[Bug 64471] Rfc6265CookieProcessor doesn't consider IPv6
https://bz.apache.org/bugzilla/show_bug.cgi?id=64471 --- Comment #4 from quaff --- Created attachment 37270 --> https://bz.apache.org/bugzilla/attachment.cgi?id=37270=edit Chrome DevTools Chrome supports [::1] as cookie domain. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: [SECURITY] CVE-2020-9484 Apache Tomcat Remote Code Execution via session persistence
On 27/05/2020 18:37, amarendra godbole wrote: > s/PersistenceManager/PersistentManager/g > > Is that a typo? Yes. Mark > > Thanks. > > -ag > > On Wed, May 20, 2020 at 8:19 AM Mark Thomas wrote: >> >> CVE-2020-9484 Apache Tomcat Remote Code Execution via session persistence >> >> Severity: High >> >> Vendor: The Apache Software Foundation >> >> Versions Affected: >> Apache Tomcat 10.0.0-M1 to 10.0.0-M4 >> Apache Tomcat 9.0.0.M1 to 9.0.34 >> Apache Tomcat 8.5.0 to 8.5.54 >> Apache Tomcat 7.0.0 to 7.0.103 >> >> Description: >> If: >> a) an attacker is able to control the contents and name of a file on the >>server; and >> b) the server is configured to use the PersistenceManager with a >>FileStore; and >> c) the PersistenceManager is configured with >>sessionAttributeValueClassNameFilter="null" (the default unless a >>SecurityManager is used) or a sufficiently lax filter to allow the >>attacker provided object to be deserialized; and >> d) the attacker knows the relative file path from the storage location >>used by FileStore to the file the attacker has control over; >> then, using a specifically crafted request, the attacker will be able to >> trigger remote code execution via deserialization of the file under >> their control. Note that all of conditions a) to d) must be true for the >> attack to succeed. >> >> Mitigation: >> - Upgrade to Apache Tomcat 10.0.0-M5 or later >> - Upgrade to Apache Tomcat 9.0.35 or later >> - Upgrade to Apache Tomcat 8.5.55 or later >> - Upgrade to Apache Tomcat 7.0.104 or later >> Alternatively, users may configure the PersistenceManager with an >> appropriate value for sessionAttributeValueClassNameFilter to ensure >> that only application provided attributes are serialized and deserialized. >> >> Credit: >> This issue was discovered and reported responsibly to the Apache Tomcat >> Security Team by report by jarvis threedr3am of pdd security research >> >> References: >> [1] http://tomcat.apache.org/security-10.html >> [2] http://tomcat.apache.org/security-9.html >> [3] http://tomcat.apache.org/security-8.html >> [4] http://tomcat.apache.org/security-7.html >> >> - >> To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org >> For additional commands, e-mail: dev-h...@tomcat.apache.org >> > > - > To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org > For additional commands, e-mail: dev-h...@tomcat.apache.org > - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 7.0.x updated: Add missing French translation (remm)
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 7.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/7.0.x by this push:
new b3e3720 Add missing French translation (remm)
b3e3720 is described below
commit b3e3720883b8eeb5e181551f3f4ab8c2546fd8d7
Author: Mark Thomas
AuthorDate: Wed May 27 19:24:12 2020 +0100
Add missing French translation (remm)
---
java/org/apache/catalina/connector/LocalStrings_fr.properties | 1 +
webapps/docs/changelog.xml| 4
2 files changed, 5 insertions(+)
diff --git a/java/org/apache/catalina/connector/LocalStrings_fr.properties
b/java/org/apache/catalina/connector/LocalStrings_fr.properties
index 3d5ba85..d26bd5f 100644
--- a/java/org/apache/catalina/connector/LocalStrings_fr.properties
+++ b/java/org/apache/catalina/connector/LocalStrings_fr.properties
@@ -76,6 +76,7 @@ mapperListener.unregisterContext=Désenregistrement du
contexte [{0}]
request.asyncNotSupported=Un filtre ou un Servlet de la chaîne actuelle ne
supporte pas le mode asynchrone
request.fragmentInDispatchPath=Le fragment dans le chemin de dispatch [{0}] a
été enlevé
request.notAsync=Il est interdit d'appeler cette méthode si la requête
actuelle n'est pas en mode asynchrone (isAsyncStarted() a renvoyé false)
+request.session.failed=Erreur de chargement de la session [{0}] à cause de
[{1}]
requestFacade.nullRequest=L'objet requête a été recyclé et n'est plus associé
à cette façade
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index b7ca9b1..5b5d83d 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -87,6 +87,10 @@
CharsetCache to include ISO-8859-16, added in
OpenJDK 15. (markt)
+
+Improve the quality and expand the coverage of the French translations
+provided with Apache Tomcat. (remm)
+
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 9.0.x updated: Add missing French translation (remm)
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/9.0.x by this push:
new 914ee22 Add missing French translation (remm)
914ee22 is described below
commit 914ee224b3d1b374fb1db71ce0a0069fec356945
Author: Mark Thomas
AuthorDate: Wed May 27 19:24:12 2020 +0100
Add missing French translation (remm)
---
java/org/apache/catalina/connector/LocalStrings_fr.properties | 1 +
webapps/docs/changelog.xml| 4
2 files changed, 5 insertions(+)
diff --git a/java/org/apache/catalina/connector/LocalStrings_fr.properties
b/java/org/apache/catalina/connector/LocalStrings_fr.properties
index 3bdbe67..eb544d6 100644
--- a/java/org/apache/catalina/connector/LocalStrings_fr.properties
+++ b/java/org/apache/catalina/connector/LocalStrings_fr.properties
@@ -83,6 +83,7 @@ request.asyncNotSupported=Un filtre ou un Servlet de la
chaîne actuelle ne supp
request.fragmentInDispatchPath=Le fragment dans le chemin de dispatch [{0}] a
été enlevé
request.illegalWrap=L'enrobeur de la réponse doit enrober la requête obtenue à
partir de getRequest()
request.notAsync=Il est interdit d'appeler cette méthode si la requête
actuelle n'est pas en mode asynchrone (isAsyncStarted() a renvoyé false)
+request.session.failed=Erreur de chargement de la session [{0}] à cause de
[{1}]
requestFacade.nullRequest=L'objet requête a été recyclé et n'est plus associé
à cette façade
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 2abb7c2..4f160b4 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -101,6 +101,10 @@
CharsetCache to include ISO-8859-16, added in
OpenJDK 15. (markt)
+
+Improve the quality and expand the coverage of the French translations
+provided with Apache Tomcat. (remm)
+
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 8.5.x updated: Add missing French translation (remm)
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/8.5.x by this push:
new e0307e7 Add missing French translation (remm)
e0307e7 is described below
commit e0307e73f73266d52fb9edefbc5abc62f22abd69
Author: Mark Thomas
AuthorDate: Wed May 27 19:24:12 2020 +0100
Add missing French translation (remm)
---
java/org/apache/catalina/connector/LocalStrings_fr.properties | 1 +
webapps/docs/changelog.xml| 4
2 files changed, 5 insertions(+)
diff --git a/java/org/apache/catalina/connector/LocalStrings_fr.properties
b/java/org/apache/catalina/connector/LocalStrings_fr.properties
index 9430f27..6ff85e1 100644
--- a/java/org/apache/catalina/connector/LocalStrings_fr.properties
+++ b/java/org/apache/catalina/connector/LocalStrings_fr.properties
@@ -82,6 +82,7 @@ request.asyncNotSupported=Un filtre ou un Servlet de la
chaîne actuelle ne supp
request.fragmentInDispatchPath=Le fragment dans le chemin de dispatch [{0}] a
été enlevé
request.illegalWrap=L'enrobeur de la réponse doit enrober la requête obtenue à
partir de getRequest()
request.notAsync=Il est interdit d'appeler cette méthode si la requête
actuelle n'est pas en mode asynchrone (isAsyncStarted() a renvoyé false)
+request.session.failed=Erreur de chargement de la session [{0}] à cause de
[{1}]
requestFacade.nullRequest=L'objet requête a été recyclé et n'est plus associé
à cette façade
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 471acbd..3ce0fa1 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -93,6 +93,10 @@
CharsetCache to include ISO-8859-16, added in
OpenJDK 15. (markt)
+
+Improve the quality and expand the coverage of the French translations
+provided with Apache Tomcat. (remm)
+
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 9.0.x updated: Correct key order
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/9.0.x by this push:
new 89cf58a Correct key order
89cf58a is described below
commit 89cf58a5558427a838e31c58adffd8f97770702b
Author: Mark Thomas
AuthorDate: Wed May 27 19:22:26 2020 +0100
Correct key order
---
java/org/apache/tomcat/util/net/LocalStrings_ja.properties | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/java/org/apache/tomcat/util/net/LocalStrings_ja.properties
b/java/org/apache/tomcat/util/net/LocalStrings_ja.properties
index d1c73e9..f16f9c3 100644
--- a/java/org/apache/tomcat/util/net/LocalStrings_ja.properties
+++ b/java/org/apache/tomcat/util/net/LocalStrings_ja.properties
@@ -167,8 +167,8 @@ sslUtilBase.alias_no_key_entry=別名 [{0}] はキーエントリを発見でき
sslUtilBase.invalidTrustManagerClassName=[{0}]が提供するtrustManagerClassNameはjavax.net.ssl.TrustManagerを実装していません。
sslUtilBase.keystore_load_failed=[{0}] のキーストア [{1}] の読み込みは [{2}] により失敗しました。
sslUtilBase.noCertFile=SSLコネクタを使用する場合は、SSLHostConfigのcertificateFile属性を定義する必要があります。
-sslUtilBase.noKeys=キーストアで見つかった秘密キーのエイリアスがありません。
sslUtilBase.noCrlSupport=トラストストアプロバイダー [{0}] は設定項目 certificateRevocationFile
に対応していません。
+sslUtilBase.noKeys=キーストアで見つかった秘密キーのエイリアスがありません。
sslUtilBase.noVerificationDepth=トラストストアプロバイダー [{0}] は設定項目
certificateVerificationDepth に未対応です。
sslUtilBase.noneSupported=指定された[{0}]のどれもSSLエンジンでサポートされていません:[{1}]
sslUtilBase.skipped=指定された[{0}]の一部はSSLエンジンでサポートされておらず、スキップされています:[{1}]
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 7.0.x updated: Remove unused key
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 7.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/7.0.x by this push:
new 9bece3f Remove unused key
9bece3f is described below
commit 9bece3f385f3e57f88def0bc070c2085d3eec090
Author: Mark Thomas
AuthorDate: Wed May 27 19:22:13 2020 +0100
Remove unused key
---
java/org/apache/catalina/core/LocalStrings_es.properties| 1 -
java/org/apache/catalina/core/LocalStrings_fr.properties| 1 -
java/org/apache/catalina/core/LocalStrings_ja.properties| 1 -
java/org/apache/catalina/core/LocalStrings_ko.properties| 1 -
java/org/apache/catalina/core/LocalStrings_zh_CN.properties | 1 -
5 files changed, 5 deletions(-)
diff --git a/java/org/apache/catalina/core/LocalStrings_es.properties
b/java/org/apache/catalina/core/LocalStrings_es.properties
index 8d0ce42..7e77eee 100644
--- a/java/org/apache/catalina/core/LocalStrings_es.properties
+++ b/java/org/apache/catalina/core/LocalStrings_es.properties
@@ -257,7 +257,6 @@ standardWrapper.notClass=No se ha especificado clase de
servlet para servlet [{0
standardWrapper.notContext=El contenedor padre para un Arropador (Wrapper)
debe de ser un Contexto
standardWrapper.notFound=No está disponible el Servlet [{0}]
standardWrapper.notServlet=La Clase [{0}] no es un Servlet
-standardWrapper.releaseFilters=Excepción de Liberación de filtros para servlet
[{0}]
standardWrapper.serviceException=Servlet.service() para servlet [{0}] lanzó
excepción
standardWrapper.serviceExceptionRoot=El Servlet.service() para el servlet
[{0}] en el contexto con ruta [{1}] lanzó la excepción [{2}] con causa raíz
standardWrapper.unavailable=Marcando el servlet [{0}] como no disponible
diff --git a/java/org/apache/catalina/core/LocalStrings_fr.properties
b/java/org/apache/catalina/core/LocalStrings_fr.properties
index 92704d4..f5fc3dc 100644
--- a/java/org/apache/catalina/core/LocalStrings_fr.properties
+++ b/java/org/apache/catalina/core/LocalStrings_fr.properties
@@ -312,7 +312,6 @@ standardWrapper.notClass=Aucune classe servlet n''a été
spécifiée pour la se
standardWrapper.notContext=Le conteneur parent d'un enrobeur (wrapper) doit
être un contexte
standardWrapper.notFound=Servlet [{0}] n''est pas disponible.
