This commit is contained in:
Fridrich Strba
Git OBS Bridge
parent
6bc85246b3
commit
dc50fb9b4f
@ -1,3 +0,0 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:28db36e1f1440c8517513a282f71383d825fe1383d8e5317e22e5122803c40ca
|
||||
size 6042010
|
||||
@ -1,16 +0,0 @@
|
||||
-----BEGIN PGP SIGNATURE-----
|
||||
|
||||
iQIzBAABCAAdFiEEqcXfTSLpmZjZh1pREMAcWi9gWecFAmATIH8ACgkQEMAcWi9g
|
||||
Wecu9hAAhNGHtILVHGLWoqGJPVC29l2kgXiDshkFbgHKxeR6K5kooaxIB0N9QGGb
|
||||
9H/BEwM92Kdl2VwQwtZBrW+x+worRQWIAHLCS9KF/UaVMLSIO54E5+aeJ6+vgBPC
|
||||
AQdIn2mZ4o4RtUfYWsGgtPrQvGR/M+VSLKALn6SeB9O60zHrDvgpdVp0coFw0aIY
|
||||
mi0HWsfoZltGTqscsgVEsSvolkvo7Au0c9DAGVGSLzhavlHT3Wnvsg8RuQ+oV2G+
|
||||
aX1R1J7xuPyDxrvLHShOu9ERxxHmEIgJ5/wrWgGUEwJJQmSAqFQHW7q1kswOmL5a
|
||||
mfWYSsqrqcsc+8QI6oYnVfN6Yu/Podcb1Tbs0elYdn+rEU0j73j6gGITSzSFokkZ
|
||||
2tueXJ/U5rHthWMiL8xLZXp9RpOzGgpo91TY3qSHsvpVi7HSX9kLsUq4gHFPDehF
|
||||
s+5ycfYy+fzsRUs6Fsa/2FfRIy9zEatzcjX2yvFCjBaeKbv8cRixeVCqsERopIwW
|
||||
5hwh1hmqQNn4FuOS/Ei03QkRHGPHWhrBU5GS0ZEruhUNfc4kfogBBsaUBQkfv94C
|
||||
EScu+rTeOSEv4exWAH/IiaOHPPYQTH9RXJ+aPbZpZ+7BOzpYU30hFGZwhRli1hqa
|
||||
Ib7wuGMQXfNJQ8ndAlzPIMjp12dLOYeOeoRqHK5duaXfK9e+WN8=
|
||||
=KHse
|
||||
-----END PGP SIGNATURE-----
|
||||
3
apache-tomcat-9.0.75-src.tar.gz
Normal file
3
apache-tomcat-9.0.75-src.tar.gz
Normal file
@ -0,0 +1,3 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:35fee3552179eb0ee1ed3b0ec4785d94b9e7402bb23f1aeb223178b7e4645a82
|
||||
size 6241477
|
||||
16
apache-tomcat-9.0.75-src.tar.gz.asc
Normal file
16
apache-tomcat-9.0.75-src.tar.gz.asc
Normal file
@ -0,0 +1,16 @@
|
||||
-----BEGIN PGP SIGNATURE-----
|
||||
|
||||
iQIzBAABCAAdFiEESPjmn2OQyfJc/tzSaCSJWTWecisFAmRTrhwACgkQaCSJWTWe
|
||||
cisKuA/+IQFNKHTyMq7uCBmSMpfqzdFH6tE3MiUFAvHfNE7MuYBtyCFkTmryNP2j
|
||||
wAHuvT8qJYyglhTkP6Ra+4EipLltAZEPF6a5K9PYQEtCmEo0BlpJq8Bln0Re8nzs
|
||||
z1JEPsPlIlJkx3utfX+QSVn9/roTK+RdP0x4FMxD7Ujg00UOZ1kr5Z+VY4ArT3QC
|
||||
H2yriYiPAk5WX2ovtyhvnF606TcZGU9wUcUVaQMNDETjmFD4aS7PuhcwpNU/ZbS9
|
||||
vB8psCwb75U1iOE9oRfXDQbxvOAUhcAJPPVaS88I0iDNYlp870l/nUCTotFm14yG
|
||||
uHXEE/XDVN2aojLH302AxZjTbXqXAga5TBT0aFAL3UWzqdz9UA/2sZqbjr0gN4U6
|
||||
ggZ6wc8B1CqzuT7xFOI+ugMNokXt4CZdZ4bjFLfRCU8ZEpIoPsW6f6vtVRKUwAU2
|
||||
1Fr/XsGnTwVcIvnlD0PrLd4RGRqgdAzhIXZ5+q//1ls/hEXDx63AkYkv0T6AtaFn
|
||||
tuoLXcF7plWAQXHq+qKtjWIKjLDItZAEpvLI3Jd3Nf9cJgS+qiyCfijh9Z9y24ts
|
||||
FgcYFPVxbDMsv4nEPdHDRw9rwx0AJzLSw4XofrBiw3uEYvUbV+zJQSxzNa2hPAGd
|
||||
IJEADr8Ou1JLg5HgH7qVyx94ifeOKocBOoO3RhTMP6lOJN0cJ3E=
|
||||
=bv2c
|
||||
-----END PGP SIGNATURE-----
|
||||
File diff suppressed because it is too large
Load Diff
@ -1,195 +0,0 @@
|
||||
Index: apache-tomcat-9.0.43-src/java/org/apache/coyote/http11/Http11Processor.java
|
||||
===================================================================
|
||||
--- apache-tomcat-9.0.43-src.orig/java/org/apache/coyote/http11/Http11Processor.java
|
||||
+++ apache-tomcat-9.0.43-src/java/org/apache/coyote/http11/Http11Processor.java
|
||||
@@ -212,11 +212,8 @@ public class Http11Processor extends Abs
|
||||
|
||||
// Parsing trims and converts to lower case.
|
||||
|
||||
- if (encodingName.equals("identity")) {
|
||||
- // Skip
|
||||
- } else if (encodingName.equals("chunked")) {
|
||||
- inputBuffer.addActiveFilter
|
||||
- (inputFilters[Constants.CHUNKED_FILTER]);
|
||||
+ if (encodingName.equals("chunked")) {
|
||||
+ inputBuffer.addActiveFilter(inputFilters[Constants.CHUNKED_FILTER]);
|
||||
contentDelimitation = true;
|
||||
} else {
|
||||
for (int i = pluggableFilterIndex; i < inputFilters.length; i++) {
|
||||
@@ -753,13 +750,14 @@ public class Http11Processor extends Abs
|
||||
InputFilter[] inputFilters = inputBuffer.getFilters();
|
||||
|
||||
// Parse transfer-encoding header
|
||||
- if (http11) {
|
||||
+ // HTTP specs say an HTTP 1.1 server should accept any recognised
|
||||
+ // HTTP 1.x header from a 1.x client unless the specs says otherwise.
|
||||
+ if (!http09) {
|
||||
MessageBytes transferEncodingValueMB = headers.getValue("transfer-encoding");
|
||||
if (transferEncodingValueMB != null) {
|
||||
List<String> encodingNames = new ArrayList<>();
|
||||
if (TokenList.parseTokenList(headers.values("transfer-encoding"), encodingNames)) {
|
||||
for (String encodingName : encodingNames) {
|
||||
- // "identity" codings are ignored
|
||||
addInputFilter(inputFilters, encodingName);
|
||||
}
|
||||
} else {
|
||||
Index: apache-tomcat-9.0.43-src/test/org/apache/coyote/http11/TestHttp11Processor.java
|
||||
===================================================================
|
||||
--- apache-tomcat-9.0.43-src.orig/test/org/apache/coyote/http11/TestHttp11Processor.java
|
||||
+++ apache-tomcat-9.0.43-src/test/org/apache/coyote/http11/TestHttp11Processor.java
|
||||
@@ -254,31 +254,6 @@ public class TestHttp11Processor extends
|
||||
|
||||
|
||||
@Test
|
||||
- public void testWithTEIdentity() throws Exception {
|
||||
- getTomcatInstanceTestWebapp(false, true);
|
||||
-
|
||||
- String request =
|
||||
- "POST /test/echo-params.jsp HTTP/1.1" + SimpleHttpClient.CRLF +
|
||||
- "Host: any" + SimpleHttpClient.CRLF +
|
||||
- "Transfer-encoding: identity" + SimpleHttpClient.CRLF +
|
||||
- "Content-Length: 9" + SimpleHttpClient.CRLF +
|
||||
- "Content-Type: application/x-www-form-urlencoded" +
|
||||
- SimpleHttpClient.CRLF +
|
||||
- "Connection: close" + SimpleHttpClient.CRLF +
|
||||
- SimpleHttpClient.CRLF +
|
||||
- "test=data";
|
||||
-
|
||||
- Client client = new Client(getPort());
|
||||
- client.setRequest(new String[] {request});
|
||||
-
|
||||
- client.connect();
|
||||
- client.processRequest();
|
||||
- Assert.assertTrue(client.isResponse200());
|
||||
- Assert.assertTrue(client.getResponseBody().contains("test - data"));
|
||||
- }
|
||||
-
|
||||
-
|
||||
- @Test
|
||||
public void testWithTESavedRequest() throws Exception {
|
||||
getTomcatInstanceTestWebapp(false, true);
|
||||
|
||||
@@ -1859,4 +1834,102 @@ public class TestHttp11Processor extends
|
||||
// NO-OP
|
||||
}
|
||||
}
|
||||
+
|
||||
+
|
||||
+ @Test
|
||||
+ public void testTEHeaderUnknown01() throws Exception {
|
||||
+ doTestTEHeaderUnknown("identity");
|
||||
+ }
|
||||
+
|
||||
+
|
||||
+ @Test
|
||||
+ public void testTEHeaderUnknown02() throws Exception {
|
||||
+ doTestTEHeaderUnknown("identity, chunked");
|
||||
+ }
|
||||
+
|
||||
+
|
||||
+ @Test
|
||||
+ public void testTEHeaderUnknown03() throws Exception {
|
||||
+ doTestTEHeaderUnknown("unknown, chunked");
|
||||
+ }
|
||||
+
|
||||
+
|
||||
+ @Test
|
||||
+ public void testTEHeaderUnknown04() throws Exception {
|
||||
+ doTestTEHeaderUnknown("void");
|
||||
+ }
|
||||
+
|
||||
+
|
||||
+ @Test
|
||||
+ public void testTEHeaderUnknown05() throws Exception {
|
||||
+ doTestTEHeaderUnknown("void, chunked");
|
||||
+ }
|
||||
+
|
||||
+
|
||||
+ @Test
|
||||
+ public void testTEHeaderUnknown06() throws Exception {
|
||||
+ doTestTEHeaderUnknown("void, identity");
|
||||
+ }
|
||||
+
|
||||
+
|
||||
+ @Test
|
||||
+ public void testTEHeaderUnknown07() throws Exception {
|
||||
+ doTestTEHeaderUnknown("identity, void");
|
||||
+ }
|
||||
+
|
||||
+
|
||||
+ private void doTestTEHeaderUnknown(String headerValue) throws Exception {
|
||||
+ Tomcat tomcat = getTomcatInstance();
|
||||
+
|
||||
+ // No file system docBase required
|
||||
+ Context ctx = tomcat.addContext("", null);
|
||||
+
|
||||
+ // Add servlet
|
||||
+ Tomcat.addServlet(ctx, "TesterServlet", new TesterServlet(false));
|
||||
+ ctx.addServletMappingDecoded("/foo", "TesterServlet");
|
||||
+
|
||||
+ tomcat.start();
|
||||
+
|
||||
+ String request =
|
||||
+ "GET /foo HTTP/1.1" + SimpleHttpClient.CRLF +
|
||||
+ "Host: localhost:" + getPort() + SimpleHttpClient.CRLF +
|
||||
+ "Transfer-Encoding: " + headerValue + SimpleHttpClient.CRLF +
|
||||
+ SimpleHttpClient.CRLF;
|
||||
+
|
||||
+ Client client = new Client(tomcat.getConnector().getLocalPort());
|
||||
+ client.setRequest(new String[] {request});
|
||||
+
|
||||
+ client.connect();
|
||||
+ client.processRequest(false);
|
||||
+
|
||||
+ Assert.assertTrue(client.isResponse501());
|
||||
+ }
|
||||
+
|
||||
+
|
||||
+ @Test
|
||||
+ public void testWithTEChunkedHttp10() throws Exception {
|
||||
+
|
||||
+ getTomcatInstanceTestWebapp(false, true);
|
||||
+
|
||||
+ String request =
|
||||
+ "POST /test/echo-params.jsp HTTP/1.0" + SimpleHttpClient.CRLF +
|
||||
+ "Host: any" + SimpleHttpClient.CRLF +
|
||||
+ "Transfer-encoding: chunked" + SimpleHttpClient.CRLF +
|
||||
+ "Content-Type: application/x-www-form-urlencoded" +
|
||||
+ SimpleHttpClient.CRLF +
|
||||
+ "Connection: close" + SimpleHttpClient.CRLF +
|
||||
+ SimpleHttpClient.CRLF +
|
||||
+ "9" + SimpleHttpClient.CRLF +
|
||||
+ "test=data" + SimpleHttpClient.CRLF +
|
||||
+ "0" + SimpleHttpClient.CRLF +
|
||||
+ SimpleHttpClient.CRLF;
|
||||
+
|
||||
+ Client client = new Client(getPort());
|
||||
+ client.setRequest(new String[] {request});
|
||||
+
|
||||
+ client.connect();
|
||||
+ client.processRequest();
|
||||
+ Assert.assertTrue(client.isResponse200());
|
||||
+ Assert.assertTrue(client.getResponseBody().contains("test - data"));
|
||||
+ }
|
||||
}
|
||||
Index: apache-tomcat-9.0.43-src/webapps/docs/changelog.xml
|
||||
===================================================================
|
||||
--- apache-tomcat-9.0.43-src.orig/webapps/docs/changelog.xml
|
||||
+++ apache-tomcat-9.0.43-src/webapps/docs/changelog.xml
|
||||
@@ -347,6 +347,16 @@
|
||||
connections are attempted and fail. Patch provided by Maurizio Adami.
|
||||
(markt)
|
||||
</fix>
|
||||
+ <fix>
|
||||
+ Remove support for the <code>identity</code> transfer encoding. The
|
||||
+ inclusion of this encoding in RFC 2616 was an error that was corrected
|
||||
+ in 2001. Requests using this transfer encoding will now receive a 501
|
||||
+ response. (markt)
|
||||
+ </fix>
|
||||
+ <fix>
|
||||
+ Process transfer encoding headers from both HTTP 1.0 and HTTP 1.1
|
||||
+ clients. (markt)
|
||||
+ </fix>
|
||||
</changelog>
|
||||
</subsection>
|
||||
<subsection name="Web applications">
|
||||
@ -1,55 +0,0 @@
|
||||
From d4b340fa8feaf55831f9a59350578f7b6ca048b8 Mon Sep 17 00:00:00 2001
|
||||
From: Mark Thomas <markt@apache.org>
|
||||
Date: Wed, 3 Mar 2021 12:00:46 +0000
|
||||
Subject: [PATCH] Improve robustness
|
||||
|
||||
---
|
||||
.../apache/tomcat/util/net/openssl/LocalStrings.properties | 1 +
|
||||
java/org/apache/tomcat/util/net/openssl/OpenSSLEngine.java | 6 ++++--
|
||||
webapps/docs/changelog.xml | 4 ++++
|
||||
3 files changed, 9 insertions(+), 2 deletions(-)
|
||||
|
||||
Index: apache-tomcat-9.0.43-src/java/org/apache/tomcat/util/net/openssl/LocalStrings.properties
|
||||
===================================================================
|
||||
--- apache-tomcat-9.0.43-src.orig/java/org/apache/tomcat/util/net/openssl/LocalStrings.properties
|
||||
+++ apache-tomcat-9.0.43-src/java/org/apache/tomcat/util/net/openssl/LocalStrings.properties
|
||||
@@ -17,6 +17,7 @@ engine.ciphersFailure=Failed getting cip
|
||||
engine.emptyCipherSuite=Empty cipher suite
|
||||
engine.engineClosed=Engine is closed
|
||||
engine.failedCipherSuite=Failed to enable cipher suite [{0}]
|
||||
+engine.failedToReadAvailableBytes=There are plain text bytes available to read but no bytes were read
|
||||
engine.inboundClose=Inbound closed before receiving peer's close_notify
|
||||
engine.invalidBufferArray=offset: [{0}], length: [{1}] (expected: offset <= offset + length <= srcs.length [{2}])
|
||||
engine.invalidDestinationBuffersState=The state of the destination buffers changed concurrently while unwrapping bytes
|
||||
Index: apache-tomcat-9.0.43-src/java/org/apache/tomcat/util/net/openssl/OpenSSLEngine.java
|
||||
===================================================================
|
||||
--- apache-tomcat-9.0.43-src.orig/java/org/apache/tomcat/util/net/openssl/OpenSSLEngine.java
|
||||
+++ apache-tomcat-9.0.43-src/java/org/apache/tomcat/util/net/openssl/OpenSSLEngine.java
|
||||
@@ -592,8 +592,10 @@ public final class OpenSSLEngine extends
|
||||
throw new SSLException(e);
|
||||
}
|
||||
|
||||
- if (bytesRead == 0) {
|
||||
- break;
|
||||
+ if (bytesRead <= 0) {
|
||||
+ // This should not be possible. pendingApp is positive
|
||||
+ // therefore the read should have read at least one byte.
|
||||
+ throw new IllegalStateException(sm.getString("engine.failedToReadAvailableBytes"));
|
||||
}
|
||||
|
||||
bytesProduced += bytesRead;
|
||||
Index: apache-tomcat-9.0.43-src/webapps/docs/changelog.xml
|
||||
===================================================================
|
||||
--- apache-tomcat-9.0.43-src.orig/webapps/docs/changelog.xml
|
||||
+++ apache-tomcat-9.0.43-src/webapps/docs/changelog.xml
|
||||
@@ -173,6 +173,10 @@
|
||||
the access log file, include information on the current user in the
|
||||
associated log message (markt)
|
||||
</fix>
|
||||
+ <fix>
|
||||
+ Make handling of OpenSSL read errors more robust when plain text data is
|
||||
+ reported to be available to read. (markt)
|
||||
+ </fix>
|
||||
</changelog>
|
||||
</subsection>
|
||||
<subsection name="Coyote">
|
||||
@ -1,46 +0,0 @@
|
||||
From 1385c624b4a1e994426e810075c850edc38a700e Mon Sep 17 00:00:00 2001
|
||||
From: Mark Thomas <markt@apache.org>
|
||||
Date: Wed, 12 Jan 2022 11:11:29 +0000
|
||||
Subject: [PATCH] Make calculation of session storage location more robust
|
||||
|
||||
---
|
||||
java/org/apache/catalina/session/FileStore.java | 5 +++--
|
||||
webapps/docs/changelog.xml | 4 ++++
|
||||
2 files changed, 7 insertions(+), 2 deletions(-)
|
||||
|
||||
Index: apache-tomcat-9.0.43-src/java/org/apache/catalina/session/FileStore.java
|
||||
===================================================================
|
||||
--- apache-tomcat-9.0.43-src.orig/java/org/apache/catalina/session/FileStore.java
|
||||
+++ apache-tomcat-9.0.43-src/java/org/apache/catalina/session/FileStore.java
|
||||
@@ -349,13 +349,14 @@ public final class FileStore extends Sto
|
||||
|
||||
String filename = id + FILE_EXT;
|
||||
File file = new File(storageDir, filename);
|
||||
+ File canonicalFile = file.getCanonicalFile();
|
||||
|
||||
// Check the file is within the storage directory
|
||||
- if (!file.getCanonicalFile().toPath().startsWith(storageDir.getCanonicalFile().toPath())) {
|
||||
+ if (!canonicalFile.toPath().startsWith(storageDir.getCanonicalFile().toPath())) {
|
||||
log.warn(sm.getString("fileStore.invalid", file.getPath(), id));
|
||||
return null;
|
||||
}
|
||||
|
||||
- return file;
|
||||
+ return canonicalFile;
|
||||
}
|
||||
}
|
||||
Index: apache-tomcat-9.0.43-src/webapps/docs/changelog.xml
|
||||
===================================================================
|
||||
--- apache-tomcat-9.0.43-src.orig/webapps/docs/changelog.xml
|
||||
+++ apache-tomcat-9.0.43-src/webapps/docs/changelog.xml
|
||||
@@ -118,6 +118,10 @@
|
||||
Expand coverage of unit tests for JNDIRealm using the UnboundID LDAP SDK
|
||||
for Java. (markt)
|
||||
</scode>
|
||||
+ <fix>
|
||||
+ Make the calculation of the session storage location more robust when
|
||||
+ using file based persistent storage. (markt)
|
||||
+ </fix>
|
||||
</changelog>
|
||||
</subsection>
|
||||
<subsection name="Coyote">
|
||||
@ -1,123 +0,0 @@
|
||||
Index: apache-tomcat-9.0.43-src/java/org/apache/catalina/realm/JNDIRealm.java
|
||||
===================================================================
|
||||
--- apache-tomcat-9.0.43-src.orig/java/org/apache/catalina/realm/JNDIRealm.java
|
||||
+++ apache-tomcat-9.0.43-src/java/org/apache/catalina/realm/JNDIRealm.java
|
||||
@@ -2805,6 +2805,9 @@ public class JNDIRealm extends RealmBase
|
||||
* @return String the escaped/encoded result
|
||||
*/
|
||||
protected String doFilterEscaping(String inString) {
|
||||
+ if (inString == null) {
|
||||
+ return null;
|
||||
+ }
|
||||
StringBuilder buf = new StringBuilder(inString.length());
|
||||
for (int i = 0; i < inString.length(); i++) {
|
||||
char c = inString.charAt(i);
|
||||
@@ -2897,6 +2900,9 @@ public class JNDIRealm extends RealmBase
|
||||
* @return The string representation of the attribute value
|
||||
*/
|
||||
protected String doAttributeValueEscaping(String input) {
|
||||
+ if (input == null) {
|
||||
+ return null;
|
||||
+ }
|
||||
int len = input.length();
|
||||
StringBuilder result = new StringBuilder();
|
||||
|
||||
Index: apache-tomcat-9.0.43-src/test/org/apache/catalina/realm/TestJNDIRealmIntegration.java
|
||||
===================================================================
|
||||
--- apache-tomcat-9.0.43-src.orig/test/org/apache/catalina/realm/TestJNDIRealmIntegration.java
|
||||
+++ apache-tomcat-9.0.43-src/test/org/apache/catalina/realm/TestJNDIRealmIntegration.java
|
||||
@@ -56,26 +56,33 @@ public class TestJNDIRealmIntegration {
|
||||
@Parameterized.Parameters(name = "{index}: user[{5}], pwd[{6}]")
|
||||
public static Collection<Object[]> parameters() {
|
||||
List<Object[]> parameterSets = new ArrayList<>();
|
||||
- for (String roleSearch : new String[] { ROLE_SEARCH_A, ROLE_SEARCH_B, ROLE_SEARCH_C }) {
|
||||
- addUsers(USER_PATTERN, null, null, roleSearch, ROLE_BASE, parameterSets);
|
||||
- addUsers(null, USER_SEARCH, USER_BASE, roleSearch, ROLE_BASE, parameterSets);
|
||||
+ for (String userRoleAttribute : new String[] { "cn", null }) {
|
||||
+ for (String roleSearch : new String[] { ROLE_SEARCH_A, ROLE_SEARCH_B, ROLE_SEARCH_C }) {
|
||||
+ if (userRoleAttribute != null) {
|
||||
+ addUsers(USER_PATTERN, null, null, roleSearch, ROLE_BASE, userRoleAttribute, parameterSets);
|
||||
+ addUsers(null, USER_SEARCH, USER_BASE, roleSearch, ROLE_BASE, userRoleAttribute, parameterSets);
|
||||
+ }
|
||||
+ }
|
||||
+ parameterSets.add(new Object[] { "cn={0},ou=s\\;ub,ou=people,dc=example,dc=com", null, null, ROLE_SEARCH_A,
|
||||
+ "{3},ou=people,dc=example,dc=com", "testsub", "test", new String[] { "TestGroup4" },
|
||||
+ userRoleAttribute });
|
||||
}
|
||||
- parameterSets.add(new Object[] { "cn={0},ou=s\\;ub,ou=people,dc=example,dc=com", null, null, ROLE_SEARCH_A,
|
||||
- "{3},ou=people,dc=example,dc=com", "testsub", "test", new String[] {"TestGroup4"} });
|
||||
return parameterSets;
|
||||
}
|
||||
|
||||
|
||||
private static void addUsers(String userPattern, String userSearch, String userBase, String roleSearch,
|
||||
- String roleBase, List<Object[]> parameterSets) {
|
||||
+ String roleBase, String userRoleAttribute, List<Object[]> parameterSets) {
|
||||
parameterSets.add(new Object[] { userPattern, userSearch, userBase, roleSearch, roleBase,
|
||||
- "test", "test", new String[] {"TestGroup"} });
|
||||
+ "test", "test", new String[] {"TestGroup"}, userRoleAttribute });
|
||||
parameterSets.add(new Object[] { userPattern, userSearch, userBase, roleSearch, roleBase,
|
||||
- "t;", "test", new String[] {"TestGroup"} });
|
||||
+ "t;", "test", new String[] {"TestGroup"}, userRoleAttribute });
|
||||
parameterSets.add(new Object[] { userPattern, userSearch, userBase, roleSearch, roleBase,
|
||||
- "t*", "test", new String[] {"TestGroup"} });
|
||||
+ "t*", "test", new String[] {"TestGroup"}, userRoleAttribute });
|
||||
parameterSets.add(new Object[] { userPattern, userSearch, userBase, roleSearch, roleBase,
|
||||
- "t=", "test", new String[] {"Test<Group*2", "Test>Group*3"} });
|
||||
+ "t=", "test", new String[] {"Test<Group*2", "Test>Group*3"}, userRoleAttribute });
|
||||
+ parameterSets.add(new Object[] { userPattern, userSearch, userBase, roleSearch, roleBase,
|
||||
+ "norole", "test", new String[0], userRoleAttribute });
|
||||
}
|
||||
|
||||
|
||||
@@ -95,6 +102,8 @@ public class TestJNDIRealmIntegration {
|
||||
public String credentials;
|
||||
@Parameter(7)
|
||||
public String[] groups;
|
||||
+ @Parameter(8)
|
||||
+ public String realmConfigUserRoleAttribute;
|
||||
|
||||
@Test
|
||||
public void testAuthenication() throws Exception {
|
||||
@@ -105,7 +114,7 @@ public class TestJNDIRealmIntegration {
|
||||
realm.setUserPattern(realmConfigUserPattern);
|
||||
realm.setUserSearch(realmConfigUserSearch);
|
||||
realm.setUserBase(realmConfigUserBase);
|
||||
- realm.setUserRoleAttribute("cn");
|
||||
+ realm.setUserRoleAttribute(realmConfigUserRoleAttribute);
|
||||
realm.setRoleName("cn");
|
||||
realm.setRoleBase(realmConfigRoleBase);
|
||||
realm.setRoleSearch(realmConfigRoleSearch);
|
||||
@@ -197,6 +206,17 @@ public class TestJNDIRealmIntegration {
|
||||
result = conn.processOperation(addUserTestEquals);
|
||||
Assert.assertEquals(ResultCode.SUCCESS, result.getResultCode());
|
||||
|
||||
+ AddRequest addUserNoRole = new AddRequest(
|
||||
+ "dn: cn=norole,ou=people,dc=example,dc=com",
|
||||
+ "objectClass: top",
|
||||
+ "objectClass: person",
|
||||
+ "objectClass: organizationalPerson",
|
||||
+ "cn: norole",
|
||||
+ "sn: No Role",
|
||||
+ "userPassword: test");
|
||||
+ result = conn.processOperation(addUserNoRole);
|
||||
+ Assert.assertEquals(ResultCode.SUCCESS, result.getResultCode());
|
||||
+
|
||||
AddRequest addGroupTest = new AddRequest(
|
||||
"dn: cn=TestGroup,ou=people,dc=example,dc=com",
|
||||
"objectClass: top",
|
||||
Index: apache-tomcat-9.0.43-src/webapps/docs/changelog.xml
|
||||
===================================================================
|
||||
--- apache-tomcat-9.0.43-src.orig/webapps/docs/changelog.xml
|
||||
+++ apache-tomcat-9.0.43-src/webapps/docs/changelog.xml
|
||||
@@ -107,6 +107,10 @@
|
||||
<subsection name="Catalina">
|
||||
<changelog>
|
||||
<fix>
|
||||
+ <bug>63508</bug>: NPE in JNDIRealm when no <code>userRoleAttribute</code>
|
||||
+ is given. (fschumacher)
|
||||
+ </fix>
|
||||
+ <fix>
|
||||
<bug>65106</bug>: Fix the ConfigFileLoader handling of file URIs when
|
||||
running under a security manager on some JREs. (markt)
|
||||
</fix>
|
||||
@ -1,51 +0,0 @@
|
||||
From 8a904f6065080409a1e00606cd7bceec6ad8918c Mon Sep 17 00:00:00 2001
|
||||
From: Mark Thomas <markt@apache.org>
|
||||
Date: Wed, 30 Mar 2022 20:22:49 +0100
|
||||
Subject: [PATCH] Security hardening. Deprecate getResources() and always
|
||||
return null.
