git.osdn.net Git - android-x86/libcore.git/log

Better detail messages for System.loadLibrary UnsatisfiedLinkErrors.

This has a companion change in dalvik:
https://android-git.corp.google.com/g/71344

Bug: 3044042
Change-Id: Ia665ee59adf1ae1dbb45ba95988355839f4b0f23

Merge "Fix File.getCanonicalizePath to resolve symbolic links." into gingerbread

Fix File.getCanonicalizePath to resolve symbolic links.

This requires fixing a few tests that don't cope with the fact that
all our temporary files are created on /sdcard, which is a symbolic
link to /mnt/sdcard, meaning that the canonical path of any temporary
file is different from the file's absolute path.

Bug: 3047893
Change-Id: I02245a290b6d2962fb1dd4d2faba30d9aa7168e0

Merge "CA certificate update" into gingerbread

Add expectations for DecimalFormat test failures.

Change-Id: Iee4dffb4f3dded37866f35f0100d905553b9b3ca

Merge "Fix problems with OldSimpleDateFormatTest.java." into gingerbread

Fix problems with OldSimpleDateFormatTest.java.

This changes the single 'y' documentation to point out our behavior.
http://b/2788874

It also isolates two other failures for week-in-year and timezone
formatting.
http://b/1613709 Minimal days in first week is broken
http://b/3049014 Custom SimpleTimeZones not honored by SimpleDateFormat

Change-Id: Ic632bf70076fe0dfd376317379dc363269d5b2df

Fix IP_MULTICAST_IF getsockopt.

Also clean out test cruft so we can run on the RI, and remove
SecurityManager cruft so we can run more tests. Our failures
now match the RI's (but I'm not planning on fixing the tests
right now, nor have I checked the upstream tests).

Bug: 3045865
Change-Id: I326fff9753faa88eacb20a04ffd2f2e84e76259a

CA certificate update

Added    SHA1      : B5:1C:06:7C:EE:2B:0C:3D:F8:55:AB:2D:92:F4:FE:39:D4:E7:0F:0E
         Subject   : C=US, ST=Arizona, L=Scottsdale, O=Starfield Technologies, Inc., CN=Starfield Root Certificate Authority - G2

Added    SHA1      : 92:5A:8F:8D:2C:6D:04:E0:66:5F:59:6A:FF:22:D8:63:E8:25:6F:3F
         Subject   : C=US, ST=Arizona, L=Scottsdale, O=Starfield Technologies, Inc., CN=Starfield Services Root Certificate Authority - G2

Bug: 2994278
Change-Id: I29ab0219a8d5ba04b6812330516a781b9e25a929

Merge "Support creating unbound server sockets in DefaultServerSocketFactory." into gingerbread

Support creating unbound server sockets in DefaultServerSocketFactory.

Change-Id: I34106bb55ad99a134b4aae4e24e61b59c0aaa967
http://b/2587385

Merge "Scrub missing calls to super.finalize()" into gingerbread

Scrub missing calls to super.finalize()

Bug: 3024226
Change-Id: I6642cb9d4929ba72244529efe4ebdfa595ae4fa7

Merge "Tests for ServerSocketFactory.getDefault()." into gingerbread

Tests for ServerSocketFactory.getDefault().

Motivated by http://b/2587385

Change-Id: If30898859f869c88342d1069a2425575752ebf6e

Merge "Fix a problem where URL.equals() was returning true when both hosts couldn't resolve." into gingerbread

Fix a problem where URL.equals() was returning true when both hosts couldn't resolve.

See http://b/3045007

Change-Id: I83f2a0d8888dd30aaf6099049ce8008487d4337d

Fix problems where knownfailures has drifted out of date from our suite.

http://b/3045163.

Change-Id: I9c9c6d4429f09d5f5cd92447de9a3c9d67294286

Remove java.net tests that are redundant with Harmony.

Change-Id: I01d6b3633a6de8a075982975d4cbf6c08e757490

Merge "Remove java.text tests duplicated from Harmony" into gingerbread

Merge "Add submitter's test for a publicly-reported SimpleTimeZone.clone bug I already fixed." into gingerbread

Add submitter's test for a publicly-reported SimpleTimeZone.clone bug I already fixed.

Bug: http://code.google.com/p/android/issues/detail?id=11542
Change-Id: Ic13e6083ec26e9d8725e94294f7cd69902e69dd8

Merge "CA certificate update" into gingerbread

Merge "Update expectations for tests failing only on the host." into gingerbread

Update expectations for tests failing only on the host.

Change-Id: Ieb30ef5b4607f7dfed0b873a10e3dcb31139141d

Remove java.text tests duplicated from Harmony

Change-Id: Ib20c8956be045158225d08327781a5e16ca08689

Improve DateFormat.parse's exception detail.

Bug: 3041734
Change-Id: I73e9d2aefecc5fe67415eb3a6586294f8dbbcb82

Somewhat perfunctory javadoc for the new Java 6 JDBC APIs.

I feel dirty.

Bug: 3038452
Change-Id: I7ecd24b09c4e37a5ad29de4c6ba50a6e151a1296

Don't wrap select(2) in TEMP_FAILURE_RETRY.

Luckily, since the caller has to cope with us saying "we're not connected yet,
try again", we can just go that route.

I've also added another plausible possible exception to one of the tests, seen
once when testing on a host dalvikvm.

Bug: 3022824
Change-Id: Ia155f86f9f7b9b0a54e58c55f668faaebcbda55e

Merge "Remove FormatterTest tests duplicated with Harmony." into gingerbread

Remove FormatterTest tests duplicated with Harmony.

