Initial framework

This commit is contained in:
mathiascode 2020-04-16 22:08:07 +03:00
parent e4e262ceea
commit a6132fe8ab
85 changed files with 4403 additions and 1 deletions

View file

@ -1,2 +1,2 @@
# framework
Framework for running the server
Framework for running the Kaboom server

2
config/crontab Normal file
View file

@ -0,0 +1,2 @@
@reboot su server -c "$HOME/framework/script/init.sh"
0 0 * * * su server -c "$HOME/framework/script/reset.sh" && reboot

1
config/iptables Normal file
View file

@ -0,0 +1 @@
iptables -t nat -A INPUT -p tcp --dport 25565 -j SNAT --to-source 192.168.1.100

19
script/alivecheck.sh Executable file
View file

@ -0,0 +1,19 @@
#!/bin/sh
# The following script is a failsafe for killing the Minecraft server if it happens
# to be stuck
set -x
while true; do
sleep 420
# If server doesn't respond to ping, or if the log file is older than
# 3 minutes, kill the server
if [ "$(env printf '\xFE' | nc -w 15 new.kaboom.pw 25565 | wc -m)" -eq 0 ]; then
pkill -9 java
kill -9 $(ps -C ssh -o pid=)
echo $(date) >> ~/kill.log
fi
done

13
script/init.sh Executable file
View file

@ -0,0 +1,13 @@
#!/bin/sh
# This is the core script used when booting up the server
# It asumes that the "framework" folder is located in the home directory
# Run scripts for starting the Minecraft server and schematic
# checker in the background
while true; do
dtach -n kaboom ~/framework/script/server.sh > /dev/null 2>&1
dtach -n schematics ~/framework/script/schematics.sh > /dev/null 2>&1
sleep 5
done &

9
script/reset.sh Executable file
View file

@ -0,0 +1,9 @@
#!/bin/sh
# The following script is used when resetting the server
# Currently every 24 h
~/framework/script/stop.sh
rm -rf ~/server/*
cp -Tr ~/server-default/ ~/server/

17
script/schematics.sh Executable file
View file

@ -0,0 +1,17 @@
#!/bin/sh
# Schematics are saved in a separate git repository.
# Only non-existing files are added to the repository.
set -x
git clone git@github.com:kaboomserver/schematics.git ~/server/plugins/FastAsyncWorldEdit/schematics/
while true; do
cd ~/server/plugins/FastAsyncWorldEdit/schematics/
if [ "$(git add $(git ls-files -o) -v)" ]; then
git -c user.name='kaboom' -c user.email='kaboom.pw' commit -m "Add new schematics"
git push
fi
sleep 1
done

28
script/server.sh Executable file
View file

@ -0,0 +1,28 @@
#!/bin/sh
# The alive checker and Minecraft server is started at the same time. For performance reasons, the
# OpenJ9 JVM is used instead of Java's default Hotspot JVM.
PATH="$HOME/framework/vendor/java/bin/:$PATH"
dtach -n alivecheck $HOME/framework/script/alivecheck.sh
# Make sure we're in the server folder, located in the home directory
cd ~/server/
# Make certain files and folders read-only
chmod -R 500 plugins/bStats/
chmod -R 500 plugins/PluginMetrics/
chmod -R 500 plugins/ProtocolLib/
chmod 400 bukkit.yml
chmod 400 commands.yml
chmod 400 eula.txt
chmod 400 permissions.yml
chmod 400 server-icon.png
chmod 400 wepif.yml
while true; do
java -Xmx1920M -Xtune:virtualized -Xaggressive -Xcompressedrefs -Xdump:heap+java+snap:none -Xdump:tool:events=throw+systhrow,filter=java/lang/OutOfMemoryError,exec="kill -9 %pid" -Xgc:concurrentScavenge -Xgc:dnssExpectedTimeRatioMaximum=3 -Xgc:scvNoAdaptiveTenure -Xdisableexplicitgc -Xshareclasses -Xshareclasses:noPersistentDiskSpaceCheck -XX:MaxDirectMemorySize=128M -XX:+ClassRelationshipVerifier -XX:+UseContainerSupport -DPaper.IgnoreJavaVersion=true -Dpaper.playerconnection.keepalive=360 -DIReallyKnowWhatIAmDoingISwear -jar server.jar
sleep 1
done

5
script/stop.sh Executable file
View file

@ -0,0 +1,5 @@
#!/bin/sh
# Shutdown script for Paper/Spigot
pkill -9 java

15
vendor/generate_jre.sh vendored Executable file
View file

@ -0,0 +1,15 @@
#!/bin/sh
# This script is used as a reference to generate a stripped-down OpenJ9 JRE for the server
rm -rf java/
wget https://github.com/AdoptOpenJDK/openjdk14-binaries/releases/download/jdk-14%2B36.1_openj9-0.19.0/OpenJDK14U-jdk_x64_linux_openj9_14_36_openj9-0.19.0.tar.gz
tar -zxvf OpenJDK*
rm OpenJDK*
mv jdk* jdk/
jdk/bin/jlink --no-header-files --no-man-pages --compress=2 --strip-debug \
--exclude-files=**java_*.properties,**jrunscript,**keytool,**legal/** \
--add-modules \
java.desktop,java.logging,java.management,java.naming,java.net.http,java.scripting,java.sql,jdk.crypto.ec,jdk.unsupported,jdk.zipfs,openj9.sharedclasses \
--output java
rm -rf jdk/

BIN
vendor/java/bin/java vendored Executable file

Binary file not shown.

63
vendor/java/conf/logging.properties vendored Normal file
View file

@ -0,0 +1,63 @@
############################################################
# Default Logging Configuration File
#
# You can use a different file by specifying a filename
# with the java.util.logging.config.file system property.
# For example java -Djava.util.logging.config.file=myfile
############################################################
############################################################
# Global properties
############################################################
# "handlers" specifies a comma separated list of log Handler
# classes. These handlers will be installed during VM startup.
# Note that these classes must be on the system classpath.
# By default we only configure a ConsoleHandler, which will only
# show messages at the INFO and above levels.
handlers= java.util.logging.ConsoleHandler
# To also add the FileHandler, use the following line instead.
#handlers= java.util.logging.FileHandler, java.util.logging.ConsoleHandler
# Default global logging level.
# This specifies which kinds of events are logged across
# all loggers. For any given facility this global level
# can be overriden by a facility specific level
# Note that the ConsoleHandler also has a separate level
# setting to limit messages printed to the console.
.level= INFO
############################################################
# Handler specific properties.
# Describes specific configuration info for Handlers.
############################################################
# default file output is in user's home directory.
java.util.logging.FileHandler.pattern = %h/java%u.log
java.util.logging.FileHandler.limit = 50000
java.util.logging.FileHandler.count = 1
# Default number of locks FileHandler can obtain synchronously.
# This specifies maximum number of attempts to obtain lock file by FileHandler
# implemented by incrementing the unique field %u as per FileHandler API documentation.
java.util.logging.FileHandler.maxLocks = 100
java.util.logging.FileHandler.formatter = java.util.logging.XMLFormatter
# Limit the message that are printed on the console to INFO and above.
java.util.logging.ConsoleHandler.level = INFO
java.util.logging.ConsoleHandler.formatter = java.util.logging.SimpleFormatter
# Example to customize the SimpleFormatter output format
# to print one-line log message like this:
# <level>: <log message> [<date/time>]
#
# java.util.logging.SimpleFormatter.format=%4$s: %5$s [%1$tc]%n
############################################################
# Facility specific properties.
# Provides extra control for each logger.
############################################################
# For example, set the com.xyz.foo logger to only log SEVERE
# messages:
# com.xyz.foo.level = SEVERE