standardWrapper.notServlet=La classe [{0}] n''est pas une servlet
-standardWrapper.releaseFilters=Exception des filtres de sortie (release
filters) pour la servlet [{0}]
standardWrapper.serviceException="Servlet.service()" pour la servlet [{0}] a
généré une exception
standardWrapper.serviceExceptionRoot=Servlet.service() du Servlet [{0}] dans
le contexte au chemin [{1}] a retourné une exception [{2}] avec la cause
standardWrapper.unavailable=La servlet [{0}] est marqué comme indisponible
diff --git a/java/org/apache/catalina/core/LocalStrings_ja.properties
b/java/org/apache/catalina/core/LocalStrings_ja.properties
index 924684f..cf8ac73 100644
--- a/java/org/apache/catalina/core/LocalStrings_ja.properties
+++ b/java/org/apache/catalina/core/LocalStrings_ja.properties
@@ -315,7 +315,6 @@ standardWrapper.notClass=サーブレット [{0}] に指定されたサーブレ
standardWrapper.notContext=Wrapper の親のコンテナはContextでなければいけません
standardWrapper.notFound=サーブレット [{0}] が利用できません
standardWrapper.notServlet=クラス [{0}] はServletではありません
-standardWrapper.releaseFilters=サーブレット [{0}] のフィルタ例外を解除します
standardWrapper.serviceException=サーブレット [{0}] のServlet.service()が例外を投げました
standardWrapper.serviceExceptionRoot=パス[{1}]を持つコンテキスト内のサーブレット[{0}]のServlet.service()
が例外[{2}]が根本的要因と共に投げられました。
standardWrapper.unavailable=サーブレット [{0}] を利用不可能にマークします
diff --git a/java/org/apache/catalina/core/LocalStrings_ko.properties
b/java/org/apache/catalina/core/LocalStrings_ko.properties
index ad737f6..ee81f81 100644
--- a/java/org/apache/catalina/core/LocalStrings_ko.properties
+++ b/java/org/apache/catalina/core/LocalStrings_ko.properties
@@ -243,7 +243,6 @@ standardWrapper.notClass=서블릿 [{0}]을(를) 위한 서블릿 클래스가
standardWrapper.notContext=Wrapper의 부모 컨테이너는 반드시 컨텍스트여야 합니다.
standardWrapper.notFound=서블릿 [{0}]은(는) 가용하지 않습니다.
standardWrapper.notServlet=클래스 [{0}]은(는) 서블릿이 아닙니다,
-standardWrapper.releaseFilters=서블릿 [{0}]을(를) 위해 필터를 해제하는 중 예외 발생
standardWrapper.serviceException=경로가 [{1}]인 컨텍스트의 서블릿 [{0}]을(를) 위한
Servlet.service() 호출이 예외를 발생시켰습니다.
standardWrapper.serviceExceptionRoot=경로 [{1}]의 컨텍스트 내의 서블릿 [{0}]을(를) 위한
Servlet.service() 호출이, 근본 원인(root cause)과 함께, 예외 [{2}]을(를) 발생시켰습니다.
standardWrapper.unavailable=서블릿 [{0}]을(를) 가용하지 않은 상태로 표시합니다.
diff --git a/java/org/apache/catalina/core/LocalStrings_zh_CN.properties
b/java/org/apache/catalina/core/LocalStrings_zh_CN.properties
index 79779a5..b84c416 100644
--- a/java/org/apache/catalina/core/LocalStrings_zh_CN.properties
+++ b/java/org/apache/catalina/core/LocalStrings_zh_CN.properties
@@ -238,7 +238,6 @@ standardWrapper.notClass=未为servlet[{0}]指定servlet类
standardWrapper.notContext=包装的父容器必须是上下文
[tomcat] branch 8.5.x updated: Remove unused key
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/8.5.x by this push:
new 4d3cbff Remove unused key
4d3cbff is described below
commit 4d3cbff5facc0d14cf7904e2d238300976ca499e
Author: Mark Thomas
AuthorDate: Wed May 27 19:22:13 2020 +0100
Remove unused key
---
java/org/apache/catalina/core/LocalStrings_es.properties| 1 -
java/org/apache/catalina/core/LocalStrings_fr.properties| 1 -
java/org/apache/catalina/core/LocalStrings_ja.properties| 1 -
java/org/apache/catalina/core/LocalStrings_ko.properties| 1 -
java/org/apache/catalina/core/LocalStrings_zh_CN.properties | 1 -
5 files changed, 5 deletions(-)
diff --git a/java/org/apache/catalina/core/LocalStrings_es.properties
b/java/org/apache/catalina/core/LocalStrings_es.properties
index a2291ae..66a20d0 100644
--- a/java/org/apache/catalina/core/LocalStrings_es.properties
+++ b/java/org/apache/catalina/core/LocalStrings_es.properties
@@ -178,7 +178,6 @@ standardWrapper.notClass=No se ha especificado clase de
servlet para servlet [{0
standardWrapper.notContext=El contenedor padre para un Arropador (Wrapper)
debe de ser un Contexto
standardWrapper.notFound=No está disponible el Servlet [{0}]
standardWrapper.notServlet=La Clase [{0}] no es un Servlet
-standardWrapper.releaseFilters=Excepción de Liberación de filtros para servlet
[{0}]
standardWrapper.serviceException=Servlet.service() para servlet [{0}] lanzó
excepción
standardWrapper.serviceExceptionRoot=El Servlet.service() para el servlet
[{0}] en el contexto con ruta [{1}] lanzó la excepción [{2}] con causa raíz
standardWrapper.unavailable=Marcando el servlet [{0}] como no disponible
diff --git a/java/org/apache/catalina/core/LocalStrings_fr.properties
b/java/org/apache/catalina/core/LocalStrings_fr.properties
index 69b4c41..ab87356 100644
--- a/java/org/apache/catalina/core/LocalStrings_fr.properties
+++ b/java/org/apache/catalina/core/LocalStrings_fr.properties
@@ -265,7 +265,6 @@ standardWrapper.notClass=Aucune classe servlet n''a été
spécifiée pour la se
standardWrapper.notContext=Le conteneur parent d'un enrobeur (wrapper) doit
être un contexte
standardWrapper.notFound=Servlet [{0}] n''est pas disponible.
standardWrapper.notServlet=La classe [{0}] n''est pas une servlet
-standardWrapper.releaseFilters=Exception des filtres de sortie (release
filters) pour la servlet [{0}]
standardWrapper.serviceException="Servlet.service()" pour la servlet [{0}] a
généré une exception
standardWrapper.serviceExceptionRoot=Servlet.service() du Servlet [{0}] dans
le contexte au chemin [{1}] a retourné une exception [{2}] avec la cause
standardWrapper.unavailable=La servlet [{0}] est marqué comme indisponible
diff --git a/java/org/apache/catalina/core/LocalStrings_ja.properties
b/java/org/apache/catalina/core/LocalStrings_ja.properties
index 854e055..2630d7d 100644
--- a/java/org/apache/catalina/core/LocalStrings_ja.properties
+++ b/java/org/apache/catalina/core/LocalStrings_ja.properties
@@ -265,7 +265,6 @@ standardWrapper.notClass=サーブレット [{0}] に指定されたサーブレ
standardWrapper.notContext=Wrapper の親のコンテナはContextでなければいけません
standardWrapper.notFound=サーブレット [{0}] が利用できません
standardWrapper.notServlet=クラス [{0}] はServletではありません
-standardWrapper.releaseFilters=サーブレット [{0}] のフィルタ例外を解除します
standardWrapper.serviceException=サーブレット [{0}] のServlet.service()が例外を投げました
standardWrapper.serviceExceptionRoot=パス[{1}]を持つコンテキスト内のサーブレット[{0}]のServlet.service()
が例外[{2}]が根本的要因と共に投げられました。
standardWrapper.unavailable=サーブレット [{0}] を利用不可能にマークします
diff --git a/java/org/apache/catalina/core/LocalStrings_ko.properties
b/java/org/apache/catalina/core/LocalStrings_ko.properties
index 0012e83..57906b9 100644
--- a/java/org/apache/catalina/core/LocalStrings_ko.properties
+++ b/java/org/apache/catalina/core/LocalStrings_ko.properties
@@ -264,7 +264,6 @@ standardWrapper.notClass=서블릿 [{0}]을(를) 위한 서블릿 클래스가
standardWrapper.notContext=Wrapper의 부모 컨테이너는 반드시 컨텍스트여야 합니다.
standardWrapper.notFound=서블릿 [{0}]은(는) 가용하지 않습니다.
standardWrapper.notServlet=클래스 [{0}]은(는) 서블릿이 아닙니다,
-standardWrapper.releaseFilters=서블릿 [{0}]을(를) 위해 필터를 해제하는 중 예외 발생
standardWrapper.serviceException=경로가 [{1}]인 컨텍스트의 서블릿 [{0}]을(를) 위한
Servlet.service() 호출이 예외를 발생시켰습니다.
standardWrapper.serviceExceptionRoot=경로 [{1}]의 컨텍스트 내의 서블릿 [{0}]을(를) 위한
Servlet.service() 호출이, 근본 원인(root cause)과 함께, 예외 [{2}]을(를) 발생시켰습니다.
standardWrapper.unavailable=서블릿 [{0}]을(를) 가용하지 않은 상태로 표시합니다.
