Imported GNU Classpath 0.92

2006-08-14  Mark Wielaard  <mark@klomp.org>

       Imported GNU Classpath 0.92
       * HACKING: Add more importing hints. Update automake version
       requirement.

       * configure.ac (gconf-peer): New enable AC argument.
       Add --disable-gconf-peer and --enable-default-preferences-peer
       to classpath configure when gconf is disabled.
       * scripts/makemake.tcl: Set gnu/java/util/prefs/gconf and
       gnu/java/awt/dnd/peer/gtk to bc. Classify
       gnu/java/security/Configuration.java as generated source file.

       * gnu/java/lang/management/VMGarbageCollectorMXBeanImpl.java,
       gnu/java/lang/management/VMMemoryPoolMXBeanImpl.java,
       gnu/java/lang/management/VMClassLoadingMXBeanImpl.java,
       gnu/java/lang/management/VMRuntimeMXBeanImpl.java,
       gnu/java/lang/management/VMMemoryManagerMXBeanImpl.java,
       gnu/java/lang/management/VMThreadMXBeanImpl.java,
       gnu/java/lang/management/VMMemoryMXBeanImpl.java,
       gnu/java/lang/management/VMCompilationMXBeanImpl.java: New VM stub
       classes.
       * java/lang/management/VMManagementFactory.java: Likewise.
       * java/net/VMURLConnection.java: Likewise.
       * gnu/java/nio/VMChannel.java: Likewise.

       * java/lang/Thread.java (getState): Add stub implementation.
       * java/lang/Class.java (isEnum): Likewise.
       * java/lang/Class.h (isEnum): Likewise.

       * gnu/awt/xlib/XToolkit.java (getClasspathTextLayoutPeer): Removed.

       * javax/naming/spi/NamingManager.java: New override for StackWalker
       functionality.

       * configure, sources.am, Makefile.in, gcj/Makefile.in,
       include/Makefile.in, testsuite/Makefile.in: Regenerated.

From-SVN: r116139
This commit is contained in:
Mark Wielaard
2006-08-14 23:12:35 +00:00
parent abab460491
commit ac1ed908de
1294 changed files with 99479 additions and 35933 deletions
+10
View File
@@ -93,6 +93,8 @@ CREATE_CORE_JNI_LIBRARIES_FALSE = @CREATE_CORE_JNI_LIBRARIES_FALSE@
CREATE_CORE_JNI_LIBRARIES_TRUE = @CREATE_CORE_JNI_LIBRARIES_TRUE@
CREATE_DSSI_LIBRARIES_FALSE = @CREATE_DSSI_LIBRARIES_FALSE@
CREATE_DSSI_LIBRARIES_TRUE = @CREATE_DSSI_LIBRARIES_TRUE@
CREATE_GCONF_PEER_LIBRARIES_FALSE = @CREATE_GCONF_PEER_LIBRARIES_FALSE@
CREATE_GCONF_PEER_LIBRARIES_TRUE = @CREATE_GCONF_PEER_LIBRARIES_TRUE@
CREATE_GTK_PEER_LIBRARIES_FALSE = @CREATE_GTK_PEER_LIBRARIES_FALSE@
CREATE_GTK_PEER_LIBRARIES_TRUE = @CREATE_GTK_PEER_LIBRARIES_TRUE@
CREATE_JNI_HEADERS_FALSE = @CREATE_JNI_HEADERS_FALSE@
@@ -113,6 +115,7 @@ CXXDEPMODE = @CXXDEPMODE@
CXXFLAGS = @CXXFLAGS@
CYGPATH_W = @CYGPATH_W@
DATE = @DATE@
DEFAULT_PREFS_PEER = @DEFAULT_PREFS_PEER@
DEFS = @DEFS@
DEPDIR = @DEPDIR@
ECHO_C = @ECHO_C@
@@ -143,6 +146,10 @@ FREETYPE2_CFLAGS = @FREETYPE2_CFLAGS@
FREETYPE2_LIBS = @FREETYPE2_LIBS@
GCJ = @GCJ@
GCJX = @GCJX@
GCONF_CFLAGS = @GCONF_CFLAGS@
GCONF_LIBS = @GCONF_LIBS@
GDK_CFLAGS = @GDK_CFLAGS@
GDK_LIBS = @GDK_LIBS@
GJDOC = @GJDOC@
GLIB_CFLAGS = @GLIB_CFLAGS@
GLIB_LIBS = @GLIB_LIBS@
@@ -193,6 +200,7 @@ PACKAGE_VERSION = @PACKAGE_VERSION@
PANGOFT2_CFLAGS = @PANGOFT2_CFLAGS@
PANGOFT2_LIBS = @PANGOFT2_LIBS@
PATH_SEPARATOR = @PATH_SEPARATOR@
PATH_TO_ESCHER = @PATH_TO_ESCHER@
PATH_TO_GLIBJ_ZIP = @PATH_TO_GLIBJ_ZIP@
PERL = @PERL@
PKG_CONFIG = @PKG_CONFIG@
@@ -213,6 +221,8 @@ USER_SPECIFIED_CLASSLIB_FALSE = @USER_SPECIFIED_CLASSLIB_FALSE@
USER_SPECIFIED_CLASSLIB_TRUE = @USER_SPECIFIED_CLASSLIB_TRUE@
USER_SPECIFIED_JAVAH_FALSE = @USER_SPECIFIED_JAVAH_FALSE@
USER_SPECIFIED_JAVAH_TRUE = @USER_SPECIFIED_JAVAH_TRUE@
USE_ESCHER_FALSE = @USE_ESCHER_FALSE@
USE_ESCHER_TRUE = @USE_ESCHER_TRUE@
USE_PREBUILT_GLIBJ_ZIP_FALSE = @USE_PREBUILT_GLIBJ_ZIP_FALSE@
USE_PREBUILT_GLIBJ_ZIP_TRUE = @USE_PREBUILT_GLIBJ_ZIP_TRUE@
VERSION = @VERSION@
+10
View File
@@ -86,6 +86,8 @@ CREATE_CORE_JNI_LIBRARIES_FALSE = @CREATE_CORE_JNI_LIBRARIES_FALSE@
CREATE_CORE_JNI_LIBRARIES_TRUE = @CREATE_CORE_JNI_LIBRARIES_TRUE@
CREATE_DSSI_LIBRARIES_FALSE = @CREATE_DSSI_LIBRARIES_FALSE@
CREATE_DSSI_LIBRARIES_TRUE = @CREATE_DSSI_LIBRARIES_TRUE@
CREATE_GCONF_PEER_LIBRARIES_FALSE = @CREATE_GCONF_PEER_LIBRARIES_FALSE@
CREATE_GCONF_PEER_LIBRARIES_TRUE = @CREATE_GCONF_PEER_LIBRARIES_TRUE@
CREATE_GTK_PEER_LIBRARIES_FALSE = @CREATE_GTK_PEER_LIBRARIES_FALSE@
CREATE_GTK_PEER_LIBRARIES_TRUE = @CREATE_GTK_PEER_LIBRARIES_TRUE@
CREATE_JNI_HEADERS_FALSE = @CREATE_JNI_HEADERS_FALSE@
@@ -106,6 +108,7 @@ CXXDEPMODE = @CXXDEPMODE@
CXXFLAGS = @CXXFLAGS@
CYGPATH_W = @CYGPATH_W@
DATE = @DATE@
DEFAULT_PREFS_PEER = @DEFAULT_PREFS_PEER@
DEFS = @DEFS@
DEPDIR = @DEPDIR@
ECHO_C = @ECHO_C@
@@ -136,6 +139,10 @@ FREETYPE2_CFLAGS = @FREETYPE2_CFLAGS@
FREETYPE2_LIBS = @FREETYPE2_LIBS@
GCJ = @GCJ@
GCJX = @GCJX@
GCONF_CFLAGS = @GCONF_CFLAGS@
GCONF_LIBS = @GCONF_LIBS@
GDK_CFLAGS = @GDK_CFLAGS@
GDK_LIBS = @GDK_LIBS@
GJDOC = @GJDOC@
GLIB_CFLAGS = @GLIB_CFLAGS@
GLIB_LIBS = @GLIB_LIBS@
@@ -186,6 +193,7 @@ PACKAGE_VERSION = @PACKAGE_VERSION@
PANGOFT2_CFLAGS = @PANGOFT2_CFLAGS@
PANGOFT2_LIBS = @PANGOFT2_LIBS@
PATH_SEPARATOR = @PATH_SEPARATOR@
PATH_TO_ESCHER = @PATH_TO_ESCHER@
PATH_TO_GLIBJ_ZIP = @PATH_TO_GLIBJ_ZIP@
PERL = @PERL@
PKG_CONFIG = @PKG_CONFIG@
@@ -206,6 +214,8 @@ USER_SPECIFIED_CLASSLIB_FALSE = @USER_SPECIFIED_CLASSLIB_FALSE@
USER_SPECIFIED_CLASSLIB_TRUE = @USER_SPECIFIED_CLASSLIB_TRUE@
USER_SPECIFIED_JAVAH_FALSE = @USER_SPECIFIED_JAVAH_FALSE@
USER_SPECIFIED_JAVAH_TRUE = @USER_SPECIFIED_JAVAH_TRUE@
USE_ESCHER_FALSE = @USE_ESCHER_FALSE@
USE_ESCHER_TRUE = @USE_ESCHER_TRUE@
USE_PREBUILT_GLIBJ_ZIP_FALSE = @USE_PREBUILT_GLIBJ_ZIP_FALSE@
USE_PREBUILT_GLIBJ_ZIP_TRUE = @USE_PREBUILT_GLIBJ_ZIP_TRUE@
VERSION = @VERSION@
+523 -98
View File
@@ -5,7 +5,7 @@
@settitle GNU Classpath Tools Guide
@c %**end of header
@setchapternewpage off
@setchapternewpage on
@ifinfo
This file documents the Tools included in a standard distribution of the GNU
@@ -23,7 +23,7 @@ Copyright (C) 2006 Free Software Foundation, Inc.