132
vendor/java/conf/net.properties vendored Normal file
View file

@ -0,0 +1,132 @@
############################################################
# Default Networking Configuration File
#
# This file may contain default values for the networking system properties.
# These values are only used when the system properties are not specified
# on the command line or set programmatically.
# For now, only the various proxy settings can be configured here.
############################################################
# Whether or not the DefaultProxySelector will default to System Proxy
# settings when they do exist.
# Set it to 'true' to enable this feature and check for platform
# specific proxy settings
# Note that the system properties that do explicitly set proxies
# (like http.proxyHost) do take precedence over the system settings
# even if java.net.useSystemProxies is set to true.
java.net.useSystemProxies=false
#------------------------------------------------------------------------
# Proxy configuration for the various protocol handlers.
# DO NOT uncomment these lines if you have set java.net.useSystemProxies
# to true as the protocol specific properties will take precedence over
# system settings.
#------------------------------------------------------------------------
# HTTP Proxy settings. proxyHost is the name of the proxy server
# (e.g. proxy.mydomain.com), proxyPort is the port number to use (default
# value is 80) and nonProxyHosts is a '|' separated list of hostnames which
# should be accessed directly, ignoring the proxy server (default value is
# localhost & 127.0.0.1).
#
# http.proxyHost=
# http.proxyPort=80
http.nonProxyHosts=localhost|127.*|[::1]
#
# HTTPS Proxy Settings. proxyHost is the name of the proxy server
# (e.g. proxy.mydomain.com), proxyPort is the port number to use (default
# value is 443). The HTTPS protocol handlers uses the http nonProxyHosts list.
#
# https.proxyHost=
# https.proxyPort=443
#
# FTP Proxy settings. proxyHost is the name of the proxy server
# (e.g. proxy.mydomain.com), proxyPort is the port number to use (default
# value is 80) and nonProxyHosts is a '|' separated list of hostnames which
# should be accessed directly, ignoring the proxy server (default value is
# localhost & 127.0.0.1).
#
# ftp.proxyHost=
# ftp.proxyPort=80
ftp.nonProxyHosts=localhost|127.*|[::1]
#
# Socks proxy settings. socksProxyHost is the name of the proxy server
# (e.g. socks.domain.com), socksProxyPort is the port number to use
# (default value is 1080)
#
# socksProxyHost=
# socksProxyPort=1080
#
# HTTP Keep Alive settings. remainingData is the maximum amount of data
# in kilobytes that will be cleaned off the underlying socket so that it
# can be reused (default value is 512K), queuedConnections is the maximum
# number of Keep Alive connections to be on the queue for clean up (default
# value is 10).
# http.KeepAlive.remainingData=512
# http.KeepAlive.queuedConnections=10
# Authentication Scheme restrictions for HTTP and HTTPS.
#
# In some environments certain authentication schemes may be undesirable
# when proxying HTTP or HTTPS. For example, "Basic" results in effectively the
# cleartext transmission of the user's password over the physical network.
# This section describes the mechanism for disabling authentication schemes
# based on the scheme name. Disabled schemes will be treated as if they are not
# supported by the implementation.
#
# The 'jdk.http.auth.tunneling.disabledSchemes' property lists the authentication
# schemes that will be disabled when tunneling HTTPS over a proxy, HTTP CONNECT.
# The 'jdk.http.auth.proxying.disabledSchemes' property lists the authentication
# schemes that will be disabled when proxying HTTP.
#
# In both cases the property is a comma-separated list of, case-insensitive,
# authentication scheme names, as defined by their relevant RFCs. An
# implementation may, but is not required to, support common schemes whose names
# include: 'Basic', 'Digest', 'NTLM', 'Kerberos', 'Negotiate'. A scheme that
# is not known, or not supported, by the implementation is ignored.
#
# Note: This property is currently used by the JDK Reference implementation. It
# is not guaranteed to be examined and used by other implementations.
#
#jdk.http.auth.proxying.disabledSchemes=
jdk.http.auth.tunneling.disabledSchemes=Basic
#
# Allow restricted HTTP request headers
#
# By default, the following request headers are not allowed to be set by user code
# in HttpRequests: "connection", "content-length", "expect", "host" and "upgrade".
# The 'jdk.httpclient.allowRestrictedHeaders' property allows one or more of these
# headers to be specified as a comma separated list to override the default restriction.
# The names are case-insensitive and white-space is ignored (removed before processing
# the list). Note, this capability is mostly intended for testing and isn't expected
# to be used in real deployments. Protocol errors or other undefined behavior is likely
# to occur when using them. The property is not set by default.
# Note also, that there may be other headers that are restricted from being set
# depending on the context. This includes the "Authorization" header when the
# relevant HttpClient has an authenticator set. These restrictions cannot be
# overridden by this property.
#
# jdk.httpclient.allowRestrictedHeaders=host
#
#
# Transparent NTLM HTTP authentication mode on Windows. Transparent authentication
# can be used for the NTLM scheme, where the security credentials based on the
# currently logged in user's name and password can be obtained directly from the
# operating system, without prompting the user. This property has three possible
# values which regulate the behavior as shown below. Other unrecognized values
# are handled the same as 'disabled'. Note, that NTLM is not considered to be a
# strongly secure authentication scheme and care should be taken before enabling
# this mechanism.
#
# Transparent authentication never used.
#jdk.http.ntlm.transparentAuth=disabled
#
# Enabled for all hosts.
#jdk.http.ntlm.transparentAuth=allHosts
#
# Enabled for hosts that are trusted in Windows Internet settings
#jdk.http.ntlm.transparentAuth=trustedHosts
#
jdk.http.ntlm.transparentAuth=disabled

30
vendor/java/conf/sdp/sdp.conf.template vendored Normal file
View file

@ -0,0 +1,30 @@
#
# Configuration file to enable InfiniBand Sockets Direct Protocol.
#
# Each line that does not start with a comment (#) is a rule to indicate when
# the SDP transport protocol should be used. The format of a rule is as follows:
# ("bind"|"connect") 1*LWSP-char (hostname|ipaddress["/"prefix]) 1*LWSP-char ("*"|port)["-"("*"|port)]
#
# A "bind" rule indicates that the SDP protocol transport should be used when
# a TCP socket binds to an address/port that matches the rule. A "connect" rule
# indicates that the SDP protocol transport should be used when an unbound
# TCP socket attempts to connect to an address/port that matches the rule.
# Addresses may be specified as hostnames or literal Internet Protocol (IP)
# addresses. When a literal IP address is used then a prefix length may be used
# to indicate the number of bits for matching (useful when a block of addresses
# or subnet is allocated to the InfiniBand fabric).
# Use SDP for all sockets that bind to specific local addresses
#bind 192.168.1.1 *
#bind fe80::21b:24ff:fe3d:7896 *
# Use SDP for all sockets that bind to the wildcard address in a port range
#bind 0.0.0.0 5000-5999
#bind ::0 5000-5999
# Use SDP when connecting to all application services on 192.168.1.*
#connect 192.168.1.0/24 1024-*
# Use SDP when connecting to the http server or MySQL database on hpccluster.
#connect hpccluster.foo.com 80
#connect hpccluster.foo.com 3306

