtonMnemonic")));
+        setComponentMnemonic(okButton, R("PEOkButtonMnemonic"));
         add(okButton, okButtonConstraints);
 
         final GridBagConstraints cancelButtonConstraints = new GridBagConstraints();
         cancelButtonConstraints.fill = GridBagConstraints.HORIZONTAL;
         cancelButtonConstraints.gridx = okButtonConstraints.gridx + 1;
         cancelButtonConstraints.gridy = okButtonConstraints.gridy;
-        closeButton.setMnemonic(Integer.parseInt(R("PECancelButtonMnemonic")));
+        setComponentMnemonic(closeButton, R("PECancelButtonMnemonic"));
         add(closeButton, cancelButtonConstraints);
 
         setMinimumSize(getPreferredSize());
         pack();
     }
 
+    /**
+     * Update the custom permissions map. Used by the Custom Policy Viewer to update its parent
+     * PolicyEditor to changes it has made
+     * @param codebase the codebase for which changes were made
+     * @param permissions the permissions granted to this codebase
+     */
     void updateCustomPermissions(final String codebase, final Collection<CustomPermission> permissions) {
         changesMade = true;
         customPermissionsMap.get(codebase).clear();
@@ -710,9 +778,17 @@
         new Thread() {
             @Override
             public void run() {
-                OpenFileResult ofr = FileUtils.testFilePermissions(new File(filePath));
-                if (ofr == null) {
-                    FileUtils.showCouldNotOpenFilepathDialog(weakThis.get(), filePath);
+                if (!file.exists()) {
+                    try {
+                        file.createNewFile();
+                    } catch (final IOException e) {
+                        OutputController.getLogger().log(e);
+                        // If this fails we'll end up handling it a few lines down anyway.
+                    }
+                }
+                OpenFileResult ofr = FileUtils.testFilePermissions(file);
+                if (ofr == OpenFileResult.FAILURE || ofr == OpenFileResult.NOT_FILE) {
+                    FileUtils.showCouldNotOpenFilepathDialog(weakThis.get(), file.getPath());
                     return;
                 }
                 if (ofr == OpenFileResult.CANT_WRITE) {
@@ -720,24 +796,25 @@
                 }
                 final String contents;
                 try {
-                    contents = FileUtils.loadFileAsString(new File(filePath));
+                    contents = FileUtils.loadFileAsString(file);
                 } catch (final IOException e) {

From aazores at icedtea.classpath.org  Mon Mar 10 16:29:58 2014
From: aazores at icedtea.classpath.org (aazores at icedtea.classpath.org)
Date: Mon, 10 Mar 2014 16:29:58 +0000
Subject: /hg/icedtea-web: Fix PolicyEditor unit tests after refactor
Message-ID: <hg.483ab446ea4c.1394468998.8643924302249223276@icedtea.classpath.org>

changeset 483ab446ea4c in /hg/icedtea-web
details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=483ab446ea4c
author: Andrew Azores <aazores at redhat.com>
date: Mon Mar 10 12:29:47 2014 -0400

	Fix PolicyEditor unit tests after refactor

	* tests/netx/unit/net/sourceforge/jnlp/security/policyeditor/PolicyEditorPermissionsTest.java:
	(testActionsRegex, testTargetRegex, testRegexesAgainstBadPermissionNames):
	update after moving regexes from PolicyEditorPermissions into
	CustomPermission


diffstat:

 ChangeLog                                                                                   |   7 +
 tests/netx/unit/net/sourceforge/jnlp/security/policyeditor/PolicyEditorPermissionsTest.java |  38 +++++-----
 2 files changed, 26 insertions(+), 19 deletions(-)

diffs (74 lines):

diff -r 17c6e5a59602 -r 483ab446ea4c ChangeLog
--- a/ChangeLog	Mon Mar 10 12:17:56 2014 -0400
+++ b/ChangeLog	Mon Mar 10 12:29:47 2014 -0400
@@ -1,3 +1,10 @@
+2014-03-10  Andrew Azores  <aazores at redhat.com>
+
+	* tests/netx/unit/net/sourceforge/jnlp/security/policyeditor/PolicyEditorPermissionsTest.java:
+	(testActionsRegex, testTargetRegex, testRegexesAgainstBadPermissionNames):
+	update after moving regexes from PolicyEditorPermissions into
+	CustomPermission
+
 2014-03-10  Andrew Azores  <aazores at redhat.com>
 
 	PolicyEditor parsing enhancements, new tests, and bugfixes
diff -r 17c6e5a59602 -r 483ab446ea4c tests/netx/unit/net/sourceforge/jnlp/security/policyeditor/PolicyEditorPermissionsTest.java
--- a/tests/netx/unit/net/sourceforge/jnlp/security/policyeditor/PolicyEditorPermissionsTest.java	Mon Mar 10 12:17:56 2014 -0400
+++ b/tests/netx/unit/net/sourceforge/jnlp/security/policyeditor/PolicyEditorPermissionsTest.java	Mon Mar 10 12:29:47 2014 -0400
@@ -71,37 +71,37 @@
 
     @Test
     public void testActionsRegex() throws Exception {
-    	final Pattern pattern = PolicyEditorPermissions.ACTIONS_PERMISSION;
+        final Pattern pattern = CustomPermission.ACTIONS_PERMISSION;
 
-    	final String actionsPermission = "permission java.io.FilePermission \"${user.home}\", \"read\";";
-    	final String targetPermission = "permission java.io.RuntimePermission \"queuePrintJob\";";
-    	final String badPermission = "permission java.io.FilePermission user.home read;";
+        final String actionsPermission = "permission java.io.FilePermission \"${user.home}\", \"read\";";
+        final String targetPermission = "permission java.io.RuntimePermission \"queuePrintJob\";";
+        final String badPermission = "permission java.io.FilePermission user.home read;";
 
-    	assertTrue(actionsPermission + " should match", pattern.matcher(actionsPermission).matches());
-    	assertFalse(targetPermission + " should not match", pattern.matcher(targetPermission).matches());
-    	assertFalse(badPermission + " should not match", pattern.matcher(badPermission).matches());
+        assertTrue(actionsPermission + " should match", pattern.matcher(actionsPermission).matches());
+        assertFalse(targetPermission + " should not match", pattern.matcher(targetPermission).matches());
+        assertFalse(badPermission + " should not match", pattern.matcher(badPermission).matches());
     }
 
     @Test
     public void testTargetRegex() throws Exception {
-    	final Pattern pattern = PolicyEditorPermissions.TARGET_PERMISSION;
+        final Pattern pattern = CustomPermission.TARGET_PERMISSION;
 
-    	final String actionsPermission = "permission java.io.FilePermission \"${user.home}\", \"read\";";
-    	final String targetPermission = "permission java.io.RuntimePermission \"queuePrintJob\";";
-    	final String badPermission = "permission java.io.FilePermission user.home read;";
+        final String actionsPermission = "permission java.io.FilePermission \"${user.home}\", \"read\";";
+        final String targetPermission = "permission java.io.RuntimePermission \"queuePrintJob\";";
+        final String badPermission = "permission java.io.FilePermission user.home read;";
 
-    	assertFalse(actionsPermission + " should not match", pattern.matcher(actionsPermission).matches());
-    	assertTrue(targetPermission + " should match", pattern.matcher(targetPermission).matches());
-    	assertFalse(badPermission + " should not match", pattern.matcher(badPermission).matches());
+        assertFalse(actionsPermission + " should not match", pattern.matcher(actionsPermission).matches());
+        assertTrue(targetPermission + " should match", pattern.matcher(targetPermission).matches());
+        assertFalse(badPermission + " should not match", pattern.matcher(badPermission).matches());
     }
 
     @Test
     public void testRegexesAgainstBadPermissionNames() throws Exception {
-    	final Pattern targetPattern = PolicyEditorPermissions.TARGET_PERMISSION;
-    	final Pattern actionsPattern = PolicyEditorPermissions.ACTIONS_PERMISSION;
-    	final String badPermission = "permission abc123^$% \"target\", \"actions\"";
+        final Pattern targetPattern = CustomPermission.TARGET_PERMISSION;
+        final Pattern actionsPattern = CustomPermission.ACTIONS_PERMISSION;
+        final String badPermission = "permission abc123^$% \"target\", \"actions\"";
 
-    	assertFalse(badPermission + " should not match", targetPattern.matcher(badPermission).matches());
-    	assertFalse(badPermission + " should not match", actionsPattern.matcher(badPermission).matches());
+        assertFalse(badPermission + " should not match", targetPattern.matcher(badPermission).matches());
+        assertFalse(badPermission + " should not match", actionsPattern.matcher(badPermission).matches());
     }
 }

From aazores at redhat.com  Mon Mar 10 18:28:23 2014
From: aazores at redhat.com (Andrew Azores)
Date: Mon, 10 Mar 2014 14:28:23 -0400
Subject: [rfc][icedtea-web] MD5SumWatcher util
Message-ID: <531E0447.2000005@redhat.com>

Hi,

This adds a small utility class that makes it easy to check when a 
file's contents on disk have been changed. This needs to be custom built 
here because we don't have access to nio2 yet, and pulling in an Apache 
lib dependency just for this is overkill.

The motivation is to add this kind of checking functionality into 
PolicyEditor so that a dialog can be shown and the user prompted on what 
to do if the policy file is modified both by PolicyEditor and externally.

ChangeLog:

Added MD5SumWatcher utility class to detect when a file's contents have been
changed on disk.
* netx/net/sourceforge/jnlp/util/FileUtils.java: (getFileMD5Sum) new 
function
* netx/net/sourceforge/jnlp/util/MD5SumWatcher.java: new class
* tests/netx/unit/net/sourceforge/jnlp/util/MD5SumWatcherTest.java: new 
tests
for MD5SumWatcher


Thanks,

-- 
Andrew A

-------------- next part --------------
A non-text attachment was scrubbed...
Name: md5sumwatcher.patch
Type: text/x-patch
Size: 11242 bytes
Desc: not available
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140310/4845f0f7/md5sumwatcher.patch>

From jvanek at redhat.com  Mon Mar 10 18:42:42 2014
From: jvanek at redhat.com (Jiri Vanek)
Date: Mon, 10 Mar 2014 19:42:42 +0100
Subject: [rfc][icedtea-web] following permissions attribute
In-Reply-To: <531740F3.2040102@redhat.com>
References: <530CCFE4.2040008@redhat.com> <5316520D.9020705@redhat.com>
	<5317331A.90405@redhat.com> <531740F3.2040102@redhat.com>
Message-ID: <531E07A2.8060200@redhat.com>

All should be fixed. Thanx!

There are some deeper changes caused by moving from Boolean->enum.

Also I found few crippled test by (already previous version of ) this patch. So those are fixed

Thanx,
   J.

On 03/05/2014 04:21 PM, Andrew Azores wrote:
> On 03/05/2014 09:22 AM, Jiri Vanek wrote:
>> On 03/04/2014 11:22 PM, Andrew Azores wrote:
>>> On 02/25/2014 12:16 PM, Jiri Vanek wrote:
>>>> AIS
>>>>
>>>> http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#permissions
>>>>
>>>> Please, any reviewer, read the specification. It appeared to be tricky to transform its spoken language to algorithm... Well at least default was specified without fog :(
>>>>
>>>> Thanx for any comments!
>>>> J.
>>>>
>>>> not sure how with unittests, but reproducers are on the way...
>>>
>>> Are you just looking for additional help figuring out what the spec is trying to define? Or was a patch forgotten here?
>>>
>>
>> Crap. Sorry. Forgot to attach aptch :(
>
> Messages.properties:
>> +# missing permissions dialogue
>> +MissingPermissionsMainTitle=Application <span color='red'> {0} </span> \
>> +form codebase <span color='red'> {1} </span> is missing the permissions attribute. \
>> +Applications without this attribute should not be trusted. Do you allow this application to run?
> "Do you want to run this application?" or "Do you wish to allow this application to run?"
>> +MissingPermissionsInfo=For more information you can visit:<br/>\
>> +<a href="http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#permissions"> \
>> +http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#permissions</a> <br/> \
>> +and<br/> <a href="http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/no_redeploy.html"> \
>> +http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/no_redeploy.html</a>
>
>
> JNLPClassLoader:
>> +        Boolean permissions = file.getManifestsAttributes().isSandboxForced();
>
> I'm not liking the use of the boxed type here... true/false/null is kind of ugly. Can an enum be made for the three states, rather than actually using null as an acceptable value? I know this isn't directly relevant to this patch, though.
>
>> +                throw new LaunchException("Your Extended applets security is at 'Very high', and this applicationis missing the 'permissions' attribute in manifest. This is fatal");
>> +                    throw new LaunchException("Your Extended applets security is at 'high' and this applicationis missing the 'permissions' attribute in manifest. And you have refused to run it.");
>
> "applicationis" - missing a space. Should this go in Messages.properties?
>
> And please consider moving this method into the new SecurityDelegate as well (which is newer than this patch, I know)
>
>
>
> SecurityDialogs:
>> +     public static int showMissingPermissionsAttributeDialogue(String title, URL codeBase) {
>> +
>> +        if (!shouldPromptUser()) {
>> +            return 1;
>> +        }
>> +
>> +        SecurityDialogMessage message = new SecurityDialogMessage();
>> +        message.dialogType = DialogType.UNSIGNED_EAS_NO_PERMISSIONS_WARNING;
>> +        message.extras = new Object[]{title, codeBase.toExternalForm()};
>> +        Object selectedValue = getUserResponse(message);
>> +
>> +        // result 0 = Yes, 1 = No
>> +        if (selectedValue instanceof Integer) {
>> +            // If the selected value can be cast to Integer, use that value
>> +            return ((Integer) selectedValue).intValue();
>> +        } else {
>> +            // Otherwise default to "cancel"
>> +            return 1;
>> +        }
>> +    }
>
> As in the ALAC review, return a boolean or AppletAction here instead please.
>
> Thanks,
>
> --
> Andrew A
>

-------------- next part --------------
A non-text attachment was scrubbed...
Name: permissionAttribute_02.patch
Type: text/x-patch
Size: 27610 bytes
Desc: not available
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140310/b93f4002/permissionAttribute_02-0001.patch>

From omajid at redhat.com  Mon Mar 10 18:46:38 2014
From: omajid at redhat.com (Omair Majid)
Date: Mon, 10 Mar 2014 14:46:38 -0400
Subject: [rfc][icedtea-web] MD5SumWatcher util
In-Reply-To: <531E0447.2000005@redhat.com>
References: <531E0447.2000005@redhat.com>
Message-ID: <20140310184638.GG2011@redhat.com>

* Andrew Azores <aazores at redhat.com> [2014-03-10 14:29]:
> This adds a small utility class that makes it easy to check when a
> file's contents on disk have been changed. This needs to be custom
> built here because we don't have access to nio2 yet, and pulling in
> an Apache lib dependency just for this is overkill.

Nice patch!

> +++ b/netx/net/sourceforge/jnlp/util/MD5SumWatcher.java

> +    public int updateWithDialog(final JFrame parent) throws FileNotFoundException, IOException {
> +        final boolean changed = update();
> +        if (changed) {
> +            return showFileChangeWhileLoadedDialog(parent, watchedFile.getCanonicalPath());
> +        }
> +        return JOptionPane.NO_OPTION;
> +    }
> +    private static int showFileChangeWhileLoadedDialog(final JFrame frame, final String filePath) {
> +        return JOptionPane.showConfirmDialog(frame, R("RFileModifiedWhileLoadedDetail", filePath),
> +                R("RFileModifiedWhileLoaded"), JOptionPane.YES_NO_CANCEL_OPTION);
> +    }

Unless there is a strong reason to, I would recommend keeping GUI out of
this class.

> +++ b/tests/netx/unit/net/sourceforge/jnlp/util/MD5SumWatcherTest.java

Nice tests!

> +    @Before
> +    public void createNewFile() throws Exception {
> +        file = File.createTempFile("md5sumwatchertest", "tmp");
> +        file.deleteOnExit();

Personally, I would have removed the file in an @After block. That way,
the file is removed after each test, not just on VM exit.

Thanks,
Omair

-- 
PGP Key: 66484681 (http://pgp.mit.edu/)
Fingerprint = F072 555B 0A17 3957 4E95  0056 F286 F14F 6648 4681

From aazores at redhat.com  Mon Mar 10 18:58:26 2014
From: aazores at redhat.com (Andrew Azores)
Date: Mon, 10 Mar 2014 14:58:26 -0400
Subject: [rfc][icedtea-web] MD5SumWatcher util
In-Reply-To: <20140310184638.GG2011@redhat.com>
References: <531E0447.2000005@redhat.com> <20140310184638.GG2011@redhat.com>
Message-ID: <531E0B52.70709@redhat.com>

On 03/10/2014 02:46 PM, Omair Majid wrote:
> * Andrew Azores <aazores at redhat.com> [2014-03-10 14:29]:
>> This adds a small utility class that makes it easy to check when a
>> file's contents on disk have been changed. This needs to be custom
>> built here because we don't have access to nio2 yet, and pulling in
>> an Apache lib dependency just for this is overkill.
> Nice patch!
>
>> +++ b/netx/net/sourceforge/jnlp/util/MD5SumWatcher.java
>> +    public int updateWithDialog(final JFrame parent) throws FileNotFoundException, IOException {
>> +        final boolean changed = update();
>> +        if (changed) {
>> +            return showFileChangeWhileLoadedDialog(parent, watchedFile.getCanonicalPath());
>> +        }
>> +        return JOptionPane.NO_OPTION;
>> +    }
>> +    private static int showFileChangeWhileLoadedDialog(final JFrame frame, final String filePath) {
>> +        return JOptionPane.showConfirmDialog(frame, R("RFileModifiedWhileLoadedDetail", filePath),
>> +                R("RFileModifiedWhileLoaded"), JOptionPane.YES_NO_CANCEL_OPTION);
>> +    }
> Unless there is a strong reason to, I would recommend keeping GUI out of
> this class.

Fair enough. I'll move it all into the PolicyEditor patch to come then.

>
>> +++ b/tests/netx/unit/net/sourceforge/jnlp/util/MD5SumWatcherTest.java
> Nice tests!
>
>> +    @Before
>> +    public void createNewFile() throws Exception {
>> +        file = File.createTempFile("md5sumwatchertest", "tmp");
>> +        file.deleteOnExit();
> Personally, I would have removed the file in an @After block. That way,
> the file is removed after each test, not just on VM exit.
>
> Thanks,
> Omair
>

Sounds reasonable to me.

Thanks,

-- 
Andrew A

-------------- next part --------------
A non-text attachment was scrubbed...
Name: md5sumwatcher2.patch
Type: text/x-patch
Size: 10028 bytes
Desc: not available
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140310/b76095b5/md5sumwatcher2.patch>

From aazores at redhat.com  Mon Mar 10 19:11:15 2014
From: aazores at redhat.com (Andrew Azores)
Date: Mon, 10 Mar 2014 15:11:15 -0400
Subject: [rfc][icedtea-web] following permissions attribute
In-Reply-To: <531E07A2.8060200@redhat.com>
References: <530CCFE4.2040008@redhat.com> <5316520D.9020705@redhat.com>
	<5317331A.90405@redhat.com> <531740F3.2040102@redhat.com>
	<531E07A2.8060200@redhat.com>
Message-ID: <531E0E53.1090707@redhat.com>

On 03/10/2014 02:42 PM, Jiri Vanek wrote:
> All should be fixed. Thanx!
>
> There are some deeper changes caused by moving from Boolean->enum.
>
> Also I found few crippled test by (already previous version of ) this 
> patch. So those are fixed
>
> Thanx,
>   J.
>

Just a few fairly minor nits left.

> +        public String permissionsToString() {
> +            String s = getAttribute(PERMISSIONS);
> +            if (s == null) {
> +                return "Not defined";
> +            } else if (s.trim().equalsIgnoreCase("sandbox")) {
> +                return s.trim();
> +            } else if (s.trim().equalsIgnoreCase("all-permissions")) {
> +                return s.trim();
> +            } else {
> +                return "illegal";
> +            }
> +
> +
> +        }

Kill the extra whitespace at the end of the method please.

> +        if (permissions == ManifestBoolean.UNDEFINED) {
> +            if (level == AppletSecurityLevel.DENY_UNSIGNED) {
> +                throw new LaunchException("Your Extended applets security is at 'Very high', and this application is missing the 'permissions' attribute in manifest. This is fatal");
> +            }
> +            if (level == AppletSecurityLevel.ASK_UNSIGNED) {
> +                boolean  a = SecurityDialogs.showMissingPermissionsAttributeDialogue(file.getTitle(), file.getCodeBase());
> +                if (!a) {
> +                    throw new LaunchException("Your Extended applets security is at 'high' and  this applicationis missing the 'permissions' attribute in manifest. And you have refused to run it.");
> +                }
> +            }
> +            //default for missing is sandbox
> +            if (!SecurityDesc.SANDBOX_PERMISSIONS.equals(security.getSecurityType())) {
> +                throw new LaunchException("The 'permissions' attribute is not specified, and application is requesting permissions. This is fatal");
> +            }
> +        } else {
> +            if (permissions == ManifestBoolean.TRUE) {
> +                if (SecurityDesc.SANDBOX_PERMISSIONS.equals(security.getSecurityType())) {
> +                    OutputController.getLogger().log("The permissions attribute of this application is " + file.getManifestsAttributes().permissionsToString() + "' and security is '" + security.getSecurityType() + "'. Thats correct");
> +                } else {
> +                    throw new LaunchException("The 'permissions' attribute is '" + file.getManifestsAttributes().permissionsToString() + "' but  security is '" + security.getSecurityType() + "'. This is fatal");
> +                }
> +            } else {
> +                if (SecurityDesc.SANDBOX_PERMISSIONS.equals(security.getSecurityType())) {
> +                    throw new LaunchException("The 'permissions' attribute is '" + file.getManifestsAttributes().permissionsToString() + "' but  security is' " + security.getSecurityType() + "'. This is fatal");
> +                } else {
> +                    OutputController.getLogger().log("The permissions attribute of this application is '" + file.getManifestsAttributes().permissionsToString() + "' and security is '" + security.getSecurityType() + "'. Thats correct");
> +                }
> +            }
> +        }

Rather than:

if (UNDEFINED) {
} else {
     if (TRUE) {
     } else { // implicit FALSE
     }
}

could you change this to if TRUE/else if FALSE/else if UNDEFINED/else? 
Or a switch?

> +     public static boolean  showMissingPermissionsAttributeDialogue(String title, URL codeBase) {

You have two spaces after 'boolean' ;)

> +         // result 0 = Yes, 1 = No
> +         if (selectedValue instanceof Integer) {
> +             // If the selected value can be cast to Integer, use that value
> +             int i = ((Integer) selectedValue).intValue();
> +             if (i == 0) {
> +                 return true;
> +             } else {
> +                 return false;
> +             }
> +         } else {
> +             // Otherwise default to "cancel"
> +             return false;
> +         }

SecurityDialogs.getIntegerResponseAsBoolean(Object) already does this 
for you.

> diff -r 483ab446ea4c tests/netx/unit/net/sourceforge/jnlp/runtime/CodeBaseClassLoaderTest.java
> --- a/tests/netx/unit/net/sourceforge/jnlp/runtime/CodeBaseClassLoaderTest.java	Mon Mar 10 12:29:47 2014 -0400
> +++ b/tests/netx/unit/net/sourceforge/jnlp/runtime/CodeBaseClassLoaderTest.java	Mon Mar 10 19:38:27 2014 +0100
> @@ -53,12 +53,29 @@
>   import net.sourceforge.jnlp.runtime.JNLPClassLoader.CodeBaseClassLoader;
>   import net.sourceforge.jnlp.annotations.Bug;
>   import net.sourceforge.jnlp.annotations.Remote;
> +import net.sourceforge.jnlp.config.DeploymentConfiguration;
> +import net.sourceforge.jnlp.security.appletextendedsecurity.AppletSecurityLevel;
> +import net.sourceforge.jnlp.security.appletextendedsecurity.AppletStartupSecuritySettings;
> +import net.sourceforge.jnlp.util.logging.NoStdOutErrTest;
>   import org.junit.AfterClass;
>   import org.junit.Assert;
> +import org.junit.BeforeClass;
>   
>   import org.junit.Test;
>   
> -public class CodeBaseClassLoaderTest {
> +public class CodeBaseClassLoaderTest extends NoStdOutErrTest {
> +
> +    private static AppletSecurityLevel level;
> +
> +    @BeforeClass
> +    public static void setPermissions(){
> +     level = AppletStartupSecuritySettings.getInstance().getSecurityLevel();
> +     JNLPRuntime.getConfiguration().setProperty(DeploymentConfiguration.KEY_SECURITY_LEVEL, AppletSecurityLevel.ALLOW_UNSIGNED.toChars());
> +    }
> +    @AfterClass
> +    public static void resetPermissions(){
> +    JNLPRuntime.getConfiguration().setProperty(DeploymentConfiguration.KEY_SECURITY_LEVEL, level.toChars());
> +    }

Fix indentation please, also add spaces between () and {.

>   public class JNLPFileTest extends NoStdOutErrTest {
>   
> +
> +    private static AppletSecurityLevel level;
> +
> +    @BeforeClass
> +    public static void setPermissions(){
> +     level = AppletStartupSecuritySettings.getInstance().getSecurityLevel();
> +     JNLPRuntime.getConfiguration().setProperty(DeploymentConfiguration.KEY_SECURITY_LEVEL, AppletSecurityLevel.ALLOW_UNSIGNED.toChars());
> +    }
> +    @AfterClass
> +    public static void resetPermissions(){
> +    JNLPRuntime.getConfiguration().setProperty(DeploymentConfiguration.KEY_SECURITY_LEVEL, level.toChars());
> +    }

Same.

Thanks,

-- 
Andrew A


From omajid at redhat.com  Mon Mar 10 19:35:43 2014
From: omajid at redhat.com (Omair Majid)
Date: Mon, 10 Mar 2014 15:35:43 -0400
Subject: [rfc][icedtea-web] MD5SumWatcher util
In-Reply-To: <531E0B52.70709@redhat.com>
References: <531E0447.2000005@redhat.com> <20140310184638.GG2011@redhat.com>
	<531E0B52.70709@redhat.com>
Message-ID: <20140310193543.GH2011@redhat.com>

* Andrew Azores <aazores at redhat.com> [2014-03-10 14:58]:
> Fair enough. I'll move it all into the PolicyEditor patch to come then.

This new patch looks fine.

Cheers,
Omair

-- 
PGP Key: 66484681 (http://pgp.mit.edu/)
Fingerprint = F072 555B 0A17 3957 4E95  0056 F286 F14F 6648 4681

From aazores at icedtea.classpath.org  Mon Mar 10 19:40:07 2014
From: aazores at icedtea.classpath.org (aazores at icedtea.classpath.org)
Date: Mon, 10 Mar 2014 19:40:07 +0000
Subject: /hg/icedtea-web: Added MD5SumWatcher utility class
Message-ID: <hg.f6336bc81da8.1394480407.8643924302249223276@icedtea.classpath.org>

changeset f6336bc81da8 in /hg/icedtea-web
details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=f6336bc81da8
author: Andrew Azores <aazores at redhat.com>
date: Mon Mar 10 15:39:56 2014 -0400

	Added MD5SumWatcher utility class

	Added MD5SumWatcher utility class to detect when a file's contents have been
	changed on disk.
	* netx/net/sourceforge/jnlp/util/FileUtils.java: (getFileMD5Sum) new
	function
	* netx/net/sourceforge/jnlp/util/MD5SumWatcher.java: new class
	* tests/netx/unit/net/sourceforge/jnlp/util/MD5SumWatcherTest.java: new
	tests for MD5SumWatcher


diffstat:

 ChangeLog                                                        |   10 +
 netx/net/sourceforge/jnlp/util/FileUtils.java                    |   27 ++
 netx/net/sourceforge/jnlp/util/MD5SumWatcher.java                |  104 +++++++++
 tests/netx/unit/net/sourceforge/jnlp/util/MD5SumWatcherTest.java |  113 ++++++++++
 4 files changed, 254 insertions(+), 0 deletions(-)

diffs (286 lines):

diff -r 483ab446ea4c -r f6336bc81da8 ChangeLog
--- a/ChangeLog	Mon Mar 10 12:29:47 2014 -0400
+++ b/ChangeLog	Mon Mar 10 15:39:56 2014 -0400
@@ -1,3 +1,13 @@
+2014-03-10  Andrew Azores  <aazores at redhat.com>
+
+	Added MD5SumWatcher utility class to detect when a file's contents have been
+	changed on disk.
+	* netx/net/sourceforge/jnlp/util/FileUtils.java: (getFileMD5Sum) new
+	function
+	* netx/net/sourceforge/jnlp/util/MD5SumWatcher.java: new class
+	* tests/netx/unit/net/sourceforge/jnlp/util/MD5SumWatcherTest.java: new
+	tests for MD5SumWatcher
+
 2014-03-10  Andrew Azores  <aazores at redhat.com>
 
 	* tests/netx/unit/net/sourceforge/jnlp/security/policyeditor/PolicyEditorPermissionsTest.java:
diff -r 483ab446ea4c -r f6336bc81da8 netx/net/sourceforge/jnlp/util/FileUtils.java
--- a/netx/net/sourceforge/jnlp/util/FileUtils.java	Mon Mar 10 12:29:47 2014 -0400
+++ b/netx/net/sourceforge/jnlp/util/FileUtils.java	Mon Mar 10 15:39:56 2014 -0400
@@ -30,8 +30,12 @@
 import java.io.OutputStreamWriter;
 import java.io.RandomAccessFile;
 import java.io.Writer;
+import java.nio.ByteBuffer;
 import java.nio.channels.FileChannel;
 import java.nio.channels.FileLock;
+import java.security.DigestInputStream;
+import java.security.MessageDigest;
+import java.security.NoSuchAlgorithmException;
 import java.util.ArrayList;
 import java.util.List;
 
@@ -587,4 +591,27 @@
     public static String loadFileAsString(File f, String encoding) throws IOException {
         return getContentOfStream(new FileInputStream(f), encoding);
     }
+
+    public static byte[] getFileMD5Sum(final File file, final String algorithm) throws NoSuchAlgorithmException,
+            FileNotFoundException, IOException {
+        final MessageDigest md5;
+        InputStream is = null;
+        DigestInputStream dis = null;
+        try {
+            md5 = MessageDigest.getInstance(algorithm);
+            is = new FileInputStream(file);
+            dis = new DigestInputStream(is, md5);
+
+            md5.update(getContentOfStream(dis).getBytes());
+        } finally {
+            if (is != null) {
+                is.close();
+            }
+            if (dis != null) {
+                dis.close();
+            }
+        }
+
+        return md5.digest();
+    }
 }
diff -r 483ab446ea4c -r f6336bc81da8 netx/net/sourceforge/jnlp/util/MD5SumWatcher.java
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/netx/net/sourceforge/jnlp/util/MD5SumWatcher.java	Mon Mar 10 15:39:56 2014 -0400
@@ -0,0 +1,104 @@
+/*Copyright (C) 2014 Red Hat, Inc.
+
+This file is part of IcedTea.
+
+IcedTea is free software; you can redistribute it and/or
+modify it under the terms of the GNU General Public License as published by
+the Free Software Foundation, version 2.
+
+IcedTea is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with IcedTea; see the file COPYING.  If not, write to
+the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version.
+ */
+
+package net.sourceforge.jnlp.util;
+
+import static net.sourceforge.jnlp.runtime.Translator.R;
+
+import java.io.File;
+import java.io.FileNotFoundException;
+import java.io.IOException;
+import java.security.NoSuchAlgorithmException;
+import java.util.Arrays;
+
+import javax.swing.JFrame;
+import javax.swing.JOptionPane;
+
+import net.sourceforge.jnlp.util.logging.OutputController;
+
+public class MD5SumWatcher {
+
+    private final File watchedFile;
+    private byte[] md5sum;
+
+    /**
+     * Create a new MD5SumWatcher instance
+     * @param watchedFile the file to watch
+     */
+    public MD5SumWatcher(final File watchedFile) {
+        this.watchedFile = watchedFile;
+        try {
+            this.md5sum = getSum();
+        } catch (final IOException ioe) {
+            OutputController.getLogger().log(ioe);
+            this.md5sum = null;
+        }
+    }
+
+    /**
+     * Get the current MD5 sum of the watched file
+     * @return a byte array of the MD5 sum
+     * @throws FileNotFoundException if the watched file does not exist
+     * @throws IOException if the file cannot be read
+     */
+    public byte[] getSum() throws FileNotFoundException, IOException {
+        update();
+        return md5sum;
+    }
+
+    /**
+     * Detect if the file's MD5 has changed and track its new sum if so
+     * @return if the file's MD5 has changed since the last update
+     * @throws FileNotFoundException if the watched file does not exist
+     * @throws IOException if the file cannot be read
+     */
+    public boolean update() throws FileNotFoundException, IOException {
+        byte[] newSum;
+        try {
+            newSum = FileUtils.getFileMD5Sum(watchedFile, "MD5");
+        } catch (final NoSuchAlgorithmException e) {
+            // There definitely should be an MD5 algorithm, but if not, all we can do is fail.
+            // This really, really is not expected to happen, so rethrow as RuntimeException
+            // to avoid having to check for NoSuchAlgorithmExceptions all the time
+            OutputController.getLogger().log(e);
+            throw new RuntimeException(e);
+        }
+        final boolean changed = !Arrays.equals(newSum, md5sum);
+        md5sum = newSum;
+        return changed;
+    }
+
+}
diff -r 483ab446ea4c -r f6336bc81da8 tests/netx/unit/net/sourceforge/jnlp/util/MD5SumWatcherTest.java
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/tests/netx/unit/net/sourceforge/jnlp/util/MD5SumWatcherTest.java	Mon Mar 10 15:39:56 2014 -0400
@@ -0,0 +1,113 @@
+/*Copyright (C) 2014 Red Hat, Inc.
+
+This file is part of IcedTea.
+
+IcedTea is free software; you can redistribute it and/or
+modify it under the terms of the GNU General Public License as published by
+the Free Software Foundation, version 2.
+
+IcedTea is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with IcedTea; see the file COPYING.  If not, write to
+the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version.
+ */
+
+package net.sourceforge.jnlp.util;
+
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertTrue;
+
+import java.io.File;
+import java.io.FileNotFoundException;
+import java.util.Arrays;
+
+import org.junit.After;
+import org.junit.Before;
+import org.junit.Test;
+
+public class MD5SumWatcherTest {
+
+    private File file;
+    private MD5SumWatcher watcher;
+
+    @Before
+    public void createNewFile() throws Exception {
+        file = File.createTempFile("md5sumwatchertest", "tmp");
+        file.deleteOnExit();
+        watcher = new MD5SumWatcher(file);
+    }
+
+    @After
+    public void deleteTempFile() throws Exception {
+        if (file.exists()) {
+            file.delete();
+        }
+    }
+
+    @Test
+    public void testNonExistentFile() {
+        file.delete();
+        file.mkdirs();
+        watcher = new MD5SumWatcher(file);
+        boolean gotException = false;
+        try {
+            watcher.update();
+        } catch (final Exception e) {
+            gotException = true;
+            assertTrue("Should have received FileNotFoundException", e instanceof FileNotFoundException);
+        }
+        assertTrue("Should have received FileNotFoundException", gotException);
+    }
+
+    @Test
+    public void testNoFileChangeGivesSameMd5() throws Exception {
+        byte[] sum = watcher.getSum();
+        byte[] sum2 = watcher.getSum();
+        assertTrue("MD5 sums should be the same. first: " + Arrays.toString(sum) + ", second: " + Arrays.toString(sum2),
+                Arrays.equals(sum, sum2));
+    }
+
+    @Test
+    public void testSavingToFileChangesMd5() throws Exception {
+        byte[] original = watcher.getSum();
+        FileUtils.saveFile("some test content\n", file);
+        byte[] changed = watcher.getSum();
+        assertFalse("MD5 sum should have changed, but was constant as " + Arrays.toString(original),
+                Arrays.equals(original, changed));
+    }
+
+    @Test
+    public void testUnchangedContentUpdate() throws Exception {
+        assertFalse("update() should return false", watcher.update());
+    }
+
+    @Test
+    public void testChangedContentUpdate() throws Exception {
+        FileUtils.saveFile("some test content\n", file);
+        final boolean changed = watcher.update();
+        assertTrue("update() should return true", changed);
+    }
+
+}

From aazores at redhat.com  Mon Mar 10 19:21:13 2014
From: aazores at redhat.com (Andrew Azores)
Date: Mon, 10 Mar 2014 15:21:13 -0400
Subject: [icedtea-web] RFC: man page for itweb-settings
In-Reply-To: <20140310160056.GE2011@redhat.com>
References: <20140308002809.GG24571@redhat.com> <531DB826.7040400@redhat.com>
	<20140310160056.GE2011@redhat.com>
Message-ID: <531E10A9.4040509@redhat.com>

On 03/10/2014 12:00 PM, Omair Majid wrote:
> * Jiri Vanek <jvanek at redhat.com> [2014-03-10 08:55]:
>> On 03/08/2014 01:28 AM, Omair Majid wrote:
>>> This is a very simple man page for itweb-settings. Okay to push?
>> So I would:
>>   - not confuse with "--" but say just
>> +.TP 12
>> +help
> Done.
>
>>   - Also It would be probably good to mention that anything (not just "help") will print info.
> I think this is pretty common convention, no? If a program sees an
> argument it doesn't recognize, it complains and prints help info. I
> haven't added it yet, but I can if you still think this is worth
> mentioning explicitly.
>
>> ALso "Shows some helpful information about the program" hmhmh do not .. well sound :)
>> Maybe Prints out general information about supported program, commands and basic usage.
> Should be fixed now.
>
>> Also:
>> +.SH EXAMPLES
>>
>> Cna contains exmaple ot two :)
> Now it has an all of 2 examples :)
>
>> Feel free to push as it is or with anything above  fixed. I'm insists
>> only on not confusing with "--".
> Pushed: http://icedtea.classpath.org/hg/icedtea-web/rev/2157f0e06002
>
> Thanks,
> Omair
>

Didn't notice this one until I actually opened the page with man, but:

> +.SH SYNOPSYS
> +.B itweb-settings

Spelling error, should be "synopsis".

Thanks,

-- 
Andrew A


From omajid at icedtea.classpath.org  Mon Mar 10 19:49:47 2014
From: omajid at icedtea.classpath.org (omajid at icedtea.classpath.org)
Date: Mon, 10 Mar 2014 19:49:47 +0000
Subject: /hg/icedtea-web: Fix typo in man page and add to NEWS
Message-ID: <hg.bd7ce0fce548.1394480987.8643924302249223276@icedtea.classpath.org>

changeset bd7ce0fce548 in /hg/icedtea-web
details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=bd7ce0fce548
author: Omair Majid <omajid at redhat.com>
date: Mon Mar 10 15:44:51 2014 -0400

	Fix typo in man page and add to NEWS

	2014-03-10  Omair Majid  <omajid at redhat.com>

	    * netx/javaws.1,
	    * netx/itweb-settings.1: Change "SYNOPSYS" to "SYNOPSIS".
	    * NEWS: Add itweb-setings man page.


diffstat:

 ChangeLog             |  6 ++++++
 NEWS                  |  1 +
 netx/itweb-settings.1 |  2 +-
 netx/javaws.1         |  2 +-
 4 files changed, 9 insertions(+), 2 deletions(-)

diffs (48 lines):

diff -r f6336bc81da8 -r bd7ce0fce548 ChangeLog
--- a/ChangeLog	Mon Mar 10 15:39:56 2014 -0400
+++ b/ChangeLog	Mon Mar 10 15:44:51 2014 -0400
@@ -1,3 +1,9 @@
+2014-03-10  Omair Majid  <omajid at redhat.com>
+
+	* netx/javaws.1,
+	* netx/itweb-settings.1: Change "SYNOPSYS" to "SYNOPSIS".
+	* NEWS: Add itweb-setings man page.
+
 2014-03-10  Andrew Azores  <aazores at redhat.com>
 
 	Added MD5SumWatcher utility class to detect when a file's contents have been
diff -r f6336bc81da8 -r bd7ce0fce548 NEWS
--- a/NEWS	Mon Mar 10 15:39:56 2014 -0400
+++ b/NEWS	Mon Mar 10 15:44:51 2014 -0400
@@ -39,6 +39,7 @@
   - RH1010958: insecure temporary file use flaw in LiveConnect implementation
 * Common
   - PR1474: Can't get javaws to use SOCKS proxy
+  - Man page for itweb-settings
 * Security Updates
   - CVE-2012-4540, RH869040: Heap-based buffer overflow after triggering event attached to applet
 
diff -r f6336bc81da8 -r bd7ce0fce548 netx/itweb-settings.1
--- a/netx/itweb-settings.1	Mon Mar 10 15:39:56 2014 -0400
+++ b/netx/itweb-settings.1	Mon Mar 10 15:44:51 2014 -0400
@@ -7,7 +7,7 @@
 javaws
 and the browser plugin
 
-.SH SYNOPSYS
+.SH SYNOPSIS
 
 .B itweb-settings
 .br
diff -r f6336bc81da8 -r bd7ce0fce548 netx/javaws.1
--- a/netx/javaws.1	Mon Mar 10 15:39:56 2014 -0400
+++ b/netx/javaws.1	Mon Mar 10 15:44:51 2014 -0400
@@ -1,7 +1,7 @@
 .TH javaws 1 "9 Sep 2010"
 .SH NAME
 javaws - a Java Web Start client
-.SH SYNOPSYS
+.SH SYNOPSIS
 .B javaws
 [-run-options] jnlp-file
 .br

From aazores at redhat.com  Mon Mar 10 19:57:37 2014
From: aazores at redhat.com (Andrew Azores)
Date: Mon, 10 Mar 2014 15:57:37 -0400
Subject: [rfc][icedtea-web][policyeditor] File Changed check
Message-ID: <531E1931.2020904@redhat.com>

Hi,

As promised, here's a patch that lets PolicyEditor detect when the 
policy file has been externally modified since it was opened, using 
MD5SumWatcher.

ChangeLog:
Added check for external file modification to PolicyEditor
* netx/net/sourceforge/jnlp/resources/Messages.properties: (PEFileModified,
PEFileModifiedDetail) new messages
* netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java:
(updateCheckboxes) avoid NPE. (openAndParsePolicyFile, savePolicyFile) use
MD5SumWatcher to detect when the policy file has been externally modified.
(updateMd5WithDialog) new method
* 
tests/netx/unit/net/sourceforge/jnlp/security/policyeditor/PolicyEditorTest.java:
all URLs changed to example.com

Thanks,

-- 
Andrew A

-------------- next part --------------
A non-text attachment was scrubbed...
Name: filechanged-check.patch
Type: text/x-patch
Size: 12256 bytes
Desc: not available
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140310/c8bf26dd/filechanged-check.patch>

From aazores at redhat.com  Mon Mar 10 20:17:59 2014
From: aazores at redhat.com (Andrew Azores)
Date: Mon, 10 Mar 2014 16:17:59 -0400
Subject: [rfc][icedtea-web][policyeditor] man page for PolicyEditor
Message-ID: <531E1DF7.9060601@redhat.com>

Hi,

As in subject, a simple man page for the PolicyEditor command.

ChangeLog:
Add man page for PolicyEditor
* Makefile.am: (install-data-local, uninstall-local): added policyeditor.1
man page
* netx/policyeditor.1: new man page for PolicyEditor

Thanks,

-- 
Andrew A

-------------- next part --------------
A non-text attachment was scrubbed...
Name: policyeditor-manpage.patch
Type: text/x-patch
Size: 2786 bytes
Desc: not available
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140310/17e19b9e/policyeditor-manpage.patch>

From omajid at redhat.com  Mon Mar 10 20:26:29 2014
From: omajid at redhat.com (Omair Majid)
Date: Mon, 10 Mar 2014 16:26:29 -0400
Subject: [rfc][icedtea-web][policyeditor] man page for PolicyEditor
In-Reply-To: <531E1DF7.9060601@redhat.com>
References: <531E1DF7.9060601@redhat.com>
Message-ID: <20140310202625.GK2011@redhat.com>

* Andrew Azores <aazores at redhat.com> [2014-03-10 16:18]:
> diff --git a/Makefile.am b/Makefile.am

> +	rm -f $(DESTDIR)$(mandir)/man1/itweb-settings.1

Thanks for fixing this.

Patch looks fine to me.

Thanks,
Omair

-- 
PGP Key: 66484681 (http://pgp.mit.edu/)
Fingerprint = F072 555B 0A17 3957 4E95  0056 F286 F14F 6648 4681

From aazores at icedtea.classpath.org  Mon Mar 10 20:30:55 2014
From: aazores at icedtea.classpath.org (aazores at icedtea.classpath.org)
Date: Mon, 10 Mar 2014 20:30:55 +0000
Subject: /hg/icedtea-web: Add man page for PolicyEditor
Message-ID: <hg.f58e426ca958.1394483455.8643924302249223276@icedtea.classpath.org>

changeset f58e426ca958 in /hg/icedtea-web
details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=f58e426ca958
author: Andrew Azores <aazores at redhat.com>
date: Mon Mar 10 16:30:44 2014 -0400

	Add man page for PolicyEditor

	* Makefile.am: (install-data-local, uninstall-local): added policyeditor.1
	man page
	* netx/policyeditor.1: new man page for PolicyEditor


diffstat:

 Makefile.am         |   3 ++
 netx/policyeditor.1 |  69 +++++++++++++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 72 insertions(+), 0 deletions(-)

diffs (93 lines):

diff -r bd7ce0fce548 -r f58e426ca958 Makefile.am
--- a/Makefile.am	Mon Mar 10 15:44:51 2014 -0400
+++ b/Makefile.am	Mon Mar 10 16:30:44 2014 -0400
@@ -257,6 +257,7 @@
 	${mkinstalldirs} -d $(DESTDIR)$(mandir)/man1
 	${INSTALL_DATA} $(NETX_SRCDIR)/javaws.1 $(DESTDIR)$(mandir)/man1
 	${INSTALL_DATA} $(NETX_SRCDIR)/itweb-settings.1 $(DESTDIR)$(mandir)/man1
+	${INSTALL_DATA} $(NETX_SRCDIR)/policyeditor.1 $(DESTDIR)$(mandir)/man1
 if ENABLE_DOCS
 	${mkinstalldirs} $(DESTDIR)$(htmldir)
 	(cd ${abs_top_builddir}/docs/netx; \
@@ -278,6 +279,8 @@
 	rm -f $(DESTDIR)$(datadir)/$(PACKAGE_NAME)/plugin.jar
 	rm -f $(DESTDIR)$(datadir)/$(PACKAGE_NAME)/netx.jar
 	rm -f $(DESTDIR)$(mandir)/man1/javaws.1
+	rm -f $(DESTDIR)$(mandir)/man1/itweb-settings.1
+	rm -f $(DESTDIR)$(mandir)/man1/policyeditor.1
 	rm -f $(DESTDIR)$(bindir)/$(javaws)
 	rm -f $(DESTDIR)$(bindir)/$(itweb_settings)
 	rm -f $(DESTDIR)$(bindir)/$(policyeditor)
diff -r bd7ce0fce548 -r f58e426ca958 netx/policyeditor.1
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/netx/policyeditor.1	Mon Mar 10 16:30:44 2014 -0400
@@ -0,0 +1,69 @@
+.TH policyeditor 1 "10 Mar 2014"
+
+.SH NAME
+
+policyeditor - view and modify security policy settings for
+.B javaws
+and the browser plugin
+
+.SH SYNOPSIS
+
+.B policyeditor
+.br
+.B policyeditor [-file]
+policy_file
+.SH DESCRIPTION
+.B policyeditor
+is a command line program to view and edit applet security policy settings
+used by the icedtea-web implementation of
+.B javaws
+and the browser plugin. It is intended as a simpler, easier to use, and more
+accessible alternative to the standard JDK Policy Tool. Administrators and
+power users who need fine grained control over policy files should probably
+use Policy Tool instead of PolicyEditor.
+
+If executed without any arguments, no file is opened, and saving the file will
+result in a prompt on where to save it. Otherwise, if a file path is given as
+a command line argument, then that file path will be opened and parsed as a
+policy file.
+
+
+.SH OPTIONS
+
+.TP
+-file
+Specifies a policy file path to open. If this is not given as an argument, the
+first argument given is interpreted as a file path to open anyway. This switch
+exists mostly for compatibility with Policy Tool.
+
+.SH EXAMPLES
+
+.TP
+policyeditor
+Show the GUI editor
+
+.TP
+policyeditor -file $HOME/.config/icedtea-web/security/java.policy
+Opens the default user-level policy file location
+
+
+.SH FILES
+
+$HOME/.config/icedtea-web/security/java.policy the default user-level policy file location
+
+.SH BUGS
+
+There aren't any known bugs. If you come across one, please file it at
+    http://icedtea.classpath.org/bugzilla/
+
+.SH AUTHOR
+
+Written and maintained by the IcedTea contributors.
+
+.SH SEE ALSO
+
+.BR policytool (1),
+.BR javaws (1),
+.BR java (1)
+.br
+http://icedtea.classpath.org/wiki/IcedTea-Web

From omajid at redhat.com  Mon Mar 10 19:50:17 2014
From: omajid at redhat.com (Omair Majid)
Date: Mon, 10 Mar 2014 15:50:17 -0400
Subject: [icedtea-web] RFC: man page for itweb-settings
In-Reply-To: <531E10A9.4040509@redhat.com>
References: <20140308002809.GG24571@redhat.com> <531DB826.7040400@redhat.com>
	<20140310160056.GE2011@redhat.com> <531E10A9.4040509@redhat.com>
Message-ID: <20140310195017.GI2011@redhat.com>

* Andrew Azores <aazores at redhat.com> [2014-03-10 15:21]:
> Didn't notice this one until I actually opened the page with man, but:
> 
> >+.SH SYNOPSYS
> >+.B itweb-settings
> 
> Spelling error, should be "synopsis".

Nice catch! Fixed in javaws.1 and itweb-settings.1:
http://icedtea.classpath.org/hg/icedtea-web/rev/bd7ce0fce548

Thanks,
Omair

-- 
PGP Key: 66484681 (http://pgp.mit.edu/)
Fingerprint = F072 555B 0A17 3957 4E95  0056 F286 F14F 6648 4681

From jvanek at redhat.com  Tue Mar 11 09:03:04 2014
From: jvanek at redhat.com (Jiri Vanek)
Date: Tue, 11 Mar 2014 10:03:04 +0100
Subject: /hg/icedtea-web: Add man page for PolicyEditor
In-Reply-To: <hg.f58e426ca958.1394483455.8643924302249223276@icedtea.classpath.org>
References: <hg.f58e426ca958.1394483455.8643924302249223276@icedtea.classpath.org>
Message-ID: <531ED148.7010101@redhat.com>

Is small fix possible?

diff -r f58e426ca958 netx/policyeditor.1
--- a/netx/policyeditor.1	Mon Mar 10 16:30:44 2014 -0400
+++ b/netx/policyeditor.1	Tue Mar 11 10:01:14 2014 +0100
@@ -14,7 +14,7 @@
  policy_file
  .SH DESCRIPTION
  .B policyeditor
-is a command line program to view and edit applet security policy settings
+is a GUI application with small command line support to view and edit applet security policy settings
  used by the icedtea-web implementation of
  .B javaws
  and the browser plugin. It is intended as a simpler, easier to use, and more

I think the "command line program" is a bit misleading...

J.
On 03/10/2014 09:30 PM, aazores at icedtea.classpath.org wrote:
> changeset f58e426ca958 in /hg/icedtea-web
> details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=f58e426ca958
> author: Andrew Azores<aazores at redhat.com>
> date: Mon Mar 10 16:30:44 2014 -0400
>
> 	Add man page for PolicyEditor
>
> 	* Makefile.am: (install-data-local, uninstall-local): added policyeditor.1
> 	man page
> 	* netx/policyeditor.1: new man page for PolicyEditor
>
>
> diffstat:
>
>   Makefile.am         |   3 ++
>   netx/policyeditor.1 |  69 +++++++++++++++++++++++++++++++++++++++++++++++++++++
>   2 files changed, 72 insertions(+), 0 deletions(-)
>
> diffs (93 lines):
>
> diff -r bd7ce0fce548 -r f58e426ca958 Makefile.am
> --- a/Makefile.am	Mon Mar 10 15:44:51 2014 -0400
> +++ b/Makefile.am	Mon Mar 10 16:30:44 2014 -0400
> @@ -257,6 +257,7 @@
>   	${mkinstalldirs} -d $(DESTDIR)$(mandir)/man1
>   	${INSTALL_DATA} $(NETX_SRCDIR)/javaws.1 $(DESTDIR)$(mandir)/man1
>   	${INSTALL_DATA} $(NETX_SRCDIR)/itweb-settings.1 $(DESTDIR)$(mandir)/man1
> +	${INSTALL_DATA} $(NETX_SRCDIR)/policyeditor.1 $(DESTDIR)$(mandir)/man1
>   if ENABLE_DOCS
>   	${mkinstalldirs} $(DESTDIR)$(htmldir)
>   	(cd ${abs_top_builddir}/docs/netx; \
> @@ -278,6 +279,8 @@
>   	rm -f $(DESTDIR)$(datadir)/$(PACKAGE_NAME)/plugin.jar
>   	rm -f $(DESTDIR)$(datadir)/$(PACKAGE_NAME)/netx.jar
>   	rm -f $(DESTDIR)$(mandir)/man1/javaws.1
> +	rm -f $(DESTDIR)$(mandir)/man1/itweb-settings.1
> +	rm -f $(DESTDIR)$(mandir)/man1/policyeditor.1
>   	rm -f $(DESTDIR)$(bindir)/$(javaws)
>   	rm -f $(DESTDIR)$(bindir)/$(itweb_settings)
>   	rm -f $(DESTDIR)$(bindir)/$(policyeditor)
> diff -r bd7ce0fce548 -r f58e426ca958 netx/policyeditor.1
> --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
> +++ b/netx/policyeditor.1	Mon Mar 10 16:30:44 2014 -0400
> @@ -0,0 +1,69 @@
> +.TH policyeditor 1 "10 Mar 2014"
> +
> +.SH NAME
> +
> +policyeditor - view and modify security policy settings for
> +.B javaws
> +and the browser plugin
> +
> +.SH SYNOPSIS
> +
> +.B policyeditor
> +.br
> +.B policyeditor [-file]
> +policy_file
> +.SH DESCRIPTION
> +.B policyeditor
> +is a command line program to view and edit applet security policy settings
> +used by the icedtea-web implementation of
> +.B javaws
> +and the browser plugin. It is intended as a simpler, easier to use, and more
> +accessible alternative to the standard JDK Policy Tool. Administrators and
> +power users who need fine grained control over policy files should probably
> +use Policy Tool instead of PolicyEditor.
> +
> +If executed without any arguments, no file is opened, and saving the file will
> +result in a prompt on where to save it. Otherwise, if a file path is given as
> +a command line argument, then that file path will be opened and parsed as a
> +policy file.
> +
> +
> +.SH OPTIONS
> +
> +.TP
> +-file
> +Specifies a policy file path to open. If this is not given as an argument, the
> +first argument given is interpreted as a file path to open anyway. This switch
> +exists mostly for compatibility with Policy Tool.
> +
> +.SH EXAMPLES
> +
> +.TP
> +policyeditor
> +Show the GUI editor
> +
> +.TP
> +policyeditor -file $HOME/.config/icedtea-web/security/java.policy
> +Opens the default user-level policy file location
> +
> +
> +.SH FILES
> +
> +$HOME/.config/icedtea-web/security/java.policy the default user-level policy file location
> +
> +.SH BUGS
> +
> +There aren't any known bugs. If you come across one, please file it at
> +    http://icedtea.classpath.org/bugzilla/
> +
> +.SH AUTHOR
> +
> +Written and maintained by the IcedTea contributors.
> +
> +.SH SEE ALSO
> +
> +.BR policytool (1),
> +.BR javaws (1),
> +.BR java (1)
> +.br
> +http://icedtea.classpath.org/wiki/IcedTea-Web

-------------- next part --------------
A non-text attachment was scrubbed...
Name: policyeditor.1.patch
Type: text/x-patch
Size: 531 bytes
Desc: not available
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140311/9da1048a/policyeditor.1.patch>

From ptisnovs at icedtea.classpath.org  Tue Mar 11 09:52:09 2014
From: ptisnovs at icedtea.classpath.org (ptisnovs at icedtea.classpath.org)
Date: Tue, 11 Mar 2014 09:52:09 +0000
Subject: /hg/rhino-tests: Added new test testGetResourceAsStreamNegativeT...
Message-ID: <hg.808d23256e54.1394531529.-6019694633368342460@icedtea.classpath.org>

changeset 808d23256e54 in /hg/rhino-tests
details: http://icedtea.classpath.org/hg/rhino-tests?cmd=changeset;node=808d23256e54
author: Pavel Tisnovsky <ptisnovs at redhat.com>
date: Tue Mar 11 10:52:47 2014 +0100

	Added new test testGetResourceAsStreamNegativeTest into
	CompiledScriptClassTest.


diffstat:

 ChangeLog                                       |   6 ++
 src/org/RhinoTests/CompiledScriptClassTest.java |  61 +++++++++++++++++++++++++
 2 files changed, 67 insertions(+), 0 deletions(-)

diffs (84 lines):

diff -r 3452613adb44 -r 808d23256e54 ChangeLog
--- a/ChangeLog	Mon Mar 10 11:29:46 2014 +0100
+++ b/ChangeLog	Tue Mar 11 10:52:47 2014 +0100
@@ -1,3 +1,9 @@
+2014-03-11  Pavel Tisnovsky  <ptisnovs at redhat.com>
+
+	* src/org/RhinoTests/CompiledScriptClassTest.java:
+	Added new test testGetResourceAsStreamNegativeTest into
+	CompiledScriptClassTest.
+
 2014-03-10  Pavel Tisnovsky  <ptisnovs at redhat.com>
 
 	* src/org/RhinoTests/CompiledScriptClassTest.java:
diff -r 3452613adb44 -r 808d23256e54 src/org/RhinoTests/CompiledScriptClassTest.java
--- a/src/org/RhinoTests/CompiledScriptClassTest.java	Mon Mar 10 11:29:46 2014 +0100
+++ b/src/org/RhinoTests/CompiledScriptClassTest.java	Tue Mar 11 10:52:47 2014 +0100
@@ -2005,6 +2005,67 @@
     }
 
     /**
+     * Test for method javax.script.CompiledScript.getClass().getResourceAsStreamNegativeTest()
+     */
+    protected void testGetResourceAsStreamNegativeTest() {
+        Object stream = null;
+        stream = this.compiledScriptClass.getResourceAsStream("/org/RhinoTests/AbstractScriptEngineClassTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/AbstractScriptEngineClassTest.class\") returns null");
+        stream = this.compiledScriptClass.getResourceAsStream("/org/RhinoTests/BaseRhinoTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/BaseRhinoTest.class\") returns null");
+        stream = this.compiledScriptClass.getResourceAsStream("/org/RhinoTests/BindingsClassTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/BindingsClassTest.class\") returns null");
+        stream = this.compiledScriptClass.getResourceAsStream("/org/RhinoTests/BindingsTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/BindingsTest.class\") returns null");
+        stream = this.compiledScriptClass.getResourceAsStream("/org/RhinoTests/CompilableClassTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/CompilableClassTest.class\") returns null");
+        stream = this.compiledScriptClass.getResourceAsStream("/org/RhinoTests/CompilableTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/CompilableTest.class\") returns null");
+        stream = this.compiledScriptClass.getResourceAsStream("/org/RhinoTests/CompiledScriptClassTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/CompiledScriptClassTest.class\") returns null");
+        stream = this.compiledScriptClass.getResourceAsStream("/org/RhinoTests/CompiledScriptTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/CompiledScriptTest.class\") returns null");
+        stream = this.compiledScriptClass.getResourceAsStream("/org/RhinoTests/Constants.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/Constants.class\") returns null");
+        stream = this.compiledScriptClass.getResourceAsStream("/org/RhinoTests/InvocableClassTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/InvocableClassTest.class\") returns null");
+        stream = this.compiledScriptClass.getResourceAsStream("/org/RhinoTests/InvocableTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/InvocableTest.class\") returns null");
+        stream = this.compiledScriptClass.getResourceAsStream("/org/RhinoTests/JavaScriptSnippets.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/JavaScriptSnippets.class\") returns null");
+        stream = this.compiledScriptClass.getResourceAsStream("/org/RhinoTests/JavaScriptsTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/JavaScriptsTest.class\") returns null");
+        stream = this.compiledScriptClass.getResourceAsStream("/org/RhinoTests/ScriptContextClassTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/ScriptContextClassTest.class\") returns null");
+        stream = this.compiledScriptClass.getResourceAsStream("/org/RhinoTests/ScriptContextTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/ScriptContextTest.class\") returns null");
+        stream = this.compiledScriptClass.getResourceAsStream("/org/RhinoTests/ScriptEngineClassTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/ScriptEngineClassTest.class\") returns null");
+        stream = this.compiledScriptClass.getResourceAsStream("/org/RhinoTests/ScriptEngineFactoryClassTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/ScriptEngineFactoryClassTest.class\") returns null");
+        stream = this.compiledScriptClass.getResourceAsStream("/org/RhinoTests/ScriptEngineFactoryTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/ScriptEngineFactoryTest.class\") returns null");
+        stream = this.compiledScriptClass.getResourceAsStream("/org/RhinoTests/ScriptEngineManagerClassTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/ScriptEngineManagerClassTest.class\") returns null");
+        stream = this.compiledScriptClass.getResourceAsStream("/org/RhinoTests/ScriptEngineManagerTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/ScriptEngineManagerTest.class\") returns null");
+        stream = this.compiledScriptClass.getResourceAsStream("/org/RhinoTests/ScriptEngineTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/ScriptEngineTest.class\") returns null");
+        stream = this.compiledScriptClass.getResourceAsStream("/org/RhinoTests/ScriptExceptionClassTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/ScriptExceptionClassTest.class\") returns null");
+        stream = this.compiledScriptClass.getResourceAsStream("/org/RhinoTests/ScriptExceptionTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/ScriptExceptionTest.class\") returns null");
+        stream = this.compiledScriptClass.getResourceAsStream("/org/RhinoTests/SimpleBindingsClassTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/SimpleBindingsClassTest.class\") returns null");
+        stream = this.compiledScriptClass.getResourceAsStream("/org/RhinoTests/SimpleBindingsTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/SimpleBindingsTest.class\") returns null");
+        stream = this.compiledScriptClass.getResourceAsStream("/org/RhinoTests/SimpleScriptContextClassTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/SimpleScriptContextClassTest.class\") returns null");
+        stream = this.compiledScriptClass.getResourceAsStream("/org/RhinoTests/SimpleScriptContextTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/SimpleScriptContextTest.class\") returns null");
+    }
+
+    /**
      * Test for instanceof operator applied to a class javax.script.CompiledScript
      */
     @SuppressWarnings("cast")

From ptisnovs at icedtea.classpath.org  Tue Mar 11 09:54:57 2014
From: ptisnovs at icedtea.classpath.org (ptisnovs at icedtea.classpath.org)
Date: Tue, 11 Mar 2014 09:54:57 +0000
Subject: /hg/gfx-test: Ten new tests added into BitBltUsingBgColor test s...
Message-ID: <hg.d56fab3af6d3.1394531697.-6248649288953172555@icedtea.classpath.org>

changeset d56fab3af6d3 in /hg/gfx-test
details: http://icedtea.classpath.org/hg/gfx-test?cmd=changeset;node=d56fab3af6d3
author: Pavel Tisnovsky <ptisnovs at redhat.com>
date: Tue Mar 11 10:55:38 2014 +0100

	Ten new tests added into BitBltUsingBgColor test suite.


diffstat:

 ChangeLog                                          |    5 +
 src/org/gfxtest/testsuites/BitBltUsingBgColor.java |  150 +++++++++++++++++++++
 2 files changed, 155 insertions(+), 0 deletions(-)

diffs (172 lines):

diff -r 6c11c8263a23 -r d56fab3af6d3 ChangeLog
--- a/ChangeLog	Mon Mar 10 11:23:57 2014 +0100
+++ b/ChangeLog	Tue Mar 11 10:55:38 2014 +0100
@@ -1,3 +1,8 @@
+2014-03-11  Pavel Tisnovsky  <ptisnovs at redhat.com>
+
+	* src/org/gfxtest/testsuites/BitBltUsingBgColor.java:
+	Ten new tests added into BitBltUsingBgColor test suite.
+
 2014-03-10  Pavel Tisnovsky  <ptisnovs at redhat.com>
 
 	* src/org/gfxtest/testsuites/CAGOperationsOnTwoTouchingCircles.java:
diff -r 6c11c8263a23 -r d56fab3af6d3 src/org/gfxtest/testsuites/BitBltUsingBgColor.java
--- a/src/org/gfxtest/testsuites/BitBltUsingBgColor.java	Mon Mar 10 11:23:57 2014 +0100
+++ b/src/org/gfxtest/testsuites/BitBltUsingBgColor.java	Tue Mar 11 10:55:38 2014 +0100
@@ -5672,6 +5672,156 @@
     }
 
     /**
+     * Test basic BitBlt operation for diagonal checker buffered image with type TYPE_USHORT_565_RGB.
+     * Background color is set to Color.cyan.
+     *
+     * @param image
+     *            image to be used as a destination for BitBlt-type operations
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testBitBltDiagonalCheckerBufferedImageTypeUshort565RGBBackgroundCyan(TestImage image, Graphics2D graphics2d)
+    {
+        return doBitBltDiagonalCheckerBufferedImageTypeUshort565RGB(image, graphics2d, Color.cyan);
+    }
+
+    /**
+     * Test basic BitBlt operation for diagonal checker buffered image with type TYPE_USHORT_565_RGB.
+     * Background color is set to Color.red.
+     *
+     * @param image
+     *            image to be used as a destination for BitBlt-type operations
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testBitBltDiagonalCheckerBufferedImageTypeUshort565RGBBackgroundRed(TestImage image, Graphics2D graphics2d)
+    {
+        return doBitBltDiagonalCheckerBufferedImageTypeUshort565RGB(image, graphics2d, Color.red);
+    }
+
+    /**
+     * Test basic BitBlt operation for diagonal checker buffered image with type TYPE_USHORT_565_RGB.
+     * Background color is set to Color.magenta.
+     *
+     * @param image
+     *            image to be used as a destination for BitBlt-type operations
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testBitBltDiagonalCheckerBufferedImageTypeUshort565RGBBackgroundMagenta(TestImage image, Graphics2D graphics2d)
+    {
+        return doBitBltDiagonalCheckerBufferedImageTypeUshort565RGB(image, graphics2d, Color.magenta);
+    }
+
+    /**
+     * Test basic BitBlt operation for diagonal checker buffered image with type TYPE_USHORT_565_RGB.
+     * Background color is set to Color.yellow.
+     *
+     * @param image
+     *            image to be used as a destination for BitBlt-type operations
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testBitBltDiagonalCheckerBufferedImageTypeUshort565RGBBackgroundYellow(TestImage image, Graphics2D graphics2d)
+    {
+        return doBitBltDiagonalCheckerBufferedImageTypeUshort565RGB(image, graphics2d, Color.yellow);
+    }
+
+    /**
+     * Test basic BitBlt operation for diagonal checker buffered image with type TYPE_USHORT_565_RGB.
+     * Background color is set to Color.white.
+     *
+     * @param image
+     *            image to be used as a destination for BitBlt-type operations
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testBitBltDiagonalCheckerBufferedImageTypeUshort565RGBBackgroundWhite(TestImage image, Graphics2D graphics2d)
+    {
+        return doBitBltDiagonalCheckerBufferedImageTypeUshort565RGB(image, graphics2d, Color.white);
+    }
+
+    /**
+     * Test basic BitBlt operation for diagonal checker buffered image with type TYPE_USHORT_GRAY.
+     * Background color is set to Color.black.
+     *
+     * @param image
+     *            image to be used as a destination for BitBlt-type operations
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testBitBltDiagonalCheckerBufferedImageTypeUshortGrayBackgroundBlack(TestImage image, Graphics2D graphics2d)
+    {
+        return doBitBltDiagonalCheckerBufferedImageTypeUshortGray(image, graphics2d, Color.black);
+    }
+
+    /**
+     * Test basic BitBlt operation for diagonal checker buffered image with type TYPE_BYTE_GRAY.
+     * Background color is set to Color.blue.
+     *
+     * @param image
+     *            image to be used as a destination for BitBlt-type operations
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testBitBltDiagonalCheckerBufferedImageTypeUshortGrayBackgroundBlue(TestImage image, Graphics2D graphics2d)
+    {
+        return doBitBltDiagonalCheckerBufferedImageTypeUshortGray(image, graphics2d, Color.blue);
+    }
+
+    /**
+     * Test basic BitBlt operation for diagonal checker buffered image with type TYPE_BYTE_GRAY.
+     * Background color is set to Color.green.
+     *
+     * @param image
+     *            image to be used as a destination for BitBlt-type operations
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testBitBltDiagonalCheckerBufferedImageTypeUshortGrayBackgroundGreen(TestImage image, Graphics2D graphics2d)
+    {
+        return doBitBltDiagonalCheckerBufferedImageTypeUshortGray(image, graphics2d, Color.green);
+    }
+
+    /**
+     * Test basic BitBlt operation for diagonal checker buffered image with type TYPE_BYTE_GRAY.
+     * Background color is set to Color.cyan.
+     *
+     * @param image
+     *            image to be used as a destination for BitBlt-type operations
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testBitBltDiagonalCheckerBufferedImageTypeUshortGrayBackgroundCyan(TestImage image, Graphics2D graphics2d)
+    {
+        return doBitBltDiagonalCheckerBufferedImageTypeUshortGray(image, graphics2d, Color.cyan);
+    }
+
+    /**
+     * Test basic BitBlt operation for diagonal checker buffered image with type TYPE_BYTE_GRAY.
+     * Background color is set to Color.red.
+     *
+     * @param image
+     *            image to be used as a destination for BitBlt-type operations
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testBitBltDiagonalCheckerBufferedImageTypeUshortGrayBackgroundRed(TestImage image, Graphics2D graphics2d)
+    {
+        return doBitBltDiagonalCheckerBufferedImageTypeUshortGray(image, graphics2d, Color.red);
+    }
+
+    /**
      * Entry point to the test suite.
      *
      * @param args not used in this case

From jvanek at redhat.com  Tue Mar 11 11:16:37 2014
From: jvanek at redhat.com (Jiri Vanek)
Date: Tue, 11 Mar 2014 12:16:37 +0100
Subject: [rfc][icedtea-web] following permissions attribute
In-Reply-To: <531E0E53.1090707@redhat.com>
References: <530CCFE4.2040008@redhat.com> <5316520D.9020705@redhat.com>
	<5317331A.90405@redhat.com> <531740F3.2040102@redhat.com>
	<531E07A2.8060200@redhat.com> <531E0E53.1090707@redhat.com>
Message-ID: <531EF095.3080001@redhat.com>

hrere we go.


Thanx!


2014-03-11  Jiri Vanek  <jvanek at redhat.com>

	Implemented Permissions manifest entry handling.
	* NEWS: mentioned Permissions attribute
	* netx/net/sourceforge/jnlp/JNLPFile.java: new enum (ManifestBoolean) introduced
	to replace true/false/null by TRUE/FALSE/UNDEFFINED. (isTrustedOnly),
	(isTrustedLibrary), (isSandboxForced) and (processBooleanAttribute) moved
	to use ManifestBoolean.
	* netx/net/sourceforge/jnlp/resources/Messages.properties: Added (ButYes) (ButNo)
	(MissingPermissionsMainTitle) and (MissingPermissionsInfo) keys
	* netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java: is now checking
	(checkPermissionsAttribute) in (init). Implemented new (checkPermissionsAttribute)
	method to handle Permissions attribute
	* netx/net/sourceforge/jnlp/security/SecurityDialog.java: can handle
	(UNSIGNED_EAS_NO_PERMISSIONS_WARNING)
	* netx/net/sourceforge/jnlp/security/SecurityDialogs.java: defined
	(UNSIGNED_EAS_NO_PERMISSIONS_WARNING ) and (showMissingPermissionsAttributeDialogue)
	* netx/net/sourceforge/jnlp/security/dialogs/MissingPermissionsAttributePanel.java:
	new class, implementation of missing permissions attribute panel.
	* netx/net/sourceforge/jnlp/security/dialogs/SecurityDialogPanel.java: changed
	(initialFocusComponent) from package private to descendant visible
	*  tests/netx/unit/net/sourceforge/jnlp/runtime/CodeBaseClassLoaderTest.java: and
	* tests/netx/unit/net/sourceforge/jnlp/runtime/JNLPFileTest.java: adapted to
	(ManifestBoolean) and to Permissions attribute handling at all.

On 03/10/2014 08:11 PM, Andrew Azores wrote:
> On 03/10/2014 02:42 PM, Jiri Vanek wrote:
>> All should be fixed. Thanx!
>>
>> There are some deeper changes caused by moving from Boolean->enum.
>>
>> Also I found few crippled test by (already previous version of ) this patch. So those are fixed
>>
>> Thanx,
>> J.
>>
>
> Just a few fairly minor nits left.
>
>> + public String permissionsToString() {
>> + String s = getAttribute(PERMISSIONS);
>> + if (s == null) {
>> + return "Not defined";
>> + } else if (s.trim().equalsIgnoreCase("sandbox")) {
>> + return s.trim();
>> + } else if (s.trim().equalsIgnoreCase("all-permissions")) {
>> + return s.trim();
>> + } else {
>> + return "illegal";
>> + }
>> +
>> +
>> + }
>
> Kill the extra whitespace at the end of the method please.
>
>> + if (permissions == ManifestBoolean.UNDEFINED) {
>> + if (level == AppletSecurityLevel.DENY_UNSIGNED) {
>> + throw new LaunchException("Your Extended applets security is at 'Very high', and this application is missing the 'permissions' attribute in manifest. This is fatal");
>> + }
>> + if (level == AppletSecurityLevel.ASK_UNSIGNED) {
>> + boolean a = SecurityDialogs.showMissingPermissionsAttributeDialogue(file.getTitle(), file.getCodeBase());
>> + if (!a) {
>> + throw new LaunchException("Your Extended applets security is at 'high' and this applicationis missing the 'permissions' attribute in manifest. And you have refused to run it.");
>> + }
>> + }
>> + //default for missing is sandbox
>> + if (!SecurityDesc.SANDBOX_PERMISSIONS.equals(security.getSecurityType())) {
>> + throw new LaunchException("The 'permissions' attribute is not specified, and application is requesting permissions. This is fatal");
>> + }
>> + } else {
>> + if (permissions == ManifestBoolean.TRUE) {
>> + if (SecurityDesc.SANDBOX_PERMISSIONS.equals(security.getSecurityType())) {
>> + OutputController.getLogger().log("The permissions attribute of this application is " + file.getManifestsAttributes().permissionsToString() + "' and security is '" + security.getSecurityType() + "'. Thats correct");
>> + } else {
>> + throw new LaunchException("The 'permissions' attribute is '" + file.getManifestsAttributes().permissionsToString() + "' but security is '" + security.getSecurityType() + "'. This is fatal");
>> + }
>> + } else {
>> + if (SecurityDesc.SANDBOX_PERMISSIONS.equals(security.getSecurityType())) {
>> + throw new LaunchException("The 'permissions' attribute is '" + file.getManifestsAttributes().permissionsToString() + "' but security is' " + security.getSecurityType() + "'. This is fatal");
>> + } else {
>> + OutputController.getLogger().log("The permissions attribute of this application is '" + file.getManifestsAttributes().permissionsToString() + "' and security is '" + security.getSecurityType() + "'. Thats correct");
>> + }
>> + }
>> + }
>
> Rather than:
>
> if (UNDEFINED) {
> } else {
> if (TRUE) {
> } else { // implicit FALSE
> }
> }
>
> could you change this to if TRUE/else if FALSE/else if UNDEFINED/else? Or a switch?
>
>> + public static boolean showMissingPermissionsAttributeDialogue(String title, URL codeBase) {
>
> You have two spaces after 'boolean' ;)
>
>> + // result 0 = Yes, 1 = No
>> + if (selectedValue instanceof Integer) {
>> + // If the selected value can be cast to Integer, use that value
>> + int i = ((Integer) selectedValue).intValue();
>> + if (i == 0) {
>> + return true;
>> + } else {
>> + return false;
>> + }
>> + } else {
>> + // Otherwise default to "cancel"
>> + return false;
>> + }
>
> SecurityDialogs.getIntegerResponseAsBoolean(Object) already does this for you.
>
>> diff -r 483ab446ea4c tests/netx/unit/net/sourceforge/jnlp/runtime/CodeBaseClassLoaderTest.java
>> --- a/tests/netx/unit/net/sourceforge/jnlp/runtime/CodeBaseClassLoaderTest.java Mon Mar 10 12:29:47 2014 -0400
>> +++ b/tests/netx/unit/net/sourceforge/jnlp/runtime/CodeBaseClassLoaderTest.java Mon Mar 10 19:38:27 2014 +0100
>> @@ -53,12 +53,29 @@
>> import net.sourceforge.jnlp.runtime.JNLPClassLoader.CodeBaseClassLoader;
>> import net.sourceforge.jnlp.annotations.Bug;
>> import net.sourceforge.jnlp.annotations.Remote;
>> +import net.sourceforge.jnlp.config.DeploymentConfiguration;
>> +import net.sourceforge.jnlp.security.appletextendedsecurity.AppletSecurityLevel;
>> +import net.sourceforge.jnlp.security.appletextendedsecurity.AppletStartupSecuritySettings;
>> +import net.sourceforge.jnlp.util.logging.NoStdOutErrTest;
>> import org.junit.AfterClass;
>> import org.junit.Assert;
>> +import org.junit.BeforeClass;
>> import org.junit.Test;
>> -public class CodeBaseClassLoaderTest {
>> +public class CodeBaseClassLoaderTest extends NoStdOutErrTest {
>> +
>> + private static AppletSecurityLevel level;
>> +
>> + @BeforeClass
>> + public static void setPermissions(){
>> + level = AppletStartupSecuritySettings.getInstance().getSecurityLevel();
>> + JNLPRuntime.getConfiguration().setProperty(DeploymentConfiguration.KEY_SECURITY_LEVEL, AppletSecurityLevel.ALLOW_UNSIGNED.toChars());
>> + }
>> + @AfterClass
>> + public static void resetPermissions(){
>> + JNLPRuntime.getConfiguration().setProperty(DeploymentConfiguration.KEY_SECURITY_LEVEL, level.toChars());
>> + }
>
> Fix indentation please, also add spaces between () and {.
>
>> public class JNLPFileTest extends NoStdOutErrTest {
>> +
>> + private static AppletSecurityLevel level;
>> +
>> + @BeforeClass
>> + public static void setPermissions(){
>> + level = AppletStartupSecuritySettings.getInstance().getSecurityLevel();
>> + JNLPRuntime.getConfiguration().setProperty(DeploymentConfiguration.KEY_SECURITY_LEVEL, AppletSecurityLevel.ALLOW_UNSIGNED.toChars());
>> + }
>> + @AfterClass
>> + public static void resetPermissions(){
>> + JNLPRuntime.getConfiguration().setProperty(DeploymentConfiguration.KEY_SECURITY_LEVEL, level.toChars());
>> + }
>
> Same.
>
> Thanks,
>

-------------- next part --------------
A non-text attachment was scrubbed...
Name: permissionAttribute_04.patch
Type: text/x-patch
Size: 28218 bytes
Desc: not available
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140311/0341ea37/permissionAttribute_04-0001.patch>

From aazores at redhat.com  Tue Mar 11 13:06:46 2014
From: aazores at redhat.com (Andrew Azores)
Date: Tue, 11 Mar 2014 09:06:46 -0400
Subject: /hg/icedtea-web: Add man page for PolicyEditor
In-Reply-To: <531ED148.7010101@redhat.com>
References: <hg.f58e426ca958.1394483455.8643924302249223276@icedtea.classpath.org>
	<531ED148.7010101@redhat.com>
Message-ID: <531F0A66.6010906@redhat.com>

On 03/11/2014 05:03 AM, Jiri Vanek wrote:
> Is small fix possible?
>
> diff -r f58e426ca958 netx/policyeditor.1
> --- a/netx/policyeditor.1    Mon Mar 10 16:30:44 2014 -0400
> +++ b/netx/policyeditor.1    Tue Mar 11 10:01:14 2014 +0100
> @@ -14,7 +14,7 @@
>  policy_file
>  .SH DESCRIPTION
>  .B policyeditor
> -is a command line program to view and edit applet security policy 
> settings
> +is a GUI application with small command line support to view and edit 
> applet security policy settings
>  used by the icedtea-web implementation of
>  .B javaws
>  and the browser plugin. It is intended as a simpler, easier to use, 
> and more
>
> I think the "command line program" is a bit misleading...
>
> J.

D'oh :) wow. Thanks for catching that. Feel free to push.

> On 03/10/2014 09:30 PM, aazores at icedtea.classpath.org wrote:
>> changeset f58e426ca958 in /hg/icedtea-web
>> details: 
>> http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=f58e426ca958
>> author: Andrew Azores<aazores at redhat.com>
>> date: Mon Mar 10 16:30:44 2014 -0400
>>
>>     Add man page for PolicyEditor
>>
>>     * Makefile.am: (install-data-local, uninstall-local): added 
>> policyeditor.1
>>     man page
>>     * netx/policyeditor.1: new man page for PolicyEditor
>>
>>
>> diffstat:
>>
>>   Makefile.am         |   3 ++
>>   netx/policyeditor.1 |  69 
>> +++++++++++++++++++++++++++++++++++++++++++++++++++++
>>   2 files changed, 72 insertions(+), 0 deletions(-)
>>
>> diffs (93 lines):
>>
>> diff -r bd7ce0fce548 -r f58e426ca958 Makefile.am
>> --- a/Makefile.am    Mon Mar 10 15:44:51 2014 -0400
>> +++ b/Makefile.am    Mon Mar 10 16:30:44 2014 -0400
>> @@ -257,6 +257,7 @@
>>       ${mkinstalldirs} -d $(DESTDIR)$(mandir)/man1
>>       ${INSTALL_DATA} $(NETX_SRCDIR)/javaws.1 $(DESTDIR)$(mandir)/man1
>>       ${INSTALL_DATA} $(NETX_SRCDIR)/itweb-settings.1 
>> $(DESTDIR)$(mandir)/man1
>> +    ${INSTALL_DATA} $(NETX_SRCDIR)/policyeditor.1 
>> $(DESTDIR)$(mandir)/man1
>>   if ENABLE_DOCS
>>       ${mkinstalldirs} $(DESTDIR)$(htmldir)
>>       (cd ${abs_top_builddir}/docs/netx; \
>> @@ -278,6 +279,8 @@
>>       rm -f $(DESTDIR)$(datadir)/$(PACKAGE_NAME)/plugin.jar
>>       rm -f $(DESTDIR)$(datadir)/$(PACKAGE_NAME)/netx.jar
>>       rm -f $(DESTDIR)$(mandir)/man1/javaws.1
>> +    rm -f $(DESTDIR)$(mandir)/man1/itweb-settings.1
>> +    rm -f $(DESTDIR)$(mandir)/man1/policyeditor.1
>>       rm -f $(DESTDIR)$(bindir)/$(javaws)
>>       rm -f $(DESTDIR)$(bindir)/$(itweb_settings)
>>       rm -f $(DESTDIR)$(bindir)/$(policyeditor)
>> diff -r bd7ce0fce548 -r f58e426ca958 netx/policyeditor.1
>> --- /dev/null    Thu Jan 01 00:00:00 1970 +0000
>> +++ b/netx/policyeditor.1    Mon Mar 10 16:30:44 2014 -0400
>> @@ -0,0 +1,69 @@
>> +.TH policyeditor 1 "10 Mar 2014"
>> +
>> +.SH NAME
>> +
>> +policyeditor - view and modify security policy settings for
>> +.B javaws
>> +and the browser plugin
>> +
>> +.SH SYNOPSIS
>> +
>> +.B policyeditor
>> +.br
>> +.B policyeditor [-file]
>> +policy_file
>> +.SH DESCRIPTION
>> +.B policyeditor
>> +is a command line program to view and edit applet security policy 
>> settings
>> +used by the icedtea-web implementation of
>> +.B javaws
>> +and the browser plugin. It is intended as a simpler, easier to use, 
>> and more
>> +accessible alternative to the standard JDK Policy Tool. 
>> Administrators and
>> +power users who need fine grained control over policy files should 
>> probably
>> +use Policy Tool instead of PolicyEditor.
>> +
>> +If executed without any arguments, no file is opened, and saving the 
>> file will
>> +result in a prompt on where to save it. Otherwise, if a file path is 
>> given as
>> +a command line argument, then that file path will be opened and 
>> parsed as a
>> +policy file.
>> +
>> +
>> +.SH OPTIONS
>> +
>> +.TP
>> +-file
>> +Specifies a policy file path to open. If this is not given as an 
>> argument, the
>> +first argument given is interpreted as a file path to open anyway. 
>> This switch
>> +exists mostly for compatibility with Policy Tool.
>> +
>> +.SH EXAMPLES
>> +
>> +.TP
>> +policyeditor
>> +Show the GUI editor
>> +
>> +.TP
>> +policyeditor -file $HOME/.config/icedtea-web/security/java.policy
>> +Opens the default user-level policy file location
>> +
>> +
>> +.SH FILES
>> +
>> +$HOME/.config/icedtea-web/security/java.policy the default 
>> user-level policy file location
>> +
>> +.SH BUGS
>> +
>> +There aren't any known bugs. If you come across one, please file it at
>> +    http://icedtea.classpath.org/bugzilla/
>> +
>> +.SH AUTHOR
>> +
>> +Written and maintained by the IcedTea contributors.
>> +
>> +.SH SEE ALSO
>> +
>> +.BR policytool (1),
>> +.BR javaws (1),
>> +.BR java (1)
>> +.br
>> +http://icedtea.classpath.org/wiki/IcedTea-Web
>

Thanks,

-- 
Andrew A


From aazores at redhat.com  Tue Mar 11 13:12:25 2014
From: aazores at redhat.com (Andrew Azores)
Date: Tue, 11 Mar 2014 09:12:25 -0400
Subject: [rfc][icedtea-web] following permissions attribute
In-Reply-To: <531EF095.3080001@redhat.com>
References: <530CCFE4.2040008@redhat.com> <5316520D.9020705@redhat.com>
	<5317331A.90405@redhat.com> <531740F3.2040102@redhat.com>
	<531E07A2.8060200@redhat.com> <531E0E53.1090707@redhat.com>
	<531EF095.3080001@redhat.com>
Message-ID: <531F0BB9.7050500@redhat.com>

On 03/11/2014 07:16 AM, Jiri Vanek wrote:
> hrere we go.
>
>
> Thanx!
>
>

Looks good to me.

Thanks,

-- 
Andrew A


From jvanek at redhat.com  Tue Mar 11 13:29:03 2014
From: jvanek at redhat.com (Jiri Vanek)
Date: Tue, 11 Mar 2014 14:29:03 +0100
Subject: [rfc][icedtea-web] clean button for console
Message-ID: <531F0F9F.1040902@redhat.com>

2014-03-11  Jiri Vanek  <jvanek at redhat.com>

	* netx/net/sourceforge/jnlp/resources/Messages.properties: added (ButClean)
	key for new button
	* netx/net/sourceforge/jnlp/util/logging/ConsoleOutputPane.java: (update)
	method enhanced for possibility to force refresh
	* netx/net/sourceforge/jnlp/util/logging/JavaConsole.java: added ButClean
	button. (updateModel) overlaoded with force attribute.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: cleanButonForConsole.patch
Type: text/x-patch
Size: 2386 bytes
Desc: not available
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140311/72579056/cleanButonForConsole.patch>

From aazores at redhat.com  Tue Mar 11 13:56:20 2014
From: aazores at redhat.com (Andrew Azores)
Date: Tue, 11 Mar 2014 09:56:20 -0400
Subject: [rfc][icedtea-web] clean button for console
In-Reply-To: <531F0F9F.1040902@redhat.com>
References: <531F0F9F.1040902@redhat.com>
Message-ID: <531F1604.5000407@redhat.com>

On 03/11/2014 09:29 AM, Jiri Vanek wrote:
> 2014-03-11 Jiri Vanek  <jvanek at redhat.com>
>
>     * netx/net/sourceforge/jnlp/resources/Messages.properties: added 
> (ButClean)
>     key for new button
>     * netx/net/sourceforge/jnlp/util/logging/ConsoleOutputPane.java: 
> (update)
>     method enhanced for possibility to force refresh
>     * netx/net/sourceforge/jnlp/util/logging/JavaConsole.java: added 
> ButClean
>     button. (updateModel) overlaoded with force attribute.

Seems generally okay. One thing:

> +        if ( arg!= null && arg instanceof Boolean && ((Boolean)arg).booleanValue()) {

"arg instanceof Boolean" will already give false if arg == null, so the 
arg != null check isn't really necessary. But you can keep it if you 
find it more readable leaving it in place.

Thanks,

-- 
Andrew A


From jvanek at redhat.com  Tue Mar 11 14:14:06 2014
From: jvanek at redhat.com (Jiri Vanek)
Date: Tue, 11 Mar 2014 15:14:06 +0100
Subject: [rfc][icedtea-web] localised new console
Message-ID: <531F1A2E.2090800@redhat.com>

With small tweek ala doing rawdata final, and renaming of testing console to cconsole tonot hide an field...
Long prommised localisable console...


:(

J.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: consoleTweekAndTransaltion.patch
Type: text/x-patch
Size: 13514 bytes
Desc: not available
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140311/2e5c91bd/consoleTweekAndTransaltion-0001.patch>

From aazores at redhat.com  Tue Mar 11 14:24:02 2014
From: aazores at redhat.com (Andrew Azores)
Date: Tue, 11 Mar 2014 10:24:02 -0400
Subject: [rfc][icedtea-web] localised new console
In-Reply-To: <531F1A2E.2090800@redhat.com>
References: <531F1A2E.2090800@redhat.com>
Message-ID: <531F1C82.2000700@redhat.com>

On 03/11/2014 10:14 AM, Jiri Vanek wrote:
> With small tweek ala doing rawdata final, and renaming of testing 
> console to cconsole tonot hide an field...
> Long prommised localisable console...
>
>
> :(
>
> J.

Assuming all the replaced messages match up properly, looks good.

Style comment: Why use Translator.R instead of doing import static so 
you can call it simply as R?

Thanks,

-- 
Andrew A


From jvanek at icedtea.classpath.org  Tue Mar 11 17:06:57 2014
From: jvanek at icedtea.classpath.org (jvanek at icedtea.classpath.org)
Date: Tue, 11 Mar 2014 17:06:57 +0000
Subject: /hg/icedtea-web: 2 new changesets
Message-ID: <hg.7487d725b294.1394557617.8643924302249223276@icedtea.classpath.org>

changeset 7487d725b294 in /hg/icedtea-web
details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=7487d725b294
author: Jiri Vanek <jvanek at redhat.com>
date: Tue Mar 11 12:24:46 2014 +0100

	Implemented Permissions manifest entry handling.


changeset f0ffdf45c4dc in /hg/icedtea-web
details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=f0ffdf45c4dc
author: Jiri Vanek <jvanek at redhat.com>
date: Tue Mar 11 12:26:10 2014 +0100

	netx/policyeditor.1: Mentioned that it is more GUI then commandline tool


diffstat:

 ChangeLog                                                                        |   29 +
 NEWS                                                                             |    2 +-
 netx/net/sourceforge/jnlp/JNLPFile.java                                          |   45 ++-
 netx/net/sourceforge/jnlp/resources/Messages.properties                          |   12 +
 netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java                           |   49 +++
 netx/net/sourceforge/jnlp/security/SecurityDialog.java                           |    3 +
 netx/net/sourceforge/jnlp/security/SecurityDialogs.java                          |   14 +
 netx/net/sourceforge/jnlp/security/dialogs/MissingPermissionsAttributePanel.java |  152 ++++++++++
 netx/net/sourceforge/jnlp/security/dialogs/SecurityDialogPanel.java              |    2 +-
 netx/policyeditor.1                                                              |    2 +-
 tests/netx/unit/net/sourceforge/jnlp/runtime/CodeBaseClassLoaderTest.java        |   20 +-
 tests/netx/unit/net/sourceforge/jnlp/runtime/JNLPFileTest.java                   |   50 ++-
 12 files changed, 351 insertions(+), 29 deletions(-)

diffs (truncated from 613 to 500 lines):

diff -r f58e426ca958 -r f0ffdf45c4dc ChangeLog
--- a/ChangeLog	Mon Mar 10 16:30:44 2014 -0400
+++ b/ChangeLog	Tue Mar 11 12:26:10 2014 +0100
@@ -1,3 +1,32 @@
+2014-03-11  Jiri Vanek  <jvanek at redhat.com>
+
+	* netx/policyeditor.1: Mentioned that it is more GUI then commandline tool
+
+2014-03-11  Jiri Vanek  <jvanek at redhat.com>
+
+	Implemented Permissions manifest entry handling.
+	* NEWS: mentioned Permissions attribute
+	* netx/net/sourceforge/jnlp/JNLPFile.java: new enum (ManifestBoolean) introduced
+	to replace true/false/null by TRUE/FALSE/UNDEFFINED. (isTrustedOnly), 
+	(isTrustedLibrary), (isSandboxForced) and (processBooleanAttribute) moved 
+	to use ManifestBoolean.
+	* netx/net/sourceforge/jnlp/resources/Messages.properties: Added (ButYes) (ButNo)
+	(MissingPermissionsMainTitle) and (MissingPermissionsInfo) keys
+	* netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java: is now checking
+	(checkPermissionsAttribute) in (init). Implemented new (checkPermissionsAttribute)
+	method to handle Permissions attribute
+	* netx/net/sourceforge/jnlp/security/SecurityDialog.java: can handle
+	(UNSIGNED_EAS_NO_PERMISSIONS_WARNING)
+	* netx/net/sourceforge/jnlp/security/SecurityDialogs.java: defined
+	(UNSIGNED_EAS_NO_PERMISSIONS_WARNING ) and (showMissingPermissionsAttributeDialogue)
+	* netx/net/sourceforge/jnlp/security/dialogs/MissingPermissionsAttributePanel.java:
+	new class, implementation of missing permissions attribute panel.
+	* netx/net/sourceforge/jnlp/security/dialogs/SecurityDialogPanel.java: changed 
+	(initialFocusComponent) from package private to descendant visible
+	*  tests/netx/unit/net/sourceforge/jnlp/runtime/CodeBaseClassLoaderTest.java: and
+	* tests/netx/unit/net/sourceforge/jnlp/runtime/JNLPFileTest.java: adapted to 
+	(ManifestBoolean) and to Permissions attribute handling at all.
+
 2014-03-10  Omair Majid  <omajid at redhat.com>
 
 	* netx/javaws.1,
diff -r f58e426ca958 -r f0ffdf45c4dc NEWS
--- a/NEWS	Mon Mar 10 16:30:44 2014 -0400
+++ b/NEWS	Tue Mar 11 12:26:10 2014 +0100
@@ -14,7 +14,7 @@
 * IcedTea-Web is now following XDG .config and .cache specification(RH947647)
 * A console for debugging plugin and javaws
 * Dialogs center on screen before becoming visible
-* Support for u45 and u51 new manifest attributes (Application-Name, Codebase)
+* Support for u45 and u51 new manifest attributes (Application-Name, Codebase, Permissions)
 * Custom applet permission policies panel in itweb-settings control panel
 * javaws -version flag
 * New PolicyEditor for easily adding/removing permissions to individual applets
diff -r f58e426ca958 -r f0ffdf45c4dc netx/net/sourceforge/jnlp/JNLPFile.java
--- a/netx/net/sourceforge/jnlp/JNLPFile.java	Mon Mar 10 16:30:44 2014 -0400
+++ b/netx/net/sourceforge/jnlp/JNLPFile.java	Tue Mar 11 12:26:10 2014 +0100
@@ -57,6 +57,10 @@
  * @version $Revision: 1.21 $
  */
 public class JNLPFile {
+
+    public static enum ManifestBoolean {
+        TRUE, FALSE, UNDEFINED;
+    }
    
 
     // todo: save the update policy, then if file was not updated
@@ -936,7 +940,7 @@
         /**
          * http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/manifest.html#trusted_only
          */
-        public Boolean isTrustedOnly() {
+        public ManifestBoolean isTrustedOnly() {
             return processBooleanAttribute(TRUSTED_ONLY);
 
         }
@@ -944,7 +948,7 @@
         /**
          * http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/manifest.html#trusted_library
          */
-        public Boolean isTrustedLibrary() {
+        public ManifestBoolean isTrustedLibrary() {
             return processBooleanAttribute(TRUSTED_LIBRARY);
 
         }
@@ -952,20 +956,35 @@
         /**
          * http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/manifest.html#permissions
          */
-        public Boolean isSandboxForced() {
+        public ManifestBoolean isSandboxForced() {
             String s = getAttribute(PERMISSIONS);
             if (s == null) {
-                return null;
+                return ManifestBoolean.UNDEFINED;
             } else if (s.trim().equalsIgnoreCase("sandbox")) {
-                return true;
+                return ManifestBoolean.TRUE;
             } else if (s.trim().equalsIgnoreCase("all-permissions")) {
-                return false;
+                return ManifestBoolean.FALSE;
             } else {
                 throw new IllegalArgumentException("Unknown value of " + PERMISSIONS + " attribute " + s + ". Expected sandbox or all-permissions");
             }
 
 
         }
+        /**
+         * http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/manifest.html#permissions
+         */
+        public String permissionsToString() {
+            String s = getAttribute(PERMISSIONS);
+            if (s == null) {
+                return "Not defined";
+            } else if (s.trim().equalsIgnoreCase("sandbox")) {
+                return s.trim();
+            } else if (s.trim().equalsIgnoreCase("all-permissions")) {
+                return s.trim();
+            } else {
+                return "illegal";
+            }
+        }
 
         /**
          * get custom attribute.
@@ -997,16 +1016,16 @@
             return ClasspathMatcher.ClasspathMatchers.compile(s);
         }
 
-        private Boolean processBooleanAttribute(String id) throws IllegalArgumentException {
+        private ManifestBoolean processBooleanAttribute(String id) throws IllegalArgumentException {
             String s = getAttribute(id);
             if (s == null) {
-                return null;
+                return ManifestBoolean.UNDEFINED;
             } else {
-                s = s.trim();
-                if (s.equalsIgnoreCase("true") || s.equalsIgnoreCase("false")) {
-                    //the Boolean is working like below, thats why the condition
-                    //return ((name != null) && name.equalsIgnoreCase("true"));
-                    return Boolean.parseBoolean(s);
+                s = s.toLowerCase().trim();
+                if (s.equals("true")) {
+                    return  ManifestBoolean.TRUE;
+                } else if (s.equals("false")) {
+                    return ManifestBoolean.FALSE;
                 } else {
                     throw new IllegalArgumentException("Unknown value of " + id + " attribute " + s + ". Expected true or false");
                 }
diff -r f58e426ca958 -r f0ffdf45c4dc netx/net/sourceforge/jnlp/resources/Messages.properties
--- a/netx/net/sourceforge/jnlp/resources/Messages.properties	Mon Mar 10 16:30:44 2014 -0400
+++ b/netx/net/sourceforge/jnlp/resources/Messages.properties	Tue Mar 11 12:26:10 2014 +0100
@@ -17,6 +17,8 @@
 ButDone=Done
 ButShowDetails=Show Details
 ButHideDetails=Hide Details
+ButYes=Yes
+ButNo=No
 
 CertWarnRunTip=Trust this applet and run with full permissions
 CertWarnSandboxTip=Do not trust this applet and run with restricted permissions
@@ -46,6 +48,16 @@
 AboutDialogueTabNews=News
 AboutDialogueTabGPLv2=GPLv2
 
+# missing permissions dialogue
+MissingPermissionsMainTitle=Application <span color='red'> {0} </span> \
+form codebase <span color='red'> {1} </span> is missing the permissions attribute. \
+Applications without this attribute should not be trusted. Do you wish to allow this application to run?
+MissingPermissionsInfo=For more information you can visit:<br/>\
+<a href="http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#permissions"> \
+http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#permissions</a> <br/> \
+and<br/> <a href="http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/no_redeploy.html"> \
+http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/no_redeploy.html</a>
+
 # LS - Severity
 LSMinor=Minor
 LSFatal=Fatal
diff -r f58e426ca958 -r f0ffdf45c4dc netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java
--- a/netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java	Mon Mar 10 16:30:44 2014 -0400
+++ b/netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java	Tue Mar 11 12:26:10 2014 +0100
@@ -15,6 +15,7 @@
 
 package net.sourceforge.jnlp.runtime;
 
+import net.sourceforge.jnlp.JNLPFile.ManifestBoolean;
 import static net.sourceforge.jnlp.runtime.Translator.R;
 
 import java.io.File;
@@ -289,6 +290,8 @@
         
         checkCodebaseAttribute();
         
+        checkPermissionsAttribute();
+        
         installShutdownHooks();
         
 
@@ -2442,6 +2445,52 @@
         }
 
     }
+    
+    /**
+     * http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#permissions
+     */
+    public void checkPermissionsAttribute() throws LaunchException {
+        final ManifestBoolean permissions = file.getManifestsAttributes().isSandboxForced();
+        AppletSecurityLevel level = AppletStartupSecuritySettings.getInstance().getSecurityLevel();
+        if (level == AppletSecurityLevel.ALLOW_UNSIGNED) {
+            OutputController.getLogger().log(OutputController.Level.WARNING_ALL, "Although 'permissions' attribute of this application is '" + file.getManifestsAttributes().permissionsToString() + "' Your Extended applets security is at 'low', continuing");
+            return;
+        }
+        switch (permissions) {
+            case UNDEFINED: {
+                if (level == AppletSecurityLevel.DENY_UNSIGNED) {
+                    throw new LaunchException("Your Extended applets security is at 'Very high', and this application is missing the 'permissions' attribute in manifest. This is fatal");
+                }
+                if (level == AppletSecurityLevel.ASK_UNSIGNED) {
+                    boolean a = SecurityDialogs.showMissingPermissionsAttributeDialogue(file.getTitle(), file.getCodeBase());
+                    if (!a) {
+                        throw new LaunchException("Your Extended applets security is at 'high' and  this applicationis missing the 'permissions' attribute in manifest. And you have refused to run it.");
+                    } else {
+                        OutputController.getLogger().log("Your Extended applets security is at 'high' and  this applicationis missing the 'permissions' attribute in manifest. And you have allowed to run it.");
+                    }
+                }
+                //default for missing is sandbox
+                if (!SecurityDesc.SANDBOX_PERMISSIONS.equals(security.getSecurityType())) {
+                    throw new LaunchException("The 'permissions' attribute is not specified, and application is requesting permissions. This is fatal");
+                }
+                break;
+            }
+            case TRUE: {
+                if (SecurityDesc.SANDBOX_PERMISSIONS.equals(security.getSecurityType())) {
+                    OutputController.getLogger().log("The permissions attribute of this application is " + file.getManifestsAttributes().permissionsToString() + "' and security is '" + security.getSecurityType() + "'. Thats correct");
+                } else {
+                    throw new LaunchException("The 'permissions' attribute is '" + file.getManifestsAttributes().permissionsToString() + "' but  security is '" + security.getSecurityType() + "'. This is fatal");
+                }
+            }
+            case FALSE: {
+                if (SecurityDesc.SANDBOX_PERMISSIONS.equals(security.getSecurityType())) {
+                    throw new LaunchException("The 'permissions' attribute is '" + file.getManifestsAttributes().permissionsToString() + "' but  security is' " + security.getSecurityType() + "'. This is fatal");
+                } else {
+                    OutputController.getLogger().log("The permissions attribute of this application is '" + file.getManifestsAttributes().permissionsToString() + "' and security is '" + security.getSecurityType() + "'. Thats correct");
+                }
+            }
+        }
+    }
 
     /*
      * Helper class to expose protected URLClassLoader methods.
diff -r f58e426ca958 -r f0ffdf45c4dc netx/net/sourceforge/jnlp/security/SecurityDialog.java
--- a/netx/net/sourceforge/jnlp/security/SecurityDialog.java	Mon Mar 10 16:30:44 2014 -0400
+++ b/netx/net/sourceforge/jnlp/security/SecurityDialog.java	Tue Mar 11 12:26:10 2014 +0100
@@ -37,6 +37,7 @@
 
 package net.sourceforge.jnlp.security;
 
+import net.sourceforge.jnlp.security.dialogs.MissingPermissionsAttributePanel;
 import net.sourceforge.jnlp.security.dialogs.AppletWarningPane;
 import net.sourceforge.jnlp.security.dialogs.AccessWarningPane;
 import net.sourceforge.jnlp.security.dialogs.NotAllSignedWarningPane;
@@ -317,6 +318,8 @@
             panel = new UnsignedAppletTrustWarningDialog(this, file);
         else if (dialogType == DialogType.AUTHENTICATION)
             panel = new PasswordAuthenticationPane(this, extras);
+        else if (dialogType == DialogType.UNSIGNED_EAS_NO_PERMISSIONS_WARNING)
+            panel = new MissingPermissionsAttributePanel(this, (String) extras[0], (String) extras[1]);
 
         add(panel, BorderLayout.CENTER);
     }
diff -r f58e426ca958 -r f0ffdf45c4dc netx/net/sourceforge/jnlp/security/SecurityDialogs.java
--- a/netx/net/sourceforge/jnlp/security/SecurityDialogs.java	Mon Mar 10 16:30:44 2014 -0400
+++ b/netx/net/sourceforge/jnlp/security/SecurityDialogs.java	Tue Mar 11 12:26:10 2014 +0100
@@ -41,6 +41,7 @@
 import java.awt.event.WindowAdapter;
 import java.awt.event.WindowEvent;
 import java.net.NetPermission;
+import java.net.URL;
 import java.security.AccessController;
 import java.security.PrivilegedAction;
 import java.util.concurrent.Semaphore;
@@ -79,6 +80,7 @@
         UNSIGNED_WARNING,   /* requires confirmation with 'high-security' setting */
         APPLET_WARNING,
         AUTHENTICATION,
+        UNSIGNED_EAS_NO_PERMISSIONS_WARNING   /* when Extended applet security is at High Security and no permission attribute is find, */
     }
 
     /** The types of access which may need user permission. */
@@ -286,6 +288,18 @@
         }
     }
 
+     public static boolean showMissingPermissionsAttributeDialogue(String title, URL codeBase) {
+
+         if (!shouldPromptUser()) {
+             return false;
+         }
+
+         SecurityDialogMessage message = new SecurityDialogMessage();
+         message.dialogType = DialogType.UNSIGNED_EAS_NO_PERMISSIONS_WARNING;
+         message.extras = new Object[]{title, codeBase.toExternalForm()};
+         Object selectedValue = getUserResponse(message);
+         return SecurityDialogs.getIntegerResponseAsBoolean(selectedValue);
+    }
     /**
      * Posts the message to the SecurityThread and gets the response. Blocks
      * until a response has been recieved. It's safe to call this from an
diff -r f58e426ca958 -r f0ffdf45c4dc netx/net/sourceforge/jnlp/security/dialogs/MissingPermissionsAttributePanel.java
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/netx/net/sourceforge/jnlp/security/dialogs/MissingPermissionsAttributePanel.java	Tue Mar 11 12:26:10 2014 +0100
@@ -0,0 +1,152 @@
+/* AppletWarningPane.java
+ Copyright (C) 2008 Red Hat, Inc.
+
+ This file is part of IcedTea.
+
+ IcedTea is free software; you can redistribute it and/or
+ modify it under the terms of the GNU General Public License as published by
+ the Free Software Foundation, version 2.
+
+ IcedTea is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with IcedTea; see the file COPYING.  If not, write to
+ the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ 02110-1301 USA.
+
+ Linking this library statically or dynamically with other modules is
+ making a combined work based on this library.  Thus, the terms and
+ conditions of the GNU General Public License cover the whole
+ combination.
+
+ As a special exception, the copyright holders of this library give you
+ permission to link this library with independent modules to produce an
+ executable, regardless of the license terms of these independent
+ modules, and to copy and distribute the resulting executable under
+ terms of your choice, provided that you also meet, for each linked
+ independent module, the terms and conditions of the license of that
+ module.  An independent module is a module which is not derived from
+ or based on this library.  If you modify this library, you may extend
+ this exception to your version of the library, but you are not
+ obligated to do so.  If you do not wish to do so, delete this
+ exception statement from your version.
+ */
+package net.sourceforge.jnlp.security.dialogs;
+
+import java.awt.BorderLayout;
+import java.awt.Color;
+import java.awt.Desktop;
+import java.awt.Dimension;
+import java.awt.FlowLayout;
+import java.awt.Font;
+import java.awt.Image;
+import java.io.IOException;
+import java.net.URISyntaxException;
+import java.net.URL;
+import javax.imageio.ImageIO;
+
+import javax.swing.BorderFactory;
+import javax.swing.BoxLayout;
+import javax.swing.ImageIcon;
+import javax.swing.JButton;
+import javax.swing.JEditorPane;
+import javax.swing.JFrame;
+import javax.swing.JLabel;
+import javax.swing.JPanel;
+import javax.swing.SwingConstants;
+import javax.swing.event.HyperlinkEvent;
+import javax.swing.event.HyperlinkListener;
+import net.sourceforge.jnlp.runtime.Translator;
+import net.sourceforge.jnlp.security.SecurityDialog;
+import net.sourceforge.jnlp.util.logging.OutputController;
+
+public class MissingPermissionsAttributePanel extends SecurityDialogPanel {
+
+    public MissingPermissionsAttributePanel(SecurityDialog x, String title, String codebase) {
+        super(x);
+        try {
+            addComponents(title, codebase);
+        } catch (Exception ex) {
+            throw new RuntimeException(ex);
+        }
+        if (x != null) {
+            x.setMinimumSize(new Dimension(400, 300));
+        }
+    }
+
+    protected final void addComponents(String title, String codebase) throws IOException {
+
+        URL imgUrl = this.getClass().getResource("/net/sourceforge/jnlp/resources/warning.png");
+        ImageIcon icon = null;
+        Image img = ImageIO.read(imgUrl);
+        icon = new ImageIcon(img);
+        String topLabelText = Translator.R("MissingPermissionsMainTitle", title, codebase);
+        String bottomLabelText = Translator.R("MissingPermissionsInfo");
+
+        JLabel topLabel = new JLabel(htmlWrap(topLabelText), icon, SwingConstants.CENTER);
+        topLabel.setFont(new Font(topLabel.getFont().toString(),
+                Font.BOLD, 12));
+        JPanel topPanel = new JPanel(new BorderLayout());
+        topPanel.setBackground(Color.WHITE);
+        topPanel.add(topLabel, BorderLayout.CENTER);
+        topPanel.setPreferredSize(new Dimension(400, 80));
+        topPanel.setBorder(BorderFactory.createEmptyBorder(10, 10, 10, 10));
+
+        JEditorPane bottomLabel = new JEditorPane("text/html", htmlWrap(bottomLabelText));
+        bottomLabel.setEditable(false);
+        bottomLabel.addHyperlinkListener(new HyperlinkListener() {
+            @Override
+            public void hyperlinkUpdate(HyperlinkEvent e) {
+                try {
+                    if (e.getEventType() == HyperlinkEvent.EventType.ACTIVATED) {
+                        Desktop.getDesktop().browse(e.getURL().toURI());
+                    }
+                } catch (IOException ex) {
+                    OutputController.getLogger().log(ex);
+                } catch (URISyntaxException ex) {
+                    OutputController.getLogger().log(ex);
+                }
+            }
+        });
+        JPanel infoPanel = new JPanel(new BorderLayout());
+        infoPanel.add(bottomLabel, BorderLayout.CENTER);
+        infoPanel.setPreferredSize(new Dimension(400, 80));
+        infoPanel.setBorder(BorderFactory.createEmptyBorder(10, 10, 10, 10));
+        bottomLabel.setBackground(infoPanel.getBackground());
+
+        //run and cancel buttons
+        JPanel buttonPanel = new JPanel(new FlowLayout(FlowLayout.RIGHT));
+
+        JButton yes = new JButton(Translator.R("ButYes"));
+        JButton no = new JButton(Translator.R("ButNo"));
+        int buttonWidth = yes.getMinimumSize().width;
+        int buttonHeight = yes.getMinimumSize().height;
+        Dimension d = new Dimension(buttonWidth, buttonHeight);
+        yes.setPreferredSize(d);
+        no.setPreferredSize(d);
+        yes.addActionListener(createSetValueListener(parent, 0));
+        no.addActionListener(createSetValueListener(parent, 1));
+        initialFocusComponent = no;
+        buttonPanel.add(yes);
+        buttonPanel.add(no);
+        buttonPanel.setBorder(BorderFactory.createEmptyBorder(10, 10, 10, 10));
+        //all of the above
+        setLayout(new BoxLayout(this, BoxLayout.Y_AXIS));
+        add(topPanel);
+        add(infoPanel);
+        add(buttonPanel);
+
+    }
+
+    public static void main(String[] args) {
+        MissingPermissionsAttributePanel w = new MissingPermissionsAttributePanel(null, "HelloWorld", "http://nbblah.url");
+        JFrame f = new JFrame();
+        f.setSize(400, 300);
+        f.add(w, BorderLayout.CENTER);
+        f.setDefaultCloseOperation(JFrame.EXIT_ON_CLOSE);
+        f.setVisible(true);
+    }
+}
diff -r f58e426ca958 -r f0ffdf45c4dc netx/net/sourceforge/jnlp/security/dialogs/SecurityDialogPanel.java
--- a/netx/net/sourceforge/jnlp/security/dialogs/SecurityDialogPanel.java	Mon Mar 10 16:30:44 2014 -0400
+++ b/netx/net/sourceforge/jnlp/security/dialogs/SecurityDialogPanel.java	Tue Mar 11 12:26:10 2014 +0100
@@ -53,7 +53,7 @@
 
     protected SecurityDialog parent;
 
-    JComponent initialFocusComponent = null;
+    protected JComponent initialFocusComponent = null;
 
     CertVerifier certVerifier = null;
 
diff -r f58e426ca958 -r f0ffdf45c4dc netx/policyeditor.1
--- a/netx/policyeditor.1	Mon Mar 10 16:30:44 2014 -0400
+++ b/netx/policyeditor.1	Tue Mar 11 12:26:10 2014 +0100
@@ -14,7 +14,7 @@
 policy_file
 .SH DESCRIPTION
 .B policyeditor
-is a command line program to view and edit applet security policy settings
+is a GUI application with small command line support to view and edit applet security policy settings
 used by the icedtea-web implementation of
 .B javaws
 and the browser plugin. It is intended as a simpler, easier to use, and more
diff -r f58e426ca958 -r f0ffdf45c4dc tests/netx/unit/net/sourceforge/jnlp/runtime/CodeBaseClassLoaderTest.java
--- a/tests/netx/unit/net/sourceforge/jnlp/runtime/CodeBaseClassLoaderTest.java	Mon Mar 10 16:30:44 2014 -0400
+++ b/tests/netx/unit/net/sourceforge/jnlp/runtime/CodeBaseClassLoaderTest.java	Tue Mar 11 12:26:10 2014 +0100
@@ -53,12 +53,30 @@
 import net.sourceforge.jnlp.runtime.JNLPClassLoader.CodeBaseClassLoader;
 import net.sourceforge.jnlp.annotations.Bug;
 import net.sourceforge.jnlp.annotations.Remote;
+import net.sourceforge.jnlp.config.DeploymentConfiguration;
+import net.sourceforge.jnlp.security.appletextendedsecurity.AppletSecurityLevel;
+import net.sourceforge.jnlp.security.appletextendedsecurity.AppletStartupSecuritySettings;
+import net.sourceforge.jnlp.util.logging.NoStdOutErrTest;
 import org.junit.AfterClass;
 import org.junit.Assert;
+import org.junit.BeforeClass;
 
 import org.junit.Test;

From aazores at redhat.com  Tue Mar 11 17:07:01 2014
From: aazores at redhat.com (Andrew Azores)
Date: Tue, 11 Mar 2014 13:07:01 -0400
Subject: [rfc][icedtea-web][policyeditor] Wrong permission target for tmpdir
Message-ID: <531F42B5.9070106@redhat.com>

Hi,

The system property for tmpdir (eg /tmp) is java.io.tmpdir, not simply 
io.tmpdir as PolicyEditor had it. Just fixing this.

Thanks,

Thanks,

-- 
Andrew A

-------------- next part --------------
A non-text attachment was scrubbed...
Name: policyeditor-io-tmpdir.patch
Type: text/x-patch
Size: 576 bytes
Desc: not available
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140311/670c4e0f/policyeditor-io-tmpdir-0001.patch>

From aazores at redhat.com  Tue Mar 11 17:24:13 2014
From: aazores at redhat.com (Andrew Azores)
Date: Tue, 11 Mar 2014 13:24:13 -0400
Subject: [rfc][icedtea-web][policyeditor] Duplicate visual codebases
Message-ID: <531F46BD.2040204@redhat.com>

Hi,

PolicyEditor already guards against having multiple entries for the same 
codebase in its permission maps, but there's a bug that still allows the 
left side list view to display multiple of the same codebase. This patch 
fixes it so that duplicate codebases really can't be added.

Thanks,

-- 
Andrew A

-------------- next part --------------
A non-text attachment was scrubbed...
Name: policyeditor-duplicate-codebase.patch
Type: text/x-patch
Size: 2114 bytes
Desc: not available
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140311/348f5e2e/policyeditor-duplicate-codebase.patch>

From jvanek at redhat.com  Tue Mar 11 17:32:48 2014
From: jvanek at redhat.com (Jiri Vanek)
Date: Tue, 11 Mar 2014 18:32:48 +0100
Subject: [rfc][icedtea-web] localised new console
In-Reply-To: <531F1C82.2000700@redhat.com>
References: <531F1A2E.2090800@redhat.com> <531F1C82.2000700@redhat.com>
Message-ID: <531F48C0.6050903@redhat.com>

On 03/11/2014 03:24 PM, Andrew Azores wrote:
> On 03/11/2014 10:14 AM, Jiri Vanek wrote:
>> With small tweek ala doing rawdata final, and renaming of testing console to cconsole tonot hide an field...
>> Long prommised localisable console...
>>
>>
>> :(
>>
>> J.
>
> Assuming all the replaced messages match up properly, looks good.
>
> Style comment: Why use Translator.R instead of doing import static so you can call it simply as R?

In case of our "R"  I dont liek static import. It is hard for me to see it.

Thanx for quick check. Pushed.
>
> Thanks,
>


From jvanek at icedtea.classpath.org  Tue Mar 11 17:29:56 2014
From: jvanek at icedtea.classpath.org (jvanek at icedtea.classpath.org)
Date: Tue, 11 Mar 2014 17:29:56 +0000
Subject: /hg/icedtea-web: 2 new changesets
Message-ID: <hg.7467c864c3c2.1394558996.8643924302249223276@icedtea.classpath.org>

changeset 7467c864c3c2 in /hg/icedtea-web
details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=7467c864c3c2
author: Jiri Vanek <jvanek at redhat.com>
date: Tue Mar 11 18:30:34 2014 +0100

	Added clean button for Java Console


changeset 4d2b8cbf5259 in /hg/icedtea-web
details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=4d2b8cbf5259
author: Jiri Vanek <jvanek at redhat.com>
date: Tue Mar 11 18:37:55 2014 +0100

	New java console made localizable


diffstat:

 ChangeLog                                                     |   19 +
 netx/net/sourceforge/jnlp/resources/Messages.properties       |   44 ++++
 netx/net/sourceforge/jnlp/util/logging/ConsoleOutputPane.java |  110 +++++----
 netx/net/sourceforge/jnlp/util/logging/JavaConsole.java       |   30 ++-
 4 files changed, 149 insertions(+), 54 deletions(-)

diffs (433 lines):

diff -r f0ffdf45c4dc -r 4d2b8cbf5259 ChangeLog
--- a/ChangeLog	Tue Mar 11 12:26:10 2014 +0100
+++ b/ChangeLog	Tue Mar 11 18:37:55 2014 +0100
@@ -1,3 +1,22 @@
+2014-03-11  Jiri Vanek  <jvanek at redhat.com>
+
+	New java console made localizable.
+	*netx/net/sourceforge/jnlp/resources/Messages.properties: added new family of
+	keys (COP) for new console
+	*netx/net/sourceforge/jnlp/util/logging/ConsoleOutputPane.java: where reasonable, 
+	strings replaced by records in properties.
+	* netx/net/sourceforge/jnlp/util/logging/JavaConsole.java: (rawData) and
+	(outputs) made final.
+
+2014-03-11  Jiri Vanek  <jvanek at redhat.com>
+
+	* netx/net/sourceforge/jnlp/resources/Messages.properties: added (CONSOLEClean)
+	key for new button
+	* netx/net/sourceforge/jnlp/util/logging/ConsoleOutputPane.java: (update)
+	method enhanced for possibility to force refresh
+	* netx/net/sourceforge/jnlp/util/logging/JavaConsole.java: added ButClean
+	button. (updateModel) overlaoded with force attribute.
+
 2014-03-11  Jiri Vanek  <jvanek at redhat.com>
 
 	* netx/policyeditor.1: Mentioned that it is more GUI then commandline tool
diff -r f0ffdf45c4dc -r 4d2b8cbf5259 netx/net/sourceforge/jnlp/resources/Messages.properties
--- a/netx/net/sourceforge/jnlp/resources/Messages.properties	Tue Mar 11 12:26:10 2014 +0100
+++ b/netx/net/sourceforge/jnlp/resources/Messages.properties	Tue Mar 11 18:37:55 2014 +0100
@@ -551,6 +551,50 @@
 CONSOLEmemoryMax = Max Memory
 CONSOLEmemoryTotal = Total Memory
 CONSOLEmemoryFree = Free Memory
+CONSOLEClean=Clean all
+
+#console output pane labels
+COPsortCopyAllDate=sort copy all by date
+COPshowHeaders=Show headers:
+COPuser=user
+COPorigin=origin
+COPlevel=level
+COPdate=date
+COPthread1=thread 1
+COPthread2=thread 2
+COPShowMessages=Show messages
+COPstdOut=std. Out
+COPstdErr=std. Err
+COPjava=java
+COPplugin=plugin
+COPpreInit=pre-init
+COPpluginOnly=plugin only
+COPSortBy=Sort by
+COPregex=Regular expression filter
+COPAsArrived=As arrived (no sort)
+COPcode=code
+COPmessage=message
+COPSearch=Search
+COPautoRefresh=auto refresh
+COPrefresh=refresh
+COPApply=Apply
+COPmark=mark
+COPCopyAllPlain=Copy all (plain)
+COPCopyAllRich=Copy all (rich)
+COPnext=next>>>
+COPprevious=<<<previous
+COPcaseSensitive=case sensitive
+COPincomplete=incomplete
+COPhighlight=highlight
+COPwordWrap=word wrap
+COPdebug=debug
+COPinfo=info
+COPcode=code
+COPpostInit=post-init
+COPcomplete=complete
+COPmatch=match
+COPnot=not
+COPrevert=revert
 
 # Control Panel - DesktopShortcutPanel
 DSPNeverCreate=Never create
diff -r f0ffdf45c4dc -r 4d2b8cbf5259 netx/net/sourceforge/jnlp/util/logging/ConsoleOutputPane.java
--- a/netx/net/sourceforge/jnlp/util/logging/ConsoleOutputPane.java	Tue Mar 11 12:26:10 2014 +0100
+++ b/netx/net/sourceforge/jnlp/util/logging/ConsoleOutputPane.java	Tue Mar 11 18:37:55 2014 +0100
@@ -27,12 +27,21 @@
 import javax.swing.text.PlainDocument;
 import javax.swing.text.html.HTMLDocument;
 import net.sourceforge.jnlp.runtime.JNLPRuntime;
+import net.sourceforge.jnlp.runtime.Translator;
 import net.sourceforge.jnlp.util.logging.headers.ObservableMessagesProvider;
 
 public class ConsoleOutputPane extends javax.swing.JPanel implements Observer {
 
     @Override
     public synchronized void update(Observable o, Object arg) {
+        boolean force = false;
+        if ( arg!= null && arg instanceof Boolean && ((Boolean)arg).booleanValue()) {
+            force = true;
+        }
+        if (force){
+             refreshPane();
+             return;
+        }
         if (!autorefresh.isSelected()) {
             statistics.setText(model.createStatisticHint());
             return;
@@ -288,79 +297,88 @@
         showHide = new javax.swing.JButton();
 
         sortCopyAll.setSelected(true);
-        sortCopyAll.setText("sort copy all by date");
+        sortCopyAll.setText(Translator.R("COPsortCopyAllDate"));
         sortCopyAll.setToolTipText("The sort by date is a bit more time consuming, but most natural for posting purposes");
         
         showHeaders.setSelected(true);
-        showHeaders.setText("Show headers:");
+        showHeaders.setText(Translator.R("COPshowHeaders"));
         showHeaders.addActionListener(getDefaultActionSingleton());
 
         showUser.setSelected(true);
-        showUser.setText("user");
+        showUser.setText(Translator.R("COPuser"));
         showUser.addActionListener(getDefaultActionSingleton());
 
         showOrigin.setSelected(true);
-        showOrigin.setText("origin");
+        showOrigin.setText(Translator.R("COPorigin"));
         showOrigin.addActionListener(getDefaultActionSingleton());
 
         showLevel.setSelected(true);
-        showLevel.setText("level");
+        showLevel.setText(Translator.R("COPlevel"));
         showLevel.addActionListener(getDefaultActionSingleton());
 
         showDate.setSelected(true);
-        showDate.setText("date");
+        showDate.setText(Translator.R("COPdate"));
         showDate.addActionListener(getDefaultActionSingleton());
 
         showThread1.setSelected(true);
-        showThread1.setText("thread 1");
+        showThread1.setText(Translator.R("COPthread1"));
         showThread1.addActionListener(getDefaultActionSingleton());
 
         showThread2.setSelected(true);
-        showThread2.setText("thread 2");
+        showThread2.setText(Translator.R("COPthread2"));
         showThread2.addActionListener(getDefaultActionSingleton());
 
         showMessage.setSelected(true);
-        showMessage.setText("Show messages");
+        showMessage.setText(Translator.R("COPShowMessages"));
         showMessage.addActionListener(getDefaultActionSingleton());
 
         showOut.setSelected(true);
-        showOut.setText("std. Out");
+        showOut.setText(Translator.R("COPstdOut"));
         showOut.addActionListener(getDefaultActionSingleton());
 
         showErr.setSelected(true);
-        showErr.setText("std. Err");
+        showErr.setText(Translator.R("COPstdErr"));
         showErr.addActionListener(getDefaultActionSingleton());
 
         showJava.setSelected(true);
-        showJava.setText("java");
+        showJava.setText(Translator.R("COPjava"));
         showJava.addActionListener(getDefaultActionSingleton());
 
         showPlugin.setSelected(true);
-        showPlugin.setText("plugin");
+        showPlugin.setText(Translator.R("COPplugin"));
         showPlugin.addActionListener(getDefaultActionSingleton());
 
         showPreInit.setSelected(true);
-        showPreInit.setText("pre-init");
-        showPreInit.setToolTipText("plugin only");
+        showPreInit.setText(Translator.R("COPpreInit"));
+        showPreInit.setToolTipText(Translator.R("COPpluginOnly"));
         showPreInit.addActionListener(getDefaultActionSingleton());
 
-        sortByLabel.setText("Sort by:");
+        sortByLabel.setText(Translator.R("COPSortBy") + ":");
 
-        regExLabel.setText("Regular expression filter:");
+        regExLabel.setText(Translator.R("COPregex") + ":");
         regExLabel.addActionListener(getDefaultActionSingleton());
 
-        sortBy.setModel(new javax.swing.DefaultComboBoxModel(new String[]{"As arrived (no sort)", "user", "origin", "level", "date", "code", "thread1", "thread2", "message"}));
+        sortBy.setModel(new javax.swing.DefaultComboBoxModel(new String[]{
+            Translator.R("COPAsArrived"),
+            Translator.R("COPuser"),
+            Translator.R("COPorigin"),
+            Translator.R("COPlevel"),
+            Translator.R("COPdate"),
+            Translator.R("COPcode"),
+            Translator.R("COPthread1"),
+            Translator.R("COPthread2"),
+            Translator.R("COPmessage")}));
         sortBy.addActionListener(getDefaultActionSingleton());
 
-        searchLabel.setText("Search:");
+        searchLabel.setText(Translator.R("COPSearch") + ":");
 
         autorefresh.setSelected(true);
-        autorefresh.setText("auto refresh");
+        autorefresh.setText(Translator.R("COPautoRefresh"));
 
-        refresh.setText("refresh");
+        refresh.setText(Translator.R("COPrefresh"));
         refresh.addActionListener(getDefaultActionSingleton());
 
-        apply.setText("Apply");
+        apply.setText(Translator.R("COPApply"));
         apply.addActionListener(new java.awt.event.ActionListener() {
 
             @Override
@@ -372,7 +390,7 @@
 
         regExFilter.setText(".*");
 
-        copyPlain.setText("Copy all (plain)");
+        copyPlain.setText(Translator.R("COPCopyAllPlain"));
         copyPlain.addActionListener(new java.awt.event.ActionListener() {
 
             @Override
@@ -381,7 +399,7 @@
             }
         });
 
-        copyRich.setText("Copy all (rich)");
+        copyRich.setText(Translator.R("COPCopyAllRich"));
         copyRich.addActionListener(new java.awt.event.ActionListener() {
 
             @Override
@@ -390,7 +408,7 @@
             }
         });
 
-        next.setText("next>>>");
+        next.setText(Translator.R("COPnext"));
         next.addActionListener(new java.awt.event.ActionListener() {
 
             @Override
@@ -399,7 +417,7 @@
             }
         });
 
-        previous.setText("<<<previous");
+        previous.setText(Translator.R("COPprevious"));
         previous.addActionListener(new java.awt.event.ActionListener() {
 
             @Override
@@ -408,56 +426,56 @@
             }
         });
 
-        caseSensitive.setText("case sensitive");
+        caseSensitive.setText(Translator.R("COPcaseSensitive"));
 
         showIncomplete.setSelected(true);
-        showIncomplete.setText("incomplete");
-        showIncomplete.setToolTipText("plugin only");
+        showIncomplete.setText(Translator.R("COPincomplete"));
+        showIncomplete.setToolTipText(Translator.R("COPpluginOnly"));
         showIncomplete.addActionListener(getDefaultActionSingleton());
 
         highLight.setSelected(true);
-        highLight.setText("highlight");
+        highLight.setText(Translator.R("COPhighlight"));
         highLight.addActionListener(getDefaultActionSingleton());
 
-        wordWrap.setText("word wrap");
+        wordWrap.setText(Translator.R("COPwordWrap"));
         wordWrap.addActionListener(getDefaultActionSingleton());
 
         showDebug.setSelected(true);
-        showDebug.setText("debug");
+        showDebug.setText(Translator.R("COPdebug"));
         showDebug.addActionListener(getDefaultActionSingleton());
 
         showInfo.setSelected(true);
-        showInfo.setText("info");
+        showInfo.setText(Translator.R("COPinfo"));
         showInfo.addActionListener(getDefaultActionSingleton());
 
         showCode.setSelected(true);
-        showCode.setText("code");
+        showCode.setText(Translator.R("COPcode"));
         showCode.addActionListener(getDefaultActionSingleton());
 
         statistics.setText("x/y");
 
         showPostInit.setSelected(true);
-        showPostInit.setText("post-init");
-        showPostInit.setToolTipText("plugin only");
+        showPostInit.setText(Translator.R("COPpostInit"));
+        showPostInit.setToolTipText(Translator.R("COPpluginOnly"));
         showPostInit.addActionListener(getDefaultActionSingleton());
 
         showComplete.setSelected(true);
-        showComplete.setText("complete");
-        showComplete.setToolTipText("plugin only");
+        showComplete.setText(Translator.R("COPcomplete"));
+        showComplete.setToolTipText(Translator.R("COPpluginOnly"));
         showComplete.addActionListener(getDefaultActionSingleton());
 
         match.setSelected(true);
-        match.setText("match");
+        match.setText(Translator.R("COPmatch"));
         match.addActionListener(getDefaultActionSingleton());
 
-        notMatch.setText("not");
+        notMatch.setText(Translator.R("COPnot"));
         notMatch.addActionListener(getDefaultActionSingleton());
 
         revertSort.setSelected(true);
-        revertSort.setText("revert");
+        revertSort.setText(Translator.R("COPrevert"));
         revertSort.addActionListener(getDefaultActionSingleton());
 
-        mark.setText("mark");
+        mark.setText(Translator.R("COPmark"));
         mark.addActionListener(new java.awt.event.ActionListener() {
 
             @Override
@@ -586,7 +604,7 @@
         jEditorPane1.setEditable(false);
         jScrollPane1.setViewportView(jEditorPane1);
 
-        showHide.setText("Hide");
+        showHide.setText(Translator.R("ButHideDetails"));
         showHide.addActionListener(new java.awt.event.ActionListener() {
 
             @Override
@@ -718,7 +736,7 @@
                             highlightPainter);
                 }
             }
-            mark.setText("mark (" + matches + ")");
+            mark.setText(Translator.R("COPmark") + "(" + matches + ")");
         } catch (BadLocationException ex) {
             OutputController.getLogger().log(ex);
         }
@@ -781,10 +799,10 @@
     private void showHideActionPerformed(java.awt.event.ActionEvent evt) {
         if (jPanel2.isVisible()) {
             jPanel2.setVisible(false);
-            showHide.setText("Show controls");
+            showHide.setText(Translator.R("ButShowDetails"));
         } else {
             jPanel2.setVisible(true);
-            showHide.setText("Hide");
+            showHide.setText(Translator.R("ButHideDetails"));
         }
     }
 
diff -r f0ffdf45c4dc -r 4d2b8cbf5259 netx/net/sourceforge/jnlp/util/logging/JavaConsole.java
--- a/netx/net/sourceforge/jnlp/util/logging/JavaConsole.java	Tue Mar 11 12:26:10 2014 +0100
+++ b/netx/net/sourceforge/jnlp/util/logging/JavaConsole.java	Tue Mar 11 18:37:55 2014 +0100
@@ -76,8 +76,6 @@
 import net.sourceforge.jnlp.config.DeploymentConfiguration;
 import net.sourceforge.jnlp.runtime.JNLPRuntime;
 import net.sourceforge.jnlp.util.ImageResources;
-import net.sourceforge.jnlp.util.logging.headers.Header;
-import net.sourceforge.jnlp.util.logging.headers.JavaMessage;
 import net.sourceforge.jnlp.util.logging.headers.MessageWithHeader;
 import net.sourceforge.jnlp.util.logging.headers.ObservableMessagesProvider;
 import net.sourceforge.jnlp.util.logging.headers.PluginMessage;
@@ -88,8 +86,8 @@
  */
 public class JavaConsole implements ObservableMessagesProvider {
 
-    private List<MessageWithHeader> rawData = Collections.synchronizedList(new ArrayList<MessageWithHeader>());
-    private List<ConsoleOutputPane> outputs = new ArrayList<ConsoleOutputPane>();
+    final private List<MessageWithHeader> rawData = Collections.synchronizedList(new ArrayList<MessageWithHeader>());
+    final private List<ConsoleOutputPane> outputs = new ArrayList<ConsoleOutputPane>();
 
     private void refreshOutputs() {
         refreshOutputs(outputsPanel, (Integer)numberOfOutputs.getValue());
@@ -354,6 +352,19 @@
             }
         });
 
+        JButton cleanButton = new JButton(R("CONSOLEClean"));
+        buttonPanel.add(cleanButton);
+        cleanButton.addActionListener(new ActionListener() {
+
+            @Override
+            public void actionPerformed(ActionEvent e) {
+                synchronized (rawData){
+                    rawData.clear();
+                    updateModel(true);
+                }
+            }
+        });
+
         initialized = true;
     }
 
@@ -463,7 +474,7 @@
 
     public static void main(String[] args) {
 
-        final JavaConsole console = new JavaConsole();
+        final JavaConsole cconsole = new JavaConsole();
 
         boolean toShowConsole = true;
 
@@ -474,7 +485,7 @@
         }
 
         if (toShowConsole) {
-            console.showConsoleLater();
+            cconsole.showConsoleLater();
         }
 
     }
@@ -484,10 +495,13 @@
         rawData.add(m);
         updateModel();
     }
-    
+
     private synchronized void updateModel() {
+        updateModel(null);
+    }
+    private synchronized void updateModel(Boolean force) {
         observable.setChanged();
-        observable.notifyObservers();
+        observable.notifyObservers(force);
     }
 
 

From jvanek at redhat.com  Tue Mar 11 17:38:56 2014
From: jvanek at redhat.com (Jiri Vanek)
Date: Tue, 11 Mar 2014 18:38:56 +0100
Subject: [rfc][icedtea-web][policyeditor] Wrong permission target for
	tmpdir
In-Reply-To: <531F42B5.9070106@redhat.com>
References: <531F42B5.9070106@redhat.com>
Message-ID: <531F4A30.6020900@redhat.com>

On 03/11/2014 06:07 PM, Andrew Azores wrote:
> Hi,
>
> The system property for tmpdir (eg /tmp) is java.io.tmpdir, not simply io.tmpdir as PolicyEditor had it. Just fixing this.
>
> Thanks,
>
> Thanks,
>

go on. Thanx.

From aazores at icedtea.classpath.org  Tue Mar 11 17:59:18 2014
From: aazores at icedtea.classpath.org (aazores at icedtea.classpath.org)
Date: Tue, 11 Mar 2014 17:59:18 +0000
Subject: /hg/icedtea-web: Fixed PolicyEditor tmpdir permission property v...
Message-ID: <hg.db8627ef75f2.1394560758.8643924302249223276@icedtea.classpath.org>

changeset db8627ef75f2 in /hg/icedtea-web
details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=db8627ef75f2
author: Andrew Azores <aazores at redhat.com>
date: Tue Mar 11 13:59:10 2014 -0400

	Fixed PolicyEditor tmpdir permission property value


diffstat:

 ChangeLog                                                             |  5 +++++
 netx/net/sourceforge/jnlp/security/policyeditor/PermissionTarget.java |  2 +-
 2 files changed, 6 insertions(+), 1 deletions(-)

diffs (24 lines):

diff -r 4d2b8cbf5259 -r db8627ef75f2 ChangeLog
--- a/ChangeLog	Tue Mar 11 18:37:55 2014 +0100
+++ b/ChangeLog	Tue Mar 11 13:59:10 2014 -0400
@@ -1,3 +1,8 @@
+2014-03-11  Andrew Azores  <aazores at redhat.com>
+
+	* netx/net/sourceforge/jnlp/security/policyeditor/PermissionTarget.java:
+	(TMPDIR) is java.io.tmpdir, not io.tmpdir
+
 2014-03-11  Jiri Vanek  <jvanek at redhat.com>
 
 	New java console made localizable.
diff -r 4d2b8cbf5259 -r db8627ef75f2 netx/net/sourceforge/jnlp/security/policyeditor/PermissionTarget.java
--- a/netx/net/sourceforge/jnlp/security/policyeditor/PermissionTarget.java	Tue Mar 11 18:37:55 2014 +0100
+++ b/netx/net/sourceforge/jnlp/security/policyeditor/PermissionTarget.java	Tue Mar 11 13:59:10 2014 -0400
@@ -44,7 +44,7 @@
 	NONE(""),
     ALL("*"),
     USER_HOME("${user.home}${/}*"),
-    TMPDIR("${io.tmpdir}${/}*"),
+    TMPDIR("${java.io.tmpdir}${/}*"),
     CLIPBOARD("accessClipboard"),
     PRINT("queuePrintJob"),
     PLAY("play");

From jvanek at redhat.com  Tue Mar 11 19:25:35 2014
From: jvanek at redhat.com (Jiri Vanek)
Date: Tue, 11 Mar 2014 20:25:35 +0100
Subject: [rfc][icedtea-web] implemented
	Application-Library-Allowable-Codebase Attribute
In-Reply-To: <53173C78.5050204@redhat.com>
References: <530F71CF.4040207@redhat.com> <53173C78.5050204@redhat.com>
Message-ID: <531F632F.1000005@redhat.com>

All your nits have been fixed. However:

I'm still not using the AppTrustWarningPanel, so rember button is useless. It will come as another changeset (if ever)
  - this patch broke elluminate - one of the deadly throws is probably redundant and should be repalced by security prompt.
  - jsut hint - download indicator is broken
  - elluminat works, but freaze to, same as http://www.walter-fendt.de/ph14e/resultant.htm

I guess all above are older issues not related to this patch.


J.

On 03/05/2014 04:02 PM, Andrew Azores wrote:
> On 02/27/2014 12:11 PM, Jiri Vanek wrote:
>> hi!
>>
>> Implementation of -  Application-Library-Allowable-Codebase Attribute. Well it grow a bit.
>>
>> The implementation itself, is as straightforward as terrible "specification" allowed  (please reviwer, study the specification too:( )
>>
>> However, many workarounds were needed:
>>
>>  *  netx/net/sourceforge/jnlp/JNLPFile.java and netx/net/sourceforge/jnlp/util/ClasspathMatcher.java : It appeared, that this attribute honors path in pattern. Luckily the matcher was prepared for it, and now it is just conditionally enabled.
>>
>> * dialogues - still the same with one detail  - the remember option do not work. I'm not sure if I wont to use already implemented whitelist from Extended Applets Security... Well  why not? Becasue all alowed appelts will be able to run rmeote context...But well.. why not? If I will reuse it, then MatchingALACAttributePanel will be reworked.
>
> Are you talking about using AppTrustWarningPanel? ;)
>
>>
>> * netx/net/sourceforge/jnlp/util/UrlUtils.java - this was most unlucky - two new utility methods - to remove name filename from url path, and to compare urls no meter if there is tailing slash.
>>  - the exctraction of name is for puposes to find the uri of its location, which is then matched against attribute
>>  - the comparison without tailing slash is not so clear - There is only one suecase of it :
>>
>> +        if (usedUrls.size() == 1) {
>> +            if (UrlUtils.equalsIgnoreLastSlash(usedUrls.toArray(new URL[]{})[0], codebase)
>> + && UrlUtils.equalsIgnoreLastSlash(usedUrls.toArray(new URL[]{})[0], documentBase)) {
>> +                //all resoources are from codebase or document base. it is ok to proceeed.
>> +                OutputController.getLogger().log("All applications resources (" + usedUrls.toArray(new URL[]{})[0] + ") are from codebas/documentbase " + codebase + "/" + documentBase + ", skipping Application-Library-Allowable-Codebase Attribute check.");
>> +                return;
>> +            }
>> +        }
>>
>>
>> It happened that different applications have or have not the trailing slash On codebase and so the implementation of removeFileName was burdened by keep trailing slash or not. This is workarround.
>>
>>
>
> Nit here: why "new URL[]{}" ? Why not "new URL[0]" ?
>
>>
>> *however* I'm a hesitating how to deal with it in Matcher. I adapted it (if compare of paths is true) that some.url/some/path matches both some.url/some/path/ and some.url/some/path, but some.url/some/path/ do not match some.url/some/path (matches only some.url/some/path/)
>> I consider it as lowest evil....:(
>>
>> All should be unittested as much as possible.
>> I'm still taking deep breath before doing reproducers for both this and permissions.
>>
>>
>> Thanx in advance,
>>  J.
>
> Rest of comments here:
>
> Messages.properties:
>> # missing Application-Library-Allowable-Codebase dialogue
>> ALACAMissingMainTitle=Application <span color='red'> {0} </span> \
>> form codebase <span color='red'> {1} </span> is missing the  Application-Library-Allowable-Codebase attribute. \
>> The resources this applications is opening are from remote locations:<br/> {2} <br/>Are you sure to run this application to?
> "This application uses resources from the following remote locations: {2} Are you sure you want to run this application?"
>> ALACAMissingInfo=For more information you can visit:<br/>\
>> <a href="http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#app_library"> \
>> http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#app_library</a> <br/> \
>> and<br/> <a href="http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/no_redeploy.html"> \
>> http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/no_redeploy.html</a>
>> # matching Application-Library-Allowable-Codebase dialogue
>> ALACAMatchingMainTitle=Application <span color='red'> {0} </span> \
>> form codebase <span color='red'> {1} </span> is requiring valid resources from different locations:<br/>{2} <br/> \
>> Those resources are expected to be loaded. Do you agree to run this application?
>> ALACAMatchingInfo=For more information you can visit:<br/>\
>> <a href="http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#app_library"> \
>> http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#app_library</a> <br/> \
>> and<br/> <a href="http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/no_redeploy.html"> \
>> http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/no_redeploy.html</a>
>
> JNLPClassLoader:
>> //do this check for unsigned apps? imho yes
>> //if (security.getSecurityType().equals(SecurityDesc.SANDBOX_PERMISSIONS)){
>> //    return; /*when app isnot signed, then skip this check*/
>> //}
> Why should we do this check for unsigned? The spec specifies it's for "signed RIAs", and I don't think it's necessary to enforce it for unsigned. Partially signed is questionable. Anyway, this check would be better if it used the "signing" field instead, which has type SigningState and is meant for exactly this kind of check. There's also the new SecurityDelegate inner class (which was added after you sent this patch, I know), and maybe this whole method or at least large parts of it should be inside there instead.
>> +        URL documentBase = null;
>> +        if (file instanceof PluginBridge) {
>> +            documentBase = ((PluginBridge) file).getSourceLocation();
>> +        }
>> +        if (documentBase == null) {
>> +            documentBase = file.getCodeBase();
>> +        }
>
>          URL documentBase;
>          if (file instanceof PluginBridge) {
>              documentBase = ((PluginBridge) file).getSourceLocation();
>          } else {
>              documentBase = file.getCodeBase();
>          }
>
> This would be preferable, no?
>
>> +        for (int i = 0; i < resourcesDescs.length; i++) {
>> +            ResourcesDesc resourcesDesc = resourcesDescs[i];
>> +                for (int j = 0; j < ex.length; j++) {
>> +                    ExtensionDesc extensionDesc = ex[j];
>> +                for (int k = 0; k < jars.length; k++) {
>> +                    JARDesc jarDesc = jars[k];
>
> Why not use for-each loops?
>
>> +            ExtensionDesc[] ex = resourcesDesc.getExtensions();
>> +            if (ex != null) {
>> +            JARDesc[] jars = resourcesDesc.getJARs();
>> +            if (jars != null) {
>
> I think the null checks here are over-defensive. These methods appear to be designed to return empty arrays if there is no matching resource, not null.
>
>> +        if (att == null) {
>> +            int a = SecurityDialogs.showMissingALACAttributePanel(file.getTitle(), documentBase, usedUrls);
>> +            if (a != 0) {
>
> I'll come back to this later...
>
>> +                throw new LaunchException("The application is using resources from elsewhere then its base is, have missing Application-Library-Allowable-Codebase attribute and you forbifd it to run");
>
> "The application uses non-codebase resources, has no Application-Library-Allowable-Codebase Attribute, and was blocked from running by the user"
> Should these new LaunchException explanations not go in Messages.properties?
>
>> +                    throw new LaunchException("The resource from " + foundUrl + " do not have any match in Application-Library-Allowable-Codebase Attribute " + att + ". Thats fatal");
>
> "The resource from " + foundUrl + " does not match the  location in Application-Library-Allowable-Codebase Attribute " + att + ". Blocking the application from running."
>
>> +            throw new LaunchException("The application is using resources from elsewhere then its base is which are matching Application-Library-Allowable-Codebase attribute  but you forbifd it to run");
>
> "The application uses non-codebase resources, which do match its Application-Library-Allowable-Codebase Attribute, but was blocked from running by the user."
>
>
> MatchingALACAttributePanel and MissingALACAttributePanel:
>
> Why do these need main methods? Can you make an abstract parent class and have them subclass it? It seems like most of the code is shared.
>
>
> SecurityDialogs:
>> +     public static int showMissingALACAttributePanel(String title, URL codeBase, Set<URL> remoteUrls) {
>> +
>> +        if (!shouldPromptUser()) {
>> +            return 1;
>> +        }
>> +
>> +        SecurityDialogMessage message = new SecurityDialogMessage();
>> +        message.dialogType = DialogType.MISSING_ALACA;
>> +        message.extras = new Object[]{title, codeBase.toString(), UrlUtils.setOfUrlsToHtmlList(remoteUrls)};
>> +        Object selectedValue = getUserResponse(message);
>> +
>> +        // result 0 = Yes, 1 = No
>> +        if (selectedValue instanceof Integer) {
>> +            // If the selected value can be cast to Integer, use that value
>> +            return ((Integer) selectedValue).intValue();
>> +        } else {
>> +            // Otherwise default to "no"
>> +            return 1;
>> +        }
>> +    }
>> +
>> +     public static int showMatchingALACAttributePanel(String title, URL codeBase, Set<URL> remoteUrls) {
>> +
>> +        if (!shouldPromptUser()) {
>> +            return 1;
>> +        }
>> +
>> +        SecurityDialogMessage message = new SecurityDialogMessage();
>> +        message.dialogType = DialogType.MATCHING_ALACA;
>> +        message.extras = new Object[]{title, codeBase.toString(), UrlUtils.setOfUrlsToHtmlList(remoteUrls)};
>> +        Object selectedValue = getUserResponse(message);
>> +
>> +        // result 0 = Yes, 1 = No
>> +        if (selectedValue instanceof Integer) {
>> +            // If the selected value can be cast to Integer, use that value
>> +            return ((Integer) selectedValue).intValue();
>> +        } else {
>> +            // Otherwise default to "no"
>> +            return 1;
>> +        }
>> +    }
>
> Please use either getIntegerResponseAsBoolean or getIntegerResponseAsAppletAction rather than returning 0/1 as ints for yes/no.
>
>
> Thanks,
>
> --
> Andrew A
>

-------------- next part --------------
A non-text attachment was scrubbed...
Name: alaca_02.patch
Type: text/x-patch
Size: 47416 bytes
Desc: not available
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140311/c25e617a/alaca_02-0001.patch>

From bugzilla-daemon at icedtea.classpath.org  Tue Mar 11 19:19:43 2014
From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org)
Date: Tue, 11 Mar 2014 19:19:43 +0000
Subject: [Bug 1697] New: Eclipse crash on Linux Mint
Message-ID: <bug-1697-30@http.icedtea.classpath.org/bugzilla/>

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1697

            Bug ID: 1697
           Summary: Eclipse crash on Linux Mint
           Product: IcedTea
           Version: unspecified
          Hardware: x86_64
                OS: Linux
            Status: NEW
          Severity: major
          Priority: P5
         Component: IcedTea
          Assignee: gnu.andrew at redhat.com
          Reporter: bugzilla at cdunne.org.uk
                CC: unassigned at icedtea.classpath.org

I'm trying to complete a Futurelearn Android course
(https://www.futurelearn.com/courses/begin-programming-2014) and am getting
problems with Eclipse crashing. I was using my phone (a Samsung Galaxy S3) to
run the code but have today tried the emulator and the same thing happens.

I've tried running Eclipse from the console and get the following:

http://pastebin.com/yW3gAZ1b

I've pasted the error report to:

http://pastebin.com/MQyBM3Ed

As you can imagine this is very annoying, sometimes it runs fine for multiple
minutes but sometimes it crashes instantly.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140311/45ff470d/attachment.html>

From aazores at redhat.com  Tue Mar 11 20:13:15 2014
From: aazores at redhat.com (Andrew Azores)
Date: Tue, 11 Mar 2014 16:13:15 -0400
Subject: [rfc][icedtea-web][policyeditor] man page update
Message-ID: <531F6E5B.3020808@redhat.com>

Hi,

I forgot about the -codebase and -help switches before when I made the 
initial man page for policyeditor. I also realized that the -help switch 
didn't document the -codebase switch, either.

Thanks,

-- 
Andrew A

-------------- next part --------------
A non-text attachment was scrubbed...
Name: policyeditor-man-page-update.patch
Type: text/x-patch
Size: 3000 bytes
Desc: not available
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140311/eef38c70/policyeditor-man-page-update.patch>

From jvanek at redhat.com  Wed Mar 12 09:12:41 2014
From: jvanek at redhat.com (Jiri Vanek)
Date: Wed, 12 Mar 2014 10:12:41 +0100
Subject: [rfc][icedtea-web][policyeditor] man page update
In-Reply-To: <531F6E5B.3020808@redhat.com>
References: <531F6E5B.3020808@redhat.com>
Message-ID: <53202509.6090103@redhat.com>

On 03/11/2014 09:13 PM, Andrew Azores wrote:
> Hi,
>
> I forgot about the -codebase and -help switches before when I made the initial man page for
> policyeditor. I also realized that the -help switch didn't document the -codebase switch, either.
>
> Thanks,
>

Thanx. Looks good.

J.

From jvanek at redhat.com  Wed Mar 12 10:04:49 2014
From: jvanek at redhat.com (Jiri Vanek)
Date: Wed, 12 Mar 2014 11:04:49 +0100
Subject: [rfc][icedtea-web][policyeditor] File Changed check
In-Reply-To: <531E1931.2020904@redhat.com>
References: <531E1931.2020904@redhat.com>
Message-ID: <53203141.3060302@redhat.com>

On 03/10/2014 08:57 PM, Andrew Azores wrote:
> Hi,
>
> As promised, here's a patch that lets PolicyEditor detect when the policy file has been externally
> modified since it was opened, using MD5SumWatcher.
>
> ChangeLog:
> Added check for external file modification to PolicyEditor
> * netx/net/sourceforge/jnlp/resources/Messages.properties: (PEFileModified,
> PEFileModifiedDetail) new messages
> * netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java:
> (updateCheckboxes) avoid NPE. (openAndParsePolicyFile, savePolicyFile) use
> MD5SumWatcher to detect when the policy file has been externally modified.
> (updateMd5WithDialog) new method
> * tests/netx/unit/net/sourceforge/jnlp/security/policyeditor/PolicyEditorTest.java:
> all URLs changed to example.com
>
> Thanks,
>

     final int response = updateMd5WithDialog();
+                    switch (response) {
+                        case JOptionPane.YES_OPTION:
+                            openAndParsePolicyFile();
+                            return;
+                        case JOptionPane.NO_OPTION:
+                            break;
+                        case JOptionPane.CANCEL_OPTION:
+                            return;
+                        default:
+                            break;
+                    }

What happens with gui in case of yes?

eg - I have something selected, click save, md5 warning jump out, I click reload, underlyiing policy 
file reload, and my gui? Will the selected boxes/ceodebases whatever remain as I have selected, or 
as it in new file?  Not sure what is better here - but probably to rest gui to match new file.
Does it openAndParsePolicyFile ?

If so ok to head..

Otherwise probbaly ok to head after answer.

J.

From ptisnovs at icedtea.classpath.org  Wed Mar 12 11:37:07 2014
From: ptisnovs at icedtea.classpath.org (ptisnovs at icedtea.classpath.org)
Date: Wed, 12 Mar 2014 11:37:07 +0000
Subject: /hg/gfx-test: Ten new tests added into BitBitAffineIdentityTrans...
Message-ID: <hg.3db247628ff9.1394624227.-6248649288953172555@icedtea.classpath.org>

changeset 3db247628ff9 in /hg/gfx-test
details: http://icedtea.classpath.org/hg/gfx-test?cmd=changeset;node=3db247628ff9
author: Pavel Tisnovsky <ptisnovs at redhat.com>
date: Wed Mar 12 12:37:42 2014 +0100

	Ten new tests added into BitBitAffineIdentityTransformOp.java.


diffstat:

 ChangeLog                                                       |    7 +-
 src/org/gfxtest/testsuites/BitBltAffineIdentityTransformOp.java |  140 ++++++++++
 2 files changed, 146 insertions(+), 1 deletions(-)

diffs (171 lines):

diff -r d56fab3af6d3 -r 3db247628ff9 ChangeLog
--- a/ChangeLog	Tue Mar 11 10:55:38 2014 +0100
+++ b/ChangeLog	Wed Mar 12 12:37:42 2014 +0100
@@ -1,3 +1,8 @@
+2014-03-12  Pavel Tisnovsky  <ptisnovs at redhat.com>
+
+	* src/org/gfxtest/testsuites/BitBltAffineIdentityTransformOp.java:
+	Ten new tests added into BitBitAffineIdentityTransformOp.java.
+
 2014-03-11  Pavel Tisnovsky  <ptisnovs at redhat.com>
 
 	* src/org/gfxtest/testsuites/BitBltUsingBgColor.java:
@@ -21,7 +26,7 @@
 2014-03-03  Pavel Tisnovsky  <ptisnovs at redhat.com>
 
 	* src/org/gfxtest/testsuites/BitBltAffineIdentityTransformOp.java:
-	Eight new tests added into BitBitAffineIdentityTransformOp.java:
+	Eight new tests added into BitBitAffineIdentityTransformOp.java.
 
 2014-02-28  Pavel Tisnovsky  <ptisnovs at redhat.com>
 
diff -r d56fab3af6d3 -r 3db247628ff9 src/org/gfxtest/testsuites/BitBltAffineIdentityTransformOp.java
--- a/src/org/gfxtest/testsuites/BitBltAffineIdentityTransformOp.java	Tue Mar 11 10:55:38 2014 +0100
+++ b/src/org/gfxtest/testsuites/BitBltAffineIdentityTransformOp.java	Wed Mar 12 12:37:42 2014 +0100
@@ -3487,6 +3487,146 @@
     }
 
     /**
+     * Test basic BitBlt operation for diagonal checker buffered image with type TYPE_USHORT_555_RGB.
+     *
+     * @param image
+     *            image used as a destination for BitBlt-type operations
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testBitBltDiagonalCheckerBufferedImageTypeUshort565RGBIdentifyTranspormationOp3(TestImage image, Graphics2D graphics2d)
+    {
+        return doBitBltDiagonalCheckerBufferedImageTypeUshort565RGB(image, graphics2d, IdentifyTranspormationOp3);
+    }
+
+    /**
+     * Test basic BitBlt operation for diagonal checker buffered image with type TYPE_USHORT_555_RGB.
+     *
+     * @param image
+     *            image used as a destination for BitBlt-type operations
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testBitBltDiagonalCheckerBufferedImageTypeUshort565RGBIdentifyTranspormationOp4(TestImage image, Graphics2D graphics2d)
+    {
+        return doBitBltDiagonalCheckerBufferedImageTypeUshort565RGB(image, graphics2d, IdentifyTranspormationOp4);
+    }
+
+    /**
+     * Test basic BitBlt operation for diagonal checker buffered image with type TYPE_USHORT_555_RGB.
+     *
+     * @param image
+     *            image used as a destination for BitBlt-type operations
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testBitBltDiagonalCheckerBufferedImageTypeUshort565RGBIdentifyTranspormationOp5(TestImage image, Graphics2D graphics2d)
+    {
+        return doBitBltDiagonalCheckerBufferedImageTypeUshort565RGB(image, graphics2d, IdentifyTranspormationOp5);
+    }
+
+    /**
+     * Test basic BitBlt operation for diagonal checker buffered image with type TYPE_USHORT_555_RGB.
+     *
+     * @param image
+     *            image used as a destination for BitBlt-type operations
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testBitBltDiagonalCheckerBufferedImageTypeUshort565RGBIdentifyTranspormationOp6(TestImage image, Graphics2D graphics2d)
+    {
+        return doBitBltDiagonalCheckerBufferedImageTypeUshort565RGB(image, graphics2d, IdentifyTranspormationOp6);
+    }
+
+    /**
+     * Test basic BitBlt operation for diagonal checker buffered image with type TYPE_USHORT_GRAY.
+     *
+     * @param image
+     *            image used as a destination for BitBlt-type operations
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testBitBltDiagonalCheckerBufferedImageTypeUshortGrayIdentifyTranspormationOp1(TestImage image, Graphics2D graphics2d)
+    {
+        return doBitBltDiagonalCheckerBufferedImageTypeUshortGray(image, graphics2d, IdentifyTranspormationOp1);
+    }
+
+    /**
+     * Test basic BitBlt operation for diagonal checker buffered image with type TYPE_USHORT_GRAY.
+     *
+     * @param image
+     *            image used as a destination for BitBlt-type operations
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testBitBltDiagonalCheckerBufferedImageTypeUshortGrayIdentifyTranspormationOp2(TestImage image, Graphics2D graphics2d)
+    {
+        return doBitBltDiagonalCheckerBufferedImageTypeUshortGray(image, graphics2d, IdentifyTranspormationOp2);
+    }
+
+    /**
+     * Test basic BitBlt operation for diagonal checker buffered image with type TYPE_USHORT_GRAY.
+     *
+     * @param image
+     *            image used as a destination for BitBlt-type operations
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testBitBltDiagonalCheckerBufferedImageTypeUshortGrayIdentifyTranspormationOp3(TestImage image, Graphics2D graphics2d)
+    {
+        return doBitBltDiagonalCheckerBufferedImageTypeUshortGray(image, graphics2d, IdentifyTranspormationOp3);
+    }
+
+    /**
+     * Test basic BitBlt operation for diagonal checker buffered image with type TYPE_USHORT_GRAY.
+     *
+     * @param image
+     *            image used as a destination for BitBlt-type operations
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testBitBltDiagonalCheckerBufferedImageTypeUshortGrayIdentifyTranspormationOp4(TestImage image, Graphics2D graphics2d)
+    {
+        return doBitBltDiagonalCheckerBufferedImageTypeUshortGray(image, graphics2d, IdentifyTranspormationOp4);
+    }
+
+    /**
+     * Test basic BitBlt operation for diagonal checker buffered image with type TYPE_USHORT_GRAY.
+     *
+     * @param image
+     *            image used as a destination for BitBlt-type operations
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testBitBltDiagonalCheckerBufferedImageTypeUshortGrayIdentifyTranspormationOp5(TestImage image, Graphics2D graphics2d)
+    {
+        return doBitBltDiagonalCheckerBufferedImageTypeUshortGray(image, graphics2d, IdentifyTranspormationOp5);
+    }
+
+    /**
+     * Test basic BitBlt operation for diagonal checker buffered image with type TYPE_USHORT_GRAY.
+     *
+     * @param image
+     *            image used as a destination for BitBlt-type operations
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testBitBltDiagonalCheckerBufferedImageTypeUshortGrayIdentifyTranspormationOp6(TestImage image, Graphics2D graphics2d)
+    {
+        return doBitBltDiagonalCheckerBufferedImageTypeUshortGray(image, graphics2d, IdentifyTranspormationOp6);
+    }
+
+    /**
      * Entry point to the test suite.
      *
      * @param args not used in this case

From ptisnovs at icedtea.classpath.org  Wed Mar 12 11:41:34 2014
From: ptisnovs at icedtea.classpath.org (ptisnovs at icedtea.classpath.org)
Date: Wed, 12 Mar 2014 11:41:34 +0000
Subject: /hg/rhino-tests: Enhancements of various tests in InvocableClass...
Message-ID: <hg.bdfcaa390fb9.1394624494.-6019694633368342460@icedtea.classpath.org>

changeset bdfcaa390fb9 in /hg/rhino-tests
details: http://icedtea.classpath.org/hg/rhino-tests?cmd=changeset;node=bdfcaa390fb9
author: Pavel Tisnovsky <ptisnovs at redhat.com>
date: Wed Mar 12 12:42:16 2014 +0100

	Enhancements of various tests in InvocableClassTest.


diffstat:

 ChangeLog                                  |   5 +
 src/org/RhinoTests/InvocableClassTest.java |  76 ++++++++++++++++++++++++++++-
 2 files changed, 78 insertions(+), 3 deletions(-)

diffs (153 lines):

diff -r 808d23256e54 -r bdfcaa390fb9 ChangeLog
--- a/ChangeLog	Tue Mar 11 10:52:47 2014 +0100
+++ b/ChangeLog	Wed Mar 12 12:42:16 2014 +0100
@@ -1,3 +1,8 @@
+2014-03-12  Pavel Tisnovsky  <ptisnovs at redhat.com>
+
+	* src/org/RhinoTests/InvocableClassTest.java:
+	Enhancements of various tests in InvocableClassTest.
+
 2014-03-11  Pavel Tisnovsky  <ptisnovs at redhat.com>
 
 	* src/org/RhinoTests/CompiledScriptClassTest.java:
diff -r 808d23256e54 -r bdfcaa390fb9 src/org/RhinoTests/InvocableClassTest.java
--- a/src/org/RhinoTests/InvocableClassTest.java	Tue Mar 11 10:52:47 2014 +0100
+++ b/src/org/RhinoTests/InvocableClassTest.java	Wed Mar 12 12:42:16 2014 +0100
@@ -1,7 +1,7 @@
 /*
   Rhino test framework
 
-   Copyright (C) 2011, 2012, 2013  Red Hat
+   Copyright (C) 2011, 2012, 2013, 2014  Red Hat
 
 This file is part of IcedTea.
 
@@ -1530,6 +1530,14 @@
         }
 
         try {
+            this.invocableClass.cast(Character.valueOf('a'));
+            throw new AssertionError("Class.cast(Character.valueOf('a')) does not throw any exception");
+        }
+        catch (Exception e) {
+            // expected exception
+        }
+
+        try {
             this.invocableClass.cast(Byte.valueOf((byte)42));
             throw new AssertionError("Class.cast(Byte.valueOf((byte)42)) does not throw any exception");
         }
@@ -1586,6 +1594,14 @@
         }
 
         try {
+            this.invocableClass.cast(new Throwable("xyzzy"));
+            throw new AssertionError("Class.cast(new Throwable(\"xyzzy\")) does not throw any exception");
+        }
+        catch (Exception e) {
+            // expected exception
+        }
+
+        try {
             this.invocableClass.cast(new RuntimeException());
             throw new AssertionError("Class.cast(new RuntimeException()) does not throw any exception");
         }
@@ -1594,6 +1610,14 @@
         }
 
         try {
+            this.invocableClass.cast(new RuntimeException("xyzzy"));
+            throw new AssertionError("Class.cast(new RuntimeException(\"xyzzy\")) does not throw any exception");
+        }
+        catch (Exception e) {
+            // expected exception
+        }
+
+        try {
             this.invocableClass.cast(new Error());
             throw new AssertionError("Class.cast(new Error()) does not throw any exception");
         }
@@ -1602,6 +1626,22 @@
         }
 
         try {
+            this.invocableClass.cast(new Error("xyzzy"));
+            throw new AssertionError("Class.cast(new Error(\"xyzzy\")) does not throw any exception");
+        }
+        catch (Exception e) {
+            // expected exception
+        }
+
+        try {
+            this.invocableClass.cast(new java.io.File("xyzzy"));
+            throw new AssertionError("Class.cast(new java.io.File(\"xyzzy\")) does not throw any exception");
+        }
+        catch (Exception e) {
+            // expected exception
+        }
+
+        try {
             this.invocableClass.cast(new java.lang.String());
             throw new AssertionError("Class.cast(new java.lang.String()) does not throw any exception");
         }
@@ -1650,6 +1690,30 @@
         }
 
         try {
+            this.invocableClass.cast(new java.awt.Label());
+            throw new AssertionError("Class.cast(new java.awt.Label()) does not throw any exception");
+        }
+        catch (Exception e) {
+            // expected exception
+        }
+
+        try {
+            this.invocableClass.cast(new java.awt.Label(new String()));
+            throw new AssertionError("Class.cast(new java.awt.Label(new String())) does not throw any exception");
+        }
+        catch (Exception e) {
+            // expected exception
+        }
+
+        try {
+            this.invocableClass.cast(new java.awt.Label("xyzzy"));
+            throw new AssertionError("Class.cast(new java.awt.Label(\"xyzzy\")) does not throw any exception");
+        }
+        catch (Exception e) {
+            // expected exception
+        }
+
+        try {
             this.invocableClass.cast(new javax.swing.JLabel());
             throw new AssertionError("Class.cast(new javax.swing.JLabel()) does not throw any exception");
         }
@@ -1666,13 +1730,20 @@
         }
 
         try {
+            this.invocableClass.cast(new javax.swing.JLabel("xyzzy"));
+            throw new AssertionError("Class.cast(new javax.swing.JLabel(\"xyzzy\")) does not throw any exception");
+        }
+        catch (Exception e) {
+            // expected exception
+        }
+
+        try {
             this.invocableClass.cast(new javax.swing.JPanel());
             throw new AssertionError("Class.cast(new javax.swing.JPanel()) does not throw any exception");
         }
         catch (Exception e) {
             // expected exception
         }
-
     }
 
     /**
@@ -1689,7 +1760,6 @@
         catch (IllegalAccessException e) {
             // expected exception
         }
-
     }
 
     /**

From jvanek at redhat.com  Wed Mar 12 11:57:54 2014
From: jvanek at redhat.com (Jiri Vanek)
Date: Wed, 12 Mar 2014 12:57:54 +0100
Subject: [rfc][icedtea-web][policyeditor] Duplicate visual codebases
In-Reply-To: <531F46BD.2040204@redhat.com>
References: <531F46BD.2040204@redhat.com>
Message-ID: <53204BC2.9070507@redhat.com>

On 03/11/2014 06:24 PM, Andrew Azores wrote:
> Hi,
>
> PolicyEditor already guards against having multiple entries for the same codebase in its permission
> maps, but there's a bug that still allows the left side list view to display multiple of the same
> codebase. This patch fixes it so that duplicate codebases really can't be added.
>
> Thanks,
>
Although I have no idea what it is supposed to do, it give sense...
J.

From bugzilla-daemon at icedtea.classpath.org  Wed Mar 12 13:11:13 2014
From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org)
Date: Wed, 12 Mar 2014 13:11:13 +0000
Subject: [Bug 1698] New: [TRACKER] IcedTea 2.6.0 Release
Message-ID: <bug-1698-30@http.icedtea.classpath.org/bugzilla/>

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1698

            Bug ID: 1698
           Summary: [TRACKER] IcedTea 2.6.0 Release
           Product: IcedTea
           Version: 7-hg
          Hardware: all
                OS: All
            Status: NEW
          Severity: enhancement
          Priority: P5
         Component: IcedTea
          Assignee: gnu.andrew at redhat.com
          Reporter: gnu.andrew at redhat.com
                CC: unassigned at icedtea.classpath.org

Tracker for IcedTea 2.6.0 major release.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140312/433be4e6/attachment.html>

From bugzilla-daemon at icedtea.classpath.org  Wed Mar 12 13:12:48 2014
From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org)
Date: Wed, 12 Mar 2014 13:12:48 +0000
Subject: [Bug 1698] [TRACKER] IcedTea 2.6.0 Release
In-Reply-To: <bug-1698-30@http.icedtea.classpath.org/bugzilla/>
References: <bug-1698-30@http.icedtea.classpath.org/bugzilla/>
Message-ID: <bug-1698-30-aLuv4YsQid@http.icedtea.classpath.org/bugzilla/>

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1698

Andrew John Hughes <gnu.andrew at redhat.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |ASSIGNED
   Target Milestone|---                         |2.6.0

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140312/f56c5b82/attachment.html>

From bugzilla-daemon at icedtea.classpath.org  Wed Mar 12 13:14:14 2014
From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org)
Date: Wed, 12 Mar 2014 13:14:14 +0000
Subject: [Bug 1285] [IcedTea7] Use XML for AUTHORS/NEWS to ensure reliable
	formatting for producing e.g. release notes
In-Reply-To: <bug-1285-30@http.icedtea.classpath.org/bugzilla/>
References: <bug-1285-30@http.icedtea.classpath.org/bugzilla/>
Message-ID: <bug-1285-30-jehFgu3Xw2@http.icedtea.classpath.org/bugzilla/>

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1285

Andrew John Hughes <gnu.andrew at redhat.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Blocks|1284                        |1698

--- Comment #2 from Andrew John Hughes <gnu.andrew at redhat.com> ---
Target 2.6.0 release.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140312/655fa589/attachment.html>

From bugzilla-daemon at icedtea.classpath.org  Wed Mar 12 13:14:14 2014
From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org)
Date: Wed, 12 Mar 2014 13:14:14 +0000
Subject: [Bug 1284] [TRACKER] IcedTea 2.5.0 Release
In-Reply-To: <bug-1284-30@http.icedtea.classpath.org/bugzilla/>
References: <bug-1284-30@http.icedtea.classpath.org/bugzilla/>
Message-ID: <bug-1284-30-3nZjOwmEX2@http.icedtea.classpath.org/bugzilla/>

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1284

Andrew John Hughes <gnu.andrew at redhat.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
         Depends on|1285                        |

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140312/1f88aeec/attachment.html>

From bugzilla-daemon at icedtea.classpath.org  Wed Mar 12 13:14:14 2014
From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org)
Date: Wed, 12 Mar 2014 13:14:14 +0000
Subject: [Bug 1698] [TRACKER] IcedTea 2.6.0 Release
In-Reply-To: <bug-1698-30@http.icedtea.classpath.org/bugzilla/>
References: <bug-1698-30@http.icedtea.classpath.org/bugzilla/>
Message-ID: <bug-1698-30-bC3W3Mk2Ff@http.icedtea.classpath.org/bugzilla/>

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1698

Andrew John Hughes <gnu.andrew at redhat.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
         Depends on|                            |1285

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140312/50c8b7cd/attachment.html>

From aazores at icedtea.classpath.org  Wed Mar 12 13:36:10 2014
From: aazores at icedtea.classpath.org (aazores at icedtea.classpath.org)
Date: Wed, 12 Mar 2014 13:36:10 +0000
Subject: /hg/icedtea-web: Updated policyeditor documentation
Message-ID: <hg.78f6e65ed7b3.1394631370.8643924302249223276@icedtea.classpath.org>

changeset 78f6e65ed7b3 in /hg/icedtea-web
details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=78f6e65ed7b3
author: Andrew Azores <aazores at redhat.com>
date: Wed Mar 12 09:35:48 2014 -0400

	Updated policyeditor documentation

	* netx/net/sourceforge/jnlp/resources/Messages.properties:
	(PECodebaseFlag) new message for policyeditor -help
	* netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java:
	(HELP_MESSAGE) added -codebase flag
	* netx/policyeditor.1: updated -file and added -codebase and -help


diffstat:

 ChangeLog                                                         |   8 +++
 netx/net/sourceforge/jnlp/resources/Messages.properties           |   1 +
 netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java |   3 +-
 netx/policyeditor.1                                               |  24 ++++++++-
 4 files changed, 31 insertions(+), 5 deletions(-)

diffs (80 lines):

diff -r db8627ef75f2 -r 78f6e65ed7b3 ChangeLog
--- a/ChangeLog	Tue Mar 11 13:59:10 2014 -0400
+++ b/ChangeLog	Wed Mar 12 09:35:48 2014 -0400
@@ -1,3 +1,11 @@
+2014-03-12  Andrew Azores  <aazores at redhat.com>
+
+	* netx/net/sourceforge/jnlp/resources/Messages.properties:
+	(PECodebaseFlag) new message for policyeditor -help
+	* netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java:
+	(HELP_MESSAGE) added -codebase flag
+	* netx/policyeditor.1: updated -file and added -codebase and -help
+
 2014-03-11  Andrew Azores  <aazores at redhat.com>
 
 	* netx/net/sourceforge/jnlp/security/policyeditor/PermissionTarget.java:
diff -r db8627ef75f2 -r 78f6e65ed7b3 netx/net/sourceforge/jnlp/resources/Messages.properties
--- a/netx/net/sourceforge/jnlp/resources/Messages.properties	Tue Mar 11 13:59:10 2014 -0400
+++ b/netx/net/sourceforge/jnlp/resources/Messages.properties	Wed Mar 12 09:35:48 2014 -0400
@@ -464,6 +464,7 @@
 PEUsage=policyeditor [-file policyfile]
 PEHelpFlag=Print this message and exit
 PEFileFlag=Specify a policyfile path to open
+PECodebaseFlag=Specify (a) codebase URL(s) to add and/or focus in the editor
 PETitle=Policy Editor
 PEReadProps=Read system properties
 PEReadPropsDetail=Allow applets to read system properties such as your username and home directory location
diff -r db8627ef75f2 -r 78f6e65ed7b3 netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java
--- a/netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java	Tue Mar 11 13:59:10 2014 -0400
+++ b/netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java	Wed Mar 12 09:35:48 2014 -0400
@@ -144,7 +144,8 @@
 
     private static final String HELP_MESSAGE = "Usage:\t" + R("PEUsage") + "\n\n"
             + "  " + HELP_FLAG + "\t\t\t" + R("PEHelpFlag") + "\n"
-            + "  " + FILE_FLAG + "\t\t\t" + R("PEFileFlag") + "\n";
+            + "  " + FILE_FLAG + "\t\t\t" + R("PEFileFlag") + "\n"
+            + "  " + CODEBASE_FLAG + "\t\t" + R("PECodebaseFlag") + "\n";
 
     private static final String AUTOGENERATED_NOTICE = "/* DO NOT MODIFY! AUTO-GENERATED */";
 
diff -r db8627ef75f2 -r 78f6e65ed7b3 netx/policyeditor.1
--- a/netx/policyeditor.1	Tue Mar 11 13:59:10 2014 -0400
+++ b/netx/policyeditor.1	Wed Mar 12 09:35:48 2014 -0400
@@ -12,6 +12,8 @@
 .br
 .B policyeditor [-file]
 policy_file
+.B [-codebase]
+url
 .SH DESCRIPTION
 .B policyeditor
 is a GUI application with small command line support to view and edit applet security policy settings
@@ -31,10 +33,24 @@
 .SH OPTIONS
 
 .TP
--file
-Specifies a policy file path to open. If this is not given as an argument, the
-first argument given is interpreted as a file path to open anyway. This switch
-exists mostly for compatibility with Policy Tool.
+-help
+Prints a short help text and exits.
+
+.TP
+-file policy_file
+Specifies a policy file path to open. If exactly one argument is given, and it
+is not this flag, it is interpreted as a file path to open, as if this flag
+was given first. This flag exists mostly for compatibility with Policy Tool,
+but is also needed when opening a policy file and also using the -codebase flag.
+
+.TP
+-codebase url
+Specifies an applet codebase URL. If the specified codebase already exists in
+the policy file (if any), then it will be selected when the editor opens. If
+it is a new codebase then it will be added and selected. Multiple URLs may also
+be given with a single -codebase flag by separating them with spaces. In this
+case, the last codebase given will be selected, and all will be added. If this
+flag is given more than once, only the first is used.
 
 .SH EXAMPLES
 

From aazores at redhat.com  Wed Mar 12 13:38:33 2014
From: aazores at redhat.com (Andrew Azores)
Date: Wed, 12 Mar 2014 09:38:33 -0400
Subject: [rfc][icedtea-web][policyeditor] File Changed check
In-Reply-To: <53203141.3060302@redhat.com>
References: <531E1931.2020904@redhat.com> <53203141.3060302@redhat.com>
Message-ID: <53206359.2000604@redhat.com>

On 03/12/2014 06:04 AM, Jiri Vanek wrote:
> On 03/10/2014 08:57 PM, Andrew Azores wrote:
>> Hi,
>>
>> As promised, here's a patch that lets PolicyEditor detect when the 
>> policy file has been externally
>> modified since it was opened, using MD5SumWatcher.
>>
>> ChangeLog:
>> Added check for external file modification to PolicyEditor
>> * netx/net/sourceforge/jnlp/resources/Messages.properties: 
>> (PEFileModified,
>> PEFileModifiedDetail) new messages
>> * netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java:
>> (updateCheckboxes) avoid NPE. (openAndParsePolicyFile, 
>> savePolicyFile) use
>> MD5SumWatcher to detect when the policy file has been externally 
>> modified.
>> (updateMd5WithDialog) new method
>> * 
>> tests/netx/unit/net/sourceforge/jnlp/security/policyeditor/PolicyEditorTest.java:
>> all URLs changed to example.com
>>
>> Thanks,
>>
>
>     final int response = updateMd5WithDialog();
> +                    switch (response) {
> +                        case JOptionPane.YES_OPTION:
> +                            openAndParsePolicyFile();
> +                            return;
> +                        case JOptionPane.NO_OPTION:
> +                            break;
> +                        case JOptionPane.CANCEL_OPTION:
> +                            return;
> +                        default:
> +                            break;
> +                    }
>
> What happens with gui in case of yes?
>
> eg - I have something selected, click save, md5 warning jump out, I 
> click reload, underlyiing policy file reload, and my gui? Will the 
> selected boxes/ceodebases whatever remain as I have selected, or as it 
> in new file?  Not sure what is better here - but probably to rest gui 
> to match new file.
> Does it openAndParsePolicyFile ?
>
> If so ok to head..
>
> Otherwise probbaly ok to head after answer.
>
> J.

Yep, if you click "Yes to Reload", then the GUI (and internal 
representations) update to match what was read in the file. 
openAndParsePolicyFile() also updates the GUI as it goes along with 
parsing. "No" writes your current changes into the file without 
re-parsing the new file contents first, and "Cancel" just does nothing, 
so you can decide if you want to throw away your changes, or maybe save 
somewhere else, or whatever.

Thanks,

-- 
Andrew A


From aazores at icedtea.classpath.org  Wed Mar 12 13:43:46 2014
From: aazores at icedtea.classpath.org (aazores at icedtea.classpath.org)
Date: Wed, 12 Mar 2014 13:43:46 +0000
Subject: /hg/icedtea-web: PolicyEditor external file change checking
Message-ID: <hg.932c096d423c.1394631826.8643924302249223276@icedtea.classpath.org>

changeset 932c096d423c in /hg/icedtea-web
details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=932c096d423c
author: Andrew Azores <aazores at redhat.com>
date: Wed Mar 12 09:43:36 2014 -0400

	PolicyEditor external file change checking

	* netx/net/sourceforge/jnlp/resources/Messages.properties:
	(PEFileModified, PEFileModifiedDetail) new messages
	* netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java:
	(fileWatcher, openAndParsePolicyFile, savePolicyFile) update to use
	MD5SumWatcher to check if the file has changed externally since being
	opened
	* tests/netx/unit/net/sourceforge/jnlp/security/policyeditor/PolicyEditorTest.java:
	URLs changed to example.com


diffstat:

 ChangeLog                                                                        |  11 +
 netx/net/sourceforge/jnlp/resources/Messages.properties                          |   2 +
 netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java                |  68 +++++++++-
 tests/netx/unit/net/sourceforge/jnlp/security/policyeditor/PolicyEditorTest.java |  22 +-
 4 files changed, 89 insertions(+), 14 deletions(-)

diffs (247 lines):

diff -r 78f6e65ed7b3 -r 932c096d423c ChangeLog
--- a/ChangeLog	Wed Mar 12 09:35:48 2014 -0400
+++ b/ChangeLog	Wed Mar 12 09:43:36 2014 -0400
@@ -1,3 +1,14 @@
+2014-03-12  Andrew Azores  <aazores at redhat.com>
+
+	* netx/net/sourceforge/jnlp/resources/Messages.properties:
+	(PEFileModified, PEFileModifiedDetail) new messages
+	* netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java:
+	(fileWatcher, openAndParsePolicyFile, savePolicyFile) update to use
+	MD5SumWatcher to check if the file has changed externally since being
+	opened
+	* tests/netx/unit/net/sourceforge/jnlp/security/policyeditor/PolicyEditorTest.java:
+	URLs changed to example.com
+
 2014-03-12  Andrew Azores  <aazores at redhat.com>
 
 	* netx/net/sourceforge/jnlp/resources/Messages.properties:
diff -r 78f6e65ed7b3 -r 932c096d423c netx/net/sourceforge/jnlp/resources/Messages.properties
--- a/netx/net/sourceforge/jnlp/resources/Messages.properties	Wed Mar 12 09:35:48 2014 -0400
+++ b/netx/net/sourceforge/jnlp/resources/Messages.properties	Wed Mar 12 09:43:36 2014 -0400
@@ -503,6 +503,8 @@
 PEExitMenuItem=Exit
 PEViewMenu=View
 PECustomPermissionsItem=Custom Permissions...
+PEFileModified=File Modification Warning
+PEFileModifiedDetail=The policy file at {0} has been modified since it was opened. Reload and re-edit before saving?
 
 # Policy Editor CustomPolicyViewer
 PECPTitle=Custom Policy Viewer
diff -r 78f6e65ed7b3 -r 932c096d423c netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java
--- a/netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java	Wed Mar 12 09:35:48 2014 -0400
+++ b/netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java	Wed Mar 12 09:43:36 2014 -0400
@@ -94,6 +94,7 @@
 
 import net.sourceforge.jnlp.util.FileUtils;
 import net.sourceforge.jnlp.util.FileUtils.OpenFileResult;
+import net.sourceforge.jnlp.util.MD5SumWatcher;
 import net.sourceforge.jnlp.util.logging.OutputController;
 
 /**
@@ -164,6 +165,7 @@
     private final JFileChooser fileChooser;
     private CustomPolicyViewer cpViewer = null;
     private final WeakReference<PolicyEditor> weakThis = new WeakReference<PolicyEditor>(this);
+    private MD5SumWatcher fileWatcher;
 
     private final ActionListener okButtonAction, closeButtonAction, addCodebaseButtonAction,
             removeCodebaseButtonAction, openButtonAction, saveAsButtonAction, viewCustomButtonAction;
@@ -593,12 +595,25 @@
             for (final ActionListener l : box.getActionListeners()) {
                 box.removeActionListener(l);
             }
-            box.setSelected(codebasePermissionsMap.get(codebase).get(perm));
+            initializeMapForCodebase(codebase);
+            final Map<PolicyEditorPermissions, Boolean> map = codebasePermissionsMap.get(codebase);
+            final boolean state;
+            if (map != null) {
+                final Boolean s = map.get(perm);
+                if (s != null) {
+                    state = s;
+                } else {
+                    state = false;
+                }
+            } else {
+                state = false;
+            }
+            box.setSelected(state);
             box.addActionListener(new ActionListener() {
                 @Override
                 public void actionPerformed(final ActionEvent e) {
                     changesMade = true;
-                    codebasePermissionsMap.get(codebase).put(perm, box.isSelected());
+                    map.put(perm, box.isSelected());
                 }
             });
         }
@@ -797,6 +812,10 @@
                 }
                 final String contents;
                 try {
+                    fileWatcher = new MD5SumWatcher(file);
+                    fileWatcher.update();
+                    // User-level policy files are expected to be short enough that loading them in as a String
+                    // should not actually be *too* bad, and it's easy to work with.
                     contents = FileUtils.loadFileAsString(file);
                 } catch (final IOException e) {
                     OutputController.getLogger().log(e);
@@ -804,10 +823,12 @@
                     FileUtils.showCouldNotOpenDialog(weakThis.get(), R("PECouldNotOpen"));
                     return;
                 }
+                codebasePermissionsMap.clear();
+                customPermissionsMap.clear();
                 // Split on newlines, both \r\n and \n style, for platform-independence
                 final String[] lines = contents.split("\\r?\\n+");
                 String codebase = "";
-                FileLock fileLock = null;
+                final FileLock fileLock;
                 try {
                     fileLock = FileUtils.getFileLock(file.getAbsolutePath(), false, true);
                 } catch (final FileNotFoundException e) {
@@ -828,13 +849,16 @@
                         openBlock = true;
                     }
 
+                    // Matches '};', the closing block delimiter, with any amount of whitespace on either side
                     boolean commentLine = false;
                     if (line.matches("\\s*\\};\\s*")) {
                         openBlock = false;
                     }
+                    // Matches '/*', the start of a block comment
                     if (line.matches(".*/\\*.*")) {
                         commentBlock = true;
                     }
+                    // Matches '*/', the end of a block comment, and '//', a single-line comment
                     if (line.matches(".*\\*/.*")) {
                         commentBlock = false;
                     }
@@ -899,6 +923,28 @@
         new Thread() {
             @Override
             public void run() {
+                try {
+                    final int response = updateMd5WithDialog();
+                    switch (response) {
+                        case JOptionPane.YES_OPTION:
+                            openAndParsePolicyFile();
+                            return;
+                        case JOptionPane.NO_OPTION:
+                            break;
+                        case JOptionPane.CANCEL_OPTION:
+                            return;
+                        default:
+                            break;
+                    }
+                } catch (final FileNotFoundException e) {
+                    // File on disk has been somehow removed since we first checked. Attempt to save to it
+                    // anyway then. If we can't, then the failure simply occurs later in this method
+                    OutputController.getLogger().log(e);
+                } catch (final IOException e) {
+                    OutputController.getLogger().log(e);
+                    showCouldNotSaveDialog();
+                    return;
+                }
                 final StringBuilder sb = new StringBuilder();
                 sb.append(AUTOGENERATED_NOTICE);
                 sb.append("\n/* Generated by PolicyEditor at " + new SimpleDateFormat("yyyy-MM-dd HH:mm:ss")
@@ -929,6 +975,7 @@
 
                 try {
                     FileUtils.saveFile(sb.toString(), file);
+                    fileWatcher.update();
                     changesMade = false;
                     showChangesSavedDialog();
                 } catch (final IOException e) {
@@ -964,6 +1011,21 @@
     }
 
     /**
+     * Detect if the file's MD5 has changed. If so, track its new sum, and prompt the user on how to proceed
+     * @return the user's choice (Yes/No/Cancel - see JOptionPane constants). "No" if the file hasn't changed.
+     * @throws FileNotFoundException if the watched file does not exist
+     * @throws IOException if the file cannot be read
+     */
+    public int updateMd5WithDialog() throws FileNotFoundException, IOException {
+        final boolean changed = fileWatcher.update();
+        if (changed) {
+            return JOptionPane.showConfirmDialog(weakThis.get(), R("PEFileModifiedDetail", file.getCanonicalPath()),
+                    R("PEFileModified"), JOptionPane.YES_NO_CANCEL_OPTION);
+        }
+        return JOptionPane.NO_OPTION;
+    }
+
+    /**
      * Start a Policy Editor instance.
      * @param args "-file $FILENAME" and/or "-codebase $CODEBASE" are accepted flag/value pairs.
      * -file specifies a file path to be opened by the editor. If none is provided, the default
diff -r 78f6e65ed7b3 -r 932c096d423c tests/netx/unit/net/sourceforge/jnlp/security/policyeditor/PolicyEditorTest.java
--- a/tests/netx/unit/net/sourceforge/jnlp/security/policyeditor/PolicyEditorTest.java	Wed Mar 12 09:35:48 2014 -0400
+++ b/tests/netx/unit/net/sourceforge/jnlp/security/policyeditor/PolicyEditorTest.java	Wed Mar 12 09:43:36 2014 -0400
@@ -69,18 +69,18 @@
 
     @Test
     public void testAddCodebase() throws Exception {
-        final String redHatUrlString = "http://redhat.com";
-        editor.addNewCodebase(redHatUrlString);
+        final String urlString = "http://example.com";
+        editor.addNewCodebase(urlString);
         final Collection<String> codebases = editor.getCodebases();
         assertTrue("Editor should have default codebase", codebases.contains(""));
-        assertTrue("Editor should have http://redhat.com", codebases.contains(redHatUrlString));
+        assertTrue("Editor should have http://example.com", codebases.contains(urlString));
         assertTrue("Editor should only have two codebases", codebases.size() == 2);
     }
 
     @Test
     public void addMultipleCodebases() throws Exception {
         final Set<String> toAdd = new HashSet<String>();
-        toAdd.add("http://redhat.com");
+        toAdd.add("http://example.com");
         toAdd.add("http://icedtea.classpath.org");
         editor.addNewCodebases(toAdd);
         final Collection<String> codebases = editor.getCodebases();
@@ -132,8 +132,8 @@
     @Test
     public void testDefaultPermissionsAllFalse() throws Exception {
         final Map<PolicyEditorPermissions, Boolean> defaultMap = editor.getPermissions("");
-        editor.addNewCodebase("http://redhat.com");
-        final Map<PolicyEditorPermissions, Boolean> addedMap = editor.getPermissions("http://redhat.com");
+        editor.addNewCodebase("http://example.com");
+        final Map<PolicyEditorPermissions, Boolean> addedMap = editor.getPermissions("http://example.com");
         for (final Map.Entry<PolicyEditorPermissions, Boolean> entry : defaultMap.entrySet()) {
             assertFalse("Permission " + entry.getKey() + " should be false", entry.getValue());
         }
@@ -145,8 +145,8 @@
     @Test
     public void testAllPermissionsRepresented() throws Exception {
         final Map<PolicyEditorPermissions, Boolean> defaultMap = editor.getPermissions("");
-        editor.addNewCodebase("http://redhat.com");
-        final Map<PolicyEditorPermissions, Boolean> addedMap = editor.getPermissions("http://redhat.com");
+        editor.addNewCodebase("http://example.com");
+        final Map<PolicyEditorPermissions, Boolean> addedMap = editor.getPermissions("http://example.com");
         assertTrue("Default codebase permissions keyset should be the same size as enum values set",
                 defaultMap.keySet().size() == PolicyEditorPermissions.values().length);
         assertTrue("Added codebase permissions keyset should be the same size as enum values set",
@@ -175,7 +175,7 @@
     @Test
     public void testArgsToMap() throws Exception {
         final String[] args = new String[] {
-                "-codebase", "http://redhat.com http://icedtea.classpath.org",
+                "-codebase", "http://example.com http://icedtea.classpath.org",
                 "-file", "/tmp/some-policy-file.tmp",
                 "-help"
         };
@@ -187,8 +187,8 @@
         assertTrue("Value for -file should be /tmp/some-policy-file.tmp but was " + map.get("-file"),
                 map.get("-file").equals("/tmp/some-policy-file.tmp"));
         assertTrue("Args map should contain codebase flag", map.containsKey("-codebase"));
-        assertTrue("Value for codebase flag should be \"http://redhat.com http://icedtea.classpath.org\" but was " + map.get("-codebase"),
-                map.get("-codebase").equals("http://redhat.com http://icedtea.classpath.org"));
+        assertTrue("Value for codebase flag should be \"http://example.com http://icedtea.classpath.org\" but was " + map.get("-codebase"),
+                map.get("-codebase").equals("http://example.com http://icedtea.classpath.org"));
     }
 
 }
\ No newline at end of file

From aazores at icedtea.classpath.org  Wed Mar 12 13:47:07 2014
From: aazores at icedtea.classpath.org (aazores at icedtea.classpath.org)
Date: Wed, 12 Mar 2014 13:47:07 +0000
Subject: /hg/icedtea-web: PolicyEditor does not add duplicate visual code...
Message-ID: <hg.9417633d1f86.1394632027.8643924302249223276@icedtea.classpath.org>

changeset 9417633d1f86 in /hg/icedtea-web
details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=9417633d1f86
author: Andrew Azores <aazores at redhat.com>
date: Wed Mar 12 09:46:59 2014 -0400

	PolicyEditor does not add duplicate visual codebases

	* netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java:
	(initializeMapForCodebase) returns boolean indicating if the given
	codebase already existed. (addNewCodebase) do not add codebases if they
	already exist


diffstat:

 ChangeLog                                                         |   7 ++++
 netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java |  17 +++++++--
 2 files changed, 20 insertions(+), 4 deletions(-)

diffs (63 lines):

diff -r 932c096d423c -r 9417633d1f86 ChangeLog
--- a/ChangeLog	Wed Mar 12 09:43:36 2014 -0400
+++ b/ChangeLog	Wed Mar 12 09:46:59 2014 -0400
@@ -1,3 +1,10 @@
+2014-03-12  Andrew Azores  <aazores at redhat.com>
+
+	* netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java:
+	(initializeMapForCodebase) returns boolean indicating if the given
+	codebase already existed. (addNewCodebase) do not add codebases if they
+	already exist
+
 2014-03-12  Andrew Azores  <aazores at redhat.com>
 
 	* netx/net/sourceforge/jnlp/resources/Messages.properties:
diff -r 932c096d423c -r 9417633d1f86 netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java
--- a/netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java	Wed Mar 12 09:43:36 2014 -0400
+++ b/netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java	Wed Mar 12 09:46:59 2014 -0400
@@ -470,16 +470,18 @@
             OutputController.getLogger().log(mfue);
             return;
         }
-        initializeMapForCodebase(codebase);
+        final boolean existingCodebase = initializeMapForCodebase(codebase);
         final String model;
         if (codebase.isEmpty()) {
             model = R("PEGlobalSettings");
         } else {
             model = codebase;
         }
-        listModel.addElement(model);
+        if (!existingCodebase) {
+            listModel.addElement(model);
+            changesMade = true;
+        }
         list.setSelectedValue(model, true);
-        changesMade = true;
     }
 
     /**
@@ -897,8 +899,13 @@
      * Ensure that the model contains a specified mapping. No action is taken
      * if there already is a map with this key
      * @param codebase for which a permissions mapping is required
+     * @return true iff there was already an entry for this codebase
      */
-    private void initializeMapForCodebase(final String codebase) {
+    private boolean initializeMapForCodebase(final String codebase) {
+        if (codebasePermissionsMap.containsKey(codebase) || customPermissionsMap.containsKey(codebase)) {
+            return true;
+        }
+
         if (codebasePermissionsMap.get(codebase) == null) {
             final Map<PolicyEditorPermissions, Boolean> map = new HashMap<PolicyEditorPermissions, Boolean>();
             for (final PolicyEditorPermissions perm : PolicyEditorPermissions.values()) {
@@ -911,6 +918,8 @@
             final Set<CustomPermission> set = new HashSet<CustomPermission>();
             customPermissionsMap.put(codebase, set);
         }
+
+        return false;
     }
 
     /**

From ptisnovs at redhat.com  Wed Mar 12 14:08:07 2014
From: ptisnovs at redhat.com (Pavel Tisnovsky)
Date: Wed, 12 Mar 2014 10:08:07 -0400 (EDT)
Subject: [rfc][icedtea-web] /bin/bash check for configure time Re:
	[rfc][icedtea-web]	have  bash in shebang instead of sh or get rid of
	bashism
In-Reply-To: <5319A495.7090601@redhat.com>
References: <530E0C94.6070606@redhat.com> <53165242.9000308@redhat.com>
	<531734B5.9040105@redhat.com> <5319A495.7090601@redhat.com>
Message-ID: <1580005764.18810616.1394633287615.JavaMail.zimbra@redhat.com>

Hi Jiri,

looks good (at least at this moment :), ok for head.

Thank you,
Pavel

----- Jiri Vanek <jvanek at redhat.com> wrote:
> On 03/05/2014 03:29 PM, Jiri Vanek wrote:
> > On 03/04/2014 11:22 PM, Andrew Azores wrote:
> >> On 02/26/2014 10:47 AM, Jiri Vanek wrote:
> >>> After short discussion with Omair, we agreed that this
> >>>
> >>> http://icedtea.classpath.org/hg/release/icedtea-web-1.4/rev/8f13202ea201
> >>>
> >>> IS probably better then get rid of bashism completely.
> >>>
> >>> So I would like to forward-port this patch to head.
> >>>
> >>> ok?
> >>
> >> Fine by me.
> >>
> >> Thanks,
> >>
> >
> > Thanx. Pushed.
> >
> > The configure check for /bin/bash is needed for .configure now. But I'm not sure how it will affect
> > windows. Actually I have no idea how windows are building ITW :(
> >
> > J.
> >
> 
> Well /bin/bash is used also for generation of htmls. So this is really needed.
> 
> J.
> 


From aazores at redhat.com  Wed Mar 12 15:29:07 2014
From: aazores at redhat.com (Andrew Azores)
Date: Wed, 12 Mar 2014 11:29:07 -0400
Subject: [rfc][icedtea-web] Runtime refresh of JNLPPolicy
Message-ID: <53207D43.8030806@redhat.com>

Hi,

This patch adds a method to JNLPRuntime to allow the Policy object to be 
refreshed, and adds logic to the JNLPPolicy class (of which the 
runtime's Policy reference is an instance) to:
1) be able to refresh its permissions from the user's policy file
2) read from the policy file on a per-codebase basis, not only per 
applet JAR location

It also adds logic to JNLPClassLoader.SecurityDelegate to call the new 
JNLPRuntime method when the applet is to be run sandboxed, to ensure 
that this is done with the current policy, not an older cached copy in 
case there have been changes since the JVM was started.

These changes are in support of later patches which will add a way to 
launch PolicyEditor from the fully and partially signed applet warning 
dialogs. Without the ability to refresh, the JVM needs to be restarted 
before those changes can take effect, which is not good for usability 
(users have to restart their browser). Without the ability to actually 
check by codebase rather than full JAR url, the user policy files will 
be much more complex than planned, and for users to set custom 
permission levels per-applet will be much more difficult to use.

Manual testing:

(with patch applied)
1) Ensure your policy file is either empty or at least does not contain 
an entry to match the test applet
2) Visit http://caff.de/applettest/Signed.html and run the applet sandboxed
3) Verify that the applet may not print nor save. Close the applet but 
do not exit the browser.
4) Add the following to your policy file:

grant codeBase "http://caff.de/applettest/" {
     permission java.lang.RuntimePermission "queuePrintJob";
     permission java.util.PropertyPermission "*", "read";
};

5) Without closing your browser, restart the applet (refresh the page, 
or open a new tab and visit again)
6) Verify that the applet may now cause a print dialog to appear, but 
still cannot save files

With patch not applied, granting the applet codebase these permissions 
does not work, so grant the same permissions but to all applets. Check 
that making this change to the policy file without restarting the JVM 
does not actually grant the permissions to the applet, and restarting 
the JVM does grant them.

Automated testing:
Working on it, but not sure if it's actually doable. I need a way to 
keep the JVM running between runs of an applet, which I don't know if we 
can do. Any ideas?

Thanks,

-- 
Andrew A

-------------- next part --------------
A non-text attachment was scrubbed...
Name: runtime-policy-refresh.patch
Type: text/x-patch
Size: 3214 bytes
Desc: not available
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140312/a1e42691/runtime-policy-refresh-0001.patch>

From jvanek at redhat.com  Wed Mar 12 15:34:38 2014
From: jvanek at redhat.com (Jiri Vanek)
Date: Wed, 12 Mar 2014 16:34:38 +0100
Subject: [rfc][icedtea-web][policyeditor] File Changed check
In-Reply-To: <53206359.2000604@redhat.com>
References: <531E1931.2020904@redhat.com> <53203141.3060302@redhat.com>
	<53206359.2000604@redhat.com>
Message-ID: <53207E8E.2050602@redhat.com>

On 03/12/2014 02:38 PM, Andrew Azores wrote:
> On 03/12/2014 06:04 AM, Jiri Vanek wrote:
>> On 03/10/2014 08:57 PM, Andrew Azores wrote:
>>> Hi,
>>>
>>> As promised, here's a patch that lets PolicyEditor detect when the policy file has been externally
>>> modified since it was opened, using MD5SumWatcher.
>>>
>>> ChangeLog:
>>> Added check for external file modification to PolicyEditor
>>> * netx/net/sourceforge/jnlp/resources/Messages.properties: (PEFileModified,
>>> PEFileModifiedDetail) new messages
>>> * netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java:
>>> (updateCheckboxes) avoid NPE. (openAndParsePolicyFile, savePolicyFile) use
>>> MD5SumWatcher to detect when the policy file has been externally modified.
>>> (updateMd5WithDialog) new method
>>> * tests/netx/unit/net/sourceforge/jnlp/security/policyeditor/PolicyEditorTest.java:
>>> all URLs changed to example.com
>>>
>>> Thanks,
>>>
>>
>>     final int response = updateMd5WithDialog();
>> +                    switch (response) {
>> +                        case JOptionPane.YES_OPTION:
>> +                            openAndParsePolicyFile();
>> +                            return;
>> +                        case JOptionPane.NO_OPTION:
>> +                            break;
>> +                        case JOptionPane.CANCEL_OPTION:
>> +                            return;
>> +                        default:
>> +                            break;
>> +                    }
>>
>> What happens with gui in case of yes?
>>
>> eg - I have something selected, click save, md5 warning jump out, I click reload, underlyiing
>> policy file reload, and my gui? Will the selected boxes/ceodebases whatever remain as I have
>> selected, or as it in new file?  Not sure what is better here - but probably to rest gui to match
>> new file.
>> Does it openAndParsePolicyFile ?
>>
>> If so ok to head..
>>
>> Otherwise probbaly ok to head after answer.
>>
>> J.
>
> Yep, if you click "Yes to Reload", then the GUI (and internal representations) update to match what
> was read in the file. openAndParsePolicyFile() also updates the GUI as it goes along with parsing.
> "No" writes your current changes into the file without re-parsing the new file contents first, and
> "Cancel" just does nothing, so you can decide if you want to throw away your changes, or maybe save
> somewhere else, or whatever.
>
> Thanks,
>
Keep it simple. ook to go.

From aazores at redhat.com  Wed Mar 12 15:36:57 2014
From: aazores at redhat.com (Andrew Azores)
Date: Wed, 12 Mar 2014 11:36:57 -0400
Subject: [rfc][icedtea-web][policyeditor] NPE in filechanged check
Message-ID: <53207F19.7000903@redhat.com>

Hi,

Just noticed that there are conditions where an NPE will occur due to 
the new filechanged check. Steps to reproduce:
1) launch policyeditor with no arguments
2) create some set of permissions, eg Print Documents only, doesn't 
really matter so long as you make at least one change
3) press Apply
4) attempt to save the policy file to any location eg $HOME/test.policy
5) NPE will occur because there is no MD5SumWatcher reference, since no 
policy file was ever opened first
5b) file fails to save

With the patch applied, 5/5b does not occur, and instead the flow 
completes as expected with a "Changes saved" message, and the file can 
be verified as written to disk.

Thanks,

-- 
Andrew A

-------------- next part --------------
A non-text attachment was scrubbed...
Name: policyeditor-filechanged-npe.patch
Type: text/x-patch
Size: 1234 bytes
Desc: not available
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140312/3c07edc0/policyeditor-filechanged-npe.patch>

From bugzilla-daemon at icedtea.classpath.org  Wed Mar 12 15:46:16 2014
From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org)
Date: Wed, 12 Mar 2014 15:46:16 +0000
Subject: [Bug 1699] New: [IcedTea7] Supporting building the SunEC provider
	with system NSS
Message-ID: <bug-1699-30@http.icedtea.classpath.org/bugzilla/>

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1699

            Bug ID: 1699
           Summary: [IcedTea7] Supporting building the SunEC provider with
                    system NSS
           Product: IcedTea
           Version: 7-hg
          Hardware: all
                OS: All
            Status: NEW
          Severity: enhancement
          Priority: P5
         Component: IcedTea
          Assignee: gnu.andrew at redhat.com
          Reporter: gnu.andrew at redhat.com
                CC: unassigned at icedtea.classpath.org

The SunEC provider contains code duplicated from NSS. The OpenJDK build should
allow this to be replaced by the system installation.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140312/32632317/attachment.html>

From bugzilla-daemon at icedtea.classpath.org  Wed Mar 12 15:47:05 2014
From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org)
Date: Wed, 12 Mar 2014 15:47:05 +0000
Subject: [Bug 1699] [IcedTea7] Supporting building the SunEC provider with
	system NSS
In-Reply-To: <bug-1699-30@http.icedtea.classpath.org/bugzilla/>
References: <bug-1699-30@http.icedtea.classpath.org/bugzilla/>
Message-ID: <bug-1699-30-cYIilIPFpk@http.icedtea.classpath.org/bugzilla/>

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1699

Andrew John Hughes <gnu.andrew at redhat.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |ASSIGNED
             Blocks|                            |1284
   Target Milestone|---                         |2.5.0

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140312/a0019db4/attachment.html>

From bugzilla-daemon at icedtea.classpath.org  Wed Mar 12 15:47:05 2014
From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org)
Date: Wed, 12 Mar 2014 15:47:05 +0000
Subject: [Bug 1284] [TRACKER] IcedTea 2.5.0 Release
In-Reply-To: <bug-1284-30@http.icedtea.classpath.org/bugzilla/>
References: <bug-1284-30@http.icedtea.classpath.org/bugzilla/>
Message-ID: <bug-1284-30-OQaakpEnls@http.icedtea.classpath.org/bugzilla/>

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1284

Andrew John Hughes <gnu.andrew at redhat.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
         Depends on|                            |1699

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140312/41d8a7de/attachment.html>

From bugzilla-daemon at icedtea.classpath.org  Wed Mar 12 15:47:51 2014
From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org)
Date: Wed, 12 Mar 2014 15:47:51 +0000
Subject: [Bug 1286] [IcedTea7] [METABUG] Give top priority to the PKCS11 NSS
	provider, due to performance advantages
In-Reply-To: <bug-1286-30@http.icedtea.classpath.org/bugzilla/>
References: <bug-1286-30@http.icedtea.classpath.org/bugzilla/>
Message-ID: <bug-1286-30-Q8cEY9BEzB@http.icedtea.classpath.org/bugzilla/>

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1286

Andrew John Hughes <gnu.andrew at redhat.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|ASSIGNED                    |RESOLVED
         Resolution|---                         |LATER

--- Comment #2 from Andrew John Hughes <gnu.andrew at redhat.com> ---
Memory leaks make this currently unfeasible:

http://bugs.sun.com/view_bug.do?bug_id=6913047

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140312/e818b28a/attachment-0001.html>

From bugzilla-daemon at icedtea.classpath.org  Wed Mar 12 15:47:53 2014
From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org)
Date: Wed, 12 Mar 2014 15:47:53 +0000
Subject: [Bug 1284] [TRACKER] IcedTea 2.5.0 Release
In-Reply-To: <bug-1284-30@http.icedtea.classpath.org/bugzilla/>
References: <bug-1284-30@http.icedtea.classpath.org/bugzilla/>
Message-ID: <bug-1284-30-UBhqJ6xFyu@http.icedtea.classpath.org/bugzilla/>

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1284
Bug 1284 depends on bug 1286, which changed state.

Bug 1286 Summary: [IcedTea7] [METABUG] Give top priority to the PKCS11 NSS provider, due to performance advantages
http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1286

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|ASSIGNED                    |RESOLVED
         Resolution|---                         |LATER

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140312/25297ed3/attachment-0001.html>

From bugzilla-daemon at icedtea.classpath.org  Wed Mar 12 15:48:43 2014
From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org)
Date: Wed, 12 Mar 2014 15:48:43 +0000
Subject: [Bug 1287] [IcedTea8] [METABUG] Give top priority to the PKCS11 NSS
	provider, due to performance advantages
In-Reply-To: <bug-1287-30@http.icedtea.classpath.org/bugzilla/>
References: <bug-1287-30@http.icedtea.classpath.org/bugzilla/>
Message-ID: <bug-1287-30-v6fj7Cgwms@http.icedtea.classpath.org/bugzilla/>

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1287

Andrew John Hughes <gnu.andrew at redhat.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|ASSIGNED                    |RESOLVED
         Resolution|---                         |LATER

--- Comment #2 from Andrew John Hughes <gnu.andrew at redhat.com> ---
Memory leaks make this currently unfeasible:

http://bugs.sun.com/view_bug.do?bug_id=6913047

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140312/4d3f299f/attachment.html>

From bugzilla-daemon at icedtea.classpath.org  Wed Mar 12 15:48:44 2014
From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org)
Date: Wed, 12 Mar 2014 15:48:44 +0000
Subject: [Bug 1282] [TRACKER] IcedTea 3.0.0pre1 Release
In-Reply-To: <bug-1282-30@http.icedtea.classpath.org/bugzilla/>
References: <bug-1282-30@http.icedtea.classpath.org/bugzilla/>
Message-ID: <bug-1282-30-VeyokFLd2f@http.icedtea.classpath.org/bugzilla/>

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1282
Bug 1282 depends on bug 1287, which changed state.

Bug 1287 Summary: [IcedTea8] [METABUG] Give top priority to the PKCS11 NSS provider, due to performance advantages
http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1287

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|ASSIGNED                    |RESOLVED
         Resolution|---                         |LATER

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140312/f5c5bc35/attachment.html>

From stefan.reich.maker.of.eye at googlemail.com  Wed Mar 12 15:52:33 2014
From: stefan.reich.maker.of.eye at googlemail.com (Stefan Reich)
Date: Wed, 12 Mar 2014 16:52:33 +0100
Subject: How to have WebStart create start menu items (on Linux)?
In-Reply-To: <CAC2-jLG-i31oSBh5ngvkwiY5LrgyS+rpbgFQY3++KC=hTWutSg@mail.gmail.com>
References: <CAC2-jLG-i31oSBh5ngvkwiY5LrgyS+rpbgFQY3++KC=hTWutSg@mail.gmail.com>
Message-ID: <CAC2-jLFci_uUPcD1qqU2AosNrdT4wuoJBdDuFnRbqat-+Meivw@mail.gmail.com>

OK, nobody knows... oh well ^^ Nevermind...

Cheers,
Stefan


On Sun, Mar 9, 2014 at 4:03 PM, Stefan Reich <
stefan.reich.maker.of.eye at googlemail.com> wrote:

> I have successfully deployed a WebStart app on both Windows and IcedTea.
>
> Just about the only thing I'm missing (- apart from a certificate from a
> CA that I can afford - ) is to place entries in the start menu.
>
> It's Peppermint Linux, so the application in question is lxpanel I believe.
>
> I have always found the way that lxpanel collects its applications to be
> intellectually quite unpenetrable.
>
> But anyways - WebStart/IcedTea should be able to do it, right? I am
> getting a desktop short cut alright, just none in the start menu.
>
> Here's my JNLP file: http://tinybrain.de:8080/webstart/webstart.jnlp
>
> Many greetings,
> Stefan
>
> And here's a copy:
>
> <?xml version="1.0" encoding="utf-8"?>
> <!-- JNLP File for TinyBrain -->
> <jnlp
>         spec="6.0+"
>         codebase="http://tinybrain.de:8080/webstart"
>         href="webstart.jnlp">
>     <information>
>         <title>TinyBrain - a brain for your computer</title>
>         <vendor>TinyBrain.de (Stefan Reich)</vendor>
>         <homepage href="http://tinybrain.de/"/>
>         <description>A brain for your computer that can talk.</description>
>         <icon href="brainfsck.jpg"/>
>         <icon kind="splash" href="brainfsck.jpg"/>
>         <offline-allowed />
>         <shortcut online="false" install="true">
>             <desktop />
>             <menu submenu="TinyBrain" />
>         </shortcut>
>     </information>
>     <security>
>         <all-permissions />
>     </security>
>     <resources>
>         <j2se version="1.6+" java-vm-args="-mx32m"/>
>         <jar href="magic.jar"/>
>     </resources>
>     <application-desc main-class="trayicon" />
> </jnlp>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140312/18194525/attachment.html>

From omajid at redhat.com  Wed Mar 12 16:04:30 2014
From: omajid at redhat.com (Omair Majid)
Date: Wed, 12 Mar 2014 12:04:30 -0400
Subject: How to have WebStart create start menu items (on Linux)?
In-Reply-To: <CAC2-jLG-i31oSBh5ngvkwiY5LrgyS+rpbgFQY3++KC=hTWutSg@mail.gmail.com>
References: <CAC2-jLG-i31oSBh5ngvkwiY5LrgyS+rpbgFQY3++KC=hTWutSg@mail.gmail.com>
Message-ID: <20140312160430.GG2062@redhat.com>

Hi,

* Stefan Reich <stefan.reich.maker.of.eye at googlemail.com> [2014-03-09 11:13]:
> I have successfully deployed a WebStart app on both Windows and IcedTea.

Good to hear!

> Just about the only thing I'm missing (- apart from a certificate from a CA
> that I can afford - ) is to place entries in the start menu.
> 
> But anyways - WebStart/IcedTea should be able to do it, right? I am getting a
> desktop short cut alright, just none in the start menu.

I think this feature is currently un-implemented [1]. If you can provide
patches, I am sure we will try and incorporate them.

The implementation of menus is described in the Desktop Menu
Specification [2].

Thanks,
Omair

[1] http://icedtea.classpath.org/hg/icedtea-web/file/9417633d1f86/netx/net/sourceforge/jnlp/runtime/ApplicationInstance.java#l164
[2] http://standards.freedesktop.org/menu-spec/menu-spec-1.0.html

-- 
PGP Key: 66484681 (http://pgp.mit.edu/)
Fingerprint = F072 555B 0A17 3957 4E95  0056 F286 F14F 6648 4681

From jvanek at icedtea.classpath.org  Wed Mar 12 16:34:32 2014
From: jvanek at icedtea.classpath.org (jvanek at icedtea.classpath.org)
Date: Wed, 12 Mar 2014 16:34:32 +0000
Subject: /hg/icedtea-web: added configure check for /bin/bash
Message-ID: <hg.e53adc254895.1394642072.8643924302249223276@icedtea.classpath.org>

changeset e53adc254895 in /hg/icedtea-web
details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=e53adc254895
author: Jiri Vanek <jvanek at redhat.com>
date: Wed Mar 12 17:34:10 2014 +0100

	added configure check for /bin/bash


diffstat:

 ChangeLog                                                     |  4 ++++
 configure.ac                                                  |  5 +++++
 netx/net/sourceforge/jnlp/cache/DefaultDownloadIndicator.java |  1 +
 3 files changed, 10 insertions(+), 0 deletions(-)

diffs (37 lines):

diff -r 9417633d1f86 -r e53adc254895 ChangeLog
--- a/ChangeLog	Wed Mar 12 09:46:59 2014 -0400
+++ b/ChangeLog	Wed Mar 12 17:34:10 2014 +0100
@@ -1,3 +1,7 @@
+2014-03-12  Jiri Vanek  <jvanek at redhat.com>
+
+	* configure.ac: added check for /bin/bash
+
 2014-03-12  Andrew Azores  <aazores at redhat.com>
 
 	* netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java:
diff -r 9417633d1f86 -r e53adc254895 configure.ac
--- a/configure.ac	Wed Mar 12 09:46:59 2014 -0400
+++ b/configure.ac	Wed Mar 12 17:34:10 2014 +0100
@@ -27,6 +27,11 @@
 AM_CONDITIONAL([ENABLE_DOCS], [test x$ENABLE_DOCS = xyes])
 AC_MSG_RESULT(${ENABLE_DOCS})
 
+AC_PATH_PROG([BIN_BASH], [bash],, [/bin])
+if test x"$BIN_BASH" = x ; then
+    AC_MSG_ERROR([/bin/bash is used in runtime and for about generation. Dying sooner rather then later])
+fi
+
 IT_CHECK_WITH_GCJ
 FIND_TOOL([ZIP], [zip])
 FIND_JAVAC
diff -r 9417633d1f86 -r e53adc254895 netx/net/sourceforge/jnlp/cache/DefaultDownloadIndicator.java
--- a/netx/net/sourceforge/jnlp/cache/DefaultDownloadIndicator.java	Wed Mar 12 09:46:59 2014 -0400
+++ b/netx/net/sourceforge/jnlp/cache/DefaultDownloadIndicator.java	Wed Mar 12 17:34:10 2014 +0100
@@ -112,6 +112,7 @@
             if (resources != null) {
                 for (URL url : resources) {
                     result.addProgressPanel(url, null);
+        
                 }
             }
 

From aph at redhat.com  Wed Mar 12 16:42:40 2014
From: aph at redhat.com (Andrew Haley)
Date: Wed, 12 Mar 2014 16:42:40 +0000
Subject: AArch64: We have a release
Message-ID: <53208E80.3090008@redhat.com>

We at the AArch64 Port Project are pleased to announce the first
release of OpenJDK on the Linux/AArch64 platform.  It is the first
implementation of the Java platform to be made available for this
processor architecture.

For those who haven't heard: AArch64 is the latest architecture from
ARM.  It is an entirely new instruction set, not compatible with the
earlier generation of 32-bit ARM processors, so we need a new OpenJDK
port for it.

This is a complete port, with template interpreter and client and
server JIT compilers.  We have JDK8 and JDK7 versions available for
download now.  It will shortly be included in Fedora for AArch64.
It is, of course, entirely free software, available under the GPL.

Source bundles are available from
http://icedtea.wildebeest.org/download/source/aarch64-port-jdk7u60-aarch64-831-b04.tar.xz
http://icedtea.wildebeest.org/download/source/aarch64-port-jdk8-aarch64-992-b128.tar.xz

We will now to make plans to integrate this port with the main OpenJDK
project.

Credit where credit is due:

We started this work at Red Hat almost two years ago with two Red Hat
engineers, Andrew Haley and Andrew Dinn.  It became an OpenJDK project
and we were joined by Linaro, who have been extremely helpful with
testing, bug fixing, and keeping up with OpenJDK's continuous updates.
Many people have helped, but in particular I'd like to thank Edward
Nevill for his support and tireless work.

Of course the work will go on: there is performance tuning to be done
on real hardware and we need to do a lot more real-world testing.  In
particular, we haven't yet done work to optimize HotSpot for the
Advanced SIMD and Cryptography units.  If you are interested in
working on this exciting project or if you just want to chat about it,
come over to aarch64-port-dev at openjdk.java.net .

Andrew Haley
OpenJDK AArch64 port Project Lead

From jvanek at redhat.com  Wed Mar 12 17:42:22 2014
From: jvanek at redhat.com (Jiri Vanek)
Date: Wed, 12 Mar 2014 18:42:22 +0100
Subject: AArch64: We have a release
In-Reply-To: <53208E80.3090008@redhat.com>
References: <53208E80.3090008@redhat.com>
Message-ID: <53209C7E.4040602@redhat.com>

Hi All!

I wont to add, that RPMS for fedora are built and downloadable on 
http://icedtea.wildebeest.org/download/fedora/

They have a bit strange name, but basically they are built on same tags as below source tarballs.
Those are also pushed in fedora (rawhide) git (with sources in cache) so you can rebuild.

*java-1.7.0-openjdk*
http://icedtea.wildebeest.org/download/fedora/java-1.7.0-openjdk-1.7.0.60-2.5.0.10.pre02.sa1.1.src.rpm

http://icedtea.wildebeest.org/download/fedora/java-1.7.0-openjdk-1.7.0.60-2.5.0.10.pre02.sa1.1.aarch64.rpm
http://icedtea.wildebeest.org/download/fedora/java-1.7.0-openjdk-accessibility-1.7.0.60-2.5.0.10.pre02.sa1.1.aarch64.rpm
http://icedtea.wildebeest.org/download/fedora/java-1.7.0-openjdk-debuginfo-1.7.0.60-2.5.0.10.pre02.sa1.1.aarch64.rpm
http://icedtea.wildebeest.org/download/fedora/java-1.7.0-openjdk-demo-1.7.0.60-2.5.0.10.pre02.sa1.1.aarch64.rpm
http://icedtea.wildebeest.org/download/fedora/java-1.7.0-openjdk-devel-1.7.0.60-2.5.0.10.pre02.sa1.1.aarch64.rpm
http://icedtea.wildebeest.org/download/fedora/java-1.7.0-openjdk-headless-1.7.0.60-2.5.0.10.pre02.sa1.1.aarch64.rpm
http://icedtea.wildebeest.org/download/fedora/java-1.7.0-openjdk-src-1.7.0.60-2.5.0.10.pre02.sa1.1.aarch64.rpm


*java-1.8.0-openjdk*

http://icedtea.wildebeest.org/download/fedora/java-1.8.0-openjdk-1.8.0.0-0.34.b132.sa1.1.src.rpm

http://icedtea.wildebeest.org/download/fedora/java-1.8.0-openjdk-1.8.0.0-0.34.b132.sa1.1.aarch64.rpm
http://icedtea.wildebeest.org/download/fedora/java-1.8.0-openjdk-accessibility-1.8.0.0-0.34.b132.sa1.1.aarch64.rpm
http://icedtea.wildebeest.org/download/fedora/java-1.8.0-openjdk-debuginfo-1.8.0.0-0.34.b132.sa1.1.aarch64.rpm
http://icedtea.wildebeest.org/download/fedora/java-1.8.0-openjdk-demo-1.8.0.0-0.34.b132.sa1.1.aarch64.rpm
http://icedtea.wildebeest.org/download/fedora/java-1.8.0-openjdk-devel-1.8.0.0-0.34.b132.sa1.1.aarch64.rpm
http://icedtea.wildebeest.org/download/fedora/java-1.8.0-openjdk-headless-1.8.0.0-0.34.b132.sa1.1.aarch64.rpm
http://icedtea.wildebeest.org/download/fedora/java-1.8.0-openjdk-src-1.8.0.0-0.34.b132.sa1.1.aarch64.rpm


J.
On 03/12/2014 05:42 PM, Andrew Haley wrote:
> We at the AArch64 Port Project are pleased to announce the first
> release of OpenJDK on the Linux/AArch64 platform.  It is the first
> implementation of the Java platform to be made available for this
> processor architecture.
>
> For those who haven't heard: AArch64 is the latest architecture from
> ARM.  It is an entirely new instruction set, not compatible with the
> earlier generation of 32-bit ARM processors, so we need a new OpenJDK
> port for it.
>
> This is a complete port, with template interpreter and client and
> server JIT compilers.  We have JDK8 and JDK7 versions available for
> download now.  It will shortly be included in Fedora for AArch64.
> It is, of course, entirely free software, available under the GPL.
>
> Source bundles are available from
> http://icedtea.wildebeest.org/download/source/aarch64-port-jdk7u60-aarch64-831-b04.tar.xz
> http://icedtea.wildebeest.org/download/source/aarch64-port-jdk8-aarch64-992-b128.tar.xz
>
> We will now to make plans to integrate this port with the main OpenJDK
> project.
>
> Credit where credit is due:
>
> We started this work at Red Hat almost two years ago with two Red Hat
> engineers, Andrew Haley and Andrew Dinn.  It became an OpenJDK project
> and we were joined by Linaro, who have been extremely helpful with
> testing, bug fixing, and keeping up with OpenJDK's continuous updates.
> Many people have helped, but in particular I'd like to thank Edward
> Nevill for his support and tireless work.
>
> Of course the work will go on: there is performance tuning to be done
> on real hardware and we need to do a lot more real-world testing.  In
> particular, we haven't yet done work to optimize HotSpot for the
> Advanced SIMD and Cryptography units.  If you are interested in
> working on this exciting project or if you just want to chat about it,
> come over to aarch64-port-dev at openjdk.java.net .
>
> Andrew Haley
> OpenJDK AArch64 port Project Lead
>


From jvanek at redhat.com  Wed Mar 12 18:02:47 2014
From: jvanek at redhat.com (Jiri Vanek)
Date: Wed, 12 Mar 2014 19:02:47 +0100
Subject: [rfc][icedtea-web] fixing downlaod inidcator
Message-ID: <5320A147.1070505@redhat.com>

hi!

I noted that push 832 have make download indicator not show-able.

On eof those small patches does fix it.

One is worse, but harmless. Second is probably right but is affecting a lot.


Generally speaking - calling get attribute  is blocking until the jar is downloaded.  So well the 
setForAttributesLoaderAfterResourcesInitialise is probably the right thing to do.


Non of those fixes is breaking unittest.
The fixes to tests were caused by permissions attribute impl itself yesterday. Sorry.

J.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: doNotUseGetTitleuseGetTitleFromJnlpRather.patch
Type: text/x-patch
Size: 898 bytes
Desc: not available
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140312/d42fb82f/doNotUseGetTitleuseGetTitleFromJnlpRather.patch>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: setForAttributesLoaderAfterResourcesInitialise.patch
Type: text/x-patch
Size: 780 bytes
Desc: not available
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140312/d42fb82f/setForAttributesLoaderAfterResourcesInitialise.patch>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: tests.patch
Type: text/x-patch
Size: 2183 bytes
Desc: not available
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140312/d42fb82f/tests.patch>

From aazores at redhat.com  Wed Mar 12 18:34:37 2014
From: aazores at redhat.com (Andrew Azores)
Date: Wed, 12 Mar 2014 14:34:37 -0400 (EDT)
Subject: [rfc][icedtea-web] fixing downlaod inidcator
In-Reply-To: <5320A147.1070505@redhat.com>
References: <5320A147.1070505@redhat.com>
Message-ID: <1223303078.2815204.1394649277744.JavaMail.zimbra@redhat.com>

What is "a lot" being affected by the second patch? Anyway, patches look fine I think.

Thanks,

Andrew A

----- Original Message -----
From: "Jiri Vanek" <jvanek at redhat.com>
To: "IcedTea Distro List" <distro-pkg-dev at openjdk.java.net>
Sent: Wednesday, March 12, 2014 2:02:47 PM
Subject: [rfc][icedtea-web] fixing downlaod inidcator

hi!

I noted that push 832 have make download indicator not show-able.

On eof those small patches does fix it.

One is worse, but harmless. Second is probably right but is affecting a lot.


Generally speaking - calling get attribute  is blocking until the jar is downloaded.  So well the 
setForAttributesLoaderAfterResourcesInitialise is probably the right thing to do.


Non of those fixes is breaking unittest.
The fixes to tests were caused by permissions attribute impl itself yesterday. Sorry.

J.

From jvanek at redhat.com  Thu Mar 13 07:10:04 2014
From: jvanek at redhat.com (Jiri Vanek)
Date: Thu, 13 Mar 2014 08:10:04 +0100
Subject: [rfc][icedtea-web] fixing downlaod inidcator
In-Reply-To: <1223303078.2815204.1394649277744.JavaMail.zimbra@redhat.com>
References: <5320A147.1070505@redhat.com>
	<1223303078.2815204.1394649277744.JavaMail.zimbra@redhat.com>
Message-ID: <532159CC.8080406@redhat.com>

On 03/12/2014 07:34 PM, Andrew Azores wrote:
> What is "a lot" being affected by the second patch? Anyway, patches look fine I think.
>

Bad wording.  It mean that all calls to get manifests' attributes before the resources are 
initialised will return "undefined".

But thats probably the right thing anyway.

> Thanks,
>
> Andrew A
>
> ----- Original Message -----
> From: "Jiri Vanek" <jvanek at redhat.com>
> To: "IcedTea Distro List" <distro-pkg-dev at openjdk.java.net>
> Sent: Wednesday, March 12, 2014 2:02:47 PM
> Subject: [rfc][icedtea-web] fixing downlaod inidcator
>
> hi!
>
> I noted that push 832 have make download indicator not show-able.
>
> On eof those small patches does fix it.
>
> One is worse, but harmless. Second is probably right but is affecting a lot.
>
>
> Generally speaking - calling get attribute  is blocking until the jar is downloaded.  So well the
> setForAttributesLoaderAfterResourcesInitialise is probably the right thing to do.
>
>
> Non of those fixes is breaking unittest.
> The fixes to tests were caused by permissions attribute impl itself yesterday. Sorry.
>
> J.
>


From jvanek at redhat.com  Thu Mar 13 07:11:52 2014
From: jvanek at redhat.com (Jiri Vanek)
Date: Thu, 13 Mar 2014 08:11:52 +0100
Subject: [rfc][icedtea-web][policyeditor] NPE in filechanged check
In-Reply-To: <53207F19.7000903@redhat.com>
References: <53207F19.7000903@redhat.com>
Message-ID: <53215A38.5080801@redhat.com>

On 03/12/2014 04:36 PM, Andrew Azores wrote:
> Hi,
>
> Just noticed that there are conditions where an NPE will occur due to the new filechanged check.
> Steps to reproduce:
> 1) launch policyeditor with no arguments
> 2) create some set of permissions, eg Print Documents only, doesn't really matter so long as you
> make at least one change
> 3) press Apply
> 4) attempt to save the policy file to any location eg $HOME/test.policy
> 5) NPE will occur because there is no MD5SumWatcher reference, since no policy file was ever opened
> first
> 5b) file fails to save
>
> With the patch applied, 5/5b does not occur, and instead the flow completes as expected with a
> "Changes saved" message, and the file can be verified as written to disk.
>
> Thanks,

I'm missing the creation of fileWatcher  *after* the file is saved now.


J.


From jvanek at redhat.com  Thu Mar 13 07:29:07 2014
From: jvanek at redhat.com (Jiri Vanek)
Date: Thu, 13 Mar 2014 08:29:07 +0100
Subject: [rfc][icedtea-web] Runtime refresh of JNLPPolicy
In-Reply-To: <53207D43.8030806@redhat.com>
References: <53207D43.8030806@redhat.com>
Message-ID: <53215E43.80703@redhat.com>

On 03/12/2014 04:29 PM, Andrew Azores wrote:

The idea and code looks ok, but I have an fault in mind:

When some applet is already running - and have some permissions already. You visit new applet, set 
different permissions for it and you reload the permissions, will not the running applet be affected 
by those new too?

When they do not share match in codebases, that probably do not hurt, but if they do?

The possible fix may be permissions per classloader. It would be probably right thing, but it scares me.

> Hi,
>
> This patch adds a method to JNLPRuntime to allow the Policy object to be refreshed, and adds logic
> to the JNLPPolicy class (of which the runtime's Policy reference is an instance) to:
> 1) be able to refresh its permissions from the user's policy file
> 2) read from the policy file on a per-codebase basis, not only per applet JAR location
>
> It also adds logic to JNLPClassLoader.SecurityDelegate to call the new JNLPRuntime method when the
> applet is to be run sandboxed, to ensure that this is done with the current policy, not an older
> cached copy in case there have been changes since the JVM was started.
>
> These changes are in support of later patches which will add a way to launch PolicyEditor from the
> fully and partially signed applet warning dialogs. Without the ability to refresh, the JVM needs to
> be restarted before those changes can take effect, which is not good for usability (users have to
> restart their browser). Without the ability to actually check by codebase rather than full JAR url,
> the user policy files will be much more complex than planned, and for users to set custom permission
> levels per-applet will be much more difficult to use.
>
> Manual testing:
>
> (with patch applied)
> 1) Ensure your policy file is either empty or at least does not contain an entry to match the test
> applet
> 2) Visit http://caff.de/applettest/Signed.html and run the applet sandboxed
> 3) Verify that the applet may not print nor save. Close the applet but do not exit the browser.
> 4) Add the following to your policy file:
>
> grant codeBase "http://caff.de/applettest/" {
>      permission java.lang.RuntimePermission "queuePrintJob";
>      permission java.util.PropertyPermission "*", "read";
> };
>
> 5) Without closing your browser, restart the applet (refresh the page, or open a new tab and visit
> again)
> 6) Verify that the applet may now cause a print dialog to appear, but still cannot save files
>
> With patch not applied, granting the applet codebase these permissions does not work, so grant the
> same permissions but to all applets. Check that making this change to the policy file without
> restarting the JVM does not actually grant the permissions to the applet, and restarting the JVM
> does grant them.
>
> Automated testing:
> Working on it, but not sure if it's actually doable. I need a way to keep the JVM running between
> runs of an applet, which I don't know if we can do. Any ideas?
>
> Thanks,
>


From jvanek at redhat.com  Thu Mar 13 08:21:24 2014
From: jvanek at redhat.com (Jiri Vanek)
Date: Thu, 13 Mar 2014 09:21:24 +0100
Subject: [rfc][icedtea-web] remove rare deadlock in logging console
Message-ID: <53216A84.4090701@redhat.com>

I think this synchronisation is redundant.
If not, then maybe  invokeLater should become invokeAndWait? But it is locking too...
Also, the importList is synchronized in only model-touching block[1].

So this really should be ok to go.


Only case where I have seen the deadlock occur is in elluminate with CONSOLE ON and VISIBLE, It 
appeared in aprox 1/3 of cases.
It did not appeared after the fix. Anyway - anybody who is running head - may you try to run apps 
(and elluminat wit/without fix) with cosnole on and visibele for a while?

J


[0]here is whole block:

     /**
      * when various threads update (and it can be)underlying jeditorpane
      * simultanouskly, then it can lead to unpredictible issues synchroisation
      * is doen in invoe later
      */
     private AtomicBoolean done = new AtomicBoolean(true);

     private synchronized void updatePane(final boolean reset) {
         if (!done.get()) {
             return;
         }
         done.set(false);
         java.awt.EventQueue.invokeLater(new Runnable() {

             @Override
             public void run() {
                 try {
                     refreshPaneBody(reset);
                 } catch (Exception ex) {
                     OutputController.getLogger().log(ex);
                 } finally {
                     done.set(true);
                 }
             }
         });
     }

     private void refreshPaneBody(final boolean reset) throws BadLocationException, IOException {
         if (reset) {
             jEditorPane1.setText(model.importList(0));
         } else {
     ....

[1]
  String importList(boolean mark, int start, int sortByLocal) {
         int added = start;
         StringBuilder sb = new StringBuilder();
         if (mark) {
             sb.append("<div style='");
             if (!wordWrap) {
                 sb.append("white-space:nowrap;");
             }
             sb.append("font-family:\"Monospaced\"'>");
         }

         List<MessageWithHeader> sortedList;
         synchronized (dataProvider.getData()) {
             if (start == 0) {
                 sortedList = preSort(dataProvider.getData(), sortByLocal);
             } else {
                 sortedList = 
preSort(Collections.synchronizedList(dataProvider.getData().subList(start, 
dataProvider.getData().size())), sortByLocal);
             }
         }
    ....
-------------- next part --------------
A non-text attachment was scrubbed...
Name: removePotentialDeadlock.patch
Type: text/x-patch
Size: 628 bytes
Desc: not available
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140313/908f4aba/removePotentialDeadlock.patch>

From ptisnovs at icedtea.classpath.org  Thu Mar 13 08:49:58 2014
From: ptisnovs at icedtea.classpath.org (ptisnovs at icedtea.classpath.org)
Date: Thu, 13 Mar 2014 08:49:58 +0000
Subject: /hg/rhino-tests: Enhancements of various tests in ScriptEngineFa...
Message-ID: <hg.7a653bbdeeec.1394700598.-6019694633368342460@icedtea.classpath.org>

changeset 7a653bbdeeec in /hg/rhino-tests
details: http://icedtea.classpath.org/hg/rhino-tests?cmd=changeset;node=7a653bbdeeec
author: Pavel Tisnovsky <ptisnovs at redhat.com>
date: Thu Mar 13 09:50:36 2014 +0100

	Enhancements of various tests in ScriptEngineFactoryClassTest.


diffstat:

 ChangeLog                                            |   5 +
 src/org/RhinoTests/ScriptEngineFactoryClassTest.java |  72 ++++++++++++++++++++
 2 files changed, 77 insertions(+), 0 deletions(-)

diffs (129 lines):

diff -r bdfcaa390fb9 -r 7a653bbdeeec ChangeLog
--- a/ChangeLog	Wed Mar 12 12:42:16 2014 +0100
+++ b/ChangeLog	Thu Mar 13 09:50:36 2014 +0100
@@ -1,3 +1,8 @@
+2014-03-13  Pavel Tisnovsky  <ptisnovs at redhat.com>
+
+	* src/org/RhinoTests/ScriptEngineFactoryClassTest.java:
+	Enhancements of various tests in ScriptEngineFactoryClassTest.
+
 2014-03-12  Pavel Tisnovsky  <ptisnovs at redhat.com>
 
 	* src/org/RhinoTests/InvocableClassTest.java:
diff -r bdfcaa390fb9 -r 7a653bbdeeec src/org/RhinoTests/ScriptEngineFactoryClassTest.java
--- a/src/org/RhinoTests/ScriptEngineFactoryClassTest.java	Wed Mar 12 12:42:16 2014 +0100
+++ b/src/org/RhinoTests/ScriptEngineFactoryClassTest.java	Thu Mar 13 09:50:36 2014 +0100
@@ -1624,6 +1624,14 @@
         }
 
         try {
+            this.scriptEngineFactoryClass.cast(Character.valueOf('a'));
+            throw new AssertionError("Class.cast(Character.valueOf('a')) does not throw any exception");
+        }
+        catch (Exception e) {
+            // expected exception
+        }
+
+        try {
             this.scriptEngineFactoryClass.cast(Byte.valueOf((byte)42));
             throw new AssertionError("Class.cast(Byte.valueOf((byte)42)) does not throw any exception");
         }
@@ -1680,6 +1688,14 @@
         }
 
         try {
+            this.scriptEngineFactoryClass.cast(new Throwable("xyzzy"));
+            throw new AssertionError("Class.cast(new Throwable(\"xyzzy\")) does not throw any exception");
+        }
+        catch (Exception e) {
+            // expected exception
+        }
+
+        try {
             this.scriptEngineFactoryClass.cast(new RuntimeException());
             throw new AssertionError("Class.cast(new RuntimeException()) does not throw any exception");
         }
@@ -1688,6 +1704,14 @@
         }
 
         try {
+            this.scriptEngineFactoryClass.cast(new RuntimeException("xyzzy"));
+            throw new AssertionError("Class.cast(new RuntimeException(\"xyzzy\")) does not throw any exception");
+        }
+        catch (Exception e) {
+            // expected exception
+        }
+
+        try {
             this.scriptEngineFactoryClass.cast(new Error());
             throw new AssertionError("Class.cast(new Error()) does not throw any exception");
         }
@@ -1696,6 +1720,22 @@
         }
 
         try {
+            this.scriptEngineFactoryClass.cast(new Error("xyzzy"));
+            throw new AssertionError("Class.cast(new Error(\"xyzzy\")) does not throw any exception");
+        }
+        catch (Exception e) {
+            // expected exception
+        }
+
+        try {
+            this.scriptEngineFactoryClass.cast(new java.io.File("xyzzy"));
+            throw new AssertionError("Class.cast(new java.io.File(\"xyzzy\")) does not throw any exception");
+        }
+        catch (Exception e) {
+            // expected exception
+        }
+
+        try {
             this.scriptEngineFactoryClass.cast(new java.lang.String());
             throw new AssertionError("Class.cast(new java.lang.String()) does not throw any exception");
         }
@@ -1744,6 +1784,30 @@
         }
 
         try {
+            this.scriptEngineFactoryClass.cast(new java.awt.Label());
+            throw new AssertionError("Class.cast(new java.awt.Label()) does not throw any exception");
+        }
+        catch (Exception e) {
+            // expected exception
+        }
+
+        try {
+            this.scriptEngineFactoryClass.cast(new java.awt.Label(new String()));
+            throw new AssertionError("Class.cast(new java.awt.Label(new String())) does not throw any exception");
+        }
+        catch (Exception e) {
+            // expected exception
+        }
+
+        try {
+            this.scriptEngineFactoryClass.cast(new java.awt.Label("xyzzy"));
+            throw new AssertionError("Class.cast(new java.awt.Label(\"xyzzy\")) does not throw any exception");
+        }
+        catch (Exception e) {
+            // expected exception
+        }
+
+        try {
             this.scriptEngineFactoryClass.cast(new javax.swing.JLabel());
             throw new AssertionError("Class.cast(new javax.swing.JLabel()) does not throw any exception");
         }
@@ -1760,6 +1824,14 @@
         }
 
         try {
+            this.scriptEngineFactoryClass.cast(new javax.swing.JLabel("xyzzy"));
+            throw new AssertionError("Class.cast(new javax.swing.JLabel(\"xyzzy\")) does not throw any exception");
+        }
+        catch (Exception e) {
+            // expected exception
+        }
+
+        try {
             this.scriptEngineFactoryClass.cast(new javax.swing.JPanel());
             throw new AssertionError("Class.cast(new javax.swing.JPanel()) does not throw any exception");
         }

From ptisnovs at icedtea.classpath.org  Thu Mar 13 08:52:12 2014
From: ptisnovs at icedtea.classpath.org (ptisnovs at icedtea.classpath.org)
Date: Thu, 13 Mar 2014 08:52:12 +0000
Subject: /hg/gfx-test: Ten new tests added into BitBltAffineQuadrantRotat...
Message-ID: <hg.402bff2be904.1394700732.-6248649288953172555@icedtea.classpath.org>

changeset 402bff2be904 in /hg/gfx-test
details: http://icedtea.classpath.org/hg/gfx-test?cmd=changeset;node=402bff2be904
author: Pavel Tisnovsky <ptisnovs at redhat.com>
date: Thu Mar 13 09:52:52 2014 +0100

	Ten new tests added into BitBltAffineQuadrantRotateTransformOp.java.


diffstat:

 ChangeLog                                                             |    5 +
 src/org/gfxtest/testsuites/BitBltAffineQuadrantRotateTransformOp.java |  112 ++++++++++
 2 files changed, 117 insertions(+), 0 deletions(-)

diffs (134 lines):

diff -r 3db247628ff9 -r 402bff2be904 ChangeLog
--- a/ChangeLog	Wed Mar 12 12:37:42 2014 +0100
+++ b/ChangeLog	Thu Mar 13 09:52:52 2014 +0100
@@ -1,3 +1,8 @@
+2014-03-13  Pavel Tisnovsky  <ptisnovs at redhat.com>
+
+	* src/org/gfxtest/testsuites/BitBltAffineQuadrantRotateTransformOp.java:
+	Ten new tests added into BitBltAffineQuadrantRotateTransformOp.java.
+
 2014-03-12  Pavel Tisnovsky  <ptisnovs at redhat.com>
 
 	* src/org/gfxtest/testsuites/BitBltAffineIdentityTransformOp.java:
diff -r 3db247628ff9 -r 402bff2be904 src/org/gfxtest/testsuites/BitBltAffineQuadrantRotateTransformOp.java
--- a/src/org/gfxtest/testsuites/BitBltAffineQuadrantRotateTransformOp.java	Wed Mar 12 12:37:42 2014 +0100
+++ b/src/org/gfxtest/testsuites/BitBltAffineQuadrantRotateTransformOp.java	Thu Mar 13 09:52:52 2014 +0100
@@ -781,6 +781,118 @@
     }
 
     /**
+     * Test basic BitBlt operation for empty buffered image with type TYPE_INT_ARGB_PRE.
+     *
+     * @param image
+     *            image used as a destination for BitBlt-type operations
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testBitBltEmptyBufferedImageTypeIntARGBPreRotateTransformation0Nearest1Op(TestImage image, Graphics2D graphics2d)
+    {
+        return doBitBltEmptyBufferedImageTypeIntARGBPre(image, graphics2d, RotateTransformationNearest1Op[0]);
+    }
+
+    /**
+     * Test basic BitBlt operation for empty buffered image with type TYPE_INT_ARGB_PRE.
+     *
+     * @param image
+     *            image used as a destination for BitBlt-type operations
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testBitBltEmptyBufferedImageTypeIntARGBPreRotateTransformation1Nearest1Op(TestImage image, Graphics2D graphics2d)
+    {
+        return doBitBltEmptyBufferedImageTypeIntARGBPre(image, graphics2d, RotateTransformationNearest1Op[1]);
+    }
+
+    /**
+     * Test basic BitBlt operation for empty buffered image with type TYPE_INT_ARGB_PRE.
+     *
+     * @param image
+     *            image used as a destination for BitBlt-type operations
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testBitBltEmptyBufferedImageTypeIntARGBPreRotateTransformation2Nearest1Op(TestImage image, Graphics2D graphics2d)
+    {
+        return doBitBltEmptyBufferedImageTypeIntARGBPre(image, graphics2d, RotateTransformationNearest1Op[2]);
+    }
+
+    /**
+     * Test basic BitBlt operation for empty buffered image with type TYPE_INT_ARGB_PRE.
+     *
+     * @param image
+     *            image used as a destination for BitBlt-type operations
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testBitBltEmptyBufferedImageTypeIntARGBPreRotateTransformation3Nearest1Op(TestImage image, Graphics2D graphics2d)
+    {
+        return doBitBltEmptyBufferedImageTypeIntARGBPre(image, graphics2d, RotateTransformationNearest1Op[3]);
+    }
+
+    /**
+     * Test basic BitBlt operation for empty buffered image with type TYPE_INT_ARGB_PRE.
+     *
+     * @param image
+     *            image used as a destination for BitBlt-type operations
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testBitBltEmptyBufferedImageTypeIntARGBPreRotateTransformation4Nearest1Op(TestImage image, Graphics2D graphics2d)
+    {
+        return doBitBltEmptyBufferedImageTypeIntARGBPre(image, graphics2d, RotateTransformationNearest1Op[4]);
+    }
+
+    /**
+      Test basic BitBlt operation for empty buffered image with type TYPE_INT_ARGB_PRE.
+     *
+     * @param image
+     *            image used as a destination for BitBlt-type operations
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testBitBltEmptyBufferedImageTypeIntARGBPreRotateTransformation5Nearest1Op(TestImage image, Graphics2D graphics2d)
+    {
+        return doBitBltEmptyBufferedImageTypeIntARGBPre(image, graphics2d, RotateTransformationNearest1Op[5]);
+    }
+
+    /**
+     * Test basic BitBlt operation for empty buffered image with type TYPE_INT_RGB.
+     *
+     * @param image
+     *            image used as a destination for BitBlt-type operations
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testBitBltEmptyBufferedImageTypeIntRGBRotateTransformation0Nearest1Op(TestImage image, Graphics2D graphics2d)
+    {
+        return doBitBltEmptyBufferedImageTypeIntRGB(image, graphics2d, RotateTransformationNearest1Op[0]);
+    }
+
+    /**
+     * Test basic BitBlt operation for empty buffered image with type TYPE_INT_RGB.
+     *
+     * @param image
+     *            image used as a destination for BitBlt-type operations
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testBitBltEmptyBufferedImageTypeIntRGBRotateTransformation1Nearest1Op(TestImage image, Graphics2D graphics2d)
+    {
+        return doBitBltEmptyBufferedImageTypeIntRGB(image, graphics2d, RotateTransformationNearest1Op[1]);
+    }
+
+    /**
      * Test basic BitBlt operation for checker buffered image with type TYPE_3BYTE_BGR.
      *
      * @param image

From aazores at redhat.com  Thu Mar 13 13:49:19 2014
From: aazores at redhat.com (Andrew Azores)
Date: Thu, 13 Mar 2014 09:49:19 -0400
Subject: [rfc][icedtea-web] Runtime refresh of JNLPPolicy
In-Reply-To: <53215E43.80703@redhat.com>
References: <53207D43.8030806@redhat.com> <53215E43.80703@redhat.com>
Message-ID: <5321B75F.4090002@redhat.com>

On 03/13/2014 03:29 AM, Jiri Vanek wrote:
> On 03/12/2014 04:29 PM, Andrew Azores wrote:
>
> The idea and code looks ok, but I have an fault in mind:
>
> When some applet is already running - and have some permissions 
> already. You visit new applet, set different permissions for it and 
> you reload the permissions, will not the running applet be affected by 
> those new too?
>
> When they do not share match in codebases, that probably do not hurt, 
> but if they do?
>
> The possible fix may be permissions per classloader. It would be 
> probably right thing, but it scares me.

This doesn't sound so bad to me. The next time you restart your already 
running applet it will have those permissions anyway, unless you're 
trying to be tricky and set the permissions for the second applet only 
while it runs, and want to leave the long-running one alone. But this 
sounds like the user is just asking for trouble at that point. Besides, 
the JNLPPolicy also does work with applet JAR URLs, so if you really are 
in this situation for some reason, you can use that mechanism to provide 
control over the second shorter lived applet as well. You just can't use 
PolicyEditor to do it.

>
>>
>> Manual testing:
>>
>> (with patch applied)
>> 1) Ensure your policy file is either empty or at least does not 
>> contain an entry to match the test
>> applet
>> 2) Visit http://caff.de/applettest/Signed.html and run the applet 
>> sandboxed
>> 3) Verify that the applet may not print nor save. Close the applet 
>> but do not exit the browser.
>> 4) Add the following to your policy file:
>>
>> grant codeBase "http://caff.de/applettest/" {
>>      permission java.lang.RuntimePermission "queuePrintJob";
>>      permission java.util.PropertyPermission "*", "read";
>> };
>>
>> 5) Without closing your browser, restart the applet (refresh the 
>> page, or open a new tab and visit
>> again)
>> 6) Verify that the applet may now cause a print dialog to appear, but 
>> still cannot save files
>>

Also forgot to mention here - you need extended security set to Low. 
Forcing Sandbox sets the classloader security to Sandbox, but the applet 
is correctly requesting All-permissions. Any security level above Low 
will create a LaunchException because of this, due to 
checkPermissionsAttribute(). IMO this seems like fairly reasonable 
behaviour, although maybe there could also be a check in 
checkPermissionsAttribute() for this - if classloader's security level 
is Sandbox, it's only fatal if the SecurityDelegate does not say that we 
are running in sandbox on purpose? Need your input since permissions 
attribute is your work. This is only tangentially related though, 
perhaps it deserves its own new discussion thread.

Thanks,

-- 
Andrew A


From aazores at redhat.com  Thu Mar 13 13:52:16 2014
From: aazores at redhat.com (Andrew Azores)
Date: Thu, 13 Mar 2014 09:52:16 -0400
Subject: [rfc][icedtea-web] fixing downlaod inidcator
In-Reply-To: <532159CC.8080406@redhat.com>
References: <5320A147.1070505@redhat.com>
	<1223303078.2815204.1394649277744.JavaMail.zimbra@redhat.com>
	<532159CC.8080406@redhat.com>
Message-ID: <5321B810.8050801@redhat.com>

On 03/13/2014 03:10 AM, Jiri Vanek wrote:
> On 03/12/2014 07:34 PM, Andrew Azores wrote:
>> What is "a lot" being affected by the second patch? Anyway, patches 
>> look fine I think.
>>
>
> Bad wording.  It mean that all calls to get manifests' attributes 
> before the resources are initialised will return "undefined".
>
> But thats probably the right thing anyway.
>
>

That sounds correct to me. OK to push then.

Thanks,

-- 
Andrew A


From aazores at redhat.com  Thu Mar 13 13:58:54 2014
From: aazores at redhat.com (Andrew Azores)
Date: Thu, 13 Mar 2014 09:58:54 -0400
Subject: [rfc][icedtea-web][policyeditor] NPE in filechanged check
In-Reply-To: <53215A38.5080801@redhat.com>
References: <53207F19.7000903@redhat.com> <53215A38.5080801@redhat.com>
Message-ID: <5321B99E.6000405@redhat.com>

On 03/13/2014 03:11 AM, Jiri Vanek wrote:
> On 03/12/2014 04:36 PM, Andrew Azores wrote:
>> Hi,
>>
>> Just noticed that there are conditions where an NPE will occur due to 
>> the new filechanged check.
>> Steps to reproduce:
>> 1) launch policyeditor with no arguments
>> 2) create some set of permissions, eg Print Documents only, doesn't 
>> really matter so long as you
>> make at least one change
>> 3) press Apply
>> 4) attempt to save the policy file to any location eg $HOME/test.policy
>> 5) NPE will occur because there is no MD5SumWatcher reference, since 
>> no policy file was ever opened
>> first
>> 5b) file fails to save
>>
>> With the patch applied, 5/5b does not occur, and instead the flow 
>> completes as expected with a
>> "Changes saved" message, and the file can be verified as written to 
>> disk.
>>
>> Thanks,
>
> I'm missing the creation of fileWatcher  *after* the file is saved now.
>
>
> J.
>

Thanks for catching that.

Thanks,

-- 
Andrew A

-------------- next part --------------
A non-text attachment was scrubbed...
Name: policyeditor-filechanged-npe-2.patch
Type: text/x-patch
Size: 1307 bytes
Desc: not available
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140313/e2b5424b/policyeditor-filechanged-npe-2.patch>

From bugzilla-daemon at icedtea.classpath.org  Thu Mar 13 14:08:45 2014
From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org)
Date: Thu, 13 Mar 2014 14:08:45 +0000
Subject: [Bug 1498] Allow Root to attach to all VMs
In-Reply-To: <bug-1498-30@http.icedtea.classpath.org/bugzilla/>
References: <bug-1498-30@http.icedtea.classpath.org/bugzilla/>
Message-ID: <bug-1498-30-5pmZvAO3tX@http.icedtea.classpath.org/bugzilla/>

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1498

Severin Gehwolf <sgehwolf at redhat.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Blocks|1460                        |

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140313/af83845f/attachment.html>

From aazores at redhat.com  Thu Mar 13 14:54:09 2014
From: aazores at redhat.com (Andrew Azores)
Date: Thu, 13 Mar 2014 10:54:09 -0400
Subject: [rfc][icedtea-web] remove rare deadlock in logging console
In-Reply-To: <53216A84.4090701@redhat.com>
References: <53216A84.4090701@redhat.com>
Message-ID: <5321C691.7010004@redhat.com>

On 03/13/2014 04:21 AM, Jiri Vanek wrote:
> I think this synchronisation is redundant.
> If not, then maybe  invokeLater should become invokeAndWait? But it is 
> locking too...
> Also, the importList is synchronized in only model-touching block[1].
>
> So this really should be ok to go.
>
>
> Only case where I have seen the deadlock occur is in elluminate with 
> CONSOLE ON and VISIBLE, It appeared in aprox 1/3 of cases.
> It did not appeared after the fix. Anyway - anybody who is running 
> head - may you try to run apps (and elluminat wit/without fix) with 
> cosnole on and visibele for a while?
>
> J
>

Makes sense to me, and using elluminate as a test case seems to show 
that this does fix the deadlock. OK to push.

