[tomcat7] 01/01: Backported the test certificates from Tomcat 7.0.39
Emmanuel Bourg
ebourg-guest at moszumanska.debian.org
Fri Feb 28 16:42:56 UTC 2014
This is an automated email from the git hooks/post-receive script.
ebourg-guest pushed a commit to branch wheezy
in repository tomcat7.
commit 316d30963e9cd2ffa258dd2df909d4bd69e10f77
Author: Emmanuel Bourg <ebourg at apache.org>
Date: Fri Feb 28 17:42:01 2014 +0100
Backported the test certificates from Tomcat 7.0.39
---
debian/changelog | 4 +-
debian/keystores/localhost-cert.pem | 79 +++++++++++++++++++++
debian/keystores/localhost-copy1.jks | Bin 0 -> 2197 bytes
debian/keystores/localhost-key.pem | 28 ++++++++
debian/keystores/localhost.jks | Bin 0 -> 2197 bytes
debian/keystores/user1.jks | Bin 0 -> 2194 bytes
debian/patches/0022-update-test-certificates.patch | 49 +++++++++++++
debian/patches/series | 1 +
debian/source/include-binaries | 3 +
9 files changed, 163 insertions(+), 1 deletion(-)
diff --git a/debian/changelog b/debian/changelog
index 73f4914..c7c8645 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -15,8 +15,10 @@ tomcat7 (7.0.28-4+deb7u1) wheezy-security; urgency=high
transfer encoding, Tomcat ignored but did not limit any extensions that
were included. This allows a client to perform a limited denial of service
by streaming an unlimited amount of data to the server.
+ * Replaced the expired certificates used by the tests
+ (backported from Tomcat 7.0.39)
- -- Emmanuel Bourg <ebourg at apache.org> Sun, 09 Feb 2014 01:09:12 +0100
+ -- Emmanuel Bourg <ebourg at apache.org> Fri, 28 Feb 2014 17:38:57 +0100
tomcat7 (7.0.28-4) unstable; urgency=high
diff --git a/debian/keystores/localhost-cert.pem b/debian/keystores/localhost-cert.pem
new file mode 100644
index 0000000..2e1d07e
--- /dev/null
+++ b/debian/keystores/localhost-cert.pem
@@ -0,0 +1,79 @@
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number: 4099 (0x1003)
+ Signature Algorithm: sha1WithRSAEncryption
+ Issuer: C=US, CN=ca-test.tomcat.apache.org
+ Validity
+ Not Before: Feb 28 05:28:42 2013 GMT
+ Not After : Feb 28 05:28:42 2015 GMT
+ Subject: C=US, CN=localhost
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ Public-Key: (2048 bit)
+ Modulus:
+ 00:e7:6f:79:3f:18:87:91:dd:27:98:34:24:79:58:
+ 47:f9:c2:69:2b:d8:5b:c0:e0:bb:4a:57:d6:00:b5:
+ bb:6a:b0:66:84:5c:b8:f0:12:0a:27:27:32:9c:82:
+ 2a:2f:0f:69:77:a6:e9:0d:df:64:31:51:c0:41:1e:
+ dc:d4:74:51:9c:a3:b8:51:13:58:73:ee:21:9c:f9:
+ 63:82:1b:c2:2c:49:c3:09:70:ff:a9:f3:af:a2:0c:
+ 0b:60:2f:6a:db:a5:01:45:3e:34:90:8e:67:69:eb:
+ 45:f3:34:29:85:db:39:8a:99:c2:0f:72:15:21:fd:
+ 54:35:a6:7b:a7:30:cb:1e:4d:3d:32:24:c6:4b:84:
+ 4f:5f:60:ff:64:5e:68:ca:d8:fa:de:98:7d:40:04:
+ 60:b7:ae:50:ec:c8:8c:ae:dd:94:81:41:18:5b:03:
+ 63:0f:2b:02:63:0a:95:6a:ed:7e:68:e6:b6:d5:56:
+ e9:4e:60:ea:1d:95:58:33:be:a2:12:55:cb:7f:9c:
+ c4:97:0b:db:c0:94:09:2a:b3:9f:e1:6b:78:0d:63:
+ 1a:41:d5:6b:db:d8:48:59:04:88:d1:11:d5:e7:45:
+ 28:0e:7c:1b:78:75:20:7d:ff:7f:e1:d6:ea:e4:c5:
+ 51:77:41:42:30:4b:ff:29:33:3d:89:58:94:69:5b:
+ 70:27
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Basic Constraints:
+ CA:FALSE
+ Netscape Comment:
+ OpenSSL Generated Certificate
+ X509v3 Subject Key Identifier:
+ 30:DB:AB:70:94:34:CA:FD:75:46:AB:CE:E2:4A:A9:9E:74:BC:69:BB
+ X509v3 Authority Key Identifier:
+ keyid:B0:3B:BC:C9:FA:28:5F:3E:04:1F:9B:6C:C7:8B:68:D8:01:B0:F8:3D
+
+ Signature Algorithm: sha1WithRSAEncryption
+ ab:d3:e7:2b:35:d3:6d:9f:87:2a:64:58:f1:61:cb:56:a8:84:
+ 22:79:ac:0d:68:1f:55:0d:dd:16:16:72:c4:a9:75:2a:0e:f8:
+ b1:73:68:c9:ee:43:d8:5c:fa:07:5d:3f:41:fb:14:17:be:64:
+ 21:d8:1e:25:67:92:b2:c5:bb:43:1d:96:b6:d3:bd:1c:e1:a4:
+ c7:ee:e3:37:0b:92:14:56:ca:ad:a8:76:5b:80:c9:42:8c:89:
+ f1:42:6e:8c:fb:a1:d7:98:d5:6d:49:99:fe:b6:f6:c6:f3:cc:
+ 8f:06:54:6e:02:f5:8f:4b:f1:86:ac:14:93:6c:74:25:26:44:
+ 7a:5b:82:3c:57:d6:e5:14:6e:b7:29:53:e4:40:7a:2f:10:5d:
+ ff:28:7f:e5:e5:54:6c:38:fa:b9:27:97:2a:69:60:ba:4a:5a:
+ 28:65:b1:81:e0:b7:a1:74:d6:e6:07:81:6d:b8:59:c3:45:bd:
+ 7c:a8:17:67:1f:fc:52:1a:6c:90:87:4d:a1:98:51:8c:29:6a:
+ 84:d9:0d:24:a8:86:6a:5e:6a:b7:f9:27:9b:52:37:96:b5:fd:
+ 94:11:ca:c4:d9:6d:69:81:fa:96:34:63:3a:7c:49:2d:06:48:
+ ae:b1:14:59:12:29:8e:59:3d:03:99:42:90:e6:82:df:08:cf:
+ d7:77:ec:00
+-----BEGIN CERTIFICATE-----
+MIIDSTCCAjGgAwIBAgICEAMwDQYJKoZIhvcNAQEFBQAwMTELMAkGA1UEBhMCVVMx
+IjAgBgNVBAMTGWNhLXRlc3QudG9tY2F0LmFwYWNoZS5vcmcwHhcNMTMwMjI4MDUy
+ODQyWhcNMTUwMjI4MDUyODQyWjAhMQswCQYDVQQGEwJVUzESMBAGA1UEAxMJbG9j
+YWxob3N0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5295PxiHkd0n
+mDQkeVhH+cJpK9hbwOC7SlfWALW7arBmhFy48BIKJycynIIqLw9pd6bpDd9kMVHA
+QR7c1HRRnKO4URNYc+4hnPljghvCLEnDCXD/qfOvogwLYC9q26UBRT40kI5naetF
+8zQphds5ipnCD3IVIf1UNaZ7pzDLHk09MiTGS4RPX2D/ZF5oytj63ph9QARgt65Q
+7MiMrt2UgUEYWwNjDysCYwqVau1+aOa21VbpTmDqHZVYM76iElXLf5zElwvbwJQJ
+KrOf4Wt4DWMaQdVr29hIWQSI0RHV50UoDnwbeHUgff9/4dbq5MVRd0FCMEv/KTM9
+iViUaVtwJwIDAQABo3sweTAJBgNVHRMEAjAAMCwGCWCGSAGG+EIBDQQfFh1PcGVu
+U1NMIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQUMNurcJQ0yv11RqvO
+4kqpnnS8abswHwYDVR0jBBgwFoAUsDu8yfooXz4EH5tsx4to2AGw+D0wDQYJKoZI
+hvcNAQEFBQADggEBAKvT5ys1022fhypkWPFhy1aohCJ5rA1oH1UN3RYWcsSpdSoO
++LFzaMnuQ9hc+gddP0H7FBe+ZCHYHiVnkrLFu0MdlrbTvRzhpMfu4zcLkhRWyq2o
+dluAyUKMifFCboz7odeY1W1Jmf629sbzzI8GVG4C9Y9L8YasFJNsdCUmRHpbgjxX
+1uUUbrcpU+RAei8QXf8of+XlVGw4+rknlyppYLpKWihlsYHgt6F01uYHgW24WcNF
+vXyoF2cf/FIabJCHTaGYUYwpaoTZDSSohmpearf5J5tSN5a1/ZQRysTZbWmB+pY0
+Yzp8SS0GSK6xFFkSKY5ZPQOZQpDmgt8Iz9d37AA=
+-----END CERTIFICATE-----
diff --git a/debian/keystores/localhost-copy1.jks b/debian/keystores/localhost-copy1.jks