@titlepage
@title GNU Classpath Tools Guide
@author Raif S. Naffah
@author The GNU Classpath Team
@page
@vskip 0pt plus 1filll
@@ -37,8 +37,10 @@ Permission is granted to copy and distribute translations of this manual into an
@end titlepage
@contents
@ifinfo
@node Top, Security Tools, (dir), (dir)
@node Top, Applet Tools, (dir), (dir)
@top GNU Classpath Tools Guide
This document contains important information you need to know in order to use
@@ -51,17 +53,64 @@ Software Development Kit (SDK).
@end ifinfo
@menu
* Applet Tools:: Work with applets
* Security Tools:: Work securely with Java applications
* I18N Issues:: How to add support for non-English languages
@detailmenu
--- The Detailed Node Listing ---
Applet Tools
* appletviewer Tool:: Load applets
* gcjwebplugin:: Load applets in a web browser
Security Tools
* jarsigner Tool:: Sign and verify .JAR files
* keytool Tool:: Manage private keys and public certificates
jarsigner Tool
* Common jarsigner Options:: Options used when signing or verifying a file
* Signing Options:: Options only used when signing a .JAR file
* Verification Options:: Options only used when verifying a .JAR file
keytool Tool
* Getting Help:: How to get help with keytool commands
* Common keytool Options:: Options used in more than one command
* Distinguished Names:: X.500 Distinguished Names used in certificates
* Add/Update Commands:: Commands for adding data to a Key Store
* Export Commands:: Commands for exporting data from a Key Store
* Display Commands:: Commands for displaying data in a Key Store
* Management Commands:: Commands for managing a Key Store
Add/Update Commands
* Command -genkey:: Generate private key and self-signed certificate
* Command -import:: Import certificates and certificate replies
* Command -selfcert:: Generate self-signed certificate
* Command -cacert:: Import a CA Trusted Certificate
* Command -identitydb:: Import JDK-1 style identities
Export Commands
* Command -certreq:: Generate Certificate Signing Requests (CSR)
* Command -export:: Export a certificate in a Key Store
Display Commands
* Command -list:: Display information about one or all Aliases
* Command -printcert:: Print a certificate or a certificate fingerprint
Management Commands
* Command -keyclone:: Clone a Key Entry in a Key Store
* Command -storepasswd:: Change the password protecting a Key Store
* Command -keypasswd:: Change the password protecting a Key Entry
* Command -delete:: Remove an entry in a Key Store
I18N Issues
* Language Resources:: Where resources are located
@@ -72,11 +121,161 @@ I18N Issues
@comment ----------------------------------------------------------------------
@node Security Tools, I18N Issues, Top, Top
@node Applet Tools, Security Tools, Top, Top
@comment node-name, next, previous, up
@chapter Applet Tools
Two Applet Tools are available with GNU Classpath: @b{appletviewer}
and @b{gcjwebplugin}.
To avoid conflicts with other implementations, the appletviewer
executable is called ``gappletviewer''.
@menu
* appletviewer Tool:: Load applets
* gcjwebplugin:: Load applets in a web browser
@end menu
If while using these tools you think you found a bug, then please report it at @uref{http://www.gnu.org/software/classpath/bugs.html,classpath-bugs}.
@comment ----------------------------------------------------------------------
@node appletviewer Tool, gcjwebplugin, Applet Tools, Applet Tools
@comment node-name, next, previous, up
@section The @code{appletviewer} Tool
@table @b
@item SYNOPSIS
@code{appletviewer [OPTION]... URL...}@*
@code{appletviewer [OPTION]... -code CODE}@*
@code{appletviewer [OPTION]... -plugin INPUT,OUTPUT}
@item DESCRIPTION
The @code{appletviewer} tool loads and runs an applet.
Use the first form to test applets specified by tag. The URL should
resolve to an HTML document from which the @code{appletviewer} will
extract applet tags. The APPLET, EMBED and OBJECT tags are supported.
If a given document contains multiple applet tags, all the applets
will be loaded, with each applet appearing in its own window.
Likewise, when multiple URLs are specified, each applet tag instance
is given its own window. If a given document contains no recognized
tags the @code{appletviewer} does nothing.
@example
@code{appletviewer http://www.gnu.org/software/classpath/}
@end example
Use the second form to test an applet in development. This form
allows applet tag attributes to be supplied on the command line. Only
one applet may be specified using the @code{-code} option. The
@code{-code} option overrides the URL form -- any URLs specified will
be ignored.
@example
@code{appletviewer -code Test.class -param datafile,data.txt}
@end example
@code{gcjwebplugin} uses the third form to communicate with the
@code{appletviewer} through named pipes.
@item URL OPTIONS
@table @b
@item -debug
This option is not yet implemented but is provided for compatibility.
@item -encoding CHARSET
Use this option to specify an alternate character encoding for the
specified HTML page.
@end table
@item APPLET TAG OPTIONS
@table @b
@item -code CODE
Use the @code{-code} option to specify the value of the applet tag
CODE attribute.
@item -codebase CODEBASE
Use the @code{-codebase} option to specify the value of the applet tag
CODEBASE attribute.
@item -archive ARCHIVE
Use the @code{-archive} option to specify the value of the applet tag
ARCHIVE attribute.
@item -width WIDTH
Use the @code{-width} option to specify the value of the applet tag
WIDTH attribute.
@item -height HEIGHT
Use the @code{-height} option to specify the value of the applet tag
HEIGHT attribute.
@item -param NAME,VALUE
Use the @code{-param} option to specify values for the NAME and VALUE
attributes of an applet PARAM tag.
@end table
@item PLUGIN OPTION
@table @b
@item -plugin INPUT,OUTPUT
@code{gcjwebplugin} uses the @code{-plugin} option to specify the
named pipe the @code{appletviewer} should use for receiving commands
(INPUT) and the one it should use for sending commands to
@code{gcjwebplugin} (OUTPUT).
@end table
@item DEBUGGING OPTION
@table @b
@item -verbose
Use the @code{-verbose} option to have the @code{appletviewer} print
debugging messages.
@end table
@item STANDARD OPTIONS
@table @b
@item -help
Use the @code{-help} option to have the @code{appletviewer} print a
usage message, then exit.
@item -version
Use the @code{-version} option to have the @code{appletviewer} print
its version, then exit.
@item -JOPTION
Use the @code{-J} option to pass OPTION to the virtual machine that
will run the @code{appletviewer}. Unlike other options, there must
not be a space between the -J and OPTION.
@end table
@end table
@comment ----------------------------------------------------------------------
@node gcjwebplugin, , appletviewer Tool, Applet Tools
@comment node-name, next, previous, up
@section The @code{gcjwebplugin} Tool
@code{gcjwebplugin} is a plugin that adds applet support to web
browsers. Currently @code{gcjwebplugin} only supports Mozilla-based
browsers (e.g., Firefox, Galeon, Mozilla).
@comment ----------------------------------------------------------------------
@node Security Tools, I18N Issues, Applet Tools, Top
@comment node-name, next, previous, up
@chapter Security Tools
Two Security Tools are available with GNU Classpath: @b{jarsugner} and @b{keytool}.
Two Security Tools are available with GNU Classpath: @b{jarsigner} and @b{keytool}.
To avoid conflicts with other implementations, the jarsigner
executable is called ``gjarsigner'' and the keytool executable is
called ``gkeytool''.