|
||||
|
||||
This method is never used by Tomcat. If something accidently exposes the
|
||||
class loader then this method can be used to gain access to Tomcat
|
||||
internals.
|
||||
---
|
||||
.../apache/catalina/loader/WebappClassLoaderBase.java | 7 ++++++-
|
||||
webapps/docs/changelog.xml | 10 ++++++++++
|
||||
2 files changed, 16 insertions(+), 1 deletion(-)
|
||||
Index: apache-tomcat-9.0.43-src/java/org/apache/catalina/loader/WebappClassLoaderBase.java
|
||||
===================================================================
|
||||
--- apache-tomcat-9.0.43-src.orig/java/org/apache/catalina/loader/WebappClassLoaderBase.java
|
||||
+++ apache-tomcat-9.0.43-src/java/org/apache/catalina/loader/WebappClassLoaderBase.java
|
||||
@@ -425,10 +425,15 @@ public abstract class WebappClassLoaderB
|
||||
// ------------------------------------------------------------- Properties
|
||||
|
||||
/**
|
||||
+ * Unused. Always returns {@code null}.
|
||||
+ *
|
||||
* @return associated resources.
|
||||
+ *
|
||||
+ * @deprecated This will be removed in Tomcat 10.1.x onwards
|
||||
*/
|
||||
+ @Deprecated
|
||||
public WebResourceRoot getResources() {
|
||||
- return this.resources;
|
||||
+ return null;
|
||||
}
|
||||
|
||||
|
||||
Index: apache-tomcat-9.0.43-src/webapps/docs/changelog.xml
|
||||
===================================================================
|
||||
--- apache-tomcat-9.0.43-src.orig/webapps/docs/changelog.xml
|
||||
+++ apache-tomcat-9.0.43-src/webapps/docs/changelog.xml
|
||||
@@ -106,6 +106,12 @@
|
||||
<section name="Tomcat 9.0.43 (markt)">
|
||||
<subsection name="Catalina">
|
||||
<changelog>
|
||||
+ <add>
|
||||
+ Effectively disable the
|
||||
+ <code>WebappClassLoaderBase.getResources()</code> method as it is not
|
||||
+ used and if something accidently exposes the class loader this method
|
||||
+ can be used to gain access to Tomcat internals. (markt)
|
||||
+ </add>
|
||||
<fix>
|
||||
<bug>63508</bug>: NPE in JNDIRealm when no <code>userRoleAttribute</code>
|
||||
is given. (fschumacher)
|
||||
@ -2,72 +2,6 @@ Index: apache-tomcat-9.0.35-src/build.xml
|
||||
===================================================================
|
||||
--- apache-tomcat-9.0.35-src.orig/build.xml
|
||||
+++ apache-tomcat-9.0.35-src/build.xml
|
||||
@@ -1902,7 +1902,7 @@ Apache Tomcat ${version} native binaries
|
||||
source="${compile.source}"
|
||||
maxmemory="512m"
|
||||
failonerror="true"
|
||||
- failonwarning="true">
|
||||
+ failonwarning="false">
|
||||
<classpath>
|
||||
<path refid="compile.classpath"/>
|
||||
<path location="${ant.core.lib}"/>
|
||||
@@ -1924,7 +1924,7 @@ Apache Tomcat ${version} native binaries
|
||||
source="${compile.source}"
|
||||
maxmemory="512m"
|
||||
failonerror="true"
|
||||
- failonwarning="true">
|
||||
+ failonwarning="false">
|
||||
<classpath>
|
||||
<path refid="compile.classpath"/>
|
||||
<path location="${ant.core.lib}"/>
|
||||
@@ -1945,7 +1945,7 @@ Apache Tomcat ${version} native binaries
|
||||
source="${compile.source}"
|
||||
maxmemory="512m"
|
||||
failonerror="true"
|
||||
- failonwarning="true">
|
||||
+ failonwarning="false">
|
||||
<classpath>
|
||||
<path refid="compile.classpath"/>
|
||||
<path location="${ant.core.lib}"/>
|
||||
@@ -1966,7 +1966,7 @@ Apache Tomcat ${version} native binaries
|
||||
source="${compile.source}"
|
||||
maxmemory="512m"
|
||||
failonerror="true"
|
||||
- failonwarning="true">
|
||||
+ failonwarning="false">
|
||||
<classpath>
|
||||
<path refid="compile.classpath"/>
|
||||
<path location="${ant.core.lib}"/>
|
||||
@@ -1987,7 +1987,7 @@ Apache Tomcat ${version} native binaries
|
||||
source="${compile.source}"
|
||||
maxmemory="512m"
|
||||
failonerror="true"
|
||||
- failonwarning="true">
|
||||
+ failonwarning="false">
|
||||
<classpath>
|
||||
<path refid="compile.classpath"/>
|
||||
<path location="${ant.core.lib}"/>
|
||||
@@ -2005,9 +2005,10 @@ Apache Tomcat ${version} native binaries
|
||||
docencoding="UTF-8"
|
||||
charset="UTF-8"
|
||||
additionalparam="-breakiterator -notimestamp"
|
||||
+ source="${compile.source}"
|
||||
maxmemory="512m"
|
||||
failonerror="true"
|
||||
- failonwarning="true">
|
||||
+ failonwarning="false">
|
||||
<classpath>
|
||||
<path refid="compile.classpath"/>
|
||||
<path location="${ant.core.lib}"/>
|
||||
@@ -2027,7 +2028,7 @@ Apache Tomcat ${version} native binaries
|
||||
source="${compile.source}"
|
||||
maxmemory="512m"
|
||||
failonerror="true"
|
||||
- failonwarning="true">
|
||||
+ failonwarning="false">
|
||||
<classpath>
|
||||
<path refid="compile.classpath"/>
|
||||
<path location="${ant.core.lib}"/>
|
||||
@@ -2038,8 +2039,6 @@ Apache Tomcat ${version} native binaries
|
||||
<link href="../elapi"/>
|
||||
<link href="../websocketapi"/>
|
||||
|
||||
22
tomcat-9.0-jdt.patch
Normal file
22
tomcat-9.0-jdt.patch
Normal file
@ -0,0 +1,22 @@
|
||||
--- apache-tomcat-9.0.75-src/java/org/apache/jasper/compiler/JDTCompiler.java 2023-05-22 18:12:16.915658492 +0200
|
||||
+++ apache-tomcat-9.0.75-src/java/org/apache/jasper/compiler/JDTCompiler.java 2023-05-22 19:45:14.491706823 +0200
|
||||
@@ -310,7 +310,7 @@
|
||||
} else if(opt.equals("15")) {
|
||||
settings.put(CompilerOptions.OPTION_Source, CompilerOptions.VERSION_15);
|
||||
} else if(opt.equals("16")) {
|
||||
- settings.put(CompilerOptions.OPTION_Source, CompilerOptions.VERSION_16);
|
||||
+ settings.put(CompilerOptions.OPTION_Source, "16");
|
||||
} else if(opt.equals("17")) {
|
||||
// Constant not available in latest ECJ version that runs on
|
||||
// Java 8.
|
||||
@@ -392,8 +392,8 @@
|
||||
settings.put(CompilerOptions.OPTION_TargetPlatform, CompilerOptions.VERSION_15);
|
||||
settings.put(CompilerOptions.OPTION_Compliance, CompilerOptions.VERSION_15);
|
||||
} else if(opt.equals("16")) {
|
||||
- settings.put(CompilerOptions.OPTION_TargetPlatform, CompilerOptions.VERSION_16);
|
||||
- settings.put(CompilerOptions.OPTION_Compliance, CompilerOptions.VERSION_16);
|
||||
+ settings.put(CompilerOptions.OPTION_TargetPlatform, "16");
|
||||
+ settings.put(CompilerOptions.OPTION_Compliance, "16");
|
||||
} else if(opt.equals("17")) {
|
||||
// Constant not available in latest ECJ version that runs on
|
||||
// Java 8.
|
||||
@ -1,8 +1,18 @@
|
||||
Index: apache-tomcat-9.0.37-src/build.xml
|
||||
===================================================================
|
||||
--- apache-tomcat-9.0.37-src.orig/build.xml
|
||||
+++ apache-tomcat-9.0.37-src/build.xml
|
||||
@@ -3307,6 +3307,13 @@ Read the Building page on the Apache Tom
|
||||
--- apache-tomcat-9.0.75-src/build.xml 2023-05-22 18:12:16.995658642 +0200
|
||||
+++ apache-tomcat-9.0.75-src/build.xml 2023-05-22 19:41:42.051370923 +0200
|
||||
@@ -215,10 +215,10 @@
|
||||
|
||||
<!-- Classpaths -->
|
||||
<path id="compile.classpath">
|
||||
- <pathelement location="${bnd.jar}"/>
|
||||
<pathelement location="${jdt.jar}"/>
|
||||
<pathelement location="${jaxrpc-lib.jar}"/>
|
||||
<pathelement location="${wsdl4j-lib.jar}"/>
|
||||
+ <path refid="bnd.classpath"/>
|
||||
</path>
|
||||
|
||||
<path id="tomcat.classpath">
|
||||
@@ -3845,6 +3845,13 @@
|
||||
<!-- Add bnd tasks to project -->
|
||||
<path id="bnd.classpath">
|
||||
<fileset file="${bnd.jar}" />
|
||||
|
||||
@ -1,13 +0,0 @@
|
||||
Index: apache-tomcat-9.0.31-src/java/org/apache/coyote/ajp/AbstractAjpProtocol.java
|
||||
===================================================================
|
||||
--- apache-tomcat-9.0.31-src.orig/java/org/apache/coyote/ajp/AbstractAjpProtocol.java
|
||||
+++ apache-tomcat-9.0.31-src/java/org/apache/coyote/ajp/AbstractAjpProtocol.java
|
||||
@@ -180,7 +180,7 @@ public abstract class AbstractAjpProtoco
|
||||
}
|
||||
|
||||
|
||||
- private boolean secretRequired = true;
|
||||
+ private boolean secretRequired = false;
|
||||
public void setSecretRequired(boolean secretRequired) {
|
||||
this.secretRequired = secretRequired;
|
||||
}
|
||||
@ -1,181 +0,0 @@
|
||||
From 170e0f792bd18ff031677890ba2fe50eb7a376c1 Mon Sep 17 00:00:00 2001
|
||||
From: Mark Thomas <markt@apache.org>
|
||||
Date: Tue, 29 Mar 2022 19:15:37 +0100
|
||||
Subject: [PATCH] Improve the recycling of Processor objects to make it more
|
||||
robust.
|
||||
|
||||
---
|
||||
java/org/apache/coyote/AbstractProtocol.java | 32 ++++++++++---------
|
||||
.../tomcat/util/net/SocketWrapperBase.java | 17 +++++++---
|
||||
webapps/docs/changelog.xml | 4 +++
|
||||
3 files changed, 33 insertions(+), 20 deletions(-)
|
||||
|
||||
Index: apache-tomcat-9.0.43-src/java/org/apache/coyote/AbstractProtocol.java
|
||||
===================================================================
|
||||
--- apache-tomcat-9.0.43-src.orig/java/org/apache/coyote/AbstractProtocol.java
|
||||
+++ apache-tomcat-9.0.43-src/java/org/apache/coyote/AbstractProtocol.java
|
||||
@@ -794,7 +794,11 @@ public abstract class AbstractProtocol<S
|
||||
|
||||
S socket = wrapper.getSocket();
|
||||
|
||||
- Processor processor = (Processor) wrapper.getCurrentProcessor();
|
||||
+ // We take complete ownership of the Processor inside of this method to ensure
|
||||
+ // no other thread can release it while we're using it. Whatever processor is
|
||||
+ // held by this variable will be associated with the SocketWrapper before this
|
||||
+ // method returns.
|
||||
+ Processor processor = (Processor) wrapper.takeCurrentProcessor();
|
||||
if (getLog().isDebugEnabled()) {
|
||||
getLog().debug(sm.getString("abstractConnectionHandler.connectionsGet",
|
||||
processor, socket));
|
||||
@@ -879,9 +883,6 @@ public abstract class AbstractProtocol<S
|
||||
processor.setSslSupport(
|
||||
wrapper.getSslSupport(getProtocol().getClientCertProvider()));
|
||||
|
||||
- // Associate the processor with the connection
|
||||
- wrapper.setCurrentProcessor(processor);
|
||||
-
|
||||
SocketState state = SocketState.CLOSED;
|
||||
do {
|
||||
state = processor.process(wrapper, status);
|
||||
@@ -901,8 +902,6 @@ public abstract class AbstractProtocol<S
|
||||
release(processor);
|
||||
// Create the upgrade processor
|
||||
processor = upgradeProtocol.getProcessor(wrapper, getProtocol().getAdapter());
|
||||
- // Associate with the processor with the connection
|
||||
- wrapper.setCurrentProcessor(processor);
|
||||
} else {
|
||||
if (getLog().isDebugEnabled()) {
|
||||
getLog().debug(sm.getString(
|
||||
@@ -922,8 +921,6 @@ public abstract class AbstractProtocol<S
|
||||
getLog().debug(sm.getString("abstractConnectionHandler.upgradeCreate",
|
||||
processor, wrapper));
|
||||
}
|
||||
- // Associate with the processor with the connection
|
||||
- wrapper.setCurrentProcessor(processor);
|
||||
// Initialise the upgrade handler (which may trigger
|
||||
// some IO using the new protocol which is why the lines
|
||||
// above are necessary)
|
||||
@@ -961,8 +958,8 @@ public abstract class AbstractProtocol<S
|
||||
} else if (state == SocketState.OPEN) {
|
||||
// In keep-alive but between requests. OK to recycle
|
||||
// processor. Continue to poll for the next request.
|
||||
- wrapper.setCurrentProcessor(null);
|
||||
release(processor);
|
||||
+ processor = null;
|
||||
wrapper.registerReadInterest();
|
||||
} else if (state == SocketState.SENDFILE) {
|
||||
// Sendfile in progress. If it fails, the socket will be
|
||||
@@ -987,8 +984,7 @@ public abstract class AbstractProtocol<S
|
||||
// Connection closed. OK to recycle the processor.
|
||||
// Processors handling upgrades require additional clean-up
|
||||
// before release.
|
||||
- wrapper.setCurrentProcessor(null);
|
||||
- if (processor.isUpgrade()) {
|
||||
+ if (processor != null && processor.isUpgrade()) {
|
||||
UpgradeToken upgradeToken = processor.getUpgradeToken();
|
||||
HttpUpgradeHandler httpUpgradeHandler = upgradeToken.getHttpUpgradeHandler();
|
||||
InstanceManager instanceManager = upgradeToken.getInstanceManager();
|
||||
@@ -1009,7 +1005,13 @@ public abstract class AbstractProtocol<S
|
||||
}
|
||||
}
|
||||
}
|
||||
+
|
||||
release(processor);
|
||||
+ processor = null;
|
||||
+ }
|
||||
+
|
||||
+ if (processor != null) {
|
||||
+ wrapper.setCurrentProcessor(processor);
|
||||
}
|
||||
return state;
|
||||
} catch(java.net.SocketException e) {
|
||||
@@ -1047,7 +1049,6 @@ public abstract class AbstractProtocol<S
|
||||
|
||||
// Make sure socket/processor is removed from the list of current
|
||||
// connections
|
||||
- wrapper.setCurrentProcessor(null);
|
||||
release(processor);
|
||||
return SocketState.CLOSED;
|
||||
}
|
||||
@@ -1081,7 +1082,9 @@ public abstract class AbstractProtocol<S
|
||||
|
||||
/**
|
||||
* Expected to be used by the handler once the processor is no longer
|
||||
- * required.
|
||||
+ * required. Care must be taken to ensure that this method is only
|
||||
+ * called once per processor, after the request processing has
|
||||
+ * completed.
|
||||
*
|
||||
* @param processor Processor being released (that was associated with
|
||||
* the socket)
|
||||
@@ -1119,8 +1122,7 @@ public abstract class AbstractProtocol<S
|
||||
*/
|
||||
@Override
|
||||
public void release(SocketWrapperBase<S> socketWrapper) {
|
||||
- Processor processor = (Processor) socketWrapper.getCurrentProcessor();
|
||||
- socketWrapper.setCurrentProcessor(null);
|
||||
+ Processor processor = (Processor) socketWrapper.takeCurrentProcessor();
|
||||
release(processor);
|
||||
}
|
||||
|
||||
Index: apache-tomcat-9.0.43-src/java/org/apache/tomcat/util/net/SocketWrapperBase.java
|
||||
===================================================================
|
||||
--- apache-tomcat-9.0.43-src.orig/java/org/apache/tomcat/util/net/SocketWrapperBase.java
|
||||
+++ apache-tomcat-9.0.43-src/java/org/apache/tomcat/util/net/SocketWrapperBase.java
|
||||
@@ -29,6 +29,7 @@ import java.util.concurrent.RejectedExec
|
||||
import java.util.concurrent.Semaphore;
|
||||
import java.util.concurrent.TimeUnit;
|
||||
import java.util.concurrent.atomic.AtomicBoolean;
|
||||
+import java.util.concurrent.atomic.AtomicReference;
|
||||
|
||||
import org.apache.juli.logging.Log;
|
||||
import org.apache.juli.logging.LogFactory;
|
||||
@@ -104,10 +105,12 @@ public abstract class SocketWrapperBase<
|
||||
protected volatile OperationState<?> writeOperation = null;
|
||||
|
||||
/**
|
||||
- * The org.apache.coyote.Processor instance currently associated
|
||||
- * with the wrapper.
|
||||
+ * The org.apache.coyote.Processor instance currently associated with the
|
||||
+ * wrapper. Only populated when required to maintain wrapper<->Processor
|
||||
+ * mapping between calls to
|
||||
+ * {@link AbstractEndpoint.Handler#process(SocketWrapperBase, SocketEvent)}.
|
||||
*/
|
||||
- protected Object currentProcessor = null;
|
||||
+ private final AtomicReference<Object> currentProcessor = new AtomicReference<>();
|
||||
|
||||
public SocketWrapperBase(E socket, AbstractEndpoint<E,?> endpoint) {
|
||||
this.socket = socket;
|
||||
@@ -134,11 +137,15 @@ public abstract class SocketWrapperBase<
|
||||
}
|
||||
|
||||
public Object getCurrentProcessor() {
|
||||
- return currentProcessor;
|
||||
+ return currentProcessor.get();
|
||||
}
|
||||
|
||||
public void setCurrentProcessor(Object currentProcessor) {
|
||||
- this.currentProcessor = currentProcessor;
|
||||
+ this.currentProcessor.set(currentProcessor);
|
||||
+ }
|
||||
+
|
||||
+ public Object takeCurrentProcessor() {
|
||||
+ return currentProcessor.getAndSet(null);
|
||||
}
|
||||
|
||||
/**
|
||||
Index: apache-tomcat-9.0.43-src/webapps/docs/changelog.xml
|
||||
===================================================================
|
||||
--- apache-tomcat-9.0.43-src.orig/webapps/docs/changelog.xml
|
||||
+++ apache-tomcat-9.0.43-src/webapps/docs/changelog.xml
|
||||
@@ -485,6 +485,10 @@
|
||||
Fix a concurrency issue in the NIO connector that could cause newly
|
||||
created connections to be removed from the poller. (markt)
|
||||
</fix>
|
||||
+ <fix>
|
||||
+ Improve the recycling of Processor objects to make it more robust.
