(tomcat) 04/06: Align with Commons File Upload 1.x and make @since tags project specific

[markt]

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git

commit 46f8078384b1616811723a741047f719b5791f69
Author: Mark Thomas 
AuthorDate: Thu Apr 4 12:48:27 2024 +0100

Align with Commons File Upload 1.x and make @since tags project specific
---
 java/org/apache/tomcat/util/http/fileupload/FileItem.java  |  2 +-
 .../tomcat/util/http/fileupload/FileItemHeaders.java   |  2 +-
 .../util/http/fileupload/FileItemHeadersSupport.java   |  2 +-
 java/org/apache/tomcat/util/http/fileupload/FileUtils.java |  4 ++--
 java/org/apache/tomcat/util/http/fileupload/IOUtils.java   | 14 +++---
 .../tomcat/util/http/fileupload/MultipartStream.java   |  3 +--
 .../apache/tomcat/util/http/fileupload/RequestContext.java |  2 +-
 .../apache/tomcat/util/http/fileupload/UploadContext.java  |  4 ++--
 .../tomcat/util/http/fileupload/disk/DiskFileItem.java |  2 +-
 .../util/http/fileupload/disk/DiskFileItemFactory.java |  2 +-
 .../http/fileupload/impl/InvalidContentTypeException.java  |  2 +-
 .../tomcat/util/http/fileupload/impl/SizeException.java|  4 ++--
 .../http/fileupload/servlet/ServletRequestContext.java |  2 +-
 .../util/http/fileupload/util/FileItemHeadersImpl.java |  2 +-
 .../tomcat/util/http/fileupload/util/mime/MimeUtility.java |  2 +-
 .../util/http/fileupload/util/mime/ParseException.java |  2 +-
 .../http/fileupload/util/mime/QuotedPrintableDecoder.java  |  2 +-
 17 files changed, 26 insertions(+), 27 deletions(-)

diff --git a/java/org/apache/tomcat/util/http/fileupload/FileItem.java 
b/java/org/apache/tomcat/util/http/fileupload/FileItem.java
index d1e0523f12..e6f035fc7b 100644
--- a/java/org/apache/tomcat/util/http/fileupload/FileItem.java
+++ b/java/org/apache/tomcat/util/http/fileupload/FileItem.java
@@ -43,7 +43,7 @@ import java.io.UnsupportedEncodingException;
  * implementation of this interface to also implement
  * {@code javax.activation.DataSource} with minimal additional work.
  *
- * @since 1.3 additionally implements FileItemHeadersSupport
+ * @since FileUpload 1.3 additionally implements FileItemHeadersSupport
  */
 public interface FileItem extends FileItemHeadersSupport {
 
diff --git a/java/org/apache/tomcat/util/http/fileupload/FileItemHeaders.java 
b/java/org/apache/tomcat/util/http/fileupload/FileItemHeaders.java
index bcfd40c588..890f4397ae 100644
--- a/java/org/apache/tomcat/util/http/fileupload/FileItemHeaders.java
+++ b/java/org/apache/tomcat/util/http/fileupload/FileItemHeaders.java
@@ -23,7 +23,7 @@ import java.util.Iterator;
  * item that was received within a {@code multipart/form-data} POST
  * request.
  *
- * @since 1.2.1
+ * @since FileUpload 1.2.1
  */
 public interface FileItemHeaders {
 
diff --git 
a/java/org/apache/tomcat/util/http/fileupload/FileItemHeadersSupport.java 
b/java/org/apache/tomcat/util/http/fileupload/FileItemHeadersSupport.java
index 3e98dbb2f0..e5858c7177 100644
--- a/java/org/apache/tomcat/util/http/fileupload/FileItemHeadersSupport.java
+++ b/java/org/apache/tomcat/util/http/fileupload/FileItemHeadersSupport.java
@@ -20,7 +20,7 @@ package org.apache.tomcat.util.http.fileupload;
  * Interface that will indicate that {@link FileItem} or {@link FileItemStream}
  * implementations will accept the headers read for the item.
  *
- * @since 1.2.1
+ * @since FileUpload 1.2.1
  *
  * @see FileItem
  * @see FileItemStream
diff --git a/java/org/apache/tomcat/util/http/fileupload/FileUtils.java 
b/java/org/apache/tomcat/util/http/fileupload/FileUtils.java
index 53e0489cf7..a325fb62a6 100644
--- a/java/org/apache/tomcat/util/http/fileupload/FileUtils.java
+++ b/java/org/apache/tomcat/util/http/fileupload/FileUtils.java
@@ -258,7 +258,7 @@ public class FileUtils {
  * @param file file with parent to create, must not be {@code null}
  * @throws NullPointerException if the file is {@code null}
  * @throws IOException  if the parent directory cannot be created
- * @since 2.5
+ * @since IO 2.5
  */
 public static void forceMkdirParent(final File file) throws IOException {
 final File parent = file.getParentFile();
@@ -282,7 +282,7 @@ public class FileUtils {
  * @param file the file to check
  * @return true if the file is a Symbolic Link
  * @throws IOException if an IO error occurs while checking the file
- * @since 2.0
+ * @since IO 2.0
  */
 public static boolean isSymlink(File file) throws IOException {
 if (file == null) {
diff --git a/java/org/apache/tomcat/util/http/fileupload/IOUtils.java 
b/java/org/apache/tomcat/util/http/fileupload/IOUtils.java
index 069b0aeb00..0941653ebd 100644
--- a/java/org/apache/tomcat/util/http/fileupload/IOUtils.java
+++ b/java/org/apache/tomcat/util/http/fileupload/IOUtils.java
@@ -60,7 +60,7 @@ public class IOUtils {
 
 /**
  * Represents the end-of-file (or stream).
- * @since 2.5 (made

(tomcat) 05/06: Update merge info. FileUpload was manually synchronized with 1.x.

[markt]

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git

commit 29a5b0e37bf19e3ddd0f0d5adf89839652947cc0
Author: Mark Thomas 
AuthorDate: Thu Apr 4 13:06:19 2024 +0100

Update merge info. FileUpload was manually synchronized with 1.x.
---
 MERGE.txt | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/MERGE.txt b/MERGE.txt
index 8404019433..c3e81ab842 100644
--- a/MERGE.txt
+++ b/MERGE.txt
@@ -51,10 +51,11 @@ Note: Only classes required for Base64 encoding/decoding. 
The rest are removed.
 FileUpload
 --
 Unused code is removed
+Branch: 1.x
 Sub-tree:
 src/main/java/org/apache/commons/fileupload2
 The SHA1 ID / tag for the most recent commit to be merged to Tomcat is:
-34eb241c051b02eca3b0b1b04f67b3b4e6c3a24d (2023-01-03)
+7a8c3241cfa8d036452cd4fc3f92d57cff189bca (2023-09-16)
 
 Note: Tomcat's copy of fileupload also includes classes copied manually from
   Commons IO.


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

(tomcat) branch 10.1.x updated: Update merge info. FileUpload was manually synchronized with 1.x.

[markt]

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 10.1.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/10.1.x by this push:
 new 907906b83a Update merge info. FileUpload was manually synchronized 
with 1.x.
907906b83a is described below

commit 907906b83ad60eb7fc561f9d73e7b87445c18fd5
Author: Mark Thomas 
AuthorDate: Thu Apr 4 13:06:19 2024 +0100

Update merge info. FileUpload was manually synchronized with 1.x.
---
 MERGE.txt | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/MERGE.txt b/MERGE.txt
index 8404019433..c3e81ab842 100644
--- a/MERGE.txt
+++ b/MERGE.txt
@@ -51,10 +51,11 @@ Note: Only classes required for Base64 encoding/decoding. 
The rest are removed.
 FileUpload
 --
 Unused code is removed
+Branch: 1.x
 Sub-tree:
 src/main/java/org/apache/commons/fileupload2
 The SHA1 ID / tag for the most recent commit to be merged to Tomcat is:
-34eb241c051b02eca3b0b1b04f67b3b4e6c3a24d (2023-01-03)
+7a8c3241cfa8d036452cd4fc3f92d57cff189bca (2023-09-16)
 
 Note: Tomcat's copy of fileupload also includes classes copied manually from
   Commons IO.


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

(tomcat) branch main updated: Update merge info. FileUpload was manually synchronized with 1.x.

[markt]

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/main by this push:
 new 3c22524516 Update merge info. FileUpload was manually synchronized 
with 1.x.
3c22524516 is described below

commit 3c225245161c5481aeb5eda4d1d77fa434bab3ac
Author: Mark Thomas 
AuthorDate: Thu Apr 4 13:06:19 2024 +0100

Update merge info. FileUpload was manually synchronized with 1.x.
---
 MERGE.txt | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/MERGE.txt b/MERGE.txt
index 8404019433..c3e81ab842 100644
--- a/MERGE.txt
+++ b/MERGE.txt
@@ -51,10 +51,11 @@ Note: Only classes required for Base64 encoding/decoding. 
The rest are removed.
 FileUpload
 --
 Unused code is removed
+Branch: 1.x
 Sub-tree:
 src/main/java/org/apache/commons/fileupload2
 The SHA1 ID / tag for the most recent commit to be merged to Tomcat is:
-34eb241c051b02eca3b0b1b04f67b3b4e6c3a24d (2023-01-03)
+7a8c3241cfa8d036452cd4fc3f92d57cff189bca (2023-09-16)
 
 Note: Tomcat's copy of fileupload also includes classes copied manually from
   Commons IO.


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

(tomcat) branch 10.1.x updated: Align with Commons File Upload 1.x and make @since tags project specific

[markt]

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 10.1.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/10.1.x by this push:
 new 047d00304b Align with Commons File Upload 1.x and make @since tags 
project specific
047d00304b is described below

commit 047d00304b60656d32173b4c80182116c31d6838
Author: Mark Thomas 
AuthorDate: Thu Apr 4 12:48:27 2024 +0100

Align with Commons File Upload 1.x and make @since tags project specific
---
 java/org/apache/tomcat/util/http/fileupload/FileItem.java  |  2 +-
 .../tomcat/util/http/fileupload/FileItemHeaders.java   |  2 +-
 .../util/http/fileupload/FileItemHeadersSupport.java   |  2 +-
 java/org/apache/tomcat/util/http/fileupload/FileUtils.java |  4 ++--
 java/org/apache/tomcat/util/http/fileupload/IOUtils.java   | 14 +++---
 .../tomcat/util/http/fileupload/MultipartStream.java   |  3 +--
 .../apache/tomcat/util/http/fileupload/RequestContext.java |  2 +-
 .../apache/tomcat/util/http/fileupload/UploadContext.java  |  4 ++--
 .../tomcat/util/http/fileupload/disk/DiskFileItem.java |  2 +-
 .../util/http/fileupload/disk/DiskFileItemFactory.java |  2 +-
 .../http/fileupload/impl/InvalidContentTypeException.java  |  2 +-
 .../tomcat/util/http/fileupload/impl/SizeException.java|  4 ++--
 .../http/fileupload/servlet/ServletRequestContext.java |  2 +-
 .../util/http/fileupload/util/FileItemHeadersImpl.java |  2 +-
 .../tomcat/util/http/fileupload/util/mime/MimeUtility.java |  2 +-
 .../util/http/fileupload/util/mime/ParseException.java |  2 +-
 .../http/fileupload/util/mime/QuotedPrintableDecoder.java  |  2 +-
 17 files changed, 26 insertions(+), 27 deletions(-)

diff --git a/java/org/apache/tomcat/util/http/fileupload/FileItem.java 
b/java/org/apache/tomcat/util/http/fileupload/FileItem.java
index d1e0523f12..e6f035fc7b 100644
--- a/java/org/apache/tomcat/util/http/fileupload/FileItem.java
+++ b/java/org/apache/tomcat/util/http/fileupload/FileItem.java
@@ -43,7 +43,7 @@ import java.io.UnsupportedEncodingException;
  * implementation of this interface to also implement
  * {@code javax.activation.DataSource} with minimal additional work.
  *
- * @since 1.3 additionally implements FileItemHeadersSupport
+ * @since FileUpload 1.3 additionally implements FileItemHeadersSupport
  */
 public interface FileItem extends FileItemHeadersSupport {
 
diff --git a/java/org/apache/tomcat/util/http/fileupload/FileItemHeaders.java 
b/java/org/apache/tomcat/util/http/fileupload/FileItemHeaders.java
index bcfd40c588..890f4397ae 100644
--- a/java/org/apache/tomcat/util/http/fileupload/FileItemHeaders.java
+++ b/java/org/apache/tomcat/util/http/fileupload/FileItemHeaders.java
@@ -23,7 +23,7 @@ import java.util.Iterator;
  * item that was received within a {@code multipart/form-data} POST
  * request.
  *
- * @since 1.2.1
+ * @since FileUpload 1.2.1
  */
 public interface FileItemHeaders {
 
diff --git 
a/java/org/apache/tomcat/util/http/fileupload/FileItemHeadersSupport.java 
b/java/org/apache/tomcat/util/http/fileupload/FileItemHeadersSupport.java
index 3e98dbb2f0..e5858c7177 100644
--- a/java/org/apache/tomcat/util/http/fileupload/FileItemHeadersSupport.java
+++ b/java/org/apache/tomcat/util/http/fileupload/FileItemHeadersSupport.java
@@ -20,7 +20,7 @@ package org.apache.tomcat.util.http.fileupload;
  * Interface that will indicate that {@link FileItem} or {@link FileItemStream}
  * implementations will accept the headers read for the item.
  *
- * @since 1.2.1
+ * @since FileUpload 1.2.1
  *
  * @see FileItem
  * @see FileItemStream
diff --git a/java/org/apache/tomcat/util/http/fileupload/FileUtils.java 
b/java/org/apache/tomcat/util/http/fileupload/FileUtils.java
index 53e0489cf7..a325fb62a6 100644
--- a/java/org/apache/tomcat/util/http/fileupload/FileUtils.java
+++ b/java/org/apache/tomcat/util/http/fileupload/FileUtils.java
@@ -258,7 +258,7 @@ public class FileUtils {
  * @param file file with parent to create, must not be {@code null}
  * @throws NullPointerException if the file is {@code null}
  * @throws IOException  if the parent directory cannot be created
- * @since 2.5
+ * @since IO 2.5
  */
 public static void forceMkdirParent(final File file) throws IOException {
 final File parent = file.getParentFile();
@@ -282,7 +282,7 @@ public class FileUtils {
  * @param file the file to check
  * @return true if the file is a Symbolic Link
  * @throws IOException if an IO error occurs while checking the file
- * @since 2.0
+ * @since IO 2.0
  */
 public static boolean isSymlink(File file) throws IOException {
 if (file == null) {
diff --git a/java/org/apache/tomcat/util/http/fileupload/IOUtils.java 
b/java/org/apache/tomcat/util/http/fileupload/IOUtils.java
index 069b0aeb00..0941653ebd 100644
--- a/java/org/apache/tomcat/util/http/fileupload

(tomcat) branch main updated: Align with Commons File Upload 1.x and make @since tags project specific

[markt]

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/main by this push:
 new 6e0385bb59 Align with Commons File Upload 1.x and make @since tags 
project specific
6e0385bb59 is described below

commit 6e0385bb59d457cacfa7fb63ad44ef5e45a86351
Author: Mark Thomas 
AuthorDate: Thu Apr 4 12:48:27 2024 +0100

Align with Commons File Upload 1.x and make @since tags project specific
---
 java/org/apache/tomcat/util/http/fileupload/FileItem.java  |  2 +-
 .../tomcat/util/http/fileupload/FileItemHeaders.java   |  2 +-
 .../util/http/fileupload/FileItemHeadersSupport.java   |  2 +-
 java/org/apache/tomcat/util/http/fileupload/FileUtils.java |  4 ++--
 java/org/apache/tomcat/util/http/fileupload/IOUtils.java   | 14 +++---
 .../tomcat/util/http/fileupload/MultipartStream.java   |  3 +--
 .../apache/tomcat/util/http/fileupload/RequestContext.java |  2 +-
 .../apache/tomcat/util/http/fileupload/UploadContext.java  |  4 ++--
 .../tomcat/util/http/fileupload/disk/DiskFileItem.java |  2 +-
 .../util/http/fileupload/disk/DiskFileItemFactory.java |  2 +-
 .../http/fileupload/impl/InvalidContentTypeException.java  |  2 +-
 .../tomcat/util/http/fileupload/impl/SizeException.java|  4 ++--
 .../http/fileupload/servlet/ServletRequestContext.java |  2 +-
 .../util/http/fileupload/util/FileItemHeadersImpl.java |  2 +-
 .../tomcat/util/http/fileupload/util/mime/MimeUtility.java |  2 +-
 .../util/http/fileupload/util/mime/ParseException.java |  2 +-
 .../http/fileupload/util/mime/QuotedPrintableDecoder.java  |  2 +-
 17 files changed, 26 insertions(+), 27 deletions(-)

diff --git a/java/org/apache/tomcat/util/http/fileupload/FileItem.java 
b/java/org/apache/tomcat/util/http/fileupload/FileItem.java
index d1e0523f12..e6f035fc7b 100644
--- a/java/org/apache/tomcat/util/http/fileupload/FileItem.java
+++ b/java/org/apache/tomcat/util/http/fileupload/FileItem.java
@@ -43,7 +43,7 @@ import java.io.UnsupportedEncodingException;
  * implementation of this interface to also implement
  * {@code javax.activation.DataSource} with minimal additional work.
  *
- * @since 1.3 additionally implements FileItemHeadersSupport
+ * @since FileUpload 1.3 additionally implements FileItemHeadersSupport
  */
 public interface FileItem extends FileItemHeadersSupport {
 
diff --git a/java/org/apache/tomcat/util/http/fileupload/FileItemHeaders.java 
b/java/org/apache/tomcat/util/http/fileupload/FileItemHeaders.java
index bcfd40c588..890f4397ae 100644
--- a/java/org/apache/tomcat/util/http/fileupload/FileItemHeaders.java
+++ b/java/org/apache/tomcat/util/http/fileupload/FileItemHeaders.java
@@ -23,7 +23,7 @@ import java.util.Iterator;
  * item that was received within a {@code multipart/form-data} POST
  * request.
  *
- * @since 1.2.1
+ * @since FileUpload 1.2.1
  */
 public interface FileItemHeaders {
 
diff --git 
a/java/org/apache/tomcat/util/http/fileupload/FileItemHeadersSupport.java 
b/java/org/apache/tomcat/util/http/fileupload/FileItemHeadersSupport.java
index 3e98dbb2f0..e5858c7177 100644
--- a/java/org/apache/tomcat/util/http/fileupload/FileItemHeadersSupport.java
+++ b/java/org/apache/tomcat/util/http/fileupload/FileItemHeadersSupport.java
@@ -20,7 +20,7 @@ package org.apache.tomcat.util.http.fileupload;
  * Interface that will indicate that {@link FileItem} or {@link FileItemStream}
  * implementations will accept the headers read for the item.
  *
- * @since 1.2.1
+ * @since FileUpload 1.2.1
  *
  * @see FileItem
  * @see FileItemStream
diff --git a/java/org/apache/tomcat/util/http/fileupload/FileUtils.java 
b/java/org/apache/tomcat/util/http/fileupload/FileUtils.java
index 53e0489cf7..a325fb62a6 100644
--- a/java/org/apache/tomcat/util/http/fileupload/FileUtils.java
+++ b/java/org/apache/tomcat/util/http/fileupload/FileUtils.java
@@ -258,7 +258,7 @@ public class FileUtils {
  * @param file file with parent to create, must not be {@code null}
  * @throws NullPointerException if the file is {@code null}
  * @throws IOException  if the parent directory cannot be created
- * @since 2.5
+ * @since IO 2.5
  */
 public static void forceMkdirParent(final File file) throws IOException {
 final File parent = file.getParentFile();
@@ -282,7 +282,7 @@ public class FileUtils {
  * @param file the file to check
  * @return true if the file is a Symbolic Link
  * @throws IOException if an IO error occurs while checking the file
- * @since 2.0
+ * @since IO 2.0
  */
 public static boolean isSymlink(File file) throws IOException {
 if (file == null) {
diff --git a/java/org/apache/tomcat/util/http/fileupload/IOUtils.java 
b/java/org/apache/tomcat/util/http/fileupload/IOUtils.java
index 069b0aeb00..0941653ebd 100644
--- a/java/org/apache/tomcat/util/http/fileupload

svn commit: r68007 [1/2] - in /dev/tomcat/tomcat-8/v8.5.100: ./ bin/ bin/embed/ bin/extras/ src/

[schultz]

Author: schultz
Date: Tue Mar 19 14:00:54 2024
New Revision: 68007

Log:
Upload v8.5.100 for voting

Added:
dev/tomcat/tomcat-8/v8.5.100/
dev/tomcat/tomcat-8/v8.5.100/KEYS
dev/tomcat/tomcat-8/v8.5.100/README.html
dev/tomcat/tomcat-8/v8.5.100/RELEASE-NOTES
dev/tomcat/tomcat-8/v8.5.100/bin/
dev/tomcat/tomcat-8/v8.5.100/bin/README.html
dev/tomcat/tomcat-8/v8.5.100/bin/apache-tomcat-8.5.100-deployer.tar.gz   
(with props)
dev/tomcat/tomcat-8/v8.5.100/bin/apache-tomcat-8.5.100-deployer.tar.gz.asc

dev/tomcat/tomcat-8/v8.5.100/bin/apache-tomcat-8.5.100-deployer.tar.gz.sha512
dev/tomcat/tomcat-8/v8.5.100/bin/apache-tomcat-8.5.100-deployer.zip   (with 
props)
dev/tomcat/tomcat-8/v8.5.100/bin/apache-tomcat-8.5.100-deployer.zip.asc
dev/tomcat/tomcat-8/v8.5.100/bin/apache-tomcat-8.5.100-deployer.zip.sha512
dev/tomcat/tomcat-8/v8.5.100/bin/apache-tomcat-8.5.100-fulldocs.tar.gz   
(with props)
dev/tomcat/tomcat-8/v8.5.100/bin/apache-tomcat-8.5.100-fulldocs.tar.gz.asc

dev/tomcat/tomcat-8/v8.5.100/bin/apache-tomcat-8.5.100-fulldocs.tar.gz.sha512
dev/tomcat/tomcat-8/v8.5.100/bin/apache-tomcat-8.5.100-windows-x64.zip   
(with props)
dev/tomcat/tomcat-8/v8.5.100/bin/apache-tomcat-8.5.100-windows-x64.zip.asc

dev/tomcat/tomcat-8/v8.5.100/bin/apache-tomcat-8.5.100-windows-x64.zip.sha512
dev/tomcat/tomcat-8/v8.5.100/bin/apache-tomcat-8.5.100-windows-x86.zip   
(with props)
dev/tomcat/tomcat-8/v8.5.100/bin/apache-tomcat-8.5.100-windows-x86.zip.asc

dev/tomcat/tomcat-8/v8.5.100/bin/apache-tomcat-8.5.100-windows-x86.zip.sha512
dev/tomcat/tomcat-8/v8.5.100/bin/apache-tomcat-8.5.100.exe   (with props)
dev/tomcat/tomcat-8/v8.5.100/bin/apache-tomcat-8.5.100.exe.asc
dev/tomcat/tomcat-8/v8.5.100/bin/apache-tomcat-8.5.100.exe.sha512
dev/tomcat/tomcat-8/v8.5.100/bin/apache-tomcat-8.5.100.tar.gz   (with props)
dev/tomcat/tomcat-8/v8.5.100/bin/apache-tomcat-8.5.100.tar.gz.asc
dev/tomcat/tomcat-8/v8.5.100/bin/apache-tomcat-8.5.100.tar.gz.sha512
dev/tomcat/tomcat-8/v8.5.100/bin/apache-tomcat-8.5.100.zip   (with props)
dev/tomcat/tomcat-8/v8.5.100/bin/apache-tomcat-8.5.100.zip.asc
dev/tomcat/tomcat-8/v8.5.100/bin/apache-tomcat-8.5.100.zip.sha512
dev/tomcat/tomcat-8/v8.5.100/bin/embed/
dev/tomcat/tomcat-8/v8.5.100/bin/embed/apache-tomcat-8.5.100-embed.tar.gz   
(with props)

dev/tomcat/tomcat-8/v8.5.100/bin/embed/apache-tomcat-8.5.100-embed.tar.gz.asc

dev/tomcat/tomcat-8/v8.5.100/bin/embed/apache-tomcat-8.5.100-embed.tar.gz.sha512
dev/tomcat/tomcat-8/v8.5.100/bin/embed/apache-tomcat-8.5.100-embed.zip   
(with props)
dev/tomcat/tomcat-8/v8.5.100/bin/embed/apache-tomcat-8.5.100-embed.zip.asc

dev/tomcat/tomcat-8/v8.5.100/bin/embed/apache-tomcat-8.5.100-embed.zip.sha512
dev/tomcat/tomcat-8/v8.5.100/bin/extras/
dev/tomcat/tomcat-8/v8.5.100/bin/extras/catalina-ws.jar   (with props)
dev/tomcat/tomcat-8/v8.5.100/bin/extras/catalina-ws.jar.asc
dev/tomcat/tomcat-8/v8.5.100/bin/extras/catalina-ws.jar.sha512
dev/tomcat/tomcat-8/v8.5.100/src/
dev/tomcat/tomcat-8/v8.5.100/src/apache-tomcat-8.5.100-src.tar.gz   (with 
props)
dev/tomcat/tomcat-8/v8.5.100/src/apache-tomcat-8.5.100-src.tar.gz.asc
dev/tomcat/tomcat-8/v8.5.100/src/apache-tomcat-8.5.100-src.tar.gz.sha512
dev/tomcat/tomcat-8/v8.5.100/src/apache-tomcat-8.5.100-src.zip   (with 
props)
dev/tomcat/tomcat-8/v8.5.100/src/apache-tomcat-8.5.100-src.zip.asc
dev/tomcat/tomcat-8/v8.5.100/src/apache-tomcat-8.5.100-src.zip.sha512

Added: dev/tomcat/tomcat-8/v8.5.100/KEYS
==
--- dev/tomcat/tomcat-8/v8.5.100/KEYS (added)
+++ dev/tomcat/tomcat-8/v8.5.100/KEYS Tue Mar 19 14:00:54 2024
@@ -0,0 +1,785 @@
+This file contains the PGP keys of various Apache developers.
+Please don't use them for email unless you have to. Their main
+purpose is code signing.
+
+Apache users: pgp < KEYS
+Apache developers:
+(pgpk -ll  && pgpk -xa ) >> this file.
+  or
+(gpg --fingerprint --list-sigs 
+ && gpg --armor --export ) >> this file.
+
+Apache developers: please ensure that your key is also available via the
+PGP keyservers (such as pgpkeys.mit.edu).
+
+
+Type Bits/KeyIDDate   User ID
+pub  2048/F22C4FED 2001/07/02 Andy Armstrong 
+
+-BEGIN PGP PUBLIC KEY BLOCK-
+Version: PGPfreeware 7.0.3 for non-commercial use 
+
+mQGiBDtAWuURBADZ0KUEyUkSUiTA09e7tvEbX25STsjxrR+DNTainCls+XlkVOij
+gBv216lqge9tIsS0L6hCP4OQbFf/64qVtJssX4QXdyiZGb5wpmcj0Mz602Ew8r+N
+I0S5NvmogoYWW7BlP4r61jNxO5zrr03KaijM5r4ipJdLUxyOmM6P2jRPUwCg/5gm
+bpqiYl7pXX5FgDeB36tmD+UD/06iLqOnoiKO0vMbOk7URclhCObMNrHqxTxozMTS
+B9soYURbIeArei+plYo2n+1qB12ayybjhVu3uksXRdT9bEkyxMfslvLbIpDAG8Cz
+gNftTbKx/MVS7cQU0II8BKo2Akr+1FZah+sD4ovK8SfkMXUQUbTeefTntsAQKyyU
+9M9tA/9on9tBiHFl0qVJht6N4GiJ2G689v7rS2giLgKjetjiCduxBXEgvUSuyQID