@menu
* jarsigner Tool:: Sign and verify .JAR files
@@ -91,22 +290,59 @@ If while using these tools you think you found a bug, then please report it at @
@comment node-name, next, previous, up
@section The @code{jarsigner} Tool
@table @b
The @b{jarsigner} tool is invoked from the command line, in one of two forms, as follows:
@item SYNOPSIS
@code{jarsigner [OPTION]... FILE ALIAS}@*
@example
@code{jarsigner [OPTION]... FILE ALIAS}
@code{jarsigner -verify [OPTION]... FILE}
@end example
@item DESCRIPTION
When the first form is used, the tool signs the designated JAR file.
The second form, on the other hand, is used to verify a previously signed JAR file.
When the first form is used, the tool signs the designated JAR file. The second form, on the other hand, is used to verify a previously signed JAR file.
@code{FILE} is the .JAR file to process; i.e. to sign if the first syntax form is used, or to verify if the second syntax form is used instead.
@code{ALIAS} must be a known @i{Alias} of a @i{Key Entry} in the designated key store. The private key material associated with this @i{Alias} is then used for signing the designated .JAR file.
@code{ALIAS} must be a known @i{Alias} of a @i{Key Entry} in the designated @i{Key Store}. The private key material associated with this @i{Alias} is then used for signing the designated .JAR file.
@menu
* Common jarsigner Options:: Options used when signing or verifying a file
* Signing Options:: Options only used when signing a .JAR file
* Verification Options:: Options only used when verifying a .JAR file
@end menu
@comment ----------------------------------------------------------------------
@node Common jarsigner Options, Signing Options, jarsigner Tool, jarsigner Tool
@comment node-name, next, previous, up
@subsection Common options
The following options may be used when the tool is used for either signing, or verifying, a .JAR file.
@table @b
@item -verbose
Use this option to force the tool to generate more verbose messages, during its processing.
@item -internalsf
When present, the tool will include --which otherwise it does not-- the @code{.SF} file in the @code{.DSA} generated file.
@item -sectionsonly
When present, the tool will include in the @code{.SF} generated file --which otherwise it does not-- a header containing a hash of the whole manifest file. When that header is included, the tool can quickly check, during verification, if the hash (in the header) matches or not the manifest file.
@item -provider PROVIDER_CLASS_NAME
A fully qualified class name of a @i{Security Provider} to add to the current list of @i{Security Providers} already installed in the JVM in-use. If a provider class is specified with this option, and was successfully added to the runtime --i.e. it was not already installed-- then the tool will attempt to remove this @i{Security Provider} before exiting.
@item -help
Prints a help text similar to this one.
@end table
@comment ----------------------------------------------------------------------
@node Signing Options, Verification Options, Common jarsigner Options, jarsigner Tool
@comment node-name, next, previous, up
@subsection Signing options
The following options may be specified when using the tool for signing purposes.
@item SIGNING OPTIONS
@table @b
@item -keystore URL
Use this option to specify the location of the key store to use. The default value is a file URL referencing the file named @file{.keystore} located in the path returned by the call to @code{java.lang.System#getProperty(String)} using @code{user.home} as argument.
@@ -129,12 +365,19 @@ Use this option to designate a literal that will be used to construct file names
If this option is missing, the first eight characters of the @code{ALIAS} argument will be used. When this is the case, any character in @code{ALIAS} that is outside the permissible range of characters will be replaced by an underscore.
@item -signedjar FILE_NAME
@item -signedjar FILE
Use this option to specify the file name of the signed JAR. If this option is omitted, then the signed JAR will be named the same as @code{FILE}; i.e. the input JAR file will be replaced with the signed copy.
@end table
@item VERIFICATION OPTIONS
@comment ----------------------------------------------------------------------
@node Verification Options, , Signing Options, jarsigner Tool
@comment node-name, next, previous, up
@subsection Verification options
The following options may be specified when using the tool for verification purposes.
@table @b
@item -verify
Use this option to indicate that the tool is to be used for verification purposes.
@@ -144,44 +387,37 @@ This option is used in conjunction with the @code{-verbose} option. When present
@end table
@item COMMON OPTIONS
@table @b
@item -verbose
Use this option to force the tool to generate more verbose messages, during its processing.
@item -internalsf
When present, the tool will include --which otherwise it does not-- the @code{.SF} file in the @code{.DSA} generated file.
@item -sectionsonly
When present, the tool will include in the @code{.SF} generated file --which otherwise it does not-- a header containing a hash of the whole manifest file. When that header is included, the tool can quickly check, during verification, if the hash (in the header) matches or not the manifest file.
@item -provider PROVIDER_CLASS_NAME
A fully qualified class name of a @i{Security Provider} to add to the current list of @i{Security Providers} already installed in the JVM in-use. If a provider class is specified with this option, and was successfully added to the runtime --i.e. it was not already installed-- then the tool will attempt to remove this @i{Security Provider} before exiting.
@item -help
Prints a help text similar to this one.
@end table
@end table
@comment ----------------------------------------------------------------------
@node keytool Tool, , jarsigner Tool, Security Tools
@comment node-name, next, previous, up
@section The @code{keytool} Tool
@table @b
@item SYNOPSIS
Cryptographic credentials, in a Java environment, are usually stored in a @i{Key Store}. The Java SDK specifies a @i{Key Store} as a persistent container of two types of objects: @i{Key Entries} and @i{Trusted Certificates}. The security tool @b{keytool} is a Java-based application for managing those types of objects.
A @i{Key Entry} represents the private key part of a key-pair used in Public-Key Cryptography, and a signed X.509 certificate which authenticates the public key part for a known entity; i.e. the owner of the key-pair. The X.509 certificate itself contains the public key part of the key-pair.
A @i{Trusted Certificate} is a signed X.509 certificate issued by a trusted entity. The @i{Trust} in this context is relative to the User of the @b{keytool}. In other words, the existence of a @i{Trusted Certificate} in the @i{Key Store} processed by a @b{keytool} command implies that the User trusts the @i{Issuer} of that @i{Trusted Certificate} to also sign, and hence authenticates, other @i{Subjects} the tool may process.
@i{Trusted Certificates} are important because they allow the tool to mechanically construct @i{Chains of Trust} starting from one of the @i{Trusted Certificates} in a @i{Key Store} and ending with a certificate whose @i{Issuer} is potentially unknown. A valid chain is an ordered list, starting with a @i{Trusted Certificate} (also called the @i{anchor}), ending with the target certificate, and satisfying the condition that the @i{Subject} of certificate @code{#i} is the @i{Issuer} of certificate @code{#i + 1}.
The @b{keytool} is invoked from the command line as follows:
@example
@code{keytool [COMMAND]...}
@end example
@item DESCRIPTION
A Java-based tool for managing both @i{Key Entries} as well as @i{Trusted Certificates}.
Multiple @code{COMMAND}s may be specified at once, each complete with its own options. @b{keytool} will parse all the arguments, before processing, and executing, each @code{COMMAND}. If an exception occurs while executing one @code{COMMAND} @b{keytool} will abort. Note however that because the implementation of the tool uses code to parse command line options that also supports GNU-style options, you have to separate each command group with a double-hyphen; e.g
Multiple @code{COMMAND}s may be specified at once, each complete with its own options. @b{keytool} will parse all the arguments, before processing, and executing, each @code{COMMAND}. If an exception occurs while executing one @code{COMMAND} @b{keytool} will abort.
@example
@code{keytool -list -- -printcert -alias mykey}
@end example
A @code{COMMAND} can be one of the followings:
Here is a summary of the commands supported by the tool:
@table @b
@enumerate
@item Add/Update commands
@itemize @bullet
@item -genkey [OPTION]@dots{}
Generate a new @i{Key Entry}, eventually creating a new key store.
@@ -191,22 +427,34 @@ Add, to a key store, @i{Key Entries} (private keys and certificate chains authen
@item -selfcert [OPTION]@dots{}
Generate a new self-signed @i{Trusted Certificate}.
@item -cacert [OPTION]@dots{}
Import a CA @i{Trusted Certificate}.
@item -identitydb [OPTION]@dots{}
@b{NOT IMPLEMENTED YET}.@*
Import a JDK 1.1 style Identity Database.
@end itemize
@item Export commands
@itemize @bullet
@item -certreq [OPTION]@dots{}
Issue a @i{Certificate Signing Request} (CSR) which can be then sent to a @i{Certification Authority} (CA) to issue a certificate signed (by the CA) and authenticating the @i{Subject} of the request.
@item -export [OPTION]@dots{}
Export a certificate from a key store.
@end itemize
@item Display commands
@itemize @bullet
@item -list [OPTION]@dots{}
Print one or all certificates in a key store to @code{STDOUT}.
@item -printcert [OPTION]@dots{}
Print a human-readable form of a certificate, in a designated file, to @code{STDOUT}.
@end itemize
@item Management commands
@itemize @bullet
@item -keyclone [OPTION]@dots{}
Clone a @i{Key Entry} in a key store.
@@ -218,13 +466,48 @@ Change the password protecting a @i{Key Entry} in a key store.