Thanks,

-- 
Andrew A


From jvanek at icedtea.classpath.org  Thu Mar 13 15:44:11 2014
From: jvanek at icedtea.classpath.org (jvanek at icedtea.classpath.org)
Date: Thu, 13 Mar 2014 15:44:11 +0000
Subject: /hg/icedtea-web: 3 new changesets
Message-ID: <hg.c20c689ba9ff.1394725451.8643924302249223276@icedtea.classpath.org>

changeset c20c689ba9ff in /hg/icedtea-web
details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=c20c689ba9ff
author: Jiri Vanek <jvanek at redhat.com>
date: Thu Mar 13 16:34:01 2014 +0100

	JNLPClassLoader.java: (init) attributes are alowed to access jars only once all resources are downloaded


changeset fdcb91be0d58 in /hg/icedtea-web
details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=fdcb91be0d58
author: Jiri Vanek <jvanek at redhat.com>
date: Thu Mar 13 16:39:04 2014 +0100

	Fixing rear deadlock issue

	ConsoleOutputPane.java: removed (probably) unnecessary synchronization of (refreshPaneBody).


changeset 71a87178ff7e in /hg/icedtea-web
details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=71a87178ff7e
author: Jiri Vanek <jvanek at redhat.com>
date: Thu Mar 13 16:43:45 2014 +0100

	JNLPClassLoaderTest.java: adapted to permissions attribute


diffstat:

 ChangeLog                                                             |  17 +++++
 netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java                |   4 +-
 netx/net/sourceforge/jnlp/util/logging/ConsoleOutputPane.java         |   2 +-
 tests/netx/unit/net/sourceforge/jnlp/runtime/JNLPClassLoaderTest.java |  29 ++++++++++
 4 files changed, 49 insertions(+), 3 deletions(-)

diffs (105 lines):

diff -r e53adc254895 -r 71a87178ff7e ChangeLog
--- a/ChangeLog	Wed Mar 12 17:34:10 2014 +0100
+++ b/ChangeLog	Thu Mar 13 16:43:45 2014 +0100
@@ -1,3 +1,20 @@
+2014-03-13  Jiri Vanek  <jvanek at redhat.com>
+
+	* tests/netx/unit/net/sourceforge/jnlp/runtime/JNLPClassLoaderTest.java: adapted
+	to permissions attribute 
+
+2014-03-13  Jiri Vanek  <jvanek at redhat.com>
+
+	Fixing rear deadlock issue
+	* netx/net/sourceforge/jnlp/util/logging/ConsoleOutputPane.java: removed
+	(probably) unnecessary synchronization of (refreshPaneBody).
+
+2014-03-13  Jiri Vanek  <jvanek at redhat.com>
+
+	Fixed appearance of download indicator
+	* netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java: (init) attributes
+	are allowed to access jars only once all resources are downloaded
+
 2014-03-12  Jiri Vanek  <jvanek at redhat.com>
 
 	* configure.ac: added check for /bin/bash
diff -r e53adc254895 -r 71a87178ff7e netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java
--- a/netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java	Wed Mar 12 17:34:10 2014 +0100
+++ b/netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java	Thu Mar 13 16:43:45 2014 +0100
@@ -258,8 +258,6 @@
 
         this.enableCodeBase = enableCodeBase;
 
-        //as it is harmless, we can set is as soon as possible.
-        file.getManifestsAttributes().setLoader(this);
         
         AppVerifier verifier;
 
@@ -282,6 +280,8 @@
 
         initializeResources();
         
+        //loading mainfests before resources are initialised may cause waiting for resources
+        file.getManifestsAttributes().setLoader(this);
 
         // initialize permissions
         initializePermissions();
diff -r e53adc254895 -r 71a87178ff7e netx/net/sourceforge/jnlp/util/logging/ConsoleOutputPane.java
--- a/netx/net/sourceforge/jnlp/util/logging/ConsoleOutputPane.java	Wed Mar 12 17:34:10 2014 +0100
+++ b/netx/net/sourceforge/jnlp/util/logging/ConsoleOutputPane.java	Thu Mar 13 16:43:45 2014 +0100
@@ -217,7 +217,7 @@
         });
     }
 
-    private synchronized void refreshPaneBody(final boolean reset) throws BadLocationException, IOException {
+    private void refreshPaneBody(final boolean reset) throws BadLocationException, IOException {
         if (reset) {
             jEditorPane1.setText(model.importList(0));
         } else {
diff -r e53adc254895 -r 71a87178ff7e tests/netx/unit/net/sourceforge/jnlp/runtime/JNLPClassLoaderTest.java
--- a/tests/netx/unit/net/sourceforge/jnlp/runtime/JNLPClassLoaderTest.java	Wed Mar 12 17:34:10 2014 +0100
+++ b/tests/netx/unit/net/sourceforge/jnlp/runtime/JNLPClassLoaderTest.java	Thu Mar 13 16:43:45 2014 +0100
@@ -48,15 +48,44 @@
 
 import net.sourceforge.jnlp.LaunchException;
 import net.sourceforge.jnlp.cache.UpdatePolicy;
+import net.sourceforge.jnlp.config.DeploymentConfiguration;
 import net.sourceforge.jnlp.mock.DummyJNLPFileWithJar;
+import net.sourceforge.jnlp.security.appletextendedsecurity.AppletSecurityLevel;
+import net.sourceforge.jnlp.security.appletextendedsecurity.AppletStartupSecuritySettings;
 import net.sourceforge.jnlp.util.FileTestUtils;
 import net.sourceforge.jnlp.util.logging.NoStdOutErrTest;
+import org.junit.AfterClass;
 import org.junit.Assert;
+import org.junit.BeforeClass;
 
 import org.junit.Test;
 
 public class JNLPClassLoaderTest extends NoStdOutErrTest{
 
+    private static AppletSecurityLevel level;
+    public static String askUser;
+    
+    
+    @BeforeClass
+    public static void setPermissions() {
+        level = AppletStartupSecuritySettings.getInstance().getSecurityLevel();
+        JNLPRuntime.getConfiguration().setProperty(DeploymentConfiguration.KEY_SECURITY_LEVEL, AppletSecurityLevel.ALLOW_UNSIGNED.toChars());
+    }
+
+    @AfterClass
+    public static void resetPermissions() {
+        JNLPRuntime.getConfiguration().setProperty(DeploymentConfiguration.KEY_SECURITY_LEVEL, level.toChars());
+    }
+    @BeforeClass
+    public static void noDialogs(){
+        askUser = JNLPRuntime.getConfiguration().getProperty(DeploymentConfiguration.KEY_SECURITY_PROMPT_USER); 
+       JNLPRuntime.getConfiguration().setProperty(DeploymentConfiguration.KEY_SECURITY_PROMPT_USER, Boolean.toString(false)); 
+    }
+    
+    @AfterClass
+    public static void restoreDialogs(){
+       JNLPRuntime.getConfiguration().setProperty(DeploymentConfiguration.KEY_SECURITY_PROMPT_USER, askUser); 
+    }
     /* Note: Only does file leak testing for now. */
     @Test
     public void constructorFileLeakTest() throws Exception {

From jvanek at redhat.com  Thu Mar 13 15:46:17 2014
From: jvanek at redhat.com (Jiri Vanek)
Date: Thu, 13 Mar 2014 16:46:17 +0100
Subject: [rfc][icedtea-web][policyeditor] NPE in filechanged check
In-Reply-To: <5321B99E.6000405@redhat.com>
References: <53207F19.7000903@redhat.com> <53215A38.5080801@redhat.com>
	<5321B99E.6000405@redhat.com>
Message-ID: <5321D2C9.6020602@redhat.com>

Ok. then.

J.
On 03/13/2014 02:58 PM, Andrew Azores wrote:
> On 03/13/2014 03:11 AM, Jiri Vanek wrote:
>> On 03/12/2014 04:36 PM, Andrew Azores wrote:
>>> Hi,
>>>
>>> Just noticed that there are conditions where an NPE will occur due to the new filechanged check.
>>> Steps to reproduce:
>>> 1) launch policyeditor with no arguments
>>> 2) create some set of permissions, eg Print Documents only, doesn't really matter so long as you
>>> make at least one change
>>> 3) press Apply
>>> 4) attempt to save the policy file to any location eg $HOME/test.policy
>>> 5) NPE will occur because there is no MD5SumWatcher reference, since no policy file was ever opened
>>> first
>>> 5b) file fails to save
>>>
>>> With the patch applied, 5/5b does not occur, and instead the flow completes as expected with a
>>> "Changes saved" message, and the file can be verified as written to disk.
>>>
>>> Thanks,
>>
>> I'm missing the creation of fileWatcher  *after* the file is saved now.
>>
>>
>> J.
>>
>
> Thanks for catching that.
>
> Thanks,
>


From aazores at icedtea.classpath.org  Thu Mar 13 15:52:22 2014
From: aazores at icedtea.classpath.org (aazores at icedtea.classpath.org)
Date: Thu, 13 Mar 2014 15:52:22 +0000
Subject: /hg/icedtea-web: PolicyEditor: avoid NPE when saving to a new file
Message-ID: <hg.abec2ce76cdb.1394725942.8643924302249223276@icedtea.classpath.org>

changeset abec2ce76cdb in /hg/icedtea-web
details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=abec2ce76cdb
author: Andrew Azores <aazores at redhat.com>
date: Thu Mar 13 11:52:14 2014 -0400

	PolicyEditor: avoid NPE when saving to a new file

	* netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java:
	(savePolicyFile, updateMd5WithDialog) avoid NPE when saving to a new file


diffstat:

 ChangeLog                                                         |  5 +++++
 netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java |  9 +++++++++
 2 files changed, 14 insertions(+), 0 deletions(-)

diffs (38 lines):

diff -r 71a87178ff7e -r abec2ce76cdb ChangeLog
--- a/ChangeLog	Thu Mar 13 16:43:45 2014 +0100
+++ b/ChangeLog	Thu Mar 13 11:52:14 2014 -0400
@@ -1,3 +1,8 @@
+2014-03-13  Andrew Azores  <aazores at redhat.com>
+
+	* netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java:
+	(savePolicyFile, updateMd5WithDialog) avoid NPE when saving to a new file
+
 2014-03-13  Jiri Vanek  <jvanek at redhat.com>
 
 	* tests/netx/unit/net/sourceforge/jnlp/runtime/JNLPClassLoaderTest.java: adapted
diff -r 71a87178ff7e -r abec2ce76cdb netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java
--- a/netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java	Thu Mar 13 16:43:45 2014 +0100
+++ b/netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java	Thu Mar 13 11:52:14 2014 -0400
@@ -984,6 +984,9 @@
 
                 try {
                     FileUtils.saveFile(sb.toString(), file);
+                    if (fileWatcher == null) {
+                        fileWatcher = new MD5SumWatcher(file);
+                    }
                     fileWatcher.update();
                     changesMade = false;
                     showChangesSavedDialog();
@@ -1026,6 +1029,12 @@
      * @throws IOException if the file cannot be read
      */
     public int updateMd5WithDialog() throws FileNotFoundException, IOException {
+        if (fileWatcher == null) {
+            if (file != null) {
+                fileWatcher = new MD5SumWatcher(file);
+            }
+            return JOptionPane.NO_OPTION;
+        }
         final boolean changed = fileWatcher.update();
         if (changed) {
             return JOptionPane.showConfirmDialog(weakThis.get(), R("PEFileModifiedDetail", file.getCanonicalPath()),

From jvanek at redhat.com  Thu Mar 13 16:26:36 2014
From: jvanek at redhat.com (Jiri Vanek)
Date: Thu, 13 Mar 2014 17:26:36 +0100
Subject: [rfc][icedtea-web] Runtime refresh of JNLPPolicy
In-Reply-To: <53207D43.8030806@redhat.com>
References: <53207D43.8030806@redhat.com>
Message-ID: <5321DC3C.8080507@redhat.com>

On 03/12/2014 04:29 PM, Andrew Azores wrote:
> Hi,
>
> This patch adds a method to JNLPRuntime to allow the Policy object to be refreshed, and adds logic
> to the JNLPPolicy class (of which the runtime's Policy reference is an instance) to:
> 1) be able to refresh its permissions from the user's policy file
> 2) read from the policy file on a per-codebase basis, not only per applet JAR location
>
> It also adds logic to JNLPClassLoader.SecurityDelegate to call the new JNLPRuntime method when the
> applet is to be run sandboxed, to ensure that this is done with the current policy, not an older
> cached copy in case there have been changes since the JVM was started.
>
> These changes are in support of later patches which will add a way to launch PolicyEditor from the
> fully and partially signed applet warning dialogs. Without the ability to refresh, the JVM needs to
> be restarted before those changes can take effect, which is not good for usability (users have to
> restart their browser). Without the ability to actually check by codebase rather than full JAR url,
> the user policy files will be much more complex than planned, and for users to set custom permission
> levels per-applet will be much more difficult to use.
>
> Manual testing:
>
> (with patch applied)
> 1) Ensure your policy file is either empty or at least does not contain an entry to match the test
> applet
> 2) Visit http://caff.de/applettest/Signed.html and run the applet sandboxed
> 3) Verify that the applet may not print nor save. Close the applet but do not exit the browser.
> 4) Add the following to your policy file:
>
> grant codeBase "http://caff.de/applettest/" {
>      permission java.lang.RuntimePermission "queuePrintJob";
>      permission java.util.PropertyPermission "*", "read";
> };
>
> 5) Without closing your browser, restart the applet (refresh the page, or open a new tab and visit
> again)
> 6) Verify that the applet may now cause a print dialog to appear, but still cannot save files
>
> With patch not applied, granting the applet codebase these permissions does not work, so grant the
> same permissions but to all applets. Check that making this change to the policy file without
> restarting the JVM does not actually grant the permissions to the applet, and restarting the JVM
> does grant them.
>
> Automated testing:
> Working on it, but not sure if it's actually doable. I need a way to keep the JVM running between
> runs of an applet, which I don't know if we can do. Any ideas?
>
> Thanks,
>
based on IRC discussion - ok to go.


J.

From aazores at icedtea.classpath.org  Thu Mar 13 17:48:08 2014
From: aazores at icedtea.classpath.org (aazores at icedtea.classpath.org)
Date: Thu, 13 Mar 2014 17:48:08 +0000
Subject: /hg/icedtea-web: Runtime policies refresh and per-codebase polic...
Message-ID: <hg.dfc27d4d55d5.1394732888.8643924302249223276@icedtea.classpath.org>

changeset dfc27d4d55d5 in /hg/icedtea-web
details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=dfc27d4d55d5
author: Andrew Azores <aazores at redhat.com>
date: Thu Mar 13 13:48:00 2014 -0400

	Runtime policies refresh and per-codebase policy entries

	Added ability to reload user level policy file contents without restarting
	the JVM. Also allow per-codebase policy entries.
	* netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java:
	(SecurityDelegate#setRunInSandbox) call JNLPRuntime.reloadPolicy
	* netx/net/sourceforge/jnlp/runtime/JNLPPolicy.java: (refresh) refresh
	user policy file. (getPermissions) check for per-codebase entries in user
	policy file
	* netx/net/sourceforge/jnlp/runtime/JNLPRuntime.java: (reloadPolicy) new
	method.


diffstat:

 netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java |   1 +
 netx/net/sourceforge/jnlp/runtime/JNLPPolicy.java      |  19 ++++++++++++++---
 netx/net/sourceforge/jnlp/runtime/JNLPRuntime.java     |   4 +++
 3 files changed, 20 insertions(+), 4 deletions(-)

diffs (73 lines):

diff -r abec2ce76cdb -r dfc27d4d55d5 netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java
--- a/netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java	Thu Mar 13 11:52:14 2014 -0400
+++ b/netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java	Thu Mar 13 13:48:00 2014 -0400
@@ -2432,6 +2432,7 @@
                 throw new LaunchException(classLoader.file, null, R("LSFatal"), R("LCInit"), R("LRunInSandboxError"), R("LRunInSandboxErrorInfo"));
             }
 
+            JNLPRuntime.reloadPolicy(); // ensure that we have the most up-to-date custom policy loaded
             this.promptedForSandbox = true;
             this.runInSandbox = true;
         }
diff -r abec2ce76cdb -r dfc27d4d55d5 netx/net/sourceforge/jnlp/runtime/JNLPPolicy.java
--- a/netx/net/sourceforge/jnlp/runtime/JNLPPolicy.java	Thu Mar 13 11:52:14 2014 -0400
+++ b/netx/net/sourceforge/jnlp/runtime/JNLPPolicy.java	Thu Mar 13 13:48:00 2014 -0400
@@ -91,21 +91,30 @@
 
                 // systempolicy permissions need to be accounted for as well
                 e = systemPolicy.getPermissions(appletCS).elements();
-                while (e.hasMoreElements())
+                while (e.hasMoreElements()) {
                     clPermissions.add(e.nextElement());
+                }
 
                 // and so do permissions from the jnlp-specific system policy
                 if (systemJnlpPolicy != null) {
                     e = systemJnlpPolicy.getPermissions(appletCS).elements();
-                    while (e.hasMoreElements())
+                    while (e.hasMoreElements()) {
                         clPermissions.add(e.nextElement());
+                    }
                 }
 
                 // and permissiosn from jnlp-specific user policy too
                 if (userJnlpPolicy != null) {
                     e = userJnlpPolicy.getPermissions(appletCS).elements();
-                    while (e.hasMoreElements())
+                    while (e.hasMoreElements()) {
                         clPermissions.add(e.nextElement());
+                    }
+
+                    CodeSource appletCodebaseSource = new CodeSource(JNLPRuntime.getApplication().getJNLPFile().getCodeBase(), (java.security.cert.Certificate[]) null);
+                    e = userJnlpPolicy.getPermissions(appletCodebaseSource).elements();
+                    while (e.hasMoreElements()) {
+                        clPermissions.add(e.nextElement());
+                    }
                 }
 
                 return clPermissions;
@@ -120,7 +129,9 @@
      * Refresh.
      */
     public void refresh() {
-        // no op
+        if (userJnlpPolicy != null) {
+            userJnlpPolicy.refresh();
+        }
     }
 
     /**
diff -r abec2ce76cdb -r dfc27d4d55d5 netx/net/sourceforge/jnlp/runtime/JNLPRuntime.java
--- a/netx/net/sourceforge/jnlp/runtime/JNLPRuntime.java	Thu Mar 13 11:52:14 2014 -0400
+++ b/netx/net/sourceforge/jnlp/runtime/JNLPRuntime.java	Thu Mar 13 13:48:00 2014 -0400
@@ -292,6 +292,10 @@
 
     }
 
+    public static void reloadPolicy() {
+        policy.refresh();
+    }
+
     /**
      * Returns a TrustManager ideal for the running VM.
      *

From aazores at redhat.com  Thu Mar 13 18:43:34 2014
From: aazores at redhat.com (Andrew Azores)
Date: Thu, 13 Mar 2014 14:43:34 -0400
Subject: [rfc][icedtea-web] implemented
	Application-Library-Allowable-Codebase Attribute
In-Reply-To: <531F632F.1000005@redhat.com>
References: <530F71CF.4040207@redhat.com> <53173C78.5050204@redhat.com>
	<531F632F.1000005@redhat.com>
Message-ID: <5321FC56.3070606@redhat.com>

On 03/11/2014 03:25 PM, Jiri Vanek wrote:
> All your nits have been fixed. However:
>
> I'm still not using the AppTrustWarningPanel, so rember button is 
> useless. It will come as another changeset (if ever)
>  - this patch broke elluminate - one of the deadly throws is probably 
> redundant and should be repalced by security prompt.

Not okay to push if elluminate is broken by this... have  you figured 
out what to do about it?

>  - jsut hint - download indicator is broken
>  - elluminat works, but freaze to, same as 
> http://www.walter-fendt.de/ph14e/resultant.htm
>
> I guess all above are older issues not related to this patch.
>
>
> J.
>

Thanks,

-- 
Andrew A


From aazores at redhat.com  Thu Mar 13 19:05:37 2014
From: aazores at redhat.com (Andrew Azores)
Date: Thu, 13 Mar 2014 15:05:37 -0400
Subject: [rfc][icedtea-web] implemented
	Application-Library-Allowable-Codebase Attribute
In-Reply-To: <5321FC56.3070606@redhat.com>
References: <530F71CF.4040207@redhat.com>
	<53173C78.5050204@redhat.com>	<531F632F.1000005@redhat.com>
	<5321FC56.3070606@redhat.com>
Message-ID: <53220181.4050603@redhat.com>

On 03/13/2014 02:43 PM, Andrew Azores wrote:
> On 03/11/2014 03:25 PM, Jiri Vanek wrote:
>> All your nits have been fixed. However:
>>
>> I'm still not using the AppTrustWarningPanel, so rember button is 
>> useless. It will come as another changeset (if ever)
>>  - this patch broke elluminate - one of the deadly throws is probably 
>> redundant and should be repalced by security prompt.
>
> Not okay to push if elluminate is broken by this... have  you figured 
> out what to do about it?
>
>>  - jsut hint - download indicator is broken
>>  - elluminat works, but freaze to, same as 
>> http://www.walter-fendt.de/ph14e/resultant.htm
>>
>> I guess all above are older issues not related to this patch.
>>
>>
>> J.
>>
>
> Thanks,
>

Apparently it was just a broken cache problem. Elluminate does work.

One nit was left unfixed:

> +        URL documentBase = null;
> +        if (file instanceof PluginBridge) {
> +            documentBase = ((PluginBridge) file).getSourceLocation();
> +        }
> +        if (documentBase == null) {
> +            documentBase = file.getCodeBase();
> +        }

Good to go otherwise, I think.

Thanks,

-- 
Andrew A


From aazores at redhat.com  Thu Mar 13 19:08:05 2014
From: aazores at redhat.com (Andrew Azores)
Date: Thu, 13 Mar 2014 15:08:05 -0400
Subject: [rfc][icedtea-web] Launching PolicyEditor from CertWarningPane
Message-ID: <53220215.60301@redhat.com>

Hi,

This patch adds a button which summons a popup menu, currently with only 
one item, allowing the user to launch PolicyEditor directly from the 
warning dialog. The editor appears with the current applet's codebase 
added (if necessary) and pre-selected. This, along with the sandbox 
button and earlier patch allowing JNLPPolicy to use per-codebase policy 
entries and to reload at runtime, allows for easy configuration of fine 
grained permissions granted to an applet.

Feedback/recommendations on the UI here are definitely welcome. At a 
later point, extra items will be added to the popup menu to allow for 
"this run only" temporary permissions to be granted to the applet. These 
choices will have to use a different mechanism for adding the 
permissions, however, since it won't be automatically handled by the 
JNLPPolicy/automatically reloaded by SecurityDelegate, as the policy 
file permissions are. (note the conspicuous lack of any code here to 
actually force a policy reload - this is already handled by the sandbox 
button and SecurityDelegate)

Note that there is a visual bug with PolicyEditor where the checkboxes 
may not be updated correctly, and will be incorrectly blank when the 
currently selected codebase actually does have permissions assigned. 
This will be addressed separately. As a workaround, simply switch to 
"All applets" codebase, then back to the applet-specific one. The 
checkboxes will then correctly update.

http://caff.de/applettest/Signed.html can serve as a test applet again.

ChangeLog:
Add button with popup menu to launch PolicyEditor
* netx/net/sourceforge/jnlp/resources/Messages.properties: 
(ButPolicyEditorDropdown, CertWarnPolicyTip, CertWarnPolicyEditorItem): 
new messages
* netx/net/sourceforge/jnlp/security/dialogs/CertWarningPane.java: 
(addComponents, setTextAndLabels, addButtons) refactored and split 
methods. (createPolicyPermissionsMenu) new method. 
(PolicyEditorLaunchListener) new ActionListener for advancedOptions button

Thanks,

-- 
Andrew A

-------------- next part --------------
A non-text attachment was scrubbed...
Name: policyeditor-in-dialog-4.patch
Type: text/x-patch
Size: 14327 bytes
Desc: not available
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140313/6e3e1ecf/policyeditor-in-dialog-4-0001.patch>

From aazores at redhat.com  Thu Mar 13 19:30:23 2014
From: aazores at redhat.com (Andrew Azores)
Date: Thu, 13 Mar 2014 15:30:23 -0400
Subject: [rfc][icedtea-web][policyeditor] Checkboxes not updating
Message-ID: <5322074F.9030703@redhat.com>

Hi,

This patch ensures that operations which should be done by the EDT are 
actually done by it, and also ensures that when a new codebase is 
added/selected, that the checkboxes properly update the first time 
around, without needing to select a different codebase and go back.

ChangeLog:
* netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java: 
(addNewCodebase) ensure that checkboxes update. (removeCodebase, 
updateCheckboxes) ensure UI updates are done on EDT.

Thanks,

-- 
Andrew A

-------------- next part --------------
A non-text attachment was scrubbed...
Name: policyeditor-checkboxes.patch
Type: text/x-patch
Size: 4310 bytes
Desc: not available
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140313/2867e484/policyeditor-checkboxes.patch>

From aazores at redhat.com  Thu Mar 13 19:41:54 2014
From: aazores at redhat.com (Andrew Azores)
Date: Thu, 13 Mar 2014 15:41:54 -0400
Subject: [rfc][icedtea-web] Launching PolicyEditor from CertWarningPane
In-Reply-To: <53220215.60301@redhat.com>
References: <53220215.60301@redhat.com>
Message-ID: <53220A02.7090506@redhat.com>

On 03/13/2014 03:08 PM, Andrew Azores wrote:
> Hi,
>
> This patch adds a button which summons a popup menu, currently with 
> only one item, allowing the user to launch PolicyEditor directly from 
> the warning dialog. The editor appears with the current applet's 
> codebase added (if necessary) and pre-selected. This, along with the 
> sandbox button and earlier patch allowing JNLPPolicy to use 
> per-codebase policy entries and to reload at runtime, allows for easy 
> configuration of fine grained permissions granted to an applet.
>
> Feedback/recommendations on the UI here are definitely welcome. At a 
> later point, extra items will be added to the popup menu to allow for 
> "this run only" temporary permissions to be granted to the applet. 
> These choices will have to use a different mechanism for adding the 
> permissions, however, since it won't be automatically handled by the 
> JNLPPolicy/automatically reloaded by SecurityDelegate, as the policy 
> file permissions are. (note the conspicuous lack of any code here to 
> actually force a policy reload - this is already handled by the 
> sandbox button and SecurityDelegate)
>
> Note that there is a visual bug with PolicyEditor where the checkboxes 
> may not be updated correctly, and will be incorrectly blank when the 
> currently selected codebase actually does have permissions assigned. 
> This will be addressed separately. As a workaround, simply switch to 
> "All applets" codebase, then back to the applet-specific one. The 
> checkboxes will then correctly update.
>
> http://caff.de/applettest/Signed.html can serve as a test applet again.
>
> ChangeLog:
> Add button with popup menu to launch PolicyEditor
> * netx/net/sourceforge/jnlp/resources/Messages.properties: 
> (ButPolicyEditorDropdown, CertWarnPolicyTip, 
> CertWarnPolicyEditorItem): new messages
> * netx/net/sourceforge/jnlp/security/dialogs/CertWarningPane.java: 
> (addComponents, setTextAndLabels, addButtons) refactored and split 
> methods. (createPolicyPermissionsMenu) new method. 
> (PolicyEditorLaunchListener) new ActionListener for advancedOptions 
> button
>
> Thanks,
>

Sorry, tiny update here. I noticed that there was a small "deadspot" in 
the middle of the new button, which was apparently the popupmenu 
component, as clicking it caused PolicyEditor to appear. It seems this 
was because the menu was added as a child component of the button. 
Adding the component to the pane itself, which is the only change 
between this new patch and the previous one, resolves this. The popup 
menu still appears in the same place and works fine as far as I can tell.

Is there some better way to handle JPopupMenus?

Thanks,

-- 
Andrew A

-------------- next part --------------
A non-text attachment was scrubbed...
Name: policyeditor-in-dialog-4.patch
Type: text/x-patch
Size: 14355 bytes
Desc: not available
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140313/3dccf8f6/policyeditor-in-dialog-4.patch>

From aazores at redhat.com  Thu Mar 13 20:43:32 2014
From: aazores at redhat.com (Andrew Azores)
Date: Thu, 13 Mar 2014 16:43:32 -0400
Subject: [rfc][icedtea-web] SecurityDelegate addPermission and reference for
	CertWarningPane
Message-ID: <53221874.3030302@redhat.com>

Hi,

The smaller of these two patches simply exposes 
JNLPClassLoader#addPermission(Permission) through three new 
SecurityDelegate methods: #addPermission(Permission), 
#addPermissions(PermissionCollection), and 
#addPermissions(Collection<Permission>). The larger patch passes a 
SecurityDelegate reference through the security dialog system so that 
the delegate is available to CertWarningPane. This is in preparation for 
a patch that will add "this run only" temporary permission options to 
the CertWarningPane, achieved by "injecting" these permissions directly 
into the classloader via the delegate. These extra options are not 
included because they are blocked on "Launching PolicyEditor from 
CertWarningPane", but this infrastructure work doesn't depend on that patch.

These two patches apply cleanly together, but 
certwarning-securitydelegate will have a small and easily resolvable 
conflict with policyeditor-in-dialog-4 if they are used together.

(securitydelegate-addpermission)
ChangeLog:
* netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java: 
(SecurityDelegate addPermission, addPermissions) new methods. 
(SecurityDelegateImpl addPermission, addPermissions) implement previous.

(certwarning-securitydelegate)
ChangeLog:
* netx/net/sourceforge/jnlp/security/JNLPAppVerifier.java: 
(checkTrustWithUser) pass SecurityDelegate reference to 
SecurityDialogs.showCertWarningDialog
* netx/net/sourceforge/jnlp/security/PluginAppVerifier.java: same
* netx/net/sourceforge/jnlp/security/SecurityDialog.java: pass 
SecurityDelegate reference from extras into CertWarningPane constructor
* netx/net/sourceforge/jnlp/security/SecurityDialogs.java: 
(showCertWarningDialog) added SecurityDelegate parameter, add to extras 
array.
* netx/net/sourceforge/jnlp/security/VariableX509TrustManager.java: 
(askUser) pass null for SecurityDelegate reference
* netx/net/sourceforge/jnlp/security/dialogs/CertWarningPane.java: 
(CertWarningPane) added SecurityDelegate constructor parameter and 
(securityDelegate) field

Thanks,

-- 
Andrew A

-------------- next part --------------
A non-text attachment was scrubbed...
Name: securitydelegate-addpermission.patch
Type: text/x-patch
Size: 1351 bytes
Desc: not available
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140313/3af56f7f/securitydelegate-addpermission-0001.patch>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: certwarning-securitydelegate.patch
Type: text/x-patch
Size: 8058 bytes
Desc: not available
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140313/3af56f7f/certwarning-securitydelegate-0001.patch>

From ptisnovs at icedtea.classpath.org  Fri Mar 14 12:14:24 2014
From: ptisnovs at icedtea.classpath.org (ptisnovs at icedtea.classpath.org)
Date: Fri, 14 Mar 2014 12:14:24 +0000
Subject: /hg/rhino-tests: Enhancements of various tests in ScriptContextC...
Message-ID: <hg.39b90cb1bd47.1394799264.-6019694633368342460@icedtea.classpath.org>

changeset 39b90cb1bd47 in /hg/rhino-tests
details: http://icedtea.classpath.org/hg/rhino-tests?cmd=changeset;node=39b90cb1bd47
author: Pavel Tisnovsky <ptisnovs at redhat.com>
date: Fri Mar 14 13:14:58 2014 +0100

	Enhancements of various tests in ScriptContextClassTest.


diffstat:

 ChangeLog                                      |   5 ++++
 src/org/RhinoTests/ScriptContextClassTest.java |  32 ++++++++++++++++++++++++++
 2 files changed, 37 insertions(+), 0 deletions(-)

diffs (61 lines):

diff -r 7a653bbdeeec -r 39b90cb1bd47 ChangeLog
--- a/ChangeLog	Thu Mar 13 09:50:36 2014 +0100
+++ b/ChangeLog	Fri Mar 14 13:14:58 2014 +0100
@@ -1,3 +1,8 @@
+2014-03-14  Pavel Tisnovsky  <ptisnovs at redhat.com>
+
+	* src/org/RhinoTests/ScriptContextClassTest.java:
+	Enhancements of various tests in ScriptContextClassTest.
+
 2014-03-13  Pavel Tisnovsky  <ptisnovs at redhat.com>
 
 	* src/org/RhinoTests/ScriptEngineFactoryClassTest.java:
diff -r 7a653bbdeeec -r 39b90cb1bd47 src/org/RhinoTests/ScriptContextClassTest.java
--- a/src/org/RhinoTests/ScriptContextClassTest.java	Thu Mar 13 09:50:36 2014 +0100
+++ b/src/org/RhinoTests/ScriptContextClassTest.java	Fri Mar 14 13:14:58 2014 +0100
@@ -1832,6 +1832,30 @@
         }
 
         try {
+            this.scriptContextClass.cast(new java.awt.Label());
+            throw new AssertionError("Class.cast(new java.awt.Label()) does not throw any exception");
+        }
+        catch (Exception e) {
+            // expected exception
+        }
+
+        try {
+            this.scriptContextClass.cast(new java.awt.Label(new String()));
+            throw new AssertionError("Class.cast(new java.awt.Label(new String())) does not throw any exception");
+        }
+        catch (Exception e) {
+            // expected exception
+        }
+
+        try {
+            this.scriptContextClass.cast(new java.awt.Label("xyzzy"));
+            throw new AssertionError("Class.cast(new java.awt.Label(\"xyzzy\")) does not throw any exception");
+        }
+        catch (Exception e) {
+            // expected exception
+        }
+
+        try {
             this.scriptContextClass.cast(new javax.swing.JLabel());
             throw new AssertionError("Class.cast(new javax.swing.JLabel()) does not throw any exception");
         }
@@ -1848,6 +1872,14 @@
         }
 
         try {
+            this.scriptContextClass.cast(new javax.swing.JLabel("xyzzy"));
+            throw new AssertionError("Class.cast(new javax.swing.JLabel(\"xyzzy\")) does not throw any exception");
+        }
+        catch (Exception e) {
+            // expected exception
+        }
+
+        try {
             this.scriptContextClass.cast(new javax.swing.JPanel());
             throw new AssertionError("Class.cast(new javax.swing.JPanel()) does not throw any exception");
         }

From ptisnovs at icedtea.classpath.org  Fri Mar 14 12:28:55 2014
From: ptisnovs at icedtea.classpath.org (ptisnovs at icedtea.classpath.org)
Date: Fri, 14 Mar 2014 12:28:55 +0000
Subject: /hg/gfx-test: Ten new tests added into BitBltUsingBgColor test s...
Message-ID: <hg.2ffb2f873ec8.1394800135.-6248649288953172555@icedtea.classpath.org>

changeset 2ffb2f873ec8 in /hg/gfx-test
details: http://icedtea.classpath.org/hg/gfx-test?cmd=changeset;node=2ffb2f873ec8
author: Pavel Tisnovsky <ptisnovs at redhat.com>
date: Fri Mar 14 13:29:36 2014 +0100

	Ten new tests added into BitBltUsingBgColor test suite.


diffstat:

 ChangeLog                                          |    5 +
 src/org/gfxtest/testsuites/BitBltUsingBgColor.java |  150 +++++++++++++++++++++
 2 files changed, 155 insertions(+), 0 deletions(-)

diffs (172 lines):

diff -r 402bff2be904 -r 2ffb2f873ec8 ChangeLog
--- a/ChangeLog	Thu Mar 13 09:52:52 2014 +0100
+++ b/ChangeLog	Fri Mar 14 13:29:36 2014 +0100
@@ -1,3 +1,8 @@
+2014-03-14  Pavel Tisnovsky  <ptisnovs at redhat.com>
+
+	* src/org/gfxtest/testsuites/BitBltUsingBgColor.java:
+	Ten new tests added into BitBltUsingBgColor test suite.
+
 2014-03-13  Pavel Tisnovsky  <ptisnovs at redhat.com>
 
 	* src/org/gfxtest/testsuites/BitBltAffineQuadrantRotateTransformOp.java:
diff -r 402bff2be904 -r 2ffb2f873ec8 src/org/gfxtest/testsuites/BitBltUsingBgColor.java
--- a/src/org/gfxtest/testsuites/BitBltUsingBgColor.java	Thu Mar 13 09:52:52 2014 +0100
+++ b/src/org/gfxtest/testsuites/BitBltUsingBgColor.java	Fri Mar 14 13:29:36 2014 +0100
@@ -5822,6 +5822,156 @@
     }
 
     /**
+     * Test basic BitBlt operation for diagonal checker buffered image with type TYPE_BYTE_GRAY.
+     * Background color is set to Color.magenta.
+     *
+     * @param image
+     *            image to be used as a destination for BitBlt-type operations
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testBitBltDiagonalCheckerBufferedImageTypeUshortGrayBackgroundMagenta(TestImage image, Graphics2D graphics2d)
+    {
+        return doBitBltDiagonalCheckerBufferedImageTypeUshortGray(image, graphics2d, Color.magenta);
+    }
+
+    /**
+     * Test basic BitBlt operation for diagonal checker buffered image with type TYPE_BYTE_GRAY.
+     * Background color is set to Color.yellow.
+     *
+     * @param image
+     *            image to be used as a destination for BitBlt-type operations
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testBitBltDiagonalCheckerBufferedImageTypeUshortGrayBackgroundYellow(TestImage image, Graphics2D graphics2d)
+    {
+        return doBitBltDiagonalCheckerBufferedImageTypeUshortGray(image, graphics2d, Color.yellow);
+    }
+
+    /**
+     * Test basic BitBlt operation for diagonal checker buffered image with type TYPE_BYTE_GRAY.
+     * Background color is set to Color.white.
+     *
+     * @param image
+     *            image to be used as a destination for BitBlt-type operations
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testBitBltDiagonalCheckerBufferedImageTypeUshortGrayBackgroundWhite(TestImage image, Graphics2D graphics2d)
+    {
+        return doBitBltDiagonalCheckerBufferedImageTypeUshortGray(image, graphics2d, Color.white);
+    }
+
+    /**
+     * Test basic BitBlt operation for grid buffered image with type TYPE_3BYTE_BGR.
+     * Background color is set to Color.black.
+     *
+     * @param image
+     *            image to be used as a destination for BitBlt-type operations
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testBitBltGridBufferedImageType3ByteBGRbackgroundBlack(TestImage image, Graphics2D graphics2d)
+    {
+        return doBitBltGridBufferedImageType3ByteRGB(image, graphics2d, Color.black);
+    }
+
+    /**
+     * Test basic BitBlt operation for grid buffered image with type TYPE_3BYTE_BGR.
+     * Background color is set to Color.blue.
+     *
+     * @param image
+     *            image to be used as a destination for BitBlt-type operations
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testBitBltGridBufferedImageType3ByteBGRbackgroundBlue(TestImage image, Graphics2D graphics2d)
+    {
+        return doBitBltGridBufferedImageType3ByteRGB(image, graphics2d, Color.blue);
+    }
+
+    /**
+     * Test basic BitBlt operation for grid buffered image with type TYPE_3BYTE_BGR.
+     * Background color is set to Color.green.
+     *
+     * @param image
+     *            image to be used as a destination for BitBlt-type operations
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testBitBltGridBufferedImageType3ByteBGRbackgroundGreen(TestImage image, Graphics2D graphics2d)
+    {
+        return doBitBltGridBufferedImageType3ByteRGB(image, graphics2d, Color.green);
+    }
+
+    /**
+     * Test basic BitBlt operation for grid buffered image with type TYPE_3BYTE_BGR.
+     * Background color is set to Color.cyan.
+     *
+     * @param image
+     *            image to be used as a destination for BitBlt-type operations
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testBitBltGridBufferedImageType3ByteBGRbackgroundCyan(TestImage image, Graphics2D graphics2d)
+    {
+        return doBitBltGridBufferedImageType3ByteRGB(image, graphics2d, Color.cyan);
+    }
+
+    /**
+     * Test basic BitBlt operation for grid buffered image with type TYPE_3BYTE_BGR.
+     * Background color is set to Color.red.
+     *
+     * @param image
+     *            image to be used as a destination for BitBlt-type operations
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testBitBltGridBufferedImageType3ByteBGRbackgroundRed(TestImage image, Graphics2D graphics2d)
+    {
+        return doBitBltGridBufferedImageType3ByteRGB(image, graphics2d, Color.red);
+    }
+
+    /**
+     * Test basic BitBlt operation for grid buffered image with type TYPE_3BYTE_BGR.
+     * Background color is set to Color.magenta.
+     *
+     * @param image
+     *            image to be used as a destination for BitBlt-type operations
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testBitBltGridBufferedImageType3ByteBGRbackgroundMagenta(TestImage image, Graphics2D graphics2d)
+    {
+        return doBitBltGridBufferedImageType3ByteRGB(image, graphics2d, Color.magenta);
+    }
+
+    /**
+     * Test basic BitBlt operation for grid buffered image with type TYPE_3BYTE_BGR.
+     * Background color is set to Color.yellow.
+     *
+     * @param image
+     *            image to be used as a destination for BitBlt-type operations
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testBitBltGridBufferedImageType3ByteBGRbackgroundYellow(TestImage image, Graphics2D graphics2d)
+    {
+        return doBitBltGridBufferedImageType3ByteRGB(image, graphics2d, Color.yellow);
+    }
+
+    /**
      * Entry point to the test suite.
      *
      * @param args not used in this case

From jvanek at icedtea.classpath.org  Fri Mar 14 12:40:34 2014
From: jvanek at icedtea.classpath.org (jvanek at icedtea.classpath.org)
Date: Fri, 14 Mar 2014 12:40:34 +0000
Subject: /hg/icedtea-web: Base implementation of Application-Library-Allo...
Message-ID: <hg.aba4c18c4c64.1394800834.8643924302249223276@icedtea.classpath.org>

changeset aba4c18c4c64 in /hg/icedtea-web
details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=aba4c18c4c64
author: Jiri Vanek <jvanek at redhat.com>
date: Fri Mar 14 13:06:03 2014 +0100

	Base implementation of Application-Library-Allowable-Codebase. Remember button not yet working.


diffstat:

 ChangeLog                                                                  |   33 ++
 netx/net/sourceforge/jnlp/JNLPFile.java                                    |   14 +-
 netx/net/sourceforge/jnlp/resources/Messages.properties                    |   19 +
 netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java                     |   93 +++++
 netx/net/sourceforge/jnlp/security/SecurityDialog.java                     |    6 +
 netx/net/sourceforge/jnlp/security/SecurityDialogs.java                    |   34 +-
 netx/net/sourceforge/jnlp/security/dialogs/MatchingALACAttributePanel.java |  165 ++++++++++
 netx/net/sourceforge/jnlp/security/dialogs/MissingALACAttributePanel.java  |  162 +++++++++
 netx/net/sourceforge/jnlp/util/ClasspathMatcher.java                       |   30 +-
 netx/net/sourceforge/jnlp/util/UrlUtils.java                               |  105 ++++++
 tests/netx/unit/net/sourceforge/jnlp/util/ClasspathMatcherTest.java        |   98 +++++
 tests/netx/unit/net/sourceforge/jnlp/util/UrlUtilsTest.java                |  107 ++++++
 12 files changed, 846 insertions(+), 20 deletions(-)

diffs (truncated from 1090 to 500 lines):

diff -r dfc27d4d55d5 -r aba4c18c4c64 ChangeLog
--- a/ChangeLog	Thu Mar 13 13:48:00 2014 -0400
+++ b/ChangeLog	Fri Mar 14 13:06:03 2014 +0100
@@ -1,3 +1,36 @@
+2014-03-14  Jiri Vanek  <jvanek at redhat.com>
+
+	Base implementation of Application-Library-Allowable-Codebase. Remember
+	button not yet working.
+	* netx/net/sourceforge/jnlp/JNLPFile.java: (ClasspathMatchers)
+	(getApplicationLibraryAllowableCodebase) (getCodebase) (getCodeBaseMatchersAttribute)
+	(getCodeBaseMatchersAttribute) (getCodeBaseMatchersAttribute) changed signature
+	to include/not include path in returned matcher.
+	* netx/net/sourceforge/jnlp/resources/Messages.properties: Added keys
+	(ALACAMissingMainTitle) (ALACAMissingInfo) (ALACAMatchingMainTitle)
+	(ALACAMatchingInfo) for new dialogs.
+	* netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java: Implemented 
+	(checkApplicationLibraryAllowableCodebaseAttribute). Used in (init)
+	* netx/net/sourceforge/jnlp/security/SecurityDialog.java: made aware of 
+	new constants (MISSING_ALACA) and (MATCHING_ALACA)
+	* netx/net/sourceforge/jnlp/security/SecurityDialogs.java: new constants
+	(MISSING_ALACA) and (MATCHING_ALACA). Implemented (showMissingALACAttributePanel)
+	and (showMatchingALACAttributePanel)
+	* netx/net/sourceforge/jnlp/security/dialogs/MatchingALACAttributePanel.java
+	new dialog for Matching attribute
+	* netx/net/sourceforge/jnlp/security/dialogs/MissingALACAttributePanel.java:
+	new dialog for Missing attribute.
+	* netx/net/sourceforge/jnlp/util/ClasspathMatcher.java: allowing user to
+	choose whether to include paths in matching or not.
+	* netx/net/sourceforge/jnlp/util/UrlUtils.java: new util methods (removeFileName)
+	(setOfUrlsToHtmlList) (sanitizeLastSlash) and (equalsIgnoreLastSlash) to
+	strip filename from url, toString for iterable of urls to string, and 
+	for operations with URLs independently on last slash	
+	* tests/netx/unit/net/sourceforge/jnlp/util/ClasspathMatcherTest.java: added
+	tests for paths
+	* tests/netx/unit/net/sourceforge/jnlp/util/UrlUtilsTest.java: added tests
+	for new methods
+
 2014-03-13  Andrew Azores  <aazores at redhat.com>
 
 	* netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java:
diff -r dfc27d4d55d5 -r aba4c18c4c64 netx/net/sourceforge/jnlp/JNLPFile.java
--- a/netx/net/sourceforge/jnlp/JNLPFile.java	Thu Mar 13 13:48:00 2014 -0400
+++ b/netx/net/sourceforge/jnlp/JNLPFile.java	Fri Mar 14 13:06:03 2014 +0100
@@ -920,21 +920,21 @@
          * http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/manifest.html#caller_allowable
          */
         public ClasspathMatcher.ClasspathMatchers getCallerAllowableCodebase() {
-            return getCodeBaseMatchersAttribute(CALLER_ALLOWABLE);
+            return getCodeBaseMatchersAttribute(CALLER_ALLOWABLE, false);
         }
 
         /**
          * http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/manifest.html#app_library
          */
         public ClasspathMatcher.ClasspathMatchers getApplicationLibraryAllowableCodebase() {
-            return getCodeBaseMatchersAttribute(APP_LIBRARY_ALLOWABLE);
+            return getCodeBaseMatchersAttribute(APP_LIBRARY_ALLOWABLE, true);
         }
 
         /**
          * http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/manifest.html#codebase
          */
         public ClasspathMatcher.ClasspathMatchers getCodebase() {
-            return getCodeBaseMatchersAttribute(CODEBASE);
+            return getCodeBaseMatchersAttribute(CODEBASE, false);
         }
 
         /**
@@ -1004,16 +1004,16 @@
             return loader.checkForAttributeInJars(Arrays.asList(getResources().getJARs()), name);
         }
 
-        public ClasspathMatcher.ClasspathMatchers getCodeBaseMatchersAttribute(String s) {
-            return getCodeBaseMatchersAttribute(new Attributes.Name(s));
+        public ClasspathMatcher.ClasspathMatchers getCodeBaseMatchersAttribute(String s, boolean includePath) {
+            return getCodeBaseMatchersAttribute(new Attributes.Name(s), includePath);
         }
 
-        public ClasspathMatcher.ClasspathMatchers getCodeBaseMatchersAttribute(Attributes.Name name) {
+        public ClasspathMatcher.ClasspathMatchers getCodeBaseMatchersAttribute(Attributes.Name name, boolean includePath) {
             String s = getAttribute(name);
             if (s == null) {
                 return null;
             }
-            return ClasspathMatcher.ClasspathMatchers.compile(s);
+            return ClasspathMatcher.ClasspathMatchers.compile(s, includePath);
         }
 
         private ManifestBoolean processBooleanAttribute(String id) throws IllegalArgumentException {
diff -r dfc27d4d55d5 -r aba4c18c4c64 netx/net/sourceforge/jnlp/resources/Messages.properties
--- a/netx/net/sourceforge/jnlp/resources/Messages.properties	Thu Mar 13 13:48:00 2014 -0400
+++ b/netx/net/sourceforge/jnlp/resources/Messages.properties	Fri Mar 14 13:06:03 2014 +0100
@@ -58,6 +58,25 @@
 and<br/> <a href="http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/no_redeploy.html"> \
 http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/no_redeploy.html</a>
 
+# missing Application-Library-Allowable-Codebase dialogue
+ALACAMissingMainTitle=Application <span color='red'> {0} </span> \
+form codebase <span color='red'> {1} </span> is missing the  Application-Library-Allowable-Codebase attribute. \
+This application uses resources from the following remote locations:<br/> {2} Are you sure you want to run this application?
+ALACAMissingInfo=For more information you can visit:<br/>\
+<a href="http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#app_library"> \
+http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#app_library</a> <br/> \
+and<br/> <a href="http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/no_redeploy.html"> \
+http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/no_redeploy.html</a>
+# matching Application-Library-Allowable-Codebase dialogue
+ALACAMatchingMainTitle=Application <span color='red'> {0} </span> \
+form codebase <span color='red'> {1} </span> is requiring valid resources from different locations:<br/>{2} <br/> \
+Those resources are expected to be loaded. Do you agree to run this application?
+ALACAMatchingInfo=For more information you can visit:<br/>\
+<a href="http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#app_library"> \
+http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#app_library</a> <br/> \
+and<br/> <a href="http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/no_redeploy.html"> \
+http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/no_redeploy.html</a>
+
 # LS - Severity
 LSMinor=Minor
 LSFatal=Fatal
diff -r dfc27d4d55d5 -r aba4c18c4c64 netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java
--- a/netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java	Thu Mar 13 13:48:00 2014 -0400
+++ b/netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java	Fri Mar 14 13:06:03 2014 +0100
@@ -92,6 +92,7 @@
 import net.sourceforge.jnlp.util.ClasspathMatcher.ClasspathMatchers;
 import net.sourceforge.jnlp.util.JarFile;
 import net.sourceforge.jnlp.util.StreamUtils;
+import net.sourceforge.jnlp.util.UrlUtils;
 import net.sourceforge.jnlp.util.logging.OutputController;
 import sun.misc.JarIndex;
 
@@ -292,6 +293,8 @@
         
         checkPermissionsAttribute();
         
+        checkApplicationLibraryAllowableCodebaseAttribute();
+        
         installShutdownHooks();
         
 
@@ -2324,6 +2327,96 @@
         public boolean getRunInSandbox();
     }
 
+    private void checkApplicationLibraryAllowableCodebaseAttribute() throws LaunchException {
+        if (signing == SigningState.NONE){
+            return; /*when app is not signed at all, then skip this check*/
+        } 
+        //conditions
+        URL codebase = file.getCodeBase();
+        URL documentBase = null;
+        if (file instanceof PluginBridge) {
+            documentBase = ((PluginBridge) file).getSourceLocation();
+        }
+        if (documentBase == null) {
+            documentBase = file.getCodeBase();
+        }
+
+        //cases
+        Set<URL> usedUrls = new HashSet<URL>();
+        URL sourceLocation = file.getSourceLocation();
+        ResourcesDesc[] resourcesDescs = file.getResourcesDescs();
+        if (sourceLocation != null) {
+            usedUrls.add(UrlUtils.removeFileName(sourceLocation));
+        }
+        for (ResourcesDesc resourcesDesc: resourcesDescs) {
+            ExtensionDesc[] ex = resourcesDesc.getExtensions();
+            if (ex != null) {
+                for ( ExtensionDesc extensionDesc: ex) {
+                    if (extensionDesc != null) {
+                        usedUrls.add(UrlUtils.removeFileName(extensionDesc.getLocation()));
+                    }
+                }
+            }
+            JARDesc[] jars = resourcesDesc.getJARs();
+            if (jars != null) {
+                for (JARDesc jarDesc: jars) {
+                    if (jarDesc != null) {
+                        usedUrls.add(UrlUtils.removeFileName(jarDesc.getLocation()));
+                    }
+                }
+            }
+            JNLPFile jnlp = resourcesDesc.getJNLPFile();
+            if (jnlp != null) {
+                usedUrls.add(UrlUtils.removeFileName(jnlp.getSourceLocation()));
+            }
+
+        }
+        OutputController.getLogger().log("Found alaca URLs to be verified");
+        for (URL url : usedUrls) {
+            OutputController.getLogger().log(" - " + url.toExternalForm());
+        }
+        if (usedUrls.isEmpty()) {
+            //I hope this is the case, when the resources is/are
+            //only codebase classes. Then it should be safe to return.
+            OutputController.getLogger().log("The application is not using any url resources, skipping Application-Library-Allowable-Codebase Attribute check.");
+            return;
+        }
+
+        if (usedUrls.size() == 1) {
+            if (UrlUtils.equalsIgnoreLastSlash(usedUrls.toArray(new URL[0])[0], codebase)
+                    && UrlUtils.equalsIgnoreLastSlash(usedUrls.toArray(new URL[0])[0], documentBase)) {
+                //all resoources are from codebase or document base. it is ok to proceeed.
+                OutputController.getLogger().log("All applications resources (" + usedUrls.toArray(new URL[0])[0] + ") are from codebas/documentbase " + codebase + "/" + documentBase + ", skipping Application-Library-Allowable-Codebase Attribute check.");
+                return;
+            }
+        }
+        ClasspathMatchers att = file.getManifestsAttributes().getApplicationLibraryAllowableCodebase();
+
+        if (att == null) {
+            boolean a = SecurityDialogs.showMissingALACAttributePanel(file.getTitle(), documentBase, usedUrls);
+            if (!a) {
+                throw new LaunchException("The application uses non-codebase resources, has no Application-Library-Allowable-Codebase Attribute, and was blocked from running by the user");
+            } else {
+                OutputController.getLogger().log("The application uses non-codebase resources, has no Application-Library-Allowable-Codebase Attribute, and was allowed to run by the user");
+                return;
+            }
+        } else {
+            for (URL foundUrl : usedUrls) {
+                if (!att.matches(foundUrl)) {
+                    throw new LaunchException("The resource from " + foundUrl + " does not match the  location in Application-Library-Allowable-Codebase Attribute " + att + ". Blocking the application from running.");
+                } else {
+                    OutputController.getLogger().log("The resource from " + foundUrl + " does  match the  location in Application-Library-Allowable-Codebase Attribute " + att + ". Continuing.");
+                }
+            }
+        }
+        boolean a = SecurityDialogs.showMatchingALACAttributePanel(file.getTitle(), documentBase, usedUrls);
+        if (!a) {
+            throw new LaunchException("The application uses non-codebase resources, which do match its Application-Library-Allowable-Codebase Attribute, but was blocked from running by the user." );
+        } else {
+            OutputController.getLogger().log("The application uses non-codebase resources, which do match its Application-Library-Allowable-Codebase Attribute, and was allowed to run by the user." );
+        }
+    }
+
     /**
      * Handles security decision logic for the JNLPClassLoader, eg which permission level to assign
      * to JARs.
diff -r dfc27d4d55d5 -r aba4c18c4c64 netx/net/sourceforge/jnlp/security/SecurityDialog.java
--- a/netx/net/sourceforge/jnlp/security/SecurityDialog.java	Thu Mar 13 13:48:00 2014 -0400
+++ b/netx/net/sourceforge/jnlp/security/SecurityDialog.java	Fri Mar 14 13:06:03 2014 +0100
@@ -37,6 +37,8 @@
 
 package net.sourceforge.jnlp.security;
 
+import net.sourceforge.jnlp.security.dialogs.MissingALACAttributePanel;
+import net.sourceforge.jnlp.security.dialogs.MatchingALACAttributePanel;
 import net.sourceforge.jnlp.security.dialogs.MissingPermissionsAttributePanel;
 import net.sourceforge.jnlp.security.dialogs.AppletWarningPane;
 import net.sourceforge.jnlp.security.dialogs.AccessWarningPane;
@@ -320,6 +322,10 @@
             panel = new PasswordAuthenticationPane(this, extras);
         else if (dialogType == DialogType.UNSIGNED_EAS_NO_PERMISSIONS_WARNING)
             panel = new MissingPermissionsAttributePanel(this, (String) extras[0], (String) extras[1]);
+        else if (dialogType == DialogType.MISSING_ALACA)
+            panel = new MissingALACAttributePanel(this, (String) extras[0], (String) extras[1], (String) extras[2]);
+        else if (dialogType == DialogType.MATCHING_ALACA)
+            panel = new MatchingALACAttributePanel(this, (String) extras[0], (String) extras[1], (String) extras[2]);
 
         add(panel, BorderLayout.CENTER);
     }
diff -r dfc27d4d55d5 -r aba4c18c4c64 netx/net/sourceforge/jnlp/security/SecurityDialogs.java
--- a/netx/net/sourceforge/jnlp/security/SecurityDialogs.java	Thu Mar 13 13:48:00 2014 -0400
+++ b/netx/net/sourceforge/jnlp/security/SecurityDialogs.java	Fri Mar 14 13:06:03 2014 +0100
@@ -44,6 +44,7 @@
 import java.net.URL;
 import java.security.AccessController;
 import java.security.PrivilegedAction;
+import java.util.Set;
 import java.util.concurrent.Semaphore;
 
 import javax.swing.JDialog;
@@ -52,6 +53,7 @@
 import net.sourceforge.jnlp.JNLPFile;
 import net.sourceforge.jnlp.config.DeploymentConfiguration;
 import net.sourceforge.jnlp.runtime.JNLPRuntime;
+import net.sourceforge.jnlp.util.UrlUtils;
 import net.sourceforge.jnlp.security.dialogs.apptrustwarningpanel.AppTrustWarningPanel.AppSigningWarningAction;
 import net.sourceforge.jnlp.security.appletextendedsecurity.ExecuteAppletAction;
 
@@ -80,7 +82,9 @@
         UNSIGNED_WARNING,   /* requires confirmation with 'high-security' setting */
         APPLET_WARNING,
         AUTHENTICATION,
-        UNSIGNED_EAS_NO_PERMISSIONS_WARNING   /* when Extended applet security is at High Security and no permission attribute is find, */
+        UNSIGNED_EAS_NO_PERMISSIONS_WARNING,   /* when Extended applet security is at High Security and no permission attribute is find, */
+        MISSING_ALACA, /*alaca - Application-Library-Allowable-Codebase Attribute*/
+        MATCHING_ALACA
     }
 
     /** The types of access which may need user permission. */
@@ -263,6 +267,32 @@
         return (Object[]) response;
     }
 
+     public static boolean  showMissingALACAttributePanel(String title, URL codeBase, Set<URL> remoteUrls) {
+
+        if (!shouldPromptUser()) {
+            return false;
+        }
+
+        SecurityDialogMessage message = new SecurityDialogMessage();
+        message.dialogType = DialogType.MISSING_ALACA;
+        message.extras = new Object[]{title, codeBase.toString(), UrlUtils.setOfUrlsToHtmlList(remoteUrls)};
+        Object selectedValue = getUserResponse(message);
+        return getIntegerResponseAsBoolean(selectedValue);
+    } 
+     
+     public static boolean showMatchingALACAttributePanel(String title, URL codeBase, Set<URL> remoteUrls) {
+
+        if (!shouldPromptUser()) {
+            return false;
+        }
+
+        SecurityDialogMessage message = new SecurityDialogMessage();
+        message.dialogType = DialogType.MATCHING_ALACA;
+        message.extras = new Object[]{title, codeBase.toString(), UrlUtils.setOfUrlsToHtmlList(remoteUrls)};
+        Object selectedValue = getUserResponse(message);
+        return getIntegerResponseAsBoolean(selectedValue);
+    } 
+     
     /**
      * FIXME This is unused. Remove it?
      * @return (0, 1, 2) =&gt; (Yes, No, Cancel)
@@ -417,5 +447,5 @@
             }
         });
     }
-
+    
 }
diff -r dfc27d4d55d5 -r aba4c18c4c64 netx/net/sourceforge/jnlp/security/dialogs/MatchingALACAttributePanel.java
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/netx/net/sourceforge/jnlp/security/dialogs/MatchingALACAttributePanel.java	Fri Mar 14 13:06:03 2014 +0100
@@ -0,0 +1,165 @@
+/* 
+ Copyright (C) 2008 Red Hat, Inc.
+
+ This file is part of IcedTea.
+
+ IcedTea is free software; you can redistribute it and/or
+ modify it under the terms of the GNU General Public License as published by
+ the Free Software Foundation, version 2.
+
+ IcedTea is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with IcedTea; see the file COPYING.  If not, write to
+ the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ 02110-1301 USA.
+
+ Linking this library statically or dynamically with other modules is
+ making a combined work based on this library.  Thus, the terms and
+ conditions of the GNU General Public License cover the whole
+ combination.
+
+ As a special exception, the copyright holders of this library give you
+ permission to link this library with independent modules to produce an
+ executable, regardless of the license terms of these independent
+ modules, and to copy and distribute the resulting executable under
+ terms of your choice, provided that you also meet, for each linked
+ independent module, the terms and conditions of the license of that
+ module.  An independent module is a module which is not derived from
+ or based on this library.  If you modify this library, you may extend
+ this exception to your version of the library, but you are not
+ obligated to do so.  If you do not wish to do so, delete this
+ exception statement from your version.
+ */
+package net.sourceforge.jnlp.security.dialogs;
+
+import java.awt.BorderLayout;
+import java.awt.Color;
+import java.awt.Desktop;
+import java.awt.Dimension;
+import java.awt.FlowLayout;
+import java.awt.Font;
+import java.awt.Image;
+import java.io.IOException;
+import java.net.MalformedURLException;
+import java.net.URISyntaxException;
+import java.net.URL;
+import java.util.HashSet;
+import java.util.Set;
+import javax.imageio.ImageIO;
+
+import javax.swing.BorderFactory;
+import javax.swing.BoxLayout;
+import javax.swing.ImageIcon;
+import javax.swing.JButton;
+import javax.swing.JCheckBox;
+import javax.swing.JEditorPane;
+import javax.swing.JFrame;
+import javax.swing.JLabel;
+import javax.swing.JPanel;
+import javax.swing.SwingConstants;
+import javax.swing.event.HyperlinkEvent;
+import javax.swing.event.HyperlinkListener;
+import net.sourceforge.jnlp.runtime.Translator;
+import net.sourceforge.jnlp.security.SecurityDialog;
+import net.sourceforge.jnlp.util.UrlUtils;
+import net.sourceforge.jnlp.util.logging.OutputController;
+
+/**
+ * http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#app_library
+ */
+public class MatchingALACAttributePanel extends SecurityDialogPanel {
+
+    public MatchingALACAttributePanel(SecurityDialog x, String title, String codebase, String remoteUrls) {
+        super(x);
+        try {
+            addComponents(title, codebase, remoteUrls);
+        } catch (Exception ex) {
+            throw new RuntimeException(ex);
+        }
+        if (x != null) {
+            x.setMinimumSize(new Dimension(600, 400));
+        }
+    }
+
+    protected final void addComponents(String title, String codebase, String remoteUrls) throws IOException {
+
+        URL imgUrl = this.getClass().getResource("/net/sourceforge/jnlp/resources/question.png");
+        ImageIcon icon;
+        Image img = ImageIO.read(imgUrl);
+        icon = new ImageIcon(img);
+        String topLabelText = Translator.R("ALACAMatchingMainTitle", title, codebase, remoteUrls);
+        String bottomLabelText = Translator.R("ALACAMatchingInfo");
+
+        JLabel topLabel = new JLabel(htmlWrap(topLabelText), icon, SwingConstants.CENTER);
+        topLabel.setFont(new Font(topLabel.getFont().toString(),
+                Font.BOLD, 12));
+        JPanel topPanel = new JPanel(new BorderLayout());
+        topPanel.setBackground(Color.WHITE);
+        topPanel.add(topLabel, BorderLayout.CENTER);
+        topPanel.setPreferredSize(new Dimension(400, 80));
+        topPanel.setBorder(BorderFactory.createEmptyBorder(10, 10, 10, 10));
+
+        JEditorPane bottomLabel = new JEditorPane("text/html", htmlWrap(bottomLabelText));
+        bottomLabel.setEditable(false);
+        bottomLabel.addHyperlinkListener(new HyperlinkListener() {
+            @Override
+            public void hyperlinkUpdate(HyperlinkEvent e) {
+                try {
+                    if (e.getEventType() == HyperlinkEvent.EventType.ACTIVATED) {
+                        Desktop.getDesktop().browse(e.getURL().toURI());
+                    }
+                } catch (IOException ex) {
+                    OutputController.getLogger().log(ex);
+                } catch (URISyntaxException ex) {
+                    OutputController.getLogger().log(ex);
+                }
+            }
+        });
+        JPanel infoPanel = new JPanel(new BorderLayout());
+        infoPanel.add(bottomLabel, BorderLayout.CENTER);
+        infoPanel.setPreferredSize(new Dimension(400, 80));
+        infoPanel.setBorder(BorderFactory.createEmptyBorder(10, 10, 10, 10));
+        bottomLabel.setBackground(infoPanel.getBackground());
+
+        //run and cancel buttons
+        JPanel buttonPanel = new JPanel(new FlowLayout(FlowLayout.RIGHT));
+
+        JButton yes = new JButton(Translator.R("ButYes"));
+        JButton no = new JButton(Translator.R("ButNo"));
+        JCheckBox remeber = new JCheckBox(htmlWrap(Translator.R("SRememberOption")));
+        int buttonWidth = yes.getMinimumSize().width;
+        int buttonHeight = yes.getMinimumSize().height;
+        Dimension d = new Dimension(buttonWidth, buttonHeight);
+        yes.setPreferredSize(d);
+        no.setPreferredSize(d);
+        yes.addActionListener(createSetValueListener(parent, 0));
+        no.addActionListener(createSetValueListener(parent, 1));
+        initialFocusComponent = no;
+        buttonPanel.add(remeber);
+        buttonPanel.add(yes);
+        buttonPanel.add(no);
+        buttonPanel.setBorder(BorderFactory.createEmptyBorder(10, 10, 10, 10));
+        //all of the above
+        setLayout(new BoxLayout(this, BoxLayout.Y_AXIS));
+        add(topPanel);
+        add(infoPanel);
+        add(buttonPanel);
+
+    }
+
+    public static void main(String[] args) throws MalformedURLException {
+        Set<URL> s = new HashSet<URL>();
+        s.add(new URL("http:/blah.com/blah"));
+        s.add(new URL("http:/blah.com/blah/blah"));
+        MatchingALACAttributePanel w = new MatchingALACAttributePanel(null, "HelloWorld", "http://nbblah.url", UrlUtils.setOfUrlsToHtmlList(s));
+        JFrame f = new JFrame();
+        f.setSize(600, 400);
+        f.setDefaultCloseOperation(JFrame.EXIT_ON_CLOSE);
+        f.add(w, BorderLayout.CENTER);
+        f.setVisible(true);
+    }
+}
diff -r dfc27d4d55d5 -r aba4c18c4c64 netx/net/sourceforge/jnlp/security/dialogs/MissingALACAttributePanel.java
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/netx/net/sourceforge/jnlp/security/dialogs/MissingALACAttributePanel.java	Fri Mar 14 13:06:03 2014 +0100

From jvanek at redhat.com  Fri Mar 14 13:24:06 2014
From: jvanek at redhat.com (Jiri Vanek)
Date: Fri, 14 Mar 2014 14:24:06 +0100
Subject: [rfc][icedtea-web] implemented
	Application-Library-Allowable-Codebase Attribute
In-Reply-To: <53220181.4050603@redhat.com>
References: <530F71CF.4040207@redhat.com>
	<53173C78.5050204@redhat.com>	<531F632F.1000005@redhat.com>
	<5321FC56.3070606@redhat.com> <53220181.4050603@redhat.com>
Message-ID: <532302F6.7050200@redhat.com>

On 03/13/2014 08:05 PM, Andrew Azores wrote:
> On 03/13/2014 02:43 PM, Andrew Azores wrote:
>> On 03/11/2014 03:25 PM, Jiri Vanek wrote:
>>> All your nits have been fixed. However:
>>>
>>> I'm still not using the AppTrustWarningPanel, so rember button is useless. It will come as
>>> another changeset (if ever)
>>>  - this patch broke elluminate - one of the deadly throws is probably redundant and should be
>>> repalced by security prompt.
>>
>> Not okay to push if elluminate is broken by this... have  you figured out what to do about it?
>>
>>>  - jsut hint - download indicator is broken
>>>  - elluminat works, but freaze to, same as http://www.walter-fendt.de/ph14e/resultant.htm
>>>
>>> I guess all above are older issues not related to this patch.
>>>
>>>
>>> J.
>>>
>>
>> Thanks,
>>
>
> Apparently it was just a broken cache problem. Elluminate does work.
>
> One nit was left unfixed:
>
>> +        URL documentBase = null;
>> +        if (file instanceof PluginBridge) {
>> +            documentBase = ((PluginBridge) file).getSourceLocation();
>> +        }
>> +        if (documentBase == null) {
>> +            documentBase = file.getCodeBase();
>> +        }
>
I have kept it as it was. I think there can be state, when (PluginBridge) file).getSourceLocation() 
will really remian null. But codebase is never null.

J.


From jvanek at redhat.com  Fri Mar 14 13:33:49 2014
From: jvanek at redhat.com (Jiri Vanek)
Date: Fri, 14 Mar 2014 14:33:49 +0100
Subject: [rfc][icedtea-web][policyeditor] Checkboxes not updating
In-Reply-To: <5322074F.9030703@redhat.com>
References: <5322074F.9030703@redhat.com>
Message-ID: <5323053D.3040607@redhat.com>

On 03/13/2014 08:30 PM, Andrew Azores wrote:
> Hi,
>
> This patch ensures that operations which should be done by the EDT are actually done by it, and also
> ensures that when a new codebase is added/selected, that the checkboxes properly update the first
> time around, without needing to select a different codebase and go back.
>
> ChangeLog:
> * netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java: (addNewCodebase) ensure that
> checkboxes update. (removeCodebase, updateCheckboxes) ensure UI updates are done on EDT.
>
> Thanks,
>
This should be ok to go.


J.

From aazores at icedtea.classpath.org  Fri Mar 14 13:40:06 2014
From: aazores at icedtea.classpath.org (aazores at icedtea.classpath.org)
Date: Fri, 14 Mar 2014 13:40:06 +0000
Subject: /hg/icedtea-web: PolicyEditor fix checkbox UI updating on open
Message-ID: <hg.fdff61a60cc1.1394804406.8643924302249223276@icedtea.classpath.org>

changeset fdff61a60cc1 in /hg/icedtea-web
details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=fdff61a60cc1
author: Andrew Azores <aazores at redhat.com>
date: Fri Mar 14 09:39:56 2014 -0400

	PolicyEditor fix checkbox UI updating on open

	* netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java:
	(addNewCodebase) ensure that checkboxes update. (removeCodebase,
	updateCheckboxes) ensure UI updates are done on EDT.


diffstat:

 ChangeLog                                                         |   6 +
 netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java |  83 ++++++---
 2 files changed, 59 insertions(+), 30 deletions(-)

diffs (123 lines):

diff -r aba4c18c4c64 -r fdff61a60cc1 ChangeLog
--- a/ChangeLog	Fri Mar 14 13:06:03 2014 +0100
+++ b/ChangeLog	Fri Mar 14 09:39:56 2014 -0400
@@ -1,3 +1,9 @@
+2014-03-14  Andrew Azores  <aazores at redhat.com>
+
+	* netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java:
+	(addNewCodebase) ensure that checkboxes update. (removeCodebase,
+	updateCheckboxes) ensure UI updates are done on EDT.
+
 2014-03-14  Jiri Vanek  <jvanek at redhat.com>
 
 	Base implementation of Application-Library-Allowable-Codebase. Remember
diff -r aba4c18c4c64 -r fdff61a60cc1 netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java
--- a/netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java	Fri Mar 14 13:06:03 2014 +0100
+++ b/netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java	Fri Mar 14 09:39:56 2014 -0400
@@ -478,10 +478,21 @@
             model = codebase;
         }
         if (!existingCodebase) {
-            listModel.addElement(model);
+            SwingUtilities.invokeLater(new Runnable() {
+                @Override
+                public void run() {
+                    listModel.addElement(model);
+                }
+            });
             changesMade = true;
         }
-        list.setSelectedValue(model, true);
+        SwingUtilities.invokeLater(new Runnable() {
+            @Override
+            public void run() {
+                list.setSelectedValue(model, true);
+                updateCheckboxes(codebase);
+            }
+        });
     }
 
     /**
@@ -545,8 +556,14 @@
             previousIndex = 0;
         }
         codebasePermissionsMap.remove(codebase);
-        listModel.removeElement(codebase);
-        list.setSelectedIndex(previousIndex);
+        final int fIndex = previousIndex;
+        SwingUtilities.invokeLater(new Runnable() {
+            @Override
+            public void run() {
+                listModel.removeElement(codebase);
+                list.setSelectedIndex(fIndex);
+            }
+        });
         changesMade = true;
     }
 
@@ -592,33 +609,39 @@
      * @param codebase whose permissions to display
      */
     private void updateCheckboxes(final String codebase) {
-        for (final PolicyEditorPermissions perm : PolicyEditorPermissions.values()) {
-            final JCheckBox box = checkboxMap.get(perm);
-            for (final ActionListener l : box.getActionListeners()) {
-                box.removeActionListener(l);
+        SwingUtilities.invokeLater(new Runnable() {
+            @Override
+            public void run() {
+                for (final PolicyEditorPermissions perm : PolicyEditorPermissions.values()) {
+                    final JCheckBox box = checkboxMap.get(perm);
+                    for (final ActionListener l : box.getActionListeners()) {
+                        box.removeActionListener(l);
+                    }
+                    initializeMapForCodebase(codebase);
+                    final Map<PolicyEditorPermissions, Boolean> map = codebasePermissionsMap.get(codebase);
+                    final boolean state;
+                    if (map != null) {
+                        final Boolean s = map.get(perm);
+                        if (s != null) {
+                            state = s;
+                        } else {
+                            state = false;
+                        }
+                    } else {
+                        state = false;
+                    }
+                    box.setSelected(state);
+                    box.addActionListener(new ActionListener() {
+                        @Override
+                        public void actionPerformed(final ActionEvent e) {
+                            changesMade = true;
+                            map.put(perm, box.isSelected());
+                        }
+                    });
+                }
             }
-            initializeMapForCodebase(codebase);
-            final Map<PolicyEditorPermissions, Boolean> map = codebasePermissionsMap.get(codebase);
-            final boolean state;
-            if (map != null) {
-                final Boolean s = map.get(perm);
-                if (s != null) {
-                    state = s;
-                } else {
-                    state = false;
-                }
-            } else {
-                state = false;
-            }
-            box.setSelected(state);
-            box.addActionListener(new ActionListener() {
-                @Override
-                public void actionPerformed(final ActionEvent e) {
-                    changesMade = true;
-                    map.put(perm, box.isSelected());
-                }
-            });
-        }
+        });
+
     }
 
     /**

From jvanek at redhat.com  Fri Mar 14 14:34:06 2014
From: jvanek at redhat.com (Jiri Vanek)
Date: Fri, 14 Mar 2014 15:34:06 +0100
Subject: [rfc][icedtea-web] Launching PolicyEditor from CertWarningPane
In-Reply-To: <53220A02.7090506@redhat.com>
References: <53220215.60301@redhat.com> <53220A02.7090506@redhat.com>
Message-ID: <5323135E.6070700@redhat.com>

On 03/13/2014 08:41 PM, Andrew Azores wrote:
> On 03/13/2014 03:08 PM, Andrew Azores wrote:
>> Hi,
>>
>> This patch adds a button which summons a popup menu, currently with only one item, allowing the
>> user to launch PolicyEditor directly from the warning dialog. The editor appears with the current
>> applet's codebase added (if necessary) and pre-selected. This, along with the sandbox button and
>> earlier patch allowing JNLPPolicy to use per-codebase policy entries and to reload at runtime,
>> allows for easy configuration of fine grained permissions granted to an applet.
>>
>> Feedback/recommendations on the UI here are definitely welcome. At a later point, extra items will
>> be added to the popup menu to allow for "this run only" temporary permissions to be granted to the
>> applet. These choices will have to use a different mechanism for adding the permissions, however,
>> since it won't be automatically handled by the JNLPPolicy/automatically reloaded by
>> SecurityDelegate, as the policy file permissions are. (note the conspicuous lack of any code here
>> to actually force a policy reload - this is already handled by the sandbox button and
>> SecurityDelegate)
>>
>> Note that there is a visual bug with PolicyEditor where the checkboxes may not be updated
>> correctly, and will be incorrectly blank when the currently selected codebase actually does have
>> permissions assigned. This will be addressed separately. As a workaround, simply switch to "All
>> applets" codebase, then back to the applet-specific one. The checkboxes will then correctly update.
>>
>> http://caff.de/applettest/Signed.html can serve as a test applet again.
>>
>> ChangeLog:
>> Add button with popup menu to launch PolicyEditor
>> * netx/net/sourceforge/jnlp/resources/Messages.properties: (ButPolicyEditorDropdown,
>> CertWarnPolicyTip, CertWarnPolicyEditorItem): new messages
>> * netx/net/sourceforge/jnlp/security/dialogs/CertWarningPane.java: (addComponents,
>> setTextAndLabels, addButtons) refactored and split methods. (createPolicyPermissionsMenu) new
>> method. (PolicyEditorLaunchListener) new ActionListener for advancedOptions button
>>
>> Thanks,
>>
>
> Sorry, tiny update here. I noticed that there was a small "deadspot" in the middle of the new
> button, which was apparently the popupmenu component, as clicking it caused PolicyEditor to appear.
> It seems this was because the menu was added as a child component of the button. Adding the
> component to the pane itself, which is the only change between this new patch and the previous one,
> resolves this. The popup menu still appears in the same place and works fine as far as I can tell.
>
> Is there some better way to handle JPopupMenus?
>
> Thanks,
>


many import issues. Invaid(how comae? My wrong I guess) and especially unused imports.

I gave up an code a bit O:). So user experience:


popupmenu - best handling is NOT to add as component. And do not show them in actionPerforemd.
Show them *without* parent, in mause Clicked - it have positionOnScreen, and you show the poup menu 
on this pposition. Should work like charm.

I would excude this "V" from pproperties. Also the button s quote wide. Maybe use image rather?

Interesting state - dialog appeared , I clicked "V" clicked  show policy editor, it apeared, I 
clicked cancel in mian dilog/or ok in main dialog.. The editro should be modal

How does it behave for  yes/no/cancel/close of policy editor?
  - small nit - other codebases in editor are confusing.


Thanx!
   J.

From jvanek at redhat.com  Fri Mar 14 14:34:43 2014
From: jvanek at redhat.com (Jiri Vanek)
Date: Fri, 14 Mar 2014 15:34:43 +0100
Subject: [rfc][icedtea-web] New PartiallySigned Dialog
In-Reply-To: <531DE32B.90300@redhat.com>
References: <53164E8D.90101@redhat.com> <53189FFA.3000404@redhat.com>
	<531DE32B.90300@redhat.com>
Message-ID: <53231383.2050402@redhat.com>

On 03/10/2014 05:07 PM, Andrew Azores wrote:
> On 03/06/2014 11:19 AM, Jiri Vanek wrote:
>> On 03/04/2014 11:07 PM, Andrew Azores wrote:
>>> Hi,
>>>
>>> This patch introduces a new PartiallySigned dialog to replace the NotAllSigned prompt. This new
>>> dialog uses the same abstracted parent class that was pulled out of the Unsigned dialog, so it
>>> uses the same remembered action storage and has the same general look and feel. This dialog also
>>> has a Sandbox button, just like CertWarningPane recently gained for fully signed applets, which
>>> allows partially signed ones to also be run with only sandbox permissions. Some more security
>>> info is also present on the dialog, eg the applet's publisher and codebase. Not yet included is a
>>> new Help text for this dialog, but this can be written up separately IMO. Right now it will just
>>> display the same Help as the Unsigned dialog.
>>>

many import issues. Invaid(how comae? My wrong I guess) and especially unused imports.

I gave up an code a bit O:). And user experience is quite good. Will this get custom policies too?

Othervise ok to go.



From aazores at redhat.com  Fri Mar 14 14:41:07 2014
From: aazores at redhat.com (Andrew Azores)
Date: Fri, 14 Mar 2014 10:41:07 -0400 (EDT)
Subject: [rfc][icedtea-web] New PartiallySigned Dialog
In-Reply-To: <53231383.2050402@redhat.com>
References: <53164E8D.90101@redhat.com> <53189FFA.3000404@redhat.com>
	<531DE32B.90300@redhat.com> <53231383.2050402@redhat.com>
Message-ID: <635654798.4133357.1394808067678.JavaMail.zimbra@redhat.com>

Yes, a custom policy button will be coming too.

Thanks,
Andrew A

----- Original Message -----
From: "Jiri Vanek" <jvanek at redhat.com>
To: "Andrew Azores" <aazores at redhat.com>
Cc: "IcedTea" <distro-pkg-dev at openjdk.java.net>
Sent: Friday, March 14, 2014 10:34:43 AM
Subject: Re: [rfc][icedtea-web] New PartiallySigned Dialog

On 03/10/2014 05:07 PM, Andrew Azores wrote:
> On 03/06/2014 11:19 AM, Jiri Vanek wrote:
>> On 03/04/2014 11:07 PM, Andrew Azores wrote:
>>> Hi,
>>>
>>> This patch introduces a new PartiallySigned dialog to replace the NotAllSigned prompt. This new
>>> dialog uses the same abstracted parent class that was pulled out of the Unsigned dialog, so it
>>> uses the same remembered action storage and has the same general look and feel. This dialog also
>>> has a Sandbox button, just like CertWarningPane recently gained for fully signed applets, which
>>> allows partially signed ones to also be run with only sandbox permissions. Some more security
>>> info is also present on the dialog, eg the applet's publisher and codebase. Not yet included is a
>>> new Help text for this dialog, but this can be written up separately IMO. Right now it will just
>>> display the same Help as the Unsigned dialog.
>>>

many import issues. Invaid(how comae? My wrong I guess) and especially unused imports.

I gave up an code a bit O:). And user experience is quite good. Will this get custom policies too?

Othervise ok to go.



From aazores at icedtea.classpath.org  Fri Mar 14 14:50:38 2014
From: aazores at icedtea.classpath.org (aazores at icedtea.classpath.org)
Date: Fri, 14 Mar 2014 14:50:38 +0000
Subject: /hg/icedtea-web: New PartiallySigned Dialog
Message-ID: <hg.15bbdf43c1e7.1394808638.8643924302249223276@icedtea.classpath.org>

changeset 15bbdf43c1e7 in /hg/icedtea-web
details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=15bbdf43c1e7
author: Andrew Azores <aazores at redhat.com>
date: Fri Mar 14 10:50:15 2014 -0400

	New PartiallySigned Dialog

	Added new PartiallySigned Dialog to replace NotAllSignedWarningPane.
	Also includes a Sandbox button.
	* netx/net/sourceforge/jnlp/resources/Messages.properties:
	(APPEXTSecunsignedAppletActionSandbox, LPartiallySignedApplet,
	LPartiallySignedAppletUserDenied) new messages. (SNotAllSignedSummary,
	SNotAllSignedDetail, SNotAllSignedQuestion) keys renamed to SPartially*
	* netx/net/sourceforge/jnlp/resources/Messages_cs.properties: (SNotAllSignedSummary,
	SNotAllSignedDetail, SNotAllSignedQuestion) keys renamed to SPartially*
	* netx/net/sourceforge/jnlp/resources/Messages_de.properties: same
	* netx/net/sourceforge/jnlp/resources/Messages_pl.properties: same
	* netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java:
	Logic added for displaying new PartiallySigned dialog.
	(showNotAllSignedDialog) removed. (getSigningState) new method.
	(promptUserOnPartialSigning, userPromptedForPartialSigning) new methods for
	SecurityDelegate.
	* netx/net/sourceforge/jnlp/security/dialogs/apptrustwarningpanel/AppTrustWarningDialog.java:
	(partiallySigned) new method
	* netx/net/sourceforge/jnlp/security/dialogs/apptrustwarningpanel/AppTrustWarningPanel.java:
	(chosenActionSetter) refactored to allow Sandbox action. (setupInfoPanel) applet
	title made overrideable by subclasses
	* netx/net/sourceforge/jnlp/security/SecurityDialog.java: (NOTALLSIGNED_WARNING)
	renamed PARTIALLYSIGNED_WARNING, display new dialog rather than old
	* netx/net/sourceforge/jnlp/security/SecurityDialogs.java: (NOTALLSIGNED_WARNING)
	renamed PARTIALLYSIGNED_WARNING. (showNotAllSignedWarningDialog) removed.
	(showPartiallySignedWarningDialog) new method
	* netx/net/sourceforge/jnlp/security/appletextendedsecurity/ExecuteAppletAction.java:
	Added Sandbox action
	* netx/net/sourceforge/jnlp/security/appletextendedsecurity/UnsignedAppletTrustConfirmation.java:
	(checkPartiallySignedWithUserIfRequired) new method
	* tests/reproducers/custom/SignedAppletCodebaseLoading/testcases/SignedAppletCodebaseLoadingTests.java:
	test now passes since dialog will not appear if applet security is set to Low.
	KnownToFail removed.
	* tests/reproducers/custom/SignedAppletExternalMainClass/testcases/SignedAppletExternalMainClassTest.java:
	same
	* netx/net/sourceforge/jnlp/security/dialogs/apptrustwarningpanel/PartiallySignedAppTrustWarningPanel.java:
	new class
	* netx/net/sourceforge/jnlp/security/dialogs/NotAllSignedWarningPane.java: deleted
	in favour of PartiallySignedAppTrustWarningPanel


diffstat:

 ChangeLog                                                                                                |   41 ++
 netx/net/sourceforge/jnlp/resources/Messages.properties                                                  |    9 +-
 netx/net/sourceforge/jnlp/resources/Messages_cs.properties                                               |    6 +-
 netx/net/sourceforge/jnlp/resources/Messages_de.properties                                               |    6 +-
 netx/net/sourceforge/jnlp/resources/Messages_pl.properties                                               |    6 +-
 netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java                                                   |   53 ++-
 netx/net/sourceforge/jnlp/security/SecurityDialog.java                                                   |   55 +--
 netx/net/sourceforge/jnlp/security/SecurityDialogs.java                                                  |   43 +-
 netx/net/sourceforge/jnlp/security/appletextendedsecurity/ExecuteAppletAction.java                       |    8 +-
 netx/net/sourceforge/jnlp/security/appletextendedsecurity/UnsignedAppletTrustConfirmation.java           |   50 +++
 netx/net/sourceforge/jnlp/security/dialogs/NotAllSignedWarningPane.java                                  |  115 --------
 netx/net/sourceforge/jnlp/security/dialogs/apptrustwarningpanel/AppTrustWarningDialog.java               |    6 +
 netx/net/sourceforge/jnlp/security/dialogs/apptrustwarningpanel/AppTrustWarningPanel.java                |   27 +-
 netx/net/sourceforge/jnlp/security/dialogs/apptrustwarningpanel/PartiallySignedAppTrustWarningPanel.java |  140 ++++++++++
 tests/reproducers/custom/SignedAppletCodebaseLoading/testcases/SignedAppletCodebaseLoadingTests.java     |    3 -
 tests/reproducers/custom/SignedAppletExternalMainClass/testcases/SignedAppletExternalMainClassTest.java  |    3 -
 16 files changed, 350 insertions(+), 221 deletions(-)

diffs (truncated from 919 to 500 lines):

diff -r fdff61a60cc1 -r 15bbdf43c1e7 ChangeLog
--- a/ChangeLog	Fri Mar 14 09:39:56 2014 -0400
+++ b/ChangeLog	Fri Mar 14 10:50:15 2014 -0400
@@ -1,3 +1,44 @@
+2014-03-14  Andrew Azores  <aazores at redhat.com>
+
+	Added new PartiallySigned Dialog to replace NotAllSignedWarningPane.
+	Also includes a Sandbox button.
+	* netx/net/sourceforge/jnlp/resources/Messages.properties:
+	(APPEXTSecunsignedAppletActionSandbox, LPartiallySignedApplet,
+	LPartiallySignedAppletUserDenied) new messages. (SNotAllSignedSummary,
+	SNotAllSignedDetail, SNotAllSignedQuestion) keys renamed to SPartially*
+	* netx/net/sourceforge/jnlp/resources/Messages_cs.properties: (SNotAllSignedSummary,
+	SNotAllSignedDetail, SNotAllSignedQuestion) keys renamed to SPartially*
+	* netx/net/sourceforge/jnlp/resources/Messages_de.properties: same
+	* netx/net/sourceforge/jnlp/resources/Messages_pl.properties: same
+	* netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java:
+	Logic added for displaying new PartiallySigned dialog.
+	(showNotAllSignedDialog) removed. (getSigningState) new method.
+	(promptUserOnPartialSigning, userPromptedForPartialSigning) new methods for
+	SecurityDelegate.
+	* netx/net/sourceforge/jnlp/security/dialogs/apptrustwarningpanel/AppTrustWarningDialog.java:
+	(partiallySigned) new method
+	* netx/net/sourceforge/jnlp/security/dialogs/apptrustwarningpanel/AppTrustWarningPanel.java:
+	(chosenActionSetter) refactored to allow Sandbox action. (setupInfoPanel) applet
+	title made overrideable by subclasses
+	* netx/net/sourceforge/jnlp/security/SecurityDialog.java: (NOTALLSIGNED_WARNING)
+	renamed PARTIALLYSIGNED_WARNING, display new dialog rather than old
+	* netx/net/sourceforge/jnlp/security/SecurityDialogs.java: (NOTALLSIGNED_WARNING)
+	renamed PARTIALLYSIGNED_WARNING. (showNotAllSignedWarningDialog) removed.
+	(showPartiallySignedWarningDialog) new method
+	* netx/net/sourceforge/jnlp/security/appletextendedsecurity/ExecuteAppletAction.java:
+	Added Sandbox action
+	* netx/net/sourceforge/jnlp/security/appletextendedsecurity/UnsignedAppletTrustConfirmation.java:
+	(checkPartiallySignedWithUserIfRequired) new method
+	* tests/reproducers/custom/SignedAppletCodebaseLoading/testcases/SignedAppletCodebaseLoadingTests.java:
+	test now passes since dialog will not appear if applet security is set to Low.
+	KnownToFail removed.
+	* tests/reproducers/custom/SignedAppletExternalMainClass/testcases/SignedAppletExternalMainClassTest.java:
+	same
+	* netx/net/sourceforge/jnlp/security/dialogs/apptrustwarningpanel/PartiallySignedAppTrustWarningPanel.java:
+	new class
+	* netx/net/sourceforge/jnlp/security/dialogs/NotAllSignedWarningPane.java: deleted
+	in favour of PartiallySignedAppTrustWarningPanel
+
 2014-03-14  Andrew Azores  <aazores at redhat.com>
 
 	* netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java:
diff -r fdff61a60cc1 -r 15bbdf43c1e7 netx/net/sourceforge/jnlp/resources/Messages.properties
--- a/netx/net/sourceforge/jnlp/resources/Messages.properties	Fri Mar 14 09:39:56 2014 -0400
+++ b/netx/net/sourceforge/jnlp/resources/Messages.properties	Fri Mar 14 10:50:15 2014 -0400
@@ -127,6 +127,8 @@
 LUnsignedApplet=The applet was unsigned.
 LUnsignedAppletPolicyDenied=The applet was unsigned, and the security policy prevented it from running.
 LUnsignedAppletUserDenied=The applet was unsigned, and was not trusted.
+LPartiallySignedApplet=The applet was partially signed.
+LPartiallySignedAppletUserDenied=The applet was partially signed, and the user did not trust it.
 LSignedAppJarUsingUnsignedJar=Signed application using unsigned jars.
 LSignedAppJarUsingUnsignedJarInfo=The main application jar is signed, but some of the jars it is using aren't.
 LRunInSandboxError=Run in Sandbox call performed too late.
@@ -291,9 +293,9 @@
 SUnsignedAllowedBefore=<font color="green">You have accepted this applet previously.</font>
 SUnsignedRejectedBefore=<font color="red">You have rejected this applet previously.</font>
 SUnsignedQuestion=Allow the applet to run?
-SNotAllSignedSummary=Only parts of this application code are signed.
-SNotAllSignedDetail=This application contains both signed and unsigned code. While signed code is safe if you trust the provider, unsigned code may imply code outside of the trusted provider's control.
-SNotAllSignedQuestion=Do you wish to proceed and run this application anyway?
+SPartiallySignedSummary=Only parts of this application code are signed.
+SPartiallySignedDetail=This application contains both signed and unsigned code. While signed code is safe if you trust the provider, unsigned code may imply code outside of the trusted provider's control.
+SPartiallySignedQuestion=Do you wish to proceed and run this application anyway?
 SAuthenticationPrompt=The {0} server at {1} is requesting authentication. It says "{2}"
 SJNLPFileIsNotSigned=This application contains a digital signature in which the launching JNLP file is not signed.
 SAppletTitle=Applet title: {0}
@@ -755,6 +757,7 @@
 APPEXTSECunsignedAppletActionAlways=Always trust this (matching) applet(s)
 APPEXTSECunsignedAppletActionNever=Never trust this (matching) applet(s)
 APPEXTSECunsignedAppletActionYes=This applet was visited and allowed
+APPEXTSecunsignedAppletActionSandbox=This applet was visited and allowed to run with restricted privileges
 APPEXTSECunsignedAppletActionNo=This applet was visited and denied
 APPEXTSECControlPanelExtendedAppletSecurityTitle=Extended applet security
 APPEXTSECguiTableModelTableColumnAction=Action
diff -r fdff61a60cc1 -r 15bbdf43c1e7 netx/net/sourceforge/jnlp/resources/Messages_cs.properties
--- a/netx/net/sourceforge/jnlp/resources/Messages_cs.properties	Fri Mar 14 09:39:56 2014 -0400
+++ b/netx/net/sourceforge/jnlp/resources/Messages_cs.properties	Fri Mar 14 10:50:15 2014 -0400
@@ -232,9 +232,9 @@
 SUnsignedAllowedBefore=<font color="green">Tento applet jste ji\u017e d\u0159\u00edve povolili.</font>
 SUnsignedRejectedBefore=<font color="red">Tento applet jste ji\u017e d\u0159\u00edve odm\u00edtli.</font>
 SUnsignedQuestion=Povolit spu\u0161t\u011bn\u00ed appletu?
-SNotAllSignedSummary=Podeps\u00e1ny jsou jen \u010d\u00e1sti k\u00f3du t\u00e9to aplikace.
-SNotAllSignedDetail=Tato aplikace obsahuje podepsan\u00fd i nepodepsan\u00fd k\u00f3d. Podepsan\u00fd k\u00f3d je bezpe\u010dn\u00fd, pokud d\u016fv\u011b\u0159ujete poskytovateli tohoto k\u00f3du. Nepodepsan\u00e9 \u010d\u00e1sti mohou obsahovat k\u00f3d, kter\u00fd nen\u00ed pod kontrolou d\u016fv\u011bryhodn\u00e9ho poskytovatele.
-SNotAllSignedQuestion=Chcete p\u0159esto pokra\u010dovat a spustit aplikaci?
+SPartiallySignedSummary=Podeps\u00e1ny jsou jen \u010d\u00e1sti k\u00f3du t\u00e9to aplikace.
+SPartiallySignedDetail=Tato aplikace obsahuje podepsan\u00fd i nepodepsan\u00fd k\u00f3d. Podepsan\u00fd k\u00f3d je bezpe\u010dn\u00fd, pokud d\u016fv\u011b\u0159ujete poskytovateli tohoto k\u00f3du. Nepodepsan\u00e9 \u010d\u00e1sti mohou obsahovat k\u00f3d, kter\u00fd nen\u00ed pod kontrolou d\u016fv\u011bryhodn\u00e9ho poskytovatele.
+SPartiallySignedQuestion=Chcete p\u0159esto pokra\u010dovat a spustit aplikaci?
 SAuthenticationPrompt=Server {0} na adrese {1} vy\u017eaduje ov\u011b\u0159en\u00ed. Zpr\u00e1va: \u201e{2}\u201c
 SJNLPFileIsNotSigned=Tato aplikace obsahuje digit\u00e1ln\u00ed podpis, v r\u00e1mci kter\u00e9ho v\u0161ak nen\u00ed podeps\u00e1n spou\u0161t\u011bn\u00fd soubor JNLP.
 
diff -r fdff61a60cc1 -r 15bbdf43c1e7 netx/net/sourceforge/jnlp/resources/Messages_de.properties
--- a/netx/net/sourceforge/jnlp/resources/Messages_de.properties	Fri Mar 14 09:39:56 2014 -0400
+++ b/netx/net/sourceforge/jnlp/resources/Messages_de.properties	Fri Mar 14 10:50:15 2014 -0400
@@ -244,9 +244,9 @@
 SUnsignedAllowedBefore=<font color="green">Dieses Applet wurde bereits akzeptiert.</font>
 SUnsignedRejectedBefore=<font color="red">Dieses Applet wurde bereits abgelehnt.</font>
 SUnsignedQuestion=Soll dem Applet die Ausf\u00fchrung erlaubt werden?
-SNotAllSignedSummary=Nur Teile des Anwendungscodes sind signiert.
-SNotAllSignedDetail=Diese Anwendung enth\u00e4lt sowohl signierten als auch nicht signierten Code. W\u00e4hrend signierter Code sicher ist, wenn Sie dem Anbieter vertrauen, kann nicht signierter Code sich \u00fcber Code erstrecken, der sich der Kontrolle des Anbieters entzieht.
-SNotAllSignedQuestion=Soll fortgefahren und diese Anwendung dennoch zur Ausf\u00fchrung gebracht werden?
+SPartiallySignedSummary=Nur Teile des Anwendungscodes sind signiert.
+SPartiallySignedDetail=Diese Anwendung enth\u00e4lt sowohl signierten als auch nicht signierten Code. W\u00e4hrend signierter Code sicher ist, wenn Sie dem Anbieter vertrauen, kann nicht signierter Code sich \u00fcber Code erstrecken, der sich der Kontrolle des Anbieters entzieht.
+SPartiallySignedQuestion=Soll fortgefahren und diese Anwendung dennoch zur Ausf\u00fchrung gebracht werden?
 SAuthenticationPrompt=Der Server {0} von {1} fordert Authentifizierung an. Er sagt: \u201e{2}\u201c
 SJNLPFileIsNotSigned=Die Anwendung enth\u00e4lt eine digitale Signatur in der, die startende JNLP-Datei nicht signiert ist.
 
diff -r fdff61a60cc1 -r 15bbdf43c1e7 netx/net/sourceforge/jnlp/resources/Messages_pl.properties
--- a/netx/net/sourceforge/jnlp/resources/Messages_pl.properties	Fri Mar 14 09:39:56 2014 -0400
+++ b/netx/net/sourceforge/jnlp/resources/Messages_pl.properties	Fri Mar 14 10:50:15 2014 -0400
@@ -244,9 +244,9 @@
 SUnsignedAllowedBefore=<font color="green">Zaakceptowa\u0142e\u015b ten applet poprzednio.</font>
 SUnsignedRejectedBefore=<font color="red">Odrzuci\u0142e\u015b ten applet poprzednio.</font>
 SUnsignedQuestion=Czy chcesz zezwoli\u0107 temu applet-owi na uruchomienie?
-SNotAllSignedSummary=Zaledwie cz\u0119\u015bci kodu tej aplikacji s\u0105 podpisane.
-SNotAllSignedDetail=Ta aplikacja zawiera zar\u00f3wno podpisany jak i niepodpisany kod. Cho\u0107 kod, kt\u00f3ry jest podpisany przez zaufanego dostawc\u0119 jest bezpieczny, niepodpisany kod mo\u017ce poci\u0105ga\u0107 za sob\u0105 kod, kt\u00f3ry jest poza kontrolnym zasi\u0119giem zaufanego dostawcy.
-SNotAllSignedQuestion=Czy chcesz kontynuowa\u0107 i mimo to uruchomi\u0107 t\u0105 aplikacj\u0119?
+SPartiallySignedSummary=Zaledwie cz\u0119\u015bci kodu tej aplikacji s\u0105 podpisane.
+SPartiallySignedDetail=Ta aplikacja zawiera zar\u00f3wno podpisany jak i niepodpisany kod. Cho\u0107 kod, kt\u00f3ry jest podpisany przez zaufanego dostawc\u0119 jest bezpieczny, niepodpisany kod mo\u017ce poci\u0105ga\u0107 za sob\u0105 kod, kt\u00f3ry jest poza kontrolnym zasi\u0119giem zaufanego dostawcy.
+SPartiallySignedQuestion=Czy chcesz kontynuowa\u0107 i mimo to uruchomi\u0107 t\u0105 aplikacj\u0119?
 SAuthenticationPrompt=Serwer {0} w \u201e{1}\u201d \u017c\u0105da uwierzytelnienia. Podaje komunikat: \u201e{2}\u201d
 SJNLPFileIsNotSigned=Ta aplikacja zawiera podpis cyfrowy, jednak startowany plik JNLP jest bez podpisu.
 
diff -r fdff61a60cc1 -r 15bbdf43c1e7 netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java
--- a/netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java	Fri Mar 14 09:39:56 2014 -0400
+++ b/netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java	Fri Mar 14 10:50:15 2014 -0400
@@ -15,7 +15,6 @@
 
 package net.sourceforge.jnlp.runtime;
 
-import net.sourceforge.jnlp.JNLPFile.ManifestBoolean;
 import static net.sourceforge.jnlp.runtime.Translator.R;
 
 import java.io.File;
@@ -65,6 +64,7 @@
 import net.sourceforge.jnlp.ExtensionDesc;
 import net.sourceforge.jnlp.JARDesc;
 import net.sourceforge.jnlp.JNLPFile;
+import net.sourceforge.jnlp.JNLPFile.ManifestBoolean;
 import net.sourceforge.jnlp.JNLPMatcher;
 import net.sourceforge.jnlp.JNLPMatcherException;
 import net.sourceforge.jnlp.LaunchDesc;
@@ -365,7 +365,9 @@
         // the user was already shown a CertWarning dialog and has chosen to run the applet sandboxed.
         // This means they've already agreed to running the applet and have specified with which
         // permission level to do it!
-        if (!loader.getSigning() && !loader.securityDelegate.userPromptedForSandbox() && file instanceof PluginBridge) {
+        if (loader.getSigningState() == SigningState.PARTIAL) {
+            loader.securityDelegate.promptUserOnPartialSigning();
+        } else if (!loader.getSigning() && !loader.securityDelegate.userPromptedForSandbox() && file instanceof PluginBridge) {
             UnsignedAppletTrustConfirmation.checkUnsignedWithUserIfRequired((PluginBridge)file);
         }
 
@@ -374,10 +376,9 @@
         JNLPClassLoader extLoader = uniqueKeyToLoader.get(uniqueKey);
 
         if (extLoader != null && extLoader != loader) {
-            if (loader.getSigning() && !extLoader.getSigning())
-                if (!SecurityDialogs.showNotAllSignedWarningDialog(file))
-                    throw new LaunchException(file, null, R("LSFatal"), R("LCClient"), R("LSignedAppJarUsingUnsignedJar"), R("LSignedAppJarUsingUnsignedJarInfo"));
-
+            if (loader.getSigning() != extLoader.getSigning()) {
+                loader.securityDelegate.promptUserOnPartialSigning();
+            }
             loader.merge(extLoader);
             extLoader.decrementLoaderUseCount(); // loader urls have been merged, ext loader is no longer used
         }
@@ -1055,7 +1056,7 @@
             return;
         }
 
-        if (jcv.isFullySigned() && !jcv.getAlreadyTrustPublisher()) {
+        if (getSigningState() == SigningState.FULL && jcv.isFullySigned() && !jcv.getAlreadyTrustPublisher()) {
             jcv.checkTrustWithUser(securityDelegate, file);
         }
     }
@@ -1077,21 +1078,6 @@
     }
 
     /**
-     * Display a dialog prompting the user to proceed on applets with mixed signing.
-     * @param file the JNLPFile or PluginBridge describing the applet/application to be launched
-     * @throws LaunchException if the user does not approve the prompt
-     */
-    private void showNotAllSignedDialog(JNLPFile file) throws LaunchException {
-        if (JNLPRuntime.isTrustAll()) {
-            return;
-        }
-
-        if (!SecurityDialogs.showNotAllSignedWarningDialog(file)) {
-            throw new LaunchException(file, null, R("LSFatal"), R("LCClient"), R("LSignedAppJarUsingUnsignedJar"), R("LSignedAppJarUsingUnsignedJarInfo"));
-        }
-    }
-
-    /**
      * Add applet's codebase URL.  This allows compatibility with
      * applets that load resources from their codebase instead of
      * through JARs, but can slow down resource loading.  Resources
@@ -1921,7 +1907,7 @@
         if (signing == SigningState.FULL && JNLPRuntime.isVerifying()) {
             signing = SigningState.PARTIAL;
             try {
-                showNotAllSignedDialog(this.file);
+                securityDelegate.promptUserOnPartialSigning();
             } catch (LaunchException e) {
                 throw new RuntimeException("The signed applet required loading of unsigned code from the codebase, "
                         + "which the user refused", e);
@@ -1929,6 +1915,10 @@
         }
     }
 
+    public SigningState getSigningState() {
+        return signing;
+    }
+
     protected SecurityDesc getSecurity() {
         return security;
     }
@@ -2314,6 +2304,8 @@
     public static interface SecurityDelegate {
         public boolean isPluginApplet();
 
+        public boolean userPromptedForPartialSigning();
+
         public boolean userPromptedForSandbox();
 
         public SecurityDesc getCodebaseSecurityDesc(final JARDesc jarDesc, final String codebaseHost);
@@ -2322,6 +2314,8 @@
 
         public SecurityDesc getJarPermissions(final String codebaseHost);
 
+        public void promptUserOnPartialSigning() throws LaunchException;
+
         public void setRunInSandbox() throws LaunchException;
 
         public boolean getRunInSandbox();
@@ -2424,6 +2418,7 @@
     public static class SecurityDelegateImpl implements SecurityDelegate {
         private final JNLPClassLoader classLoader;
         private boolean runInSandbox;
+        private boolean promptedForPartialSigning;
         private boolean promptedForSandbox;
 
         public SecurityDelegateImpl(final JNLPClassLoader classLoader) {
@@ -2530,10 +2525,22 @@
             this.runInSandbox = true;
         }
 
+        public void promptUserOnPartialSigning() throws LaunchException {
+            if (promptedForPartialSigning || JNLPRuntime.isTrustAll()) {
+                return;
+            }
+            promptedForPartialSigning = true;
+            UnsignedAppletTrustConfirmation.checkPartiallySignedWithUserIfRequired(this, classLoader.file, classLoader.jcv);
+        }
+
         public boolean getRunInSandbox() {
             return this.runInSandbox;
         }
 
+        public boolean userPromptedForPartialSigning() {
+            return this.promptedForPartialSigning;
+        }
+
         public boolean userPromptedForSandbox() {
             return this.promptedForSandbox;
         }
diff -r fdff61a60cc1 -r 15bbdf43c1e7 netx/net/sourceforge/jnlp/security/SecurityDialog.java
--- a/netx/net/sourceforge/jnlp/security/SecurityDialog.java	Fri Mar 14 09:39:56 2014 -0400
+++ b/netx/net/sourceforge/jnlp/security/SecurityDialog.java	Fri Mar 14 10:50:15 2014 -0400
@@ -37,35 +37,34 @@
 
 package net.sourceforge.jnlp.security;
 
-import net.sourceforge.jnlp.security.dialogs.MissingALACAttributePanel;
-import net.sourceforge.jnlp.security.dialogs.MatchingALACAttributePanel;
-import net.sourceforge.jnlp.security.dialogs.MissingPermissionsAttributePanel;
-import net.sourceforge.jnlp.security.dialogs.AppletWarningPane;
-import net.sourceforge.jnlp.security.dialogs.AccessWarningPane;
-import net.sourceforge.jnlp.security.dialogs.NotAllSignedWarningPane;
-import net.sourceforge.jnlp.security.dialogs.apptrustwarningpanel.UnsignedAppletTrustWarningDialog;
-import net.sourceforge.jnlp.security.dialogs.PasswordAuthenticationPane;
-import net.sourceforge.jnlp.security.dialogs.SecurityDialogPanel;
-import net.sourceforge.jnlp.security.dialogs.CertWarningPane;
-import net.sourceforge.jnlp.security.dialogs.SingleCertInfoPane;
-import net.sourceforge.jnlp.security.dialogs.CertsInfoPane;
-import net.sourceforge.jnlp.security.dialogs.MoreInfoPane;
+import java.awt.BorderLayout;
+import java.awt.event.ActionListener;
+import java.awt.event.WindowAdapter;
+import java.awt.event.WindowEvent;
+import java.security.cert.X509Certificate;
+import java.util.List;
+import java.util.concurrent.CopyOnWriteArrayList;
+
+import javax.swing.JDialog;
+
 import net.sourceforge.jnlp.JNLPFile;
 import net.sourceforge.jnlp.security.SecurityDialogs.AccessType;
 import net.sourceforge.jnlp.security.SecurityDialogs.DialogType;
+import net.sourceforge.jnlp.security.dialogs.AccessWarningPane;
+import net.sourceforge.jnlp.security.dialogs.AppletWarningPane;
+import net.sourceforge.jnlp.security.dialogs.CertWarningPane;
+import net.sourceforge.jnlp.security.dialogs.CertsInfoPane;
+import net.sourceforge.jnlp.security.dialogs.MatchingALACAttributePanel;
+import net.sourceforge.jnlp.security.dialogs.MissingALACAttributePanel;
+import net.sourceforge.jnlp.security.dialogs.MissingPermissionsAttributePanel;
+import net.sourceforge.jnlp.security.dialogs.MoreInfoPane;
+import net.sourceforge.jnlp.security.dialogs.PasswordAuthenticationPane;
+import net.sourceforge.jnlp.security.dialogs.SecurityDialogPanel;
+import net.sourceforge.jnlp.security.dialogs.SingleCertInfoPane;
+import net.sourceforge.jnlp.security.dialogs.apptrustwarningpanel.AppTrustWarningDialog;
 import net.sourceforge.jnlp.util.ImageResources;
-
-import java.awt.*;
-
-import javax.swing.*;
-
-import java.awt.event.*;
-import java.security.cert.X509Certificate;
-import java.util.concurrent.CopyOnWriteArrayList;
-
-import java.util.List;
+import net.sourceforge.jnlp.util.ScreenFinder;
 import net.sourceforge.jnlp.util.logging.OutputController;
-import net.sourceforge.jnlp.util.ScreenFinder;
 
 /**
  * Provides methods for showing security warning dialogs for a wide range of
@@ -241,7 +240,7 @@
             dialogTitle = "Security Warning";
         else if (dialogType == DialogType.APPLET_WARNING)
             dialogTitle = "Applet Warning";
-        else if (dialogType == DialogType.NOTALLSIGNED_WARNING)
+        else if (dialogType == DialogType.PARTIALLYSIGNED_WARNING)
             dialogTitle = "Security Warning";
         else if (dialogType == DialogType.AUTHENTICATION)
             dialogTitle = "Authentication Required";
@@ -314,10 +313,10 @@
             panel = new AccessWarningPane(this, extras, this.certVerifier);
         else if (dialogType == DialogType.APPLET_WARNING)
             panel = new AppletWarningPane(this, this.certVerifier);
-        else if (dialogType == DialogType.NOTALLSIGNED_WARNING)
-            panel = new NotAllSignedWarningPane(this);
+        else if (dialogType == DialogType.PARTIALLYSIGNED_WARNING)
+            panel = AppTrustWarningDialog.partiallySigned(this, file);
         else if (dialogType == DialogType.UNSIGNED_WARNING) // Only necessary for applets on 'high security' or above
-            panel = new UnsignedAppletTrustWarningDialog(this, file);
+            panel = AppTrustWarningDialog.unsigned(this, file);
         else if (dialogType == DialogType.AUTHENTICATION)
             panel = new PasswordAuthenticationPane(this, extras);
         else if (dialogType == DialogType.UNSIGNED_EAS_NO_PERMISSIONS_WARNING)
diff -r fdff61a60cc1 -r 15bbdf43c1e7 netx/net/sourceforge/jnlp/security/SecurityDialogs.java
--- a/netx/net/sourceforge/jnlp/security/SecurityDialogs.java	Fri Mar 14 09:39:56 2014 -0400
+++ b/netx/net/sourceforge/jnlp/security/SecurityDialogs.java	Fri Mar 14 10:50:15 2014 -0400
@@ -78,7 +78,7 @@
         CERT_INFO,
         SINGLE_CERT_INFO,
         ACCESS_WARNING,
-        NOTALLSIGNED_WARNING,
+        PARTIALLYSIGNED_WARNING,
         UNSIGNED_WARNING,   /* requires confirmation with 'high-security' setting */
         APPLET_WARNING,
         AUTHENTICATION,
@@ -98,7 +98,7 @@
         NETWORK,
         VERIFIED,
         UNVERIFIED,
-        NOTALLSIGNED,
+        PARTIALLYSIGNED,
         UNSIGNED,           /* requires confirmation with 'high-security' setting */
         SIGNING_ERROR
     }
@@ -163,29 +163,6 @@
     }
 
     /**
-     * Shows a warning dialog for when the main application jars are signed,
-     * but extensions aren't
-     *
-     * @return true if permission was granted by the user, false otherwise.
-     */
-    public static boolean showNotAllSignedWarningDialog(JNLPFile file) {
-
-        if (!shouldPromptUser()) {
-            return false;
-        }
-
-        final SecurityDialogMessage message = new SecurityDialogMessage();
-        message.dialogType = DialogType.NOTALLSIGNED_WARNING;
-        message.accessType = AccessType.NOTALLSIGNED;
-        message.file = file;
-        message.extras = new Object[0];
-
-        Object selectedValue = getUserResponse(message);
-
-        return getIntegerResponseAsBoolean(selectedValue);
-    }
-
-    /**
      * Shows a warning dialog for when a plugin applet is unsigned.
      * This is used with 'high-security' setting.
      *
@@ -238,6 +215,22 @@
     }
 
     /**
+     * Shows a warning dialog for when an applet or application is partially signed.
+     *
+     * @return true if permission was granted by the user, false otherwise.
+     */
+    public static AppSigningWarningAction showPartiallySignedWarningDialog(JNLPFile file, CertVerifier certVerifier) {
+
+        final SecurityDialogMessage message = new SecurityDialogMessage();
+        message.dialogType = DialogType.PARTIALLYSIGNED_WARNING;
+        message.accessType = AccessType.PARTIALLYSIGNED;
+        message.file = file;
+        message.certVerifier = certVerifier;
+
+        return (AppSigningWarningAction) getUserResponse(message);
+    }
+
+    /**
      * Present a dialog to the user asking them for authentication information,
      * and returns the user's response. The caller must have
      * NetPermission("requestPasswordAuthentication") for this to work.
diff -r fdff61a60cc1 -r 15bbdf43c1e7 netx/net/sourceforge/jnlp/security/appletextendedsecurity/ExecuteAppletAction.java
--- a/netx/net/sourceforge/jnlp/security/appletextendedsecurity/ExecuteAppletAction.java	Fri Mar 14 09:39:56 2014 -0400
+++ b/netx/net/sourceforge/jnlp/security/appletextendedsecurity/ExecuteAppletAction.java	Fri Mar 14 10:50:15 2014 -0400
@@ -39,7 +39,7 @@
 
 public enum ExecuteAppletAction {
 
-    ALWAYS, NEVER, YES, NO;
+    ALWAYS, NEVER, YES, SANDBOX, NO;
 
     public String toChar() {
         switch (this) {
@@ -49,6 +49,8 @@
                 return "N";
             case YES:
                 return "y";
+            case SANDBOX:
+                return "s";
             case NO:
                 return "n";
         }
@@ -63,6 +65,8 @@
                 return Translator.R("APPEXTSECunsignedAppletActionNever");
             case YES:
                 return Translator.R("APPEXTSECunsignedAppletActionYes");
+            case SANDBOX:
+                return Translator.R("APPEXTSECunsignedAppletActionSandbox");
             case NO:
                 return Translator.R("APPEXTSECunsignedAppletActionNo");
         }
@@ -76,6 +80,8 @@
             return ExecuteAppletAction.NEVER;
         } else if (s.startsWith("y")) {
             return ExecuteAppletAction.YES;
+        } else if (s.startsWith("s")) {
+            return ExecuteAppletAction.SANDBOX;
         } else if (s.startsWith("n")) {
             return ExecuteAppletAction.NO;
         } else {
diff -r fdff61a60cc1 -r 15bbdf43c1e7 netx/net/sourceforge/jnlp/security/appletextendedsecurity/UnsignedAppletTrustConfirmation.java
--- a/netx/net/sourceforge/jnlp/security/appletextendedsecurity/UnsignedAppletTrustConfirmation.java	Fri Mar 14 09:39:56 2014 -0400
+++ b/netx/net/sourceforge/jnlp/security/appletextendedsecurity/UnsignedAppletTrustConfirmation.java	Fri Mar 14 10:50:15 2014 -0400
@@ -48,6 +48,8 @@
 import net.sourceforge.jnlp.JNLPFile;
 import net.sourceforge.jnlp.LaunchException;
 import net.sourceforge.jnlp.PluginBridge;
+import net.sourceforge.jnlp.runtime.JNLPRuntime;
+import net.sourceforge.jnlp.runtime.JNLPClassLoader.SecurityDelegate;
 import net.sourceforge.jnlp.security.dialogs.apptrustwarningpanel.AppTrustWarningPanel.AppSigningWarningAction;
 import net.sourceforge.jnlp.security.CertVerifier;
 import net.sourceforge.jnlp.security.SecurityDialogs;
@@ -212,4 +214,52 @@
 
     }
 
+    public static void checkPartiallySignedWithUserIfRequired(SecurityDelegate securityDelegate, JNLPFile file,
+            CertVerifier certVerifier) throws LaunchException {
+
+        if (JNLPRuntime.isTrustNone()) {
+            OutputController.getLogger().log(OutputController.Level.ERROR_DEBUG, "Running partially signed applet at " + file.getCodeBase() + " with only Sandbox permissions due to -Xtrustnone flag");
+            securityDelegate.setRunInSandbox();
+            return;
+        }
+
+        if (!unsignedConfirmationIsRequired()) {
+            OutputController.getLogger().log(OutputController.Level.ERROR_DEBUG, "Running partially signed applet at " + file.getCodeBase() + " does not require confirmation according to security policy.");
+            return;
+        }

From stefan.reich.maker.of.eye at googlemail.com  Fri Mar 14 15:52:52 2014
From: stefan.reich.maker.of.eye at googlemail.com (Stefan Reich)
Date: Fri, 14 Mar 2014 16:52:52 +0100
Subject: How to have WebStart create start menu items (on Linux)?
In-Reply-To: <20140312160430.GG2062@redhat.com>
References: <CAC2-jLG-i31oSBh5ngvkwiY5LrgyS+rpbgFQY3++KC=hTWutSg@mail.gmail.com>
	<20140312160430.GG2062@redhat.com>
Message-ID: <CAC2-jLFD5AkxoGJz7aqqUnPNmzO+HUF-uDrP8RWi=oot7yUfRw@mail.gmail.com>

Hi Omair!

On Wed, Mar 12, 2014 at 5:04 PM, Omair Majid <omajid at redhat.com> wrote:

> Hi,
>
> * Stefan Reich <stefan.reich.maker.of.eye at googlemail.com> [2014-03-09
> 11:13]:
> > I have successfully deployed a WebStart app on both Windows and IcedTea.
>
> Good to hear!
>

Yes... it's a very important milestone! I want to conquer desktops all over
the world :-) Build trust and such!

>
> > Just about the only thing I'm missing (- apart from a certificate from a
> CA
> > that I can afford - ) is to place entries in the start menu.
> >
> > But anyways - WebStart/IcedTea should be able to do it, right? I am
> getting a
> > desktop short cut alright, just none in the start menu.
>
> I think this feature is currently un-implemented [1]. If you can provide
> patches, I am sure we will try and incorporate them.
>

Oh. Yeah it looks unimplemented anyway.

>
> The implementation of menus is described in the Desktop Menu
> Specification [2].
>

It looks... daunting :/ I'd love to do it, but I think I'll need to write
an AI to solve this. Hah :-)

Many greetings,
Stefan
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140314/21f2e3b3/attachment.html>

From aazores at redhat.com  Fri Mar 14 16:00:28 2014
From: aazores at redhat.com (Andrew Azores)
Date: Fri, 14 Mar 2014 12:00:28 -0400 (EDT)
Subject: [rfc][icedtea-web] Launching PolicyEditor from CertWarningPane
In-Reply-To: <5323135E.6070700@redhat.com>
References: <53220215.60301@redhat.com> <53220A02.7090506@redhat.com>
	<5323135E.6070700@redhat.com>
Message-ID: <780923058.4176443.1394812828836.JavaMail.zimbra@redhat.com>

> many import issues. Invaid(how comae? My wrong I guess) and especially unused imports.
> 
> I gave up an code a bit O:). So user experience:
> 
> 
> popupmenu - best handling is NOT to add as component. And do not show them in actionPerforemd.
> Show them *without* parent, in mause Clicked - it have positionOnScreen, and you show the poup menu 
> on this pposition. Should work like charm.

This seems to work well, thanks for the tip.

> 
> I would excude this "V" from pproperties. Also the button s quote wide. Maybe use image rather?

I tried using an image now but wasn't really happy with the results. I've changed it instead to a unicode character that looks like the three horizontal line overflow menu icon that's being used by iOS and Android. I think it's pretty nice although the button is still a bit wide.

> 
> Interesting state - dialog appeared , I clicked "V" clicked  show policy editor, it apeared, I 
> clicked cancel in mian dilog/or ok in main dialog.. The editro should be modal

Hmm, well it's a JFrame, so I can't easily make it modal I don't think. Maybe as a separate changeset PolicyEditor can be made into a JDialog and CertWarningPane can then be made to use it as a modal dialog?

> 
> How does it behave for  yes/no/cancel/close of policy editor?

The CertWarningPane doesn't know about this at all. All it knows about is if it has a PolicyEditor reference, and if it does, if the editor is still open or has been closed.

>   - small nit - other codebases in editor are confusing.
> 
> 
> Thanx!
>    J.
> 

I suppose, but PolicyEditor doesn't have any mechanism right now to display only one codebase when there are also others present in the policy file.

Thanks,

Andrew A
-------------- next part --------------
A non-text attachment was scrubbed...
Name: policyeditor-in-dialog-5.patch
Type: text/x-patch
Size: 14236 bytes
Desc: not available
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140314/029b76c7/policyeditor-in-dialog-5.patch>

From bugzilla-daemon at icedtea.classpath.org  Sat Mar 15 01:07:21 2014
From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org)
Date: Sat, 15 Mar 2014 01:07:21 +0000
Subject: [Bug 1699] [IcedTea7] Support building the SunEC provider with
	system NSS
In-Reply-To: <bug-1699-30@http.icedtea.classpath.org/bugzilla/>
References: <bug-1699-30@http.icedtea.classpath.org/bugzilla/>
Message-ID: <bug-1699-30-eTWtayiy4I@http.icedtea.classpath.org/bugzilla/>

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1699

Andrew John Hughes <gnu.andrew at redhat.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
            Summary|[IcedTea7] Supporting       |[IcedTea7] Support building
                   |building the SunEC provider |the SunEC provider with
                   |with system NSS             |system NSS

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140315/c69d364e/attachment-0001.html>

From bugzilla-daemon at icedtea.classpath.org  Sat Mar 15 09:51:24 2014
From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org)
Date: Sat, 15 Mar 2014 09:51:24 +0000
Subject: [Bug 1699] [IcedTea7] Support building the SunEC provider with
	system NSS
In-Reply-To: <bug-1699-30@http.icedtea.classpath.org/bugzilla/>
References: <bug-1699-30@http.icedtea.classpath.org/bugzilla/>
Message-ID: <bug-1699-30-JINnClFFtm@http.icedtea.classpath.org/bugzilla/>

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1699

--- Comment #1 from hg commits <mercurial at icedtea.classpath.org> ---
details:
http://icedtea.classpath.org//hg/icedtea7-forest/jdk?cmd=changeset;node=9341cc31ced6
author: andrew
date: Sat Mar 15 01:07:27 2014 +0000

    PR1699: Support building the SunEC provider with system NSS

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140315/9cff6d29/attachment.html>

From ptisnovs at icedtea.classpath.org  Mon Mar 17 10:47:15 2014
From: ptisnovs at icedtea.classpath.org (ptisnovs at icedtea.classpath.org)
Date: Mon, 17 Mar 2014 10:47:15 +0000
Subject: /hg/gfx-test: Eight helper methods added into CommonBitmapOperat...
Message-ID: <hg.e459010f5534.1395053235.-6248649288953172555@icedtea.classpath.org>

changeset e459010f5534 in /hg/gfx-test
details: http://icedtea.classpath.org/hg/gfx-test?cmd=changeset;node=e459010f5534
author: Pavel Tisnovsky <ptisnovs at redhat.com>
date: Mon Mar 17 11:47:56 2014 +0100

	Eight helper methods added into CommonBitmapOperations.


diffstat:

 ChangeLog                                             |    5 +
 src/org/gfxtest/framework/CommonBitmapOperations.java |  218 +++++++++++++++++-
 2 files changed, 222 insertions(+), 1 deletions(-)

diffs (296 lines):

diff -r 2ffb2f873ec8 -r e459010f5534 ChangeLog
--- a/ChangeLog	Fri Mar 14 13:29:36 2014 +0100
+++ b/ChangeLog	Mon Mar 17 11:47:56 2014 +0100
@@ -1,3 +1,8 @@
+2014-03-17  Pavel Tisnovsky  <ptisnovs at redhat.com>
+
+	* src/org/gfxtest/framework/CommonBitmapOperations.java:
+	Eight helper methods added into CommonBitmapOperations.
+
 2014-03-14  Pavel Tisnovsky  <ptisnovs at redhat.com>
 
 	* src/org/gfxtest/testsuites/BitBltUsingBgColor.java:
diff -r 2ffb2f873ec8 -r e459010f5534 src/org/gfxtest/framework/CommonBitmapOperations.java
--- a/src/org/gfxtest/framework/CommonBitmapOperations.java	Fri Mar 14 13:29:36 2014 +0100
+++ b/src/org/gfxtest/framework/CommonBitmapOperations.java	Mon Mar 17 11:47:56 2014 +0100
@@ -1,7 +1,7 @@
 /*
   Java gfx-test framework
 
-   Copyright (C) 2010, 2011, 2012, 2013  Red Hat
+   Copyright (C) 2010, 2011, 2012, 2013, 2014  Red Hat
 
 This file is part of IcedTea.
 
@@ -1668,6 +1668,33 @@
     }
 
     /**
+     * Create new buffered image containing horizontal grayscale gradient and then perform
+     * basic BitBlt test.
+     * 
+     * @param image
+     *            image to which another image is to be drawn
+     * @param graphics2d
+     *            graphics canvas
+     * @param imageType
+     *            type of the created image
+     * @param rop
+     *            selected raster operation
+     */
+    public static TestResult doBitBltTestWithHorizontalGrayscaleGradientImage(TestImage image, Graphics2D graphics2d, int imageType, BufferedImageOp rop)
+    {
+        // create new buffered bitmap with given type
+        // bitmap should contains checker pattern
+        BufferedImage bufferedImage = ImageFactory.createHorizontalGrayscaleGradientImage(DEFAULT_TEST_IMAGE_WIDTH, DEFAULT_TEST_IMAGE_HEIGHT, imageType);
+        // basic check if buffered image was created
+        if (bufferedImage == null)
+        {
+            return TestResult.FAILED;
+        }
+        // BitBlt with 1:1 scaling, no flipping and no cropping and using RescaleOp
+        return BitBltOperations.performBitBlt(bufferedImage, image, graphics2d, rop) ? TestResult.PASSED : TestResult.FAILED;
+    }
+
+    /**
      * Create new buffered image containing vertical grayscale gradient and then perform basic BitBlt test.
      *
      * @param image
@@ -1720,6 +1747,33 @@
     }
 
     /**
+     * Create new buffered image containing vertical grayscale gradient and then perform
+     * basic BitBlt test.
+     * 
+     * @param image
+     *            image to which another image is to be drawn
+     * @param graphics2d
+     *            graphics canvas
+     * @param imageType
+     *            type of the created image
+     * @param rop
+     *            selected raster operation
+     */
+    public static TestResult doBitBltTestWithVerticalGrayscaleGradientImage(TestImage image, Graphics2D graphics2d, int imageType, BufferedImageOp rop)
+    {
+        // create new buffered bitmap with given type
+        // bitmap should contains checker pattern
+        BufferedImage bufferedImage = ImageFactory.createVerticalGrayscaleGradientImage(DEFAULT_TEST_IMAGE_WIDTH, DEFAULT_TEST_IMAGE_HEIGHT, imageType);
+        // basic check if buffered image was created
+        if (bufferedImage == null)
+        {
+            return TestResult.FAILED;
+        }
+        // BitBlt with 1:1 scaling, no flipping and no cropping and using RescaleOp
+        return BitBltOperations.performBitBlt(bufferedImage, image, graphics2d, rop) ? TestResult.PASSED : TestResult.FAILED;
+    }
+
+    /**
      * Create new buffered image containing horizontal red gradient and then perform basic BitBlt test.
      *
      * @param image
@@ -1772,6 +1826,33 @@
     }
 
     /**
+     * Create new buffered image containing horizontal red gradient and then perform
+     * basic BitBlt test.
+     * 
+     * @param image
+     *            image to which another image is to be drawn
+     * @param graphics2d
+     *            graphics canvas
+     * @param imageType
+     *            type of the created image
+     * @param rop
+     *            selected raster operation
+     */
+    public static TestResult doBitBltTestWithHorizontalRedGradientImage(TestImage image, Graphics2D graphics2d, int imageType, BufferedImageOp rop)
+    {
+        // create new buffered bitmap with given type
+        // bitmap should contains checker pattern
+        BufferedImage bufferedImage = ImageFactory.createHorizontalRedGradientImage(DEFAULT_TEST_IMAGE_WIDTH, DEFAULT_TEST_IMAGE_HEIGHT, imageType);
+        // basic check if buffered image was created
+        if (bufferedImage == null)
+        {
+            return TestResult.FAILED;
+        }
+        // BitBlt with 1:1 scaling, no flipping and no cropping and using RescaleOp
+        return BitBltOperations.performBitBlt(bufferedImage, image, graphics2d, rop) ? TestResult.PASSED : TestResult.FAILED;
+    }
+
+    /**
      * Create new buffered image containing vertical red gradient and then perform basic BitBlt test.
      *
      * @param image
@@ -1824,6 +1905,33 @@
     }
 
     /**
+     * Create new buffered image containing vertical red gradient and then perform
+     * basic BitBlt test.
+     * 
+     * @param image
+     *            image to which another image is to be drawn
+     * @param graphics2d
+     *            graphics canvas
+     * @param imageType
+     *            type of the created image
+     * @param rop
+     *            selected raster operation
+     */
+    public static TestResult doBitBltTestWithVerticalRedGradientImage(TestImage image, Graphics2D graphics2d, int imageType, BufferedImageOp rop)
+    {
+        // create new buffered bitmap with given type
+        // bitmap should contains checker pattern
+        BufferedImage bufferedImage = ImageFactory.createVerticalRedGradientImage(DEFAULT_TEST_IMAGE_WIDTH, DEFAULT_TEST_IMAGE_HEIGHT, imageType);
+        // basic check if buffered image was created
+        if (bufferedImage == null)
+        {
+            return TestResult.FAILED;
+        }
+        // BitBlt with 1:1 scaling, no flipping and no cropping and using RescaleOp
+        return BitBltOperations.performBitBlt(bufferedImage, image, graphics2d, rop) ? TestResult.PASSED : TestResult.FAILED;
+    }
+
+    /**
      * Create new buffered image containing horizontal blue gradient and then perform basic BitBlt test.
      *
      * @param image
@@ -1876,6 +1984,33 @@
     }
 
     /**
+     * Create new buffered image containing horizontal blue gradient and then perform
+     * basic BitBlt test.
+     * 
+     * @param image
+     *            image to which another image is to be drawn
+     * @param graphics2d
+     *            graphics canvas
+     * @param imageType
+     *            type of the created image
+     * @param rop
+     *            selected raster operation
+     */
+    public static TestResult doBitBltTestWithHorizontalBlueGradientImage(TestImage image, Graphics2D graphics2d, int imageType, BufferedImageOp rop)
+    {
+        // create new buffered bitmap with given type
+        // bitmap should contains checker pattern
+        BufferedImage bufferedImage = ImageFactory.createHorizontalBlueGradientImage(DEFAULT_TEST_IMAGE_WIDTH, DEFAULT_TEST_IMAGE_HEIGHT, imageType);
+        // basic check if buffered image was created
+        if (bufferedImage == null)
+        {
+            return TestResult.FAILED;
+        }
+        // BitBlt with 1:1 scaling, no flipping and no cropping and using RescaleOp
+        return BitBltOperations.performBitBlt(bufferedImage, image, graphics2d, rop) ? TestResult.PASSED : TestResult.FAILED;
+    }
+
+    /**
      * Create new buffered image containing vertical blue gradient and then perform basic BitBlt test.
      *
      * @param image
@@ -1928,6 +2063,33 @@
     }
 
     /**
+     * Create new buffered image containing vertical blue gradient and then perform
+     * basic BitBlt test.
+     * 
+     * @param image
+     *            image to which another image is to be drawn
+     * @param graphics2d
+     *            graphics canvas
+     * @param imageType
+     *            type of the created image
+     * @param rop
+     *            selected raster operation
+     */
+    public static TestResult doBitBltTestWithVerticalBlueGradientImage(TestImage image, Graphics2D graphics2d, int imageType, BufferedImageOp rop)
+    {
+        // create new buffered bitmap with given type
+        // bitmap should contains checker pattern
+        BufferedImage bufferedImage = ImageFactory.createVerticalBlueGradientImage(DEFAULT_TEST_IMAGE_WIDTH, DEFAULT_TEST_IMAGE_HEIGHT, imageType);
+        // basic check if buffered image was created
+        if (bufferedImage == null)
+        {
+            return TestResult.FAILED;
+        }
+        // BitBlt with 1:1 scaling, no flipping and no cropping and using RescaleOp
+        return BitBltOperations.performBitBlt(bufferedImage, image, graphics2d, rop) ? TestResult.PASSED : TestResult.FAILED;
+    }
+
+    /**
      * Create new buffered image containing horizontal green gradient and then perform basic BitBlt test.
      *
      * @param image
@@ -1980,6 +2142,33 @@
     }
 
     /**
+     * Create new buffered image containing horizontal green gradient and then perform
+     * basic BitBlt test.
+     * 
+     * @param image
+     *            image to which another image is to be drawn
+     * @param graphics2d
+     *            graphics canvas
+     * @param imageType
+     *            type of the created image
+     * @param rop
+     *            selected raster operation
+     */
+    public static TestResult doBitBltTestWithHorizontalGreenGradientImage(TestImage image, Graphics2D graphics2d, int imageType, BufferedImageOp rop)
+    {
+        // create new buffered bitmap with given type
+        // bitmap should contains checker pattern
+        BufferedImage bufferedImage = ImageFactory.createHorizontalGreenGradientImage(DEFAULT_TEST_IMAGE_WIDTH, DEFAULT_TEST_IMAGE_HEIGHT, imageType);
+        // basic check if buffered image was created
+        if (bufferedImage == null)
+        {
+            return TestResult.FAILED;
+        }
+        // BitBlt with 1:1 scaling, no flipping and no cropping and using RescaleOp
+        return BitBltOperations.performBitBlt(bufferedImage, image, graphics2d, rop) ? TestResult.PASSED : TestResult.FAILED;
+    }
+
+    /**
      * Create new buffered image containing vertical green gradient and then perform basic BitBlt test.
      *
      * @param image
@@ -2032,6 +2221,33 @@
     }
 
     /**
+     * Create new buffered image containing vertical green gradient and then perform
+     * basic BitBlt test.
+     * 
+     * @param image
+     *            image to which another image is to be drawn
+     * @param graphics2d
+     *            graphics canvas
+     * @param imageType
+     *            type of the created image
+     * @param rop
+     *            selected raster operation
+     */
+    public static TestResult doBitBltTestWithVerticalGreenGradientImage(TestImage image, Graphics2D graphics2d, int imageType, BufferedImageOp rop)
+    {
+        // create new buffered bitmap with given type
+        // bitmap should contains checker pattern
+        BufferedImage bufferedImage = ImageFactory.createVerticalGreenGradientImage(DEFAULT_TEST_IMAGE_WIDTH, DEFAULT_TEST_IMAGE_HEIGHT, imageType);
+        // basic check if buffered image was created
+        if (bufferedImage == null)
+        {
+            return TestResult.FAILED;
+        }
+        // BitBlt with 1:1 scaling, no flipping and no cropping and using RescaleOp
+        return BitBltOperations.performBitBlt(bufferedImage, image, graphics2d, rop) ? TestResult.PASSED : TestResult.FAILED;
+    }
+
+    /**
      * Create new buffered image containing horizontal yellow gradient and then perform basic BitBlt test.
      *
      * @param image

From ptisnovs at icedtea.classpath.org  Mon Mar 17 10:54:07 2014
From: ptisnovs at icedtea.classpath.org (ptisnovs at icedtea.classpath.org)
Date: Mon, 17 Mar 2014 10:54:07 +0000
Subject: /hg/rhino-tests: Two new tests added into CompiledScriptClassTes...
Message-ID: <hg.e21fefd231df.1395053647.-6019694633368342460@icedtea.classpath.org>

changeset e21fefd231df in /hg/rhino-tests
details: http://icedtea.classpath.org/hg/rhino-tests?cmd=changeset;node=e21fefd231df
author: Pavel Tisnovsky <ptisnovs at redhat.com>
date: Mon Mar 17 11:54:49 2014 +0100

	Two new tests added into CompiledScriptClassTest test suite.


diffstat:

 ChangeLog                                       |   5 +++++
 src/org/RhinoTests/CompiledScriptClassTest.java |  18 ++++++++++++++++++
 2 files changed, 23 insertions(+), 0 deletions(-)

diffs (40 lines):

diff -r 39b90cb1bd47 -r e21fefd231df ChangeLog
--- a/ChangeLog	Fri Mar 14 13:14:58 2014 +0100
+++ b/ChangeLog	Mon Mar 17 11:54:49 2014 +0100
@@ -1,3 +1,8 @@
+2014-03-17  Pavel Tisnovsky  <ptisnovs at redhat.com>
+
+	* src/org/RhinoTests/CompiledScriptClassTest.java:
+	Two new tests added into CompiledScriptClassTest test suite.
+
 2014-03-14  Pavel Tisnovsky  <ptisnovs at redhat.com>
 
 	* src/org/RhinoTests/ScriptContextClassTest.java:
diff -r 39b90cb1bd47 -r e21fefd231df src/org/RhinoTests/CompiledScriptClassTest.java
--- a/src/org/RhinoTests/CompiledScriptClassTest.java	Fri Mar 14 13:14:58 2014 +0100
+++ b/src/org/RhinoTests/CompiledScriptClassTest.java	Mon Mar 17 11:54:49 2014 +0100
@@ -2066,6 +2066,24 @@
     }
 
     /**
+     * Test for method javax.script.CompiledScript.getClass().getResourceAsStreamPositiveTest()
+     */
+    protected void testGetResourceAsStreamPositiveTest() {
+        Object stream;
+        stream = this.compiledScriptClass.getResourceAsStream("/org/RhinoTests/AbstractScriptEngineClassTest.class");
+        assertNotNull(stream, "getResourceAsStream(\"/org/RhinoTests/AbstractScriptEngineClassTest.class\") returns null");
+    }
+
+    /**
+     * Test for method javax.script.CompiledScript.getClass().toString()
+     */
+    protected void testToString() {
+        String asString;
+        asString = this.compiledScriptClass.toString();
+        assertEquals("class javax.script.CompiledScript", asString, "wrong toString() return value");
+    }
+
+    /**
      * Test for instanceof operator applied to a class javax.script.CompiledScript
      */
     @SuppressWarnings("cast")

From bugzilla-daemon at icedtea.classpath.org  Mon Mar 17 10:54:31 2014
From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org)
Date: Mon, 17 Mar 2014 10:54:31 +0000
Subject: [Bug 1467] Java emits Concurrency Exception when PulseAudio is
	called to emit sound
In-Reply-To: <bug-1467-30@http.icedtea.classpath.org/bugzilla/>
References: <bug-1467-30@http.icedtea.classpath.org/bugzilla/>
Message-ID: <bug-1467-30-XpymZoYphH@http.icedtea.classpath.org/bugzilla/>

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1467

--- Comment #1 from hg commits <mercurial at icedtea.classpath.org> ---
details:
http://icedtea.classpath.org//hg/heapstats?cmd=changeset;node=48dc7c3ceee5
author: Yasumasa Suenaga <suenaga.yasumasa at lab.ntt.co.jp>
date: Mon Mar 17 19:52:20 2014 +0900

    Bug 1467: Full mode log archiving does not work when using fifo pipe for gc
log
    reviewed-by: ykubota, shintak

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140317/3ffa1e05/attachment.html>

From bugzilla-daemon at icedtea.classpath.org  Mon Mar 17 10:54:53 2014
From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org)
Date: Mon, 17 Mar 2014 10:54:53 +0000
Subject: [Bug 1467] Java emits Concurrency Exception when PulseAudio is
	called to emit sound
In-Reply-To: <bug-1467-30@http.icedtea.classpath.org/bugzilla/>
References: <bug-1467-30@http.icedtea.classpath.org/bugzilla/>
Message-ID: <bug-1467-30-OQCjKZwe8d@http.icedtea.classpath.org/bugzilla/>

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1467

--- Comment #2 from hg commits <mercurial at icedtea.classpath.org> ---
details:
http://icedtea.classpath.org//hg/release/heapstats-1.1?cmd=changeset;node=6086194b2867
author: Yasumasa Suenaga <suenaga.yasumasa at lab.ntt.co.jp>
date: Mon Mar 17 19:52:45 2014 +0900

    Bug 1467: Full mode log archiving does not work when using fifo pipe for gc
log
    reviewed-by: ykubota, shintak

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140317/dd782a57/attachment-0001.html>

From bugzilla-daemon at icedtea.classpath.org  Mon Mar 17 11:19:02 2014
From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org)
Date: Mon, 17 Mar 2014 11:19:02 +0000
Subject: [Bug 1710] New: Crash SIGSEGV in C2 Compilerthread when compiling
	one specific method
Message-ID: <bug-1710-30@http.icedtea.classpath.org/bugzilla/>

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1710

            Bug ID: 1710
           Summary: Crash SIGSEGV in C2 Compilerthread when compiling one
                    specific method
           Product: IcedTea
           Version: 6-1.13.1
          Hardware: x86_64
                OS: Linux
            Status: NEW
          Severity: major
          Priority: P5
         Component: IcedTea
          Assignee: gnu.andrew at redhat.com
          Reporter: stefan at huehner.org
                CC: unassigned at icedtea.classpath.org

Since a openjdk/icedtea update in an ubuntu 10.04 instance from version
6b27-1.12.6-1ubuntu0.10.04.4 to version 6b30-1.13.1-1ubuntu2~0.10.04.1 we are
seeing a jvm crash always when exporting one specific JasperReports report with
some dataset to HTMl.

Attached is a extracted small code which reliably triggers the crash.

The crash can be observed on:
Ubuntu 10.04 (6b30-1.13.1-1ubuntu2~0.10.04.1 )
OpenJDK Runtime Environment (IcedTea6 1.13.1) (6b30-1.13.1-1ubuntu2~0.10.04.1)

Ubuntu 12.04
OpenJDK Runtime Environment (IcedTea6 1.13.1) (6b30-1.13.1-1ubuntu2~0.12.04.1)

Debian/unstable
OpenJDK Runtime Environment (IcedTea6 1.13.1) (6b30-1.13.1-1)
OpenJDK Runtime Environment (IcedTea 2.4.5) (7u51-2.4.5-2)
Java(TM) SE Runtime Environment (build 1.7.0_51-b13) (oracle binary jdk)

Using the following versions the crash cannot be triggered with the code below:
OpenJDK Runtime Environment (IcedTea6 1.12.6) (6b27-1.12.6-1ubuntu0.10.04.4)
OpenJDK Runtime Environment (IcedTea6 1.12.6) (6b27-1.12.6-1ubuntu0.12.04.4)

Also the crash can be worked around by specifying the following extra parameter
for the jvm:
-XX:CompileCommand=exclude,net/sf/jasperreports/engine/export/JRGridLayout,horizontallyMergeEmptyCells

As the jvm internal c++ stacktrace is a bit different in those cases crash logs
of each case are attached below.

How to call reproducer:
java -cp lib/runtime/*:build/classes/ org.openbravo.JasperC2CompilerCrash

The triggering method
net.sf.jasperreports.engine.export.JRGridLayout::horizontallyMergeEmptyCells is
inside the jasperreports library.

The sourcecode for that library (if needed) can be downloaded here:
net.sf.jasperreports.engine.export.JRGridLayout::horizontallyMergeEmptyCells

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140317/c541ed15/attachment.html>

From bugzilla-daemon at icedtea.classpath.org  Mon Mar 17 11:21:36 2014
From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org)
Date: Mon, 17 Mar 2014 11:21:36 +0000
Subject: [Bug 1710] Crash SIGSEGV in C2 Compilerthread when compiling one
	specific method
In-Reply-To: <bug-1710-30@http.icedtea.classpath.org/bugzilla/>
References: <bug-1710-30@http.icedtea.classpath.org/bugzilla/>
Message-ID: <bug-1710-30-6NVBurISUM@http.icedtea.classpath.org/bugzilla/>

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1710

--- Comment #1 from Stefan Huehner <stefan at huehner.org> ---
Created attachment 1046
  --> http://icedtea.classpath.org/bugzilla/attachment.cgi?id=1046&action=edit
Crashlog: ubuntu 10.04 openjdk6, 6b30, 1.13.1

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140317/13010deb/attachment.html>

From bugzilla-daemon at icedtea.classpath.org  Mon Mar 17 11:22:00 2014
From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org)
Date: Mon, 17 Mar 2014 11:22:00 +0000
Subject: [Bug 1710] Crash SIGSEGV in C2 Compilerthread when compiling one
	specific method
In-Reply-To: <bug-1710-30@http.icedtea.classpath.org/bugzilla/>
References: <bug-1710-30@http.icedtea.classpath.org/bugzilla/>
Message-ID: <bug-1710-30-NhagJ9zhpn@http.icedtea.classpath.org/bugzilla/>

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1710

--- Comment #2 from Stefan Huehner <stefan at huehner.org> ---
Created attachment 1047
  --> http://icedtea.classpath.org/bugzilla/attachment.cgi?id=1047&action=edit
Crashlog: ubuntu 12.04 openjdk6, 6b30, 1.13.1

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140317/2c852119/attachment.html>

From bugzilla-daemon at icedtea.classpath.org  Mon Mar 17 11:22:38 2014
From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org)
Date: Mon, 17 Mar 2014 11:22:38 +0000
Subject: [Bug 1710] Crash SIGSEGV in C2 Compilerthread when compiling one
	specific method
In-Reply-To: <bug-1710-30@http.icedtea.classpath.org/bugzilla/>
References: <bug-1710-30@http.icedtea.classpath.org/bugzilla/>
Message-ID: <bug-1710-30-rZvl8EJCb5@http.icedtea.classpath.org/bugzilla/>

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1710

--- Comment #3 from Stefan Huehner <stefan at huehner.org> ---
Created attachment 1048
  --> http://icedtea.classpath.org/bugzilla/attachment.cgi?id=1048&action=edit
Crashlog: debian/unstable openjdk6, 6b30, 1.13.1

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140317/af005f35/attachment.html>

From bugzilla-daemon at icedtea.classpath.org  Mon Mar 17 11:23:15 2014
From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org)
Date: Mon, 17 Mar 2014 11:23:15 +0000
Subject: [Bug 1710] Crash SIGSEGV in C2 Compilerthread when compiling one
	specific method
In-Reply-To: <bug-1710-30@http.icedtea.classpath.org/bugzilla/>
References: <bug-1710-30@http.icedtea.classpath.org/bugzilla/>
Message-ID: <bug-1710-30-EABs8tkYhz@http.icedtea.classpath.org/bugzilla/>

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1710

--- Comment #4 from Stefan Huehner <stefan at huehner.org> ---
Created attachment 1049
  --> http://icedtea.classpath.org/bugzilla/attachment.cgi?id=1049&action=edit
Crashlog: debian/unstable openjdk7, 7u51-2.4.5

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140317/65648ff9/attachment.html>

From bugzilla-daemon at icedtea.classpath.org  Mon Mar 17 11:23:42 2014
From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org)
Date: Mon, 17 Mar 2014 11:23:42 +0000
Subject: [Bug 1710] Crash SIGSEGV in C2 Compilerthread when compiling one
	specific method
In-Reply-To: <bug-1710-30@http.icedtea.classpath.org/bugzilla/>
References: <bug-1710-30@http.icedtea.classpath.org/bugzilla/>
Message-ID: <bug-1710-30-wrexV4zxkC@http.icedtea.classpath.org/bugzilla/>

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1710

--- Comment #5 from Stefan Huehner <stefan at huehner.org> ---
Created attachment 1050
  --> http://icedtea.classpath.org/bugzilla/attachment.cgi?id=1050&action=edit
Crashlog: debian/unstable oracle-binary jdk 7u51

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140317/c411ec48/attachment-0001.html>

From bugzilla-daemon at icedtea.classpath.org  Mon Mar 17 11:25:54 2014
From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org)
Date: Mon, 17 Mar 2014 11:25:54 +0000
Subject: [Bug 1710] Crash SIGSEGV in C2 Compilerthread when compiling one
	specific method
In-Reply-To: <bug-1710-30@http.icedtea.classpath.org/bugzilla/>
References: <bug-1710-30@http.icedtea.classpath.org/bugzilla/>
Message-ID: <bug-1710-30-oaXKj79K4q@http.icedtea.classpath.org/bugzilla/>

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1710

Stefan Huehner <stefan at huehner.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                URL|                            |http://huehner.org/temp/ice
                   |                            |dtea-bug-1710/bugreport-rep
                   |                            |roducer.tar.gz

--- Comment #6 from Stefan Huehner <stefan at huehner.org> ---
Reproducer contains copy of binary jar of jasperreports as it too big (3.4MB)
for an attachment here.
Find it at this url :
http://huehner.org/temp/icedtea-bug-1710/bugreport-reproducer.tar.gz

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140317/138e9e5b/attachment.html>

From aph at redhat.com  Mon Mar 17 11:42:11 2014
From: aph at redhat.com (Andrew Haley)
Date: Mon, 17 Mar 2014 11:42:11 +0000
Subject: Re-enable ARM32 JIT compiler
Message-ID: <5326DF93.7080003@redhat.com>

The bug was actually in the asm interpreter, but it broke the JIT.
Here:

@@ -870,7 +873,7 @@

 	SLOW_ENTRY
 empty_entry:
-	ldrh	r3, [r0, #42]
+	ldrh	r3, [r0, #METHOD_SIZEOFPARAMETERS]

This code adjusts the stack pointer after an empty method is called.
42 is wrong: it should be the field offset of
methodOopDesc::_size_of_parameters.  While I was at it I found a
couple more literals and changed them to symbolic names.

I also took the opportunity to fix a few bugs.  I made the tracing
code more robust, and commented out some debugging calls that slow
down the interpreter.  I also fixed a bug in the helper routines that
were using a static local to hold the address of the card table base:
this is pointlessly slower than using a non-static local.

Andrew.


# HG changeset patch
# User aph
# Date 1395056000 0
# Node ID 2de808a5820a68b390d05ab56934dbca8dbd9dcf
# Parent  720c95f2266397040d878e255015b638d63c8c56
Re-enable ARM32 JIT compiler.

Replace literal offsets for METHOD_SIZEOFPARAMETERS and
ISTATE_NEXT_FRAME with correct symbolic names.
Fix trace code not to dereference null pointers.
Correct Helper_aputfield and helper_aastore not to use static
_byte_map_base.
Comment-out calls to TRACE.
Make sure that ISTATE_METHOD and ISTATE_SELF_LINK are set even when
JITting fails.

diff -r 720c95f22663 -r 2de808a5820a src/cpu/zero/vm/asm_helper.cpp
--- a/src/cpu/zero/vm/asm_helper.cpp	Thu Feb 20 15:02:19 2014 +0000
+++ b/src/cpu/zero/vm/asm_helper.cpp	Mon Mar 17 11:33:20 2014 +0000
@@ -378,22 +378,16 @@
 	  goto handle_exception;
 	}
       }
-      oop* elem_loc = (oop*)(((address) arrayref->base(T_OBJECT)) + index * sizeof(oop));
-      // *(oop*)(((address) arrayref->base(T_OBJECT)) + index * sizeof(oop)) = value;
-      *elem_loc = value;
-      // Mark the card
-      BarrierSet* bs = Universe::heap()->barrier_set();
-      static volatile jbyte* _byte_map_base = (volatile jbyte*)(((CardTableModRefBS*)bs)->byte_map_base);
-      OrderAccess::release_store(&_byte_map_base[(uintptr_t)elem_loc >> CardTableModRefBS::card_shift], 0);
+      ((objArrayOopDesc *) arrayref)->obj_at_put(index, value);
     }
 handle_exception:
     return istate->thread()->pending_exception();
 }

-extern "C" void Helper_aputfield(oop obj)
+extern "C" void Helper_aputfield(oop obj, oop val, int offset)
 {
       BarrierSet* bs = Universe::heap()->barrier_set();
-      static volatile jbyte* _byte_map_base = (volatile jbyte*)(((CardTableModRefBS*)bs)->byte_map_base);
+      jbyte* _byte_map_base = (((CardTableModRefBS*)bs)->byte_map_base);
       OrderAccess::release_store(&_byte_map_base[(uintptr_t)obj >> CardTableModRefBS::card_shift], 0);
 }

diff -r 720c95f22663 -r 2de808a5820a src/cpu/zero/vm/cppInterpreter_arm.S
--- a/src/cpu/zero/vm/cppInterpreter_arm.S	Thu Feb 20 15:02:19 2014 +0000
+++ b/src/cpu/zero/vm/cppInterpreter_arm.S	Mon Mar 17 11:33:20 2014 +0000
@@ -526,10 +526,13 @@
 	mrs	r4, cpsr
 	mov	r0, jpc
 	ldr	r1, [thread, #THREAD_TOP_ZERO_FRAME]
+	cmp	r1, #0
 	sub	r1, r1, #ISTATE_NEXT_FRAME
+	beq	0f
+	DECACHE_JPC
 	ldr	r2, =my_trace
 	blx	r2
-	msr	cpsr, r4
+0:	msr	cpsr, r4
 	ldmfd	sp!, {r0, r1, r2, r3, r4, ip, lr}	
 	.endm
 	
@@ -551,7 +554,7 @@
     .elseif dispatch_state == 4
 	DISPATCH_4
     .endif
-	TRACE
+@	TRACE
         moveq   pc, ip
 	ldrb	r1, [jpc, lr]
         bic     ip, ip, #7
@@ -561,7 +564,7 @@
 	.endm

 	.macro	DISPATCH_BYTECODE
-	TRACE
+@	TRACE
 @        ldrb    r1, [jpc, #2]
         ldr     ip, [dispatch, r0, lsl #2]
         ldrb    r2, [jpc, #1]
@@ -870,7 +873,7 @@

 	SLOW_ENTRY
 empty_entry:
-	ldrh	r3, [r0, #42]
+	ldrh	r3, [r0, #METHOD_SIZEOFPARAMETERS]
 	ldr	r1, [r2, #THREAD_JAVA_SP]
 	add	r1, r1, r3, lsl #2
 	str	r1, [r2, #THREAD_JAVA_SP]
@@ -879,7 +882,7 @@

 	FAST_ENTRY
 fast_empty_entry:
-	ldrh	r3, [r0, #42]
+	ldrh	r3, [r0, #METHOD_SIZEOFPARAMETERS]
 	ldr	r1, [thread, #THREAD_JAVA_SP]
 	add	r1, r1, r3, lsl #2
 	str	r1, [thread, #THREAD_JAVA_SP]
@@ -1081,7 +1084,7 @@

 	ldr	r1, [thread, #THREAD_STACK_SIZE]
 	ldr	r3, [thread, #THREAD_STACK_BASE]
-	add	r0, r9, #72
+	add	r0, r9, #ISTATE_NEXT_FRAME

 	rsb	r3, r1, r3
 	rsb	r3, r3, arm_sp
@@ -1104,7 +1107,7 @@
 	str	r5, [thread, #THREAD_LAST_JAVA_FP]
 	ldr	r5, [thread, #THREAD_JAVA_SP]
 	str	r5, [thread, #THREAD_LAST_JAVA_SP]
-	ldr	r11, [r11, #-72 + ISTATE_METHOD]
+	ldr	r11, [r11, #-ISTATE_NEXT_FRAME + ISTATE_METHOD]
 	cmp	r1, #0
 	bne	.fast_native_entry_exception
 	ldr	r5, [r11, #METHOD_SIGNATUREHANDLER]
@@ -1127,7 +1130,7 @@
 	ldr	r11, [thread, #THREAD_TOP_ZERO_FRAME]
 	ldr	r1, [thread, #THREAD_PENDING_EXC]
 	mov	r3, #0
-	ldr	r11, [r11, #-72 + ISTATE_METHOD]
+	ldr	r11, [r11, #-ISTATE_NEXT_FRAME + ISTATE_METHOD]
 	cmp	r1, #0
 	str	r3, [thread, #THREAD_LAST_JAVA_SP]
 	str	r3, [thread, #THREAD_LAST_JAVA_FP]
@@ -3353,12 +3356,12 @@
 	str	locals, [istate, #ISTATE_LOCALS]
   USEC	cmp	r3, lr
 	str	constpool, [istate, #ISTATE_CONSTANTS]
+	str	tmp1, [istate, #ISTATE_METHOD]
+ 	str	istate, [istate, #ISTATE_SELF_LINK]
   USEC	bcs	method_entry_freq_count_overflow
 	DISPATCH_NEXT
 	DISPATCH_NEXT
 	DISPATCH_NEXT
-	str	tmp1, [istate, #ISTATE_METHOD]
- 	str	istate, [istate, #ISTATE_SELF_LINK]
 @	mov	lr, #0
 @        str     lr, [istate, #ISTATE_PREV_LINK]
 @	str	lr, [istate, #ISTATE_CALLEE]

From bugzilla-daemon at icedtea.classpath.org  Mon Mar 17 11:46:05 2014
From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org)
Date: Mon, 17 Mar 2014 11:46:05 +0000
Subject: [Bug 1710] Crash SIGSEGV in C2 Compilerthread when compiling one
	specific method
In-Reply-To: <bug-1710-30@http.icedtea.classpath.org/bugzilla/>
References: <bug-1710-30@http.icedtea.classpath.org/bugzilla/>
Message-ID: <bug-1710-30-ZIg5X68qo6@http.icedtea.classpath.org/bugzilla/>

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1710

--- Comment #7 from Stefan Huehner <stefan at huehner.org> ---
The following jdk8 early access build does NOT trigger the crash with the
attached reproducer

/opt/jvm/jdk1.8.0_b132/bin/java -version
java version "1.8.0"
Java(TM) SE Runtime Environment (build 1.8.0-b132)
Java HotSpot(TM) 64-Bit Server VM (build 25.0-b70, mixed mode)

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140317/02347c4a/attachment.html>

From bugzilla-daemon at icedtea.classpath.org  Mon Mar 17 12:00:35 2014
From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org)
Date: Mon, 17 Mar 2014 12:00:35 +0000
Subject: [Bug 1710] Crash SIGSEGV in C2 Compilerthread when compiling one
	specific method
In-Reply-To: <bug-1710-30@http.icedtea.classpath.org/bugzilla/>
References: <bug-1710-30@http.icedtea.classpath.org/bugzilla/>
Message-ID: <bug-1710-30-XloXHNM13v@http.icedtea.classpath.org/bugzilla/>

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1710

Andrew Haley <aph at redhat.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |aph at redhat.com
           Assignee|gnu.andrew at redhat.com       |aph at redhat.com

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140317/36b683a0/attachment.html>

From gnu.andrew at redhat.com  Mon Mar 17 12:31:38 2014
From: gnu.andrew at redhat.com (Andrew Hughes)
Date: Mon, 17 Mar 2014 08:31:38 -0400 (EDT)
Subject: Re-enable ARM32 JIT compiler
In-Reply-To: <5326DF93.7080003@redhat.com>
References: <5326DF93.7080003@redhat.com>
Message-ID: <36733603.442504.1395059498388.JavaMail.zimbra@redhat.com>



----- Original Message -----
> The bug was actually in the asm interpreter, but it broke the JIT.
> Here:
> 
> @@ -870,7 +873,7 @@
> 
>  	SLOW_ENTRY
>  empty_entry:
> -	ldrh	r3, [r0, #42]
> +	ldrh	r3, [r0, #METHOD_SIZEOFPARAMETERS]
> 
> This code adjusts the stack pointer after an empty method is called.
> 42 is wrong: it should be the field offset of
> methodOopDesc::_size_of_parameters.  While I was at it I found a
> couple more literals and changed them to symbolic names.
> 
> I also took the opportunity to fix a few bugs.  I made the tracing
> code more robust, and commented out some debugging calls that slow
> down the interpreter.  I also fixed a bug in the helper routines that
> were using a static local to hold the address of the card table base:
> this is pointlessly slower than using a non-static local.
> 
> Andrew.
> 
> 
> # HG changeset patch
> # User aph
> # Date 1395056000 0
> # Node ID 2de808a5820a68b390d05ab56934dbca8dbd9dcf
> # Parent  720c95f2266397040d878e255015b638d63c8c56
> Re-enable ARM32 JIT compiler.
> 
> Replace literal offsets for METHOD_SIZEOFPARAMETERS and
> ISTATE_NEXT_FRAME with correct symbolic names.
> Fix trace code not to dereference null pointers.
> Correct Helper_aputfield and helper_aastore not to use static
> _byte_map_base.
> Comment-out calls to TRACE.
> Make sure that ISTATE_METHOD and ISTATE_SELF_LINK are set even when
> JITting fails.
> 
> diff -r 720c95f22663 -r 2de808a5820a src/cpu/zero/vm/asm_helper.cpp
> --- a/src/cpu/zero/vm/asm_helper.cpp	Thu Feb 20 15:02:19 2014 +0000
> +++ b/src/cpu/zero/vm/asm_helper.cpp	Mon Mar 17 11:33:20 2014 +0000
> @@ -378,22 +378,16 @@
>  	  goto handle_exception;
>  	}
>        }
> -      oop* elem_loc = (oop*)(((address) arrayref->base(T_OBJECT)) + index *
> sizeof(oop));
> -      // *(oop*)(((address) arrayref->base(T_OBJECT)) + index * sizeof(oop))
> = value;
> -      *elem_loc = value;
> -      // Mark the card
> -      BarrierSet* bs = Universe::heap()->barrier_set();
> -      static volatile jbyte* _byte_map_base = (volatile
> jbyte*)(((CardTableModRefBS*)bs)->byte_map_base);
> -      OrderAccess::release_store(&_byte_map_base[(uintptr_t)elem_loc >>
> CardTableModRefBS::card_shift], 0);
> +      ((objArrayOopDesc *) arrayref)->obj_at_put(index, value);
>      }
>  handle_exception:
>      return istate->thread()->pending_exception();
>  }
> 
> -extern "C" void Helper_aputfield(oop obj)
> +extern "C" void Helper_aputfield(oop obj, oop val, int offset)
>  {
>        BarrierSet* bs = Universe::heap()->barrier_set();
> -      static volatile jbyte* _byte_map_base = (volatile
> jbyte*)(((CardTableModRefBS*)bs)->byte_map_base);
> +      jbyte* _byte_map_base = (((CardTableModRefBS*)bs)->byte_map_base);
>        OrderAccess::release_store(&_byte_map_base[(uintptr_t)obj >>
>        CardTableModRefBS::card_shift], 0);
>  }
> 
> diff -r 720c95f22663 -r 2de808a5820a src/cpu/zero/vm/cppInterpreter_arm.S
> --- a/src/cpu/zero/vm/cppInterpreter_arm.S	Thu Feb 20 15:02:19 2014 +0000
> +++ b/src/cpu/zero/vm/cppInterpreter_arm.S	Mon Mar 17 11:33:20 2014 +0000
> @@ -526,10 +526,13 @@
>  	mrs	r4, cpsr
>  	mov	r0, jpc
>  	ldr	r1, [thread, #THREAD_TOP_ZERO_FRAME]
> +	cmp	r1, #0
>  	sub	r1, r1, #ISTATE_NEXT_FRAME
> +	beq	0f
> +	DECACHE_JPC
>  	ldr	r2, =my_trace
>  	blx	r2
> -	msr	cpsr, r4
> +0:	msr	cpsr, r4
>  	ldmfd	sp!, {r0, r1, r2, r3, r4, ip, lr}
>  	.endm
>  	
> @@ -551,7 +554,7 @@
>      .elseif dispatch_state == 4
>  	DISPATCH_4
>      .endif
> -	TRACE
> +@	TRACE
>          moveq   pc, ip
>  	ldrb	r1, [jpc, lr]
>          bic     ip, ip, #7
> @@ -561,7 +564,7 @@
>  	.endm
> 
>  	.macro	DISPATCH_BYTECODE
> -	TRACE
> +@	TRACE
>  @        ldrb    r1, [jpc, #2]
>          ldr     ip, [dispatch, r0, lsl #2]
>          ldrb    r2, [jpc, #1]
> @@ -870,7 +873,7 @@
> 
>  	SLOW_ENTRY
>  empty_entry:
> -	ldrh	r3, [r0, #42]
> +	ldrh	r3, [r0, #METHOD_SIZEOFPARAMETERS]
>  	ldr	r1, [r2, #THREAD_JAVA_SP]
>  	add	r1, r1, r3, lsl #2
>  	str	r1, [r2, #THREAD_JAVA_SP]
> @@ -879,7 +882,7 @@
> 
>  	FAST_ENTRY
>  fast_empty_entry:
> -	ldrh	r3, [r0, #42]
> +	ldrh	r3, [r0, #METHOD_SIZEOFPARAMETERS]
>  	ldr	r1, [thread, #THREAD_JAVA_SP]
>  	add	r1, r1, r3, lsl #2
>  	str	r1, [thread, #THREAD_JAVA_SP]
> @@ -1081,7 +1084,7 @@
> 
>  	ldr	r1, [thread, #THREAD_STACK_SIZE]
>  	ldr	r3, [thread, #THREAD_STACK_BASE]
> -	add	r0, r9, #72
> +	add	r0, r9, #ISTATE_NEXT_FRAME
> 
>  	rsb	r3, r1, r3
>  	rsb	r3, r3, arm_sp
> @@ -1104,7 +1107,7 @@
>  	str	r5, [thread, #THREAD_LAST_JAVA_FP]
>  	ldr	r5, [thread, #THREAD_JAVA_SP]
>  	str	r5, [thread, #THREAD_LAST_JAVA_SP]
> -	ldr	r11, [r11, #-72 + ISTATE_METHOD]
> +	ldr	r11, [r11, #-ISTATE_NEXT_FRAME + ISTATE_METHOD]
>  	cmp	r1, #0
>  	bne	.fast_native_entry_exception
>  	ldr	r5, [r11, #METHOD_SIGNATUREHANDLER]
> @@ -1127,7 +1130,7 @@
>  	ldr	r11, [thread, #THREAD_TOP_ZERO_FRAME]
>  	ldr	r1, [thread, #THREAD_PENDING_EXC]
>  	mov	r3, #0
> -	ldr	r11, [r11, #-72 + ISTATE_METHOD]
> +	ldr	r11, [r11, #-ISTATE_NEXT_FRAME + ISTATE_METHOD]
>  	cmp	r1, #0
>  	str	r3, [thread, #THREAD_LAST_JAVA_SP]
>  	str	r3, [thread, #THREAD_LAST_JAVA_FP]
> @@ -3353,12 +3356,12 @@
>  	str	locals, [istate, #ISTATE_LOCALS]
>    USEC	cmp	r3, lr
>  	str	constpool, [istate, #ISTATE_CONSTANTS]
> +	str	tmp1, [istate, #ISTATE_METHOD]
> + 	str	istate, [istate, #ISTATE_SELF_LINK]
>    USEC	bcs	method_entry_freq_count_overflow
>  	DISPATCH_NEXT
>  	DISPATCH_NEXT
>  	DISPATCH_NEXT
> -	str	tmp1, [istate, #ISTATE_METHOD]
> - 	str	istate, [istate, #ISTATE_SELF_LINK]
>  @	mov	lr, #0
>  @        str     lr, [istate, #ISTATE_PREV_LINK]
>  @	str	lr, [istate, #ISTATE_CALLEE]
> 

Committed: http://icedtea.classpath.org/hg/icedtea7-forest/hotspot/rev/ee50fa9e8791

For some reason, this came through inline, so I had to manually copy and paste it
over. It also didn't apply cleanly, but the code seems identical, from manual
examination.

I didn't spot that the longer Changelog had got missed until later. Sorry. I'll
make sure to include it in the release notes instead, so it isn't lost.

Thanks for fixing this,
-- 
Andrew :)

Free Java Software Engineer
Red Hat, Inc. (http://www.redhat.com)

PGP Key: 248BDC07 (https://keys.indymedia.org/)
Fingerprint = EC5A 1F5E C0AD 1D15 8F1F  8F91 3B96 A578 248B DC07


From aph at redhat.com  Mon Mar 17 12:48:30 2014
From: aph at redhat.com (Andrew Haley)
Date: Mon, 17 Mar 2014 12:48:30 +0000
Subject: Re-enable ARM32 JIT compiler
In-Reply-To: <36733603.442504.1395059498388.JavaMail.zimbra@redhat.com>
References: <5326DF93.7080003@redhat.com>
	<36733603.442504.1395059498388.JavaMail.zimbra@redhat.com>
Message-ID: <5326EF1E.2050408@redhat.com>

On 03/17/2014 12:31 PM, Andrew Hughes wrote:
> I didn't spot that the longer Changelog had got missed until later. Sorry. I'll
> make sure to include it in the release notes instead, so it isn't lost.

Can't you just roll it back and commit it properly?

Andrew.


From gnu.andrew at redhat.com  Mon Mar 17 13:16:00 2014
From: gnu.andrew at redhat.com (Andrew Hughes)
Date: Mon, 17 Mar 2014 09:16:00 -0400 (EDT)
Subject: Re-enable ARM32 JIT compiler
In-Reply-To: <5326EF1E.2050408@redhat.com>
References: <5326DF93.7080003@redhat.com>
	<36733603.442504.1395059498388.JavaMail.zimbra@redhat.com>
	<5326EF1E.2050408@redhat.com>
Message-ID: <792746557.508835.1395062160216.JavaMail.zimbra@redhat.com>



----- Original Message -----
> On 03/17/2014 12:31 PM, Andrew Hughes wrote:
> > I didn't spot that the longer Changelog had got missed until later. Sorry.
> > I'll
> > make sure to include it in the release notes instead, so it isn't lost.
> 
> Can't you just roll it back and commit it properly?
> 
> Andrew.
> 
> 

Sure. Done:

http://icedtea.classpath.org/hg/icedtea7-forest/hotspot/rev/e34b923512cc
-- 
Andrew :)

Free Java Software Engineer
Red Hat, Inc. (http://www.redhat.com)

PGP Key: 248BDC07 (https://keys.indymedia.org/)
Fingerprint = EC5A 1F5E C0AD 1D15 8F1F  8F91 3B96 A578 248B DC07


From bugzilla-daemon at icedtea.classpath.org  Mon Mar 17 13:29:11 2014
From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org)
Date: Mon, 17 Mar 2014 13:29:11 +0000
Subject: [Bug 1584] Commvault console fails to start due to error in JNLP file
In-Reply-To: <bug-1584-30@http.icedtea.classpath.org/bugzilla/>
References: <bug-1584-30@http.icedtea.classpath.org/bugzilla/>
Message-ID: <bug-1584-30-BOlkiNFNzh@http.icedtea.classpath.org/bugzilla/>

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1584

Simone Lazzaris <simone.lazzaris at qcom.it> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |simone.lazzaris at qcom.it
            Version|unspecified                 |1.4

--- Comment #2 from Simone Lazzaris <simone.lazzaris at qcom.it> ---
I'm experiencing the very same problem, with the same application (commvault
console).

My platform is a Linux (archlinux) 64bit.

The oracle jre works fine on the same machine.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140317/c5e6c587/attachment.html>

From andrew at icedtea.classpath.org  Mon Mar 17 14:25:55 2014
From: andrew at icedtea.classpath.org (andrew at icedtea.classpath.org)
Date: Mon, 17 Mar 2014 14:25:55 +0000
Subject: /hg/release/icedtea7-forest-2.4: PR1679: Allow OpenJDK to build ...
Message-ID: <hg.b028e58c1b77.1395066355.-6425493795253247641@icedtea.classpath.org>

changeset b028e58c1b77 in /hg/release/icedtea7-forest-2.4
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4?cmd=changeset;node=b028e58c1b77
author: andrew
date: Wed Feb 19 21:07:59 2014 +0000

	PR1679: Allow OpenJDK to build on PaX-enabled kernels


diffstat:

 make/Defs-internal.gmk |  14 +++++++++++++-
 1 files changed, 13 insertions(+), 1 deletions(-)

diffs (31 lines):

diff -r 0af208754134 -r b028e58c1b77 make/Defs-internal.gmk
--- a/make/Defs-internal.gmk	Wed Jan 29 10:01:15 2014 +0000
+++ b/make/Defs-internal.gmk	Wed Feb 19 21:07:59 2014 +0000
@@ -303,6 +303,16 @@
   ABS_JAXWS_DIST = $(JAXWS_OUTPUTDIR)/dist
 endif
 
+# Command to PaX mark the VM
+ifndef PAX_COMMAND
+  PAX_COMMAND = /usr/sbin/paxmark.sh
+endif
+ifeq ($(ARCH), i586)
+  PAX_COMMAND_ARGS="-msp"
+else
+  PAX_COMMAND_ARGS="-m"
+endif
+
 # Common make arguments (supplied to all component builds)
 COMMON_BUILD_ARGUMENTS = \
     JDK_TOPDIR=$(ABS_JDK_TOPDIR) \
@@ -323,7 +333,9 @@
     PREVIOUS_MAJOR_VERSION=$(PREVIOUS_MAJOR_VERSION) \
     PREVIOUS_MINOR_VERSION=$(PREVIOUS_MINOR_VERSION) \
     PREVIOUS_MICRO_VERSION=$(PREVIOUS_MICRO_VERSION) \
-    STATIC_CXX=$(STATIC_CXX)
+    STATIC_CXX=$(STATIC_CXX) \
+    PAX_COMMAND=$(PAX_COMMAND) \
+    PAX_COMMAND_ARGS=$(PAX_COMMAND_ARGS)
 
 ifdef ARCH_DATA_MODEL
   COMMON_BUILD_ARGUMENTS += ARCH_DATA_MODEL=$(ARCH_DATA_MODEL)

From bugzilla-daemon at icedtea.classpath.org  Mon Mar 17 14:26:01 2014
From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org)
Date: Mon, 17 Mar 2014 14:26:01 +0000
Subject: [Bug 1679] [IcedTea7] Allow OpenJDK to build on PaX-enabled kernels
In-Reply-To: <bug-1679-30@http.icedtea.classpath.org/bugzilla/>
References: <bug-1679-30@http.icedtea.classpath.org/bugzilla/>
Message-ID: <bug-1679-30-zFu4Dp9Saj@http.icedtea.classpath.org/bugzilla/>

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1679

--- Comment #4 from hg commits <mercurial at icedtea.classpath.org> ---
details:
http://icedtea.classpath.org//hg/release/icedtea7-forest-2.4?cmd=changeset;node=b028e58c1b77
author: andrew
date: Wed Feb 19 21:07:59 2014 +0000

    PR1679: Allow OpenJDK to build on PaX-enabled kernels

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140317/3c48fe6e/attachment.html>

From andrew at icedtea.classpath.org  Mon Mar 17 14:26:32 2014
From: andrew at icedtea.classpath.org (andrew at icedtea.classpath.org)
Date: Mon, 17 Mar 2014 14:26:32 +0000
Subject: /hg/release/icedtea7-forest-2.4/hotspot: 46 new changesets
Message-ID: <hg.5ad2c8650812.1395066392.8708922617413201811@icedtea.classpath.org>

changeset 5ad2c8650812 in /hg/release/icedtea7-forest-2.4/hotspot
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/hotspot?cmd=changeset;node=5ad2c8650812
author: dsamersoff
date: Thu Aug 29 21:48:23 2013 +0400

	8009062: poor performance of JNI AttachCurrentThread after fix for 7017193
	Summary: don't re-evaluate stack bounds for main thread before install guard page
	Reviewed-by: coleenp, dholmes, dlong


changeset 195056251b69 in /hg/release/icedtea7-forest-2.4/hotspot
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/hotspot?cmd=changeset;node=195056251b69
author: aph
date: Thu Mar 15 07:56:24 2012 -0400

	Add patches/arm.patch from IcedTea 6


changeset 8f0c2e1287f5 in /hg/release/icedtea7-forest-2.4/hotspot
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/hotspot?cmd=changeset;node=8f0c2e1287f5
author: aph
date: Thu Mar 15 07:57:19 2012 -0400

	Add patches/arm-debug.patch from IcedTea 6


changeset 1053216103e0 in /hg/release/icedtea7-forest-2.4/hotspot
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/hotspot?cmd=changeset;node=1053216103e0
author: andrew
date: Fri Jul 12 20:03:52 2013 +0100

	Add patches/arm-hsdis.patch from IcedTea 6


changeset 3dc977fbd5d1 in /hg/release/icedtea7-forest-2.4/hotspot
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/hotspot?cmd=changeset;node=3dc977fbd5d1
author: aph
date: Thu Mar 15 07:53:52 2012 -0400

	Add arm_port from IcedTea 6


changeset b7beff851ea6 in /hg/release/icedtea7-forest-2.4/hotspot
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/hotspot?cmd=changeset;node=b7beff851ea6
author: aph
date: Thu Mar 15 08:54:12 2012 -0400

	Move arm-port files to the correct place


changeset 2e40cd792106 in /hg/release/icedtea7-forest-2.4/hotspot
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/hotspot?cmd=changeset;node=2e40cd792106
author: aph
date: Fri Jul 12 20:10:45 2013 +0100

	Changes for HSX22


changeset 1998ca2209d4 in /hg/release/icedtea7-forest-2.4/hotspot
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/hotspot?cmd=changeset;node=1998ca2209d4
author: aph
date: Fri Mar 16 08:36:04 2012 -0400

	Use unified syntax for thumb code.
	2012-03-16  Andrew Haley  <aph at redhat.com>

	        * hotspot/src/cpu/zero/vm/arm_cas.S: Use unified syntax
	        for thumb code.


changeset de4a0e6323f9 in /hg/release/icedtea7-forest-2.4/hotspot
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/hotspot?cmd=changeset;node=de4a0e6323f9
author: aph
date: Tue Mar 27 09:40:08 2012 -0400

	ARM: First cut of invokedynamic


changeset aa1f60fceb35 in /hg/release/icedtea7-forest-2.4/hotspot
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/hotspot?cmd=changeset;node=aa1f60fceb35
author: aph
date: Fri Mar 30 11:53:01 2012 -0400

	invokedynamic and aldc for JIT


changeset 7c433abda0ff in /hg/release/icedtea7-forest-2.4/hotspot
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/hotspot?cmd=changeset;node=7c433abda0ff
author: aph
date: Fri Mar 30 13:34:30 2012 -0400

	ARM: JIT-compilation of ldc methodHandle


changeset aad627c854be in /hg/release/icedtea7-forest-2.4/hotspot
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/hotspot?cmd=changeset;node=aad627c854be
author: aph
date: Tue Apr 10 12:22:01 2012 -0400

	Tidy up, minor comment changes.


changeset 0cfce4cddb95 in /hg/release/icedtea7-forest-2.4/hotspot
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/hotspot?cmd=changeset;node=0cfce4cddb95
author: aph
date: Wed Apr 11 09:22:39 2012 -0400

	Minor review cleanups.


changeset 31c0b70bdafe in /hg/release/icedtea7-forest-2.4/hotspot
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/hotspot?cmd=changeset;node=31c0b70bdafe
author: adinn
date: Fri Jul 12 20:17:38 2013 +0100

	added jvmti event generation for dynamic_generate and compiled_method_load events to ARM JIT compiler


changeset 5952f579380f in /hg/release/icedtea7-forest-2.4/hotspot
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/hotspot?cmd=changeset;node=5952f579380f
author: adinn
date: Fri Jul 12 20:20:10 2013 +0100

	patched method handle adapter code to deal with failures in TCK


changeset f056bda687ee in /hg/release/icedtea7-forest-2.4/hotspot
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/hotspot?cmd=changeset;node=f056bda687ee
author: adinn
date: Wed May 16 11:21:07 2012 +0100

	modified safepoint check to rely on memory protect signal instead of polling


changeset 185c8d8de125 in /hg/release/icedtea7-forest-2.4/hotspot
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/hotspot?cmd=changeset;node=185c8d8de125
author: aph
date: Thu May 17 13:45:50 2012 -0400

	RTC Thumb2 JIT enhancements.
	2012-05-16  Andrew Haley  <aph at redhat.com>

		* src/cpu/zero/vm/thumb2.cpp:
		Throughout: T2EE_PRINT_* renamed to T2_PRINT_*.
		Route all debug info to stderr.
		We now do frameless compilation, so do all frame accesses relative
		to SP.
		Remove zombie detection pass.
		Remove dead code.
		Add OSPACE option.
		(H_LDC_W)
		(H_INVOKESTATIC_RESOLVED, H_INVOKESPECIAL_RESOLVED)
		(H_INVOKEVIRTUAL_RESOLVED, H_INVOKEVFINAL, H_MONITORENTER)
		(H_MONITOREXIT): New.
		(T2_* macros): Rename from T2EE_*.
		(SLOW_ENTRY_OFFSET, FAST_ENTRY_OFFSET): New.
		(THUMB2_CODEBUF_SIZE): Make this depend on PRODUCT.
		(H_GETSTATIC, H_PUTSTATIC, H_JSR, H_ZOMBIE, H_MONITOR): Delete.
		(H_DEADCODE, H_LDC_W, H_INVOKESTATIC_RESOLVED)
		(H_INVOKESPECIAL_RESOLVED, H_INVOKEVIRTUAL_RESOLVED)
		(H_INVOKEVFINAL): New.
		(DebugSwitch): New.
		(JAZ_V6): New local register.
		(Thumb2_pass1): Count reads and writes for register allocator.
		Delete zombie detection pass.
		(Thumb2_RegAlloc): New.
		(out_align, out_align_offset, nop_16, nop_32): New.
		(fullBarrier, storeBarrier): Chaeck for an MP OS.
		(load_local, store_local): Check for an istate reg.
		(load_istate, store_istate): New.
		(Thumb2_Load, Thumb2_LoadX2): Remove monitor stack adj.
		(Thumb2_Store, Thumb2_StoreX2): Likewise.
		(Debug): New.
		(Thumb2_save_locals, Thumb2_restore_locals, Thumb2_invoke_save)
		(Thumb2_invoke_restore, Thumb2_Exit): Remove monitor stackdepth
		adj.  Move here from below.
		(Thumb2_Accessor): Rewrite for new method header layout.
		(Thumb2_Enter): Likewise.
		Do frameless setup.
		(Thumb2_load_long): Use a single ldrexd instruction.
		(Thumb2_codegen): Align branches.
		Call Debug if we're about to enter a synchronized method.
		(opc_jsr) Add handler.
		(opc_monitorenter, opc_monitorexit): Call handler instead of
		generating code.
		(Thumb2_Initialize): Disassmble ARM and Thumb code separately.

		* src/cpu/zero/vm/cppInterpreter_arm.S:
		Throughout: the thread pointer is now in a register, so use it
		everywhere.  Set the thread pointer register at every entry point
		to the interpreter.
		Throughout: use the macros SLOW_ENTRY and FAST_ENTRY rather than
		ALIGN_CODE.
		Throughout: register tmp2 is no longer available, use other
		registers as appropriate.

		(T2JIT): Rename from THUMB2EE.
		(call_thumb2): Load all the thumb2 registers that have been
		allocated to locals.
		(accessor_entry): Check for stack overflow.
		(.fast_accessor_*): Delete dead code.
		(LOAD_FRAME): New.
		(Thumb2_invokevfinalresolved_stub)
		(Thumb2_invokevirtualresolved_stub): New.
		(Thumb2_invokestaticresolved_stub): New.
		(Thumb2_invokespecialresolved_stub): New.
		(Thumb2 stubs): Use FRAME_* rather than ISTATE_*; the frame
		pointer is no longer in a fixed register.
		(JAZ_REGSET, JAZ_*): Move delaration of JAZ registers here.
		(Thumb2_monitorenter): New.

		(normal_entry_synchronized): Rearrange so that we can load the
		thread pointer without exceeding the number of instructions that
		we can fit into the gap between SLOW_ENTRY and FAST_ENTRY.
		(normal_entry): Likewise.

		(MP_COMPILE_THRESHOLD, UP_COMPILE_THRESHOLD): Adjust.
		(TBIT): New.
		(FRAME_METHOD, FRAME_CONSTANTS, FRAME_BCP, FRAME_STACK_LIMIT)
		(FRAME_LOCALS, FRAME_STACK): New.
		(SLOW_ENTRY,  FAST_ENTRY, SLOW_ENTRY_OFFSET, FAST_ENTRY_OFFSET): New.
		(LOAD_ISTATE): New.
		(DECACHE_STACK_USING_FRAME, DECACHE_JPC_USING_FRAME): New.
		(TRACE): Save and restore IP.
		Pass istate to my_trace().

		(Opcode monitorenter): Remove all the assembler code and replace
		it with a call to Helper_monitorenter.

		* src/cpu/zero/vm/bytecodes_arm.def:
		Throughout: register tmp2 is no longer available, use other
		registers as appropriate.

		(lgetfield): Use ldrexd to load a jlong rather than an
		ldrexd/strexd loop.

		* src/cpu/zero/vm/asm_helper.cpp (ARCH_THUMB2): Renamed from
		ARCH_THUMBEE.
		(my_trace): New.
		(Helper_monitorenter): New.
		(Helper_monitorexit): New.


changeset d77793023b14 in /hg/release/icedtea7-forest-2.4/hotspot
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/hotspot?cmd=changeset;node=d77793023b14
author: aph
date: Mon May 28 08:01:18 2012 -0400

	Use ldrexd for atomic reads on ARMv7.
	2012-05-28  Andrew Haley  <aph at redhat.com>

		* os_linux_zero.hpp (atomic_copy64): Use ldrexd for atomic reads
		on ARMv7.


changeset 4888872c21be in /hg/release/icedtea7-forest-2.4/hotspot
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/hotspot?cmd=changeset;node=4888872c21be
author: aph
date: Mon May 28 08:48:42 2012 -0400

	Adjust saved SP when safepointing.
	2012-05-28  Andrew Haley  <aph at redhat.com>

		* thumb2.cpp (Thumb2_Safepoint): Adjust saved SP when
		safepointing.


changeset 76900149f3f0 in /hg/release/icedtea7-forest-2.4/hotspot
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/hotspot?cmd=changeset;node=76900149f3f0
author: aph
date: Tue May 29 10:11:11 2012 -0400

	Phase 1


changeset 3bb197ceab24 in /hg/release/icedtea7-forest-2.4/hotspot
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/hotspot?cmd=changeset;node=3bb197ceab24
author: aph
date: Tue May 29 11:06:21 2012 -0400

	Phase 2


changeset f8dd5ae19039 in /hg/release/icedtea7-forest-2.4/hotspot
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/hotspot?cmd=changeset;node=f8dd5ae19039
author: aph
date: Fri Jul 12 20:26:41 2013 +0100

	Don't save locals at a return.


changeset a644c3ec2b16 in /hg/release/icedtea7-forest-2.4/hotspot
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/hotspot?cmd=changeset;node=a644c3ec2b16
author: aph
date: Fri Jul 12 20:27:35 2013 +0100

	Back out mistaken checkin of debug code.


changeset 70e201bcbb24 in /hg/release/icedtea7-forest-2.4/hotspot
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/hotspot?cmd=changeset;node=70e201bcbb24
author: adinn
date: Thu Jun 07 17:49:46 2012 +0100

	corrected call from fast_method_handle_entry to CppInterpreter::method_handle_entry so that thread is loaded into r2


changeset a214ebebbdcb in /hg/release/icedtea7-forest-2.4/hotspot
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/hotspot?cmd=changeset;node=a214ebebbdcb
author: aph
date: Wed Jun 06 10:09:22 2012 -0400

	Fix JIT bug that miscompiles org.eclipse.ui.internal.contexts.ContextAuthority.sourceChanged
	2012-06-06  Andrew Haley  <aph at redhat.com>

		* thumb2.cpp (Thumb2_Compile): Ask the CompilerOracle if we should
		compile this method.
		(Thumb2_iOp): Use a temporary to hold the shift count.


changeset 16446d9fa65e in /hg/release/icedtea7-forest-2.4/hotspot
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/hotspot?cmd=changeset;node=16446d9fa65e
author: aph
date: Fri Jun 08 09:11:52 2012 -0400

	ARM: Rename a bunch of misleadingly-named functions
	2012-06-08  Andrew Haley  <aph at redhat.com>

		* thumb2.cpp: Rename some functions:
		Thumb2_save_locals -> Thumb2_save_local_refs
		Thumb2_restore_locals -> Thumb2_restore_local_refs
		Thumb2_invoke_save -> Thumb2_save_all_locals
		Thumb2_invoke_restore -> Thumb2_restore_all_locals


changeset 1ee2f45db8bc in /hg/release/icedtea7-forest-2.4/hotspot
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/hotspot?cmd=changeset;node=1ee2f45db8bc
author: aph
date: Fri Jun 08 10:25:37 2012 -0400

	Fix call to handle_special_method().  Fix compareAndSwapLong.
	2012-06-08  Andrew Haley  <aph at redhat.com>

		* thumb2.cpp (Thumb2_codegen): Move call to
		handle_special_method() outside test.
		(handle_special_method: _compareAndSwapLong): Save/restore all
		locals, not just locals of ref type.


changeset ce4008a48588 in /hg/release/icedtea7-forest-2.4/hotspot
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/hotspot?cmd=changeset;node=ce4008a48588
author: chrisphi
date: Thu Aug 30 11:53:27 2012 -0400

	ARM: Fix trashed thread ptr after recursive re-entry from
		asm jit.


changeset 92d450da7626 in /hg/release/icedtea7-forest-2.4/hotspot
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/hotspot?cmd=changeset;node=92d450da7626
author: chrisphi
date: Thu Mar 21 11:17:13 2013 -0400

	PR1363: Fedora 19 / rawhide FTBFS SIGILL
	Changed thumb2 PUSH & POP to inline functions,
	Added detection of reg alloc failure, fails compile of method.


changeset 521adb51d083 in /hg/release/icedtea7-forest-2.4/hotspot
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/hotspot?cmd=changeset;node=521adb51d083
author: andrew
date: Wed Aug 29 17:23:23 2012 +0100

	PR1101: Undefined symbols on GNU/Linux SPARC


changeset f541c1d41ba7 in /hg/release/icedtea7-forest-2.4/hotspot
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/hotspot?cmd=changeset;node=f541c1d41ba7
author: Xerxes Ranby <xerxes at zafena.se>
date: Tue May 28 19:43:58 2013 +0200

	PR1188: ASM Interpreter and Thumb2 JIT javac miscompile modulo reminder on armel
	Summary:
	The POPF1 macro used wrong destination register r0 instead of r1 on ARM armel
	causing issues with the frem bytecode.
	The frem bytecode was the only bytecode using the defect macro.


changeset fef21600239c in /hg/release/icedtea7-forest-2.4/hotspot
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/hotspot?cmd=changeset;node=fef21600239c
author: chrisphi
date: Fri Jul 12 20:56:23 2013 +0100

	Changes for HSX23


changeset 60dbdc6b0859 in /hg/release/icedtea7-forest-2.4/hotspot
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/hotspot?cmd=changeset;node=60dbdc6b0859
author: andrew
date: Fri Jul 12 21:41:06 2013 +0100

	Remove fragment from method that has been removed


changeset 297a0304a568 in /hg/release/icedtea7-forest-2.4/hotspot
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/hotspot?cmd=changeset;node=297a0304a568
author: andrew
date: Wed Jul 17 13:52:07 2013 +0100

	Use $(CC) to compile mkbc instead of $(CC_COMPILE) to avoid C++-only flags


changeset d54091fd1092 in /hg/release/icedtea7-forest-2.4/hotspot
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/hotspot?cmd=changeset;node=d54091fd1092
author: andrew
date: Wed Jul 17 17:30:04 2013 +0100

	Remove C++ flags from CC_COMPILE and fix usage in zeroshark.make.


changeset 1ad36c6cff31 in /hg/release/icedtea7-forest-2.4/hotspot
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/hotspot?cmd=changeset;node=1ad36c6cff31
author: andrew
date: Wed Jul 17 19:14:46 2013 +0100

	Add note about use of $(CFLAGS)/$(CXXFLAGS)/$(CPPFLAGS) at present.


changeset 4a989c763452 in /hg/release/icedtea7-forest-2.4/hotspot
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/hotspot?cmd=changeset;node=4a989c763452
author: andrew
date: Thu Dec 26 19:52:09 2013 +0000

	Add Shark definitions from 8003868


changeset 4049b8278e88 in /hg/release/icedtea7-forest-2.4/hotspot
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/hotspot?cmd=changeset;node=4049b8278e88
author: andrew
date: Thu Dec 26 19:52:45 2013 +0000

	Drop compile_method argument removed in 7083786 from sharkCompiler.cpp


changeset e9721d827f31 in /hg/release/icedtea7-forest-2.4/hotspot
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/hotspot?cmd=changeset;node=e9721d827f31
author: simonis
date: Mon Mar 17 13:40:34 2014 +0000

	Re-enable the 'gamma' test at the end of the HotSpot build, but only for HotSpot based bootstrap JDKs.

	The 'gamma' launcher only works with HotSpot based bootstrap JDKs because it uses the freshly build libjvm.so in the context and together with the class library of the boot JDK which was used to build it. This combination will not work for other JDKs.


changeset 9b1cdb2b44fa in /hg/release/icedtea7-forest-2.4/hotspot
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/hotspot?cmd=changeset;node=9b1cdb2b44fa
author: andrew
date: Mon Mar 17 13:43:56 2014 +0000

	Backout earlier RH1015432 fix


changeset 9600c7d61f8f in /hg/release/icedtea7-forest-2.4/hotspot
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/hotspot?cmd=changeset;node=9600c7d61f8f
author: andrew
date: Fri Jan 31 21:14:06 2014 +0000

	RH1015432: java-1.7.0-openjdk: Fails on PPC with StackOverflowError (revised fix)
	Contributed-by: chphilli at redhat.com


changeset 78628ff1b2a8 in /hg/release/icedtea7-forest-2.4/hotspot
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/hotspot?cmd=changeset;node=78628ff1b2a8
author: chrisphi
date: Tue Feb 18 20:45:28 2014 +0000

	ARM32 assembler update for hsx24. Use ARM32JIT to turn it on/off.


changeset 8e7b2661433e in /hg/release/icedtea7-forest-2.4/hotspot
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/hotspot?cmd=changeset;node=8e7b2661433e
author: andrew
date: Wed Feb 19 21:08:04 2014 +0000

	PR1679: Allow OpenJDK to build on PaX-enabled kernels


changeset eff103ee6cbe in /hg/release/icedtea7-forest-2.4/hotspot
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/hotspot?cmd=changeset;node=eff103ee6cbe
author: andrew
date: Thu Feb 20 03:38:40 2014 +0000

	Override automatic detection of source language for bytecodes_arm.def


changeset c200cfd0bd8d in /hg/release/icedtea7-forest-2.4/hotspot
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/hotspot?cmd=changeset;node=c200cfd0bd8d
author: andrew
date: Fri Jul 26 11:31:42 2013 +0100

	Include $(CFLAGS) in assembler stage


changeset 00478c5bf5e9 in /hg/release/icedtea7-forest-2.4/hotspot
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/hotspot?cmd=changeset;node=00478c5bf5e9
author: aph
date: Mon Mar 17 13:15:25 2014 +0000

	Replace literal offsets for METHOD_SIZEOFPARAMETERS and ISTATE_NEXT_FRAME with correct symbolic names.
	Fix trace code not to dereference null pointers.
	Correct Helper_aputfield and helper_aastore not to use static _byte_map_base.
	Comment-out calls to TRACE.
	Make sure that ISTATE_METHOD and ISTATE_SELF_LINK are set even when JITting fails.


diffstat:

 make/linux/makefiles/buildtree.make                   |    16 +
 make/linux/makefiles/gcc.make                         |     2 +
 make/linux/makefiles/rules.make                       |     5 +-
 make/linux/makefiles/vm.make                          |     2 +-
 make/linux/makefiles/zeroshark.make                   |    37 +
 src/cpu/zero/vm/arm_cas.S                             |    31 +
 src/cpu/zero/vm/asm_helper.cpp                        |   745 +
 src/cpu/zero/vm/bytecodes_arm.def                     |  7850 ++++++++++++++++
 src/cpu/zero/vm/bytecodes_zero.cpp                    |    52 +-
 src/cpu/zero/vm/bytecodes_zero.hpp                    |    41 +-
 src/cpu/zero/vm/cppInterpreter_arm.S                  |  7384 +++++++++++++++
 src/cpu/zero/vm/cppInterpreter_zero.cpp               |    49 +
 src/cpu/zero/vm/cppInterpreter_zero.hpp               |     2 +
 src/cpu/zero/vm/methodHandles_zero.hpp                |     6 +-
 src/cpu/zero/vm/thumb2.cpp                            |  7985 +++++++++++++++++
 src/cpu/zero/vm/vm_version_zero.hpp                   |    11 +
 src/os/linux/vm/os_linux.cpp                          |   131 +-
 src/os_cpu/linux_sparc/vm/os_linux_sparc.cpp          |    31 +-
 src/os_cpu/linux_zero/vm/atomic_linux_zero.inline.hpp |    14 +
 src/os_cpu/linux_zero/vm/os_linux_zero.cpp            |    47 +-
 src/os_cpu/linux_zero/vm/os_linux_zero.hpp            |     6 +
 src/share/tools/hsdis/Makefile                        |    10 +-
 src/share/tools/hsdis/hsdis.c                         |     5 +
 src/share/vm/prims/jvmtiExport.cpp                    |    41 +
 src/share/vm/prims/jvmtiExport.hpp                    |     7 +
 src/share/vm/runtime/os.cpp                           |    38 -
 src/share/vm/runtime/os.hpp                           |     4 -
 src/share/vm/shark/sharkCompiler.cpp                  |     1 -
 src/share/vm/shark/shark_globals.hpp                  |    10 +
 src/share/vm/utilities/vmError.cpp                    |    13 +
 src/share/vm/utilities/vmError.hpp                    |     8 +
 test/runtime/InitialThreadOverflow/DoOverflow.java    |    41 +
 test/runtime/InitialThreadOverflow/invoke.cxx         |    70 +
 test/runtime/InitialThreadOverflow/testme.sh          |    73 +
 tools/mkbc.c                                          |   607 +
 35 files changed, 25245 insertions(+), 130 deletions(-)

diffs (truncated from 25866 to 500 lines):

diff -r 2c97070e5af4 -r 00478c5bf5e9 make/linux/makefiles/buildtree.make
--- a/make/linux/makefiles/buildtree.make	Wed Jan 29 10:01:21 2014 +0000
+++ b/make/linux/makefiles/buildtree.make	Mon Mar 17 13:15:25 2014 +0000
@@ -408,6 +408,7 @@
 DATA_MODE/sparcv9 = 64
 DATA_MODE/amd64   = 64
 DATA_MODE/ia64    = 64
+DATA_MODE/ppc64   = 64
 DATA_MODE/zero    = $(ARCH_DATA_MODEL)
 
 JAVA_FLAG/32 = -d32
@@ -416,6 +417,9 @@
 WRONG_DATA_MODE_MSG = \
 	echo "JAVA_HOME must point to a $(DATA_MODE)-bit OpenJDK."
 
+WRONG_JDK_MSG = \
+	echo "JAVA_HOME must point to a HotSpot based JDK \\\(genuine Sun/Oracle or OpenJDK\\\)."
+
 CROSS_COMPILING_MSG = \
 	echo "Cross compiling for ARCH $(CROSS_COMPILE_ARCH), skipping gamma run."
 
@@ -452,6 +456,14 @@
 	echo "  exit 0"; \
 	echo "fi"; \
 	echo ""; \
+	echo "# 'gamma' only runs with HotSpot based JDKs (genuine Sun/Oracle or OpenJDK)"; \
+	echo ""; \
+	echo "\$${JAVA_HOME}/bin/java $(JAVA_FLAG) -version 2>&1 | grep -E 'OpenJDK|HotSpot' > /dev/null"; \
+	echo "if [ \$$? -ne 0 ]; then "; \
+	echo "  $(WRONG_JDK_MSG)"; \
+	echo "  exit 0"; \
+	echo "fi"; \
+	echo ""; \
 	echo "# Use gamma_g if it exists"; \
 	echo ""; \
 	echo "GAMMA_PROG=gamma"; \
@@ -459,6 +471,10 @@
 	echo "  GAMMA_PROG=gamma_g"; \
 	echo "fi"; \
 	echo ""; \
+	echo "if [ -x \"$(PAX_COMMAND)\" ]; then "; \
+	echo "  $(PAX_COMMAND) $(PAX_COMMAND_ARGS) ./\$${GAMMA_PROG}"; \
+	echo "fi"; \
+	echo ""; \
 	echo "if [ \"$(OS_VENDOR)\" = \"Darwin\" ]; then "; \
 	echo "  # Ensure architecture for gamma and JAVA_HOME is the same."; \
 	echo "  # NOTE: gamma assumes the OpenJDK directory layout."; \
diff -r 2c97070e5af4 -r 00478c5bf5e9 make/linux/makefiles/gcc.make
--- a/make/linux/makefiles/gcc.make	Wed Jan 29 10:01:21 2014 +0000
+++ b/make/linux/makefiles/gcc.make	Mon Mar 17 13:15:25 2014 +0000
@@ -241,6 +241,7 @@
     FASTDEBUG_CFLAGS/amd64 = -g
     FASTDEBUG_CFLAGS/arm   = -g
     FASTDEBUG_CFLAGS/ppc   = -g
+    FASTDEBUG_CFLAGS/zero  = -g
     FASTDEBUG_CFLAGS += $(DEBUG_CFLAGS/$(BUILDARCH))
     ifeq ($(FASTDEBUG_CFLAGS/$(BUILDARCH)),)
       FASTDEBUG_CFLAGS += -gstabs
@@ -250,6 +251,7 @@
     OPT_CFLAGS/amd64 = -g
     OPT_CFLAGS/arm   = -g
     OPT_CFLAGS/ppc   = -g
+    OPT_CFLAGS/zero  = -g
     OPT_CFLAGS += $(OPT_CFLAGS/$(BUILDARCH))
     ifeq ($(OPT_CFLAGS/$(BUILDARCH)),)
       OPT_CFLAGS += -gstabs
diff -r 2c97070e5af4 -r 00478c5bf5e9 make/linux/makefiles/rules.make
--- a/make/linux/makefiles/rules.make	Wed Jan 29 10:01:21 2014 +0000
+++ b/make/linux/makefiles/rules.make	Mon Mar 17 13:15:25 2014 +0000
@@ -31,7 +31,10 @@
 DEMANGLE        = $(DEMANGLER) < $@ > .$@ && mv -f .$@ $@
 
 # $(CC) is the c compiler (cc/gcc), $(CXX) is the c++ compiler (CC/g++).
-CC_COMPILE       = $(CC) $(CXXFLAGS) $(CFLAGS)
+# FIXME: $(CXXFLAGS) currently only includes preprocessor flags while
+# $(CFLAGS) includes C and C++ flags.  Ideally, there should be three
+# variables: $(CFLAGS), $(CXXFLAGS) and $(CPPFLAGS).
+CC_COMPILE       = $(CC) $(CXXFLAGS)
 CXX_COMPILE      = $(CXX) $(CXXFLAGS) $(CFLAGS)
 
 AS.S            = $(AS) $(ASFLAGS)
diff -r 2c97070e5af4 -r 00478c5bf5e9 make/linux/makefiles/vm.make
--- a/make/linux/makefiles/vm.make	Wed Jan 29 10:01:21 2014 +0000
+++ b/make/linux/makefiles/vm.make	Mon Mar 17 13:15:25 2014 +0000
@@ -226,7 +226,7 @@
 # Locate all source files in the given directory, excluding files in Src_Files_EXCLUDE.
 define findsrc
 	$(notdir $(shell find $(1)/. ! -name . -prune \
-		-a \( -name \*.c -o -name \*.cpp -o -name \*.s \) \
+		-a \( -name \*.c -o -name \*.cpp -o -name \*.s -o -name \*.S \) \
 		-a ! \( -name DUMMY $(addprefix -o -name ,$(Src_Files_EXCLUDE)) \)))
 endef
 
diff -r 2c97070e5af4 -r 00478c5bf5e9 make/linux/makefiles/zeroshark.make
--- a/make/linux/makefiles/zeroshark.make	Wed Jan 29 10:01:21 2014 +0000
+++ b/make/linux/makefiles/zeroshark.make	Mon Mar 17 13:15:25 2014 +0000
@@ -25,6 +25,43 @@
 
 # Setup common to Zero (non-Shark) and Shark versions of VM
 
+ifeq ($(ZERO_LIBARCH),arm)
+# check to see if we are building the assembler jit or just zero.
+ifeq ($(ARM32JIT),true)
+Obj_Files += asm_helper.o
+Obj_Files += cppInterpreter_arm.o
+Obj_Files += thumb2.o
+
+CFLAGS += -DHOTSPOT_ASM
+
+cppInterpreter_arm.o:	offsets_arm.s bytecodes_arm.s
+thumb2.o:		offsets_arm.s
+
+offsets_arm.s:	mkoffsets
+	@echo Generating assembler offsets
+	./mkoffsets > $@
+
+bytecodes_arm.s: bytecodes_arm.def mkbc
+	@echo Generating ARM assembler bytecode sequences
+	$(CXX_COMPILE) -E -x c++ - < $< | ./mkbc - $@ $(COMPILE_DONE)
+
+mkbc:	$(GAMMADIR)/tools/mkbc.c
+	@echo Compiling mkbc tool
+	$(CC_COMPILE) -o $@ $< $(COMPILE_DONE)
+
+mkoffsets:	asm_helper.cpp
+	@echo Compiling offset generator
+	$(QUIETLY) $(REMOVE_TARGET)
+	$(CXX_COMPILE) -DSTATIC_OFFSETS -o $@ $< $(COMPILE_DONE)
+
+endif
+endif
+
+%.o: %.S
+	@echo Assembling $<
+	$(QUIETLY) $(REMOVE_TARGET)
+	$(COMPILE.CC) $(CFLAGS) -o $@ $< $(COMPILE_DONE)
+
 # The copied fdlibm routines in sharedRuntimeTrig.o must not be optimized
 OPT_CFLAGS/sharedRuntimeTrig.o = $(OPT_CFLAGS/NOOPT)
 # The copied fdlibm routines in sharedRuntimeTrans.o must not be optimized
diff -r 2c97070e5af4 -r 00478c5bf5e9 src/cpu/zero/vm/arm_cas.S
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/src/cpu/zero/vm/arm_cas.S	Mon Mar 17 13:15:25 2014 +0000
@@ -0,0 +1,31 @@
+#ifdef __ARM_ARCH_7A__
+@	jlong
+@	arm_val_compare_and_swap_long(volatile void *ptr,
+@				 jlong oldval,
+@				 jlong newval) {
+	.pushsection .text
+	.global arm_val_compare_and_swap_long
+#ifdef __thumb__
+	.syntax	unified
+	.thumb_func
+#endif
+	.type arm_val_compare_and_swap_long, %function
+arm_val_compare_and_swap_long:
+	stmfd	sp!, {r4, r5, r6, r7}
+	ldrd	r4, [sp, #16]
+	dmb	sy
+0:	ldrexd	r6, [r0]
+	cmp	r6, r2
+	it	eq
+	cmpeq	r7, r3
+	bne	1f
+	strexd	r1, r4, [r0]
+	cmp	r1, #0
+	bne	0b
+	dmb	sy
+1:	mov	r0, r6
+	mov	r1, r7
+	ldmfd	sp!, {r4, r5, r6, r7}
+	bx	lr
+	.popsection
+#endif // __ARM_ARCH_7A__
diff -r 2c97070e5af4 -r 00478c5bf5e9 src/cpu/zero/vm/asm_helper.cpp
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/src/cpu/zero/vm/asm_helper.cpp	Mon Mar 17 13:15:25 2014 +0000
@@ -0,0 +1,745 @@
+/*
+ * Copyright 2009, 2010 Edward Nevill
+ * Copyright 2011, Red Hat
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ */
+
+#ifdef __arm__
+
+#define	ARCH_THUMB2	(1<<16)
+#define ARCH_VFP	(1<<17)
+#define ARCH_CLZ	(1<<18)
+
+/* A workaround for private and protected fields */
+#define private   public
+#define protected public
+
+#include "precompiled.hpp"
+#include "asm/assembler.hpp"
+#include "interp_masm_zero.hpp"
+#include "interpreter/bytecodeInterpreter.hpp"
+#include "interpreter/bytecodeInterpreter.inline.hpp"
+#include "interpreter/interpreter.hpp"
+#include "interpreter/interpreterRuntime.hpp"
+#include "oops/methodDataOop.hpp"
+#include "oops/methodOop.hpp"
+#include "oops/oop.inline.hpp"
+#include "oops/klassOop.hpp"
+#include "prims/jvmtiExport.hpp"
+#include "prims/jvmtiThreadState.hpp"
+#include "runtime/frame.hpp"
+#include "runtime/deoptimization.hpp"
+#include "runtime/frame.inline.hpp"
+#include "runtime/sharedRuntime.hpp"
+#include "runtime/stubRoutines.hpp"
+#include "runtime/synchronizer.hpp"
+#include "runtime/vframeArray.hpp"
+#include "utilities/debug.hpp"
+
+
+#ifndef STATIC_OFFSETS
+
+#include <linux/auxvec.h>
+#include <asm/hwcap.h>
+
+#define VECBUFF_SIZE 64
+
+static char valuebuf[128];
+
+// Return the name of the current method.  Not multi-thread safe.
+extern "C" char*
+meth(interpreterState istate) {
+  istate->method()->name_and_sig_as_C_string(valuebuf, sizeof valuebuf);
+  char *p = valuebuf + strlen(valuebuf);
+  sprintf(p, ": " PTR_FORMAT " (bci %d)",
+	  (intptr_t) istate->bcp(),
+	  istate->method()->bci_from(istate->bcp()));
+  return valuebuf;
+}
+
+// Used for debugging the interpreter.  The macro TRACE in
+// cppInterpreter_arm.S calls this routine, and you can trap on a
+// particular method.
+#define NAME1 "sun.nio.ch.FileChannelImpl$Unmapper.run()V"
+#define EQ(S1, S2) (S1 && (strncmp(S1, S2, strlen(S2)) == 0))
+extern "C" void my_trace(void *jpc, interpreterState istate)
+{
+  JavaThread *jt = istate->thread();
+  if (jt->zero_stack()->sp() && jt->top_zero_frame()) {
+    bool has_last_Java_frame = jt->has_last_Java_frame();
+    if (!has_last_Java_frame)
+      jt->set_last_Java_frame();
+
+    StackFrameStream sfs(jt);
+    for(int i = 0; !sfs.is_done(); sfs.next(), i++) {
+    }
+
+    // Reset the frame anchor if necessary
+    if (!has_last_Java_frame)
+      jt->reset_last_Java_frame();
+  }
+}
+
+extern "C" unsigned hwcap(void)
+{
+  int fd;
+  unsigned vecs[VECBUFF_SIZE];
+  unsigned *p;
+  int i, n;
+  unsigned rc = 0;
+  unsigned arch = 4;
+ 
+  fd = open("/proc/self/auxv", O_RDONLY);
+  if (fd < 0) return 0;
+  do {
+    n = read(fd, vecs, VECBUFF_SIZE * sizeof(unsigned));
+    p = vecs;
+    i = n/8;
+    while (--i >= 0) {
+      unsigned tag = *p++;
+      unsigned value = *p++;
+      if (tag == 0) goto fini;
+      if (tag == AT_HWCAP) {
+	if (value & HWCAP_THUMBEE) rc |= ARCH_THUMB2;
+	if (value & HWCAP_VFP) rc |= ARCH_VFP;
+      } else if (tag == AT_PLATFORM) {
+	const char *s = (const char *)value;
+	int c;
+
+	if (*s++ == 'v') {
+	  arch = 0;
+	  while ((isdigit)(c = *s++)) arch = arch * 10 + c - '0';
+	}
+      }
+    }
+  } while (n == VECBUFF_SIZE * sizeof(unsigned));
+fini:
+  close(fd);
+//  printf("arch = %d, rc = 0x%08x\n", arch, rc);
+  if (arch >= 5) rc |= ARCH_CLZ;
+  if (arch >= 7) rc |= ARCH_THUMB2;
+  return rc | (1<<arch);
+}
+
+/* Thease functions allow the ASM interpreter to call CPP virtual functions.
+ * Otherwise the ASM interpreter has to grup around in the VTABLE which is
+ * not very portable.
+ */
+extern "C" bool JavaThread_is_lock_owned(JavaThread *r0, address r1)
+{
+	return r0->is_lock_owned(r1);
+}
+
+extern "C" HeapWord **CollectedHeap_top_addr(CollectedHeap *r0)
+{
+	return r0->top_addr();
+}
+
+extern "C" HeapWord **CollectedHeap_end_addr(CollectedHeap *r0)
+{
+	return r0->end_addr();
+}
+
+extern "C" char *SharedRuntime_generate_class_cast_message(const char *name, const char *klass)
+{
+	return SharedRuntime::generate_class_cast_message(name, klass);
+}
+
+#define HELPER_THROW(thread, name, msg) Exceptions::_throw_msg(thread, __FILE__, __LINE__, name, msg)
+
+class VMStructs {
+public:
+  static inline klassOop klass_at_addr(constantPoolOop constants, u2 index) {
+    return (klassOop) *constants->obj_at_addr_raw(index);
+  }
+};
+
+extern "C" oop Helper_new(interpreterState istate, unsigned index)
+{
+    JavaThread *thread = istate->thread();
+
+    constantPoolOop constants = istate->method()->constants();
+    oop result = NULL;
+    if (!constants->tag_at(index).is_unresolved_klass()) {
+      // Make sure klass is initialized and doesn't have a finalizer
+      oop entry = VMStructs::klass_at_addr(constants, index);
+      klassOop k_entry = (klassOop) entry;
+      instanceKlass* ik = (instanceKlass*) k_entry->klass_part();
+      if ( ik->is_initialized() && ik->can_be_fastpath_allocated() ) {
+	size_t obj_size = ik->size_helper();
+	// If the TLAB isn't pre-zeroed then we'll have to do it
+	bool need_zero = !ZeroTLAB;
+	if (UseTLAB) {
+	  result = (oop) thread->tlab().allocate(obj_size);
+	}
+	if (result == NULL && !CMSIncrementalMode) {
+	  need_zero = true;
+	  // Try allocate in shared eden
+    retry:
+	  HeapWord* compare_to = *Universe::heap()->top_addr();
+	  HeapWord* new_top = compare_to + obj_size;
+	  if (new_top <= *Universe::heap()->end_addr()) {
+	    if (Atomic::cmpxchg_ptr(new_top, Universe::heap()->top_addr(), compare_to) != compare_to) {
+	      goto retry;
+	    }
+	    result = (oop) compare_to;
+	  }
+	}
+	if (result != NULL) {
+	  // Initialize object (if nonzero size and need) and then the header
+	  if (need_zero ) {
+	    HeapWord* to_zero = (HeapWord*) result + sizeof(oopDesc) / oopSize;
+	    obj_size -= sizeof(oopDesc) / oopSize;
+	    if (obj_size > 0 ) {
+	      memset(to_zero, 0, obj_size * HeapWordSize);
+	    }
+	  }
+	  if (UseBiasedLocking) {
+	    result->set_mark(ik->prototype_header());
+	  } else {
+	    result->set_mark(markOopDesc::prototype());
+	  }
+	  result->set_klass_gap(0);
+	  result->set_klass(k_entry);
+	  return result;
+	}
+      }
+    }
+    // Slow case allocation
+    InterpreterRuntime::_new(thread, istate->method()->constants(), index);
+    result = thread->vm_result();
+    thread->set_vm_result(NULL);
+    return result;
+}
+
+extern "C" int Helper_instanceof(interpreterState istate, unsigned index, oop tos)
+{
+    if (tos == NULL) return 0;
+
+    // Constant pool may have actual klass or unresolved klass. If it is
+    // unresolved we must resolve it
+    if (istate->method()->constants()->tag_at(index).is_unresolved_klass()) {
+      InterpreterRuntime::quicken_io_cc(istate->thread());
+      if (istate->thread()->has_pending_exception()) return 0;
+    }
+    klassOop klassOf = VMStructs::klass_at_addr(istate->method()->constants(), index);
+    klassOop objKlassOop = tos->klass();
+    //
+    // Check for compatibilty. This check must not GC!!
+    // Seems way more expensive now that we must dispatch
+    //
+    return objKlassOop == klassOf || objKlassOop->klass_part()->is_subtype_of(klassOf);
+}
+
+extern "C" oop Helper_checkcast(interpreterState istate, unsigned index, oop tos)
+{
+    if (tos == NULL) return NULL;
+
+    // Constant pool may have actual klass or unresolved klass. If it is
+    // unresolved we must resolve it
+    if (istate->method()->constants()->tag_at(index).is_unresolved_klass()) {
+      oop except_oop;
+      InterpreterRuntime::quicken_io_cc(istate->thread());
+      if (except_oop = istate->thread()->pending_exception()) return except_oop;
+    }
+    klassOop klassOf = VMStructs::klass_at_addr(istate->method()->constants(), index);
+    klassOop objKlassOop = tos->klass(); //ebx
+    //
+    // Check for compatibilty. This check must not GC!!
+    // Seems way more expensive now that we must dispatch
+    //
+    if (objKlassOop != klassOf && !objKlassOop->klass_part()->is_subtype_of(klassOf)) {
+      ResourceMark rm(istate->thread());
+      const char* objName = Klass::cast(objKlassOop)->external_name();
+      const char* klassName = Klass::cast(klassOf)->external_name();
+      char* message = SharedRuntime::generate_class_cast_message(objName, klassName);
+      ThreadInVMfromJava trans(istate->thread());
+      HELPER_THROW(istate->thread(), vmSymbols::java_lang_ClassCastException(), message);
+    }
+    return istate->thread()->pending_exception();
+}
+
+extern "C" oop Helper_monitorenter(interpreterState istate, oop lockee)
+{
+    BasicObjectLock* limit = istate->monitor_base();
+    BasicObjectLock* most_recent = (BasicObjectLock*) istate->stack_base();
+    BasicObjectLock* entry = NULL;
+    markOop displaced;
+    JavaThread *thread = istate->thread();
+
+    if (lockee == NULL) {
+      HELPER_THROW(istate->thread(), vmSymbols::java_lang_NullPointerException(), "");
+      goto handle_exception;
+    }
+    while (most_recent != limit ) {
+      if (most_recent->obj() == NULL) entry = most_recent;
+      else if (most_recent->obj() == lockee) break;
+      most_recent++;
+    }
+    if (entry == NULL) {
+      int monitor_words = frame::interpreter_frame_monitor_size();
+      ZeroStack *stack = thread->zero_stack();
+
+      if (monitor_words > stack->available_words()) {
+        InterpreterRuntime::throw_StackOverflowError(thread);
+	goto handle_exception;
+      } else {
+	stack->alloc(monitor_words * wordSize);
+
+	for (intptr_t *p = istate->stack() + 1; p < istate->stack_base(); p++)
+	  *(p - monitor_words) = *p;
+
+	istate->set_stack_limit(istate->stack_limit() - monitor_words);
+	istate->set_stack(istate->stack() - monitor_words);
+	istate->set_stack_base(istate->stack_base() - monitor_words);
+
+	entry = (BasicObjectLock *) istate->stack_base();
+      }
+    }
+    entry->set_obj(lockee);
+    displaced = lockee->mark()->set_unlocked();
+    entry->lock()->set_displaced_header(displaced);
+    if (Atomic::cmpxchg_ptr(entry, lockee->mark_addr(), displaced) != displaced) {
+      // Is it simple recursive case?
+      if (thread->is_lock_owned((address) displaced->clear_lock_bits())) {
+	entry->lock()->set_displaced_header(NULL);
+      } else {
+	InterpreterRuntime::monitorenter(thread, entry);
+      }

From bugzilla-daemon at icedtea.classpath.org  Mon Mar 17 14:26:40 2014
From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org)
Date: Mon, 17 Mar 2014 14:26:40 +0000
Subject: [Bug 1363] [IcedTea7] Fedora 19 / rawhide FTBFS SIGILL
In-Reply-To: <bug-1363-30@http.icedtea.classpath.org/bugzilla/>
References: <bug-1363-30@http.icedtea.classpath.org/bugzilla/>
Message-ID: <bug-1363-30-e9oo8rdYXB@http.icedtea.classpath.org/bugzilla/>

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1363

--- Comment #5 from hg commits <mercurial at icedtea.classpath.org> ---
details:
http://icedtea.classpath.org//hg/release/icedtea7-forest-2.4/hotspot?cmd=changeset;node=92d450da7626
author: chrisphi
date: Thu Mar 21 11:17:13 2013 -0400

    PR1363: Fedora 19 / rawhide FTBFS SIGILL
    Changed thumb2 PUSH & POP to inline functions,
    Added detection of reg alloc failure, fails compile of method.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140317/8a4a81b5/attachment.html>

From bugzilla-daemon at icedtea.classpath.org  Mon Mar 17 14:27:08 2014
From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org)
Date: Mon, 17 Mar 2014 14:27:08 +0000
Subject: [Bug 1679] [IcedTea7] Allow OpenJDK to build on PaX-enabled kernels
In-Reply-To: <bug-1679-30@http.icedtea.classpath.org/bugzilla/>
References: <bug-1679-30@http.icedtea.classpath.org/bugzilla/>
Message-ID: <bug-1679-30-HS8gUjmr7c@http.icedtea.classpath.org/bugzilla/>

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1679

--- Comment #5 from hg commits <mercurial at icedtea.classpath.org> ---
details:
http://icedtea.classpath.org//hg/release/icedtea7-forest-2.4/hotspot?cmd=changeset;node=8e7b2661433e
author: andrew
date: Wed Feb 19 21:08:04 2014 +0000

    PR1679: Allow OpenJDK to build on PaX-enabled kernels

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140317/024d7028/attachment.html>

From andrew at icedtea.classpath.org  Mon Mar 17 14:27:17 2014
From: andrew at icedtea.classpath.org (andrew at icedtea.classpath.org)
Date: Mon, 17 Mar 2014 14:27:17 +0000
Subject: /hg/release/icedtea7-forest-2.4/jdk: 2 new changesets
Message-ID: <hg.a2c172404305.1395066437.9040506844232929411@icedtea.classpath.org>

changeset a2c172404305 in /hg/release/icedtea7-forest-2.4/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/jdk?cmd=changeset;node=a2c172404305
author: andrew
date: Wed Feb 05 11:24:21 2014 +0000

	Link against $(LIBDL) if SYSTEM_CUPS is not true


changeset f582aad1fce8 in /hg/release/icedtea7-forest-2.4/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/jdk?cmd=changeset;node=f582aad1fce8
author: andrew
date: Wed Feb 19 21:08:02 2014 +0000

	PR1679: Allow OpenJDK to build on PaX-enabled kernels


diffstat:

 make/com/sun/jmx/Makefile |  10 ++++++++--
 make/sun/awt/mawt.gmk     |   3 ++-
 2 files changed, 10 insertions(+), 3 deletions(-)

diffs (45 lines):

diff -r e44a1aa00614 -r f582aad1fce8 make/com/sun/jmx/Makefile
--- a/make/com/sun/jmx/Makefile	Mon Feb 03 14:10:39 2014 +0900
+++ b/make/com/sun/jmx/Makefile	Wed Feb 19 21:08:02 2014 +0000
@@ -114,13 +114,19 @@
 endif
 
 ifeq ($(CROSS_COMPILE_ARCH),)
-RMIC = $(RMIC_JAVA) $(JAVA_TOOLS_FLAGS) -cp $(OUTPUTDIR)/classes sun.rmi.rmic.Main
+RMIC_VM = $(RMIC_JAVA)
 else
-RMIC = $(BOOT_JAVA_CMD)  $(JAVA_TOOLS_FLAGS) -cp $(OUTPUTDIR)/classes sun.rmi.rmic.Main
+RMIC_VM = $(BOOT_JAVA_CMD)
 endif  
+RMIC = $(RMIC_VM) $(JAVA_TOOLS_FLAGS) -cp $(OUTPUTDIR)/classes sun.rmi.rmic.Main
 
 $(CLASSDESTDIR)/%_Stub.class: $(CLASSDESTDIR)/%.class
 	$(prep-target)
+	if [ -x $(PAX_COMMAND) ] ; then \
+	  if [ -w $(RMIC_VM) ] ; then \
+	    $(PAX_COMMAND) $(PAX_COMMAND_ARGS) $(RMIC_VM) ; \
+	  fi ; \
+	fi
 	$(RMIC) -classpath "$(CLASSDESTDIR)"    \
                 -d $(CLASSDESTDIR)              \
                 -v1.2                           \
diff -r e44a1aa00614 -r f582aad1fce8 make/sun/awt/mawt.gmk
--- a/make/sun/awt/mawt.gmk	Mon Feb 03 14:10:39 2014 +0900
+++ b/make/sun/awt/mawt.gmk	Wed Feb 19 21:08:02 2014 +0000
@@ -192,6 +192,8 @@
 
 ifdef USE_SYSTEM_CUPS
   OTHER_LDLIBS += $(CUPS_LIBS)
+else
+  OTHER_LDLIBS += $(LIBDL)
 endif
 
 ifdef USE_SYSTEM_FONTCONFIG
@@ -219,7 +221,6 @@
 
 ifdef USE_SYSTEM_CUPS
   CPPFLAGS += -DUSE_SYSTEM_CUPS
-  LDFLAGS += $(CUPS_LIBS)
 else
   CPPFLAGS += -I$(PLATFORM_SRC)/native/common/deps
 endif

From bugzilla-daemon at icedtea.classpath.org  Mon Mar 17 14:27:24 2014
From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org)
Date: Mon, 17 Mar 2014 14:27:24 +0000
Subject: [Bug 1679] [IcedTea7] Allow OpenJDK to build on PaX-enabled kernels
In-Reply-To: <bug-1679-30@http.icedtea.classpath.org/bugzilla/>
References: <bug-1679-30@http.icedtea.classpath.org/bugzilla/>
Message-ID: <bug-1679-30-sZUy92TVLL@http.icedtea.classpath.org/bugzilla/>

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1679

--- Comment #6 from hg commits <mercurial at icedtea.classpath.org> ---
details:
http://icedtea.classpath.org//hg/release/icedtea7-forest-2.4/jdk?cmd=changeset;node=f582aad1fce8
author: andrew
date: Wed Feb 19 21:08:02 2014 +0000

    PR1679: Allow OpenJDK to build on PaX-enabled kernels

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140317/e9635537/attachment.html>

From bugzilla-daemon at icedtea.classpath.org  Mon Mar 17 15:21:23 2014
From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org)
Date: Mon, 17 Mar 2014 15:21:23 +0000
Subject: [Bug 1679] [IcedTea7] Allow OpenJDK to build on PaX-enabled kernels
In-Reply-To: <bug-1679-30@http.icedtea.classpath.org/bugzilla/>
References: <bug-1679-30@http.icedtea.classpath.org/bugzilla/>
Message-ID: <bug-1679-30-aHvswZL05a@http.icedtea.classpath.org/bugzilla/>

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1679

Andrew Haley <aph at redhat.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |aph at redhat.com

--- Comment #7 from Andrew Haley <aph at redhat.com> ---
Shouldn't this patch be upstream?

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140317/463eed68/attachment.html>

From bugzilla-daemon at icedtea.classpath.org  Mon Mar 17 15:39:34 2014
From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org)
Date: Mon, 17 Mar 2014 15:39:34 +0000
Subject: [Bug 1710] Crash SIGSEGV in C2 Compilerthread when compiling one
	specific method
In-Reply-To: <bug-1710-30@http.icedtea.classpath.org/bugzilla/>
References: <bug-1710-30@http.icedtea.classpath.org/bugzilla/>
Message-ID: <bug-1710-30-oKpabjOASz@http.icedtea.classpath.org/bugzilla/>

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1710

Andrew Haley <aph at redhat.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |ASSIGNED

--- Comment #8 from Andrew Haley <aph at redhat.com> ---
It looks to me like this is going to require a HosSpot update. The code in
question has been substantially rewritten, so there's no easy way to pick out a
bug fix. I have rasied this issue at jdk7u-dev at openjdk.java.net.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140317/1b595ffa/attachment.html>

From stefan.reich.maker.of.eye at googlemail.com  Mon Mar 17 16:29:12 2014
From: stefan.reich.maker.of.eye at googlemail.com (Stefan Reich)
Date: Mon, 17 Mar 2014 17:29:12 +0100
Subject: EXTREME weirdness - applet writing without permissions
Message-ID: <CAC2-jLH+BtnRvLY4_VNzj+JXDtnKA2fY9fmcOGj56WZsA=mu6A@mail.gmail.com>

Hi folks,

here is something really really weird. I have this applet:
http://tinybrain.de:8080/tb-applet/chat-applet.php

with this source code (you can verify!):

<applet id="theapplet" code="net.luaos.tb.tb16.ComputerChatApplet.class"
width="100%" height="300" alt="Java Applet" archive="magic.jar?3195969">
  <!--<param name="permissions" value="all-permissions" />-->
</applet>
</div>

Clearly, all-permissions is just a comment. I also get no security dialog
or anything, so it's a SANDBOXED applet.

However, I can clearly see it accessing my disk. I enter "hello" in the
chat field, and instantly, a file in ~/.tinybrain is created on my
partition.

By an untrusted applet.

How's it possible?

Process dump:

stefan     746 32001  0 17:22 ?        00:00:00
/usr/lib/firefox/plugin-container
/usr/lib/jvm/java-7-openjdk-i386/jre/lib/i386/IcedTeaPlugin.so -greomni
/usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appdir
/usr/lib/firefox/browser 32001 true plugin
stefan     754   746  1 17:22 ?        00:00:04
/usr/lib/jvm/java-7-openjdk-i386/bin/java
-Xbootclasspath/a:/usr/share/icedtea-web/netx.jar:/usr/share/icedtea-web/plugin.jar
-classpath /usr/lib/jvm/java-7-openjdk-i386/lib/rt.jar
sun.applet.PluginMain
/tmp/icedteaplugin-stefan/746-icedteanp-plugin-to-appletviewer
/tmp/icedteaplugin-stefan/746-icedteanp-appletviewer-to-plugin

Note: I also use signed applets, using the same .jar, on other pages. Maybe
that slips through to this applet? But still, it's totally out of spec that
this applet can write stuff to disk, or is it?

Cheers,
Stefan
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140317/93aed7b8/attachment-0001.html>

From andrew at icedtea.classpath.org  Mon Mar 17 16:40:44 2014
From: andrew at icedtea.classpath.org (andrew at icedtea.classpath.org)
Date: Mon, 17 Mar 2014 16:40:44 +0000
Subject: /hg/release/icedtea7-forest-2.4: Added tag icedtea-2.4.6pre01 fo...
Message-ID: <hg.2307419e6c4c.1395074445.-6425493795253247641@icedtea.classpath.org>

changeset 2307419e6c4c in /hg/release/icedtea7-forest-2.4
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4?cmd=changeset;node=2307419e6c4c
author: andrew
date: Mon Mar 17 16:37:10 2014 +0000

	Added tag icedtea-2.4.6pre01 for changeset b028e58c1b77


diffstat:

 .hgtags |  1 +
 1 files changed, 1 insertions(+), 0 deletions(-)

diffs (8 lines):

diff -r b028e58c1b77 -r 2307419e6c4c .hgtags
--- a/.hgtags	Wed Feb 19 21:07:59 2014 +0000
+++ b/.hgtags	Mon Mar 17 16:37:10 2014 +0000
@@ -409,3 +409,4 @@
 df53ec7eb789e7dec375a685dce1fa5cf63618b4 jdk7u51-b12
 6c778574d87336a2e55156544af92ce2de799696 jdk7u51-b13
 410eb7fef869645524ebb08293da1ba6215e5ce9 icedtea-2.4.5
+b028e58c1b77759531652b7ec81764f3c05ec96c icedtea-2.4.6pre01

From andrew at icedtea.classpath.org  Mon Mar 17 16:40:51 2014
From: andrew at icedtea.classpath.org (andrew at icedtea.classpath.org)
Date: Mon, 17 Mar 2014 16:40:51 +0000
Subject: /hg/release/icedtea7-forest-2.4/corba: Added tag icedtea-2.4.6pr...
Message-ID: <hg.3cf2158dd79b.1395074451.-523731888714527277@icedtea.classpath.org>

changeset 3cf2158dd79b in /hg/release/icedtea7-forest-2.4/corba
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/corba?cmd=changeset;node=3cf2158dd79b
author: andrew
date: Mon Mar 17 16:37:11 2014 +0000

	Added tag icedtea-2.4.6pre01 for changeset 48ef1bb6d120


diffstat:

 .hgtags |  1 +
 1 files changed, 1 insertions(+), 0 deletions(-)

diffs (8 lines):

diff -r 48ef1bb6d120 -r 3cf2158dd79b .hgtags
--- a/.hgtags	Wed Jan 29 10:01:16 2014 +0000
+++ b/.hgtags	Mon Mar 17 16:37:11 2014 +0000
@@ -411,3 +411,4 @@
 55a509ccc0e4ed49e311c7ecf2ed29a908bc1d6b jdk7u51-b12
 e2f0036f712aa636cfd55334ac21ea7ca2587a7b jdk7u51-b13
 3594dbde270d68920afc5ee862d10f14c2a87dc8 icedtea-2.4.5
+48ef1bb6d120dbf053f75787a40ef6faa38230f1 icedtea-2.4.6pre01

From andrew at icedtea.classpath.org  Mon Mar 17 16:40:57 2014
From: andrew at icedtea.classpath.org (andrew at icedtea.classpath.org)
Date: Mon, 17 Mar 2014 16:40:57 +0000
Subject: /hg/release/icedtea7-forest-2.4/jaxp: Added tag icedtea-2.4.6pre...
Message-ID: <hg.729a01a39169.1395074457.6056160295555406480@icedtea.classpath.org>

changeset 729a01a39169 in /hg/release/icedtea7-forest-2.4/jaxp
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/jaxp?cmd=changeset;node=729a01a39169
author: andrew
date: Mon Mar 17 16:37:13 2014 +0000

	Added tag icedtea-2.4.6pre01 for changeset e0ba4b9a8b91


diffstat:

 .hgtags |  1 +
 1 files changed, 1 insertions(+), 0 deletions(-)

diffs (8 lines):

diff -r e0ba4b9a8b91 -r 729a01a39169 .hgtags
--- a/.hgtags	Wed Jan 29 10:01:17 2014 +0000
+++ b/.hgtags	Mon Mar 17 16:37:13 2014 +0000
@@ -411,3 +411,4 @@
 807946db29f42477e8d8390be01c7e27280bc85c jdk7u51-b12
 114654a331e2f97a048d7ed43d06d7512e20e2c1 jdk7u51-b13
 8fe156ad49e2db0e5034ffda4649e801b9c315da icedtea-2.4.5
+e0ba4b9a8b91c10bacd0b316b2e04717e0f4662a icedtea-2.4.6pre01

From andrew at icedtea.classpath.org  Mon Mar 17 16:41:03 2014
From: andrew at icedtea.classpath.org (andrew at icedtea.classpath.org)
Date: Mon, 17 Mar 2014 16:41:03 +0000
Subject: /hg/release/icedtea7-forest-2.4/jaxws: Added tag icedtea-2.4.6pr...
Message-ID: <hg.d64584236d69.1395074463.1704173005128376975@icedtea.classpath.org>

changeset d64584236d69 in /hg/release/icedtea7-forest-2.4/jaxws
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/jaxws?cmd=changeset;node=d64584236d69
author: andrew
date: Mon Mar 17 16:37:13 2014 +0000

	Added tag icedtea-2.4.6pre01 for changeset 4bd947cd146b


diffstat:

 .hgtags |  1 +
 1 files changed, 1 insertions(+), 0 deletions(-)

diffs (8 lines):

diff -r 4bd947cd146b -r d64584236d69 .hgtags
--- a/.hgtags	Wed Jan 29 10:01:18 2014 +0000
+++ b/.hgtags	Mon Mar 17 16:37:13 2014 +0000
@@ -411,3 +411,4 @@
 7c7c2ea4b6808d0abf7fd48d11440d75b0c08d3a jdk7u51-b12
 81a1b110f70c37d2c2f0de7c0ef3bd2d04aba475 jdk7u51-b13
 32ea8b1ed91a12ac4633d596f0713c2c67930874 icedtea-2.4.5
+4bd947cd146bba78ac7ef45e3d28369c3faa8461 icedtea-2.4.6pre01

From andrew at icedtea.classpath.org  Mon Mar 17 16:41:11 2014
From: andrew at icedtea.classpath.org (andrew at icedtea.classpath.org)
Date: Mon, 17 Mar 2014 16:41:11 +0000
Subject: /hg/release/icedtea7-forest-2.4/langtools: Added tag icedtea-2.4...
Message-ID: <hg.f1982814ebb6.1395074471.1305664371660628365@icedtea.classpath.org>

changeset f1982814ebb6 in /hg/release/icedtea7-forest-2.4/langtools
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/langtools?cmd=changeset;node=f1982814ebb6
author: andrew
date: Mon Mar 17 16:37:14 2014 +0000

	Added tag icedtea-2.4.6pre01 for changeset 06eeb77dac24


diffstat:

 .hgtags |  1 +
 1 files changed, 1 insertions(+), 0 deletions(-)

diffs (8 lines):

diff -r 06eeb77dac24 -r f1982814ebb6 .hgtags
--- a/.hgtags	Wed Jan 29 10:01:19 2014 +0000
+++ b/.hgtags	Mon Mar 17 16:37:14 2014 +0000
@@ -411,3 +411,4 @@
 5b44df2114e466da85c3816627bfcd1b59c6499d jdk7u51-b12
 4d0807934c302f2e35e6a5acc6cdc720c82b5671 jdk7u51-b13
 dabd37b7e2950b42c1c9550caea26522348cd7b4 icedtea-2.4.5
+06eeb77dac248eb62fed00aa25f9f9fa9b4df210 icedtea-2.4.6pre01

From andrew at icedtea.classpath.org  Mon Mar 17 16:41:18 2014
From: andrew at icedtea.classpath.org (andrew at icedtea.classpath.org)
Date: Mon, 17 Mar 2014 16:41:18 +0000
Subject: /hg/release/icedtea7-forest-2.4/hotspot: Added tag icedtea-2.4.6...
Message-ID: <hg.490de178ae72.1395074478.8708922617413201811@icedtea.classpath.org>

changeset 490de178ae72 in /hg/release/icedtea7-forest-2.4/hotspot
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/hotspot?cmd=changeset;node=490de178ae72
author: andrew
date: Mon Mar 17 16:37:17 2014 +0000

	Added tag icedtea-2.4.6pre01 for changeset 00478c5bf5e9


diffstat:

 .hgtags |  1 +
 1 files changed, 1 insertions(+), 0 deletions(-)

diffs (8 lines):

diff -r 00478c5bf5e9 -r 490de178ae72 .hgtags
--- a/.hgtags	Mon Mar 17 13:15:25 2014 +0000
+++ b/.hgtags	Mon Mar 17 16:37:17 2014 +0000
@@ -624,3 +624,4 @@
 dee2a38ef6b26534c44c550ef4da2c3146c612c2 jdk7u51-b12
 6c6a2299029ad02fa2820b8ff8c61c2bbcae799c jdk7u51-b13
 2cb58882dac3bf8b186ef15f847be926772bbf98 icedtea-2.4.5
+00478c5bf5e93892b40bac1c293f8540d5be58ab icedtea-2.4.6pre01

From andrew at icedtea.classpath.org  Mon Mar 17 16:41:28 2014
From: andrew at icedtea.classpath.org (andrew at icedtea.classpath.org)
Date: Mon, 17 Mar 2014 16:41:28 +0000
Subject: /hg/release/icedtea7-forest-2.4/jdk: Added tag icedtea-2.4.6pre0...
Message-ID: <hg.cf842ff5dba2.1395074488.9040506844232929411@icedtea.classpath.org>

changeset cf842ff5dba2 in /hg/release/icedtea7-forest-2.4/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/jdk?cmd=changeset;node=cf842ff5dba2
author: andrew
date: Mon Mar 17 16:37:23 2014 +0000

	Added tag icedtea-2.4.6pre01 for changeset f582aad1fce8


diffstat:

 .hgtags |  1 +
 1 files changed, 1 insertions(+), 0 deletions(-)

diffs (8 lines):

diff -r f582aad1fce8 -r cf842ff5dba2 .hgtags
--- a/.hgtags	Wed Feb 19 21:08:02 2014 +0000
+++ b/.hgtags	Mon Mar 17 16:37:23 2014 +0000
@@ -402,3 +402,4 @@
 f5eee4f1d5b4a1e19febc9c26c863ae853ed6d2e jdk7u51-b12
 d19a89fdfb9b959b8638441d9d396685d6c7ab7b jdk7u51-b13
 9db88c18e114006dc242d1ba31683cbdb6151a5d icedtea-2.4.5
+f582aad1fce8fe3410728dd40778dbde12f63beb icedtea-2.4.6pre01

From andrew at icedtea.classpath.org  Mon Mar 17 16:42:55 2014
From: andrew at icedtea.classpath.org (andrew at icedtea.classpath.org)
Date: Mon, 17 Mar 2014 16:42:55 +0000
Subject: /hg/release/icedtea7-2.4: 2 new changesets
Message-ID: <hg.e21f201c2d68.1395074575.5789328834432805220@icedtea.classpath.org>

changeset e21f201c2d68 in /hg/release/icedtea7-2.4
details: http://icedtea.classpath.org/hg/release/icedtea7-2.4?cmd=changeset;node=e21f201c2d68
author: Andrew John Hughes <gnu_andrew at member.fsf.org>
date: Mon Mar 17 14:58:18 2014 +0000

	PR1677: Update PaX support to detect running PaX kernel and use newer tools

	2014-02-19  Andrew John Hughes  <gnu.andrew at member.fsf.org>

		PR1677: Update PaX support to detect running PaX
		kernel and use newer tools
		* NEWS: Updated.
		* acinclude.m4:
		(IT_HAS_PAX): New macro to detect whether the running
		kernel uses PaX.
		(IT_WITH_PAX): Rewritten to search for PaX tools -
		currently paxmark.sh, paxctl-ng, chpax and paxctl -
		and fail if a tool isn't found and a PaX kernel is
		being used.


changeset a03874670653 in /hg/release/icedtea7-2.4
details: http://icedtea.classpath.org/hg/release/icedtea7-2.4?cmd=changeset;node=a03874670653
author: Andrew John Hughes <gnu_andrew at member.fsf.org>
date: Mon Mar 17 16:42:38 2014 +0000

	Update to icedtea-2.4.6pre01 forest tag.

	2014-02-19  Andrew John Hughes  <gnu.andrew at member.fsf.org>

		* patches/boot/test_gamma.patch,
		* patches/pax-mark-rmic-java.patch,
		* patches/test_gamma.patch:
		Removed.
		* INSTALL:
		Document ARM32 JIT and --enable-arm32-jit option.
		* Makefile.am:
		(CORBA_CHANGESET): Update to icedtea-2.4.6pre01 tag.
		(JAXP_CHANGESET): Likewise.
		(JAXWS_CHANGESET): Likewise.
		(JDK_CHANGESET): Likewise.
		(LANGTOOLS_CHANGESET): Likewise.
		(OPENJDK_CHANGESET): Likewise.
		(CORBA_SHA256SUM): Likewise.
		(JAXP_SHA256SUM): Likewise.
		(JAXWS_SHA256SUM): Likewise.
		(JDK_SHA256SUM): Likewise.
		(LANGTOOLS_SHA256SUM): Likewise.
		(OPENJDK_SHA256SUM): Likewise.
		(ICEDTEA_PATCHES): Remove PaX patches.
		(ICEDTEA_BOOT_PATCHES): Remove test_gamma
		patch (fixed by detection of non-Oracle JDK
		addition from PPC port)
		(ARM32JIT_STATUS): Set based on ENABLE_ARM32JIT.
		(ICEDTEA_ENV): Pass ARM32JIT and PAX_COMMAND to
		OpenJDK build.
		* NEWS: Updated with latest changes, including PaX
		ARM32 and Shark changes.
		* acinclude.m4:
		(IT_ENABLE_ARM32JIT): Allow the ARM32 JIT to be
		enabled.
		* configure.ac: Run IT_ENABLE_ARM32JIT macro.
		* hotspot.map: Update to icedtea-2.4.6pre01 tag.


diffstat:

 ChangeLog                            |   49 ++++++++++++++
 INSTALL                              |    5 +
 Makefile.am                          |   44 ++++++------
 NEWS                                 |   52 +++++++++++++++
 acinclude.m4                         |  116 +++++++++++++++++++++++++---------
 configure.ac                         |    1 +
 hotspot.map                          |    2 +-
 patches/boot/test_gamma.patch        |   47 --------------
 patches/cacao/arm-arch-defines.patch |   18 -----
 patches/pax-mark-rmic-java.patch     |   10 ---
 patches/test_gamma.patch             |   47 --------------
 11 files changed, 215 insertions(+), 176 deletions(-)

diffs (truncated from 518 to 500 lines):

diff -r d9cd6461e22c -r a03874670653 ChangeLog
--- a/ChangeLog	Thu Jan 30 14:33:10 2014 +0000
+++ b/ChangeLog	Mon Mar 17 16:42:38 2014 +0000
@@ -1,3 +1,52 @@
+2014-02-19  Andrew John Hughes  <gnu.andrew at member.fsf.org>
+
+	* patches/boot/test_gamma.patch,
+	* patches/pax-mark-rmic-java.patch,
+	* patches/test_gamma.patch:
+	Removed.
+	* INSTALL:
+	Document ARM32 JIT and --enable-arm32-jit option.
+	* Makefile.am:
+	(CORBA_CHANGESET): Update to icedtea-2.4.6pre01 tag.
+	(JAXP_CHANGESET): Likewise.
+	(JAXWS_CHANGESET): Likewise.
+	(JDK_CHANGESET): Likewise.
+	(LANGTOOLS_CHANGESET): Likewise.
+	(OPENJDK_CHANGESET): Likewise.
+	(CORBA_SHA256SUM): Likewise.
+	(JAXP_SHA256SUM): Likewise.
+	(JAXWS_SHA256SUM): Likewise.
+	(JDK_SHA256SUM): Likewise.
+	(LANGTOOLS_SHA256SUM): Likewise.
+	(OPENJDK_SHA256SUM): Likewise.
+	(ICEDTEA_PATCHES): Remove PaX patches.
+	(ICEDTEA_BOOT_PATCHES): Remove test_gamma
+	patch (fixed by detection of non-Oracle JDK
+	addition from PPC port)
+	(ARM32JIT_STATUS): Set based on ENABLE_ARM32JIT.
+	(ICEDTEA_ENV): Pass ARM32JIT and PAX_COMMAND to
+	OpenJDK build.
+	* NEWS: Updated with latest changes, including PaX
+	ARM32 and Shark changes.
+	* acinclude.m4:
+	(IT_ENABLE_ARM32JIT): Allow the ARM32 JIT to be
+	enabled.
+	* configure.ac: Run IT_ENABLE_ARM32JIT macro.
+	* hotspot.map: Update to icedtea-2.4.6pre01 tag.
+
+2014-02-19  Andrew John Hughes  <gnu.andrew at member.fsf.org>
+
+	PR1677: Update PaX support to detect running PaX
+	kernel and use newer tools
+	* NEWS: Updated.
+	* acinclude.m4:
+	(IT_HAS_PAX): New macro to detect whether the running
+	kernel uses PaX.
+	(IT_WITH_PAX): Rewritten to search for PaX tools -
+	currently paxmark.sh, paxctl-ng, chpax and paxctl -
+	and fail if a tool isn't found and a PaX kernel is
+	being used.
+
 2014-01-28  Andrew John Hughes  <gnu.andrew at redhat.com>
 
 	* configure.ac: Bump to 2.4.6pre01.
diff -r d9cd6461e22c -r a03874670653 INSTALL
--- a/INSTALL	Thu Jan 30 14:33:10 2014 +0000
+++ b/INSTALL	Mon Mar 17 16:42:38 2014 +0000
@@ -204,6 +204,7 @@
 * --enable-system-kerberos: Link against the system Kerberos library and
   query it at runtime to obtain the cache location, rather than using a
   hardcoded value.
+* --enable-arm32-jit: Build the ARM32 JIT.
 
 Testing
 =======
@@ -301,6 +302,10 @@
 --enable-shark to configure.  Please note that Shark is still in
 development and builds are still likely to fail at present.
 