[Bug 68743] New: NIIM #1 Computer Training Institute Gorakhpur

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=68743

Bug ID: 68743
   Summary: NIIM #1 Computer Training Institute Gorakhpur
   Product: Tomcat 8
   Version: 8.5.x-trunk
  Hardware: PC
Status: NEW
  Severity: normal
  Priority: P2
 Component: Documentation
  Assignee: dev@tomcat.apache.org
  Reporter: bhanga...@gmail.com
  Target Milestone: 

NIIM computer training institute is the best computer institute in Gorakhpur,
which provides services in the field of Computer Tanning, CCC, O'Level, DCA,
Tally, Excel, C++, Python, Hindi, english typing, AUTOCAD and more.

https://niiminstitute.com

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

svn commit: r1915868 [1/5] - in /tomcat/site/trunk: docs/ xdocs/

[markt]

Author: markt
Date: Mon Feb 19 09:00:21 2024
New Revision: 1915868

URL: http://svn.apache.org/viewvc?rev=1915868=rev
Log:
Prepare old news pages for 2024

Added:
tomcat/site/trunk/docs/oldnews-2023.html
tomcat/site/trunk/xdocs/oldnews-2023.xml
Modified:
tomcat/site/trunk/docs/oldnews-2010.html
tomcat/site/trunk/docs/oldnews-2011.html
tomcat/site/trunk/docs/oldnews-2012.html
tomcat/site/trunk/docs/oldnews-2013.html
tomcat/site/trunk/docs/oldnews-2014.html
tomcat/site/trunk/docs/oldnews-2015.html
tomcat/site/trunk/docs/oldnews-2016.html
tomcat/site/trunk/docs/oldnews-2017.html
tomcat/site/trunk/docs/oldnews-2018.html
tomcat/site/trunk/docs/oldnews-2019.html
tomcat/site/trunk/docs/oldnews-2020.html
tomcat/site/trunk/docs/oldnews-2021.html
tomcat/site/trunk/docs/oldnews-2022.html
tomcat/site/trunk/docs/oldnews.html
tomcat/site/trunk/xdocs/oldnews-2010.xml
tomcat/site/trunk/xdocs/oldnews-2011.xml
tomcat/site/trunk/xdocs/oldnews-2012.xml
tomcat/site/trunk/xdocs/oldnews-2013.xml
tomcat/site/trunk/xdocs/oldnews-2014.xml
tomcat/site/trunk/xdocs/oldnews-2015.xml
tomcat/site/trunk/xdocs/oldnews-2016.xml
tomcat/site/trunk/xdocs/oldnews-2017.xml
tomcat/site/trunk/xdocs/oldnews-2018.xml
tomcat/site/trunk/xdocs/oldnews-2019.xml
tomcat/site/trunk/xdocs/oldnews-2020.xml
tomcat/site/trunk/xdocs/oldnews-2021.xml
tomcat/site/trunk/xdocs/oldnews-2022.xml
tomcat/site/trunk/xdocs/oldnews.xml

Modified: tomcat/site/trunk/docs/oldnews-2010.html
URL: 
http://svn.apache.org/viewvc/tomcat/site/trunk/docs/oldnews-2010.html?rev=1915868=1915867=1915868=diff
==
--- tomcat/site/trunk/docs/oldnews-2010.html (original)
+++ tomcat/site/trunk/docs/oldnews-2010.html Mon Feb 19 09:00:21 2024
@@ -2,7 +2,8 @@
 Apache Tomcat - Old news! - 2010https://www.apachecon.com/event-images/snippet.js";>http://tomcat.apache.org/;>Apache 
Tomcathttps://www.apache.org/foundation/contributing.html; target="_blank" 
class="pull-left">https://www.apache.org/images/SupportApache-sm
 all.png" class="support-asf" alt="Support Apache">http://www.apache.org/; target="_blank" class="pull-left">https://www.google.com/search; method="get">GOApache TomcatHomeTaglibsMaven 
PluginDownloadWhich version?https://tomcat.apache.org/downlo
 ad-11.cgi">Tomcat 11 (alpha)https://tomcat.apache.org/download-10.cgi;>Tomcat 10https://tomcat.apache.org/download-90.cgi;>Tomcat 9https://tomcat.apache.org/download-80.cgi;>Tomcat 8https://tomcat.apache.org/download-migration.cgi;>Tomcat Migration Tool 
for Jakarta EEhttps://tomcat.apache.org/download-connectors.cgi;>Tomcat 
Connectorshttps://tomcat.apache.org/download-native.cgi;>Tomcat 
Nativehttps://tomcat.apache.org/download-taglibs.cgi;>Taglibshttps://archive.apache.org/dist/tomcat/;>ArchivesDocumentationTomcat 11.0 (alpha)Tomcat 10.1Tomcat 9.0Tomcat 8.5UpgradingTomcat ConnectorsTomcat Native 2Tomcat Native 1.3Tomcat Native 1.2https://cwiki.apache.org/confluence/display/TOMCAT;>WikiMigration GuidePresentationshttps://cwiki.apache.org/confluence/x/Bi8lBg;>SpecificationsProblems?Security ReportsFind helphttps://cwiki.apache.org/confluence/display/TOMCAT/FAQ;>FAQMailing ListsBug 
DatabaseIRCGet 
InvolvedOverviewSource 
codeBuildbothttps://cwiki.apache.org/confluence/x/vIPzBQ;>TranslationsToolsMediahttps://twitter.com/theapachetomcat;>Twitterhttps://www.youtube.com/c/ApacheTomcatOfficial;>YouTubehttps://blogs.apache.org/tomcat/;>BlogMiscWho We Arehttps://www.redbubble.com/people/comdev/works/30885254-apache-tomcat;>SwagHeritagehttp://www.apache.org;>Apache HomeResourcesContactLegalhttps://privacy.apache.org/policies/privacy-policy-public.html;>PrivacySupport 
Apachehttps://www.apache.org/foundation/sponsorship.html;>Sponsorshiphttp://www.apache.org/foundation/thanks.html;>Thankshttp://www.apache.org/licenses/;>LicenseContentOther news
 Announcements from other years can be found here:
 
-  year 2023
+  year 2024
+  year 2023
   year 2022
   year 2021
   year 2020

Modified: tomcat/site/trunk/docs/oldnews-2011.html
URL: 
http://svn.apache.org/viewvc/tomcat/site/trunk/docs/oldnews-2011.html?rev=1915868=1915867=1915868=diff
==
--- tomcat/site/trunk/docs/oldnews-2011.html (original)
+++ tomcat/site/trunk/docs/oldnews-2011.html Mon Feb 19 09:00:21 2024
@@ -2,7 +2,8 @@
 Apache Tomcat - Old news! - 2011https://www.apachecon.com/event-images/snippet.js";>http://tomcat.apache.org/;>Apache 
Tomcathttps://www.apache.org/foundation/contributing.html; target="_blank" 
class="pull-left">https://www.apache.org/images/SupportApache-sm
 all.png" class="support-asf" alt="Support Apache">http://www.apache.org/; target="_blank" class="pull-left">https://www.google.com/search; method="get">GOApache TomcatHomeTaglibsMaven 
PluginDownloadWhich 

svn commit: r67352 [1/2] - in /dev/tomcat/tomcat-8/v8.5.99: ./ bin/ bin/embed/ bin/extras/ src/

[schultz]

Author: schultz
Date: Wed Feb 14 23:00:14 2024
New Revision: 67352

Log:
Upload v8.5.99 for voting

Added:
dev/tomcat/tomcat-8/v8.5.99/
dev/tomcat/tomcat-8/v8.5.99/KEYS
dev/tomcat/tomcat-8/v8.5.99/README.html
dev/tomcat/tomcat-8/v8.5.99/RELEASE-NOTES
dev/tomcat/tomcat-8/v8.5.99/bin/
dev/tomcat/tomcat-8/v8.5.99/bin/README.html
dev/tomcat/tomcat-8/v8.5.99/bin/apache-tomcat-8.5.99-deployer.tar.gz   
(with props)
dev/tomcat/tomcat-8/v8.5.99/bin/apache-tomcat-8.5.99-deployer.tar.gz.asc
dev/tomcat/tomcat-8/v8.5.99/bin/apache-tomcat-8.5.99-deployer.tar.gz.sha512
dev/tomcat/tomcat-8/v8.5.99/bin/apache-tomcat-8.5.99-deployer.zip   (with 
props)
dev/tomcat/tomcat-8/v8.5.99/bin/apache-tomcat-8.5.99-deployer.zip.asc
dev/tomcat/tomcat-8/v8.5.99/bin/apache-tomcat-8.5.99-deployer.zip.sha512
dev/tomcat/tomcat-8/v8.5.99/bin/apache-tomcat-8.5.99-fulldocs.tar.gz   
(with props)
dev/tomcat/tomcat-8/v8.5.99/bin/apache-tomcat-8.5.99-fulldocs.tar.gz.asc
dev/tomcat/tomcat-8/v8.5.99/bin/apache-tomcat-8.5.99-fulldocs.tar.gz.sha512
dev/tomcat/tomcat-8/v8.5.99/bin/apache-tomcat-8.5.99-windows-x64.zip   
(with props)
dev/tomcat/tomcat-8/v8.5.99/bin/apache-tomcat-8.5.99-windows-x64.zip.asc
dev/tomcat/tomcat-8/v8.5.99/bin/apache-tomcat-8.5.99-windows-x64.zip.sha512
dev/tomcat/tomcat-8/v8.5.99/bin/apache-tomcat-8.5.99-windows-x86.zip   
(with props)
dev/tomcat/tomcat-8/v8.5.99/bin/apache-tomcat-8.5.99-windows-x86.zip.asc
dev/tomcat/tomcat-8/v8.5.99/bin/apache-tomcat-8.5.99-windows-x86.zip.sha512
dev/tomcat/tomcat-8/v8.5.99/bin/apache-tomcat-8.5.99.exe   (with props)
dev/tomcat/tomcat-8/v8.5.99/bin/apache-tomcat-8.5.99.exe.asc
dev/tomcat/tomcat-8/v8.5.99/bin/apache-tomcat-8.5.99.exe.sha512
dev/tomcat/tomcat-8/v8.5.99/bin/apache-tomcat-8.5.99.tar.gz   (with props)
dev/tomcat/tomcat-8/v8.5.99/bin/apache-tomcat-8.5.99.tar.gz.asc
dev/tomcat/tomcat-8/v8.5.99/bin/apache-tomcat-8.5.99.tar.gz.sha512
dev/tomcat/tomcat-8/v8.5.99/bin/apache-tomcat-8.5.99.zip   (with props)
dev/tomcat/tomcat-8/v8.5.99/bin/apache-tomcat-8.5.99.zip.asc
dev/tomcat/tomcat-8/v8.5.99/bin/apache-tomcat-8.5.99.zip.sha512
dev/tomcat/tomcat-8/v8.5.99/bin/embed/
dev/tomcat/tomcat-8/v8.5.99/bin/embed/apache-tomcat-8.5.99-embed.tar.gz   
(with props)
dev/tomcat/tomcat-8/v8.5.99/bin/embed/apache-tomcat-8.5.99-embed.tar.gz.asc

dev/tomcat/tomcat-8/v8.5.99/bin/embed/apache-tomcat-8.5.99-embed.tar.gz.sha512
dev/tomcat/tomcat-8/v8.5.99/bin/embed/apache-tomcat-8.5.99-embed.zip   
(with props)
dev/tomcat/tomcat-8/v8.5.99/bin/embed/apache-tomcat-8.5.99-embed.zip.asc
dev/tomcat/tomcat-8/v8.5.99/bin/embed/apache-tomcat-8.5.99-embed.zip.sha512
dev/tomcat/tomcat-8/v8.5.99/bin/extras/
dev/tomcat/tomcat-8/v8.5.99/bin/extras/catalina-ws.jar   (with props)
dev/tomcat/tomcat-8/v8.5.99/bin/extras/catalina-ws.jar.asc
dev/tomcat/tomcat-8/v8.5.99/bin/extras/catalina-ws.jar.sha512
dev/tomcat/tomcat-8/v8.5.99/src/
dev/tomcat/tomcat-8/v8.5.99/src/apache-tomcat-8.5.99-src.tar.gz   (with 
props)
dev/tomcat/tomcat-8/v8.5.99/src/apache-tomcat-8.5.99-src.tar.gz.asc
dev/tomcat/tomcat-8/v8.5.99/src/apache-tomcat-8.5.99-src.tar.gz.sha512
dev/tomcat/tomcat-8/v8.5.99/src/apache-tomcat-8.5.99-src.zip   (with props)
dev/tomcat/tomcat-8/v8.5.99/src/apache-tomcat-8.5.99-src.zip.asc
dev/tomcat/tomcat-8/v8.5.99/src/apache-tomcat-8.5.99-src.zip.sha512

Added: dev/tomcat/tomcat-8/v8.5.99/KEYS
==
--- dev/tomcat/tomcat-8/v8.5.99/KEYS (added)
+++ dev/tomcat/tomcat-8/v8.5.99/KEYS Wed Feb 14 23:00:14 2024
@@ -0,0 +1,785 @@
+This file contains the PGP keys of various Apache developers.
+Please don't use them for email unless you have to. Their main
+purpose is code signing.
+
+Apache users: pgp < KEYS
+Apache developers:
+(pgpk -ll  && pgpk -xa ) >> this file.
+  or
+(gpg --fingerprint --list-sigs 
+ && gpg --armor --export ) >> this file.
+
+Apache developers: please ensure that your key is also available via the
+PGP keyservers (such as pgpkeys.mit.edu).
+
+
+Type Bits/KeyIDDate   User ID
+pub  2048/F22C4FED 2001/07/02 Andy Armstrong 
+
+-BEGIN PGP PUBLIC KEY BLOCK-
+Version: PGPfreeware 7.0.3 for non-commercial use 
+
+mQGiBDtAWuURBADZ0KUEyUkSUiTA09e7tvEbX25STsjxrR+DNTainCls+XlkVOij
+gBv216lqge9tIsS0L6hCP4OQbFf/64qVtJssX4QXdyiZGb5wpmcj0Mz602Ew8r+N
+I0S5NvmogoYWW7BlP4r61jNxO5zrr03KaijM5r4ipJdLUxyOmM6P2jRPUwCg/5gm
+bpqiYl7pXX5FgDeB36tmD+UD/06iLqOnoiKO0vMbOk7URclhCObMNrHqxTxozMTS
+B9soYURbIeArei+plYo2n+1qB12ayybjhVu3uksXRdT9bEkyxMfslvLbIpDAG8Cz
+gNftTbKx/MVS7cQU0II8BKo2Akr+1FZah+sD4ovK8SfkMXUQUbTeefTntsAQKyyU
+9M9tA/9on9tBiHFl0qVJht6N4GiJ2G689v7rS2giLgKjetjiCduxBXEgvUSuyQID
+nF9ATrpXjITwsRlGKFmpZiFm5oCeCXihIVH0u6q066xNW2AXkLVoJ1l1Rs2Z0lsb

svn commit: r1915761 [1/11] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/

[markt]

Author: markt
Date: Tue Feb 13 08:33:54 2024
New Revision: 1915761

URL: http://svn.apache.org/viewvc?rev=1915761=rev
Log:
Add Tomcat Native 1.3 to navigation menu

Modified:
tomcat/site/trunk/docs/bugreport.html
tomcat/site/trunk/docs/ci.html
tomcat/site/trunk/docs/conference.html
tomcat/site/trunk/docs/contact.html
tomcat/site/trunk/docs/download-10.html
tomcat/site/trunk/docs/download-11.html
tomcat/site/trunk/docs/download-80.html
tomcat/site/trunk/docs/download-90.html
tomcat/site/trunk/docs/download-connectors.html
tomcat/site/trunk/docs/download-migration.html
tomcat/site/trunk/docs/download-native.html
tomcat/site/trunk/docs/download-taglibs.html
tomcat/site/trunk/docs/findhelp.html
tomcat/site/trunk/docs/getinvolved.html
tomcat/site/trunk/docs/heritage.html
tomcat/site/trunk/docs/index.html
tomcat/site/trunk/docs/irc.html
tomcat/site/trunk/docs/legal.html
tomcat/site/trunk/docs/lists.html
tomcat/site/trunk/docs/maven-plugin.html
tomcat/site/trunk/docs/migration-10.1.html
tomcat/site/trunk/docs/migration-10.html
tomcat/site/trunk/docs/migration-11.0.html
tomcat/site/trunk/docs/migration-6.html
tomcat/site/trunk/docs/migration-7.html
tomcat/site/trunk/docs/migration-8.html
tomcat/site/trunk/docs/migration-85.html
tomcat/site/trunk/docs/migration-9.html
tomcat/site/trunk/docs/migration.html
tomcat/site/trunk/docs/oldnews-2010.html
tomcat/site/trunk/docs/oldnews-2011.html
tomcat/site/trunk/docs/oldnews-2012.html
tomcat/site/trunk/docs/oldnews-2013.html
tomcat/site/trunk/docs/oldnews-2014.html
tomcat/site/trunk/docs/oldnews-2015.html
tomcat/site/trunk/docs/oldnews-2016.html
tomcat/site/trunk/docs/oldnews-2017.html
tomcat/site/trunk/docs/oldnews-2018.html
tomcat/site/trunk/docs/oldnews-2019.html
tomcat/site/trunk/docs/oldnews-2020.html
tomcat/site/trunk/docs/oldnews-2021.html
tomcat/site/trunk/docs/oldnews-2022.html
tomcat/site/trunk/docs/oldnews.html
tomcat/site/trunk/docs/presentations.html
tomcat/site/trunk/docs/resources.html
tomcat/site/trunk/docs/security-10.html
tomcat/site/trunk/docs/security-11.html
tomcat/site/trunk/docs/security-3.html
tomcat/site/trunk/docs/security-4.html
tomcat/site/trunk/docs/security-5.html
tomcat/site/trunk/docs/security-6.html
tomcat/site/trunk/docs/security-7.html
tomcat/site/trunk/docs/security-8.html
tomcat/site/trunk/docs/security-9.html
tomcat/site/trunk/docs/security-impact.html
tomcat/site/trunk/docs/security-jk.html
tomcat/site/trunk/docs/security-native.html
tomcat/site/trunk/docs/security-taglibs.html
tomcat/site/trunk/docs/security.html
tomcat/site/trunk/docs/source.html
tomcat/site/trunk/docs/taglibs.html
tomcat/site/trunk/docs/tomcat-10.0-eol.html
tomcat/site/trunk/docs/tomcat-55-eol.html
tomcat/site/trunk/docs/tomcat-60-eol.html
tomcat/site/trunk/docs/tomcat-70-eol.html
tomcat/site/trunk/docs/tomcat-80-eol.html
tomcat/site/trunk/docs/tomcat-85-eol.html
tomcat/site/trunk/docs/tools.html
tomcat/site/trunk/docs/upgrading.html
tomcat/site/trunk/docs/whichversion.html
tomcat/site/trunk/docs/whoweare.html
tomcat/site/trunk/xdocs/stylesheets/project.xml

Modified: tomcat/site/trunk/docs/bugreport.html
URL: 
http://svn.apache.org/viewvc/tomcat/site/trunk/docs/bugreport.html?rev=1915761=1915760=1915761=diff
==
--- tomcat/site/trunk/docs/bugreport.html (original)
+++ tomcat/site/trunk/docs/bugreport.html Tue Feb 13 08:33:54 2024
@@ -1,5 +1,5 @@
 
-Apache Tomcat - Reporting Bugshttps://www.apachecon.com/event-images/snippet.js";>http://tomcat.apache.org/;>Apache 
Tomcathttps://www.apache.org/foundation/contributing.html; target="_blank" 
class="pull-left">https://www.apache.org/images/SupportApache-small.png
 " class="support-asf" alt="Support Apache">http://www.apache.org/; target="_blank" class="pull-left">https://www.google.com/search; method="get">GOApache TomcatHomeTaglibsMaven 
PluginDownloadWhich version?https://tomcat.apache.org/download-11.c
 gi">Tomcat 11 (alpha)https://tomcat.apache.org/download-10.cgi;>Tomcat 10https://tomcat.apache.org/download-90.cgi;>Tomcat 9https://tomcat.apache.org/download-80.cgi;>Tomcat 8https://tomcat.apache.org/download-migration.cgi;>Tomcat Migration Tool 
for Jakarta EEhttps://tomcat.apache.org/download-connectors.cgi;>Tomcat 
Connectorshttps://tomcat.apache.org/download-native.cgi;>Tomcat 
Nativehttps://tomcat.apache.org/download-taglibs.cgi;>Taglibshttps://archive.apache.org/dist/tomcat/;>ArchivesDocumentationTomcat 11.0 (alpha)Tomcat 10.1Tomcat 9.0Tomcat 8.5UpgradingTomcat 
ConnectorsTomcat Native 2Tomcat Native 1.2https://cwiki.apache.org/confluence/display/TOMCAT;>WikiMigration 

(tomcat-tck) 01/01: Merge pull request #1 from apache/pr/fix-readme-header

[markt]

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat-tck.git

commit 629457a0ba6bde75390c94f8afa16881c0a98eab
Merge: 59f20d2 30862b7
Author: Mark Thomas 
AuthorDate: Tue Jan 16 17:04:11 2024 +

Merge pull request #1 from apache/pr/fix-readme-header

Update README.md

 README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

svn commit: r66436 [1/2] - in /dev/tomcat/tomcat-8/v8.5.98: ./ bin/ bin/embed/ bin/extras/ src/

[schultz]

Author: schultz
Date: Fri Jan  5 16:16:59 2024
New Revision: 66436

Log:
Upload x8.5.98 for voting

Added:
dev/tomcat/tomcat-8/v8.5.98/
dev/tomcat/tomcat-8/v8.5.98/KEYS
dev/tomcat/tomcat-8/v8.5.98/README.html
dev/tomcat/tomcat-8/v8.5.98/RELEASE-NOTES
dev/tomcat/tomcat-8/v8.5.98/bin/
dev/tomcat/tomcat-8/v8.5.98/bin/README.html
dev/tomcat/tomcat-8/v8.5.98/bin/apache-tomcat-8.5.98-deployer.tar.gz   
(with props)
dev/tomcat/tomcat-8/v8.5.98/bin/apache-tomcat-8.5.98-deployer.tar.gz.asc
dev/tomcat/tomcat-8/v8.5.98/bin/apache-tomcat-8.5.98-deployer.tar.gz.sha512
dev/tomcat/tomcat-8/v8.5.98/bin/apache-tomcat-8.5.98-deployer.zip   (with 
props)
dev/tomcat/tomcat-8/v8.5.98/bin/apache-tomcat-8.5.98-deployer.zip.asc
dev/tomcat/tomcat-8/v8.5.98/bin/apache-tomcat-8.5.98-deployer.zip.sha512
dev/tomcat/tomcat-8/v8.5.98/bin/apache-tomcat-8.5.98-fulldocs.tar.gz   
(with props)
dev/tomcat/tomcat-8/v8.5.98/bin/apache-tomcat-8.5.98-fulldocs.tar.gz.asc
dev/tomcat/tomcat-8/v8.5.98/bin/apache-tomcat-8.5.98-fulldocs.tar.gz.sha512
dev/tomcat/tomcat-8/v8.5.98/bin/apache-tomcat-8.5.98-windows-x64.zip   
(with props)
dev/tomcat/tomcat-8/v8.5.98/bin/apache-tomcat-8.5.98-windows-x64.zip.asc
dev/tomcat/tomcat-8/v8.5.98/bin/apache-tomcat-8.5.98-windows-x64.zip.sha512
dev/tomcat/tomcat-8/v8.5.98/bin/apache-tomcat-8.5.98-windows-x86.zip   
(with props)
dev/tomcat/tomcat-8/v8.5.98/bin/apache-tomcat-8.5.98-windows-x86.zip.asc
dev/tomcat/tomcat-8/v8.5.98/bin/apache-tomcat-8.5.98-windows-x86.zip.sha512
dev/tomcat/tomcat-8/v8.5.98/bin/apache-tomcat-8.5.98.exe   (with props)
dev/tomcat/tomcat-8/v8.5.98/bin/apache-tomcat-8.5.98.exe.asc
dev/tomcat/tomcat-8/v8.5.98/bin/apache-tomcat-8.5.98.exe.sha512
dev/tomcat/tomcat-8/v8.5.98/bin/apache-tomcat-8.5.98.tar.gz   (with props)
dev/tomcat/tomcat-8/v8.5.98/bin/apache-tomcat-8.5.98.tar.gz.asc
dev/tomcat/tomcat-8/v8.5.98/bin/apache-tomcat-8.5.98.tar.gz.sha512
dev/tomcat/tomcat-8/v8.5.98/bin/apache-tomcat-8.5.98.zip   (with props)
dev/tomcat/tomcat-8/v8.5.98/bin/apache-tomcat-8.5.98.zip.asc
dev/tomcat/tomcat-8/v8.5.98/bin/apache-tomcat-8.5.98.zip.sha512
dev/tomcat/tomcat-8/v8.5.98/bin/embed/
dev/tomcat/tomcat-8/v8.5.98/bin/embed/apache-tomcat-8.5.98-embed.tar.gz   
(with props)
dev/tomcat/tomcat-8/v8.5.98/bin/embed/apache-tomcat-8.5.98-embed.tar.gz.asc

dev/tomcat/tomcat-8/v8.5.98/bin/embed/apache-tomcat-8.5.98-embed.tar.gz.sha512
dev/tomcat/tomcat-8/v8.5.98/bin/embed/apache-tomcat-8.5.98-embed.zip   
(with props)
dev/tomcat/tomcat-8/v8.5.98/bin/embed/apache-tomcat-8.5.98-embed.zip.asc
dev/tomcat/tomcat-8/v8.5.98/bin/embed/apache-tomcat-8.5.98-embed.zip.sha512
dev/tomcat/tomcat-8/v8.5.98/bin/extras/
dev/tomcat/tomcat-8/v8.5.98/bin/extras/catalina-ws.jar   (with props)
dev/tomcat/tomcat-8/v8.5.98/bin/extras/catalina-ws.jar.asc
dev/tomcat/tomcat-8/v8.5.98/bin/extras/catalina-ws.jar.sha512
dev/tomcat/tomcat-8/v8.5.98/src/
dev/tomcat/tomcat-8/v8.5.98/src/apache-tomcat-8.5.98-src.tar.gz   (with 
props)
dev/tomcat/tomcat-8/v8.5.98/src/apache-tomcat-8.5.98-src.tar.gz.asc
dev/tomcat/tomcat-8/v8.5.98/src/apache-tomcat-8.5.98-src.tar.gz.sha512
dev/tomcat/tomcat-8/v8.5.98/src/apache-tomcat-8.5.98-src.zip   (with props)
dev/tomcat/tomcat-8/v8.5.98/src/apache-tomcat-8.5.98-src.zip.asc
dev/tomcat/tomcat-8/v8.5.98/src/apache-tomcat-8.5.98-src.zip.sha512

Added: dev/tomcat/tomcat-8/v8.5.98/KEYS
==
--- dev/tomcat/tomcat-8/v8.5.98/KEYS (added)
+++ dev/tomcat/tomcat-8/v8.5.98/KEYS Fri Jan  5 16:16:59 2024
@@ -0,0 +1,785 @@
+This file contains the PGP keys of various Apache developers.
+Please don't use them for email unless you have to. Their main
+purpose is code signing.
+
+Apache users: pgp < KEYS
+Apache developers:
+(pgpk -ll  && pgpk -xa ) >> this file.
+  or
+(gpg --fingerprint --list-sigs 
+ && gpg --armor --export ) >> this file.
+
+Apache developers: please ensure that your key is also available via the
+PGP keyservers (such as pgpkeys.mit.edu).
+
+
+Type Bits/KeyIDDate   User ID
+pub  2048/F22C4FED 2001/07/02 Andy Armstrong 
+
+-BEGIN PGP PUBLIC KEY BLOCK-
+Version: PGPfreeware 7.0.3 for non-commercial use 
+
+mQGiBDtAWuURBADZ0KUEyUkSUiTA09e7tvEbX25STsjxrR+DNTainCls+XlkVOij
+gBv216lqge9tIsS0L6hCP4OQbFf/64qVtJssX4QXdyiZGb5wpmcj0Mz602Ew8r+N
+I0S5NvmogoYWW7BlP4r61jNxO5zrr03KaijM5r4ipJdLUxyOmM6P2jRPUwCg/5gm
+bpqiYl7pXX5FgDeB36tmD+UD/06iLqOnoiKO0vMbOk7URclhCObMNrHqxTxozMTS
+B9soYURbIeArei+plYo2n+1qB12ayybjhVu3uksXRdT9bEkyxMfslvLbIpDAG8Cz
+gNftTbKx/MVS7cQU0II8BKo2Akr+1FZah+sD4ovK8SfkMXUQUbTeefTntsAQKyyU
+9M9tA/9on9tBiHFl0qVJht6N4GiJ2G689v7rS2giLgKjetjiCduxBXEgvUSuyQID
+nF9ATrpXjITwsRlGKFmpZiFm5oCeCXihIVH0u6q066xNW2AXkLVoJ1l1Rs2Z0lsb

[Bug 67675] Tomcat and/or Java do not read encrypted private keys with DES-EDE3-CBC generated by openssl-req(1)

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=67675

--- Comment #31 from Valentin Tyanov  ---
Hey, is there a scheduled date for the January release?