new file mode 100644
index 0000000..353cd81
Binary files /dev/null and b/debian/keystores/localhost-copy1.jks differ
diff --git a/debian/keystores/localhost-key.pem b/debian/keystores/localhost-key.pem
new file mode 100644
index 0000000..911476d
--- /dev/null
+++ b/debian/keystores/localhost-key.pem
@@ -0,0 +1,28 @@
+-----BEGIN PRIVATE KEY-----
+MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDnb3k/GIeR3SeY
+NCR5WEf5wmkr2FvA4LtKV9YAtbtqsGaEXLjwEgonJzKcgiovD2l3pukN32QxUcBB
+HtzUdFGco7hRE1hz7iGc+WOCG8IsScMJcP+p86+iDAtgL2rbpQFFPjSQjmdp60Xz
+NCmF2zmKmcIPchUh/VQ1pnunMMseTT0yJMZLhE9fYP9kXmjK2PremH1ABGC3rlDs
+yIyu3ZSBQRhbA2MPKwJjCpVq7X5o5rbVVulOYOodlVgzvqISVct/nMSXC9vAlAkq
+s5/ha3gNYxpB1Wvb2EhZBIjREdXnRSgOfBt4dSB9/3/h1urkxVF3QUIwS/8pMz2J
+WJRpW3AnAgMBAAECggEBALfaj6h3NSPEW7MHIT6gyjT4o5IoQ+O65C6QDrrrpCKC
+Vj6qZmSZACXQdt1sblSKWs+p8hSKNc8UUbWp7eZ9LWRRj5gg1TDrqRpJ6CoxIRUL
+1/wFH6WEqC8EgHj90lcBAzxdyWZZKoAzXpNxCdeDq3eW5Fpe17jzxdUFF9Be6816
+LbxTlrMisLp0u39v1GnE/vd2nemKUWY7uNSRRrtTi8mjAmXcnogxBmAyN7wjqVHt
+KKBYkyTRPCh8K6R+t/dqbZsv1k8fdS1/csXoiU2nJ86pdbSHOQ7aZMWXTZmAE5wb
+G4Oe9X61Hg5xgTDO/nEd8q2Sl6mMSx9L5IjdTm+WVRkCgYEA/CaXCzlUPUtVbkih
+bkDCQbYVarrRo90PskL2mgUQDUBgFOzSQXrJ6qEEYXy5PdOBhiaK3385wSXBX+nF
+7LOANzrgN9k+6Vt3fe20HrYltoc5e0lxvk4rdNSyrpe+E5bz8LtASlMBj2o6W6Md
+NkCAEKRp7wC2gb3MPeWhCpiJrLsCgYEA6vfthWHjL+yr6hFro/IsHnQdYSn4QPgn
++WrOg6gGwhS5ZqJLK5jB95RFvgGhNBxh8nMCP0VnJYmM1pQtzR/YE7PU7SlRyAd/
+DVkyO8NRQTzA6z/mPoeGx4dtTwaye10c7KZxmZCXq1tB4D6gTDJUQF5gt8tbx4C8
+1mul1xQ0aYUCgYAFovMzbAenCx0QxwzcwxPUljZqWVzAVfu412hdzwkp0quTLCwT
+DKSg2xKW/0vAxw6ZKhlmn5hx6d8lvrsO7IBMO8OxW+jdHI9SQFMLcLTtHJ67U8v4
+HhU4mlyYLIoyM+imE/l+79YUF6LQU5gek1iJhrNbhV+PDOgY5h4wd3J0awKBgBfF
+OSwzOO6SPNoTJRaS20/BY29+9XRtJm4fFgFPsE9WFWOCq6Qfcg//2gZc19gTvvzu
+EZ4hAUxU3AChQPjtbcigerv7YCCiUYIiMejF26SD5uhlsH9G6qWo17AU911vkAuI
+0xk7/XwCYWm0LDdJKCjS42n0krZeGbx/a2mUy7CZAoGAGXq2r3INg0xiZa8mSeJB
+MeZswgGKxN7MHlKKcpELEWg97ev4NvTq4T+PEl+1miRtlyzcFgMXKe3oBU0Ru7Qu
+O2u3kfLTOPGHmo+KpFNJHE8g+PwoOheNis2JZkd3T9fX7JRRYCiBeW4nMYzP2yGS
+nlaUqPewhh5/1fRCmF36TyU=
+-----END PRIVATE KEY-----
diff --git a/debian/keystores/localhost.jks b/debian/keystores/localhost.jks
new file mode 100644
index 0000000..3be335c
Binary files /dev/null and b/debian/keystores/localhost.jks differ
diff --git a/debian/keystores/user1.jks b/debian/keystores/user1.jks
new file mode 100644
index 0000000..0c084fc
Binary files /dev/null and b/debian/keystores/user1.jks differ
diff --git a/debian/patches/0022-update-test-certificates.patch b/debian/patches/0022-update-test-certificates.patch
new file mode 100644
index 0000000..426f2c0
--- /dev/null
+++ b/debian/patches/0022-update-test-certificates.patch
@@ -0,0 +1,49 @@
+Description: Uses updated test certificates to avoid a build failure when the tests are enabled.