44
vendor/java/conf/security/java.policy vendored Normal file
View file

@ -0,0 +1,44 @@
//
// This system policy file grants a set of default permissions to all domains
// and can be configured to grant additional permissions to modules and other
// code sources. The code source URL scheme for modules linked into a
// run-time image is "jrt".
//
// For example, to grant permission to read the "foo" property to the module
// "com.greetings", the grant entry is:
//
// grant codeBase "jrt:/com.greetings" {
// permission java.util.PropertyPermission "foo", "read";
// };
//
// default permissions granted to all domains
grant {
// allows anyone to listen on dynamic ports
permission java.net.SocketPermission "localhost:0", "listen";
// "standard" properies that can be read by anyone
permission java.util.PropertyPermission "java.version", "read";
permission java.util.PropertyPermission "java.vendor", "read";
permission java.util.PropertyPermission "java.vendor.url", "read";
permission java.util.PropertyPermission "java.class.version", "read";
permission java.util.PropertyPermission "os.name", "read";
permission java.util.PropertyPermission "os.version", "read";
permission java.util.PropertyPermission "os.arch", "read";
permission java.util.PropertyPermission "file.separator", "read";
permission java.util.PropertyPermission "path.separator", "read";
permission java.util.PropertyPermission "line.separator", "read";
permission java.util.PropertyPermission
"java.specification.version", "read";
permission java.util.PropertyPermission "java.specification.vendor", "read";
permission java.util.PropertyPermission "java.specification.name", "read";
permission java.util.PropertyPermission
"java.vm.specification.version", "read";
permission java.util.PropertyPermission
"java.vm.specification.vendor", "read";
permission java.util.PropertyPermission
"java.vm.specification.name", "read";
permission java.util.PropertyPermission "java.vm.version", "read";
permission java.util.PropertyPermission "java.vm.vendor", "read";
permission java.util.PropertyPermission "java.vm.name", "read";
};

1279
vendor/java/conf/security/java.security vendored Normal file

File diff suppressed because it is too large Load diff

View file

@ -0,0 +1,54 @@
Java(TM) Cryptography Extension Policy Files
for the Java(TM) Platform, Standard Edition Runtime Environment
README
------------------------------------------------------------------------
Import and export control rules on cryptographic software vary from
country to country. The Java Cryptography Extension (JCE) architecture
allows flexible cryptographic key strength to be configured via the
jurisdiction policy files which are referenced by the "crypto.policy"
security property in the <java-home>/conf/security/java.security file.
By default, Java provides two different sets of cryptographic policy
files:
unlimited: These policy files contain no restrictions on cryptographic
strengths or algorithms
limited: These policy files contain more restricted cryptographic
strengths
These files reside in <java-home>/conf/security/policy in the "unlimited"
or "limited" subdirectories respectively.
Each subdirectory contains a complete policy configuration,
and subdirectories can be added/edited/removed to reflect your
import or export control product requirements.
Within a subdirectory, the effective policy is the combined minimum
permissions of the grant statements in the file(s) matching the filename
pattern "default_*.policy". At least one grant is required. For example:
limited = Export (all) + Import (limited) = Limited
unlimited = Export (all) + Import (all) = Unlimited
The effective exemption policy is the combined minimum permissions
of the grant statements in the file(s) matching the filename pattern
"exempt_*.policy". Exemption grants are optional. For example:
limited = grants exemption permissions, by which the
effective policy can be circumvented.
e.g. KeyRecovery/KeyEscrow/KeyWeakening.
Please see the Java Cryptography Architecture (JCA) documentation for
additional information on these files and formats.
YOU ARE ADVISED TO CONSULT YOUR EXPORT/IMPORT CONTROL COUNSEL OR ATTORNEY
TO DETERMINE THE EXACT REQUIREMENTS.
Please note that the JCE for Java SE, including the JCE framework,
cryptographic policy files, and standard JCE providers provided with
the Java SE, have been reviewed and approved for export as mass market
encryption item by the US Bureau of Industry and Security.

View file

@ -0,0 +1,6 @@
// Default US Export policy file.
grant {
// There is no restriction to any algorithms.
permission javax.crypto.CryptoAllPermission;
};

View file

@ -0,0 +1,14 @@
// Some countries have import limits on crypto strength. This policy file
// is worldwide importable.
grant {
permission javax.crypto.CryptoPermission "DES", 64;
permission javax.crypto.CryptoPermission "DESede", *;
permission javax.crypto.CryptoPermission "RC2", 128,
"javax.crypto.spec.RC2ParameterSpec", 128;
permission javax.crypto.CryptoPermission "RC4", 128;
permission javax.crypto.CryptoPermission "RC5", 128,
"javax.crypto.spec.RC5ParameterSpec", *, 12, *;
permission javax.crypto.CryptoPermission "RSA", *;
permission javax.crypto.CryptoPermission *, 128;
};

View file

@ -0,0 +1,13 @@
// Some countries have import limits on crypto strength, but may allow for
// these exemptions if the exemption mechanism is used.
grant {
// There is no restriction to any algorithms if KeyRecovery is enforced.
permission javax.crypto.CryptoPermission *, "KeyRecovery";
// There is no restriction to any algorithms if KeyEscrow is enforced.
permission javax.crypto.CryptoPermission *, "KeyEscrow";
// There is no restriction to any algorithms if KeyWeakening is enforced.
permission javax.crypto.CryptoPermission *, "KeyWeakening";
};

View file

@ -0,0 +1,6 @@
// Default US Export policy file.
grant {
// There is no restriction to any algorithms.
permission javax.crypto.CryptoAllPermission;
};

View file

@ -0,0 +1,6 @@
// Country-specific policy file for countries with no limits on crypto strength.
grant {
// There is no restriction to any algorithms.
permission javax.crypto.CryptoAllPermission;
};

39
vendor/java/conf/sound.properties vendored Normal file
View file

@ -0,0 +1,39 @@
############################################################
# Sound Configuration File
############################################################
#
# This properties file is used to specify default service
# providers for javax.sound.midi.MidiSystem and
# javax.sound.sampled.AudioSystem.
#
# The following keys are recognized by MidiSystem methods:
#
# javax.sound.midi.Receiver
# javax.sound.midi.Sequencer
# javax.sound.midi.Synthesizer
# javax.sound.midi.Transmitter
#
# The following keys are recognized by AudioSystem methods:
#
# javax.sound.sampled.Clip
# javax.sound.sampled.Port
# javax.sound.sampled.SourceDataLine
# javax.sound.sampled.TargetDataLine
#
# The values specify the full class name of the service
# provider, or the device name.
#
# See the class descriptions for details.
#
# Example 1:
# Use MyDeviceProvider as default for SourceDataLines:
# javax.sound.sampled.SourceDataLine=com.xyz.MyDeviceProvider
#
# Example 2:
# Specify the default Synthesizer by its name "InternalSynth".
# javax.sound.midi.Synthesizer=#InternalSynth
#
# Example 3:
# Specify the default Receiver by provider and name:
# javax.sound.midi.Receiver=com.sun.media.sound.MidiProvider#SunMIDI1
#

BIN
vendor/java/lib/compressedrefs/j9ddr.dat vendored Normal file

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

BIN
vendor/java/lib/compressedrefs/libjvm.so vendored Normal file

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

BIN
vendor/java/lib/j9vm/libjsig.so vendored Normal file

Binary file not shown.