diff --git a/java/org/apache/catalina/core/LocalStrings_zh_CN.properties
b/java/org/apache/catalina/core/LocalStrings_zh_CN.properties
index adc71d3..4128ac3 100644
--- a/java/org/apache/catalina/core/LocalStrings_zh_CN.properties
+++ b/java/org/apache/catalina/core/LocalStrings_zh_CN.properties
@@ -264,7 +264,6 @@ standardWrapper.notClass=未为servlet[{0}]指定servlet类
standardWrapper.notContext=包装的父容器必须是上下文
[tomcat] branch 9.0.x updated: Remove unused key
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/9.0.x by this push:
new 4f8b15f Remove unused key
4f8b15f is described below
commit 4f8b15feaa61df68873891a11f3389a34961ba6d
Author: Mark Thomas
AuthorDate: Wed May 27 19:22:13 2020 +0100
Remove unused key
---
java/org/apache/catalina/core/LocalStrings_es.properties| 1 -
java/org/apache/catalina/core/LocalStrings_fr.properties| 1 -
java/org/apache/catalina/core/LocalStrings_ja.properties| 1 -
java/org/apache/catalina/core/LocalStrings_ko.properties| 1 -
java/org/apache/catalina/core/LocalStrings_zh_CN.properties | 1 -
5 files changed, 5 deletions(-)
diff --git a/java/org/apache/catalina/core/LocalStrings_es.properties
b/java/org/apache/catalina/core/LocalStrings_es.properties
index a5c7d1c..c6604d7 100644
--- a/java/org/apache/catalina/core/LocalStrings_es.properties
+++ b/java/org/apache/catalina/core/LocalStrings_es.properties
@@ -171,7 +171,6 @@ standardWrapper.notClass=No se ha especificado clase de
servlet para servlet [{0
standardWrapper.notContext=El contenedor padre para un Arropador (Wrapper)
debe de ser un Contexto
standardWrapper.notFound=No está disponible el Servlet [{0}]
standardWrapper.notServlet=La Clase [{0}] no es un Servlet
-standardWrapper.releaseFilters=Excepción de Liberación de filtros para servlet
[{0}]
standardWrapper.serviceException=Servlet.service() para servlet [{0}] lanzó
excepción
standardWrapper.serviceExceptionRoot=El Servlet.service() para el servlet
[{0}] en el contexto con ruta [{1}] lanzó la excepción [{2}] con causa raíz
standardWrapper.unavailable=Marcando el servlet [{0}] como no disponible
diff --git a/java/org/apache/catalina/core/LocalStrings_fr.properties
b/java/org/apache/catalina/core/LocalStrings_fr.properties
index 5252c8d..45f6e41 100644
--- a/java/org/apache/catalina/core/LocalStrings_fr.properties
+++ b/java/org/apache/catalina/core/LocalStrings_fr.properties
@@ -297,7 +297,6 @@ standardWrapper.notClass=Aucune classe servlet n''a été
spécifiée pour la se
standardWrapper.notContext=Le conteneur parent d'un enrobeur (wrapper) doit
être un contexte
standardWrapper.notFound=Servlet [{0}] n''est pas disponible.
standardWrapper.notServlet=La classe [{0}] n''est pas une servlet
-standardWrapper.releaseFilters=Exception des filtres de sortie (release
filters) pour la servlet [{0}]
standardWrapper.serviceException="Servlet.service()" pour la servlet [{0}] a
généré une exception
standardWrapper.serviceExceptionRoot=Servlet.service() du Servlet [{0}] dans
le contexte au chemin [{1}] a retourné une exception [{2}] avec la cause
standardWrapper.unavailable=La servlet [{0}] est marqué comme indisponible
diff --git a/java/org/apache/catalina/core/LocalStrings_ja.properties
b/java/org/apache/catalina/core/LocalStrings_ja.properties
index f8fe950..e24bf7c 100644
--- a/java/org/apache/catalina/core/LocalStrings_ja.properties
+++ b/java/org/apache/catalina/core/LocalStrings_ja.properties
@@ -297,7 +297,6 @@ standardWrapper.notClass=サーブレット [{0}] に指定されたサーブレ
standardWrapper.notContext=Wrapper の親のコンテナはContextでなければいけません
standardWrapper.notFound=サーブレット [{0}] が利用できません
standardWrapper.notServlet=クラス [{0}] はServletではありません
-standardWrapper.releaseFilters=サーブレット [{0}] のフィルタ例外を解除します
standardWrapper.serviceException=サーブレット [{0}] のServlet.service()が例外を投げました
standardWrapper.serviceExceptionRoot=パス[{1}]を持つコンテキスト内のサーブレット[{0}]のServlet.service()
が例外[{2}]が根本的要因と共に投げられました。
standardWrapper.unavailable=サーブレット [{0}] を利用不可能にマークします
diff --git a/java/org/apache/catalina/core/LocalStrings_ko.properties
b/java/org/apache/catalina/core/LocalStrings_ko.properties
index 43ce1b7..d368870 100644
--- a/java/org/apache/catalina/core/LocalStrings_ko.properties
+++ b/java/org/apache/catalina/core/LocalStrings_ko.properties
@@ -297,7 +297,6 @@ standardWrapper.notClass=서블릿 [{0}]을(를) 위한 서블릿 클래스가
standardWrapper.notContext=Wrapper의 부모 컨테이너는 반드시 컨텍스트여야 합니다.
standardWrapper.notFound=서블릿 [{0}]은(는) 가용하지 않습니다.
standardWrapper.notServlet=클래스 [{0}]은(는) 서블릿이 아닙니다,
-standardWrapper.releaseFilters=서블릿 [{0}]을(를) 위해 필터를 해제하는 중 예외 발생
standardWrapper.serviceException=경로가 [{1}]인 컨텍스트의 서블릿 [{0}]을(를) 위한
Servlet.service() 호출이 예외를 발생시켰습니다.
standardWrapper.serviceExceptionRoot=경로 [{1}]의 컨텍스트 내의 서블릿 [{0}]을(를) 위한
Servlet.service() 호출이, 근본 원인(root cause)과 함께, 예외 [{2}]을(를) 발생시켰습니다.
standardWrapper.unavailable=서블릿 [{0}]을(를) 가용하지 않은 상태로 표시합니다.
diff --git a/java/org/apache/catalina/core/LocalStrings_zh_CN.properties
b/java/org/apache/catalina/core/LocalStrings_zh_CN.properties
index 5a4bbf8..9b67ed2 100644
--- a/java/org/apache/catalina/core/LocalStrings_zh_CN.properties
+++ b/java/org/apache/catalina/core/LocalStrings_zh_CN.properties
@@ -298,7 +298,6 @@ standardWrapper.notClass=未为servlet[{0}]指定servlet类
standardWrapper.notContext=包装的父容器必须是上下文
[tomcat] 03/03: Add missing French translation (remm)
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/tomcat.git
commit 1d1d835a6784854e26c4fff8e23aef128c105f3c
Author: Mark Thomas
AuthorDate: Wed May 27 19:24:12 2020 +0100
Add missing French translation (remm)
---
java/org/apache/catalina/connector/LocalStrings_fr.properties | 1 +
webapps/docs/changelog.xml| 4
2 files changed, 5 insertions(+)
diff --git a/java/org/apache/catalina/connector/LocalStrings_fr.properties
b/java/org/apache/catalina/connector/LocalStrings_fr.properties
index 3bdbe67..eb544d6 100644
--- a/java/org/apache/catalina/connector/LocalStrings_fr.properties
+++ b/java/org/apache/catalina/connector/LocalStrings_fr.properties
@@ -83,6 +83,7 @@ request.asyncNotSupported=Un filtre ou un Servlet de la
chaîne actuelle ne supp
request.fragmentInDispatchPath=Le fragment dans le chemin de dispatch [{0}] a
été enlevé
request.illegalWrap=L'enrobeur de la réponse doit enrober la requête obtenue à
partir de getRequest()
request.notAsync=Il est interdit d'appeler cette méthode si la requête
actuelle n'est pas en mode asynchrone (isAsyncStarted() a renvoyé false)
+request.session.failed=Erreur de chargement de la session [{0}] à cause de
[{1}]
requestFacade.nullRequest=L'objet requête a été recyclé et n'est plus associé
à cette façade
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 9063c98..2332b6e 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -111,6 +111,10 @@
CharsetCache to include ISO-8859-16, added in
OpenJDK 15. (markt)
+
+Improve the quality and expand the coverage of the French translations
+provided with Apache Tomcat. (remm)
+
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch master updated (ab32f48 -> 1d1d835)
This is an automated email from the ASF dual-hosted git repository. markt pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/tomcat.git. from ab32f48 Correct StringManager lookup new b9066fc Remove unused key new a9e6cad Correct key order new 1d1d835 Add missing French translation (remm) The 3 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "add" were already present in the repository and have only been added to this reference. Summary of changes: java/org/apache/catalina/connector/LocalStrings_fr.properties | 1 + java/org/apache/catalina/core/LocalStrings_es.properties | 1 - java/org/apache/catalina/core/LocalStrings_fr.properties | 1 - java/org/apache/catalina/core/LocalStrings_ja.properties | 1 - java/org/apache/catalina/core/LocalStrings_ko.properties | 1 - java/org/apache/catalina/core/LocalStrings_zh_CN.properties | 1 - java/org/apache/tomcat/util/net/LocalStrings_ja.properties| 2 +- webapps/docs/changelog.xml| 4 8 files changed, 6 insertions(+), 6 deletions(-) - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] 01/03: Remove unused key
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/tomcat.git
commit b9066fcad16991d168590a3d26c3931c454e0800
Author: Mark Thomas
AuthorDate: Wed May 27 19:22:13 2020 +0100
Remove unused key
---
java/org/apache/catalina/core/LocalStrings_es.properties| 1 -
java/org/apache/catalina/core/LocalStrings_fr.properties| 1 -
java/org/apache/catalina/core/LocalStrings_ja.properties| 1 -
java/org/apache/catalina/core/LocalStrings_ko.properties| 1 -
java/org/apache/catalina/core/LocalStrings_zh_CN.properties | 1 -
5 files changed, 5 deletions(-)
diff --git a/java/org/apache/catalina/core/LocalStrings_es.properties
b/java/org/apache/catalina/core/LocalStrings_es.properties
index a5c7d1c..c6604d7 100644
--- a/java/org/apache/catalina/core/LocalStrings_es.properties
+++ b/java/org/apache/catalina/core/LocalStrings_es.properties
@@ -171,7 +171,6 @@ standardWrapper.notClass=No se ha especificado clase de
servlet para servlet [{0
standardWrapper.notContext=El contenedor padre para un Arropador (Wrapper)
debe de ser un Contexto
standardWrapper.notFound=No está disponible el Servlet [{0}]
standardWrapper.notServlet=La Clase [{0}] no es un Servlet
-standardWrapper.releaseFilters=Excepción de Liberación de filtros para servlet
[{0}]
standardWrapper.serviceException=Servlet.service() para servlet [{0}] lanzó
excepción
standardWrapper.serviceExceptionRoot=El Servlet.service() para el servlet
[{0}] en el contexto con ruta [{1}] lanzó la excepción [{2}] con causa raíz
standardWrapper.unavailable=Marcando el servlet [{0}] como no disponible
diff --git a/java/org/apache/catalina/core/LocalStrings_fr.properties
b/java/org/apache/catalina/core/LocalStrings_fr.properties
index 35d642e..0943ed5 100644
--- a/java/org/apache/catalina/core/LocalStrings_fr.properties
+++ b/java/org/apache/catalina/core/LocalStrings_fr.properties
@@ -296,7 +296,6 @@ standardWrapper.notClass=Aucune classe servlet n''a été
spécifiée pour la se
standardWrapper.notContext=Le conteneur parent d'un enrobeur (wrapper) doit
être un contexte
standardWrapper.notFound=Servlet [{0}] n''est pas disponible.