+On ARM32, there is also a native JIT port built on top of Zero. This
+still has issues and is thus not enabled by default. To enable it,
+pass --enable-arm32-jit to configure.
+
 Support for Different Versions of HotSpot
 =========================================
 
diff -r d9cd6461e22c -r a03874670653 Makefile.am
--- a/Makefile.am	Thu Jan 30 14:33:10 2014 +0000
+++ b/Makefile.am	Mon Mar 17 16:42:38 2014 +0000
@@ -4,19 +4,19 @@
 BUILD_VERSION = b31
 COMBINED_VERSION = $(JDK_UPDATE_VERSION)-$(BUILD_VERSION)
 
-CORBA_CHANGESET = 3594dbde270d
-JAXP_CHANGESET = 8fe156ad49e2
-JAXWS_CHANGESET = 32ea8b1ed91a
-JDK_CHANGESET = 9db88c18e114
-LANGTOOLS_CHANGESET = dabd37b7e295
-OPENJDK_CHANGESET = 410eb7fef869
+CORBA_CHANGESET = 48ef1bb6d120
+JAXP_CHANGESET = e0ba4b9a8b91
+JAXWS_CHANGESET = 4bd947cd146b
+JDK_CHANGESET = f582aad1fce8
+LANGTOOLS_CHANGESET = 06eeb77dac24
+OPENJDK_CHANGESET = b028e58c1b77
 
-CORBA_SHA256SUM = d1f97e143fe94ae3a56b45bb5a90f8ab10ec2be4ff770a788f0a1ac677e27a7d
-JAXP_SHA256SUM = 0a2a40186cedfbeb8f87b0bc86bea2830943943081d4289fc74f7a783b2e1af3
-JAXWS_SHA256SUM = 08a169b6b02883759ec7a412aa91aa3e37480761cb50b95d092dbcdb2fc9a3d0
-JDK_SHA256SUM = 285e5b8ccbb29f3f9f9ea9ea7856d1ed97465c57d091fbcd9b2e55a1ffbb543e
-LANGTOOLS_SHA256SUM = 86cb370ce2084c4b699d8c002ebe6c026e86206ffa82a2f3d7906aadb94ed79f
-OPENJDK_SHA256SUM = 2de151c7275d91ef082e63fcc0957c5f9290404ec6e20ecfa1e752e16bfab707
+CORBA_SHA256SUM = 2fcfe699797154da8b4ba5242e32468b2f3f42a0cb17039915bfb1f84887a5b6
+JAXP_SHA256SUM = e7014057721b8392676bd24760c3f7b3dd40548abb3c8dfbe8df2fa04d7c1fca
+JAXWS_SHA256SUM = 17ed5278872ad0c9ec3a849caf1480e5942b714e35c9a4a949d09daac4b34c5a
+JDK_SHA256SUM = 17410212d856da9f52f87a6289d3937d3748992855d53bb5e1496fe7879e27cd
+LANGTOOLS_SHA256SUM = a67e62618c70ef9190b2aef2b49be9d79624be9363bda258828b17494e092477
+OPENJDK_SHA256SUM = e6be030ac5934781d9682dc3108980fa7d2330c32da3cea4ae74df11fbaa92f2
 
 CACAO_VERSION = e215e36be9fc
 CACAO_SHA256SUM = 4966514c72ee7ed108b882d9b6e65c3adf8a8f9c2dccb029f971b3c8cb4870ab
@@ -297,12 +297,6 @@
 ICEDTEA_PATCHES += patches/nss-config.patch
 endif
 
-if WITH_PAX
-ICEDTEA_PATCHES += \
-	patches/test_gamma.patch \
-	patches/pax-mark-rmic-java.patch
-endif
-
 ICEDTEA_PATCHES += $(DISTRIBUTION_PATCHES)
 
 # Bootstrapping patches
@@ -352,10 +346,6 @@
 	patches/boot/xbootclasspath.patch
 endif
 
-if !WITH_PAX
-ICEDTEA_BOOT_PATCHES += patches/boot/test_gamma.patch
-endif
-
 if CP39408_JAVAH
 ICEDTEA_BOOT_PATCHES += patches/boot/pr39408.patch
 endif
@@ -435,6 +425,12 @@
 WERROR_STATUS=false
 endif
 
+if ENABLE_ARM32JIT
+ARM32JIT_STATUS=true
+else
+ARM32JIT_STATUS=false
+endif
+
 ICEDTEA_ENV = \
 	ALT_JDK_IMPORT_PATH="$(BOOT_DIR)" \
 	ANT="$(ANT)" \
@@ -487,7 +483,9 @@
 	STRIP_POLICY=no_strip \
 	JAVAC_WARNINGS_FATAL="$(WERROR_STATUS)" \
 	COMPILER_WARNINGS_FATAL="$(WERROR_STATUS)" \
-	UNLIMITED_CRYPTO="true"
+	UNLIMITED_CRYPTO="true" \
+	ARM32JIT="${ARM32JIT_STATUS}" \
+	PAX_COMMAND="${PAX_COMMAND}"
 
 if ENABLE_CACAO
 ICEDTEA_ENV += \
diff -r d9cd6461e22c -r a03874670653 NEWS
--- a/NEWS	Thu Jan 30 14:33:10 2014 +0000
+++ b/NEWS	Mon Mar 17 16:42:38 2014 +0000
@@ -14,6 +14,58 @@
 
 New in release 2.4.6 (2014-04-XX):
 
+* Backports
+  - S8009062: poor performance of JNI AttachCurrentThread after fix for 7017193
+  - Re-enable the 'gamma' test at the end of the HotSpot build, but only for HotSpot based bootstrap JDKs.
+* Bug fixes
+  - PR1101: Undefined symbols on GNU/Linux SPARC
+  - PR1659: OpenJDK 7 returns incorrect TrueType font metrics when bold style is set
+  - PR1677: Update PaX support to detect running PaX kernel and use newer tools
+  - PR1679: Allow OpenJDK to build on PaX-enabled kernels
+  - RH1015432: java-1.7.0-openjdk: Fails on PPC with StackOverflowError (revised fix)
+  - Link against $(LIBDL) if SYSTEM_CUPS is not true
+* ARM port
+  - Add arm_port from IcedTea 6
+  - Add patches/arm.patch from IcedTea 6
+  - Add patches/arm-debug.patch from IcedTea 6
+  - Add patches/arm-hsdis.patch from IcedTea 6
+  - added jvmti event generation for dynamic_generate and compiled_method_load events to ARM JIT compiler
+  - Adjust saved SP when safepointing.
+  - First cut of invokedynamic
+  - Fix trashed thread ptr after recursive re-entry from asm JIT.
+  - JIT-compilation of ldc methodHandle
+  - Rename a bunch of misleadingly-named functions
+  - Changes for HSX22
+  - Rename a bunch of misleadingly-named functions
+  - Patched method handle adapter code to deal with failures in TCK
+  - Phase 1
+  - Phase 2
+  - RTC Thumb2 JIT enhancements.
+  - Zero fails to build in hsx22+, fix for hsx22 after runs gamma OK, hsx23 still nogo.
+  - Use ldrexd for atomic reads on ARMv7.
+  - Use unified syntax for thumb code.
+  - Corrected call from fast_method_handle_entry to CppInterpreter::method_handle_entry so that thread is loaded into r2
+  - Don't save locals at a return.
+  - Fix call to handle_special_method().  Fix compareAndSwapLong.
+  - Fix JIT bug that miscompiles org.eclipse.ui.internal.contexts.ContextAuthority.sourceChanged
+  - invokedynamic and aldc for JIT
+  - Modified safepoint check to rely on memory protect signal instead of polling
+  - Minor review cleanups.
+  - PR1188: ASM Interpreter and Thumb2 JIT javac miscompile modulo reminder on armel
+  - PR1363: Fedora 19 / rawhide FTBFS SIGILL
+  - Changes for HSX23
+  - Remove fragment from method that has been removed
+  - Remove C++ flags from CC_COMPILE and fix usage in zeroshark.make.
+  - Use $(CC) to compile mkbc instead of $(CC_COMPILE) to avoid C++-only flags
+  - Add note about use of $(CFLAGS)/$(CXXFLAGS)/$(CPPFLAGS) at present.
+  - Override automatic detection of source language for bytecodes_arm.def
+  - Include $(CFLAGS) in assembler stage
+  - PR1626: ARM32 assembler update for hsx24. Use ARM32JIT to turn it on/off.
+  - Replace literal offsets for METHOD_SIZEOFPARAMETERS and ISTATE_NEXT_FRAME with correct symbolic names.
+* Shark
+  - Add Shark definitions from 8003868
+  - Drop compile_method argument removed in 7083786 from sharkCompiler.cpp
+
 New in release 2.4.5 (2014-01-29):
 
 * Backports
diff -r d9cd6461e22c -r a03874670653 acinclude.m4
--- a/acinclude.m4	Thu Jan 30 14:33:10 2014 +0000
+++ b/acinclude.m4	Mon Mar 17 16:42:38 2014 +0000
@@ -2299,45 +2299,79 @@
   AC_SUBST([enable_downloading])
 ])
 
+AC_DEFUN_ONCE([IT_HAS_PAX],
+[
+  AC_MSG_CHECKING([if a PaX kernel is in use])
+  if cat /proc/self/status | grep '^PaX' >&AS_MESSAGE_LOG_FD 2>&1; then
+    pax_active=yes;
+  else
+    pax_active=no;
+  fi
+  AC_MSG_RESULT([${pax_active}])
+  AM_CONDITIONAL([USING_PAX], test x"${pax_active}" = "xyes")
+])
+
 AC_DEFUN_ONCE([IT_WITH_PAX],
 [
-  AC_MSG_CHECKING([for pax utility to use])
+  AC_REQUIRE([IT_HAS_PAX])
+  PAX_DEFAULT=/usr/sbin/paxmark.sh
+  AC_MSG_CHECKING([if a PaX utility was specified])
   AC_ARG_WITH([pax],
               [AS_HELP_STRING(--with-pax=COMMAND,the command used for pax marking)],
   [
-    PAX_COMMAND=${withval}
+    if test "x${withval}" = "xyes"; then
+      PAX_COMMAND=no
+    else
+      PAX_COMMAND="${withval}"
+    fi
   ],
   [ 
+    PAX_COMMAND=no
+  ])
+  AC_MSG_RESULT(${PAX_COMMAND})
+  if test "x${PAX_COMMAND}" == "xno"; then
+    PAX_COMMAND=${PAX_DEFAULT}
+  fi
+  AC_MSG_CHECKING([if $PAX_COMMAND is a valid executable file])
+  if test -x "${PAX_COMMAND}" && test -f "${PAX_COMMAND}"; then
+    AC_MSG_RESULT([yes])
+  else
+    AC_MSG_RESULT([no])
+    PAX_COMMAND=""
+    AC_PATH_PROG(PAX_COMMAND, "paxmark.sh")
+    if test -z "${PAX_COMMAND}"; then
+      AC_PATH_PROG(PAX_COMMAND, "paxctl-ng")
+    fi
+    if test -z "${PAX_COMMAND}"; then
+      AC_PATH_PROG(PAX_COMMAND, "chpax")
+    fi
+    if test -z "${PAX_COMMAND}"; then
+      AC_PATH_PROG(PAX_COMMAND, "paxctl")
+    fi
+    if test -z "${PAX_COMMAND}"; then
+      if test "x${pax_active}" = "xyes"; then
+        AC_MSG_ERROR("No PaX utility found and running on a PaX kernel.")
+      else
+        AC_MSG_WARN("No PaX utility found.")
+      fi
+    fi
+  fi
+  if test -z "${PAX_COMMAND}"; then
     PAX_COMMAND="not specified"
-  ])
-  case "x${PAX_COMMAND}" in
-    xchpax)
-      case "${host_cpu}" in
-        i?86)
-          PAX_COMMAND_ARGS="-msp"
-          ;;
-        *)
-          PAX_COMMAND_ARGS="-m"
-          ;;
-      esac
-      ;;
-    xpaxctl)
-      case "${host_cpu}" in
-        i?86)
-          PAX_COMMAND_ARGS="-msp"
-          ;;
-        *)
-          PAX_COMMAND_ARGS="-m"
-          ;;
-      esac
-      ;;
-    *)
-      PAX_COMMAND="not specified"
-      PAX_COMMAND_ARGS="not specified"
-      ;;
-  esac
+    PAX_COMMAND_ARGS="not specified"
+  else
+    AC_MSG_CHECKING([which options to pass to ${PAX_COMMAND}])
+    case "${host_cpu}" in
+      i?86)
+        PAX_COMMAND_ARGS="-msp"
+        ;;
+      *)
+        PAX_COMMAND_ARGS="-m"
+        ;;
+    esac
+    AC_MSG_RESULT(${PAX_COMMAND_ARGS})
+  fi
   AM_CONDITIONAL(WITH_PAX, test "x${PAX_COMMAND}" != "xnot specified")
-  AC_MSG_RESULT(${PAX_COMMAND})
   AC_SUBST(PAX_COMMAND)
   AC_SUBST(PAX_COMMAND_ARGS)
 ])
@@ -2589,3 +2623,25 @@
   AC_PROVIDE([$0])dnl
   AM_CONDITIONAL([VM_SUPPORTS_XBOOTCLASSPATH], test x"${it_cv_xbootclasspath_works}" = "xyes")
 ])
+
+AC_DEFUN([IT_ENABLE_ARM32JIT],
+[
+  AC_MSG_CHECKING([whether to enable the ARM32 JIT])
+  AC_ARG_ENABLE([arm32-jit],
+                [AS_HELP_STRING(--enable-arm32-jit,build with the ARM32 JIT [[default=no]])],
+  [
+    case "${enableval}" in
+      yes)
+        enable_arm32jit=yes
+        ;;
+      *)
+        enable_arm32jit=no
+        ;;
+    esac
+  ],
+  [
+    enable_arm32jit=no
+  ])
+  AC_MSG_RESULT([$enable_arm32jit])
+  AM_CONDITIONAL([ENABLE_ARM32JIT], test x"${enable_arm32jit}" = "xyes")
+])
diff -r d9cd6461e22c -r a03874670653 configure.ac
--- a/configure.ac	Thu Jan 30 14:33:10 2014 +0000
+++ b/configure.ac	Mon Mar 17 16:42:38 2014 +0000
@@ -176,6 +176,7 @@
 IT_ENABLE_JAR_COMPRESSION
 IT_SET_SHARK_BUILD
 IT_CHECK_ADDITIONAL_VMS
+IT_ENABLE_ARM32JIT
 
 IT_WITH_VERSION_SUFFIX
 IT_WITH_PROJECT
diff -r d9cd6461e22c -r a03874670653 hotspot.map
--- a/hotspot.map	Thu Jan 30 14:33:10 2014 +0000
+++ b/hotspot.map	Mon Mar 17 16:42:38 2014 +0000
@@ -1,2 +1,2 @@
 # version url changeset sha256sum
-default http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/hotspot 2cb58882dac3 d8c1681ae76e660c1888065933cedbbc1309869c7a2fb98f07c424716d5ebaf9
+default http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/hotspot 00478c5bf5e9 9f77cd372778c8a3359f3c9c0eb37c1dbd7c1f569613da89de64b41de48a5760
diff -r d9cd6461e22c -r a03874670653 patches/boot/test_gamma.patch
--- a/patches/boot/test_gamma.patch	Thu Jan 30 14:33:10 2014 +0000
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,47 +0,0 @@
-diff -Nru ../openjdk.orig/openjdk-boot/hotspot/make/linux/Makefile openjdk-boot/hotspot/make/linux/Makefile
---- ../openjdk.orig/openjdk-boot/hotspot/make/linux/Makefile	2009-10-30 17:37:07.000000000 +0000
-+++ openjdk-boot/hotspot/make/linux/Makefile	2009-10-30 17:45:40.000000000 +0000
-@@ -287,42 +287,36 @@
- 
- $(TARGETS_C2):  $(SUBDIRS_C2)
- 	cd $(OSNAME)_$(BUILDARCH)_compiler2/$@ && $(MAKE) $(MFLAGS)
--	cd $(OSNAME)_$(BUILDARCH)_compiler2/$@ && ./test_gamma
- ifdef INSTALL
- 	cd $(OSNAME)_$(BUILDARCH)_compiler2/$@ && $(MAKE) $(MFLAGS) install
- endif
- 
- $(TARGETS_TIERED):  $(SUBDIRS_TIERED)
- 	cd $(OSNAME)_$(BUILDARCH)_tiered/$(patsubst %tiered,%,$@) && $(MAKE) $(MFLAGS)
--	cd $(OSNAME)_$(BUILDARCH)_tiered/$(patsubst %tiered,%,$@) && ./test_gamma
- ifdef INSTALL
- 	cd $(OSNAME)_$(BUILDARCH)_tiered/$(patsubst %tiered,%,$@) && $(MAKE) $(MFLAGS) install
- endif
- 
- $(TARGETS_C1):  $(SUBDIRS_C1)
- 	cd $(OSNAME)_$(BUILDARCH)_compiler1/$(patsubst %1,%,$@) && $(MAKE) $(MFLAGS)
--	cd $(OSNAME)_$(BUILDARCH)_compiler1/$(patsubst %1,%,$@) && ./test_gamma
- ifdef INSTALL
- 	cd $(OSNAME)_$(BUILDARCH)_compiler1/$(patsubst %1,%,$@) && $(MAKE) $(MFLAGS) install
- endif
- 
- $(TARGETS_CORE):  $(SUBDIRS_CORE)
- 	cd $(OSNAME)_$(BUILDARCH)_core/$(patsubst %core,%,$@) && $(MAKE) $(MFLAGS)
--	cd $(OSNAME)_$(BUILDARCH)_core/$(patsubst %core,%,$@) && ./test_gamma
- ifdef INSTALL
- 	cd $(OSNAME)_$(BUILDARCH)_core/$(patsubst %core,%,$@) && $(MAKE) $(MFLAGS) install
- endif
- 
- $(TARGETS_ZERO):  $(SUBDIRS_ZERO)
- 	cd $(OSNAME)_$(VARIANTARCH)_zero/$(patsubst %zero,%,$@) && $(MAKE) $(MFLAGS)
--	cd $(OSNAME)_$(VARIANTARCH)_zero/$(patsubst %zero,%,$@) && ./test_gamma
- ifdef INSTALL
- 	cd $(OSNAME)_$(VARIANTARCH)_zero/$(patsubst %zero,%,$@) && $(MAKE) $(MFLAGS) install
- endif
- 
- $(TARGETS_SHARK):  $(SUBDIRS_SHARK)
-    cd $(OSNAME)_$(VARIANTARCH)_shark/$(patsubst %shark,%,$@) && $(MAKE) $(MFLAGS)
--   cd $(OSNAME)_$(VARIANTARCH)_shark/$(patsubst %shark,%,$@) && ./test_gamma
- ifdef INSTALL
-    cd $(OSNAME)_$(VARIANTARCH)_shark/$(patsubst %shark,%,$@) && $(MAKE) $(MFLAGS) install
- endif
- 
diff -r d9cd6461e22c -r a03874670653 patches/cacao/arm-arch-defines.patch
--- a/patches/cacao/arm-arch-defines.patch	Thu Jan 30 14:33:10 2014 +0000
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,18 +0,0 @@
-diff -Nru cacao.orig/cacao/src/mm/boehm-gc/libatomic_ops-1.2/src/atomic_ops/sysdeps/gcc/arm.h cacao/cacao/src/mm/boehm-gc/libatomic_ops-1.2/src/atomic_ops/sysdeps/gcc/arm.h
---- cacao.orig/cacao/src/mm/boehm-gc/libatomic_ops-1.2/src/atomic_ops/sysdeps/gcc/arm.h	2010-05-19 12:14:46.000000000 +0100
-+++ cacao/cacao/src/mm/boehm-gc/libatomic_ops-1.2/src/atomic_ops/sysdeps/gcc/arm.h	2010-06-21 18:35:53.000000000 +0100
-@@ -33,7 +33,13 @@
- 
- /* NEC LE-IT: gcc has no way to easily check the arm architecture
-  * but defines only one of __ARM_ARCH_x__ to be true			*/
--#if defined(__ARM_ARCH_6__) || defined(__ARM_ARCH_6K__) || defined(__ARM_ARCH_7__)  
-+#if defined(__ARM_ARCH_6__) || defined(__ARM_ARCH_6J__) \
-+	|| defined(__ARM_ARCH_6K__) || defined(__ARM_ARCH_6Z__) \
-+	|| defined(__ARM_ARCH_6ZK__) || defined(__ARM_ARCH_6T2__) \
-+	|| defined(__ARM_ARCH_6M__) \
-+	|| defined(__ARM_ARCH_7__) || defined(__ARM_ARCH_7A__) \
-+	|| defined(__ARM_ARCH_7R__) || defined(__ARM_ARCH_7M__)
-+
- AO_INLINE void
- AO_nop_full()
- {
diff -r d9cd6461e22c -r a03874670653 patches/pax-mark-rmic-java.patch
--- a/patches/pax-mark-rmic-java.patch	Thu Jan 30 14:33:10 2014 +0000
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,10 +0,0 @@
---- openjdk/jdk/make/com/sun/jmx/Makefile
-+++ openjdk/jdk/make/com/sun/jmx/Makefile
-@@ -119,6 +119,7 @@
- 
- $(CLASSDESTDIR)/%_Stub.class: $(CLASSDESTDIR)/%.class
- 	$(prep-target)
-+	"$(TOPDIR)"/../../pax-mark-vm "$(OUTPUTDIR)"
- 	$(RMIC) -classpath "$(CLASSDESTDIR)"    \
-                 -d $(CLASSDESTDIR)              \
-                 -v1.2                           \
diff -r d9cd6461e22c -r a03874670653 patches/test_gamma.patch
--- a/patches/test_gamma.patch	Thu Jan 30 14:33:10 2014 +0000
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,47 +0,0 @@
-diff -Nru ../openjdk.orig/openjdk/hotspot/make/linux/Makefile openjdk/hotspot/make/linux/Makefile
---- ../openjdk.orig/openjdk/hotspot/make/linux/Makefile	2009-10-30 17:37:07.000000000 +0000
-+++ openjdk/hotspot/make/linux/Makefile	2009-10-30 17:45:40.000000000 +0000
-@@ -287,42 +287,36 @@
- 
- $(TARGETS_C2):  $(SUBDIRS_C2)
- 	cd $(OSNAME)_$(BUILDARCH)_compiler2/$@ && $(MAKE) $(MFLAGS)
--	cd $(OSNAME)_$(BUILDARCH)_compiler2/$@ && ./test_gamma
- ifdef INSTALL
- 	cd $(OSNAME)_$(BUILDARCH)_compiler2/$@ && $(MAKE) $(MFLAGS) install
- endif
- 
- $(TARGETS_TIERED):  $(SUBDIRS_TIERED)
- 	cd $(OSNAME)_$(BUILDARCH)_tiered/$(patsubst %tiered,%,$@) && $(MAKE) $(MFLAGS)
--	cd $(OSNAME)_$(BUILDARCH)_tiered/$(patsubst %tiered,%,$@) && ./test_gamma
- ifdef INSTALL
- 	cd $(OSNAME)_$(BUILDARCH)_tiered/$(patsubst %tiered,%,$@) && $(MAKE) $(MFLAGS) install
- endif
- 
- $(TARGETS_C1):  $(SUBDIRS_C1)
- 	cd $(OSNAME)_$(BUILDARCH)_compiler1/$(patsubst %1,%,$@) && $(MAKE) $(MFLAGS)
--	cd $(OSNAME)_$(BUILDARCH)_compiler1/$(patsubst %1,%,$@) && ./test_gamma
- ifdef INSTALL
- 	cd $(OSNAME)_$(BUILDARCH)_compiler1/$(patsubst %1,%,$@) && $(MAKE) $(MFLAGS) install
- endif
- 
- $(TARGETS_CORE):  $(SUBDIRS_CORE)
- 	cd $(OSNAME)_$(BUILDARCH)_core/$(patsubst %core,%,$@) && $(MAKE) $(MFLAGS)
--	cd $(OSNAME)_$(BUILDARCH)_core/$(patsubst %core,%,$@) && ./test_gamma

From bugzilla-daemon at icedtea.classpath.org  Mon Mar 17 16:43:02 2014
From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org)
Date: Mon, 17 Mar 2014 16:43:02 +0000
Subject: [Bug 1677] [IcedTea7] Update PaX support to detect running PaX
	kernel and use newer tools
In-Reply-To: <bug-1677-30@http.icedtea.classpath.org/bugzilla/>
References: <bug-1677-30@http.icedtea.classpath.org/bugzilla/>
Message-ID: <bug-1677-30-LoOM5oSDqi@http.icedtea.classpath.org/bugzilla/>

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1677

--- Comment #5 from hg commits <mercurial at icedtea.classpath.org> ---
details:
http://icedtea.classpath.org//hg/release/icedtea7-2.4?cmd=changeset;node=e21f201c2d68
author: Andrew John Hughes <gnu_andrew at member.fsf.org>
date: Mon Mar 17 14:58:18 2014 +0000

    PR1677: Update PaX support to detect running PaX kernel and use newer tools

    2014-02-19  Andrew John Hughes  <gnu.andrew at member.fsf.org>

        PR1677: Update PaX support to detect running PaX
        kernel and use newer tools
        * NEWS: Updated.
        * acinclude.m4:
        (IT_HAS_PAX): New macro to detect whether the running
        kernel uses PaX.
        (IT_WITH_PAX): Rewritten to search for PaX tools -
        currently paxmark.sh, paxctl-ng, chpax and paxctl -
        and fail if a tool isn't found and a PaX kernel is
        being used.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140317/8db293ae/attachment.html>

From aazores at redhat.com  Mon Mar 17 16:58:05 2014
From: aazores at redhat.com (Andrew Azores)
Date: Mon, 17 Mar 2014 12:58:05 -0400 (EDT)
Subject: EXTREME weirdness - applet writing without permissions
In-Reply-To: <CAC2-jLH+BtnRvLY4_VNzj+JXDtnKA2fY9fmcOGj56WZsA=mu6A@mail.gmail.com>
References: <CAC2-jLH+BtnRvLY4_VNzj+JXDtnKA2fY9fmcOGj56WZsA=mu6A@mail.gmail.com>
Message-ID: <960346228.642835.1395075485802.JavaMail.zimbra@redhat.com>

>Hi folks,
>
>here is something really really weird. I have this applet:
>http://tinybrain.de:8080/tb-applet/chat-applet.php
>
>with this source code (you can verify!):
>
><applet id="theapplet" code="net.luaos.tb.tb16.ComputerChatApplet.class"
>width="100%" height="300" alt="Java Applet" archive="magic.jar?3195969">
>  <!--<param name="permissions" value="all-permissions" />-->
></applet>
></div>
>
>Clearly, all-permissions is just a comment. I also get no security dialog
>or anything, so it's a SANDBOXED applet.

How are you determining that it's sandboxed? What version of ITW are you running, and what are your settings in Extended Applet Security (check with itweb-settings)? When I run your applet, I get a dialog informing me that it's a signed applet but that it couldn't be verified - but signed, nonetheless. As far as I can tell based on what I'm seeing in the setup of your applet, this is correct.

>
>However, I can clearly see it accessing my disk. I enter "hello" in the
>chat field, and instantly, a file in ~/.tinybrain is created on my
>partition.
>
>By an untrusted applet.
>
>How's it possible?
>
>Process dump:
>
>stefan     746 32001  0 17:22 ?        00:00:00
>/usr/lib/firefox/plugin-container
>/usr/lib/jvm/java-7-openjdk-i386/jre/lib/i386/IcedTeaPlugin.so -greomni
>/usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appdir
>/usr/lib/firefox/browser 32001 true plugin
>stefan     754   746  1 17:22 ?        00:00:04
>/usr/lib/jvm/java-7-openjdk-i386/bin/java
>-Xbootclasspath/a:/usr/share/icedtea-web/netx.jar:/usr/share/icedtea-web/plugin.jar
>-classpath /usr/lib/jvm/java-7-openjdk-i386/lib/rt.jar
>sun.applet.PluginMain
>/tmp/icedteaplugin-stefan/746-icedteanp-plugin-to-appletviewer
>/tmp/icedteaplugin-stefan/746-icedteanp-appletviewer-to-plugin
>
>Note: I also use signed applets, using the same .jar, on other pages. Maybe
>that slips through to this applet? But still, it's totally out of spec that
>this applet can write stuff to disk, or is it?

This sounds to me like the root of the confusion here. If your applet resides within a signed JAR, it is treated as if it is signed, unless your applet tag in the HTML specifies that it should be sandboxed anyway [0]. ``If the permissions parameter is not present, signed applets default to "all-permissions" and unsigned applets default to "sandbox".'' If you want this applet to only be able to run with sandbox permissions, without having to specify this in the html, then you need to put it in its own unsigned JAR.

>
>Cheers,
>Stefan

[0] http://docs.oracle.com/javase/tutorial/deployment/applet/html.html

Thanks,

Andrew A

From stefan.reich.maker.of.eye at googlemail.com  Mon Mar 17 17:06:44 2014
From: stefan.reich.maker.of.eye at googlemail.com (Stefan Reich)
Date: Mon, 17 Mar 2014 18:06:44 +0100
Subject: EXTREME weirdness - applet writing without permissions
In-Reply-To: <960346228.642835.1395075485802.JavaMail.zimbra@redhat.com>
References: <CAC2-jLH+BtnRvLY4_VNzj+JXDtnKA2fY9fmcOGj56WZsA=mu6A@mail.gmail.com>
	<960346228.642835.1395075485802.JavaMail.zimbra@redhat.com>
Message-ID: <CAC2-jLEoMAu5TH4X-SjhLtfHi64eWO00TYK0_HV8=Q8FYxNLJg@mail.gmail.com>

Oh... OK. So I misunderstood (mis-guessed) the spec. I see!

So I'll have to put an unsigned applet there to have it sandboxed.

Thanks for investigating,
Stefan


On Mon, Mar 17, 2014 at 5:58 PM, Andrew Azores <aazores at redhat.com> wrote:

> >Hi folks,
> >
> >here is something really really weird. I have this applet:
> >http://tinybrain.de:8080/tb-applet/chat-applet.php
> >
> >with this source code (you can verify!):
> >
> ><applet id="theapplet" code="net.luaos.tb.tb16.ComputerChatApplet.class"
> >width="100%" height="300" alt="Java Applet" archive="magic.jar?3195969">
> >  <!--<param name="permissions" value="all-permissions" />-->
> ></applet>
> ></div>
> >
> >Clearly, all-permissions is just a comment. I also get no security dialog
> >or anything, so it's a SANDBOXED applet.
>
> How are you determining that it's sandboxed? What version of ITW are you
> running, and what are your settings in Extended Applet Security (check with
> itweb-settings)? When I run your applet, I get a dialog informing me that
> it's a signed applet but that it couldn't be verified - but signed,
> nonetheless. As far as I can tell based on what I'm seeing in the setup of
> your applet, this is correct.
>
> >
> >However, I can clearly see it accessing my disk. I enter "hello" in the
> >chat field, and instantly, a file in ~/.tinybrain is created on my
> >partition.
> >
> >By an untrusted applet.
> >
> >How's it possible?
> >
> >Process dump:
> >
> >stefan     746 32001  0 17:22 ?        00:00:00
> >/usr/lib/firefox/plugin-container
> >/usr/lib/jvm/java-7-openjdk-i386/jre/lib/i386/IcedTeaPlugin.so -greomni
> >/usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appdir
> >/usr/lib/firefox/browser 32001 true plugin
> >stefan     754   746  1 17:22 ?        00:00:04
> >/usr/lib/jvm/java-7-openjdk-i386/bin/java
>
> >-Xbootclasspath/a:/usr/share/icedtea-web/netx.jar:/usr/share/icedtea-web/plugin.jar
> >-classpath /usr/lib/jvm/java-7-openjdk-i386/lib/rt.jar
> >sun.applet.PluginMain
> >/tmp/icedteaplugin-stefan/746-icedteanp-plugin-to-appletviewer
> >/tmp/icedteaplugin-stefan/746-icedteanp-appletviewer-to-plugin
> >
> >Note: I also use signed applets, using the same .jar, on other pages.
> Maybe
> >that slips through to this applet? But still, it's totally out of spec
> that
> >this applet can write stuff to disk, or is it?
>
> This sounds to me like the root of the confusion here. If your applet
> resides within a signed JAR, it is treated as if it is signed, unless your
> applet tag in the HTML specifies that it should be sandboxed anyway [0].
> ``If the permissions parameter is not present, signed applets default to
> "all-permissions" and unsigned applets default to "sandbox".'' If you want
> this applet to only be able to run with sandbox permissions, without having
> to specify this in the html, then you need to put it in its own unsigned
> JAR.
>
> >
> >Cheers,
> >Stefan
>
> [0] http://docs.oracle.com/javase/tutorial/deployment/applet/html.html
>
> Thanks,
>
> Andrew A
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140317/d237a92c/attachment.html>

From aazores at redhat.com  Mon Mar 17 17:10:40 2014
From: aazores at redhat.com (Andrew Azores)
Date: Mon, 17 Mar 2014 13:10:40 -0400 (EDT)
Subject: EXTREME weirdness - applet writing without permissions
In-Reply-To: <CAC2-jLEoMAu5TH4X-SjhLtfHi64eWO00TYK0_HV8=Q8FYxNLJg@mail.gmail.com>
References: <CAC2-jLH+BtnRvLY4_VNzj+JXDtnKA2fY9fmcOGj56WZsA=mu6A@mail.gmail.com>
	<960346228.642835.1395075485802.JavaMail.zimbra@redhat.com>
	<CAC2-jLEoMAu5TH4X-SjhLtfHi64eWO00TYK0_HV8=Q8FYxNLJg@mail.gmail.com>
Message-ID: <1881295401.647403.1395076240652.JavaMail.zimbra@redhat.com>

> Oh... OK. So I misunderstood (mis-guessed) the spec. I see! 
> So I'll have to put an unsigned applet there to have it sandboxed. 
> Thanks for investigating, 
> Stefan 

Well, you could alternatively just specify sandbox permissions in the applet tag. But simply splitting it into its own separate unsigned JAR will also work. Up to you. Bonus points if you test both and confirm that it comes out with sandbox-only permissions either way :) 

Thanks, 

Andrew A 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140317/c2fc6726/attachment.html>

From aazores at redhat.com  Mon Mar 17 17:27:55 2014
From: aazores at redhat.com (Andrew Azores)
Date: Mon, 17 Mar 2014 13:27:55 -0400 (EDT)
Subject: [rfc][icedtea-web] Launching PolicyEditor from CertWarningPane
In-Reply-To: <780923058.4176443.1394812828836.JavaMail.zimbra@redhat.com>
References: <53220215.60301@redhat.com> <53220A02.7090506@redhat.com>
	<5323135E.6070700@redhat.com>
	<780923058.4176443.1394812828836.JavaMail.zimbra@redhat.com>
Message-ID: <907296202.650981.1395077275435.JavaMail.zimbra@redhat.com>

This patch adds the exact same button to the new Partially Signed dialog. The patch is nearly identical, so I think reviewing them together makes sense. Maybe eventually CertWarningPane can be made into an AppTrustWarningPanel as well, which will allow some elimination of duplicate code here.

Thanks,

Andrew A
-------------- next part --------------
A non-text attachment was scrubbed...
Name: partially-signed-policyeditor.patch
Type: text/x-patch
Size: 6130 bytes
Desc: not available
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140317/36922c9a/partially-signed-policyeditor-0001.patch>

From bugzilla-daemon at icedtea.classpath.org  Mon Mar 17 23:26:32 2014
From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org)
Date: Mon, 17 Mar 2014 23:26:32 +0000
Subject: [Bug 1712] New: [IcedTea6] Allow -Werror to be turned off in the
	HotSpot build
Message-ID: <bug-1712-30@http.icedtea.classpath.org/bugzilla/>

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1712

            Bug ID: 1712
           Summary: [IcedTea6] Allow -Werror to be turned off in the
                    HotSpot build
           Product: IcedTea
           Version: 6-1.13.1
          Hardware: x86_64
                OS: Linux
            Status: NEW
          Severity: enhancement
          Priority: P5
         Component: IcedTea
          Assignee: gnu.andrew at redhat.com
          Reporter: gnu.andrew at redhat.com
                CC: unassigned at icedtea.classpath.org

IcedTea 1.13.x already incorporates the HotSpot portion of PR1095. We should
make use of it.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140317/5694a94c/attachment.html>

From bugzilla-daemon at icedtea.classpath.org  Mon Mar 17 23:27:05 2014
From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org)
Date: Mon, 17 Mar 2014 23:27:05 +0000
Subject: [Bug 1712] [IcedTea6] Allow -Werror to be turned off in the HotSpot
	build
In-Reply-To: <bug-1712-30@http.icedtea.classpath.org/bugzilla/>
References: <bug-1712-30@http.icedtea.classpath.org/bugzilla/>
Message-ID: <bug-1712-30-evRq62LcTV@http.icedtea.classpath.org/bugzilla/>

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1712

Andrew John Hughes <gnu.andrew at redhat.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |ASSIGNED
             Blocks|                            |1503
         Depends on|                            |1095
   Target Milestone|---                         |6-1.13.2
           Severity|enhancement                 |normal

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140317/3831240f/attachment.html>

From bugzilla-daemon at icedtea.classpath.org  Mon Mar 17 23:27:05 2014
From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org)
Date: Mon, 17 Mar 2014 23:27:05 +0000
Subject: [Bug 1503] [TRACKER] IcedTea6 1.14 Release
In-Reply-To: <bug-1503-30@http.icedtea.classpath.org/bugzilla/>
References: <bug-1503-30@http.icedtea.classpath.org/bugzilla/>
Message-ID: <bug-1503-30-F4piWJKOwG@http.icedtea.classpath.org/bugzilla/>

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1503

Andrew John Hughes <gnu.andrew at redhat.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
         Depends on|                            |1712

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140317/d0c1734a/attachment.html>

From bugzilla-daemon at icedtea.classpath.org  Mon Mar 17 23:28:42 2014
From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org)
Date: Mon, 17 Mar 2014 23:28:42 +0000
Subject: [Bug 1651] jvm crash
In-Reply-To: <bug-1651-30@http.icedtea.classpath.org/bugzilla/>
References: <bug-1651-30@http.icedtea.classpath.org/bugzilla/>
Message-ID: <bug-1651-30-0oHKqg1QTL@http.icedtea.classpath.org/bugzilla/>

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1651

Andrew John Hughes <gnu.andrew at redhat.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
            Version|unspecified                 |6-1.12.7
           Severity|critical                    |normal

--- Comment #1 from Andrew John Hughes <gnu.andrew at redhat.com> ---
Please provide information on how to reproduce this. As this is a failure in
system code, not the JDK, this looks like a bug elsewhere.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140317/03dc70f7/attachment.html>

From rt.ydwd at gmail.com  Tue Mar 18 07:58:03 2014
From: rt.ydwd at gmail.com (rt)
Date: Tue, 18 Mar 2014 13:28:03 +0530
Subject: [Bug 1656] New: PulseAudioSourceDataLine.stop() hangs intermittently
Message-ID: <CAMTVGzqeVCi5nTAmRsjG3byr6Fnnrcq0DyRY8ZkM6=h0F3=-xg@mail.gmail.com>

Hi,



I am using icedtea6-1.12.7 which packages pulse-java.jar, for
pulseaudio support. I have installed this on linux platform.

I got a java level deadlock in pulseaudio with logs as below :



Found one Java-level deadlock:

=============================

"pool-1-thread-483":

  waiting to lock monitor 0x0884fd08 (object 0x951abe90, a
java.lang.Object),

  which is held by "PulseAudio Eventloop Thread"

"PulseAudio Eventloop Thread":

  waiting to lock monitor 0x0884fd6c (object 0x94f39108, a
org.classpath.icedtea.pulseaudio.PulseAudioSourceDataLine),

  which is held by "Thread-353"

"Thread-353":

  waiting to lock monitor 0x0884fd08 (object 0x951abe90, a
java.lang.Object),

  which is held by "PulseAudio Eventloop Thread"



 It is similar to the bug [ Bug 1656 ] reported by Sascha Baumeister.

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1656



 I am not a java programmer. When can I expect this bug to be fixed? Can
you provide any patch or any fixes for this?



Thanks in Advance.



Regards,

Arati Yadawad
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140318/3c181811/attachment.html>

From aph at redhat.com  Tue Mar 18 09:44:33 2014
From: aph at redhat.com (Andrew Haley)
Date: Tue, 18 Mar 2014 09:44:33 +0000
Subject: AArch64 updates for icedtea7-forest
Message-ID: <53281581.60005@redhat.com>

All pretty straightforward, and hopefully uncontroversial.

Andrew.

-------------- next part --------------
comparing with ssh://icedtea.classpath.org/hg/icedtea7-forest/jdk
searching for changes
changeset:   7369:d6953869315d
user:        aph
date:        Mon Mar 17 17:17:43 2014 +0000
summary:     Set flags and defines for Aarch64.

diff -r 9341cc31ced6 -r d6953869315d make/common/shared/Platform.gmk
--- a/make/common/shared/Platform.gmk	Sat Mar 15 01:07:27 2014 +0000
+++ b/make/common/shared/Platform.gmk	Mon Mar 17 17:17:43 2014 +0000
@@ -224,6 +224,9 @@
       ifeq ($(ARCH), sh)
         ARCH_DATA_MODEL=32
       endif
+      ifeq ($(ARCH), aarch64)
+        ARCH_DATA_MODEL=64
+      endif
     endif
   endif
 
diff -r 9341cc31ced6 -r d6953869315d make/javax/sound/SoundDefs.gmk
--- a/make/javax/sound/SoundDefs.gmk	Sat Mar 15 01:07:27 2014 +0000
+++ b/make/javax/sound/SoundDefs.gmk	Mon Mar 17 17:17:43 2014 +0000
@@ -74,6 +74,10 @@
     CPPFLAGS += -DX_ARCH=X_AMD64
   endif # ARCH amd64
 
+  ifeq ($(ARCH), aarch64)
+    CPPFLAGS += -DX_ARCH=X_AARCH64
+  endif # ARCH amd64
+
   ifeq ($(ARCH), arm)
     CPPFLAGS += -DX_ARCH=X_ARM
   endif # ARCH arm

changeset:   7370:90cda5cd2340
user:        aph
date:        Mon Mar 17 17:56:51 2014 +0000
summary:     build system changes to enable aarch64 build

diff -r d6953869315d -r 90cda5cd2340 make/common/shared/Platform.gmk
--- a/make/common/shared/Platform.gmk	Mon Mar 17 17:17:43 2014 +0000
+++ b/make/common/shared/Platform.gmk	Mon Mar 17 17:56:51 2014 +0000
@@ -227,6 +227,9 @@
       ifeq ($(ARCH), aarch64)
         ARCH_DATA_MODEL=64
       endif
+      ifeq ($(ARCH), aarch64)
+        ARCH_DATA_MODEL=64
+      endif
     endif
   endif
 
diff -r d6953869315d -r 90cda5cd2340 make/java/main/java/mapfile-aarch64
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/make/java/main/java/mapfile-aarch64	Mon Mar 17 17:56:51 2014 +0000
@@ -0,0 +1,39 @@
+#
+# Copyright (c) 2004, 2011, Oracle and/or its affiliates. All rights reserved.
+# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+#
+# This code is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License version 2 only, as
+# published by the Free Software Foundation.  Oracle designates this
+# particular file as subject to the "Classpath" exception as provided
+# by Oracle in the LICENSE file that accompanied this code.
+#
+# This code is distributed in the hope that it will be useful, but WITHOUT
+# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+# FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+# version 2 for more details (a copy is included in the LICENSE file that
+# accompanied this code).
+#
+# You should have received a copy of the GNU General Public License version
+# 2 along with this work; if not, write to the Free Software Foundation,
+# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+# Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+# or visit www.oracle.com if you need additional information or have any
+# questions.
+#
+#
+# Specify what global symbols we export.  Note that we're not really
+# interested in declaring a version, simply scoping the file is sufficient.
+#
+
+SUNWprivate_1.1 {
+	global:
+		main;		# Provides basic adb symbol offsets
+		environ;	# Public symbols and required by Java run time
+		_environ;
+		__environ_lock;
+
+	local:
+		*;
+};
diff -r d6953869315d -r 90cda5cd2340 make/javax/sound/SoundDefs.gmk
--- a/make/javax/sound/SoundDefs.gmk	Mon Mar 17 17:17:43 2014 +0000
+++ b/make/javax/sound/SoundDefs.gmk	Mon Mar 17 17:56:51 2014 +0000
@@ -134,6 +134,10 @@
     CPPFLAGS += -DX_ARCH=X_AMD64
   endif # ARCH amd64
 
+  ifeq ($(ARCH), aarch64)
+    CPPFLAGS += -DX_ARCH=X_AARCH64
+  endif # ARCH amd64
+
   ifeq ($(ARCH), arm)
     CPPFLAGS += -DX_ARCH=X_ARM
   endif # ARCH arm
diff -r d6953869315d -r 90cda5cd2340 src/solaris/bin/aarch64/jvm.cfg
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/src/solaris/bin/aarch64/jvm.cfg	Mon Mar 17 17:56:51 2014 +0000
@@ -0,0 +1,36 @@
+# Copyright (c) 2011, Oracle and/or its affiliates. All rights reserved.
+# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+#
+# This code is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License version 2 only, as
+# published by the Free Software Foundation.  Oracle designates this
+# particular file as subject to the "Classpath" exception as provided
+# by Oracle in the LICENSE file that accompanied this code.
+#
+# This code is distributed in the hope that it will be useful, but WITHOUT
+# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+# FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+# version 2 for more details (a copy is included in the LICENSE file that
+# accompanied this code).
+#
+# You should have received a copy of the GNU General Public License version
+# 2 along with this work; if not, write to the Free Software Foundation,
+# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+# Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+# or visit www.oracle.com if you need additional information or have any
+# questions.
+#
+# List of JVMs that can be used as an option to java, javac, etc.
+# Order is important -- first in this list is the default JVM.
+# NOTE that this both this file and its format are UNSUPPORTED and
+# WILL GO AWAY in a future release.
+#
+# You may also select a JVM in an arbitrary location with the
+# "-XXaltjvm=<jvm_dir>" option, but that too is unsupported
+# and may not be available in a future release.
+#
+# n.b. server must be first so it is used as the default
+-server KNOWN
+-client ALIASED_TO -server
+-minimal ERROR

changeset:   7371:3fb69cddcafa
tag:         tip
user:        aph
date:        Mon Mar 17 14:45:30 2014 -0400
summary:     CFLAGS_REQUIRED for aarch64.

diff -r 90cda5cd2340 -r 3fb69cddcafa make/common/Defs-linux.gmk
--- a/make/common/Defs-linux.gmk	Mon Mar 17 17:56:51 2014 +0000
+++ b/make/common/Defs-linux.gmk	Mon Mar 17 14:45:30 2014 -0400
@@ -202,6 +202,7 @@
 LDFLAGS_COMMON_ppc64    += -m64 -L/lib64 -Wl,-melf64ppc
 CFLAGS_REQUIRED_s390    +=
 CFLAGS_REQUIRED_s390x   += -m64
+CFLAGS_REQUIRED_aarch64 += -fno-omit-frame-pointer -fsigned-char -D_LITTLE_ENDIAN
 CFLAGS_REQUIRED_sparcv9 += -m64 -mcpu=v9
 LDFLAGS_COMMON_sparcv9  += -m64 -mcpu=v9
 CFLAGS_REQUIRED_sparc   += -m32 -mcpu=v9



From omajid at redhat.com  Tue Mar 18 10:49:23 2014
From: omajid at redhat.com (Omair Majid)
Date: Tue, 18 Mar 2014 06:49:23 -0400
Subject: [Bug 1656] New: PulseAudioSourceDataLine.stop() hangs
	intermittently
In-Reply-To: <CAMTVGzqeVCi5nTAmRsjG3byr6Fnnrcq0DyRY8ZkM6=h0F3=-xg@mail.gmail.com>
References: <CAMTVGzqeVCi5nTAmRsjG3byr6Fnnrcq0DyRY8ZkM6=h0F3=-xg@mail.gmail.com>
Message-ID: <20140318104921.GA1977@redhat.com>

Hi,

* rt <rt.ydwd at gmail.com> [2014-03-18 03:58]:
> I am using icedtea6-1.12.7 which packages pulse-java.jar, for
> pulseaudio support. I have installed this on linux platform.

pulse-java.jar is mostly obsolete at this point.

Java should be able to make use of the userspace ALSA API which should
transparently pass through to PulseAudio (if your distribution
configures PulseAudio correctly):

Java -> ALSA (userspace) -> PulseAudio -> ALSA (kernel)

Can you try and remove pulse-java.jar and/or comment out the relevant
bits in the sound.properties file in the JRE?

To comment out the relevant parts in sound.properties file, just put a
'#' at the beginning of any line in that mentions
'org.classpath.icedtea.pulseaudio'.

> I got a java level deadlock in pulseaudio with logs as below :

Thanks for the info. I will take a look, but it wont be any time soon.

Thanks,
Omair

-- 
PGP Key: 66484681 (http://pgp.mit.edu/)
Fingerprint = F072 555B 0A17 3957 4E95  0056 F286 F14F 6648 4681

From ptisnovs at icedtea.classpath.org  Tue Mar 18 11:06:59 2014
From: ptisnovs at icedtea.classpath.org (ptisnovs at icedtea.classpath.org)
Date: Tue, 18 Mar 2014 11:06:59 +0000
Subject: /hg/gfx-test: Ten new tests added into BitBltBasicTests.
Message-ID: <hg.3a59e3b162a9.1395140819.-6248649288953172555@icedtea.classpath.org>

changeset 3a59e3b162a9 in /hg/gfx-test
details: http://icedtea.classpath.org/hg/gfx-test?cmd=changeset;node=3a59e3b162a9
author: Pavel Tisnovsky <ptisnovs at redhat.com>
date: Tue Mar 18 12:07:31 2014 +0100

	Ten new tests added into BitBltBasicTests.


diffstat:

 ChangeLog                                        |    5 +
 src/org/gfxtest/testsuites/BitBltBasicTests.java |  152 ++++++++++++++++++++++-
 2 files changed, 156 insertions(+), 1 deletions(-)

diffs (244 lines):

diff -r e459010f5534 -r 3a59e3b162a9 ChangeLog
--- a/ChangeLog	Mon Mar 17 11:47:56 2014 +0100
+++ b/ChangeLog	Tue Mar 18 12:07:31 2014 +0100
@@ -1,3 +1,8 @@
+2014-03-18  Pavel Tisnovsky  <ptisnovs at redhat.com>
+
+	* src/org/gfxtest/testsuites/BitBltBasicTests.java:
+	Ten new tests added into BitBltBasicTests.
+
 2014-03-17  Pavel Tisnovsky  <ptisnovs at redhat.com>
 
 	* src/org/gfxtest/framework/CommonBitmapOperations.java:
diff -r e459010f5534 -r 3a59e3b162a9 src/org/gfxtest/testsuites/BitBltBasicTests.java
--- a/src/org/gfxtest/testsuites/BitBltBasicTests.java	Mon Mar 17 11:47:56 2014 +0100
+++ b/src/org/gfxtest/testsuites/BitBltBasicTests.java	Tue Mar 18 12:07:31 2014 +0100
@@ -1,7 +1,7 @@
 /*
   Java gfx-test framework
 
-   Copyright (C) 2010, 2011, 2012, 2013  Red Hat
+   Copyright (C) 2010, 2011, 2012, 2013, 2014  Red Hat
 
 This file is part of IcedTea.
 
@@ -274,6 +274,21 @@
     }
 
     /**
+     * Test basic BitBlt operation for empty buffered image with type TYPE_CUSTOM.
+     *
+     * @param image
+     *            image used as a destination for BitBlt-type operations
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testBitBltEmptyBufferedImageTypeCustom(TestImage image, Graphics2D graphics2d)
+    {
+        // create new buffered image and then perform basic BitBlt test.
+        return CommonBitmapOperations.doBitBltTestWithEmptyImage(image, graphics2d, BufferedImage.TYPE_CUSTOM);
+    }
+
+    /**
      * Test basic BitBlt operation for checker buffered image with type TYPE_3BYTE_BGR.
      *
      * @param image
@@ -469,6 +484,21 @@
     }
 
     /**
+     * Test basic BitBlt operation for checker buffered image with type TYPE_CUSTOM.
+     *
+     * @param image
+     *            image used as a destination for BitBlt-type operations
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testBitBltCheckerBufferedImageTypeCustom(TestImage image, Graphics2D graphics2d)
+    {
+        // create new buffered image and then perform basic BitBlt test.
+        return CommonBitmapOperations.doBitBltTestWithCheckerImage(image, graphics2d, BufferedImage.TYPE_CUSTOM);
+    }
+
+    /**
      * Test basic BitBlt operation for diagonal checker buffered image with type TYPE_3BYTE_BGR.
      *
      * @param image
@@ -664,6 +694,21 @@
     }
 
     /**
+     * Test basic BitBlt operation for diagonal checker buffered image with type TYPE_CUSTOM.
+     *
+     * @param image
+     *            image used as a destination for BitBlt-type operations
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testBitBltDiagonalCheckerBufferedImageTypeCustom(TestImage image, Graphics2D graphics2d)
+    {
+        // create new buffered image and then perform basic BitBlt test.
+        return CommonBitmapOperations.doBitBltTestWithDiagonalCheckerImage(image, graphics2d, BufferedImage.TYPE_CUSTOM);
+    }
+
+    /**
      * Test basic BitBlt operation for grid buffered image with type TYPE_3BYTE_BGR.
      *
      * @param image
@@ -859,6 +904,21 @@
     }
 
     /**
+     * Test basic BitBlt operation for grid buffered image with type TYPE_CUSTOM.
+     *
+     * @param image
+     *            image used as a destination for BitBlt-type operations
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testBitBltGridBufferedImageTypeCustom(TestImage image, Graphics2D graphics2d)
+    {
+        // create new buffered image and then perform basic BitBlt test.
+        return CommonBitmapOperations.doBitBltTestWithGridImage(image, graphics2d, BufferedImage.TYPE_CUSTOM);
+    }
+
+    /**
      * Test basic BitBlt operation for diagonal grid buffered image with type TYPE_3BYTE_BGR.
      *
      * @param image
@@ -1055,6 +1115,21 @@
     }
 
     /**
+     * Test basic BitBlt operation for diagonal grid buffered image with type TYPE_CUSTOM.
+     *
+     * @param image
+     *            image used as a destination for BitBlt-type operations
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testBitBltDiagonalGridBufferedImageTypeCustom(TestImage image, Graphics2D graphics2d)
+    {
+        // create new buffered image and then perform basic BitBlt test.
+        return CommonBitmapOperations.doBitBltTestWithDiagonalGridImage(image, graphics2d, BufferedImage.TYPE_CUSTOM);
+    }
+
+    /**
      * Test basic BitBlt operation for horizontal stripes buffered image with type TYPE_3BYTE_BGR.
      *
      * @param image
@@ -1251,6 +1326,21 @@
     }
 
     /**
+     * Test basic BitBlt operation for horizontal stripes buffered image with type TYPE_CUSTOM.
+     *
+     * @param image
+     *            image used as a destination for BitBlt-type operations
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testBitBltHorizontalStripesBufferedImageTypeCustom(TestImage image, Graphics2D graphics2d)
+    {
+        // create new buffered image and then perform basic BitBlt test.
+        return CommonBitmapOperations.doBitBltTestWithHorizontalStripesImage(image, graphics2d, BufferedImage.TYPE_CUSTOM);
+    }
+
+    /**
      * Test basic BitBlt operation for vertical stripes buffered image with type TYPE_3BYTE_BGR.
      *
      * @param image
@@ -1447,6 +1537,21 @@
     }
 
     /**
+     * Test basic BitBlt operation for vertical stripes buffered image with type TYPE_CUSTOM.
+     *
+     * @param image
+     *            image used as a destination for BitBlt-type operations
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testBitBltVerticalStripesBufferedImageTypeCustom(TestImage image, Graphics2D graphics2d)
+    {
+        // create new buffered image and then perform basic BitBlt test.
+        return CommonBitmapOperations.doBitBltTestWithVerticalStripesImage(image, graphics2d, BufferedImage.TYPE_CUSTOM);
+    }
+
+    /**
      * Test basic BitBlt operation for diagonal stripes buffered image with type TYPE_3BYTE_BGR.
      *
      * @param image
@@ -1643,6 +1748,21 @@
     }
 
     /**
+     * Test basic BitBlt operation for diagonal stripes buffered image with type TYPE_CUSTOM.
+     *
+     * @param image
+     *            image used as a destination for BitBlt-type operations
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testBitBltDiagonalStripesBufferedImageTypeCustom(TestImage image, Graphics2D graphics2d)
+    {
+        // create new buffered image and then perform basic BitBlt test.
+        return CommonBitmapOperations.doBitBltTestWithDiagonalStripesImage(image, graphics2d, BufferedImage.TYPE_CUSTOM);
+    }
+
+    /**
      * Test basic BitBlt operation for horizontal color stripes buffered image with type TYPE_3BYTE_BGR.
      *
      * @param image
@@ -1840,6 +1960,21 @@
     }
 
     /**
+     * Test basic BitBlt operation for horizontal color stripes buffered image with type TYPE_CUSTOM.
+     *
+     * @param image
+     *            image used as a destination for BitBlt-type operations
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testBitBltHorizontalColorStripesBufferedImageTypeCustom(TestImage image, Graphics2D graphics2d)
+    {
+        // create new buffered image and then perform basic BitBlt test.
+        return CommonBitmapOperations.doBitBltTestWithHorizontalColorStripesImage(image, graphics2d, BufferedImage.TYPE_CUSTOM);
+    }
+
+    /**
      * Test basic BitBlt operation for vertical color stripes buffered image with type TYPE_3BYTE_BGR.
      *
      * @param image
@@ -2036,6 +2171,21 @@
     }
 
     /**
+     * Test basic BitBlt operation for vertical color stripes buffered image with type TYPE_CUSTOM.
+     *
+     * @param image
+     *            image used as a destination for BitBlt-type operations
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testBitBltVerticalColorStripesBufferedImageTypeCustom(TestImage image, Graphics2D graphics2d)
+    {
+        // create new buffered image and then perform basic BitBlt test.
+        return CommonBitmapOperations.doBitBltTestWithVerticalColorStripesImage(image, graphics2d, BufferedImage.TYPE_CUSTOM);
+    }
+
+    /**
      * Test basic BitBlt operation for diagonal color stripes buffered image with type TYPE_3BYTE_BGR.
      *
      * @param image

From ptisnovs at icedtea.classpath.org  Tue Mar 18 11:10:09 2014
From: ptisnovs at icedtea.classpath.org (ptisnovs at icedtea.classpath.org)
Date: Tue, 18 Mar 2014 11:10:09 +0000
Subject: /hg/rhino-tests: Added new test testGetResourceAsStreamNegativeT...
Message-ID: <hg.5ec49b1ba6af.1395141009.-6019694633368342460@icedtea.classpath.org>

changeset 5ec49b1ba6af in /hg/rhino-tests
details: http://icedtea.classpath.org/hg/rhino-tests?cmd=changeset;node=5ec49b1ba6af
author: Pavel Tisnovsky <ptisnovs at redhat.com>
date: Tue Mar 18 12:10:50 2014 +0100

	Added new test testGetResourceAsStreamNegativeTest into ScriptContextClassTest.


diffstat:

 ChangeLog                                      |   6 ++
 src/org/RhinoTests/ScriptContextClassTest.java |  63 +++++++++++++++++++++++++-
 2 files changed, 68 insertions(+), 1 deletions(-)

diffs (93 lines):

diff -r e21fefd231df -r 5ec49b1ba6af ChangeLog
--- a/ChangeLog	Mon Mar 17 11:54:49 2014 +0100
+++ b/ChangeLog	Tue Mar 18 12:10:50 2014 +0100
@@ -1,3 +1,9 @@
+2014-03-18  Pavel Tisnovsky  <ptisnovs at redhat.com>
+
+	* src/org/RhinoTests/ScriptContextClassTest.java:
+	Added new test testGetResourceAsStreamNegativeTest into
+	ScriptContextClassTest.
+
 2014-03-17  Pavel Tisnovsky  <ptisnovs at redhat.com>
 
 	* src/org/RhinoTests/CompiledScriptClassTest.java:
diff -r e21fefd231df -r 5ec49b1ba6af src/org/RhinoTests/ScriptContextClassTest.java
--- a/src/org/RhinoTests/ScriptContextClassTest.java	Mon Mar 17 11:54:49 2014 +0100
+++ b/src/org/RhinoTests/ScriptContextClassTest.java	Tue Mar 18 12:10:50 2014 +0100
@@ -1,7 +1,7 @@
 /*
   Rhino test framework
 
-   Copyright (C) 2011, 2012, 2013  Red Hat
+   Copyright (C) 2011, 2012, 2013, 2014  Red Hat
 
 This file is part of IcedTea.
 
@@ -2002,6 +2002,67 @@
     }
 
     /**
+     * Test for method javax.script.ScriptContext.getClass().getResourceAsStreamNegativeTest()
+     */
+    protected void testGetResourceAsStreamNegativeTest() {
+        Object stream = null;
+        stream = this.scriptContextClass.getResourceAsStream("/org/RhinoTests/AbstractScriptEngineClassTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/AbstractScriptEngineClassTest.class\") returns null");
+        stream = this.scriptContextClass.getResourceAsStream("/org/RhinoTests/BaseRhinoTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/BaseRhinoTest.class\") returns null");
+        stream = this.scriptContextClass.getResourceAsStream("/org/RhinoTests/BindingsClassTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/BindingsClassTest.class\") returns null");
+        stream = this.scriptContextClass.getResourceAsStream("/org/RhinoTests/BindingsTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/BindingsTest.class\") returns null");
+        stream = this.scriptContextClass.getResourceAsStream("/org/RhinoTests/CompilableClassTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/CompilableClassTest.class\") returns null");
+        stream = this.scriptContextClass.getResourceAsStream("/org/RhinoTests/CompilableTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/CompilableTest.class\") returns null");
+        stream = this.scriptContextClass.getResourceAsStream("/org/RhinoTests/CompiledScriptClassTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/CompiledScriptClassTest.class\") returns null");
+        stream = this.scriptContextClass.getResourceAsStream("/org/RhinoTests/CompiledScriptTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/CompiledScriptTest.class\") returns null");
+        stream = this.scriptContextClass.getResourceAsStream("/org/RhinoTests/Constants.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/Constants.class\") returns null");
+        stream = this.scriptContextClass.getResourceAsStream("/org/RhinoTests/InvocableClassTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/InvocableClassTest.class\") returns null");
+        stream = this.scriptContextClass.getResourceAsStream("/org/RhinoTests/InvocableTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/InvocableTest.class\") returns null");
+        stream = this.scriptContextClass.getResourceAsStream("/org/RhinoTests/JavaScriptSnippets.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/JavaScriptSnippets.class\") returns null");
+        stream = this.scriptContextClass.getResourceAsStream("/org/RhinoTests/JavaScriptsTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/JavaScriptsTest.class\") returns null");
+        stream = this.scriptContextClass.getResourceAsStream("/org/RhinoTests/ScriptContextClassTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/ScriptContextClassTest.class\") returns null");
+        stream = this.scriptContextClass.getResourceAsStream("/org/RhinoTests/ScriptContextTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/ScriptContextTest.class\") returns null");
+        stream = this.scriptContextClass.getResourceAsStream("/org/RhinoTests/ScriptEngineClassTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/ScriptEngineClassTest.class\") returns null");
+        stream = this.scriptContextClass.getResourceAsStream("/org/RhinoTests/ScriptEngineFactoryClassTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/ScriptEngineFactoryClassTest.class\") returns null");
+        stream = this.scriptContextClass.getResourceAsStream("/org/RhinoTests/ScriptEngineFactoryTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/ScriptEngineFactoryTest.class\") returns null");
+        stream = this.scriptContextClass.getResourceAsStream("/org/RhinoTests/ScriptEngineManagerClassTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/ScriptEngineManagerClassTest.class\") returns null");
+        stream = this.scriptContextClass.getResourceAsStream("/org/RhinoTests/ScriptEngineManagerTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/ScriptEngineManagerTest.class\") returns null");
+        stream = this.scriptContextClass.getResourceAsStream("/org/RhinoTests/ScriptEngineTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/ScriptEngineTest.class\") returns null");
+        stream = this.scriptContextClass.getResourceAsStream("/org/RhinoTests/ScriptExceptionClassTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/ScriptExceptionClassTest.class\") returns null");
+        stream = this.scriptContextClass.getResourceAsStream("/org/RhinoTests/ScriptExceptionTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/ScriptExceptionTest.class\") returns null");
+        stream = this.scriptContextClass.getResourceAsStream("/org/RhinoTests/SimpleBindingsClassTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/SimpleBindingsClassTest.class\") returns null");
+        stream = this.scriptContextClass.getResourceAsStream("/org/RhinoTests/SimpleBindingsTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/SimpleBindingsTest.class\") returns null");
+        stream = this.scriptContextClass.getResourceAsStream("/org/RhinoTests/SimpleScriptContextClassTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/SimpleScriptContextClassTest.class\") returns null");
+        stream = this.scriptContextClass.getResourceAsStream("/org/RhinoTests/SimpleScriptContextTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/SimpleScriptContextTest.class\") returns null");
+    }
+
+    /**
      * Test for instanceof operator applied to a class javax.script.ScriptContext
      */
     @SuppressWarnings("cast")

From adinn at redhat.com  Tue Mar 18 11:30:58 2014
From: adinn at redhat.com (Andrew Dinn)
Date: Tue, 18 Mar 2014 11:30:58 +0000
Subject: AArch64 updates for icedtea7-forest
In-Reply-To: <53281581.60005@redhat.com>
References: <53281581.60005@redhat.com>
Message-ID: <53282E72.9020209@redhat.com>

On 18/03/14 09:44, Andrew Haley wrote:
> All pretty straightforward, and hopefully uncontroversial.

Looks good.

In fact looks very like what I did to the jdk7u60 tree :-)

regards,


Andrew Dinn
-----------


From gnu.andrew at redhat.com  Tue Mar 18 16:09:24 2014
From: gnu.andrew at redhat.com (Andrew Hughes)
Date: Tue, 18 Mar 2014 12:09:24 -0400 (EDT)
Subject: AArch64 updates for icedtea7-forest
In-Reply-To: <53281581.60005@redhat.com>
References: <53281581.60005@redhat.com>
Message-ID: <1908401362.1125092.1395158964246.JavaMail.zimbra@redhat.com>

----- Original Message -----
> All pretty straightforward, and hopefully uncontroversial.
> 
> Andrew.
> 
> 

How did you generate this file?

There's some clear duplication here:

diff -r d6953869315d -r 90cda5cd2340 make/common/shared/Platform.gmk
--- a/make/common/shared/Platform.gmk	Mon Mar 17 17:17:43 2014 +0000
+++ b/make/common/shared/Platform.gmk	Mon Mar 17 17:56:51 2014 +0000
@@ -227,6 +227,9 @@
       ifeq ($(ARCH), aarch64)
         ARCH_DATA_MODEL=64
       endif
+      ifeq ($(ARCH), aarch64)
+        ARCH_DATA_MODEL=64
+      endif
     endif
   endif

repeating what was done earlier in the patch. Also:

diff -r d6953869315d -r 90cda5cd2340 make/javax/sound/SoundDefs.gmk
--- a/make/javax/sound/SoundDefs.gmk	Mon Mar 17 17:17:43 2014 +0000
+++ b/make/javax/sound/SoundDefs.gmk	Mon Mar 17 17:56:51 2014 +0000
@@ -134,6 +134,10 @@
     CPPFLAGS += -DX_ARCH=X_AMD64
   endif # ARCH amd64
 
+  ifeq ($(ARCH), aarch64)
+    CPPFLAGS += -DX_ARCH=X_AARCH64
+  endif # ARCH amd64
+
   ifeq ($(ARCH), arm)
     CPPFLAGS += -DX_ARCH=X_ARM
   endif # ARCH arm

was already added by PR1551: Add build support for Zero AArch64.

It's not clear why this is 3 separate changesets when one would suffice.
-- 
Andrew :)

Free Java Software Engineer
Red Hat, Inc. (http://www.redhat.com)

PGP Key: 248BDC07 (https://keys.indymedia.org/)
Fingerprint = EC5A 1F5E C0AD 1D15 8F1F  8F91 3B96 A578 248B DC07


From aph at redhat.com  Tue Mar 18 16:11:13 2014
From: aph at redhat.com (Andrew Haley)
Date: Tue, 18 Mar 2014 16:11:13 +0000
Subject: AArch64 updates for icedtea7-forest
In-Reply-To: <1908401362.1125092.1395158964246.JavaMail.zimbra@redhat.com>
References: <53281581.60005@redhat.com>
	<1908401362.1125092.1395158964246.JavaMail.zimbra@redhat.com>
Message-ID: <53287021.2090802@redhat.com>

On 03/18/2014 04:09 PM, Andrew Hughes wrote:
> ----- Original Message -----
>> All pretty straightforward, and hopefully uncontroversial.
>>
>> Andrew.
>>
>>
> 
> How did you generate this file?
> 
> There's some clear duplication here:
> 
> diff -r d6953869315d -r 90cda5cd2340 make/common/shared/Platform.gmk
> --- a/make/common/shared/Platform.gmk	Mon Mar 17 17:17:43 2014 +0000
> +++ b/make/common/shared/Platform.gmk	Mon Mar 17 17:56:51 2014 +0000
> @@ -227,6 +227,9 @@
>        ifeq ($(ARCH), aarch64)
>          ARCH_DATA_MODEL=64
>        endif
> +      ifeq ($(ARCH), aarch64)
> +        ARCH_DATA_MODEL=64
> +      endif
>      endif
>    endif
> 
> repeating what was done earlier in the patch.

Strange.  I'll have another look.

> Also:
> 
> diff -r d6953869315d -r 90cda5cd2340 make/javax/sound/SoundDefs.gmk
> --- a/make/javax/sound/SoundDefs.gmk	Mon Mar 17 17:17:43 2014 +0000
> +++ b/make/javax/sound/SoundDefs.gmk	Mon Mar 17 17:56:51 2014 +0000
> @@ -134,6 +134,10 @@
>      CPPFLAGS += -DX_ARCH=X_AMD64
>    endif # ARCH amd64
>  
> +  ifeq ($(ARCH), aarch64)
> +    CPPFLAGS += -DX_ARCH=X_AARCH64
> +  endif # ARCH amd64
> +
>    ifeq ($(ARCH), arm)
>      CPPFLAGS += -DX_ARCH=X_ARM
>    endif # ARCH arm
> 
> was already added by PR1551: Add build support for Zero AArch64.

Even stranger.

> It's not clear why this is 3 separate changesets when one would suffice.

It's a workflow thing: these are separate patches from upstream,
written at different times.

I'll have a look and adjust as appropriate.

Andrew.



From aph at redhat.com  Tue Mar 18 16:20:49 2014
From: aph at redhat.com (Andrew Haley)
Date: Tue, 18 Mar 2014 16:20:49 +0000
Subject: AArch64 updates for icedtea7-forest
In-Reply-To: <1908401362.1125092.1395158964246.JavaMail.zimbra@redhat.com>
References: <53281581.60005@redhat.com>
	<1908401362.1125092.1395158964246.JavaMail.zimbra@redhat.com>
Message-ID: <53287261.2080706@redhat.com>

On 03/18/2014 04:09 PM, Andrew Hughes wrote:
> diff -r d6953869315d -r 90cda5cd2340 make/javax/sound/SoundDefs.gmk
> --- a/make/javax/sound/SoundDefs.gmk	Mon Mar 17 17:17:43 2014 +0000
> +++ b/make/javax/sound/SoundDefs.gmk	Mon Mar 17 17:56:51 2014 +0000
> @@ -134,6 +134,10 @@
>      CPPFLAGS += -DX_ARCH=X_AMD64
>    endif # ARCH amd64
>  
> +  ifeq ($(ARCH), aarch64)
> +    CPPFLAGS += -DX_ARCH=X_AARCH64
> +  endif # ARCH amd64
> +
>    ifeq ($(ARCH), arm)
>      CPPFLAGS += -DX_ARCH=X_ARM
>    endif # ARCH arm
> 
> was already added by PR1551: Add build support for Zero AArch64.

That files seems to be a bit mad, with duplicate entries for AMD64.

I'll remove the duplicated AArch64 entries.

Andrew.


From bugzilla-daemon at icedtea.classpath.org  Tue Mar 18 16:22:49 2014
From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org)
Date: Tue, 18 Mar 2014 16:22:49 +0000
Subject: [Bug 1713] New: [IcedTea7] Support AArch64 Port
Message-ID: <bug-1713-30@http.icedtea.classpath.org/bugzilla/>

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1713

            Bug ID: 1713
           Summary: [IcedTea7] Support AArch64 Port
           Product: IcedTea
           Version: 7-hg
          Hardware: aarch64
                OS: Linux
            Status: NEW
          Severity: enhancement
          Priority: P5
         Component: IcedTea
          Assignee: gnu.andrew at redhat.com
          Reporter: gnu.andrew at redhat.com
                CC: unassigned at icedtea.classpath.org

Add necessary JDK changes to IcedTea tree to build the AArch64 port, and
provide the aarch64 HotSpot as a build option.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140318/767083b0/attachment.html>

From gnu.andrew at redhat.com  Tue Mar 18 16:29:02 2014
From: gnu.andrew at redhat.com (Andrew Hughes)
Date: Tue, 18 Mar 2014 12:29:02 -0400 (EDT)
Subject: AArch64 updates for icedtea7-forest
In-Reply-To: <53287261.2080706@redhat.com>
References: <53281581.60005@redhat.com>
	<1908401362.1125092.1395158964246.JavaMail.zimbra@redhat.com>
	<53287261.2080706@redhat.com>
Message-ID: <1499782363.1131897.1395160142472.JavaMail.zimbra@redhat.com>



----- Original Message -----
> On 03/18/2014 04:09 PM, Andrew Hughes wrote:
> > diff -r d6953869315d -r 90cda5cd2340 make/javax/sound/SoundDefs.gmk
> > --- a/make/javax/sound/SoundDefs.gmk	Mon Mar 17 17:17:43 2014 +0000
> > +++ b/make/javax/sound/SoundDefs.gmk	Mon Mar 17 17:56:51 2014 +0000
> > @@ -134,6 +134,10 @@
> >      CPPFLAGS += -DX_ARCH=X_AMD64
> >    endif # ARCH amd64
> >  
> > +  ifeq ($(ARCH), aarch64)
> > +    CPPFLAGS += -DX_ARCH=X_AARCH64
> > +  endif # ARCH amd64
> > +
> >    ifeq ($(ARCH), arm)
> >      CPPFLAGS += -DX_ARCH=X_ARM
> >    endif # ARCH arm
> > 
> > was already added by PR1551: Add build support for Zero AArch64.
> 
> That files seems to be a bit mad, with duplicate entries for AMD64.
> 
> I'll remove the duplicated AArch64 entries.
> 
> Andrew.
> 
> 

It's ok. Just about to push a cleanup of this.
-- 
Andrew :)

Free Java Software Engineer
Red Hat, Inc. (http://www.redhat.com)

PGP Key: 248BDC07 (https://keys.indymedia.org/)
Fingerprint = EC5A 1F5E C0AD 1D15 8F1F  8F91 3B96 A578 248B DC07


From adinn at redhat.com  Tue Mar 18 16:42:36 2014
From: adinn at redhat.com (Andrew Dinn)
Date: Tue, 18 Mar 2014 16:42:36 +0000
Subject: AArch64 updates for icedtea7-forest
In-Reply-To: <53287261.2080706@redhat.com>
References: <53281581.60005@redhat.com>
	<1908401362.1125092.1395158964246.JavaMail.zimbra@redhat.com>
	<53287261.2080706@redhat.com>
Message-ID: <5328777C.3080806@redhat.com>


On 18/03/14 16:20, Andrew Haley wrote:
> On 03/18/2014 04:09 PM, Andrew Hughes wrote:
>> diff -r d6953869315d -r 90cda5cd2340 make/javax/sound/SoundDefs.gmk
>> --- a/make/javax/sound/SoundDefs.gmk	Mon Mar 17 17:17:43 2014 +0000
>> +++ b/make/javax/sound/SoundDefs.gmk	Mon Mar 17 17:56:51 2014 +0000
>> @@ -134,6 +134,10 @@
>>      CPPFLAGS += -DX_ARCH=X_AMD64
>>    endif # ARCH amd64
>>  
>> +  ifeq ($(ARCH), aarch64)
>> +    CPPFLAGS += -DX_ARCH=X_AARCH64
>> +  endif # ARCH amd64
>> +
>>    ifeq ($(ARCH), arm)
>>      CPPFLAGS += -DX_ARCH=X_ARM
>>    endif # ARCH arm
>>
>> was already added by PR1551: Add build support for Zero AArch64.
> 
> That files seems to be a bit mad, with duplicate entries for AMD64.
> 
> I'll remove the duplicated AArch64 entries.

Hmm, I was assuming that adding support for our AArch64 JVM would break
support for Zero AArch64. That's maybe not a bad thing but is it intended?

regards,


Andrew Dinn
-----------


From aph at redhat.com  Tue Mar 18 16:45:03 2014
From: aph at redhat.com (Andrew Haley)
Date: Tue, 18 Mar 2014 16:45:03 +0000
Subject: AArch64 updates for icedtea7-forest
In-Reply-To: <5328777C.3080806@redhat.com>
References: <53281581.60005@redhat.com>
	<1908401362.1125092.1395158964246.JavaMail.zimbra@redhat.com>
	<53287261.2080706@redhat.com> <5328777C.3080806@redhat.com>
Message-ID: <5328780F.4000608@redhat.com>

On 03/18/2014 04:42 PM, Andrew Dinn wrote:
> Hmm, I was assuming that adding support for our AArch64 JVM would break
> support for Zero AArch64. That's maybe not a bad thing but is it intended?

Does anyone care?  It might, I suppose, but ATM can't see why it would.

Andrew.


From bugzilla-daemon at icedtea.classpath.org  Tue Mar 18 16:46:47 2014
From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org)
Date: Tue, 18 Mar 2014 16:46:47 +0000
Subject: [Bug 1714] New: [IcedTea6] Update PaX support to detect running PaX
	kernel and use newer tools
Message-ID: <bug-1714-30@http.icedtea.classpath.org/bugzilla/>

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1714

            Bug ID: 1714
           Summary: [IcedTea6] Update PaX support to detect running PaX
                    kernel and use newer tools
           Product: IcedTea
           Version: 7-hg
          Hardware: all
                OS: All
            Status: NEW
          Severity: normal
          Priority: P5
         Component: IcedTea
          Assignee: gnu.andrew at redhat.com
          Reporter: gnu.andrew at redhat.com
                CC: unassigned at icedtea.classpath.org

Clone of PR1677 for IcedTea 1.x.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140318/f5a93952/attachment.html>

From bugzilla-daemon at icedtea.classpath.org  Tue Mar 18 16:47:03 2014
From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org)
Date: Tue, 18 Mar 2014 16:47:03 +0000
Subject: [Bug 1714] [IcedTea6] Update PaX support to detect running PaX
	kernel and use newer tools
In-Reply-To: <bug-1714-30@http.icedtea.classpath.org/bugzilla/>
References: <bug-1714-30@http.icedtea.classpath.org/bugzilla/>
Message-ID: <bug-1714-30-r6YOlBABVT@http.icedtea.classpath.org/bugzilla/>

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1714

Andrew John Hughes <gnu.andrew at redhat.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |ASSIGNED
            Version|7-hg                        |6-hg
   Target Milestone|---                         |6-1.13.2

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140318/cc5e7c3e/attachment-0001.html>

From bugzilla-daemon at icedtea.classpath.org  Tue Mar 18 16:53:32 2014
From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org)
Date: Tue, 18 Mar 2014 16:53:32 +0000
Subject: [Bug 1713] [IcedTea7] Support AArch64 Port
In-Reply-To: <bug-1713-30@http.icedtea.classpath.org/bugzilla/>
References: <bug-1713-30@http.icedtea.classpath.org/bugzilla/>
Message-ID: <bug-1713-30-PIpOOHHSkC@http.icedtea.classpath.org/bugzilla/>

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1713

--- Comment #1 from hg commits <mercurial at icedtea.classpath.org> ---
details:
http://icedtea.classpath.org//hg/icedtea7-forest/jdk?cmd=changeset;node=b7b1a66665ce
author: andrew
date: Tue Mar 18 16:51:52 2014 +0000

    PR1713: Support AArch64 Port
    Summary: Cleanup settings in SoundDefs.gmk, Platform.gmk and
Defs-linux.gmk.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140318/87d9d4f7/attachment.html>

From naaman at heroku.com  Tue Mar 18 16:54:14 2014
From: naaman at heroku.com (Naaman Newbold)
Date: Tue, 18 Mar 2014 09:54:14 -0700
Subject: IcedTea for Java 8
Message-ID: <CABwiNDvLVDtLFt1GKZ9Ue+Twp9f1Ndy+4WyGPNcN2CmAwgk9xQ@mail.gmail.com>

Pardon the interruption, but are there plans for IcedTea support for Java 8?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140318/069e8247/attachment.html>

From gnu.andrew at redhat.com  Tue Mar 18 17:00:49 2014
From: gnu.andrew at redhat.com (Andrew Hughes)
Date: Tue, 18 Mar 2014 13:00:49 -0400 (EDT)
Subject: AArch64 updates for icedtea7-forest
In-Reply-To: <5328780F.4000608@redhat.com>
References: <53281581.60005@redhat.com>
	<1908401362.1125092.1395158964246.JavaMail.zimbra@redhat.com>
	<53287261.2080706@redhat.com> <5328777C.3080806@redhat.com>
	<5328780F.4000608@redhat.com>
Message-ID: <715242145.1143376.1395162049091.JavaMail.zimbra@redhat.com>

----- Original Message -----
> On 03/18/2014 04:42 PM, Andrew Dinn wrote:
> > Hmm, I was assuming that adding support for our AArch64 JVM would break
> > support for Zero AArch64. That's maybe not a bad thing but is it intended?
> 
> Does anyone care?  It might, I suppose, but ATM can't see why it would.
> 

I can't see why it would. x86 & amd64 already work for both Zero and non-Zero builds.

As you can see in the cleanup I just pushed:

http://icedtea.classpath.org/hg/icedtea7-forest/jdk/rev/b7b1a66665ce

Most of the changes are duplicated by Zero AArch64 support; the Platform.gmk & SoundDefs.gmk
changes were already present so I've removed them and also reordered things so they are again
listed alphabetically.

The only changes specific to the AArch64 port are the new jvm.cfg and mapfile, as well as
the CFLAGS (Zero sets its own):

ifeq ($(ZERO_BUILD), true)
  CFLAGS_REQUIRED       =  $(ZERO_ARCHFLAG)
  ifeq ($(ZERO_ENDIANNESS), little)
    CFLAGS_REQUIRED     += -D_LITTLE_ENDIAN
  endif
  LDFLAGS_COMMON        += $(ZERO_ARCHFLAG)
else
  CFLAGS_REQUIRED       =  $(CFLAGS_REQUIRED_$(ARCH))
  LDFLAGS_COMMON        += $(LDFLAGS_COMMON_$(ARCH))
endif

So I don't see how the AArch64 port changes will have any effect on Zero.

> Andrew.
> 
> 

-- 
Andrew :)

Free Java Software Engineer
Red Hat, Inc. (http://www.redhat.com)

PGP Key: 248BDC07 (https://keys.indymedia.org/)
Fingerprint = EC5A 1F5E C0AD 1D15 8F1F  8F91 3B96 A578 248B DC07


From xerxes at zafena.se  Tue Mar 18 17:19:27 2014
From: xerxes at zafena.se (=?ISO-8859-1?Q?Xerxes_R=E5nby?=)
Date: Tue, 18 Mar 2014 18:19:27 +0100
Subject: IcedTea for Java 8
In-Reply-To: <CABwiNDvLVDtLFt1GKZ9Ue+Twp9f1Ndy+4WyGPNcN2CmAwgk9xQ@mail.gmail.com>
References: <CABwiNDvLVDtLFt1GKZ9Ue+Twp9f1Ndy+4WyGPNcN2CmAwgk9xQ@mail.gmail.com>
Message-ID: <5328801F.2000409@zafena.se>

2014-03-18 17:54, Naaman Newbold skrev:
> Pardon the interruption, but are there plans for IcedTea support for Java 8?


The following hg currently builds OpenJDK 8 using IcedTea 3.
http://icedtea.classpath.org/hg/icedtea/

IcedTea 3 with OpenJDK 8 support is still unreleased.

Cheers
Xerxes

From gnu.andrew at redhat.com  Tue Mar 18 17:32:31 2014
From: gnu.andrew at redhat.com (Andrew Hughes)
Date: Tue, 18 Mar 2014 13:32:31 -0400 (EDT)
Subject: IcedTea for Java 8
In-Reply-To: <5328801F.2000409@zafena.se>
References: <CABwiNDvLVDtLFt1GKZ9Ue+Twp9f1Ndy+4WyGPNcN2CmAwgk9xQ@mail.gmail.com>
	<5328801F.2000409@zafena.se>
Message-ID: <138136840.1167292.1395163951941.JavaMail.zimbra@redhat.com>

----- Original Message -----
> 2014-03-18 17:54, Naaman Newbold skrev:
> > Pardon the interruption, but are there plans for IcedTea support for Java
> > 8?
> 
> 
> The following hg currently builds OpenJDK 8 using IcedTea 3.
> http://icedtea.classpath.org/hg/icedtea/
> 
> IcedTea 3 with OpenJDK 8 support is still unreleased.
> 
> Cheers
> Xerxes
> 

Yes, we'll have a 3.0 release eventually, probably based on u20. Currently,
6 & 7 occupy most of our time as this is what people are actively using.

We do plan to scale back 6 & 7 support soon to allow more resources for 8;
more on this to come.
-- 
Andrew :)

Free Java Software Engineer
Red Hat, Inc. (http://www.redhat.com)

PGP Key: 248BDC07 (https://keys.indymedia.org/)
Fingerprint = EC5A 1F5E C0AD 1D15 8F1F  8F91 3B96 A578 248B DC07


From andrew at icedtea.classpath.org  Tue Mar 18 17:34:13 2014
From: andrew at icedtea.classpath.org (andrew at icedtea.classpath.org)
Date: Tue, 18 Mar 2014 17:34:13 +0000
Subject: /hg/release/icedtea7-forest-2.4/jdk: PR1713: Support AArch64 Port
Message-ID: <hg.1e3bd243269a.1395164053.9040506844232929411@icedtea.classpath.org>

changeset 1e3bd243269a in /hg/release/icedtea7-forest-2.4/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/jdk?cmd=changeset;node=1e3bd243269a
author: aph
date: Tue Mar 18 17:10:07 2014 +0000

	PR1713: Support AArch64 Port
	Summary: CFLAGS_REQUIRED and build system changes for AArch64 port.


diffstat:

 make/common/Defs-linux.gmk          |   9 +++----
 make/java/main/java/mapfile-aarch64 |  39 +++++++++++++++++++++++++++++++++++++
 make/javax/sound/SoundDefs.gmk      |  28 +++++++------------------
 src/solaris/bin/aarch64/jvm.cfg     |  36 ++++++++++++++++++++++++++++++++++
 4 files changed, 87 insertions(+), 25 deletions(-)

diffs (169 lines):

diff -r cf842ff5dba2 -r 1e3bd243269a make/common/Defs-linux.gmk
--- a/make/common/Defs-linux.gmk	Mon Mar 17 16:37:23 2014 +0000
+++ b/make/common/Defs-linux.gmk	Tue Mar 18 17:10:07 2014 +0000
@@ -188,26 +188,25 @@
 #    We need this frame pointer to make it easy to walk the stacks.
 #    This should be the default on X86, but ia64 and amd64 may not have this
 #    as the default.
+CFLAGS_REQUIRED_aarch64 += -fno-omit-frame-pointer -fsigned-char -D_LITTLE_ENDIAN
 CFLAGS_REQUIRED_alpha   += -mieee -D_LITTLE_ENDIAN
 CFLAGS_REQUIRED_amd64   += -fno-omit-frame-pointer -D_LITTLE_ENDIAN
-CFLAGS_REQUIRED_arm     += -D_LITTLE_ENDIAN
+CFLAGS_REQUIRED_arm     += -D_LITTLE_ENDIAN -fsigned-char -D_LITTLE_ENDIAN
 CFLAGS_REQUIRED_hppa    +=
 CFLAGS_REQUIRED_i586    += -fno-omit-frame-pointer -D_LITTLE_ENDIAN
 CFLAGS_REQUIRED_ia64    += -fno-omit-frame-pointer -D_LITTLE_ENDIAN
 CFLAGS_REQUIRED_m68k    +=
 CFLAGS_REQUIRED_mips    +=
 CFLAGS_REQUIRED_mipsel  += -D_LITTLE_ENDIAN
-CFLAGS_REQUIRED_ppc     += -m32
+CFLAGS_REQUIRED_ppc     += -m32 -fsigned-char -D_BIG_ENDIAN
 CFLAGS_REQUIRED_ppc64   += -m64
 CFLAGS_REQUIRED_s390    +=
 CFLAGS_REQUIRED_s390x   += -m64
+CFLAGS_REQUIRED_sh      += -mieee
 CFLAGS_REQUIRED_sparcv9 += -m64 -mcpu=v9
 LDFLAGS_COMMON_sparcv9  += -m64 -mcpu=v9
 CFLAGS_REQUIRED_sparc   += -m32 -mcpu=v9
 LDFLAGS_COMMON_sparc    += -m32 -mcpu=v9
-CFLAGS_REQUIRED_arm     += -fsigned-char -D_LITTLE_ENDIAN
-CFLAGS_REQUIRED_ppc     += -fsigned-char -D_BIG_ENDIAN
-CFLAGS_REQUIRED_sh      += -mieee
 ifeq ($(ZERO_BUILD), true)
   CFLAGS_REQUIRED       =  $(ZERO_ARCHFLAG)
   ifeq ($(ZERO_ENDIANNESS), little)
diff -r cf842ff5dba2 -r 1e3bd243269a make/java/main/java/mapfile-aarch64
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/make/java/main/java/mapfile-aarch64	Tue Mar 18 17:10:07 2014 +0000
@@ -0,0 +1,39 @@
+#
+# Copyright (c) 2004, 2011, Oracle and/or its affiliates. All rights reserved.
+# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+#
+# This code is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License version 2 only, as
+# published by the Free Software Foundation.  Oracle designates this
+# particular file as subject to the "Classpath" exception as provided
+# by Oracle in the LICENSE file that accompanied this code.
+#
+# This code is distributed in the hope that it will be useful, but WITHOUT
+# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+# FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+# version 2 for more details (a copy is included in the LICENSE file that
+# accompanied this code).
+#
+# You should have received a copy of the GNU General Public License version
+# 2 along with this work; if not, write to the Free Software Foundation,
+# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+# Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+# or visit www.oracle.com if you need additional information or have any
+# questions.
+#
+#
+# Specify what global symbols we export.  Note that we're not really
+# interested in declaring a version, simply scoping the file is sufficient.
+#
+
+SUNWprivate_1.1 {
+	global:
+		main;		# Provides basic adb symbol offsets
+		environ;	# Public symbols and required by Java run time
+		_environ;
+		__environ_lock;
+
+	local:
+		*;
+};
diff -r cf842ff5dba2 -r 1e3bd243269a make/javax/sound/SoundDefs.gmk
--- a/make/javax/sound/SoundDefs.gmk	Mon Mar 17 16:37:23 2014 +0000
+++ b/make/javax/sound/SoundDefs.gmk	Tue Mar 18 17:10:07 2014 +0000
@@ -62,6 +62,10 @@
 ifeq ($(ZERO_BUILD), true)
   CPPFLAGS += -DX_ARCH=X_ZERO
 else
+  ifeq ($(ARCH), aarch64)
+    CPPFLAGS += -DX_ARCH=X_AARCH64
+  endif # ARCH amd64
+
   ifeq ($(ARCH), alpha)
     CPPFLAGS += -DX_ARCH=X_ALPHA
   endif # ARCH alpha
@@ -110,6 +114,10 @@
     CPPFLAGS += -DX_ARCH=X_S390X
   endif # ARCH s390x
 
+  ifeq ($(ARCH), sh)
+    CPPFLAGS += -DX_ARCH=X_SH
+  endif # ARCH Renesas SuperH(sh)
+
   ifeq ($(ARCH), sparc)
     CPPFLAGS += -DX_ARCH=X_SPARC
   endif # ARCH sparc
@@ -118,26 +126,6 @@
     CPPFLAGS += -DX_ARCH=X_SPARCV9
   endif # ARCH sparcv9
 
-  ifeq ($(ARCH), aarch64)
-    CPPFLAGS += -DX_ARCH=X_AARCH64
-  endif # ARCH aarch64
-
-  ifeq ($(ARCH), amd64)
-    CPPFLAGS += -DX_ARCH=X_AMD64
-  endif # ARCH amd64
-
-  ifeq ($(ARCH), arm)
-    CPPFLAGS += -DX_ARCH=X_ARM
-  endif # ARCH arm
-
-  ifeq ($(ARCH), ppc)
-    CPPFLAGS += -DX_ARCH=X_PPC
-  endif # ARCH ppc
-
-  ifeq ($(ARCH), sh)
-    CPPFLAGS += -DX_ARCH=X_SH
-  endif # ARCH Renesas SuperH(sh)
-
 endif
 
 
diff -r cf842ff5dba2 -r 1e3bd243269a src/solaris/bin/aarch64/jvm.cfg
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/src/solaris/bin/aarch64/jvm.cfg	Tue Mar 18 17:10:07 2014 +0000
@@ -0,0 +1,36 @@
+# Copyright (c) 2011, Oracle and/or its affiliates. All rights reserved.
+# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+#
+# This code is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License version 2 only, as
+# published by the Free Software Foundation.  Oracle designates this
+# particular file as subject to the "Classpath" exception as provided
+# by Oracle in the LICENSE file that accompanied this code.
+#
+# This code is distributed in the hope that it will be useful, but WITHOUT
+# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+# FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+# version 2 for more details (a copy is included in the LICENSE file that
+# accompanied this code).
+#
+# You should have received a copy of the GNU General Public License version
+# 2 along with this work; if not, write to the Free Software Foundation,
+# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+# Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+# or visit www.oracle.com if you need additional information or have any
+# questions.
+#
+# List of JVMs that can be used as an option to java, javac, etc.
+# Order is important -- first in this list is the default JVM.
+# NOTE that this both this file and its format are UNSUPPORTED and
+# WILL GO AWAY in a future release.
+#
+# You may also select a JVM in an arbitrary location with the
+# "-XXaltjvm=<jvm_dir>" option, but that too is unsupported
+# and may not be available in a future release.
+#
+# n.b. server must be first so it is used as the default
+-server KNOWN
+-client ALIASED_TO -server
+-minimal ERROR

From bugzilla-daemon at icedtea.classpath.org  Tue Mar 18 17:34:21 2014
From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org)
Date: Tue, 18 Mar 2014 17:34:21 +0000
Subject: [Bug 1713] [IcedTea7] Support AArch64 Port
In-Reply-To: <bug-1713-30@http.icedtea.classpath.org/bugzilla/>
References: <bug-1713-30@http.icedtea.classpath.org/bugzilla/>
Message-ID: <bug-1713-30-nAoTuYyPex@http.icedtea.classpath.org/bugzilla/>

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1713

--- Comment #2 from hg commits <mercurial at icedtea.classpath.org> ---
details:
http://icedtea.classpath.org//hg/release/icedtea7-forest-2.4/jdk?cmd=changeset;node=1e3bd243269a
author: aph
date: Tue Mar 18 17:10:07 2014 +0000

    PR1713: Support AArch64 Port
    Summary: CFLAGS_REQUIRED and build system changes for AArch64 port.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140318/c5254ee0/attachment.html>

From hsn at sanatana.filez.com  Tue Mar 18 20:12:27 2014
From: hsn at sanatana.filez.com (Radim Kolar)
Date: Tue, 18 Mar 2014 21:12:27 +0100
Subject: revive hg tags
Message-ID: <5328A8AB.8020604@sanatana.filez.com>

can you continue to make tags in hg marking release points like it used 
to be in icedtea 1.x?

From gnu.andrew at redhat.com  Tue Mar 18 23:43:16 2014
From: gnu.andrew at redhat.com (Andrew Hughes)
Date: Tue, 18 Mar 2014 19:43:16 -0400 (EDT)
Subject: revive hg tags
In-Reply-To: <5328A8AB.8020604@sanatana.filez.com>
References: <5328A8AB.8020604@sanatana.filez.com>
Message-ID: <1390643506.1353566.1395186196291.JavaMail.zimbra@redhat.com>



----- Original Message -----
> can you continue to make tags in hg marking release points like it used
> to be in icedtea 1.x?
> 

Err... there are such tags...

e.g.

http://icedtea.classpath.org/hg/release/icedtea7-2.4/rev/7449e5c8ae77
-- 
Andrew :)

Free Java Software Engineer
Red Hat, Inc. (http://www.redhat.com)

PGP Key: 248BDC07 (https://keys.indymedia.org/)
Fingerprint = EC5A 1F5E C0AD 1D15 8F1F  8F91 3B96 A578 248B DC07


From bugzilla-daemon at icedtea.classpath.org  Wed Mar 19 03:00:06 2014
From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org)
Date: Wed, 19 Mar 2014 03:00:06 +0000
Subject: [Bug 1205] Plugin crashes with java.lang.NullPointerException with
	AUSkey software
In-Reply-To: <bug-1205-30@http.icedtea.classpath.org/bugzilla/>
References: <bug-1205-30@http.icedtea.classpath.org/bugzilla/>
Message-ID: <bug-1205-30-cxFCeIpboV@http.icedtea.classpath.org/bugzilla/>

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1205

Damon Smith <damon.default at gmail.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |damon.default at gmail.com

--- Comment #2 from Damon Smith <damon.default at gmail.com> ---
The AUSKey applet works for me now, I'm using:

OpenJDK: 1.7.0_51
IcedTea: 1.4-3ubuntu2.1

on Ubuntu 13.10 amd64.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140319/248b389d/attachment.html>

From hsn at sanatana.filez.com  Wed Mar 19 09:28:38 2014
From: hsn at sanatana.filez.com (Radim Kolar)
Date: Wed, 19 Mar 2014 10:28:38 +0100
Subject: revive hg tags
In-Reply-To: <1390643506.1353566.1395186196291.JavaMail.zimbra@redhat.com>
References: <5328A8AB.8020604@sanatana.filez.com>
	<1390643506.1353566.1395186196291.JavaMail.zimbra@redhat.com>
Message-ID: <53296346.6010203@sanatana.filez.com>


> Err... there are such tags...
>
> http://icedtea.classpath.org/hg/release/icedtea7-2.4/rev/7449e5c8ae77
i do not see them in hg tags command. I am missing something?

(hsn at sanatana:pts/3):~/live/icedtea7% hg incoming
comparing with http://icedtea.classpath.org/hg/icedtea7
searching for changes
no changes found
(hsn at sanatana:pts/3):~/live/icedtea7% hg tags
tip                             2697:7c7dba98193f
icedtea-2.4-branchpoint         2646:d0b14be8cbf8
icedtea-2.3-branchpoint         2586:60c41b88775a
icedtea-2.2-branchpoint         2545:2917541bbda4
icedtea-2.1-branchpoint         2507:d35c742babc0
icedtea-2.0-branchpoint         2485:e4c9d9bd4a99
icedtea-1.14                    2438:1b47f8cc8c75
icedtea-1.13                    2334:13b9a6c00673
icedtea-1.12                    2054:d96a0228b792
icedtea-1.11                    1970:df574d432c00
icedtea-1.10                    1853:9729b3a51305
icedtea-1.9                     1766:db666234267c
icedtea6-1.4                    1596:2b1c03c1e9fa
icedtea6-1.4pre                 1594:6c02b699206d
icedtea-1.8                     1437:3ced1c5f1403
icedtea6-1.3.1                  1369:be368b1e3c7d
icedtea6-1.3                    1305:3ef9c9c4e70b
icedtea-1.7                     1037:8bbc4ffe2c7c
icedtea6-1.2                    1023:871b70407a13
icedtea6-1.1                     906:a5c32475a2e8
icedtea6-1.0                     761:38e6eb354632
icedtea-1.6                      604:bb3929528d3e
icedtea-1.5                      430:5ca86e9ca405
icedtea-1.4                      252:cb78e0fccf14
icedtea-1.3                      170:8ea2619c21cf
icedtea-1.2                      130:1ce086327b07
icedtea-1.1                       83:b639d73581e3
icedtea-1.0                        6:96e1bdfed80e


From stefan at complang.tuwien.ac.at  Wed Mar 19 09:52:05 2014
From: stefan at complang.tuwien.ac.at (Stefan Ring)
Date: Wed, 19 Mar 2014 10:52:05 +0100
Subject: revive hg tags
In-Reply-To: <53296346.6010203@sanatana.filez.com>
References: <5328A8AB.8020604@sanatana.filez.com>
	<1390643506.1353566.1395186196291.JavaMail.zimbra@redhat.com>
	<53296346.6010203@sanatana.filez.com>
Message-ID: <CAAxjCEyHoVr1W20NSqr6K4uts6GkGrQt4BKoBmmjob7+CrJ2ig@mail.gmail.com>

> i do not see them in hg tags command. I am missing something?
>
> (hsn at sanatana:pts/3):~/live/icedtea7% hg incoming
> comparing with http://icedtea.classpath.org/hg/icedtea7
> searching for changes
> no changes found
> (hsn at sanatana:pts/3):~/live/icedtea7% hg tags
> tip                             2697:7c7dba98193f
> icedtea-2.4-branchpoint         2646:d0b14be8cbf8
> icedtea-2.3-branchpoint         2586:60c41b88775a
> icedtea-2.2-branchpoint         2545:2917541bbda4
> icedtea-2.1-branchpoint         2507:d35c742babc0
> icedtea-2.0-branchpoint         2485:e4c9d9bd4a99
> icedtea-1.14                    2438:1b47f8cc8c75
> icedtea-1.13                    2334:13b9a6c00673
> icedtea-1.12                    2054:d96a0228b792
> icedtea-1.11                    1970:df574d432c00
> icedtea-1.10                    1853:9729b3a51305
> icedtea-1.9                     1766:db666234267c
> icedtea6-1.4                    1596:2b1c03c1e9fa
> icedtea6-1.4pre                 1594:6c02b699206d
> icedtea-1.8                     1437:3ced1c5f1403
> icedtea6-1.3.1                  1369:be368b1e3c7d
> icedtea6-1.3                    1305:3ef9c9c4e70b
> icedtea-1.7                     1037:8bbc4ffe2c7c
> icedtea6-1.2                    1023:871b70407a13
> icedtea6-1.1                     906:a5c32475a2e8
> icedtea6-1.0                     761:38e6eb354632
> icedtea-1.6                      604:bb3929528d3e
> icedtea-1.5                      430:5ca86e9ca405
> icedtea-1.4                      252:cb78e0fccf14
> icedtea-1.3                      170:8ea2619c21cf
> icedtea-1.2                      130:1ce086327b07
> icedtea-1.1                       83:b639d73581e3
> icedtea-1.0                        6:96e1bdfed80e

Strange and definitely a problem on your side of things. There is a
.hg/cache/tags file, which you could try to delete. While you're at
it, just remove the entire .hg/cache directory. That might be the
culprit, although I've never experienced a problem with it in many
years of Mercurial usage.

From ptisnovs at icedtea.classpath.org  Wed Mar 19 09:58:26 2014
From: ptisnovs at icedtea.classpath.org (ptisnovs at icedtea.classpath.org)
Date: Wed, 19 Mar 2014 09:58:26 +0000
Subject: /hg/gfx-test: Fixed a lot of typos in BitBltAffineIdentityTransf...
Message-ID: <hg.117344d3f5e1.1395223106.-6248649288953172555@icedtea.classpath.org>

changeset 117344d3f5e1 in /hg/gfx-test
details: http://icedtea.classpath.org/hg/gfx-test?cmd=changeset;node=117344d3f5e1
author: Pavel Tisnovsky <ptisnovs at redhat.com>
date: Wed Mar 19 10:59:00 2014 +0100

	Fixed a lot of typos in BitBltAffineIdentityTransformOp.


diffstat:

 ChangeLog                                                       |     5 +
 src/org/gfxtest/testsuites/BitBltAffineIdentityTransformOp.java |  1038 +++++-----
 2 files changed, 524 insertions(+), 519 deletions(-)

diffs (truncated from 3090 to 500 lines):

diff -r 3a59e3b162a9 -r 117344d3f5e1 ChangeLog
--- a/ChangeLog	Tue Mar 18 12:07:31 2014 +0100
+++ b/ChangeLog	Wed Mar 19 10:59:00 2014 +0100
@@ -1,3 +1,8 @@
+2014-03-19  Pavel Tisnovsky  <ptisnovs at redhat.com>
+
+	* src/org/gfxtest/testsuites/BitBltAffineIdentityTransformOp.java:
+	Fixed a lot of typos in BitBltAffineIdentityTransformOp.
+
 2014-03-18  Pavel Tisnovsky  <ptisnovs at redhat.com>
 
 	* src/org/gfxtest/testsuites/BitBltBasicTests.java:
diff -r 3a59e3b162a9 -r 117344d3f5e1 src/org/gfxtest/testsuites/BitBltAffineIdentityTransformOp.java
--- a/src/org/gfxtest/testsuites/BitBltAffineIdentityTransformOp.java	Tue Mar 18 12:07:31 2014 +0100
+++ b/src/org/gfxtest/testsuites/BitBltAffineIdentityTransformOp.java	Wed Mar 19 10:59:00 2014 +0100
@@ -1,7 +1,7 @@
 /*
   Java gfx-test framework
 
-   Copyright (C) 2013  Red Hat
+   Copyright (C) 2013, 2014  Red Hat
 
 This file is part of IcedTea.
 
@@ -73,13 +73,13 @@
 {
     private static final AffineTransform IdentifyTransformation = new AffineTransform();
 
-    private static final AffineTransformOp IdentifyTranspormationOp1;
-    private static final AffineTransformOp IdentifyTranspormationOp2;
-    private static final AffineTransformOp IdentifyTranspormationOp3;
-
-    private static final AffineTransformOp IdentifyTranspormationOp4;
-    private static final AffineTransformOp IdentifyTranspormationOp5;
-    private static final AffineTransformOp IdentifyTranspormationOp6;
+    private static final AffineTransformOp IdentifyTransformationOp1;
+    private static final AffineTransformOp IdentifyTransformationOp2;
+    private static final AffineTransformOp IdentifyTransformationOp3;
+
+    private static final AffineTransformOp IdentifyTransformationOp4;
+    private static final AffineTransformOp IdentifyTransformationOp5;
+    private static final AffineTransformOp IdentifyTransformationOp6;
 
     private static final RenderingHints RenderingHintsNearestNeighbor;
     private static final RenderingHints RenderingHintsBilinear;
@@ -90,13 +90,13 @@
         RenderingHintsBilinear = new RenderingHints(RenderingHints.KEY_INTERPOLATION, RenderingHints.VALUE_INTERPOLATION_BILINEAR);
         RenderingHintsBicubic = new RenderingHints(RenderingHints.KEY_INTERPOLATION, RenderingHints.VALUE_INTERPOLATION_BICUBIC);
 
-        IdentifyTranspormationOp1 = new AffineTransformOp(IdentifyTransformation, AffineTransformOp.TYPE_NEAREST_NEIGHBOR);
-        IdentifyTranspormationOp2 = new AffineTransformOp(IdentifyTransformation, AffineTransformOp.TYPE_BILINEAR);
-        IdentifyTranspormationOp3 = new AffineTransformOp(IdentifyTransformation, AffineTransformOp.TYPE_BICUBIC);
-
-        IdentifyTranspormationOp4 = new AffineTransformOp(IdentifyTransformation, RenderingHintsNearestNeighbor);
-        IdentifyTranspormationOp5 = new AffineTransformOp(IdentifyTransformation, RenderingHintsBilinear);
-        IdentifyTranspormationOp6 = new AffineTransformOp(IdentifyTransformation, RenderingHintsBicubic);
+        IdentifyTransformationOp1 = new AffineTransformOp(IdentifyTransformation, AffineTransformOp.TYPE_NEAREST_NEIGHBOR);
+        IdentifyTransformationOp2 = new AffineTransformOp(IdentifyTransformation, AffineTransformOp.TYPE_BILINEAR);
+        IdentifyTransformationOp3 = new AffineTransformOp(IdentifyTransformation, AffineTransformOp.TYPE_BICUBIC);
+
+        IdentifyTransformationOp4 = new AffineTransformOp(IdentifyTransformation, RenderingHintsNearestNeighbor);
+        IdentifyTransformationOp5 = new AffineTransformOp(IdentifyTransformation, RenderingHintsBilinear);
+        IdentifyTransformationOp6 = new AffineTransformOp(IdentifyTransformation, RenderingHintsBicubic);
     }
 
     /**
@@ -108,9 +108,9 @@
      *            graphics canvas
      * @return test result status - PASSED, FAILED or ERROR
      */
-    public TestResult testBitBltEmptyBufferedImageType3ByteBGRIdentifyTranspormationOp1(TestImage image, Graphics2D graphics2d)
+    public TestResult testBitBltEmptyBufferedImageType3ByteBGRIdentifyTransformationOp1(TestImage image, Graphics2D graphics2d)
     {
-        return doBitBltEmptyBufferedImageType3ByteRGB(image, graphics2d, IdentifyTranspormationOp1);
+        return doBitBltEmptyBufferedImageType3ByteRGB(image, graphics2d, IdentifyTransformationOp1);
     }
 
     /**
@@ -122,9 +122,9 @@
      *            graphics canvas
      * @return test result status - PASSED, FAILED or ERROR
      */
-    public TestResult testBitBltEmptyBufferedImageType3ByteBGRIdentifyTranspormationOp2(TestImage image, Graphics2D graphics2d)
+    public TestResult testBitBltEmptyBufferedImageType3ByteBGRIdentifyTransformationOp2(TestImage image, Graphics2D graphics2d)
     {
-        return doBitBltEmptyBufferedImageType3ByteRGB(image, graphics2d, IdentifyTranspormationOp2);
+        return doBitBltEmptyBufferedImageType3ByteRGB(image, graphics2d, IdentifyTransformationOp2);
     }
 
     /**
@@ -136,9 +136,9 @@
      *            graphics canvas
      * @return test result status - PASSED, FAILED or ERROR
      */
-    public TestResult testBitBltEmptyBufferedImageType3ByteBGRIdentifyTranspormationOp3(TestImage image, Graphics2D graphics2d)
+    public TestResult testBitBltEmptyBufferedImageType3ByteBGRIdentifyTransformationOp3(TestImage image, Graphics2D graphics2d)
     {
-        return doBitBltEmptyBufferedImageType3ByteRGB(image, graphics2d, IdentifyTranspormationOp3);
+        return doBitBltEmptyBufferedImageType3ByteRGB(image, graphics2d, IdentifyTransformationOp3);
     }
 
     /**
@@ -150,9 +150,9 @@
      *            graphics canvas
      * @return test result status - PASSED, FAILED or ERROR
      */
-    public TestResult testBitBltEmptyBufferedImageType3ByteBGRIdentifyTranspormationOp4(TestImage image, Graphics2D graphics2d)
+    public TestResult testBitBltEmptyBufferedImageType3ByteBGRIdentifyTransformationOp4(TestImage image, Graphics2D graphics2d)
     {
-        return doBitBltEmptyBufferedImageType3ByteRGB(image, graphics2d, IdentifyTranspormationOp4);
+        return doBitBltEmptyBufferedImageType3ByteRGB(image, graphics2d, IdentifyTransformationOp4);
     }
 
     /**
@@ -164,9 +164,9 @@
      *            graphics canvas
      * @return test result status - PASSED, FAILED or ERROR
      */
-    public TestResult testBitBltEmptyBufferedImageType3ByteBGRIdentifyTranspormationOp5(TestImage image, Graphics2D graphics2d)
+    public TestResult testBitBltEmptyBufferedImageType3ByteBGRIdentifyTransformationOp5(TestImage image, Graphics2D graphics2d)
     {
-        return doBitBltEmptyBufferedImageType3ByteRGB(image, graphics2d, IdentifyTranspormationOp5);
+        return doBitBltEmptyBufferedImageType3ByteRGB(image, graphics2d, IdentifyTransformationOp5);
     }
 
     /**
@@ -178,9 +178,9 @@
      *            graphics canvas
      * @return test result status - PASSED, FAILED or ERROR
      */
-    public TestResult testBitBltEmptyBufferedImageType3ByteBGRIdentifyTranspormationOp6(TestImage image, Graphics2D graphics2d)
+    public TestResult testBitBltEmptyBufferedImageType3ByteBGRIdentifyTransformationOp6(TestImage image, Graphics2D graphics2d)
     {
-        return doBitBltEmptyBufferedImageType3ByteRGB(image, graphics2d, IdentifyTranspormationOp6);
+        return doBitBltEmptyBufferedImageType3ByteRGB(image, graphics2d, IdentifyTransformationOp6);
     }
 
     /**
@@ -192,9 +192,9 @@
      *            graphics canvas
      * @return test result status - PASSED, FAILED or ERROR
      */
-    public TestResult testBitBltEmptyBufferedImageType4ByteABGRIdentifyTranspormationOp1(TestImage image, Graphics2D graphics2d)
+    public TestResult testBitBltEmptyBufferedImageType4ByteABGRIdentifyTransformationOp1(TestImage image, Graphics2D graphics2d)
     {
-        return doBitBltEmptyBufferedImageType4ByteABGR(image, graphics2d, IdentifyTranspormationOp1);
+        return doBitBltEmptyBufferedImageType4ByteABGR(image, graphics2d, IdentifyTransformationOp1);
     }
 
     /**
@@ -206,9 +206,9 @@
      *            graphics canvas
      * @return test result status - PASSED, FAILED or ERROR
      */
-    public TestResult testBitBltEmptyBufferedImageType4ByteABGRIdentifyTranspormationOp2(TestImage image, Graphics2D graphics2d)
+    public TestResult testBitBltEmptyBufferedImageType4ByteABGRIdentifyTransformationOp2(TestImage image, Graphics2D graphics2d)
     {
-        return doBitBltEmptyBufferedImageType4ByteABGR(image, graphics2d, IdentifyTranspormationOp2);
+        return doBitBltEmptyBufferedImageType4ByteABGR(image, graphics2d, IdentifyTransformationOp2);
     }
 
     /**
@@ -220,9 +220,9 @@
      *            graphics canvas
      * @return test result status - PASSED, FAILED or ERROR
      */
-    public TestResult testBitBltEmptyBufferedImageType4ByteABGRIdentifyTranspormationOp3(TestImage image, Graphics2D graphics2d)
+    public TestResult testBitBltEmptyBufferedImageType4ByteABGRIdentifyTransformationOp3(TestImage image, Graphics2D graphics2d)
     {
-        return doBitBltEmptyBufferedImageType4ByteABGR(image, graphics2d, IdentifyTranspormationOp3);
+        return doBitBltEmptyBufferedImageType4ByteABGR(image, graphics2d, IdentifyTransformationOp3);
     }
 
     /**
@@ -234,9 +234,9 @@
      *            graphics canvas
      * @return test result status - PASSED, FAILED or ERROR
      */
-    public TestResult testBitBltEmptyBufferedImageType4ByteABGRIdentifyTranspormationOp4(TestImage image, Graphics2D graphics2d)
+    public TestResult testBitBltEmptyBufferedImageType4ByteABGRIdentifyTransformationOp4(TestImage image, Graphics2D graphics2d)
     {
-        return doBitBltEmptyBufferedImageType4ByteABGR(image, graphics2d, IdentifyTranspormationOp4);
+        return doBitBltEmptyBufferedImageType4ByteABGR(image, graphics2d, IdentifyTransformationOp4);
     }
 
     /**
@@ -248,9 +248,9 @@
      *            graphics canvas
      * @return test result status - PASSED, FAILED or ERROR
      */
-    public TestResult testBitBltEmptyBufferedImageType4ByteABGRIdentifyTranspormationOp5(TestImage image, Graphics2D graphics2d)
+    public TestResult testBitBltEmptyBufferedImageType4ByteABGRIdentifyTransformationOp5(TestImage image, Graphics2D graphics2d)
     {
-        return doBitBltEmptyBufferedImageType4ByteABGR(image, graphics2d, IdentifyTranspormationOp5);
+        return doBitBltEmptyBufferedImageType4ByteABGR(image, graphics2d, IdentifyTransformationOp5);
     }
 
     /**
@@ -262,9 +262,9 @@
      *            graphics canvas
      * @return test result status - PASSED, FAILED or ERROR
      */
-    public TestResult testBitBltEmptyBufferedImageType4ByteABGRIdentifyTranspormationOp6(TestImage image, Graphics2D graphics2d)
+    public TestResult testBitBltEmptyBufferedImageType4ByteABGRIdentifyTransformationOp6(TestImage image, Graphics2D graphics2d)
     {
-        return doBitBltEmptyBufferedImageType4ByteABGR(image, graphics2d, IdentifyTranspormationOp6);
+        return doBitBltEmptyBufferedImageType4ByteABGR(image, graphics2d, IdentifyTransformationOp6);
     }
 
     /**
@@ -276,9 +276,9 @@
      *            graphics canvas
      * @return test result status - PASSED, FAILED or ERROR
      */
-    public TestResult testBitBltEmptyBufferedImageType4ByteABGRPreIdentifyTranspormationOp1(TestImage image, Graphics2D graphics2d)
+    public TestResult testBitBltEmptyBufferedImageType4ByteABGRPreIdentifyTransformationOp1(TestImage image, Graphics2D graphics2d)
     {
-        return doBitBltEmptyBufferedImageType4ByteABGRPre(image, graphics2d, IdentifyTranspormationOp1);
+        return doBitBltEmptyBufferedImageType4ByteABGRPre(image, graphics2d, IdentifyTransformationOp1);
     }
 
     /**
@@ -290,9 +290,9 @@
      *            graphics canvas
      * @return test result status - PASSED, FAILED or ERROR
      */
-    public TestResult testBitBltEmptyBufferedImageType4ByteABGRPreIdentifyTranspormationOp2(TestImage image, Graphics2D graphics2d)
+    public TestResult testBitBltEmptyBufferedImageType4ByteABGRPreIdentifyTransformationOp2(TestImage image, Graphics2D graphics2d)
     {
-        return doBitBltEmptyBufferedImageType4ByteABGRPre(image, graphics2d, IdentifyTranspormationOp2);
+        return doBitBltEmptyBufferedImageType4ByteABGRPre(image, graphics2d, IdentifyTransformationOp2);
     }
 
     /**
@@ -304,9 +304,9 @@
      *            graphics canvas
      * @return test result status - PASSED, FAILED or ERROR
      */
-    public TestResult testBitBltEmptyBufferedImageType4ByteABGRPreIdentifyTranspormationOp3(TestImage image, Graphics2D graphics2d)
+    public TestResult testBitBltEmptyBufferedImageType4ByteABGRPreIdentifyTransformationOp3(TestImage image, Graphics2D graphics2d)
     {
-        return doBitBltEmptyBufferedImageType4ByteABGRPre(image, graphics2d, IdentifyTranspormationOp3);
+        return doBitBltEmptyBufferedImageType4ByteABGRPre(image, graphics2d, IdentifyTransformationOp3);
     }
 
     /**
@@ -318,9 +318,9 @@
      *            graphics canvas
      * @return test result status - PASSED, FAILED or ERROR
      */
-    public TestResult testBitBltEmptyBufferedImageType4ByteABGRPreIdentifyTranspormationOp4(TestImage image, Graphics2D graphics2d)
+    public TestResult testBitBltEmptyBufferedImageType4ByteABGRPreIdentifyTransformationOp4(TestImage image, Graphics2D graphics2d)
     {
-        return doBitBltEmptyBufferedImageType4ByteABGRPre(image, graphics2d, IdentifyTranspormationOp4);
+        return doBitBltEmptyBufferedImageType4ByteABGRPre(image, graphics2d, IdentifyTransformationOp4);
     }
 
     /**
@@ -332,9 +332,9 @@
      *            graphics canvas
      * @return test result status - PASSED, FAILED or ERROR
      */
-    public TestResult testBitBltEmptyBufferedImageType4ByteABGRPreIdentifyTranspormationOp5(TestImage image, Graphics2D graphics2d)
+    public TestResult testBitBltEmptyBufferedImageType4ByteABGRPreIdentifyTransformationOp5(TestImage image, Graphics2D graphics2d)
     {
-        return doBitBltEmptyBufferedImageType4ByteABGRPre(image, graphics2d, IdentifyTranspormationOp5);
+        return doBitBltEmptyBufferedImageType4ByteABGRPre(image, graphics2d, IdentifyTransformationOp5);
     }
 
     /**
@@ -346,9 +346,9 @@
      *            graphics canvas
      * @return test result status - PASSED, FAILED or ERROR
      */
-    public TestResult testBitBltEmptyBufferedImageType4ByteABGRPreIdentifyTranspormationOp6(TestImage image, Graphics2D graphics2d)
+    public TestResult testBitBltEmptyBufferedImageType4ByteABGRPreIdentifyTransformationOp6(TestImage image, Graphics2D graphics2d)
     {
-        return doBitBltEmptyBufferedImageType4ByteABGRPre(image, graphics2d, IdentifyTranspormationOp6);
+        return doBitBltEmptyBufferedImageType4ByteABGRPre(image, graphics2d, IdentifyTransformationOp6);
     }
 
     /**
@@ -360,9 +360,9 @@
      *            graphics canvas
      * @return test result status - PASSED, FAILED or ERROR
      */
-    public TestResult testBitBltEmptyBufferedImageTypeByteBinaryIdentifyTranspormationOp1(TestImage image, Graphics2D graphics2d)
+    public TestResult testBitBltEmptyBufferedImageTypeByteBinaryIdentifyTransformationOp1(TestImage image, Graphics2D graphics2d)
     {
-        return doBitBltEmptyBufferedImageTypeByteBinary(image, graphics2d, IdentifyTranspormationOp1);
+        return doBitBltEmptyBufferedImageTypeByteBinary(image, graphics2d, IdentifyTransformationOp1);
     }
 
     /**
@@ -374,9 +374,9 @@
      *            graphics canvas
      * @return test result status - PASSED, FAILED or ERROR
      */
-    public TestResult testBitBltEmptyBufferedImageTypeByteBinaryIdentifyTranspormationOp2(TestImage image, Graphics2D graphics2d)
+    public TestResult testBitBltEmptyBufferedImageTypeByteBinaryIdentifyTransformationOp2(TestImage image, Graphics2D graphics2d)
     {
-        return doBitBltEmptyBufferedImageTypeByteBinary(image, graphics2d, IdentifyTranspormationOp2);
+        return doBitBltEmptyBufferedImageTypeByteBinary(image, graphics2d, IdentifyTransformationOp2);
     }
 
     /**
@@ -388,9 +388,9 @@
      *            graphics canvas
      * @return test result status - PASSED, FAILED or ERROR
      */
-    public TestResult testBitBltEmptyBufferedImageTypeByteBinaryIdentifyTranspormationOp3(TestImage image, Graphics2D graphics2d)
+    public TestResult testBitBltEmptyBufferedImageTypeByteBinaryIdentifyTransformationOp3(TestImage image, Graphics2D graphics2d)
     {
-        return doBitBltEmptyBufferedImageTypeByteBinary(image, graphics2d, IdentifyTranspormationOp3);
+        return doBitBltEmptyBufferedImageTypeByteBinary(image, graphics2d, IdentifyTransformationOp3);
     }
 
     /**
@@ -402,9 +402,9 @@
      *            graphics canvas
      * @return test result status - PASSED, FAILED or ERROR
      */
-    public TestResult testBitBltEmptyBufferedImageTypeByteBinaryIdentifyTranspormationOp4(TestImage image, Graphics2D graphics2d)
+    public TestResult testBitBltEmptyBufferedImageTypeByteBinaryIdentifyTransformationOp4(TestImage image, Graphics2D graphics2d)
     {
-        return doBitBltEmptyBufferedImageTypeByteBinary(image, graphics2d, IdentifyTranspormationOp4);
+        return doBitBltEmptyBufferedImageTypeByteBinary(image, graphics2d, IdentifyTransformationOp4);
     }
 
     /**
@@ -416,9 +416,9 @@
      *            graphics canvas
      * @return test result status - PASSED, FAILED or ERROR
      */
-    public TestResult testBitBltEmptyBufferedImageTypeByteBinaryIdentifyTranspormationOp5(TestImage image, Graphics2D graphics2d)
+    public TestResult testBitBltEmptyBufferedImageTypeByteBinaryIdentifyTransformationOp5(TestImage image, Graphics2D graphics2d)
     {
-        return doBitBltEmptyBufferedImageTypeByteBinary(image, graphics2d, IdentifyTranspormationOp5);
+        return doBitBltEmptyBufferedImageTypeByteBinary(image, graphics2d, IdentifyTransformationOp5);
     }
 
     /**
@@ -430,9 +430,9 @@
      *            graphics canvas
      * @return test result status - PASSED, FAILED or ERROR
      */
-    public TestResult testBitBltEmptyBufferedImageTypeByteBinaryIdentifyTranspormationOp6(TestImage image, Graphics2D graphics2d)
+    public TestResult testBitBltEmptyBufferedImageTypeByteBinaryIdentifyTransformationOp6(TestImage image, Graphics2D graphics2d)
     {
-        return doBitBltEmptyBufferedImageTypeByteBinary(image, graphics2d, IdentifyTranspormationOp6);
+        return doBitBltEmptyBufferedImageTypeByteBinary(image, graphics2d, IdentifyTransformationOp6);
     }
 
     /**
@@ -444,9 +444,9 @@
      *            graphics canvas
      * @return test result status - PASSED, FAILED or ERROR
      */
-    public TestResult testBitBltEmptyBufferedImageTypeByteIndexedIdentifyTranspormationOp1(TestImage image, Graphics2D graphics2d)
+    public TestResult testBitBltEmptyBufferedImageTypeByteIndexedIdentifyTransformationOp1(TestImage image, Graphics2D graphics2d)
     {
-        return doBitBltEmptyBufferedImageTypeByteIndexed(image, graphics2d, IdentifyTranspormationOp1);
+        return doBitBltEmptyBufferedImageTypeByteIndexed(image, graphics2d, IdentifyTransformationOp1);
     }
 
     /**
@@ -458,9 +458,9 @@
      *            graphics canvas
      * @return test result status - PASSED, FAILED or ERROR
      */
-    public TestResult testBitBltEmptyBufferedImageTypeByteIndexedIdentifyTranspormationOp2(TestImage image, Graphics2D graphics2d)
+    public TestResult testBitBltEmptyBufferedImageTypeByteIndexedIdentifyTransformationOp2(TestImage image, Graphics2D graphics2d)
     {
-        return doBitBltEmptyBufferedImageTypeByteIndexed(image, graphics2d, IdentifyTranspormationOp2);
+        return doBitBltEmptyBufferedImageTypeByteIndexed(image, graphics2d, IdentifyTransformationOp2);
     }
 
     /**
@@ -472,9 +472,9 @@
      *            graphics canvas
      * @return test result status - PASSED, FAILED or ERROR
      */
-    public TestResult testBitBltEmptyBufferedImageTypeByteIndexedIdentifyTranspormationOp3(TestImage image, Graphics2D graphics2d)
+    public TestResult testBitBltEmptyBufferedImageTypeByteIndexedIdentifyTransformationOp3(TestImage image, Graphics2D graphics2d)
     {
-        return doBitBltEmptyBufferedImageTypeByteIndexed(image, graphics2d, IdentifyTranspormationOp3);
+        return doBitBltEmptyBufferedImageTypeByteIndexed(image, graphics2d, IdentifyTransformationOp3);
     }
 
     /**
@@ -486,9 +486,9 @@
      *            graphics canvas
      * @return test result status - PASSED, FAILED or ERROR
      */
-    public TestResult testBitBltEmptyBufferedImageTypeByteIndexedIdentifyTranspormationOp4(TestImage image, Graphics2D graphics2d)
+    public TestResult testBitBltEmptyBufferedImageTypeByteIndexedIdentifyTransformationOp4(TestImage image, Graphics2D graphics2d)
     {
-        return doBitBltEmptyBufferedImageTypeByteIndexed(image, graphics2d, IdentifyTranspormationOp4);
+        return doBitBltEmptyBufferedImageTypeByteIndexed(image, graphics2d, IdentifyTransformationOp4);
     }
 
     /**
@@ -500,9 +500,9 @@
      *            graphics canvas
      * @return test result status - PASSED, FAILED or ERROR
      */
-    public TestResult testBitBltEmptyBufferedImageTypeByteIndexedIdentifyTranspormationOp5(TestImage image, Graphics2D graphics2d)
+    public TestResult testBitBltEmptyBufferedImageTypeByteIndexedIdentifyTransformationOp5(TestImage image, Graphics2D graphics2d)
     {
-        return doBitBltEmptyBufferedImageTypeByteIndexed(image, graphics2d, IdentifyTranspormationOp5);
+        return doBitBltEmptyBufferedImageTypeByteIndexed(image, graphics2d, IdentifyTransformationOp5);
     }
 
     /**
@@ -514,9 +514,9 @@
      *            graphics canvas
      * @return test result status - PASSED, FAILED or ERROR
      */
-    public TestResult testBitBltEmptyBufferedImageTypeByteIndexedIdentifyTranspormationOp6(TestImage image, Graphics2D graphics2d)
+    public TestResult testBitBltEmptyBufferedImageTypeByteIndexedIdentifyTransformationOp6(TestImage image, Graphics2D graphics2d)
     {
-        return doBitBltEmptyBufferedImageTypeByteIndexed(image, graphics2d, IdentifyTranspormationOp6);
+        return doBitBltEmptyBufferedImageTypeByteIndexed(image, graphics2d, IdentifyTransformationOp6);
     }
 
     /**
@@ -528,9 +528,9 @@
      *            graphics canvas
      * @return test result status - PASSED, FAILED or ERROR
      */
-    public TestResult testBitBltEmptyBufferedImageTypeByteGrayIdentifyTranspormationOp1(TestImage image, Graphics2D graphics2d)
+    public TestResult testBitBltEmptyBufferedImageTypeByteGrayIdentifyTransformationOp1(TestImage image, Graphics2D graphics2d)
     {
-        return doBitBltEmptyBufferedImageTypeByteGray(image, graphics2d, IdentifyTranspormationOp1);
+        return doBitBltEmptyBufferedImageTypeByteGray(image, graphics2d, IdentifyTransformationOp1);
     }
 
     /**
@@ -542,9 +542,9 @@
      *            graphics canvas
      * @return test result status - PASSED, FAILED or ERROR
      */
-    public TestResult testBitBltEmptyBufferedImageTypeByteGrayIdentifyTranspormationOp2(TestImage image, Graphics2D graphics2d)
+    public TestResult testBitBltEmptyBufferedImageTypeByteGrayIdentifyTransformationOp2(TestImage image, Graphics2D graphics2d)
     {
-        return doBitBltEmptyBufferedImageTypeByteGray(image, graphics2d, IdentifyTranspormationOp2);
+        return doBitBltEmptyBufferedImageTypeByteGray(image, graphics2d, IdentifyTransformationOp2);
     }
 
     /**
@@ -556,9 +556,9 @@
      *            graphics canvas
      * @return test result status - PASSED, FAILED or ERROR
      */
-    public TestResult testBitBltEmptyBufferedImageTypeByteGrayIdentifyTranspormationOp3(TestImage image, Graphics2D graphics2d)
+    public TestResult testBitBltEmptyBufferedImageTypeByteGrayIdentifyTransformationOp3(TestImage image, Graphics2D graphics2d)
     {
-        return doBitBltEmptyBufferedImageTypeByteGray(image, graphics2d, IdentifyTranspormationOp3);
+        return doBitBltEmptyBufferedImageTypeByteGray(image, graphics2d, IdentifyTransformationOp3);
     }
 
     /**
@@ -570,9 +570,9 @@
      *            graphics canvas
      * @return test result status - PASSED, FAILED or ERROR
      */
-    public TestResult testBitBltEmptyBufferedImageTypeByteGrayIdentifyTranspormationOp4(TestImage image, Graphics2D graphics2d)
+    public TestResult testBitBltEmptyBufferedImageTypeByteGrayIdentifyTransformationOp4(TestImage image, Graphics2D graphics2d)
     {
-        return doBitBltEmptyBufferedImageTypeByteGray(image, graphics2d, IdentifyTranspormationOp4);
+        return doBitBltEmptyBufferedImageTypeByteGray(image, graphics2d, IdentifyTransformationOp4);
     }
 
     /**
@@ -584,9 +584,9 @@
      *            graphics canvas
      * @return test result status - PASSED, FAILED or ERROR
      */
-    public TestResult testBitBltEmptyBufferedImageTypeByteGrayIdentifyTranspormationOp5(TestImage image, Graphics2D graphics2d)
+    public TestResult testBitBltEmptyBufferedImageTypeByteGrayIdentifyTransformationOp5(TestImage image, Graphics2D graphics2d)
     {
-        return doBitBltEmptyBufferedImageTypeByteGray(image, graphics2d, IdentifyTranspormationOp5);
+        return doBitBltEmptyBufferedImageTypeByteGray(image, graphics2d, IdentifyTransformationOp5);
     }
 
     /**
@@ -598,9 +598,9 @@
      *            graphics canvas
      * @return test result status - PASSED, FAILED or ERROR
      */
-    public TestResult testBitBltEmptyBufferedImageTypeByteGrayIdentifyTranspormationOp6(TestImage image, Graphics2D graphics2d)
+    public TestResult testBitBltEmptyBufferedImageTypeByteGrayIdentifyTransformationOp6(TestImage image, Graphics2D graphics2d)
     {
-        return doBitBltEmptyBufferedImageTypeByteGray(image, graphics2d, IdentifyTranspormationOp6);
+        return doBitBltEmptyBufferedImageTypeByteGray(image, graphics2d, IdentifyTransformationOp6);
     }
 
     /**
@@ -612,9 +612,9 @@
      *            graphics canvas

From ptisnovs at icedtea.classpath.org  Wed Mar 19 10:00:43 2014
From: ptisnovs at icedtea.classpath.org (ptisnovs at icedtea.classpath.org)
Date: Wed, 19 Mar 2014 10:00:43 +0000
Subject: /hg/rhino-tests: Enhancements of various tests in InvocableClass...
Message-ID: <hg.5a1fcd8c099d.1395223243.-6019694633368342460@icedtea.classpath.org>

changeset 5a1fcd8c099d in /hg/rhino-tests
details: http://icedtea.classpath.org/hg/rhino-tests?cmd=changeset;node=5a1fcd8c099d
author: Pavel Tisnovsky <ptisnovs at redhat.com>
date: Wed Mar 19 11:01:26 2014 +0100

	Enhancements of various tests in InvocableClassTest.


diffstat:

 ChangeLog                                  |   5 +++++
 src/org/RhinoTests/InvocableClassTest.java |  20 ++++++++++++++++++++
 2 files changed, 25 insertions(+), 0 deletions(-)

diffs (56 lines):

diff -r 5ec49b1ba6af -r 5a1fcd8c099d ChangeLog
--- a/ChangeLog	Tue Mar 18 12:10:50 2014 +0100
+++ b/ChangeLog	Wed Mar 19 11:01:26 2014 +0100
@@ -1,3 +1,8 @@
+2014-03-19  Pavel Tisnovsky  <ptisnovs at redhat.com>
+
+	* src/org/RhinoTests/InvocableClassTest.java:
+	Enhancements of various tests in InvocableClassTest.
+
 2014-03-18  Pavel Tisnovsky  <ptisnovs at redhat.com>
 
 	* src/org/RhinoTests/ScriptContextClassTest.java:
diff -r 5ec49b1ba6af -r 5a1fcd8c099d src/org/RhinoTests/InvocableClassTest.java
--- a/src/org/RhinoTests/InvocableClassTest.java	Tue Mar 18 12:10:50 2014 +0100
+++ b/src/org/RhinoTests/InvocableClassTest.java	Wed Mar 19 11:01:26 2014 +0100
@@ -1744,6 +1744,7 @@
         catch (Exception e) {
             // expected exception
         }
+
     }
 
     /**
@@ -1760,6 +1761,7 @@
         catch (IllegalAccessException e) {
             // expected exception
         }
+
     }
 
     /**
@@ -1919,6 +1921,24 @@
     }
 
     /**
+     * Test for method javax.script.Invocable.getClass().getResourceAsStreamPositiveTest()
+     */
+    protected void testGetResourceAsStreamPositiveTest() {
+        Object stream;
+        stream = this.invocableClass.getResourceAsStream("/org/RhinoTests/AbstractScriptEngineClassTest.class");
+        assertNotNull(stream, "getResourceAsStream(\"/org/RhinoTests/AbstractScriptEngineClassTest.class\") returns null");
+    }
+
+    /**
+     * Test for method javax.script.Invocable.getClass().toString()
+     */
+    protected void testToString() {
+        String asString;
+        asString = this.invocableClass.toString();
+        assertEquals("interface javax.script.Invocable", asString, "wrong toString() return value");
+    }
+
+    /**
      * Test for instanceof operator applied to a class javax.script.Invocable
      */
     @SuppressWarnings("cast")

From hsn at sanatana.filez.com  Wed Mar 19 12:10:34 2014
From: hsn at sanatana.filez.com (Radim Kolar)
Date: Wed, 19 Mar 2014 13:10:34 +0100
Subject: revive hg tags
In-Reply-To: <CAAxjCEyHoVr1W20NSqr6K4uts6GkGrQt4BKoBmmjob7+CrJ2ig@mail.gmail.com>
References: <5328A8AB.8020604@sanatana.filez.com>	<1390643506.1353566.1395186196291.JavaMail.zimbra@redhat.com>	<53296346.6010203@sanatana.filez.com>
	<CAAxjCEyHoVr1W20NSqr6K4uts6GkGrQt4BKoBmmjob7+CrJ2ig@mail.gmail.com>
Message-ID: <5329893A.5000001@sanatana.filez.com>

i am new to hg here is what it did to fetch repo:

Mercurial Distributed SCM (version 2.9.1)
(hsn at sanatana:pts/2):/tmp% hg clone http://icedtea.classpath.org/hg/icedtea7
destination directory: icedtea7
requesting all changes
adding changesets
adding manifests
adding file changes
added 2694 changesets with 15458 changes to 5271 files
updating to branch default
2014 files updated, 0 files merged, 0 files removed, 0 files unresolved
(hsn at sanatana:pts/2):/tmp% cd icedtea7/
(hsn at sanatana:pts/2):/tmp/icedtea7% hg tags
tip                             2693:b1043cc0cd82
icedtea-2.4-branchpoint         2646:d0b14be8cbf8
icedtea-2.3-branchpoint         2586:60c41b88775a
icedtea-2.2-branchpoint         2545:2917541bbda4
icedtea-2.1-branchpoint         2507:d35c742babc0
icedtea-2.0-branchpoint         2485:e4c9d9bd4a99
icedtea-1.14                    2438:1b47f8cc8c75
icedtea-1.13                    2334:13b9a6c00673
icedtea-1.12                    2054:d96a0228b792
icedtea-1.11                    1970:df574d432c00
icedtea-1.10                    1853:9729b3a51305
icedtea-1.9                     1766:db666234267c
icedtea6-1.4                    1596:2b1c03c1e9fa
icedtea6-1.4pre                 1594:6c02b699206d
icedtea-1.8                     1437:3ced1c5f1403
icedtea6-1.3.1                  1369:be368b1e3c7d
icedtea6-1.3                    1305:3ef9c9c4e70b
icedtea-1.7                     1037:8bbc4ffe2c7c
icedtea6-1.2                    1023:871b70407a13
icedtea6-1.1                     906:a5c32475a2e8
icedtea6-1.0                     761:38e6eb354632
icedtea-1.6                      604:bb3929528d3e
icedtea-1.5                      430:5ca86e9ca405
icedtea-1.4                      252:cb78e0fccf14
icedtea-1.3                      170:8ea2619c21cf
icedtea-1.2                      130:1ce086327b07
icedtea-1.1                       83:b639d73581e3
icedtea-1.0                        6:96e1bdfed80e

i checked out wrong repo?

From stefan at complang.tuwien.ac.at  Wed Mar 19 12:26:24 2014
From: stefan at complang.tuwien.ac.at (Stefan Ring)
Date: Wed, 19 Mar 2014 13:26:24 +0100
Subject: revive hg tags
In-Reply-To: <5329893A.5000001@sanatana.filez.com>
References: <5328A8AB.8020604@sanatana.filez.com>
	<1390643506.1353566.1395186196291.JavaMail.zimbra@redhat.com>
	<53296346.6010203@sanatana.filez.com>
	<CAAxjCEyHoVr1W20NSqr6K4uts6GkGrQt4BKoBmmjob7+CrJ2ig@mail.gmail.com>
	<5329893A.5000001@sanatana.filez.com>
Message-ID: <CAAxjCEygZFNEsHAquNCd3L_a-mhC+o_T6eNbYUf_6NksKWqi-A@mail.gmail.com>

On Wed, Mar 19, 2014 at 1:10 PM, Radim Kolar <hsn at sanatana.filez.com> wrote:
> i am new to hg here is what it did to fetch repo:
>
> Mercurial Distributed SCM (version 2.9.1)
> (hsn at sanatana:pts/2):/tmp% hg clone http://icedtea.classpath.org/hg/icedtea7

> i checked out wrong repo?

Oops, I get it now. Yes. The 2.4.x releases live in
<http://icedtea.classpath.org/hg/release/icedtea7-2.4/>.

From gnu.andrew at redhat.com  Wed Mar 19 14:54:57 2014
From: gnu.andrew at redhat.com (Andrew Hughes)
Date: Wed, 19 Mar 2014 10:54:57 -0400 (EDT)
Subject: revive hg tags
In-Reply-To: <CAAxjCEygZFNEsHAquNCd3L_a-mhC+o_T6eNbYUf_6NksKWqi-A@mail.gmail.com>
References: <5328A8AB.8020604@sanatana.filez.com>
	<1390643506.1353566.1395186196291.JavaMail.zimbra@redhat.com>
	<53296346.6010203@sanatana.filez.com>
	<CAAxjCEyHoVr1W20NSqr6K4uts6GkGrQt4BKoBmmjob7+CrJ2ig@mail.gmail.com>
	<5329893A.5000001@sanatana.filez.com>
	<CAAxjCEygZFNEsHAquNCd3L_a-mhC+o_T6eNbYUf_6NksKWqi-A@mail.gmail.com>
Message-ID: <358771329.1662729.1395240897879.JavaMail.zimbra@redhat.com>

----- Original Message -----
> On Wed, Mar 19, 2014 at 1:10 PM, Radim Kolar <hsn at sanatana.filez.com> wrote:
> > i am new to hg here is what it did to fetch repo:
> >
> > Mercurial Distributed SCM (version 2.9.1)
> > (hsn at sanatana:pts/2):/tmp% hg clone
> > http://icedtea.classpath.org/hg/icedtea7
> 
> > i checked out wrong repo?
> 
> Oops, I get it now. Yes. The 2.4.x releases live in
> <http://icedtea.classpath.org/hg/release/icedtea7-2.4/>.
> 

Yeah, this is also true of the later 1.x releases; at a certain point, they
are forked into their own repository (e.g. icedtea-2.x-branchpoint) and then
HEAD (the repository you checked out) becomes the next 2.(x + 1) release, while
2.x.y releases occur on the branch.

What is it you're looking for? For releases, we provide tarballs so you don't
need to check out the repositories unless you intend to submit a patch for a later
release.
-- 
Andrew :)

Free Java Software Engineer
Red Hat, Inc. (http://www.redhat.com)

PGP Key: 248BDC07 (https://keys.indymedia.org/)
Fingerprint = EC5A 1F5E C0AD 1D15 8F1F  8F91 3B96 A578 248B DC07


From hsn at sanatana.filez.com  Wed Mar 19 15:27:59 2014
From: hsn at sanatana.filez.com (Radim Kolar)
Date: Wed, 19 Mar 2014 16:27:59 +0100
Subject: revive hg tags
In-Reply-To: <358771329.1662729.1395240897879.JavaMail.zimbra@redhat.com>
References: <5328A8AB.8020604@sanatana.filez.com>
	<1390643506.1353566.1395186196291.JavaMail.zimbra@redhat.com>
	<53296346.6010203@sanatana.filez.com>
	<CAAxjCEyHoVr1W20NSqr6K4uts6GkGrQt4BKoBmmjob7+CrJ2ig@mail.gmail.com>
	<5329893A.5000001@sanatana.filez.com>
	<CAAxjCEygZFNEsHAquNCd3L_a-mhC+o_T6eNbYUf_6NksKWqi-A@mail.gmail.com>
	<358771329.1662729.1395240897879.JavaMail.zimbra@redhat.com>
Message-ID: <5329B77F.7010805@sanatana.filez.com>


> What is it you're looking for? For releases, we provide tarballs so you don't
> need to check out the repositories unless you intend to submit a patch for a later
> release.
I am researching what it takes to make it run on BSD.

From gnu.andrew at redhat.com  Wed Mar 19 15:38:59 2014
From: gnu.andrew at redhat.com (Andrew Hughes)
Date: Wed, 19 Mar 2014 11:38:59 -0400 (EDT)
Subject: revive hg tags
In-Reply-To: <5329B77F.7010805@sanatana.filez.com>
References: <5328A8AB.8020604@sanatana.filez.com>
	<1390643506.1353566.1395186196291.JavaMail.zimbra@redhat.com>
	<53296346.6010203@sanatana.filez.com>
	<CAAxjCEyHoVr1W20NSqr6K4uts6GkGrQt4BKoBmmjob7+CrJ2ig@mail.gmail.com>
	<5329893A.5000001@sanatana.filez.com>
	<CAAxjCEygZFNEsHAquNCd3L_a-mhC+o_T6eNbYUf_6NksKWqi-A@mail.gmail.com>
	<358771329.1662729.1395240897879.JavaMail.zimbra@redhat.com>
	<5329B77F.7010805@sanatana.filez.com>
Message-ID: <212143309.1687663.1395243539441.JavaMail.zimbra@redhat.com>



----- Original Message -----
> 
> > What is it you're looking for? For releases, we provide tarballs so you
> > don't
> > need to check out the repositories unless you intend to submit a patch for
> > a later
> > release.
> I am researching what it takes to make it run on BSD.
> 

Oh, I'd be very interested in that. Let me know how it goes or if there are any
changes needed.

Thanks,
-- 
Andrew :)

Free Java Software Engineer
Red Hat, Inc. (http://www.redhat.com)

PGP Key: 248BDC07 (https://keys.indymedia.org/)
Fingerprint = EC5A 1F5E C0AD 1D15 8F1F  8F91 3B96 A578 248B DC07


From bugzilla-daemon at icedtea.classpath.org  Wed Mar 19 17:31:27 2014
From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org)
Date: Wed, 19 Mar 2014 17:31:27 +0000
Subject: [Bug 1679] [IcedTea7] Allow OpenJDK to build on PaX-enabled kernels
In-Reply-To: <bug-1679-30@http.icedtea.classpath.org/bugzilla/>
References: <bug-1679-30@http.icedtea.classpath.org/bugzilla/>
Message-ID: <bug-1679-30-DqTEu6RlqW@http.icedtea.classpath.org/bugzilla/>

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1679

--- Comment #8 from Andrew John Hughes <gnu.andrew at redhat.com> ---
Eventually, yes.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140319/8edf1886/attachment.html>

From andrew at icedtea.classpath.org  Wed Mar 19 17:33:49 2014
From: andrew at icedtea.classpath.org (andrew at icedtea.classpath.org)
Date: Wed, 19 Mar 2014 17:33:49 +0000
Subject: /hg/icedtea6: 2 new changesets
Message-ID: <hg.7d844153dc95.1395250430.2873452341184383832@icedtea.classpath.org>

changeset 7d844153dc95 in /hg/icedtea6
details: http://icedtea.classpath.org/hg/icedtea6?cmd=changeset;node=7d844153dc95
author: Andrew John Hughes <gnu.andrew at redhat.com>
date: Tue Mar 18 12:32:37 2014 +0000

	S8013057: Detect mmap() commit failures in Linux and Solaris os::commit_memory() impls and call vm_exit_out_of_memory()
	S7151089: PS NUMA: NUMA allocator should not attempt to free pages when using SHM large pages
	S8026887: Make issues due to failed large pages allocations easier to debug

	2014-03-17  Andrew John Hughes  <gnu.andrew at redhat.com>

		* Makefile.am:
		(ICEDTEA_PATCHES): Add new patches.
		* NEWS: Updated.
		* patches/openjdk/7151089-numa_should_not_free_shm_large_pages.patch,
		* patches/openjdk/8013057-detect_mmap_commit_failures.patch,
		* patches/openjdk/8026887-make_large_page_allocations_easier_to_debug.patch:
		Backports to improve mmap failure output.


changeset 975cb4907b2e in /hg/icedtea6
details: http://icedtea.classpath.org/hg/icedtea6?cmd=changeset;node=975cb4907b2e
author: Andrew John Hughes <gnu.andrew at redhat.com>
date: Wed Mar 19 17:33:09 2014 +0000

	PR1714: Update PaX support to detect running PaX kernel and use newer tools

	2014-02-19  Andrew John Hughes  <gnu.andrew at member.fsf.org>

		PR1714: Update PaX support to detect running PaX
		kernel and use newer tools
		* Makefile.am:
		(clean-local): Remove clean-icedtea, clean-icedtea-debug
		and clean-icedtea-ecj; pulled in by dependents.
		(.PHONY): Add clean-runnable-icedtea, clean-runnable-icedtea-debug
		and clean-runnable-icedtea-ecj.
		(runnable-icedtea): Depend on icedtea and pax-mark-vm.
		(clean-runnable-icedtea): Clean stamp.
		(icedtea-against-icedtea): Depend on runnable-icedtea rather
		than icedtea and pax-mark-vm.
		(clean-icedtea-against-icedtea): Depend on clean-runnable-icedtea rather
		than clean-pax-mark-vm.
		(runnable-icedtea-debug): Depend on icedtea-debug and pax-mark-vm-debug.
		(clean-runnable-icedtea-debug): Clean stamp.
		(icedtea-debug-against-icedtea): Depend on runnable-icedtea-debug rather
		than icedtea-debug and pax-mark-vm-debug.
		(clean-icedtea-debug-against-icedtea): Depend on clean-runnable-icedtea-debug
		rather than clean-pax-mark-vm.
		(add-archive): Depend on runnable-icedtea as the target executes java.
		(add-archive-debug): Likewise with runnable-icedtea-debug.
		(check-crypto): Depend on runnable-icedtea as the target executes java.
		(check-crypto-debug): Likewise with runnable-icedtea-debug.
		(runnable-icedtea-ecj): Depend on icedtea-ecj and pax-mark-vm-ecj.
		(clean-runnable-icedtea-ecj): Clean stamp.
		(icedtea-against-ecj): Depend on runnable-icedtea-ecj rather
		than icedtea-ecj and pax-mark-vm-ecj.
		(clean-icedtea-against-ecj): Depend on clean-runnable-icedtea-ecj
		rather than clean-pax-mark-vm.
		(add-archive-ecj): Depend on runnable-icedtea-ecj as the target executes java.
		(check-crypto-boot): Depend on runnable-icedtea-ecj as the target executes java.
		* NEWS: Updated.
		* acinclude.m4:
		(IT_HAS_PAX): New macro to detect whether the running
		kernel uses PaX.
		(IT_WITH_PAX): Rewritten to search for PaX tools -
		currently paxmark.sh, paxctl-ng, chpax and paxctl -
		and fail if a tool isn't found and a PaX kernel is
		being used.


diffstat:

 ChangeLog                                                                 |   52 +
 Makefile.am                                                               |   66 +-
 NEWS                                                                      |    7 +
 acinclude.m4                                                              |   95 +-
 patches/openjdk/7151089-numa_should_not_free_shm_large_pages.patch        |   29 +
 patches/openjdk/8013057-detect_mmap_commit_failures.patch                 |  867 ++++++++++
 patches/openjdk/8026887-make_large_page_allocations_easier_to_debug.patch |   81 +
 7 files changed, 1144 insertions(+), 53 deletions(-)

diffs (truncated from 1348 to 500 lines):

diff -r 963a9ab43d7f -r 975cb4907b2e ChangeLog
--- a/ChangeLog	Thu Jan 30 21:38:08 2014 +0000
+++ b/ChangeLog	Wed Mar 19 17:33:09 2014 +0000
@@ -1,3 +1,55 @@
+2014-02-19  Andrew John Hughes  <gnu.andrew at member.fsf.org>
+
+	PR1714: Update PaX support to detect running PaX
+	kernel and use newer tools
+	* Makefile.am:
+	(clean-local): Remove clean-icedtea, clean-icedtea-debug
+	and clean-icedtea-ecj; pulled in by dependents.
+	(.PHONY): Add clean-runnable-icedtea, clean-runnable-icedtea-debug
+	and clean-runnable-icedtea-ecj.
+	(runnable-icedtea): Depend on icedtea and pax-mark-vm.
+	(clean-runnable-icedtea): Clean stamp.
+	(icedtea-against-icedtea): Depend on runnable-icedtea rather
+	than icedtea and pax-mark-vm.
+	(clean-icedtea-against-icedtea): Depend on clean-runnable-icedtea rather
+	than clean-pax-mark-vm.
+	(runnable-icedtea-debug): Depend on icedtea-debug and pax-mark-vm-debug.
+	(clean-runnable-icedtea-debug): Clean stamp.
+	(icedtea-debug-against-icedtea): Depend on runnable-icedtea-debug rather
+	than icedtea-debug and pax-mark-vm-debug.
+	(clean-icedtea-debug-against-icedtea): Depend on clean-runnable-icedtea-debug
+	rather than clean-pax-mark-vm.
+	(add-archive): Depend on runnable-icedtea as the target executes java.
+	(add-archive-debug): Likewise with runnable-icedtea-debug.
+	(check-crypto): Depend on runnable-icedtea as the target executes java.
+	(check-crypto-debug): Likewise with runnable-icedtea-debug.
+	(runnable-icedtea-ecj): Depend on icedtea-ecj and pax-mark-vm-ecj.
+	(clean-runnable-icedtea-ecj): Clean stamp.
+	(icedtea-against-ecj): Depend on runnable-icedtea-ecj rather
+	than icedtea-ecj and pax-mark-vm-ecj.
+	(clean-icedtea-against-ecj): Depend on clean-runnable-icedtea-ecj
+	rather than clean-pax-mark-vm.
+	(add-archive-ecj): Depend on runnable-icedtea-ecj as the target executes java.
+	(check-crypto-boot): Depend on runnable-icedtea-ecj as the target executes java.
+	* NEWS: Updated.
+	* acinclude.m4:
+	(IT_HAS_PAX): New macro to detect whether the running
+	kernel uses PaX.
+	(IT_WITH_PAX): Rewritten to search for PaX tools -
+	currently paxmark.sh, paxctl-ng, chpax and paxctl -
+	and fail if a tool isn't found and a PaX kernel is
+	being used.
+
+2014-03-17  Andrew John Hughes  <gnu.andrew at redhat.com>
+
+	* Makefile.am:
+	(ICEDTEA_PATCHES): Add new patches.
+	* NEWS: Updated.
+	* patches/openjdk/7151089-numa_should_not_free_shm_large_pages.patch,
+	* patches/openjdk/8013057-detect_mmap_commit_failures.patch,
+	* patches/openjdk/8026887-make_large_page_allocations_easier_to_debug.patch:
+	Backports to improve mmap failure output.
+
 2014-01-30  Andrew John Hughes  <gnu.andrew at redhat.com>
 
 	* NEWS: Add 1.11.15 release notes.
diff -r 963a9ab43d7f -r 975cb4907b2e Makefile.am
--- a/Makefile.am	Thu Jan 30 21:38:08 2014 +0000
+++ b/Makefile.am	Wed Mar 19 17:33:09 2014 +0000
@@ -630,7 +630,10 @@
 	patches/windows-jdk-sizecalc.patch \
 	patches/shark_fixes_from_8003868.patch \
 	patches/8003992_support_6.patch \
-	patches/shark-drop_compile_method_arg_following_7083786.patch
+	patches/shark-drop_compile_method_arg_following_7083786.patch \
+	patches/openjdk/7151089-numa_should_not_free_shm_large_pages.patch \
+	patches/openjdk/8013057-detect_mmap_commit_failures.patch \
+	patches/openjdk/8026887-make_large_page_allocations_easier_to_debug.patch
 
 if WITH_RHINO
 ICEDTEA_PATCHES += \
@@ -966,8 +969,8 @@
 	fi
 
 clean-local: clean-tests $(PULSE_JAVA_CLEAN_TARGET) \
- clean-icedtea clean-icedtea-debug clean-icedtea-ecj clean-extract clean-ports \
- clean-overlay clean-native-ecj clean-icedtea-against-icedtea clean-icedtea-debug-against-icedtea \
+ clean-extract clean-ports clean-overlay clean-native-ecj \
+ clean-icedtea-against-icedtea clean-icedtea-debug-against-icedtea \
  clean-icedtea-against-ecj clean-extract-ecj clean-generated clean-replace-hotspot \
  clean-rewriter clean-rewrite-rhino clean-rt clean-bootstrap-directory \
  clean-bootstrap-directory-ecj clean-bootstrap-directory-symlink \
@@ -1011,7 +1014,8 @@
 	clean-add-pulseaudio-ecj clean-add-nss-ecj clean-add-tzdata-support-ecj clean-fonts \
 	clean-download-hotspot clean-tests clean-tapset-report jtregcheck clean-pax-mark-vm \
 	clean-pax-mark-vm-debug clean-pax-mark-vm-ecj clean-check-crypto clean-check-crypto-debug \
-	clean-check-crypto-boot clean-cryptocheck
+	clean-check-crypto-boot clean-cryptocheck clean-runnable-icedtea clean-runnable-icedtea-debug \
+	clean-runnable-icedtea-ecj
 
 env:
 	@echo 'unset JAVA_HOME'
@@ -1720,31 +1724,44 @@
 	rm -rf $(DEBUG_BUILD_OUTPUT_DIR)
 	rm -f stamps/icedtea-debug.stamp
 
-stamps/icedtea-against-icedtea.stamp: stamps/icedtea.stamp \
+stamps/runnable-icedtea.stamp: stamps/icedtea.stamp stamps/pax-mark-vm.stamp
+	mkdir -p stamps
+	touch $@
+
+clean-runnable-icedtea: clean-icedtea clean-pax-mark-vm
+	rm -f stamps/runnable-icedtea.stamp
+
+stamps/icedtea-against-icedtea.stamp:  stamps/runnable-icedtea.stamp \
  stamps/add-jamvm.stamp stamps/add-cacao.stamp stamps/add-zero.stamp \
  stamps/add-systemtap.stamp stamps/add-pulseaudio.stamp stamps/add-nss.stamp \
- stamps/add-tzdata-support.stamp stamps/add-archive.stamp stamps/pax-mark-vm.stamp \
- stamps/check-crypto.stamp
+ stamps/add-tzdata-support.stamp stamps/add-archive.stamp stamps/check-crypto.stamp
 	mkdir -p stamps
 	touch $@
 
 clean-icedtea-against-icedtea: clean-add-jamvm clean-add-zero clean-add-cacao \
  clean-add-systemtap clean-add-pulseaudio clean-add-nss clean-add-tzdata-support \
- clean-add-archive clean-pax-mark-vm clean-check-crypto
+ clean-add-archive clean-check-crypto clean-runnable-icedtea
 	rm -f stamps/icedtea-against-icedtea.stamp
 
-stamps/icedtea-debug-against-icedtea.stamp: stamps/icedtea-debug.stamp \
+stamps/runnable-icedtea-debug.stamp: stamps/icedtea-debug.stamp stamps/pax-mark-vm-debug.stamp
+	mkdir -p stamps
+	touch $@
+
+clean-runnable-icedtea-debug: clean-icedtea-debug clean-pax-mark-vm-debug
+	rm -f stamps/runnable-icedtea-debug.stamp
+
+stamps/icedtea-debug-against-icedtea.stamp: stamps/runnable-icedtea-debug.stamp \
  stamps/add-jamvm-debug.stamp stamps/add-cacao-debug.stamp \
  stamps/add-zero-debug.stamp stamps/add-systemtap-debug.stamp stamps/add-pulseaudio-debug.stamp \
  stamps/add-nss-debug.stamp stamps/add-tzdata-support-debug.stamp stamps/add-archive-debug.stamp \
- stamps/pax-mark-vm-debug.stamp stamps/check-crypto-debug.stamp
+ stamps/check-crypto-debug.stamp
 	mkdir -p stamps
 	touch $@
 
 clean-icedtea-debug-against-icedtea: clean-add-zero-debug \
  clean-add-jamvm-debug clean-add-cacao-debug clean-add-systemtap-debug \
  clean-add-pulseaudio-debug clean-add-nss-debug clean-add-tzdata-support-debug \
- clean-add-archive-debug clean-pax-mark-vm-debug clean-check-crypto-debug
+ clean-add-archive-debug clean-runnable-icedtea-debug clean-check-crypto-debug
 	rm -f stamps/icedtea-debug-against-icedtea.stamp
 
 stamps/add-systemtap.stamp: stamps/icedtea.stamp
@@ -1986,7 +2003,7 @@
 	fi
 	rm -f stamps/add-tzdata-support-debug.stamp
 
-stamps/add-archive.stamp: stamps/icedtea.stamp
+stamps/add-archive.stamp: stamps/runnable-icedtea.stamp
 if !ENABLE_JAMVM
 if !ENABLE_CACAO
 if !ZERO_BUILD
@@ -2002,7 +2019,7 @@
 	rm -vf $(BUILD_OUTPUT_DIR)/j2sdk-image/jre/lib/$(INSTALL_ARCH_DIR)/*/*.jsa
 	rm -f stamps/add-archive.stamp
 
-stamps/add-archive-debug.stamp: stamps/icedtea-debug.stamp
+stamps/add-archive-debug.stamp: stamps/runnable-icedtea-debug.stamp
 if !ENABLE_JAMVM
 if !ENABLE_CACAO
 if !ZERO_BUILD
@@ -2036,7 +2053,7 @@
 clean-pax-mark-vm-debug:
 	rm -f stamps/pax-mark-vm-debug.stamp
 
-stamps/check-crypto.stamp: stamps/cryptocheck.stamp stamps/icedtea.stamp
+stamps/check-crypto.stamp: stamps/cryptocheck.stamp stamps/runnable-icedtea.stamp
 	if [ -e $(BUILD_OUTPUT_DIR)/j2sdk-image/bin/java ] ; then \
 	  $(BUILD_OUTPUT_DIR)/j2sdk-image/bin/java -cp $(CRYPTO_CHECK_BUILD_DIR) TestCryptoLevel ; \
 	fi
@@ -2046,7 +2063,7 @@
 clean-check-crypto:
 	rm -f stamps/check-crypto.stamp
 
-stamps/check-crypto-debug.stamp: stamps/cryptocheck.stamp stamps/icedtea-debug.stamp
+stamps/check-crypto-debug.stamp: stamps/cryptocheck.stamp stamps/runnable-icedtea-debug.stamp
 	if [ -e $(DEBUG_BUILD_OUTPUT_DIR)/j2sdk-image/bin/java ] ; then \
 	  $(DEBUG_BUILD_OUTPUT_DIR)/j2sdk-image/bin/java -cp $(CRYPTO_CHECK_BUILD_DIR) TestCryptoLevel ; \
 	fi
@@ -2075,14 +2092,21 @@
 	rm -rf $(ECJ_BUILD_OUTPUT_DIR)
 	rm -f stamps/icedtea-ecj.stamp
 
-stamps/icedtea-against-ecj.stamp: stamps/icedtea-ecj.stamp stamps/add-systemtap-ecj.stamp \
- stamps/add-pulseaudio-ecj.stamp stamps/add-nss-ecj.stamp stamps/add-tzdata-support-ecj.stamp \
- stamps/add-archive-ecj.stamp stamps/pax-mark-vm-ecj.stamp stamps/check-crypto-boot.stamp
+stamps/runnable-icedtea-ecj.stamp: stamps/icedtea-ecj.stamp stamps/pax-mark-vm-ecj.stamp
 	mkdir -p stamps
 	touch $@
 
+clean-runnable-icedtea-ecj: clean-icedtea-ecj clean-pax-mark-vm-ecj
+	rm -f stamps/runnable-icedtea-ecj.stamp
+
+stamps/icedtea-against-ecj.stamp: stamps/runnable-icedtea-ecj.stamp stamps/add-systemtap-ecj.stamp \
+ stamps/add-pulseaudio-ecj.stamp stamps/add-nss-ecj.stamp stamps/add-tzdata-support-ecj.stamp \
+ stamps/add-archive-ecj.stamp stamps/check-crypto-boot.stamp
+	mkdir -p stamps
+	touch $@
+
 clean-icedtea-against-ecj: clean-add-systemtap-ecj clean-add-pulseaudio-ecj clean-add-nss-ecj \
- clean-add-tzdata-support-ecj clean-add-archive-ecj clean-pax-mark-vm-ecj clean-check-crypto-boot
+ clean-add-tzdata-support-ecj clean-add-archive-ecj clean-runnable-icedtea-ecj clean-check-crypto-boot
 	rm -f stamps/icedtea-against-ecj.stamp
 
 stamps/add-systemtap-ecj.stamp: stamps/icedtea-ecj.stamp
@@ -2205,7 +2229,7 @@
 	fi
 	rm -f stamps/add-tzdata-support-ecj.stamp
 
-stamps/add-archive-ecj.stamp: stamps/icedtea-ecj.stamp
+stamps/add-archive-ecj.stamp: stamps/runnable-icedtea-ecj.stamp
 if !ENABLE_JAMVM
 if !ENABLE_CACAO
 if !ZERO_BUILD
@@ -2230,7 +2254,7 @@
 clean-pax-mark-vm-ecj:
 	rm -f stamps/pax-mark-vm-ecj.stamp
 
-stamps/check-crypto-boot.stamp: stamps/cryptocheck.stamp stamps/icedtea-ecj.stamp
+stamps/check-crypto-boot.stamp: stamps/cryptocheck.stamp stamps/runnable-icedtea-ecj.stamp
 	if [ -e $(ECJ_BUILD_OUTPUT_DIR)/j2sdk-image/bin/java ] ; then \
 	  $(ECJ_BUILD_OUTPUT_DIR)/j2sdk-image/bin/java -cp $(CRYPTO_CHECK_BUILD_DIR) TestCryptoLevel ; \
 	fi
diff -r 963a9ab43d7f -r 975cb4907b2e NEWS
--- a/NEWS	Thu Jan 30 21:38:08 2014 +0000
+++ b/NEWS	Wed Mar 19 17:33:09 2014 +0000
@@ -14,6 +14,13 @@
 
 New in release 1.14.0 (201X-XX-XX):
 
+* Backports
+  - S7151089: PS NUMA: NUMA allocator should not attempt to free pages when using SHM large pages
+  - S8013057: Detect mmap() commit failures in Linux and Solaris os::commit_memory() impls and call vm_exit_out_of_memory()
+  - S8026887: Make issues due to failed large pages allocations easier to debug
+* Bug fixes
+  - PR1714: Update PaX support to detect running PaX kernel and use newer tools
+
 New in release 1.11.15 (2014-01-21):
 
 * Security fixes
diff -r 963a9ab43d7f -r 975cb4907b2e acinclude.m4
--- a/acinclude.m4	Thu Jan 30 21:38:08 2014 +0000
+++ b/acinclude.m4	Wed Mar 19 17:33:09 2014 +0000
@@ -2139,48 +2139,79 @@
   AM_CONDITIONAL([VM_SUPPORTS_XBOOTCLASSPATH], test x"${it_cv_xbootclasspath_works}" = "xyes")
 ])
 
+AC_DEFUN_ONCE([IT_HAS_PAX],
+[
+  AC_MSG_CHECKING([if a PaX kernel is in use])
+  if cat /proc/self/status | grep '^PaX' >&AS_MESSAGE_LOG_FD 2>&1; then
+    pax_active=yes;
+  else
+    pax_active=no;
+  fi
+  AC_MSG_RESULT([${pax_active}])
+  AM_CONDITIONAL([USING_PAX], test x"${pax_active}" = "xyes")
+])
+
 AC_DEFUN_ONCE([IT_WITH_PAX],
 [
-  AC_MSG_CHECKING([for pax utility to use])
+  AC_REQUIRE([IT_HAS_PAX])
+  PAX_DEFAULT=/usr/sbin/paxmark.sh
+  AC_MSG_CHECKING([if a PaX utility was specified])
   AC_ARG_WITH([pax],
               [AS_HELP_STRING(--with-pax=COMMAND,the command used for pax marking)],
   [
-    PAX_COMMAND=${withval}
-    if test "x${PAX_COMMAND}" = "xno"; then
-      PAX_COMMAND="not specified"
+    if test "x${withval}" = "xyes"; then
+      PAX_COMMAND=no
+    else
+      PAX_COMMAND="${withval}"
     fi
   ],
   [ 
+    PAX_COMMAND=no
+  ])
+  AC_MSG_RESULT(${PAX_COMMAND})
+  if test "x${PAX_COMMAND}" == "xno"; then
+    PAX_COMMAND=${PAX_DEFAULT}
+  fi
+  AC_MSG_CHECKING([if $PAX_COMMAND is a valid executable file])
+  if test -x "${PAX_COMMAND}" && test -f "${PAX_COMMAND}"; then
+    AC_MSG_RESULT([yes])
+  else
+    AC_MSG_RESULT([no])
+    PAX_COMMAND=""
+    AC_PATH_PROG(PAX_COMMAND, "paxmark.sh")
+    if test -z "${PAX_COMMAND}"; then
+      AC_PATH_PROG(PAX_COMMAND, "paxctl-ng")
+    fi
+    if test -z "${PAX_COMMAND}"; then
+      AC_PATH_PROG(PAX_COMMAND, "chpax")
+    fi
+    if test -z "${PAX_COMMAND}"; then
+      AC_PATH_PROG(PAX_COMMAND, "paxctl")
+    fi
+    if test -z "${PAX_COMMAND}"; then
+      if test "x${pax_active}" = "xyes"; then
+        AC_MSG_ERROR("No PaX utility found and running on a PaX kernel.")
+      else
+        AC_MSG_WARN("No PaX utility found.")
+      fi
+    fi
+  fi
+  if test -z "${PAX_COMMAND}"; then
     PAX_COMMAND="not specified"
-  ])
-  case "x${PAX_COMMAND}" in
-    xchpax)
-      case "${host_cpu}" in
-        i?86)
-          PAX_COMMAND_ARGS="-msp"
-          ;;
-        *)
-          PAX_COMMAND_ARGS="-m"
-          ;;
-      esac
-      ;;
-    xpaxctl)
-      case "${host_cpu}" in
-        i?86)
-          PAX_COMMAND_ARGS="-msp"
-          ;;
-        *)
-          PAX_COMMAND_ARGS="-m"
-          ;;
-      esac
-      ;;
-    *)
-      PAX_COMMAND="not specified"
-      PAX_COMMAND_ARGS="not specified"
-      ;;
-  esac
+    PAX_COMMAND_ARGS="not specified"
+  else
+    AC_MSG_CHECKING([which options to pass to ${PAX_COMMAND}])
+    case "${host_cpu}" in
+      i?86)
+        PAX_COMMAND_ARGS="-msp"
+        ;;
+      *)
+        PAX_COMMAND_ARGS="-m"
+        ;;
+    esac
+    AC_MSG_RESULT(${PAX_COMMAND_ARGS})
+  fi
   AM_CONDITIONAL(WITH_PAX, test "x${PAX_COMMAND}" != "xnot specified")
-  AC_MSG_RESULT(${PAX_COMMAND})
   AC_SUBST(PAX_COMMAND)
   AC_SUBST(PAX_COMMAND_ARGS)
 ])
diff -r 963a9ab43d7f -r 975cb4907b2e patches/openjdk/7151089-numa_should_not_free_shm_large_pages.patch
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/patches/openjdk/7151089-numa_should_not_free_shm_large_pages.patch	Wed Mar 19 17:33:09 2014 +0000
@@ -0,0 +1,29 @@
+# HG changeset patch
+# User iveresov
+# Date 1331583127 25200
+#      Mon Mar 12 13:12:07 2012 -0700
+# Node ID 3f0dff7a9cf590ef3e5d7f2dcf6c8247b65c9d10
+# Parent  3442eb7ef2d216d6bf655d537929a2d31a76a321
+7151089: PS NUMA: NUMA allocator should not attempt to free pages when using SHM large pages
+Summary: Don't attempt to uncommit SHM-based large pages
+Reviewed-by: kvn
+
+diff -r 3442eb7ef2d2 -r 3f0dff7a9cf5 src/os/linux/vm/os_linux.cpp
+--- openjdk/hotspot/src/os/linux/vm/os_linux.cpp	Tue Jan 14 20:24:44 2014 -0500
++++ openjdk/hotspot/src/os/linux/vm/os_linux.cpp	Mon Mar 12 13:12:07 2012 -0700
+@@ -2568,7 +2568,14 @@
+ }
+ 
+ void os::free_memory(char *addr, size_t bytes, size_t alignment_hint) {
+-  commit_memory(addr, bytes, alignment_hint, false);
++  // This method works by doing an mmap over an existing mmaping and effectively discarding
++  // the existing pages. However it won't work for SHM-based large pages that cannot be
++  // uncommitted at all. We don't do anything in this case to avoid creating a segment with
++  // small pages on top of the SHM segment. This method always works for small pages, so we
++  // allow that in any case.
++  if (alignment_hint <= (size_t)os::vm_page_size() || !UseSHM) {
++    commit_memory(addr, bytes, alignment_hint, false);
++  }
+ }
+ 
+ void os::numa_make_global(char *addr, size_t bytes) {
diff -r 963a9ab43d7f -r 975cb4907b2e patches/openjdk/8013057-detect_mmap_commit_failures.patch
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/patches/openjdk/8013057-detect_mmap_commit_failures.patch	Wed Mar 19 17:33:09 2014 +0000
@@ -0,0 +1,867 @@
+# HG changeset patch
+# User dcubed
+# Date 1394474985 0
+#      Mon Mar 10 18:09:45 2014 +0000
+# Node ID cbdd11a54b82eb7731d16abbc6df3c9b4d42c78b
+# Parent  3f0dff7a9cf590ef3e5d7f2dcf6c8247b65c9d10
+8013057: assert(_needs_gc || SafepointSynchronize::is_at_safepoint()) failed: only read at safepoint
+Summary: Detect mmap() commit failures in Linux and Solaris os::commit_memory() impls and call vm_exit_out_of_memory(). Add os::commit_memory_or_exit(). Also tidy up some NMT accounting and some mmap() return value checking.
+Reviewed-by: zgu, stefank, dholmes, dsamersoff
+
+diff -r 3f0dff7a9cf5 -r cbdd11a54b82 src/os/bsd/vm/os_bsd.cpp
+--- openjdk/hotspot/src/os/bsd/vm/os_bsd.cpp	Mon Mar 12 13:12:07 2012 -0700
++++ openjdk/hotspot/src/os/bsd/vm/os_bsd.cpp	Mon Mar 10 18:09:45 2014 +0000
+@@ -2762,6 +2762,13 @@
+   }
+ }
+ 
++static void warn_fail_commit_memory(char* addr, size_t size, bool exec,
++                                    int err) {
++  warning("INFO: os::commit_memory(" PTR_FORMAT ", " SIZE_FORMAT
++          ", %d) failed; error='%s' (errno=%d)", addr, size, exec,
++          strerror(err), err);
++}
++
+ // NOTE: Bsd kernel does not really reserve the pages for us.
+ //       All it does is to check if there are enough free pages
+ //       left at the time of mmap(). This could be a potential
+@@ -2770,12 +2777,22 @@
+   int prot = exec ? PROT_READ|PROT_WRITE|PROT_EXEC : PROT_READ|PROT_WRITE;
+ #ifdef __OpenBSD__
+   // XXX: Work-around mmap/MAP_FIXED bug temporarily on OpenBSD
+-  return ::mprotect(addr, size, prot) == 0;
++  if (::mprotect(addr, size, prot) == 0) {
++    return true;
++  }
+ #else
+   uintptr_t res = (uintptr_t) ::mmap(addr, size, prot,
+                                    MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0);
+-  return res != (uintptr_t) MAP_FAILED;
++  if (res != (uintptr_t) MAP_FAILED) {
++    return true;
++  }
+ #endif
++
++  // Warn about any commit errors we see in non-product builds just
++  // in case mmap() doesn't work as described on the man page.
++  NOT_PRODUCT(warn_fail_commit_memory(addr, size, exec, errno);)
++
++  return false;
+ }
+ 
+ #ifndef _ALLBSD_SOURCE
+@@ -2803,9 +2820,27 @@
+   }
+ #endif
+ 
++  // alignment_hint is ignored on this OS
+   return commit_memory(addr, size, exec);
+ }
+ 
++void os::commit_memory_or_exit(char* addr, size_t size, bool exec,
++			       const char* mesg) {
++  assert(mesg != NULL, "mesg must be specified");
++  if (!pd_commit_memory(addr, size, exec)) {
++    // add extra info in product mode for vm_exit_out_of_memory():
++    PRODUCT_ONLY(warn_fail_commit_memory(addr, size, exec, errno);)
++    vm_exit_out_of_memory(size, mesg);
++  }
++}
++
++void os::commit_memory_or_exit(char* addr, size_t size,
++			       size_t alignment_hint, bool exec,
++			       const char* mesg) {
++  // alignment_hint is ignored on this OS
++  pd_commit_memory_or_exit(addr, size, exec, mesg);
++}
++
+ void os::realign_memory(char *addr, size_t bytes, size_t alignment_hint) {
+ #ifndef _ALLBSD_SOURCE
+   if (UseHugeTLBFS && alignment_hint > (size_t)vm_page_size()) {
+@@ -2970,7 +3005,7 @@
+ }
+ 
+ bool os::create_stack_guard_pages(char* addr, size_t size) {
+-  return os::commit_memory(addr, size);
++  return os::commit_memory(addr, size, !ExecMem);
+ }
+ 
+ // If this is a growable mapping, remove the guard pages entirely by
+@@ -4467,7 +4502,7 @@
+ 
+   if (!UseMembar) {
+     address mem_serialize_page = (address) ::mmap(NULL, Bsd::page_size(), PROT_READ | PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0);
+-    guarantee( mem_serialize_page != NULL, "mmap Failed for memory serialize page");
++    guarantee( mem_serialize_page != MAP_FAILED, "mmap Failed for memory serialize page");
+     os::set_memory_serialize_page( mem_serialize_page );
+ 
+ #ifndef PRODUCT
+diff -r 3f0dff7a9cf5 -r cbdd11a54b82 src/os/bsd/vm/perfMemory_bsd.cpp
+--- openjdk/hotspot/src/os/bsd/vm/perfMemory_bsd.cpp	Mon Mar 12 13:12:07 2012 -0700
++++ openjdk/hotspot/src/os/bsd/vm/perfMemory_bsd.cpp	Mon Mar 10 18:09:45 2014 +0000
+@@ -1,5 +1,5 @@
+ /*
+- * Copyright (c) 2001, 2010, Oracle and/or its affiliates. All rights reserved.

From bugzilla-daemon at icedtea.classpath.org  Wed Mar 19 17:34:14 2014
From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org)
Date: Wed, 19 Mar 2014 17:34:14 +0000
Subject: [Bug 1714] [IcedTea6] Update PaX support to detect running PaX
	kernel and use newer tools
In-Reply-To: <bug-1714-30@http.icedtea.classpath.org/bugzilla/>
References: <bug-1714-30@http.icedtea.classpath.org/bugzilla/>
Message-ID: <bug-1714-30-aSASJdsGMc@http.icedtea.classpath.org/bugzilla/>

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1714

--- Comment #1 from hg commits <mercurial at icedtea.classpath.org> ---
details:
http://icedtea.classpath.org//hg/icedtea6?cmd=changeset;node=975cb4907b2e
author: Andrew John Hughes <gnu.andrew at redhat.com>
date: Wed Mar 19 17:33:09 2014 +0000

    PR1714: Update PaX support to detect running PaX kernel and use newer tools

    2014-02-19  Andrew John Hughes  <gnu.andrew at member.fsf.org>

        PR1714: Update PaX support to detect running PaX
        kernel and use newer tools
        * Makefile.am:
        (clean-local): Remove clean-icedtea, clean-icedtea-debug
        and clean-icedtea-ecj; pulled in by dependents.
        (.PHONY): Add clean-runnable-icedtea, clean-runnable-icedtea-debug
        and clean-runnable-icedtea-ecj.
        (runnable-icedtea): Depend on icedtea and pax-mark-vm.
        (clean-runnable-icedtea): Clean stamp.
        (icedtea-against-icedtea): Depend on runnable-icedtea rather
        than icedtea and pax-mark-vm.
        (clean-icedtea-against-icedtea): Depend on clean-runnable-icedtea
rather
        than clean-pax-mark-vm.
        (runnable-icedtea-debug): Depend on icedtea-debug and
pax-mark-vm-debug.
        (clean-runnable-icedtea-debug): Clean stamp.
        (icedtea-debug-against-icedtea): Depend on runnable-icedtea-debug
rather
        than icedtea-debug and pax-mark-vm-debug.
        (clean-icedtea-debug-against-icedtea): Depend on
clean-runnable-icedtea-debug
        rather than clean-pax-mark-vm.
        (add-archive): Depend on runnable-icedtea as the target executes java.
        (add-archive-debug): Likewise with runnable-icedtea-debug.
        (check-crypto): Depend on runnable-icedtea as the target executes java.
        (check-crypto-debug): Likewise with runnable-icedtea-debug.
        (runnable-icedtea-ecj): Depend on icedtea-ecj and pax-mark-vm-ecj.
        (clean-runnable-icedtea-ecj): Clean stamp.
        (icedtea-against-ecj): Depend on runnable-icedtea-ecj rather
        than icedtea-ecj and pax-mark-vm-ecj.
        (clean-icedtea-against-ecj): Depend on clean-runnable-icedtea-ecj
        rather than clean-pax-mark-vm.
        (add-archive-ecj): Depend on runnable-icedtea-ecj as the target
executes java.
        (check-crypto-boot): Depend on runnable-icedtea-ecj as the target
executes java.
        * NEWS: Updated.
        * acinclude.m4:
        (IT_HAS_PAX): New macro to detect whether the running
        kernel uses PaX.
        (IT_WITH_PAX): Rewritten to search for PaX tools -
        currently paxmark.sh, paxctl-ng, chpax and paxctl -
        and fail if a tool isn't found and a PaX kernel is
        being used.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140319/bfdea44f/attachment.html>

From bugzilla-daemon at icedtea.classpath.org  Thu Mar 20 00:34:29 2014
From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org)
Date: Thu, 20 Mar 2014 00:34:29 +0000
Subject: [Bug 1665]
	/opt/icedtea-2.4.5/generated.build/sun/misc/Version.java.temp /bin/sed:
	-e expression #5, char 21: unknown option to `s'
In-Reply-To: <bug-1665-30@http.icedtea.classpath.org/bugzilla/>
References: <bug-1665-30@http.icedtea.classpath.org/bugzilla/>
Message-ID: <bug-1665-30-1mIRPOFqk1@http.icedtea.classpath.org/bugzilla/>

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1665

Andrew John Hughes <gnu.andrew at redhat.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |RESOLVED
         Resolution|---                         |INVALID
           Severity|blocker                     |normal

--- Comment #1 from Andrew John Hughes <gnu.andrew at redhat.com> ---
Your problem here is:

's/@@distro_name@@/n/a/g'

with the 'n/a' value resulting in an extra / which confuses sed.

The 'n/a' value comes from $(DISTRO_NAME) which is set by the IcedTea build to
$(DIST_NAME), a value set from the result of lsb_release. So, the problem here
is what lsb_release -is returns on your system.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140320/3376a1e4/attachment.html>

From bugzilla-daemon at icedtea.classpath.org  Thu Mar 20 00:37:01 2014
From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org)
Date: Thu, 20 Mar 2014 00:37:01 +0000
Subject: [Bug 1712] [IcedTea6] Allow -Werror to be turned off in the HotSpot
	build
In-Reply-To: <bug-1712-30@http.icedtea.classpath.org/bugzilla/>
References: <bug-1712-30@http.icedtea.classpath.org/bugzilla/>
Message-ID: <bug-1712-30-vcbcYZuXA7@http.icedtea.classpath.org/bugzilla/>

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1712

Andrew John Hughes <gnu.andrew at redhat.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                URL|                            |https://bugs.gentoo.org/sho
                   |                            |w_bug.cgi?id=455426

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140320/7914760e/attachment.html>

From hsn at sanatana.filez.com  Thu Mar 20 00:53:28 2014
From: hsn at sanatana.filez.com (Radim Kolar)
Date: Thu, 20 Mar 2014 01:53:28 +0100
Subject: build with bsd userland
Message-ID: <532A3C08.6090803@sanatana.filez.com>

on bsd systems, gnu versions of utils are installed with g prefix, such 
as gsed instead of sed.

this patch adds checking for such versions and uses them if found in 
path. With this patch it bootrap icedtea build system correctly on fbsd 10.

it still does not build openjdk out of box with patch, fails on:

gmake[1]: Entering directory `/home/hsn/live/icedtea7/openjdk-boot'
jdk/make/common/shared/Defs.gmk:194: "WARNING: Value of ARCH cannot be 
empty, will use ''"
jdk/make/common/shared/Defs.gmk:194: "WARNING: Value of PLATFORM cannot 
be empty, will use ''"
jdk/make/common/shared/Defs.gmk:397: jdk/make/common/shared/Defs-.gmk: 
No such file or directory
jdk/make/common/shared/Defs.gmk:674: 
jdk/make/common/shared/Compiler-.gmk: No such file or directory
gmake[1]: *** No rule to make target 
`jdk/make/common/shared/Compiler-.gmk'.  Stop.

I did not discovered where these variables are supposed to be set, after 
setting this manually to linux, it crosscompiles major portion of JDK.
-------------- next part --------------
diff -r b1043cc0cd82 Makefile.am
--- a/Makefile.am	Sat Mar 08 18:06:34 2014 +0000
+++ b/Makefile.am	Thu Mar 20 01:46:41 2014 +0100
@@ -1141,7 +1141,7 @@
 	      *.zip) $(UNZIP) -q $(OPENJDK_SRC_ZIP) ;; \
 	      *.tar.*) $(TAR) xf $(OPENJDK_SRC_ZIP) ;; \
 	    esac; \
-	    mv `echo $(ICEDTEA_PREFIX)|sed 's#\.#-#'`-$(OPENJDK_CHANGESET) openjdk ; \
+	    mv `echo $(ICEDTEA_PREFIX)|$(SED) 's#\.#-#'`-$(OPENJDK_CHANGESET) openjdk ; \
 	  else \
 	    echo "ERROR: Couldn't extract OpenJDK"; \
 	    false; \
@@ -1486,7 +1486,7 @@
 	if test x"$(VERSION_SUFFIX)" != "x"; then \
 	  ver_suffix="-$(VERSION_SUFFIX)"; \
 	fi ; \
-	sed -i "s#BUILD_VARIANT_RELEASE)#BUILD_VARIANT_RELEASE)$${proj_suffix}$${ver_suffix}#" \
+	$(SED) -i "s#BUILD_VARIANT_RELEASE)#BUILD_VARIANT_RELEASE)$${proj_suffix}$${ver_suffix}#" \
 	  openjdk/jdk/make/common/shared/Defs.gmk;
 	mkdir -p stamps
 	touch $@
@@ -1718,13 +1718,13 @@
 	mkdir -p $(BUILD_OUTPUT_DIR)/j2sdk-image/tapset ; \
 	grep "client IGNORE" $(BUILD_JRE_ARCH_DIR)/jvm.cfg; \
 	if test $$? -eq 0; then \
-	  sed -e '/\/client\/libjvm.so/d' \
+	  $(SED) -e '/\/client\/libjvm.so/d' \
 	    < $(abs_top_builddir)/tapset/hotspot.stp \
 	    > $(BUILD_OUTPUT_DIR)/j2sdk-image/tapset/hotspot.stp; \
-	  sed -e '/\/client\/libjvm.so/d' \
+	  $(SED) -e '/\/client\/libjvm.so/d' \
 	    < $(abs_top_builddir)/tapset/hotspot_jni.stp \
 	    > $(BUILD_OUTPUT_DIR)/j2sdk-image/tapset/hotspot_jni.stp; \
-	  sed -e '/\/client\/libjvm.so/d' \
+	  $(SED) -e '/\/client\/libjvm.so/d' \
 	    < $(abs_top_builddir)/tapset/hotspot_gc.stp \
 	    > $(BUILD_OUTPUT_DIR)/j2sdk-image/tapset/hotspot_gc.stp; \
 	else \
@@ -1854,13 +1854,13 @@
 	mkdir -p $(DEBUG_BUILD_OUTPUT_DIR)/j2sdk-image/tapset ; \
 	grep "client IGNORE" $(BUILD_JRE_ARCH_DIR)/jvm.cfg; \
 	if test $$? -eq 0; then \
-	  sed -e '/\/client\/libjvm.so/d' \
+	  $(SED) -e '/\/client\/libjvm.so/d' \
 	    < $(abs_top_builddir)/tapset/hotspot.stp \
 	    > $(DEBUG_BUILD_OUTPUT_DIR)/j2sdk-image/tapset/hotspot.stp; \
-	  sed -e '/\/client\/libjvm.so/d' \
+	  $(SED) -e '/\/client\/libjvm.so/d' \
 	    < $(abs_top_builddir)/tapset/hotspot_jni.stp \
 	    > $(DEBUG_BUILD_OUTPUT_DIR)/j2sdk-image/tapset/hotspot_jni.stp; \
-	  sed -e '/\/client\/libjvm.so/d' \
+	  $(SED) -e '/\/client\/libjvm.so/d' \
 	    < $(abs_top_builddir)/tapset/hotspot_gc.stp \
 	    > $(DEBUG_BUILD_OUTPUT_DIR)/j2sdk-image/tapset/hotspot_gc.stp; \
 	else \
@@ -1991,13 +1991,13 @@
 	mkdir -p $(BOOT_BUILD_OUTPUT_DIR)/j2sdk-image/tapset ; \
 	grep "client IGNORE" $(BUILD_JRE_ARCH_DIR)/jvm.cfg; \
 	if test $$? -eq 0; then \
-	  sed -e '/\/client\/libjvm.so/d' \
+	  $(SED) -e '/\/client\/libjvm.so/d' \
 	    < $(abs_top_builddir)/tapset/hotspot.stp \
 	    > $(BOOT_BUILD_OUTPUT_DIR)/j2sdk-image/tapset/hotspot.stp; \
-	  sed -e '/\/client\/libjvm.so/d' \
+	  $(SED) -e '/\/client\/libjvm.so/d' \
 	    < $(abs_top_builddir)/tapset/hotspot_jni.stp \
 	    > $(BOOT_BUILD_OUTPUT_DIR)/j2sdk-image/tapset/hotspot_jni.stp; \
-	  sed -e '/\/client\/libjvm.so/d' \
+	  $(SED) -e '/\/client\/libjvm.so/d' \
 	    < $(abs_top_builddir)/tapset/hotspot_gc.stp \
 	    > $(BOOT_BUILD_OUTPUT_DIR)/j2sdk-image/tapset/hotspot_gc.stp; \
 	else \
@@ -2215,10 +2215,10 @@
 	  org.mozilla sun.org.mozilla && \
 	(cd rhino/rhino.old && \
 	 for files in `find -type f -not -name '*.class'` ; do \
-	   new_file=../rhino.new/`echo $$files|sed -e 's#org#sun/org#'` ; \
+	   new_file=../rhino.new/`echo $$files|$(SED) -e 's#org#sun/org#'` ; \
 	   mkdir -p `dirname $$new_file` ; \
 	   cp -v $$files $$new_file ; \
-	   sed -ie 's#org\.mozilla#sun.org.mozilla#g' $$new_file ; \
+	   $(SED) -ie 's#org\.mozilla#sun.org.mozilla#g' $$new_file ; \
 	 done \
 	) && \
 	(cd rhino/rhino.new && \
@@ -2274,7 +2274,7 @@
 clean-add-jamvm:
 	rm -rf $(BUILD_JRE_ARCH_DIR)/jamvm
 	if [ -e $(BUILD_JRE_ARCH_DIR)/jvm.cfg ] ; then \
-	  sed -i 's#-jamvm KNOWN#-jamvm ERROR#' $(BUILD_JRE_ARCH_DIR)/jvm.cfg ; \
+	  $(SED) -i 's#-jamvm KNOWN#-jamvm ERROR#' $(BUILD_JRE_ARCH_DIR)/jvm.cfg ; \
 	fi
 	rm -f stamps/add-jamvm.stamp
 
@@ -2292,7 +2292,7 @@
 clean-add-jamvm-debug:
 	rm -rf $(BUILD_DEBUG_JRE_ARCH_DIR)/jamvm
 	if [ -e $(BUILD_DEBUG_JRE_ARCH_DIR)/jvm.cfg ] ; then \
-	  sed -i 's#-jamvm KNOWN#-jamvm ERROR#' $(BUILD_DEBUG_JRE_ARCH_DIR)/jvm.cfg ; \
+	  $(SED) -i 's#-jamvm KNOWN#-jamvm ERROR#' $(BUILD_DEBUG_JRE_ARCH_DIR)/jvm.cfg ; \
 	fi
 	rm -f stamps/add-jamvm-debug.stamp
 
@@ -2345,7 +2345,7 @@
 clean-add-cacao:
 	rm -rf $(BUILD_JRE_ARCH_DIR)/cacao
 	if [ -e $(BUILD_JRE_ARCH_DIR)/jvm.cfg ] ; then \
-	  sed -i 's#-cacao KNOWN#-cacao ERROR#' $(BUILD_JRE_ARCH_DIR)/jvm.cfg ; \
+	  $(SED) -i 's#-cacao KNOWN#-cacao ERROR#' $(BUILD_JRE_ARCH_DIR)/jvm.cfg ; \
 	fi
 	rm -f stamps/add-cacao.stamp
 
@@ -2367,7 +2367,7 @@
 clean-add-cacao-debug:
 	rm -rf $(BUILD_DEBUG_JRE_ARCH_DIR)/cacao
 	if [ -e $(BUILD_DEBUG_JRE_ARCH_DIR)/jvm.cfg ] ; then \
-	  sed -i 's#-cacao KNOWN#-cacao ERROR#' $(BUILD_DEBUG_JRE_ARCH_DIR)/jvm.cfg ; \
+	  $(SED) -i 's#-cacao KNOWN#-cacao ERROR#' $(BUILD_DEBUG_JRE_ARCH_DIR)/jvm.cfg ; \
 	fi
 	rm -f stamps/add-cacao-debug.stamp
 
@@ -2435,8 +2435,8 @@
 	rm -rf $(BUILD_JRE_ARCH_DIR)/shark
 	rm -rf zerovm
 	if [ -e $(BUILD_JRE_ARCH_DIR)/jvm.cfg ] ; then \
-	  sed -i 's#-zero KNOWN#-zero ERROR#' $(BUILD_JRE_ARCH_DIR)/jvm.cfg ; \
-	  sed -i 's#-shark KNOWN#-shark ERROR#' $(BUILD_JRE_ARCH_DIR)/jvm.cfg ; \
+	  $(SED) -i 's#-zero KNOWN#-zero ERROR#' $(BUILD_JRE_ARCH_DIR)/jvm.cfg ; \
+	  $(SED) -i 's#-shark KNOWN#-shark ERROR#' $(BUILD_JRE_ARCH_DIR)/jvm.cfg ; \
 	fi
 	rm -f stamps/add-zero.stamp
 
@@ -2474,8 +2474,8 @@
 	rm -rf $(BUILD_DEBUG_JRE_ARCH_DIR)/shark
 	rm -rf zerovm
 	if [ -e $(BUILD_DEBUG_JRE_ARCH_DIR)/jvm.cfg ] ; then \
-	  sed -i 's#-zero KNOWN#-zero ERROR#' $(BUILD_DEBUG_JRE_ARCH_DIR)/jvm.cfg ; \
-	  sed -i 's#-shark KNOWN#-shark ERROR#' $(BUILD_DEBUG_JRE_ARCH_DIR)/jvm.cfg ; \
+	  $(SED) -i 's#-zero KNOWN#-zero ERROR#' $(BUILD_DEBUG_JRE_ARCH_DIR)/jvm.cfg ; \
+	  $(SED) -i 's#-shark KNOWN#-shark ERROR#' $(BUILD_DEBUG_JRE_ARCH_DIR)/jvm.cfg ; \
 	fi
 	rm -f stamps/add-zero-debug.stamp
 
@@ -2553,7 +2553,7 @@
 # FIXME: this might need some adjustment for other OS than Linux
 jtreg_processes = ps x -ww -o pid,ppid,args \
 	| awk '$$2 == 1 && $$3 ~ /^$(subst /,\/,/scratch)/' \
-	| sed 's,$(CURDIR)/$(sdkimg),<sdkimg>,g;s,$(CURDIR),<pwd>,g'
+	| $(SED) 's,$(CURDIR)/$(sdkimg),<sdkimg>,g;s,$(CURDIR),<pwd>,g'
 jtreg_pids = ps x --no-headers -ww -o pid,ppid,args \
 	| awk '$$2 == 1 && $$3 ~ /^$(subst /,\/,$(CURDIR)/$(sdkimg))/ {print $$1}'
 
@@ -2634,7 +2634,7 @@
 	   cd lib/rt ; \
 	   for dirs in $(ICEDTEA_BOOTSTRAP_RESOURCES) ; \
 	     do \
-	     destpath=`echo $$dirs|sed -e 's#$(LANGTOOLS)/##' -e 's#$(SHARE)/##'` ; \
+	     destpath=`echo $$dirs|$(SED) -e 's#$(LANGTOOLS)/##' -e 's#$(SHARE)/##'` ; \
 	     mkdir -p `dirname $$destpath` ; \
 	     cp -a ../../$$dirs $$destpath ; \
 	   done ; \
diff -r b1043cc0cd82 acinclude.m4
--- a/acinclude.m4	Sat Mar 08 18:06:34 2014 +0000
+++ b/acinclude.m4	Thu Mar 20 01:46:41 2014 +0100
@@ -657,6 +657,14 @@
  AC_SUBST([$1])
 ])
 
+AC_DEFUN([IT_FIND_TOOLS],
+[AC_PATH_PROGS([$1],[$2])
+ if test x"$$1" = x ; then
+   AC_MSG_ERROR([none program of $2 was found])
+ fi
+ AC_SUBST([$1])
+])
+
 AC_DEFUN_ONCE([IT_ENABLE_ZERO_BUILD],
 [
   AC_REQUIRE([IT_SET_ARCH_SETTINGS])
diff -r b1043cc0cd82 configure.ac
--- a/configure.ac	Sat Mar 08 18:06:34 2014 +0000
+++ b/configure.ac	Thu Mar 20 01:46:41 2014 +0100
@@ -18,24 +18,21 @@
 AC_PROG_CC
 AC_PROG_CXX
 
-IT_FIND_TOOL([MAKE], [make])
+IT_FIND_TOOLS([MAKE], [gmake make])
 IT_FIND_TOOL([GZIP], [gzip])
 IT_FIND_TOOL([ANT], [ant])
-IT_FIND_TOOL([FIND], [find])
-IT_FIND_TOOL([PATCH], [patch])
-IT_FIND_TOOL([TAR], [tar])
+IT_FIND_TOOLS([FIND], [gfind find])
+IT_FIND_TOOLS([PATCH], [gpatch patch])
+IT_FIND_TOOLS([TAR], [gtar tar])
 IT_FIND_TOOL([CHMOD], [chmod])
-IT_FIND_TOOL([SHA256SUM], [sha256sum])
+IT_FIND_TOOLS([SHA256SUM], [gsha256sum sha256sum])
 IT_FIND_TOOL([WGET], [wget])
 IT_FIND_TOOL([ZIP], [zip])
 IT_FIND_TOOL([UNZIP], [unzip])
 IT_FIND_TOOL([CPIO], [cpio])
 IT_FIND_TOOL([FILE], [file])
-AC_CHECK_TOOLS([FASTJAR], [fastjar jar])
-if test "x$FASTJAR" = x; then
-	AC_MSG_ERROR([Can't find fastjar or jar])
-fi
-AC_SUBST([FASTJAR])
+IT_FIND_TOOLS([FASTJAR], [fastjar jar])
+IT_FIND_TOOLS([SED],[gsed sed])
 AC_CHECK_TOOL([LDD], [ldd])
 dnl OpenJDK's README-builds.html lists gawk as a build dependency so we
 dnl check for it explicitly rather than using AC_PROG_AWK.

From andrew at icedtea.classpath.org  Thu Mar 20 02:06:31 2014
From: andrew at icedtea.classpath.org (andrew at icedtea.classpath.org)
Date: Thu, 20 Mar 2014 02:06:31 +0000
Subject: /hg/icedtea6: PR1712: Allow -Werror to be turned off in the HotS...
Message-ID: <hg.9ace699eb46a.1395281191.2873452341184383832@icedtea.classpath.org>

changeset 9ace699eb46a in /hg/icedtea6
details: http://icedtea.classpath.org/hg/icedtea6?cmd=changeset;node=9ace699eb46a
author: Andrew John Hughes <gnu.andrew at redhat.com>
date: Thu Mar 20 02:06:20 2014 +0000

	PR1712: Allow -Werror to be turned off in the HotSpot build

	2012-08-16  Andrew John Hughes  <gnu_andrew at member.fsf.org>

		PR1712: Allow -Werror to be turned off in the
		HotSpot build
		* Makefile.am:
		(WERROR_STATUS): Set to true or false
		depending on if ENABLE_WERROR is set or not.
		(ICEDTEA_ENV): Use WERROR_STATUS to set
		COMPILER_WARNINGS_FATAL.
		* acinclude.m4:
		(IT_ENABLE_WERROR): New macro to enable -Werror.
		This is disabled by default.
		* configure.ac: Call IT_ENABLE_WERROR.
		* javac.in: Handle stripping of arguments which
		take parameters, specifically -Xmaxwarns.
		* NEWS: Updated.


diffstat:

 ChangeLog    |  17 +++++++++++++++++
 Makefile.am  |   9 ++++++++-
 NEWS         |   1 +
 acinclude.m4 |  22 ++++++++++++++++++++++
 configure.ac |   1 +
 javac.in     |  11 +++++++++--
 6 files changed, 58 insertions(+), 3 deletions(-)

diffs (134 lines):

diff -r 975cb4907b2e -r 9ace699eb46a ChangeLog
--- a/ChangeLog	Wed Mar 19 17:33:09 2014 +0000
+++ b/ChangeLog	Thu Mar 20 02:06:20 2014 +0000
@@ -1,3 +1,20 @@
+2012-08-16  Andrew John Hughes  <gnu_andrew at member.fsf.org>
+
+	PR1712: Allow -Werror to be turned off in the
+	HotSpot build
+	* Makefile.am:
+	(WERROR_STATUS): Set to true or false
+	depending on if ENABLE_WERROR is set or not.
+	(ICEDTEA_ENV): Use WERROR_STATUS to set
+	COMPILER_WARNINGS_FATAL.
+	* acinclude.m4:
+	(IT_ENABLE_WERROR): New macro to enable -Werror.
+	This is disabled by default.
+	* configure.ac: Call IT_ENABLE_WERROR.
+	* javac.in: Handle stripping of arguments which
+	take parameters, specifically -Xmaxwarns.
+	* NEWS: Updated.
+
 2014-02-19  Andrew John Hughes  <gnu.andrew at member.fsf.org>
 
 	PR1714: Update PaX support to detect running PaX
diff -r 975cb4907b2e -r 9ace699eb46a Makefile.am
--- a/Makefile.am	Wed Mar 19 17:33:09 2014 +0000
+++ b/Makefile.am	Thu Mar 20 02:06:20 2014 +0000
@@ -778,6 +778,12 @@
 ICEDTEA_PKG = $(EMPTY) (${PKGVERSION})
 endif
 
+if ENABLE_WERROR
+WERROR_STATUS=true
+else
+WERROR_STATUS=false
+endif
+
 ICEDTEA_ENV = \
 	ALT_JDK_IMPORT_PATH="$(BOOT_DIR)" \
 	ANT="$(ANT)" \
@@ -820,7 +826,8 @@
 	ALT_OUTPUTDIR="$(BUILD_OUTPUT_DIR)" \
 	STATIC_CXX="false" \
 	BUILD_GCC=gcc$(GCC_SUFFIX) \
-	BUILD_CXX=g++$(GCC_SUFFIX)
+	BUILD_CXX=g++$(GCC_SUFFIX) \
+	COMPILER_WARNINGS_FATAL="$(WERROR_STATUS)"
 
 if ENABLE_CACAO
 ICEDTEA_ENV += \
diff -r 975cb4907b2e -r 9ace699eb46a NEWS
--- a/NEWS	Wed Mar 19 17:33:09 2014 +0000
+++ b/NEWS	Thu Mar 20 02:06:20 2014 +0000
@@ -20,6 +20,7 @@
   - S8026887: Make issues due to failed large pages allocations easier to debug
 * Bug fixes
   - PR1714: Update PaX support to detect running PaX kernel and use newer tools
+  - PR1712, G455426: Allow -Werror to be turned off in the HotSpot build
 
 New in release 1.11.15 (2014-01-21):
 
diff -r 975cb4907b2e -r 9ace699eb46a acinclude.m4
--- a/acinclude.m4	Wed Mar 19 17:33:09 2014 +0000
+++ b/acinclude.m4	Thu Mar 20 02:06:20 2014 +0000
@@ -2295,3 +2295,25 @@
   AC_MSG_RESULT([$enable_jar_compression])
   AM_CONDITIONAL([ENABLE_JAR_COMPRESSION], test x"${enable_jar_compression}" = "xyes")
 ])
+
+AC_DEFUN([IT_ENABLE_WERROR],
+[
+  AC_MSG_CHECKING([whether to enable -Werror])
+  AC_ARG_ENABLE([Werror],
+                [AS_HELP_STRING(--enable-Werror,build with -Werror [[default=no]])],
+  [
+    case "${enableval}" in
+      yes)
+        enable_werror=yes
+        ;;
+      *)
+        enable_werror=no
+        ;;
+    esac
+  ],
+  [
+    enable_werror=no
+  ])
+  AC_MSG_RESULT([$enable_werror])
+  AM_CONDITIONAL([ENABLE_WERROR], test x"${enable_werror}" = "xyes")
+])
diff -r 975cb4907b2e -r 9ace699eb46a configure.ac
--- a/configure.ac	Wed Mar 19 17:33:09 2014 +0000
+++ b/configure.ac	Thu Mar 20 02:06:20 2014 +0000
@@ -283,6 +283,7 @@
 IT_WITH_JAMVM_SRC_ZIP
 
 IT_DISABLE_OPTIMIZATIONS
+IT_ENABLE_WERROR
 IT_ENABLE_JAR_COMPRESSION
 IT_SET_SHARK_BUILD
 IT_ENABLE_ZERO_BUILD
diff -r 975cb4907b2e -r 9ace699eb46a javac.in
--- a/javac.in	Wed Mar 19 17:33:09 2014 +0000
+++ b/javac.in	Thu Mar 20 02:06:20 2014 +0000
@@ -1,7 +1,8 @@
 #!/usr/bin/perl -w
 use strict;
 use constant NO_DUP_ARGS => qw(-source -target -d -encoding);
-use constant STRIP_ARGS => qw(-Werror -implicit:none -J-Xbootclasspath/p:);
+use constant STRIP_ARGS_1 => qw(-Werror -implicit:none -J-Xbootclasspath/p:);
+use constant STRIP_ARGS_2 => qw(-Xmaxwarns);
 
 my $ECJ_WARNINGS="-nowarn";
 my $JAVAC_WARNINGS="-nowarn";
@@ -49,12 +50,18 @@
 	}
     }
 
-    for my $opt (STRIP_ARGS) 
+    for my $opt (STRIP_ARGS_1)
     {
 	my @indices = reverse grep {$new_args[$_] eq $opt} 0..$#new_args;
 	splice @new_args, $_, 1 for @indices;
     }
 
+    for my $opt (STRIP_ARGS_2) 
+    {
+	my @indices = reverse grep {$new_args[$_] eq $opt} 0..$#new_args;
+	splice @new_args, $_, 2 for @indices;
+    }
+
     return \@new_args;
 }
 

From bugzilla-daemon at icedtea.classpath.org  Thu Mar 20 02:06:41 2014
From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org)
Date: Thu, 20 Mar 2014 02:06:41 +0000
Subject: [Bug 1712] [IcedTea6] Allow -Werror to be turned off in the HotSpot
	build
In-Reply-To: <bug-1712-30@http.icedtea.classpath.org/bugzilla/>
References: <bug-1712-30@http.icedtea.classpath.org/bugzilla/>
Message-ID: <bug-1712-30-plEEtvtwyB@http.icedtea.classpath.org/bugzilla/>

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1712

--- Comment #1 from hg commits <mercurial at icedtea.classpath.org> ---
details:
http://icedtea.classpath.org//hg/icedtea6?cmd=changeset;node=9ace699eb46a
author: Andrew John Hughes <gnu.andrew at redhat.com>
date: Thu Mar 20 02:06:20 2014 +0000

    PR1712: Allow -Werror to be turned off in the HotSpot build

    2012-08-16  Andrew John Hughes  <gnu_andrew at member.fsf.org>

        PR1712: Allow -Werror to be turned off in the
        HotSpot build
        * Makefile.am:
        (WERROR_STATUS): Set to true or false
        depending on if ENABLE_WERROR is set or not.
        (ICEDTEA_ENV): Use WERROR_STATUS to set
        COMPILER_WARNINGS_FATAL.
        * acinclude.m4:
        (IT_ENABLE_WERROR): New macro to enable -Werror.
        This is disabled by default.
        * configure.ac: Call IT_ENABLE_WERROR.
        * javac.in: Handle stripping of arguments which
        take parameters, specifically -Xmaxwarns.
        * NEWS: Updated.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140320/2eb0ef07/attachment.html>

From ptisnovs at icedtea.classpath.org  Thu Mar 20 08:33:33 2014
From: ptisnovs at icedtea.classpath.org (ptisnovs at icedtea.classpath.org)
Date: Thu, 20 Mar 2014 08:33:33 +0000
Subject: /hg/rhino-tests: Added two new tests into ScriptExceptionClassTest.
Message-ID: <hg.6c88fa309557.1395304413.-6019694633368342460@icedtea.classpath.org>

changeset 6c88fa309557 in /hg/rhino-tests
details: http://icedtea.classpath.org/hg/rhino-tests?cmd=changeset;node=6c88fa309557
author: Pavel Tisnovsky <ptisnovs at redhat.com>
date: Thu Mar 20 09:34:13 2014 +0100

	Added two new tests into ScriptExceptionClassTest.


diffstat:

 ChangeLog                                        |   5 +
 src/org/RhinoTests/ScriptExceptionClassTest.java |  73 ++++++++++++++++++++++++
 2 files changed, 78 insertions(+), 0 deletions(-)

diffs (95 lines):

diff -r 5a1fcd8c099d -r 6c88fa309557 ChangeLog
--- a/ChangeLog	Wed Mar 19 11:01:26 2014 +0100
+++ b/ChangeLog	Thu Mar 20 09:34:13 2014 +0100
@@ -1,3 +1,8 @@
+2014-03-20  Pavel Tisnovsky  <ptisnovs at redhat.com>
+
+	* src/org/RhinoTests/ScriptExceptionClassTest.java:
+	Added two new tests into ScriptExceptionClassTest.
+
 2014-03-19  Pavel Tisnovsky  <ptisnovs at redhat.com>
 
 	* src/org/RhinoTests/InvocableClassTest.java:
diff -r 5a1fcd8c099d -r 6c88fa309557 src/org/RhinoTests/ScriptExceptionClassTest.java
--- a/src/org/RhinoTests/ScriptExceptionClassTest.java	Wed Mar 19 11:01:26 2014 +0100
+++ b/src/org/RhinoTests/ScriptExceptionClassTest.java	Thu Mar 20 09:34:13 2014 +0100
@@ -2073,6 +2073,79 @@
     }
 
     /**
+     * Test for method javax.script.ScriptException.getClass().getResourceAsStreamNPETest()
+     */
+    protected void testGetResourceAsStreamNPETest() {
+        try {
+            Object resource = this.scriptExceptionClass.getResourceAsStream(null);
+            throw new AssertionError("NullPointerException expected!");
+        }
+        catch (NullPointerException e) {
+            //This is OK OK
+        }
+    }
+
+    /**
+     * Test for method javax.script.ScriptException.getClass().getResourceAsStreamNegativeTest()
+     */
+    protected void testGetResourceAsStreamNegativeTest() {
+        Object stream = null;
+        stream = this.scriptExceptionClass.getResourceAsStream("/org/RhinoTests/AbstractScriptEngineClassTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/AbstractScriptEngineClassTest.class\") returns null");
+        stream = this.scriptExceptionClass.getResourceAsStream("/org/RhinoTests/BaseRhinoTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/BaseRhinoTest.class\") returns null");
+        stream = this.scriptExceptionClass.getResourceAsStream("/org/RhinoTests/BindingsClassTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/BindingsClassTest.class\") returns null");
+        stream = this.scriptExceptionClass.getResourceAsStream("/org/RhinoTests/BindingsTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/BindingsTest.class\") returns null");
+        stream = this.scriptExceptionClass.getResourceAsStream("/org/RhinoTests/CompilableClassTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/CompilableClassTest.class\") returns null");
+        stream = this.scriptExceptionClass.getResourceAsStream("/org/RhinoTests/CompilableTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/CompilableTest.class\") returns null");
+        stream = this.scriptExceptionClass.getResourceAsStream("/org/RhinoTests/CompiledScriptClassTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/CompiledScriptClassTest.class\") returns null");
+        stream = this.scriptExceptionClass.getResourceAsStream("/org/RhinoTests/CompiledScriptTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/CompiledScriptTest.class\") returns null");
+        stream = this.scriptExceptionClass.getResourceAsStream("/org/RhinoTests/Constants.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/Constants.class\") returns null");
+        stream = this.scriptExceptionClass.getResourceAsStream("/org/RhinoTests/InvocableClassTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/InvocableClassTest.class\") returns null");
+        stream = this.scriptExceptionClass.getResourceAsStream("/org/RhinoTests/InvocableTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/InvocableTest.class\") returns null");
+        stream = this.scriptExceptionClass.getResourceAsStream("/org/RhinoTests/JavaScriptSnippets.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/JavaScriptSnippets.class\") returns null");
+        stream = this.scriptExceptionClass.getResourceAsStream("/org/RhinoTests/JavaScriptsTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/JavaScriptsTest.class\") returns null");
+        stream = this.scriptExceptionClass.getResourceAsStream("/org/RhinoTests/ScriptContextClassTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/ScriptContextClassTest.class\") returns null");
+        stream = this.scriptExceptionClass.getResourceAsStream("/org/RhinoTests/ScriptContextTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/ScriptContextTest.class\") returns null");
+        stream = this.scriptExceptionClass.getResourceAsStream("/org/RhinoTests/ScriptEngineClassTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/ScriptEngineClassTest.class\") returns null");
+        stream = this.scriptExceptionClass.getResourceAsStream("/org/RhinoTests/ScriptEngineFactoryClassTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/ScriptEngineFactoryClassTest.class\") returns null");
+        stream = this.scriptExceptionClass.getResourceAsStream("/org/RhinoTests/ScriptEngineFactoryTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/ScriptEngineFactoryTest.class\") returns null");
+        stream = this.scriptExceptionClass.getResourceAsStream("/org/RhinoTests/ScriptEngineManagerClassTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/ScriptEngineManagerClassTest.class\") returns null");
+        stream = this.scriptExceptionClass.getResourceAsStream("/org/RhinoTests/ScriptEngineManagerTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/ScriptEngineManagerTest.class\") returns null");
+        stream = this.scriptExceptionClass.getResourceAsStream("/org/RhinoTests/ScriptEngineTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/ScriptEngineTest.class\") returns null");
+        stream = this.scriptExceptionClass.getResourceAsStream("/org/RhinoTests/ScriptExceptionClassTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/ScriptExceptionClassTest.class\") returns null");
+        stream = this.scriptExceptionClass.getResourceAsStream("/org/RhinoTests/ScriptExceptionTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/ScriptExceptionTest.class\") returns null");
+        stream = this.scriptExceptionClass.getResourceAsStream("/org/RhinoTests/SimpleBindingsClassTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/SimpleBindingsClassTest.class\") returns null");
+        stream = this.scriptExceptionClass.getResourceAsStream("/org/RhinoTests/SimpleBindingsTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/SimpleBindingsTest.class\") returns null");
+        stream = this.scriptExceptionClass.getResourceAsStream("/org/RhinoTests/SimpleScriptContextClassTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/SimpleScriptContextClassTest.class\") returns null");
+        stream = this.scriptExceptionClass.getResourceAsStream("/org/RhinoTests/SimpleScriptContextTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/SimpleScriptContextTest.class\") returns null");
+    }
+    /**
      * Test for instanceof operator applied to a class javax.script.ScriptException
      */
     @SuppressWarnings("cast")

From ptisnovs at icedtea.classpath.org  Thu Mar 20 08:36:06 2014
From: ptisnovs at icedtea.classpath.org (ptisnovs at icedtea.classpath.org)
Date: Thu, 20 Mar 2014 08:36:06 +0000
Subject: /hg/gfx-test: Eight new common test methods added into BitBltBuf...
Message-ID: <hg.bcdf88e32236.1395304566.-6248649288953172555@icedtea.classpath.org>

changeset bcdf88e32236 in /hg/gfx-test
details: http://icedtea.classpath.org/hg/gfx-test?cmd=changeset;node=bcdf88e32236
author: Pavel Tisnovsky <ptisnovs at redhat.com>
date: Thu Mar 20 09:36:49 2014 +0100

	Eight new common test methods added into BitBltBufferedImageOp.


diffstat:

 ChangeLog                                             |    5 +
 src/org/gfxtest/testsuites/BitBltBufferedImageOp.java |  162 +++++++++++++++++-
 2 files changed, 166 insertions(+), 1 deletions(-)

diffs (191 lines):

diff -r 117344d3f5e1 -r bcdf88e32236 ChangeLog
--- a/ChangeLog	Wed Mar 19 10:59:00 2014 +0100
+++ b/ChangeLog	Thu Mar 20 09:36:49 2014 +0100
@@ -1,3 +1,8 @@
+2014-03-20  Pavel Tisnovsky  <ptisnovs at redhat.com>
+
+	* src/org/gfxtest/testsuites/BitBltBufferedImageOp.java:
+	Eight new common test methods added into BitBltBufferedImageOp.
+
 2014-03-19  Pavel Tisnovsky  <ptisnovs at redhat.com>
 
 	* src/org/gfxtest/testsuites/BitBltAffineIdentityTransformOp.java:
diff -r 117344d3f5e1 -r bcdf88e32236 src/org/gfxtest/testsuites/BitBltBufferedImageOp.java
--- a/src/org/gfxtest/testsuites/BitBltBufferedImageOp.java	Wed Mar 19 10:59:00 2014 +0100
+++ b/src/org/gfxtest/testsuites/BitBltBufferedImageOp.java	Thu Mar 20 09:36:49 2014 +0100
@@ -1,7 +1,7 @@
 /*
   Java gfx-test framework
 
-   Copyright (C) 2012, 2013  Red Hat
+   Copyright (C) 2012, 2013, 2014  Red Hat
 
 This file is part of IcedTea.
 
@@ -1281,6 +1281,166 @@
     }
 
     /**
+     * Test basic BitBlt operation for buffered image with type {@link BufferedImage#TYPE_3BYTE_BGR}.
+     *
+     * @param image
+     *            image used as a destination for BitBlt-type operations
+     * @param graphics2d
+     *            graphics canvas
+     * @param rasterOp
+     *            selected raster operation
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    protected TestResult doBitBltHorizontalStripesType3ByteBGR(TestImage image, Graphics2D graphics2d, BufferedImageOp rasterOp)
+    {
+        return CommonBitmapOperations.doBitBltTestWithHorizontalStripesImage(image, graphics2d, BufferedImage.TYPE_3BYTE_BGR, rasterOp);
+    }
+
+    /**
+     * Test basic BitBlt operation for buffered image with type {@link BufferedImage#TYPE_4BYTE_ABGR}.
+     *
+     * @param image
+     *            image used as a destination for BitBlt-type operations
+     * @param graphics2d
+     *            graphics canvas
+     * @param rasterOp
+     *            selected raster operation
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    protected TestResult doBitBltHorizontalStripesType4ByteABGR(TestImage image, Graphics2D graphics2d, BufferedImageOp rasterOp)
+    {
+        return CommonBitmapOperations.doBitBltTestWithHorizontalStripesImage(image, graphics2d, BufferedImage.TYPE_4BYTE_ABGR, rasterOp);
+    }
+
+    /**
+     * Test basic BitBlt operation for buffered image with type {@link BufferedImage#TYPE_4BYTE_ABGR_PRE}.
+     *
+     * @param image
+     *            image used as a destination for BitBlt-type operations
+     * @param graphics2d
+     *            graphics canvas
+     * @param rasterOp
+     *            selected raster operation
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    protected TestResult doBitBltHorizontalStripesType4ByteABGR_Pre(TestImage image, Graphics2D graphics2d, BufferedImageOp rasterOp)
+    {
+        return CommonBitmapOperations.doBitBltTestWithHorizontalStripesImage(image, graphics2d, BufferedImage.TYPE_4BYTE_ABGR_PRE, rasterOp);
+    }
+
+    /**
+     * Test basic BitBlt operation for buffered image with type {@link BufferedImage#TYPE_BYTE_BINARY}.
+     *
+     * @param image
+     *            image used as a destination for BitBlt-type operations
+     * @param graphics2d
+     *            graphics canvas
+     * @param rasterOp
+     *            selected raster operation
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    protected TestResult doBitBltHorizontalStripesTypeByteBinary(TestImage image, Graphics2D graphics2d, BufferedImageOp rasterOp)
+    {
+        return CommonBitmapOperations.doBitBltTestWithHorizontalStripesImage(image, graphics2d, BufferedImage.TYPE_BYTE_BINARY, rasterOp);
+    }
+
+    /**
+     * Test basic BitBlt operation for buffered image with type {@link BufferedImage#TYPE_BYTE_INDEXED}.
+     *
+     * @param image
+     *            image used as a destination for BitBlt-type operations
+     * @param graphics2d
+     *            graphics canvas
+     * @param rasterOp
+     *            selected raster operation
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    protected TestResult doBitBltHorizontalStripesTypeByteIndexed(TestImage image, Graphics2D graphics2d, BufferedImageOp rasterOp)
+    {
+        return CommonBitmapOperations.doBitBltTestWithHorizontalStripesImage(image, graphics2d, BufferedImage.TYPE_BYTE_INDEXED, rasterOp);
+    }
+
+    /**
+     * Test basic BitBlt operation for buffered image with type {@link BufferedImage#TYPE_BYTE_GRAY}.
+     *
+     * @param image
+     *            image used as a destination for BitBlt-type operations
+     * @param graphics2d
+     *            graphics canvas
+     * @param rasterOp
+     *            selected raster operation
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    protected TestResult doBitBltHorizontalStripesTypeByteGray(TestImage image, Graphics2D graphics2d, BufferedImageOp rasterOp)
+    {
+        return CommonBitmapOperations.doBitBltTestWithHorizontalStripesImage(image, graphics2d, BufferedImage.TYPE_BYTE_GRAY, rasterOp);
+    }
+
+    /**
+     * Test basic BitBlt operation for buffered image with type {@link BufferedImage#TYPE_INT_BGR}.
+     *
+     * @param image
+     *            image used as a destination for BitBlt-type operations
+     * @param graphics2d
+     *            graphics canvas
+     * @param rasterOp
+     *            selected raster operation
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    protected TestResult doBitBltHorizontalStripesTypeIntBGR(TestImage image, Graphics2D graphics2d, BufferedImageOp rasterOp)
+    {
+        return CommonBitmapOperations.doBitBltTestWithHorizontalStripesImage(image, graphics2d, BufferedImage.TYPE_INT_BGR, rasterOp);
+    }
+
+    /**
+     * Test basic BitBlt operation for buffered image with type {@link BufferedImage#TYPE_INT_RGB}.
+     *
+     * @param image
+     *            image used as a destination for BitBlt-type operations
+     * @param graphics2d
+     *            graphics canvas
+     * @param rasterOp
+     *            selected raster operation
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    protected TestResult doBitBltHorizontalStripesTypeIntRGB(TestImage image, Graphics2D graphics2d, BufferedImageOp rasterOp)
+    {
+        return CommonBitmapOperations.doBitBltTestWithHorizontalStripesImage(image, graphics2d, BufferedImage.TYPE_INT_RGB, rasterOp);
+    }
+
+    /**
+     * Test basic BitBlt operation for buffered image with type {@link BufferedImage#TYPE_INT_ARGB}.
+     *
+     * @param image
+     *            image used as a destination for BitBlt-type operations
+     * @param graphics2d
+     *            graphics canvas
+     * @param rasterOp
+     *            selected raster operation
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    protected TestResult doBitBltHorizontalStripesTypeIntARGB(TestImage image, Graphics2D graphics2d, BufferedImageOp rasterOp)
+    {
+        return CommonBitmapOperations.doBitBltTestWithHorizontalStripesImage(image, graphics2d, BufferedImage.TYPE_INT_ARGB, rasterOp);
+    }
+
+    /**
+     * Test basic BitBlt operation for buffered image with type {@link BufferedImage#TYPE_INT_ARGB_PRE}.
+     *
+     * @param image
+     *            image used as a destination for BitBlt-type operations
+     * @param graphics2d
+     *            graphics canvas
+     * @param rasterOp
+     *            selected raster operation
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    protected TestResult doBitBltHorizontalStripesTypeIntARGB_Pre(TestImage image, Graphics2D graphics2d, BufferedImageOp rasterOp)
+    {
+        return CommonBitmapOperations.doBitBltTestWithHorizontalStripesImage(image, graphics2d, BufferedImage.TYPE_INT_ARGB_PRE, rasterOp);
+    }
+
+    /**
      * Entry point to the test suite.
      *
      * @param args not used in this case

From jvanek at redhat.com  Thu Mar 20 07:49:58 2014
From: jvanek at redhat.com (Jiri Vanek)
Date: Thu, 20 Mar 2014 08:49:58 +0100
Subject: EXTREME weirdness - applet writing without permissions
In-Reply-To: <1881295401.647403.1395076240652.JavaMail.zimbra@redhat.com>
References: <CAC2-jLH+BtnRvLY4_VNzj+JXDtnKA2fY9fmcOGj56WZsA=mu6A@mail.gmail.com>	<960346228.642835.1395075485802.JavaMail.zimbra@redhat.com>	<CAC2-jLEoMAu5TH4X-SjhLtfHi64eWO00TYK0_HV8=Q8FYxNLJg@mail.gmail.com>
	<1881295401.647403.1395076240652.JavaMail.zimbra@redhat.com>
Message-ID: <532A9DA6.8040200@redhat.com>

On 03/17/2014 06:10 PM, Andrew Azores wrote:
> **> Oh... OK. So I misunderstood (mis-guessed) the spec. I see!
>  > So I'll have to put an unsigned applet there to have it sandboxed.
>  > Thanks for investigating,
>  > Stefan
>
> Well, you could alternatively just specify sandbox permissions in the applet tag. But simply splitting it into its own separate unsigned JAR will also work. Up to you. Bonus points if you test both and confirm that it comes out with sandbox-only permissions either way :)
>
http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#permissions
for similar purposes, this may come handy later ....

J.

From jvanek at redhat.com  Thu Mar 20 14:32:42 2014
From: jvanek at redhat.com (Jiri Vanek)
Date: Thu, 20 Mar 2014 15:32:42 +0100
Subject: [rfc][icedtea-web] cache tweeks
Message-ID: <532AFC0A.5040501@redhat.com>

releaseLock is bug, found thanx to tweeksToCache work.
releaseLock is releasing the never released lock. It is not 100% fix but for deeper fixing this needs to wait for cache revisite. ntil now it was invisible, because jvm always terminated after clean-cache.

The tweeksToCache is doing the only thing - making clear cache more visible. Righ ntnow it exists only as cmd switch, and as feature in itw-settings->cache->view Fiels->delete on by one.
Now one can itw-settings->cache->view Files->delete all.
Delete all is also presented on error dialogs - with tooltip why.

Motivation? - tired to close bugs by "clear cache first please" "how" "...:x..." "It started to work"

Thanx!
   J.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: releaseLock.patch
Type: text/x-patch
Size: 1643 bytes
Desc: not available
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140320/a91fffd3/releaseLock.patch>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: tweeksToCache.patch
Type: text/x-patch
Size: 14219 bytes
Desc: not available
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140320/a91fffd3/tweeksToCache.patch>

From jvanek at redhat.com  Thu Mar 20 15:05:31 2014
From: jvanek at redhat.com (Jiri Vanek)
Date: Thu, 20 Mar 2014 16:05:31 +0100
Subject: [rfc][icedtea-web] manifests attributes Validation Moved To Separate
	Class
Message-ID: <532B03BB.6050001@redhat.com>

Pure refactroing as in subject.

  J.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: manifestsValidationMovedToSeparateClass.diff
Type: text/x-patch
Size: 27685 bytes
Desc: not available
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140320/673c5062/manifestsValidationMovedToSeparateClass-0001.diff>

From aazores at redhat.com  Thu Mar 20 15:13:18 2014
From: aazores at redhat.com (Andrew Azores)
Date: Thu, 20 Mar 2014 11:13:18 -0400
Subject: [rfc][icedtea-web] manifests attributes Validation Moved To
	Separate Class
In-Reply-To: <532B03BB.6050001@redhat.com>
References: <532B03BB.6050001@redhat.com>
Message-ID: <532B058E.7000005@redhat.com>

On 03/20/2014 11:05 AM, Jiri Vanek wrote:
> Pure refactroing as in subject.
>
>  J.

Looks good to me.

Thanks,

-- 
Andrew A


From jvanek at icedtea.classpath.org  Thu Mar 20 15:21:45 2014
From: jvanek at icedtea.classpath.org (jvanek at icedtea.classpath.org)
Date: Thu, 20 Mar 2014 15:21:45 +0000
Subject: /hg/icedtea-web: Methods validating manifests' attributes moved ...
Message-ID: <hg.d133c4ebfe24.1395328905.8643924302249223276@icedtea.classpath.org>

changeset d133c4ebfe24 in /hg/icedtea-web
details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=d133c4ebfe24
author: Jiri Vanek <jvanek at redhat.com>
date: Thu Mar 20 16:29:46 2014 +0100

	Methods validating manifests' attributes moved to separate class.


diffstat:

 ChangeLog                                                           |   12 +
 netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java              |  202 +-------
 netx/net/sourceforge/jnlp/runtime/ManifestsAttributesValidator.java |  242 ++++++++++
 netx/net/sourceforge/jnlp/util/UrlUtils.java                        |   11 +
 4 files changed, 274 insertions(+), 193 deletions(-)

diffs (truncated from 547 to 500 lines):

diff -r 15bbdf43c1e7 -r d133c4ebfe24 ChangeLog
--- a/ChangeLog	Fri Mar 14 10:50:15 2014 -0400
+++ b/ChangeLog	Thu Mar 20 16:29:46 2014 +0100
@@ -1,3 +1,15 @@
+2014-03-20  Jiri Vanek  <jvanek at redhat.com>
+
+	Methods validating manifests' attributes moved to separate class.
+	* netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java: Cleaned imports.
+	At (init) methods (checkCodebaseAttribute), (checkPermissionsAttribute) and 
+	(checkApplicationLibraryAllowableCodebaseAttribute) moved to
+	ManifestsAttributesValidator. (guessCodeBase) generalized in UrlUtils.
+	* netx/net/sourceforge/jnlp/runtime/ManifestsAttributesValidator.java:
+	new class. Contains logic to validate manifests'attributes.
+	* netx/net/sourceforge/jnlp/util/UrlUtils.java: added method (guessCodeBase)
+	as generalization of JNLPClassLoader's guessCodeBase method.
+
 2014-03-14  Andrew Azores  <aazores at redhat.com>
 
 	Added new PartiallySigned Dialog to replace NotAllSignedWarningPane.
diff -r 15bbdf43c1e7 -r d133c4ebfe24 netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java
--- a/netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java	Fri Mar 14 10:50:15 2014 -0400
+++ b/netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java	Thu Mar 20 16:29:46 2014 +0100
@@ -64,7 +64,6 @@
 import net.sourceforge.jnlp.ExtensionDesc;
 import net.sourceforge.jnlp.JARDesc;
 import net.sourceforge.jnlp.JNLPFile;
-import net.sourceforge.jnlp.JNLPFile.ManifestBoolean;
 import net.sourceforge.jnlp.JNLPMatcher;
 import net.sourceforge.jnlp.JNLPMatcherException;
 import net.sourceforge.jnlp.LaunchDesc;
@@ -84,12 +83,8 @@
 import net.sourceforge.jnlp.security.AppVerifier;
 import net.sourceforge.jnlp.security.JNLPAppVerifier;
 import net.sourceforge.jnlp.security.PluginAppVerifier;
-import net.sourceforge.jnlp.security.SecurityDialogs;
-import net.sourceforge.jnlp.security.appletextendedsecurity.AppletSecurityLevel;
-import net.sourceforge.jnlp.security.appletextendedsecurity.AppletStartupSecuritySettings;
 import net.sourceforge.jnlp.security.appletextendedsecurity.UnsignedAppletTrustConfirmation;
 import net.sourceforge.jnlp.tools.JarCertVerifier;
-import net.sourceforge.jnlp.util.ClasspathMatcher.ClasspathMatchers;
 import net.sourceforge.jnlp.util.JarFile;
 import net.sourceforge.jnlp.util.StreamUtils;
 import net.sourceforge.jnlp.util.UrlUtils;
@@ -288,12 +283,11 @@
         initializePermissions();
 
         setSecurity();
-        
-        checkCodebaseAttribute();
-        
-        checkPermissionsAttribute();
-        
-        checkApplicationLibraryAllowableCodebaseAttribute();
+
+        ManifestsAttributesValidator mav = new ManifestsAttributesValidator(security, file, signing);
+        mav.checkCodebaseAttribute();
+        mav.checkPermissionsAttribute();
+        mav.checkApplicationLibraryAllowableCodebaseAttribute();
         
         installShutdownHooks();
         
@@ -319,7 +313,7 @@
     }
 
     private void setSecurity() throws LaunchException {
-        URL codebase = guessCodeBase();
+        URL codebase = UrlUtils.guessCodeBase(file);
         this.security = securityDelegate.getClassLoaderSecurity(codebase.getHost());
     }
 
@@ -2246,52 +2240,9 @@
         return mainClass;
     }
     
-    private URL guessCodeBase() {
-        if (file.getCodeBase() != null) {
-            return file.getCodeBase();
-        } else {
-            //Fixme: codebase should be the codebase of the Main Jar not
-            //the location. Although, it still works in the current state.
-            return file.getResources().getMainJAR().getLocation();
-        }
-    }
-
-    /**
-     * http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/manifest.html#codebase
-     */
-    private void checkCodebaseAttribute() throws LaunchException {
-        if (file.getCodeBase() == null || file.getCodeBase().getProtocol().equals("file")) {
-            OutputController.getLogger().log(OutputController.Level.WARNING_ALL, Translator.R("CBCheckFile"));
-            return;
-        }
-        final Object securityType = security.getSecurityType();
-        final URL codebase = guessCodeBase();
-        final ClasspathMatchers codebaseAtt = file.getManifestsAttributes().getCodebase();
-        if (codebaseAtt == null) {
-            OutputController.getLogger().log(OutputController.Level.WARNING_ALL, Translator.R("CBCheckNoEntry"));
-            return;
-        }
-        if (securityType.equals(SecurityDesc.SANDBOX_PERMISSIONS)) {
-            if (codebaseAtt.matches(codebase)) {
-                OutputController.getLogger().log(OutputController.Level.MESSAGE_ALL, Translator.R("CBCheckUnsignedPass"));
-            } else {
-                OutputController.getLogger().log(OutputController.Level.ERROR_ALL, Translator.R("CBCheckUnsignedFail"));
-            }
-        } else {
-            if (codebaseAtt.matches(codebase)) {
-                OutputController.getLogger().log(OutputController.Level.MESSAGE_ALL, Translator.R("CBCheckOkSignedOk"));
-            } else {
-                if (file instanceof PluginBridge) {
-                    throw new LaunchException(Translator.R("CBCheckSignedAppletDontMatchException", file.getManifestsAttributes().getCodebase().toString(), codebase));
-                } else {
-                    OutputController.getLogger().log(OutputController.Level.ERROR_ALL, Translator.R("CBCheckSignedFail"));
-                }
-            }
-        }
-
-    }
-
-    /**
+
+
+   /**
      * SecurityDelegate, in real usage, relies on having a "parent" JNLPClassLoader instance.
      * However, JNLPClassLoaders are very large, heavyweight, difficult-to-mock objects, which
      * means that unit testing on anything that uses a SecurityDelegate can become very difficult.
@@ -2321,96 +2272,6 @@
         public boolean getRunInSandbox();
     }
 
-    private void checkApplicationLibraryAllowableCodebaseAttribute() throws LaunchException {
-        if (signing == SigningState.NONE){
-            return; /*when app is not signed at all, then skip this check*/
-        } 
-        //conditions
-        URL codebase = file.getCodeBase();
-        URL documentBase = null;
-        if (file instanceof PluginBridge) {
-            documentBase = ((PluginBridge) file).getSourceLocation();
-        }
-        if (documentBase == null) {
-            documentBase = file.getCodeBase();
-        }
-
-        //cases
-        Set<URL> usedUrls = new HashSet<URL>();
-        URL sourceLocation = file.getSourceLocation();
-        ResourcesDesc[] resourcesDescs = file.getResourcesDescs();
-        if (sourceLocation != null) {
-            usedUrls.add(UrlUtils.removeFileName(sourceLocation));
-        }
-        for (ResourcesDesc resourcesDesc: resourcesDescs) {
-            ExtensionDesc[] ex = resourcesDesc.getExtensions();
-            if (ex != null) {
-                for ( ExtensionDesc extensionDesc: ex) {
-                    if (extensionDesc != null) {
-                        usedUrls.add(UrlUtils.removeFileName(extensionDesc.getLocation()));
-                    }
-                }
-            }
-            JARDesc[] jars = resourcesDesc.getJARs();
-            if (jars != null) {
-                for (JARDesc jarDesc: jars) {
-                    if (jarDesc != null) {
-                        usedUrls.add(UrlUtils.removeFileName(jarDesc.getLocation()));
-                    }
-                }
-            }
-            JNLPFile jnlp = resourcesDesc.getJNLPFile();
-            if (jnlp != null) {
-                usedUrls.add(UrlUtils.removeFileName(jnlp.getSourceLocation()));
-            }
-
-        }
-        OutputController.getLogger().log("Found alaca URLs to be verified");
-        for (URL url : usedUrls) {
-            OutputController.getLogger().log(" - " + url.toExternalForm());
-        }
-        if (usedUrls.isEmpty()) {
-            //I hope this is the case, when the resources is/are
-            //only codebase classes. Then it should be safe to return.
-            OutputController.getLogger().log("The application is not using any url resources, skipping Application-Library-Allowable-Codebase Attribute check.");
-            return;
-        }
-
-        if (usedUrls.size() == 1) {
-            if (UrlUtils.equalsIgnoreLastSlash(usedUrls.toArray(new URL[0])[0], codebase)
-                    && UrlUtils.equalsIgnoreLastSlash(usedUrls.toArray(new URL[0])[0], documentBase)) {
-                //all resoources are from codebase or document base. it is ok to proceeed.
-                OutputController.getLogger().log("All applications resources (" + usedUrls.toArray(new URL[0])[0] + ") are from codebas/documentbase " + codebase + "/" + documentBase + ", skipping Application-Library-Allowable-Codebase Attribute check.");
-                return;
-            }
-        }
-        ClasspathMatchers att = file.getManifestsAttributes().getApplicationLibraryAllowableCodebase();
-
-        if (att == null) {
-            boolean a = SecurityDialogs.showMissingALACAttributePanel(file.getTitle(), documentBase, usedUrls);
-            if (!a) {
-                throw new LaunchException("The application uses non-codebase resources, has no Application-Library-Allowable-Codebase Attribute, and was blocked from running by the user");
-            } else {
-                OutputController.getLogger().log("The application uses non-codebase resources, has no Application-Library-Allowable-Codebase Attribute, and was allowed to run by the user");
-                return;
-            }
-        } else {
-            for (URL foundUrl : usedUrls) {
-                if (!att.matches(foundUrl)) {
-                    throw new LaunchException("The resource from " + foundUrl + " does not match the  location in Application-Library-Allowable-Codebase Attribute " + att + ". Blocking the application from running.");
-                } else {
-                    OutputController.getLogger().log("The resource from " + foundUrl + " does  match the  location in Application-Library-Allowable-Codebase Attribute " + att + ". Continuing.");
-                }
-            }
-        }
-        boolean a = SecurityDialogs.showMatchingALACAttributePanel(file.getTitle(), documentBase, usedUrls);
-        if (!a) {
-            throw new LaunchException("The application uses non-codebase resources, which do match its Application-Library-Allowable-Codebase Attribute, but was blocked from running by the user." );
-        } else {
-            OutputController.getLogger().log("The application uses non-codebase resources, which do match its Application-Library-Allowable-Codebase Attribute, and was allowed to run by the user." );
-        }
-    }
-
     /**
      * Handles security decision logic for the JNLPClassLoader, eg which permission level to assign
      * to JARs.
@@ -2547,51 +2408,6 @@
 
     }
     
-    /**
-     * http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#permissions
-     */
-    public void checkPermissionsAttribute() throws LaunchException {
-        final ManifestBoolean permissions = file.getManifestsAttributes().isSandboxForced();
-        AppletSecurityLevel level = AppletStartupSecuritySettings.getInstance().getSecurityLevel();
-        if (level == AppletSecurityLevel.ALLOW_UNSIGNED) {
-            OutputController.getLogger().log(OutputController.Level.WARNING_ALL, "Although 'permissions' attribute of this application is '" + file.getManifestsAttributes().permissionsToString() + "' Your Extended applets security is at 'low', continuing");
-            return;
-        }
-        switch (permissions) {
-            case UNDEFINED: {
-                if (level == AppletSecurityLevel.DENY_UNSIGNED) {
-                    throw new LaunchException("Your Extended applets security is at 'Very high', and this application is missing the 'permissions' attribute in manifest. This is fatal");
-                }
-                if (level == AppletSecurityLevel.ASK_UNSIGNED) {
-                    boolean a = SecurityDialogs.showMissingPermissionsAttributeDialogue(file.getTitle(), file.getCodeBase());
-                    if (!a) {
-                        throw new LaunchException("Your Extended applets security is at 'high' and  this applicationis missing the 'permissions' attribute in manifest. And you have refused to run it.");
-                    } else {
-                        OutputController.getLogger().log("Your Extended applets security is at 'high' and  this applicationis missing the 'permissions' attribute in manifest. And you have allowed to run it.");
-                    }
-                }
-                //default for missing is sandbox
-                if (!SecurityDesc.SANDBOX_PERMISSIONS.equals(security.getSecurityType())) {
-                    throw new LaunchException("The 'permissions' attribute is not specified, and application is requesting permissions. This is fatal");
-                }
-                break;
-            }
-            case TRUE: {
-                if (SecurityDesc.SANDBOX_PERMISSIONS.equals(security.getSecurityType())) {
-                    OutputController.getLogger().log("The permissions attribute of this application is " + file.getManifestsAttributes().permissionsToString() + "' and security is '" + security.getSecurityType() + "'. Thats correct");
-                } else {
-                    throw new LaunchException("The 'permissions' attribute is '" + file.getManifestsAttributes().permissionsToString() + "' but  security is '" + security.getSecurityType() + "'. This is fatal");
-                }
-            }
-            case FALSE: {
-                if (SecurityDesc.SANDBOX_PERMISSIONS.equals(security.getSecurityType())) {
-                    throw new LaunchException("The 'permissions' attribute is '" + file.getManifestsAttributes().permissionsToString() + "' but  security is' " + security.getSecurityType() + "'. This is fatal");
-                } else {
-                    OutputController.getLogger().log("The permissions attribute of this application is '" + file.getManifestsAttributes().permissionsToString() + "' and security is '" + security.getSecurityType() + "'. Thats correct");
-                }
-            }
-        }
-    }
 
     /*
      * Helper class to expose protected URLClassLoader methods.
diff -r 15bbdf43c1e7 -r d133c4ebfe24 netx/net/sourceforge/jnlp/runtime/ManifestsAttributesValidator.java
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/netx/net/sourceforge/jnlp/runtime/ManifestsAttributesValidator.java	Thu Mar 20 16:29:46 2014 +0100
@@ -0,0 +1,242 @@
+/* 
+Copyright (C) 2011 Red Hat, Inc.
+
+This file is part of IcedTea.
+
+IcedTea is free software; you can redistribute it and/or
+modify it under the terms of the GNU General Public License as published by
+the Free Software Foundation, version 2.
+
+IcedTea is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with IcedTea; see the file COPYING.  If not, write to
+the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version.
+ */
+package net.sourceforge.jnlp.runtime;
+
+import java.net.URL;
+import java.util.HashSet;
+import java.util.Set;
+import net.sourceforge.jnlp.ExtensionDesc;
+import net.sourceforge.jnlp.JARDesc;
+import net.sourceforge.jnlp.JNLPFile;
+import net.sourceforge.jnlp.JNLPFile.ManifestBoolean;
+import net.sourceforge.jnlp.LaunchException;
+import net.sourceforge.jnlp.PluginBridge;
+import net.sourceforge.jnlp.ResourcesDesc;
+import net.sourceforge.jnlp.SecurityDesc;
+import net.sourceforge.jnlp.runtime.JNLPClassLoader.SigningState;
+import net.sourceforge.jnlp.security.SecurityDialogs;
+import net.sourceforge.jnlp.security.appletextendedsecurity.AppletSecurityLevel;
+import net.sourceforge.jnlp.security.appletextendedsecurity.AppletStartupSecuritySettings;
+import net.sourceforge.jnlp.util.ClasspathMatcher.ClasspathMatchers;
+import net.sourceforge.jnlp.util.UrlUtils;
+import net.sourceforge.jnlp.util.logging.OutputController;
+
+public class ManifestsAttributesValidator {
+
+    private final SecurityDesc security;
+    private final JNLPFile file;
+    private final SigningState signing;
+
+    public ManifestsAttributesValidator(SecurityDesc security, JNLPFile file, SigningState signing) {
+        this.security = security;
+        this.file = file;
+        this.signing = signing;
+    }
+    
+    
+
+    /**
+     * http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/manifest.html#codebase
+     */
+    void checkCodebaseAttribute() throws LaunchException {
+        if (file.getCodeBase() == null || file.getCodeBase().getProtocol().equals("file")) {
+            OutputController.getLogger().log(OutputController.Level.WARNING_ALL, Translator.R("CBCheckFile"));
+            return;
+        }
+        final Object securityType = security.getSecurityType();
+        final URL codebase = UrlUtils.guessCodeBase(file);
+        final ClasspathMatchers codebaseAtt = file.getManifestsAttributes().getCodebase();
+        if (codebaseAtt == null) {
+            OutputController.getLogger().log(OutputController.Level.WARNING_ALL, Translator.R("CBCheckNoEntry"));
+            return;
+        }
+        if (securityType.equals(SecurityDesc.SANDBOX_PERMISSIONS)) {
+            if (codebaseAtt.matches(codebase)) {
+                OutputController.getLogger().log(OutputController.Level.MESSAGE_ALL, Translator.R("CBCheckUnsignedPass"));
+            } else {
+                OutputController.getLogger().log(OutputController.Level.ERROR_ALL, Translator.R("CBCheckUnsignedFail"));
+            }
+        } else {
+            if (codebaseAtt.matches(codebase)) {
+                OutputController.getLogger().log(OutputController.Level.MESSAGE_ALL, Translator.R("CBCheckOkSignedOk"));
+            } else {
+                if (file instanceof PluginBridge) {
+                    throw new LaunchException(Translator.R("CBCheckSignedAppletDontMatchException", file.getManifestsAttributes().getCodebase().toString(), codebase));
+                } else {
+                    OutputController.getLogger().log(OutputController.Level.ERROR_ALL, Translator.R("CBCheckSignedFail"));
+                }
+            }
+        }
+
+    }
+
+    /**
+     * http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#permissions
+     */
+    void checkPermissionsAttribute() throws LaunchException {
+        final ManifestBoolean permissions = file.getManifestsAttributes().isSandboxForced();
+        AppletSecurityLevel level = AppletStartupSecuritySettings.getInstance().getSecurityLevel();
+        if (level == AppletSecurityLevel.ALLOW_UNSIGNED) {
+            OutputController.getLogger().log(OutputController.Level.WARNING_ALL, "Although 'permissions' attribute of this application is '" + file.getManifestsAttributes().permissionsToString() + "' Your Extended applets security is at 'low', continuing");
+            return;
+        }
+        switch (permissions) {
+            case UNDEFINED: {
+                if (level == AppletSecurityLevel.DENY_UNSIGNED) {
+                    throw new LaunchException("Your Extended applets security is at 'Very high', and this application is missing the 'permissions' attribute in manifest. This is fatal");
+                }
+                if (level == AppletSecurityLevel.ASK_UNSIGNED) {
+                    boolean a = SecurityDialogs.showMissingPermissionsAttributeDialogue(file.getTitle(), file.getCodeBase());
+                    if (!a) {
+                        throw new LaunchException("Your Extended applets security is at 'high' and  this applicationis missing the 'permissions' attribute in manifest. And you have refused to run it.");
+                    } else {
+                        OutputController.getLogger().log("Your Extended applets security is at 'high' and  this applicationis missing the 'permissions' attribute in manifest. And you have allowed to run it.");
+                    }
+                }
+                //default for missing is sandbox
+                if (!SecurityDesc.SANDBOX_PERMISSIONS.equals(security.getSecurityType())) {
+                    throw new LaunchException("The 'permissions' attribute is not specified, and application is requesting permissions. This is fatal");
+                }
+                break;
+            }
+            case TRUE: {
+                if (SecurityDesc.SANDBOX_PERMISSIONS.equals(security.getSecurityType())) {
+                    OutputController.getLogger().log("The permissions attribute of this application is " + file.getManifestsAttributes().permissionsToString() + "' and security is '" + security.getSecurityType() + "'. Thats correct");
+                } else {
+                    throw new LaunchException("The 'permissions' attribute is '" + file.getManifestsAttributes().permissionsToString() + "' but  security is '" + security.getSecurityType() + "'. This is fatal");
+                }
+            }
+            case FALSE: {
+                if (SecurityDesc.SANDBOX_PERMISSIONS.equals(security.getSecurityType())) {
+                    throw new LaunchException("The 'permissions' attribute is '" + file.getManifestsAttributes().permissionsToString() + "' but  security is' " + security.getSecurityType() + "'. This is fatal");
+                } else {
+                    OutputController.getLogger().log("The permissions attribute of this application is '" + file.getManifestsAttributes().permissionsToString() + "' and security is '" + security.getSecurityType() + "'. Thats correct");
+                }
+            }
+        }
+    }
+
+    void checkApplicationLibraryAllowableCodebaseAttribute() throws LaunchException {
+        if (signing == SigningState.NONE) {
+            return; /*when app is not signed at all, then skip this check*/
+        }
+        //conditions
+        URL codebase = file.getCodeBase();
+        URL documentBase = null;
+        if (file instanceof PluginBridge) {
+            documentBase = ((PluginBridge) file).getSourceLocation();
+        }
+        if (documentBase == null) {
+            documentBase = file.getCodeBase();
+        }
+
+        //cases
+        Set<URL> usedUrls = new HashSet<URL>();
+        URL sourceLocation = file.getSourceLocation();
+        ResourcesDesc[] resourcesDescs = file.getResourcesDescs();
+        if (sourceLocation != null) {
+            usedUrls.add(UrlUtils.removeFileName(sourceLocation));
+        }
+        for (ResourcesDesc resourcesDesc : resourcesDescs) {
+            ExtensionDesc[] ex = resourcesDesc.getExtensions();
+            if (ex != null) {
+                for (ExtensionDesc extensionDesc : ex) {
+                    if (extensionDesc != null) {
+                        usedUrls.add(UrlUtils.removeFileName(extensionDesc.getLocation()));
+                    }
+                }
+            }
+            JARDesc[] jars = resourcesDesc.getJARs();
+            if (jars != null) {
+                for (JARDesc jarDesc : jars) {
+                    if (jarDesc != null) {
+                        usedUrls.add(UrlUtils.removeFileName(jarDesc.getLocation()));
+                    }
+                }
+            }
+            JNLPFile jnlp = resourcesDesc.getJNLPFile();
+            if (jnlp != null) {
+                usedUrls.add(UrlUtils.removeFileName(jnlp.getSourceLocation()));
+            }
+
+        }
+        OutputController.getLogger().log("Found alaca URLs to be verified");
+        for (URL url : usedUrls) {
+            OutputController.getLogger().log(" - " + url.toExternalForm());
+        }
+        if (usedUrls.isEmpty()) {
+            //I hope this is the case, when the resources is/are
+            //only codebase classes. Then it should be safe to return.
+            OutputController.getLogger().log("The application is not using any url resources, skipping Application-Library-Allowable-Codebase Attribute check.");
+            return;
+        }
+
+        if (usedUrls.size() == 1) {
+            if (UrlUtils.equalsIgnoreLastSlash(usedUrls.toArray(new URL[0])[0], codebase)
+                    && UrlUtils.equalsIgnoreLastSlash(usedUrls.toArray(new URL[0])[0], documentBase)) {
+                //all resoources are from codebase or document base. it is ok to proceeed.
+                OutputController.getLogger().log("All applications resources (" + usedUrls.toArray(new URL[0])[0] + ") are from codebas/documentbase " + codebase + "/" + documentBase + ", skipping Application-Library-Allowable-Codebase Attribute check.");
+                return;
+            }
+        }
+        ClasspathMatchers att = file.getManifestsAttributes().getApplicationLibraryAllowableCodebase();
+
+        if (att == null) {
+            boolean a = SecurityDialogs.showMissingALACAttributePanel(file.getTitle(), documentBase, usedUrls);
+            if (!a) {
+                throw new LaunchException("The application uses non-codebase resources, has no Application-Library-Allowable-Codebase Attribute, and was blocked from running by the user");

From aazores at redhat.com  Thu Mar 20 15:23:40 2014
From: aazores at redhat.com (Andrew Azores)
Date: Thu, 20 Mar 2014 11:23:40 -0400
Subject: [rfc][icedtea-web] cache tweeks
In-Reply-To: <532AFC0A.5040501@redhat.com>
References: <532AFC0A.5040501@redhat.com>
Message-ID: <532B07FC.3050401@redhat.com>

On 03/20/2014 10:32 AM, Jiri Vanek wrote:
> releaseLock is bug, found thanx to tweeksToCache work.
> releaseLock is releasing the never released lock. It is not 100% fix 
> but for deeper fixing this needs to wait for cache revisite. ntil now 
> it was invisible, because jvm always terminated after clean-cache.
>
> The tweeksToCache is doing the only thing - making clear cache more 
> visible. Righ ntnow it exists only as cmd switch, and as feature in 
> itw-settings->cache->view Fiels->delete on by one.
> Now one can itw-settings->cache->view Files->delete all.
> Delete all is also presented on error dialogs - with tooltip why.
>
> Motivation? - tired to close bugs by "clear cache first please" "how" 
> "...:x..." "It started to work"
>
> Thanx!
>   J.

There's some weird formatting going on in the cache tweaks patch. 
invokeLaterDeleteAll, disableButtons, restoreDisabled, and 
visualCleanCache all have various indentation issues.

Otherwise I think this is okay.

Thanks,

-- 
Andrew A


From gnu.andrew at redhat.com  Thu Mar 20 15:32:52 2014
From: gnu.andrew at redhat.com (Andrew Hughes)
Date: Thu, 20 Mar 2014 11:32:52 -0400 (EDT)
Subject: build with bsd userland
In-Reply-To: <532A3C08.6090803@sanatana.filez.com>
References: <532A3C08.6090803@sanatana.filez.com>
Message-ID: <8057175.275897.1395329572686.JavaMail.zimbra@redhat.com>



----- Original Message -----
> on bsd systems, gnu versions of utils are installed with g prefix, such
> as gsed instead of sed.
> 
> this patch adds checking for such versions and uses them if found in
> path. With this patch it bootrap icedtea build system correctly on fbsd 10.
> 

This looks sane. I'll get it applied to HEAD.

I should have said, following your e-mail the other day, that the repository
you were using was the right one to work on. Patches should initially be applied
to HEAD and then backported to branches as necessary. We don't want to end up in
a situation where patches are only on a release branch (effectively, a dead end).

> it still does not build openjdk out of box with patch, fails on:
> 
> gmake[1]: Entering directory `/home/hsn/live/icedtea7/openjdk-boot'
> jdk/make/common/shared/Defs.gmk:194: "WARNING: Value of ARCH cannot be
> empty, will use ''"
> jdk/make/common/shared/Defs.gmk:194: "WARNING: Value of PLATFORM cannot
> be empty, will use ''"
> jdk/make/common/shared/Defs.gmk:397: jdk/make/common/shared/Defs-.gmk:
> No such file or directory
> jdk/make/common/shared/Defs.gmk:674:
> jdk/make/common/shared/Compiler-.gmk: No such file or directory
> gmake[1]: *** No rule to make target
> `jdk/make/common/shared/Compiler-.gmk'.  Stop.
> 

Ah, I think the problem here is there's only aix, linux, macosx, solaris and
windows in that directory. HotSpot, however, has BSD...

It seems some of the BSD port has been included upstream but not all. Let me
see if I can bring in an appropriate file from the BSD tree.

> I did not discovered where these variables are supposed to be set, after
> setting this manually to linux, it crosscompiles major portion of JDK.
> 

-- 
Andrew :)

Free Java Software Engineer
Red Hat, Inc. (http://www.redhat.com)

PGP Key: 248BDC07 (https://keys.indymedia.org/)
Fingerprint = EC5A 1F5E C0AD 1D15 8F1F  8F91 3B96 A578 248B DC07


From aazores at redhat.com  Thu Mar 20 15:33:13 2014
From: aazores at redhat.com (Andrew Azores)
Date: Thu, 20 Mar 2014 11:33:13 -0400
Subject: [rfc][icedtea-web] Trusted-only manifest attribute
Message-ID: <532B0A39.6060102@redhat.com>

Hi,

This implements the Trusted-only manifest attribute [0]. It's quite a 
simple check compared to some of the other new ones. A test case is 
included that verifies that specifying the attribute in the manifest, 
for a signed applet, without specifying the applet security in the 
applet HTML tag, is not allowed. More test cases will come later on.