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

svn commit: r1914965 [1/3] - in /tomcat/site/trunk: docs/ xdocs/

[markt]

Author: markt
Date: Thu Dec 28 11:15:41 2023
New Revision: 1914965

URL: http://svn.apache.org/viewvc?rev=1914965=rev
Log:
Add some more ® symbols to pages that don't have them for the first reference 
in the text

Modified:
tomcat/site/trunk/docs/bugreport.html
tomcat/site/trunk/docs/ci.html
tomcat/site/trunk/docs/conference.html
tomcat/site/trunk/docs/contact.html
tomcat/site/trunk/docs/findhelp.html
tomcat/site/trunk/docs/getinvolved.html
tomcat/site/trunk/docs/heritage.html
tomcat/site/trunk/docs/irc.html
tomcat/site/trunk/docs/lists.html
tomcat/site/trunk/docs/maven-plugin.html
tomcat/site/trunk/docs/migration-10.1.html
tomcat/site/trunk/docs/migration-10.html
tomcat/site/trunk/docs/migration-11.0.html
tomcat/site/trunk/docs/migration-6.html
tomcat/site/trunk/docs/migration-7.html
tomcat/site/trunk/docs/migration-8.html
tomcat/site/trunk/docs/migration-85.html
tomcat/site/trunk/docs/migration-9.html
tomcat/site/trunk/docs/migration.html
tomcat/site/trunk/docs/presentations.html
tomcat/site/trunk/docs/resources.html
tomcat/site/trunk/docs/security-10.html
tomcat/site/trunk/docs/security-11.html
tomcat/site/trunk/docs/security-3.html
tomcat/site/trunk/docs/security-4.html
tomcat/site/trunk/docs/security-5.html
tomcat/site/trunk/docs/security-6.html
tomcat/site/trunk/docs/security-7.html
tomcat/site/trunk/docs/security-8.html
tomcat/site/trunk/docs/security-9.html
tomcat/site/trunk/docs/security-impact.html
tomcat/site/trunk/docs/security-jk.html
tomcat/site/trunk/docs/security-native.html
tomcat/site/trunk/docs/security-taglibs.html
tomcat/site/trunk/docs/security.html
tomcat/site/trunk/docs/source.html
tomcat/site/trunk/docs/tomcat-10.0-eol.html
tomcat/site/trunk/docs/tomcat-55-eol.html
tomcat/site/trunk/docs/tomcat-60-eol.html
tomcat/site/trunk/docs/tomcat-70-eol.html
tomcat/site/trunk/docs/tomcat-80-eol.html
tomcat/site/trunk/docs/tomcat-85-eol.html
tomcat/site/trunk/docs/tools.html
tomcat/site/trunk/docs/upgrading.html
tomcat/site/trunk/docs/whoweare.html
tomcat/site/trunk/xdocs/bugreport.xml
tomcat/site/trunk/xdocs/ci.xml
tomcat/site/trunk/xdocs/conference.xml
tomcat/site/trunk/xdocs/contact.xml
tomcat/site/trunk/xdocs/findhelp.xml
tomcat/site/trunk/xdocs/getinvolved.xml
tomcat/site/trunk/xdocs/heritage.xml
tomcat/site/trunk/xdocs/irc.xml
tomcat/site/trunk/xdocs/lists.xml
tomcat/site/trunk/xdocs/maven-plugin.xml
tomcat/site/trunk/xdocs/migration-10.1.xml
tomcat/site/trunk/xdocs/migration-10.xml
tomcat/site/trunk/xdocs/migration-11.0.xml
tomcat/site/trunk/xdocs/migration-6.xml
tomcat/site/trunk/xdocs/migration-7.xml
tomcat/site/trunk/xdocs/migration-8.xml
tomcat/site/trunk/xdocs/migration-85.xml
tomcat/site/trunk/xdocs/migration-9.xml
tomcat/site/trunk/xdocs/migration.xml
tomcat/site/trunk/xdocs/presentations.xml
tomcat/site/trunk/xdocs/resources.xml
tomcat/site/trunk/xdocs/security-10.xml
tomcat/site/trunk/xdocs/security-11.xml
tomcat/site/trunk/xdocs/security-3.xml
tomcat/site/trunk/xdocs/security-4.xml
tomcat/site/trunk/xdocs/security-5.xml
tomcat/site/trunk/xdocs/security-6.xml
tomcat/site/trunk/xdocs/security-7.xml
tomcat/site/trunk/xdocs/security-8.xml
tomcat/site/trunk/xdocs/security-9.xml
tomcat/site/trunk/xdocs/security-impact.xml
tomcat/site/trunk/xdocs/security-jk.xml
tomcat/site/trunk/xdocs/security-native.xml
tomcat/site/trunk/xdocs/security-taglibs.xml
tomcat/site/trunk/xdocs/security.xml
tomcat/site/trunk/xdocs/source.xml
tomcat/site/trunk/xdocs/tomcat-10.0-eol.xml
tomcat/site/trunk/xdocs/tomcat-55-eol.xml
tomcat/site/trunk/xdocs/tomcat-60-eol.xml
tomcat/site/trunk/xdocs/tomcat-70-eol.xml
tomcat/site/trunk/xdocs/tomcat-80-eol.xml
tomcat/site/trunk/xdocs/tomcat-85-eol.xml
tomcat/site/trunk/xdocs/tools.xml
tomcat/site/trunk/xdocs/upgrading.xml
tomcat/site/trunk/xdocs/whoweare.xml

Modified: tomcat/site/trunk/docs/bugreport.html
URL: 
http://svn.apache.org/viewvc/tomcat/site/trunk/docs/bugreport.html?rev=1914965=1914964=1914965=diff
==
--- tomcat/site/trunk/docs/bugreport.html (original)
+++ tomcat/site/trunk/docs/bugreport.html Thu Dec 28 11:15:41 2023
@@ -2,7 +2,7 @@
 Apache Tomcat - Reporting Bugshttps://www.apachecon.com/event-images/snippet.js";>http://tomcat.apache.org/;>Apache 
Tomcathttps://www.apache.org/foundation/contributing.html; target="_blank" 
class="pull-left">https://www.apache.org/images/SupportApache-small.png
 " class="support-asf" alt="Support Apache">http://www.apache.org/; target="_blank" class="pull-left">https://www.google.com/search; method="get">GOApache TomcatHomeTaglibsMaven 
PluginDownloadWhich 

[Bug 67675] Tomcat and/or Java do not read encrypted private keys with DES-EDE3-CBC generated by openssl-req(1)

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=67675

--- Comment #30 from Christopher Schultz  ---
(In reply to Michael Osipov from comment #28)
> (In reply to Christopher Schultz from comment #27)
> > The issue is not whether or not anyone is still using OpenSSL 1.0.2 today,
> > but whether or not anyone still have keys and certs when when they /were/
> > using it in the past.
> 
> That would also mean that they are years old and still valid...

Sure, but there is nothing wrong with that.

What if a CA used OpenSSL 1.0.2 in 2019 (the year of the last release in that
line) to mint their most-recent intermediate certificate(s)? Intermediate
certificates are typically valid for 10 years or so.

On the other hand, I think this is only a problem for keys and not
certificates, and it's very unlikely that Tomcat would be used to handle CA key
material. Those keys ought to be in HSMs and only used for signing, not for
typical web traffic.

Since it's already fixed (thanks, Mark!) this is an academic conversation, but
I do still think that supporting these types of files is reasonable.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 67675] Tomcat and/or Java do not read encrypted private keys with DES-EDE3-CBC generated by openssl-req(1)

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=67675

Mark Thomas  changed:

   What|Removed |Added

 Resolution|--- |FIXED
 Status|REOPENED|RESOLVED

--- Comment #29 from Mark Thomas  ---
If the keys were long to start with, it isn't impossible that they would still
be in use.

Regression fixed in:
- 11.0.x for 11.0.0-M16 onwards
- 10.1.x for 10.1.18 onwards
-  9.0.x for  9.0.85 onwards
-  8.5.x for  8.5.98 onwards

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 67675] Tomcat and/or Java do not read encrypted private keys with DES-EDE3-CBC generated by openssl-req(1)

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=67675

--- Comment #28 from Michael Osipov  ---
(In reply to Christopher Schultz from comment #27)
> (In reply to Mark Thomas from comment #23)
> > While 1.0.2 has been EOL for a while it would not surprise me at all to find
> > lots of 1.0.2 generated keys and certs still in use.
> 
> +1
> 
> The issue is not whether or not anyone is still using OpenSSL 1.0.2 today,
> but whether or not anyone still have keys and certs when when they /were/
> using it in the past.

That would also mean that they are years old and still valid...

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 67675] Tomcat and/or Java do not read encrypted private keys with DES-EDE3-CBC generated by openssl-req(1)

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=67675

--- Comment #27 from Christopher Schultz  ---
(In reply to Mark Thomas from comment #23)
> While 1.0.2 has been EOL for a while it would not surprise me at all to find
> lots of 1.0.2 generated keys and certs still in use.

+1

The issue is not whether or not anyone is still using OpenSSL 1.0.2 today, but
whether or not anyone still have keys and certs when when they /were/ using it
in the past.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 67675] Tomcat and/or Java do not read encrypted private keys with DES-EDE3-CBC generated by openssl-req(1)

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=67675

--- Comment #26 from Mark Thomas  ---
Yes, this should be fixed for the next release round which is currently
scheduled for January.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 67675] Tomcat and/or Java do not read encrypted private keys with DES-EDE3-CBC generated by openssl-req(1)

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=67675

--- Comment #25 from Garo  ---
That was fast! Does this mean that it will be fixed in an upcoming release? By
the way, thank you for being so responsive and reproducing this so quickly. (In
reply to Mark Thomas from comment #24)
> Confirmed. It is a regression. OpenSSL 1.0.2 doesn't specify the PRF so the
> default should apply.

That was fast! Does this mean that it will be fixed in an upcoming release? By
the way, thank you for being so responsive and reproducing this so quickly.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 67675] Tomcat and/or Java do not read encrypted private keys with DES-EDE3-CBC generated by openssl-req(1)

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=67675

--- Comment #24 from Mark Thomas  ---
Confirmed. It is a regression. OpenSSL 1.0.2 doesn't specify the PRF so the
default should apply.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 67675] Tomcat and/or Java do not read encrypted private keys with DES-EDE3-CBC generated by openssl-req(1)

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=67675

--- Comment #23 from Mark Thomas  ---
Tomcat ships OpenSSL binaries are part of the Tomcat Native distribution. I
need to go back a bit but we have 1.0.2 binaries.

For now, this looks like a regression so I'm happy handling it here.

While 1.0.2 has been EOL for a while it would not surprise me at all to find
lots of 1.0.2 generated keys and certs still in use.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 67675] Tomcat and/or Java do not read encrypted private keys with DES-EDE3-CBC generated by openssl-req(1)

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=67675

--- Comment #22 from ggar  ---
(In reply to Mark Thomas from comment #21)
> The algorithm is being read as the pseudo random function and failing.
> 
> I need to see if I can find (or build) an OpenSSL 1.0.2 binary.

Mark, there are several links to precompiled ones on the OpenSSL wiki
(https://wiki.openssl.org/index.php/Binaries). I was able to reproduce the
issue with the ones at https://indy.fulgan.com/SSL/. Not sure if you can use
those. I saw that you reopened this bug, should I create a new one as Michael
suggested or there's no need?

And I agree with what Michael said - 1.0.2 is very old and maybe not worth
supporting. We already started moving towards something newer but since we
might have people out there with the "broken" certs we wanted to make sure this
change was here to stay.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 67675] Tomcat and/or Java do not read encrypted private keys with DES-EDE3-CBC generated by openssl-req(1)

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=67675

--- Comment #21 from Mark Thomas  ---
The algorithm is being read as the pseudo random function and failing.

I need to see if I can find (or build) an OpenSSL 1.0.2 binary.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 67675] Tomcat and/or Java do not read encrypted private keys with DES-EDE3-CBC generated by openssl-req(1)

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=67675

Mark Thomas  changed:

   What|Removed |Added

 Resolution|FIXED   |---
 Status|RESOLVED|REOPENED

--- Comment #20 from Mark Thomas  ---
If I have decoded it correctly, the OID is 1.2.840.113549.3.7

http://oid-info.com/get/1.2.840.113549.3.7

I need to look into why Tomcat isn't able to handle this.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 67675] Tomcat and/or Java do not read encrypted private keys with DES-EDE3-CBC generated by openssl-req(1)

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=67675

--- Comment #19 from Michael Osipov  ---
(In reply to ggar from comment #18)
> Is it expected for PEM cert/key created with OpenSSL 1.0.2zh (or any 1.0.2)
> to stop working after this change? It seems to work fine with items
> generated through OpenSSL 1.1.1. Here's an example of the command we use:
> openssl req -new -sha256 -x509 -out servercert.pem -keyout serverkey.pem
> -subj /"/CN=localhost" -days 90 -passout pass:test
> 
> 
> I'm seeing the following error after upgrading to 9.0.83:
> 13-Dec-2023 02:04:34.337 SEVERE [main]
> org.apache.catalina.util.LifecycleBase.handleSubClassException Failed to
> initialize component [Connector["https-openssl-apr-443"]]
>   org.apache.catalina.LifecycleException: Protocol handler initialization
> failed
>   at
> org.apache.catalina.connector.Connector.initInternal(Connector.java:1011)
>   at 
> org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:127)
>   at
> org.apache.catalina.core.StandardService.initInternal(StandardService.java:
> 554)
>   at 
> org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:127)
>   at
> org.apache.catalina.core.StandardServer.initInternal(StandardServer.java:
> 1039)
>   at 
> org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:127)
>   at org.apache.catalina.startup.Catalina.load(Catalina.java:724)
>   at org.apache.catalina.startup.Catalina.load(Catalina.java:746)
>   at 
> java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native
> Method)
>   at 
> java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(Unknown
> Source)
>   at
> java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(Unknown
> Source)
>   at java.base/java.lang.reflect.Method.invoke(Unknown Source)
>   at 
> org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:307)
>   at 
> org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:477)
>   Caused by: java.lang.IllegalArgumentException: The pseudo random 
> function
> with DER encoded OID of [2a864886f70d0307] was not recognised
>   at
> org.apache.tomcat.util.net.AprEndpoint.createSSLContext(AprEndpoint.java:467)
>   at 
> org.apache.tomcat.util.net.AprEndpoint.bind(AprEndpoint.java:433)
>   at
> org.apache.tomcat.util.net.AbstractEndpoint.bindWithCleanup(AbstractEndpoint.
> java:1332)
>   at
> org.apache.tomcat.util.net.AbstractEndpoint.init(AbstractEndpoint.java:1345)
>   at 
> org.apache.coyote.AbstractProtocol.init(AbstractProtocol.java:654)
>   at
> org.apache.coyote.http11.AbstractHttp11Protocol.init(AbstractHttp11Protocol.
> java:75)
>   at
> org.apache.catalina.connector.Connector.initInternal(Connector.java:1009)
>   ... 13 more
>   Caused by: java.security.NoSuchAlgorithmException: The pseudo random
> function with DER encoded OID of [2a864886f70d0307] was not recognised
>   at
> org.apache.tomcat.util.net.jsse.PEMFile$Part.toPrivateKey(PEMFile.java:411)
>   at 
> org.apache.tomcat.util.net.jsse.PEMFile.(PEMFile.java:213)
>   at 
> org.apache.tomcat.util.net.jsse.PEMFile.(PEMFile.java:141)
>   at
> org.apache.tomcat.util.net.SSLUtilBase.getKeyManagers(SSLUtilBase.java:355)
>   at
> org.apache.tomcat.util.net.openssl.OpenSSLUtil.getKeyManagers(OpenSSLUtil.
> java:108)
>   at
> org.apache.tomcat.util.net.SSLUtilBase.createSSLContext(SSLUtilBase.java:268)
>   at
> org.apache.tomcat.util.net.AprEndpoint.createSSLContext(AprEndpoint.java:465)
>   ... 19 more
> 13-Dec-2023 02:04:34.352 INFO [main]
> org.apache.catalina.startup.Catalina.load Server initialization in [2478]
> milliseconds
> 
> The thrown error seems to have been added with this fix and that's why I'm
> writing here. That's my first post so I'm sorry if I should be opening a new
> report instead (couldn't find anything specific in the guidelines).

Likely a regression, but I wonder whether we should care about keys from
OpenSSL 1.0.2 at all. It has been dead for a long time now. For the sake of
completeness, please file an new issue and upload the faulty material. One
needs to look at the ASN.1 dump compared to 1.1.1.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 67675] Tomcat and/or Java do not read encrypted private keys with DES-EDE3-CBC generated by openssl-req(1)

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=67675

--- Comment #18 from ggar  ---
Is it expected for PEM cert/key created with OpenSSL 1.0.2zh (or any 1.0.2) to
stop working after this change? It seems to work fine with items generated
through OpenSSL 1.1.1. Here's an example of the command we use:
openssl req -new -sha256 -x509 -out servercert.pem -keyout serverkey.pem -subj
/"/CN=localhost" -days 90 -passout pass:test


I'm seeing the following error after upgrading to 9.0.83:
13-Dec-2023 02:04:34.337 SEVERE [main]
org.apache.catalina.util.LifecycleBase.handleSubClassException Failed to
initialize component [Connector["https-openssl-apr-443"]]
org.apache.catalina.LifecycleException: Protocol handler initialization
failed
at
org.apache.catalina.connector.Connector.initInternal(Connector.java:1011)
at
org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:127)
at
org.apache.catalina.core.StandardService.initInternal(StandardService.java:554)
at
org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:127)
at
org.apache.catalina.core.StandardServer.initInternal(StandardServer.java:1039)
at
org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:127)
at org.apache.catalina.startup.Catalina.load(Catalina.java:724)
at org.apache.catalina.startup.Catalina.load(Catalina.java:746)
at
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at
java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(Unknown
Source)
at java.base/java.lang.reflect.Method.invoke(Unknown Source)
at
org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:307)
at
org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:477)
Caused by: java.lang.IllegalArgumentException: The pseudo random
function with DER encoded OID of [2a864886f70d0307] was not recognised
at
org.apache.tomcat.util.net.AprEndpoint.createSSLContext(AprEndpoint.java:467)
at
org.apache.tomcat.util.net.AprEndpoint.bind(AprEndpoint.java:433)
at
org.apache.tomcat.util.net.AbstractEndpoint.bindWithCleanup(AbstractEndpoint.java:1332)
at
org.apache.tomcat.util.net.AbstractEndpoint.init(AbstractEndpoint.java:1345)
at
org.apache.coyote.AbstractProtocol.init(AbstractProtocol.java:654)
at
org.apache.coyote.http11.AbstractHttp11Protocol.init(AbstractHttp11Protocol.java:75)
at
org.apache.catalina.connector.Connector.initInternal(Connector.java:1009)
... 13 more
Caused by: java.security.NoSuchAlgorithmException: The pseudo random
function with DER encoded OID of [2a864886f70d0307] was not recognised
at
org.apache.tomcat.util.net.jsse.PEMFile$Part.toPrivateKey(PEMFile.java:411)
at
org.apache.tomcat.util.net.jsse.PEMFile.(PEMFile.java:213)
at
org.apache.tomcat.util.net.jsse.PEMFile.(PEMFile.java:141)
at
org.apache.tomcat.util.net.SSLUtilBase.getKeyManagers(SSLUtilBase.java:355)
at
org.apache.tomcat.util.net.openssl.OpenSSLUtil.getKeyManagers(OpenSSLUtil.java:108)
at
org.apache.tomcat.util.net.SSLUtilBase.createSSLContext(SSLUtilBase.java:268)
at
org.apache.tomcat.util.net.AprEndpoint.createSSLContext(AprEndpoint.java:465)
... 19 more
13-Dec-2023 02:04:34.352 INFO [main] org.apache.catalina.startup.Catalina.load
Server initialization in [2478] milliseconds

The thrown error seems to have been added with this fix and that's why I'm
writing here. That's my first post so I'm sorry if I should be opening a new
report instead (couldn't find anything specific in the guidelines).

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

svn commit: r1914598 [1/8] - /tomcat/site/trunk/docs/

[markt]

Author: markt
Date: Tue Dec 12 15:28:09 2023
New Revision: 1914598

URL: http://svn.apache.org/viewvc?rev=1914598=rev
Log:
Force a re-build to pick up any missing changes

Modified:
tomcat/site/trunk/docs/bugreport.html
tomcat/site/trunk/docs/ci.html
tomcat/site/trunk/docs/conference.html
tomcat/site/trunk/docs/contact.html
tomcat/site/trunk/docs/download-90.html
tomcat/site/trunk/docs/download-connectors.html
tomcat/site/trunk/docs/download-migration.html
tomcat/site/trunk/docs/download-native.html
tomcat/site/trunk/docs/download-taglibs.html
tomcat/site/trunk/docs/findhelp.html
tomcat/site/trunk/docs/getinvolved.html
tomcat/site/trunk/docs/heritage.html
tomcat/site/trunk/docs/irc.html
tomcat/site/trunk/docs/legal.html
tomcat/site/trunk/docs/lists.html
tomcat/site/trunk/docs/maven-plugin.html
tomcat/site/trunk/docs/migration-10.html
tomcat/site/trunk/docs/migration-6.html
tomcat/site/trunk/docs/migration-7.html
tomcat/site/trunk/docs/migration-8.html
tomcat/site/trunk/docs/migration-9.html
tomcat/site/trunk/docs/migration.html
tomcat/site/trunk/docs/oldnews-2010.html
tomcat/site/trunk/docs/oldnews-2011.html
tomcat/site/trunk/docs/oldnews-2012.html
tomcat/site/trunk/docs/oldnews-2013.html
tomcat/site/trunk/docs/oldnews-2014.html
tomcat/site/trunk/docs/oldnews-2015.html
tomcat/site/trunk/docs/oldnews-2016.html
tomcat/site/trunk/docs/oldnews-2017.html
tomcat/site/trunk/docs/oldnews-2018.html
tomcat/site/trunk/docs/oldnews-2019.html
tomcat/site/trunk/docs/oldnews-2020.html
tomcat/site/trunk/docs/oldnews-2021.html
tomcat/site/trunk/docs/oldnews-2022.html
tomcat/site/trunk/docs/presentations.html
tomcat/site/trunk/docs/resources.html
tomcat/site/trunk/docs/security-3.html
tomcat/site/trunk/docs/security-4.html
tomcat/site/trunk/docs/security-5.html
tomcat/site/trunk/docs/security-6.html
tomcat/site/trunk/docs/security-7.html
tomcat/site/trunk/docs/security-impact.html
tomcat/site/trunk/docs/security-jk.html
tomcat/site/trunk/docs/security-native.html
tomcat/site/trunk/docs/security-taglibs.html
tomcat/site/trunk/docs/security.html
tomcat/site/trunk/docs/source.html
tomcat/site/trunk/docs/taglibs.html
tomcat/site/trunk/docs/tomcat-10.0-eol.html
tomcat/site/trunk/docs/tomcat-55-eol.html
tomcat/site/trunk/docs/tomcat-60-eol.html
tomcat/site/trunk/docs/tomcat-70-eol.html
tomcat/site/trunk/docs/tomcat-80-eol.html
tomcat/site/trunk/docs/tomcat-85-eol.html
tomcat/site/trunk/docs/tools.html
tomcat/site/trunk/docs/whichversion.html
tomcat/site/trunk/docs/whoweare.html

Modified: tomcat/site/trunk/docs/bugreport.html
URL: 
http://svn.apache.org/viewvc/tomcat/site/trunk/docs/bugreport.html?rev=1914598=1914597=1914598=diff
==
--- tomcat/site/trunk/docs/bugreport.html (original)
+++ tomcat/site/trunk/docs/bugreport.html Tue Dec 12 15:28:09 2023
@@ -1,5 +1,5 @@
 
-Apache Tomcat - Reporting Bugshttps://www.apachecon.com/event-images/snippet.js";>http://tomcat.apache.org/;>Apache 
Tomcathttps://www.apache.org/foundation/contributing.html; target="_blank" 
class="pull-left">https://www.apache.org/images/SupportApache-small.png
 " class="support-asf" alt="Support Apache">http://www.apache.org/; target="_blank" class="pull-left">https://www.google.com/search; method="get">GOApache TomcatHomeTaglibsMaven 
PluginDownloadWhich version?https://tomcat.apache.org/download-11.c
 gi">Tomcat 11 (alpha)https://tomcat.apache.org/download-10.cgi;>Tomcat 10https://tomcat.apache.org/download-90.cgi;>Tomcat 9https://tomcat.apache.org/download-80.cgi;>Tomcat 8https://tomcat.apache.org/download-migration.cgi;>Tomcat Migration Tool 
for Jakarta EEhttps://tomcat.apache.org/download-connectors.cgi;>Tomcat 
Connectorshttps://tomcat.apache.org/download-native.cgi;>Tomcat 
Nativehttps://tomcat.apache.org/download-taglibs.cgi;>Taglibshttps://archive.apache.org/dist/tomcat/;>ArchivesDocumentationTomcat 11.0 (alpha)Tomcat 10.1Tomcat 9.0Tomcat 8.5Tomcat ConnectorsTomcat Native 
2Tomcat Native 1.2https://cwiki.apache.org/confluence/display/TOMCAT;>WikiMigration GuidePresentationshttps://cwiki.apache.org/confluence/x/Bi8lBg;>SpecificationsProblems?Security ReportsFind helphttps://cwiki.apache.org/confluence/display/TOMCAT/FAQ;>FAQMailing ListsBug 
DatabaseIRCGet 
InvolvedOverviewSource codeBuildbothttps://cwiki.apache.org/
 confluence/x/vIPzBQ">TranslationsToolsMediahttps://twitter.com/theapachetomcat;>Twitterhttps://www.youtube.com/c/ApacheTomcatOfficial;>YouTubehttps://blogs.apache.org/tomcat/;>BlogMiscWho We Arehttps://www.redbubble.com/people/comdev/works/30885254-apache-tomcat;>SwagHeritagehttp://www.apache.org;>Apache 

svn commit: r65918 [1/2] - in /dev/tomcat/tomcat-8/v8.5.97: ./ bin/ bin/embed/ bin/extras/ src/

[schultz]

Author: schultz
Date: Thu Dec  7 18:10:33 2023
New Revision: 65918

Log:
Upload Tomcat v8.5.97 for voting.