standardWrapper.notServlet=La classe [{0}] n''est pas une servlet
-standardWrapper.releaseFilters=Exception des filtres de sortie (release
filters) pour la servlet [{0}]
standardWrapper.serviceException="Servlet.service()" pour la servlet [{0}] a
généré une exception
standardWrapper.serviceExceptionRoot=Servlet.service() du Servlet [{0}] dans
le contexte au chemin [{1}] a retourné une exception [{2}] avec la cause
standardWrapper.unavailable=La servlet [{0}] est marqué comme indisponible
diff --git a/java/org/apache/catalina/core/LocalStrings_ja.properties
b/java/org/apache/catalina/core/LocalStrings_ja.properties
index 145da00..c5ab32f 100644
--- a/java/org/apache/catalina/core/LocalStrings_ja.properties
+++ b/java/org/apache/catalina/core/LocalStrings_ja.properties
@@ -296,7 +296,6 @@ standardWrapper.notClass=サーブレット [{0}] に指定されたサーブレ
standardWrapper.notContext=Wrapper の親のコンテナはContextでなければいけません
standardWrapper.notFound=サーブレット [{0}] が利用できません
standardWrapper.notServlet=クラス [{0}] はServletではありません
-standardWrapper.releaseFilters=サーブレット [{0}] のフィルタ例外を解除します
standardWrapper.serviceException=サーブレット [{0}] のServlet.service()が例外を投げました
standardWrapper.serviceExceptionRoot=パス[{1}]を持つコンテキスト内のサーブレット[{0}]のServlet.service()
が例外[{2}]が根本的要因と共に投げられました。
standardWrapper.unavailable=サーブレット [{0}] を利用不可能にマークします
diff --git a/java/org/apache/catalina/core/LocalStrings_ko.properties
b/java/org/apache/catalina/core/LocalStrings_ko.properties
index f685bac..7e0c9cb 100644
--- a/java/org/apache/catalina/core/LocalStrings_ko.properties
+++ b/java/org/apache/catalina/core/LocalStrings_ko.properties
@@ -296,7 +296,6 @@ standardWrapper.notClass=서블릿 [{0}]을(를) 위한 서블릿 클래스가
standardWrapper.notContext=Wrapper의 부모 컨테이너는 반드시 컨텍스트여야 합니다.
standardWrapper.notFound=서블릿 [{0}]은(는) 가용하지 않습니다.
standardWrapper.notServlet=클래스 [{0}]은(는) 서블릿이 아닙니다,
-standardWrapper.releaseFilters=서블릿 [{0}]을(를) 위해 필터를 해제하는 중 예외 발생
standardWrapper.serviceException=경로가 [{1}]인 컨텍스트의 서블릿 [{0}]을(를) 위한
Servlet.service() 호출이 예외를 발생시켰습니다.
standardWrapper.serviceExceptionRoot=경로 [{1}]의 컨텍스트 내의 서블릿 [{0}]을(를) 위한
Servlet.service() 호출이, 근본 원인(root cause)과 함께, 예외 [{2}]을(를) 발생시켰습니다.
standardWrapper.unavailable=서블릿 [{0}]을(를) 가용하지 않은 상태로 표시합니다.
diff --git a/java/org/apache/catalina/core/LocalStrings_zh_CN.properties
b/java/org/apache/catalina/core/LocalStrings_zh_CN.properties
index 7b7f16e..c909dc6 100644
--- a/java/org/apache/catalina/core/LocalStrings_zh_CN.properties
+++ b/java/org/apache/catalina/core/LocalStrings_zh_CN.properties
@@ -297,7 +297,6 @@ standardWrapper.notClass=未为servlet[{0}]指定servlet类
standardWrapper.notContext=包装的父容器必须是上下文
standardWrapper.notFound=Servlet [{0}] 不可用
standardWrapper.notServlet=类{0}不是Servlet
[tomcat] 02/03: Correct key order
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/tomcat.git
commit a9e6caddc5e3197025dd7d83be6f2366a840616d
Author: Mark Thomas
AuthorDate: Wed May 27 19:22:26 2020 +0100
Correct key order
---
java/org/apache/tomcat/util/net/LocalStrings_ja.properties | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/java/org/apache/tomcat/util/net/LocalStrings_ja.properties
b/java/org/apache/tomcat/util/net/LocalStrings_ja.properties
index d1c73e9..f16f9c3 100644
--- a/java/org/apache/tomcat/util/net/LocalStrings_ja.properties
+++ b/java/org/apache/tomcat/util/net/LocalStrings_ja.properties
@@ -167,8 +167,8 @@ sslUtilBase.alias_no_key_entry=別名 [{0}] はキーエントリを発見でき
sslUtilBase.invalidTrustManagerClassName=[{0}]が提供するtrustManagerClassNameはjavax.net.ssl.TrustManagerを実装していません。
sslUtilBase.keystore_load_failed=[{0}] のキーストア [{1}] の読み込みは [{2}] により失敗しました。
sslUtilBase.noCertFile=SSLコネクタを使用する場合は、SSLHostConfigのcertificateFile属性を定義する必要があります。
-sslUtilBase.noKeys=キーストアで見つかった秘密キーのエイリアスがありません。
sslUtilBase.noCrlSupport=トラストストアプロバイダー [{0}] は設定項目 certificateRevocationFile
に対応していません。
+sslUtilBase.noKeys=キーストアで見つかった秘密キーのエイリアスがありません。
sslUtilBase.noVerificationDepth=トラストストアプロバイダー [{0}] は設定項目
certificateVerificationDepth に未対応です。
sslUtilBase.noneSupported=指定された[{0}]のどれもSSLエンジンでサポートされていません:[{1}]
sslUtilBase.skipped=指定された[{0}]の一部はSSLエンジンでサポートされておらず、スキップされています:[{1}]
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: [SECURITY] CVE-2020-9484 Apache Tomcat Remote Code Execution via session persistence
s/PersistenceManager/PersistentManager/g Is that a typo? Thanks. -ag On Wed, May 20, 2020 at 8:19 AM Mark Thomas wrote: > > CVE-2020-9484 Apache Tomcat Remote Code Execution via session persistence > > Severity: High > > Vendor: The Apache Software Foundation > > Versions Affected: > Apache Tomcat 10.0.0-M1 to 10.0.0-M4 > Apache Tomcat 9.0.0.M1 to 9.0.34 > Apache Tomcat 8.5.0 to 8.5.54 > Apache Tomcat 7.0.0 to 7.0.103 > > Description: > If: > a) an attacker is able to control the contents and name of a file on the >server; and > b) the server is configured to use the PersistenceManager with a >FileStore; and > c) the PersistenceManager is configured with >sessionAttributeValueClassNameFilter="null" (the default unless a >SecurityManager is used) or a sufficiently lax filter to allow the >attacker provided object to be deserialized; and > d) the attacker knows the relative file path from the storage location >used by FileStore to the file the attacker has control over; > then, using a specifically crafted request, the attacker will be able to > trigger remote code execution via deserialization of the file under > their control. Note that all of conditions a) to d) must be true for the > attack to succeed. > > Mitigation: > - Upgrade to Apache Tomcat 10.0.0-M5 or later > - Upgrade to Apache Tomcat 9.0.35 or later > - Upgrade to Apache Tomcat 8.5.55 or later > - Upgrade to Apache Tomcat 7.0.104 or later > Alternatively, users may configure the PersistenceManager with an > appropriate value for sessionAttributeValueClassNameFilter to ensure > that only application provided attributes are serialized and deserialized. > > Credit: > This issue was discovered and reported responsibly to the Apache Tomcat > Security Team by report by jarvis threedr3am of pdd security research > > References: > [1] http://tomcat.apache.org/security-10.html > [2] http://tomcat.apache.org/security-9.html > [3] http://tomcat.apache.org/security-8.html > [4] http://tomcat.apache.org/security-7.html > > - > To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org > For additional commands, e-mail: dev-h...@tomcat.apache.org > - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 64474] Truststore validation is failing to show detailed log messages for out-of-date entries
https://bz.apache.org/bugzilla/show_bug.cgi?id=64474 Mark Thomas changed: What|Removed |Added Resolution|--- |FIXED Status|NEW |RESOLVED --- Comment #3 from Mark Thomas --- Fixed in: - master for 10.0.0-M6 onwards - 9.0.x for 9.0.36 onwards - 8.5.x for 8.5.56 onwards -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 8.5.x updated: Fix BZ 64474 - Correct missing log messages
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/8.5.x by this push:
new 57a8b7b Fix BZ 64474 - Correct missing log messages
57a8b7b is described below
commit 57a8b7b40a505f6d915b2c80d2efafaa9c14ea32
Author: Mark Thomas
AuthorDate: Wed May 27 17:49:44 2020 +0100
Fix BZ 64474 - Correct missing log messages
Previous refactorings moved code between packages but didn't move the
associated messages.
---
.../apache/tomcat/util/net/LocalStrings.properties | 17 ++-
.../tomcat/util/net/LocalStrings_de.properties | 5 +++--
.../tomcat/util/net/LocalStrings_es.properties | 10 +
.../tomcat/util/net/LocalStrings_fr.properties | 17 ++-
.../tomcat/util/net/LocalStrings_ja.properties | 17 ++-
.../tomcat/util/net/LocalStrings_ko.properties | 17 ++-
.../tomcat/util/net/LocalStrings_zh_CN.properties | 17 ++-
java/org/apache/tomcat/util/net/SSLHostConfig.java | 2 +-
java/org/apache/tomcat/util/net/SSLUtilBase.java | 24 +++---
java/org/apache/tomcat/util/net/jsse/JSSEUtil.java | 4 ++--
.../tomcat/util/net/jsse/LocalStrings.properties | 17 +++
.../util/net/jsse/LocalStrings_de.properties | 6 +-
.../util/net/jsse/LocalStrings_es.properties | 7 +--
.../util/net/jsse/LocalStrings_fr.properties | 17 +++
.../util/net/jsse/LocalStrings_ja.properties | 17 +++
.../util/net/jsse/LocalStrings_ko.properties | 17 +++
.../util/net/jsse/LocalStrings_ru.properties | 2 +-
.../util/net/jsse/LocalStrings_zh_CN.properties| 17 +++
java/org/apache/tomcat/util/net/jsse/PEMFile.java | 2 +-
.../tomcat/util/net/openssl/OpenSSLUtil.java | 2 +-
.../net/openssl/ciphers/LocalStrings.properties| 3 ++-
...gs_fr.properties => LocalStrings_de.properties} | 2 +-
...gs_fr.properties => LocalStrings_es.properties} | 2 +-
.../net/openssl/ciphers/LocalStrings_fr.properties | 3 ++-
.../net/openssl/ciphers/LocalStrings_ja.properties | 3 ++-
.../net/openssl/ciphers/LocalStrings_ko.properties | 3 ++-
.../openssl/ciphers/LocalStrings_zh_CN.properties | 3 ++-
.../ciphers/OpenSSLCipherConfigurationParser.java | 7 +++
28 files changed, 119 insertions(+), 141 deletions(-)
diff --git a/java/org/apache/tomcat/util/net/LocalStrings.properties
b/java/org/apache/tomcat/util/net/LocalStrings.properties
index 7bca289..c3c54f2 100644
--- a/java/org/apache/tomcat/util/net/LocalStrings.properties
+++ b/java/org/apache/tomcat/util/net/LocalStrings.properties
@@ -122,11 +122,6 @@ endpoint.warn.noRemoteHost=Unable to determine remote host
name for socket [{0}]
endpoint.warn.noRemotePort=Unable to determine remote port for socket [{0}]
endpoint.warn.unlockAcceptorFailed=Acceptor thread [{0}] failed to unlock.
Forcing hard socket shutdown.
-jsse.invalid_truststore_password=The provided trust store password could not
be used to unlock and/or validate the trust store. Retrying to access the trust
store with a null password which will skip validation.
-jsse.keystore_load_failed=Failed to load keystore type [{0}] with path [{1}]
due to [{2}]
-jsse.ssl3=SSLv3 has been explicitly enabled. This protocol is known to be
insecure.