Change-Id: I9c95aac22b9df7efff6595e94700a17cfc5d3d7b

Merge "Fix OpenSSLSessionImpl.getValueNames regression" into gingerbread

Attach bugs to failures in MathTest and StrictMathTest.

Change-Id: Ifd0cf35e6e3dee4fe512db962db5f44c6e614af4

Fix OpenSSLSessionImpl.getValueNames regression

In e32b21f14d52bac429a9c54fe031f9e92c911d64, the code was converted to
use Objects.equals. However, because of a typo, an autoboxed Boolean
was passed instead of an AccessControlContext. I reviewed the rest of
the original change to make sure there were no other instances of this
regression.

Also cleaned up the SSLSessionTest (fixing two broken tests
test_getLocalPrincipal and test_getPeerPrincipal) and fixed a
whitespace issue in AccessControlContext.

Change-Id: Icaee8a0c2f5f527bea7a80037fe3f99c509d9f42

Attach charset tests to their tracking bugs.

Change-Id: I598a6b34a662e528f9b03a41f419bf7e47755ce2

Merge "OpenSSLSocketImpl should not call NativeCrypto.SSL_set_client_CA_list with an empty array" into gingerbread

OpenSSLSocketImpl should not call NativeCrypto.SSL_set_client_CA_list with an empty array

Bug: 3034616
Change-Id: Ib39ebfa737910f0ebce5ac2ad87715579bd7aa3d

Merge "Rely on the test runner to ensure a pristine VM." into gingerbread

Rely on the test runner to ensure a pristine VM.

Change-Id: I6f5bfad6f861eb7b398ed7d86747d66cea4f2343
http://b/issue?id=2660429

Throw SocketTimeoutException rather than SocketException if connect times out.

Bug: 3032900
Change-Id: I5da70fc55f2366a504b2492f2bc7f2269a57ef14

Merge "Add expectations for some tests failing in Hudson." into gingerbread

Add expectations for some tests failing in Hudson.

Change-Id: Iee064e099a30d4ab6de7a80863df6b1485e23b38

Strip usage of the term 'localhost' from URLConnectionTest.

Change-Id: I8ea7923c3ea72728c7df64c13bdd6f94b91be121
http://b/3032912

Fix ArrayIndexOutOfBoundsExceptions in cert Cache on zero filled array input

The Harmony cert Cache has a long[] where each long is a combination
of a hash and an one-based index into another table containing the
cached values. The cache is searched with Arrays.binarySearch, which
should never find an actual hit, since even a hash hit will look like
a miss since the input hash doesn't contain the one-based index and
entries in the table do. However, this approach has the property that
both hits and misses give the same location in the array, which is
subsequently checked for a real hit/miss with a mask.

However, the hash of a byte array filled with zeroes was zero, which
is found by Arrays.binarySearch in unused slots. Unfortunately, the
code never expects a direct hit, so when it does uses -index-1 to find
the slot to check for hit/miss, it ends up with a negative number,
causing the ArrayIndexOutOfBoundsExceptions.

The solution is ensure that when the hash function returns zero to
simply treat it as a miss. It should not be true for any non-trival
legal input.

Bug: 2753594
Change-Id: I2ee282cc28f22a0ca26da311ae683edf548c67a6

Merge "Use JSON for expectations files." into gingerbread

Use JSON for expectations files.

This allows us to print the expectation description when a test
fails. I'll follow this up by wiring vogar to do very clever things
with the statuses of linked bugs.

Change-Id: Idc3048b5dafff864675e760a3bb0c8fea48bb807

Squashed commit of three reverts related to permissions of new files and directories:

Revert "Create new files with permissions 0666 instead of 0777"

This reverts commit 4ea56d66e19d1450960ba26f60ca61a6804a3ba7.

Revert "Fix random permissions being set for new files."

This reverts commit 787bd9e6c46da7e229db6450d94409d2c6da6c2b.

Revert "Remove restricted permissions in file and directory creation"

This reverts commit 9b211124283bfb808e902b91da4df3e291d9bb6c.

BUG: 3028408

NativeCrypto_EVP_PKEY_new_RSA native NULL pointer reference WITH_JNI_TRACE

Device would not boot when WITH_JNI_TRACE was enabled because
RSA_check_key was called with NULL arguments.

Change-Id: I766cc027bab3f05f6b4956120002c572a5791af3

CA certificate update

Added, updated, and remove CAs in cacerts directory with summary below.
Regenerated cacerts.bks

Added    SHA1      : FE:B8:C4:32:DC:F9:76:9A:CE:AE:3D:D8:90:8F:FD:28:86:65:64:7D
         Subject   : C=JP, O=SECOM Trust Systems CO.,LTD., OU=Security Communication EV RootCA1

Added    SHA1      : 25:01:90:19:CF:FB:D9:99:1C:B7:68:25:74:8D:94:5F:30:93:95:42
         Subject   : O=RSA Security Inc, OU=RSA Security 2048 V3

Added    SHA1      : DA:C9:02:4F:54:D8:F6:DF:94:93:5F:B1:73:26:38:CA:6A:D7:7C:13
         Subject   : O=Digital Signature Trust Co., CN=DST Root CA X3

Added    SHA1      : 60:D6:89:74:B5:C2:65:9E:8A:0F:C1:88:7C:88:D2:46:69:1B:18:2C
         Subject   : C=FR, ST=France, L=Paris, O=PM/SGDN, OU=DCSSI, CN=IGC/A/emailAddress=igca@sgdn.pm.gouv.fr