@item -delete [OPTION]@dots{}
Delete a @i{Key Entry} or a @i{Trusted Certificate} from a key store.
@end itemize
@item -help
Prints a help text similar to this one.
@end enumerate
@end table
@menu
* Getting Help:: How to get help with keytool commands
* Common keytool Options:: Options used in more than one command
* Distinguished Names:: X.500 Distinguished Names used in certificates
* Add/Update Commands:: Commands for adding data to a Key Store
* Export Commands:: Commands for exporting data from a Key Store
* Display Commands:: Commands for displaying data in a Key Store
* Management Commands:: Commands for managing a Key Store
@end menu
@comment ----------------------------------------------------------------------
@node Getting Help, Common keytool Options, keytool Tool, keytool Tool
@comment node-name, next, previous, up
@subsection Getting help
To get a general help text about the tool, use the @code{-help} option; e.g.
@example
@code{keytool -help}
@end example
To get more specific help text about one of the tool's command use the @code{-help} option for that command; e.g.
@example
@code{keytool -genkey -help}
@end example
In both instances, the tool will print a help text and then will exit the running JVM.
It is worth noting here that the help messages printed by the tool are I18N-ready. This means that if/when the contents of the tool's @i{Message Bundle} properties file are available in languages other than English, you may see those messages in that language.
@comment ----------------------------------------------------------------------
@node Common keytool Options, Distinguished Names, Getting Help, keytool Tool
@comment node-name, next, previous, up
@subsection Common options
@item OPTIONS COMMON TO MORE THAN ONE COMMAND
The following @code{OPTION}s are used in more than one @code{COMMAND}. They are described here to reduce redundancy.
@table @b
@@ -263,7 +546,7 @@ If a URL was specified, but was found to be malformed --e.g. missing protocol el
A fully qualified class name of a @i{Security Provider} to add to the current list of @i{Security Providers} already installed in the JVM in-use. If a provider class is specified with this option, and was successfully added to the runtime --i.e. it was not already installed-- then the tool will attempt to removed this @i{Security Provider} before exiting.
@anchor{file}
@item -file FILE_NAME
@item -file FILE
Use this option to designate a file to use with a command. When specified with this option, the value is expected to be the fully qualified path of a file accessible by the File System. Depending on the command, the file may be used as input or as output. When this option is omitted from the command line, @code{STDIN} will be used instead, as the source of input, and @code{STDOUT} will be used instead as the output destination.
@anchor{verbose}
@@ -272,8 +555,13 @@ Unless specified otherwise, use this option to enable more verbose output.
@end table
@comment ----------------------------------------------------------------------
@node Distinguished Names, Add/Update Commands, Common keytool Options, keytool Tool
@comment node-name, next, previous, up
@subsection X.500 Distinguished Names
@anchor{dn}
@item X.500 DISTINGUISHED NAME
A @i{Distinguished Name} (or DN) MUST be supplied with some of the @code{COMMAND}s using a @code{-dname} option. The syntax of a valid value for this option MUST follow RFC-2253 specifications. Namely the following components (with their accepted meaning) will be recognized. Note that the component name is case-insensitive:
@ftable @var
@@ -299,8 +587,27 @@ CN=host.domain.com, O=The Sample Company, L=Sydney, ST=NSW, C=AU
@*
If the @i{Distinguished Name} is required, and no valid default value can be used, the tool will prompt you to enter the information through the console.
@item -genkey COMMAND
Generate a new key-pair (both private and public keys), and save these credentials in the key store as a @i{Key Entry}, associated with the designated (if was specified in the @code{-alias} option) or default (if the @code{-alias} option is omitted) @i{Alias}.
@comment ----------------------------------------------------------------------
@node Add/Update Commands, Export Commands, Distinguished Names, keytool Tool
@comment node-name, next, previous, up
@subsection Add/Update commands
@menu
* Command -genkey:: Generate private key and self-signed certificate
* Command -import:: Import certificates and certificate replies
* Command -selfcert:: Generate self-signed certificate
* Command -cacert:: Import a CA Trusted Certificate
* Command -identitydb:: Import JDK-1 style identities
@end menu
@comment ----------------------------------------------------------------------
@node Command -genkey, Command -import, Add/Update Commands, Add/Update Commands
@comment node-name, next, previous, up
@subsubsection @code{-genkey} command
Use this command to generate a new key-pair (both private and public keys), and save these credentials in the key store as a @i{Key Entry}, associated with the designated (if was specified with the @code{-alias} option) or default (if the @code{-alias} option is omitted) @i{Alias}.
The private key material will be protected with a user-defined password (see @code{-keypass} option). The public key on the other hand will be part of a self-signed X.509 certificate, which will form a 1-element chain and will be saved in the key store.
@@ -347,8 +654,13 @@ For more details @pxref{verbose}.
@end table
@item -import COMMAND
Read an X.509 certificate, or a PKCS#7 @i{Certificate Reply} from a designated input source and incorporate the certificates into the key store.
@comment ----------------------------------------------------------------------
@node Command -import, Command -selfcert, Command -genkey, Add/Update Commands
@comment node-name, next, previous, up
@subsubsection @code{-import} command
Use this command to read an X.509 certificate, or a PKCS#7 @i{Certificate Reply} from a designated input source and incorporate the certificates into the key store.
If the @i{Alias} does not already exist in the key store, the tool treats the certificate read from the input source as a new @i{Trusted Certificate}. It then attempts to discover a chain-of-trust, starting from that certificate and ending at another @i{Trusted Certificate}, already stored in the key store. If the @code{-trustcacerts} option is present, an additional key store, of type @code{JKS} named @file{cacerts}, and assumed to be present in @file{$@{JAVA_HOME@}/lib/security} will also be consulted if found --@code{$@{JAVA_HOME@}} refers to the location of an installed @i{Java Runtime Environment} (JRE). If no chain-of-trust can be established, and unless the @code{-noprompt} option has been specified, the certificate is printed to @code{STDOUT} and the user is prompted for a confirmation.
@@ -358,8 +670,8 @@ If @i{Alias} exists in the key store, the tool will treat the certificate(s) rea
@item -alias ALIAS
For more details @pxref{alias,, ALIAS}.
@item -file FILE_NAME
For more details @pxref{file,, FILE_NAME}.
@item -file FILE
For more details @pxref{file,, FILE}.
@item -keypass PASSWORD
Use this option to specify the password which the tool will use to protect the @i{Key Entry} associated with the designated @i{Alias}, when replacing this @i{Alias}' chain of certificates with that found in the certificate reply.
@@ -389,8 +701,13 @@ For more details @pxref{verbose}.
@end table
@item -selfcert COMMAND
Generate a self-signed X.509 version 1 certificate. The newly generated certificate will form a chain of one element which will replace the previous chain associated with the designated @i{Alias} (if @code{-alias} option was specified), or the default @i{Alias} (if @code{-alias} option was omitted).
@comment ----------------------------------------------------------------------
@node Command -selfcert, Command -cacert, Command -import, Add/Update Commands
@comment node-name, next, previous, up
@subsubsection @code{-selfcert} command
Use this command to generate a self-signed X.509 version 1 certificate. The newly generated certificate will form a chain of one element which will replace the previous chain associated with the designated @i{Alias} (if @code{-alias} option was specified), or the default @i{Alias} (if @code{-alias} option was omitted).
@table @b
@item -alias ALIAS
@@ -429,14 +746,19 @@ For more details @pxref{verbose}.
@end table
@item -identitydb COMMAND
@b{NOT IMPLEMENTED YET}.
@comment ----------------------------------------------------------------------
Import a JDK 1.1 style Identity Database.
@node Command -cacert, Command -identitydb, Command -selfcert, Add/Update Commands
@comment node-name, next, previous, up
@subsubsection @code{-cacert} command
Use this command to import, a CA certificate and add it to the key store as a @i{Trusted Certificate}. The @i{Alias} for this new entry will be constructed from the FILE's base-name after replacing hyphens and dots with underscores.
This command is useful when used in a script that recursively visits a directory of CA certificates to populate a @code{cacerts.gkr} @i{Key Store} of trusted certificates which can then be used commands that specify the @code{-trustcacerts} option.
@table @b
@item -file FILE_NAME
For more details @pxref{file,, FILE_NAME}.
@item -file FILE
For more details @pxref{file,, FILE}.
@item -storetype STORE_TYPE
For more details @pxref{storetype,, STORE_TYPE}.
@@ -455,8 +777,55 @@ For more details @pxref{verbose}.
@end table
@item -certreq COMMAND
Generate a PKCS#10 @i{Certificate Signing Request} (CSR) and writes it to a designated output destination. The contents of the destination should look something like the following:
@comment ----------------------------------------------------------------------
@node Command -identitydb, , Command -cacert, Add/Update Commands
@comment node-name, next, previous, up
@subsubsection @code{-identitydb} command
@b{NOT IMPLEMENTED YET}.