-jsse.tls13.auth=The JSSE TLS 1.3 implementation does not support
authentication after the initial handshake and is therefore incompatible with
optional client authentication
-
sniExtractor.clientHelloInvalid=The ClientHello message was not correctly
formatted
sniExtractor.clientHelloTooBig=The ClientHello was not presented in a single
TLS record so no SNI information could be extracted
@@ -140,6 +135,7 @@ socket.sslreneg=Exception re-negotiating SSL connection
sslHostConfig.certificate.notype=Multiple certificates were specified and at
least one is missing the required attribute type
sslHostConfig.certificateVerificationInvalid=The certificate verification
value [{0}] is not recognised
sslHostConfig.fileNotFound=Configured file [{0}] does not exist
+sslHostConfig.invalid_truststore_password=The provided trust store password
could not be used to unlock and/or validate the trust store. Retrying to access
the trust store with a null password which will skip validation.
sslHostConfig.mismatch=The property [{0}] was set on the SSLHostConfig named
[{1}] and is for the [{2}] configuration syntax but the SSLHostConfig is being
used with the [{3}] configuration syntax
sslHostConfig.opensslconf.alreadyset=Attempt to set another OpenSSLConf ignored
sslHostConfig.opensslconf.null=Attempt to set null OpenSSLConf ignored
@@ -150,5 +146,16 @@ sslHostConfigCertificate.mismatch=The property [{0}] was
set on the SSLHostConfi
sslImplementation.cnfe=Unable to create SSLImplementation for
buildbot success in on tomcat-trunk
The Buildbot has detected a restored build on builder tomcat-trunk while building tomcat. Full details are available at: https://ci.apache.org/builders/tomcat-trunk/builds/5201 Buildbot URL: https://ci.apache.org/ Buildslave for this Build: asf946_ubuntu Build Reason: The AnyBranchScheduler scheduler named 'on-tomcat-commit' triggered this build Build Source Stamp: [branch master] ae69c8e09644ed6fd91fd87a2f7d7ee0d441f7da Blamelist: Mark Thomas Build succeeded! Sincerely, -The Buildbot - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch master updated: Correct StringManager lookup
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/master by this push:
new ab32f48 Correct StringManager lookup
ab32f48 is described below
commit ab32f48b873260bb3ac7f5656813e2ca4142cc49
Author: Mark Thomas
AuthorDate: Wed May 27 17:18:03 2020 +0100
Correct StringManager lookup
---
java/org/apache/tomcat/util/net/openssl/OpenSSLUtil.java | 2 +-
.../util/net/openssl/ciphers/OpenSSLCipherConfigurationParser.java | 3 +--
2 files changed, 2 insertions(+), 3 deletions(-)
diff --git a/java/org/apache/tomcat/util/net/openssl/OpenSSLUtil.java
b/java/org/apache/tomcat/util/net/openssl/OpenSSLUtil.java
index fada2ca..0ab24c2 100644
--- a/java/org/apache/tomcat/util/net/openssl/OpenSSLUtil.java
+++ b/java/org/apache/tomcat/util/net/openssl/OpenSSLUtil.java
@@ -35,7 +35,7 @@ import org.apache.tomcat.util.res.StringManager;
public class OpenSSLUtil extends SSLUtilBase {
private static final Log log = LogFactory.getLog(OpenSSLUtil.class);
-private static final StringManager sm =
StringManager.getManager(OpenSSLContext.class);
+private static final StringManager sm =
StringManager.getManager(OpenSSLUtil.class);
public OpenSSLUtil(SSLHostConfigCertificate certificate) {
diff --git
a/java/org/apache/tomcat/util/net/openssl/ciphers/OpenSSLCipherConfigurationParser.java
b/java/org/apache/tomcat/util/net/openssl/ciphers/OpenSSLCipherConfigurationParser.java
index d9179b2..f87b5f1 100644
---
a/java/org/apache/tomcat/util/net/openssl/ciphers/OpenSSLCipherConfigurationParser.java
+++
b/java/org/apache/tomcat/util/net/openssl/ciphers/OpenSSLCipherConfigurationParser.java
@@ -40,8 +40,7 @@ import org.apache.tomcat.util.res.StringManager;
public class OpenSSLCipherConfigurationParser {
private static final Log log =
LogFactory.getLog(OpenSSLCipherConfigurationParser.class);
-private static final StringManager sm =
-StringManager.getManager("org.apache.tomcat.util.net.jsse.res");
+private static final StringManager sm =
StringManager.getManager(OpenSSLCipherConfigurationParser.class);
private static boolean initialized = false;
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 9.0.x updated: Correct StringManager lookup
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/9.0.x by this push:
new 2e44fac Correct StringManager lookup
2e44fac is described below
commit 2e44fac8848af13c4c28c51a567671d2ff07b6cb
Author: Mark Thomas
AuthorDate: Wed May 27 17:18:03 2020 +0100
Correct StringManager lookup
---
java/org/apache/tomcat/util/net/openssl/OpenSSLUtil.java | 2 +-
.../util/net/openssl/ciphers/OpenSSLCipherConfigurationParser.java | 3 +--
2 files changed, 2 insertions(+), 3 deletions(-)
diff --git a/java/org/apache/tomcat/util/net/openssl/OpenSSLUtil.java
b/java/org/apache/tomcat/util/net/openssl/OpenSSLUtil.java
index fada2ca..0ab24c2 100644
--- a/java/org/apache/tomcat/util/net/openssl/OpenSSLUtil.java
+++ b/java/org/apache/tomcat/util/net/openssl/OpenSSLUtil.java
@@ -35,7 +35,7 @@ import org.apache.tomcat.util.res.StringManager;
public class OpenSSLUtil extends SSLUtilBase {
private static final Log log = LogFactory.getLog(OpenSSLUtil.class);
-private static final StringManager sm =
StringManager.getManager(OpenSSLContext.class);
+private static final StringManager sm =
StringManager.getManager(OpenSSLUtil.class);
public OpenSSLUtil(SSLHostConfigCertificate certificate) {
diff --git
a/java/org/apache/tomcat/util/net/openssl/ciphers/OpenSSLCipherConfigurationParser.java
b/java/org/apache/tomcat/util/net/openssl/ciphers/OpenSSLCipherConfigurationParser.java
index d9179b2..f87b5f1 100644
---
a/java/org/apache/tomcat/util/net/openssl/ciphers/OpenSSLCipherConfigurationParser.java
+++
b/java/org/apache/tomcat/util/net/openssl/ciphers/OpenSSLCipherConfigurationParser.java
@@ -40,8 +40,7 @@ import org.apache.tomcat.util.res.StringManager;
public class OpenSSLCipherConfigurationParser {
private static final Log log =
LogFactory.getLog(OpenSSLCipherConfigurationParser.class);
-private static final StringManager sm =
-StringManager.getManager("org.apache.tomcat.util.net.jsse.res");
+private static final StringManager sm =
StringManager.getManager(OpenSSLCipherConfigurationParser.class);
private static boolean initialized = false;
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 7.0.x updated: Fix IDE warning
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 7.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/7.0.x by this push:
new 0f2f751 Fix IDE warning
0f2f751 is described below
commit 0f2f751a87a0dca4a27cadeea333f1f605921d98
Author: Mark Thomas
AuthorDate: Wed May 27 17:09:53 2020 +0100
Fix IDE warning
---
java/org/apache/catalina/connector/Connector.java | 1 +
1 file changed, 1 insertion(+)
diff --git a/java/org/apache/catalina/connector/Connector.java
b/java/org/apache/catalina/connector/Connector.java
index 52ba8f6..5ff6f35 100644
--- a/java/org/apache/catalina/connector/Connector.java
+++ b/java/org/apache/catalina/connector/Connector.java
@@ -267,6 +267,7 @@ public class Connector extends LifecycleMBeanBase {
/**
* The behavior when an encoded solidus (slash) is submitted.
*/
+@SuppressWarnings("deprecation")
private EncodedSolidusHandling encodedSolidusHandling =
UDecoder.ALLOW_ENCODED_SLASH ? EncodedSolidusHandling.DECODE :
EncodedSolidusHandling.REJECT;
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 9.0.x updated: Fix IDE warning
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/9.0.x by this push:
new 98f9b88 Fix IDE warning
98f9b88 is described below
commit 98f9b88b07e67e045d1d8643a0eafbe3dba55710
Author: Mark Thomas
AuthorDate: Wed May 27 17:09:53 2020 +0100
Fix IDE warning
---
java/org/apache/catalina/connector/Connector.java | 1 +
1 file changed, 1 insertion(+)
diff --git a/java/org/apache/catalina/connector/Connector.java
b/java/org/apache/catalina/connector/Connector.java
index 1e78bc8..d41fcb7 100644
--- a/java/org/apache/catalina/connector/Connector.java
+++ b/java/org/apache/catalina/connector/Connector.java
@@ -276,6 +276,7 @@ public class Connector extends LifecycleMBeanBase {
/**
* The behavior when an encoded solidus (slash) is submitted.
*/
+@SuppressWarnings("deprecation")
private EncodedSolidusHandling encodedSolidusHandling =
UDecoder.ALLOW_ENCODED_SLASH ? EncodedSolidusHandling.DECODE :
EncodedSolidusHandling.REJECT;
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 8.5.x updated: Fix IDE warning
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/8.5.x by this push:
new 3f21444 Fix IDE warning
3f21444 is described below
commit 3f21444656b8b096ca0fea76c20be028dacc957b
Author: Mark Thomas
AuthorDate: Wed May 27 17:09:53 2020 +0100
Fix IDE warning
---
java/org/apache/catalina/connector/Connector.java | 1 +
1 file changed, 1 insertion(+)
diff --git a/java/org/apache/catalina/connector/Connector.java
b/java/org/apache/catalina/connector/Connector.java
index d7ee351..cc42d27 100644
--- a/java/org/apache/catalina/connector/Connector.java
+++ b/java/org/apache/catalina/connector/Connector.java
@@ -286,6 +286,7 @@ public class Connector extends LifecycleMBeanBase {
/**
* The behavior when an encoded solidus (slash) is submitted.
*/
+@SuppressWarnings("deprecation")
private EncodedSolidusHandling encodedSolidusHandling =
UDecoder.ALLOW_ENCODED_SLASH ? EncodedSolidusHandling.DECODE :
EncodedSolidusHandling.REJECT;
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch master updated: Fix BZ 64474 - Correct missing log messages
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/master by this push:
new ae69c8e Fix BZ 64474 - Correct missing log messages
ae69c8e is described below
commit ae69c8e09644ed6fd91fd87a2f7d7ee0d441f7da
Author: Mark Thomas
AuthorDate: Wed May 27 17:07:52 2020 +0100
Fix BZ 64474 - Correct missing log messages
Previous refactorings moved code between packages but didn't move the
associated messages.