|
||||
+ (markt)
|
||||
+ </fix>
|
||||
</changelog>
|
||||
</subsection>
|
||||
<subsection name="Jasper">
|
||||
@ -1,108 +0,0 @@
|
||||
From 4c7f4fd09d2cc1692112ef70b8ee23a7a037ae77 Mon Sep 17 00:00:00 2001
|
||||
From: Mark Thomas <markt@apache.org>
|
||||
Date: Mon, 3 Oct 2022 11:59:01 +0100
|
||||
Subject: [PATCH] Requests with invalid content-length should always be
|
||||
rejected
|
||||
---
|
||||
|
||||
Index: apache-tomcat-9.0.43-src/java/org/apache/coyote/http11/Http11InputBuffer.java
|
||||
===================================================================
|
||||
--- apache-tomcat-9.0.43-src.orig/java/org/apache/coyote/http11/Http11InputBuffer.java
|
||||
+++ apache-tomcat-9.0.43-src/java/org/apache/coyote/http11/Http11InputBuffer.java
|
||||
@@ -886,7 +886,7 @@ public class Http11InputBuffer implement
|
||||
headerData.lastSignificantChar = pos;
|
||||
byteBuffer.position(byteBuffer.position() - 1);
|
||||
// skipLine() will handle the error
|
||||
- return skipLine();
|
||||
+ return skipLine(false);
|
||||
}
|
||||
|
||||
// chr is next byte of header name. Convert to lowercase.
|
||||
@@ -897,7 +897,7 @@ public class Http11InputBuffer implement
|
||||
|
||||
// Skip the line and ignore the header
|
||||
if (headerParsePos == HeaderParsePosition.HEADER_SKIPLINE) {
|
||||
- return skipLine();
|
||||
+ return skipLine(false);
|
||||
}
|
||||
|
||||
//
|
||||
@@ -948,15 +948,11 @@ public class Http11InputBuffer implement
|
||||
} else if (prevChr == Constants.CR && chr == Constants.LF) {
|
||||
eol = true;
|
||||
} else if (prevChr == Constants.CR) {
|
||||
- // Invalid value
|
||||
- // Delete the header (it will be the most recent one)
|
||||
- headers.removeHeader(headers.size() - 1);
|
||||
- return skipLine();
|
||||
+ // Invalid value - also need to delete header
|
||||
+ return skipLine(true);
|
||||
} else if (chr != Constants.HT && HttpParser.isControl(chr)) {
|
||||
- // Invalid value
|
||||
- // Delete the header (it will be the most recent one)
|
||||
- headers.removeHeader(headers.size() - 1);
|
||||
- return skipLine();
|
||||
+ // Invalid value - also need to delete header
|
||||
+ return skipLine(true);
|
||||
} else if (chr == Constants.SP || chr == Constants.HT) {
|
||||
byteBuffer.put(headerData.realPos, chr);
|
||||
headerData.realPos++;
|
||||
@@ -1004,7 +1000,27 @@ public class Http11InputBuffer implement
|
||||
}
|
||||
|
||||
|
||||
- private HeaderParseStatus skipLine() throws IOException {
|
||||
+ private HeaderParseStatus skipLine(boolean deleteHeader) throws IOException {
|
||||
+ boolean rejectThisHeader = rejectIllegalHeader;
|
||||
+ // Check if rejectIllegalHeader is disabled and needs to be overridden
|
||||
+ // for this header. The header name is required to determine if this
|
||||
+ // override is required. The header name is only available once the
|
||||
+ // header has been created. If the header has been created then
|
||||
+ // deleteHeader will be true.
|
||||
+ if (!rejectThisHeader && deleteHeader) {
|
||||
+ if (headers.getName(headers.size() - 1).equalsIgnoreCase("content-length")) {
|
||||
+ // Malformed content-length headers must always be rejected
|
||||
+ // RFC 9112, section 6.3, bullet 5.
|
||||
+ rejectThisHeader = true;
|
||||
+ } else {
|
||||
+ // Only need to delete the header if the request isn't going to
|
||||
+ // be rejected (it will be the most recent one)
|
||||
+ headers.removeHeader(headers.size() - 1);
|
||||
+ }
|
||||
+ }
|
||||
+
|
||||
+ // Parse the rest of the invalid header so we can construct a useful
|
||||
+ // exception and/or debug message.
|
||||
headerParsePos = HeaderParsePosition.HEADER_SKIPLINE;
|
||||
boolean eol = false;
|
||||
|
||||
@@ -1029,11 +1045,11 @@ public class Http11InputBuffer implement
|
||||
headerData.lastSignificantChar = pos;
|
||||
}
|
||||
}
|
||||
- if (rejectIllegalHeader || log.isDebugEnabled()) {
|
||||
+ if (rejectThisHeader || log.isDebugEnabled()) {
|
||||
String message = sm.getString("iib.invalidheader",
|
||||
HeaderUtil.toPrintableString(byteBuffer.array(), headerData.lineStart,
|
||||
headerData.lastSignificantChar - headerData.lineStart + 1));
|
||||
- if (rejectIllegalHeader) {
|
||||
+ if (rejectThisHeader) {
|
||||
throw new IllegalArgumentException(message);
|
||||
}
|
||||
log.debug(message);
|
||||
Index: apache-tomcat-9.0.43-src/webapps/docs/changelog.xml
|
||||
===================================================================
|
||||
--- apache-tomcat-9.0.43-src.orig/webapps/docs/changelog.xml
|
||||
+++ apache-tomcat-9.0.43-src/webapps/docs/changelog.xml
|
||||
@@ -223,6 +223,11 @@
|
||||
Avoid possible infinite loop in <code>OpenSSLEngine.unwrap</code>
|
||||
when the destination buffers state is changed concurrently. (remm)
|
||||
</fix>
|
||||
+ <fix>
|
||||
+ Enforce the requirement of RFC 7230 onwards that a request with a
|
||||
+ malformed <code>content-length</code> header should always be rejected
|
||||
+ with a 400 response. (markt)
|
||||
+ </fix>
|
||||
</changelog>
|
||||
</subsection>
|
||||
<subsection name="Jasper">
|
||||
@ -1,208 +0,0 @@
|
||||
From b336f4e58893ea35114f1e4a415657f723b1298e Mon Sep 17 00:00:00 2001
|
||||
From: Mark Thomas <markt@apache.org>
|
||||
Date: Wed, 9 Nov 2022 12:39:15 +0000
|
||||
Subject: [PATCH] Avoid invalid JSON in JSONErrorReportValve output
|
||||
|
||||
---
|
||||
.../catalina/valves/JsonErrorReportValve.java | 7 +-
|
||||
.../apache/tomcat/util/json/JSONFilter.java | 61 ++++++++++++++
|
||||
.../tomcat/util/json/TestJSONFilter.java | 82 +++++++++++++++++++
|
||||
webapps/docs/changelog.xml | 5 ++
|
||||
4 files changed, 152 insertions(+), 3 deletions(-)
|
||||
create mode 100644 java/org/apache/tomcat/util/json/JSONFilter.java
|
||||
create mode 100644 test/org/apache/tomcat/util/json/TestJSONFilter.java
|
||||
|
||||
Index: apache-tomcat-9.0.43-src/java/org/apache/catalina/valves/JsonErrorReportValve.java
|
||||
===================================================================
|
||||
--- apache-tomcat-9.0.43-src.orig/java/org/apache/catalina/valves/JsonErrorReportValve.java
|
||||
+++ apache-tomcat-9.0.43-src/java/org/apache/catalina/valves/JsonErrorReportValve.java
|
||||
@@ -24,6 +24,7 @@ import org.apache.catalina.connector.Req
|
||||
import org.apache.catalina.connector.Response;
|
||||
import org.apache.coyote.ActionCode;
|
||||
import org.apache.tomcat.util.ExceptionUtils;
|
||||
+import org.apache.tomcat.util.json.JSONFilter;
|
||||
import org.apache.tomcat.util.res.StringManager;
|
||||
|
||||
/**
|
||||
@@ -82,9 +83,9 @@ public class JsonErrorReportValve extend
|
||||
}
|
||||
}
|
||||
String jsonReport = "{\n" +
|
||||
- " \"type\": \"" + type + "\",\n" +
|
||||
- " \"message\": \"" + message + "\"\n" +
|
||||
- " \"description\": \"" + description + "\"\n" +
|
||||
+ " \"type\": \"" + JSONFilter.escape(type) + "\",\n" +
|
||||
+ " \"message\": \"" + JSONFilter.escape(message) + "\",\n" +
|
||||
+ " \"description\": \"" + JSONFilter.escape(description) + "\"\n" +
|
||||
"}";
|
||||
try {
|
||||
try {
|
||||
Index: apache-tomcat-9.0.43-src/java/org/apache/tomcat/util/json/JSONFilter.java
|
||||
===================================================================
|
||||
--- /dev/null
|
||||
+++ apache-tomcat-9.0.43-src/java/org/apache/tomcat/util/json/JSONFilter.java
|
||||
@@ -0,0 +1,61 @@
|
||||
+/*
|
||||
+ * Licensed to the Apache Software Foundation (ASF) under one or more
|
||||
+ * contributor license agreements. See the NOTICE file distributed with
|
||||
+ * this work for additional information regarding copyright ownership.
|
||||
+ * The ASF licenses this file to You under the Apache License, Version 2.0
|
||||
+ * (the "License"); you may not use this file except in compliance with
|
||||
+ * the License. You may obtain a copy of the License at
|
||||
+ *
|
||||
+ * http://www.apache.org/licenses/LICENSE-2.0
|
||||
+ *
|
||||
+ * Unless required by applicable law or agreed to in writing, software
|
||||
+ * distributed under the License is distributed on an "AS IS" BASIS,
|
||||
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
+ * See the License for the specific language governing permissions and
|
||||
+ * limitations under the License.
|
||||
+ */
|
||||
+package org.apache.tomcat.util.json;
|
||||
+
|
||||
+/**
|
||||
+ * Provides escaping of values so they can be included in a JSON document.
|
||||
+ * Escaping is based on the definition of JSON found in
|
||||
+ * <a href="https://www.rfc-editor.org/rfc/rfc8259.html">RFC 8259</a>.
|
||||
+ */
|
||||
+public class JSONFilter {
|
||||
+
|
||||
+ private JSONFilter() {
|
||||
+ // Utility class. Hide the default constructor.
|
||||
+ }
|
||||
+
|
||||
+ public static String escape(String input) {
|
||||
+ /*
|
||||
+ * While any character MAY be escaped, only U+0000 to U+001F (control
|
||||
+ * characters), U+0022 (quotation mark) and U+005C (reverse solidus)
|
||||
+ * MUST be escaped.
|
||||
+ */
|
||||
+ char[] chars = input.toCharArray();
|
||||
+ StringBuffer escaped = null;
|
||||
+ int lastUnescapedStart = 0;
|
||||
+ for (int i = 0; i < chars.length; i++) {
|
||||
+ if (chars[i] < 0x20 || chars[i] == 0x22 || chars[i] == 0x5c) {
|
||||
+ if (escaped == null) {
|
||||
+ escaped = new StringBuffer(chars.length + 20);
|
||||
+ }
|
||||
+ if (lastUnescapedStart < i) {
|
||||
+ escaped.append(input.subSequence(lastUnescapedStart, i));
|
||||
+ }
|
||||
+ lastUnescapedStart = i + 1;
|
||||
+ escaped.append("\\u");
|
||||
+ escaped.append(String.format("%04X", Integer.valueOf(chars[i])));
|
||||
+ }
|
||||
+ }
|
||||
+ if (escaped == null) {
|
||||
+ return input;
|
||||
+ } else {
|
||||
+ if (lastUnescapedStart < chars.length) {
|
||||
+ escaped.append(input.subSequence(lastUnescapedStart, chars.length));
|
||||
+ }
|
||||
+ return escaped.toString();
|
||||
+ }
|
||||
+ }
|
||||
+}
|
||||
Index: apache-tomcat-9.0.43-src/webapps/docs/changelog.xml
|
||||
===================================================================
|
||||
--- apache-tomcat-9.0.43-src.orig/webapps/docs/changelog.xml
|
||||
+++ apache-tomcat-9.0.43-src/webapps/docs/changelog.xml
|
||||
@@ -133,6 +133,11 @@
|
||||
<code>RemoteIpFilter</code> determines that this request was submitted
|
||||
via a secure channel. (lihan)
|
||||
</fix>
|
||||
+ <fix>
|
||||
+ Escape values used to construct output for the
|
||||
+ <code>JsonErrorReportValve</code> to ensure that it always outputs valid
|
||||
+ JSON. (markt)
|
||||
+ </fix>
|
||||
</changelog>
|
||||
</subsection>
|
||||
<subsection name="Coyote">
|
||||
Index: apache-tomcat-9.0.43-src/test/org/apache/tomcat/util/json/TestJSONFilter.java
|
||||
===================================================================
|
||||
--- /dev/null
|
||||
+++ apache-tomcat-9.0.43-src/test/org/apache/tomcat/util/json/TestJSONFilter.java
|
||||
@@ -0,0 +1,82 @@
|
||||
+/*
|
||||
+ * Licensed to the Apache Software Foundation (ASF) under one or more
|
||||
+ * contributor license agreements. See the NOTICE file distributed with
|
||||
+ * this work for additional information regarding copyright ownership.
|
||||
+ * The ASF licenses this file to You under the Apache License, Version 2.0
|
||||
+ * (the "License"); you may not use this file except in compliance with
|
||||
+ * the License. You may obtain a copy of the License at
|
||||
+ *
|
||||
+ * http://www.apache.org/licenses/LICENSE-2.0
|
||||
+ *
|
||||
+ * Unless required by applicable law or agreed to in writing, software
|
||||
+ * distributed under the License is distributed on an "AS IS" BASIS,
|
||||
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
+ * See the License for the specific language governing permissions and
|
||||
+ * limitations under the License.
|
||||
+ */
|
||||
+package org.apache.tomcat.util.json;
|
||||
+
|
||||
+import java.util.ArrayList;
|
||||
+import java.util.Collection;
|
||||
+
|
||||
+import org.junit.Assert;
|
||||
+import org.junit.Test;
|
||||
+import org.junit.runner.RunWith;
|
||||
+import org.junit.runners.Parameterized;
|
||||
+import org.junit.runners.Parameterized.Parameter;
|
||||
+
|
||||
+
|
||||
+@RunWith(Parameterized.class)
|
||||
+public class TestJSONFilter {
|
||||
+
|
||||
+ @Parameterized.Parameters(name = "{index}: input[{0}], output[{1}]")
|
||||
+ public static Collection<Object[]> parameters() {
|
||||
+ Collection<Object[]> parameterSets = new ArrayList<>();
|
||||
+
|
||||
+ // Empty
|
||||
+ parameterSets.add(new String[] { "", "" });
|
||||
+
|
||||
+ // Must escape
|
||||
+ parameterSets.add(new String[] { "\"", "\\u0022" });
|
||||
+ parameterSets.add(new String[] { "\\", "\\u005C" });
|
||||
+ // Sample of controls
|
||||
+ parameterSets.add(new String[] { "\t", "\\u0009" });
|
||||
+ parameterSets.add(new String[] { "\n", "\\u000A" });
|
||||
+ parameterSets.add(new String[] { "\r", "\\u000D" });
|
||||
+
|
||||
+ // No escape
|
||||
+ parameterSets.add(new String[] { "aaa", "aaa" });
|
||||
+
|
||||
+ // Start
|
||||
+ parameterSets.add(new String[] { "\naaa", "\\u000Aaaa" });
|
||||
+ parameterSets.add(new String[] { "\n\naaa", "\\u000A\\u000Aaaa" });
|
||||
+
|
||||
+ // Middle
|
||||
+ parameterSets.add(new String[] { "aaa\naaa", "aaa\\u000Aaaa" });
|
||||
+ parameterSets.add(new String[] { "aaa\n\naaa", "aaa\\u000A\\u000Aaaa" });
|
||||
+
|
||||
+ // End
|
||||
+ parameterSets.add(new String[] { "aaa\n", "aaa\\u000A" });
|
||||
+ parameterSets.add(new String[] { "aaa\n\n", "aaa\\u000A\\u000A" });
|
||||
+
|
||||
+ // Start, middle and end
|
||||
+ parameterSets.add(new String[] { "\naaa\naaa\n", "\\u000Aaaa\\u000Aaaa\\u000A" });
|
||||
+ parameterSets.add(new String[] { "\n\naaa\n\naaa\n\n", "\\u000A\\u000Aaaa\\u000A\\u000Aaaa\\u000A\\u000A" });
|
||||
+
|
||||
+ // Multiple
|
||||
+ parameterSets.add(new String[] { "\n\n", "\\u000A\\u000A" });
|
||||
+
|
||||
+ return parameterSets;
|
||||
+ }
|
||||
+
|
||||
+ @Parameter(0)
|
||||
+ public String input;
|
||||
+
|
||||
+ @Parameter(1)
|
||||
+ public String output;
|
||||
+
|
||||
+ @Test
|
||||
+ public void testStringEscaping() {
|
||||
+ Assert.assertEquals(output, JSONFilter.escape(input));;
|
||||
+ }
|
||||
+}
|
||||
@ -1,262 +0,0 @@
|
||||
From cf77cc545de0488fb89e24294151504a7432df74 Mon Sep 17 00:00:00 2001
|
||||
From: Mark Thomas <markt@apache.org>
|
||||
Date: Tue, 13 Dec 2022 17:55:34 +0000
|
||||
Subject: [PATCH] Update packaged renamed fork of Commons File Upload
|
||||
|
||||
---
|
||||
MERGE.txt | 2 +-
|
||||
.../apache/catalina/connector/Request.java | 10 +++-
|
||||
.../apache/tomcat/util/http/Parameters.java | 5 ++
|
||||
.../util/http/fileupload/FileUploadBase.java | 29 +++++++++++
|
||||
.../impl/FileCountLimitExceededException.java | 50 +++++++++++++++++++
|
||||
webapps/docs/changelog.xml | 8 +++
|
||||
webapps/docs/config/ajp.xml | 15 +++---
|
||||
webapps/docs/config/http.xml | 15 +++---
|
||||
8 files changed, 120 insertions(+), 14 deletions(-)
|
||||
create mode 100644 java/org/apache/tomcat/util/http/fileupload/impl/FileCountLimitExceededException.java
|
||||
|
||||
Index: apache-tomcat-9.0.43-src/MERGE.txt
|
||||
===================================================================
|
||||
--- apache-tomcat-9.0.43-src.orig/MERGE.txt
|
||||
+++ apache-tomcat-9.0.43-src/MERGE.txt
|
||||
@@ -51,7 +51,7 @@ FileUpload
|
||||
Sub-tree:
|
||||
src/main/java/org/apache/commons/fileupload2
|
||||
The SHA1 ID / tag for the most recent commit to be merged to Tomcat is:
|
||||
-ee0a7131b6b87586b28542de354951414dedac3f (2021-01-15)
|
||||
+34eb241c051b02eca3b0b1b04f67b3b4e6c3a24d (2023-01-03)
|
||||
|
||||
Note: Tomcat's copy of fileupload also includes classes copied manually from
|
||||
Commons IO.
|
||||
Index: apache-tomcat-9.0.43-src/java/org/apache/catalina/connector/Request.java
|
||||
===================================================================
|
||||
--- apache-tomcat-9.0.43-src.orig/java/org/apache/catalina/connector/Request.java
|
||||
+++ apache-tomcat-9.0.43-src/java/org/apache/catalina/connector/Request.java
|
||||
@@ -2862,8 +2862,9 @@ public class Request implements HttpServ
|
||||
}
|
||||
}
|
||||
|
||||
+ int maxParameterCount = getConnector().getMaxParameterCount();
|
||||
Parameters parameters = coyoteRequest.getParameters();
|
||||
- parameters.setLimit(getConnector().getMaxParameterCount());
|
||||
+ parameters.setLimit(maxParameterCount);
|
||||
|
||||
boolean success = false;
|
||||
try {
|
||||
@@ -2915,6 +2916,13 @@ public class Request implements HttpServ
|
||||
upload.setFileItemFactory(factory);
|
||||
upload.setFileSizeMax(mce.getMaxFileSize());
|
||||
upload.setSizeMax(mce.getMaxRequestSize());
|
||||
+ if (maxParameterCount > -1) {
|
||||
+ // There is a limit. The limit for parts needs to be reduced by
|
||||
+ // the number of parameters we have already parsed.
|
||||
+ // Must be under the limit else parsing parameters would have
|
||||
+ // triggered an exception.
|
||||
+ upload.setFileCountMax(maxParameterCount - parameters.size());
|
||||
+ }
|
||||
|
||||
parts = new ArrayList<>();
|
||||
try {
|
||||
Index: apache-tomcat-9.0.43-src/java/org/apache/tomcat/util/http/Parameters.java
|
||||
===================================================================
|
||||
--- apache-tomcat-9.0.43-src.orig/java/org/apache/tomcat/util/http/Parameters.java
|
||||
+++ apache-tomcat-9.0.43-src/java/org/apache/tomcat/util/http/Parameters.java
|
||||
@@ -125,6 +125,11 @@ public final class Parameters {
|
||||
}
|
||||
|
||||
|
||||
+ public int size() {
|
||||
+ return parameterCount;
|
||||
+ }
|
||||
+
|
||||
+
|
||||
public void recycle() {
|
||||
parameterCount = 0;
|
||||
paramHashValues.clear();
|
||||
Index: apache-tomcat-9.0.43-src/java/org/apache/tomcat/util/http/fileupload/FileUploadBase.java
|
||||
===================================================================
|
||||
--- apache-tomcat-9.0.43-src.orig/java/org/apache/tomcat/util/http/fileupload/FileUploadBase.java
|
||||
+++ apache-tomcat-9.0.43-src/java/org/apache/tomcat/util/http/fileupload/FileUploadBase.java
|
||||
@@ -25,6 +25,7 @@ import java.util.Locale;
|
||||
import java.util.Map;
|
||||
import java.util.Objects;
|
||||
|
||||
+import org.apache.tomcat.util.http.fileupload.impl.FileCountLimitExceededException;
|
||||
import org.apache.tomcat.util.http.fileupload.impl.FileItemIteratorImpl;
|
||||
import org.apache.tomcat.util.http.fileupload.impl.FileItemStreamImpl;
|
||||
import org.apache.tomcat.util.http.fileupload.impl.FileUploadIOException;
|
||||
@@ -133,6 +134,12 @@ public abstract class FileUploadBase {
|
||||
private long fileSizeMax = -1;
|
||||
|
||||
/**
|
||||
+ * The maximum permitted number of files that may be uploaded in a single
|
||||
+ * request. A value of -1 indicates no maximum.
|
||||
+ */
|
||||
+ private long fileCountMax = -1;
|
||||
+
|
||||
+ /**
|
||||
* The content encoding to use when reading part headers.
|
||||
*/
|
||||
private String headerEncoding;
|
||||
@@ -209,6 +216,24 @@ public abstract class FileUploadBase {
|
||||
}
|
||||
|
||||
/**
|
||||
+ * Returns the maximum number of files allowed in a single request.
|
||||
+ *
|
||||
+ * @return The maximum number of files allowed in a single request.
|
||||
+ */
|
||||
+ public long getFileCountMax() {
|
||||
+ return fileCountMax;
|
||||
+ }
|
||||
+
|
||||
+ /**
|
||||
+ * Sets the maximum number of files allowed per request/
|
||||
+ *
|
||||
+ * @param fileCountMax The new limit. {@code -1} means no limit.
|
||||
+ */
|
||||
+ public void setFileCountMax(long fileCountMax) {
|
||||
+ this.fileCountMax = fileCountMax;
|
||||
+ }
|
||||
+
|
||||
+ /**
|
||||
* Retrieves the character encoding used when reading the headers of an
|
||||
* individual part. When not specified, or {@code null}, the request
|
||||
* encoding is used. If that is also not specified, or {@code null},
|
||||
@@ -281,6 +306,10 @@ public abstract class FileUploadBase {
|
||||
final FileItemFactory fileItemFactory = Objects.requireNonNull(getFileItemFactory(), "No FileItemFactory has been set.");
|
||||
final byte[] buffer = new byte[Streams.DEFAULT_BUFFER_SIZE];
|
||||
while (iter.hasNext()) {
|
||||
+ if (items.size() == fileCountMax) {
|
||||
+ // The next item will exceed the limit.