BIN
vendor/java/lib/j9vm/libjvm.so vendored Normal file

Binary file not shown.

1898
vendor/java/lib/java.properties vendored Normal file

File diff suppressed because it is too large Load diff

BIN
vendor/java/lib/jexec vendored Executable file

Binary file not shown.

BIN
vendor/java/lib/jrt-fs.jar vendored Normal file

Binary file not shown.

BIN
vendor/java/lib/jspawnhelper vendored Executable file

Binary file not shown.

2
vendor/java/lib/jvm.cfg vendored Normal file
View file

@ -0,0 +1,2 @@
-server KNOWN
-client IGNORE

BIN
vendor/java/lib/libawt.so vendored Normal file

Binary file not shown.

BIN
vendor/java/lib/libawt_headless.so vendored Normal file

Binary file not shown.

BIN
vendor/java/lib/libawt_xawt.so vendored Normal file

Binary file not shown.

BIN
vendor/java/lib/libfontmanager.so vendored Normal file

Binary file not shown.

BIN
vendor/java/lib/libfreetype.so vendored Normal file

Binary file not shown.

BIN
vendor/java/lib/libjava.so vendored Normal file

Binary file not shown.

BIN
vendor/java/lib/libjavajpeg.so vendored Normal file

Binary file not shown.

BIN
vendor/java/lib/libjawt.so vendored Normal file

Binary file not shown.

BIN
vendor/java/lib/libjimage.so vendored Normal file

Binary file not shown.

BIN
vendor/java/lib/libjli.so vendored Normal file

Binary file not shown.

BIN
vendor/java/lib/libjncrypto.so vendored Normal file

Binary file not shown.

BIN
vendor/java/lib/libjsig.so vendored Normal file

Binary file not shown.

BIN
vendor/java/lib/libjsound.so vendored Normal file

Binary file not shown.

BIN
vendor/java/lib/liblcms.so vendored Normal file

Binary file not shown.

BIN
vendor/java/lib/libmlib_image.so vendored Normal file

Binary file not shown.

BIN
vendor/java/lib/libnet.so vendored Normal file

Binary file not shown.

BIN
vendor/java/lib/libnio.so vendored Normal file

Binary file not shown.

BIN
vendor/java/lib/libprefs.so vendored Normal file

Binary file not shown.

BIN
vendor/java/lib/libsplashscreen.so vendored Normal file

Binary file not shown.

BIN
vendor/java/lib/libsunec.so vendored Normal file

Binary file not shown.

BIN
vendor/java/lib/libverify.so vendored Normal file

Binary file not shown.

BIN
vendor/java/lib/libzip.so vendored Normal file

Binary file not shown.

BIN
vendor/java/lib/modules vendored Normal file

Binary file not shown.

1
vendor/java/lib/options.default vendored Normal file
View file

@ -0,0 +1 @@
"-Xlockword:mode=default,noLockword=java/lang/String,noLockword=java/util/MapEntry,noLockword=java/util/HashMap$Entry,noLockword=org/apache/harmony/luni/util/ModifiedMap$Entry,noLockword=java/util/Hashtable$Entry,noLockword=java/lang/invoke/MethodType,noLockword=java/lang/invoke/MethodHandle,noLockword=java/lang/invoke/CollectHandle,noLockword=java/lang/invoke/ConstructorHandle,noLockword=java/lang/invoke/ConvertHandle,noLockword=java/lang/invoke/ArgumentConversionHandle,noLockword=java/lang/invoke/AsTypeHandle,noLockword=java/lang/invoke/ExplicitCastHandle,noLockword=java/lang/invoke/FilterReturnHandle,noLockword=java/lang/invoke/DirectHandle,noLockword=java/lang/invoke/ReceiverBoundHandle,noLockword=java/lang/invoke/DynamicInvokerHandle,noLockword=java/lang/invoke/FieldHandle,noLockword=java/lang/invoke/FieldGetterHandle,noLockword=java/lang/invoke/FieldSetterHandle,noLockword=java/lang/invoke/StaticFieldGetterHandle,noLockword=java/lang/invoke/StaticFieldSetterHandle,noLockword=java/lang/invoke/IndirectHandle,noLockword=java/lang/invoke/InterfaceHandle,noLockword=java/lang/invoke/VirtualHandle,noLockword=java/lang/invoke/PrimitiveHandle,noLockword=java/lang/invoke/InvokeExactHandle,noLockword=java/lang/invoke/InvokeGenericHandle,noLockword=java/lang/invoke/VarargsCollectorHandle,noLockword=java/lang/invoke/ThunkTuple"

119
vendor/java/lib/psfont.properties.ja vendored Normal file
View file

@ -0,0 +1,119 @@
#
#
# Copyright (c) 1996, 2000, Oracle and/or its affiliates. All rights reserved.
# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
#
# This code is free software; you can redistribute it and/or modify it
# under the terms of the GNU General Public License version 2 only, as
# published by the Free Software Foundation. Oracle designates this
# particular file as subject to the "Classpath" exception as provided
# by Oracle in the LICENSE file that accompanied this code.
#
# This code is distributed in the hope that it will be useful, but WITHOUT
# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
# FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
# version 2 for more details (a copy is included in the LICENSE file that
# accompanied this code).
#
# You should have received a copy of the GNU General Public License version
# 2 along with this work; if not, write to the Free Software Foundation,
# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
#
# Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
# or visit www.oracle.com if you need additional information or have any
# questions.
#
#
# Japanese PostScript printer property file
#
font.num=16
#
serif=serif
timesroman=serif
sansserif=sansserif
helvetica=sansserif
monospaced=monospaced
courier=monospaced
dialog=sansserif
dialoginput=monospaced
#
serif.latin1.plain=Times-Roman
serif.latin1.italic=Times-Italic
serif.latin1.bolditalic=Times-BoldItalic
serif.latin1.bold=Times-Bold
#
sansserif.latin1.plain=Helvetica
sansserif.latin1.italic=Helvetica-Oblique
sansserif.latin1.bolditalic=Helvetica-BoldOblique
sansserif.latin1.bold=Helvetica-Bold
#
monospaced.latin1.plain=Courier
monospaced.latin1.italic=Courier-Oblique
monospaced.latin1.bolditalic=Courier-BoldOblique
monospaced.latin1.bold=Courier-Bold
#
serif.x11jis0208.plain=Ryumin-Light-H
serif.x11jis0208.italic=Ryumin-Light-H
serif.x11jis0208.bolditalic=Ryumin-Light-H
serif.x11jis0208.bold=Ryumin-Light-H
#
sansserif.x11jis0208.plain=GothicBBB-Medium-H
sansserif.x11jis0208.italic=GothicBBB-Medium-H
sansserif.x11jis0208.bolditalic=GothicBBB-Medium-H
sansserif.x11jis0208.bold=GothicBBB-Medium-H
#
monospaced.x11jis0208.plain=GothicBBB-Medium-H
monospaced.x11jis0208.italic=GothicBBB-Medium-H
monospaced.x11jis0208.bolditalic=GothicBBB-Medium-H
monospaced.x11jis0208.bold=GothicBBB-Medium-H
#
serif.x11jis0201.plain=Ryumin-Light.Hankaku
serif.x11jis0201.italic=Ryumin-Light.Hankaku
serif.x11jis0201.bolditalic=Ryumin-Light.Hankaku
serif.x11jis0201.bold=Ryumin-Light.Hankaku
#
sansserif.x11jis0201.plain=GothicBBB-Medium.Hankaku
sansserif.x11jis0201.italic=GothicBBB-Medium.Hankaku
sansserif.x11jis0201.bolditalic=GothicBBB-Medium.Hankaku
sansserif.x11jis0201.bold=GothicBBB-Medium.Hankaku
#
monospaced.x11jis0201.plain=GothicBBB-Medium.Hankaku
monospaced.x11jis0201.italic=GothicBBB-Medium.Hankaku
monospaced.x11jis0201.bolditalic=GothicBBB-Medium.Hankaku
monospaced.x11jis0201.bold=GothicBBB-Medium.Hankaku
#
Helvetica=0
Helvetica-Bold=1
Helvetica-Oblique=2
Helvetica-BoldOblique=3
Times-Roman=4
Times-Bold=5
Times-Italic=6
Times-BoldItalic=7
Courier=8
Courier-Bold=9
Courier-Oblique=10
Courier-BoldOblique=11
GothicBBB-Medium-H=12
Ryumin-Light-H=13
GothicBBB-Medium.Hankaku=14
Ryumin-Light.Hankaku=15
#
font.0=Helvetica ISOF
font.1=Helvetica-Bold ISOF
font.2=Helvetica-Oblique ISOF
font.3=Helvetica-BoldOblique ISOF
font.4=Times-Roman ISOF
font.5=Times-Bold ISOF
font.6=Times-Italic ISOF
font.7=Times-BoldItalic ISOF
font.8=Courier ISOF
font.9=Courier-Bold ISOF
font.10=Courier-Oblique ISOF
font.11=Courier-BoldOblique ISOF
font.12=GothicBBB-Medium-H findfont
font.13=Ryumin-Light-H findfont
font.14=GothicBBB-Medium.Hankaku findfont
font.15=Ryumin-Light.Hankaku findfont
#