Use this command to import a JDK 1.1 style Identity Database.
@table @b
@item -file FILE
For more details @pxref{file,, FILE}.
@item -storetype STORE_TYPE
For more details @pxref{storetype,, STORE_TYPE}.
@item -keystore URL
For more details @pxref{keystore,, URL}.
@item -storepass PASSWORD
For more details @pxref{storepass,, PASSWORD}.
@item -provider PROVIDER_CLASS_NAME
For more details @pxref{provider,, PROVIDER_CLASS_NAME}.
@item -v
For more details @pxref{verbose}.
@end table
@comment ----------------------------------------------------------------------
@node Export Commands, Display Commands, Add/Update Commands, keytool Tool
@comment node-name, next, previous, up
@subsection Export commands
@menu
* Command -certreq:: Generate Certificate Signing Requests (CSR)
* Command -export:: Export a certificate in a Key Store
@end menu
@comment ----------------------------------------------------------------------
@node Command -certreq, Command -export, Export Commands, Export Commands
@comment node-name, next, previous, up
@subsubsection @code{-certreq} command
Use this command to generate a PKCS#10 @i{Certificate Signing Request} (CSR) and write it to a designated output destination. The contents of the destination should look something like the following:
@example
-----BEGIN NEW CERTIFICATE REQUEST-----
@@ -476,8 +845,8 @@ For more details @pxref{alias,, ALIAS}.
@item -sigalg ALGORITHM
The canonical name of the digital signature algorithm to use for signing the certificate. If this option is omitted, a default value will be chosen based on the type of the private key associated with the designated @i{Alias}. If the private key is a @code{DSA} one, the value for the signature algorithm will be @code{SHA1withDSA}. If on the other hand the private key is an @code{RSA} one, then the tool will use @code{MD5withRSA} as the signature algorithm.
@item -file FILE_NAME
For more details @pxref{file,, FILE_NAME}.
@item -file FILE
For more details @pxref{file,, FILE}.
@item -keypass PASSWORD
Use this option to specify the password which the tool will use to unlock the @i{Key Entry} associated with the designated @i{Alias}.
@@ -504,16 +873,20 @@ Use this option to force the tool to encode a @code{NULL} DER value in the CSR a
@end table
@item -export COMMAND
Export a certificate stored in the key store to a designated output destination, either in binary format (if the @code{-v} option is specified), or in RFC-1421 compliant encoding (if the @code{-rfc} option is specified
instead).
@comment ----------------------------------------------------------------------
@node Command -export, , Command -certreq, Export Commands
@comment node-name, next, previous, up
@subsubsection @code{-export} command
Use this command to export a certificate stored in a key store to a designated output destination, either in binary format (if the @code{-v} option is specified), or in RFC-1421 compliant encoding (if the @code{-rfc} option is specified instead).
@table @b
@item -alias ALIAS
For more details @pxref{alias,, ALIAS}.
@item -file FILE_NAME
For more details @pxref{file,, FILE_NAME}.
@item -file FILE
For more details @pxref{file,, FILE}.
@item -storetype STORE_TYPE
For more details @pxref{storetype,, STORE_TYPE}.
@@ -535,8 +908,24 @@ Output the certificate in binary DER encoding. This is the default output format
@end table
@item -list COMMAND
Print one or all of the key store entries to @code{STDOUT}. Usually this command will only print a @i{fingerprint} of the certificate, unless either the @code{-rfc} or the @code{-v} option is specified.
@comment ----------------------------------------------------------------------
@node Display Commands, Management Commands, Export Commands, keytool Tool
@comment node-name, next, previous, up
@subsection Display commands
@menu
* Command -list:: Display information about one or all Aliases
* Command -printcert:: Print a certificate or a certificate fingerprint
@end menu
@comment ----------------------------------------------------------------------
@node Command -list, Command -printcert, Display Commands, Display Commands
@comment node-name, next, previous, up
@subsubsection @code{-list} command
Use this command to print one or all of a key store entries to @code{STDOUT}. Usually this command will only print a @i{fingerprint} of the certificate, unless either the @code{-rfc} or the @code{-v} option is specified.
@table @b
@item -alias ALIAS
@@ -564,20 +953,43 @@ Output the certificate in human-readable format. If both this option and the @co
@end table
@item -printcert COMMAND
Read a certificate from a designated input source and print it to @code{STDOUT} in a human-readable form.
@comment ----------------------------------------------------------------------
@node Command -printcert, , Command -list, Display Commands
@comment node-name, next, previous, up
@subsubsection @code{-printcert} command
Use this command to read a certificate from a designated input source and print it to @code{STDOUT} in a human-readable form.
@table @b
@item -file FILE_NAME
For more details @pxref{file,, FILE_NAME}.
@item -file FILE
For more details @pxref{file,, FILE}.
@item -v
For more details @pxref{verbose}.
@end table
@item -keyclone COMMAND
Clone an existing @i{Key Entry} and store it under a new (different) @i{Alias} protecting, its private key material with possibly a new password.
@comment ----------------------------------------------------------------------
@node Management Commands, , Display Commands, keytool Tool
@comment node-name, next, previous, up
@subsection Management commands
@menu
* Command -keyclone:: Clone a Key Entry in a Key Store
* Command -storepasswd:: Change the password protecting a Key Store
* Command -keypasswd:: Change the password protecting a Key Entry
* Command -delete:: Remove an entry in a Key Store
@end menu
@comment ----------------------------------------------------------------------
@node Command -keyclone, Command -storepasswd, Management Commands, Management Commands
@comment node-name, next, previous, up
@subsubsection @code{-keyclone} command
Use this command to clone an existing @i{Key Entry} and store it under a new (different) @i{Alias} protecting, its private key material with possibly a new password.
@table @b
@item -alias ALIAS
@@ -611,8 +1023,13 @@ For more details @pxref{verbose}.
@end table
@item -storepasswd COMMAND
Change the password protecting a key store.
@comment ----------------------------------------------------------------------
@node Command -storepasswd, Command -keypasswd, Command -keyclone, Management Commands
@comment node-name, next, previous, up
@subsubsection @code{-storepasswd} command
Use this command to change the password protecting a key store.
@table @b
@item -new PASSWORD
@@ -635,14 +1052,18 @@ For more details @pxref{verbose}.
@end table
@item -keypasswd COMMAND
Change the password protecting the private key material of a designated @i{Key Entry}.
@comment ----------------------------------------------------------------------
@node Command -keypasswd, Command -delete, Command -storepasswd, Management Commands
@comment node-name, next, previous, up
@subsubsection @code{-keypasswd} command
Use this command to change the password protecting the private key material of a designated @i{Key Entry}.
@table @b
@item -alias ALIAS
For more details @pxref{alias,, ALIAS}.
@item -keypass PASSWORD
Use this option to specify the password which the tool will use to unlock the @i{Key Entry} associated with the designated @i{Alias}.
If this option is omitted, the tool will first attempt to unlock the @i{Key Entry} using the same password protecting the key store. If this fails, you will then be prompted to provide a password.
@@ -667,8 +1088,13 @@ For more details @pxref{verbose}.
@end table
@item -delete COMMAND
Delete a designated key store entry.
@comment ----------------------------------------------------------------------
@node Command -delete, , Command -keypasswd, Management Commands
@comment node-name, next, previous, up
@subsubsection @code{-delete} command
Use this command to delete a designated key store entry.
@table @b
@item -alias ALIAS
@@ -689,7 +1115,6 @@ For more details @pxref{provider,, PROVIDER_CLASS_NAME}.
@item -v
For more details @pxref{verbose}.
@end table
@end table
@comment ----------------------------------------------------------------------
@@ -709,7 +1134,7 @@ Some tools --@pxref{Security Tools}-- allow using other than the English languag
@node Language Resources, Message Formats, I18N Issues, I18N Issues
@comment node-name, next, previous, up
@section Language-Specific Resources
@section Language-specific resources
The Tools use Java @code{ResourceBundle}s to store messages, and message templates they use at runtime to generate the message text itself, depending on the locale in use at the time.
@@ -721,7 +1146,7 @@ Command.23=A correct key password MUST be provided
When the tool needs to signal a mandatory but missing key password, it would reference the property named @code{Command.23} and the message "@kbd{A correct key password MUST be provided}" will be used instead. This indirect referencing of "resources" permits replacing, as late as possible, the English strings with strings in other languages, provided of course @i{Resource Bundles} in those languages are provided.