Added    SHA1      : B4:35:D4:E1:11:9D:1C:66:90:A7:49:EB:B3:94:BD:63:7B:A7:82:B7
         Subject   : CN=T\xC3\x9CRKTRUST Elektronik Sertifika Hizmet Sa\xC4\x9Flay\xC4\xB1c\xC4\xB1s\xC4\xB1, C=TR, L=Ankara, O=T\xC3\x9CRKTRUST Bilgi \xC4\xB0leti\xC5\x9Fim ve Bili\xC5\x9Fim G\xC3\xBCvenli\xC4\x9Fi Hizmetleri A.\xC5\x9E. (c) Kas\xC4\xB1m 2005

Added    SHA1      : 81:96:8B:3A:EF:1C:DC:70:F5:FA:32:69:C2:92:A3:63:5B:D1:23:D3
         Subject   : C=US, O=Digital Signature Trust Co., OU=DSTCA E1

Added    SHA1      : A9:E9:78:08:14:37:58:88:F2:05:19:B0:6D:2B:0D:2B:60:16:90:7D
         Subject   : C=US, O=GeoTrust Inc., CN=GeoTrust Global CA 2

Added    SHA1      : 66:31:BF:9E:F7:4F:9E:B6:C9:D5:A6:0C:BA:6A:BE:D1:F7:BD:EF:7B
         Subject   : C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO Certification Authority

Added    SHA1      : B1:2E:13:63:45:86:A4:6F:1A:B2:60:68:37:58:2D:C4:AC:FD:94:97
         Subject   : C=FR, O=Dhimyotis, CN=Certigna

Added    SHA1      : C8:EC:8C:87:92:69:CB:4B:AB:39:E9:8D:7E:57:67:F3:14:95:73:9D
         Subject   : C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 1999 VeriSign, Inc. - For authorized use only, CN=VeriSign Class 4 Public Primary Certification Authority - G3

Added    SHA1      : CB:A1:C5:F8:B0:E3:5E:B8:B9:45:12:D3:F9:34:A2:E9:06:10:D3:36
         Subject   : C=CO, O=Sociedad Cameral de Certificaci\xC3\xB3n Digital - Certic\xC3\xA1mara S.A., CN=AC Ra\xC3\xADz Certic\xC3\xA1mara S.A.

Added    SHA1      : 79:98:A3:08:E1:4D:65:85:E6:C2:1E:15:3A:71:9F:BA:5A:D3:4A:D9
         Subject   : CN=T\xC3\x9CRKTRUST Elektronik Sertifika Hizmet Sa\xC4\x9Flay\xC4\xB1c\xC4\xB1s\xC4\xB1, C=TR, L=ANKARA, O=(c) 2005 T\xC3\x9CRKTRUST Bilgi \xC4\xB0leti\xC5\x9Fim ve Bili\xC5\x9Fim G\xC3\xBCvenli\xC4\x9Fi Hizmetleri A.\xC5\x9E.

Added    SHA1      : D8:C5:38:8A:B7:30:1B:1B:6E:D4:7A:E6:45:25:3A:6F:9F:1A:27:61
         Subject   : C=CH, O=SwissSign AG, CN=SwissSign Gold CA - G2

Added    SHA1      : 33:9B:6B:14:50:24:9B:55:7A:01:87:72:84:D9:E0:2F:C3:D2:D8:E9
         Subject   : C=EU, O=AC Camerfirma SA CIF A82743287, OU=http://www.chambersign.org, CN=Global Chambersign Root
Added    SHA1      : DE:28:F4:A4:FF:E5:B9:2F:A3:C5:03:D1:A3:49:A7:F9:96:2A:82:12
         Subject   : C=US, O=GeoTrust Inc., CN=GeoTrust Global CA

Added    SHA1      : 32:3C:11:8E:1B:F7:B8:B6:52:54:E2:E2:10:0D:D6:02:90:37:F0:96
         Subject   : C=US, O=GeoTrust Inc., CN=GeoTrust Primary Certification Authority

Added    SHA1      : 85:B5:FF:67:9B:0C:79:96:1F:C8:6E:44:22:00:46:13:DB:17:92:84
         Subject   : C=US, O=America Online Inc., CN=America Online Root Certification Authority 2

Added    SHA1      : 5F:43:E5:B1:BF:F8:78:8C:AC:1C:C7:CA:4A:9A:C6:22:2B:CC:34:C6
         Subject   : O=Cybertrust, Inc, CN=Cybertrust Global Root

Added    SHA1      : AB:48:F3:33:DB:04:AB:B9:C0:72:DA:5B:0C:C1:D0:57:F0:36:9B:46
         Subject   : C=US, O=Digital Signature Trust Co., OU=DSTCA E2

Added    SHA1      : 3A:44:73:5A:E5:81:90:1F:24:86:61:46:1E:3B:9C:C4:5F:F5:3A:1B
         Subject   : C=US, O=SecureTrust Corporation, CN=Secure Global CA

Added    SHA1      : 74:F8:A3:C3:EF:E7:B3:90:06:4B:83:90:3C:21:64:60:20:E5:DF:CE
         Subject   : C=US, O=Network Solutions L.L.C., CN=Network Solutions Certificate Authority

Added    SHA1      : 9F:74:4E:9F:2B:4D:BA:EC:0F:31:2C:50:B6:56:3B:8E:2D:93:C3:11
         Subject   : C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO ECC Certification Authority

Added    SHA1      : 39:4F:F6:85:0B:06:BE:52:E5:18:56:CC:10:E1:80:E8:82:B3:85:CC
         Subject   : C=US, O=Equifax Secure, OU=Equifax Secure eBusiness CA-2

Added    SHA1      : 59:22:A1:E1:5A:EA:16:35:21:F8:98:39:6A:46:46:B0:44:1B:0F:A9
         Subject   : C=CH, O=WISeKey, OU=Copyright (c) 2005, OU=OISTE Foundation Endorsed, CN=OISTE WISeKey Global Root GA CA

