[Bug 64471] Rfc6265CookieProcessor doesn't consider IPv6
https://bz.apache.org/bugzilla/show_bug.cgi?id=64471 --- Comment #4 from quaff --- Created attachment 37270 --> https://bz.apache.org/bugzilla/attachment.cgi?id=37270=edit Chrome DevTools Chrome supports [::1] as cookie domain. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: [SECURITY] CVE-2020-9484 Apache Tomcat Remote Code Execution via session persistence
On 27/05/2020 18:37, amarendra godbole wrote: > s/PersistenceManager/PersistentManager/g > > Is that a typo? Yes. Mark > > Thanks. > > -ag > > On Wed, May 20, 2020 at 8:19 AM Mark Thomas wrote: >> >> CVE-2020-9484 Apache Tomcat Remote Code Execution via session persistence >> >> Severity: High >> >> Vendor: The Apache Software Foundation >> >> Versions Affected: >> Apache Tomcat 10.0.0-M1 to 10.0.0-M4 >> Apache Tomcat 9.0.0.M1 to 9.0.34 >> Apache Tomcat 8.5.0 to 8.5.54 >> Apache Tomcat 7.0.0 to 7.0.103 >> >> Description: >> If: >> a) an attacker is able to control the contents and name of a file on the >>server; and >> b) the server is configured to use the PersistenceManager with a >>FileStore; and >> c) the PersistenceManager is configured with >>sessionAttributeValueClassNameFilter="null" (the default unless a >>SecurityManager is used) or a sufficiently lax filter to allow the >>attacker provided object to be deserialized; and >> d) the attacker knows the relative file path from the storage location >>used by FileStore to the file the attacker has control over; >> then, using a specifically crafted request, the attacker will be able to >> trigger remote code execution via deserialization of the file under >> their control. Note that all of conditions a) to d) must be true for the >> attack to succeed. >> >> Mitigation: >> - Upgrade to Apache Tomcat 10.0.0-M5 or later >> - Upgrade to Apache Tomcat 9.0.35 or later >> - Upgrade to Apache Tomcat 8.5.55 or later >> - Upgrade to Apache Tomcat 7.0.104 or later >> Alternatively, users may configure the PersistenceManager with an >> appropriate value for sessionAttributeValueClassNameFilter to ensure >> that only application provided attributes are serialized and deserialized. >> >> Credit: >> This issue was discovered and reported responsibly to the Apache Tomcat >> Security Team by report by jarvis threedr3am of pdd security research >> >> References: >> [1] http://tomcat.apache.org/security-10.html >> [2] http://tomcat.apache.org/security-9.html >> [3] http://tomcat.apache.org/security-8.html >> [4] http://tomcat.apache.org/security-7.html >> >> - >> To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org >> For additional commands, e-mail: dev-h...@tomcat.apache.org >> > > - > To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org > For additional commands, e-mail: dev-h...@tomcat.apache.org > - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 7.0.x updated: Add missing French translation (remm)
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch 7.0.x in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/7.0.x by this push: new b3e3720 Add missing French translation (remm) b3e3720 is described below commit b3e3720883b8eeb5e181551f3f4ab8c2546fd8d7 Author: Mark Thomas AuthorDate: Wed May 27 19:24:12 2020 +0100 Add missing French translation (remm) --- java/org/apache/catalina/connector/LocalStrings_fr.properties | 1 + webapps/docs/changelog.xml| 4 2 files changed, 5 insertions(+) diff --git a/java/org/apache/catalina/connector/LocalStrings_fr.properties b/java/org/apache/catalina/connector/LocalStrings_fr.properties index 3d5ba85..d26bd5f 100644 --- a/java/org/apache/catalina/connector/LocalStrings_fr.properties +++ b/java/org/apache/catalina/connector/LocalStrings_fr.properties @@ -76,6 +76,7 @@ mapperListener.unregisterContext=Désenregistrement du contexte [{0}] request.asyncNotSupported=Un filtre ou un Servlet de la chaîne actuelle ne supporte pas le mode asynchrone request.fragmentInDispatchPath=Le fragment dans le chemin de dispatch [{0}] a été enlevé request.notAsync=Il est interdit d'appeler cette méthode si la requête actuelle n'est pas en mode asynchrone (isAsyncStarted() a renvoyé false) +request.session.failed=Erreur de chargement de la session [{0}] à cause de [{1}] requestFacade.nullRequest=L'objet requête a été recyclé et n'est plus associé à cette façade diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml index b7ca9b1..5b5d83d 100644 --- a/webapps/docs/changelog.xml +++ b/webapps/docs/changelog.xml @@ -87,6 +87,10 @@ CharsetCache to include ISO-8859-16, added in OpenJDK 15. (markt) + +Improve the quality and expand the coverage of the French translations +provided with Apache Tomcat. (remm) + - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 9.0.x updated: Add missing French translation (remm)
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch 9.0.x in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/9.0.x by this push: new 914ee22 Add missing French translation (remm) 914ee22 is described below commit 914ee224b3d1b374fb1db71ce0a0069fec356945 Author: Mark Thomas AuthorDate: Wed May 27 19:24:12 2020 +0100 Add missing French translation (remm) --- java/org/apache/catalina/connector/LocalStrings_fr.properties | 1 + webapps/docs/changelog.xml| 4 2 files changed, 5 insertions(+) diff --git a/java/org/apache/catalina/connector/LocalStrings_fr.properties b/java/org/apache/catalina/connector/LocalStrings_fr.properties index 3bdbe67..eb544d6 100644 --- a/java/org/apache/catalina/connector/LocalStrings_fr.properties +++ b/java/org/apache/catalina/connector/LocalStrings_fr.properties @@ -83,6 +83,7 @@ request.asyncNotSupported=Un filtre ou un Servlet de la chaîne actuelle ne supp request.fragmentInDispatchPath=Le fragment dans le chemin de dispatch [{0}] a été enlevé request.illegalWrap=L'enrobeur de la réponse doit enrober la requête obtenue à partir de getRequest() request.notAsync=Il est interdit d'appeler cette méthode si la requête actuelle n'est pas en mode asynchrone (isAsyncStarted() a renvoyé false) +request.session.failed=Erreur de chargement de la session [{0}] à cause de [{1}] requestFacade.nullRequest=L'objet requête a été recyclé et n'est plus associé à cette façade diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml index 2abb7c2..4f160b4 100644 --- a/webapps/docs/changelog.xml +++ b/webapps/docs/changelog.xml @@ -101,6 +101,10 @@ CharsetCache to include ISO-8859-16, added in OpenJDK 15. (markt) + +Improve the quality and expand the coverage of the French translations +provided with Apache Tomcat. (remm) + - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 8.5.x updated: Add missing French translation (remm)
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch 8.5.x in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/8.5.x by this push: new e0307e7 Add missing French translation (remm) e0307e7 is described below commit e0307e73f73266d52fb9edefbc5abc62f22abd69 Author: Mark Thomas AuthorDate: Wed May 27 19:24:12 2020 +0100 Add missing French translation (remm) --- java/org/apache/catalina/connector/LocalStrings_fr.properties | 1 + webapps/docs/changelog.xml| 4 2 files changed, 5 insertions(+) diff --git a/java/org/apache/catalina/connector/LocalStrings_fr.properties b/java/org/apache/catalina/connector/LocalStrings_fr.properties index 9430f27..6ff85e1 100644 --- a/java/org/apache/catalina/connector/LocalStrings_fr.properties +++ b/java/org/apache/catalina/connector/LocalStrings_fr.properties @@ -82,6 +82,7 @@ request.asyncNotSupported=Un filtre ou un Servlet de la chaîne actuelle ne supp request.fragmentInDispatchPath=Le fragment dans le chemin de dispatch [{0}] a été enlevé request.illegalWrap=L'enrobeur de la réponse doit enrober la requête obtenue à partir de getRequest() request.notAsync=Il est interdit d'appeler cette méthode si la requête actuelle n'est pas en mode asynchrone (isAsyncStarted() a renvoyé false) +request.session.failed=Erreur de chargement de la session [{0}] à cause de [{1}] requestFacade.nullRequest=L'objet requête a été recyclé et n'est plus associé à cette façade diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml index 471acbd..3ce0fa1 100644 --- a/webapps/docs/changelog.xml +++ b/webapps/docs/changelog.xml @@ -93,6 +93,10 @@ CharsetCache to include ISO-8859-16, added in OpenJDK 15. (markt) + +Improve the quality and expand the coverage of the French translations +provided with Apache Tomcat. (remm) + - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 9.0.x updated: Correct key order
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch 9.0.x in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/9.0.x by this push: new 89cf58a Correct key order 89cf58a is described below commit 89cf58a5558427a838e31c58adffd8f97770702b Author: Mark Thomas AuthorDate: Wed May 27 19:22:26 2020 +0100 Correct key order --- java/org/apache/tomcat/util/net/LocalStrings_ja.properties | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/java/org/apache/tomcat/util/net/LocalStrings_ja.properties b/java/org/apache/tomcat/util/net/LocalStrings_ja.properties index d1c73e9..f16f9c3 100644 --- a/java/org/apache/tomcat/util/net/LocalStrings_ja.properties +++ b/java/org/apache/tomcat/util/net/LocalStrings_ja.properties @@ -167,8 +167,8 @@ sslUtilBase.alias_no_key_entry=別名 [{0}] はキーエントリを発見でき sslUtilBase.invalidTrustManagerClassName=[{0}]が提供するtrustManagerClassNameはjavax.net.ssl.TrustManagerを実装していません。 sslUtilBase.keystore_load_failed=[{0}] のキーストア [{1}] の読み込みは [{2}] により失敗しました。 sslUtilBase.noCertFile=SSLコネクタを使用する場合は、SSLHostConfigのcertificateFile属性を定義する必要があります。 -sslUtilBase.noKeys=キーストアで見つかった秘密キーのエイリアスがありません。 sslUtilBase.noCrlSupport=トラストストアプロバイダー [{0}] は設定項目 certificateRevocationFile に対応していません。 +sslUtilBase.noKeys=キーストアで見つかった秘密キーのエイリアスがありません。 sslUtilBase.noVerificationDepth=トラストストアプロバイダー [{0}] は設定項目 certificateVerificationDepth に未対応です。 sslUtilBase.noneSupported=指定された[{0}]のどれもSSLエンジンでサポートされていません:[{1}] sslUtilBase.skipped=指定された[{0}]の一部はSSLエンジンでサポートされておらず、スキップされています:[{1}] - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 7.0.x updated: Remove unused key
