fix fonts and widget exantion

j_version/jgal/linux_x64/jre/conf/net.properties

@@ -0,0 +1,121 @@
+############################################################
+#       Default Networking Configuration File
+#
+# This file may contain default values for the networking system properties.
+# These values are only used when the system properties are not specified
+# on the command line or set programmatically.
+# For now, only the various proxy settings can be configured here.
+############################################################
+
+# Whether or not the DefaultProxySelector will default to System Proxy
+# settings when they do exist.
+# Set it to 'true' to enable this feature and check for platform
+# specific proxy settings
+# Note that the system properties that do explicitly set proxies
+# (like http.proxyHost) do take precedence over the system settings
+# even if java.net.useSystemProxies is set to true.
+
+java.net.useSystemProxies=false
+
+#------------------------------------------------------------------------
+# Proxy configuration for the various protocol handlers.
+# DO NOT uncomment these lines if you have set java.net.useSystemProxies
+# to true as the protocol specific properties will take precedence over
+# system settings.
+#------------------------------------------------------------------------
+
+# HTTP Proxy settings. proxyHost is the name of the proxy server
+# (e.g. proxy.mydomain.com), proxyPort is the port number to use (default
+# value is 80) and nonProxyHosts is a '|' separated list of hostnames which
+# should be accessed directly, ignoring the proxy server (default value is
+# localhost & 127.0.0.1).
+#
+# http.proxyHost=
+# http.proxyPort=80
+http.nonProxyHosts=localhost|127.*|[::1]
+#
+# HTTPS Proxy Settings. proxyHost is the name of the proxy server
+# (e.g. proxy.mydomain.com), proxyPort is the port number to use (default
+# value is 443). The HTTPS protocol handlers uses the http nonProxyHosts list.
+#
+# https.proxyHost=
+# https.proxyPort=443
+#
+# FTP Proxy settings. proxyHost is the name of the proxy server
+# (e.g. proxy.mydomain.com), proxyPort is the port number to use (default
+# value is 80) and nonProxyHosts is a '|' separated list of hostnames which
+# should be accessed directly, ignoring the proxy server (default value is
+# localhost & 127.0.0.1).
+#
+# ftp.proxyHost=
+# ftp.proxyPort=80
+ftp.nonProxyHosts=localhost|127.*|[::1]
+#
+# Gopher Proxy settings. proxyHost is the name of the proxy server
+# (e.g. proxy.mydomain.com), proxyPort is the port number to use (default
+# value is 80)
+#
+# gopher.proxyHost=
+# gopher.proxyPort=80
+#
+# Socks proxy settings. socksProxyHost is the name of the proxy server
+# (e.g. socks.domain.com), socksProxyPort is the port number to use
+# (default value is 1080)
+#
+# socksProxyHost=
+# socksProxyPort=1080
+#
+# HTTP Keep Alive settings. remainingData is the maximum amount of data
+# in kilobytes that will be cleaned off the underlying socket so that it
+# can be reused (default value is 512K), queuedConnections is the maximum
+# number of Keep Alive connections to be on the queue for clean up (default
+# value is 10).
+# http.KeepAlive.remainingData=512
+# http.KeepAlive.queuedConnections=10
+
+# Authentication Scheme restrictions for HTTP and HTTPS.
+#
+# In some environments certain authentication schemes may be undesirable
+# when proxying HTTP or HTTPS.  For example, "Basic" results in effectively the
+# cleartext transmission of the user's password over the physical network.
+# This section describes the mechanism for disabling authentication schemes
+# based on the scheme name. Disabled schemes will be treated as if they are not
+# supported by the implementation.
+#
+# The 'jdk.http.auth.tunneling.disabledSchemes' property lists the authentication
+# schemes that will be disabled when tunneling HTTPS over a proxy, HTTP CONNECT.
+# The 'jdk.http.auth.proxying.disabledSchemes' property lists the authentication
+# schemes that will be disabled when proxying HTTP.
+#
+# In both cases the property is a comma-separated list of, case-insensitive,
+# authentication scheme names, as defined by their relevant RFCs. An
+# implementation may, but is not required to, support common schemes whose names
+# include: 'Basic', 'Digest', 'NTLM', 'Kerberos', 'Negotiate'.  A scheme that
+# is not known, or not supported, by the implementation is ignored.
+#
+# Note: This property is currently used by the JDK Reference implementation. It
+# is not guaranteed to be examined and used by other implementations.
+#
+#jdk.http.auth.proxying.disabledSchemes=
+jdk.http.auth.tunneling.disabledSchemes=Basic
+
+#
+# Transparent NTLM HTTP authentication mode on Windows. Transparent authentication
+# can be used for the NTLM scheme, where the security credentials based on the
+# currently logged in user's name and password can be obtained directly from the
+# operating system, without prompting the user. This property has three possible
+# values which regulate the behavior as shown below. Other unrecognized values
+# are handled the same as 'disabled'. Note, that NTLM is not considered to be a
+# strongly secure authentication scheme and care should be taken before enabling
+# this mechanism.
+#
+# Transparent authentication never used.
+#jdk.http.ntlm.transparentAuth=disabled
+#
+# Enabled for all hosts.
+#jdk.http.ntlm.transparentAuth=allHosts
+#
+# Enabled for hosts that are trusted in Windows Internet settings
+#jdk.http.ntlm.transparentAuth=trustedHosts
+#
+jdk.http.ntlm.transparentAuth=disabled