|
||||
+ throw new FileCountLimitExceededException(ATTACHMENT, getFileCountMax());
|
||||
+ }
|
||||
final FileItemStream item = iter.next();
|
||||
// Don't use getName() here to prevent an InvalidFileNameException.
|
||||
final String fileName = ((FileItemStreamImpl) item).getName();
|
||||
Index: apache-tomcat-9.0.43-src/java/org/apache/tomcat/util/http/fileupload/impl/FileCountLimitExceededException.java
|
||||
===================================================================
|
||||
--- /dev/null
|
||||
+++ apache-tomcat-9.0.43-src/java/org/apache/tomcat/util/http/fileupload/impl/FileCountLimitExceededException.java
|
||||
@@ -0,0 +1,50 @@
|
||||
+/*
|
||||
+ * Licensed to the Apache Software Foundation (ASF) under one or more
|
||||
+ * contributor license agreements. See the NOTICE file distributed with
|
||||
+ * this work for additional information regarding copyright ownership.
|
||||
+ * The ASF licenses this file to You under the Apache License, Version 2.0
|
||||
+ * (the "License"); you may not use this file except in compliance with
|
||||
+ * the License. You may obtain a copy of the License at
|
||||
+ *
|
||||
+ * http://www.apache.org/licenses/LICENSE-2.0
|
||||
+ *
|
||||
+ * Unless required by applicable law or agreed to in writing, software
|
||||
+ * distributed under the License is distributed on an "AS IS" BASIS,
|
||||
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
+ * See the License for the specific language governing permissions and
|
||||
+ * limitations under the License.
|
||||
+ */
|
||||
+package org.apache.tomcat.util.http.fileupload.impl;
|
||||
+
|
||||
+import org.apache.tomcat.util.http.fileupload.FileUploadException;
|
||||
+
|
||||
+/**
|
||||
+ * This exception is thrown if a request contains more files than the specified
|
||||
+ * limit.
|
||||
+ */
|
||||
+public class FileCountLimitExceededException extends FileUploadException {
|
||||
+
|
||||
+ private static final long serialVersionUID = 2408766352570556046L;
|
||||
+
|
||||
+ private final long limit;
|
||||
+
|
||||
+ /**
|
||||
+ * Creates a new instance.
|
||||
+ *
|
||||
+ * @param message The detail message
|
||||
+ * @param limit The limit that was exceeded
|
||||
+ */
|
||||
+ public FileCountLimitExceededException(final String message, final long limit) {
|
||||
+ super(message);
|
||||
+ this.limit = limit;
|
||||
+ }
|
||||
+
|
||||
+ /**
|
||||
+ * Retrieves the limit that was exceeded.
|
||||
+ *
|
||||
+ * @return The limit that was exceeded by the request
|
||||
+ */
|
||||
+ public long getLimit() {
|
||||
+ return limit;
|
||||
+ }
|
||||
+}
|
||||
Index: apache-tomcat-9.0.43-src/webapps/docs/changelog.xml
|
||||
===================================================================
|
||||
--- apache-tomcat-9.0.43-src.orig/webapps/docs/changelog.xml
|
||||
+++ apache-tomcat-9.0.43-src/webapps/docs/changelog.xml
|
||||
@@ -142,6 +142,14 @@
|
||||
</fix>
|
||||
</changelog>
|
||||
</subsection>
|
||||
+ <subsection name="Other">
|
||||
+ <changelog>
|
||||
+ <update>
|
||||
+ Update the internal fork of Apache Commons FileUpload to 34eb241
|
||||
+ (2023-01-03, 2.0-SNAPSHOT). (markt)
|
||||
+ </update>
|
||||
+ </changelog>
|
||||
+ </subsection>
|
||||
</section>
|
||||
<section name="Tomcat 9.0.42 (markt)" rtext="not released">
|
||||
<subsection name="Catalina">
|
||||
Index: apache-tomcat-9.0.43-src/webapps/docs/config/ajp.xml
|
||||
===================================================================
|
||||
--- apache-tomcat-9.0.43-src.orig/webapps/docs/config/ajp.xml
|
||||
+++ apache-tomcat-9.0.43-src/webapps/docs/config/ajp.xml
|
||||
@@ -136,12 +136,15 @@
|
||||
</attribute>
|
||||
|
||||
<attribute name="maxParameterCount" required="false">
|
||||
- <p>The maximum number of parameter and value pairs (GET plus POST) which
|
||||
- will be automatically parsed by the container. Parameter and value pairs
|
||||
- beyond this limit will be ignored. A value of less than 0 means no limit.
|
||||
- If not specified, a default of 10000 is used. Note that
|
||||
- <code>FailedRequestFilter</code> <a href="filter.html">filter</a> can be
|
||||
- used to reject requests that hit the limit.</p>
|
||||
+ <p>The maximum total number of request parameters (including uploaded
|
||||
+ files) obtained from the query string and, for POST requests, the request
|
||||
+ body if the content type is
|
||||
+ <code>application/x-www-form-urlencoded</code> or
|
||||
+ <code>multipart/form-data</code>. Request parameters beyond this limit
|
||||
+ will be ignored. A value of less than 0 means no limit. If not specified,
|
||||
+ a default of 10000 is used. Note that <code>FailedRequestFilter</code>
|
||||
+ <a href="filter.html">filter</a> can be used to reject requests that
|
||||
+ exceed the limit.</p>
|
||||
</attribute>
|
||||
|
||||
<attribute name="maxPostSize" required="false">
|
||||
Index: apache-tomcat-9.0.43-src/webapps/docs/config/http.xml
|
||||
===================================================================
|
||||
--- apache-tomcat-9.0.43-src.orig/webapps/docs/config/http.xml
|
||||
+++ apache-tomcat-9.0.43-src/webapps/docs/config/http.xml
|
||||
@@ -153,12 +153,15 @@
|
||||
</attribute>
|
||||
|
||||
<attribute name="maxParameterCount" required="false">
|
||||
- <p>The maximum number of parameter and value pairs (GET plus POST) which
|
||||
- will be automatically parsed by the container. Parameter and value pairs
|
||||
- beyond this limit will be ignored. A value of less than 0 means no limit.
|
||||
- If not specified, a default of 10000 is used. Note that
|
||||
- <code>FailedRequestFilter</code> <a href="filter.html">filter</a> can be
|
||||
- used to reject requests that hit the limit.</p>
|
||||
+ <p>The maximum total number of request parameters (including uploaded
|
||||
+ files) obtained from the query string and, for POST requests, the request
|
||||
+ body if the content type is
|
||||
+ <code>application/x-www-form-urlencoded</code> or
|
||||
+ <code>multipart/form-data</code>. Request parameters beyond this limit
|
||||
+ will be ignored. A value of less than 0 means no limit. If not specified,
|
||||
+ a default of 10000 is used. Note that <code>FailedRequestFilter</code>
|
||||
+ <a href="filter.html">filter</a> can be used to reject requests that
|
||||
+ exceed the limit.</p>
|
||||
</attribute>
|
||||
|
||||
<attribute name="maxPostSize" required="false">
|
||||
@ -1,226 +0,0 @@
|
||||
From 3b51230764da595bb19e8d0962dd8c69ab40dfab Mon Sep 17 00:00:00 2001
|
||||
From: lihan <lihan@apache.org>
|
||||
Date: Fri, 10 Feb 2023 10:01:27 +0800
|
||||
Subject: [PATCH] Fix BZ 66471 - JSessionId secure attribute missing with
|
||||
RemoteIpFilter and X-Forwarded-Proto set to https
|
||||
|
||||
https://bz.apache.org/bugzilla/show_bug.cgi?id=66471
|
||||
---
|
||||
java/org/apache/catalina/Globals.java | 7 ++
|
||||
.../apache/catalina/connector/Request.java | 14 +++
|
||||
.../catalina/filters/RemoteIpFilter.java | 7 +-
|
||||
.../catalina/filters/TestRemoteIpFilter.java | 96 ++++++++++++++-----
|
||||
webapps/docs/changelog.xml | 5 +
|
||||
5 files changed, 100 insertions(+), 29 deletions(-)
|
||||
|
||||
Index: apache-tomcat-9.0.43-src/java/org/apache/catalina/Globals.java
|
||||
===================================================================
|
||||
--- apache-tomcat-9.0.43-src.orig/java/org/apache/catalina/Globals.java
|
||||
+++ apache-tomcat-9.0.43-src/java/org/apache/catalina/Globals.java
|
||||
@@ -113,6 +113,13 @@ public final class Globals {
|
||||
|
||||
|
||||
/**
|
||||
+ * The request attribute that is set to the value of {@code Boolean.TRUE}
|
||||
+ * if {@link org.apache.catalina.filters.RemoteIpFilter} determines
|
||||
+ * that this request was submitted via a secure channel.
|
||||
+ */
|
||||
+ public static final String REMOTE_IP_FILTER_SECURE = "org.apache.catalina.filters.RemoteIpFilter.secure";
|
||||
+
|
||||
+ /**
|
||||
* The request attribute that can be used by a servlet to pass
|
||||
* to the connector the name of the file that is to be served
|
||||
* by sendfile. The value should be {@code java.lang.String}
|
||||
Index: apache-tomcat-9.0.43-src/java/org/apache/catalina/connector/Request.java
|
||||
===================================================================
|
||||
--- apache-tomcat-9.0.43-src.orig/java/org/apache/catalina/connector/Request.java
|
||||
+++ apache-tomcat-9.0.43-src/java/org/apache/catalina/connector/Request.java
|
||||
@@ -3601,6 +3601,20 @@ public class Request implements HttpServ
|
||||
// NO-OP
|
||||
}
|
||||
});
|
||||
+ specialAttributes.put(Globals.REMOTE_IP_FILTER_SECURE,
|
||||
+ new SpecialAttributeAdapter() {
|
||||
+ @Override
|
||||
+ public Object get(Request request, String name) {
|
||||
+ return Boolean.valueOf(request.isSecure());
|
||||
+ }
|
||||
+
|
||||
+ @Override
|
||||
+ public void set(Request request, String name, Object value) {
|
||||
+ if (value instanceof Boolean) {
|
||||
+ request.setSecure(((Boolean) value).booleanValue());
|
||||
+ }
|
||||
+ }
|
||||
+ });
|
||||
specialAttributes.put(Globals.STREAM_ID,
|
||||
new SpecialAttributeAdapter() {
|
||||
@Override
|
||||
Index: apache-tomcat-9.0.43-src/java/org/apache/catalina/filters/RemoteIpFilter.java
|
||||
===================================================================
|
||||
--- apache-tomcat-9.0.43-src.orig/java/org/apache/catalina/filters/RemoteIpFilter.java
|
||||
+++ apache-tomcat-9.0.43-src/java/org/apache/catalina/filters/RemoteIpFilter.java
|
||||
@@ -581,11 +581,6 @@ public class RemoteIpFilter extends Gene
|
||||
return serverPort;
|
||||
}
|
||||
|
||||
- @Override
|
||||
- public boolean isSecure() {
|
||||
- return secure;
|
||||
- }
|
||||
-
|
||||
public void removeHeader(String name) {
|
||||
Map.Entry<String, List<String>> header = getHeaderEntry(name);
|
||||
if (header != null) {
|
||||
@@ -625,7 +620,7 @@ public class RemoteIpFilter extends Gene
|
||||
}
|
||||
|
||||
public void setSecure(boolean secure) {
|
||||
- this.secure = secure;
|
||||
+ super.getRequest().setAttribute(Globals.REMOTE_IP_FILTER_SECURE, Boolean.valueOf(secure));
|
||||
}
|
||||
|
||||
public void setServerName(String serverName) {
|
||||
Index: apache-tomcat-9.0.43-src/test/org/apache/catalina/filters/TestRemoteIpFilter.java
|
||||
===================================================================
|
||||
--- apache-tomcat-9.0.43-src.orig/test/org/apache/catalina/filters/TestRemoteIpFilter.java
|
||||
+++ apache-tomcat-9.0.43-src/test/org/apache/catalina/filters/TestRemoteIpFilter.java
|
||||
@@ -82,15 +82,21 @@ public class TestRemoteIpFilter extends
|
||||
|
||||
private static final long serialVersionUID = 1L;
|
||||
|
||||
- private transient HttpServletRequest request;
|
||||
-
|
||||
- public HttpServletRequest getRequest() {
|
||||
- return request;
|
||||
- }
|
||||
+ public String remoteAddr;
|
||||
+ public String remoteHost;
|
||||
+ public String scheme;
|
||||
+ public String serverName;
|
||||
+ public int serverPort;
|
||||
+ public boolean isSecure;
|
||||
|
||||
@Override
|
||||
public void service(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
|
||||
- this.request = request;
|
||||
+ this.isSecure = request.isSecure();
|
||||
+ this.remoteAddr = request.getRemoteAddr();
|
||||
+ this.remoteHost = request.getRemoteHost();
|
||||
+ this.scheme = request.getScheme();
|
||||
+ this.serverName = request.getServerName();
|
||||
+ this.serverPort = request.getServerPort();
|
||||
PrintWriter writer = response.getWriter();
|
||||
|
||||
writer.println("request.remoteAddr=" + request.getRemoteAddr());
|
||||
@@ -130,16 +136,6 @@ public class TestRemoteIpFilter extends
|
||||
}
|
||||
|
||||
@Override
|
||||
- public void setAttribute(String name, Object value) {
|
||||
- getCoyoteRequest().getAttributes().put(name, value);
|
||||
- }
|
||||
-
|
||||
- @Override
|
||||
- public Object getAttribute(String name) {
|
||||
- return getCoyoteRequest().getAttributes().get(name);
|
||||
- }
|
||||
-
|
||||
- @Override
|
||||
public String getServerName() {
|
||||
return "localhost";
|
||||
}
|
||||
@@ -770,16 +766,70 @@ public class TestRemoteIpFilter extends
|
||||
|
||||
// VALIDATE
|
||||
Assert.assertEquals(HttpURLConnection.HTTP_OK, httpURLConnection.getResponseCode());
|
||||
- HttpServletRequest request = mockServlet.getRequest();
|
||||
- Assert.assertNotNull(request);
|
||||
|
||||
// VALIDATE X-FORWARDED-FOR
|
||||
- Assert.assertEquals(expectedRemoteAddr, request.getRemoteAddr());
|
||||
- Assert.assertEquals(expectedRemoteAddr, request.getRemoteHost());
|
||||
+ Assert.assertEquals(expectedRemoteAddr, mockServlet.remoteAddr);
|
||||
+ Assert.assertEquals(expectedRemoteAddr, mockServlet.remoteHost);
|
||||
|
||||
// VALIDATE X-FORWARDED-PROTO
|
||||
- Assert.assertTrue(request.isSecure());
|
||||
- Assert.assertEquals("https", request.getScheme());
|
||||
- Assert.assertEquals(443, request.getServerPort());
|
||||
+ Assert.assertTrue(mockServlet.isSecure);
|
||||
+ Assert.assertEquals("https", mockServlet.scheme);
|
||||
+ Assert.assertEquals(443, mockServlet.serverPort);
|
||||
+ }
|
||||
+
|
||||
+ @Test
|
||||
+ public void testJSessionIdSecureAttributeMissing() throws Exception {
|
||||
+
|
||||
+ // mostly default configuration : enable "x-forwarded-proto"
|
||||
+ Map<String, String> remoteIpFilterParameter = new HashMap<>();
|
||||
+ remoteIpFilterParameter.put("protocolHeader", "x-forwarded-proto");
|
||||
+
|
||||
+ // SETUP
|
||||
+ Tomcat tomcat = getTomcatInstance();
|
||||
+ Context root = tomcat.addContext("", TEMP_DIR);
|
||||
+
|
||||
+ FilterDef filterDef = new FilterDef();
|
||||
+ filterDef.getParameterMap().putAll(remoteIpFilterParameter);
|
||||
+ filterDef.setFilterClass(RemoteIpFilter.class.getName());
|
||||
+ filterDef.setFilterName(RemoteIpFilter.class.getName());
|
||||
+
|
||||
+ root.addFilterDef(filterDef);
|
||||
+
|
||||
+ FilterMap filterMap = new FilterMap();
|
||||
+ filterMap.setFilterName(RemoteIpFilter.class.getName());
|
||||
+ filterMap.addURLPatternDecoded("*");
|
||||
+ root.addFilterMap(filterMap);
|
||||
+
|
||||
+ Bug66471Servlet bug66471Servlet = new Bug66471Servlet();
|
||||
+
|
||||
+ Tomcat.addServlet(root, bug66471Servlet.getClass().getName(), bug66471Servlet);
|
||||
+ root.addServletMappingDecoded("/test", bug66471Servlet.getClass().getName());
|
||||
+
|
||||
+ getTomcatInstance().start();
|
||||
+
|
||||
+ Map<String, List<String>> resHeaders = new HashMap<>();
|
||||
+ Map<String, List<String>> reqHeaders = new HashMap<>();
|
||||
+ String expectedRemoteAddr = "my-remote-addr";
|
||||
+ List<String> forwardedFor = new ArrayList<>(1);
|
||||
+ forwardedFor.add(expectedRemoteAddr);
|
||||
+ List<String> forwardedProto = new ArrayList<>(1);
|
||||
+ forwardedProto.add("https");
|
||||
+ reqHeaders.put("x-forwarded-for", forwardedFor);
|
||||
+ reqHeaders.put("x-forwarded-proto", forwardedProto);
|
||||
+
|
||||
+ getUrl("http://localhost:" + tomcat.getConnector().getLocalPort() +
|
||||
+ "/test", null, reqHeaders, resHeaders);
|
||||
+ String setCookie = resHeaders.get("Set-Cookie").get(0);
|
||||
+ Assert.assertTrue(setCookie.contains("Secure"));
|
||||
+ Assert.assertTrue(bug66471Servlet.isSecure.booleanValue());
|
||||
+ }
|
||||
+ public static class Bug66471Servlet extends HttpServlet {
|
||||
+ private static final long serialVersionUID = 1L;
|
||||
+ public Boolean isSecure;
|
||||
+ @Override
|
||||
+ protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
|
||||
+ req.getSession();
|
||||
+ isSecure = (Boolean) req.getAttribute(Globals.REMOTE_IP_FILTER_SECURE);
|
||||
+ }
|
||||
}
|
||||
}
|
||||
Index: apache-tomcat-9.0.43-src/webapps/docs/changelog.xml
|
||||
===================================================================
|
||||
--- apache-tomcat-9.0.43-src.orig/webapps/docs/changelog.xml
|
||||
+++ apache-tomcat-9.0.43-src/webapps/docs/changelog.xml
|
||||
@@ -128,6 +128,11 @@
|
||||
Make the calculation of the session storage location more robust when
|
||||
using file based persistent storage. (markt)
|
||||
</fix>
|
||||
+ <fix>
|
||||
+ <bug>66471</bug>: Fix JSessionId secure attribute missing When
|
||||
+ <code>RemoteIpFilter</code> determines that this request was submitted
|
||||
+ via a secure channel. (lihan)
|
||||
+ </fix>
|
||||
</changelog>
|
||||
</subsection>
|
||||
<subsection name="Coyote">
|
||||
@ -1,32 +0,0 @@
|
||||
--- apache-tomcat-9.0.43-src/build.xml 2022-07-05 21:42:13.038838402 +0200
|
||||
+++ apache-tomcat-9.0.43-src/build.xml 2022-07-05 23:04:10.506328581 +0200
|
||||
@@ -957,6 +957,7 @@
|
||||
deprecation="${compile.deprecation}"
|
||||
source="${compile.source}"
|
||||
target="${compile.target}"
|
||||
+ release="${compile.release}"
|
||||
encoding="ISO-8859-1"
|
||||
includeAntRuntime="true" >
|
||||
<!-- Uncomment this to show unchecked warnings:
|
||||
@@ -964,6 +965,21 @@
|
||||
-->
|
||||
<compilerarg value="-XDignore.symbol.file"/>
|
||||
<classpath refid="compile.classpath" />
|
||||
+ <exclude name="org/apache/catalina/mbeans/JmxRemoteLifecycleListener.java"/>
|
||||
+ </javac>
|
||||
+ <javac srcdir="java" destdir="${tomcat.classes}"
|
||||
+ debug="${compile.debug}"
|
||||
+ deprecation="${compile.deprecation}"
|
||||
+ source="${compile.source}"
|
||||
+ target="${compile.target}"
|
||||
+ encoding="ISO-8859-1"
|
||||
+ includeAntRuntime="true" >
|
||||
+ <!-- Uncomment this to show unchecked warnings:
|
||||
+ <compilerarg value="-Xlint:unchecked"/>
|
||||
+ -->
|
||||
+ <compilerarg value="-XDignore.symbol.file"/>
|
||||
+ <classpath refid="compile.classpath" />
|
||||
+ <include name="org/apache/catalina/mbeans/JmxRemoteLifecycleListener.java"/>
|
||||
</javac>
|
||||
<!-- Copy static resource files -->
|
||||
<copy todir="${tomcat.classes}" encoding="ISO-8859-1">
|
||||
11
tomcat-9.0.75-secretRequired-default.patch
Normal file
11
tomcat-9.0.75-secretRequired-default.patch
Normal file
@ -0,0 +1,11 @@
|
||||
--- apache-tomcat-9.0.75-src/java/org/apache/coyote/ajp/AbstractAjpProtocol.java 2023-05-22 18:12:16.907658477 +0200
|
||||
+++ apache-tomcat-9.0.75-src/java/org/apache/coyote/ajp/AbstractAjpProtocol.java 2023-05-22 18:31:07.969096813 +0200
|
||||
@@ -177,7 +177,7 @@
|
||||
}
|
||||
|
||||
|
||||
- private boolean secretRequired = true;
|
||||
+ private boolean secretRequired = false;
|
||||
|
||||
public void setSecretRequired(boolean secretRequired) {
|
||||
this.secretRequired = secretRequired;
|
||||
700
tomcat.keyring
700
tomcat.keyring
@ -1,650 +1,50 @@
|
||||
This file contains the PGP&GPG keys of various Apache developers.
|
||||
Please don't use them for email unless you have to. Their main
|
||||
purpose is code signing.
|
||||
|
||||
Apache users: pgp < KEYS
|
||||
Apache developers:
|
||||
(pgpk -ll <your name> && pgpk -xa <your name>) >> this file.
|
||||
or
|
||||
(gpg --fingerprint --list-sigs <your name>
|
||||
&& gpg --armor --export <your name>) >> this file.
|
||||
|
||||
Apache developers: please ensure that your key is also available via the
|
||||
PGP keyservers (such as pgpkeys.mit.edu).