[0] 
http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#trusted_only

Thanks,

-- 
Andrew A

-------------- next part --------------
A non-text attachment was scrubbed...
Name: trusted-only-attribute.patch
Type: text/x-patch
Size: 4170 bytes
Desc: not available
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140320/35dbee94/trusted-only-attribute.patch>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: trusted-only-attribute-tests.patch
Type: text/x-patch
Size: 9195 bytes
Desc: not available
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140320/35dbee94/trusted-only-attribute-tests.patch>

From jvanek at icedtea.classpath.org  Thu Mar 20 15:47:01 2014
From: jvanek at icedtea.classpath.org (jvanek at icedtea.classpath.org)
Date: Thu, 20 Mar 2014 15:47:01 +0000
Subject: /hg/icedtea-web: Clear cache function made more visible.
Message-ID: <hg.cea32875903d.1395330421.8643924302249223276@icedtea.classpath.org>

changeset cea32875903d in /hg/icedtea-web
details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=cea32875903d
author: Jiri Vanek <jvanek at redhat.com>
date: Thu Mar 20 16:55:12 2014 +0100

	Clear cache function made more visible.


diffstat:

 ChangeLog                                                                         |   16 +
 netx/net/sourceforge/jnlp/cache/CacheUtil.java                                    |   16 +-
 netx/net/sourceforge/jnlp/controlpanel/CachePane.java                             |  105 +++++++--
 netx/net/sourceforge/jnlp/resources/Messages.properties                           |    2 +
 netx/net/sourceforge/jnlp/splashscreen/parts/JEditorPaneBasedExceptionDialog.java |    5 +
 netx/net/sourceforge/jnlp/util/BasicExceptionDialog.java                          |   56 ++++-
 6 files changed, 163 insertions(+), 37 deletions(-)

diffs (391 lines):

diff -r d133c4ebfe24 -r cea32875903d ChangeLog
--- a/ChangeLog	Thu Mar 20 16:29:46 2014 +0100
+++ b/ChangeLog	Thu Mar 20 16:55:12 2014 +0100
@@ -1,3 +1,19 @@
+2014-03-20  Jiri Vanek  <jvanek at redhat.com>
+
+	Clear cache function made more visible.
+	* netx/net/sourceforge/jnlp/cache/CacheUtil.java: (okToClearCache) released
+	never released lock. (clearCache) now recriated directory after cleaning.
+	* netx/net/sourceforge/jnlp/controlpanel/CachePane.java: Added delete
+	all button. (restoreDisabled) and (disableButtons) are containing duplicated
+	code. (invokeLaterDeleteAll) and (visualCleanCache) utility methods accessing
+	CacheUtil.clearCache.
+	* netx/net/sourceforge/jnlp/resources/Messages.properties: added (CVCPCleanCache)
+	and (CVCPCleanCacheTip) keys
+	* netx/net/sourceforge/jnlp/splashscreen/parts/JEditorPaneBasedExceptionDialog.java:
+	added (cacheButton)
+	* netx/net/sourceforge/jnlp/util/BasicExceptionDialog.java: also added (cacheButton)
+	but also included some layout refactoring to have buttons in row.
+
 2014-03-20  Jiri Vanek  <jvanek at redhat.com>
 
 	Methods validating manifests' attributes moved to separate class.
diff -r d133c4ebfe24 -r cea32875903d netx/net/sourceforge/jnlp/cache/CacheUtil.java
--- a/netx/net/sourceforge/jnlp/cache/CacheUtil.java	Thu Mar 20 16:29:46 2014 +0100
+++ b/netx/net/sourceforge/jnlp/cache/CacheUtil.java	Thu Mar 20 16:55:12 2014 +0100
@@ -191,6 +191,7 @@
         try {
             cacheDir = cacheDir.getCanonicalFile();
             FileUtils.recursiveDelete(cacheDir, cacheDir);
+            cacheDir.mkdir();
         } catch (IOException e) {
             throw new RuntimeException(e);
         }
@@ -202,14 +203,15 @@
      * @return true if the cache can be cleared at this time without problems
      */
     private static boolean okToClearCache() {
-        File otherJavawsRunning = new File(JNLPRuntime.getConfiguration()
-                .getProperty(DeploymentConfiguration.KEY_USER_NETX_RUNNING_FILE));
+        File otherJavawsRunning = new File(JNLPRuntime.getConfiguration().getProperty(DeploymentConfiguration.KEY_USER_NETX_RUNNING_FILE));
+        FileLock locking = null;
         try {
             if (otherJavawsRunning.isFile()) {
                 FileOutputStream fis = new FileOutputStream(otherJavawsRunning);
                 
                 FileChannel channel = fis.getChannel();
-                if (channel.tryLock() == null) {
+                locking  = channel.tryLock();
+                if (locking == null) {
                     OutputController.getLogger().log("Other instances of netx are running");
                     return false;
                 }
@@ -222,6 +224,14 @@
             }
         } catch (IOException e) {
             return false;
+        } finally {
+            if (locking != null) {
+                try {
+                    locking.release();
+                } catch (IOException ex) {
+                    OutputController.getLogger().log(ex);
+                }
+            }
         }
     }
 
diff -r d133c4ebfe24 -r cea32875903d netx/net/sourceforge/jnlp/controlpanel/CachePane.java
--- a/netx/net/sourceforge/jnlp/controlpanel/CachePane.java	Thu Mar 20 16:29:46 2014 +0100
+++ b/netx/net/sourceforge/jnlp/controlpanel/CachePane.java	Thu Mar 20 16:55:12 2014 +0100
@@ -46,6 +46,7 @@
 import javax.swing.JButton;
 import javax.swing.JComponent;
 import javax.swing.JDialog;
+import javax.swing.JOptionPane;
 import javax.swing.JPanel;
 import javax.swing.JScrollPane;
 import javax.swing.JTable;
@@ -58,6 +59,7 @@
 
 import net.sourceforge.jnlp.cache.CacheDirectory;
 import net.sourceforge.jnlp.cache.CacheLRUWrapper;
+import net.sourceforge.jnlp.cache.CacheUtil;
 import net.sourceforge.jnlp.cache.DirectoryNode;
 import net.sourceforge.jnlp.config.DeploymentConfiguration;
 import net.sourceforge.jnlp.runtime.Translator;
@@ -80,7 +82,7 @@
             Translator.R("CVCPColSize"),
             Translator.R("CVCPColLastModified") };
     JTable cacheTable;
-    private JButton deleteButton, refreshButton, doneButton;
+    private JButton deleteButton, refreshButton, doneButton, cleanAll;
 
     /**
      * Creates a new instance of the CachePane.
@@ -192,12 +194,7 @@
         deleteButton.addActionListener(new ActionListener() {
             @Override
             public void actionPerformed(ActionEvent e) {
-                // Deleting may take a while, so indicate busy by cursor
-                parent.getContentPane().setCursor(Cursor.getPredefinedCursor(Cursor.WAIT_CURSOR));
-                // Disable dialog and buttons while deleting
-                deleteButton.setEnabled(false);
-                refreshButton.setEnabled(false);
-                doneButton.setEnabled(false);
+                disableButtons();
                 // Delete on AWT thread after this action has been performed
                 // in order to allow the cache viewer to update itself
                 invokeLaterDelete();
@@ -206,14 +203,24 @@
         deleteButton.setEnabled(false);
         buttons.add(deleteButton);
 
+        this.cleanAll = new JButton(Translator.R("CVCPCleanCache"));
+        cleanAll.addActionListener(new ActionListener() {
+
+            @Override
+            public void actionPerformed(ActionEvent e) {
+                disableButtons();
+                // Delete on AWT thread after this action has been performed
+                // in order to allow the cache viewer to update itself
+                invokeLaterDeleteAll();
+            }
+        });
+        buttons.add(cleanAll);
+
         this.refreshButton = new JButton(Translator.R("CVCPButRefresh"));
         refreshButton.addActionListener(new ActionListener() {
             @Override
             public void actionPerformed(ActionEvent e) {
-                // Disable all its controls when performing cacheTable refresh (populating)
-                deleteButton.setEnabled(false);
-                refreshButton.setEnabled(false);
-                doneButton.setEnabled(false);
+                disableButtons();
                 // Populate cacheTable on AWT thread after this action event has been performed
                 invokeLaterPopulateTable();
             }
@@ -259,7 +266,7 @@
      * {@link CacheViewer} have been instantiated and painted.
      * @see CachePane#cacheTable
      */
-    private final void invokeLaterDelete() {
+    private  void invokeLaterDelete() {
         EventQueue.invokeLater(new Runnable() {
             @Override
             public void run() {
@@ -283,6 +290,7 @@
                     int row = cacheTable.getSelectedRow();
                     try {
                         if (fl == null) {
+                            JOptionPane.showMessageDialog(parent, Translator.R("CCannotClearCache"));
                             return;
                         }
                         int modelRow = cacheTable.convertRowIndexToModel(row);
@@ -310,21 +318,7 @@
                 } catch (Exception exception) {
                         OutputController.getLogger().log(OutputController.Level.ERROR_DEBUG, exception);
                 } finally {
-                    // If nothing selected then keep deleteButton disabled
-                    if (!cacheTable.getSelectionModel().isSelectionEmpty()) {
-                        deleteButton.setEnabled(true);
-                    }
-                    // Enable buttons
-                    refreshButton.setEnabled(true);
-                    doneButton.setEnabled(true);
-                    // If cacheTable is empty disable it and set background
-                    // color to indicate being disabled
-                    if (cacheTable.getModel().getRowCount() == 0) {
-                        cacheTable.setEnabled(false);
-                        cacheTable.setBackground(SystemColor.control);
-                    }
-                    // Reset cursor
-                    parent.getContentPane().setCursor(Cursor.getDefaultCursor());
+                    restoreDisabled();
                 }
             }
 
@@ -344,6 +338,23 @@
         });
     }
 
+    private void invokeLaterDeleteAll() {
+        EventQueue.invokeLater(new Runnable() {
+
+            @Override
+            public void run() {
+                try {
+                    visualCleanCache(parent);
+                    populateTable();
+                } catch (Exception exception) {
+                    OutputController.getLogger().log(OutputController.Level.ERROR_DEBUG, exception);
+                } finally {
+                    restoreDisabled();
+                }
+            }
+        });
+    }
+
     /**
      * Posts an event to the event queue to populate the
      * {@link CachePane#cacheTable} after the {@code CachePane} and
@@ -371,6 +382,7 @@
                 } finally {
                     refreshButton.setEnabled(true);
                     doneButton.setEnabled(true);
+                    cleanAll.setEnabled(true);
                 }
             }
         });
@@ -439,4 +451,43 @@
             defaultFocusComponent.requestFocusInWindow();
         }
     }
+
+    public void disableButtons() {
+        // may take a while, so indicate busy by cursor
+        parent.getContentPane().setCursor(Cursor.getPredefinedCursor(Cursor.WAIT_CURSOR));
+        // Disable dialog and buttons while operating
+        deleteButton.setEnabled(false);
+        refreshButton.setEnabled(false);
+        doneButton.setEnabled(false);
+        cleanAll.setEnabled(false);
+    }
+
+    public void restoreDisabled() {
+        cleanAll.setEnabled(true);
+        // If nothing selected then keep deleteButton disabled
+        if (!cacheTable.getSelectionModel().isSelectionEmpty()) {
+            deleteButton.setEnabled(true);
+        }
+        // Enable buttons
+        refreshButton.setEnabled(true);
+        doneButton.setEnabled(true);
+        // If cacheTable is empty disable it and set background
+        // color to indicate being disabled
+        if (cacheTable.getModel().getRowCount() == 0) {
+            cacheTable.setEnabled(false);
+            cacheTable.setBackground(SystemColor.control);
+        }
+        // Reset cursor
+        parent.getContentPane().setCursor(Cursor.getDefaultCursor());
+    }
+
+    public static boolean visualCleanCache(Component parent) {
+        boolean success = CacheUtil.clearCache();
+        if (!success) {
+            JOptionPane.showMessageDialog(parent, Translator.R("CCannotClearCache"));
+        }
+        return success;
+    }
 }
+
+
diff -r d133c4ebfe24 -r cea32875903d netx/net/sourceforge/jnlp/resources/Messages.properties
--- a/netx/net/sourceforge/jnlp/resources/Messages.properties	Thu Mar 20 16:29:46 2014 +0100
+++ b/netx/net/sourceforge/jnlp/resources/Messages.properties	Thu Mar 20 16:55:12 2014 +0100
@@ -679,6 +679,8 @@
 CVCPDialogTitle=Cache Viewer
 CVCPButRefresh=Refresh
 CVCPButDelete=Delete
+CVCPCleanCache=Clean all cache
+CVCPCleanCacheTip=Some errors may be caused by old files in your cache. Before submitting the bug, you may clear cache and try to run application again. 
 CVCPColLastModified=Last Modified
 CVCPColSize=Size (Bytes)
 CVCPColDomain=Domain
diff -r d133c4ebfe24 -r cea32875903d netx/net/sourceforge/jnlp/splashscreen/parts/JEditorPaneBasedExceptionDialog.java
--- a/netx/net/sourceforge/jnlp/splashscreen/parts/JEditorPaneBasedExceptionDialog.java	Thu Mar 20 16:29:46 2014 +0100
+++ b/netx/net/sourceforge/jnlp/splashscreen/parts/JEditorPaneBasedExceptionDialog.java	Thu Mar 20 16:55:12 2014 +0100
@@ -74,6 +74,7 @@
     private JButton homeButton;
     private JButton aboutButton;
     private JButton consoleButton;
+    private JButton cacheButton;
     private JEditorPane htmlErrorAndHelpPanel;
     private JLabel exceptionLabel;
     private JLabel iconLabel;
@@ -143,6 +144,7 @@
         homeButton = new JButton();
         aboutButton = new JButton();
         consoleButton = BasicExceptionDialog.getShowButton(JEditorPaneBasedExceptionDialog.this);
+        cacheButton = BasicExceptionDialog.getClearCacheButton(JEditorPaneBasedExceptionDialog.this);
 
         setDefaultCloseOperation(WindowConstants.DISPOSE_ON_CLOSE);
 
@@ -174,6 +176,8 @@
                         .addContainerGap()
                         .addComponent(aboutButton)
                         .addContainerGap()
+                        .addComponent(cacheButton)
+                        .addContainerGap()
                         .addComponent(consoleButton)
                         .addPreferredGap(LayoutStyle.ComponentPlacement.RELATED, 314, Short.MAX_VALUE)
                         .addComponent(closeAndCopyButton)
@@ -185,6 +189,7 @@
                     .addGroup(jPanel2Layout.createParallelGroup(GroupLayout.Alignment.BASELINE)
                         .addComponent(closeButton)
                         .addComponent(aboutButton)
+                        .addComponent(cacheButton)
                         .addComponent(consoleButton)
                         .addComponent(closeAndCopyButton))
                     .addContainerGap()));
diff -r d133c4ebfe24 -r cea32875903d netx/net/sourceforge/jnlp/util/BasicExceptionDialog.java
--- a/netx/net/sourceforge/jnlp/util/BasicExceptionDialog.java	Thu Mar 20 16:29:46 2014 +0100
+++ b/netx/net/sourceforge/jnlp/util/BasicExceptionDialog.java	Thu Mar 20 16:55:12 2014 +0100
@@ -56,6 +56,8 @@
 import javax.swing.JPanel;
 import javax.swing.JScrollPane;
 import javax.swing.JTextArea;
+import javax.swing.SwingUtilities;
+import net.sourceforge.jnlp.controlpanel.CachePane;
 import net.sourceforge.jnlp.util.logging.JavaConsole;
 
 /**
@@ -79,23 +81,39 @@
         final JDialog errorDialog = optionPane.createDialog(R("Error"));
         errorDialog.setIconImages(ImageResources.INSTANCE.getApplicationImages());
 
-        final JPanel quickInfoPanel = new JPanel();
-        BoxLayout layout = new BoxLayout(quickInfoPanel, BoxLayout.Y_AXIS);
-        quickInfoPanel.setLayout(layout);
-        mainPanel.add(quickInfoPanel, BorderLayout.PAGE_START);
+        final JPanel quickInfoPanelAll = new JPanel();
+        final JPanel quickInfoPanelMessage = new JPanel();
+        final JPanel quickInfoPanelButtons = new JPanel();
+        BoxLayout layoutAll = new BoxLayout(quickInfoPanelAll, BoxLayout.Y_AXIS);
+        BoxLayout layoutMessage = new BoxLayout(quickInfoPanelMessage, BoxLayout.X_AXIS);
+        BoxLayout layoutButtons = new BoxLayout(quickInfoPanelButtons, BoxLayout.X_AXIS);
+        quickInfoPanelAll.setLayout(layoutAll);
+        quickInfoPanelMessage.setLayout(layoutMessage);
+        quickInfoPanelButtons.setLayout(layoutButtons);
+        mainPanel.add(quickInfoPanelAll, BorderLayout.PAGE_START);
+        quickInfoPanelAll.add(quickInfoPanelMessage);
+        quickInfoPanelAll.add(quickInfoPanelButtons);
 
         JLabel errorLabel = new JLabel(exception.getMessage());
         errorLabel.setAlignmentY(JComponent.LEFT_ALIGNMENT);
-        quickInfoPanel.add(errorLabel);
+        quickInfoPanelMessage.add(errorLabel);
 
         final JButton viewDetails = new JButton(R("ButShowDetails"));
         viewDetails.setAlignmentY(JComponent.LEFT_ALIGNMENT);
         viewDetails.setActionCommand("show");
-        quickInfoPanel.add(viewDetails);
+        quickInfoPanelButtons.add(viewDetails);
+
+        final JButton cacheButton = getClearCacheButton(errorDialog);
+        cacheButton.setAlignmentY(JComponent.LEFT_ALIGNMENT);
+        quickInfoPanelButtons.add(cacheButton);
 
         final JButton consoleButton = getShowButton(errorDialog);
         consoleButton.setAlignmentY(JComponent.LEFT_ALIGNMENT);
-        quickInfoPanel.add(consoleButton);
+        quickInfoPanelButtons.add(consoleButton);
+
+        final JPanel fillRest = new JPanel();
+        fillRest.setAlignmentY(JComponent.LEFT_ALIGNMENT);
+        quickInfoPanelButtons.add(fillRest);
 
         JTextArea textArea = new JTextArea();
         textArea.setBorder(BorderFactory.createEmptyBorder(5, 5, 5, 5));
@@ -149,4 +167,28 @@
         }
         return consoleButton;
     }
+
+    public static JButton getClearCacheButton(final Component parent) {
+        JButton clearAllButton = new JButton();
+        clearAllButton.setText(R("CVCPCleanCache"));
+        clearAllButton.setToolTipText(R("CVCPCleanCacheTip"));
+        clearAllButton.addActionListener(new java.awt.event.ActionListener() {
+
+            @Override
+            public void actionPerformed(java.awt.event.ActionEvent evt) {
+                SwingUtilities.invokeLater(new Runnable() {
+
+                    @Override
+                    public void run() {
+                        try {
+                            CachePane.visualCleanCache(parent);
+                        } catch (Exception ex) {
+                            OutputController.getLogger().log(OutputController.Level.ERROR_DEBUG, ex);
+                        }
+                    }
+                });
+            }
+        });
+        return clearAllButton;
+    }
 }

From jvanek at redhat.com  Thu Mar 20 16:23:10 2014
From: jvanek at redhat.com (Jiri Vanek)
Date: Thu, 20 Mar 2014 17:23:10 +0100
Subject: [rfc][icedtea-web] Trusted-only manifest attribute
In-Reply-To: <532B0A39.6060102@redhat.com>
References: <532B0A39.6060102@redhat.com>
Message-ID: <532B15EE.10508@redhat.com>

On 03/20/2014 04:33 PM, Andrew Azores wrote:
> Hi,
>
> This implements the Trusted-only manifest attribute [0]. It's quite a simple check compared to some of the other new ones. A test case is included that verifies that specifying the attribute in the manifest, for a signed applet, without specifying the applet security in the applet HTML tag, is not allowed. More test cases will come later on.
>
> [0] http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#trusted_only

Thanx for prompt work!

Few nits:

+ ...  file.getManifestsAttributes().getAttribute(JNLPFile.ManifestsAttributes.TRUSTED_ONLY);

You do not need to bother with this. There is method for you in file.getManifestsAttributes() which returns  ManifestBoolean (TRUE, FALSE, UNDEFINED) for you.

It will affect also

+        if (!trustedOnly.equalsIgnoreCase("true")) {
+            OutputController.getLogger().log(OutputController.Level.WARNING_ALL, "Trusted Only manifest attribute is not recognized. Continuing anyway.");
+            return;
+        }

Instead of this your code will recieve IllegalArgumentException, And I 'm in favour to let it be thrown.

Instead of MESSAGE_ALL please go on with MESSAGE_DEBUG for those two messages

+        if (!(isFullySigned && SecurityDesc.ALL_PERMISSIONS.equals(desc))) {
+            OutputController.getLogger().log(OutputController.Level.ERROR_ALL,
+                    "Trusted Only manifest attribute is \"true\". Applet is fully signed? " + isFullySigned
+                            + ". Applet is requesting permission level: " + securityType + ". This is fatal.");
+            throw new LaunchException(Translator.R("STrustedOnlyAttributeFailure", Boolean.toString(isFullySigned), securityType));
+        }


I would like to have the
OutputController.getLogger().log(OutputController.Level.ERROR_ALL, as MESSAFE_DEBUG and *before* the if itself.

Also the essafe is bit wierd :)

"Trusted Only manifest attribute is " + trustedOnly +  ". Applet's signing is " + signing + ". Applet is requesting permission level: " + securityType + ".");

Or similar.. moreover everything iexcept the "Applet is fully signed?" :)

Also the LaunchException itself -  Ithink the Boolean.toString(isFullySigned)  nor securityType is necessary. All is known in this state.
So just throw exception with explanation without variables (thay may be in only one state or not? isFullySigned==true and desc!=SecurityDesc.ALL_PERMISSIONS) )


Also maybe different value for null and for "rest" in case of securityType string.


The reproducer is missing javaws parts and is missing correct case. Minimalistical  reproducer should be
- applet signed  trusted-only=false
- applet signed  trusted-only=true
- applet signed  trusted-only=illegal
- applet mixed signatures  trusted-only=false
- applet mixed signatures  trusted-only=false
- applet mixed signatures  trusted-only=illegal
- applet not signed  trusted-only=false
- applet not signed  trusted-only=true
- applet not signed  trusted-only=illegal
- javaws  signed  trusted-only=false
- javaws  signed  trusted-only=true
- javaws  signed  trusted-only=illegal
- javaws  not signed  trusted-only=false
- javaws  not signed  trusted-only=true
- javaws  not signed  trusted-only=illegal

However it is to much work. In long-term it would be nice to have them. For now, just extends your:
applet not signed  trusted-only=true
by:
javaws not signed  trusted-only=true


Also youu do not need custom reproducer for this!  Unsigned applet with manifest is classical simple reproducer :)

thanx!
   J.





From aazores at redhat.com  Thu Mar 20 16:42:13 2014
From: aazores at redhat.com (Andrew Azores)
Date: Thu, 20 Mar 2014 12:42:13 -0400
Subject: [rfc][icedtea-web] Trusted-only manifest attribute
In-Reply-To: <532B15EE.10508@redhat.com>
References: <532B0A39.6060102@redhat.com> <532B15EE.10508@redhat.com>
Message-ID: <532B1A65.8070504@redhat.com>

On 03/20/2014 12:23 PM, Jiri Vanek wrote:
> On 03/20/2014 04:33 PM, Andrew Azores wrote:
>> Hi,
>>
>> This implements the Trusted-only manifest attribute [0]. It's quite a 
>> simple check compared to some of the other new ones. A test case is 
>> included that verifies that specifying the attribute in the manifest, 
>> for a signed applet, without specifying the applet security in the 
>> applet HTML tag, is not allowed. More test cases will come later on.
>>
>> [0] 
>> http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#trusted_only
>
> Thanx for prompt work!
>
> Few nits:
>
> + ... 
> file.getManifestsAttributes().getAttribute(JNLPFile.ManifestsAttributes.TRUSTED_ONLY);
>
> You do not need to bother with this. There is method for you in 
> file.getManifestsAttributes() which returns  ManifestBoolean (TRUE, 
> FALSE, UNDEFINED) for you.
>
> It will affect also
>
> +        if (!trustedOnly.equalsIgnoreCase("true")) {
> + OutputController.getLogger().log(OutputController.Level.WARNING_ALL, 
> "Trusted Only manifest attribute is not recognized. Continuing anyway.");
> +            return;
> +        }
>
> Instead of this your code will recieve IllegalArgumentException, And I 
> 'm in favour to let it be thrown.
>
> Instead of MESSAGE_ALL please go on with MESSAGE_DEBUG for those two 
> messages

All above fixed.

>
> +        if (!(isFullySigned && 
> SecurityDesc.ALL_PERMISSIONS.equals(desc))) {
> + OutputController.getLogger().log(OutputController.Level.ERROR_ALL,
> +                    "Trusted Only manifest attribute is \"true\". 
> Applet is fully signed? " + isFullySigned
> +                            + ". Applet is requesting permission 
> level: " + securityType + ". This is fatal.");
> +            throw new 
> LaunchException(Translator.R("STrustedOnlyAttributeFailure", 
> Boolean.toString(isFullySigned), securityType));
> +        }
>
>
> I would like to have the
> OutputController.getLogger().log(OutputController.Level.ERROR_ALL, as 
> MESSAFE_DEBUG and *before* the if itself.

Sure.

>
> Also the essafe is bit wierd :)

Yea... ;)

>
> "Trusted Only manifest attribute is " + trustedOnly +  ". Applet's 
> signing is " + signing + ". Applet is requesting permission level: " + 
> securityType + ".");
>
> Or similar.. moreover everything iexcept the "Applet is fully signed?" :)

Better now?

>
> Also the LaunchException itself -  Ithink the 
> Boolean.toString(isFullySigned)  nor securityType is necessary. All is 
> known in this state.
> So just throw exception with explanation without variables (thay may 
> be in only one state or not? isFullySigned==true and 
> desc!=SecurityDesc.ALL_PERMISSIONS) )

If Trusted-only is true, having either desc != ALL_PERMISSIONS *or* 
signing != SigningState.FULL will cause a failure. I'd like to be able 
to have it distinguish between these two cases, rather than just saying 
"one of these things went wrong", especially because both of those have 
several possible values.

>
>
> Also maybe different value for null and for "rest" in case of 
> securityType string.

Done.

>
>
> The reproducer is missing javaws parts and is missing correct case. 
> Minimalistical  reproducer should be
> - applet signed  trusted-only=false
> - applet signed  trusted-only=true
> - applet signed  trusted-only=illegal
> - applet mixed signatures  trusted-only=false
> - applet mixed signatures  trusted-only=false
> - applet mixed signatures  trusted-only=illegal
> - applet not signed  trusted-only=false
> - applet not signed  trusted-only=true
> - applet not signed  trusted-only=illegal
> - javaws  signed  trusted-only=false
> - javaws  signed  trusted-only=true
> - javaws  signed  trusted-only=illegal
> - javaws  not signed  trusted-only=false
> - javaws  not signed  trusted-only=true
> - javaws  not signed  trusted-only=illegal
>
> However it is to much work. In long-term it would be nice to have 
> them. For now, just extends your:
> applet not signed  trusted-only=true
> by:
> javaws not signed  trusted-only=true

It's:
applet signed trusted-only=true
right now. But yes. JNLP version of the same added.

>
>
> Also youu do not need custom reproducer for this!  Unsigned applet 
> with manifest is classical simple reproducer :)
>
> thanx!
>   J.

It will need to be custom eventually for the mixed signatures, though. I 
was intending to use just one custom reproducer to build and test all of 
the different cases (eventually).

Thanks,

-- 
Andrew A

-------------- next part --------------
A non-text attachment was scrubbed...
Name: trusted-only-attribute.patch
Type: text/x-patch
Size: 4013 bytes
Desc: not available
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140320/382f8c97/trusted-only-attribute.patch>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: trusted-only-attribute-tests.patch
Type: text/x-patch
Size: 12125 bytes
Desc: not available
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140320/382f8c97/trusted-only-attribute-tests.patch>

From jvanek at redhat.com  Thu Mar 20 17:32:30 2014
From: jvanek at redhat.com (Jiri Vanek)
Date: Thu, 20 Mar 2014 18:32:30 +0100
Subject: [rfc][icedtea-web] Trusted-only manifest attribute
In-Reply-To: <532B1A65.8070504@redhat.com>
References: <532B0A39.6060102@redhat.com> <532B15EE.10508@redhat.com>
	<532B1A65.8070504@redhat.com>
Message-ID: <532B262E.9080806@redhat.com>

+        OutputController.getLogger().log(OutputController.Level.ERROR_ALL,
+                "Trusted Only manifest attribute is \"true\". " + signedMsg + " and requests permission level: " + securityType);

Please, do it MESSAGE_DEBUG



On 03/20/2014 05:42 PM, Andrew Azores wrote:
> On 03/20/2014 12:23 PM, Jiri Vanek wrote:
>> On 03/20/2014 04:33 PM, Andrew Azores wrote:
>
>>
...
>>
>>
>> The reproducer is missing javaws parts and is missing correct case. Minimalistical reproducer should be
>> - applet signed trusted-only=false
>> - applet signed trusted-only=true
>> - applet signed trusted-only=illegal
>> - applet mixed signatures trusted-only=false
>> - applet mixed signatures trusted-only=false
>> - applet mixed signatures trusted-only=illegal
>> - applet not signed trusted-only=false
>> - applet not signed trusted-only=true
>> - applet not signed trusted-only=illegal
>> - javaws signed trusted-only=false
>> - javaws signed trusted-only=true
>> - javaws signed trusted-only=illegal
>> - javaws not signed trusted-only=false
>> - javaws not signed trusted-only=true
>> - javaws not signed trusted-only=illegal

the specifying x not specifying all security is doubling the actual work  on this :(
>>
>> However it is to much work. In long-term it would be nice to have them. For now, just extends your:
>> applet not signed trusted-only=true
>> by:
>> javaws not signed trusted-only=true
>
> It's:
> applet signed trusted-only=true
> right now. But yes. JNLP version of the same added.
 > It will need to be custom eventually for the mixed signatures, though. I was intending to use just one custom reproducer to build and test all of the different cases (eventually).


I see. Than please add the unsigned +   trusted-only=true (it should be one line in makefile and two more tests in testcase)

Also maybe add the Assert for presence of  " System.out.println("TrustedOnlyAttribute applet running");" ?

Also please add one html and one jnlp file witch will request the all permissions.  (So the only "passing" pair of tests)
and  one html and one jnlp file witch will request the all permissions, but will not be signed.

Assuming those eight reproducers behave corrctly ( signed + requesting, signed + not requesting, not signed + requesting, notsigned + not requesting)*(jnlp+html), all  trusted-only=true
and above  MESSAGE_DEBUG fixed. Go on and push!



From jvanek at redhat.com  Thu Mar 20 17:52:11 2014
From: jvanek at redhat.com (Jiri Vanek)
Date: Thu, 20 Mar 2014 18:52:11 +0100
Subject: [rfc][icedtea-web] Launching PolicyEditor from CertWarningPane
In-Reply-To: <780923058.4176443.1394812828836.JavaMail.zimbra@redhat.com>
References: <53220215.60301@redhat.com> <53220A02.7090506@redhat.com>
	<5323135E.6070700@redhat.com>
	<780923058.4176443.1394812828836.JavaMail.zimbra@redhat.com>
Message-ID: <532B2ACB.3010509@redhat.com>

On 03/14/2014 05:00 PM, Andrew Azores wrote:
>> many import issues. Invaid(how comae? My wrong I guess) and especially unused imports.
>>
>> I gave up an code a bit O:). So user experience:
>>
>>
>> popupmenu - best handling is NOT to add as component. And do not show them in actionPerforemd.
>> Show them *without* parent, in mause Clicked - it have positionOnScreen, and you show the poup menu
>> on this pposition. Should work like charm.
>
> This seems to work well, thanks for the tip.
>
>>
>> I would excude this "V" from pproperties. Also the button s quote wide. Maybe use image rather?
>
> I tried using an image now but wasn't really happy with the results. I've changed it instead to a unicode character that looks like the three horizontal line overflow menu icon that's being used by iOS and Android. I think it's pretty nice although the button is still a bit wide.
>
>>
>> Interesting state - dialog appeared , I clicked "V" clicked  show policy editor, it apeared, I
>> clicked cancel in mian dilog/or ok in main dialog.. The editro should be modal
>
> Hmm, well it's a JFrame, so I can't easily make it modal I don't think. Maybe as a separate changeset PolicyEditor can be made into a JDialog and CertWarningPane can then be made to use it as a modal dialog?
>
>>
>> How does it behave for  yes/no/cancel/close of policy editor?
>
> The CertWarningPane doesn't know about this at all. All it knows about is if it has a PolicyEditor reference, and if it does, if the editor is still open or has been closed.
>
>>    - small nit - other codebases in editor are confusing.
>>
>>
>> Thanx!
>>     J.
>>
>
> I suppose, but PolicyEditor doesn't have any mechanism right now to display only one codebase when there are also others present in the policy file.

Then maybe it can be added? I think simple filter on shown list? And in this case the filter will be pre setup to show only new/edited codebase. This is also enough as next changeset (however... necessary....)

Ugh .. the modality should be fixed :(.... Then maybe do it dialogue? This may be as another changeset, but should be fixed....

Eg two containers - dialog an frame with same pannel.....


Well one possible stop-show:

geogebra do not start with :
net.sourceforge.jnlp.LaunchException: Fatal: Initialization Error: Could not initialize application. The application has not been initialized, for more information execute javaws from the command line.     at net.sourceforge.jnlp.Launcher.createApplication(Launcher.java:789)     at net.sourceforge.jnlp.Launcher.launchApplication(Launcher.java:529)     at net.sourceforge.jnlp.Launcher$TgThread.run(Launcher.java:911) Caused by: net.sourceforge.jnlp.LaunchException: The 'permissions' attribute is 'all-permissions' but  security is' Sandbox'. This is fatal     at net.sourceforge.jnlp.runtime.ManifestsAttributesValidator.checkPermissionsAttribute(ManifestsAttributesValidator.java:145)     at 
net.sourceforge.jnlp.runtime.JNLPClassLoader. (JNLPClassLoader.java:289)     at net.sourceforge.jnlp.runtime.JNLPClassLoader.createInstance(JNLPClassLoader.java:353)     at net.sourceforge.jnlp.runtime.JNLPClassLoader.getInstance(JNLPClassLoader.java:420)     at net.sourceforge.jnlp.runtime.JNLPClassLoader.getInstance(JNLPClassLoader.java:396)     at net.sourceforge.jnlp.Launcher.createApplication(Launcher.java:781)     ... 2 more

I think it is wrong. The run-in-sandbox should skip this check or otherwise handdle it.


J.

From jvanek at redhat.com  Thu Mar 20 18:45:31 2014
From: jvanek at redhat.com (Jiri Vanek)
Date: Thu, 20 Mar 2014 19:45:31 +0100
Subject: [rfc][icedtea-web] SecurityDelegate addPermission and reference
	for	CertWarningPane
In-Reply-To: <53221874.3030302@redhat.com>
References: <53221874.3030302@redhat.com>
Message-ID: <532B374B.6000203@redhat.com>

On 03/13/2014 09:43 PM, Andrew Azores wrote:
> Hi,
>
> The smaller of these two patches simply exposes JNLPClassLoader#addPermission(Permission) through three new SecurityDelegate methods: #addPermission(Permission), #addPermissions(PermissionCollection), and #addPermissions(Collection<Permission>). The larger patch passes a SecurityDelegate reference through the security dialog system so that the delegate is available to CertWarningPane. This is in preparation for a patch that will add "this run only" temporary permission options to the CertWarningPane, achieved by "injecting" these permissions directly into the classloader via the delegate. These extra options are not included because they are blocked on "Launching PolicyEditor from CertWarningPane", but this
> infrastructure work doesn't depend on that patch.
>
> These two patches apply cleanly together, but certwarning-securitydelegate will have a small and easily resolvable conflict with policyeditor-in-dialog-4 if they are used together.
>
> (securitydelegate-addpermission)
> ChangeLog:
> * netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java: (SecurityDelegate addPermission, addPermissions) new methods. (SecurityDelegateImpl addPermission, addPermissions) implement previous.
>
> (certwarning-securitydelegate)
> ChangeLog:
> * netx/net/sourceforge/jnlp/security/JNLPAppVerifier.java: (checkTrustWithUser) pass SecurityDelegate reference to SecurityDialogs.showCertWarningDialog
> * netx/net/sourceforge/jnlp/security/PluginAppVerifier.java: same
> * netx/net/sourceforge/jnlp/security/SecurityDialog.java: pass SecurityDelegate reference from extras into CertWarningPane constructor
> * netx/net/sourceforge/jnlp/security/SecurityDialogs.java: (showCertWarningDialog) added SecurityDelegate parameter, add to extras array.
> * netx/net/sourceforge/jnlp/security/VariableX509TrustManager.java: (askUser) pass null for SecurityDelegate reference
> * netx/net/sourceforge/jnlp/security/dialogs/CertWarningPane.java: (CertWarningPane) added SecurityDelegate constructor parameter and (securityDelegate) field
>
> Thanks,
>

Yup. I would say ok to go.

J.

From aazores at redhat.com  Thu Mar 20 19:08:54 2014
From: aazores at redhat.com (Andrew Azores)
Date: Thu, 20 Mar 2014 15:08:54 -0400
Subject: [rfc][icedtea-web] Trusted-only manifest attribute
In-Reply-To: <532B262E.9080806@redhat.com>
References: <532B0A39.6060102@redhat.com> <532B15EE.10508@redhat.com>
	<532B1A65.8070504@redhat.com> <532B262E.9080806@redhat.com>
Message-ID: <532B3CC6.6030309@redhat.com>

On 03/20/2014 01:32 PM, Jiri Vanek wrote:
> + OutputController.getLogger().log(OutputController.Level.ERROR_ALL,
> +                "Trusted Only manifest attribute is \"true\". " + 
> signedMsg + " and requests permission level: " + securityType);
>
> Please, do it MESSAGE_DEBUG
>
>
>
> On 03/20/2014 05:42 PM, Andrew Azores wrote:
>> On 03/20/2014 12:23 PM, Jiri Vanek wrote:
>>> On 03/20/2014 04:33 PM, Andrew Azores wrote:
>>
>>>
> ...
>>>
>>>
>>> The reproducer is missing javaws parts and is missing correct case. 
>>> Minimalistical reproducer should be
>>> - applet signed trusted-only=false
>>> - applet signed trusted-only=true
>>> - applet signed trusted-only=illegal
>>> - applet mixed signatures trusted-only=false
>>> - applet mixed signatures trusted-only=false
>>> - applet mixed signatures trusted-only=illegal
>>> - applet not signed trusted-only=false
>>> - applet not signed trusted-only=true
>>> - applet not signed trusted-only=illegal
>>> - javaws signed trusted-only=false
>>> - javaws signed trusted-only=true
>>> - javaws signed trusted-only=illegal
>>> - javaws not signed trusted-only=false
>>> - javaws not signed trusted-only=true
>>> - javaws not signed trusted-only=illegal
>
> the specifying x not specifying all security is doubling the actual 
> work  on this :(
>>>
>>> However it is to much work. In long-term it would be nice to have 
>>> them. For now, just extends your:
>>> applet not signed trusted-only=true
>>> by:
>>> javaws not signed trusted-only=true
>>
>> It's:
>> applet signed trusted-only=true
>> right now. But yes. JNLP version of the same added.
> > It will need to be custom eventually for the mixed signatures, 
> though. I was intending to use just one custom reproducer to build and 
> test all of the different cases (eventually).
>
>
> I see. Than please add the unsigned +   trusted-only=true (it should 
> be one line in makefile and two more tests in testcase)
>
> Also maybe add the Assert for presence of  " 
> System.out.println("TrustedOnlyAttribute applet running");" ?
>
> Also please add one html and one jnlp file witch will request the all 
> permissions.  (So the only "passing" pair of tests)
> and  one html and one jnlp file witch will request the all 
> permissions, but will not be signed.
>
> Assuming those eight reproducers behave corrctly ( signed + 
> requesting, signed + not requesting, not signed + requesting, 
> notsigned + not requesting)*(jnlp+html), all  trusted-only=true
> and above  MESSAGE_DEBUG fixed. Go on and push!
>
>

Hmm, seems like checking for the SecurityDesc of plugin applets is not 
very useful. I've cut it down to 6 test cases here (all specifying 
Trusted-only: true), which I think is probably okay for now.

The actual attribute check changed a little because I ran into an NPE 
and did a very very small refactor as well.

Thanks,

-- 
Andrew A

-------------- next part --------------
A non-text attachment was scrubbed...
Name: trusted-only-attribute.patch
Type: text/x-patch
Size: 4029 bytes
Desc: not available
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140320/d1df1b0f/trusted-only-attribute-0001.patch>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: trusted-only-attribute-tests.patch
Type: text/x-patch
Size: 24841 bytes
Desc: not available
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140320/d1df1b0f/trusted-only-attribute-tests-0001.patch>

From aazores at redhat.com  Thu Mar 20 19:16:57 2014
From: aazores at redhat.com (Andrew Azores)
Date: Thu, 20 Mar 2014 15:16:57 -0400
Subject: [rfc][icedtea-web] Launching PolicyEditor from CertWarningPane
In-Reply-To: <532B2ACB.3010509@redhat.com>
References: <53220215.60301@redhat.com> <53220A02.7090506@redhat.com>
	<5323135E.6070700@redhat.com>
	<780923058.4176443.1394812828836.JavaMail.zimbra@redhat.com>
	<532B2ACB.3010509@redhat.com>
Message-ID: <532B3EA9.3090702@redhat.com>

On 03/20/2014 01:52 PM, Jiri Vanek wrote:
> On 03/14/2014 05:00 PM, Andrew Azores wrote:
>>> many import issues. Invaid(how comae? My wrong I guess) and 
>>> especially unused imports.
>>>
>>> I gave up an code a bit O:). So user experience:
>>>
>>>
>>> popupmenu - best handling is NOT to add as component. And do not 
>>> show them in actionPerforemd.
>>> Show them *without* parent, in mause Clicked - it have 
>>> positionOnScreen, and you show the poup menu
>>> on this pposition. Should work like charm.
>>
>> This seems to work well, thanks for the tip.
>>
>>>
>>> I would excude this "V" from pproperties. Also the button s quote 
>>> wide. Maybe use image rather?
>>
>> I tried using an image now but wasn't really happy with the results. 
>> I've changed it instead to a unicode character that looks like the 
>> three horizontal line overflow menu icon that's being used by iOS and 
>> Android. I think it's pretty nice although the button is still a bit 
>> wide.
>>
>>>
>>> Interesting state - dialog appeared , I clicked "V" clicked show 
>>> policy editor, it apeared, I
>>> clicked cancel in mian dilog/or ok in main dialog.. The editro 
>>> should be modal
>>
>> Hmm, well it's a JFrame, so I can't easily make it modal I don't 
>> think. Maybe as a separate changeset PolicyEditor can be made into a 
>> JDialog and CertWarningPane can then be made to use it as a modal 
>> dialog?
>>
>>>
>>> How does it behave for  yes/no/cancel/close of policy editor?
>>
>> The CertWarningPane doesn't know about this at all. All it knows 
>> about is if it has a PolicyEditor reference, and if it does, if the 
>> editor is still open or has been closed.
>>
>>>    - small nit - other codebases in editor are confusing.
>>>
>>>
>>> Thanx!
>>>     J.
>>>
>>
>> I suppose, but PolicyEditor doesn't have any mechanism right now to 
>> display only one codebase when there are also others present in the 
>> policy file.
>
> Then maybe it can be added? I think simple filter on shown list? And 
> in this case the filter will be pre setup to show only new/edited 
> codebase. This is also enough as next changeset (however... 
> necessary....)
>
> Ugh .. the modality should be fixed :(.... Then maybe do it dialogue? 
> This may be as another changeset, but should be fixed....
>
> Eg two containers - dialog an frame with same pannel.....
>

Yes, both of these can/should be fixed, but as a different changeset I 
think.

>
> Well one possible stop-show:
>
> geogebra do not start with :
> net.sourceforge.jnlp.LaunchException: Fatal: Initialization Error: 
> Could not initialize application. The application has not been 
> initialized, for more information execute javaws from the command 
> line.     at 
> net.sourceforge.jnlp.Launcher.createApplication(Launcher.java:789) at 
> net.sourceforge.jnlp.Launcher.launchApplication(Launcher.java:529) at 
> net.sourceforge.jnlp.Launcher$TgThread.run(Launcher.java:911) Caused 
> by: net.sourceforge.jnlp.LaunchException: The 'permissions' attribute 
> is 'all-permissions' but  security is' Sandbox'. This is fatal     at 
> net.sourceforge.jnlp.runtime.ManifestsAttributesValidator.checkPermissionsAttribute(ManifestsAttributesValidator.java:145) 
> at net.sourceforge.jnlp.runtime.JNLPClassLoader. 
> (JNLPClassLoader.java:289)     at 
> net.sourceforge.jnlp.runtime.JNLPClassLoader.createInstance(JNLPClassLoader.java:353) 
> at 
> net.sourceforge.jnlp.runtime.JNLPClassLoader.getInstance(JNLPClassLoader.java:420) 
> at 
> net.sourceforge.jnlp.runtime.JNLPClassLoader.getInstance(JNLPClassLoader.java:396) 
> at net.sourceforge.jnlp.Launcher.createApplication(Launcher.java:781) 
> ... 2 more
>
> I think it is wrong. The run-in-sandbox should skip this check or 
> otherwise handdle it.
>
>
> J.

I've added a check in checkPermissionsAttribute to skip the check if the 
SecurityDelegate indicates that the user has decided specifically to run 
the applet sandboxed.

Thanks,

-- 
Andrew A

-------------- next part --------------
A non-text attachment was scrubbed...
Name: policyeditor-dialogs.patch
Type: text/x-patch
Size: 24689 bytes
Desc: not available
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140320/2eb6f51b/policyeditor-dialogs-0001.patch>

From aazores at icedtea.classpath.org  Thu Mar 20 19:23:51 2014
From: aazores at icedtea.classpath.org (aazores at icedtea.classpath.org)
Date: Thu, 20 Mar 2014 19:23:51 +0000
Subject: /hg/icedtea-web: 2 new changesets
Message-ID: <hg.674128ef4394.1395343431.8643924302249223276@icedtea.classpath.org>

changeset 674128ef4394 in /hg/icedtea-web
details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=674128ef4394
author: Andrew Azores <aazores at redhat.com>
date: Thu Mar 20 15:20:58 2014 -0400

	SecurityDelegate addPermission

	* netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java: (SecurityDelegate
	addPermission, addPermissions) new methods. (SecurityDelegateImpl addPermission,
	addPermissions) implement previous.


changeset fb2309dfa598 in /hg/icedtea-web
details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=fb2309dfa598
author: Andrew Azores <aazores at redhat.com>
date: Thu Mar 20 15:23:33 2014 -0400

	CertWarningPane SecurityDelegate reference
	Passing a reference to SecurityDelegate to CertWarningPane, so that UI
	elements can be added later to allow the applet to be run Sandboxed + some
	temporary permissions
	* netx/net/sourceforge/jnlp/security/JNLPAppVerifier.java: (checkTrustWithUser)
	pass SecurityDelegate reference to SecurityDialogs.showCertWarningDialog
	* netx/net/sourceforge/jnlp/security/PluginAppVerifier.java: same
	* netx/net/sourceforge/jnlp/security/SecurityDialog.java: pass SecurityDelegate
	reference from extras into CertWarningPane constructor
	* netx/net/sourceforge/jnlp/security/SecurityDialogs.java: (showCertWarningDialog)
	added SecurityDelegate parameter, add to extras array.
	* netx/net/sourceforge/jnlp/security/VariableX509TrustManager.java: (askUser)
	pass null for SecurityDelegate reference
	* netx/net/sourceforge/jnlp/security/dialogs/CertWarningPane.java: (CertWarningPane)
	added SecurityDelegate constructor parameter and (securityDelegate) field


diffstat:

 ChangeLog                                                        |  25 ++++++++++
 netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java           |  23 +++++++++
 netx/net/sourceforge/jnlp/security/JNLPAppVerifier.java          |   2 +-
 netx/net/sourceforge/jnlp/security/PluginAppVerifier.java        |   2 +-
 netx/net/sourceforge/jnlp/security/SecurityDialog.java           |   3 +-
 netx/net/sourceforge/jnlp/security/SecurityDialogs.java          |   8 ++-
 netx/net/sourceforge/jnlp/security/VariableX509TrustManager.java |   2 +-
 netx/net/sourceforge/jnlp/security/dialogs/CertWarningPane.java  |   5 +-
 8 files changed, 62 insertions(+), 8 deletions(-)

diffs (187 lines):

diff -r cea32875903d -r fb2309dfa598 ChangeLog
--- a/ChangeLog	Thu Mar 20 16:55:12 2014 +0100
+++ b/ChangeLog	Thu Mar 20 15:23:33 2014 -0400
@@ -1,3 +1,28 @@
+2014-03-20  Andrew Azores  <aazores at redhat.com>
+
+	Passing a reference to SecurityDelegate to CertWarningPane, so that UI
+	elements can be added later to allow the applet to be run Sandboxed + some
+	temporary permissions
+	* netx/net/sourceforge/jnlp/security/JNLPAppVerifier.java: (checkTrustWithUser)
+	pass SecurityDelegate reference to SecurityDialogs.showCertWarningDialog
+	* netx/net/sourceforge/jnlp/security/PluginAppVerifier.java: same
+	* netx/net/sourceforge/jnlp/security/SecurityDialog.java: pass SecurityDelegate
+	reference from extras into CertWarningPane constructor
+	* netx/net/sourceforge/jnlp/security/SecurityDialogs.java: (showCertWarningDialog)
+	added SecurityDelegate parameter, add to extras array.
+	* netx/net/sourceforge/jnlp/security/VariableX509TrustManager.java: (askUser)
+	pass null for SecurityDelegate reference
+	* netx/net/sourceforge/jnlp/security/dialogs/CertWarningPane.java: (CertWarningPane)
+	added SecurityDelegate constructor parameter and (securityDelegate) field 
+
+2014-03-20  Andrew Azores  <aazores at redhat.com>
+
+	SecurityDelegate can be used to add permissions to JNLPClassLoader during
+	run. This is useful for adding temporary extra permissions to an applet.
+	* netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java: (SecurityDelegate
+	addPermission, addPermissions) new methods. (SecurityDelegateImpl addPermission,
+	addPermissions) implement previous.
+
 2014-03-20  Jiri Vanek  <jvanek at redhat.com>
 
 	Clear cache function made more visible.
diff -r cea32875903d -r fb2309dfa598 netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java
--- a/netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java	Thu Mar 20 16:55:12 2014 +0100
+++ b/netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java	Thu Mar 20 15:23:33 2014 -0400
@@ -2270,6 +2270,12 @@
         public void setRunInSandbox() throws LaunchException;
 
         public boolean getRunInSandbox();
+
+        public void addPermission(final Permission perm);
+
+        public void addPermissions(final PermissionCollection perms);
+
+        public void addPermissions(final Collection<Permission> perms);
     }
 
     /**
@@ -2406,6 +2412,23 @@
             return this.promptedForSandbox;
         }
 
+        public void addPermission(final Permission perm) {
+            classLoader.addPermission(perm);
+        }
+
+        public void addPermissions(final PermissionCollection perms) {
+            Enumeration<Permission> e = perms.elements();
+            while (e.hasMoreElements()) {
+                addPermission(e.nextElement());
+            }
+        }
+
+        public void addPermissions(final Collection<Permission> perms) {
+            for (final Permission perm : perms) {
+                addPermission(perm);
+            }
+        }
+
     }
     
 
diff -r cea32875903d -r fb2309dfa598 netx/net/sourceforge/jnlp/security/JNLPAppVerifier.java
--- a/netx/net/sourceforge/jnlp/security/JNLPAppVerifier.java	Thu Mar 20 16:55:12 2014 +0100
+++ b/netx/net/sourceforge/jnlp/security/JNLPAppVerifier.java	Thu Mar 20 15:23:33 2014 -0400
@@ -121,7 +121,7 @@
                 }
 
                 AppletAction action = SecurityDialogs.showCertWarningDialog(
-                        dialogType, file, jcv);
+                        dialogType, file, jcv, securityDelegate);
                 if (action != AppletAction.CANCEL) {
                     if (action == AppletAction.SANDBOX) {
                         securityDelegate.setRunInSandbox();
diff -r cea32875903d -r fb2309dfa598 netx/net/sourceforge/jnlp/security/PluginAppVerifier.java
--- a/netx/net/sourceforge/jnlp/security/PluginAppVerifier.java	Thu Mar 20 16:55:12 2014 +0100
+++ b/netx/net/sourceforge/jnlp/security/PluginAppVerifier.java	Thu Mar 20 15:23:33 2014 -0400
@@ -168,7 +168,7 @@
                     }
 
                     AppletAction action = SecurityDialogs.showCertWarningDialog(
-                            dialogType, file, jcv);
+                            dialogType, file, jcv, securityDelegate);
                     if (action != AppletAction.CANCEL) {
                         if (action == AppletAction.SANDBOX) {
                             securityDelegate.setRunInSandbox();
diff -r cea32875903d -r fb2309dfa598 netx/net/sourceforge/jnlp/security/SecurityDialog.java
--- a/netx/net/sourceforge/jnlp/security/SecurityDialog.java	Thu Mar 20 16:55:12 2014 +0100
+++ b/netx/net/sourceforge/jnlp/security/SecurityDialog.java	Thu Mar 20 15:23:33 2014 -0400
@@ -48,6 +48,7 @@
 import javax.swing.JDialog;
 
 import net.sourceforge.jnlp.JNLPFile;
+import net.sourceforge.jnlp.runtime.JNLPClassLoader.SecurityDelegate;
 import net.sourceforge.jnlp.security.SecurityDialogs.AccessType;
 import net.sourceforge.jnlp.security.SecurityDialogs.DialogType;
 import net.sourceforge.jnlp.security.dialogs.AccessWarningPane;
@@ -302,7 +303,7 @@
     private void installPanel() {
 
         if (dialogType == DialogType.CERT_WARNING)
-            panel = new CertWarningPane(this, this.certVerifier);
+            panel = new CertWarningPane(this, this.certVerifier, (SecurityDelegate) extras[0]);
         else if (dialogType == DialogType.MORE_INFO)
             panel = new MoreInfoPane(this, this.certVerifier);
         else if (dialogType == DialogType.CERT_INFO)
diff -r cea32875903d -r fb2309dfa598 netx/net/sourceforge/jnlp/security/SecurityDialogs.java
--- a/netx/net/sourceforge/jnlp/security/SecurityDialogs.java	Thu Mar 20 16:55:12 2014 +0100
+++ b/netx/net/sourceforge/jnlp/security/SecurityDialogs.java	Thu Mar 20 15:23:33 2014 -0400
@@ -52,10 +52,11 @@
 
 import net.sourceforge.jnlp.JNLPFile;
 import net.sourceforge.jnlp.config.DeploymentConfiguration;
+import net.sourceforge.jnlp.runtime.JNLPClassLoader.SecurityDelegate;
 import net.sourceforge.jnlp.runtime.JNLPRuntime;
+import net.sourceforge.jnlp.security.appletextendedsecurity.ExecuteAppletAction;
+import net.sourceforge.jnlp.security.dialogs.apptrustwarningpanel.AppTrustWarningPanel.AppSigningWarningAction;
 import net.sourceforge.jnlp.util.UrlUtils;
-import net.sourceforge.jnlp.security.dialogs.apptrustwarningpanel.AppTrustWarningPanel.AppSigningWarningAction;
-import net.sourceforge.jnlp.security.appletextendedsecurity.ExecuteAppletAction;
 
 /**
  * <p>
@@ -197,7 +198,7 @@
      * user did not accept running the applet
      */
     public static AppletAction showCertWarningDialog(AccessType accessType,
-            JNLPFile file, CertVerifier certVerifier) {
+            JNLPFile file, CertVerifier certVerifier, SecurityDelegate securityDelegate) {
 
         if (!shouldPromptUser()) {
             return AppletAction.CANCEL;
@@ -208,6 +209,7 @@
         message.accessType = accessType;
         message.file = file;
         message.certVerifier = certVerifier;
+        message.extras = new Object[] { securityDelegate };
 
         Object selectedValue = getUserResponse(message);
 
diff -r cea32875903d -r fb2309dfa598 netx/net/sourceforge/jnlp/security/VariableX509TrustManager.java
--- a/netx/net/sourceforge/jnlp/security/VariableX509TrustManager.java	Thu Mar 20 16:55:12 2014 +0100
+++ b/netx/net/sourceforge/jnlp/security/VariableX509TrustManager.java	Thu Mar 20 15:23:33 2014 -0400
@@ -425,7 +425,7 @@
                         AccessType.UNVERIFIED, null,
                         new HttpsCertVerifier(chain, authType,
                                               isTrusted, hostMatched,
-                                hostName)) == AppletAction.RUN;
+                                hostName), null) == AppletAction.RUN;
             }
         });
     }
diff -r cea32875903d -r fb2309dfa598 netx/net/sourceforge/jnlp/security/dialogs/CertWarningPane.java
--- a/netx/net/sourceforge/jnlp/security/dialogs/CertWarningPane.java	Thu Mar 20 16:55:12 2014 +0100
+++ b/netx/net/sourceforge/jnlp/security/dialogs/CertWarningPane.java	Thu Mar 20 15:23:33 2014 -0400
@@ -65,6 +65,7 @@
 
 import net.sourceforge.jnlp.JNLPFile;
 import net.sourceforge.jnlp.PluginBridge;
+import net.sourceforge.jnlp.runtime.JNLPClassLoader.SecurityDelegate;
 import net.sourceforge.jnlp.security.CertVerifier;
 import net.sourceforge.jnlp.security.CertificateUtils;
 import net.sourceforge.jnlp.security.HttpsCertVerifier;
@@ -89,10 +90,12 @@
 
     JCheckBox alwaysTrust;
     CertVerifier certVerifier;
+    SecurityDelegate securityDelegate;
 
-    public CertWarningPane(SecurityDialog x, CertVerifier certVerifier) {
+    public CertWarningPane(SecurityDialog x, CertVerifier certVerifier, SecurityDelegate securityDelegate) {
         super(x, certVerifier);
         this.certVerifier = certVerifier;
+        this.securityDelegate = securityDelegate;
         addComponents();
     }
 

From jvanek at redhat.com  Thu Mar 20 19:41:50 2014
From: jvanek at redhat.com (Jiri Vanek)
Date: Thu, 20 Mar 2014 20:41:50 +0100
Subject: [rfc][icedtea-web] Trusted-only manifest attribute
In-Reply-To: <532B3CC6.6030309@redhat.com>
References: <532B0A39.6060102@redhat.com> <532B15EE.10508@redhat.com>
	<532B1A65.8070504@redhat.com> <532B262E.9080806@redhat.com>
	<532B3CC6.6030309@redhat.com>
Message-ID: <532B447E.50307@redhat.com>

On 03/20/2014 08:08 PM, Andrew Azores wrote:
> On 03/20/2014 01:32 PM, Jiri Vanek wrote:
>> + OutputController.getLogger().log(OutputController.Level.ERROR_ALL,
>> + "Trusted Only manifest attribute is \"true\". " + signedMsg + " and requests permission level: " + securityType);
>>
>> Please, do it MESSAGE_DEBUG
>>
>>
>>
>> On 03/20/2014 05:42 PM, Andrew Azores wrote:
>>> On 03/20/2014 12:23 PM, Jiri Vanek wrote:
>>>> On 03/20/2014 04:33 PM, Andrew Azores wrote:
>>>
>>>>
>> ...
>>>>
>>>>
>>>> The reproducer is missing javaws parts and is missing correct case. Minimalistical reproducer should be
>>>> - applet signed trusted-only=false
>>>> - applet signed trusted-only=true
>>>> - applet signed trusted-only=illegal
>>>> - applet mixed signatures trusted-only=false
>>>> - applet mixed signatures trusted-only=false
>>>> - applet mixed signatures trusted-only=illegal
>>>> - applet not signed trusted-only=false
>>>> - applet not signed trusted-only=true
>>>> - applet not signed trusted-only=illegal
>>>> - javaws signed trusted-only=false
>>>> - javaws signed trusted-only=true
>>>> - javaws signed trusted-only=illegal
>>>> - javaws not signed trusted-only=false
>>>> - javaws not signed trusted-only=true
>>>> - javaws not signed trusted-only=illegal
>>
>> the specifying x not specifying all security is doubling the actual work on this :(
>>>>
>>>> However it is to much work. In long-term it would be nice to have them. For now, just extends your:
>>>> applet not signed trusted-only=true
>>>> by:
>>>> javaws not signed trusted-only=true
>>>
>>> It's:
>>> applet signed trusted-only=true
>>> right now. But yes. JNLP version of the same added.
>> > It will need to be custom eventually for the mixed signatures, though. I was intending to use just one custom reproducer to build and test all of the different cases (eventually).
>>
>>
>> I see. Than please add the unsigned + trusted-only=true (it should be one line in makefile and two more tests in testcase)
>>
>> Also maybe add the Assert for presence of " System.out.println("TrustedOnlyAttribute applet running");" ?
>>
>> Also please add one html and one jnlp file witch will request the all permissions. (So the only "passing" pair of tests)
>> and one html and one jnlp file witch will request the all permissions, but will not be signed.
>>
>> Assuming those eight reproducers behave corrctly ( signed + requesting, signed + not requesting, not signed + requesting, notsigned + not requesting)*(jnlp+html), all trusted-only=true
>> and above MESSAGE_DEBUG fixed. Go on and push!
>>
>>
>
> Hmm, seems like checking for the SecurityDesc of plugin applets is not very useful. I've cut it down to 6 test cases here (all specifying Trusted-only: true), which I think is probably okay for now.
Is not?-) I was wondering from where the initial idea come....

>
> The actual attribute check changed a little because I ran into an NPE and did a very very small refactor as well.
>
> Thanks,
>

What about the issue with sandbox - the same as in case of permissions att. Or not?

as another changeset this should be somehow fixed.

+       OutputController.getLogger().log(OutputController.Level.MESSAGE_ALL,
=> please MESSAGE_DEBUG

otherwise ok to go:)

From aazores at redhat.com  Thu Mar 20 19:39:20 2014
From: aazores at redhat.com (Andrew Azores)
Date: Thu, 20 Mar 2014 15:39:20 -0400
Subject: [rfc][icedtea-web] Trusted-only manifest attribute
In-Reply-To: <532B447E.50307@redhat.com>
References: <532B0A39.6060102@redhat.com> <532B15EE.10508@redhat.com>
	<532B1A65.8070504@redhat.com> <532B262E.9080806@redhat.com>
	<532B3CC6.6030309@redhat.com> <532B447E.50307@redhat.com>
Message-ID: <532B43E8.7060904@redhat.com>

On 03/20/2014 03:41 PM, Jiri Vanek wrote:
> On 03/20/2014 08:08 PM, Andrew Azores wrote:
>> On 03/20/2014 01:32 PM, Jiri Vanek wrote:
>>> + OutputController.getLogger().log(OutputController.Level.ERROR_ALL,
>>> + "Trusted Only manifest attribute is \"true\". " + signedMsg + " 
>>> and requests permission level: " + securityType);
>>>
>>> Please, do it MESSAGE_DEBUG
>>>
>>>
>>>
>>> On 03/20/2014 05:42 PM, Andrew Azores wrote:
>>>> On 03/20/2014 12:23 PM, Jiri Vanek wrote:
>>>>> On 03/20/2014 04:33 PM, Andrew Azores wrote:
>>>>
>>>>>
>>> ...
>>>>>
>>>>>
>>>>> The reproducer is missing javaws parts and is missing correct 
>>>>> case. Minimalistical reproducer should be
>>>>> - applet signed trusted-only=false
>>>>> - applet signed trusted-only=true
>>>>> - applet signed trusted-only=illegal
>>>>> - applet mixed signatures trusted-only=false
>>>>> - applet mixed signatures trusted-only=false
>>>>> - applet mixed signatures trusted-only=illegal
>>>>> - applet not signed trusted-only=false
>>>>> - applet not signed trusted-only=true
>>>>> - applet not signed trusted-only=illegal
>>>>> - javaws signed trusted-only=false
>>>>> - javaws signed trusted-only=true
>>>>> - javaws signed trusted-only=illegal
>>>>> - javaws not signed trusted-only=false
>>>>> - javaws not signed trusted-only=true
>>>>> - javaws not signed trusted-only=illegal
>>>
>>> the specifying x not specifying all security is doubling the actual 
>>> work on this :(
>>>>>
>>>>> However it is to much work. In long-term it would be nice to have 
>>>>> them. For now, just extends your:
>>>>> applet not signed trusted-only=true
>>>>> by:
>>>>> javaws not signed trusted-only=true
>>>>
>>>> It's:
>>>> applet signed trusted-only=true
>>>> right now. But yes. JNLP version of the same added.
>>> > It will need to be custom eventually for the mixed signatures, 
>>> though. I was intending to use just one custom reproducer to build 
>>> and test all of the different cases (eventually).
>>>
>>>
>>> I see. Than please add the unsigned + trusted-only=true (it should 
>>> be one line in makefile and two more tests in testcase)
>>>
>>> Also maybe add the Assert for presence of " 
>>> System.out.println("TrustedOnlyAttribute applet running");" ?
>>>
>>> Also please add one html and one jnlp file witch will request the 
>>> all permissions. (So the only "passing" pair of tests)
>>> and one html and one jnlp file witch will request the all 
>>> permissions, but will not be signed.
>>>
>>> Assuming those eight reproducers behave corrctly ( signed + 
>>> requesting, signed + not requesting, not signed + requesting, 
>>> notsigned + not requesting)*(jnlp+html), all trusted-only=true
>>> and above MESSAGE_DEBUG fixed. Go on and push!
>>>
>>>
>>
>> Hmm, seems like checking for the SecurityDesc of plugin applets is 
>> not very useful. I've cut it down to 6 test cases here (all 
>> specifying Trusted-only: true), which I think is probably okay for now.
> Is not?-) I was wondering from where the initial idea come....
>
>>
>> The actual attribute check changed a little because I ran into an NPE 
>> and did a very very small refactor as well.
>>
>> Thanks,
>>
>
> What about the issue with sandbox - the same as in case of permissions 
> att. Or not?

Yea. It should be sufficient to just add that condition for the 
isFullySigned variable. Either the applet is actually fully signed, or 
it's partially signed and the SecurityDelegate says the user manually 
chose to run in sandbox.

>
> as another changeset this should be somehow fixed.
>
> + OutputController.getLogger().log(OutputController.Level.MESSAGE_ALL,
> => please MESSAGE_DEBUG
>
> otherwise ok to go:)

Crap :) I was using this for myself for debugging the tests, and forgot 
to put it back. Sorry!

Thanks,

-- 
Andrew A


From aazores at icedtea.classpath.org  Thu Mar 20 19:45:39 2014
From: aazores at icedtea.classpath.org (aazores at icedtea.classpath.org)
Date: Thu, 20 Mar 2014 19:45:39 +0000
Subject: /hg/icedtea-web: Trusted-only manifest attribute implementation
Message-ID: <hg.022f56ff692f.1395344739.8643924302249223276@icedtea.classpath.org>

changeset 022f56ff692f in /hg/icedtea-web
details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=022f56ff692f
author: Andrew Azores <aazores at redhat.com>
date: Thu Mar 20 15:45:13 2014 -0400

	Trusted-only manifest attribute implementation

	Trusted-only manifest attribute implementation
	* netx/net/sourceforge/jnlp/resources/Messages.properties:
	(STrustedOnlyAttributeFailure) new message
	* netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java: added
	ManifestsAttributesValidator#checkTrustedOnlyAttribute() to constructor
	* netx/net/sourceforge/jnlp/runtime/ManifestsAttributesValidator.java:
	(checkTrustedOnlyAttribute) new method
	* tests/reproducers/custom/TrustedOnlyAttribute/resources/TrustedOnlyAttribute-signed-nosecurity.jnlp:
	new tests for Trusted-only attribute
	* tests/reproducers/custom/TrustedOnlyAttribute/resources/TrustedOnlyAttribute-signed-security.jnlp
	* tests/reproducers/custom/TrustedOnlyAttribute/resources/TrustedOnlyAttribute-signed.html
	* tests/reproducers/custom/TrustedOnlyAttribute/resources/TrustedOnlyAttribute-unsigned-nosecurity.jnlp
	* tests/reproducers/custom/TrustedOnlyAttribute/resources/TrustedOnlyAttribute-unsigned-security.jnlp
	* tests/reproducers/custom/TrustedOnlyAttribute/resources/TrustedOnlyAttribute-unsigned.html
	* tests/reproducers/custom/TrustedOnlyAttribute/srcs/MANIFEST.MF
	* tests/reproducers/custom/TrustedOnlyAttribute/srcs/Makefile
	* tests/reproducers/custom/TrustedOnlyAttribute/srcs/TrustedOnlyAttribute.java
	* tests/reproducers/custom/TrustedOnlyAttribute/testcases/TrustedOnlyAttributeTest.java


diffstat:

 ChangeLog                                                                                             |   21 ++
 netx/net/sourceforge/jnlp/resources/Messages.properties                                               |    1 +
 netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java                                                |    1 +
 netx/net/sourceforge/jnlp/runtime/ManifestsAttributesValidator.java                                   |   46 ++++-
 tests/reproducers/custom/TrustedOnlyAttribute/resources/TrustedOnlyAttribute-signed-nosecurity.jnlp   |   58 +++++
 tests/reproducers/custom/TrustedOnlyAttribute/resources/TrustedOnlyAttribute-signed-security.jnlp     |   61 +++++
 tests/reproducers/custom/TrustedOnlyAttribute/resources/TrustedOnlyAttribute-signed.html              |   49 ++++
 tests/reproducers/custom/TrustedOnlyAttribute/resources/TrustedOnlyAttribute-unsigned-nosecurity.jnlp |   58 +++++
 tests/reproducers/custom/TrustedOnlyAttribute/resources/TrustedOnlyAttribute-unsigned-security.jnlp   |   61 +++++
 tests/reproducers/custom/TrustedOnlyAttribute/resources/TrustedOnlyAttribute-unsigned.html            |   49 ++++
 tests/reproducers/custom/TrustedOnlyAttribute/srcs/MANIFEST.MF                                        |    1 +
 tests/reproducers/custom/TrustedOnlyAttribute/srcs/Makefile                                           |   29 ++
 tests/reproducers/custom/TrustedOnlyAttribute/srcs/TrustedOnlyAttribute.java                          |   50 ++++
 tests/reproducers/custom/TrustedOnlyAttribute/testcases/TrustedOnlyAttributeTest.java                 |  102 ++++++++++
 14 files changed, 585 insertions(+), 2 deletions(-)

diffs (truncated from 664 to 500 lines):

diff -r fb2309dfa598 -r 022f56ff692f ChangeLog
--- a/ChangeLog	Thu Mar 20 15:23:33 2014 -0400
+++ b/ChangeLog	Thu Mar 20 15:45:13 2014 -0400
@@ -1,3 +1,24 @@
+2014-03-20  Andrew Azores  <aazores at redhat.com>
+
+	Trusted-only manifest attribute implementation
+	* netx/net/sourceforge/jnlp/resources/Messages.properties:
+	(STrustedOnlyAttributeFailure) new message
+	* netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java: added
+	ManifestsAttributesValidator#checkTrustedOnlyAttribute() to constructor
+	* netx/net/sourceforge/jnlp/runtime/ManifestsAttributesValidator.java:
+	(checkTrustedOnlyAttribute) new method
+	* tests/reproducers/custom/TrustedOnlyAttribute/resources/TrustedOnlyAttribute-signed-nosecurity.jnlp:
+	new tests for Trusted-only attribute
+	* tests/reproducers/custom/TrustedOnlyAttribute/resources/TrustedOnlyAttribute-signed-security.jnlp
+	* tests/reproducers/custom/TrustedOnlyAttribute/resources/TrustedOnlyAttribute-signed.html
+	* tests/reproducers/custom/TrustedOnlyAttribute/resources/TrustedOnlyAttribute-unsigned-nosecurity.jnlp
+	* tests/reproducers/custom/TrustedOnlyAttribute/resources/TrustedOnlyAttribute-unsigned-security.jnlp
+	* tests/reproducers/custom/TrustedOnlyAttribute/resources/TrustedOnlyAttribute-unsigned.html
+	* tests/reproducers/custom/TrustedOnlyAttribute/srcs/MANIFEST.MF
+	* tests/reproducers/custom/TrustedOnlyAttribute/srcs/Makefile
+	* tests/reproducers/custom/TrustedOnlyAttribute/srcs/TrustedOnlyAttribute.java
+	* tests/reproducers/custom/TrustedOnlyAttribute/testcases/TrustedOnlyAttributeTest.java
+
 2014-03-20  Andrew Azores  <aazores at redhat.com>
 
 	Passing a reference to SecurityDelegate to CertWarningPane, so that UI
diff -r fb2309dfa598 -r 022f56ff692f netx/net/sourceforge/jnlp/resources/Messages.properties
--- a/netx/net/sourceforge/jnlp/resources/Messages.properties	Thu Mar 20 15:23:33 2014 -0400
+++ b/netx/net/sourceforge/jnlp/resources/Messages.properties	Thu Mar 20 15:45:13 2014 -0400
@@ -299,6 +299,7 @@
 SAuthenticationPrompt=The {0} server at {1} is requesting authentication. It says "{2}"
 SJNLPFileIsNotSigned=This application contains a digital signature in which the launching JNLP file is not signed.
 SAppletTitle=Applet title: {0}
+STrustedOnlyAttributeFailure=This application specifies Trusted-only as True in its Manifest. {0} and requests permission level: {1}. This is not allowed.
 
 # Security - used for the More Information dialog
 SBadKeyUsage=Resources contain entries whose signer certificate's KeyUsage extension doesn't allow code signing.
diff -r fb2309dfa598 -r 022f56ff692f netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java
--- a/netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java	Thu Mar 20 15:23:33 2014 -0400
+++ b/netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java	Thu Mar 20 15:45:13 2014 -0400
@@ -285,6 +285,7 @@
         setSecurity();
 
         ManifestsAttributesValidator mav = new ManifestsAttributesValidator(security, file, signing);
+        mav.checkTrustedOnlyAttribute();
         mav.checkCodebaseAttribute();
         mav.checkPermissionsAttribute();
         mav.checkApplicationLibraryAllowableCodebaseAttribute();
diff -r fb2309dfa598 -r 022f56ff692f netx/net/sourceforge/jnlp/runtime/ManifestsAttributesValidator.java
--- a/netx/net/sourceforge/jnlp/runtime/ManifestsAttributesValidator.java	Thu Mar 20 15:23:33 2014 -0400
+++ b/netx/net/sourceforge/jnlp/runtime/ManifestsAttributesValidator.java	Thu Mar 20 15:45:13 2014 -0400
@@ -66,8 +66,50 @@
         this.file = file;
         this.signing = signing;
     }
-    
-    
+
+    /**
+     * http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#trusted_only
+     */
+    void checkTrustedOnlyAttribute() throws LaunchException {
+        final ManifestBoolean trustedOnly = file.getManifestsAttributes().isTrustedOnly();
+        if (trustedOnly == ManifestBoolean.UNDEFINED) {
+            OutputController.getLogger().log(OutputController.Level.MESSAGE_DEBUG, "Trusted Only manifest attribute not found. Continuing.");
+            return;
+        }
+
+        if (trustedOnly == ManifestBoolean.FALSE) {
+            OutputController.getLogger().log(OutputController.Level.MESSAGE_DEBUG, "Trusted Only manifest attribute is false. Continuing.");
+            return;
+        }
+
+        final Object desc = security.getSecurityType();
+
+        final String securityType;
+        if (desc == null) {
+            securityType = "Not Specified";
+        } else if (desc.equals(SecurityDesc.ALL_PERMISSIONS)) {
+            securityType = "All-Permission";
+        } else if (desc.equals(SecurityDesc.SANDBOX_PERMISSIONS)) {
+            securityType = "Sandbox";
+        } else if (desc.equals(SecurityDesc.J2EE_PERMISSIONS)) {
+            securityType = "J2EE";
+        } else {
+            securityType = "Unknown";
+        }
+
+        final boolean isFullySigned = signing == SigningState.FULL;
+        final String signedMsg;
+        if (isFullySigned) {
+            signedMsg = "The applet is fully signed";
+        } else {
+            signedMsg = "The applet is not fully signed";
+        }
+        OutputController.getLogger().log(OutputController.Level.MESSAGE_DEBUG,
+                "Trusted Only manifest attribute is \"true\". " + signedMsg + " and requests permission level: " + securityType);
+        if (!(isFullySigned && SecurityDesc.ALL_PERMISSIONS.equals(desc))) {
+            throw new LaunchException(Translator.R("STrustedOnlyAttributeFailure", signedMsg, securityType));
+        }
+    }
 
     /**
      * http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/manifest.html#codebase
diff -r fb2309dfa598 -r 022f56ff692f tests/reproducers/custom/TrustedOnlyAttribute/resources/TrustedOnlyAttribute-signed-nosecurity.jnlp
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/tests/reproducers/custom/TrustedOnlyAttribute/resources/TrustedOnlyAttribute-signed-nosecurity.jnlp	Thu Mar 20 15:45:13 2014 -0400
@@ -0,0 +1,58 @@
+<!--
+
+This file is part of IcedTea.
+
+IcedTea is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+IcedTea is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with IcedTea; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version.
+
+ -->
+
+<?xml version="1.0" encoding="utf-8"?>
+<jnlp spec="1.0" href="TrustedOnlyAttribute-signed-nosecurity.jnlp" codebase=".">
+	<information>
+    	<title>TrustedOnlyAttribute</title>
+    	<vendor>IcedTea</vendor>
+    	<homepage href="http://icedtea.classpath.org/wiki/IcedTea-Web#Testing_IcedTea-Web"/>
+    	<description>Trusted-only Manifest Attribute Test</description>
+    	<offline/>
+	</information>
+	<resources>
+	  	<j2se version="1.4+"/>
+		<jar href="TrustedOnlyAttributeSigned.jar"/>
+	</resources>
+	<applet-desc
+	  name="TrustedOnlyAttribute"
+	  main-class="TrustedOnlyAttribute"
+	  width="640"
+	  height="480">
+	</applet-desc>
+</jnlp>
diff -r fb2309dfa598 -r 022f56ff692f tests/reproducers/custom/TrustedOnlyAttribute/resources/TrustedOnlyAttribute-signed-security.jnlp
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/tests/reproducers/custom/TrustedOnlyAttribute/resources/TrustedOnlyAttribute-signed-security.jnlp	Thu Mar 20 15:45:13 2014 -0400
@@ -0,0 +1,61 @@
+<!--
+
+This file is part of IcedTea.
+
+IcedTea is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+IcedTea is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with IcedTea; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version.
+
+ -->
+
+<?xml version="1.0" encoding="utf-8"?>
+<jnlp spec="1.0" href="TrustedOnlyAttribute-signed-security.jnlp" codebase=".">
+	<information>
+    	<title>TrustedOnlyAttribute</title>
+    	<vendor>IcedTea</vendor>
+    	<homepage href="http://icedtea.classpath.org/wiki/IcedTea-Web#Testing_IcedTea-Web"/>
+    	<description>Trusted-only Manifest Attribute Test</description>
+    	<offline/>
+	</information>
+	<resources>
+	  	<j2se version="1.4+"/>
+		<jar href="TrustedOnlyAttributeSigned.jar"/>
+	</resources>
+	<applet-desc
+	  name="TrustedOnlyAttribute"
+	  main-class="TrustedOnlyAttribute"
+	  width="640"
+	  height="480">
+	</applet-desc>
+    <security>
+        <all-permissions/>
+    </security>
+</jnlp>
diff -r fb2309dfa598 -r 022f56ff692f tests/reproducers/custom/TrustedOnlyAttribute/resources/TrustedOnlyAttribute-signed.html
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/tests/reproducers/custom/TrustedOnlyAttribute/resources/TrustedOnlyAttribute-signed.html	Thu Mar 20 15:45:13 2014 -0400
@@ -0,0 +1,49 @@
+<!--
+
+This file is part of IcedTea.
+
+IcedTea is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+IcedTea is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with IcedTea; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version.
+
+ -->
+
+<html>
+  <head></head>
+  <body>
+    <applet code="TrustedOnlyAttribute.class"
+            archive="TrustedOnlyAttributeSigned.jar"
+            codebase="."
+            width="800"
+            height="600">
+    </applet>
+  </body>
+</html>
diff -r fb2309dfa598 -r 022f56ff692f tests/reproducers/custom/TrustedOnlyAttribute/resources/TrustedOnlyAttribute-unsigned-nosecurity.jnlp
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/tests/reproducers/custom/TrustedOnlyAttribute/resources/TrustedOnlyAttribute-unsigned-nosecurity.jnlp	Thu Mar 20 15:45:13 2014 -0400
@@ -0,0 +1,58 @@
+<!--
+
+This file is part of IcedTea.
+
+IcedTea is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+IcedTea is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with IcedTea; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version.
+
+ -->
+
+<?xml version="1.0" encoding="utf-8"?>
+<jnlp spec="1.0" href="TrustedOnlyAttribute-unsigned-nosecurity.jnlp" codebase=".">
+	<information>
+    	<title>TrustedOnlyAttribute</title>
+    	<vendor>IcedTea</vendor>
+    	<homepage href="http://icedtea.classpath.org/wiki/IcedTea-Web#Testing_IcedTea-Web"/>
+    	<description>Trusted-only Manifest Attribute Test</description>
+    	<offline/>
+	</information>
+	<resources>
+	  	<j2se version="1.4+"/>
+		<jar href="TrustedOnlyAttributeSigned.jar"/>
+	</resources>
+	<applet-desc
+	  name="TrustedOnlyAttribute"
+	  main-class="TrustedOnlyAttribute"
+	  width="640"
+	  height="480">
+	</applet-desc>
+</jnlp>
diff -r fb2309dfa598 -r 022f56ff692f tests/reproducers/custom/TrustedOnlyAttribute/resources/TrustedOnlyAttribute-unsigned-security.jnlp
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/tests/reproducers/custom/TrustedOnlyAttribute/resources/TrustedOnlyAttribute-unsigned-security.jnlp	Thu Mar 20 15:45:13 2014 -0400
@@ -0,0 +1,61 @@
+<!--
+
+This file is part of IcedTea.
+
+IcedTea is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+IcedTea is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with IcedTea; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version.
+
+ -->
+
+<?xml version="1.0" encoding="utf-8"?>
+<jnlp spec="1.0" href="TrustedOnlyAttribute-unsigned-security.jnlp" codebase=".">
+	<information>
+    	<title>TrustedOnlyAttribute</title>
+    	<vendor>IcedTea</vendor>
+    	<homepage href="http://icedtea.classpath.org/wiki/IcedTea-Web#Testing_IcedTea-Web"/>
+    	<description>Trusted-only Manifest Attribute Test</description>
+    	<offline/>
+	</information>
+	<resources>
+	  	<j2se version="1.4+"/>
+		<jar href="TrustedOnlyAttributeUnsigned.jar"/>
+	</resources>
+	<applet-desc
+	  name="TrustedOnlyAttribute"
+	  main-class="TrustedOnlyAttribute"
+	  width="640"
+	  height="480">
+	</applet-desc>
+    <security>
+        <all-permissions/>
+    </security>
+</jnlp>
diff -r fb2309dfa598 -r 022f56ff692f tests/reproducers/custom/TrustedOnlyAttribute/resources/TrustedOnlyAttribute-unsigned.html
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/tests/reproducers/custom/TrustedOnlyAttribute/resources/TrustedOnlyAttribute-unsigned.html	Thu Mar 20 15:45:13 2014 -0400
@@ -0,0 +1,49 @@
+<!--
+
+This file is part of IcedTea.
+
+IcedTea is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+IcedTea is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with IcedTea; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version.
+
+ -->
+
+<html>
+  <head></head>
+  <body>
+    <applet code="TrustedOnlyAttribute.class"
+            archive="TrustedOnlyAttributeUnsigned.jar"
+            codebase="."
+            width="800"
+            height="600">
+    </applet>
+  </body>
+</html>
diff -r fb2309dfa598 -r 022f56ff692f tests/reproducers/custom/TrustedOnlyAttribute/srcs/MANIFEST.MF
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/tests/reproducers/custom/TrustedOnlyAttribute/srcs/MANIFEST.MF	Thu Mar 20 15:45:13 2014 -0400
@@ -0,0 +1,1 @@
+Trusted-only: true
diff -r fb2309dfa598 -r 022f56ff692f tests/reproducers/custom/TrustedOnlyAttribute/srcs/Makefile
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/tests/reproducers/custom/TrustedOnlyAttribute/srcs/Makefile	Thu Mar 20 15:45:13 2014 -0400
@@ -0,0 +1,29 @@
+TESTNAME=TrustedOnlyAttribute
+
+JARSIGNER=$(BOOT_DIR)/bin/jarsigner
+JAVAC=$(BOOT_DIR)/bin/javac
+JAR=$(BOOT_DIR)/bin/jar
+
+TMPDIR:=$(shell mktemp -d)
+
+prepare-reproducer: 
+	echo PREPARING REPRODUCER $(TESTNAME) in $(TMPDIR)
+	
+	cp MANIFEST.MF $(TMPDIR) ; \
+	$(JAVAC) -d $(TMPDIR) $(TESTNAME).java ; \
+	
+	cd $(TMPDIR) ; \
+	$(JAR) cvfm $(TESTNAME)Signed.jar MANIFEST.MF $(TESTNAME).class ; \
+	$(JAR) cvfm $(TESTNAME)Unsigned.jar MANIFEST.MF $(TESTNAME).class ; \
+	$(BOOT_DIR)/bin/jarsigner -keystore $(TOP_BUILD_DIR)/$(PRIVATE_KEYSTORE_NAME) -storepass  $(PRIVATE_KEYSTORE_PASS)  \
+	-keypass $(PRIVATE_KEYSTORE_PASS) "$(TMPDIR)/$(TESTNAME)Signed.jar" $(TEST_CERT_ALIAS)_signed ; \
+	
+	cd $(TMPDIR); \
+	mv $(TESTNAME)Signed.jar $(REPRODUCERS_TESTS_SERVER_DEPLOYDIR) ; \
+	mv $(TESTNAME)Unsigned.jar $(REPRODUCERS_TESTS_SERVER_DEPLOYDIR) ; \
+	
+	echo PREPARED REPRODUCER $(TESTNAME), removing $(TMPDIR)

From aazores at redhat.com  Thu Mar 20 19:57:00 2014
From: aazores at redhat.com (Andrew Azores)
Date: Thu, 20 Mar 2014 15:57:00 -0400
Subject: [rfc][icedtea-web] Launching PolicyEditor from CertWarningPane
In-Reply-To: <532B3EA9.3090702@redhat.com>
References: <53220215.60301@redhat.com>
	<53220A02.7090506@redhat.com>	<5323135E.6070700@redhat.com>	<780923058.4176443.1394812828836.JavaMail.zimbra@redhat.com>	<532B2ACB.3010509@redhat.com>
	<532B3EA9.3090702@redhat.com>
Message-ID: <532B480C.4070304@redhat.com>

On 03/20/2014 03:16 PM, Andrew Azores wrote:
> On 03/20/2014 01:52 PM, Jiri Vanek wrote:
>> On 03/14/2014 05:00 PM, Andrew Azores wrote:
>>>> many import issues. Invaid(how comae? My wrong I guess) and 
>>>> especially unused imports.
>>>>
>>>> I gave up an code a bit O:). So user experience:
>>>>
>>>>
>>>> popupmenu - best handling is NOT to add as component. And do not 
>>>> show them in actionPerforemd.
>>>> Show them *without* parent, in mause Clicked - it have 
>>>> positionOnScreen, and you show the poup menu
>>>> on this pposition. Should work like charm.
>>>
>>> This seems to work well, thanks for the tip.
>>>
>>>>
>>>> I would excude this "V" from pproperties. Also the button s quote 
>>>> wide. Maybe use image rather?
>>>
>>> I tried using an image now but wasn't really happy with the results. 
>>> I've changed it instead to a unicode character that looks like the 
>>> three horizontal line overflow menu icon that's being used by iOS 
>>> and Android. I think it's pretty nice although the button is still a 
>>> bit wide.
>>>
>>>>
>>>> Interesting state - dialog appeared , I clicked "V" clicked show 
>>>> policy editor, it apeared, I
>>>> clicked cancel in mian dilog/or ok in main dialog.. The editro 
>>>> should be modal
>>>
>>> Hmm, well it's a JFrame, so I can't easily make it modal I don't 
>>> think. Maybe as a separate changeset PolicyEditor can be made into a 
>>> JDialog and CertWarningPane can then be made to use it as a modal 
>>> dialog?
>>>
>>>>
>>>> How does it behave for  yes/no/cancel/close of policy editor?
>>>
>>> The CertWarningPane doesn't know about this at all. All it knows 
>>> about is if it has a PolicyEditor reference, and if it does, if the 
>>> editor is still open or has been closed.
>>>
>>>>    - small nit - other codebases in editor are confusing.
>>>>
>>>>
>>>> Thanx!
>>>>     J.
>>>>
>>>
>>> I suppose, but PolicyEditor doesn't have any mechanism right now to 
>>> display only one codebase when there are also others present in the 
>>> policy file.
>>
>> Then maybe it can be added? I think simple filter on shown list? And 
>> in this case the filter will be pre setup to show only new/edited 
>> codebase. This is also enough as next changeset (however... 
>> necessary....)
>>
>> Ugh .. the modality should be fixed :(.... Then maybe do it dialogue? 
>> This may be as another changeset, but should be fixed....
>>
>> Eg two containers - dialog an frame with same pannel.....
>>
>
> Yes, both of these can/should be fixed, but as a different changeset I 
> think.
>
>>
>> Well one possible stop-show:
>>
>> geogebra do not start with :
>> net.sourceforge.jnlp.LaunchException: Fatal: Initialization Error: 
>> Could not initialize application. The application has not been 
>> initialized, for more information execute javaws from the command 
>> line.     at 
>> net.sourceforge.jnlp.Launcher.createApplication(Launcher.java:789) at 
>> net.sourceforge.jnlp.Launcher.launchApplication(Launcher.java:529) at 
>> net.sourceforge.jnlp.Launcher$TgThread.run(Launcher.java:911) Caused 
>> by: net.sourceforge.jnlp.LaunchException: The 'permissions' attribute 
>> is 'all-permissions' but  security is' Sandbox'. This is fatal     at 
>> net.sourceforge.jnlp.runtime.ManifestsAttributesValidator.checkPermissionsAttribute(ManifestsAttributesValidator.java:145) 
>> at net.sourceforge.jnlp.runtime.JNLPClassLoader. 
>> (JNLPClassLoader.java:289)     at 
>> net.sourceforge.jnlp.runtime.JNLPClassLoader.createInstance(JNLPClassLoader.java:353) 
>> at 
>> net.sourceforge.jnlp.runtime.JNLPClassLoader.getInstance(JNLPClassLoader.java:420) 
>> at 
>> net.sourceforge.jnlp.runtime.JNLPClassLoader.getInstance(JNLPClassLoader.java:396) 
>> at net.sourceforge.jnlp.Launcher.createApplication(Launcher.java:781) 
>> ... 2 more
>>
>> I think it is wrong. The run-in-sandbox should skip this check or 
>> otherwise handdle it.
>>
>>
>> J.
>
> I've added a check in checkPermissionsAttribute to skip the check if 
> the SecurityDelegate indicates that the user has decided specifically 
> to run the applet sandboxed.
>
> Thanks,
>

Tiny update, cleanly applies on new HEAD (with Trusted-only). Also threw 
in the one-line fix for Trusted-only and Sandbox.

Thanks,

-- 
Andrew A

-------------- next part --------------
A non-text attachment was scrubbed...
Name: policyeditor-dialogs-2.patch
Type: text/x-patch
Size: 25448 bytes
Desc: not available
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140320/a63cc82f/policyeditor-dialogs-2-0001.patch>

From bugzilla-daemon at icedtea.classpath.org  Thu Mar 20 20:42:05 2014
From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org)
Date: Thu, 20 Mar 2014 20:42:05 +0000
Subject: [Bug 1719] New: A fatal error has been detected by the Java Runtime
	Environment
Message-ID: <bug-1719-30@http.icedtea.classpath.org/bugzilla/>

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1719

            Bug ID: 1719
           Summary: A fatal error has been detected by the Java Runtime
                    Environment
           Product: IcedTea
           Version: unspecified
          Hardware: x86_64
                OS: Linux
            Status: NEW
          Severity: critical
          Priority: P5
         Component: IcedTea
          Assignee: gnu.andrew at redhat.com
          Reporter: g.u.siegenthaler at kabelbw.de
                CC: unassigned at icedtea.classpath.org

Created attachment 1054
  --> http://icedtea.classpath.org/bugzilla/attachment.cgi?id=1054&action=edit
See hs_error.log!

Having opened oowriter (part of LibreOffice) on a terminal the application
crashed when I tried to store the text. The following error message appeared:
ibs at linux:~> oowriter &
[1] 5834
ibs at linux:~> #
# A fatal error has been detected by the Java Runtime Environment:
#
#  SIGSEGV (0xb) at pc=0x00007fc8d2e6b270, pid=5849, tid=140500596140608
#
# JRE version: OpenJDK Runtime Environment (7.0_51) (build 1.7.0_51-b00)
# Java VM: OpenJDK 64-Bit Server VM (24.45-b08 mixed mode linux-amd64
compressed oops)
# Problematic frame:
# C  [libgobject-2.0.so.0+0x33270]  g_type_check_instance_cast+0x10
#
# Core dump written. Default location: /home/ibs/core or core.5849
#
# An error report file with more information is saved as:
# /tmp/jvm-5849/hs_error.log
#
# If you would like to submit a bug report, please include
# instructions on how to reproduce the bug and visit:
#   http://icedtea.classpath.org/bugzilla
#

[error occurred during error reporting , id 0xb]

I try to add the error report file to the attachment

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140320/f6c901f5/attachment.html>

From bugzilla-daemon at icedtea.classpath.org  Fri Mar 21 09:02:40 2014
From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org)
Date: Fri, 21 Mar 2014 09:02:40 +0000
Subject: [Bug 1425] Improve plugin.xml authoring support
In-Reply-To: <bug-1425-30@http.icedtea.classpath.org/bugzilla/>
References: <bug-1425-30@http.icedtea.classpath.org/bugzilla/>
Message-ID: <bug-1425-30-Ik1oEpdDsE@http.icedtea.classpath.org/bugzilla/>

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1425

Severin Gehwolf <sgehwolf at redhat.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |ASSIGNED
                 CC|                            |sgehwolf at redhat.com
             Blocks|1415                        |1700
           Assignee|unassigned at icedtea.classpat |omajid at redhat.com
                   |h.org                       |

--- Comment #1 from Severin Gehwolf <sgehwolf at redhat.com> ---
Moving bug to more appropriate tracker.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140321/5e708275/attachment.html>

From bugzilla-daemon at icedtea.classpath.org  Fri Mar 21 09:04:09 2014
From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org)
Date: Fri, 21 Mar 2014 09:04:09 +0000
Subject: [Bug 1424] Bring eclipse plugin to feature-parity with the swing gui
In-Reply-To: <bug-1424-30@http.icedtea.classpath.org/bugzilla/>
References: <bug-1424-30@http.icedtea.classpath.org/bugzilla/>
Message-ID: <bug-1424-30-X6gKB1kIyI@http.icedtea.classpath.org/bugzilla/>

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1424

Severin Gehwolf <sgehwolf at redhat.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |RESOLVED
                 CC|                            |sgehwolf at redhat.com
         Resolution|---                         |WONTFIX

--- Comment #1 from Severin Gehwolf <sgehwolf at redhat.com> ---
Unfortunately we can't maintain the eclipse based client any longer, lest bring
it up to feature parity due to lack of resources. Closing as won't fix.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140321/8db7f71e/attachment.html>

From ptisnovs at icedtea.classpath.org  Fri Mar 21 10:21:13 2014
From: ptisnovs at icedtea.classpath.org (ptisnovs at icedtea.classpath.org)
Date: Fri, 21 Mar 2014 10:21:13 +0000
Subject: /hg/gfx-test: Added new tests into CAGOperationsOnTwoTouchingCir...
Message-ID: <hg.842891bb6f30.1395397273.-6248649288953172555@icedtea.classpath.org>

changeset 842891bb6f30 in /hg/gfx-test
details: http://icedtea.classpath.org/hg/gfx-test?cmd=changeset;node=842891bb6f30
author: Pavel Tisnovsky <ptisnovs at redhat.com>
date: Fri Mar 21 11:21:55 2014 +0100

	Added new tests into CAGOperationsOnTwoTouchingCircles test suite.
	Updated (c) year.


diffstat:

 ChangeLog                                                         |    9 +
 src/org/gfxtest/testsuites/BitBltMirrorImage.java                 |    2 +-
 src/org/gfxtest/testsuites/BitBltRotateImage.java                 |    2 +-
 src/org/gfxtest/testsuites/CAGOperationsOnTwoTouchingCircles.java |  125 ++++++++++
 4 files changed, 136 insertions(+), 2 deletions(-)

diffs (175 lines):

diff -r bcdf88e32236 -r 842891bb6f30 ChangeLog
--- a/ChangeLog	Thu Mar 20 09:36:49 2014 +0100
+++ b/ChangeLog	Fri Mar 21 11:21:55 2014 +0100
@@ -1,3 +1,12 @@
+2014-03-21  Pavel Tisnovsky  <ptisnovs at redhat.com>
+
+	* src/org/gfxtest/testsuites/BitBltMirrorImage.java:
+	Updated (c) year.
+	* src/org/gfxtest/testsuites/BitBltRotateImage.java:
+	Updated (c) year.
+	* src/org/gfxtest/testsuites/CAGOperationsOnTwoTouchingCircles.java:
+	Added new tests into CAGOperationsOnTwoTouchingCircles test suite.
+
 2014-03-20  Pavel Tisnovsky  <ptisnovs at redhat.com>
 
 	* src/org/gfxtest/testsuites/BitBltBufferedImageOp.java:
diff -r bcdf88e32236 -r 842891bb6f30 src/org/gfxtest/testsuites/BitBltMirrorImage.java
--- a/src/org/gfxtest/testsuites/BitBltMirrorImage.java	Thu Mar 20 09:36:49 2014 +0100
+++ b/src/org/gfxtest/testsuites/BitBltMirrorImage.java	Fri Mar 21 11:21:55 2014 +0100
@@ -1,7 +1,7 @@
 /*
   Java gfx-test framework
 
-   Copyright (C) 2010, 2011, 2012  Red Hat
+   Copyright (C) 2010, 2011, 2012, 2013, 2014  Red Hat
 
 This file is part of IcedTea.
 
diff -r bcdf88e32236 -r 842891bb6f30 src/org/gfxtest/testsuites/BitBltRotateImage.java
--- a/src/org/gfxtest/testsuites/BitBltRotateImage.java	Thu Mar 20 09:36:49 2014 +0100
+++ b/src/org/gfxtest/testsuites/BitBltRotateImage.java	Fri Mar 21 11:21:55 2014 +0100
@@ -1,7 +1,7 @@
 /*
   Java gfx-test framework
 
-   Copyright (C) 2010, 2011, 2012  Red Hat
+   Copyright (C) 2010, 2011, 2012, 2013, 2014  Red Hat
 
 This file is part of IcedTea.
 
diff -r bcdf88e32236 -r 842891bb6f30 src/org/gfxtest/testsuites/CAGOperationsOnTwoTouchingCircles.java
--- a/src/org/gfxtest/testsuites/CAGOperationsOnTwoTouchingCircles.java	Thu Mar 20 09:36:49 2014 +0100
+++ b/src/org/gfxtest/testsuites/CAGOperationsOnTwoTouchingCircles.java	Fri Mar 21 11:21:55 2014 +0100
@@ -1607,6 +1607,131 @@
         return TestResult.PASSED;
     }
 
+    /**
+     * Checks the process of creating and rendering new geometric shape
+     * constructed from two touching circles using inverse subtract operator. The shape is rendered
+     * using texture paint (fill).
+     * 
+     * @param image
+     *            image to which area is to be drawn
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testInverseSubtractTextureFillUsingDiagonalGridTexture(TestImage image, Graphics2D graphics2d)
+    {
+        // set stroke color
+        CommonRenderingStyles.setStrokeColor(graphics2d);
+        // set fill color
+        CommonRenderingStyles.setTextureFillUsingDiagonalGridTexture(image, graphics2d);
+        // create area using inverse subtract operator
+        Area area = CommonCAGOperations.createAreaFromTwoTouchingCirclesUsingInverseSubtractOperator(image);
+        // draw the area
+        graphics2d.fill(area);
+        // test result
+        return TestResult.PASSED;
+    }
+
+    /**
+     * Checks the process of creating and rendering new geometric shape
+     * constructed from two touching circles using Intersect operator. The shape is rendered
+     * using texture paint (fill).
+     * 
+     * @param image
+     *            image to which area is to be drawn
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testIntersectTextureFillUsingDiagonalGridTexture(TestImage image, Graphics2D graphics2d)
+    {
+        // set stroke color
+        CommonRenderingStyles.setStrokeColor(graphics2d);
+        // set fill color
+        CommonRenderingStyles.setTextureFillUsingDiagonalGridTexture(image, graphics2d);
+        // create area using Intersect operator
+        Area area = CommonCAGOperations.createAreaFromTwoTouchingCirclesUsingIntersectOperator(image);
+        // draw the area
+        graphics2d.fill(area);
+        // test result
+        return TestResult.PASSED;
+    }
+
+    /**
+     * Checks the process of creating and rendering new geometric shape
+     * constructed from two touching circles using Xor operator. The shape is rendered
+     * using texture paint (fill).
+     * 
+     * @param image
+     *            image to which area is to be drawn
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testXorTextureFillUsingDiagonalGridTexture(TestImage image, Graphics2D graphics2d)
+    {
+        // set stroke color
+        CommonRenderingStyles.setStrokeColor(graphics2d);
+        // set fill color
+        CommonRenderingStyles.setTextureFillUsingDiagonalGridTexture(image, graphics2d);
+        // create area using Xor operator
+        Area area = CommonCAGOperations.createAreaFromTwoTouchingCirclesUsingXorOperator(image);
+        // draw the area
+        graphics2d.fill(area);
+        // test result
+        return TestResult.PASSED;
+    }
+
+    /**
+     * Checks the process of creating and rendering new geometric shape
+     * constructed from two touching circles using union operator. The shape is rendered
+     * using texture paint (fill).
+     * 
+     * @param image
+     *            image to which area is to be drawn
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testUnionTextureFillUsingHorizontalStripesTexture(TestImage image, Graphics2D graphics2d)
+    {
+        // set stroke color
+        CommonRenderingStyles.setStrokeColor(graphics2d);
+        // set fill color
+        CommonRenderingStyles.setTextureFillUsingHorizontalStripesTexture(image, graphics2d);
+        // create area using union operator
+        Area area = CommonCAGOperations.createAreaFromTwoTouchingCirclesUsingUnionOperator(image);
+        // draw the area
+        graphics2d.fill(area);
+        // test result
+        return TestResult.PASSED;
+    }
+
+    /**
+     * Checks the process of creating and rendering new geometric shape
+     * constructed from two touching circles using subtract operator. The shape is rendered
+     * using texture paint (fill).
+     * 
+     * @param image
+     *            image to which area is to be drawn
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testSubtractTextureFillUsingHorizontalStripesTexture(TestImage image, Graphics2D graphics2d)
+    {
+        // set stroke color
+        CommonRenderingStyles.setStrokeColor(graphics2d);
+        // set fill color
+        CommonRenderingStyles.setTextureFillUsingHorizontalStripesTexture(image, graphics2d);
+        // create area using subtract operator
+        Area area = CommonCAGOperations.createAreaFromTwoTouchingCirclesUsingSubtractOperator(image);
+        // draw the area
+        graphics2d.fill(area);
+        // test result
+        return TestResult.PASSED;
+    }
+
         // create area using union operator
         Area area = CommonCAGOperations.createAreaFromTwoTouchingCirclesUsingUnionOperator(image);
         // draw the area

From ptisnovs at icedtea.classpath.org  Fri Mar 21 10:41:37 2014
From: ptisnovs at icedtea.classpath.org (ptisnovs at icedtea.classpath.org)
Date: Fri, 21 Mar 2014 10:41:37 +0000
Subject: /hg/rhino-tests: Enhancements of various tests in ScriptEngineCl...
Message-ID: <hg.c4c9da65a928.1395398497.-6019694633368342460@icedtea.classpath.org>

changeset c4c9da65a928 in /hg/rhino-tests
details: http://icedtea.classpath.org/hg/rhino-tests?cmd=changeset;node=c4c9da65a928
author: Pavel Tisnovsky <ptisnovs at redhat.com>
date: Fri Mar 21 11:42:16 2014 +0100

	Enhancements of various tests in ScriptEngineClassTest.


diffstat:

 ChangeLog                                     |   5 ++++
 src/org/RhinoTests/ScriptEngineClassTest.java |  32 +++++++++++++++++++++++++++
 2 files changed, 37 insertions(+), 0 deletions(-)

diffs (61 lines):

diff -r 6c88fa309557 -r c4c9da65a928 ChangeLog
--- a/ChangeLog	Thu Mar 20 09:34:13 2014 +0100
+++ b/ChangeLog	Fri Mar 21 11:42:16 2014 +0100
@@ -1,3 +1,8 @@
+2014-03-21  Pavel Tisnovsky  <ptisnovs at redhat.com>
+
+	* src/org/RhinoTests/ScriptEngineClassTest.java:
+	Enhancements of various tests in ScriptEngineClassTest.
+
 2014-03-20  Pavel Tisnovsky  <ptisnovs at redhat.com>
 
 	* src/org/RhinoTests/ScriptExceptionClassTest.java:
diff -r 6c88fa309557 -r c4c9da65a928 src/org/RhinoTests/ScriptEngineClassTest.java
--- a/src/org/RhinoTests/ScriptEngineClassTest.java	Thu Mar 20 09:34:13 2014 +0100
+++ b/src/org/RhinoTests/ScriptEngineClassTest.java	Fri Mar 21 11:42:16 2014 +0100
@@ -1891,6 +1891,30 @@
         }
 
         try {
+            this.scriptEngineClass.cast(new java.awt.Label());
+            throw new AssertionError("Class.cast(new java.awt.Label()) does not throw any exception");
+        }
+        catch (Exception e) {
+            // expected exception
+        }
+
+        try {
+            this.scriptEngineClass.cast(new java.awt.Label(new String()));
+            throw new AssertionError("Class.cast(new java.awt.Label(new String())) does not throw any exception");
+        }
+        catch (Exception e) {
+            // expected exception
+        }
+
+        try {
+            this.scriptEngineClass.cast(new java.awt.Label("xyzzy"));
+            throw new AssertionError("Class.cast(new java.awt.Label(\"xyzzy\")) does not throw any exception");
+        }
+        catch (Exception e) {
+            // expected exception
+        }
+
+        try {
             this.scriptEngineClass.cast(new javax.swing.JLabel());
             throw new AssertionError("Class.cast(new javax.swing.JLabel()) does not throw any exception");
         }
@@ -1907,6 +1931,14 @@
         }
 
         try {
+            this.scriptEngineClass.cast(new javax.swing.JLabel("xyzzy"));
+            throw new AssertionError("Class.cast(new javax.swing.JLabel(\"xyzzy\")) does not throw any exception");
+        }
+        catch (Exception e) {
+            // expected exception
+        }
+
+        try {
             this.scriptEngineClass.cast(new javax.swing.JPanel());
             throw new AssertionError("Class.cast(new javax.swing.JPanel()) does not throw any exception");
         }

From omajid at redhat.com  Fri Mar 21 14:51:43 2014
From: omajid at redhat.com (Omair Majid)
Date: Fri, 21 Mar 2014 10:51:43 -0400
Subject: [rfc][icedtea-web] manifests attributes Validation Moved To
	Separate Class
In-Reply-To: <532B03BB.6050001@redhat.com>
References: <532B03BB.6050001@redhat.com>
Message-ID: <20140321145143.GB6449@redhat.com>

* Jiri Vanek <jvanek at redhat.com> [2014-03-20 11:01]:
> +++ b/netx/net/sourceforge/jnlp/runtime/ManifestsAttributesValidator.java	Thu Mar 20 16:04:20 2014 +0100

> +public class ManifestsAttributesValidator {

Can you please add a unit test for this class? It's nice to 'document'
the behaviour using a test.

> +     public static URL guessCodeBase(JNLPFile file) {
> +        if (file.getCodeBase() != null) {
> +            return file.getCodeBase();
> +        } else {
> +            //Fixme: codebase should be the codebase of the Main Jar not
> +            //the location. Although, it still works in the current state.
> +            return file.getResources().getMainJAR().getLocation();
> +        }

I am not sure if UrlUtils is the right place to move this method. It has
very little to do with manipulating URLs (which is what the rest of the
methods in this class do).

Thanks,
Omair

-- 
PGP Key: 66484681 (http://pgp.mit.edu/)
Fingerprint = F072 555B 0A17 3957 4E95  0056 F286 F14F 6648 4681

From jvanek at redhat.com  Fri Mar 21 15:06:30 2014
From: jvanek at redhat.com (Jiri Vanek)
Date: Fri, 21 Mar 2014 16:06:30 +0100
Subject: [rfc][icedtea-web] manifests attributes Validation Moved To
	Separate Class
In-Reply-To: <20140321145143.GB6449@redhat.com>
References: <532B03BB.6050001@redhat.com> <20140321145143.GB6449@redhat.com>
Message-ID: <532C5576.5010206@redhat.com>

On 03/21/2014 03:51 PM, Omair Majid wrote:
> * Jiri Vanek <jvanek at redhat.com> [2014-03-20 11:01]:
>> +++ b/netx/net/sourceforge/jnlp/runtime/ManifestsAttributesValidator.java	Thu Mar 20 16:04:20 2014 +0100
>
>> +public class ManifestsAttributesValidator {
>
> Can you please add a unit test for this class? It's nice to 'document'
> the behaviour using a test.
>
>> +     public static URL guessCodeBase(JNLPFile file) {
>> +        if (file.getCodeBase() != null) {
>> +            return file.getCodeBase();
>> +        } else {
>> +            //Fixme: codebase should be the codebase of the Main Jar not
>> +            //the location. Although, it still works in the current state.
>> +            return file.getResources().getMainJAR().getLocation();
>> +        }
>
> I am not sure if UrlUtils is the right place to move this method. It has
> very little to do with manipulating URLs (which is what the rest of the
> methods in this class do).
>
> Thanks,
> Omair
>

uff... This is already pushed, and right now there is really lack of time for unittest.

As this class is inherently tested by  JNLPFile test, I would rather not insists.

As for guessCodeBase -  where to move it?

As I told. I wold rather skipp both suggestions rightnow :(

J.

From omajid at redhat.com  Fri Mar 21 15:16:39 2014
From: omajid at redhat.com (Omair Majid)
Date: Fri, 21 Mar 2014 11:16:39 -0400
Subject: [rfc][icedtea-web] manifests attributes Validation Moved To
	Separate Class
In-Reply-To: <532C5576.5010206@redhat.com>
References: <532B03BB.6050001@redhat.com> <20140321145143.GB6449@redhat.com>
	<532C5576.5010206@redhat.com>
Message-ID: <20140321151639.GD6449@redhat.com>

* Jiri Vanek <jvanek at redhat.com> [2014-03-21 11:06]:
> uff... This is already pushed, and right now there is really lack of time for unittest.

Can I ask for features to be considered 'incomplete' without unit tests?
You know (more than me) about benefits of testing :)

> As this class is inherently tested by  JNLPFile test, I would rather not insists.

Okay, but unit tests are nice to have as documentation too.

Also, if JNLPFile tests are unit tests, they really should be testing
just JNLPFile only and not another class.

> As for guessCodeBase -  where to move it?

I don't have a good idea about where to put it. If this is only called
from one place, I would leave it as a private method for now.

If it's called from multiple places, please leave it where it is
currently.

This is not the cleanest solution, but I think it's a good idea to
demarcate clean libraries as 'clean' and not allow
things-we-are-unsure-about or
methods-that-dont-quite-fit-the-abstraction in there.

> As I told. I wold rather skipp both suggestions rightnow :(

As maintainer, it's your call. I would urge you to reconsider, though.

Thanks,
Omair

-- 
PGP Key: 66484681 (http://pgp.mit.edu/)
Fingerprint = F072 555B 0A17 3957 4E95  0056 F286 F14F 6648 4681

From omajid at redhat.com  Fri Mar 21 14:56:39 2014
From: omajid at redhat.com (Omair Majid)
Date: Fri, 21 Mar 2014 10:56:39 -0400
Subject: [rfc][icedtea-web] Trusted-only manifest attribute
In-Reply-To: <532B0A39.6060102@redhat.com>
References: <532B0A39.6060102@redhat.com>
Message-ID: <20140321145639.GC6449@redhat.com>

* Andrew Azores <aazores at redhat.com> [2014-03-20 11:35]:
> +++ b/netx/net/sourceforge/jnlp/runtime/ManifestsAttributesValidator.java

> +    void checkTrustedOnlyAttribute() throws LaunchException {

A stylistic nit: if you ask me to use a class named *Validator, I will
look for the validate* method as the first thing. If the class is named
*Checker, then maybe a check* method makes more sense.

What do you think?

Thanks,
Omair

-- 
PGP Key: 66484681 (http://pgp.mit.edu/)
Fingerprint = F072 555B 0A17 3957 4E95  0056 F286 F14F 6648 4681

From jvanek at redhat.com  Fri Mar 21 15:27:12 2014
From: jvanek at redhat.com (Jiri Vanek)
Date: Fri, 21 Mar 2014 16:27:12 +0100
Subject: [rfc][icedtea-web] Trusted-only manifest attribute
In-Reply-To: <20140321145639.GC6449@redhat.com>
References: <532B0A39.6060102@redhat.com> <20140321145639.GC6449@redhat.com>
Message-ID: <532C5A50.6060400@redhat.com>

On 03/21/2014 03:56 PM, Omair Majid wrote:
> * Andrew Azores <aazores at redhat.com> [2014-03-20 11:35]:
>> +++ b/netx/net/sourceforge/jnlp/runtime/ManifestsAttributesValidator.java
>
>> +    void checkTrustedOnlyAttribute() throws LaunchException {
>
> A stylistic nit: if you ask me to use a class named *Validator, I will
> look for the validate* method as the first thing. If the class is named
> *Checker, then maybe a check* method makes more sense.
>
> What do you think?
>
> Thanks,
> Omair
>


the small refactoring

ManifestsAttributesValidator -> ManifestsAttributesChecker

and all its current methods started with check

is probably worthy to do...

J.

From jvanek at redhat.com  Fri Mar 21 15:30:10 2014
From: jvanek at redhat.com (Jiri Vanek)
Date: Fri, 21 Mar 2014 16:30:10 +0100
Subject: [rfc][icedtea-web] cache tweeks
In-Reply-To: <532B07FC.3050401@redhat.com>
References: <532AFC0A.5040501@redhat.com> <532B07FC.3050401@redhat.com>
Message-ID: <532C5B02.5020108@redhat.com>

On 03/20/2014 04:23 PM, Andrew Azores wrote:
> On 03/20/2014 10:32 AM, Jiri Vanek wrote:
>> releaseLock is bug, found thanx to tweeksToCache work.
>> releaseLock is releasing the never released lock. It is not 100% fix but for deeper fixing this
>> needs to wait for cache revisite. ntil now it was invisible, because jvm always terminated after
>> clean-cache.
>>
>> The tweeksToCache is doing the only thing - making clear cache more visible. Righ ntnow it exists
>> only as cmd switch, and as feature in itw-settings->cache->view Fiels->delete on by one.
>> Now one can itw-settings->cache->view Files->delete all.
>> Delete all is also presented on error dialogs - with tooltip why.
>>
>> Motivation? - tired to close bugs by "clear cache first please" "how" "...:x..." "It started to work"
>>
>> Thanx!
>>   J.
>
> There's some weird formatting going on in the cache tweaks patch. invokeLaterDeleteAll,
> disableButtons, restoreDisabled, and visualCleanCache all have various indentation issues.
>
> Otherwise I think this is okay.
>
> Thanks,
>


Few more nits to this topic.
  - improved messages
  - exception shown to user as "what to do now"

J.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: minorClearCacheFix.patch
Type: text/x-patch
Size: 2983 bytes
Desc: not available
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140321/1b122d22/minorClearCacheFix.patch>

From jvanek at redhat.com  Fri Mar 21 15:48:53 2014
From: jvanek at redhat.com (Jiri Vanek)
Date: Fri, 21 Mar 2014 16:48:53 +0100
Subject: [rfc][icedtea-web] Reprint of application logs to console
Message-ID: <532C5F65.8080709@redhat.com>

If application is calling system.out/err.print(ln) for some kind of debugging, then it is *maybe* 
good to show it in our debug console. With its powerful features it may be usefull debugging tool 
for developers.

tbh, I'm not sure if this is wonted feature, but I somehow think it should be there. I also think 
previous console did it. So should new.  And ...  it really looks cool :)

The suspicious code is:

     private void copyRichActionPerformed(java.awt.event.ActionEvent evt) {
and
     private void copyPlainActionPerformed(java.awt.event.ActionEvent evt) {
+        if (canChange) {
+            showApp.setSelected(false);
+            refreshAction();
+            canChange = false;
+        }
          fillClipBoard(false, sortCopyAll.isSelected());
      }

What I wont to do is, to have it shown b default, but not include it in first copy-all. Reason is, 
that copy all should be the most natural way to report bug. And in this the application logs should 
not occur. But maybe sometimes may be usefull, so not inclusion is done only once time.


J.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: allCopiedStdOuts.patch
Type: text/x-patch
Size: 21900 bytes
Desc: not available
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140321/409864d4/allCopiedStdOuts-0001.patch>

From omajid at redhat.com  Fri Mar 21 15:57:52 2014
From: omajid at redhat.com (Omair Majid)
Date: Fri, 21 Mar 2014 11:57:52 -0400
Subject: [rfc][icedtea-web] Reprint of application logs to console
In-Reply-To: <532C5F65.8080709@redhat.com>
References: <532C5F65.8080709@redhat.com>
Message-ID: <20140321155752.GE6449@redhat.com>

Hi

I haven't reviewed the patch, but just wanted to comment on something.

* Jiri Vanek <jvanek at redhat.com> [2014-03-21 11:51]:
> If application is calling system.out/err.print(ln) for some kind of
> debugging, then it is *maybe* good to show it in our debug console.
> With its powerful features it may be usefull debugging tool for
> developers.

I would replace 'maybe' with 'definitely'.

> tbh, I'm not sure if this is wonted feature, but I somehow think it
> should be there. I also think previous console did it. So should
> new.  And ...  it really looks cool :)

I think this is definitely worth having. And yes, I implemented this in
the older console. The console that is part of the proprietary plugin
does this too.

Thanks,
Omair

-- 
PGP Key: 66484681 (http://pgp.mit.edu/)
Fingerprint = F072 555B 0A17 3957 4E95  0056 F286 F14F 6648 4681

From andrew at icedtea.classpath.org  Fri Mar 21 17:39:48 2014
From: andrew at icedtea.classpath.org (andrew at icedtea.classpath.org)
Date: Fri, 21 Mar 2014 17:39:48 +0000
Subject: /hg/release/icedtea7-2.4: 3 new changesets
Message-ID: <hg.f59e4269da38.1395423588.5789328834432805220@icedtea.classpath.org>

changeset f59e4269da38 in /hg/release/icedtea7-2.4
details: http://icedtea.classpath.org/hg/release/icedtea7-2.4?cmd=changeset;node=f59e4269da38
author: Andrew John Hughes <gnu_andrew at member.fsf.org>
date: Fri Feb 21 22:04:31 2014 +0000

	Avoid giving PAX_COMMAND a value if no PaX utility is available.

	2014-02-21  Andrew John Hughes  <gnu.andrew at member.fsf.org>

		* acinclude.m4:
		(IT_WITH_PAX): Leave PAX_COMMAND with the empty
		string rather than "not specified" to avoid build
		failures.
		* pax-mark-vm.in: Update PAX_COMMAND check.


changeset 5c3c415fa3ef in /hg/release/icedtea7-2.4
details: http://icedtea.classpath.org/hg/release/icedtea7-2.4?cmd=changeset;node=5c3c415fa3ef
author: Andrew John Hughes <gnu_andrew at member.fsf.org>
date: Fri Mar 21 17:38:41 2014 +0000

	PR1684: Build fails with empty PAX_COMMAND

	2014-02-24  Andrew John Hughes  <gnu.andrew at member.fsf.org>

		PR1684: Build fails with empty PAX_COMMAND
		* Makefile.am:
		(ICEDTEA_ENV): Only add PAX_COMMAND when defined.
		* NEWS: Updated.


changeset 45b209e92979 in /hg/release/icedtea7-2.4
details: http://icedtea.classpath.org/hg/release/icedtea7-2.4?cmd=changeset;node=45b209e92979
author: Andrew John Hughes <gnu_andrew at member.fsf.org>
date: Fri Mar 21 17:39:17 2014 +0000

	Add Gentoo bug reference for PaX update.

	2014-02-24  Andrew John Hughes  <gnu.andrew at member.fsf.org>

		* NEWS: Add Gentoo bug reference for
		PaX update.


diffstat:

 ChangeLog      |  20 ++++++++++++++++++++
 Makefile.am    |   8 ++++++--
 NEWS           |   3 ++-
 acinclude.m4   |   7 ++-----
 pax-mark-vm.in |   2 +-
 5 files changed, 31 insertions(+), 9 deletions(-)

diffs (102 lines):

diff -r a03874670653 -r 45b209e92979 ChangeLog
--- a/ChangeLog	Mon Mar 17 16:42:38 2014 +0000
+++ b/ChangeLog	Fri Mar 21 17:39:17 2014 +0000
@@ -1,3 +1,23 @@
+2014-02-24  Andrew John Hughes  <gnu.andrew at member.fsf.org>
+
+	* NEWS: Add Gentoo bug reference for
+	PaX update.
+
+2014-02-24  Andrew John Hughes  <gnu.andrew at member.fsf.org>
+
+	PR1684: Build fails with empty PAX_COMMAND
+	* Makefile.am:
+	(ICEDTEA_ENV): Only add PAX_COMMAND when defined.
+	* NEWS: Updated.
+
+2014-02-21  Andrew John Hughes  <gnu.andrew at member.fsf.org>
+
+	* acinclude.m4:
+	(IT_WITH_PAX): Leave PAX_COMMAND with the empty
+	string rather than "not specified" to avoid build
+	failures.
+	* pax-mark-vm.in: Update PAX_COMMAND check.
+
 2014-02-19  Andrew John Hughes  <gnu.andrew at member.fsf.org>
 
 	* patches/boot/test_gamma.patch,
diff -r a03874670653 -r 45b209e92979 Makefile.am
--- a/Makefile.am	Mon Mar 17 16:42:38 2014 +0000
+++ b/Makefile.am	Fri Mar 21 17:39:17 2014 +0000
@@ -484,8 +484,7 @@
 	JAVAC_WARNINGS_FATAL="$(WERROR_STATUS)" \
 	COMPILER_WARNINGS_FATAL="$(WERROR_STATUS)" \
 	UNLIMITED_CRYPTO="true" \
-	ARM32JIT="${ARM32JIT_STATUS}" \
-	PAX_COMMAND="${PAX_COMMAND}"
+	ARM32JIT="${ARM32JIT_STATUS}"
 
 if ENABLE_CACAO
 ICEDTEA_ENV += \
@@ -596,6 +595,11 @@
 	KRB5_CFLAGS="${KRB5_CFLAGS}"
 endif
 
+if WITH_PAX
+ICEDTEA_ENV += \
+	PAX_COMMAND="${PAX_COMMAND}"
+endif
+
 # OpenJDK boot build environment.
 ICEDTEA_ENV_BOOT = $(ICEDTEA_ENV) \
 	BOOTCLASSPATH_CLS_RT="-bootclasspath $(CLS_DIR_BOOT):$(RUNTIME)" \
diff -r a03874670653 -r 45b209e92979 NEWS
--- a/NEWS	Mon Mar 17 16:42:38 2014 +0000
+++ b/NEWS	Fri Mar 21 17:39:17 2014 +0000
@@ -20,8 +20,9 @@
 * Bug fixes
   - PR1101: Undefined symbols on GNU/Linux SPARC
   - PR1659: OpenJDK 7 returns incorrect TrueType font metrics when bold style is set
-  - PR1677: Update PaX support to detect running PaX kernel and use newer tools
+  - PR1677, G498288: Update PaX support to detect running PaX kernel and use newer tools
   - PR1679: Allow OpenJDK to build on PaX-enabled kernels
+  - PR1684: Build fails with empty PAX_COMMAND
   - RH1015432: java-1.7.0-openjdk: Fails on PPC with StackOverflowError (revised fix)
   - Link against $(LIBDL) if SYSTEM_CUPS is not true
 * ARM port
diff -r a03874670653 -r 45b209e92979 acinclude.m4
--- a/acinclude.m4	Mon Mar 17 16:42:38 2014 +0000
+++ b/acinclude.m4	Fri Mar 21 17:39:17 2014 +0000
@@ -2356,10 +2356,7 @@
       fi
     fi
   fi
-  if test -z "${PAX_COMMAND}"; then
-    PAX_COMMAND="not specified"
-    PAX_COMMAND_ARGS="not specified"
-  else
+  if test -n "${PAX_COMMAND}"; then
     AC_MSG_CHECKING([which options to pass to ${PAX_COMMAND}])
     case "${host_cpu}" in
       i?86)
@@ -2371,7 +2368,7 @@
     esac
     AC_MSG_RESULT(${PAX_COMMAND_ARGS})
   fi
-  AM_CONDITIONAL(WITH_PAX, test "x${PAX_COMMAND}" != "xnot specified")
+  AM_CONDITIONAL(WITH_PAX, test "x${PAX_COMMAND}" != "x")
   AC_SUBST(PAX_COMMAND)
   AC_SUBST(PAX_COMMAND_ARGS)
 ])
diff -r a03874670653 -r 45b209e92979 pax-mark-vm.in
--- a/pax-mark-vm.in	Mon Mar 17 16:42:38 2014 +0000
+++ b/pax-mark-vm.in	Fri Mar 21 17:39:17 2014 +0000
@@ -5,7 +5,7 @@
 	file "$@" 2> /dev/null | grep -E 'ELF.*(executable|shared object)' | sed -e 's/: .*$//'
 }
 
-if test "@PAX_COMMAND@" != "not specified"; then
+if test "x at PAX_COMMAND@" != "x"; then
 	for paxable in `list_paxables "${1}"/bin/* "${1}"/jre/bin/*`; do
 		echo "PaX mark @PAX_COMMAND_ARGS@ ${paxable}"
 		@PAX_COMMAND@ @PAX_COMMAND_ARGS@ "${paxable}"

From bugzilla-daemon at icedtea.classpath.org  Fri Mar 21 17:39:56 2014
From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org)
Date: Fri, 21 Mar 2014 17:39:56 +0000
Subject: [Bug 1684] [IcedTea7] Build fails with empty PAX_COMMAND
In-Reply-To: <bug-1684-30@http.icedtea.classpath.org/bugzilla/>
References: <bug-1684-30@http.icedtea.classpath.org/bugzilla/>
Message-ID: <bug-1684-30-6zKgtdPSFu@http.icedtea.classpath.org/bugzilla/>

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1684

--- Comment #2 from hg commits <mercurial at icedtea.classpath.org> ---
details:
http://icedtea.classpath.org//hg/release/icedtea7-2.4?cmd=changeset;node=5c3c415fa3ef
author: Andrew John Hughes <gnu_andrew at member.fsf.org>
date: Fri Mar 21 17:38:41 2014 +0000

    PR1684: Build fails with empty PAX_COMMAND

    2014-02-24  Andrew John Hughes  <gnu.andrew at member.fsf.org>

        PR1684: Build fails with empty PAX_COMMAND
        * Makefile.am:
        (ICEDTEA_ENV): Only add PAX_COMMAND when defined.
        * NEWS: Updated.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140321/5da14016/attachment.html>

From andrew at icedtea.classpath.org  Fri Mar 21 17:49:07 2014
From: andrew at icedtea.classpath.org (andrew at icedtea.classpath.org)
Date: Fri, 21 Mar 2014 17:49:07 +0000
Subject: /hg/release/icedtea7-forest-2.4/jdk: Turn ARM32 JIT on by default
Message-ID: <hg.b5282042aae0.1395424147.9040506844232929411@icedtea.classpath.org>

changeset b5282042aae0 in /hg/release/icedtea7-forest-2.4/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/jdk?cmd=changeset;node=b5282042aae0
author: andrew
date: Fri Mar 21 17:48:59 2014 +0000

	Turn ARM32 JIT on by default


diffstat:

 make/jdk_generic_profile.sh |  4 ++++
 1 files changed, 4 insertions(+), 0 deletions(-)

diffs (11 lines):

diff -r 1e3bd243269a -r b5282042aae0 make/jdk_generic_profile.sh
--- a/make/jdk_generic_profile.sh	Tue Mar 18 17:10:07 2014 +0000
+++ b/make/jdk_generic_profile.sh	Fri Mar 21 17:48:59 2014 +0000
@@ -481,3 +481,7 @@
 export USE_SYSTEM_PNG=true
 export USE_SYSTEM_GIF=true
 export SYSTEM_KRB5=true
+
+# IcedTea default; turn on the ARM32 JIT
+export ARM32JIT=true
+

From andrew at icedtea.classpath.org  Fri Mar 21 17:50:40 2014
From: andrew at icedtea.classpath.org (andrew at icedtea.classpath.org)
Date: Fri, 21 Mar 2014 17:50:40 +0000
Subject: /hg/release/icedtea7-2.4: Turn ARM32 JIT on by default.
Message-ID: <hg.ec74d72298dd.1395424240.5789328834432805220@icedtea.classpath.org>

changeset ec74d72298dd in /hg/release/icedtea7-2.4
details: http://icedtea.classpath.org/hg/release/icedtea7-2.4?cmd=changeset;node=ec74d72298dd
author: Andrew John Hughes <gnu_andrew at member.fsf.org>
date: Fri Mar 21 17:50:28 2014 +0000

	Turn ARM32 JIT on by default.

	2014-03-21  Andrew John Hughes  <gnu.andrew at member.fsf.org>

		* acinclude.m4:
		(IT_ENABLE_ARM32JIT): Turn JIT on by default.


diffstat:

 ChangeLog    |  5 +++++
 acinclude.m4 |  2 +-
 2 files changed, 6 insertions(+), 1 deletions(-)

diffs (24 lines):

diff -r 45b209e92979 -r ec74d72298dd ChangeLog
--- a/ChangeLog	Fri Mar 21 17:39:17 2014 +0000
+++ b/ChangeLog	Fri Mar 21 17:50:28 2014 +0000
@@ -1,3 +1,8 @@
+2014-03-21  Andrew John Hughes  <gnu.andrew at member.fsf.org>
+
+	* acinclude.m4:
+	(IT_ENABLE_ARM32JIT): Turn JIT on by default.
+
 2014-02-24  Andrew John Hughes  <gnu.andrew at member.fsf.org>
 
 	* NEWS: Add Gentoo bug reference for
diff -r 45b209e92979 -r ec74d72298dd acinclude.m4
--- a/acinclude.m4	Fri Mar 21 17:39:17 2014 +0000
+++ b/acinclude.m4	Fri Mar 21 17:50:28 2014 +0000
@@ -2637,7 +2637,7 @@
     esac
   ],
   [
-    enable_arm32jit=no
+    enable_arm32jit=yes
   ])
   AC_MSG_RESULT([$enable_arm32jit])
   AM_CONDITIONAL([ENABLE_ARM32JIT], test x"${enable_arm32jit}" = "xyes")

From andrew at icedtea.classpath.org  Fri Mar 21 17:52:33 2014
From: andrew at icedtea.classpath.org (andrew at icedtea.classpath.org)
Date: Fri, 21 Mar 2014 17:52:33 +0000
Subject: /hg/icedtea7: Turn ARM32 JIT on by default.
Message-ID: <hg.f4920229fa73.1395424353.2873452341184383833@icedtea.classpath.org>

changeset f4920229fa73 in /hg/icedtea7
details: http://icedtea.classpath.org/hg/icedtea7?cmd=changeset;node=f4920229fa73
author: Andrew John Hughes <gnu_andrew at member.fsf.org>
date: Fri Mar 21 17:50:28 2014 +0000

	Turn ARM32 JIT on by default.

	2014-03-21  Andrew John Hughes  <gnu.andrew at member.fsf.org>

		* acinclude.m4:
		(IT_ENABLE_ARM32JIT): Turn JIT on by default.


diffstat:

 ChangeLog    |  7 ++++++-
 acinclude.m4 |  2 +-
 2 files changed, 7 insertions(+), 2 deletions(-)

diffs (26 lines):

diff -r b1043cc0cd82 -r f4920229fa73 ChangeLog
--- a/ChangeLog	Sat Mar 08 18:06:34 2014 +0000
+++ b/ChangeLog	Fri Mar 21 17:50:28 2014 +0000
@@ -1,4 +1,9 @@
-2014-03-07  Andrew John Hughes  <gnu.andrew at member.fsf.org>
+2014-03-21  Andrew John Hughes  <gnu.andrew at member.fsf.org>
+
+	* acinclude.m4:
+	(IT_ENABLE_ARM32JIT): Turn JIT on by default.
+
+2014-03-08  Andrew John Hughes  <gnu.andrew at member.fsf.org>
 
 	* acinclude:
 	(IT_CHECK_FOR_PCSC): Default to off.
diff -r b1043cc0cd82 -r f4920229fa73 acinclude.m4
--- a/acinclude.m4	Sat Mar 08 18:06:34 2014 +0000
+++ b/acinclude.m4	Fri Mar 21 17:50:28 2014 +0000
@@ -2669,7 +2669,7 @@
     esac
   ],
   [
-    enable_arm32jit=no
+    enable_arm32jit=yes
   ])
   AC_MSG_RESULT([$enable_arm32jit])
   AM_CONDITIONAL([ENABLE_ARM32JIT], test x"${enable_arm32jit}" = "xyes")

From bugzilla-daemon at icedtea.classpath.org  Fri Mar 21 19:02:20 2014
From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org)
Date: Fri, 21 Mar 2014 19:02:20 +0000
Subject: [Bug 1720] New: Crashes when attempting to build uPortal
Message-ID: <bug-1720-30@http.icedtea.classpath.org/bugzilla/>

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1720

            Bug ID: 1720
           Summary: Crashes when attempting to build uPortal
           Product: IcedTea
           Version: unspecified
          Hardware: x86_64
                OS: Linux
            Status: NEW
          Severity: critical
          Priority: P5
         Component: IcedTea
          Assignee: gnu.andrew at redhat.com
          Reporter: lst_manage at webengineer.com
                CC: unassigned at icedtea.classpath.org

During uPortal build:

[artifact:mvn] #
[artifact:mvn] # A fatal error has been detected by the Java Runtime
Environment:
[artifact:mvn] #
[artifact:mvn] #  SIGSEGV (0xb) at pc=0x00007f314501f73d, pid=25892,
tid=139849734035200
[artifact:mvn] #
[artifact:mvn] # JRE version: OpenJDK Runtime Environment (7.0_51-b31) (build
1.7.0_51-mockbuild_2014_01_31_16_21-b00)
[artifact:mvn] # Java VM: OpenJDK 64-Bit Server VM (24.51-b03 mixed mode
linux-amd64 compressed oops)
[artifact:mvn] # Problematic frame:
[artifact:mvn] # j  org.hsqldb.HsqlException.equals(Ljava/lang/Object;)Z+0
[artifact:mvn] #
[artifact:mvn] # Failed to write core dump. Core dumps have been disabled. To
enable core dumping, try "ulimit -c unlimited" before starting Java again
[artifact:mvn] #
[artifact:mvn] # An error report file with more information is saved as:
[artifact:mvn] # /tmp/jvm-25892/hs_error.log
[artifact:mvn] #
[artifact:mvn] # If you would like to submit a bug report, please include
[artifact:mvn] # instructions on how to reproduce the bug and visit:
[artifact:mvn] #   http://icedtea.classpath.org/bugzilla
[artifact:mvn] #
[artifact:mvn] /bin/sh: line 1: 25892 Aborted                 (core dumped)
/usr/lib/jvm/java-1.7.0-openjdk-1.7.0.60-2.4.5.1.fc20.x86_64/jre/bin/java
-Xmx512m -XX:MaxPermSize=512m -Duser.timezone=UTC -jar
/var/dev/uPortal/uportal-war/target/surefire/surefirebooter3244118299594093194.jar
/var/dev/uPortal/uportal-war/target/surefire/surefire7605222826761257030tmp
/var/dev/uPortal/uportal-war/target/surefire/surefire_01983721144067998535tmp

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140321/d4ca59fb/attachment-0001.html>

From bugzilla-daemon at icedtea.classpath.org  Fri Mar 21 19:08:33 2014
From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org)
Date: Fri, 21 Mar 2014 19:08:33 +0000
Subject: [Bug 1720] Crashes when attempting to build uPortal
In-Reply-To: <bug-1720-30@http.icedtea.classpath.org/bugzilla/>
References: <bug-1720-30@http.icedtea.classpath.org/bugzilla/>
Message-ID: <bug-1720-30-LCOo1uE0gP@http.icedtea.classpath.org/bugzilla/>

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1720

Emmett Culley <lst_manage at webengineer.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |lst_manage at webengineer.com

--- Comment #1 from Emmett Culley <lst_manage at webengineer.com> ---
Created attachment 1056
  --> http://icedtea.classpath.org/bugzilla/attachment.cgi?id=1056&action=edit
hs_error.log

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140321/a60fd1fa/attachment.html>

From andrew at icedtea.classpath.org  Fri Mar 21 19:38:32 2014
From: andrew at icedtea.classpath.org (andrew at icedtea.classpath.org)
Date: Fri, 21 Mar 2014 19:38:32 +0000
Subject: /hg/release/icedtea7-forest-2.3: PR1679: Allow OpenJDK to build ...
Message-ID: <hg.14181eb6c00d.1395430712.-6425493795253247648@icedtea.classpath.org>

changeset 14181eb6c00d in /hg/release/icedtea7-forest-2.3
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3?cmd=changeset;node=14181eb6c00d
author: andrew
date: Wed Feb 19 21:07:59 2014 +0000

	PR1679: Allow OpenJDK to build on PaX-enabled kernels


diffstat:

 make/Defs-internal.gmk |  14 +++++++++++++-
 1 files changed, 13 insertions(+), 1 deletions(-)

diffs (31 lines):

diff -r 66eecafe5565 -r 14181eb6c00d make/Defs-internal.gmk
--- a/make/Defs-internal.gmk	Tue Jan 14 20:24:44 2014 -0500
+++ b/make/Defs-internal.gmk	Wed Feb 19 21:07:59 2014 +0000
@@ -303,6 +303,16 @@
   ABS_JAXWS_DIST = $(JAXWS_OUTPUTDIR)/dist
 endif
 
+# Command to PaX mark the VM
+ifndef PAX_COMMAND
+  PAX_COMMAND = /usr/sbin/paxmark.sh
+endif
+ifeq ($(ARCH), i586)
+  PAX_COMMAND_ARGS="-msp"
+else
+  PAX_COMMAND_ARGS="-m"
+endif
+
 # Common make arguments (supplied to all component builds)
 COMMON_BUILD_ARGUMENTS = \
     JDK_TOPDIR=$(ABS_JDK_TOPDIR) \
@@ -323,7 +333,9 @@
     PREVIOUS_MAJOR_VERSION=$(PREVIOUS_MAJOR_VERSION) \
     PREVIOUS_MINOR_VERSION=$(PREVIOUS_MINOR_VERSION) \
     PREVIOUS_MICRO_VERSION=$(PREVIOUS_MICRO_VERSION) \
-    STATIC_CXX=$(STATIC_CXX)
+    STATIC_CXX=$(STATIC_CXX) \
+    PAX_COMMAND=$(PAX_COMMAND) \
+    PAX_COMMAND_ARGS=$(PAX_COMMAND_ARGS)
 
 ifdef ARCH_DATA_MODEL
   COMMON_BUILD_ARGUMENTS += ARCH_DATA_MODEL=$(ARCH_DATA_MODEL)

From bugzilla-daemon at icedtea.classpath.org  Fri Mar 21 19:38:39 2014
From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org)
Date: Fri, 21 Mar 2014 19:38:39 +0000
Subject: [Bug 1679] [IcedTea7] Allow OpenJDK to build on PaX-enabled kernels
In-Reply-To: <bug-1679-30@http.icedtea.classpath.org/bugzilla/>
References: <bug-1679-30@http.icedtea.classpath.org/bugzilla/>
Message-ID: <bug-1679-30-WcbHaq0kn7@http.icedtea.classpath.org/bugzilla/>

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1679

--- Comment #9 from hg commits <mercurial at icedtea.classpath.org> ---
details:
http://icedtea.classpath.org//hg/release/icedtea7-forest-2.3?cmd=changeset;node=14181eb6c00d
author: andrew
date: Wed Feb 19 21:07:59 2014 +0000

    PR1679: Allow OpenJDK to build on PaX-enabled kernels

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140321/aca87d06/attachment.html>

From andrew at icedtea.classpath.org  Fri Mar 21 19:38:47 2014
From: andrew at icedtea.classpath.org (andrew at icedtea.classpath.org)
Date: Fri, 21 Mar 2014 19:38:47 +0000
Subject: /hg/release/icedtea7-forest-2.3/corba: 5 new changesets
Message-ID: <hg.ed7f12eb2661.1395430727.-5398653327640076568@icedtea.classpath.org>

changeset ed7f12eb2661 in /hg/release/icedtea7-forest-2.3/corba
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/corba?cmd=changeset;node=ed7f12eb2661
author: coffeys
date: Mon Nov 11 15:52:11 2013 +0000

	8027837: JDK-8021257 causes CORBA build failure on emdedded platforms
	Reviewed-by: dholmes


changeset c73c14092b63 in /hg/release/icedtea7-forest-2.3/corba
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/corba?cmd=changeset;node=c73c14092b63
author: mchung
date: Thu Nov 07 20:48:38 2013 -0800

	8027943: serial version of com.sun.corba.se.spi.orbutil.proxy.CompositeInvocationHandlerImpl changed in 7u45
	Reviewed-by: msheppar, alanb, lancea


changeset 3a85dfaf63d8 in /hg/release/icedtea7-forest-2.3/corba
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/corba?cmd=changeset;node=3a85dfaf63d8
author: msheppar
date: Sun Nov 24 13:09:01 2013 +0000

	8028215: ORB.init fails with SecurityException if properties select the JDK default ORB
	Summary: check for default ORBImpl and ORBSingleton set via properties or System properties
	Reviewed-by: alanb, coffeys, mchung


changeset b181263f727f in /hg/release/icedtea7-forest-2.3/corba
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/corba?cmd=changeset;node=b181263f727f
author: andrew
date: Thu Jan 23 22:40:30 2014 +0000

	PR1653: Support ppc64le via Zero


changeset c7d0b72f704f in /hg/release/icedtea7-forest-2.3/corba
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/corba?cmd=changeset;node=c7d0b72f704f
author: andrew
date: Thu Jan 23 23:19:18 2014 +0000

	PR1654: ppc32 needs a larger ThreadStackSize to build


diffstat:

 make/Makefile                                                                            |   2 +-
 make/common/shared/Defs-java.gmk                                                         |   6 ++++-
 make/common/shared/Platform.gmk                                                          |   2 +-
 src/share/classes/com/sun/corba/se/spi/orbutil/proxy/CompositeInvocationHandlerImpl.java |   2 +
 src/share/classes/org/omg/CORBA/ORB.java                                                 |  11 ++++++---
 5 files changed, 16 insertions(+), 7 deletions(-)

diffs (90 lines):

diff -r f12e1c039846 -r c7d0b72f704f make/Makefile
--- a/make/Makefile	Tue Jan 14 20:24:44 2014 -0500
+++ b/make/Makefile	Thu Jan 23 23:19:18 2014 +0000
@@ -160,7 +160,7 @@
 #
 # CORBA
 #
-SUBDIRS = tools javax org sun com
+SUBDIRS = tools sun/rmi javax org sun com
 
 build:
 	$(SUBDIRS-loop)
diff -r f12e1c039846 -r c7d0b72f704f make/common/shared/Defs-java.gmk
--- a/make/common/shared/Defs-java.gmk	Tue Jan 14 20:24:44 2014 -0500
+++ b/make/common/shared/Defs-java.gmk	Thu Jan 23 23:19:18 2014 +0000
@@ -79,7 +79,11 @@
 
 # 64-bit builds require a larger thread stack size.
 ifeq ($(ARCH_DATA_MODEL), 32)
-  JAVAC_JVM_FLAGS    += -J-XX:ThreadStackSize=768
+  ifeq ($(ARCH), ppc)
+    JAVAC_JVM_FLAGS    += -J-XX:ThreadStackSize=1152
+  else
+    JAVAC_JVM_FLAGS    += -J-XX:ThreadStackSize=768
+  endif
 else
   JAVAC_JVM_FLAGS    += -J-XX:ThreadStackSize=1664
 endif
diff -r f12e1c039846 -r c7d0b72f704f make/common/shared/Platform.gmk
--- a/make/common/shared/Platform.gmk	Tue Jan 14 20:24:44 2014 -0500
+++ b/make/common/shared/Platform.gmk	Thu Jan 23 23:19:18 2014 +0000
@@ -154,7 +154,7 @@
   # Arch and OS name/version
   mach := $(shell uname -m)
   ifneq (,$(wildcard /usr/bin/dpkg-architecture))
-    mach := $(shell (dpkg-architecture -qDEB_HOST_ARCH_CPU 2>/dev/null || echo $(mach)) | sed 's/arm64/aarch64/;s/powerpc$$/ppc/;s/hppa/parisc/')
+    mach := $(shell (dpkg-architecture -qDEB_HOST_ARCH_CPU 2>/dev/null || echo $(mach)) | sed 's/arm64/aarch64/;s/powerpc$$/ppc/;s/hppa/parisc/;s/ppc64el/ppc64le/')
   endif
   archExpr = case "$(mach)" in \
                 i[3-9]86) \
diff -r f12e1c039846 -r c7d0b72f704f src/share/classes/com/sun/corba/se/spi/orbutil/proxy/CompositeInvocationHandlerImpl.java
--- a/src/share/classes/com/sun/corba/se/spi/orbutil/proxy/CompositeInvocationHandlerImpl.java	Tue Jan 14 20:24:44 2014 -0500
+++ b/src/share/classes/com/sun/corba/se/spi/orbutil/proxy/CompositeInvocationHandlerImpl.java	Thu Jan 23 23:19:18 2014 +0000
@@ -89,4 +89,6 @@
             sm.checkPermission(perm);
 }
     }
+
+    private static final long serialVersionUID = 4571178305984833743L;
 }
diff -r f12e1c039846 -r c7d0b72f704f src/share/classes/org/omg/CORBA/ORB.java
--- a/src/share/classes/org/omg/CORBA/ORB.java	Tue Jan 14 20:24:44 2014 -0500
+++ b/src/share/classes/org/omg/CORBA/ORB.java	Thu Jan 23 23:19:18 2014 +0000
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1995, 2010, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1995, 2013, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -285,7 +285,8 @@
             String className = getSystemProperty(ORBSingletonClassKey);
             if (className == null)
                 className = getPropertyFromFile(ORBSingletonClassKey);
-            if (className == null) {
+            if ((className == null) ||
+                    (className.equals("com.sun.corba.se.impl.orb.ORBSingleton"))) {
                 singleton = new com.sun.corba.se.impl.orb.ORBSingleton();
             } else {
                 singleton = create_impl(className);
@@ -339,7 +340,8 @@
             className = getSystemProperty(ORBClassKey);
         if (className == null)
             className = getPropertyFromFile(ORBClassKey);
-        if (className == null) {
+        if ((className == null) ||
+                    (className.equals("com.sun.corba.se.impl.orb.ORBImpl"))) {
             orb = new com.sun.corba.se.impl.orb.ORBImpl();
         } else {
             orb = create_impl(className);
@@ -369,7 +371,8 @@
             className = getSystemProperty(ORBClassKey);
         if (className == null)
             className = getPropertyFromFile(ORBClassKey);
-        if (className == null) {
+        if ((className == null) ||
+                    (className.equals("com.sun.corba.se.impl.orb.ORBImpl"))) {
             orb = new com.sun.corba.se.impl.orb.ORBImpl();
         } else {
             orb = create_impl(className);

From bugzilla-daemon at icedtea.classpath.org  Fri Mar 21 19:38:53 2014
From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org)
Date: Fri, 21 Mar 2014 19:38:53 +0000
Subject: [Bug 1653] [IcedTea7] Support ppc64le via Zero
In-Reply-To: <bug-1653-30@http.icedtea.classpath.org/bugzilla/>
References: <bug-1653-30@http.icedtea.classpath.org/bugzilla/>
Message-ID: <bug-1653-30-1mTBFHk82J@http.icedtea.classpath.org/bugzilla/>

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1653

--- Comment #10 from hg commits <mercurial at icedtea.classpath.org> ---
details:
http://icedtea.classpath.org//hg/release/icedtea7-forest-2.3/corba?cmd=changeset;node=b181263f727f
author: andrew
date: Thu Jan 23 22:40:30 2014 +0000

    PR1653: Support ppc64le via Zero

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140321/accf6421/attachment.html>

From bugzilla-daemon at icedtea.classpath.org  Fri Mar 21 19:39:02 2014
From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org)
Date: Fri, 21 Mar 2014 19:39:02 +0000
Subject: [Bug 1654] [IcedTea7] ppc32 needs a larger ThreadStackSize to build
In-Reply-To: <bug-1654-30@http.icedtea.classpath.org/bugzilla/>
References: <bug-1654-30@http.icedtea.classpath.org/bugzilla/>
Message-ID: <bug-1654-30-ywBnWwL1Jw@http.icedtea.classpath.org/bugzilla/>

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1654

--- Comment #8 from hg commits <mercurial at icedtea.classpath.org> ---
details:
http://icedtea.classpath.org//hg/release/icedtea7-forest-2.3/corba?cmd=changeset;node=c7d0b72f704f
author: andrew
date: Thu Jan 23 23:19:18 2014 +0000

    PR1654: ppc32 needs a larger ThreadStackSize to build

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140321/e368a0bb/attachment-0001.html>

From andrew at icedtea.classpath.org  Fri Mar 21 19:39:09 2014
From: andrew at icedtea.classpath.org (andrew at icedtea.classpath.org)
Date: Fri, 21 Mar 2014 19:39:09 +0000
Subject: /hg/release/icedtea7-forest-2.3/jaxp: 2 new changesets
Message-ID: <hg.87860ab06231.1395430749.-8576357044606977631@icedtea.classpath.org>

changeset 87860ab06231 in /hg/release/icedtea7-forest-2.3/jaxp
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jaxp?cmd=changeset;node=87860ab06231
author: coffeys
date: Fri Mar 21 18:33:01 2014 +0000

	8028111: XML readers share the same entity expansion counter
	Reviewed-by: joehw, robm


changeset 0eb202593710 in /hg/release/icedtea7-forest-2.3/jaxp
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jaxp?cmd=changeset;node=0eb202593710
author: coffeys
date: Fri Mar 21 19:37:44 2014 +0000

	8029038: Revise fix for XML readers share the same entity expansion counter
	Reviewed-by: joehw, mbankal


diffstat:

 src/com/sun/org/apache/xerces/internal/impl/XMLDTDScannerImpl.java              |  24 ++-
 src/com/sun/org/apache/xerces/internal/impl/XMLDocumentFragmentScannerImpl.java |  80 ++++-----
 src/com/sun/org/apache/xerces/internal/impl/XMLDocumentScannerImpl.java         |   2 +
 src/com/sun/org/apache/xerces/internal/impl/XMLEntityManager.java               |  14 +-
 src/com/sun/org/apache/xerces/internal/impl/XMLNSDocumentScannerImpl.java       |   2 +-
 src/com/sun/org/apache/xerces/internal/utils/XMLLimitAnalyzer.java              |   6 +-
 src/com/sun/org/apache/xerces/internal/utils/XMLSecurityManager.java            |  45 +---
 src/com/sun/org/apache/xerces/internal/xni/parser/XMLDTDScanner.java            |   2 +
 8 files changed, 82 insertions(+), 93 deletions(-)

diffs (446 lines):

diff -r 691a5e0c657f -r 0eb202593710 src/com/sun/org/apache/xerces/internal/impl/XMLDTDScannerImpl.java
--- a/src/com/sun/org/apache/xerces/internal/impl/XMLDTDScannerImpl.java	Tue Jan 14 20:24:45 2014 -0500
+++ b/src/com/sun/org/apache/xerces/internal/impl/XMLDTDScannerImpl.java	Fri Mar 21 19:37:44 2014 +0000
@@ -44,6 +44,7 @@
 import com.sun.org.apache.xerces.internal.impl.XMLErrorReporter;
 import com.sun.org.apache.xerces.internal.impl.XMLEntityHandler;
 import com.sun.org.apache.xerces.internal.impl.Constants;
+import com.sun.org.apache.xerces.internal.utils.XMLLimitAnalyzer;
 import com.sun.org.apache.xerces.internal.utils.XMLSecurityManager;
 import com.sun.xml.internal.stream.Entity;
 
@@ -262,6 +263,11 @@
         fEntityManager.startDTDEntity(inputSource);
     } // setInputSource(XMLInputSource)
 
+
+    public void setLimitAnalyzer(XMLLimitAnalyzer limitAnalyzer) {
+        fLimitAnalyzer = limitAnalyzer;
+    }
+
     /**
      * Scans the external subset of the document.
      *
@@ -1625,10 +1631,10 @@
         XMLString literal = fString;
         XMLString literal2 = fString;
         int countChar = 0;
-        if (fLimitAnalyzer == null && fSecurityManager != null) {
-            fLimitAnalyzer = fSecurityManager.getLimitAnalyzer();
+        if (fLimitAnalyzer == null ) {
+            fLimitAnalyzer = new XMLLimitAnalyzer();
+         }
             fLimitAnalyzer.startEntity(entityName);
-        }
 
         if (fEntityScanner.scanLiteral(quote, fString) != quote) {
             fStringBuffer.clear();
@@ -2145,6 +2151,8 @@
         // set starting state
         setScannerState(SCANNER_STATE_TEXT_DECL);
         //new SymbolTable());
+
+        fLimitAnalyzer = new XMLLimitAnalyzer();
     }
 
     /**
@@ -2164,18 +2172,18 @@
      */
     private void checkLimit(String entityName, int len) {
         if (fLimitAnalyzer == null) {
-            fLimitAnalyzer = fSecurityManager.getLimitAnalyzer();
+            fLimitAnalyzer = new XMLLimitAnalyzer();
         }
         fLimitAnalyzer.addValue(XMLSecurityManager.Limit.PARAMETER_ENTITY_SIZE_LIMIT, entityName, len);
-        if (fSecurityManager.isOverLimit(XMLSecurityManager.Limit.PARAMETER_ENTITY_SIZE_LIMIT)) {
-                    fSecurityManager.debugPrint();
+        if (fSecurityManager.isOverLimit(XMLSecurityManager.Limit.PARAMETER_ENTITY_SIZE_LIMIT, fLimitAnalyzer)) {
+                    fSecurityManager.debugPrint(fLimitAnalyzer);
             reportFatalError("MaxEntitySizeLimit", new Object[]{entityName,
                 fLimitAnalyzer.getValue(XMLSecurityManager.Limit.PARAMETER_ENTITY_SIZE_LIMIT),
                 fSecurityManager.getLimit(XMLSecurityManager.Limit.PARAMETER_ENTITY_SIZE_LIMIT),
                 fSecurityManager.getStateLiteral(XMLSecurityManager.Limit.PARAMETER_ENTITY_SIZE_LIMIT)});
         }
-        if (fSecurityManager.isOverLimit(XMLSecurityManager.Limit.TOTAL_ENTITY_SIZE_LIMIT)) {
-            fSecurityManager.debugPrint();
+        if (fSecurityManager.isOverLimit(XMLSecurityManager.Limit.TOTAL_ENTITY_SIZE_LIMIT, fLimitAnalyzer)) {
+            fSecurityManager.debugPrint(fLimitAnalyzer);
             reportFatalError("TotalEntitySizeLimit",
                 new Object[]{fLimitAnalyzer.getTotalValue(XMLSecurityManager.Limit.TOTAL_ENTITY_SIZE_LIMIT),
                 fSecurityManager.getLimit(XMLSecurityManager.Limit.TOTAL_ENTITY_SIZE_LIMIT),
diff -r 691a5e0c657f -r 0eb202593710 src/com/sun/org/apache/xerces/internal/impl/XMLDocumentFragmentScannerImpl.java
--- a/src/com/sun/org/apache/xerces/internal/impl/XMLDocumentFragmentScannerImpl.java	Tue Jan 14 20:24:45 2014 -0500
+++ b/src/com/sun/org/apache/xerces/internal/impl/XMLDocumentFragmentScannerImpl.java	Fri Mar 21 19:37:44 2014 +0000
@@ -550,32 +550,13 @@
 
         // xerces features
         fReportCdataEvent = componentManager.getFeature(Constants.STAX_REPORT_CDATA_EVENT, true);
-
         fSecurityManager = (XMLSecurityManager)componentManager.getProperty(Constants.SECURITY_MANAGER, null);
-        fLimitAnalyzer = fSecurityManager.getLimitAnalyzer();
-
-        fElementAttributeLimit = (fSecurityManager != null)?
-                fSecurityManager.getLimit(XMLSecurityManager.Limit.ELEMENT_ATTRIBUTE_LIMIT):0;
-
         fNotifyBuiltInRefs = componentManager.getFeature(NOTIFY_BUILTIN_REFS, false);
 
         Object resolver = componentManager.getProperty(ENTITY_RESOLVER, null);
         fExternalSubsetResolver = (resolver instanceof ExternalSubsetResolver) ?
                 (ExternalSubsetResolver) resolver : null;
 
-        // initialize vars
-        fMarkupDepth = 0;
-        fCurrentElement = null;
-        fElementStack.clear();
-        fHasExternalDTD = false;
-        fStandaloneSet = false;
-        fStandalone = false;
-        fInScanContent = false;
-        //skipping algorithm
-        fShouldSkip = false;
-        fAdd = false;
-        fSkip = false;
-
         //attribute
         fReadingAttributes = false;
         //xxx: external entities are supported in Xerces
@@ -587,11 +568,9 @@
         // setup Driver
         setScannerState(SCANNER_STATE_CONTENT);
         setDriver(fContentDriver);
-        fEntityStore = fEntityManager.getEntityStore();
-
-        dtdGrammarUtil = null;
-
-
+
+
+        resetCommon();
         //fEntityManager.test();
     } // reset(XMLComponentManager)
 
@@ -605,17 +584,7 @@
         fNamespaces = ((Boolean)propertyManager.getProperty(XMLInputFactory.IS_NAMESPACE_AWARE)).booleanValue();
         fNotifyBuiltInRefs = false ;
 
-        // initialize vars
-        fMarkupDepth = 0;
-        fCurrentElement = null;
-        fShouldSkip = false;
-        fAdd = false;
-        fSkip = false;
-        fElementStack.clear();
         //fElementStack2.clear();
-        fHasExternalDTD = false;
-        fStandaloneSet = false;
-        fStandalone = false;
         //fReplaceEntityReferences = true;
         //fSupportExternalEntities = true;
         Boolean bo = (Boolean)propertyManager.getProperty(XMLInputFactoryImpl.IS_REPLACING_ENTITY_REFERENCES);
@@ -636,14 +605,37 @@
         //we dont need to do this -- nb.
         //setScannerState(SCANNER_STATE_CONTENT);
         //setDriver(fContentDriver);
+        //fEntityManager.test();
+
+        fSecurityManager = (XMLSecurityManager)propertyManager.getProperty(Constants.SECURITY_MANAGER);
+        resetCommon();
+    } // reset(XMLComponentManager)
+
+    void resetCommon() {
+        // initialize vars
+        fMarkupDepth = 0;
+        fCurrentElement = null;
+        fElementStack.clear();
+        fHasExternalDTD = false;
+        fStandaloneSet = false;
+        fStandalone = false;
+        fInScanContent = false;
+        //skipping algorithm
+        fShouldSkip = false;
+        fAdd = false;
+        fSkip = false;
+
         fEntityStore = fEntityManager.getEntityStore();
-        //fEntityManager.test();
-
         dtdGrammarUtil = null;
 
-        fSecurityManager = (XMLSecurityManager)propertyManager.getProperty(Constants.SECURITY_MANAGER);
-        fLimitAnalyzer = fSecurityManager.getLimitAnalyzer();
-    } // reset(XMLComponentManager)
+        if (fSecurityManager != null) {
+            fElementAttributeLimit = fSecurityManager.getLimit(XMLSecurityManager.Limit.ELEMENT_ATTRIBUTE_LIMIT);
+        } else {
+            fElementAttributeLimit = 0;
+        }
+        fLimitAnalyzer = new XMLLimitAnalyzer();
+        fEntityManager.setLimitAnalyzer(fLimitAnalyzer);
+    }
 
     /**
      * Returns a list of feature identifiers that are recognized by
@@ -1289,7 +1281,7 @@
                         fAttributes.getLength() > fElementAttributeLimit){
                     fErrorReporter.reportError(XMLMessageFormatter.XML_DOMAIN,
                                                  "ElementAttributeLimit",
-                                                 new Object[]{rawname, new Integer(fAttributes.getLength()) },
+                                                 new Object[]{rawname, fElementAttributeLimit },
                                                  XMLErrorReporter.SEVERITY_FATAL_ERROR );
                 }
 
@@ -3110,15 +3102,15 @@
         protected void checkLimit(XMLStringBuffer buffer) {
             if (fLimitAnalyzer.isTracking(fCurrentEntityName)) {
                 fLimitAnalyzer.addValue(Limit.GENEAL_ENTITY_SIZE_LIMIT, fCurrentEntityName, buffer.length);
-                if (fSecurityManager.isOverLimit(Limit.GENEAL_ENTITY_SIZE_LIMIT)) {
-                    fSecurityManager.debugPrint();
+                if (fSecurityManager.isOverLimit(Limit.GENEAL_ENTITY_SIZE_LIMIT, fLimitAnalyzer)) {
+                    fSecurityManager.debugPrint(fLimitAnalyzer);
                     reportFatalError("MaxEntitySizeLimit", new Object[]{fCurrentEntityName,
                         fLimitAnalyzer.getValue(Limit.GENEAL_ENTITY_SIZE_LIMIT),
                         fSecurityManager.getLimit(Limit.GENEAL_ENTITY_SIZE_LIMIT),
                         fSecurityManager.getStateLiteral(Limit.GENEAL_ENTITY_SIZE_LIMIT)});
                 }
-                if (fSecurityManager.isOverLimit(Limit.TOTAL_ENTITY_SIZE_LIMIT)) {
-                    fSecurityManager.debugPrint();
+                if (fSecurityManager.isOverLimit(Limit.TOTAL_ENTITY_SIZE_LIMIT, fLimitAnalyzer)) {
+                    fSecurityManager.debugPrint(fLimitAnalyzer);
                     reportFatalError("TotalEntitySizeLimit",
                         new Object[]{fLimitAnalyzer.getTotalValue(Limit.TOTAL_ENTITY_SIZE_LIMIT),
                         fSecurityManager.getLimit(Limit.TOTAL_ENTITY_SIZE_LIMIT),
diff -r 691a5e0c657f -r 0eb202593710 src/com/sun/org/apache/xerces/internal/impl/XMLDocumentScannerImpl.java
--- a/src/com/sun/org/apache/xerces/internal/impl/XMLDocumentScannerImpl.java	Tue Jan 14 20:24:45 2014 -0500
+++ b/src/com/sun/org/apache/xerces/internal/impl/XMLDocumentScannerImpl.java	Fri Mar 21 19:37:44 2014 +0000
@@ -1089,6 +1089,8 @@
 
                     ((XMLDTDScannerImpl)fDTDScanner).reset(fPropertyManager);
                 }
+
+                fDTDScanner.setLimitAnalyzer(fLimitAnalyzer);
                 do {
                     again = false;
                     switch (fScannerState) {
diff -r 691a5e0c657f -r 0eb202593710 src/com/sun/org/apache/xerces/internal/impl/XMLEntityManager.java
--- a/src/com/sun/org/apache/xerces/internal/impl/XMLEntityManager.java	Tue Jan 14 20:24:45 2014 -0500
+++ b/src/com/sun/org/apache/xerces/internal/impl/XMLEntityManager.java	Fri Mar 21 19:37:44 2014 +0000
@@ -1281,8 +1281,8 @@
         if(fLimitAnalyzer != null) {
            fLimitAnalyzer.addValue(entityExpansionIndex, name, 1);
         }
-        if( fSecurityManager != null && fSecurityManager.isOverLimit(entityExpansionIndex)){
-            fSecurityManager.debugPrint();
+        if( fSecurityManager != null && fSecurityManager.isOverLimit(entityExpansionIndex, fLimitAnalyzer)){
+            fSecurityManager.debugPrint(fLimitAnalyzer);
             fErrorReporter.reportError(XMLMessageFormatter.XML_DOMAIN,"EntityExpansionLimitExceeded",
                     new Object[]{fSecurityManager.getLimitValueByIndex(entityExpansionIndex)},
                                              XMLErrorReporter.SEVERITY_FATAL_ERROR );
@@ -1351,7 +1351,7 @@
                 if (fLimitAnalyzer != null) {
                     fLimitAnalyzer.endEntity(XMLSecurityManager.Limit.GENEAL_ENTITY_SIZE_LIMIT, fCurrentEntity.name);
                     if (fCurrentEntity.name.equals("[xml]")) {
-                        fSecurityManager.debugPrint();
+                        fSecurityManager.debugPrint(fLimitAnalyzer);
                     }
                 }
                 fCurrentEntity.close();
@@ -1413,7 +1413,6 @@
         }
 
         fSecurityManager = (XMLSecurityManager)propertyManager.getProperty(SECURITY_MANAGER);
-        fLimitAnalyzer = fSecurityManager.getLimitAnalyzer();
 
         // initialize state
         //fStandalone = false;
@@ -1476,7 +1475,6 @@
         fStaxEntityResolver = (StaxEntityResolverWrapper)componentManager.getProperty(STAX_ENTITY_RESOLVER, null);
         fValidationManager = (ValidationManager)componentManager.getProperty(VALIDATION_MANAGER, null);
         fSecurityManager = (XMLSecurityManager)componentManager.getProperty(SECURITY_MANAGER, null);
-        fLimitAnalyzer = fSecurityManager.getLimitAnalyzer();
         entityExpansionIndex = fSecurityManager.getIndex(Constants.JDK_ENTITY_EXPANSION_LIMIT);
 
         //reset general state
@@ -1622,12 +1620,16 @@
             if (suffixLength == Constants.SECURITY_MANAGER_PROPERTY.length() &&
                 propertyId.endsWith(Constants.SECURITY_MANAGER_PROPERTY)) {
                 fSecurityManager = (XMLSecurityManager)value;
-                fLimitAnalyzer = fSecurityManager.getLimitAnalyzer();
 
             }
         }
 
     }
+
+    public void setLimitAnalyzer(XMLLimitAnalyzer fLimitAnalyzer) {
+        this.fLimitAnalyzer = fLimitAnalyzer;
+    }
+
     /**
      * Returns a list of property identifiers that are recognized by
      * this component. This method may return null if no properties
diff -r 691a5e0c657f -r 0eb202593710 src/com/sun/org/apache/xerces/internal/impl/XMLNSDocumentScannerImpl.java
--- a/src/com/sun/org/apache/xerces/internal/impl/XMLNSDocumentScannerImpl.java	Tue Jan 14 20:24:45 2014 -0500
+++ b/src/com/sun/org/apache/xerces/internal/impl/XMLNSDocumentScannerImpl.java	Fri Mar 21 19:37:44 2014 +0000
@@ -256,7 +256,7 @@
                         fAttributes.getLength() > fElementAttributeLimit){
                     fErrorReporter.reportError(XMLMessageFormatter.XML_DOMAIN,
                                                  "ElementAttributeLimit",
-                                                 new Object[]{rawname, new Integer(fAttributes.getLength()) },
+                                                 new Object[]{rawname, fElementAttributeLimit },
                                                  XMLErrorReporter.SEVERITY_FATAL_ERROR );
                 }
 
diff -r 691a5e0c657f -r 0eb202593710 src/com/sun/org/apache/xerces/internal/utils/XMLLimitAnalyzer.java
--- a/src/com/sun/org/apache/xerces/internal/utils/XMLLimitAnalyzer.java	Tue Jan 14 20:24:45 2014 -0500
+++ b/src/com/sun/org/apache/xerces/internal/utils/XMLLimitAnalyzer.java	Fri Mar 21 19:37:44 2014 +0000
@@ -77,7 +77,6 @@
         }
     }
 
-    private XMLSecurityManager securityManager;
     /**
      * Max value accumulated for each property
      */
@@ -101,8 +100,7 @@
      * Default constructor. Establishes default values for known security
      * vulnerabilities.
      */
-    public XMLLimitAnalyzer(XMLSecurityManager securityManager) {
-        this.securityManager = securityManager;
+    public XMLLimitAnalyzer() {
         values = new int[Limit.values().length];
         totalValue = new int[Limit.values().length];
         names = new String[Limit.values().length];
@@ -221,7 +219,7 @@
         }
     }
 
-    public void debugPrint() {
+    public void debugPrint(XMLSecurityManager securityManager) {
         Formatter formatter = new Formatter();
         System.out.println(formatter.format("%30s %15s %15s %15s %30s",
                 "Property","Limit","Total size","Size","Entity Name"));
diff -r 691a5e0c657f -r 0eb202593710 src/com/sun/org/apache/xerces/internal/utils/XMLSecurityManager.java
--- a/src/com/sun/org/apache/xerces/internal/utils/XMLSecurityManager.java	Tue Jan 14 20:24:45 2014 -0500
+++ b/src/com/sun/org/apache/xerces/internal/utils/XMLSecurityManager.java	Fri Mar 21 19:37:44 2014 +0000
@@ -148,7 +148,6 @@
     private boolean[] isSet;
 
 
-    private XMLLimitAnalyzer limitAnalyzer;
     /**
      * Index of the special entityCountInfo property
      */
@@ -169,7 +168,6 @@
      * @param secureProcessing
      */
     public XMLSecurityManager(boolean secureProcessing) {
-        limitAnalyzer = new XMLLimitAnalyzer(this);
         values = new int[Limit.values().length];
         states = new State[Limit.values().length];
         isSet = new boolean[Limit.values().length];
@@ -249,13 +247,15 @@
         if (index == indexEntityCountInfo) {
             printEntityCountInfo = (String)value;
         } else {
-            int temp = 0;
-            try {
+            int temp;
+            if (Integer.class.isAssignableFrom(value.getClass())) {
+                temp = ((Integer)value).intValue();
+            } else {
                 temp = Integer.parseInt((String) value);
                 if (temp < 0) {
                     temp = 0;
                 }
-            } catch (NumberFormatException e) {}
+            }
             setLimit(index, state, temp);
         }
     }
@@ -387,8 +387,9 @@
      * @param size the size (count or length) of the entity
      * @return true if the size is over the limit, false otherwise
      */
-    public boolean isOverLimit(Limit limit, String entityName, int size) {
-        return isOverLimit(limit.ordinal(), entityName, size);
+    public boolean isOverLimit(Limit limit, String entityName, int size,
+            XMLLimitAnalyzer limitAnalyzer) {
+        return isOverLimit(limit.ordinal(), entityName, size, limitAnalyzer);
     }
 
     /**
@@ -400,7 +401,8 @@
      * @param size the size (count or length) of the entity
      * @return true if the size is over the limit, false otherwise
      */
-    public boolean isOverLimit(int index, String entityName, int size) {
+    public boolean isOverLimit(int index, String entityName, int size,
+            XMLLimitAnalyzer limitAnalyzer) {
         if (values[index] == NO_LIMIT) {
             return false;
         }
@@ -418,11 +420,11 @@
      * @param size the size (count or length) of the entity
      * @return true if the size is over the limit, false otherwise
      */
-    public boolean isOverLimit(Limit limit) {
-        return isOverLimit(limit.ordinal());
+    public boolean isOverLimit(Limit limit, XMLLimitAnalyzer limitAnalyzer) {
+        return isOverLimit(limit.ordinal(), limitAnalyzer);
     }
 
-    public boolean isOverLimit(int index) {
+    public boolean isOverLimit(int index, XMLLimitAnalyzer limitAnalyzer) {
         if (values[index] == NO_LIMIT) {
             return false;
         }
@@ -436,29 +438,12 @@
         }
     }
 
-    public void debugPrint() {
+    public void debugPrint(XMLLimitAnalyzer limitAnalyzer) {
         if (printEntityCountInfo.equals(Constants.JDK_YES)) {
-            limitAnalyzer.debugPrint();
+            limitAnalyzer.debugPrint(this);
         }
     }
 
-    /**
-     * Return the limit analyzer
-     *
-     * @return the limit analyzer
-     */
-    public XMLLimitAnalyzer getLimitAnalyzer() {
-        return limitAnalyzer;
-    }
-
-    /**
-     * Set limit analyzer
-     *
-     * @param analyzer a limit analyzer
-     */
-    public void setLimitAnalyzer(XMLLimitAnalyzer analyzer) {
-        limitAnalyzer = analyzer;
-    }
 
     /**
      * Indicate if a property is set explicitly
diff -r 691a5e0c657f -r 0eb202593710 src/com/sun/org/apache/xerces/internal/xni/parser/XMLDTDScanner.java
--- a/src/com/sun/org/apache/xerces/internal/xni/parser/XMLDTDScanner.java	Tue Jan 14 20:24:45 2014 -0500
+++ b/src/com/sun/org/apache/xerces/internal/xni/parser/XMLDTDScanner.java	Fri Mar 21 19:37:44 2014 +0000
@@ -20,6 +20,7 @@
 
 package com.sun.org.apache.xerces.internal.xni.parser;
 
+import com.sun.org.apache.xerces.internal.utils.XMLLimitAnalyzer;
 import java.io.IOException;
 import com.sun.org.apache.xerces.internal.xni.XNIException;
 
@@ -95,4 +96,5 @@
     public boolean scanDTDExternalSubset(boolean complete)
         throws IOException, XNIException;
 
+    public void setLimitAnalyzer(XMLLimitAnalyzer limitAnalyzer);
 } // interface XMLDTDScanner

From andrew at icedtea.classpath.org  Fri Mar 21 19:39:16 2014
From: andrew at icedtea.classpath.org (andrew at icedtea.classpath.org)
Date: Fri, 21 Mar 2014 19:39:16 +0000
Subject: /hg/release/icedtea7-forest-2.3/jaxws: 3 new changesets
Message-ID: <hg.cd3d3cf45c6e.1395430756.6608279449221239120@icedtea.classpath.org>

changeset cd3d3cf45c6e in /hg/release/icedtea7-forest-2.3/jaxws
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jaxws?cmd=changeset;node=cd3d3cf45c6e
author: mkos
date: Fri Nov 08 20:15:52 2013 +0100

	8027224: test regression - ClassNotFoundException
	Summary: test regression; fix also reviewed by Filipp Zkinkin, Iaroslav Savytskyi, Alexander Fomin
	Reviewed-by: mgrebac


changeset 7d297f4939bf in /hg/release/icedtea7-forest-2.3/jaxws
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jaxws?cmd=changeset;node=7d297f4939bf
author: mkos
date: Thu Mar 20 16:23:27 2014 +0000

	8027378: Two closed/javax/xml/8005432 fails with jdk7u51b04
	Summary: test regression; fix also reviewed by Maxim Soloviev, Alexander Fomin
	Reviewed-by: mgrebac


changeset 482a3f64a8ea in /hg/release/icedtea7-forest-2.3/jaxws
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jaxws?cmd=changeset;node=482a3f64a8ea
author: mkos
date: Thu Nov 21 11:15:32 2013 +0100

	8028382: Two javax/xml/8005433 tests still fail after the fix JDK-8028147
	Summary: test regression; fix also reviewed by Iaroslav Savytskyi, Alexander Fomin
	Reviewed-by: mchung


diffstat:

 src/share/jaxws_classes/com/sun/xml/internal/bind/v2/model/nav/ReflectionNavigator.java |  28 +-----
 src/share/jaxws_classes/com/sun/xml/internal/ws/fault/SOAPFaultBuilder.java             |  46 ++++++++-
 2 files changed, 42 insertions(+), 32 deletions(-)

diffs (150 lines):

diff -r 1067e01a4e0e -r 482a3f64a8ea src/share/jaxws_classes/com/sun/xml/internal/bind/v2/model/nav/ReflectionNavigator.java
--- a/src/share/jaxws_classes/com/sun/xml/internal/bind/v2/model/nav/ReflectionNavigator.java	Tue Jan 14 20:24:45 2014 -0500
+++ b/src/share/jaxws_classes/com/sun/xml/internal/bind/v2/model/nav/ReflectionNavigator.java	Thu Nov 21 11:15:32 2013 +0100
@@ -58,7 +58,6 @@
 //  ---------------------------------------
 
     public Class getSuperClass(Class clazz) {
-        checkPackageAccess(clazz.getName());
         if (clazz == Object.class) {
             return null;
         }
@@ -266,12 +265,10 @@
     }
 
     public Collection<? extends Field> getDeclaredFields(Class clazz) {
-        checkPackageAccess(clazz.getName());
         return Arrays.asList(clazz.getDeclaredFields());
     }
 
     public Field getDeclaredField(Class clazz, String fieldName) {
-        checkPackageAccess(clazz.getName());
         try {
             return clazz.getDeclaredField(fieldName);
         } catch (NoSuchFieldException e) {
@@ -280,7 +277,6 @@
     }
 
     public Collection<? extends Method> getDeclaredMethods(Class clazz) {
-        checkPackageAccess(clazz.getName());
         return Arrays.asList(clazz.getDeclaredMethods());
     }
 
@@ -525,7 +521,6 @@
     }
 
     public Field[] getEnumConstants(Class clazz) {
-        checkPackageAccess(clazz.getName());
         try {
             Object[] values = clazz.getEnumConstants();
             Field[] fields = new Field[values.length];
@@ -556,7 +551,6 @@
     @Override
     public Class loadObjectFactory(Class referencePoint, String pkg) {
         String clName = pkg + ".ObjectFactory";
-        checkPackageAccess(clName);
         ClassLoader cl = referencePoint.getClassLoader();
         if (cl == null)
             cl = ClassLoader.getSystemClassLoader();
@@ -581,7 +575,7 @@
         // class Base<T> {
         //   T getX() { ... }
         // }
-        // to be overrided. Handling this correctly needs a careful implementation
+        // to be overriden. Handling this correctly needs a careful implementation
 
         String name = method.getName();
         Class[] params = method.getParameterTypes();
@@ -632,24 +626,4 @@
 
         return t;
     }
-
-    /**
-     * Checking if current thread can access class.
-     *
-     * @param clName name of the class to be checked
-     * @throws SecurityException is thrown if thread doesn't have privileges
-     */
-     static void  checkPackageAccess(String clName) {
-        SecurityManager sm = System.getSecurityManager();
-        if (sm == null)
-            return;
-        if (clName.startsWith("[")) { // array
-            int nameStart = clName.lastIndexOf('[') + 2;
-            if (nameStart > 1 && nameStart < clName.length())
-                clName = clName.substring(nameStart);
-        }
-        int packageEnd = clName.lastIndexOf('.');
-        if (packageEnd != -1)
-            sm.checkPackageAccess(clName.substring(0, packageEnd));
-    }
 }
diff -r 1067e01a4e0e -r 482a3f64a8ea src/share/jaxws_classes/com/sun/xml/internal/ws/fault/SOAPFaultBuilder.java
--- a/src/share/jaxws_classes/com/sun/xml/internal/ws/fault/SOAPFaultBuilder.java	Tue Jan 14 20:24:45 2014 -0500
+++ b/src/share/jaxws_classes/com/sun/xml/internal/ws/fault/SOAPFaultBuilder.java	Thu Nov 21 11:15:32 2013 +0100
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -59,6 +59,12 @@
 import java.lang.reflect.Constructor;
 import java.lang.reflect.Field;
 import java.lang.reflect.Method;
+import java.lang.reflect.ReflectPermission;
+import java.security.AccessControlContext;
+import java.security.AccessController;
+import java.security.Permissions;
+import java.security.PrivilegedAction;
+import java.security.ProtectionDomain;
 import java.util.Iterator;
 import java.util.Map;
 import java.util.logging.Level;
@@ -546,10 +552,40 @@
             // ignore
         }
 
-        try {
-            JAXB_CONTEXT = (JAXBRIContext)JAXBContext.newInstance(SOAP11Fault.class, SOAP12Fault.class);
-        } catch (JAXBException e) {
-            throw new Error(e); // this must be a bug in our code
+        JAXB_CONTEXT = createJAXBContext();
+    }
+
+    private static JAXBRIContext createJAXBContext() {
+
+        // in jdk runtime doPrivileged is necessary since JAX-WS internal classes are in restricted packages
+        if (isJDKRuntime()) {
+            Permissions permissions = new Permissions();
+            permissions.add(new RuntimePermission("accessClassInPackage.com.sun." + "xml.internal.ws.fault"));
+            permissions.add(new ReflectPermission("suppressAccessChecks"));
+            return AccessController.doPrivileged(
+                    new PrivilegedAction<JAXBRIContext>() {
+                        @Override
+                        public JAXBRIContext run() {
+                            try {
+                                return (JAXBRIContext) JAXBContext.newInstance(SOAP11Fault.class, SOAP12Fault.class);
+                            } catch (JAXBException e) {
+                                throw new Error(e);
+                            }
+                        }
+                    },
+                    new AccessControlContext(new ProtectionDomain[]{new ProtectionDomain(null, permissions)})
+            );
+
+        } else {
+            try {
+                return (JAXBRIContext) JAXBContext.newInstance(SOAP11Fault.class, SOAP12Fault.class);
+            } catch (JAXBException e) {
+                throw new Error(e);
+            }
         }
     }
+
+    private static boolean isJDKRuntime() {
+        return SOAPFaultBuilder.class.getName().contains("internal");
+    }
 }

From andrew at icedtea.classpath.org  Fri Mar 21 19:39:28 2014
From: andrew at icedtea.classpath.org (andrew at icedtea.classpath.org)
Date: Fri, 21 Mar 2014 19:39:28 +0000
Subject: /hg/release/icedtea7-forest-2.3/hotspot: 8 new changesets
Message-ID: <hg.3f0dff7a9cf5.1395430768.4308599361692689988@icedtea.classpath.org>

changeset 3f0dff7a9cf5 in /hg/release/icedtea7-forest-2.3/hotspot
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/hotspot?cmd=changeset;node=3f0dff7a9cf5
author: iveresov
date: Mon Mar 12 13:12:07 2012 -0700

	7151089: PS NUMA: NUMA allocator should not attempt to free pages when using SHM large pages
	Summary: Don't attempt to uncommit SHM-based large pages
	Reviewed-by: kvn


changeset cbdd11a54b82 in /hg/release/icedtea7-forest-2.3/hotspot
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/hotspot?cmd=changeset;node=cbdd11a54b82
author: dcubed
date: Mon Mar 10 18:09:45 2014 +0000

	8013057: assert(_needs_gc || SafepointSynchronize::is_at_safepoint()) failed: only read at safepoint
	Summary: Detect mmap() commit failures in Linux and Solaris os::commit_memory() impls and call vm_exit_out_of_memory(). Add os::commit_memory_or_exit(). Also tidy up some NMT accounting and some mmap() return value checking.
	Reviewed-by: zgu, stefank, dholmes, dsamersoff


changeset 24391b7e49b5 in /hg/release/icedtea7-forest-2.3/hotspot
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/hotspot?cmd=changeset;node=24391b7e49b5
author: aeriksso
date: Mon Mar 10 18:48:19 2014 +0000

	8026887: Make issues due to failed large pages allocations easier to debug
	Reviewed-by: stefank, mcastegr, poonam


changeset 3b188862d691 in /hg/release/icedtea7-forest-2.3/hotspot
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/hotspot?cmd=changeset;node=3b188862d691
author: andrew
date: Wed Feb 19 21:08:04 2014 +0000

	PR1679: Allow OpenJDK to build on PaX-enabled kernels


changeset 99ed2a7d2f87 in /hg/release/icedtea7-forest-2.3/hotspot
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/hotspot?cmd=changeset;node=99ed2a7d2f87
author: dsamersoff
date: Mon Mar 10 22:26:05 2014 +0000

	8009062: poor performance of JNI AttachCurrentThread after fix for 7017193
	Summary: don't re-evaluate stack bounds for main thread before install guard page
	Reviewed-by: coleenp, dholmes, dlong


changeset adf1821ed249 in /hg/release/icedtea7-forest-2.3/hotspot
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/hotspot?cmd=changeset;node=adf1821ed249
author: chrisphi
date: Fri Mar 14 16:53:01 2014 +0000

	Allow ARM32 JIT to be disabled


changeset fba9303068df in /hg/release/icedtea7-forest-2.3/hotspot
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/hotspot?cmd=changeset;node=fba9303068df
author: andrew
date: Thu Jan 23 22:41:21 2014 +0000

	PR1653: Support ppc64le via Zero


changeset 383082077d46 in /hg/release/icedtea7-forest-2.3/hotspot
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/hotspot?cmd=changeset;node=383082077d46
author: andrew
date: Fri Jan 31 21:14:06 2014 +0000

	RH1015432: java-1.7.0-openjdk: Fails on PPC with StackOverflowError (revised fix)
	Contributed-by: chphilli at redhat.com


diffstat:

 make/linux/makefiles/buildtree.make                                    |    4 +
 make/linux/makefiles/zeroshark.make                                    |    4 +-
 src/os/bsd/vm/os_bsd.cpp                                               |   43 +-
 src/os/bsd/vm/perfMemory_bsd.cpp                                       |    4 +-
 src/os/linux/vm/os_linux.cpp                                           |  265 +++++++--
 src/os/linux/vm/os_linux.hpp                                           |    8 +-
 src/os/linux/vm/perfMemory_linux.cpp                                   |    4 +-
 src/os/solaris/vm/os_solaris.cpp                                       |  101 +++-
 src/os/solaris/vm/os_solaris.hpp                                       |    5 +-
 src/os/solaris/vm/perfMemory_solaris.cpp                               |    4 +-
 src/os/windows/vm/os_windows.cpp                                       |   57 +-
 src/os/windows/vm/perfMemory_windows.cpp                               |    4 +-
 src/os_cpu/linux_zero/vm/globals_linux_zero.hpp                        |    6 +-
 src/os_cpu/linux_zero/vm/os_linux_zero.cpp                             |   10 +-
 src/share/vm/gc_implementation/parallelScavenge/cardTableExtension.cpp |   10 +-
 src/share/vm/gc_implementation/parallelScavenge/psVirtualspace.cpp     |   12 +-
 src/share/vm/memory/cardTableModRefBS.cpp                              |   17 +-
 src/share/vm/runtime/os.cpp                                            |   39 +-
 src/share/vm/runtime/os.hpp                                            |   22 +-
 src/share/vm/runtime/virtualspace.cpp                                  |   17 +-
 src/share/vm/utilities/vmError.cpp                                     |   12 +
 21 files changed, 471 insertions(+), 177 deletions(-)

diffs (truncated from 1188 to 500 lines):

diff -r 3442eb7ef2d2 -r 383082077d46 make/linux/makefiles/buildtree.make
--- a/make/linux/makefiles/buildtree.make	Tue Jan 14 20:24:44 2014 -0500
+++ b/make/linux/makefiles/buildtree.make	Fri Jan 31 21:14:06 2014 +0000
@@ -435,6 +435,10 @@
 	echo "  GAMMA_PROG=gamma_g"; \
 	echo "fi"; \
 	echo ""; \
+	echo "if [ -x \"$(PAX_COMMAND)\" ]; then "; \
+	echo "  $(PAX_COMMAND) $(PAX_COMMAND_ARGS) ./\$${GAMMA_PROG}"; \
+	echo "fi"; \
+	echo ""; \
 	echo "if [ \"$(OS_VENDOR)\" = \"Darwin\" ]; then "; \
 	echo "  # Ensure architecture for gamma and JAVA_HOME is the same."; \
 	echo "  # NOTE: gamma assumes the OpenJDK directory layout."; \
diff -r 3442eb7ef2d2 -r 383082077d46 make/linux/makefiles/zeroshark.make
--- a/make/linux/makefiles/zeroshark.make	Tue Jan 14 20:24:44 2014 -0500
+++ b/make/linux/makefiles/zeroshark.make	Fri Jan 31 21:14:06 2014 +0000
@@ -26,7 +26,8 @@
 # Setup common to Zero (non-Shark) and Shark versions of VM
 
 ifeq ($(ZERO_LIBARCH),arm)
-
+# check to see if we are building the assembler jit or just zero.
+ifeq ($(ARM32JIT),true)
 Obj_Files += asm_helper.o
 Obj_Files += cppInterpreter_arm.o
 Obj_Files += thumb2.o
@@ -54,6 +55,7 @@
 	$(CC_COMPILE) $(CFLAGS) -DSTATIC_OFFSETS -o $@ $< $(COMPILE_DONE)
 
 endif
+endif
 
 %.o: %.S
 	@echo Assembling $<
diff -r 3442eb7ef2d2 -r 383082077d46 src/os/bsd/vm/os_bsd.cpp
--- a/src/os/bsd/vm/os_bsd.cpp	Tue Jan 14 20:24:44 2014 -0500
+++ b/src/os/bsd/vm/os_bsd.cpp	Fri Jan 31 21:14:06 2014 +0000
@@ -2762,6 +2762,13 @@
   }
 }
 
+static void warn_fail_commit_memory(char* addr, size_t size, bool exec,
+                                    int err) {
+  warning("INFO: os::commit_memory(" PTR_FORMAT ", " SIZE_FORMAT
+          ", %d) failed; error='%s' (errno=%d)", addr, size, exec,
+          strerror(err), err);
+}
+
 // NOTE: Bsd kernel does not really reserve the pages for us.
 //       All it does is to check if there are enough free pages
 //       left at the time of mmap(). This could be a potential
@@ -2770,12 +2777,22 @@
   int prot = exec ? PROT_READ|PROT_WRITE|PROT_EXEC : PROT_READ|PROT_WRITE;
 #ifdef __OpenBSD__
   // XXX: Work-around mmap/MAP_FIXED bug temporarily on OpenBSD
-  return ::mprotect(addr, size, prot) == 0;
+  if (::mprotect(addr, size, prot) == 0) {
+    return true;
+  }
 #else
   uintptr_t res = (uintptr_t) ::mmap(addr, size, prot,
                                    MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0);
-  return res != (uintptr_t) MAP_FAILED;
+  if (res != (uintptr_t) MAP_FAILED) {
+    return true;
+  }
 #endif
+
+  // Warn about any commit errors we see in non-product builds just
+  // in case mmap() doesn't work as described on the man page.
+  NOT_PRODUCT(warn_fail_commit_memory(addr, size, exec, errno);)
+
+  return false;
 }
 
 #ifndef _ALLBSD_SOURCE
@@ -2803,9 +2820,27 @@
   }
 #endif
 
+  // alignment_hint is ignored on this OS
   return commit_memory(addr, size, exec);
 }
 
+void os::commit_memory_or_exit(char* addr, size_t size, bool exec,
+			       const char* mesg) {
+  assert(mesg != NULL, "mesg must be specified");
+  if (!pd_commit_memory(addr, size, exec)) {
+    // add extra info in product mode for vm_exit_out_of_memory():
+    PRODUCT_ONLY(warn_fail_commit_memory(addr, size, exec, errno);)
+    vm_exit_out_of_memory(size, mesg);
+  }
+}
+
+void os::commit_memory_or_exit(char* addr, size_t size,
+			       size_t alignment_hint, bool exec,
+			       const char* mesg) {
+  // alignment_hint is ignored on this OS
+  pd_commit_memory_or_exit(addr, size, exec, mesg);
+}
+
 void os::realign_memory(char *addr, size_t bytes, size_t alignment_hint) {
 #ifndef _ALLBSD_SOURCE
   if (UseHugeTLBFS && alignment_hint > (size_t)vm_page_size()) {
@@ -2970,7 +3005,7 @@
 }
 
 bool os::create_stack_guard_pages(char* addr, size_t size) {
-  return os::commit_memory(addr, size);
+  return os::commit_memory(addr, size, !ExecMem);
 }
 
 // If this is a growable mapping, remove the guard pages entirely by
@@ -4467,7 +4502,7 @@
 
   if (!UseMembar) {
     address mem_serialize_page = (address) ::mmap(NULL, Bsd::page_size(), PROT_READ | PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0);
-    guarantee( mem_serialize_page != NULL, "mmap Failed for memory serialize page");
+    guarantee( mem_serialize_page != MAP_FAILED, "mmap Failed for memory serialize page");
     os::set_memory_serialize_page( mem_serialize_page );
 
 #ifndef PRODUCT
diff -r 3442eb7ef2d2 -r 383082077d46 src/os/bsd/vm/perfMemory_bsd.cpp
--- a/src/os/bsd/vm/perfMemory_bsd.cpp	Tue Jan 14 20:24:44 2014 -0500
+++ b/src/os/bsd/vm/perfMemory_bsd.cpp	Fri Jan 31 21:14:06 2014 +0000
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2001, 2010, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2001, 2013, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -59,7 +59,7 @@
   }
 
   // commit memory
-  if (!os::commit_memory(mapAddress, size)) {
+  if (!os::commit_memory(mapAddress, size, !ExecMem)) {
     if (PrintMiscellaneous && Verbose) {
       warning("Could not commit PerfData memory\n");
     }
diff -r 3442eb7ef2d2 -r 383082077d46 src/os/linux/vm/os_linux.cpp
--- a/src/os/linux/vm/os_linux.cpp	Tue Jan 14 20:24:44 2014 -0500
+++ b/src/os/linux/vm/os_linux.cpp	Fri Jan 31 21:14:06 2014 +0000
@@ -2508,11 +2508,57 @@
   }
 }
 
+static bool recoverable_mmap_error(int err) {
+  // See if the error is one we can let the caller handle. This
+  // list of errno values comes from JBS-6843484. I can't find a
+  // Linux man page that documents this specific set of errno
+  // values so while this list currently matches Solaris, it may
+  // change as we gain experience with this failure mode.
+  switch (err) {
+  case EBADF:
+  case EINVAL:
+  case ENOTSUP:
+    // let the caller deal with these errors
+    return true;
+
+  default:
+    // Any remaining errors on this OS can cause our reserved mapping
+    // to be lost. That can cause confusion where different data
+    // structures think they have the same memory mapped. The worst
+    // scenario is if both the VM and a library think they have the
+    // same memory mapped.
+    return false;
+  }
+}
+
+static void warn_fail_commit_memory(char* addr, size_t size, bool exec,
+                                    int err) {
+  warning("INFO: os::commit_memory(" PTR_FORMAT ", " SIZE_FORMAT
+          ", %d) failed; error='%s' (errno=%d)", addr, size, exec,
+          strerror(err), err);
+}
+
+static void warn_fail_commit_memory(char* addr, size_t size,
+                                    size_t alignment_hint, bool exec,
+                                    int err) {
+  warning("INFO: os::commit_memory(" PTR_FORMAT ", " SIZE_FORMAT
+          ", " SIZE_FORMAT ", %d) failed; error='%s' (errno=%d)", addr, size,
+          alignment_hint, exec, strerror(err), err);
+}
+
+static void warn_fail_commit_memory(char* addr, size_t size,
+                                    size_t alignment_hint, bool exec,
+                                    int err, const char* msg) {
+  warning("INFO: os::commit_memory(" PTR_FORMAT ", " SIZE_FORMAT
+          ", " SIZE_FORMAT ", %d) failed; error='%s' (errno=%d); %s", addr, size,
+          alignment_hint, exec, strerror(err), err, msg);
+}
+
 // NOTE: Linux kernel does not really reserve the pages for us.
 //       All it does is to check if there are enough free pages
 //       left at the time of mmap(). This could be a potential
 //       problem.
-bool os::commit_memory(char* addr, size_t size, bool exec) {
+int os::Linux::commit_memory_impl(char* addr, size_t size, bool exec) {
   int prot = exec ? PROT_READ|PROT_WRITE|PROT_EXEC : PROT_READ|PROT_WRITE;
   uintptr_t res = (uintptr_t) ::mmap(addr, size, prot,
                                    MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0);
@@ -2520,9 +2566,32 @@
     if (UseNUMAInterleaving) {
       numa_make_global(addr, size);
     }
-    return true;
-  }
-  return false;
+    return 0;
+  }
+
+  int err = errno;  // save errno from mmap() call above
+
+  if (!recoverable_mmap_error(err)) {
+    warn_fail_commit_memory(addr, size, exec, err);
+    vm_exit_out_of_memory(size, "committing reserved memory.");
+  }
+
+  return err;
+}
+
+bool os::commit_memory(char* addr, size_t size, bool exec) {
+  return os::Linux::commit_memory_impl(addr, size, exec) == 0;
+}
+
+void os::commit_memory_or_exit(char* addr, size_t size, bool exec,
+                                  const char* mesg) {
+  assert(mesg != NULL, "mesg must be specified");
+  int err = os::Linux::commit_memory_impl(addr, size, exec);
+  if (err != 0) {
+    // the caller wants all commit errors to exit with the specified mesg:
+    warn_fail_commit_memory(addr, size, exec, err);
+    vm_exit_out_of_memory(size, mesg);
+  }
 }
 
 // Define MAP_HUGETLB here so we can build HotSpot on old systems.
@@ -2535,8 +2604,11 @@
 #define MADV_HUGEPAGE 14
 #endif
 
-bool os::commit_memory(char* addr, size_t size, size_t alignment_hint,
-                       bool exec) {
+volatile jint os::Linux::num_largepage_commit_fails = 0;
+
+int os::Linux::commit_memory_impl(char* addr, size_t size,
+                                  size_t alignment_hint, bool exec) {
+  int err;
   if (UseHugeTLBFS && alignment_hint > (size_t)vm_page_size()) {
     int prot = exec ? PROT_READ|PROT_WRITE|PROT_EXEC : PROT_READ|PROT_WRITE;
     uintptr_t res =
@@ -2547,16 +2619,47 @@
       if (UseNUMAInterleaving) {
         numa_make_global(addr, size);
       }
-      return true;
+      return 0;
+    }
+
+    err = errno;  // save errno from mmap() call above
+
+    if (!recoverable_mmap_error(err)) {
+      // However, it is not clear that this loss of our reserved mapping
+      // happens with large pages on Linux or that we cannot recover
+      // from the loss. For now, we just issue a warning and we don't
+      // call vm_exit_out_of_memory(). This issue is being tracked by
+      // JBS-8007074.
+      Atomic::inc(&os::Linux::num_largepage_commit_fails);
+      warn_fail_commit_memory(addr, size, alignment_hint, exec, err,
+        "Cannot allocate large pages, falling back to regular pages");
+//    vm_exit_out_of_memory(size, "committing reserved memory.");
     }
     // Fall through and try to use small pages
   }
 
-  if (commit_memory(addr, size, exec)) {
+  err = os::Linux::commit_memory_impl(addr, size, exec);
+  if (err == 0) {
     realign_memory(addr, size, alignment_hint);
-    return true;
-  }
-  return false;
+  }
+  return err;
+}
+
+bool os::commit_memory(char* addr, size_t size, size_t alignment_hint,
+                          bool exec) {
+  return os::Linux::commit_memory_impl(addr, size, alignment_hint, exec) == 0;
+}
+
+void os::commit_memory_or_exit(char* addr, size_t size,
+                                  size_t alignment_hint, bool exec,
+                                  const char* mesg) {
+  assert(mesg != NULL, "mesg must be specified");
+  int err = os::Linux::commit_memory_impl(addr, size, alignment_hint, exec);
+  if (err != 0) {
+    // the caller wants all commit errors to exit with the specified mesg:
+    warn_fail_commit_memory(addr, size, alignment_hint, exec, err);
+    vm_exit_out_of_memory(size, mesg);
+  }
 }
 
 void os::realign_memory(char *addr, size_t bytes, size_t alignment_hint) {
@@ -2568,7 +2671,14 @@
 }
 
 void os::free_memory(char *addr, size_t bytes, size_t alignment_hint) {
-  commit_memory(addr, bytes, alignment_hint, false);
+  // This method works by doing an mmap over an existing mmaping and effectively discarding
+  // the existing pages. However it won't work for SHM-based large pages that cannot be
+  // uncommitted at all. We don't do anything in this case to avoid creating a segment with
+  // small pages on top of the SHM segment. This method always works for small pages, so we
+  // allow that in any case.
+  if (alignment_hint <= (size_t)os::vm_page_size() || !UseSHM) {
+    commit_memory(addr, bytes, alignment_hint, !ExecMem);
+  }
 }
 
 void os::numa_make_global(char *addr, size_t bytes) {
@@ -2751,6 +2861,53 @@
   return res  != (uintptr_t) MAP_FAILED;
 }
 
+static
+address get_stack_commited_bottom(address bottom, size_t size) {
+  address nbot = bottom;
+  address ntop = bottom + size;
+
+  size_t page_sz = os::vm_page_size();
+  unsigned pages = size / page_sz;
+
+  unsigned char vec[1];
+  unsigned imin = 1, imax = pages + 1, imid;
+  int mincore_return_value;
+
+  while (imin < imax) {
+    imid = (imax + imin) / 2;
+    nbot = ntop - (imid * page_sz);
+
+    // Use a trick with mincore to check whether the page is mapped or not.
+    // mincore sets vec to 1 if page resides in memory and to 0 if page
+    // is swapped output but if page we are asking for is unmapped
+    // it returns -1,ENOMEM
+    mincore_return_value = mincore(nbot, page_sz, vec);
+
+    if (mincore_return_value == -1) {
+      // Page is not mapped go up
+      // to find first mapped page
+      if (errno != EAGAIN) {
+        assert(errno == ENOMEM, "Unexpected mincore errno");
+        imax = imid;
+      }
+    } else {
+      // Page is mapped go down
+      // to find first not mapped page
+      imin = imid + 1;
+    }
+  }
+
+  nbot = nbot + page_sz;
+
+  // Adjust stack bottom one page up if last checked page is not mapped
+  if (mincore_return_value == -1) {
+    nbot = nbot + page_sz;
+  }
+
+  return nbot;
+}
+
+
 // Linux uses a growable mapping for the stack, and if the mapping for
 // the stack guard pages is not removed when we detach a thread the
 // stack cannot grow beyond the pages where the stack guard was
@@ -2765,74 +2922,52 @@
 // So, we need to know the extent of the stack mapping when
 // create_stack_guard_pages() is called.
 
-// Find the bounds of the stack mapping.  Return true for success.
-//
 // We only need this for stacks that are growable: at the time of
 // writing thread stacks don't use growable mappings (i.e. those
 // creeated with MAP_GROWSDOWN), and aren't marked "[stack]", so this
 // only applies to the main thread.
 
-static
-bool get_stack_bounds(uintptr_t *bottom, uintptr_t *top) {
-
-  char buf[128];
-  int fd, sz;
-
-  if ((fd = ::open("/proc/self/maps", O_RDONLY)) < 0) {
-    return false;
-  }
-
-  const char kw[] = "[stack]";
-  const int kwlen = sizeof(kw)-1;
-
-  // Address part of /proc/self/maps couldn't be more than 128 bytes
-  while ((sz = os::get_line_chars(fd, buf, sizeof(buf))) > 0) {
-     if (sz > kwlen && ::memcmp(buf+sz-kwlen, kw, kwlen) == 0) {
-        // Extract addresses
-        if (sscanf(buf, "%" SCNxPTR "-%" SCNxPTR, bottom, top) == 2) {
-           uintptr_t sp = (uintptr_t) __builtin_frame_address(0);
-           if (sp >= *bottom && sp <= *top) {
-              ::close(fd);
-              return true;
-           }
-        }
-     }
-  }
-
- ::close(fd);
-  return false;
-}
-
-
 // If the (growable) stack mapping already extends beyond the point
 // where we're going to put our guard pages, truncate the mapping at
 // that point by munmap()ping it.  This ensures that when we later
 // munmap() the guard pages we don't leave a hole in the stack
-// mapping. This only affects the main/initial thread, but guard
-// against future OS changes
+// mapping. This only affects the main/initial thread
+
 bool os::create_stack_guard_pages(char* addr, size_t size) {
-  uintptr_t stack_extent, stack_base;
-  bool chk_bounds = NOT_DEBUG(os::Linux::is_initial_thread()) DEBUG_ONLY(true);
-  if (chk_bounds && get_stack_bounds(&stack_extent, &stack_base)) {
-      assert(os::Linux::is_initial_thread(),
-           "growable stack in non-initial thread");
-    if (stack_extent < (uintptr_t)addr)
-      ::munmap((void*)stack_extent, (uintptr_t)addr - stack_extent);
-  }
-
-  return os::commit_memory(addr, size);
+
+  if (os::Linux::is_initial_thread()) {
+    // As we manually grow stack up to bottom inside create_attached_thread(),
+    // it's likely that os::Linux::initial_thread_stack_bottom is mapped and
+    // we don't need to do anything special.
+    // Check it first, before calling heavy function.
+    uintptr_t stack_extent = (uintptr_t) os::Linux::initial_thread_stack_bottom();
+    unsigned char vec[1];
+
+    if (mincore((address)stack_extent, os::vm_page_size(), vec) == -1) {
+      // Fallback to slow path on all errors, including EAGAIN
+      stack_extent = (uintptr_t) get_stack_commited_bottom(
+                                    os::Linux::initial_thread_stack_bottom(),
+                                    (size_t)addr - stack_extent);
+    }
+
+    if (stack_extent < (uintptr_t)addr) {
+      ::munmap((void*)stack_extent, (uintptr_t)(addr - stack_extent));
+    }
+  }
+
+  return os::commit_memory(addr, size, !ExecMem);
 }
 
 // If this is a growable mapping, remove the guard pages entirely by
 // munmap()ping them.  If not, just call uncommit_memory(). This only
 // affects the main/initial thread, but guard against future OS changes
+// It's safe to always unmap guard pages for initial thread because we
+// always place it right after end of the mapped region
+
 bool os::remove_stack_guard_pages(char* addr, size_t size) {
   uintptr_t stack_extent, stack_base;
-  bool chk_bounds = NOT_DEBUG(os::Linux::is_initial_thread()) DEBUG_ONLY(true);
-  if (chk_bounds && get_stack_bounds(&stack_extent, &stack_base)) {
-      assert(os::Linux::is_initial_thread(),
-           "growable stack in non-initial thread");
-
+
+  if (os::Linux::is_initial_thread()) {
     return ::munmap(addr, size) == 0;
   }
 
@@ -2941,7 +3076,7 @@
                   MAP_ANONYMOUS|MAP_PRIVATE|MAP_HUGETLB,
                   -1, 0);
 
-  if (p != (void *) -1) {
+  if (p != MAP_FAILED) {
     // We don't know if this really is a huge page or not.
     FILE *fp = fopen("/proc/self/maps", "r");
     if (fp) {
@@ -4218,7 +4353,7 @@
 
   if (!UseMembar) {
     address mem_serialize_page = (address) ::mmap(NULL, Linux::page_size(), PROT_READ | PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0);
-    guarantee( mem_serialize_page != NULL, "mmap Failed for memory serialize page");
+    guarantee( mem_serialize_page != MAP_FAILED, "mmap Failed for memory serialize page");
     os::set_memory_serialize_page( mem_serialize_page );
 
 #ifndef PRODUCT
diff -r 3442eb7ef2d2 -r 383082077d46 src/os/linux/vm/os_linux.hpp

From bugzilla-daemon at icedtea.classpath.org  Fri Mar 21 19:39:34 2014
From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org)
Date: Fri, 21 Mar 2014 19:39:34 +0000
Subject: [Bug 1679] [IcedTea7] Allow OpenJDK to build on PaX-enabled kernels
In-Reply-To: <bug-1679-30@http.icedtea.classpath.org/bugzilla/>
References: <bug-1679-30@http.icedtea.classpath.org/bugzilla/>
Message-ID: <bug-1679-30-49hJRjHbWz@http.icedtea.classpath.org/bugzilla/>

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1679

--- Comment #10 from hg commits <mercurial at icedtea.classpath.org> ---
details:
http://icedtea.classpath.org//hg/release/icedtea7-forest-2.3/hotspot?cmd=changeset;node=3b188862d691
author: andrew
date: Wed Feb 19 21:08:04 2014 +0000

    PR1679: Allow OpenJDK to build on PaX-enabled kernels

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140321/15f71459/attachment.html>

From bugzilla-daemon at icedtea.classpath.org  Fri Mar 21 19:39:39 2014
From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org)
Date: Fri, 21 Mar 2014 19:39:39 +0000
Subject: [Bug 1653] [IcedTea7] Support ppc64le via Zero
In-Reply-To: <bug-1653-30@http.icedtea.classpath.org/bugzilla/>
References: <bug-1653-30@http.icedtea.classpath.org/bugzilla/>
Message-ID: <bug-1653-30-GpcDqgjVVi@http.icedtea.classpath.org/bugzilla/>

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1653

--- Comment #11 from hg commits <mercurial at icedtea.classpath.org> ---
details:
http://icedtea.classpath.org//hg/release/icedtea7-forest-2.3/hotspot?cmd=changeset;node=fba9303068df
author: andrew
date: Thu Jan 23 22:41:21 2014 +0000

    PR1653: Support ppc64le via Zero

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140321/02a5787e/attachment-0001.html>

From andrew at icedtea.classpath.org  Fri Mar 21 19:39:54 2014
From: andrew at icedtea.classpath.org (andrew at icedtea.classpath.org)
Date: Fri, 21 Mar 2014 19:39:54 +0000
Subject: /hg/release/icedtea7-forest-2.3/jdk: 24 new changesets
Message-ID: <hg.6612728b5191.1395430794.4833355912275447704@icedtea.classpath.org>

changeset 6612728b5191 in /hg/release/icedtea7-forest-2.3/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jdk?cmd=changeset;node=6612728b5191
author: kshefov
date: Fri Jun 21 17:53:00 2013 +0400

	8015976: OpenJDK part of bug JDK-8015812 [TEST_BUG] Tests have conflicting test descriptions
	Reviewed-by: coffeys, alanb


changeset 02cc213008c4 in /hg/release/icedtea7-forest-2.3/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jdk?cmd=changeset;node=02cc213008c4
author: coffeys
date: Thu Nov 21 13:39:01 2013 +0000

	8022698: javax/script/GetInterfaceTest.java fails since 7u45 b04 with -agentvm option
	Reviewed-by: sundar


changeset 5d89c18a26b8 in /hg/release/icedtea7-forest-2.3/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jdk?cmd=changeset;node=5d89c18a26b8
author: mcherkas
date: Thu Oct 03 17:32:01 2013 +0400

	8023310: Thread contention in the method Beans.IsDesignTime()
	Reviewed-by: alexp, malenkov


changeset 694eb83ef613 in /hg/release/icedtea7-forest-2.3/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jdk?cmd=changeset;node=694eb83ef613
author: jchen
date: Wed Oct 16 15:16:21 2013 -0700

	8024461: [macosx] Java crashed on mac10.9 for swing and 2d function manual test
	Reviewed-by: prr, vadim, serb


changeset 3125559a0cde in /hg/release/icedtea7-forest-2.3/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jdk?cmd=changeset;node=3125559a0cde
author: weijun
date: Wed Mar 05 15:44:02 2014 +0000

	8024302: Clarify jar verifications
	8023338: Update jarsigner to encourage timestamping
	Reviewed-by: mullan, ahgross


changeset 0a7ecd74f1b8 in /hg/release/icedtea7-forest-2.3/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jdk?cmd=changeset;node=0a7ecd74f1b8
author: weijun
date: Wed Oct 09 18:58:16 2013 +0800

	8026037: [TESTBUG] sun/security/tools/jarsigner/warnings.sh test fails on Solaris
	Reviewed-by: chegar
	Contributed-by: Artem Smotrakov <artem.smotrakov at oracle.com>


changeset 481aef7d12c4 in /hg/release/icedtea7-forest-2.3/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jdk?cmd=changeset;node=481aef7d12c4
author: weijun
date: Sat Oct 12 10:22:43 2013 +0800

	8026304: jarsigner output bad grammar
	Reviewed-by: chegar, coffeys
	Contributed-by: Artem Smotrakov <artem.smotrakov at oracle.com>


changeset 09c86e9065c7 in /hg/release/icedtea7-forest-2.3/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jdk?cmd=changeset;node=09c86e9065c7
author: aefimov
date: Thu Oct 24 17:14:18 2013 +0400

	8025255: (tz) Support tzdata2013g
	8026772: test/sun/util/resources/TimeZone/Bug6317929.java failing
	Reviewed-by: okutsu, mfang


changeset 15090e20b767 in /hg/release/icedtea7-forest-2.3/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jdk?cmd=changeset;node=15090e20b767
author: andrew
date: Wed Feb 19 21:08:02 2014 +0000

	PR1679: Allow OpenJDK to build on PaX-enabled kernels


changeset ef183875fcc6 in /hg/release/icedtea7-forest-2.3/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jdk?cmd=changeset;node=ef183875fcc6
author: xuelei
date: Thu Oct 24 10:07:51 2013 -0700

	8027204: Revise the update of 8026204 and 8025758
	Summary: Rivise the update to use system class loader with null TCCL.  Also reviewed by Alexander Fomin <alexander.fomin at oracle.com>
	Reviewed-by: weijun, mchung, ahgross


changeset 579913f11d3d in /hg/release/icedtea7-forest-2.3/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jdk?cmd=changeset;node=579913f11d3d
author: aefimov
date: Fri Nov 15 13:31:41 2013 +0400

	8027370: Support tzdata2013h
	Reviewed-by: sherman, coffeys


changeset 1724fd827e84 in /hg/release/icedtea7-forest-2.3/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jdk?cmd=changeset;node=1724fd827e84
author: zhangshj
date: Fri Sep 09 17:44:11 2011 +0400

	7024118: possible hardcoded mnemonic for JFileChooser metal and motif l&f
	Reviewed-by: rupashka


changeset be864a4084aa in /hg/release/icedtea7-forest-2.3/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jdk?cmd=changeset;node=be864a4084aa
author: littlee
date: Fri Jul 20 10:59:26 2012 +0100

	7032018: The file list in JFileChooser does not have an accessible name
	Reviewed-by: rupashka, coffeys


changeset 8d49fb9cf06f in /hg/release/icedtea7-forest-2.3/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jdk?cmd=changeset;node=8d49fb9cf06f
author: zhangshj
date: Thu Sep 20 12:06:50 2012 +0100

	7032436: When running with the Nimbus look and feel, the JFileChooser does not display mnemonics
	Reviewed-by: alexp, coffeys


changeset ccce271ada82 in /hg/release/icedtea7-forest-2.3/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jdk?cmd=changeset;node=ccce271ada82
author: mfang
date: Wed Feb 27 19:47:13 2013 -0800

	8008764: 7uX l10n resource file translation update
	Reviewed-by: naoto


changeset f2d9cd7125ee in /hg/release/icedtea7-forest-2.3/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jdk?cmd=changeset;node=f2d9cd7125ee
author: rgallard
date: Fri Nov 08 13:50:04 2013 -0800

	8028057: Modify jarsigner man page documentation to document CCC 8024302: Clarify jar verifications
	Reviewed-by: weijun


changeset e188d774fbc9 in /hg/release/icedtea7-forest-2.3/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jdk?cmd=changeset;node=e188d774fbc9
author: andrew
date: Fri Mar 21 17:48:59 2014 +0000

	Turn ARM32 JIT on by default


changeset 624af7638fc2 in /hg/release/icedtea7-forest-2.3/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jdk?cmd=changeset;node=624af7638fc2
author: msheppar
date: Sun Nov 24 13:08:16 2013 +0000

	8028215: ORB.init fails with SecurityException if properties select the JDK default ORB
	Summary: check for default ORBImpl and ORBSingleton set via properties or System properties
	Reviewed-by: alanb, coffeys, mchung


changeset 41d13007af23 in /hg/release/icedtea7-forest-2.3/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jdk?cmd=changeset;node=41d13007af23
author: michaelm
date: Fri Mar 21 18:39:16 2014 +0000

	8028293: Check local configuration for actual ephemeral port range
	Reviewed-by: alanb, chegar, smarks


changeset e8880637efd1 in /hg/release/icedtea7-forest-2.3/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jdk?cmd=changeset;node=e8880637efd1
author: michaelm
date: Wed Nov 20 15:28:54 2013 +0000

	8028453: AsynchronousSocketChannel.connect() requires SocketPermission due to bind to local address (win)
	Reviewed-by: alanb, chegar


changeset 39d92df0fe75 in /hg/release/icedtea7-forest-2.3/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jdk?cmd=changeset;node=39d92df0fe75
author: michaelm
date: Fri Nov 22 01:15:32 2013 +0000

	8028823: java/net/Makefile tabs converted to spaces
	Reviewed-by: mduigou


changeset 610f6895ab64 in /hg/release/icedtea7-forest-2.3/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jdk?cmd=changeset;node=610f6895ab64
author: andrew
date: Thu Jan 23 22:41:14 2014 +0000

	PR1653: Support ppc64le via Zero


changeset 8fcf23c12a55 in /hg/release/icedtea7-forest-2.3/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jdk?cmd=changeset;node=8fcf23c12a55
author: andrew
date: Thu Jan 23 23:19:20 2014 +0000

	PR1654: ppc32 needs a larger ThreadStackSize to build


changeset 2906d76a7086 in /hg/release/icedtea7-forest-2.3/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jdk?cmd=changeset;node=2906d76a7086
author: andrew
date: Tue Jan 28 18:02:26 2014 +0000

	RH910107: fail to load PC/SC library
	Contributed-by: sgehwolf at redhat.com


diffstat:

 make/com/sun/jmx/Makefile                                                            |    10 +-
 make/common/shared/Defs-java.gmk                                                     |     6 +-
 make/common/shared/Platform.gmk                                                      |     6 +-
 make/java/net/FILES_c.gmk                                                            |    29 +-
 make/java/net/Makefile                                                               |     3 +-
 make/java/net/mapfile-vers                                                           |   156 +-
 make/jdk_generic_profile.sh                                                          |    11 +-
 make/sun/javazic/tzdata/VERSION                                                      |     2 +-
 make/sun/javazic/tzdata/africa                                                       |   108 +-
 make/sun/javazic/tzdata/antarctica                                                   |    35 +-
 make/sun/javazic/tzdata/asia                                                         |    99 +-
 make/sun/javazic/tzdata/australasia                                                  |    39 +-
 make/sun/javazic/tzdata/backward                                                     |    20 +-
 make/sun/javazic/tzdata/etcetera                                                     |    12 +-
 make/sun/javazic/tzdata/europe                                                       |   134 +-
 make/sun/javazic/tzdata/factory                                                      |     8 +-
 make/sun/javazic/tzdata/iso3166.tab                                                  |    18 +-
 make/sun/javazic/tzdata/leapseconds                                                  |    78 +-
 make/sun/javazic/tzdata/northamerica                                                 |   150 +-
 make/sun/javazic/tzdata/pacificnew                                                   |     8 +-
 make/sun/javazic/tzdata/solar87                                                      |     8 +-
 make/sun/javazic/tzdata/solar88                                                      |     8 +-
 make/sun/javazic/tzdata/solar89                                                      |     8 +-
 make/sun/javazic/tzdata/southamerica                                                 |    80 +-
 make/sun/javazic/tzdata/systemv                                                      |     8 +-
 make/sun/javazic/tzdata/zone.tab                                                     |    43 +-
 make/sun/net/FILES_java.gmk                                                          |     1 +
 src/bsd/doc/man/jarsigner.1                                                          |  2468 +++------
 src/linux/doc/man/jarsigner.1                                                        |  2470 +++------
 src/share/classes/com/sun/java/swing/plaf/motif/MotifFileChooserUI.java              |    16 +-
 src/share/classes/com/sun/java/swing/plaf/motif/MotifLookAndFeel.java                |     5 -
 src/share/classes/com/sun/java/swing/plaf/motif/resources/motif.properties           |    10 +-
 src/share/classes/com/sun/java/swing/plaf/motif/resources/motif_de.properties        |    10 +-
 src/share/classes/com/sun/java/swing/plaf/motif/resources/motif_es.properties        |    10 +-
 src/share/classes/com/sun/java/swing/plaf/motif/resources/motif_fr.properties        |    10 +-
 src/share/classes/com/sun/java/swing/plaf/motif/resources/motif_it.properties        |    10 +-
 src/share/classes/com/sun/java/swing/plaf/motif/resources/motif_ja.properties        |    10 +-
 src/share/classes/com/sun/java/swing/plaf/motif/resources/motif_ko.properties        |    10 +-
 src/share/classes/com/sun/java/swing/plaf/motif/resources/motif_pt_BR.properties     |    10 +-
 src/share/classes/com/sun/java/swing/plaf/motif/resources/motif_sv.properties        |    10 +-
 src/share/classes/com/sun/java/swing/plaf/motif/resources/motif_zh_CN.properties     |    10 +-
 src/share/classes/com/sun/java/swing/plaf/motif/resources/motif_zh_TW.properties     |    10 +-
 src/share/classes/com/sun/java/swing/plaf/windows/WindowsFileChooserUI.java          |    12 +-
 src/share/classes/com/sun/java/swing/plaf/windows/WindowsLookAndFeel.java            |     3 -
 src/share/classes/com/sun/java/swing/plaf/windows/resources/windows.properties       |     8 +-
 src/share/classes/com/sun/java/swing/plaf/windows/resources/windows_de.properties    |     8 +-
 src/share/classes/com/sun/java/swing/plaf/windows/resources/windows_es.properties    |     8 +-
 src/share/classes/com/sun/java/swing/plaf/windows/resources/windows_fr.properties    |     8 +-
 src/share/classes/com/sun/java/swing/plaf/windows/resources/windows_it.properties    |     8 +-
 src/share/classes/com/sun/java/swing/plaf/windows/resources/windows_ja.properties    |     8 +-
 src/share/classes/com/sun/java/swing/plaf/windows/resources/windows_ko.properties    |     8 +-
 src/share/classes/com/sun/java/swing/plaf/windows/resources/windows_pt_BR.properties |     8 +-
 src/share/classes/com/sun/java/swing/plaf/windows/resources/windows_sv.properties    |     8 +-
 src/share/classes/com/sun/java/swing/plaf/windows/resources/windows_zh_CN.properties |    14 +-
 src/share/classes/com/sun/java/swing/plaf/windows/resources/windows_zh_TW.properties |     8 +-
 src/share/classes/com/sun/naming/internal/FactoryEnumeration.java                    |     1 -
 src/share/classes/com/sun/naming/internal/VersionHelper12.java                       |    63 +-
 src/share/classes/com/sun/swing/internal/plaf/basic/resources/basic.properties       |   373 +-
 src/share/classes/com/sun/swing/internal/plaf/basic/resources/basic_de.properties    |     3 +
 src/share/classes/com/sun/swing/internal/plaf/basic/resources/basic_es.properties    |     3 +
 src/share/classes/com/sun/swing/internal/plaf/basic/resources/basic_fr.properties    |     3 +
 src/share/classes/com/sun/swing/internal/plaf/basic/resources/basic_it.properties    |     3 +
 src/share/classes/com/sun/swing/internal/plaf/basic/resources/basic_ja.properties    |     3 +
 src/share/classes/com/sun/swing/internal/plaf/basic/resources/basic_ko.properties    |     3 +
 src/share/classes/com/sun/swing/internal/plaf/basic/resources/basic_pt_BR.properties |     3 +
 src/share/classes/com/sun/swing/internal/plaf/basic/resources/basic_sv.properties    |     3 +
 src/share/classes/com/sun/swing/internal/plaf/basic/resources/basic_zh_CN.properties |     3 +
 src/share/classes/com/sun/swing/internal/plaf/basic/resources/basic_zh_TW.properties |     3 +
 src/share/classes/com/sun/swing/internal/plaf/metal/resources/metal.properties       |     8 +-
 src/share/classes/com/sun/swing/internal/plaf/metal/resources/metal_de.properties    |     8 +-
 src/share/classes/com/sun/swing/internal/plaf/metal/resources/metal_es.properties    |     8 +-
 src/share/classes/com/sun/swing/internal/plaf/metal/resources/metal_fr.properties    |     8 +-
 src/share/classes/com/sun/swing/internal/plaf/metal/resources/metal_it.properties    |     8 +-
 src/share/classes/com/sun/swing/internal/plaf/metal/resources/metal_ja.properties    |     8 +-
 src/share/classes/com/sun/swing/internal/plaf/metal/resources/metal_ko.properties    |     8 +-
 src/share/classes/com/sun/swing/internal/plaf/metal/resources/metal_pt_BR.properties |     8 +-
 src/share/classes/com/sun/swing/internal/plaf/metal/resources/metal_sv.properties    |     8 +-
 src/share/classes/com/sun/swing/internal/plaf/metal/resources/metal_zh_CN.properties |    14 +-
 src/share/classes/com/sun/swing/internal/plaf/metal/resources/metal_zh_TW.properties |     8 +-
 src/share/classes/com/sun/swing/internal/plaf/synth/resources/synth.properties       |     8 +-
 src/share/classes/com/sun/swing/internal/plaf/synth/resources/synth_de.properties    |     8 +-
 src/share/classes/com/sun/swing/internal/plaf/synth/resources/synth_es.properties    |     8 +-
 src/share/classes/com/sun/swing/internal/plaf/synth/resources/synth_fr.properties    |     8 +-
 src/share/classes/com/sun/swing/internal/plaf/synth/resources/synth_it.properties    |     8 +-
 src/share/classes/com/sun/swing/internal/plaf/synth/resources/synth_ja.properties    |     8 +-
 src/share/classes/com/sun/swing/internal/plaf/synth/resources/synth_ko.properties    |     8 +-
 src/share/classes/com/sun/swing/internal/plaf/synth/resources/synth_pt_BR.properties |     8 +-
 src/share/classes/com/sun/swing/internal/plaf/synth/resources/synth_sv.properties    |     8 +-
 src/share/classes/com/sun/swing/internal/plaf/synth/resources/synth_zh_CN.properties |    14 +-
 src/share/classes/com/sun/swing/internal/plaf/synth/resources/synth_zh_TW.properties |     8 +-
 src/share/classes/com/sun/tools/example/debug/tty/TTYResources_ja.java               |     2 +-
 src/share/classes/com/sun/tools/example/debug/tty/TTYResources_zh_CN.java            |     2 +-
 src/share/classes/java/beans/ThreadGroupContext.java                                 |    18 +-
 src/share/classes/java/beans/WeakIdentityMap.java                                    |   139 +-
 src/share/classes/java/net/SocketPermission.java                                     |    13 +-
 src/share/classes/javax/security/auth/login/LoginContext.java                        |    62 +-
 src/share/classes/javax/swing/plaf/metal/MetalFileChooserUI.java                     |    12 +-
 src/share/classes/javax/swing/plaf/metal/MetalLookAndFeel.java                       |     3 -
 src/share/classes/sun/applet/resources/MsgAppletViewer_de.java                       |     6 +-
 src/share/classes/sun/launcher/resources/launcher_de.properties                      |    15 +-
 src/share/classes/sun/launcher/resources/launcher_es.properties                      |    15 +-
 src/share/classes/sun/launcher/resources/launcher_fr.properties                      |    15 +-
 src/share/classes/sun/launcher/resources/launcher_it.properties                      |    15 +-
 src/share/classes/sun/launcher/resources/launcher_ja.properties                      |    15 +-
 src/share/classes/sun/launcher/resources/launcher_ko.properties                      |    15 +-
 src/share/classes/sun/launcher/resources/launcher_pt_BR.properties                   |    15 +-
 src/share/classes/sun/launcher/resources/launcher_sv.properties                      |    15 +-
 src/share/classes/sun/launcher/resources/launcher_zh_CN.properties                   |    15 +-
 src/share/classes/sun/launcher/resources/launcher_zh_TW.properties                   |    15 +-
 src/share/classes/sun/management/resources/agent_de.properties                       |     6 +-
 src/share/classes/sun/rmi/registry/RegistryImpl.java                                 |     5 +-
 src/share/classes/sun/security/tools/JarSignerResources.java                         |     4 +-
 src/share/classes/sun/security/tools/JarSignerResources_ja.java                      |     2 +-
 src/share/classes/sun/swing/FilePane.java                                            |    12 +
 src/share/classes/sun/tools/jar/resources/jar_de.properties                          |     4 +-
 src/share/classes/sun/tools/jar/resources/jar_es.properties                          |     4 +-
 src/share/classes/sun/tools/jar/resources/jar_fr.properties                          |     4 +-
 src/share/classes/sun/tools/jar/resources/jar_it.properties                          |     4 +-
 src/share/classes/sun/tools/jar/resources/jar_ja.properties                          |     4 +-
 src/share/classes/sun/tools/jar/resources/jar_ko.properties                          |     4 +-
 src/share/classes/sun/tools/jar/resources/jar_pt_BR.properties                       |     4 +-
 src/share/classes/sun/tools/jar/resources/jar_sv.properties                          |     4 +-
 src/share/classes/sun/tools/jar/resources/jar_zh_CN.properties                       |     6 +-
 src/share/classes/sun/tools/jar/resources/jar_zh_TW.properties                       |     4 +-
 src/share/classes/sun/util/logging/resources/logging_sv.properties                   |     2 +-
 src/share/classes/sun/util/resources/TimeZoneNames.java                              |    28 +-
 src/share/classes/sun/util/resources/TimeZoneNames_de.java                           |    74 +-
 src/share/classes/sun/util/resources/TimeZoneNames_es.java                           |    54 +-
 src/share/classes/sun/util/resources/TimeZoneNames_fr.java                           |    66 +-
 src/share/classes/sun/util/resources/TimeZoneNames_it.java                           |    70 +-
 src/share/classes/sun/util/resources/TimeZoneNames_ja.java                           |    84 +-
 src/share/classes/sun/util/resources/TimeZoneNames_ko.java                           |    84 +-
 src/share/classes/sun/util/resources/TimeZoneNames_pt_BR.java                        |    84 +-
 src/share/classes/sun/util/resources/TimeZoneNames_sv.java                           |    82 +-
 src/share/classes/sun/util/resources/TimeZoneNames_zh_CN.java                        |    84 +-
 src/share/classes/sun/util/resources/TimeZoneNames_zh_TW.java                        |    84 +-
 src/share/demo/jfc/Notepad/resources/Notepad_ja.properties                           |     2 +-
 src/share/lib/security/java.security                                                 |    16 -
 src/share/lib/security/java.security-macosx                                          |    19 -
 src/share/lib/security/java.security-solaris                                         |    18 -
 src/share/lib/security/java.security-windows                                         |    17 -
 src/share/native/sun/java2d/opengl/OGLBlitLoops.c                                    |     7 +-
 src/solaris/classes/sun/security/smartcardio/PlatformPCSC.java                       |     4 +-
 src/solaris/doc/sun/man/man1/jarsigner.1                                             |  2470 +++------
 src/solaris/native/java/net/net_util_md.c                                            |     9 +-
 src/solaris/native/java/net/net_util_md.h                                            |     3 +
 src/windows/classes/sun/nio/ch/WindowsAsynchronousSocketChannelImpl.java             |    23 +-
 test/ProblemList.txt                                                                 |     3 +
 test/com/sun/corba/se/impl/orb/SetDefaultORBTest.java                                |    61 +
 test/java/awt/DataFlavor/MissedHtmlAndRtfBug/MissedHtmlAndRtfBug.html                |     8 +-
 test/java/awt/DataFlavor/MissedHtmlAndRtfBug/MissedHtmlAndRtfBug.java                |    15 +-
 test/java/awt/event/KeyEvent/KeyReleasedInAppletTest/KeyReleasedInAppletTest.java    |    11 +-
 test/java/rmi/activation/rmidViaInheritedChannel/RmidViaInheritedChannel.java        |    11 +
 test/java/rmi/registry/readTest/readTest.sh                                          |    24 +-
 test/java/rmi/testlibrary/TestLibrary.java                                           |    14 +-
 test/javax/script/GetInterfaceTest.java                                              |     4 +-
 test/sun/security/tools/jarsigner/TimestampCheck.java                                |    22 +-
 test/sun/security/tools/jarsigner/concise_jarsigner.sh                               |     4 -
 test/sun/security/tools/jarsigner/ts.sh                                              |     4 +-
 test/sun/security/tools/jarsigner/warnings.sh                                        |   119 +
 test/sun/util/resources/TimeZone/Bug6317929.java                                     |    44 +-
 161 files changed, 4826 insertions(+), 6301 deletions(-)

diffs (truncated from 16107 to 500 lines):

diff -r bad5e0686160 -r 2906d76a7086 make/com/sun/jmx/Makefile
--- a/make/com/sun/jmx/Makefile	Tue Jan 14 20:24:45 2014 -0500
+++ b/make/com/sun/jmx/Makefile	Tue Jan 28 18:02:26 2014 +0000
@@ -114,13 +114,19 @@
 endif
 
 ifeq ($(CROSS_COMPILE_ARCH),)
-RMIC = $(RMIC_JAVA) $(JAVA_TOOLS_FLAGS) -cp $(OUTPUTDIR)/classes sun.rmi.rmic.Main
+RMIC_VM = $(RMIC_JAVA)
 else
-RMIC = $(BOOT_JAVA_CMD)  $(JAVA_TOOLS_FLAGS) -cp $(OUTPUTDIR)/classes sun.rmi.rmic.Main
+RMIC_VM = $(BOOT_JAVA_CMD)
 endif  
+RMIC = $(RMIC_VM) $(JAVA_TOOLS_FLAGS) -cp $(OUTPUTDIR)/classes sun.rmi.rmic.Main
 
 $(CLASSDESTDIR)/%_Stub.class: $(CLASSDESTDIR)/%.class
 	$(prep-target)
+	if [ -x $(PAX_COMMAND) ] ; then \
+	  if [ -w $(RMIC_VM) ] ; then \
+	    $(PAX_COMMAND) $(PAX_COMMAND_ARGS) $(RMIC_VM) ; \
+	  fi ; \
+	fi
 	$(RMIC) -classpath "$(CLASSDESTDIR)"    \
                 -d $(CLASSDESTDIR)              \
                 -v1.2                           \
diff -r bad5e0686160 -r 2906d76a7086 make/common/shared/Defs-java.gmk
--- a/make/common/shared/Defs-java.gmk	Tue Jan 14 20:24:45 2014 -0500
+++ b/make/common/shared/Defs-java.gmk	Tue Jan 28 18:02:26 2014 +0000
@@ -88,7 +88,11 @@
 
 # 64-bit builds require a larger thread stack size.
 ifeq ($(ARCH_DATA_MODEL), 32)
-  JAVAC_JVM_FLAGS    += -J-XX:ThreadStackSize=768
+  ifeq ($(ARCH), ppc)
+    JAVAC_JVM_FLAGS    += -J-XX:ThreadStackSize=1152
+  else
+    JAVAC_JVM_FLAGS    += -J-XX:ThreadStackSize=768
+  endif
 else
   JAVAC_JVM_FLAGS    += -J-XX:ThreadStackSize=1664
 endif
diff -r bad5e0686160 -r 2906d76a7086 make/common/shared/Platform.gmk
--- a/make/common/shared/Platform.gmk	Tue Jan 14 20:24:45 2014 -0500
+++ b/make/common/shared/Platform.gmk	Tue Jan 28 18:02:26 2014 +0000
@@ -161,7 +161,7 @@
     mach := $(shell uname -m)
   endif
   ifneq (,$(wildcard /usr/bin/dpkg-architecture))
-    mach := $(shell (dpkg-architecture -qDEB_HOST_ARCH_CPU 2>/dev/null || echo $(mach)) | sed 's/arm64/aarch64/;s/powerpc$$/ppc/;s/hppa/parisc/')
+    mach := $(shell (dpkg-architecture -qDEB_HOST_ARCH_CPU 2>/dev/null || echo $(mach)) | sed 's/arm64/aarch64/;s/powerpc$$/ppc/;s/hppa/parisc/;s/ppc64el/ppc64le/')
   endif
   archExpr = case "$(mach)" in \
                 i[3-9]86) \
@@ -205,10 +205,10 @@
     # Most archs are 32-bit
     ifndef ARCH_DATA_MODEL
       ARCH_DATA_MODEL=32
-      ifeq ($(ARCH), amd64)
+      ifneq (,$(findstring 64,$(ARCH)))
         ARCH_DATA_MODEL=64
       endif
-      ifeq ($(ARCH), ia64)
+      ifeq ($(ARCH), s390x)
         ARCH_DATA_MODEL=64
       endif
       ifeq ($(ARCH), sh)
diff -r bad5e0686160 -r 2906d76a7086 make/java/net/FILES_c.gmk
--- a/make/java/net/FILES_c.gmk	Tue Jan 14 20:24:45 2014 -0500
+++ b/make/java/net/FILES_c.gmk	Tue Jan 28 18:02:26 2014 +0000
@@ -24,20 +24,21 @@
 #
 
 FILES_c = \
-	DatagramPacket.c \
-	InetAddress.c \
-	Inet4Address.c \
-	Inet6Address.c \
-	NetworkInterface.c \
-	InetAddressImplFactory.c \
-	Inet4AddressImpl.c \
-	Inet6AddressImpl.c \
-	SocketInputStream.c \
-	SocketOutputStream.c \
-	net_util.c \
-	net_util_md.c \
-	ResolverConfigurationImpl.c \
-	DefaultProxySelector.c
+        DatagramPacket.c \
+        InetAddress.c \
+        Inet4Address.c \
+        Inet6Address.c \
+        NetworkInterface.c \
+        InetAddressImplFactory.c \
+        Inet4AddressImpl.c \
+        Inet6AddressImpl.c \
+        SocketInputStream.c \
+        SocketOutputStream.c \
+        net_util.c \
+        net_util_md.c \
+        portconfig.c \
+        ResolverConfigurationImpl.c \
+        DefaultProxySelector.c
 
 ifeq ($(PLATFORM), linux)
     FILES_c += linux_close.c
diff -r bad5e0686160 -r 2906d76a7086 make/java/net/Makefile
--- a/make/java/net/Makefile	Tue Jan 14 20:24:45 2014 -0500
+++ b/make/java/net/Makefile	Tue Jan 28 18:02:26 2014 +0000
@@ -83,7 +83,8 @@
 # Find platform specific native code
 #
 vpath %.c $(PLATFORM_SRC)/native/sun/net/dns $(PLATFORM_SRC)/native/sun/net/www/protocol/http/ntlm \
-    $(PLATFORM_SRC)/native/sun/net/sdp $(PLATFORM_SRC)/native/sun/net/spi
+    $(PLATFORM_SRC)/native/sun/net/sdp $(PLATFORM_SRC)/native/sun/net/spi \
+    $(PLATFORM_SRC)/native/sun/net
 
 ifndef USE_SYSTEM_GCONF
   vpath %.c	$(PLATFORM_SRC)/native/common/deps/gconf2
diff -r bad5e0686160 -r 2906d76a7086 make/java/net/mapfile-vers
--- a/make/java/net/mapfile-vers	Tue Jan 14 20:24:45 2014 -0500
+++ b/make/java/net/mapfile-vers	Tue Jan 28 18:02:26 2014 +0000
@@ -26,84 +26,86 @@
 # Define public interface.
 
 SUNWprivate_1.1 {
-	global:
-		JNI_OnLoad;
-		Java_java_net_PlainSocketImpl_socketListen;
-		Java_java_net_PlainDatagramSocketImpl_getTTL;
-		Java_java_net_PlainDatagramSocketImpl_init;
-		Java_java_net_SocketOutputStream_socketWrite0;
-		Java_java_net_PlainSocketImpl_socketCreate;
-		Java_java_net_PlainSocketImpl_socketAvailable;
-		Java_java_net_PlainDatagramSocketImpl_join;
-		Java_java_net_PlainDatagramSocketImpl_socketGetOption;
-		Java_java_net_InetAddress_init;
-		Java_java_net_Inet4Address_init;
-		Java_java_net_Inet6Address_init;
-		Java_java_net_PlainDatagramSocketImpl_setTTL;
-		Java_java_net_PlainDatagramSocketImpl_socketSetOption;
-		Java_java_net_PlainDatagramSocketImpl_bind0;
-		Java_java_net_PlainSocketImpl_socketAccept;
-		Java_java_net_DatagramPacket_init;
-		Java_java_net_PlainDatagramSocketImpl_leave;
-		Java_java_net_SocketInputStream_socketRead0;
-		Java_java_net_InetAddressImplFactory_isIPv6Supported;
-		Java_java_net_Inet4AddressImpl_getLocalHostName;
-		Java_java_net_Inet4AddressImpl_lookupAllHostAddr;
-		Java_java_net_Inet4AddressImpl_getHostByAddr;
-		Java_java_net_Inet4AddressImpl_isReachable0;
-		Java_java_net_Inet6AddressImpl_getLocalHostName;
-		Java_java_net_Inet6AddressImpl_lookupAllHostAddr;
-		Java_java_net_Inet6AddressImpl_getHostByAddr;
-		Java_java_net_Inet6AddressImpl_isReachable0;
-		Java_java_net_NetworkInterface_init;
-		Java_java_net_NetworkInterface_getByName0;
-		Java_java_net_NetworkInterface_getByIndex0;
-		Java_java_net_NetworkInterface_getByInetAddress0;
-		Java_java_net_NetworkInterface_getAll;
-		Java_java_net_NetworkInterface_isUp0;
-		Java_java_net_NetworkInterface_isLoopback0;
-		Java_java_net_NetworkInterface_isP2P0;
-		Java_java_net_NetworkInterface_supportsMulticast0;
-		Java_java_net_NetworkInterface_getMacAddr0;
-		Java_java_net_NetworkInterface_getMTU0;
-		Java_java_net_PlainDatagramSocketImpl_send;
-		Java_java_net_PlainSocketImpl_socketClose0;
-		Java_java_net_SocketOutputStream_init;
-		Java_java_net_PlainDatagramSocketImpl_peek;
-		Java_java_net_PlainDatagramSocketImpl_peekData;
-		Java_java_net_PlainSocketImpl_socketSetOption;
-		Java_java_net_PlainSocketImpl_socketSendUrgentData;
-		Java_java_net_PlainDatagramSocketImpl_datagramSocketCreate;
-		Java_java_net_PlainSocketImpl_socketGetOption;
-		Java_java_net_PlainDatagramSocketImpl_receive0;
-		Java_java_net_PlainDatagramSocketImpl_connect0;
-		Java_java_net_PlainDatagramSocketImpl_disconnect0;
-		Java_java_net_PlainDatagramSocketImpl_datagramSocketClose;
-		Java_java_net_PlainSocketImpl_initProto;
-		Java_java_net_PlainSocketImpl_socketBind;
-		Java_java_net_PlainSocketImpl_socketShutdown;
-		Java_java_net_SocketInputStream_init;
-		Java_java_net_PlainSocketImpl_socketConnect;
-		Java_java_net_PlainDatagramSocketImpl_getTimeToLive;
-		Java_java_net_PlainDatagramSocketImpl_setTimeToLive;
-		Java_sun_net_dns_ResolverConfigurationImpl_localDomain0;
-		Java_sun_net_dns_ResolverConfigurationImpl_fallbackDomain0;
-		Java_sun_net_sdp_SdpSupport_convert0;
-		Java_sun_net_sdp_SdpSupport_create0;
-		Java_sun_net_spi_DefaultProxySelector_init;
-		Java_sun_net_spi_DefaultProxySelector_getSystemProxy;
-		NET_AllocSockaddr;
-		NET_SockaddrToInetAddress;
+        global:
+                JNI_OnLoad;
+                Java_java_net_PlainSocketImpl_socketListen;
+                Java_java_net_PlainDatagramSocketImpl_getTTL;
+                Java_java_net_PlainDatagramSocketImpl_init;
+                Java_java_net_SocketOutputStream_socketWrite0;
+                Java_java_net_PlainSocketImpl_socketCreate;
+                Java_java_net_PlainSocketImpl_socketAvailable;
+                Java_java_net_PlainDatagramSocketImpl_join;
+                Java_java_net_PlainDatagramSocketImpl_socketGetOption;
+                Java_java_net_InetAddress_init;
+                Java_java_net_Inet4Address_init;
+                Java_java_net_Inet6Address_init;
+                Java_java_net_PlainDatagramSocketImpl_setTTL;
+                Java_java_net_PlainDatagramSocketImpl_socketSetOption;
+                Java_java_net_PlainDatagramSocketImpl_bind0;
+                Java_java_net_PlainSocketImpl_socketAccept;
+                Java_java_net_DatagramPacket_init;
+                Java_java_net_PlainDatagramSocketImpl_leave;
+                Java_java_net_SocketInputStream_socketRead0;
+                Java_java_net_InetAddressImplFactory_isIPv6Supported;
+                Java_java_net_Inet4AddressImpl_getLocalHostName;
+                Java_java_net_Inet4AddressImpl_lookupAllHostAddr;
+                Java_java_net_Inet4AddressImpl_getHostByAddr;
+                Java_java_net_Inet4AddressImpl_isReachable0;
+                Java_java_net_Inet6AddressImpl_getLocalHostName;
+                Java_java_net_Inet6AddressImpl_lookupAllHostAddr;
+                Java_java_net_Inet6AddressImpl_getHostByAddr;
+                Java_java_net_Inet6AddressImpl_isReachable0;
+                Java_java_net_NetworkInterface_init;
+                Java_java_net_NetworkInterface_getByName0;
+                Java_java_net_NetworkInterface_getByIndex0;
+                Java_java_net_NetworkInterface_getByInetAddress0;
+                Java_java_net_NetworkInterface_getAll;
+                Java_java_net_NetworkInterface_isUp0;
+                Java_java_net_NetworkInterface_isLoopback0;
+                Java_java_net_NetworkInterface_isP2P0;
+                Java_java_net_NetworkInterface_supportsMulticast0;
+                Java_java_net_NetworkInterface_getMacAddr0;
+                Java_java_net_NetworkInterface_getMTU0;
+                Java_java_net_PlainDatagramSocketImpl_send;
+                Java_java_net_PlainSocketImpl_socketClose0;
+                Java_java_net_SocketOutputStream_init;
+                Java_java_net_PlainDatagramSocketImpl_peek;
+                Java_java_net_PlainDatagramSocketImpl_peekData;
+                Java_java_net_PlainSocketImpl_socketSetOption;
+                Java_java_net_PlainSocketImpl_socketSendUrgentData;
+                Java_java_net_PlainDatagramSocketImpl_datagramSocketCreate;
+                Java_java_net_PlainSocketImpl_socketGetOption;
+                Java_java_net_PlainDatagramSocketImpl_receive0;
+                Java_java_net_PlainDatagramSocketImpl_connect0;
+                Java_java_net_PlainDatagramSocketImpl_disconnect0;
+                Java_java_net_PlainDatagramSocketImpl_datagramSocketClose;
+                Java_java_net_PlainSocketImpl_initProto;
+                Java_java_net_PlainSocketImpl_socketBind;
+                Java_java_net_PlainSocketImpl_socketShutdown;
+                Java_java_net_SocketInputStream_init;
+                Java_java_net_PlainSocketImpl_socketConnect;
+                Java_java_net_PlainDatagramSocketImpl_getTimeToLive;
+                Java_java_net_PlainDatagramSocketImpl_setTimeToLive;
+                Java_sun_net_PortConfig_getLower0;
+                Java_sun_net_PortConfig_getUpper0;
+                Java_sun_net_dns_ResolverConfigurationImpl_localDomain0;
+                Java_sun_net_dns_ResolverConfigurationImpl_fallbackDomain0;
+                Java_sun_net_sdp_SdpSupport_convert0;
+                Java_sun_net_sdp_SdpSupport_create0;
+                Java_sun_net_spi_DefaultProxySelector_init;
+                Java_sun_net_spi_DefaultProxySelector_getSystemProxy;
+                NET_AllocSockaddr;
+                NET_SockaddrToInetAddress;
                 NET_SockaddrEqualsInetAddress;
-		NET_InetAddressToSockaddr;
-		NET_GetPortFromSockaddr;
-		NET_SetSockOpt;
-		NET_GetSockOpt;
-		NET_Bind;
-		NET_MapSocketOption;
-		NET_Wait;
+                NET_InetAddressToSockaddr;
+                NET_GetPortFromSockaddr;
+                NET_SetSockOpt;
+                NET_GetSockOpt;
+                NET_Bind;
+                NET_MapSocketOption;
+                NET_Wait;
                 ipv6_available;
 
-	local:
-		*;
+        local:
+                *;
 };
diff -r bad5e0686160 -r 2906d76a7086 make/jdk_generic_profile.sh
--- a/make/jdk_generic_profile.sh	Tue Jan 14 20:24:45 2014 -0500
+++ b/make/jdk_generic_profile.sh	Tue Jan 28 18:02:26 2014 +0000
@@ -260,6 +260,7 @@
     sparc64) ZERO_LIBARCH=sparcv9   ;;
     arm*)    ZERO_LIBARCH=arm       ;;
     sh*)     ZERO_LIBARCH=sh        ;;
+    ppc64le) ZERO_LIBARCH=ppc64le   ;;
     *)       ZERO_LIBARCH="$(arch)"
   esac
   export ZERO_LIBARCH
@@ -269,7 +270,7 @@
     arm|i386|ppc|s390|sh|sparc)
       ARCH_DATA_MODEL=32
       ;;
-    aarch64|alpha|amd64|ia64|ppc64|s390x|sparcv9)
+    aarch64|alpha|amd64|ia64|ppc64*|s390x|sparcv9)
       ARCH_DATA_MODEL=64
       ;;
     *)
@@ -280,7 +281,7 @@
 
   # ZERO_ENDIANNESS is the endianness of the processor
   case "${ZERO_LIBARCH}" in
-    arm|aarch64|amd64|i386|ia64|mipsel)
+    arm|aarch64|amd64|i386|ia64|mipsel|ppc64le)
       ZERO_ENDIANNESS=little
       ;;
     ppc*|s390*|sparc*|alpha)
@@ -307,7 +308,7 @@
     s390)
       ZERO_ARCHFLAG="-m31"
       ;;
-    arm|aarch64)
+    arm|aarch64|ppc64le)
       ZERO_ARCHFLAG="-D_LITTLE_ENDIAN"
       ;;
     *)
@@ -469,3 +470,7 @@
 export USE_SYSTEM_PNG=true
 export USE_SYSTEM_GIF=true
 export SYSTEM_KRB5=true
+
+# IcedTea default; turn on the ARM32 JIT
+export ARM32JIT=true
+
diff -r bad5e0686160 -r 2906d76a7086 make/sun/javazic/tzdata/VERSION
--- a/make/sun/javazic/tzdata/VERSION	Tue Jan 14 20:24:45 2014 -0500
+++ b/make/sun/javazic/tzdata/VERSION	Tue Jan 28 18:02:26 2014 +0000
@@ -21,4 +21,4 @@
 # or visit www.oracle.com if you need additional information or have any
 # questions.
 #
-tzdata2013d
+tzdata2013h
diff -r bad5e0686160 -r 2906d76a7086 make/sun/javazic/tzdata/africa
--- a/make/sun/javazic/tzdata/africa	Tue Jan 14 20:24:45 2014 -0500
+++ b/make/sun/javazic/tzdata/africa	Tue Jan 28 18:02:26 2014 +0000
@@ -1,22 +1,22 @@
 #
 # DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
-#  
+#
 # This code is free software; you can redistribute it and/or modify it
 # under the terms of the GNU General Public License version 2 only, as
 # published by the Free Software Foundation.  Oracle designates this
 # particular file as subject to the "Classpath" exception as provided
 # by Oracle in the LICENSE file that accompanied this code.
-#  
+#
 # This code is distributed in the hope that it will be useful, but WITHOUT
 # ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
 # FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
 # version 2 for more details (a copy is included in the LICENSE file that
 # accompanied this code).
-#  
+#
 # You should have received a copy of the GNU General Public License version
 # 2 along with this work; if not, write to the Free Software Foundation,
 # Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
-#  
+#
 # Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
 # or visit www.oracle.com if you need additional information or have any
 # questions.
@@ -474,6 +474,14 @@
 # (either two days before them or five days after them, so as to fall on
 # lastFri instead of lastSun).
 
+# From Even Scharning (2013-10-25):
+# The scheduled end of DST in Libya on Friday, October 25, 2013 was
+# cancelled yesterday....
+# http://www.libyaherald.com/2013/10/24/correction-no-time-change-tomorrow/
+#
+# From Paul Eggert (2013-10-25):
+# For now, assume they're reverting to the pre-2012 rules of permanent UTC+2.
+
 # Rule	NAME	FROM	TO	TYPE	IN	ON	AT	SAVE	LETTER/S
 Rule	Libya	1951	only	-	Oct	14	2:00	1:00	S
 Rule	Libya	1952	only	-	Jan	 1	0:00	0	-
@@ -490,19 +498,21 @@
 Rule	Libya	1987	1989	-	Oct	 1	0:00	0	-
 Rule	Libya	1997	only	-	Apr	 4	0:00	1:00	S
 Rule	Libya	1997	only	-	Oct	 4	0:00	0	-
-Rule	Libya	2013	max	-	Mar	lastFri	1:00	1:00	S
-Rule	Libya	2013	max	-	Oct	lastFri	2:00	0	-
+Rule	Libya	2013	only	-	Mar	lastFri	1:00	1:00	S
+Rule	Libya	2013	only	-	Oct	lastFri	2:00	0	-
+
+# The 1996 and 1997 entries are from Shanks & Pottenger;
+# the IATA SSIM data contain some obvious errors.
 # Zone	NAME		GMTOFF	RULES	FORMAT	[UNTIL]
 Zone	Africa/Tripoli	0:52:44 -	LMT	1920
 			1:00	Libya	CE%sT	1959
 			2:00	-	EET	1982
 			1:00	Libya	CE%sT	1990 May  4
-# The 1996 and 1997 entries are from Shanks & Pottenger;
-# the IATA SSIM data contain some obvious errors.
 			2:00	-	EET	1996 Sep 30
 			1:00	Libya	CE%sT	1997 Oct  4
 			2:00	-	EET	2012 Nov 10 2:00
-			1:00	Libya	CE%sT
+			1:00	Libya	CE%sT	2013 Oct 25 2:00
+			2:00	-	EET
 
 # Madagascar
 # Zone	NAME		GMTOFF	RULES	FORMAT	[UNTIL]
@@ -707,15 +717,6 @@
 # http://www.google.com/search?hl=en&q=Conseil+de+gouvernement+maroc+heure+avance&btnG=Search
 # </a>
 
-# From Alex Krivenyshev (2008-05-09):
-# Is Western Sahara (part which administrated by Morocco) going to follow
-# Morocco DST changes?  Any information?  What about other part of
-# Western Sahara - under administration of POLISARIO Front (also named
-# SADR Saharawi Arab Democratic Republic)?
-
-# From Arthur David Olson (2008-05-09):
-# XXX--guess that it is only Morocco for now; guess only 2008 for now.
-
 # From Steffen Thorsen (2008-08-27):
 # Morocco will change the clocks back on the midnight between August 31
 # and September 1. They originally planned to observe DST to near the end
@@ -881,13 +882,23 @@
 # transitions would be 2013-07-07 and 2013-08-10; see:
 # http://www.maroc.ma/en/news/morocco-suspends-daylight-saving-time-july-7-aug10
 
-# From Paul Eggert (2013-07-03):
+# From Steffen Thorsen (2013-09-28):
+# Morocco extends DST by one month, on very short notice, just 1 day
+# before it was going to end.  There is a new decree (2.13.781) for
+# this, where DST from now on goes from last Sunday of March at 02:00
+# to last Sunday of October at 03:00, similar to EU rules.  Official
+# source (French):
+# http://www.maroc.gov.ma/fr/actualites/lhoraire-dete-gmt1-maintenu-jusquau-27-octobre-2013
+# Another source (specifying the time for start and end in the decree):
+# http://www.lemag.ma/Heure-d-ete-au-Maroc-jusqu-au-27-octobre_a75620.html
+
+# From Paul Eggert (2013-10-03):
 # To estimate what the Moroccan government will do in future years,
-# transition dates for 2014 through 2021 were determined by running
+# transition dates for 2014 through 2038 were determined by running
 # the following program under GNU Emacs 24.3:
 #
 # (let ((islamic-year 1435))
-#   (while (< islamic-year 1444)
+#   (while (< islamic-year 1461)
 #     (let ((a
 #	     (calendar-gregorian-from-absolute
 #	      (calendar-islamic-to-absolute (list 9 1 islamic-year))))
@@ -902,13 +913,18 @@
 #	  (car (cdr (cdr b))) (calendar-month-name (car b) t) (car (cdr b)))))
 #     (setq islamic-year (+ 1 islamic-year))))
 #
-# with the results hand-edited for 2020-2022, when the normal spring-forward
-# date falls during the estimated Ramadan.
-#
-# From 2023 through 2038 Ramadan is not predicted to overlap with
-# daylight saving time.  Starting in 2039 there will be overlap again,
-# but 32-bit time_t values roll around in 2038 so for now do not worry
-# about dates after 2038.
+# with spring-forward transitions removed for 2023-2025, when the
+# normal spring-forward date falls during the estimated Ramadan; with
+# all transitions removed for 2026-2035, where the estimated Ramadan
+# falls entirely outside daylight-saving time; and with fall-back
+# transitions removed for 2036-2037, where the normal fall-back
+# date falls during the estimated Ramadan.  Normally, the table would
+# stop after 2037 because 32-bit time_t values roll around early in 2038,
+# but that would imply a prediction of perpetual DST after March 2038
+# due to the year-2037 glitches.  So, this table instead stops after
+# 2038, the first non-glitchy year after the 32-bit rollover.
+# An advantage of stopping after 2038 is that it lets zic guess
+# TZ='WET0WEST,M3.5.0,M10.5.0/3' for time stamps far in the future.
 