+ The updated keystores were taken from Tomcat 7.0.39 (http://svn.apache.org/r1451105)
+Author: Emmanuel Bourg <ebourg at apache.org>
+Forwarded: not-needed
+--- a/test/org/apache/tomcat/util/net/TesterSupport.java
++++ b/test/org/apache/tomcat/util/net/TesterSupport.java
+@@ -89,7 +89,7 @@
+ Connector connector = tomcat.getConnector();
+ connector.setProperty("sslProtocol", "tls");
+ File keystoreFile =
+- new File("test/org/apache/tomcat/util/net/" + keystore);
++ new File("debian/keystores/" + keystore);
+ connector.setAttribute("keystoreFile",
+ keystoreFile.getAbsolutePath());
+ File truststoreFile = new File(
+@@ -104,11 +104,11 @@
+ }
+ } else {
+ File keystoreFile = new File(
+- "test/org/apache/tomcat/util/net/localhost-cert.pem");
++ "debian/keystores/localhost-cert.pem");
+ tomcat.getConnector().setAttribute("SSLCertificateFile",
+ keystoreFile.getAbsolutePath());
+ keystoreFile = new File(
+- "test/org/apache/tomcat/util/net/localhost-key.pem");
++ "debian/keystores/localhost-key.pem");
+ tomcat.getConnector().setAttribute("SSLCertificateKeyFile",
+ keystoreFile.getAbsolutePath());
+ }
+@@ -119,7 +119,7 @@
+ protected static KeyManager[] getUser1KeyManagers() throws Exception {
+ KeyManagerFactory kmf = KeyManagerFactory.getInstance(
+ KeyManagerFactory.getDefaultAlgorithm());
+- kmf.init(getKeyStore("test/org/apache/tomcat/util/net/user1.jks"),
++ kmf.init(getKeyStore("debian/keystores/user1.jks"),
+ "changeit".toCharArray());
+ return kmf.getKeyManagers();
+ }
+--- a/test/org/apache/tomcat/util/net/TestCustomSsl.java
++++ b/test/org/apache/tomcat/util/net/TestCustomSsl.java
+@@ -62,7 +62,7 @@
+ connector.setProperty("sslProtocol", "tls");
+
+ File keystoreFile =
+- new File("test/org/apache/tomcat/util/net/localhost.jks");
++ new File("debian/keystores/localhost.jks");
+ connector.setAttribute(
+ "keystoreFile", keystoreFile.getAbsolutePath());
+
diff --git a/debian/patches/series b/debian/patches/series
index d62c03a..9c82f7c 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -17,3 +17,4 @@ cve-2012-3439-tests.patch
0019-CVE-2013-2067.patch
0020-CVE-2013-2071.patch
0021-CVE-2012-3544.patch
+0022-update-test-certificates.patch
diff --git a/debian/source/include-binaries b/debian/source/include-binaries
new file mode 100644
index 0000000..49fd341
--- /dev/null
+++ b/debian/source/include-binaries
@@ -0,0 +1,3 @@
+debian/keystores/localhost.jks
+debian/keystores/user1.jks
+debian/keystores/localhost-copy1.jks
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-java/tomcat7.git
More information about the pkg-java-commits
mailing list