Added:
dev/tomcat/tomcat-8/v8.5.97/
dev/tomcat/tomcat-8/v8.5.97/KEYS
dev/tomcat/tomcat-8/v8.5.97/README.html
dev/tomcat/tomcat-8/v8.5.97/RELEASE-NOTES
dev/tomcat/tomcat-8/v8.5.97/bin/
dev/tomcat/tomcat-8/v8.5.97/bin/README.html
dev/tomcat/tomcat-8/v8.5.97/bin/apache-tomcat-8.5.97-deployer.tar.gz   
(with props)
dev/tomcat/tomcat-8/v8.5.97/bin/apache-tomcat-8.5.97-deployer.tar.gz.asc
dev/tomcat/tomcat-8/v8.5.97/bin/apache-tomcat-8.5.97-deployer.tar.gz.sha512
dev/tomcat/tomcat-8/v8.5.97/bin/apache-tomcat-8.5.97-deployer.zip   (with 
props)
dev/tomcat/tomcat-8/v8.5.97/bin/apache-tomcat-8.5.97-deployer.zip.asc
dev/tomcat/tomcat-8/v8.5.97/bin/apache-tomcat-8.5.97-deployer.zip.sha512
dev/tomcat/tomcat-8/v8.5.97/bin/apache-tomcat-8.5.97-fulldocs.tar.gz   
(with props)
dev/tomcat/tomcat-8/v8.5.97/bin/apache-tomcat-8.5.97-fulldocs.tar.gz.asc
dev/tomcat/tomcat-8/v8.5.97/bin/apache-tomcat-8.5.97-fulldocs.tar.gz.sha512
dev/tomcat/tomcat-8/v8.5.97/bin/apache-tomcat-8.5.97-windows-x64.zip   
(with props)
dev/tomcat/tomcat-8/v8.5.97/bin/apache-tomcat-8.5.97-windows-x64.zip.asc
dev/tomcat/tomcat-8/v8.5.97/bin/apache-tomcat-8.5.97-windows-x64.zip.sha512
dev/tomcat/tomcat-8/v8.5.97/bin/apache-tomcat-8.5.97-windows-x86.zip   
(with props)
dev/tomcat/tomcat-8/v8.5.97/bin/apache-tomcat-8.5.97-windows-x86.zip.asc
dev/tomcat/tomcat-8/v8.5.97/bin/apache-tomcat-8.5.97-windows-x86.zip.sha512
dev/tomcat/tomcat-8/v8.5.97/bin/apache-tomcat-8.5.97.exe   (with props)
dev/tomcat/tomcat-8/v8.5.97/bin/apache-tomcat-8.5.97.exe.asc
dev/tomcat/tomcat-8/v8.5.97/bin/apache-tomcat-8.5.97.exe.sha512
dev/tomcat/tomcat-8/v8.5.97/bin/apache-tomcat-8.5.97.tar.gz   (with props)
dev/tomcat/tomcat-8/v8.5.97/bin/apache-tomcat-8.5.97.tar.gz.asc
dev/tomcat/tomcat-8/v8.5.97/bin/apache-tomcat-8.5.97.tar.gz.sha512
dev/tomcat/tomcat-8/v8.5.97/bin/apache-tomcat-8.5.97.zip   (with props)
dev/tomcat/tomcat-8/v8.5.97/bin/apache-tomcat-8.5.97.zip.asc
dev/tomcat/tomcat-8/v8.5.97/bin/apache-tomcat-8.5.97.zip.sha512
dev/tomcat/tomcat-8/v8.5.97/bin/embed/
dev/tomcat/tomcat-8/v8.5.97/bin/embed/apache-tomcat-8.5.97-embed.tar.gz   
(with props)
dev/tomcat/tomcat-8/v8.5.97/bin/embed/apache-tomcat-8.5.97-embed.tar.gz.asc

dev/tomcat/tomcat-8/v8.5.97/bin/embed/apache-tomcat-8.5.97-embed.tar.gz.sha512
dev/tomcat/tomcat-8/v8.5.97/bin/embed/apache-tomcat-8.5.97-embed.zip   
(with props)
dev/tomcat/tomcat-8/v8.5.97/bin/embed/apache-tomcat-8.5.97-embed.zip.asc
dev/tomcat/tomcat-8/v8.5.97/bin/embed/apache-tomcat-8.5.97-embed.zip.sha512
dev/tomcat/tomcat-8/v8.5.97/bin/extras/
dev/tomcat/tomcat-8/v8.5.97/bin/extras/catalina-ws.jar   (with props)
dev/tomcat/tomcat-8/v8.5.97/bin/extras/catalina-ws.jar.asc
dev/tomcat/tomcat-8/v8.5.97/bin/extras/catalina-ws.jar.sha512
dev/tomcat/tomcat-8/v8.5.97/src/
dev/tomcat/tomcat-8/v8.5.97/src/apache-tomcat-8.5.97-src.tar.gz   (with 
props)
dev/tomcat/tomcat-8/v8.5.97/src/apache-tomcat-8.5.97-src.tar.gz.asc
dev/tomcat/tomcat-8/v8.5.97/src/apache-tomcat-8.5.97-src.tar.gz.sha512
dev/tomcat/tomcat-8/v8.5.97/src/apache-tomcat-8.5.97-src.zip   (with props)
dev/tomcat/tomcat-8/v8.5.97/src/apache-tomcat-8.5.97-src.zip.asc
dev/tomcat/tomcat-8/v8.5.97/src/apache-tomcat-8.5.97-src.zip.sha512

Added: dev/tomcat/tomcat-8/v8.5.97/KEYS
==
--- dev/tomcat/tomcat-8/v8.5.97/KEYS (added)
+++ dev/tomcat/tomcat-8/v8.5.97/KEYS Thu Dec  7 18:10:33 2023
@@ -0,0 +1,785 @@
+This file contains the PGP keys of various Apache developers.
+Please don't use them for email unless you have to. Their main
+purpose is code signing.
+
+Apache users: pgp < KEYS
+Apache developers:
+(pgpk -ll  && pgpk -xa ) >> this file.
+  or
+(gpg --fingerprint --list-sigs 
+ && gpg --armor --export ) >> this file.
+
+Apache developers: please ensure that your key is also available via the
+PGP keyservers (such as pgpkeys.mit.edu).
+
+
+Type Bits/KeyIDDate   User ID
+pub  2048/F22C4FED 2001/07/02 Andy Armstrong 
+
+-BEGIN PGP PUBLIC KEY BLOCK-
+Version: PGPfreeware 7.0.3 for non-commercial use 
+
+mQGiBDtAWuURBADZ0KUEyUkSUiTA09e7tvEbX25STsjxrR+DNTainCls+XlkVOij
+gBv216lqge9tIsS0L6hCP4OQbFf/64qVtJssX4QXdyiZGb5wpmcj0Mz602Ew8r+N
+I0S5NvmogoYWW7BlP4r61jNxO5zrr03KaijM5r4ipJdLUxyOmM6P2jRPUwCg/5gm
+bpqiYl7pXX5FgDeB36tmD+UD/06iLqOnoiKO0vMbOk7URclhCObMNrHqxTxozMTS
+B9soYURbIeArei+plYo2n+1qB12ayybjhVu3uksXRdT9bEkyxMfslvLbIpDAG8Cz
+gNftTbKx/MVS7cQU0II8BKo2Akr+1FZah+sD4ovK8SfkMXUQUbTeefTntsAQKyyU
+9M9tA/9on9tBiHFl0qVJht6N4GiJ2G689v7rS2giLgKjetjiCduxBXEgvUSuyQID
+nF9ATrpXjITwsRlGKFmpZiFm5oCeCXihIVH0u6q066xNW2AXkLVoJ1l1Rs2Z0lsb

svn commit: r1913800 [1/4] - in /tomcat/site/trunk/docs/tomcat-9.0-doc: annotationapi/ annotationapi/jquery/ annotationapi/legal/ annotationapi/script-dir/ api/ api/jquery/ api/legal/ api/org/apache/c

[remm]

/site/trunk/docs/tomcat-9.0-doc/jaspicapi/allclasses.html
tomcat/site/trunk/docs/tomcat-9.0-doc/jaspicapi/deprecated-list.html
tomcat/site/trunk/docs/tomcat-9.0-doc/jaspicapi/jquery/
tomcat/site/trunk/docs/tomcat-9.0-doc/jaspicapi/legal/jszip.md
tomcat/site/trunk/docs/tomcat-9.0-doc/jaspicapi/legal/pako.md
tomcat/site/trunk/docs/tomcat-9.0-doc/jaspicapi/member-search-index.zip
tomcat/site/trunk/docs/tomcat-9.0-doc/jaspicapi/package-search-index.zip
tomcat/site/trunk/docs/tomcat-9.0-doc/jaspicapi/type-search-index.zip
tomcat/site/trunk/docs/tomcat-9.0-doc/jspapi/allclasses.html
tomcat/site/trunk/docs/tomcat-9.0-doc/jspapi/jquery/
tomcat/site/trunk/docs/tomcat-9.0-doc/jspapi/legal/jszip.md
tomcat/site/trunk/docs/tomcat-9.0-doc/jspapi/legal/pako.md
tomcat/site/trunk/docs/tomcat-9.0-doc/jspapi/member-search-index.zip
tomcat/site/trunk/docs/tomcat-9.0-doc/jspapi/package-search-index.zip
tomcat/site/trunk/docs/tomcat-9.0-doc/jspapi/type-search-index.zip
tomcat/site/trunk/docs/tomcat-9.0-doc/servletapi/allclasses.html
tomcat/site/trunk/docs/tomcat-9.0-doc/servletapi/jquery/
tomcat/site/trunk/docs/tomcat-9.0-doc/servletapi/legal/jszip.md
tomcat/site/trunk/docs/tomcat-9.0-doc/servletapi/legal/pako.md
tomcat/site/trunk/docs/tomcat-9.0-doc/servletapi/member-search-index.zip
tomcat/site/trunk/docs/tomcat-9.0-doc/servletapi/package-search-index.zip
tomcat/site/trunk/docs/tomcat-9.0-doc/servletapi/type-search-index.zip
tomcat/site/trunk/docs/tomcat-9.0-doc/websocketapi/allclasses.html
tomcat/site/trunk/docs/tomcat-9.0-doc/websocketapi/deprecated-list.html
tomcat/site/trunk/docs/tomcat-9.0-doc/websocketapi/jquery/
tomcat/site/trunk/docs/tomcat-9.0-doc/websocketapi/legal/jszip.md
tomcat/site/trunk/docs/tomcat-9.0-doc/websocketapi/legal/pako.md
tomcat/site/trunk/docs/tomcat-9.0-doc/websocketapi/member-search-index.zip
tomcat/site/trunk/docs/tomcat-9.0-doc/websocketapi/package-search-index.zip
tomcat/site/trunk/docs/tomcat-9.0-doc/websocketapi/type-search-index.zip

Added: 
tomcat/site/trunk/docs/tomcat-9.0-doc/annotationapi/module-search-index.js
URL: 
http://svn.apache.org/viewvc/tomcat/site/trunk/docs/tomcat-9.0-doc/annotationapi/module-search-index.js?rev=1913800=auto
==
--- tomcat/site/trunk/docs/tomcat-9.0-doc/annotationapi/module-search-index.js 
(added)
+++ tomcat/site/trunk/docs/tomcat-9.0-doc/annotationapi/module-search-index.js 
Wed Nov 15 10:57:51 2023
@@ -0,0 +1 @@
+moduleSearchIndex = [];updateSearchResults();
\ No newline at end of file

Added: 
tomcat/site/trunk/docs/tomcat-9.0-doc/annotationapi/script-dir/jquery-3.6.1.min.js
URL: 
http://svn.apache.org/viewvc/tomcat/site/trunk/docs/tomcat-9.0-doc/annotationapi/script-dir/jquery-3.6.1.min.js?rev=1913800=auto
==
--- 
tomcat/site/trunk/docs/tomcat-9.0-doc/annotationapi/script-dir/jquery-3.6.1.min.js
 (added)
+++ 
tomcat/site/trunk/docs/tomcat-9.0-doc/annotationapi/script-dir/jquery-3.6.1.min.js
 Wed Nov 15 10:57:51 2023
@@ -0,0 +1,2 @@
+/*! jQuery v3.6.1 | (c) OpenJS Foundation and other contributors | 
jquery.org/license */

[... 2 lines stripped ...]
Added: 
tomcat/site/trunk/docs/tomcat-9.0-doc/annotationapi/script-dir/jquery-ui.min.css
URL: 
http://svn.apache.org/viewvc/tomcat/site/trunk/docs/tomcat-9.0-doc/annotationapi/script-dir/jquery-ui.min.css?rev=1913800=auto
==
--- 
tomcat/site/trunk/docs/tomcat-9.0-doc/annotationapi/script-dir/jquery-ui.min.css
 (added)
+++ 
tomcat/site/trunk/docs/tomcat-9.0-doc/annotationapi/script-dir/jquery-ui.min.css
 Wed Nov 15 10:57:51 2023
@@ -0,0 +1,6 @@
+/*! jQuery UI - v1.13.2 - 2023-02-27
+* http://jqueryui.com
+* Includes: core.css, autocomplete.css, menu.css
+* Copyright jQuery Foundation and other contributors; Licensed MIT */
+
+.ui-helper-hidden{display:none}.ui-helper-hidden-accessible{border:0;clip:rect(0
 0 0 
0);height:1px;margin:-1px;overflow:hidden;padding:0;position:absolute;width:1px}.ui-helper-reset{margin:0;padding:0;border:0;outline:0;line-height:1.3;text-decoration:none;font-size:100%;list-style:none}.ui-helper-clearfix:before,.ui-helper-clearfix:after{content:"";display:table;border-collapse:collapse}.ui-helper-clearfix:after{clear:both}.ui-helper-zfix{width:100%;height:100%;top:0;left:0;position:absolute;opacity:0;-ms-filter:"alpha(opacity=0)"}.ui-front{z-index:100}.ui-state-disabled{cursor:default!important;pointer-events:none}.ui-icon{display:inline-block;vertical-align:middle;margin-top:-.25em;position:relative;text-indent:-9px;overflow:hidden;background-repeat:no-repeat}.ui-widget-icon-block{left:50%;margin-left:-8px;display:block}.ui-widget-overlay{position:fixed;top:0;left:0;width:100%;height:100%}.ui-autocomplete{position:a

svn commit: r65203 [1/2] - in /dev/tomcat/tomcat-8/v8.5.96: ./ bin/ bin/embed/ bin/extras/ src/

[schultz]

Author: schultz
Date: Fri Nov 10 15:24:01 2023
New Revision: 65203

Log:
Upload 8.5.96 for voting

Added:
dev/tomcat/tomcat-8/v8.5.96/
dev/tomcat/tomcat-8/v8.5.96/KEYS
dev/tomcat/tomcat-8/v8.5.96/README.html
dev/tomcat/tomcat-8/v8.5.96/RELEASE-NOTES
dev/tomcat/tomcat-8/v8.5.96/bin/
dev/tomcat/tomcat-8/v8.5.96/bin/README.html
dev/tomcat/tomcat-8/v8.5.96/bin/apache-tomcat-8.5.96-deployer.tar.gz   
(with props)
dev/tomcat/tomcat-8/v8.5.96/bin/apache-tomcat-8.5.96-deployer.tar.gz.asc
dev/tomcat/tomcat-8/v8.5.96/bin/apache-tomcat-8.5.96-deployer.tar.gz.sha512
dev/tomcat/tomcat-8/v8.5.96/bin/apache-tomcat-8.5.96-deployer.zip   (with 
props)
dev/tomcat/tomcat-8/v8.5.96/bin/apache-tomcat-8.5.96-deployer.zip.asc
dev/tomcat/tomcat-8/v8.5.96/bin/apache-tomcat-8.5.96-deployer.zip.sha512
dev/tomcat/tomcat-8/v8.5.96/bin/apache-tomcat-8.5.96-fulldocs.tar.gz   
(with props)
dev/tomcat/tomcat-8/v8.5.96/bin/apache-tomcat-8.5.96-fulldocs.tar.gz.asc
dev/tomcat/tomcat-8/v8.5.96/bin/apache-tomcat-8.5.96-fulldocs.tar.gz.sha512
dev/tomcat/tomcat-8/v8.5.96/bin/apache-tomcat-8.5.96-windows-x64.zip   
(with props)
dev/tomcat/tomcat-8/v8.5.96/bin/apache-tomcat-8.5.96-windows-x64.zip.asc
dev/tomcat/tomcat-8/v8.5.96/bin/apache-tomcat-8.5.96-windows-x64.zip.sha512
dev/tomcat/tomcat-8/v8.5.96/bin/apache-tomcat-8.5.96-windows-x86.zip   
(with props)
dev/tomcat/tomcat-8/v8.5.96/bin/apache-tomcat-8.5.96-windows-x86.zip.asc
dev/tomcat/tomcat-8/v8.5.96/bin/apache-tomcat-8.5.96-windows-x86.zip.sha512
dev/tomcat/tomcat-8/v8.5.96/bin/apache-tomcat-8.5.96.exe   (with props)
dev/tomcat/tomcat-8/v8.5.96/bin/apache-tomcat-8.5.96.exe.asc
dev/tomcat/tomcat-8/v8.5.96/bin/apache-tomcat-8.5.96.exe.sha512
dev/tomcat/tomcat-8/v8.5.96/bin/apache-tomcat-8.5.96.tar.gz   (with props)
dev/tomcat/tomcat-8/v8.5.96/bin/apache-tomcat-8.5.96.tar.gz.asc
dev/tomcat/tomcat-8/v8.5.96/bin/apache-tomcat-8.5.96.tar.gz.sha512
dev/tomcat/tomcat-8/v8.5.96/bin/apache-tomcat-8.5.96.zip   (with props)
dev/tomcat/tomcat-8/v8.5.96/bin/apache-tomcat-8.5.96.zip.asc
dev/tomcat/tomcat-8/v8.5.96/bin/apache-tomcat-8.5.96.zip.sha512
dev/tomcat/tomcat-8/v8.5.96/bin/embed/
dev/tomcat/tomcat-8/v8.5.96/bin/embed/apache-tomcat-8.5.96-embed.tar.gz   
(with props)
dev/tomcat/tomcat-8/v8.5.96/bin/embed/apache-tomcat-8.5.96-embed.tar.gz.asc

dev/tomcat/tomcat-8/v8.5.96/bin/embed/apache-tomcat-8.5.96-embed.tar.gz.sha512
dev/tomcat/tomcat-8/v8.5.96/bin/embed/apache-tomcat-8.5.96-embed.zip   
(with props)
dev/tomcat/tomcat-8/v8.5.96/bin/embed/apache-tomcat-8.5.96-embed.zip.asc
dev/tomcat/tomcat-8/v8.5.96/bin/embed/apache-tomcat-8.5.96-embed.zip.sha512
dev/tomcat/tomcat-8/v8.5.96/bin/extras/
dev/tomcat/tomcat-8/v8.5.96/bin/extras/catalina-ws.jar   (with props)
dev/tomcat/tomcat-8/v8.5.96/bin/extras/catalina-ws.jar.asc
dev/tomcat/tomcat-8/v8.5.96/bin/extras/catalina-ws.jar.sha512
dev/tomcat/tomcat-8/v8.5.96/src/
dev/tomcat/tomcat-8/v8.5.96/src/apache-tomcat-8.5.96-src.tar.gz   (with 
props)
dev/tomcat/tomcat-8/v8.5.96/src/apache-tomcat-8.5.96-src.tar.gz.asc
dev/tomcat/tomcat-8/v8.5.96/src/apache-tomcat-8.5.96-src.tar.gz.sha512
dev/tomcat/tomcat-8/v8.5.96/src/apache-tomcat-8.5.96-src.zip   (with props)
dev/tomcat/tomcat-8/v8.5.96/src/apache-tomcat-8.5.96-src.zip.asc
dev/tomcat/tomcat-8/v8.5.96/src/apache-tomcat-8.5.96-src.zip.sha512

Added: dev/tomcat/tomcat-8/v8.5.96/KEYS
==
--- dev/tomcat/tomcat-8/v8.5.96/KEYS (added)
+++ dev/tomcat/tomcat-8/v8.5.96/KEYS Fri Nov 10 15:24:01 2023
@@ -0,0 +1,785 @@
+This file contains the PGP keys of various Apache developers.
+Please don't use them for email unless you have to. Their main
+purpose is code signing.
+
+Apache users: pgp < KEYS
+Apache developers:
+(pgpk -ll  && pgpk -xa ) >> this file.
+  or
+(gpg --fingerprint --list-sigs 
+ && gpg --armor --export ) >> this file.
+
+Apache developers: please ensure that your key is also available via the
+PGP keyservers (such as pgpkeys.mit.edu).
+
+
+Type Bits/KeyIDDate   User ID
+pub  2048/F22C4FED 2001/07/02 Andy Armstrong 
+
+-BEGIN PGP PUBLIC KEY BLOCK-
+Version: PGPfreeware 7.0.3 for non-commercial use 
+
+mQGiBDtAWuURBADZ0KUEyUkSUiTA09e7tvEbX25STsjxrR+DNTainCls+XlkVOij
+gBv216lqge9tIsS0L6hCP4OQbFf/64qVtJssX4QXdyiZGb5wpmcj0Mz602Ew8r+N
+I0S5NvmogoYWW7BlP4r61jNxO5zrr03KaijM5r4ipJdLUxyOmM6P2jRPUwCg/5gm
+bpqiYl7pXX5FgDeB36tmD+UD/06iLqOnoiKO0vMbOk7URclhCObMNrHqxTxozMTS
+B9soYURbIeArei+plYo2n+1qB12ayybjhVu3uksXRdT9bEkyxMfslvLbIpDAG8Cz
+gNftTbKx/MVS7cQU0II8BKo2Akr+1FZah+sD4ovK8SfkMXUQUbTeefTntsAQKyyU
+9M9tA/9on9tBiHFl0qVJht6N4GiJ2G689v7rS2giLgKjetjiCduxBXEgvUSuyQID
+nF9ATrpXjITwsRlGKFmpZiFm5oCeCXihIVH0u6q066xNW2AXkLVoJ1l1Rs2Z0lsb

[Bug 67934] APR connectors will fail to load when tcnative-1 and tcnative-2 are installed in parallel

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=67934

Mark Thomas  changed:

   What|Removed |Added

 Status|NEW |RESOLVED
 Resolution|--- |FIXED

--- Comment #1 from Mark Thomas  ---
For 9.0.x and 8.5.x I think it makes sense to use 1.x in preference to 2.x
since 1.x supports the APR/Native connector. 10.1.x onwards are fine preferring
2.x.