|
||||
|
||||
|
||||
Type Bits/KeyID Date User ID
|
||||
pub 2048/F22C4FED 2001/07/02 Andy Armstrong <andy@tagish.com>
|
||||
|
||||
-----BEGIN PGP PUBLIC KEY BLOCK-----
|
||||
Version: PGPfreeware 7.0.3 for non-commercial use <http://www.pgp.com>
|
||||
|
||||
mQGiBDtAWuURBADZ0KUEyUkSUiTA09e7tvEbX25STsjxrR+DNTainCls+XlkVOij
|
||||
gBv216lqge9tIsS0L6hCP4OQbFf/64qVtJssX4QXdyiZGb5wpmcj0Mz602Ew8r+N
|
||||
I0S5NvmogoYWW7BlP4r61jNxO5zrr03KaijM5r4ipJdLUxyOmM6P2jRPUwCg/5gm
|
||||
bpqiYl7pXX5FgDeB36tmD+UD/06iLqOnoiKO0vMbOk7URclhCObMNrHqxTxozMTS
|
||||
B9soYURbIeArei+plYo2n+1qB12ayybjhVu3uksXRdT9bEkyxMfslvLbIpDAG8Cz
|
||||
gNftTbKx/MVS7cQU0II8BKo2Akr+1FZah+sD4ovK8SfkMXUQUbTeefTntsAQKyyU
|
||||
9M9tA/9on9tBiHFl0qVJht6N4GiJ2G689v7rS2giLgKjetjiCduxBXEgvUSuyQID
|
||||
nF9ATrpXjITwsRlGKFmpZiFm5oCeCXihIVH0u6q066xNW2AXkLVoJ1l1Rs2Z0lsb
|
||||
0cq3xEAcwAmYLKQvCtgDV8CYgWKVmPi+49rSuQn7Lo9l02OUbLQgQW5keSBBcm1z
|
||||
dHJvbmcgPGFuZHlAdGFnaXNoLmNvbT6JAFgEEBECABgFAjtAWuUICwMJCAcCAQoC
|
||||
GQEFGwMAAAAACgkQajrT9PIsT+1plgCfXAovWnVL3MjrTfcGlFSKw7GHCSYAoJkz
|
||||
x+r2ANe8/0e+u5ZcYtSaSry+uQINBDtAWuUQCAD2Qle3CH8IF3KiutapQvMF6PlT
|
||||
ETlPtvFuuUs4INoBp1ajFOmPQFXz0AfGy0OplK33TGSGSfgMg71l6RfUodNQ+PVZ
|
||||
X9x2Uk89PY3bzpnhV5JZzf24rnRPxfx2vIPFRzBhznzJZv8V+bv9kV7HAarTW56N
|
||||
oKVyOtQa8L9GAFgr5fSI/VhOSdvNILSd5JEHNmszbDgNRR0PfIizHHxbLY7288kj
|
||||
wEPwpVsYjY67VYy4XTjTNP18F1dDox0YbN4zISy1Kv884bEpQBgRjXyEpwpy1obE
|
||||
AxnIByl6ypUM2Zafq9AKUJsCRtMIPWakXUGfnHy9iUsiGSa6q6Jew1XpMgs7AAIC
|
||||
B/0eHkYQ0Rv6s21TgpOzRBon+rQAv9ka0PlC7bj2eYWsCOBib8K7qO8hND0sW59p
|
||||
0uFQ01X7kC7L/4Ls1HTk0chEZMV0UrGAOKXHY1QFlxrNtFi5U3pTPITXDDfy+g/G
|
||||
6FTX3PLnGGvwXbtaiAq5UjQ6iXm03lh0BW6Q+kPtm8swPPfqfjYv0rrT+I8Ic3p2
|
||||
HplWKR2bpi3wqCSKB/AaTQJwTbh2x2+2cPVONPodgjZSJ9eQkErejkNSvqbumlTx
|
||||
dB81eoGa0Lo2xE7N+DNlCnILGE0X4hPMdj+N5fmyEbyx0WOB8crvCuODGGEQnXs/
|
||||
zbVO7FP+rj7YWjRh5pVD3bGiiQBMBBgRAgAMBQI7QFrlBRsMAAAAAAoJEGo60/Ty
|
||||
LE/tj/QAoOFNFa7rbAy+eT6mRNb7XztfcAbWAKD6Gd6S/7lEJU0k2TS5tozt4jMl
|
||||
vw==
|
||||
=/91Q
|
||||
-----END PGP PUBLIC KEY BLOCK-----
|
||||
|
||||
Type Bits/KeyID Date User ID
|
||||
pub 1024D/86867BA6 2001-11-22 Jean-Frederic Clere (jfclere) <JFrederic.Clere@fjitsu-siemens.com>
|
||||
|
||||
-----BEGIN PGP PUBLIC KEY BLOCK-----
|
||||
Version: GnuPG v1.0.5 (GNU/Linux)
|
||||
Comment: For info see http://www.gnupg.org
|
||||
|
||||
mQGiBDv9Gx8RBADclmKwDLcibNVipQnhYW+bFIpuQjQnRrqRwn3gXM+/luzzJYJ4
|
||||
bbWpw13zjX0EkrAJ8qH2A/d0EIU1eZ0zHrLgRvMUfLGFUX7FFFw18JKFLTVGhG4/
|
||||
8sSl3ydHSA2Kd1PF6xjBP7iM7sg5dJfEkyMzvK5H4F0ZpTqy3087wsg1wwCgitRy
|
||||
Zg4x3lWZSkOwBj472qaO9GkD/2q6kyWfAK6XFe3GuB5AAs3poMfN1eqW+duM4TA8
|
||||
zUiWK0Wxx4JXJbL7n0i4d+JdXJsrjSjF++KKfelcxsrSxoUIBegez25MUSvHe09D
|
||||
R3nqkY8CVO+viEtzRBqkSgCMbUjAtfkQ+vp2jDnWSmmkNfY0OYAzt+KRyJKcjUSJ
|
||||
gvOOA/45+DN9wuTELoFTvsXh1JgOL/QvW1fmQ2HrcQk94BkzIsfVGWClCiig5gNw
|
||||
LCxTbfgA5htpI8U7vPR9/5gH7U8Wy3HR6xQUZxcbttMeYit2VbDEJzF5r5S0pJvD
|
||||
vyk3n1kiKU7r49sjhxGgE8J/VvDpO6YcIsDs8LoULwuJTg0DTrRDSmVhbi1GcmVk
|
||||
ZXJpYyBDbGVyZSAoamZjbGVyZSkgPEpGcmVkZXJpYy5DbGVyZUBmdWppdHN1LXNp
|
||||
ZW1lbnMuY29tPohXBBMRAgAXBQI7/RsfBQsHCgMEAxUDAgMWAgECF4AACgkQ0+/m
|
||||
toaGe6amGQCeJU5VZ8QCi8+PY0QJHPA63e5uPyoAmgOWIwFm8A/xmW8qjEvVAWtb
|
||||
TjZxuQENBDv9GyMQBACCbFlSF+udW/Qz2oknDen8Hoql4Q1Q7CUQTbPjoQAcYgZg
|
||||
LrsR6hc9aCIf3Kt4qZBgQ1Oe9M/AemOFhU04UNp3dgHk91EYRvx80Rua992p/8V7
|
||||
QOhwIBVb2XE8as5nL2j8w6Jz7eSs/bivxm9yD0AH/I5H01RAJivRbOTsUgSkDwAD
|
||||
BQP5ARlW2Nqc0U17asQsmMYvT1UMiOiyBwUD/DIEG2Xy1hlEvdljg8WU26jcjpGq
|
||||
MrT69T4Z+eZ2oVyiRQTW4qMUBKc0Nbz89hL0qv9K41ExxxH+JgE1csRVvmwAT8Iy
|
||||
lnhof7TJLRBtvan3+p21Kxl1uQ7MbmLT875u+vc+J098fIiIRgQYEQIABgUCO/0b
|
||||
IwAKCRDT7+a2hoZ7pn9UAJ9f0TK0QQOtjQBvxAissopYhDKHGACePZg0k9sj69yw
|
||||
nVWrBS9fvFC9jcA=
|
||||
=BTiM
|
||||
-----END PGP PUBLIC KEY BLOCK-----
|
||||
|
||||
Type Bits/KeyID Date User ID
|
||||
pub 1024D/E86E29AC 2002-02-13 kevin seguin <seguin@apache.org>
|
||||
|
||||
-----BEGIN PGP PUBLIC KEY BLOCK-----
|
||||
Version: GnuPG v1.0.6 (MingW32)
|
||||
Comment: For info see http://www.gnupg.org
|
||||
|
||||
mQGiBDxqtR8RBACbySxGrtf+flbowryS1Hj4z3zzEXD4CAEq6RjSGMtIraCDRJfp
|
||||
6Gexs+lQ6IhpdC4GfX70SUMjXXvT5suhXYeGOM4iJHqUsksgzEKjUqcfj1l3qmOs
|
||||
/doE8lcGGHcYbMplBcfuop+shZYiv9GEJ3gutwn/dNnhs/QA9bCdIj03lwCgvAcy
|
||||
QpT5JdTym2p2icd5e91mGIUEAJMw6JHTTcCiyoTRy7k8Cf65d8S7bTDLr6pqJVE2
|
||||
XU41CvW/pgL31akYAxpeZJJnsBaLaUiqh6K0qgfEMlDwDeC6gVogHBxWkEXdK1dr
|
||||
tGL4GIUcxQ1+ZvQhGg7dtjanmfMlylVgS+C48awJySkinRmaQDbQ0MKdFchLc/y1
|
||||
OR3IA/0VkIvlidehMPbZCalqhS9AEsDiFq5/u5AsQzDEp2nmTGlmBqjhc39kEnu4
|
||||
qKq08az1Gt6Q7sxXbjH/jYtDgd49FW5Yg4k5B3hpTgnbyRE6SGlKksu8qTmYkDve
|
||||
4rej6pvJRHwp6hDKxDG8qQoLWIgOfVC8960nurqx56QdV9YMsLQga2V2aW4gc2Vn
|
||||
dWluIDxzZWd1aW5AYXBhY2hlLm9yZz6IVwQTEQIAFwUCPGq1HwULBwoDBAMVAwID
|
||||
FgIBAheAAAoJEKy3f8Lobims3E0An0x3rrUMIijUMFoqnoT7muNGwmAzAJ990TWj
|
||||
dZO4ayh1M+cWhjaw9W+44bkBDQQ8arUkEAQApaMm5HUB1Yk2x5MavAs/O4zfWnOx
|
||||
YFOeXIPfGvhlhF2/Lrjs9icaa/tOM/CTCes19nDWP5Fc+pQxmgSPrgt3fsShwZJe
|
||||
p3iYodLbM76uXEgSvI4Wh6kwViHbN4V1GxJAd2ZPVb1v+lauGUCOgPFGw99UV9sO
|
||||
tTRXSbFS6AgqQzMAAwUD/jq6boxlnab/GUmKrILeLkv1X0G2/AEXEGRmG0nkhVdj
|
||||
OShoqtPr4y/UhMzJUOequs2CdvRlTIyAyZqN7A0Qp4mFfmsvp0dYYssTtE4bCzZe
|
||||
WxSKgjtBWBHXnH+Qzjb5R2Tz28kAxNY+dt7yxC+CkXWDZq/rsPgsXNbWXT49FnF8
|
||||
iEYEGBECAAYFAjxqtSQACgkQrLd/wuhuKazl7QCfQkz5t/3T6EtXZCcXz/hlswyI
|
||||
z30AoLr/7hwXgedEepBk/Gm9HUsbMnM8
|
||||
=S1mb
|
||||
-----END PGP PUBLIC KEY BLOCK-----
|
||||
|
||||
|
||||
Type bits keyID Date User ID
|
||||
pub 1024D/307A10A5 2002-07-18 Henri Gomez *** RPM SIGNING KEY ***
|
||||
<hgomez@users.sourceforge.net>
|
||||
|
||||
-----BEGIN PGP PUBLIC KEY BLOCK-----
|
||||
Version: GnuPG v1.0.6 (GNU/Linux)
|
||||
Comment: For info see http://www.gnupg.org
|
||||
|
||||
mQGiBD02vbERBAC1v8fR6gjERpaz4UMfdy0hRVWCPSbOdF+Swm/IenjVzErco6zb
|
||||
MTa13umUNrDPBy/tTWiCCZrOnqi7fgDzWqPEqrXJjKAFVLEWE6MmKylPPEPG1/bm
|
||||
idkNGERSAZduvhKv777PzvEJJ/8eGe3wy/O8NbgIjCPtr4UklwCZS8cFuwCg8oMO
|
||||
UdT8qZRtzdxdAyu1m5fUb+MD/3IKJYWXsdtb6iBphCU4f/BoyjVC9EZJ1ywLuiVM
|
||||
siKbuaDUaXU9nWcbNKv+fx8uZ1NaadpfLokqqhnWcpnSiqw8HNR7SwsF1D33rkXK
|
||||
O4FSuVss/tIoqGdWFcJyPkP4yP5shxqR335narVw2vDa0+BiWkALbA2qVsSIdZDB
|
||||
LeFZA/47AMBS0U2BRk2rQT8LmMuFl7mR+wNBM4n7FUGdxsGn3TcYd4pXTNrEQPrV
|
||||
YNdooKlikgGk4hgFnIFX09Spmimqgq0goFue81rttVdZZ4uep8dTghY6gwmvcOxX
|
||||
jATbhWStBhdu9B35kzfHc+1QihD5Z94u4uyWIVBIzikcdiY8LbQqSGVucmkgR29t
|
||||
ZXogPGhnb21lekB1c2Vycy5zb3VyY2Vmb3JnZS5uZXQ+iFcEExECABcFAj02vbEF
|
||||
CwcKAwQDFQMCAxYCAQIXgAAKCRAZMdaEMHoQpYijAKCCP68ndU/kTXR9XAKLvibC
|
||||
3S8+1QCfUFQYte3Jo+MHKaWjsu9JGptRzo+5Ag0EPTa93RAIAKlsRJ5gOGTFsmaR
|
||||
W9k6MIh4c/MCy7J7HUxT5xTdHROa+3zUh+FAE/JaOx9ZtZtH863DFHA8cP4L+tpi
|
||||
PjBT6g2E94dwGcuH/OiSSCT4JSBukbGbOuLLdmFXqUl8+4gsL90Xal67FtNLwyLG
|
||||
1n7geLir0byD+OT7VLA5w+6G0NOpJEveV/FIa2qLgdRZ8vz73ybgMh18hBUrUmro
|
||||
jncp0rln2VU7VCH1C2aClKm7kK4mGAjIFIzKbguK+kM3b8NDHmXKpT6syyCtIM3h
|
||||
prkV1TUCAFqLI32aSdlTN79lpeA2zDga9k4/4X/RDHsFpRN2neRFGTNUtuUgYpQQ
|
||||
E5zWBmMAAwUH/RiGxyeBsad923IwE1+GAjxFl2tqF9xWk0J6yTnSK4nfhYAE9evV
|
||||
jwDEok9jRl4ILCcXx6YN/d/lWNuSbARKHz/3hLiTouPpwd3SSJ8is2x9PgpJz5JX
|
||||
cD0y1SkbPLvs3jH3ZmdcxZpuAmJeI/typqFKK5pWP44oXIH+XH/8nWDtmLEBkgKQ
|
||||
/ATQWenMTmZ6MIJ6aWKWGkO9QS6iYRz3PPPGQ1O8W02CeprM2wBtlb8J1Z3RxNhM
|
||||
rZcg/1Qi3V3D1HI4zw6tAFmDeBb8J4PaBQzqlhzx2EBTbfwNPhV8AlPvpxHEeGGn
|
||||
v+O1yhZr33SnyZdINNoNDn+owVMdmkobe9GIRgQYEQIABgUCPTa93QAKCRAZMdaE
|
||||
MHoQpRsTAJ4qst3MhLm48fBAEnzuzi/BIKr+AgCfYaCB/AvPoncQbHc8BcNGRimR
|
||||
P9A=
|
||||
=hQhz
|
||||
-----END PGP PUBLIC KEY BLOCK-----
|
||||
|
||||
Type Bits/KeyID Date User ID
|
||||
pub 1024D/564C17A3 2003-01-11 Mladen Turk <mturk@apache.org>
|
||||
|
||||
-----BEGIN PGP PUBLIC KEY BLOCK-----
|
||||
Version: GnuPG v1.0.6 (MingW32)
|
||||
|
||||
mQGiBD4fwXIRBAC7WRS8PYxi2YH0T1mX4HCYsF8aHoqxBzMnyFR4J896m1s96vGM
|
||||
BTSAwH2NKbiVqtfLokTbQkUVxtrgrF2HMB5NfYBg/JzT7pZL/Q2ThWUS7SJQQA4f
|
||||
a7/DpiLiHalp6iX45om6JTdIWEyXv26csIVhmtlkGBEPRhNRX8X4//BM0wCg7wcA
|
||||
yQ7c5NmoOJLVs+uHsRrnHo0D/R/dMyuWt7/o0eGIEuRlDl2q+YL8xLuVyJMXQBnd
|
||||
jo7jKpQ+Q1zl93aVTzsJa7mP2zZ7jqaJ855sdz6rvwyhGF1/qYMtm6zrmgBy2XPm
|
||||
J+57sfwSZr0bhIeMpCWjIw98z9sObq0v2r2oA3+J9E3Na/BZsCVTZVb3ew7ILmEp
|
||||
F5D7A/4zvjY41dakCAJsD1Xo8TS6hSqJf4zq9vX3ayJVvUjeo8n4sHNOwcbEnnui
|
||||
9zZaUH3F0x+3cDo7mS1Y4pD8THuqCZoSbSkiHnlved6nLXsKbqvVrVo+esEhfZCn
|
||||
Iji3gp+2TVNwdHXGM+4BAzMJCLsdXjByO6SNzB9a+H8RsRlZKrQ8TWxhZGVuIFR1
|
||||
cmsgKCoqKiBERUZBVUxUIFNJR05JTkcgS0VZICoqKikgPG10dXJrQGFwYWNoZS5v
|
||||
cmc+iF0EExECAB0FAj4fwXIFCRLP94AFCwcKAwQDFQMCAxYCAQIXgAAKCRAcUGQH
|
||||
VkwXo0jxAKCgHzXPIB4IAgoD7GMAohPQfX7j2QCeL6pAsf4pPufmPvbrrpDp6rQH
|
||||
GOS5Ag0EPh/BhhAIAKWzq7+/+nNYGpc7sXGkDNo9xncxcx/KbbJVT0rBteuaonQ4
|
||||
vYar1ITjIhOPmF9yPmpUddNrqgQTSO+Or+ZrVOndn+qC1gdY3qpKIN3KTjXloW38
|
||||
0Y84ezwdRLznQNkhgXwNcB55l/Z9kLaW2MS8CJzOuYSQT1CYbXg7XP3684ZmV1KC
|
||||
cGgcUt9VkIGqwsa2RFDNGvMbySedSkJ/70Q+PJlkXN+W86f8hi3HTjw2MCkNa5NL
|
||||
+Byg8FEAm95YWrO6kCY3qaJYV7NRt9oVd+2V/NNzwYp3Or/QoYofvfNerupfwBmU
|
||||
GEXPyZCqqNH6nDv6chscsWvEA9KzhsWnsdKhmHsAAwUH/R6LwfWgtpaO42dQI4ZS
|
||||
VRBmCeWrXCuyVk0d13Yz0xLi5Z5m4g3MON3d+cRVUiyNX+hbDGpi2mkbsnL559Ef
|
||||
iqmzDmSz5GQHDutolhOPtLxLrC537ODn2q7hnYQwIQYYIUtYD5sYlzfGYC8olGCB
|
||||
IcKIdlGRWcxxiFCIJm5CX/jnSBsyDRpanlSrdkxhzAGsifqj4NQ19ayoeNoZg2ZP
|
||||
9SLIY7vbmOxJeHEYkx8AG25xOY1PLotb/0buSXPB8e71zb/DCV1rAhhUxAr/2JOQ
|
||||
RqlZBq6PfcHKLRitXRCeVvfldRxuWBIzhuTLUfRPYR6phjP50EzZPlbJzIvGwsOI
|
||||
RheITAQYEQIADAUCPh/BhgUJEs/3gAAKCRAcUGQHVkwXoy0JAJ9WTfqfYzW/F6qi
|
||||
5MxmqDnU9/G+6ACfQVmhZNnGTSfcwQCttwCaW3CRhDY=
|
||||
=MWUr
|
||||
-----END PGP PUBLIC KEY BLOCK-----
|
||||
|
||||
Type bits keyID Date User ID
|
||||
DSS 3072/1024 0x7C037D42 2003/08/05 *** DEFAULT SIGNING KEY ***
|
||||
Yoav Shapira <yoavs@apache.org>
|
||||
|
||||
-----BEGIN PGP PUBLIC KEY BLOCK-----
|
||||
Version: PGP 6.5.8
|
||||
|
||||
mQGiBD8u/mgRBAD5WKD5xF3CLrnABeS1DvQQhYH+tJjvAmyZgFkYwaQT7eiiOzLa
|
||||
PC5knbcBC4nuw+8OOPDFw0Ghb2MFogQzRxD6gpPH2t9eEUsrkPFax2Kw2vNTHRrQ
|
||||
RGAastmi+EYJsQAoktX2dPseTdrkeJBk240Bfj08ZUFg4uPuho9C45ND6QCg/6SO
|
||||
FMuan62QE+DwlUiMDo4ZcU0EAMDS8k6Dhb5m/0njO6w9OLTEyzohlsM9AP+4mfgB
|
||||
NOJYhrzfkFoElOcWSA/V3nmYn2VS0oIYDDtBnjXVWZidzTAWKsbT9/AepS3/P2tG
|
||||
KMhlXhas+uAiAbMpOglz8fdQ76ivQqyRdS99t4iy/cP2ZC3ShAqZQCacfWY5ZQ8Q
|
||||
kTILBADvp/eayw8fvtfWQXJ9EjBRbhO4THmP6z8J+4ypG6l0V/RBjDWZybrqibO9
|
||||
ejnOjQYJNCnfrfpzQ5l6dHyy86zLyg+bkFxeId4jp/IfDfJX90sGbuQahNYYwqTp
|
||||
SFiDMI3KN5ZhzhGnx+pKQh59pcux3HyKmcpPa4oB0CT828lWuLQfWW9hdiBTaGFw
|
||||
aXJhIDx5b2F2c0BhcGFjaGUub3JnPokATgQQEQIADgUCPy7+aAQLAwECAhkBAAoJ
|
||||
ECZhkcN8A31CGLkAoPRDGtLRwjkzS2F/OBPkRHKF9/atAKCIh3Fmcr2Cdn05P4qF
|
||||
kBe3QeWVt7kDDQQ/Lv5qEAwAzB13VyQ4SuLE8OiOE2eXTpITYfbb6yUOF/32mPfI
|
||||
fHmwch04dfv2wXPEgxEmK0Ngw+Po1gr9oSgmC66prrNlD6IAUwGgfNaroxIe+g8q
|
||||
zh90hE/K8xfzpEDp19J3tkItAjbBJstoXp18mAkKjX4t7eRdefXUkk+bGI78KqdL
|
||||
fDL2Qle3CH8IF3KiutapQvMF6PlTETlPtvFuuUs4INoBp1ajFOmPQFXz0AfGy0Op
|
||||
lK33TGSGSfgMg71l6RfUodNQ+PVZX9x2Uk89PY3bzpnhV5JZzf24rnRPxfx2vIPF
|
||||
RzBhznzJZv8V+bv9kV7HAarTW56NoKVyOtQa8L9GAFgr5fSI/VhOSdvNILSd5JEH
|
||||
NmszbDgNRR0PfIizHHxbLY7288kjwEPwpVsYjY67VYy4XTjTNP18F1dDox0YbN4z
|
||||
ISy1Kv884bEpQBgRjXyEpwpy1obEAxnIByl6ypUM2Zafq9AKUJsCRtMIPWakXUGf
|
||||
nHy9iUsiGSa6q6Jew1XpTDJvAAICC/4iJF383WNktP9/SxeGVIV74r7C7q5Cxr4a
|
||||
Liy7pEYs52DEft3JzTCLI5O4+NjOw+hEd3QiIytUJRW66V6zd50h4x9lBfK+eMYz
|
||||
GKNN7kd3aBmH/vXEsG9m9bK1ExwyWq4uyf76nRx1Ya9YthNWmxPUHQnSrOYNPU0/
|
||||
beA87ouZG4RL9tYqdu3NKJ4g/DYiaw+twvhSoCUkBEFHFfKLDlv8zyQvPTaPUSAM
|
||||
Ha5/G2Dj1D5RluMSCEMG1V8+YcYAFh63WEP7Afye0mR1LMJvmlba67ogh0ZSfR+I
|