 # RULE	NAME	FROM	TO	TYPE	IN	ON	AT	SAVE	LETTER/S
 
@@ -935,12 +951,14 @@
 Rule	Morocco	2010	only	-	Aug	 8	 0:00	0	-
 Rule	Morocco	2011	only	-	Apr	 3	 0:00	1:00	S
 Rule	Morocco	2011	only	-	Jul	 31	 0	0	-
-Rule	Morocco	2012	2019	-	Apr	 lastSun 2:00	1:00	S
-Rule	Morocco	2012	max	-	Sep	 lastSun 3:00	0	-
+Rule	Morocco	2012	2013	-	Apr	 lastSun 2:00	1:00	S
+Rule	Morocco	2012	only	-	Sep	 30	 3:00	0	-
 Rule	Morocco	2012	only	-	Jul	 20	 3:00	0	-
 Rule	Morocco	2012	only	-	Aug	 20	 2:00	1:00	S
 Rule	Morocco	2013	only	-	Jul	  7	 3:00	0	-
 Rule	Morocco	2013	only	-	Aug	 10	 2:00	1:00	S
+Rule	Morocco	2013	2035	-	Oct	 lastSun 3:00	0	-
+Rule	Morocco	2014	2022	-	Mar	 lastSun 2:00	1:00	S
 Rule	Morocco	2014	only	-	Jun	 29	 3:00	0	-
 Rule	Morocco	2014	only	-	Jul	 29	 2:00	1:00	S
 Rule	Morocco	2015	only	-	Jun	 18	 3:00	0	-
@@ -953,20 +971,42 @@
 Rule	Morocco	2018	only	-	Jun	 15	 2:00	1:00	S

From bugzilla-daemon at icedtea.classpath.org  Fri Mar 21 19:40:02 2014
From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org)
Date: Fri, 21 Mar 2014 19:40:02 +0000
Subject: [Bug 1679] [IcedTea7] Allow OpenJDK to build on PaX-enabled kernels
In-Reply-To: <bug-1679-30@http.icedtea.classpath.org/bugzilla/>
References: <bug-1679-30@http.icedtea.classpath.org/bugzilla/>
Message-ID: <bug-1679-30-K1Pm7NlCVP@http.icedtea.classpath.org/bugzilla/>

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1679

--- Comment #11 from hg commits <mercurial at icedtea.classpath.org> ---
details:
http://icedtea.classpath.org//hg/release/icedtea7-forest-2.3/jdk?cmd=changeset;node=15090e20b767
author: andrew
date: Wed Feb 19 21:08:02 2014 +0000

    PR1679: Allow OpenJDK to build on PaX-enabled kernels

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140321/fb5f4fa9/attachment.html>

From bugzilla-daemon at icedtea.classpath.org  Fri Mar 21 19:40:08 2014
From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org)
Date: Fri, 21 Mar 2014 19:40:08 +0000
Subject: [Bug 1653] [IcedTea7] Support ppc64le via Zero
In-Reply-To: <bug-1653-30@http.icedtea.classpath.org/bugzilla/>
References: <bug-1653-30@http.icedtea.classpath.org/bugzilla/>
Message-ID: <bug-1653-30-C9PjDxqIA7@http.icedtea.classpath.org/bugzilla/>

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1653

--- Comment #12 from hg commits <mercurial at icedtea.classpath.org> ---
details:
http://icedtea.classpath.org//hg/release/icedtea7-forest-2.3/jdk?cmd=changeset;node=610f6895ab64
author: andrew
date: Thu Jan 23 22:41:14 2014 +0000

    PR1653: Support ppc64le via Zero

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140321/fff4e212/attachment.html>

From bugzilla-daemon at icedtea.classpath.org  Fri Mar 21 19:40:13 2014
From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org)
Date: Fri, 21 Mar 2014 19:40:13 +0000
Subject: [Bug 1654] [IcedTea7] ppc32 needs a larger ThreadStackSize to build
In-Reply-To: <bug-1654-30@http.icedtea.classpath.org/bugzilla/>
References: <bug-1654-30@http.icedtea.classpath.org/bugzilla/>
Message-ID: <bug-1654-30-IkMViNeXZ3@http.icedtea.classpath.org/bugzilla/>

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1654

--- Comment #9 from hg commits <mercurial at icedtea.classpath.org> ---
details:
http://icedtea.classpath.org//hg/release/icedtea7-forest-2.3/jdk?cmd=changeset;node=8fcf23c12a55
author: andrew
date: Thu Jan 23 23:19:20 2014 +0000

    PR1654: ppc32 needs a larger ThreadStackSize to build

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140321/2f37f5df/attachment.html>

From andrew at icedtea.classpath.org  Fri Mar 21 21:18:35 2014
From: andrew at icedtea.classpath.org (andrew at icedtea.classpath.org)
Date: Fri, 21 Mar 2014 21:18:35 +0000
Subject: /hg/release/icedtea7-forest-2.3/hotspot: 4 new changesets
Message-ID: <hg.79284ed240e2.1395436715.4308599361692689988@icedtea.classpath.org>

changeset 79284ed240e2 in /hg/release/icedtea7-forest-2.3/hotspot
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/hotspot?cmd=changeset;node=79284ed240e2
author: andrew
date: Thu Dec 26 19:52:09 2013 +0000

	Add Shark definitions from 8003868


changeset 2fbc5b8d63b3 in /hg/release/icedtea7-forest-2.3/hotspot
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/hotspot?cmd=changeset;node=2fbc5b8d63b3
author: andrew
date: Thu Dec 26 19:52:45 2013 +0000

	Drop compile_method argument removed in 7083786 from sharkCompiler.cpp


changeset 71fc00fc11be in /hg/release/icedtea7-forest-2.3/hotspot
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/hotspot?cmd=changeset;node=71fc00fc11be
author: simonis
date: Mon Mar 17 13:40:34 2014 +0000

	Re-enable the 'gamma' test at the end of the HotSpot build, but only for HotSpot based bootstrap JDKs.

	The 'gamma' launcher only works with HotSpot based bootstrap JDKs because it uses the freshly build libjvm.so in the context and together with the class library of the boot JDK which was used to build it. This combination will not work for other JDKs.


changeset 9747f83d7a38 in /hg/release/icedtea7-forest-2.3/hotspot
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/hotspot?cmd=changeset;node=9747f83d7a38
author: aph
date: Fri Mar 21 20:57:28 2014 +0000

	Replace literal offsets for METHOD_SIZEOFPARAMETERS and ISTATE_NEXT_FRAME with correct symbolic names.
	Fix trace code not to dereference null pointers.
	Correct Helper_aputfield and helper_aastore not to use static _byte_map_base.
	Comment-out calls to TRACE.
	Make sure that ISTATE_METHOD and ISTATE_SELF_LINK are set even when JITting fails.


diffstat:

 make/linux/makefiles/buildtree.make  |  12 ++++++++++++
 src/cpu/zero/vm/asm_helper.cpp       |  12 +++---------
 src/cpu/zero/vm/cppInterpreter_arm.S |  19 +++++++++++--------
 src/share/vm/shark/sharkCompiler.cpp |   1 -
 src/share/vm/shark/shark_globals.hpp |  10 ++++++++++
 5 files changed, 36 insertions(+), 18 deletions(-)

diffs (181 lines):

diff -r 383082077d46 -r 9747f83d7a38 make/linux/makefiles/buildtree.make
--- a/make/linux/makefiles/buildtree.make	Fri Jan 31 21:14:06 2014 +0000
+++ b/make/linux/makefiles/buildtree.make	Fri Mar 21 20:57:28 2014 +0000
@@ -384,6 +384,7 @@
 DATA_MODE/sparcv9 = 64
 DATA_MODE/amd64   = 64
 DATA_MODE/ia64    = 64
+DATA_MODE/ppc64   = 64
 DATA_MODE/zero    = $(ARCH_DATA_MODEL)
 
 JAVA_FLAG/32 = -d32
@@ -392,6 +393,9 @@
 WRONG_DATA_MODE_MSG = \
 	echo "JAVA_HOME must point to a $(DATA_MODE)-bit OpenJDK."
 
+WRONG_JDK_MSG = \
+	echo "JAVA_HOME must point to a HotSpot based JDK \\\(genuine Sun/Oracle or OpenJDK\\\)."
+
 CROSS_COMPILING_MSG = \
 	echo "Cross compiling for ARCH $(CROSS_COMPILE_ARCH), skipping gamma run."
 
@@ -428,6 +432,14 @@
 	echo "  exit 0"; \
 	echo "fi"; \
 	echo ""; \
+	echo "# 'gamma' only runs with HotSpot based JDKs (genuine Sun/Oracle or OpenJDK)"; \
+	echo ""; \
+	echo "\$${JAVA_HOME}/bin/java $(JAVA_FLAG) -version 2>&1 | grep -E 'OpenJDK|HotSpot' > /dev/null"; \
+	echo "if [ \$$? -ne 0 ]; then "; \
+	echo "  $(WRONG_JDK_MSG)"; \
+	echo "  exit 0"; \
+	echo "fi"; \
+	echo ""; \
 	echo "# Use gamma_g if it exists"; \
 	echo ""; \
 	echo "GAMMA_PROG=gamma"; \
diff -r 383082077d46 -r 9747f83d7a38 src/cpu/zero/vm/asm_helper.cpp
--- a/src/cpu/zero/vm/asm_helper.cpp	Fri Jan 31 21:14:06 2014 +0000
+++ b/src/cpu/zero/vm/asm_helper.cpp	Fri Mar 21 20:57:28 2014 +0000
@@ -360,22 +360,16 @@
 	  goto handle_exception;
 	}
       }
-      oop* elem_loc = (oop*)(((address) arrayref->base(T_OBJECT)) + index * sizeof(oop));
-      // *(oop*)(((address) arrayref->base(T_OBJECT)) + index * sizeof(oop)) = value;
-      *elem_loc = value;
-      // Mark the card
-      BarrierSet* bs = Universe::heap()->barrier_set();
-      static volatile jbyte* _byte_map_base = (volatile jbyte*)(((CardTableModRefBS*)bs)->byte_map_base);
-      OrderAccess::release_store(&_byte_map_base[(uintptr_t)elem_loc >> CardTableModRefBS::card_shift], 0);
+      ((objArrayOopDesc *) arrayref)->obj_at_put(index, value);
     }
 handle_exception:
     return istate->thread()->pending_exception();
 }
 
-extern "C" void Helper_aputfield(oop obj)
+extern "C" void Helper_aputfield(oop obj, oop val, int offset)
 {
       BarrierSet* bs = Universe::heap()->barrier_set();
-      static volatile jbyte* _byte_map_base = (volatile jbyte*)(((CardTableModRefBS*)bs)->byte_map_base);
+      jbyte* _byte_map_base = (((CardTableModRefBS*)bs)->byte_map_base);
       OrderAccess::release_store(&_byte_map_base[(uintptr_t)obj >> CardTableModRefBS::card_shift], 0);
 }
 
diff -r 383082077d46 -r 9747f83d7a38 src/cpu/zero/vm/cppInterpreter_arm.S
--- a/src/cpu/zero/vm/cppInterpreter_arm.S	Fri Jan 31 21:14:06 2014 +0000
+++ b/src/cpu/zero/vm/cppInterpreter_arm.S	Fri Mar 21 20:57:28 2014 +0000
@@ -526,10 +526,13 @@
 	mrs	r4, cpsr
 	mov	r0, jpc
 	ldr	r1, [thread, #THREAD_TOP_ZERO_FRAME]
+        cmp        r1, #0
 	sub	r1, r1, #ISTATE_NEXT_FRAME
+        beq        0f
+        DECACHE_JPC
 	ldr	r2, =my_trace
 	blx	r2
-	msr	cpsr, r4
+0:        msr        cpsr, r4
 	ldmfd	sp!, {r0, r1, r2, r3, r4, lr, ip}	
 	.endm
 	
@@ -861,7 +864,7 @@
 
 	SLOW_ENTRY
 empty_entry:
-	ldrh	r3, [r0, #42]
+        ldrh        r3, [r0, #METHOD_SIZEOFPARAMETERS]
 	ldr	r1, [r2, #THREAD_JAVA_SP]
 	add	r1, r1, r3, lsl #2
 	str	r1, [r2, #THREAD_JAVA_SP]
@@ -870,7 +873,7 @@
 
 	FAST_ENTRY
 fast_empty_entry:
-	ldrh	r3, [r0, #42]
+        ldrh        r3, [r0, #METHOD_SIZEOFPARAMETERS]
 	ldr	r1, [thread, #THREAD_JAVA_SP]
 	add	r1, r1, r3, lsl #2
 	str	r1, [thread, #THREAD_JAVA_SP]
@@ -1072,7 +1075,7 @@
 
 	ldr	r1, [thread, #THREAD_STACK_SIZE]
 	ldr	r3, [thread, #THREAD_STACK_BASE]
-	add	r0, r9, #72
+        add        r0, r9, #ISTATE_NEXT_FRAME
 
 	rsb	r3, r1, r3
 	rsb	r3, r3, arm_sp
@@ -1095,7 +1098,7 @@
 	str	r5, [thread, #THREAD_LAST_JAVA_FP]
 	ldr	r5, [thread, #THREAD_JAVA_SP]
 	str	r5, [thread, #THREAD_LAST_JAVA_SP]
-	ldr	r11, [r11, #-72 + ISTATE_METHOD]
+        ldr        r11, [r11, #-ISTATE_NEXT_FRAME + ISTATE_METHOD]
 	cmp	r1, #0
 	bne	.fast_native_entry_exception
 	ldr	r5, [r11, #METHOD_SIGNATUREHANDLER]
@@ -1118,7 +1121,7 @@
 	ldr	r11, [thread, #THREAD_TOP_ZERO_FRAME]
 	ldr	r1, [thread, #THREAD_PENDING_EXC]
 	mov	r3, #0
-	ldr	r11, [r11, #-72 + ISTATE_METHOD]
+        ldr        r11, [r11, #-ISTATE_NEXT_FRAME + ISTATE_METHOD]
 	cmp	r1, #0
 	str	r3, [thread, #THREAD_LAST_JAVA_SP]
 	str	r3, [thread, #THREAD_LAST_JAVA_FP]
@@ -3340,12 +3343,12 @@
 	str	locals, [istate, #ISTATE_LOCALS]
   USEC	cmp	r3, lr
 	str	constpool, [istate, #ISTATE_CONSTANTS]
+        str        tmp1, [istate, #ISTATE_METHOD]
+        str        istate, [istate, #ISTATE_SELF_LINK]
   USEC	bcs	method_entry_freq_count_overflow
 	DISPATCH_NEXT
 	DISPATCH_NEXT
 	DISPATCH_NEXT
-	str	tmp1, [istate, #ISTATE_METHOD]
- 	str	istate, [istate, #ISTATE_SELF_LINK]
 @	mov	lr, #0
 @        str     lr, [istate, #ISTATE_PREV_LINK]
 @	str	lr, [istate, #ISTATE_CALLEE]
diff -r 383082077d46 -r 9747f83d7a38 src/share/vm/shark/sharkCompiler.cpp
--- a/src/share/vm/shark/sharkCompiler.cpp	Fri Jan 31 21:14:06 2014 +0000
+++ b/src/share/vm/shark/sharkCompiler.cpp	Fri Mar 21 20:57:28 2014 +0000
@@ -212,7 +212,6 @@
                        &inc_table,
                        this,
                        env->comp_level(),
-                       false,
                        false);
 }
 
diff -r 383082077d46 -r 9747f83d7a38 src/share/vm/shark/shark_globals.hpp
--- a/src/share/vm/shark/shark_globals.hpp	Fri Jan 31 21:14:06 2014 +0000
+++ b/src/share/vm/shark/shark_globals.hpp	Fri Mar 21 20:57:28 2014 +0000
@@ -40,6 +40,12 @@
   product(intx, SharkMaxInlineSize, 32,                                       \
           "Maximum bytecode size of methods to inline when using Shark")      \
                                                                               \
+  product(bool, EliminateNestedLocks, true,                                   \
+          "Eliminate nested locks of the same object when possible")          \
+                                                                              \
+  product(ccstr, SharkOptimizationLevel, "Default",                           \
+          "The optimization level passed to LLVM, possible values: None, Less, Default and Agressive") \
+                                                                              \
   /* compiler debugging */                                                    \
   develop(ccstr, SharkPrintTypeflowOf, NULL,                                  \
           "Print the typeflow of the specified method")                       \
@@ -58,6 +64,10 @@
                                                                               \
   diagnostic(bool, SharkPerformanceWarnings, false,                           \
           "Warn about things that could be made faster")                      \
+                                                                              \
+  develop(ccstr, SharkVerifyFunction, NULL,                                   \
+          "Runs LLVM verify over LLVM IR")                                    \
+
 
 SHARK_FLAGS(DECLARE_DEVELOPER_FLAG, DECLARE_PD_DEVELOPER_FLAG, DECLARE_PRODUCT_FLAG, DECLARE_PD_PRODUCT_FLAG, DECLARE_DIAGNOSTIC_FLAG, DECLARE_NOTPRODUCT_FLAG)
 

From bugzilla-daemon at icedtea.classpath.org  Sat Mar 22 17:24:56 2014
From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org)
Date: Sat, 22 Mar 2014 17:24:56 +0000
Subject: [Bug 1719] A fatal error has been detected by the Java Runtime
	Environment
In-Reply-To: <bug-1719-30@http.icedtea.classpath.org/bugzilla/>
References: <bug-1719-30@http.icedtea.classpath.org/bugzilla/>
Message-ID: <bug-1719-30-SlHBekUSXi@http.icedtea.classpath.org/bugzilla/>

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1719

cycliste_urbain at yahoo.fr changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |cycliste_urbain at yahoo.fr

--- Comment #1 from cycliste_urbain at yahoo.fr ---
I also detect this bug ( explained in French here:
https://www.alionet.org/showthread.php?30778-Crash-de-LibreOffice-sous-KDE-lors-de-la-sauvegarde-d-un-fichier
)

I resume the various data from this french forum:
- Java options in LibreOffice are : Oracle Corporation 1.7.0_51
(/usr/lib64/jvm/java-1.7.0-openjdk-1.7.0/jre). Other options are not checked.
- LibreOffice : 4.1.5.3 Build ID : 410m (Build:3)
- KDE : 4.11.5
- openSUSE : 13.1 x86-64

The bug disappears if I select the option "Use dialog box in LibreOffice"
(translation from what I see in French: "Utiliser les bo?tes de dialogue de
LibreOffice") from the menu Tools -> Options -> General

If this option is not selected and I run the command from a terminal:
OOO_FORCE_DESKTOP=kde4 libreoffice
I see these two messages just when the dialog box to save the file pops up:
Object::connect: No such signal
org::freedesktop::UPower::DeviceAdded(QDBusObjectPath)
Object::connect: No such signal
org::freedesktop::UPower::DeviceRemoved(QDBusObjectPath)

When the option is selected, running the same command from a terminal and
saving a file does not show the two messages.


Finally, the bug is not seen under XFCE.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140322/6d687af0/attachment-0001.html>

From bugzilla-daemon at icedtea.classpath.org  Sat Mar 22 18:02:12 2014
From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org)
Date: Sat, 22 Mar 2014 18:02:12 +0000
Subject: [Bug 1719] A fatal error has been detected by the Java Runtime
	Environment
In-Reply-To: <bug-1719-30@http.icedtea.classpath.org/bugzilla/>
References: <bug-1719-30@http.icedtea.classpath.org/bugzilla/>
Message-ID: <bug-1719-30-uIlReWSVR4@http.icedtea.classpath.org/bugzilla/>

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1719

--- Comment #2 from cycliste_urbain at yahoo.fr ---
More precisions:

If I select the option "Use dialog box in LibreOffice" (translation from what I
see in French: "Utiliser les bo?tes de dialogue de LibreOffice") from the menu
Tools -> Options -> General and I run the command from a terminal:
OOO_FORCE_DESKTOP=gnome libreoffice, the dialog box pops up when saving a file
and all is fine.

If the option is not selected and I run the same command, the bug appears when
trying to save a file.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140322/45e7cf4d/attachment.html>

From bugzilla-daemon at icedtea.classpath.org  Sun Mar 23 12:37:51 2014
From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org)
Date: Sun, 23 Mar 2014 12:37:51 +0000
Subject: [Bug 1721] New: Error reported on applet cancellation
Message-ID: <bug-1721-30@http.icedtea.classpath.org/bugzilla/>

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1721

            Bug ID: 1721
           Summary: Error reported on applet cancellation
           Product: IcedTea-Web
           Version: 1.4
          Hardware: x86
                OS: Linux
            Status: NEW
          Severity: enhancement
          Priority: P5
         Component: Plugin
          Assignee: dbhole at redhat.com
          Reporter: jpsinthemix at verizon.net
                CC: unassigned at icedtea.classpath.org

Created attachment 1057
  --> http://icedtea.classpath.org/bugzilla/attachment.cgi?id=1057&action=edit
gui traceback, followed by plugin.log, followed by java.stderr

Hi,
If I run the oracle 'test' applet at
https://www.java.com/en/download/installed.jsp, I get a Security Approval
Required popup giving me the choice to run or cancel the applet. If I click on
'run' all is OK; but, if I click on 'cancel' or simply close the popup I get an
Error shown (and from the command line, a java traceback). It seems strange
that I should get an applet initialization error in this case since I have
simply cancelled running it. I have attached a log from

ICEDTEAPLUGIN_DEBUG=true firefox 2>&1 | tee  plugin.log

plus ~/.icedtea/log/java.stderr (~/.icedtea/log/java.stdout is empty), and also
the traceback from the gui. The logs are combined into one attached file,
marked as follows:

 ==== gui.traceback:
..
 ==== plugin.log:
.. 
==== java.stderr:
 ..

This problem occurs with icedtea-web versions 1.4.2, 1.4.3pre and 1.5pre. 
Note that I'm using openjdk-1.8.0, as well.

This is probably related to an old/unresolved bug 1515

thanks much for your time,
John

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140323/a811a98e/attachment.html>

From joachim.geiger at ipp.mpg.de  Mon Mar 24 08:26:43 2014
From: joachim.geiger at ipp.mpg.de (Joachim Geiger)
Date: Mon, 24 Mar 2014 08:26:43 +0000 (UTC)
Subject: [Bug 1719] A fatal error has been detected by the Java
	=?utf-8?b?UnVudGltZQlFbnZpcm9ubWVudA==?=
References: <bug-1719-30@http.icedtea.classpath.org/bugzilla/>
	<bug-1719-30-uIlReWSVR4@http.icedtea.classpath.org/bugzilla/>
Message-ID: <loom.20140324T092014-914@post.gmane.org>

 <bugzilla-daemon at ...> writes:
> 
> 
>       
>         
> 
>             <a class="bz_bug_link 
>           bz_status_NEW " title="NEW - A fatal error has been detected by
the Java Runtime Environment"
href="http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1719#c2">Comment # 2
>               on <a class="bz_bug_link 
>           bz_status_NEW " title="NEW - A fatal error has been detected by
the Java Runtime Environment"
href="http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1719">bug 1719
>               from cycliste_urbain <at> yahoo.fr
> 
>         More precisions:
> 
> If I select the option "Use dialog box in LibreOffice" (translation from
what I
> see in French: "Utiliser les bo?tes de dialogue de LibreOffice") from the menu
> Tools -> Options -> General and I run the command from a terminal:
> OOO_FORCE_DESKTOP=gnome libreoffice, the dialog box pops up when saving a file
> and all is fine.
> 
> If the option is not selected and I run the same command, the bug appears when
> trying to save a file.
>         
>       
>       You are receiving this mail because:
>       
>       
> You are on the CC list for the bug.
>       
> 
Hi,
I can confirm the behavior as well as the remedy (check the box "Use
libreoffic Dialogs" in Tools > Options > General - translation french to
english: "de" means "of"). I am using opensuse 13.1 and encountered the
problem also with kde and with lxde. Didn't check with xfce.
I am grateful to have a workaround and have libreoffice running again!.
Best regards,
Joachim




From ptisnovs at icedtea.classpath.org  Mon Mar 24 10:05:39 2014
From: ptisnovs at icedtea.classpath.org (ptisnovs at icedtea.classpath.org)
Date: Mon, 24 Mar 2014 10:05:39 +0000
Subject: /hg/gfx-test: Ten new tests added into CAGOperationsOnTwoTouchin...
Message-ID: <hg.6c229eda647a.1395655539.-6248649288953172555@icedtea.classpath.org>

changeset 6c229eda647a in /hg/gfx-test
details: http://icedtea.classpath.org/hg/gfx-test?cmd=changeset;node=6c229eda647a
author: Pavel Tisnovsky <ptisnovs at redhat.com>
date: Mon Mar 24 11:06:19 2014 +0100

	Ten new tests added into CAGOperationsOnTwoTouchingCircles.


diffstat:

 ChangeLog                                                         |    5 +
 src/org/gfxtest/testsuites/CAGOperationsOnTwoTouchingCircles.java |  250 ++++++++++
 2 files changed, 255 insertions(+), 0 deletions(-)

diffs (272 lines):

diff -r 842891bb6f30 -r 6c229eda647a ChangeLog
--- a/ChangeLog	Fri Mar 21 11:21:55 2014 +0100
+++ b/ChangeLog	Mon Mar 24 11:06:19 2014 +0100
@@ -1,3 +1,8 @@
+2014-03-24  Pavel Tisnovsky  <ptisnovs at redhat.com>
+
+	* src/org/gfxtest/testsuites/CAGOperationsOnTwoTouchingCircles.java:
+	Ten new tests added into CAGOperationsOnTwoTouchingCircles.
+
 2014-03-21  Pavel Tisnovsky  <ptisnovs at redhat.com>
 
 	* src/org/gfxtest/testsuites/BitBltMirrorImage.java:
diff -r 842891bb6f30 -r 6c229eda647a src/org/gfxtest/testsuites/CAGOperationsOnTwoTouchingCircles.java
--- a/src/org/gfxtest/testsuites/CAGOperationsOnTwoTouchingCircles.java	Fri Mar 21 11:21:55 2014 +0100
+++ b/src/org/gfxtest/testsuites/CAGOperationsOnTwoTouchingCircles.java	Mon Mar 24 11:06:19 2014 +0100
@@ -1732,6 +1732,256 @@
         return TestResult.PASSED;
     }
 
+    /**
+     * Checks the process of creating and rendering new geometric shape
+     * constructed from two touching circles using inverse subtract operator. The shape is rendered
+     * using texture paint (fill).
+     * 
+     * @param image
+     *            image to which area is to be drawn
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testInverseSubtractTextureFillUsingHorizontalStripesTexture(TestImage image, Graphics2D graphics2d)
+    {
+        // set stroke color
+        CommonRenderingStyles.setStrokeColor(graphics2d);
+        // set fill color
+        CommonRenderingStyles.setTextureFillUsingHorizontalStripesTexture(image, graphics2d);
+        // create area using inverse subtract operator
+        Area area = CommonCAGOperations.createAreaFromTwoTouchingCirclesUsingInverseSubtractOperator(image);
+        // draw the area
+        graphics2d.fill(area);
+        // test result
+        return TestResult.PASSED;
+    }
+
+    /**
+     * Checks the process of creating and rendering new geometric shape
+     * constructed from two touching circles using Intersect operator. The shape is rendered
+     * using texture paint (fill).
+     * 
+     * @param image
+     *            image to which area is to be drawn
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testIntersectTextureFillUsingHorizontalStripesTexture(TestImage image, Graphics2D graphics2d)
+    {
+        // set stroke color
+        CommonRenderingStyles.setStrokeColor(graphics2d);
+        // set fill color
+        CommonRenderingStyles.setTextureFillUsingHorizontalStripesTexture(image, graphics2d);
+        // create area using Intersect operator
+        Area area = CommonCAGOperations.createAreaFromTwoTouchingCirclesUsingIntersectOperator(image);
+        // draw the area
+        graphics2d.fill(area);
+        // test result
+        return TestResult.PASSED;
+    }
+
+    /**
+     * Checks the process of creating and rendering new geometric shape
+     * constructed from two touching circles using Xor operator. The shape is rendered
+     * using texture paint (fill).
+     * 
+     * @param image
+     *            image to which area is to be drawn
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testXorTextureFillUsingHorizontalStripesTexture(TestImage image, Graphics2D graphics2d)
+    {
+        // set stroke color
+        CommonRenderingStyles.setStrokeColor(graphics2d);
+        // set fill color
+        CommonRenderingStyles.setTextureFillUsingHorizontalStripesTexture(image, graphics2d);
+        // create area using Xor operator
+        Area area = CommonCAGOperations.createAreaFromTwoTouchingCirclesUsingXorOperator(image);
+        // draw the area
+        graphics2d.fill(area);
+        // test result
+        return TestResult.PASSED;
+    }
+
+    /**
+     * Checks the process of creating and rendering new geometric shape
+     * constructed from two touching circles using union operator. The shape is rendered
+     * using texture paint (fill).
+     * 
+     * @param image
+     *            image to which area is to be drawn
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testUnionTextureFillUsingVerticalStripesTexture(TestImage image, Graphics2D graphics2d)
+    {
+        // set stroke color
+        CommonRenderingStyles.setStrokeColor(graphics2d);
+        // set fill color
+        CommonRenderingStyles.setTextureFillUsingVerticalStripesTexture(image, graphics2d);
+        // create area using union operator
+        Area area = CommonCAGOperations.createAreaFromTwoTouchingCirclesUsingUnionOperator(image);
+        // draw the area
+        graphics2d.fill(area);
+        // test result
+        return TestResult.PASSED;
+    }
+
+    /**
+     * Checks the process of creating and rendering new geometric shape
+     * constructed from two touching circles using subtract operator. The shape is rendered
+     * using texture paint (fill).
+     * 
+     * @param image
+     *            image to which area is to be drawn
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testSubtractTextureFillUsingVerticalStripesTexture(TestImage image, Graphics2D graphics2d)
+    {
+        // set stroke color
+        CommonRenderingStyles.setStrokeColor(graphics2d);
+        // set fill color
+        CommonRenderingStyles.setTextureFillUsingVerticalStripesTexture(image, graphics2d);
+        // create area using subtract operator
+        Area area = CommonCAGOperations.createAreaFromTwoTouchingCirclesUsingSubtractOperator(image);
+        // draw the area
+        graphics2d.fill(area);
+        // test result
+        return TestResult.PASSED;
+    }
+
+    /**
+     * Checks the process of creating and rendering new geometric shape
+     * constructed from two touching circles using inverse subtract operator. The shape is rendered
+     * using texture paint (fill).
+     * 
+     * @param image
+     *            image to which area is to be drawn
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testInverseSubtractTextureFillUsingVerticalStripesTexture(TestImage image, Graphics2D graphics2d)
+    {
+        // set stroke color
+        CommonRenderingStyles.setStrokeColor(graphics2d);
+        // set fill color
+        CommonRenderingStyles.setTextureFillUsingVerticalStripesTexture(image, graphics2d);
+        // create area using inverse subtract operator
+        Area area = CommonCAGOperations.createAreaFromTwoTouchingCirclesUsingInverseSubtractOperator(image);
+        // draw the area
+        graphics2d.fill(area);
+        // test result
+        return TestResult.PASSED;
+    }
+
+    /**
+     * Checks the process of creating and rendering new geometric shape
+     * constructed from two touching circles using Intersect operator. The shape is rendered
+     * using texture paint (fill).
+     * 
+     * @param image
+     *            image to which area is to be drawn
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testIntersectTextureFillUsingVerticalStripesTexture(TestImage image, Graphics2D graphics2d)
+    {
+        // set stroke color
+        CommonRenderingStyles.setStrokeColor(graphics2d);
+        // set fill color
+        CommonRenderingStyles.setTextureFillUsingVerticalStripesTexture(image, graphics2d);
+        // create area using Intersect operator
+        Area area = CommonCAGOperations.createAreaFromTwoTouchingCirclesUsingIntersectOperator(image);
+        // draw the area
+        graphics2d.fill(area);
+        // test result
+        return TestResult.PASSED;
+    }
+
+    /**
+     * Checks the process of creating and rendering new geometric shape
+     * constructed from two touching circles using Xor operator. The shape is rendered
+     * using texture paint (fill).
+     * 
+     * @param image
+     *            image to which area is to be drawn
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testXorTextureFillUsingVerticalStripesTexture(TestImage image, Graphics2D graphics2d)
+    {
+        // set stroke color
+        CommonRenderingStyles.setStrokeColor(graphics2d);
+        // set fill color
+        CommonRenderingStyles.setTextureFillUsingVerticalStripesTexture(image, graphics2d);
+        // create area using Xor operator
+        Area area = CommonCAGOperations.createAreaFromTwoTouchingCirclesUsingXorOperator(image);
+        // draw the area
+        graphics2d.fill(area);
+        // test result
+        return TestResult.PASSED;
+    }
+
+    /**
+     * Checks the process of creating and rendering new geometric shape
+     * constructed from two touching circles using union operator. The shape is rendered
+     * using texture paint (fill).
+     * 
+     * @param image
+     *            image to which area is to be drawn
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testUnionTextureFillUsingHorizontalColorStripesTexture(TestImage image, Graphics2D graphics2d)
+    {
+        // set stroke color
+        CommonRenderingStyles.setStrokeColor(graphics2d);
+        // set fill color
+        CommonRenderingStyles.setTextureFillUsingHorizontalColorStripesTexture(image, graphics2d);
+        // create area using union operator
+        Area area = CommonCAGOperations.createAreaFromTwoTouchingCirclesUsingUnionOperator(image);
+        // draw the area
+        graphics2d.fill(area);
+        // test result
+        return TestResult.PASSED;
+    }
+
+    /**
+     * Checks the process of creating and rendering new geometric shape
+     * constructed from two touching circles using subtract operator. The shape is rendered
+     * using texture paint (fill).
+     * 
+     * @param image
+     *            image to which area is to be drawn
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testSubtractTextureFillUsingHorizontalColorStripesTexture(TestImage image, Graphics2D graphics2d)
+    {
+        // set stroke color
+        CommonRenderingStyles.setStrokeColor(graphics2d);
+        // set fill color
+        CommonRenderingStyles.setTextureFillUsingHorizontalColorStripesTexture(image, graphics2d);
+        // create area using subtract operator
+        Area area = CommonCAGOperations.createAreaFromTwoTouchingCirclesUsingSubtractOperator(image);
+        // draw the area
+        graphics2d.fill(area);
+        // test result
+        return TestResult.PASSED;
+    }
+
         // create area using union operator
         Area area = CommonCAGOperations.createAreaFromTwoTouchingCirclesUsingUnionOperator(image);
         // draw the area

From ptisnovs at icedtea.classpath.org  Mon Mar 24 10:12:26 2014
From: ptisnovs at icedtea.classpath.org (ptisnovs at icedtea.classpath.org)
Date: Mon, 24 Mar 2014 10:12:26 +0000
Subject: /hg/rhino-tests: Two new tests added into ScriptExceptionClassTest.
Message-ID: <hg.a925ed2c4086.1395655946.-6019694633368342460@icedtea.classpath.org>

changeset a925ed2c4086 in /hg/rhino-tests
details: http://icedtea.classpath.org/hg/rhino-tests?cmd=changeset;node=a925ed2c4086
author: Pavel Tisnovsky <ptisnovs at redhat.com>
date: Mon Mar 24 11:13:09 2014 +0100

	Two new tests added into ScriptExceptionClassTest.


diffstat:

 ChangeLog                                        |   5 +++++
 src/org/RhinoTests/ScriptExceptionClassTest.java |  19 +++++++++++++++++++
 2 files changed, 24 insertions(+), 0 deletions(-)

diffs (41 lines):

diff -r c4c9da65a928 -r a925ed2c4086 ChangeLog
--- a/ChangeLog	Fri Mar 21 11:42:16 2014 +0100
+++ b/ChangeLog	Mon Mar 24 11:13:09 2014 +0100
@@ -1,3 +1,8 @@
+2014-03-24  Pavel Tisnovsky  <ptisnovs at redhat.com>
+
+	* src/org/RhinoTests/ScriptExceptionClassTest.java:
+	Two new tests added into ScriptExceptionClassTest.
+
 2014-03-21  Pavel Tisnovsky  <ptisnovs at redhat.com>
 
 	* src/org/RhinoTests/ScriptEngineClassTest.java:
diff -r c4c9da65a928 -r a925ed2c4086 src/org/RhinoTests/ScriptExceptionClassTest.java
--- a/src/org/RhinoTests/ScriptExceptionClassTest.java	Fri Mar 21 11:42:16 2014 +0100
+++ b/src/org/RhinoTests/ScriptExceptionClassTest.java	Mon Mar 24 11:13:09 2014 +0100
@@ -2145,6 +2145,25 @@
         stream = this.scriptExceptionClass.getResourceAsStream("/org/RhinoTests/SimpleScriptContextTest.class");
         assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/SimpleScriptContextTest.class\") returns null");
     }
+
+    /**
+     * Test for method javax.script.ScriptException.getClass().getResourceAsStreamPositiveTest()
+     */
+    protected void testGetResourceAsStreamPositiveTest() {
+        Object stream;
+        stream = this.scriptExceptionClass.getResourceAsStream("/org/RhinoTests/AbstractScriptEngineClassTest.class");
+        assertNotNull(stream, "getResourceAsStream(\"/org/RhinoTests/AbstractScriptEngineClassTest.class\") returns null");
+    }
+
+    /**
+     * Test for method javax.script.ScriptException.getClass().toString()
+     */
+    protected void testToString() {
+        String asString;
+        asString = this.scriptExceptionClass.toString();
+        assertEquals("class javax.script.ScriptException", asString, "wrong toString() return value");
+    }
+
     /**
      * Test for instanceof operator applied to a class javax.script.ScriptException
      */

From jvanek at redhat.com  Mon Mar 24 10:34:27 2014
From: jvanek at redhat.com (Jiri Vanek)
Date: Mon, 24 Mar 2014 11:34:27 +0100
Subject: [rfc][icedtea-web] Reprint of application logs to console
In-Reply-To: <20140321155752.GE6449@redhat.com>
References: <532C5F65.8080709@redhat.com> <20140321155752.GE6449@redhat.com>
Message-ID: <53300A33.2010801@redhat.com>

On 03/21/2014 04:57 PM, Omair Majid wrote:
> Hi
>
> I haven't reviewed the patch, but just wanted to comment on something.
>
> * Jiri Vanek <jvanek at redhat.com> [2014-03-21 11:51]:
>> If application is calling system.out/err.print(ln) for some kind of
>> debugging, then it is *maybe* good to show it in our debug console.
>> With its powerful features it may be usefull debugging tool for
>> developers.
>
> I would replace 'maybe' with 'definitely'.

Thanx for support!
>
>> tbh, I'm not sure if this is wonted feature, but I somehow think it
>> should be there. I also think previous console did it. So should
>> new.  And ...  it really looks cool :)
>
> I think this is definitely worth having. And yes, I implemented this in
> the older console. The console that is part of the proprietary plugin
> does this too.
>
  In this case I would like to push it to head asap, as the code is perfect as usually, can I 
consider it as "ok for head" ? :)


J.


From jvanek at redhat.com  Mon Mar 24 12:16:34 2014
From: jvanek at redhat.com (Jiri Vanek)
Date: Mon, 24 Mar 2014 13:16:34 +0100
Subject: [rfc][icedtea-web] Launching PolicyEditor from CertWarningPane
In-Reply-To: <532B480C.4070304@redhat.com>
References: <53220215.60301@redhat.com>
	<53220A02.7090506@redhat.com>	<5323135E.6070700@redhat.com>	<780923058.4176443.1394812828836.JavaMail.zimbra@redhat.com>	<532B2ACB.3010509@redhat.com>
	<532B3EA9.3090702@redhat.com> <532B480C.4070304@redhat.com>
Message-ID: <53302222.3060902@redhat.com>


Looks ok to go.


Few feature works
  - with only one item the submenu donot have much sense, but it will greow (? :) ) so ok if 
finished in 1.5.1

  -  the modality and filter needs to be fixed until 1.5
    - when there are already stored items in policies, the first one is selected, and user would 
like actually edit the *newly* added.  Probably not only filter, but be sure that the newly 
add/currnelty-should-be-edited item is really selected.

Please push the tweeks for attributevalidator as separate changeset and add trusted-only to news 
during commit please.


ty!

  J.
On 03/20/2014 08:57 PM, Andrew Azores wrote:
> On 03/20/2014 03:16 PM, Andrew Azores wrote:
>> On 03/20/2014 01:52 PM, Jiri Vanek wrote:
>>> On 03/14/2014 05:00 PM, Andrew Azores wrote:
>>>>> many import issues. Invaid(how comae? My wrong I guess) and especially unused imports.
>>>>>
>>>>> I gave up an code a bit O:). So user experience:
>>>>>
>>>>>
>>>>> popupmenu - best handling is NOT to add as component. And do not show them in actionPerforemd.
>>>>> Show them *without* parent, in mause Clicked - it have positionOnScreen, and you show the poup
>>>>> menu
>>>>> on this pposition. Should work like charm.
>>>>
>>>> This seems to work well, thanks for the tip.
>>>>
>>>>>
>>>>> I would excude this "V" from pproperties. Also the button s quote wide. Maybe use image rather?
>>>>
>>>> I tried using an image now but wasn't really happy with the results. I've changed it instead to
>>>> a unicode character that looks like the three horizontal line overflow menu icon that's being
>>>> used by iOS and Android. I think it's pretty nice although the button is still a bit wide.
>>>>
>>>>>
>>>>> Interesting state - dialog appeared , I clicked "V" clicked show policy editor, it apeared, I
>>>>> clicked cancel in mian dilog/or ok in main dialog.. The editro should be modal
>>>>
>>>> Hmm, well it's a JFrame, so I can't easily make it modal I don't think. Maybe as a separate
>>>> changeset PolicyEditor can be made into a JDialog and CertWarningPane can then be made to use it
>>>> as a modal dialog?
>>>>
>>>>>
>>>>> How does it behave for  yes/no/cancel/close of policy editor?
>>>>
>>>> The CertWarningPane doesn't know about this at all. All it knows about is if it has a
>>>> PolicyEditor reference, and if it does, if the editor is still open or has been closed.
>>>>
>>>>>    - small nit - other codebases in editor are confusing.
>>>>>
>>>>>
>>>>> Thanx!
>>>>>     J.
>>>>>
>>>>
>>>> I suppose, but PolicyEditor doesn't have any mechanism right now to display only one codebase
>>>> when there are also others present in the policy file.
>>>
>>> Then maybe it can be added? I think simple filter on shown list? And in this case the filter will
>>> be pre setup to show only new/edited codebase. This is also enough as next changeset (however...
>>> necessary....)
>>>
>>> Ugh .. the modality should be fixed :(.... Then maybe do it dialogue? This may be as another
>>> changeset, but should be fixed....
>>>
>>> Eg two containers - dialog an frame with same pannel.....
>>>
>>
>> Yes, both of these can/should be fixed, but as a different changeset I think.
>>
>>>
>>> Well one possible stop-show:
>>>
>>> geogebra do not start with :
>>> net.sourceforge.jnlp.LaunchException: Fatal: Initialization Error: Could not initialize
>>> application. The application has not been initialized, for more information execute javaws from
>>> the command line.     at net.sourceforge.jnlp.Launcher.createApplication(Launcher.java:789) at
>>> net.sourceforge.jnlp.Launcher.launchApplication(Launcher.java:529) at
>>> net.sourceforge.jnlp.Launcher$TgThread.run(Launcher.java:911) Caused by:
>>> net.sourceforge.jnlp.LaunchException: The 'permissions' attribute is 'all-permissions' but
>>> security is' Sandbox'. This is fatal     at
>>> net.sourceforge.jnlp.runtime.ManifestsAttributesValidator.checkPermissionsAttribute(ManifestsAttributesValidator.java:145)
>>> at net.sourceforge.jnlp.runtime.JNLPClassLoader. (JNLPClassLoader.java:289)     at
>>> net.sourceforge.jnlp.runtime.JNLPClassLoader.createInstance(JNLPClassLoader.java:353) at
>>> net.sourceforge.jnlp.runtime.JNLPClassLoader.getInstance(JNLPClassLoader.java:420) at
>>> net.sourceforge.jnlp.runtime.JNLPClassLoader.getInstance(JNLPClassLoader.java:396) at
>>> net.sourceforge.jnlp.Launcher.createApplication(Launcher.java:781) ... 2 more
>>>
>>> I think it is wrong. The run-in-sandbox should skip this check or otherwise handdle it.
>>>
>>>
>>> J.
>>
>> I've added a check in checkPermissionsAttribute to skip the check if the SecurityDelegate
>> indicates that the user has decided specifically to run the applet sandboxed.
>>
>> Thanks,
>>
>
> Tiny update, cleanly applies on new HEAD (with Trusted-only). Also threw in the one-line fix for
> Trusted-only and Sandbox.
>
> Thanks,
>


From aazores at redhat.com  Mon Mar 24 13:07:28 2014
From: aazores at redhat.com (Andrew Azores)
Date: Mon, 24 Mar 2014 09:07:28 -0400
Subject: [rfc][icedtea-web] Trusted-only manifest attribute
In-Reply-To: <532C5A50.6060400@redhat.com>
References: <532B0A39.6060102@redhat.com> <20140321145639.GC6449@redhat.com>
	<532C5A50.6060400@redhat.com>
Message-ID: <53302E10.1060000@redhat.com>

On 03/21/2014 11:27 AM, Jiri Vanek wrote:
> On 03/21/2014 03:56 PM, Omair Majid wrote:
>> * Andrew Azores <aazores at redhat.com> [2014-03-20 11:35]:
>>> +++ 
>>> b/netx/net/sourceforge/jnlp/runtime/ManifestsAttributesValidator.java
>>
>>> +    void checkTrustedOnlyAttribute() throws LaunchException {
>>
>> A stylistic nit: if you ask me to use a class named *Validator, I will
>> look for the validate* method as the first thing. If the class is named
>> *Checker, then maybe a check* method makes more sense.
>>
>> What do you think?
>>
>> Thanks,
>> Omair
>>
>
>
> the small refactoring
>
> ManifestsAttributesValidator -> ManifestsAttributesChecker
>
> and all its current methods started with check
>
> is probably worthy to do...
>
> J.

Just this?

Thanks,

-- 
Andrew A

-------------- next part --------------
A non-text attachment was scrubbed...
Name: manifest-attributes-checker-rename.patch
Type: text/x-patch
Size: 31708 bytes
Desc: not available
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140324/82de6378/manifest-attributes-checker-rename-0001.patch>

From aazores at icedtea.classpath.org  Mon Mar 24 13:20:34 2014
From: aazores at icedtea.classpath.org (aazores at icedtea.classpath.org)
Date: Mon, 24 Mar 2014 13:20:34 +0000
Subject: /hg/icedtea-web: 3 new changesets
Message-ID: <hg.48f3658a7efd.1395667234.8643924302249223276@icedtea.classpath.org>

changeset 48f3658a7efd in /hg/icedtea-web
details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=48f3658a7efd
author: Andrew Azores <aazores at redhat.com>
date: Mon Mar 24 09:14:04 2014 -0400

	ManifestsAttributeValidator works with RunInSandbox

	* netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java: pass
	SecurityDelegate to ManifestsAttributesValidator
	* netx/net/sourceforge/jnlp/runtime/ManifestsAttributesValidator.java:
	(securityDelegate) new field, added to constructor.
	(checkTrustedOnlyAttribute, checkPermissionsAttribute) works with
	RunInSandbox.


changeset a958ecb160f6 in /hg/icedtea-web
details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=a958ecb160f6
author: Andrew Azores <aazores at redhat.com>
date: Mon Mar 24 09:18:45 2014 -0400

	Added PolicyEditor launch button to security prompts

	Added ability to launch PolicyEditor from security prompts, with the
	current applet's codebase pre-selected in the editor.
	* netx/net/sourceforge/jnlp/resources/Messages.properties:
	(CertWarnPolicyTip, CertWarnPolicyEditor): new messages
	* netx/net/sourceforge/jnlp/security/dialogs/CertWarningPane.java: can
	launch PolicyEditor from new options overflow button
	* netx/net/sourceforge/jnlp/security/dialogs/apptrustwarningpanel/PartiallySignedAppTrustWarningPanel.java:
	same


changeset 6bdbe6b2694b in /hg/icedtea-web
details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=6bdbe6b2694b
author: Andrew Azores <aazores at redhat.com>
date: Mon Mar 24 09:20:18 2014 -0400

	Mention Trusted-only in NEWS


diffstat:

 ChangeLog                                                                                                |   24 +
 NEWS                                                                                                     |    2 +-
 netx/net/sourceforge/jnlp/resources/Messages.properties                                                  |    2 +
 netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java                                                   |    2 +-
 netx/net/sourceforge/jnlp/runtime/ManifestsAttributesValidator.java                                      |   14 +-
 netx/net/sourceforge/jnlp/security/dialogs/CertWarningPane.java                                          |  169 +++++++--
 netx/net/sourceforge/jnlp/security/dialogs/apptrustwarningpanel/PartiallySignedAppTrustWarningPanel.java |  100 +++++-
 7 files changed, 258 insertions(+), 55 deletions(-)

diffs (truncated from 611 to 500 lines):

diff -r 022f56ff692f -r 6bdbe6b2694b ChangeLog
--- a/ChangeLog	Thu Mar 20 15:45:13 2014 -0400
+++ b/ChangeLog	Mon Mar 24 09:20:18 2014 -0400
@@ -1,3 +1,27 @@
+2014-03-24  Andrew Azores  <aazores at redhat.com>
+
+	* NEWS: added mention of Trusted-only manifest attribute
+
+2014-03-24  Andrew Azores  <aazores at redhat.com>
+
+	Added ability to launch PolicyEditor from security prompts, with the
+	current applet's codebase pre-selected in the editor.
+	* netx/net/sourceforge/jnlp/resources/Messages.properties:
+	(CertWarnPolicyTip, CertWarnPolicyEditor): new messages
+	* netx/net/sourceforge/jnlp/security/dialogs/CertWarningPane.java: can
+	launch PolicyEditor from new options overflow button
+	* netx/net/sourceforge/jnlp/security/dialogs/apptrustwarningpanel/PartiallySignedAppTrustWarningPanel.java:
+	same
+
+2014-03-24  Andrew Azores  <aazores at redhat.com>
+
+	* netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java: pass
+	SecurityDelegate to ManifestsAttributesValidator
+	* netx/net/sourceforge/jnlp/runtime/ManifestsAttributesValidator.java:
+	(securityDelegate) new field, added to constructor.
+	(checkTrustedOnlyAttribute, checkPermissionsAttribute) works with
+	RunInSandbox.
+
 2014-03-20  Andrew Azores  <aazores at redhat.com>
 
 	Trusted-only manifest attribute implementation
diff -r 022f56ff692f -r 6bdbe6b2694b NEWS
--- a/NEWS	Thu Mar 20 15:45:13 2014 -0400
+++ b/NEWS	Mon Mar 24 09:20:18 2014 -0400
@@ -14,7 +14,7 @@
 * IcedTea-Web is now following XDG .config and .cache specification(RH947647)
 * A console for debugging plugin and javaws
 * Dialogs center on screen before becoming visible
-* Support for u45 and u51 new manifest attributes (Application-Name, Codebase, Permissions)
+* Support for u45 and u51 new manifest attributes (Application-Name, Codebase, Permissions, Trusted-only)
 * Custom applet permission policies panel in itweb-settings control panel
 * javaws -version flag
 * New PolicyEditor for easily adding/removing permissions to individual applets
diff -r 022f56ff692f -r 6bdbe6b2694b netx/net/sourceforge/jnlp/resources/Messages.properties
--- a/netx/net/sourceforge/jnlp/resources/Messages.properties	Thu Mar 20 15:45:13 2014 -0400
+++ b/netx/net/sourceforge/jnlp/resources/Messages.properties	Mon Mar 24 09:20:18 2014 -0400
@@ -23,6 +23,8 @@
 CertWarnRunTip=Trust this applet and run with full permissions
 CertWarnSandboxTip=Do not trust this applet and run with restricted permissions
 CertWarnCancelTip=Do not run this applet
+CertWarnPolicyTip=Advanced sandbox settings
+CertWarnPolicyEditorItem=Launch PolicyEditor
 
 AFileOnTheMachine=a file on the machine
 AlwaysAllowAction=Always allow this action
diff -r 022f56ff692f -r 6bdbe6b2694b netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java
--- a/netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java	Thu Mar 20 15:45:13 2014 -0400
+++ b/netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java	Mon Mar 24 09:20:18 2014 -0400
@@ -284,7 +284,7 @@
 
         setSecurity();
 
-        ManifestsAttributesValidator mav = new ManifestsAttributesValidator(security, file, signing);
+        ManifestsAttributesValidator mav = new ManifestsAttributesValidator(security, file, signing, securityDelegate);
         mav.checkTrustedOnlyAttribute();
         mav.checkCodebaseAttribute();
         mav.checkPermissionsAttribute();
diff -r 022f56ff692f -r 6bdbe6b2694b netx/net/sourceforge/jnlp/runtime/ManifestsAttributesValidator.java
--- a/netx/net/sourceforge/jnlp/runtime/ManifestsAttributesValidator.java	Thu Mar 20 15:45:13 2014 -0400
+++ b/netx/net/sourceforge/jnlp/runtime/ManifestsAttributesValidator.java	Mon Mar 24 09:20:18 2014 -0400
@@ -39,6 +39,7 @@
 import java.net.URL;
 import java.util.HashSet;
 import java.util.Set;
+
 import net.sourceforge.jnlp.ExtensionDesc;
 import net.sourceforge.jnlp.JARDesc;
 import net.sourceforge.jnlp.JNLPFile;
@@ -47,6 +48,7 @@
 import net.sourceforge.jnlp.PluginBridge;
 import net.sourceforge.jnlp.ResourcesDesc;
 import net.sourceforge.jnlp.SecurityDesc;
+import net.sourceforge.jnlp.runtime.JNLPClassLoader.SecurityDelegate;
 import net.sourceforge.jnlp.runtime.JNLPClassLoader.SigningState;
 import net.sourceforge.jnlp.security.SecurityDialogs;
 import net.sourceforge.jnlp.security.appletextendedsecurity.AppletSecurityLevel;
@@ -60,11 +62,14 @@
     private final SecurityDesc security;
     private final JNLPFile file;
     private final SigningState signing;
+    private final SecurityDelegate securityDelegate;
 
-    public ManifestsAttributesValidator(SecurityDesc security, JNLPFile file, SigningState signing) {
+    public ManifestsAttributesValidator(final SecurityDesc security, final JNLPFile file,
+            final SigningState signing, final SecurityDelegate securityDelegate) {
         this.security = security;
         this.file = file;
         this.signing = signing;
+        this.securityDelegate = securityDelegate;
     }
 
     /**
@@ -97,7 +102,7 @@
             securityType = "Unknown";
         }
 
-        final boolean isFullySigned = signing == SigningState.FULL;
+        final boolean isFullySigned = signing == SigningState.FULL || (signing == SigningState.PARTIAL && securityDelegate.getRunInSandbox());
         final String signedMsg;
         if (isFullySigned) {
             signedMsg = "The applet is fully signed";
@@ -152,8 +157,9 @@
     void checkPermissionsAttribute() throws LaunchException {
         final ManifestBoolean permissions = file.getManifestsAttributes().isSandboxForced();
         AppletSecurityLevel level = AppletStartupSecuritySettings.getInstance().getSecurityLevel();
-        if (level == AppletSecurityLevel.ALLOW_UNSIGNED) {
-            OutputController.getLogger().log(OutputController.Level.WARNING_ALL, "Although 'permissions' attribute of this application is '" + file.getManifestsAttributes().permissionsToString() + "' Your Extended applets security is at 'low', continuing");
+        if (level == AppletSecurityLevel.ALLOW_UNSIGNED || securityDelegate.getRunInSandbox()) {
+            OutputController.getLogger().log(OutputController.Level.WARNING_ALL, "Although 'permissions' attribute of this application is '" + file.getManifestsAttributes().permissionsToString()
+                    + "' Your Extended applets security is at 'low', or you have specifically chosen to run the applet Sandboxed. Continuing");
             return;
         }
         switch (permissions) {
diff -r 022f56ff692f -r 6bdbe6b2694b netx/net/sourceforge/jnlp/security/dialogs/CertWarningPane.java
--- a/netx/net/sourceforge/jnlp/security/dialogs/CertWarningPane.java	Thu Mar 20 15:45:13 2014 -0400
+++ b/netx/net/sourceforge/jnlp/security/dialogs/CertWarningPane.java	Mon Mar 24 09:20:18 2014 -0400
@@ -47,9 +47,13 @@
 import java.awt.GridLayout;
 import java.awt.event.ActionEvent;
 import java.awt.event.ActionListener;
+import java.awt.event.MouseEvent;
+import java.awt.event.MouseListener;
 import java.io.File;
 import java.io.FileOutputStream;
 import java.io.OutputStream;
+import java.net.MalformedURLException;
+import java.net.URL;
 import java.security.KeyStore;
 import java.security.cert.Certificate;
 import java.security.cert.X509Certificate;
@@ -60,12 +64,16 @@
 import javax.swing.JButton;
 import javax.swing.JCheckBox;
 import javax.swing.JLabel;
+import javax.swing.JMenuItem;
 import javax.swing.JPanel;
+import javax.swing.JPopupMenu;
 import javax.swing.SwingConstants;
 
 import net.sourceforge.jnlp.JNLPFile;
 import net.sourceforge.jnlp.PluginBridge;
+import net.sourceforge.jnlp.config.DeploymentConfiguration;
 import net.sourceforge.jnlp.runtime.JNLPClassLoader.SecurityDelegate;
+import net.sourceforge.jnlp.runtime.JNLPRuntime;
 import net.sourceforge.jnlp.security.CertVerifier;
 import net.sourceforge.jnlp.security.CertificateUtils;
 import net.sourceforge.jnlp.security.HttpsCertVerifier;
@@ -75,6 +83,7 @@
 import net.sourceforge.jnlp.security.SecurityDialog;
 import net.sourceforge.jnlp.security.SecurityDialogs.AccessType;
 import net.sourceforge.jnlp.security.SecurityUtil;
+import net.sourceforge.jnlp.security.policyeditor.PolicyEditor;
 import net.sourceforge.jnlp.util.FileUtils;
 import net.sourceforge.jnlp.util.logging.OutputController;
 
@@ -88,14 +97,29 @@
  */
 public class CertWarningPane extends SecurityDialogPanel {
 
-    JCheckBox alwaysTrust;
-    CertVerifier certVerifier;
-    SecurityDelegate securityDelegate;
+    private final JNLPFile file;
+    private final AccessType accessType;
+    private final Certificate cert;
+    private JCheckBox alwaysTrust;
+    private final CertVerifier certVerifier;
+    private SecurityDelegate securityDelegate;
+    private JPopupMenu policyMenu;
+    private JPanel topPanel, infoPanel, buttonPanel, bottomPanel;
+    private JLabel topLabel, nameLabel, publisherLabel, fromLabel, bottomLabel;
+    private JButton run, sandbox, advancedOptions, cancel, moreInfo;
+    private boolean alwaysTrustSelected;
+    private String bottomLabelWarningText;
+    private PolicyEditor policyEditor = null;
 
     public CertWarningPane(SecurityDialog x, CertVerifier certVerifier, SecurityDelegate securityDelegate) {
         super(x, certVerifier);
         this.certVerifier = certVerifier;
         this.securityDelegate = securityDelegate;
+
+        this.accessType = parent.getAccessType();
+        this.file = parent.getFile();
+        this.cert = parent.getCertVerifier().getPublisher(null);
+
         addComponents();
     }
 
@@ -103,10 +127,11 @@
      * Creates the actual GUI components, and adds it to this panel
      */
     private void addComponents() {
-        AccessType type = parent.getAccessType();
-        JNLPFile file = parent.getFile();
-        Certificate c = parent.getCertVerifier().getPublisher(null);
+        setTextAndLabels();
+        addButtons();
+    }
 
+    private void setTextAndLabels() {
         String name = "";
         String publisher = "";
         String from = "";
@@ -115,8 +140,8 @@
         //these strings -- we just want to fill in as many as possible.
         try {
             if ((certVerifier instanceof HttpsCertVerifier) &&
-                             (c instanceof X509Certificate)) {
-                name = SecurityUtil.getCN(((X509Certificate) c)
+                    (cert instanceof X509Certificate)) {
+                name = SecurityUtil.getCN(((X509Certificate) cert)
                                         .getSubjectX500Principal().getName());
             } else if (file instanceof PluginBridge) {
                 name = file.getTitle();
@@ -127,8 +152,8 @@
         }
 
         try {
-            if (c instanceof X509Certificate) {
-                publisher = SecurityUtil.getCN(((X509Certificate) c)
+            if (cert instanceof X509Certificate) {
+                publisher = SecurityUtil.getCN(((X509Certificate) cert)
                                         .getSubjectX500Principal().getName());
             }
         } catch (Exception e) {
@@ -145,63 +170,66 @@
 
         // Labels
         String topLabelText = "";
-        String bottomLabelText = parent.getCertVerifier().getRootInCacerts() ?
-                                 R("STrustedSource") : R("SUntrustedSource");
-        String propertyName = "";
+        bottomLabelWarningText = parent.getCertVerifier().getRootInCacerts() ?
+                R("STrustedSource") : R("SUntrustedSource");
         String iconLocation = "net/sourceforge/jnlp/resources/";
-        boolean alwaysTrustSelected = false;
+        alwaysTrustSelected = false;
         if (certVerifier instanceof HttpsCertVerifier) {
             // HTTPS certs that are verified do not prompt for a dialog.
             // @see VariableX509TrustManager#checkServerTrusted
             topLabelText = R("SHttpsUnverified") + " " + R("Continue");
-            propertyName = "OptionPane.warningIcon";
             iconLocation += "warning.png";
         } else {
-            switch (type) {
+            switch (accessType) {
                 case VERIFIED:
                     topLabelText = R("SSigVerified");
-                    propertyName = "OptionPane.informationIcon";
                     iconLocation += "question.png";
                     alwaysTrustSelected = true;
                     break;
                 case UNVERIFIED:
                     topLabelText = R("SSigUnverified");
-                    propertyName = "OptionPane.warningIcon";
                     iconLocation += "warning.png";
-                    bottomLabelText += " " + R("SWarnFullPermissionsIgnorePolicy");
+                    bottomLabelWarningText += " " + R("SWarnFullPermissionsIgnorePolicy");
                     break;
                 case SIGNING_ERROR:
                     topLabelText = R("SSignatureError");
-                    propertyName = "OptionPane.warningIcon";
                     iconLocation += "warning.png";
-                    bottomLabelText += " " + R("SWarnFullPermissionsIgnorePolicy");
+                    bottomLabelWarningText += " " + R("SWarnFullPermissionsIgnorePolicy");
                     break;
             }
         }
-        ImageIcon icon = new ImageIcon((new sun.misc.Launcher())
-                                .getClassLoader().getResource(iconLocation));
-        JLabel topLabel = new JLabel(htmlWrap(topLabelText), icon, SwingConstants.LEFT);
+        ImageIcon icon = getImageIcon(iconLocation);
+        topLabel = new JLabel(htmlWrap(topLabelText), icon, SwingConstants.LEFT);
         topLabel.setFont(new Font(topLabel.getFont().toString(),
                                 Font.BOLD, 12));
-        JPanel topPanel = new JPanel(new BorderLayout());
+        topPanel = new JPanel(new BorderLayout());
         topPanel.setBackground(Color.WHITE);
         topPanel.add(topLabel, BorderLayout.CENTER);
         topPanel.setPreferredSize(new Dimension(400, 75));
         topPanel.setBorder(BorderFactory.createEmptyBorder(10, 10, 10, 10));
 
         //application info
-        JLabel nameLabel = new JLabel(R("Name") + ":   " + name);
+        nameLabel = new JLabel(R("Name") + ":   " + name);
         nameLabel.setBorder(BorderFactory.createEmptyBorder(5, 5, 5, 5));
-        JLabel publisherLabel = new JLabel(R("Publisher") + ": " + publisher);
+        publisherLabel = new JLabel(R("Publisher") + ": " + publisher);
         publisherLabel.setBorder(BorderFactory.createEmptyBorder(5, 5, 5, 5));
-        JLabel fromLabel = new JLabel(R("From") + ":   " + from);
+        fromLabel = new JLabel(R("From") + ":   " + from);
         fromLabel.setBorder(BorderFactory.createEmptyBorder(5, 5, 5, 5));
+    }
+
+    private ImageIcon getImageIcon(final String imageLocation) {
+        return new ImageIcon((new sun.misc.Launcher())
+                .getClassLoader().getResource(imageLocation));
+    }
+
+    private void addButtons() {
+        createPolicyPermissionsMenu();
 
         alwaysTrust = new JCheckBox(R("SAlwaysTrustPublisher"));
         alwaysTrust.setEnabled(true);
         alwaysTrust.setSelected(alwaysTrustSelected);
 
-        JPanel infoPanel = new JPanel(new GridLayout(4, 1));
+        infoPanel = new JPanel(new GridLayout(4, 1));
         infoPanel.add(nameLabel);
         infoPanel.add(publisherLabel);
 
@@ -213,12 +241,15 @@
         infoPanel.setBorder(BorderFactory.createEmptyBorder(25, 25, 25, 25));
 
         //run and cancel buttons
-        JPanel buttonPanel = new JPanel(new FlowLayout(FlowLayout.RIGHT));
-        JButton run = new JButton(R("ButRun"));
-        JButton sandbox = new JButton(R("ButSandbox"));
-        JButton cancel = new JButton(R("ButCancel"));
+        buttonPanel = new JPanel(new FlowLayout(FlowLayout.RIGHT));
+        run = new JButton(R("ButRun"));
+        sandbox = new JButton(R("ButSandbox"));
+        advancedOptions = new JButton("\u2630"); // "hamburger" navicon
+        cancel = new JButton(R("ButCancel"));
+
         run.setToolTipText(R("CertWarnRunTip"));
         sandbox.setToolTipText(R("CertWarnSandboxTip"));
+        advancedOptions.setToolTipText(R("CertWarnPolicyTip"));
         cancel.setToolTipText(R("CertWarnCancelTip"));
 
         alwaysTrust.addActionListener(new ButtonDisableListener(sandbox));
@@ -227,16 +258,23 @@
         buttonWidth = Math.max(buttonWidth, cancel.getMinimumSize().width);
         int buttonHeight = run.getMinimumSize().height;
         Dimension d = new Dimension(buttonWidth, buttonHeight);
+
         run.setPreferredSize(d);
         sandbox.setPreferredSize(d);
+        advancedOptions.setPreferredSize(new Dimension(advancedOptions.getMinimumSize().width, buttonHeight));
         cancel.setPreferredSize(d);
 
         sandbox.setEnabled(!alwaysTrust.isSelected());
 
         run.addActionListener(createSetValueListener(parent, 0));
         run.addActionListener(new CheckBoxListener());
+
         sandbox.addActionListener(createSetValueListener(parent, 1));
+
+        advancedOptions.addMouseListener(new PolicyEditorPopupListener());
+
         cancel.addActionListener(createSetValueListener(parent, 2));
+
         initialFocusComponent = cancel;
         buttonPanel.add(run);
         // file will be null iff this dialog is being called from VariableX509TrustManager.
@@ -245,8 +283,10 @@
         // Since there is no app, there is nothing to run sandboxed.
         if (file != null) {
             buttonPanel.add(sandbox);
+            buttonPanel.add(advancedOptions);
         }
         buttonPanel.add(cancel);
+
         buttonPanel.setBorder(BorderFactory.createEmptyBorder(10, 10, 10, 10));
 
         //all of the above
@@ -255,18 +295,75 @@
         add(infoPanel);
         add(buttonPanel);
 
-        JLabel bottomLabel = new JLabel(htmlWrap(bottomLabelText));
-        JButton moreInfo = new JButton(R("ButMoreInformation"));
+        bottomLabel = new JLabel(htmlWrap(bottomLabelWarningText));
+        moreInfo = new JButton(R("ButMoreInformation"));
         moreInfo.addActionListener(new MoreInfoButtonListener());
 
-        JPanel bottomPanel = new JPanel();
+        bottomPanel = new JPanel();
         bottomPanel.setLayout(new BoxLayout(bottomPanel, BoxLayout.X_AXIS));
         bottomPanel.add(bottomLabel);
         bottomPanel.add(moreInfo);
         bottomPanel.setPreferredSize(new Dimension(600, 100));
         bottomPanel.setBorder(BorderFactory.createEmptyBorder(10, 10, 10, 10));
         add(bottomPanel);
+    }
 
+    private void createPolicyPermissionsMenu() {
+        policyMenu = new JPopupMenu();
+
+        JMenuItem launchPolicyEditor = new JMenuItem(R("CertWarnPolicyEditorItem"));
+        launchPolicyEditor.addActionListener(new PolicyEditorLaunchListener());
+
+        policyMenu.add(launchPolicyEditor);
+        policyMenu.setSize(policyMenu.getMinimumSize());
+        policyMenu.setVisible(false);
+    }
+
+    private class PolicyEditorLaunchListener implements ActionListener {
+        @Override
+        public void actionPerformed(final ActionEvent e) {
+            final String rawFilepath = JNLPRuntime.getConfiguration().getProperty(DeploymentConfiguration.KEY_USER_SECURITY_POLICY);
+            String filepath;
+            try {
+                filepath = new URL(rawFilepath).getPath();
+            } catch (final MalformedURLException mfue) {
+                filepath = null;
+            }
+
+            if (policyEditor == null || policyEditor.isClosed()) {
+                policyEditor = PolicyEditor.createInstance(filepath);
+            } else {
+                policyEditor.toFront();
+                policyEditor.repaint();
+            }
+            policyEditor.addNewCodebase(file.getCodeBase().toString());
+            policyEditor.setVisible(true);
+            policyMenu.setVisible(false);
+        }
+    }
+
+    private class PolicyEditorPopupListener implements MouseListener {
+        @Override
+        public void mouseClicked(final MouseEvent e) {
+            policyMenu.setLocation(e.getLocationOnScreen());
+            policyMenu.setVisible(!policyMenu.isVisible());
+        }
+
+        @Override
+        public void mousePressed(final MouseEvent e) {
+        }
+
+        @Override
+        public void mouseReleased(final MouseEvent e) {
+        }
+
+        @Override
+        public void mouseEntered(final MouseEvent e) {
+        }
+
+        @Override
+        public void mouseExited(final MouseEvent e) {
+        }
     }
 
     private class MoreInfoButtonListener implements ActionListener {
diff -r 022f56ff692f -r 6bdbe6b2694b netx/net/sourceforge/jnlp/security/dialogs/apptrustwarningpanel/PartiallySignedAppTrustWarningPanel.java
--- a/netx/net/sourceforge/jnlp/security/dialogs/apptrustwarningpanel/PartiallySignedAppTrustWarningPanel.java	Thu Mar 20 15:45:13 2014 -0400
+++ b/netx/net/sourceforge/jnlp/security/dialogs/apptrustwarningpanel/PartiallySignedAppTrustWarningPanel.java	Mon Mar 24 09:20:18 2014 -0400
@@ -2,34 +2,41 @@
 
 import static net.sourceforge.jnlp.runtime.Translator.R;
 
-import java.awt.BorderLayout;
+import java.awt.event.ActionEvent;
+import java.awt.event.ActionListener;
+import java.awt.event.MouseEvent;
+import java.awt.event.MouseListener;
+import java.net.MalformedURLException;
 import java.net.URL;
 import java.security.cert.Certificate;
 import java.security.cert.X509Certificate;
 
 import javax.swing.ImageIcon;
 import javax.swing.JButton;
-import javax.swing.JFrame;
+import javax.swing.JMenuItem;
+import javax.swing.JPopupMenu;
 
 import net.sourceforge.jnlp.JNLPFile;
 import net.sourceforge.jnlp.PluginBridge;
-import net.sourceforge.jnlp.PluginParameters;
+import net.sourceforge.jnlp.config.DeploymentConfiguration;
+import net.sourceforge.jnlp.runtime.JNLPRuntime;
 import net.sourceforge.jnlp.security.SecurityDialog;
-import net.sourceforge.jnlp.security.SecurityDialogs.AccessType;
-import net.sourceforge.jnlp.security.SecurityDialogs.DialogType;
 import net.sourceforge.jnlp.security.SecurityUtil;
 import net.sourceforge.jnlp.security.appletextendedsecurity.ExecuteAppletAction;
 import net.sourceforge.jnlp.security.appletextendedsecurity.UnsignedAppletTrustConfirmation;
+import net.sourceforge.jnlp.security.policyeditor.PolicyEditor;
 import net.sourceforge.jnlp.tools.CertInformation;
 import net.sourceforge.jnlp.tools.JarCertVerifier;
 
 public class PartiallySignedAppTrustWarningPanel extends AppTrustWarningPanel {
 
-    private JarCertVerifier jcv;
-    private JButton sandboxButton;
+    private final JarCertVerifier jcv;
+    private final JButton sandboxButton;
+    private final JButton advancedOptionsButton;

From aazores at redhat.com  Mon Mar 24 13:39:19 2014
From: aazores at redhat.com (Andrew Azores)
Date: Mon, 24 Mar 2014 09:39:19 -0400
Subject: [rfc][icedtea-web] Launching PolicyEditor from CertWarningPane
In-Reply-To: <53302222.3060902@redhat.com>
References: <53220215.60301@redhat.com>
	<53220A02.7090506@redhat.com>	<5323135E.6070700@redhat.com>	<780923058.4176443.1394812828836.JavaMail.zimbra@redhat.com>	<532B2ACB.3010509@redhat.com>
	<532B3EA9.3090702@redhat.com> <532B480C.4070304@redhat.com>
	<53302222.3060902@redhat.com>
Message-ID: <53303587.1020608@redhat.com>

On 03/24/2014 08:16 AM, Jiri Vanek wrote:
>
> Looks ok to go.
>
>
> Few feature works
>  - with only one item the submenu donot have much sense, but it will 
> greow (? :) ) so ok if finished in 1.5.1

I'm thinking maybe the Filter option can actually be the second item 
under the View menu. It seems to be a fitting place to me, since the 
filtering is probably not important enough to be always displayed, and 
View is definitely the right menu for it to go in if it does go in a menu.

>
>  -  the modality and filter needs to be fixed until 1.5
>    - when there are already stored items in policies, the first one is 
> selected, and user would like actually edit the *newly* added.  
> Probably not only filter, but be sure that the newly 
> add/currnelty-should-be-edited item is really selected.

Well, the policy file is parse asynchronously when the editor opens, so 
if this doesn't complete first, then when the dialogs add a new 
codebase, it may not be the last one added. Since adding a new codebase 
automatically selects it, this could make it so that the current 
applet's codebase isn't actually selected. I'll start a new discussion 
thread for this, and another one for modality as well.

>
> Please push the tweeks for attributevalidator as separate changeset 
> and add trusted-only to news during commit please.

Done.

>
>
> ty!
>
>  J.

Thanks,

-- 
Andrew A


From andrew at icedtea.classpath.org  Mon Mar 24 13:55:47 2014
From: andrew at icedtea.classpath.org (andrew at icedtea.classpath.org)
Date: Mon, 24 Mar 2014 13:55:47 +0000
Subject: /hg/release/icedtea7-forest-2.3/jdk: Add missing files from 8028293
Message-ID: <hg.3428bff8a33a.1395669347.4833355912275447704@icedtea.classpath.org>

changeset 3428bff8a33a in /hg/release/icedtea7-forest-2.3/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jdk?cmd=changeset;node=3428bff8a33a
author: andrew
date: Mon Mar 24 13:55:37 2014 +0000

	Add missing files from 8028293


diffstat:

 src/solaris/classes/sun/net/PortConfig.java |   89 ++++++++++++++++++++
 src/solaris/native/sun/net/portconfig.c     |  122 ++++++++++++++++++++++++++++
 src/windows/classes/sun/net/PortConfig.java |   65 ++++++++++++++
 src/windows/native/sun/net/portconfig.c     |  106 ++++++++++++++++++++++++
 4 files changed, 382 insertions(+), 0 deletions(-)

diffs (398 lines):

diff -r 2906d76a7086 -r 3428bff8a33a src/solaris/classes/sun/net/PortConfig.java
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/src/solaris/classes/sun/net/PortConfig.java	Mon Mar 24 13:55:37 2014 +0000
@@ -0,0 +1,89 @@
+/*
+ * Copyright (c) 2013, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.  Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+package sun.net;
+
+import java.security.AccessController;
+
+/**
+ * Determines the ephemeral port range in use on this system.
+ * If this cannot be determined, then the default settings
+ * of the OS are returned.
+ */
+
+public final class PortConfig {
+
+    private static int defaultUpper, defaultLower;
+    private final static int upper, lower;
+
+    private PortConfig() {}
+
+    static {
+        AccessController.doPrivileged(
+            new java.security.PrivilegedAction<Void>() {
+                public Void run() {
+                    System.loadLibrary("net");
+                    String os = System.getProperty("os.name");
+                    if (os.startsWith("Linux")) {
+                        defaultLower = 32768;
+                        defaultUpper = 61000;
+                    } else if (os.startsWith("SunOS")) {
+                        defaultLower = 32768;
+                        defaultUpper = 65535;
+                    } else if (os.contains("OS X")) {
+                        defaultLower = 49152;
+                        defaultUpper = 65535;
+                    } else {
+                        throw new InternalError(
+                            "sun.net.PortConfig: unknown OS");
+                    }
+                    return null;
+                }
+            });
+
+        int v = getLower0();
+        if (v == -1) {
+            v = defaultLower;
+        }
+        lower = v;
+
+        v = getUpper0();
+        if (v == -1) {
+            v = defaultUpper;
+        }
+        upper = v;
+    }
+
+    static native int getLower0();
+    static native int getUpper0();
+
+    public static int getLower() {
+        return lower;
+    }
+
+    public static int getUpper() {
+        return upper;
+    }
+}
diff -r 2906d76a7086 -r 3428bff8a33a src/solaris/native/sun/net/portconfig.c
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/src/solaris/native/sun/net/portconfig.c	Mon Mar 24 13:55:37 2014 +0000
@@ -0,0 +1,122 @@
+/*
+ * Copyright (c) 2013, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.  Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <unistd.h>
+#include <errno.h>
+
+#if defined(_ALLBSD_SOURCE)
+#include <sys/sysctl.h>
+#endif
+
+#include "jni.h"
+#include "net_util.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+struct portrange {
+    int lower;
+    int higher;
+};
+
+static int getPortRange(struct portrange *range)
+{
+#ifdef __linux__
+    {
+        int ret;
+        FILE *f;
+
+        f = fopen("/proc/sys/net/ipv4/ip_local_port_range", "r");
+        if (f != NULL) {
+            ret = fscanf(f, "%d %d", &range->lower, &range->higher);
+            fclose(f);
+            return ret == 2 ? 0 : -1;
+        }
+        return -1;
+    }
+
+#elif defined(__solaris__)
+    {
+        range->lower = net_getParam("/dev/tcp", "tcp_smallest_anon_port");
+        range->higher = net_getParam("/dev/tcp", "tcp_largest_anon_port");
+        return 0;
+    }
+#elif defined(_ALLBSD_SOURCE)
+    {
+        int ret;
+        size_t size = sizeof(range->lower);
+        ret = sysctlbyname(
+            "net.inet.ip.portrange.first", &range->lower, &size, 0, 0
+        );
+        if (ret == -1) {
+            return -1;
+        }
+        size = sizeof(range->higher);
+        ret = sysctlbyname(
+            "net.inet.ip.portrange.last", &range->higher, &size, 0, 0
+        );
+        return ret;
+    }
+#else
+    return -1;
+#endif
+}
+
+/*
+ * Class:     sun_net_PortConfig
+ * Method:    getLower0
+ * Signature: ()I
+ */
+JNIEXPORT jint JNICALL Java_sun_net_PortConfig_getLower0
+  (JNIEnv *env, jclass clazz)
+{
+    struct portrange range;
+    if (getPortRange(&range) < 0) {
+        return -1;
+    }
+    return range.lower;
+}
+
+/*
+ * Class:     sun_net_PortConfig
+ * Method:    getUpper
+ * Signature: ()I
+ */
+JNIEXPORT jint JNICALL Java_sun_net_PortConfig_getUpper0
+  (JNIEnv *env, jclass clazz)
+{
+    struct portrange range;
+    if (getPortRange(&range) < 0) {
+        return -1;
+    }
+    return range.higher;
+}
+
+#ifdef __cplusplus
+}
+#endif
diff -r 2906d76a7086 -r 3428bff8a33a src/windows/classes/sun/net/PortConfig.java
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/src/windows/classes/sun/net/PortConfig.java	Mon Mar 24 13:55:37 2014 +0000
@@ -0,0 +1,65 @@
+/*
+ * Copyright (c) 2013, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.  Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+package sun.net;
+
+import java.security.AccessController;
+
+/**
+ * Determines the ephemeral port range in use on this system.
+ * If this cannot be determined, then the default settings
+ * of the OS are returned.
+ */
+
+public final class PortConfig {
+
+    private final static int upper, lower;
+
+    private PortConfig() {}
+
+    static {
+        AccessController.doPrivileged(
+            new java.security.PrivilegedAction<Void>() {
+                public Void run() {
+                    System.loadLibrary("net");
+                    return null;
+                }
+            });
+
+        lower = getLower0();
+        upper = getUpper0();
+    }
+
+    static native int getLower0();
+    static native int getUpper0();
+
+    public static int getLower() {
+        return lower;
+    }
+
+    public static int getUpper() {
+        return upper;
+    }
+}
diff -r 2906d76a7086 -r 3428bff8a33a src/windows/native/sun/net/portconfig.c
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/src/windows/native/sun/net/portconfig.c	Mon Mar 24 13:55:37 2014 +0000
@@ -0,0 +1,106 @@
+/*
+ * Copyright (c) 2013, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.  Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+#include <windows.h>
+#include "jni.h"
+#include "net_util.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+struct portrange {
+    int lower;
+    int higher;
+};
+
+static int getPortRange(struct portrange *range)
+{
+    OSVERSIONINFO ver;
+    ver.dwOSVersionInfoSize = sizeof(ver);
+    GetVersionEx(&ver);
+
+    /* Check for major version 5 or less = Windows XP/2003 or older */
+    if (ver.dwMajorVersion <= 5) {
+        LONG ret;
+        HKEY hKey;
+        range->lower = 1024;
+        range->higher = 4999;
+
+        /* check registry to see if upper limit was raised */
+        ret = RegOpenKeyEx(HKEY_LOCAL_MACHINE,
+                   "SYSTEM\\CurrentControlSet\\Services\\Tcpip\\Parameters",
+                   0, KEY_READ, (PHKEY)&hKey
+        );
+        if (ret == ERROR_SUCCESS) {
+            DWORD maxuserport;
+            ULONG ulType;
+            DWORD dwLen = sizeof(maxuserport);
+            ret = RegQueryValueEx(hKey, "MaxUserPort",  NULL, &ulType,
+                             (LPBYTE)&maxuserport, &dwLen);
+            RegCloseKey(hKey);
+            if (ret == ERROR_SUCCESS) {
+                range->higher = maxuserport;
+            }
+        }
+    } else {
+        /* There doesn't seem to be an API to access this. "MaxUserPort"
+          * is affected, but is not sufficient to determine.
+         * so we just use the defaults, which are less likely to change
+          */
+        range->lower = 49152;
+        range->higher = 65535;
+    }
+    return 0;
+}
+
+/*
+ * Class:     sun_net_PortConfig
+ * Method:    getLower0
+ * Signature: ()I
+ */
+JNIEXPORT jint JNICALL Java_sun_net_PortConfig_getLower0
+  (JNIEnv *env, jclass clazz)
+{
+    struct portrange range;
+    getPortRange(&range);
+    return range.lower;
+}
+
+/*
+ * Class:     sun_net_PortConfig
+ * Method:    getUpper0
+ * Signature: ()I
+ */
+JNIEXPORT jint JNICALL Java_sun_net_PortConfig_getUpper0
+  (JNIEnv *env, jclass clazz)
+{
+    struct portrange range;
+    getPortRange(&range);
+    return range.higher;
+}
+#ifdef __cplusplus
+}
+#endif

From aazores at redhat.com  Mon Mar 24 14:01:07 2014
From: aazores at redhat.com (Andrew Azores)
Date: Mon, 24 Mar 2014 10:01:07 -0400
Subject: [rfc][icedtea-web] Security dialogs wait for PolicyEditor to finish
	parsing
Message-ID: <53303AA3.3080109@redhat.com>

Hi,

PolicyEditor loads and saves policy files async, obviously. However, 
this means that opening a new PolicyEditor instance on an existing 
policy file and programmatically adding a new codebase to the editor 
does not have a well-defined order. This can be problematic because 
PolicyEditor highlights/selects the last added codebase, so eg in the 
scenario where the editor is being launched from a security dialog, we 
want to be sure that the current applet's codebase is the one selected 
when the editor appears. This patch adds a method to PolicyEditor that 
indicates whether the editor is currently reading/writing a file, and 
adds a loop to the two security dialogs so that the new codebase is not 
added and the editor made visible until it completes its IO.

Thanks,

-- 
Andrew A

-------------- next part --------------
A non-text attachment was scrubbed...
Name: policyeditor-wait-for-io.patch
Type: text/x-patch
Size: 5772 bytes
Desc: not available
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140324/1cb50455/policyeditor-wait-for-io.patch>

From jvanek at redhat.com  Mon Mar 24 14:26:35 2014
From: jvanek at redhat.com (Jiri Vanek)
Date: Mon, 24 Mar 2014 15:26:35 +0100
Subject: [rfc][icedtea-web] Trusted-only manifest attribute
In-Reply-To: <53302E10.1060000@redhat.com>
References: <532B0A39.6060102@redhat.com> <20140321145639.GC6449@redhat.com>
	<532C5A50.6060400@redhat.com> <53302E10.1060000@redhat.com>
Message-ID: <5330409B.9070909@redhat.com>

On 03/24/2014 02:07 PM, Andrew Azores wrote:
> On 03/21/2014 11:27 AM, Jiri Vanek wrote:
>> On 03/21/2014 03:56 PM, Omair Majid wrote:
>>> * Andrew Azores <aazores at redhat.com> [2014-03-20 11:35]:
>>>> +++ b/netx/net/sourceforge/jnlp/runtime/ManifestsAttributesValidator.java
>>>
>>>> +    void checkTrustedOnlyAttribute() throws LaunchException {
>>>
>>> A stylistic nit: if you ask me to use a class named *Validator, I will
>>> look for the validate* method as the first thing. If the class is named
>>> *Checker, then maybe a check* method makes more sense.
>>>
>>> What do you think?
>>>
>>> Thanks,
>>> Omair
>>>
>>
>>
>> the small refactoring
>>
>> ManifestsAttributesValidator -> ManifestsAttributesChecker
>>
>> and all its current methods started with check
>>
>> is probably worthy to do...
>>
>> J.
>
> Just this?

Yes :)


Whn you are in, I.m for making all

checkTrustedOnlyAttribute();
checkCodebaseAttribute();
checkPermissionsAttribute();
checkApplicationLibraryAllowableCodebaseAttribute();

private

and encapsulate them in public checkAll(). And call this in constructor.

If you agree feel free to encapsualte in this push. Otherwise ok to go anyway.


J,.

From ptisnovs at icedtea.classpath.org  Mon Mar 24 14:38:39 2014
From: ptisnovs at icedtea.classpath.org (ptisnovs at icedtea.classpath.org)
Date: Mon, 24 Mar 2014 14:38:39 +0000
Subject: /hg/icedtea7: Fixed compilation failure on Aarch64.
Message-ID: <hg.80573ab16562.1395671919.2873452341184383833@icedtea.classpath.org>

changeset 80573ab16562 in /hg/icedtea7
details: http://icedtea.classpath.org/hg/icedtea7?cmd=changeset;node=80573ab16562
author: Pavel Tisnovsky <ptisnovs at redhat.com>
date: Mon Mar 24 16:41:29 2014 -0400

	Fixed compilation failure on Aarch64.


diffstat:

 ChangeLog                          |  5 +++++
 contrib/jck/compile-native-code.sh |  3 +++
 2 files changed, 8 insertions(+), 0 deletions(-)

diffs (25 lines):

diff -r f4920229fa73 -r 80573ab16562 ChangeLog
--- a/ChangeLog	Fri Mar 21 17:50:28 2014 +0000
+++ b/ChangeLog	Mon Mar 24 16:41:29 2014 -0400
@@ -1,3 +1,8 @@
+2014-03-24  Pavel Tisnovsky  <ptisnovs at redhat.com>
+
+	* contrib/jck/compile-native-code.sh:
+	Fixed compilation failure on Aarch64.
+
 2014-03-21  Andrew John Hughes  <gnu.andrew at member.fsf.org>
 
 	* acinclude.m4:
diff -r f4920229fa73 -r 80573ab16562 contrib/jck/compile-native-code.sh
--- a/contrib/jck/compile-native-code.sh	Fri Mar 21 17:50:28 2014 +0000
+++ b/contrib/jck/compile-native-code.sh	Mon Mar 24 16:41:29 2014 -0400
@@ -31,6 +31,9 @@
   x86_64|ppc64|s390x)
     MFLAG=-m64
     ;;
+  aarch64)
+    MFLAG=-march=armv8-a
+    ;;
   *)
     echo 1>&2 "error: unhandled arch '$arch'"
     exit 1

From aazores at redhat.com  Mon Mar 24 14:44:39 2014
From: aazores at redhat.com (Andrew Azores)
Date: Mon, 24 Mar 2014 10:44:39 -0400
Subject: [rfc][icedtea-web] Security dialogs wait for PolicyEditor to
	finish parsing
In-Reply-To: <533043CB.3010506@redhat.com>
References: <53303AA3.3080109@redhat.com> <533043CB.3010506@redhat.com>
Message-ID: <533044D7.8040402@redhat.com>

On 03/24/2014 10:40 AM, Jiri Vanek wrote:
> On 03/24/2014 03:01 PM, Andrew Azores wrote:
>> Hi,
>>
>> PolicyEditor loads and saves policy files async, obviously. However, 
>> this means that opening a new
>> PolicyEditor instance on an existing policy file and programmatically 
>> adding a new codebase to the
>> editor does not have a well-defined order. This can be problematic 
>> because PolicyEditor
>> highlights/selects the last added codebase, so eg in the scenario 
>> where the editor is being launched
>> from a security dialog, we want to be sure that the current applet's 
>> codebase is the one selected
>> when the editor appears. This patch adds a method to PolicyEditor 
>> that indicates whether the editor
>> is currently reading/writing a file, and adds a loop to the two 
>> security dialogs so that the new
>> codebase is not added and the editor made visible until it completes 
>> its IO.
>>
>> Thanks,
>>
>
> Hm... I dont think this is correct approach. Why are you so strongly 
> against modal dialogue?
>
>
> J.

I'm not... making PolicyEditor modal will come later. This patch is just 
about making sure that when you launch PolicyEditor from a security 
dialog, the current applet's codebase is guaranteed to be the selected 
one when the editor appears. This and modality are completely separate.

Thanks,

-- 
Andrew A


From ptisnovs at icedtea.classpath.org  Mon Mar 24 14:49:59 2014
From: ptisnovs at icedtea.classpath.org (ptisnovs at icedtea.classpath.org)
Date: Mon, 24 Mar 2014 14:49:59 +0000
Subject: /hg/icedtea6: Fixed compilation failure on Aarch64.
Message-ID: <hg.0ef5e61b1b00.1395672599.2873452341184383832@icedtea.classpath.org>

changeset 0ef5e61b1b00 in /hg/icedtea6
details: http://icedtea.classpath.org/hg/icedtea6?cmd=changeset;node=0ef5e61b1b00
author: Pavel Tisnovsky <ptisnovs at redhat.com>
date: Mon Mar 24 16:53:24 2014 -0400

	Fixed compilation failure on Aarch64.


diffstat:

 ChangeLog                          |  5 +++++
 contrib/jck/compile-native-code.sh |  3 +++
 2 files changed, 8 insertions(+), 0 deletions(-)

diffs (25 lines):

diff -r 9ace699eb46a -r 0ef5e61b1b00 ChangeLog
--- a/ChangeLog	Thu Mar 20 02:06:20 2014 +0000
+++ b/ChangeLog	Mon Mar 24 16:53:24 2014 -0400
@@ -1,3 +1,8 @@
+2014-03-24  Pavel Tisnovsky  <ptisnovs at redhat.com>
+
+	* contrib/jck/compile-native-code.sh:
+	Fixed compilation failure on Aarch64.
+
 2012-08-16  Andrew John Hughes  <gnu_andrew at member.fsf.org>
 
 	PR1712: Allow -Werror to be turned off in the
diff -r 9ace699eb46a -r 0ef5e61b1b00 contrib/jck/compile-native-code.sh
--- a/contrib/jck/compile-native-code.sh	Thu Mar 20 02:06:20 2014 +0000
+++ b/contrib/jck/compile-native-code.sh	Mon Mar 24 16:53:24 2014 -0400
@@ -31,6 +31,9 @@
   x86_64|ppc64|s390x)
     MFLAG=-m64
     ;;
+  aarch64)
+    MFLAG=-march=armv8-a
+    ;;
   *)
     echo 1>&2 "error: unhandled arch '$arch'"
     exit 1

From aazores at redhat.com  Mon Mar 24 14:58:23 2014
From: aazores at redhat.com (Andrew Azores)
Date: Mon, 24 Mar 2014 10:58:23 -0400
Subject: [rfc][icedtea-web] Reprint of application logs to console
In-Reply-To: <53300A33.2010801@redhat.com>
References: <532C5F65.8080709@redhat.com> <20140321155752.GE6449@redhat.com>
	<53300A33.2010801@redhat.com>
Message-ID: <5330480F.3080009@redhat.com>

On 03/24/2014 06:34 AM, Jiri Vanek wrote:
> On 03/21/2014 04:57 PM, Omair Majid wrote:
>> Hi
>>
>> I haven't reviewed the patch, but just wanted to comment on something.
>>
>> * Jiri Vanek <jvanek at redhat.com> [2014-03-21 11:51]:
>>> If application is calling system.out/err.print(ln) for some kind of
>>> debugging, then it is *maybe* good to show it in our debug console.
>>> With its powerful features it may be usefull debugging tool for
>>> developers.
>>
>> I would replace 'maybe' with 'definitely'.
>
> Thanx for support!
>>
>>> tbh, I'm not sure if this is wonted feature, but I somehow think it
>>> should be there. I also think previous console did it. So should
>>> new.  And ...  it really looks cool :)
>>
>> I think this is definitely worth having. And yes, I implemented this in
>> the older console. The console that is part of the proprietary plugin
>> does this too.
>>
>  In this case I would like to push it to head asap, as the code is 
> perfect as usually, can I consider it as "ok for head" ? :)
>
>
> J.
>

I think it looks okay, although I don't really know what's going on in a 
lot of the console, so some of it I don't know what it does (eg why the 
canChange field is needed).

Thanks,

-- 
Andrew A


From aazores at redhat.com  Mon Mar 24 15:01:18 2014
From: aazores at redhat.com (Andrew Azores)
Date: Mon, 24 Mar 2014 11:01:18 -0400
Subject: [rfc][icedtea-web] cache tweeks
In-Reply-To: <532C5B02.5020108@redhat.com>
References: <532AFC0A.5040501@redhat.com> <532B07FC.3050401@redhat.com>
	<532C5B02.5020108@redhat.com>
Message-ID: <533048BE.7050900@redhat.com>

On 03/21/2014 11:30 AM, Jiri Vanek wrote:
> On 03/20/2014 04:23 PM, Andrew Azores wrote:
>> On 03/20/2014 10:32 AM, Jiri Vanek wrote:
>>> releaseLock is bug, found thanx to tweeksToCache work.
>>> releaseLock is releasing the never released lock. It is not 100% fix 
>>> but for deeper fixing this
>>> needs to wait for cache revisite. ntil now it was invisible, because 
>>> jvm always terminated after
>>> clean-cache.
>>>
>>> The tweeksToCache is doing the only thing - making clear cache more 
>>> visible. Righ ntnow it exists
>>> only as cmd switch, and as feature in itw-settings->cache->view 
>>> Fiels->delete on by one.
>>> Now one can itw-settings->cache->view Files->delete all.
>>> Delete all is also presented on error dialogs - with tooltip why.
>>>
>>> Motivation? - tired to close bugs by "clear cache first please" 
>>> "how" "...:x..." "It started to work"
>>>
>>> Thanx!
>>>   J.
>>
>> There's some weird formatting going on in the cache tweaks patch. 
>> invokeLaterDeleteAll,
>> disableButtons, restoreDisabled, and visualCleanCache all have 
>> various indentation issues.
>>
>> Otherwise I think this is okay.
>>
>> Thanks,
>>
>
>
> Few more nits to this topic.
>  - improved messages
>  - exception shown to user as "what to do now"
>
> J.

Looks pretty good, feel free to push after fixing formatting problems 
noted in my last email. Only other nit is catching generic Exception in 
visualCleanCache, but this discussion has been had enough times 
already... :)

Thanks,

-- 
Andrew A


From jvanek at redhat.com  Mon Mar 24 14:40:11 2014
From: jvanek at redhat.com (Jiri Vanek)
Date: Mon, 24 Mar 2014 15:40:11 +0100
Subject: [rfc][icedtea-web] Security dialogs wait for PolicyEditor to
	finish parsing
In-Reply-To: <53303AA3.3080109@redhat.com>
References: <53303AA3.3080109@redhat.com>
Message-ID: <533043CB.3010506@redhat.com>

On 03/24/2014 03:01 PM, Andrew Azores wrote:
> Hi,
>
> PolicyEditor loads and saves policy files async, obviously. However, this means that opening a new
> PolicyEditor instance on an existing policy file and programmatically adding a new codebase to the
> editor does not have a well-defined order. This can be problematic because PolicyEditor
> highlights/selects the last added codebase, so eg in the scenario where the editor is being launched
> from a security dialog, we want to be sure that the current applet's codebase is the one selected
> when the editor appears. This patch adds a method to PolicyEditor that indicates whether the editor
> is currently reading/writing a file, and adds a loop to the two security dialogs so that the new
> codebase is not added and the editor made visible until it completes its IO.
>
> Thanks,
>

Hm... I dont think this is correct approach. Why are you so strongly against modal dialogue?


J.

From jvanek at redhat.com  Mon Mar 24 15:11:10 2014
From: jvanek at redhat.com (Jiri Vanek)
Date: Mon, 24 Mar 2014 16:11:10 +0100
Subject: [rfc][icedtea-web] Security dialogs wait for PolicyEditor to
	finish parsing
In-Reply-To: <533044D7.8040402@redhat.com>
References: <53303AA3.3080109@redhat.com> <533043CB.3010506@redhat.com>
	<533044D7.8040402@redhat.com>
Message-ID: <53304B0E.3060505@redhat.com>

On 03/24/2014 03:44 PM, Andrew Azores wrote:
> On 03/24/2014 10:40 AM, Jiri Vanek wrote:
>> On 03/24/2014 03:01 PM, Andrew Azores wrote:
>>> Hi,
>>>
>>> PolicyEditor loads and saves policy files async, obviously. However, this means that opening a new
>>> PolicyEditor instance on an existing policy file and programmatically adding a new codebase to the
>>> editor does not have a well-defined order. This can be problematic because PolicyEditor
>>> highlights/selects the last added codebase, so eg in the scenario where the editor is being launched
>>> from a security dialog, we want to be sure that the current applet's codebase is the one selected
>>> when the editor appears. This patch adds a method to PolicyEditor that indicates whether the editor
>>> is currently reading/writing a file, and adds a loop to the two security dialogs so that the new
>>> codebase is not added and the editor made visible until it completes its IO.
>>>
>>> Thanks,
>>>
>>
>> Hm... I dont think this is correct approach. Why are you so strongly against modal dialogue?
>>
>>
>> J.
>
> I'm not... making PolicyEditor modal will come later. This patch is just about making sure that when
> you launch PolicyEditor from a security dialog, the current applet's codebase is guaranteed to be
> the selected one when the editor appears. This and modality are completely separate.
>
> Thanks,
>
uff... wouldnt be much more easy to make the load/save in sync?  I do not see any reason why it is 
in new thread Thread(save/load).start() ....


J.

From ptisnovs at icedtea.classpath.org  Mon Mar 24 15:15:39 2014
From: ptisnovs at icedtea.classpath.org (ptisnovs at icedtea.classpath.org)
Date: Mon, 24 Mar 2014 15:15:39 +0000
Subject: /hg/icedtea: Fixed compilation failure on Aarch64.
Message-ID: <hg.102993442e37.1395674139.-6899778133799504387@icedtea.classpath.org>

changeset 102993442e37 in /hg/icedtea
details: http://icedtea.classpath.org/hg/icedtea?cmd=changeset;node=102993442e37
author: Pavel Tisnovsky <ptisnovs at redhat.com>
date: Mon Mar 24 17:19:19 2014 -0400

	Fixed compilation failure on Aarch64.


diffstat:

 ChangeLog                          |  5 +++++
 contrib/jck/compile-native-code.sh |  3 +++
 2 files changed, 8 insertions(+), 0 deletions(-)

diffs (25 lines):

diff -r fde41e40bb89 -r 102993442e37 ChangeLog
--- a/ChangeLog	Fri Dec 20 11:46:05 2013 +0100
+++ b/ChangeLog	Mon Mar 24 17:19:19 2014 -0400
@@ -1,3 +1,8 @@
+2014-03-24  Pavel Tisnovsky  <ptisnovs at redhat.com>
+
+	* contrib/jck/compile-native-code.sh:
+	Fixed compilation failure on Aarch64.
+
 2013-12-20  Xerxes R??nby  <xerxes at zafena.se>
 	    Robert Lougher  <rob at jamvm.org.uk>
 
diff -r fde41e40bb89 -r 102993442e37 contrib/jck/compile-native-code.sh
--- a/contrib/jck/compile-native-code.sh	Fri Dec 20 11:46:05 2013 +0100
+++ b/contrib/jck/compile-native-code.sh	Mon Mar 24 17:19:19 2014 -0400
@@ -31,6 +31,9 @@
   x86_64|ppc64|s390x)
     MFLAG=-m64
     ;;
+  aarch64)
+    MFLAG=-march=armv8-a
+    ;;
   *)
     echo 1>&2 "error: unhandled arch '$arch'"
     exit 1

From jvanek at icedtea.classpath.org  Mon Mar 24 15:46:28 2014
From: jvanek at icedtea.classpath.org (jvanek at icedtea.classpath.org)
Date: Mon, 24 Mar 2014 15:46:28 +0000
Subject: /hg/icedtea-web: Minor cache fixes
Message-ID: <hg.2d02a075cb1e.1395675988.8643924302249223276@icedtea.classpath.org>

changeset 2d02a075cb1e in /hg/icedtea-web
details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=2d02a075cb1e
author: Jiri Vanek <jvanek at redhat.com>
date: Mon Mar 24 16:46:09 2014 +0100

	Minor cache fixes


diffstat:

 ChangeLog                                               |   7 +++++++
 netx/net/sourceforge/jnlp/controlpanel/CachePane.java   |  11 +++++++----
 netx/net/sourceforge/jnlp/resources/Messages.properties |   6 +++---
 3 files changed, 17 insertions(+), 7 deletions(-)

diffs (61 lines):

diff -r 6bdbe6b2694b -r 2d02a075cb1e ChangeLog
--- a/ChangeLog	Mon Mar 24 09:20:18 2014 -0400
+++ b/ChangeLog	Mon Mar 24 16:46:09 2014 +0100
@@ -1,3 +1,10 @@
+2014-03-20  Jiri Vanek  <jvanek at redhat.com>
+
+	* netx/net/sourceforge/jnlp/controlpanel/CachePane.java: (visualCleanCache)
+	consider exception in cache operation as not-scuess.
+	* netx/net/sourceforge/jnlp/resources/Messages.properties: (CCannotClearCache)
+	(CFakedCache) (CVCPCleanCacheTip) improved by fix it tips.
+
 2014-03-24  Andrew Azores  <aazores at redhat.com>
 
 	* NEWS: added mention of Trusted-only manifest attribute
diff -r 6bdbe6b2694b -r 2d02a075cb1e netx/net/sourceforge/jnlp/controlpanel/CachePane.java
--- a/netx/net/sourceforge/jnlp/controlpanel/CachePane.java	Mon Mar 24 09:20:18 2014 -0400
+++ b/netx/net/sourceforge/jnlp/controlpanel/CachePane.java	Mon Mar 24 16:46:09 2014 +0100
@@ -481,12 +481,15 @@
         parent.getContentPane().setCursor(Cursor.getDefaultCursor());
     }
 
-    public static boolean visualCleanCache(Component parent) {
-        boolean success = CacheUtil.clearCache();
-        if (!success) {
+    public static void visualCleanCache(Component parent) {
+        try {
+            boolean success = CacheUtil.clearCache();
+            if (!success) {
+                JOptionPane.showMessageDialog(parent, Translator.R("CCannotClearCache"));
+            }
+        } catch (Exception ex) {
             JOptionPane.showMessageDialog(parent, Translator.R("CCannotClearCache"));
         }
-        return success;
     }
 }
 
diff -r 6bdbe6b2694b -r 2d02a075cb1e netx/net/sourceforge/jnlp/resources/Messages.properties
--- a/netx/net/sourceforge/jnlp/resources/Messages.properties	Mon Mar 24 09:20:18 2014 -0400
+++ b/netx/net/sourceforge/jnlp/resources/Messages.properties	Mon Mar 24 16:46:09 2014 +0100
@@ -265,9 +265,9 @@
 CChooseCache=Choose a cache directory...
 CChooseCacheInfo=NetX needs a location for storing cache files.
 CChooseCacheDir=Cache directory
-CCannotClearCache=Can not clear the cache at this time. Try later. If the problem persists, try closing your browser(s) & JNLP applications. At the end you can try to kill all java applications.
+CCannotClearCache=Can not clear the cache at this time. Try later. If the problem persists, try closing your browser(s) & JNLP applications. At the end you can try to kill all java applications. \\\n You can clear cache by javaws -Xclearcache or via itw-settings Cache -> View files -> Clean all
 CFakeCache=Cache is corrupt. Fixing.
-CFakedCache=Cache was corrupt and has been fixed. It is strongly recommended that you run 'javaws -Xclearcache' and rerun your application as soon as possible.
+CFakedCache=Cache was corrupt and has been fixed. It is strongly recommended that you run 'javaws -Xclearcache' and rerun your application as soon as possible. You can also use via itw-settings Cache -> View files -> Clean all
 
 # Security
 SFileReadAccess=The application has requested read access to {0}. Do you want to allow this action?
@@ -683,7 +683,7 @@
 CVCPButRefresh=Refresh
 CVCPButDelete=Delete
 CVCPCleanCache=Clean all cache
-CVCPCleanCacheTip=Some errors may be caused by old files in your cache. Before submitting the bug, you may clear cache and try to run application again. 
+CVCPCleanCacheTip=Some errors may be caused by old files in your cache. Before submitting the bug, you may clear cache and try to run application again. \\\n You can clear cache by javaws -Xclearcache or via itw-settings Cache -> View files -> Clean all
 CVCPColLastModified=Last Modified
 CVCPColSize=Size (Bytes)
 CVCPColDomain=Domain

From aazores at redhat.com  Mon Mar 24 15:46:53 2014
From: aazores at redhat.com (Andrew Azores)
Date: Mon, 24 Mar 2014 11:46:53 -0400
Subject: [rfc][icedtea-web] Security dialogs wait for PolicyEditor to
	finish parsing
In-Reply-To: <53304B0E.3060505@redhat.com>
References: <53303AA3.3080109@redhat.com> <533043CB.3010506@redhat.com>
	<533044D7.8040402@redhat.com> <53304B0E.3060505@redhat.com>
Message-ID: <5330536D.2030608@redhat.com>

On 03/24/2014 11:11 AM, Jiri Vanek wrote:
> On 03/24/2014 03:44 PM, Andrew Azores wrote:
>> On 03/24/2014 10:40 AM, Jiri Vanek wrote:
>>> On 03/24/2014 03:01 PM, Andrew Azores wrote:
>>>> Hi,
>>>>
>>>> PolicyEditor loads and saves policy files async, obviously. 
>>>> However, this means that opening a new
>>>> PolicyEditor instance on an existing policy file and 
>>>> programmatically adding a new codebase to the
>>>> editor does not have a well-defined order. This can be problematic 
>>>> because PolicyEditor
>>>> highlights/selects the last added codebase, so eg in the scenario 
>>>> where the editor is being launched
>>>> from a security dialog, we want to be sure that the current 
>>>> applet's codebase is the one selected
>>>> when the editor appears. This patch adds a method to PolicyEditor 
>>>> that indicates whether the editor
>>>> is currently reading/writing a file, and adds a loop to the two 
>>>> security dialogs so that the new
>>>> codebase is not added and the editor made visible until it 
>>>> completes its IO.
>>>>
>>>> Thanks,
>>>>
>>>
>>> Hm... I dont think this is correct approach. Why are you so strongly 
>>> against modal dialogue?
>>>
>>>
>>> J.
>>
>> I'm not... making PolicyEditor modal will come later. This patch is 
>> just about making sure that when
>> you launch PolicyEditor from a security dialog, the current applet's 
>> codebase is guaranteed to be
>> the selected one when the editor appears. This and modality are 
>> completely separate.
>>
>> Thanks,
>>
> uff... wouldnt be much more easy to make the load/save in sync?  I do 
> not see any reason why it is in new thread Thread(save/load).start() ....
>
>
> J.

I really don't want to be doing it sync on the UI thread. This makes the 
application less responsive, and is generally bad practice. Not worth 
the benefit of making it easier to guarantee the programmatically added 
new codebases come after. There are better ways to do it async than 
manually spawning a new Thread, though, yes. eg SwingWorker as you said 
on IRC, or Executors and Runnables as I suggested. Still, these 
potential enhancements to the multithreading model would still have the 
codebase ordering problem.

Thanks,

-- 
Andrew A


From aazores at redhat.com  Mon Mar 24 15:55:51 2014
From: aazores at redhat.com (Andrew Azores)
Date: Mon, 24 Mar 2014 11:55:51 -0400
Subject: [rfc][icedtea-web] Temporary permissions
Message-ID: <53305587.9080208@redhat.com>

Hi,

This patch adds new menu items to the new popup menu where PolicyEditor 
can be launched. These new items make it possible to run the current 
applet sandboxed, but with some additional permissions added, without 
having to actually launch PolicyEditor and configure the permissions. 
These permissions are also temporary, as opposed to making a custom 
policy, which persists until you remove the policy.

Right now the permission set defined is just the sum of the permissions 
PolicyEditor can grant via its checkboxes, and the two options added are 
No File Access and No Network Access, which are just that full set minus 
a few. I'd appreciate input on what other temporary permission options 
could be made available.

Anyone have ideas on making the popup menu disappear nicely, rather than 
adding a setVisible call on it to every action listener we have? And I 
suppose it should also be forced to disappear when the dialog is 
disposed as well. What's the best practice for that?

Thanks,

-- 
Andrew A

-------------- next part --------------
A non-text attachment was scrubbed...
Name: temporary-permissions.patch
Type: text/x-patch
Size: 15147 bytes
Desc: not available
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140324/945adc1d/temporary-permissions.patch>

From jvanek at redhat.com  Mon Mar 24 16:01:39 2014
From: jvanek at redhat.com (Jiri Vanek)
Date: Mon, 24 Mar 2014 17:01:39 +0100
Subject: [rfc][icedtea-web] Security dialogs wait for PolicyEditor to
	finish parsing
In-Reply-To: <5330536D.2030608@redhat.com>
References: <53303AA3.3080109@redhat.com> <533043CB.3010506@redhat.com>
	<533044D7.8040402@redhat.com> <53304B0E.3060505@redhat.com>
	<5330536D.2030608@redhat.com>
Message-ID: <533056E3.60201@redhat.com>

On 03/24/2014 04:46 PM, Andrew Azores wrote:
> On 03/24/2014 11:11 AM, Jiri Vanek wrote:
>> On 03/24/2014 03:44 PM, Andrew Azores wrote:
>>> On 03/24/2014 10:40 AM, Jiri Vanek wrote:
>>>> On 03/24/2014 03:01 PM, Andrew Azores wrote:
>>>>> Hi,
>>>>>
>>>>> PolicyEditor loads and saves policy files async, obviously. However, this means that opening a new
>>>>> PolicyEditor instance on an existing policy file and programmatically adding a new codebase to the
>>>>> editor does not have a well-defined order. This can be problematic because PolicyEditor
>>>>> highlights/selects the last added codebase, so eg in the scenario where the editor is being
>>>>> launched
>>>>> from a security dialog, we want to be sure that the current applet's codebase is the one selected
>>>>> when the editor appears. This patch adds a method to PolicyEditor that indicates whether the
>>>>> editor
>>>>> is currently reading/writing a file, and adds a loop to the two security dialogs so that the new
>>>>> codebase is not added and the editor made visible until it completes its IO.
>>>>>
>>>>> Thanks,
>>>>>
>>>>
>>>> Hm... I dont think this is correct approach. Why are you so strongly against modal dialogue?
>>>>
>>>>
>>>> J.
>>>
>>> I'm not... making PolicyEditor modal will come later. This patch is just about making sure that when
>>> you launch PolicyEditor from a security dialog, the current applet's codebase is guaranteed to be
>>> the selected one when the editor appears. This and modality are completely separate.
>>>
>>> Thanks,
>>>
>> uff... wouldnt be much more easy to make the load/save in sync?  I do not see any reason why it is
>> in new thread Thread(save/load).start() ....
>>
>>
>> J.
>
> I really don't want to be doing it sync on the UI thread. This makes the application less
> responsive, and is generally bad practice. Not worth the benefit of making it easier to guarantee
> the programmatically added new codebases come after. There are better ways to do it async than
> manually spawning a new Thread, though, yes. eg SwingWorker as you said on IRC, or Executors and
> Runnables as I suggested. Still, these potential enhancements to the multithreading model would
> still have the codebase ordering problem.

I agree thath do it in gui thread is wrong. But I disagree with current aproach and new suggested 
locking.

Correct aporach is:
invoke thread (swingworker)
   disable gui or show dialog with progressbar or soem wait please
    (so gui will be "responsoble")
wait for thread.


Would be correct approach.


However - the polici files *are* small. So the burden of *doing it IN*  AWT is imho acceptable.


J.



From jvanek at icedtea.classpath.org  Mon Mar 24 16:05:05 2014
From: jvanek at icedtea.classpath.org (jvanek at icedtea.classpath.org)
Date: Mon, 24 Mar 2014 16:05:05 +0000
Subject: /hg/icedtea-web: Client applications now log into new console.
Message-ID: <hg.c0845e58bfba.1395677105.8643924302249223276@icedtea.classpath.org>

changeset c0845e58bfba in /hg/icedtea-web
details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=c0845e58bfba
author: Jiri Vanek <jvanek at redhat.com>
date: Mon Mar 24 17:04:51 2014 +0100

	Client applications now log into new console.


diffstat:

 ChangeLog                                                          |   24 +-
 netx/net/sourceforge/jnlp/resources/Messages.properties            |    2 +
 netx/net/sourceforge/jnlp/runtime/Boot.java                        |    3 +-
 netx/net/sourceforge/jnlp/util/TeeOutputStream.java                |   95 ------
 netx/net/sourceforge/jnlp/util/logging/ConsoleOutputPane.java      |   39 ++-
 netx/net/sourceforge/jnlp/util/logging/ConsoleOutputPaneModel.java |   35 ++-
 netx/net/sourceforge/jnlp/util/logging/JavaConsole.java            |   10 +
 netx/net/sourceforge/jnlp/util/logging/OutputController.java       |    4 +
 netx/net/sourceforge/jnlp/util/logging/TeeOutputStream.java        |  141 ++++++++++
 netx/net/sourceforge/jnlp/util/logging/headers/Header.java         |   19 +-
 10 files changed, 261 insertions(+), 111 deletions(-)

diffs (truncated from 589 to 500 lines):

diff -r 2d02a075cb1e -r c0845e58bfba ChangeLog
--- a/ChangeLog	Mon Mar 24 16:46:09 2014 +0100
+++ b/ChangeLog	Mon Mar 24 17:04:51 2014 +0100
@@ -1,4 +1,26 @@
-2014-03-20  Jiri Vanek  <jvanek at redhat.com>
+2014-03-24  Jiri Vanek  <jvanek at redhat.com>
+
+	Client applications now log into new console.
+	* netx/net/sourceforge/jnlp/resources/Messages.properties: added keys (COPitw)
+	and (COPclientApp) for new checkboxes in console
+	* netx/net/sourceforge/jnlp/runtime/Boot.java: added brackets to headless if
+	* netx/net/sourceforge/jnlp/util/TeeOutputStream.java: moved to
+	* netx/net/sourceforge/jnlp/util/logging/TeeOutputStream.java: and improved to
+	log into new console.
+	* netx/net/sourceforge/jnlp/util/logging/ConsoleOutputPane.java: added new
+	checkboxes to filter out/in custom app/itw logs. copyAll buttons do not include
+	custom app's logs in case of first click.
+	* netx/net/sourceforge/jnlp/util/logging/ConsoleOutputPaneModel.java: Added
+	testing data with custom app. (HTMLCOLOR_PURPLE) and (HTMLCOLOR_GREEN) as
+	new colors for custom app. (filter) now handle client app.
+	* netx/net/sourceforge/jnlp/util/logging/JavaConsole.java: (init) redirect
+	stdout/err over teeOutputStream
+	* /netx/net/sourceforge/jnlp/util/logging/OutputController.java: (consume)
+	do not reprint if header is marked by isClientApp
+	* netx/net/sourceforge/jnlp/util/logging/headers/Header.java: added field
+	(isClientApp)
+	
+2014-03-24  Jiri Vanek  <jvanek at redhat.com>
 
 	* netx/net/sourceforge/jnlp/controlpanel/CachePane.java: (visualCleanCache)
 	consider exception in cache operation as not-scuess.
diff -r 2d02a075cb1e -r c0845e58bfba netx/net/sourceforge/jnlp/resources/Messages.properties
--- a/netx/net/sourceforge/jnlp/resources/Messages.properties	Mon Mar 24 16:46:09 2014 +0100
+++ b/netx/net/sourceforge/jnlp/resources/Messages.properties	Mon Mar 24 17:04:51 2014 +0100
@@ -622,6 +622,8 @@
 COPmatch=match
 COPnot=not
 COPrevert=revert
+COPitw=IcedTea-Web
+COPclientApp=Client app.
 
 # Control Panel - DesktopShortcutPanel
 DSPNeverCreate=Never create
diff -r 2d02a075cb1e -r c0845e58bfba netx/net/sourceforge/jnlp/runtime/Boot.java
--- a/netx/net/sourceforge/jnlp/runtime/Boot.java	Mon Mar 24 16:46:09 2014 +0100
+++ b/netx/net/sourceforge/jnlp/runtime/Boot.java	Mon Mar 24 17:04:51 2014 +0100
@@ -135,8 +135,9 @@
         if (AppContext.getAppContext() == null) {
             SunToolkit.createNewAppContext();
         }
-        if (null != getOption("-headless"))
+        if (null != getOption("-headless")) {
             JNLPRuntime.setHeadless(true);
+        }
 
         DeploymentConfiguration.move14AndOlderFilesTo15StructureCatched();
 
diff -r 2d02a075cb1e -r c0845e58bfba netx/net/sourceforge/jnlp/util/TeeOutputStream.java
--- a/netx/net/sourceforge/jnlp/util/TeeOutputStream.java	Mon Mar 24 16:46:09 2014 +0100
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,95 +0,0 @@
-/* TeeOutputStream.java
-   Copyright (C) 2010 Red Hat
-
-This file is part of IcedTea.
-
-IcedTea is free software; you can redistribute it and/or modify
-it under the terms of the GNU General Public License as published by
-the Free Software Foundation; either version 2, or (at your option)
-any later version.
-
-IcedTea is distributed in the hope that it will be useful, but
-WITHOUT ANY WARRANTY; without even the implied warranty of
-MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-General Public License for more details.
-
-You should have received a copy of the GNU General Public License
-along with IcedTea; see the file COPYING.  If not, write to the
-Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
-02110-1301 USA.
-
-Linking this library statically or dynamically with other modules is
-making a combined work based on this library.  Thus, the terms and
-conditions of the GNU General Public License cover the whole
-combination.
-
-As a special exception, the copyright holders of this library give you
-permission to link this library with independent modules to produce an
-executable, regardless of the license terms of these independent
-modules, and to copy and distribute the resulting executable under
-terms of your choice, provided that you also meet, for each linked
-independent module, the terms and conditions of the license of that
-module.  An independent module is a module which is not derived from
-or based on this library.  If you modify this library, you may extend
-this exception to your version of the library, but you are not
-obligated to do so.  If you do not wish to do so, delete this
-exception statement from your version. */
-
-package net.sourceforge.jnlp.util;
-
-import java.io.FileOutputStream;
-import java.io.PrintStream;
-
-/**
- * Behaves like the 'tee' command, sends output to both actual std stream and a
- * file
- */
-public final class TeeOutputStream extends PrintStream {
-
-    // Everthing written to TeeOutputStream is written to this file
-    PrintStream logFile;
-
-    public TeeOutputStream(FileOutputStream fileOutputStream,
-            PrintStream stdStream) {
-        super(stdStream);
-        logFile = new PrintStream(fileOutputStream);
-    }
-
-    @Override
-    public boolean checkError() {
-        boolean thisError = super.checkError();
-        boolean fileError = logFile.checkError();
-
-        return thisError || fileError;
-    }
-
-    @Override
-    public void close() {
-        logFile.close();
-        super.close();
-    }
-
-    @Override
-    public void flush() {
-        logFile.flush();
-        super.flush();
-    }
-
-    /*
-     * The big ones: these do the actual writing
-     */
-
-    @Override
-    public void write(byte[] buf, int off, int len) {
-        logFile.write(buf, off, len);
-
-        super.write(buf, off, len);
-    }
-
-    @Override
-    public void write(int b) {
-        logFile.write(b);
-
-        super.write(b);
-    }
-}
diff -r 2d02a075cb1e -r c0845e58bfba netx/net/sourceforge/jnlp/util/logging/ConsoleOutputPane.java
--- a/netx/net/sourceforge/jnlp/util/logging/ConsoleOutputPane.java	Mon Mar 24 16:46:09 2014 +0100
+++ b/netx/net/sourceforge/jnlp/util/logging/ConsoleOutputPane.java	Mon Mar 24 17:04:51 2014 +0100
@@ -31,6 +31,8 @@
 import net.sourceforge.jnlp.util.logging.headers.ObservableMessagesProvider;
 
 public class ConsoleOutputPane extends javax.swing.JPanel implements Observer {
+    
+    private boolean canChange = true;
 
     @Override
     public synchronized void update(Observable o, Object arg) {
@@ -171,7 +173,7 @@
 
             @Override
             public void actionPerformed(java.awt.event.ActionEvent evt) {
-                refreshAction(evt);
+                refreshAction();
             }
         };
     }
@@ -284,6 +286,8 @@
         wordWrap = new javax.swing.JCheckBox();
         showDebug = new javax.swing.JCheckBox();
         showInfo = new javax.swing.JCheckBox();
+        showItw = new javax.swing.JCheckBox();
+        showApp = new javax.swing.JCheckBox();
         showCode = new javax.swing.JCheckBox();
         statistics = new javax.swing.JLabel();
         showPostInit = new javax.swing.JCheckBox();
@@ -384,7 +388,7 @@
             @Override
             public void actionPerformed(java.awt.event.ActionEvent evt) {
                 model.usedPattern = model.lastValidPattern;
-                refreshAction(evt);
+                refreshAction();
             }
         });
 
@@ -447,6 +451,14 @@
         showInfo.setSelected(true);
         showInfo.setText(Translator.R("COPinfo"));
         showInfo.addActionListener(getDefaultActionSingleton());
+        
+        showItw.setSelected(true);
+        showItw.setText(Translator.R("COPitw"));
+        showItw.addActionListener(getDefaultActionSingleton());
+        
+        showApp.setSelected(true);
+        showApp.setText(Translator.R("COPclientApp"));
+        showApp.addActionListener(getDefaultActionSingleton());
 
         showCode.setSelected(true);
         showCode.setText(Translator.R("COPcode"));
@@ -523,7 +535,10 @@
                 addComponent(showJava).addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED).
                 addComponent(showPlugin).addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED)
                 .addComponent(showDebug).addGap(6, 6, 6).
-                addComponent(showInfo))).addGap(2, 2, 2).
+                addComponent(showInfo).addGap(6, 6, 6).
+                addComponent(showItw).addGap(6, 6, 6).
+                addComponent(showApp)
+                )).addGap(2, 2, 2).
                 addComponent(statistics)).addGroup(
                 javax.swing.GroupLayout.Alignment.TRAILING, jPanel2Layout.createSequentialGroup().
                 addComponent(showPreInit).addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED).
@@ -564,6 +579,8 @@
                 addComponent(showPlugin).
                 addComponent(showDebug).
                 addComponent(showInfo).
+                addComponent(showItw).
+                addComponent(showApp).
                 addComponent(statistics)).addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED).addGroup(
                 jPanel2Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.BASELINE).
                 addComponent(showPreInit).
@@ -708,7 +725,7 @@
         validate();
     }
 
-    private void refreshAction(java.awt.event.ActionEvent evt) {
+    private void refreshAction() {
         updateModel();
         refreshPane();
     }
@@ -807,10 +824,20 @@
     }
 
     private void copyPlainActionPerformed(java.awt.event.ActionEvent evt) {
+        if (canChange) {
+            showApp.setSelected(false);
+            refreshAction();
+            canChange = false;
+        }
         fillClipBoard(false, sortCopyAll.isSelected());
     }
 
     private void copyRichActionPerformed(java.awt.event.ActionEvent evt) {
+        if (canChange) {
+            showApp.setSelected(false);
+            refreshAction();
+            canChange = false;
+        }
         fillClipBoard(true, sortCopyAll.isSelected());
     }
     
@@ -856,6 +883,8 @@
         model.showHeaders = showHeaders.isSelected();
         model.showIncomplete = showIncomplete.isSelected();
         model.showInfo = showInfo.isSelected();
+        model.showItw = showItw.isSelected();
+        model.showApp = showApp.isSelected();
         model.showJava = showJava.isSelected();
         model.showLevel = showLevel.isSelected();
         model.showMessage = showMessage.isSelected();
@@ -900,6 +929,8 @@
     private javax.swing.JButton showHide;
     private javax.swing.JCheckBox showIncomplete;
     private javax.swing.JCheckBox showInfo;
+    private javax.swing.JCheckBox showItw;
+    private javax.swing.JCheckBox showApp;
     private javax.swing.JCheckBox showJava;
     private javax.swing.JCheckBox showLevel;
     private javax.swing.JCheckBox showMessage;
diff -r 2d02a075cb1e -r c0845e58bfba netx/net/sourceforge/jnlp/util/logging/ConsoleOutputPaneModel.java
--- a/netx/net/sourceforge/jnlp/util/logging/ConsoleOutputPaneModel.java	Mon Mar 24 16:46:09 2014 +0100
+++ b/netx/net/sourceforge/jnlp/util/logging/ConsoleOutputPaneModel.java	Mon Mar 24 17:04:51 2014 +0100
@@ -96,6 +96,12 @@
             origData.add(new JavaMessage(new Header(Level.WARNING_ALL, Thread.currentThread().getStackTrace(), Thread.currentThread(), false), "message 2"));
             origData.add(new JavaMessage(new Header(Level.WARNING_DEBUG, Thread.currentThread().getStackTrace(), Thread.currentThread(), false), "message 4"));
             origData.add(new JavaMessage(new Header(Level.MESSAGE_DEBUG, Thread.currentThread().getStackTrace(), Thread.currentThread(), false), "message 9"));
+            JavaMessage m1 = new JavaMessage(new Header(Level.MESSAGE_ALL, Thread.currentThread().getStackTrace(), Thread.currentThread(), false), "app1");
+            JavaMessage m2 = new JavaMessage(new Header(Level.ERROR_ALL, Thread.currentThread().getStackTrace(), Thread.currentThread(), false), "app2");
+            m1.getHeader().isClientApp = true;
+            m2.getHeader().isClientApp = true;
+            origData.add(m1);
+            origData.add(m2);
             origData.add(new JavaMessage(new Header(Level.MESSAGE_ALL, Thread.currentThread().getStackTrace(), Thread.currentThread(), false), "message 0 - multilined \n"
                     + "since beggining\n"
                     + "         later\n"
@@ -117,7 +123,8 @@
     private static final String HTMLCOLOR_GREENYELLOW = "AAAA00";
     private static final String HTMLCOLOR_PINKYREAD = "FF0055";
     private static final String HTMLCOLOR_BLACK = "000000";
-
+    private static final String HTMLCOLOR_GREEN = "669966";
+    private static final String HTMLCOLOR_PURPLE = "990066";
     String importList() {
         return importList(lastUpdateIndex);
     }
@@ -174,12 +181,20 @@
                         }
                     }
                 } else {
-                    if (messageWithHeader.getHeader().level.isWarning()) {
-                        sb.append(HTMLCOLOR_GREENYELLOW);
-                    } else if (messageWithHeader.getHeader().level.isError()) {
-                        sb.append(HTMLCOLOR_PINKYREAD);
+                    if (messageWithHeader.getHeader().isClientApp) {
+                        if (messageWithHeader.getHeader().level.isError()) {
+                            sb.append(HTMLCOLOR_PURPLE);
+                        } else {
+                            sb.append(HTMLCOLOR_GREEN);
+                        }
                     } else {
-                        sb.append(HTMLCOLOR_BLACK);
+                        if (messageWithHeader.getHeader().level.isWarning()) {
+                            sb.append(HTMLCOLOR_GREENYELLOW);
+                        } else if (messageWithHeader.getHeader().level.isError()) {
+                            sb.append(HTMLCOLOR_PINKYREAD);
+                        } else {
+                            sb.append(HTMLCOLOR_BLACK);
+                        }
                     }
                 }
                 sb.append("'>");
@@ -328,6 +343,12 @@
         if (!showInfo && m.getHeader().level.isInfo()) {
             return true;
         }
+        if (!showItw && !m.getHeader().isClientApp) {
+            return true;
+        }
+        if (!showApp && m.getHeader().isClientApp) {
+            return true;
+        }
         if (!showJava && !m.getHeader().isC) {
             return true;
         }
@@ -376,6 +397,8 @@
     boolean showHeaders;
     boolean showIncomplete;
     boolean showInfo;
+    boolean showItw;
+    boolean showApp;
     boolean showJava;
     boolean showLevel;
     boolean showMessage;
diff -r 2d02a075cb1e -r c0845e58bfba netx/net/sourceforge/jnlp/util/logging/JavaConsole.java
--- a/netx/net/sourceforge/jnlp/util/logging/JavaConsole.java	Mon Mar 24 16:46:09 2014 +0100
+++ b/netx/net/sourceforge/jnlp/util/logging/JavaConsole.java	Mon Mar 24 17:04:51 2014 +0100
@@ -89,6 +89,16 @@
     final private List<MessageWithHeader> rawData = Collections.synchronizedList(new ArrayList<MessageWithHeader>());
     final private List<ConsoleOutputPane> outputs = new ArrayList<ConsoleOutputPane>();
 
+    public JavaConsole() {
+        //add middleware, which catches client's application stdout/err
+        //and will submit it into console
+        System.setErr(new TeeOutputStream(System.err, true));
+        System.setOut(new TeeOutputStream(System.out, false));
+        //internal stdOut/Err are going throughs outLog/errLog
+        //when console is off, those tees are not installed
+    }
+
+    
     private void refreshOutputs() {
         refreshOutputs(outputsPanel, (Integer)numberOfOutputs.getValue());
     }
diff -r 2d02a075cb1e -r c0845e58bfba netx/net/sourceforge/jnlp/util/logging/OutputController.java
--- a/netx/net/sourceforge/jnlp/util/logging/OutputController.java	Mon Mar 24 16:46:09 2014 +0100
+++ b/netx/net/sourceforge/jnlp/util/logging/OutputController.java	Mon Mar 24 17:04:51 2014 +0100
@@ -148,6 +148,10 @@
         if (LogConfig.getLogConfig().isLogToConsole()) {
             JavaConsole.getConsole().addMessage(s);
         }
+        //clients app's messages are reprinted only to console
+        if (s.getHeader().isClientApp){
+            return;
+        }
         if (!JNLPRuntime.isDebug() && (s.getHeader().level == Level.MESSAGE_DEBUG
                 || s.getHeader().level == Level.WARNING_DEBUG
                 || s.getHeader().level == Level.ERROR_DEBUG)) {
diff -r 2d02a075cb1e -r c0845e58bfba netx/net/sourceforge/jnlp/util/logging/TeeOutputStream.java
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/netx/net/sourceforge/jnlp/util/logging/TeeOutputStream.java	Mon Mar 24 17:04:51 2014 +0100
@@ -0,0 +1,141 @@
+/* TeeOutputStream.java
+   Copyright (C) 2010 Red Hat
+
+This file is part of IcedTea.
+
+IcedTea is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+IcedTea is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with IcedTea; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version. */
+
+package net.sourceforge.jnlp.util.logging;
+
+
+import java.io.PrintStream;
+import net.sourceforge.jnlp.util.logging.JavaConsole;
+import net.sourceforge.jnlp.util.logging.OutputController;
+import net.sourceforge.jnlp.util.logging.OutputController.Level;
+import net.sourceforge.jnlp.util.logging.SingleStreamLogger;
+import net.sourceforge.jnlp.util.logging.headers.Header;
+import net.sourceforge.jnlp.util.logging.headers.JavaMessage;
+import net.sourceforge.jnlp.util.logging.headers.MessageWithHeader;
+
+/**
+ * Behaves like the 'tee' command, sends output to both actual std stream and a
+ * log
+ */
+public final class TeeOutputStream extends PrintStream implements SingleStreamLogger{
+
+    // Everthing written to TeeOutputStream is written to our log too
+    
+    private final StringBuffer string = new StringBuffer();
+    private final boolean isError;
+
+    public TeeOutputStream(PrintStream stdStream, boolean isError) {
+        super(stdStream);
+        this.isError = isError;
+    }
+
+
+    @Override
+    public void close() {
+        flushLog();
+        super.close();
+    }
+
+    @Override
+    public void flush() {
+        flushLog();
+        super.flush();
+    }
+
+    /*
+     * The big ones: these do the actual writing
+     */
+
+    @Override
+    public synchronized void write(byte[] b, int off, int len) {
+        if (b == null) {
+            throw new NullPointerException();
+        } else if ((off < 0) || (off > b.length) || (len < 0)
+                || ((off + len) > b.length) || ((off + len) < 0)) {
+            throw new IndexOutOfBoundsException();
+        } else if (len == 0) {
+            return;
+        }
+        for (int i = 0; i < len; i++) {
+            appendChar(b[off + i]);
+        }
+        super.write(b, off, len);
+    }
+
+    @Override
+    public synchronized void write(int b) {
+        appendChar(b);
+        super.write(b);
+    }
+
+    private void flushLog() {
+        if (string.length() <= 0 ){
+            return;
+        }
+        log(string.toString());

From andrew at icedtea.classpath.org  Mon Mar 24 16:09:53 2014
From: andrew at icedtea.classpath.org (andrew at icedtea.classpath.org)
Date: Mon, 24 Mar 2014 16:09:53 +0000
Subject: /hg/release/icedtea7-2.3: 7 new changesets
Message-ID: <hg.54a01fed7fe2.1395677393.5789328834432805219@icedtea.classpath.org>

changeset 54a01fed7fe2 in /hg/release/icedtea7-2.3
details: http://icedtea.classpath.org/hg/release/icedtea7-2.3?cmd=changeset;node=54a01fed7fe2
author: Andrew John Hughes <gnu_andrew at member.fsf.org>
date: Thu Jan 16 05:20:16 2014 +0000

	Fix broken bootstrap.

	2014-01-15  Andrew John Hughes  <gnu.andrew at redhat.com>

		* patches/boot/ecj-multicatch.patch:
		Add new cases in RSAClientKeyExchange
		and Handshaker.


changeset 6971534a9128 in /hg/release/icedtea7-2.3
details: http://icedtea.classpath.org/hg/release/icedtea7-2.3?cmd=changeset;node=6971534a9128
author: Andrew John Hughes <gnu_andrew at member.fsf.org>
date: Tue Feb 25 16:38:08 2014 +0000

	S7023639, CVE-2013-5838: JSR 292 method handle invocation needs a fast path for compiled code (Zero only)
	S8029507, CVE-2013-5893: Enhance JVM method processing (Zero only)
	S7192406: JSR 292: C2 needs exact return type information for invokedynamic and invokehandle call sites (Zero only)
	S7196242: vm/mlvm/indy/stress/java/loopsAndThreads crashed (Zero only)
	S7200949: JSR 292: rubybench/bench/time/bench_base64.rb fails with jruby.jar not on boot class path (Zero only)
	S8000780: make Zero build and run with JDK8 (Zero only)

	2014-02-25  Andrew John Hughes  <gnu.andrew at redhat.com>

		* Makefile.am:
		(ICEDTEA_PATCHES): Add new patches for Zero builds only.
		* NEWS: List new patches.
		* patches/zero/7023639-8000780-jsr292_fast_path.patch,
		* patches/zero/7192406-exact_return_type_info.patch,
		* patches/zero/7196242-loopsandthreads_crashed.patch,
		* patches/zero/7200949-jruby_fail.patch,
		* patches/zero/8029507-jvm_method_processing.patch:
		Backports of 7023639 and 8029507 security fixes for
		Zero only, with required backports.


changeset 2df0b6e6b67f in /hg/release/icedtea7-2.3
details: http://icedtea.classpath.org/hg/release/icedtea7-2.3?cmd=changeset;node=2df0b6e6b67f
author: Andrew John Hughes <gnu_andrew at member.fsf.org>
date: Fri Mar 21 20:25:44 2014 +0000

	List bootstrap fix in NEWS.

	2014-03-21  Andrew John Hughes  <gnu.andrew at redhat.com>

		* NEWS: List bootstrap fix.


changeset 358293cf091b in /hg/release/icedtea7-2.3
details: http://icedtea.classpath.org/hg/release/icedtea7-2.3?cmd=changeset;node=358293cf091b
author: Andrew John Hughes <gnu_andrew at member.fsf.org>
date: Fri Feb 21 22:04:31 2014 +0000

	Avoid giving PAX_COMMAND a value if no PaX utility is available.

	2014-02-21  Andrew John Hughes  <gnu.andrew at member.fsf.org>

		* acinclude.m4:
		(IT_WITH_PAX): Leave PAX_COMMAND with the empty
		string rather than "not specified" to avoid build
		failures.
		* pax-mark-vm.in: Update PAX_COMMAND check.


changeset 752098160f94 in /hg/release/icedtea7-2.3
details: http://icedtea.classpath.org/hg/release/icedtea7-2.3?cmd=changeset;node=752098160f94
author: Andrew John Hughes <gnu_andrew at member.fsf.org>
date: Fri Mar 21 20:28:06 2014 +0000

	PR1684: Build fails with empty PAX_COMMAND

	2014-02-24  Andrew John Hughes  <gnu.andrew at member.fsf.org>

		PR1684: Build fails with empty PAX_COMMAND
		* Makefile.am:
		(ICEDTEA_ENV): Only add PAX_COMMAND when defined.
		* NEWS: Updated.


changeset 1b8baaef20dd in /hg/release/icedtea7-2.3
details: http://icedtea.classpath.org/hg/release/icedtea7-2.3?cmd=changeset;node=1b8baaef20dd
author: Andrew John Hughes <gnu_andrew at member.fsf.org>
date: Fri Mar 21 20:29:20 2014 +0000

	Add Gentoo bug reference for PaX update.

	2014-02-24  Andrew John Hughes  <gnu.andrew at member.fsf.org>

		* NEWS: Add Gentoo bug reference for
		PaX update.


changeset 65e24999d804 in /hg/release/icedtea7-2.3
details: http://icedtea.classpath.org/hg/release/icedtea7-2.3?cmd=changeset;node=65e24999d804
author: Andrew John Hughes <gnu_andrew at member.fsf.org>
date: Mon Mar 24 16:09:19 2014 +0000

	Bring in latest changes from 2.4 branch and u51.

	PR1653: Support ppc64le via Zero
	PR1654: ppc32 needs a larger ThreadStackSize to build
	PR1679: Allow OpenJDK to build on PaX-enabled kernels

	2014-03-24  Andrew John Hughes  <gnu.andrew at member.fsf.org>

		* patches/revert-7017193.patch:
		Removed.
		* patches/boot/ecj-diamond.patch: Remove unneeded
		change to src/share/classes/java/beans/ThreadGroupContext.java
		* Makefile.am:
		(CORBA_CHANGESET): Update to icedtea-2.3 HEAD.
		(JAXP_CHANGESET): Likewise.
		(JAXWS_CHANGESET): Likewise.
		(JDK_CHANGESET): Likewise.
		(OPENJDK_CHANGESET): Likewise.
		(CORBA_SHA256SUM): Likewise.
		(JAXP_SHA256SUM): Likewise.
		(JAXWS_SHA256SUM): Likewise.
		(JDK_SHA256SUM): Likewise.
		(OPENJDK_SHA256SUM): Likewise.
		(ICEDTEA_PATCHES): Remove 7017193 reversion.
		* NEWS: Updated with latest changes, including PaX
		ARM32 and Shark changes.
		* acinclude.m4:
		(IT_ENABLE_ARM32JIT): Enable by default.
		* hotspot.map: Update to icedtea-2.3 HEAD.

	2014-02-19  Andrew John Hughes  <gnu.andrew at member.fsf.org>

		* patches/boot/test_gamma.patch,
		* patches/pax-mark-rmic-java.patch,
		* patches/test_gamma.patch:
		Removed.
		* INSTALL:
		Document ARM32 JIT and --enable-arm32-jit option.
		(ICEDTEA_PATCHES): Remove PaX patches.
		(ICEDTEA_BOOT_PATCHES): Remove test_gamma
		patch (fixed by detection of non-Oracle JDK
		addition from PPC port)
		(ARM32JIT_STATUS): Set based on ENABLE_ARM32JIT.
		(ICEDTEA_ENV): Pass ARM32JIT to OpenJDK build.
		* acinclude.m4:
		(IT_ENABLE_ARM32JIT): Allow the ARM32 JIT to be
		enabled.
		* configure.ac: Run IT_ENABLE_ARM32JIT macro.


diffstat:

 ChangeLog                                           |     86 +
 INSTALL                                             |      5 +
 Makefile.am                                         |     50 +-
 NEWS                                                |     56 +-
 acinclude.m4                                        |     29 +-
 configure.ac                                        |      1 +
 hotspot.map                                         |      2 +-
 patches/boot/ecj-diamond.patch                      |   1152 +-
 patches/boot/ecj-multicatch.patch                   |     49 +
 patches/boot/test_gamma.patch                       |     47 -
 patches/pax-mark-rmic-java.patch                    |     10 -
 patches/revert-7017193.patch                        |    138 -
 patches/test_gamma.patch                            |     47 -
 patches/zero/7023639-8000780-jsr292_fast_path.patch |  28468 ++++++++++++++++++
 patches/zero/7192406-exact_return_type_info.patch   |    660 +
 patches/zero/7196242-loopsandthreads_crashed.patch  |    124 +
 patches/zero/7200949-jruby_fail.patch               |   1045 +
 patches/zero/8029507-jvm_method_processing.patch    |    215 +
 pax-mark-vm.in                                      |      2 +-
 19 files changed, 31334 insertions(+), 852 deletions(-)

diffs (truncated from 34267 to 500 lines):

diff -r 541d09b19300 -r 65e24999d804 ChangeLog
--- a/ChangeLog	Mon Feb 24 18:59:38 2014 +0000
+++ b/ChangeLog	Mon Mar 24 16:09:19 2014 +0000
@@ -1,3 +1,89 @@
+2014-03-24  Andrew John Hughes  <gnu.andrew at member.fsf.org>
+
+	* patches/revert-7017193.patch:
+	Removed.
+	* patches/boot/ecj-diamond.patch: Remove unneeded
+	change to src/share/classes/java/beans/ThreadGroupContext.java
+	* Makefile.am:
+	(CORBA_CHANGESET): Update to icedtea-2.3 HEAD.
+	(JAXP_CHANGESET): Likewise.
+	(JAXWS_CHANGESET): Likewise.
+	(JDK_CHANGESET): Likewise.
+	(OPENJDK_CHANGESET): Likewise.
+	(CORBA_SHA256SUM): Likewise.
+	(JAXP_SHA256SUM): Likewise.
+	(JAXWS_SHA256SUM): Likewise.
+	(JDK_SHA256SUM): Likewise.
+	(OPENJDK_SHA256SUM): Likewise.
+	(ICEDTEA_PATCHES): Remove 7017193 reversion.
+	* NEWS: Updated with latest changes, including PaX
+	ARM32 and Shark changes.
+	* acinclude.m4:
+	(IT_ENABLE_ARM32JIT): Enable by default.
+	* hotspot.map: Update to icedtea-2.3 HEAD.
+
+2014-02-19  Andrew John Hughes  <gnu.andrew at member.fsf.org>
+
+	* patches/boot/test_gamma.patch,
+	* patches/pax-mark-rmic-java.patch,
+	* patches/test_gamma.patch:
+	Removed.
+	* INSTALL:
+	Document ARM32 JIT and --enable-arm32-jit option.
+	(ICEDTEA_PATCHES): Remove PaX patches.
+	(ICEDTEA_BOOT_PATCHES): Remove test_gamma
+	patch (fixed by detection of non-Oracle JDK
+	addition from PPC port)
+	(ARM32JIT_STATUS): Set based on ENABLE_ARM32JIT.
+	(ICEDTEA_ENV): Pass ARM32JIT to OpenJDK build.
+	* acinclude.m4:
+	(IT_ENABLE_ARM32JIT): Allow the ARM32 JIT to be
+	enabled.
+	* configure.ac: Run IT_ENABLE_ARM32JIT macro.
+
+2014-02-24  Andrew John Hughes  <gnu.andrew at member.fsf.org>
+
+	* NEWS: Add Gentoo bug reference for
+	PaX update.
+
+2014-02-24  Andrew John Hughes  <gnu.andrew at member.fsf.org>
+
+	PR1684: Build fails with empty PAX_COMMAND
+	* Makefile.am:
+	(ICEDTEA_ENV): Only add PAX_COMMAND when defined.
+	* NEWS: Updated.
+
+2014-02-21  Andrew John Hughes  <gnu.andrew at member.fsf.org>
+
+	* acinclude.m4:
+	(IT_WITH_PAX): Leave PAX_COMMAND with the empty
+	string rather than "not specified" to avoid build
+	failures.
+	* pax-mark-vm.in: Update PAX_COMMAND check.
+
+2014-03-21  Andrew John Hughes  <gnu.andrew at redhat.com>
+
+	* NEWS: List bootstrap fix.
+
+2014-02-25  Andrew John Hughes  <gnu.andrew at redhat.com>
+
+	* Makefile.am:
+	(ICEDTEA_PATCHES): Add new patches for Zero builds only.
+	* NEWS: List new patches.
+	* patches/zero/7023639-8000780-jsr292_fast_path.patch,
+	* patches/zero/7192406-exact_return_type_info.patch,
+	* patches/zero/7196242-loopsandthreads_crashed.patch,
+	* patches/zero/7200949-jruby_fail.patch,
+	* patches/zero/8029507-jvm_method_processing.patch:
+	Backports of 7023639 and 8029507 security fixes for
+	Zero only, with required backports.
+
+2014-01-15  Andrew John Hughes  <gnu.andrew at redhat.com>
+
+	* patches/boot/ecj-multicatch.patch:
+	Add new cases in RSAClientKeyExchange
+	and Handshaker.
+
 2014-02-19  Andrew John Hughes  <gnu.andrew at member.fsf.org>
 
 	PR1677: Update PaX support to detect running PaX
diff -r 541d09b19300 -r 65e24999d804 INSTALL
--- a/INSTALL	Mon Feb 24 18:59:38 2014 +0000
+++ b/INSTALL	Mon Mar 24 16:09:19 2014 +0000
@@ -195,6 +195,7 @@
 * --with-rhino: Include Javascript support using Rhino (location may optionally be specified).
 * --with-additional-vms=vm-list: Additional VMs to build using the system described
   below.
+* --enable-arm32-jit: Build the ARM32 JIT.
 
 Testing
 =======
@@ -294,6 +295,10 @@
 --enable-shark to configure.  Please note that Shark is still in
 development and builds are still likely to fail at present.
 
+On ARM32, there is also a native JIT port built on top of Zero. This
+still has issues and is thus not enabled by default. To enable it,
+pass --enable-arm32-jit to configure.
+
 Support for Different Versions of HotSpot
 =========================================
 
diff -r 541d09b19300 -r 65e24999d804 Makefile.am
--- a/Makefile.am	Mon Feb 24 18:59:38 2014 +0000
+++ b/Makefile.am	Mon Mar 24 16:09:19 2014 +0000
@@ -4,19 +4,19 @@
 JDK_UPDATE_VERSION = 25
 COMBINED_VERSION = $(JDK_UPDATE_VERSION)-$(OPENJDK_VERSION)
 
-CORBA_CHANGESET = f12e1c039846
-JAXP_CHANGESET = 691a5e0c657f
-JAXWS_CHANGESET = 1067e01a4e0e
-JDK_CHANGESET = bad5e0686160
+CORBA_CHANGESET = c7d0b72f704f
+JAXP_CHANGESET = 0eb202593710
+JAXWS_CHANGESET = 482a3f64a8ea
+JDK_CHANGESET = 3428bff8a33a
 LANGTOOLS_CHANGESET = d50a9c5cd291
-OPENJDK_CHANGESET = 66eecafe5565
+OPENJDK_CHANGESET = 14181eb6c00d
 
-CORBA_SHA256SUM = 1da8714d86f7d9a91d835280662b95b257cb1b6f04b9d2dc5e30adb854b86cf0
-JAXP_SHA256SUM = 0c6f61c054613b5f06a8a16796ba020b0dd0f2d980c6eb0fc1ccc8bb41fce7dd
-JAXWS_SHA256SUM = 3957ca1fbf2a4f37f106a24d1cc0e45ae48a9916270150f1de1aead698b33124
-JDK_SHA256SUM = 5c107e2176a94d1d589920dfaef2a989a7b49bb92a63c68b3f44da297e70bf6b
+CORBA_SHA256SUM = 5d3811e2994d2d5f96d2ae8693e81354a3abede5dc5b75bfad15444136d77b13
+JAXP_SHA256SUM = 686022ea83f721dfdadc2dc835237fbca81383e7b1346191a8ef254ccfe3b565
+JAXWS_SHA256SUM = f8b8d787041c708809655e0f903bd4a86ffe1683c07890c58f39ea0b8c302eab
+JDK_SHA256SUM = b4ae9750bfec39285cce9cbb3b8589689137d3155165e7960c954311b95b567e
 LANGTOOLS_SHA256SUM = 1ea31d21beb88f2512630523f24f3a35498deed1356c4c0bf8b901086dd2c13a
-OPENJDK_SHA256SUM = a8ed4cefc22353e6126f14a80bbf92d111c6bcfb58537c14e2916520de3f94f6
+OPENJDK_SHA256SUM = d883a9a04f11ae1616b3f162671d6926283cdd27233332c787350f76ba960ac5
 
 CACAO_VERSION = a567bcb7f589
 CACAO_SHA256SUM = d49f79debc131a5694cae6ab3ba2864e7f3249ee8d9dc09aae8afdd4dc6b09f9
@@ -264,8 +264,7 @@
 
 # Patch list
 
-ICEDTEA_PATCHES = \
-	patches/revert-7017193.patch
+ICEDTEA_PATCHES =
 
 # Conditional patches
 
@@ -311,10 +310,13 @@
 ICEDTEA_PATCHES += patches/nss-not-enabled-config.patch
 endif
 
-if WITH_PAX
+if ZERO_BUILD
 ICEDTEA_PATCHES += \
-	patches/test_gamma.patch \
-	patches/pax-mark-rmic-java.patch
+	patches/zero/7023639-8000780-jsr292_fast_path.patch \
+	patches/zero/7196242-loopsandthreads_crashed.patch \
+	patches/zero/7192406-exact_return_type_info.patch \
+	patches/zero/7200949-jruby_fail.patch \
+	patches/zero/8029507-jvm_method_processing.patch
 endif
 
 ICEDTEA_PATCHES += $(DISTRIBUTION_PATCHES)
@@ -355,10 +357,6 @@
 	patches/boot/ecj-autoboxing.patch \
 	patches/boot/xsltproc.patch
 
-if !WITH_PAX
-ICEDTEA_BOOT_PATCHES += patches/boot/test_gamma.patch
-endif
-
 if CP39408_JAVAH
 ICEDTEA_BOOT_PATCHES += patches/boot/pr39408.patch
 endif
@@ -438,6 +436,12 @@
 WERROR_STATUS=false
 endif
 
+if ENABLE_ARM32JIT
+ARM32JIT_STATUS=true
+else
+ARM32JIT_STATUS=false
+endif
+
 ICEDTEA_ENV = \
 	ALT_JDK_IMPORT_PATH="$(BOOT_DIR)" \
 	ANT="$(ANT)" \
@@ -489,7 +493,8 @@
 	CUPS_CFLAGS="${CUPS_CFLAGS}" \
 	STRIP_POLICY=no_strip \
 	JAVAC_WARNINGS_FATAL="$(WERROR_STATUS)" \
-	COMPILER_WARNINGS_FATAL="$(WERROR_STATUS)"
+	COMPILER_WARNINGS_FATAL="$(WERROR_STATUS)" \
+	ARM32JIT="${ARM32JIT_STATUS}"
 
 if ENABLE_CACAO
 ICEDTEA_ENV += \
@@ -593,6 +598,11 @@
 	COMPRESS_JARS="true"
 endif
 
+if WITH_PAX
+ICEDTEA_ENV += \
+	PAX_COMMAND="${PAX_COMMAND}"
+endif
+
 # OpenJDK boot build environment.
 ICEDTEA_ENV_BOOT = $(ICEDTEA_ENV) \
 	BOOTCLASSPATH_CLS_RT="-bootclasspath $(CLS_DIR_BOOT):$(RUNTIME)" \
diff -r 541d09b19300 -r 65e24999d804 NEWS
--- a/NEWS	Mon Feb 24 18:59:38 2014 +0000
+++ b/NEWS	Mon Mar 24 16:09:19 2014 +0000
@@ -12,8 +12,62 @@
 
 New in release 2.3.14 (2014-01-XX):
 
+* Security fixes
+  - S7023639, CVE-2013-5838: JSR 292 method handle invocation needs a fast path for compiled code (Zero only)
+  - S8029507, CVE-2013-5893: Enhance JVM method processing (Zero only)
+* Backports
+  - S7024118: possible hardcoded mnemonic for JFileChooser metal and motif l&f
+  - S7032018: The file list in JFileChooser does not have an accessible name
+  - S7032436: When running with the Nimbus look and feel, the JFileChooser does not display mnemonics
+  - S7151089: PS NUMA: NUMA allocator should not attempt to free pages when using SHM large pages
+  - S7192406: JSR 292: C2 needs exact return type information for invokedynamic and invokehandle call sites (Zero only)
+  - S7196242: vm/mlvm/indy/stress/java/loopsAndThreads crashed (Zero only)
+  - S7200949: JSR 292: rubybench/bench/time/bench_base64.rb fails with jruby.jar not on boot class path (Zero only)
+  - S8000780: make Zero build and run with JDK8 (Zero only)
+  - S8008764: 7uX l10n resource file translation update
+  - S8009062: poor performance of JNI AttachCurrentThread after fix for 7017193
+  - S8013057: assert(_needs_gc || SafepointSynchronize::is_at_safepoint()) failed: only read at safepoint
+  - S8015976: OpenJDK part of bug JDK-8015812 [TEST_BUG] Tests have conflicting test descriptions
+  - S8022698: javax/script/GetInterfaceTest.java fails since 7u45 b04 with -agentvm option
+  - S8023310: Thread contention in the method Beans.IsDesignTime()
+  - S8024302: Clarify jar verifications
+  - S8024461: [macosx] Java crashed on mac10.9 for swing and 2d function manual test
+  - S8025255: (tz) Support tzdata2013g
+  - S8026037: [TESTBUG] sun/security/tools/jarsigner/warnings.sh test fails on Solaris
+  - S8026304: jarsigner output bad grammar
+  - S8026887: Make issues due to failed large pages allocations easier to debug
+  - S8027204: Revise the update of 8026204 and 8025758
+  - S8027224: test regression - ClassNotFoundException
+  - S8027370: Support tzdata2013h
+  - S8027378: Two closed/javax/xml/8005432 fails with jdk7u51b04
+  - S8027837: JDK-8021257 causes CORBA build failure on emdedded platforms
+  - S8027943: serial version of com.sun.corba.se.spi.orbutil.proxy.CompositeInvocationHandlerImpl changed in 7u45
+  - S8028057: Modify jarsigner man page documentation to document CCC 8024302: Clarify jar verifications
+  - S8028111: XML readers share the same entity expansion counter
+  - S8028215: ORB.init fails with SecurityException if properties select the JDK default ORB
+  - S8028293: Check local configuration for actual ephemeral port range
+  - S8028382: Two javax/xml/8005433 tests still fail after the fix JDK-8028147
+  - S8028453: AsynchronousSocketChannel.connect() requires SocketPermission due to bind to local address (win)
+  - S8028823: java/net/Makefile tabs converted to spaces
+  - S8029038: Revise fix for XML readers share the same entity expansion counter
 * Bug fixes
-  - PR1677: Update PaX support to detect running PaX kernel and use newer tools
+  - Fix broken bootstrap build by updating ecj-multicatch.patch
+  - PR1654: ppc32 needs a larger ThreadStackSize to build
+  - PR1677, G498288: Update PaX support to detect running PaX kernel and use newer tools
+  - PR1679: Allow OpenJDK to build on PaX-enabled kernels
+  - PR1684: Build fails with empty PAX_COMMAND
+  - Re-enable the 'gamma' test at the end of the HotSpot build, but only for HotSpot based bootstrap JDKs.
+  - RH1015432: java-1.7.0-openjdk: Fails on PPC with StackOverflowError (revised fix)
+  - RH910107: fail to load PC/SC library
+* New features
+  - PR1653: Support ppc64le via Zero
+* ARM port
+  - Allow ARM32 JIT to be disabled
+  - Replace literal offsets for METHOD_SIZEOFPARAMETERS and ISTATE_NEXT_FRAME with correct symbolic names.
+  - Turn ARM32 JIT on by default
+* Shark
+  - Add Shark definitions from 8003868
+  - Drop compile_method argument removed in 7083786 from sharkCompiler.cpp
 
 New in release 2.3.13 (2014-01-14):
 
diff -r 541d09b19300 -r 65e24999d804 acinclude.m4
--- a/acinclude.m4	Mon Feb 24 18:59:38 2014 +0000
+++ b/acinclude.m4	Mon Mar 24 16:09:19 2014 +0000
@@ -2296,10 +2296,7 @@
       fi
     fi
   fi
-  if test -z "${PAX_COMMAND}"; then
-    PAX_COMMAND="not specified"
-    PAX_COMMAND_ARGS="not specified"
-  else
+  if test -n "${PAX_COMMAND}"; then
     AC_MSG_CHECKING([which options to pass to ${PAX_COMMAND}])
     case "${host_cpu}" in
       i?86)
@@ -2311,7 +2308,7 @@
     esac
     AC_MSG_RESULT(${PAX_COMMAND_ARGS})
   fi
-  AM_CONDITIONAL(WITH_PAX, test "x${PAX_COMMAND}" != "xnot specified")
+  AM_CONDITIONAL(WITH_PAX, test "x${PAX_COMMAND}" != "x")
   AC_SUBST(PAX_COMMAND)
   AC_SUBST(PAX_COMMAND_ARGS)
 ])
@@ -2497,3 +2494,25 @@
 AM_CONDITIONAL([LACKS_$1], test x"${it_cv_$1}" = "xyes")
 AC_PROVIDE([$0])dnl
 ])
+
+AC_DEFUN([IT_ENABLE_ARM32JIT],
+[
+  AC_MSG_CHECKING([whether to enable the ARM32 JIT])
+  AC_ARG_ENABLE([arm32-jit],
+                [AS_HELP_STRING(--enable-arm32-jit,build with the ARM32 JIT [[default=no]])],
+  [
+    case "${enableval}" in
+      yes)
+        enable_arm32jit=yes
+        ;;
+      *)
+        enable_arm32jit=no
+        ;;
+    esac
+  ],
+  [
+    enable_arm32jit=yes
+  ])
+  AC_MSG_RESULT([$enable_arm32jit])
+  AM_CONDITIONAL([ENABLE_ARM32JIT], test x"${enable_arm32jit}" = "xyes")
+])
diff -r 541d09b19300 -r 65e24999d804 configure.ac
--- a/configure.ac	Mon Feb 24 18:59:38 2014 +0000
+++ b/configure.ac	Mon Mar 24 16:09:19 2014 +0000
@@ -181,6 +181,7 @@
 IT_ENABLE_JAR_COMPRESSION
 IT_SET_SHARK_BUILD
 IT_CHECK_ADDITIONAL_VMS
+IT_ENABLE_ARM32JIT
 
 IT_WITH_VERSION_SUFFIX
 IT_WITH_PROJECT
diff -r 541d09b19300 -r 65e24999d804 hotspot.map
--- a/hotspot.map	Mon Feb 24 18:59:38 2014 +0000
+++ b/hotspot.map	Mon Mar 24 16:09:19 2014 +0000
@@ -1,2 +1,2 @@
 # version url changeset sha256sum
-default http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/hotspot 3442eb7ef2d2 cda53696c0c5240f59ca8b21c8c38a347714ee95d0434f228e3a794b1aad65b4
+default http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/hotspot 9747f83d7a38 afc6b4e85ee0673da8effe4ba6eaba4a8f1edcc80d0c557f35157d970cb2e601
diff -r 541d09b19300 -r 65e24999d804 patches/boot/ecj-diamond.patch
--- a/patches/boot/ecj-diamond.patch	Mon Feb 24 18:59:38 2014 +0000
+++ b/patches/boot/ecj-diamond.patch	Mon Mar 24 16:09:19 2014 +0000
@@ -1,6 +1,6 @@
 diff -Nru openjdk-boot.orig/corba/src/share/classes/com/sun/corba/se/impl/encoding/CachedCodeBase.java openjdk-boot/corba/src/share/classes/com/sun/corba/se/impl/encoding/CachedCodeBase.java
---- openjdk-boot.orig/corba/src/share/classes/com/sun/corba/se/impl/encoding/CachedCodeBase.java	2013-03-08 16:05:05.000000000 +0000
-+++ openjdk-boot/corba/src/share/classes/com/sun/corba/se/impl/encoding/CachedCodeBase.java	2013-04-17 14:53:25.283551366 +0100
+--- openjdk-boot.orig/corba/src/share/classes/com/sun/corba/se/impl/encoding/CachedCodeBase.java	2014-01-23 23:19:18.000000000 +0000
++++ openjdk-boot/corba/src/share/classes/com/sun/corba/se/impl/encoding/CachedCodeBase.java	2014-03-24 13:47:00.726495741 +0000
 @@ -58,7 +58,7 @@
      private CorbaConnection conn;
  
@@ -11,9 +11,9 @@
      public static synchronized void cleanCache( ORB orb ) {
          synchronized (iorMapLock) {
 diff -Nru openjdk-boot.orig/corba/src/share/classes/com/sun/corba/se/impl/orb/ORBImpl.java openjdk-boot/corba/src/share/classes/com/sun/corba/se/impl/orb/ORBImpl.java
---- openjdk-boot.orig/corba/src/share/classes/com/sun/corba/se/impl/orb/ORBImpl.java	2013-03-08 16:05:05.000000000 +0000
-+++ openjdk-boot/corba/src/share/classes/com/sun/corba/se/impl/orb/ORBImpl.java	2013-04-17 14:53:25.291551495 +0100
-@@ -1316,7 +1316,7 @@
+--- openjdk-boot.orig/corba/src/share/classes/com/sun/corba/se/impl/orb/ORBImpl.java	2014-01-23 23:19:18.000000000 +0000
++++ openjdk-boot/corba/src/share/classes/com/sun/corba/se/impl/orb/ORBImpl.java	2014-03-24 13:47:00.726495741 +0000
+@@ -1315,7 +1315,7 @@
      protected void shutdownServants(boolean wait_for_completion) {
          Set<ObjectAdapterFactory> oaset;
          synchronized (this) {
@@ -23,8 +23,8 @@
  
          for (ObjectAdapterFactory oaf : oaset)
 diff -Nru openjdk-boot.orig/corba/src/share/classes/com/sun/corba/se/impl/orbutil/threadpool/ThreadPoolImpl.java openjdk-boot/corba/src/share/classes/com/sun/corba/se/impl/orbutil/threadpool/ThreadPoolImpl.java
---- openjdk-boot.orig/corba/src/share/classes/com/sun/corba/se/impl/orbutil/threadpool/ThreadPoolImpl.java	2013-03-08 16:05:05.000000000 +0000
-+++ openjdk-boot/corba/src/share/classes/com/sun/corba/se/impl/orbutil/threadpool/ThreadPoolImpl.java	2013-04-17 14:53:25.291551495 +0100
+--- openjdk-boot.orig/corba/src/share/classes/com/sun/corba/se/impl/orbutil/threadpool/ThreadPoolImpl.java	2014-01-23 23:19:18.000000000 +0000
++++ openjdk-boot/corba/src/share/classes/com/sun/corba/se/impl/orbutil/threadpool/ThreadPoolImpl.java	2014-03-24 13:47:00.726495741 +0000
 @@ -108,7 +108,7 @@
      private ThreadGroup threadGroup;
  
@@ -44,9 +44,9 @@
  
          for (WorkerThread wt : copy) {
 diff -Nru openjdk-boot.orig/jdk/src/share/classes/com/sun/beans/decoder/DocumentHandler.java openjdk-boot/jdk/src/share/classes/com/sun/beans/decoder/DocumentHandler.java
---- openjdk-boot.orig/jdk/src/share/classes/com/sun/beans/decoder/DocumentHandler.java	2013-04-15 23:41:13.000000000 +0100
-+++ openjdk-boot/jdk/src/share/classes/com/sun/beans/decoder/DocumentHandler.java	2013-04-17 14:53:25.291551495 +0100
-@@ -62,9 +62,10 @@
+--- openjdk-boot.orig/jdk/src/share/classes/com/sun/beans/decoder/DocumentHandler.java	2014-01-28 18:02:26.000000000 +0000
++++ openjdk-boot/jdk/src/share/classes/com/sun/beans/decoder/DocumentHandler.java	2014-03-24 13:47:00.726495741 +0000
+@@ -63,9 +63,10 @@
   */
  public final class DocumentHandler extends DefaultHandler {
      private final AccessControlContext acc = AccessController.getContext();
@@ -61,8 +61,8 @@
      private Reference<ClassLoader> loader;
      private ExceptionListener listener;
 diff -Nru openjdk-boot.orig/jdk/src/share/classes/com/sun/beans/TypeResolver.java openjdk-boot/jdk/src/share/classes/com/sun/beans/TypeResolver.java
---- openjdk-boot.orig/jdk/src/share/classes/com/sun/beans/TypeResolver.java	2013-04-15 23:41:13.000000000 +0100
-+++ openjdk-boot/jdk/src/share/classes/com/sun/beans/TypeResolver.java	2013-04-17 14:53:25.291551495 +0100
+--- openjdk-boot.orig/jdk/src/share/classes/com/sun/beans/TypeResolver.java	2014-01-28 18:02:26.000000000 +0000
++++ openjdk-boot/jdk/src/share/classes/com/sun/beans/TypeResolver.java	2014-03-24 13:47:00.726495741 +0000
 @@ -239,9 +239,9 @@
          }
      }
@@ -76,8 +76,8 @@
      /**
       * Constructs the type resolver for the given actual type.
 diff -Nru openjdk-boot.orig/jdk/src/share/classes/com/sun/java/util/jar/pack/Attribute.java openjdk-boot/jdk/src/share/classes/com/sun/java/util/jar/pack/Attribute.java
---- openjdk-boot.orig/jdk/src/share/classes/com/sun/java/util/jar/pack/Attribute.java	2013-04-15 23:41:13.000000000 +0100
-+++ openjdk-boot/jdk/src/share/classes/com/sun/java/util/jar/pack/Attribute.java	2013-04-17 14:53:25.291551495 +0100
+--- openjdk-boot.orig/jdk/src/share/classes/com/sun/java/util/jar/pack/Attribute.java	2014-01-28 18:02:26.000000000 +0000
++++ openjdk-boot/jdk/src/share/classes/com/sun/java/util/jar/pack/Attribute.java	2014-03-24 13:47:00.730495800 +0000
 @@ -103,9 +103,9 @@
          return this.def.compareTo(that.def);
      }
@@ -149,8 +149,8 @@
          for (int i = 0; i < layout.length(); i++) {
              if (layout.charAt(i++) != '[')
 diff -Nru openjdk-boot.orig/jdk/src/share/classes/com/sun/java/util/jar/pack/BandStructure.java openjdk-boot/jdk/src/share/classes/com/sun/java/util/jar/pack/BandStructure.java
---- openjdk-boot.orig/jdk/src/share/classes/com/sun/java/util/jar/pack/BandStructure.java	2013-04-17 14:52:22.422547047 +0100
-+++ openjdk-boot/jdk/src/share/classes/com/sun/java/util/jar/pack/BandStructure.java	2013-04-17 14:53:25.291551495 +0100
+--- openjdk-boot.orig/jdk/src/share/classes/com/sun/java/util/jar/pack/BandStructure.java	2014-03-24 13:25:33.695413121 +0000
++++ openjdk-boot/jdk/src/share/classes/com/sun/java/util/jar/pack/BandStructure.java	2014-03-24 13:47:00.730495800 +0000
 @@ -257,7 +257,7 @@
          assert(basicCodings[_meta_default] == null);
          assert(basicCodings[_meta_canon_min] != null);
@@ -219,8 +219,8 @@
          return true;
      }
 diff -Nru openjdk-boot.orig/jdk/src/share/classes/com/sun/java/util/jar/pack/ClassReader.java openjdk-boot/jdk/src/share/classes/com/sun/java/util/jar/pack/ClassReader.java
---- openjdk-boot.orig/jdk/src/share/classes/com/sun/java/util/jar/pack/ClassReader.java	2013-04-17 14:52:22.294545002 +0100
-+++ openjdk-boot/jdk/src/share/classes/com/sun/java/util/jar/pack/ClassReader.java	2013-04-17 14:53:25.291551495 +0100
+--- openjdk-boot.orig/jdk/src/share/classes/com/sun/java/util/jar/pack/ClassReader.java	2014-03-24 13:25:33.571411269 +0000
++++ openjdk-boot/jdk/src/share/classes/com/sun/java/util/jar/pack/ClassReader.java	2014-03-24 13:47:00.730495800 +0000
 @@ -466,7 +466,7 @@
  
      void readInnerClasses(Class cls) throws IOException {
@@ -231,8 +231,8 @@
              InnerClass ic =
                  new InnerClass(readClassRef(),
 diff -Nru openjdk-boot.orig/jdk/src/share/classes/com/sun/java/util/jar/pack/CodingChooser.java openjdk-boot/jdk/src/share/classes/com/sun/java/util/jar/pack/CodingChooser.java
---- openjdk-boot.orig/jdk/src/share/classes/com/sun/java/util/jar/pack/CodingChooser.java	2013-04-15 23:41:13.000000000 +0100
-+++ openjdk-boot/jdk/src/share/classes/com/sun/java/util/jar/pack/CodingChooser.java	2013-04-17 14:53:25.295551558 +0100
+--- openjdk-boot.orig/jdk/src/share/classes/com/sun/java/util/jar/pack/CodingChooser.java	2014-01-28 18:02:26.000000000 +0000
++++ openjdk-boot/jdk/src/share/classes/com/sun/java/util/jar/pack/CodingChooser.java	2014-03-24 13:47:00.730495800 +0000
 @@ -743,9 +743,9 @@
          // Steps 1/2/3 are interdependent, and may be iterated.
          // Steps 4 and 5 may be decided independently afterward.
@@ -269,8 +269,8 @@
                  if (popset.add(values[i]))  popvals.add(values[i]);
              }
 diff -Nru openjdk-boot.orig/jdk/src/share/classes/com/sun/java/util/jar/pack/Coding.java openjdk-boot/jdk/src/share/classes/com/sun/java/util/jar/pack/Coding.java
---- openjdk-boot.orig/jdk/src/share/classes/com/sun/java/util/jar/pack/Coding.java	2013-04-15 23:41:13.000000000 +0100
-+++ openjdk-boot/jdk/src/share/classes/com/sun/java/util/jar/pack/Coding.java	2013-04-17 14:53:25.295551558 +0100
+--- openjdk-boot.orig/jdk/src/share/classes/com/sun/java/util/jar/pack/Coding.java	2014-01-28 18:02:26.000000000 +0000
++++ openjdk-boot/jdk/src/share/classes/com/sun/java/util/jar/pack/Coding.java	2014-03-24 13:47:00.730495800 +0000
 @@ -402,7 +402,7 @@
      private static Map<Coding, Coding> codeMap;
  
@@ -281,8 +281,8 @@
          Coding x1 = codeMap.get(x0);
          if (x1 == null)  codeMap.put(x0, x1 = x0);
 diff -Nru openjdk-boot.orig/jdk/src/share/classes/com/sun/java/util/jar/pack/ConstantPool.java openjdk-boot/jdk/src/share/classes/com/sun/java/util/jar/pack/ConstantPool.java
---- openjdk-boot.orig/jdk/src/share/classes/com/sun/java/util/jar/pack/ConstantPool.java	2013-04-15 23:41:13.000000000 +0100
-+++ openjdk-boot/jdk/src/share/classes/com/sun/java/util/jar/pack/ConstantPool.java	2013-04-17 14:53:25.295551558 +0100
+--- openjdk-boot.orig/jdk/src/share/classes/com/sun/java/util/jar/pack/ConstantPool.java	2014-01-28 18:02:26.000000000 +0000
++++ openjdk-boot/jdk/src/share/classes/com/sun/java/util/jar/pack/ConstantPool.java	2014-03-24 13:47:00.730495800 +0000
 @@ -915,7 +915,7 @@
      public static
      Index[] partition(Index ix, int[] keys) {
@@ -311,8 +311,8 @@
              Entry e = work.previous();
              work.remove();          // pop stack
 diff -Nru openjdk-boot.orig/jdk/src/share/classes/com/sun/java/util/jar/pack/Driver.java openjdk-boot/jdk/src/share/classes/com/sun/java/util/jar/pack/Driver.java
---- openjdk-boot.orig/jdk/src/share/classes/com/sun/java/util/jar/pack/Driver.java	2013-04-17 14:52:22.422547047 +0100
-+++ openjdk-boot/jdk/src/share/classes/com/sun/java/util/jar/pack/Driver.java	2013-04-17 14:53:25.295551558 +0100
+--- openjdk-boot.orig/jdk/src/share/classes/com/sun/java/util/jar/pack/Driver.java	2014-03-24 13:25:33.695413121 +0000
++++ openjdk-boot/jdk/src/share/classes/com/sun/java/util/jar/pack/Driver.java	2014-03-24 13:47:00.730495800 +0000
 @@ -61,7 +61,7 @@
                  ResourceBundle.getBundle("com.sun.java.util.jar.pack.DriverResource");
  
@@ -350,8 +350,8 @@
          for (String optline : options.split("\n")) {
              String[] words = optline.split("\\p{Space}+");
 diff -Nru openjdk-boot.orig/jdk/src/share/classes/com/sun/java/util/jar/pack/FixedList.java openjdk-boot/jdk/src/share/classes/com/sun/java/util/jar/pack/FixedList.java
---- openjdk-boot.orig/jdk/src/share/classes/com/sun/java/util/jar/pack/FixedList.java	2013-04-15 23:41:13.000000000 +0100
-+++ openjdk-boot/jdk/src/share/classes/com/sun/java/util/jar/pack/FixedList.java	2013-04-17 14:53:25.295551558 +0100
+--- openjdk-boot.orig/jdk/src/share/classes/com/sun/java/util/jar/pack/FixedList.java	2014-01-28 18:02:26.000000000 +0000

From bugzilla-daemon at icedtea.classpath.org  Mon Mar 24 16:10:01 2014
From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org)
Date: Mon, 24 Mar 2014 16:10:01 +0000
Subject: [Bug 1684] [IcedTea7] Build fails with empty PAX_COMMAND
In-Reply-To: <bug-1684-30@http.icedtea.classpath.org/bugzilla/>
References: <bug-1684-30@http.icedtea.classpath.org/bugzilla/>
Message-ID: <bug-1684-30-wC1v2GSsK2@http.icedtea.classpath.org/bugzilla/>

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1684

--- Comment #3 from hg commits <mercurial at icedtea.classpath.org> ---
details:
http://icedtea.classpath.org//hg/release/icedtea7-2.3?cmd=changeset;node=752098160f94
author: Andrew John Hughes <gnu_andrew at member.fsf.org>
date: Fri Mar 21 20:28:06 2014 +0000

    PR1684: Build fails with empty PAX_COMMAND

    2014-02-24  Andrew John Hughes  <gnu.andrew at member.fsf.org>

        PR1684: Build fails with empty PAX_COMMAND
        * Makefile.am:
        (ICEDTEA_ENV): Only add PAX_COMMAND when defined.
        * NEWS: Updated.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140324/84b303ef/attachment.html>

From bugzilla-daemon at icedtea.classpath.org  Mon Mar 24 16:10:15 2014
From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org)
Date: Mon, 24 Mar 2014 16:10:15 +0000
Subject: [Bug 1653] [IcedTea7] Support ppc64le via Zero
In-Reply-To: <bug-1653-30@http.icedtea.classpath.org/bugzilla/>
References: <bug-1653-30@http.icedtea.classpath.org/bugzilla/>
Message-ID: <bug-1653-30-iq07pPy8hj@http.icedtea.classpath.org/bugzilla/>

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1653

--- Comment #13 from hg commits <mercurial at icedtea.classpath.org> ---
details:
http://icedtea.classpath.org//hg/release/icedtea7-2.3?cmd=changeset;node=65e24999d804
author: Andrew John Hughes <gnu_andrew at member.fsf.org>
date: Mon Mar 24 16:09:19 2014 +0000

    Bring in latest changes from 2.4 branch and u51.

    PR1653: Support ppc64le via Zero
    PR1654: ppc32 needs a larger ThreadStackSize to build
    PR1679: Allow OpenJDK to build on PaX-enabled kernels

    2014-03-24  Andrew John Hughes  <gnu.andrew at member.fsf.org>

        * patches/revert-7017193.patch:
        Removed.
        * patches/boot/ecj-diamond.patch: Remove unneeded
        change to src/share/classes/java/beans/ThreadGroupContext.java
        * Makefile.am:
        (CORBA_CHANGESET): Update to icedtea-2.3 HEAD.
        (JAXP_CHANGESET): Likewise.
        (JAXWS_CHANGESET): Likewise.
        (JDK_CHANGESET): Likewise.
        (OPENJDK_CHANGESET): Likewise.
        (CORBA_SHA256SUM): Likewise.
        (JAXP_SHA256SUM): Likewise.
        (JAXWS_SHA256SUM): Likewise.
        (JDK_SHA256SUM): Likewise.
        (OPENJDK_SHA256SUM): Likewise.
        (ICEDTEA_PATCHES): Remove 7017193 reversion.
        * NEWS: Updated with latest changes, including PaX
        ARM32 and Shark changes.
        * acinclude.m4:
        (IT_ENABLE_ARM32JIT): Enable by default.
        * hotspot.map: Update to icedtea-2.3 HEAD.

    2014-02-19  Andrew John Hughes  <gnu.andrew at member.fsf.org>

        * patches/boot/test_gamma.patch,
        * patches/pax-mark-rmic-java.patch,
        * patches/test_gamma.patch:
        Removed.
        * INSTALL:
        Document ARM32 JIT and --enable-arm32-jit option.
        (ICEDTEA_PATCHES): Remove PaX patches.
        (ICEDTEA_BOOT_PATCHES): Remove test_gamma
        patch (fixed by detection of non-Oracle JDK
        addition from PPC port)
        (ARM32JIT_STATUS): Set based on ENABLE_ARM32JIT.
        (ICEDTEA_ENV): Pass ARM32JIT to OpenJDK build.
        * acinclude.m4:
        (IT_ENABLE_ARM32JIT): Allow the ARM32 JIT to be
        enabled.
        * configure.ac: Run IT_ENABLE_ARM32JIT macro.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140324/30b90306/attachment.html>

From bugzilla-daemon at icedtea.classpath.org  Mon Mar 24 16:10:20 2014
From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org)
Date: Mon, 24 Mar 2014 16:10:20 +0000
Subject: [Bug 1654] [IcedTea7] ppc32 needs a larger ThreadStackSize to build
In-Reply-To: <bug-1654-30@http.icedtea.classpath.org/bugzilla/>
References: <bug-1654-30@http.icedtea.classpath.org/bugzilla/>
Message-ID: <bug-1654-30-JscMTkVxpm@http.icedtea.classpath.org/bugzilla/>

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1654

--- Comment #10 from hg commits <mercurial at icedtea.classpath.org> ---
details:
http://icedtea.classpath.org//hg/release/icedtea7-2.3?cmd=changeset;node=65e24999d804
author: Andrew John Hughes <gnu_andrew at member.fsf.org>
date: Mon Mar 24 16:09:19 2014 +0000

    Bring in latest changes from 2.4 branch and u51.

    PR1653: Support ppc64le via Zero
    PR1654: ppc32 needs a larger ThreadStackSize to build
    PR1679: Allow OpenJDK to build on PaX-enabled kernels

    2014-03-24  Andrew John Hughes  <gnu.andrew at member.fsf.org>

        * patches/revert-7017193.patch:
        Removed.
        * patches/boot/ecj-diamond.patch: Remove unneeded
        change to src/share/classes/java/beans/ThreadGroupContext.java
        * Makefile.am:
        (CORBA_CHANGESET): Update to icedtea-2.3 HEAD.
        (JAXP_CHANGESET): Likewise.
        (JAXWS_CHANGESET): Likewise.
        (JDK_CHANGESET): Likewise.
        (OPENJDK_CHANGESET): Likewise.
        (CORBA_SHA256SUM): Likewise.
        (JAXP_SHA256SUM): Likewise.
        (JAXWS_SHA256SUM): Likewise.
        (JDK_SHA256SUM): Likewise.
        (OPENJDK_SHA256SUM): Likewise.
        (ICEDTEA_PATCHES): Remove 7017193 reversion.
        * NEWS: Updated with latest changes, including PaX
        ARM32 and Shark changes.
        * acinclude.m4:
        (IT_ENABLE_ARM32JIT): Enable by default.
        * hotspot.map: Update to icedtea-2.3 HEAD.

    2014-02-19  Andrew John Hughes  <gnu.andrew at member.fsf.org>

        * patches/boot/test_gamma.patch,
        * patches/pax-mark-rmic-java.patch,
        * patches/test_gamma.patch:
        Removed.
        * INSTALL:
        Document ARM32 JIT and --enable-arm32-jit option.
        (ICEDTEA_PATCHES): Remove PaX patches.
        (ICEDTEA_BOOT_PATCHES): Remove test_gamma
        patch (fixed by detection of non-Oracle JDK
        addition from PPC port)
        (ARM32JIT_STATUS): Set based on ENABLE_ARM32JIT.
        (ICEDTEA_ENV): Pass ARM32JIT to OpenJDK build.
        * acinclude.m4:
        (IT_ENABLE_ARM32JIT): Allow the ARM32 JIT to be
        enabled.
        * configure.ac: Run IT_ENABLE_ARM32JIT macro.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140324/763473a9/attachment.html>

From bugzilla-daemon at icedtea.classpath.org  Mon Mar 24 16:10:23 2014
From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org)
Date: Mon, 24 Mar 2014 16:10:23 +0000
Subject: [Bug 1679] [IcedTea7] Allow OpenJDK to build on PaX-enabled kernels
In-Reply-To: <bug-1679-30@http.icedtea.classpath.org/bugzilla/>
References: <bug-1679-30@http.icedtea.classpath.org/bugzilla/>
Message-ID: <bug-1679-30-AY8DsbrDBK@http.icedtea.classpath.org/bugzilla/>

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1679

--- Comment #12 from hg commits <mercurial at icedtea.classpath.org> ---
details:
http://icedtea.classpath.org//hg/release/icedtea7-2.3?cmd=changeset;node=65e24999d804
author: Andrew John Hughes <gnu_andrew at member.fsf.org>
date: Mon Mar 24 16:09:19 2014 +0000

    Bring in latest changes from 2.4 branch and u51.

    PR1653: Support ppc64le via Zero
    PR1654: ppc32 needs a larger ThreadStackSize to build
    PR1679: Allow OpenJDK to build on PaX-enabled kernels

    2014-03-24  Andrew John Hughes  <gnu.andrew at member.fsf.org>

        * patches/revert-7017193.patch:
        Removed.
        * patches/boot/ecj-diamond.patch: Remove unneeded
        change to src/share/classes/java/beans/ThreadGroupContext.java
        * Makefile.am:
        (CORBA_CHANGESET): Update to icedtea-2.3 HEAD.
        (JAXP_CHANGESET): Likewise.
        (JAXWS_CHANGESET): Likewise.
        (JDK_CHANGESET): Likewise.
        (OPENJDK_CHANGESET): Likewise.
        (CORBA_SHA256SUM): Likewise.
        (JAXP_SHA256SUM): Likewise.
        (JAXWS_SHA256SUM): Likewise.
        (JDK_SHA256SUM): Likewise.
        (OPENJDK_SHA256SUM): Likewise.
        (ICEDTEA_PATCHES): Remove 7017193 reversion.
        * NEWS: Updated with latest changes, including PaX
        ARM32 and Shark changes.
        * acinclude.m4:
        (IT_ENABLE_ARM32JIT): Enable by default.
        * hotspot.map: Update to icedtea-2.3 HEAD.

    2014-02-19  Andrew John Hughes  <gnu.andrew at member.fsf.org>

        * patches/boot/test_gamma.patch,
        * patches/pax-mark-rmic-java.patch,
        * patches/test_gamma.patch:
        Removed.
        * INSTALL:
        Document ARM32 JIT and --enable-arm32-jit option.
        (ICEDTEA_PATCHES): Remove PaX patches.
        (ICEDTEA_BOOT_PATCHES): Remove test_gamma
        patch (fixed by detection of non-Oracle JDK
        addition from PPC port)
        (ARM32JIT_STATUS): Set based on ENABLE_ARM32JIT.
        (ICEDTEA_ENV): Pass ARM32JIT to OpenJDK build.
        * acinclude.m4:
        (IT_ENABLE_ARM32JIT): Allow the ARM32 JIT to be
        enabled.
        * configure.ac: Run IT_ENABLE_ARM32JIT macro.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140324/a722bbc5/attachment.html>

From jvanek at redhat.com  Mon Mar 24 16:18:08 2014
From: jvanek at redhat.com (Jiri Vanek)
Date: Mon, 24 Mar 2014 17:18:08 +0100
Subject: [rfc][icedtea-web] Temporary permissions
In-Reply-To: <53305587.9080208@redhat.com>
References: <53305587.9080208@redhat.com>
Message-ID: <53305AC0.9060509@redhat.com>

On 03/24/2014 04:55 PM, Andrew Azores wrote:
> Hi,
>
> This patch adds new menu items to the new popup menu where PolicyEditor can be launched. These new
> items make it possible to run the current applet sandboxed, but with some additional permissions
> added, without having to actually launch PolicyEditor and configure the permissions. These
> permissions are also temporary, as opposed to making a custom policy, which persists until you
> remove the policy.
>
> Right now the permission set defined is just the sum of the permissions PolicyEditor can grant via
> its checkboxes, and the two options added are No File Access and No Network Access, which are just
> that full set minus a few. I'd appreciate input on what other temporary permission options could be
> made available.

Only Sound
Only clipboard

  ? .. jsut ideas :)

Generally I would like to have combinations, which allows to me most of freedom, but protectme 
aginst gratest evils
  - fiel accees
  - network
  - system.exec and simialr calls (yaaaaaaah!!)

and ege sets of above
  - no fiel accees nor networl
  - network nor system exec
  - system.exec nor fileacces
  - non of those three

....
agian - jsut ideas....

>
> Anyone have ideas on making the popup menu disappear nicely, rather than adding a setVisible call on
> it to every action listener we have? And I suppose it should also be forced to disappear when the
> dialog is disposed as well. What's the best practice for that?

You can try lostfocus (it is actually window inside) or on MouseExited). Each have its pross and cons...



>
> Thanks,
>
> --
> Andrew A
>

This is extra cool :)
>
> temporary-permissions.patch
>
>
> diff --git a/netx/net/sourceforge/jnlp/resources/Messages.properties b/netx/net/sourceforge/jnlp/resources/Messages.properties
> --- a/netx/net/sourceforge/jnlp/resources/Messages.properties
> +++ b/netx/net/sourceforge/jnlp/resources/Messages.properties
> @@ -302,6 +302,8 @@ SAuthenticationPrompt=The {0} server at
>   SJNLPFileIsNotSigned=This application contains a digital signature in which the launching JNLP file is not signed.
>   SAppletTitle=Applet title: {0}
>   STrustedOnlyAttributeFailure=This application specifies Trusted-only as True in its Manifest. {0} and requests permission level: {1}. This is not allowed.
> +STempPermNoFile=No file access
> +STempPermNoNetwork=No network access
>
>   # Security - used for the More Information dialog
>   SBadKeyUsage=Resources contain entries whose signer certificate's KeyUsage extension doesn't allow code signing.
> diff --git a/netx/net/sourceforge/jnlp/security/Permissions.java b/netx/net/sourceforge/jnlp/security/Permissions.java
> new file mode 100644
> --- /dev/null
> +++ b/netx/net/sourceforge/jnlp/security/Permissions.java
> @@ -0,0 +1,24 @@
> +package net.sourceforge.jnlp.security;
> +
> +import java.awt.AWTPermission;
> +import java.io.FilePermission;
> +import java.net.SocketPermission;
> +import java.security.Permission;
> +import java.util.PropertyPermission;
> +
> +import javax.sound.sampled.AudioPermission;
> +
> +public class Permissions {
> +
> +    public static final Permission READ_LOCAL_FILES = new FilePermission("${user.home}${/}*", "read");
> +    public static final Permission WRITE_LOCAL_FILES = new FilePermission("${user.home}${/}*", "write");
> +    public static final Permission READ_TMP_FILES = new FilePermission("${java.io.tmpdir}${/}*", "read");
> +    public static final Permission WRITE_TMP_FILES = new FilePermission("${java.io.tmpdir}${/}*", "write");
> +    public static final Permission READ_PROPERTIES = new PropertyPermission("*", "read");
> +    public static final Permission WRITE_PROPERTIES = new PropertyPermission("*", "write");
> +    public static final Permission NETWORK_ACCESS = new SocketPermission("*", "listen,connect,accept,resolve");
> +    public static final Permission CLIPBOARD_ACCESS = new AWTPermission("accessClipboard");
> +    public static final Permission PRINT_DOCUMENTS = new RuntimePermission("queuePrintJob");
> +    public static final Permission PLAY_AUDIO = new AudioPermission("play");

Arent those already deffineded? I think I saw them.. or something really simialr. Cant it be reused?
> +
> +}
> diff --git a/netx/net/sourceforge/jnlp/security/SecurityDialog.java b/netx/net/sourceforge/jnlp/security/SecurityDialog.java
> --- a/netx/net/sourceforge/jnlp/security/SecurityDialog.java


snip
> +
> +        final JMenuItem noFileAccess = new JMenuItem(R("STempPermNoFile"));
> +        noFileAccess.addActionListener(new TemporaryPermissionsListener(
> +                Permissions.NETWORK_ACCESS, Permissions.READ_PROPERTIES, Permissions.WRITE_PROPERTIES,
> +                Permissions.CLIPBOARD_ACCESS, Permissions.PLAY_AUDIO, Permissions.PRINT_DOCUMENTS));
> +        policyMenu.add(noFileAccess);
> +
> +        final JMenuItem noNetworkAccess = new JMenuItem(R("STempPermNoNetwork"));
> +        noNetworkAccess.addActionListener(new TemporaryPermissionsListener(
> +                Permissions.READ_LOCAL_FILES, Permissions.WRITE_LOCAL_FILES,
> +                Permissions.READ_TMP_FILES, Permissions.WRITE_TMP_FILES,
> +                Permissions.READ_PROPERTIES, Permissions.WRITE_PROPERTIES,
> +                Permissions.CLIPBOARD_ACCESS, Permissions.PLAY_AUDIO, Permissions.PRINT_DOCUMENTS));
> +        policyMenu.add(noNetworkAccess);
> +
>           policyMenu.setSize(policyMenu.getMinimumSize());


Cant this be a bit more beter? I do not isnists, but imho tehre should be some Interface "privledge 
provider"
  With (now) two  implementations - Offline, NoFileAcces ...

What do you think? Maybe something like this would be doable also for the policies as they flew into 
ITW, isnt there somthing like that?


J.


From aazores at redhat.com  Mon Mar 24 16:18:24 2014
From: aazores at redhat.com (Andrew Azores)
Date: Mon, 24 Mar 2014 12:18:24 -0400
Subject: [rfc][icedtea-web][policyeditor] Modal PolicyEditor
Message-ID: <53305AD0.4020601@redhat.com>

Hi,

The "policyeditor-jdialog" patch is simply making PolicyEditor into a 
JDialog rather than JFrame so that it can be modal. The 
"modal-policyeditor" patch actually makes it modal for the two security 
dialogs which can launch PolicyEditor.

Thanks,

-- 
Andrew A

-------------- next part --------------
A non-text attachment was scrubbed...
Name: modal-policyeditor.patch
Type: text/x-patch
Size: 2057 bytes
Desc: not available
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140324/9c2a2797/modal-policyeditor.patch>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: policyeditor-jdialog.patch
Type: text/x-patch
Size: 3741 bytes
Desc: not available
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140324/9c2a2797/policyeditor-jdialog.patch>

From jvanek at redhat.com  Mon Mar 24 16:22:53 2014
From: jvanek at redhat.com (Jiri Vanek)
Date: Mon, 24 Mar 2014 17:22:53 +0100
Subject: [rfc][icedtea-web][policyeditor] Modal PolicyEditor
In-Reply-To: <53305AD0.4020601@redhat.com>
References: <53305AD0.4020601@redhat.com>
Message-ID: <53305BDD.9010204@redhat.com>

On 03/24/2014 05:18 PM, Andrew Azores wrote:
> Hi,
>
> The "policyeditor-jdialog" patch is simply making PolicyEditor into a JDialog rather than JFrame so
> that it can be modal. The "modal-policyeditor" patch actually makes it modal for the two security
> dialogs which can launch PolicyEditor.
>
> Thanks,
>

hmhmh. What about stand alone app? Some window maagers atre treating jdialog somehow.. wrongly 
(likenot seen in alt+tab or similar)

I'm for

-public class PolicyEditor extends JFrame {
+public class PolicyEditor extends JPanel {

and have two static getters which  return
  - one jdialog
  - one jframe

what is better for the case... with the panel on of PolcyEditor in it.


J.


jsut noted:
* Comments will *not* be preserved when PolicyEditor next saves to the

Is it really so hard to store the comments for future save?

From bugzilla-daemon at icedtea.classpath.org  Mon Mar 24 16:40:27 2014
From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org)
Date: Mon, 24 Mar 2014 16:40:27 +0000
Subject: [Bug 1721] Error reported on applet cancellation
In-Reply-To: <bug-1721-30@http.icedtea.classpath.org/bugzilla/>
References: <bug-1721-30@http.icedtea.classpath.org/bugzilla/>
Message-ID: <bug-1721-30-IViYpBzuyo@http.icedtea.classpath.org/bugzilla/>

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1721

Deepak Bhole <dbhole at redhat.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
           Assignee|dbhole at redhat.com           |aazores at redhat.com

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140324/00042b76/attachment.html>

From andrew at icedtea.classpath.org  Mon Mar 24 16:54:51 2014
From: andrew at icedtea.classpath.org (andrew at icedtea.classpath.org)
Date: Mon, 24 Mar 2014 16:54:51 +0000
Subject: /hg/release/icedtea7-forest-2.3/hotspot: 8035893: JVM_GetVersion...
Message-ID: <hg.72a544aeb892.1395680091.4308599361692689988@icedtea.classpath.org>

changeset 72a544aeb892 in /hg/release/icedtea7-forest-2.3/hotspot
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/hotspot?cmd=changeset;node=72a544aeb892
author: igerasim
date: Fri Feb 28 16:00:40 2014 +0400

	8035893: JVM_GetVersionInfo fails to zero structure
	Reviewed-by: sla, zgu


diffstat:

 src/share/vm/prims/jvm.cpp |  2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

diffs (12 lines):

diff -r 9747f83d7a38 -r 72a544aeb892 src/share/vm/prims/jvm.cpp
--- a/src/share/vm/prims/jvm.cpp	Fri Mar 21 20:57:28 2014 +0000
+++ b/src/share/vm/prims/jvm.cpp	Fri Feb 28 16:00:40 2014 +0400
@@ -4534,7 +4534,7 @@
 
 JVM_ENTRY(void, JVM_GetVersionInfo(JNIEnv* env, jvm_version_info* info, size_t info_size))
 {
-  memset(info, 0, sizeof(info_size));
+  memset(info, 0, info_size);
 
   info->jvm_version = Abstract_VM_Version::jvm_version();
   info->update_version = 0;          /* 0 in HotSpot Express VM */

From aazores at redhat.com  Mon Mar 24 17:12:53 2014
From: aazores at redhat.com (Andrew Azores)
Date: Mon, 24 Mar 2014 13:12:53 -0400
Subject: [rfc][icedtea-web] Trusted-only + sandbox fix
Message-ID: <53306795.8060708@redhat.com>

Hi,

Second attempt at reconciling Trusted-only with RunInSandbox.

Manual test case provided by Jiri: 
https://www.netbank.nordea.dk/netbank/index.jsp

Thanks,

-- 
Andrew A

-------------- next part --------------
A non-text attachment was scrubbed...
Name: mav-trustedonly-fix.patch
Type: text/x-patch
Size: 1751 bytes
Desc: not available
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140324/27dc0c5a/mav-trustedonly-fix.patch>

From jvanek at redhat.com  Mon Mar 24 17:18:07 2014
From: jvanek at redhat.com (Jiri Vanek)
Date: Mon, 24 Mar 2014 18:18:07 +0100
Subject: [rfc][icedtea-web] Trusted-only + sandbox fix
In-Reply-To: <53306795.8060708@redhat.com>
References: <53306795.8060708@redhat.com>
Message-ID: <533068CF.3000506@redhat.com>

On 03/24/2014 06:12 PM, Andrew Azores wrote:
> Hi,
>
> Second attempt at reconciling Trusted-only with RunInSandbox.
>
> Manual test case provided by Jiri: https://www.netbank.nordea.dk/netbank/index.jsp
>
> Thanks,
>

Yes, should go in.

From jvanek at redhat.com  Mon Mar 24 17:31:01 2014
From: jvanek at redhat.com (Jiri Vanek)
Date: Mon, 24 Mar 2014 18:31:01 +0100
Subject: [icedtea-web] Translation of 1.5
Message-ID: <53306BD5.8040902@redhat.com>

Hi guys!

Is there any progress/eta or whatever?

If not, Then I will probably release 1.5 with missing lines, and hope for 1.5.1 to bring the fix.

Anyway for any case, I need some feedback to sync with you and rest of ITW.

Thanx in advance,
  All the best
    J.

From skolnag at gmail.com  Mon Mar 24 17:46:42 2014
From: skolnag at gmail.com (skolnag at gmail.com)
Date: Mon, 24 Mar 2014 18:46:42 +0100
Subject: [icedtea-web] Translation of 1.5
In-Reply-To: <53306BD5.8040902@redhat.com>
References: <53306BD5.8040902@redhat.com>
Message-ID: <CAES586yYL8VoSfY6WBBVGEeeLPYEYot9Pc4_G05Xvxi_Mhyn=A@mail.gmail.com>

Hello,

I have most of the translation finished. There are, however, some places
where the source text is unclear. I will send my questions tomorrow and
after I receive the answers I will provide final translation.

Thank you for understanding.

Kind regards,
Alexandr




2014-03-24 18:31 GMT+01:00 Jiri Vanek <jvanek at redhat.com>:

> Hi guys!
>
> Is there any progress/eta or whatever?
>
> If not, Then I will probably release 1.5 with missing lines, and hope for
> 1.5.1 to bring the fix.
>
> Anyway for any case, I need some feedback to sync with you and rest of ITW.
>
> Thanx in advance,
>  All the best
>    J.
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140324/3f5a37c4/attachment-0001.html>

From aazores at redhat.com  Mon Mar 24 18:05:52 2014
From: aazores at redhat.com (Andrew Azores)
Date: Mon, 24 Mar 2014 14:05:52 -0400
Subject: [rfc][icedtea-web] Temporary permissions
In-Reply-To: <53305AC0.9060509@redhat.com>
References: <53305587.9080208@redhat.com> <53305AC0.9060509@redhat.com>
Message-ID: <53307400.60801@redhat.com>

On 03/24/2014 12:18 PM, Jiri Vanek wrote:
> On 03/24/2014 04:55 PM, Andrew Azores wrote:
>> Hi,
>>
>> This patch adds new menu items to the new popup menu where 
>> PolicyEditor can be launched. These new
>> items make it possible to run the current applet sandboxed, but with 
>> some additional permissions
>> added, without having to actually launch PolicyEditor and configure 
>> the permissions. These
>> permissions are also temporary, as opposed to making a custom policy, 
>> which persists until you
>> remove the policy.
>>
>> Right now the permission set defined is just the sum of the 
>> permissions PolicyEditor can grant via
>> its checkboxes, and the two options added are No File Access and No 
>> Network Access, which are just
>> that full set minus a few. I'd appreciate input on what other 
>> temporary permission options could be
>> made available.
>
> Only Sound
> Only clipboard
>
>  ? .. jsut ideas :)
>
> Generally I would like to have combinations, which allows to me most 
> of freedom, but protectme aginst gratest evils
>  - fiel accees
>  - network
>  - system.exec and simialr calls (yaaaaaaah!!)
>
> and ege sets of above
>  - no fiel accees nor networl
>  - network nor system exec
>  - system.exec nor fileacces
>  - non of those three
>
> ....
> agian - jsut ideas....

Okay, added a bunch like this, including Reflection as we discussed on 
IRC, and Runtime.exec which is actually FilePermission with execute 
action apparently (makes sense).

>
>>
>> Anyone have ideas on making the popup menu disappear nicely, rather 
>> than adding a setVisible call on
>> it to every action listener we have? And I suppose it should also be 
>> forced to disappear when the
>> dialog is disposed as well. What's the best practice for that?
>
> You can try lostfocus (it is actually window inside) or on 
> MouseExited). Each have its pross and cons...
>

Didn't end up using either, but problem is solved anyway using the 
show() method rather than setVisible(), I think.

>
>
>>
>> Thanks,
>>
>> -- 
>> Andrew A
>>
>
> This is extra cool :)
>>
>> temporary-permissions.patch
>>
>>
>> diff --git a/netx/net/sourceforge/jnlp/resources/Messages.properties 
>> b/netx/net/sourceforge/jnlp/resources/Messages.properties
>> --- a/netx/net/sourceforge/jnlp/resources/Messages.properties
>> +++ b/netx/net/sourceforge/jnlp/resources/Messages.properties
>> @@ -302,6 +302,8 @@ SAuthenticationPrompt=The {0} server at
>>   SJNLPFileIsNotSigned=This application contains a digital signature 
>> in which the launching JNLP file is not signed.
>>   SAppletTitle=Applet title: {0}
>>   STrustedOnlyAttributeFailure=This application specifies 
>> Trusted-only as True in its Manifest. {0} and requests permission 
>> level: {1}. This is not allowed.
>> +STempPermNoFile=No file access
>> +STempPermNoNetwork=No network access
>>
>>   # Security - used for the More Information dialog
>>   SBadKeyUsage=Resources contain entries whose signer certificate's 
>> KeyUsage extension doesn't allow code signing.
>> diff --git a/netx/net/sourceforge/jnlp/security/Permissions.java 
>> b/netx/net/sourceforge/jnlp/security/Permissions.java
>> new file mode 100644
>> --- /dev/null
>> +++ b/netx/net/sourceforge/jnlp/security/Permissions.java
>> @@ -0,0 +1,24 @@
>> +package net.sourceforge.jnlp.security;
>> +
>> +import java.awt.AWTPermission;
>> +import java.io.FilePermission;
>> +import java.net.SocketPermission;
>> +import java.security.Permission;
>> +import java.util.PropertyPermission;
>> +
>> +import javax.sound.sampled.AudioPermission;
>> +
>> +public class Permissions {
>> +
>> +    public static final Permission READ_LOCAL_FILES = new 
>> FilePermission("${user.home}${/}*", "read");
>> +    public static final Permission WRITE_LOCAL_FILES = new 
>> FilePermission("${user.home}${/}*", "write");
>> +    public static final Permission READ_TMP_FILES = new 
>> FilePermission("${java.io.tmpdir}${/}*", "read");
>> +    public static final Permission WRITE_TMP_FILES = new 
>> FilePermission("${java.io.tmpdir}${/}*", "write");
>> +    public static final Permission READ_PROPERTIES = new 
>> PropertyPermission("*", "read");
>> +    public static final Permission WRITE_PROPERTIES = new 
>> PropertyPermission("*", "write");
>> +    public static final Permission NETWORK_ACCESS = new 
>> SocketPermission("*", "listen,connect,accept,resolve");
>> +    public static final Permission CLIPBOARD_ACCESS = new 
>> AWTPermission("accessClipboard");
>> +    public static final Permission PRINT_DOCUMENTS = new 
>> RuntimePermission("queuePrintJob");
>> +    public static final Permission PLAY_AUDIO = new 
>> AudioPermission("play");
>
> Arent those already deffineded? I think I saw them.. or something 
> really simialr. Cant it be reused?

You're probably thinking of PolicyEditorPermissions. They aren't 
actually the Permission objects to be granted, they're just models that 
in the end contain a few Strings, which are used for (de)serializing. I 
don't know of a simple prebuilt way to go from these models/string 
representations to the actual Permission objects. It could be reused by 
giving it a Permission field, and then adding a switch statement to 
check the PermissionType and set the field based on this, but that's a 
bit ugly. Up to you if this would be preferable.

>> +
>> +}
>> diff --git a/netx/net/sourceforge/jnlp/security/SecurityDialog.java 
>> b/netx/net/sourceforge/jnlp/security/SecurityDialog.java
>> --- a/netx/net/sourceforge/jnlp/security/SecurityDialog.java
>
>
> snip
>> +
>> +        final JMenuItem noFileAccess = new 
>> JMenuItem(R("STempPermNoFile"));
>> +        noFileAccess.addActionListener(new 
>> TemporaryPermissionsListener(
>> +                Permissions.NETWORK_ACCESS, 
>> Permissions.READ_PROPERTIES, Permissions.WRITE_PROPERTIES,
>> +                Permissions.CLIPBOARD_ACCESS, 
>> Permissions.PLAY_AUDIO, Permissions.PRINT_DOCUMENTS));
>> +        policyMenu.add(noFileAccess);
>> +
>> +        final JMenuItem noNetworkAccess = new 
>> JMenuItem(R("STempPermNoNetwork"));
>> +        noNetworkAccess.addActionListener(new 
>> TemporaryPermissionsListener(
>> +                Permissions.READ_LOCAL_FILES, 
>> Permissions.WRITE_LOCAL_FILES,
>> +                Permissions.READ_TMP_FILES, 
>> Permissions.WRITE_TMP_FILES,
>> +                Permissions.READ_PROPERTIES, 
>> Permissions.WRITE_PROPERTIES,
>> +                Permissions.CLIPBOARD_ACCESS, 
>> Permissions.PLAY_AUDIO, Permissions.PRINT_DOCUMENTS));
>> +        policyMenu.add(noNetworkAccess);
>> +
>>           policyMenu.setSize(policyMenu.getMinimumSize());
>
>
> Cant this be a bit more beter? I do not isnists, but imho tehre should 
> be some Interface "privledge provider"
>  With (now) two  implementations - Offline, NoFileAcces ...

It's a nice idea, but it seems like a bit more abstraction than is 
really needed for this task, doesn't it? I guess it would at least 
reduce the line count in the two dialogs. I don't think it's really 
worthwhile though.

>
> What do you think? Maybe something like this would be doable also for 
> the policies as they flew into ITW, isnt there somthing like that?
>
>
> J.
>

Thanks,

-- 
Andrew A

-------------- next part --------------
A non-text attachment was scrubbed...
Name: temporary-permissions.patch
Type: text/x-patch
Size: 25523 bytes
Desc: not available
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140324/a0119557/temporary-permissions-0001.patch>

From aazores at icedtea.classpath.org  Mon Mar 24 18:08:27 2014
From: aazores at icedtea.classpath.org (aazores at icedtea.classpath.org)
Date: Mon, 24 Mar 2014 18:08:27 +0000
Subject: /hg/icedtea-web: Fixed ManifestsAttributeValidator and RunInSandbox
Message-ID: <hg.80e5a57863e2.1395684507.8643924302249223276@icedtea.classpath.org>

changeset 80e5a57863e2 in /hg/icedtea-web
details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=80e5a57863e2
author: Andrew Azores <aazores at redhat.com>
date: Mon Mar 24 14:08:17 2014 -0400

	Fixed ManifestsAttributeValidator and RunInSandbox


diffstat:

 ChangeLog                                                           |   5 ++++
 netx/net/sourceforge/jnlp/runtime/ManifestsAttributesValidator.java |  11 +++++++--
 2 files changed, 13 insertions(+), 3 deletions(-)

diffs (40 lines):

diff -r c0845e58bfba -r 80e5a57863e2 ChangeLog
--- a/ChangeLog	Mon Mar 24 17:04:51 2014 +0100
+++ b/ChangeLog	Mon Mar 24 14:08:17 2014 -0400
@@ -1,3 +1,8 @@
+2014-03-24  Andrew Azores  <aazores at redhat.com>
+
+	* netx/net/sourceforge/jnlp/runtime/ManifestsAttributesValidator.java:
+	(checkTrustedOnlyAttrubute) works properly with sandboxing
+
 2014-03-24  Jiri Vanek  <jvanek at redhat.com>
 
 	Client applications now log into new console.
diff -r c0845e58bfba -r 80e5a57863e2 netx/net/sourceforge/jnlp/runtime/ManifestsAttributesValidator.java
--- a/netx/net/sourceforge/jnlp/runtime/ManifestsAttributesValidator.java	Mon Mar 24 17:04:51 2014 +0100
+++ b/netx/net/sourceforge/jnlp/runtime/ManifestsAttributesValidator.java	Mon Mar 24 14:08:17 2014 -0400
@@ -102,16 +102,21 @@
             securityType = "Unknown";
         }
 
-        final boolean isFullySigned = signing == SigningState.FULL || (signing == SigningState.PARTIAL && securityDelegate.getRunInSandbox());
+        final boolean isFullySigned = signing == SigningState.FULL;
+        final boolean isSandboxed = securityDelegate.getRunInSandbox();
+        final boolean requestsCorrectPermissions = (isFullySigned && SecurityDesc.ALL_PERMISSIONS.equals(desc))
+                || (isSandboxed && SecurityDesc.SANDBOX_PERMISSIONS.equals(desc));
         final String signedMsg;
-        if (isFullySigned) {
+        if (isFullySigned && !isSandboxed) {
             signedMsg = "The applet is fully signed";
+        } else if (isFullySigned && isSandboxed) {
+            signedMsg = "The applet is fully signed and sandboxed";
         } else {
             signedMsg = "The applet is not fully signed";
         }
         OutputController.getLogger().log(OutputController.Level.MESSAGE_DEBUG,
                 "Trusted Only manifest attribute is \"true\". " + signedMsg + " and requests permission level: " + securityType);
-        if (!(isFullySigned && SecurityDesc.ALL_PERMISSIONS.equals(desc))) {
+        if (!(isFullySigned && requestsCorrectPermissions)) {
             throw new LaunchException(Translator.R("STrustedOnlyAttributeFailure", signedMsg, securityType));
         }
     }

From aazores at icedtea.classpath.org  Mon Mar 24 18:16:34 2014
From: aazores at icedtea.classpath.org (aazores at icedtea.classpath.org)
Date: Mon, 24 Mar 2014 18:16:34 +0000
Subject: /hg/icedtea-web: ManifestsAttributesValidator renamed to Manifes...
Message-ID: <hg.d0069afaeaff.1395684994.8643924302249223276@icedtea.classpath.org>

changeset d0069afaeaff in /hg/icedtea-web
details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=d0069afaeaff
author: Andrew Azores <aazores at redhat.com>
date: Mon Mar 24 14:16:20 2014 -0400

	ManifestsAttributesValidator renamed to ManifestAttributesChecker

	* netx/net/sourceforge/jnlp/runtime/ManifestsAttributesValidator.java:
	renamed to ManifestAttributesChecker.
	* netx/net/sourceforge/jnlp/runtime/ManifestAttributesChecker.java:
	(checkTrustedOnlyAttribute, checkCodebaseAttribute,
	checkPermissionsAttribute,
	checkApplicationLibraryAllowableCodebaseAttribute) made private.
	(checkAll) new method.
	* netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java: reflect above
	changes


diffstat:

 ChangeLog                                                           |   12 +
 netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java              |    7 +-
 netx/net/sourceforge/jnlp/runtime/ManifestAttributesChecker.java    |  302 ++++++++++
 netx/net/sourceforge/jnlp/runtime/ManifestsAttributesValidator.java |  295 ---------
 4 files changed, 316 insertions(+), 300 deletions(-)

diffs (truncated from 641 to 500 lines):

diff -r 80e5a57863e2 -r d0069afaeaff ChangeLog
--- a/ChangeLog	Mon Mar 24 14:08:17 2014 -0400
+++ b/ChangeLog	Mon Mar 24 14:16:20 2014 -0400
@@ -1,3 +1,15 @@
+2014-03-24  Andrew Azores  <aazores at redhat.com>
+
+	* netx/net/sourceforge/jnlp/runtime/ManifestsAttributesValidator.java:
+	renamed to ManifestAttributesChecker.
+	* netx/net/sourceforge/jnlp/runtime/ManifestAttributesChecker.java:
+	(checkTrustedOnlyAttribute, checkCodebaseAttribute,
+	checkPermissionsAttribute,
+	checkApplicationLibraryAllowableCodebaseAttribute) made private.
+	(checkAll) new method.
+	* netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java: reflect above
+	changes
+
 2014-03-24  Andrew Azores  <aazores at redhat.com>
 
 	* netx/net/sourceforge/jnlp/runtime/ManifestsAttributesValidator.java:
diff -r 80e5a57863e2 -r d0069afaeaff netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java
--- a/netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java	Mon Mar 24 14:08:17 2014 -0400
+++ b/netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java	Mon Mar 24 14:16:20 2014 -0400
@@ -284,11 +284,8 @@
 
         setSecurity();
 
-        ManifestsAttributesValidator mav = new ManifestsAttributesValidator(security, file, signing, securityDelegate);
-        mav.checkTrustedOnlyAttribute();
-        mav.checkCodebaseAttribute();
-        mav.checkPermissionsAttribute();
-        mav.checkApplicationLibraryAllowableCodebaseAttribute();
+        ManifestAttributesChecker mac = new ManifestAttributesChecker(security, file, signing, securityDelegate);
+        mac.checkAll();
         
         installShutdownHooks();
         
diff -r 80e5a57863e2 -r d0069afaeaff netx/net/sourceforge/jnlp/runtime/ManifestAttributesChecker.java
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/netx/net/sourceforge/jnlp/runtime/ManifestAttributesChecker.java	Mon Mar 24 14:16:20 2014 -0400
@@ -0,0 +1,302 @@
+/* 
+Copyright (C) 2011 Red Hat, Inc.
+
+This file is part of IcedTea.
+
+IcedTea is free software; you can redistribute it and/or
+modify it under the terms of the GNU General Public License as published by
+the Free Software Foundation, version 2.
+
+IcedTea is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with IcedTea; see the file COPYING.  If not, write to
+the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version.
+ */
+package net.sourceforge.jnlp.runtime;
+
+import java.net.URL;
+import java.util.HashSet;
+import java.util.Set;
+
+import net.sourceforge.jnlp.ExtensionDesc;
+import net.sourceforge.jnlp.JARDesc;
+import net.sourceforge.jnlp.JNLPFile;
+import net.sourceforge.jnlp.JNLPFile.ManifestBoolean;
+import net.sourceforge.jnlp.LaunchException;
+import net.sourceforge.jnlp.PluginBridge;
+import net.sourceforge.jnlp.ResourcesDesc;
+import net.sourceforge.jnlp.SecurityDesc;
+import net.sourceforge.jnlp.runtime.JNLPClassLoader.SecurityDelegate;
+import net.sourceforge.jnlp.runtime.JNLPClassLoader.SigningState;
+import net.sourceforge.jnlp.security.SecurityDialogs;
+import net.sourceforge.jnlp.security.appletextendedsecurity.AppletSecurityLevel;
+import net.sourceforge.jnlp.security.appletextendedsecurity.AppletStartupSecuritySettings;
+import net.sourceforge.jnlp.util.ClasspathMatcher.ClasspathMatchers;
+import net.sourceforge.jnlp.util.UrlUtils;
+import net.sourceforge.jnlp.util.logging.OutputController;
+
+public class ManifestAttributesChecker {
+
+    private final SecurityDesc security;
+    private final JNLPFile file;
+    private final SigningState signing;
+    private final SecurityDelegate securityDelegate;
+
+    public ManifestAttributesChecker(final SecurityDesc security, final JNLPFile file,
+            final SigningState signing, final SecurityDelegate securityDelegate) throws LaunchException {
+        this.security = security;
+        this.file = file;
+        this.signing = signing;
+        this.securityDelegate = securityDelegate;
+    }
+
+    void checkAll() throws LaunchException {
+        checkTrustedOnlyAttribute();
+        checkCodebaseAttribute();
+        checkPermissionsAttribute();
+        checkApplicationLibraryAllowableCodebaseAttribute();
+    }
+
+    /**
+     * http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#trusted_only
+     */
+    private void checkTrustedOnlyAttribute() throws LaunchException {
+        final ManifestBoolean trustedOnly = file.getManifestsAttributes().isTrustedOnly();
+        if (trustedOnly == ManifestBoolean.UNDEFINED) {
+            OutputController.getLogger().log(OutputController.Level.MESSAGE_DEBUG, "Trusted Only manifest attribute not found. Continuing.");
+            return;
+        }
+
+        if (trustedOnly == ManifestBoolean.FALSE) {
+            OutputController.getLogger().log(OutputController.Level.MESSAGE_DEBUG, "Trusted Only manifest attribute is false. Continuing.");
+            return;
+        }
+
+        final Object desc = security.getSecurityType();
+
+        final String securityType;
+        if (desc == null) {
+            securityType = "Not Specified";
+        } else if (desc.equals(SecurityDesc.ALL_PERMISSIONS)) {
+            securityType = "All-Permission";
+        } else if (desc.equals(SecurityDesc.SANDBOX_PERMISSIONS)) {
+            securityType = "Sandbox";
+        } else if (desc.equals(SecurityDesc.J2EE_PERMISSIONS)) {
+            securityType = "J2EE";
+        } else {
+            securityType = "Unknown";
+        }
+
+        final boolean isFullySigned = signing == SigningState.FULL;
+        final boolean isSandboxed = securityDelegate.getRunInSandbox();
+        final boolean requestsCorrectPermissions = (isFullySigned && SecurityDesc.ALL_PERMISSIONS.equals(desc))
+                || (isSandboxed && SecurityDesc.SANDBOX_PERMISSIONS.equals(desc));
+        final String signedMsg;
+        if (isFullySigned && !isSandboxed) {
+            signedMsg = "The applet is fully signed";
+        } else if (isFullySigned && isSandboxed) {
+            signedMsg = "The applet is fully signed and sandboxed";
+        } else {
+            signedMsg = "The applet is not fully signed";
+        }
+        OutputController.getLogger().log(OutputController.Level.MESSAGE_DEBUG,
+                "Trusted Only manifest attribute is \"true\". " + signedMsg + " and requests permission level: " + securityType);
+        if (!(isFullySigned && requestsCorrectPermissions)) {
+            throw new LaunchException(Translator.R("STrustedOnlyAttributeFailure", signedMsg, securityType));
+        }
+    }
+
+    /**
+     * http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/manifest.html#codebase
+     */
+    private void checkCodebaseAttribute() throws LaunchException {
+        if (file.getCodeBase() == null || file.getCodeBase().getProtocol().equals("file")) {
+            OutputController.getLogger().log(OutputController.Level.WARNING_ALL, Translator.R("CBCheckFile"));
+            return;
+        }
+        final Object securityType = security.getSecurityType();
+        final URL codebase = UrlUtils.guessCodeBase(file);
+        final ClasspathMatchers codebaseAtt = file.getManifestsAttributes().getCodebase();
+        if (codebaseAtt == null) {
+            OutputController.getLogger().log(OutputController.Level.WARNING_ALL, Translator.R("CBCheckNoEntry"));
+            return;
+        }
+        if (securityType.equals(SecurityDesc.SANDBOX_PERMISSIONS)) {
+            if (codebaseAtt.matches(codebase)) {
+                OutputController.getLogger().log(OutputController.Level.MESSAGE_ALL, Translator.R("CBCheckUnsignedPass"));
+            } else {
+                OutputController.getLogger().log(OutputController.Level.ERROR_ALL, Translator.R("CBCheckUnsignedFail"));
+            }
+        } else {
+            if (codebaseAtt.matches(codebase)) {
+                OutputController.getLogger().log(OutputController.Level.MESSAGE_ALL, Translator.R("CBCheckOkSignedOk"));
+            } else {
+                if (file instanceof PluginBridge) {
+                    throw new LaunchException(Translator.R("CBCheckSignedAppletDontMatchException", file.getManifestsAttributes().getCodebase().toString(), codebase));
+                } else {
+                    OutputController.getLogger().log(OutputController.Level.ERROR_ALL, Translator.R("CBCheckSignedFail"));
+                }
+            }
+        }
+
+    }
+
+    /**
+     * http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#permissions
+     */
+    private void checkPermissionsAttribute() throws LaunchException {
+        final ManifestBoolean permissions = file.getManifestsAttributes().isSandboxForced();
+        AppletSecurityLevel level = AppletStartupSecuritySettings.getInstance().getSecurityLevel();
+        if (level == AppletSecurityLevel.ALLOW_UNSIGNED || securityDelegate.getRunInSandbox()) {
+            OutputController.getLogger().log(OutputController.Level.WARNING_ALL, "Although 'permissions' attribute of this application is '" + file.getManifestsAttributes().permissionsToString()
+                    + "' Your Extended applets security is at 'low', or you have specifically chosen to run the applet Sandboxed. Continuing");
+            return;
+        }
+        switch (permissions) {
+            case UNDEFINED: {
+                if (level == AppletSecurityLevel.DENY_UNSIGNED) {
+                    throw new LaunchException("Your Extended applets security is at 'Very high', and this application is missing the 'permissions' attribute in manifest. This is fatal");
+                }
+                if (level == AppletSecurityLevel.ASK_UNSIGNED) {
+                    boolean a = SecurityDialogs.showMissingPermissionsAttributeDialogue(file.getTitle(), file.getCodeBase());
+                    if (!a) {
+                        throw new LaunchException("Your Extended applets security is at 'high' and  this applicationis missing the 'permissions' attribute in manifest. And you have refused to run it.");
+                    } else {
+                        OutputController.getLogger().log("Your Extended applets security is at 'high' and  this applicationis missing the 'permissions' attribute in manifest. And you have allowed to run it.");
+                    }
+                }
+                //default for missing is sandbox
+                if (!SecurityDesc.SANDBOX_PERMISSIONS.equals(security.getSecurityType())) {
+                    throw new LaunchException("The 'permissions' attribute is not specified, and application is requesting permissions. This is fatal");
+                }
+                break;
+            }
+            case TRUE: {
+                if (SecurityDesc.SANDBOX_PERMISSIONS.equals(security.getSecurityType())) {
+                    OutputController.getLogger().log("The permissions attribute of this application is " + file.getManifestsAttributes().permissionsToString() + "' and security is '" + security.getSecurityType() + "'. Thats correct");
+                } else {
+                    throw new LaunchException("The 'permissions' attribute is '" + file.getManifestsAttributes().permissionsToString() + "' but  security is '" + security.getSecurityType() + "'. This is fatal");
+                }
+            }
+            case FALSE: {
+                if (SecurityDesc.SANDBOX_PERMISSIONS.equals(security.getSecurityType())) {
+                    throw new LaunchException("The 'permissions' attribute is '" + file.getManifestsAttributes().permissionsToString() + "' but  security is' " + security.getSecurityType() + "'. This is fatal");
+                } else {
+                    OutputController.getLogger().log("The permissions attribute of this application is '" + file.getManifestsAttributes().permissionsToString() + "' and security is '" + security.getSecurityType() + "'. Thats correct");
+                }
+            }
+        }
+    }
+
+    private void checkApplicationLibraryAllowableCodebaseAttribute() throws LaunchException {
+        if (signing == SigningState.NONE) {
+            return; /*when app is not signed at all, then skip this check*/
+        }
+        //conditions
+        URL codebase = file.getCodeBase();
+        URL documentBase = null;
+        if (file instanceof PluginBridge) {
+            documentBase = ((PluginBridge) file).getSourceLocation();
+        }
+        if (documentBase == null) {
+            documentBase = file.getCodeBase();
+        }
+
+        //cases
+        Set<URL> usedUrls = new HashSet<URL>();
+        URL sourceLocation = file.getSourceLocation();
+        ResourcesDesc[] resourcesDescs = file.getResourcesDescs();
+        if (sourceLocation != null) {
+            usedUrls.add(UrlUtils.removeFileName(sourceLocation));
+        }
+        for (ResourcesDesc resourcesDesc : resourcesDescs) {
+            ExtensionDesc[] ex = resourcesDesc.getExtensions();
+            if (ex != null) {
+                for (ExtensionDesc extensionDesc : ex) {
+                    if (extensionDesc != null) {
+                        usedUrls.add(UrlUtils.removeFileName(extensionDesc.getLocation()));
+                    }
+                }
+            }
+            JARDesc[] jars = resourcesDesc.getJARs();
+            if (jars != null) {
+                for (JARDesc jarDesc : jars) {
+                    if (jarDesc != null) {
+                        usedUrls.add(UrlUtils.removeFileName(jarDesc.getLocation()));
+                    }
+                }
+            }
+            JNLPFile jnlp = resourcesDesc.getJNLPFile();
+            if (jnlp != null) {
+                usedUrls.add(UrlUtils.removeFileName(jnlp.getSourceLocation()));
+            }
+
+        }
+        OutputController.getLogger().log("Found alaca URLs to be verified");
+        for (URL url : usedUrls) {
+            OutputController.getLogger().log(" - " + url.toExternalForm());
+        }
+        if (usedUrls.isEmpty()) {
+            //I hope this is the case, when the resources is/are
+            //only codebase classes. Then it should be safe to return.
+            OutputController.getLogger().log("The application is not using any url resources, skipping Application-Library-Allowable-Codebase Attribute check.");
+            return;
+        }
+
+        if (usedUrls.size() == 1) {
+            if (UrlUtils.equalsIgnoreLastSlash(usedUrls.toArray(new URL[0])[0], codebase)
+                    && UrlUtils.equalsIgnoreLastSlash(usedUrls.toArray(new URL[0])[0], documentBase)) {
+                //all resoources are from codebase or document base. it is ok to proceeed.
+                OutputController.getLogger().log("All applications resources (" + usedUrls.toArray(new URL[0])[0] + ") are from codebas/documentbase " + codebase + "/" + documentBase + ", skipping Application-Library-Allowable-Codebase Attribute check.");
+                return;
+            }
+        }
+        ClasspathMatchers att = file.getManifestsAttributes().getApplicationLibraryAllowableCodebase();
+
+        if (att == null) {
+            boolean a = SecurityDialogs.showMissingALACAttributePanel(file.getTitle(), documentBase, usedUrls);
+            if (!a) {
+                throw new LaunchException("The application uses non-codebase resources, has no Application-Library-Allowable-Codebase Attribute, and was blocked from running by the user");
+            } else {
+                OutputController.getLogger().log("The application uses non-codebase resources, has no Application-Library-Allowable-Codebase Attribute, and was allowed to run by the user");
+                return;
+            }
+        } else {
+            for (URL foundUrl : usedUrls) {
+                if (!att.matches(foundUrl)) {
+                    throw new LaunchException("The resource from " + foundUrl + " does not match the  location in Application-Library-Allowable-Codebase Attribute " + att + ". Blocking the application from running.");
+                } else {
+                    OutputController.getLogger().log("The resource from " + foundUrl + " does  match the  location in Application-Library-Allowable-Codebase Attribute " + att + ". Continuing.");
+                }
+            }
+        }
+        boolean a = SecurityDialogs.showMatchingALACAttributePanel(file.getTitle(), documentBase, usedUrls);
+        if (!a) {
+            throw new LaunchException("The application uses non-codebase resources, which do match its Application-Library-Allowable-Codebase Attribute, but was blocked from running by the user.");
+        } else {
+            OutputController.getLogger().log("The application uses non-codebase resources, which do match its Application-Library-Allowable-Codebase Attribute, and was allowed to run by the user.");
+        }
+    }
+}
diff -r 80e5a57863e2 -r d0069afaeaff netx/net/sourceforge/jnlp/runtime/ManifestsAttributesValidator.java
--- a/netx/net/sourceforge/jnlp/runtime/ManifestsAttributesValidator.java	Mon Mar 24 14:08:17 2014 -0400
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,295 +0,0 @@
-/* 
-Copyright (C) 2011 Red Hat, Inc.
-
-This file is part of IcedTea.
-
-IcedTea is free software; you can redistribute it and/or
-modify it under the terms of the GNU General Public License as published by
-the Free Software Foundation, version 2.
-
-IcedTea is distributed in the hope that it will be useful,
-but WITHOUT ANY WARRANTY; without even the implied warranty of
-MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-General Public License for more details.
-
-You should have received a copy of the GNU General Public License
-along with IcedTea; see the file COPYING.  If not, write to
-the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
-02110-1301 USA.
-
-Linking this library statically or dynamically with other modules is
-making a combined work based on this library.  Thus, the terms and
-conditions of the GNU General Public License cover the whole
-combination.
-
-As a special exception, the copyright holders of this library give you
-permission to link this library with independent modules to produce an
-executable, regardless of the license terms of these independent
-modules, and to copy and distribute the resulting executable under
-terms of your choice, provided that you also meet, for each linked
-independent module, the terms and conditions of the license of that
-module.  An independent module is a module which is not derived from
-or based on this library.  If you modify this library, you may extend
-this exception to your version of the library, but you are not
-obligated to do so.  If you do not wish to do so, delete this
-exception statement from your version.
- */
-package net.sourceforge.jnlp.runtime;
-
-import java.net.URL;
-import java.util.HashSet;
-import java.util.Set;
-
-import net.sourceforge.jnlp.ExtensionDesc;
-import net.sourceforge.jnlp.JARDesc;
-import net.sourceforge.jnlp.JNLPFile;
-import net.sourceforge.jnlp.JNLPFile.ManifestBoolean;
-import net.sourceforge.jnlp.LaunchException;
-import net.sourceforge.jnlp.PluginBridge;
-import net.sourceforge.jnlp.ResourcesDesc;
-import net.sourceforge.jnlp.SecurityDesc;
-import net.sourceforge.jnlp.runtime.JNLPClassLoader.SecurityDelegate;
-import net.sourceforge.jnlp.runtime.JNLPClassLoader.SigningState;
-import net.sourceforge.jnlp.security.SecurityDialogs;
-import net.sourceforge.jnlp.security.appletextendedsecurity.AppletSecurityLevel;
-import net.sourceforge.jnlp.security.appletextendedsecurity.AppletStartupSecuritySettings;
-import net.sourceforge.jnlp.util.ClasspathMatcher.ClasspathMatchers;
-import net.sourceforge.jnlp.util.UrlUtils;
-import net.sourceforge.jnlp.util.logging.OutputController;
-
-public class ManifestsAttributesValidator {
-
-    private final SecurityDesc security;
-    private final JNLPFile file;
-    private final SigningState signing;
-    private final SecurityDelegate securityDelegate;
-
-    public ManifestsAttributesValidator(final SecurityDesc security, final JNLPFile file,
-            final SigningState signing, final SecurityDelegate securityDelegate) {
-        this.security = security;
-        this.file = file;
-        this.signing = signing;
-        this.securityDelegate = securityDelegate;
-    }
-
-    /**
-     * http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#trusted_only
-     */
-    void checkTrustedOnlyAttribute() throws LaunchException {
-        final ManifestBoolean trustedOnly = file.getManifestsAttributes().isTrustedOnly();
-        if (trustedOnly == ManifestBoolean.UNDEFINED) {
-            OutputController.getLogger().log(OutputController.Level.MESSAGE_DEBUG, "Trusted Only manifest attribute not found. Continuing.");
-            return;
-        }
-
-        if (trustedOnly == ManifestBoolean.FALSE) {
-            OutputController.getLogger().log(OutputController.Level.MESSAGE_DEBUG, "Trusted Only manifest attribute is false. Continuing.");
-            return;
-        }
-
-        final Object desc = security.getSecurityType();
-
-        final String securityType;
-        if (desc == null) {
-            securityType = "Not Specified";
-        } else if (desc.equals(SecurityDesc.ALL_PERMISSIONS)) {
-            securityType = "All-Permission";
-        } else if (desc.equals(SecurityDesc.SANDBOX_PERMISSIONS)) {
-            securityType = "Sandbox";
-        } else if (desc.equals(SecurityDesc.J2EE_PERMISSIONS)) {
-            securityType = "J2EE";
-        } else {
-            securityType = "Unknown";
-        }
-
-        final boolean isFullySigned = signing == SigningState.FULL;
-        final boolean isSandboxed = securityDelegate.getRunInSandbox();
-        final boolean requestsCorrectPermissions = (isFullySigned && SecurityDesc.ALL_PERMISSIONS.equals(desc))
-                || (isSandboxed && SecurityDesc.SANDBOX_PERMISSIONS.equals(desc));
-        final String signedMsg;
-        if (isFullySigned && !isSandboxed) {
-            signedMsg = "The applet is fully signed";
-        } else if (isFullySigned && isSandboxed) {
-            signedMsg = "The applet is fully signed and sandboxed";
-        } else {
-            signedMsg = "The applet is not fully signed";
-        }
-        OutputController.getLogger().log(OutputController.Level.MESSAGE_DEBUG,
-                "Trusted Only manifest attribute is \"true\". " + signedMsg + " and requests permission level: " + securityType);
-        if (!(isFullySigned && requestsCorrectPermissions)) {
-            throw new LaunchException(Translator.R("STrustedOnlyAttributeFailure", signedMsg, securityType));
-        }
-    }
-
-    /**
-     * http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/manifest.html#codebase
-     */
-    void checkCodebaseAttribute() throws LaunchException {
-        if (file.getCodeBase() == null || file.getCodeBase().getProtocol().equals("file")) {
-            OutputController.getLogger().log(OutputController.Level.WARNING_ALL, Translator.R("CBCheckFile"));
-            return;
-        }
-        final Object securityType = security.getSecurityType();
-        final URL codebase = UrlUtils.guessCodeBase(file);
-        final ClasspathMatchers codebaseAtt = file.getManifestsAttributes().getCodebase();
-        if (codebaseAtt == null) {
-            OutputController.getLogger().log(OutputController.Level.WARNING_ALL, Translator.R("CBCheckNoEntry"));
-            return;
-        }
-        if (securityType.equals(SecurityDesc.SANDBOX_PERMISSIONS)) {
-            if (codebaseAtt.matches(codebase)) {
-                OutputController.getLogger().log(OutputController.Level.MESSAGE_ALL, Translator.R("CBCheckUnsignedPass"));
-            } else {
-                OutputController.getLogger().log(OutputController.Level.ERROR_ALL, Translator.R("CBCheckUnsignedFail"));
-            }
-        } else {
-            if (codebaseAtt.matches(codebase)) {
-                OutputController.getLogger().log(OutputController.Level.MESSAGE_ALL, Translator.R("CBCheckOkSignedOk"));
-            } else {
-                if (file instanceof PluginBridge) {
-                    throw new LaunchException(Translator.R("CBCheckSignedAppletDontMatchException", file.getManifestsAttributes().getCodebase().toString(), codebase));
-                } else {
-                    OutputController.getLogger().log(OutputController.Level.ERROR_ALL, Translator.R("CBCheckSignedFail"));
-                }
-            }

From aazores at redhat.com  Mon Mar 24 20:05:40 2014
From: aazores at redhat.com (Andrew Azores)
Date: Mon, 24 Mar 2014 16:05:40 -0400
Subject: [rfc][icedtea-web][policyeditor] Reflection and Exec permissions
Message-ID: <53309014.8040801@redhat.com>

Hi,

This patch just adds Reflection and Exec permission options to PolicyEditor.

Thanks,

-- 
Andrew A

-------------- next part --------------
A non-text attachment was scrubbed...
Name: policyeditor-reflection-exec.patch
Type: text/x-patch
Size: 4176 bytes
Desc: not available
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140324/d0d15411/policyeditor-reflection-exec.patch>

From aazores at redhat.com  Mon Mar 24 20:39:20 2014
From: aazores at redhat.com (Andrew Azores)
Date: Mon, 24 Mar 2014 16:39:20 -0400
Subject: [rfc][icedtea-web][policyeditor] Modal PolicyEditor
In-Reply-To: <53305BDD.9010204@redhat.com>
References: <53305AD0.4020601@redhat.com> <53305BDD.9010204@redhat.com>
Message-ID: <533097F8.9090509@redhat.com>

On 03/24/2014 12:22 PM, Jiri Vanek wrote:
> On 03/24/2014 05:18 PM, Andrew Azores wrote:
>> Hi,
>>
>> The "policyeditor-jdialog" patch is simply making PolicyEditor into a 
>> JDialog rather than JFrame so
>> that it can be modal. The "modal-policyeditor" patch actually makes 
>> it modal for the two security
>> dialogs which can launch PolicyEditor.
>>
>> Thanks,
>>
>
> hmhmh. What about stand alone app? Some window maagers atre treating 
> jdialog somehow.. wrongly (likenot seen in alt+tab or similar)
>
> I'm for
>
> -public class PolicyEditor extends JFrame {
> +public class PolicyEditor extends JPanel {
>
> and have two static getters which  return
>  - one jdialog
>  - one jframe
>
> what is better for the case... with the panel on of PolcyEditor in it.
>
>
> J.
>

How's this?

>
> jsut noted:
> * Comments will *not* be preserved when PolicyEditor next saves to the
>
> Is it really so hard to store the comments for future save?

PolicyEditor doesn't even properly parse policy files sometimes, 
depending on the way the comments are written :) once that's sorted out 
then being able to store the comments in their own model as well should 
not be too hard.

Thanks,

-- 
Andrew A

-------------- next part --------------
A non-text attachment was scrubbed...
Name: modal-policyeditor-2.patch
Type: text/x-patch
Size: 19812 bytes
Desc: not available
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140324/8a642ac2/modal-policyeditor-2-0001.patch>

From ptisnovs at icedtea.classpath.org  Tue Mar 25 08:38:54 2014
From: ptisnovs at icedtea.classpath.org (ptisnovs at icedtea.classpath.org)
Date: Tue, 25 Mar 2014 08:38:54 +0000
Subject: /hg/gfx-test: New tests added into CAGOperationsOnTwoTouchingCir...
Message-ID: <hg.72be1e400e82.1395736734.-6248649288953172555@icedtea.classpath.org>

changeset 72be1e400e82 in /hg/gfx-test
details: http://icedtea.classpath.org/hg/gfx-test?cmd=changeset;node=72be1e400e82
author: Pavel Tisnovsky <ptisnovs at redhat.com>
date: Tue Mar 25 09:39:30 2014 +0100

	New tests added into CAGOperationsOnTwoTouchingCircles.


diffstat:

 ChangeLog                                                               |    5 +
 src/org/gfxtest/testsuites/CAGOperationsOnTwoOverlappingRectangles.java |  125 ++++++++++
 2 files changed, 130 insertions(+), 0 deletions(-)

diffs (147 lines):

diff -r 6c229eda647a -r 72be1e400e82 ChangeLog
--- a/ChangeLog	Mon Mar 24 11:06:19 2014 +0100
+++ b/ChangeLog	Tue Mar 25 09:39:30 2014 +0100
@@ -1,3 +1,8 @@
+2014-03-25  Pavel Tisnovsky  <ptisnovs at redhat.com>
+
+	* src/org/gfxtest/testsuites/CAGOperationsOnTwoOverlappingRectangles.java:
+	New tests added into CAGOperationsOnTwoTouchingCircles.
+
 2014-03-24  Pavel Tisnovsky  <ptisnovs at redhat.com>
 
 	* src/org/gfxtest/testsuites/CAGOperationsOnTwoTouchingCircles.java:
diff -r 6c229eda647a -r 72be1e400e82 src/org/gfxtest/testsuites/CAGOperationsOnTwoOverlappingRectangles.java
--- a/src/org/gfxtest/testsuites/CAGOperationsOnTwoOverlappingRectangles.java	Mon Mar 24 11:06:19 2014 +0100
+++ b/src/org/gfxtest/testsuites/CAGOperationsOnTwoOverlappingRectangles.java	Tue Mar 25 09:39:30 2014 +0100
@@ -433,6 +433,131 @@
 
     /**
      * Checks the process of creating and rendering new geometric shape
+     * constructed from two overlapping rectangles using union operator. The shape is rendered
+     * using zero wide stroke.
+     * 
+     * @param image
+     *            image to which area is to be drawn
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testUnionZeroStrokePaint(TestImage image, Graphics2D graphics2d)
+    {
+        // set stroke color
+        CommonRenderingStyles.setStrokeColor(graphics2d);
+        // set stroke width
+        CommonRenderingStyles.setStrokeZeroThick(graphics2d);
+        // create area using union operator
+        Area area = CommonCAGOperations.createAreaFromTwoOverlappingRectanglesUsingUnionOperator(image);
+        // draw the area
+        graphics2d.draw(area);
+        // test result
+        return TestResult.PASSED;
+    }
+
+    /**
+     * Checks the process of creating and rendering new geometric shape
+     * constructed from two overlapping rectangles using subtract operator. The shape is
+     * rendered using zero stroke.
+     * 
+     * @param image
+     *            image to which area is to be drawn
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testSubtractZeroStrokePaint(TestImage image, Graphics2D graphics2d)
+    {
+        // set stroke color
+        CommonRenderingStyles.setStrokeColor(graphics2d);
+        // set stroke width
+        CommonRenderingStyles.setStrokeZeroThick(graphics2d);
+        // create area using subtract operator
+        Area area = CommonCAGOperations.createAreaFromTwoOverlappingRectanglesUsingSubtractOperator(image);
+        // draw the area
+        graphics2d.draw(area);
+        // test result
+        return TestResult.PASSED;
+    }
+
+    /**
+     * Checks the process of creating and rendering new geometric shape
+     * constructed from two overlapping rectangles using inverse subtract operator. The shape
+     * is rendered using zero stroke.
+     * 
+     * @param image
+     *            image to which area is to be drawn
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testInverseSubtractZeroStrokePaint(TestImage image, Graphics2D graphics2d)
+    {
+        // set stroke color
+        CommonRenderingStyles.setStrokeColor(graphics2d);
+        // set stroke width
+        CommonRenderingStyles.setStrokeZeroThick(graphics2d);
+        // create area using subtract operator
+        Area area = CommonCAGOperations.createAreaFromTwoOverlappingRectanglesUsingInverseSubtractOperator(image);
+        // draw the area
+        graphics2d.draw(area);
+        // test result
+        return TestResult.PASSED;
+    }
+
+    /**
+     * Checks the process of creating and rendering new geometric shape
+     * constructed from two overlapping rectangles using intersect operator. The shape is
+     * rendered using zero stroke.
+     * 
+     * @param image
+     *            image to which area is to be drawn
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testIntersectZeroStrokePaint(TestImage image, Graphics2D graphics2d)
+    {
+        // set stroke color
+        CommonRenderingStyles.setStrokeColor(graphics2d);
+        // set stroke width
+        CommonRenderingStyles.setStrokeZeroThick(graphics2d);
+        // create area using intersect operator
+        Area area = CommonCAGOperations.createAreaFromTwoOverlappingRectanglesUsingIntersectOperator(image);
+        // draw the area
+        graphics2d.draw(area);
+        // test result
+        return TestResult.PASSED;
+    }
+
+    /**
+     * Checks the process of creating and rendering new geometric shape
+     * constructed from two overlapping rectangles using XOR operator. The shape is rendered
+     * using zero stroke.
+     * 
+     * @param image
+     *            image to which area is to be drawn
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testXorZeroStrokePaint(TestImage image, Graphics2D graphics2d)
+    {
+        // set stroke color
+        CommonRenderingStyles.setStrokeColor(graphics2d);
+        // set stroke width
+        CommonRenderingStyles.setStrokeZeroThick(graphics2d);
+        // create area using XOR operator
+        Area area = CommonCAGOperations.createAreaFromTwoOverlappingRectanglesUsingXorOperator(image);
+        // draw the area
+        graphics2d.draw(area);
+        // test result
+        return TestResult.PASSED;
+    }
+
+    /**
+     * Checks the process of creating and rendering new geometric shape
      * constructed from two rectangles using union operator. The shape is
      * rendered using color paint (fill).
      * 

From ptisnovs at icedtea.classpath.org  Tue Mar 25 08:42:58 2014
From: ptisnovs at icedtea.classpath.org (ptisnovs at icedtea.classpath.org)
Date: Tue, 25 Mar 2014 08:42:58 +0000
Subject: /hg/rhino-tests: Three new tests added into ScriptEngineFactoryC...
Message-ID: <hg.4aec4c1b2a37.1395736978.-6019694633368342460@icedtea.classpath.org>

changeset 4aec4c1b2a37 in /hg/rhino-tests
details: http://icedtea.classpath.org/hg/rhino-tests?cmd=changeset;node=4aec4c1b2a37
author: Pavel Tisnovsky <ptisnovs at redhat.com>
date: Tue Mar 25 09:43:42 2014 +0100

	Three new tests added into ScriptEngineFactoryClassTest.


diffstat:

 ChangeLog                                            |   5 ++
 src/org/RhinoTests/ScriptEngineFactoryClassTest.java |  41 +++++++++++++++++++-
 2 files changed, 45 insertions(+), 1 deletions(-)

diffs (74 lines):

diff -r a925ed2c4086 -r 4aec4c1b2a37 ChangeLog
--- a/ChangeLog	Mon Mar 24 11:13:09 2014 +0100
+++ b/ChangeLog	Tue Mar 25 09:43:42 2014 +0100
@@ -1,3 +1,8 @@
+2014-03-25  Pavel Tisnovsky  <ptisnovs at redhat.com>
+
+	* src/org/RhinoTests/ScriptEngineFactoryClassTest.java:
+	Three new tests added into ScriptEngineFactoryClassTest.
+
 2014-03-24  Pavel Tisnovsky  <ptisnovs at redhat.com>
 
 	* src/org/RhinoTests/ScriptExceptionClassTest.java:
diff -r a925ed2c4086 -r 4aec4c1b2a37 src/org/RhinoTests/ScriptEngineFactoryClassTest.java
--- a/src/org/RhinoTests/ScriptEngineFactoryClassTest.java	Mon Mar 24 11:13:09 2014 +0100
+++ b/src/org/RhinoTests/ScriptEngineFactoryClassTest.java	Tue Mar 25 09:43:42 2014 +0100
@@ -1859,6 +1859,27 @@
     }
 
     /**
+     * Test for method javax.script.ScriptEngineFactory.getClass().getResourceNPETest()
+     */
+    protected void testGetResourceNPETest() {
+        try {
+            Object resource = this.scriptEngineFactoryClass.getResource(null);
+            throw new AssertionError("NullPointerException expected!");
+        }
+        catch (NullPointerException e) {
+            //This is OK OK
+        }
+    }
+
+    /**
+     * Test for method javax.script.ScriptEngineFactory.getClass().getResourceNegativeTest()
+     */
+    protected void testGetResourceNegativeTest() {
+        Object resource = this.scriptEngineFactoryClass.getResource("unknown");
+        assertNull(resource, "getResource() does not return null");
+    }
+
+    /**
      * Test for method javax.script.ScriptEngineFactory.getClass().getResourceAsStreamNegativeTest()
      */
     protected void testGetResourceAsStreamNegativeTest() {
@@ -1918,6 +1939,25 @@
         stream = this.scriptEngineFactoryClass.getResourceAsStream("/org/RhinoTests/SimpleScriptContextTest.class");
         assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/SimpleScriptContextTest.class\") returns null");
     }
+
+    /**
+     * Test for method javax.script.ScriptEngineFactory.getClass().getResourceAsStreamPositiveTest()
+     */
+    protected void testGetResourceAsStreamPositiveTest() {
+        Object stream;
+        stream = this.scriptEngineFactoryClass.getResourceAsStream("/org/RhinoTests/AbstractScriptEngineClassTest.class");
+        assertNotNull(stream, "getResourceAsStream(\"/org/RhinoTests/AbstractScriptEngineClassTest.class\") returns null");
+    }
+
+    /**
+     * Test for method javax.script.ScriptEngineFactory.getClass().toString()
+     */
+    protected void testToString() {
+        String asString;
+        asString = this.scriptEngineFactoryClass.toString();
+        assertEquals("interface javax.script.ScriptEngineFactory", asString, "wrong toString() return value");
+    }
+
     /**
      * Test for instanceof operator applied to a class javax.script.ScriptEngineFactory
      */
@@ -1942,4 +1982,3 @@
         new ScriptEngineFactoryClassTest().doTests(args);
     }
 }
-

From jvanek at redhat.com  Tue Mar 25 09:30:46 2014
From: jvanek at redhat.com (Jiri Vanek)
Date: Tue, 25 Mar 2014 10:30:46 +0100
Subject: [rfc][icedtea-web][policyeditor] Reflection and Exec permissions
In-Reply-To: <53309014.8040801@redhat.com>
References: <53309014.8040801@redhat.com>
Message-ID: <53314CC6.8020901@redhat.com>

On 03/24/2014 09:05 PM, Andrew Azores wrote:
> Hi,
>
> This patch just adds Reflection and Exec permission options to PolicyEditor.
>
> Thanks,
>

Looks good. Just not sure if it is enough:

eg:
java.lang.NullPointerException
	at geogebra.i.x.a(Unknown Source)
	at geogebra.gui.a.a.a(Unknown Source)
	at geogebra.gui.a.a.a(Unknown Source)
	at geogebra.GeoGebra.a(Unknown Source)
	at geogebra.GeoGebra.a(Unknown Source)
	at geogebra.GeoGebra.main(Unknown Source)
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.lang.reflect.Method.invoke(Method.java:616)
	at net.sourceforge.jnlp.Launcher.launchApplication(Launcher.java:571)
	at net.sourceforge.jnlp.Launcher$TgThread.run(Launcher.java:911)

I think he class for name is not allowed by your permission.
For exec - are supported both runtimelexec and process builder?

J.

From jvanek at redhat.com  Tue Mar 25 09:40:10 2014
From: jvanek at redhat.com (Jiri Vanek)
Date: Tue, 25 Mar 2014 10:40:10 +0100
Subject: [rfc][icedtea-web] Temporary permissions
In-Reply-To: <53307400.60801@redhat.com>
References: <53305587.9080208@redhat.com> <53305AC0.9060509@redhat.com>
	<53307400.60801@redhat.com>
Message-ID: <53314EFA.2060201@redhat.com>

Generally ok, except one important nit:

  final JMenuItem noCmdExec = new JMenuItem(R("STempPermNoExec"));
+        noCmdExec.addActionListener(new TemporaryPermissionsListener(
+                Permissions.READ_LOCAL_FILES, Permissions.WRITE_LOCAL_FILES,
+                Permissions.READ_TMP_FILES, Permissions.WRITE_TMP_FILES,
+                Permissions.READ_PROPERTIES, Permissions.WRITE_PROPERTIES,
+                Permissions.CLIPBOARD_ACCESS, Permissions.PLAY_AUDIO,
+                Permissions.PRINT_DOCUMENTS, Permissions.JAVA_REFLECTION,
+                Permissions.NETWORK_ACCESS));
+        policyMenu.add(noCmdExec);

And similar:
  are - duplicated.


You can push, as similar evil is already done.

However refactoring, asn asap changeset is needed.

the ||| advanced settings button will be encapsulated, so non of its code is duplicated.
You can have your own "extends jbutton" hwhich will do all this logic. And you add jsut insntance of this button to the panes.

Also all the :
new TemporaryPermissionsListener(
+                Permissions.READ_LOCAL_FILES, Permissions.WRITE_LOCAL_FILES,
+                Permissions.READ_TMP_FILES, Permissions.WRITE_TMP_FILES,
+                Permissions.READ_PROPERTIES, Permissions.WRITE_PROPERTIES,
+                Permissions.CLIPBOARD_ACCESS, Permissions.PLAY_AUDIO,
+                Permissions.PRINT_DOCUMENTS, Permissions.JAVA_REFLECTION,
+                Permissions.NETWORK_ACCESS));
+        policyMenu.add(noCmdExec);

should be encapsualted.  Those permissionListeners may be stored in some static class as static constantsand just used as singletons. or not?
If not then they can be provided by some factory methods. But not spred in gui code like this.

Yes, just code celaning, but how it is now, i do not look nicely.

Sorry for troubles:(
   J.




On 03/24/2014 07:05 PM, Andrew Azores wrote:
> On 03/24/2014 12:18 PM, Jiri Vanek wrote:
>> On 03/24/2014 04:55 PM, Andrew Azores wrote:
>>> Hi,
>>>
>>> This patch adds new menu items to the new popup menu where PolicyEditor can be launched. These new
>>> items make it possible to run the current applet sandboxed, but with some additional permissions
>>> added, without having to actually launch PolicyEditor and configure the permissions. These
>>> permissions are also temporary, as opposed to making a custom policy, which persists until you
>>> remove the policy.
>>>
>>> Right now the permission set defined is just the sum of the permissions PolicyEditor can grant via
>>> its checkboxes, and the two options added are No File Access and No Network Access, which are just
>>> that full set minus a few. I'd appreciate input on what other temporary permission options could be
>>> made available.
>>
>> Only Sound
>> Only clipboard
>>
>> ? .. jsut ideas :)
>>
>> Generally I would like to have combinations, which allows to me most of freedom, but protectme aginst gratest evils
>> - fiel accees
>> - network
>> - system.exec and simialr calls (yaaaaaaah!!)
>>
>> and ege sets of above
>> - no fiel accees nor networl
>> - network nor system exec
>> - system.exec nor fileacces
>> - non of those three
>>
>> ....
>> agian - jsut ideas....
>
> Okay, added a bunch like this, including Reflection as we discussed on IRC, and Runtime.exec which is actually FilePermission with execute action apparently (makes sense).
>
>>
>>>
>>> Anyone have ideas on making the popup menu disappear nicely, rather than adding a setVisible call on
>>> it to every action listener we have? And I suppose it should also be forced to disappear when the
>>> dialog is disposed as well. What's the best practice for that?
>>
>> You can try lostfocus (it is actually window inside) or on MouseExited). Each have its pross and cons...
>>
>
> Didn't end up using either, but problem is solved anyway using the show() method rather than setVisible(), I think.

Yes  - may be.