Fixed in:
-  9.0.x for  9.0.83 onwards
-  8.5.x for  8.5.96 onwards

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

(tomcat) branch 10.1.x updated: Add comment on preference for 2.x over 1.x

[markt]

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 10.1.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/10.1.x by this push:
 new 1e54fc0a91 Add comment on preference for 2.x over 1.x
1e54fc0a91 is described below

commit 1e54fc0a918a032dc2be9159ba080d9cd71a26ca
Author: Mark Thomas 
AuthorDate: Fri Nov 3 14:07:11 2023 +

Add comment on preference for 2.x over 1.x
---
 java/org/apache/tomcat/jni/Library.java | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/java/org/apache/tomcat/jni/Library.java 
b/java/org/apache/tomcat/jni/Library.java
index cadbcc08d1..9b9585f689 100644
--- a/java/org/apache/tomcat/jni/Library.java
+++ b/java/org/apache/tomcat/jni/Library.java
@@ -20,7 +20,7 @@ import java.io.File;
 
 public final class Library {
 
-/* Default library names */
+/* Default library names - use 2.x in preference to 1.x if both are 
available */
 private static final String [] NAMES = {"tcnative-2", "libtcnative-2", 
"tcnative-1", "libtcnative-1"};
 /* System property used to define CATALINA_HOME */
 private static final String CATALINA_HOME_PROP = "catalina.home";


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

(tomcat) branch main updated: Add comment on preference for 2.x over 1.x

[markt]

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/main by this push:
 new 28763a2ec1 Add comment on preference for 2.x over 1.x
28763a2ec1 is described below

commit 28763a2ec1581707011d8c7f04e3754f37a9b7be
Author: Mark Thomas 
AuthorDate: Fri Nov 3 14:07:11 2023 +

Add comment on preference for 2.x over 1.x
---
 java/org/apache/tomcat/jni/Library.java | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/java/org/apache/tomcat/jni/Library.java 
b/java/org/apache/tomcat/jni/Library.java
index 2fa3b07ecd..c0256eacff 100644
--- a/java/org/apache/tomcat/jni/Library.java
+++ b/java/org/apache/tomcat/jni/Library.java
@@ -20,7 +20,7 @@ import java.io.File;
 
 public final class Library {
 
-/* Default library names */
+/* Default library names - use 2.x in preference to 1.x if both are 
available */
 private static final String [] NAMES = {"tcnative-2", "libtcnative-2", 
"tcnative-1", "libtcnative-1"};
 /* System property used to define CATALINA_HOME */
 private static final String CATALINA_HOME_PROP = "catalina.home";


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 67926] PEMFile prints unidentifiable string representation of ASN.1 OIDs

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=67926

Michael Osipov  changed:

   What|Removed |Added

 Status|NEW |RESOLVED
 Resolution|--- |FIXED

--- Comment #6 from Michael Osipov  ---
Fixed in:
- main for 11.0.0-M14 and onwards
- 10.1.x for 10.1.16 and onwards
- 9.0.x  for 9.0.83 and onwards
- 8.5.x for 8.5.96 and onwards

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: [PR] BZ 67926: PEMFile prints unidentifiable string representation of ASN.1 OIDs [tomcat]

[via GitHub]

michael-o closed pull request #675: BZ 67926: PEMFile prints unidentifiable 
string representation of ASN.1 OIDs
URL: https://github.com/apache/tomcat/pull/675


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: [PR] BZ 67926: PEMFile prints unidentifiable string representation of ASN.1 OIDs [tomcat]

[via GitHub]

michael-o commented on PR #675:
URL: https://github.com/apache/tomcat/pull/675#issuecomment-1787001486

   Merged.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

(tomcat) branch 8.5.x updated: BZ 67926: PEMFile prints unidentifiable string representation of ASN.1 OIDs

[michaelo]

This is an automated email from the ASF dual-hosted git repository.

michaelo pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/8.5.x by this push:
 new 40a1d14fd4 BZ 67926: PEMFile prints unidentifiable string 
representation of ASN.1 OIDs
40a1d14fd4 is described below

commit 40a1d14fd4717505f756f08d5b76abaf55b7778c
Author: Michael Osipov 
AuthorDate: Mon Oct 30 11:43:36 2023 +0100

BZ 67926: PEMFile prints unidentifiable string representation of ASN.1 OIDs
---
 java/org/apache/tomcat/util/net/jsse/PEMFile.java | 20 
 webapps/docs/changelog.xml|  4 
 2 files changed, 20 insertions(+), 4 deletions(-)

diff --git a/java/org/apache/tomcat/util/net/jsse/PEMFile.java 
b/java/org/apache/tomcat/util/net/jsse/PEMFile.java
index a136bef6a6..2499beda79 100644
--- a/java/org/apache/tomcat/util/net/jsse/PEMFile.java
+++ b/java/org/apache/tomcat/util/net/jsse/PEMFile.java
@@ -56,6 +56,8 @@ import org.apache.tomcat.util.buf.HexUtils;
 import org.apache.tomcat.util.codec.binary.Base64;
 import org.apache.tomcat.util.file.ConfigFileLoader;
 import org.apache.tomcat.util.res.StringManager;
+import org.ietf.jgss.GSSException;
+import org.ietf.jgss.Oid;
 
 /**
  * RFC 1421 PEM file containing X509 certificates or private keys.
@@ -373,7 +375,7 @@ public class PEMFile {
  */
 if (!Arrays.equals(oidEncryptionAlgorithm, OID_PBES2)) {
 throw new 
NoSuchAlgorithmException(sm.getString("pemFile.unknownPkcs8Algorithm",
-HexUtils.toHexString(oidEncryptionAlgorithm)));
+toDottedOidString(oidEncryptionAlgorithm)));
 }
 
 // PBES2-params
@@ -386,7 +388,7 @@ public class PEMFile {
 byte[] oidKDF = p.parseOIDAsBytes();
 if (!Arrays.equals(oidKDF, OID_PBKDF2)) {
 throw new NoSuchAlgorithmException(
-sm.getString("pemFile.notPbkdf2", 
HexUtils.toHexString(oidKDF)));
+sm.getString("pemFile.notPbkdf2", 
toDottedOidString(oidKDF)));
 }
 
 // PBES2 KDF-params
@@ -404,7 +406,7 @@ public class PEMFile {
 byte[] oidPRF = p.parseOIDAsBytes();
 String prf = OID_TO_PRF.get(HexUtils.toHexString(oidPRF));
 if (prf == null) {
-throw new 
NoSuchAlgorithmException(sm.getString("pemFile.unknownPrfAlgorithm", 
HexUtils.toHexString(oidPRF)));
+throw new 
NoSuchAlgorithmException(sm.getString("pemFile.unknownPrfAlgorithm", 
toDottedOidString(oidPRF)));
 }
 p.parseNull();
 
@@ -415,7 +417,7 @@ public class PEMFile {
 Algorithm algorithm = 
OID_TO_ALGORITHM.get(HexUtils.toHexString(oidCipher));
 if (algorithm == null) {
 throw new NoSuchAlgorithmException(
-
sm.getString("pemFile.unknownEncryptionAlgorithm", 
HexUtils.toHexString(oidCipher)));
+
sm.getString("pemFile.unknownEncryptionAlgorithm", 
toDottedOidString(oidCipher)));
 }
 
 byte[] iv = p.parseOctetString();
@@ -622,6 +624,16 @@ public class PEMFile {
 }
 return bytes;
 }
+
+
+private String toDottedOidString(byte[] oidBytes) {
+try {
+Oid oid = new Oid(oidBytes);
+return oid.toString();
+} catch (GSSException e) {
+return HexUtils.toHexString(oidBytes);
+}
+}
 }
 
 
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 72ea1e0402..2340769f7a 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -120,6 +120,10 @@
 Optionally allow ServiceBindingPropertySource to trim a trailing 
newline
 from a file containing a property-value. (schultz)
   
+  
+67926: PEMFile prints unidentifiable string 
representation
+ of ASN.1 OIDs. (michaelo)
+  
 
   
   


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

(tomcat) branch 10.1.x updated: BZ 67926: PEMFile prints unidentifiable string representation of ASN.1 OIDs

[michaelo]

This is an automated email from the ASF dual-hosted git repository.

michaelo pushed a commit to branch 10.1.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/10.1.x by this push:
 new 60b68d8f2a BZ 67926: PEMFile prints unidentifiable string 
representation of ASN.1 OIDs
60b68d8f2a is described below

commit 60b68d8f2a84e10e275fa8d7b83d1a2da99e35c2
Author: Michael Osipov 
AuthorDate: Mon Oct 30 11:43:36 2023 +0100

BZ 67926: PEMFile prints unidentifiable string representation of ASN.1 OIDs
---
 java/org/apache/tomcat/util/net/jsse/PEMFile.java | 20 
 webapps/docs/changelog.xml|  4 
 2 files changed, 20 insertions(+), 4 deletions(-)

diff --git a/java/org/apache/tomcat/util/net/jsse/PEMFile.java 
b/java/org/apache/tomcat/util/net/jsse/PEMFile.java
index b3f60ce0db..5bef5b6f24 100644
--- a/java/org/apache/tomcat/util/net/jsse/PEMFile.java
+++ b/java/org/apache/tomcat/util/net/jsse/PEMFile.java
@@ -56,6 +56,8 @@ import org.apache.tomcat.util.buf.HexUtils;
 import org.apache.tomcat.util.codec.binary.Base64;
 import org.apache.tomcat.util.file.ConfigFileLoader;
 import org.apache.tomcat.util.res.StringManager;
+import org.ietf.jgss.GSSException;
+import org.ietf.jgss.Oid;
 
 /**
  * RFC 1421 PEM file containing X509 certificates or private keys.
@@ -375,7 +377,7 @@ public class PEMFile {
  */
 if (!Arrays.equals(oidEncryptionAlgorithm, OID_PBES2)) {
 throw new 
NoSuchAlgorithmException(sm.getString("pemFile.unknownPkcs8Algorithm",
-HexUtils.toHexString(oidEncryptionAlgorithm)));
+toDottedOidString(oidEncryptionAlgorithm)));
 }
 
 // PBES2-params
@@ -388,7 +390,7 @@ public class PEMFile {
 byte[] oidKDF = p.parseOIDAsBytes();
 if (!Arrays.equals(oidKDF, OID_PBKDF2)) {
 throw new NoSuchAlgorithmException(
-sm.getString("pemFile.notPbkdf2", 
HexUtils.toHexString(oidKDF)));
+sm.getString("pemFile.notPbkdf2", 
toDottedOidString(oidKDF)));
 }
 
 // PBES2 KDF-params
@@ -406,7 +408,7 @@ public class PEMFile {
 byte[] oidPRF = p.parseOIDAsBytes();
 String prf = OID_TO_PRF.get(HexUtils.toHexString(oidPRF));
 if (prf == null) {
-throw new 
NoSuchAlgorithmException(sm.getString("pemFile.unknownPrfAlgorithm", 
HexUtils.toHexString(oidPRF)));
+throw new 
NoSuchAlgorithmException(sm.getString("pemFile.unknownPrfAlgorithm", 
toDottedOidString(oidPRF)));
 }
 p.parseNull();
 
@@ -417,7 +419,7 @@ public class PEMFile {
 Algorithm algorithm = 
OID_TO_ALGORITHM.get(HexUtils.toHexString(oidCipher));
 if (algorithm == null) {
 throw new NoSuchAlgorithmException(
-
sm.getString("pemFile.unknownEncryptionAlgorithm", 
HexUtils.toHexString(oidCipher)));
+
sm.getString("pemFile.unknownEncryptionAlgorithm", 
toDottedOidString(oidCipher)));
 }
 
 byte[] iv = p.parseOctetString();
@@ -624,6 +626,16 @@ public class PEMFile {
 }
 return bytes;
 }
+
+
+private String toDottedOidString(byte[] oidBytes) {
+try {
+Oid oid = new Oid(oidBytes);
+return oid.toString();
+} catch (GSSException e) {
+return HexUtils.toHexString(oidBytes);
+}
+}
 }
 
 
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 4301e1fa40..89f9ad68db 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -120,6 +120,10 @@
 Optionally allow ServiceBindingPropertySource to trim a trailing 
newline
 from a file containing a property-value. (schultz)
   
+  
+67926: PEMFile prints unidentifiable string 
representation
+ of ASN.1 OIDs. (michaelo)
+  
 
   
   


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

(tomcat) branch 9.0.x updated: BZ 67926: PEMFile prints unidentifiable string representation of ASN.1 OIDs

[michaelo]

This is an automated email from the ASF dual-hosted git repository.

michaelo pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/9.0.x by this push:
 new 96688ea1ff BZ 67926: PEMFile prints unidentifiable string 
representation of ASN.1 OIDs
96688ea1ff is described below

commit 96688ea1ff1b622653dd9cc1c7cbe1a04ad5d81b
Author: Michael Osipov 
AuthorDate: Mon Oct 30 11:43:36 2023 +0100

BZ 67926: PEMFile prints unidentifiable string representation of ASN.1 OIDs
---
 java/org/apache/tomcat/util/net/jsse/PEMFile.java | 20 
 webapps/docs/changelog.xml|  4 
 2 files changed, 20 insertions(+), 4 deletions(-)

diff --git a/java/org/apache/tomcat/util/net/jsse/PEMFile.java 
b/java/org/apache/tomcat/util/net/jsse/PEMFile.java
index b3f60ce0db..5bef5b6f24 100644
--- a/java/org/apache/tomcat/util/net/jsse/PEMFile.java
+++ b/java/org/apache/tomcat/util/net/jsse/PEMFile.java
@@ -56,6 +56,8 @@ import org.apache.tomcat.util.buf.HexUtils;
 import org.apache.tomcat.util.codec.binary.Base64;
 import org.apache.tomcat.util.file.ConfigFileLoader;
 import org.apache.tomcat.util.res.StringManager;
+import org.ietf.jgss.GSSException;
+import org.ietf.jgss.Oid;
 
 /**
  * RFC 1421 PEM file containing X509 certificates or private keys.
@@ -375,7 +377,7 @@ public class PEMFile {
  */
 if (!Arrays.equals(oidEncryptionAlgorithm, OID_PBES2)) {
 throw new 
NoSuchAlgorithmException(sm.getString("pemFile.unknownPkcs8Algorithm",
-HexUtils.toHexString(oidEncryptionAlgorithm)));
+toDottedOidString(oidEncryptionAlgorithm)));
 }
 
 // PBES2-params
@@ -388,7 +390,7 @@ public class PEMFile {
 byte[] oidKDF = p.parseOIDAsBytes();
 if (!Arrays.equals(oidKDF, OID_PBKDF2)) {
 throw new NoSuchAlgorithmException(
-sm.getString("pemFile.notPbkdf2", 
HexUtils.toHexString(oidKDF)));
+sm.getString("pemFile.notPbkdf2", 
toDottedOidString(oidKDF)));
 }
 
 // PBES2 KDF-params
@@ -406,7 +408,7 @@ public class PEMFile {
 byte[] oidPRF = p.parseOIDAsBytes();
 String prf = OID_TO_PRF.get(HexUtils.toHexString(oidPRF));
 if (prf == null) {
-throw new 
NoSuchAlgorithmException(sm.getString("pemFile.unknownPrfAlgorithm", 
HexUtils.toHexString(oidPRF)));
+throw new 
NoSuchAlgorithmException(sm.getString("pemFile.unknownPrfAlgorithm", 
toDottedOidString(oidPRF)));
 }
 p.parseNull();
 
@@ -417,7 +419,7 @@ public class PEMFile {
 Algorithm algorithm = 
OID_TO_ALGORITHM.get(HexUtils.toHexString(oidCipher));
 if (algorithm == null) {
 throw new NoSuchAlgorithmException(
-
sm.getString("pemFile.unknownEncryptionAlgorithm", 
HexUtils.toHexString(oidCipher)));
+
sm.getString("pemFile.unknownEncryptionAlgorithm", 
toDottedOidString(oidCipher)));
 }
 
 byte[] iv = p.parseOctetString();
@@ -624,6 +626,16 @@ public class PEMFile {
 }
 return bytes;
 }
+
+
+private String toDottedOidString(byte[] oidBytes) {
+try {
+Oid oid = new Oid(oidBytes);
+return oid.toString();
+} catch (GSSException e) {
+return HexUtils.toHexString(oidBytes);
+}
+}
 }
 
 
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index b576cb62b7..9f96c43e8e 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -120,6 +120,10 @@
 Optionally allow ServiceBindingPropertySource to trim a trailing 
newline
 from a file containing a property-value. (schultz)
   
+  
+67926: PEMFile prints unidentifiable string 
representation
+ of ASN.1 OIDs. (michaelo)
+  
 
   
   


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

(tomcat) branch main updated: BZ 67926: PEMFile prints unidentifiable string representation of ASN.1 OIDs

[michaelo]

This is an automated email from the ASF dual-hosted git repository.

michaelo pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/main by this push:
 new 3151ed38a6 BZ 67926: PEMFile prints unidentifiable string 
representation of ASN.1 OIDs
3151ed38a6 is described below

commit 3151ed38a65a77f0bb2ef9668bd19ceb5f31c48a
Author: Michael Osipov 
AuthorDate: Mon Oct 30 11:43:36 2023 +0100

BZ 67926: PEMFile prints unidentifiable string representation of ASN.1 OIDs
---
 java/org/apache/tomcat/util/net/jsse/PEMFile.java | 20 
 webapps/docs/changelog.xml|  4 
 2 files changed, 20 insertions(+), 4 deletions(-)

diff --git a/java/org/apache/tomcat/util/net/jsse/PEMFile.java 
b/java/org/apache/tomcat/util/net/jsse/PEMFile.java
index b3f60ce0db..5bef5b6f24 100644
--- a/java/org/apache/tomcat/util/net/jsse/PEMFile.java
+++ b/java/org/apache/tomcat/util/net/jsse/PEMFile.java
@@ -56,6 +56,8 @@ import org.apache.tomcat.util.buf.HexUtils;
 import org.apache.tomcat.util.codec.binary.Base64;
 import org.apache.tomcat.util.file.ConfigFileLoader;
 import org.apache.tomcat.util.res.StringManager;
+import org.ietf.jgss.GSSException;
+import org.ietf.jgss.Oid;
 
 /**
  * RFC 1421 PEM file containing X509 certificates or private keys.
@@ -375,7 +377,7 @@ public class PEMFile {
  */
 if (!Arrays.equals(oidEncryptionAlgorithm, OID_PBES2)) {
 throw new 
NoSuchAlgorithmException(sm.getString("pemFile.unknownPkcs8Algorithm",
-HexUtils.toHexString(oidEncryptionAlgorithm)));
+toDottedOidString(oidEncryptionAlgorithm)));
 }
 
 // PBES2-params
@@ -388,7 +390,7 @@ public class PEMFile {
 byte[] oidKDF = p.parseOIDAsBytes();
 if (!Arrays.equals(oidKDF, OID_PBKDF2)) {
 throw new NoSuchAlgorithmException(
-sm.getString("pemFile.notPbkdf2", 
HexUtils.toHexString(oidKDF)));
+sm.getString("pemFile.notPbkdf2", 
toDottedOidString(oidKDF)));
 }
 
 // PBES2 KDF-params
@@ -406,7 +408,7 @@ public class PEMFile {
 byte[] oidPRF = p.parseOIDAsBytes();
 String prf = OID_TO_PRF.get(HexUtils.toHexString(oidPRF));
 if (prf == null) {
-throw new 
NoSuchAlgorithmException(sm.getString("pemFile.unknownPrfAlgorithm", 
HexUtils.toHexString(oidPRF)));
+throw new 
NoSuchAlgorithmException(sm.getString("pemFile.unknownPrfAlgorithm", 
toDottedOidString(oidPRF)));
 }
 p.parseNull();
 
@@ -417,7 +419,7 @@ public class PEMFile {
 Algorithm algorithm = 
OID_TO_ALGORITHM.get(HexUtils.toHexString(oidCipher));
 if (algorithm == null) {
 throw new NoSuchAlgorithmException(
-
sm.getString("pemFile.unknownEncryptionAlgorithm", 
HexUtils.toHexString(oidCipher)));
+
sm.getString("pemFile.unknownEncryptionAlgorithm", 
toDottedOidString(oidCipher)));
 }
 
 byte[] iv = p.parseOctetString();
@@ -624,6 +626,16 @@ public class PEMFile {
 }
 return bytes;
 }
+
+
+private String toDottedOidString(byte[] oidBytes) {
+try {
+Oid oid = new Oid(oidBytes);
+return oid.toString();
+} catch (GSSException e) {
+return HexUtils.toHexString(oidBytes);
+}
+}
 }
 
 
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 575b08f3dc..edac7d0e60 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -125,6 +125,10 @@
 support a broader range of environments, and to give better information
 in the event of a failure. (schultz)
   
+  
+67926: PEMFile prints unidentifiable string 
representation
+ of ASN.1 OIDs. (michaelo)
+  
 
   
   


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: [PR] BZ 67926: PEMFile prints unidentifiable string representation of ASN.1 OIDs [tomcat]

[via GitHub]

rmaucher commented on code in PR #675:
URL: https://github.com/apache/tomcat/pull/675#discussion_r1377379112


##
java/org/apache/tomcat/util/net/jsse/PEMFile.java:
##
@@ -56,6 +56,8 @@
 import org.apache.tomcat.util.codec.binary.Base64;
 import org.apache.tomcat.util.file.ConfigFileLoader;
 import org.apache.tomcat.util.res.StringManager;
+import org.ietf.jgss.GSSException;

Review Comment:
   I agree it is safe enough.



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: [PR] BZ 67926: PEMFile prints unidentifiable string representation of ASN.1 OIDs [tomcat]

[via GitHub]

aooohan commented on code in PR #675:
URL: https://github.com/apache/tomcat/pull/675#discussion_r1377275894


##
java/org/apache/tomcat/util/net/jsse/PEMFile.java:
##
@@ -624,6 +626,16 @@ private byte[] fromHex(String hexString) {
 }
 return bytes;
 }
+
+
+private String toDottedOidString(byte[] oidBytes) {
+try {
+Oid oid = new Oid(oidBytes);
+return oid.toString();
+} catch (GSSException e) {
+throw new IllegalArgumentException(e.getMajorString());

Review Comment:
   Yes. ; )



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: [PR] BZ 67926: PEMFile prints unidentifiable string representation of ASN.1 OIDs [tomcat]

[via GitHub]

michael-o commented on code in PR #675:
URL: https://github.com/apache/tomcat/pull/675#discussion_r1377274168


##
java/org/apache/tomcat/util/net/jsse/PEMFile.java:
##
@@ -624,6 +626,16 @@ private byte[] fromHex(String hexString) {
 }
 return bytes;
 }
+
+
+private String toDottedOidString(byte[] oidBytes) {
+try {
+Oid oid = new Oid(oidBytes);
+return oid.toString();
+} catch (GSSException e) {
+throw new IllegalArgumentException(e.getMajorString());

Review Comment:
   I see, right. Then it is the user's problem to investigate the file.



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: [PR] BZ 67926: PEMFile prints unidentifiable string representation of ASN.1 OIDs [tomcat]

[via GitHub]

aooohan commented on code in PR #675:
URL: https://github.com/apache/tomcat/pull/675#discussion_r1377262792


##
java/org/apache/tomcat/util/net/jsse/PEMFile.java:
##
@@ -624,6 +626,16 @@ private byte[] fromHex(String hexString) {
 }
 return bytes;
 }
+
+
+private String toDottedOidString(byte[] oidBytes) {
+try {
+Oid oid = new Oid(oidBytes);
+return oid.toString();
+} catch (GSSException e) {
+throw new IllegalArgumentException(e.getMajorString());

Review Comment:
   I still think it's better to just return it, because the place where the 
method is called already makes it clear where there is a problem with the OID. 
(encryption algorithm with OID or pseudo random function with OID etc.)



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: [PR] BZ 67926: PEMFile prints unidentifiable string representation of ASN.1 OIDs [tomcat]

[via GitHub]

michael-o commented on code in PR #675:
URL: https://github.com/apache/tomcat/pull/675#discussion_r1377209435


##
java/org/apache/tomcat/util/net/jsse/PEMFile.java:
##
@@ -624,6 +626,16 @@ private byte[] fromHex(String hexString) {
 }
 return bytes;
 }
+
+
+private String toDottedOidString(byte[] oidBytes) {
+try {
+Oid oid = new Oid(oidBytes);
+return oid.toString();
+} catch (GSSException e) {
+throw new IllegalArgumentException(e.getMajorString());

Review Comment:
   I am fine with either. What about:
   ```
   throw new IllegalArgumentException(e.getMajorString() + ": " + 
HexUtils.toHexString(oidBytes));
   ```
   Combining both. WDYT?
   



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: [PR] BZ 67926: PEMFile prints unidentifiable string representation of ASN.1 OIDs [tomcat]

[via GitHub]

michael-o commented on code in PR #675:
URL: https://github.com/apache/tomcat/pull/675#discussion_r1377209435


##
java/org/apache/tomcat/util/net/jsse/PEMFile.java:
##
@@ -624,6 +626,16 @@ private byte[] fromHex(String hexString) {
 }
 return bytes;
 }
+
+
+private String toDottedOidString(byte[] oidBytes) {
+try {
+Oid oid = new Oid(oidBytes);
+return oid.toString();
+} catch (GSSException e) {
+throw new IllegalArgumentException(e.getMajorString());