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch 7.0.x in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/7.0.x by this push: new 9bece3f Remove unused key 9bece3f is described below commit 9bece3f385f3e57f88def0bc070c2085d3eec090 Author: Mark Thomas AuthorDate: Wed May 27 19:22:13 2020 +0100 Remove unused key --- java/org/apache/catalina/core/LocalStrings_es.properties| 1 - java/org/apache/catalina/core/LocalStrings_fr.properties| 1 - java/org/apache/catalina/core/LocalStrings_ja.properties| 1 - java/org/apache/catalina/core/LocalStrings_ko.properties| 1 - java/org/apache/catalina/core/LocalStrings_zh_CN.properties | 1 - 5 files changed, 5 deletions(-) diff --git a/java/org/apache/catalina/core/LocalStrings_es.properties b/java/org/apache/catalina/core/LocalStrings_es.properties index 8d0ce42..7e77eee 100644 --- a/java/org/apache/catalina/core/LocalStrings_es.properties +++ b/java/org/apache/catalina/core/LocalStrings_es.properties @@ -257,7 +257,6 @@ standardWrapper.notClass=No se ha especificado clase de servlet para servlet [{0 standardWrapper.notContext=El contenedor padre para un Arropador (Wrapper) debe de ser un Contexto standardWrapper.notFound=No está disponible el Servlet [{0}] standardWrapper.notServlet=La Clase [{0}] no es un Servlet -standardWrapper.releaseFilters=Excepción de Liberación de filtros para servlet [{0}] standardWrapper.serviceException=Servlet.service() para servlet [{0}] lanzó excepción standardWrapper.serviceExceptionRoot=El Servlet.service() para el servlet [{0}] en el contexto con ruta [{1}] lanzó la excepción [{2}] con causa raíz standardWrapper.unavailable=Marcando el servlet [{0}] como no disponible diff --git a/java/org/apache/catalina/core/LocalStrings_fr.properties b/java/org/apache/catalina/core/LocalStrings_fr.properties index 92704d4..f5fc3dc 100644 --- a/java/org/apache/catalina/core/LocalStrings_fr.properties +++ b/java/org/apache/catalina/core/LocalStrings_fr.properties @@ -312,7 +312,6 @@ standardWrapper.notClass=Aucune classe servlet n''a été spécifiée pour la se standardWrapper.notContext=Le conteneur parent d'un enrobeur (wrapper) doit être un contexte standardWrapper.notFound=Servlet [{0}] n''est pas disponible. standardWrapper.notServlet=La classe [{0}] n''est pas une servlet -standardWrapper.releaseFilters=Exception des filtres de sortie (release filters) pour la servlet [{0}] standardWrapper.serviceException="Servlet.service()" pour la servlet [{0}] a généré une exception standardWrapper.serviceExceptionRoot=Servlet.service() du Servlet [{0}] dans le contexte au chemin [{1}] a retourné une exception [{2}] avec la cause standardWrapper.unavailable=La servlet [{0}] est marqué comme indisponible diff --git a/java/org/apache/catalina/core/LocalStrings_ja.properties b/java/org/apache/catalina/core/LocalStrings_ja.properties index 924684f..cf8ac73 100644 --- a/java/org/apache/catalina/core/LocalStrings_ja.properties +++ b/java/org/apache/catalina/core/LocalStrings_ja.properties @@ -315,7 +315,6 @@ standardWrapper.notClass=サーブレット [{0}] に指定されたサーブレ standardWrapper.notContext=Wrapper の親のコンテナはContextでなければいけません standardWrapper.notFound=サーブレット [{0}] が利用できません standardWrapper.notServlet=クラス [{0}] はServletではありません -standardWrapper.releaseFilters=サーブレット [{0}] のフィルタ例外を解除します standardWrapper.serviceException=サーブレット [{0}] のServlet.service()が例外を投げました standardWrapper.serviceExceptionRoot=パス[{1}]を持つコンテキスト内のサーブレット[{0}]のServlet.service() が例外[{2}]が根本的要因と共に投げられました。 standardWrapper.unavailable=サーブレット [{0}] を利用不可能にマークします diff --git a/java/org/apache/catalina/core/LocalStrings_ko.properties b/java/org/apache/catalina/core/LocalStrings_ko.properties index ad737f6..ee81f81 100644 --- a/java/org/apache/catalina/core/LocalStrings_ko.properties +++ b/java/org/apache/catalina/core/LocalStrings_ko.properties @@ -243,7 +243,6 @@ standardWrapper.notClass=서블릿 [{0}]을(를) 위한 서블릿 클래스가 standardWrapper.notContext=Wrapper의 부모 컨테이너는 반드시 컨텍스트여야 합니다. standardWrapper.notFound=서블릿 [{0}]은(는) 가용하지 않습니다. standardWrapper.notServlet=클래스 [{0}]은(는) 서블릿이 아닙니다, -standardWrapper.releaseFilters=서블릿 [{0}]을(를) 위해 필터를 해제하는 중 예외 발생 standardWrapper.serviceException=경로가 [{1}]인 컨텍스트의 서블릿 [{0}]을(를) 위한 Servlet.service() 호출이 예외를 발생시켰습니다. standardWrapper.serviceExceptionRoot=경로 [{1}]의 컨텍스트 내의 서블릿 [{0}]을(를) 위한 Servlet.service() 호출이, 근본 원인(root cause)과 함께, 예외 [{2}]을(를) 발생시켰습니다. standardWrapper.unavailable=서블릿 [{0}]을(를) 가용하지 않은 상태로 표시합니다. diff --git a/java/org/apache/catalina/core/LocalStrings_zh_CN.properties b/java/org/apache/catalina/core/LocalStrings_zh_CN.properties index 79779a5..b84c416 100644 --- a/java/org/apache/catalina/core/LocalStrings_zh_CN.properties +++ b/java/org/apache/catalina/core/LocalStrings_zh_CN.properties @@ -238,7 +238,6 @@ standardWrapper.notClass=未为servlet[{0}]指定servlet类 standardWrapper.notContext=包装的父容器必须是上下文
[tomcat] branch 8.5.x updated: Remove unused key
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch 8.5.x in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/8.5.x by this push: new 4d3cbff Remove unused key 4d3cbff is described below commit 4d3cbff5facc0d14cf7904e2d238300976ca499e Author: Mark Thomas AuthorDate: Wed May 27 19:22:13 2020 +0100 Remove unused key --- java/org/apache/catalina/core/LocalStrings_es.properties| 1 - java/org/apache/catalina/core/LocalStrings_fr.properties| 1 - java/org/apache/catalina/core/LocalStrings_ja.properties| 1 - java/org/apache/catalina/core/LocalStrings_ko.properties| 1 - java/org/apache/catalina/core/LocalStrings_zh_CN.properties | 1 - 5 files changed, 5 deletions(-) diff --git a/java/org/apache/catalina/core/LocalStrings_es.properties b/java/org/apache/catalina/core/LocalStrings_es.properties index a2291ae..66a20d0 100644 --- a/java/org/apache/catalina/core/LocalStrings_es.properties +++ b/java/org/apache/catalina/core/LocalStrings_es.properties @@ -178,7 +178,6 @@ standardWrapper.notClass=No se ha especificado clase de servlet para servlet [{0 standardWrapper.notContext=El contenedor padre para un Arropador (Wrapper) debe de ser un Contexto standardWrapper.notFound=No está disponible el Servlet [{0}] standardWrapper.notServlet=La Clase [{0}] no es un Servlet -standardWrapper.releaseFilters=Excepción de Liberación de filtros para servlet [{0}] standardWrapper.serviceException=Servlet.service() para servlet [{0}] lanzó excepción standardWrapper.serviceExceptionRoot=El Servlet.service() para el servlet [{0}] en el contexto con ruta [{1}] lanzó la excepción [{2}] con causa raíz standardWrapper.unavailable=Marcando el servlet [{0}] como no disponible diff --git a/java/org/apache/catalina/core/LocalStrings_fr.properties b/java/org/apache/catalina/core/LocalStrings_fr.properties index 69b4c41..ab87356 100644 --- a/java/org/apache/catalina/core/LocalStrings_fr.properties +++ b/java/org/apache/catalina/core/LocalStrings_fr.properties @@ -265,7 +265,6 @@ standardWrapper.notClass=Aucune classe servlet n''a été spécifiée pour la se standardWrapper.notContext=Le conteneur parent d'un enrobeur (wrapper) doit être un contexte standardWrapper.notFound=Servlet [{0}] n''est pas disponible. standardWrapper.notServlet=La classe [{0}] n''est pas une servlet -standardWrapper.releaseFilters=Exception des filtres de sortie (release filters) pour la servlet [{0}] standardWrapper.serviceException="Servlet.service()" pour la servlet [{0}] a généré une exception standardWrapper.serviceExceptionRoot=Servlet.service() du Servlet [{0}] dans le contexte au chemin [{1}] a retourné une exception [{2}] avec la cause standardWrapper.unavailable=La servlet [{0}] est marqué comme indisponible diff --git a/java/org/apache/catalina/core/LocalStrings_ja.properties b/java/org/apache/catalina/core/LocalStrings_ja.properties index 854e055..2630d7d 100644 --- a/java/org/apache/catalina/core/LocalStrings_ja.properties +++ b/java/org/apache/catalina/core/LocalStrings_ja.properties @@ -265,7 +265,6 @@ standardWrapper.notClass=サーブレット [{0}] に指定されたサーブレ standardWrapper.notContext=Wrapper の親のコンテナはContextでなければいけません standardWrapper.notFound=サーブレット [{0}] が利用できません standardWrapper.notServlet=クラス [{0}] はServletではありません -standardWrapper.releaseFilters=サーブレット [{0}] のフィルタ例外を解除します standardWrapper.serviceException=サーブレット [{0}] のServlet.service()が例外を投げました standardWrapper.serviceExceptionRoot=パス[{1}]を持つコンテキスト内のサーブレット[{0}]のServlet.service() が例外[{2}]が根本的要因と共に投げられました。 standardWrapper.unavailable=サーブレット [{0}] を利用不可能にマークします diff --git a/java/org/apache/catalina/core/LocalStrings_ko.properties b/java/org/apache/catalina/core/LocalStrings_ko.properties index 0012e83..57906b9 100644 --- a/java/org/apache/catalina/core/LocalStrings_ko.properties +++ b/java/org/apache/catalina/core/LocalStrings_ko.properties @@ -264,7 +264,6 @@ standardWrapper.notClass=서블릿 [{0}]을(를) 위한 서블릿 클래스가 standardWrapper.notContext=Wrapper의 부모 컨테이너는 반드시 컨텍스트여야 합니다. standardWrapper.notFound=서블릿 [{0}]은(는) 가용하지 않습니다. standardWrapper.notServlet=클래스 [{0}]은(는) 서블릿이 아닙니다, -standardWrapper.releaseFilters=서블릿 [{0}]을(를) 위해 필터를 해제하는 중 예외 발생 standardWrapper.serviceException=경로가 [{1}]인 컨텍스트의 서블릿 [{0}]을(를) 위한 Servlet.service() 호출이 예외를 발생시켰습니다. standardWrapper.serviceExceptionRoot=경로 [{1}]의 컨텍스트 내의 서블릿 [{0}]을(를) 위한 Servlet.service() 호출이, 근본 원인(root cause)과 함께, 예외 [{2}]을(를) 발생시켰습니다. standardWrapper.unavailable=서블릿 [{0}]을(를) 가용하지 않은 상태로 표시합니다. diff --git a/java/org/apache/catalina/core/LocalStrings_zh_CN.properties b/java/org/apache/catalina/core/LocalStrings_zh_CN.properties index adc71d3..4128ac3 100644 --- a/java/org/apache/catalina/core/LocalStrings_zh_CN.properties +++ b/java/org/apache/catalina/core/LocalStrings_zh_CN.properties @@ -264,7 +264,6 @@ standardWrapper.notClass=未为servlet[{0}]指定servlet类 standardWrapper.notContext=包装的父容器必须是上下文
[tomcat] branch 9.0.x updated: Remove unused key
