--- old/src/java.base/share/classes/sun/security/ssl/JsseJce.java	2018-05-11 15:05:20.018858500 -0700
+++ new/src/java.base/share/classes/sun/security/ssl/JsseJce.java	2018-05-11 15:05:19.540898900 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2001, 2016, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2001, 2018, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -25,25 +25,16 @@
 
 package sun.security.ssl;
 
-import java.util.*;
 import java.math.BigInteger;
-
 import java.security.*;
 import java.security.interfaces.RSAPublicKey;
 import java.security.spec.*;
-
+import java.util.*;
 import javax.crypto.*;
-
-// explicit import to override the Provider class in this package
-import java.security.Provider;
-
-// need internal Sun classes for FIPS tricks
-import sun.security.jca.Providers;
 import sun.security.jca.ProviderList;
-
-import sun.security.util.ECUtil;
-
+import sun.security.jca.Providers;
 import static sun.security.ssl.SunJSSE.cryptoProvider;
+import sun.security.util.ECUtil;
 import static sun.security.util.SecurityConstants.PROVIDER_VER;
 
 /**
@@ -53,18 +44,11 @@
  * @author  Andreas Sterbenz
  */
 final class JsseJce {
+    static final boolean ALLOW_ECC =
+            Utilities.getBooleanProperty("com.sun.net.ssl.enableECC", true);
 
     private static final ProviderList fipsProviderList;
 
-    // Flag indicating whether Kerberos crypto is available.
-    // If true, then all the Kerberos-based crypto we need is available.
-    private static final boolean kerberosAvailable;
-    static {
-        ClientKeyExchangeService p =
-                ClientKeyExchangeService.find("KRB5");
-        kerberosAvailable = (p != null);
-    }
-
     static {
         // force FIPS flag initialization
         // Because isFIPS() is synchronized and cryptoProvider is not modified
@@ -181,7 +165,7 @@
     }
 
     static boolean isKerberosAvailable() {
-        return kerberosAvailable;
+        return false;
     }
 
     /**
@@ -299,7 +283,8 @@
         for (Provider.Service s : cryptoProvider.getServices()) {
             if (s.getType().equals("SecureRandom")) {
                 try {
-                    return SecureRandom.getInstance(s.getAlgorithm(), cryptoProvider);
+                    return SecureRandom.getInstance(
+                            s.getAlgorithm(), cryptoProvider);
                 } catch (NoSuchAlgorithmException ee) {
                     // ignore
                 }
@@ -394,7 +379,7 @@
     // See Effective Java Second Edition: Item 71.
     private static class EcAvailability {
         // Is EC crypto available?
-        private final static boolean isAvailable;
+        private static final boolean isAvailable;
 
         static {
             boolean mediator = true;