Review Comment:
   I am fine with either. What about:
   ``
   throw new IllegalArgumentException(e.getMajorString() + ": " + 
HexUtils.toHexString(oidBytes));
   ```
   Combining both. WDYT?
   



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: [PR] BZ 67926: PEMFile prints unidentifiable string representation of ASN.1 OIDs [tomcat]

[via GitHub]

aooohan commented on code in PR #675:
URL: https://github.com/apache/tomcat/pull/675#discussion_r1376990387


##
java/org/apache/tomcat/util/net/jsse/PEMFile.java:
##
@@ -624,6 +626,16 @@ private byte[] fromHex(String hexString) {
 }
 return bytes;
 }
+
+
+private String toDottedOidString(byte[] oidBytes) {
+try {
+Oid oid = new Oid(oidBytes);
+return oid.toString();
+} catch (GSSException e) {
+throw new IllegalArgumentException(e.getMajorString());

Review Comment:
   I think this only needs to return a hex string of `oidBytes` if it does not 
follow format as the message in GSSException only show a tip 'Improperly 
formatted ASN.1 DER encoding for Oid' which will not help.
   ```suggestion
   return HexUtils.toHexString(oidBytes)
   ```



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: [PR] BZ 67926: PEMFile prints unidentifiable string representation of ASN.1 OIDs [tomcat]

[via GitHub]

aooohan commented on code in PR #675:
URL: https://github.com/apache/tomcat/pull/675#discussion_r1376990387


##
java/org/apache/tomcat/util/net/jsse/PEMFile.java:
##
@@ -624,6 +626,16 @@ private byte[] fromHex(String hexString) {
 }
 return bytes;
 }
+
+
+private String toDottedOidString(byte[] oidBytes) {
+try {
+Oid oid = new Oid(oidBytes);
+return oid.toString();
+} catch (GSSException e) {
+throw new IllegalArgumentException(e.getMajorString());

Review Comment:
   I think this only needd to return a hex string of `oidBytes` if it does not 
follow format as the message in GSSException only show a tip 'Improperly 
formatted ASN.1 DER encoding for Oid' which will not help.
   ```suggestion
   return HexUtils.toHexString(oidBytes)
   ```



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: [PR] BZ 67926: PEMFile prints unidentifiable string representation of ASN.1 OIDs [tomcat]

[via GitHub]

aooohan commented on code in PR #675:
URL: https://github.com/apache/tomcat/pull/675#discussion_r1376990387


##
java/org/apache/tomcat/util/net/jsse/PEMFile.java:
##
@@ -624,6 +626,16 @@ private byte[] fromHex(String hexString) {
 }
 return bytes;
 }
+
+
+private String toDottedOidString(byte[] oidBytes) {
+try {
+Oid oid = new Oid(oidBytes);
+return oid.toString();
+} catch (GSSException e) {
+throw new IllegalArgumentException(e.getMajorString());

Review Comment:
   I think this only need to return a hex string of `oidBytes` if it does not 
follow format as the message in GSSException only show a tip 'Improperly 
formatted ASN.1 DER encoding for Oid' which not help.
   ```suggestion
   return HexUtils.toHexString(oidBytes)
   ```



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: [PR] BZ 67926: PEMFile prints unidentifiable string representation of ASN.1 OIDs [tomcat]

[via GitHub]

michael-o commented on code in PR #675:
URL: https://github.com/apache/tomcat/pull/675#discussion_r1376474963


##
java/org/apache/tomcat/util/net/jsse/PEMFile.java:
##
@@ -56,6 +56,8 @@
 import org.apache.tomcat.util.codec.binary.Base64;
 import org.apache.tomcat.util.file.ConfigFileLoader;
 import org.apache.tomcat.util.res.StringManager;
+import org.ietf.jgss.GSSException;

Review Comment:
   It has been present for the past 15 years. I am using that class in my code 
for 10+ years. They are default. Azul, Temurin, OpenJDK, Oracle, HPE JVMs have 
it. The SPNEGO authenticator is using it as well: 
https://github.com/apache/tomcat/blob/9b3c28da7ec8ddbd721b127f7f3b0a7d475ab797/java/org/apache/catalina/authenticator/SpnegoAuthenticator.java#L42-L46
   I consider it safe to use.



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: [PR] BZ 67926: PEMFile prints unidentifiable string representation of ASN.1 OIDs [tomcat]

[via GitHub]

michael-o commented on code in PR #675:
URL: https://github.com/apache/tomcat/pull/675#discussion_r1376474963


##
java/org/apache/tomcat/util/net/jsse/PEMFile.java:
##
@@ -56,6 +56,8 @@
 import org.apache.tomcat.util.codec.binary.Base64;
 import org.apache.tomcat.util.file.ConfigFileLoader;
 import org.apache.tomcat.util.res.StringManager;
+import org.ietf.jgss.GSSException;

Review Comment:
   It has been present for the past 15 years. I am using that class in my code 
for 10+ years. They are default. Azul, Temurin, OpenJDK, Oracle, HPE JVMs have 
it. The SPNEGO authenticator is using it as well: 
https://github.com/apache/tomcat/blob/9b3c28da7ec8ddbd721b127f7f3b0a7d475ab797/java/org/apache/catalina/authenticator/SpnegoAuthenticator.java#L46
   
   I consider it safe to use.



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: [PR] BZ 67926: PEMFile prints unidentifiable string representation of ASN.1 OIDs [tomcat]

[via GitHub]

ChristopherSchultz commented on code in PR #675:
URL: https://github.com/apache/tomcat/pull/675#discussion_r1376435849


##
java/org/apache/tomcat/util/net/jsse/PEMFile.java:
##
@@ -56,6 +56,8 @@
 import org.apache.tomcat.util.codec.binary.Base64;
 import org.apache.tomcat.util.file.ConfigFileLoader;
 import org.apache.tomcat.util.res.StringManager;
+import org.ietf.jgss.GSSException;

Review Comment:
   Where is this package sourced? It appears to be present in the JRE since at 
least 1.7. Interpreting the OID bytes in dotted-notation isn't very difficult. 
If it avoids adding a dependency or relying on a non-mandatory JRE package, I'd 
prefer a private implementation. If all JREs are required to provide this 
package, than it's safe to use IMO.



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[PR] BZ 67926: PEMFile prints unidentifiable string representation of ASN.1 OIDs [tomcat]

[via GitHub]

michael-o opened a new pull request, #675:
URL: https://github.com/apache/tomcat/pull/675

   (no comment)


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 67934] New: APR connectors will fail to load when tcnative-1 and tcnative-2 are installed in parallel

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=67934

Bug ID: 67934
   Summary: APR connectors will fail to load when tcnative-1 and
tcnative-2 are installed in parallel
   Product: Tomcat 9
   Version: 9.0.x
  Hardware: All
OS: All
Status: NEW
  Severity: normal
  Priority: P2
 Component: Connectors
  Assignee: dev@tomcat.apache.org
  Reporter: micha...@apache.org
  Target Milestone: -

Note: This applies to both 8.5.x and 9.0.x.

Since tcnative 1.x and 2.x can be installed side by side:
> root@deblndw011x:/tmp/local/lib
> # ll
> total 19576
> drwxr-xr-x  2 osipovmi  wheel  512 2023-10-12 17:24 engines-3/
> -rw-r--r--  1 osipovmi  wheel  8917782 2023-10-12 17:24 libcrypto.a
> lrwxr-xr-x  1 osipovmi  wheel   14 2023-10-12 17:24 libcrypto.so@ -> 
> libcrypto.so.3
> -rwxr-xr-x  1 osipovmi  wheel  5050168 2023-10-12 17:24 libcrypto.so.3*
> -rw-r--r--  1 osipovmi  wheel  1328044 2023-10-12 17:24 libssl.a
> lrwxr-xr-x  1 osipovmi  wheel   11 2023-10-12 17:24 libssl.so@ -> 
> libssl.so.3
> -rwxr-xr-x  1 osipovmi  wheel   783496 2023-10-12 17:24 libssl.so.3*
> -rw-r--r--  1 osipovmi  wheel  1701660 2023-10-27 12:57 libtcnative-1.a
> -rwxr-xr-x  1 osipovmi  wheel 1052 2023-10-27 12:57 libtcnative-1.la*
> lrwxr-xr-x  1 osipovmi  wheel   23 2023-10-27 12:57 libtcnative-1.so@ -> 
> libtcnative-1.so.0.2.40
> lrwxr-xr-x  1 osipovmi  wheel   23 2023-10-27 12:57 libtcnative-1.so.0@ 
> -> libtcnative-1.so.0.2.40
> -rwxr-xr-x  1 osipovmi  wheel   975800 2023-10-27 12:57 
> libtcnative-1.so.0.2.40*
> -rw-r--r--  1 osipovmi  wheel   567160 2023-10-27 10:39 libtcnative-2.a
> -rwxr-xr-x  1 osipovmi  wheel 1050 2023-10-27 10:39 libtcnative-2.la*
> lrwxr-xr-x  1 osipovmi  wheel   22 2023-10-27 10:39 libtcnative-2.so@ -> 
> libtcnative-2.so.0.0.7
> lrwxr-xr-x  1 osipovmi  wheel   22 2023-10-27 10:39 libtcnative-2.so.0@ 
> -> libtcnative-2.so.0.0.7
> -rwxr-xr-x  1 osipovmi  wheel   361312 2023-10-27 10:39 
> libtcnative-2.so.0.0.7*
> drwxr-xr-x  2 osipovmi  wheel  512 2023-10-12 17:24 ossl-modules/
> drwxr-xr-x  2 osipovmi  wheel  512 2023-10-12 17:24 pkgconfig/
or on Windows:
> PS C:\Temp\apache-tomcat-9.0.83-dev\bin> gci -include *.dll
> PS C:\Temp\apache-tomcat-9.0.83-dev\bin> gci -Path *.dll
> 
> Directory: C:\Temp\apache-tomcat-9.0.83-dev\bin
> 
> Mode LastWriteTime     Length Name
>  - -- 
> -a---  2023-09-2814:253577344 tcnative-1.dll
> -a---  2023-09-2716:243424256 tcnative-2.dll

Now let's start Tomcat 9 with APR connector configured. Library.java will use:
> private static final String [] NAMES = {"tcnative-2", "libtcnative-2", 
> "tcnative-1", "libtcnative-1"};

Result:
> 27-Oct-2023 13:11:18.029 INFORMATION [main] 
> org.apache.coyote.AbstractProtocol.init Initializing ProtocolHandler 
> ["https-openssl-apr-30001"]
> 27-Oct-2023 13:11:18.033 SCHWERWIEGEND [main] 
> org.apache.catalina.util.LifecycleBase.handleSubClassException Failed to 
> initialize component [Connector["https-openssl-apr-30001"]]
> java.lang.UnsatisfiedLinkError: 
> org.apache.tomcat.jni.Address.info(Ljava/lang/String;IIIJ)J
> at org.apache.tomcat.jni.Address.info(Native Method)
> at 
> org.apache.tomcat.util.net.AprEndpoint.bind(AprEndpoint.java:361)
> at 
> org.apache.tomcat.util.net.AbstractEndpoint.bindWithCleanup(AbstractEndpoint.java:1326)
> at 
> org.apache.tomcat.util.net.AbstractEndpoint.init(AbstractEndpoint.java:1339)
> at 
> org.apache.coyote.AbstractProtocol.init(AbstractProtocol.java:654)
> at 
> org.apache.coyote.http11.AbstractHttp11Protocol.init(AbstractHttp11Protocol.java:75)
> at 
> org.apache.catalina.connector.Connector.initInternal(Connector.java:1009)
> at 
> org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:127)
> at 
> org.apache.catalina.core.StandardService.initInternal(StandardService.java:554)
> at 
> org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:127)
> at 
> org.apache.catalina.core.StandardServer.initInternal(StandardServer.java:1039)
> at 
> org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:127)
> at 
> org.apache.catalina.startup.Catalina.load(Catalina.java:724)
> at 
> org.apache.catalina.startup.Catalina.loa

[Bug 67934] APR connectors will fail to load when tcnative-1 and tcnative-2 are installed in parallel

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=67934

Michael Osipov  changed:

   What|Removed |Added

 CC||micha...@apache.org

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 67926] PEMFile prints unidentifiable string representation of ASN.1 OIDs

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=67926

--- Comment #5 from Michael Osipov  ---
(In reply to Mark Thomas from comment #4)
> +1 - we are already using that class in the SPNEGO authenticator

I'll try prepare a PR for this.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 67926] PEMFile prints unidentifiable string representation of ASN.1 OIDs

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=67926

--- Comment #4 from Mark Thomas  ---
+1 - we are already using that class in the SPNEGO authenticator

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 67926] PEMFile prints unidentifiable string representation of ASN.1 OIDs

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=67926

--- Comment #3 from Michael Osipov  ---
I think the easiest solution is to use org.ietf.jgss.Oid.Oid(byte[]) and the
invoke #toString()

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 67926] PEMFile prints unidentifiable string representation of ASN.1 OIDs

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=67926

Han Li  changed:

   What|Removed |Added

   Keywords||Beginner

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 67926] PEMFile prints unidentifiable string representation of ASN.1 OIDs

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=67926

--- Comment #2 from Michael Osipov  ---
(In reply to Mark Thomas from comment #1)
> Whether the user is provided with the OID in string or byte form doesn't
> change the fact that the PEM file isn't going to be usable.
> 
> The byte string is sufficient for us to diagnose the issue (and matches what
> Tomcat uses internally).
> 
> I wasn't (and still aren't) convinced it was worth the effort to provide
> byte to string conversion for OIDs just for the error messages.
> 
> That said, if you want to write a byte to String formatter for OIDs then I'm
> not going to object.

Agree, but from a user's PoV it makes it much much easier to seach online or
here: http://www.oid-info.com/

Let's leave it as an enhancement.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 67926] PEMFile prints unidentifiable string representation of ASN.1 OIDs

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=67926

Mark Thomas  changed:

   What|Removed |Added

   Severity|minor   |enhancement

--- Comment #1 from Mark Thomas  ---
Whether the user is provided with the OID in string or byte form doesn't change
the fact that the PEM file isn't going to be usable.

The byte string is sufficient for us to diagnose the issue (and matches what
Tomcat uses internally).

I wasn't (and still aren't) convinced it was worth the effort to provide byte
to string conversion for OIDs just for the error messages.

That said, if you want to write a byte to String formatter for OIDs then I'm
not going to object.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 67926] PEMFile prints unidentifiable string representation of ASN.1 OIDs

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=67926

Michael Osipov  changed:

   What|Removed |Added

 CC||micha...@apache.org

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 67926] New: PEMFile prints unidentifiable string representation of ASN.1 OIDs

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=67926

Bug ID: 67926
   Summary: PEMFile prints unidentifiable string representation of
ASN.1 OIDs
   Product: Tomcat 9
   Version: 9.0.82
  Hardware: All
OS: All
Status: NEW
  Severity: minor
  Priority: P2
 Component: Connectors
  Assignee: dev@tomcat.apache.org
  Reporter: micha...@apache.org
  Target Milestone: -

The following pattern is used:
> sm.getString("pemFile", HexUtils.toHexString(oidBytes))

The result is a hex string which is not helpful. The ASN.1 DER encoding of an
OID should be converted to a dotted string representation for users.

Affected keys:
pemFile.unknownEncryptionAlgorithm
pemFile.unknownPkcs8Algorithm
pemFile.notPbkdf2
pemFile.unknownPrfAlgorithm

Howto:
https://learn.microsoft.com/en-us/windows/win32/seccertenroll/about-object-identifier?redirectedfrom=MSDN

Reference: https://lists.apache.org/thread/2x709tc8ms5jnd1s6drf3pons009sqdl

E.g. for DES_EDE3_CBC as 1.2.840.113549.3.7 the output would be:
2a864886f70d0307. Little helpful.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 67675] Tomcat and/or Java do not read encrypted private keys with DES-EDE3-CBC generated by openssl-req(1)

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=67675

Mark Thomas  changed:

   What|Removed |Added

 Status|NEW |RESOLVED
 Resolution|--- |FIXED

--- Comment #17 from Mark Thomas  ---
Fixed in:
- 11.0.x for 11.0.0-M14 onwards
- 10.1.x for 10.1.16 onwards
-  9.0.x for  9.0.83 onwards
-  8.5.x for  8.5.96 onwards

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 67675] Tomcat and/or Java do not read encrypted private keys with DES-EDE3-CBC generated by openssl-req(1)

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=67675

--- Comment #16 from Mark Thomas  ---
See https://github.com/apache/tomcat/pull/674

That should support any cert the current code supports plus the OpenSSL
defaults.

It is possible there are other combinations that need to be supported. It
should be easy to add those as required.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 67675] Tomcat and/or Java do not read encrypted private keys with DES-EDE3-CBC generated by openssl-req(1)

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=67675

--- Comment #15 from Michael Osipov  ---
(In reply to Mark Thomas from comment #14)
> I have this working with the current test cases and a default OpenSSL
> self-signed key as per the original report.
> 
> The code needs to be cleaned up rather so I am currently expecting to commit
> the fix early next week.

Magic, if you want me to test it with real certs before you merge just let me
know and point me to the branch or go with a PR on GH.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 67675] Tomcat and/or Java do not read encrypted private keys with DES-EDE3-CBC generated by openssl-req(1)

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=67675

--- Comment #14 from Mark Thomas  ---
I have this working with the current test cases and a default OpenSSL
self-signed key as per the original report.

The code needs to be cleaned up rather so I am currently expecting to commit
the fix early next week.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 67675] Tomcat and/or Java do not read encrypted private keys with DES-EDE3-CBC generated by openssl-req(1)

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=67675

--- Comment #13 from Remy Maucherat  ---
(In reply to Mark Thomas from comment #12)
> I think some refactoring will be required
> for the ASN.1 parser to make it more robust.

I managed to do OCSP using it (
https://github.com/apache/tomcat/blob/main/modules/openssl-foreign/src/main/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLEngine.java#L1327
), but it really felt more like an accident !

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 67675] Tomcat and/or Java do not read encrypted private keys with DES-EDE3-CBC generated by openssl-req(1)

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=67675

--- Comment #12 from Mark Thomas  ---
My current assessment is that it is possible to handle this. We are going to
need to do a little more by hand. I think some refactoring will be required for
the ASN.1 parser to make it more robust.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 67675] Tomcat and/or Java do not read encrypted private keys with DES-EDE3-CBC generated by openssl-req(1)

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=67675

--- Comment #11 from Mark Thomas  ---
Yes. The steps to reproduce this worked perfectly. Thanks.

Currently working through the ASN.1 and relevant RFCs to see what we have and
if I can get Java to work with it.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 67675] Tomcat and/or Java do not read encrypted private keys with DES-EDE3-CBC generated by openssl-req(1)

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=67675

--- Comment #10 from Michael Osipov  ---
(In reply to Mark Thomas from comment #9)
> I'm working on this now. I don't think I am as far forward as you. It would
> be useful if I could see that code you have so far.
> 
> My current thinking is that the PKCS8 branch in PEMFile is going to need to
> parse the input and figure out of this is a format Java can handle and if
> not, handle it  somehow.

Mark, are my instructions sufficient to reproduce the issue on your end?

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 67675] Tomcat and/or Java do not read encrypted private keys with DES-EDE3-CBC generated by openssl-req(1)

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=67675

--- Comment #9 from Mark Thomas  ---
I'm working on this now. I don't think I am as far forward as you. It would be
useful if I could see that code you have so far.

My current thinking is that the PKCS8 branch in PEMFile is going to need to
parse the input and figure out of this is a format Java can handle and if not,
handle it  somehow.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 67675] Tomcat and/or Java do not read encrypted private keys with DES-EDE3-CBC generated by openssl-req(1)

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=67675

--- Comment #8 from Christopher Schultz  ---
I have uncommitted work locally which can read the ASN.1 and perform the
decryption, which does not fail (i.e. no exception is thrown).

But when interpreting the decrypted data as an ASN.1 stream, the tags don't
make any sense. I haven't looked that hard at the outbound ASN.1 stream. My
immediate assumption was that it was complete garbage, but it's possible there
is a bug in the parser which is trying to interpret some byte as a tag-id when
it should be something else.

I'd be happy to look more into it.

The fun part with X9.52 is that it doesn't specify a padding method for the
cipher. Using PKCS5Padding results in a BadPaddingException from the Cipher,
and using Nopadding results in garbage ciphertext. :(

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 67675] Tomcat and/or Java do not read encrypted private keys with DES-EDE3-CBC generated by openssl-req(1)

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=67675

--- Comment #7 from Mark Thomas  ---
Is that in your pem-utils project?

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 67675] Tomcat and/or Java do not read encrypted private keys with DES-EDE3-CBC generated by openssl-req(1)

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=67675

--- Comment #6 from Christopher Schultz  ---
It looks like handling OID 1.2.840.113549.3.7 is something I was working on a
while back in my project on GitHub. When running this through my own code, I
get some debug output saying something about "Rainer's weird thing" which must
have been a PEM file from him that I was trying to decode.

This appears to be ANSI X9.52 which requires payment to get a copy of the
specification, but I've been picking my way through it. I have it parsing
everything correctly, but the decryption doesn't seem to be working as
expected. It succeeds but then produces garbage plaintext.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 67675] Tomcat and/or Java do not read encrypted private keys with DES-EDE3-CBC generated by openssl-req(1)

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=67675

--- Comment #5 from Mark Thomas  ---
We may end up supporting a subset of the OpenSSL functionality (and documenting
that).

For me the target is not to support everything OpenSSL does (although it would
be great if we could) but to support the format of certificates that our users
want to use. I suspect that is a smaller subset of what is possible with
OpenSSL.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 67675] Tomcat and/or Java do not read encrypted private keys with DES-EDE3-CBC generated by openssl-req(1)

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=67675

--- Comment #4 from Michael Osipov  ---
(In reply to Mark Thomas from comment #3)
> It seems that very few (no?) users are creating keys with pass-phrases this
> way as this isn't an issue that has been reported previously and we went
> through a phase of getting reports of unsupported formats when we added the
> "try and use an in-memory keystore for everything" code.

Well, we say that people can use any combination, therefore I'd expect this
either just to work or documented NOT to work.

> I'm not adverse to trying to fix this as it is an OpenSSL default (which
> version by the way?). My only reservation at this point is how complex the
> fix might get. That depends on how much of the fix can use the standard Java
> APIs and how much we end up having to hand-craft.

This applies to any OpenSSL version 1.1.1+ since DES3 is hardcoded and the
cipher cannot be changed unless you do the separate commands.
Unfortunately, I cannot judge what the effort is to implement this in Java, but
at least we can figure out combos which do not work and document meanwhile.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 67675] Tomcat and/or Java do not read encrypted private keys with DES-EDE3-CBC generated by openssl-req(1)

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=67675

--- Comment #3 from Mark Thomas  ---
It seems that very few (no?) users are creating keys with pass-phrases this way
as this isn't an issue that has been reported previously and we went through a
phase of getting reports of unsupported formats when we added the "try and use
an in-memory keystore for everything" code.

I'm not adverse to trying to fix this as it is an OpenSSL default (which
version by the way?). My only reservation at this point is how complex the fix
might get. That depends on how much of the fix can use the standard Java APIs
and how much we end up having to hand-craft.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