Replaced SHA1      : BE:E7:72:B3:19:0A:C8:4B:F8:31:F9:60:7D:98:89:EC:6A:96:6C:16
         Subject   : C=US, O=Entrust, Inc., OU=www.entrust.net/CPS is incorporated by reference, OU=(c) 2006 Entrust, Inc., CN=Entrust Root Certification Authority
    with SHA1      : B3:1E:B1:B7:40:E3:6C:84:02:DA:DC:37:D4:4D:F5:D4:67:49:52:F9
         Subject   : C=US, O=Entrust, Inc., OU=www.entrust.net/CPS is incorporated by reference, OU=(c) 2006 Entrust, Inc., CN=Entrust Root Certification Authority

Added    SHA1      : 13:2D:0D:45:53:4B:69:97:CD:B2:D5:C3:39:E2:55:76:60:9B:5C:C6
         Subject   : C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 1999 VeriSign, Inc. - For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority - G3

Added    SHA1      : 37:9A:19:7B:41:85:45:35:0C:A6:03:69:F3:3C:2E:AF:47:4F:20:79
         Subject   : C=US, O=GeoTrust Inc., CN=GeoTrust Universal CA 2

Added    SHA1      : 87:81:C2:5A:96:BD:C2:FB:4C:65:06:4F:F9:39:0B:26:04:8A:0E:01
         Subject   : C=DK, O=TDC, CN=TDC OCES CA

Added    SHA1      : E7:B4:F6:9D:61:EC:90:69:DB:7E:90:A7:40:1A:3C:F4:7D:4F:E8:EE
         Subject   : C=US, O=Wells Fargo WellsSecure, OU=Wells Fargo Bank NA, CN=WellsSecure Public Root Certificate Authority

Added    SHA1      : C0:60:ED:44:CB:D8:81:BD:0E:F8:6C:0B:A2:87:DD:CF:81:67:47:8C
         Subject   : C=NL, O=DigiNotar, CN=DigiNotar Root CA/emailAddress=info@diginotar.nl

Added    SHA1      : F9:CD:0E:2C:DA:76:24:C1:8F:BD:F0:F0:AB:B6:45:B8:F7:FE:D5:7A
         Subject   : CN=ComSign Secured CA, O=ComSign, C=IL

Added    SHA1      : 80:25:EF:F4:6E:70:C8:D4:72:24:65:84:FE:40:3B:8A:8D:6A:DB:F5
         Subject   : C=DE, O=TC TrustCenter GmbH, OU=TC TrustCenter Class 3 CA, CN=TC TrustCenter Class 3 CA II

Added    SHA1      : 23:88:C9:D3:71:CC:9E:96:3D:FF:7D:3C:A7:CE:FC:D6:25:EC:19:0D
         Subject   : C=HU, L=Budapest, O=Microsec Ltd., OU=e-Szigno CA, CN=Microsec e-Szigno Root CA

Added    SHA1      : E6:21:F3:35:43:79:05:9A:4B:68:30:9D:8A:2F:74:22:15:87:EC:79
         Subject   : C=US, O=GeoTrust Inc., CN=GeoTrust Universal CA

Added    SHA1      : 91:C6:D6:EE:3E:8A:C8:63:84:E5:48:C2:99:29:5C:75:6C:81:7B:81
         Subject   : C=US, O=thawte, Inc., OU=Certification Services Division, OU=(c) 2006 thawte, Inc. - For authorized use only, CN=thawte Primary Root CA

Added    SHA1      : 0B:77:BE:BB:CB:7A:A2:47:05:DE:CC:0F:BD:6A:02:FC:7A:BD:9B:52
         Subject   : C=US, O=VeriSign, Inc., OU=Class 4 Public Primary Certification Authority - G2, OU=(c) 1998 VeriSign, Inc. - For authorized use only, OU=VeriSign Trust Network

Added    SHA1      : 93:E6:AB:22:03:03:B5:23:28:DC:DA:56:9E:BA:E4:D1:D1:CC:FB:65
         Subject   : C=US, O=Wells Fargo, OU=Wells Fargo Certification Authority, CN=Wells Fargo Root Certificate Authority

Added    SHA1      : 70:17:9B:86:8C:00:A4:FA:60:91:52:22:3F:9F:3E:32:BD:E0:05:62
         Subject   : C=US, O=VISA, OU=Visa International Service Association, CN=Visa eCommerce Root

Added    SHA1      : 87:82:C6:C3:04:35:3B:CF:D2:96:92:D2:59:3E:7D:44:D9:34:FF:11
         Subject   : C=US, O=SecureTrust Corporation, CN=SecureTrust CA

Added    SHA1      : 9B:AA:E5:9F:56:EE:21:CB:43:5A:BE:25:93:DF:A7:F0:40:D1:1D:CB
         Subject   : C=CH, O=SwissSign AG, CN=SwissSign Silver CA - G2

Added    SHA1      : D1:EB:23:A4:6D:17:D6:8F:D9:25:64:C2:F1:F1:60:17:64:D8:E3:49
         Subject   : C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services

Added    SHA1      : B8:01:86:D1:EB:9C:86:A5:41:04:CF:30:54:F3:4C:52:B7:E5:58:C6
         Subject   : C=US, OU=www.xrampsecurity.com, O=XRamp Security Services Inc, CN=XRamp Global Certification Authority

Added    SHA1      : D4:DE:20:D0:5E:66:FC:53:FE:1A:50:88:2C:78:DB:28:52:CA:E4:74
         Subject   : C=IE, O=Baltimore, OU=CyberTrust, CN=Baltimore CyberTrust Root