323
vendor/java/lib/psfontj2d.properties vendored Normal file
View file

@ -0,0 +1,323 @@
#
#
# Copyright (c) 1999, Oracle and/or its affiliates. All rights reserved.
# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
#
# This code is free software; you can redistribute it and/or modify it
# under the terms of the GNU General Public License version 2 only, as
# published by the Free Software Foundation. Oracle designates this
# particular file as subject to the "Classpath" exception as provided
# by Oracle in the LICENSE file that accompanied this code.
#
# This code is distributed in the hope that it will be useful, but WITHOUT
# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
# FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
# version 2 for more details (a copy is included in the LICENSE file that
# accompanied this code).
#
# You should have received a copy of the GNU General Public License version
# 2 along with this work; if not, write to the Free Software Foundation,
# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
#
# Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
# or visit www.oracle.com if you need additional information or have any
# questions.
#
# PostScript printer property file for Java 2D printing.
#
# WARNING: This is an internal implementation file, not a public file.
# Any customisation or reliance on the existence of this file and its
# contents or syntax is discouraged and unsupported.
# It may be incompatibly changed or removed without any notice.
#
#
font.num=35
#
# Legacy logical font family names and logical font aliases should all
# map to the primary logical font names.
#
serif=serif
times=serif
timesroman=serif
sansserif=sansserif
helvetica=sansserif
dialog=sansserif
dialoginput=monospaced
monospaced=monospaced
courier=monospaced
#
# Next, physical fonts which can be safely mapped to standard postscript fonts
# These keys generally map to a value which is the same as the key, so
# the key/value is just a way to say the font has a mapping.
# Sometimes however we map more than one screen font to the same PS font.
#
avantgarde=avantgarde_book
avantgarde_book=avantgarde_book
avantgarde_demi=avantgarde_demi
avantgarde_book_oblique=avantgarde_book_oblique
avantgarde_demi_oblique=avantgarde_demi_oblique
#
itcavantgarde=avantgarde_book
itcavantgarde=avantgarde_book
itcavantgarde_demi=avantgarde_demi
itcavantgarde_oblique=avantgarde_book_oblique
itcavantgarde_demi_oblique=avantgarde_demi_oblique
#
bookman=bookman_light
bookman_light=bookman_light
bookman_demi=bookman_demi
bookman_light_italic=bookman_light_italic
bookman_demi_italic=bookman_demi_italic
#
# Exclude "helvetica" on its own as that's a legacy name for a logical font
helvetica_bold=helvetica_bold
helvetica_oblique=helvetica_oblique
helvetica_bold_oblique=helvetica_bold_oblique
#
itcbookman_light=bookman_light
itcbookman_demi=bookman_demi
itcbookman_light_italic=bookman_light_italic
itcbookman_demi_italic=bookman_demi_italic
#
# Exclude "courier" on its own as that's a legacy name for a logical font
courier_bold=courier_bold
courier_oblique=courier_oblique
courier_bold_oblique=courier_bold_oblique
#
courier_new=courier
courier_new_bold=courier_bold
#
monotype_century_schoolbook=newcenturyschoolbook
monotype_century_schoolbook_bold=newcenturyschoolbook_bold
monotype_century_schoolbook_italic=newcenturyschoolbook_italic
monotype_century_schoolbook_bold_italic=newcenturyschoolbook_bold_italic
#
newcenturyschoolbook=newcenturyschoolbook
newcenturyschoolbook_bold=newcenturyschoolbook_bold
newcenturyschoolbook_italic=newcenturyschoolbook_italic
newcenturyschoolbook_bold_italic=newcenturyschoolbook_bold_italic
#
palatino=palatino
palatino_bold=palatino_bold
palatino_italic=palatino_italic
palatino_bold_italic=palatino_bold_italic
#
# Exclude "times" on its own as that's a legacy name for a logical font
times_bold=times_roman_bold
times_italic=times_roman_italic
times_bold_italic=times_roman_bold_italic
#
times_roman=times_roman
times_roman_bold=times_roman_bold
times_roman_italic=times_roman_italic
times_roman_bold_italic=times_roman_bold_italic
#
times_new_roman=times_roman
times_new_roman_bold=times_roman_bold
times_new_roman_italic=times_roman_italic
times_new_roman_bold_italic=times_roman_bold_italic
#
zapfchancery_italic=zapfchancery_italic
itczapfchancery_italic=zapfchancery_italic
#
# Next the mapping of the font name + charset + style to Postscript font name
# for the logical fonts.
#
serif.latin1.plain=Times-Roman
serif.latin1.bold=Times-Bold
serif.latin1.italic=Times-Italic
serif.latin1.bolditalic=Times-BoldItalic
serif.symbol.plain=Symbol
serif.dingbats.plain=ZapfDingbats
serif.symbol.bold=Symbol
serif.dingbats.bold=ZapfDingbats
serif.symbol.italic=Symbol
serif.dingbats.italic=ZapfDingbats
serif.symbol.bolditalic=Symbol
serif.dingbats.bolditalic=ZapfDingbats
#
sansserif.latin1.plain=Helvetica
sansserif.latin1.bold=Helvetica-Bold
sansserif.latin1.italic=Helvetica-Oblique
sansserif.latin1.bolditalic=Helvetica-BoldOblique
sansserif.symbol.plain=Symbol
sansserif.dingbats.plain=ZapfDingbats
sansserif.symbol.bold=Symbol
sansserif.dingbats.bold=ZapfDingbats
sansserif.symbol.italic=Symbol
sansserif.dingbats.italic=ZapfDingbats
sansserif.symbol.bolditalic=Symbol
sansserif.dingbats.bolditalic=ZapfDingbats
#
monospaced.latin1.plain=Courier
monospaced.latin1.bold=Courier-Bold
monospaced.latin1.italic=Courier-Oblique
monospaced.latin1.bolditalic=Courier-BoldOblique
monospaced.symbol.plain=Symbol
monospaced.dingbats.plain=ZapfDingbats
monospaced.symbol.bold=Symbol
monospaced.dingbats.bold=ZapfDingbats
monospaced.symbol.italic=Symbol
monospaced.dingbats.italic=ZapfDingbats
monospaced.symbol.bolditalic=Symbol