j_version/jgal/linux_x64/jre/conf/security/java.policy

@@ -0,0 +1,44 @@
+//
+// This system policy file grants a set of default permissions to all domains
+// and can be configured to grant additional permissions to modules and other
+// code sources. The code source URL scheme for modules linked into a
+// run-time image is "jrt".
+//
+// For example, to grant permission to read the "foo" property to the module
+// "com.greetings", the grant entry is:
+//
+// grant codeBase "jrt:/com.greetings" {
+//     permission java.util.PropertyPermission "foo", "read";
+// };
+//
+
+// default permissions granted to all domains
+grant {
+    // allows anyone to listen on dynamic ports
+    permission java.net.SocketPermission "localhost:0", "listen";
+
+    // "standard" properies that can be read by anyone
+    permission java.util.PropertyPermission "java.version", "read";
+    permission java.util.PropertyPermission "java.vendor", "read";
+    permission java.util.PropertyPermission "java.vendor.url", "read";
+    permission java.util.PropertyPermission "java.class.version", "read";
+    permission java.util.PropertyPermission "os.name", "read";
+    permission java.util.PropertyPermission "os.version", "read";
+    permission java.util.PropertyPermission "os.arch", "read";
+    permission java.util.PropertyPermission "file.separator", "read";
+    permission java.util.PropertyPermission "path.separator", "read";
+    permission java.util.PropertyPermission "line.separator", "read";
+    permission java.util.PropertyPermission
+                   "java.specification.version", "read";
+    permission java.util.PropertyPermission "java.specification.vendor", "read";
+    permission java.util.PropertyPermission "java.specification.name", "read";
+    permission java.util.PropertyPermission
+                   "java.vm.specification.version", "read";
+    permission java.util.PropertyPermission
+                   "java.vm.specification.vendor", "read";
+    permission java.util.PropertyPermission
+                   "java.vm.specification.name", "read";
+    permission java.util.PropertyPermission "java.vm.version", "read";
+    permission java.util.PropertyPermission "java.vm.vendor", "read";
+    permission java.util.PropertyPermission "java.vm.name", "read";
+};

j_version/jgal/linux_x64/jre/conf/security/policy/README.txt

@@ -0,0 +1,54 @@
+
+            Java(TM) Cryptography Extension Policy Files
+    for the Java(TM) Platform, Standard Edition Runtime Environment
+
+                               README
+------------------------------------------------------------------------
+
+Import and export control rules on cryptographic software vary from
+country to country.  The Java Cryptography Extension (JCE) architecture
+allows flexible cryptographic key strength to be configured via the
+jurisdiction policy files which are referenced by the "crypto.policy"
+security property in the <java-home>/conf/security/java.security file.
+
+By default, Java provides two different sets of cryptographic policy
+files:
+
+    unlimited:  These policy files contain no restrictions on cryptographic
+                strengths or algorithms
+
+    limited:    These policy files contain more restricted cryptographic
+                strengths
+
+These files reside in <java-home>/conf/security/policy in the "unlimited"
+or "limited" subdirectories respectively.
+
+Each subdirectory contains a complete policy configuration,
+and subdirectories can be added/edited/removed to reflect your
+import or export control product requirements.
+
+Within a subdirectory, the effective policy is the combined minimum
+permissions of the grant statements in the file(s) matching the filename
+pattern "default_*.policy".  At least one grant is required.  For example:
+
+    limited   =  Export (all) + Import (limited)  =  Limited
+    unlimited =  Export (all) + Import (all)      =  Unlimited
+
+The effective exemption policy is the combined minimum permissions
+of the grant statements in the file(s) matching the filename pattern
+"exempt_*.policy".  Exemption grants are optional.  For example:
+
+    limited   =  grants exemption permissions, by which the
+                 effective policy can be circumvented.
+                 e.g.  KeyRecovery/KeyEscrow/KeyWeakening.
+
+Please see the Java Cryptography Architecture (JCA) documentation for
+additional information on these files and formats.
+
+YOU ARE ADVISED TO CONSULT YOUR EXPORT/IMPORT CONTROL COUNSEL OR ATTORNEY
+TO DETERMINE THE EXACT REQUIREMENTS.
+
+Please note that the JCE for Java SE, including the JCE framework,
+cryptographic policy files, and standard JCE providers provided with
+the Java SE, have been reviewed and approved for export as mass market
+encryption item by the US Bureau of Industry and Security.