From jvanek at redhat.com  Tue Mar 25 09:47:30 2014
From: jvanek at redhat.com (Jiri Vanek)
Date: Tue, 25 Mar 2014 10:47:30 +0100
Subject: [rfc][icedtea-web][policyeditor] Modal PolicyEditor
In-Reply-To: <533097F8.9090509@redhat.com>
References: <53305AD0.4020601@redhat.com> <53305BDD.9010204@redhat.com>
	<533097F8.9090509@redhat.com>
Message-ID: <533150B2.8030008@redhat.com>

Nearly perfect ;)

On 03/24/2014 09:39 PM, Andrew Azores wrote:
> On 03/24/2014 12:22 PM, Jiri Vanek wrote:
...
>>
>> jsut noted:
>> * Comments will *not* be preserved when PolicyEditor next saves to the
>>
>> Is it really so hard to store the comments for future save?
>
> PolicyEditor doesn't even properly parse policy files sometimes, depending on the way the comments are written :) once that's sorted out then being able to store the comments in their own model as well should not be too hard.
>

Sure. it was jsut undelrine hint

<snip>
> -            }
> -        });
> +    public static class PolicyEditorFrame extends JFrame {
> +        public final PolicyEditor editor;
> +
> +        public PolicyEditorFrame(final PolicyEditor editor) {

I doubt this will be ever used - please do it private.
> +            super();
> +            this.editor = editor;
> +            add(editor);
> +            this.pack();
> +            editor.setVisible(true);
> +            this.setJMenuBar(createMenuBar(this, editor));
> +
> +            setTitle(R("PETitle"));
> +
> +            setDefaultCloseOperation(WindowConstants.DISPOSE_ON_CLOSE);
> +
> +            addWindowListener(new WindowAdapter() {
> +                @Override
> +                public void windowClosing(final WindowEvent e) {
> +                    editor.quit();
> +                    dispose();
> +                }
> +            });
> +
> +            editor.closeButton.addActionListener(new ActionListener() {
> +                @Override
> +                public void actionPerformed(final ActionEvent e) {
> +                    dispose();
> +                }
> +            });
> +        }
> +    }
> +
> +    public static PolicyEditorFrame getPolicyEditorFrame(final String filepath) {
> +        return new PolicyEditorFrame(new PolicyEditor(filepath));
> +    }
> +

Tehre is really a lot of shared code in this two "methods".

PolicyEditorFrame and PolicyEditorDialog.

They both have general ancestor -Window. All the operations behind super() call may be done in generalised ancestor.

> +    public static class PolicyEditorDialog extends JDialog {
> +        public final PolicyEditor editor;
> +
> +        public PolicyEditorDialog(final PolicyEditor editor)
I doubt this will be ever used - please do it private.
  {
> +            super();
> +            this.editor = editor;
> +            add(editor);
> +            this.pack();
> +            this.setJMenuBar(createMenuBar(this, editor));
> +
> +            editor.setVisible(true);
> +
> +            setTitle(R("PETitle"));
> +
> +            setDefaultCloseOperation(WindowConstants.DISPOSE_ON_CLOSE);
> +
> +            addWindowListener(new WindowAdapter() {
> +                @Override
> +                public void windowClosing(final WindowEvent e) {
> +                    editor.quit();
> +                    dispose();
> +                }
> +            });
> +
> +            editor.closeButton.addActionListener(new ActionListener() {
> +                @Override
> +                public void actionPerformed(final ActionEvent e) {
> +                    dispose();
> +                }
> +            });
> +        }
> +    }
> +
> +    public static PolicyEditorDialog getPolicyEditorDialog(final String filepath) {
> +        return new PolicyEditorDialog(new PolicyEditor(filepath));
>       }
>
>       private void setClosed() {
> @@ -370,9 +435,8 @@ public class PolicyEditor extends JFrame
>        */
>       private void setAccelerator(final int trigger, final int modifiers, final Action action, final String identifier) {
>           final KeyStroke key = KeyStroke.getKeyStroke(trigger, modifiers);
> -        final JRootPane root = getRootPane();
> -        root.getInputMap(JComponent.WHEN_IN_FOCUSED_WINDOW).put(key, identifier);
> -        root.getActionMap().put(identifier, action);
> +        this.getInputMap(JComponent.WHEN_IN_FOCUSED_WINDOW).put(key, identifier);
> +        this.getActionMap().put(identifier, action);
>       }
>
>       /**
> @@ -454,7 +518,6 @@ public class PolicyEditor extends JFrame
>           }
>           weakThis.clear();
>           setClosed();
> -        dispose();
>       }
>
>       /**
> @@ -649,7 +712,7 @@ public class PolicyEditor extends JFrame
>        * @param component the component for which to set a mnemonic
>        * @param mnemonic the mnemonic to set
>        */
> -    private void setComponentMnemonic(final AbstractButton component, final String mnemonic) {
> +    private static void setComponentMnemonic(final AbstractButton component, final String mnemonic) {
>           final int trig;
>           try {
>               trig = Integer.parseInt(mnemonic);
> @@ -660,45 +723,61 @@ public class PolicyEditor extends JFrame
>           component.setMnemonic(trig);
>       }
>
> -    /**
> -     * Lay out all controls, tooltips, etc.
> -     */
> -    private void setupLayout() {
> +    private static JMenuBar createMenuBar(final Window window, final PolicyEditor editor) {
> +        final JMenuBar menuBar = new JMenuBar();
> +
>           final JMenu fileMenu = new JMenu(R("PEFileMenu"));
>           setComponentMnemonic(fileMenu, R("PEFileMenuMnemonic"));
> +
>           final JMenuItem openItem = new JMenuItem(R("PEOpenMenuItem"));
>           setComponentMnemonic(openItem, R("PEOpenMenuItemMnemonic"));
>           openItem.setAccelerator(KeyStroke.getKeyStroke(openItem.getMnemonic(), ActionEvent.CTRL_MASK));
> -        openItem.addActionListener(openButtonAction);
> +        openItem.addActionListener(editor.openButtonAction);
>           fileMenu.add(openItem);
> +
>           final JMenuItem saveItem = new JMenuItem(R("PESaveMenuItem"));
>           setComponentMnemonic(saveItem, R("PESaveMenuItemMnemonic"));
>           saveItem.setAccelerator(KeyStroke.getKeyStroke(saveItem.getMnemonic(), ActionEvent.CTRL_MASK));
> -        saveItem.addActionListener(okButtonAction);
> +        saveItem.addActionListener(editor.okButtonAction);
>           fileMenu.add(saveItem);
> +
>           final JMenuItem saveAsItem = new JMenuItem(R("PESaveAsMenuItem"));
>           setComponentMnemonic(saveAsItem, R("PESaveAsMenuItemMnemonic"));
>           saveAsItem.setAccelerator(KeyStroke.getKeyStroke(saveAsItem.getMnemonic(), ActionEvent.CTRL_MASK));
> -        saveAsItem.addActionListener(saveAsButtonAction);
> +        saveAsItem.addActionListener(editor.saveAsButtonAction);
>           fileMenu.add(saveAsItem);
> +
>           final JMenuItem exitItem = new JMenuItem(R("PEExitMenuItem"));
>           setComponentMnemonic(exitItem, R("PEExitMenuItemMnemonic"));
>           exitItem.setAccelerator(KeyStroke.getKeyStroke(exitItem.getMnemonic(), ActionEvent.CTRL_MASK));
> -        exitItem.addActionListener(closeButtonAction);
> +        exitItem.addActionListener(editor.closeButtonAction);
> +        exitItem.addActionListener(new ActionListener() {
> +            @Override
> +            public void actionPerformed(final ActionEvent e) {
> +                window.dispose();
> +            }
> +        });
>           fileMenu.add(exitItem);
>           menuBar.add(fileMenu);
>
>           final JMenu viewMenu = new JMenu(R("PEViewMenu"));
>           setComponentMnemonic(viewMenu, R("PEViewMenuMnemonic"));
> +
>           final JMenuItem customPermissionsItem = new JMenuItem(R("PECustomPermissionsItem"));
>           setComponentMnemonic(customPermissionsItem, R("PECustomPermissionsItemMnemonic"));
>           customPermissionsItem.setAccelerator(KeyStroke.getKeyStroke(customPermissionsItem.getMnemonic(), ActionEvent.ALT_MASK));
> -        customPermissionsItem.addActionListener(viewCustomButtonAction);
> +        customPermissionsItem.addActionListener(editor.viewCustomButtonAction);
>
>           viewMenu.add(customPermissionsItem);
>           menuBar.add(viewMenu);
> -        this.setJMenuBar(menuBar);
>
> +        return menuBar;
> +    }
> +
> +    /**
> +     * Lay out all controls, tooltips, etc.
> +     */
> +    private void setupLayout() {
>           final JLabel checkboxLabel = new JLabel();
>           checkboxLabel.setText(R("PECheckboxLabel"));
>           checkboxLabel.setBorder(new EmptyBorder(2, 2, 2, 2));
> @@ -796,7 +875,6 @@ public class PolicyEditor extends JFrame
>           add(closeButton, cancelButtonConstraints);
>
>           setMinimumSize(getPreferredSize());
> -        pack();
>       }
>
>       /**
> @@ -1098,12 +1176,12 @@ public class PolicyEditor extends JFrame
>                       // maybe the user just forgot the -file flag, so try to open anyway
>                       filepath = args[0];
>                   }
> -                final PolicyEditor editor = new PolicyEditor(filepath);
> -                editor.setVisible(true);
> +                final PolicyEditorFrame frame = getPolicyEditorFrame(filepath);
> +                frame.setVisible(true);
>                   final String codebaseStr = argsMap.get(CODEBASE_FLAG);
>                   if (codebaseStr != null) {
>                       final String[] urls = codebaseStr.split(" ");
> -                    editor.addNewCodebases(urls);
> +                    frame.editor.addNewCodebases(urls);
>                   }
>               }
>           });
> diff --git a/netx/net/sourceforge/jnlp/util/FileUtils.java b/netx/net/sourceforge/jnlp/util/FileUtils.java
> --- a/netx/net/sourceforge/jnlp/util/FileUtils.java
> +++ b/netx/net/sourceforge/jnlp/util/FileUtils.java
> @@ -18,6 +18,7 @@ package net.sourceforge.jnlp.util;
>
>   import static net.sourceforge.jnlp.runtime.Translator.R;
>
> +import java.awt.Component;
>   import java.io.BufferedReader;
>   import java.io.BufferedWriter;
>   import java.io.File;
> @@ -30,7 +31,6 @@ import java.io.InputStreamReader;
>   import java.io.OutputStreamWriter;
>   import java.io.RandomAccessFile;
>   import java.io.Writer;
> -import java.nio.ByteBuffer;
>   import java.nio.channels.FileChannel;
>   import java.nio.channels.FileLock;
>   import java.security.DigestInputStream;
> @@ -347,7 +347,7 @@ public final class FileUtils {
>        * Show a dialog informing the user that the file is currently read-only
>        * @param frame a {@link JFrame} to act as parent to this dialog
>        */
> -    public static void showReadOnlyDialog(final JFrame frame) {
> +    public static void showReadOnlyDialog(final Component frame) {
>           SwingUtilities.invokeLater(new Runnable() {
>               @Override
>               public void run() {
> @@ -361,7 +361,7 @@ public final class FileUtils {
>        * @param frame a {@link JFrame} to act as parent to this dialog
>        * @param filePath a {@link String} representing the path to the file we failed to open
>        */
> -    public static void showCouldNotOpenFilepathDialog(final JFrame frame, final String filePath) {
> +    public static void showCouldNotOpenFilepathDialog(final Component frame, final String filePath) {
Window will be much more suitable then Component n thsoe calls.

>           showCouldNotOpenDialog(frame, R("RCantOpenFile", filePath));
>       }
>
> @@ -371,7 +371,7 @@ public final class FileUtils {
>        * @param filePath a {@link String} representing the path to the file we failed to open
>        * @param reason a {@link OpenFileResult} specifying more precisely why we failed to open the file
>        */
> -    public static void showCouldNotOpenFileDialog(final JFrame frame, final String filePath, final OpenFileResult reason) {
> +    public static void showCouldNotOpenFileDialog(final Component frame, final String filePath, final OpenFileResult reason) {
>           final String message;
>           switch (reason) {
>               case CANT_CREATE:
> @@ -396,7 +396,7 @@ public final class FileUtils {
>        * @param filePath a {@link String} representing the path to the file we failed to open
>        * @param message a {@link String} giving the specific reason the file could not be opened
>        */
> -    public static void showCouldNotOpenDialog(final JFrame frame, final String message) {
> +    public static void showCouldNotOpenDialog(final Component frame, final String message) {
>           SwingUtilities.invokeLater(new Runnable() {
>               @Override
>               public void run() {

After thsoe clean up. it will be ready to go.

Thanx!

J.

From bugzilla-daemon at icedtea.classpath.org  Tue Mar 25 12:44:58 2014
From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org)
Date: Tue, 25 Mar 2014 12:44:58 +0000
Subject: [Bug 1722] New: Intermittent JVM crash at
	sun.security.krb5.KrbException.equals(Ljava/lang/Object;)
Message-ID: <bug-1722-30@http.icedtea.classpath.org/bugzilla/>

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1722

            Bug ID: 1722
           Summary: Intermittent JVM crash at
                    sun.security.krb5.KrbException.equals(Ljava/lang/Objec
                    t;)
           Product: IcedTea
           Version: unspecified
          Hardware: x86_64
                OS: Linux
            Status: NEW
          Severity: enhancement
          Priority: P5
         Component: IcedTea
          Assignee: gnu.andrew at redhat.com
          Reporter: dpospisi at redhat.com
                CC: unassigned at icedtea.classpath.org

Created attachment 1058
  --> http://icedtea.classpath.org/bugzilla/attachment.cgi?id=1058&action=edit
JVM crash log

I am getting intermittent crash while executing
sun.security.krb5.KrbException.equals(Ljava/lang/Object;).

Steps to reproduce:

git clone git at github.com:dpospisil/jboss-eap.git
cd jboss-eap
git checkout 6.x.ldap
mvn clean install -DskipTests
cd testsuite/integration/basic
mvn clean install -DskipTests
mvn test -Dtest=SPNEGOLoginModuleTestCase

Environment:

Linux version 3.13.6-200.fc20.x86_64 (mockbuild at bkernel02) (gcc version 4.8.2
20131212 (Red Hat 4.8.2-7) (GCC) ) #1 SMP Fri Mar 7 17:02:28 UTC 2014

java -version
java version "1.7.0_51"
OpenJDK Runtime Environment (fedora-2.4.5.1.fc20-x86_64 u51-b31)
OpenJDK 64-Bit Server VM (build 24.51-b03, mixed mode)

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140325/e508f9e6/attachment.html>

From bugzilla-daemon at icedtea.classpath.org  Tue Mar 25 14:00:24 2014
From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org)
Date: Tue, 25 Mar 2014 14:00:24 +0000
Subject: [Bug 1722] Intermittent JVM crash at
	sun.security.krb5.KrbException.equals(Ljava/lang/Object;)
In-Reply-To: <bug-1722-30@http.icedtea.classpath.org/bugzilla/>
References: <bug-1722-30@http.icedtea.classpath.org/bugzilla/>
Message-ID: <bug-1722-30-MmvmDUNgod@http.icedtea.classpath.org/bugzilla/>

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1722

--- Comment #1 from Dominik Pospisil <dpospisi at redhat.com> ---
Could not be reproduxed with -Xint

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140325/bcad2c5b/attachment.html>

From aazores at redhat.com  Tue Mar 25 14:06:11 2014
From: aazores at redhat.com (Andrew Azores)
Date: Tue, 25 Mar 2014 10:06:11 -0400
Subject: [rfc][icedtea-web][policyeditor] Modal PolicyEditor
In-Reply-To: <533150B2.8030008@redhat.com>
References: <53305AD0.4020601@redhat.com> <53305BDD.9010204@redhat.com>
	<533097F8.9090509@redhat.com> <533150B2.8030008@redhat.com>
Message-ID: <53318D53.3070502@redhat.com>

On 03/25/2014 05:47 AM, Jiri Vanek wrote:
> Nearly perfect ;)
>
> On 03/24/2014 09:39 PM, Andrew Azores wrote:
>> On 03/24/2014 12:22 PM, Jiri Vanek wrote:
> ...
>>>
>>> jsut noted:
>>> * Comments will *not* be preserved when PolicyEditor next saves to the
>>>
>>> Is it really so hard to store the comments for future save?
>>
>> PolicyEditor doesn't even properly parse policy files sometimes, 
>> depending on the way the comments are written :) once that's sorted 
>> out then being able to store the comments in their own model as well 
>> should not be too hard.
>>
>
> Sure. it was jsut undelrine hint
>
> <snip>
>> -            }
>> -        });
>> +    public static class PolicyEditorFrame extends JFrame {
>> +        public final PolicyEditor editor;
>> +
>> +        public PolicyEditorFrame(final PolicyEditor editor) {
>
> I doubt this will be ever used - please do it private.

Private, but return the specialized PolicyEditorFrame type anyway from 
the public getters? Seems a bit odd. I'm not just returning 
JFrame/JDialog because then there's no easy way to get the actual 
PolicyEditor instance out of it, to do things like programmatically add 
codebases. I did have to give the PolicyEditor a reference to its parent 
frame/dialog in this revision, but I'd rather not use this as a way to 
hold the reference to the frame/dialog and have eg the security dialogs 
access the frame/dialog through the editor's reference. That just seems 
upside down and backward.

>> +            super();
>> +            this.editor = editor;
>> +            add(editor);
>> +            this.pack();
>> +            editor.setVisible(true);
>> +            this.setJMenuBar(createMenuBar(this, editor));
>> +
>> +            setTitle(R("PETitle"));
>> +
>> + setDefaultCloseOperation(WindowConstants.DISPOSE_ON_CLOSE);
>> +
>> +            addWindowListener(new WindowAdapter() {
>> +                @Override
>> +                public void windowClosing(final WindowEvent e) {
>> +                    editor.quit();
>> +                    dispose();
>> +                }
>> +            });
>> +
>> +            editor.closeButton.addActionListener(new ActionListener() {
>> +                @Override
>> +                public void actionPerformed(final ActionEvent e) {
>> +                    dispose();
>> +                }
>> +            });
>> +        }
>> +    }
>> +
>> +    public static PolicyEditorFrame getPolicyEditorFrame(final 
>> String filepath) {
>> +        return new PolicyEditorFrame(new PolicyEditor(filepath));
>> +    }
>> +
>
> Tehre is really a lot of shared code in this two "methods".
>
> PolicyEditorFrame and PolicyEditorDialog.
>
> They both have general ancestor -Window. All the operations behind 
> super() call may be done in generalised ancestor.

Window doesn't have setTitle, or setJMenuBar, or setDefaultCloseOperation...

>
>> +    public static class PolicyEditorDialog extends JDialog {
>> +        public final PolicyEditor editor;
>> +
>> +        public PolicyEditorDialog(final PolicyEditor editor)
> I doubt this will be ever used - please do it private.
>  {
>> +            super();
>> +            this.editor = editor;
>> +            add(editor);
>> +            this.pack();
>> +            this.setJMenuBar(createMenuBar(this, editor));
>> +
>> +            editor.setVisible(true);
>> +
>> +            setTitle(R("PETitle"));
>> +
>> + setDefaultCloseOperation(WindowConstants.DISPOSE_ON_CLOSE);
>> +
>> +            addWindowListener(new WindowAdapter() {
>> +                @Override
>> +                public void windowClosing(final WindowEvent e) {
>> +                    editor.quit();
>> +                    dispose();
>> +                }
>> +            });
>> +
>> +            editor.closeButton.addActionListener(new ActionListener() {
>> +                @Override
>> +                public void actionPerformed(final ActionEvent e) {
>> +                    dispose();
>> +                }
>> +            });
>> +        }
>> +    }
>> +
>> +    public static PolicyEditorDialog getPolicyEditorDialog(final 
>> String filepath) {
>> +        return new PolicyEditorDialog(new PolicyEditor(filepath));
>>       }
>>
>>       private void setClosed() {
>> @@ -370,9 +435,8 @@ public class PolicyEditor extends JFrame
>>        */
>>       private void setAccelerator(final int trigger, final int 
>> modifiers, final Action action, final String identifier) {
>>           final KeyStroke key = KeyStroke.getKeyStroke(trigger, 
>> modifiers);
>> -        final JRootPane root = getRootPane();
>> - root.getInputMap(JComponent.WHEN_IN_FOCUSED_WINDOW).put(key, 
>> identifier);
>> -        root.getActionMap().put(identifier, action);
>> + this.getInputMap(JComponent.WHEN_IN_FOCUSED_WINDOW).put(key, 
>> identifier);
>> +        this.getActionMap().put(identifier, action);
>>       }
>>
>>       /**
>> @@ -454,7 +518,6 @@ public class PolicyEditor extends JFrame
>>           }
>>           weakThis.clear();
>>           setClosed();
>> -        dispose();
>>       }
>>
>>       /**
>> @@ -649,7 +712,7 @@ public class PolicyEditor extends JFrame
>>        * @param component the component for which to set a mnemonic
>>        * @param mnemonic the mnemonic to set
>>        */
>> -    private void setComponentMnemonic(final AbstractButton 
>> component, final String mnemonic) {
>> +    private static void setComponentMnemonic(final AbstractButton 
>> component, final String mnemonic) {
>>           final int trig;
>>           try {
>>               trig = Integer.parseInt(mnemonic);
>> @@ -660,45 +723,61 @@ public class PolicyEditor extends JFrame
>>           component.setMnemonic(trig);
>>       }
>>
>> -    /**
>> -     * Lay out all controls, tooltips, etc.
>> -     */
>> -    private void setupLayout() {
>> +    private static JMenuBar createMenuBar(final Window window, final 
>> PolicyEditor editor) {
>> +        final JMenuBar menuBar = new JMenuBar();
>> +
>>           final JMenu fileMenu = new JMenu(R("PEFileMenu"));
>>           setComponentMnemonic(fileMenu, R("PEFileMenuMnemonic"));
>> +
>>           final JMenuItem openItem = new JMenuItem(R("PEOpenMenuItem"));
>>           setComponentMnemonic(openItem, R("PEOpenMenuItemMnemonic"));
>> openItem.setAccelerator(KeyStroke.getKeyStroke(openItem.getMnemonic(), ActionEvent.CTRL_MASK)); 
>>
>> -        openItem.addActionListener(openButtonAction);
>> +        openItem.addActionListener(editor.openButtonAction);
>>           fileMenu.add(openItem);
>> +
>>           final JMenuItem saveItem = new JMenuItem(R("PESaveMenuItem"));
>>           setComponentMnemonic(saveItem, R("PESaveMenuItemMnemonic"));
>> saveItem.setAccelerator(KeyStroke.getKeyStroke(saveItem.getMnemonic(), ActionEvent.CTRL_MASK)); 
>>
>> -        saveItem.addActionListener(okButtonAction);
>> +        saveItem.addActionListener(editor.okButtonAction);
>>           fileMenu.add(saveItem);
>> +
>>           final JMenuItem saveAsItem = new 
>> JMenuItem(R("PESaveAsMenuItem"));
>>           setComponentMnemonic(saveAsItem, 
>> R("PESaveAsMenuItemMnemonic"));
>> saveAsItem.setAccelerator(KeyStroke.getKeyStroke(saveAsItem.getMnemonic(), 
>> ActionEvent.CTRL_MASK));
>> -        saveAsItem.addActionListener(saveAsButtonAction);
>> + saveAsItem.addActionListener(editor.saveAsButtonAction);
>>           fileMenu.add(saveAsItem);
>> +
>>           final JMenuItem exitItem = new JMenuItem(R("PEExitMenuItem"));
>>           setComponentMnemonic(exitItem, R("PEExitMenuItemMnemonic"));
>> exitItem.setAccelerator(KeyStroke.getKeyStroke(exitItem.getMnemonic(), ActionEvent.CTRL_MASK)); 
>>
>> -        exitItem.addActionListener(closeButtonAction);
>> +        exitItem.addActionListener(editor.closeButtonAction);
>> +        exitItem.addActionListener(new ActionListener() {
>> +            @Override
>> +            public void actionPerformed(final ActionEvent e) {
>> +                window.dispose();
>> +            }
>> +        });
>>           fileMenu.add(exitItem);
>>           menuBar.add(fileMenu);
>>
>>           final JMenu viewMenu = new JMenu(R("PEViewMenu"));
>>           setComponentMnemonic(viewMenu, R("PEViewMenuMnemonic"));
>> +
>>           final JMenuItem customPermissionsItem = new 
>> JMenuItem(R("PECustomPermissionsItem"));
>>           setComponentMnemonic(customPermissionsItem, 
>> R("PECustomPermissionsItemMnemonic"));
>> customPermissionsItem.setAccelerator(KeyStroke.getKeyStroke(customPermissionsItem.getMnemonic(), 
>> ActionEvent.ALT_MASK));
>> - customPermissionsItem.addActionListener(viewCustomButtonAction);
>> + 
>> customPermissionsItem.addActionListener(editor.viewCustomButtonAction);
>>
>>           viewMenu.add(customPermissionsItem);
>>           menuBar.add(viewMenu);
>> -        this.setJMenuBar(menuBar);
>>
>> +        return menuBar;
>> +    }
>> +
>> +    /**
>> +     * Lay out all controls, tooltips, etc.
>> +     */
>> +    private void setupLayout() {
>>           final JLabel checkboxLabel = new JLabel();
>>           checkboxLabel.setText(R("PECheckboxLabel"));
>>           checkboxLabel.setBorder(new EmptyBorder(2, 2, 2, 2));
>> @@ -796,7 +875,6 @@ public class PolicyEditor extends JFrame
>>           add(closeButton, cancelButtonConstraints);
>>
>>           setMinimumSize(getPreferredSize());
>> -        pack();
>>       }
>>
>>       /**
>> @@ -1098,12 +1176,12 @@ public class PolicyEditor extends JFrame
>>                       // maybe the user just forgot the -file flag, 
>> so try to open anyway
>>                       filepath = args[0];
>>                   }
>> -                final PolicyEditor editor = new PolicyEditor(filepath);
>> -                editor.setVisible(true);
>> +                final PolicyEditorFrame frame = 
>> getPolicyEditorFrame(filepath);
>> +                frame.setVisible(true);
>>                   final String codebaseStr = argsMap.get(CODEBASE_FLAG);
>>                   if (codebaseStr != null) {
>>                       final String[] urls = codebaseStr.split(" ");
>> -                    editor.addNewCodebases(urls);
>> +                    frame.editor.addNewCodebases(urls);
>>                   }
>>               }
>>           });
>> diff --git a/netx/net/sourceforge/jnlp/util/FileUtils.java 
>> b/netx/net/sourceforge/jnlp/util/FileUtils.java
>> --- a/netx/net/sourceforge/jnlp/util/FileUtils.java
>> +++ b/netx/net/sourceforge/jnlp/util/FileUtils.java
>> @@ -18,6 +18,7 @@ package net.sourceforge.jnlp.util;
>>
>>   import static net.sourceforge.jnlp.runtime.Translator.R;
>>
>> +import java.awt.Component;
>>   import java.io.BufferedReader;
>>   import java.io.BufferedWriter;
>>   import java.io.File;
>> @@ -30,7 +31,6 @@ import java.io.InputStreamReader;
>>   import java.io.OutputStreamWriter;
>>   import java.io.RandomAccessFile;
>>   import java.io.Writer;
>> -import java.nio.ByteBuffer;
>>   import java.nio.channels.FileChannel;
>>   import java.nio.channels.FileLock;
>>   import java.security.DigestInputStream;
>> @@ -347,7 +347,7 @@ public final class FileUtils {
>>        * Show a dialog informing the user that the file is currently 
>> read-only
>>        * @param frame a {@link JFrame} to act as parent to this dialog
>>        */
>> -    public static void showReadOnlyDialog(final JFrame frame) {
>> +    public static void showReadOnlyDialog(final Component frame) {
>>           SwingUtilities.invokeLater(new Runnable() {
>>               @Override
>>               public void run() {
>> @@ -361,7 +361,7 @@ public final class FileUtils {
>>        * @param frame a {@link JFrame} to act as parent to this dialog
>>        * @param filePath a {@link String} representing the path to 
>> the file we failed to open
>>        */
>> -    public static void showCouldNotOpenFilepathDialog(final JFrame 
>> frame, final String filePath) {
>> +    public static void showCouldNotOpenFilepathDialog(final 
>> Component frame, final String filePath) {
> Window will be much more suitable then Component n thsoe calls.

Okay, fixed.

>
>>           showCouldNotOpenDialog(frame, R("RCantOpenFile", filePath));
>>       }
>>
>> @@ -371,7 +371,7 @@ public final class FileUtils {
>>        * @param filePath a {@link String} representing the path to 
>> the file we failed to open
>>        * @param reason a {@link OpenFileResult} specifying more 
>> precisely why we failed to open the file
>>        */
>> -    public static void showCouldNotOpenFileDialog(final JFrame 
>> frame, final String filePath, final OpenFileResult reason) {
>> +    public static void showCouldNotOpenFileDialog(final Component 
>> frame, final String filePath, final OpenFileResult reason) {
>>           final String message;
>>           switch (reason) {
>>               case CANT_CREATE:
>> @@ -396,7 +396,7 @@ public final class FileUtils {
>>        * @param filePath a {@link String} representing the path to 
>> the file we failed to open
>>        * @param message a {@link String} giving the specific reason 
>> the file could not be opened
>>        */
>> -    public static void showCouldNotOpenDialog(final JFrame frame, 
>> final String message) {
>> +    public static void showCouldNotOpenDialog(final Component frame, 
>> final String message) {
>>           SwingUtilities.invokeLater(new Runnable() {
>>               @Override
>>               public void run() {
>
> After thsoe clean up. it will be ready to go.
>
> Thanx!
>
> J.

And sorry for the noise in this patch as well, but I noticed that 
somehow it became mixed tabs+spaces, so I just did a :retab along with 
the actual work.

Also fixed in this patch: Custom Policy Viewer is not frozen due to its 
parent PolicyEditor's modality.

Thanks,

-- 
Andrew A

-------------- next part --------------
A non-text attachment was scrubbed...
Name: modal-policyeditor-3.patch
Type: text/x-patch
Size: 22656 bytes
Desc: not available
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140325/fc13a268/modal-policyeditor-3-0001.patch>

From aazores at redhat.com  Tue Mar 25 13:39:03 2014
From: aazores at redhat.com (Andrew Azores)
Date: Tue, 25 Mar 2014 09:39:03 -0400
Subject: [rfc][icedtea-web][policyeditor] Reflection and Exec permissions
In-Reply-To: <53314CC6.8020901@redhat.com>
References: <53309014.8040801@redhat.com> <53314CC6.8020901@redhat.com>
Message-ID: <533186F7.2040109@redhat.com>

On 03/25/2014 05:30 AM, Jiri Vanek wrote:
> On 03/24/2014 09:05 PM, Andrew Azores wrote:
>> Hi,
>>
>> This patch just adds Reflection and Exec permission options to 
>> PolicyEditor.
>>
>> Thanks,
>>
>
> Looks good. Just not sure if it is enough:
>
> eg:
> java.lang.NullPointerException
>     at geogebra.i.x.a(Unknown Source)
>     at geogebra.gui.a.a.a(Unknown Source)
>     at geogebra.gui.a.a.a(Unknown Source)
>     at geogebra.GeoGebra.a(Unknown Source)
>     at geogebra.GeoGebra.a(Unknown Source)
>     at geogebra.GeoGebra.main(Unknown Source)
>     at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
>     at 
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
>     at 
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
>     at java.lang.reflect.Method.invoke(Method.java:616)
>     at net.sourceforge.jnlp.Launcher.launchApplication(Launcher.java:571)
>     at net.sourceforge.jnlp.Launcher$TgThread.run(Launcher.java:911)
>
> I think he class for name is not allowed by your permission.

Aha! Thanks for catching this. [0] suggests there's only one permission 
needed for reflection, but [1] proves otherwise (and makes sense).

[0] 
http://docs.oracle.com/javase/7/docs/api/java/lang/reflect/ReflectPermission.html
[1] 
http://docs.oracle.com/javase/7/docs/api/java/lang/Class.html#forName%28java.lang.String,%20boolean,%20java.lang.ClassLoader%29

> For exec - are supported both runtimelexec and process builder?

According to the documentation, they both go through 
SecurityManager#checkExec, which checks for "execute" action on the 
given file. So if granting <<ALL FILES>> as the target, it should allow 
executing anything (which sounds so, so scary - but that's why this is 
optional! :) )

>
> J.


New patch adds the ClassLoader permission, as well as a bunch of others 
I figured might as well be added because they're likely to be needed in 
conjunction with it and each other. PolicyEditor doesn't really have a 
way to make a single checkbox handle multiple permissions, at least not 
right now, so the Reflection stuff is split up into four different 
permissions basically, but I think that's probably actually better 
anyway. It's just a little more cluttered looking. Maybe a future 
enhancement would be to add labels separating the checkboxes into groups 
eg File Access, Java Reflection, System Utility?

Thanks,

-- 
Andrew A

-------------- next part --------------
A non-text attachment was scrubbed...
Name: policyeditor-reflection-exec-2.patch
Type: text/x-patch
Size: 7586 bytes
Desc: not available
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140325/bbcf5c1f/policyeditor-reflection-exec-2.patch>

From andrew at icedtea.classpath.org  Tue Mar 25 15:37:59 2014
From: andrew at icedtea.classpath.org (andrew at icedtea.classpath.org)
Date: Tue, 25 Mar 2014 15:37:59 +0000
Subject: /hg/release/icedtea7-2.3: S8035893: JVM_GetVersionInfo fails to ...
Message-ID: <hg.2413c19a0afe.1395761879.5789328834432805219@icedtea.classpath.org>

changeset 2413c19a0afe in /hg/release/icedtea7-2.3
details: http://icedtea.classpath.org/hg/release/icedtea7-2.3?cmd=changeset;node=2413c19a0afe
author: Andrew John Hughes <gnu_andrew at member.fsf.org>
date: Tue Mar 25 15:37:38 2014 +0000

	S8035893: JVM_GetVersionInfo fails to zero structure

	2014-03-24  Andrew John Hughes  <gnu.andrew at member.fsf.org>

		* NEWS: Updated.
		* hotspot.map: Bring in S8035893 backport.


diffstat:

 ChangeLog   |  5 +++++
 NEWS        |  1 +
 hotspot.map |  2 +-
 3 files changed, 7 insertions(+), 1 deletions(-)

diffs (30 lines):

diff -r 65e24999d804 -r 2413c19a0afe ChangeLog
--- a/ChangeLog	Mon Mar 24 16:09:19 2014 +0000
+++ b/ChangeLog	Tue Mar 25 15:37:38 2014 +0000
@@ -1,3 +1,8 @@
+2014-03-24  Andrew John Hughes  <gnu.andrew at member.fsf.org>
+
+	* NEWS: Updated.
+	* hotspot.map: Bring in S8035893 backport.
+
 2014-03-24  Andrew John Hughes  <gnu.andrew at member.fsf.org>
 
 	* patches/revert-7017193.patch:
diff -r 65e24999d804 -r 2413c19a0afe NEWS
--- a/NEWS	Mon Mar 24 16:09:19 2014 +0000
+++ b/NEWS	Tue Mar 25 15:37:38 2014 +0000
@@ -50,6 +50,7 @@
   - S8028453: AsynchronousSocketChannel.connect() requires SocketPermission due to bind to local address (win)
   - S8028823: java/net/Makefile tabs converted to spaces
   - S8029038: Revise fix for XML readers share the same entity expansion counter
+  - S8035893: JVM_GetVersionInfo fails to zero structure
 * Bug fixes
   - Fix broken bootstrap build by updating ecj-multicatch.patch
   - PR1654: ppc32 needs a larger ThreadStackSize to build
diff -r 65e24999d804 -r 2413c19a0afe hotspot.map
--- a/hotspot.map	Mon Mar 24 16:09:19 2014 +0000
+++ b/hotspot.map	Tue Mar 25 15:37:38 2014 +0000
@@ -1,2 +1,2 @@
 # version url changeset sha256sum
-default http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/hotspot 9747f83d7a38 afc6b4e85ee0673da8effe4ba6eaba4a8f1edcc80d0c557f35157d970cb2e601
+default http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/hotspot 72a544aeb892 f3985b6d39d6c516ccc78d45105818fc7f22d5646da047ac39116cebc7e9467f

From bugzilla-daemon at icedtea.classpath.org  Tue Mar 25 17:37:01 2014
From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org)
Date: Tue, 25 Mar 2014 17:37:01 +0000
Subject: [Bug 1205] Plugin crashes with java.lang.NullPointerException with
	AUSkey software
In-Reply-To: <bug-1205-30@http.icedtea.classpath.org/bugzilla/>
References: <bug-1205-30@http.icedtea.classpath.org/bugzilla/>
Message-ID: <bug-1205-30-TKDIB5R1G3@http.icedtea.classpath.org/bugzilla/>

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1205

Andrew Azores <aazores at redhat.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |RESOLVED
         Resolution|---                         |FIXED

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140325/1cb28d33/attachment.html>

From bugzilla-daemon at icedtea.classpath.org  Tue Mar 25 17:43:52 2014
From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org)
Date: Tue, 25 Mar 2014 17:43:52 +0000
Subject: [Bug 1721] Error reported on applet cancellation
In-Reply-To: <bug-1721-30@http.icedtea.classpath.org/bugzilla/>
References: <bug-1721-30@http.icedtea.classpath.org/bugzilla/>
Message-ID: <bug-1721-30-8aDHa0XGWV@http.icedtea.classpath.org/bugzilla/>

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1721

Andrew Azores <aazores at redhat.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |RESOLVED
         Resolution|---                         |DUPLICATE

--- Comment #1 from Andrew Azores <aazores at redhat.com> ---
Yes, when you cancel an applet, a LaunchException is thrown on purpose - this
is just how we handle stopping the process of launching. If you look at the
first exception in the stacktrace, it says "Fatal: Launch Error: Canceled on
user request."

1515 is essentially the same thing, but from a different dialog, and so with a
different explanation message for cancellation ("applet was unsigned but was
not trusted" is trying to say that the user didn't trust the unsigned applet
when asked, so it wasn't run).

Perhaps we should be looking for these specific "user-cancellation"
LaunchExceptions and not printing them in a way they can be mistaken for actual
failures, but this seems low priority. Marking as a duplicate of 1515.

*** This bug has been marked as a duplicate of bug 1515 ***

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140325/3c4f389d/attachment.html>

From bugzilla-daemon at icedtea.classpath.org  Tue Mar 25 17:43:52 2014
From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org)
Date: Tue, 25 Mar 2014 17:43:52 +0000
Subject: [Bug 1515] An unecessary net.sourceforge.jnlp.LaunchException is
	reported when clicking on Cancel
In-Reply-To: <bug-1515-30@http.icedtea.classpath.org/bugzilla/>
References: <bug-1515-30@http.icedtea.classpath.org/bugzilla/>
Message-ID: <bug-1515-30-jyH44Sr3Rr@http.icedtea.classpath.org/bugzilla/>

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1515

Andrew Azores <aazores at redhat.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |jpsinthemix at verizon.net

--- Comment #1 from Andrew Azores <aazores at redhat.com> ---
*** Bug 1721 has been marked as a duplicate of this bug. ***

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140325/c552c01a/attachment-0001.html>

From bugzilla-daemon at icedtea.classpath.org  Tue Mar 25 17:49:54 2014
From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org)
Date: Tue, 25 Mar 2014 17:49:54 +0000
Subject: [Bug 1687] Failure of plugin in connecting to WebEx on a Fedora 20
	64-bit plus Firefox 27
In-Reply-To: <bug-1687-30@http.icedtea.classpath.org/bugzilla/>
References: <bug-1687-30@http.icedtea.classpath.org/bugzilla/>
Message-ID: <bug-1687-30-juoBdd8art@http.icedtea.classpath.org/bugzilla/>

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1687

Andrew Azores <aazores at redhat.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |RESOLVED
         Resolution|---                         |WORKSFORME

--- Comment #6 from Andrew Azores <aazores at redhat.com> ---
(In reply to Andrew Azores from comment #5)
> (In reply to Harish Pillay from comment #3)
> > I just tested it on another site:
> > http://stilllistener.addr.com/checkpoint1/Java/ and the 2nd Java applet on
> > that page (towards the bottom) failed as well and the stack trace is:
> > 
> > IcedTea-Web Plugin version: 1.4.2 (fedora-0.fc20-x86_64)
> > Sat Mar 01 06:26:53 SGT 2014
> > java.lang.NullPointerException
> > 	at net.sourceforge.jnlp.NetxPanel.runLoader(NetxPanel.java:116)
> > 	at sun.applet.AppletPanel.run(AppletPanel.java:380)
> > 	at java.lang.Thread.run(Thread.java:744)
> 
> This happens occasionally, it's an intermittent problem unrelated to your
> original bug report.
> 
> I'm still unable to determine what's causing the failure for you and one
> other person here who I asked. It works fine for myself and most other
> users. Is there anything you did in particular to come across this error?
> Does the WebEx test page at [1] work for you?
> 
> [1] http://www.webex.com/test-meeting.html

Actually, this NullPointerException appears to not be the one I was thinking
of. I don't know what the problem is there exactly - I've never seen this occur
elsewhere, and it's strange that an InterruptedException is so repeatable.

I still can't reproduce the WebEx failure, but it does sound very plausible
that it's simply due to selinux, as the linked posted earlier suggests.
Closing.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140325/c291399b/attachment.html>

From aazores at redhat.com  Tue Mar 25 17:34:30 2014
From: aazores at redhat.com (Andrew Azores)
Date: Tue, 25 Mar 2014 13:34:30 -0400
Subject: [rfc][icedtea-web] Temporary permissions
In-Reply-To: <53314EFA.2060201@redhat.com>
References: <53305587.9080208@redhat.com> <53305AC0.9060509@redhat.com>
	<53307400.60801@redhat.com> <53314EFA.2060201@redhat.com>
Message-ID: <5331BE26.5060802@redhat.com>

On 03/25/2014 05:40 AM, Jiri Vanek wrote:
> Generally ok, except one important nit:
>
>  final JMenuItem noCmdExec = new JMenuItem(R("STempPermNoExec"));
> +        noCmdExec.addActionListener(new TemporaryPermissionsListener(
> +                Permissions.READ_LOCAL_FILES, 
> Permissions.WRITE_LOCAL_FILES,
> +                Permissions.READ_TMP_FILES, Permissions.WRITE_TMP_FILES,
> +                Permissions.READ_PROPERTIES, 
> Permissions.WRITE_PROPERTIES,
> +                Permissions.CLIPBOARD_ACCESS, Permissions.PLAY_AUDIO,
> +                Permissions.PRINT_DOCUMENTS, 
> Permissions.JAVA_REFLECTION,
> +                Permissions.NETWORK_ACCESS));
> +        policyMenu.add(noCmdExec);
>
> And similar:
>  are - duplicated.
>
>
> You can push, as similar evil is already done.
>
> However refactoring, asn asap changeset is needed.
>
> the ||| advanced settings button will be encapsulated, so non of its 
> code is duplicated.
> You can have your own "extends jbutton" hwhich will do all this logic. 
> And you add jsut insntance of this button to the panes.
>
> Also all the :
> new TemporaryPermissionsListener(
> +                Permissions.READ_LOCAL_FILES, 
> Permissions.WRITE_LOCAL_FILES,
> +                Permissions.READ_TMP_FILES, Permissions.WRITE_TMP_FILES,
> +                Permissions.READ_PROPERTIES, 
> Permissions.WRITE_PROPERTIES,
> +                Permissions.CLIPBOARD_ACCESS, Permissions.PLAY_AUDIO,
> +                Permissions.PRINT_DOCUMENTS, 
> Permissions.JAVA_REFLECTION,
> +                Permissions.NETWORK_ACCESS));
> +        policyMenu.add(noCmdExec);
>
> should be encapsualted.  Those permissionListeners may be stored in 
> some static class as static constantsand just used as singletons. or not?
> If not then they can be provided by some factory methods. But not 
> spred in gui code like this.
>
> Yes, just code celaning, but how it is now, i do not look nicely.
>
> Sorry for troubles:(
>   J.
>

You're right, it was getting very messy, and the code for the 
button/menu stuff definitely should have been shared.

So now, behold the monster you've asked for... ! :D

1) Button is pulled out into its own class and used in the two dialogs
2) Popup menu is actually even simpler to make appear now (less futzing 
with position on screen)
3) !! PolicyEditorPermissions are reused. It's some slightly scary 
reflection with a bit of regex sprinkled in, but it works perfect.
3b) Some of the temp permissions have been removed because 
PolicyEditorPermissions don't yet have the right counterparts. But 
there's another patch I sent earlier that adds all of those permissions 
as well, so then they can be added in quite quickly here after
4) Temp permission types and menu entries are much much cleaner to define

Thanks,

-- 
Andrew A

-------------- next part --------------
A non-text attachment was scrubbed...
Name: temporary-permissions-2.patch
Type: text/x-patch
Size: 36009 bytes
Desc: not available
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140325/7014a204/temporary-permissions-2-0001.patch>

From bugzilla-daemon at icedtea.classpath.org  Tue Mar 25 18:15:21 2014
From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org)
Date: Tue, 25 Mar 2014 18:15:21 +0000
Subject: [Bug 1723] New: JRE 6.1.12.7 crash when running Eclipse 4.2.1-r1
Message-ID: <bug-1723-30@http.icedtea.classpath.org/bugzilla/>

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1723

            Bug ID: 1723
           Summary: JRE 6.1.12.7 crash when running Eclipse 4.2.1-r1
           Product: IcedTea
           Version: 6-1.1
          Hardware: x86_64
                OS: Linux
            Status: NEW
          Severity: critical
          Priority: P5
         Component: IcedTea
          Assignee: gnu.andrew at redhat.com
          Reporter: rrosmanov at gmail.com
                CC: unassigned at icedtea.classpath.org

Created attachment 1059
  --> http://icedtea.classpath.org/bugzilla/attachment.cgi?id=1059&action=edit
sigsegv info

OS: Gentoo

Eclipse package:
[I] dev-util/eclipse-sdk-bin [1]
     Available versions:  (4.2) ~4.2.0 ~4.2.1 (~)4.2.1-r1
     Installed versions:  4.2.1-r1(4.2)(07:10:39 PM 03/23/2014)
     Homepage:            http://www.eclipse.org
     Description:         Eclipse SDK

Installed from the java overlay.

IcedTea package:
[I] dev-java/icedtea-bin
     Available versions:  
     (6)    6.1.12.7^s
     (7)    ~7.2.4.3^s
       {+X +alsa cjk +cups doc examples nsplugin source}
     Installed versions:  6.1.12.7(6)^s(12:25:12 AM 03/21/2014)(X alsa cups
nsplugin -cjk -doc -examples -source)
     Homepage:            http://icedtea.classpath.org
     Description:         A Gentoo-made binary build of the IcedTea JDK

Steps to reproduce:
1. Launch eclipse in terminal:
eclipse-bin-4.2

2. Open a Java file and make a few clicks on the code

This results in a crash:

#
# A fatal error has been detected by the Java Runtime Environment:
#
#  SIGSEGV (0xb) at pc=0x00007f4be6b23d71, pid=5984, tid=139966811485952
#
# JRE version: 6.0_27-b27
# Java VM: OpenJDK 64-Bit Server VM (20.0-b12 mixed mode linux-amd64 compressed
oops)
# Derivative: IcedTea6 1.12.7
# Distribution: Built on NAME=Gentoo (Sun Dec  8 16:00:44 CET 2013)
# Problematic frame:
# C  [libsoup-2.4.so.1+0x72d71]  soup_session_feature_detach+0x11
#
# An error report file with more information is saved as:
# /var/www/s3/hs_err_pid5984.log
#
# If you would like to submit a bug report, please include
# instructions how to reproduce the bug and visit:
#   http://icedtea.classpath.org/bugzilla
# The crash happened outside the Java Virtual Machine in native code.
# See problematic frame for where to report the bug.
#

The file is attached

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140325/b7d970e3/attachment.html>

From jvanek at redhat.com  Tue Mar 25 18:57:48 2014
From: jvanek at redhat.com (Jiri Vanek)
Date: Tue, 25 Mar 2014 19:57:48 +0100
Subject: [rfc][icedtea-web][policyeditor] Reflection and Exec permissions
In-Reply-To: <533186F7.2040109@redhat.com>
References: <53309014.8040801@redhat.com> <53314CC6.8020901@redhat.com>
	<533186F7.2040109@redhat.com>
Message-ID: <5331D1AC.7060109@redhat.com>

On 03/25/2014 02:39 PM, Andrew Azores wrote:
> On 03/25/2014 05:30 AM, Jiri Vanek wrote:
>> On 03/24/2014 09:05 PM, Andrew Azores wrote:
>>> Hi,
>>>
>>> This patch just adds Reflection and Exec permission options to PolicyEditor.
>>>
>>> Thanks,
>>>
>>
>> Looks good. Just not sure if it is enough:
>>
>> eg:
>> java.lang.NullPointerException
>> at geogebra.i.x.a(Unknown Source)
>> at geogebra.gui.a.a.a(Unknown Source)
>> at geogebra.gui.a.a.a(Unknown Source)
>> at geogebra.GeoGebra.a(Unknown Source)
>> at geogebra.GeoGebra.a(Unknown Source)
>> at geogebra.GeoGebra.main(Unknown Source)
>> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
>> at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
>> at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
>> at java.lang.reflect.Method.invoke(Method.java:616)
>> at net.sourceforge.jnlp.Launcher.launchApplication(Launcher.java:571)
>> at net.sourceforge.jnlp.Launcher$TgThread.run(Launcher.java:911)
>>
>> I think he class for name is not allowed by your permission.
>
> Aha! Thanks for catching this. [0] suggests there's only one permission needed for reflection, but [1] proves otherwise (and makes sense).
>

Hmm still the same exception. It is geogebra which is causing this.

> [0] http://docs.oracle.com/javase/7/docs/api/java/lang/reflect/ReflectPermission.html
> [1] http://docs.oracle.com/javase/7/docs/api/java/lang/Class.html#forName%28java.lang.String,%20boolean,%20java.lang.ClassLoader%29
>
>> For exec - are supported both runtimelexec and process builder?
>
> According to the documentation, they both go through SecurityManager#checkExec, which checks for "execute" action on the given file. So if granting <<ALL FILES>> as the target, it should allow executing anything (which sounds so, so scary - but that's why this is optional! :) )
hmhmh.. No granularity needed in policy editor level imho. Just allow all.
>
>>
>> J.
>
>
> New patch adds the ClassLoader permission, as well as a bunch of others I figured might as well be added because they're likely to be needed in conjunction with it and each other. PolicyEditor doesn't really have a way to make a single checkbox handle multiple permissions, at least not right now, so the Reflection stuff is split up into four different permissions basically, but I think that's probably actually better anyway. It's just a little more cluttered looking. Maybe a future enhancement would be to add labels separating the checkboxes into groups eg File Access, Java Reflection, System Utility?

This should be fixed. Eg all checkboxes from family of "allow unowned code execution" should be gathered under one :((

Not needed to do now, but later 100% needed fix.
>
> Thanks,
>


From jvanek at redhat.com  Tue Mar 25 19:07:27 2014
From: jvanek at redhat.com (Jiri Vanek)
Date: Tue, 25 Mar 2014 20:07:27 +0100
Subject: [rfc][icedtea-web][policyeditor] Modal PolicyEditor
In-Reply-To: <53318D53.3070502@redhat.com>
References: <53305AD0.4020601@redhat.com> <53305BDD.9010204@redhat.com>
	<533097F8.9090509@redhat.com> <533150B2.8030008@redhat.com>
	<53318D53.3070502@redhat.com>
Message-ID: <5331D3EF.7080407@redhat.com>



On 03/25/2014 03:06 PM, Andrew Azores wrote:
> On 03/25/2014 05:47 AM, Jiri Vanek wrote:
>> Nearly perfect ;)
>>
>> On 03/24/2014 09:39 PM, Andrew Azores wrote:
>>> On 03/24/2014 12:22 PM, Jiri Vanek wrote:
>> ...
>>>>
>>>> jsut noted:
>>>> * Comments will *not* be preserved when PolicyEditor next saves to the
>>>>
>>>> Is it really so hard to store the comments for future save?
>>>
>>> PolicyEditor doesn't even properly parse policy files sometimes, depending on the way the comments are written :) once that's sorted out then being able to store the comments in their own model as well should not be too hard.
>>>
>>
>> Sure. it was jsut undelrine hint
>>
>> <snip>
>>> - }
>>> - });
>>> + public static class PolicyEditorFrame extends JFrame {
>>> + public final PolicyEditor editor;
>>> +
>>> + public PolicyEditorFrame(final PolicyEditor editor) {
>>
>> I doubt this will be ever used - please do it private.
>
> Private, but return the specialized PolicyEditorFrame type anyway from the public getters? Seems a bit odd. I'm not just returning JFrame/JDialog because then there's no easy way to get the actual PolicyEditor instance out of it, to do things like programmatically add codebases. I did have to give the PolicyEditor a reference to its parent frame/dialog in this revision, but I'd rather not use this as a way to hold the reference to the frame/dialog and have eg the security dialogs access the frame/dialog through the editor's reference. That just seems upside down and backward.


I must insists. Please do both "do the actuall work" constructors (public PolicyEditorFrame(final PolicyEditor editor) and   public PolicyEditorDialog(final PolicyEditor editor) )private.


>
>>> + super();
>>> + this.editor = editor;
>>> + add(editor);
>>> + this.pack();
>>> + editor.setVisible(true);
>>> + this.setJMenuBar(createMenuBar(this, editor));
>>> +
>>> + setTitle(R("PETitle"));
>>> +
>>> + setDefaultCloseOperation(WindowConstants.DISPOSE_ON_CLOSE);
>>> +
>>> + addWindowListener(new WindowAdapter() {
>>> + @Override
>>> + public void windowClosing(final WindowEvent e) {
>>> + editor.quit();
>>> + dispose();
>>> + }
>>> + });
>>> +
>>> + editor.closeButton.addActionListener(new ActionListener() {
>>> + @Override
>>> + public void actionPerformed(final ActionEvent e) {
>>> + dispose();
>>> + }
>>> + });
>>> + }
>>> + }
>>> +
>>> + public static PolicyEditorFrame getPolicyEditorFrame(final String filepath) {
>>> + return new PolicyEditorFrame(new PolicyEditor(filepath));
>>> + }
>>> +
>>
>> Tehre is really a lot of shared code in this two "methods".
>>
>> PolicyEditorFrame and PolicyEditorDialog.
>>
>> They both have general ancestor -Window. All the operations behind super() call may be done in generalised ancestor.
>
> Window doesn't have setTitle, or setJMenuBar, or setDefaultCloseOperation...
hmm.. I was found with patns down it seams.... The java.awt.Window really do not have it?? Strange...
Anyway - there is really to much duplicate code. Please


nvm - the duplicate code is really awwefull:

+           this.editor = editor;
    private artificial forefather?
+            add(editor);
+            this.pack();

window

   editor.setVisible(true);
+
+            setTitle(R("PETitle"));
+

this is stupid :)

+            setDefaultCloseOperation(WindowConstants.DISPOSE_ON_CLOSE);
+
this too:-/

Maybe add interfcae for this? :D feel free to elaborate as you wish.

+            addWindowListener(new WindowAdapter() {
+                @Override
+                public void windowClosing(final WindowEvent e) {
+                    editor.quit();
+                    dispose();
+                }
+            });
+
+            editor.closeButton.addActionListener(new ActionListener() {
+                @Override
+                public void actionPerformed(final ActionEvent e) {
+                    dispose();
+                }
+            });

thso eshould be in Window or comon artifical forefather  too.


>
>>
>>> + public static class PolicyEditorDialog extends JDialog {
>>> + public final PolicyEditor editor;
>>> +
>>> + public PolicyEditorDialog(final PolicyEditor editor)
>> I doubt this will be ever used - please do it private.
>> {
>>> + super();
>>> + this.editor = editor;
>>> + add(editor);
>>> + this.pack();
>>> + this.setJMenuBar(createMenuBar(this, editor));
>>> +
>>> + editor.setVisible(true);
>>> +
>>> + setTitle(R("PETitle"));
>>> +
>>> + setDefaultCloseOperation(WindowConstants.DISPOSE_ON_CLOSE);
>>> +
>>> + addWindowListener(new WindowAdapter() {
>>> + @Override
>>> + public void windowClosing(final WindowEvent e) {
>>> + editor.quit();
>>> + dispose();
>>> + }
>>> + });
>>> +
>>> + editor.closeButton.addActionListener(new ActionListener() {
>>> + @Override
>>> + public void actionPerformed(final ActionEvent e) {
>>> + dispose();
>>> + }
>>> + });
>>> + }
>>> + }
>>> +
>>> + public static PolicyEditorDialog getPolicyEditorDialog(final String filepath) {
>>> + return new PolicyEditorDialog(new PolicyEditor(filepath));
>>> }
>>>
>>> private void setClosed() {
>>> @@ -370,9 +435,8 @@ public class PolicyEditor extends JFrame
>>> */
>>> private void setAccelerator(final int trigger, final int modifiers, final Action action, final String identifier) {
>>> final KeyStroke key = KeyStroke.getKeyStroke(trigger, modifiers);
>>> - final JRootPane root = getRootPane();
>>> - root.getInputMap(JComponent.WHEN_IN_FOCUSED_WINDOW).put(key, identifier);
>>> - root.getActionMap().put(identifier, action);
>>> + this.getInputMap(JComponent.WHEN_IN_FOCUSED_WINDOW).put(key, identifier);
>>> + this.getActionMap().put(identifier, action);
>>> }
>>>
>>> /**
>>> @@ -454,7 +518,6 @@ public class PolicyEditor extends JFrame
>>> }
>>> weakThis.clear();
>>> setClosed();
>>> - dispose();
>>> }
>>>
>>> /**
>>> @@ -649,7 +712,7 @@ public class PolicyEditor extends JFrame
>>> * @param component the component for which to set a mnemonic
>>> * @param mnemonic the mnemonic to set
>>> */
>>> - private void setComponentMnemonic(final AbstractButton component, final String mnemonic) {
>>> + private static void setComponentMnemonic(final AbstractButton component, final String mnemonic) {
>>> final int trig;
>>> try {
>>> trig = Integer.parseInt(mnemonic);
>>> @@ -660,45 +723,61 @@ public class PolicyEditor extends JFrame
>>> component.setMnemonic(trig);
>>> }
>>>
>>> - /**
>>> - * Lay out all controls, tooltips, etc.
>>> - */
>>> - private void setupLayout() {
>>> + private static JMenuBar createMenuBar(final Window window, final PolicyEditor editor) {
>>> + final JMenuBar menuBar = new JMenuBar();
>>> +
>>> final JMenu fileMenu = new JMenu(R("PEFileMenu"));
>>> setComponentMnemonic(fileMenu, R("PEFileMenuMnemonic"));
>>> +
>>> final JMenuItem openItem = new JMenuItem(R("PEOpenMenuItem"));
>>> setComponentMnemonic(openItem, R("PEOpenMenuItemMnemonic"));
>>> openItem.setAccelerator(KeyStroke.getKeyStroke(openItem.getMnemonic(), ActionEvent.CTRL_MASK));
>>> - openItem.addActionListener(openButtonAction);
>>> + openItem.addActionListener(editor.openButtonAction);
>>> fileMenu.add(openItem);
>>> +
>>> final JMenuItem saveItem = new JMenuItem(R("PESaveMenuItem"));
>>> setComponentMnemonic(saveItem, R("PESaveMenuItemMnemonic"));
>>> saveItem.setAccelerator(KeyStroke.getKeyStroke(saveItem.getMnemonic(), ActionEvent.CTRL_MASK));
>>> - saveItem.addActionListener(okButtonAction);
>>> + saveItem.addActionListener(editor.okButtonAction);
>>> fileMenu.add(saveItem);
>>> +
>>> final JMenuItem saveAsItem = new JMenuItem(R("PESaveAsMenuItem"));
>>> setComponentMnemonic(saveAsItem, R("PESaveAsMenuItemMnemonic"));
>>> saveAsItem.setAccelerator(KeyStroke.getKeyStroke(saveAsItem.getMnemonic(), ActionEvent.CTRL_MASK));
>>> - saveAsItem.addActionListener(saveAsButtonAction);
>>> + saveAsItem.addActionListener(editor.saveAsButtonAction);
>>> fileMenu.add(saveAsItem);
>>> +
>>> final JMenuItem exitItem = new JMenuItem(R("PEExitMenuItem"));
>>> setComponentMnemonic(exitItem, R("PEExitMenuItemMnemonic"));
>>> exitItem.setAccelerator(KeyStroke.getKeyStroke(exitItem.getMnemonic(), ActionEvent.CTRL_MASK));
>>> - exitItem.addActionListener(closeButtonAction);
>>> + exitItem.addActionListener(editor.closeButtonAction);
>>> + exitItem.addActionListener(new ActionListener() {
>>> + @Override
>>> + public void actionPerformed(final ActionEvent e) {
>>> + window.dispose();
>>> + }
>>> + });
>>> fileMenu.add(exitItem);
>>> menuBar.add(fileMenu);
>>>
>>> final JMenu viewMenu = new JMenu(R("PEViewMenu"));
>>> setComponentMnemonic(viewMenu, R("PEViewMenuMnemonic"));
>>> +
>>> final JMenuItem customPermissionsItem = new JMenuItem(R("PECustomPermissionsItem"));
>>> setComponentMnemonic(customPermissionsItem, R("PECustomPermissionsItemMnemonic"));
>>> customPermissionsItem.setAccelerator(KeyStroke.getKeyStroke(customPermissionsItem.getMnemonic(), ActionEvent.ALT_MASK));
>>> - customPermissionsItem.addActionListener(viewCustomButtonAction);
>>> + customPermissionsItem.addActionListener(editor.viewCustomButtonAction);
>>>
>>> viewMenu.add(customPermissionsItem);
>>> menuBar.add(viewMenu);
>>> - this.setJMenuBar(menuBar);
>>>
>>> + return menuBar;
>>> + }
>>> +
>>> + /**
>>> + * Lay out all controls, tooltips, etc.
>>> + */
>>> + private void setupLayout() {
>>> final JLabel checkboxLabel = new JLabel();
>>> checkboxLabel.setText(R("PECheckboxLabel"));
>>> checkboxLabel.setBorder(new EmptyBorder(2, 2, 2, 2));
>>> @@ -796,7 +875,6 @@ public class PolicyEditor extends JFrame
>>> add(closeButton, cancelButtonConstraints);
>>>
>>> setMinimumSize(getPreferredSize());
>>> - pack();
>>> }
>>>
>>> /**
>>> @@ -1098,12 +1176,12 @@ public class PolicyEditor extends JFrame
>>> // maybe the user just forgot the -file flag, so try to open anyway
>>> filepath = args[0];
>>> }
>>> - final PolicyEditor editor = new PolicyEditor(filepath);
>>> - editor.setVisible(true);
>>> + final PolicyEditorFrame frame = getPolicyEditorFrame(filepath);
>>> + frame.setVisible(true);
>>> final String codebaseStr = argsMap.get(CODEBASE_FLAG);
>>> if (codebaseStr != null) {
>>> final String[] urls = codebaseStr.split(" ");
>>> - editor.addNewCodebases(urls);
>>> + frame.editor.addNewCodebases(urls);
>>> }
>>> }
>>> });
>>> diff --git a/netx/net/sourceforge/jnlp/util/FileUtils.java b/netx/net/sourceforge/jnlp/util/FileUtils.java
>>> --- a/netx/net/sourceforge/jnlp/util/FileUtils.java
>>> +++ b/netx/net/sourceforge/jnlp/util/FileUtils.java
>>> @@ -18,6 +18,7 @@ package net.sourceforge.jnlp.util;
>>>
>>> import static net.sourceforge.jnlp.runtime.Translator.R;
>>>
>>> +import java.awt.Component;
>>> import java.io.BufferedReader;
>>> import java.io.BufferedWriter;
>>> import java.io.File;
>>> @@ -30,7 +31,6 @@ import java.io.InputStreamReader;
>>> import java.io.OutputStreamWriter;
>>> import java.io.RandomAccessFile;
>>> import java.io.Writer;
>>> -import java.nio.ByteBuffer;
>>> import java.nio.channels.FileChannel;
>>> import java.nio.channels.FileLock;
>>> import java.security.DigestInputStream;
>>> @@ -347,7 +347,7 @@ public final class FileUtils {
>>> * Show a dialog informing the user that the file is currently read-only
>>> * @param frame a {@link JFrame} to act as parent to this dialog
>>> */
>>> - public static void showReadOnlyDialog(final JFrame frame) {
>>> + public static void showReadOnlyDialog(final Component frame) {
>>> SwingUtilities.invokeLater(new Runnable() {
>>> @Override
>>> public void run() {
>>> @@ -361,7 +361,7 @@ public final class FileUtils {
>>> * @param frame a {@link JFrame} to act as parent to this dialog
>>> * @param filePath a {@link String} representing the path to the file we failed to open
>>> */
>>> - public static void showCouldNotOpenFilepathDialog(final JFrame frame, final String filePath) {
>>> + public static void showCouldNotOpenFilepathDialog(final Component frame, final String filePath) {
>> Window will be much more suitable then Component n thsoe calls.
>
> Okay, fixed.
>
>>
>>> showCouldNotOpenDialog(frame, R("RCantOpenFile", filePath));
>>> }
>>>
>>> @@ -371,7 +371,7 @@ public final class FileUtils {
>>> * @param filePath a {@link String} representing the path to the file we failed to open
>>> * @param reason a {@link OpenFileResult} specifying more precisely why we failed to open the file
>>> */
>>> - public static void showCouldNotOpenFileDialog(final JFrame frame, final String filePath, final OpenFileResult reason) {
>>> + public static void showCouldNotOpenFileDialog(final Component frame, final String filePath, final OpenFileResult reason) {
>>> final String message;
>>> switch (reason) {
>>> case CANT_CREATE:
>>> @@ -396,7 +396,7 @@ public final class FileUtils {
>>> * @param filePath a {@link String} representing the path to the file we failed to open
>>> * @param message a {@link String} giving the specific reason the file could not be opened
>>> */
>>> - public static void showCouldNotOpenDialog(final JFrame frame, final String message) {
>>> + public static void showCouldNotOpenDialog(final Component frame, final String message) {
>>> SwingUtilities.invokeLater(new Runnable() {
>>> @Override
>>> public void run() {
>>
>> After thsoe clean up. it will be ready to go.
>>
>> Thanx!
>>
>> J.
>
> And sorry for the noise in this patch as well, but I noticed that somehow it became mixed tabs+spaces, so I just did a :retab along with the actual work.
>
> Also fixed in this patch: Custom Policy Viewer is not frozen due to its parent PolicyEditor's modality.
>


NP.


Otherwise loks ok.

From jvanek at redhat.com  Tue Mar 25 19:13:04 2014
From: jvanek at redhat.com (Jiri Vanek)
Date: Tue, 25 Mar 2014 20:13:04 +0100
Subject: [rfc][icedtea-web] Temporary permissions
In-Reply-To: <5331BE26.5060802@redhat.com>
References: <53305587.9080208@redhat.com> <53305AC0.9060509@redhat.com>
	<53307400.60801@redhat.com> <53314EFA.2060201@redhat.com>
	<5331BE26.5060802@redhat.com>
Message-ID: <5331D540.3060401@redhat.com>

On 03/25/2014 06:34 PM, Andrew Azores wrote:
> On 03/25/2014 05:40 AM, Jiri Vanek wrote:
>> Generally ok, except one important nit:
>>
>> final JMenuItem noCmdExec = new JMenuItem(R("STempPermNoExec"));
>> + noCmdExec.addActionListener(new TemporaryPermissionsListener(
>> + Permissions.READ_LOCAL_FILES, Permissions.WRITE_LOCAL_FILES,
>> + Permissions.READ_TMP_FILES, Permissions.WRITE_TMP_FILES,
>> + Permissions.READ_PROPERTIES, Permissions.WRITE_PROPERTIES,
>> + Permissions.CLIPBOARD_ACCESS, Permissions.PLAY_AUDIO,
>> + Permissions.PRINT_DOCUMENTS, Permissions.JAVA_REFLECTION,
>> + Permissions.NETWORK_ACCESS));
>> + policyMenu.add(noCmdExec);
>>
>> And similar:
>> are - duplicated.
>>
>>
>> You can push, as similar evil is already done.
>>
>> However refactoring, asn asap changeset is needed.
>>
>> the ||| advanced settings button will be encapsulated, so non of its code is duplicated.
>> You can have your own "extends jbutton" hwhich will do all this logic. And you add jsut insntance of this button to the panes.
>>
>> Also all the :
>> new TemporaryPermissionsListener(
>> + Permissions.READ_LOCAL_FILES, Permissions.WRITE_LOCAL_FILES,
>> + Permissions.READ_TMP_FILES, Permissions.WRITE_TMP_FILES,
>> + Permissions.READ_PROPERTIES, Permissions.WRITE_PROPERTIES,
>> + Permissions.CLIPBOARD_ACCESS, Permissions.PLAY_AUDIO,
>> + Permissions.PRINT_DOCUMENTS, Permissions.JAVA_REFLECTION,
>> + Permissions.NETWORK_ACCESS));
>> + policyMenu.add(noCmdExec);
>>
>> should be encapsualted. Those permissionListeners may be stored in some static class as static constantsand just used as singletons. or not?
>> If not then they can be provided by some factory methods. But not spred in gui code like this.
>>
>> Yes, just code celaning, but how it is now, i do not look nicely.
>>
>> Sorry for troubles:(
>> J.
>>
>
> You're right, it was getting very messy, and the code for the button/menu stuff definitely should have been shared.
>
> So now, behold the monster you've asked for... ! :D
>
> 1) Button is pulled out into its own class and used in the two dialogs
> 2) Popup menu is actually even simpler to make appear now (less futzing with position on screen)
> 3) !! PolicyEditorPermissions are reused. It's some slightly scary reflection with a bit of regex sprinkled in, but it works perfect.
> 3b) Some of the temp permissions have been removed because PolicyEditorPermissions don't yet have the right counterparts. But there's another patch I sent earlier that adds all of those permissions as well, so then they can be added in quite quickly here after
> 4) Temp permission types and menu entries are much much cleaner to define
>


hmhmhm - just see:
+STempSoundOnly=Play audio
  it is same issue as in case of reflection. it should probably allow both recording and playing. UTwo permissions under one checkbox.

- maybe as tmp hack can serve some better grouping of checkboxes, with one main - whcih will select/unselect all underlying. By this you will have your one-permission-per-checkbox - and user will not be bored by to much on-first-glance-visible permissions. Maybe I can do thsis tomorrow? I wil enjoy it :)


+    public static Permission getPermission(final PolicyEditorPermissions editorPermission) {

arrgh thats monster..... Why reflection!!?!??! No way!!!  it is our class. Please do something public or whatever...



Otherwise it is not os monsterous :)

From omajid at redhat.com  Tue Mar 25 19:24:26 2014
From: omajid at redhat.com (Omair Majid)
Date: Tue, 25 Mar 2014 15:24:26 -0400
Subject: [rfc][icedtea-web] Temporary permissions
In-Reply-To: <5331D540.3060401@redhat.com>
References: <53305587.9080208@redhat.com> <53305AC0.9060509@redhat.com>
	<53307400.60801@redhat.com> <53314EFA.2060201@redhat.com>
	<5331BE26.5060802@redhat.com> <5331D540.3060401@redhat.com>
Message-ID: <20140325192425.GF2000@redhat.com>

* Jiri Vanek <jvanek at redhat.com> [2014-03-25 15:08]:
> +STempSoundOnly=Play audio

FYI, last I looked into this, no permissions are generally need to play
audio (even though some docs suggest permissions are needed). At least,
the default audio provider in OpenJDK did not check for this
permission. 

In fact, as far as I know, permissions are only needed to record audio.

Thanks,
Omair

-- 
PGP Key: 66484681 (http://pgp.mit.edu/)
Fingerprint = F072 555B 0A17 3957 4E95  0056 F286 F14F 6648 4681

From aazores at redhat.com  Tue Mar 25 19:28:04 2014
From: aazores at redhat.com (Andrew Azores)
Date: Tue, 25 Mar 2014 15:28:04 -0400
Subject: [rfc][icedtea-web] Temporary permissions
In-Reply-To: <5331D540.3060401@redhat.com>
References: <53305587.9080208@redhat.com> <53305AC0.9060509@redhat.com>
	<53307400.60801@redhat.com> <53314EFA.2060201@redhat.com>
	<5331BE26.5060802@redhat.com> <5331D540.3060401@redhat.com>
Message-ID: <5331D8C4.3040309@redhat.com>

On 03/25/2014 03:13 PM, Jiri Vanek wrote:
> On 03/25/2014 06:34 PM, Andrew Azores wrote:
>> On 03/25/2014 05:40 AM, Jiri Vanek wrote:
>>> Generally ok, except one important nit:
>>>
>>> final JMenuItem noCmdExec = new JMenuItem(R("STempPermNoExec"));
>>> + noCmdExec.addActionListener(new TemporaryPermissionsListener(
>>> + Permissions.READ_LOCAL_FILES, Permissions.WRITE_LOCAL_FILES,
>>> + Permissions.READ_TMP_FILES, Permissions.WRITE_TMP_FILES,
>>> + Permissions.READ_PROPERTIES, Permissions.WRITE_PROPERTIES,
>>> + Permissions.CLIPBOARD_ACCESS, Permissions.PLAY_AUDIO,
>>> + Permissions.PRINT_DOCUMENTS, Permissions.JAVA_REFLECTION,
>>> + Permissions.NETWORK_ACCESS));
>>> + policyMenu.add(noCmdExec);
>>>
>>> And similar:
>>> are - duplicated.
>>>
>>>
>>> You can push, as similar evil is already done.
>>>
>>> However refactoring, asn asap changeset is needed.
>>>
>>> the ||| advanced settings button will be encapsulated, so non of its 
>>> code is duplicated.
>>> You can have your own "extends jbutton" hwhich will do all this 
>>> logic. And you add jsut insntance of this button to the panes.
>>>
>>> Also all the :
>>> new TemporaryPermissionsListener(
>>> + Permissions.READ_LOCAL_FILES, Permissions.WRITE_LOCAL_FILES,
>>> + Permissions.READ_TMP_FILES, Permissions.WRITE_TMP_FILES,
>>> + Permissions.READ_PROPERTIES, Permissions.WRITE_PROPERTIES,
>>> + Permissions.CLIPBOARD_ACCESS, Permissions.PLAY_AUDIO,
>>> + Permissions.PRINT_DOCUMENTS, Permissions.JAVA_REFLECTION,
>>> + Permissions.NETWORK_ACCESS));
>>> + policyMenu.add(noCmdExec);
>>>
>>> should be encapsualted. Those permissionListeners may be stored in 
>>> some static class as static constantsand just used as singletons. or 
>>> not?
>>> If not then they can be provided by some factory methods. But not 
>>> spred in gui code like this.
>>>
>>> Yes, just code celaning, but how it is now, i do not look nicely.
>>>
>>> Sorry for troubles:(
>>> J.
>>>
>>
>> You're right, it was getting very messy, and the code for the 
>> button/menu stuff definitely should have been shared.
>>
>> So now, behold the monster you've asked for... ! :D
>>
>> 1) Button is pulled out into its own class and used in the two dialogs
>> 2) Popup menu is actually even simpler to make appear now (less 
>> futzing with position on screen)
>> 3) !! PolicyEditorPermissions are reused. It's some slightly scary 
>> reflection with a bit of regex sprinkled in, but it works perfect.
>> 3b) Some of the temp permissions have been removed because 
>> PolicyEditorPermissions don't yet have the right counterparts. But 
>> there's another patch I sent earlier that adds all of those 
>> permissions as well, so then they can be added in quite quickly here 
>> after
>> 4) Temp permission types and menu entries are much much cleaner to 
>> define
>>
>
>
> hmhmhm - just see:
> +STempSoundOnly=Play audio
>  it is same issue as in case of reflection. it should probably allow 
> both recording and playing. UTwo permissions under one checkbox.

Really? I can imagine many scenarios where a user is comfortable with an 
applet playing sound back but not recording it. Reflection makes sense 
to group together but I think audio should be separate.

>
> - maybe as tmp hack can serve some better grouping of checkboxes, with 
> one main - whcih will select/unselect all underlying. By this you will 
> have your one-permission-per-checkbox - and user will not be bored by 
> to much on-first-glance-visible permissions. Maybe I can do thsis 
> tomorrow? I wil enjoy it :)

Go ahead.

>
>
> +    public static Permission getPermission(final 
> PolicyEditorPermissions editorPermission) {
>
> arrgh thats monster..... Why reflection!!?!??! No way!!!  it is our 
> class. Please do something public or whatever...
>
>
>
> Otherwise it is not os monsterous :)

Well, I had to decide if I wanted to extend PolicyEditorPermissions with 
some way to convert into Permissions, or to just add this translation 
layer separately. I liked the new layer better, since 
PolicyEditorPermissions was really just intended for use within 
PolicyEditor, and in there we don't need this kind of logic. So from 
outside of the model itself, reflection was actually not a bad way to 
handle acquiring the correct kind of Permission subclass from the model 
- the alternative would have been a switch or long if/else chain, which 
would have then meant that any new PermissionTypes would have also 
needed an update to the TemporaryPermissions converter. Using reflection 
like this means that it never has to be updated if the PermissionTypes 
change. I don't think this is even that bad of a use of reflection - I 
don't think it's too hard to read, and it's not being used somewhere 
performance critical or where it will be called very frequently.

The other good option I've thought of is to add the Permission 
conversion logic to the PolicyEditorPermissions model, and move/rename 
this model so it's more suitable as something shared between 
PolicyEditor and these dialogs. The PolicyEditorPermissions could be 
constructed with a Class reference, eg RuntimePermission.class, and have 
a Permission field that is then populated by the constructor doing a bit 
less reflection. This eliminates the need for the Class.forName call, 
but makes the PolicyEditorPermission model more complicated in a way 
that I don't think it really needs to be.

Thanks,

-- 
Andrew A


From aazores at redhat.com  Tue Mar 25 19:34:41 2014
From: aazores at redhat.com (Andrew Azores)
Date: Tue, 25 Mar 2014 15:34:41 -0400
Subject: [rfc][icedtea-web][policyeditor] Reflection and Exec permissions
In-Reply-To: <5331D1AC.7060109@redhat.com>
References: <53309014.8040801@redhat.com> <53314CC6.8020901@redhat.com>
	<533186F7.2040109@redhat.com> <5331D1AC.7060109@redhat.com>
Message-ID: <5331DA51.80604@redhat.com>

On 03/25/2014 02:57 PM, Jiri Vanek wrote:
> On 03/25/2014 02:39 PM, Andrew Azores wrote:
>> On 03/25/2014 05:30 AM, Jiri Vanek wrote:
>>> On 03/24/2014 09:05 PM, Andrew Azores wrote:
>>>> Hi,
>>>>
>>>> This patch just adds Reflection and Exec permission options to 
>>>> PolicyEditor.
>>>>
>>>> Thanks,
>>>>
>>>
>>> Looks good. Just not sure if it is enough:
>>>
>>> eg:
>>> java.lang.NullPointerException
>>> at geogebra.i.x.a(Unknown Source)
>>> at geogebra.gui.a.a.a(Unknown Source)
>>> at geogebra.gui.a.a.a(Unknown Source)
>>> at geogebra.GeoGebra.a(Unknown Source)
>>> at geogebra.GeoGebra.a(Unknown Source)
>>> at geogebra.GeoGebra.main(Unknown Source)
>>> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
>>> at 
>>> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
>>> at 
>>> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
>>> at java.lang.reflect.Method.invoke(Method.java:616)
>>> at net.sourceforge.jnlp.Launcher.launchApplication(Launcher.java:571)
>>> at net.sourceforge.jnlp.Launcher$TgThread.run(Launcher.java:911)
>>>
>>> I think he class for name is not allowed by your permission.
>>
>> Aha! Thanks for catching this. [0] suggests there's only one 
>> permission needed for reflection, but [1] proves otherwise (and makes 
>> sense).
>>
>
> Hmm still the same exception. It is geogebra which is causing this.

Do you have exact reproduction steps?

>
>> [0] 
>> http://docs.oracle.com/javase/7/docs/api/java/lang/reflect/ReflectPermission.html
>> [1] 
>> http://docs.oracle.com/javase/7/docs/api/java/lang/Class.html#forName%28java.lang.String,%20boolean,%20java.lang.ClassLoader%29
>>
>>> For exec - are supported both runtimelexec and process builder?
>>
>> According to the documentation, they both go through 
>> SecurityManager#checkExec, which checks for "execute" action on the 
>> given file. So if granting <<ALL FILES>> as the target, it should 
>> allow executing anything (which sounds so, so scary - but that's why 
>> this is optional! :) )
> hmhmh.. No granularity needed in policy editor level imho. Just allow 
> all.

Yea, that's what it is now. Just FilePermission with "execute" action on 
"<<ALL FILES>>" target.

>>
>>>
>>> J.
>>
>>
>> New patch adds the ClassLoader permission, as well as a bunch of 
>> others I figured might as well be added because they're likely to be 
>> needed in conjunction with it and each other. PolicyEditor doesn't 
>> really have a way to make a single checkbox handle multiple 
>> permissions, at least not right now, so the Reflection stuff is split 
>> up into four different permissions basically, but I think that's 
>> probably actually better anyway. It's just a little more cluttered 
>> looking. Maybe a future enhancement would be to add labels separating 
>> the checkboxes into groups eg File Access, Java Reflection, System 
>> Utility?
>
> This should be fixed. Eg all checkboxes from family of "allow unowned 
> code execution" should be gathered under one :((
>
> Not needed to do now, but later 100% needed fix.
>>
>> Thanks,
>>
>

Thanks,

-- 
Andrew A


From aazores at redhat.com  Tue Mar 25 20:05:18 2014
From: aazores at redhat.com (Andrew Azores)
Date: Tue, 25 Mar 2014 16:05:18 -0400
Subject: [rfc][icedtea-web][policyeditor] Modal PolicyEditor
In-Reply-To: <5331D3EF.7080407@redhat.com>
References: <53305AD0.4020601@redhat.com> <53305BDD.9010204@redhat.com>
	<533097F8.9090509@redhat.com> <533150B2.8030008@redhat.com>
	<53318D53.3070502@redhat.com> <5331D3EF.7080407@redhat.com>
Message-ID: <5331E17E.5070302@redhat.com>

On 03/25/2014 03:07 PM, Jiri Vanek wrote:
>
>>>> - }
>>>> - });
>>>> + public static class PolicyEditorFrame extends JFrame {
>>>> + public final PolicyEditor editor;
>>>> +
>>>> + public PolicyEditorFrame(final PolicyEditor editor) {
>>>
>>> I doubt this will be ever used - please do it private.
>>
>> Private, but return the specialized PolicyEditorFrame type anyway 
>> from the public getters? Seems a bit odd. I'm not just returning 
>> JFrame/JDialog because then there's no easy way to get the actual 
>> PolicyEditor instance out of it, to do things like programmatically 
>> add codebases. I did have to give the PolicyEditor a reference to its 
>> parent frame/dialog in this revision, but I'd rather not use this as 
>> a way to hold the reference to the frame/dialog and have eg the 
>> security dialogs access the frame/dialog through the editor's 
>> reference. That just seems upside down and backward.
>
>
> I must insists. Please do both "do the actuall work" constructors 
> (public PolicyEditorFrame(final PolicyEditor editor) and   public 
> PolicyEditorDialog(final PolicyEditor editor) )private.

Okay, so then if they're private, CertWarningPane and 
PartiallySignedAppTrustWarningPanel can't use them, and will be stuck 
with only JDialog? Then how do they get to the actual PolicyEditor 
instance to do addNewCodebase?

>
>>
>>>> + super();
>>>> + this.editor = editor;
>>>> + add(editor);
>>>> + this.pack();
>>>> + editor.setVisible(true);
>>>> + this.setJMenuBar(createMenuBar(this, editor));
>>>> +
>>>> + setTitle(R("PETitle"));
>>>> +
>>>> + setDefaultCloseOperation(WindowConstants.DISPOSE_ON_CLOSE);
>>>> +
>>>> + addWindowListener(new WindowAdapter() {
>>>> + @Override
>>>> + public void windowClosing(final WindowEvent e) {
>>>> + editor.quit();
>>>> + dispose();
>>>> + }
>>>> + });
>>>> +
>>>> + editor.closeButton.addActionListener(new ActionListener() {
>>>> + @Override
>>>> + public void actionPerformed(final ActionEvent e) {
>>>> + dispose();
>>>> + }
>>>> + });
>>>> + }
>>>> + }
>>>> +
>>>> + public static PolicyEditorFrame getPolicyEditorFrame(final String 
>>>> filepath) {
>>>> + return new PolicyEditorFrame(new PolicyEditor(filepath));
>>>> + }
>>>> +
>>>
>>> Tehre is really a lot of shared code in this two "methods".
>>>
>>> PolicyEditorFrame and PolicyEditorDialog.
>>>
>>> They both have general ancestor -Window. All the operations behind 
>>> super() call may be done in generalised ancestor.
>>
>> Window doesn't have setTitle, or setJMenuBar, or 
>> setDefaultCloseOperation...
> hmm.. I was found with patns down it seams.... The java.awt.Window 
> really do not have it?? Strange...
> Anyway - there is really to much duplicate code. Please
>
>
> nvm - the duplicate code is really awwefull:
>
> +           this.editor = editor;
>    private artificial forefather?
> +            add(editor);
> +            this.pack();
>
> window
>
>   editor.setVisible(true);
> +
> +            setTitle(R("PETitle"));
> +
>
> this is stupid :)
>
> + setDefaultCloseOperation(WindowConstants.DISPOSE_ON_CLOSE);
> +
> this too:-/

Sorry but none of the above five comments are useful. I don't know what 
you want.

>
> Maybe add interfcae for this? :D feel free to elaborate as you wish.

What? An interface for what? I don't understand how adding an interface 
is going to help.

>
> +            addWindowListener(new WindowAdapter() {
> +                @Override
> +                public void windowClosing(final WindowEvent e) {
> +                    editor.quit();
> +                    dispose();
> +                }
> +            });
> +
> +            editor.closeButton.addActionListener(new ActionListener() {
> +                @Override
> +                public void actionPerformed(final ActionEvent e) {
> +                    dispose();
> +                }
> +            });
>
> thso eshould be in Window or comon artifical forefather  too.
>
>

I still don't know how I'm supposed to be subclassing Window here. It is 
missing required functionality that is implemented independently by both 
JFrame and JDialog. Yes, if I made a Window subclass, then most of the 
logic could be moved into it just fine, but some important things eg 
window title and menu bar would be missing. Then if I subclass this new 
Window subclass, I still don't have the JMenuBar, etc. I don't know what 
"artificial forefather" you're suggesting otherwise.

Anyway, the attached patch slightly reduces the amount of duplicated 
code by extracting it into a private static helper method that operates 
on Window. The only work now done in the JDialog and JFrame subclassed 
constructors are the parts that cannot be done on a Window, which 
happens to be the exact same between the two of them.

Thanks,

-- 
Andrew A

-------------- next part --------------
A non-text attachment was scrubbed...
Name: modal-policyeditor-4.patch
Type: text/x-patch
Size: 22131 bytes
Desc: not available
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140325/666e54a4/modal-policyeditor-4-0001.patch>

From aazores at redhat.com  Tue Mar 25 20:36:16 2014
From: aazores at redhat.com (Andrew Azores)
Date: Tue, 25 Mar 2014 16:36:16 -0400
Subject: [rfc][icedtea-web] Security dialogs wait for PolicyEditor to
	finish parsing
In-Reply-To: <533056E3.60201@redhat.com>
References: <53303AA3.3080109@redhat.com> <533043CB.3010506@redhat.com>
	<533044D7.8040402@redhat.com> <53304B0E.3060505@redhat.com>
	<5330536D.2030608@redhat.com> <533056E3.60201@redhat.com>
Message-ID: <5331E8C0.6030401@redhat.com>

On 03/24/2014 12:01 PM, Jiri Vanek wrote:
> On 03/24/2014 04:46 PM, Andrew Azores wrote:
>> On 03/24/2014 11:11 AM, Jiri Vanek wrote:
>>> On 03/24/2014 03:44 PM, Andrew Azores wrote:
>>>> On 03/24/2014 10:40 AM, Jiri Vanek wrote:
>>>>> On 03/24/2014 03:01 PM, Andrew Azores wrote:
>>>>>> Hi,
>>>>>>
>>>>>> PolicyEditor loads and saves policy files async, obviously. 
>>>>>> However, this means that opening a new
>>>>>> PolicyEditor instance on an existing policy file and 
>>>>>> programmatically adding a new codebase to the
>>>>>> editor does not have a well-defined order. This can be 
>>>>>> problematic because PolicyEditor
>>>>>> highlights/selects the last added codebase, so eg in the scenario 
>>>>>> where the editor is being
>>>>>> launched
>>>>>> from a security dialog, we want to be sure that the current 
>>>>>> applet's codebase is the one selected
>>>>>> when the editor appears. This patch adds a method to PolicyEditor 
>>>>>> that indicates whether the
>>>>>> editor
>>>>>> is currently reading/writing a file, and adds a loop to the two 
>>>>>> security dialogs so that the new
>>>>>> codebase is not added and the editor made visible until it 
>>>>>> completes its IO.
>>>>>>
>>>>>> Thanks,
>>>>>>
>>>>>
>>>>> Hm... I dont think this is correct approach. Why are you so 
>>>>> strongly against modal dialogue?
>>>>>
>>>>>
>>>>> J.
>>>>
>>>> I'm not... making PolicyEditor modal will come later. This patch is 
>>>> just about making sure that when
>>>> you launch PolicyEditor from a security dialog, the current 
>>>> applet's codebase is guaranteed to be
>>>> the selected one when the editor appears. This and modality are 
>>>> completely separate.
>>>>
>>>> Thanks,
>>>>
>>> uff... wouldnt be much more easy to make the load/save in sync?  I 
>>> do not see any reason why it is
>>> in new thread Thread(save/load).start() ....
>>>
>>>
>>> J.
>>
>> I really don't want to be doing it sync on the UI thread. This makes 
>> the application less
>> responsive, and is generally bad practice. Not worth the benefit of 
>> making it easier to guarantee
>> the programmatically added new codebases come after. There are better 
>> ways to do it async than
>> manually spawning a new Thread, though, yes. eg SwingWorker as you 
>> said on IRC, or Executors and
>> Runnables as I suggested. Still, these potential enhancements to the 
>> multithreading model would
>> still have the codebase ordering problem.
>
> I agree thath do it in gui thread is wrong. But I disagree with 
> current aproach and new suggested locking.
>
> Correct aporach is:
> invoke thread (swingworker)
>   disable gui or show dialog with progressbar or soem wait please
>    (so gui will be "responsoble")
> wait for thread.
>
>
> Would be correct approach.

Okay, this is an enhancement in that it uses the nice SwingWorker 
abstraction and provides a visual indicator of progress for the IO 
operation, but I don't see how it really solves the problem. If by "wait 
for thread" you mean Thread#join or similar, then we're again just 
blocking the EDT, so it won't actually be responsive until the IO is 
done. In that case we might as well just have the EDT do the IO 
directly. If we don't block the EDT and continue to let the IO complete 
async, albeit with visual progress indication and nicely abstracted, 
then there is still the problem of addNewCodebase being called 
externally and not having a well-defined order compared to the 
addNewCodebase calls made by the thread performing the IO.

>
>
> However - the polici files *are* small. So the burden of *doing it 
> IN*  AWT is imho acceptable.
>
>
> J.
>
>

Thanks,

-- 
Andrew A


From andrew at icedtea.classpath.org  Tue Mar 25 23:25:02 2014
From: andrew at icedtea.classpath.org (andrew at icedtea.classpath.org)
Date: Tue, 25 Mar 2014 23:25:02 +0000
Subject: /hg/icedtea6: Add unreleased upstream patches.
Message-ID: <hg.03d11116ab06.1395789902.2873452341184383832@icedtea.classpath.org>

changeset 03d11116ab06 in /hg/icedtea6
details: http://icedtea.classpath.org/hg/icedtea6?cmd=changeset;node=03d11116ab06
author: Andrew John Hughes <gnu.andrew at redhat.com>
date: Tue Mar 25 23:24:47 2014 +0000

	Add unreleased upstream patches.

	2014-03-25  Andrew John Hughes  <gnu.andrew at redhat.com>

		* Makefile.am:
		(UPSTREAMED_PATCHES): Add patches from unreleased upstream.
		(ICEDTEA_PATCHES): Include UPSTREAMED_PATCHES.
		* NEWS: Updated.
		* patches/openjdk/7110396-sound_code_build_fix.patch,
		* patches/openjdk/8035893-jvm_getversioninfo_zeroing.patch,
		* patches/openjdk/oj6-29-jdk_version_info_zeroing.patch:
		Add new patches from upstream.


diffstat:

 ChangeLog                                                |  16 +++++
 Makefile.am                                              |   6 ++
 NEWS                                                     |   3 +
 patches/linker-libs-order.patch                          |  44 +++++----------
 patches/openjdk/7110396-sound_code_build_fix.patch       |  22 ++++++++
 patches/openjdk/8035893-jvm_getversioninfo_zeroing.patch |  21 +++++++
 patches/openjdk/oj6-29-jdk_version_info_zeroing.patch    |  21 +++++++
 7 files changed, 105 insertions(+), 28 deletions(-)

diffs (189 lines):

diff -r 0ef5e61b1b00 -r 03d11116ab06 ChangeLog
--- a/ChangeLog	Mon Mar 24 16:53:24 2014 -0400
+++ b/ChangeLog	Tue Mar 25 23:24:47 2014 +0000
@@ -1,3 +1,19 @@
+2014-03-25  Andrew John Hughes  <gnu.andrew at redhat.com>
+
+	* Makefile.am:
+	(UPSTREAMED_PATCHES): Add patches from unreleased upstream.
+	(ICEDTEA_PATCHES): Include UPSTREAMED_PATCHES.
+	* NEWS: Updated.
+	* patches/openjdk/7110396-sound_code_build_fix.patch,
+	* patches/openjdk/8035893-jvm_getversioninfo_zeroing.patch,
+	* patches/openjdk/oj6-29-jdk_version_info_zeroing.patch:
+	Add new patches from upstream.
+
+2014-02-01  Andrew John Hughes  <gnu.andrew at redhat.com>
+
+	* patches/linker-libs-order.patch:
+	Regenerate, removing upstreamed fragment.
+
 2014-03-24  Pavel Tisnovsky  <ptisnovs at redhat.com>
 
 	* contrib/jck/compile-native-code.sh:
diff -r 0ef5e61b1b00 -r 03d11116ab06 Makefile.am
--- a/Makefile.am	Mon Mar 24 16:53:24 2014 -0400
+++ b/Makefile.am	Tue Mar 25 23:24:47 2014 +0000
@@ -313,9 +313,15 @@
 	patches/lcms.patch
 endif
 
+UPSTREAMED_PATCHES = \
+	patches/openjdk/7110396-sound_code_build_fix.patch \
+	patches/openjdk/8035893-jvm_getversioninfo_zeroing.patch \
+	patches/openjdk/oj6-29-jdk_version_info_zeroing.patch
+
 ICEDTEA_PATCHES = \
 	$(DROP_PATCHES) \
 	$(SECURITY_PATCHES) \
+	$(UPSTREAMED_PATCHES) \
 	patches/openjdk/6733501-icedtea_lcms_test.patch \
 	$(LCMS_PATCHES) \
 	patches/openjdk/4993545-nativeinlightfixer.patch \
diff -r 0ef5e61b1b00 -r 03d11116ab06 NEWS
--- a/NEWS	Mon Mar 24 16:53:24 2014 -0400
+++ b/NEWS	Tue Mar 25 23:24:47 2014 +0000
@@ -15,9 +15,12 @@
 New in release 1.14.0 (201X-XX-XX):
 
 * Backports
+  - S7110396: Sound code fails to build with gcc 4.6 on multiarch Linux systems
   - S7151089: PS NUMA: NUMA allocator should not attempt to free pages when using SHM large pages
   - S8013057: Detect mmap() commit failures in Linux and Solaris os::commit_memory() impls and call vm_exit_out_of_memory()
   - S8026887: Make issues due to failed large pages allocations easier to debug
+  - S8035893: JVM_GetVersionInfo fails to zero structure
+  - OPENJDK6-29: JDK fails to zero jdk_version_info correctly
 * Bug fixes
   - PR1714: Update PaX support to detect running PaX kernel and use newer tools
   - PR1712, G455426: Allow -Werror to be turned off in the HotSpot build
diff -r 0ef5e61b1b00 -r 03d11116ab06 patches/linker-libs-order.patch
--- a/patches/linker-libs-order.patch	Mon Mar 24 16:53:24 2014 -0400
+++ b/patches/linker-libs-order.patch	Tue Mar 25 23:24:47 2014 +0000
@@ -1,7 +1,19 @@
-diff -durN openjdk-orig/jdk/make/common/shared/Sanity.gmk openjdk/jdk/make/common/shared/Sanity.gmk
---- openjdk-orig/jdk/make/common/shared/Sanity.gmk	2008-10-27 00:25:33.000000000 +0000
-+++ openjdk/jdk/make/common/shared/Sanity.gmk	2008-10-28 21:42:16.000000000 +0000
-@@ -1397,7 +1397,7 @@
+diff -Nru openjdk.orig/jdk/make/com/sun/java/pack/Makefile openjdk/jdk/make/com/sun/java/pack/Makefile
+--- openjdk.orig/jdk/make/com/sun/java/pack/Makefile	2013-08-21 20:32:57.128216515 +0100
++++ openjdk/jdk/make/com/sun/java/pack/Makefile	2014-02-01 15:58:10.921834941 +0000
+@@ -144,7 +144,7 @@
+ 
+ $(UNPACK_EXE): $(UNPACK_EXE_FILES_o) winres 
+ 	$(prep-target)
+-	$(LINKER)  $(LDDFLAGS) $(UNPACK_EXE_FILES_o) $(RES) $(LIBCXX) $(LDOUTPUT)$(TEMPDIR)/unpack200$(EXE_SUFFIX)
++	$(LINKER)  $(LDDFLAGS) $(UNPACK_EXE_FILES_o) $(RES) $(OTHER_LDLIBS) $(LIBCXX) $(LDOUTPUT)$(TEMPDIR)/unpack200$(EXE_SUFFIX)
+ 	$(CP) $(TEMPDIR)/unpack200$(EXE_SUFFIX) $(UNPACK_EXE)
+ 
+ 
+diff -Nru openjdk.orig/jdk/make/common/shared/Sanity.gmk openjdk/jdk/make/common/shared/Sanity.gmk
+--- openjdk.orig/jdk/make/common/shared/Sanity.gmk	2014-02-01 15:43:22.344232267 +0000
++++ openjdk/jdk/make/common/shared/Sanity.gmk	2014-02-01 15:58:10.921834941 +0000
+@@ -1344,7 +1344,7 @@
  ifdef ALSA_VERSION_CHECK
  $(ALSA_VERSION_CHECK): $(ALSA_VERSION_CHECK).c
  	@$(prep-target)
@@ -10,27 +22,3 @@
  
  $(ALSA_VERSION_CHECK).c:
  	@$(prep-target)
-diff -durN openjdk-orig/jdk/make/javax/sound/jsoundalsa/Makefile openjdk/jdk/make/javax/sound/jsoundalsa/Makefile
---- openjdk-orig/jdk/make/javax/sound/jsoundalsa/Makefile	2008-08-28 09:10:50.000000000 +0100
-+++ openjdk/jdk/make/javax/sound/jsoundalsa/Makefile	2008-10-28 21:55:27.000000000 +0000
-@@ -65,7 +65,7 @@
- 	$(MIDIFILES_export) \
- 	$(PORTFILES_export)
- 
--LDFLAGS += -lasound
-+OTHER_LDLIBS += -lasound
- 
- CPPFLAGS += \
- 	-DUSE_DAUDIO=TRUE \
-diff -durN openjdk-orig/jdk/make/com/sun/java/pack/Makefile openjdk/jdk/make/com/sun/java/pack/Makefile
---- openjdk-orig/jdk/make/com/sun/java/pack/Makefile	2008-10-27 00:25:30.000000000 +0000
-+++ openjdk/jdk/make/com/sun/java/pack/Makefile	2008-10-28 23:27:55.000000000 +0000
-@@ -142,7 +141,7 @@
- 
- $(UNPACK_EXE): $(UNPACK_EXE_FILES_o) winres 
- 	$(prep-target)
--	$(LINKER)  $(LDDFLAGS) $(UNPACK_EXE_FILES_o) $(RES) $(LIBCXX) $(LDOUTPUT)$(TEMPDIR)/unpack200$(EXE_SUFFIX)
-+	$(LINKER)  $(LDDFLAGS) $(UNPACK_EXE_FILES_o) $(RES) $(OTHER_LDLIBS) $(LIBCXX) $(LDOUTPUT)$(TEMPDIR)/unpack200$(EXE_SUFFIX)
- 	$(CP) $(TEMPDIR)/unpack200$(EXE_SUFFIX) $(UNPACK_EXE)
- 
- 
diff -r 0ef5e61b1b00 -r 03d11116ab06 patches/openjdk/7110396-sound_code_build_fix.patch
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/patches/openjdk/7110396-sound_code_build_fix.patch	Tue Mar 25 23:24:47 2014 +0000
@@ -0,0 +1,22 @@
+# HG changeset patch
+# User mr
+# Date 1327351181 28800
+#      Mon Jan 23 12:39:41 2012 -0800
+# Node ID b49e33de40eafc113d3ca822f4abe2fde31d2cc2
+# Parent  07a296eb4c9cb88d2d84561ecfe70e10b167a2ac
+7110396: Sound code fails to build with gcc 4.6 on multiarch Linux systems
+Reviewed-by: ohair
+Contributed-by: edvard.wendelin at oracle.com
+
+diff -r 07a296eb4c9c -r b49e33de40ea make/javax/sound/jsoundalsa/Makefile
+--- openjdk/jdk/make/javax/sound/jsoundalsa/Makefile	Tue Jan 21 13:39:13 2014 -0500
++++ openjdk/jdk/make/javax/sound/jsoundalsa/Makefile	Mon Jan 23 12:39:41 2012 -0800
+@@ -65,7 +65,7 @@
+ 	$(MIDIFILES_export) \
+ 	$(PORTFILES_export)
+ 
+-LDFLAGS += -lasound
++OTHER_LDLIBS += -lasound
+ 
+ CPPFLAGS += \
+ 	-DUSE_DAUDIO=TRUE \
diff -r 0ef5e61b1b00 -r 03d11116ab06 patches/openjdk/8035893-jvm_getversioninfo_zeroing.patch
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/patches/openjdk/8035893-jvm_getversioninfo_zeroing.patch	Tue Mar 25 23:24:47 2014 +0000
@@ -0,0 +1,21 @@
+# HG changeset patch
+# User igerasim
+# Date 1393588840 -14400
+#      Fri Feb 28 16:00:40 2014 +0400
+# Node ID 72a544aeb89217020b60c10fe167e2567fea3460
+# Parent  9747f83d7a38205a4a26008ee767fd161e1856c2
+8035893: JVM_GetVersionInfo fails to zero structure
+Reviewed-by: sla, zgu
+
+diff -r 9747f83d7a38 -r 72a544aeb892 src/share/vm/prims/jvm.cpp
+--- openjdk/hotspot/src/share/vm/prims/jvm.cpp	Fri Mar 21 20:57:28 2014 +0000
++++ openjdk/hotspot/src/share/vm/prims/jvm.cpp	Fri Feb 28 16:00:40 2014 +0400
+@@ -4534,7 +4534,7 @@
+ 
+ JVM_ENTRY(void, JVM_GetVersionInfo(JNIEnv* env, jvm_version_info* info, size_t info_size))
+ {
+-  memset(info, 0, sizeof(info_size));
++  memset(info, 0, info_size);
+ 
+   info->jvm_version = Abstract_VM_Version::jvm_version();
+   info->update_version = 0;          /* 0 in HotSpot Express VM */
diff -r 0ef5e61b1b00 -r 03d11116ab06 patches/openjdk/oj6-29-jdk_version_info_zeroing.patch
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/patches/openjdk/oj6-29-jdk_version_info_zeroing.patch	Tue Mar 25 23:24:47 2014 +0000
@@ -0,0 +1,21 @@
+# HG changeset patch
+# User aph
+# Date 1393513709 0
+#      Thu Feb 27 15:08:29 2014 +0000
+# Node ID 04e4c3ec6516727f01f91a9ce8cb72586a3bc502
+# Parent  942d4ba93be74b1c401d6532f116da80f5466303
+OPENJDK6-29: JDK fails to zero jdk_version_info correctly
+Reviewed-by: andrew
+
+diff -r 942d4ba93be7 -r 04e4c3ec6516 src/share/native/common/jdk_util.c
+--- openjdk/jdk/src/share/native/common/jdk_util.c	Wed Feb 26 18:06:02 2014 +0000
++++ openjdk/jdk/src/share/native/common/jdk_util.c	Thu Feb 27 15:08:29 2014 +0000
+@@ -76,7 +76,7 @@
+     }
+ 
+ 
+-    memset(info, 0, sizeof(info_size));
++    memset(info, 0, info_size);
+     info->jdk_version = ((jdk_major_version & 0xFF) << 24) |
+                         ((jdk_minor_version & 0xFF) << 16) |
+                         ((jdk_micro_version & 0xFF) << 8)  |

From jvanek at redhat.com  Wed Mar 26 09:04:49 2014
From: jvanek at redhat.com (Jiri Vanek)
Date: Wed, 26 Mar 2014 10:04:49 +0100
Subject: [rfc][icedtea-web] minor properties fix
Message-ID: <53329831.4070502@redhat.com>

2014-03-26  Jiri Vanek  <jvanek at redhat.com>

	* /netx/net/sourceforge/jnlp/runtime/ManifestAttributesChecker.java: (checkTrustedOnlyAttribute)
	hardocded strings for signedMsg moved to properties.
	* /netx/net/sourceforge/jnlp/resources/Messages.propertie: Added (STOAsignedMsgFully)
	(STOAsignedMsgAndSandbox) (STOAsignedMsgPartiall) keys
-------------- next part --------------
A non-text attachment was scrubbed...
Name: minorLocalisationFix.patch
Type: text/x-patch
Size: 2068 bytes
Desc: not available
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140326/0914e170/minorLocalisationFix.patch>

From jvanek at redhat.com  Wed Mar 26 09:06:26 2014
From: jvanek at redhat.com (Jiri Vanek)
Date: Wed, 26 Mar 2014 10:06:26 +0100
Subject: [rfc][icedtea-web][policyeditor] Reflection and Exec permissions
In-Reply-To: <5331DA51.80604@redhat.com>
References: <53309014.8040801@redhat.com> <53314CC6.8020901@redhat.com>
	<533186F7.2040109@redhat.com> <5331D1AC.7060109@redhat.com>
	<5331DA51.80604@redhat.com>
Message-ID: <53329892.30105@redhat.com>

On 03/25/2014 08:34 PM, Andrew Azores wrote:
> On 03/25/2014 02:57 PM, Jiri Vanek wrote:
>> On 03/25/2014 02:39 PM, Andrew Azores wrote:
>>> On 03/25/2014 05:30 AM, Jiri Vanek wrote:
>>>> On 03/24/2014 09:05 PM, Andrew Azores wrote:
>>>>> Hi,
>>>>>
>>>>> This patch just adds Reflection and Exec permission options to PolicyEditor.
>>>>>
>>>>> Thanks,
>>>>>
>>>>
>>>> Looks good. Just not sure if it is enough:
>>>>
>>>> eg:
>>>> java.lang.NullPointerException
>>>> at geogebra.i.x.a(Unknown Source)
>>>> at geogebra.gui.a.a.a(Unknown Source)
>>>> at geogebra.gui.a.a.a(Unknown Source)
>>>> at geogebra.GeoGebra.a(Unknown Source)
>>>> at geogebra.GeoGebra.a(Unknown Source)
>>>> at geogebra.GeoGebra.main(Unknown Source)
>>>> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
>>>> at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
>>>> at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
>>>> at java.lang.reflect.Method.invoke(Method.java:616)
>>>> at net.sourceforge.jnlp.Launcher.launchApplication(Launcher.java:571)
>>>> at net.sourceforge.jnlp.Launcher$TgThread.run(Launcher.java:911)
>>>>
>>>> I think he class for name is not allowed by your permission.
>>>
>>> Aha! Thanks for catching this. [0] suggests there's only one permission needed for reflection,
>>> but [1] proves otherwise (and makes sense).
>>>
>>
>> Hmm still the same exception. It is geogebra which is causing this.
>
> Do you have exact reproduction steps?

yes, lunch geogebra from our testcases and sue any sandbox combination :) - or try to tune it to run:)
>
>>
>>> [0] http://docs.oracle.com/javase/7/docs/api/java/lang/reflect/ReflectPermission.html
>>> [1]
>>> http://docs.oracle.com/javase/7/docs/api/java/lang/Class.html#forName%28java.lang.String,%20boolean,%20java.lang.ClassLoader%29
>>>
>>>
>>>> For exec - are supported both runtimelexec and process builder?
>>>
>>> According to the documentation, they both go through SecurityManager#checkExec, which checks for
>>> "execute" action on the given file. So if granting <<ALL FILES>> as the target, it should allow
>>> executing anything (which sounds so, so scary - but that's why this is optional! :) )
>> hmhmh.. No granularity needed in policy editor level imho. Just allow all.
>
> Yea, that's what it is now. Just FilePermission with "execute" action on "<<ALL FILES>>" target.
>
>>>
>>>>
>>>> J.
>>>
>>>
>>> New patch adds the ClassLoader permission, as well as a bunch of others I figured might as well
>>> be added because they're likely to be needed in conjunction with it and each other. PolicyEditor
>>> doesn't really have a way to make a single checkbox handle multiple permissions, at least not
>>> right now, so the Reflection stuff is split up into four different permissions basically, but I
>>> think that's probably actually better anyway. It's just a little more cluttered looking. Maybe a
>>> future enhancement would be to add labels separating the checkboxes into groups eg File Access,
>>> Java Reflection, System Utility?
>>
>> This should be fixed. Eg all checkboxes from family of "allow unowned code execution" should be
>> gathered under one :((
>>
>> Not needed to do now, but later 100% needed fix.
>>>
>>> Thanks,
>>>
>>
>
> Thanks,
>


From bugzilla-daemon at icedtea.classpath.org  Wed Mar 26 10:10:24 2014
From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org)
Date: Wed, 26 Mar 2014 10:10:24 +0000
Subject: [Bug 1722] Intermittent JVM crash at
	sun.security.krb5.KrbException.equals(Ljava/lang/Object;)
In-Reply-To: <bug-1722-30@http.icedtea.classpath.org/bugzilla/>
References: <bug-1722-30@http.icedtea.classpath.org/bugzilla/>
Message-ID: <bug-1722-30-JhoUYEkRKq@http.icedtea.classpath.org/bugzilla/>

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1722

Severin Gehwolf <sgehwolf at redhat.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |RESOLVED
                 CC|                            |sgehwolf at redhat.com
         Resolution|---                         |INVALID

--- Comment #2 from Severin Gehwolf <sgehwolf at redhat.com> ---
Closing as not-a-bug, since this seems to be a problem with Fedora's java abrt
connector.

See: https://bugzilla.redhat.com/show_bug.cgi?id=1080476

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140326/0f032b8e/attachment-0001.html>

From bugzilla-daemon at icedtea.classpath.org  Wed Mar 26 10:17:54 2014
From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org)
Date: Wed, 26 Mar 2014 10:17:54 +0000
Subject: [Bug 1723] JRE 6.1.12.7 crash when running Eclipse 4.2.1-r1
In-Reply-To: <bug-1723-30@http.icedtea.classpath.org/bugzilla/>
References: <bug-1723-30@http.icedtea.classpath.org/bugzilla/>
Message-ID: <bug-1723-30-YsiFU3BckG@http.icedtea.classpath.org/bugzilla/>

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1723

Severin Gehwolf <sgehwolf at redhat.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |RESOLVED
                 CC|                            |sgehwolf at redhat.com
         Resolution|---                         |INVALID

--- Comment #1 from Severin Gehwolf <sgehwolf at redhat.com> ---
Closing this bug as invalid since this is an upstream eclipse issue of version
4.2 with newer webkit. It can possibly be fixed in Gentoo somehow pulling in
the right webkit version. See:

https://bugs.eclipse.org/bugs/show_bug.cgi?id=405786
https://bugs.eclipse.org/bugs/show_bug.cgi?id=404776

Not an openjdk/icedtea issue either way.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140326/a69e1cc2/attachment.html>

From ptisnovs at icedtea.classpath.org  Wed Mar 26 11:21:09 2014
From: ptisnovs at icedtea.classpath.org (ptisnovs at icedtea.classpath.org)
Date: Wed, 26 Mar 2014 11:21:09 +0000
Subject: /hg/gfx-test: Eight new tests added into BitBltAffineQuadrantRot...
Message-ID: <hg.638107db910c.1395832869.-6248649288953172555@icedtea.classpath.org>

changeset 638107db910c in /hg/gfx-test
details: http://icedtea.classpath.org/hg/gfx-test?cmd=changeset;node=638107db910c
author: Pavel Tisnovsky <ptisnovs at redhat.com>
date: Wed Mar 26 12:21:48 2014 +0100

	Eight new tests added into BitBltAffineQuadrantRotateTransformOp.java.


diffstat:

 ChangeLog                                                             |    5 +
 src/org/gfxtest/testsuites/BitBltAffineQuadrantRotateTransformOp.java |  140 ++++++++++
 2 files changed, 145 insertions(+), 0 deletions(-)

diffs (162 lines):

diff -r 72be1e400e82 -r 638107db910c ChangeLog
--- a/ChangeLog	Tue Mar 25 09:39:30 2014 +0100
+++ b/ChangeLog	Wed Mar 26 12:21:48 2014 +0100
@@ -1,3 +1,8 @@
+2014-03-26  Pavel Tisnovsky  <ptisnovs at redhat.com>
+
+	* src/org/gfxtest/testsuites/BitBltAffineQuadrantRotateTransformOp.java:
+	Eight new tests added into BitBltAffineQuadrantRotateTransformOp.java.
+
 2014-03-25  Pavel Tisnovsky  <ptisnovs at redhat.com>
 
 	* src/org/gfxtest/testsuites/CAGOperationsOnTwoOverlappingRectangles.java:
diff -r 72be1e400e82 -r 638107db910c src/org/gfxtest/testsuites/BitBltAffineQuadrantRotateTransformOp.java
--- a/src/org/gfxtest/testsuites/BitBltAffineQuadrantRotateTransformOp.java	Tue Mar 25 09:39:30 2014 +0100
+++ b/src/org/gfxtest/testsuites/BitBltAffineQuadrantRotateTransformOp.java	Wed Mar 26 12:21:48 2014 +0100
@@ -893,6 +893,146 @@
     }
 
     /**
+     * Test basic BitBlt operation for empty buffered image with type TYPE_INT_RGB.
+     *
+     * @param image
+     *            image used as a destination for BitBlt-type operations
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testBitBltEmptyBufferedImageTypeIntRGBRotateTransformation2Nearest1Op(TestImage image, Graphics2D graphics2d)
+    {
+        return doBitBltEmptyBufferedImageTypeIntRGB(image, graphics2d, RotateTransformationNearest1Op[2]);
+    }
+
+    /**
+     * Test basic BitBlt operation for empty buffered image with type TYPE_INT_RGB.
+     *
+     * @param image
+     *            image used as a destination for BitBlt-type operations
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testBitBltEmptyBufferedImageTypeIntRGBRotateTransformation3Nearest1Op(TestImage image, Graphics2D graphics2d)
+    {
+        return doBitBltEmptyBufferedImageTypeIntRGB(image, graphics2d, RotateTransformationNearest1Op[3]);
+    }
+
+    /**
+     * Test basic BitBlt operation for empty buffered image with type TYPE_INT_RGB.
+     *
+     * @param image
+     *            image used as a destination for BitBlt-type operations
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testBitBltEmptyBufferedImageTypeIntRGBRotateTransformation4Nearest1Op(TestImage image, Graphics2D graphics2d)
+    {
+        return doBitBltEmptyBufferedImageTypeIntRGB(image, graphics2d, RotateTransformationNearest1Op[4]);
+    }
+
+    /**
+      Test basic BitBlt operation for empty buffered image with type TYPE_INT_RGB.
+     *
+     * @param image
+     *            image used as a destination for BitBlt-type operations
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testBitBltEmptyBufferedImageTypeIntRGBRotateTransformation5Nearest1Op(TestImage image, Graphics2D graphics2d)
+    {
+        return doBitBltEmptyBufferedImageTypeIntRGB(image, graphics2d, RotateTransformationNearest1Op[5]);
+    }
+
+    /**
+     * Test basic BitBlt operation for empty buffered image with type TYPE_INT_BGR.
+     *
+     * @param image
+     *            image used as a destination for BitBlt-type operations
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testBitBltEmptyBufferedImageTypeIntBGRRotateTransformation0Nearest1Op(TestImage image, Graphics2D graphics2d)
+    {
+        return doBitBltEmptyBufferedImageTypeIntBGR(image, graphics2d, RotateTransformationNearest1Op[0]);
+    }
+
+    /**
+     * Test basic BitBlt operation for empty buffered image with type TYPE_INT_BGR.
+     *
+     * @param image
+     *            image used as a destination for BitBlt-type operations
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testBitBltEmptyBufferedImageTypeIntBGRRotateTransformation1Nearest1Op(TestImage image, Graphics2D graphics2d)
+    {
+        return doBitBltEmptyBufferedImageTypeIntBGR(image, graphics2d, RotateTransformationNearest1Op[1]);
+    }
+
+    /**
+     * Test basic BitBlt operation for empty buffered image with type TYPE_INT_BGR.
+     *
+     * @param image
+     *            image used as a destination for BitBlt-type operations
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testBitBltEmptyBufferedImageTypeIntBGRRotateTransformation2Nearest1Op(TestImage image, Graphics2D graphics2d)
+    {
+        return doBitBltEmptyBufferedImageTypeIntBGR(image, graphics2d, RotateTransformationNearest1Op[2]);
+    }
+
+    /**
+     * Test basic BitBlt operation for empty buffered image with type TYPE_INT_BGR.
+     *
+     * @param image
+     *            image used as a destination for BitBlt-type operations
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testBitBltEmptyBufferedImageTypeIntBGRRotateTransformation3Nearest1Op(TestImage image, Graphics2D graphics2d)
+    {
+        return doBitBltEmptyBufferedImageTypeIntBGR(image, graphics2d, RotateTransformationNearest1Op[3]);
+    }
+
+    /**
+     * Test basic BitBlt operation for empty buffered image with type TYPE_INT_BGR.
+     *
+     * @param image
+     *            image used as a destination for BitBlt-type operations
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testBitBltEmptyBufferedImageTypeIntBGRRotateTransformation4Nearest1Op(TestImage image, Graphics2D graphics2d)
+    {
+        return doBitBltEmptyBufferedImageTypeIntBGR(image, graphics2d, RotateTransformationNearest1Op[4]);
+    }
+
+    /**
+      Test basic BitBlt operation for empty buffered image with type TYPE_INT_BGR.
+     *
+     * @param image
+     *            image used as a destination for BitBlt-type operations
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testBitBltEmptyBufferedImageTypeIntBGRRotateTransformation5Nearest1Op(TestImage image, Graphics2D graphics2d)
+    {
+        return doBitBltEmptyBufferedImageTypeIntBGR(image, graphics2d, RotateTransformationNearest1Op[5]);
+    }
+
+    /**
      * Test basic BitBlt operation for checker buffered image with type TYPE_3BYTE_BGR.
      *
      * @param image

From ptisnovs at icedtea.classpath.org  Wed Mar 26 11:24:57 2014
From: ptisnovs at icedtea.classpath.org (ptisnovs at icedtea.classpath.org)
Date: Wed, 26 Mar 2014 11:24:57 +0000
Subject: /hg/rhino-tests: Added two new tests into ScriptContextClassTest.
Message-ID: <hg.d9b4a5a38938.1395833097.-6019694633368342460@icedtea.classpath.org>

changeset d9b4a5a38938 in /hg/rhino-tests
details: http://icedtea.classpath.org/hg/rhino-tests?cmd=changeset;node=d9b4a5a38938
author: Pavel Tisnovsky <ptisnovs at redhat.com>
date: Wed Mar 26 12:25:39 2014 +0100

	Added two new tests into ScriptContextClassTest.


diffstat:

 ChangeLog                                      |   5 +++++
 src/org/RhinoTests/ScriptContextClassTest.java |  18 ++++++++++++++++++
 2 files changed, 23 insertions(+), 0 deletions(-)

diffs (40 lines):

diff -r 4aec4c1b2a37 -r d9b4a5a38938 ChangeLog
--- a/ChangeLog	Tue Mar 25 09:43:42 2014 +0100
+++ b/ChangeLog	Wed Mar 26 12:25:39 2014 +0100
@@ -1,3 +1,8 @@
+2014-03-26  Pavel Tisnovsky  <ptisnovs at redhat.com>
+
+	* src/org/RhinoTests/ScriptContextClassTest.java:
+	Added two new tests into ScriptContextClassTest.
+
 2014-03-25  Pavel Tisnovsky  <ptisnovs at redhat.com>
 
 	* src/org/RhinoTests/ScriptEngineFactoryClassTest.java:
diff -r 4aec4c1b2a37 -r d9b4a5a38938 src/org/RhinoTests/ScriptContextClassTest.java
--- a/src/org/RhinoTests/ScriptContextClassTest.java	Tue Mar 25 09:43:42 2014 +0100
+++ b/src/org/RhinoTests/ScriptContextClassTest.java	Wed Mar 26 12:25:39 2014 +0100
@@ -2063,6 +2063,24 @@
     }
 
     /**
+     * Test for method javax.script.ScriptContext.getClass().getResourceAsStreamPositiveTest()
+     */
+    protected void testGetResourceAsStreamPositiveTest() {
+        Object stream;
+        stream = this.scriptContextClass.getResourceAsStream("/org/RhinoTests/AbstractScriptEngineClassTest.class");
+        assertNotNull(stream, "getResourceAsStream(\"/org/RhinoTests/AbstractScriptEngineClassTest.class\") returns null");
+    }
+
+    /**
+     * Test for method javax.script.ScriptContext.getClass().toString()
+     */
+    protected void testToString() {
+        String asString;
+        asString = this.scriptContextClass.toString();
+        assertEquals("interface javax.script.ScriptContext", asString, "wrong toString() return value");
+    }
+
+    /**
      * Test for instanceof operator applied to a class javax.script.ScriptContext
      */
     @SuppressWarnings("cast")

From jvanek at redhat.com  Wed Mar 26 11:31:09 2014
From: jvanek at redhat.com (Jiri Vanek)
Date: Wed, 26 Mar 2014 12:31:09 +0100
Subject: [rfc][icedtea-web][policyeditor] Modal PolicyEditor
In-Reply-To: <5331E17E.5070302@redhat.com>
References: <53305AD0.4020601@redhat.com> <53305BDD.9010204@redhat.com>
	<533097F8.9090509@redhat.com> <533150B2.8030008@redhat.com>
	<53318D53.3070502@redhat.com> <5331D3EF.7080407@redhat.com>
	<5331E17E.5070302@redhat.com>
Message-ID: <5332BA7D.5070300@redhat.com>

I think we misunderstood a bit.

Attached is an patch doing what I wonted.

It is defining interface (I wish it could be an class! :) ) common to both  PolicyEditorFrame and 
PolicyEditorDialog.

It become quite verbose, but its cleaner.


It is fixing one mayor bug:
You had     public static class PolicyEditorFrame extends JDialog {
So I fixed it to    public static class PolicyEditorFrame extends JFrame {

And making the two constructors I wont private.
I really don't know where we miscommunicated:))

Also it is removing unnecessary    private final Window parentWindow by fixing the signature of 
methods which were using from incorrect window, to correct component.


Otherwise it is same. If  you can survive my Interface, You can push.
If not (and I agree it is maybe nuclear shot to kill a pigeon.. really maybe to much verbose) then 
please one last round. But keep your version :
  - with two private constructors
  - without aprent variable
  - and without duplicate code.


Sorry for my probably wrong explanations during reviews :(


J.


On 03/25/2014 09:05 PM, Andrew Azores wrote:
> On 03/25/2014 03:07 PM, Jiri Vanek wrote:
>>
>>>>> - }
>>>>> - });
>>>>> + public static class PolicyEditorFrame extends JFrame {
>>>>> + public final PolicyEditor editor;
>>>>> +
>>>>> + public PolicyEditorFrame(final PolicyEditor editor) {
>>>>
>>>> I doubt this will be ever used - please do it private.
>>>
>>> Private, but return the specialized PolicyEditorFrame type anyway from the public getters? Seems
>>> a bit odd. I'm not just returning JFrame/JDialog because then there's no easy way to get the
>>> actual PolicyEditor instance out of it, to do things like programmatically add codebases. I did
>>> have to give the PolicyEditor a reference to its parent frame/dialog in this revision, but I'd
>>> rather not use this as a way to hold the reference to the frame/dialog and have eg the security
>>> dialogs access the frame/dialog through the editor's reference. That just seems upside down and
>>> backward.
>>
>>
>> I must insists. Please do both "do the actuall work" constructors (public PolicyEditorFrame(final
>> PolicyEditor editor) and   public PolicyEditorDialog(final PolicyEditor editor) )private.
>
> Okay, so then if they're private, CertWarningPane and PartiallySignedAppTrustWarningPanel can't use
> them, and will be stuck with only JDialog? Then how do they get to the actual PolicyEditor instance
> to do addNewCodebase?
>
>>
>>>
>>>>> + super();
>>>>> + this.editor = editor;
>>>>> + add(editor);
>>>>> + this.pack();
>>>>> + editor.setVisible(true);
>>>>> + this.setJMenuBar(createMenuBar(this, editor));
>>>>> +
>>>>> + setTitle(R("PETitle"));
>>>>> +
>>>>> + setDefaultCloseOperation(WindowConstants.DISPOSE_ON_CLOSE);
>>>>> +
>>>>> + addWindowListener(new WindowAdapter() {
>>>>> + @Override
>>>>> + public void windowClosing(final WindowEvent e) {
>>>>> + editor.quit();
>>>>> + dispose();
>>>>> + }
>>>>> + });
>>>>> +
>>>>> + editor.closeButton.addActionListener(new ActionListener() {
>>>>> + @Override
>>>>> + public void actionPerformed(final ActionEvent e) {
>>>>> + dispose();
>>>>> + }
>>>>> + });
>>>>> + }
>>>>> + }
>>>>> +
>>>>> + public static PolicyEditorFrame getPolicyEditorFrame(final String filepath) {
>>>>> + return new PolicyEditorFrame(new PolicyEditor(filepath));
>>>>> + }
>>>>> +
>>>>
>>>> Tehre is really a lot of shared code in this two "methods".
>>>>
>>>> PolicyEditorFrame and PolicyEditorDialog.
>>>>
>>>> They both have general ancestor -Window. All the operations behind super() call may be done in
>>>> generalised ancestor.
>>>
>>> Window doesn't have setTitle, or setJMenuBar, or setDefaultCloseOperation...
>> hmm.. I was found with patns down it seams.... The java.awt.Window really do not have it?? Strange...
>> Anyway - there is really to much duplicate code. Please
>>
>>
>> nvm - the duplicate code is really awwefull:
>>
>> +           this.editor = editor;
>>    private artificial forefather?
>> +            add(editor);
>> +            this.pack();
>>
>> window
>>
>>   editor.setVisible(true);
>> +
>> +            setTitle(R("PETitle"));
>> +
>>
>> this is stupid :)
>>
>> + setDefaultCloseOperation(WindowConstants.DISPOSE_ON_CLOSE);
>> +
>> this too:-/
>
> Sorry but none of the above five comments are useful. I don't know what you want.
>
>>
>> Maybe add interfcae for this? :D feel free to elaborate as you wish.
>
> What? An interface for what? I don't understand how adding an interface is going to help.
>
>>
>> +            addWindowListener(new WindowAdapter() {
>> +                @Override
>> +                public void windowClosing(final WindowEvent e) {
>> +                    editor.quit();
>> +                    dispose();
>> +                }
>> +            });
>> +
>> +            editor.closeButton.addActionListener(new ActionListener() {
>> +                @Override
>> +                public void actionPerformed(final ActionEvent e) {
>> +                    dispose();
>> +                }
>> +            });
>>
>> thso eshould be in Window or comon artifical forefather  too.
>>
>>
>
> I still don't know how I'm supposed to be subclassing Window here. It is missing required
> functionality that is implemented independently by both JFrame and JDialog. Yes, if I made a Window
> subclass, then most of the logic could be moved into it just fine, but some important things eg
> window title and menu bar would be missing. Then if I subclass this new Window subclass, I still
> don't have the JMenuBar, etc. I don't know what "artificial forefather" you're suggesting otherwise.
>
> Anyway, the attached patch slightly reduces the amount of duplicated code by extracting it into a
> private static helper method that operates on Window. The only work now done in the JDialog and
> JFrame subclassed constructors are the parts that cannot be done on a Window, which happens to be
> the exact same between the two of them.
>
> Thanks,
>
> --
> Andrew A

-------------- next part --------------
A non-text attachment was scrubbed...
Name: modalPoliciEditor.patch
Type: text/x-patch
Size: 22320 bytes
Desc: not available
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140326/dc64d583/modalPoliciEditor-0001.patch>

From jvanek at redhat.com  Wed Mar 26 11:37:48 2014
From: jvanek at redhat.com (Jiri Vanek)
Date: Wed, 26 Mar 2014 12:37:48 +0100
Subject: [rfc][icedtea-web] Security dialogs wait for PolicyEditor to
	finish parsing
In-Reply-To: <5331E8C0.6030401@redhat.com>
References: <53303AA3.3080109@redhat.com> <533043CB.3010506@redhat.com>
	<533044D7.8040402@redhat.com> <53304B0E.3060505@redhat.com>
	<5330536D.2030608@redhat.com> <533056E3.60201@redhat.com>
	<5331E8C0.6030401@redhat.com>
Message-ID: <5332BC0C.9040007@redhat.com>

On 03/25/2014 09:36 PM, Andrew Azores wrote:
> On 03/24/2014 12:01 PM, Jiri Vanek wrote:
>> On 03/24/2014 04:46 PM, Andrew Azores wrote:
>>> On 03/24/2014 11:11 AM, Jiri Vanek wrote:
>>>> On 03/24/2014 03:44 PM, Andrew Azores wrote:
>>>>> On 03/24/2014 10:40 AM, Jiri Vanek wrote:
>>>>>> On 03/24/2014 03:01 PM, Andrew Azores wrote:
>>>>>>> Hi,
>>>>>>>
>>>>>>> PolicyEditor loads and saves policy files async, obviously. However, this means that opening
>>>>>>> a new
>>>>>>> PolicyEditor instance on an existing policy file and programmatically adding a new codebase
>>>>>>> to the
>>>>>>> editor does not have a well-defined order. This can be problematic because PolicyEditor
>>>>>>> highlights/selects the last added codebase, so eg in the scenario where the editor is being
>>>>>>> launched
>>>>>>> from a security dialog, we want to be sure that the current applet's codebase is the one
>>>>>>> selected
>>>>>>> when the editor appears. This patch adds a method to PolicyEditor that indicates whether the
>>>>>>> editor
>>>>>>> is currently reading/writing a file, and adds a loop to the two security dialogs so that the new
>>>>>>> codebase is not added and the editor made visible until it completes its IO.
>>>>>>>
>>>>>>> Thanks,
>>>>>>>
>>>>>>
>>>>>> Hm... I dont think this is correct approach. Why are you so strongly against modal dialogue?
>>>>>>
>>>>>>
>>>>>> J.
>>>>>
>>>>> I'm not... making PolicyEditor modal will come later. This patch is just about making sure that
>>>>> when
>>>>> you launch PolicyEditor from a security dialog, the current applet's codebase is guaranteed to be
>>>>> the selected one when the editor appears. This and modality are completely separate.
>>>>>
>>>>> Thanks,
>>>>>
>>>> uff... wouldnt be much more easy to make the load/save in sync?  I do not see any reason why it is
>>>> in new thread Thread(save/load).start() ....
>>>>
>>>>
>>>> J.
>>>
>>> I really don't want to be doing it sync on the UI thread. This makes the application less
>>> responsive, and is generally bad practice. Not worth the benefit of making it easier to guarantee
>>> the programmatically added new codebases come after. There are better ways to do it async than
>>> manually spawning a new Thread, though, yes. eg SwingWorker as you said on IRC, or Executors and
>>> Runnables as I suggested. Still, these potential enhancements to the multithreading model would
>>> still have the codebase ordering problem.
>>
>> I agree thath do it in gui thread is wrong. But I disagree with current aproach and new suggested
>> locking.
>>
>> Correct aporach is:
>> invoke thread (swingworker)
>>   disable gui or show dialog with progressbar or soem wait please
>>    (so gui will be "responsoble")
>> wait for thread.
>>
>>
>> Would be correct approach.
>
> Okay, this is an enhancement in that it uses the nice SwingWorker abstraction and provides a visual
> indicator of progress for the IO operation, but I don't see how it really solves the problem. If by
> "wait for thread" you mean Thread#join or similar, then we're again just blocking the EDT, so it
> won't actually be responsive until the IO is done. In that case we might as well just have the EDT
> do the IO directly. If we don't block the EDT and continue to let the IO complete async, albeit with
> visual progress indication and nicely abstracted, then there is still the problem of addNewCodebase
> being called externally and not having a well-defined order compared to the addNewCodebase calls
> made by the thread performing the IO.


Agree. Then please do this now:

** failed to import extension forest from /home/jvanek/hg-forest-ext/forest.py: No module named repo
diff -r 4c584d98c42d netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java
--- a/netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java	Wed Mar 26 12:21:48 2014 +0100
+++ b/netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java	Wed Mar 26 12:37:11 2014 +0100
@@ -1067,7 +1067,7 @@
                      OutputController.getLogger().log(e);
                  }
              }
-        }.start();
+        }.run();
      }

      /**
@@ -1170,7 +1170,7 @@
                      showCouldNotSaveDialog();
                  }
              }
-        }.start();
+        }.run();
      }

      /**


>
>>
because :
>>
>> However - the polici files *are* small. So the burden of *doing it IN*  AWT is imho acceptable.
>>
>>


From andrew at icedtea.classpath.org  Wed Mar 26 12:54:22 2014
From: andrew at icedtea.classpath.org (andrew at icedtea.classpath.org)
Date: Wed, 26 Mar 2014 12:54:22 +0000
Subject: /hg/release/icedtea6-1.13: 3 new changesets
Message-ID: <hg.fad7f1e7be70.1395838462.-53431993501496593@icedtea.classpath.org>

changeset fad7f1e7be70 in /hg/release/icedtea6-1.13
details: http://icedtea.classpath.org/hg/release/icedtea6-1.13?cmd=changeset;node=fad7f1e7be70
author: Andrew John Hughes <gnu.andrew at redhat.com>
date: Wed Mar 26 05:05:39 2014 +0000

	PR1714: Update PaX support to detect running PaX kernel and use newer tools

	2014-03-25  Andrew John Hughes  <gnu.andrew at member.fsf.org>

		PR1714: Update PaX support to detect running PaX
		kernel and use newer tools
		* Makefile.am:
		(add-archive): Depend on pax-mark-vm as the target executes java.
		(add-archive-debug): Likewise with pax-mark-vm-debug.
		(check-crypto): Depend on pax-mark-vm as the target executes java.
		(check-crypto-debug): Likewise with pax-mark-vm-debug.
		(add-archive-ecj): Depend on pax-mark-vm-ecj as the target executes java.
		(check-crypto-boot): Likewise.
		* NEWS: Updated.
		* acinclude.m4:
		(IT_HAS_PAX): New macro to detect whether the running
		kernel uses PaX.
		(IT_WITH_PAX): Rewritten to search for PaX tools -
		currently paxmark.sh, paxctl-ng, chpax and paxctl -
		and fail if a tool isn't found and a PaX kernel is
		being used.


changeset aea5755bef42 in /hg/release/icedtea6-1.13
details: http://icedtea.classpath.org/hg/release/icedtea6-1.13?cmd=changeset;node=aea5755bef42
author: Andrew John Hughes <gnu.andrew at redhat.com>
date: Thu Mar 20 02:06:20 2014 +0000

	PR1712: Allow -Werror to be turned off in the HotSpot build

	2012-08-16  Andrew John Hughes  <gnu_andrew at member.fsf.org>

		PR1712: Allow -Werror to be turned off in the
		HotSpot build
		* Makefile.am:
		(WERROR_STATUS): Set to true or false
		depending on if ENABLE_WERROR is set or not.
		(ICEDTEA_ENV): Use WERROR_STATUS to set
		COMPILER_WARNINGS_FATAL.
		* acinclude.m4:
		(IT_ENABLE_WERROR): New macro to enable -Werror.
		This is disabled by default.
		* configure.ac: Call IT_ENABLE_WERROR.
		* NEWS: Updated.


changeset 9408a82b3d19 in /hg/release/icedtea6-1.13
details: http://icedtea.classpath.org/hg/release/icedtea6-1.13?cmd=changeset;node=9408a82b3d19
author: Andrew John Hughes <gnu.andrew at redhat.com>
date: Wed Mar 26 06:34:03 2014 +0000

	Add unreleased upstream patches.

	2014-03-25  Andrew John Hughes  <gnu.andrew at redhat.com>

		* Makefile.am:
		(UPSTREAMED_PATCHES): Add patches from unreleased upstream.
		(ICEDTEA_PATCHES): Include UPSTREAMED_PATCHES.
		* NEWS: Updated.
		* patches/openjdk/7110396-sound_code_build_fix.patch,
		* patches/openjdk/8035893-jvm_getversioninfo_zeroing.patch,
		* patches/openjdk/oj6-29-jdk_version_info_zeroing.patch:
		Add new patches from upstream.

	2014-02-01  Andrew John Hughes  <gnu.andrew at redhat.com>

		* patches/linker-libs-order.patch:
		Regenerate, removing upstreamed fragment.


diffstat:

 ChangeLog                                                |   51 ++++++
 Makefile.am                                              |   27 ++-
 NEWS                                                     |    8 +
 acinclude.m4                                             |  117 ++++++++++----
 configure.ac                                             |    1 +
 patches/linker-libs-order.patch                          |   44 ++---
 patches/openjdk/7110396-sound_code_build_fix.patch       |   22 ++
 patches/openjdk/8035893-jvm_getversioninfo_zeroing.patch |   21 ++
 patches/openjdk/oj6-29-jdk_version_info_zeroing.patch    |   21 ++
 9 files changed, 245 insertions(+), 67 deletions(-)

diffs (455 lines):

diff -r 8796f8cdd621 -r 9408a82b3d19 ChangeLog
--- a/ChangeLog	Thu Jan 23 18:56:55 2014 +0000
+++ b/ChangeLog	Wed Mar 26 06:34:03 2014 +0000
@@ -1,3 +1,54 @@
+2014-03-25  Andrew John Hughes  <gnu.andrew at redhat.com>
+
+	* Makefile.am:
+	(UPSTREAMED_PATCHES): Add patches from unreleased upstream.
+	(ICEDTEA_PATCHES): Include UPSTREAMED_PATCHES.
+	* NEWS: Updated.
+	* patches/openjdk/7110396-sound_code_build_fix.patch,
+	* patches/openjdk/8035893-jvm_getversioninfo_zeroing.patch,
+	* patches/openjdk/oj6-29-jdk_version_info_zeroing.patch:
+	Add new patches from upstream.
+
+2014-02-01  Andrew John Hughes  <gnu.andrew at redhat.com>
+
+	* patches/linker-libs-order.patch:
+	Regenerate, removing upstreamed fragment.
+
+2012-08-16  Andrew John Hughes  <gnu_andrew at member.fsf.org>
+
+	PR1712: Allow -Werror to be turned off in the
+	HotSpot build
+	* Makefile.am:
+	(WERROR_STATUS): Set to true or false
+	depending on if ENABLE_WERROR is set or not.
+	(ICEDTEA_ENV): Use WERROR_STATUS to set
+	COMPILER_WARNINGS_FATAL.
+	* acinclude.m4:
+	(IT_ENABLE_WERROR): New macro to enable -Werror.
+	This is disabled by default.
+	* configure.ac: Call IT_ENABLE_WERROR.
+	* NEWS: Updated.
+
+2014-03-25  Andrew John Hughes  <gnu.andrew at member.fsf.org>
+
+	PR1714: Update PaX support to detect running PaX
+	kernel and use newer tools
+	* Makefile.am:
+	(add-archive): Depend on pax-mark-vm as the target executes java.
+	(add-archive-debug): Likewise with pax-mark-vm-debug.
+	(check-crypto): Depend on pax-mark-vm as the target executes java.
+	(check-crypto-debug): Likewise with pax-mark-vm-debug.
+	(add-archive-ecj): Depend on pax-mark-vm-ecj as the target executes java.
+	(check-crypto-boot): Likewise.
+	* NEWS: Updated.
+	* acinclude.m4:
+	(IT_HAS_PAX): New macro to detect whether the running
+	kernel uses PaX.
+	(IT_WITH_PAX): Rewritten to search for PaX tools -
+	currently paxmark.sh, paxctl-ng, chpax and paxctl -
+	and fail if a tool isn't found and a PaX kernel is
+	being used.
+
 2014-01-23  Andrew John Hughes  <gnu.andrew at redhat.com>
 
 	* acinclude.m4:
diff -r 8796f8cdd621 -r 9408a82b3d19 Makefile.am
--- a/Makefile.am	Thu Jan 23 18:56:55 2014 +0000
+++ b/Makefile.am	Wed Mar 26 06:34:03 2014 +0000
@@ -313,9 +313,15 @@
 	patches/lcms.patch
 endif
 
+UPSTREAMED_PATCHES = \
+	patches/openjdk/7110396-sound_code_build_fix.patch \
+	patches/openjdk/8035893-jvm_getversioninfo_zeroing.patch \
+	patches/openjdk/oj6-29-jdk_version_info_zeroing.patch
+
 ICEDTEA_PATCHES = \
 	$(DROP_PATCHES) \
 	$(SECURITY_PATCHES) \
+	$(UPSTREAMED_PATCHES) \
 	patches/openjdk/6733501-icedtea_lcms_test.patch \
 	$(LCMS_PATCHES) \
 	patches/openjdk/4993545-nativeinlightfixer.patch \
@@ -775,6 +781,12 @@
 ICEDTEA_PKG = $(EMPTY) (${PKGVERSION})
 endif
 
+if ENABLE_WERROR
+WERROR_STATUS=true
+else
+WERROR_STATUS=false
+endif
+
 ICEDTEA_ENV = \
 	ALT_JDK_IMPORT_PATH="$(BOOT_DIR)" \
 	ANT="$(ANT)" \
@@ -817,7 +829,8 @@
 	ALT_OUTPUTDIR="$(BUILD_OUTPUT_DIR)" \
 	STATIC_CXX="false" \
 	BUILD_GCC=gcc$(GCC_SUFFIX) \
-	BUILD_CXX=g++$(GCC_SUFFIX)
+	BUILD_CXX=g++$(GCC_SUFFIX) \
+	COMPILER_WARNINGS_FATAL="$(WERROR_STATUS)"
 
 if ENABLE_CACAO
 ICEDTEA_ENV += \
@@ -1986,7 +1999,7 @@
 	fi
 	rm -f stamps/add-tzdata-support-debug.stamp
 
-stamps/add-archive.stamp: stamps/icedtea.stamp
+stamps/add-archive.stamp: stamps/pax-mark-vm.stamp
 if !ENABLE_JAMVM
 if !ENABLE_CACAO
 if !ZERO_BUILD
@@ -2002,7 +2015,7 @@
 	rm -vf $(BUILD_OUTPUT_DIR)/j2sdk-image/jre/lib/$(INSTALL_ARCH_DIR)/*/*.jsa
 	rm -f stamps/add-archive.stamp
 
-stamps/add-archive-debug.stamp: stamps/icedtea-debug.stamp
+stamps/add-archive-debug.stamp: stamps/pax-mark-vm-debug.stamp
 if !ENABLE_JAMVM
 if !ENABLE_CACAO
 if !ZERO_BUILD
@@ -2036,7 +2049,7 @@
 clean-pax-mark-vm-debug:
 	rm -f stamps/pax-mark-vm-debug.stamp
 
-stamps/check-crypto.stamp: stamps/cryptocheck.stamp stamps/icedtea.stamp
+stamps/check-crypto.stamp: stamps/cryptocheck.stamp stamps/pax-mark-vm.stamp
 	if [ -e $(BUILD_OUTPUT_DIR)/j2sdk-image/bin/java ] ; then \
 	  $(BUILD_OUTPUT_DIR)/j2sdk-image/bin/java -cp $(CRYPTO_CHECK_BUILD_DIR) TestCryptoLevel ; \
 	fi
@@ -2046,7 +2059,7 @@
 clean-check-crypto:
 	rm -f stamps/check-crypto.stamp
 
-stamps/check-crypto-debug.stamp: stamps/cryptocheck.stamp stamps/icedtea-debug.stamp
+stamps/check-crypto-debug.stamp: stamps/cryptocheck.stamp stamps/pax-mark-vm-debug.stamp
 	if [ -e $(DEBUG_BUILD_OUTPUT_DIR)/j2sdk-image/bin/java ] ; then \
 	  $(DEBUG_BUILD_OUTPUT_DIR)/j2sdk-image/bin/java -cp $(CRYPTO_CHECK_BUILD_DIR) TestCryptoLevel ; \
 	fi
@@ -2205,7 +2218,7 @@
 	fi
 	rm -f stamps/add-tzdata-support-ecj.stamp
 
-stamps/add-archive-ecj.stamp: stamps/icedtea-ecj.stamp
+stamps/add-archive-ecj.stamp: stamps/pax-mark-vm-ecj.stamp
 if !ENABLE_JAMVM
 if !ENABLE_CACAO
 if !ZERO_BUILD
@@ -2230,7 +2243,7 @@
 clean-pax-mark-vm-ecj:
 	rm -f stamps/pax-mark-vm-ecj.stamp
 
-stamps/check-crypto-boot.stamp: stamps/cryptocheck.stamp stamps/icedtea-ecj.stamp
+stamps/check-crypto-boot.stamp: stamps/cryptocheck.stamp stamps/pax-mark-vm-ecj.stamp
 	if [ -e $(ECJ_BUILD_OUTPUT_DIR)/j2sdk-image/bin/java ] ; then \
 	  $(ECJ_BUILD_OUTPUT_DIR)/j2sdk-image/bin/java -cp $(CRYPTO_CHECK_BUILD_DIR) TestCryptoLevel ; \
 	fi
diff -r 8796f8cdd621 -r 9408a82b3d19 NEWS
--- a/NEWS	Thu Jan 23 18:56:55 2014 +0000
+++ b/NEWS	Wed Mar 26 06:34:03 2014 +0000
@@ -14,6 +14,14 @@
 
 New in release 1.13.2 (2014-04-XX):
 
+* Backports
+  - S7110396: Sound code fails to build with gcc 4.6 on multiarch Linux systems
+  - S8035893: JVM_GetVersionInfo fails to zero structure
+  - OPENJDK6-29: JDK fails to zero jdk_version_info correctly
+* Bug fixes
+  - PR1714: Update PaX support to detect running PaX kernel and use newer tools
+  - PR1712, G455426: Allow -Werror to be turned off in the HotSpot build
+
 New in release 1.13.1 (2014-01-22):
 
 * Security fixes
diff -r 8796f8cdd621 -r 9408a82b3d19 acinclude.m4
--- a/acinclude.m4	Thu Jan 23 18:56:55 2014 +0000
+++ b/acinclude.m4	Wed Mar 26 06:34:03 2014 +0000
@@ -2139,48 +2139,79 @@
   AM_CONDITIONAL([VM_SUPPORTS_XBOOTCLASSPATH], test x"${it_cv_xbootclasspath_works}" = "xyes")
 ])
 
+AC_DEFUN_ONCE([IT_HAS_PAX],
+[
+  AC_MSG_CHECKING([if a PaX kernel is in use])
+  if cat /proc/self/status | grep '^PaX' >&AS_MESSAGE_LOG_FD 2>&1; then
+    pax_active=yes;
+  else
+    pax_active=no;
+  fi
+  AC_MSG_RESULT([${pax_active}])
+  AM_CONDITIONAL([USING_PAX], test x"${pax_active}" = "xyes")
+])
+
 AC_DEFUN_ONCE([IT_WITH_PAX],
 [
-  AC_MSG_CHECKING([for pax utility to use])
+  AC_REQUIRE([IT_HAS_PAX])
+  PAX_DEFAULT=/usr/sbin/paxmark.sh
+  AC_MSG_CHECKING([if a PaX utility was specified])
   AC_ARG_WITH([pax],
               [AS_HELP_STRING(--with-pax=COMMAND,the command used for pax marking)],
   [
-    PAX_COMMAND=${withval}
-    if test "x${PAX_COMMAND}" = "xno"; then
-      PAX_COMMAND="not specified"
+    if test "x${withval}" = "xyes"; then
+      PAX_COMMAND=no
+    else
+      PAX_COMMAND="${withval}"
     fi
   ],
   [ 
+    PAX_COMMAND=no
+  ])
+  AC_MSG_RESULT(${PAX_COMMAND})
+  if test "x${PAX_COMMAND}" == "xno"; then
+    PAX_COMMAND=${PAX_DEFAULT}
+  fi
+  AC_MSG_CHECKING([if $PAX_COMMAND is a valid executable file])
+  if test -x "${PAX_COMMAND}" && test -f "${PAX_COMMAND}"; then
+    AC_MSG_RESULT([yes])
+  else
+    AC_MSG_RESULT([no])
+    PAX_COMMAND=""
+    AC_PATH_PROG(PAX_COMMAND, "paxmark.sh")
+    if test -z "${PAX_COMMAND}"; then
+      AC_PATH_PROG(PAX_COMMAND, "paxctl-ng")
+    fi
+    if test -z "${PAX_COMMAND}"; then
+      AC_PATH_PROG(PAX_COMMAND, "chpax")
+    fi
+    if test -z "${PAX_COMMAND}"; then
+      AC_PATH_PROG(PAX_COMMAND, "paxctl")
+    fi
+    if test -z "${PAX_COMMAND}"; then
+      if test "x${pax_active}" = "xyes"; then
+        AC_MSG_ERROR("No PaX utility found and running on a PaX kernel.")
+      else
+        AC_MSG_WARN("No PaX utility found.")
+      fi
+    fi
+  fi
+  if test -z "${PAX_COMMAND}"; then
     PAX_COMMAND="not specified"
-  ])
-  case "x${PAX_COMMAND}" in
-    xchpax)
-      case "${host_cpu}" in
-        i?86)
-          PAX_COMMAND_ARGS="-msp"
-          ;;
-        *)
-          PAX_COMMAND_ARGS="-m"
-          ;;
-      esac
-      ;;
-    xpaxctl)
-      case "${host_cpu}" in
-        i?86)
-          PAX_COMMAND_ARGS="-msp"
-          ;;
-        *)
-          PAX_COMMAND_ARGS="-m"
-          ;;
-      esac
-      ;;
-    *)
-      PAX_COMMAND="not specified"
-      PAX_COMMAND_ARGS="not specified"
-      ;;
-  esac
+    PAX_COMMAND_ARGS="not specified"
+  else
+    AC_MSG_CHECKING([which options to pass to ${PAX_COMMAND}])
+    case "${host_cpu}" in
+      i?86)
+        PAX_COMMAND_ARGS="-msp"
+        ;;
+      *)
+        PAX_COMMAND_ARGS="-m"
+        ;;
+    esac
+    AC_MSG_RESULT(${PAX_COMMAND_ARGS})
+  fi
   AM_CONDITIONAL(WITH_PAX, test "x${PAX_COMMAND}" != "xnot specified")
-  AC_MSG_RESULT(${PAX_COMMAND})
   AC_SUBST(PAX_COMMAND)
   AC_SUBST(PAX_COMMAND_ARGS)
 ])
@@ -2264,3 +2295,25 @@
   AC_MSG_RESULT([$enable_jar_compression])
   AM_CONDITIONAL([ENABLE_JAR_COMPRESSION], test x"${enable_jar_compression}" = "xyes")
 ])
+
+AC_DEFUN([IT_ENABLE_WERROR],
+[
+  AC_MSG_CHECKING([whether to enable -Werror])
+  AC_ARG_ENABLE([Werror],
+                [AS_HELP_STRING(--enable-Werror,build with -Werror [[default=no]])],
+  [
+    case "${enableval}" in
+      yes)
+        enable_werror=yes
+        ;;
+      *)
+        enable_werror=no
+        ;;
+    esac
+  ],
+  [
+    enable_werror=no
+  ])
+  AC_MSG_RESULT([$enable_werror])
+  AM_CONDITIONAL([ENABLE_WERROR], test x"${enable_werror}" = "xyes")
+])
diff -r 8796f8cdd621 -r 9408a82b3d19 configure.ac
--- a/configure.ac	Thu Jan 23 18:56:55 2014 +0000
+++ b/configure.ac	Wed Mar 26 06:34:03 2014 +0000
@@ -283,6 +283,7 @@
 IT_WITH_JAMVM_SRC_ZIP
 
 IT_DISABLE_OPTIMIZATIONS
+IT_ENABLE_WERROR
 IT_ENABLE_JAR_COMPRESSION
 IT_SET_SHARK_BUILD
 IT_ENABLE_ZERO_BUILD
diff -r 8796f8cdd621 -r 9408a82b3d19 patches/linker-libs-order.patch
--- a/patches/linker-libs-order.patch	Thu Jan 23 18:56:55 2014 +0000
+++ b/patches/linker-libs-order.patch	Wed Mar 26 06:34:03 2014 +0000
@@ -1,7 +1,19 @@
-diff -durN openjdk-orig/jdk/make/common/shared/Sanity.gmk openjdk/jdk/make/common/shared/Sanity.gmk
---- openjdk-orig/jdk/make/common/shared/Sanity.gmk	2008-10-27 00:25:33.000000000 +0000
-+++ openjdk/jdk/make/common/shared/Sanity.gmk	2008-10-28 21:42:16.000000000 +0000
-@@ -1397,7 +1397,7 @@
+diff -Nru openjdk.orig/jdk/make/com/sun/java/pack/Makefile openjdk/jdk/make/com/sun/java/pack/Makefile
+--- openjdk.orig/jdk/make/com/sun/java/pack/Makefile	2013-08-21 20:32:57.128216515 +0100
++++ openjdk/jdk/make/com/sun/java/pack/Makefile	2014-02-01 15:58:10.921834941 +0000
+@@ -144,7 +144,7 @@
+ 
+ $(UNPACK_EXE): $(UNPACK_EXE_FILES_o) winres 
+ 	$(prep-target)
+-	$(LINKER)  $(LDDFLAGS) $(UNPACK_EXE_FILES_o) $(RES) $(LIBCXX) $(LDOUTPUT)$(TEMPDIR)/unpack200$(EXE_SUFFIX)
++	$(LINKER)  $(LDDFLAGS) $(UNPACK_EXE_FILES_o) $(RES) $(OTHER_LDLIBS) $(LIBCXX) $(LDOUTPUT)$(TEMPDIR)/unpack200$(EXE_SUFFIX)
+ 	$(CP) $(TEMPDIR)/unpack200$(EXE_SUFFIX) $(UNPACK_EXE)
+ 
+ 
+diff -Nru openjdk.orig/jdk/make/common/shared/Sanity.gmk openjdk/jdk/make/common/shared/Sanity.gmk
+--- openjdk.orig/jdk/make/common/shared/Sanity.gmk	2014-02-01 15:43:22.344232267 +0000
++++ openjdk/jdk/make/common/shared/Sanity.gmk	2014-02-01 15:58:10.921834941 +0000
+@@ -1344,7 +1344,7 @@
  ifdef ALSA_VERSION_CHECK
  $(ALSA_VERSION_CHECK): $(ALSA_VERSION_CHECK).c
  	@$(prep-target)
@@ -10,27 +22,3 @@
  
  $(ALSA_VERSION_CHECK).c:
  	@$(prep-target)
-diff -durN openjdk-orig/jdk/make/javax/sound/jsoundalsa/Makefile openjdk/jdk/make/javax/sound/jsoundalsa/Makefile
---- openjdk-orig/jdk/make/javax/sound/jsoundalsa/Makefile	2008-08-28 09:10:50.000000000 +0100
-+++ openjdk/jdk/make/javax/sound/jsoundalsa/Makefile	2008-10-28 21:55:27.000000000 +0000
-@@ -65,7 +65,7 @@
- 	$(MIDIFILES_export) \
- 	$(PORTFILES_export)
- 
--LDFLAGS += -lasound
-+OTHER_LDLIBS += -lasound
- 
- CPPFLAGS += \
- 	-DUSE_DAUDIO=TRUE \
-diff -durN openjdk-orig/jdk/make/com/sun/java/pack/Makefile openjdk/jdk/make/com/sun/java/pack/Makefile
---- openjdk-orig/jdk/make/com/sun/java/pack/Makefile	2008-10-27 00:25:30.000000000 +0000
-+++ openjdk/jdk/make/com/sun/java/pack/Makefile	2008-10-28 23:27:55.000000000 +0000
-@@ -142,7 +141,7 @@
- 
- $(UNPACK_EXE): $(UNPACK_EXE_FILES_o) winres 
- 	$(prep-target)
--	$(LINKER)  $(LDDFLAGS) $(UNPACK_EXE_FILES_o) $(RES) $(LIBCXX) $(LDOUTPUT)$(TEMPDIR)/unpack200$(EXE_SUFFIX)
-+	$(LINKER)  $(LDDFLAGS) $(UNPACK_EXE_FILES_o) $(RES) $(OTHER_LDLIBS) $(LIBCXX) $(LDOUTPUT)$(TEMPDIR)/unpack200$(EXE_SUFFIX)
- 	$(CP) $(TEMPDIR)/unpack200$(EXE_SUFFIX) $(UNPACK_EXE)
- 
- 
diff -r 8796f8cdd621 -r 9408a82b3d19 patches/openjdk/7110396-sound_code_build_fix.patch
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/patches/openjdk/7110396-sound_code_build_fix.patch	Wed Mar 26 06:34:03 2014 +0000
@@ -0,0 +1,22 @@
+# HG changeset patch
+# User mr
+# Date 1327351181 28800
+#      Mon Jan 23 12:39:41 2012 -0800
+# Node ID b49e33de40eafc113d3ca822f4abe2fde31d2cc2
+# Parent  07a296eb4c9cb88d2d84561ecfe70e10b167a2ac
+7110396: Sound code fails to build with gcc 4.6 on multiarch Linux systems
+Reviewed-by: ohair
+Contributed-by: edvard.wendelin at oracle.com
+
+diff -r 07a296eb4c9c -r b49e33de40ea make/javax/sound/jsoundalsa/Makefile
+--- openjdk/jdk/make/javax/sound/jsoundalsa/Makefile	Tue Jan 21 13:39:13 2014 -0500
++++ openjdk/jdk/make/javax/sound/jsoundalsa/Makefile	Mon Jan 23 12:39:41 2012 -0800
+@@ -65,7 +65,7 @@
+ 	$(MIDIFILES_export) \
+ 	$(PORTFILES_export)
+ 
+-LDFLAGS += -lasound
++OTHER_LDLIBS += -lasound
+ 
+ CPPFLAGS += \
+ 	-DUSE_DAUDIO=TRUE \
diff -r 8796f8cdd621 -r 9408a82b3d19 patches/openjdk/8035893-jvm_getversioninfo_zeroing.patch
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/patches/openjdk/8035893-jvm_getversioninfo_zeroing.patch	Wed Mar 26 06:34:03 2014 +0000
@@ -0,0 +1,21 @@
+# HG changeset patch
+# User igerasim
+# Date 1393588840 -14400
+#      Fri Feb 28 16:00:40 2014 +0400
+# Node ID 72a544aeb89217020b60c10fe167e2567fea3460
+# Parent  9747f83d7a38205a4a26008ee767fd161e1856c2
+8035893: JVM_GetVersionInfo fails to zero structure
+Reviewed-by: sla, zgu
+
+diff -r 9747f83d7a38 -r 72a544aeb892 src/share/vm/prims/jvm.cpp
+--- openjdk/hotspot/src/share/vm/prims/jvm.cpp	Fri Mar 21 20:57:28 2014 +0000
++++ openjdk/hotspot/src/share/vm/prims/jvm.cpp	Fri Feb 28 16:00:40 2014 +0400
+@@ -4534,7 +4534,7 @@
+ 
+ JVM_ENTRY(void, JVM_GetVersionInfo(JNIEnv* env, jvm_version_info* info, size_t info_size))
+ {
+-  memset(info, 0, sizeof(info_size));
++  memset(info, 0, info_size);
+ 
+   info->jvm_version = Abstract_VM_Version::jvm_version();
+   info->update_version = 0;          /* 0 in HotSpot Express VM */
diff -r 8796f8cdd621 -r 9408a82b3d19 patches/openjdk/oj6-29-jdk_version_info_zeroing.patch
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/patches/openjdk/oj6-29-jdk_version_info_zeroing.patch	Wed Mar 26 06:34:03 2014 +0000
@@ -0,0 +1,21 @@
+# HG changeset patch
+# User aph
+# Date 1393513709 0
+#      Thu Feb 27 15:08:29 2014 +0000
+# Node ID 04e4c3ec6516727f01f91a9ce8cb72586a3bc502
+# Parent  942d4ba93be74b1c401d6532f116da80f5466303
+OPENJDK6-29: JDK fails to zero jdk_version_info correctly
+Reviewed-by: andrew
+
+diff -r 942d4ba93be7 -r 04e4c3ec6516 src/share/native/common/jdk_util.c
+--- openjdk/jdk/src/share/native/common/jdk_util.c	Wed Feb 26 18:06:02 2014 +0000
++++ openjdk/jdk/src/share/native/common/jdk_util.c	Thu Feb 27 15:08:29 2014 +0000
+@@ -76,7 +76,7 @@
+     }
+ 
+ 
+-    memset(info, 0, sizeof(info_size));
++    memset(info, 0, info_size);
+     info->jdk_version = ((jdk_major_version & 0xFF) << 24) |
+                         ((jdk_minor_version & 0xFF) << 16) |
+                         ((jdk_micro_version & 0xFF) << 8)  |

From bugzilla-daemon at icedtea.classpath.org  Wed Mar 26 12:54:33 2014
From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org)
Date: Wed, 26 Mar 2014 12:54:33 +0000
Subject: [Bug 1714] [IcedTea6] Update PaX support to detect running PaX
	kernel and use newer tools
In-Reply-To: <bug-1714-30@http.icedtea.classpath.org/bugzilla/>
References: <bug-1714-30@http.icedtea.classpath.org/bugzilla/>
Message-ID: <bug-1714-30-uQLdoZabti@http.icedtea.classpath.org/bugzilla/>

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1714

--- Comment #2 from hg commits <mercurial at icedtea.classpath.org> ---
details:
http://icedtea.classpath.org//hg/release/icedtea6-1.13?cmd=changeset;node=fad7f1e7be70
author: Andrew John Hughes <gnu.andrew at redhat.com>
date: Wed Mar 26 05:05:39 2014 +0000

    PR1714: Update PaX support to detect running PaX kernel and use newer tools

    2014-03-25  Andrew John Hughes  <gnu.andrew at member.fsf.org>

        PR1714: Update PaX support to detect running PaX
        kernel and use newer tools
        * Makefile.am:
        (add-archive): Depend on pax-mark-vm as the target executes java.
        (add-archive-debug): Likewise with pax-mark-vm-debug.
        (check-crypto): Depend on pax-mark-vm as the target executes java.
        (check-crypto-debug): Likewise with pax-mark-vm-debug.
        (add-archive-ecj): Depend on pax-mark-vm-ecj as the target executes
java.
        (check-crypto-boot): Likewise.
        * NEWS: Updated.
        * acinclude.m4:
        (IT_HAS_PAX): New macro to detect whether the running
        kernel uses PaX.
        (IT_WITH_PAX): Rewritten to search for PaX tools -
        currently paxmark.sh, paxctl-ng, chpax and paxctl -
        and fail if a tool isn't found and a PaX kernel is
        being used.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140326/c0f22f67/attachment-0001.html>

From bugzilla-daemon at icedtea.classpath.org  Wed Mar 26 12:54:43 2014
From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org)
Date: Wed, 26 Mar 2014 12:54:43 +0000
Subject: [Bug 1712] [IcedTea6] Allow -Werror to be turned off in the HotSpot
	build
In-Reply-To: <bug-1712-30@http.icedtea.classpath.org/bugzilla/>
References: <bug-1712-30@http.icedtea.classpath.org/bugzilla/>
Message-ID: <bug-1712-30-hIWmp4k3Vy@http.icedtea.classpath.org/bugzilla/>

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1712

--- Comment #2 from hg commits <mercurial at icedtea.classpath.org> ---
details:
http://icedtea.classpath.org//hg/release/icedtea6-1.13?cmd=changeset;node=aea5755bef42
author: Andrew John Hughes <gnu.andrew at redhat.com>
date: Thu Mar 20 02:06:20 2014 +0000

    PR1712: Allow -Werror to be turned off in the HotSpot build

    2012-08-16  Andrew John Hughes  <gnu_andrew at member.fsf.org>

        PR1712: Allow -Werror to be turned off in the
        HotSpot build
        * Makefile.am:
        (WERROR_STATUS): Set to true or false
        depending on if ENABLE_WERROR is set or not.
        (ICEDTEA_ENV): Use WERROR_STATUS to set
        COMPILER_WARNINGS_FATAL.
        * acinclude.m4:
        (IT_ENABLE_WERROR): New macro to enable -Werror.
        This is disabled by default.
        * configure.ac: Call IT_ENABLE_WERROR.
        * NEWS: Updated.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140326/f427faac/attachment.html>

From bugzilla-daemon at icedtea.classpath.org  Wed Mar 26 13:11:40 2014
From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org)
Date: Wed, 26 Mar 2014 13:11:40 +0000
Subject: [Bug 1724] New: JDK-8035893
Message-ID: <bug-1724-30@http.icedtea.classpath.org/bugzilla/>

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1724

            Bug ID: 1724
           Summary: JDK-8035893
           Product: IcedTea
           Version: 6-hg
          Hardware: x86_64
                OS: Linux
            Status: NEW
          Severity: enhancement
          Priority: P5
         Component: IcedTea
          Assignee: gnu.andrew at redhat.com
          Reporter: jamie at ubuntu.com
                CC: unassigned at icedtea.classpath.org

In Ubuntu icedtea 1.13.1 introduced a regression:
https://bugs.launchpad.net/ubuntu/+source/openjdk-6/+bug/1295987

It is believed that the underlying issue is:
https://bugs.openjdk.java.net/browse/JDK-6989972

which was backported as OPENJDK6-29. However, there is a related issue in
hotspot:
https://bugs.openjdk.java.net/browse/JDK-8035893

AFAICS, this was only updated in jd9:
http://hg.openjdk.java.net/jdk9/jdk9/hotspot/raw-rev/cd30121047ac

I haven't reproduced the error condition itself, but the patch to memset is the
same, so it seems like this should be backported to OPENJDK6 (and maybe
OPENJDK7, I didn't check).

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140326/f2a03cc5/attachment.html>

From bugzilla-daemon at icedtea.classpath.org  Wed Mar 26 13:26:50 2014
From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org)
Date: Wed, 26 Mar 2014 13:26:50 +0000
Subject: [Bug 1724] JDK-8035893
In-Reply-To: <bug-1724-30@http.icedtea.classpath.org/bugzilla/>
References: <bug-1724-30@http.icedtea.classpath.org/bugzilla/>
Message-ID: <bug-1724-30-BlWfcdn5iH@http.icedtea.classpath.org/bugzilla/>

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1724

Andrew John Hughes <gnu.andrew at redhat.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |RESOLVED
         Resolution|---                         |FIXED
   Target Milestone|---                         |6-1.13.2
           Severity|enhancement                 |normal

--- Comment #1 from Andrew John Hughes <gnu.andrew at redhat.com> ---
Both are in HEAD and the 1.13 branch:

http://icedtea.classpath.org/hg/release/icedtea6-1.13/rev/9408a82b3d19

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140326/3282b493/attachment.html>

From aazores at redhat.com  Wed Mar 26 14:03:50 2014
From: aazores at redhat.com (Andrew Azores)
Date: Wed, 26 Mar 2014 10:03:50 -0400
Subject: [rfc][icedtea-web][policyeditor] Reflection and Exec permissions
In-Reply-To: <53329892.30105@redhat.com>
References: <53309014.8040801@redhat.com> <53314CC6.8020901@redhat.com>
	<533186F7.2040109@redhat.com> <5331D1AC.7060109@redhat.com>
	<5331DA51.80604@redhat.com> <53329892.30105@redhat.com>
Message-ID: <5332DE46.4020009@redhat.com>

On 03/26/2014 05:06 AM, Jiri Vanek wrote:
> On 03/25/2014 08:34 PM, Andrew Azores wrote:
>> On 03/25/2014 02:57 PM, Jiri Vanek wrote:
>>> On 03/25/2014 02:39 PM, Andrew Azores wrote:
>>>> On 03/25/2014 05:30 AM, Jiri Vanek wrote:
>>>>> On 03/24/2014 09:05 PM, Andrew Azores wrote:
>>>>>> Hi,
>>>>>>
>>>>>> This patch just adds Reflection and Exec permission options to 
>>>>>> PolicyEditor.
>>>>>>
>>>>>> Thanks,
>>>>>>
>>>>>
>>>>> Looks good. Just not sure if it is enough:
>>>>>
>>>>> eg:
>>>>> java.lang.NullPointerException
>>>>> at geogebra.i.x.a(Unknown Source)
>>>>> at geogebra.gui.a.a.a(Unknown Source)
>>>>> at geogebra.gui.a.a.a(Unknown Source)
>>>>> at geogebra.GeoGebra.a(Unknown Source)
>>>>> at geogebra.GeoGebra.a(Unknown Source)
>>>>> at geogebra.GeoGebra.main(Unknown Source)
>>>>> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
>>>>> at 
>>>>> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
>>>>> at 
>>>>> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
>>>>> at java.lang.reflect.Method.invoke(Method.java:616)
>>>>> at net.sourceforge.jnlp.Launcher.launchApplication(Launcher.java:571)
>>>>> at net.sourceforge.jnlp.Launcher$TgThread.run(Launcher.java:911)
>>>>>
>>>>> I think he class for name is not allowed by your permission.
>>>>
>>>> Aha! Thanks for catching this. [0] suggests there's only one 
>>>> permission needed for reflection,
>>>> but [1] proves otherwise (and makes sense).
>>>>
>>>
>>> Hmm still the same exception. It is geogebra which is causing this.
>>
>> Do you have exact reproduction steps?
>
> yes, lunch geogebra from our testcases and sue any sandbox combination 
> :) - or try to tune it to run:)
>

Ah I see, it's failing as soon as it starts basically. Maybe I should 
have tried before asking for detailed steps ;)

Why do you think it's being denied on a classForName call though? Not 
saying it isn't, but I don't see what indicates that in particular? 
According to the docs for Class.forName, the permission required is a 
RuntimePermission with "getClassLoader" target and no actions, and 
that's what the Get ClassLoader permission in PolicyEditor is granting. 
I mean, the NPE is happening somewhere after some GUI package stuff is 
going on apparently, so how do we know it isn't a missing AWT permission 
instead? Maybe there should be a catch-all AWT permission available as 
well, actually, even if that isn't the problem here.

Thanks,

-- 
Andrew A


From jvanek at redhat.com  Wed Mar 26 14:17:24 2014
From: jvanek at redhat.com (Jiri Vanek)
Date: Wed, 26 Mar 2014 15:17:24 +0100
Subject: [rfc][icedtea-web][policyeditor] Reflection and Exec permissions
In-Reply-To: <5332DE46.4020009@redhat.com>
References: <53309014.8040801@redhat.com> <53314CC6.8020901@redhat.com>
	<533186F7.2040109@redhat.com> <5331D1AC.7060109@redhat.com>
	<5331DA51.80604@redhat.com> <53329892.30105@redhat.com>
	<5332DE46.4020009@redhat.com>
Message-ID: <5332E174.8090903@redhat.com>

On 03/26/2014 03:03 PM, Andrew Azores wrote:
> On 03/26/2014 05:06 AM, Jiri Vanek wrote:
>> On 03/25/2014 08:34 PM, Andrew Azores wrote:
>>> On 03/25/2014 02:57 PM, Jiri Vanek wrote:
>>>> On 03/25/2014 02:39 PM, Andrew Azores wrote:
>>>>> On 03/25/2014 05:30 AM, Jiri Vanek wrote:
>>>>>> On 03/24/2014 09:05 PM, Andrew Azores wrote:
>>>>>>> Hi,
>>>>>>>
>>>>>>> This patch just adds Reflection and Exec permission options to PolicyEditor.
>>>>>>>
>>>>>>> Thanks,
>>>>>>>
>>>>>>
>>>>>> Looks good. Just not sure if it is enough:
>>>>>>
>>>>>> eg:
>>>>>> java.lang.NullPointerException
>>>>>> at geogebra.i.x.a(Unknown Source)
>>>>>> at geogebra.gui.a.a.a(Unknown Source)
>>>>>> at geogebra.gui.a.a.a(Unknown Source)
>>>>>> at geogebra.GeoGebra.a(Unknown Source)
>>>>>> at geogebra.GeoGebra.a(Unknown Source)
>>>>>> at geogebra.GeoGebra.main(Unknown Source)
>>>>>> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
>>>>>> at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
>>>>>> at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
>>>>>> at java.lang.reflect.Method.invoke(Method.java:616)
>>>>>> at net.sourceforge.jnlp.Launcher.launchApplication(Launcher.java:571)
>>>>>> at net.sourceforge.jnlp.Launcher$TgThread.run(Launcher.java:911)
>>>>>>
>>>>>> I think he class for name is not allowed by your permission.
>>>>>
>>>>> Aha! Thanks for catching this. [0] suggests there's only one permission needed for reflection,
>>>>> but [1] proves otherwise (and makes sense).
>>>>>
>>>>
>>>> Hmm still the same exception. It is geogebra which is causing this.
>>>
>>> Do you have exact reproduction steps?
>>
>> yes, lunch geogebra from our testcases and sue any sandbox combination :) - or try to tune it to
>> run:)
>>
>
> Ah I see, it's failing as soon as it starts basically. Maybe I should have tried before asking for
> detailed steps ;)
>
> Why do you think it's being denied on a classForName call though? Not saying it isn't, but I don't
> see what indicates that in particular? According to the docs for Class.forName, the permission
> required is a RuntimePermission with "getClassLoader" target and no actions, and that's what the Get
> ClassLoader permission in PolicyEditor is granting. I mean, the NPE is happening somewhere after
> some GUI package stuff is going on apparently, so how do we know it isn't a missing AWT permission
> instead? Maybe there should be a catch-all AWT permission available as well, actually, even if that
> isn't the problem here.
>
I was trying all current pemissions in polici editor (with this patch included) .Non made geogebra 
run :(


Anyway I dont know what is causing to fail. If you dont know, then ok to push.


From aazores at redhat.com  Wed Mar 26 13:40:09 2014
From: aazores at redhat.com (Andrew Azores)
Date: Wed, 26 Mar 2014 09:40:09 -0400
Subject: [rfc][icedtea-web] minor properties fix
In-Reply-To: <53329831.4070502@redhat.com>
References: <53329831.4070502@redhat.com>
Message-ID: <5332D8B9.1050409@redhat.com>

On 03/26/2014 05:04 AM, Jiri Vanek wrote:
> 2014-03-26 Jiri Vanek  <jvanek at redhat.com>
>
>     * 
> /netx/net/sourceforge/jnlp/runtime/ManifestAttributesChecker.java: 
> (checkTrustedOnlyAttribute)
>     hardocded strings for signedMsg moved to properties.
>     * /netx/net/sourceforge/jnlp/resources/Messages.propertie: Added 
> (STOAsignedMsgFully)
>     (STOAsignedMsgAndSandbox) (STOAsignedMsgPartiall) keys

Okay to push.

Thanks,

-- 
Andrew A


From aazores at icedtea.classpath.org  Wed Mar 26 14:45:54 2014
From: aazores at icedtea.classpath.org (aazores at icedtea.classpath.org)
Date: Wed, 26 Mar 2014 14:45:54 +0000
Subject: /hg/icedtea-web: Added many new permissions for PolicyEditor
Message-ID: <hg.689447c4d6bd.1395845154.8643924302249223276@icedtea.classpath.org>

changeset 689447c4d6bd in /hg/icedtea-web
details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=689447c4d6bd
author: Andrew Azores <aazores at redhat.com>
date: Wed Mar 26 10:45:46 2014 -0400

	Added many new permissions for PolicyEditor

	* netx/net/sourceforge/jnlp/resources/Messages.properties: (PEWriteProps,
	PEWritePropsDetail, PEWriteSystemFiles, PEWriteSystemFilesDetail,
	PEAWTPermission, PEAWTPermissionDetail, PERecordAudio,
	PERecordAudioDetail, PEReflection, PEReflectionDetail, PEClassLoader,
	PEClassLoaderDetail, PEClassInPackage, PEClassInPackageDetail,
	PEDeclaredMembers, PEDeclaredMembersDetail, PEExec, PEExecDetail,
	PEGetEnv, PEGetEnvDetail): new messages. (PEAudio, PEAudioDetail) renamed
	to PEPlayAudio{,Detail}.
	* netx/net/sourceforge/jnlp/security/policyeditor/PermissionActions.java:
	(EXECUTE) new action
	* netx/net/sourceforge/jnlp/security/policyeditor/PermissionTarget.java:
	(ALL_FILES, RECORD, REFLECT, GETENV, ACCESS_CLASS_IN_PACKAGE,
	DECLARED_MEMBERS, CLASSLOADER) new targets
	* netx/net/sourceforge/jnlp/security/policyeditor/PermissionType.java:
	(REFLECT_PERMISSION) new type
	* netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditorPermissions.java:
	(WRITE_PROPERTIES, WRITE_SYSTEM_FILES, JAVA_REFLECTION, GET_CLASSLOADER,
	ACCESS_CLASS_IN_PACKAGE, ACCESS_DECLARED_MEMBERS, EXEC_COMMANDS, GET_ENV,
	ALL_AWT, RECORD_AUDIO) new permissions. (AUDIO) renamed PLAY_AUDIO.


diffstat:

 ChangeLog                                                                    |  23 +++++
 netx/net/sourceforge/jnlp/resources/Messages.properties                      |  24 +++++-
 netx/net/sourceforge/jnlp/security/policyeditor/PermissionActions.java       |   1 +
 netx/net/sourceforge/jnlp/security/policyeditor/PermissionTarget.java        |  11 ++-
 netx/net/sourceforge/jnlp/security/policyeditor/PermissionType.java          |   3 +-
 netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditorPermissions.java |  44 ++++++++-
 6 files changed, 94 insertions(+), 12 deletions(-)

diffs (197 lines):

diff -r d0069afaeaff -r 689447c4d6bd ChangeLog
--- a/ChangeLog	Mon Mar 24 14:16:20 2014 -0400
+++ b/ChangeLog	Wed Mar 26 10:45:46 2014 -0400
@@ -1,3 +1,26 @@
+2014-03-26  Andrew Azores  <aazores at redhat.com>
+
+	Added many new permissions for PolicyEditor
+	* netx/net/sourceforge/jnlp/resources/Messages.properties: (PEWriteProps,
+	PEWritePropsDetail, PEWriteSystemFiles, PEWriteSystemFilesDetail,
+	PEAWTPermission, PEAWTPermissionDetail, PERecordAudio,
+	PERecordAudioDetail, PEReflection, PEReflectionDetail, PEClassLoader,
+	PEClassLoaderDetail, PEClassInPackage, PEClassInPackageDetail,
+	PEDeclaredMembers, PEDeclaredMembersDetail, PEExec, PEExecDetail,
+	PEGetEnv, PEGetEnvDetail): new messages. (PEAudio, PEAudioDetail) renamed
+	to PEPlayAudio{,Detail}.
+	* netx/net/sourceforge/jnlp/security/policyeditor/PermissionActions.java:
+	(EXECUTE) new action
+	* netx/net/sourceforge/jnlp/security/policyeditor/PermissionTarget.java:
+	(ALL_FILES, RECORD, REFLECT, GETENV, ACCESS_CLASS_IN_PACKAGE,
+	DECLARED_MEMBERS, CLASSLOADER) new targets
+	* netx/net/sourceforge/jnlp/security/policyeditor/PermissionType.java:
+	(REFLECT_PERMISSION) new type
+	* netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditorPermissions.java:
+	(WRITE_PROPERTIES, WRITE_SYSTEM_FILES, JAVA_REFLECTION, GET_CLASSLOADER,
+	ACCESS_CLASS_IN_PACKAGE, ACCESS_DECLARED_MEMBERS, EXEC_COMMANDS, GET_ENV,
+	ALL_AWT, RECORD_AUDIO) new permissions. (AUDIO) renamed PLAY_AUDIO.
+
 2014-03-24  Andrew Azores  <aazores at redhat.com>
 
 	* netx/net/sourceforge/jnlp/runtime/ManifestsAttributesValidator.java:
diff -r d0069afaeaff -r 689447c4d6bd netx/net/sourceforge/jnlp/resources/Messages.properties
--- a/netx/net/sourceforge/jnlp/resources/Messages.properties	Mon Mar 24 14:16:20 2014 -0400
+++ b/netx/net/sourceforge/jnlp/resources/Messages.properties	Wed Mar 26 10:45:46 2014 -0400
@@ -492,24 +492,44 @@
 PETitle=Policy Editor
 PEReadProps=Read system properties
 PEReadPropsDetail=Allow applets to read system properties such as your username and home directory location
+PEWriteProps=Write system properties
+PEWritePropsDetail=Allow applets to (over)write system properties
 PEReadFiles=Read from local files
 PEReadFilesDetail=Allow applets to read from files in your home directory
 PEWriteFiles=Write to local files
 PEWriteFilesDetail=Allow applets to write to files in your home directory
 PEReadSystemFiles=Read all system files
 PEReadSystemFilesDetail=Allow applets read-only access to all locations on your computer
+PEWriteSystemFiles=Write all system files
+PEWriteSystemFilesDetail=Allow applets write-only access to all locations on your computer
 PEReadTempFiles=Read from temp files
 PEReadTempFilesDetail=Allow applets to read from your temporary files directory
 PEWriteTempFiles=Write to temp files
 PEWriteTempFilesDetail=Allow applets to write to your temporary files directory
+PEAWTPermission=Window System Access
+PEAWTPermissionDetail=Allow applets all AWT windowing system access
 PEClipboard=Access clipboard
 PEClipboardDetail=Allow applets to read from and write to your clipboard
 PENetwork=Access the network
 PENetworkDetail=Allow applets to establish any network connections
 PEPrint=Print documents
 PEPrintDetail=Allow applets to queue print jobs
-PEAudio=Play sounds
-PEAudioDetail=Allow applets to play sounds, but not record
+PEPlayAudio=Play sounds
+PEPlayAudioDetail=Allow applets to play sounds, but not record
+PERecordAudio=Record audio
+PERecordAudioDetail=Allow applets to record audio, but not play back
+PEReflection=Java reflection
+PEReflectionDetail=Allow applets to access the Java Reflection API
+PEClassLoader=Get ClassLoader
+PEClassLoaderDetail=Allow applets to access the system classloader (often used with Reflection)
+PEClassInPackage=Access other packages
+PEClassInPackageDetail=Allow applets to access classes from other applet packages (often used with Reflection)
+PEDeclaredMembers=Access private class data
+PEDeclaredMembersDetail=Allow applets to access normally hidden data from other Java classes (often used with Reflection)
+PEExec=Execute commands
+PEExecDetail=Allow applets to execute system commands
+PEGetEnv=Get environment variables
+PEGetEnvDetail=Allow applets to read system environment variables
 PECouldNotOpen=Unable to open policy file
 PECouldNotSave=Unable to save policy file
 PEAddCodebase=Add new Codebase
diff -r d0069afaeaff -r 689447c4d6bd netx/net/sourceforge/jnlp/security/policyeditor/PermissionActions.java
--- a/netx/net/sourceforge/jnlp/security/policyeditor/PermissionActions.java	Mon Mar 24 14:16:20 2014 -0400
+++ b/netx/net/sourceforge/jnlp/security/policyeditor/PermissionActions.java	Wed Mar 26 10:45:46 2014 -0400
@@ -49,6 +49,7 @@
     NONE(""),
     READ("read"),
     WRITE("write"),
+    EXECUTE("execute"),
     ACCEPT("accept"),
     LISTEN("listen"),
     CONNECT("connect"),
diff -r d0069afaeaff -r 689447c4d6bd netx/net/sourceforge/jnlp/security/policyeditor/PermissionTarget.java
--- a/netx/net/sourceforge/jnlp/security/policyeditor/PermissionTarget.java	Mon Mar 24 14:16:20 2014 -0400
+++ b/netx/net/sourceforge/jnlp/security/policyeditor/PermissionTarget.java	Wed Mar 26 10:45:46 2014 -0400
@@ -41,13 +41,20 @@
  */
 public enum PermissionTarget {
 
-	NONE(""),
+    NONE(""),
     ALL("*"),
+    ALL_FILES("<<ALL FILES>>"),
     USER_HOME("${user.home}${/}*"),
     TMPDIR("${java.io.tmpdir}${/}*"),
     CLIPBOARD("accessClipboard"),
     PRINT("queuePrintJob"),
-    PLAY("play");
+    PLAY("play"),
+    RECORD("record"),
+    REFLECT("suppressAccessChecks"),
+    GETENV("getenv.*"),
+    ACCESS_CLASS_IN_PACKAGE("accessClassInPackage.*"),
+    DECLARED_MEMBERS("accessDeclaredMembers"),
+    CLASSLOADER("getClassLoader");
 
     public final String target;
 
diff -r d0069afaeaff -r 689447c4d6bd netx/net/sourceforge/jnlp/security/policyeditor/PermissionType.java
--- a/netx/net/sourceforge/jnlp/security/policyeditor/PermissionType.java	Mon Mar 24 14:16:20 2014 -0400
+++ b/netx/net/sourceforge/jnlp/security/policyeditor/PermissionType.java	Wed Mar 26 10:45:46 2014 -0400
@@ -47,7 +47,8 @@
     AWT_PERMISSION("java.awt.AWTPermission"),
     SOCKET_PERMISSION("java.net.SocketPermission"),
     RUNTIME_PERMISSION("java.lang.RuntimePermission"),
-    AUDIO_PERMISSION("javax.sound.sampled.AudioPermission");
+    AUDIO_PERMISSION("javax.sound.sampled.AudioPermission"),
+    REFLECT_PERMISSION("java.lang.reflect.ReflectPermission");
 
     public final String type;
 
diff -r d0069afaeaff -r 689447c4d6bd netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditorPermissions.java
--- a/netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditorPermissions.java	Mon Mar 24 14:16:20 2014 -0400
+++ b/netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditorPermissions.java	Wed Mar 26 10:45:46 2014 -0400
@@ -56,8 +56,14 @@
     READ_PROPERTIES(R("PEReadProps"), R("PEReadPropsDetail"),
             PermissionType.PROPERTY_PERMISSION, PermissionTarget.ALL, PermissionActions.READ),
 
+    WRITE_PROPERTIES(R("PEWriteProps"), R("PEWritePropsDetail"),
+            PermissionType.PROPERTY_PERMISSION, PermissionTarget.ALL, PermissionActions.WRITE),
+
     READ_SYSTEM_FILES(R("PEReadSystemFiles"), R("PEReadSystemFilesDetail"),
-            PermissionType.FILE_PERMISSION, PermissionTarget.ALL, PermissionActions.READ),
+            PermissionType.FILE_PERMISSION, PermissionTarget.ALL_FILES, PermissionActions.READ),
+
+    WRITE_SYSTEM_FILES(R("PEWriteSystemFiles"), R("PEWriteSystemFilesDetail"),
+            PermissionType.FILE_PERMISSION, PermissionTarget.ALL_FILES, PermissionActions.WRITE),
 
     READ_TMP_FILES(R("PEReadTempFiles"), R("PEReadTempFilesDetail"),
             PermissionType.FILE_PERMISSION, PermissionTarget.TMPDIR, PermissionActions.READ),
@@ -65,17 +71,41 @@
     WRITE_TMP_FILES(R("PEWriteTempFiles"), R("PEWriteTempFilesDetail"),
             PermissionType.FILE_PERMISSION, PermissionTarget.TMPDIR, PermissionActions.WRITE),
 
-    CLIPBOARD(R("PEClipboard"), R("PEClipboardDetail"),
-            PermissionType.AWT_PERMISSION, PermissionTarget.CLIPBOARD, PermissionActions.NONE),
+    JAVA_REFLECTION(R("PEReflection"), R("PEReflectionDetail"),
+            PermissionType.REFLECT_PERMISSION, PermissionTarget.REFLECT, PermissionActions.NONE),
+
+    GET_CLASSLOADER(R("PEClassLoader"), R("PEClassLoaderDetail"),
+            PermissionType.RUNTIME_PERMISSION, PermissionTarget.CLASSLOADER, PermissionActions.NONE),
+
+    ACCESS_CLASS_IN_PACKAGE(R("PEClassInPackage"), R("PEClassInPackageDetail"),
+            PermissionType.RUNTIME_PERMISSION, PermissionTarget.ACCESS_CLASS_IN_PACKAGE, PermissionActions.NONE),
+
+    ACCESS_DECLARED_MEMBERS(R("PEDeclaredMembers"), R("PEDeclaredMembersDetail"),
+            PermissionType.RUNTIME_PERMISSION, PermissionTarget.DECLARED_MEMBERS, PermissionActions.NONE),
 
     NETWORK(R("PENetwork"), R("PENetworkDetail"),
             PermissionType.SOCKET_PERMISSION, PermissionTarget.ALL, PermissionActions.NETALL),
 
+    EXEC_COMMANDS(R("PEExec"), R("PEExecDetail"),
+            PermissionType.FILE_PERMISSION, PermissionTarget.ALL_FILES, PermissionActions.EXECUTE),
+
+    GET_ENV(R("PEGetEnv"), R("PEGetEnvDetail"),
+            PermissionType.RUNTIME_PERMISSION, PermissionTarget.GETENV, PermissionActions.NONE),
+
+    ALL_AWT(R("PEAWTPermission"), R("PEAWTPermissionDetail"),
+            PermissionType.AWT_PERMISSION, PermissionTarget.ALL, PermissionActions.NONE),
+
+    CLIPBOARD(R("PEClipboard"), R("PEClipboardDetail"),
+            PermissionType.AWT_PERMISSION, PermissionTarget.CLIPBOARD, PermissionActions.NONE),
+
+    PLAY_AUDIO(R("PEPlayAudio"), R("PEPlayAudioDetail"),
+            PermissionType.AUDIO_PERMISSION, PermissionTarget.PLAY, PermissionActions.NONE),
+
+    RECORD_AUDIO(R("PERecordAudio"), R("PERecordAudioDetail"),
+            PermissionType.AUDIO_PERMISSION, PermissionTarget.RECORD, PermissionActions.NONE),
+
     PRINT(R("PEPrint"), R("PEPrintDetail"),
-            PermissionType.RUNTIME_PERMISSION, PermissionTarget.PRINT, PermissionActions.NONE),
-
-    AUDIO(R("PEAudio"), R("PEAudioDetail"),
-            PermissionType.AUDIO_PERMISSION, PermissionTarget.PLAY, PermissionActions.NONE);
+            PermissionType.RUNTIME_PERMISSION, PermissionTarget.PRINT, PermissionActions.NONE);
 
     private final String name, description;
     private final PermissionType type;

From aazores at redhat.com  Wed Mar 26 14:48:22 2014
From: aazores at redhat.com (Andrew Azores)
Date: Wed, 26 Mar 2014 10:48:22 -0400
Subject: [rfc][icedtea-web][policyeditor] Modal PolicyEditor
In-Reply-To: <5332BA7D.5070300@redhat.com>
References: <53305AD0.4020601@redhat.com> <53305BDD.9010204@redhat.com>
	<533097F8.9090509@redhat.com> <533150B2.8030008@redhat.com>
	<53318D53.3070502@redhat.com> <5331D3EF.7080407@redhat.com>
	<5331E17E.5070302@redhat.com> <5332BA7D.5070300@redhat.com>
Message-ID: <5332E8B6.1050605@redhat.com>

On 03/26/2014 07:31 AM, Jiri Vanek wrote:
> I think we misunderstood a bit.
>
> Attached is an patch doing what I wonted.
>
> It is defining interface (I wish it could be an class! :) ) common to 
> both  PolicyEditorFrame and PolicyEditorDialog.
>
> It become quite verbose, but its cleaner.
>
>
> It is fixing one mayor bug:
> You had     public static class PolicyEditorFrame extends JDialog {
> So I fixed it to    public static class PolicyEditorFrame extends 
> JFrame {
>
> And making the two constructors I wont private.
> I really don't know where we miscommunicated:))
>
> Also it is removing unnecessary    private final Window parentWindow 
> by fixing the signature of methods which were using from incorrect 
> window, to correct component.
>
>
> Otherwise it is same. If  you can survive my Interface, You can push.
> If not (and I agree it is maybe nuclear shot to kill a pigeon.. really 
> maybe to much verbose) then please one last round. But keep your 
> version :
>  - with two private constructors
>  - without aprent variable
>  - and without duplicate code.
>
>
> Sorry for my probably wrong explanations during reviews :(
>
>
> J.

Wow, yes quite verbose. But it seems like a good enough solution. I'll 
push this then.

Thanks,

-- 
Andrew A


From aazores at icedtea.classpath.org  Wed Mar 26 15:02:11 2014
From: aazores at icedtea.classpath.org (aazores at icedtea.classpath.org)
Date: Wed, 26 Mar 2014 15:02:11 +0000
Subject: /hg/icedtea-web: PolicyEditor can be made modal.
Message-ID: <hg.fcb9dcf1c83c.1395846131.8643924302249223276@icedtea.classpath.org>

changeset fcb9dcf1c83c in /hg/icedtea-web
details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=fcb9dcf1c83c
author: Andrew Azores <aazores at redhat.com>
date: Wed Mar 26 11:02:00 2014 -0400

	PolicyEditor can be made modal.

	* netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java:
	(PolicyEditorWindow) new interface to facilitate PolicyEditor as a Window
	rather than Panel. (PolicyEditorFrame, PolicyEditorDialog)
	PolicyEditorWindow implementations. (getPolicyEditorFrame,
	getPolicyEditorWindow) new methods to get frame or dialog implementations.
	(setComponentMnemonic) made static. (preparePolicyEditorWindow) common
	setup for frame and dialog implementations.
	* netx/net/sourceforge/jnlp/controlpanel/PolicyPanel.java: refactor to use
	PolicyEditorWindow
	* netx/net/sourceforge/jnlp/security/dialogs/CertWarningPane.java:
	same
	* netx/net/sourceforge/jnlp/security/dialogs/apptrustwarningpanel/PartiallySignedAppTrustWarningPanel.java
	same
	* netx/net/sourceforge/jnlp/util/FileUtils.java: (showReadOnlyDialog,
	showCouldNotOpenFileDialog, showCouldNotOpenFilePathDialog,
	showCouldNotOpenDialog) use Component rather than JFrame


diffstat:

 ChangeLog                                                                                                |   22 +
 netx/net/sourceforge/jnlp/controlpanel/PolicyPanel.java                                                  |   14 +-
 netx/net/sourceforge/jnlp/security/dialogs/CertWarningPane.java                                          |   17 +-
 netx/net/sourceforge/jnlp/security/dialogs/apptrustwarningpanel/PartiallySignedAppTrustWarningPanel.java |   17 +-
 netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java                                        |  210 ++++++++-
 netx/net/sourceforge/jnlp/util/FileUtils.java                                                            |   11 +-
 6 files changed, 236 insertions(+), 55 deletions(-)

diffs (truncated from 581 to 500 lines):

diff -r 689447c4d6bd -r fcb9dcf1c83c ChangeLog
--- a/ChangeLog	Wed Mar 26 10:45:46 2014 -0400
+++ b/ChangeLog	Wed Mar 26 11:02:00 2014 -0400
@@ -1,3 +1,25 @@
+2014-03-26  Andrew Azores  <aazores at redhat.com>
+            Jiri Vanek  <jvanek at redhat.com>
+
+	PolicyEditor can be made modal.
+	* netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java:
+	(PolicyEditorWindow) new interface to facilitate PolicyEditor as a Window
+	rather than Panel. (PolicyEditorFrame, PolicyEditorDialog)
+	PolicyEditorWindow implementations. (getPolicyEditorFrame,
+	getPolicyEditorWindow) new methods to get frame or dialog implementations.
+	(setComponentMnemonic) made static. (preparePolicyEditorWindow) common
+	setup for frame and dialog implementations.
+	* netx/net/sourceforge/jnlp/controlpanel/PolicyPanel.java: refactor to use
+	PolicyEditorWindow
+	* netx/net/sourceforge/jnlp/security/dialogs/CertWarningPane.java:
+	same
+	* netx/net/sourceforge/jnlp/security/dialogs/apptrustwarningpanel/PartiallySignedAppTrustWarningPanel.java
+	same
+	* netx/net/sourceforge/jnlp/util/FileUtils.java: (showReadOnlyDialog,
+	showCouldNotOpenFileDialog, showCouldNotOpenFilePathDialog,
+	showCouldNotOpenDialog) use Component rather than JFrame
+
+
 2014-03-26  Andrew Azores  <aazores at redhat.com>
 
 	Added many new permissions for PolicyEditor
diff -r 689447c4d6bd -r fcb9dcf1c83c netx/net/sourceforge/jnlp/controlpanel/PolicyPanel.java
--- a/netx/net/sourceforge/jnlp/controlpanel/PolicyPanel.java	Wed Mar 26 10:45:46 2014 -0400
+++ b/netx/net/sourceforge/jnlp/controlpanel/PolicyPanel.java	Wed Mar 26 11:02:00 2014 -0400
@@ -54,12 +54,12 @@
 import javax.swing.JButton;
 import javax.swing.JFrame;
 import javax.swing.JLabel;
-import javax.swing.JOptionPane;
 import javax.swing.JTextField;
 import javax.swing.SwingUtilities;
 
 import net.sourceforge.jnlp.config.DeploymentConfiguration;
 import net.sourceforge.jnlp.security.policyeditor.PolicyEditor;
+import net.sourceforge.jnlp.security.policyeditor.PolicyEditor.PolicyEditorWindow;
 import net.sourceforge.jnlp.util.FileUtils;
 import net.sourceforge.jnlp.util.FileUtils.OpenFileResult;
 import net.sourceforge.jnlp.util.logging.OutputController;
@@ -72,7 +72,7 @@
  */
 public class PolicyPanel extends NamedBorderPanel {
 
-    private PolicyEditor policyEditor = null;
+    private PolicyEditorWindow policyEditor = null;
 
     public PolicyPanel(final JFrame frame, final DeploymentConfiguration config) {
         super(R("CPHeadPolicy"), new GridBagLayout());
@@ -161,12 +161,12 @@
      * @param filePath a {@link String} representing the path to the file to be opened
      */
     private void launchSimplePolicyEditor(final String filePath) {
-        if (policyEditor == null || policyEditor.isClosed()) {
-            policyEditor = PolicyEditor.createInstance(filePath);
-            policyEditor.setVisible(true);
+        if (policyEditor == null || policyEditor.getPolicyEditor().isClosed()) {
+            policyEditor = PolicyEditor.getPolicyEditorFrame(filePath);
+            policyEditor.asWindow().setVisible(true);
         } else {
-            policyEditor.toFront();
-            policyEditor.repaint();
+            policyEditor.asWindow().toFront();
+            policyEditor.asWindow().repaint();
         }
     }
 
diff -r 689447c4d6bd -r fcb9dcf1c83c netx/net/sourceforge/jnlp/security/dialogs/CertWarningPane.java
--- a/netx/net/sourceforge/jnlp/security/dialogs/CertWarningPane.java	Wed Mar 26 10:45:46 2014 -0400
+++ b/netx/net/sourceforge/jnlp/security/dialogs/CertWarningPane.java	Wed Mar 26 11:02:00 2014 -0400
@@ -41,6 +41,7 @@
 
 import java.awt.BorderLayout;
 import java.awt.Color;
+import java.awt.Dialog.ModalityType;
 import java.awt.Dimension;
 import java.awt.FlowLayout;
 import java.awt.Font;
@@ -84,6 +85,7 @@
 import net.sourceforge.jnlp.security.SecurityDialogs.AccessType;
 import net.sourceforge.jnlp.security.SecurityUtil;
 import net.sourceforge.jnlp.security.policyeditor.PolicyEditor;
+import net.sourceforge.jnlp.security.policyeditor.PolicyEditor.PolicyEditorWindow;
 import net.sourceforge.jnlp.util.FileUtils;
 import net.sourceforge.jnlp.util.logging.OutputController;
 
@@ -109,7 +111,7 @@
     private JButton run, sandbox, advancedOptions, cancel, moreInfo;
     private boolean alwaysTrustSelected;
     private String bottomLabelWarningText;
-    private PolicyEditor policyEditor = null;
+    private PolicyEditorWindow policyEditor = null;
 
     public CertWarningPane(SecurityDialog x, CertVerifier certVerifier, SecurityDelegate securityDelegate) {
         super(x, certVerifier);
@@ -330,14 +332,15 @@
                 filepath = null;
             }
 
-            if (policyEditor == null || policyEditor.isClosed()) {
-                policyEditor = PolicyEditor.createInstance(filepath);
+            if (policyEditor == null || policyEditor.getPolicyEditor().isClosed()) {
+                policyEditor = PolicyEditor.getPolicyEditorDialog(filepath);
             } else {
-                policyEditor.toFront();
-                policyEditor.repaint();
+                policyEditor.asWindow().toFront();
+                policyEditor.asWindow().repaint();
             }
-            policyEditor.addNewCodebase(file.getCodeBase().toString());
-            policyEditor.setVisible(true);
+            policyEditor.setModalityType(ModalityType.DOCUMENT_MODAL);
+            policyEditor.getPolicyEditor().addNewCodebase(file.getCodeBase().toString());
+            policyEditor.asWindow().setVisible(true);
             policyMenu.setVisible(false);
         }
     }
diff -r 689447c4d6bd -r fcb9dcf1c83c netx/net/sourceforge/jnlp/security/dialogs/apptrustwarningpanel/PartiallySignedAppTrustWarningPanel.java
--- a/netx/net/sourceforge/jnlp/security/dialogs/apptrustwarningpanel/PartiallySignedAppTrustWarningPanel.java	Wed Mar 26 10:45:46 2014 -0400
+++ b/netx/net/sourceforge/jnlp/security/dialogs/apptrustwarningpanel/PartiallySignedAppTrustWarningPanel.java	Wed Mar 26 11:02:00 2014 -0400
@@ -2,6 +2,7 @@
 
 import static net.sourceforge.jnlp.runtime.Translator.R;
 
+import java.awt.Dialog.ModalityType;
 import java.awt.event.ActionEvent;
 import java.awt.event.ActionListener;
 import java.awt.event.MouseEvent;
@@ -25,6 +26,7 @@
 import net.sourceforge.jnlp.security.appletextendedsecurity.ExecuteAppletAction;
 import net.sourceforge.jnlp.security.appletextendedsecurity.UnsignedAppletTrustConfirmation;
 import net.sourceforge.jnlp.security.policyeditor.PolicyEditor;
+import net.sourceforge.jnlp.security.policyeditor.PolicyEditor.PolicyEditorWindow;
 import net.sourceforge.jnlp.tools.CertInformation;
 import net.sourceforge.jnlp.tools.JarCertVerifier;
 
@@ -34,7 +36,7 @@
     private final JButton sandboxButton;
     private final JButton advancedOptionsButton;
     private final JPopupMenu policyMenu;
-    private PolicyEditor policyEditor = null;
+    private PolicyEditorWindow policyEditor = null;
 
     public PartiallySignedAppTrustWarningPanel(JNLPFile file, ActionChoiceListener actionChoiceListener, SecurityDialog securityDialog) {
         super(file, actionChoiceListener);
@@ -175,14 +177,15 @@
                 filepath = null;
             }
 
-            if (policyEditor == null || policyEditor.isClosed()) {
-                policyEditor = PolicyEditor.createInstance(filepath);
+            if (policyEditor == null || policyEditor.getPolicyEditor().isClosed()) {
+                policyEditor = PolicyEditor.getPolicyEditorDialog(filepath);
             } else {
-                policyEditor.toFront();
-                policyEditor.repaint();
+                policyEditor.asWindow().toFront();
+                policyEditor.asWindow().repaint();
             }
-            policyEditor.addNewCodebase(file.getCodeBase().toString());
-            policyEditor.setVisible(true);
+            policyEditor.setModalityType(ModalityType.DOCUMENT_MODAL);
+            policyEditor.getPolicyEditor().addNewCodebase(file.getCodeBase().toString());
+            policyEditor.asWindow().setVisible(true);
             policyMenu.setVisible(false);
         }
     }
diff -r 689447c4d6bd -r fcb9dcf1c83c netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java
--- a/netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java	Wed Mar 26 10:45:46 2014 -0400
+++ b/netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java	Wed Mar 26 11:02:00 2014 -0400
@@ -36,10 +36,12 @@
 
 package net.sourceforge.jnlp.security.policyeditor;
 
+import java.awt.Dialog.ModalityType;
 import static net.sourceforge.jnlp.runtime.Translator.R;
 
 import java.awt.GridBagConstraints;
 import java.awt.GridBagLayout;
+import java.awt.Window;
 import java.awt.event.ActionEvent;
 import java.awt.event.ActionListener;
 import java.awt.event.KeyEvent;
@@ -73,6 +75,7 @@
 import javax.swing.JButton;
 import javax.swing.JCheckBox;
 import javax.swing.JComponent;
+import javax.swing.JDialog;
 import javax.swing.JFileChooser;
 import javax.swing.JFrame;
 import javax.swing.JLabel;
@@ -81,7 +84,7 @@
 import javax.swing.JMenuBar;
 import javax.swing.JMenuItem;
 import javax.swing.JOptionPane;
-import javax.swing.JRootPane;
+import javax.swing.JPanel;
 import javax.swing.JScrollPane;
 import javax.swing.KeyStroke;
 import javax.swing.ListSelectionModel;
@@ -124,7 +127,7 @@
  * Comments will *not* be preserved when PolicyEditor next saves to the
  * file.
  */
-public class PolicyEditor extends JFrame {
+public class PolicyEditor extends JPanel {
 
     /**
      * Command line switch to print a help message.
@@ -161,7 +164,6 @@
     private final JList list = new JList(listModel);
     private final JButton okButton = new JButton(), closeButton = new JButton(),
             addCodebaseButton = new JButton(), removeCodebaseButton = new JButton();
-    private final JMenuBar menuBar = new JMenuBar();
     private final JFileChooser fileChooser;
     private CustomPolicyViewer cpViewer = null;
     private final WeakReference<PolicyEditor> weakThis = new WeakReference<PolicyEditor>(this);
@@ -295,19 +297,156 @@
         };
 
         setAccelerators();
-        setTitle(R("PETitle"));
 
         setupLayout();
         list.setSelectedIndex(0);
         updateCheckboxes("");
-        setDefaultCloseOperation(WindowConstants.DISPOSE_ON_CLOSE);
+    }
 
-        addWindowListener(new WindowAdapter() {
+    private static void preparePolicyEditorWindow(final PolicyEditorWindow w, PolicyEditor e) {
+        w.setModalityType(ModalityType.MODELESS); //at least some default
+        w.setPolicyEditor(e);
+        w.setTitle(R("PETitle"));
+        w.setDefaultCloseOperation(WindowConstants.DISPOSE_ON_CLOSE);
+        w.setJMenuBar(createMenuBar(w.asWindow(), w.getPolicyEditor()));
+        setupPolicyEditorWindow(w.asWindow(), w.getPolicyEditor());
+
+    }
+
+    private static void setupPolicyEditorWindow(final Window window, final PolicyEditor editor) {
+        window.add(editor);
+        window.pack();
+        editor.setVisible(true);
+
+        window.addWindowListener(new WindowAdapter() {
             @Override
             public void windowClosing(final WindowEvent e) {
-                quit();
+                editor.quit();
+                window.dispose();
             }
         });
+
+        editor.closeButton.addActionListener(new ActionListener() {
+            @Override
+            public void actionPerformed(final ActionEvent e) {
+                window.dispose();
+            }
+        });
+    }
+
+    public static interface PolicyEditorWindow {
+
+        public void setTitle(String s);
+
+        public void setDefaultCloseOperation(int i);
+
+        public PolicyEditor getPolicyEditor();
+
+        public void setPolicyEditor(PolicyEditor e);
+
+        public void setJMenuBar(JMenuBar menu);
+
+        public Window asWindow();
+
+        public void setModalityType(ModalityType modalityType);
+    }
+
+    private static class PolicyEditorFrame extends JFrame implements PolicyEditorWindow {
+
+        private PolicyEditor editor;
+
+        private PolicyEditorFrame(final PolicyEditor editor) {
+            super();
+            preparePolicyEditorWindow((PolicyEditorWindow)this, editor);
+        }
+
+        @Override
+        public final void setTitle(String title) {
+            super.setTitle(title);
+        }
+
+        @Override
+        public final PolicyEditor getPolicyEditor() {
+            return editor;
+        }
+
+        @Override
+        public final void setPolicyEditor(PolicyEditor e) {
+            editor = e;
+        }
+
+        @Override
+        public final void setDefaultCloseOperation(int operation) {
+            super.setDefaultCloseOperation(operation);
+        }
+
+        @Override
+        public final void setJMenuBar(JMenuBar menu) {
+            super.setJMenuBar(menu);
+        }
+
+        @Override
+        public final Window asWindow() {
+            return this;
+        }
+
+        @Override
+        public void setModalityType(ModalityType type) {
+            //no op for frame
+        }
+    }
+
+    public static PolicyEditorWindow getPolicyEditorFrame(final String filepath) {
+        return new PolicyEditorFrame(new PolicyEditor(filepath));
+    }
+
+    private static class PolicyEditorDialog extends JDialog implements PolicyEditorWindow {
+
+        private PolicyEditor editor;
+
+        private PolicyEditorDialog(final PolicyEditor editor) {
+            super();
+            preparePolicyEditorWindow((PolicyEditorWindow)this, editor);
+        }
+
+        @Override
+        public final void setTitle(String title) {
+            super.setTitle(title);
+        }
+
+        @Override
+        public final PolicyEditor getPolicyEditor() {
+            return editor;
+        }
+
+        @Override
+        public final void setPolicyEditor(PolicyEditor e) {
+            editor = e;
+        }
+
+        @Override
+        public final void setDefaultCloseOperation(int operation) {
+            super.setDefaultCloseOperation(operation);
+        }
+
+        @Override
+        public final void setJMenuBar(JMenuBar menu) {
+            super.setJMenuBar(menu);
+        }
+
+        @Override
+        public final Window asWindow() {
+            return this;
+        }
+
+        @Override
+        public void setModalityType(ModalityType type) {
+            super.setModalityType(type);
+        }
+    }
+
+    public static PolicyEditorWindow getPolicyEditorDialog(final String filepath) {
+        return new PolicyEditorDialog(new PolicyEditor(filepath));
     }
 
     private void setClosed() {
@@ -370,9 +509,8 @@
      */
     private void setAccelerator(final int trigger, final int modifiers, final Action action, final String identifier) {
         final KeyStroke key = KeyStroke.getKeyStroke(trigger, modifiers);
-        final JRootPane root = getRootPane();
-        root.getInputMap(JComponent.WHEN_IN_FOCUSED_WINDOW).put(key, identifier);
-        root.getActionMap().put(identifier, action);
+        this.getInputMap(JComponent.WHEN_IN_FOCUSED_WINDOW).put(key, identifier);
+        this.getActionMap().put(identifier, action);
     }
 
     /**
@@ -454,7 +592,6 @@
         }
         weakThis.clear();
         setClosed();
-        dispose();
     }
 
     /**
@@ -649,7 +786,7 @@
      * @param component the component for which to set a mnemonic
      * @param mnemonic the mnemonic to set
      */
-    private void setComponentMnemonic(final AbstractButton component, final String mnemonic) {
+    private static void setComponentMnemonic(final AbstractButton component, final String mnemonic) {
         final int trig;
         try {
             trig = Integer.parseInt(mnemonic);
@@ -660,45 +797,61 @@
         component.setMnemonic(trig);
     }
 
-    /**
-     * Lay out all controls, tooltips, etc.
-     */
-    private void setupLayout() {
+    private static JMenuBar createMenuBar(final Window window, final PolicyEditor editor) {
+        final JMenuBar menuBar = new JMenuBar();
+
         final JMenu fileMenu = new JMenu(R("PEFileMenu"));
         setComponentMnemonic(fileMenu, R("PEFileMenuMnemonic"));
+
         final JMenuItem openItem = new JMenuItem(R("PEOpenMenuItem"));
         setComponentMnemonic(openItem, R("PEOpenMenuItemMnemonic"));
         openItem.setAccelerator(KeyStroke.getKeyStroke(openItem.getMnemonic(), ActionEvent.CTRL_MASK));
-        openItem.addActionListener(openButtonAction);
+        openItem.addActionListener(editor.openButtonAction);
         fileMenu.add(openItem);
+
         final JMenuItem saveItem = new JMenuItem(R("PESaveMenuItem"));
         setComponentMnemonic(saveItem, R("PESaveMenuItemMnemonic"));
         saveItem.setAccelerator(KeyStroke.getKeyStroke(saveItem.getMnemonic(), ActionEvent.CTRL_MASK));
-        saveItem.addActionListener(okButtonAction);
+        saveItem.addActionListener(editor.okButtonAction);
         fileMenu.add(saveItem);
+
         final JMenuItem saveAsItem = new JMenuItem(R("PESaveAsMenuItem"));
         setComponentMnemonic(saveAsItem, R("PESaveAsMenuItemMnemonic"));
         saveAsItem.setAccelerator(KeyStroke.getKeyStroke(saveAsItem.getMnemonic(), ActionEvent.CTRL_MASK));
-        saveAsItem.addActionListener(saveAsButtonAction);
+        saveAsItem.addActionListener(editor.saveAsButtonAction);
         fileMenu.add(saveAsItem);
+
         final JMenuItem exitItem = new JMenuItem(R("PEExitMenuItem"));
         setComponentMnemonic(exitItem, R("PEExitMenuItemMnemonic"));
         exitItem.setAccelerator(KeyStroke.getKeyStroke(exitItem.getMnemonic(), ActionEvent.CTRL_MASK));
-        exitItem.addActionListener(closeButtonAction);
+        exitItem.addActionListener(editor.closeButtonAction);
+        exitItem.addActionListener(new ActionListener() {
+            @Override
+            public void actionPerformed(final ActionEvent e) {
+                window.dispose();
+            }
+        });
         fileMenu.add(exitItem);
         menuBar.add(fileMenu);
 
         final JMenu viewMenu = new JMenu(R("PEViewMenu"));
         setComponentMnemonic(viewMenu, R("PEViewMenuMnemonic"));
+
         final JMenuItem customPermissionsItem = new JMenuItem(R("PECustomPermissionsItem"));
         setComponentMnemonic(customPermissionsItem, R("PECustomPermissionsItemMnemonic"));
         customPermissionsItem.setAccelerator(KeyStroke.getKeyStroke(customPermissionsItem.getMnemonic(), ActionEvent.ALT_MASK));
-        customPermissionsItem.addActionListener(viewCustomButtonAction);
+        customPermissionsItem.addActionListener(editor.viewCustomButtonAction);
 
         viewMenu.add(customPermissionsItem);
         menuBar.add(viewMenu);
-        this.setJMenuBar(menuBar);
 
+        return menuBar;
+    }
+
+    /**
+     * Lay out all controls, tooltips, etc.
+     */
+    private void setupLayout() {
         final JLabel checkboxLabel = new JLabel();
         checkboxLabel.setText(R("PECheckboxLabel"));
         checkboxLabel.setBorder(new EmptyBorder(2, 2, 2, 2));
@@ -796,7 +949,6 @@
         add(closeButton, cancelButtonConstraints);
 
         setMinimumSize(getPreferredSize());
-        pack();
     }
 
     /**
@@ -979,10 +1131,10 @@
                 }
                 final StringBuilder sb = new StringBuilder();
                 sb.append(AUTOGENERATED_NOTICE);
-                sb.append("\n/* Generated by PolicyEditor at " + new SimpleDateFormat("yyyy-MM-dd HH:mm:ss")
-                        .format(Calendar.getInstance().getTime()) + " */" + System.getProperty("line.separator"));
+                sb.append("\n/* Generated by PolicyEditor at ").append(new SimpleDateFormat("yyyy-MM-dd HH:mm:ss")

From aazores at redhat.com  Wed Mar 26 15:52:52 2014
From: aazores at redhat.com (Andrew Azores)
Date: Wed, 26 Mar 2014 11:52:52 -0400
Subject: [rfc][icedtea-web][policyeditor] Modal PolicyEditor
In-Reply-To: <5332E8B6.1050605@redhat.com>
References: <53305AD0.4020601@redhat.com>
	<53305BDD.9010204@redhat.com>	<533097F8.9090509@redhat.com>
	<533150B2.8030008@redhat.com>	<53318D53.3070502@redhat.com>
	<5331D3EF.7080407@redhat.com>	<5331E17E.5070302@redhat.com>
	<5332BA7D.5070300@redhat.com> <5332E8B6.1050605@redhat.com>
Message-ID: <5332F7D4.7080506@redhat.com>

On 03/26/2014 10:48 AM, Andrew Azores wrote:
> On 03/26/2014 07:31 AM, Jiri Vanek wrote:
>> I think we misunderstood a bit.
>>
>> Attached is an patch doing what I wonted.
>>
>> It is defining interface (I wish it could be an class! :) ) common to 
>> both  PolicyEditorFrame and PolicyEditorDialog.
>>
>> It become quite verbose, but its cleaner.
>>
>>
>> It is fixing one mayor bug:
>> You had     public static class PolicyEditorFrame extends JDialog {
>> So I fixed it to    public static class PolicyEditorFrame extends 
>> JFrame {
>>
>> And making the two constructors I wont private.
>> I really don't know where we miscommunicated:))
>>
>> Also it is removing unnecessary    private final Window parentWindow 
>> by fixing the signature of methods which were using from incorrect 
>> window, to correct component.
>>
>>
>> Otherwise it is same. If  you can survive my Interface, You can push.
>> If not (and I agree it is maybe nuclear shot to kill a pigeon.. 
>> really maybe to much verbose) then please one last round. But keep 
>> your version :
>>  - with two private constructors
>>  - without aprent variable
>>  - and without duplicate code.
>>
>>
>> Sorry for my probably wrong explanations during reviews :(
>>
>>
>> J.
>
> Wow, yes quite verbose. But it seems like a good enough solution. I'll 
> push this then.
>
> Thanks,
>

As discussed on IRC, some flaws were found with this. This patch fixes 
the known problems at least. The "Save Changes" prompt now works 
properly again, and the checkbox labels and remove button are now the 
correct widths.

Thanks,

-- 
Andrew A

-------------- next part --------------
A non-text attachment was scrubbed...
Name: modal-policyeditor-fixes.patch
Type: text/x-patch
Size: 9456 bytes
Desc: not available
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140326/7218472c/modal-policyeditor-fixes.patch>

From aazores at redhat.com  Wed Mar 26 16:04:28 2014
From: aazores at redhat.com (Andrew Azores)
Date: Wed, 26 Mar 2014 12:04:28 -0400
Subject: [rfc][icedtea-web] Security dialogs wait for PolicyEditor to
	finish parsing
In-Reply-To: <5332BC0C.9040007@redhat.com>
References: <53303AA3.3080109@redhat.com> <533043CB.3010506@redhat.com>
	<533044D7.8040402@redhat.com> <53304B0E.3060505@redhat.com>
	<5330536D.2030608@redhat.com> <533056E3.60201@redhat.com>
	<5331E8C0.6030401@redhat.com> <5332BC0C.9040007@redhat.com>
Message-ID: <5332FA8C.2070300@redhat.com>

On 03/26/2014 07:37 AM, Jiri Vanek wrote:
> On 03/25/2014 09:36 PM, Andrew Azores wrote:
>> On 03/24/2014 12:01 PM, Jiri Vanek wrote:
>>> On 03/24/2014 04:46 PM, Andrew Azores wrote:
>>>> On 03/24/2014 11:11 AM, Jiri Vanek wrote:
>>>>> On 03/24/2014 03:44 PM, Andrew Azores wrote:
>>>>>> On 03/24/2014 10:40 AM, Jiri Vanek wrote:
>>>>>>> On 03/24/2014 03:01 PM, Andrew Azores wrote:
>>>>>>>> Hi,
>>>>>>>>
>>>>>>>> PolicyEditor loads and saves policy files async, obviously. 
>>>>>>>> However, this means that opening
>>>>>>>> a new
>>>>>>>> PolicyEditor instance on an existing policy file and 
>>>>>>>> programmatically adding a new codebase
>>>>>>>> to the
>>>>>>>> editor does not have a well-defined order. This can be 
>>>>>>>> problematic because PolicyEditor
>>>>>>>> highlights/selects the last added codebase, so eg in the 
>>>>>>>> scenario where the editor is being
>>>>>>>> launched
>>>>>>>> from a security dialog, we want to be sure that the current 
>>>>>>>> applet's codebase is the one
>>>>>>>> selected
>>>>>>>> when the editor appears. This patch adds a method to 
>>>>>>>> PolicyEditor that indicates whether the
>>>>>>>> editor
>>>>>>>> is currently reading/writing a file, and adds a loop to the two 
>>>>>>>> security dialogs so that the new
>>>>>>>> codebase is not added and the editor made visible until it 
>>>>>>>> completes its IO.
>>>>>>>>
>>>>>>>> Thanks,
>>>>>>>>
>>>>>>>
>>>>>>> Hm... I dont think this is correct approach. Why are you so 
>>>>>>> strongly against modal dialogue?
>>>>>>>
>>>>>>>
>>>>>>> J.
>>>>>>
>>>>>> I'm not... making PolicyEditor modal will come later. This patch 
>>>>>> is just about making sure that
>>>>>> when
>>>>>> you launch PolicyEditor from a security dialog, the current 
>>>>>> applet's codebase is guaranteed to be
>>>>>> the selected one when the editor appears. This and modality are 
>>>>>> completely separate.
>>>>>>
>>>>>> Thanks,
>>>>>>
>>>>> uff... wouldnt be much more easy to make the load/save in sync?  I 
>>>>> do not see any reason why it is
>>>>> in new thread Thread(save/load).start() ....
>>>>>
>>>>>
>>>>> J.
>>>>
>>>> I really don't want to be doing it sync on the UI thread. This 
>>>> makes the application less
>>>> responsive, and is generally bad practice. Not worth the benefit of 
>>>> making it easier to guarantee
>>>> the programmatically added new codebases come after. There are 
>>>> better ways to do it async than
>>>> manually spawning a new Thread, though, yes. eg SwingWorker as you 
>>>> said on IRC, or Executors and
>>>> Runnables as I suggested. Still, these potential enhancements to 
>>>> the multithreading model would
>>>> still have the codebase ordering problem.
>>>
>>> I agree thath do it in gui thread is wrong. But I disagree with 
>>> current aproach and new suggested
>>> locking.
>>>
>>> Correct aporach is:
>>> invoke thread (swingworker)
>>>   disable gui or show dialog with progressbar or soem wait please
>>>    (so gui will be "responsoble")
>>> wait for thread.
>>>
>>>
>>> Would be correct approach.
>>
>> Okay, this is an enhancement in that it uses the nice SwingWorker 
>> abstraction and provides a visual
>> indicator of progress for the IO operation, but I don't see how it 
>> really solves the problem. If by
>> "wait for thread" you mean Thread#join or similar, then we're again 
>> just blocking the EDT, so it
>> won't actually be responsive until the IO is done. In that case we 
>> might as well just have the EDT
>> do the IO directly. If we don't block the EDT and continue to let the 
>> IO complete async, albeit with
>> visual progress indication and nicely abstracted, then there is still 
>> the problem of addNewCodebase
>> being called externally and not having a well-defined order compared 
>> to the addNewCodebase calls
>> made by the thread performing the IO.
>
>
> Agree. Then please do this now:
>
> ** failed to import extension forest from 
> /home/jvanek/hg-forest-ext/forest.py: No module named repo
> diff -r 4c584d98c42d 
> netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java
> --- 
> a/netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java 
> Wed Mar 26 12:21:48 2014 +0100
> +++ 
> b/netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java 
> Wed Mar 26 12:37:11 2014 +0100
> @@ -1067,7 +1067,7 @@
>                      OutputController.getLogger().log(e);
>                  }
>              }
> -        }.start();
> +        }.run();
>      }
>
>      /**
> @@ -1170,7 +1170,7 @@
>                      showCouldNotSaveDialog();
>                  }
>              }
> -        }.start();
> +        }.run();
>      }
>
>      /**
>
>
>>
>>>
> because :
>>>
>>> However - the polici files *are* small. So the burden of *doing it 
>>> IN*  AWT is imho acceptable.
>>>
>>>
>

Good to go?

Thanks,

-- 
Andrew A

-------------- next part --------------
A non-text attachment was scrubbed...
Name: policyeditor-io-sync.patch
Type: text/x-patch
Size: 1236 bytes
Desc: not available
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140326/e0ff10e8/policyeditor-io-sync.patch>

From jvanek at redhat.com  Wed Mar 26 16:05:00 2014
From: jvanek at redhat.com (Jiri Vanek)
Date: Wed, 26 Mar 2014 17:05:00 +0100
Subject: [rfc][icedtea-web] Security dialogs wait for PolicyEditor to
	finish parsing
In-Reply-To: <5332FA8C.2070300@redhat.com>
References: <53303AA3.3080109@redhat.com> <533043CB.3010506@redhat.com>
	<533044D7.8040402@redhat.com> <53304B0E.3060505@redhat.com>
	<5330536D.2030608@redhat.com> <533056E3.60201@redhat.com>
	<5331E8C0.6030401@redhat.com> <5332BC0C.9040007@redhat.com>
	<5332FA8C.2070300@redhat.com>
Message-ID: <5332FAAC.3030604@redhat.com>

On 03/26/2014 05:04 PM, Andrew Azores wrote:
> On 03/26/2014 07:37 AM, Jiri Vanek wrote:
>> On 03/25/2014 09:36 PM, Andrew Azores wrote:
>>> On 03/24/2014 12:01 PM, Jiri Vanek wrote:
>>>> On 03/24/2014 04:46 PM, Andrew Azores wrote:
>>>>> On 03/24/2014 11:11 AM, Jiri Vanek wrote:
>>>>>> On 03/24/2014 03:44 PM, Andrew Azores wrote:
>>>>>>> On 03/24/2014 10:40 AM, Jiri Vanek wrote:
>>>>>>>> On 03/24/2014 03:01 PM, Andrew Azores wrote:
>>>>>>>>> Hi,
>>>>>>>>>
>>>>>>>>> PolicyEditor loads and saves policy files async, obviously. However, this means that opening
>>>>>>>>> a new
>>>>>>>>> PolicyEditor instance on an existing policy file and programmatically adding a new codebase
>>>>>>>>> to the
>>>>>>>>> editor does not have a well-defined order. This can be problematic because PolicyEditor
>>>>>>>>> highlights/selects the last added codebase, so eg in the scenario where the editor is being
>>>>>>>>> launched
>>>>>>>>> from a security dialog, we want to be sure that the current applet's codebase is the one
>>>>>>>>> selected
>>>>>>>>> when the editor appears. This patch adds a method to PolicyEditor that indicates whether the
>>>>>>>>> editor
>>>>>>>>> is currently reading/writing a file, and adds a loop to the two security dialogs so that
>>>>>>>>> the new
>>>>>>>>> codebase is not added and the editor made visible until it completes its IO.
>>>>>>>>>
>>>>>>>>> Thanks,
>>>>>>>>>
>>>>>>>>
>>>>>>>> Hm... I dont think this is correct approach. Why are you so strongly against modal dialogue?
>>>>>>>>
>>>>>>>>
>>>>>>>> J.
>>>>>>>
>>>>>>> I'm not... making PolicyEditor modal will come later. This patch is just about making sure that
>>>>>>> when
>>>>>>> you launch PolicyEditor from a security dialog, the current applet's codebase is guaranteed
>>>>>>> to be
>>>>>>> the selected one when the editor appears. This and modality are completely separate.
>>>>>>>
>>>>>>> Thanks,
>>>>>>>
>>>>>> uff... wouldnt be much more easy to make the load/save in sync?  I do not see any reason why
>>>>>> it is
>>>>>> in new thread Thread(save/load).start() ....
>>>>>>
>>>>>>
>>>>>> J.
>>>>>
>>>>> I really don't want to be doing it sync on the UI thread. This makes the application less
>>>>> responsive, and is generally bad practice. Not worth the benefit of making it easier to guarantee
>>>>> the programmatically added new codebases come after. There are better ways to do it async than
>>>>> manually spawning a new Thread, though, yes. eg SwingWorker as you said on IRC, or Executors and
>>>>> Runnables as I suggested. Still, these potential enhancements to the multithreading model would
>>>>> still have the codebase ordering problem.
>>>>
>>>> I agree thath do it in gui thread is wrong. But I disagree with current aproach and new suggested
>>>> locking.
>>>>
>>>> Correct aporach is:
>>>> invoke thread (swingworker)
>>>>   disable gui or show dialog with progressbar or soem wait please
>>>>    (so gui will be "responsoble")
>>>> wait for thread.
>>>>
>>>>
>>>> Would be correct approach.
>>>
>>> Okay, this is an enhancement in that it uses the nice SwingWorker abstraction and provides a visual
>>> indicator of progress for the IO operation, but I don't see how it really solves the problem. If by
>>> "wait for thread" you mean Thread#join or similar, then we're again just blocking the EDT, so it
>>> won't actually be responsive until the IO is done. In that case we might as well just have the EDT
>>> do the IO directly. If we don't block the EDT and continue to let the IO complete async, albeit with
>>> visual progress indication and nicely abstracted, then there is still the problem of addNewCodebase
>>> being called externally and not having a well-defined order compared to the addNewCodebase calls
>>> made by the thread performing the IO.
>>
>>
>> Agree. Then please do this now:
>>
>> ** failed to import extension forest from /home/jvanek/hg-forest-ext/forest.py: No module named repo
>> diff -r 4c584d98c42d netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java
>> --- a/netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java Wed Mar 26 12:21:48 2014
>> +0100
>> +++ b/netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java Wed Mar 26 12:37:11 2014
>> +0100
>> @@ -1067,7 +1067,7 @@
>>                      OutputController.getLogger().log(e);
>>                  }
>>              }
>> -        }.start();
>> +        }.run();
>>      }
>>
>>      /**
>> @@ -1170,7 +1170,7 @@
>>                      showCouldNotSaveDialog();
>>                  }
>>              }
>> -        }.start();
>> +        }.run();
>>      }
>>
>>      /**
>>
>>
>>>
>>>>
>> because :
>>>>
>>>> However - the polici files *are* small. So the burden of *doing it IN*  AWT is imho acceptable.
>>>>
>>>>
>>
>
> Good to go?

Yes:)


From aazores at icedtea.classpath.org  Wed Mar 26 16:07:34 2014
From: aazores at icedtea.classpath.org (aazores at icedtea.classpath.org)
Date: Wed, 26 Mar 2014 16:07:34 +0000
Subject: /hg/icedtea-web: PolicyEditor IO operations made synchronous
Message-ID: <hg.ca18850addad.1395850054.8643924302249223276@icedtea.classpath.org>

changeset ca18850addad in /hg/icedtea-web
details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=ca18850addad
author: Andrew Azores <aazores at redhat.com>
date: Wed Mar 26 12:07:23 2014 -0400

	PolicyEditor IO operations made synchronous

	* netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java:
	(savePolicyFile, openAndParsePolicyFile) made synchronous so that
	programmatically adding a new codebase has a well-defined order when
	performed immediately after starting a new PolicyEditor instance


diffstat:

 ChangeLog                                                         |  7 +++++++
 netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java |  8 ++++++--
 2 files changed, 13 insertions(+), 2 deletions(-)

diffs (39 lines):

diff -r fcb9dcf1c83c -r ca18850addad ChangeLog
--- a/ChangeLog	Wed Mar 26 11:02:00 2014 -0400
+++ b/ChangeLog	Wed Mar 26 12:07:23 2014 -0400
@@ -1,3 +1,10 @@
+2014-03-26  Andrew Azores  <aazores at redhat.com>
+
+	* netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java:
+	(savePolicyFile, openAndParsePolicyFile) made synchronous so that
+	programmatically adding a new codebase has a well-defined order when
+	performed immediately after starting a new PolicyEditor instance
+
 2014-03-26  Andrew Azores  <aazores at redhat.com>
             Jiri Vanek  <jvanek at redhat.com>
 
diff -r fcb9dcf1c83c -r ca18850addad netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java
--- a/netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java	Wed Mar 26 11:02:00 2014 -0400
+++ b/netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java	Wed Mar 26 12:07:23 2014 -0400
@@ -1067,7 +1067,9 @@
                     OutputController.getLogger().log(e);
                 }
             }
-        }.start();
+        }.run(); // #run() to make IO synchronous right now. #start() can be used to make it async instead.
+        // http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2014-March/026886.html
+        // TODO: use SwingWorker and give some visual indication that IO is occurring
     }
 
     /**
@@ -1170,7 +1172,9 @@
                     showCouldNotSaveDialog();
                 }
             }
-        }.start();
+        }.run(); // #run() to make IO synchronous right now. #start() can be used to make it async instead.
+        // http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2014-March/026886.html
+        // TODO: use SwingWorker and give some visual indication that IO is occurring
     }
 
     /**

From jvanek at redhat.com  Wed Mar 26 17:11:07 2014
From: jvanek at redhat.com (Jiri Vanek)
Date: Wed, 26 Mar 2014 18:11:07 +0100
Subject: [rfc][icedtea-web] policy editor -added possibility for grouping.
Message-ID: <53330A2B.6030307@redhat.com>

perfectly self documented code!
Happy review :)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: addedGroupingOnGuiLevelForPermissions.patch
Type: text/x-patch
Size: 16317 bytes
Desc: not available
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140326/546f2387/addedGroupingOnGuiLevelForPermissions.patch>

From aazores at redhat.com  Wed Mar 26 17:18:02 2014
From: aazores at redhat.com (Andrew Azores)
Date: Wed, 26 Mar 2014 13:18:02 -0400
Subject: [rfc][icedtea-web] policy editor -added possibility for grouping.
In-Reply-To: <53330A2B.6030307@redhat.com>
References: <53330A2B.6030307@redhat.com>
Message-ID: <53330BCA.4080104@redhat.com>

On 03/26/2014 01:11 PM, Jiri Vanek wrote:
> perfectly self documented code!
> Happy review :)

Very very nice! Nits: 1) there are some blank lines that have spaces up 
to the indent level, should be just empty lines? 2) add File Access 
group please since there are six permissions about it

Then ok to push after.

Thanks!

-- 
Andrew A


From jvanek at redhat.com  Wed Mar 26 17:18:19 2014
From: jvanek at redhat.com (Jiri Vanek)
Date: Wed, 26 Mar 2014 18:18:19 +0100
Subject: [rfc][icedtea-web] Temporary permissions
In-Reply-To: <5331D8C4.3040309@redhat.com>
References: <53305587.9080208@redhat.com> <53305AC0.9060509@redhat.com>
	<53307400.60801@redhat.com> <53314EFA.2060201@redhat.com>
	<5331BE26.5060802@redhat.com> <5331D540.3060401@redhat.com>
	<5331D8C4.3040309@redhat.com>
Message-ID: <53330BDB.2010104@redhat.com>

On 03/25/2014 08:28 PM, Andrew Azores wrote:
> On 03/25/2014 03:13 PM, Jiri Vanek wrote:
>> On 03/25/2014 06:34 PM, Andrew Azores wrote:
>>> On 03/25/2014 05:40 AM, Jiri Vanek wrote:
>>>> Generally ok, except one important nit:
>>>>
>>>> final JMenuItem noCmdExec = new JMenuItem(R("STempPermNoExec"));
>>>> + noCmdExec.addActionListener(new TemporaryPermissionsListener(
>>>> + Permissions.READ_LOCAL_FILES, Permissions.WRITE_LOCAL_FILES,
>>>> + Permissions.READ_TMP_FILES, Permissions.WRITE_TMP_FILES,
>>>> + Permissions.READ_PROPERTIES, Permissions.WRITE_PROPERTIES,
>>>> + Permissions.CLIPBOARD_ACCESS, Permissions.PLAY_AUDIO,
>>>> + Permissions.PRINT_DOCUMENTS, Permissions.JAVA_REFLECTION,
>>>> + Permissions.NETWORK_ACCESS));
>>>> + policyMenu.add(noCmdExec);
>>>>
>>>> And similar:
>>>> are - duplicated.
>>>>
>>>>
>>>> You can push, as similar evil is already done.
>>>>
>>>> However refactoring, asn asap changeset is needed.
>>>>
>>>> the ||| advanced settings button will be encapsulated, so non of its code is duplicated.
>>>> You can have your own "extends jbutton" hwhich will do all this logic. And you add jsut
>>>> insntance of this button to the panes.
>>>>
>>>> Also all the :
>>>> new TemporaryPermissionsListener(
>>>> + Permissions.READ_LOCAL_FILES, Permissions.WRITE_LOCAL_FILES,
>>>> + Permissions.READ_TMP_FILES, Permissions.WRITE_TMP_FILES,
>>>> + Permissions.READ_PROPERTIES, Permissions.WRITE_PROPERTIES,
>>>> + Permissions.CLIPBOARD_ACCESS, Permissions.PLAY_AUDIO,
>>>> + Permissions.PRINT_DOCUMENTS, Permissions.JAVA_REFLECTION,
>>>> + Permissions.NETWORK_ACCESS));
>>>> + policyMenu.add(noCmdExec);
>>>>
>>>> should be encapsualted. Those permissionListeners may be stored in some static class as static
>>>> constantsand just used as singletons. or not?
>>>> If not then they can be provided by some factory methods. But not spred in gui code like this.
>>>>
>>>> Yes, just code celaning, but how it is now, i do not look nicely.
>>>>
>>>> Sorry for troubles:(
>>>> J.
>>>>
>>>
>>> You're right, it was getting very messy, and the code for the button/menu stuff definitely should
>>> have been shared.
>>>
>>> So now, behold the monster you've asked for... ! :D
>>>
>>> 1) Button is pulled out into its own class and used in the two dialogs
>>> 2) Popup menu is actually even simpler to make appear now (less futzing with position on screen)
>>> 3) !! PolicyEditorPermissions are reused. It's some slightly scary reflection with a bit of regex
>>> sprinkled in, but it works perfect.
>>> 3b) Some of the temp permissions have been removed because PolicyEditorPermissions don't yet have
>>> the right counterparts. But there's another patch I sent earlier that adds all of those
>>> permissions as well, so then they can be added in quite quickly here after
>>> 4) Temp permission types and menu entries are much much cleaner to define
>>>
>>
>>
>> hmhmhm - just see:
>> +STempSoundOnly=Play audio
>>  it is same issue as in case of reflection. it should probably allow both recording and playing.
>> UTwo permissions under one checkbox.
>
> Really? I can imagine many scenarios where a user is comfortable with an applet playing sound back
> but not recording it. Reflection makes sense to group together but I think audio should be separate.
>
>>
>> - maybe as tmp hack can serve some better grouping of checkboxes, with one main - whcih will
>> select/unselect all underlying. By this you will have your one-permission-per-checkbox - and user
>> will not be bored by to much on-first-glance-visible permissions. Maybe I can do thsis tomorrow? I
>> wil enjoy it :)
>
> Go ahead.
>
>>
>>
>> +    public static Permission getPermission(final PolicyEditorPermissions editorPermission) {
>>
>> arrgh thats monster..... Why reflection!!?!??! No way!!!  it is our class. Please do something
>> public or whatever...
>>
>>
>>
>> Otherwise it is not os monsterous :)
>
> Well, I had to decide if I wanted to extend PolicyEditorPermissions with some way to convert into
> Permissions, or to just add this translation layer separately. I liked the new layer better, since
> PolicyEditorPermissions was really just intended for use within PolicyEditor, and in there we don't
> need this kind of logic. So from outside of the model itself, reflection was actually not a bad way
> to handle acquiring the correct kind of Permission subclass from the model - the alternative would
> have been a switch or long if/else chain, which would have then meant that any new PermissionTypes
> would have also needed an update to the TemporaryPermissions converter. Using reflection like this
> means that it never has to be updated if the PermissionTypes change. I don't think this is even that
> bad of a use of reflection - I don't think it's too hard to read, and it's not being used somewhere
> performance critical or where it will be called very frequently.
>
> The other good option I've thought of is to add the Permission conversion logic to the
> PolicyEditorPermissions model, and move/rename this model so it's more suitable as something shared
> between PolicyEditor and these dialogs. The PolicyEditorPermissions could be constructed with a
> Class reference, eg RuntimePermission.class, and have a Permission field that is then populated by
> the constructor doing a bit less reflection. This eliminates the need for the Class.forName call,
> but makes the PolicyEditorPermission model more complicated in a way that I don't think it really
> needs to be.
>

hmm All three ways looks bad:( Both reflection and "any new PermissionTypes  would have " is  very 
wrong.


No advice here :( Sorry. But I belive you will figure it out O:)


From bugzilla-daemon at icedtea.classpath.org  Wed Mar 26 17:22:08 2014
From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org)
Date: Wed, 26 Mar 2014 17:22:08 +0000
Subject: [Bug 1677] [IcedTea7] Update PaX support to detect running PaX
	kernel and use newer tools
In-Reply-To: <bug-1677-30@http.icedtea.classpath.org/bugzilla/>
References: <bug-1677-30@http.icedtea.classpath.org/bugzilla/>
Message-ID: <bug-1677-30-IqOsJx2Bn9@http.icedtea.classpath.org/bugzilla/>

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1677

Andrew John Hughes <gnu.andrew at redhat.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|ASSIGNED                    |RESOLVED
         Resolution|---                         |FIXED

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140326/767cc811/attachment-0001.html>

From bugzilla-daemon at icedtea.classpath.org  Wed Mar 26 17:22:41 2014
From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org)
Date: Wed, 26 Mar 2014 17:22:41 +0000
Subject: [Bug 1679] [IcedTea7] Allow OpenJDK to build on PaX-enabled kernels
In-Reply-To: <bug-1679-30@http.icedtea.classpath.org/bugzilla/>
References: <bug-1679-30@http.icedtea.classpath.org/bugzilla/>
Message-ID: <bug-1679-30-DIgjFVPBrI@http.icedtea.classpath.org/bugzilla/>

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1679

Andrew John Hughes <gnu.andrew at redhat.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|ASSIGNED                    |RESOLVED
         Resolution|---                         |FIXED

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140326/85d5be14/attachment.html>

From theuserbl at hotmail.com  Wed Mar 26 17:32:36 2014
From: theuserbl at hotmail.com (theUser BL)
Date: Wed, 26 Mar 2014 17:32:36 +0000
Subject: Bug in fonts of OpenJDK
Message-ID: <COL128-W86ACF8C69571A82EA8CE9CA9640@phx.gbl>

I have tested the OpenJDK in the OpenSUSE distribution and the Windows and Linux builds at
http://www.azulsystems.com/products/zulu
All have the same bug, which Oracle JDK
http://www.oracle.com/technetwork/java/javase/downloads/index-jsp-138363.html
don't have.

If you start SwingSet2.jar and naviagte to a "Source Code"-tab, then the sourcecode is formatted.
But on Oracles Java, words like "import", "public", "int", etc. are bold. On OpenJDK they are not.
But the other words, which are colored, are on Oracles JDK and OpenJDK same colored.

Greatings
theuserbl 		 	   		  

From jvanek at icedtea.classpath.org  Wed Mar 26 17:46:27 2014
From: jvanek at icedtea.classpath.org (jvanek at icedtea.classpath.org)
Date: Wed, 26 Mar 2014 17:46:27 +0000
Subject: /hg/icedtea-web: Added possibility to group permissions in Polic...
Message-ID: <hg.9de6713da051.1395855987.8643924302249223276@icedtea.classpath.org>

changeset 9de6713da051 in /hg/icedtea-web
details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=9de6713da051
author: Jiri Vanek <jvanek at redhat.com>
date: Wed Mar 26 18:46:13 2014 +0100

	Added possibility to group permissions in PolicyEditor gui


diffstat:

 ChangeLog                                                                    |   11 +
 netx/net/sourceforge/jnlp/resources/Messages.properties                      |    6 +
 netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java            |  168 +++++++++-
 netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditorPermissions.java |   95 +++++-
 4 files changed, 265 insertions(+), 15 deletions(-)

diffs (428 lines):

diff -r ca18850addad -r 9de6713da051 ChangeLog
--- a/ChangeLog	Wed Mar 26 12:07:23 2014 -0400
+++ b/ChangeLog	Wed Mar 26 18:46:13 2014 +0100
@@ -1,3 +1,14 @@
+2014-03-24  Jiri Vanek  <jvanek at redhat.com>
+
+	Added possibility to group permissions in PolicyEditor
+	* netx/net/sourceforge/jnlp/resources/Messages.properties: added groups names
+	* netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java	: (setLayout)
+	added grouping panels and checkboxes. (JcheckBoxWithGroup) New inner class to work
+	with groups.
+	netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditorPermissions.java:
+	Added inner class (Groups) and deffinied (ReadFileSystem) (WriteFileSystem)
+	(AccesUnowenedCode) (MediaAccess)
+
 2014-03-26  Andrew Azores  <aazores at redhat.com>
 
 	* netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java:
diff -r ca18850addad -r 9de6713da051 netx/net/sourceforge/jnlp/resources/Messages.properties
--- a/netx/net/sourceforge/jnlp/resources/Messages.properties	Wed Mar 26 12:07:23 2014 -0400
+++ b/netx/net/sourceforge/jnlp/resources/Messages.properties	Wed Mar 26 18:46:13 2014 +0100
@@ -549,6 +549,12 @@
 PECustomPermissionsItem=Custom Permissions...
 PEFileModified=File Modification Warning
 PEFileModifiedDetail=The policy file at {0} has been modified since it was opened. Reload and re-edit before saving?
+PEGAccesUnowenedCode = Execute unowned code
+PEGMediaAccess = Media access
+PEGrightClick = right click to fold/unfold
+PEGReadFileSystem = Read to system
+PEGWriteFileSystem = Write to system
+
 
 # Policy Editor CustomPolicyViewer
 PECPTitle=Custom Policy Viewer
diff -r ca18850addad -r 9de6713da051 netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java
--- a/netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java	Wed Mar 26 12:07:23 2014 -0400
+++ b/netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java	Wed Mar 26 18:46:13 2014 +0100
@@ -36,6 +36,8 @@
 
 package net.sourceforge.jnlp.security.policyeditor;
 
+import java.awt.Color;
+import java.awt.Container;
 import java.awt.Dialog.ModalityType;
 import static net.sourceforge.jnlp.runtime.Translator.R;
 
@@ -45,6 +47,8 @@
 import java.awt.event.ActionEvent;
 import java.awt.event.ActionListener;
 import java.awt.event.KeyEvent;
+import java.awt.event.MouseAdapter;
+import java.awt.event.MouseEvent;
 import java.awt.event.WindowAdapter;
 import java.awt.event.WindowEvent;
 import java.io.File;
@@ -55,12 +59,14 @@
 import java.net.URL;
 import java.nio.channels.FileLock;
 import java.text.SimpleDateFormat;
+import java.util.ArrayList;
 import java.util.Arrays;
 import java.util.Calendar;
 import java.util.Collection;
 import java.util.Collections;
 import java.util.HashMap;
 import java.util.HashSet;
+import java.util.LinkedList;
 import java.util.List;
 import java.util.Map;
 import java.util.Set;
@@ -92,8 +98,10 @@
 import javax.swing.UIManager;
 import javax.swing.WindowConstants;
 import javax.swing.border.EmptyBorder;
+import javax.swing.border.LineBorder;
 import javax.swing.event.ListSelectionEvent;
 import javax.swing.event.ListSelectionListener;
+import net.sourceforge.jnlp.security.policyeditor.PolicyEditorPermissions.Group;
 
 import net.sourceforge.jnlp.util.FileUtils;
 import net.sourceforge.jnlp.util.FileUtils.OpenFileResult;
@@ -159,6 +167,7 @@
     private final Map<String, Map<PolicyEditorPermissions, Boolean>> codebasePermissionsMap = new HashMap<String, Map<PolicyEditorPermissions, Boolean>>();
     private final Map<String, Set<CustomPermission>> customPermissionsMap = new HashMap<String, Set<CustomPermission>>();
     private final Map<PolicyEditorPermissions, JCheckBox> checkboxMap = new TreeMap<PolicyEditorPermissions, JCheckBox>();
+    private final List<JCheckBoxWithGroup> groupBoxList = new ArrayList<JCheckBoxWithGroup>(Group.values().length);
     private final JScrollPane scrollPane = new JScrollPane();
     private final DefaultListModel listModel = new DefaultListModel();
     private final JList list = new JList(listModel);
@@ -172,6 +181,43 @@
     private final ActionListener okButtonAction, closeButtonAction, addCodebaseButtonAction,
             removeCodebaseButtonAction, openButtonAction, saveAsButtonAction, viewCustomButtonAction;
 
+    private static class JCheckBoxWithGroup extends JCheckBox {
+
+        private final PolicyEditorPermissions.Group group;
+
+        private JCheckBoxWithGroup(Group g) {
+            super(g.getTitle());
+            group = g;
+        }
+
+        public Group getGroup() {
+            return group;
+        }
+
+        private void setState(Map<PolicyEditorPermissions, Boolean> map) {
+            List<ActionListener> backup = new LinkedList<ActionListener>();
+            for (final ActionListener l : this.getActionListeners()) {
+                backup.add(l);
+                this.removeActionListener(l);
+            }
+            int i = group.getState(map);
+            this.setBackground(getParent().getBackground());
+            if (i > 0) {
+                this.setSelected(true);
+            }
+            if (i < 0) {
+                this.setSelected(false);
+            }
+            if (i == 0) {
+                this.setBackground(Color.yellow);
+                this.setSelected(false);
+            }
+
+            for (ActionListener al : backup) {
+                this.addActionListener(al);
+            }
+        }
+    }
     public PolicyEditor(final String filepath) {
         super();
         setLayout(new GridBagLayout());
@@ -277,13 +323,10 @@
                 SwingUtilities.invokeLater(new Runnable() {
                     @Override
                     public void run() {
-                        String codebase = (String) list.getSelectedValue();
-                        if (codebase == null || codebase.isEmpty()) {
+                        String codebase = getSelectedCodebase();
+                        if (codebase == null){
                             return;
                         }
-                        if (codebase.equals(R("PEGlobalSettings"))) {
-                            codebase = "";
-                        }
                         if (cpViewer == null) {
                             cpViewer = new CustomPolicyViewer(weakThis.get(), codebase, customPermissionsMap.get(codebase));
                             cpViewer.setVisible(true);
@@ -302,6 +345,17 @@
         list.setSelectedIndex(0);
         updateCheckboxes("");
     }
+    
+    private String getSelectedCodebase() {
+        String codebase = (String) list.getSelectedValue();
+        if (codebase == null || codebase.isEmpty()) {
+            return null;
+        }
+        if (codebase.equals(R("PEGlobalSettings"))) {
+            return "";
+        }
+        return codebase;
+    }
 
     private static void preparePolicyEditorWindow(final PolicyEditorWindow w, PolicyEditor e) {
         w.setModalityType(ModalityType.MODELESS); //at least some default
@@ -767,12 +821,18 @@
                     } else {
                         state = false;
                     }
+                    for (JCheckBoxWithGroup jg : groupBoxList) {
+                        jg.setState(map);
+                    }
                     box.setSelected(state);
                     box.addActionListener(new ActionListener() {
                         @Override
                         public void actionPerformed(final ActionEvent e) {
                             changesMade = true;
                             map.put(perm, box.isSelected());
+                            for (JCheckBoxWithGroup jg : groupBoxList) {
+                                jg.setState(map);
+                            }
                         }
                     });
                 }
@@ -869,6 +929,10 @@
         checkboxConstraints.gridy = 1;
 
         for (final JCheckBox box : checkboxMap.values()) {
+             if (PolicyEditorPermissions.Group.anyContains(box, checkboxMap)){
+                 //do not show boxes in any group
+                continue;
+            }
             add(box, checkboxConstraints);
             checkboxConstraints.gridx++;
             // Two columns of checkboxes
@@ -877,6 +941,89 @@
                 checkboxConstraints.gridy++;
             }
         }
+        //add groups
+        for (PolicyEditorPermissions.Group g : PolicyEditorPermissions.Group.values()) {
+            //no metter what, put group title on new line
+            checkboxConstraints.gridy++;
+            //all groups are in second column
+            checkboxConstraints.gridx = 2;
+            final JCheckBoxWithGroup groupCh = new JCheckBoxWithGroup(g);
+            groupBoxList.add(groupCh);
+            final JPanel groupPanel = new JPanel(new GridBagLayout());
+            groupPanel.setBorder(new LineBorder(Color.black));
+            groupCh.setToolTipText(R("PEGrightClick"));
+            groupCh.addMouseListener(new MouseAdapter() {
+                @Override
+                public void mouseClicked(MouseEvent e) {
+                    if (e.getButton() == MouseEvent.BUTTON3) {
+                        groupPanel.setVisible(!groupPanel.isVisible());
+                        PolicyEditor.this.validate();
+                        Container c = PolicyEditor.this.getParent();
+                        //find the window and repack it
+                        while (!(c instanceof Window)) {
+                            if (c == null) {
+                                return;
+                            }
+                            c = c.getParent();
+                        }
+                        Window w = (Window) c;
+                        w.pack();
+
+                    }
+                }
+            });
+            groupCh.addActionListener(new ActionListener() {
+                @Override
+                public void actionPerformed(ActionEvent e) {
+                    String codebase = getSelectedCodebase();
+                    if (codebase == null) {
+                        return;
+                    }
+                    List<ActionListener> backup = new LinkedList<ActionListener>();
+                    for (final ActionListener l : groupCh.getActionListeners()) {
+                        backup.add(l);
+                        groupCh.removeActionListener(l);
+                    }
+                    final Map<PolicyEditorPermissions, Boolean> map = codebasePermissionsMap.get(codebase);
+                    for (PolicyEditorPermissions p : groupCh.getGroup().getPermissions()) {
+                        map.put(p, groupCh.isSelected());
+                    }
+                    changesMade = true;
+                    updateCheckboxes(codebase);
+                    for (ActionListener al : backup) {
+                        groupCh.addActionListener(al);
+                    }
+
+                }
+            });
+            add(groupCh, checkboxConstraints);
+            //place panel with mebers below the title
+            checkboxConstraints.gridy++;
+            checkboxConstraints.gridx = 2;
+            //spread group's panel over two columns
+            checkboxConstraints.gridwidth = 2;
+            checkboxConstraints.fill = checkboxConstraints.BOTH;
+            add(groupPanel, checkboxConstraints);
+            final GridBagConstraints groupCheckboxLabelConstraints = new GridBagConstraints();
+            groupCheckboxLabelConstraints.anchor = GridBagConstraints.LINE_START;
+            groupCheckboxLabelConstraints.weightx = 0;
+            groupCheckboxLabelConstraints.weighty = 0;
+            groupCheckboxLabelConstraints.gridx = 1;
+            groupCheckboxLabelConstraints.gridy = 1;
+            for (PolicyEditorPermissions p : g.getPermissions()) {
+                groupPanel.add(checkboxMap.get(p), groupCheckboxLabelConstraints);
+                // Two columns of checkboxes
+                groupCheckboxLabelConstraints.gridx++;
+                if (groupCheckboxLabelConstraints.gridx > 2) {
+                    groupCheckboxLabelConstraints.gridx = 1;
+                    groupCheckboxLabelConstraints.gridy++;
+                }
+            }
+            groupPanel.setVisible(false);
+            //reset
+            checkboxConstraints.gridwidth = 1;
+        }
+
 
         final JLabel codebaseListLabel = new JLabel(R("PECodebaseLabel"));
         codebaseListLabel.setBorder(new EmptyBorder(2, 2, 2, 2));
@@ -892,16 +1039,10 @@
                 if (e.getValueIsAdjusting()) {
                     return; // ignore first click, act on release
                 }
-                final String selectedCodebase = (String) list.getSelectedValue();
-                if (selectedCodebase == null) {
+                final String codebase = getSelectedCodebase();
+                if (codebase == null) {
                     return;
                 }
-                final String codebase;
-                if (selectedCodebase.equals(R("PEGlobalSettings"))) {
-                    codebase = "";
-                } else {
-                    codebase = selectedCodebase;
-                }
                 updateCheckboxes(codebase);
             }
         });
@@ -1061,6 +1202,7 @@
                     }
                 }
                 list.setSelectedIndex(0);
+                updateCheckboxes("");
                 try {
                     fileLock.release();
                 } catch (final IOException e) {
diff -r ca18850addad -r 9de6713da051 netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditorPermissions.java
--- a/netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditorPermissions.java	Wed Mar 26 12:07:23 2014 -0400
+++ b/netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditorPermissions.java	Wed Mar 26 18:46:13 2014 +0100
@@ -36,10 +36,10 @@
 
 package net.sourceforge.jnlp.security.policyeditor;
 
+import java.util.Map;
+import javax.swing.JCheckBox;
 import static net.sourceforge.jnlp.runtime.Translator.R;
 
-import java.util.regex.Matcher;
-import java.util.regex.Pattern;
 
 /**
  * Defines the set of default permissions for PolicyEditor, ie the ones which are assigned
@@ -107,6 +107,97 @@
     PRINT(R("PEPrint"), R("PEPrintDetail"),
             PermissionType.RUNTIME_PERMISSION, PermissionTarget.PRINT, PermissionActions.NONE);
 
+    
+    public static enum Group {
+
+       
+        ReadFileSystem(R("PEGReadFileSystem"),  READ_LOCAL_FILES, READ_PROPERTIES, READ_SYSTEM_FILES, READ_TMP_FILES, GET_ENV),
+        WriteFileSystem(R("PEGWriteFileSystem"), WRITE_LOCAL_FILES, WRITE_PROPERTIES, WRITE_SYSTEM_FILES, WRITE_TMP_FILES, EXEC_COMMANDS),
+        AccesUnowenedCode(R("PEGAccesUnowenedCode"), JAVA_REFLECTION, GET_CLASSLOADER, ACCESS_CLASS_IN_PACKAGE, ACCESS_DECLARED_MEMBERS),
+        MediaAccess(R("PEGMediaAccess"), PLAY_AUDIO, RECORD_AUDIO, PRINT, CLIPBOARD);
+        
+
+        private final PolicyEditorPermissions[] permissions;
+        private final String title; 
+        private Group(String title, PolicyEditorPermissions... permissions) {
+            this.title = title;
+            this.permissions = permissions;
+        
+        }
+        
+        public static boolean anyContains(PolicyEditorPermissions permission) {
+            for (Group g : Group.values()) {
+                if (g.contains(permission)) {
+                    return true;
+                }
+            }
+            return false;
+        }
+        
+        public static boolean anyContains(JCheckBox view, Map<PolicyEditorPermissions, JCheckBox> checkboxMap) {
+            for (Map.Entry<PolicyEditorPermissions, JCheckBox> pairs : checkboxMap.entrySet()){
+                if (pairs.getValue() == view) {
+                    for (Group g : Group.values()) {
+                        if (g.contains(pairs.getKey())) {
+                            return true;
+                        }
+                    }
+                }
+            }
+            return false;
+        }
+        
+        /*
+         * + all is selected
+         * 0 invalid
+         * - none is selected
+         */
+        public int getState (final Map<PolicyEditorPermissions, Boolean> map) {
+            boolean allTrue=true;
+            boolean allFalse=true;
+            for (PolicyEditorPermissions pp: getPermissions()){
+                Boolean b = map.get(pp);
+                if (b == null){
+                    return 0;
+                }
+                if (b.booleanValue()){
+                    allFalse = false;
+                } else {
+                    allTrue = false;
+                }
+            }
+            if (allFalse){
+                return -1;
+            }
+            if (allTrue){
+                return 1;
+            }
+            return 0;
+        }
+        
+        public boolean contains(PolicyEditorPermissions permission) {
+            for (PolicyEditorPermissions policyEditorPermissions : permissions) {
+                if (policyEditorPermissions == permission) {
+                    return true;
+                }
+            }
+            return false;
+
+        }
+
+        public String getTitle() {
+            return title + " ??";
+        }
+
+        public PolicyEditorPermissions[] getPermissions() {
+            return permissions;
+        }
+        
+        
+        
+    }
+
+    
     private final String name, description;
     private final PermissionType type;
     private final PermissionTarget target;

From jvanek at icedtea.classpath.org  Wed Mar 26 17:50:42 2014
From: jvanek at icedtea.classpath.org (jvanek at icedtea.classpath.org)
Date: Wed, 26 Mar 2014 17:50:42 +0000
Subject: /hg/icedtea-web: Extracted hardcoded strings from AttributesChecker
Message-ID: <hg.01a37b9ad8cb.1395856242.8643924302249223276@icedtea.classpath.org>

changeset 01a37b9ad8cb in /hg/icedtea-web
details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=01a37b9ad8cb
author: Jiri Vanek <jvanek at redhat.com>
date: Wed Mar 26 18:50:35 2014 +0100

	Extracted hardcoded strings from AttributesChecker


diffstat:

 ChangeLog                                                        |  9 ++++++++-
 netx/net/sourceforge/jnlp/resources/Messages.properties          |  3 +++
 netx/net/sourceforge/jnlp/runtime/ManifestAttributesChecker.java |  6 +++---
 3 files changed, 14 insertions(+), 4 deletions(-)

diffs (47 lines):

diff -r 9de6713da051 -r 01a37b9ad8cb ChangeLog
--- a/ChangeLog	Wed Mar 26 18:46:13 2014 +0100
+++ b/ChangeLog	Wed Mar 26 18:50:35 2014 +0100
@@ -1,4 +1,11 @@
-2014-03-24  Jiri Vanek  <jvanek at redhat.com>
+2014-03-26  Jiri Vanek  <jvanek at redhat.com>
+
+	* netx/net/sourceforge/jnlp/resources/Messages.propertie: new keys (STOAsignedMsgFully)
+	(STOAsignedMsgAndSandbox) (STOAsignedMsgPartiall) added
+	* netx/net/sourceforge/jnlp/runtime/ManifestAttributesChecker.java: extracted
+	hardocded values of (signedMsg)
+
+2014-03-26  Jiri Vanek  <jvanek at redhat.com>
 
 	Added possibility to group permissions in PolicyEditor
 	* netx/net/sourceforge/jnlp/resources/Messages.properties: added groups names
diff -r 9de6713da051 -r 01a37b9ad8cb netx/net/sourceforge/jnlp/resources/Messages.properties
--- a/netx/net/sourceforge/jnlp/resources/Messages.properties	Wed Mar 26 18:46:13 2014 +0100
+++ b/netx/net/sourceforge/jnlp/resources/Messages.properties	Wed Mar 26 18:50:35 2014 +0100
@@ -302,6 +302,9 @@
 SJNLPFileIsNotSigned=This application contains a digital signature in which the launching JNLP file is not signed.
 SAppletTitle=Applet title: {0}
 STrustedOnlyAttributeFailure=This application specifies Trusted-only as True in its Manifest. {0} and requests permission level: {1}. This is not allowed.
+STOAsignedMsgFully = The applet is fully signed
+STOAsignedMsgAndSandbox = The applet is fully signed and sandboxed
+STOAsignedMsgPartiall = The applet is not fully signed
 
 # Security - used for the More Information dialog
 SBadKeyUsage=Resources contain entries whose signer certificate's KeyUsage extension doesn't allow code signing.
diff -r 9de6713da051 -r 01a37b9ad8cb netx/net/sourceforge/jnlp/runtime/ManifestAttributesChecker.java
--- a/netx/net/sourceforge/jnlp/runtime/ManifestAttributesChecker.java	Wed Mar 26 18:46:13 2014 +0100
+++ b/netx/net/sourceforge/jnlp/runtime/ManifestAttributesChecker.java	Wed Mar 26 18:50:35 2014 +0100
@@ -115,11 +115,11 @@
                 || (isSandboxed && SecurityDesc.SANDBOX_PERMISSIONS.equals(desc));
         final String signedMsg;
         if (isFullySigned && !isSandboxed) {
-            signedMsg = "The applet is fully signed";
+            signedMsg = Translator.R("STOAsignedMsgFully");
         } else if (isFullySigned && isSandboxed) {
-            signedMsg = "The applet is fully signed and sandboxed";
+            signedMsg = Translator.R("STOAsignedMsgAndSandbox");
         } else {
-            signedMsg = "The applet is not fully signed";
+            signedMsg = Translator.R("STOAsignedMsgPartiall");
         }
         OutputController.getLogger().log(OutputController.Level.MESSAGE_DEBUG,
                 "Trusted Only manifest attribute is \"true\". " + signedMsg + " and requests permission level: " + securityType);

From jvanek at redhat.com  Wed Mar 26 17:52:35 2014
From: jvanek at redhat.com (Jiri Vanek)
Date: Wed, 26 Mar 2014 18:52:35 +0100
Subject: [rfc][icedtea-web][policyeditor] Modal PolicyEditor
In-Reply-To: <5332F7D4.7080506@redhat.com>
References: <53305AD0.4020601@redhat.com>
	<53305BDD.9010204@redhat.com>	<533097F8.9090509@redhat.com>
	<533150B2.8030008@redhat.com>	<53318D53.3070502@redhat.com>
	<5331D3EF.7080407@redhat.com>	<5331E17E.5070302@redhat.com>
	<5332BA7D.5070300@redhat.com> <5332E8B6.1050605@redhat.com>
	<5332F7D4.7080506@redhat.com>
Message-ID: <533313E3.6050608@redhat.com>

On 03/26/2014 04:52 PM, Andrew Azores wrote:
> On 03/26/2014 10:48 AM, Andrew Azores wrote:
>> On 03/26/2014 07:31 AM, Jiri Vanek wrote:
>>> I think we misunderstood a bit.
>>>
>>> Attached is an patch doing what I wonted.
>>>
>>> It is defining interface (I wish it could be an class! :) ) common to both  PolicyEditorFrame and
>>> PolicyEditorDialog.
>>>
>>> It become quite verbose, but its cleaner.
>>>
>>>
>>> It is fixing one mayor bug:
>>> You had     public static class PolicyEditorFrame extends JDialog {
>>> So I fixed it to    public static class PolicyEditorFrame extends JFrame {
>>>
>>> And making the two constructors I wont private.
>>> I really don't know where we miscommunicated:))
>>>
>>> Also it is removing unnecessary    private final Window parentWindow by fixing the signature of
>>> methods which were using from incorrect window, to correct component.
>>>
>>>
>>> Otherwise it is same. If  you can survive my Interface, You can push.
>>> If not (and I agree it is maybe nuclear shot to kill a pigeon.. really maybe to much verbose)
>>> then please one last round. But keep your version :
>>>  - with two private constructors
>>>  - without aprent variable
>>>  - and without duplicate code.
>>>
>>>
>>> Sorry for my probably wrong explanations during reviews :(
>>>
>>>
>>> J.
>>
>> Wow, yes quite verbose. But it seems like a good enough solution. I'll push this then.
>>
>> Thanks,
>>
>
> As discussed on IRC, some flaws were found with this. This patch fixes the known problems at least.
> The "Save Changes" prompt now works properly again, and the checkbox labels and remove button are
> now the correct widths.
>
> Thanks,
>
Looks ok. Please double test  and push :)

Thank you!