svn commit: r64480 [1/2] - in /dev/tomcat/tomcat-8/v8.5.95: ./ bin/ bin/embed/ bin/extras/ src/

[schultz]

Author: schultz
Date: Thu Oct 12 01:26:29 2023
New Revision: 64480

Log:
Upload 8.5.95 for voting.

Added:
dev/tomcat/tomcat-8/v8.5.95/
dev/tomcat/tomcat-8/v8.5.95/KEYS
dev/tomcat/tomcat-8/v8.5.95/README.html
dev/tomcat/tomcat-8/v8.5.95/RELEASE-NOTES
dev/tomcat/tomcat-8/v8.5.95/bin/
dev/tomcat/tomcat-8/v8.5.95/bin/README.html
dev/tomcat/tomcat-8/v8.5.95/bin/apache-tomcat-8.5.95-deployer.tar.gz   
(with props)
dev/tomcat/tomcat-8/v8.5.95/bin/apache-tomcat-8.5.95-deployer.tar.gz.asc
dev/tomcat/tomcat-8/v8.5.95/bin/apache-tomcat-8.5.95-deployer.tar.gz.sha512
dev/tomcat/tomcat-8/v8.5.95/bin/apache-tomcat-8.5.95-deployer.zip   (with 
props)
dev/tomcat/tomcat-8/v8.5.95/bin/apache-tomcat-8.5.95-deployer.zip.asc
dev/tomcat/tomcat-8/v8.5.95/bin/apache-tomcat-8.5.95-deployer.zip.sha512
dev/tomcat/tomcat-8/v8.5.95/bin/apache-tomcat-8.5.95-fulldocs.tar.gz   
(with props)
dev/tomcat/tomcat-8/v8.5.95/bin/apache-tomcat-8.5.95-fulldocs.tar.gz.asc
dev/tomcat/tomcat-8/v8.5.95/bin/apache-tomcat-8.5.95-fulldocs.tar.gz.sha512
dev/tomcat/tomcat-8/v8.5.95/bin/apache-tomcat-8.5.95-windows-x64.zip   
(with props)
dev/tomcat/tomcat-8/v8.5.95/bin/apache-tomcat-8.5.95-windows-x64.zip.asc
dev/tomcat/tomcat-8/v8.5.95/bin/apache-tomcat-8.5.95-windows-x64.zip.sha512
dev/tomcat/tomcat-8/v8.5.95/bin/apache-tomcat-8.5.95-windows-x86.zip   
(with props)
dev/tomcat/tomcat-8/v8.5.95/bin/apache-tomcat-8.5.95-windows-x86.zip.asc
dev/tomcat/tomcat-8/v8.5.95/bin/apache-tomcat-8.5.95-windows-x86.zip.sha512
dev/tomcat/tomcat-8/v8.5.95/bin/apache-tomcat-8.5.95.exe   (with props)
dev/tomcat/tomcat-8/v8.5.95/bin/apache-tomcat-8.5.95.exe.asc
dev/tomcat/tomcat-8/v8.5.95/bin/apache-tomcat-8.5.95.exe.sha512
dev/tomcat/tomcat-8/v8.5.95/bin/apache-tomcat-8.5.95.tar.gz   (with props)
dev/tomcat/tomcat-8/v8.5.95/bin/apache-tomcat-8.5.95.tar.gz.asc
dev/tomcat/tomcat-8/v8.5.95/bin/apache-tomcat-8.5.95.tar.gz.sha512
dev/tomcat/tomcat-8/v8.5.95/bin/apache-tomcat-8.5.95.zip   (with props)
dev/tomcat/tomcat-8/v8.5.95/bin/apache-tomcat-8.5.95.zip.asc
dev/tomcat/tomcat-8/v8.5.95/bin/apache-tomcat-8.5.95.zip.sha512
dev/tomcat/tomcat-8/v8.5.95/bin/embed/
dev/tomcat/tomcat-8/v8.5.95/bin/embed/apache-tomcat-8.5.95-embed.tar.gz   
(with props)
dev/tomcat/tomcat-8/v8.5.95/bin/embed/apache-tomcat-8.5.95-embed.tar.gz.asc

dev/tomcat/tomcat-8/v8.5.95/bin/embed/apache-tomcat-8.5.95-embed.tar.gz.sha512
dev/tomcat/tomcat-8/v8.5.95/bin/embed/apache-tomcat-8.5.95-embed.zip   
(with props)
dev/tomcat/tomcat-8/v8.5.95/bin/embed/apache-tomcat-8.5.95-embed.zip.asc
dev/tomcat/tomcat-8/v8.5.95/bin/embed/apache-tomcat-8.5.95-embed.zip.sha512
dev/tomcat/tomcat-8/v8.5.95/bin/extras/
dev/tomcat/tomcat-8/v8.5.95/bin/extras/catalina-ws.jar   (with props)
dev/tomcat/tomcat-8/v8.5.95/bin/extras/catalina-ws.jar.asc
dev/tomcat/tomcat-8/v8.5.95/bin/extras/catalina-ws.jar.sha512
dev/tomcat/tomcat-8/v8.5.95/src/
dev/tomcat/tomcat-8/v8.5.95/src/apache-tomcat-8.5.95-src.tar.gz   (with 
props)
dev/tomcat/tomcat-8/v8.5.95/src/apache-tomcat-8.5.95-src.tar.gz.asc
dev/tomcat/tomcat-8/v8.5.95/src/apache-tomcat-8.5.95-src.tar.gz.sha512
dev/tomcat/tomcat-8/v8.5.95/src/apache-tomcat-8.5.95-src.zip   (with props)
dev/tomcat/tomcat-8/v8.5.95/src/apache-tomcat-8.5.95-src.zip.asc
dev/tomcat/tomcat-8/v8.5.95/src/apache-tomcat-8.5.95-src.zip.sha512

Added: dev/tomcat/tomcat-8/v8.5.95/KEYS
==
--- dev/tomcat/tomcat-8/v8.5.95/KEYS (added)
+++ dev/tomcat/tomcat-8/v8.5.95/KEYS Thu Oct 12 01:26:29 2023
@@ -0,0 +1,785 @@
+This file contains the PGP keys of various Apache developers.
+Please don't use them for email unless you have to. Their main
+purpose is code signing.
+
+Apache users: pgp < KEYS
+Apache developers:
+(pgpk -ll  && pgpk -xa ) >> this file.
+  or
+(gpg --fingerprint --list-sigs 
+ && gpg --armor --export ) >> this file.
+
+Apache developers: please ensure that your key is also available via the
+PGP keyservers (such as pgpkeys.mit.edu).
+
+
+Type Bits/KeyIDDate   User ID
+pub  2048/F22C4FED 2001/07/02 Andy Armstrong 
+
+-BEGIN PGP PUBLIC KEY BLOCK-
+Version: PGPfreeware 7.0.3 for non-commercial use 
+
+mQGiBDtAWuURBADZ0KUEyUkSUiTA09e7tvEbX25STsjxrR+DNTainCls+XlkVOij
+gBv216lqge9tIsS0L6hCP4OQbFf/64qVtJssX4QXdyiZGb5wpmcj0Mz602Ew8r+N
+I0S5NvmogoYWW7BlP4r61jNxO5zrr03KaijM5r4ipJdLUxyOmM6P2jRPUwCg/5gm
+bpqiYl7pXX5FgDeB36tmD+UD/06iLqOnoiKO0vMbOk7URclhCObMNrHqxTxozMTS
+B9soYURbIeArei+plYo2n+1qB12ayybjhVu3uksXRdT9bEkyxMfslvLbIpDAG8Cz
+gNftTbKx/MVS7cQU0II8BKo2Akr+1FZah+sD4ovK8SfkMXUQUbTeefTntsAQKyyU
+9M9tA/9on9tBiHFl0qVJht6N4GiJ2G689v7rS2giLgKjetjiCduxBXEgvUSuyQID
+nF9ATrpXjITwsRlGKFmpZiFm5oCeCXihIVH0u6q066xNW2AXkLVoJ1l1Rs2Z0lsb

[Bug 67675] Tomcat and/or Java do not read encrypted private keys with DES-EDE3-CBC generated by openssl-req(1)

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=67675

--- Comment #2 from Michael Osipov  ---
Switched to:
openssl genrsa -out key.crt -aes128 -passout file:key-password 4096
openssl req -x509 -key key.crt -out cert.crt -sha256 -days 5 -passout
file:key-password

Now I see:
11-Oct-2023 09:34:54.412 SCHWERWIEGEND [main]
org.apache.catalina.util.LifecycleBase.handleSubClassException Failed to
initialize component [Connector["https-jsse-nio-20001"]]
org.apache.catalina.LifecycleException: Protocol handler initialization
failed
at
org.apache.catalina.connector.Connector.initInternal(Connector.java:1011)
at
org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:127)
at
org.apache.catalina.core.StandardService.initInternal(StandardService.java:554)
at
org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:127)
at
org.apache.catalina.core.StandardServer.initInternal(StandardServer.java:1039)
at
org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:127)
at org.apache.catalina.startup.Catalina.load(Catalina.java:724)
at org.apache.catalina.startup.Catalina.load(Catalina.java:746)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at
org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:307)
at
org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:477)
Caused by: java.lang.IllegalArgumentException: Cannot find any provider
supporting AES-128-CBC
at
org.apache.tomcat.util.net.AbstractJsseEndpoint.createSSLContext(AbstractJsseEndpoint.java:107)
at
org.apache.tomcat.util.net.AbstractJsseEndpoint.initialiseSsl(AbstractJsseEndpoint.java:71)
at
org.apache.tomcat.util.net.NioEndpoint.bind(NioEndpoint.java:236)
at
org.apache.tomcat.util.net.AbstractEndpoint.bindWithCleanup(AbstractEndpoint.java:1326)
at
org.apache.tomcat.util.net.AbstractEndpoint.init(AbstractEndpoint.java:1339)
at
org.apache.coyote.AbstractProtocol.init(AbstractProtocol.java:654)
at
org.apache.coyote.http11.AbstractHttp11Protocol.init(AbstractHttp11Protocol.java:75)
at
org.apache.catalina.connector.Connector.initInternal(Connector.java:1009)
... 13 more
Caused by: java.security.NoSuchAlgorithmException: Cannot find any
provider supporting AES-128-CBC
at javax.crypto.Cipher.getInstance(Cipher.java:543)
at
org.apache.tomcat.util.net.jsse.PEMFile$Part.toPrivateKey(PEMFile.java:292)
at
org.apache.tomcat.util.net.jsse.PEMFile.(PEMFile.java:186)
at
org.apache.tomcat.util.net.jsse.PEMFile.(PEMFile.java:107)
at
org.apache.tomcat.util.net.SSLUtilBase.getKeyManagers(SSLUtilBase.java:355)
at
org.apache.tomcat.util.net.SSLUtilBase.createSSLContext(SSLUtilBase.java:268)
at
org.apache.tomcat.util.net.AbstractJsseEndpoint.createSSLContext(AbstractJsseEndpoint.java:105)
... 20 more

Seems not to be sufficient. It needs now:
mv key.crt key-rsa.crt
cp key-password key-password.2
openssl pkcs8 -in key-rsa.crt -out key.crt -topk8 -passin file:key-password
-outform pem -passout file:key-password.2
openssl req -x509 -key key.crt -out cert.crt -sha256 -days 5 -passout
file:key-password

Quite some obstacles for users...

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 67675] Tomcat and/or Java do not read encrypted private keys with DES-EDE3-CBC generated by openssl-req(1)

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=67675

--- Comment #1 from Michael Osipov  ---
This applies from Java 8 to 21.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 67675] Tomcat or Java do not read encrypted private keys with DES-EDE3-CBC by openssl-req(1)

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=67675

Michael Osipov  changed:

   What|Removed |Added

 CC||micha...@apache.org

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 67675] Tomcat and/or Java do not read encrypted private keys with DES-EDE3-CBC generated by openssl-req(1)

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=67675

Michael Osipov  changed:

   What|Removed |Added

Summary|Tomcat or Java do not read  |Tomcat and/or Java do not
   |encrypted private keys with |read encrypted private keys
   |DES-EDE3-CBC by |with DES-EDE3-CBC generated
   |openssl-req(1)  |by openssl-req(1)

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 67675] New: Tomcat or Java do not read encrypted private keys with DES-EDE3-CBC by openssl-req(1)

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=67675

Bug ID: 67675
   Summary: Tomcat or Java do not read encrypted private keys with
DES-EDE3-CBC by openssl-req(1)
   Product: Tomcat 9
   Version: 9.0.81
  Hardware: All
OS: All
Status: NEW
  Severity: normal
  Priority: P2
 Component: Catalina
  Assignee: dev@tomcat.apache.org
  Reporter: micha...@apache.org
  Target Milestone: -

Generate a cert/key pair with OpenSSL:
openssl req -x509 -newkey rsa:4096 -keyout key.crt -out cert.crt -sha256 -days
5 -passout file:key-password

This key will have DES-EDE3-CBC as encryption algorithm by default
(1.2.840.113549.3.7).

Load this:





Tomcat will say:
10-Oct-2023 21:02:12.966 SCHWERWIEGEND [Catalina-utility-1]
org.apache.catalina.security.TLSCertificateReloadListener.checkCertificatesForRenewal
[Connector["https-jsse-nio-20001"]], TLS virtual host [_default_] reload of TLS
configuration failed
java.lang.IllegalArgumentException: PBE parameter parsing error:
expecting the object identifier for AES cipher
at
org.apache.tomcat.util.net.AbstractJsseEndpoint.createSSLContext(AbstractJsseEndpoint.java:107)
at
org.apache.tomcat.util.net.AbstractEndpoint.addSslHostConfig(AbstractEndpoint.java:280)
at
org.apache.coyote.http11.AbstractHttp11Protocol.addSslHostConfig(AbstractHttp11Protocol.java:798)
at
org.apache.catalina.security.TLSCertificateReloadListener.checkCertificatesForRenewal(TLSCertificateReloadListener.java:152)
at
org.apache.catalina.security.TLSCertificateReloadListener.lifecycleEvent(TLSCertificateReloadListener.java:116)
at
org.apache.catalina.util.LifecycleBase.fireLifecycleEvent(LifecycleBase.java:114)
at
org.apache.catalina.core.StandardServer.lambda$startPeriodicLifecycleEvent$0(StandardServer.java:943)
at
java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
at
java.util.concurrent.FutureTask.runAndReset(FutureTask.java:308)
at
java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.access$301(ScheduledThreadPoolExecutor.java:180)
at
java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:294)
at
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
at
org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
at java.lang.Thread.run(Thread.java:750)
Caused by: java.io.IOException: PBE parameter parsing error: expecting
the object identifier for AES cipher
at
com.sun.crypto.provider.PBES2Parameters.parseES(PBES2Parameters.java:381)
at
com.sun.crypto.provider.PBES2Parameters.engineInit(PBES2Parameters.java:284)
at
java.security.AlgorithmParameters.init(AlgorithmParameters.java:293)
at
sun.security.x509.AlgorithmId.decodeParams(AlgorithmId.java:151)
at sun.security.x509.AlgorithmId.(AlgorithmId.java:133)
at sun.security.x509.AlgorithmId.parse(AlgorithmId.java:413)
at
javax.crypto.EncryptedPrivateKeyInfo.(EncryptedPrivateKeyInfo.java:98)
at
org.apache.tomcat.util.net.jsse.PEMFile$Part.toPrivateKey(PEMFile.java:245)
at
org.apache.tomcat.util.net.jsse.PEMFile.(PEMFile.java:178)
at
org.apache.tomcat.util.net.jsse.PEMFile.(PEMFile.java:107)
at
org.apache.tomcat.util.net.SSLUtilBase.getKeyManagers(SSLUtilBase.java:355)
at
org.apache.tomcat.util.net.SSLUtilBase.createSSLContext(SSLUtilBase.java:268)
at
org.apache.tomcat.util.net.AbstractJsseEndpoint.createSSLContext(AbstractJsseEndpoint.java:105)
... 14 more

The reason is that Java does not support non-AES encrypted keys at least in
this class. I won't argue why OpenSSL does use this as default or whether 3DES
is secure or not. Just stating facts.

openssl-req(1) does not provide the option to pass the algorithm, one must
generate the key separately then invoke another command to create the pair.

A few references on the topic:
* https://bugs.openjdk.org/browse/JDK-8221936
* https://commandlinefanatic.com/cgi-bin/showarticle.cgi?article=art050
* https://stackoverflow.com/a/60020403/696632
* https://security.stackexchange.com/q/92593/298430
* https://github.com/openssl/openssl/issues/7313
* https://github.com/openssl/openssl/issues/5258

I think we have two options:
(a) Maybe we can put more effort into our code to read such keys and pass on to
JSSE
(b) Document that this combination is not

svn commit: r64437 [1/2] - in /dev/tomcat/tomcat-8/v8.5.94: ./ bin/ bin/embed/ bin/extras/ src/

[schultz]

Author: schultz
Date: Mon Oct  9 21:33:56 2023
New Revision: 64437

Log:
Upload 8.5.94 for voting

Added:
dev/tomcat/tomcat-8/v8.5.94/
dev/tomcat/tomcat-8/v8.5.94/KEYS
dev/tomcat/tomcat-8/v8.5.94/README.html
dev/tomcat/tomcat-8/v8.5.94/RELEASE-NOTES
dev/tomcat/tomcat-8/v8.5.94/bin/
dev/tomcat/tomcat-8/v8.5.94/bin/README.html
dev/tomcat/tomcat-8/v8.5.94/bin/apache-tomcat-8.5.94-deployer.tar.gz   
(with props)
dev/tomcat/tomcat-8/v8.5.94/bin/apache-tomcat-8.5.94-deployer.tar.gz.asc
dev/tomcat/tomcat-8/v8.5.94/bin/apache-tomcat-8.5.94-deployer.tar.gz.sha512
dev/tomcat/tomcat-8/v8.5.94/bin/apache-tomcat-8.5.94-deployer.zip   (with 
props)
dev/tomcat/tomcat-8/v8.5.94/bin/apache-tomcat-8.5.94-deployer.zip.asc
dev/tomcat/tomcat-8/v8.5.94/bin/apache-tomcat-8.5.94-deployer.zip.sha512
dev/tomcat/tomcat-8/v8.5.94/bin/apache-tomcat-8.5.94-fulldocs.tar.gz   
(with props)
dev/tomcat/tomcat-8/v8.5.94/bin/apache-tomcat-8.5.94-fulldocs.tar.gz.asc
dev/tomcat/tomcat-8/v8.5.94/bin/apache-tomcat-8.5.94-fulldocs.tar.gz.sha512
dev/tomcat/tomcat-8/v8.5.94/bin/apache-tomcat-8.5.94-windows-x64.zip   
(with props)
dev/tomcat/tomcat-8/v8.5.94/bin/apache-tomcat-8.5.94-windows-x64.zip.asc
dev/tomcat/tomcat-8/v8.5.94/bin/apache-tomcat-8.5.94-windows-x64.zip.sha512
dev/tomcat/tomcat-8/v8.5.94/bin/apache-tomcat-8.5.94-windows-x86.zip   
(with props)
dev/tomcat/tomcat-8/v8.5.94/bin/apache-tomcat-8.5.94-windows-x86.zip.asc
dev/tomcat/tomcat-8/v8.5.94/bin/apache-tomcat-8.5.94-windows-x86.zip.sha512
dev/tomcat/tomcat-8/v8.5.94/bin/apache-tomcat-8.5.94.exe   (with props)
dev/tomcat/tomcat-8/v8.5.94/bin/apache-tomcat-8.5.94.exe.asc
dev/tomcat/tomcat-8/v8.5.94/bin/apache-tomcat-8.5.94.exe.sha512
dev/tomcat/tomcat-8/v8.5.94/bin/apache-tomcat-8.5.94.tar.gz   (with props)
dev/tomcat/tomcat-8/v8.5.94/bin/apache-tomcat-8.5.94.tar.gz.asc
dev/tomcat/tomcat-8/v8.5.94/bin/apache-tomcat-8.5.94.tar.gz.sha512
dev/tomcat/tomcat-8/v8.5.94/bin/apache-tomcat-8.5.94.zip   (with props)
dev/tomcat/tomcat-8/v8.5.94/bin/apache-tomcat-8.5.94.zip.asc
dev/tomcat/tomcat-8/v8.5.94/bin/apache-tomcat-8.5.94.zip.sha512
dev/tomcat/tomcat-8/v8.5.94/bin/embed/
dev/tomcat/tomcat-8/v8.5.94/bin/embed/apache-tomcat-8.5.94-embed.tar.gz   
(with props)
dev/tomcat/tomcat-8/v8.5.94/bin/embed/apache-tomcat-8.5.94-embed.tar.gz.asc

dev/tomcat/tomcat-8/v8.5.94/bin/embed/apache-tomcat-8.5.94-embed.tar.gz.sha512
dev/tomcat/tomcat-8/v8.5.94/bin/embed/apache-tomcat-8.5.94-embed.zip   
(with props)
dev/tomcat/tomcat-8/v8.5.94/bin/embed/apache-tomcat-8.5.94-embed.zip.asc
dev/tomcat/tomcat-8/v8.5.94/bin/embed/apache-tomcat-8.5.94-embed.zip.sha512
dev/tomcat/tomcat-8/v8.5.94/bin/extras/
dev/tomcat/tomcat-8/v8.5.94/bin/extras/catalina-ws.jar   (with props)
dev/tomcat/tomcat-8/v8.5.94/bin/extras/catalina-ws.jar.asc
dev/tomcat/tomcat-8/v8.5.94/bin/extras/catalina-ws.jar.sha512
dev/tomcat/tomcat-8/v8.5.94/src/
dev/tomcat/tomcat-8/v8.5.94/src/apache-tomcat-8.5.94-src.tar.gz   (with 
props)
dev/tomcat/tomcat-8/v8.5.94/src/apache-tomcat-8.5.94-src.tar.gz.asc
dev/tomcat/tomcat-8/v8.5.94/src/apache-tomcat-8.5.94-src.tar.gz.sha512
dev/tomcat/tomcat-8/v8.5.94/src/apache-tomcat-8.5.94-src.zip   (with props)
dev/tomcat/tomcat-8/v8.5.94/src/apache-tomcat-8.5.94-src.zip.asc
dev/tomcat/tomcat-8/v8.5.94/src/apache-tomcat-8.5.94-src.zip.sha512

Added: dev/tomcat/tomcat-8/v8.5.94/KEYS
==
--- dev/tomcat/tomcat-8/v8.5.94/KEYS (added)
+++ dev/tomcat/tomcat-8/v8.5.94/KEYS Mon Oct  9 21:33:56 2023
@@ -0,0 +1,785 @@
+This file contains the PGP keys of various Apache developers.
+Please don't use them for email unless you have to. Their main
+purpose is code signing.
+
+Apache users: pgp < KEYS
+Apache developers:
+(pgpk -ll  && pgpk -xa ) >> this file.
+  or
+(gpg --fingerprint --list-sigs 
+ && gpg --armor --export ) >> this file.
+
+Apache developers: please ensure that your key is also available via the
+PGP keyservers (such as pgpkeys.mit.edu).
+
+
+Type Bits/KeyIDDate   User ID
+pub  2048/F22C4FED 2001/07/02 Andy Armstrong 
+
+-BEGIN PGP PUBLIC KEY BLOCK-
+Version: PGPfreeware 7.0.3 for non-commercial use 
+
+mQGiBDtAWuURBADZ0KUEyUkSUiTA09e7tvEbX25STsjxrR+DNTainCls+XlkVOij
+gBv216lqge9tIsS0L6hCP4OQbFf/64qVtJssX4QXdyiZGb5wpmcj0Mz602Ew8r+N
+I0S5NvmogoYWW7BlP4r61jNxO5zrr03KaijM5r4ipJdLUxyOmM6P2jRPUwCg/5gm
+bpqiYl7pXX5FgDeB36tmD+UD/06iLqOnoiKO0vMbOk7URclhCObMNrHqxTxozMTS
+B9soYURbIeArei+plYo2n+1qB12ayybjhVu3uksXRdT9bEkyxMfslvLbIpDAG8Cz
+gNftTbKx/MVS7cQU0II8BKo2Akr+1FZah+sD4ovK8SfkMXUQUbTeefTntsAQKyyU
+9M9tA/9on9tBiHFl0qVJht6N4GiJ2G689v7rS2giLgKjetjiCduxBXEgvUSuyQID
+nF9ATrpXjITwsRlGKFmpZiFm5oCeCXihIVH0u6q066xNW2AXkLVoJ1l1Rs2Z0lsb

[tomcat] 01/04: Improve alignment with Commons FileUpload 1.x

[markt]

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git

commit a8e5f828605001dd53110c172f474d7bfe74
Author: Mark Thomas 
AuthorDate: Fri Sep 15 22:43:39 2023 +0100

Improve alignment with Commons FileUpload 1.x
---
 .../tomcat/util/http/fileupload/FileUploadBase.java   |  7 +++
 .../tomcat/util/http/fileupload/disk/DiskFileItem.java|  6 ++
 .../util/http/fileupload/disk/DiskFileItemFactory.java|  2 +-
 .../http/fileupload/servlet/ServletRequestContext.java|  4 +---
 .../apache/tomcat/util/http/fileupload/util/Streams.java  |  6 +++---
 .../util/http/fileupload/util/mime/RFC2231Utility.java| 15 +++
 6 files changed, 17 insertions(+), 23 deletions(-)

diff --git a/java/org/apache/tomcat/util/http/fileupload/FileUploadBase.java 
b/java/org/apache/tomcat/util/http/fileupload/FileUploadBase.java
index d527313723..b9f5cfe174 100644
--- a/java/org/apache/tomcat/util/http/fileupload/FileUploadBase.java
+++ b/java/org/apache/tomcat/util/http/fileupload/FileUploadBase.java
@@ -196,11 +196,11 @@ public abstract class FileUploadBase {
 }
 
 /**
- * Sets the maximum number of files allowed per request/
+ * Sets the maximum number of files allowed per request.
  *
  * @param fileCountMax The new limit. {@code -1} means no limit.
  */
-public void setFileCountMax(long fileCountMax) {
+public void setFileCountMax(final long fileCountMax) {
 this.fileCountMax = fileCountMax;
 }
 
@@ -507,8 +507,7 @@ public abstract class FileUploadBase {
 return;
 }
 final String headerName = header.substring(0, colonOffset).trim();
-final String headerValue =
-header.substring(colonOffset + 1).trim();
+final String headerValue = header.substring(colonOffset + 1).trim();
 headers.addHeader(headerName, headerValue);
 }
 
diff --git a/java/org/apache/tomcat/util/http/fileupload/disk/DiskFileItem.java 
b/java/org/apache/tomcat/util/http/fileupload/disk/DiskFileItem.java
index f748680f86..b02edb35e1 100644
--- a/java/org/apache/tomcat/util/http/fileupload/disk/DiskFileItem.java
+++ b/java/org/apache/tomcat/util/http/fileupload/disk/DiskFileItem.java
@@ -396,8 +396,7 @@ public class DiskFileItem
  * desired file.
  */
 if (file.exists() && !file.delete()) {
-throw new FileUploadException(
-"Cannot write uploaded file to disk!");
+throw new FileUploadException("Cannot write uploaded file to 
disk!");
 }
 if (!outputFile.renameTo(file)) {
 BufferedInputStream in = null;
@@ -586,8 +585,7 @@ public class DiskFileItem
 @Override
 public String toString() {
 return String.format("name=%s, StoreLocation=%s, size=%s bytes, 
isFormField=%s, FieldName=%s",
-  getName(), getStoreLocation(), Long.valueOf(getSize()),
-  Boolean.valueOf(isFormField()), getFieldName());
+getName(), getStoreLocation(), Long.valueOf(getSize()), 
Boolean.valueOf(isFormField()), getFieldName());
 }
 
 /**
diff --git 
a/java/org/apache/tomcat/util/http/fileupload/disk/DiskFileItemFactory.java 
b/java/org/apache/tomcat/util/http/fileupload/disk/DiskFileItemFactory.java
index aad8795615..8ec7f9df55 100644
--- a/java/org/apache/tomcat/util/http/fileupload/disk/DiskFileItemFactory.java
+++ b/java/org/apache/tomcat/util/http/fileupload/disk/DiskFileItemFactory.java
@@ -178,7 +178,7 @@ public class DiskFileItemFactory implements FileItemFactory 
{
  */
 @Override
 public FileItem createItem(final String fieldName, final String 
contentType,
-final boolean isFormField, final String fileName) {
+final boolean isFormField, final String fileName) {
 final DiskFileItem result = new DiskFileItem(fieldName, contentType,
 isFormField, fileName, sizeThreshold, repository);
 result.setDefaultCharset(defaultCharset);
diff --git 
a/java/org/apache/tomcat/util/http/fileupload/servlet/ServletRequestContext.java
 
b/java/org/apache/tomcat/util/http/fileupload/servlet/ServletRequestContext.java
index abf400836d..3eb51f9a9a 100644
--- 
a/java/org/apache/tomcat/util/http/fileupload/servlet/ServletRequestContext.java
+++ 
b/java/org/apache/tomcat/util/http/fileupload/servlet/ServletRequestContext.java
@@ -24,7 +24,6 @@ import jakarta.servlet.http.HttpServletRequest;
 import org.apache.tomcat.util.http.fileupload.FileUploadBase;
 import org.apache.tomcat.util.http.fileupload.UploadContext;
 
-
 /**
  * Provides access to the request information needed for a request made to
  * an HTTP servlet.
@@ -110,8 +109,7 @@ public class ServletRequestContext implements UploadContext 
{
 @Override
 public String toSt

[tomcat] 01/04: Improve alignment with Commons FileUpload 1.x

[markt]

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 10.1.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git

commit ff9771421a1a3989a9e4d618848aa32483d660ab
Author: Mark Thomas 
AuthorDate: Fri Sep 15 22:43:39 2023 +0100

Improve alignment with Commons FileUpload 1.x
---
 .../tomcat/util/http/fileupload/FileUploadBase.java   |  7 +++
 .../tomcat/util/http/fileupload/disk/DiskFileItem.java|  6 ++
 .../util/http/fileupload/disk/DiskFileItemFactory.java|  2 +-
 .../http/fileupload/servlet/ServletRequestContext.java|  4 +---
 .../apache/tomcat/util/http/fileupload/util/Streams.java  |  6 +++---
 .../util/http/fileupload/util/mime/RFC2231Utility.java| 15 +++
 6 files changed, 17 insertions(+), 23 deletions(-)

diff --git a/java/org/apache/tomcat/util/http/fileupload/FileUploadBase.java 
b/java/org/apache/tomcat/util/http/fileupload/FileUploadBase.java
index d527313723..b9f5cfe174 100644
--- a/java/org/apache/tomcat/util/http/fileupload/FileUploadBase.java
+++ b/java/org/apache/tomcat/util/http/fileupload/FileUploadBase.java
@@ -196,11 +196,11 @@ public abstract class FileUploadBase {
 }
 
 /**
- * Sets the maximum number of files allowed per request/
+ * Sets the maximum number of files allowed per request.
  *
  * @param fileCountMax The new limit. {@code -1} means no limit.
  */
-public void setFileCountMax(long fileCountMax) {
+public void setFileCountMax(final long fileCountMax) {
 this.fileCountMax = fileCountMax;
 }
 
@@ -507,8 +507,7 @@ public abstract class FileUploadBase {
 return;
 }
 final String headerName = header.substring(0, colonOffset).trim();
-final String headerValue =
-header.substring(colonOffset + 1).trim();
+final String headerValue = header.substring(colonOffset + 1).trim();
 headers.addHeader(headerName, headerValue);
 }
 
diff --git a/java/org/apache/tomcat/util/http/fileupload/disk/DiskFileItem.java 
b/java/org/apache/tomcat/util/http/fileupload/disk/DiskFileItem.java
index f748680f86..b02edb35e1 100644
--- a/java/org/apache/tomcat/util/http/fileupload/disk/DiskFileItem.java
+++ b/java/org/apache/tomcat/util/http/fileupload/disk/DiskFileItem.java
@@ -396,8 +396,7 @@ public class DiskFileItem
  * desired file.
  */
 if (file.exists() && !file.delete()) {