j_version/jgal/linux_x64/jre/conf/security/policy/limited/default_US_export.policy

@@ -0,0 +1,6 @@
+// Default US Export policy file.
+
+grant {
+    // There is no restriction to any algorithms.
+    permission javax.crypto.CryptoAllPermission; 
+};

j_version/jgal/linux_x64/jre/conf/security/policy/limited/default_local.policy

@@ -0,0 +1,14 @@
+// Some countries have import limits on crypto strength. This policy file
+// is worldwide importable.
+
+grant {
+    permission javax.crypto.CryptoPermission "DES", 64;
+    permission javax.crypto.CryptoPermission "DESede", *;
+    permission javax.crypto.CryptoPermission "RC2", 128, 
+                                     "javax.crypto.spec.RC2ParameterSpec", 128;
+    permission javax.crypto.CryptoPermission "RC4", 128;
+    permission javax.crypto.CryptoPermission "RC5", 128, 
+          "javax.crypto.spec.RC5ParameterSpec", *, 12, *;
+    permission javax.crypto.CryptoPermission "RSA", *;
+    permission javax.crypto.CryptoPermission *, 128;
+};

j_version/jgal/linux_x64/jre/conf/security/policy/limited/exempt_local.policy

@@ -0,0 +1,13 @@
+// Some countries have import limits on crypto strength, but may allow for
+// these exemptions if the exemption mechanism is used.
+
+grant {
+    // There is no restriction to any algorithms if KeyRecovery is enforced.
+    permission javax.crypto.CryptoPermission *, "KeyRecovery"; 
+
+    // There is no restriction to any algorithms if KeyEscrow is enforced.
+    permission javax.crypto.CryptoPermission *, "KeyEscrow"; 
+
+    // There is no restriction to any algorithms if KeyWeakening is enforced. 
+    permission javax.crypto.CryptoPermission *, "KeyWeakening";
+};

j_version/jgal/linux_x64/jre/conf/security/policy/unlimited/default_US_export.policy

@@ -0,0 +1,6 @@
+// Default US Export policy file.
+
+grant {
+    // There is no restriction to any algorithms.
+    permission javax.crypto.CryptoAllPermission; 
+};

j_version/jgal/linux_x64/jre/conf/security/policy/unlimited/default_local.policy

@@ -0,0 +1,6 @@
+// Country-specific policy file for countries with no limits on crypto strength.
+
+grant {
+    // There is no restriction to any algorithms.
+    permission javax.crypto.CryptoAllPermission; 
+};

j_version/jgal/linux_x64/jre/conf/sound.properties

@@ -0,0 +1,39 @@
+############################################################
+#               Sound Configuration File
+############################################################
+#
+# This properties file is used to specify default service
+# providers for javax.sound.midi.MidiSystem and
+# javax.sound.sampled.AudioSystem.
+#
+# The following keys are recognized by MidiSystem methods:
+#
+# javax.sound.midi.Receiver
+# javax.sound.midi.Sequencer
+# javax.sound.midi.Synthesizer
+# javax.sound.midi.Transmitter
+#
+# The following keys are recognized by AudioSystem methods:
+#
+# javax.sound.sampled.Clip
+# javax.sound.sampled.Port
+# javax.sound.sampled.SourceDataLine
+# javax.sound.sampled.TargetDataLine
+#
+# The values specify the full class name of the service
+# provider, or the device name.
+#
+# See the class descriptions for details.
+#
+# Example 1:
+# Use MyDeviceProvider as default for SourceDataLines:
+# javax.sound.sampled.SourceDataLine=com.xyz.MyDeviceProvider
+#
+# Example 2:
+# Specify the default Synthesizer by its name "InternalSynth".
+# javax.sound.midi.Synthesizer=#InternalSynth
+#
+# Example 3:
+# Specify the default Receiver by provider and name:
+# javax.sound.midi.Receiver=com.sun.media.sound.MidiProvider#SunMIDI1
+#