For the GNU Classpath Tools described in this Guide, the @i{Resource Bundles} are files named @file{MessageBundle[_ll[_CC[_VV]]].properties} where:
For the GNU Classpath Tools described in this Guide, the @i{Resource Bundles} are files named @file{messages[_ll[_CC[_VV]]].properties} where:
@ftable @var
@item ll
@@ -746,24 +1171,24 @@ The location of the @i{Resource Bundles} for the GNU Classpath Tools is specific
The collection of @i{Resource Bundles} in a location act as an inverted tree with a parent-child relationship. For example suppose in the @file{gnu/classpath/tools/keytool} there are 3 message bundles named:
@enumerate
@item @code{MessageBundle.properties}
@item @code{MessageBundle_fr.properties}
@item @code{MessageBundle_fr_FR.properties}
@item @code{messages.properties}
@item @code{messages_fr.properties}
@item @code{messages_fr_FR.properties}
@end enumerate
In the above example, bundle #1 will act as the parent of bundle #2, which in turn will act as the parent for bundle #3. This ordering is used by the Java runtime to choose which file to load based on the set Locale. For example if the Locale is @code{fr_CH}, @code{MessageBundle_fr.properties} will be used because (a) @code{MessageBundle_fr_CH.properties} does not exist, but (b) @code{MessageBundle_fr.properties} is the parent for the required bundle, and it exists. As another example, suppose the Locale was set to @code{en_AU}; then the tool will end up using @code{MessageBundle.properties} because (a) @code{MessageBundle_en_AU.properties} does not exist, (b) @code{MessageBundle_en.properties} which is the parent for the required bundle does not exist, but (c) @code{MessageBundle.properties} exists and is the root of the hierarchy.
In the above example, bundle #1 will act as the parent of bundle #2, which in turn will act as the parent for bundle #3. This ordering is used by the Java runtime to choose which file to load based on the set Locale. For example if the Locale is @code{fr_CH}, @code{messages_fr.properties} will be used because (a) @code{messages_fr_CH.properties} does not exist, but (b) @code{messages_fr.properties} is the parent for the required bundle, and it exists. As another example, suppose the Locale was set to @code{en_AU}; then the tool will end up using @code{messages.properties} because (a) @code{messages_en_AU.properties} does not exist, (b) @code{messages_en.properties} which is the parent for the required bundle does not exist, but (c) @code{messages.properties} exists and is the root of the hierarchy.
You can see from the examples above that @file{MessageBundle.properties} is the safety net that the Java runtime falls back to when failing to find a specific bunlde and its parent(s). This file is always provided with the Tool. In time, more localized versions will be included to cater for other languages.
You can see from the examples above that @file{messages.properties} is the safety net that the Java runtime falls back to when failing to find a specific bunlde and its parent(s). This file is always provided with the Tool. In time, more localized versions will be included to cater for other languages.
In the meantime, if you are willing to contribute localized versions of these resources, grab the @file{MessageBundle.properties} for a specific tool; translate it; save it with the appropriate language and region suffix and mail it to @code{classpath@@gnu.org}.
In the meantime, if you are willing to contribute localized versions of these resources, grab the @file{messages.properties} for a specific tool; translate it; save it with the appropriate language and region suffix and mail it to @code{classpath@@gnu.org}.
@comment ----------------------------------------------------------------------
@node Message Formats, , Language Resources, I18N Issues
@comment node-name, next, previous, up
@section Message Formats
@section Message formats
If you open any of the @file{MessageBundle.properties} described in the previous section, you may see properties that look like so:
If you open any of the @file{messages.properties} described in the previous section, you may see properties that look like so:
@example
Command.67=Issuer: @{0@}
@@ -774,7 +1199,7 @@ Command.70=\ \ \ \ \ until: @{0,date,full@} - @{0,time,full@}
These are @i{Message Formats} used by the tools to customize a text string that will then be used either as a prompt for User input or as output.
If you are translating a @file{MessageBundle.properties} be careful not to alter text between curly braces.
If you are translating a @file{messages.properties} be careful not to alter text between curly braces.
@comment ----------------------------------------------------------------------
+433 -5
View File
@@ -12,7 +12,7 @@ This file contains important information you will need to know if you
are going to write an interface between GNU Classpath and a Virtual
Machine.
Copyright (C) 1998-2002, 2004, 2005 Free Software Foundation, Inc.
Copyright (C) 1998-2002, 2004, 2005, 2006 Free Software Foundation, Inc.
@ifnotplaintext
@dircategory GNU Libraries
@@ -66,6 +66,7 @@ This document is incomplete, as we are still in alpha with the interface.
* Classpath Hooks:: Hooks from Classpath to the VM
* VM Hooks:: Hooks from the underlying VM to Classpath
* JNI Implementation:: Hooking the VM to jni.h
* JVMTI Implementation:: Hooking the VM to jvmti.h
* Miscellaneous VM Requirements::
@end menu
@@ -202,6 +203,8 @@ implementation.
* gnu.java.nio::
* java.lang.reflect::
* gnu.java.lang::
* gnu.java.lang.management::
* java.lang.management::
* Classpath Callbacks::
@end menu
@@ -704,6 +707,9 @@ to allow the setting to flow down to the native thread.
@item @code{nativeStop(Throwable)} -- The VM should stop the thread abnormally
and throw the specified exception. This is clearly deprecated, due to the
ambiguous state an abruptly-stopped thread may leave.
@item @code{getState()} -- Returns the VM's impression of the current state
of the thread. The applicable states are supplied by the @code{State}
enumeration in @code{java.lang.Thread}.
@end itemize
@item Mandatory Class Methods
@itemize @bullet
@@ -1206,7 +1212,7 @@ which the VM uses to generate a new non-primitive array of a
particular class and size. The default implementation simply passes
the job down to the standard JNI function, @code{NewObjectArray}.
@node gnu.java.lang, Classpath Callbacks, java.lang.reflect, Classpath Hooks
@node gnu.java.lang, gnu.java.lang.management, java.lang.reflect, Classpath Hooks
@section @code{gnu.java.lang}
@code{gnu.java.lang} provides VM interfaces for the GNU
@@ -1258,7 +1264,384 @@ method calls the @code{VMInstrumentationImpl.redefineClasses} native method
which must be implemented by the VM. The implementation should call the
@code{InstrumentationImpl.callTransformers} method.
@node Classpath Callbacks, , gnu.java.lang, Classpath Hooks
@node gnu.java.lang.management, java.lang.management, gnu.java.lang, Classpath Hooks
@section @code{gnu.java.lang.management}
@code{gnu.java.lang.management} provides the VM interfaces for the GNU
implementations of the management beans.
@menu
* gnu.java.lang.management.VMRuntimeMXBeanImpl::
* gnu.java.lang.management.VMClassLoadingMXBeanImpl::
* gnu.java.lang.management.VMThreadMXBeanImpl::
* gnu.java.lang.management.VMMemoryMXBeanImpl::
* gnu.java.lang.management.VMCompilationMXBeanImpl::
* gnu.java.lang.management.VMMemoryPoolMXBeanImpl::
* gnu.java.lang.management.VMMemoryManagerMXBeanImpl::
* gnu.java.lang.management.VMGarbageCollectorMXBeanImpl::
@end menu
@node gnu.java.lang.management.VMRuntimeMXBeanImpl,gnu.java.lang.management.VMClassLoadingMXBeanImpl,,gnu.java.lang.management
@subsection @code{gnu.java.lang.management.VMRuntimeMXBeanImpl}
The @code{gnu.java.lang.management.RuntimeMXBeanImpl} provides an
implementation of the @code{java.lang.management.RuntimeMXBean} interface,
and is supported by VM functionality in the form of
@code{gnu.java.lang.management.VMRuntimeMXBeanImpl}. This provides a
series of methods, which should be implemented by the virtual machine
in order to provide the required information for the bean. The VM
methods are generally representative of information that is only
available from the virtual machine, such as the command-line arguments
it was given at startup.
The methods are as follows:
@itemize @bullet
@item @code{(getInputArguments())} -- The VM should supply
a @code{String} array containing each of the command-line
arguments, excluding those that are directed at the
@code{main()} method. The reference implementation expects
this to be a native method.
@item @code{(getName())} -- The VM developer should choose
an appropriate name for the virtual machine. This name can
be instance-specific e.g. it can include things like the
process identifier or host name of the machine, which only
apply to the current running instance. Thus, the intention is
that this name refers to the entity that the other information
refers to, rather than the VM in general. The reference
implementation supplies a default concatenation of the VM
name and version.
@item @code{(getStartTime())} -- This should return the number
of milliseconds at which the virtual machine was started.
The uptime property of the bean is provided relative to this
value. Again, the reference implementation also expects
this method to be native.
@end itemize
The virtual machine also needs to provide either the
@code{sun.boot.class.path} or @code{java.boot.class.path}
property in order to support the optional boot class path
retrieval functionality.