monospaced.dingbats.bolditalic=ZapfDingbats
#
# Next the mapping of the font name + charset + style to Postscript font name
# for the physical fonts. Since these always report style as plain, the
# style key is always plain. So we map using the face name to the correct
# style for the postscript font. This is possible since the face names can
# be replied upon to be different for each style.
# However an application may try to create a Font applying a style to an
# physical name. We want to map to the correct Postscript font there too
# if possible but we do not map cases where the application tries to
# augment a style (eg ask for a bold version of a bold font)
# Defer to the 2D package to attempt create an artificially styled version
#
avantgarde_book.latin1.plain=AvantGarde-Book
avantgarde_demi.latin1.plain=AvantGarde-Demi
avantgarde_book_oblique.latin1.plain=AvantGarde-BookOblique
avantgarde_demi_oblique.latin1.plain=AvantGarde-DemiOblique
#
avantgarde_book.latin1.bold=AvantGarde-Demi
avantgarde_book.latin1.italic=AvantGarde-BookOblique
avantgarde_book.latin1.bolditalic=AvantGarde-DemiOblique
avantgarde_demi.latin1.italic=AvantGarde-DemiOblique
avantgarde_book_oblique.latin1.bold=AvantGarde-DemiOblique
#
bookman_light.latin1.plain=Bookman-Light
bookman_demi.latin1.plain=Bookman-Demi
bookman_light_italic.latin1.plain=Bookman-LightItalic
bookman_demi_italic.latin1.plain=Bookman-DemiItalic
#
bookman_light.latin1.bold=Bookman-Demi
bookman_light.latin1.italic=Bookman-LightItalic
bookman_light.latin1.bolditalic=Bookman-DemiItalic
bookman_light_bold.latin1.italic=Bookman-DemiItalic
bookman_light_italic.latin1.bold=Bookman-DemiItalic
#
courier.latin1.plain=Courier
courier_bold.latin1.plain=Courier-Bold
courier_oblique.latin1.plain=Courier-Oblique
courier_bold_oblique.latin1.plain=Courier-BoldOblique
courier.latin1.bold=Courier-Bold
courier.latin1.italic=Courier-Oblique
courier.latin1.bolditalic=Courier-BoldOblique
courier_bold.latin1.italic=Courier-BoldOblique
courier_italic.latin1.bold=Courier-BoldOblique
#
helvetica_bold.latin1.plain=Helvetica-Bold
helvetica_oblique.latin1.plain=Helvetica-Oblique
helvetica_bold_oblique.latin1.plain=Helvetica-BoldOblique
helvetica.latin1.bold=Helvetica-Bold
helvetica.latin1.italic=Helvetica-Oblique
helvetica.latin1.bolditalic=Helvetica-BoldOblique
helvetica_bold.latin1.italic=Helvetica-BoldOblique
helvetica_italic.latin1.bold=Helvetica-BoldOblique
#
newcenturyschoolbook.latin1.plain=NewCenturySchlbk-Roman
newcenturyschoolbook_bold.latin1.plain=NewCenturySchlbk-Bold
newcenturyschoolbook_italic.latin1.plain=NewCenturySchlbk-Italic
newcenturyschoolbook_bold_italic.latin1.plain=NewCenturySchlbk-BoldItalic
newcenturyschoolbook.latin1.bold=NewCenturySchlbk-Bold
newcenturyschoolbook.latin1.italic=NewCenturySchlbk-Italic
newcenturyschoolbook.latin1.bolditalic=NewCenturySchlbk-BoldItalic
newcenturyschoolbook_bold.latin1.italic=NewCenturySchlbk-BoldItalic
newcenturyschoolbook_italic.latin1.bold=NewCenturySchlbk-BoldItalic
#
palatino.latin1.plain=Palatino-Roman
palatino_bold.latin1.plain=Palatino-Bold
palatino_italic.latin1.plain=Palatino-Italic
palatino_bold_italic.latin1.plain=Palatino-BoldItalic
palatino.latin1.bold=Palatino-Bold
palatino.latin1.italic=Palatino-Italic
palatino.latin1.bolditalic=Palatino-BoldItalic
palatino_bold.latin1.italic=Palatino-BoldItalic
palatino_italic.latin1.bold=Palatino-BoldItalic
#
times_roman.latin1.plain=Times-Roman
times_roman_bold.latin1.plain=Times-Bold
times_roman_italic.latin1.plain=Times-Italic
times_roman_bold_italic.latin1.plain=Times-BoldItalic
times_roman.latin1.bold=Times-Bold
times_roman.latin1.italic=Times-Italic
times_roman.latin1.bolditalic=Times-BoldItalic
times_roman_bold.latin1.italic=Times-BoldItalic
times_roman_italic.latin1.bold=Times-BoldItalic
#
zapfchancery_italic.latin1.plain=ZapfChancery-MediumItalic
#
# Finally the mappings of PS font names to indexes.
#
AvantGarde-Book=0
AvantGarde-BookOblique=1
AvantGarde-Demi=2
AvantGarde-DemiOblique=3
Bookman-Demi=4
Bookman-DemiItalic=5
Bookman-Light=6
Bookman-LightItalic=7
Courier=8
Courier-Bold=9
Courier-BoldOblique=10
Courier-Oblique=11
Helvetica=12
Helvetica-Bold=13
Helvetica-BoldOblique=14
Helvetica-Narrow=15
Helvetica-Narrow-Bold=16
Helvetica-Narrow-BoldOblique=17
Helvetica-Narrow-Oblique=18
Helvetica-Oblique=19
NewCenturySchlbk-Bold=20
NewCenturySchlbk-BoldItalic=21
NewCenturySchlbk-Italic=22
NewCenturySchlbk-Roman=23
Palatino-Bold=24
Palatino-BoldItalic=25
Palatino-Italic=26
Palatino-Roman=27
Symbol=28
Times-Bold=29
Times-BoldItalic=30
Times-Italic=31
Times-Roman=32
ZapfDingbats=33
ZapfChancery-MediumItalic=34
#
font.0=AvantGarde-Book ISOF
font.1=AvantGarde-BookOblique ISOF
font.2=AvantGarde-Demi ISOF
font.3=AvantGarde-DemiOblique ISOF
font.4=Bookman-Demi ISOF
font.5=Bookman-DemiItalic ISOF
font.6=Bookman-Light ISOF
font.7=Bookman-LightItalic ISOF
font.8=Courier ISOF
font.9=Courier-Bold ISOF
font.10=Courier-BoldOblique ISOF
font.11=Courier-Oblique ISOF
font.12=Helvetica ISOF
font.13=Helvetica-Bold ISOF
font.14=Helvetica-BoldOblique ISOF
font.15=Helvetica-Narrow ISOF
font.16=Helvetica-Narrow-Bold ISOF
font.17=Helvetica-Narrow-BoldOblique ISOF
font.18=Helvetica-Narrow-Oblique ISOF
font.19=Helvetica-Oblique ISOF
font.20=NewCenturySchlbk-Bold ISOF
font.21=NewCenturySchlbk-BoldItalic ISOF
font.22=NewCenturySchlbk-Italic ISOF
font.23=NewCenturySchlbk-Roman ISOF
font.24=Palatino-Bold ISOF
font.25=Palatino-BoldItalic ISOF
font.26=Palatino-Italic ISOF
font.27=Palatino-Roman ISOF
font.28=Symbol findfont
font.29=Times-Bold ISOF
font.30=Times-BoldItalic ISOF
font.31=Times-Italic ISOF
font.32=Times-Roman ISOF
font.33=ZapfDingbats findfont
font.34=ZapfChancery-MediumItalic ISOF
#