J.

From aazores at icedtea.classpath.org  Wed Mar 26 17:57:03 2014
From: aazores at icedtea.classpath.org (aazores at icedtea.classpath.org)
Date: Wed, 26 Mar 2014 17:57:03 +0000
Subject: /hg/icedtea-web: Fix JOptionPane modality problems after making ...
Message-ID: <hg.f975d5db4fbd.1395856623.8643924302249223276@icedtea.classpath.org>

changeset f975d5db4fbd in /hg/icedtea-web
details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=f975d5db4fbd
author: Andrew Azores <aazores at redhat.com>
date: Wed Mar 26 13:56:55 2014 -0400

	Fix JOptionPane modality problems after making PolicyEditor itself modal

	* netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java:
	JOptionPane dialog parents set correctly to JDialog or JFrame rather than
	JPanel


diffstat:

 ChangeLog                                                         |    9 +-
 netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java |  147 ++++-----
 2 files changed, 79 insertions(+), 77 deletions(-)

diffs (285 lines):

diff -r 01a37b9ad8cb -r f975d5db4fbd ChangeLog
--- a/ChangeLog	Wed Mar 26 18:50:35 2014 +0100
+++ b/ChangeLog	Wed Mar 26 13:56:55 2014 -0400
@@ -1,3 +1,10 @@
+2014-03-26  Andrew Azores  <aazores at redhat.com>
+
+	Fix JOptionPane modality problems after making PolicyEditor itself modal
+	* netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java:
+	JOptionPane dialog parents set correctly to JDialog or JFrame rather than
+	JPanel
+
 2014-03-26  Jiri Vanek  <jvanek at redhat.com>
 
 	* netx/net/sourceforge/jnlp/resources/Messages.propertie: new keys (STOAsignedMsgFully)
@@ -9,7 +16,7 @@
 
 	Added possibility to group permissions in PolicyEditor
 	* netx/net/sourceforge/jnlp/resources/Messages.properties: added groups names
-	* netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java	: (setLayout)
+	* netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java: (setLayout)
 	added grouping panels and checkboxes. (JcheckBoxWithGroup) New inner class to work
 	with groups.
 	netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditorPermissions.java:
diff -r 01a37b9ad8cb -r f975d5db4fbd netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java
--- a/netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java	Wed Mar 26 18:50:35 2014 +0100
+++ b/netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java	Wed Mar 26 13:56:55 2014 -0400
@@ -36,11 +36,11 @@
 
 package net.sourceforge.jnlp.security.policyeditor;
 
+import static net.sourceforge.jnlp.runtime.Translator.R;
+
 import java.awt.Color;
 import java.awt.Container;
 import java.awt.Dialog.ModalityType;
-import static net.sourceforge.jnlp.runtime.Translator.R;
-
 import java.awt.GridBagConstraints;
 import java.awt.GridBagLayout;
 import java.awt.Window;
@@ -101,8 +101,8 @@
 import javax.swing.border.LineBorder;
 import javax.swing.event.ListSelectionEvent;
 import javax.swing.event.ListSelectionListener;
+
 import net.sourceforge.jnlp.security.policyeditor.PolicyEditorPermissions.Group;
-
 import net.sourceforge.jnlp.util.FileUtils;
 import net.sourceforge.jnlp.util.FileUtils.OpenFileResult;
 import net.sourceforge.jnlp.util.MD5SumWatcher;
@@ -178,8 +178,9 @@
     private final WeakReference<PolicyEditor> weakThis = new WeakReference<PolicyEditor>(this);
     private MD5SumWatcher fileWatcher;
 
-    private final ActionListener okButtonAction, closeButtonAction, addCodebaseButtonAction,
+    private final ActionListener okButtonAction, addCodebaseButtonAction,
             removeCodebaseButtonAction, openButtonAction, saveAsButtonAction, viewCustomButtonAction;
+    private ActionListener closeButtonAction;
 
     private static class JCheckBoxWithGroup extends JCheckBox {
 
@@ -260,15 +261,6 @@
         okButton.setText(R("ButApply"));
         okButton.addActionListener(okButtonAction);
 
-        closeButtonAction = new ActionListener() {
-            @Override
-            public void actionPerformed(final ActionEvent event) {
-                quit();
-            }
-        };
-        closeButton.setText(R("ButClose"));
-        closeButton.addActionListener(closeButtonAction);
-
         addCodebaseButtonAction = new ActionListener() {
             @Override
             public void actionPerformed(final ActionEvent e) {
@@ -364,7 +356,6 @@
         w.setDefaultCloseOperation(WindowConstants.DISPOSE_ON_CLOSE);
         w.setJMenuBar(createMenuBar(w.asWindow(), w.getPolicyEditor()));
         setupPolicyEditorWindow(w.asWindow(), w.getPolicyEditor());
-
     }
 
     private static void setupPolicyEditorWindow(final Window window, final PolicyEditor editor) {
@@ -375,17 +366,44 @@
         window.addWindowListener(new WindowAdapter() {
             @Override
             public void windowClosing(final WindowEvent e) {
-                editor.quit();
+                ((PolicyEditorWindow) window).quit();
                 window.dispose();
             }
         });
 
-        editor.closeButton.addActionListener(new ActionListener() {
+        editor.closeButtonAction = new ActionListener() {
+            @Override
+            public void actionPerformed(final ActionEvent event) {
+                ((PolicyEditorWindow) window).quit();
+            }
+        };
+        editor.closeButton.setText(R("ButClose"));
+        editor.closeButton.addActionListener(editor.closeButtonAction);
+
+
+        final Action saveAct = new AbstractAction() {
             @Override
             public void actionPerformed(final ActionEvent e) {
-                window.dispose();
+                editor.savePolicyFile();
             }
-        });
+        };
+        editor.setAccelerator(R("PEOkButtonMnemonic"), ActionEvent.ALT_MASK, saveAct, "OkButtonAccelerator");
+
+        final Action quitAct = new AbstractAction() {
+            @Override
+            public void actionPerformed(final ActionEvent e) {
+                ((PolicyEditorWindow) window).quit();
+            }
+        };
+        editor.setAccelerator(R("PECancelButtonMnemonic"), ActionEvent.ALT_MASK, quitAct, "CancelButtonAccelerator");
+
+        final Action escAct = new AbstractAction() {
+            @Override
+            public void actionPerformed(final ActionEvent e) {
+                ((PolicyEditorWindow) window).quit();
+            }
+        };
+        editor.setAccelerator(KeyEvent.VK_ESCAPE, ActionEvent.ALT_MASK, escAct, "ExitOnEscape");
     }
 
     public static interface PolicyEditorWindow {
@@ -403,6 +421,8 @@
         public Window asWindow();
 
         public void setModalityType(ModalityType modalityType);
+
+        public void quit();
     }
 
     private static class PolicyEditorFrame extends JFrame implements PolicyEditorWindow {
@@ -448,6 +468,22 @@
         public void setModalityType(ModalityType type) {
             //no op for frame
         }
+
+        @Override
+        public void quit() {
+            if (editor.changesMade) {
+                final int save = JOptionPane.showConfirmDialog(this, R("PESaveChanges"));
+                if (save == JOptionPane.YES_OPTION) {
+                    editor.savePolicyFile();
+                } else if (save == JOptionPane.CANCEL_OPTION) {
+                    return;
+                }
+            }
+            editor.weakThis.clear();
+            editor.setClosed();
+            dispose();
+        }
+
     }
 
     public static PolicyEditorWindow getPolicyEditorFrame(final String filepath) {
@@ -497,6 +533,21 @@
         public void setModalityType(ModalityType type) {
             super.setModalityType(type);
         }
+
+        @Override
+        public void quit() {
+            if (editor.changesMade) {
+                final int save = JOptionPane.showConfirmDialog(this, R("PESaveChanges"));
+                if (save == JOptionPane.YES_OPTION) {
+                    editor.savePolicyFile();
+                } else if (save == JOptionPane.CANCEL_OPTION) {
+                    return;
+                }
+            }
+            editor.weakThis.clear();
+            editor.setClosed();
+            dispose();
+        }
     }
 
     public static PolicyEditorWindow getPolicyEditorDialog(final String filepath) {
@@ -527,11 +578,8 @@
      * Set keyboard accelerators for each major function in the editor
      */
     private void setAccelerators() {
-        setEscapeExit();
         setAddCodebaseAccelerator();
         setRemoveCodebaseAccelerator();
-        setOkAccelerator();
-        setCancelAccelerator();
     }
 
     /**
@@ -568,19 +616,6 @@
     }
 
     /**
-     * Quit the editor when the Escape key is pressed
-     */
-    private void setEscapeExit() {
-        final Action act = new AbstractAction() {
-            @Override
-            public void actionPerformed(final ActionEvent e) {
-                quit();
-            }
-        };
-        setAccelerator(KeyEvent.VK_ESCAPE, ActionEvent.ALT_MASK, act, "ExitOnEscape");
-    }
-
-    /**
      * Add an accelerator for adding new codebases
      */
     private void setAddCodebaseAccelerator() {
@@ -607,48 +642,6 @@
     }
 
     /**
-     * Add an accelerator for applying changes (saving file)
-     */
-    private void setOkAccelerator() {
-        final Action act = new AbstractAction() {
-            @Override
-            public void actionPerformed(final ActionEvent e) {
-                savePolicyFile();
-            }
-        };
-        setAccelerator(R("PEOkButtonMnemonic"), ActionEvent.ALT_MASK, act, "OkButtonAccelerator");
-    }
-
-    /**
-     * Add an accelerator for quitting
-     */
-    private void setCancelAccelerator() {
-        final Action act = new AbstractAction() {
-            @Override
-            public void actionPerformed(final ActionEvent e) {
-                quit();
-            }
-        };
-        setAccelerator(R("PECancelButtonMnemonic"), ActionEvent.ALT_MASK, act, "CancelButtonAccelerator");
-    }
-
-    /**
-     * Quit, prompting the user first if there are unsaved changes
-     */
-    public void quit() {
-        if (changesMade) {
-            final int save = JOptionPane.showConfirmDialog(weakThis.get(), R("PESaveChanges"));
-            if (save == JOptionPane.YES_OPTION) {
-                savePolicyFile();
-            } else if (save == JOptionPane.CANCEL_OPTION) {
-                return;
-            }
-        }
-        weakThis.clear();
-        setClosed();
-    }
-
-    /**
      * Add a new codebase to the editor's model. If the codebase is not a valid URL,
      * the codebase is not added.
      * @param codebase to be added
@@ -923,6 +916,7 @@
 
         final GridBagConstraints checkboxConstraints = new GridBagConstraints();
         checkboxConstraints.anchor = GridBagConstraints.LINE_START;
+        checkboxConstraints.fill = GridBagConstraints.HORIZONTAL;
         checkboxConstraints.weightx = 0;
         checkboxConstraints.weighty = 0;
         checkboxConstraints.gridx = 2;
@@ -1073,6 +1067,7 @@
         removeCodebaseButtonConstraints.gridx = addCodebaseButtonConstraints.gridx + 1;
         removeCodebaseButtonConstraints.gridy = addCodebaseButtonConstraints.gridy;
         setComponentMnemonic(removeCodebaseButton, R("PERemoveCodebaseMnemonic"));
+        removeCodebaseButton.setPreferredSize(addCodebaseButton.getPreferredSize());
         add(removeCodebaseButton, removeCodebaseButtonConstraints);
 
         final GridBagConstraints okButtonConstraints = new GridBagConstraints();

From aazores at redhat.com  Wed Mar 26 20:41:29 2014
From: aazores at redhat.com (Andrew Azores)
Date: Wed, 26 Mar 2014 16:41:29 -0400
Subject: [rfc][icedtea-web] Temporary permissions
In-Reply-To: <53330BDB.2010104@redhat.com>
References: <53305587.9080208@redhat.com> <53305AC0.9060509@redhat.com>
	<53307400.60801@redhat.com> <53314EFA.2060201@redhat.com>
	<5331BE26.5060802@redhat.com> <5331D540.3060401@redhat.com>
	<5331D8C4.3040309@redhat.com> <53330BDB.2010104@redhat.com>
Message-ID: <53333B79.7010507@redhat.com>

On 03/26/2014 01:18 PM, Jiri Vanek wrote:
> On 03/25/2014 08:28 PM, Andrew Azores wrote:
>> On 03/25/2014 03:13 PM, Jiri Vanek wrote:
>>> On 03/25/2014 06:34 PM, Andrew Azores wrote:
>>>> On 03/25/2014 05:40 AM, Jiri Vanek wrote:
>>>>> Generally ok, except one important nit:
>>>>>
>>>>> final JMenuItem noCmdExec = new JMenuItem(R("STempPermNoExec"));
>>>>> + noCmdExec.addActionListener(new TemporaryPermissionsListener(
>>>>> + Permissions.READ_LOCAL_FILES, Permissions.WRITE_LOCAL_FILES,
>>>>> + Permissions.READ_TMP_FILES, Permissions.WRITE_TMP_FILES,
>>>>> + Permissions.READ_PROPERTIES, Permissions.WRITE_PROPERTIES,
>>>>> + Permissions.CLIPBOARD_ACCESS, Permissions.PLAY_AUDIO,
>>>>> + Permissions.PRINT_DOCUMENTS, Permissions.JAVA_REFLECTION,
>>>>> + Permissions.NETWORK_ACCESS));
>>>>> + policyMenu.add(noCmdExec);
>>>>>
>>>>> And similar:
>>>>> are - duplicated.
>>>>>
>>>>>
>>>>> You can push, as similar evil is already done.
>>>>>
>>>>> However refactoring, asn asap changeset is needed.
>>>>>
>>>>> the ||| advanced settings button will be encapsulated, so non of 
>>>>> its code is duplicated.
>>>>> You can have your own "extends jbutton" hwhich will do all this 
>>>>> logic. And you add jsut
>>>>> insntance of this button to the panes.
>>>>>
>>>>> Also all the :
>>>>> new TemporaryPermissionsListener(
>>>>> + Permissions.READ_LOCAL_FILES, Permissions.WRITE_LOCAL_FILES,
>>>>> + Permissions.READ_TMP_FILES, Permissions.WRITE_TMP_FILES,
>>>>> + Permissions.READ_PROPERTIES, Permissions.WRITE_PROPERTIES,
>>>>> + Permissions.CLIPBOARD_ACCESS, Permissions.PLAY_AUDIO,
>>>>> + Permissions.PRINT_DOCUMENTS, Permissions.JAVA_REFLECTION,
>>>>> + Permissions.NETWORK_ACCESS));
>>>>> + policyMenu.add(noCmdExec);
>>>>>
>>>>> should be encapsualted. Those permissionListeners may be stored in 
>>>>> some static class as static
>>>>> constantsand just used as singletons. or not?
>>>>> If not then they can be provided by some factory methods. But not 
>>>>> spred in gui code like this.
>>>>>
>>>>> Yes, just code celaning, but how it is now, i do not look nicely.
>>>>>
>>>>> Sorry for troubles:(
>>>>> J.
>>>>>
>>>>
>>>> You're right, it was getting very messy, and the code for the 
>>>> button/menu stuff definitely should
>>>> have been shared.
>>>>
>>>> So now, behold the monster you've asked for... ! :D
>>>>
>>>> 1) Button is pulled out into its own class and used in the two dialogs
>>>> 2) Popup menu is actually even simpler to make appear now (less 
>>>> futzing with position on screen)
>>>> 3) !! PolicyEditorPermissions are reused. It's some slightly scary 
>>>> reflection with a bit of regex
>>>> sprinkled in, but it works perfect.
>>>> 3b) Some of the temp permissions have been removed because 
>>>> PolicyEditorPermissions don't yet have
>>>> the right counterparts. But there's another patch I sent earlier 
>>>> that adds all of those
>>>> permissions as well, so then they can be added in quite quickly 
>>>> here after
>>>> 4) Temp permission types and menu entries are much much cleaner to 
>>>> define
>>>>
>>>
>>>
>>> hmhmhm - just see:
>>> +STempSoundOnly=Play audio
>>>  it is same issue as in case of reflection. it should probably allow 
>>> both recording and playing.
>>> UTwo permissions under one checkbox.
>>
>> Really? I can imagine many scenarios where a user is comfortable with 
>> an applet playing sound back
>> but not recording it. Reflection makes sense to group together but I 
>> think audio should be separate.
>>
>>>
>>> - maybe as tmp hack can serve some better grouping of checkboxes, 
>>> with one main - whcih will
>>> select/unselect all underlying. By this you will have your 
>>> one-permission-per-checkbox - and user
>>> will not be bored by to much on-first-glance-visible permissions. 
>>> Maybe I can do thsis tomorrow? I
>>> wil enjoy it :)
>>
>> Go ahead.
>>
>>>
>>>
>>> +    public static Permission getPermission(final 
>>> PolicyEditorPermissions editorPermission) {
>>>
>>> arrgh thats monster..... Why reflection!!?!??! No way!!!  it is our 
>>> class. Please do something
>>> public or whatever...
>>>
>>>
>>>
>>> Otherwise it is not os monsterous :)
>>
>> Well, I had to decide if I wanted to extend PolicyEditorPermissions 
>> with some way to convert into
>> Permissions, or to just add this translation layer separately. I 
>> liked the new layer better, since
>> PolicyEditorPermissions was really just intended for use within 
>> PolicyEditor, and in there we don't
>> need this kind of logic. So from outside of the model itself, 
>> reflection was actually not a bad way
>> to handle acquiring the correct kind of Permission subclass from the 
>> model - the alternative would
>> have been a switch or long if/else chain, which would have then meant 
>> that any new PermissionTypes
>> would have also needed an update to the TemporaryPermissions 
>> converter. Using reflection like this
>> means that it never has to be updated if the PermissionTypes change. 
>> I don't think this is even that
>> bad of a use of reflection - I don't think it's too hard to read, and 
>> it's not being used somewhere
>> performance critical or where it will be called very frequently.
>>
>> The other good option I've thought of is to add the Permission 
>> conversion logic to the
>> PolicyEditorPermissions model, and move/rename this model so it's 
>> more suitable as something shared
>> between PolicyEditor and these dialogs. The PolicyEditorPermissions 
>> could be constructed with a
>> Class reference, eg RuntimePermission.class, and have a Permission 
>> field that is then populated by
>> the constructor doing a bit less reflection. This eliminates the need 
>> for the Class.forName call,
>> but makes the PolicyEditorPermission model more complicated in a way 
>> that I don't think it really
>> needs to be.
>>
>
> hmm All three ways looks bad:( Both reflection and "any new 
> PermissionTypes  would have " is  very wrong.
>
>
> No advice here :( Sorry. But I belive you will figure it out O:)
>

As you said you preferred on IRC, here's the way where each temporary 
permission is just newly defined, rather than being directly converted 
from PolicyEditorPermissions. I do reuse what I can from them, just to 
eliminate as much extra hardcoding of Strings as possible, but the new 
Permissions are all defined manually. It took a while to figure out a 
way to make this look clean and be easy to extend in the future, as well 
as to be able to nicely define permissions as reductions from the All 
Permissions set, but I think I've managed it.

Thanks,

-- 
Andrew A

-------------- next part --------------
A non-text attachment was scrubbed...
Name: temporary-permissions-3.patch
Type: text/x-patch
Size: 42991 bytes
Desc: not available
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140326/fe2b6f52/temporary-permissions-3-0001.patch>

From gnu.andrew at redhat.com  Wed Mar 26 20:51:45 2014
From: gnu.andrew at redhat.com (Andrew Hughes)
Date: Wed, 26 Mar 2014 16:51:45 -0400 (EDT)
Subject: Bug in fonts of OpenJDK
In-Reply-To: <COL128-W86ACF8C69571A82EA8CE9CA9640@phx.gbl>
References: <COL128-W86ACF8C69571A82EA8CE9CA9640@phx.gbl>
Message-ID: <210514705.1213497.1395867105303.JavaMail.zimbra@redhat.com>



----- Original Message -----
> I have tested the OpenJDK in the OpenSUSE distribution and the Windows and
> Linux builds at
> http://www.azulsystems.com/products/zulu
> All have the same bug, which Oracle JDK
> http://www.oracle.com/technetwork/java/javase/downloads/index-jsp-138363.html
> don't have.
> 
> If you start SwingSet2.jar and naviagte to a "Source Code"-tab, then the
> sourcecode is formatted.
> But on Oracles Java, words like "import", "public", "int", etc. are bold. On
> OpenJDK they are not.
> But the other words, which are colored, are on Oracles JDK and OpenJDK same
> colored.
> 
> Greatings
> theuserbl

Which versions?
-- 
Andrew :)

Free Java Software Engineer
Red Hat, Inc. (http://www.redhat.com)

PGP Key: 248BDC07 (https://keys.indymedia.org/)
Fingerprint = EC5A 1F5E C0AD 1D15 8F1F  8F91 3B96 A578 248B DC07


From andrew at icedtea.classpath.org  Wed Mar 26 22:23:43 2014
From: andrew at icedtea.classpath.org (andrew at icedtea.classpath.org)
Date: Wed, 26 Mar 2014 22:23:43 +0000
Subject: /hg/release/icedtea7-2.4: PR1713: Support AArch64 Port
Message-ID: <hg.b9722cf65cbe.1395872623.5789328834432805220@icedtea.classpath.org>

changeset b9722cf65cbe in /hg/release/icedtea7-2.4
details: http://icedtea.classpath.org/hg/release/icedtea7-2.4?cmd=changeset;node=b9722cf65cbe
author: Andrew John Hughes <gnu_andrew at member.fsf.org>
date: Wed Mar 26 20:58:00 2014 +0000

	PR1713: Support AArch64 Port

	2014-03-26  Andrew John Hughes  <gnu.andrew at member.fsf.org>

		* Makefile.am:
		(JDK_CHANGESET): Bring in PR1713.
		(JDK_SHA256SUM): Likewise.
		* NEWS:
		List PR1713 and enablement of ARM32 JIT.
		Add AArch64 section and rename 'ARM port' section
		as 'ARM32 port'.


diffstat:

 ChangeLog   |  10 ++++++++++
 Makefile.am |   4 ++--
 NEWS        |   5 ++++-
 3 files changed, 16 insertions(+), 3 deletions(-)

diffs (59 lines):

diff -r ec74d72298dd -r b9722cf65cbe ChangeLog
--- a/ChangeLog	Fri Mar 21 17:50:28 2014 +0000
+++ b/ChangeLog	Wed Mar 26 20:58:00 2014 +0000
@@ -1,3 +1,13 @@
+2014-03-26  Andrew John Hughes  <gnu.andrew at member.fsf.org>
+
+	* Makefile.am:
+	(JDK_CHANGESET): Bring in PR1713.
+	(JDK_SHA256SUM): Likewise.
+	* NEWS:
+	List PR1713 and enablement of ARM32 JIT.
+	Add AArch64 section and rename 'ARM port' section
+	as 'ARM32 port'.
+
 2014-03-21  Andrew John Hughes  <gnu.andrew at member.fsf.org>
 
 	* acinclude.m4:
diff -r ec74d72298dd -r b9722cf65cbe Makefile.am
--- a/Makefile.am	Fri Mar 21 17:50:28 2014 +0000
+++ b/Makefile.am	Wed Mar 26 20:58:00 2014 +0000
@@ -7,14 +7,14 @@
 CORBA_CHANGESET = 48ef1bb6d120
 JAXP_CHANGESET = e0ba4b9a8b91
 JAXWS_CHANGESET = 4bd947cd146b
-JDK_CHANGESET = f582aad1fce8
+JDK_CHANGESET = b5282042aae0
 LANGTOOLS_CHANGESET = 06eeb77dac24
 OPENJDK_CHANGESET = b028e58c1b77
 
 CORBA_SHA256SUM = 2fcfe699797154da8b4ba5242e32468b2f3f42a0cb17039915bfb1f84887a5b6
 JAXP_SHA256SUM = e7014057721b8392676bd24760c3f7b3dd40548abb3c8dfbe8df2fa04d7c1fca
 JAXWS_SHA256SUM = 17ed5278872ad0c9ec3a849caf1480e5942b714e35c9a4a949d09daac4b34c5a
-JDK_SHA256SUM = 17410212d856da9f52f87a6289d3937d3748992855d53bb5e1496fe7879e27cd
+JDK_SHA256SUM = ab9b0e973625604b12a2f027cb2a6f9bc5160ef7df55408da6ca8a9c3aaed2d5
 LANGTOOLS_SHA256SUM = a67e62618c70ef9190b2aef2b49be9d79624be9363bda258828b17494e092477
 OPENJDK_SHA256SUM = e6be030ac5934781d9682dc3108980fa7d2330c32da3cea4ae74df11fbaa92f2
 
diff -r ec74d72298dd -r b9722cf65cbe NEWS
--- a/NEWS	Fri Mar 21 17:50:28 2014 +0000
+++ b/NEWS	Wed Mar 26 20:58:00 2014 +0000
@@ -25,7 +25,7 @@
   - PR1684: Build fails with empty PAX_COMMAND
   - RH1015432: java-1.7.0-openjdk: Fails on PPC with StackOverflowError (revised fix)
   - Link against $(LIBDL) if SYSTEM_CUPS is not true
-* ARM port
+* ARM32 port
   - Add arm_port from IcedTea 6
   - Add patches/arm.patch from IcedTea 6
   - Add patches/arm-debug.patch from IcedTea 6
@@ -63,6 +63,9 @@
   - Include $(CFLAGS) in assembler stage
   - PR1626: ARM32 assembler update for hsx24. Use ARM32JIT to turn it on/off.
   - Replace literal offsets for METHOD_SIZEOFPARAMETERS and ISTATE_NEXT_FRAME with correct symbolic names.
+  - Turn ARM32 JIT on by default
+* AArch64 port
+  - PR1713: Support AArch64 Port
 * Shark
   - Add Shark definitions from 8003868
   - Drop compile_method argument removed in 7083786 from sharkCompiler.cpp

From bugzilla-daemon at icedtea.classpath.org  Wed Mar 26 22:23:50 2014
From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org)
Date: Wed, 26 Mar 2014 22:23:50 +0000
Subject: [Bug 1713] [IcedTea7] Support AArch64 Port
In-Reply-To: <bug-1713-30@http.icedtea.classpath.org/bugzilla/>
References: <bug-1713-30@http.icedtea.classpath.org/bugzilla/>
Message-ID: <bug-1713-30-zoNxRkHyu1@http.icedtea.classpath.org/bugzilla/>

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1713

--- Comment #3 from hg commits <mercurial at icedtea.classpath.org> ---
details:
http://icedtea.classpath.org//hg/release/icedtea7-2.4?cmd=changeset;node=b9722cf65cbe
author: Andrew John Hughes <gnu_andrew at member.fsf.org>
date: Wed Mar 26 20:58:00 2014 +0000

    PR1713: Support AArch64 Port

    2014-03-26  Andrew John Hughes  <gnu.andrew at member.fsf.org>

        * Makefile.am:
        (JDK_CHANGESET): Bring in PR1713.
        (JDK_SHA256SUM): Likewise.
        * NEWS:
        List PR1713 and enablement of ARM32 JIT.
        Add AArch64 section and rename 'ARM port' section
        as 'ARM32 port'.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140326/ca468299/attachment.html>

From andrew at icedtea.classpath.org  Thu Mar 27 03:52:08 2014
From: andrew at icedtea.classpath.org (andrew at icedtea.classpath.org)
Date: Thu, 27 Mar 2014 03:52:08 +0000
Subject: /hg/icedtea7: Perform configure checks using ecj.jar if native e...
Message-ID: <hg.bf2f5ea62322.1395892328.2873452341184383833@icedtea.classpath.org>

changeset bf2f5ea62322 in /hg/icedtea7
details: http://icedtea.classpath.org/hg/icedtea7?cmd=changeset;node=bf2f5ea62322
author: Andrew John Hughes <gnu_andrew at member.fsf.org>
date: Thu Mar 27 03:50:20 2014 +0000

	Perform configure checks using ecj.jar if native ecj is enabled.

	2014-03-26  Andrew John Hughes  <gnu.andrew at member.fsf.org>

		Perform configure checks using ecj.jar
		if native ecj is enabled.
		* Makefile.am:
		(native-ecj): Link against gcj explicitly.
		* acinclude.m4:
		(IT_FIND_COMPILER): Run IT_WITH_GCJ
		and set JAVAC to an invocation of the ECJ_JAR
		if native ecj is used. Depend on IT_FIND_JAVA
		and IT_FIND_ECJ_JAR for this.
		(IT_FIND_ECJ_JAR): Define only once.
		(IT_WITH_GCJ): Likewise.
		(IT_DIAMOND_CHECK): Depend on IT_CHECK_JAVA_AND_JAVAC_WORK.
		* configure.ac: Remove invocation of IT_WITH_GCJ.


diffstat:

 ChangeLog    |  16 ++++++++++++++++
 Makefile.am  |   2 +-
 acinclude.m4 |  13 +++++++++++--
 configure.ac |   1 -
 4 files changed, 28 insertions(+), 4 deletions(-)

diffs (93 lines):

diff -r 80573ab16562 -r bf2f5ea62322 ChangeLog
--- a/ChangeLog	Mon Mar 24 16:41:29 2014 -0400
+++ b/ChangeLog	Thu Mar 27 03:50:20 2014 +0000
@@ -1,3 +1,19 @@
+2014-03-26  Andrew John Hughes  <gnu.andrew at member.fsf.org>
+
+	Perform configure checks using ecj.jar
+	if native ecj is enabled.
+	* Makefile.am:
+	(native-ecj): Link against gcj explicitly.
+	* acinclude.m4:
+	(IT_FIND_COMPILER): Run IT_WITH_GCJ
+	and set JAVAC to an invocation of the ECJ_JAR
+	if native ecj is used. Depend on IT_FIND_JAVA
+	and IT_FIND_ECJ_JAR for this.
+	(IT_FIND_ECJ_JAR): Define only once.
+	(IT_WITH_GCJ): Likewise.
+	(IT_DIAMOND_CHECK): Depend on IT_CHECK_JAVA_AND_JAVAC_WORK.
+	* configure.ac: Remove invocation of IT_WITH_GCJ.
+
 2014-03-24  Pavel Tisnovsky  <ptisnovs at redhat.com>
 
 	* contrib/jck/compile-native-code.sh:
diff -r 80573ab16562 -r bf2f5ea62322 Makefile.am
--- a/Makefile.am	Mon Mar 24 16:41:29 2014 -0400
+++ b/Makefile.am	Thu Mar 27 03:50:20 2014 +0000
@@ -1584,7 +1584,7 @@
 	mkdir -p stamps 
 if BUILD_NATIVE_ECJ
 	${GCJ} $(IT_CFLAGS) -Wl,-Bsymbolic -findirect-dispatch -o native-ecj \
-	    --main=org.eclipse.jdt.internal.compiler.batch.Main ${ECJ_JAR}
+	    --main=org.eclipse.jdt.internal.compiler.batch.Main -lgcj ${ECJ_JAR}
 endif
 	touch $@
 
diff -r 80573ab16562 -r bf2f5ea62322 acinclude.m4
--- a/acinclude.m4	Mon Mar 24 16:41:29 2014 -0400
+++ b/acinclude.m4	Thu Mar 27 03:50:20 2014 +0000
@@ -126,9 +126,17 @@
 
 AC_DEFUN([IT_FIND_COMPILER],
 [
+  AC_REQUIRE([IT_FIND_JAVA])
+  AC_REQUIRE([IT_FIND_ECJ_JAR])
+
   IT_FIND_JAVAC
   IT_FIND_ECJ
   IT_USING_ECJ
+  IT_WITH_GCJ
+  
+  if test x"${GCJ}" != xno ; then
+    JAVAC="${JAVA} -classpath ${ECJ_JAR} org.eclipse.jdt.internal.compiler.batch.Main"
+  fi
 
   AC_SUBST(ECJ)
   AC_SUBST(JAVAC)
@@ -315,7 +323,7 @@
   AM_CONDITIONAL([SRC_DIR_HARDLINKABLE], test x"${it_cv_hardlink_src}" = "xyes")
 ])
 
-AC_DEFUN([IT_FIND_ECJ_JAR],
+AC_DEFUN_ONCE([IT_FIND_ECJ_JAR],
 [
   AC_MSG_CHECKING([for an ecj JAR file])
   AC_ARG_WITH([ecj-jar],
@@ -922,7 +930,7 @@
   AM_CONDITIONAL([USE_JDK7], test x"${project}" = "xjdk7")
 ])
 
-AC_DEFUN([IT_WITH_GCJ],
+AC_DEFUN_ONCE([IT_WITH_GCJ],
 [
   AC_MSG_CHECKING([whether to compile ecj natively])
   AC_ARG_WITH([gcj],
@@ -1774,6 +1782,7 @@
 ])
 
 AC_DEFUN([IT_DIAMOND_CHECK],[
+  AC_REQUIRE([IT_CHECK_JAVA_AND_JAVAC_WORK])
   AC_CACHE_CHECK([if javac lacks support for the diamond operator], it_cv_diamond, [
   CLASS=Test.java
   BYTECODE=$(echo $CLASS|sed 's#\.java##')
diff -r 80573ab16562 -r bf2f5ea62322 configure.ac
--- a/configure.ac	Mon Mar 24 16:41:29 2014 -0400
+++ b/configure.ac	Thu Mar 27 03:50:20 2014 +0000
@@ -43,7 +43,6 @@
 IT_CHECK_FOR_MERCURIAL
 IT_OBTAIN_HG_REVISIONS
 AC_PATH_TOOL([LSB_RELEASE],[lsb_release])
-IT_WITH_GCJ
 IT_WITH_HOTSPOT_BUILD
 AC_PATH_TOOL([LINUX32],[linux32])
 IT_CHECK_GCC_VERSION

From ptisnovs at icedtea.classpath.org  Thu Mar 27 08:54:18 2014
From: ptisnovs at icedtea.classpath.org (ptisnovs at icedtea.classpath.org)
Date: Thu, 27 Mar 2014 08:54:18 +0000
Subject: /hg/gfx-test: Ten new tests added into BitBltAffineQuadrantRotat...
Message-ID: <hg.3ab1971d3e7c.1395910458.-6248649288953172555@icedtea.classpath.org>

changeset 3ab1971d3e7c in /hg/gfx-test
details: http://icedtea.classpath.org/hg/gfx-test?cmd=changeset;node=3ab1971d3e7c
author: Pavel Tisnovsky <ptisnovs at redhat.com>
date: Thu Mar 27 09:54:59 2014 +0100

	Ten new tests added into BitBltAffineQuadrantRotateTransformOp.


diffstat:

 ChangeLog                                                             |    5 +
 src/org/gfxtest/testsuites/BitBltAffineQuadrantRotateTransformOp.java |  140 ++++++++++
 2 files changed, 145 insertions(+), 0 deletions(-)

diffs (162 lines):

diff -r 638107db910c -r 3ab1971d3e7c ChangeLog
--- a/ChangeLog	Wed Mar 26 12:21:48 2014 +0100
+++ b/ChangeLog	Thu Mar 27 09:54:59 2014 +0100
@@ -1,3 +1,8 @@
+2014-03-27  Pavel Tisnovsky  <ptisnovs at redhat.com>
+
+	* src/org/gfxtest/testsuites/BitBltAffineQuadrantRotateTransformOp.java:
+	Ten new tests added into BitBltAffineQuadrantRotateTransformOp.
+
 2014-03-26  Pavel Tisnovsky  <ptisnovs at redhat.com>
 
 	* src/org/gfxtest/testsuites/BitBltAffineQuadrantRotateTransformOp.java:
diff -r 638107db910c -r 3ab1971d3e7c src/org/gfxtest/testsuites/BitBltAffineQuadrantRotateTransformOp.java
--- a/src/org/gfxtest/testsuites/BitBltAffineQuadrantRotateTransformOp.java	Wed Mar 26 12:21:48 2014 +0100
+++ b/src/org/gfxtest/testsuites/BitBltAffineQuadrantRotateTransformOp.java	Thu Mar 27 09:54:59 2014 +0100
@@ -1033,6 +1033,146 @@
     }
 
     /**
+     * Test basic BitBlt operation for empty buffered image with type TYPE_USHORT_555_RGB.
+     *
+     * @param image
+     *            image used as a destination for BitBlt-type operations
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testBitBltEmptyBufferedImageTypeUshort555RGBRotateTransformation0Nearest1Op(TestImage image, Graphics2D graphics2d)
+    {
+        return doBitBltEmptyBufferedImageTypeUshort555RGB(image, graphics2d, RotateTransformationNearest1Op[0]);
+    }
+
+    /**
+     * Test basic BitBlt operation for empty buffered image with type TYPE_USHORT_555_RGB.
+     *
+     * @param image
+     *            image used as a destination for BitBlt-type operations
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testBitBltEmptyBufferedImageTypeUshort555RGBRotateTransformation1Nearest1Op(TestImage image, Graphics2D graphics2d)
+    {
+        return doBitBltEmptyBufferedImageTypeUshort555RGB(image, graphics2d, RotateTransformationNearest1Op[1]);
+    }
+
+    /**
+     * Test basic BitBlt operation for empty buffered image with type TYPE_USHORT_555_RGB.
+     *
+     * @param image
+     *            image used as a destination for BitBlt-type operations
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testBitBltEmptyBufferedImageTypeUshort555RGBRotateTransformation2Nearest1Op(TestImage image, Graphics2D graphics2d)
+    {
+        return doBitBltEmptyBufferedImageTypeUshort555RGB(image, graphics2d, RotateTransformationNearest1Op[2]);
+    }
+
+    /**
+     * Test basic BitBlt operation for empty buffered image with type TYPE_USHORT_555_RGB.
+     *
+     * @param image
+     *            image used as a destination for BitBlt-type operations
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testBitBltEmptyBufferedImageTypeUshort555RGBRotateTransformation3Nearest1Op(TestImage image, Graphics2D graphics2d)
+    {
+        return doBitBltEmptyBufferedImageTypeUshort555RGB(image, graphics2d, RotateTransformationNearest1Op[3]);
+    }
+
+    /**
+     * Test basic BitBlt operation for empty buffered image with type TYPE_USHORT_555_RGB.
+     *
+     * @param image
+     *            image used as a destination for BitBlt-type operations
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testBitBltEmptyBufferedImageTypeUshort555RGBRotateTransformation4Nearest1Op(TestImage image, Graphics2D graphics2d)
+    {
+        return doBitBltEmptyBufferedImageTypeUshort555RGB(image, graphics2d, RotateTransformationNearest1Op[4]);
+    }
+
+    /**
+      Test basic BitBlt operation for empty buffered image with type TYPE_USHORT_555_RGB.
+     *
+     * @param image
+     *            image used as a destination for BitBlt-type operations
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testBitBltEmptyBufferedImageTypeUshort555RGBRotateTransformation5Nearest1Op(TestImage image, Graphics2D graphics2d)
+    {
+        return doBitBltEmptyBufferedImageTypeUshort555RGB(image, graphics2d, RotateTransformationNearest1Op[5]);
+    }
+
+    /**
+     * Test basic BitBlt operation for empty buffered image with type TYPE_USHORT_565_RGB.
+     *
+     * @param image
+     *            image used as a destination for BitBlt-type operations
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testBitBltEmptyBufferedImageTypeUshort565RGBRotateTransformation0Nearest1Op(TestImage image, Graphics2D graphics2d)
+    {
+        return doBitBltEmptyBufferedImageTypeUshort565RGB(image, graphics2d, RotateTransformationNearest1Op[0]);
+    }
+
+    /**
+     * Test basic BitBlt operation for empty buffered image with type TYPE_USHORT_565_RGB.
+     *
+     * @param image
+     *            image used as a destination for BitBlt-type operations
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testBitBltEmptyBufferedImageTypeUshort565RGBRotateTransformation1Nearest1Op(TestImage image, Graphics2D graphics2d)
+    {
+        return doBitBltEmptyBufferedImageTypeUshort565RGB(image, graphics2d, RotateTransformationNearest1Op[1]);
+    }
+
+    /**
+     * Test basic BitBlt operation for empty buffered image with type TYPE_USHORT_565_RGB.
+     *
+     * @param image
+     *            image used as a destination for BitBlt-type operations
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testBitBltEmptyBufferedImageTypeUshort565RGBRotateTransformation2Nearest1Op(TestImage image, Graphics2D graphics2d)
+    {
+        return doBitBltEmptyBufferedImageTypeUshort565RGB(image, graphics2d, RotateTransformationNearest1Op[2]);
+    }
+
+    /**
+     * Test basic BitBlt operation for empty buffered image with type TYPE_USHORT_565_RGB.
+     *
+     * @param image
+     *            image used as a destination for BitBlt-type operations
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testBitBltEmptyBufferedImageTypeUshort565RGBRotateTransformation3Nearest1Op(TestImage image, Graphics2D graphics2d)
+    {
+        return doBitBltEmptyBufferedImageTypeUshort565RGB(image, graphics2d, RotateTransformationNearest1Op[3]);
+    }
+
+    /**
      * Test basic BitBlt operation for checker buffered image with type TYPE_3BYTE_BGR.
      *
      * @param image

From ptisnovs at icedtea.classpath.org  Thu Mar 27 09:01:39 2014
From: ptisnovs at icedtea.classpath.org (ptisnovs at icedtea.classpath.org)
Date: Thu, 27 Mar 2014 09:01:39 +0000
Subject: /hg/rhino-tests: Added new tests testGetResourceAsStreamPositiov...
Message-ID: <hg.2b9db1e50f41.1395910899.-6019694633368342460@icedtea.classpath.org>

changeset 2b9db1e50f41 in /hg/rhino-tests
details: http://icedtea.classpath.org/hg/rhino-tests?cmd=changeset;node=2b9db1e50f41
author: Pavel Tisnovsky <ptisnovs at redhat.com>
date: Thu Mar 27 10:02:20 2014 +0100

	Added new tests testGetResourceAsStreamPositioveTest
	into ScriptEngineClassTest.


diffstat:

 ChangeLog                                     |   6 ++
 src/org/RhinoTests/ScriptEngineClassTest.java |  61 +++++++++++++++++++++++++++
 2 files changed, 67 insertions(+), 0 deletions(-)

diffs (84 lines):

diff -r d9b4a5a38938 -r 2b9db1e50f41 ChangeLog
--- a/ChangeLog	Wed Mar 26 12:25:39 2014 +0100
+++ b/ChangeLog	Thu Mar 27 10:02:20 2014 +0100
@@ -1,3 +1,9 @@
+2014-03-27  Pavel Tisnovsky  <ptisnovs at redhat.com>
+
+	* src/org/RhinoTests/ScriptEngineClassTest.java:
+	Added new tests testGetResourceAsStreamPositioveTest
+	into ScriptEngineClassTest.
+
 2014-03-26  Pavel Tisnovsky  <ptisnovs at redhat.com>
 
 	* src/org/RhinoTests/ScriptContextClassTest.java:
diff -r d9b4a5a38938 -r 2b9db1e50f41 src/org/RhinoTests/ScriptEngineClassTest.java
--- a/src/org/RhinoTests/ScriptEngineClassTest.java	Wed Mar 26 12:25:39 2014 +0100
+++ b/src/org/RhinoTests/ScriptEngineClassTest.java	Thu Mar 27 10:02:20 2014 +0100
@@ -2048,6 +2048,67 @@
     }
 
     /**
+     * Test for method javax.script.ScriptEngine.getClass().getResourceAsStreamNegativeTest()
+     */
+    protected void testGetResourceAsStreamNegativeTest() {
+        Object stream = null;
+        stream = this.scriptEngineClass.getResourceAsStream("/org/RhinoTests/AbstractScriptEngineClassTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/AbstractScriptEngineClassTest.class\") returns null");
+        stream = this.scriptEngineClass.getResourceAsStream("/org/RhinoTests/BaseRhinoTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/BaseRhinoTest.class\") returns null");
+        stream = this.scriptEngineClass.getResourceAsStream("/org/RhinoTests/BindingsClassTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/BindingsClassTest.class\") returns null");
+        stream = this.scriptEngineClass.getResourceAsStream("/org/RhinoTests/BindingsTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/BindingsTest.class\") returns null");
+        stream = this.scriptEngineClass.getResourceAsStream("/org/RhinoTests/CompilableClassTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/CompilableClassTest.class\") returns null");
+        stream = this.scriptEngineClass.getResourceAsStream("/org/RhinoTests/CompilableTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/CompilableTest.class\") returns null");
+        stream = this.scriptEngineClass.getResourceAsStream("/org/RhinoTests/CompiledScriptClassTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/CompiledScriptClassTest.class\") returns null");
+        stream = this.scriptEngineClass.getResourceAsStream("/org/RhinoTests/CompiledScriptTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/CompiledScriptTest.class\") returns null");
+        stream = this.scriptEngineClass.getResourceAsStream("/org/RhinoTests/Constants.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/Constants.class\") returns null");
+        stream = this.scriptEngineClass.getResourceAsStream("/org/RhinoTests/InvocableClassTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/InvocableClassTest.class\") returns null");
+        stream = this.scriptEngineClass.getResourceAsStream("/org/RhinoTests/InvocableTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/InvocableTest.class\") returns null");
+        stream = this.scriptEngineClass.getResourceAsStream("/org/RhinoTests/JavaScriptSnippets.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/JavaScriptSnippets.class\") returns null");
+        stream = this.scriptEngineClass.getResourceAsStream("/org/RhinoTests/JavaScriptsTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/JavaScriptsTest.class\") returns null");
+        stream = this.scriptEngineClass.getResourceAsStream("/org/RhinoTests/ScriptContextClassTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/ScriptContextClassTest.class\") returns null");
+        stream = this.scriptEngineClass.getResourceAsStream("/org/RhinoTests/ScriptContextTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/ScriptContextTest.class\") returns null");
+        stream = this.scriptEngineClass.getResourceAsStream("/org/RhinoTests/ScriptEngineClassTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/ScriptEngineClassTest.class\") returns null");
+        stream = this.scriptEngineClass.getResourceAsStream("/org/RhinoTests/ScriptEngineFactoryClassTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/ScriptEngineFactoryClassTest.class\") returns null");
+        stream = this.scriptEngineClass.getResourceAsStream("/org/RhinoTests/ScriptEngineFactoryTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/ScriptEngineFactoryTest.class\") returns null");
+        stream = this.scriptEngineClass.getResourceAsStream("/org/RhinoTests/ScriptEngineManagerClassTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/ScriptEngineManagerClassTest.class\") returns null");
+        stream = this.scriptEngineClass.getResourceAsStream("/org/RhinoTests/ScriptEngineManagerTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/ScriptEngineManagerTest.class\") returns null");
+        stream = this.scriptEngineClass.getResourceAsStream("/org/RhinoTests/ScriptEngineTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/ScriptEngineTest.class\") returns null");
+        stream = this.scriptEngineClass.getResourceAsStream("/org/RhinoTests/ScriptExceptionClassTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/ScriptExceptionClassTest.class\") returns null");
+        stream = this.scriptEngineClass.getResourceAsStream("/org/RhinoTests/ScriptExceptionTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/ScriptExceptionTest.class\") returns null");
+        stream = this.scriptEngineClass.getResourceAsStream("/org/RhinoTests/SimpleBindingsClassTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/SimpleBindingsClassTest.class\") returns null");
+        stream = this.scriptEngineClass.getResourceAsStream("/org/RhinoTests/SimpleBindingsTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/SimpleBindingsTest.class\") returns null");
+        stream = this.scriptEngineClass.getResourceAsStream("/org/RhinoTests/SimpleScriptContextClassTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/SimpleScriptContextClassTest.class\") returns null");
+        stream = this.scriptEngineClass.getResourceAsStream("/org/RhinoTests/SimpleScriptContextTest.class");
+        assertNotNull(stream, "getAsStreamResource(\"/org/RhinoTests/SimpleScriptContextTest.class\") returns null");
+    }
+
+    /**
      * Test for instanceof operator applied to a class javax.script.ScriptEngine
      */
     @SuppressWarnings("cast")

From jvanek at icedtea.classpath.org  Thu Mar 27 13:09:25 2014
From: jvanek at icedtea.classpath.org (jvanek at icedtea.classpath.org)
Date: Thu, 27 Mar 2014 13:09:25 +0000
Subject: /hg/icedtea-web: Clenaup in PolicyEditor tests and MVC
Message-ID: <hg.b4631fce293a.1395925765.8643924302249223276@icedtea.classpath.org>

changeset b4631fce293a in /hg/icedtea-web
details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=b4631fce293a
author: Jiri Vanek <jvanek at redhat.com>
date: Thu Mar 27 14:08:54 2014 +0100

	Clenaup in PolicyEditor tests and MVC


diffstat:

 ChangeLog                                                                                   |  10 +++
 netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java                           |  29 ++++++++-
 tests/netx/unit/net/sourceforge/jnlp/security/policyeditor/CustomPermissionTest.java        |   2 -
 tests/netx/unit/net/sourceforge/jnlp/security/policyeditor/PermissionActionsTest.java       |   3 +-
 tests/netx/unit/net/sourceforge/jnlp/security/policyeditor/PermissionTargetTest.java        |   1 -
 tests/netx/unit/net/sourceforge/jnlp/security/policyeditor/PermissionTypeTest.java          |   1 -
 tests/netx/unit/net/sourceforge/jnlp/security/policyeditor/PolicyEditorParsingTest.java     |  14 +---
 tests/netx/unit/net/sourceforge/jnlp/security/policyeditor/PolicyEditorPermissionsTest.java |   6 +-
 tests/netx/unit/net/sourceforge/jnlp/security/policyeditor/PolicyEditorTest.java            |   6 +-
 tests/test-extensions/net/sourceforge/jnlp/util/FileTestUtils.java                          |   4 +
 10 files changed, 47 insertions(+), 29 deletions(-)

diffs (201 lines):

diff -r f975d5db4fbd -r b4631fce293a ChangeLog
--- a/ChangeLog	Wed Mar 26 13:56:55 2014 -0400
+++ b/ChangeLog	Thu Mar 27 14:08:54 2014 +0100
@@ -1,3 +1,13 @@
+2014-03-27  Jiri Vanek  <jvanek at redhat.com>
+
+	Clenaup in PolicyEditor tests and MVC
+	* netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java: MVC
+	mixing method (updatecheckboxes) splited to invokelater and plain impls.
+	* tests/netx/unit/net/sourceforge/jnlp/security/policyeditor/* : removed
+	warnings and fixed wrong package declaration.
+	* tests/test-extensions/net/sourceforge/jnlp/util/FileTestUtils.java: when
+	filelaks are negative, take it as success.
+
 2014-03-26  Andrew Azores  <aazores at redhat.com>
 
 	Fix JOptionPane modality problems after making PolicyEditor itself modal
diff -r f975d5db4fbd -r b4631fce293a netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java
--- a/netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java	Wed Mar 26 13:56:55 2014 -0400
+++ b/netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java	Thu Mar 27 14:08:54 2014 +0100
@@ -55,6 +55,7 @@
 import java.io.FileNotFoundException;
 import java.io.IOException;
 import java.lang.ref.WeakReference;
+import java.lang.reflect.InvocationTargetException;
 import java.net.MalformedURLException;
 import java.net.URL;
 import java.nio.channels.FileLock;
@@ -793,10 +794,31 @@
      * @param codebase whose permissions to display
      */
     private void updateCheckboxes(final String codebase) {
-        SwingUtilities.invokeLater(new Runnable() {
+        try {
+            if (SwingUtilities.isEventDispatchThread()){
+             updateCheckboxesImpl(codebase);   
+            } else {
+            updateCheckboxesInvokeAndWait(codebase);
+            }
+        } catch (InterruptedException ex) {
+            OutputController.getLogger().log(ex);
+        } catch (InvocationTargetException ex) {
+            OutputController.getLogger().log(ex);
+        }
+    }
+    
+    private void updateCheckboxesInvokeAndWait(final String codebase) throws InterruptedException, InvocationTargetException {
+        SwingUtilities.invokeAndWait(new Runnable() {
             @Override
             public void run() {
-                for (final PolicyEditorPermissions perm : PolicyEditorPermissions.values()) {
+               updateCheckboxesImpl(codebase);
+            }
+        });
+
+    }
+    
+     private void updateCheckboxesImpl(String codebase) {
+                 for (final PolicyEditorPermissions perm : PolicyEditorPermissions.values()) {
                     final JCheckBox box = checkboxMap.get(perm);
                     for (final ActionListener l : box.getActionListeners()) {
                         box.removeActionListener(l);
@@ -830,9 +852,6 @@
                     });
                 }
             }
-        });
-
-    }
 
     /**
      * Set a mnemonic key for a menu item or button
diff -r f975d5db4fbd -r b4631fce293a tests/netx/unit/net/sourceforge/jnlp/security/policyeditor/CustomPermissionTest.java
--- a/tests/netx/unit/net/sourceforge/jnlp/security/policyeditor/CustomPermissionTest.java	Wed Mar 26 13:56:55 2014 -0400
+++ b/tests/netx/unit/net/sourceforge/jnlp/security/policyeditor/CustomPermissionTest.java	Thu Mar 27 14:08:54 2014 +0100
@@ -37,8 +37,6 @@
 package net.sourceforge.jnlp.security.policyeditor;
 
 import static org.junit.Assert.assertTrue;
-import net.sourceforge.jnlp.security.policyeditor.CustomPermission;
-
 import org.junit.Test;
 
 public class CustomPermissionTest {
diff -r f975d5db4fbd -r b4631fce293a tests/netx/unit/net/sourceforge/jnlp/security/policyeditor/PermissionActionsTest.java
--- a/tests/netx/unit/net/sourceforge/jnlp/security/policyeditor/PermissionActionsTest.java	Wed Mar 26 13:56:55 2014 -0400
+++ b/tests/netx/unit/net/sourceforge/jnlp/security/policyeditor/PermissionActionsTest.java	Thu Mar 27 14:08:54 2014 +0100
@@ -36,10 +36,9 @@
 
 package net.sourceforge.jnlp.security.policyeditor;
 
-import static org.junit.Assert.assertTrue;
-
 import java.util.HashSet;
 import java.util.Set;
+import static org.junit.Assert.assertTrue;
 import org.junit.Test;
 
 public class PermissionActionsTest {
diff -r f975d5db4fbd -r b4631fce293a tests/netx/unit/net/sourceforge/jnlp/security/policyeditor/PermissionTargetTest.java
--- a/tests/netx/unit/net/sourceforge/jnlp/security/policyeditor/PermissionTargetTest.java	Wed Mar 26 13:56:55 2014 -0400
+++ b/tests/netx/unit/net/sourceforge/jnlp/security/policyeditor/PermissionTargetTest.java	Thu Mar 27 14:08:54 2014 +0100
@@ -37,7 +37,6 @@
 package net.sourceforge.jnlp.security.policyeditor;
 
 import static org.junit.Assert.assertTrue;
-
 import org.junit.Test;
 
 public class PermissionTargetTest {
diff -r f975d5db4fbd -r b4631fce293a tests/netx/unit/net/sourceforge/jnlp/security/policyeditor/PermissionTypeTest.java
--- a/tests/netx/unit/net/sourceforge/jnlp/security/policyeditor/PermissionTypeTest.java	Wed Mar 26 13:56:55 2014 -0400
+++ b/tests/netx/unit/net/sourceforge/jnlp/security/policyeditor/PermissionTypeTest.java	Thu Mar 27 14:08:54 2014 +0100
@@ -37,7 +37,6 @@
 package net.sourceforge.jnlp.security.policyeditor;
 
 import static org.junit.Assert.assertTrue;
-
 import org.junit.Test;
 
 public class PermissionTypeTest {
diff -r f975d5db4fbd -r b4631fce293a tests/netx/unit/net/sourceforge/jnlp/security/policyeditor/PolicyEditorParsingTest.java
--- a/tests/netx/unit/net/sourceforge/jnlp/security/policyeditor/PolicyEditorParsingTest.java	Wed Mar 26 13:56:55 2014 -0400
+++ b/tests/netx/unit/net/sourceforge/jnlp/security/policyeditor/PolicyEditorParsingTest.java	Thu Mar 27 14:08:54 2014 +0100
@@ -33,18 +33,14 @@
 obligated to do so.  If you do not wish to do so, delete this
 exception statement from your version.
  */
+package net.sourceforge.jnlp.security.policyeditor;
 
+import java.io.File;
+import java.util.Map;
+import net.sourceforge.jnlp.annotations.KnownToFail;
+import net.sourceforge.jnlp.util.FileUtils;
 import static org.junit.Assert.assertFalse;
 import static org.junit.Assert.assertTrue;
-
-import java.io.File;
-import java.io.FileInputStream;
-import java.util.Map;
-import net.sourceforge.jnlp.annotations.KnownToFail;
-import net.sourceforge.jnlp.security.policyeditor.PolicyEditor;
-import net.sourceforge.jnlp.security.policyeditor.PolicyEditorPermissions;
-import net.sourceforge.jnlp.util.FileUtils;
-import org.junit.After;
 import org.junit.Before;
 import org.junit.Test;
 
diff -r f975d5db4fbd -r b4631fce293a tests/netx/unit/net/sourceforge/jnlp/security/policyeditor/PolicyEditorPermissionsTest.java
--- a/tests/netx/unit/net/sourceforge/jnlp/security/policyeditor/PolicyEditorPermissionsTest.java	Wed Mar 26 13:56:55 2014 -0400
+++ b/tests/netx/unit/net/sourceforge/jnlp/security/policyeditor/PolicyEditorPermissionsTest.java	Thu Mar 27 14:08:54 2014 +0100
@@ -36,13 +36,9 @@
 
 package net.sourceforge.jnlp.security.policyeditor;
 
+import java.util.regex.Pattern;
 import static org.junit.Assert.assertFalse;
 import static org.junit.Assert.assertTrue;
-
-import java.util.regex.Pattern;
-
-import net.sourceforge.jnlp.security.policyeditor.PolicyEditorPermissions;
-
 import org.junit.Test;
 
 public class PolicyEditorPermissionsTest {
diff -r f975d5db4fbd -r b4631fce293a tests/netx/unit/net/sourceforge/jnlp/security/policyeditor/PolicyEditorTest.java
--- a/tests/netx/unit/net/sourceforge/jnlp/security/policyeditor/PolicyEditorTest.java	Wed Mar 26 13:56:55 2014 -0400
+++ b/tests/netx/unit/net/sourceforge/jnlp/security/policyeditor/PolicyEditorTest.java	Thu Mar 27 14:08:54 2014 +0100
@@ -36,15 +36,13 @@
 
 package net.sourceforge.jnlp.security.policyeditor;
 
-import static org.junit.Assert.assertFalse;
-import static org.junit.Assert.assertTrue;
-
 import java.io.File;
 import java.util.Collection;
 import java.util.HashSet;
 import java.util.Map;
 import java.util.Set;
-
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertTrue;
 import org.junit.Before;
 import org.junit.Test;
 
diff -r f975d5db4fbd -r b4631fce293a tests/test-extensions/net/sourceforge/jnlp/util/FileTestUtils.java
--- a/tests/test-extensions/net/sourceforge/jnlp/util/FileTestUtils.java	Wed Mar 26 13:56:55 2014 -0400
+++ b/tests/test-extensions/net/sourceforge/jnlp/util/FileTestUtils.java	Thu Mar 27 14:08:54 2014 +0100
@@ -79,6 +79,10 @@
         runnable.run();
         Thread.sleep(10);
         long filesLeaked = getOpenFileDescriptorCount() - filesOpenBefore;
+        //how come? Appearently can...
+        if (filesLeaked<0){
+            return;
+        }
         assertEquals(0, filesLeaked);
     }
 

From aazores at redhat.com  Thu Mar 27 14:22:18 2014
From: aazores at redhat.com (Andrew Azores)
Date: Thu, 27 Mar 2014 10:22:18 -0400
Subject: [rfc][icedtea-web][policyeditor] Checkbox and codebase list bug fixes
Message-ID: <5334341A.9060005@redhat.com>

Hi,

This patch fixes two bugs:
1) checkboxes not displaying the correct permissions for the default 
selected codebase, when opening an existing non-empty policy file
2) opening a policy file multiple times leading to several of the same 
codebase entry in the list

Thanks,

-- 
Andrew A

-------------- next part --------------
A non-text attachment was scrubbed...
Name: policyeditor-checkboxes-fixes.patch
Type: text/x-patch
Size: 2640 bytes
Desc: not available
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140327/de8b2d3f/policyeditor-checkboxes-fixes.patch>

From jvanek at redhat.com  Thu Mar 27 14:37:08 2014
From: jvanek at redhat.com (Jiri Vanek)
Date: Thu, 27 Mar 2014 15:37:08 +0100
Subject: [rfc][icedtea-web][policyeditor] Checkbox and codebase list bug
	fixes
In-Reply-To: <5334341A.9060005@redhat.com>
References: <5334341A.9060005@redhat.com>
Message-ID: <53343794.7000902@redhat.com>

On 03/27/2014 03:22 PM, Andrew Azores wrote:
> Hi,
>
> This patch fixes two bugs:
> 1) checkboxes not displaying the correct permissions for the default selected codebase, when opening
> an existing non-empty policy file
> 2) opening a policy file multiple times leading to several of the same codebase entry in the list
>
> Thanks,
>

Looks ok. Please ensure it works with tmp permissions patchapplied, and donot break any unittests;)

Once done, ok to push.

From aazores at redhat.com  Thu Mar 27 14:45:28 2014
From: aazores at redhat.com (Andrew Azores)
Date: Thu, 27 Mar 2014 10:45:28 -0400
Subject: [rfc][icedtea-web][policyeditor] Fix for NPE when trying to open
	a file
Message-ID: <53343988.6000002@redhat.com>

Hi,

This workflow:
1) Open PolicyEditor with no filepath
2) Make changes
3) File>Open, without saving first
4) Select "Yes" to save changes

Currently results in:
5) NPE

due to the file field still being null. With this patch, it is the 
following:
5) File chooser appears for Save As action
6) Save file somewhere, or cancel
7) If file chooser was not cancelled, a new file chooser appears for the 
Open action. If it was cancelled, return back to the editor, with 
changes preserved but not saved to file

Thanks,

-- 
Andrew A

-------------- next part --------------
A non-text attachment was scrubbed...
Name: policyeditor-open-with-changes-npe.patch
Type: text/x-patch
Size: 1159 bytes
Desc: not available
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140327/97032f74/policyeditor-open-with-changes-npe.patch>

From jvanek at redhat.com  Thu Mar 27 14:55:21 2014
From: jvanek at redhat.com (Jiri Vanek)
Date: Thu, 27 Mar 2014 15:55:21 +0100
Subject: [rfc][icedtea-web][policyeditor] Fix for NPE when trying to open
	a file
In-Reply-To: <53343988.6000002@redhat.com>
References: <53343988.6000002@redhat.com>
Message-ID: <53343BD9.9090204@redhat.com>

On 03/27/2014 03:45 PM, Andrew Azores wrote:
> Hi,
>
> This workflow:
> 1) Open PolicyEditor with no filepath
> 2) Make changes
> 3) File>Open, without saving first
> 4) Select "Yes" to save changes
>
> Currently results in:
> 5) NPE
>
> due to the file field still being null. With this patch, it is the following:
> 5) File chooser appears for Save As action
> 6) Save file somewhere, or cancel
> 7) If file chooser was not cancelled, a new file chooser appears for the Open action. If it was
> cancelled, return back to the editor, with changes preserved but not saved to file
>
> Thanks,
>
Same conditions as for " Checkbox and codebase list bug fixes" Then ok to push.

From aazores at redhat.com  Thu Mar 27 14:57:42 2014
From: aazores at redhat.com (Andrew Azores)
Date: Thu, 27 Mar 2014 10:57:42 -0400
Subject: [rfc][icedtea-web] Temporary permissions
In-Reply-To: <5334360A.4030608@redhat.com>
References: <53305587.9080208@redhat.com> <53305AC0.9060509@redhat.com>
	<53307400.60801@redhat.com> <53314EFA.2060201@redhat.com>
	<5331BE26.5060802@redhat.com> <5331D540.3060401@redhat.com>
	<5331D8C4.3040309@redhat.com> <53330BDB.2010104@redhat.com>
	<53333B79.7010507@redhat.com> <5334360A.4030608@redhat.com>
Message-ID: <53343C66.6080801@redhat.com>

On 03/27/2014 10:30 AM, Jiri Vanek wrote:
> ..snip...
>>>
>>
>> As you said you preferred on IRC, here's the way where each temporary 
>> permission is just newly
>> defined, rather than being directly converted from 
>> PolicyEditorPermissions. I do reuse what I can
>> from them, just to eliminate as much extra hardcoding of Strings as 
>> possible, but the new
>> Permissions are all defined manually. It took a while to figure out a 
>> way to make this look clean
>> and be easy to extend in the future, as well as to be able to nicely 
>> define permissions as
>> reductions from the All Permissions set, but I think I've managed it.
>>
>
> I like this patch.
>
> one mayor nit - it broke 8 tests:
>
> FAILED: 
> testNormalPolicyWithMixedEndings(net.sourceforge.jnlp.security.policyeditor.PolicyEditorParsingTest) 
> Permissions should include READ_LOCAL_FILES
> FAILED: 
> testNormalPolicyWithLFEndings(net.sourceforge.jnlp.security.policyeditor.PolicyEditorParsingTest) 
> Permissions should include READ_LOCAL_FILES
> FAILED: 
> testCommentAfterPermission(net.sourceforge.jnlp.security.policyeditor.PolicyEditorParsingTest) 
> Permissions should include READ_LOCAL_FILES
> FAILED: 
> testPolicyWithCodebase(net.sourceforge.jnlp.security.policyeditor.PolicyEditorParsingTest) 
> Permissions should include READ_LOCAL_FILES
> Passed: 
> net.sourceforge.jnlp.security.policyeditor.PolicyEditorParsingTest.testCommentedLine
> FAILED: 
> testMultiplePermissions(net.sourceforge.jnlp.security.policyeditor.PolicyEditorParsingTest) 
> Permissions should include READ_LOCAL_FILES
> FAILED: 
> testNormalPolicy(net.sourceforge.jnlp.security.policyeditor.PolicyEditorParsingTest) 
> Permissions should include READ_LOCAL_FILES
> FAILED: 
> testNormalPolicyWithHeader(net.sourceforge.jnlp.security.policyeditor.PolicyEditorParsingTest) 
> Permissions should include READ_LOCAL_FILES
> FAILED: 
> testNormalPolicyWithCRLFEndings(net.sourceforge.jnlp.security.policyeditor.PolicyEditorParsingTest) 
> Permissions should include READ_LOCAL_FILES

Ahh good catch, thanks. I slightly changed the PermissionTarget for the 
user home directory and forgot to mirror this in the unit tests, that's all.

>
> ...
>> +
>> +    private class PolicyEditorPopupListener implements MouseListener {
>> +        private final Component parent;
>> +
>> +        public PolicyEditorPopupListener(final Component parent) {
>> +            this.parent = parent;
>> +        }
>> +
>> +        @Override
>> +        public void mouseClicked(final MouseEvent e) {
>> +            menu.show(parent, e.getX(), e.getY());
>> +        }
>> +
>> +        @Override
>> +        public void mousePressed(final MouseEvent e) {
>> +        }
>> +
>> +        @Override
>> +        public void mouseReleased(final MouseEvent e) {
>> +        }
>> +
>> +        @Override
>> +        public void mouseEntered(final MouseEvent e) {
>> +        }
>> +
>> +        @Override
>> +        public void mouseExited(final MouseEvent e) {
>> +        }
>> +    }
>
>
> please use mouse adapter :))
>
>
> ...

Learn something useful every day :)

>
>> @@ -53,6 +53,9 @@ public enum PolicyEditorPermissions {
>>       WRITE_LOCAL_FILES(R("PEWriteFiles"), R("PEWriteFilesDetail"),
>>               PermissionType.FILE_PERMISSION, 
>> PermissionTarget.USER_HOME, PermissionActions.WRITE),
>>
>> +    DELETE_LOCAL_FILES(R("PEDeleteFiles"), R("PEDeleteFilesDetail"),
>> +            PermissionType.FILE_PERMISSION, 
>> PermissionTarget.USER_HOME, PermissionActions.DELETE),
>> +
>>       READ_PROPERTIES(R("PEReadProps"), R("PEReadPropsDetail"),
>>               PermissionType.PROPERTY_PERMISSION, 
>> PermissionTarget.ALL, PermissionActions.READ),
>>
>> @@ -71,6 +74,9 @@ public enum PolicyEditorPermissions {
>>       WRITE_TMP_FILES(R("PEWriteTempFiles"), 
>> R("PEWriteTempFilesDetail"),
>>               PermissionType.FILE_PERMISSION, 
>> PermissionTarget.TMPDIR, PermissionActions.WRITE),
>>
>> +    DELETE_TMP_FILES(R("PEDeleteTempFiles"), 
>> R("PEDeleteTempFilesDetail"),
>> +            PermissionType.FILE_PERMISSION, PermissionTarget.TMPDIR, 
>> PermissionActions.DELETE),
>> +
>>       JAVA_REFLECTION(R("PEReflection"), R("PEReflectionDetail"),
>>               PermissionType.REFLECT_PERMISSION, 
>> PermissionTarget.REFLECT, PermissionActions.NONE),
>>
>>
> Those should (if you wish) be gtrouped undeer write system group.

Done.

>
> Final decissopn - minors are ok. Once fixed this can go in.
>
>
> The unittets  - please fixed. If fixes are minor, then push once 
> fixed.If they will grow, feel free to post another round.
>
> jsut double answer - the unittestsmust be fixed befor push :)
>
> J.

Thanks,

-- 
Andrew A


From jvanek at redhat.com  Thu Mar 27 14:30:34 2014
From: jvanek at redhat.com (Jiri Vanek)
Date: Thu, 27 Mar 2014 15:30:34 +0100
Subject: [rfc][icedtea-web] Temporary permissions
In-Reply-To: <53333B79.7010507@redhat.com>
References: <53305587.9080208@redhat.com> <53305AC0.9060509@redhat.com>
	<53307400.60801@redhat.com> <53314EFA.2060201@redhat.com>
	<5331BE26.5060802@redhat.com> <5331D540.3060401@redhat.com>
	<5331D8C4.3040309@redhat.com> <53330BDB.2010104@redhat.com>
	<53333B79.7010507@redhat.com>
Message-ID: <5334360A.4030608@redhat.com>

..snip...
>>
>
> As you said you preferred on IRC, here's the way where each temporary permission is just newly
> defined, rather than being directly converted from PolicyEditorPermissions. I do reuse what I can
> from them, just to eliminate as much extra hardcoding of Strings as possible, but the new
> Permissions are all defined manually. It took a while to figure out a way to make this look clean
> and be easy to extend in the future, as well as to be able to nicely define permissions as
> reductions from the All Permissions set, but I think I've managed it.
>

I like this patch.

one mayor nit - it broke 8 tests:

FAILED: 
testNormalPolicyWithMixedEndings(net.sourceforge.jnlp.security.policyeditor.PolicyEditorParsingTest) 
Permissions should include READ_LOCAL_FILES
FAILED: 
testNormalPolicyWithLFEndings(net.sourceforge.jnlp.security.policyeditor.PolicyEditorParsingTest) 
Permissions should include READ_LOCAL_FILES
FAILED: 
testCommentAfterPermission(net.sourceforge.jnlp.security.policyeditor.PolicyEditorParsingTest) 
Permissions should include READ_LOCAL_FILES
FAILED: testPolicyWithCodebase(net.sourceforge.jnlp.security.policyeditor.PolicyEditorParsingTest) 
Permissions should include READ_LOCAL_FILES
Passed: net.sourceforge.jnlp.security.policyeditor.PolicyEditorParsingTest.testCommentedLine
FAILED: testMultiplePermissions(net.sourceforge.jnlp.security.policyeditor.PolicyEditorParsingTest) 
Permissions should include READ_LOCAL_FILES
FAILED: testNormalPolicy(net.sourceforge.jnlp.security.policyeditor.PolicyEditorParsingTest) 
Permissions should include READ_LOCAL_FILES
FAILED: 
testNormalPolicyWithHeader(net.sourceforge.jnlp.security.policyeditor.PolicyEditorParsingTest) 
Permissions should include READ_LOCAL_FILES
FAILED: 
testNormalPolicyWithCRLFEndings(net.sourceforge.jnlp.security.policyeditor.PolicyEditorParsingTest) 
Permissions should include READ_LOCAL_FILES

...
> +
> +    private class PolicyEditorPopupListener implements MouseListener {
> +        private final Component parent;
> +
> +        public PolicyEditorPopupListener(final Component parent) {
> +            this.parent = parent;
> +        }
> +
> +        @Override
> +        public void mouseClicked(final MouseEvent e) {
> +            menu.show(parent, e.getX(), e.getY());
> +        }
> +
> +        @Override
> +        public void mousePressed(final MouseEvent e) {
> +        }
> +
> +        @Override
> +        public void mouseReleased(final MouseEvent e) {
> +        }
> +
> +        @Override
> +        public void mouseEntered(final MouseEvent e) {
> +        }
> +
> +        @Override
> +        public void mouseExited(final MouseEvent e) {
> +        }
> +    }


please use mouse adapter :))


...

> @@ -53,6 +53,9 @@ public enum PolicyEditorPermissions {
>       WRITE_LOCAL_FILES(R("PEWriteFiles"), R("PEWriteFilesDetail"),
>               PermissionType.FILE_PERMISSION, PermissionTarget.USER_HOME, PermissionActions.WRITE),
>
> +    DELETE_LOCAL_FILES(R("PEDeleteFiles"), R("PEDeleteFilesDetail"),
> +            PermissionType.FILE_PERMISSION, PermissionTarget.USER_HOME, PermissionActions.DELETE),
> +
>       READ_PROPERTIES(R("PEReadProps"), R("PEReadPropsDetail"),
>               PermissionType.PROPERTY_PERMISSION, PermissionTarget.ALL, PermissionActions.READ),
>
> @@ -71,6 +74,9 @@ public enum PolicyEditorPermissions {
>       WRITE_TMP_FILES(R("PEWriteTempFiles"), R("PEWriteTempFilesDetail"),
>               PermissionType.FILE_PERMISSION, PermissionTarget.TMPDIR, PermissionActions.WRITE),
>
> +    DELETE_TMP_FILES(R("PEDeleteTempFiles"), R("PEDeleteTempFilesDetail"),
> +            PermissionType.FILE_PERMISSION, PermissionTarget.TMPDIR, PermissionActions.DELETE),
> +
>       JAVA_REFLECTION(R("PEReflection"), R("PEReflectionDetail"),
>               PermissionType.REFLECT_PERMISSION, PermissionTarget.REFLECT, PermissionActions.NONE),
>
>
Those should (if you wish) be gtrouped undeer write system group.

Final decissopn - minors are ok. Once fixed this can go in.


The unittets  - please fixed. If fixes are minor, then push once fixed.If they will grow, feel free 
to post another round.

jsut double answer - the unittestsmust be fixed befor push :)

J.

From aazores at icedtea.classpath.org  Thu Mar 27 15:08:35 2014
From: aazores at icedtea.classpath.org (aazores at icedtea.classpath.org)
Date: Thu, 27 Mar 2014 15:08:35 +0000
Subject: /hg/icedtea-web: Applets can be granted temporary permissions fr...
Message-ID: <hg.ede0279b5c53.1395932915.8643924302249223276@icedtea.classpath.org>

changeset ede0279b5c53 in /hg/icedtea-web
details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=ede0279b5c53
author: Andrew Azores <aazores at redhat.com>
date: Thu Mar 27 11:08:09 2014 -0400

	Applets can be granted temporary permissions from security dialogs

	Applets can be temporarily granted permission levels above fully sandboxed
	but below all-permission
	* netx/net/sourceforge/jnlp/resources/Messages.properties:
	(STempPermNoFile, STempPermNoNetwork, STempPermNoExec,
	STempPermNoFileOrNetwork, STempPermNoExecOrNetwork, STempPermNoFileOrExec,
	STempPermNoFileOrNetworkOrExec, STempAllMedia, STempSoundOnly,
	STempClipboardOnly, STempPrintOnly, STempAllFileAndPropertyAccess,
	STempReadLocalFilesAndProperties, STempReflectionOnly): new messages
	* netx/net/sourceforge/jnlp/security/SecurityDialog.java: (installPanel)
	pass SecurityDelegate to partially signed dialog
	* netx/net/sourceforge/jnlp/security/SecurityDialogs.java:
	(showPartiallySignedWarningDialog) added SecutityDelegate param for
	message extras
	* netx/net/sourceforge/jnlp/security/appletextendedsecurity/UnsignedAppletTrustConfirmation.java:
	(checkPartiallySignedWithUserIfRequired) added SecurityDelegate param
	* netx/net/sourceforge/jnlp/security/dialogs/CertWarningPane.java:
	(createPolicyPermissionsMenu, PolicyEditorLaunchListener,
	PolicyEditorPopupListener) removed in favour of TemporaryPermissionsButton
	* netx/net/sourceforge/jnlp/security/dialogs/apptrustwarningpanel/PartiallySignedAppTrustWarningPanel.java:
	same
	* netx/net/sourceforge/jnlp/security/dialogs/apptrustwarningpanel/AppTrustWarningDialog.java:
	(partiallySigned) SecurityDelegate param
	* netx/net/sourceforge/jnlp/security/policyeditor/PermissionActions.java:
	(DELETE, READLINK, FILE_ALL) new actions. (rawActions, rawString) can
	retrieve raw String representation of the action
	* netx/net/sourceforge/jnlp/security/policyeditor/PermissionTarget.java:
	(USER_HOME, TMPDIR) grant permissions to entire directory, not only
	children
	* netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditorPermissions.java:
	(DELETE_LOCAL_FILES, DELETE_TMP_FILES) new permissions.
	(Group.WriteFileSystem) added DELETE* permissions
	* nests/netx/unit/net/sourceforge/jnlp/security/policyeditor/PolicyEditorParsingTest.java:
	update for change in PermissionTarget
	* netx/net/sourceforge/jnlp/security/dialogs/TemporaryPermissions.java:
	new class
	* netx/net/sourceforge/jnlp/security/dialogs/TemporaryPermissionsButton.java:
	new class


diffstat:

 ChangeLog                                                                                                |   40 +
 netx/net/sourceforge/jnlp/resources/Messages.properties                                                  |   18 +
 netx/net/sourceforge/jnlp/security/SecurityDialog.java                                                   |    2 +-
 netx/net/sourceforge/jnlp/security/SecurityDialogs.java                                                  |    4 +-
 netx/net/sourceforge/jnlp/security/appletextendedsecurity/UnsignedAppletTrustConfirmation.java           |    2 +-
 netx/net/sourceforge/jnlp/security/dialogs/CertWarningPane.java                                          |   74 +---
 netx/net/sourceforge/jnlp/security/dialogs/TemporaryPermissions.java                                     |  204 ++++++++++
 netx/net/sourceforge/jnlp/security/dialogs/TemporaryPermissionsButton.java                               |  191 +++++++++
 netx/net/sourceforge/jnlp/security/dialogs/apptrustwarningpanel/AppTrustWarningDialog.java               |    7 +-
 netx/net/sourceforge/jnlp/security/dialogs/apptrustwarningpanel/PartiallySignedAppTrustWarningPanel.java |  123 ++----
 netx/net/sourceforge/jnlp/security/policyeditor/PermissionActions.java                                   |    9 +
 netx/net/sourceforge/jnlp/security/policyeditor/PermissionTarget.java                                    |    4 +-
 netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditorPermissions.java                             |   24 +-
 tests/netx/unit/net/sourceforge/jnlp/security/policyeditor/PolicyEditorParsingTest.java                  |    4 +-
 14 files changed, 530 insertions(+), 176 deletions(-)

diffs (truncated from 1021 to 500 lines):

diff -r b4631fce293a -r ede0279b5c53 ChangeLog
--- a/ChangeLog	Thu Mar 27 14:08:54 2014 +0100
+++ b/ChangeLog	Thu Mar 27 11:08:09 2014 -0400
@@ -1,3 +1,43 @@
+2014-03-27  Andrew Azores  <aazores at redhat.com>
+
+	Applets can be temporarily granted permission levels above fully sandboxed
+	but below all-permission
+	* netx/net/sourceforge/jnlp/resources/Messages.properties:
+	(STempPermNoFile, STempPermNoNetwork, STempPermNoExec,
+	STempPermNoFileOrNetwork, STempPermNoExecOrNetwork, STempPermNoFileOrExec,
+	STempPermNoFileOrNetworkOrExec, STempAllMedia, STempSoundOnly,
+	STempClipboardOnly, STempPrintOnly, STempAllFileAndPropertyAccess,
+	STempReadLocalFilesAndProperties, STempReflectionOnly): new messages
+	* netx/net/sourceforge/jnlp/security/SecurityDialog.java: (installPanel)
+	pass SecurityDelegate to partially signed dialog
+	* netx/net/sourceforge/jnlp/security/SecurityDialogs.java:
+	(showPartiallySignedWarningDialog) added SecutityDelegate param for
+	message extras
+	* netx/net/sourceforge/jnlp/security/appletextendedsecurity/UnsignedAppletTrustConfirmation.java:
+	(checkPartiallySignedWithUserIfRequired) added SecurityDelegate param
+	* netx/net/sourceforge/jnlp/security/dialogs/CertWarningPane.java:
+	(createPolicyPermissionsMenu, PolicyEditorLaunchListener,
+	PolicyEditorPopupListener) removed in favour of TemporaryPermissionsButton
+	* netx/net/sourceforge/jnlp/security/dialogs/apptrustwarningpanel/PartiallySignedAppTrustWarningPanel.java:
+	same
+	* netx/net/sourceforge/jnlp/security/dialogs/apptrustwarningpanel/AppTrustWarningDialog.java:
+	(partiallySigned) SecurityDelegate param
+	* netx/net/sourceforge/jnlp/security/policyeditor/PermissionActions.java:
+	(DELETE, READLINK, FILE_ALL) new actions. (rawActions, rawString) can
+	retrieve raw String representation of the action
+	* netx/net/sourceforge/jnlp/security/policyeditor/PermissionTarget.java:
+	(USER_HOME, TMPDIR) grant permissions to entire directory, not only
+	children
+	* netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditorPermissions.java: 
+	(DELETE_LOCAL_FILES, DELETE_TMP_FILES) new permissions.
+	(Group.WriteFileSystem) added DELETE* permissions
+	* nests/netx/unit/net/sourceforge/jnlp/security/policyeditor/PolicyEditorParsingTest.java: 
+	update for change in PermissionTarget
+	* netx/net/sourceforge/jnlp/security/dialogs/TemporaryPermissions.java:
+	new class
+	* netx/net/sourceforge/jnlp/security/dialogs/TemporaryPermissionsButton.java:
+	new class
+
 2014-03-27  Jiri Vanek  <jvanek at redhat.com>
 
 	Clenaup in PolicyEditor tests and MVC
diff -r b4631fce293a -r ede0279b5c53 netx/net/sourceforge/jnlp/resources/Messages.properties
--- a/netx/net/sourceforge/jnlp/resources/Messages.properties	Thu Mar 27 14:08:54 2014 +0100
+++ b/netx/net/sourceforge/jnlp/resources/Messages.properties	Thu Mar 27 11:08:09 2014 -0400
@@ -305,6 +305,20 @@
 STOAsignedMsgFully = The applet is fully signed
 STOAsignedMsgAndSandbox = The applet is fully signed and sandboxed
 STOAsignedMsgPartiall = The applet is not fully signed
+STempPermNoFile=No file access
+STempPermNoNetwork=No network access
+STempPermNoExec=No command execution
+STempNoFileOrNetwork=No file or network access
+STempNoExecOrNetwork=No command execution or network access
+STempNoFileOrExec=No file access or command execution
+STempNoFileOrNetworkOrExec=No file access, network access, or command execution
+STempAllMedia=All media
+STempSoundOnly=Play audio
+STempClipboardOnly=Access clipboard
+STempPrintOnly=Print documents
+STempAllFileAndPropertyAccess=All file and properties access
+STempReadLocalFilesAndProperties=Read-only local files and properties
+STempReflectionOnly=Java Reflection only
 
 # Security - used for the More Information dialog
 SBadKeyUsage=Resources contain entries whose signer certificate's KeyUsage extension doesn't allow code signing.
@@ -501,6 +515,8 @@
 PEReadFilesDetail=Allow applets to read from files in your home directory
 PEWriteFiles=Write to local files
 PEWriteFilesDetail=Allow applets to write to files in your home directory
+PEDeleteFiles=Delete local files
+PEDeleteFilesDetail=Allow applets to delete files in your home directory
 PEReadSystemFiles=Read all system files
 PEReadSystemFilesDetail=Allow applets read-only access to all locations on your computer
 PEWriteSystemFiles=Write all system files
@@ -509,6 +525,8 @@
 PEReadTempFilesDetail=Allow applets to read from your temporary files directory
 PEWriteTempFiles=Write to temp files
 PEWriteTempFilesDetail=Allow applets to write to your temporary files directory
+PEDeleteTempFiles=Delete temp files
+PEDeleteTempFilesDetail=Allow applets to delete files in your temporary files directory
 PEAWTPermission=Window System Access
 PEAWTPermissionDetail=Allow applets all AWT windowing system access
 PEClipboard=Access clipboard
diff -r b4631fce293a -r ede0279b5c53 netx/net/sourceforge/jnlp/security/SecurityDialog.java
--- a/netx/net/sourceforge/jnlp/security/SecurityDialog.java	Thu Mar 27 14:08:54 2014 +0100
+++ b/netx/net/sourceforge/jnlp/security/SecurityDialog.java	Thu Mar 27 11:08:09 2014 -0400
@@ -315,7 +315,7 @@
         else if (dialogType == DialogType.APPLET_WARNING)
             panel = new AppletWarningPane(this, this.certVerifier);
         else if (dialogType == DialogType.PARTIALLYSIGNED_WARNING)
-            panel = AppTrustWarningDialog.partiallySigned(this, file);
+            panel = AppTrustWarningDialog.partiallySigned(this, file, (SecurityDelegate) extras[0]);
         else if (dialogType == DialogType.UNSIGNED_WARNING) // Only necessary for applets on 'high security' or above
             panel = AppTrustWarningDialog.unsigned(this, file);
         else if (dialogType == DialogType.AUTHENTICATION)
diff -r b4631fce293a -r ede0279b5c53 netx/net/sourceforge/jnlp/security/SecurityDialogs.java
--- a/netx/net/sourceforge/jnlp/security/SecurityDialogs.java	Thu Mar 27 14:08:54 2014 +0100
+++ b/netx/net/sourceforge/jnlp/security/SecurityDialogs.java	Thu Mar 27 11:08:09 2014 -0400
@@ -221,13 +221,15 @@
      *
      * @return true if permission was granted by the user, false otherwise.
      */
-    public static AppSigningWarningAction showPartiallySignedWarningDialog(JNLPFile file, CertVerifier certVerifier) {
+    public static AppSigningWarningAction showPartiallySignedWarningDialog(JNLPFile file, CertVerifier certVerifier,
+            SecurityDelegate securityDelegate) {
 
         final SecurityDialogMessage message = new SecurityDialogMessage();
         message.dialogType = DialogType.PARTIALLYSIGNED_WARNING;
         message.accessType = AccessType.PARTIALLYSIGNED;
         message.file = file;
         message.certVerifier = certVerifier;
+        message.extras = new Object[] { securityDelegate };
 
         return (AppSigningWarningAction) getUserResponse(message);
     }
diff -r b4631fce293a -r ede0279b5c53 netx/net/sourceforge/jnlp/security/appletextendedsecurity/UnsignedAppletTrustConfirmation.java
--- a/netx/net/sourceforge/jnlp/security/appletextendedsecurity/UnsignedAppletTrustConfirmation.java	Thu Mar 27 14:08:54 2014 +0100
+++ b/netx/net/sourceforge/jnlp/security/appletextendedsecurity/UnsignedAppletTrustConfirmation.java	Thu Mar 27 11:08:09 2014 -0400
@@ -239,7 +239,7 @@
             appletOK = false;
         } else {
             // No remembered decision, prompt the user
-            AppSigningWarningAction warningResponse = SecurityDialogs.showPartiallySignedWarningDialog(file, certVerifier);
+            AppSigningWarningAction warningResponse = SecurityDialogs.showPartiallySignedWarningDialog(file, certVerifier, securityDelegate);
             ExecuteAppletAction executeAction = warningResponse.getAction();
 
             if (executeAction == ExecuteAppletAction.SANDBOX) {
diff -r b4631fce293a -r ede0279b5c53 netx/net/sourceforge/jnlp/security/dialogs/CertWarningPane.java
--- a/netx/net/sourceforge/jnlp/security/dialogs/CertWarningPane.java	Thu Mar 27 14:08:54 2014 +0100
+++ b/netx/net/sourceforge/jnlp/security/dialogs/CertWarningPane.java	Thu Mar 27 11:08:09 2014 -0400
@@ -41,20 +41,15 @@
 
 import java.awt.BorderLayout;
 import java.awt.Color;
-import java.awt.Dialog.ModalityType;
 import java.awt.Dimension;
 import java.awt.FlowLayout;
 import java.awt.Font;
 import java.awt.GridLayout;
 import java.awt.event.ActionEvent;
 import java.awt.event.ActionListener;
-import java.awt.event.MouseEvent;
-import java.awt.event.MouseListener;
 import java.io.File;
 import java.io.FileOutputStream;
 import java.io.OutputStream;
-import java.net.MalformedURLException;
-import java.net.URL;
 import java.security.KeyStore;
 import java.security.cert.Certificate;
 import java.security.cert.X509Certificate;
@@ -65,16 +60,13 @@
 import javax.swing.JButton;
 import javax.swing.JCheckBox;
 import javax.swing.JLabel;
-import javax.swing.JMenuItem;
 import javax.swing.JPanel;
 import javax.swing.JPopupMenu;
 import javax.swing.SwingConstants;
 
 import net.sourceforge.jnlp.JNLPFile;
 import net.sourceforge.jnlp.PluginBridge;
-import net.sourceforge.jnlp.config.DeploymentConfiguration;
 import net.sourceforge.jnlp.runtime.JNLPClassLoader.SecurityDelegate;
-import net.sourceforge.jnlp.runtime.JNLPRuntime;
 import net.sourceforge.jnlp.security.CertVerifier;
 import net.sourceforge.jnlp.security.CertificateUtils;
 import net.sourceforge.jnlp.security.HttpsCertVerifier;
@@ -84,7 +76,6 @@
 import net.sourceforge.jnlp.security.SecurityDialog;
 import net.sourceforge.jnlp.security.SecurityDialogs.AccessType;
 import net.sourceforge.jnlp.security.SecurityUtil;
-import net.sourceforge.jnlp.security.policyeditor.PolicyEditor;
 import net.sourceforge.jnlp.security.policyeditor.PolicyEditor.PolicyEditorWindow;
 import net.sourceforge.jnlp.util.FileUtils;
 import net.sourceforge.jnlp.util.logging.OutputController;
@@ -225,8 +216,6 @@
     }
 
     private void addButtons() {
-        createPolicyPermissionsMenu();
-
         alwaysTrust = new JCheckBox(R("SAlwaysTrustPublisher"));
         alwaysTrust.setEnabled(true);
         alwaysTrust.setSelected(alwaysTrustSelected);
@@ -246,7 +235,7 @@
         buttonPanel = new JPanel(new FlowLayout(FlowLayout.RIGHT));
         run = new JButton(R("ButRun"));
         sandbox = new JButton(R("ButSandbox"));
-        advancedOptions = new JButton("\u2630"); // "hamburger" navicon
+        advancedOptions = new TemporaryPermissionsButton(file, securityDelegate, sandbox);
         cancel = new JButton(R("ButCancel"));
 
         run.setToolTipText(R("CertWarnRunTip"));
@@ -273,8 +262,6 @@
 
         sandbox.addActionListener(createSetValueListener(parent, 1));
 
-        advancedOptions.addMouseListener(new PolicyEditorPopupListener());
-
         cancel.addActionListener(createSetValueListener(parent, 2));
 
         initialFocusComponent = cancel;
@@ -310,65 +297,6 @@
         add(bottomPanel);
     }
 
-    private void createPolicyPermissionsMenu() {
-        policyMenu = new JPopupMenu();
-
-        JMenuItem launchPolicyEditor = new JMenuItem(R("CertWarnPolicyEditorItem"));
-        launchPolicyEditor.addActionListener(new PolicyEditorLaunchListener());
-
-        policyMenu.add(launchPolicyEditor);
-        policyMenu.setSize(policyMenu.getMinimumSize());
-        policyMenu.setVisible(false);
-    }
-
-    private class PolicyEditorLaunchListener implements ActionListener {
-        @Override
-        public void actionPerformed(final ActionEvent e) {
-            final String rawFilepath = JNLPRuntime.getConfiguration().getProperty(DeploymentConfiguration.KEY_USER_SECURITY_POLICY);
-            String filepath;
-            try {
-                filepath = new URL(rawFilepath).getPath();
-            } catch (final MalformedURLException mfue) {
-                filepath = null;
-            }
-
-            if (policyEditor == null || policyEditor.getPolicyEditor().isClosed()) {
-                policyEditor = PolicyEditor.getPolicyEditorDialog(filepath);
-            } else {
-                policyEditor.asWindow().toFront();
-                policyEditor.asWindow().repaint();
-            }
-            policyEditor.setModalityType(ModalityType.DOCUMENT_MODAL);
-            policyEditor.getPolicyEditor().addNewCodebase(file.getCodeBase().toString());
-            policyEditor.asWindow().setVisible(true);
-            policyMenu.setVisible(false);
-        }
-    }
-
-    private class PolicyEditorPopupListener implements MouseListener {
-        @Override
-        public void mouseClicked(final MouseEvent e) {
-            policyMenu.setLocation(e.getLocationOnScreen());
-            policyMenu.setVisible(!policyMenu.isVisible());
-        }
-
-        @Override
-        public void mousePressed(final MouseEvent e) {
-        }
-
-        @Override
-        public void mouseReleased(final MouseEvent e) {
-        }
-
-        @Override
-        public void mouseEntered(final MouseEvent e) {
-        }
-
-        @Override
-        public void mouseExited(final MouseEvent e) {
-        }
-    }
-
     private class MoreInfoButtonListener implements ActionListener {
         @Override
         public void actionPerformed(ActionEvent e) {
diff -r b4631fce293a -r ede0279b5c53 netx/net/sourceforge/jnlp/security/dialogs/TemporaryPermissions.java
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/netx/net/sourceforge/jnlp/security/dialogs/TemporaryPermissions.java	Thu Mar 27 11:08:09 2014 -0400
@@ -0,0 +1,204 @@
+/* Copyright (C) 2014 Red Hat, Inc.
+
+This file is part of IcedTea.
+
+IcedTea is free software; you can redistribute it and/or
+modify it under the terms of the GNU General Public License as published by
+the Free Software Foundation, version 2.
+
+IcedTea is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with IcedTea; see the file COPYING.  If not, write to
+the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version.
+ */
+
+package net.sourceforge.jnlp.security.dialogs;
+
+import java.awt.AWTPermission;
+import java.io.FilePermission;
+import java.lang.reflect.ReflectPermission;
+import java.net.SocketPermission;
+import java.security.Permission;
+import java.util.Arrays;
+import java.util.Collection;
+import java.util.Collections;
+import java.util.HashSet;
+import java.util.PropertyPermission;
+
+import javax.sound.sampled.AudioPermission;
+
+import static net.sourceforge.jnlp.security.policyeditor.PolicyEditorPermissions.*;
+
+public class TemporaryPermissions {
+
+    // We can't use the PolicyEditorPermissions versions of these, because they rely on System Property expansion, which is perfomed
+    // by the policy parser, but not by the Permissions constructors.
+    private static final String USER_HOME = System.getProperty("user.home");
+    private static final String TMPDIR = System.getProperty("java.io.tmpdir");
+
+    public static final FilePermission READ_LOCAL_FILES_PERMISSION = new FilePermission(USER_HOME, READ_LOCAL_FILES.getActions().rawString());
+    public static final FilePermission WRITE_LOCAL_FILES_PERMISSION = new FilePermission(USER_HOME, WRITE_LOCAL_FILES.getActions().rawString());
+    public static final FilePermission DELETE_LOCAL_FILES_PERMISSION = new FilePermission(USER_HOME, DELETE_LOCAL_FILES.getActions().rawString());
+    public static final FilePermission READ_TMP_FILES_PERMISSION = new FilePermission(TMPDIR, READ_TMP_FILES.getActions().rawString());
+    public static final FilePermission WRITE_TMP_FILES_PERMISSION = new FilePermission(TMPDIR, WRITE_TMP_FILES.getActions().rawString());
+    public static final FilePermission DELETE_TMP_FILES_PERMISSION = new FilePermission(TMPDIR, DELETE_TMP_FILES.getActions().rawString());
+    public static final FilePermission READ_SYSTEM_FILES_PERMISSION = new FilePermission(READ_SYSTEM_FILES.getTarget().target, READ_SYSTEM_FILES.getActions()
+            .rawString());
+    public static final FilePermission WRITE_SYSTEM_FILES_PERMISSION = new FilePermission(WRITE_SYSTEM_FILES.getTarget().target, WRITE_SYSTEM_FILES
+            .getActions().rawString());
+
+    public static final PropertyPermission READ_PROPERTIES_PERMISSION = new PropertyPermission(READ_PROPERTIES.getTarget().target, READ_PROPERTIES.getActions()
+            .rawString());
+    public static final PropertyPermission WRITE_PROPERTIES_PERMISSION = new PropertyPermission(WRITE_PROPERTIES.getTarget().target, WRITE_PROPERTIES
+            .getActions().rawString());
+
+    public static final FilePermission EXEC_PERMISSION = new FilePermission(EXEC_COMMANDS.getTarget().target, EXEC_COMMANDS.getActions().rawString());
+    public static final RuntimePermission GETENV_PERMISSION = new RuntimePermission(GET_ENV.getTarget().target);
+
+    public static final SocketPermission NETWORK_PERMISSION = new SocketPermission(NETWORK.getTarget().target, NETWORK.getActions().rawString());
+
+    public static final ReflectPermission REFLECTION_PERMISSION = new ReflectPermission(JAVA_REFLECTION.getTarget().target);
+    public static final RuntimePermission CLASSLOADER_PERMISSION = new RuntimePermission(GET_CLASSLOADER.getTarget().target);
+    public static final RuntimePermission ACCESS_CLASS_IN_PACKAGE_PERMISSION = new RuntimePermission(ACCESS_CLASS_IN_PACKAGE.getTarget().target);
+    public static final RuntimePermission ACCESS_DECLARED_MEMBERS_PERMISSION = new RuntimePermission(ACCESS_DECLARED_MEMBERS.getTarget().target);
+
+    public static final AWTPermission AWT_PERMISSION = new AWTPermission(ALL_AWT.getTarget().target);
+    public static final AudioPermission PLAY_AUDIO_PERMISSION = new AudioPermission(PLAY_AUDIO.getTarget().target);
+    public static final AudioPermission RECORD_AUDIO_PERMISSION = new AudioPermission(RECORD_AUDIO.getTarget().target);
+    public static final AWTPermission CLIPBOARD_PERMISSION = new AWTPermission(CLIPBOARD.getTarget().target);
+    public static final RuntimePermission PRINT_PERMISSION = new RuntimePermission(PRINT.getTarget().target);
+
+    public static final Collection<Permission> ALL_PERMISSIONS, FILE_PERMISSIONS, PROPERTY_PERMISSIONS, NETWORK_PERMISSIONS, EXEC_PERMISSIONS,
+            REFLECTION_PERMISSIONS, MEDIA_PERMISSIONS;
+    static {
+        final Collection<Permission> all = new HashSet<Permission>(), file = new HashSet<Permission>(), property = new HashSet<Permission>(),
+                network = new HashSet<Permission>(), exec = new HashSet<Permission>(), reflection = new HashSet<Permission>(), media = new HashSet<Permission>();
+
+        file.add(READ_LOCAL_FILES_PERMISSION);
+        file.add(WRITE_LOCAL_FILES_PERMISSION);
+        file.add(DELETE_LOCAL_FILES_PERMISSION);
+        file.add(READ_TMP_FILES_PERMISSION);
+        file.add(WRITE_TMP_FILES_PERMISSION);
+        file.add(DELETE_TMP_FILES_PERMISSION);
+        file.add(READ_SYSTEM_FILES_PERMISSION);
+        file.add(WRITE_SYSTEM_FILES_PERMISSION);
+        FILE_PERMISSIONS = Collections.unmodifiableCollection(file);
+
+        property.add(READ_PROPERTIES_PERMISSION);
+        property.add(WRITE_PROPERTIES_PERMISSION);
+        PROPERTY_PERMISSIONS = Collections.unmodifiableCollection(property);
+
+        exec.add(EXEC_PERMISSION);
+        exec.add(GETENV_PERMISSION);
+        EXEC_PERMISSIONS = Collections.unmodifiableCollection(exec);
+
+        network.add(NETWORK_PERMISSION);
+        NETWORK_PERMISSIONS = Collections.unmodifiableCollection(network);
+
+        reflection.add(REFLECTION_PERMISSION);
+        reflection.add(CLASSLOADER_PERMISSION);
+        reflection.add(ACCESS_CLASS_IN_PACKAGE_PERMISSION);
+        reflection.add(ACCESS_DECLARED_MEMBERS_PERMISSION);
+        REFLECTION_PERMISSIONS = Collections.unmodifiableCollection(reflection);
+
+        media.add(AWT_PERMISSION);
+        media.add(PLAY_AUDIO_PERMISSION);
+        media.add(RECORD_AUDIO_PERMISSION);
+        media.add(CLIPBOARD_PERMISSION);
+        media.add(PRINT_PERMISSION);
+        MEDIA_PERMISSIONS = Collections.unmodifiableCollection(media);
+
+        all.addAll(file);
+        all.addAll(property);
+        all.addAll(exec);
+        all.addAll(network);
+        all.addAll(reflection);
+        all.addAll(media);
+        ALL_PERMISSIONS = Collections.unmodifiableCollection(all);
+    }
+
+    private static final Collection<Permission> allMinus(final Collection<Permission> permissions) {
+        return subtract(ALL_PERMISSIONS, permissions);
+    }
+
+    private static Collection<Permission> sum(final Permission... permissions) {
+        final Collection<Permission> result = new HashSet<Permission>(Arrays.asList(permissions));
+        return Collections.unmodifiableCollection(result);
+    }
+
+    private static Collection<Permission> sum(final Collection<Permission> a, final Collection<Permission> b) {
+        final Collection<Permission> result = new HashSet<Permission>();
+        result.addAll(a);
+        result.addAll(b);
+        return Collections.unmodifiableCollection(result);
+    }
+
+    private static final Collection<Permission> subtract(final Collection<Permission> from, final Collection<Permission> remove) {
+        final Collection<Permission> result = new HashSet<Permission>(from);
+        result.removeAll(remove);
+        return Collections.unmodifiableCollection(result);
+    }
+
+    public static Collection<Permission> noFileAccess() {
+        return allMinus(FILE_PERMISSIONS);
+    }
+
+    public static Collection<Permission> noNetworkAccess() {
+        return allMinus(Arrays.asList(new Permission[] { NETWORK_PERMISSION }));
+    }
+
+    public static Collection<Permission> noFileOrNetworkAccess() {
+        return subtract(allMinus(FILE_PERMISSIONS), NETWORK_PERMISSIONS);
+    }
+
+    public static Collection<Permission> allFileAccessAndProperties() {
+        return sum(FILE_PERMISSIONS, PROPERTY_PERMISSIONS);
+    }
+
+    public static Collection<Permission> readLocalFilesAndProperties() {
+        return sum(READ_LOCAL_FILES_PERMISSION, READ_PROPERTIES_PERMISSION);
+    }
+
+    public static Collection<Permission> reflectionOnly() {
+        return REFLECTION_PERMISSIONS;
+    }
+
+    public static Collection<Permission> allMedia() {
+        return MEDIA_PERMISSIONS;
+    }
+
+    public static Collection<Permission> audioOnly() {
+        return sum(PLAY_AUDIO_PERMISSION, RECORD_AUDIO_PERMISSION);
+    }
+
+    public static Collection<Permission> clipboardOnly() {
+        return sum(CLIPBOARD_PERMISSION);
+    }
+
+    public static Collection<Permission> printOnly() {
+        return sum(PRINT_PERMISSION);
+    }
+
+}
diff -r b4631fce293a -r ede0279b5c53 netx/net/sourceforge/jnlp/security/dialogs/TemporaryPermissionsButton.java
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/netx/net/sourceforge/jnlp/security/dialogs/TemporaryPermissionsButton.java	Thu Mar 27 11:08:09 2014 -0400
@@ -0,0 +1,191 @@
+/* Copyright (C) 2014 Red Hat, Inc.
+
+This file is part of IcedTea.
+
+IcedTea is free software; you can redistribute it and/or
+modify it under the terms of the GNU General Public License as published by
+the Free Software Foundation, version 2.
+
+IcedTea is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+

From aazores at icedtea.classpath.org  Thu Mar 27 15:17:46 2014
From: aazores at icedtea.classpath.org (aazores at icedtea.classpath.org)
Date: Thu, 27 Mar 2014 15:17:46 +0000
Subject: /hg/icedtea-web: 2 new changesets
Message-ID: <hg.e9f222be36b5.1395933466.8643924302249223276@icedtea.classpath.org>

changeset e9f222be36b5 in /hg/icedtea-web
details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=e9f222be36b5
author: Andrew Azores <aazores at redhat.com>
date: Thu Mar 27 11:13:41 2014 -0400

	PolicyEditor codebase list and checkboxes visual bug fix

	Fix bug with checkboxes not correctly updating on open and with repeats of
	a codebase appearing when opening a file multiple times
	* netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java:
	(resetCodebases) new method. (openAndParsePolicyFile) call resetCodebases
	at start. (PolicyEditor) call resetCodebases in constructor


changeset 8417559b6a12 in /hg/icedtea-web
details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=8417559b6a12
author: Andrew Azores <aazores at redhat.com>
date: Thu Mar 27 11:16:58 2014 -0400

	Fix NPE on Open action when changes have been made and are to be saved

	Fix NPE when trying to open a new file, with changes made, and wanting to
	save these changes to a file
	* netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java:
	(openButtonAction) display Save As file chooser if there is no file object
	yet and user wishes to save changes


diffstat:

 ChangeLog                                                         |  16 +++++
 netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java |  32 +++++++--
 2 files changed, 41 insertions(+), 7 deletions(-)

diffs (112 lines):

diff -r ede0279b5c53 -r 8417559b6a12 ChangeLog
--- a/ChangeLog	Thu Mar 27 11:08:09 2014 -0400
+++ b/ChangeLog	Thu Mar 27 11:16:58 2014 -0400
@@ -1,3 +1,19 @@
+2014-03-27  Andrew Azores  <aazores at redhat.com>
+
+	Fix NPE when trying to open a new file, with changes made, and wanting to
+	save these changes to a file
+	* netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java:
+	(openButtonAction) display Save As file chooser if there is no file object
+	yet and user wishes to save changes
+
+2014-03-27  Andrew Azores  <aazores at redhat.com>
+
+	Fix bug with checkboxes not correctly updating on open and with repeats of
+	a codebase appearing when opening a file multiple times
+	* netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java:
+	(resetCodebases) new method. (openAndParsePolicyFile) call resetCodebases
+	at start. (PolicyEditor) call resetCodebases in constructor
+
 2014-03-27  Andrew Azores  <aazores at redhat.com>
 
 	Applets can be temporarily granted permission levels above fully sandboxed
diff -r ede0279b5c53 -r 8417559b6a12 netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java
--- a/netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java	Thu Mar 27 11:08:09 2014 -0400
+++ b/netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditor.java	Thu Mar 27 11:16:58 2014 -0400
@@ -220,6 +220,7 @@
             }
         }
     }
+
     public PolicyEditor(final String filepath) {
         super();
         setLayout(new GridBagLayout());
@@ -234,15 +235,13 @@
         if (filepath != null) {
             file = new File(filepath);
             openAndParsePolicyFile();
+        } else {
+            resetCodebases();
         }
 
         fileChooser = new JFileChooser(file);
         fileChooser.setFileHidingEnabled(false);
 
-        initializeMapForCodebase("");
-        listModel.addElement(R("PEGlobalSettings"));
-        updateCheckboxes("");
-
         okButtonAction = new ActionListener() {
             @Override
             public void actionPerformed(final ActionEvent event) {
@@ -286,6 +285,14 @@
                 if (changesMade) {
                     final int save = JOptionPane.showConfirmDialog(weakThis.get(), R("PESaveChanges"));
                     if (save == JOptionPane.YES_OPTION) {
+                        if (file == null) {
+                            final int choice = fileChooser.showSaveDialog(weakThis.get());
+                            if (choice == JFileChooser.APPROVE_OPTION) {
+                                file = fileChooser.getSelectedFile();
+                            } else if (choice == JFileChooser.CANCEL_OPTION) {
+                                return;
+                            }
+                        }
                         savePolicyFile();
                     } else if (save == JOptionPane.CANCEL_OPTION) {
                         return;
@@ -335,8 +342,6 @@
         setAccelerators();
 
         setupLayout();
-        list.setSelectedIndex(0);
-        updateCheckboxes("");
     }
     
     private String getSelectedCodebase() {
@@ -1118,6 +1123,17 @@
         customPermissionsMap.get(codebase).addAll(permissions);
     }
 
+    private void resetCodebases() {
+        listModel.clear();
+        codebasePermissionsMap.clear();
+        customPermissionsMap.clear();
+
+        initializeMapForCodebase("");
+        listModel.addElement(R("PEGlobalSettings"));
+        list.setSelectedValue(R("PEGlobalSettings"), true);
+        updateCheckboxes("");
+    }
+
     /**
      * Open the file pointed to by the filePath field. This is either provided by the
      * "-file" command line flag, or if none given, comes from DeploymentConfiguration.
@@ -1126,6 +1142,8 @@
         new Thread() {
             @Override
             public void run() {
+                resetCodebases();
+
                 if (!file.exists()) {
                     try {
                         file.createNewFile();
@@ -1215,7 +1233,7 @@
                         }
                     }
                 }
-                list.setSelectedIndex(0);
+                list.setSelectedValue(R("PEGlobalSettings"), true);
                 updateCheckboxes("");
                 try {
                     fileLock.release();

From skolnag at gmail.com  Thu Mar 27 19:52:27 2014
From: skolnag at gmail.com (skolnag at gmail.com)
Date: Thu, 27 Mar 2014 19:52:27 +0000
Subject: [icedtea-web] Translation of 1.5
In-Reply-To: <CAES586yYL8VoSfY6WBBVGEeeLPYEYot9Pc4_G05Xvxi_Mhyn=A@mail.gmail.com>
References: <53306BD5.8040902@redhat.com>
	<CAES586yYL8VoSfY6WBBVGEeeLPYEYot9Pc4_G05Xvxi_Mhyn=A@mail.gmail.com>
Message-ID: <CAES586xq+1GuJxnxZdOetkaEufwtLUUF5mXaiKva=yE7h35KXw@mail.gmail.com>

Hello,

Here is the Czech translation.

Kind regards,
Alexandr





2014-03-24 17:46 GMT+00:00 skolnag at gmail.com <skolnag at gmail.com>:

> Hello,
>
> I have most of the translation finished. There are, however, some places
> where the source text is unclear. I will send my questions tomorrow and
> after I receive the answers I will provide final translation.
>
> Thank you for understanding.
>
> Kind regards,
> Alexandr
>
>
>
>
> 2014-03-24 18:31 GMT+01:00 Jiri Vanek <jvanek at redhat.com>:
>
>> Hi guys!
>>
>> Is there any progress/eta or whatever?
>>
>> If not, Then I will probably release 1.5 with missing lines, and hope for
>> 1.5.1 to bring the fix.
>>
>> Anyway for any case, I need some feedback to sync with you and rest of
>> ITW.
>>
>> Thanx in advance,
>>  All the best
>>    J.
>>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140327/6d9a8436/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Messages_cs.properties
Type: application/octet-stream
Size: 80310 bytes
Desc: not available
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140327/6d9a8436/Messages_cs-0001.properties>

From andrew at icedtea.classpath.org  Thu Mar 27 20:02:15 2014
From: andrew at icedtea.classpath.org (andrew at icedtea.classpath.org)
Date: Thu, 27 Mar 2014 20:02:15 +0000
Subject: /hg/release/icedtea7-2.4: 2 new changesets
Message-ID: <hg.7e432bfdb372.1395950535.5789328834432805220@icedtea.classpath.org>

changeset 7e432bfdb372 in /hg/release/icedtea7-2.4
details: http://icedtea.classpath.org/hg/release/icedtea7-2.4?cmd=changeset;node=7e432bfdb372
author: Andrew John Hughes <gnu_andrew at member.fsf.org>
date: Thu Mar 27 19:18:54 2014 +0000

	PR1713: Support AArch64 port

	2014-03-27  Andrew John Hughes  <gnu.andrew at member.fsf.org>

		* patches/boot/hotspot/default/jdk-dependency.patch:
		Moved to...
		* patches/boot/hotspot/zero/jdk-dependency.patch:
		Removed; no longer a zero HotSpot build.
		* Makefile.am:
		(ICEDTEA_BOOT_PATCHES): Make jdk-dependency not
		dependent on HotSpot version.
		* patches/boot/hotspot-jdk-dependency.patch:
		...here.

	2014-03-07  Andrew John Hughes  <gnu.andrew at member.fsf.org>

		* patches/systemtap_gc.patch: Moved to...
		* Makefile.am:
		(ICEDTEA_PATCHES): Make systemtap_gc.patch
		HotSpot-dependent.
		* hotspot.map: Add aarch64 HotSpot.
		* patches/hotspot/aarch64/systemtap_gc.patch:
		New patch against AArch64 HotSpot tarball.
		* patches/hotspot/default/systemtap_gc.patch:
		... here.


changeset 2b651084f99e in /hg/release/icedtea7-2.4
details: http://icedtea.classpath.org/hg/release/icedtea7-2.4?cmd=changeset;node=2b651084f99e
author: Andrew John Hughes <gnu_andrew at member.fsf.org>
date: Thu Mar 27 20:01:40 2014 +0000

	PR1713: Support AArch64 port

	2014-03-27  Andrew John Hughes  <gnu.andrew at member.fsf.org>

		* acinclude.m4:
		(IT_ENABLE_ZERO_BUILD): Default to off on aarch64/arm64.
		(IT_WITH_HOTSPOT_BUILD): Default to aarch64 port on aarch64.


diffstat:

 ChangeLog                                         |   30 +
 Makefile.am                                       |    4 +-
 acinclude.m4                                      |    8 +-
 hotspot.map                                       |    1 +
 patches/boot/hotspot-jdk-dependency.patch         |   23 +
 patches/boot/hotspot/default/jdk-dependency.patch |   23 -
 patches/boot/hotspot/zero/jdk-dependency.patch    |   25 -
 patches/hotspot/aarch64/systemtap_gc.patch        |  373 +++++++++++++++++++++
 patches/hotspot/default/systemtap_gc.patch        |  379 ++++++++++++++++++++++
 patches/systemtap_gc.patch                        |  379 ----------------------
 10 files changed, 815 insertions(+), 430 deletions(-)

diffs (truncated from 1316 to 500 lines):

diff -r b9722cf65cbe -r 2b651084f99e ChangeLog
--- a/ChangeLog	Wed Mar 26 20:58:00 2014 +0000
+++ b/ChangeLog	Thu Mar 27 20:01:40 2014 +0000
@@ -1,3 +1,33 @@
+2014-03-27  Andrew John Hughes  <gnu.andrew at member.fsf.org>
+
+	* acinclude.m4:
+	(IT_ENABLE_ZERO_BUILD): Default to off on aarch64/arm64.
+	(IT_WITH_HOTSPOT_BUILD): Default to aarch64 port on aarch64.
+
+2014-03-27  Andrew John Hughes  <gnu.andrew at member.fsf.org>
+
+	* patches/boot/hotspot/default/jdk-dependency.patch:
+	Moved to...
+	* patches/boot/hotspot/zero/jdk-dependency.patch:
+	Removed; no longer a zero HotSpot build.
+	* Makefile.am:
+	(ICEDTEA_BOOT_PATCHES): Make jdk-dependency not
+	dependent on HotSpot version.
+	* patches/boot/hotspot-jdk-dependency.patch:
+	...here.
+
+2014-03-07  Andrew John Hughes  <gnu.andrew at member.fsf.org>
+
+	* patches/systemtap_gc.patch: Moved to...
+	* Makefile.am:
+	(ICEDTEA_PATCHES): Make systemtap_gc.patch
+	HotSpot-dependent.
+	* hotspot.map: Add aarch64 HotSpot.
+	* patches/hotspot/aarch64/systemtap_gc.patch:
+	New patch against AArch64 HotSpot tarball.
+	* patches/hotspot/default/systemtap_gc.patch:
+	... here.
+
 2014-03-26  Andrew John Hughes  <gnu.andrew at member.fsf.org>
 
 	* Makefile.am:
diff -r b9722cf65cbe -r 2b651084f99e Makefile.am
--- a/Makefile.am	Wed Mar 26 20:58:00 2014 +0000
+++ b/Makefile.am	Thu Mar 27 20:01:40 2014 +0000
@@ -290,7 +290,7 @@
 
 if ENABLE_SYSTEMTAP
 ICEDTEA_PATCHES += \
-	patches/systemtap_gc.patch
+	patches/hotspot/$(HSBUILD)/systemtap_gc.patch
 endif
 
 if ENABLE_NSS
@@ -328,7 +328,7 @@
 	patches/boot/corba-dependencies.patch \
 	patches/boot/jaxws-langtools-dependency.patch \
 	patches/boot/jaxws-jdk-dependency.patch \
-	patches/boot/hotspot/${HSBUILD}/jdk-dependency.patch \
+	patches/boot/hotspot-jdk-dependency.patch \
 	patches/boot/ecj-multicatch.patch \
 	patches/boot/ecj-trywithresources.patch \
 	patches/boot/ecj-autoboxing.patch \
diff -r b9722cf65cbe -r 2b651084f99e acinclude.m4
--- a/acinclude.m4	Wed Mar 26 20:58:00 2014 +0000
+++ b/acinclude.m4	Thu Mar 27 20:01:40 2014 +0000
@@ -682,6 +682,8 @@
       use_zero=yes;
     else
       case "${host}" in
+        aarch64-*-*) ;;
+        arm64-*-*) ;;
         i?86-*-*) ;;
         sparc*-*-*) ;;
         x86_64-*-*) ;;
@@ -950,7 +952,11 @@
 AC_DEFUN_ONCE([IT_WITH_HOTSPOT_BUILD],
 [
   AC_REQUIRE([IT_ENABLE_ZERO_BUILD])
-  DEFAULT_BUILD="default"
+  if test "x$JRE_ARCH_DIR" = "xaarch64"; then
+    DEFAULT_BUILD="aarch64"
+  else
+    DEFAULT_BUILD="default"
+  fi
   AC_MSG_CHECKING([which HotSpot build to use])
   AC_ARG_WITH([hotspot-build],
 	      [AS_HELP_STRING(--with-hotspot-build=BUILD,the HotSpot build to use [[BUILD=default]])],
diff -r b9722cf65cbe -r 2b651084f99e hotspot.map
--- a/hotspot.map	Wed Mar 26 20:58:00 2014 +0000
+++ b/hotspot.map	Thu Mar 27 20:01:40 2014 +0000
@@ -1,2 +1,3 @@
 # version url changeset sha256sum
 default http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/hotspot 00478c5bf5e9 9f77cd372778c8a3359f3c9c0eb37c1dbd7c1f569613da89de64b41de48a5760
+aarch64 http://hg.openjdk.java.net/aarch64-port/jdk7u/hotspot 22910135cca6 477cd13f7fbe34d6dd878bbdb1e16f73b4b22e0e78d049d98f3c9cce8c193a1a
diff -r b9722cf65cbe -r 2b651084f99e patches/boot/hotspot-jdk-dependency.patch
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/patches/boot/hotspot-jdk-dependency.patch	Thu Mar 27 20:01:40 2014 +0000
@@ -0,0 +1,23 @@
+diff -Nru openjdk-boot.orig/hotspot/make/linux/makefiles/sa.make openjdk-boot/hotspot/make/linux/makefiles/sa.make
+--- openjdk-boot.orig/hotspot/make/linux/makefiles/sa.make	2012-05-23 22:15:04.747642641 +0100
++++ openjdk-boot/hotspot/make/linux/makefiles/sa.make	2012-05-23 22:16:32.825095823 +0100
+@@ -91,7 +91,7 @@
+ # are in AGENT_FILES, so use the shell to expand them.
+ # Be extra carefull to not produce too long command lines in the shell!
+ 	$(foreach file,$(AGENT_FILES),$(shell ls -1 $(file) >> $(AGENT_FILES_LIST)))
+-	$(QUIETLY) $(REMOTE) $(COMPILE.JAVAC) -classpath $(SA_CLASSPATH) -sourcepath $(AGENT_SRC_DIR) -d $(SA_CLASSDIR) @$(AGENT_FILES_LIST)
++	$(QUIETLY) $(REMOTE) $(COMPILE.JAVAC) -classpath $(SA_CLASSPATH) -sourcepath $(AGENT_SRC_DIR):$(JDK_TOPDIR)/src/share/classes:$(JDK_TOPDIR)/src/solaris/classes:$(GENSRCDIR) -d $(SA_CLASSDIR) @$(AGENT_FILES_LIST)
+ 	$(QUIETLY) $(REMOTE) $(COMPILE.RMIC)  -classpath $(SA_CLASSDIR) -d $(SA_CLASSDIR) sun.jvm.hotspot.debugger.remote.RemoteDebuggerServer
+ 	$(QUIETLY) echo "$(SA_BUILD_VERSION_PROP)" > $(SA_PROPERTIES)
+ 	$(QUIETLY) rm -f $(SA_CLASSDIR)/sun/jvm/hotspot/utilities/soql/sa.js
+diff -Nru openjdk-boot.orig/make/hotspot-rules.gmk openjdk-boot/make/hotspot-rules.gmk
+--- openjdk-boot.orig/make/hotspot-rules.gmk	2012-05-23 20:37:39.000000000 +0100
++++ openjdk-boot/make/hotspot-rules.gmk	2012-05-23 22:16:52.425419199 +0100
+@@ -85,6 +85,7 @@
+ HOTSPOT_BUILD_ARGUMENTS += ALT_OUTPUTDIR=$(HOTSPOT_OUTPUTDIR)
+ HOTSPOT_BUILD_ARGUMENTS += ALT_EXPORT_PATH=$(HOTSPOT_EXPORT_PATH)
+ HOTSPOT_BUILD_ARGUMENTS += BUILD_FLAVOR=$(BUILD_FLAVOR)
++HOTSPOT_BUILD_ARGUMENTS += GENSRCDIR=$(GENSRCDIR)
+ 
+ # Why do these need to be passed in? Because of windows nmake? and MAKEFLAGS=?
+ #   Or is there something wrong with hotspot/make/Makefile?
diff -r b9722cf65cbe -r 2b651084f99e patches/boot/hotspot/default/jdk-dependency.patch
--- a/patches/boot/hotspot/default/jdk-dependency.patch	Wed Mar 26 20:58:00 2014 +0000
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,23 +0,0 @@
-diff -Nru openjdk-boot.orig/hotspot/make/linux/makefiles/sa.make openjdk-boot/hotspot/make/linux/makefiles/sa.make
---- openjdk-boot.orig/hotspot/make/linux/makefiles/sa.make	2012-05-23 22:15:04.747642641 +0100
-+++ openjdk-boot/hotspot/make/linux/makefiles/sa.make	2012-05-23 22:16:32.825095823 +0100
-@@ -91,7 +91,7 @@
- # are in AGENT_FILES, so use the shell to expand them.
- # Be extra carefull to not produce too long command lines in the shell!
- 	$(foreach file,$(AGENT_FILES),$(shell ls -1 $(file) >> $(AGENT_FILES_LIST)))
--	$(QUIETLY) $(REMOTE) $(COMPILE.JAVAC) -classpath $(SA_CLASSPATH) -sourcepath $(AGENT_SRC_DIR) -d $(SA_CLASSDIR) @$(AGENT_FILES_LIST)
-+	$(QUIETLY) $(REMOTE) $(COMPILE.JAVAC) -classpath $(SA_CLASSPATH) -sourcepath $(AGENT_SRC_DIR):$(JDK_TOPDIR)/src/share/classes:$(JDK_TOPDIR)/src/solaris/classes:$(GENSRCDIR) -d $(SA_CLASSDIR) @$(AGENT_FILES_LIST)
- 	$(QUIETLY) $(REMOTE) $(COMPILE.RMIC)  -classpath $(SA_CLASSDIR) -d $(SA_CLASSDIR) sun.jvm.hotspot.debugger.remote.RemoteDebuggerServer
- 	$(QUIETLY) echo "$(SA_BUILD_VERSION_PROP)" > $(SA_PROPERTIES)
- 	$(QUIETLY) rm -f $(SA_CLASSDIR)/sun/jvm/hotspot/utilities/soql/sa.js
-diff -Nru openjdk-boot.orig/make/hotspot-rules.gmk openjdk-boot/make/hotspot-rules.gmk
---- openjdk-boot.orig/make/hotspot-rules.gmk	2012-05-23 20:37:39.000000000 +0100
-+++ openjdk-boot/make/hotspot-rules.gmk	2012-05-23 22:16:52.425419199 +0100
-@@ -85,6 +85,7 @@
- HOTSPOT_BUILD_ARGUMENTS += ALT_OUTPUTDIR=$(HOTSPOT_OUTPUTDIR)
- HOTSPOT_BUILD_ARGUMENTS += ALT_EXPORT_PATH=$(HOTSPOT_EXPORT_PATH)
- HOTSPOT_BUILD_ARGUMENTS += BUILD_FLAVOR=$(BUILD_FLAVOR)
-+HOTSPOT_BUILD_ARGUMENTS += GENSRCDIR=$(GENSRCDIR)
- 
- # Why do these need to be passed in? Because of windows nmake? and MAKEFLAGS=?
- #   Or is there something wrong with hotspot/make/Makefile?
diff -r b9722cf65cbe -r 2b651084f99e patches/boot/hotspot/zero/jdk-dependency.patch
--- a/patches/boot/hotspot/zero/jdk-dependency.patch	Wed Mar 26 20:58:00 2014 +0000
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,25 +0,0 @@
-diff -Nru openjdk-boot.orig/hotspot/make/linux/makefiles/sa.make openjdk-boot/hotspot/make/linux/makefiles/sa.make
---- openjdk-boot.orig/hotspot/make/linux/makefiles/sa.make	2012-07-20 18:05:26.733484117 +0100
-+++ openjdk-boot/hotspot/make/linux/makefiles/sa.make	2012-07-20 18:10:11.384736044 +0100
-@@ -97,8 +97,8 @@
- 	$(foreach file,$(AGENT_FILES1),$(shell echo $(file) >> $(AGENT_FILES1_LIST)))
- 	$(foreach file,$(AGENT_FILES2),$(shell echo $(file) >> $(AGENT_FILES2_LIST)))
- 	
--	$(QUIETLY) $(REMOTE) $(COMPILE.JAVAC) -classpath $(SA_CLASSPATH) -sourcepath $(AGENT_SRC_DIR) -d $(SA_CLASSDIR) @$(AGENT_FILES1_LIST)
--	$(QUIETLY) $(REMOTE) $(COMPILE.JAVAC) -classpath $(SA_CLASSPATH) -sourcepath $(AGENT_SRC_DIR) -d $(SA_CLASSDIR) @$(AGENT_FILES2_LIST)
-+	$(QUIETLY) $(REMOTE) $(COMPILE.JAVAC) -classpath $(SA_CLASSPATH) -sourcepath $(AGENT_SRC_DIR):$(JDK_TOPDIR)/src/share/classes:$(JDK_TOPDIR)/src/solaris/classes:$(GENSRCDIR) -d $(SA_CLASSDIR) @$(AGENT_FILES1_LIST)
-+	$(QUIETLY) $(REMOTE) $(COMPILE.JAVAC) -classpath $(SA_CLASSPATH) -sourcepath $(AGENT_SRC_DIR):$(JDK_TOPDIR)/src/share/classes:$(JDK_TOPDIR)/src/solaris/classes:$(GENSRCDIR) -d $(SA_CLASSDIR) @$(AGENT_FILES2_LIST)
- 	
- 	$(QUIETLY) $(REMOTE) $(COMPILE.RMIC)  -classpath $(SA_CLASSDIR) -d $(SA_CLASSDIR) sun.jvm.hotspot.debugger.remote.RemoteDebuggerServer
- 	$(QUIETLY) echo "$(SA_BUILD_VERSION_PROP)" > $(SA_PROPERTIES)
-diff -Nru openjdk-boot.orig/make/hotspot-rules.gmk openjdk-boot/make/hotspot-rules.gmk
---- openjdk-boot.orig/make/hotspot-rules.gmk	2012-06-29 15:19:51.000000000 +0100
-+++ openjdk-boot/make/hotspot-rules.gmk	2012-07-20 18:10:28.277161702 +0100
-@@ -85,6 +85,7 @@
- HOTSPOT_BUILD_ARGUMENTS += ALT_OUTPUTDIR=$(HOTSPOT_OUTPUTDIR)
- HOTSPOT_BUILD_ARGUMENTS += ALT_EXPORT_PATH=$(HOTSPOT_EXPORT_PATH)
- HOTSPOT_BUILD_ARGUMENTS += BUILD_FLAVOR=$(BUILD_FLAVOR)
-+HOTSPOT_BUILD_ARGUMENTS += GENSRCDIR=$(GENSRCDIR)
- 
- # Why do these need to be passed in? Because of windows nmake? and MAKEFLAGS=?
- #   Or is there something wrong with hotspot/make/Makefile?
diff -r b9722cf65cbe -r 2b651084f99e patches/hotspot/aarch64/systemtap_gc.patch
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/patches/hotspot/aarch64/systemtap_gc.patch	Thu Mar 27 20:01:40 2014 +0000
@@ -0,0 +1,373 @@
+diff -Nru openjdk.orig/hotspot/src/share/vm/compiler/oopMap.cpp openjdk/hotspot/src/share/vm/compiler/oopMap.cpp
+--- openjdk.orig/hotspot/src/share/vm/compiler/oopMap.cpp	2014-03-06 09:11:53.000000000 +0000
++++ openjdk/hotspot/src/share/vm/compiler/oopMap.cpp	2014-03-07 04:29:33.230530073 +0000
+@@ -33,9 +33,13 @@
+ #include "memory/resourceArea.hpp"
+ #include "runtime/frame.inline.hpp"
+ #include "runtime/signature.hpp"
++#include "utilities/dtrace.hpp"
+ #ifdef COMPILER1
+ #include "c1/c1_Defs.hpp"
+ #endif
++#ifndef USDT2
++  HS_DTRACE_PROBE_DECL1(provider, gc__collection__delete, *uintptr_t);
++#endif /* !USDT2 */
+ 
+ // OopMapStream
+ 
+@@ -677,6 +681,9 @@
+                     " - Derived: " INTPTR_FORMAT "  Base: " INTPTR_FORMAT " (Offset: %d)",
+           derived_loc, (address)*derived_loc, (address)base, offset);
+     }
++#ifndef USDT2
++  HS_DTRACE_PROBE1(hotspot, gc__collection__delete, entry);
++#endif /* !USDT2 */
+ 
+     // Delete entry
+     delete entry;
+diff -Nru openjdk.orig/hotspot/src/share/vm/gc_implementation/concurrentMarkSweep/concurrentMarkSweepGeneration.cpp openjdk/hotspot/src/share/vm/gc_implementation/concurrentMarkSweep/concurrentMarkSweepGeneration.cpp
+--- openjdk.orig/hotspot/src/share/vm/gc_implementation/concurrentMarkSweep/concurrentMarkSweepGeneration.cpp	2014-03-06 09:11:53.000000000 +0000
++++ openjdk/hotspot/src/share/vm/gc_implementation/concurrentMarkSweep/concurrentMarkSweepGeneration.cpp	2014-03-07 04:29:33.234530133 +0000
+@@ -62,6 +62,12 @@
+ #include "runtime/vmThread.hpp"
+ #include "services/memoryService.hpp"
+ #include "services/runtimeService.hpp"
++#include "utilities/dtrace.hpp"
++
++#ifndef USDT2
++  HS_DTRACE_PROBE_DECL4(provider, gc__collection__contig__begin, bool, bool, size_t, bool);
++  HS_DTRACE_PROBE_DECL4(provider, gc__collection__contig__end, bool, bool, size_t, bool);
++#endif /* !USDT2 */
+ 
+ // statics
+ CMSCollector* ConcurrentMarkSweepGeneration::_collector = NULL;
+@@ -1642,7 +1648,13 @@
+                                             size_t size,
+                                             bool   tlab)
+ {
++#ifndef USDT2
++  HS_DTRACE_PROBE4(hotspot, gc__collection__contig__begin, full, clear_all_soft_refs, size, tlab);
++#endif /* !USDT2 */
+   collector()->collect(full, clear_all_soft_refs, size, tlab);
++#ifndef USDT2
++  HS_DTRACE_PROBE4(hotspot, gc__collection__contig__end, full, clear_all_soft_refs, size, tlab);
++#endif /* !USDT2 */
+ }
+ 
+ void CMSCollector::collect(bool   full,
+diff -Nru openjdk.orig/hotspot/src/share/vm/gc_implementation/g1/g1MarkSweep.cpp openjdk/hotspot/src/share/vm/gc_implementation/g1/g1MarkSweep.cpp
+--- openjdk.orig/hotspot/src/share/vm/gc_implementation/g1/g1MarkSweep.cpp	2014-03-06 09:11:53.000000000 +0000
++++ openjdk/hotspot/src/share/vm/gc_implementation/g1/g1MarkSweep.cpp	2014-03-07 04:33:00.601620772 +0000
+@@ -49,8 +49,13 @@
+ #include "runtime/thread.hpp"
+ #include "runtime/vmThread.hpp"
+ #include "utilities/copy.hpp"
++#include "utilities/dtrace.hpp"
+ #include "utilities/events.hpp"
+ 
++#ifndef USDT2
++  HS_DTRACE_PROBE_DECL2(provider, gc__collection__G1__begin, *uintptr_t, *uintptr_t);
++  HS_DTRACE_PROBE_DECL2(provider, gc__collection__G1__end, *uintptr_t, *uintptr_t);
++ #endif /* !USDT2 */ 
+ class HeapRegion;
+ 
+ void G1MarkSweep::invoke_at_safepoint(ReferenceProcessor* rp,
+@@ -84,6 +89,9 @@
+   // The marking doesn't preserve the marks of biased objects.
+   BiasedLocking::preserve_marks();
+ 
++#ifndef USDT2
++  HS_DTRACE_PROBE2(hotspot, gc__collection__G1__begin, &sh, sh->gc_cause());
++#endif /* !USDT2 */
+   mark_sweep_phase1(marked_for_unloading, clear_all_softrefs);
+ 
+   mark_sweep_phase2();
+@@ -99,6 +107,9 @@
+   BiasedLocking::restore_marks();
+   GenMarkSweep::deallocate_stacks();
+ 
++#ifndef USDT2
++  HS_DTRACE_PROBE2(hotspot, gc__collection__G1__end, &sh, sh->gc_cause());
++#endif /* !USDT2 */
+   // "free at last gc" is calculated from these.
+   // CHF: cheating for now!!!
+   //  Universe::set_heap_capacity_at_last_gc(Universe::heap()->capacity());
+diff -Nru openjdk.orig/hotspot/src/share/vm/gc_implementation/parallelScavenge/parallelScavengeHeap.cpp openjdk/hotspot/src/share/vm/gc_implementation/parallelScavenge/parallelScavengeHeap.cpp
+--- openjdk.orig/hotspot/src/share/vm/gc_implementation/parallelScavenge/parallelScavengeHeap.cpp	2014-03-06 09:11:53.000000000 +0000
++++ openjdk/hotspot/src/share/vm/gc_implementation/parallelScavenge/parallelScavengeHeap.cpp	2014-03-07 04:31:58.396693660 +0000
+@@ -43,8 +43,14 @@
+ #include "runtime/java.hpp"
+ #include "runtime/vmThread.hpp"
+ #include "services/memTracker.hpp"
++#include "utilities/dtrace.hpp"
+ #include "utilities/vmError.hpp"
+ 
++#ifndef USDT2
++  HS_DTRACE_PROBE_DECL2(provider, gc__collection__parscavenge__heap__begin, *uintptr_t, *uintptr_t);
++  HS_DTRACE_PROBE_DECL2(provider, gc__collection__parscavenge__heap__end, *uintptr_t, *uintptr_t);
++#endif /* !USDT2 */
++
+ PSYoungGen*  ParallelScavengeHeap::_young_gen = NULL;
+ PSOldGen*    ParallelScavengeHeap::_old_gen = NULL;
+ PSAdaptiveSizePolicy* ParallelScavengeHeap::_size_policy = NULL;
+@@ -530,7 +536,13 @@
+   }
+ 
+   VM_ParallelGCSystemGC op(gc_count, full_gc_count, cause);
++#ifndef USDT2
++  HS_DTRACE_PROBE2(hotspot, gc__collection__parscavenge__heap__begin, &op, cause);
++#endif /* !USDT2 */
+   VMThread::execute(&op);
++#ifndef USDT2
++  HS_DTRACE_PROBE2(hotspot, gc__collection__parscavenge__heap__end, &op, cause);
++#endif /* !USDT2 */
+ }
+ 
+ void ParallelScavengeHeap::oop_iterate(ExtendedOopClosure* cl) {
+diff -Nru openjdk.orig/hotspot/src/share/vm/gc_implementation/parallelScavenge/psParallelCompact.cpp openjdk/hotspot/src/share/vm/gc_implementation/parallelScavenge/psParallelCompact.cpp
+--- openjdk.orig/hotspot/src/share/vm/gc_implementation/parallelScavenge/psParallelCompact.cpp	2014-03-06 09:11:53.000000000 +0000
++++ openjdk/hotspot/src/share/vm/gc_implementation/parallelScavenge/psParallelCompact.cpp	2014-03-07 04:29:33.234530133 +0000
+@@ -56,11 +56,18 @@
+ #include "services/management.hpp"
+ #include "services/memoryService.hpp"
+ #include "services/memTracker.hpp"
++#include "utilities/dtrace.hpp"
+ #include "utilities/events.hpp"
+ #include "utilities/stack.inline.hpp"
+ 
+ #include <math.h>
+ 
++#ifndef USDT2
++  HS_DTRACE_PROBE_DECL2(provider, gc__collection__ParallelCompact__clear, *uintptr_t, *uintptr_t);
++  HS_DTRACE_PROBE_DECL2(provider, gc__collection__parallel__collect, *uintptr_t, *uintptr_t);
++  HS_DTRACE_PROBE_DECL4(provider, gc__collection__move, *uintptr_t, *uintptr_t, *uintptr_t, *uintptr_t);
++#endif /* !USDT2 */
++
+ // All sizes are in HeapWords.
+ const size_t ParallelCompactData::Log2RegionSize  = 16; // 64K words
+ const size_t ParallelCompactData::RegionSize      = (size_t)1 << Log2RegionSize;
+@@ -451,6 +458,9 @@
+ 
+ void ParallelCompactData::clear()
+ {
++#ifndef USDT2
++  HS_DTRACE_PROBE2(hotspot, gc__collection__ParallelCompact__clear, &_region_data, _region_data->data_location());
++#endif /* !USDT2 */
+   memset(_region_data, 0, _region_vspace->committed_size());
+   memset(_block_data, 0, _block_vspace->committed_size());
+ }
+@@ -1977,6 +1987,9 @@
+          "should be in vm thread");
+ 
+   ParallelScavengeHeap* heap = gc_heap();
++#ifndef USDT2
++  HS_DTRACE_PROBE2(hotspot, gc__collection__parallel__collect, heap, heap->gc_cause());
++#endif /* !USDT2 */
+   GCCause::Cause gc_cause = heap->gc_cause();
+   assert(!heap->is_gc_active(), "not reentrant");
+ 
+@@ -3269,6 +3282,9 @@
+   // past the end of the partial object entering the region (if any).
+   HeapWord* const dest_addr = sd.partial_obj_end(dp_region);
+   HeapWord* const new_top = _space_info[space_id].new_top();
++#ifndef USDT2
++  HS_DTRACE_PROBE4(hotspot, gc__collection__move, &beg_addr, &end_addr, &dest_addr, &new_top);
++#endif /* !USDT2 */
+   assert(new_top >= dest_addr, "bad new_top value");
+   const size_t words = pointer_delta(new_top, dest_addr);
+ 
+diff -Nru openjdk.orig/hotspot/src/share/vm/gc_implementation/parallelScavenge/psScavenge.cpp openjdk/hotspot/src/share/vm/gc_implementation/parallelScavenge/psScavenge.cpp
+--- openjdk.orig/hotspot/src/share/vm/gc_implementation/parallelScavenge/psScavenge.cpp	2014-03-06 09:11:53.000000000 +0000
++++ openjdk/hotspot/src/share/vm/gc_implementation/parallelScavenge/psScavenge.cpp	2014-03-07 04:29:33.234530133 +0000
+@@ -54,8 +54,17 @@
+ #include "runtime/vmThread.hpp"
+ #include "runtime/vm_operations.hpp"
+ #include "services/memoryService.hpp"
++#include "utilities/dtrace.hpp"
+ #include "utilities/stack.inline.hpp"
+ 
++#ifndef USDT2
++  HS_DTRACE_PROBE_DECL2(provider, gc__collection__PSScavenge__begin, *uintptr_t, *uintptr_t);
++  HS_DTRACE_PROBE_DECL2(provider, gc__collection__PSScavenge__end, *uintptr_t, *uintptr_t);
++  HS_DTRACE_PROBE_DECL2(provider, gc__collection__PSParallelCompact__begin, *uintptr_t, *uintptr_t);
++  HS_DTRACE_PROBE_DECL2(provider, gc__collection__PSParallelCompact__end, *uintptr_t, *uintptr_t);
++  HS_DTRACE_PROBE_DECL2(provider, gc__collection__PSMarkSweep__begin, *uintptr_t, *uintptr_t);
++  HS_DTRACE_PROBE_DECL2(provider, gc__collection__PSMarkSweep__end, *uintptr_t, *uintptr_t);
++#endif /* !USDT2 */
+ 
+ HeapWord*                  PSScavenge::_to_space_top_before_gc = NULL;
+ int                        PSScavenge::_consecutive_skipped_scavenges = 0;
+@@ -228,7 +237,13 @@
+   PSAdaptiveSizePolicy* policy = heap->size_policy();
+   IsGCActiveMark mark;
+ 
++#ifndef USDT2
++  HS_DTRACE_PROBE2(hotspot, gc__collection__PSScavenge__begin, &heap, heap->gc_cause());
++#endif /* !USDT2 */
+   const bool scavenge_done = PSScavenge::invoke_no_policy();
++#ifndef USDT2
++  HS_DTRACE_PROBE2(hotspot, gc__collection__PSScavenge__end, &heap, heap->gc_cause());
++#endif /* !USDT2 */
+   const bool need_full_gc = !scavenge_done ||
+     policy->should_full_GC(heap->old_gen()->free_in_bytes());
+   bool full_gc_done = false;
+@@ -245,9 +260,21 @@
+     const bool clear_all_softrefs = cp->should_clear_all_soft_refs();
+ 
+     if (UseParallelOldGC) {
++#ifndef USDT2
++  HS_DTRACE_PROBE2(hotspot, gc__collection__PSParallelCompact__begin, &heap, heap->gc_cause());
++#endif /* !USDT2 */
+       full_gc_done = PSParallelCompact::invoke_no_policy(clear_all_softrefs);
++#ifndef USDT2
++  HS_DTRACE_PROBE2(hotspot, gc__collection__PSParallelCompact__end, &heap, heap->gc_cause());
++#endif /* !USDT2 */
+     } else {
++#ifndef USDT2
++  HS_DTRACE_PROBE2(hotspot, gc__collection__PSMarkSweep__begin, &heap, heap->gc_cause());
++#endif /* !USDT2 */
+       full_gc_done = PSMarkSweep::invoke_no_policy(clear_all_softrefs);
++#ifndef USDT2
++  HS_DTRACE_PROBE2(hotspot, gc__collection__PSMarkSweep__end, &heap, heap->gc_cause());
++#endif /* !USDT2 */
+     }
+   }
+ 
+diff -Nru openjdk.orig/hotspot/src/share/vm/gc_implementation/parNew/parNewGeneration.cpp openjdk/hotspot/src/share/vm/gc_implementation/parNew/parNewGeneration.cpp
+--- openjdk.orig/hotspot/src/share/vm/gc_implementation/parNew/parNewGeneration.cpp	2014-03-06 09:11:53.000000000 +0000
++++ openjdk/hotspot/src/share/vm/gc_implementation/parNew/parNewGeneration.cpp	2014-03-07 04:29:33.234530133 +0000
+@@ -54,6 +54,12 @@
+ #include "utilities/copy.hpp"
+ #include "utilities/globalDefinitions.hpp"
+ #include "utilities/workgroup.hpp"
++#include "utilities/dtrace.hpp"
++
++#ifndef USDT2
++  HS_DTRACE_PROBE_DECL4(provider, gc__collection__parnew__begin, bool, bool, size_t, bool);
++  HS_DTRACE_PROBE_DECL4(provider, gc__collection__parnew__end, bool, bool, size_t, bool);
++#endif /* !USDT2 */
+ 
+ #ifdef _MSC_VER
+ #pragma warning( push )
+@@ -911,6 +917,9 @@
+                                bool   clear_all_soft_refs,
+                                size_t size,
+                                bool   is_tlab) {
++#ifndef USDT2
++  HS_DTRACE_PROBE4(hotspot, gc__collection__parnew__begin, full, clear_all_soft_refs, size, is_tlab);
++#endif  /* !USDT2 */
+   assert(full || size > 0, "otherwise we don't want to collect");
+ 
+   GenCollectedHeap* gch = GenCollectedHeap::heap();
+@@ -1061,6 +1070,10 @@
+     gch->print_heap_change(gch_prev_used);
+   }
+ 
++#ifndef USDT2
++  HS_DTRACE_PROBE4(hotspot, gc__collection__parnew__end, full, clear_all_soft_refs, size, is_tlab);
++#endif  /* !USDT2 */
++
+   if (PrintGCDetails && ParallelGCVerbose) {
+     TASKQUEUE_STATS_ONLY(thread_state_set.print_termination_stats());
+     TASKQUEUE_STATS_ONLY(thread_state_set.print_taskqueue_stats());
+diff -Nru openjdk.orig/hotspot/src/share/vm/memory/defNewGeneration.cpp openjdk/hotspot/src/share/vm/memory/defNewGeneration.cpp
+--- openjdk.orig/hotspot/src/share/vm/memory/defNewGeneration.cpp	2014-03-06 09:11:53.000000000 +0000
++++ openjdk/hotspot/src/share/vm/memory/defNewGeneration.cpp	2014-03-07 04:31:15.676056944 +0000
+@@ -44,8 +44,13 @@
+ #include "runtime/java.hpp"
+ #include "runtime/thread.inline.hpp"
+ #include "utilities/copy.hpp"
++#include "utilities/dtrace.hpp"
+ #include "utilities/stack.inline.hpp"
+ 
++#ifndef USDT2
++  HS_DTRACE_PROBE_DECL4(provider, gc__collection__defnew__begin, bool, bool, size_t, bool);
++  HS_DTRACE_PROBE_DECL4(provider, gc__collection__defnew__end, bool, bool, size_t, bool);
++#endif /* !USDT2 */
+ //
+ // DefNewGeneration functions.
+ 
+@@ -558,6 +563,9 @@
+                                bool   clear_all_soft_refs,
+                                size_t size,
+                                bool   is_tlab) {
++#ifndef USDT2
++  HS_DTRACE_PROBE4(hotspot, gc__collection__defnew__begin, full, clear_all_soft_refs, size, is_tlab);
++#endif  /* !USDT2 */
+   assert(full || size > 0, "otherwise we don't want to collect");
+ 
+   GenCollectedHeap* gch = GenCollectedHeap::heap();
+@@ -706,6 +714,10 @@
+   jlong now = os::javaTimeNanos() / NANOSECS_PER_MILLISEC;
+   update_time_of_last_gc(now);
+ 
++#ifndef USDT2
++  HS_DTRACE_PROBE4(hotspot, gc__collection__defnew__end, full, clear_all_soft_refs, size, is_tlab);
++#endif  /* !USDT2 */
++
+   gch->trace_heap_after_gc(&gc_tracer);
+   gc_tracer.report_tenuring_threshold(tenuring_threshold());
+ 
+diff -Nru openjdk.orig/hotspot/src/share/vm/memory/generation.cpp openjdk/hotspot/src/share/vm/memory/generation.cpp
+--- openjdk.orig/hotspot/src/share/vm/memory/generation.cpp	2014-03-06 09:11:53.000000000 +0000
++++ openjdk/hotspot/src/share/vm/memory/generation.cpp	2014-03-07 04:29:33.234530133 +0000
+@@ -41,8 +41,14 @@
+ #include "oops/oop.inline.hpp"
+ #include "runtime/java.hpp"
+ #include "utilities/copy.hpp"
++#include "utilities/dtrace.hpp"
+ #include "utilities/events.hpp"
+ 
++#ifndef USDT2
++  HS_DTRACE_PROBE_DECL4(provider, gc__collection__contig__begin, bool, bool, size_t, bool);
++  HS_DTRACE_PROBE_DECL4(provider, gc__collection__contig__end, bool, bool, size_t, bool);

From bugzilla-daemon at icedtea.classpath.org  Thu Mar 27 20:02:23 2014
From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org)
Date: Thu, 27 Mar 2014 20:02:23 +0000
Subject: [Bug 1713] [IcedTea7] Support AArch64 Port
In-Reply-To: <bug-1713-30@http.icedtea.classpath.org/bugzilla/>
References: <bug-1713-30@http.icedtea.classpath.org/bugzilla/>
Message-ID: <bug-1713-30-WHvGphV7E0@http.icedtea.classpath.org/bugzilla/>

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1713

--- Comment #4 from hg commits <mercurial at icedtea.classpath.org> ---
details:
http://icedtea.classpath.org//hg/release/icedtea7-2.4?cmd=changeset;node=7e432bfdb372
author: Andrew John Hughes <gnu_andrew at member.fsf.org>
date: Thu Mar 27 19:18:54 2014 +0000

    PR1713: Support AArch64 port

    2014-03-27  Andrew John Hughes  <gnu.andrew at member.fsf.org>

        * patches/boot/hotspot/default/jdk-dependency.patch:
        Moved to...
        * patches/boot/hotspot/zero/jdk-dependency.patch:
        Removed; no longer a zero HotSpot build.
        * Makefile.am:
        (ICEDTEA_BOOT_PATCHES): Make jdk-dependency not
        dependent on HotSpot version.
        * patches/boot/hotspot-jdk-dependency.patch:
        ...here.

    2014-03-07  Andrew John Hughes  <gnu.andrew at member.fsf.org>

        * patches/systemtap_gc.patch: Moved to...
        * Makefile.am:
        (ICEDTEA_PATCHES): Make systemtap_gc.patch
        HotSpot-dependent.
        * hotspot.map: Add aarch64 HotSpot.
        * patches/hotspot/aarch64/systemtap_gc.patch:
        New patch against AArch64 HotSpot tarball.
        * patches/hotspot/default/systemtap_gc.patch:
        ... here.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140327/2c6d3bbd/attachment-0001.html>

From bugzilla-daemon at icedtea.classpath.org  Thu Mar 27 20:02:29 2014
From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org)
Date: Thu, 27 Mar 2014 20:02:29 +0000
Subject: [Bug 1713] [IcedTea7] Support AArch64 Port
In-Reply-To: <bug-1713-30@http.icedtea.classpath.org/bugzilla/>
References: <bug-1713-30@http.icedtea.classpath.org/bugzilla/>
Message-ID: <bug-1713-30-cWDVM6MMzf@http.icedtea.classpath.org/bugzilla/>

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1713

--- Comment #5 from hg commits <mercurial at icedtea.classpath.org> ---
details:
http://icedtea.classpath.org//hg/release/icedtea7-2.4?cmd=changeset;node=2b651084f99e
author: Andrew John Hughes <gnu_andrew at member.fsf.org>
date: Thu Mar 27 20:01:40 2014 +0000

    PR1713: Support AArch64 port

    2014-03-27  Andrew John Hughes  <gnu.andrew at member.fsf.org>

        * acinclude.m4:
        (IT_ENABLE_ZERO_BUILD): Default to off on aarch64/arm64.
        (IT_WITH_HOTSPOT_BUILD): Default to aarch64 port on aarch64.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140327/841b7202/attachment.html>

From andrew at icedtea.classpath.org  Thu Mar 27 20:23:42 2014
From: andrew at icedtea.classpath.org (andrew at icedtea.classpath.org)
Date: Thu, 27 Mar 2014 20:23:42 +0000
Subject: /hg/release/icedtea7-2.4: Turn ARM32 JIT off by default; fails t...
Message-ID: <hg.0e95da4065f2.1395951822.5789328834432805220@icedtea.classpath.org>

changeset 0e95da4065f2 in /hg/release/icedtea7-2.4
details: http://icedtea.classpath.org/hg/release/icedtea7-2.4?cmd=changeset;node=0e95da4065f2
author: Andrew John Hughes <gnu_andrew at member.fsf.org>
date: Thu Mar 27 20:22:28 2014 +0000

	Turn ARM32 JIT off by default; fails to bootstrap.

	2014-03-27  Andrew John Hughes  <gnu.andrew at member.fsf.org>

		* acinclude.m4:
		(IT_ENABLE_ARM32JIT): Turn JIT off by default.
		* NEWS: Remove mention of turning JIT on by default.


diffstat:

 ChangeLog    |  6 ++++++
 NEWS         |  1 -
 acinclude.m4 |  2 +-
 3 files changed, 7 insertions(+), 2 deletions(-)

diffs (36 lines):

diff -r 2b651084f99e -r 0e95da4065f2 ChangeLog
--- a/ChangeLog	Thu Mar 27 20:01:40 2014 +0000
+++ b/ChangeLog	Thu Mar 27 20:22:28 2014 +0000
@@ -1,3 +1,9 @@
+2014-03-27  Andrew John Hughes  <gnu.andrew at member.fsf.org>
+
+	* acinclude.m4:
+	(IT_ENABLE_ARM32JIT): Turn JIT off by default.
+	* NEWS: Remove mention of turning JIT on by default.
+
 2014-03-27  Andrew John Hughes  <gnu.andrew at member.fsf.org>
 
 	* acinclude.m4:
diff -r 2b651084f99e -r 0e95da4065f2 NEWS
--- a/NEWS	Thu Mar 27 20:01:40 2014 +0000
+++ b/NEWS	Thu Mar 27 20:22:28 2014 +0000
@@ -63,7 +63,6 @@
   - Include $(CFLAGS) in assembler stage
   - PR1626: ARM32 assembler update for hsx24. Use ARM32JIT to turn it on/off.
   - Replace literal offsets for METHOD_SIZEOFPARAMETERS and ISTATE_NEXT_FRAME with correct symbolic names.
-  - Turn ARM32 JIT on by default
 * AArch64 port
   - PR1713: Support AArch64 Port
 * Shark
diff -r 2b651084f99e -r 0e95da4065f2 acinclude.m4
--- a/acinclude.m4	Thu Mar 27 20:01:40 2014 +0000
+++ b/acinclude.m4	Thu Mar 27 20:22:28 2014 +0000
@@ -2643,7 +2643,7 @@
     esac
   ],
   [
-    enable_arm32jit=yes
+    enable_arm32jit=no
   ])
   AC_MSG_RESULT([$enable_arm32jit])
   AM_CONDITIONAL([ENABLE_ARM32JIT], test x"${enable_arm32jit}" = "xyes")

From andrew at icedtea.classpath.org  Thu Mar 27 23:22:17 2014
From: andrew at icedtea.classpath.org (andrew at icedtea.classpath.org)
Date: Thu, 27 Mar 2014 23:22:17 +0000
Subject: /hg/release/icedtea7-forest-2.4/hotspot: 2 new changesets
Message-ID: <hg.172674e0ab65.1395962537.8708922617413201811@icedtea.classpath.org>

changeset 172674e0ab65 in /hg/release/icedtea7-forest-2.4/hotspot
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/hotspot?cmd=changeset;node=172674e0ab65
author: igerasim
date: Fri Feb 28 16:00:40 2014 +0400

	8035893: JVM_GetVersionInfo fails to zero structure
	Reviewed-by: sla, zgu


changeset 7f4fbcd8815d in /hg/release/icedtea7-forest-2.4/hotspot
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/hotspot?cmd=changeset;node=7f4fbcd8815d
author: andrew
date: Thu Mar 27 23:21:09 2014 +0000

	Added tag icedtea-2.4.6 for changeset 172674e0ab65


diffstat:

 .hgtags                    |  1 +
 src/share/vm/prims/jvm.cpp |  2 +-
 2 files changed, 2 insertions(+), 1 deletions(-)

diffs (20 lines):

diff -r 490de178ae72 -r 7f4fbcd8815d .hgtags
--- a/.hgtags	Mon Mar 17 16:37:17 2014 +0000
+++ b/.hgtags	Thu Mar 27 23:21:09 2014 +0000
@@ -625,3 +625,4 @@
 6c6a2299029ad02fa2820b8ff8c61c2bbcae799c jdk7u51-b13
 2cb58882dac3bf8b186ef15f847be926772bbf98 icedtea-2.4.5
 00478c5bf5e93892b40bac1c293f8540d5be58ab icedtea-2.4.6pre01
+172674e0ab65752a9a6e5bb7f563e03f8ca44be1 icedtea-2.4.6
diff -r 490de178ae72 -r 7f4fbcd8815d src/share/vm/prims/jvm.cpp
--- a/src/share/vm/prims/jvm.cpp	Mon Mar 17 16:37:17 2014 +0000
+++ b/src/share/vm/prims/jvm.cpp	Thu Mar 27 23:21:09 2014 +0000
@@ -4546,7 +4546,7 @@
 
 JVM_ENTRY(void, JVM_GetVersionInfo(JNIEnv* env, jvm_version_info* info, size_t info_size))
 {
-  memset(info, 0, sizeof(info_size));
+  memset(info, 0, info_size);
 
   info->jvm_version = Abstract_VM_Version::jvm_version();
   info->update_version = 0;          /* 0 in HotSpot Express VM */

From andrew at icedtea.classpath.org  Thu Mar 27 23:29:35 2014
From: andrew at icedtea.classpath.org (andrew at icedtea.classpath.org)
Date: Thu, 27 Mar 2014 23:29:35 +0000
Subject: /hg/icedtea7: 2 new changesets
Message-ID: <hg.6ef5523cf948.1395962975.2873452341184383833@icedtea.classpath.org>

changeset 6ef5523cf948 in /hg/icedtea7
details: http://icedtea.classpath.org/hg/icedtea7?cmd=changeset;node=6ef5523cf948
author: Andrew John Hughes <gnu_andrew at member.fsf.org>
date: Thu Mar 27 20:30:05 2014 +0000

	Update patch locations for tarball.

	2014-03-27  Andrew John Hughes  <gnu.andrew at member.fsf.org>

		* Makefile.am:
		(EXTRA_DIST): Don't look for patches in
		boot/hotspot/*. Do look for patches in
		hotspot/*.


changeset 2278f72329bf in /hg/icedtea7
details: http://icedtea.classpath.org/hg/icedtea7?cmd=changeset;node=2278f72329bf
author: Andrew John Hughes <gnu_andrew at member.fsf.org>
date: Thu Mar 27 21:18:02 2014 +0000

	Update to latest aarch64 tree.

	2014-03-27  Andrew John Hughes  <gnu.andrew at member.fsf.org>

		* hotspot.map:
		Update to latest aarch64 tree.


diffstat:

 ChangeLog   |  12 ++++++++++++
 Makefile.am |   2 +-
 hotspot.map |   2 +-
 3 files changed, 14 insertions(+), 2 deletions(-)

diffs (39 lines):

diff -r bf2f5ea62322 -r 2278f72329bf ChangeLog
--- a/ChangeLog	Thu Mar 27 03:50:20 2014 +0000
+++ b/ChangeLog	Thu Mar 27 21:18:02 2014 +0000
@@ -1,3 +1,15 @@
+2014-03-27  Andrew John Hughes  <gnu.andrew at member.fsf.org>
+
+	* hotspot.map:
+	Update to latest aarch64 tree.
+
+2014-03-27  Andrew John Hughes  <gnu.andrew at member.fsf.org>
+
+	* Makefile.am:
+	(EXTRA_DIST): Don't look for patches in
+	boot/hotspot/*. Do look for patches in
+	hotspot/*.
+
 2014-03-26  Andrew John Hughes  <gnu.andrew at member.fsf.org>
 
 	Perform configure checks using ecj.jar
diff -r bf2f5ea62322 -r 2278f72329bf Makefile.am
--- a/Makefile.am	Thu Mar 27 03:50:20 2014 +0000
+++ b/Makefile.am	Thu Mar 27 21:18:02 2014 +0000
@@ -730,7 +730,7 @@
 EXTRA_DIST = $(GENERATED_FILES) $(top_srcdir)/patches/*.patch \
 	$(top_srcdir)/patches/boot/*.patch \
 	$(top_srcdir)/patches/cacao/*.patch \
-	$(top_srcdir)/patches/boot/hotspot/*/*.patch \
+	$(top_srcdir)/patches/hotspot/*/*.patch \
 	tools-copy contrib overlays \
 	javaws.png javaws.desktop \
 	jconsole.desktop policytool.desktop \
diff -r bf2f5ea62322 -r 2278f72329bf hotspot.map
--- a/hotspot.map	Thu Mar 27 03:50:20 2014 +0000
+++ b/hotspot.map	Thu Mar 27 21:18:02 2014 +0000
@@ -1,3 +1,3 @@
 # version url changeset sha256sum
 default http://icedtea.classpath.org/hg/icedtea7-forest/hotspot f30e87f16d90 871fa08b8e9d7a2958cee844f940752c39b1946146dc382c005269e86b687a49
-aarch64 http://hg.openjdk.java.net/aarch64-port/jdk7u/hotspot 22910135cca6 477cd13f7fbe34d6dd878bbdb1e16f73b4b22e0e78d049d98f3c9cce8c193a1a
+aarch64 http://hg.openjdk.java.net/aarch64-port/jdk7u/hotspot f50993b6c38d 64c2d0bfa71d6eecf18ab28fd64d5bd79af096f77548d80de7953c306fd9c22c

From ptisnovs at icedtea.classpath.org  Fri Mar 28 09:45:07 2014
From: ptisnovs at icedtea.classpath.org (ptisnovs at icedtea.classpath.org)
Date: Fri, 28 Mar 2014 09:45:07 +0000
Subject: /hg/gfx-test: Eight new tests added into BitBltBasicTests.
Message-ID: <hg.ab61c1a09c99.1395999907.-6248649288953172555@icedtea.classpath.org>

changeset ab61c1a09c99 in /hg/gfx-test
details: http://icedtea.classpath.org/hg/gfx-test?cmd=changeset;node=ab61c1a09c99
author: Pavel Tisnovsky <ptisnovs at redhat.com>
date: Fri Mar 28 10:45:48 2014 +0100

	Eight new tests added into BitBltBasicTests.


diffstat:

 ChangeLog                                        |    5 +
 src/org/gfxtest/testsuites/BitBltBasicTests.java |  120 +++++++++++++++++++++++
 2 files changed, 125 insertions(+), 0 deletions(-)

diffs (191 lines):

diff -r 3ab1971d3e7c -r ab61c1a09c99 ChangeLog
--- a/ChangeLog	Thu Mar 27 09:54:59 2014 +0100
+++ b/ChangeLog	Fri Mar 28 10:45:48 2014 +0100
@@ -1,3 +1,8 @@
+2014-03-28  Pavel Tisnovsky  <ptisnovs at redhat.com>
+
+	* src/org/gfxtest/testsuites/BitBltBasicTests.java:
+	Eight new tests added into BitBltBasicTests.
+
 2014-03-27  Pavel Tisnovsky  <ptisnovs at redhat.com>
 
 	* src/org/gfxtest/testsuites/BitBltAffineQuadrantRotateTransformOp.java:
diff -r 3ab1971d3e7c -r ab61c1a09c99 src/org/gfxtest/testsuites/BitBltBasicTests.java
--- a/src/org/gfxtest/testsuites/BitBltBasicTests.java	Thu Mar 27 09:54:59 2014 +0100
+++ b/src/org/gfxtest/testsuites/BitBltBasicTests.java	Fri Mar 28 10:45:48 2014 +0100
@@ -2383,6 +2383,21 @@
     }
 
     /**
+     * Test basic BitBlt operation for diagonal color stripes buffered image with type TYPE_CUSTOM.
+     *
+     * @param image
+     *            image used as a destination for BitBlt-type operations
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testBitBltDiagonalColorStripesBufferedImageTypeCustom(TestImage image, Graphics2D graphics2d)
+    {
+        // create new buffered image and then perform basic BitBlt test.
+        return CommonBitmapOperations.doBitBltTestWithDiagonalColorStripesImage(image, graphics2d, BufferedImage.TYPE_CUSTOM);
+    }
+
+    /**
      * Test basic BitBlt operation for black and white dots pattern buffered image with type TYPE_3BYTE_BGR.
      *
      * @param image
@@ -2580,6 +2595,21 @@
     }
 
     /**
+     * Test basic BitBlt operation for black and white dots pattern buffered image with type TYPE_CUSTOM.
+     *
+     * @param image
+     *            image used as a destination for BitBlt-type operations
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testBitBltBWDotsBufferedImageTypeCustom(TestImage image, Graphics2D graphics2d)
+    {
+        // create new buffered image and then perform basic BitBlt test.
+        return CommonBitmapOperations.doBitBltTestWithBWDotsImage(image, graphics2d, BufferedImage.TYPE_CUSTOM);
+    }
+
+    /**
      * Test basic BitBlt operation for color dots pattern buffered image with type TYPE_3BYTE_BGR.
      *
      * @param image
@@ -2777,6 +2807,21 @@
     }
 
     /**
+     * Test basic BitBlt operation for color dots pattern buffered image with type TYPE_CUSTOM.
+     *
+     * @param image
+     *            image used as a destination for BitBlt-type operations
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testBitBltColorDotsBufferedImageTypeCustom(TestImage image, Graphics2D graphics2d)
+    {
+        // create new buffered image and then perform basic BitBlt test.
+        return CommonBitmapOperations.doBitBltTestWithColorDotsImage(image, graphics2d, BufferedImage.TYPE_CUSTOM);
+    }
+
+    /**
      * Test basic BitBlt operation for horizontal grayscale gradient buffered image with type TYPE_3BYTE_BGR.
      *
      * @param image
@@ -2973,6 +3018,21 @@
     }
 
     /**
+     * Test basic BitBlt operation for horizontal grayscale gradient buffered image with type TYPE_CUSTOM.
+     *
+     * @param image
+     *            image used as a destination for BitBlt-type operations
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testBitBltHorizontalGrayscaleGradientBufferedImageTypeCustom(TestImage image, Graphics2D graphics2d)
+    {
+        // create new buffered image and then perform basic BitBlt test.
+        return CommonBitmapOperations.doBitBltTestWithHorizontalGrayscaleGradientImage(image, graphics2d, BufferedImage.TYPE_CUSTOM);
+    }
+
+    /**
      * Test basic BitBlt operation for vertical grayscale gradient buffered image with type TYPE_3BYTE_BGR.
      *
      * @param image
@@ -3169,6 +3229,21 @@
     }
 
     /**
+     * Test basic BitBlt operation for vertical grayscale gradient buffered image with type TYPE_CUSTOM.
+     *
+     * @param image
+     *            image used as a destination for BitBlt-type operations
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testBitBltVerticalGrayscaleGradientBufferedImageTypeCustom(TestImage image, Graphics2D graphics2d)
+    {
+        // create new buffered image and then perform basic BitBlt test.
+        return CommonBitmapOperations.doBitBltTestWithVerticalGrayscaleGradientImage(image, graphics2d, BufferedImage.TYPE_CUSTOM);
+    }
+
+    /**
      * Test basic BitBlt operation for horizontal red gradient buffered image with type TYPE_3BYTE_BGR.
      *
      * @param image
@@ -3366,6 +3441,21 @@
     }
 
     /**
+     * Test basic BitBlt operation for horizontal red gradient buffered image with type TYPE_CUSTOM.
+     *
+     * @param image
+     *            image used as a destination for BitBlt-type operations
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testBitBltHorizontalRedGradientBufferedImageTypeCustom(TestImage image, Graphics2D graphics2d)
+    {
+        // create new buffered image and then perform basic BitBlt test.
+        return CommonBitmapOperations.doBitBltTestWithHorizontalRedGradientImage(image, graphics2d, BufferedImage.TYPE_CUSTOM);
+    }
+
+    /**
      * Test basic BitBlt operation for vertical red gradient buffered image with type TYPE_3BYTE_BGR.
      *
      * @param image
@@ -3563,6 +3653,21 @@
     }
 
     /**
+     * Test basic BitBlt operation for vertical red gradient buffered image with type TYPE_CUSTOM.
+     *
+     * @param image
+     *            image used as a destination for BitBlt-type operations
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testBitBltVerticalRedGradientBufferedImageTypeCustom(TestImage image, Graphics2D graphics2d)
+    {
+        // create new buffered image and then perform basic BitBlt test.
+        return CommonBitmapOperations.doBitBltTestWithVerticalRedGradientImage(image, graphics2d, BufferedImage.TYPE_CUSTOM);
+    }
+
+    /**
      * Test basic BitBlt operation for horizontal green gradient buffered image with type TYPE_3BYTE_BGR.
      *
      * @param image
@@ -3760,6 +3865,21 @@
     }
 
     /**
+     * Test basic BitBlt operation for horizontal green gradient buffered image with type TYPE_CUSTOM.
+     *
+     * @param image
+     *            image used as a destination for BitBlt-type operations
+     * @param graphics2d
+     *            graphics canvas
+     * @return test result status - PASSED, FAILED or ERROR
+     */
+    public TestResult testBitBltHorizontalGreenGradientBufferedImageTypeCustom(TestImage image, Graphics2D graphics2d)
+    {
+        // create new buffered image and then perform basic BitBlt test.
+        return CommonBitmapOperations.doBitBltTestWithHorizontalGreenGradientImage(image, graphics2d, BufferedImage.TYPE_CUSTOM);
+    }
+
+    /**
      * Test basic BitBlt operation for vertical green gradient buffered image with type TYPE_3BYTE_BGR.
      *
      * @param image

From ptisnovs at icedtea.classpath.org  Fri Mar 28 09:47:59 2014
From: ptisnovs at icedtea.classpath.org (ptisnovs at icedtea.classpath.org)
Date: Fri, 28 Mar 2014 09:47:59 +0000
Subject: /hg/rhino-tests: Three new tests added into ScriptEngineClassTest.
Message-ID: <hg.9d409b2379c5.1396000079.-6019694633368342460@icedtea.classpath.org>

changeset 9d409b2379c5 in /hg/rhino-tests
details: http://icedtea.classpath.org/hg/rhino-tests?cmd=changeset;node=9d409b2379c5
author: Pavel Tisnovsky <ptisnovs at redhat.com>
date: Fri Mar 28 10:48:43 2014 +0100

	Three new tests added into ScriptEngineClassTest.


diffstat:

 ChangeLog                                     |   5 ++++
 src/org/RhinoTests/ScriptEngineClassTest.java |  31 +++++++++++++++++++++++++++
 2 files changed, 36 insertions(+), 0 deletions(-)

diffs (60 lines):

diff -r 2b9db1e50f41 -r 9d409b2379c5 ChangeLog
--- a/ChangeLog	Thu Mar 27 10:02:20 2014 +0100
+++ b/ChangeLog	Fri Mar 28 10:48:43 2014 +0100
@@ -1,3 +1,8 @@
+2014-03-28  Pavel Tisnovsky  <ptisnovs at redhat.com>
+
+	* src/org/RhinoTests/ScriptEngineClassTest.java:
+	Three new tests added into ScriptEngineClassTest.
+
 2014-03-27  Pavel Tisnovsky  <ptisnovs at redhat.com>
 
 	* src/org/RhinoTests/ScriptEngineClassTest.java:
diff -r 2b9db1e50f41 -r 9d409b2379c5 src/org/RhinoTests/ScriptEngineClassTest.java
--- a/src/org/RhinoTests/ScriptEngineClassTest.java	Thu Mar 27 10:02:20 2014 +0100
+++ b/src/org/RhinoTests/ScriptEngineClassTest.java	Fri Mar 28 10:48:43 2014 +0100
@@ -2048,6 +2048,19 @@
     }
 
     /**
+     * Test for method javax.script.ScriptEngine.getClass().getResourceAsStreamNPETest()
+     */
+    protected void testGetResourceAsStreamNPETest() {
+        try {
+            Object resource = this.scriptEngineClass.getResourceAsStream(null);
+            throw new AssertionError("NullPointerException expected!");
+        }
+        catch (NullPointerException e) {
+            //This is OK OK
+        }
+    }
+
+    /**
      * Test for method javax.script.ScriptEngine.getClass().getResourceAsStreamNegativeTest()
      */
     protected void testGetResourceAsStreamNegativeTest() {
@@ -2109,6 +2122,24 @@
     }
 
     /**
+     * Test for method javax.script.ScriptEngine.getClass().getResourceAsStreamPositiveTest()
+     */
+    protected void testGetResourceAsStreamPositiveTest() {
+        Object stream;
+        stream = this.scriptEngineClass.getResourceAsStream("/org/RhinoTests/AbstractScriptEngineClassTest.class");
+        assertNotNull(stream, "getResourceAsStream(\"/org/RhinoTests/AbstractScriptEngineClassTest.class\") returns null");
+    }
+
+    /**
+     * Test for method javax.script.ScriptEngine.getClass().toString()
+     */
+    protected void testToString() {
+        String asString;
+        asString = this.scriptEngineClass.toString();
+        assertEquals("interface javax.script.ScriptEngine", asString, "wrong toString() return value");
+    }
+
+    /**
      * Test for instanceof operator applied to a class javax.script.ScriptEngine
      */
     @SuppressWarnings("cast")

From andrew at icedtea.classpath.org  Fri Mar 28 12:28:02 2014
From: andrew at icedtea.classpath.org (andrew at icedtea.classpath.org)
Date: Fri, 28 Mar 2014 12:28:02 +0000
Subject: /hg/release/icedtea7-2.4: 10 new changesets
Message-ID: <hg.931fe5bd6067.1396009682.5789328834432805220@icedtea.classpath.org>

changeset 931fe5bd6067 in /hg/release/icedtea7-2.4
details: http://icedtea.classpath.org/hg/release/icedtea7-2.4?cmd=changeset;node=931fe5bd6067
author: Andrew John Hughes <gnu_andrew at member.fsf.org>
date: Thu Mar 27 20:26:36 2014 +0000

	Prepare for 2.4.6 release.

	2014-03-27  Andrew John Hughes  <gnu.andrew at member.fsf.org>

		* NEWS: Set release date to today.
		* configure.ac: Set to 2.4.6.


changeset 372ef328babd in /hg/release/icedtea7-2.4
details: http://icedtea.classpath.org/hg/release/icedtea7-2.4?cmd=changeset;node=372ef328babd
author: Andrew John Hughes <gnu_andrew at member.fsf.org>
date: Thu Mar 27 20:30:05 2014 +0000

	Update patch locations for tarball.

	2014-03-27  Andrew John Hughes  <gnu.andrew at member.fsf.org>

		* Makefile.am:
		(EXTRA_DIST): Don't look for patches in
		boot/hotspot/*. Do look for patches in
		hotspot/*.


changeset 3024634a3335 in /hg/release/icedtea7-2.4
details: http://icedtea.classpath.org/hg/release/icedtea7-2.4?cmd=changeset;node=3024634a3335
author: Andrew John Hughes <gnu_andrew at member.fsf.org>
date: Thu Mar 27 21:18:02 2014 +0000

	Update to latest aarch64 tree.

	2014-03-27  Andrew John Hughes  <gnu.andrew at member.fsf.org>

		* hotspot.map:
		Update to latest aarch64 tree.


changeset df0089517a62 in /hg/release/icedtea7-2.4
details: http://icedtea.classpath.org/hg/release/icedtea7-2.4?cmd=changeset;node=df0089517a62
author: Andrew John Hughes <gnu_andrew at member.fsf.org>
date: Thu Mar 27 03:50:20 2014 +0000

	Perform configure checks using ecj.jar if native ecj is enabled.

	2014-03-26  Andrew John Hughes  <gnu.andrew at member.fsf.org>

		Perform configure checks using ecj.jar
		if native ecj is enabled.
		* Makefile.am:
		(native-ecj): Link against gcj explicitly.
		* acinclude.m4:
		(IT_FIND_COMPILER): Run IT_WITH_GCJ
		and set JAVAC to an invocation of the ECJ_JAR
		if native ecj is used. Depend on IT_FIND_JAVA
		and IT_FIND_ECJ_JAR for this.
		(IT_FIND_ECJ_JAR): Define only once.
		(IT_WITH_GCJ): Likewise.
		(IT_DIAMOND_CHECK): Depend on IT_CHECK_JAVA_AND_JAVAC_WORK.
		* configure.ac: Remove invocation of IT_WITH_GCJ.


changeset c99ce4169f55 in /hg/release/icedtea7-2.4
details: http://icedtea.classpath.org/hg/release/icedtea7-2.4?cmd=changeset;node=c99ce4169f55
author: Andrew John Hughes <gnu_andrew at member.fsf.org>
date: Thu Mar 27 23:33:04 2014 +0000

	S8035893: JVM_GetVersionInfo fails to zero structure

	2014-03-27  Andrew John Hughes  <gnu.andrew at member.fsf.org>

		* NEWS: Updated.
		* hotspot.map: Bring in S8035893 backport.


changeset 47177c9bfafa in /hg/release/icedtea7-2.4
details: http://icedtea.classpath.org/hg/release/icedtea7-2.4?cmd=changeset;node=47177c9bfafa
author: Andrew John Hughes <gnu_andrew at member.fsf.org>
date: Fri Mar 28 03:41:03 2014 +0000

	Apply Werror fix to aarch64 port.

	2012-08-16  Andrew John Hughes  <gnu_andrew at member.fsf.org>

		* Makefile.am:
		(ICEDTEA_PATCHES): Add -Werror patch
		from IcedTea7 HEAD.
		* patches/hotspot/aarch64/werror.patch:
		Allow COMPILER_WARNINGS_FATAL to turn off -Werror.


changeset fdd91eddd59b in /hg/release/icedtea7-2.4
details: http://icedtea.classpath.org/hg/release/icedtea7-2.4?cmd=changeset;node=fdd91eddd59b
author: Andrew John Hughes <gnu_andrew at member.fsf.org>
date: Fri Mar 28 11:55:57 2014 +0000

	Revert previous change to ARM32 JIT default as bootstraps on Fedora.

	2014-03-28  Andrew John Hughes  <gnu.andrew at member.fsf.org>

		* acinclude.m4:
		(IT_ENABLE_ARM32JIT): Turn JIT on by default.
		* NEWS: Readd mention of turning JIT on by default.


changeset 4ca3077d0f5d in /hg/release/icedtea7-2.4
details: http://icedtea.classpath.org/hg/release/icedtea7-2.4?cmd=changeset;node=4ca3077d0f5d
author: Andrew John Hughes <gnu_andrew at member.fsf.org>
date: Fri Mar 28 12:06:12 2014 +0000

	Update release date.

	2014-03-28  Andrew John Hughes  <gnu.andrew at member.fsf.org>

		* NEWS: Update release date.


changeset 7207e8b9dc7f in /hg/release/icedtea7-2.4
details: http://icedtea.classpath.org/hg/release/icedtea7-2.4?cmd=changeset;node=7207e8b9dc7f
author: Andrew John Hughes <gnu_andrew at member.fsf.org>
date: Fri Mar 28 12:08:50 2014 +0000

	Update NEWS with recent changes.

	2014-03-26  Andrew John Hughes  <gnu.andrew at member.fsf.org>

		* NEWS: Update with recent changes.


changeset d2bc83a8ce09 in /hg/release/icedtea7-2.4
details: http://icedtea.classpath.org/hg/release/icedtea7-2.4?cmd=changeset;node=d2bc83a8ce09
author: Andrew John Hughes <gnu_andrew at member.fsf.org>
date: Fri Mar 28 12:27:42 2014 +0000

	Added tag icedtea-2.4.6 for changeset 7207e8b9dc7f


diffstat:

 .hgtags                              |   1 +
 ChangeLog                            |  60 ++++++++++++++++++++++++++++++++++++
 Makefile.am                          |   8 +++-
 NEWS                                 |   5 ++-
 acinclude.m4                         |  17 +++++++--
 configure.ac                         |   3 +-
 hotspot.map                          |   4 +-
 patches/hotspot/aarch64/werror.patch |  43 +++++++++++++++++++++++++
 8 files changed, 130 insertions(+), 11 deletions(-)

diffs (277 lines):

diff -r 0e95da4065f2 -r d2bc83a8ce09 .hgtags
--- a/.hgtags	Thu Mar 27 20:22:28 2014 +0000
+++ b/.hgtags	Fri Mar 28 12:27:42 2014 +0000
@@ -41,3 +41,4 @@
 3dd8c1e3a5b3827f1843a78a017c57d0ed45f2c0 icedtea-2.4.3
 73ef620ce0a5d16d5c90e58eb17d022c1ecb572e icedtea-2.4.4
 4bfa1c865fdd3d385c3bdf7a7c8611f80d42029d icedtea-2.4.5
+7207e8b9dc7f2a1673b02e410e75927fa49651fa icedtea-2.4.6
diff -r 0e95da4065f2 -r d2bc83a8ce09 ChangeLog
--- a/ChangeLog	Thu Mar 27 20:22:28 2014 +0000
+++ b/ChangeLog	Fri Mar 28 12:27:42 2014 +0000
@@ -1,3 +1,63 @@
+2014-03-26  Andrew John Hughes  <gnu.andrew at member.fsf.org>
+
+	* NEWS: Update with recent changes.
+
+2014-03-28  Andrew John Hughes  <gnu.andrew at member.fsf.org>
+
+	* NEWS: Update release date.
+
+2014-03-28  Andrew John Hughes  <gnu.andrew at member.fsf.org>
+
+	* acinclude.m4:
+	(IT_ENABLE_ARM32JIT): Turn JIT on by default.
+	* NEWS: Readd mention of turning JIT on by default.
+
+2012-08-16  Andrew John Hughes  <gnu_andrew at member.fsf.org>
+
+	* Makefile.am:
+	(ICEDTEA_PATCHES): Add -Werror patch
+	from IcedTea7 HEAD.
+	* patches/hotspot/aarch64/werror.patch:
+	Allow COMPILER_WARNINGS_FATAL to turn off -Werror.
+
+2014-03-27  Andrew John Hughes  <gnu.andrew at member.fsf.org>
+
+	* NEWS: Updated.
+	* hotspot.map: Bring in S8035893 backport.
+
+2014-03-26  Andrew John Hughes  <gnu.andrew at member.fsf.org>
+
+	Perform configure checks using ecj.jar
+	if native ecj is enabled.
+	* Makefile.am:
+	(native-ecj): Link against gcj explicitly.
+	* acinclude.m4:
+	(IT_FIND_COMPILER): Run IT_WITH_GCJ
+	and set JAVAC to an invocation of the ECJ_JAR
+	if native ecj is used. Depend on IT_FIND_JAVA
+	and IT_FIND_ECJ_JAR for this.
+	(IT_FIND_ECJ_JAR): Define only once.
+	(IT_WITH_GCJ): Likewise.
+	(IT_DIAMOND_CHECK): Depend on IT_CHECK_JAVA_AND_JAVAC_WORK.
+	* configure.ac: Remove invocation of IT_WITH_GCJ.
+
+2014-03-27  Andrew John Hughes  <gnu.andrew at member.fsf.org>
+
+	* hotspot.map:
+	Update to latest aarch64 tree.
+
+2014-03-27  Andrew John Hughes  <gnu.andrew at member.fsf.org>
+
+	* Makefile.am:
+	(EXTRA_DIST): Don't look for patches in
+	boot/hotspot/*. Do look for patches in
+	hotspot/*.
+
+2014-03-27  Andrew John Hughes  <gnu.andrew at member.fsf.org>
+
+	* NEWS: Set release date to today.
+	* configure.ac: Set to 2.4.6.
+
 2014-03-27  Andrew John Hughes  <gnu.andrew at member.fsf.org>
 
 	* acinclude.m4:
diff -r 0e95da4065f2 -r d2bc83a8ce09 Makefile.am
--- a/Makefile.am	Thu Mar 27 20:22:28 2014 +0000
+++ b/Makefile.am	Fri Mar 28 12:27:42 2014 +0000
@@ -297,6 +297,10 @@
 ICEDTEA_PATCHES += patches/nss-config.patch
 endif
 
+if WITH_ALT_HSBUILD
+ICEDTEA_PATCHES += patches/hotspot/aarch64/werror.patch
+endif
+
 ICEDTEA_PATCHES += $(DISTRIBUTION_PATCHES)
 
 # Bootstrapping patches
@@ -773,7 +777,7 @@
 EXTRA_DIST = $(GENERATED_FILES) $(top_srcdir)/patches/*.patch \
 	$(top_srcdir)/patches/boot/*.patch \
 	$(top_srcdir)/patches/cacao/*.patch \
-	$(top_srcdir)/patches/boot/hotspot/*/*.patch \
+	$(top_srcdir)/patches/hotspot/*/*.patch \
 	tools-copy contrib overlays \
 	javaws.png javaws.desktop \
 	jconsole.desktop policytool.desktop \
@@ -1627,7 +1631,7 @@
 	mkdir -p stamps 
 if BUILD_NATIVE_ECJ
 	${GCJ} $(IT_CFLAGS) -Wl,-Bsymbolic -findirect-dispatch -o native-ecj \
-	    --main=org.eclipse.jdt.internal.compiler.batch.Main ${ECJ_JAR}
+	    --main=org.eclipse.jdt.internal.compiler.batch.Main -lgcj ${ECJ_JAR}
 endif
 	touch $@
 
diff -r 0e95da4065f2 -r d2bc83a8ce09 NEWS
--- a/NEWS	Thu Mar 27 20:22:28 2014 +0000
+++ b/NEWS	Fri Mar 28 12:27:42 2014 +0000
@@ -12,10 +12,11 @@
 
 CVE-XXXX-YYYY: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=XXXX-YYYY
 
-New in release 2.4.6 (2014-04-XX):
+New in release 2.4.6 (2014-03-28):
 
 * Backports
   - S8009062: poor performance of JNI AttachCurrentThread after fix for 7017193
+  - S8035893: JVM_GetVersionInfo fails to zero structure
   - Re-enable the 'gamma' test at the end of the HotSpot build, but only for HotSpot based bootstrap JDKs.
 * Bug fixes
   - PR1101: Undefined symbols on GNU/Linux SPARC
@@ -25,6 +26,7 @@
   - PR1684: Build fails with empty PAX_COMMAND
   - RH1015432: java-1.7.0-openjdk: Fails on PPC with StackOverflowError (revised fix)
   - Link against $(LIBDL) if SYSTEM_CUPS is not true
+  - Perform configure checks using ecj.jar when --with-gcj (native ecj build) is enabled.
 * ARM32 port
   - Add arm_port from IcedTea 6
   - Add patches/arm.patch from IcedTea 6
@@ -63,6 +65,7 @@
   - Include $(CFLAGS) in assembler stage
   - PR1626: ARM32 assembler update for hsx24. Use ARM32JIT to turn it on/off.
   - Replace literal offsets for METHOD_SIZEOFPARAMETERS and ISTATE_NEXT_FRAME with correct symbolic names.
+  - Turn ARM32 JIT on by default
 * AArch64 port
   - PR1713: Support AArch64 Port
 * Shark
diff -r 0e95da4065f2 -r d2bc83a8ce09 acinclude.m4
--- a/acinclude.m4	Thu Mar 27 20:22:28 2014 +0000
+++ b/acinclude.m4	Fri Mar 28 12:27:42 2014 +0000
@@ -126,9 +126,17 @@
 
 AC_DEFUN([IT_FIND_COMPILER],
 [
+  AC_REQUIRE([IT_FIND_JAVA])
+  AC_REQUIRE([IT_FIND_ECJ_JAR])
+
   IT_FIND_JAVAC
   IT_FIND_ECJ
   IT_USING_ECJ
+  IT_WITH_GCJ
+  
+  if test x"${GCJ}" != xno ; then
+    JAVAC="${JAVA} -classpath ${ECJ_JAR} org.eclipse.jdt.internal.compiler.batch.Main"
+  fi
 
   AC_SUBST(ECJ)
   AC_SUBST(JAVAC)
@@ -315,7 +323,7 @@
   AM_CONDITIONAL([SRC_DIR_HARDLINKABLE], test x"${it_cv_hardlink_src}" = "xyes")
 ])
 
-AC_DEFUN([IT_FIND_ECJ_JAR],
+AC_DEFUN_ONCE([IT_FIND_ECJ_JAR],
 [
   AC_MSG_CHECKING([for an ecj JAR file])
   AC_ARG_WITH([ecj-jar],
@@ -930,7 +938,7 @@
   AM_CONDITIONAL([USE_JDK7], test x"${project}" = "xjdk7")
 ])
 
-AC_DEFUN([IT_WITH_GCJ],
+AC_DEFUN_ONCE([IT_WITH_GCJ],
 [
   AC_MSG_CHECKING([whether to compile ecj natively])
   AC_ARG_WITH([gcj],
@@ -1786,6 +1794,7 @@
 ])
 
 AC_DEFUN([IT_DIAMOND_CHECK],[
+  AC_REQUIRE([IT_CHECK_JAVA_AND_JAVAC_WORK])
   AC_CACHE_CHECK([if javac lacks support for the diamond operator], it_cv_diamond, [
   CLASS=Test.java
   BYTECODE=$(echo $CLASS|sed 's#\.java##')
@@ -2631,7 +2640,7 @@
 [
   AC_MSG_CHECKING([whether to enable the ARM32 JIT])
   AC_ARG_ENABLE([arm32-jit],
-                [AS_HELP_STRING(--enable-arm32-jit,build with the ARM32 JIT [[default=no]])],
+                [AS_HELP_STRING(--enable-arm32-jit,build with the ARM32 JIT [[default=yes]])],
   [
     case "${enableval}" in
       yes)
@@ -2643,7 +2652,7 @@
     esac
   ],
   [
-    enable_arm32jit=no
+    enable_arm32jit=yes
   ])
   AC_MSG_RESULT([$enable_arm32jit])
   AM_CONDITIONAL([ENABLE_ARM32JIT], test x"${enable_arm32jit}" = "xyes")
diff -r 0e95da4065f2 -r d2bc83a8ce09 configure.ac
--- a/configure.ac	Thu Mar 27 20:22:28 2014 +0000
+++ b/configure.ac	Fri Mar 28 12:27:42 2014 +0000
@@ -1,4 +1,4 @@
-AC_INIT([icedtea], [2.4.6pre01], [distro-pkg-dev at openjdk.java.net])
+AC_INIT([icedtea], [2.4.6], [distro-pkg-dev at openjdk.java.net])
 AM_INIT_AUTOMAKE([1.9 tar-pax foreign])
 AC_CONFIG_FILES([Makefile])
 
@@ -43,7 +43,6 @@
 IT_CHECK_FOR_MERCURIAL
 IT_OBTAIN_HG_REVISIONS
 AC_PATH_TOOL([LSB_RELEASE],[lsb_release])
-IT_WITH_GCJ
 IT_WITH_HOTSPOT_BUILD
 AC_PATH_TOOL([LINUX32],[linux32])
 IT_CHECK_GCC_VERSION
diff -r 0e95da4065f2 -r d2bc83a8ce09 hotspot.map
--- a/hotspot.map	Thu Mar 27 20:22:28 2014 +0000
+++ b/hotspot.map	Fri Mar 28 12:27:42 2014 +0000
@@ -1,3 +1,3 @@
 # version url changeset sha256sum
-default http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/hotspot 00478c5bf5e9 9f77cd372778c8a3359f3c9c0eb37c1dbd7c1f569613da89de64b41de48a5760
-aarch64 http://hg.openjdk.java.net/aarch64-port/jdk7u/hotspot 22910135cca6 477cd13f7fbe34d6dd878bbdb1e16f73b4b22e0e78d049d98f3c9cce8c193a1a
+default http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/hotspot 172674e0ab65 2aadfe9b1848a619bd2d35f802b3e71ef5286e7822f9e7b02ce2539ca817d9b0
+aarch64 http://hg.openjdk.java.net/aarch64-port/jdk7u/hotspot f50993b6c38d 64c2d0bfa71d6eecf18ab28fd64d5bd79af096f77548d80de7953c306fd9c22c
diff -r 0e95da4065f2 -r d2bc83a8ce09 patches/hotspot/aarch64/werror.patch
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/patches/hotspot/aarch64/werror.patch	Fri Mar 28 12:27:42 2014 +0000
@@ -0,0 +1,43 @@
+diff -Nru openjdk.orig/hotspot/make/linux/makefiles/gcc.make openjdk/hotspot/make/linux/makefiles/gcc.make
+--- openjdk.orig/hotspot/make/linux/makefiles/gcc.make	2014-03-25 14:07:53.000000000 +0000
++++ openjdk/hotspot/make/linux/makefiles/gcc.make	2014-03-28 03:26:57.229802760 +0000
+@@ -205,7 +205,9 @@
+ endif
+ 
+ # Compiler warnings are treated as errors
++ifneq ($(COMPILER_WARNINGS_FATAL),false)
+ WARNINGS_ARE_ERRORS = -Werror
++endif
+ 
+ ifeq ($(USE_CLANG), true)
+   # However we need to clean the code up before we can unrestrictedly enable this option with Clang
+diff -Nru openjdk.orig/hotspot/make/solaris/makefiles/adlc.make openjdk/hotspot/make/solaris/makefiles/adlc.make
+--- openjdk.orig/hotspot/make/solaris/makefiles/adlc.make	2014-03-25 14:07:53.000000000 +0000
++++ openjdk/hotspot/make/solaris/makefiles/adlc.make	2014-03-28 03:26:02.604988364 +0000
+@@ -73,8 +73,10 @@
+ 
+ # CFLAGS_WARN holds compiler options to suppress/enable warnings.
+ # Compiler warnings are treated as errors
+-ifeq ($(shell expr $(COMPILER_REV_NUMERIC) \>= 509), 1)
+-  CFLAGS_WARN = +w -errwarn
++ifneq ($(COMPILER_WARNINGS_FATAL),false)
++  ifeq ($(shell expr $(COMPILER_REV_NUMERIC) \>= 509), 1)
++    CFLAGS_WARN = +w -errwarn
++  endif
+ endif
+ CFLAGS += $(CFLAGS_WARN)
+ 
+diff -Nru openjdk.orig/hotspot/make/solaris/makefiles/gcc.make openjdk/hotspot/make/solaris/makefiles/gcc.make
+--- openjdk.orig/hotspot/make/solaris/makefiles/gcc.make	2014-03-25 14:07:53.000000000 +0000
++++ openjdk/hotspot/make/solaris/makefiles/gcc.make	2014-03-28 03:27:28.206264586 +0000
+@@ -116,7 +116,9 @@
+ 
+ 
+ # Compiler warnings are treated as errors 
+-WARNINGS_ARE_ERRORS = -Werror 
++ifneq ($(COMPILER_WARNINGS_FATAL),false)
++WARNINGS_ARE_ERRORS = -Werror
++endif
+ # Enable these warnings. See 'info gcc' about details on these options
+ WARNING_FLAGS = -Wpointer-arith -Wconversion -Wsign-compare -Wundef
+ CFLAGS_WARN/DEFAULT = $(WARNINGS_ARE_ERRORS) $(WARNING_FLAGS)

From andrew at icedtea.classpath.org  Fri Mar 28 12:29:54 2014
From: andrew at icedtea.classpath.org (andrew at icedtea.classpath.org)
Date: Fri, 28 Mar 2014 12:29:54 +0000
Subject: /hg/release/icedtea7-forest-2.4/corba: Added tag icedtea-2.4.6 f...
Message-ID: <hg.83199e0b01cf.1396009794.-523731888714527277@icedtea.classpath.org>

changeset 83199e0b01cf in /hg/release/icedtea7-forest-2.4/corba
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/corba?cmd=changeset;node=83199e0b01cf
author: andrew
date: Wed Mar 26 16:03:42 2014 +0000

	Added tag icedtea-2.4.6 for changeset 48ef1bb6d120


diffstat:

 .hgtags |  1 +
 1 files changed, 1 insertions(+), 0 deletions(-)

diffs (8 lines):

diff -r 3cf2158dd79b -r 83199e0b01cf .hgtags
--- a/.hgtags	Mon Mar 17 16:37:11 2014 +0000
+++ b/.hgtags	Wed Mar 26 16:03:42 2014 +0000
@@ -412,3 +412,4 @@
 e2f0036f712aa636cfd55334ac21ea7ca2587a7b jdk7u51-b13
 3594dbde270d68920afc5ee862d10f14c2a87dc8 icedtea-2.4.5
 48ef1bb6d120dbf053f75787a40ef6faa38230f1 icedtea-2.4.6pre01
+48ef1bb6d120dbf053f75787a40ef6faa38230f1 icedtea-2.4.6

From andrew at icedtea.classpath.org  Fri Mar 28 12:29:47 2014
From: andrew at icedtea.classpath.org (andrew at icedtea.classpath.org)
Date: Fri, 28 Mar 2014 12:29:47 +0000
Subject: /hg/release/icedtea7-forest-2.4: Added tag icedtea-2.4.6 for cha...
Message-ID: <hg.d1abda35e18d.1396009787.-6425493795253247641@icedtea.classpath.org>

changeset d1abda35e18d in /hg/release/icedtea7-forest-2.4
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4?cmd=changeset;node=d1abda35e18d
author: andrew
date: Wed Mar 26 16:02:33 2014 +0000

	Added tag icedtea-2.4.6 for changeset b028e58c1b77


diffstat:

 .hgtags |  1 +
 1 files changed, 1 insertions(+), 0 deletions(-)

diffs (8 lines):

diff -r 2307419e6c4c -r d1abda35e18d .hgtags
--- a/.hgtags	Mon Mar 17 16:37:10 2014 +0000
+++ b/.hgtags	Wed Mar 26 16:02:33 2014 +0000
@@ -410,3 +410,4 @@
 6c778574d87336a2e55156544af92ce2de799696 jdk7u51-b13
 410eb7fef869645524ebb08293da1ba6215e5ce9 icedtea-2.4.5
 b028e58c1b77759531652b7ec81764f3c05ec96c icedtea-2.4.6pre01
+b028e58c1b77759531652b7ec81764f3c05ec96c icedtea-2.4.6

From andrew at icedtea.classpath.org  Fri Mar 28 12:30:00 2014
From: andrew at icedtea.classpath.org (andrew at icedtea.classpath.org)
Date: Fri, 28 Mar 2014 12:30:00 +0000
Subject: /hg/release/icedtea7-forest-2.4/jaxp: Added tag icedtea-2.4.6 fo...
Message-ID: <hg.076644826249.1396009800.6056160295555406480@icedtea.classpath.org>

changeset 076644826249 in /hg/release/icedtea7-forest-2.4/jaxp
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/jaxp?cmd=changeset;node=076644826249
author: andrew
date: Wed Mar 26 16:03:42 2014 +0000

	Added tag icedtea-2.4.6 for changeset e0ba4b9a8b91


diffstat:

 .hgtags |  1 +
 1 files changed, 1 insertions(+), 0 deletions(-)

diffs (8 lines):

diff -r 729a01a39169 -r 076644826249 .hgtags
--- a/.hgtags	Mon Mar 17 16:37:13 2014 +0000
+++ b/.hgtags	Wed Mar 26 16:03:42 2014 +0000
@@ -412,3 +412,4 @@
 114654a331e2f97a048d7ed43d06d7512e20e2c1 jdk7u51-b13
 8fe156ad49e2db0e5034ffda4649e801b9c315da icedtea-2.4.5
 e0ba4b9a8b91c10bacd0b316b2e04717e0f4662a icedtea-2.4.6pre01
+e0ba4b9a8b91c10bacd0b316b2e04717e0f4662a icedtea-2.4.6

From andrew at icedtea.classpath.org  Fri Mar 28 12:30:07 2014
From: andrew at icedtea.classpath.org (andrew at icedtea.classpath.org)
Date: Fri, 28 Mar 2014 12:30:07 +0000
Subject: /hg/release/icedtea7-forest-2.4/jaxws: Added tag icedtea-2.4.6 f...
Message-ID: <hg.622332638ead.1396009807.1704173005128376975@icedtea.classpath.org>

changeset 622332638ead in /hg/release/icedtea7-forest-2.4/jaxws
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/jaxws?cmd=changeset;node=622332638ead
author: andrew
date: Wed Mar 26 16:03:43 2014 +0000

	Added tag icedtea-2.4.6 for changeset 4bd947cd146b


diffstat:

 .hgtags |  1 +
 1 files changed, 1 insertions(+), 0 deletions(-)

diffs (8 lines):

diff -r d64584236d69 -r 622332638ead .hgtags
--- a/.hgtags	Mon Mar 17 16:37:13 2014 +0000
+++ b/.hgtags	Wed Mar 26 16:03:43 2014 +0000
@@ -412,3 +412,4 @@
 81a1b110f70c37d2c2f0de7c0ef3bd2d04aba475 jdk7u51-b13
 32ea8b1ed91a12ac4633d596f0713c2c67930874 icedtea-2.4.5
 4bd947cd146bba78ac7ef45e3d28369c3faa8461 icedtea-2.4.6pre01
+4bd947cd146bba78ac7ef45e3d28369c3faa8461 icedtea-2.4.6

From andrew at icedtea.classpath.org  Fri Mar 28 12:30:15 2014
From: andrew at icedtea.classpath.org (andrew at icedtea.classpath.org)
Date: Fri, 28 Mar 2014 12:30:15 +0000
Subject: /hg/release/icedtea7-forest-2.4/langtools: Added tag icedtea-2.4...
Message-ID: <hg.a4b41531c1f4.1396009815.1305664371660628365@icedtea.classpath.org>

changeset a4b41531c1f4 in /hg/release/icedtea7-forest-2.4/langtools
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/langtools?cmd=changeset;node=a4b41531c1f4
author: andrew
date: Wed Mar 26 16:03:43 2014 +0000

	Added tag icedtea-2.4.6 for changeset 06eeb77dac24


diffstat:

 .hgtags |  1 +
 1 files changed, 1 insertions(+), 0 deletions(-)

diffs (8 lines):

diff -r f1982814ebb6 -r a4b41531c1f4 .hgtags
--- a/.hgtags	Mon Mar 17 16:37:14 2014 +0000
+++ b/.hgtags	Wed Mar 26 16:03:43 2014 +0000
@@ -412,3 +412,4 @@
 4d0807934c302f2e35e6a5acc6cdc720c82b5671 jdk7u51-b13
 dabd37b7e2950b42c1c9550caea26522348cd7b4 icedtea-2.4.5
 06eeb77dac248eb62fed00aa25f9f9fa9b4df210 icedtea-2.4.6pre01
+06eeb77dac248eb62fed00aa25f9f9fa9b4df210 icedtea-2.4.6

From andrew at icedtea.classpath.org  Fri Mar 28 12:30:29 2014
From: andrew at icedtea.classpath.org (andrew at icedtea.classpath.org)
Date: Fri, 28 Mar 2014 12:30:29 +0000
Subject: /hg/release/icedtea7-forest-2.4/jdk: Added tag icedtea-2.4.6 for...
Message-ID: <hg.a1fe933e5be6.1396009829.9040506844232929411@icedtea.classpath.org>

changeset a1fe933e5be6 in /hg/release/icedtea7-forest-2.4/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.4/jdk?cmd=changeset;node=a1fe933e5be6
author: andrew
date: Wed Mar 26 16:01:18 2014 +0000

	Added tag icedtea-2.4.6 for changeset b5282042aae0


diffstat:

 .hgtags |  1 +
 1 files changed, 1 insertions(+), 0 deletions(-)

diffs (8 lines):

diff -r b5282042aae0 -r a1fe933e5be6 .hgtags
--- a/.hgtags	Fri Mar 21 17:48:59 2014 +0000
+++ b/.hgtags	Wed Mar 26 16:01:18 2014 +0000
@@ -403,3 +403,4 @@
 d19a89fdfb9b959b8638441d9d396685d6c7ab7b jdk7u51-b13
 9db88c18e114006dc242d1ba31683cbdb6151a5d icedtea-2.4.5
 f582aad1fce8fe3410728dd40778dbde12f63beb icedtea-2.4.6pre01
+b5282042aae07c3f9b6fed8879b3db7352556286 icedtea-2.4.6

From andrew at icedtea.classpath.org  Fri Mar 28 12:31:21 2014
From: andrew at icedtea.classpath.org (andrew at icedtea.classpath.org)
Date: Fri, 28 Mar 2014 12:31:21 +0000
Subject: /hg/release/icedtea7-2.3: 7 new changesets
Message-ID: <hg.c412c251e4c0.1396009881.5789328834432805219@icedtea.classpath.org>

changeset c412c251e4c0 in /hg/release/icedtea7-2.3
details: http://icedtea.classpath.org/hg/release/icedtea7-2.3?cmd=changeset;node=c412c251e4c0
author: Andrew John Hughes <gnu_andrew at member.fsf.org>
date: Wed Mar 26 14:45:38 2014 +0000

	Prepare for 2.3.14 release cycle.

	2014-03-26  Andrew John Hughes  <gnu.andrew at member.fsf.org>

		* NEWS: Set release date to today.
		* configure.ac: Set to 2.3.14.


changeset 92ea9fe53505 in /hg/release/icedtea7-2.3
details: http://icedtea.classpath.org/hg/release/icedtea7-2.3?cmd=changeset;node=92ea9fe53505
author: Andrew John Hughes <gnu_andrew at member.fsf.org>
date: Wed Mar 26 23:23:37 2014 +0000

	Include zero patches directory in tarball and backport post-7023639 ARM32 JIT patch.

	2014-03-26  Andrew John Hughes  <gnu.andrew at member.fsf.org>

		* Makefile.am:
		(ICEDTEA_PATCHES): Add ARM hs24 support patch.
		(EXTRA_DIST): Include zero patches directory.
		* NEWS: Mention PR1626.
		* patches/zero/arm-7023639.patch: Backport of
		most of PR1626, as applicable to hs23 +
		S7023639.


changeset 531847dfec6f in /hg/release/icedtea7-2.3
details: http://icedtea.classpath.org/hg/release/icedtea7-2.3?cmd=changeset;node=531847dfec6f
author: Andrew John Hughes <gnu_andrew at member.fsf.org>
date: Thu Mar 27 03:50:20 2014 +0000

	Perform configure checks using ecj.jar if native ecj is enabled.

	2014-03-26  Andrew John Hughes  <gnu.andrew at member.fsf.org>

		Perform configure checks using ecj.jar
		if native ecj is enabled.
		* Makefile.am:
		(native-ecj): Link against gcj explicitly.
		* acinclude.m4:
		(IT_FIND_COMPILER): Run IT_WITH_GCJ
		and set JAVAC to an invocation of the ECJ_JAR
		if native ecj is used. Depend on IT_FIND_JAVA
		and IT_FIND_ECJ_JAR for this.
		(IT_FIND_ECJ_JAR): Define only once.
		(IT_WITH_GCJ): Likewise.
		(IT_DIAMOND_CHECK): Depend on IT_CHECK_JAVA_AND_JAVAC_WORK.
		* configure.ac: Remove invocation of IT_WITH_GCJ.


changeset ed2108ad126a in /hg/release/icedtea7-2.3
details: http://icedtea.classpath.org/hg/release/icedtea7-2.3?cmd=changeset;node=ed2108ad126a
author: Andrew John Hughes <gnu_andrew at member.fsf.org>
date: Thu Mar 27 04:19:17 2014 +0000

	Allow JSR292 patches to be turned on or off, independently of Zero.

	2014-03-26  Andrew John Hughes  <gnu.andrew at member.fsf.org>

		* patches/zero/7023639-8000780-jsr292_fast_path.patch,
		* patches/zero/7192406-exact_return_type_info.patch,
		* patches/zero/7196242-loopsandthreads_crashed.patch,
		* patches/zero/7200949-jruby_fail.patch,
		* patches/zero/8029507-jvm_method_processing.patch,
		* patches/zero/arm-7023639.patch: Move patches to...
		* INSTALL: Document --enable-jsr292-update.
		* Makefile.am:
		(ICEDTEA_PATCHES): Fix path to JSR292 patches and
		enable if JSR292 update option is on, rather than tying
		the patches to Zero.
		(EXTRA_DIST): Update path to JSR292 patches.
		* acinclude.m4:
		(IT_ENABLE_ARM32JIT): Fix text regarding default.
		(IT_ENABLE_JSR292_UPDATE): Turn on or off the JSR292 patches.
		They are on by default if building Zero without the ARM32 JIT.
		* configure.ac: Replace invocation of IT_ENABLE_ARM32JIT with
		IT_ENABLE_JSR292_UPDATE (which depends on the former).
		* patches/jsr292/7023639-8000780-jsr292_fast_path.patch,
		* patches/jsr292/7192406-exact_return_type_info.patch,
		* patches/jsr292/7196242-loopsandthreads_crashed.patch,
		* patches/jsr292/7200949-jruby_fail.patch,
		* patches/jsr292/8029507-jvm_method_processing.patch,
		* patches/jsr292/arm-7023639.patch: ... here.


changeset ecb7a4569122 in /hg/release/icedtea7-2.3
details: http://icedtea.classpath.org/hg/release/icedtea7-2.3?cmd=changeset;node=ecb7a4569122
author: Andrew John Hughes <gnu_andrew at member.fsf.org>
date: Thu Mar 27 04:21:32 2014 +0000

	Update NEWS with recent changes.

	2014-03-26  Andrew John Hughes  <gnu.andrew at member.fsf.org>

		* NEWS: Update with recent changes.


changeset 0d41c744e17e in /hg/release/icedtea7-2.3
details: http://icedtea.classpath.org/hg/release/icedtea7-2.3?cmd=changeset;node=0d41c744e17e
author: Andrew John Hughes <gnu_andrew at member.fsf.org>
date: Fri Mar 28 12:07:01 2014 +0000

	Update release date.

	2014-03-28  Andrew John Hughes  <gnu.andrew at member.fsf.org>

		* NEWS: Update release date.


changeset 8a7b22cf755e in /hg/release/icedtea7-2.3
details: http://icedtea.classpath.org/hg/release/icedtea7-2.3?cmd=changeset;node=8a7b22cf755e
author: Andrew John Hughes <gnu_andrew at member.fsf.org>
date: Fri Mar 28 12:31:02 2014 +0000

	Added tag icedtea-2.3.14 for changeset 0d41c744e17e


diffstat:

 .hgtags                                               |      1 +
 ChangeLog                                             |     66 +
 INSTALL                                               |      1 +
 Makefile.am                                           |     16 +-
 NEWS                                                  |     16 +-
 acinclude.m4                                          |     48 +-
 configure.ac                                          |      5 +-
 patches/jsr292/7023639-8000780-jsr292_fast_path.patch |  28468 ++++++++++++++++
 patches/jsr292/7192406-exact_return_type_info.patch   |    660 +
 patches/jsr292/7196242-loopsandthreads_crashed.patch  |    124 +
 patches/jsr292/7200949-jruby_fail.patch               |   1045 +
 patches/jsr292/8029507-jvm_method_processing.patch    |    215 +
 patches/jsr292/arm-7023639.patch                      |    361 +
 patches/zero/7023639-8000780-jsr292_fast_path.patch   |  28468 ----------------
 patches/zero/7192406-exact_return_type_info.patch     |    660 -
 patches/zero/7196242-loopsandthreads_crashed.patch    |    124 -
 patches/zero/7200949-jruby_fail.patch                 |   1045 -
 patches/zero/8029507-jvm_method_processing.patch      |    215 -
 18 files changed, 31006 insertions(+), 30532 deletions(-)

diffs (truncated from 61728 to 500 lines):

diff -r 2413c19a0afe -r 8a7b22cf755e .hgtags
--- a/.hgtags	Tue Mar 25 15:37:38 2014 +0000
+++ b/.hgtags	Fri Mar 28 12:31:02 2014 +0000
@@ -50,3 +50,4 @@
 05dd3f8c99d9f7682f2913105e0dbfca1d54574c icedtea-2.3.11
 15f12a7b52afd256dab7f6eb91050714e33871a9 icedtea-2.3.12
 1ced129674a58a8dec5ce2ceb11d8dd6407aa2af icedtea-2.3.13
+0d41c744e17e10b26e7ef4b2311b2cce531c0271 icedtea-2.3.14
diff -r 2413c19a0afe -r 8a7b22cf755e ChangeLog
--- a/ChangeLog	Tue Mar 25 15:37:38 2014 +0000
+++ b/ChangeLog	Fri Mar 28 12:31:02 2014 +0000
@@ -1,3 +1,69 @@
+2014-03-28  Andrew John Hughes  <gnu.andrew at member.fsf.org>
+
+	* NEWS: Update release date.
+
+2014-03-26  Andrew John Hughes  <gnu.andrew at member.fsf.org>
+
+	* NEWS: Update with recent changes.
+
+2014-03-26  Andrew John Hughes  <gnu.andrew at member.fsf.org>
+
+	* patches/zero/7023639-8000780-jsr292_fast_path.patch,
+	* patches/zero/7192406-exact_return_type_info.patch,
+	* patches/zero/7196242-loopsandthreads_crashed.patch,
+	* patches/zero/7200949-jruby_fail.patch,
+	* patches/zero/8029507-jvm_method_processing.patch,
+	* patches/zero/arm-7023639.patch: Move patches to...
+	* INSTALL: Document --enable-jsr292-update.
+	* Makefile.am:
+	(ICEDTEA_PATCHES): Fix path to JSR292 patches and
+	enable if JSR292 update option is on, rather than tying
+	the patches to Zero.
+	(EXTRA_DIST): Update path to JSR292 patches.
+	* acinclude.m4:
+	(IT_ENABLE_ARM32JIT): Fix text regarding default.
+	(IT_ENABLE_JSR292_UPDATE): Turn on or off the JSR292 patches.
+	They are on by default if building Zero without the ARM32 JIT.
+	* configure.ac: Replace invocation of IT_ENABLE_ARM32JIT with
+	IT_ENABLE_JSR292_UPDATE (which depends on the former).
+	* patches/jsr292/7023639-8000780-jsr292_fast_path.patch,
+	* patches/jsr292/7192406-exact_return_type_info.patch,
+	* patches/jsr292/7196242-loopsandthreads_crashed.patch,
+	* patches/jsr292/7200949-jruby_fail.patch,
+	* patches/jsr292/8029507-jvm_method_processing.patch,
+	* patches/jsr292/arm-7023639.patch: ... here.
+
+2014-03-26  Andrew John Hughes  <gnu.andrew at member.fsf.org>
+
+	Perform configure checks using ecj.jar
+	if native ecj is enabled.
+	* Makefile.am:
+	(native-ecj): Link against gcj explicitly.
+	* acinclude.m4:
+	(IT_FIND_COMPILER): Run IT_WITH_GCJ
+	and set JAVAC to an invocation of the ECJ_JAR
+	if native ecj is used. Depend on IT_FIND_JAVA
+	and IT_FIND_ECJ_JAR for this.
+	(IT_FIND_ECJ_JAR): Define only once.
+	(IT_WITH_GCJ): Likewise.
+	(IT_DIAMOND_CHECK): Depend on IT_CHECK_JAVA_AND_JAVAC_WORK.
+	* configure.ac: Remove invocation of IT_WITH_GCJ.
+
+2014-03-26  Andrew John Hughes  <gnu.andrew at member.fsf.org>
+
+	* Makefile.am:
+	(ICEDTEA_PATCHES): Add ARM hs24 support patch.
+	(EXTRA_DIST): Include zero patches directory.
+	* NEWS: Mention PR1626.
+	* patches/zero/arm-7023639.patch: Backport of
+	most of PR1626, as applicable to hs23 +
+	S7023639.
+
+2014-03-26  Andrew John Hughes  <gnu.andrew at member.fsf.org>
+
+	* NEWS: Set release date to today.
+	* configure.ac: Set to 2.3.14.
+
 2014-03-24  Andrew John Hughes  <gnu.andrew at member.fsf.org>
 
 	* NEWS: Updated.
diff -r 2413c19a0afe -r 8a7b22cf755e INSTALL
--- a/INSTALL	Tue Mar 25 15:37:38 2014 +0000
+++ b/INSTALL	Fri Mar 28 12:31:02 2014 +0000
@@ -176,6 +176,7 @@
 * --enable-Werror: Turn gcc & javac warnings into errors.
 * --disable-jar-compression: Don't compress the OpenJDK JAR files.
 * --disable-downloading: Don't download tarballs if not available; fail instead.
+* --enable-jsr292-update: Patch OpenJDK sources with a backport of S7023639 and associated patches.
 
 Other options may be supplied which enable or disable new features.
 These are documented fully in the relevant section below.
diff -r 2413c19a0afe -r 8a7b22cf755e Makefile.am
--- a/Makefile.am	Tue Mar 25 15:37:38 2014 +0000
+++ b/Makefile.am	Fri Mar 28 12:31:02 2014 +0000
@@ -310,13 +310,14 @@
 ICEDTEA_PATCHES += patches/nss-not-enabled-config.patch
 endif
 
-if ZERO_BUILD
+if ENABLE_JSR292
 ICEDTEA_PATCHES += \
-	patches/zero/7023639-8000780-jsr292_fast_path.patch \
-	patches/zero/7196242-loopsandthreads_crashed.patch \
-	patches/zero/7192406-exact_return_type_info.patch \
-	patches/zero/7200949-jruby_fail.patch \
-	patches/zero/8029507-jvm_method_processing.patch
+	patches/jsr292/7023639-8000780-jsr292_fast_path.patch \
+	patches/jsr292/7196242-loopsandthreads_crashed.patch \
+	patches/jsr292/7192406-exact_return_type_info.patch \
+	patches/jsr292/7200949-jruby_fail.patch \
+	patches/jsr292/8029507-jvm_method_processing.patch \
+	patches/jsr292/arm-7023639.patch
 endif
 
 ICEDTEA_PATCHES += $(DISTRIBUTION_PATCHES)
@@ -778,6 +779,7 @@
 	$(top_srcdir)/patches/boot/*.patch \
 	$(top_srcdir)/patches/cacao/*.patch \
 	$(top_srcdir)/patches/jamvm/*.patch \
+	$(top_srcdir)/patches/jsr292/*.patch \
 	tools-copy contrib overlays \
 	javaws.png javaws.desktop \
 	jconsole.desktop policytool.desktop \
@@ -1607,7 +1609,7 @@
 	mkdir -p stamps 
 if BUILD_NATIVE_ECJ
 	${GCJ} $(IT_CFLAGS) -Wl,-Bsymbolic -findirect-dispatch -o native-ecj \
-	    --main=org.eclipse.jdt.internal.compiler.batch.Main ${ECJ_JAR}
+	    --main=org.eclipse.jdt.internal.compiler.batch.Main -lgcj ${ECJ_JAR}
 endif
 	touch $@
 
diff -r 2413c19a0afe -r 8a7b22cf755e NEWS
--- a/NEWS	Tue Mar 25 15:37:38 2014 +0000
+++ b/NEWS	Fri Mar 28 12:31:02 2014 +0000
@@ -10,20 +10,20 @@
 
 CVE-XXXX-YYYY: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=XXXX-YYYY
 
-New in release 2.3.14 (2014-01-XX):
+New in release 2.3.14 (2014-03-28):
 
 * Security fixes
-  - S7023639, CVE-2013-5838: JSR 292 method handle invocation needs a fast path for compiled code (Zero only)
-  - S8029507, CVE-2013-5893: Enhance JVM method processing (Zero only)
+  - S7023639, CVE-2013-5838: JSR 292 method handle invocation needs a fast path for compiled code (JSR292 update only)
+  - S8029507, CVE-2013-5893: Enhance JVM method processing (JSR292 update only)
 * Backports
   - S7024118: possible hardcoded mnemonic for JFileChooser metal and motif l&f
   - S7032018: The file list in JFileChooser does not have an accessible name
   - S7032436: When running with the Nimbus look and feel, the JFileChooser does not display mnemonics
   - S7151089: PS NUMA: NUMA allocator should not attempt to free pages when using SHM large pages
-  - S7192406: JSR 292: C2 needs exact return type information for invokedynamic and invokehandle call sites (Zero only)
-  - S7196242: vm/mlvm/indy/stress/java/loopsAndThreads crashed (Zero only)
-  - S7200949: JSR 292: rubybench/bench/time/bench_base64.rb fails with jruby.jar not on boot class path (Zero only)
-  - S8000780: make Zero build and run with JDK8 (Zero only)
+  - S7192406: JSR 292: C2 needs exact return type information for invokedynamic and invokehandle call sites (JSR292 update only)
+  - S7196242: vm/mlvm/indy/stress/java/loopsAndThreads crashed (JSR292 update only)
+  - S7200949: JSR 292: rubybench/bench/time/bench_base64.rb fails with jruby.jar not on boot class path (JSR292 update only)
+  - S8000780: make Zero build and run with JDK8 (JSR292 update only)
   - S8008764: 7uX l10n resource file translation update
   - S8009062: poor performance of JNI AttachCurrentThread after fix for 7017193
   - S8013057: assert(_needs_gc || SafepointSynchronize::is_at_safepoint()) failed: only read at safepoint
@@ -53,6 +53,7 @@
   - S8035893: JVM_GetVersionInfo fails to zero structure
 * Bug fixes
   - Fix broken bootstrap build by updating ecj-multicatch.patch
+  - PR1626: ARM32 assembler update for hsx24 (JSR292 update only)
   - PR1654: ppc32 needs a larger ThreadStackSize to build
   - PR1677, G498288: Update PaX support to detect running PaX kernel and use newer tools
   - PR1679: Allow OpenJDK to build on PaX-enabled kernels
@@ -60,6 +61,7 @@
   - Re-enable the 'gamma' test at the end of the HotSpot build, but only for HotSpot based bootstrap JDKs.
   - RH1015432: java-1.7.0-openjdk: Fails on PPC with StackOverflowError (revised fix)
   - RH910107: fail to load PC/SC library
+  - Perform configure checks using ecj.jar when --with-gcj (native ecj build) is enabled.
 * New features
   - PR1653: Support ppc64le via Zero
 * ARM port
diff -r 2413c19a0afe -r 8a7b22cf755e acinclude.m4
--- a/acinclude.m4	Tue Mar 25 15:37:38 2014 +0000
+++ b/acinclude.m4	Fri Mar 28 12:31:02 2014 +0000
@@ -119,9 +119,17 @@
 
 AC_DEFUN([IT_FIND_COMPILER],
 [
+  AC_REQUIRE([IT_FIND_JAVA])
+  AC_REQUIRE([IT_FIND_ECJ_JAR])
+
   IT_FIND_JAVAC
   IT_FIND_ECJ
   IT_USING_ECJ
+  IT_WITH_GCJ
+  
+  if test x"${GCJ}" != xno ; then
+    JAVAC="${JAVA} -classpath ${ECJ_JAR} org.eclipse.jdt.internal.compiler.batch.Main"
+  fi
 
   AC_SUBST(ECJ)
   AC_SUBST(JAVAC)
@@ -308,7 +316,7 @@
   AM_CONDITIONAL([SRC_DIR_HARDLINKABLE], test x"${it_cv_hardlink_src}" = "xyes")
 ])
 
-AC_DEFUN([IT_FIND_ECJ_JAR],
+AC_DEFUN_ONCE([IT_FIND_ECJ_JAR],
 [
   AC_MSG_CHECKING([for an ecj JAR file])
   AC_ARG_WITH([ecj-jar],
@@ -904,7 +912,7 @@
   AM_CONDITIONAL([USE_JDK7], test x"${project}" = "xjdk7")
 ])
 
-AC_DEFUN([IT_WITH_GCJ],
+AC_DEFUN_ONCE([IT_WITH_GCJ],
 [
   AC_MSG_CHECKING([whether to compile ecj natively])
   AC_ARG_WITH([gcj],
@@ -1746,6 +1754,7 @@
 ])
 
 AC_DEFUN([IT_DIAMOND_CHECK],[
+  AC_REQUIRE([IT_CHECK_JAVA_AND_JAVAC_WORK])
   AC_CACHE_CHECK([if javac lacks support for the diamond operator], it_cv_diamond, [
   CLASS=Test.java
   BYTECODE=$(echo $CLASS|sed 's#\.java##')
@@ -2499,7 +2508,7 @@
 [
   AC_MSG_CHECKING([whether to enable the ARM32 JIT])
   AC_ARG_ENABLE([arm32-jit],
-                [AS_HELP_STRING(--enable-arm32-jit,build with the ARM32 JIT [[default=no]])],
+                [AS_HELP_STRING(--enable-arm32-jit,build with the ARM32 JIT [[default=yes]])],
   [
     case "${enableval}" in
       yes)
@@ -2516,3 +2525,36 @@
   AC_MSG_RESULT([$enable_arm32jit])
   AM_CONDITIONAL([ENABLE_ARM32JIT], test x"${enable_arm32jit}" = "xyes")
 ])
+
+AC_DEFUN([IT_ENABLE_JSR292_UPDATE],
+[
+  AC_REQUIRE([IT_SET_ARCH_SETTINGS])
+  AC_REQUIRE([IT_ENABLE_ZERO_BUILD])
+  AC_REQUIRE([IT_ENABLE_ARM32JIT])
+  AC_MSG_CHECKING([whether to enable the JSR292 update in 7023639])
+  AC_ARG_ENABLE([jsr292-update],
+                [AS_HELP_STRING(--enable-jsr292-update,build with the JSR292 update [[default=yes for zero]])],
+  [
+    case "${enableval}" in
+      yes)
+        enable_jsr292=yes
+        ;;
+      *)
+        enable_jsr292=no
+        ;;
+    esac
+  ],
+  [
+    if test "x${use_zero}" = xyes; then
+      if test "x${JRE_ARCH_DIR}" = xarm -a "x${enable_arm32jit}" = "xyes"; then
+        enable_jsr292=no;
+      else
+        enable_jsr292=yes;
+      fi
+    else
+      enable_jsr292=no;
+    fi
+  ])
+  AC_MSG_RESULT([$enable_jsr292])
+  AM_CONDITIONAL([ENABLE_JSR292], test x"${enable_jsr292}" = "xyes")
+])
diff -r 2413c19a0afe -r 8a7b22cf755e configure.ac
--- a/configure.ac	Tue Mar 25 15:37:38 2014 +0000
+++ b/configure.ac	Fri Mar 28 12:31:02 2014 +0000
@@ -1,4 +1,4 @@
-AC_INIT([icedtea], [2.3.14pre], [distro-pkg-dev at openjdk.java.net])
+AC_INIT([icedtea], [2.3.14], [distro-pkg-dev at openjdk.java.net])
 AM_INIT_AUTOMAKE([1.9 tar-pax foreign])
 AC_CONFIG_FILES([Makefile])
 
@@ -43,7 +43,6 @@
 IT_CHECK_FOR_MERCURIAL
 IT_OBTAIN_HG_REVISIONS
 AC_PATH_TOOL([LSB_RELEASE],[lsb_release])
-IT_WITH_GCJ
 IT_WITH_HOTSPOT_BUILD
 AC_PATH_TOOL([LINUX32],[linux32])
 IT_CHECK_GCC_VERSION
@@ -181,7 +180,7 @@
 IT_ENABLE_JAR_COMPRESSION
 IT_SET_SHARK_BUILD
 IT_CHECK_ADDITIONAL_VMS
-IT_ENABLE_ARM32JIT
+IT_ENABLE_JSR292_UPDATE
 
 IT_WITH_VERSION_SUFFIX
 IT_WITH_PROJECT
diff -r 2413c19a0afe -r 8a7b22cf755e patches/jsr292/7023639-8000780-jsr292_fast_path.patch
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/patches/jsr292/7023639-8000780-jsr292_fast_path.patch	Fri Mar 28 12:31:02 2014 +0000
@@ -0,0 +1,28468 @@
+# HG changeset patch
+# User andrew
+# Date 1391696693 0
+#      Thu Feb 06 14:24:53 2014 +0000
+# Node ID 19ac51ce4be77e6895816f9823bce63a72392e89
+# Parent  3442eb7ef2d216d6bf655d537929a2d31a76a321
+7023639: JSR 292 method handle invocation needs a fast path for compiled code
+6984705: JSR 292 method handle creation should not go through JNI
+Summary: remove assembly code for JDK 7 chained method handles
+Reviewed-by: jrose, twisti, kvn, mhaupt
+Contributed-by: John Rose <john.r.rose at oracle.com>, Christian Thalinger <christian.thalinger at oracle.com>, Michael Haupt <michael.haupt at oracle.com>
+
+8000780: [Backport from jdk8] Fix zero fail to build in icedtea7-head.
+Summary: Update Zero in icedtea7 to use the hsx24 b25+ java level MLVM
+         hooks (MLVM Lazy) now in jdk8 and jdk7u-dev head.
+Reviewed-by: rkennke ( Roman Kenbke )
+
+diff -r 3442eb7ef2d2 -r 19ac51ce4be7 agent/src/share/classes/sun/jvm/hotspot/code/CodeBlob.java
+--- openjdk/hotspot/agent/src/share/classes/sun/jvm/hotspot/code/CodeBlob.java	Tue Jan 14 20:24:44 2014 -0500
++++ openjdk/hotspot/agent/src/share/classes/sun/jvm/hotspot/code/CodeBlob.java	Thu Feb 06 14:24:53 2014 +0000
+@@ -93,7 +93,6 @@
+   public boolean isUncommonTrapStub()   { return false; }
+   public boolean isExceptionStub()      { return false; }
+   public boolean isSafepointStub()      { return false; }
+-  public boolean isRicochetBlob()       { return false; }
+   public boolean isAdapterBlob()        { return false; }
+ 
+   // Fine grain nmethod support: isNmethod() == isJavaMethod() || isNativeMethod() || isOSRMethod()
+diff -r 3442eb7ef2d2 -r 19ac51ce4be7 agent/src/share/classes/sun/jvm/hotspot/code/CodeCache.java
+--- openjdk/hotspot/agent/src/share/classes/sun/jvm/hotspot/code/CodeCache.java	Tue Jan 14 20:24:44 2014 -0500
++++ openjdk/hotspot/agent/src/share/classes/sun/jvm/hotspot/code/CodeCache.java	Thu Feb 06 14:24:53 2014 +0000
+@@ -57,7 +57,6 @@
+     virtualConstructor.addMapping("BufferBlob", BufferBlob.class);
+     virtualConstructor.addMapping("nmethod", NMethod.class);
+     virtualConstructor.addMapping("RuntimeStub", RuntimeStub.class);
+-    virtualConstructor.addMapping("RicochetBlob", RicochetBlob.class);
+     virtualConstructor.addMapping("AdapterBlob", AdapterBlob.class);
+     virtualConstructor.addMapping("MethodHandlesAdapterBlob", MethodHandlesAdapterBlob.class);
+     virtualConstructor.addMapping("SafepointBlob", SafepointBlob.class);
+@@ -127,10 +126,6 @@
+       Assert.that(result.blobContains(start) || result.blobContains(start.addOffsetTo(8)),
+                                                                     "found wrong CodeBlob");
+     }
+-    if (result.isRicochetBlob()) {
+-      // This should probably be done for other SingletonBlobs
+-      return VM.getVM().ricochetBlob();
+-    }
+     return result;
+   }
+ 
+diff -r 3442eb7ef2d2 -r 19ac51ce4be7 agent/src/share/classes/sun/jvm/hotspot/code/RicochetBlob.java
+--- openjdk/hotspot/agent/src/share/classes/sun/jvm/hotspot/code/RicochetBlob.java	Tue Jan 14 20:24:44 2014 -0500
++++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
+@@ -1,70 +0,0 @@
+-/*
+- * Copyright (c) 2011, Oracle and/or its affiliates. All rights reserved.
+- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+- *
+- * This code is free software; you can redistribute it and/or modify it
+- * under the terms of the GNU General Public License version 2 only, as
+- * published by the Free Software Foundation.
+- *
+- * This code is distributed in the hope that it will be useful, but WITHOUT
+- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+- * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+- * version 2 for more details (a copy is included in the LICENSE file that
+- * accompanied this code).
+- *
+- * You should have received a copy of the GNU General Public License version
+- * 2 along with this work; if not, write to the Free Software Foundation,
+- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+- *
+- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+- * or visit www.oracle.com if you need additional information or have any
+- * questions.
+- *
+- */
+-
+-package sun.jvm.hotspot.code;
+-
+-import java.util.*;
+-import sun.jvm.hotspot.debugger.*;
+-import sun.jvm.hotspot.runtime.*;
+-import sun.jvm.hotspot.types.*;
+-
+-/** RicochetBlob (currently only used by Compiler 2) */
+-
+-public class RicochetBlob extends SingletonBlob {
+-  static {
+-    VM.registerVMInitializedObserver(new Observer() {
+-        public void update(Observable o, Object data) {
+-          initialize(VM.getVM().getTypeDataBase());
+-        }
+-      });
+-  }
+-
+-  private static void initialize(TypeDataBase db) {
+-    Type type = db.lookupType("RicochetBlob");
+-
+-    bounceOffsetField                = type.getCIntegerField("_bounce_offset");
+-    exceptionOffsetField             = type.getCIntegerField("_exception_offset");
+-  }
+-
+-  private static CIntegerField bounceOffsetField;
+-  private static CIntegerField exceptionOffsetField;
+-
+-  public RicochetBlob(Address addr) {
+-    super(addr);
+-  }
+-
+-  public boolean isRicochetBlob() {
+-    return true;
+-  }
+-
+-  public Address bounceAddr() {
+-    return codeBegin().addOffsetTo(bounceOffsetField.getValue(addr));
+-  }
+-
+-  public boolean returnsToBounceAddr(Address pc) {
+-    Address bouncePc = bounceAddr();
+-    return (pc.equals(bouncePc) || pc.addOffsetTo(Frame.pcReturnOffset()).equals(bouncePc));
+-  }
+-
+-}
+diff -r 3442eb7ef2d2 -r 19ac51ce4be7 agent/src/share/classes/sun/jvm/hotspot/runtime/Frame.java
+--- openjdk/hotspot/agent/src/share/classes/sun/jvm/hotspot/runtime/Frame.java	Tue Jan 14 20:24:44 2014 -0500
++++ openjdk/hotspot/agent/src/share/classes/sun/jvm/hotspot/runtime/Frame.java	Thu Feb 06 14:24:53 2014 +0000
+@@ -147,12 +147,6 @@
+     }
+   }
+ 
+-  public boolean isRicochetFrame() {
+-    CodeBlob cb = VM.getVM().getCodeCache().findBlob(getPC());
+-    RicochetBlob rcb = VM.getVM().ricochetBlob();
+-    return (cb == rcb && rcb != null && rcb.returnsToBounceAddr(getPC()));
+-  }
+-
+   public boolean isCompiledFrame() {
+     if (Assert.ASSERTS_ENABLED) {
+       Assert.that(!VM.getVM().isCore(), "noncore builds only");
+@@ -216,8 +210,7 @@
+   public Frame realSender(RegisterMap map) {
+     if (!VM.getVM().isCore()) {
+       Frame result = sender(map);
+-      while (result.isRuntimeFrame() ||
+-             result.isRicochetFrame()) {
++      while (result.isRuntimeFrame()) {
+         result = result.sender(map);
+       }
+       return result;
+@@ -631,9 +624,6 @@
+     if (Assert.ASSERTS_ENABLED) {
+       Assert.that(cb != null, "sanity check");
+     }
+-    if (cb == VM.getVM().ricochetBlob()) {
+-      oopsRicochetDo(oopVisitor, regMap);
+-    }
+     if (cb.getOopMaps() != null) {
+       OopMapSet.oopsDo(this, cb, regMap, oopVisitor, VM.getVM().isDebugging());
+ 
+@@ -650,10 +640,6 @@
+     //    }
+   }
+ 
+-  private void oopsRicochetDo      (AddressVisitor oopVisitor, RegisterMap regMap) {
+-    // XXX Empty for now
+-  }
+-
+   // FIXME: implement the above routines, plus add
+   // oops_interpreted_arguments_do and oops_compiled_arguments_do
+ }
+diff -r 3442eb7ef2d2 -r 19ac51ce4be7 agent/src/share/classes/sun/jvm/hotspot/runtime/VM.java
+--- openjdk/hotspot/agent/src/share/classes/sun/jvm/hotspot/runtime/VM.java	Tue Jan 14 20:24:44 2014 -0500
++++ openjdk/hotspot/agent/src/share/classes/sun/jvm/hotspot/runtime/VM.java	Thu Feb 06 14:24:53 2014 +0000
+@@ -87,8 +87,6 @@
+   private StubRoutines stubRoutines;
+   private Bytes        bytes;
+ 
+-  private RicochetBlob ricochetBlob;
+-
+   /** Flags indicating whether we are attached to a core, C1, or C2 build */
+   private boolean      usingClientCompiler;
+   private boolean      usingServerCompiler;
+@@ -628,18 +626,6 @@
+     return stubRoutines;
+   }
+ 
+-  public RicochetBlob ricochetBlob() {
+-    if (ricochetBlob == null) {
+-      Type ricochetType  = db.lookupType("SharedRuntime");
+-      AddressField ricochetBlobAddress = ricochetType.getAddressField("_ricochet_blob");
+-      Address addr = ricochetBlobAddress.getValue();
+-      if (addr != null) {
+-        ricochetBlob = new RicochetBlob(addr);
+-      }
+-    }
+-    return ricochetBlob;

From bugzilla-daemon at icedtea.classpath.org  Fri Mar 28 12:31:32 2014
From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org)
Date: Fri, 28 Mar 2014 12:31:32 +0000
Subject: [Bug 1626] icedtea7-zero fails to build on ARM
In-Reply-To: <bug-1626-30@http.icedtea.classpath.org/bugzilla/>
References: <bug-1626-30@http.icedtea.classpath.org/bugzilla/>
Message-ID: <bug-1626-30-OD5UrnAV3F@http.icedtea.classpath.org/bugzilla/>

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1626

--- Comment #5 from hg commits <mercurial at icedtea.classpath.org> ---
details:
http://icedtea.classpath.org//hg/release/icedtea7-2.3?cmd=changeset;node=92ea9fe53505
author: Andrew John Hughes <gnu_andrew at member.fsf.org>
date: Wed Mar 26 23:23:37 2014 +0000

    Include zero patches directory in tarball and backport post-7023639 ARM32
JIT patch.

