Bug 713200

Summary: unlimited cryptography JCE alternatives
Product: Red Hat Enterprise Linux 5 Reporter: Jason Corley <jason.corley>
Component: java-1.6.0-sunAssignee: jiri vanek <jvanek>
Status: CLOSED WONTFIX QA Contact: BaseOS QE - Apps <qe-baseos-apps>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 5.6CC: dbhole, dgregor, gbonocor, jason.corley
Target Milestone: rc   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2014-06-02 13:18:02 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Attachments:
Description Flags
patch to fix java-1.6.0-sun-jce-policyl.spec file none

Description Jason Corley 2011-06-14 16:11:04 UTC
The JDK rpms changed the JCE alternatives from the jpackage version to have arch specific bits (jce_1.6.0_sun_local_policy.x86_64 instead of jce_1.6.0_sun_local_policy) which would generally be fine, except there's no unlimited JCE package provided by Red Hat (http://mirrors.dotsrc.org/jpackage/1.7/generic/SRPMS.non-free/java-1.6.0-sun-jce-policy-1.6.0-1jpp.nosrc.rpm in JPackage).

$ ls -l /etc/alternatives/jce*
lrwxrwxrwx 1 root root 66 Jun  1 21:38 /etc/alternatives/jce_1.6.0_sun_local_policy -> /usr/lib/jvm-private/java-1.6.0-sun/jce/unlimited/local_policy.jar
lrwxrwxrwx 1 root root 71 Jun 14 15:52 /etc/alternatives/jce_1.6.0_sun_local_policy.x86_64 -> /usr/lib/jvm-private/java-1.6.0-sun.x86_64/jce/vanilla/local_policy.jar
lrwxrwxrwx 1 root root 70 Jun  1 21:38 /etc/alternatives/jce_1.6.0_sun_us_export_policy -> /usr/lib/jvm-private/java-1.6.0-sun/jce/unlimited/US_export_policy.jar
lrwxrwxrwx 1 root root 75 Jun 14 15:52 /etc/alternatives/jce_1.6.0_sun_us_export_policy.x86_64 -> /usr/lib/jvm-private/java-1.6.0-sun.x86_64/jce/vanilla/US_export_policy.jar

I think the best solution is for Red Hat to add a java-1.6.0-sun-jce-policy RPM (with no corresponding SRPM like what is done for the JDKs) to the supplemental channel.

Comment 1 jiri vanek 2011-06-15 10:53:34 UTC
Sorry, but what exactly are you missing or is not working? Alternatives are correct and jars present. Do you have installed complete jdk or just jre?

Comment 2 Jason Corley 2011-06-15 14:27:23 UTC
Go to the official Sun (now Oracle) JDK 6 download page:
http://www.oracle.com/technetwork/java/javase/downloads/index-jsp-138363.html

Scroll to the bottom and download the files named "Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files 6".

These files are not provided by the Red Hat Sun JDK RPMs as best as I can tell, so what is the official Red Hat way to get them installed?

I linked to the JPackage official way, so my question is what is the Red Hat equivalent? My suggestion was that Red Hat provide the same java-1.6.0-sun-jce-policy package, but modified to use the Red Hat alternatives. The JPackage java-1.6.0-sun-jce-policy package won't work with the Red Hat java-1.6.0-sun and java-1.6.0-sun-devel packages because the alternatives are different (%_arch appended in Red Hat's JDK RPMs, no %_arch in JPackage's RPMs).

Is that any clearer?

Comment 3 jiri vanek 2011-06-15 14:44:03 UTC
yap. Much more thanx.

Comment 9 jiri vanek 2011-07-18 14:30:09 UTC
Created attachment 513624 [details]
patch to fix java-1.6.0-sun-jce-policyl.spec file

This patch should be enough to follow correct paths.

Comment 10 RHEL Program Management 2014-03-07 13:43:40 UTC
This bug/component is not included in scope for RHEL-5.11.0 which is the last RHEL5 minor release. This Bugzilla will soon be CLOSED as WONTFIX (at the end of RHEL5.11 development phase (Apr 22, 2014)). Please contact your account manager or support representative in case you need to escalate this bug.

Comment 11 RHEL Program Management 2014-06-02 13:18:02 UTC
Thank you for submitting this request for inclusion in Red Hat Enterprise Linux 5. We've carefully evaluated the request, but are unable to include it in RHEL5 stream. If the issue is critical for your business, please provide additional business justification through the appropriate support channels (https://access.redhat.com/site/support).

Comment 12 Deepak Bhole 2015-08-05 22:01:08 UTC
*** Bug 1249599 has been marked as a duplicate of this bug. ***

Comment 13 Jason Corley 2018-02-05 14:29:55 UTC
close