Going back to IcedTea, openjdk8 is obsolete

Jacek Konieczny jajcus at jajcus.net
Wed Sep 21 12:51:55 CEST 2016


For long time IcedTea was not available for building OpenJDK8, so I 
packaged OpenJDK directly. It seemed good idea anyway – why using some 
intermediate system when OpenJDK can be directly compiled on Linux.

It even worked when I packaged it. I was not sure if it is 'stable' or 
'current' release, but it was better than Java 7 we had before.

Problems started when I tried to upgrade. I still have no idea what the 
OpenJDK release process is, how the versioning works and what are 
important changes between the version. Anyway, I have tried two newer 
'releases'… and those wouldn't work on x32. I was  not able to fix it 
(x32 patches from Debian didn't help), no one else in PLD seemed 
interested in fixing that either.

Then, I have discovered something even worse: our OpenJDK 8 build 
cryptography was limited to the 'export' strength, at least for some 
functions on AES cipher. This should not be the case in OpenJDK (as is 
in Oracle JDK), but in PLD it was. And I was not able to find any 
information how to fix that.

Fortunately, IcedTea for Java 8 has been finally released earlier this 
year. It has regular versioning, changelog and will probably be 
maintained like previous IcedTea versions were.

I gave it a try and managed to build PLD packages with it. Those seem to 
work on x32 properly and have no limit on crypto keys length. Much 
better than the openjdk8-* packages.

I suggest that openjdk8 packages should be obsoleted and icedtea8 should 
be used as our JDK from now on, unless someone finds some problems with it.

And a reminder: Oracle Java has really evil license, which does not 
allow us to redistribute it with the distribution. OpenJDK/IcedTea is 
the only way for us.


More information about the pld-devel-en mailing list