@node gnu.java.lang.management.VMClassLoadingMXBeanImpl,gnu.java.lang.management.VMThreadMXBeanImpl,gnu.java.lang.management.VMRuntimeMXBeanImpl,gnu.java.lang.management
@subsection @code{gnu.java.lang.management.VMClassLoadingMXBeanImpl}
The @code{gnu.java.lang.management.ClassLoadingMXBeanImpl} provides an
implementation of the @code{java.lang.management.ClassLoadingMXBean} interface,
and is supported by VM functionality in the form of
@code{gnu.java.lang.management.VMClassLoadingMXBeanImpl}. This provides a
series of methods, which should be implemented by the virtual machine
in order to provide the required information for the bean. Implementing
this bean requires the VM to monitor when classes are loaded and unloaded,
and provide the option of verbose class loading output.
The methods are as follows:
@itemize @bullet
@item @code{(getLoadedClassCount())} -- This should return
the number of classes that are currently loaded by the VM.
@item @code{(getUnloadedClassCount())} -- This should return
the number of classes that have been loaded by the VM, but
have since been unloaded.
@item @code{(isVerbose())} -- This should return @code{true}
or @code{false}, depending on whether verbose class loading
output is turned or not, respectively.
@item @code{(setVerbose(boolean))} -- This should allow the
verbose class loading output to be turned on and off.
@end itemize
@node gnu.java.lang.management.VMThreadMXBeanImpl,gnu.java.lang.management.VMMemoryMXBeanImpl,gnu.java.lang.management.VMClassLoadingMXBeanImpl,gnu.java.lang.management
@subsection @code{gnu.java.lang.management.VMThreadMXBeanImpl}
The @code{gnu.java.lang.management.ThreadMXBeanImpl} provides an
implementation of the @code{java.lang.management.ThreadMXBean} interface,
and is supported by VM functionality in the form of
@code{gnu.java.lang.management.VMThreadMXBeanImpl}. This provides a
series of methods, which should be implemented by the virtual machine
in order to provide the required information for the bean. Implementing
this bean requires the VM to monitor thread-related statistics such as
how often the blocked and waiting states have been entered, as well as
additional optional support for time and contention monitoring.
Optional support is determined by the following properties:
@itemize @bullet
@item @code{gnu.java.lang.management.CurrentThreadTimeSupport} --
This property should be present if the VM supports monitoring the
time used by the current thread. If time monitoring for all threads
is supported, this need not be provided.
@item @code{gnu.java.lang.management.ThreadTimeSupport} --
This property should be present if the VM supports monitoring the
time used by all threads.
@item @code{gnu.java.lang.management.ThreadContentionSupport} --
This property should be present if the VM supports thread contention
monitoring.
@end itemize
In addition, the property
@code{gnu.java.lang.management.ThreadTimeInitallyEnabled} may be
set to the @code{String} value, @code{"true"}, if time monitoring
is enabled at startup.
The methods are as follows:
@itemize @bullet
@item @code{(findMonitorDeadlockedThreads())} -- This should return
an array of thread identifiers which match threads involved in
deadlock cycles (where each thread is waiting to obtain a lock
held by one of the others). This is specified as a native method
in the reference implementation.
@item @code{(getAllThreads())} -- This should return an array of
all live threads and set the @code{filled} variable to the number
found. A default implementation is provided.
@item @code{(getAllThreadIds())} -- This should return an array of
all live thread identifiers. An implementation is provided against
@code{getAllThreads()} by default.
@item @code{(getCurrentThreadCpuTime())} -- This should return the
approximate number of nanoseconds of CPU time the current thread
has used. This is an optional native method, which is used by VMs
supporting time monitoring.
@item @code{(getCurrentThreadUserTime())} -- This should return the
approximate number of nanoseconds of user time the current thread
has used. This is an optional native method, which is used by VMs
supporting time monitoring.
@item @code{(getDaemonThreadCount())} -- This should return the number
of live daemon threads. A default implementation is provided, based
on @code{getAllThreads()}.
@item @code{(getPeakThreadCount())} -- The VM should maintain a record
of the peak number of live threads, and return it when this method is
called. This is specified as a native method in the reference
implementation.
@item @code{(resetPeakThreadCount())} -- This should reset the record
of the peak number of live threads to the current number of live
threads. This is specified as a native method in the reference
implementation.
@item @code{(getThreadCount())} -- This should return the number of
live threads. A default implementation is provided, based on
@code{getAllThreads()}.
@item @code{(getThreadCpuTime(long))} -- This should return the
approximate number of nanoseconds of CPU time the specified thread
has used. This is an optional native method, which is used by VMs
supporting time monitoring.
@item @code{(getThreadUserTime(long))} -- This should return the
approximate number of nanoseconds of CPU time the specified thread
has used. This is an optional native method, which is used by VMs
supporting time monitoring.
@item @code{(getThreadInfoForId(long, int))} -- This return an instance
of @code{java.lang.management.ThreadInfo} for the specified thread.
The class includes a private constructor which VMs should use to initialise
it with the appropriate values for the thread. The second argument
given here specifies the depth of the stack trace supplied on construction
of the instance. Special values are 0 (return an empty array) and
@code{Integer.MAX_VALUE} (return the maximum depth possible). This
is specified as a native method in the reference implementation.
@item @code{(getTotalStartedThreadCount())} -- This should return the
total number of threads that have been started by the VM, including ones
that have died. This is specified as a native method in the reference
implementation.
@end itemize
@node gnu.java.lang.management.VMMemoryMXBeanImpl,gnu.java.lang.management.VMCompilationMXBeanImpl,gnu.java.lang.management.VMThreadMXBeanImpl,gnu.java.lang.management
@subsection @code{gnu.java.lang.management.VMMemoryMXBeanImpl}
The @code{gnu.java.lang.management.MemoryMXBeanImpl} provides an
implementation of the @code{java.lang.management.MemoryMXBean} interface,
and is supported by VM functionality in the form of
@code{gnu.java.lang.management.VMMemoryMXBeanImpl}. This provides a
series of methods, which should be implemented by the virtual machine
in order to provide the required information for the bean. Implementing
this bean requires the VM to monitor the levels of heap and non-heap
memory, and provide the number of objects which are eligible for garbage
collection.
The methods are as follows:
@itemize @bullet
@item @code{(getHeapMemoryUsage())} -- This should return
an instance of @code{java.lang.management.MemoryUsage} with
values pertaining to the heap. A default implementation is
provided, based on @code{java.lang.Runtime}'s methods.
@item @code{(getNonHeapMemoryUsage())} -- This should return
an instance of @code{java.lang.management.MemoryUsage} with
values pertaining to non-heap memory.
@item @code{(getObjectPendingFinalizationCount())} -- Returns
the number of objects which are no longer referenced, and which
will thus be garbage collected on the next run of the garbage
collector.
@item @code{(isVerbose())} -- This should return @code{true}
or @code{false}, depending on whether verbose memory management
output is turned or not, respectively.
@item @code{(setVerbose(boolean))} -- This should allow the
verbose memory management output to be turned on and off.
@end itemize
@node gnu.java.lang.management.VMCompilationMXBeanImpl,gnu.java.lang.management.VMMemoryPoolMXBeanImpl,gnu.java.lang.management.VMMemoryMXBeanImpl,gnu.java.lang.management
@subsection @code{gnu.java.lang.management.VMCompilationMXBeanImpl}
The @code{gnu.java.lang.management.CompilationMXBeanImpl} provides an
implementation of the optional @code{java.lang.management.CompilationMXBean}
interface, and is supported by VM functionality in the form of
@code{gnu.java.lang.management.VMCompilationMXBeanImpl}. This provides a
single method for returning the number of milliseconds the virtual
machine's Just-In-Time (JIT) compiler has spent compiling. Even if
a JIT compiler is available and an instance of the bean supplied, this
method is still optional.
Optional support is determined by the following properties:
@itemize @bullet
@item @code{gnu.java.lang.compiler.name} -- This property should
specify the name of the JIT compiler. Classpath also uses this,
within @code{java.lang.management.ManagementFactory}, to determine
whether a bean should be created. If this property is set to a
non-null value, a bean will be created and its @code{getName()}
method will return this value.
@item @code{gnu.java.lang.management.CompilationTimeSupport} --
This property should be present if the VM supports monitoring the
time spent compiling.
@end itemize
Time support is implemented by the following method:
@itemize @bullet
@item @code{(getTotalCompilationTime())} -- This should return the
number of milliseconds the JIT compiler has spent compiling.
@end itemize
@node gnu.java.lang.management.VMMemoryPoolMXBeanImpl,gnu.java.lang.management.VMMemoryManagerMXBeanImpl,gnu.java.lang.management.VMCompilationMXBeanImpl,gnu.java.lang.management
@subsection @code{gnu.java.lang.management.VMMemoryPoolMXBeanImpl}
The @code{gnu.java.lang.management.MemoryPoolMXBeanImpl} provides an
implementation of the optional @code{java.lang.management.MemoryPoolMXBean}
interface, and is supported by VM functionality in the form of
@code{gnu.java.lang.management.VMMemoryPoolMXBeanImpl}. Providing
this interface requires implementing a number of methods for each supported
pool. These return statistics on memory usage, and, optionally, allows
monitoring of when memory usage exceedes a preset threshold.
