JDK 15 Early-Access Release Notes

This is a draft of the release notes that will accompany JDK 15. The contents are subject to change until release.

Build 16

Retire the deprecated SSLSession.getPeerCertificateChain() method (JDK-8241039)

security-libs/javax.net.ssl

The implementation of the deprecated SSLSession.getPeerCertificateChain() method has been removed from the JDK in the SunJSSE provider and the HTTP client implementation. The default implementation of this method has been changed to throw UnsupportedOperationException.

SSLSession.getPeerCertificateChain() is a deprecated method and will be removed in a future release. To mitigate the removal compatibility impact, applications should use the SSLSession.getPeerCertificates() method instead. For service providers, please remove this method from the existing implementation, and do not support this method in any new implementation.

Retire the com.sun.net.ssl.internal.ssl.Provider name (JDK-8219989)

security-libs/javax.net.ssl

The legacy SunJSSE provider name, "com.sun.net.ssl.internal.ssl.Provider" has been removed and should not be used anymore. The "SunJSSE" name should be used instead (for example, "SSLContext.getInstance("TLS", "SunJSSE")").

Build 15

Case insensitive matching doesn't work correctly for some character classes (JDK-8214245)

core-libs/java.util.regex

Java regular expression engine supports the case insensitive mode. When this mode is turned on, the engine is supposed to match the input text without regard to the case of the characters it consists of.

However, the current implementation of matching against some named character classes (those that are encoded with p{name} or P{name} constructs) fail to respect the case insensitive mode.

The fix will make these character classes to behave consistently with respect to the case sensitivity. When the regular expression engine operates in the case insensitive mode, the named character classes will match the input characters without regard to their case: lower case, upper case or title case.

Build 13

Allow SunPKCS11 initialization with NSS when external FIPS modules are present in the Security Modules Database (JDK-8238555)

security-libs/javax.crypto:pkcs11

The SunPKCS11 security provider can now be initialized with NSS when FIPS-enabled external modules are configured in the Security Modules Database (NSSDB). Prior to this change, the SunPKCS11 provider would throw a RuntimeException with the message: "FIPS flag set for non-internal module" when such a library was configured for NSS in non-FIPS mode.

This change allows the JDK to work properly with recent NSS releases in GNU/Linux operating systems when the system-wide FIPS policy is turned on.

Further information can be found in JDK-8238555.

Build 12

ValueRange.of(long, long, long) does not throw IAE on invalid inputs (JDK-8239520)

core-libs/java.time

java.time.temporal.ValueRange.of() methods are now correctly throwing an InvalidArgumentException on given invalid arguments. For example, of(5, 2, 10) which is invalid because the minimum is greater than the smallest maximum, now throws the exception.

Build 10

Field layout computation overhaul (JDK-8237767)

hotspot/runtime

The way field layout is computed has been changed, with more aggressive optimizations to avoid unused gaps in instances. It is possible to disable these new optimizations with a new VM option -XX:-UseEmptySlotsInSupers.

For a limited time, it is still possible to continue to use the old code to compute field layout with a new VM option -XX:-UseNewFieldLayout. This option is already deprecated in JDK 15 and the old code will be removed in JDK 16.

Localized time zone name inconsistency between English and other locales (JDK-8236548)

core-libs/java.util:i18n

English time zone names provided by the CLDR locale provider are now correctly synthesized following the CLDR spec, rather than substituted from the COMPAT provider. For example, SHORT style names are no longer synthesized abbreviations of LONG style names but produce GMT offset formats.

Build 7

DatagramSocket.send() and MulticastSocket.send() methods throw an IllegalArgumentException if the socket is not connected and the packet's port is out of range (JDK-8236105)

core-libs/java.net

The behavior of DatagramSocket and MulticastSocket has been changed to throw IllegelArgumentException if not connected and passed a packet containing a port out of range, where previously a SocketException (or no exception) might have been thrown, depending on the underlying system.

The java.awt.Robot.delay() method completes with the interrupt status set when interrupted (JDK-8210231)

client-libs/java.awt

The implementation of the java.awt.Robot.delay() method was changed to complete with the interrupt status set when interrupted.

If a thread is interrupted while waiting in the java.awt.Robot.delay() method, then this method will return immediately with the interrupt status set. If the interrupted status is already set, this method returns immediately with the interrupt status set.

Build 6

Remove deprecated constant RMIConnectorServer.CREDENTIAL_TYPES (JDK-8213222)

core-svc/javax.management

The terminally deprecated constant javax.management.remote.rmi.RMIConnectorServer.CREDENTIAL_TYPE has been removed. A filter pattern can be specified instead using RMIConnectorServer.CREDENTIALS_FILTER_PATTERN.

Build 5

Support monetary grouping separator in DecimalFormat/DecimalFormatSymbols (JDK-8227313)

core-libs/java.text

DecimalFormat/DecimalFormatSymbols classes are now capable of dealing with grouping separators for currency values. For example, the monetary grouping separator for German in Austria is '.' whereas normal grouping separator is ' '.