(tomcat) branch 10.1.x updated (dee994384c -> c345241d1a)

Sat, 18 Oct 2025 11:47:17 -0700 

This is an automated email from the ASF dual-hosted git repository.

dsoumis pushed a change to branch 10.1.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


    from dee994384c Fix BZ 69839 - Ensure session ID changes are promulgated to 
SSO Valve
     new 5547e7506f If optionalNoCA is configured then OCSP should be disabled.
     new 395ac084f9 CAs may not issue CRLs.
     new db70489ff3 If we set ok=0 with errnum==X509_V_OK (0), OpenSSL emits a 
fatal internal_error. Tolerate V_OCSP_CERTSTATUS_UNKNOWN and let the client 
policy (e.g. NO_FALLBACK) decide.
     new 0a4a18281f If the OCSP response is null, the error is set as 
X509_V_ERR_APPLICATION_VERIFICATION (50). Should not pass our verification 
process.
     new 5b231979e3 Set specific error when V_OCSP_CERTSTATUS_REVOKED
     new 243a26fbee Ehnance tests and fix various issues in TestOcspIntegration 
tests
     new c345241d1a Refactor multiple instances of same code block in 
TestOcspIntegration

The 7 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails.  The revisions
listed as "add" were already present in the repository and have only
been added to this reference.


Summary of changes:
 .../util/net/openssl/panama/OpenSSLContext.java    |   4 +
 .../util/net/openssl/panama/OpenSSLEngine.java     |   6 +-
 java/org/apache/tomcat/util/openssl/openssl_h.java |  20 ++
 .../tomcat/util/net/ocsp/TestOcspIntegration.java  | 283 ++++++++-------------
 test/org/apache/tomcat/util/net/ocsp/ca-cert.pem   |  34 +--
 .../tomcat/util/net/ocsp/client-keystore.p12       | Bin 0 -> 3658 bytes
 .../net/ocsp/{trust-password => client-password}   |   0
 .../util/net/ocsp/generate-ocsp-test-artifacts.sh  |  48 +++-
 .../tomcat/util/net/ocsp/ocsp-client-good.der      | Bin 0 -> 1280 bytes
 .../tomcat/util/net/ocsp/ocsp-client-revoked.der   | Bin 0 -> 1302 bytes
 test/org/apache/tomcat/util/net/ocsp/ocsp-good.der | Bin 1280 -> 1280 bytes
 .../apache/tomcat/util/net/ocsp/ocsp-revoked.der   | Bin 1302 -> 1302 bytes
 .../apache/tomcat/util/net/ocsp/server-cert.pem    | 106 ++++----
 .../org/apache/tomcat/util/net/ocsp/server-key.pem |  52 ++--
 .../org/apache/tomcat/util/net/ocsp/trustStore.p12 | Bin 1174 -> 1174 bytes
 15 files changed, 267 insertions(+), 286 deletions(-)
 create mode 100644 test/org/apache/tomcat/util/net/ocsp/client-keystore.p12
 copy test/org/apache/tomcat/util/net/ocsp/{trust-password => client-password} 
(100%)
 create mode 100644 test/org/apache/tomcat/util/net/ocsp/ocsp-client-good.der
 create mode 100644 test/org/apache/tomcat/util/net/ocsp/ocsp-client-revoked.der


---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to