[tomcat] branch 9.0.x updated: Document TLS environment update

Fri, 05 Jun 2020 02:12:12 -0700 

This is an automated email from the ASF dual-hosted git repository.

remm pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/9.0.x by this push:
     new 4689a26  Document TLS environment update
4689a26 is described below

commit 4689a266effcfa6960a8c79d25f5dc03e679a9e2
Author: remm <r...@apache.org>
AuthorDate: Fri Jun 5 11:09:42 2020 +0200

    Document TLS environment update
---
 webapps/docs/changelog.xml |  4 ++++
 webapps/docs/rewrite.xml   | 13 ++++++++++---
 2 files changed, 14 insertions(+), 3 deletions(-)

diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 1d18452..facde6e 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -53,6 +53,10 @@
         the sole feature that depends on it (anti-resource locking) is
         configured and can't be used. (markt)
       </add>
+      <update>
+        Implement a significant portion of the TLS environment variables for
+        the rewrite valve. (remm)
+      </update>
     </changelog>
   </subsection>
   <subsection name="Coyote">
diff --git a/webapps/docs/rewrite.xml b/webapps/docs/rewrite.xml
index be1befa..ea98d42 100644
--- a/webapps/docs/rewrite.xml
+++ b/webapps/docs/rewrite.xml
@@ -245,9 +245,16 @@
         <li>
         <code>%{SSL:variable}</code>, where <em>variable</em> is the
         name of an SSL environment
-        variable, are not implemented, except
-        <code>SSL_PROTOCOL</code>, <code>SSL_SESSION_ID</code>,
-        <code>SSL_CIPHER</code> and <code>SSL_CIPHER_USEKEYSIZE</code>.
+        variable, are implemented, except
+        <code>SSL_SESSION_RESUMED</code>, <code>SSL_SECURE_RENEG</code>,
+        <code>SSL_COMPRESS_METHOD</code>, <code>SSL_TLS_SNI</code>,
+        <code>SSL_SRP_USER</code>, <code>SSL_SRP_USERINFO</code>,
+        <code>SSL_CLIENT_VERIFY</code>,
+        <code>SSL_CLIENT_SAN_OTHER_msUPN_n</code>,
+        <code>SSL_CLIENT_CERT_RFC4523_CEA</code>,
+        <code>SSL_SERVER_SAN_OTHER_dnsSRV_n</code>.
+        When OpenSSL is used, the variables related to the server
+        certificate, prefixed by <code>SSL_SERVER_</code> are not available.
         Example:
         <code>%{SSL:SSL_CIPHER_USEKEYSIZE}</code> may expand to
         <code>128</code>.</li>


---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Reply via email to