Remove   SHA1      : 74:2C:31:92:E6:07:E4:24:EB:45:49:54:2B:E1:BB:C5:3E:61:74:E2
         Subject   : C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority

Added    SHA1      : A1:DB:63:93:91:6F:17:E4:18:55:09:40:04:15:C7:02:40:B0:AE:6B
         Subject   : C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority

Replaced SHA1      : 80:1D:62:D0:7B:44:9D:5C:5C:03:5C:98:EA:61:FA:44:3C:2A:58:FE
         Subject   : O=Entrust.net, OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.), OU=(c) 1999 Entrust.net Limited, CN=Entrust.net Certification Authority (2048)
    with SHA1      : 50:30:06:09:1D:97:D4:F5:AE:39:F7:CB:E7:92:7D:7D:65:2D:34:31
         Subject   : O=Entrust.net, OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.), OU=(c) 1999 Entrust.net Limited, CN=Entrust.net Certification Authority (2048)

Added    SHA1      : 8C:F4:27:FD:79:0C:3A:D1:66:06:8D:E8:1E:57:EF:BB:93:22:72:D4
         Subject   : C=US, O=Entrust, Inc., OU=See www.entrust.net/legal-terms, OU=(c) 2009 Entrust, Inc. - for authorized use only, CN=Entrust Root Certification Authority - G2

Added    SHA1      : 56:E0:FA:C0:3B:8F:18:23:55:18:E5:D3:11:CA:E8:C2:43:31:AB:66
         Subject   : C=CH, O=SwissSign AG, CN=SwissSign Platinum CA - G2

Added    SHA1      : 3C:71:D7:0E:35:A5:DA:A8:B2:E3:81:2D:C3:67:74:17:F5:99:0D:F3
         Subject   : C=ES, ST=Madrid, L=Madrid, O=IPS Certification Authority s.l. ipsCA, OU=ipsCA, CN=ipsCA Global CA Root/emailAddress=global01@ipsca.com

Added    SHA1      : 47:BE:AB:C9:22:EA:E8:0E:78:78:34:62:A7:9F:45:C2:54:FD:E6:8B
         Subject   : C=US, ST=Arizona, L=Scottsdale, O=GoDaddy.com, Inc., CN=Go Daddy Root Certificate Authority - G2

Added    SHA1      : 02:72:68:29:3E:5F:5D:17:AA:A4:B3:C3:E6:36:1E:1F:92:57:5E:AA
         Subject   : C=KR, O=KISA, OU=Korea Certification Authority Central, CN=KISA RootCA 1

Added    SHA1      : 5F:4E:1F:CF:31:B7:91:3B:85:0B:54:F6:E5:FF:50:1A:2B:6F:C6:CF
         Subject   : C=KR, O=KISA, OU=Korea Certification Authority Central, CN=KISA RootCA 3

Added    SHA1      : 96:56:CD:7B:57:96:98:95:D0:E1:41:46:68:06:FB:B8:C6:11:06:87
         Subject   : C=DE, O=TC TrustCenter GmbH, OU=TC TrustCenter Universal CA, CN=TC TrustCenter Universal CA III

Added    SHA1      : D6:9B:56:11:48:F0:1C:77:C5:45:78:C1:09:26:DF:5B:85:69:76:AD
         Subject   : OU=GlobalSign Root CA - R3, O=GlobalSign, CN=GlobalSign

Remove   SHA1      : 19:98:49:D9:A9:E9:F5:28:43:6C:72:65:30:2A:15:2C:C0:9B:CA:9E
         Subject   : C=US, O=Entrust, Inc., OU=AND ADDITIONAL TERMS GOVERNING USE AND RELIANCE, OU=CPS CONTAINS IMPORTANT LIMITATIONS OF WARRANTIES AND LIABILITY, OU=www.entrust.net/CPS is incorporated by reference, OU=(c) 2008 Entrust, Inc., CN=Entrust Certification Authority - L1B

Remove   SHA1      : 4A:8A:2A:0E:27:6F:F3:3B:5D:D8:8A:36:21:46:01:0F:2A:8B:6A:EE
         Subject   : C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)06, CN=VeriSign Class 3 Extended Validation SSL SGC CA

Remove   SHA1      : 65:73:55:A6:BB:68:F9:3D:33:CC:B7:58:B4:2F:5E:1A:7D:85:C9:C4
         Subject   : C=IL, O=StartCom Ltd., OU=StartCom Certification Authority, CN=StartCom Extended Validation Server CA

Bug: 2994278
Change-Id: I4f05182fbec1053299e8ba68553116773f4eac18

Tracking external/bouncycastle OpenSSLDigest

Making OpenSSLMessageDigestJDK final to match OpenSSLDigest version
Fixing WITH_JNI_TRACE used for debugging OpenSSLDigest

Bug: 3024499
Change-Id: I919749348e531d074a25e16ab13315cede4f88e5

Merge "Fix problem where single-byte reads were unsigned." into gingerbread

Fix problem where single-byte reads were unsigned.

Change-Id: Ib0bc273698b71d13a90a03a8c60498ad7de5ad9d
http://b/3023872

Make SSL network I/O interruptible

- Changed NativeCrypto code to hold onto java.io.FileDescriptor so it
  can see observe when another thread calls Socket.close and sets the
  FileDescriptor's fd to -1. Changed AppData::setEnv to check
  NetFd::isClosed, it was already being used before each SSL I/O
  operation.