---
.../org/apache/tomcat/util/net/LocalStrings.properties | 8
.../apache/tomcat/util/net/LocalStrings_de.properties | 2 ++
.../apache/tomcat/util/net/LocalStrings_es.properties | 3 +++
.../apache/tomcat/util/net/LocalStrings_fr.properties | 8
.../apache/tomcat/util/net/LocalStrings_ja.properties | 8
.../apache/tomcat/util/net/LocalStrings_ko.properties | 8
.../tomcat/util/net/LocalStrings_zh_CN.properties | 8
java/org/apache/tomcat/util/net/SSLUtilBase.java | 18 +-
.../tomcat/util/net/jsse/LocalStrings.properties | 11 ---
.../tomcat/util/net/jsse/LocalStrings_de.properties| 5 -
.../tomcat/util/net/jsse/LocalStrings_es.properties| 6 --
.../tomcat/util/net/jsse/LocalStrings_fr.properties| 11 ---
.../tomcat/util/net/jsse/LocalStrings_ja.properties| 11 ---
.../tomcat/util/net/jsse/LocalStrings_ko.properties| 11 ---
.../tomcat/util/net/jsse/LocalStrings_zh_CN.properties | 11 ---
.../util/net/openssl/ciphers/LocalStrings.properties | 3 ++-
...trings_ja.properties => LocalStrings_de.properties} | 2 +-
...trings_ja.properties => LocalStrings_es.properties} | 2 +-
.../net/openssl/ciphers/LocalStrings_fr.properties | 3 ++-
.../net/openssl/ciphers/LocalStrings_ja.properties | 3 ++-
.../net/openssl/ciphers/LocalStrings_ko.properties | 3 ++-
.../net/openssl/ciphers/LocalStrings_zh_CN.properties | 3 ++-
.../ciphers/OpenSSLCipherConfigurationParser.java | 4 ++--
23 files changed, 68 insertions(+), 84 deletions(-)
diff --git a/java/org/apache/tomcat/util/net/LocalStrings.properties
b/java/org/apache/tomcat/util/net/LocalStrings.properties
index 053da6c..350d6b0 100644
--- a/java/org/apache/tomcat/util/net/LocalStrings.properties
+++ b/java/org/apache/tomcat/util/net/LocalStrings.properties
@@ -163,8 +163,16 @@ sslHostConfigCertificate.mismatch=The property [{0}] was
set on the SSLHostConfi
sslImplementation.cnfe=Unable to create SSLImplementation for class [{0}]
sslUtilBase.active=The [{0}] that are active are : [{1}]
+sslUtilBase.alias_no_key_entry=Alias name [{0}] does not identify a key entry
+sslUtilBase.invalidTrustManagerClassName=The trustManagerClassName provided
[{0}] does not implement javax.net.ssl.TrustManager
sslUtilBase.keystore_load_failed=Failed to load keystore type [{0}] with path
[{1}] due to [{2}]
+sslUtilBase.noCertFile=SSLHostConfig attribute certificateFile must be defined
when using an SSL connector
+sslUtilBase.noCrlSupport=The truststoreProvider [{0}] does not support the
certificateRevocationFile configuration option
+sslUtilBase.noKeys=No aliases for private keys found in key store
+sslUtilBase.noVerificationDepth=The truststoreProvider [{0}] does not support
the certificateVerificationDepth configuration option
sslUtilBase.noneSupported=None of the [{0}] specified are supported by the SSL
engine : [{1}]
sslUtilBase.skipped=Some of the specified [{0}] are not supported by the SSL
engine and have been skipped: [{1}]
sslUtilBase.ssl3=SSLv3 has been explicitly enabled. This protocol is known to
be insecure.
sslUtilBase.tls13.auth=The JSSE TLS 1.3 implementation does not support
authentication after the initial handshake and is therefore incompatible with
optional client authentication
+sslUtilBase.trustedCertNotChecked=The validity dates of the trusted
certificate with alias [{0}] were not checked as the certificate was of an
unknown type
+sslUtilBase.trustedCertNotValid=The trusted certificate with alias [{0}] and
DN [{1}] is not valid due to [{2}]. Certificates signed by this trusted
certificate WILL be accepted
diff --git a/java/org/apache/tomcat/util/net/LocalStrings_de.properties
b/java/org/apache/tomcat/util/net/LocalStrings_de.properties
index 064fcde..434e26e 100644
--- a/java/org/apache/tomcat/util/net/LocalStrings_de.properties
+++ b/java/org/apache/tomcat/util/net/LocalStrings_de.properties
@@ -44,5 +44,7 @@ sslHostConfig.certificate.notype=Es wurden mehrere
Zertifikate angegeben und min
sslHostConfig.fileNotFound=Die konfigurierte Datei [{0}] existiert nicht.\n
sslHostConfig.opensslconf.null=Versuch eine null OpenSSLConf zu setzen
ignoriert
+sslUtilBase.noVerificationDepth=Der truststoreProvider [{0}] unterstützt nicht
die Option certificateVerificationDepth
[tomcat] branch 9.0.x updated: Fix BZ 64474 - Correct missing log messages
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/9.0.x by this push:
new 2935e3f Fix BZ 64474 - Correct missing log messages
2935e3f is described below
commit 2935e3fa91a1bcb7119c100784bcc8ece3dc9f43
Author: Mark Thomas
AuthorDate: Wed May 27 17:07:52 2020 +0100
Fix BZ 64474 - Correct missing log messages
Previous refactorings moved code between packages but didn't move the
associated messages.
---
.../org/apache/tomcat/util/net/LocalStrings.properties | 8
.../apache/tomcat/util/net/LocalStrings_de.properties | 2 ++
.../apache/tomcat/util/net/LocalStrings_es.properties | 3 +++
.../apache/tomcat/util/net/LocalStrings_fr.properties | 8
.../apache/tomcat/util/net/LocalStrings_ja.properties | 8
.../apache/tomcat/util/net/LocalStrings_ko.properties | 8
.../tomcat/util/net/LocalStrings_zh_CN.properties | 8
java/org/apache/tomcat/util/net/SSLUtilBase.java | 18 +-
.../tomcat/util/net/jsse/LocalStrings.properties | 11 ---
.../tomcat/util/net/jsse/LocalStrings_de.properties| 5 -
.../tomcat/util/net/jsse/LocalStrings_es.properties| 6 --
.../tomcat/util/net/jsse/LocalStrings_fr.properties| 11 ---
.../tomcat/util/net/jsse/LocalStrings_ja.properties| 11 ---
.../tomcat/util/net/jsse/LocalStrings_ko.properties| 11 ---
.../tomcat/util/net/jsse/LocalStrings_zh_CN.properties | 11 ---
.../util/net/openssl/ciphers/LocalStrings.properties | 3 ++-
...trings_ja.properties => LocalStrings_de.properties} | 2 +-
...trings_ja.properties => LocalStrings_es.properties} | 2 +-
.../net/openssl/ciphers/LocalStrings_fr.properties | 3 ++-
.../net/openssl/ciphers/LocalStrings_ja.properties | 3 ++-
.../net/openssl/ciphers/LocalStrings_ko.properties | 3 ++-
.../net/openssl/ciphers/LocalStrings_zh_CN.properties | 3 ++-
.../ciphers/OpenSSLCipherConfigurationParser.java | 4 ++--
23 files changed, 68 insertions(+), 84 deletions(-)
diff --git a/java/org/apache/tomcat/util/net/LocalStrings.properties
b/java/org/apache/tomcat/util/net/LocalStrings.properties
index 053da6c..350d6b0 100644
--- a/java/org/apache/tomcat/util/net/LocalStrings.properties
+++ b/java/org/apache/tomcat/util/net/LocalStrings.properties
@@ -163,8 +163,16 @@ sslHostConfigCertificate.mismatch=The property [{0}] was
set on the SSLHostConfi
sslImplementation.cnfe=Unable to create SSLImplementation for class [{0}]
sslUtilBase.active=The [{0}] that are active are : [{1}]
+sslUtilBase.alias_no_key_entry=Alias name [{0}] does not identify a key entry
+sslUtilBase.invalidTrustManagerClassName=The trustManagerClassName provided
[{0}] does not implement javax.net.ssl.TrustManager
sslUtilBase.keystore_load_failed=Failed to load keystore type [{0}] with path
[{1}] due to [{2}]
+sslUtilBase.noCertFile=SSLHostConfig attribute certificateFile must be defined
when using an SSL connector
+sslUtilBase.noCrlSupport=The truststoreProvider [{0}] does not support the
certificateRevocationFile configuration option
+sslUtilBase.noKeys=No aliases for private keys found in key store
+sslUtilBase.noVerificationDepth=The truststoreProvider [{0}] does not support
the certificateVerificationDepth configuration option
sslUtilBase.noneSupported=None of the [{0}] specified are supported by the SSL
engine : [{1}]
sslUtilBase.skipped=Some of the specified [{0}] are not supported by the SSL
engine and have been skipped: [{1}]
sslUtilBase.ssl3=SSLv3 has been explicitly enabled. This protocol is known to
be insecure.
sslUtilBase.tls13.auth=The JSSE TLS 1.3 implementation does not support
authentication after the initial handshake and is therefore incompatible with
optional client authentication
+sslUtilBase.trustedCertNotChecked=The validity dates of the trusted
certificate with alias [{0}] were not checked as the certificate was of an
unknown type
+sslUtilBase.trustedCertNotValid=The trusted certificate with alias [{0}] and
DN [{1}] is not valid due to [{2}]. Certificates signed by this trusted
certificate WILL be accepted
diff --git a/java/org/apache/tomcat/util/net/LocalStrings_de.properties
b/java/org/apache/tomcat/util/net/LocalStrings_de.properties
index 064fcde..434e26e 100644
--- a/java/org/apache/tomcat/util/net/LocalStrings_de.properties
+++ b/java/org/apache/tomcat/util/net/LocalStrings_de.properties
@@ -44,5 +44,7 @@ sslHostConfig.certificate.notype=Es wurden mehrere
Zertifikate angegeben und min
sslHostConfig.fileNotFound=Die konfigurierte Datei [{0}] existiert nicht.\n
sslHostConfig.opensslconf.null=Versuch eine null OpenSSLConf zu setzen
ignoriert
+sslUtilBase.noVerificationDepth=Der truststoreProvider [{0}] unterstützt nicht
die Option certificateVerificationDepth
[Bug 64474] Truststore validation is failing to show detailed log messages for out-of-date entries
https://bz.apache.org/bugzilla/show_bug.cgi?id=64474 --- Comment #2 from Mark Thomas --- By happy coincidence, I started to work through these strings earlier today. This should get fixed in time for the next release. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 64474] Truststore validation is failing to show detailed log messages for out-of-date entries
https://bz.apache.org/bugzilla/show_bug.cgi?id=64474 Remy Maucherat changed: What|Removed |Added OS||All --- Comment #1 from Remy Maucherat --- Bad luck, the strings were not moved from package util.net to util when this refactoring was made. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 64474] New: Truststore validation is failing to show detailed log messages for out-of-date entries
https://bz.apache.org/bugzilla/show_bug.cgi?id=64474 Bug ID: 64474 Summary: Truststore validation is failing to show detailed log messages for out-of-date entries Product: Tomcat 8 Version: 8.5.x-trunk Hardware: PC Status: NEW Severity: normal Priority: P2 Component: Util Assignee: dev@tomcat.apache.org Reporter: ismae...@gmail.com Target Milestone: Truststore validation is failing to show detailed log messages for out-of-date entries. For instance, with 8.5.27, we would get something like this in catalina.log for an outdated entry in the configured truststore: WARNING [main] org.apache.tomcat.util.net.jsse.JSSEUtil.checkTrustStoreEntries The trusted certificate with alias [somealias] and DN [CN=SomeCN, OU="SomeOU", O=SomeO, C=US] is not valid due to [NotAfter: ]. Certificates signed by this trusted certificate WILL be accepted Now, we get something like this: WARNING [main] org.apache.tomcat.util.net.SSLUtilBase.checkTrustStoreEntries jsseUtil.trustedCertNotValid It seems that the refactored SSLUtilBase method is unable to obtain the message identified by "jsseUtil.trustedCertNotValid": https://github.com/apache/tomcat/blob/8.5.x/java/org/apache/tomcat/util/net/SSLUtilBase.java -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
buildbot failure in on tomcat-trunk
The Buildbot has detected a new failure on builder tomcat-trunk while building tomcat. Full details are available at: https://ci.apache.org/builders/tomcat-trunk/builds/5200 Buildbot URL: https://ci.apache.org/ Buildslave for this Build: asf946_ubuntu Build Reason: The AnyBranchScheduler scheduler named 'on-tomcat-commit' triggered this build Build Source Stamp: [branch master] c71ad7544a277d9d14359b9d0071c4eb33e124da Blamelist: remm BUILD FAILED: failed compile_1 Sincerely, -The Buildbot - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 64471] Rfc6265CookieProcessor doesn't consider IPv6
https://bz.apache.org/bugzilla/show_bug.cgi?id=64471
--- Comment #3 from Christopher Schultz ---
(In reply to Mark Thomas from comment #2)
> Please see RFC 6265 for allowed values of the domain attribute.