-throw new FileUploadException(
-"Cannot write uploaded file to disk!");
+throw new FileUploadException("Cannot write uploaded file to 
disk!");
 }
 if (!outputFile.renameTo(file)) {
 BufferedInputStream in = null;
@@ -586,8 +585,7 @@ public class DiskFileItem
 @Override
 public String toString() {
 return String.format("name=%s, StoreLocation=%s, size=%s bytes, 
isFormField=%s, FieldName=%s",
-  getName(), getStoreLocation(), Long.valueOf(getSize()),
-  Boolean.valueOf(isFormField()), getFieldName());
+getName(), getStoreLocation(), Long.valueOf(getSize()), 
Boolean.valueOf(isFormField()), getFieldName());
 }
 
 /**
diff --git 
a/java/org/apache/tomcat/util/http/fileupload/disk/DiskFileItemFactory.java 
b/java/org/apache/tomcat/util/http/fileupload/disk/DiskFileItemFactory.java
index aad8795615..8ec7f9df55 100644
--- a/java/org/apache/tomcat/util/http/fileupload/disk/DiskFileItemFactory.java
+++ b/java/org/apache/tomcat/util/http/fileupload/disk/DiskFileItemFactory.java
@@ -178,7 +178,7 @@ public class DiskFileItemFactory implements FileItemFactory 
{
  */
 @Override
 public FileItem createItem(final String fieldName, final String 
contentType,
-final boolean isFormField, final String fileName) {
+final boolean isFormField, final String fileName) {
 final DiskFileItem result = new DiskFileItem(fieldName, contentType,
 isFormField, fileName, sizeThreshold, repository);
 result.setDefaultCharset(defaultCharset);
diff --git 
a/java/org/apache/tomcat/util/http/fileupload/servlet/ServletRequestContext.java
 
b/java/org/apache/tomcat/util/http/fileupload/servlet/ServletRequestContext.java
index abf400836d..3eb51f9a9a 100644
--- 
a/java/org/apache/tomcat/util/http/fileupload/servlet/ServletRequestContext.java
+++ 
b/java/org/apache/tomcat/util/http/fileupload/servlet/ServletRequestContext.java
@@ -24,7 +24,6 @@ import jakarta.servlet.http.HttpServletRequest;
 import org.apache.tomcat.util.http.fileupload.FileUploadBase;
 import org.apache.tomcat.util.http.fileupload.UploadContext;
 
-
 /**
  * Provides access to the request information needed for a request made to
  * an HTTP servlet.
@@ -110,8 +109,7 @@ public class ServletRequestContext implements UploadContext 
{
 @Override
 public String toSt

[tomcat] 01/05: Improve alignment with Commons FileUpload 1.x

[markt]

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git

commit 6b31b66171cf18c4e5feb23b6f123c4001cfc131
Author: Mark Thomas 
AuthorDate: Fri Sep 15 22:43:39 2023 +0100

Improve alignment with Commons FileUpload 1.x
---
 .../tomcat/util/http/fileupload/FileUploadBase.java   |  7 +++
 .../tomcat/util/http/fileupload/disk/DiskFileItem.java|  6 ++
 .../util/http/fileupload/disk/DiskFileItemFactory.java|  2 +-
 .../util/http/fileupload/servlet/ServletFileUpload.java   |  1 -
 .../http/fileupload/servlet/ServletRequestContext.java|  4 +---
 .../apache/tomcat/util/http/fileupload/util/Streams.java  |  9 -
 .../util/http/fileupload/util/mime/RFC2231Utility.java| 15 +++
 7 files changed, 18 insertions(+), 26 deletions(-)

diff --git a/java/org/apache/tomcat/util/http/fileupload/FileUploadBase.java 
b/java/org/apache/tomcat/util/http/fileupload/FileUploadBase.java
index 4c61fa718c..c17eb978af 100644
--- a/java/org/apache/tomcat/util/http/fileupload/FileUploadBase.java
+++ b/java/org/apache/tomcat/util/http/fileupload/FileUploadBase.java
@@ -221,11 +221,11 @@ public abstract class FileUploadBase {
 }
 
 /**
- * Sets the maximum number of files allowed per request/
+ * Sets the maximum number of files allowed per request.
  *
  * @param fileCountMax The new limit. {@code -1} means no limit.
  */
-public void setFileCountMax(long fileCountMax) {
+public void setFileCountMax(final long fileCountMax) {
 this.fileCountMax = fileCountMax;
 }
 
@@ -560,8 +560,7 @@ public abstract class FileUploadBase {
 return;
 }
 final String headerName = header.substring(0, colonOffset).trim();
-final String headerValue =
-header.substring(colonOffset + 1).trim();
+final String headerValue = header.substring(colonOffset + 1).trim();
 headers.addHeader(headerName, headerValue);
 }
 
diff --git a/java/org/apache/tomcat/util/http/fileupload/disk/DiskFileItem.java 
b/java/org/apache/tomcat/util/http/fileupload/disk/DiskFileItem.java
index ccf937c410..e8fdb67b9c 100644
--- a/java/org/apache/tomcat/util/http/fileupload/disk/DiskFileItem.java
+++ b/java/org/apache/tomcat/util/http/fileupload/disk/DiskFileItem.java
@@ -398,8 +398,7 @@ public class DiskFileItem
  * desired file.
  */
 if (file.exists() && !file.delete()) {
-throw new FileUploadException(
-"Cannot write uploaded file to disk!");
+throw new FileUploadException("Cannot write uploaded file to 
disk!");
 }
 if (!outputFile.renameTo(file)) {
 BufferedInputStream in = null;
@@ -588,8 +587,7 @@ public class DiskFileItem
 @Override
 public String toString() {
 return String.format("name=%s, StoreLocation=%s, size=%s bytes, 
isFormField=%s, FieldName=%s",
-  getName(), getStoreLocation(), Long.valueOf(getSize()),
-  Boolean.valueOf(isFormField()), getFieldName());
+getName(), getStoreLocation(), Long.valueOf(getSize()), 
Boolean.valueOf(isFormField()), getFieldName());
 }
 
 /**
diff --git 
a/java/org/apache/tomcat/util/http/fileupload/disk/DiskFileItemFactory.java 
b/java/org/apache/tomcat/util/http/fileupload/disk/DiskFileItemFactory.java
index 43e766e83c..a6bd67e943 100644
--- a/java/org/apache/tomcat/util/http/fileupload/disk/DiskFileItemFactory.java
+++ b/java/org/apache/tomcat/util/http/fileupload/disk/DiskFileItemFactory.java
@@ -178,7 +178,7 @@ public class DiskFileItemFactory implements FileItemFactory 
{
  */
 @Override
 public FileItem createItem(final String fieldName, final String 
contentType,
-final boolean isFormField, final String fileName) {
+final boolean isFormField, final String fileName) {
 final DiskFileItem result = new DiskFileItem(fieldName, contentType,
 isFormField, fileName, sizeThreshold, repository);
 result.setDefaultCharset(defaultCharset);
diff --git 
a/java/org/apache/tomcat/util/http/fileupload/servlet/ServletFileUpload.java 
b/java/org/apache/tomcat/util/http/fileupload/servlet/ServletFileUpload.java
index 268bad8e1b..e2d074c3df 100644
--- a/java/org/apache/tomcat/util/http/fileupload/servlet/ServletFileUpload.java
+++ b/java/org/apache/tomcat/util/http/fileupload/servlet/ServletFileUpload.java
@@ -29,7 +29,6 @@ import org.apache.tomcat.util.http.fileupload.FileUpload;
 import org.apache.tomcat.util.http.fileupload.FileUploadBase;
 import org.apache.tomcat.util.http.fileupload.FileUploadException;
 
-
 /**
  * High level API for processing file uploads.
  *
diff --git 
a/java/org/apache/tomcat/util/http/fileupload/servlet/ServletRequestContext.java
 
b/java/

[tomcat] 01/04: Improve alignment with Commons FileUpload 1.x

[markt]

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git

commit 991dd7d482ddf0b72374d284e3c0276ff806c788
Author: Mark Thomas 
AuthorDate: Fri Sep 15 22:43:39 2023 +0100

Improve alignment with Commons FileUpload 1.x
---
 .../tomcat/util/http/fileupload/FileUploadBase.java   |  7 +++
 .../tomcat/util/http/fileupload/disk/DiskFileItem.java|  6 ++
 .../util/http/fileupload/disk/DiskFileItemFactory.java|  2 +-
 .../util/http/fileupload/servlet/ServletFileUpload.java   |  1 -
 .../http/fileupload/servlet/ServletRequestContext.java|  4 +---
 .../apache/tomcat/util/http/fileupload/util/Streams.java  |  9 -
 .../util/http/fileupload/util/mime/RFC2231Utility.java| 15 +++
 7 files changed, 18 insertions(+), 26 deletions(-)

diff --git a/java/org/apache/tomcat/util/http/fileupload/FileUploadBase.java 
b/java/org/apache/tomcat/util/http/fileupload/FileUploadBase.java
index d8dbd691f8..51bcc9c3f4 100644
--- a/java/org/apache/tomcat/util/http/fileupload/FileUploadBase.java
+++ b/java/org/apache/tomcat/util/http/fileupload/FileUploadBase.java
@@ -221,11 +221,11 @@ public abstract class FileUploadBase {
 }
 
 /**
- * Sets the maximum number of files allowed per request/
+ * Sets the maximum number of files allowed per request.
  *
  * @param fileCountMax The new limit. {@code -1} means no limit.
  */
-public void setFileCountMax(long fileCountMax) {
+public void setFileCountMax(final long fileCountMax) {
 this.fileCountMax = fileCountMax;
 }
 
@@ -565,8 +565,7 @@ public abstract class FileUploadBase {
 return;
 }
 final String headerName = header.substring(0, colonOffset).trim();
-final String headerValue =
-header.substring(colonOffset + 1).trim();
+final String headerValue = header.substring(colonOffset + 1).trim();
 headers.addHeader(headerName, headerValue);
 }
 
diff --git a/java/org/apache/tomcat/util/http/fileupload/disk/DiskFileItem.java 
b/java/org/apache/tomcat/util/http/fileupload/disk/DiskFileItem.java
index 228a061de7..bc886495be 100644
--- a/java/org/apache/tomcat/util/http/fileupload/disk/DiskFileItem.java
+++ b/java/org/apache/tomcat/util/http/fileupload/disk/DiskFileItem.java
@@ -395,8 +395,7 @@ public class DiskFileItem
  * desired file.
  */
 if (file.exists() && !file.delete()) {
-throw new FileUploadException(
-"Cannot write uploaded file to disk!");
+throw new FileUploadException("Cannot write uploaded file to 
disk!");
 }
 if (!outputFile.renameTo(file)) {
 BufferedInputStream in = null;
@@ -585,8 +584,7 @@ public class DiskFileItem
 @Override
 public String toString() {
 return String.format("name=%s, StoreLocation=%s, size=%s bytes, 
isFormField=%s, FieldName=%s",
-  getName(), getStoreLocation(), Long.valueOf(getSize()),
-  Boolean.valueOf(isFormField()), getFieldName());
+getName(), getStoreLocation(), Long.valueOf(getSize()), 
Boolean.valueOf(isFormField()), getFieldName());
 }
 
 /**
diff --git 
a/java/org/apache/tomcat/util/http/fileupload/disk/DiskFileItemFactory.java 
b/java/org/apache/tomcat/util/http/fileupload/disk/DiskFileItemFactory.java
index 43e766e83c..a6bd67e943 100644
--- a/java/org/apache/tomcat/util/http/fileupload/disk/DiskFileItemFactory.java
+++ b/java/org/apache/tomcat/util/http/fileupload/disk/DiskFileItemFactory.java
@@ -178,7 +178,7 @@ public class DiskFileItemFactory implements FileItemFactory 
{
  */
 @Override
 public FileItem createItem(final String fieldName, final String 
contentType,
-final boolean isFormField, final String fileName) {
+final boolean isFormField, final String fileName) {
 final DiskFileItem result = new DiskFileItem(fieldName, contentType,
 isFormField, fileName, sizeThreshold, repository);
 result.setDefaultCharset(defaultCharset);
diff --git 
a/java/org/apache/tomcat/util/http/fileupload/servlet/ServletFileUpload.java 
b/java/org/apache/tomcat/util/http/fileupload/servlet/ServletFileUpload.java
index 268bad8e1b..e2d074c3df 100644
--- a/java/org/apache/tomcat/util/http/fileupload/servlet/ServletFileUpload.java
+++ b/java/org/apache/tomcat/util/http/fileupload/servlet/ServletFileUpload.java
@@ -29,7 +29,6 @@ import org.apache.tomcat.util.http.fileupload.FileUpload;
 import org.apache.tomcat.util.http.fileupload.FileUploadBase;
 import org.apache.tomcat.util.http.fileupload.FileUploadException;
 
-
 /**
  * High level API for processing file uploads.
  *
diff --git 
a/java/org/apache/tomcat/util/http/fileupload/servlet/ServletRequestContext.java
 
b/java/

svn commit: r1912268 [1/5] - in /tomcat/site/trunk/docs/connectors-doc: ./ ajp/ common_howto/ miscellaneous/ news/ reference/ webserver_howto/

[markt]

mailcc2=1emailtype2=substringemail2=bugidtype=includebug_id=votes=chfieldfrom=chfieldto=Nowchfieldvalue=cmdtype=doitorder=Reuse+same+sort+as+last+timefield0-0-0=nooptype0-0-0=noopvalue0-0-0=">Current
 Tomcat Connectors bugsContribute documentationJK Status Ant TasksReporting Toolshttp://tomcat.apache.org/connectors-doc-archive/jk2/index.html;>Old 
JK/JK2 documentationNews2018201620152014201220112010200920082007200620052004Timeouts HowToIntroduction 
+The Apache Tomcat Connectors - Common HowTo (1.2.49) - 
Timeouts HowTohttp://tomcat.apache.org/;>https://www.apache.org/; target="_blank">The Apache Tomcat Connectors - Common 
HowTo
+Version 1.2.49,
+Sep 12 2023LinksDocs HomeCommon 
HowToQuick 
StartAll About 
WorkersTimeoutsLoad BalancingReverse ProxyWeb 
Server HowToApache HTTP 
Server (mod_jk)Microsoft IIS 
(ISAPI redirector)Reference Guideworkers.propertiesuriworkermap.propertiesStatus WorkerApache HTTP Server (mod_jk)Microsoft IIS (ISAPI 
redirector)AJP Protocol ReferenceAJPv13 (ajp13)AJPv13 Extension 
ProposalMiscellaneous DocumentationFrequently Asked QuestionsChangeloghttp://issues.apache.org/bugzilla/buglist.cgi?query_format=advancedshort_desc_type=allwordssubstrshort_desc=product=Tomcat+Connectorslong_desc_type=substringlong_desc=bug_file_loc_type=allwordssubstrbug_file_loc=keywords_type=allwordskeywords=bug_status=NEWbug_status=ASSIGNEDbug_
 
status=REOPENEDemailassigned_to1=1emailtype1=substringemail1=emailassigned_to2=1emailreporter2=1emailcc2=1emailtype2=substringemail2=bugidtype=includebug_id=votes=chfieldfrom=chfieldto=Nowchfieldvalue=cmdtype=doitorder=Reuse+same+sort+as+last+timefield0-0-0=nooptype0-0-0=noopvalue0-0-0=">Current
 Tomcat Connectors bugsContribute documentationJK Status Ant TasksReporting 
ToolsNews202320202018201620152014201220112010200920082007200620052004Timeouts HowToIntroduction 
 Setting communication timeouts is very important to improve the
 communication process. They help to detect problems and stabilise
 a distributed system. JK can use several different timeout types, which
@@ -193,9 +193,8 @@ attribute connection_pool_size. W
 to use this attribute in combination with Apache HTTP Server. For
 Apache we automatically detect the number of threads per
 process and set the maximum pool size to this value. For Microsoft IIS we use
-a default value of 250 (before version 1.2.20: 10),
-for the iPlanet Web Server the default is "1".
-We strongly recommend adjusting this value for IIS and the iPlanet Web Server
+a default value of 250 (before version 1.2.20: 10).
+We strongly recommend adjusting this value for IIS
 to the number of requests one web server process should
 be able to send to a backend in parallel. You should measure how many 
connections
 you need during peak hours without performance problems, and then add some
@@ -369,5 +368,5 @@ with ping_mode and ping_timeou
 
 
 
-Copyright  1999-2020, The Apache Software Foundation
-  
\ No newline at end of file
+Copyright  1999-2023, The Apache Software Foundation
+
\ No newline at end of file

Modified: tomcat/site/trunk/docs/connectors-doc/common_howto/workers.html
URL: 
http://svn.apache.org/viewvc/tomcat/site/trunk/docs/connectors-doc/common_howto/workers.html?rev=1912268=1912267=1912268=diff
==
--- tomcat/site/trunk/docs/connectors-doc/common_howto/workers.html (original)
+++ tomcat/site/trunk/docs/connectors-doc/common_howto/workers.html Tue Sep 12 
19:18:35 2023
@@ -1,7 +1,7 @@
 
-The Apache Tomcat Connectors - Common HowTo (1.2.48) - 
Workers HowTohttp://tomcat.apache.org/;>https://www.apache.org/; target="_blank">The Apache Tomcat Connectors - Common 
HowTo
-  Version 1.2.48,
-  Mar 9 2020LinksDocs HomeCommon 
HowToQuick 
StartAll About 
WorkersTimeoutsLoad BalancingReverse ProxyWeb 
Server HowToApache HTTP 
Server (mod_jk)Microsoft IIS 
(ISAPI redirector)iPlanet 
Web Server (NSAPI redirector)Reference 
Guide<
 li>workers.propertiesuriworkermap.propertiesStatus WorkerApache HTTP Server (mod_jk)Microsoft IIS (ISAPI 
redirector)AJP Protocol ReferenceAJPv13 (ajp13)AJPv13 Extension 
ProposalMiscellaneous DocumentationFrequently Asked QuestionsChangeloghttp://issues.apache.org/bugzilla/buglist.cgi?query_format=advancedshort_desc_type=allwordssubstrshort_desc=product=Tomcat+Connectorslong_desc_type=substringlong_desc=bug_file_loc_type=allwordssubstrbug_file_loc=key
 
words_type=allwordskeywords=bug_status=NEWbug_status=ASSIGNEDbug_status=REOPENEDemailassigned_to1=1emailtype1=substringemail1=emailassigned_to2=1emailreporter2=1emailcc2=1emailtype2=substringemail2=bugidtype=includebug_id=votes=chfieldfrom=chfieldto=Nowchfieldvalue=cmdtype=doitorder=Reuse+same+sort+as+last+timefield0-0-0=nooptype0-0-0=noopvalue0-0-0=">Current
 Tomcat Connectors bugsContribute documentationJK Status Ant TasksReporting Toolshttp://tomcat.apache.

[Bug 67065] Using "::1" to bind to all local addresses (IPV4 and IPV6)

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=67065

--- Comment #5 from Mark Thomas  ---
Same problem. The only values that allow binding of multiple addresses are "::"
and "0.0.0.0". Anything else needs to be done individually.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 67065] Using "::1" to bind to all local addresses (IPV4 and IPV6)

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=67065

--- Comment #4 from Christopher Schultz  ---
Aha. What if the enhancement request were to be re-worded to be "use ::1 as an
alias for both ::1 and 127.0.0.1 as appropriate"? Instead of "all local
addresses" which may be a little ambiguous. "Loopback" may be a better term to
use, but the idea is to not have to configure two separate s.

Is this possible? Or would it basically require Tomcat to clone the 
and bind each separately to the individual loopback addresses? That would be
pretty cool, but there is always the possibility of a "competing" 
configured elsewhere and so it's better to solve this with (additional)
configuration and not code.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 67065] Using "::1" to bind to all local addresses (IPV4 and IPV6)

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=67065

--- Comment #3 from Mark Thomas  ---
:: and 0.0.0.0 are special cases for "all addresses". There is no equivalent
for "all local addresses"

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 67065] Using "::1" to bind to all local addresses (IPV4 and IPV6)

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=67065

--- Comment #2 from Christopher Schultz  ---
:/

The "address" attribute for the AJP connector is documented[1] to have this
behavior for the Java-based connectors. Is the documentation wrong, there, or
it indeed possible to bind to "all local addresses" in the way described there?

[1] https://tomcat.apache.org/tomcat-8.5-doc/config/ajp.html, search for "For
servers with more than one IP address"

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 67065] Using "::1" to bind to all local addresses (IPV4 and IPV6)

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=67065

Mark Thomas  changed:

   What|Removed |Added

 Status|NEW |RESOLVED
 Resolution|--- |WONTFIX

--- Comment #1 from Mark Thomas  ---
Not possible with the Java Socket API.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 67065] Using "::1" to bind to all local addresses (IPV4 and IPV6)

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=67065

Amit Pande  changed:

   What|Removed |Added

   Severity|normal  |enhancement
 OS||All

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 67065] New: Using "::1" to bind to all local addresses (IPV4 and IPV6)

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=67065

Bug ID: 67065
   Summary: Using "::1" to bind to all local addresses (IPV4 and
IPV6)
   Product: Tomcat 9
   Version: 9.0.78
  Hardware: PC
Status: NEW
  Severity: normal
  Priority: P2
 Component: Connectors
  Assignee: dev@tomcat.apache.org
  Reporter: amit.pa...@veritas.com
  Target Milestone: -

Reference thread:

https://lists.apache.org/thread/d7ppg7mpvzb1cmjfnhqrqnjs5v94zw6l


Main problem statement:

By default, the Tomcat HTTP connectors bind to all local interfaces (including
public interfaces).  If we need to bind to only local loopback addresses,
currently we need to define two connectors with everything else identical but
only address attribute being different (::1 for IPv6 and 127.0.0.1 for IPv4).

It would be handy if we could use an address like ::1 to bind to all local
interfaces (IPv4 and IPv6). This will ensure only one connector configuration
is sufficient to bind to only local interfaces (IPv4 and IPv6).

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

svn commit: r63606 [1/2] - in /dev/tomcat/tomcat-8/v8.5.93: ./ bin/ bin/embed/ bin/extras/ src/

[markt]

Author: markt
Date: Wed Aug 23 22:54:38 2023
New Revision: 63606

Log:
Upload 8.5.93 for voting

Added:
dev/tomcat/tomcat-8/v8.5.93/
dev/tomcat/tomcat-8/v8.5.93/KEYS
dev/tomcat/tomcat-8/v8.5.93/README.html
dev/tomcat/tomcat-8/v8.5.93/RELEASE-NOTES
dev/tomcat/tomcat-8/v8.5.93/bin/
dev/tomcat/tomcat-8/v8.5.93/bin/README.html
dev/tomcat/tomcat-8/v8.5.93/bin/apache-tomcat-8.5.93-deployer.tar.gz   
(with props)
dev/tomcat/tomcat-8/v8.5.93/bin/apache-tomcat-8.5.93-deployer.tar.gz.asc
dev/tomcat/tomcat-8/v8.5.93/bin/apache-tomcat-8.5.93-deployer.tar.gz.sha512
dev/tomcat/tomcat-8/v8.5.93/bin/apache-tomcat-8.5.93-deployer.zip   (with 
props)
dev/tomcat/tomcat-8/v8.5.93/bin/apache-tomcat-8.5.93-deployer.zip.asc
dev/tomcat/tomcat-8/v8.5.93/bin/apache-tomcat-8.5.93-deployer.zip.sha512
dev/tomcat/tomcat-8/v8.5.93/bin/apache-tomcat-8.5.93-fulldocs.tar.gz   
(with props)
dev/tomcat/tomcat-8/v8.5.93/bin/apache-tomcat-8.5.93-fulldocs.tar.gz.asc
dev/tomcat/tomcat-8/v8.5.93/bin/apache-tomcat-8.5.93-fulldocs.tar.gz.sha512
dev/tomcat/tomcat-8/v8.5.93/bin/apache-tomcat-8.5.93-windows-x64.zip   
(with props)
dev/tomcat/tomcat-8/v8.5.93/bin/apache-tomcat-8.5.93-windows-x64.zip.asc
dev/tomcat/tomcat-8/v8.5.93/bin/apache-tomcat-8.5.93-windows-x64.zip.sha512
dev/tomcat/tomcat-8/v8.5.93/bin/apache-tomcat-8.5.93-windows-x86.zip   
(with props)
dev/tomcat/tomcat-8/v8.5.93/bin/apache-tomcat-8.5.93-windows-x86.zip.asc
dev/tomcat/tomcat-8/v8.5.93/bin/apache-tomcat-8.5.93-windows-x86.zip.sha512
dev/tomcat/tomcat-8/v8.5.93/bin/apache-tomcat-8.5.93.exe   (with props)
dev/tomcat/tomcat-8/v8.5.93/bin/apache-tomcat-8.5.93.exe.asc
dev/tomcat/tomcat-8/v8.5.93/bin/apache-tomcat-8.5.93.exe.sha512
dev/tomcat/tomcat-8/v8.5.93/bin/apache-tomcat-8.5.93.tar.gz   (with props)
dev/tomcat/tomcat-8/v8.5.93/bin/apache-tomcat-8.5.93.tar.gz.asc
dev/tomcat/tomcat-8/v8.5.93/bin/apache-tomcat-8.5.93.tar.gz.sha512
dev/tomcat/tomcat-8/v8.5.93/bin/apache-tomcat-8.5.93.zip   (with props)
dev/tomcat/tomcat-8/v8.5.93/bin/apache-tomcat-8.5.93.zip.asc
dev/tomcat/tomcat-8/v8.5.93/bin/apache-tomcat-8.5.93.zip.sha512
dev/tomcat/tomcat-8/v8.5.93/bin/embed/
dev/tomcat/tomcat-8/v8.5.93/bin/embed/apache-tomcat-8.5.93-embed.tar.gz   
(with props)
dev/tomcat/tomcat-8/v8.5.93/bin/embed/apache-tomcat-8.5.93-embed.tar.gz.asc

dev/tomcat/tomcat-8/v8.5.93/bin/embed/apache-tomcat-8.5.93-embed.tar.gz.sha512
dev/tomcat/tomcat-8/v8.5.93/bin/embed/apache-tomcat-8.5.93-embed.zip   
(with props)
dev/tomcat/tomcat-8/v8.5.93/bin/embed/apache-tomcat-8.5.93-embed.zip.asc
dev/tomcat/tomcat-8/v8.5.93/bin/embed/apache-tomcat-8.5.93-embed.zip.sha512
dev/tomcat/tomcat-8/v8.5.93/bin/extras/
dev/tomcat/tomcat-8/v8.5.93/bin/extras/catalina-ws.jar   (with props)
dev/tomcat/tomcat-8/v8.5.93/bin/extras/catalina-ws.jar.asc
dev/tomcat/tomcat-8/v8.5.93/bin/extras/catalina-ws.jar.sha512
dev/tomcat/tomcat-8/v8.5.93/src/
dev/tomcat/tomcat-8/v8.5.93/src/apache-tomcat-8.5.93-src.tar.gz   (with 
props)
dev/tomcat/tomcat-8/v8.5.93/src/apache-tomcat-8.5.93-src.tar.gz.asc
dev/tomcat/tomcat-8/v8.5.93/src/apache-tomcat-8.5.93-src.tar.gz.sha512
dev/tomcat/tomcat-8/v8.5.93/src/apache-tomcat-8.5.93-src.zip   (with props)
dev/tomcat/tomcat-8/v8.5.93/src/apache-tomcat-8.5.93-src.zip.asc
dev/tomcat/tomcat-8/v8.5.93/src/apache-tomcat-8.5.93-src.zip.sha512

Added: dev/tomcat/tomcat-8/v8.5.93/KEYS
==
--- dev/tomcat/tomcat-8/v8.5.93/KEYS (added)
+++ dev/tomcat/tomcat-8/v8.5.93/KEYS Wed Aug 23 22:54:38 2023
@@ -0,0 +1,785 @@
+This file contains the PGP keys of various Apache developers.
+Please don't use them for email unless you have to. Their main
+purpose is code signing.
+
+Apache users: pgp < KEYS
+Apache developers:
+(pgpk -ll  && pgpk -xa ) >> this file.
+  or
+(gpg --fingerprint --list-sigs 
+ && gpg --armor --export ) >> this file.
+
+Apache developers: please ensure that your key is also available via the
+PGP keyservers (such as pgpkeys.mit.edu).
+
+
+Type Bits/KeyIDDate   User ID
+pub  2048/F22C4FED 2001/07/02 Andy Armstrong 
+
+-BEGIN PGP PUBLIC KEY BLOCK-
+Version: PGPfreeware 7.0.3 for non-commercial use 
+
+mQGiBDtAWuURBADZ0KUEyUkSUiTA09e7tvEbX25STsjxrR+DNTainCls+XlkVOij
+gBv216lqge9tIsS0L6hCP4OQbFf/64qVtJssX4QXdyiZGb5wpmcj0Mz602Ew8r+N
+I0S5NvmogoYWW7BlP4r61jNxO5zrr03KaijM5r4ipJdLUxyOmM6P2jRPUwCg/5gm
+bpqiYl7pXX5FgDeB36tmD+UD/06iLqOnoiKO0vMbOk7URclhCObMNrHqxTxozMTS
+B9soYURbIeArei+plYo2n+1qB12ayybjhVu3uksXRdT9bEkyxMfslvLbIpDAG8Cz
+gNftTbKx/MVS7cQU0II8BKo2Akr+1FZah+sD4ovK8SfkMXUQUbTeefTntsAQKyyU
+9M9tA/9on9tBiHFl0qVJht6N4GiJ2G689v7rS2giLgKjetjiCduxBXEgvUSuyQID
+nF9ATrpXjITwsRlGKFmpZiFm5oCeCXihIVH0u6q066xNW2AXkLVoJ1l1Rs2Z0lsb