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch 9.0.x in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/9.0.x by this push: new 4f8b15f Remove unused key 4f8b15f is described below commit 4f8b15feaa61df68873891a11f3389a34961ba6d Author: Mark Thomas AuthorDate: Wed May 27 19:22:13 2020 +0100 Remove unused key --- java/org/apache/catalina/core/LocalStrings_es.properties| 1 - java/org/apache/catalina/core/LocalStrings_fr.properties| 1 - java/org/apache/catalina/core/LocalStrings_ja.properties| 1 - java/org/apache/catalina/core/LocalStrings_ko.properties| 1 - java/org/apache/catalina/core/LocalStrings_zh_CN.properties | 1 - 5 files changed, 5 deletions(-) diff --git a/java/org/apache/catalina/core/LocalStrings_es.properties b/java/org/apache/catalina/core/LocalStrings_es.properties index a5c7d1c..c6604d7 100644 --- a/java/org/apache/catalina/core/LocalStrings_es.properties +++ b/java/org/apache/catalina/core/LocalStrings_es.properties @@ -171,7 +171,6 @@ standardWrapper.notClass=No se ha especificado clase de servlet para servlet [{0 standardWrapper.notContext=El contenedor padre para un Arropador (Wrapper) debe de ser un Contexto standardWrapper.notFound=No está disponible el Servlet [{0}] standardWrapper.notServlet=La Clase [{0}] no es un Servlet -standardWrapper.releaseFilters=Excepción de Liberación de filtros para servlet [{0}] standardWrapper.serviceException=Servlet.service() para servlet [{0}] lanzó excepción standardWrapper.serviceExceptionRoot=El Servlet.service() para el servlet [{0}] en el contexto con ruta [{1}] lanzó la excepción [{2}] con causa raíz standardWrapper.unavailable=Marcando el servlet [{0}] como no disponible diff --git a/java/org/apache/catalina/core/LocalStrings_fr.properties b/java/org/apache/catalina/core/LocalStrings_fr.properties index 5252c8d..45f6e41 100644 --- a/java/org/apache/catalina/core/LocalStrings_fr.properties +++ b/java/org/apache/catalina/core/LocalStrings_fr.properties @@ -297,7 +297,6 @@ standardWrapper.notClass=Aucune classe servlet n''a été spécifiée pour la se standardWrapper.notContext=Le conteneur parent d'un enrobeur (wrapper) doit être un contexte standardWrapper.notFound=Servlet [{0}] n''est pas disponible. standardWrapper.notServlet=La classe [{0}] n''est pas une servlet -standardWrapper.releaseFilters=Exception des filtres de sortie (release filters) pour la servlet [{0}] standardWrapper.serviceException="Servlet.service()" pour la servlet [{0}] a généré une exception standardWrapper.serviceExceptionRoot=Servlet.service() du Servlet [{0}] dans le contexte au chemin [{1}] a retourné une exception [{2}] avec la cause standardWrapper.unavailable=La servlet [{0}] est marqué comme indisponible diff --git a/java/org/apache/catalina/core/LocalStrings_ja.properties b/java/org/apache/catalina/core/LocalStrings_ja.properties index f8fe950..e24bf7c 100644 --- a/java/org/apache/catalina/core/LocalStrings_ja.properties +++ b/java/org/apache/catalina/core/LocalStrings_ja.properties @@ -297,7 +297,6 @@ standardWrapper.notClass=サーブレット [{0}] に指定されたサーブレ standardWrapper.notContext=Wrapper の親のコンテナはContextでなければいけません standardWrapper.notFound=サーブレット [{0}] が利用できません standardWrapper.notServlet=クラス [{0}] はServletではありません -standardWrapper.releaseFilters=サーブレット [{0}] のフィルタ例外を解除します standardWrapper.serviceException=サーブレット [{0}] のServlet.service()が例外を投げました standardWrapper.serviceExceptionRoot=パス[{1}]を持つコンテキスト内のサーブレット[{0}]のServlet.service() が例外[{2}]が根本的要因と共に投げられました。 standardWrapper.unavailable=サーブレット [{0}] を利用不可能にマークします diff --git a/java/org/apache/catalina/core/LocalStrings_ko.properties b/java/org/apache/catalina/core/LocalStrings_ko.properties index 43ce1b7..d368870 100644 --- a/java/org/apache/catalina/core/LocalStrings_ko.properties +++ b/java/org/apache/catalina/core/LocalStrings_ko.properties @@ -297,7 +297,6 @@ standardWrapper.notClass=서블릿 [{0}]을(를) 위한 서블릿 클래스가 standardWrapper.notContext=Wrapper의 부모 컨테이너는 반드시 컨텍스트여야 합니다. standardWrapper.notFound=서블릿 [{0}]은(는) 가용하지 않습니다. standardWrapper.notServlet=클래스 [{0}]은(는) 서블릿이 아닙니다, -standardWrapper.releaseFilters=서블릿 [{0}]을(를) 위해 필터를 해제하는 중 예외 발생 standardWrapper.serviceException=경로가 [{1}]인 컨텍스트의 서블릿 [{0}]을(를) 위한 Servlet.service() 호출이 예외를 발생시켰습니다. standardWrapper.serviceExceptionRoot=경로 [{1}]의 컨텍스트 내의 서블릿 [{0}]을(를) 위한 Servlet.service() 호출이, 근본 원인(root cause)과 함께, 예외 [{2}]을(를) 발생시켰습니다. standardWrapper.unavailable=서블릿 [{0}]을(를) 가용하지 않은 상태로 표시합니다. diff --git a/java/org/apache/catalina/core/LocalStrings_zh_CN.properties b/java/org/apache/catalina/core/LocalStrings_zh_CN.properties index 5a4bbf8..9b67ed2 100644 --- a/java/org/apache/catalina/core/LocalStrings_zh_CN.properties +++ b/java/org/apache/catalina/core/LocalStrings_zh_CN.properties @@ -298,7 +298,6 @@ standardWrapper.notClass=未为servlet[{0}]指定servlet类 standardWrapper.notContext=包装的父容器必须是上下文
[tomcat] 03/03: Add missing French translation (remm)
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/tomcat.git commit 1d1d835a6784854e26c4fff8e23aef128c105f3c Author: Mark Thomas AuthorDate: Wed May 27 19:24:12 2020 +0100 Add missing French translation (remm) --- java/org/apache/catalina/connector/LocalStrings_fr.properties | 1 + webapps/docs/changelog.xml| 4 2 files changed, 5 insertions(+) diff --git a/java/org/apache/catalina/connector/LocalStrings_fr.properties b/java/org/apache/catalina/connector/LocalStrings_fr.properties index 3bdbe67..eb544d6 100644 --- a/java/org/apache/catalina/connector/LocalStrings_fr.properties +++ b/java/org/apache/catalina/connector/LocalStrings_fr.properties @@ -83,6 +83,7 @@ request.asyncNotSupported=Un filtre ou un Servlet de la chaîne actuelle ne supp request.fragmentInDispatchPath=Le fragment dans le chemin de dispatch [{0}] a été enlevé request.illegalWrap=L'enrobeur de la réponse doit enrober la requête obtenue à partir de getRequest() request.notAsync=Il est interdit d'appeler cette méthode si la requête actuelle n'est pas en mode asynchrone (isAsyncStarted() a renvoyé false) +request.session.failed=Erreur de chargement de la session [{0}] à cause de [{1}] requestFacade.nullRequest=L'objet requête a été recyclé et n'est plus associé à cette façade diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml index 9063c98..2332b6e 100644 --- a/webapps/docs/changelog.xml +++ b/webapps/docs/changelog.xml @@ -111,6 +111,10 @@ CharsetCache to include ISO-8859-16, added in OpenJDK 15. (markt) + +Improve the quality and expand the coverage of the French translations +provided with Apache Tomcat. (remm) + - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch master updated (ab32f48 -> 1d1d835)
This is an automated email from the ASF dual-hosted git repository. markt pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/tomcat.git. from ab32f48 Correct StringManager lookup new b9066fc Remove unused key new a9e6cad Correct key order new 1d1d835 Add missing French translation (remm) The 3 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "add" were already present in the repository and have only been added to this reference. Summary of changes: java/org/apache/catalina/connector/LocalStrings_fr.properties | 1 + java/org/apache/catalina/core/LocalStrings_es.properties | 1 - java/org/apache/catalina/core/LocalStrings_fr.properties | 1 - java/org/apache/catalina/core/LocalStrings_ja.properties | 1 - java/org/apache/catalina/core/LocalStrings_ko.properties | 1 - java/org/apache/catalina/core/LocalStrings_zh_CN.properties | 1 - java/org/apache/tomcat/util/net/LocalStrings_ja.properties| 2 +- webapps/docs/changelog.xml| 4 8 files changed, 6 insertions(+), 6 deletions(-) - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] 01/03: Remove unused key
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/tomcat.git commit b9066fcad16991d168590a3d26c3931c454e0800 Author: Mark Thomas AuthorDate: Wed May 27 19:22:13 2020 +0100 Remove unused key --- java/org/apache/catalina/core/LocalStrings_es.properties| 1 - java/org/apache/catalina/core/LocalStrings_fr.properties| 1 - java/org/apache/catalina/core/LocalStrings_ja.properties| 1 - java/org/apache/catalina/core/LocalStrings_ko.properties| 1 - java/org/apache/catalina/core/LocalStrings_zh_CN.properties | 1 - 5 files changed, 5 deletions(-) diff --git a/java/org/apache/catalina/core/LocalStrings_es.properties b/java/org/apache/catalina/core/LocalStrings_es.properties index a5c7d1c..c6604d7 100644 --- a/java/org/apache/catalina/core/LocalStrings_es.properties +++ b/java/org/apache/catalina/core/LocalStrings_es.properties @@ -171,7 +171,6 @@ standardWrapper.notClass=No se ha especificado clase de servlet para servlet [{0 standardWrapper.notContext=El contenedor padre para un Arropador (Wrapper) debe de ser un Contexto standardWrapper.notFound=No está disponible el Servlet [{0}] standardWrapper.notServlet=La Clase [{0}] no es un Servlet -standardWrapper.releaseFilters=Excepción de Liberación de filtros para servlet [{0}] standardWrapper.serviceException=Servlet.service() para servlet [{0}] lanzó excepción standardWrapper.serviceExceptionRoot=El Servlet.service() para el servlet [{0}] en el contexto con ruta [{1}] lanzó la excepción [{2}] con causa raíz standardWrapper.unavailable=Marcando el servlet [{0}] como no disponible diff --git a/java/org/apache/catalina/core/LocalStrings_fr.properties b/java/org/apache/catalina/core/LocalStrings_fr.properties index 35d642e..0943ed5 100644 --- a/java/org/apache/catalina/core/LocalStrings_fr.properties +++ b/java/org/apache/catalina/core/LocalStrings_fr.properties @@ -296,7 +296,6 @@ standardWrapper.notClass=Aucune classe servlet n''a été spécifiée pour la se standardWrapper.notContext=Le conteneur parent d'un enrobeur (wrapper) doit être un contexte standardWrapper.notFound=Servlet [{0}] n''est pas disponible. standardWrapper.notServlet=La classe [{0}] n''est pas une servlet -standardWrapper.releaseFilters=Exception des filtres de sortie (release filters) pour la servlet [{0}] standardWrapper.serviceException="Servlet.service()" pour la servlet [{0}] a généré une exception standardWrapper.serviceExceptionRoot=Servlet.service() du Servlet [{0}] dans le contexte au chemin [{1}] a retourné une exception [{2}] avec la cause standardWrapper.unavailable=La servlet [{0}] est marqué comme indisponible diff --git a/java/org/apache/catalina/core/LocalStrings_ja.properties b/java/org/apache/catalina/core/LocalStrings_ja.properties index 145da00..c5ab32f 100644 --- a/java/org/apache/catalina/core/LocalStrings_ja.properties +++ b/java/org/apache/catalina/core/LocalStrings_ja.properties @@ -296,7 +296,6 @@ standardWrapper.notClass=サーブレット [{0}] に指定されたサーブレ standardWrapper.notContext=Wrapper の親のコンテナはContextでなければいけません standardWrapper.notFound=サーブレット [{0}] が利用できません standardWrapper.notServlet=クラス [{0}] はServletではありません -standardWrapper.releaseFilters=サーブレット [{0}] のフィルタ例外を解除します standardWrapper.serviceException=サーブレット [{0}] のServlet.service()が例外を投げました standardWrapper.serviceExceptionRoot=パス[{1}]を持つコンテキスト内のサーブレット[{0}]のServlet.service() が例外[{2}]が根本的要因と共に投げられました。 standardWrapper.unavailable=サーブレット [{0}] を利用不可能にマークします diff --git a/java/org/apache/catalina/core/LocalStrings_ko.properties b/java/org/apache/catalina/core/LocalStrings_ko.properties index f685bac..7e0c9cb 100644 --- a/java/org/apache/catalina/core/LocalStrings_ko.properties +++ b/java/org/apache/catalina/core/LocalStrings_ko.properties @@ -296,7 +296,6 @@ standardWrapper.notClass=서블릿 [{0}]을(를) 위한 서블릿 클래스가 standardWrapper.notContext=Wrapper의 부모 컨테이너는 반드시 컨텍스트여야 합니다. standardWrapper.notFound=서블릿 [{0}]은(는) 가용하지 않습니다. standardWrapper.notServlet=클래스 [{0}]은(는) 서블릿이 아닙니다, -standardWrapper.releaseFilters=서블릿 [{0}]을(를) 위해 필터를 해제하는 중 예외 발생 standardWrapper.serviceException=경로가 [{1}]인 컨텍스트의 서블릿 [{0}]을(를) 위한 Servlet.service() 호출이 예외를 발생시켰습니다. standardWrapper.serviceExceptionRoot=경로 [{1}]의 컨텍스트 내의 서블릿 [{0}]을(를) 위한 Servlet.service() 호출이, 근본 원인(root cause)과 함께, 예외 [{2}]을(를) 발생시켰습니다. standardWrapper.unavailable=서블릿 [{0}]을(를) 가용하지 않은 상태로 표시합니다. diff --git a/java/org/apache/catalina/core/LocalStrings_zh_CN.properties b/java/org/apache/catalina/core/LocalStrings_zh_CN.properties index 7b7f16e..c909dc6 100644 --- a/java/org/apache/catalina/core/LocalStrings_zh_CN.properties +++ b/java/org/apache/catalina/core/LocalStrings_zh_CN.properties @@ -297,7 +297,6 @@ standardWrapper.notClass=未为servlet[{0}]指定servlet类 standardWrapper.notContext=包装的父容器必须是上下文 standardWrapper.notFound=Servlet [{0}] 不可用 standardWrapper.notServlet=类{0}不是Servlet