There is a path to requesting IPv6, here:
https://tools.ietf.org/html/rfc6265#section-4.1.1 ("Syntax"):
"
domain-value =
; defined in [RFC1034], Section 3.5, as
; enhanced by [RFC1123], Section 2.1
"
https://tools.ietf.org/html/rfc1123#section-2.1 ("Host Names and Numbers"):
"
Whenever a user inputs the identity of an Internet host, it SHOULD
be possible to enter either (1) a host domain name or (2) an IP
address in dotted-decimal ("#.#.#.#") form. The host SHOULD check
the string syntactically for a dotted-decimal number before
looking it up in the Domain Name System.
"
This section does specify "user" as the source of the hostname, but since the
user gets to choose the name they type into the browser, and therefore the
"name of the host" they are contacting, an IP address seems like it should be
legal.
Entering localhost or 127.0.0.1 as the hostname should work (and Tomcat seems
to handle this, because the IP address matches [a-zA-z0-9]+(\.[a-zA-z0-9]+)*.
So I think maybe IPv6 should be allowed as well, no?
--
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 8.5.x updated: Add a little of the SSL env
This is an automated email from the ASF dual-hosted git repository.
remm pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/8.5.x by this push:
new 3494147 Add a little of the SSL env
3494147 is described below
commit 3494147b0c6a50e065ea3064f0e9e960f688ab50
Author: remm
AuthorDate: Wed May 27 14:00:53 2020 +0200
Add a little of the SSL env
Probably since the X509 certificate chain is available, a lot of the
client related env could be done as well.
---
java/org/apache/catalina/valves/rewrite/ResolverImpl.java | 13 -
webapps/docs/changelog.xml| 4
webapps/docs/rewrite.xml | 5 -
3 files changed, 20 insertions(+), 2 deletions(-)
diff --git a/java/org/apache/catalina/valves/rewrite/ResolverImpl.java
b/java/org/apache/catalina/valves/rewrite/ResolverImpl.java
index f880ca5..8c108ab 100644
--- a/java/org/apache/catalina/valves/rewrite/ResolverImpl.java
+++ b/java/org/apache/catalina/valves/rewrite/ResolverImpl.java
@@ -19,10 +19,12 @@ package org.apache.catalina.valves.rewrite;
import java.nio.charset.Charset;
import java.util.Calendar;
+import org.apache.catalina.Globals;
import org.apache.catalina.WebResource;
import org.apache.catalina.WebResourceRoot;
import org.apache.catalina.connector.Request;
import org.apache.tomcat.util.http.FastHttpDateFormat;
+import org.apache.tomcat.util.net.SSLSupport;
public class ResolverImpl extends Resolver {
@@ -133,7 +135,16 @@ public class ResolverImpl extends Resolver {
@Override
public String resolveSsl(String key) {
-// FIXME: Implement SSL environment variables
+if (key.equals("SSL_PROTOCOL")) {
+return
String.valueOf(request.getAttribute(SSLSupport.PROTOCOL_VERSION_KEY));
+} else if (key.equals("SSL_SESSION_ID")) {
+return
String.valueOf(request.getAttribute(Globals.SSL_SESSION_ID_ATTR));
+} else if (key.equals("SSL_CIPHER")) {
+return
String.valueOf(request.getAttribute(Globals.CIPHER_SUITE_ATTR));
+} else if (key.equals("SSL_CIPHER_USEKEYSIZE")) {
+return String.valueOf(request.getAttribute(Globals.KEY_SIZE_ATTR));
+}
+// FIXME: Implement other SSL environment variables when possible
return null;
}
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index f609b65..471acbd 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -60,6 +60,10 @@
64470: The default value of the solidus handling should
reflect the associated system property. (remm)
+
+Implement a few rewrite SSL env that correspond to Servlet request
+attributes. (remm)
+
diff --git a/webapps/docs/rewrite.xml b/webapps/docs/rewrite.xml
index 9609c0b..8ab57f4 100644
--- a/webapps/docs/rewrite.xml
+++ b/webapps/docs/rewrite.xml
@@ -244,7 +244,10 @@
%{SSL:variable}, where variable is the
name of an SSL environment
-variable, are not implemented yet. Example:
+variable, are not implemented, except
+SSL_PROTOCOL, SSL_SESSION_ID,
+SSL_CIPHER and SSL_CIPHER_USEKEYSIZE.
+Example:
%{SSL:SSL_CIPHER_USEKEYSIZE} may expand to
128.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 9.0.x updated: Add a little of the SSL env
This is an automated email from the ASF dual-hosted git repository.
remm pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/9.0.x by this push:
new 8476649 Add a little of the SSL env
8476649 is described below
commit 8476649a0276f7f90b8219b5ef4d52869628facb
Author: remm
AuthorDate: Wed May 27 14:00:53 2020 +0200
Add a little of the SSL env
Probably since the X509 certificate chain is available, a lot of the
client related env could be done as well.
---
java/org/apache/catalina/valves/rewrite/ResolverImpl.java | 13 -
webapps/docs/changelog.xml| 4
webapps/docs/rewrite.xml | 5 -
3 files changed, 20 insertions(+), 2 deletions(-)
diff --git a/java/org/apache/catalina/valves/rewrite/ResolverImpl.java
b/java/org/apache/catalina/valves/rewrite/ResolverImpl.java
index a71d64c..1ae6600 100644
--- a/java/org/apache/catalina/valves/rewrite/ResolverImpl.java
+++ b/java/org/apache/catalina/valves/rewrite/ResolverImpl.java
@@ -19,10 +19,12 @@ package org.apache.catalina.valves.rewrite;
import java.nio.charset.Charset;
import java.util.Calendar;
+import org.apache.catalina.Globals;
import org.apache.catalina.WebResource;
import org.apache.catalina.WebResourceRoot;
import org.apache.catalina.connector.Request;
import org.apache.tomcat.util.http.FastHttpDateFormat;
+import org.apache.tomcat.util.net.SSLSupport;
public class ResolverImpl extends Resolver {
@@ -133,7 +135,16 @@ public class ResolverImpl extends Resolver {
@Override
public String resolveSsl(String key) {
-// FIXME: Implement SSL environment variables
+if (key.equals("SSL_PROTOCOL")) {
+return
String.valueOf(request.getAttribute(SSLSupport.PROTOCOL_VERSION_KEY));
+} else if (key.equals("SSL_SESSION_ID")) {
+return
String.valueOf(request.getAttribute(Globals.SSL_SESSION_ID_ATTR));
+} else if (key.equals("SSL_CIPHER")) {
+return
String.valueOf(request.getAttribute(Globals.CIPHER_SUITE_ATTR));
+} else if (key.equals("SSL_CIPHER_USEKEYSIZE")) {
+return String.valueOf(request.getAttribute(Globals.KEY_SIZE_ATTR));
+}
+// FIXME: Implement other SSL environment variables when possible
return null;
}
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 852d4a9..2abb7c2 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -68,6 +68,10 @@
64470: The default value of the solidus handling should
reflect the associated system property. (remm)
+
+Implement a few rewrite SSL env that correspond to Servlet request
+attributes. (remm)
+
diff --git a/webapps/docs/rewrite.xml b/webapps/docs/rewrite.xml
index c40eb35..be1befa 100644
--- a/webapps/docs/rewrite.xml
+++ b/webapps/docs/rewrite.xml
@@ -245,7 +245,10 @@
%{SSL:variable}, where variable is the
name of an SSL environment
-variable, are not implemented yet. Example:
+variable, are not implemented, except
+SSL_PROTOCOL, SSL_SESSION_ID,
+SSL_CIPHER and SSL_CIPHER_USEKEYSIZE.
+Example:
%{SSL:SSL_CIPHER_USEKEYSIZE} may expand to
128.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch master updated: Add a little of the SSL env
This is an automated email from the ASF dual-hosted git repository.
remm pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/master by this push:
new c71ad75 Add a little of the SSL env
c71ad75 is described below
commit c71ad7544a277d9d14359b9d0071c4eb33e124da
Author: remm
AuthorDate: Wed May 27 14:00:53 2020 +0200
Add a little of the SSL env
Probably since the X509 certificate chain is available, a lot of the
client related env could be done as well.
---
java/org/apache/catalina/valves/rewrite/ResolverImpl.java | 13 -
webapps/docs/changelog.xml| 4
webapps/docs/rewrite.xml | 5 -
3 files changed, 20 insertions(+), 2 deletions(-)
diff --git a/java/org/apache/catalina/valves/rewrite/ResolverImpl.java
b/java/org/apache/catalina/valves/rewrite/ResolverImpl.java
index a71d64c..1ae6600 100644
--- a/java/org/apache/catalina/valves/rewrite/ResolverImpl.java
+++ b/java/org/apache/catalina/valves/rewrite/ResolverImpl.java
@@ -19,10 +19,12 @@ package org.apache.catalina.valves.rewrite;
import java.nio.charset.Charset;
import java.util.Calendar;
+import org.apache.catalina.Globals;
import org.apache.catalina.WebResource;
import org.apache.catalina.WebResourceRoot;
import org.apache.catalina.connector.Request;
import org.apache.tomcat.util.http.FastHttpDateFormat;
+import org.apache.tomcat.util.net.SSLSupport;
public class ResolverImpl extends Resolver {
@@ -133,7 +135,16 @@ public class ResolverImpl extends Resolver {
@Override
public String resolveSsl(String key) {
-// FIXME: Implement SSL environment variables
+if (key.equals("SSL_PROTOCOL")) {
+return
String.valueOf(request.getAttribute(SSLSupport.PROTOCOL_VERSION_KEY));
+} else if (key.equals("SSL_SESSION_ID")) {
+return
String.valueOf(request.getAttribute(Globals.SSL_SESSION_ID_ATTR));
+} else if (key.equals("SSL_CIPHER")) {
+return
String.valueOf(request.getAttribute(Globals.CIPHER_SUITE_ATTR));
+} else if (key.equals("SSL_CIPHER_USEKEYSIZE")) {
+return String.valueOf(request.getAttribute(Globals.KEY_SIZE_ATTR));
+}
+// FIXME: Implement other SSL environment variables when possible
return null;
}
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 0f4a2a6..9063c98 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -64,6 +64,10 @@
Correct a regression in an earlier fix that broke the loading of
configuration files such as keystores via URIs on Windows. (markt)
+
+Implement a few rewrite SSL env that correspond to Servlet request
+attributes. (remm)
+
diff --git a/webapps/docs/rewrite.xml b/webapps/docs/rewrite.xml
index c40eb35..be1befa 100644
--- a/webapps/docs/rewrite.xml
+++ b/webapps/docs/rewrite.xml
@@ -245,7 +245,10 @@
%{SSL:variable}, where variable is the
name of an SSL environment
-variable, are not implemented yet. Example:
+variable, are not implemented, except
+SSL_PROTOCOL, SSL_SESSION_ID,
+SSL_CIPHER and SSL_CIPHER_USEKEYSIZE.