- Changed sslSelect to no longer take an int fd, it now uses the
  AppData to get access the FileDescriptor. Within sslSelect, the
  select call is now protected with AsynchronousSocketCloseMonitor.
  The select call is now retried on EINTR, checking for socket close
  similar to NET_FAILURE_RETRY. sslSelect now returns
  THROWN_SOCKETEXCEPTION to indicate that NetFd::isClosed has already
  thrown.

- sslRead and sslWrite now similarly returns THROWN_SOCKETEXCEPTION to
  indicate that Net::isClosed detected a closed FileDescriptor.

luni/src/main/native/NativeCrypto.cpp

Moved NetFd from OSNetworkSystem.cpp to new NetFd.h for reuse by NativeCrypto

luni/src/main/native/NetFd.h
luni/src/main/native/org_apache_harmony_luni_platform_OSNetworkSystem.cpp

Added test of 4 Socket/SSLSocket interrupt cases

    1.) read    Socket / close    Socket (redundant with AsynchronousCloseExceptionTest)
    2.) read    Socket / close SSLSocket
    3.) read SSLSocket / close    Socket
    4.) read SSLSocket / close SSLSocket

luni/src/test/java/libcore/javax/net/ssl/SSLSocketTest.java

Bug: 2973020
Change-Id: I9037738dd1d1c09c03c99e3403e086366aa25109

Move ThirdPartyProject.prop for bouncycastle from libcore

Change-Id: I13aa5e61e81e363b41fe463223fd65030da6c9d0

Merge "SSLSocket should respect timeout of a wrapped Socket" into gingerbread

Merge "Use BufferedInputStream when reading cacerts.bks" into gingerbread

SSLSocket should respect timeout of a wrapped Socket

Change to using getSoTimeout in OpenSSLSocketImpl instead of directly
using the timeout field. This means the proper timeout will be used
for instances of the OpenSSLSocketImplWrapper subclass, which is used
when an SSLSocket is wrapped around an existing connected non-SSL
Socket. The code still maintains the local timeout field, now renamed
timeoutMilliseconds, which is now accesed via
OpenSSLSocketImpl.getSoTimeout. Doing so prevents a getsockopt syscall
that otherwise would be necessary if the super.getSoTimeout() was used.

Added two unit tests for testing timeouts with SSLSockets wrapped
around Socket. One is simply for getters/setters. The second makes
sure the timeout is functioning when set on the underlying socket.

Bug: 2973305
Change-Id: Idac52853f5d777fae5060a840eefbfe85d448e4c

Use BufferedInputStream when reading cacerts.bks

Change-Id: Ibc20bdcadb5c3bc4bcebfeb96b10c42d9c05e7c8

Update supported cipher suites list

Update list of cipher suites supported by the current RI

Change-Id: Ifa2a799bd3ca40b4979fa44f5423d744e90af35c

Handle the different definitions of 'connected' in HttpURLConnection.

Previously we were failing with a NullPointerException when
HTTP redirects required connecting to a different server.

The connected field means 'we can't change request parameters'.
The connection being non-null means 'we're currently connected'.

Internally, multiple connections are permitted in order to support
HTTP redirects. But in the public API only one connect() call is
permitted.

I've added a new method, makeConnection() to make the magic work.

Change-Id: Ic644d5d192ec2b1de781dc271ae149bcd1655de4

Fix two HTTP issues that came up when writing HttpURLConnection docs.

We're now more careful about which headers are sent to HTTP proxies.
And getContentEncoding() is better documented.

Change-Id: I04241f99c2f32c25ba005fbd6ff9ef7236c3c9d3

Merge "Don't leave the Content-Encoding header around after transparent gzip." into gingerbread

Don't leave the Content-Encoding header around after transparent gzip.

Otherwise clients may be tempted to double-decompress.
http://b/issue?id=3009828

Change-Id: I4832da1c2aff9bad8d452ffc4a0f98ee27d44f49

Restore OpenSSLMessageDigestJDK.digest reset behavior

SSLEngine tests started failing due to the recent incorrect change to
OpenSSLMessageDigestJDK.digest() that removed the reset of
MessageDigest state on call to digest(). The problem was not that the
digest was resetting, but that it was resetting to use a SHA-0
algorithm. See recent change c38b8476e7e4bd4b091d9f0e8fe8b2b972e7bc81.

Change-Id: I40ef4e18a1b546eac5a487cb8a808d4897b301b0

Merge "OpenSSLMessageDigestJDK.reset should not change from SHA-1 to SHA-0" into gingerbread

OpenSSLMessageDigestJDK.reset should not change from SHA-1 to SHA-0

For SHA-1, the OpenSSLMessageDigestJDK constructor was called with the
algorithm name "SHA-1", which it passed to the superclass constructor
for use as the algorithm field. However, MessageDigest.getInstance
would then override this value with the its own algorithm argument. In the
case of getInstance("SHA"), this mean the constructor would set the
value to "SHA-1" (from the OpenSSLMessageDigestJDK.SHA1 subclass
constructor) which would then be overridden by getInstance to
"SHA". Because the OpenSSLMessageDigestJDK would then initialize using
"SHA-1", the MessageDigest worked in the common case. However, when it
was MessageDigest.reset(), it called getAlgorithm() which returned
"SHA", which was then passed to OpenSSL as "sha" which interpretted
this as "SHA-0".

The fix is to change to pass both a standard name (e.g "SHA-1") as
well as openssl name expliclty (e.g. "sha1"), removing the somewhat
hacky code that tried to algorithmically transform from the standard
names to the openssl ones.

The same fix needs to be made to OpenSSLDigest. We also are removing
SHA-0 from openssl since it is unneeded and would have cause an clear
error if it had been absent.

Change-Id: Iaa8f5b93a572fb043fa4f2618070ebb5054f82b1

Merge "Add optional tags to libcore." into gingerbread

Add optional tags to libcore.