[tomcat] 02/03: Correct key order
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/tomcat.git commit a9e6caddc5e3197025dd7d83be6f2366a840616d Author: Mark Thomas AuthorDate: Wed May 27 19:22:26 2020 +0100 Correct key order --- java/org/apache/tomcat/util/net/LocalStrings_ja.properties | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/java/org/apache/tomcat/util/net/LocalStrings_ja.properties b/java/org/apache/tomcat/util/net/LocalStrings_ja.properties index d1c73e9..f16f9c3 100644 --- a/java/org/apache/tomcat/util/net/LocalStrings_ja.properties +++ b/java/org/apache/tomcat/util/net/LocalStrings_ja.properties @@ -167,8 +167,8 @@ sslUtilBase.alias_no_key_entry=別名 [{0}] はキーエントリを発見でき sslUtilBase.invalidTrustManagerClassName=[{0}]が提供するtrustManagerClassNameはjavax.net.ssl.TrustManagerを実装していません。 sslUtilBase.keystore_load_failed=[{0}] のキーストア [{1}] の読み込みは [{2}] により失敗しました。 sslUtilBase.noCertFile=SSLコネクタを使用する場合は、SSLHostConfigのcertificateFile属性を定義する必要があります。 -sslUtilBase.noKeys=キーストアで見つかった秘密キーのエイリアスがありません。 sslUtilBase.noCrlSupport=トラストストアプロバイダー [{0}] は設定項目 certificateRevocationFile に対応していません。 +sslUtilBase.noKeys=キーストアで見つかった秘密キーのエイリアスがありません。 sslUtilBase.noVerificationDepth=トラストストアプロバイダー [{0}] は設定項目 certificateVerificationDepth に未対応です。 sslUtilBase.noneSupported=指定された[{0}]のどれもSSLエンジンでサポートされていません:[{1}] sslUtilBase.skipped=指定された[{0}]の一部はSSLエンジンでサポートされておらず、スキップされています:[{1}] - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: [SECURITY] CVE-2020-9484 Apache Tomcat Remote Code Execution via session persistence
s/PersistenceManager/PersistentManager/g Is that a typo? Thanks. -ag On Wed, May 20, 2020 at 8:19 AM Mark Thomas wrote: > > CVE-2020-9484 Apache Tomcat Remote Code Execution via session persistence > > Severity: High > > Vendor: The Apache Software Foundation > > Versions Affected: > Apache Tomcat 10.0.0-M1 to 10.0.0-M4 > Apache Tomcat 9.0.0.M1 to 9.0.34 > Apache Tomcat 8.5.0 to 8.5.54 > Apache Tomcat 7.0.0 to 7.0.103 > > Description: > If: > a) an attacker is able to control the contents and name of a file on the >server; and > b) the server is configured to use the PersistenceManager with a >FileStore; and > c) the PersistenceManager is configured with >sessionAttributeValueClassNameFilter="null" (the default unless a >SecurityManager is used) or a sufficiently lax filter to allow the >attacker provided object to be deserialized; and > d) the attacker knows the relative file path from the storage location >used by FileStore to the file the attacker has control over; > then, using a specifically crafted request, the attacker will be able to > trigger remote code execution via deserialization of the file under > their control. Note that all of conditions a) to d) must be true for the > attack to succeed. > > Mitigation: > - Upgrade to Apache Tomcat 10.0.0-M5 or later > - Upgrade to Apache Tomcat 9.0.35 or later > - Upgrade to Apache Tomcat 8.5.55 or later > - Upgrade to Apache Tomcat 7.0.104 or later > Alternatively, users may configure the PersistenceManager with an > appropriate value for sessionAttributeValueClassNameFilter to ensure > that only application provided attributes are serialized and deserialized. > > Credit: > This issue was discovered and reported responsibly to the Apache Tomcat > Security Team by report by jarvis threedr3am of pdd security research > > References: > [1] http://tomcat.apache.org/security-10.html > [2] http://tomcat.apache.org/security-9.html > [3] http://tomcat.apache.org/security-8.html > [4] http://tomcat.apache.org/security-7.html > > - > To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org > For additional commands, e-mail: dev-h...@tomcat.apache.org > - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 64474] Truststore validation is failing to show detailed log messages for out-of-date entries
https://bz.apache.org/bugzilla/show_bug.cgi?id=64474 Mark Thomas changed: What|Removed |Added Resolution|--- |FIXED Status|NEW |RESOLVED --- Comment #3 from Mark Thomas --- Fixed in: - master for 10.0.0-M6 onwards - 9.0.x for 9.0.36 onwards - 8.5.x for 8.5.56 onwards -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 8.5.x updated: Fix BZ 64474 - Correct missing log messages
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch 8.5.x in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/8.5.x by this push: new 57a8b7b Fix BZ 64474 - Correct missing log messages 57a8b7b is described below commit 57a8b7b40a505f6d915b2c80d2efafaa9c14ea32 Author: Mark Thomas AuthorDate: Wed May 27 17:49:44 2020 +0100 Fix BZ 64474 - Correct missing log messages Previous refactorings moved code between packages but didn't move the associated messages. --- .../apache/tomcat/util/net/LocalStrings.properties | 17 ++- .../tomcat/util/net/LocalStrings_de.properties | 5 +++-- .../tomcat/util/net/LocalStrings_es.properties | 10 + .../tomcat/util/net/LocalStrings_fr.properties | 17 ++- .../tomcat/util/net/LocalStrings_ja.properties | 17 ++- .../tomcat/util/net/LocalStrings_ko.properties | 17 ++- .../tomcat/util/net/LocalStrings_zh_CN.properties | 17 ++- java/org/apache/tomcat/util/net/SSLHostConfig.java | 2 +- java/org/apache/tomcat/util/net/SSLUtilBase.java | 24 +++--- java/org/apache/tomcat/util/net/jsse/JSSEUtil.java | 4 ++-- .../tomcat/util/net/jsse/LocalStrings.properties | 17 +++ .../util/net/jsse/LocalStrings_de.properties | 6 +- .../util/net/jsse/LocalStrings_es.properties | 7 +-- .../util/net/jsse/LocalStrings_fr.properties | 17 +++ .../util/net/jsse/LocalStrings_ja.properties | 17 +++ .../util/net/jsse/LocalStrings_ko.properties | 17 +++ .../util/net/jsse/LocalStrings_ru.properties | 2 +- .../util/net/jsse/LocalStrings_zh_CN.properties| 17 +++ java/org/apache/tomcat/util/net/jsse/PEMFile.java | 2 +- .../tomcat/util/net/openssl/OpenSSLUtil.java | 2 +- .../net/openssl/ciphers/LocalStrings.properties| 3 ++- ...gs_fr.properties => LocalStrings_de.properties} | 2 +- ...gs_fr.properties => LocalStrings_es.properties} | 2 +- .../net/openssl/ciphers/LocalStrings_fr.properties | 3 ++- .../net/openssl/ciphers/LocalStrings_ja.properties | 3 ++- .../net/openssl/ciphers/LocalStrings_ko.properties | 3 ++- .../openssl/ciphers/LocalStrings_zh_CN.properties | 3 ++- .../ciphers/OpenSSLCipherConfigurationParser.java | 7 +++ 28 files changed, 119 insertions(+), 141 deletions(-) diff --git a/java/org/apache/tomcat/util/net/LocalStrings.properties b/java/org/apache/tomcat/util/net/LocalStrings.properties index 7bca289..c3c54f2 100644 --- a/java/org/apache/tomcat/util/net/LocalStrings.properties +++ b/java/org/apache/tomcat/util/net/LocalStrings.properties @@ -122,11 +122,6 @@ endpoint.warn.noRemoteHost=Unable to determine remote host name for socket [{0}] endpoint.warn.noRemotePort=Unable to determine remote port for socket [{0}] endpoint.warn.unlockAcceptorFailed=Acceptor thread [{0}] failed to unlock. Forcing hard socket shutdown. -jsse.invalid_truststore_password=The provided trust store password could not be used to unlock and/or validate the trust store. Retrying to access the trust store with a null password which will skip validation. -jsse.keystore_load_failed=Failed to load keystore type [{0}] with path [{1}] due to [{2}] -jsse.ssl3=SSLv3 has been explicitly enabled. This protocol is known to be insecure. -jsse.tls13.auth=The JSSE TLS 1.3 implementation does not support authentication after the initial handshake and is therefore incompatible with optional client authentication - sniExtractor.clientHelloInvalid=The ClientHello message was not correctly formatted sniExtractor.clientHelloTooBig=The ClientHello was not presented in a single TLS record so no SNI information could be extracted @@ -140,6 +135,7 @@ socket.sslreneg=Exception re-negotiating SSL connection sslHostConfig.certificate.notype=Multiple certificates were specified and at least one is missing the required attribute type sslHostConfig.certificateVerificationInvalid=The certificate verification value [{0}] is not recognised sslHostConfig.fileNotFound=Configured file [{0}] does not exist +sslHostConfig.invalid_truststore_password=The provided trust store password could not be used to unlock and/or validate the trust store. Retrying to access the trust store with a null password which will skip validation. sslHostConfig.mismatch=The property [{0}] was set on the SSLHostConfig named [{1}] and is for the [{2}] configuration syntax but the SSLHostConfig is being used with the [{3}] configuration syntax sslHostConfig.opensslconf.alreadyset=Attempt to set another OpenSSLConf ignored sslHostConfig.opensslconf.null=Attempt to set null OpenSSLConf ignored @@ -150,5 +146,16 @@ sslHostConfigCertificate.mismatch=The property [{0}] was set on the SSLHostConfi sslImplementation.cnfe=Unable to create SSLImplementation for