||||
ju3lhJ9XOp/2W372F9ZbRJofgofVwHQV6INB5uX7KHAdXtPTss+l1nTmydLhsiPC
|
||||
5oh99ITPdOm8gRzrP10aFwCnwsqXvr+b7fX/CywpuCOQMIr4sbhbYTTClwDo6E0U
|
||||
TQ+Nb7PWE+8KuJuobTvMUqDQSQaQBnkpLcvRt3cPppANtkaADAeNf0RqKxxLlym4
|
||||
AltN8G8IMLtSJoH9xlQHTQA4tEUeKOeJAEYEGBECAAYFAj8u/moACgkQJmGRw3wD
|
||||
fUJh7ACdE7QuMkzSbxEzTXnbkS61AUPy06QAoI5b613vrWeqg5Gz9C7TzG+FEEoh
|
||||
=O17Z
|
||||
-----END PGP PUBLIC KEY BLOCK-----
|
||||
|
||||
pub 1024D/33C60243 2004-09-12
|
||||
Key fingerprint = DCFD 35E0 BF8C A734 4752 DE8B 6FB2 1E89 33C6 0243
|
||||
uid Mark E D Thomas <markt@apache.org>
|
||||
uid Mark E D Thomas <med.thomas@virgin.net>
|
||||
uid Mark E D Thomas <mark.thomas@springsource.com>
|
||||
sub 2048g/0BECE548 2004-09-12
|
||||
|
||||
pub 4096R/2F6059E7 2009-09-18
|
||||
Key fingerprint = A9C5 DF4D 22E9 9998 D987 5A51 10C0 1C5A 2F60 59E7
|
||||
uid Mark E D Thomas <markt@apache.org>
|
||||
sub 4096R/5E763BEC 2009-09-18
|
||||
|
||||
-----BEGIN PGP PUBLIC KEY BLOCK-----
|
||||
Version: GnuPG v1.4.9 (MingW32)
|
||||
|
||||
mQGiBEFEjegRBADocGttfROvtLGrTOW3xRqZHmFWybmEaI6jmnRdN/1gGXmb3wQL
|
||||
rHsS3fLFIIOYLPph0Kov9q4qNq36LekShIvjMBDFoj2/wRxaUtFq81asaRZg8Mcw
|
||||
4kVeIoe8OIOuWmvYhU8SH2jJNUnVVrpTPAa6QWquTmseNi6UJMjLxuL7DwCg//9u
|
||||
k2yj0vk6e4WSO6Fe5+EkQDED/AjQsy0kj9TpNHkKSSUR2evRlWPYA0YtxBSbsgON
|
||||
tT0cYipAp5IcYt6Zq5QzHiZreyQXLAjItDS2oGCIXfNbTYJ3kxxJTCU/3wlefVdq
|
||||
LBh4ttm7gmWaiTDTgG4axLF5oMpAb3m4v6s1KvXVVj2pqkhBknfuoRh1wPqbtwks
|
||||
7HOIBADVezl1/vny5YzdoqsDx1ByXMLi7CuMexQPllhRbdN+an+ZiJ5YP8J9rPdl
|
||||
NCELsCCcDKLGLjlp43XfMxsgYAPEZNG2ObjKTarhk3uGYN3aJrx7s+G+c2bu8o2n
|
||||
SyAFQ1iDsjS87PgSPCONA2/36ZShmv1OjLWz5Vo7hGSPcW4ZdLQiTWFyayBFIEQg
|
||||
VGhvbWFzIDxtYXJrdEBhcGFjaGUub3JnPohGBBARAgAGBQJJEoLqAAoJEJsf2p88
|
||||
BiIx2ssAnjsjHqeIOdOQYuNjDxVIqfAQN8vaAJwLv/HLCQwTZdxOFqwt/Pf/Ae5L
|
||||
6IhGBBARAgAGBQJJE0bmAAoJEJA4TZo1x+lCCH0Anj1yuBFfP+bNK+51xQhqFsSN
|
||||
cB1vAKCzK5HbowxZd2MjzMU31USprksZTIhGBBARAgAGBQJJGG7wAAoJELDgGPyz
|
||||
tNmL35kAniTaqQ+uSzJgX1o7Bp8BAFYoQ+o0AKCm4eD3gf06AK20FZwSck8ibIQ2
|
||||
3ohGBBARAgAGBQJJGekxAAoJEC0hq2VlRht59xoAnRcmnR1vJZsRCGcSuxKv+0nA
|
||||
FrKsAJ9R7Gdc25unU6zF/UwUs7LdWTIFN4hGBBARAgAGBQJJGjZhAAoJEFuWgBDg
|
||||
T5qJQLAAniDrgK53AhSBmZRGLU6HaI4jPO6jAJ4gWQWhnovMkAKqLRtc18Z1Q60N
|
||||
vYhGBBARAgAGBQJJHtOZAAoJEFMmz0Afnhe7pzMAnAu/W6rzeOXe7SoMtbPF4mg/
|
||||
OycXAJoDQfqJpGoUFEjsoePDY0WOd5hI9YhGBBARAgAGBQJJVjbUAAoJELlbvT+k
|
||||
PESS4lIAniLTQ0XnArkk0TCIBeSWWRL2SvWjAJ4+9XuK0Mg5Pk2454JbWxXqv0cW
|
||||
i4hGBBARAgAGBQJJXgPpAAoJEA9FCiZiEL/ADcsAnAns0QDk3Iwb0X1GbhRfRHFf
|
||||
GeV2AJ9+8rA4UfTtUnFMZZCEdyohyunM5YhKBBARAgAKBQJDme2qAwUDeAAKCRAM
|
||||
PU85FKClKanOAKCIBOdqECQwSoSS6Bsw/j0rhhhOHQCfTCp+IgPx+uJ9YhhgKDyr
|
||||
U3psooeIagQQEQIAKgIZAQUbAwAAAAUeAQAAAAUCSrQLBwULCQgHAwUVCgkICwUW
|
||||
AgMBAAIXgAAKCRBvsh6JM8YCQ/3tAKDTsnK90MamPgLtqRxEDmCMu6mX7ACg5rF4
|
||||
05TH5JA7h23YfJCsC9ZTeoCIqQQQEQIAaQUCSVsZ6iAcU2FuZGVyIFRlbW1lIDxz
|
||||
YW5kZXJAdGVtbWUubmV0PiIcU2FuZGVyIFRlbW1lIDxzY3RlbW1lQGFwYWNoZS5v
|
||||
cmc+HhxTYW5kZXIgVGVtbWUgPHNhbmRlckBtYWMuY29tPgAKCRCyvrxAFSkkr91K
|
||||
AJ93ymf/0iywAVIno5/T8/QUJSKVBgCfe4UPcLtISs3GI8mpYyjCXq35OEmJARsE
|
||||
EAECAAYFAkkSbKQACgkQW+YxwZmV0krHkgf407SOW6qaU4nqHUJ5kFPWgcLcVVo2
|
||||
w4gQ1u6s+HzEXNTmvKZrOIzKJMnttyM2RDklmCwaI/lkJApyMbQoMW5UksTGVgnF
|
||||
WHKyiYx03SnVNPH+QID9IhPzAvp2rLH9IQUtfu1vxvfsQQEZGNmKXUgaG0OduXTY
|
||||
J+EkhaIFotOa6pLBcUuqjmbSI840IjnVV5a5wLyonDGFFJ7FbbHDecOcLzI9jmSd
|
||||
mLQlgXD8XwYe8XqNknc6C4uOniDc+iuDRqzGFAMs7f8YK6C1fh3mWCjuNNQ64wvm
|
||||
JqvxWinFKh6BpTBecqtXwta1Vzfa3tGKSrWCPfODAUHqXni+hhdEqMftiEYEEBEC
|
||||
AAYFAkoVTuwACgkQarqkr5Czi1hBvACeLUdijz+jB9K9XGL1O5ZhPv8bEWwAoIIw
|
||||
5uol5zSFoHcK1WHJI5D9CUhgtCdNYXJrIEUgRCBUaG9tYXMgPG1lZC50aG9tYXNA
|
||||
dmlyZ2luLm5ldD6IYQQTEQIAIQIbAwIeAQIXgAUCSrQLFgULCQgHAwUVCgkICwUW
|
||||
AgMBAAAKCRBvsh6JM8YCQ/rAAKCcgX1TjaeqTP62LIxml8Z1hL0cSQCeOZiYPXub
|
||||
vNxwTWh01BOrh5oztDqIRgQQEQIABgUCSRKC6gAKCRCbH9qfPAYiMTeJAKCfTgLW
|
||||
8OR8o1SY8DHu5/Lw/QyffQCfefq9NCLX99dWBqQqQhX8Ov/vt1yIRgQQEQIABgUC
|
||||
SRNG5gAKCRCQOE2aNcfpQsvGAKDh7MWTZaEaEe9zBbiHiUQOtZYsSQCgqdqu199/
|
||||
TDjuXF+frwmzaZqOB3qIRgQQEQIABgUCSRnpMQAKCRAtIatlZUYbeZNCAJ9e6ogA
|
||||
O4ZpKrEQHuuJnpPnDYT5fgCaAgyY2X29cnP+r79XpqngCGqKR6iIRgQQEQIABgUC
|
||||
SRo2ZwAKCRBbloAQ4E+aicu/AJ9w90lBNZNBRpoQ6BpSGi88e7GrOgCfe9sD/Qbj
|
||||
xJJ4FifW8I0/sHbpaNeIRgQQEQIABgUCSR7TmQAKCRBTJs9AH54XuxYdAJ46GTR8
|
||||
lGoMPK/hUnjeTZ0neTacyACcC6y/DMgkUi499c/zqq9PbIfq7+2IRgQQEQIABgUC
|
||||
SVY21AAKCRC5W70/pDxEkvlHAKCKieHMrMKnD2U+43ryLJa1S1hr9gCcDnBl6uvO
|
||||
7qcTozf9k/S8lYvOGs+IRgQQEQIABgUCSV4D6QAKCRAPRQomYhC/wGLfAKCp+OYb
|
||||
ANzRA7CKs/3bcGjGmFet+gCffHlkrqm7ZgaBVl/2thvldg+obqmISgQQEQIACgUC
|
||||
Q5ntuwMFA3gACgkQDD1PORSgpSm/uQCfUdtXgb+/jBVYS9zEFy5MNEssdsIAnRv5
|
||||
oMNzdqDJ7F/UuU6hUm1QhdkUiKkEEBECAGkFAklbGeogHFNhbmRlciBUZW1tZSA8
|
||||
c2FuZGVyQHRlbW1lLm5ldD4iHFNhbmRlciBUZW1tZSA8c2N0ZW1tZUBhcGFjaGUu
|
||||
b3JnPh4cU2FuZGVyIFRlbW1lIDxzYW5kZXJAbWFjLmNvbT4ACgkQsr68QBUpJK/d
|
||||
SgCfd8pn/9IssAFSJ6Of0/P0FCUilQYAn3uFD3C7SErNxiPJqWMowl6t+ThJiQEc
|
||||
BBABAgAGBQJJEmykAAoJEFvmMcGZldJKI50H/iCJKvk1gi9oIiL6EISeuSngzsis
|
||||
Jzcg951BN0GVCvLvvVwKNHD7+myiB2gkKKp2yv/A1DVPaZ7ZNkB4KEPLlorLw7iK
|
||||
gb4QrqgezJaRcJ3zisTh6JslOKuV/7Ojy4DZOXVFsr7LSFXPgl6O29AEPD6SHjOH
|
||||
0x6RTJPqrsccQ49/KBAUAm1oMmRhcE7jsMl6Y3gQGIkSxG7Pag9zj5qxeqljdhf+
|
||||
QbM4cb9a8jPCSvU3RfXH531PILENGpprvH1oFforY7sNyI8AOMQ1on7Pnk09zbNx
|
||||
lRBq73dV5RCBtg0xF6v4/dA/X1O1cGnXGAYM7Tp6WXifJzPssRySCuwTZvWIRgQQ
|
||||
EQIABgUCShVO7AAKCRBquqSvkLOLWAz2AKCfHh162MhNPvfzMtvqR3Vz+x92WgCf
|
||||
e16LZToIN8IUA2Sqyru9Y6J5Hlm0Lk1hcmsgRSBEIFRob21hcyA8bWFyay50aG9t
|
||||
YXNAc3ByaW5nc291cmNlLmNvbT6IRgQQEQIABgUCSRKC6gAKCRCbH9qfPAYiMUdj
|
||||
AJ41QcpKYNSt1tHNV3YATFcYf/XIKgCg7MFeSGbpvW1W1/weqnraMzFzLfeIRgQQ
|
||||
EQIABgUCSRNG5gAKCRCQOE2aNcfpQnTyAKCdCXp8TBXMKajXNbepnP/8AcxuvwCf
|
||||
ZABpYIEZ2up4mOTpQCKtAfuj3XaIRgQQEQIABgUCSRnpMQAKCRAtIatlZUYbeY7m
|
||||
AJ4hT6Y9bnDyS2ZQgxDoe0q1KmeLEACfTNOmAvfFCPpJd5jefNSAg5hblpaIRgQQ
|
||||
EQIABgUCSRo2ZwAKCRBbloAQ4E+aiXu8AJ9+n0GqPb0pLsFd1bHAnbUFE7wQAgCf
|
||||
YuHmCCO1a7o1ZhOMmTqjQY8znMaIRgQQEQIABgUCSR7TmQAKCRBTJs9AH54Xu8TF
|
||||
AJ46JXUYFXbZocbqNxfhfusocDncxQCg180xr/NoOPTmUqne1xT3CNb2gJSIRgQQ
|
||||
EQIABgUCSVY21AAKCRC5W70/pDxEkm2rAJ9sBYuejJ4w8CXwSSiH56j26JnqqACf
|
||||
dwaQ5K/fBzZCZO3XeHq/CGF+uQmIRgQQEQIABgUCSV4D6QAKCRAPRQomYhC/wJ8p
|
||||
AKChOJ08LU1Ji+c0TdCrUS3xHPusvACfX4b7m9UU4KPSjFBt86Wy+7Tl/1iIYQQT
|
||||
EQIAIQIbAwIeAQIXgAUCSrQLFgULCQgHAwUVCgkICwUWAgMBAAAKCRBvsh6JM8YC
|
||||
QyLIAKDfzPcdTFN6Iu7MENRKHRgkhlWwcwCg4WwimtdbIuNUaJlHAaDCkXDOK66I
|
||||
qQQQEQIAaQUCSVsZ6iAcU2FuZGVyIFRlbW1lIDxzYW5kZXJAdGVtbWUubmV0PiIc
|
||||
U2FuZGVyIFRlbW1lIDxzY3RlbW1lQGFwYWNoZS5vcmc+HhxTYW5kZXIgVGVtbWUg
|
||||
PHNhbmRlckBtYWMuY29tPgAKCRCyvrxAFSkkr91KAJ93ymf/0iywAVIno5/T8/QU
|
||||
JSKVBgCfe4UPcLtISs3GI8mpYyjCXq35OEmJARwEEAECAAYFAkkSbKQACgkQW+Yx
|
||||
wZmV0krGSgf/RlmcEUwth7OQkmpIGPeGbrfjpbuK/AV0+Q8nBJAsAWiMl1ydBo9m
|
||||
L3oSh2D+0G3gLCyckgA1bcsNdtxMPctxJdmju3rWbq0cEVG26U/qeRDjkZafLa8n
|
||||
iPReRVRuJP9uAgQ19cv7mOYjRiEjTqeA2IJ8J2RWLZSOf/3u4mWwjq6hMXKGxHc4
|
||||
phKVQyjgRh45DzG3wuXa5FpHaG1gYgkUhIvW+RGPbuvKNKMSRIuXs8GzsTbWvNWG
|
||||
/aAOG8B3gR48hQCq7Ja//+ebfKWWi0c37X09VHt9VlNrhWvKziDaofwsobbAa2+F
|
||||
fby/1fBgoMVNdmtvXWlzugkQ+G3xXZkzdIhGBBARAgAGBQJKFU7sAAoJEGq6pK+Q
|
||||
s4tYOREAn3tCOMDivfkSiyRdAOB8sjd8H76KAKDFbj1BkgeYIzWQhHxR0SHC9eoL
|
||||
NLkCDQRBRI3pEAgA9kJXtwh/CBdyorrWqULzBej5UxE5T7bxbrlLOCDaAadWoxTp
|
||||
j0BV89AHxstDqZSt90xkhkn4DIO9ZekX1KHTUPj1WV/cdlJPPT2N286Z4VeSWc39
|
||||
uK50T8X8dryDxUcwYc58yWb/Ffm7/ZFexwGq01uejaClcjrUGvC/RgBYK+X0iP1Y
|
||||
TknbzSC0neSRBzZrM2w4DUUdD3yIsxx8Wy2O9vPJI8BD8KVbGI2Ou1WMuF040zT9
|
||||
fBdXQ6MdGGzeMyEstSr/POGxKUAYEY18hKcKctaGxAMZyAcpesqVDNmWn6vQClCb
|
||||
AkbTCD1mpF1Bn5x8vYlLIhkmuquiXsNV6TILOwACAggAri0hN7wUjnkzDNOHs7j7
|
||||
eM2VKdDxUBkC9287maduH9fEvD9wXphgJNldx2WCZs5jYHeC9LyAvcchXbiAhYG4
|
||||
lfbssyj8B7woEMGrqRbxSxp+0PSydJ5WsBjeyptd7yUxt660/1DCsC05PiDBGEMF
|
||||
IAYbeh05wWjPlKlcf3geDx6G4preUXnc/Qp0+A65QNDOjod3j1gQ+vTZ4cKNgDeN
|
||||
nV/1tinJw3tokTbvyRGzmLLLI9Ht1Zh8BJsGtOuE6UKcNXwpclu7H+GljnEL3E9d
|
||||
kdITb0YU0dU1dKc4yDJG0T5EXs4SGOeQE0yH3Gma8PmLm5psP6af9cCA0cx3sTqv
|
||||
a4hMBBgRAgAMBQJBRI3pBRsMAAAAAAoJEG+yHokzxgJDfKIAoOLR5oMpV8OGN7ox
|
||||
fieHH9qJZRmtAJ0ZMl/F/rvzazItoNsYRL6bE2wBlpkCDQRKtA7pARAA+I6Lxzjy
|
||||
Q8aA/iZztRqNpIsKYEVC2rBpa1SrklHT+sM3Gqlpl6arTiSisFtjEBUC5oO50PUY
|
||||
ycMt0AmyjQyUAP28G0E9Re1s0ws9kur8QuM8SnJOLekWQatnSbGChdAhIemX2OHZ
|
||||
ir4avt4rLUqBUXR2KDjxlmabkQ6n2T3Rpv5t9+f+ihh+faMrJ9TRO2tmvpGc4wUh
|
||||
IL9t/peGdUYO/n6c9SXHR0nQtmfmUcTC9uXlWrUVc+MrwzmSLag1ET9uM1jqHcYG
|
||||
6JXVemPPAt7/+ykUftb5Jc5LgNhahfEOK/9n9LLuzFFb4kHMtvcv0ZS0g002KFZQ
|
||||
mdZ4teKhVOx6cONyibYF5nFMKt9U9fkpV3WIzSdWhZFIvAYwhw3EoBPyEXilGp4x
|
||||
85uF0spig03qqs4nYuJOjww+I8h2/JPL8Yuqk+lHZ5XH6OTQZJFE9U2roRMvJLR4
|
||||
W5fZOtAb7zAT/ZenFEYiYNVku+3oCOD//NqD288xYhhal8iSlC1YMbXUNyYpAqaH
|
||||
ad39X4ej5WGcJFuMQiSybnCeTIkKdOxwJDFVucPpPF77pOIuarodzftpMyhzjokA
|
||||
g5jdLM9F4zhPu1wbzNZb89/lGqy34ElZlvGoXi3e3miJeSLQZPPOOGSetC60PiYi
|
||||
Kr6iXpsciDOnqaGb2OWt2bIWaXC4pQuYVvEAEQEAAbQiTWFyayBFIEQgVGhvbWFz
|
||||
IDxtYXJrdEBhcGFjaGUub3JnPokCNwQTAQoAIQUCSrQO6QIbAwULCQgHAwUVCgkI
|
||||
CwUWAgMBAAIeAQIXgAAKCRAQwBxaL2BZ59mIEACjehSxvyNSI9z1JQv1zZYWrEMT
|
||||
3hN8Njr7bcHjkD2JG5SfZx7Rh+aTahtv6qBkoZaSNOIycvRsVijqOzVeL+zNJm1Z
|
||||
Ql1YI3ZbzBVnS+5Z6HIIMCQBXo0HGJVbccobuJudCwbwbpxIcQm0HCp51ppAeznJ
|
||||
tCHLWqo3PawnNRf2jYVTFKSdMxtZMk6fYcbzek2wkJWnDMeaHE1sy9M5+kGYW1H6
|
||||
2MH8WCZkp5FWGTmM1yFyLCzebCfUOD/LY2OKloHfm0Lzqj1q5My/S1UZxjq0mCLK
|
||||
DOc1naI9YNYJTMyv2aiXUaqqgYXuhWE214qc/KF/Ipgnm3GsWZ3y4Roqql/sg2t2
|
||||
FMA4qqJvrGTnNIlxrypKpbTy6TXhdDFU+2mY2pbEP79mLG9uEUJfRX431pr0/GT1
|
||||
s/CqK3tQCOFHCCIBVbTPs7i5S/QiLBo4PoBwxNnYWQ2NKn4s5Ry/QqAFlAzN6SH8
|
||||
TNleAUZ9cTvo/5jKHYY5mC2b5xVc+ChpDTu8EZKHwADSFmKN1iOcfNwRgx9+9bdz
|
||||
Ua66UkhT9F6UF+vy3mo9o+lOqbgAS9qgcYbHLDunIXN7uP/tNfX3/qXmVbHPbbXE
|
||||
0F7CiLo5jG/KdrJObrJr+jylV96Fv0QMaW1R1OZGeacdR6u5jEHWXy7OX3+GMplw
|
||||
R9Ns+P0Zksz2ptF2+bkCDQRKtA7pARAAwjRJMLOWK6AZm7vO/PV39NOoE5eS8w/x
|
||||
3bd7AKfYgnz4LnDvpe1PsW6NVx0zCUMBFX0vkcd0W2i2ERvoVOxbiS0Af+TWggzU
|
||||
bqsOSh8kLSVB/s6POCKqnzMxvGjknR4Ncq9sSh+EE5oEDjQbv1tMRGZma6Ok42Dc
|
||||
JJNqcFytsriJmT1DsvpitahfFpt4U7ZDxPhRUjRSGnhw6Expsf9EYrvyu3TSU6wt
|
||||
E5UaZ9iunetMwed2GE3PtA2Eg8gdBbqV4gMf/lxBp90O3jYtgVesOdL+a+dUD/M6
|
||||
bYhX5THxSjQH1fMUuTLXkHffGEuaqnfyz6N4EuRxT0Gki9JN0Uwpb+30DR3GRapr
|
||||
9DlqYses5tp6WMYarEwxnkmudv7l3oVVxeSbm2BYnzEi6WxlWana5huYa9nMnMbI
|
||||
xYmNMyTmkYrZjfyVmzhi4sK3DeLpCjchZ7RRuYz2hZyXcfax38iTXhfXIL/SZWXh
|
||||
cSelqiAIZSjrh9yvP6ctEjxOmThX0aNGFMb4duSv7IjnDy5utd2jscmO2H0PDBNr
|
||||
4J+yNJgLYPWpvmBQ2mxqo/N/aHcGXc2b9k9plB58mxUyRQbjFhlimLLWA0unmRJo
|
||||
bqWz71CpA7oP5jvoHaPqUihfWEugzOUbQnUzSauDWWOdMqQW+UUo/iDRz6HCKdlf
|
||||
ww0288krLusAEQEAAYkCHwQYAQoACQUCSrQO6QIbDAAKCRAQwBxaL2BZ5y3tD/4t
|
||||
+KCuXBNi5alBCExHEzveMdRF9FJrSqJEX0NwGFivF3hQ/HJkrcu9oTJC/tXNFf/+
|
||||
EHOd0lMiyFl5PBSlhe4XS988rgapUW+ee9tQmAt+RgP40fdKdJNb6+9NYGmrdnDU
|
||||
zlQtP+h/XBOcmF0/szK/U0oigg8DjYYUm5gCWXOl9H4LJgg+yOcVCOVa4oTf1sdA
|
||||
mQba1xlMhOIYBWmEhqbWZpGOS59XvpyNfOQXWu26S8HACBqyPZ2LVV4H+9cmxinT
|
||||
z7RX1yKD17nLZ/fTOzZ1gYTbhg5rNmFpDgu3nlgU8SpGQ1kd70ZkcudgehsUe1Ep
|
||||
Pyl7O8qhj5H0/3OAmRXzrq2VF17gtz7zpntA0JqsBMbSaK5qBuBcurLhBT634WDI
|
||||
oE8u5Em1UwjgTI0Cx/lPxRTbIb4PfjP2b2ik/tJaUbwUrhuZ4LAtGztMVrF4W+qn
|
||||
x9oed4OFXMBbwgS+SH6oAHlGwpxhhzXBlqZsHXm+w+2oazWUhxFFGEe5U245GEtN
|
||||
f0AznBMDWTqg0SCVEDjlKt+e9tVXkTpHYWZjGbRZbEHkCbFqKhq0KP5BGInFZTFT
|
||||
oI5jjszmuX0W/yKpRpQZ+GuJnt4VrYSy7TMvjjhIpuhDY57VUwUIkz/2Kq8Vg2wp
|
||||
Gg+29nvcGOTdyZUcTCEB33B2jQ9z0XUEp+6B2F5iZQ==
|
||||
=hSkx
|
||||
-----END PGP PUBLIC KEY BLOCK-----