+Example:
%{SSL:SSL_CIPHER_USEKEYSIZE} may expand to
128.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 9.0.x updated: Property renames
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/9.0.x by this push:
new 82278a8 Property renames
82278a8 is described below
commit 82278a8f020569c0e66f199cbfa2385b04afadfc
Author: Mark Thomas
AuthorDate: Wed May 27 12:29:20 2020 +0100
Property renames
jsse.invalid_truststore_pa... to sslHostConfig.invalid_truststore_pa...
jsse.keystore_load_failed to sslUtilBase.keystore_load_failed
jsse.ssl3 to sslUtilBase.ssl3
jsse.tls13.auth to sslUtilBase.tls13.auth
===
jsse.excludeProtocol to jsseUtil.excludeProtocol
jsse.noDefaultProtocols to jsseUtil.noDefaultProtocols
jsse.pemParseErrorto pemFile.parseError
---
java/org/apache/tomcat/util/net/LocalStrings.properties | 9 -
java/org/apache/tomcat/util/net/LocalStrings_cs.properties | 3 +--
java/org/apache/tomcat/util/net/LocalStrings_de.properties | 3 +--
java/org/apache/tomcat/util/net/LocalStrings_es.properties | 7 +++
java/org/apache/tomcat/util/net/LocalStrings_fr.properties | 9 -
java/org/apache/tomcat/util/net/LocalStrings_ja.properties | 9 -
java/org/apache/tomcat/util/net/LocalStrings_ko.properties | 9 -
java/org/apache/tomcat/util/net/LocalStrings_zh_CN.properties| 9 -
java/org/apache/tomcat/util/net/SSLHostConfig.java | 2 +-
java/org/apache/tomcat/util/net/SSLUtilBase.java | 6 +++---
java/org/apache/tomcat/util/net/jsse/JSSEUtil.java | 4 ++--
java/org/apache/tomcat/util/net/jsse/LocalStrings.properties | 6 +++---
java/org/apache/tomcat/util/net/jsse/LocalStrings_cs.properties | 2 +-
java/org/apache/tomcat/util/net/jsse/LocalStrings_de.properties | 3 ++-
java/org/apache/tomcat/util/net/jsse/LocalStrings_es.properties | 3 ++-
java/org/apache/tomcat/util/net/jsse/LocalStrings_fr.properties | 6 +++---
java/org/apache/tomcat/util/net/jsse/LocalStrings_ja.properties | 6 +++---
java/org/apache/tomcat/util/net/jsse/LocalStrings_ko.properties | 6 +++---
.../apache/tomcat/util/net/jsse/LocalStrings_pt_BR.properties| 2 +-
java/org/apache/tomcat/util/net/jsse/LocalStrings_ru.properties | 2 +-
.../apache/tomcat/util/net/jsse/LocalStrings_zh_CN.properties| 6 +++---
java/org/apache/tomcat/util/net/jsse/PEMFile.java| 2 +-
22 files changed, 54 insertions(+), 60 deletions(-)
diff --git a/java/org/apache/tomcat/util/net/LocalStrings.properties
b/java/org/apache/tomcat/util/net/LocalStrings.properties
index 0fdd2df..053da6c 100644
--- a/java/org/apache/tomcat/util/net/LocalStrings.properties
+++ b/java/org/apache/tomcat/util/net/LocalStrings.properties
@@ -135,11 +135,6 @@ endpoint.warn.noRemotePort=Unable to determine remote port
for socket [{0}]
endpoint.warn.noUtilityExecutor=No utility executor was set, creating one
endpoint.warn.unlockAcceptorFailed=Acceptor thread [{0}] failed to unlock.
Forcing hard socket shutdown.
-jsse.invalid_truststore_password=The provided trust store password could not
be used to unlock and/or validate the trust store. Retrying to access the trust
store with a null password which will skip validation.
-jsse.keystore_load_failed=Failed to load keystore type [{0}] with path [{1}]
due to [{2}]
-jsse.ssl3=SSLv3 has been explicitly enabled. This protocol is known to be
insecure.
-jsse.tls13.auth=The JSSE TLS 1.3 implementation does not support
authentication after the initial handshake and is therefore incompatible with
optional client authentication
-
nioBlockingSelector.keyNotRegistered=Key no longer registered
nioBlockingSelector.possibleLeak=Possible key leak, cancelling key in the
finalizer
nioBlockingSelector.processingError=Error processing selection key operations
@@ -158,6 +153,7 @@ socket.sslreneg=Exception re-negotiating SSL connection
sslHostConfig.certificate.notype=Multiple certificates were specified and at
least one is missing the required attribute type
sslHostConfig.certificateVerificationInvalid=The certificate verification
value [{0}] is not recognised
sslHostConfig.fileNotFound=Configured file [{0}] does not exist
+sslHostConfig.invalid_truststore_password=The provided trust store password
could not be used to unlock and/or validate the trust store. Retrying to access
the trust store with a null password which will skip validation.
sslHostConfig.mismatch=The property [{0}] was set on the SSLHostConfig named
[{1}] and is for the [{2}] configuration syntax but the SSLHostConfig is being
used with the [{3}] configuration syntax
sslHostConfig.opensslconf.null=Attempt to set null OpenSSLConf ignored
sslHostConfig.prefix_missing=The protocol [{0}] was added to the list of
protocols on the SSLHostConfig named [{1}]. Check if a +/-
[tomcat] branch master updated: Property renames
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/master by this push:
new 56a90e8 Property renames
56a90e8 is described below
commit 56a90e82177ce178ee4050138066f664fc0cdb3e
Author: Mark Thomas
AuthorDate: Wed May 27 12:29:20 2020 +0100
Property renames
jsse.invalid_truststore_pa... to sslHostConfig.invalid_truststore_pa...
jsse.keystore_load_failed to sslUtilBase.keystore_load_failed
jsse.ssl3 to sslUtilBase.ssl3
jsse.tls13.auth to sslUtilBase.tls13.auth
===
jsse.excludeProtocol to jsseUtil.excludeProtocol
jsse.noDefaultProtocols to jsseUtil.noDefaultProtocols
jsse.pemParseErrorto pemFile.parseError
---
java/org/apache/tomcat/util/net/LocalStrings.properties | 9 -
java/org/apache/tomcat/util/net/LocalStrings_cs.properties | 3 +--
java/org/apache/tomcat/util/net/LocalStrings_de.properties | 3 +--
java/org/apache/tomcat/util/net/LocalStrings_es.properties | 7 +++
java/org/apache/tomcat/util/net/LocalStrings_fr.properties | 9 -
java/org/apache/tomcat/util/net/LocalStrings_ja.properties | 9 -
java/org/apache/tomcat/util/net/LocalStrings_ko.properties | 9 -
java/org/apache/tomcat/util/net/LocalStrings_zh_CN.properties| 9 -
java/org/apache/tomcat/util/net/SSLHostConfig.java | 2 +-
java/org/apache/tomcat/util/net/SSLUtilBase.java | 6 +++---
java/org/apache/tomcat/util/net/jsse/JSSEUtil.java | 4 ++--
java/org/apache/tomcat/util/net/jsse/LocalStrings.properties | 8
java/org/apache/tomcat/util/net/jsse/LocalStrings_cs.properties | 2 +-
java/org/apache/tomcat/util/net/jsse/LocalStrings_de.properties | 3 ++-
java/org/apache/tomcat/util/net/jsse/LocalStrings_es.properties | 3 ++-
java/org/apache/tomcat/util/net/jsse/LocalStrings_fr.properties | 6 +++---
java/org/apache/tomcat/util/net/jsse/LocalStrings_ja.properties | 6 +++---
java/org/apache/tomcat/util/net/jsse/LocalStrings_ko.properties | 6 +++---
.../apache/tomcat/util/net/jsse/LocalStrings_pt_BR.properties| 2 +-
java/org/apache/tomcat/util/net/jsse/LocalStrings_ru.properties | 2 +-
.../apache/tomcat/util/net/jsse/LocalStrings_zh_CN.properties| 6 +++---
java/org/apache/tomcat/util/net/jsse/PEMFile.java| 2 +-
22 files changed, 55 insertions(+), 61 deletions(-)
diff --git a/java/org/apache/tomcat/util/net/LocalStrings.properties
b/java/org/apache/tomcat/util/net/LocalStrings.properties
index 0fdd2df..053da6c 100644
--- a/java/org/apache/tomcat/util/net/LocalStrings.properties
+++ b/java/org/apache/tomcat/util/net/LocalStrings.properties
@@ -135,11 +135,6 @@ endpoint.warn.noRemotePort=Unable to determine remote port
for socket [{0}]
endpoint.warn.noUtilityExecutor=No utility executor was set, creating one
endpoint.warn.unlockAcceptorFailed=Acceptor thread [{0}] failed to unlock.
Forcing hard socket shutdown.
-jsse.invalid_truststore_password=The provided trust store password could not
be used to unlock and/or validate the trust store. Retrying to access the trust
store with a null password which will skip validation.
-jsse.keystore_load_failed=Failed to load keystore type [{0}] with path [{1}]
due to [{2}]
-jsse.ssl3=SSLv3 has been explicitly enabled. This protocol is known to be
insecure.
-jsse.tls13.auth=The JSSE TLS 1.3 implementation does not support
authentication after the initial handshake and is therefore incompatible with
optional client authentication
-
nioBlockingSelector.keyNotRegistered=Key no longer registered
nioBlockingSelector.possibleLeak=Possible key leak, cancelling key in the
finalizer
nioBlockingSelector.processingError=Error processing selection key operations
@@ -158,6 +153,7 @@ socket.sslreneg=Exception re-negotiating SSL connection
sslHostConfig.certificate.notype=Multiple certificates were specified and at
least one is missing the required attribute type
sslHostConfig.certificateVerificationInvalid=The certificate verification
value [{0}] is not recognised
sslHostConfig.fileNotFound=Configured file [{0}] does not exist
+sslHostConfig.invalid_truststore_password=The provided trust store password
could not be used to unlock and/or validate the trust store. Retrying to access
the trust store with a null password which will skip validation.
sslHostConfig.mismatch=The property [{0}] was set on the SSLHostConfig named
[{1}] and is for the [{2}] configuration syntax but the SSLHostConfig is being
used with the [{3}] configuration syntax
sslHostConfig.opensslconf.null=Attempt to set null OpenSSLConf ignored
sslHostConfig.prefix_missing=The protocol [{0}] was added to the list of
protocols on the SSLHostConfig named [{1}]. Check if a +/-
[Bug 64471] Rfc6265CookieProcessor doesn't consider IPv6
https://bz.apache.org/bugzilla/show_bug.cgi?id=64471 Mark Thomas changed: What|Removed |Added Status|NEW |RESOLVED Resolution|--- |INVALID --- Comment #2 from Mark Thomas --- Please see RFC 6265 for allowed values of the domain attribute. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[GitHub] [tomcat] markt-asf closed pull request #291: fixed-chinese-encoding
markt-asf closed pull request #291: URL: https://github.com/apache/tomcat/pull/291 This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[GitHub] [tomcat] markt-asf commented on pull request #291: fixed-chinese-encoding
markt-asf commented on pull request #291: URL: https://github.com/apache/tomcat/pull/291#issuecomment-634493356 I'm guessing you are running Tomcat directly from source in an IDE. As @gmshake pointed out, you'll need to convert the property files to ASCII to do that (the Tomcat build process does this). There are various other approaches you can use depending on exactly what you are trying to achieve. The users mailing list is the place to seek help with this. http://tomcat.apache.org/ This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