buildbot success in on tomcat-trunk
The Buildbot has detected a restored build on builder tomcat-trunk while building tomcat. Full details are available at: https://ci.apache.org/builders/tomcat-trunk/builds/5201 Buildbot URL: https://ci.apache.org/ Buildslave for this Build: asf946_ubuntu Build Reason: The AnyBranchScheduler scheduler named 'on-tomcat-commit' triggered this build Build Source Stamp: [branch master] ae69c8e09644ed6fd91fd87a2f7d7ee0d441f7da Blamelist: Mark Thomas Build succeeded! Sincerely, -The Buildbot - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch master updated: Correct StringManager lookup
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/master by this push: new ab32f48 Correct StringManager lookup ab32f48 is described below commit ab32f48b873260bb3ac7f5656813e2ca4142cc49 Author: Mark Thomas AuthorDate: Wed May 27 17:18:03 2020 +0100 Correct StringManager lookup --- java/org/apache/tomcat/util/net/openssl/OpenSSLUtil.java | 2 +- .../util/net/openssl/ciphers/OpenSSLCipherConfigurationParser.java | 3 +-- 2 files changed, 2 insertions(+), 3 deletions(-) diff --git a/java/org/apache/tomcat/util/net/openssl/OpenSSLUtil.java b/java/org/apache/tomcat/util/net/openssl/OpenSSLUtil.java index fada2ca..0ab24c2 100644 --- a/java/org/apache/tomcat/util/net/openssl/OpenSSLUtil.java +++ b/java/org/apache/tomcat/util/net/openssl/OpenSSLUtil.java @@ -35,7 +35,7 @@ import org.apache.tomcat.util.res.StringManager; public class OpenSSLUtil extends SSLUtilBase { private static final Log log = LogFactory.getLog(OpenSSLUtil.class); -private static final StringManager sm = StringManager.getManager(OpenSSLContext.class); +private static final StringManager sm = StringManager.getManager(OpenSSLUtil.class); public OpenSSLUtil(SSLHostConfigCertificate certificate) { diff --git a/java/org/apache/tomcat/util/net/openssl/ciphers/OpenSSLCipherConfigurationParser.java b/java/org/apache/tomcat/util/net/openssl/ciphers/OpenSSLCipherConfigurationParser.java index d9179b2..f87b5f1 100644 --- a/java/org/apache/tomcat/util/net/openssl/ciphers/OpenSSLCipherConfigurationParser.java +++ b/java/org/apache/tomcat/util/net/openssl/ciphers/OpenSSLCipherConfigurationParser.java @@ -40,8 +40,7 @@ import org.apache.tomcat.util.res.StringManager; public class OpenSSLCipherConfigurationParser { private static final Log log = LogFactory.getLog(OpenSSLCipherConfigurationParser.class); -private static final StringManager sm = -StringManager.getManager("org.apache.tomcat.util.net.jsse.res"); +private static final StringManager sm = StringManager.getManager(OpenSSLCipherConfigurationParser.class); private static boolean initialized = false; - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 9.0.x updated: Correct StringManager lookup
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch 9.0.x in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/9.0.x by this push: new 2e44fac Correct StringManager lookup 2e44fac is described below commit 2e44fac8848af13c4c28c51a567671d2ff07b6cb Author: Mark Thomas AuthorDate: Wed May 27 17:18:03 2020 +0100 Correct StringManager lookup --- java/org/apache/tomcat/util/net/openssl/OpenSSLUtil.java | 2 +- .../util/net/openssl/ciphers/OpenSSLCipherConfigurationParser.java | 3 +-- 2 files changed, 2 insertions(+), 3 deletions(-) diff --git a/java/org/apache/tomcat/util/net/openssl/OpenSSLUtil.java b/java/org/apache/tomcat/util/net/openssl/OpenSSLUtil.java index fada2ca..0ab24c2 100644 --- a/java/org/apache/tomcat/util/net/openssl/OpenSSLUtil.java +++ b/java/org/apache/tomcat/util/net/openssl/OpenSSLUtil.java @@ -35,7 +35,7 @@ import org.apache.tomcat.util.res.StringManager; public class OpenSSLUtil extends SSLUtilBase { private static final Log log = LogFactory.getLog(OpenSSLUtil.class); -private static final StringManager sm = StringManager.getManager(OpenSSLContext.class); +private static final StringManager sm = StringManager.getManager(OpenSSLUtil.class); public OpenSSLUtil(SSLHostConfigCertificate certificate) { diff --git a/java/org/apache/tomcat/util/net/openssl/ciphers/OpenSSLCipherConfigurationParser.java b/java/org/apache/tomcat/util/net/openssl/ciphers/OpenSSLCipherConfigurationParser.java index d9179b2..f87b5f1 100644 --- a/java/org/apache/tomcat/util/net/openssl/ciphers/OpenSSLCipherConfigurationParser.java +++ b/java/org/apache/tomcat/util/net/openssl/ciphers/OpenSSLCipherConfigurationParser.java @@ -40,8 +40,7 @@ import org.apache.tomcat.util.res.StringManager; public class OpenSSLCipherConfigurationParser { private static final Log log = LogFactory.getLog(OpenSSLCipherConfigurationParser.class); -private static final StringManager sm = -StringManager.getManager("org.apache.tomcat.util.net.jsse.res"); +private static final StringManager sm = StringManager.getManager(OpenSSLCipherConfigurationParser.class); private static boolean initialized = false; - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 7.0.x updated: Fix IDE warning
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch 7.0.x in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/7.0.x by this push: new 0f2f751 Fix IDE warning 0f2f751 is described below commit 0f2f751a87a0dca4a27cadeea333f1f605921d98 Author: Mark Thomas AuthorDate: Wed May 27 17:09:53 2020 +0100 Fix IDE warning --- java/org/apache/catalina/connector/Connector.java | 1 + 1 file changed, 1 insertion(+) diff --git a/java/org/apache/catalina/connector/Connector.java b/java/org/apache/catalina/connector/Connector.java index 52ba8f6..5ff6f35 100644 --- a/java/org/apache/catalina/connector/Connector.java +++ b/java/org/apache/catalina/connector/Connector.java @@ -267,6 +267,7 @@ public class Connector extends LifecycleMBeanBase { /** * The behavior when an encoded solidus (slash) is submitted. */ +@SuppressWarnings("deprecation") private EncodedSolidusHandling encodedSolidusHandling = UDecoder.ALLOW_ENCODED_SLASH ? EncodedSolidusHandling.DECODE : EncodedSolidusHandling.REJECT; - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 9.0.x updated: Fix IDE warning
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch 9.0.x in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/9.0.x by this push: new 98f9b88 Fix IDE warning 98f9b88 is described below commit 98f9b88b07e67e045d1d8643a0eafbe3dba55710 Author: Mark Thomas AuthorDate: Wed May 27 17:09:53 2020 +0100 Fix IDE warning --- java/org/apache/catalina/connector/Connector.java | 1 + 1 file changed, 1 insertion(+) diff --git a/java/org/apache/catalina/connector/Connector.java b/java/org/apache/catalina/connector/Connector.java index 1e78bc8..d41fcb7 100644 --- a/java/org/apache/catalina/connector/Connector.java +++ b/java/org/apache/catalina/connector/Connector.java @@ -276,6 +276,7 @@ public class Connector extends LifecycleMBeanBase { /** * The behavior when an encoded solidus (slash) is submitted. */ +@SuppressWarnings("deprecation") private EncodedSolidusHandling encodedSolidusHandling = UDecoder.ALLOW_ENCODED_SLASH ? EncodedSolidusHandling.DECODE : EncodedSolidusHandling.REJECT; - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 8.5.x updated: Fix IDE warning
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch 8.5.x in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/8.5.x by this push: new 3f21444 Fix IDE warning 3f21444 is described below commit 3f21444656b8b096ca0fea76c20be028dacc957b Author: Mark Thomas AuthorDate: Wed May 27 17:09:53 2020 +0100 Fix IDE warning --- java/org/apache/catalina/connector/Connector.java | 1 + 1 file changed, 1 insertion(+) diff --git a/java/org/apache/catalina/connector/Connector.java b/java/org/apache/catalina/connector/Connector.java index d7ee351..cc42d27 100644 --- a/java/org/apache/catalina/connector/Connector.java +++ b/java/org/apache/catalina/connector/Connector.java @@ -286,6 +286,7 @@ public class Connector extends LifecycleMBeanBase { /** * The behavior when an encoded solidus (slash) is submitted. */ +@SuppressWarnings("deprecation") private EncodedSolidusHandling encodedSolidusHandling = UDecoder.ALLOW_ENCODED_SLASH ? EncodedSolidusHandling.DECODE : EncodedSolidusHandling.REJECT; - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch master updated: Fix BZ 64474 - Correct missing log messages
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/master by this push: new ae69c8e Fix BZ 64474 - Correct missing log messages ae69c8e is described below commit ae69c8e09644ed6fd91fd87a2f7d7ee0d441f7da Author: Mark Thomas AuthorDate: Wed May 27 17:07:52 2020 +0100 Fix BZ 64474 - Correct missing log messages Previous refactorings moved code between packages but didn't move the associated messages. --- .../org/apache/tomcat/util/net/LocalStrings.properties | 8 .../apache/tomcat/util/net/LocalStrings_de.properties | 2 ++ .../apache/tomcat/util/net/LocalStrings_es.properties | 3 +++ .../apache/tomcat/util/net/LocalStrings_fr.properties | 8 .../apache/tomcat/util/net/LocalStrings_ja.properties | 8 .../apache/tomcat/util/net/LocalStrings_ko.properties | 8 .../tomcat/util/net/LocalStrings_zh_CN.properties | 8 java/org/apache/tomcat/util/net/SSLUtilBase.java | 18 +- .../tomcat/util/net/jsse/LocalStrings.properties | 11 --- .../tomcat/util/net/jsse/LocalStrings_de.properties| 5 - .../tomcat/util/net/jsse/LocalStrings_es.properties| 6 -- .../tomcat/util/net/jsse/LocalStrings_fr.properties| 11 --- .../tomcat/util/net/jsse/LocalStrings_ja.properties| 11 --- .../tomcat/util/net/jsse/LocalStrings_ko.properties| 11 --- .../tomcat/util/net/jsse/LocalStrings_zh_CN.properties | 11 --- .../util/net/openssl/ciphers/LocalStrings.properties | 3 ++- ...trings_ja.properties => LocalStrings_de.properties} | 2 +- ...trings_ja.properties => LocalStrings_es.properties} | 2 +- .../net/openssl/ciphers/LocalStrings_fr.properties | 3 ++- .../net/openssl/ciphers/LocalStrings_ja.properties | 3 ++- .../net/openssl/ciphers/LocalStrings_ko.properties | 3 ++- .../net/openssl/ciphers/LocalStrings_zh_CN.properties | 3 ++- .../ciphers/OpenSSLCipherConfigurationParser.java | 4 ++-- 23 files changed, 68 insertions(+), 84 deletions(-) diff --git a/java/org/apache/tomcat/util/net/LocalStrings.properties b/java/org/apache/tomcat/util/net/LocalStrings.properties index 053da6c..350d6b0 100644 --- a/java/org/apache/tomcat/util/net/LocalStrings.properties +++ b/java/org/apache/tomcat/util/net/LocalStrings.properties @@ -163,8 +163,16 @@ sslHostConfigCertificate.mismatch=The property [{0}] was set on the SSLHostConfi sslImplementation.cnfe=Unable to create SSLImplementation for class [{0}] sslUtilBase.active=The [{0}] that are active are : [{1}] +sslUtilBase.alias_no_key_entry=Alias name [{0}] does not identify a key entry +sslUtilBase.invalidTrustManagerClassName=The trustManagerClassName provided [{0}] does not implement javax.net.ssl.TrustManager sslUtilBase.keystore_load_failed=Failed to load keystore type [{0}] with path [{1}] due to [{2}] +sslUtilBase.noCertFile=SSLHostConfig attribute certificateFile must be defined when using an SSL connector +sslUtilBase.noCrlSupport=The truststoreProvider [{0}] does not support the certificateRevocationFile configuration option +sslUtilBase.noKeys=No aliases for private keys found in key store +sslUtilBase.noVerificationDepth=The truststoreProvider [{0}] does not support the certificateVerificationDepth configuration option sslUtilBase.noneSupported=None of the [{0}] specified are supported by the SSL engine : [{1}] sslUtilBase.skipped=Some of the specified [{0}] are not supported by the SSL engine and have been skipped: [{1}] sslUtilBase.ssl3=SSLv3 has been explicitly enabled. This protocol is known to be insecure. sslUtilBase.tls13.auth=The JSSE TLS 1.3 implementation does not support authentication after the initial handshake and is therefore incompatible with optional client authentication +sslUtilBase.trustedCertNotChecked=The validity dates of the trusted certificate with alias [{0}] were not checked as the certificate was of an unknown type +sslUtilBase.trustedCertNotValid=The trusted certificate with alias [{0}] and DN [{1}] is not valid due to [{2}]. Certificates signed by this trusted certificate WILL be accepted diff --git a/java/org/apache/tomcat/util/net/LocalStrings_de.properties b/java/org/apache/tomcat/util/net/LocalStrings_de.properties index 064fcde..434e26e 100644 --- a/java/org/apache/tomcat/util/net/LocalStrings_de.properties +++ b/java/org/apache/tomcat/util/net/LocalStrings_de.properties @@ -44,5 +44,7 @@ sslHostConfig.certificate.notype=Es wurden mehrere Zertifikate angegeben und min sslHostConfig.fileNotFound=Die konfigurierte Datei [{0}] existiert nicht.\n sslHostConfig.opensslconf.null=Versuch eine null OpenSSLConf zu setzen ignoriert +sslUtilBase.noVerificationDepth=Der truststoreProvider [{0}] unterstützt nicht die Option certificateVerificationDepth
[tomcat] branch 9.0.x updated: Fix BZ 64474 - Correct missing log messages
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch 9.0.x in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/9.0.x by this push: new 2935e3f Fix BZ 64474 - Correct missing log messages 2935e3f is described below commit 2935e3fa91a1bcb7119c100784bcc8ece3dc9f43 Author: Mark Thomas AuthorDate: Wed May 27 17:07:52 2020 +0100 Fix BZ 64474 - Correct missing log messages Previous refactorings moved code between packages but didn't move the associated messages. --- .../org/apache/tomcat/util/net/LocalStrings.properties | 8 .../apache/tomcat/util/net/LocalStrings_de.properties | 2 ++ .../apache/tomcat/util/net/LocalStrings_es.properties | 3 +++ .../apache/tomcat/util/net/LocalStrings_fr.properties | 8 .../apache/tomcat/util/net/LocalStrings_ja.properties | 8 .../apache/tomcat/util/net/LocalStrings_ko.properties | 8 .../tomcat/util/net/LocalStrings_zh_CN.properties | 8 java/org/apache/tomcat/util/net/SSLUtilBase.java | 18 +- .../tomcat/util/net/jsse/LocalStrings.properties | 11 --- .../tomcat/util/net/jsse/LocalStrings_de.properties| 5 - .../tomcat/util/net/jsse/LocalStrings_es.properties| 6 -- .../tomcat/util/net/jsse/LocalStrings_fr.properties| 11 --- .../tomcat/util/net/jsse/LocalStrings_ja.properties| 11 --- .../tomcat/util/net/jsse/LocalStrings_ko.properties| 11 --- .../tomcat/util/net/jsse/LocalStrings_zh_CN.properties | 11 --- .../util/net/openssl/ciphers/LocalStrings.properties | 3 ++- ...trings_ja.properties => LocalStrings_de.properties} | 2 +- ...trings_ja.properties => LocalStrings_es.properties} | 2 +- .../net/openssl/ciphers/LocalStrings_fr.properties | 3 ++- .../net/openssl/ciphers/LocalStrings_ja.properties | 3 ++- .../net/openssl/ciphers/LocalStrings_ko.properties | 3 ++- .../net/openssl/ciphers/LocalStrings_zh_CN.properties | 3 ++- .../ciphers/OpenSSLCipherConfigurationParser.java | 4 ++-- 23 files changed, 68 insertions(+), 84 deletions(-) diff --git a/java/org/apache/tomcat/util/net/LocalStrings.properties b/java/org/apache/tomcat/util/net/LocalStrings.properties index 053da6c..350d6b0 100644 --- a/java/org/apache/tomcat/util/net/LocalStrings.properties +++ b/java/org/apache/tomcat/util/net/LocalStrings.properties @@ -163,8 +163,16 @@ sslHostConfigCertificate.mismatch=The property [{0}] was set on the SSLHostConfi sslImplementation.cnfe=Unable to create SSLImplementation for class [{0}] sslUtilBase.active=The [{0}] that are active are : [{1}] +sslUtilBase.alias_no_key_entry=Alias name [{0}] does not identify a key entry +sslUtilBase.invalidTrustManagerClassName=The trustManagerClassName provided [{0}] does not implement javax.net.ssl.TrustManager sslUtilBase.keystore_load_failed=Failed to load keystore type [{0}] with path [{1}] due to [{2}] +sslUtilBase.noCertFile=SSLHostConfig attribute certificateFile must be defined when using an SSL connector +sslUtilBase.noCrlSupport=The truststoreProvider [{0}] does not support the certificateRevocationFile configuration option +sslUtilBase.noKeys=No aliases for private keys found in key store +sslUtilBase.noVerificationDepth=The truststoreProvider [{0}] does not support the certificateVerificationDepth configuration option sslUtilBase.noneSupported=None of the [{0}] specified are supported by the SSL engine : [{1}] sslUtilBase.skipped=Some of the specified [{0}] are not supported by the SSL engine and have been skipped: [{1}] sslUtilBase.ssl3=SSLv3 has been explicitly enabled. This protocol is known to be insecure. sslUtilBase.tls13.auth=The JSSE TLS 1.3 implementation does not support authentication after the initial handshake and is therefore incompatible with optional client authentication +sslUtilBase.trustedCertNotChecked=The validity dates of the trusted certificate with alias [{0}] were not checked as the certificate was of an unknown type +sslUtilBase.trustedCertNotValid=The trusted certificate with alias [{0}] and DN [{1}] is not valid due to [{2}]. Certificates signed by this trusted certificate WILL be accepted diff --git a/java/org/apache/tomcat/util/net/LocalStrings_de.properties b/java/org/apache/tomcat/util/net/LocalStrings_de.properties index 064fcde..434e26e 100644 --- a/java/org/apache/tomcat/util/net/LocalStrings_de.properties +++ b/java/org/apache/tomcat/util/net/LocalStrings_de.properties @@ -44,5 +44,7 @@ sslHostConfig.certificate.notype=Es wurden mehrere Zertifikate angegeben und min sslHostConfig.fileNotFound=Die konfigurierte Datei [{0}] existiert nicht.\n sslHostConfig.opensslconf.null=Versuch eine null OpenSSLConf zu setzen ignoriert +sslUtilBase.noVerificationDepth=Der truststoreProvider [{0}] unterstützt nicht die Option certificateVerificationDepth
[Bug 64474] Truststore validation is failing to show detailed log messages for out-of-date entries
https://bz.apache.org/bugzilla/show_bug.cgi?id=64474 --- Comment #2 from Mark Thomas --- By happy coincidence, I started to work through these strings earlier today. This should get fixed in time for the next release. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 64474] Truststore validation is failing to show detailed log messages for out-of-date entries
https://bz.apache.org/bugzilla/show_bug.cgi?id=64474 Remy Maucherat changed: What|Removed |Added OS||All --- Comment #1 from Remy Maucherat --- Bad luck, the strings were not moved from package util.net to util when this refactoring was made. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 64474] New: Truststore validation is failing to show detailed log messages for out-of-date entries
https://bz.apache.org/bugzilla/show_bug.cgi?id=64474 Bug ID: 64474 Summary: Truststore validation is failing to show detailed log messages for out-of-date entries Product: Tomcat 8 Version: 8.5.x-trunk Hardware: PC Status: NEW Severity: normal Priority: P2 Component: Util Assignee: dev@tomcat.apache.org Reporter: ismae...@gmail.com Target Milestone: Truststore validation is failing to show detailed log messages for out-of-date entries. For instance, with 8.5.27, we would get something like this in catalina.log for an outdated entry in the configured truststore: WARNING [main] org.apache.tomcat.util.net.jsse.JSSEUtil.checkTrustStoreEntries The trusted certificate with alias [somealias] and DN [CN=SomeCN, OU="SomeOU", O=SomeO, C=US] is not valid due to [NotAfter: ]. Certificates signed by this trusted certificate WILL be accepted Now, we get something like this: WARNING [main] org.apache.tomcat.util.net.SSLUtilBase.checkTrustStoreEntries jsseUtil.trustedCertNotValid It seems that the refactored SSLUtilBase method is unable to obtain the message identified by "jsseUtil.trustedCertNotValid": https://github.com/apache/tomcat/blob/8.5.x/java/org/apache/tomcat/util/net/SSLUtilBase.java -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
buildbot failure in on tomcat-trunk
The Buildbot has detected a new failure on builder tomcat-trunk while building tomcat. Full details are available at: https://ci.apache.org/builders/tomcat-trunk/builds/5200 Buildbot URL: https://ci.apache.org/ Buildslave for this Build: asf946_ubuntu Build Reason: The AnyBranchScheduler scheduler named 'on-tomcat-commit' triggered this build Build Source Stamp: [branch master] c71ad7544a277d9d14359b9d0071c4eb33e124da Blamelist: remm BUILD FAILED: failed compile_1 Sincerely, -The Buildbot - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 64471] Rfc6265CookieProcessor doesn't consider IPv6