|
||||
|
||||
pub 1024D/288584E7 2008-07-02
|
||||
uid Rémy Maucherat <remm@apache.org>
|
||||
sub 4096g/4B6FAEFB 2008-07-02
|
||||
|
||||
-----BEGIN PGP PUBLIC KEY BLOCK-----
|
||||
Version: GnuPG v1.4.9 (GNU/Linux)
|
||||
|
||||
mQGiBEhrfkMRBADbIagwebBmnRUKF/g699t9ozZeqI75uCkHoqwji1rxVDSeJskU
|
||||
DguBbC9kpMT6m2Qr4MRYEHItXccsT5FPMM94P0VF7zL8sTCNRmLsLSq/dX4C2YuX
|
||||
ejGaLIQ/P1kkqvXJc1BU8tduJyo3FNaAGjGzWmcx6yDUq6NVFaKBi2GdowCg4/+s
|
||||
rgxoktNz97a1KRVyEkjGEFEEAJMl73H6AyimIfKoAVmlPlE4KZvJNtmybF3Ws86M
|
||||
CAraW9j/yhIRkkOiFZ1dKnxpFPBLHImzfXXFIt1/vJm1PCQUx2jaEQXZIMl/YNU3
|
||||
57+5AjkbjWD6pKG7axWcsuPQ5uTGmqAspBNscLaEbqA29luDmrIcyL6SD8WW9uA9
|
||||
KPyCBAC9nCXxKyLsHLqluHAi0wld+A5x2q7RISkxDAuveroi6AYP3TZof4FEi9Mt
|
||||
hKsw7sVJD6Tpnz7qqSWx77hCeNVy4t10u11Jgd2s3ieqh4Zt5WKmVCdsuubLE9/c
|
||||
WsViJopWYJ2YOZaPtDi8t7HFW0vjVTYKG7zEpURgYqHZr8GcbrQhUsOpbXkgTWF1
|
||||
Y2hlcmF0IDxyZW1tQGFwYWNoZS5vcmc+iGAEExECACAFAkhrfkMCGwMGCwkIBwMC
|
||||
BBUCCAMEFgIDAQIeAQIXgAAKCRA8NwOJKIWE5zIHAJ9T+cL0L1oABSUxS4ae9UQI
|
||||
WB5hHQCeJWQhnEpBzrQ5EmHCSeoGDhl9Q3KIRgQQEQIABgUCSGuIMAAKCRAPRQom
|
||||
YhC/wOoBAKCeWVTg4wkwbtGwcY8IdBZhYKhvVwCeNXq6lQaUa4l4sxxjBLS9MTQ0
|
||||
0vq5BA0ESGt+QxAQAMQMOJ3K9Z6gAaElTt9ZgPtdQtztA1iDesRmrN1ovbKmGptl
|
||||
Hkg6B/nRZXIgHke6TNfXxoJ5MOj1pHZibyC4G8B0H2dKieR+yw+P55GVKSDUMGuk
|
||||
ewBWdbfOLapQCtK5oYvWHycRFCttk4QnXdTrtwbSXYIC0fiwMoz5OF20CQloqFMn
|
||||
k7BVeKbppbiue0Nu9oiWBDGA9WvjwtePVGAlIQ2Oh6ubt2Bf+lfiBE0E2DjMRcYn
|
||||
/M+qRUI8LsoISyxUWoYEB4wZxwiPQYaxVUdiOWDlVR+jgYK+GIMQtTaFqxXESFTR
|
||||
6DXlGGvpiOpfTTATuuqgVd5qhOXoLxyB4J7987Puv/SshCl1Y64T9coFkmAce2k6
|
||||
eZNJdbKvVffPzrUjBv4w3poN7iBs5N+g655s2bHY7D6yIUIGIh19NsLroYDHlC4T
|
||||
vF70SP/1l64T8w+srgynHDGYPzKQLdTq2y43YSr0RIVARNpUDQ385/aCbBLze3Su
|
||||
v+sxhvAhEIWTL9XTWiTo32RR/b+uMNsbWF9hNLli+vI60kgduyw0LbHU0aIpbIZk
|
||||
5FaCLblub2EzBG4MmOrFX6VTlkWz5I/oIxTM7yesJV5aF6WA0u9rhQy1cvgj8dHa
|
||||
h+Vwf74SNJiR4OZrV7Pl1uVU05MhO8YQx50mEJRKNe6BA+vvQW4AW7w9zz1/AAUR
|
||||
D/9FXBgYltaBLgzftIctM7MAV7CXNDvXBmZSAvHbfa9iLEHc+sQGmvpWYHJ/uOs5
|
||||
GbOxZcYCj7qFTkhCa/jbwO6PYkneBbKfZf3L4lXXaOi+pLOn+LD6QvZtvR6WLYue
|
||||
d0akCTc/vftbPbsk56PqV4CFGv5vIzEkxACAaT9nchHH+7iHLbrMj9+XG+k6mcrD
|
||||
8knF04xgDN5P9TkngFfabLPXXpYrJ8ZpHxUN2Qrh06P2dN97vimYXCZB87lUncHu
|
||||
WpFmWOS4K1aF+Xexi3mZaXdRwGY1oPEFj9lzhUe8S99eHFY5ru9xbV5uPei5C9xo
|
||||
qVNf6D1UaqqJOkShnvYlzFBUliYKqE0ksE6EXa95qAGqdm5GxXqjsQEXZ3IipAW8
|
||||
HUSeX4d/ze+GHs4hIT2ATE0ShANoVq0boeTzn9zWXleHO75L895t01ZeybJofMkC
|
||||
JHuAhV3LbtthMlxiBrJwkBenpP63i/Kyz9GeafMfhsXC9M2FtnEI9ZSOlu9/ZWXl
|
||||
f21tGr3pMXYuWurs7GMwZzzhELLhQxgG15p5MPAzWWlZ/j7nXJ2pQWZC/zL4a2DA
|
||||
hTHsiZd36PIoLON5IFXxDjKFHKLSPH3xNbXVQArNEyUgtR6WUUeeB3k6DCbx1bfJ
|
||||
0UVWWirO0eUtXCm2dHFD3WDq6pMUkRou5gMrzSjCxh6mOYhJBBgRAgAJBQJIa35D
|
||||
AhsMAAoJEDw3A4kohYTncYsAn0ULUIAZf6x+A81JFu6MsqtrZxkRAJ4uWAXFhEtj
|
||||
SiHKkU7BarrCyjm1Kg==
|
||||
=1Oke
|
||||
-----END PGP PUBLIC KEY BLOCK-----
|
||||
|
||||
pub 1024D/0D811BBE 2006-11-14
|
||||
Key fingerprint = F3A0 4C59 5DB5 B6A5 F1EC A43E 3B7B BB10 0D81 1BBE
|
||||
uid Yoav Shapira <yoavs@computer.org>
|
||||
sig 3 0D811BBE 2006-11-14 Yoav Shapira <yoavs@computer.org>
|
||||
sub 2048g/286BACF1 2006-11-14
|
||||
sig 0D811BBE 2006-11-14 Yoav Shapira <yoavs@computer.org>
|
||||
|
||||
-----BEGIN PGP PUBLIC KEY BLOCK-----
|
||||
Version: GnuPG v1.4.5 (MingW32)
|
||||
|
||||
mQGiBEVZ4AwRBAC9WDbCjRX9Q81Con7cycGkkui6JZndLhX3Jbzlc/eHG0/fUetP
|
||||
0c5ZdIvTyjj+L/DRI6btrgl+jR64qkuapsYD/KDXQGkpK5zPpmxUPmXJ5tfVTbOj
|
||||
gacUm2cZjYjSK3dsIs4sDUqNYfBfdwesJ+Hycc7XqkTF1lO2MN9yp8g+4wCg0W8x
|
||||
/ZYCTb9D8JOPzfSNf8cIFCkD/j5GXA2xlSXuAFBgWpFak5OkeF8cwEkv0CQ0zCqP
|
||||
R/rTmDGO/73dpQEzgY+gLMSvtkK0pVEYaE15lg2mxma9d0pGE+fmsu5w7SQUip15
|
||||
HN5E3qP/VB4X1yp+YiHPGTDjRgJm+xbvTGSFFr0wNSSYCVpVGdYHNmetYsB5JqkH
|
||||
YmiWA/4vnkWnkzQeUNNPvep0lSrEG9jiON4k/d5opWwjxIP4aev8V7//V9ASzznF
|
||||
D6eEL23ePX5ZuKLyDeOSRAwaPpa/Rp4AkiUGzKK21wAwKip+lcbT5m2ButoQhgNI
|
||||
ZlmnfhN7E2t2S6iS9VzHEo1S8Jv9uQZJ89Tp5fiFe1pXL2qBHrQhWW9hdiBTaGFw
|
||||
aXJhIDx5b2F2c0Bjb21wdXRlci5vcmc+iGAEExECACAFAkVZ4AwCGwMGCwkIBwMC
|
||||
BBUCCAMEFgIDAQIeAQIXgAAKCRA7e7sQDYEbvgiLAKDHEgeJyxlrxNJ4m51jOnhG
|
||||
xlsLOQCbBWAdTjpMVcNqmd6Fa5fgyCbh8XS5Ag0ERVngFBAIAIEVU1iOoq4CyD3I
|
||||
f+AChfSFAgqjKmjqEyPv2RDLPkI3g2FvC6HvOlUucIe6IjqvTXztdxSRQu2EGq5i
|
||||
W8e5ajTZiI9ZNs26XLL4/q/gYRaDjUsI7J3PAOL9lNdws6ZoqlCh44R/cvekuixx
|
||||
HoHGskGxAHBRdjv9Oqy4x5hR5kebGq9Ayf8CQZ3l7aRekwlMUyCsmMkNxmqMls2g
|
||||
ViBFD0/9a/xodE2VMVMg5eQ8A0enlrGDghG9d2m586JtOje55rMVnVPkEuNkz9AC
|
||||
DkR0CiwQqX72Ub10t/qcNqbDeMHFacOBYRKfS7Qdm3/jb8Tc4jO/AXFcUGbH5niz
|
||||
pPGs+UMAAwUH/1M2unaFyfJddVPQRZCJEFxdlxkg40tewgjaNJLwnqOJXw1RENNM
|
||||
bSx4Gvz8M6WvZtkvITt29P+O4EmGq+LYTKmLM/E399KuqoZGbyCu3Gm+RIxKmRkf
|
||||
Y3izseOhrUX2ycUIOF1BFzIYs6HeO/sZeba1bapOFo/xS6NwnuJl6uXUmynGjVtY
|
||||
gvQ+dLYAcDXUQJd+QjyXdsbnp1jmdSrqqscPGOquRAw7/sp/ivom4DDHMTz4HErz
|
||||
NfHzn4z8kUE7T1EEpnFU4SBiJkpm/+yEhEq9hDG2GZmxfQd34iRXpC5B4ZbRiwW8
|
||||
p/bhzvcxZcrahQzu5yyq2+kGhK7IA9APFGSISQQYEQIACQUCRVngFAIbDAAKCRA7
|
||||
e7sQDYEbvppSAJ9+i7TzCNvZ4PK/odiIWeZ61+KKyACfSjQXnC5UbxndwtkOzFKf
|
||||
Io8ZP0E=
|
||||
=xT1M
|
||||
-----END PGP PUBLIC KEY BLOCK-----
|
||||
pub 4096R/731FABEE 2011-05-27
|
||||
Key fingerprint = 9BA4 4C26 2138 5CB9 66EB A586 F72C 284D 731F ABEE
|
||||
uid Tim Whittington (CODE SIGNING KEY) <timw@apache.org>
|
||||
sig 3 731FABEE 2011-05-27 Tim Whittington (CODE SIGNING KEY) <timw@apache.org>
|
||||
sub 4096R/461B342D 2011-05-27
|
||||
sig 731FABEE 2011-05-27 Tim Whittington (CODE SIGNING KEY) <timw@apache.org>
|
||||
|
||||
-----BEGIN PGP PUBLIC KEY BLOCK-----
|
||||
Version: GnuPG v1.4.11 (Darwin)
|
||||
|
||||
mQINBE3fcdABEADmpbGMmnQiMc4biU+CIhV6EJ7lBaRzXzh4tJ4eITfw6IbImDRn
|
||||
0JHZNjeE5zXLeH0PQ0K8/bYzFhMGwQOgvZETV7LPVLid6F9LbvDnItcWyoiZ+HPG
|
||||
9SNdxIAsIVxchW6j/4NcIWaEwJks/+3vveBbRc1q0UgL5b72Yxpwwk3o6LMb08vJ
|
||||
wn0LuljqM/+MHc+/KuxO54jJZ2OwNbKr2cxsYwVCpj+vEF6wNh2s6v+5VLs7NimN
|
||||
UufiKVGcz6fceza3eYOS+0aLe4JXUPfmbad55x7H7wGMbfv+XLsBUKJ9Bz5nF3QD
|
||||
jLwGBId8/K51yXGqZUqwjzTkhIalJeZEMZuAxGkLXsYM47OH/BGPNvqfcX6X+17i
|
||||
9urz5go5kWQJJLGiBDVxiwpyrcZfrqc2I0DicLUsAbdyd6q6gkEcQKLCFmm9GTW8
|
||||
c0Bb/kqlfGnDcBBl3kwK8MvvTeEAq7mteZEEOu/aV+417qDx+dNzFIx/jVjkihnC
|
||||
O10vIXKmog8Dy36gNuJdnqsNuV8oGK4vPRFy80XajmYBl94xfR/ZsWWo7y66UGQr
|
||||
NsCrCC+DV/AlDMJE8fjoLKyTtGnu7U5keyiuUIPvDurbrn2JKGefRnlRAoXRWdiO
|
||||
nzO7vBbfOQ4g3pjUwuXqQTBzqHwnL9z8gX/MR0Wm5RU+B0ZielPkrt82YQARAQAB
|
||||
tDRUaW0gV2hpdHRpbmd0b24gKENPREUgU0lHTklORyBLRVkpIDx0aW13QGFwYWNo
|
||||
ZS5vcmc+iQI4BBMBAgAiBQJN33HQAhsDBgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIX
|
||||
gAAKCRD3LChNcx+r7gOgD/9DgtptXELyFxaazptqmNkjIp6X4JKjl1Kp99Aq2wwR
|
||||
4DdHBbZNN2qpQ+Q66klxWeJRbf3t2z/4oCkY3G9g+UB0NTgZBcBMl9c4sDxYzlC/
|
||||
B9GaHTByaXLWhqv5I6IAiiECiyxhkAVHVqDYjpg5voCD0ZcYSWX9IMZLGAlBU2fe
|
||||
/0g0QEaAV+4SSFsnp7xGaEwoFQd7VH9bS9Q8mdCPZf96Dz7S8XlSpm7Wc0Wvsd7z
|
||||
wXGqmBZVQ0w4mVhGWeaaRUKuVn5nDF6djI+Erg079Vrla6pcXfoBiIugLOUhvvmv
|
||||
Zb5yBi+RJ5CQAnb8ApKm1IXotUCq4GJ05SwDR7xvpS/s8BKIlXmY6h64q7sy66a1
|
||||
SdRtKL5dncVptknxVzyw3QjEMt9Q9v9W5kgeSabebjAztzPFRR9EBxWkcpL8lwml
|
||||
bTSlheb/+fsEiE0Hw6460xCLPtLFm2RnigdacQgSffhtEzZ5OB7aoXRG/M1McN1v
|
||||
zrjHxg8Vo7stPiGSSvWQKZJQFvWgFUbugoOum5GTNFJeHwlAyjBydkLJ0A/nwUgD
|
||||
efXMV8a65+LUAFVJuEgnOw2Ut68bU96KOSHbNaauErqiWZlcnJIOqD3wRxB3OtBc
|
||||
2lFL49n3bJ37k7CuhEZUAgU/cqN7meH0wo1aI4KOfo5PHm548qckLi4P/pAj8jHL
|
||||
0bkCDQRN33HQARAAzeAQNb4AfB9v4r3qrN3bwF01VdMpVTaQl3RaJKGbdO52f4gW
|
||||
8iIfR+Xc6ALeX/1ADsH6nyOuQ+gnTpf4Gr09Lf/EzcrJRN8okVFehjuaahWYdmbL
|
||||
rln3ZorzbLxHp52dvLS1EX9L1+MEgGuUxsN9fDJSuif6f7+E/a80Q/WEbQ3261lB
|
||||
f7GDSGvr3xz6M0OlTS08YgUeUsx33PQRHV1TU9RTSASsivy316u86gxMp+9PJ+6n
|
||||
m99iNvZB1VXpthG6ybgyxhheQv1o2SBAhJ3Ee6Neds1kPkLiKiAbGq9K9IApqC8X
|
||||
DYZ9FUYBT+CGm8KbU8QS10wJuIVIXRYuvNZBjjhZdbGIGJ2CGIn9cO8RmzDVVu0A
|
||||
Ch9gCGh12Rsr4uZkY9tJ6/+s/ipHuft1AnPETbrET2Wm1rrUZ8sFykP6cOwP0gen
|
||||
MNEjTAHnLE0x2yAjFfvjz/y0H+gMQqcbmyGvAgY0URl41+5+yxtLVJIcuszut77s
|
||||
DV7sM8CoXz2I8/K+R/lB5p8d6AriAV+iYqzATmyfFD27GVHp18wTuyusfwy8301q
|
||||
CqjZdR5cXQHcp+/yCxz/I+PXx21QE4e3nY8YpC6PWFC/XPy7s6L71uNauqPi5WwG
|
||||
1CeYEwqd70Ds3aeVErYZxYg/kiInfFGnXjUplvz2goT3LQFWHFS5TN0sUqsAEQEA
|
||||
AYkCHwQYAQIACQUCTd9x0AIbDAAKCRD3LChNcx+r7jscEADgCt4SmzeEWuU1fZYx
|
||||
FsdnC3wLZUU57HnGMAQdxCzC6lMXNHUiS+y8of1TEYccjM8JK0zSTwnizhbQzOkh
|
||||
ICR/0tGz3qCOAZjv91YHs5RcLzeWxbor29my4VlQU6vqEwOEPwFz1b1Grp2rbwhL
|
||||
hot81tqv4PP/wn3ES/FIuTALZ3/hgunfGlO6FGZC20rtOJHd6DpX2ZPeYi2mfYom
|
||||
KF9N7F9q0WhYn0GvMyV5pqZ6Ui7N8egvw1gokUtO3D8lWnjZy1BmbizozyLmrG13
|
||||
xr280Juv7zM0Jy5YR01vsqfvClBbczBzoEnkRijMYVJgUj03dr5Cdn5HFRfA5wLD
|
||||
sNuSYKMTL/WWNQgIp24/MLxyYa4sVH9WMh9a7BbdRHJEjVR2HTA/lqrKVIfR6NwT
|
||||
6DhThBA7XxGbQ9nuBOjClTpRBXyCnFN+krmyhvVk3caVcQu/BbaZZXFEuKhJzbon
|
||||
YrQkfyvT/rQoM/ufLlIIPZgpKxP96a9zF/eyATiamAnU7idEHIZ0Drrj60vz4sPH
|
||||
A5Ty5GWKYSZa6suPaalqZ+7dpD/UWiNMzSX+YPLQUW9jH/k7zuJ9aZN4AmIkm30c
|
||||
YB5npZhfo59tF4uuvKvYKWghrF8wSwEE7F4cJAuqklo0TArBUd2WB0Wl8kAWtThf
|
||||
/PLn/VX9dZEFVPVbPapJpkNv8A==
|
||||
=Vxhw
|
||||
-----END PGP PUBLIC KEY BLOCK-----
|
||||
|
||||
pub 3072D/0D498E23 2013-01-14
|
||||
uid Mladen Turk (Default signing key) <mturk@apache.org>
|
||||
sig 3 0D498E23 2013-01-14 Mladen Turk (Default signing key) <mturk@apache.org>
|
||||
sub 4096g/DC3D1B18 2013-01-14
|
||||
sig 0D498E23 2013-01-14 Mladen Turk (Default signing key) <mturk@apache.org>
|
||||
|
||||
-----BEGIN PGP PUBLIC KEY BLOCK-----
|
||||
Version: GnuPG v1.4.12 (GNU/Linux)
|
||||
|
||||
mQSuBFDzsBQRDADVTeaOjvWuZ84mWFi5Rj0TmnIOdK9evO+6Bnr6eI0MCKxLfEYu
|
||||
tpcq3hrIN/sXoVJW14Kb2Vm5Zt0PLWBmlQoi+99QwfHRvrejQnYA5VCGql61Vkbz
|
||||
NbpZ3Eq3n9d1HOLhdRnZAUGYtFYm7etkdpUZSHOErZWdiCebc8Og2NdWU4xIG6f8
|
||||
16UxuzOWv+fPCtSjciHxYWmzrVc4fYNTvJiyN5OtJ08dCaRfMeAMqec4fNMOn1uX
|
||||
KXuwlFsHk5ieK4K91RP1zSGQEe1gGaMDSQsR6wwmnnEoP7QzlvPkr5gni2+uGccl
|
||||
UCfejUUQaBsEXDX+S9CesFLv/EtWMgjpnyVCF+uSCrj/pMNHJHX1zktp79NJFCJM
|
||||
BrifvthC7cVHl5eWVTMb+xFC9leEKcUPQj8GQmUlXKd3iiUCQEhoEAk9IC0cVaMq
|
||||
2wp2lZRAK+7MSO+iLYA6GSeCBBQowCC8fvc/1ihZ+JtcmR0uqErrLRpSfBbn6Ynw
|
||||
K6cu+Dd6zRBOegcBAMIQg3biwAjnP6AhB3Ul8J/Jlk3CL/v+ChMUuwTGgDKlC/9C
|
||||
kg3KctWPhlImHATy1STBBqIoebYxe+CCxxiukt9gp2NCZOdm2ZU7weT9kS7DYQz8
|
||||
scKcAbSFBTILSeDOHehCb1Qz47H3JfyRzv23VoJ4hA/0sfm1kWeqXwQEBkAtZfrF
|
||||
/C/N0Sdnf2OUf7LsEDdkaVzkVQVJZLzZGjpNq+W8zoHhOOi1KwIzx8y1opEysmiv
|
||||
/CitQOhnLJT5odM1a+AimUjdgyQ0p+U1EkcAnLAYD3UIKMA8wnGzfJZJ4tkrYkBu
|
||||
YLW/lyS50ddhzPniz2XeCc5SG+tCi8le4B+qZb4GhC+nKXD+heuRXA+45hQXEx9M
|
||||
dGgsormYKnCTF5v3Bf8sSnId8nj0eBbKZFJhUBVgNpwNrW5QjYfJHGHTMBnWy/Jv
|
||||
SF3CnWwg/IPTNcX9ctxL4FatpPREXE/Su/4/BDjm3R14cCBfBeiVdcRZ6J1TLuLP
|
||||
K+qcT62PHqd/ibthfkLlnuehr4Qsfy75UypY8/2zrLz9QCIEo8MEFcUicfc+HB8L
|
||||
/1AYsI4c1lkgOU8aubasn1GpNrvyz5NrehIPevPEjSeBGJnOxQEtWKDrD8TMd+Or
|
||||
7r9+SLGVog1NYnkhzdEGbO1m/VXGk7JQI6UU5Rgu3PaJbfBPnON9kABfDnIQMqH1
|
||||
LeylZUqAnnv4Fa3YtiQOyro3FM8Gv+r2E40SgIbX1bLfCzgqdYpDIIK1FLfCu9oO
|
||||
NiMolC4gl+zOjCQ+ilV74J4vODBX701Zg3nM9WnQcXBBrNcuz2ofTzg9wm61zjsE
|
||||
JSRPLIaiT63cyV1kvjMN1oAkCuc3Am5albC13mOAryEF3UB2ROrc1BwdBMC+aQ/z
|
||||
BLNrxEeT7M1YiE1cFnmZZdb0X6pz2UWsiBgmproRriAOzsMW3fToJxcMykBzg/f5
|
||||
6QCgoCbJ6Fv0UC1yDulnujxFXRrBPH7PCxeRVLi3cH0sXCBZbHRMRJDhyFn137Br
|
||||
qKiP+UTPNgrj8dc3UGi13RNApHxYBcBO05JFSh0KrFlJFBd0jITLa4LGGUC08RDT
|
||||
07Q0TWxhZGVuIFR1cmsgKERlZmF1bHQgc2lnbmluZyBrZXkpIDxtdHVya0BhcGFj
|
||||
aGUub3JnPoh6BBMRCAAiBQJQ87AUAhsDBgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIX
|
||||
gAAKCRA1zSPBDUmOIziZAQCZD/YvZ1vrxmwAgDeJoMajmvHpWJPECkUzF0GFLW99
|
||||
CwEAs0ZZKpwqQEEewdGocKld7hEvlbmvqllrCNJDkeDdJPa5BA0EUPOwMxAQAL6j