View file

@ -0,0 +1,20 @@
Algorithm=SHA-256
14E6D2764A4B06701C6CBC376A253775F79C782FBCB6C0EE6F99DE4BA1024ADD
31C8FD37DB9B56E708B03D1F01848B068C6DA66F36FB5D82C008C6040FA3E133
3946901F46B0071E90D78279E82FABABCA177231A704BE72C5B0E8918566EA66
450F1B421BB05C8609854884559C323319619E8B06B001EA2DCBB74A23AA3BE2
4CBBF8256BC9888A8007B2F386940A2E394378B0D903CBB3863C5A6394B889CE
4FEE0163686ECBD65DB968E7494F55D84B25486D438E9DE558D629D28CD4D176
5E83124D68D24E8E177E306DF643D5EA99C5A94D6FC34B072F7544A1CABB7C7B
76A45A496031E4DD2D7ED23E8F6FF97DBDEA980BAAC8B0BA94D7EDB551348645
8A1BD21661C60015065212CC98B1ABB50DFD14C872A208E66BAE890F25C448AF
9ED8F9B0E8E42A1656B8E1DD18F42BA42DC06FE52686173BA2FC70E756F207DC
A686FEE577C88AB664D0787ECDFFF035F4806F3DE418DC9E4D516324FFF02083
B8686723E415534BC0DBD16326F9486F85B0B0799BF6639334E61DAAE67F36CD
D24566BF315F4E597D6E381C87119FB4198F5E9E2607F5F4AB362EF7E2E7672F
D3A936E1A7775A45217C8296A1F22AC5631DCDEC45594099E78EEEBBEDCBA967
DF21016B00FC54F9FE3BC8B039911BB216E9162FAD2FD14D990AB96E951B49BE
EC30C9C3065A06BB07DC5B1C6B497F370C1CA65C0F30C08E042BA6BCECC78F2C
F5B6F88F75D391A4B1EB336F9E201239FB6B1377DB8CFA7B84736216E5AFFFD7
FC02FD48DB92D4DCE6F11679D38354CF750CFC7F584A520EB90BDE80E241F2BD
FDEDB5BDFCB67411513A61AEE5CB5B5D7C52AF06028EFC996CC1B05B1D6CEA2B

BIN
vendor/java/lib/security/cacerts vendored Normal file

Binary file not shown.