https://bz.apache.org/bugzilla/show_bug.cgi?id=64471 --- Comment #3 from Christopher Schultz --- (In reply to Mark Thomas from comment #2) > Please see RFC 6265 for allowed values of the domain attribute. There is a path to requesting IPv6, here: https://tools.ietf.org/html/rfc6265#section-4.1.1 ("Syntax"): " domain-value = ; defined in [RFC1034], Section 3.5, as ; enhanced by [RFC1123], Section 2.1 " https://tools.ietf.org/html/rfc1123#section-2.1 ("Host Names and Numbers"): " Whenever a user inputs the identity of an Internet host, it SHOULD be possible to enter either (1) a host domain name or (2) an IP address in dotted-decimal ("#.#.#.#") form. The host SHOULD check the string syntactically for a dotted-decimal number before looking it up in the Domain Name System. " This section does specify "user" as the source of the hostname, but since the user gets to choose the name they type into the browser, and therefore the "name of the host" they are contacting, an IP address seems like it should be legal. Entering localhost or 127.0.0.1 as the hostname should work (and Tomcat seems to handle this, because the IP address matches [a-zA-z0-9]+(\.[a-zA-z0-9]+)*. So I think maybe IPv6 should be allowed as well, no? -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 8.5.x updated: Add a little of the SSL env
This is an automated email from the ASF dual-hosted git repository. remm pushed a commit to branch 8.5.x in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/8.5.x by this push: new 3494147 Add a little of the SSL env 3494147 is described below commit 3494147b0c6a50e065ea3064f0e9e960f688ab50 Author: remm AuthorDate: Wed May 27 14:00:53 2020 +0200 Add a little of the SSL env Probably since the X509 certificate chain is available, a lot of the client related env could be done as well. --- java/org/apache/catalina/valves/rewrite/ResolverImpl.java | 13 - webapps/docs/changelog.xml| 4 webapps/docs/rewrite.xml | 5 - 3 files changed, 20 insertions(+), 2 deletions(-) diff --git a/java/org/apache/catalina/valves/rewrite/ResolverImpl.java b/java/org/apache/catalina/valves/rewrite/ResolverImpl.java index f880ca5..8c108ab 100644 --- a/java/org/apache/catalina/valves/rewrite/ResolverImpl.java +++ b/java/org/apache/catalina/valves/rewrite/ResolverImpl.java @@ -19,10 +19,12 @@ package org.apache.catalina.valves.rewrite; import java.nio.charset.Charset; import java.util.Calendar; +import org.apache.catalina.Globals; import org.apache.catalina.WebResource; import org.apache.catalina.WebResourceRoot; import org.apache.catalina.connector.Request; import org.apache.tomcat.util.http.FastHttpDateFormat; +import org.apache.tomcat.util.net.SSLSupport; public class ResolverImpl extends Resolver { @@ -133,7 +135,16 @@ public class ResolverImpl extends Resolver { @Override public String resolveSsl(String key) { -// FIXME: Implement SSL environment variables +if (key.equals("SSL_PROTOCOL")) { +return String.valueOf(request.getAttribute(SSLSupport.PROTOCOL_VERSION_KEY)); +} else if (key.equals("SSL_SESSION_ID")) { +return String.valueOf(request.getAttribute(Globals.SSL_SESSION_ID_ATTR)); +} else if (key.equals("SSL_CIPHER")) { +return String.valueOf(request.getAttribute(Globals.CIPHER_SUITE_ATTR)); +} else if (key.equals("SSL_CIPHER_USEKEYSIZE")) { +return String.valueOf(request.getAttribute(Globals.KEY_SIZE_ATTR)); +} +// FIXME: Implement other SSL environment variables when possible return null; } diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml index f609b65..471acbd 100644 --- a/webapps/docs/changelog.xml +++ b/webapps/docs/changelog.xml @@ -60,6 +60,10 @@ 64470: The default value of the solidus handling should reflect the associated system property. (remm) + +Implement a few rewrite SSL env that correspond to Servlet request +attributes. (remm) + diff --git a/webapps/docs/rewrite.xml b/webapps/docs/rewrite.xml index 9609c0b..8ab57f4 100644 --- a/webapps/docs/rewrite.xml +++ b/webapps/docs/rewrite.xml @@ -244,7 +244,10 @@ %{SSL:variable}, where variable is the name of an SSL environment -variable, are not implemented yet. Example: +variable, are not implemented, except +SSL_PROTOCOL, SSL_SESSION_ID, +SSL_CIPHER and SSL_CIPHER_USEKEYSIZE. +Example: %{SSL:SSL_CIPHER_USEKEYSIZE} may expand to 128. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 9.0.x updated: Add a little of the SSL env
This is an automated email from the ASF dual-hosted git repository. remm pushed a commit to branch 9.0.x in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/9.0.x by this push: new 8476649 Add a little of the SSL env 8476649 is described below commit 8476649a0276f7f90b8219b5ef4d52869628facb Author: remm AuthorDate: Wed May 27 14:00:53 2020 +0200 Add a little of the SSL env Probably since the X509 certificate chain is available, a lot of the client related env could be done as well. --- java/org/apache/catalina/valves/rewrite/ResolverImpl.java | 13 - webapps/docs/changelog.xml| 4 webapps/docs/rewrite.xml | 5 - 3 files changed, 20 insertions(+), 2 deletions(-) diff --git a/java/org/apache/catalina/valves/rewrite/ResolverImpl.java b/java/org/apache/catalina/valves/rewrite/ResolverImpl.java index a71d64c..1ae6600 100644 --- a/java/org/apache/catalina/valves/rewrite/ResolverImpl.java +++ b/java/org/apache/catalina/valves/rewrite/ResolverImpl.java @@ -19,10 +19,12 @@ package org.apache.catalina.valves.rewrite; import java.nio.charset.Charset; import java.util.Calendar; +import org.apache.catalina.Globals; import org.apache.catalina.WebResource; import org.apache.catalina.WebResourceRoot; import org.apache.catalina.connector.Request; import org.apache.tomcat.util.http.FastHttpDateFormat; +import org.apache.tomcat.util.net.SSLSupport; public class ResolverImpl extends Resolver { @@ -133,7 +135,16 @@ public class ResolverImpl extends Resolver { @Override public String resolveSsl(String key) { -// FIXME: Implement SSL environment variables +if (key.equals("SSL_PROTOCOL")) { +return String.valueOf(request.getAttribute(SSLSupport.PROTOCOL_VERSION_KEY)); +} else if (key.equals("SSL_SESSION_ID")) { +return String.valueOf(request.getAttribute(Globals.SSL_SESSION_ID_ATTR)); +} else if (key.equals("SSL_CIPHER")) { +return String.valueOf(request.getAttribute(Globals.CIPHER_SUITE_ATTR)); +} else if (key.equals("SSL_CIPHER_USEKEYSIZE")) { +return String.valueOf(request.getAttribute(Globals.KEY_SIZE_ATTR)); +} +// FIXME: Implement other SSL environment variables when possible return null; } diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml index 852d4a9..2abb7c2 100644 --- a/webapps/docs/changelog.xml +++ b/webapps/docs/changelog.xml @@ -68,6 +68,10 @@ 64470: The default value of the solidus handling should reflect the associated system property. (remm) + +Implement a few rewrite SSL env that correspond to Servlet request +attributes. (remm) + diff --git a/webapps/docs/rewrite.xml b/webapps/docs/rewrite.xml index c40eb35..be1befa 100644 --- a/webapps/docs/rewrite.xml +++ b/webapps/docs/rewrite.xml @@ -245,7 +245,10 @@ %{SSL:variable}, where variable is the name of an SSL environment -variable, are not implemented yet. Example: +variable, are not implemented, except +SSL_PROTOCOL, SSL_SESSION_ID, +SSL_CIPHER and SSL_CIPHER_USEKEYSIZE. +Example: %{SSL:SSL_CIPHER_USEKEYSIZE} may expand to 128. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch master updated: Add a little of the SSL env
This is an automated email from the ASF dual-hosted git repository. remm pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/master by this push: new c71ad75 Add a little of the SSL env c71ad75 is described below commit c71ad7544a277d9d14359b9d0071c4eb33e124da Author: remm AuthorDate: Wed May 27 14:00:53 2020 +0200 Add a little of the SSL env Probably since the X509 certificate chain is available, a lot of the client related env could be done as well. --- java/org/apache/catalina/valves/rewrite/ResolverImpl.java | 13 - webapps/docs/changelog.xml| 4 webapps/docs/rewrite.xml | 5 - 3 files changed, 20 insertions(+), 2 deletions(-) diff --git a/java/org/apache/catalina/valves/rewrite/ResolverImpl.java b/java/org/apache/catalina/valves/rewrite/ResolverImpl.java index a71d64c..1ae6600 100644 --- a/java/org/apache/catalina/valves/rewrite/ResolverImpl.java +++ b/java/org/apache/catalina/valves/rewrite/ResolverImpl.java @@ -19,10 +19,12 @@ package org.apache.catalina.valves.rewrite; import java.nio.charset.Charset; import java.util.Calendar; +import org.apache.catalina.Globals; import org.apache.catalina.WebResource; import org.apache.catalina.WebResourceRoot; import org.apache.catalina.connector.Request; import org.apache.tomcat.util.http.FastHttpDateFormat; +import org.apache.tomcat.util.net.SSLSupport; public class ResolverImpl extends Resolver { @@ -133,7 +135,16 @@ public class ResolverImpl extends Resolver { @Override public String resolveSsl(String key) { -// FIXME: Implement SSL environment variables +if (key.equals("SSL_PROTOCOL")) { +return String.valueOf(request.getAttribute(SSLSupport.PROTOCOL_VERSION_KEY)); +} else if (key.equals("SSL_SESSION_ID")) { +return String.valueOf(request.getAttribute(Globals.SSL_SESSION_ID_ATTR)); +} else if (key.equals("SSL_CIPHER")) { +return String.valueOf(request.getAttribute(Globals.CIPHER_SUITE_ATTR)); +} else if (key.equals("SSL_CIPHER_USEKEYSIZE")) { +return String.valueOf(request.getAttribute(Globals.KEY_SIZE_ATTR)); +} +// FIXME: Implement other SSL environment variables when possible return null; } diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml index 0f4a2a6..9063c98 100644 --- a/webapps/docs/changelog.xml +++ b/webapps/docs/changelog.xml @@ -64,6 +64,10 @@ Correct a regression in an earlier fix that broke the loading of configuration files such as keystores via URIs on Windows. (markt) + +Implement a few rewrite SSL env that correspond to Servlet request +attributes. (remm) + diff --git a/webapps/docs/rewrite.xml b/webapps/docs/rewrite.xml index c40eb35..be1befa 100644 --- a/webapps/docs/rewrite.xml +++ b/webapps/docs/rewrite.xml @@ -245,7 +245,10 @@ %{SSL:variable}, where variable is the name of an SSL environment -variable, are not implemented yet. Example: +variable, are not implemented, except +SSL_PROTOCOL, SSL_SESSION_ID, +SSL_CIPHER and SSL_CIPHER_USEKEYSIZE. +Example: %{SSL:SSL_CIPHER_USEKEYSIZE} may expand to 128. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 9.0.x updated: Property renames