    2014-03-26  Andrew John Hughes  <gnu.andrew at member.fsf.org>

        * Makefile.am:
        (ICEDTEA_PATCHES): Add ARM hs24 support patch.
        (EXTRA_DIST): Include zero patches directory.
        * NEWS: Mention PR1626.
        * patches/zero/arm-7023639.patch: Backport of
        most of PR1626, as applicable to hs23 +
        S7023639.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140328/6fa2ce80/attachment-0001.html>

From andrew at icedtea.classpath.org  Fri Mar 28 12:42:52 2014
From: andrew at icedtea.classpath.org (andrew at icedtea.classpath.org)
Date: Fri, 28 Mar 2014 12:42:52 +0000
Subject: /hg/release/icedtea7-forest-2.3: Added tag icedtea-2.3.14 for ch...
Message-ID: <hg.4ed28c8bebe9.1396010572.-6425493795253247648@icedtea.classpath.org>

changeset 4ed28c8bebe9 in /hg/release/icedtea7-forest-2.3
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3?cmd=changeset;node=4ed28c8bebe9
author: andrew
date: Fri Mar 28 12:42:02 2014 +0000

	Added tag icedtea-2.3.14 for changeset 14181eb6c00d


diffstat:

 .hgtags |  1 +
 1 files changed, 1 insertions(+), 0 deletions(-)

diffs (8 lines):

diff -r 14181eb6c00d -r 4ed28c8bebe9 .hgtags
--- a/.hgtags	Wed Feb 19 21:07:59 2014 +0000
+++ b/.hgtags	Fri Mar 28 12:42:02 2014 +0000
@@ -304,3 +304,4 @@
 2197dde877124579204c5266fa9d89166760b44f jdk7u25-b15
 9846c505054fb91762f3fd9b817d1a9760322029 jdk7u25-b30
 2ce335eb4926b0c7b59098159f33d452e8bf2d95 icedtea-2.3.13
+14181eb6c00d4806337559762ff598b425299c6a icedtea-2.3.14

From andrew at icedtea.classpath.org  Fri Mar 28 12:42:58 2014
From: andrew at icedtea.classpath.org (andrew at icedtea.classpath.org)
Date: Fri, 28 Mar 2014 12:42:58 +0000
Subject: /hg/release/icedtea7-forest-2.3/corba: Added tag icedtea-2.3.14 ...
Message-ID: <hg.520d73cfba80.1396010578.-5398653327640076568@icedtea.classpath.org>

changeset 520d73cfba80 in /hg/release/icedtea7-forest-2.3/corba
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/corba?cmd=changeset;node=520d73cfba80
author: andrew
date: Fri Mar 28 12:40:08 2014 +0000

	Added tag icedtea-2.3.14 for changeset c7d0b72f704f


diffstat:

 .hgtags |  1 +
 1 files changed, 1 insertions(+), 0 deletions(-)

diffs (8 lines):

diff -r c7d0b72f704f -r 520d73cfba80 .hgtags
--- a/.hgtags	Thu Jan 23 23:19:18 2014 +0000
+++ b/.hgtags	Fri Mar 28 12:40:08 2014 +0000
@@ -306,3 +306,4 @@
 4fde7ac2ecf4b170022ebbf8a961e6dbb229ccab jdk7u25-b15
 f4bec833a24b20f5ae770d0650350fc8950c9dc0 jdk7u25-b30
 d07caee626d9964ed0a85b2ae825a8b88bac7b65 icedtea-2.3.13
+c7d0b72f704f71ae09a8c546072cb2756b03e408 icedtea-2.3.14

From andrew at icedtea.classpath.org  Fri Mar 28 12:43:05 2014
From: andrew at icedtea.classpath.org (andrew at icedtea.classpath.org)
Date: Fri, 28 Mar 2014 12:43:05 +0000
Subject: /hg/release/icedtea7-forest-2.3/jaxp: Added tag icedtea-2.3.14 f...
Message-ID: <hg.2d51fae92f97.1396010585.-8576357044606977631@icedtea.classpath.org>

changeset 2d51fae92f97 in /hg/release/icedtea7-forest-2.3/jaxp
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jaxp?cmd=changeset;node=2d51fae92f97
author: andrew
date: Fri Mar 28 12:40:09 2014 +0000

	Added tag icedtea-2.3.14 for changeset 0eb202593710


diffstat:

 .hgtags |  1 +
 1 files changed, 1 insertions(+), 0 deletions(-)

diffs (8 lines):

diff -r 0eb202593710 -r 2d51fae92f97 .hgtags
--- a/.hgtags	Fri Mar 21 19:37:44 2014 +0000
+++ b/.hgtags	Fri Mar 28 12:40:09 2014 +0000
@@ -306,3 +306,4 @@
 503f75b55b34ae22f43b2992b1e56c96e35a60de jdk7u25-b15
 8c35f2344beeb42e85d718e95813e6fdc2f0a605 jdk7u25-b30
 8bbd7289b29dd7222e6b273272f275316369c7b8 icedtea-2.3.13
+0eb20259371053f37ccebbd34fd205a432fc5913 icedtea-2.3.14

From andrew at icedtea.classpath.org  Fri Mar 28 12:43:12 2014
From: andrew at icedtea.classpath.org (andrew at icedtea.classpath.org)
Date: Fri, 28 Mar 2014 12:43:12 +0000
Subject: /hg/release/icedtea7-forest-2.3/jaxws: Added tag icedtea-2.3.14 ...
Message-ID: <hg.4d1188469bfd.1396010592.6608279449221239120@icedtea.classpath.org>

changeset 4d1188469bfd in /hg/release/icedtea7-forest-2.3/jaxws
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jaxws?cmd=changeset;node=4d1188469bfd
author: andrew
date: Fri Mar 28 12:40:11 2014 +0000

	Added tag icedtea-2.3.14 for changeset 482a3f64a8ea


diffstat:

 .hgtags |  1 +
 1 files changed, 1 insertions(+), 0 deletions(-)

diffs (8 lines):

diff -r 482a3f64a8ea -r 4d1188469bfd .hgtags
--- a/.hgtags	Thu Nov 21 11:15:32 2013 +0100
+++ b/.hgtags	Fri Mar 28 12:40:11 2014 +0000
@@ -306,3 +306,4 @@
 4a925430bf712d36abb78decda16e04da1b1f6bc jdk7u25-b15
 3ecf7ddefa035bc2c99b03b7a58a0dd0e97089c1 jdk7u25-b30
 9801349b6b812410ec8f3175697facb7cfa4fc5a icedtea-2.3.13
+482a3f64a8ea659e3c8a7db8b2dad708b50202a3 icedtea-2.3.14

From andrew at icedtea.classpath.org  Fri Mar 28 12:43:19 2014
From: andrew at icedtea.classpath.org (andrew at icedtea.classpath.org)
Date: Fri, 28 Mar 2014 12:43:19 +0000
Subject: /hg/release/icedtea7-forest-2.3/langtools: Added tag icedtea-2.3...
Message-ID: <hg.09ae96015a82.1396010599.3891785841192760046@icedtea.classpath.org>

changeset 09ae96015a82 in /hg/release/icedtea7-forest-2.3/langtools
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/langtools?cmd=changeset;node=09ae96015a82
author: andrew
date: Fri Mar 28 12:40:19 2014 +0000

	Added tag icedtea-2.3.14 for changeset d50a9c5cd291


diffstat:

 .hgtags |  1 +
 1 files changed, 1 insertions(+), 0 deletions(-)

diffs (8 lines):

diff -r d50a9c5cd291 -r 09ae96015a82 .hgtags
--- a/.hgtags	Tue Jan 14 20:24:46 2014 -0500
+++ b/.hgtags	Fri Mar 28 12:40:19 2014 +0000
@@ -306,3 +306,4 @@
 3b8323e24a636ac0638604d19fc116eb0eef6cdb jdk7u25-b15
 5d95c1e7c0913ad4bc0b5f0b559510d32557def2 jdk7u25-b30
 96fc7f35fbeda3e348b4c088c4b7307b2a72478a icedtea-2.3.13
+d50a9c5cd291b1cd4f5ea612bc6b1fb4e5aa443e icedtea-2.3.14

From andrew at icedtea.classpath.org  Fri Mar 28 12:43:26 2014
From: andrew at icedtea.classpath.org (andrew at icedtea.classpath.org)
Date: Fri, 28 Mar 2014 12:43:26 +0000
Subject: /hg/release/icedtea7-forest-2.3/hotspot: Added tag icedtea-2.3.1...
Message-ID: <hg.053505f331b0.1396010606.4308599361692689988@icedtea.classpath.org>

changeset 053505f331b0 in /hg/release/icedtea7-forest-2.3/hotspot
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/hotspot?cmd=changeset;node=053505f331b0
author: andrew
date: Fri Mar 28 12:40:21 2014 +0000

	Added tag icedtea-2.3.14 for changeset 72a544aeb892


diffstat:

 .hgtags |  1 +
 1 files changed, 1 insertions(+), 0 deletions(-)

diffs (8 lines):

diff -r 72a544aeb892 -r 053505f331b0 .hgtags
--- a/.hgtags	Fri Feb 28 16:00:40 2014 +0400
+++ b/.hgtags	Fri Mar 28 12:40:21 2014 +0000
@@ -429,3 +429,4 @@
 3e145a686fedd9eefdcb6b714241200ed236b41d jdk7u25-b13
 4fafaf293aa5666e8c9f5ca1d96c3f752305f586 jdk7u25-b14
 b23760b457ce80ee57a215282ef5d23f677e9831 icedtea-2.3.13
+72a544aeb89217020b60c10fe167e2567fea3460 icedtea-2.3.14

From andrew at icedtea.classpath.org  Fri Mar 28 12:43:33 2014
From: andrew at icedtea.classpath.org (andrew at icedtea.classpath.org)
Date: Fri, 28 Mar 2014 12:43:33 +0000
Subject: /hg/release/icedtea7-forest-2.3/jdk: Added tag icedtea-2.3.14 fo...
Message-ID: <hg.6bfd82b58e07.1396010613.4833355912275447704@icedtea.classpath.org>

changeset 6bfd82b58e07 in /hg/release/icedtea7-forest-2.3/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jdk?cmd=changeset;node=6bfd82b58e07
author: andrew
date: Fri Mar 28 12:40:16 2014 +0000

	Added tag icedtea-2.3.14 for changeset 3428bff8a33a


diffstat:

 .hgtags |  1 +
 1 files changed, 1 insertions(+), 0 deletions(-)

diffs (8 lines):

diff -r 3428bff8a33a -r 6bfd82b58e07 .hgtags
--- a/.hgtags	Mon Mar 24 13:55:37 2014 +0000
+++ b/.hgtags	Fri Mar 28 12:40:16 2014 +0000
@@ -320,3 +320,4 @@
 0a482b2f7c351d157c5ae9ca495d762c2deaf37c icedtea-2.3.11
 4a0cf2c05cc6f0abd48d72008d8880b7e7a874e1 icedtea-2.3.12
 acce97b208855981122cc33131b63e9b39fb9aa6 icedtea-2.3.13
+3428bff8a33a0ecf54412186f64efed7e168ccd1 icedtea-2.3.14

From gnu_andrew at member.fsf.org  Fri Mar 28 13:13:38 2014
From: gnu_andrew at member.fsf.org (Andrew Hughes)
Date: Fri, 28 Mar 2014 13:13:38 +0000
Subject: IcedTea 2.3.14 & 2.4.6: Considered ARMful Released!
Message-ID: <20140328131338.GA4378@carrie.the212.com>

The IcedTea project provides a harness to build the source code from
OpenJDK using Free Software build tools, along with additional
features such as a PulseAudio sound driver, the ability to build
against system libraries and support for alternative virtual machines
and architectures beyond those supported by OpenJDK.

These releases are mainly focused on ARM support. In 2.4.6, we see
the first appearance of support for both the ARM32 JIT (previously
in 2.3.x and earlier) and the AArch64 port. As it successfully
built itself on Fedora, the ARM32 JIT is enabled by default, but
can now be disabled using --disable-arm32-jit.

We also update the 2.3 series, containing the more stable version
of the ARM32 JIT, with the fixes previously released in 2.4.5.
2.3.14 also adds the two missing HotSpot security updates from
the 2.3.12 release. However, these are only enabled by default
when building Zero. They can be forced on for other builds by
setting --enable-jsr292-update.

This will be the last release of the 2.3.x series and users should
transition to 2.4.x as soon as possible. More updates on this and
other releases to follow shortly.

If you find an issue with one of the releases, please report it to our
bug database (http://icedtea.classpath.org/bugzilla) under the
appropriate component. Development discussion takes place on the
distro-pkg-dev OpenJDK mailing list and patches are always welcome.

Full details of the releases can be found below.

What's New?
===========
New in release 2.4.6 (2014-03-28):

* Backports
  - S8009062: poor performance of JNI AttachCurrentThread after fix for 7017193
  - S8035893: JVM_GetVersionInfo fails to zero structure
  - Re-enable the 'gamma' test at the end of the HotSpot build, but only for HotSpot based bootstrap JDKs.
* Bug fixes
  - PR1101: Undefined symbols on GNU/Linux SPARC
  - PR1659: OpenJDK 7 returns incorrect TrueType font metrics when bold style is set
  - PR1677, G498288: Update PaX support to detect running PaX kernel and use newer tools
  - PR1679: Allow OpenJDK to build on PaX-enabled kernels
  - PR1684: Build fails with empty PAX_COMMAND
  - RH1015432: java-1.7.0-openjdk: Fails on PPC with StackOverflowError (revised fix)
  - Link against $(LIBDL) if SYSTEM_CUPS is not true
  - Perform configure checks using ecj.jar when --with-gcj (native ecj build) is enabled.
* ARM32 port
  - Add arm_port from IcedTea 6
  - Add patches/arm.patch from IcedTea 6
  - Add patches/arm-debug.patch from IcedTea 6
  - Add patches/arm-hsdis.patch from IcedTea 6
  - added jvmti event generation for dynamic_generate and compiled_method_load events to ARM JIT compiler
  - Adjust saved SP when safepointing.
  - First cut of invokedynamic
  - Fix trashed thread ptr after recursive re-entry from asm JIT.
  - JIT-compilation of ldc methodHandle
  - Rename a bunch of misleadingly-named functions
  - Changes for HSX22
  - Rename a bunch of misleadingly-named functions
  - Patched method handle adapter code to deal with failures in TCK
  - Phase 1
  - Phase 2
  - RTC Thumb2 JIT enhancements.
  - Zero fails to build in hsx22+, fix for hsx22 after runs gamma OK, hsx23 still nogo.
  - Use ldrexd for atomic reads on ARMv7.
  - Use unified syntax for thumb code.
  - Corrected call from fast_method_handle_entry to CppInterpreter::method_handle_entry so that thread is loaded into r2
  - Don't save locals at a return.
  - Fix call to handle_special_method().  Fix compareAndSwapLong.
  - Fix JIT bug that miscompiles org.eclipse.ui.internal.contexts.ContextAuthority.sourceChanged
  - invokedynamic and aldc for JIT
  - Modified safepoint check to rely on memory protect signal instead of polling
  - Minor review cleanups.
  - PR1188: ASM Interpreter and Thumb2 JIT javac miscompile modulo reminder on armel
  - PR1363: Fedora 19 / rawhide FTBFS SIGILL
  - Changes for HSX23
  - Remove fragment from method that has been removed
  - Remove C++ flags from CC_COMPILE and fix usage in zeroshark.make.
  - Use $(CC) to compile mkbc instead of $(CC_COMPILE) to avoid C++-only flags
  - Add note about use of $(CFLAGS)/$(CXXFLAGS)/$(CPPFLAGS) at present.
  - Override automatic detection of source language for bytecodes_arm.def
  - Include $(CFLAGS) in assembler stage
  - PR1626: ARM32 assembler update for hsx24. Use ARM32JIT to turn it on/off.
  - Replace literal offsets for METHOD_SIZEOFPARAMETERS and ISTATE_NEXT_FRAME with correct symbolic names.
  - Turn ARM32 JIT on by default
* AArch64 port
  - PR1713: Support AArch64 Port
* Shark
  - Add Shark definitions from 8003868
  - Drop compile_method argument removed in 7083786 from sharkCompiler.cpp

New in release 2.3.14 (2014-03-28):

* Security fixes
  - S7023639, CVE-2013-5838: JSR 292 method handle invocation needs a fast path for compiled code (JSR292 update only)
  - S8029507, CVE-2013-5893: Enhance JVM method processing (JSR292 update only)
* Backports
  - S7024118: possible hardcoded mnemonic for JFileChooser metal and motif l&f
  - S7032018: The file list in JFileChooser does not have an accessible name
  - S7032436: When running with the Nimbus look and feel, the JFileChooser does not display mnemonics
  - S7151089: PS NUMA: NUMA allocator should not attempt to free pages when using SHM large pages
  - S7192406: JSR 292: C2 needs exact return type information for invokedynamic and invokehandle call sites (JSR292 update only)
  - S7196242: vm/mlvm/indy/stress/java/loopsAndThreads crashed (JSR292 update only)
  - S7200949: JSR 292: rubybench/bench/time/bench_base64.rb fails with jruby.jar not on boot class path (JSR292 update only)
  - S8000780: make Zero build and run with JDK8 (JSR292 update only)
  - S8008764: 7uX l10n resource file translation update
  - S8009062: poor performance of JNI AttachCurrentThread after fix for 7017193
  - S8013057: assert(_needs_gc || SafepointSynchronize::is_at_safepoint()) failed: only read at safepoint
  - S8015976: OpenJDK part of bug JDK-8015812 [TEST_BUG] Tests have conflicting test descriptions
  - S8022698: javax/script/GetInterfaceTest.java fails since 7u45 b04 with -agentvm option
  - S8023310: Thread contention in the method Beans.IsDesignTime()
  - S8024302: Clarify jar verifications
  - S8024461: [macosx] Java crashed on mac10.9 for swing and 2d function manual test
  - S8025255: (tz) Support tzdata2013g
  - S8026037: [TESTBUG] sun/security/tools/jarsigner/warnings.sh test fails on Solaris
  - S8026304: jarsigner output bad grammar
  - S8026887: Make issues due to failed large pages allocations easier to debug
  - S8027204: Revise the update of 8026204 and 8025758
  - S8027224: test regression - ClassNotFoundException
  - S8027370: Support tzdata2013h
  - S8027378: Two closed/javax/xml/8005432 fails with jdk7u51b04
  - S8027837: JDK-8021257 causes CORBA build failure on emdedded platforms
  - S8027943: serial version of com.sun.corba.se.spi.orbutil.proxy.CompositeInvocationHandlerImpl changed in 7u45
  - S8028057: Modify jarsigner man page documentation to document CCC 8024302: Clarify jar verifications
  - S8028111: XML readers share the same entity expansion counter
  - S8028215: ORB.init fails with SecurityException if properties select the JDK default ORB
  - S8028293: Check local configuration for actual ephemeral port range
  - S8028382: Two javax/xml/8005433 tests still fail after the fix JDK-8028147
  - S8028453: AsynchronousSocketChannel.connect() requires SocketPermission due to bind to local address (win)
  - S8028823: java/net/Makefile tabs converted to spaces
  - S8029038: Revise fix for XML readers share the same entity expansion counter
  - S8035893: JVM_GetVersionInfo fails to zero structure
* Bug fixes
  - Fix broken bootstrap build by updating ecj-multicatch.patch
  - PR1626: ARM32 assembler update for hsx24 (JSR292 update only)
  - PR1654: ppc32 needs a larger ThreadStackSize to build
  - PR1677, G498288: Update PaX support to detect running PaX kernel and use newer tools
  - PR1679: Allow OpenJDK to build on PaX-enabled kernels
  - PR1684: Build fails with empty PAX_COMMAND
  - Re-enable the 'gamma' test at the end of the HotSpot build, but only for HotSpot based bootstrap JDKs.
  - RH1015432: java-1.7.0-openjdk: Fails on PPC with StackOverflowError (revised fix)
  - RH910107: fail to load PC/SC library
  - Perform configure checks using ecj.jar when --with-gcj (native ecj build) is enabled.
* New features
  - PR1653: Support ppc64le via Zero
* ARM port
  - Allow ARM32 JIT to be disabled
  - Replace literal offsets for METHOD_SIZEOFPARAMETERS and ISTATE_NEXT_FRAME with correct symbolic names.
  - Turn ARM32 JIT on by default
* Shark
  - Add Shark definitions from 8003868
  - Drop compile_method argument removed in 7083786 from sharkCompiler.cpp

The tarballs can be downloaded from:

    http://icedtea.classpath.org/download/source/icedtea-2.3.14.tar.gz
    http://icedtea.classpath.org/download/source/icedtea-2.3.14.tar.xz

and:

    http://icedtea.classpath.org/download/source/icedtea-2.4.6.tar.gz
    http://icedtea.classpath.org/download/source/icedtea-2.4.6.tar.xz

We provide both gzip and xz tarballs, so that those who are able to
make use of the smaller tarball produced by xz may do so.

The tarballs are accompanied by digital signatures available at:

    http://icedtea.classpath.org/download/source/icedtea-2.3.14.tar.gz.sig
    http://icedtea.classpath.org/download/source/icedtea-2.3.14.tar.xz.sig
    http://icedtea.classpath.org/download/source/icedtea-2.4.6.tar.gz.sig
    http://icedtea.classpath.org/download/source/icedtea-2.4.6.tar.xz.sig

These are produced using my public key. See details below.

      PGP Key: 248BDC07 (https://keys.indymedia.org/)
      Fingerprint = EC5A 1F5E C0AD 1D15 8F1F 8F91 3B96 A578 248B DC07

SHA256 checksums:

aa152c7b61dc9b1d2e66ff3270e8c59e399a39035fa707ae4b637f4c223cc474  icedtea-2.3.14.tar.gz
5aef30fbd8e6c3d59f7428154c470bf662261b6e12caaba24dc1cb2f20cc6e49  icedtea-2.3.14.tar.gz.sig
9743fbe6cad015b725eee1f6fdb0f476298c0469da7bd685d4f47b342f85c7a7  icedtea-2.3.14.tar.xz
d96d3ad3abb0bfb8e19a0dfb0e28272729b27c20a81711b8d6027ad5fa8a479a  icedtea-2.3.14.tar.xz.sig
1f2ea0a29d946b0e8dd8f74c485adc41c02710e88c17ef827b635e1e4215ad33  icedtea-2.4.6.tar.gz
60dfd60e5033c04d759882be206e8c27be0d54b6ad438cf48549921474fa74dc  icedtea-2.4.6.tar.gz.sig
c333bcaba46d8684b5ac727486d8b935ac77b9ba3cc5da1aad9d8c7422cbfa19  icedtea-2.4.6.tar.xz
0a05a678a29545b598846755acb9d2359933b607e1ab2473f88dba6ece7ae22e  icedtea-2.4.6.tar.xz.sig

The checksums can be downloaded from:

    http://icedtea.classpath.org/download/source/icedtea-2.3.14.sha256
    http://icedtea.classpath.org/download/source/icedtea-2.4.6.sha256

The following people helped with these releases:

* Severin Gehwolf (RH910107)
* Andrew Haley (ARM32 literal offsets fix)
* Andrew Hughes (all other bug fixes & backports, release management)
* Chris Phillips (ARM32 hs24 support, RH1015432)
* Yasumasa Suenaga (PR1659)

We would also like to thank the bug reporters and testers!

To get started:

$ tar xzf icedtea-${version}.tar.gz

or:

$ tar x -I xz -f icedtea-${version}.tar.xz

then:

$ mkdir icedtea-build
$ cd icedtea-build
$ ../icedtea-${version}/configure
$ make

where ${version} is either 2.3.14 or 2.4.6.

Full build requirements and instructions are available in the INSTALL file.

Happy hacking!
-- 
Andrew :)

Free Java Software Engineer
Red Hat, Inc. (http://www.redhat.com)

PGP Key: 248BDC07 (https://keys.indymedia.org/)
Fingerprint = EC5A 1F5E C0AD 1D15 8F1F  8F91 3B96 A578 248B DC07
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140328/986ee9e2/signature-0001.asc>

From andrew at icedtea.classpath.org  Fri Mar 28 16:22:07 2014
From: andrew at icedtea.classpath.org (andrew at icedtea.classpath.org)
Date: Fri, 28 Mar 2014 16:22:07 +0000
Subject: /hg/release/icedtea6-1.13: 3 new changesets
Message-ID: <hg.605775de7be4.1396023727.-53431993501496593@icedtea.classpath.org>

changeset 605775de7be4 in /hg/release/icedtea6-1.13
details: http://icedtea.classpath.org/hg/release/icedtea6-1.13?cmd=changeset;node=605775de7be4
author: Andrew John Hughes <gnu.andrew at redhat.com>
date: Wed Mar 26 12:59:52 2014 +0000

	Prepare for 1.13.2 release.

	2014-03-26  Andrew John Hughes  <gnu.andrew at redhat.com>

		* NEWS: Add potential release date and
		Gentoo bug ID for PaX change.
		* configure.ac: Set to 1.13.2.


changeset 84eda38cea63 in /hg/release/icedtea6-1.13
details: http://icedtea.classpath.org/hg/release/icedtea6-1.13?cmd=changeset;node=84eda38cea63
author: Andrew John Hughes <gnu.andrew at redhat.com>
date: Fri Mar 28 14:18:09 2014 +0000

	Update release date.

	2014-03-28  Andrew John Hughes  <gnu.andrew at member.fsf.org>

		* NEWS: Update release date.


changeset b445fccb23bb in /hg/release/icedtea6-1.13
details: http://icedtea.classpath.org/hg/release/icedtea6-1.13?cmd=changeset;node=b445fccb23bb
author: Andrew John Hughes <gnu.andrew at redhat.com>
date: Fri Mar 28 16:21:58 2014 +0000

	Added tag icedtea6-1.13.2 for changeset 84eda38cea63


diffstat:

 .hgtags      |   1 +
 ChangeLog    |  10 ++++++++++
 NEWS         |   4 ++--
 configure.ac |   2 +-
 4 files changed, 14 insertions(+), 3 deletions(-)

diffs (54 lines):

diff -r 9408a82b3d19 -r b445fccb23bb .hgtags
--- a/.hgtags	Wed Mar 26 06:34:03 2014 +0000
+++ b/.hgtags	Fri Mar 28 16:21:58 2014 +0000
@@ -24,3 +24,4 @@
 5a1e1b39664409e9a0945ba49b558f25ef976c58 icedtea6-1.12-branchpoint
 0770fe4c010590f293d189c83af2c49ac0c2268d icedtea6-1.13
 eb77bc7992a9c321470c8426c901abd75ed8f567 icedtea6-1.13.1
+84eda38cea6394a1973c62aed9e26086690db5c7 icedtea6-1.13.2
diff -r 9408a82b3d19 -r b445fccb23bb ChangeLog
--- a/ChangeLog	Wed Mar 26 06:34:03 2014 +0000
+++ b/ChangeLog	Fri Mar 28 16:21:58 2014 +0000
@@ -1,3 +1,13 @@
+2014-03-28  Andrew John Hughes  <gnu.andrew at member.fsf.org>
+
+	* NEWS: Update release date.
+
+2014-03-26  Andrew John Hughes  <gnu.andrew at redhat.com>
+
+	* NEWS: Add potential release date and
+	Gentoo bug ID for PaX change.
+	* configure.ac: Set to 1.13.2.
+
 2014-03-25  Andrew John Hughes  <gnu.andrew at redhat.com>
 
 	* Makefile.am:
diff -r 9408a82b3d19 -r b445fccb23bb NEWS
--- a/NEWS	Wed Mar 26 06:34:03 2014 +0000
+++ b/NEWS	Fri Mar 28 16:21:58 2014 +0000
@@ -12,14 +12,14 @@
 
 CVE-XXXX-YYYY: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=XXXX-YYYY
 
-New in release 1.13.2 (2014-04-XX):
+New in release 1.13.2 (2014-03-28):
 
 * Backports
   - S7110396: Sound code fails to build with gcc 4.6 on multiarch Linux systems
   - S8035893: JVM_GetVersionInfo fails to zero structure
   - OPENJDK6-29: JDK fails to zero jdk_version_info correctly
 * Bug fixes
-  - PR1714: Update PaX support to detect running PaX kernel and use newer tools
+  - PR1714, G498288: Update PaX support to detect running PaX kernel and use newer tools
   - PR1712, G455426: Allow -Werror to be turned off in the HotSpot build
 
 New in release 1.13.1 (2014-01-22):
diff -r 9408a82b3d19 -r b445fccb23bb configure.ac
--- a/configure.ac	Wed Mar 26 06:34:03 2014 +0000
+++ b/configure.ac	Fri Mar 28 16:21:58 2014 +0000
@@ -1,4 +1,4 @@
-AC_INIT([icedtea6],[1.13.2pre],[distro-pkg-dev at openjdk.java.net])
+AC_INIT([icedtea6],[1.13.2],[distro-pkg-dev at openjdk.java.net])
 AC_CANONICAL_HOST
 AC_CANONICAL_TARGET
 AM_INIT_AUTOMAKE([1.9 tar-pax foreign])

From gnu.andrew at redhat.com  Fri Mar 28 16:20:01 2014
From: gnu.andrew at redhat.com (Andrew Hughes)
Date: Fri, 28 Mar 2014 16:20:01 +0000
Subject: IcedTea 1.13.2 for OpenJDK 6: sizeof Considered Harmful Released!
Message-ID: <20140328161957.GA22803@carrie.the212.com>

The IcedTea project provides a harness to build the source code from
OpenJDK using Free Software build tools, along with additional
features such as a PulseAudio sound driver, the ability to build
against system libraries and support for alternative virtual machines
and architectures beyond those supported by OpenJDK.

This release updates our OpenJDK 6 support in the 1.13.x series with
a number of bug fixes.

If you find an issue with one of the releases, please report it to our
bug database (http://icedtea.classpath.org/bugzilla) under the
appropriate component. Development discussion takes place on the
distro-pkg-dev OpenJDK mailing list and patches are always welcome.

Full details of the release can be found below.

What's New?
===========
New in release 1.13.2 (2014-03-28):

* Backports
  - S7110396: Sound code fails to build with gcc 4.6 on multiarch Linux systems
  - S8035893: JVM_GetVersionInfo fails to zero structure
  - OPENJDK6-29: JDK fails to zero jdk_version_info correctly
* Bug fixes
  - PR1714, G498288: Update PaX support to detect running PaX kernel and use newer tools
  - PR1712, G455426: Allow -Werror to be turned off in the HotSpot build

The tarballs can be downloaded from:

    http://icedtea.classpath.org/download/source/icedtea6-1.13.2.tar.gz
    http://icedtea.classpath.org/download/source/icedtea6-1.13.2.tar.xz

We provide both gzip and xz tarballs, so that those who are able to
make use of the smaller tarball produced by xz may do so.

The tarballs are accompanied by digital signatures available at:

    http://icedtea.classpath.org/download/source/icedtea6-1.13.2.tar.gz.sig
    http://icedtea.classpath.org/download/source/icedtea6-1.13.2.tar.xz.sig

These are produced using my public key. See details below.

      PGP Key: 248BDC07 (https://keys.indymedia.org/)
      Fingerprint = EC5A 1F5E C0AD 1D15 8F1F 8F91 3B96 A578 248B DC07

SHA256 checksums:

654648eb7b9a29a6a91768723707515750409980ff26e6daba6d13ff444fa330  icedtea6-1.13.2.tar.gz
d5fa067745ccb7b1474b7bb4a053896a263e3b3da99131898cf83ddd4467a3a0  icedtea6-1.13.2.tar.gz.sig
b7614cf5f90d10a3ad379c65bc7d9c5f64ca38beafe50282e131612d62b1a1f9  icedtea6-1.13.2.tar.xz
bec15aac669c7345b4a0d3625ed2e388b951d1f5d73e06741154ee0dd42068b6  icedtea6-1.13.2.tar.xz.sig

The checksums can be downloaded from:

    http://icedtea.classpath.org/download/source/icedtea6-1.13.2.sha256

The following people helped with these releases:

* Andrew Dinn (OPENJDK6-29)
* Andrew Hughes (all other bug fixes & backports, release management)

We would also like to thank the bug reporters and testers!

To get started:

$ tar xzf icedtea6-1.13.2.tar.gz

or:

$ tar x -I xz -f icedtea6-1.13.2.tar.xz

then:

$ mkdir icedtea-build
$ cd icedtea-build
$ ../icedtea6-1.13.2/configure
$ make

Full build requirements and instructions are available in the INSTALL file.

Happy hacking!
-- 
Andrew :)

Free Java Software Engineer
Red Hat, Inc. (http://www.redhat.com)

PGP Key: 248BDC07 (https://keys.indymedia.org/)
Fingerprint = EC5A 1F5E C0AD 1D15 8F1F  8F91 3B96 A578 248B DC07
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140328/8c701529/signature.asc>

From bugzilla-daemon at icedtea.classpath.org  Fri Mar 28 17:42:36 2014
From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org)
Date: Fri, 28 Mar 2014 17:42:36 +0000
Subject: [Bug 1720] Crashes when attempting to build uPortal
In-Reply-To: <bug-1720-30@http.icedtea.classpath.org/bugzilla/>
References: <bug-1720-30@http.icedtea.classpath.org/bugzilla/>
Message-ID: <bug-1720-30-DcWLK0uJsR@http.icedtea.classpath.org/bugzilla/>

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1720

Andrew John Hughes <gnu.andrew at redhat.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
            Version|unspecified                 |2.4.5
           Severity|critical                    |normal

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140328/4911463e/attachment.html>

From omajid at redhat.com  Fri Mar 28 17:49:56 2014
From: omajid at redhat.com (Omair Majid)
Date: Fri, 28 Mar 2014 13:49:56 -0400
Subject: [icedtea-web] RFC: Use AC_LANG_SOURCE macros
Message-ID: <20140328174956.GA2812@redhat.com>

Hi,

I just tried to build a fresh clone of icedtea-web and got a few scary
warnings on running autogen.sh:

  configure.ac:89: warning: AC_LANG_CONFTEST: no AC_LANG_SOURCE call detected in body
  ../../lib/autoconf/lang.m4:193: AC_LANG_CONFTEST is expanded from...
  ../../lib/autoconf/general.m4:2590: _AC_COMPILE_IFELSE is expanded from...
  ../../lib/autoconf/general.m4:2606: AC_COMPILE_IFELSE is expanded from...
  acinclude.m4:523: IT_CHECK_XULRUNNER_MIMEDESCRIPTION_CONSTCHAR is expanded from...
  configure.ac:89: the top level

The attached patch fixes the warning by wrapping the code in an
AC_LANG_SOURCE macro.

Thanks,
Omair

-- 
PGP Key: 66484681 (http://pgp.mit.edu/)
Fingerprint = F072 555B 0A17 3957 4E95  0056 F286 F14F 6648 4681
-------------- next part --------------
diff --git a/ChangeLog b/ChangeLog
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,9 @@
+2014-03-28  Omair Majid  <omajid at redhat.com>
+
+	* acinclude.m4
+	(IT_CHECK_XULRUNNER_MIMEDESCRIPTION_CONSTCHAR),
+	(IT_CHECK_XULRUNNER_REQUIRES_C11): Use AC_LANG_SOURCE with code.
+
 2014-03-27  Andrew Azores  <aazores at redhat.com>
 
 	Fix NPE when trying to open a new file, with changes made, and wanting to
diff --git a/acinclude.m4 b/acinclude.m4
--- a/acinclude.m4
+++ b/acinclude.m4
@@ -527,9 +527,9 @@
   CXXFLAGS_BACKUP="$CXXFLAGS"
   CXXFLAGS="$CXXFLAGS"" ""$MOZILLA_CFLAGS"
   AC_COMPILE_IFELSE([
-    #include <npfunctions.h>]
-    [const  char* NP_GetMIMEDescription ()
-    {return (char*) "yap!";}
+    AC_LANG_SOURCE([[#include <npfunctions.h>
+                     const  char* NP_GetMIMEDescription ()
+                       {return (char*) "yap!";}]])
     ],[
     AC_MSG_RESULT(no)
     ],[
@@ -547,10 +547,10 @@
   CXXFLAGS_BACKUP="$CXXFLAGS"
   CXXFLAGS="$CXXFLAGS"" ""$MOZILLA_CFLAGS"
   AC_COMPILE_IFELSE([
-    #include <npapi.h>
-    #include <npruntime.h>]
-    [void setnpptr (NPVariant *result)
-    {VOID_TO_NPVARIANT(*result);}
+    AC_LANG_SOURCE([[#include <npapi.h>
+                     #include <npruntime.h>
+                     void setnpptr (NPVariant *result)
+                       { VOID_TO_NPVARIANT(*result);}]])
     ],[
     AC_MSG_RESULT(no)
     CXXFLAGS="$CXXFLAGS_BACKUP"

From bugzilla-daemon at icedtea.classpath.org  Fri Mar 28 18:10:46 2014
From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org)
Date: Fri, 28 Mar 2014 18:10:46 +0000
Subject: [Bug 1726] New: configure fails looking for ecj.jar before even
	trying to find javac
Message-ID: <bug-1726-30@http.icedtea.classpath.org/bugzilla/>

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1726

            Bug ID: 1726
           Summary: configure fails looking for ecj.jar before even trying
                    to find javac
           Product: IcedTea
           Version: 2.4.6
          Hardware: x86_64
                OS: Linux
            Status: NEW
          Severity: normal
          Priority: P5
         Component: IcedTea
          Assignee: gnu.andrew at redhat.com
          Reporter: gnu.andrew at redhat.com
                CC: unassigned at icedtea.classpath.org

Reported on #gentoo-java Freenode IRC:

http://siren.gmake.de/stuff/icedtea/build.log

checking for a JDK home directory... /usr/lib64/icedtea7
checking if a java binary was specified... no
checking if /usr/lib64/icedtea7/bin/java is a valid executable file... yes
checking for an ecj JAR file... no
configure: error: "No compiler or ecj JAR file was found."

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140328/6cc43d34/attachment.html>

From bugzilla-daemon at icedtea.classpath.org  Fri Mar 28 18:12:00 2014
From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org)
Date: Fri, 28 Mar 2014 18:12:00 +0000
Subject: [Bug 1726] configure fails looking for ecj.jar before even trying to
	find javac
In-Reply-To: <bug-1726-30@http.icedtea.classpath.org/bugzilla/>
References: <bug-1726-30@http.icedtea.classpath.org/bugzilla/>
Message-ID: <bug-1726-30-7ulcc4z8FG@http.icedtea.classpath.org/bugzilla/>

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1726

Andrew John Hughes <gnu.andrew at redhat.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |ASSIGNED
   Target Milestone|---                         |2.4.7

--- Comment #1 from Andrew John Hughes <gnu.andrew at redhat.com> ---
IT_FIND_ECJ_JAR macro uses ${JAVAC} but does not depend on any macro that
defines it.

As this is a terminal sanity check anyway, move it to the more obvious location
of IT_FIND_COMPILER.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140328/89b73f46/attachment-0001.html>

From andrew at icedtea.classpath.org  Fri Mar 28 18:12:59 2014
From: andrew at icedtea.classpath.org (andrew at icedtea.classpath.org)
Date: Fri, 28 Mar 2014 18:12:59 +0000
Subject: /hg/release/icedtea7-2.4: 2 new changesets
Message-ID: <hg.46f9059509fe.1396030379.5789328834432805220@icedtea.classpath.org>

changeset 46f9059509fe in /hg/release/icedtea7-2.4
details: http://icedtea.classpath.org/hg/release/icedtea7-2.4?cmd=changeset;node=46f9059509fe
author: Andrew John Hughes <gnu_andrew at member.fsf.org>
date: Fri Mar 28 18:06:31 2014 +0000

	Start 2.4.7 release cycle.

	2014-03-28  Andrew John Hughes  <gnu.andrew at redhat.com>

		* configure.ac: Bump to 2.4.7pre00.
		* NEWS: Add 2.4.7 section.


changeset e8e59c50a451 in /hg/release/icedtea7-2.4
details: http://icedtea.classpath.org/hg/release/icedtea7-2.4?cmd=changeset;node=e8e59c50a451
author: Andrew John Hughes <gnu_andrew at member.fsf.org>
date: Fri Mar 28 18:12:46 2014 +0000

	PR1726: configure fails looking for ecj.jar before even trying to find javac

	2014-03-28  Andrew John Hughes  <gnu.andrew at redhat.com>

		* acinclude.m4:
		(IT_FIND_COMPILER): Check value of ECJ_JAR
		and JAVAC here ...
		(IT_FIND_ECJ_JAR): ... rather than here where
		${JAVAC} may not yet be defined.


diffstat:

 ChangeLog    |  13 +++++++++++++
 NEWS         |   5 +++++
 acinclude.m4 |  11 ++++++-----
 configure.ac |   2 +-
 4 files changed, 25 insertions(+), 6 deletions(-)

diffs (72 lines):

diff -r d2bc83a8ce09 -r e8e59c50a451 ChangeLog
--- a/ChangeLog	Fri Mar 28 12:27:42 2014 +0000
+++ b/ChangeLog	Fri Mar 28 18:12:46 2014 +0000
@@ -1,3 +1,16 @@
+2014-03-28  Andrew John Hughes  <gnu.andrew at redhat.com>
+
+	* acinclude.m4:
+	(IT_FIND_COMPILER): Check value of ECJ_JAR
+	and JAVAC here ...
+	(IT_FIND_ECJ_JAR): ... rather than here where
+	${JAVAC} may not yet be defined.
+
+2014-03-28  Andrew John Hughes  <gnu.andrew at redhat.com>
+
+	* configure.ac: Bump to 2.4.7pre00.
+	* NEWS: Add 2.4.7 section.
+
 2014-03-26  Andrew John Hughes  <gnu.andrew at member.fsf.org>
 
 	* NEWS: Update with recent changes.
diff -r d2bc83a8ce09 -r e8e59c50a451 NEWS
--- a/NEWS	Fri Mar 28 12:27:42 2014 +0000
+++ b/NEWS	Fri Mar 28 18:12:46 2014 +0000
@@ -12,6 +12,11 @@
 
 CVE-XXXX-YYYY: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=XXXX-YYYY
 
+New in release 2.4.7 (2014-04-XX):
+
+* Bug fixes
+  - PR1726: configure fails looking for ecj.jar before even trying to find javac
+
 New in release 2.4.6 (2014-03-28):
 
 * Backports
diff -r d2bc83a8ce09 -r e8e59c50a451 acinclude.m4
--- a/acinclude.m4	Fri Mar 28 12:27:42 2014 +0000
+++ b/acinclude.m4	Fri Mar 28 18:12:46 2014 +0000
@@ -134,6 +134,12 @@
   IT_USING_ECJ
   IT_WITH_GCJ
   
+  if test "x${ECJ_JAR}" = "xno"; then
+    if test "x${JAVAC}" = "x"; then
+      AC_MSG_ERROR("No compiler or ecj JAR file was found.")
+    fi
+  fi
+
   if test x"${GCJ}" != xno ; then
     JAVAC="${JAVA} -classpath ${ECJ_JAR} org.eclipse.jdt.internal.compiler.batch.Main"
   fi
@@ -350,11 +356,6 @@
       fi
   fi
   AC_MSG_RESULT(${ECJ_JAR})
-  if test "x${ECJ_JAR}" = "xno"; then
-    if test "x${JAVAC}" = "x"; then
-      AC_MSG_ERROR("No compiler or ecj JAR file was found.")
-    fi
-  fi
   AC_SUBST(ECJ_JAR)
 ])
 
diff -r d2bc83a8ce09 -r e8e59c50a451 configure.ac
--- a/configure.ac	Fri Mar 28 12:27:42 2014 +0000
+++ b/configure.ac	Fri Mar 28 18:12:46 2014 +0000
@@ -1,4 +1,4 @@
-AC_INIT([icedtea], [2.4.6], [distro-pkg-dev at openjdk.java.net])
+AC_INIT([icedtea], [2.4.7pre00], [distro-pkg-dev at openjdk.java.net])
 AM_INIT_AUTOMAKE([1.9 tar-pax foreign])
 AC_CONFIG_FILES([Makefile])
 

From bugzilla-daemon at icedtea.classpath.org  Fri Mar 28 18:13:05 2014
From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org)
Date: Fri, 28 Mar 2014 18:13:05 +0000
Subject: [Bug 1726] configure fails looking for ecj.jar before even trying to
	find javac
In-Reply-To: <bug-1726-30@http.icedtea.classpath.org/bugzilla/>
References: <bug-1726-30@http.icedtea.classpath.org/bugzilla/>
Message-ID: <bug-1726-30-cUVQbspMlR@http.icedtea.classpath.org/bugzilla/>

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1726

--- Comment #2 from hg commits <mercurial at icedtea.classpath.org> ---
details:
http://icedtea.classpath.org//hg/release/icedtea7-2.4?cmd=changeset;node=e8e59c50a451
author: Andrew John Hughes <gnu_andrew at member.fsf.org>
date: Fri Mar 28 18:12:46 2014 +0000

    PR1726: configure fails looking for ecj.jar before even trying to find
javac

    2014-03-28  Andrew John Hughes  <gnu.andrew at redhat.com>

        * acinclude.m4:
        (IT_FIND_COMPILER): Check value of ECJ_JAR
        and JAVAC here ...
        (IT_FIND_ECJ_JAR): ... rather than here where
        ${JAVAC} may not yet be defined.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140328/8c6d2392/attachment.html>

From andrew at icedtea.classpath.org  Fri Mar 28 18:19:33 2014
From: andrew at icedtea.classpath.org (andrew at icedtea.classpath.org)
Date: Fri, 28 Mar 2014 18:19:33 +0000
Subject: /hg/icedtea7: 3 new changesets
Message-ID: <hg.aa5a1fe61c38.1396030773.2873452341184383833@icedtea.classpath.org>

changeset aa5a1fe61c38 in /hg/icedtea7
details: http://icedtea.classpath.org/hg/icedtea7?cmd=changeset;node=aa5a1fe61c38
author: Andrew John Hughes <gnu_andrew at member.fsf.org>
date: Fri Mar 28 03:41:03 2014 +0000

	Apply Werror fix to aarch64 port.

	2012-08-16  Andrew John Hughes  <gnu_andrew at member.fsf.org>

		* Makefile.am:
		(ICEDTEA_PATCHES): Add -Werror patch
		from IcedTea7 HEAD.
		* patches/hotspot/aarch64/werror.patch:
		Allow COMPILER_WARNINGS_FATAL to turn off -Werror.


changeset 715ae9b63c91 in /hg/icedtea7
details: http://icedtea.classpath.org/hg/icedtea7?cmd=changeset;node=715ae9b63c91
author: Andrew John Hughes <gnu_andrew at member.fsf.org>
date: Fri Mar 28 18:17:41 2014 +0000

	Make ARM32 JIT option help text match actual default.

	2014-03-28  Andrew John Hughes  <gnu.andrew at member.fsf.org>

		* acinclude.m4:
		(IT_ENABLE_ARM32JIT): Make help text match setting.


changeset a7f6247d3dff in /hg/icedtea7
details: http://icedtea.classpath.org/hg/icedtea7?cmd=changeset;node=a7f6247d3dff
author: Andrew John Hughes <gnu_andrew at member.fsf.org>
date: Fri Mar 28 18:19:20 2014 +0000

	PR1726: configure fails looking for ecj.jar before even trying to find javac

	2014-03-28  Andrew John Hughes  <gnu.andrew at redhat.com>

		* acinclude.m4:
		(IT_FIND_COMPILER): Check value of ECJ_JAR
		and JAVAC here ...
		(IT_FIND_ECJ_JAR): ... rather than here where
		${JAVAC} may not yet be defined.


diffstat:

 ChangeLog                            |  21 +++++++++++++++++
 Makefile.am                          |   4 +++
 NEWS                                 |   1 +
 acinclude.m4                         |  13 +++++-----
 patches/hotspot/aarch64/werror.patch |  43 ++++++++++++++++++++++++++++++++++++
 5 files changed, 76 insertions(+), 6 deletions(-)

diffs (137 lines):

diff -r 2278f72329bf -r a7f6247d3dff ChangeLog
--- a/ChangeLog	Thu Mar 27 21:18:02 2014 +0000
+++ b/ChangeLog	Fri Mar 28 18:19:20 2014 +0000
@@ -1,3 +1,24 @@
+2014-03-28  Andrew John Hughes  <gnu.andrew at redhat.com>
+
+	* acinclude.m4:
+	(IT_FIND_COMPILER): Check value of ECJ_JAR
+	and JAVAC here ...
+	(IT_FIND_ECJ_JAR): ... rather than here where
+	${JAVAC} may not yet be defined.
+
+2014-03-28  Andrew John Hughes  <gnu.andrew at member.fsf.org>
+
+	* acinclude.m4:
+	(IT_ENABLE_ARM32JIT): Make help text match setting.
+
+2012-08-16  Andrew John Hughes  <gnu_andrew at member.fsf.org>
+
+	* Makefile.am:
+	(ICEDTEA_PATCHES): Add -Werror patch
+	from IcedTea7 HEAD.
+	* patches/hotspot/aarch64/werror.patch:
+	Allow COMPILER_WARNINGS_FATAL to turn off -Werror.
+
 2014-03-27  Andrew John Hughes  <gnu.andrew at member.fsf.org>
 
 	* hotspot.map:
diff -r 2278f72329bf -r a7f6247d3dff Makefile.am
--- a/Makefile.am	Thu Mar 27 21:18:02 2014 +0000
+++ b/Makefile.am	Fri Mar 28 18:19:20 2014 +0000
@@ -297,6 +297,10 @@
 ICEDTEA_PATCHES += patches/nss-config.patch
 endif
 
+if WITH_ALT_HSBUILD
+ICEDTEA_PATCHES += patches/hotspot/aarch64/werror.patch
+endif
+
 ICEDTEA_PATCHES += $(DISTRIBUTION_PATCHES)
 
 # Bootstrapping patches
diff -r 2278f72329bf -r a7f6247d3dff NEWS
--- a/NEWS	Thu Mar 27 21:18:02 2014 +0000
+++ b/NEWS	Fri Mar 28 18:19:20 2014 +0000
@@ -160,6 +160,7 @@
   - PR1677, G498288: Update PaX support to detect running PaX kernel and use newer tools
   - PR1679: Allow OpenJDK to build on PaX-enabled kernels
   - PR1684: Build fails with empty PAX_COMMAND
+  - PR1726: configure fails looking for ecj.jar before even trying to find javac
 * PPC & AIX port
   - Add AIX-specific build instructions to README-ppc.html
   - Added AIX as testing platform for more jtreg tests written in shell-script
diff -r 2278f72329bf -r a7f6247d3dff acinclude.m4
--- a/acinclude.m4	Thu Mar 27 21:18:02 2014 +0000
+++ b/acinclude.m4	Fri Mar 28 18:19:20 2014 +0000
@@ -134,6 +134,12 @@
   IT_USING_ECJ
   IT_WITH_GCJ
   
+  if test "x${ECJ_JAR}" = "xno"; then
+    if test "x${JAVAC}" = "x"; then
+      AC_MSG_ERROR("No compiler or ecj JAR file was found.")
+    fi
+  fi
+
   if test x"${GCJ}" != xno ; then
     JAVAC="${JAVA} -classpath ${ECJ_JAR} org.eclipse.jdt.internal.compiler.batch.Main"
   fi
@@ -350,11 +356,6 @@
       fi
   fi
   AC_MSG_RESULT(${ECJ_JAR})
-  if test "x${ECJ_JAR}" = "xno"; then
-    if test "x${JAVAC}" = "x"; then
-      AC_MSG_ERROR("No compiler or ecj JAR file was found.")
-    fi
-  fi
   AC_SUBST(ECJ_JAR)
 ])
 
@@ -2666,7 +2667,7 @@
 [
   AC_MSG_CHECKING([whether to enable the ARM32 JIT])
   AC_ARG_ENABLE([arm32-jit],
-                [AS_HELP_STRING(--enable-arm32-jit,build with the ARM32 JIT [[default=no]])],
+                [AS_HELP_STRING(--enable-arm32-jit,build with the ARM32 JIT [[default=yes]])],
   [
     case "${enableval}" in
       yes)
diff -r 2278f72329bf -r a7f6247d3dff patches/hotspot/aarch64/werror.patch
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/patches/hotspot/aarch64/werror.patch	Fri Mar 28 18:19:20 2014 +0000
@@ -0,0 +1,43 @@
+diff -Nru openjdk.orig/hotspot/make/linux/makefiles/gcc.make openjdk/hotspot/make/linux/makefiles/gcc.make
+--- openjdk.orig/hotspot/make/linux/makefiles/gcc.make	2014-03-25 14:07:53.000000000 +0000
++++ openjdk/hotspot/make/linux/makefiles/gcc.make	2014-03-28 03:26:57.229802760 +0000
+@@ -205,7 +205,9 @@
+ endif
+ 
+ # Compiler warnings are treated as errors
++ifneq ($(COMPILER_WARNINGS_FATAL),false)
+ WARNINGS_ARE_ERRORS = -Werror
++endif
+ 
+ ifeq ($(USE_CLANG), true)
+   # However we need to clean the code up before we can unrestrictedly enable this option with Clang
+diff -Nru openjdk.orig/hotspot/make/solaris/makefiles/adlc.make openjdk/hotspot/make/solaris/makefiles/adlc.make
+--- openjdk.orig/hotspot/make/solaris/makefiles/adlc.make	2014-03-25 14:07:53.000000000 +0000
++++ openjdk/hotspot/make/solaris/makefiles/adlc.make	2014-03-28 03:26:02.604988364 +0000
+@@ -73,8 +73,10 @@
+ 
+ # CFLAGS_WARN holds compiler options to suppress/enable warnings.
+ # Compiler warnings are treated as errors
+-ifeq ($(shell expr $(COMPILER_REV_NUMERIC) \>= 509), 1)
+-  CFLAGS_WARN = +w -errwarn
++ifneq ($(COMPILER_WARNINGS_FATAL),false)
++  ifeq ($(shell expr $(COMPILER_REV_NUMERIC) \>= 509), 1)
++    CFLAGS_WARN = +w -errwarn
++  endif
+ endif
+ CFLAGS += $(CFLAGS_WARN)
+ 
+diff -Nru openjdk.orig/hotspot/make/solaris/makefiles/gcc.make openjdk/hotspot/make/solaris/makefiles/gcc.make
+--- openjdk.orig/hotspot/make/solaris/makefiles/gcc.make	2014-03-25 14:07:53.000000000 +0000
++++ openjdk/hotspot/make/solaris/makefiles/gcc.make	2014-03-28 03:27:28.206264586 +0000
+@@ -116,7 +116,9 @@
+ 
+ 
+ # Compiler warnings are treated as errors 
+-WARNINGS_ARE_ERRORS = -Werror 
++ifneq ($(COMPILER_WARNINGS_FATAL),false)
++WARNINGS_ARE_ERRORS = -Werror
++endif
+ # Enable these warnings. See 'info gcc' about details on these options
+ WARNING_FLAGS = -Wpointer-arith -Wconversion -Wsign-compare -Wundef
+ CFLAGS_WARN/DEFAULT = $(WARNINGS_ARE_ERRORS) $(WARNING_FLAGS)

From bugzilla-daemon at icedtea.classpath.org  Fri Mar 28 18:19:43 2014
From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org)
Date: Fri, 28 Mar 2014 18:19:43 +0000
Subject: [Bug 1726] configure fails looking for ecj.jar before even trying to
	find javac
In-Reply-To: <bug-1726-30@http.icedtea.classpath.org/bugzilla/>
References: <bug-1726-30@http.icedtea.classpath.org/bugzilla/>
Message-ID: <bug-1726-30-DqsfjoXB5K@http.icedtea.classpath.org/bugzilla/>

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1726

--- Comment #3 from hg commits <mercurial at icedtea.classpath.org> ---
details:
http://icedtea.classpath.org//hg/icedtea7?cmd=changeset;node=a7f6247d3dff
author: Andrew John Hughes <gnu_andrew at member.fsf.org>
date: Fri Mar 28 18:19:20 2014 +0000

    PR1726: configure fails looking for ecj.jar before even trying to find
javac

    2014-03-28  Andrew John Hughes  <gnu.andrew at redhat.com>

        * acinclude.m4:
        (IT_FIND_COMPILER): Check value of ECJ_JAR
        and JAVAC here ...
        (IT_FIND_ECJ_JAR): ... rather than here where
        ${JAVAC} may not yet be defined.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140328/ef294f17/attachment.html>

From andrew at icedtea.classpath.org  Fri Mar 28 18:22:13 2014
From: andrew at icedtea.classpath.org (andrew at icedtea.classpath.org)
Date: Fri, 28 Mar 2014 18:22:13 +0000
Subject: /hg/release/icedtea7-2.3: 2 new changesets
Message-ID: <hg.fea149da671f.1396030933.5789328834432805219@icedtea.classpath.org>

changeset fea149da671f in /hg/release/icedtea7-2.3
details: http://icedtea.classpath.org/hg/release/icedtea7-2.3?cmd=changeset;node=fea149da671f
author: Andrew John Hughes <gnu_andrew at member.fsf.org>
date: Fri Mar 28 18:21:00 2014 +0000

	Start 2.3.15 release cycle.

	2014-03-28  Andrew John Hughes  <gnu.andrew at redhat.com>

		* configure.ac: Bump to 2.3.15pre00.
		* NEWS: Add 2.3.15 section.


changeset c1f745660d29 in /hg/release/icedtea7-2.3
details: http://icedtea.classpath.org/hg/release/icedtea7-2.3?cmd=changeset;node=c1f745660d29
author: Andrew John Hughes <gnu_andrew at member.fsf.org>
date: Fri Mar 28 18:22:00 2014 +0000

	PR1726: configure fails looking for ecj.jar before even trying to find javac

	2014-03-28  Andrew John Hughes  <gnu.andrew at redhat.com>

		* acinclude.m4:
		(IT_FIND_COMPILER): Check value of ECJ_JAR
		and JAVAC here ...
		(IT_FIND_ECJ_JAR): ... rather than here where
		${JAVAC} may not yet be defined.
		* NEWS: Updated.


diffstat:

 ChangeLog    |  14 ++++++++++++++
 NEWS         |   5 +++++
 acinclude.m4 |  11 ++++++-----
 configure.ac |   2 +-
 4 files changed, 26 insertions(+), 6 deletions(-)

diffs (73 lines):

diff -r 8a7b22cf755e -r c1f745660d29 ChangeLog
--- a/ChangeLog	Fri Mar 28 12:31:02 2014 +0000
+++ b/ChangeLog	Fri Mar 28 18:22:00 2014 +0000
@@ -1,3 +1,17 @@
+2014-03-28  Andrew John Hughes  <gnu.andrew at redhat.com>
+
+	* acinclude.m4:
+	(IT_FIND_COMPILER): Check value of ECJ_JAR
+	and JAVAC here ...
+	(IT_FIND_ECJ_JAR): ... rather than here where
+	${JAVAC} may not yet be defined.
+	* NEWS: Updated.
+
+2014-03-28  Andrew John Hughes  <gnu.andrew at redhat.com>
+
+	* configure.ac: Bump to 2.3.15pre00.
+	* NEWS: Add 2.3.15 section.
+
 2014-03-28  Andrew John Hughes  <gnu.andrew at member.fsf.org>
 
 	* NEWS: Update release date.
diff -r 8a7b22cf755e -r c1f745660d29 NEWS
--- a/NEWS	Fri Mar 28 12:31:02 2014 +0000
+++ b/NEWS	Fri Mar 28 18:22:00 2014 +0000
@@ -10,6 +10,11 @@
 
 CVE-XXXX-YYYY: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=XXXX-YYYY
 
+New in release 2.3.15 (20XX-XX-XX):
+
+* Bug fixes
+  - PR1726: configure fails looking for ecj.jar before even trying to find javac
+
 New in release 2.3.14 (2014-03-28):
 
 * Security fixes
diff -r 8a7b22cf755e -r c1f745660d29 acinclude.m4
--- a/acinclude.m4	Fri Mar 28 12:31:02 2014 +0000
+++ b/acinclude.m4	Fri Mar 28 18:22:00 2014 +0000
@@ -127,6 +127,12 @@
   IT_USING_ECJ
   IT_WITH_GCJ
   
+  if test "x${ECJ_JAR}" = "xno"; then
+    if test "x${JAVAC}" = "x"; then
+      AC_MSG_ERROR("No compiler or ecj JAR file was found.")
+    fi
+  fi
+
   if test x"${GCJ}" != xno ; then
     JAVAC="${JAVA} -classpath ${ECJ_JAR} org.eclipse.jdt.internal.compiler.batch.Main"
   fi
@@ -343,11 +349,6 @@
       fi
   fi
   AC_MSG_RESULT(${ECJ_JAR})
-  if test "x${ECJ_JAR}" = "xno"; then
-    if test "x${JAVAC}" = "x"; then
-      AC_MSG_ERROR("No compiler or ecj JAR file was found.")
-    fi
-  fi
   AC_SUBST(ECJ_JAR)
 ])
 
diff -r 8a7b22cf755e -r c1f745660d29 configure.ac
--- a/configure.ac	Fri Mar 28 12:31:02 2014 +0000
+++ b/configure.ac	Fri Mar 28 18:22:00 2014 +0000
@@ -1,4 +1,4 @@
-AC_INIT([icedtea], [2.3.14], [distro-pkg-dev at openjdk.java.net])
+AC_INIT([icedtea], [2.3.15pre00], [distro-pkg-dev at openjdk.java.net])
 AM_INIT_AUTOMAKE([1.9 tar-pax foreign])
 AC_CONFIG_FILES([Makefile])
 

From bugzilla-daemon at icedtea.classpath.org  Fri Mar 28 18:22:18 2014
From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org)
Date: Fri, 28 Mar 2014 18:22:18 +0000
Subject: [Bug 1726] configure fails looking for ecj.jar before even trying to
	find javac
In-Reply-To: <bug-1726-30@http.icedtea.classpath.org/bugzilla/>
References: <bug-1726-30@http.icedtea.classpath.org/bugzilla/>
Message-ID: <bug-1726-30-KUaz1In4i1@http.icedtea.classpath.org/bugzilla/>

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1726

--- Comment #4 from hg commits <mercurial at icedtea.classpath.org> ---
details:
http://icedtea.classpath.org//hg/release/icedtea7-2.3?cmd=changeset;node=c1f745660d29
author: Andrew John Hughes <gnu_andrew at member.fsf.org>
date: Fri Mar 28 18:22:00 2014 +0000

    PR1726: configure fails looking for ecj.jar before even trying to find
javac

    2014-03-28  Andrew John Hughes  <gnu.andrew at redhat.com>

        * acinclude.m4:
        (IT_FIND_COMPILER): Check value of ECJ_JAR
        and JAVAC here ...
        (IT_FIND_ECJ_JAR): ... rather than here where
        ${JAVAC} may not yet be defined.
        * NEWS: Updated.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140328/f1da4c96/attachment-0001.html>

From andrew at icedtea.classpath.org  Fri Mar 28 18:22:52 2014
From: andrew at icedtea.classpath.org (andrew at icedtea.classpath.org)
Date: Fri, 28 Mar 2014 18:22:52 +0000
Subject: /hg/icedtea7: Correct ChangeLog of previous commit.
Message-ID: <hg.984ebd417db7.1396030972.2873452341184383833@icedtea.classpath.org>

changeset 984ebd417db7 in /hg/icedtea7
details: http://icedtea.classpath.org/hg/icedtea7?cmd=changeset;node=984ebd417db7
author: Andrew John Hughes <gnu_andrew at member.fsf.org>
date: Fri Mar 28 18:22:46 2014 +0000

	Correct ChangeLog of previous commit.


diffstat:

 ChangeLog |  1 +
 1 files changed, 1 insertions(+), 0 deletions(-)

diffs (11 lines):

diff -r a7f6247d3dff -r 984ebd417db7 ChangeLog
--- a/ChangeLog	Fri Mar 28 18:19:20 2014 +0000
+++ b/ChangeLog	Fri Mar 28 18:22:46 2014 +0000
@@ -5,6 +5,7 @@
 	and JAVAC here ...
 	(IT_FIND_ECJ_JAR): ... rather than here where
 	${JAVAC} may not yet be defined.
+	* NEWS: Updated.
 
 2014-03-28  Andrew John Hughes  <gnu.andrew at member.fsf.org>
 

From andrew at icedtea.classpath.org  Fri Mar 28 18:23:30 2014
From: andrew at icedtea.classpath.org (andrew at icedtea.classpath.org)
Date: Fri, 28 Mar 2014 18:23:30 +0000
Subject: /hg/release/icedtea7-2.4: Correct ChangeLog of previous commit.
Message-ID: <hg.76236fae3eea.1396031010.5789328834432805220@icedtea.classpath.org>

changeset 76236fae3eea in /hg/release/icedtea7-2.4
details: http://icedtea.classpath.org/hg/release/icedtea7-2.4?cmd=changeset;node=76236fae3eea
author: Andrew John Hughes <gnu_andrew at member.fsf.org>
date: Fri Mar 28 18:22:46 2014 +0000

	Correct ChangeLog of previous commit.


diffstat:

 ChangeLog |  1 +
 1 files changed, 1 insertions(+), 0 deletions(-)

diffs (11 lines):

diff -r e8e59c50a451 -r 76236fae3eea ChangeLog
--- a/ChangeLog	Fri Mar 28 18:12:46 2014 +0000
+++ b/ChangeLog	Fri Mar 28 18:22:46 2014 +0000
@@ -5,6 +5,7 @@
 	and JAVAC here ...
 	(IT_FIND_ECJ_JAR): ... rather than here where
 	${JAVAC} may not yet be defined.
+	* NEWS: Updated.
 
 2014-03-28  Andrew John Hughes  <gnu.andrew at redhat.com>
 

From bugzilla-daemon at icedtea.classpath.org  Fri Mar 28 18:24:00 2014
From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org)
Date: Fri, 28 Mar 2014 18:24:00 +0000
Subject: [Bug 1726] configure fails looking for ecj.jar before even trying to
	find javac
In-Reply-To: <bug-1726-30@http.icedtea.classpath.org/bugzilla/>
References: <bug-1726-30@http.icedtea.classpath.org/bugzilla/>
Message-ID: <bug-1726-30-6rDjoDZYin@http.icedtea.classpath.org/bugzilla/>

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1726

Andrew John Hughes <gnu.andrew at redhat.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|ASSIGNED                    |RESOLVED
         Resolution|---                         |FIXED

--- Comment #5 from Andrew John Hughes <gnu.andrew at redhat.com> ---
Fixed in HEAD, 2.3 & 2.4. Alternatively, a simple workaround is to just pass
anything to --with-ecj-jar.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140328/3b136b6c/attachment.html>

From andrew at icedtea.classpath.org  Fri Mar 28 18:27:11 2014
From: andrew at icedtea.classpath.org (andrew at icedtea.classpath.org)
Date: Fri, 28 Mar 2014 18:27:11 +0000
Subject: /hg/release/icedtea6-1.13: 2 new changesets
Message-ID: <hg.d6eabef09e8c.1396031231.-53431993501496593@icedtea.classpath.org>

changeset d6eabef09e8c in /hg/release/icedtea6-1.13
details: http://icedtea.classpath.org/hg/release/icedtea6-1.13?cmd=changeset;node=d6eabef09e8c
author: Andrew John Hughes <gnu.andrew at redhat.com>
date: Fri Mar 28 18:26:12 2014 +0000

	Start 1.13.3 release cycle.

	2014-03-28  Andrew John Hughes  <gnu.andrew at redhat.com>

		* configure.ac: Bump to 1.13.3pre.
		* NEWS: Add 1.13.3 section.


changeset a1a682d73ee8 in /hg/release/icedtea6-1.13
details: http://icedtea.classpath.org/hg/release/icedtea6-1.13?cmd=changeset;node=a1a682d73ee8
author: Andrew John Hughes <gnu.andrew at redhat.com>
date: Fri Mar 28 18:26:56 2014 +0000

	Fix OPENJDK6-29 bug reference in NEWS.

	2014-03-28  Andrew John Hughes  <gnu.andrew at redhat.com>

		* NEWS: Fix OPENJDK6-29 bug reference.


diffstat:

 ChangeLog    |  9 +++++++++
 NEWS         |  4 +++-
 configure.ac |  2 +-
 3 files changed, 13 insertions(+), 2 deletions(-)

diffs (44 lines):

diff -r b445fccb23bb -r a1a682d73ee8 ChangeLog
--- a/ChangeLog	Fri Mar 28 16:21:58 2014 +0000
+++ b/ChangeLog	Fri Mar 28 18:26:56 2014 +0000
@@ -1,3 +1,12 @@
+2014-03-28  Andrew John Hughes  <gnu.andrew at redhat.com>
+
+	* NEWS: Fix OPENJDK6-29 bug reference.
+
+2014-03-28  Andrew John Hughes  <gnu.andrew at redhat.com>
+
+	* configure.ac: Bump to 1.13.3pre.
+	* NEWS: Add 1.13.3 section.
+
 2014-03-28  Andrew John Hughes  <gnu.andrew at member.fsf.org>
 
 	* NEWS: Update release date.
diff -r b445fccb23bb -r a1a682d73ee8 NEWS
--- a/NEWS	Fri Mar 28 16:21:58 2014 +0000
+++ b/NEWS	Fri Mar 28 18:26:56 2014 +0000
@@ -12,12 +12,14 @@
 
 CVE-XXXX-YYYY: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=XXXX-YYYY
 
+New in release 1.13.3 (2014-04-XX):
+
 New in release 1.13.2 (2014-03-28):
 
 * Backports
   - S7110396: Sound code fails to build with gcc 4.6 on multiarch Linux systems
   - S8035893: JVM_GetVersionInfo fails to zero structure
-  - OPENJDK6-29: JDK fails to zero jdk_version_info correctly
+  - OJ29: JDK fails to zero jdk_version_info correctly
 * Bug fixes
   - PR1714, G498288: Update PaX support to detect running PaX kernel and use newer tools
   - PR1712, G455426: Allow -Werror to be turned off in the HotSpot build
diff -r b445fccb23bb -r a1a682d73ee8 configure.ac
--- a/configure.ac	Fri Mar 28 16:21:58 2014 +0000
+++ b/configure.ac	Fri Mar 28 18:26:56 2014 +0000
@@ -1,4 +1,4 @@
-AC_INIT([icedtea6],[1.13.2],[distro-pkg-dev at openjdk.java.net])
+AC_INIT([icedtea6],[1.13.3pre],[distro-pkg-dev at openjdk.java.net])
 AC_CANONICAL_HOST
 AC_CANONICAL_TARGET
 AM_INIT_AUTOMAKE([1.9 tar-pax foreign])

From omajid at redhat.com  Fri Mar 28 21:44:22 2014
From: omajid at redhat.com (Omair Majid)
Date: Fri, 28 Mar 2014 17:44:22 -0400
Subject: [icedtea-web] RFC: Handle a requested heap size of '1g'
Message-ID: <20140328214422.GD2812@redhat.com>

Hi,

I just ran across this jnlp file: http://atlaslivecasino.net/casino_game.jnlp

This fails to work with HEAD because the application asks for a heap
size of '1G'. This is not a regression.

The attached patch fixes it.

Thanks,
Omair

-- 
PGP Key: 66484681 (http://pgp.mit.edu/)
Fingerprint = F072 555B 0A17 3957 4E95  0056 F286 F14F 6648 4681
-------------- next part --------------
diff --git a/ChangeLog b/ChangeLog
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,9 @@
+2014-03-28  Omair Majid  <omajid at redhat.com>
+
+	* netx/net/sourceforge/jnlp/JREDesc.java (checkHeapSize): Accept 'g' and
+	'G' suffixes. Handle single-digit heap size.
+	* tests/netx/unit/net/sourceforge/jnlp/JREDescTest.java: New file.
+
 2014-03-28  Omair Majid  <omajid at redhat.com>
 
 	* acinclude.m4
diff --git a/netx/net/sourceforge/jnlp/JREDesc.java b/netx/net/sourceforge/jnlp/JREDesc.java
--- a/netx/net/sourceforge/jnlp/JREDesc.java
+++ b/netx/net/sourceforge/jnlp/JREDesc.java
@@ -135,11 +135,11 @@
         }
 
         boolean lastCharacterIsDigit = true;
-        // the last character must be 0-9 or k/K/m/M
+        // the last character must be 0-9 or k/K/m/M/g/G
         char lastChar = Character.toLowerCase(heapSize.charAt(heapSize.length() - 1));
         if ((lastChar < '0' || lastChar > '9')) {
             lastCharacterIsDigit = false;
-            if (lastChar != 'k' && lastChar != 'm') {
+            if (lastChar != 'k' && lastChar != 'm' && lastChar != 'g') {
                 throw new ParseException(R("PBadHeapSize", heapSize));
             }
         }
@@ -149,7 +149,7 @@
             indexOfLastDigit = indexOfLastDigit - 1;
         }
 
-        String size = heapSize.substring(0, indexOfLastDigit);
+        String size = heapSize.substring(0, indexOfLastDigit+1);
         try {
             // check that the number is a number!
             Integer.valueOf(size);
diff --git a/tests/netx/unit/net/sourceforge/jnlp/JREDescTest.java b/tests/netx/unit/net/sourceforge/jnlp/JREDescTest.java
new file mode 100644
--- /dev/null
+++ b/tests/netx/unit/net/sourceforge/jnlp/JREDescTest.java
@@ -0,0 +1,76 @@
+/* JREDescTest.java
+   Copyright (C) 2014 Red Hat, Inc.
+
+This file is part of IcedTea.
+
+IcedTea is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+IcedTea is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with IcedTea; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version. */
+
+package net.sourceforge.jnlp;
+
+import org.junit.Test;
+
+public class JREDescTest {
+
+    @Test
+    public void testInitialHeapSize() throws ParseException {
+        new JREDesc(null, null, null, "1", null, null);
+        new JREDesc(null, null, null, "99999999", null, null);
+        new JREDesc(null, null, null, "1k", null, null);
+        new JREDesc(null, null, null, "1000k", null, null);
+        new JREDesc(null, null, null, "1K", null, null);
+        new JREDesc(null, null, null, "1000K", null, null);
+        new JREDesc(null, null, null, "1m", null, null);
+        new JREDesc(null, null, null, "1m", null, null);
+        new JREDesc(null, null, null, "1M", null, null);
+        new JREDesc(null, null, null, "1g", null, null);
+        new JREDesc(null, null, null, "1G", null, null);
+        new JREDesc(null, null, null, "10000G", null, null);
+    }
+
+
+    @Test
+    public void testMaximumHeapSize() throws ParseException {
+        new JREDesc(null, null, null, null, "1", null);
+        new JREDesc(null, null, null, null, "99999999", null);
+        new JREDesc(null, null, null, null, "1k", null);
+        new JREDesc(null, null, null, null, "1000k", null);
+        new JREDesc(null, null, null, null, "1K", null);
+        new JREDesc(null, null, null, null, "1000K", null);
+        new JREDesc(null, null, null, null, "1m", null);
+        new JREDesc(null, null, null, null, "1m", null);
+        new JREDesc(null, null, null, null, "1M", null);
+        new JREDesc(null, null, null, null, "1g", null);
+        new JREDesc(null, null, null, null, "1G", null);
+        new JREDesc(null, null, null, null, "10000G", null);
+    }
+}

From omajid at redhat.com  Fri Mar 28 22:23:03 2014
From: omajid at redhat.com (Omair Majid)
Date: Fri, 28 Mar 2014 18:23:03 -0400
Subject: [icedtea-web] RFC: Minor fixes to ALACA dialog
Message-ID: <20140328222303.GE2812@redhat.com>

Hi,

The attached patches does some minor tweaks to the ALACA dialog.

1. The word 'codebase' is removed. It seems redundant; the text reads
about as well without it.

2. The list of urls is now enclosed within a html unordered-list
element. Not enclosing it makes the parser think that the last list
element is not terminated and causes the text after the list ("Are you
sure...") to be indented.

I am also thinking of making more changes, but I would like some
feedback before doing those:

I would also like to reword the dialog some more to something like this:

'''
The application 'Foo' from 'Bar' uses resources from the following urls:
- http://example.com
- http://example.org

Are you sure you want to run this application?
'''

I am not sure the ALACA reference that is currently present is adding
any more information. It may not have any meaning to users.

Also, would it make more sense to change the "For more information"
links to read "Manifest Attributes" and "Preventing RIAs from Being
Repurposed" rather than the raw html links? At least for me, the links
are so wide that they do not fix in the dialog and get cut off.

Thoughts?

Thanks,
Omair

-- 
PGP Key: 66484681 (http://pgp.mit.edu/)
Fingerprint = F072 555B 0A17 3957 4E95  0056 F286 F14F 6648 4681
-------------- next part --------------
diff --git a/netx/net/sourceforge/jnlp/resources/Messages.properties b/netx/net/sourceforge/jnlp/resources/Messages.properties
--- a/netx/net/sourceforge/jnlp/resources/Messages.properties
+++ b/netx/net/sourceforge/jnlp/resources/Messages.properties
@@ -62,8 +62,8 @@
 
 # missing Application-Library-Allowable-Codebase dialogue
 ALACAMissingMainTitle=Application <span color='red'> {0} </span> \
-form codebase <span color='red'> {1} </span> is missing the  Application-Library-Allowable-Codebase attribute. \
-This application uses resources from the following remote locations:<br/> {2} Are you sure you want to run this application?
+from <span color='red'> {1} </span> is missing the  Application-Library-Allowable-Codebase attribute. \
+This application uses resources from the following remote locations: {2} Are you sure you want to run this application?
 ALACAMissingInfo=For more information you can visit:<br/>\
 <a href="http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#app_library"> \
 http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#app_library</a> <br/> \
diff --git a/netx/net/sourceforge/jnlp/util/UrlUtils.java b/netx/net/sourceforge/jnlp/util/UrlUtils.java
--- a/netx/net/sourceforge/jnlp/util/UrlUtils.java
+++ b/netx/net/sourceforge/jnlp/util/UrlUtils.java
@@ -195,9 +195,11 @@
      */
     public static String setOfUrlsToHtmlList(Iterable<URL> remoteUrls) {
         StringBuilder sb = new StringBuilder();
+        sb.append("<ul>");
         for (URL url : remoteUrls) {
             sb.append("<li>").append(url.toExternalForm()).append("</li>");
         }
+        sb.append("</ul>");
         return sb.toString();
     }
 

From bugzilla-daemon at icedtea.classpath.org  Sat Mar 29 05:26:46 2014
From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org)
Date: Sat, 29 Mar 2014 05:26:46 +0000
Subject: [Bug 1727] New: A fatal error has been detected by the Java Runtime
	Environment
Message-ID: <bug-1727-30@http.icedtea.classpath.org/bugzilla/>

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1727

            Bug ID: 1727
           Summary: A fatal error has been detected by the Java Runtime
                    Environment
           Product: MIPS Port
           Version: unspecified
          Hardware: x86_64
                OS: Linux
            Status: NEW
          Severity: enhancement
          Priority: P5
         Component: general
          Assignee: unassigned at icedtea.classpath.org
          Reporter: eduardomartins993 at hotmail.com

Created attachment 1060
  --> http://icedtea.classpath.org/bugzilla/attachment.cgi?id=1060&action=edit
Error when I try to compile a simple (Hello World) code!

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140329/c94fa158/attachment-0001.html>

From guillaume at alaux.net  Sun Mar 30 18:41:12 2014
From: guillaume at alaux.net (Guillaume Alaux)
Date: Sun, 30 Mar 2014 20:41:12 +0200
Subject: IcedTea for Java 8
In-Reply-To: <138136840.1167292.1395163951941.JavaMail.zimbra@redhat.com>
References: <CABwiNDvLVDtLFt1GKZ9Ue+Twp9f1Ndy+4WyGPNcN2CmAwgk9xQ@mail.gmail.com>
	<5328801F.2000409@zafena.se>
	<138136840.1167292.1395163951941.JavaMail.zimbra@redhat.com>
Message-ID: <CABAOfS92vRSufS9dQu1aSb9H-ram=1K7+6mAty+Huxg22DA5UQ@mail.gmail.com>

On 18 March 2014 18:32, Andrew Hughes <gnu.andrew at redhat.com> wrote:
> ----- Original Message -----
>> 2014-03-18 17:54, Naaman Newbold skrev:
>> > Pardon the interruption, but are there plans for IcedTea support for Java
>> > 8?
>>
>>
>> The following hg currently builds OpenJDK 8 using IcedTea 3.
>> http://icedtea.classpath.org/hg/icedtea/
>>
>> IcedTea 3 with OpenJDK 8 support is still unreleased.
>>
>> Cheers
>> Xerxes
>>
>
> Yes, we'll have a 3.0 release eventually, probably based on u20. Currently,
> 6 & 7 occupy most of our time as this is what people are actively using.
>
> We do plan to scale back 6 & 7 support soon to allow more resources for 8;
> more on this to come.
> --
> Andrew :)
>
> Free Java Software Engineer
> Red Hat, Inc. (http://www.redhat.com)
>
> PGP Key: 248BDC07 (https://keys.indymedia.org/)
> Fingerprint = EC5A 1F5E C0AD 1D15 8F1F  8F91 3B96 A578 248B DC07
>

Hello,

We are talking among Arch Linux devs as to what should be shipped in
our repos (if any) until the IcedTea 3.0 release you mention is out.
Do you have an idea of when this release could happen? I am definitely
not urging you of course! Just trying to plan things :)

Also, what is the "u20" you mentionned referring to? Because the
Makefile.am of the repository looks like this

OPENJDK_VERSION = b80
...
JDK_UPDATE_VERSION = $(shell echo $(OPENJDK_VERSION) | sed -e "s/^b//")

So if I read it correctly this would create a u80 build right? I may
be confusing update numbers.

[0] http://icedtea.classpath.org/hg/icedtea/

Thanks,

--
Guillaume

From gnu.andrew at redhat.com  Mon Mar 31 09:54:45 2014
From: gnu.andrew at redhat.com (Andrew Hughes)
Date: Mon, 31 Mar 2014 05:54:45 -0400 (EDT)
Subject: IcedTea for Java 8
In-Reply-To: <CABAOfS92vRSufS9dQu1aSb9H-ram=1K7+6mAty+Huxg22DA5UQ@mail.gmail.com>
References: <CABwiNDvLVDtLFt1GKZ9Ue+Twp9f1Ndy+4WyGPNcN2CmAwgk9xQ@mail.gmail.com>
	<5328801F.2000409@zafena.se>
	<138136840.1167292.1395163951941.JavaMail.zimbra@redhat.com>
	<CABAOfS92vRSufS9dQu1aSb9H-ram=1K7+6mAty+Huxg22DA5UQ@mail.gmail.com>
Message-ID: <1114588865.2800793.1396259685019.JavaMail.zimbra@redhat.com>

----- Original Message -----
> On 18 March 2014 18:32, Andrew Hughes <gnu.andrew at redhat.com> wrote:
> > ----- Original Message -----
> >> 2014-03-18 17:54, Naaman Newbold skrev:
> >> > Pardon the interruption, but are there plans for IcedTea support for
> >> > Java
> >> > 8?
> >>
> >>
> >> The following hg currently builds OpenJDK 8 using IcedTea 3.
> >> http://icedtea.classpath.org/hg/icedtea/
> >>
> >> IcedTea 3 with OpenJDK 8 support is still unreleased.
> >>
> >> Cheers
> >> Xerxes
> >>
> >
> > Yes, we'll have a 3.0 release eventually, probably based on u20. Currently,
> > 6 & 7 occupy most of our time as this is what people are actively using.
> >
> > We do plan to scale back 6 & 7 support soon to allow more resources for 8;
> > more on this to come.
> > --
> > Andrew :)
> >
> > Free Java Software Engineer
> > Red Hat, Inc. (http://www.redhat.com)
> >
> > PGP Key: 248BDC07 (https://keys.indymedia.org/)
> > Fingerprint = EC5A 1F5E C0AD 1D15 8F1F  8F91 3B96 A578 248B DC07
> >
> 
> Hello,
> 
> We are talking among Arch Linux devs as to what should be shipped in
> our repos (if any) until the IcedTea 3.0 release you mention is out.
> Do you have an idea of when this release could happen? I am definitely
> not urging you of course! Just trying to plan things :)
> 

Hopefully in the next month. It depends how involved the security errata
is next month.

> Also, what is the "u20" you mentionned referring to? Because the
> Makefile.am of the repository looks like this
> 
> OPENJDK_VERSION = b80
> ...
> JDK_UPDATE_VERSION = $(shell echo $(OPENJDK_VERSION) | sed -e "s/^b//")
> 
> So if I read it correctly this would create a u80 build right? I may
> be confusing update numbers.

That's b80 (build 80) of u00 (update 0). Oracle seem to now be on b05 of u20:

http://hg.openjdk.java.net/jdk8u/jdk8u

Basically, there doesn't seem much point targetting something that's already
been and gone, so we'll aim for the next update.

I agree Oracle's version numbers are very confusing :)
It's why we keep we a traditional 3.0, 3.1, 3.2, etc.

> 
> [0] http://icedtea.classpath.org/hg/icedtea/
> 
> Thanks,
> 
> --
> Guillaume
> 

-- 
Andrew :)

Free Java Software Engineer
Red Hat, Inc. (http://www.redhat.com)

PGP Key: 248BDC07 (https://keys.indymedia.org/)
Fingerprint = EC5A 1F5E C0AD 1D15 8F1F  8F91 3B96 A578 248B DC07


From guillaume at alaux.net  Mon Mar 31 11:33:21 2014
From: guillaume at alaux.net (Guillaume Alaux)
Date: Mon, 31 Mar 2014 13:33:21 +0200
Subject: IcedTea for Java 8
In-Reply-To: <1114588865.2800793.1396259685019.JavaMail.zimbra@redhat.com>
References: <CABwiNDvLVDtLFt1GKZ9Ue+Twp9f1Ndy+4WyGPNcN2CmAwgk9xQ@mail.gmail.com>
	<5328801F.2000409@zafena.se>
	<138136840.1167292.1395163951941.JavaMail.zimbra@redhat.com>
	<CABAOfS92vRSufS9dQu1aSb9H-ram=1K7+6mAty+Huxg22DA5UQ@mail.gmail.com>
	<1114588865.2800793.1396259685019.JavaMail.zimbra@redhat.com>
Message-ID: <CABAOfS83CLy_YuDcNYrsaMXiEHX92tFT+qM3Ddr29ux0iAFFjg@mail.gmail.com>

On 31 March 2014 11:54, Andrew Hughes <gnu.andrew at redhat.com> wrote:
> ----- Original Message -----
>> On 18 March 2014 18:32, Andrew Hughes <gnu.andrew at redhat.com> wrote:
>> > ----- Original Message -----
>> >> 2014-03-18 17:54, Naaman Newbold skrev:
>> >> > Pardon the interruption, but are there plans for IcedTea support for
>> >> > Java
>> >> > 8?
>> >>
>> >>
>> >> The following hg currently builds OpenJDK 8 using IcedTea 3.
>> >> http://icedtea.classpath.org/hg/icedtea/
>> >>
>> >> IcedTea 3 with OpenJDK 8 support is still unreleased.
>> >>
>> >> Cheers
>> >> Xerxes
>> >>
>> >
>> > Yes, we'll have a 3.0 release eventually, probably based on u20. Currently,
>> > 6 & 7 occupy most of our time as this is what people are actively using.
>> >
>> > We do plan to scale back 6 & 7 support soon to allow more resources for 8;
>> > more on this to come.
>> > --
>> > Andrew :)
>> >
>> > Free Java Software Engineer
>> > Red Hat, Inc. (http://www.redhat.com)
>> >
>> > PGP Key: 248BDC07 (https://keys.indymedia.org/)
>> > Fingerprint = EC5A 1F5E C0AD 1D15 8F1F  8F91 3B96 A578 248B DC07
>> >
>>
>> Hello,
>>
>> We are talking among Arch Linux devs as to what should be shipped in
>> our repos (if any) until the IcedTea 3.0 release you mention is out.
>> Do you have an idea of when this release could happen? I am definitely
>> not urging you of course! Just trying to plan things :)
>>
>
> Hopefully in the next month. It depends how involved the security errata
> is next month.
>
>> Also, what is the "u20" you mentionned referring to? Because the
>> Makefile.am of the repository looks like this
>>
>> OPENJDK_VERSION = b80
>> ...
>> JDK_UPDATE_VERSION = $(shell echo $(OPENJDK_VERSION) | sed -e "s/^b//")
>>
>> So if I read it correctly this would create a u80 build right? I may
>> be confusing update numbers.
>
> That's b80 (build 80) of u00 (update 0). Oracle seem to now be on b05 of u20:
>
> http://hg.openjdk.java.net/jdk8u/jdk8u
>
> Basically, there doesn't seem much point targetting something that's already
> been and gone, so we'll aim for the next update.
>
> I agree Oracle's version numbers are very confusing :)
> It's why we keep we a traditional 3.0, 3.1, 3.2, etc.
>
>>
>> [0] http://icedtea.classpath.org/hg/icedtea/
>>
>> Thanks,
>>
>> --
>> Guillaume
>>
>
> --
> Andrew :)
>
> Free Java Software Engineer
> Red Hat, Inc. (http://www.redhat.com)
>
> PGP Key: 248BDC07 (https://keys.indymedia.org/)
> Fingerprint = EC5A 1F5E C0AD 1D15 8F1F  8F91 3B96 A578 248B DC07
>

Great, thank you very much for these clarifications.

--
Guillaume

From jvanek at redhat.com  Mon Mar 31 12:48:31 2014
From: jvanek at redhat.com (Jiri Vanek)
Date: Mon, 31 Mar 2014 14:48:31 +0200
Subject: [icedtea-web] RFC: Use AC_LANG_SOURCE macros
In-Reply-To: <20140328174956.GA2812@redhat.com>
References: <20140328174956.GA2812@redhat.com>
Message-ID: <5339641F.7090101@redhat.com>

On 03/28/2014 06:49 PM, Omair Majid wrote:
> Hi,
>
> I just tried to build a fresh clone of icedtea-web and got a few scary
> warnings on running autogen.sh:
>
>    configure.ac:89: warning: AC_LANG_CONFTEST: no AC_LANG_SOURCE call detected in body
>    ../../lib/autoconf/lang.m4:193: AC_LANG_CONFTEST is expanded from...
>    ../../lib/autoconf/general.m4:2590: _AC_COMPILE_IFELSE is expanded from...
>    ../../lib/autoconf/general.m4:2606: AC_COMPILE_IFELSE is expanded from...
>    acinclude.m4:523: IT_CHECK_XULRUNNER_MIMEDESCRIPTION_CONSTCHAR is expanded from...
>    configure.ac:89: the top level
>
> The attached patch fixes the warning by wrapping the code in an
> AC_LANG_SOURCE macro.
>
> Thanks,
> Omair
>


If you check  , you will see that I'm aware of it :)
I was afraid to fix it for 1.5 because I was not able to find, when ac_lang_source appeared in 
autotools. I was afraid to break some older systems where ITW can appear. Today I made a bit more 
careful  seacrh, and acoridng to 
http://git.savannah.gnu.org/gitweb/?p=autoconf.git;a=blob;f=ChangeLog.2;h=f5be7d87bb8d9e9d9d6ffdbb9a044f1a6a722fb0;hb=HEAD#l6407 
this macro is older then year 2000 so it should be ok to go.

It is funny that those two wrong macros generated 20lines of warnings :))
Thank you for forcing me to verify!


From jvanek at redhat.com  Mon Mar 31 13:33:53 2014
From: jvanek at redhat.com (Jiri Vanek)
Date: Mon, 31 Mar 2014 15:33:53 +0200
Subject: [icedtea-web] RFC: Handle a requested heap size of '1g'
In-Reply-To: <20140328214422.GD2812@redhat.com>
References: <20140328214422.GD2812@redhat.com>
Message-ID: <53396EC1.1090102@redhat.com>

On 03/28/2014 10:44 PM, Omair Majid wrote:
> Hi,
>
> I just ran across this jnlp file: http://atlaslivecasino.net/casino_game.jnlp
>
> This fails to work with HEAD because the application asks for a heap
> size of '1G'. This is not a regression.
>
> The attached patch fixes it.
>
> Thanks,
> Omair
>

What about t and T ? O:)

I do not wont to be nitpicker, but I think this code desreves a bit more refactoring>

Eg the one attached?

Feel free to push anyone you like more.

ps: please jsut keep the  JREDesc a =  in tests. It removed NB  warning.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: heap-size-bug2.patch
Type: text/x-patch
Size: 7425 bytes
Desc: not available
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140331/77b54eeb/heap-size-bug2.patch>

From omajid at redhat.com  Mon Mar 31 13:34:33 2014
From: omajid at redhat.com (Omair Majid)
Date: Mon, 31 Mar 2014 09:34:33 -0400
Subject: [icedtea-web] RFC: Use AC_LANG_SOURCE macros
In-Reply-To: <5339641F.7090101@redhat.com>
References: <20140328174956.GA2812@redhat.com>
 <5339641F.7090101@redhat.com>
Message-ID: <20140331133433.GA2669@redhat.com>

Hi Jiri,

* Jiri Vanek <jvanek at redhat.com> [2014-03-31 08:48]:
> On 03/28/2014 06:49 PM, Omair Majid wrote:
> >The attached patch fixes the warning by wrapping the code in an
> >AC_LANG_SOURCE macro.
> 
> If you check  , you will see that I'm aware of it :)

Whoops, I must have missed that.

> I was afraid to fix it for 1.5 because I was not able to find, when
> ac_lang_source appeared in autotools. I was afraid to break some
> older systems where ITW can appear.

That's certainly a good reason.

It's a little incorrect, though. The configure.ac to configure
conversion is done by the maintainer (you) on your local machine on
release. The icedtea-web release tarball will contain a generated
configure script. This configure script is sufficient for use by
everyone building icedtea-web from the release tarball. There should be
no need for anyone to process configure.ac locally. Even if
AC_LANG_SOURCE was a new thing, it wouldn't matter.

Thanks,
Omair

-- 
PGP Key: 66484681 (http://pgp.mit.edu/)
Fingerprint = F072 555B 0A17 3957 4E95  0056 F286 F14F 6648 4681

From aazores at redhat.com  Mon Mar 31 13:41:56 2014
From: aazores at redhat.com (Andrew Azores)
Date: Mon, 31 Mar 2014 09:41:56 -0400
Subject: [icedtea-web] RFC: Handle a requested heap size of '1g'
In-Reply-To: <53396EC1.1090102@redhat.com>
References: <20140328214422.GD2812@redhat.com> <53396EC1.1090102@redhat.com>
Message-ID: <533970A4.9030102@redhat.com>

On 03/31/2014 09:33 AM, Jiri Vanek wrote:
> On 03/28/2014 10:44 PM, Omair Majid wrote:
>> Hi,
>>
>> I just ran across this jnlp file: 
>> http://atlaslivecasino.net/casino_game.jnlp
>>
>> This fails to work with HEAD because the application asks for a heap
>> size of '1G'. This is not a regression.
>>
>> The attached patch fixes it.
>>
>> Thanks,
>> Omair
>>
>
> What about t and T ? O:)
>
> I do not wont to be nitpicker, but I think this code desreves a bit 
> more refactoring>
>
> Eg the one attached?
>
> Feel free to push anyone you like more.
>
> ps: please jsut keep the  JREDesc a =  in tests. It removed NB warning.

I like the regexes better as well, although to nitpick, couldn't "{0,1}" 
be replaced by "?" ;) the regex pattern could also be stored as a 
constant and unit tested on its own as well, rather than changing the 
visibility of this method.

Just some suggestions, I'm happy enough with the original patch.

Thanks,

-- 
Andrew A


From jvanek at redhat.com  Mon Mar 31 13:46:37 2014
From: jvanek at redhat.com (Jiri Vanek)
Date: Mon, 31 Mar 2014 15:46:37 +0200
Subject: [icedtea-web] RFC: Use AC_LANG_SOURCE macros
In-Reply-To: <20140331133433.GA2669@redhat.com>
References: <20140328174956.GA2812@redhat.com> <5339641F.7090101@redhat.com>
	<20140331133433.GA2669@redhat.com>
Message-ID: <533971BD.3020300@redhat.com>

On 03/31/2014 03:34 PM, Omair Majid wrote:
> Hi Jiri,
>
> * Jiri Vanek <jvanek at redhat.com> [2014-03-31 08:48]:
>> On 03/28/2014 06:49 PM, Omair Majid wrote:
>>> The attached patch fixes the warning by wrapping the code in an
>>> AC_LANG_SOURCE macro.
>>
>> If you check  , you will see that I'm aware of it :)
>
> Whoops, I must have missed that.

Forgot to add the url:
http://icedtea.classpath.org/wiki/IcedTea-Web#IcedTea-Web_1.6_.28pre.29

>
>> I was afraid to fix it for 1.5 because I was not able to find, when
>> ac_lang_source appeared in autotools. I was afraid to break some
>> older systems where ITW can appear.
>
> That's certainly a good reason.
>
> It's a little incorrect, though. The configure.ac to configure
> conversion is done by the maintainer (you) on your local machine on
> release. The icedtea-web release tarball will contain a generated
> configure script. This configure script is sufficient for use by
> everyone building icedtea-web from the release tarball. There should be
> no need for anyone to process configure.ac locally. Even if
> AC_LANG_SOURCE was a new thing, it wouldn't matter.

Even better:)

..but - arm and ppc folk seems to be requiring autoreconf.  to be added back to ITW spec file ;(

=> it will affect. Or not?

J.

From jvanek at redhat.com  Mon Mar 31 13:47:50 2014
From: jvanek at redhat.com (Jiri Vanek)
Date: Mon, 31 Mar 2014 15:47:50 +0200
Subject: [icedtea-web] RFC: Handle a requested heap size of '1g'
In-Reply-To: <533970A4.9030102@redhat.com>
References: <20140328214422.GD2812@redhat.com> <53396EC1.1090102@redhat.com>
	<533970A4.9030102@redhat.com>
Message-ID: <53397206.5060106@redhat.com>

On 03/31/2014 03:41 PM, Andrew Azores wrote:
> On 03/31/2014 09:33 AM, Jiri Vanek wrote:
>> On 03/28/2014 10:44 PM, Omair Majid wrote:
>>> Hi,
>>>
>>> I just ran across this jnlp file: http://atlaslivecasino.net/casino_game.jnlp
>>>
>>> This fails to work with HEAD because the application asks for a heap
>>> size of '1G'. This is not a regression.
>>>
>>> The attached patch fixes it.
>>>
>>> Thanks,
>>> Omair
>>>
>>
>> What about t and T ? O:)
>>
>> I do not wont to be nitpicker, but I think this code desreves a bit more refactoring>
>>
>> Eg the one attached?
>>
>> Feel free to push anyone you like more.
>>
>> ps: please jsut keep the  JREDesc a =  in tests. It removed NB warning.
>
> I like the regexes better as well, although to nitpick, couldn't "{0,1}" be replaced by "?" ;) the


crap :))) Sure. I will include it in patch If omari HAve nathing against regex.

> regex pattern could also be stored as a constant and unit tested on its own as well, rather than
> changing the visibility of this method.
>
> Just some suggestions, I'm happy enough with the original patch.
>
> Thanks,
>


From omajid at redhat.com  Mon Mar 31 13:48:22 2014
From: omajid at redhat.com (Omair Majid)
Date: Mon, 31 Mar 2014 09:48:22 -0400
Subject: [icedtea-web] RFC: Handle a requested heap size of '1g'
In-Reply-To: <53396EC1.1090102@redhat.com>
References: <20140328214422.GD2812@redhat.com>
 <53396EC1.1090102@redhat.com>
Message-ID: <20140331134822.GB2669@redhat.com>

* Jiri Vanek <jvanek at redhat.com> [2014-03-31 09:33]:
> On 03/28/2014 10:44 PM, Omair Majid wrote:
> >I just ran across this jnlp file: http://atlaslivecasino.net/casino_game.jnlp
> >
> >This fails to work with HEAD because the application asks for a heap
> >size of '1G'. This is not a regression.
> 
> What about t and T ? O:)

The man page for java suggests the valid options are: k/K/m/M/g/G.

> I do not wont to be nitpicker, but I think this code desreves a bit more refactoring>
> 
> Eg the one attached?

Sure, this looks even better!

> Feel free to push anyone you like more.

I don't feel appropriate taking credit for the much nicer patch you
wrote. Unless there is a strong reason to, please call yourself the
author :)

> ps: please jsut keep the  JREDesc a =  in tests. It removed NB  warning.

Ugh. Really?

> +++ b/netx/net/sourceforge/jnlp/JREDesc.java	Mon Mar 31 15:32:48 2014 +0200

> +        //0 or 0k/m/g is still valid as it was

Please remove this line/comment ^

> +        String heapSizeLower = heapSize.toLowerCase();
> +        boolean match = heapSizeLower.matches("\\s*\\d+[kmgtp]{0,1}\\s*");

'?' is the same as '{0,1}', right? Would that be cleaner to use?

If we are accepting leading or trailing spaces here, are we passing
those to the JVM too? Maybe we should trim leading/trailing spaces
before storing the sizes?

> +++ b/tests/netx/unit/net/sourceforge/jnlp/JREDescTest.java	Mon Mar 31 15:32:48 2014 +0200

> +        JREDesc a = new JREDesc(null, null, null, "1", null, null);

> +        JREDesc.checkHeapSize("10");

These two lines are doing pretty much exactly the same thing, but two
different ways. I think the tests should check the heap size in the same
way everywhere. Either through JREDesc.checkHeapSize everywhere or
through the constructor everywhere. Is there a benefit to mixing both?

Thanks,
Omair

-- 
PGP Key: 66484681 (http://pgp.mit.edu/)
Fingerprint = F072 555B 0A17 3957 4E95  0056 F286 F14F 6648 4681

From jvanek at redhat.com  Mon Mar 31 13:53:20 2014
From: jvanek at redhat.com (Jiri Vanek)
Date: Mon, 31 Mar 2014 15:53:20 +0200
Subject: [icedtea-web] RFC: Minor fixes to ALACA dialog
In-Reply-To: <20140328222303.GE2812@redhat.com>
References: <20140328222303.GE2812@redhat.com>
Message-ID: <53397350.7030001@redhat.com>

On 03/28/2014 11:23 PM, Omair Majid wrote:
> Hi,
>
> The attached patches does some minor tweaks to the ALACA dialog.
>
> 1. The word 'codebase' is removed. It seems redundant; the text reads
> about as well without it.
>
> 2. The list of urls is now enclosed within a html unordered-list
> element. Not enclosing it makes the parser think that the last list
> element is not terminated and causes the text after the list ("Are you
> sure...") to be indented.
>
> I am also thinking of making more changes, but I would like some
> feedback before doing those:
>
> I would also like to reword the dialog some more to something like this:
>
> '''
> The application 'Foo' from 'Bar' uses resources from the following urls:
> - http://example.com
> - http://example.org
>
> Are you sure you want to run this application?
> '''
>
> I am not sure the ALACA reference that is currently present is adding
> any more information. It may not have any meaning to users.
>
> Also, would it make more sense to change the "For more information"
> links to read "Manifest Attributes" and "Preventing RIAs from Being
> Repurposed" rather than the raw html links? At least for me, the links
> are so wide that they do not fix in the dialog and get cut off.
>
> Thoughts?
>
> Thanks,
> Omair
>


Yes. This is ok to go. Also I'm for the compression  of  info attribute. I think it is more wide 
spread. Then jsut in alaca.

Feel free to incclude, do as another changeset or keep it as leftover.

If it will be fixced, I will adapt the CZ tranlastion accrodingly.
J.




From jvanek at redhat.com  Mon Mar 31 14:08:35 2014
From: jvanek at redhat.com (Jiri Vanek)
Date: Mon, 31 Mar 2014 16:08:35 +0200
Subject: [icedtea-web] RFC: Handle a requested heap size of '1g'
In-Reply-To: <20140331134822.GB2669@redhat.com>
References: <20140328214422.GD2812@redhat.com> <53396EC1.1090102@redhat.com>
	<20140331134822.GB2669@redhat.com>
Message-ID: <533976E3.7030909@redhat.com>

On 03/31/2014 03:48 PM, Omair Majid wrote:
> * Jiri Vanek <jvanek at redhat.com> [2014-03-31 09:33]:
>> On 03/28/2014 10:44 PM, Omair Majid wrote:
>>> I just ran across this jnlp file: http://atlaslivecasino.net/casino_game.jnlp
>>>
>>> This fails to work with HEAD because the application asks for a heap
>>> size of '1G'. This is not a regression.
>>
>> What about t and T ? O:)
>
> The man page for java suggests the valid options are: k/K/m/M/g/G.
>
>> I do not wont to be nitpicker, but I think this code desreves a bit more refactoring>
>>
>> Eg the one attached?
>
> Sure, this looks even better!
>
>> Feel free to push anyone you like more.
>
> I don't feel appropriate taking credit for the much nicer patch you
> wrote. Unless there is a strong reason to, please call yourself the
> author :)
>
>> ps: please jsut keep the  JREDesc a =  in tests. It removed NB  warning.
>
> Ugh. Really?
>
>> +++ b/netx/net/sourceforge/jnlp/JREDesc.java	Mon Mar 31 15:32:48 2014 +0200
>
>> +        //0 or 0k/m/g is still valid as it was
>
> Please remove this line/comment ^
>
>> +        String heapSizeLower = heapSize.toLowerCase();
>> +        boolean match = heapSizeLower.matches("\\s*\\d+[kmgtp]{0,1}\\s*");
>
> '?' is the same as '{0,1}', right? Would that be cleaner to use?
>
> If we are accepting leading or trailing spaces here, are we passing
> those to the JVM too? Maybe we should trim leading/trailing spaces
> before storing the sizes?
>
>> +++ b/tests/netx/unit/net/sourceforge/jnlp/JREDescTest.java	Mon Mar 31 15:32:48 2014 +0200
>
>> +        JREDesc a = new JREDesc(null, null, null, "1", null, null);
>
>> +        JREDesc.checkHeapSize("10");
>
> These two lines are doing pretty much exactly the same thing, but two
> different ways. I think the tests should check the heap size in the same
> way everywhere. Either through JREDesc.checkHeapSize everywhere or
> through the constructor everywhere. Is there a benefit to mixing both?


I think you will see the benefit in this a bitmore refactored version.

Rest fixed.

Ok to go?
>
> Thanks,
> Omair
>

-------------- next part --------------
A non-text attachment was scrubbed...
Name: heap-size-bug3.patch
Type: text/x-patch
Size: 9121 bytes
Desc: not available
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140331/e280bfe0/heap-size-bug3-0001.patch>

From omajid at redhat.com  Mon Mar 31 14:11:04 2014
From: omajid at redhat.com (Omair Majid)
Date: Mon, 31 Mar 2014 10:11:04 -0400
Subject: [icedtea-web] RFC: Use AC_LANG_SOURCE macros
In-Reply-To: <533971BD.3020300@redhat.com>
References: <20140328174956.GA2812@redhat.com> <5339641F.7090101@redhat.com>
	<20140331133433.GA2669@redhat.com> <533971BD.3020300@redhat.com>
Message-ID: <20140331141104.GC2669@redhat.com>

* Jiri Vanek <jvanek at redhat.com> [2014-03-31 09:46]:
> On 03/31/2014 03:34 PM, Omair Majid wrote:
> ..but - arm and ppc folk seems to be requiring autoreconf.

Hmm.. I hadn't considered this case.

I think the simplest thing to do here is to assume these platforms have
new-ish versions of autotools. If the versions are too old that they
don't have those macros, then it's better to patch the build on just
those platforms specifically rather than ignoring a warning (which could
indicate that we are doing something very wrong with our macros).

Thanks,
Omair

-- 
PGP Key: 66484681 (http://pgp.mit.edu/)
Fingerprint = F072 555B 0A17 3957 4E95  0056 F286 F14F 6648 4681

From jvanek at redhat.com  Mon Mar 31 14:11:50 2014
From: jvanek at redhat.com (Jiri Vanek)
Date: Mon, 31 Mar 2014 16:11:50 +0200
Subject: Upcoming release of icedtea-web 1.5
In-Reply-To: <5319C1EF.2020801@redhat.com>
References: <5319C1EF.2020801@redhat.com>
Message-ID: <533977A6.1040809@redhat.com>

On 03/07/2014 01:56 PM, Jiri Vanek wrote:
> Hi All!
>
> I would like to announce, that  deadline for icedtea-web 1.5 to be released should match start of
> April. 1st April sounds good, doesn't it ?-)  But Few days later should be still ok.
>
> Please count with head branch freezing  in last week before release  - an week for testing - so
> pushes in this week will be only for for translation files  and regression fixes.
> According to my knowledge 1.5 is healthy now. Also I'm  continually pushing it alive into
> fedora-rawhide. And well, no one complains :)
>
> Also please note I will be  off  17-19.3.
>
> The reason for  start of April is that 16.4 is Oracle CPU. This my cause another month of delay,
> which would be unbearable.
>
> Thank you for understanding.
>
>
> J

Hi! Please consider Head as frozen (except patches on review, Release blockers and translations. 
Many tests have been done during weekend, and except two regressions we are good to go.

Cross the fingers for us!
J.

From jvanek at redhat.com  Mon Mar 31 14:12:42 2014
From: jvanek at redhat.com (Jiri Vanek)
Date: Mon, 31 Mar 2014 16:12:42 +0200
Subject: [icedtea-web] RFC: Use AC_LANG_SOURCE macros
In-Reply-To: <20140331141104.GC2669@redhat.com>
References: <20140328174956.GA2812@redhat.com> <5339641F.7090101@redhat.com>
	<20140331133433.GA2669@redhat.com> <533971BD.3020300@redhat.com>
	<20140331141104.GC2669@redhat.com>
Message-ID: <533977DA.9090508@redhat.com>

On 03/31/2014 04:11 PM, Omair Majid wrote:
> * Jiri Vanek <jvanek at redhat.com> [2014-03-31 09:46]:
>> On 03/31/2014 03:34 PM, Omair Majid wrote:
>> ..but - arm and ppc folk seems to be requiring autoreconf.
>
> Hmm.. I hadn't considered this case.
>
> I think the simplest thing to do here is to assume these platforms have
> new-ish versions of autotools. If the versions are too old that they
> don't have those macros, then it's better to patch the build on just
> those platforms specifically rather than ignoring a warning (which could
> indicate that we are doing something very wrong with our macros).
>
> Thanks,
> Omair
>

Ok to push then :)

tbh - I was a bit ashamed to release ITW with this warnigs but was not brave enough :(

J.

From omajid at redhat.com  Mon Mar 31 14:32:45 2014
From: omajid at redhat.com (Omair Majid)
Date: Mon, 31 Mar 2014 10:32:45 -0400
Subject: [icedtea-web] RFC: Handle a requested heap size of '1g'
In-Reply-To: <533976E3.7030909@redhat.com>
References: <20140328214422.GD2812@redhat.com> <53396EC1.1090102@redhat.com>
	<20140331134822.GB2669@redhat.com> <533976E3.7030909@redhat.com>
Message-ID: <20140331143244.GD2669@redhat.com>

* Jiri Vanek <jvanek at redhat.com> [2014-03-31 10:08]:
> I think you will see the benefit in this a bitmore refactored version.

> +        this.initialHeapSize = checkHeapSize(initialHeapSize);
> +        this.maximumHeapSize = checkHeapSize(maximumHeapSize);

I like this change, a lot.

> +++ b/tests/netx/unit/net/sourceforge/jnlp/JREDescTest.java	Mon Mar 31 16:06:59 2014 +0200

> +        JREDesc a = new JREDesc(null, null, null, null, null, null);

> +        s = JREDesc.checkHeapSize("1 ");
> +        Assert.assertEquals("1", s);

For the record, I think there is quite a lot of duplication between
these tests.

IMHO, it would be better to test the public methods of this class
(Constructor and .getMaximumHeapSize()) and treat checkHeapSize as an
internal implementation detail. We should get the same test coverage
either way (and at the boundary that we care about).

Thanks,
Omair

-- 
PGP Key: 66484681 (http://pgp.mit.edu/)
Fingerprint = F072 555B 0A17 3957 4E95  0056 F286 F14F 6648 4681

From jvanek at icedtea.classpath.org  Mon Mar 31 14:37:38 2014
From: jvanek at icedtea.classpath.org (jvanek at icedtea.classpath.org)
Date: Mon, 31 Mar 2014 14:37:38 +0000
Subject: /hg/icedtea-web: Refactored check of heap space. Now recognize g...
Message-ID: <hg.cfe6aca11b12.1396276658.8643924302249223276@icedtea.classpath.org>

changeset cfe6aca11b12 in /hg/icedtea-web
details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=cfe6aca11b12
author: Jiri Vanek <jvanek at redhat.com>
date: Mon Mar 31 16:37:23 2014 +0200

	Refactored check of heap space. Now recognize g/G and is based on regex


diffstat:

 ChangeLog                                             |   10 +
 netx/net/sourceforge/jnlp/JREDesc.java                |   47 ++---
 tests/netx/unit/net/sourceforge/jnlp/JREDescTest.java |  146 ++++++++++++++++++
 3 files changed, 174 insertions(+), 29 deletions(-)

diffs (251 lines):

diff -r 8417559b6a12 -r cfe6aca11b12 ChangeLog
--- a/ChangeLog	Thu Mar 27 11:16:58 2014 -0400
+++ b/ChangeLog	Mon Mar 31 16:37:23 2014 +0200
@@ -1,3 +1,13 @@
+2014-03-31  Jiri Vanek  <jvanek at redhat.com>
+
+	Refactored check of heap space. Now recognize g/G and is based on regex
+	* netx/net/sourceforge/jnlp/JREDesc.java: Added (heapPattern) constant.
+	(checkHeapSize) now returns trimmed string and its logic is matching the
+	heapPattern instead compelx structure. (init) set result of checkHeapSize
+	as initialHeapSize and maximumHeapSize.
+	* tests/netx/unit/net/sourceforge/jnlp/JREDescTest.java: tests for (checkHeapSize)
+	and (init) of JREDesc.
+	
 2014-03-27  Andrew Azores  <aazores at redhat.com>
 
 	Fix NPE when trying to open a new file, with changes made, and wanting to
diff -r 8417559b6a12 -r cfe6aca11b12 netx/net/sourceforge/jnlp/JREDesc.java
--- a/netx/net/sourceforge/jnlp/JREDesc.java	Thu Mar 27 11:16:58 2014 -0400
+++ b/netx/net/sourceforge/jnlp/JREDesc.java	Mon Mar 31 16:37:23 2014 +0200
@@ -20,6 +20,8 @@
 
 import java.net.*;
 import java.util.*;
+import java.util.regex.Matcher;
+import java.util.regex.Pattern;
 
 /**
  * The J2SE/Java element.
@@ -28,6 +30,8 @@
  * @version $Revision: 1.5 $
  */
 public class JREDesc {
+    
+    private static final Pattern heapPattern= Pattern.compile("\\d+[kmg]?");
 
     /** the platform version or the product version if location is not null */
     final private Version version;
@@ -63,10 +67,8 @@
         this.version = version;
         this.location = location;
         this.vmArgs = vmArgs;
-        checkHeapSize(initialHeapSize);
-        this.initialHeapSize = initialHeapSize;
-        checkHeapSize(maximumHeapSize);
-        this.maximumHeapSize = maximumHeapSize;
+        this.initialHeapSize = checkHeapSize(initialHeapSize);
+        this.maximumHeapSize = checkHeapSize(maximumHeapSize);
         this.resources = resources;
     }
 
@@ -126,37 +128,24 @@
 
     /**
      * Check for valid heap size string
+     * @return trimed heapSize if correct
      * @throws ParseException if heapSize is invalid
      */
-    static private void checkHeapSize(String heapSize) throws ParseException {
+    static String checkHeapSize(String heapSize) throws ParseException {
         // need to implement for completeness even though not used in netx
         if (heapSize == null) {
-            return;
+            return null;
         }
-
-        boolean lastCharacterIsDigit = true;
-        // the last character must be 0-9 or k/K/m/M
-        char lastChar = Character.toLowerCase(heapSize.charAt(heapSize.length() - 1));
-        if ((lastChar < '0' || lastChar > '9')) {
-            lastCharacterIsDigit = false;
-            if (lastChar != 'k' && lastChar != 'm') {
-                throw new ParseException(R("PBadHeapSize", heapSize));
-            }
+        heapSize = heapSize.trim();
+        // the last character must be 0-9 or k/K/m/M/g/G
+        //0 or 0k/m/g is also accepted value
+        String heapSizeLower = heapSize.toLowerCase();
+        Matcher heapMatcher = heapPattern.matcher(heapSizeLower);
+        if (!heapMatcher.matches()) {
+            throw new ParseException(R("PBadHeapSize", heapSize));
         }
-
-        int indexOfLastDigit = heapSize.length() - 1;
-        if (!lastCharacterIsDigit) {
-            indexOfLastDigit = indexOfLastDigit - 1;
-        }
-
-        String size = heapSize.substring(0, indexOfLastDigit);
-        try {
-            // check that the number is a number!
-            Integer.valueOf(size);
-        } catch (NumberFormatException numberFormat) {
-            throw new ParseException(R("PBadHeapSize", heapSize), numberFormat);
-        }
-
+        return heapSize;
+        
     }
 
 }
diff -r 8417559b6a12 -r cfe6aca11b12 tests/netx/unit/net/sourceforge/jnlp/JREDescTest.java
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/tests/netx/unit/net/sourceforge/jnlp/JREDescTest.java	Mon Mar 31 16:37:23 2014 +0200
@@ -0,0 +1,146 @@
+/* 
+ Copyright (C) 2014 Red Hat, Inc.
+
+ This file is part of IcedTea.
+
+ IcedTea is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2, or (at your option)
+ any later version.
+
+ IcedTea is distributed in the hope that it will be useful, but
+ WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with IcedTea; see the file COPYING.  If not, write to the
+ Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ 02110-1301 USA.
+
+ Linking this library statically or dynamically with other modules is
+ making a combined work based on this library.  Thus, the terms and
+ conditions of the GNU General Public License cover the whole
+ combination.
+
+ As a special exception, the copyright holders of this library give you
+ permission to link this library with independent modules to produce an
+ executable, regardless of the license terms of these independent
+ modules, and to copy and distribute the resulting executable under
+ terms of your choice, provided that you also meet, for each linked
+ independent module, the terms and conditions of the license of that
+ module.  An independent module is a module which is not derived from
+ or based on this library.  If you modify this library, you may extend
+ this exception to your version of the library, but you are not
+ obligated to do so.  If you do not wish to do so, delete this
+ exception statement from your version. */
+package net.sourceforge.jnlp;
+
+import org.junit.Assert;
+import org.junit.Test;
+
+public class JREDescTest {
+
+    @Test
+    public void testNulls() throws ParseException {
+        JREDesc a = new JREDesc(null, null, null, null, null, null);
+    }
+
+    @Test
+    public void testInitialHeapSize() throws ParseException {
+        JREDesc a = new JREDesc(null, null, null, "1", null, null);
+        a = new JREDesc(null, null, null, "99999999", null, null);
+        a = new JREDesc(null, null, null, "1k", null, null);
+        a = new JREDesc(null, null, null, "1000k", null, null);
+        a = new JREDesc(null, null, null, "1K", null, null);
+        a = new JREDesc(null, null, null, "1000K", null, null);
+        a = new JREDesc(null, null, null, "1m", null, null);
+        a = new JREDesc(null, null, null, "1m", null, null);
+        a = new JREDesc(null, null, null, "1M", null, null);
+        a = new JREDesc(null, null, null, "1g", null, null);
+        a = new JREDesc(null, null, null, "1G", null, null);
+        a = new JREDesc(null, null, null, "10000G", null, null);
+    }
+
+    @Test
+    public void testMaximumHeapSize() throws ParseException {
+        JREDesc a = new JREDesc(null, null, null, null, "1", null);
+        a = new JREDesc(null, null, null, null, "99999999", null);
+        a = new JREDesc(null, null, null, null, "1k", null);
+        a = new JREDesc(null, null, null, null, "1000k", null);
+        a = new JREDesc(null, null, null, null, "1K", null);
+        a = new JREDesc(null, null, null, null, "1000K", null);
+        a = new JREDesc(null, null, null, null, "1m", null);
+        a = new JREDesc(null, null, null, null, "1m", null);
+        a = new JREDesc(null, null, null, null, "1M", null);
+        a = new JREDesc(null, null, null, null, "1g", null);
+        a = new JREDesc(null, null, null, null, "1G", null);
+        a = new JREDesc(null, null, null, null, "10000G", null);
+    }
+
+    @Test(expected = ParseException.class)
+    public void testInitialHeapSizeBad() throws ParseException {
+        JREDesc a = new JREDesc(null, null, null, "blah", null, null);
+
+    }
+
+    @Test(expected = ParseException.class)
+    public void testMaximumHeapSizeBad() throws ParseException {
+        JREDesc a = new JREDesc(null, null, null, null, "blah", null);
+
+    }
+
+    @Test
+    public void checkHeapSize() throws ParseException {
+        String s = JREDesc.checkHeapSize(null);
+        Assert.assertEquals(null, s);
+        s = JREDesc.checkHeapSize("0");
+        Assert.assertEquals("0", s);
+        s = JREDesc.checkHeapSize(" 0k");
+        Assert.assertEquals("0k", s);
+        s = JREDesc.checkHeapSize("1 ");
+        Assert.assertEquals("1", s);
+        s = JREDesc.checkHeapSize("10");
+        Assert.assertEquals("10", s);
+        s = JREDesc.checkHeapSize(" 1k");
+        Assert.assertEquals("1k", s);
+        s = JREDesc.checkHeapSize("10m ");
+        Assert.assertEquals("10m", s);
+
+        s = JREDesc.checkHeapSize("0");
+        Assert.assertEquals("0", s);
+        s = JREDesc.checkHeapSize(" 0K");
+        Assert.assertEquals("0K", s);
+        s = JREDesc.checkHeapSize("1 ");
+        Assert.assertEquals("1", s);
+        s = JREDesc.checkHeapSize("10");
+        Assert.assertEquals("10", s);
+        s = JREDesc.checkHeapSize(" 1M");
+        Assert.assertEquals("1M", s);
+        s = JREDesc.checkHeapSize("10G ");
+        Assert.assertEquals("10G", s);
+        s = JREDesc.checkHeapSize("99K");
+        Assert.assertEquals("99K", s);
+
+    }
+
+    @Test(expected = ParseException.class)
+    public void checkHeapSizeBad1() throws ParseException {
+        JREDesc.checkHeapSize("10k10m");
+    }
+
+    @Test(expected = ParseException.class)
+    public void checkHeapSizeBad2() throws ParseException {
+        JREDesc.checkHeapSize("one gigabyte");
+    }
+
+    @Test(expected = ParseException.class)
+    public void checkHeapSizeBad3() throws ParseException {
+        JREDesc.checkHeapSize("99l");
+    }
+
+    @Test(expected = ParseException.class)
+    public void checkHeapSizeBad4() throws ParseException {
+        JREDesc.checkHeapSize("99KK");
+    }
+}

From omajid at icedtea.classpath.org  Mon Mar 31 14:44:03 2014
From: omajid at icedtea.classpath.org (omajid at icedtea.classpath.org)
Date: Mon, 31 Mar 2014 14:44:03 +0000
Subject: /hg/icedtea-web: Fix Autoconf warning
Message-ID: <hg.da9335e11493.1396277043.8643924302249223276@icedtea.classpath.org>

changeset da9335e11493 in /hg/icedtea-web
details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=da9335e11493
author: Omair Majid <omajid at redhat.com>
date: Mon Mar 31 10:38:55 2014 -0400

	Fix Autoconf warning

	2014-03-31  Omair Majid  <omajid at redhat.com>

	    * acinclude.m4
	    (IT_CHECK_XULRUNNER_MIMEDESCRIPTION_CONSTCHAR),
	    (IT_CHECK_XULRUNNER_REQUIRES_C11): Use AC_LANG_SOURCE with code.


diffstat:

 ChangeLog    |   6 ++++++
 acinclude.m4 |  14 +++++++-------
 2 files changed, 13 insertions(+), 7 deletions(-)

diffs (44 lines):

diff -r cfe6aca11b12 -r da9335e11493 ChangeLog
--- a/ChangeLog	Mon Mar 31 16:37:23 2014 +0200
+++ b/ChangeLog	Mon Mar 31 10:38:55 2014 -0400
@@ -1,3 +1,9 @@
+2014-03-31  Omair Majid  <omajid at redhat.com>
+
+	* acinclude.m4
+	(IT_CHECK_XULRUNNER_MIMEDESCRIPTION_CONSTCHAR),
+	(IT_CHECK_XULRUNNER_REQUIRES_C11): Use AC_LANG_SOURCE with code.
+
 2014-03-31  Jiri Vanek  <jvanek at redhat.com>
 
 	Refactored check of heap space. Now recognize g/G and is based on regex
diff -r cfe6aca11b12 -r da9335e11493 acinclude.m4
--- a/acinclude.m4	Mon Mar 31 16:37:23 2014 +0200
+++ b/acinclude.m4	Mon Mar 31 10:38:55 2014 -0400
@@ -527,9 +527,9 @@
   CXXFLAGS_BACKUP="$CXXFLAGS"
   CXXFLAGS="$CXXFLAGS"" ""$MOZILLA_CFLAGS"
   AC_COMPILE_IFELSE([
-    #include <npfunctions.h>]
-    [const  char* NP_GetMIMEDescription ()
-    {return (char*) "yap!";}
+    AC_LANG_SOURCE([[#include <npfunctions.h>
+                     const  char* NP_GetMIMEDescription ()
+                       {return (char*) "yap!";}]])
     ],[
     AC_MSG_RESULT(no)
     ],[
@@ -547,10 +547,10 @@
   CXXFLAGS_BACKUP="$CXXFLAGS"
   CXXFLAGS="$CXXFLAGS"" ""$MOZILLA_CFLAGS"
   AC_COMPILE_IFELSE([
-    #include <npapi.h>
-    #include <npruntime.h>]
-    [void setnpptr (NPVariant *result)
-    {VOID_TO_NPVARIANT(*result);}
+    AC_LANG_SOURCE([[#include <npapi.h>
+                     #include <npruntime.h>
+                     void setnpptr (NPVariant *result)
+                       { VOID_TO_NPVARIANT(*result);}]])
     ],[
     AC_MSG_RESULT(no)
     CXXFLAGS="$CXXFLAGS_BACKUP"

From jvanek at icedtea.classpath.org  Mon Mar 31 14:55:02 2014
From: jvanek at icedtea.classpath.org (jvanek at icedtea.classpath.org)
Date: Mon, 31 Mar 2014 14:55:02 +0000
Subject: /hg/icedtea-web: Fixed cz_CS locales and adapted tests
Message-ID: <hg.ee80e215928e.1396277702.8643924302249223276@icedtea.classpath.org>

changeset ee80e215928e in /hg/icedtea-web
details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=ee80e215928e
author: Jiri Vanek <jvanek at redhat.com>
date: Mon Mar 31 16:54:52 2014 +0200

	Fixed cz_CS locales and adapted tests


diffstat:

 ChangeLog                                                                  |   11 +
 netx/net/sourceforge/jnlp/resources/Messages_cs.properties                 |  422 ++++++++-
 tests/netx/unit/net/sourceforge/jnlp/resources/MessagesPropertiesTest.java |   11 +-
 3 files changed, 366 insertions(+), 78 deletions(-)

diffs (truncated from 801 to 500 lines):

diff -r da9335e11493 -r ee80e215928e ChangeLog
--- a/ChangeLog	Mon Mar 31 10:38:55 2014 -0400
+++ b/ChangeLog	Mon Mar 31 16:54:52 2014 +0200
@@ -1,3 +1,14 @@
+2013-03-31  Jiri Vanek  <jvanek at redhat.com>
+            Alexandr Kolouch  <skolnag at gmail.com>
+
+	Fixed cz_CS locales and adapted tests
+	* netx/net/sourceforge/jnlp/resources/Messages_cs_CZ.properties: added missing
+	values
+	* tests/reproducers/simple/LocalesTest/testcases/LocalesTestTest.java:
+	Added few untranslatable items to white-list. (allResourcesAreReallyDifferent)
+	now skip test on values of "std. err" "std. out" "Policy Editor" and 
+	"Java Reflection"
+
 2014-03-31  Omair Majid  <omajid at redhat.com>
 
 	* acinclude.m4
diff -r da9335e11493 -r ee80e215928e netx/net/sourceforge/jnlp/resources/Messages_cs.properties
--- a/netx/net/sourceforge/jnlp/resources/Messages_cs.properties	Mon Mar 31 10:38:55 2014 -0400
+++ b/netx/net/sourceforge/jnlp/resources/Messages_cs.properties	Mon Mar 31 16:54:52 2014 +0200
@@ -1,4 +1,4 @@
-# Czech UI messages for netx
+# Default (English) UI messages for netx
 # L=Launcher, B=Boot, P=Parser, C=cache S=security
 #
 # General
@@ -12,15 +12,25 @@
 ButOk=OK
 ButProceed=Pokra\u010dovat
 ButRun=Spustit
+ButSandbox=Izolovan\u00fd prostor (sandbox)
 ButApply=Pou\u017e\u00edt
 ButDone=Hotovo
 ButShowDetails=Zobrazit podrobnosti
 ButHideDetails=Skr\u00fdt podrobnosti
+ButYes=Ano
+ButNo=Ne
+
+CertWarnRunTip=Apletu m\u016f\u017eete v\u011b\u0159it a spustit ho s pln\u00fdmi opr\u00e1vn\u011bn\u00edmi.
+CertWarnSandboxTip=Apletu nev\u011b\u0159te a spus\u0165te ho s omezen\u00fdmi opr\u00e1vn\u011bn\u00edmi.
+CertWarnCancelTip=Tento aplet nespou\u0161t\u011bjte.
+CertWarnPolicyTip=Roz\u0161\u00ed\u0159en\u00e1 nastaven\u00ed izolovan\u00e9ho prostoru (sandbox)
+CertWarnPolicyEditorItem=Spustit aplikaci Policy Editor
 
 AFileOnTheMachine=soubor v po\u010d\u00edta\u010di
 AlwaysAllowAction=V\u017edy povolit tuto akci
 Usage=Pou\u017eit\u00ed:
 Error=Chyba
+Warning=Varov\u00e1n\u00ed
 
 Continue=Chcete pokra\u010dovat?
 Field=Pole
@@ -33,6 +43,24 @@
 Value=Hodnota
 Version=Verze
 
+# about dialogue
+AboutDialogueTabAbout=O aplikaci IcedTea-Web
+AboutDialogueTabAuthors=Auto\u0159i
+AboutDialogueTabChangelog=Seznam zm\u011bn
+AboutDialogueTabNews=Novinky
+AboutDialogueTabGPLv2=GPLv2
+
+# missing permissions dialogue
+MissingPermissionsMainTitle=Aplikace <span color='red'> {0} </span> se z\u00e1kladnou k\u00f3du (codebase) <span color='red'> {1} </span> postr\u00e1d\u00e1 element \u201epermissions\u201c. Aplikaci bez tohoto elementu byste nem\u011bli v\u011b\u0159it. Chcete povolit b\u011bh t\u00e9to aplikace?
+MissingPermissionsInfo=Chcete-li z\u00edskat v\u00edce informac\u00ed, nav\u0161tivte n\u00e1sleduj\u00edc\u00ed weby:<br/><a href="http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#permissions"> http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#permissions</a> <br/> a<br/> <a href="http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/no_redeploy.html"> http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/no_redeploy.html</a>
+
+# missing Application-Library-Allowable-Codebase dialogue
+ALACAMissingMainTitle=Aplikace <span color='red'> {0} </span> se z\u00e1kladnou k\u00f3du (codebase) <span color='red'> {1} </span> postr\u00e1d\u00e1 element \u201eapplication-library-allowable-codebase\u201c. Tato aplikace pou\u017e\u00edv\u00e1 zdroje z n\u00e1sleduj\u00edc\u00edho vzd\u00e1len\u00e9ho um\u00edst\u011bn\u00ed:<br/> {2} Skute\u010dn\u011b chcete spustit tuto aplikaci?
+ALACAMissingInfo=Chcete-li z\u00edskat v\u00edce informac\u00ed, nav\u0161tivte n\u00e1sleduj\u00edc\u00ed weby:<br/><a href="http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#app_library"> http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#app_library</a> <br/> a<br/> <a href="http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/no_redeploy.html"> http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/no_redeploy.html</a>
+# matching Application-Library-Allowable-Codebase dialogue
+ALACAMatchingMainTitle=Aplikace <span color='red'> {0} </span> se z\u00e1kladnou k\u00f3du (codebase) <span color='red'> {1} </span> vy\u017eaduje platn\u00e9 zdroje z r\u016fzn\u00fdch um\u00edst\u011bn\u00ed:<br/>{2} <br/> O\u010dek\u00e1v\u00e1 se na\u010dten\u00ed t\u011bchto zdroj\u016f. Souhlas\u00edte se spu\u0161t\u011bn\u00edm t\u00e9to aplikace?
+ALACAMatchingInfo=Chcete-li z\u00edskat v\u00edce informac\u00ed, nav\u0161tivte n\u00e1sleduj\u00edc\u00ed weby:<br/><a href="http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#app_library"> http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#app_library</a> <br/> a<br/> <a href="http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/no_redeploy.html"> http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/no_redeploy.html</a>
+
 # LS - Severity
 LSMinor=Mal\u00e1
 LSFatal=Z\u00e1va\u017en\u00e1
@@ -48,14 +76,14 @@
 LCInit=Chyba inicializace
  
 LAllThreadGroup=V\u0161echny aplikace JNLP
-LNullUpdatePolicy=Pravidla pro aktualizaci nesm\u00ed b\u00fdt pr\u00e1zdn\u00e1.
+LNullUpdatePolicy=Z\u00e1sady pro aktualizaci nesm\u00ed b\u00fdt pr\u00e1zdn\u00e9.
  
 LThreadInterrupted=Vl\u00e1kno bylo p\u0159eru\u0161eno p\u0159i \u010dek\u00e1n\u00ed na spu\u0161t\u011bn\u00ed souboru.
-LThreadInterruptedInfo=To m\u016f\u017ee v\u00e9st k zablokov\u00e1n\u00ed nebo v\u00e9st k jin\u00e9mu po\u0161kozen\u00ed p\u0159i spou\u0161t\u011bn\u00ed. Restartujte aplikaci/prohl\u00ed\u017ee\u010d.
+LThreadInterruptedInfo=Tato akce m\u016f\u017ee v\u00e9st k zablokov\u00e1n\u00ed nebo jin\u00e9mu po\u0161kozen\u00ed v pr\u016fb\u011bhu spou\u0161t\u011bn\u00ed. Restartujte aplikaci/prohl\u00ed\u017ee\u010d.
 LCouldNotLaunch=Nelze spustit soubor JNLP.
-LCouldNotLaunchInfo=Aplikace nebyla inicializov\u00e1na. V\u00edce informac\u00ed z\u00edsk\u00e1te spu\u0161t\u011bn\u00edm p\u0159\u00edkazu javaws/prohl\u00ed\u017ee\u010de z p\u0159\u00edkazov\u00e9 \u0159\u00e1dky.
+LCouldNotLaunchInfo=Aplikace nebyla inicializov\u00e1na. Chcete-li z\u00edskat v\u00edce informac\u00ed, spus\u0165te javaws/prohl\u00ed\u017ee\u010d z p\u0159\u00edkazov\u00e9 \u0159\u00e1dky a za\u0161lete hl\u00e1\u0161en\u00ed o chyb\u011b.
 LCantRead=Nelze \u010d\u00edst nebo analyzovat soubor JNLP.
-LCantReadInfo=M\u016f\u017eete se pokusit st\u00e1hnout tento soubor ru\u010dn\u011b a poslat ho jako hl\u00e1\u0161en\u00ed o chyb\u011b t\u00fdmu IcedTea-Web.
+LCantReadInfo=M\u016f\u017eete zkusit st\u00e1hnout tento soubor ru\u010dn\u011b a zaslat ho prost\u0159ednictv\u00edm hl\u00e1\u0161en\u00ed o chyb\u011b t\u00fdmu IcedTea-Web.
 LNullLocation=Nelze ur\u010dit um\u00edst\u011bn\u00ed souboru JNLP.
 LNullLocationInfo=Byl u\u010din\u011bn pokus o spu\u0161t\u011bn\u00ed souboru JNLP v jin\u00e9m prost\u0159ed\u00ed JVM, av\u0161ak soubor nebyl nalezen.  Chcete-li spustit extern\u00ed prost\u0159ed\u00ed JVM, modul runtime mus\u00ed b\u00fdt schopen nal\u00e9zt soubor .jnlp v lok\u00e1ln\u00edm souborov\u00e9m syst\u00e9mu nebo na serveru.
 LNetxJarMissing=Nelze ur\u010dit um\u00edst\u011bn\u00ed souboru netx.jar.
@@ -64,33 +92,37 @@
 LNotToSpecInfo=Soubor JNLP obsahuje data, kter\u00e1 jsou zak\u00e1z\u00e1na v r\u00e1mci specifikace JNLP.  Modul runtime se m\u016f\u017ee pokusit ignorovat neplatn\u00e9 informace a pokra\u010dovat ve spou\u0161t\u011bn\u00ed souboru.
 LNotApplication=Nejedn\u00e1 se o soubor aplikace.
 LNotApplicationInfo=Byl u\u010din\u011bn pokus o na\u010dten\u00ed souboru, kter\u00fd nen\u00ed aplikac\u00ed, jako soubor aplikace.
-LNotApplet=Nejedn\u00e1 se o soubor appletu.
-LNotAppletInfo=Byl u\u010din\u011bn pokus o na\u010dten\u00ed souboru, kter\u00fd nen\u00ed appletem, jako soubor appletu.
+LNotApplet=Nejedn\u00e1 se o soubor apletu.
+LNotAppletInfo=Byl u\u010din\u011bn pokus o na\u010dten\u00ed souboru, kter\u00fd nen\u00ed apletem, jako soubor apletu.
 LNoInstallers=Instal\u00e1tory nejsou podporov\u00e1ny.
 LNoInstallersInfo=Instal\u00e1tory JNLP je\u0161t\u011b nejsou podporov\u00e1ny.
-LInitApplet=Nelze inicializovat applet.
-LInitAppletInfo=Chcete-li v\u00edce informac\u00ed, klikn\u011bte na tla\u010d\u00edtko Dal\u0161\u00ed informace...
+LInitApplet=Nelze inicializovat aplet.
+LInitAppletInfo=Dal\u0161\u00ed informace z\u00edsk\u00e1te kliknut\u00edm na tla\u010d\u00edtko Dal\u0161\u00ed informace...
 LInitApplication=Nelze inicializovat aplikaci.
-LInitApplicationInfo=Aplikace nebyla inicializov\u00e1na. V\u00edce informac\u00ed z\u00edsk\u00e1te spu\u0161t\u011bn\u00edm p\u0159\u00edkazu javaws z p\u0159\u00edkazov\u00e9 \u0159\u00e1dky.
+LInitApplicationInfo=Aplikace nebyla inicializov\u00e1na. Chcete-li z\u00edskat v\u00edce informac\u00ed, spus\u0165te javaws z p\u0159\u00edkazov\u00e9 \u0159\u00e1dky.
 LNotLaunchable=Nejedn\u00e1 se o spustiteln\u00fd soubor JNLP.
-LNotLaunchableInfo=Soubor mus\u00ed b\u00fdt aplikac\u00ed, appletem nebo instal\u00e1torem JNLP.
+LNotLaunchableInfo=Soubor mus\u00ed b\u00fdt aplikac\u00ed, apletem nebo instal\u00e1torem JNLP.
 LCantDetermineMainClass=Nezn\u00e1m\u00e1 t\u0159\u00edda Main-Class.
 LCantDetermineMainClassInfo=Nelze ur\u010dit t\u0159\u00eddu main class pro tuto aplikaci.
 LUnsignedJarWithSecurity=Nelze ud\u011blit opr\u00e1vn\u011bn\u00ed nepodepsan\u00fdm soubor\u016fm JAR.
 LUnsignedJarWithSecurityInfo=Aplikace po\u017e\u00e1dala o bezpe\u010dnostn\u00ed opr\u00e1vn\u011bn\u00ed, av\u0161ak soubory JAR nejsou podeps\u00e1ny.
 LSignedJNLPAppDifferentCerts=Aplikace JNLP nen\u00ed kompletn\u011b podepsan\u00e1 jednou certifika\u010dn\u00ed autoritou.
 LSignedJNLPAppDifferentCertsInfo=Jednotliv\u00e9 komponenty aplikace JNLP jsou individu\u00e1ln\u011b podeps\u00e1ny, nicm\u00e9n\u011b pro v\u0161echny polo\u017eky mus\u00ed b\u00fdt jeden spole\u010dn\u00fd podepisovatel.
-LUnsignedApplet=Applet nebyl podepsan\u00fd.
-LUnsignedAppletPolicyDenied=Applet nebyl podepsan\u00fd a bezpe\u010dnostn\u00ed pravidla zabr\u00e1nila jeho spu\u0161t\u011bn\u00ed.
-LUnsignedAppletUserDenied=Applet nebyl podepsan\u00fd a byl vyhodnocen jako ned\u016fv\u011bryhodn\u00fd.
+LUnsignedApplet=Aplet nebyl podepsan\u00fd.
+LUnsignedAppletPolicyDenied=Aplet nebyl podepsan\u00fd a bezpe\u010dnostn\u00ed z\u00e1sady zabr\u00e1nily jeho spu\u0161t\u011bn\u00ed.
+LUnsignedAppletUserDenied=Aplet nebyl podepsan\u00fd a byl vyhodnocen jako ned\u016fv\u011bryhodn\u00fd.
+LPartiallySignedApplet=Aplet byl \u010d\u00e1ste\u010dn\u011b podepsan\u00fd.
+LPartiallySignedAppletUserDenied=Aplet byl \u010d\u00e1ste\u010dn\u011b podepsan\u00fd a u\u017eivatel ho vyhodnotil jako ned\u016fv\u011bryhodn\u00fd.
 LSignedAppJarUsingUnsignedJar=Podepsan\u00e1 aplikace pou\u017e\u00edvaj\u00edc\u00ed nepodepsan\u00e9 soubory JAR.
 LSignedAppJarUsingUnsignedJarInfo=Hlavn\u00ed soubor JAR aplikace je podepsan\u00fd, av\u0161ak n\u011bkter\u00e9 z dal\u0161\u00edch pou\u017e\u00edvan\u00fdch soubor\u016f JAR nejsou podeps\u00e1ny.
+LRunInSandboxError=Vol\u00e1n\u00ed pro b\u011bh v izolovan\u00e9m prostoru (sandbox) bylo vykon\u00e1no p\u0159\u00edli\u0161 pozd\u011b.
+LRunInSandboxErrorInfo=Zavad\u011b\u010d t\u0159\u00edd dostal hl\u00e1\u0161en\u00ed, aby spustil aplet v izolovan\u00e9m prost\u0159ed\u00ed, av\u0161ak bezpe\u010dnostn\u00ed nastaven\u00ed ji\u017e byla inicializov\u00e1na.
 LSignedJNLPFileDidNotMatch=Podepsan\u00fd soubor JNLP se neshoduje se spou\u0161t\u011bn\u00fdm souborem JNLP.
 LNoSecInstance=Chyba: Neexistuje bezpe\u010dnostn\u00ed instance pro aplikaci {0}. Aplikace m\u016f\u017ee m\u00edt pot\u00ed\u017ee pokra\u010dovat.
 LCertFoundIn=Certifik\u00e1t {0} byl nalezen v arch\u00edvu cacerts ({1}).
-LSingleInstanceExists=Ji\u017e existuje jin\u00e1 instance tohoto appletu. Nelze provozovat v\u00edce instanc\u00ed appletu z\u00e1rove\u0148.
+LSingleInstanceExists=Ji\u017e existuje jin\u00e1 instance tohoto apletu. Nelze provozovat v\u00edce instanc\u00ed apletu z\u00e1rove\u0148.
  
-JNotApplet=Soubor nen\u00ed applet.
+JNotApplet=Soubor nen\u00ed aplet.
 JNotApplication=Soubor nen\u00ed aplikace.
 JNotComponent=Soubor nen\u00ed komponenta.
 JNotInstaller=Soubor nen\u00ed instal\u00e1tor.
@@ -105,7 +137,7 @@
 LAskToContinue=Chcete p\u0159esto pokra\u010dovat ve spou\u0161t\u011bn\u00ed t\u00e9to aplikace?
 
 # Parser
-PInvalidRoot=Element \u201eroot\u201c nen\u00ed elementem jnlp.
+PInvalidRoot=Element \u201eroot" nen\u00ed elementem jnlp.
 PNoResources=Nen\u00ed definov\u00e1n element \u201eresources\u201c.
 PUntrustedNative=Nelze deklarovat element \u201enativelib\u201c, ani\u017e by bylo po\u017e\u00e1d\u00e1no o p\u0159\u00edslu\u0161n\u00e1 opr\u00e1vn\u011bn\u00ed.
 PExtensionHasJ2SE=V souboru roz\u0161\u00ed\u0159en\u00ed nelze deklarovat element \u201ej2se\u201c.
@@ -116,7 +148,7 @@
 PMissingTitle=N\u00e1zev
 PMissingVendor=Dodavatel
 PMissingElement=Pro va\u0161e n\u00e1rodn\u00ed prost\u0159ed\u00ed nebyla zad\u00e1na sekce {0}, ani neexistuje v\u00fdchoz\u00ed hodnota v souboru JNLP.
-PTwoDescriptions=Duplicitn\u00ed elementy \u201edescription\u201c typu {0} jsou neplatn\u00e9.
+PTwoDescriptions=Duplicitn\u00ed elementy \u201edescription" typu {0} jsou neplatn\u00e9.
 PSharing=Element \u201esharing-allowed\u201c je neplatn\u00fd ve standardn\u00edm souboru JNLP.
 PTwoSecurity=V ka\u017ed\u00e9m souboru JNLP m\u016f\u017ee b\u00fdt pouze jeden element \u201esecurity\u201c.
 PEmptySecurity=Element \u201esecurity\u201c je definov\u00e1n, av\u0161ak neobsahuje element \u201epermissions\u201c.
@@ -126,9 +158,9 @@
 PTwoTitles=Je povolen pouze jeden element \u201etitle\u201c.
 PTwoIcons=Je povolen pouze jeden element \u201eicon\u201c.
 PTwoUpdates=Je povolen pouze jeden element \u201eupdate\u201c.
-PUnknownApplet=Nezn\u00e1m\u00fd applet
-PBadWidth=Neplatn\u00e1 \u0161\u00ed\u0159ka appletu
-PBadHeight=Neplatn\u00e1 v\u00fd\u0161ka appletu
+PUnknownApplet=Nezn\u00e1m\u00fd aplet
+PBadWidth=Neplatn\u00e1 \u0161\u00ed\u0159ka apletu
+PBadHeight=Neplatn\u00e1 v\u00fd\u0161ka apletu
 PUrlNotInCodebase=Relativn\u00ed adresa URL neuv\u00e1d\u00ed podadres\u00e1\u0159 se z\u00e1kladnou k\u00f3du (codebase). (uzel (node)={0}, odkaz (href)={1}, z\u00e1kladna k\u00f3du (codebase)={2})
 PBadRelativeUrl=Neplatn\u00e1 relativn\u00ed adresa URL (uzel (node)={0}, odkaz (href)={1}, z\u00e1kladna k\u00f3du (codebase)={2})
 PBadNonrelativeUrl=Neplatn\u00e1 absolutn\u00ed adresa URL (uzel (node)={0}, odkaz (href)={1})
@@ -138,19 +170,24 @@
 
 # Runtime
 BLaunchAbout=Prob\u00edh\u00e1 spou\u0161t\u011bn\u00ed okna O aplikaci IcedTea-Web...
+BLaunchAboutFailure=Spu\u0161t\u011bn\u00ed okna O aplikaci IcedTea-Web se nezda\u0159ilo.
 BNeedsFile=Je nutn\u00e9 zadat soubor JNLP.
 RNoAboutJnlp=Nelze nal\u00e9zt soubor about.jnlp.
 BFileLoc=Um\u00edst\u011bn\u00ed souboru JNLP
 BBadProp=Neplatn\u00fd form\u00e1t vlastnosti {0} (platn\u00fd form\u00e1t: kl\u00ed\u010d=hodnota)
 BBadParam=Neplatn\u00fd form\u00e1t parametru {0} (platn\u00fd form\u00e1t: n\u00e1zev=hodnota)
 BNoDir=Adres\u00e1\u0159 {0} neexistuje.
-BNoCodeOrObjectApplet=Zna\u010dka appletu mus\u00ed deklarovat atribut \u201ecode\u201c nebo \u201eobject\u201c.
+BNoCodeOrObjectApplet=Zna\u010dka apletu mus\u00ed deklarovat atribut \u201ecode" nebo \u201eobject".
 RNoResource=Chyb\u011bj\u00edc\u00ed zdroj: {0}
 RShutdown=Tato v\u00fdjimka zabra\u0148uje ukon\u010den\u00ed prost\u0159ed\u00ed JVM, av\u0161ak proces byl ukon\u010den.
 RExitTaken=T\u0159\u00edda exit class m\u016f\u017ee b\u00fdt nastavena pouze jednou a pouze ta pak m\u016f\u017ee ukon\u010dit prost\u0159ed\u00ed JVM.
 RCantReplaceSM=Nen\u00ed dovoleno vym\u011bnit t\u0159\u00eddu SecurityManager.
 RCantCreateFile=Nelze vytvo\u0159it soubor {0}.
 RCantDeleteFile=Nelze smazat soubor {0}.
+RCantOpenFile=Nepoda\u0159ilo se otev\u0159\u00edt soubor {0}.
+RCantWriteFile=Nepoda\u0159ilo se zapisovat do souboru {0}.
+RFileReadOnly=Soubor bude otev\u0159en v re\u017eimu pro \u010dten\u00ed.
+RExpectedFile={0}m\u011bl b\u00fdt dle o\u010dek\u00e1v\u00e1n\u00ed soubor, ale nen\u00ed.
 RRemoveRPermFailed=Selhalo odstra\u0148ov\u00e1n\u00ed opr\u00e1vn\u011bn\u00ed ke \u010dten\u00ed u souboru {0}.
 RRemoveWPermFailed=Selhalo odstra\u0148ov\u00e1n\u00ed opr\u00e1vn\u011bn\u00ed k z\u00e1pisu u souboru {0}.
 RRemoveXPermFailed=Selhalo odstra\u0148ov\u00e1n\u00ed opr\u00e1vn\u011bn\u00ed ke spou\u0161t\u011bn\u00ed u souboru {0}.
@@ -164,31 +201,39 @@
 RNoLockDir=Nelze vytvo\u0159it uzamykac\u00ed adres\u00e1\u0159 ({0}).
 RNestedJarExtration=Nelze extrahovat vno\u0159en\u00fd soubor JAR.
 RUnexpected=Neo\u010dek\u00e1van\u00e1 v\u00fdjimka {0} v n\u00e1sleduj\u00edc\u00ed \u010d\u00e1sti v\u00fdpisu trasov\u00e1n\u00ed: {1}
-RConfigurationError=P\u0159i \u010dten\u00ed konfigurace do\u0161lo k z\u00e1va\u017en\u00e9 chyb\u011b.
+RConfigurationError=P\u0159i \u010dten\u00ed konfigurace do\u0161lo k z\u00e1va\u017en\u00e9 chyb\u011b. Pokra\u010duji s pr\u00e1zdnou konfigurac\u00ed. Opravte chybu.
 RConfigurationFatal=CHYBA: P\u0159i na\u010d\u00edt\u00e1n\u00ed konfigurace do\u0161lo k z\u00e1va\u017en\u00e9 chyb\u011b. Mo\u017en\u00e1 je nutn\u00e9 pou\u017e\u00edt glob\u00e1ln\u00ed konfiguraci, kter\u00e1 v\u0161ak nebyla nalezena.
+RFailingToDefault=Bude pou\u017eita v\u00fdchoz\u00ed konfigurace.
 RPRoxyPacNotSupported=Pou\u017eit\u00ed soubor\u016f PAC (Proxy Auto Config) nen\u00ed podporov\u00e1no.
 RProxyFirefoxNotFound=Nelze pou\u017e\u00edt nastaven\u00ed proxy server\u016f prohl\u00ed\u017ee\u010de Firefox. Je pou\u017eito nastaven\u00ed bez proxy serveru (DIRECT).
 RProxyFirefoxOptionNotImplemented=Mo\u017enost nastaven\u00ed proxy serveru prohl\u00ed\u017ee\u010de {0} ({1}) je\u0161t\u011b nen\u00ed podporov\u00e1na.
 RBrowserLocationPromptTitle=Um\u00edst\u011bn\u00ed prohl\u00ed\u017ee\u010de
 RBrowserLocationPromptMessage=Zadejte um\u00edst\u011bn\u00ed prohl\u00ed\u017ee\u010de.
 RBrowserLocationPromptMessageWithReason=Zadejte um\u00edst\u011bn\u00ed prohl\u00ed\u017ee\u010de (p\u0159\u00edkaz prohl\u00ed\u017ee\u010de {0} je neplatn\u00fd).
+BAboutITW=Projekt IcedTea-Web poskytuje svobodn\u00fd z\u00e1suvn\u00fd modul pro webov\u00fd prohl\u00ed\u017ee\u010d, kter\u00fd spou\u0161t\u00ed aplety napsan\u00e9 v programovac\u00edm jazyce Java, a implementaci technologie Java Web Start, p\u016fvodn\u011b zalo\u017een\u00e9 na projektu NetX. Domovskou str\u00e1nku IcedTea-Web m\u016f\u017eete nav\u0161t\u00edvit na adrese: http://icedtea.classpath.org/wiki/IcedTea-Web. V\u00edce informac\u00ed z\u00edsk\u00e1te pou\u017eit\u00edm p\u0159\u00edkaz\u016f \u201eman javaws\u201c nebo \u201ejavaws -help\u201c.
+BFileInfoAuthors=Jm\u00e9na a e-mailov\u00e9 adresy p\u0159isp\u011bvatel\u016f do projektu naleznete v souboru AUTHORS v ko\u0159enov\u00e9m adres\u00e1\u0159i aplikace IcedTea-Web.
+BFileInfoCopying=Kompletn\u00ed licen\u010dn\u00ed ujedn\u00e1n\u00ed GPLv2 tohoto projektu naleznete v souboru COPYING v ko\u0159enov\u00e9m adres\u00e1\u0159i aplikace IcedTea-Web.
+BFileInfoNews=Novinky o vyd\u00e1n\u00edch aplikac\u00ed tohoto projektu naleznete v souboru NEWS v ko\u0159enov\u00e9m adres\u00e1\u0159i aplikace IcedTea-Web.
 
 # Boot options, message should be shorter than this ---------------->
 BOUsage=javaws [-volby-spu\u0161t\u011bn\u00ed] <soubor jnlp>
 BOUsage2=javaws [-volby-ovl\u00e1d\u00e1n\u00ed]
 BOJnlp= Um\u00edst\u011bn\u00ed souboru JNLP ke spu\u0161t\u011bn\u00ed (URL nebo soubor)
 BOArg= P\u0159id\u00e1 p\u0159ed spu\u0161t\u011bn\u00edm parametr aplikace.
-BOParam= P\u0159id\u00e1 p\u0159ed spu\u0161t\u011bn\u00edm parametr appletu.
+BOParam= P\u0159id\u00e1 p\u0159ed spu\u0161t\u011bn\u00edm parametr apletu.
 BOProperty= P\u0159ed spu\u0161t\u011bn\u00edm nastav\u00ed syst\u00e9movou vlastnost.
 BOUpdate= Zkontroluje aktualizace.
 BOLicense= Zobraz\u00ed licenci GPL a ukon\u010d\u00ed aplikaci.
 BOVerbose= Zapne podrobn\u00fd v\u00fdstup.
 BOAbout= Uk\u00e1\u017ee vzorovou aplikaci.
+BOVersion= Vyp\u00ed\u0161e verzi aplikace IcedTea-Web a ukon\u010d\u00ed aplikaci.
 BONosecurity= Vypne zabezpe\u010den\u00e9 b\u011bhov\u00e9 prost\u0159ed\u00ed.
 BONoupdate= Vypne kontrolu aktualizac\u00ed.
 BOHeadless= Vypne ve\u0161ker\u00e9 grafick\u00e9 prvky u\u017eiv. rozhran\u00ed IcedTea-Web.
 BOStrict= Zapne striktn\u00ed kontrolu souborov\u00e9ho form\u00e1tu JNLP.
 BOViewer= Zobraz\u00ed prohl\u00ed\u017ee\u010d d\u016fv\u011bryhodn\u00fdch certifik\u00e1t\u016f.
+BOXml= Pou\u017eije pro anal\u00fdzu souboru JNLP striktn\u00ed XML parser.
+BOredirect= Povolit n\u00e1sledovat p\u0159esm\u011brov\u00e1n\u00ed s k\u00f3dy 301, 302, 303, 307 a 308
 BXnofork= Zak\u00e1\u017ee vytv\u00e1\u0159en\u00ed jin\u00fdch prost\u0159ed\u00ed JVM.
 BXclearcache= Vy\u010dist\u00ed vyrovn\u00e1vac\u00ed pam\u011b\u0165 aplikace JNLP.
 BXignoreheaders= Vynech\u00e1 ov\u011b\u0159ov\u00e1n\u00ed hlavi\u010dky souboru JAR.
@@ -200,21 +245,21 @@
 CDownloading=Prob\u00edh\u00e1 stahov\u00e1n\u00ed.
 CComplete=Dokon\u010deno
 CChooseCache=Zvolit adres\u00e1\u0159 pro vyrovn\u00e1vac\u00ed pam\u011b\u0165...
-CChooseCacheInfo=Netx pot\u0159ebuje um\u00edst\u011bn\u00ed pro uchov\u00e1v\u00e1n\u00ed soubor\u016f vyrovn\u00e1vac\u00ed pam\u011bti.
+CChooseCacheInfo=NetX pot\u0159ebuje um\u00edst\u011bn\u00ed pro uchov\u00e1v\u00e1n\u00ed soubor\u016f vyrovn\u00e1vac\u00ed pam\u011bti.
 CChooseCacheDir=Adres\u00e1\u0159 vyrovn\u00e1vac\u00ed pam\u011bti
-CCannotClearCache=Moment\u00e1ln\u011b nelze vy\u010distit vyrovn\u00e1vac\u00ed pam\u011b\u0165.
+CCannotClearCache=Moment\u00e1ln\u011b nelze vy\u010distit vyrovn\u00e1vac\u00ed pam\u011b\u0165. Zkuste to pozd\u011bji. Pokud probl\u00e9m p\u0159etrv\u00e1v\u00e1, zkuste zav\u0159\u00edt prohl\u00ed\u017ee\u010de a aplikace JNLP. Jako posledn\u00ed prost\u0159edek m\u016f\u017eete zkusit zab\u00edt v\u0161echny Java aplikace. \\\n Vyrovn\u00e1vac\u00ed pam\u011b\u0165 m\u016f\u017eete vy\u010disti pomoc\u00ed p\u0159\u00edkazu javaws -Xclearcache nebo v programu itw-settings kliknut\u00edm na polo\u017eky Cache -> View files -> Clean all.
 CFakeCache=Vyrovn\u00e1vac\u00ed pam\u011b\u0165 je po\u0161kozena. Prob\u00edh\u00e1 oprava.
-CFakedCache=Po\u0161kozen\u00e1 vyrovn\u00e1vac\u00ed pam\u011b\u0165 byla opravena. D\u016frazn\u011b doporu\u010dujeme co nejd\u0159\u00edve spustit p\u0159\u00edkaz \u201ejavaws -Xclearcache\u201c a pak znovu spustit aplikaci.
+CFakedCache=Po\u0161kozen\u00e1 vyrovn\u00e1vac\u00ed pam\u011b\u0165 byla opravena. D\u016frazn\u011b doporu\u010dujeme co nejd\u0159\u00edve spustit p\u0159\u00edkaz \u201ejavaws -Xclearcache\u201c a pak znovu spustit aplikaci. P\u0159\u00edpadn\u011b m\u016f\u017eete pou\u017e\u00edt program itw-settings, mo\u017enosti Cache -> View files -> Clean all.
 
 # Security
 SFileReadAccess=Aplikace vy\u017eaduje p\u0159\u00edstup ke \u010dten\u00ed souboru {0}. Chcete tuto akci povolit?
 SFileWriteAccess=Aplikace vy\u017eaduje p\u0159\u00edstup k zapisov\u00e1n\u00ed do souboru {0}. Chcete tuto akci povolit?
 SDesktopShortcut=Aplikace vy\u017eaduje opr\u00e1vn\u011bn\u00ed k vytvo\u0159en\u00ed spou\u0161t\u011bc\u00edho souboru na plo\u0161e. Chcete tuto akci povolit?
-SSigUnverified=Digit\u00e1ln\u00ed podpis aplikace nelze ov\u011b\u0159it. Chcete aplikaci spustit?
-SSigVerified=Digit\u00e1ln\u00ed podpis aplikace byl ov\u011b\u0159en. Chcete aplikaci spustit?
-SSignatureError=Digit\u00e1ln\u00ed podpis aplikace obsahuje chybu. Chcete aplikaci spustit?
+SSigUnverified=Digit\u00e1ln\u00ed podpis aplikace nelze ov\u011b\u0159it. Chcete aplikaci spustit? Aplikace z\u00edsk\u00e1 neomezen\u00fd p\u0159\u00edstup k va\u0161emu po\u010d\u00edta\u010di.
+SSigVerified=Digit\u00e1ln\u00ed podpis aplikace byl ov\u011b\u0159en. Chcete aplikaci spustit? Aplikace z\u00edsk\u00e1 neomezen\u00fd p\u0159\u00edstup k va\u0161emu po\u010d\u00edta\u010di.
+SSignatureError=Digit\u00e1ln\u00ed podpis aplikace obsahuje chybu. Chcete aplikaci spustit? Aplikace z\u00edsk\u00e1 neomezen\u00fd p\u0159\u00edstup k va\u0161emu po\u010d\u00edta\u010di.
 SUntrustedSource=Digit\u00e1ln\u00ed podpis nelze ov\u011b\u0159it pomoc\u00ed d\u016fv\u011bryhodn\u00e9ho zdroje. Aplikaci spus\u0165te, pouze pokud v\u011b\u0159\u00edte p\u016fvodu aplikace.
-SWarnFullPermissionsIgnorePolicy=Spou\u0161t\u011bn\u00e9mu k\u00f3du budou ud\u011blena pln\u00e1 opr\u00e1vn\u011bn\u00ed bez ohledu na p\u0159\u00edpadn\u00e1 va\u0161e vlastn\u00ed pravidla chov\u00e1n\u00ed prost\u0159ed\u00ed Java.
+SWarnFullPermissionsIgnorePolicy=Spou\u0161t\u011bn\u00e9mu k\u00f3du budou ud\u011blena pln\u00e1 opr\u00e1vn\u011bn\u00ed bez ohledu na p\u0159\u00edpadn\u00e1 va\u0161e vlastn\u00ed z\u00e1sady chov\u00e1n\u00ed prost\u0159ed\u00ed Java.
 STrustedSource=Digit\u00e1ln\u00ed podpis byl ov\u011b\u0159en pomoc\u00ed d\u016fv\u011bryhodn\u00e9ho zdroje.
 SClipboardReadAccess=Aplikace po\u017eaduje p\u0159\u00edstup ke \u010dten\u00ed syst\u00e9mov\u00e9 schr\u00e1nky. Chcete tuto akci povolit?
 SClipboardWriteAccess=Aplikace vy\u017eaduje p\u0159\u00edstup k zapisov\u00e1n\u00ed do syst\u00e9mov\u00e9 schr\u00e1nky. Chcete tuto akci povolit?
@@ -225,18 +270,37 @@
 SAlwaysTrustPublisher=V\u017edy d\u016fv\u011b\u0159ovat obsahu od tohoto vydavatele
 SHttpsUnverified=Certifik\u00e1t HTTPS webu nelze ov\u011b\u0159it.
 SRememberOption=<b>Zapamatovat si tuto volbu?</b>
-SRememberAppletOnly=Pro applet
+SRememberAppletOnly=Pro aplet
 SRememberCodebase=Pro web <u>{0}</u>
 SUnsignedSummary=Do\u0161lo k pokusu o spu\u0161t\u011bn\u00ed nepodepsan\u00e9 aplikace Java.
-SUnsignedDetail=Do\u0161lo k pokusu o spu\u0161t\u011bn\u00ed nepodepsan\u00e9 aplikace z n\u00e1sleduj\u00edc\u00edho um\u00edst\u011bn\u00ed:<br/>\u00a0\u00a0<u>{0}</u><br/>Str\u00e1nka, kter\u00e1 p\u0159edala tento po\u017eadavek:<br/>\u00a0\u00a0<u>{1}</u><br/><br/><b>Doporu\u010dujeme, abyste spou\u0161t\u011bli aplikace pouze z web\u016f, kter\u00fdm d\u016fv\u011b\u0159ujete.</b> 
-SUnsignedAllowedBefore=<font color="green">Tento applet jste ji\u017e d\u0159\u00edve povolili.</font>
-SUnsignedRejectedBefore=<font color="red">Tento applet jste ji\u017e d\u0159\u00edve odm\u00edtli.</font>
-SUnsignedQuestion=Povolit spu\u0161t\u011bn\u00ed appletu?
+SUnsignedDetail=Do\u0161lo k pokusu o spu\u0161t\u011bn\u00ed nepodepsan\u00e9 aplikace z n\u00e1sleduj\u00edc\u00edho um\u00edst\u011bn\u00ed:<br/>&nbsp;&nbsp;<u>{0}</u><br/>Str\u00e1nka, kter\u00e1 p\u0159edala tento po\u017eadavek:<br/>&nbsp;&nbsp;<u>{1}</u><br/><br/><b>Doporu\u010dujeme, abyste spou\u0161t\u011bli aplikace pouze z web\u016f, kter\u00fdm d\u016fv\u011b\u0159ujete.</b> 
+SUnsignedAllowedBefore=<font color="green">Tento aplet jste ji\u017e d\u0159\u00edve povolili.</font>
+SUnsignedRejectedBefore=<font color="red">Tento aplet jste ji\u017e d\u0159\u00edve odm\u00edtli.</font>
+SUnsignedQuestion=Povolit spu\u0161t\u011bn\u00ed apletu?
 SPartiallySignedSummary=Podeps\u00e1ny jsou jen \u010d\u00e1sti k\u00f3du t\u00e9to aplikace.
 SPartiallySignedDetail=Tato aplikace obsahuje podepsan\u00fd i nepodepsan\u00fd k\u00f3d. Podepsan\u00fd k\u00f3d je bezpe\u010dn\u00fd, pokud d\u016fv\u011b\u0159ujete poskytovateli tohoto k\u00f3du. Nepodepsan\u00e9 \u010d\u00e1sti mohou obsahovat k\u00f3d, kter\u00fd nen\u00ed pod kontrolou d\u016fv\u011bryhodn\u00e9ho poskytovatele.
 SPartiallySignedQuestion=Chcete p\u0159esto pokra\u010dovat a spustit aplikaci?
 SAuthenticationPrompt=Server {0} na adrese {1} vy\u017eaduje ov\u011b\u0159en\u00ed. Zpr\u00e1va: \u201e{2}\u201c
 SJNLPFileIsNotSigned=Tato aplikace obsahuje digit\u00e1ln\u00ed podpis, v r\u00e1mci kter\u00e9ho v\u0161ak nen\u00ed podeps\u00e1n spou\u0161t\u011bn\u00fd soubor JNLP.
+SAppletTitle=N\u00e1zev apletu: {0}
+STrustedOnlyAttributeFailure=Element \u201etrusted-only\u201c v manifestu aplikace m\u00e1 hodnotu true. {0} a po\u017eaduje n\u00e1sleduj\u00edc\u00ed \u00farove\u0148 opr\u00e1vn\u011bn\u00ed: {1}. To nen\u00ed dovoleno.
+STOAsignedMsgFully= Aplet je kompletn\u011b podeps\u00e1n.
+STOAsignedMsgAndSandbox= Aplet je kompletn\u011b podeps\u00e1n a b\u011b\u017e\u00ed v izolovan\u00e9m prostoru (sandbox).
+STOAsignedMsgPartiall= Aplet nen\u00ed kompletn\u011b podeps\u00e1n.
+STempPermNoFile=Bez p\u0159\u00edstupu k soubor\u016fm
+STempPermNoNetwork=Bez p\u0159\u00edstupu k s\u00edti
+STempPermNoExec=Bez mo\u017enosti spou\u0161t\u011bt p\u0159\u00edkazy
+STempNoFileOrNetwork=Bez p\u0159\u00edstupu k soubor\u016fm a s\u00edti
+STempNoExecOrNetwork=Bez mo\u017enosti spou\u0161t\u011bt p\u0159\u00edkazy a bez p\u0159\u00edstupu k s\u00edti
+STempNoFileOrExec=Bez p\u0159\u00edstupu k soubor\u016fm a bez mo\u017enosti spou\u0161t\u011bt p\u0159\u00edkazy
+STempNoFileOrNetworkOrExec=Bez p\u0159\u00edstupu k soubor\u016fm a s\u00edti a bez mo\u017enosti spou\u0161t\u011bt p\u0159\u00edkazy
+STempAllMedia=V\u0161echna m\u00e9dia
+STempSoundOnly=P\u0159ehr\u00e1v\u00e1n\u00ed audia
+STempClipboardOnly=P\u0159\u00edstup do schr\u00e1nky
+STempPrintOnly=Tisknut\u00ed dokument\u016f
+STempAllFileAndPropertyAccess=P\u0159\u00edstup ke v\u0161em soubor\u016fm a vlastnostem.
+STempReadLocalFilesAndProperties=P\u0159\u00edstup k lok\u00e1ln\u00edm soubor\u016fm a vlastnostem v re\u017eimu pro \u010dten\u00ed
+STempReflectionOnly=Pouze rozhran\u00ed Java Reflection
 
 # Security - used for the More Information dialog
 SBadKeyUsage=Zdroj obsahuje polo\u017eky, u nich\u017e roz\u0161\u00ed\u0159en\u00ed pou\u017eit\u00ed kl\u00ed\u010de KeyUsage certifik\u00e1tu podepisovatele nedovoluje podeps\u00e1n\u00ed k\u00f3du.
@@ -291,11 +355,14 @@
 DCInternal=Vnit\u0159n\u00ed chyba: {0}
 DCSourceInternal=<vnit\u0159n\u00ed>
 DCUnknownSettingWithName=Vlastnost {0} je nezn\u00e1m\u00e1.
+DCmaindircheckNotexists=P\u0159es v\u0161echny pokusy nebyl v\u00e1\u0161 konfigura\u010dn\u00ed adres\u00e1\u0159 {0} nalezen.
+DCmaindircheckNotdir=V\u00e1\u0161 konfigura\u010dn\u00ed adres\u00e1\u0159 {0} nen\u00ed adres\u00e1\u0159.
+DCmaindircheckRwproblem=V\u00e1\u0161 konfigura\u010dn\u00ed adres\u00e1\u0159 {0} nen\u00ed mo\u017en\u00e9 spr\u00e1vn\u011b \u010d\u00edst ani do n\u011bj zapisovat.
 
 # Value Validator messages. Messages should follow "Possible values ..." 
 VVPossibleValues=Mo\u017en\u00e9 hodnoty {0}
 VVPossibleBooleanValues=jsou {0} nebo {1}.
-VVPossibleFileValues=obsahuj\u00ed absolutn\u00ed um\u00edst\u011bn\u00ed souboru.
+VVPossibleFileValues=obsahuj\u00ed absolutn\u00ed um\u00edst\u011bn\u00ed souboru nebo adres\u00e1\u0159e.
 VVPossibleRangedIntegerValues=jsou v rozmez\u00ed {0} a\u017e {1} (v\u010detn\u011b).
 VVPossibleUrlValues=obsahuj\u00ed jakoukoliv platnou adresu URL (nap\u0159. http://icedtea.classpath.org/hg/).
 
@@ -307,7 +374,7 @@
 CPAboutDescription=Zobrazen\u00ed informace o verzi ovl\u00e1dac\u00edho panelu IcedTea
 CPNetworkSettingsDescription=Nastaven\u00ed s\u00edt\u011b v\u010detn\u011b zp\u016fsobu p\u0159ipojen\u00ed aplikace IcedTea-Web k Internetu a p\u0159\u00edpadn\u00e9ho pou\u017eit\u00ed proxy server\u016f
 CPTempInternetFilesDescription=Ukl\u00e1d\u00e1n\u00ed dat aplikac\u00ed prost\u0159ed\u00edm Java, aby bylo p\u0159i p\u0159\u00ed\u0161t\u00edm spu\u0161t\u011bn\u00ed umo\u017en\u011bno rychlej\u0161\u00ed na\u010dten\u00ed
-CPJRESettingsDescription=Zobrazen\u00ed a spravov\u00e1n\u00ed verze a nastaven\u00ed prost\u0159ed\u00ed Java Runtime Environment pro aplikace a applety Java
+CPJRESettingsDescription=Zobrazen\u00ed a spravov\u00e1n\u00ed verze a nastaven\u00ed prost\u0159ed\u00ed Java Runtime Environment pro aplikace a aplety Java
 CPCertificatesDescription=Pou\u017eit\u00ed certifik\u00e1t\u016f k pozitivn\u00ed identifikaci v\u00e1s, certifikac\u00ed, certifika\u010dn\u00edch autorit a vydavatel\u016f
 CPSecurityDescription=Konfigurace nastaven\u00ed zabezpe\u010den\u00ed
 CPDebuggingDescription=Zapnut\u00ed mo\u017enost\u00ed pom\u00e1haj\u00edc\u00edch p\u0159i lad\u011bn\u00ed
@@ -315,7 +382,7 @@
 CPJVMPluginArguments=Nastaven\u00ed parametr\u016f prost\u0159ed\u00ed JVM pro z\u00e1suvn\u00fd modul.
 CPJVMitwExec=Nastaven\u00ed prost\u0159ed\u00ed JVM pro aplikaci IcedTea-Web (pracuje nejl\u00e9pe s prost\u0159ed\u00edm OpenJDK)
 CPJVMitwExecValidation=Ov\u011b\u0159en\u00ed prost\u0159ed\u00ed JVM pro aplikaci IcedTea-Web
-CPJVMPluginSelectExec=Volba prost\u0159ed\u00ed JVM pro aplikaci IcedTea-Web
+CPJVMPluginSelectExec=Vyhledat prost\u0159ed\u00ed JVM pro aplikaci IcedTea-Web
 CPJVMnone=\u017d\u00e1dn\u00e9 v\u00fdsledky ov\u011b\u0159en\u00ed pro cestu
 CPJVMvalidated=V\u00fdsledky ov\u011b\u0159en\u00ed pro cestu
 CPJVMvalueNotSet=Hodnota nen\u00ed nastavena. Bude pou\u017eito p\u0159edvolen\u00e9 prost\u0159ed\u00ed JVM.
@@ -332,11 +399,14 @@
 CPJVMjava=OK, adres\u00e1\u0159, kter\u00fd jste vybrali, obsahuje podadres\u00e1\u0159 a soubor \u201ebin/java\u201c.
 CPJVMnoRtJar=Chyba: adres\u00e1\u0159, kter\u00fd jste vybrali, neobsahuje podadres\u00e1\u0159 a soubor \u201elib/rt.jar\u201c.
 CPJVMrtJar=OK, adres\u00e1\u0159, kter\u00fd jste vybrali, obsahuje podadres\u00e1\u0159 a soubor \u201elib/rt.jar\u201c.
-CPJVMPluginAllowTTValidation=Povolit ov\u011b\u0159ov\u00e1n\u00ed v pr\u016fb\u011bhu psan\u00ed
+CPJVMPluginAllowTTValidation=Ov\u011b\u0159it prost\u0159ed\u00ed JRE ihned
 CPJVMNotokMessage1=Zadali jste neplatnou hodnotu <u>({0})</u> prost\u0159ed\u00ed JDK. Chybov\u00e1 zpr\u00e1va:
 CPJVMNotokMessage2=Tuto zpr\u00e1vu vid\u00edte pravd\u011bpodobn\u011b proto\u017ee: <blockquote> * V\u00e1\u0161 syst\u00e9m nepro\u0161el n\u011bkter\u00fdm z ov\u011b\u0159ovac\u00edch test\u016f<br/> * Bylo detekov\u00e1no jin\u00e9 prost\u0159ed\u00ed ne\u017e OpenJDK</blockquote>S neplatn\u00fdm prost\u0159ed\u00edm JDK nebude se pravd\u011bpodobn\u011b nebude aplikace IcedTea-Web schopna spustit.<br/>Budete muset upravit nebo odstranit vlastnost <u>{0}</u> ve va\u0161em konfigura\u010dn\u00edm souboru <u>{1}</u>. <br/> M\u011bli byste ve sv\u00e9m syst\u00e9mu nal\u00e9zt prost\u0159ed\u00ed OpenJDK, nebo byste m\u011bli dob\u0159e v\u011bd\u011bt, co d\u011bl\u00e1te.
 CPJVMconfirmInvalidJdkTitle=Potvrzen\u00ed neplatn\u00e9ho prost\u0159ed\u00ed JDK
 CPJVMconfirmReset=Obnovit v\u00fdchoz\u00ed nastaven\u00ed?
+CPPolicyDetail=Zobrazit nebo upravit v\u00e1\u0161 u\u017eivatelsk\u00fd soubor se z\u00e1sadami prost\u0159ed\u00ed Java Toto nastaven\u00ed v\u00e1m umo\u017en\u00ed ud\u011blit nebo odep\u0159\u00edt opr\u00e1vn\u011bn\u00ed modulu runtime pro aplet bez ohledu na standardn\u00ed bezpe\u010dnostn\u00ed pravidla pro pr\u00e1ci v izolovan\u00e9m prostoru (sandbox).
+CPPolicyTooltip=Otev\u0159\u00edt soubor {0} v n\u00e1stroji Policy Editor.
+CPPolicyEditorNotFound=Nelze nal\u00e9zt editor pro tvorbu souboru syst\u00e9mov\u00fdch z\u00e1sad. Zkontrolujte, zda je n\u00e1stroj Policy Tool dosa\u017eiteln\u00fd z PATH.
 
 # Control Panel - Buttons
 CPButAbout=O aplikaci IcedTea-Web
@@ -344,6 +414,8 @@
 CPButSettings=Nastaven\u00ed...
 CPButView=Zobrazit...
 CPButCertificates=Certifik\u00e1ty...
+CPButSimpleEditor=Jednoduch\u00fd editor
+CPButAdvancedEditor=Roz\u0161\u00ed\u0159en\u00fd editor
 
 # Control Panel - Headers
 CPHead=Ovl\u00e1dac\u00ed panel IcedTea-Web
@@ -356,6 +428,7 @@
 CPHeadDesktopIntegration=\u00a0Integrace s pracovn\u00ed plochou\u00a0
 CPHeadSecurity=\u00a0Nastaven\u00ed zabezpe\u010den\u00ed\u00a0
 CPHeadJVMSettings=\u00a0Nastaven\u00ed JVM\u00a0
+CPHeadPolicy=\u00a0Vlastn\u00ed nastaven\u00ed z\u00e1sad\u00a0
 
 # Control Panel - Tabs
 CPTabAbout=O aplikaci IcedTea-Web
@@ -368,9 +441,10 @@
 CPTabRuntimes=Moduly runtime
 CPTabSecurity=Zabezpe\u010den\u00ed
 CPTabJVMSettings=Nastaven\u00ed JVM
+CPTabPolicy=Nastaven\u00ed z\u00e1sad
 
 # Control Panel - AboutPanel
-CPAboutInfo=Toto je ovl\u00e1dac\u00ed panel umo\u017e\u0148uj\u00edc\u00ed nastavit deployment.properties.<br/>Dokud nebudou implementov\u00e1ny v\u0161echny funkce, n\u011bkter\u00e9 z nich nebudou \u00fa\u010dinn\u00e9.<br/>V sou\u010dasnosti nen\u00ed podporov\u00e1no pou\u017e\u00edv\u00e1n\u00ed v\u00edce prost\u0159ed\u00ed JRE.<br/>
+CPAboutInfo=Toto je ovl\u00e1dac\u00ed panel umo\u017e\u0148uj\u00edc\u00ed nastavit deployment.properties.<br/>Dokud nebudou implementov\u00e1ny v\u0161echny funkce, n\u011bkter\u00e9 z nich nebudou \u00fa\u010dinn\u00e9.<br/>V sou\u010dasnosti je pou\u017e\u00edv\u00e1n\u00ed v\u00edce prost\u0159ed\u00ed JRE omezeno na OpenJDK.<br/>
 
 # Control Panel - AdvancedProxySettings
 APSDialogTitle=Nastaven\u00ed s\u00edt\u011b
@@ -388,11 +462,197 @@
 APSExceptionInstruction=Odd\u011blte ka\u017edou polo\u017eku st\u0159edn\u00edkem.
 
 # Control Panel - DebugginPanel
-DPEnableLogging=Zapnout protokolov\u00e1n\u00ed
+CPDebuggingPossibilites=V\u00fdstupy protokolov\u00e1n\u00ed
+DPEnableLogging=Zapnout lad\u011bn\u00ed
+DPEnableLoggingHint=Kdy\u017e je tento p\u0159ep\u00edna\u010d zapnut\u00fd, jsou protokolov\u00e1ny tak\u00e9 zpr\u00e1vy z lad\u011bn\u00ed. Ekvivalent pou\u017eit\u00ed p\u0159ep\u00edna\u010de -verbose nebo pou\u017eit\u00ed nastaven\u00ed ICEDTEAPLUGIN_DEBUG=true.
+DPEnableHeaders=Povolit hlavi\u010dky
+DPEnableHeadersHint=Kdy\u017e je tento p\u0159ep\u00edna\u010d zapnut\u00fd, ka\u017ed\u00e1 zaprotokolovan\u00e1 zpr\u00e1va m\u00e1 hlavi\u010dku s dodate\u010dn\u00fdmi informacemi, jako jsou nap\u0159\u00edklad podrobnosti o u\u017eivateli, um\u00edst\u011bn\u00ed v k\u00f3du a \u010dasu.
+DPEnableFile=Zapnout protokolov\u00e1n\u00ed do souboru
+CPFilesLogsDestDir=Adres\u00e1\u0159 pro souborov\u00e9 protokoly
+CPFilesLogsDestDirResert=Obnovit v\u00fdchoz\u00ed nastaven\u00ed
+DPEnableFileHint=zpr\u00e1vy v\u00fdstupu budou ulo\u017eeny do souboru v adres\u00e1\u0159i {0}.
+DPEnableStds=Zapnout protokolov\u00e1n\u00ed na standardn\u00ed v\u00fdstupy.
+DPEnableStdsHint=Zpr\u00e1vy budou vyps\u00e1ny na standardn\u00edch v\u00fdstupech.
+DPEnableSyslog=Zapnout protokolov\u00e1n\u00ed do syst\u00e9mov\u00fdch protokol\u016f
+DPEnableSyslogHint=zpr\u00e1vy v\u00fdstupu budou ulo\u017eeny do syst\u00e9mov\u00fdch protokol\u016f.
 DPDisable=Vypnout
 DPHide=Skr\u00fdt p\u0159i spou\u0161t\u011bn\u00ed
 DPShow=Zobrazit p\u0159i spou\u0161t\u011bn\u00ed
+DPShowPluginOnly=Zobrazit p\u0159i spou\u0161t\u011bn\u00ed z\u00e1suvn\u00e9ho modulu
+DPShowJavawsOnly=Zobrazit p\u0159i spou\u0161t\u011bn\u00ed javaws
 DPJavaConsole=Konzola Java
+DPJavaConsoleDisabledHint=Konzola Java je vypnuta. Pomoc\u00ed programu itw-settings ji m\u016f\u017eete zapnout a nastavit jej\u00ed zobrazov\u00e1n\u00ed/nezobrazov\u00e1n\u00ed po startu.
+
+# PolicyEditor
+PEUsage=policyeditor [-file soubor_se_ z\u00e1sadami]
+PEHelpFlag=Vyp\u00ed\u0161e zadanou zpr\u00e1vu do konzole a ukon\u010d\u00ed aplikaci.
+PEFileFlag=Specifikuje cestu k souboru se z\u00e1sadami, kter\u00fd se m\u00e1 b\u00fdt otev\u0159en.
+PECodebaseFlag=Specifikuje adresy URL z\u00e1kladny k\u00f3du (codebase), kter\u00e9 se p\u0159idaj\u00ed anebo zv\u00fdrazn\u00ed v editoru.
+PETitle=Policy Editor
+PEReadProps=\u010cten\u00ed syst\u00e9mov\u00fdch vlastnost\u00ed
+PEReadPropsDetail=Povol\u00ed aplet\u016fm \u010d\u00edst syst\u00e9mov\u00e9 vlastnosti, jako jen va\u0161e u\u017eivatelsk\u00e9 jm\u00e9no a um\u00edst\u011bn\u00ed domovsk\u00e9ho adres\u00e1\u0159e.
+PEWriteProps=Zapisov\u00e1n\u00ed syst\u00e9mov\u00fdch vlastnost\u00ed
+PEWritePropsDetail=Povol\u00ed aplet\u016fm zapisovat/p\u0159episovat syst\u00e9mov\u00e9 vlastnosti.
+PEReadFiles=\u010cten\u00ed lok\u00e1ln\u00edch soubor\u016f
+PEReadFilesDetail=Povol\u00ed aplet\u016fm \u010d\u00edst ze soubor\u016f ve va\u0161em domovsk\u00e9m adres\u00e1\u0159i.
+PEWriteFiles=Zapisov\u00e1n\u00ed do lok\u00e1ln\u00edch soubor\u016f
+PEWriteFilesDetail=Povol\u00ed aplet\u016fm zapisovat do soubor\u016f ve va\u0161em domovsk\u00e9m adres\u00e1\u0159i.
+PEDeleteFiles=Maz\u00e1n\u00ed lok\u00e1ln\u00edch soubor\u016f
+PEDeleteFilesDetail=Povol\u00ed aplet\u016fm mazat soubory ve va\u0161em domovsk\u00e9m adres\u00e1\u0159i.
+PEReadSystemFiles=\u010cten\u00ed v\u0161ech syst\u00e9mov\u00fdch soubor\u016f
+PEReadSystemFilesDetail=Povol\u00ed aplikac\u00edm p\u0159istupovat ke v\u0161em um\u00edst\u011bn\u00edm ve va\u0161em po\u010d\u00edta\u010di v re\u017eimu pro \u010dten\u00ed.
+PEWriteSystemFiles=Zapisov\u00e1n\u00ed do v\u0161ech syst\u00e9mov\u00fdch soubor\u016f
+PEWriteSystemFilesDetail=Povol\u00ed aplikac\u00edm p\u0159istupovat ke v\u0161em um\u00edst\u011bn\u00edm ve va\u0161em po\u010d\u00edta\u010di v re\u017eimu pro z\u00e1pis.
+PEReadTempFiles=\u010cten\u00ed z do\u010dasn\u00fdch soubor\u016f
+PEReadTempFilesDetail=Povol\u00ed aplet\u016fm \u010d\u00edst z adres\u00e1\u0159e s do\u010dasn\u00fdmi soubory.
+PEWriteTempFiles=Zapisov\u00e1n\u00ed do do\u010dasn\u00fdch soubor\u016f
+PEWriteTempFilesDetail=Povol\u00ed aplet\u016fm zapisovat do adres\u00e1\u0159e s do\u010dasn\u00fdmi soubory.
+PEDeleteTempFiles=Maz\u00e1n\u00ed do\u010dasn\u00fdch soubor\u016f
+PEDeleteTempFilesDetail=Povol\u00ed aplet\u016fm mazat soubory ve va\u0161em adres\u00e1\u0159i s do\u010dasn\u00fdmi soubory.
+PEAWTPermission=P\u0159\u00edstup k syst\u00e9mu oken
+PEAWTPermissionDetail=Povol\u00ed aplet\u016fm p\u0159\u00edstup k syst\u00e9mu oken AWT.
+PEClipboard=P\u0159\u00edstup do schr\u00e1nky
+PEClipboardDetail=Povol\u00ed aplet\u016fm \u010d\u00edst a zapisovat ve schr\u00e1nce.
+PENetwork=P\u0159\u00edstup k s\u00edti
+PENetworkDetail=Povol\u00ed aplet\u016fm navazovat jak\u00e1koli s\u00ed\u0165ov\u00e1 spojen\u00ed.
+PEPrint=Tisknut\u00ed dokument\u016f
+PEPrintDetail=Povol\u00ed aplet\u016fm p\u0159id\u00e1vat \u00falohy do tiskov\u00e9 fronty.
+PEPlayAudio=P\u0159ehr\u00e1v\u00e1n\u00ed zvuk\u016f
+PEPlayAudioDetail=Povol\u00ed aplet\u016fm p\u0159ehr\u00e1vat zvuky, nikoliv v\u0161ak zvuky nahr\u00e1vat.
+PERecordAudio=Nahr\u00e1v\u00e1n\u00ed audia
+PERecordAudioDetail=Povol\u00ed aplet\u016fm nahr\u00e1vat audio, nikoliv v\u0161ak audio soubory p\u0159ehr\u00e1vat.
+PEReflection=Java Reflection
+PEReflectionDetail=Povol\u00ed aplet\u016fm p\u0159istupovat k rozhran\u00ed Java Reflection API
+PEClassLoader=P\u0159\u00edstup k zavad\u011b\u010di t\u0159\u00edd
+PEClassLoaderDetail=Povol\u00ed aplet\u016fm p\u0159\u00edstup k syst\u00e9mov\u00e9mu zavad\u011b\u010di t\u0159\u00edd (\u010dasto b\u00fdv\u00e1 pou\u017e\u00edv\u00e1no s rozhran\u00edm Reflection).
+PEClassInPackage=P\u0159\u00edstup k ostatn\u00edm bal\u00ed\u010dk\u016fm
+PEClassInPackageDetail=Povol\u00ed aplet\u016fm p\u0159\u00edstup k t\u0159\u00edd\u00e1m z bal\u00ed\u010dk\u016f ostatn\u00edch aplet\u016f (\u010dasto b\u00fdv\u00e1 pou\u017e\u00edv\u00e1no s rozhran\u00edm Reflection).
+PEDeclaredMembers=P\u0159\u00edstup k soukrom\u00fdm dat\u016fm t\u0159\u00edd
+PEDeclaredMembersDetail=Povol\u00ed aplet\u016fm p\u0159\u00edstup k obvykle skryt\u00fdm dat\u016fm ostatn\u00edch t\u0159\u00edd prost\u0159ed\u00ed Java (\u010dasto b\u00fdv\u00e1 pou\u017e\u00edv\u00e1no s rozhran\u00edm Reflection).
+PEExec=Spou\u0161t\u011bn\u00ed p\u0159\u00edkaz\u016f
+PEExecDetail=Povol\u00ed aplet\u016fm spou\u0161t\u011bt syst\u00e9mov\u00e9 p\u0159\u00edkazy.
+PEGetEnv=P\u0159\u00edstup k prom\u011bnn\u00fdm prost\u0159ed\u00ed
+PEGetEnvDetail=Povol\u00ed aplet\u016fm \u010d\u00edst prom\u011bnn\u00e9 syst\u00e9mov\u00e9ho prost\u0159ed\u00ed.
+PECouldNotOpen=Nelze otev\u0159\u00edt soubor se z\u00e1sadami
+PECouldNotSave=Nelze ulo\u017eit soubor se z\u00e1sadami
+PEAddCodebase=P\u0159idat novou z\u00e1kladnu k\u00f3du (codebase)
+PERemoveCodebase=Odstranit
+PECodebasePrompt=Zadejte novou z\u00e1kladnu k\u00f3du (codebase)
+PEGlobalSettings=V\u0161echny aplety
+PESaveChanges=Ulo\u017eit zm\u011bny p\u0159ed ukon\u010den\u00edm?
+PEChangesSaved=Zm\u011bny byly ulo\u017eeny.
+PECheckboxLabel=Opr\u00e1vn\u011bn\u00ed
+PECodebaseLabel=Z\u00e1kladny k\u00f3du (codebases)
+PEFileMenu=Soubor
+PEOpenMenuItem=Otev\u0159\u00edt...
+PESaveMenuItem=Ulo\u017eit
+PESaveAsMenuItem=Ulo\u017eit jako...
+PEExitMenuItem=Ukon\u010dit
+PEViewMenu=Zobrazit
+PECustomPermissionsItem=Vlastn\u00ed opr\u00e1vn\u011bn\u00ed...
+PEFileModified=Varov\u00e1n\u00ed ohledn\u011b zm\u011bny souboru
+PEFileModifiedDetail=Soubor se z\u00e1sadami v um\u00edst\u011bn\u00ed {0} byl od posledn\u00edho otev\u0159en\u00ed zm\u011bn\u011bn. Chcete ho p\u0159ed ulo\u017een\u00edm znovu na\u010d\u00edst a upravit?
+PEGAccesUnowenedCode= Spou\u0161t\u011bn\u00ed k\u00f3du, kter\u00fd nevlastn\u00edte
+PEGMediaAccess= P\u0159\u00edstup k m\u00e9di\u00edm
+PEGrightClick= prav\u00fdm tla\u010d\u00edtkem my\u0161i rozbalit/sbalit nab\u00eddku
+PEGReadFileSystem= \u010cten\u00ed ze syst\u00e9mu
+PEGWriteFileSystem= Zapisov\u00e1n\u00ed do syst\u00e9mu
+
+
+# Policy Editor CustomPolicyViewer
+PECPTitle=Prohl\u00ed\u017ee\u010d vlastn\u00edch z\u00e1sad

From jvanek at redhat.com  Mon Mar 31 14:59:46 2014
From: jvanek at redhat.com (Jiri Vanek)
Date: Mon, 31 Mar 2014 16:59:46 +0200
Subject: [icedtea-web] Translation of 1.5
In-Reply-To: <CAES586xq+1GuJxnxZdOetkaEufwtLUUF5mXaiKva=yE7h35KXw@mail.gmail.com>
References: <53306BD5.8040902@redhat.com>	<CAES586yYL8VoSfY6WBBVGEeeLPYEYot9Pc4_G05Xvxi_Mhyn=A@mail.gmail.com>
	<CAES586xq+1GuJxnxZdOetkaEufwtLUUF5mXaiKva=yE7h35KXw@mail.gmail.com>
Message-ID: <533982E2.9070006@redhat.com>


Thank you!

Pushed.

Please note, I have removed the copy of looong help string.

And you may note also the small whitelist which appeared :)


J.

Thank you AGAIN and SO much!


On 03/27/2014 08:52 PM, skolnag at gmail.com wrote:
> Hello,
>
> Here is the Czech translation.
>
> Kind regards,
> Alexandr
>
>
>
>
>
> 2014-03-24 17:46 GMT+00:00 skolnag at gmail.com <mailto:skolnag at gmail.com> <skolnag at gmail.com
> <mailto:skolnag at gmail.com>>:
>
>     Hello,
>
>     I have most of the translation finished. There are, however, some places where the source text
>     is unclear. I will send my questions tomorrow and after I receive the answers I will provide
>     final translation.
>
>     Thank you for understanding.
>
>     Kind regards,
>     Alexandr
>
>
>
>
>     2014-03-24 18:31 GMT+01:00 Jiri Vanek <jvanek at redhat.com <mailto:jvanek at redhat.com>>:
>
>         Hi guys!
>
>         Is there any progress/eta or whatever?
>
>         If not, Then I will probably release 1.5 with missing lines, and hope for 1.5.1 to bring the
>         fix.
>
>         Anyway for any case, I need some feedback to sync with you and rest of ITW.
>
>         Thanx in advance,
>           All the best
>             J.
>
>
>


From jvanek at redhat.com  Mon Mar 31 15:31:37 2014
From: jvanek at redhat.com (Jiri Vanek)
Date: Mon, 31 Mar 2014 17:31:37 +0200
Subject: [icedtea-web] Translation of 1.5
In-Reply-To: <533982E2.9070006@redhat.com>
References: <53306BD5.8040902@redhat.com>	<CAES586yYL8VoSfY6WBBVGEeeLPYEYot9Pc4_G05Xvxi_Mhyn=A@mail.gmail.com>	<CAES586xq+1GuJxnxZdOetkaEufwtLUUF5mXaiKva=yE7h35KXw@mail.gmail.com>
	<533982E2.9070006@redhat.com>
Message-ID: <53398A59.2010803@redhat.com>

On 03/31/2014 04:59 PM, Jiri Vanek wrote:
>
> Thank you!
>
> Pushed.
>
> Please note, I have removed the copy of looong help string.
>
> And you may note also the small whitelist which appeared :)

Forgot to add link http://icedtea.classpath.org/hg/icedtea-web/rev/ee80e215928e#l3.26

Sorry for spam:(
>
>
> J.
>
> Thank you AGAIN and SO much!
>
>
> On 03/27/2014 08:52 PM, skolnag at gmail.com wrote:
>> Hello,
>>
>> Here is the Czech translation.
>>
>> Kind regards,
>> Alexandr
>>
>>
>>
>>
>>
>> 2014-03-24 17:46 GMT+00:00 skolnag at gmail.com <mailto:skolnag at gmail.com> <skolnag at gmail.com
>> <mailto:skolnag at gmail.com>>:
>>
>>     Hello,
>>
>>     I have most of the translation finished. There are, however, some places where the source text
>>     is unclear. I will send my questions tomorrow and after I receive the answers I will provide
>>     final translation.
>>
>>     Thank you for understanding.
>>
>>     Kind regards,
>>     Alexandr
>>
>>
>>
>>
>>     2014-03-24 18:31 GMT+01:00 Jiri Vanek <jvanek at redhat.com <mailto:jvanek at redhat.com>>:
>>
>>         Hi guys!
>>
>>         Is there any progress/eta or whatever?
>>
>>         If not, Then I will probably release 1.5 with missing lines, and hope for 1.5.1 to bring the
>>         fix.
>>
>>         Anyway for any case, I need some feedback to sync with you and rest of ITW.
>>
>>         Thanx in advance,
>>           All the best
>>             J.
>>
>>
>>
>


From jvanek at redhat.com  Mon Mar 31 15:54:16 2014
From: jvanek at redhat.com (Jiri Vanek)
Date: Mon, 31 Mar 2014 17:54:16 +0200
Subject: [rfc][icedtea-web] allowing "dot issue" of codebaseMatcher
Message-ID: <53398FA8.6080401@redhat.com>


Fixing the regression of jogamp, as in subject

J.

ps: I still think its bug, and Oracle sucks :-/
pps: I emailed them about this issue several times, no reply :(
-------------- next part --------------
A non-text attachment was scrubbed...
Name: alowingDotIssue.patch
Type: text/x-patch
Size: 1742 bytes
Desc: not available
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140331/1f50a44d/alowingDotIssue.patch>

From omajid at redhat.com  Mon Mar 31 16:06:18 2014
From: omajid at redhat.com (Omair Majid)
Date: Mon, 31 Mar 2014 12:06:18 -0400
Subject: [icedtea-web] RFC: Minor fixes to ALACA dialog
In-Reply-To: <53397350.7030001@redhat.com>
References: <20140328222303.GE2812@redhat.com>
 <53397350.7030001@redhat.com>
Message-ID: <20140331160617.GE2669@redhat.com>

* Jiri Vanek <jvanek at redhat.com> [2014-03-31 09:53]:
> On 03/28/2014 11:23 PM, Omair Majid wrote:
> >The attached patches does some minor tweaks to the ALACA dialog.
> 
> Yes. This is ok to go. Also I'm for the compression  of  info
> attribute. I think it is more wide spread. Then jsut in alaca.

Okay, this patch includes all the 4 changes (remove 'codebase', wrap
urls in <ul>, simplify the ALACA title and fix html link names).

If you read it carefully, you will see both ALACA title/descriptions are
the same. I am still not sure if, from a user's point of view, there is
any difference.

Thoughts?

Thanks,
Omair

-- 
PGP Key: 66484681 (http://pgp.mit.edu/)
Fingerprint = F072 555B 0A17 3957 4E95  0056 F286 F14F 6648 4681
-------------- next part --------------
diff --git a/netx/net/sourceforge/jnlp/resources/Messages.properties b/netx/net/sourceforge/jnlp/resources/Messages.properties
--- a/netx/net/sourceforge/jnlp/resources/Messages.properties
+++ b/netx/net/sourceforge/jnlp/resources/Messages.properties
@@ -61,23 +61,24 @@
 http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/no_redeploy.html</a>
 
 # missing Application-Library-Allowable-Codebase dialogue
-ALACAMissingMainTitle=Application <span color='red'> {0} </span> \
-form codebase <span color='red'> {1} </span> is missing the  Application-Library-Allowable-Codebase attribute. \
-This application uses resources from the following remote locations:<br/> {2} Are you sure you want to run this application?
-ALACAMissingInfo=For more information you can visit:<br/>\
+ALACAMissingMainTitle=The application <span color='red'> {0} </span> \
+from <span color='red'> {1} </span> uses resources from the following remote locations: \
+{2} \
+Are you sure you want to run this application?
+ALACAMissingInfo=For more information see:<br/>\
 <a href="http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#app_library"> \
-http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#app_library</a> <br/> \
+JAR File Manifest Attributes</a> <br/> \
 and<br/> <a href="http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/no_redeploy.html"> \
-http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/no_redeploy.html</a>
+Preventing the Repurposing of an Application</a>
 # matching Application-Library-Allowable-Codebase dialogue
-ALACAMatchingMainTitle=Application <span color='red'> {0} </span> \
-form codebase <span color='red'> {1} </span> is requiring valid resources from different locations:<br/>{2} <br/> \
-Those resources are expected to be loaded. Do you agree to run this application?
+ALACAMatchingMainTitle=The application <span color='red'> {0} </span> \
+from <span color='red'> {1} </span> uses resources from the following remote locations:<br/>{2} <br/> \
+Are you sure you want to run this application?
 ALACAMatchingInfo=For more information you can visit:<br/>\
 <a href="http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#app_library"> \
-http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#app_library</a> <br/> \
+JAR File Manifest Attributes</a> <br/> \
 and<br/> <a href="http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/no_redeploy.html"> \
-http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/no_redeploy.html</a>
+Preventing the Repurposing of an Application</a>
 
 # LS - Severity
 LSMinor=Minor
diff --git a/netx/net/sourceforge/jnlp/util/UrlUtils.java b/netx/net/sourceforge/jnlp/util/UrlUtils.java
--- a/netx/net/sourceforge/jnlp/util/UrlUtils.java
+++ b/netx/net/sourceforge/jnlp/util/UrlUtils.java
@@ -195,9 +195,11 @@
      */
     public static String setOfUrlsToHtmlList(Iterable<URL> remoteUrls) {
         StringBuilder sb = new StringBuilder();
+        sb.append("<ul>");
         for (URL url : remoteUrls) {
             sb.append("<li>").append(url.toExternalForm()).append("</li>");
         }
+        sb.append("</ul>");
         return sb.toString();
     }
 

From jvanek at redhat.com  Mon Mar 31 16:26:45 2014
From: jvanek at redhat.com (Jiri Vanek)
Date: Mon, 31 Mar 2014 18:26:45 +0200
Subject: [icedtea-web] RFC: Minor fixes to ALACA dialog
In-Reply-To: <20140331160617.GE2669@redhat.com>
References: <20140328222303.GE2812@redhat.com> <53397350.7030001@redhat.com>
	<20140331160617.GE2669@redhat.com>
Message-ID: <53399745.9080301@redhat.com>

On 03/31/2014 06:06 PM, Omair Majid wrote:
> * Jiri Vanek <jvanek at redhat.com> [2014-03-31 09:53]:
>> On 03/28/2014 11:23 PM, Omair Majid wrote:
>>> The attached patches does some minor tweaks to the ALACA dialog.
>>
>> Yes. This is ok to go. Also I'm for the compression  of  info
>> attribute. I think it is more wide spread. Then jsut in alaca.
>
> Okay, this patch includes all the 4 changes (remove 'codebase', wrap
> urls in <ul>, simplify the ALACA title and fix html link names).
>
> If you read it carefully, you will see both ALACA title/descriptions are
> the same. I am still not sure if, from a user's point of view, there is
> any difference.
>
> Thoughts?
>
> Thanks,
> Omair
>
ok to go! Please also push the http://fpaste.org/90290/28294913/ together.

J.

From omajid at redhat.com  Mon Mar 31 16:26:52 2014
From: omajid at redhat.com (Omair Majid)
Date: Mon, 31 Mar 2014 12:26:52 -0400
Subject: [icedtea-web] RFC: Minor fixes to ALACA dialog
In-Reply-To: <53397350.7030001@redhat.com>
References: <20140328222303.GE2812@redhat.com>
 <53397350.7030001@redhat.com>
Message-ID: <20140331162651.GG2669@redhat.com>

* Jiri Vanek <jvanek at redhat.com> [2014-03-31 09:54]:
> Yes. This is ok to go. Also I'm for the compression  of  info
> attribute. I think it is more wide spread. Then jsut in alaca.

There is one other link with full link text: MissingPermissionsInfo. The
attached patch fixes that.

Thanks,
Omair

-- 
PGP Key: 66484681 (http://pgp.mit.edu/)
Fingerprint = F072 555B 0A17 3957 4E95  0056 F286 F14F 6648 4681
-------------- next part --------------
diff --git a/netx/net/sourceforge/jnlp/resources/Messages.properties b/netx/net/sourceforge/jnlp/resources/Messages.properties
--- a/netx/net/sourceforge/jnlp/resources/Messages.properties
+++ b/netx/net/sourceforge/jnlp/resources/Messages.properties
@@ -56,9 +56,9 @@
 Applications without this attribute should not be trusted. Do you wish to allow this application to run?
 MissingPermissionsInfo=For more information you can visit:<br/>\
 <a href="http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#permissions"> \
-http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#permissions</a> <br/> \
+JAR File Manifest Attributes</a> <br/> \
 and<br/> <a href="http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/no_redeploy.html"> \
-http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/no_redeploy.html</a>
+Preventing the repurposing of Applications</a>
 
 # missing Application-Library-Allowable-Codebase dialogue
 ALACAMissingMainTitle=The application <span color='red'> {0} </span> \

From jvanek at redhat.com  Mon Mar 31 16:28:32 2014
From: jvanek at redhat.com (Jiri Vanek)
Date: Mon, 31 Mar 2014 18:28:32 +0200
Subject: [icedtea-web] RFC: Minor fixes to ALACA dialog
In-Reply-To: <20140331162651.GG2669@redhat.com>
References: <20140328222303.GE2812@redhat.com> <53397350.7030001@redhat.com>
	<20140331162651.GG2669@redhat.com>
Message-ID: <533997B0.2000707@redhat.com>

On 03/31/2014 06:26 PM, Omair Majid wrote:
> * Jiri Vanek <jvanek at redhat.com> [2014-03-31 09:54]:
>> Yes. This is ok to go. Also I'm for the compression  of  info
>> attribute. I think it is more wide spread. Then jsut in alaca.
>
> There is one other link with full link text: MissingPermissionsInfo. The
> attached patch fixes that.
>
> Thanks,
> Omair
>
Already OKed, but nvm :) Go on, please.

From bugzilla-daemon at icedtea.classpath.org  Mon Mar 31 16:36:43 2014
From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org)
Date: Mon, 31 Mar 2014 16:36:43 +0000
Subject: [Bug 900] Fatal: Application Error: Unknown Main-Class. Could not
	determine the main class for this application.
In-Reply-To: <bug-900-30@http.icedtea.classpath.org/bugzilla/>
References: <bug-900-30@http.icedtea.classpath.org/bugzilla/>
Message-ID: <bug-900-30-VaXIdYSZ8Q@http.icedtea.classpath.org/bugzilla/>

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=900

Jonathan Kamens <jik at kamens.us> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |jik at kamens.us

--- Comment #9 from Jonathan Kamens <jik at kamens.us> ---
I have two Fedora 20 x86_64 systems. On one, I am seeing this problem. On the
other, I can load exactly the same java applet in Firefox with no trouble.

I tried creating a brand new Firefox profile and the problem persisted.

Here's the start of the output in the java console on the machine that's not
working:

Attempted to download https://xvm.mit.edu:446/static/VncViewer.jar, but failed
to connect!
Application title was not found in manifest. Check with application vendor
JAR https://xvm.mit.edu:446/static/VncViewer.jar not found. Continuing.
JAR https://xvm.mit.edu:446/static/VncViewer.jar not found. Continuing.

When you cut and paste that URL into a browser or download it with curl or do a
HEAD request, it works just fine, so I have no idea why OpenJDK is unable to
download it.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140331/2ba9596d/attachment-0001.html>

From jvanek at redhat.com  Mon Mar 31 16:46:04 2014
From: jvanek at redhat.com (Jiri Vanek)
Date: Mon, 31 Mar 2014 18:46:04 +0200
Subject: [icedtea-web] RFC: Minor fixes to ALACA dialog
In-Reply-To: <20140331162651.GG2669@redhat.com>
References: <20140328222303.GE2812@redhat.com> <53397350.7030001@redhat.com>
	<20140331162651.GG2669@redhat.com>
Message-ID: <53399BCC.4080808@redhat.com>

On 03/31/2014 06:26 PM, Omair Majid wrote:
> * Jiri Vanek <jvanek at redhat.com> [2014-03-31 09:54]:
>> Yes. This is ok to go. Also I'm for the compression  of  info
>> attribute. I think it is more wide spread. Then jsut in alaca.
>
> There is one other link with full link text: MissingPermissionsInfo. The
> attached patch fixes that.
>
> Thanks,
> Omair
>
I think you mat also fix the:

form codebase <span color='red'> {1} </span> is missing the permissions attribute. \

to rmeove the codebase word, in same manner as in case of ALACA.

Feel free to include and push at free will.

J.

From aazores at redhat.com  Mon Mar 31 16:56:58 2014
From: aazores at redhat.com (Andrew Azores)
Date: Mon, 31 Mar 2014 12:56:58 -0400
Subject: [rfc][icedtea-web] allowing "dot issue" of codebaseMatcher
In-Reply-To: <53398FA8.6080401@redhat.com>
References: <53398FA8.6080401@redhat.com>
Message-ID: <53399E5A.4090007@redhat.com>

On 03/31/2014 11:54 AM, Jiri Vanek wrote:
>
> Fixing the regression of jogamp, as in subject
>
> J.
>
> ps: I still think its bug, and Oracle sucks :-/
> pps: I emailed them about this issue several times, no reply :(

I think this is okay. I haven't very thoroughly tested it, but it does 
make the previously-failing Jogamp test case start to work again at least.

Thanks,

-- 
Andrew A


From jvanek at redhat.com  Mon Mar 31 17:04:17 2014
From: jvanek at redhat.com (Jiri Vanek)
Date: Mon, 31 Mar 2014 19:04:17 +0200
Subject: [fyi][icedtea-web] adapting cz localisation for future changes.
Message-ID: <5339A011.2060405@redhat.com>

With:

http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2014-March/026995.html
http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2014-March/026997.html
and
http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2014-March/027000.html

approved.


This is adaptation of current CZ messages.

I will push this in short time.


J.

From jvanek at icedtea.classpath.org  Mon Mar 31 17:20:32 2014
From: jvanek at icedtea.classpath.org (jvanek at icedtea.classpath.org)
Date: Mon, 31 Mar 2014 17:20:32 +0000
Subject: /hg/icedtea-web: Allowed wrong match of the aaaexample.com by *....
Message-ID: <hg.79a3a7a01760.1396286432.8643924302249223276@icedtea.classpath.org>

changeset 79a3a7a01760 in /hg/icedtea-web
details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=79a3a7a01760
author: Jiri Vanek <jvanek at redhat.com>
date: Mon Mar 31 19:20:19 2014 +0200

	Allowed wrong match of the aaaexample.com by *.example.com expression as in specification.


diffstat:

 ChangeLog                                                           |  9 +++++++++
 netx/net/sourceforge/jnlp/util/ClasspathMatcher.java                |  9 +++++----
 tests/netx/unit/net/sourceforge/jnlp/util/ClasspathMatcherTest.java |  8 ++++++--
 3 files changed, 20 insertions(+), 6 deletions(-)

diffs (54 lines):

diff -r ee80e215928e -r 79a3a7a01760 ChangeLog
--- a/ChangeLog	Mon Mar 31 16:54:52 2014 +0200
+++ b/ChangeLog	Mon Mar 31 19:20:19 2014 +0200
@@ -1,3 +1,12 @@
+2013-03-31  Jiri Vanek  <jvanek at redhat.com>
+
+	Allowed wrong match of the aaaexample.com by *.example.com expression as in
+	specification.
+	* netx/net/sourceforge/jnlp/util/ClasspathMatcher.java: uncommented  handling 
+	of dot in (domainToRegEx).
+	* tests/netx/unit/net/sourceforge/jnlp/util/ClasspathMatcherTest.java:
+	(matchTest) uncommented and added tests of/for dot issue.
+
 2013-03-31  Jiri Vanek  <jvanek at redhat.com>
             Alexandr Kolouch  <skolnag at gmail.com>
 
diff -r ee80e215928e -r 79a3a7a01760 netx/net/sourceforge/jnlp/util/ClasspathMatcher.java
--- a/netx/net/sourceforge/jnlp/util/ClasspathMatcher.java	Mon Mar 31 16:54:52 2014 +0200
+++ b/netx/net/sourceforge/jnlp/util/ClasspathMatcher.java	Mon Mar 31 19:20:19 2014 +0200
@@ -146,10 +146,11 @@
         }
 
         private static Pattern domainToRegEx(String domain) {
-            // I have conisdered the "dot" as bug i specification
-            // while (domain.startsWith("*.")) {
-            //    domain = "*" + domain.substring(2);
-            //}
+            // Although I have conisdered the "dot" as bug in specification, 
+            // to many applications are depnding on it
+            while (domain.startsWith("*.")) {
+                domain = "*" + domain.substring(2);
+            }
             return ClasspathMatcher.sourceToRegEx(domain);
         }
     }
diff -r ee80e215928e -r 79a3a7a01760 tests/netx/unit/net/sourceforge/jnlp/util/ClasspathMatcherTest.java
--- a/tests/netx/unit/net/sourceforge/jnlp/util/ClasspathMatcherTest.java	Mon Mar 31 16:54:52 2014 +0200
+++ b/tests/netx/unit/net/sourceforge/jnlp/util/ClasspathMatcherTest.java	Mon Mar 31 19:20:19 2014 +0200
@@ -422,9 +422,13 @@
         Assert.assertTrue(p.match(urls[13]));
         Assert.assertTrue(p.match(urls[14]));
         //those represent the "dot" issue 
-        //Assert.assertTrue(p.match(urls[15]));
-        //Assert.assertTrue(p.match(urls[16]));
+        Assert.assertTrue(p.match(urls[15]));
+        Assert.assertTrue(p.match(urls[16]));
         Assert.assertFalse(p.match(urls[17]));
+        //reasons for alowing "dot" issue
+        Assert.assertTrue(p.match(new URL("http://www.example.com")));
+        Assert.assertTrue(p.match(new URL("http://example.com"))); //yah, this is really nasty
+        //still the DOT issue is an BUG
     }
 
     @Test

From aazores at redhat.com  Mon Mar 31 17:28:12 2014
From: aazores at redhat.com (Andrew Azores)
Date: Mon, 31 Mar 2014 13:28:12 -0400
Subject: [rfc][icedtea-web] Permissions manifest attribute fix
Message-ID: <5339A5AC.1070004@redhat.com>

Hi,

The spec for this attribute is at [0]. Any reviewer, please double check 
the spec to be sure I've correctly interpreted it, and not just 
implemented something else.

[1] and [2] can be used as test cases for this fix. The Permissions 
manifest attribute had a bug due to the inability to distinguish between 
a signed applet being granted All-permission because it specified it in 
the HTML params, and a signed applet being granted All-permission 
because it did not specify a permission level and All-permission is the 
default in this case. This bug led to signed applets being unable to 
properly request for themselves to be run sandboxed.

This patch fixes it so that the applets may be run, however, there is a 
deficiency in that we are not actually able to sandbox the applet. This 
is because we are doing our manifest checks after all of our resources 
have been loaded and assigned SecurityDescs. In order to run an applet 
sandboxed, the SecurityDelegate#setRunInSandbox call must be performed 
before any of these security descriptors are assigned. This is not 
currently possible. However, we do at least have the Run In Sandbox 
button which can be used before the manifest checks are performed, which 
will then allow the applet to be run sandboxed at the user's discretion.

[0] 
http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#permissions
[1] 
http://docs.oracle.com/javase/tutorial/deployment/applet/deployingApplet.html
[2] 
http://docs.oracle.com/javase/tutorial/deployment/deploymentInDepth/examples/dist/depltoolkit_Java2Demo/DeployUsingJNLP.html

Thanks,

-- 
Andrew A

-------------- next part --------------
A non-text attachment was scrubbed...
Name: permissions-attr-check.patch
Type: text/x-patch
Size: 14472 bytes
Desc: not available
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140331/fcc76fbf/permissions-attr-check-0001.patch>

From omajid at icedtea.classpath.org  Mon Mar 31 17:28:50 2014
From: omajid at icedtea.classpath.org (omajid at icedtea.classpath.org)
Date: Mon, 31 Mar 2014 17:28:50 +0000
Subject: /hg/icedtea-web: 3 new changesets
Message-ID: <hg.1fa70bdff359.1396286930.8643924302249223276@icedtea.classpath.org>

changeset 1fa70bdff359 in /hg/icedtea-web
details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=1fa70bdff359
author: Omair Majid <omajid at redhat.com>
date: Mon Mar 31 13:19:52 2014 -0400

	Adjust strings in ALACA dialog

	2013-03-31  Omair Majid  <omajid at redhat.com>

	       * netx/net/sourceforge/jnlp/resources/Messages.properties
	       (ALACAMissingMainTitle, ALACAMissingInfo ALACAMatchingMainTitle)
	       (ALACAMatchingInfo): Rephrase strings and replace full links with page
	       names.
	       * netx/net/sourceforge/jnlp/util/UrlUtils.java (setOfUrlsToHtmlList):
	       Enclose list in 'ul' element.


changeset ec7b04725a82 in /hg/icedtea-web
details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=ec7b04725a82
author: Omair Majid <omajid at redhat.com>
date: Mon Mar 31 13:26:39 2014 -0400

	Fix misssing permissions dialog

	2013-03-31  Omair Majid  <omajid at redhat.com>

	    * netx/net/sourceforge/jnlp/resources/Messages.properties
	    (MissingPermissionsMainTitle): Remove 'codebase'
	    (MissingPermissionsInfo): Use simple link title.


changeset dc0a77856cb4 in /hg/icedtea-web
details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=dc0a77856cb4
author: Omair Majid <omajid at redhat.com>
date: Mon Mar 31 13:27:48 2014 -0400

	Merge


diffstat:

 ChangeLog                                                           |  24 ++++++++
 netx/net/sourceforge/jnlp/resources/Messages.properties             |  29 +++++----
 netx/net/sourceforge/jnlp/util/ClasspathMatcher.java                |   9 +-
 netx/net/sourceforge/jnlp/util/UrlUtils.java                        |   2 +
 tests/netx/unit/net/sourceforge/jnlp/util/ClasspathMatcherTest.java |   8 ++-
 5 files changed, 52 insertions(+), 20 deletions(-)

diffs (135 lines):

diff -r ee80e215928e -r dc0a77856cb4 ChangeLog
--- a/ChangeLog	Mon Mar 31 16:54:52 2014 +0200
+++ b/ChangeLog	Mon Mar 31 13:27:48 2014 -0400
@@ -1,3 +1,27 @@
+2013-03-31  Omair Majid  <omajid at redhat.com>
+
+	* netx/net/sourceforge/jnlp/resources/Messages.properties
+	(MissingPermissionsMainTitle): Remove 'codebase'
+	(MissingPermissionsInfo): Use simple link title.
+
+2013-03-31  Omair Majid  <omajid at redhat.com>
+
+	* netx/net/sourceforge/jnlp/resources/Messages.properties
+	(ALACAMissingMainTitle, ALACAMissingInfo ALACAMatchingMainTitle)
+	(ALACAMatchingInfo): Rephrase strings and replace full links with page
+	names.
+	* netx/net/sourceforge/jnlp/util/UrlUtils.java (setOfUrlsToHtmlList):
+	Enclose list in 'ul' element.
+
+2013-03-31  Jiri Vanek  <jvanek at redhat.com>
+
+	Allowed wrong match of the aaaexample.com by *.example.com expression as in
+	specification.
+	* netx/net/sourceforge/jnlp/util/ClasspathMatcher.java: uncommented  handling 
+	of dot in (domainToRegEx).
+	* tests/netx/unit/net/sourceforge/jnlp/util/ClasspathMatcherTest.java:
+	(matchTest) uncommented and added tests of/for dot issue.
+
 2013-03-31  Jiri Vanek  <jvanek at redhat.com>
             Alexandr Kolouch  <skolnag at gmail.com>
 
diff -r ee80e215928e -r dc0a77856cb4 netx/net/sourceforge/jnlp/resources/Messages.properties
--- a/netx/net/sourceforge/jnlp/resources/Messages.properties	Mon Mar 31 16:54:52 2014 +0200
+++ b/netx/net/sourceforge/jnlp/resources/Messages.properties	Mon Mar 31 13:27:48 2014 -0400
@@ -52,32 +52,33 @@
 
 # missing permissions dialogue
 MissingPermissionsMainTitle=Application <span color='red'> {0} </span> \
-form codebase <span color='red'> {1} </span> is missing the permissions attribute. \
+from <span color='red'> {1} </span> is missing the permissions attribute. \
 Applications without this attribute should not be trusted. Do you wish to allow this application to run?
 MissingPermissionsInfo=For more information you can visit:<br/>\
 <a href="http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#permissions"> \
-http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#permissions</a> <br/> \
+JAR File Manifest Attributes</a> <br/> \
 and<br/> <a href="http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/no_redeploy.html"> \
-http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/no_redeploy.html</a>
+Preventing the repurposing of Applications</a>
 
 # missing Application-Library-Allowable-Codebase dialogue
-ALACAMissingMainTitle=Application <span color='red'> {0} </span> \
-form codebase <span color='red'> {1} </span> is missing the  Application-Library-Allowable-Codebase attribute. \
-This application uses resources from the following remote locations:<br/> {2} Are you sure you want to run this application?
-ALACAMissingInfo=For more information you can visit:<br/>\
+ALACAMissingMainTitle=The application <span color='red'> {0} </span> \
+from <span color='red'> {1} </span> uses resources from the following remote locations: \
+{2} \
+Are you sure you want to run this application?
+ALACAMissingInfo=For more information see:<br/>\
 <a href="http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#app_library"> \
-http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#app_library</a> <br/> \
+JAR File Manifest Attributes</a> <br/> \
 and<br/> <a href="http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/no_redeploy.html"> \
-http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/no_redeploy.html</a>
+Preventing the Repurposing of an Application</a>
 # matching Application-Library-Allowable-Codebase dialogue
-ALACAMatchingMainTitle=Application <span color='red'> {0} </span> \
-form codebase <span color='red'> {1} </span> is requiring valid resources from different locations:<br/>{2} <br/> \
-Those resources are expected to be loaded. Do you agree to run this application?
+ALACAMatchingMainTitle=The application <span color='red'> {0} </span> \
+from <span color='red'> {1} </span> uses resources from the following remote locations:<br/>{2} <br/> \
+Are you sure you want to run this application?
 ALACAMatchingInfo=For more information you can visit:<br/>\
 <a href="http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#app_library"> \
-http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#app_library</a> <br/> \
+JAR File Manifest Attributes</a> <br/> \
 and<br/> <a href="http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/no_redeploy.html"> \
-http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/no_redeploy.html</a>
+Preventing the Repurposing of an Application</a>
 
 # LS - Severity
 LSMinor=Minor
diff -r ee80e215928e -r dc0a77856cb4 netx/net/sourceforge/jnlp/util/ClasspathMatcher.java
--- a/netx/net/sourceforge/jnlp/util/ClasspathMatcher.java	Mon Mar 31 16:54:52 2014 +0200
+++ b/netx/net/sourceforge/jnlp/util/ClasspathMatcher.java	Mon Mar 31 13:27:48 2014 -0400
@@ -146,10 +146,11 @@
         }
 
         private static Pattern domainToRegEx(String domain) {
-            // I have conisdered the "dot" as bug i specification
-            // while (domain.startsWith("*.")) {
-            //    domain = "*" + domain.substring(2);
-            //}
+            // Although I have conisdered the "dot" as bug in specification, 
+            // to many applications are depnding on it
+            while (domain.startsWith("*.")) {
+                domain = "*" + domain.substring(2);
+            }
             return ClasspathMatcher.sourceToRegEx(domain);
         }
     }
diff -r ee80e215928e -r dc0a77856cb4 netx/net/sourceforge/jnlp/util/UrlUtils.java
--- a/netx/net/sourceforge/jnlp/util/UrlUtils.java	Mon Mar 31 16:54:52 2014 +0200
+++ b/netx/net/sourceforge/jnlp/util/UrlUtils.java	Mon Mar 31 13:27:48 2014 -0400
@@ -195,9 +195,11 @@
      */
     public static String setOfUrlsToHtmlList(Iterable<URL> remoteUrls) {
         StringBuilder sb = new StringBuilder();
+        sb.append("<ul>");
         for (URL url : remoteUrls) {
             sb.append("<li>").append(url.toExternalForm()).append("</li>");
         }
+        sb.append("</ul>");
         return sb.toString();
     }
 
diff -r ee80e215928e -r dc0a77856cb4 tests/netx/unit/net/sourceforge/jnlp/util/ClasspathMatcherTest.java
--- a/tests/netx/unit/net/sourceforge/jnlp/util/ClasspathMatcherTest.java	Mon Mar 31 16:54:52 2014 +0200
+++ b/tests/netx/unit/net/sourceforge/jnlp/util/ClasspathMatcherTest.java	Mon Mar 31 13:27:48 2014 -0400
@@ -422,9 +422,13 @@
         Assert.assertTrue(p.match(urls[13]));
         Assert.assertTrue(p.match(urls[14]));
         //those represent the "dot" issue 
-        //Assert.assertTrue(p.match(urls[15]));
-        //Assert.assertTrue(p.match(urls[16]));
+        Assert.assertTrue(p.match(urls[15]));
+        Assert.assertTrue(p.match(urls[16]));
         Assert.assertFalse(p.match(urls[17]));
+        //reasons for alowing "dot" issue
+        Assert.assertTrue(p.match(new URL("http://www.example.com")));
+        Assert.assertTrue(p.match(new URL("http://example.com"))); //yah, this is really nasty
+        //still the DOT issue is an BUG
     }
 
     @Test

From bugzilla-daemon at icedtea.classpath.org  Mon Mar 31 17:54:29 2014
From: bugzilla-daemon at icedtea.classpath.org (bugzilla-daemon at icedtea.classpath.org)
Date: Mon, 31 Mar 2014 17:54:29 +0000
Subject: [Bug 900] Fatal: Application Error: Unknown Main-Class. Could not
	determine the main class for this application.
In-Reply-To: <bug-900-30@http.icedtea.classpath.org/bugzilla/>
References: <bug-900-30@http.icedtea.classpath.org/bugzilla/>
Message-ID: <bug-900-30-VzH2f0it9U@http.icedtea.classpath.org/bugzilla/>

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=900

Andrew Azores <aazores at redhat.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|REOPENED                    |RESOLVED
         Resolution|---                         |FIXED

--- Comment #10 from Andrew Azores <aazores at redhat.com> ---
Although both this problem and the original one in the report end with the same
exception and failure to launch, it seems to me that the cause is different.
Could you please open a new bug report and provide reproduction steps?

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140331/a1bab150/attachment.html>

From jvanek at redhat.com  Mon Mar 31 18:31:44 2014
From: jvanek at redhat.com (Jiri Vanek)
Date: Mon, 31 Mar 2014 20:31:44 +0200
Subject: [rfc][icedtea-web] restricting codebase matcher from aaaexample.com
	to example.com or whatever.example.com only
Message-ID: <5339B490.7030909@redhat.com>

As Omair sugested - the previous fix was to vague.

This is fixing it.
Now
*.example.com
is matching  example.com or whatever.example.com but not  aaaexample.com

This is doen for domain only. The paths are still eveluated as :
*.example.com
is matching   whatever.example.com but not example.com nor  aaaexample.com

Unittests attached.
Now I'm thinking that we are really doing correct thing. Also I think I did the correct patch :)


J.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: restrictingDotIssue.patch
Type: text/x-patch
Size: 3840 bytes
Desc: not available
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140331/148b5062/restrictingDotIssue.patch>

From omajid at redhat.com  Mon Mar 31 18:51:11 2014
From: omajid at redhat.com (Omair Majid)
Date: Mon, 31 Mar 2014 14:51:11 -0400
Subject: [rfc][icedtea-web] restricting codebase matcher from
	aaaexample.com to example.com or whatever.example.com only
In-Reply-To: <5339B490.7030909@redhat.com>
References: <5339B490.7030909@redhat.com>
Message-ID: <20140331185111.GA15901@redhat.com>

* Jiri Vanek <jvanek at redhat.com> [2014-03-31 14:31]:
> As Omair sugested - the previous fix was to vague.

Yes, I think the previous fix was too lenient. Almost a security hole.

> This is doen for domain only. The paths are still eveluated as :
> *.example.com
> is matching   whatever.example.com but not example.com nor  aaaexample.com

Any specific reason for this?

> +++ b/tests/netx/unit/net/sourceforge/jnlp/util/ClasspathMatcherTest.java	Mon Mar 31 20:30:45 2014 +0200

> +    @Test
> +    public void dotIssueWithPaths() throws MalformedURLException {

How about renaming it to something more explanatory? I am thinking of
something like wildCardSubdomainDoesNotMatchParentDomainPaths.

Thanks,
Omair

-- 
PGP Key: 66484681 (http://pgp.mit.edu/)
Fingerprint = F072 555B 0A17 3957 4E95  0056 F286 F14F 6648 4681

From jvanek at redhat.com  Mon Mar 31 19:10:03 2014
From: jvanek at redhat.com (Jiri Vanek)
Date: Mon, 31 Mar 2014 21:10:03 +0200
Subject: [rfc][icedtea-web] restricting codebase matcher from
	aaaexample.com to example.com or whatever.example.com only
In-Reply-To: <20140331185111.GA15901@redhat.com>
References: <5339B490.7030909@redhat.com> <20140331185111.GA15901@redhat.com>
Message-ID: <5339BD8B.3080206@redhat.com>

On 03/31/2014 08:51 PM, Omair Majid wrote:
> * Jiri Vanek <jvanek at redhat.com> [2014-03-31 14:31]:
>> As Omair sugested - the previous fix was to vague.
>
> Yes, I think the previous fix was too lenient. Almost a security hole.
>
>> This is doen for domain only. The paths are still eveluated as :
>> *.example.com
>> is matching   whatever.example.com but not example.com nor  aaaexample.com
>
> Any specific reason for this?

Yes. For doman it have sense to ignore dot, if there is nothing before jsut star.
On the other hand, the paths are not specified at all inspec (only there is nit, thet they are matched)

So I think for paths, the correct evaluationg of *.aaa mathces ONLY whatever.aaa and not jsut aaa is 
mroe correct. If you think it is wrong, I can adpt.
>
>> +++ b/tests/netx/unit/net/sourceforge/jnlp/util/ClasspathMatcherTest.java	Mon Mar 31 20:30:45 2014 +0200
>
>> +    @Test
>> +    public void dotIssueWithPaths() throws MalformedURLException {
>
> How about renaming it to something more explanatory? I am thinking of
> something like wildCardSubdomainDoesNotMatchParentDomainPaths.

I will do before push.

Pleasure on my side,

  J.

From gitne at gmx.de  Mon Mar 31 18:58:20 2014
From: gitne at gmx.de (Jacob Wisor)
Date: Mon, 31 Mar 2014 20:58:20 +0200
Subject: [rfc][icedtea-web] Translation of 1.5
In-Reply-To: <53306BD5.8040902@redhat.com>
References: <53306BD5.8040902@redhat.com>
Message-ID: <5339BACC.9060300@gmx.de>

Hello there!

On 03/24/2014 06:31 PM, Jiri Vanek wrote:
> Hi guys!
>
> Is there any progress/eta or whatever?
>
> If not, Then I will probably release 1.5 with missing lines, and hope for 1.5.1
> to bring the fix.
>
> Anyway for any case, I need some feedback to sync with you and rest of ITW.
>
> Thanx in advance,
>   All the best
>     J.

Phew, I have finally made it. 1.5.1 has seen a lot new messages, far more than I 
have initially expected. But here they are.

However, I was again occasionally grinding over the quite poor quality of many 
English sources. Therefore, I have made some tiny modifications to 
Messages.properties. The modifications are meant as proposals only and by far do 
not encompass all modification I would like to make.

As usual, localized messages are preceded by its original message as a comment 
for your convenience only while reviewing, and will be removed before committing.

Jacob
-------------- next part --------------
A non-text attachment was scrubbed...
Name: DE localization for IcedTea-Web 1.5.1.patch
Type: text/x-patch
Size: 43273 bytes
Desc: not available
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140331/9563e54e/DElocalizationforIcedTea-Web1.5.1-0001.patch>

From jvanek at redhat.com  Mon Mar 31 19:25:48 2014
From: jvanek at redhat.com (Jiri Vanek)
Date: Mon, 31 Mar 2014 21:25:48 +0200
Subject: [rfc][icedtea-web] Translation of 1.5
In-Reply-To: <5339BACC.9060300@gmx.de>
References: <53306BD5.8040902@redhat.com> <5339BACC.9060300@gmx.de>
Message-ID: <5339C13C.4040807@redhat.com>

On 03/31/2014 08:58 PM, Jacob Wisor wrote:
Hello and tahnk you very much!


Few nits:

-BOredirect  = Allow to follow 301, 302, 303, 307 and 308 redirections
+BOredirect  = Follows HTTP redirections.

There are even ore then those 4 redirections. The missing two are *not* follwoed. So I would ratehr 
keep the numbers eg in brackets att the end of string.


... -> Expunge ..

Expunge??? Isnt this error? :))


You yourself renamed it:
-CONSOLEClean=Clean all
+CONSOLEClean=Clear

Which I personally probably do not care, but et least it should be used instead of Expunge, or not?

> Phew, I have finally made it. 1.5.1 has seen a lot new messages, far more than I have initially
> expected. But here they are.
>
> However, I was again occasionally grinding over the quite poor quality of many English sources.
> Therefore, I have made some tiny modifications to Messages.properties. The modifications are meant
> as proposals only and by far do not encompass all modification I would like to make.
>
> As usual, localized messages are preceded by its original message as a comment for your convenience
> only while reviewing, and will be removed before committing.

hmhmh -

MissingPermissionsMainTitle
ALACAMatchingMainTitle
ALACAMissingMainTitle

Are missing. I think the  other  ALACA nd Permission strings are also missing - are you ging to fix 
those?


Also - how PL?

Deepest thanx,
   J.


whole test log:

Warning! Items equals for: AboutDialogueTabGPLv2 = GPLv2 but are in allowed subset
Warning! Items equals for: ButOk = OK but are in allowed subset
Warning! Items equals for: LSFatal = Fatal but are in allowed subset
Warning! Items equals for: COPcode = Code but are in allowed subset
Warning! Items equals for: CVSystem = System but are in allowed subset
Warning! Items equals for: COPinfo = Info but are in allowed subset
Warning! Items equals for: CVDetails = Details but are in allowed subset
Warning! Items equals for: PEOpenMenuItemMnemonic = 79 but are in allowed subset
Warning! Items equals for: PEExitMenuItemMnemonic = 88 but are in allowed subset
Warning! Items equals for: PESaveMenuItemMnemonic = 83 but are in allowed subset
Warning! Items equals for: APSLabelFTP = FTP but are in allowed subset
Warning! Items equals for: APPEXTSECguiPanelAppletInfoHederPart1 = {0} {1} but are in allowed subset
Warning! Items equals for: PEAddCodebaseMnemonic = 78 but are in allowed subset
Warning! Items equals for: APSLabelSocks = Socks but are in allowed subset
Warning! Items equals for: SPLASHurlLooks = http://icedtea.classpath.org/wiki/IcedTea-Web but are in 
allowed subset
Warning! Items equals for: COPjava = Java but are in allowed subset
Warning! Items equals for: SPLASHurl = http://icedtea.classpath.org/wiki/IcedTea-Web#Filing_bugs but 
are in allowed subset
Warning! Items equals for: Version = Version but are in allowed subset
Warning! Items equals for: SPLASHhomepage = Homepage but are in allowed subset
Warning! Items equals for: CVCPColName = Name but are in allowed subset
Warning! Items equals for: BAboutITW = The IcedTea-Web project provides a Free Software web browser 
plugin running applets written in the Java programming language and an implementation of Java Web 
Start, originally based on the NetX project. Visit the IcedTea-Web homepage: 
http://icedtea.classpath.org/wiki/IcedTea-Web . Use "man javaws" or "javaws -help" for more 
information. but are in allowed subset
Warning! Items equals for: COPitw = IcedTea-Web but are in allowed subset
Warning! Items equals for: APSLabelHTTP = HTTP but are in allowed subset
Warning! Items equals for: Name = Name but are in allowed subset
Error! Items equals for: MissingPermissionsMainTitle = Application <span color='red'> {0} </span> 
from <span color='red'> {1} </span> is missing the permissions attribute. Applications without this 
attribute should not be trusted. Do you wish to allow this application to run?
Warning! Items equals for: MissingPermissionsInfo = For more information you can visit:<br/><a 
href="http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#permissions"> JAR 
File Manifest Attributes</a> <br/> and<br/> <a 
href="http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/no_redeploy.html"> 
Preventing the repurposing of Applications</a> but are in allowed subset
Warning! Items equals for: ALACAMissingInfo = For more information see:<br/><a 
href="http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#app_library"> JAR 
File Manifest Attributes</a> <br/> and<br/> <a 
href="http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/no_redeploy.html"> 
Preventing the Repurposing of an Application</a> but are in allowed subset
Error! Items equals for: ALACAMatchingMainTitle = The application <span color='red'> {0} </span> 
from <span color='red'> {1} </span> uses resources from the following remote locations:<br/>{2} 
<br/> Are you sure you want to run this application?
Warning! Items equals for: ALACAMatchingInfo = For more information you can visit:<br/><a 
href="http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#app_library"> JAR 
File Manifest Attributes</a> <br/> and<br/> <a 
href="http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/no_redeploy.html"> 
Preventing the Repurposing of an Application</a> but are in allowed subset
Error! Items equals for: ALACAMissingMainTitle = The application <span color='red'> {0} </span> from 
<span color='red'> {1} </span> uses resources from the following remote locations: {2} Are you sure 
you want to run this application?



Feel free to elaborate as you wish.

From omajid at redhat.com  Mon Mar 31 19:29:46 2014
From: omajid at redhat.com (Omair Majid)
Date: Mon, 31 Mar 2014 15:29:46 -0400
Subject: [rfc][icedtea-web] u51 classpath manifest entry implementation
In-Reply-To: <52F27F34.1010007@redhat.com>
References: <52F27F34.1010007@redhat.com>
Message-ID: <20140331192945.GB15901@redhat.com>

* Jiri Vanek <jvanek at redhat.com> [2014-02-05 13:16]:
> So here is first impelmentation of more complex D-I-D manifest attributes:
> http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/manifest.html
> 
> the codebase
> 
> http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/manifest.html#codebase
> 
> The classapth matcher is quite complex, as its going to be reused in
> Application-Library-Allowable-Codebase and Caller-Allowable-Codebase Attribute

> +        if (s.startsWith("*") && s.endsWith("*")) {
> +            return "^.*\\Q" + s.substring(1, s.length() - 1) + "\\E.*$";
> +        } else if (s.endsWith("*")) {
> +            return "^\\Q" + s.substring(0, s.length() - 1) + "\\E.*$";
> +
> +        } else if (s.startsWith("*")) {
> +            return "^.*\\Q" + s.substring(1) + "\\E$";
> +
> +        } else {
> +            return "^\\Q" + s + "\\E$";
> +        }

Sorry for spotting this so late, but I think creating regular
expressions by string concatenation without sanitizing the input string
is a bad idea. Just like SQL-injection, this allows users to craft
special strings that contain \Q and \E to bypass/workaround our checks
and restrictions.

Please use Pattern.quote [1].

Thanks,
Omair

[1] http://docs.oracle.com/javase/6/docs/api/java/util/regex/Pattern.html#quote(java.lang.String)

-- 
PGP Key: 66484681 (http://pgp.mit.edu/)
Fingerprint = F072 555B 0A17 3957 4E95  0056 F286 F14F 6648 4681

From jvanek at redhat.com  Mon Mar 31 19:45:47 2014
From: jvanek at redhat.com (Jiri Vanek)
Date: Mon, 31 Mar 2014 21:45:47 +0200
Subject: [rfc][icedtea-web] u51 classpath manifest entry implementation
In-Reply-To: <20140331192945.GB15901@redhat.com>
References: <52F27F34.1010007@redhat.com> <20140331192945.GB15901@redhat.com>
Message-ID: <5339C5EB.70708@redhat.com>

On 03/31/2014 09:29 PM, Omair Majid wrote:
> * Jiri Vanek <jvanek at redhat.com> [2014-02-05 13:16]:
>> So here is first impelmentation of more complex D-I-D manifest attributes:
>> http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/manifest.html
>>
>> the codebase
>>
>> http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/manifest.html#codebase
>>
>> The classapth matcher is quite complex, as its going to be reused in
>> Application-Library-Allowable-Codebase and Caller-Allowable-Codebase Attribute
>
>> +        if (s.startsWith("*") && s.endsWith("*")) {
>> +            return "^.*\\Q" + s.substring(1, s.length() - 1) + "\\E.*$";
>> +        } else if (s.endsWith("*")) {
>> +            return "^\\Q" + s.substring(0, s.length() - 1) + "\\E.*$";
>> +
>> +        } else if (s.startsWith("*")) {
>> +            return "^.*\\Q" + s.substring(1) + "\\E$";
>> +
>> +        } else {
>> +            return "^\\Q" + s + "\\E$";
>> +        }
>
> Sorry for spotting this so late, but I think creating regular
> expressions by string concatenation without sanitizing the input string
> is a bad idea. Just like SQL-injection, this allows users to craft
> special strings that contain \Q and \E to bypass/workaround our checks
> and restrictions.

Nice catch!

like this?
(as atatched)

Thanx!
>
> Please use Pattern.quote [1].
>
> Thanks,
> Omair
>
> [1] http://docs.oracle.com/javase/6/docs/api/java/util/regex/Pattern.html#quote(java.lang.String)
>

-------------- next part --------------
diff -r dc0a77856cb4 netx/net/sourceforge/jnlp/util/ClasspathMatcher.java
--- a/netx/net/sourceforge/jnlp/util/ClasspathMatcher.java	Mon Mar 31 13:27:48 2014 -0400
+++ b/netx/net/sourceforge/jnlp/util/ClasspathMatcher.java	Mon Mar 31 21:44:30 2014 +0200
@@ -318,22 +318,20 @@
         }
         /*
          * coment for lazybones:
-         * \Q is start of citation
-         * \E is end of citation
-         *  - all characters in citation are threated as are without any special meaning
+         *  Pattern.quote - all characters in citation are threated as are without any special meaning
          * ^ is start of th e line
          * $ is end of the line
          */
         if (s.startsWith("*") && s.endsWith("*")) {
-            return "^.*\\Q" + s.substring(1, s.length() - 1) + "\\E.*$";
+            return "^.*" + Pattern.quote(s.substring(1, s.length() - 1)) + ".*$";
         } else if (s.endsWith("*")) {
-            return "^\\Q" + s.substring(0, s.length() - 1) + "\\E.*$";
+            return "^" + Pattern.quote(s.substring(0, s.length() - 1)) + ".*$";
 
         } else if (s.startsWith("*")) {
-            return "^.*\\Q" + s.substring(1) + "\\E$";
+            return "^.*" + Pattern.quote(s.substring(1)) + "$";
 
         } else {
-            return "^\\Q" + s + "\\E$";
+            return "^" + Pattern.quote(s) + "$";
         }
     }
 

From aazores at redhat.com  Mon Mar 31 20:10:52 2014
From: aazores at redhat.com (Andrew Azores)
Date: Mon, 31 Mar 2014 16:10:52 -0400
Subject: [rfc][icedtea-web] Permissions manifest attribute fix
In-Reply-To: <5339A5AC.1070004@redhat.com>
References: <5339A5AC.1070004@redhat.com>
Message-ID: <5339CBCC.4000508@redhat.com>

On 03/31/2014 01:28 PM, Andrew Azores wrote:
> Hi,
>
> The spec for this attribute is at [0]. Any reviewer, please double 
> check the spec to be sure I've correctly interpreted it, and not just 
> implemented something else.
>
> [1] and [2] can be used as test cases for this fix. The Permissions 
> manifest attribute had a bug due to the inability to distinguish 
> between a signed applet being granted All-permission because it 
> specified it in the HTML params, and a signed applet being granted 
> All-permission because it did not specify a permission level and 
> All-permission is the default in this case. This bug led to signed 
> applets being unable to properly request for themselves to be run 
> sandboxed.
>
> This patch fixes it so that the applets may be run, however, there is 
> a deficiency in that we are not actually able to sandbox the applet. 
> This is because we are doing our manifest checks after all of our 
> resources have been loaded and assigned SecurityDescs. In order to run 
> an applet sandboxed, the SecurityDelegate#setRunInSandbox call must be 
> performed before any of these security descriptors are assigned. This 
> is not currently possible. However, we do at least have the Run In 
> Sandbox button which can be used before the manifest checks are 
> performed, which will then allow the applet to be run sandboxed at the 
> user's discretion.
>
> [0] 
> http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#permissions
> [1] 
> http://docs.oracle.com/javase/tutorial/deployment/applet/deployingApplet.html
> [2] 
> http://docs.oracle.com/javase/tutorial/deployment/deploymentInDepth/examples/dist/depltoolkit_Java2Demo/DeployUsingJNLP.html
>
> Thanks,
>

Small refactor. Rather than the new RequestedPermissionLevel being 
available from SecurityDesc and PluginBridge only, it's also available 
from JNLPFile. PluginBridge, being a JNLPFile subclass, then overrides 
the method and provides the correct implementation for HTML applets. 
This just makes things more coherent IMO.

Thanks,

-- 
Andrew A

-------------- next part --------------
A non-text attachment was scrubbed...
Name: permissions-attr-check-2.patch
Type: text/x-patch
Size: 15378 bytes
Desc: not available
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140331/73a2aafe/permissions-attr-check-2-0001.patch>

From omajid at redhat.com  Mon Mar 31 20:18:15 2014
From: omajid at redhat.com (Omair Majid)
Date: Mon, 31 Mar 2014 16:18:15 -0400
Subject: [rfc][icedtea-web] u51 classpath manifest entry implementation
In-Reply-To: <5339C5EB.70708@redhat.com>
References: <52F27F34.1010007@redhat.com> <20140331192945.GB15901@redhat.com>
	<5339C5EB.70708@redhat.com>
Message-ID: <20140331201815.GC15901@redhat.com>

* Jiri Vanek <jvanek at redhat.com> [2014-03-31 15:45]:
> On 03/31/2014 09:29 PM, Omair Majid wrote:
> >Sorry for spotting this so late, but I think creating regular
> >expressions by string concatenation without sanitizing the input string
> >is a bad idea. Just like SQL-injection, this allows users to craft
> >special strings that contain \Q and \E to bypass/workaround our checks
> >and restrictions.
> 
> like this? (as atatched)

Yes, this looks much better. Thanks for the quick fix.

> diff -r dc0a77856cb4 netx/net/sourceforge/jnlp/util/ClasspathMatcher.java
> --- a/netx/net/sourceforge/jnlp/util/ClasspathMatcher.java	Mon Mar 31 13:27:48 2014 -0400
> +++ b/netx/net/sourceforge/jnlp/util/ClasspathMatcher.java	Mon Mar 31 21:44:30 2014 +0200
> @@ -318,22 +318,20 @@
>          }
>          /*
>           * coment for lazybones:
> -         * \Q is start of citation
> -         * \E is end of citation
> -         *  - all characters in citation are threated as are without any special meaning
> +         *  Pattern.quote - all characters in citation are threated as are without any special meaning

s/threat/treat/

>           * ^ is start of th e line
>           * $ is end of the line
>           */

\Q and \E are uncommon enough that adding a comment to clarify that was
probably okay. But now this comment really doesn't do much. I recommend
removing it.

Looks good otherwise.

Thanks,
Omair

-- 
PGP Key: 66484681 (http://pgp.mit.edu/)
Fingerprint = F072 555B 0A17 3957 4E95  0056 F286 F14F 6648 4681

From aazores at redhat.com  Mon Mar 31 20:35:17 2014
From: aazores at redhat.com (Andrew Azores)
Date: Mon, 31 Mar 2014 16:35:17 -0400
Subject: [rfc][icedtea-web] Permissions manifest attribute fix
In-Reply-To: <5339CBCC.4000508@redhat.com>
References: <5339A5AC.1070004@redhat.com> <5339CBCC.4000508@redhat.com>
Message-ID: <5339D185.5080905@redhat.com>

On 03/31/2014 04:10 PM, Andrew Azores wrote:
> On 03/31/2014 01:28 PM, Andrew Azores wrote:
>> Hi,
>>
>> The spec for this attribute is at [0]. Any reviewer, please double 
>> check the spec to be sure I've correctly interpreted it, and not just 
>> implemented something else.
>>
>> [1] and [2] can be used as test cases for this fix. The Permissions 
>> manifest attribute had a bug due to the inability to distinguish 
>> between a signed applet being granted All-permission because it 
>> specified it in the HTML params, and a signed applet being granted 
>> All-permission because it did not specify a permission level and 
>> All-permission is the default in this case. This bug led to signed 
>> applets being unable to properly request for themselves to be run 
>> sandboxed.
>>
>> This patch fixes it so that the applets may be run, however, there is 
>> a deficiency in that we are not actually able to sandbox the applet. 
>> This is because we are doing our manifest checks after all of our 
>> resources have been loaded and assigned SecurityDescs. In order to 
>> run an applet sandboxed, the SecurityDelegate#setRunInSandbox call 
>> must be performed before any of these security descriptors are 
>> assigned. This is not currently possible. However, we do at least 
>> have the Run In Sandbox button which can be used before the manifest 
>> checks are performed, which will then allow the applet to be run 
>> sandboxed at the user's discretion.
>>
>> [0] 
>> http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#permissions
>> [1] 
>> http://docs.oracle.com/javase/tutorial/deployment/applet/deployingApplet.html
>> [2] 
>> http://docs.oracle.com/javase/tutorial/deployment/deploymentInDepth/examples/dist/depltoolkit_Java2Demo/DeployUsingJNLP.html
>>
>> Thanks,
>>
>
> Small refactor. Rather than the new RequestedPermissionLevel being 
> available from SecurityDesc and PluginBridge only, it's also available 
> from JNLPFile. PluginBridge, being a JNLPFile subclass, then overrides 
> the method and provides the correct implementation for HTML applets. 
> This just makes things more coherent IMO.
>
> Thanks,
>

And another, as discussed with Omair on IRC. Just extracted the common 
checks for HTML and JNLP into a new method and call this method once, 
before the split check for HTML/JNLP divergence. So long as the spec 
doesn't diverge the two any further, then this should be okay. Also 
remove an unnecessary typecast (made unnecessary in the last refactor 
due to new method and override, but forgot to fix).

Thanks,

-- 
Andrew A

-------------- next part --------------
A non-text attachment was scrubbed...
Name: permissions-attr-check-3.patch
Type: text/x-patch
Size: 14899 bytes
Desc: not available
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140331/1cc162bc/permissions-attr-check-3.patch>

From gitne at gmx.de  Mon Mar 31 20:33:50 2014
From: gitne at gmx.de (Jacob Wisor)
Date: Mon, 31 Mar 2014 22:33:50 +0200
Subject: [rfc][icedtea-web] Translation of 1.5
In-Reply-To: <5339C13C.4040807@redhat.com>
References: <53306BD5.8040902@redhat.com> <5339BACC.9060300@gmx.de>
	<5339C13C.4040807@redhat.com>
Message-ID: <5339D12E.6060900@gmx.de>

On 03/31/2014 09:25 PM, Jiri Vanek wrote:
> On 03/31/2014 08:58 PM, Jacob Wisor wrote:
> Hello and thank you very much!
>
>
> Few nits:
>
> -BOredirect  = Allow to follow 301, 302, 303, 307 and 308 redirections
> +BOredirect  = Follows HTTP redirects.
>
> There are even ore then those 4 redirections. The missing two are *not*
> follwoed. So I would ratehr keep the numbers eg in brackets att the end of string.

No. Remember KISS? Those HTTP response codes are a piece of information for the 
documentation (not the UI). If anyone really needs to know the exact codes 
affected by this switch, this is where they should/would look.

>
> ... -> Expunge ..
>
> Expunge??? Isnt this error? :))

Does it sound too radical? :-D Well, "Purge" would be another suitable term. In 
any case, "Clear all cache" sounds simply ..., lets say somehow awkward. So, 
this should better be adapted.
Oh regardless of the final text; there should really be a message box popping up 
and asking the user to affirm this action, to prevent any accidental hitting of 
the button. ;-)

> You yourself renamed it:
> -CONSOLEClean=Clean all
> +CONSOLEClean=Clear
>
> Which I personally probably do not care, but et least it should be used instead
> of Expunge, or not?

Yeah, we could stick to "Clear" everywhere where applicable. This would make the 
language more streamlined.

>> Phew, I have finally made it. 1.5.1 has seen a lot new messages, far more than
>> I have initially
>> expected. But here they are.
>>
>> However, I was again occasionally grinding over the quite poor quality of many
>> English sources.
>> Therefore, I have made some tiny modifications to Messages.properties. The
>> modifications are meant
>> as proposals only and by far do not encompass all modification I would like to
>> make.
>>
>> As usual, localized messages are preceded by its original message as a comment
>> for your convenience
>> only while reviewing, and will be removed before committing.
>
> hmhmh -
>
> MissingPermissionsMainTitle
> ALACAMatchingMainTitle
> ALACAMissingMainTitle
>
> Are missing. I think the  other  ALACA nd Permission strings are also missing -
> are you ging to fix those?

I have left those out on purpose because I was not sure whether these would 
change before release or not, or maybe even after release.

> Also - how PL?

I have made it through partially so far. So, as you can see, quite a lot of 
stuff has accumulated since the last release, so it won't be before some time.

>
>
> whole test log:
>
> Warning! Items equals for: AboutDialogueTabGPLv2 = GPLv2 but are in allowed subset
> Warning! Items equals for: ButOk = OK but are in allowed subset
> Warning! Items equals for: LSFatal = Fatal but are in allowed subset
> Warning! Items equals for: COPcode = Code but are in allowed subset
> Warning! Items equals for: CVSystem = System but are in allowed subset
> Warning! Items equals for: COPinfo = Info but are in allowed subset
> Warning! Items equals for: CVDetails = Details but are in allowed subset
> Warning! Items equals for: PEOpenMenuItemMnemonic = 79 but are in allowed subset
> Warning! Items equals for: PEExitMenuItemMnemonic = 88 but are in allowed subset
> Warning! Items equals for: PESaveMenuItemMnemonic = 83 but are in allowed subset
> Warning! Items equals for: APSLabelFTP = FTP but are in allowed subset
> Warning! Items equals for: APPEXTSECguiPanelAppletInfoHederPart1 = {0} {1} but
> are in allowed subset
> Warning! Items equals for: PEAddCodebaseMnemonic = 78 but are in allowed subset
> Warning! Items equals for: APSLabelSocks = Socks but are in allowed subset
> Warning! Items equals for: SPLASHurlLooks =
> http://icedtea.classpath.org/wiki/IcedTea-Web but are in allowed subset
> Warning! Items equals for: COPjava = Java but are in allowed subset
> Warning! Items equals for: SPLASHurl =
> http://icedtea.classpath.org/wiki/IcedTea-Web#Filing_bugs but are in allowed subset
> Warning! Items equals for: Version = Version but are in allowed subset
> Warning! Items equals for: SPLASHhomepage = Homepage but are in allowed subset
> Warning! Items equals for: CVCPColName = Name but are in allowed subset

Many of these seem to occur twice. Yes, even in the sources??? :-o

> Warning! Items equals for: BAboutITW = The IcedTea-Web project provides a Free
> Software web browser plugin running applets written in the Java programming
> language and an implementation of Java Web Start, originally based on the NetX
> project. Visit the IcedTea-Web homepage:
> http://icedtea.classpath.org/wiki/IcedTea-Web . Use "man javaws" or "javaws
> -help" for more information. but are in allowed subset

Yeah, I have realized that I had missed this one just after hitting the send 
button on my last e-mail.

> Warning! Items equals for: COPitw = IcedTea-Web but are in allowed subset
> Warning! Items equals for: APSLabelHTTP = HTTP but are in allowed subset
> Warning! Items equals for: Name = Name but are in allowed subset
> Error! Items equals for: MissingPermissionsMainTitle = Application <span
> color='red'> {0} </span> from <span color='red'> {1} </span> is missing the
> permissions attribute. Applications without this attribute should not be
> trusted. Do you wish to allow this application to run?
> Warning! Items equals for: MissingPermissionsInfo = For more information you can
> visit:<br/><a
> href="http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#permissions">
> JAR File Manifest Attributes</a> <br/> and<br/> <a
> href="http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/no_redeploy.html">
> Preventing the repurposing of Applications</a> but are in allowed subset
> Warning! Items equals for: ALACAMissingInfo = For more information see:<br/><a
> href="http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#app_library">
> JAR File Manifest Attributes</a> <br/> and<br/> <a
> href="http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/no_redeploy.html">
> Preventing the Repurposing of an Application</a> but are in allowed subset
> Error! Items equals for: ALACAMatchingMainTitle = The application <span
> color='red'> {0} </span> from <span color='red'> {1} </span> uses resources from
> the following remote locations:<br/>{2} <br/> Are you sure you want to run this
> application?
> Warning! Items equals for: ALACAMatchingInfo = For more information you can
> visit:<br/><a
> href="http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#app_library">
> JAR File Manifest Attributes</a> <br/> and<br/> <a
> href="http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/no_redeploy.html">
> Preventing the Repurposing of an Application</a> but are in allowed subset
> Error! Items equals for: ALACAMissingMainTitle = The application <span
> color='red'> {0} </span> from <span color='red'> {1} </span> uses resources from
> the following remote locations: {2} Are you sure you want to run this application?

These seem to have been added just recently. Well, at least after I started 
localizing.

So, back to work! :-D

Jacob

From omajid at redhat.com  Mon Mar 31 21:30:16 2014
From: omajid at redhat.com (Omair Majid)
Date: Mon, 31 Mar 2014 17:30:16 -0400
Subject: [rfc][icedtea-web] Permissions manifest attribute fix
In-Reply-To: <5339D185.5080905@redhat.com>
References: <5339A5AC.1070004@redhat.com> <5339CBCC.4000508@redhat.com>
	<5339D185.5080905@redhat.com>
Message-ID: <20140331213014.GD15901@redhat.com>

* Andrew Azores <aazores at redhat.com> [2014-03-31 16:35]:
> On 03/31/2014 04:10 PM, Andrew Azores wrote:
> >On 03/31/2014 01:28 PM, Andrew Azores wrote:
> >Small refactor. Rather than the new RequestedPermissionLevel being
> >available from SecurityDesc and PluginBridge only, it's also
> >available from JNLPFile. PluginBridge, being a JNLPFile subclass,
> >then overrides the method and provides the correct implementation
> >for HTML applets. This just makes things more coherent IMO.
> >
> >Thanks,
> >
> 
> And another, as discussed with Omair on IRC. Just extracted the
> common checks for HTML and JNLP into a new method and call this
> method once, before the split check for HTML/JNLP divergence. So
> long as the spec doesn't diverge the two any further, then this
> should be okay. Also remove an unnecessary typecast (made
> unnecessary in the last refactor due to new method and override, but
> forgot to fix).

I am far from an expert on this code, so please take this 'review' with
a grain of salt.

Also, I am a little hesitant about such (potentially) invasive code
going in at the last minute.

> +++ b/netx/net/sourceforge/jnlp/runtime/ManifestAttributesChecker.java

> +        final RequestedPermissionLevel requested = file.getRequestedPermissionLevel();
> +        validateRequestedPermissionLevelMatchesManifestPermissions(requested, permissions);
> +        if (file instanceof PluginBridge) { // HTML applet
> +            if (requested == RequestedPermissionLevel.NONE) {
> +                if (permissions == ManifestBoolean.TRUE && signing != SigningState.NONE) {
> +                    // http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#permissions
> +                    // FIXME: attempting to follow the spec, but it is too late now to actually set the applet
> +                    // to run in sandbox, so the applet will not be run at all, rather than run sandboxed!
> +                    //securityDelegate.setRunInSandbox();

I read this comment a few times and I couldn't figure out (without
asking you) how it relates to the current state.

The "applet will not be run at all" bit completely threw me off. I read
this comment as: we can not set the sandbox state now (for some reason)
so by leaving this commented out, the applet will not run at all. Can
you clarify that not calling sandbox will let it run without any issues?

> +            if (requested == RequestedPermissionLevel.NONE) {
> +                if (permissions == ManifestBoolean.TRUE && signing != SigningState.NONE) {

Maybe call this variable `sandbox` rather than `permissions` to clarify
that TRUE means sandbox?

Thanks,
Omair

-- 
PGP Key: 66484681 (http://pgp.mit.edu/)
Fingerprint = F072 555B 0A17 3957 4E95  0056 F286 F14F 6648 4681