Practical use of CsrfPreventionFilter

2023-12-13 Thread Christopher Schultz
All, I've been playing with this Filter recently, and I have some concerns for its practical use. I'm considering adding some features to it in order to make it more practical to use, and I'm interested to see what others think about these "problems" and whether my potential additions have me

[Bug 68295] Connection has already been closed - Tomcat connection pool

2023-12-13 Thread bugzilla
https://bz.apache.org/bugzilla/show_bug.cgi?id=68295 Mark Thomas changed: What|Removed |Added Target Milestone|- |--- Component|Documentation

[Bug 67675] Tomcat and/or Java do not read encrypted private keys with DES-EDE3-CBC generated by openssl-req(1)

2023-12-13 Thread bugzilla
https://bz.apache.org/bugzilla/show_bug.cgi?id=67675 --- Comment #21 from Mark Thomas --- The algorithm is being read as the pseudo random function and failing. I need to see if I can find (or build) an OpenSSL 1.0.2 binary. -- You are receiving this mail because: You are the assignee for the

[Bug 67675] Tomcat and/or Java do not read encrypted private keys with DES-EDE3-CBC generated by openssl-req(1)

2023-12-13 Thread bugzilla
https://bz.apache.org/bugzilla/show_bug.cgi?id=67675 Mark Thomas changed: What|Removed |Added Resolution|FIXED |--- Status|RESOLVED

[Bug 67675] Tomcat and/or Java do not read encrypted private keys with DES-EDE3-CBC generated by openssl-req(1)

2023-12-13 Thread bugzilla
https://bz.apache.org/bugzilla/show_bug.cgi?id=67675 --- Comment #19 from Michael Osipov --- (In reply to ggar from comment #18) > Is it expected for PEM cert/key created with OpenSSL 1.0.2zh (or any 1.0.2) > to stop working after this change? It seems to work fine with items > generated through

[Bug 67675] Tomcat and/or Java do not read encrypted private keys with DES-EDE3-CBC generated by openssl-req(1)

2023-12-13 Thread bugzilla
https://bz.apache.org/bugzilla/show_bug.cgi?id=67675 --- Comment #18 from ggar --- Is it expected for PEM cert/key created with OpenSSL 1.0.2zh (or any 1.0.2) to stop working after this change? It seems to work fine with items generated through OpenSSL 1.1.1. Here's an example of the command we u

JDK 22 Feature Freeze!

2023-12-13 Thread David Delabassee
Welcome to the final OpenJDK Quality Outreach update of 2023! JDK 22, scheduled for General Availability on March 19, 2024, is now in Rampdown Phase One (RDP1) [1]. At this point, the overall JDK 22 feature set is frozen (see the final list of JEPs integrated into JDK 22 below) and only low-ris

(tomcat) branch main updated: Cleanups

2023-12-13 Thread remm
This is an automated email from the ASF dual-hosted git repository. remm pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/main by this push: new 4648db89a2 Cleanups 4648db89a2 is described below com

(tomcat) branch main updated: jextract fixes

2023-12-13 Thread remm
This is an automated email from the ASF dual-hosted git repository. remm pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/main by this push: new 0718605647 jextract fixes 0718605647 is described belo