Optional support is determined by the following properties:
@itemize @bullet
@item @code{gnu.java.lang.management.CollectionUsageThresholdSupport} --
This property should be present if the VM supports setting a collection
usage threshold and monitoring when it is matched or exceeded. Collection
usage thresholds are related to the remaining memory usage following a
garbage collection cycle.
@item @code{gnu.java.lang.management.UsageThresholdSupport} --
This property should be present if the VM supports setting a
usage threshold and monitoring when it is matched or exceeded.
@end itemize
The methods are as follows (all take a pool name as their
first parameter):
@itemize @bullet
@item @code{(getCollectionUsage(String))} -- Returns a
@code{java.lang.management.MemoryUsage} object, containing the
memory usage statistics following a garbage collection cycle
for the specified pool. This may also return @code{null} if
the pool isn't an appropriate pool for this particular task.
@item @code{(getCollectionUsageThreshold(String))} -- Returns
the pool's collection usage threshold, if supported.
@item @code{(getCollectionUsageThresholdCount(String))} -- Returns
the number of times the specified pool has matched or exceeded
its collection usage threshold, if supported.
@item @code{(getMemoryManagerNames(String))} -- Returns a list
of names of memory managers which manage the specified pool.
@item @code{(getPeakUsage(String))} -- Returns a
@code{java.lang.management.MemoryUsage} object for the peak
usage level of the specified pool.
@item @code{(getType(String))} -- Returns a string containing
either @code{"HEAP"} or @code{"NON_HEAP"} which indicates the type of
memory used by the specified pool.
@item @code{(getUsage(String))} -- Returns a
@code{java.lang.management.MemoryUsage} object for the current
usage level of the specified pool.
@item @code{(getUsageThreshold(String))} -- Returns
the pool's usage threshold, if supported.
@item @code{(getUsageThresholdCount(String))} -- Returns
the number of times the specified pool has matched or exceeded
its usage threshold, if supported.
@item @code{(isValid(String))} -- Returns true if the pool
is still in use by the virtual machine.
@item @code{(resetPeakUsage(String))} -- Resets the peak usage
levels to the current usage levels for the specified pool.
@item @code{(setCollectionUsageThreshold(String, long))} -- Sets
the pool's collection usage threshold, if supported.
@item @code{(setUsageThreshold(String, long))} -- Sets
the pool's usage threshold, if supported.
@end itemize
@node gnu.java.lang.management.VMMemoryManagerMXBeanImpl,gnu.java.lang.management.VMGarbageCollectorMXBeanImpl,gnu.java.lang.management.VMMemoryPoolMXBeanImpl,gnu.java.lang.management
@subsection @code{gnu.java.lang.management.VMMemoryManagerMXBeanImpl}
The @code{gnu.java.lang.management.MemoryManagerMXBeanImpl} provides an
implementation of the optional @code{java.lang.management.MemoryManagerMXBean}
interface, and is supported by VM functionality in the form of
@code{gnu.java.lang.management.VMMemoryManagerMXBeanImpl}. Providing
this interface requires implementing two methods (each takes the name
of the manager as the first argument):
@itemize @bullet
@item @code{(getMemoryPoolNames(String))} -- Returns a list of the
memory pools that the manager maintains. A default implementation
which scans the results of @code{getMemoryManagerNames()} for each
pool is provided.
@item @code{(isValid(String))} -- Returns true if the specified
manager is still valid i.e. it is still in use by the virtual machine.
@end itemize
@node gnu.java.lang.management.VMGarbageCollectorMXBeanImpl,,gnu.java.lang.management.VMMemoryManagerMXBeanImpl,gnu.java.lang.management
@subsection @code{gnu.java.lang.management.VMGarbageCollectorMXBeanImpl}
The @code{gnu.java.lang.management.GarbageCollectorMXBeanImpl} provides an
implementation of the optional @code{java.lang.management.GarbageCollectorMXBean}
interface, and is supported by VM functionality in the form of
@code{gnu.java.lang.management.VMGarbageCollectorMXBeanImpl}. Providing
this interface requires implementing two methods (each takes the name
of the garbage collector as the first argument):
@itemize @bullet
@item @code{(getCollectionCount(String))} -- Returns the number of
times the specified garbage collector has run.
@item @code{(getCollectionTime(String))} -- Returns the accumulated
number of milliseconds for which the garbage collector has run.
@end itemize
Note that each garbage collector is also a memory manager, and so an
implementation of the @code{gnu.java.lang.management.VMMemoryManagerMXBeanImpl}
methods for its name should also be provided.
@node java.lang.management, Classpath Callbacks, gnu.java.lang.management, Classpath Hooks
@section @code{java.lang.management}
@code{gnu.java.lang.management} provides the VM interfaces for the GNU
implementations of the management beans.
@menu
* java.lang.management.VMManagementFactory::
@end menu
@node java.lang.management.VMManagementFactory,,,java.lang.management
@subsection @code{java.lang.management.VMManagementFactory}
This VM interface provides the names of the memory pools, memory managers
and garbage collectors for use by the @code{java.lang.management.ManagementFactory}
in creating lists of appropriate beans for these types of managed object.
The methods are as follows:
@itemize @bullet
@item @code{(getMemoryPoolNames())} -- Returns a list of the names
of the current memory pools in use by the virtual machine.
@item @code{(getMemoryManagerNames())} -- Returns a list of the names
of the current memory managers in use by the virtual machine. This
should not include those that are also garbage collectors.
@item @code{(getGarbageCollectorNames())} -- Returns a list of the names
of the current garbage collectors in use by the virtual machine.
@end itemize
@node Classpath Callbacks, , java.lang.management, Classpath Hooks
Some of the classes you implement for the VM will need to call back to
package-private methods in Classpath:
@@ -1269,6 +1652,26 @@ the group.
@item @code{java.lang.ThreadGroup.removeThread(Thread)}
Call this method from @code{Thread} when a @code{Thread} is stopped or destroyed.
@item @code{gnu.java.lang.management.MemoryMXBeanImpl.fireThresholdExceededNotification(String, long, long, long, long)}
If the monitoring of memory usage thresholds is supported, this method
should be called when the normal usage of a memory pool crosses the
threshold, in order to emit a notification. Another notification
should not be emitted until there is an intermittent period where the
usage is again below the threshold. The parameters are the memory
pool name, the usage levels (init, used, committed and max) and the
number of times the threshold has been crossed.
@item @code{gnu.java.lang.management.MemoryMXBeanImpl.fireCollectionThresholdExceededNotification(String, long, long, long, long)}
If the monitoring of memory usage thresholds is supported, this method
should be called when the usage of a memory pool after a garbage
collection cycle crosses the threshold, in order to emit a
notification. Another notification should not be emitted until there
is an intermittent period where the usage is again below the
threshold. The parameters are the memory pool name, the usage levels
(init, used, committed and max) and the number of times the threshold
has been crossed.
@end itemize
@node VM Hooks, JNI Implementation, Classpath Hooks, Top
@@ -1369,7 +1772,7 @@ reinitialize it yourself, there should be no harm.
@end itemize
@node JNI Implementation, Miscellaneous VM Requirements, VM Hooks, Top
@node JNI Implementation, JVMTI Implementation, VM Hooks, Top
@comment node-name, next, previous, up
@chapter JNI Implementation
@@ -1412,8 +1815,33 @@ be a sequence of field declarations.
@end itemize
@node JVMTI Implementation, Miscellaneous VM Requirements, JNI Implementation, Top
@comment node-name, next, previous, up
@chapter JVMTI Implementation
@node Miscellaneous VM Requirements, , JNI Implementation, Top
Classpath comes with its own implementation of @file{jvmti.h}. This
file can be customized by the VM in a few ways by defining macros that
affect the interpretation of the file. These macros are all intended
for use for use by a VM which uses GNU Classpath and which wants to
use a single copy of @file{jvmti.h} for both internal and external use.
@itemize @bullet
@item _CLASSPATH_VM_JVMTI_TYPES_DEFINED
Some VMs like to define JVMTI ``object'' types in a special way. If
this macro is defined, the Classpath @file{jvmti.h} will avoid defining
these types. By default these types are defined in @file{jvmti.h}.
The full list of types and macros treated this way is: @samp{jthread},
@samp{jthreadGroup}, @samp{jlocation}, and @samp{jrawMonitorID}. By
default @samp{jrawMonitorID} is defined as an opaque pointer which
must be defined by the VM.
@item _CLASSPATH_JVMTIENV_CONTENTS
A VM can add fields to the @samp{jvmtiEnv} structure by defining this
to be a sequence of field declarations.
@end itemize
@node Miscellaneous VM Requirements, , JVMTI Implementation, Top
@comment node-name, next, previous, up
@chapter Miscellaneous VM Requirements