242
vendor/java/lib/security/default.policy vendored Normal file
View file

@ -0,0 +1,242 @@
//
// Permissions required by modules stored in a run-time image and loaded
// by the platform class loader.
//
// NOTE that this file is not intended to be modified. If additional
// permissions need to be granted to the modules in this file, it is
// recommended that they be configured in a separate policy file or
// ${java.home}/conf/security/java.policy.
//
grant codeBase "jrt:/java.compiler" {
permission java.security.AllPermission;
};
grant codeBase "jrt:/java.net.http" {
permission java.lang.RuntimePermission "accessClassInPackage.sun.net";
permission java.lang.RuntimePermission "accessClassInPackage.sun.net.util";
permission java.lang.RuntimePermission "accessClassInPackage.sun.net.www";
permission java.lang.RuntimePermission "accessClassInPackage.jdk.internal.misc";
permission java.net.SocketPermission "*","connect,resolve";
permission java.net.URLPermission "http:*","*:*";
permission java.net.URLPermission "https:*","*:*";
permission java.net.URLPermission "ws:*","*:*";
permission java.net.URLPermission "wss:*","*:*";
permission java.net.URLPermission "socket:*","CONNECT"; // proxy
// For request/response body processors, fromFile, asFile
permission java.io.FilePermission "<<ALL FILES>>","read,write,delete";
permission java.util.PropertyPermission "*","read";
permission java.net.NetPermission "getProxySelector";
};
grant codeBase "jrt:/java.scripting" {
permission java.security.AllPermission;
};
grant codeBase "jrt:/java.security.jgss" {
permission java.security.AllPermission;
};
grant codeBase "jrt:/java.smartcardio" {
permission javax.smartcardio.CardPermission "*", "*";
permission java.lang.RuntimePermission "loadLibrary.j2pcsc";
permission java.lang.RuntimePermission
"accessClassInPackage.sun.security.jca";
permission java.lang.RuntimePermission
"accessClassInPackage.sun.security.util";
permission java.util.PropertyPermission
"javax.smartcardio.TerminalFactory.DefaultType", "read";
permission java.util.PropertyPermission "os.name", "read";
permission java.util.PropertyPermission "os.arch", "read";
permission java.util.PropertyPermission "sun.arch.data.model", "read";
permission java.util.PropertyPermission
"sun.security.smartcardio.library", "read";
permission java.util.PropertyPermission
"sun.security.smartcardio.t0GetResponse", "read";
permission java.util.PropertyPermission
"sun.security.smartcardio.t1GetResponse", "read";
permission java.util.PropertyPermission
"sun.security.smartcardio.t1StripLe", "read";
// needed for looking up native PC/SC library
permission java.io.FilePermission "<<ALL FILES>>","read";
permission java.security.SecurityPermission "putProviderProperty.SunPCSC";
permission java.security.SecurityPermission
"clearProviderProperties.SunPCSC";
permission java.security.SecurityPermission
"removeProviderProperty.SunPCSC";
};
grant codeBase "jrt:/java.sql" {
permission java.security.AllPermission;
};
grant codeBase "jrt:/java.sql.rowset" {
permission java.security.AllPermission;
};
grant codeBase "jrt:/java.xml.crypto" {
permission java.lang.RuntimePermission
"accessClassInPackage.sun.security.util";
permission java.util.PropertyPermission "*", "read";
permission java.security.SecurityPermission "putProviderProperty.XMLDSig";
permission java.security.SecurityPermission
"clearProviderProperties.XMLDSig";
permission java.security.SecurityPermission
"removeProviderProperty.XMLDSig";
permission java.security.SecurityPermission
"com.sun.org.apache.xml.internal.security.register";
permission java.security.SecurityPermission
"getProperty.jdk.xml.dsig.secureValidationPolicy";
permission java.lang.RuntimePermission
"accessClassInPackage.com.sun.org.apache.xml.internal.*";
permission java.lang.RuntimePermission
"accessClassInPackage.com.sun.org.apache.xpath.internal";
permission java.lang.RuntimePermission
"accessClassInPackage.com.sun.org.apache.xpath.internal.*";
};
grant codeBase "jrt:/jdk.accessibility" {
permission java.lang.RuntimePermission "accessClassInPackage.sun.awt";
};
grant codeBase "jrt:/jdk.attach" {
permission java.lang.RuntimePermission "accessClassInPackage.com.ibm.oti.util";
permission java.lang.RuntimePermission "accessClassInPackage.openj9.internal.tools.attach.target";
permission java.lang.RuntimePermission "accessClassInPackage.openj9.internal.tools.attach.diagnostics.base";
permission java.util.PropertyPermission "com.ibm.tools.attach.*", "read";
// required by com.ibm.tools.attach.attacher.OpenJ9AttachProvider.listVirtualMachinesImp():commonDir.exists(),
// openj9.internal.tools.attach.target.Reply.writeReply():new RandomAccessFile(replyFile, "rw"),
// and openj9.internal.tools.attach.target.Reply.deleteReply():replyFile.delete()
permission java.io.FilePermission "<<ALL FILES>>", "read,write,delete";
// required by com.ibm.tools.attach.attacher.OpenJ9VirtualMachine.tryAttachTarget():targetServer.accept()
permission java.net.SocketPermission "localhost:1024-", "accept,resolve";
};
grant codeBase "jrt:/jdk.charsets" {
permission java.util.PropertyPermission "os.name", "read";
permission java.lang.RuntimePermission "charsetProvider";
permission java.lang.RuntimePermission
"accessClassInPackage.jdk.internal.misc";
permission java.lang.RuntimePermission "accessClassInPackage.sun.nio.cs";
};
grant codeBase "jrt:/jdk.crypto.ec" {
permission java.lang.RuntimePermission
"accessClassInPackage.sun.security.*";
permission java.lang.RuntimePermission "loadLibrary.sunec";
permission java.security.SecurityPermission "putProviderProperty.SunEC";
permission java.security.SecurityPermission "clearProviderProperties.SunEC";
permission java.security.SecurityPermission "removeProviderProperty.SunEC";
};
grant codeBase "jrt:/jdk.crypto.cryptoki" {
permission java.lang.RuntimePermission
"accessClassInPackage.sun.security.*";
permission java.lang.RuntimePermission "accessClassInPackage.sun.nio.ch";
permission java.lang.RuntimePermission "loadLibrary.j2pkcs11";
permission java.util.PropertyPermission "sun.security.pkcs11.allowSingleThreadedModules", "read";
permission java.util.PropertyPermission "sun.security.pkcs11.disableKeyExtraction", "read";
permission java.util.PropertyPermission "os.name", "read";
permission java.util.PropertyPermission "os.arch", "read";
permission java.util.PropertyPermission "jdk.crypto.KeyAgreement.legacyKDF", "read";
permission java.security.SecurityPermission "putProviderProperty.*";
permission java.security.SecurityPermission "clearProviderProperties.*";
permission java.security.SecurityPermission "removeProviderProperty.*";
permission java.security.SecurityPermission
"getProperty.auth.login.defaultCallbackHandler";
permission java.security.SecurityPermission "authProvider.*";
// Needed for reading PKCS11 config file and NSS library check
permission java.io.FilePermission "<<ALL FILES>>", "read";
};
grant codeBase "jrt:/jdk.dynalink" {
permission java.security.AllPermission;
};
grant codeBase "jrt:/jdk.httpserver" {
permission java.security.AllPermission;
};
grant codeBase "jrt:/jdk.internal.le" {
permission java.security.AllPermission;
};
grant codeBase "jrt:/jdk.internal.vm.compiler" {
permission java.security.AllPermission;
};
grant codeBase "jrt:/jdk.internal.vm.compiler.management" {
permission java.lang.RuntimePermission "accessClassInPackage.jdk.internal.vm.compiler.collections";
permission java.lang.RuntimePermission "accessClassInPackage.jdk.vm.ci.runtime";
permission java.lang.RuntimePermission "accessClassInPackage.jdk.vm.ci.services";
permission java.lang.RuntimePermission "accessClassInPackage.org.graalvm.compiler.core.common";
permission java.lang.RuntimePermission "accessClassInPackage.org.graalvm.compiler.debug";
permission java.lang.RuntimePermission "accessClassInPackage.org.graalvm.compiler.hotspot";
permission java.lang.RuntimePermission "accessClassInPackage.org.graalvm.compiler.options";
permission java.lang.RuntimePermission "accessClassInPackage.org.graalvm.compiler.phases.common.jmx";
permission java.lang.RuntimePermission "accessClassInPackage.org.graalvm.compiler.serviceprovider";
};
grant codeBase "jrt:/jdk.jsobject" {
permission java.security.AllPermission;
};
grant codeBase "jrt:/jdk.localedata" {
permission java.lang.RuntimePermission "accessClassInPackage.sun.text.*";
permission java.lang.RuntimePermission "accessClassInPackage.sun.util.*";
};
grant codeBase "jrt:/jdk.naming.dns" {
permission java.security.AllPermission;
};
grant codeBase "jrt:/jdk.scripting.nashorn" {
permission java.security.AllPermission;
};
grant codeBase "jrt:/jdk.scripting.nashorn.shell" {
permission java.security.AllPermission;
};
grant codeBase "jrt:/jdk.security.auth" {
permission java.security.AllPermission;
};
grant codeBase "jrt:/jdk.security.jgss" {
permission java.security.AllPermission;
};
grant codeBase "jrt:/jdk.zipfs" {
permission java.io.FilePermission "<<ALL FILES>>", "read,write,delete";
permission java.lang.RuntimePermission "fileSystemProvider";
permission java.lang.RuntimePermission "accessUserInformation";
permission java.util.PropertyPermission "os.name", "read";
permission java.util.PropertyPermission "user.dir", "read";
permission java.util.PropertyPermission "user.name", "read";
};
grant codeBase "jrt:/openj9.cuda" {
permission java.util.PropertyPermission "com.ibm.oti.vm.library.version", "read";
permission java.lang.RuntimePermission "loadLibrary.cuda4j29";
};
grant codeBase "jrt:/openj9.gpu" {
permission java.lang.RuntimePermission "accessClassInPackage.com.ibm.gpu.spi";
permission com.ibm.gpu.GPUPermission "access";
permission java.util.PropertyPermission "com.ibm.gpu.verbose", "read";
permission java.util.PropertyPermission "com.ibm.gpu.enforce", "read";
permission java.util.PropertyPermission "com.ibm.gpu.enable", "read";
permission java.util.PropertyPermission "com.ibm.gpu.disable", "read";
};
// permissions needed by applications using java.desktop module
grant {
permission java.lang.RuntimePermission "accessClassInPackage.com.sun.beans";
permission java.lang.RuntimePermission "accessClassInPackage.com.sun.beans.*";
permission java.lang.RuntimePermission "accessClassInPackage.com.sun.java.swing.plaf.*";
permission java.lang.RuntimePermission "accessClassInPackage.com.apple.*";
};

Binary file not shown.

BIN
vendor/java/lib/server/libjsig.so vendored Normal file

Binary file not shown.

BIN
vendor/java/lib/server/libjvm.so vendored Normal file

Binary file not shown.

BIN
vendor/java/lib/tzdb.dat vendored Normal file

Binary file not shown.

2
vendor/java/release vendored Normal file
View file

@ -0,0 +1,2 @@
JAVA_VERSION="14"
MODULES="java.base java.datatransfer java.xml java.prefs java.desktop java.logging java.management java.security.sasl java.naming java.net.http java.scripting java.transaction.xa java.sql jdk.crypto.ec jdk.unsupported jdk.zipfs openj9.sharedclasses"