nixpkgs/pkgs/development/compilers/openjdk/read-truststore-from-env-jdk10.patch
Philip Lewis 129ea5ed81 openjdk: fix truststore-from-env patch for jdk10
storePropName will be jsseDefaultStore if the property isn't present, and
jsseDefaultStore is never null, so the branch to use the environment variable
would never be taken.

The env var is supposed to be preferred to jssecacerts, so we can use it as
the default in the call to System.getProperty, and use the null check to fall
back on jsseDefaultStore instead.
2018-06-09 20:20:47 -04:00

30 lines
1.5 KiB
Diff

--- a/src/java.base/share/classes/sun/security/ssl/TrustStoreManager.java 2017-06-26 21:48:25.000000000 -0400
+++ b/src/java.base/share/classes/sun/security/ssl/TrustStoreManager.java 2017-07-05 20:45:57.491295030 -0400
@@ -71,6 +71,7 @@
*
* The preference of the default trusted KeyStore is:
* javax.net.ssl.trustStore
+ * system environment variable JAVAX_NET_SSL_TRUSTSTORE
* jssecacerts
* cacerts
*/
@@ -132,7 +133,8 @@
public TrustStoreDescriptor run() {
// Get the system properties for trust store.
String storePropName = System.getProperty(
- "javax.net.ssl.trustStore", jsseDefaultStore);
+ "javax.net.ssl.trustStore",
+ System.getenv("JAVAX_NET_SSL_TRUSTSTORE"));
String storePropType = System.getProperty(
"javax.net.ssl.trustStoreType",
KeyStore.getDefaultType());
@@ -144,6 +146,9 @@
String temporaryName = "";
File temporaryFile = null;
long temporaryTime = 0L;
+ if (storePropName == null) {
+ storePropName = jsseDefaultStore;
+ }
if (!"NONE".equals(storePropName)) {
String[] fileNames =
new String[] {storePropName, defaultStore};