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch 9.0.x in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/9.0.x by this push: new 82278a8 Property renames 82278a8 is described below commit 82278a8f020569c0e66f199cbfa2385b04afadfc Author: Mark Thomas AuthorDate: Wed May 27 12:29:20 2020 +0100 Property renames jsse.invalid_truststore_pa... to sslHostConfig.invalid_truststore_pa... jsse.keystore_load_failed to sslUtilBase.keystore_load_failed jsse.ssl3 to sslUtilBase.ssl3 jsse.tls13.auth to sslUtilBase.tls13.auth === jsse.excludeProtocol to jsseUtil.excludeProtocol jsse.noDefaultProtocols to jsseUtil.noDefaultProtocols jsse.pemParseErrorto pemFile.parseError --- java/org/apache/tomcat/util/net/LocalStrings.properties | 9 - java/org/apache/tomcat/util/net/LocalStrings_cs.properties | 3 +-- java/org/apache/tomcat/util/net/LocalStrings_de.properties | 3 +-- java/org/apache/tomcat/util/net/LocalStrings_es.properties | 7 +++ java/org/apache/tomcat/util/net/LocalStrings_fr.properties | 9 - java/org/apache/tomcat/util/net/LocalStrings_ja.properties | 9 - java/org/apache/tomcat/util/net/LocalStrings_ko.properties | 9 - java/org/apache/tomcat/util/net/LocalStrings_zh_CN.properties| 9 - java/org/apache/tomcat/util/net/SSLHostConfig.java | 2 +- java/org/apache/tomcat/util/net/SSLUtilBase.java | 6 +++--- java/org/apache/tomcat/util/net/jsse/JSSEUtil.java | 4 ++-- java/org/apache/tomcat/util/net/jsse/LocalStrings.properties | 6 +++--- java/org/apache/tomcat/util/net/jsse/LocalStrings_cs.properties | 2 +- java/org/apache/tomcat/util/net/jsse/LocalStrings_de.properties | 3 ++- java/org/apache/tomcat/util/net/jsse/LocalStrings_es.properties | 3 ++- java/org/apache/tomcat/util/net/jsse/LocalStrings_fr.properties | 6 +++--- java/org/apache/tomcat/util/net/jsse/LocalStrings_ja.properties | 6 +++--- java/org/apache/tomcat/util/net/jsse/LocalStrings_ko.properties | 6 +++--- .../apache/tomcat/util/net/jsse/LocalStrings_pt_BR.properties| 2 +- java/org/apache/tomcat/util/net/jsse/LocalStrings_ru.properties | 2 +- .../apache/tomcat/util/net/jsse/LocalStrings_zh_CN.properties| 6 +++--- java/org/apache/tomcat/util/net/jsse/PEMFile.java| 2 +- 22 files changed, 54 insertions(+), 60 deletions(-) diff --git a/java/org/apache/tomcat/util/net/LocalStrings.properties b/java/org/apache/tomcat/util/net/LocalStrings.properties index 0fdd2df..053da6c 100644 --- a/java/org/apache/tomcat/util/net/LocalStrings.properties +++ b/java/org/apache/tomcat/util/net/LocalStrings.properties @@ -135,11 +135,6 @@ endpoint.warn.noRemotePort=Unable to determine remote port for socket [{0}] endpoint.warn.noUtilityExecutor=No utility executor was set, creating one endpoint.warn.unlockAcceptorFailed=Acceptor thread [{0}] failed to unlock. Forcing hard socket shutdown. -jsse.invalid_truststore_password=The provided trust store password could not be used to unlock and/or validate the trust store. Retrying to access the trust store with a null password which will skip validation. -jsse.keystore_load_failed=Failed to load keystore type [{0}] with path [{1}] due to [{2}] -jsse.ssl3=SSLv3 has been explicitly enabled. This protocol is known to be insecure. -jsse.tls13.auth=The JSSE TLS 1.3 implementation does not support authentication after the initial handshake and is therefore incompatible with optional client authentication - nioBlockingSelector.keyNotRegistered=Key no longer registered nioBlockingSelector.possibleLeak=Possible key leak, cancelling key in the finalizer nioBlockingSelector.processingError=Error processing selection key operations @@ -158,6 +153,7 @@ socket.sslreneg=Exception re-negotiating SSL connection sslHostConfig.certificate.notype=Multiple certificates were specified and at least one is missing the required attribute type sslHostConfig.certificateVerificationInvalid=The certificate verification value [{0}] is not recognised sslHostConfig.fileNotFound=Configured file [{0}] does not exist +sslHostConfig.invalid_truststore_password=The provided trust store password could not be used to unlock and/or validate the trust store. Retrying to access the trust store with a null password which will skip validation. sslHostConfig.mismatch=The property [{0}] was set on the SSLHostConfig named [{1}] and is for the [{2}] configuration syntax but the SSLHostConfig is being used with the [{3}] configuration syntax sslHostConfig.opensslconf.null=Attempt to set null OpenSSLConf ignored sslHostConfig.prefix_missing=The protocol [{0}] was added to the list of protocols on the SSLHostConfig named [{1}]. Check if a +/-
[tomcat] branch master updated: Property renames
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/master by this push: new 56a90e8 Property renames 56a90e8 is described below commit 56a90e82177ce178ee4050138066f664fc0cdb3e Author: Mark Thomas AuthorDate: Wed May 27 12:29:20 2020 +0100 Property renames jsse.invalid_truststore_pa... to sslHostConfig.invalid_truststore_pa... jsse.keystore_load_failed to sslUtilBase.keystore_load_failed jsse.ssl3 to sslUtilBase.ssl3 jsse.tls13.auth to sslUtilBase.tls13.auth === jsse.excludeProtocol to jsseUtil.excludeProtocol jsse.noDefaultProtocols to jsseUtil.noDefaultProtocols jsse.pemParseErrorto pemFile.parseError --- java/org/apache/tomcat/util/net/LocalStrings.properties | 9 - java/org/apache/tomcat/util/net/LocalStrings_cs.properties | 3 +-- java/org/apache/tomcat/util/net/LocalStrings_de.properties | 3 +-- java/org/apache/tomcat/util/net/LocalStrings_es.properties | 7 +++ java/org/apache/tomcat/util/net/LocalStrings_fr.properties | 9 - java/org/apache/tomcat/util/net/LocalStrings_ja.properties | 9 - java/org/apache/tomcat/util/net/LocalStrings_ko.properties | 9 - java/org/apache/tomcat/util/net/LocalStrings_zh_CN.properties| 9 - java/org/apache/tomcat/util/net/SSLHostConfig.java | 2 +- java/org/apache/tomcat/util/net/SSLUtilBase.java | 6 +++--- java/org/apache/tomcat/util/net/jsse/JSSEUtil.java | 4 ++-- java/org/apache/tomcat/util/net/jsse/LocalStrings.properties | 8 java/org/apache/tomcat/util/net/jsse/LocalStrings_cs.properties | 2 +- java/org/apache/tomcat/util/net/jsse/LocalStrings_de.properties | 3 ++- java/org/apache/tomcat/util/net/jsse/LocalStrings_es.properties | 3 ++- java/org/apache/tomcat/util/net/jsse/LocalStrings_fr.properties | 6 +++--- java/org/apache/tomcat/util/net/jsse/LocalStrings_ja.properties | 6 +++--- java/org/apache/tomcat/util/net/jsse/LocalStrings_ko.properties | 6 +++--- .../apache/tomcat/util/net/jsse/LocalStrings_pt_BR.properties| 2 +- java/org/apache/tomcat/util/net/jsse/LocalStrings_ru.properties | 2 +- .../apache/tomcat/util/net/jsse/LocalStrings_zh_CN.properties| 6 +++--- java/org/apache/tomcat/util/net/jsse/PEMFile.java| 2 +- 22 files changed, 55 insertions(+), 61 deletions(-) diff --git a/java/org/apache/tomcat/util/net/LocalStrings.properties b/java/org/apache/tomcat/util/net/LocalStrings.properties index 0fdd2df..053da6c 100644 --- a/java/org/apache/tomcat/util/net/LocalStrings.properties +++ b/java/org/apache/tomcat/util/net/LocalStrings.properties @@ -135,11 +135,6 @@ endpoint.warn.noRemotePort=Unable to determine remote port for socket [{0}] endpoint.warn.noUtilityExecutor=No utility executor was set, creating one endpoint.warn.unlockAcceptorFailed=Acceptor thread [{0}] failed to unlock. Forcing hard socket shutdown. -jsse.invalid_truststore_password=The provided trust store password could not be used to unlock and/or validate the trust store. Retrying to access the trust store with a null password which will skip validation. -jsse.keystore_load_failed=Failed to load keystore type [{0}] with path [{1}] due to [{2}] -jsse.ssl3=SSLv3 has been explicitly enabled. This protocol is known to be insecure. -jsse.tls13.auth=The JSSE TLS 1.3 implementation does not support authentication after the initial handshake and is therefore incompatible with optional client authentication - nioBlockingSelector.keyNotRegistered=Key no longer registered nioBlockingSelector.possibleLeak=Possible key leak, cancelling key in the finalizer nioBlockingSelector.processingError=Error processing selection key operations @@ -158,6 +153,7 @@ socket.sslreneg=Exception re-negotiating SSL connection sslHostConfig.certificate.notype=Multiple certificates were specified and at least one is missing the required attribute type sslHostConfig.certificateVerificationInvalid=The certificate verification value [{0}] is not recognised sslHostConfig.fileNotFound=Configured file [{0}] does not exist +sslHostConfig.invalid_truststore_password=The provided trust store password could not be used to unlock and/or validate the trust store. Retrying to access the trust store with a null password which will skip validation. sslHostConfig.mismatch=The property [{0}] was set on the SSLHostConfig named [{1}] and is for the [{2}] configuration syntax but the SSLHostConfig is being used with the [{3}] configuration syntax sslHostConfig.opensslconf.null=Attempt to set null OpenSSLConf ignored sslHostConfig.prefix_missing=The protocol [{0}] was added to the list of protocols on the SSLHostConfig named [{1}]. Check if a +/-
[Bug 64471] Rfc6265CookieProcessor doesn't consider IPv6
https://bz.apache.org/bugzilla/show_bug.cgi?id=64471 Mark Thomas changed: What|Removed |Added Status|NEW |RESOLVED Resolution|--- |INVALID --- Comment #2 from Mark Thomas --- Please see RFC 6265 for allowed values of the domain attribute. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[GitHub] [tomcat] markt-asf closed pull request #291: fixed-chinese-encoding
markt-asf closed pull request #291: URL: https://github.com/apache/tomcat/pull/291 This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[GitHub] [tomcat] markt-asf commented on pull request #291: fixed-chinese-encoding
markt-asf commented on pull request #291: URL: https://github.com/apache/tomcat/pull/291#issuecomment-634493356 I'm guessing you are running Tomcat directly from source in an IDE. As @gmshake pointed out, you'll need to convert the property files to ASCII to do that (the Tomcat build process does this). There are various other approaches you can use depending on exactly what you are trying to achieve. The users mailing list is the place to seek help with this. http://tomcat.apache.org/ This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org