Change-Id: Iac339144ed448848c96852da8d301d528ebfa0e6

Use DecimalFormatSymbols.getExponentSeparator in DecimalFormat.

A last-minute bit of Java 6 work...

Bug: 3008411
Change-Id: Ic197de8ddc92afcaa661875a2c99c8352237642a

Make the implementation of Formatter %e more similar to %f.

Also comment the code that turns 'E' into 'e' in %e. I tried doing this in
native code but it crufts the implementation and slightly slows the path we
care about (%f) for the benefit of the one we don't (%e).

I have optimized %e (without a precision) in the same way that I did with %f.

Bug: 2934304
Change-Id: I3c99be2157f4448c1b290d5578eeb6fc14965c59

Return char[] instead of String from NativeDecimalFormat.

One last little speedup for Formatter %f before I call it a day for now...

Bug: 2934304
Change-Id: I9edd02d1ba8dc40a2b28fea34d7bccf95eeb56ab

Merge "Speed up Formatter %f a bit more by using a thread-local NativeDecimalFormat." into gingerbread

Speed up Formatter %f a bit more by using a thread-local NativeDecimalFormat.

Bug: 2934304
Change-Id: I5ddcfc01bf1dc57917a544d00d4dc0d4a37ffe5c

Merge "Add a test case to demonstrate MessageDigest.reset() doesn't." into gingerbread

Merge "In javadoc, it's @return, not @returns." into gingerbread

In javadoc, it's @return, not @returns.

Change-Id: I88a6207c93559c445d5498b41c6d345fe28e3473

Add a test case to demonstrate MessageDigest.reset() doesn't.

Uncovered by a more general test:
org.apache.harmony.security.tests.java.security.MessageDigest2Test#test_digest

Implement OpenSSLMessageDigestJDK.clone and fix OpenSSLMessageDigestJDK.digest

DigestInputStream2Test.test_onZ was failing because OpenSSLMessageDigestJDK did not implement Clonable
- Implementing Clonable required a new NativeCrypto.EVP_MD_CTX_copy method
- While adding NativeCrypto.EVP_MD_CTX_copy, noticed other methods
  were not properly named in NativeCrypto.EVP_MD_CTX_* convention.
- Converted rest of NativeCrypto.cpp to JNI_TRACE logging while debugging

DigestOutputStreamTest.test_onZ was failing because OpenSSLMessageDigestJDK.digest did an engineReset
- Removing the engineReset revealed that digest() could not be called
  repeatedly on an OpenSSLMessageDigestJDK. Problem was that
  EVP_DigestFinal can only be called once per digest.
- Changed engineDigest implementation to use new EVP_MD_CTX_copy to
  create a temp EVP_MD_CTX which can be used to retreive the digest
  and then discarded.

Bug: 2997405
Change-Id: Ie97c22be245911300d2e729e451a9c4afdb27937

Fix KeyStore2Test

Specifically addressing failures in:
- test_getCertificateChainLjava_lang_String
- test_getCertificateLjava_lang_String
- test_setCertificateEntryLjava_lang_StringLjava_security_cert_Certificate

This test tried to be sophisticated by not comparing the certificates
returned from the KeyStore, but their public keys instead, presumably
because it might be okay if a "equals" but not "==" cert is
returned. Of course, then you shouldn't assume that the PublicKeys
will be ==, which the test did. In the RI it turns out that == was
fine. However, in BouncyCastle, the certs were ==, but the PublicKeys
were not, which each call returning a unique instance, causing test
failures.

Test test was also cleaned up to run on RI in addition to dalvik, as
well as to improve the style of the test by more use of assertEquals,
not just in the places were it was required, as well as breaking
complex assertTrue statements into simpler parts.

Bug: 2997410

Change-Id: I50da35c7878c260dddacd67ed78b9d18ae96a41e

Add negative argument bounds checking to OpenSSLMessageDigest.update

   Add bounds checking to match RI behavior. Note the checking is done
   within the subclasses MessageDigest.engineUpdate implementation and
   not the MessageDigest.update class, which was fixed earlier in
   HARMONY-1120 https://issues.apache.org/jira/browse/HARMONY-1120

luni/src/main/native/NativeCrypto.cpp

   Fix test to pass on RI

luni/src/test/java/org/apache/harmony/security/tests/java/security/MessageDigest1Test.java

Bug: 2997412
Change-Id: Ied0754ac0a35f1fe0be998b8bc350aa21e69ebdd

Merge "Support sqlite_jni on the dalvikvm host build." into gingerbread

Support sqlite_jni on the dalvikvm host build.

Change-Id: I9aac98e43cdb22b272dfe55e525fb352e0106e1c

make new module optional

Change-Id: Iadd023fbc4f11b10d1f76c92c1cfad7ff21dde97

Fix HttpsURLConnectionTest failures

Focusing on HttpsURLConnectionTest.test_doOutput found a number of
unrelated issues, all of which are addressed by this change:
- {HttpURLConnection,HttpsURLConnection}.connect not ignored on subsequent calls
- OpenSSLSessionImpl.{getPeerCertificates,getPeerCertificateChain} did not include client certificate
- OpenSSLSocketImpl.getSession did not skip handshake when SSLSession was already available
- Fix 3 test issues in HttpsURLConnectionTest
- Fix 2 test issues in NativeCryptoTest

Details:

    HttpsURLConnectionTest tests (such as test_doOutput) that
    tried to call URLConnection.connect() at the end of the test
    were raising exception. The RI URLConnection.connect
    documentation says calls on connected URLConnections should be ignored.