|
||||
2zs8UQCVhPxf/RO0PhLqTPk8/6NW/W9uN1QjxPtdFaDmIpkIdY6RI3bo9bRlKf/F
|
||||
vWWQfteUDhRiWosE/ERDrLDoFzSAKIEE3/rm1jYTVuWbfYnBA+zHbZmN0KgV8fbh
|
||||
cLxt5qX+YTIp9mg2rXawCc5j2vQvPmCce/JkaR8k4ZF9XhWIrpH/afH1LE3ExePK
|
||||
019Zo9thP9dw+IiJGWmL5v3JCiJDNmmJwqSKtBDMRX/9ygIZUWABAmvPzsr+fkee
|
||||
FyPaezwtj1Qx96U+gZJiYO+eW8f2d3PrK2hC9yc8vD+N6w/ZdD4UIMBz/sSgmcD7
|
||||
WRVs+j1KpEzIMVwxJY2V2bcuqDRKdPrhOO4zen26wutKRzZF5SRx8ruRE/Hbxmqh
|
||||
H2teUtN+3xR0ARkbVDrTJwG8rvsUex5pzQk/z4V2s1Dm8ihirEuDFYE5B7Hpht8U
|
||||
17JhVH6wIrBvwMNfd+Ac1mlfvBZ19JGOnjCwkR9o44N5lx0BSSndJVnrjitV//Zf
|
||||
irASTVc/GEw5150kkZRCkaW3Hn5KMysGNXxgFf6aBbgVBlR56mNHT+6qbZV3Owbh
|
||||
i5hSSKqxXMPsv3XEANg0isdLiv3E4/KxozChph+93EWuZwdrD0PbBccyJlUCywaj
|
||||
pMBaKXzRDsuZOImi3ujcZbqPb0bZW1eZRpQ3LePrAAMGEAC5V1gmisUffyR5I3kk
|
||||
HBcEkKW4fCQFZ/FLB6cQi4t9sunOYPT56klokhSIE0AJq/ndkOLz9eW2+D4RK3aj
|
||||
IBtFTtBnXzn6nGbg+G9cpwPCpcWyuAMsiPwcFItH7mbcD9h/TCXJE+ILyhXaocOb
|
||||
n9D9IsQ16WAIIQQsBbGYMvaemJv4xsZQrLhCHr/ofHye5huEBn/wwyBKnTCLd+P0
|
||||
AkF+whf4Vl3yF4W3vnrYRFjU0XEXnVQ/nmiQH3cM0JxkVy46H3Zoe68Sjt49ZJt9
|
||||
eEWH4M7KyJc86DWjRl/YMNdHE9SMx0ReKJTTNATfzgWIMvH+xUsD9K85Evm70jxc
|
||||
13XziHwL0BjtMQzml19f/TDCUeLE9FiO5fyDgc6ueehsCxoKCvG8acQz25rkAJBv
|
||||
i0WqdFSJG4rrJaLEwbSDkAkpY9yVk73acamwa42/E4G7v7sKuGVHzW5xBX8ac7lz
|
||||
3CqKw771vWGZPgd8v2FIkk5ShikVyKQxnVADVACy2eqL8A8fmQMRSc/FYVMHfo0O
|
||||
MD5jeWWAIPo3g8bguqwqyTC0DQo60Y38t4lyXxAvg5oWvwzKdrWKwm/WmQJaJuk6
|
||||
TufoONXlsl0cc4LLHZESIwLRSP5YfxV9chplmA92vhekV0f2IchmJky/a25KEIRH
|
||||
OdCCQTyOitoKXYy2swx9j69Q7YhhBBgRCAAJBQJQ87AzAhsMAAoJEDXNI8ENSY4j
|
||||
plIA/R4QYFbde0Jw11KjqAr1AkQHaume7p5mv7Vt6I/D2CkUAP9i2PGC8mgArtlP
|
||||
XDH35tl64G5lNKNum0D8NSGV955R2g==
|
||||
=gxY8
|
||||
-----END PGP PUBLIC KEY BLOCK-----
|
||||
|
||||
pub 4096R/D63011C7 2013-09-19
|
||||
Key fingerprint = 713D A88B E509 1153 5FE7 16F5 208B 0AB1 D630 11C7
|
||||
uid Violeta Georgieva Georgieva (CODE SIGNING KEY) <violetagg@apache.org>
|
||||
sig 3 D63011C7 2013-09-19 Violeta Georgieva Georgieva (CODE SIGNING KEY) <violetagg@apache.org>
|
||||
sub 4096R/30480593 2013-09-19
|
||||
sig D63011C7 2013-09-19 Violeta Georgieva Georgieva (CODE SIGNING KEY) <violetagg@apache.org>
|
||||
|
||||
-----BEGIN PGP PUBLIC KEY BLOCK-----
|
||||
Version: GnuPG v2.0.21 (MingW32)
|
||||
|
||||
mQINBFI6WiwBEAD+kkswnsY8eaqvYkS+ZB5MJr7juWrv9Lw9OGsIXFlTvD1XK01c
|
||||
E8k4+uA2sOtaXQ5wTMdc5N3YzAXqFxplWuafQgEvhyTTq37M5YCxvtYEZy/EHQYT
|
||||
iok5H97lMRKbhLdZB+wkdsa0P/L1FveCUiEawKY/Rrfi+UeRAneSV+m7S+RrPphZ
|
||||
M9aNSczqYKfAqlpUAlUcrF/bt59vjhepoHcE4ev6SB+PCs0vbvX4iTvvZCTk1lZ9
|
||||
InS2wdK80Jz9pRB0Uf3LEnZxt9e3RkIFdQOCcEISmNlBKQQKFG+zCpIAbVoMLKEw
|
||||
rXWl8mLzGzBbhGmLpFroem3Ln1YiAxUqnPR/MoBquYnpTINwePgwKVWyQ1TXG2MF
|
||||
Z7DPayBMN+G51rfLS/8iy35pAnNeqbWQjavdUis6/0aRMv5EYMFMAerutQ5v99bA
|
||||
rGj6OL3R6repJLOGT4YWcD/Tw+eU1lMWxbq8BbbRU9Fd0iVFhFyKB/DQSxofvTCe
|
||||
PdWXRrptrE0/SmvuoTRVPmB21WyJenKdNmVOQ6U+W1Rs+5IKAdWWrGPcUt0qTrRC
|
||||
SL8vAQ7MejYLovFtRHslJRs7T3ratpRcQUNOx1jytJhmSUJktNWZWNHqBTe/eOAU
|
||||
Yr+QAkQVQXvRVWzHkDHQRTOFmNYIDZYRkzSP19sBWRnYdCs6CbIVPgMJVwARAQAB
|
||||
tEVWaW9sZXRhIEdlb3JnaWV2YSBHZW9yZ2lldmEgKENPREUgU0lHTklORyBLRVkp
|
||||
IDx2aW9sZXRhZ2dAYXBhY2hlLm9yZz6JAjcEEwEKACEFAlI6WiwCGwMFCwkIBwMF
|
||||
FQoJCAsFFgIDAQACHgECF4AACgkQIIsKsdYwEccMXA/+KMQKWfw2T2CXLhqvQLoh
|
||||
Irj1Vi9leAttKqKp2NCHLK1jf1qKzUx5U81VvizIGUsDXGlAvnnavrj+hmQqZdsO
|
||||
CoJAo7ViIR1ZhNca1tFK4Sy03wdpNyUkvxVuC+3peXmwhjPJoqU2ONCuDl/bCczl
|
||||
QAQpgZCMO93h45U9H6JkjqK01aDorQHxvXo+Ap2IViQvDkNtJ515vG2k5K+x2XHw
|
||||
Tv19wr5N2rz407TWKzS5hh7QHRgg+PZs/zPf1YHD7Tg5K6vvmZd+5EsDrse6tZXy
|
||||
mzz2+8Yg1SNa765Aq6p1uAQf5NKeej/25TbRYT7RyIlgDXPcPrKxy0cKzpqFqCFs
|
||||
jJEcN3NlQq+f1tOvUk8cQQS0G+Qws3EU7I74z8KaUfqmO/5ROrXLS50cKC9CODO0
|
||||
UFY8FbJDGzS5cFSBlqXYLeQvaOMg0LsV6wZLu6brxEsRYjSpwM8yBFO4bMcTxt4P
|
||||
VYtinNZ+6ude8mMz6BK/0/XbAL6rc5jwO2xj7GTCFNRTWOa8IGtwqg3qnAiHcg/V
|
||||
bTBQCOmzMujHBXLnZu6vg79BwzE7Ikq634D6HEwi1bC3XuVz+7NqdUQAGPSapwUo
|
||||
+0wC5DVwdjhe1zWcf2Zc45HWsx0HaGW28x/tBrw78fgwrSSyV2xunbxGpVaaysTy
|
||||
Oini8V70uLofn1SHtxvEQCm5Ag0EUjpaLAEQAKV7FnaAcxkzDa7zjrAgLRho44KM
|
||||
+lBt28+5KO3Jye1Lpf2+4aspu0PXkGW2Twv2tBQNZYs2CWF+vnHNUDuU8TkSpPt+
|
||||
2PRSZrQ0K+IpQF/qY3Wf+LYWFNXk5/wHJLGiQv/008svtupng6Ov39JwCNQ1iG3d
|
||||
nSWfnqHwQULyE7JcZf1It94G43+6NBvKakstOdK7d40dVhmRIKDdJkWhN3MKrGab
|
||||
FGFAF2Nb57IugQ9QO6Ve/BnjKZmJg7TyUZk27LVTC0aUQgGgDOvsF2Iw95IplCZ/
|
||||
jVbwdBGjeCStvI3c0DB+E2xwJ0g2Wf/CBLvmU9GKOW0toBfRUXFbfzNTJfW8kglt
|
||||
pDuELsVY5vHHxgujdDInHuTW1930zUw0cNA2+ai3sf+UGejh0e3nGfy1uOK3YQ6H
|
||||
2YWgqXlOkri9pMlE0NJo/3PW9QDu0YRplGl65k+GtHD2La1akq5V5Et0VNaOypBP
|
||||
OqnUM08LofAS126Kerm7uBSUQDDV6t1VTOBgPW5cJF9I8kdp04pzj4qb/3fuOuGc
|
||||
kBRfmO/Vkug8U81w/TnxX6EYGy5fyA4JFBJl++waPS/9dXhVnA0qXEivzw9gNQvC
|
||||
uXYcM3nm4yUrOouC/OlC1cS+6Wxjrx6qn3NnsVzMCtefNK93+TdheZ0cJrMhJKkW
|
||||
v+qttOzPIleqvDK9ABEBAAGJAh8EGAEKAAkFAlI6WiwCGwwACgkQIIsKsdYwEcdN
|
||||
tQ/+L8cw9Z9tfrqovO1fGFQwCSaomShsbjoUb5AR3Hj3OuPGwXd8J62mrw+RnGN+
|
||||
0w2RyTz52izYvcoB1jmMFQwqi7vM5KCbw6KA8oRX58WSqiWCIwpbUuTODvJrSXjX
|
||||
pz/J/d+PVZi8T1HAu5HxDqNC1XR+eUd1xA9Pgnmmw99+0rmzES7xexWADXo/RRPH
|
||||
mDCxGK3UKMHDYJLTx8D3MacMitzQulxVo9xWwH1C7ioL3o5zCv2mfIl32WNjqwpD
|
||||
h4gNpnAGRthizeYTgyJM9nCrSWgeE+izGZ9F0g5uXzhyk1f6jlUmXiwjMu/XOcJO
|
||||
5Rr1e42bWITuP49nB2QbdSqVvVscwCd5TEpOnQtVNZGsss/wQHXDmGSVrYYUQwO/
|
||||
cUrU+hTti1IJXgyFi7F1oxde+LCUxXmizKGoY96dVN+TYH5c17ub1/4/DYpOmcly
|
||||
tsQ2TOV0BqK4rgKLGfg2mA4zIFOdqXeGefLQVAF5fFzjFKKDi0ewp3sqy+ed6mKY
|
||||
1M/HmRX/YzIouFZ3ChFPIpeY23XxJC0BXkWR4pS7qxnelrWBZ+UbleNr9uHat5rC
|
||||
B77712dCT9zz85b380DnuMkrgz4HCnHuTcbHXIF1J604lars6ZrjtBvX+OsRHt7V
|
||||
f72qKJufP+n01xliW68LP4v93auM8nuE4kkEJ8ncHyuDq/Q=
|
||||
=fM0q
|
||||
-----END PGP PUBLIC KEY BLOCK-----
|
||||
-----BEGIN PGP PUBLIC KEY BLOCK-----
|
||||
|
||||
mQINBFzO4ecBEACVS86VyuTSJmLmApi92R6D3/L3EIBFXhagJbrLkodkTuG9efYo
|
||||
vM1DJPWEFs5kux8a8UPwn2gbQFPJg1AH77GqjP8gtn0KHQvXgYC9+7cTqDl6C7k9
|
||||
n3BkB9bRIhHileYyIJfnycjJdrGFEmwGu0pBOEdr01R0kFprqYu9DwcD6oUvmZRn
|
||||
OMoQQeLEC0cw/VzJ/ZqzJwO0t+rMCozqJ9/BfJZUqwijDZnJAZWnIVxjqxrUgyYA
|
||||
5/0g9X8YHrIz09XuzaE64VAl0q3nrFJWvDCwE/ZM7w8jlUqtQgLu4K2U82G0YXw3
|
||||
KJ1EbigEmtEohu6HVnAToCJuOnQ8m0rZxbyNMeYF9pyohdFEca4I0B8Evy2dYFnJ
|
||||
Y2gghuU80vct54536WWz9mAjKwBFQUtxX0EjYrYN9ckzCK6fRqrnVv0USVp7N/ZY
|
||||
PQkOEJSdmRdpvTMwfCuAyT0/3cxuC7NyAWiZDXJv7OVcDr/REfWAA7XMQOErwdGJ
|
||||
gViG58YhLw0Pgdumg+prqQXowzlRzGAsV5VntCh+4LV8/ESmvWAE3V+jgZFB3cSp
|
||||
g58NKjp1EwKwX6BCICyX+Oe03cnlC0UJ7S9FccrjNrkiwxxOVAnmy4kxX/P3Cuqc
|
||||
C/b6BeeUA1hBNWNe42mr6YczS+dhpCSUVWQJp/TxdoXA2fGG1OS1FMaICwARAQAB
|
||||
tCBSZW15IE1hdWNoZXJhdCA8cmVtbUBhcGFjaGUub3JnPokCOAQTAQIAIgUCXM7h
|
||||
5wIbAwYLCQgHAwIGFQgCCQoLBBYCAwECHgECF4AACgkQaCSJWTWecisVSA/9Eh3h
|
||||
0jeyy51rA1nqq9imbH0YC85A/wZjhb06UXwWBPozJR8UJsOJZ7kBzCW4gfkC9zTD
|
||||
GStSHHAej9o96FHVRLzCyjaaZVuRUl2qCz9U+pnGMxb5aRNVAQ/wE10hHu3Yc+48
|
||||
cc0sPCCPMdshAj1VOHczTU/LSv21TWBaKO3NMV9KilPzKvXHdPFYssVcUt2NgQLm
|
||||
2Bx/ELTCVj5c9Ih2cz3T7kxf8LKsGALIfjcp8g9DlvMjVLKBFZqU94C4V0mba2Fd
|
||||
6xHpdmcgMbSNo6poQ0M0O7CN5qVJFm/v4ZDooLNWRMeL66oen3LrZ8HRpPxfic77
|
||||
JLKn60dywuYU8WYp7cV+3AnaDn/ggvC1x79LSmX4PFyG9/F5M7gp0HFrVdyc0nBo
|
||||
UTejZXehwKrfvF/isPf7pUv2fGXwg07zTz8OMLQo4h9poB5YuuinjuxjBfmc2AvB
|
||||
WbRcKNvHXHUlaVeK+VvohfPuetJESS4YB7fLMQPdGIckDFQub4SvXPNPPToLsbDB
|
||||
2GGguqhwWD9ECa2o1RqX8LnCdB71uBcyiW8UIkLxwaygsciVm7SFz+pqAKJgzWwI
|
||||
AsVYVOIKdq0GWaLDtMGJGQFfxuMVmMGGbvueAMcOCSSsGemkElan33VS8Zu1sjeY
|
||||
P0Jt4ws6gcbUHI27l5Pvk06uWzaN8uyXGA03d4y5Ag0EXM7h5wEQALG3oikRAQqf
|
||||
um+wW6oW2d1mIk0PtnC3l3/kGTA92kIqJzQ3Ua0mFaVGxdg2J/I1MF7HdlZJbGyP
|
||||
5b0PdbSjLHFbQfFD6LHsLw9StVrkjbBKYaP0gRWxEIHMN4Qv01I2Lyc9ONlMjUIf
|
||||
xNK/AG6oT/Ia53VVET78HOj01L7JjBAPuW8UPoy27s2gQ02smbA7iRUeZ3dpN2fy
|
||||
027aKbimIl1ZrxJbcbxw29PXWJZP+CxJEnqwEw78QbqSsFMAhR9wZHTfEtUzYy6h
|
||||
hyngwYQ+iBnB+1cYTEB9KbWWpP5n12iuRin77r2RwrHYAW/RUILK2rOJqPcIg6CX
|
||||
P1o9UKPeN5QE/ScU5427XKZZscaQrvBPoN3G2RWmMuHM2cchXgRRMMaSvufocLjj
|
||||
gKj/aPUDCkvJ5MyTNtMfVDx0Tw3aQpf2Fr1L1Hu2GyBqifioZGdzLL0LtdeXzkJy
|
||||
nZGj/L5jzIlNBnQG97rgCuPflbIl2S1izNexnuX2Z1dcyS2MTrj3nnK6HoW+gvCc
|
||||
oqq01S410wxaAUidJeGwLzgUa9Ig+6BVPT7sZrbc0IoNP+JdoqPxiEkqy4Msy9WJ
|
||||
RVeJM520Q2T1YM7xm/4E8C7H+Fis5u4GNswk5qsXEOyLcHBzGEik3BDylp+sJ6/F
|
||||
DuAN7k64RV2m+lKpjngiKZxo9LmqnsWTABEBAAGJAh8EGAECAAkFAlzO4ecCGwwA
|
||||
CgkQaCSJWTWecishvg//ZDuhkbSUgIIjG9Rzq3cHNxZ4sFrUwL19AtGNktiwt0QA
|
||||
GCKPnf4SdHZGKSeOqUHeDT/l/5l4Xc/JgRk/t2bEeC3cHE/Xc5V6I2n28HQiJScX
|
||||
UJdnO3QdTCMEYVedu/9JhmA37eznQhm+UAcxT9tew3nSd0KkkMQyW6YpBEgcdsFd
|
||||
aLiFPzbySjRWplyCdELPRFtW2ZHnJ5gVGYZ060EOHcdPb/4Gz/mA6dIjQ5N+vKlA
|
||||
GNdYZgv3w4NRGLmni5T7jDAY6T2CJXxvcgfYfh3oY3aiZaWzKKQyLEVaoZ6dJbsm
|
||||
mi2if7MZ/SVCMdM3MXiRpCeyyw9MTylGzgwbDYSz2ZkGvy9k+1M75q5QEfvVM8R3
|
||||
guaBJR+e4fkfsRBUAqwmHy8TrXghf5eOCsJx/9yyRXvK4tnwSBUIzFa1q0POESul
|
||||
jFWYFkvRjKIYfFWS6cY37sPNLvEQQmP2O07ttaYfIXcMcVF+HsDBUftGRWIkkPn2
|
||||
LucW7f0Lqlbv/mlJpqByz522jmJRNFLVQh87LYz91FgsLAgDkPpi8mzRrEfb2nHD
|
||||
+PIKpoO499AKQ8hETMbfzmpJUIV2Bhd7OqKDSf+yHiYSje9evofP+4lDUx3u7tQ3
|
||||
4OUzLqBRVrhFDI9keHnhOFMJSrnrpXe7Cm9JujvTX/hy2iOpTOuflj0Djsc8dnQ=
|
||||
=l4Ry
|
||||
-----END PGP PUBLIC KEY BLOCK-----
|
||||
|
||||
29
tomcat.spec
29
tomcat.spec
@ -22,7 +22,7 @@
|
||||
%define elspec 3.0
|
||||
%define major_version 9
|
||||
%define minor_version 0
|
||||
%define micro_version 43
|
||||
%define micro_version 75
|
||||
%define packdname apache-tomcat-%{version}-src
|
||||
# FHS 2.3 compliant tree structure - http://www.pathname.com/fhs/2.3/
|
||||
%global basedir /srv/%{name}
|
||||
@ -77,23 +77,11 @@ Patch2: %{name}-%{major_version}.%{minor_version}-sle.catalina.policy.pa
|
||||
Patch3: %{name}-%{major_version}.%{minor_version}-javadoc.patch
|
||||
# PATCH-FIX-OPENSUSE: include all necessary aqute-bnd jars
|
||||
Patch4: tomcat-9.0-osgi-build.patch
|
||||
# PATCH-FIX-OPENSUSE: cast ByteBuffer to Buffer in cases where there is a risk of using Java 9+ apis
|
||||
Patch5: tomcat-9.0.43-java8compat.patch
|
||||
Patch5: %{name}-%{major_version}.%{minor_version}-jdt.patch
|
||||
# PATCH-FIX-OPENSUSE: set ajp connector secreteRequired to false by default to avoid tomcat not starting
|
||||
Patch6: tomcat-9.0.31-secretRequired-default.patch
|
||||
Patch7: tomcat-9.0-CVE-2021-41079.patch
|
||||
Patch8: tomcat-9.0-CVE-2021-33037.patch
|
||||
Patch9: tomcat-9.0-CVE-2021-30640.patch
|
||||
Patch10: tomcat-9.0-NPE-JNDIRealm.patch
|
||||
Patch11: tomcat-9.0-CVE-2022-23181.patch
|
||||
Patch12: tomcat-9.0-hardening_getResources.patch
|
||||
Patch13: tomcat-9.0.43-CVE-2021-43980.patch
|
||||
Patch14: tomcat-9.0.43-CVE-2022-42252.patch
|
||||
Patch6: tomcat-9.0.75-secretRequired-default.patch
|
||||
Patch15: tomcat-9.0-fix_catalina.patch
|
||||
Patch16: tomcat-9.0-logrotate_everything.patch
|
||||
Patch17: tomcat-9.0.43-CVE-2023-24998.patch
|
||||
Patch18: tomcat-9.0.43-CVE-2023-28708.patch
|
||||
Patch19: tomcat-9.0.43-CVE-2022-45143.patch
|
||||
|
||||
BuildRequires: ant >= 1.8.1
|
||||
BuildRequires: ant-antlr
|
||||
@ -266,19 +254,8 @@ find . -type f \( -name "*.bat" -o -name "*.class" -o -name Thumbs.db -o -name "
|
||||
%patch4 -p1
|
||||
%patch5 -p1
|
||||
%patch6 -p1
|
||||
%patch7 -p1
|
||||
%patch8 -p1
|
||||
%patch9 -p1
|
||||
%patch10 -p1
|
||||
%patch11 -p1
|
||||
%patch12 -p1
|
||||
%patch13 -p1
|
||||
%patch14 -p1
|
||||
%patch15 -p1
|
||||
%patch16 -p1
|
||||
%patch17 -p1
|
||||
%patch18 -p1
|
||||
%patch19 -p1
|
||||
|
||||
# remove date from docs
|
||||
sed -i -e '/build-date/ d' webapps/docs/tomcat-docs.xsl
|
||||
|
||||
Loading…
Reference in New Issue
Block a user