Hello World Servlet

From gitlab at salsa.debian.org Mon Mar 1 00:20:38 2021 From: gitlab at salsa.debian.org (=?UTF-8?B?TG91aXMtUGhpbGlwcGUgVsOpcm9ubmVhdQ==?=) Date: Mon, 01 Mar 2021 00:20:38 +0000 Subject: [Git][clojure-team/trapperkeeper-webserver-jetty9-clojure] Pushed new tag debian/4.1.0-3 Message-ID: <603c335688fc_799a8d59d98708388@godard.mail> Louis-Philippe V?ronneau pushed new tag debian/4.1.0-3 at Debian Clojure Maintainers / trapperkeeper-webserver-jetty9-clojure -- View it on GitLab: https://salsa.debian.org/clojure-team/trapperkeeper-webserver-jetty9-clojure/-/tree/debian/4.1.0-3 You're receiving this email because of your account on salsa.debian.org. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gitlab at salsa.debian.org Mon Mar 1 00:20:37 2021 From: gitlab at salsa.debian.org (=?UTF-8?B?TG91aXMtUGhpbGlwcGUgVsOpcm9ubmVhdQ==?=) Date: Mon, 01 Mar 2021 00:20:37 +0000 Subject: [Git][clojure-team/trapperkeeper-webserver-jetty9-clojure][debian/main] d/patches: add 0009 to disable tests that require networking. Message-ID: <603c3355bf046_799a5839348708015@godard.mail> Louis-Philippe V?ronneau pushed to branch debian/main at Debian Clojure Maintainers / trapperkeeper-webserver-jetty9-clojure Commits: 9fe78ede by Louis-Philippe V?ronneau at 2021-02-28T19:17:02-05:00 d/patches: add 0009 to disable tests that require networking. (Closes: #983697) - - - - - 3 changed files: - debian/changelog - + debian/patches/0009_Testsuite_Requires_Network.patch - debian/patches/series Changes: ===================================== debian/changelog ===================================== @@ -1,3 +1,11 @@ +trapperkeeper-webserver-jetty9-clojure (4.1.0-3) unstable; urgency=medium + + * Team upload. + * d/patches: add 0009 to disable tests that require networking. + (Closes: #983697) + + -- Louis-Philippe V?ronneau Sun, 28 Feb 2021 19:15:28 -0500 + trapperkeeper-webserver-jetty9-clojure (4.1.0-2) unstable; urgency=medium * Team upload. ===================================== debian/patches/0009_Testsuite_Requires_Network.patch ===================================== @@ -0,0 +1,155 @@ +These tests fail when the network is disabled. See #983738 and +https://github.com/puppetlabs/trapperkeeper-webserver-jetty9/issues/224 for more +details. +Index: trapperkeeper-webserver-jetty9-clojure/test/clj/puppetlabs/trapperkeeper/services/webrouting/webrouting_service_handlers_test.clj +=================================================================== +--- trapperkeeper-webserver-jetty9-clojure.orig/test/clj/puppetlabs/trapperkeeper/services/webrouting/webrouting_service_handlers_test.clj ++++ trapperkeeper-webserver-jetty9-clojure/test/clj/puppetlabs/trapperkeeper/services/webrouting/webrouting_service_handlers_test.clj +@@ -152,43 +152,43 @@ + (is (= (:status response) 200)) + (is (= (:body response) body))))))) + +-(deftest war-test-web-routing +- (testing "WAR support with web routing" +- (with-app-with-config app +- [jetty9-service +- webrouting-service +- test-dummy] +- webrouting-plaintext-config +- (let [s (get-service app :WebroutingService) +- add-war-handler (partial add-war-handler s) +- war "helloWorld.war" +- svc (get-service app :TestDummy)] +- (add-war-handler svc (str dev-resources-dir war)) +- (let [response (http-get "http://localhost:8080/foo/hello")] +- (is (= (:status response) 200)) +- (is (= (:body response) +- "\nHello World Servlet\nHello World!!\n\n")))))) +- +- (testing "WAR support with multiple web routes" +- (with-app-with-config app +- [jetty9-service +- webrouting-service +- test-dummy] +- webrouting-plaintext-multiroute-config +- (let [s (get-service app :WebroutingService) +- add-war-handler (partial add-war-handler s) +- war "helloWorld.war" +- svc (get-service app :TestDummy)] +- (add-war-handler svc (str dev-resources-dir war) {:route-id :quux}) +- (add-war-handler svc (str dev-resources-dir war) {:route-id :foo}) +- (let [response (http-get "http://localhost:8080/foo/hello")] +- (is (= (:status response) 200)) +- (is (= (:body response) +- "\nHello World Servlet\nHello World!!\n\n"))) +- (let [response (http-get "http://localhost:8080/bar/hello")] +- (is (= (:status response) 200)) +- (is (= (:body response) +- "\nHello World Servlet\nHello World!!\n\n"))))))) ++;(deftest war-test-web-routing ++; (testing "WAR support with web routing" ++; (with-app-with-config app ++; [jetty9-service ++; webrouting-service ++; test-dummy] ++; webrouting-plaintext-config ++; (let [s (get-service app :WebroutingService) ++; add-war-handler (partial add-war-handler s) ++; war "helloWorld.war" ++; svc (get-service app :TestDummy)] ++; (add-war-handler svc (str dev-resources-dir war)) ++; (let [response (http-get "http://localhost:8080/foo/hello")] ++; (is (= (:status response) 200)) ++; (is (= (:body response) ++; "\nHello World Servlet\nHello World!!\n\n")))))) ++; ++; (testing "WAR support with multiple web routes" ++; (with-app-with-config app ++; [jetty9-service ++; webrouting-service ++; test-dummy] ++; webrouting-plaintext-multiroute-config ++; (let [s (get-service app :WebroutingService) ++; add-war-handler (partial add-war-handler s) ++; war "helloWorld.war" ++; svc (get-service app :TestDummy)] ++; (add-war-handler svc (str dev-resources-dir war) {:route-id :quux}) ++; (add-war-handler svc (str dev-resources-dir war) {:route-id :foo}) ++; (let [response (http-get "http://localhost:8080/foo/hello")] ++; (is (= (:status response) 200)) ++; (is (= (:body response) ++; "\nHello World Servlet\nHello World!!