      Use "connected" instead of "connection != null" as reason to ignore "connect"

luni/src/main/java/org/apache/harmony/luni/internal/net/www/protocol/http/HttpURLConnectionImpl.java
luni/src/main/java/org/apache/harmony/luni/internal/net/www/protocol/https/HttpsURLConnectionImpl.java

    Converted one caller of getPeerCertificateChain to
    getPeerCertificates which is the new fast path.  Track
    OpenSSLSessionImpl change to take "java" vs "javax" certificates.

luni/src/main/java/org/apache/harmony/xnet/provider/jsse/AbstractSessionContext.java

    Move SSL_SESSION_get_peer_cert_chain to be SSL_get_peer_cert_chain
    (similar to SSL_get_certificate). The problem was that
    SSL_SESSION_get_peer_cert_chain used SSL_get_peer_cert_chain which
    in the server case did not include the client cert itself, which
    required a call to SSL_get_peer_certificate, which needed the
    SSL instance pointer.

luni/src/main/java/org/apache/harmony/xnet/provider/jsse/NativeCrypto.java
luni/src/main/native/NativeCrypto.cpp

    Improved NativeCrypto_SSL_set_verify tracing

luni/src/main/native/NativeCrypto.cpp

    As a side effect of the move to
    NativeCrypto.SSL_get_peer_certificate, it no longer made sense to
    lazily create the peer certificate chain since the SSLSession
    should not depend on a particular SSL instance. The peer chain is
    now passed in as part of the constructor and the peerCertifcates
    in the OpenSSLSession can be final (also made localCertificates
    final). Since peerCertifcates is the newew (java not javax) API
    and more commonly used, it is what is created from the native
    code, and peerCertificateChain is not derived from peerCertifcates
    instead of vice versa.

luni/src/main/java/org/apache/harmony/xnet/provider/jsse/OpenSSLSessionImpl.java

    Factored out code to used to create local certificate chain to
    from array of DER byte arrays into createCertChain so it can be
    reused to create peer certificate chain.

luni/src/main/java/org/apache/harmony/xnet/provider/jsse/OpenSSLSocketImpl.java

    Fix OpenSSLSocketImpl.getSession to check for existing sslSession
    to and skip handshake, which was causing an exception if the
    connection had already been closed.

luni/src/main/java/org/apache/harmony/xnet/provider/jsse/OpenSSLSocketImpl.java

    Fix test issues: Removed PrintStream wrapper of System.out which
    was causing vogar to lose output. Added null check in closeSocket,
    which can happen in timeout case. Removed use of
    InputStream.available which in OpenSSLSocket case returned 0,
    causing test to fail incorrectly.

luni/src/test/java/org/apache/harmony/luni/tests/internal/net/www/protocol/https/HttpsURLConnectionTest.java

    Updating to track change to SSL_get_peer_cert_chain. Also fixed
    some other unrelated test failures caused by IOException on
    shutdown and false start (aka SSL_MODE_HANDSHAKE_CUTTHROUGH)
    causing clientCallback.handshakeCompleted to be false.

luni/src/test/java/org/apache/harmony/xnet/provider/jsse/NativeCryptoTest.java

Bug: b/2981767
Change-Id: Id083beb6496558296c2f74f51ab0970e158b23a9

Rename internal SSLParameters to SSLParametersImpl to avoid collision with new javax.net.ssl.SSLParameters

Bug: 2672817
Change-Id: Iadf21b848eaf8850fce22721b9ba3739ab2e9fca

Merge "Remove SSLContextImpl.engineInit(..) that takes persistent cache arguments" into gingerbread

Merge "Fix test code that hardcodes the keystore. Necessary for the host build." into gingerbread

Fix test code that hardcodes the keystore. Necessary for the host build.

Change-Id: Ie371a4bc9cd8bcb9aed169f08aba18d285e21099

Remove SSLContextImpl.engineInit(..) that takes persistent cache arguments

Bug: 2672817
Change-Id: I201815857e4452498c746139b8d64b7721bc22cc

Merge "Make the bouncy castle keystore available for the host build." into gingerbread

Make the bouncy castle keystore available for the host build.

Change-Id: I1d126f594808d748af0662032f9dff5ee69377e6

Merge "Fix the TimeZone.getTimeZone documentation and a test." into gingerbread

Fix the TimeZone.getTimeZone documentation and a test.

Bug: 2996225
Change-Id: I9242b8a8e343d2b1995b5f1d0cb715d2fa3080f6

Update the host core.jar build to include classes.dex.

Uses LOCAL_BUILD_HOST_DEX:=true to do the heavy lifting.

See Ying Wang's example, which this obsoletes:
https://android-git.corp.google.com/g/67581

Change-Id: I7ebfd7033e130280e473b1a42624c5d375d7eaed

Merge "Even more follow up to enh's HttpURLConnection docs review." into gingerbread

Merge "Document Unicode versions and that we don't support the locale spi junk." into gingerbread

Even more follow up to enh's HttpURLConnection docs review.

Change-Id: Ia70565470d6c605d0c24105bc4ef5c712e3301a1
https://android-git.corp.google.com/g/67703

Document Unicode versions and that we don't support the locale spi junk.

Bug: 2860486
Bug: 2938123
Change-Id: I3eb587300ea97340cdc23ba2d0136b8eeeb99b25

More follow up to enh's HttpURLConnection docs review.

See the original review here:
https://android-git.corp.google.com/g/#patch,sidebyside,67584,1,luni/src/main/java/java/net/HttpURLConnection.java

Change-Id: If296b35e53e7bde88403e9124038f38dd725f83b

Document HttpURLConnection's many features and misfeatures.

Change-Id: Ib6d9f05e6a23bc44bd5c8838c9e8098b15d19810