\n\n"))) ++; (let [response (http-get "http://localhost:8080/bar/hello")] ++; (is (= (:status response) 200)) ++; (is (= (:body response) ++; "\nHello World Servlet\nHello World!!\n\n"))))))) + + (deftest endpoints-test-web-routing + (testing (str "get-registered-endpoints and log-registered-endpoints are " +Index: trapperkeeper-webserver-jetty9-clojure/test/clj/puppetlabs/trapperkeeper/services/webserver/jetty9_service_handlers_test.clj +=================================================================== +--- trapperkeeper-webserver-jetty9-clojure.orig/test/clj/puppetlabs/trapperkeeper/services/webserver/jetty9_service_handlers_test.clj ++++ trapperkeeper-webserver-jetty9-clojure/test/clj/puppetlabs/trapperkeeper/services/webserver/jetty9_service_handlers_test.clj +@@ -235,34 +235,34 @@ + handlers {:on-connect (fn [ws] (ws-session/close! ws 4000 "Bye"))}] + (add-websocket-handler handlers path))))) + +-(deftest war-test +- (testing "WAR support" +- (with-app-with-config app +- [jetty9-service] +- jetty-plaintext-config +- (let [s (get-service app :WebserverService) +- add-war-handler (partial add-war-handler s) +- path "/test" +- war "helloWorld.war"] +- (add-war-handler (str dev-resources-dir war) path) +- (let [response (http-get (str "http://localhost:8080" path "/hello"))] +- (is (= (:status response) 200)) +- (is (= (:body response) +- "\nHello World Servlet\nHello World!!\n\n")))))) +- +- (testing "WAR support with add-war-handler-to" +- (with-app-with-config app +- [jetty9-service] +- jetty-multiserver-plaintext-config +- (let [s (get-service app :WebserverService) +- add-war-handler (partial add-war-handler s) +- path "/test" +- war "helloWorld.war"] +- (add-war-handler (str dev-resources-dir war) path {:server-id :foo}) +- (let [response (http-get (str "http://localhost:8085" path "/hello"))] +- (is (= (:status response) 200)) +- (is (= (:body response) +- "\nHello World Servlet\nHello World!!\n\n"))))))) ++;(deftest war-test ++; (testing "WAR support" ++; (with-app-with-config app ++; [jetty9-service] ++; jetty-plaintext-config ++; (let [s (get-service app :WebserverService) ++; add-war-handler (partial add-war-handler s) ++; path "/test" ++; war "helloWorld.war"] ++; (add-war-handler (str dev-resources-dir war) path) ++; (let [response (http-get (str "http://localhost:8080" path "/hello"))] ++; (is (= (:status response) 200)) ++; (is (= (:body response) ++; "\nHello World Servlet\nHello World!!\n\n")))))) ++; ++; (testing "WAR support with add-war-handler-to" ++; (with-app-with-config app ++; [jetty9-service] ++; jetty-multiserver-plaintext-config ++; (let [s (get-service app :WebserverService) ++; add-war-handler (partial add-war-handler s) ++; path "/test" ++; war "helloWorld.war"] ++; (add-war-handler (str dev-resources-dir war) path {:server-id :foo}) ++; (let [response (http-get (str "http://localhost:8085" path "/hello"))] ++; (is (= (:status response) 200)) ++; (is (= (:body response) ++; "\nHello World Servlet\nHello World!!\n\n"))))))) + + (deftest endpoints-test + (testing "Retrieve all endpoints" ===================================== debian/patches/series ===================================== @@ -3,3 +3,4 @@ 0006_Lein_Local.patch 0007_No_Gniazdo.patch 0008_Jetty_Post_Config_Failure.patch +0009_Testsuite_Requires_Network.patch View it on GitLab: https://salsa.debian.org/clojure-team/trapperkeeper-webserver-jetty9-clojure/-/commit/9fe78ede081313399439f315aafe182b8f75baef -- View it on GitLab: https://salsa.debian.org/clojure-team/trapperkeeper-webserver-jetty9-clojure/-/commit/9fe78ede081313399439f315aafe182b8f75baef You're receiving this email because of your account on salsa.debian.org. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gitlab at salsa.debian.org Tue Mar 2 03:55:06 2021 From: gitlab at salsa.debian.org (Tony Mancill) Date: Tue, 02 Mar 2021 03:55:06 +0000 Subject: [Git][java-team/maven-cache-cleanup][master] Import Debian changes 1.0.4-1.2 Message-ID: <603db71a9168_799a8d59d98839391@godard.mail> Tony Mancill pushed to branch master at Debian Java Maintainers / maven-cache-cleanup Commits: e3963de8 by Adrian Bunk at 2021-03-01T19:54:40-08:00 Import Debian changes 1.0.4-1.2 maven-cache-cleanup (1.0.4-1.2) unstable; urgency=medium .. * Non-maintainer upload. * Add the missing dependency on java-wrappers, thanks to Hans Joachim Desserud for the bug report. (Closes: #958787) - - - - - 2 changed files: - debian/changelog - debian/control Changes: ===================================== debian/changelog ===================================== @@ -1,3 +1,11 @@ +maven-cache-cleanup (1.0.4-1.2) unstable; urgency=medium + + * Non-maintainer upload. + * Add the missing dependency on java-wrappers, thanks to + Hans Joachim Desserud for the bug report. (Closes: #958787) + + -- Adrian Bunk Sat, 27 Feb 2021 16:12:46 +0200 + maven-cache-cleanup (1.0.4-1.1) unstable; urgency=medium * Non maintainer upload by the Reproducible Builds team. ===================================== debian/control ===================================== @@ -14,7 +14,7 @@ Homepage: https://github.com/nadestin/tools Package: maven-cache-cleanup Architecture: all -Depends: ${maven:Depends}, ${misc:Depends}, default-jre-headless | java7-runtime-headless +Depends: ${maven:Depends}, ${misc:Depends}, default-jre-headless | java7-runtime-headless, java-wrappers Suggests: ${maven:OptionalDepends} Description: Utility to purge timestamped snapshots from Maven repositories Maven 3 dropped support for non-unique snapshot versions, which had the View it on GitLab: https://salsa.debian.org/java-team/maven-cache-cleanup/-/commit/e3963de87b8a7e90e5ac0c1c12562b7e74763a3c -- View it on GitLab: https://salsa.debian.org/java-team/maven-cache-cleanup/-/commit/e3963de87b8a7e90e5ac0c1c12562b7e74763a3c You're receiving this email because of your account on salsa.debian.org. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gitlab at salsa.debian.org Tue Mar 2 03:55:06 2021 From: gitlab at salsa.debian.org (Tony Mancill) Date: Tue, 02 Mar 2021 03:55:06 +0000 Subject: [Git][java-team/maven-cache-cleanup] Pushed new tag debian/1.0.4-1.2 Message-ID: <603db71a21837_799ac9c08e083958b@godard.mail> Tony Mancill pushed new tag debian/1.0.4-1.2 at Debian Java Maintainers / maven-cache-cleanup -- View it on GitLab: https://salsa.debian.org/java-team/maven-cache-cleanup/-/tree/debian/1.0.4-1.2 You're receiving this email because of your account on salsa.debian.org. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gitlab at salsa.debian.org Tue Mar 2 16:21:55 2021 From: gitlab at salsa.debian.org (Markus Koschany) Date: Tue, 02 Mar 2021 16:21:55 +0000 Subject: [Git][java-team/activemq][master] 5 commits: New upstream version 5.16.1 Message-ID: <603e662377757_799aca28b98885253@godard.mail> Markus Koschany pushed to branch master at Debian Java Maintainers / activemq Commits: d3c37eb1 by Markus Koschany at 2021-03-02T17:07:13+01:00 New upstream version 5.16.1 - - - - - 7fb61873 by Markus Koschany at 2021-03-02T17:07:45+01:00 Update upstream source from tag 'upstream/5.16.1' Update to upstream version '5.16.1' with Debian dir a668279c33e981b06cdffbe7e68de7ffb079c459 - - - - - fc09861d by Markus Koschany at 2021-03-02T17:08:27+01:00 Declare compliance with Debian Policy 4.5.1. - - - - - 6515dc82 by Markus Koschany at 2021-03-02T17:10:16+01:00 Update changelog - - - - - bca0e977 by Markus Koschany at 2021-03-02T17:14:53+01:00 Refresh the patches - - - - - 30 changed files: - + Jenkinsfile - README.md - activemq-all/pom.xml - activemq-amqp/pom.xml - activemq-amqp/src/main/java/org/apache/activemq/transport/amqp/protocol/AmqpSender.java - + activemq-amqp/src/test/resources/README.txt - activemq-amqp/src/test/resources/alternative.keystore - activemq-amqp/src/test/resources/keystore - activemq-blueprint/pom.xml - activemq-broker/pom.xml - activemq-broker/src/main/java/org/apache/activemq/broker/BrokerService.java - activemq-broker/src/main/java/org/apache/activemq/broker/TransportConnector.java - activemq-broker/src/main/java/org/apache/activemq/broker/jmx/AnnotatedMBean.java - activemq-broker/src/main/java/org/apache/activemq/broker/jmx/DestinationsViewFilter.java - activemq-broker/src/main/java/org/apache/activemq/broker/jmx/JobSchedulerView.java - activemq-broker/src/main/java/org/apache/activemq/broker/jmx/JobSchedulerViewMBean.java - activemq-broker/src/main/java/org/apache/activemq/broker/region/BaseDestination.java - activemq-broker/src/main/java/org/apache/activemq/broker/region/DurableTopicSubscription.java - activemq-broker/src/main/java/org/apache/activemq/broker/region/Queue.java - activemq-broker/src/main/java/org/apache/activemq/broker/region/Topic.java - activemq-broker/src/main/java/org/apache/activemq/broker/region/TopicSubscription.java - activemq-broker/src/main/java/org/apache/activemq/broker/region/policy/UniquePropertyMessageEvictionStrategy.java - activemq-broker/src/main/java/org/apache/activemq/broker/region/virtual/CompositeDestination.java - activemq-broker/src/main/java/org/apache/activemq/broker/region/virtual/CompositeDestinationFilter.java - activemq-broker/src/main/java/org/apache/activemq/broker/region/virtual/MirroredQueue.java - activemq-broker/src/main/java/org/apache/activemq/broker/region/virtual/SelectorAwareVirtualTopicInterceptor.java - activemq-broker/src/main/java/org/apache/activemq/broker/region/virtual/VirtualTopic.java - activemq-broker/src/main/java/org/apache/activemq/broker/region/virtual/VirtualTopicInterceptor.java - activemq-broker/src/main/java/org/apache/activemq/broker/region/virtual/package.html - activemq-broker/src/main/java/org/apache/activemq/network/DemandForwardingBridgeSupport.java The diff was not included because it is too large. View it on GitLab: https://salsa.debian.org/java-team/activemq/-/compare/06bbc3d869f77c27424aa819f9a4c949bd353036...bca0e977f950400756e7d8e588a64914b0384b3b -- View it on GitLab: https://salsa.debian.org/java-team/activemq/-/compare/06bbc3d869f77c27424aa819f9a4c949bd353036...bca0e977f950400756e7d8e588a64914b0384b3b You're receiving this email because of your account on salsa.debian.org. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gitlab at salsa.debian.org Tue Mar 2 16:21:56 2021 From: gitlab at salsa.debian.org (Markus Koschany) Date: Tue, 02 Mar 2021 16:21:56 +0000 Subject: [Git][java-team/activemq][pristine-tar] pristine-tar data for activemq_5.16.1.orig.tar.xz Message-ID: <603e6624eec9d_799aca28b988855e5@godard.mail> Markus Koschany pushed to branch pristine-tar at Debian Java Maintainers / activemq Commits: a610409d by Markus Koschany at 2021-03-02T17:07:36+01:00 pristine-tar data for activemq_5.16.1.orig.tar.xz - - - - - 2 changed files: - + activemq_5.16.1.orig.tar.xz.delta - + activemq_5.16.1.orig.tar.xz.id Changes: ===================================== activemq_5.16.1.orig.tar.xz.delta ===================================== Binary files /dev/null and b/activemq_5.16.1.orig.tar.xz.delta differ ===================================== activemq_5.16.1.orig.tar.xz.id ===================================== @@ -0,0 +1 @@ +434f5d65772b5e93db298898057b26f7c91871a8 View it on GitLab: https://salsa.debian.org/java-team/activemq/-/commit/a610409df96301fc05ad93ee8dac237f4033a456 -- View it on GitLab: https://salsa.debian.org/java-team/activemq/-/commit/a610409df96301fc05ad93ee8dac237f4033a456 You're receiving this email because of your account on salsa.debian.org. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gitlab at salsa.debian.org Tue Mar 2 16:21:57 2021 From: gitlab at salsa.debian.org (Markus Koschany) Date: Tue, 02 Mar 2021 16:21:57 +0000 Subject: [Git][java-team/activemq] Pushed new tag debian/5.16.1-1 Message-ID: <603e66256fd0_799ae1d8a90885772@godard.mail> Markus Koschany pushed new tag debian/5.16.1-1 at Debian Java Maintainers / activemq -- View it on GitLab: https://salsa.debian.org/java-team/activemq/-/tree/debian/5.16.1-1 You're receiving this email because of your account on salsa.debian.org. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gitlab at salsa.debian.org Tue Mar 2 16:21:57 2021 From: gitlab at salsa.debian.org (Markus Koschany) Date: Tue, 02 Mar 2021 16:21:57 +0000 Subject: [Git][java-team/activemq][upstream] New upstream version 5.16.1 Message-ID: <603e66251bba2_799ada469f888601d@godard.mail> Markus Koschany pushed to branch upstream at Debian Java Maintainers / activemq Commits: d3c37eb1 by Markus Koschany at 2021-03-02T17:07:13+01:00 New upstream version 5.16.1 - - - - - 30 changed files: - + Jenkinsfile - README.md - activemq-all/pom.xml - activemq-amqp/pom.xml - activemq-amqp/src/main/java/org/apache/activemq/transport/amqp/protocol/AmqpSender.java - + activemq-amqp/src/test/resources/README.txt - activemq-amqp/src/test/resources/alternative.keystore - activemq-amqp/src/test/resources/keystore - activemq-blueprint/pom.xml - activemq-broker/pom.xml - activemq-broker/src/main/java/org/apache/activemq/broker/BrokerService.java - activemq-broker/src/main/java/org/apache/activemq/broker/TransportConnector.java - activemq-broker/src/main/java/org/apache/activemq/broker/jmx/AnnotatedMBean.java - activemq-broker/src/main/java/org/apache/activemq/broker/jmx/DestinationsViewFilter.java - activemq-broker/src/main/java/org/apache/activemq/broker/jmx/JobSchedulerView.java - activemq-broker/src/main/java/org/apache/activemq/broker/jmx/JobSchedulerViewMBean.java - activemq-broker/src/main/java/org/apache/activemq/broker/region/BaseDestination.java - activemq-broker/src/main/java/org/apache/activemq/broker/region/DurableTopicSubscription.java - activemq-broker/src/main/java/org/apache/activemq/broker/region/Queue.java - activemq-broker/src/main/java/org/apache/activemq/broker/region/Topic.java - activemq-broker/src/main/java/org/apache/activemq/broker/region/TopicSubscription.java - activemq-broker/src/main/java/org/apache/activemq/broker/region/policy/UniquePropertyMessageEvictionStrategy.java - activemq-broker/src/main/java/org/apache/activemq/broker/region/virtual/CompositeDestination.java - activemq-broker/src/main/java/org/apache/activemq/broker/region/virtual/CompositeDestinationFilter.java - activemq-broker/src/main/java/org/apache/activemq/broker/region/virtual/MirroredQueue.java - activemq-broker/src/main/java/org/apache/activemq/broker/region/virtual/SelectorAwareVirtualTopicInterceptor.java - activemq-broker/src/main/java/org/apache/activemq/broker/region/virtual/VirtualTopic.java - activemq-broker/src/main/java/org/apache/activemq/broker/region/virtual/VirtualTopicInterceptor.java - activemq-broker/src/main/java/org/apache/activemq/broker/region/virtual/package.html - activemq-broker/src/main/java/org/apache/activemq/network/DemandForwardingBridgeSupport.java The diff was not included because it is too large. View it on GitLab: https://salsa.debian.org/java-team/activemq/-/commit/d3c37eb11b5afd95d9cb8a4f64d2d990eeb14fa2 -- View it on GitLab: https://salsa.debian.org/java-team/activemq/-/commit/d3c37eb11b5afd95d9cb8a4f64d2d990eeb14fa2 You're receiving this email because of your account on salsa.debian.org. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gitlab at salsa.debian.org Tue Mar 2 16:22:00 2021 From: gitlab at salsa.debian.org (Markus Koschany) Date: Tue, 02 Mar 2021 16:22:00 +0000 Subject: [Git][java-team/activemq] Pushed new tag upstream/5.16.1 Message-ID: <603e66289b4be_799ae1d8a9088645c@godard.mail> Markus Koschany pushed new tag upstream/5.16.1 at Debian Java Maintainers / activemq -- View it on GitLab: https://salsa.debian.org/java-team/activemq/-/tree/upstream/5.16.1 You're receiving this email because of your account on salsa.debian.org. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gitlab at salsa.debian.org Wed Mar 3 20:18:38 2021 From: gitlab at salsa.debian.org (Sudip Mukherjee) Date: Wed, 03 Mar 2021 20:18:38 +0000 Subject: [Git][java-team/maven] Pushed new tag debian/3.6.3-5_bpo10+1 Message-ID: <603fef1ec178f_799aca417d81035257@godard.mail> Sudip Mukherjee pushed new tag debian/3.6.3-5_bpo10+1 at Debian Java Maintainers / maven -- View it on GitLab: https://salsa.debian.org/java-team/maven/-/tree/debian/3.6.3-5_bpo10+1 You're receiving this email because of your account on salsa.debian.org. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gitlab at salsa.debian.org Wed Mar 3 20:18:38 2021 From: gitlab at salsa.debian.org (Sudip Mukherjee) Date: Wed, 03 Mar 2021 20:18:38 +0000 Subject: [Git][java-team/maven][buster-backports] 13 commits: Depend on Guice no_aop (Closes: #948310, #980467) Message-ID: <603fef1edc7e8_799aca28b98103537a@godard.mail> Sudip Mukherjee pushed to branch buster-backports at Debian Java Maintainers / maven Commits: 48fb5b2a by Emmanuel Bourg at 2021-01-19T16:21:33+01:00 Depend on Guice no_aop (Closes: #948310, #980467) - - - - - de28fabf by Emmanuel Bourg at 2021-01-19T16:43:47+01:00 Standards-Version updated to 4.5.1 - - - - - 4a187ec9 by Emmanuel Bourg at 2021-01-19T16:43:52+01:00 Switch to debhelper level 13 - - - - - dab78d9e by Emmanuel Bourg at 2021-01-19T16:53:26+01:00 Fixed the versioned dependency on libplexus-utils2-java (Closes: #948286) - - - - - 509773f8 by Emmanuel Bourg at 2021-01-19T22:09:38+01:00 Fixed the name of the bash completion script - - - - - 555e0b48 by Emmanuel Bourg at 2021-01-19T22:09:43+01:00 Fixed the bash completion of the dependency plugin (Closes: #677989) - - - - - 03ac5e1f by Emmanuel Bourg at 2021-01-19T22:09:43+01:00 Tightened the dependency on libsisu-plexus-java (>= 0.3.4) - - - - - 5fa497a6 by Emmanuel Bourg at 2021-01-19T22:10:26+01:00 Upload to unstable - - - - - 6dcafed3 by Emmanuel Bourg at 2021-01-20T08:36:20+01:00 Fixed the mh_resolve_dependencies error truncating the package dependencies (Closes: #980526) - - - - - eea1423c by Emmanuel Bourg at 2021-02-09T10:51:43+01:00 Switch to eclipse-sisu-maven-plugin - - - - - ea21e90e by Emmanuel Bourg at 2021-02-10T15:59:24+01:00 Removed the rule replacing the Guice no_aop dependency in the poms (Closes: #982466) - - - - - d53dcb55 by Sudip Mukherjee at 2021-02-24T18:44:16+00:00 Merge remote-tracking branch 'master' into 'buster-backports' Signed-off-by: Sudip Mukherjee <sudipm.mukherjee at gmail.com> - - - - - dac10ac1 by Sudip Mukherjee at 2021-03-03T20:11:10+00:00 Add changelog for 3.6.3-5~bpo10+1 release Signed-off-by: Sudip Mukherjee <sudipm.mukherjee at gmail.com> - - - - - 8 changed files: - debian/bash_completion.d/maven ? debian/bash_completion.d/mvn - debian/changelog - ? debian/compat - debian/control - debian/copyright - debian/maven.install - debian/maven.links - debian/maven.rules Changes: ===================================== debian/bash_completion.d/maven ? debian/bash_completion.d/mvn ===================================== @@ -578,7 +578,7 @@ __mvndependency_resolve () __mvncomp "$(__mvnlist_prefix 'classifier=' ${__mvnclassifiers}) excludeArtifactIds= excludeClassifiers= excludeGroupIds= excludeScope= excludeTransitive=true excludeTypes= includeArtifactIds= includeClassifiers= includeGroupIds= includeScope= includeTypes= markersDirectory= outputAbsoluteArtifactFilename= outputFile= outputScope=false overWriteIfNewer=false - overWriteReleases=true overWriteSnapshots=true silent=true type=" + overWriteReleases=true overWriteSnapshots=true silent=true type=" \ "-D" "${cur}" ;; esac @@ -595,7 +595,7 @@ __mvndependency_purge_local_repository () ;; *) __mvncomp "actTransitively=false exclude= reResolve=false verbose=true - $(__mvnlist_prefix 'resolutionFuzziness=' ${fuzziness})" + $(__mvnlist_prefix 'resolutionFuzziness=' ${fuzziness})" \ "-D" "${cur}" ;; esac @@ -626,7 +626,7 @@ __mvndependency_tree () ;; *) __mvncomp "excludes= includes= outputFile= scope= verbose=true - $(__mvnlist_prefix 'tokens=' ${tokens})" + $(__mvnlist_prefix 'tokens=' ${tokens})" \ "-D" "${cur}" ;; esac ===================================== debian/changelog ===================================== @@ -1,9 +1,41 @@ -maven (3.6.3-1~bpo10+1) buster-backports; urgency=medium +maven (3.6.3-5~bpo10+1) buster-backports; urgency=medium * Team upload. * Rebuild for buster-backports. - -- Sudip Mukherjee Sun, 17 Jan 2021 00:35:01 +0000 + -- Sudip Mukherjee Wed, 03 Mar 2021 20:10:48 +0000 + +maven (3.6.3-5) unstable; urgency=medium + + * Removed the rule replacing the Guice no_aop dependency in the poms + (Closes: #982466) + + -- Emmanuel Bourg Wed, 10 Feb 2021 15:59:15 +0100 + +maven (3.6.3-4) unstable; urgency=medium + + * Switch to eclipse-sisu-maven-plugin + + -- Emmanuel Bourg Tue, 09 Feb 2021 10:49:40 +0100 + +maven (3.6.3-3) unstable; urgency=medium + + * Fixed the mh_resolve_dependencies error truncating the package dependencies + (Closes: #980526) + + -- Emmanuel Bourg Wed, 20 Jan 2021 08:35:59 +0100 + +maven (3.6.3-2) unstable; urgency=medium + + * Depend on Guice no_aop (Closes: #948310, #980467) + * Fixed the name of the bash completion script + * Fixed the bash completion of the dependency plugin (Closes: #677989) + * Fixed the versioned dependency on libplexus-utils2-java (Closes: #948286) + * Tightened the dependency on libsisu-plexus-java (>= 0.3.4) + * Standards-Version updated to 4.5.1 + * Switch to debhelper level 13 + + -- Emmanuel Bourg Tue, 19 Jan 2021 18:58:13 +0100 maven (3.6.3-1) unstable; urgency=medium ===================================== debian/compat deleted ===================================== @@ -1 +0,0 @@ -11 ===================================== debian/control ===================================== @@ -6,7 +6,7 @@ Uploaders: Emmanuel Bourg , Stephen Kitt Build-Depends: - debhelper (>= 11), + debhelper-compat (= 13), default-jdk, junit4, libcommons-cli-java (>= 1.4), @@ -14,8 +14,9 @@ Build-Depends: libcommons-lang3-java (>= 3.4-2~), libcommons-logging-java, libeasymock-java, + libeclipse-sisu-maven-plugin-java (>= 0.3.4), libgeronimo-annotation-1.3-spec-java, - libguice-java (>= 4.0), + libguice-java (>= 4.2.3-2~), liblogback-java, libmaven-parent-java (>= 31-2~), libmaven-resolver-java, @@ -28,8 +29,7 @@ Build-Depends: libplexus-component-metadata-java (>= 1.7), libplexus-interpolation-java (>= 1.24), libplexus-utils2-java (>= 3.2), - libsisu-maven-plugin-java, - libsisu-plexus-java (>= 0.3.3), + libsisu-plexus-java (>= 0.3.4), libslf4j-java (>= 1.7.25), libsurefire-java (>= 2.17), libwagon-file-java, @@ -37,15 +37,15 @@ Build-Depends: libwagon-http-shaded-java, libwagon-provider-api-java, libxmlunit-java, - maven-debian-helper -Standards-Version: 4.5.0 + maven-debian-helper (>= 2.6~) +Standards-Version: 4.5.1 Vcs-Git: https://salsa.debian.org/java-team/maven.git Vcs-Browser: https://salsa.debian.org/java-team/maven Homepage: http://maven.apache.org Package: libmaven3-core-java Architecture: all -Depends: ${misc:Depends}, ${maven:Depends} +Depends: ${misc:Depends}, ${maven:Depends}, libplexus-utils2-java (>= 3.2) Suggests: ${maven:OptionalDepends} Replaces: maven (<< 3.0.5-7) Breaks: maven (<< 3.0.5-7), gradle (<< 3.2.1-3~) ===================================== debian/copyright ===================================== @@ -17,7 +17,7 @@ Copyright: 2007, Paul Cager 2018, Stephen Kitt License: GPL-2 -Files: debian/bash_completion.d/maven +Files: debian/bash_completion.d/mvn Copyright: 2006-2007, Shawn O. Pearce 2009, Ludovic Claude License: GPL-2 ===================================== debian/maven.install ===================================== @@ -4,6 +4,6 @@ apache-maven/src/bin/mvnDebug /usr/share/maven/bin/ apache-maven/src/bin/mvnyjp /usr/share/maven/bin/ apache-maven/src/conf/* /etc/maven -debian/bash_completion.d/maven /usr/share/bash-completion/completions/ +debian/bash_completion.d/mvn /usr/share/bash-completion/completions/ debian/mvn.1 usr/share/maven/man/ debian/mvnDebug.1 usr/share/maven/man/ ===================================== debian/maven.links ===================================== @@ -2,6 +2,9 @@ /etc/maven/m2.conf /usr/share/maven/bin/m2.conf +/usr/share/bash-completion/completions/mvn /usr/share/bash-completion/completions/mvnw +/usr/share/bash-completion/completions/mvn /usr/share/bash-completion/completions/mvnDebug + /usr/share/java/plexus-classworlds.jar /usr/share/maven/boot/plexus-classworlds-2.x.jar /usr/share/java/aopalliance.jar /usr/share/maven/lib/aopalliance.jar @@ -26,7 +29,7 @@ /usr/share/java/plexus-sec-dispatcher.jar /usr/share/maven/lib/plexus-sec-dispatcher.jar /usr/share/java/plexus-utils2.jar /usr/share/maven/lib/plexus-utils.jar /usr/share/java/guava.jar /usr/share/maven/lib/guava.jar -/usr/share/java/guice.jar /usr/share/maven/lib/guice.jar +/usr/share/java/guice-no-aop.jar /usr/share/maven/lib/guice-no-aop.jar /usr/share/java/sisu-inject.jar /usr/share/maven/lib/sisu-inject.jar /usr/share/java/sisu-plexus.jar /usr/share/maven/lib/sisu-plexus.jar /usr/share/java/slf4j-api.jar /usr/share/maven/lib/slf4j-api.jar ===================================== debian/maven.rules ===================================== @@ -1,14 +1,9 @@ junit junit jar s/4\..*/4.x/ * * s/easymock/org.easymock/ easymock * s/.*/debian/ * * -org.eclipse.sisu org.eclipse.sisu.plexus * s/.*/debian/ * * -s/org.eclipse.sisu/org.sonatype.plugins/ sisu-maven-plugin * s/.*/1.4/ * * - org.codehaus.plexus plexus-utils * s/.*/2.x/ * * org.codehaus.plexus plexus-component-metadata maven-plugin s/1.7.1/1.5.5/ * * org.apache.maven apache-maven pom s/.*/3.x/ * * org.apache.maven maven-parent pom s/33/debian/ * * org.apache.maven maven* * s/.*/3.x/ * * - -com.google.inject guice * s/.*/debian/ s/no_aop// * View it on GitLab: https://salsa.debian.org/java-team/maven/-/compare/53673f2b7ab3f47348c51ae35b20efd748f010aa...dac10ac1cbc2e71b711a1397ffa13ea893f80e4c -- View it on GitLab: https://salsa.debian.org/java-team/maven/-/compare/53673f2b7ab3f47348c51ae35b20efd748f010aa...dac10ac1cbc2e71b711a1397ffa13ea893f80e4c You're receiving this email because of your account on salsa.debian.org. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gitlab at salsa.debian.org Sat Mar 6 10:12:48 2021 From: gitlab at salsa.debian.org (Mechtilde Stehmann) Date: Sat, 06 Mar 2021 10:12:48 +0000 Subject: [Git][java-team/cactoos][debian/sid] 6 commits: New upstream version 0.49 Message-ID: <604355a0a6772_799ada469f813723eb@godard.mail> Mechtilde Stehmann pushed to branch debian/sid at Debian Java Maintainers / cactoos Commits: b0251333 by Mechtilde at 2021-03-06T10:33:35+01:00 New upstream version 0.49 - - - - - fcbad477 by Mechtilde at 2021-03-06T10:33:47+01:00 Update upstream source from tag 'upstream/0.49' Update to upstream version '0.49' with Debian dir 62e5bcd0575c65c385759ac7d9492f2718ca3036 - - - - - 8db39d71 by Mechtilde at 2021-03-06T10:50:50+01:00 Bumped years in d/copyright - - - - - 7f15cb7f by Mechtilde at 2021-03-06T10:52:23+01:00 Bumped standard version to recent 4.5.1 - - - - - 453169e2 by Mechtilde at 2021-03-06T10:54:14+01:00 Updated to new version in d/changelog - - - - - 78f36505 by Mechtilde at 2021-03-06T11:03:38+01:00 Prepared d/changelog for release 0.49-1 - - - - - 30 changed files: - debian/changelog - debian/control - debian/copyright - pom.xml - src/main/java/org/cactoos/BiProc.java - src/main/java/org/cactoos/Bytes.java - src/main/java/org/cactoos/func/FallbackFrom.java ? src/main/java/org/cactoos/Fallback.java - src/main/java/org/cactoos/io/BytesOf.java ? src/main/java/org/cactoos/bytes/BytesOf.java - src/main/java/org/cactoos/io/CheckedBytes.java ? src/main/java/org/cactoos/bytes/CheckedBytes.java - src/main/java/org/cactoos/io/DigestEnvelope.java ? src/main/java/org/cactoos/bytes/DigestEnvelope.java - src/main/java/org/cactoos/io/EmptyBytes.java ? src/main/java/org/cactoos/bytes/EmptyBytes.java - src/main/java/org/cactoos/io/InputAsBytes.java ? src/main/java/org/cactoos/bytes/InputAsBytes.java - src/main/java/org/cactoos/io/Md5DigestOf.java ? src/main/java/org/cactoos/bytes/Md5DigestOf.java - src/main/java/org/cactoos/io/ReaderAsBytes.java ? src/main/java/org/cactoos/bytes/ReaderAsBytes.java - src/main/java/org/cactoos/io/Sha1DigestOf.java ? src/main/java/org/cactoos/bytes/Sha1DigestOf.java - src/main/java/org/cactoos/io/Sha256DigestOf.java ? src/main/java/org/cactoos/bytes/Sha256DigestOf.java - src/main/java/org/cactoos/io/UncheckedBytes.java ? src/main/java/org/cactoos/bytes/UncheckedBytes.java - src/main/java/org/cactoos/func/BiFuncOf.java - + src/main/java/org/cactoos/func/Flattened.java - src/main/java/org/cactoos/func/FuncOf.java - src/main/java/org/cactoos/func/FuncWithFallback.java - src/main/java/org/cactoos/func/SyncFunc.java - src/main/java/org/cactoos/io/InputOf.java - src/main/java/org/cactoos/io/ResourceOf.java - src/main/java/org/cactoos/io/TempFolder.java - src/main/java/org/cactoos/io/Zip.java - src/main/java/org/cactoos/iterable/IterableOf.java - src/main/java/org/cactoos/iterable/IterableOfBytes.java - src/main/java/org/cactoos/iterable/IterableOfChars.java - src/main/java/org/cactoos/iterable/Joined.java The diff was not included because it is too large. View it on GitLab: https://salsa.debian.org/java-team/cactoos/-/compare/7e15904ab65b05edaedbc0f1dc41bca63704ec76...78f365055efdc7b32c4c20e71c0be731d36f8339 -- View it on GitLab: https://salsa.debian.org/java-team/cactoos/-/compare/7e15904ab65b05edaedbc0f1dc41bca63704ec76...78f365055efdc7b32c4c20e71c0be731d36f8339 You're receiving this email because of your account on salsa.debian.org. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gitlab at salsa.debian.org Sat Mar 6 10:12:50 2021 From: gitlab at salsa.debian.org (Mechtilde Stehmann) Date: Sat, 06 Mar 2021 10:12:50 +0000 Subject: [Git][java-team/cactoos][upstream] New upstream version 0.49 Message-ID: <604355a279df8_799a12414c9c137284e@godard.mail> Mechtilde Stehmann pushed to branch upstream at Debian Java Maintainers / cactoos Commits: b0251333 by Mechtilde at 2021-03-06T10:33:35+01:00 New upstream version 0.49 - - - - - 30 changed files: - pom.xml - src/main/java/org/cactoos/BiProc.java - src/main/java/org/cactoos/Bytes.java - src/main/java/org/cactoos/func/FallbackFrom.java ? src/main/java/org/cactoos/Fallback.java - src/main/java/org/cactoos/io/BytesOf.java ? src/main/java/org/cactoos/bytes/BytesOf.java - src/main/java/org/cactoos/io/CheckedBytes.java ? src/main/java/org/cactoos/bytes/CheckedBytes.java - src/main/java/org/cactoos/io/DigestEnvelope.java ? src/main/java/org/cactoos/bytes/DigestEnvelope.java - src/main/java/org/cactoos/io/EmptyBytes.java ? src/main/java/org/cactoos/bytes/EmptyBytes.java - src/main/java/org/cactoos/io/InputAsBytes.java ? src/main/java/org/cactoos/bytes/InputAsBytes.java - src/main/java/org/cactoos/io/Md5DigestOf.java ? src/main/java/org/cactoos/bytes/Md5DigestOf.java - src/main/java/org/cactoos/io/ReaderAsBytes.java ? src/main/java/org/cactoos/bytes/ReaderAsBytes.java - src/main/java/org/cactoos/io/Sha1DigestOf.java ? src/main/java/org/cactoos/bytes/Sha1DigestOf.java - src/main/java/org/cactoos/io/Sha256DigestOf.java ? src/main/java/org/cactoos/bytes/Sha256DigestOf.java - src/main/java/org/cactoos/io/UncheckedBytes.java ? src/main/java/org/cactoos/bytes/UncheckedBytes.java - src/main/java/org/cactoos/func/BiFuncOf.java - + src/main/java/org/cactoos/func/Flattened.java - src/main/java/org/cactoos/func/FuncOf.java - src/main/java/org/cactoos/func/FuncWithFallback.java - src/main/java/org/cactoos/func/SyncFunc.java - src/main/java/org/cactoos/io/InputOf.java - src/main/java/org/cactoos/io/ResourceOf.java - src/main/java/org/cactoos/io/TempFolder.java - src/main/java/org/cactoos/io/Zip.java - src/main/java/org/cactoos/iterable/IterableOf.java - src/main/java/org/cactoos/iterable/IterableOfBytes.java - src/main/java/org/cactoos/iterable/IterableOfChars.java - src/main/java/org/cactoos/iterable/Joined.java - src/main/java/org/cactoos/iterable/Matched.java - src/main/java/org/cactoos/iterable/Repeated.java - src/main/java/org/cactoos/iterable/Sticky.java The diff was not included because it is too large. View it on GitLab: https://salsa.debian.org/java-team/cactoos/-/commit/b0251333e1676e8733d55dddc083a2a09f30acc4 -- View it on GitLab: https://salsa.debian.org/java-team/cactoos/-/commit/b0251333e1676e8733d55dddc083a2a09f30acc4 You're receiving this email because of your account on salsa.debian.org. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gitlab at salsa.debian.org Sat Mar 6 10:12:50 2021 From: gitlab at salsa.debian.org (Mechtilde Stehmann) Date: Sat, 06 Mar 2021 10:12:50 +0000 Subject: [Git][java-team/cactoos][pristine-tar] pristine-tar data for cactoos_0.49.orig.tar.gz Message-ID: <604355a265fcf_799a13f9886013726f3@godard.mail> Mechtilde Stehmann pushed to branch pristine-tar at Debian Java Maintainers / cactoos Commits: 49d55495 by Mechtilde at 2021-03-06T10:33:37+01:00 pristine-tar data for cactoos_0.49.orig.tar.gz - - - - - 2 changed files: - + cactoos_0.49.orig.tar.gz.delta - + cactoos_0.49.orig.tar.gz.id Changes: ===================================== cactoos_0.49.orig.tar.gz.delta ===================================== Binary files /dev/null and b/cactoos_0.49.orig.tar.gz.delta differ ===================================== cactoos_0.49.orig.tar.gz.id ===================================== @@ -0,0 +1 @@ +e3fd0402e04cca51f1b1c365f27df3dcec14dc0f View it on GitLab: https://salsa.debian.org/java-team/cactoos/-/commit/49d55495d71467a8e792c2419bb51eb2f24f7bb5 -- View it on GitLab: https://salsa.debian.org/java-team/cactoos/-/commit/49d55495d71467a8e792c2419bb51eb2f24f7bb5 You're receiving this email because of your account on salsa.debian.org. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gitlab at salsa.debian.org Sat Mar 6 10:13:16 2021 From: gitlab at salsa.debian.org (Mechtilde Stehmann) Date: Sat, 06 Mar 2021 10:13:16 +0000 Subject: [Git][java-team/cactoos] Pushed new tag debian/0.49-1 Message-ID: <604355bc9a931_799ada469f8137342f@godard.mail> Mechtilde Stehmann pushed new tag debian/0.49-1 at Debian Java Maintainers / cactoos -- View it on GitLab: https://salsa.debian.org/java-team/cactoos/-/tree/debian/0.49-1 You're receiving this email because of your account on salsa.debian.org. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gitlab at salsa.debian.org Sat Mar 6 10:13:16 2021 From: gitlab at salsa.debian.org (Mechtilde Stehmann) Date: Sat, 06 Mar 2021 10:13:16 +0000 Subject: [Git][java-team/cactoos] Pushed new tag upstream/0.49 Message-ID: <604355bcc1ff6_799a12414c9c1373683@godard.mail> Mechtilde Stehmann pushed new tag upstream/0.49 at Debian Java Maintainers / cactoos -- View it on GitLab: https://salsa.debian.org/java-team/cactoos/-/tree/upstream/0.49 You're receiving this email because of your account on salsa.debian.org. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gitlab at salsa.debian.org Mon Mar 8 07:53:43 2021 From: gitlab at salsa.debian.org (Markus Koschany) Date: Mon, 08 Mar 2021 07:53:43 +0000 Subject: [Git][java-team/activemq] Pushed new tag debian/5.14.3-3+deb9u2 Message-ID: <6045d8076593_1b452f8a01246bf@godard.mail> Markus Koschany pushed new tag debian/5.14.3-3+deb9u2 at Debian Java Maintainers / activemq -- View it on GitLab: https://salsa.debian.org/java-team/activemq/-/tree/debian/5.14.3-3+deb9u2 You're receiving this email because of your account on salsa.debian.org. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gitlab at salsa.debian.org Mon Mar 8 07:53:43 2021 From: gitlab at salsa.debian.org (Markus Koschany) Date: Mon, 08 Mar 2021 07:53:43 +0000 Subject: [Git][java-team/activemq][stretch] Import Debian changes 5.14.3-3+deb9u2 Message-ID: <6045d8072cd7c_1b452f8b4124763@godard.mail> Markus Koschany pushed to branch stretch at Debian Java Maintainers / activemq Commits: 3985e0c5 by Abhijith PA at 2021-03-08T08:53:29+01:00 Import Debian changes 5.14.3-3+deb9u2 activemq (5.14.3-3+deb9u2) stretch-security; urgency=medium .. * Non-maintainer upload by the LTS Security Team. * Fix - CVE-2017-15709: information leak. - CVE-2018-11775: add TLS hostname verification and enable by default. - CVE-2021-26117: anonymous access context is used to verify a valid users password in error. - CVE-2019-0222: unmarshalling corrupt MQTT frame can lead to broker Out of Memory exception making it unresponsive. - - - - - 5 changed files: - debian/changelog - + debian/patches/CVE-2017-15709.patch - + debian/patches/CVE-2018-11775.patch - + debian/patches/CVE-2021-26117.patch - debian/patches/series Changes: ===================================== debian/changelog ===================================== @@ -1,3 +1,17 @@ +activemq (5.14.3-3+deb9u2) stretch-security; urgency=medium + + * Non-maintainer upload by the LTS Security Team. + * Fix + - CVE-2017-15709: information leak. + - CVE-2018-11775: add TLS hostname verification and enable by + default. + - CVE-2021-26117: anonymous access context is used to verify a + valid users password in error. + - CVE-2019-0222: unmarshalling corrupt MQTT frame can lead to + broker Out of Memory exception making it unresponsive. + + -- Abhijith PA Wed, 03 Mar 2021 21:48:29 +0530 + activemq (5.14.3-3+deb9u1) stretch-security; urgency=high * Team upload. ===================================== debian/patches/CVE-2017-15709.patch ===================================== @@ -0,0 +1,200 @@ +From: Debian Java Maintainers +Date: Tue, 2 Mar 2021 14:44:58 +0000 +Subject: CVE-2017-15709 + + Information leak. + +Author: Abhijith PA +Origin: https://github.com/apache/activemq/commit/d2e49be3a8f21d862726c1f6bc9e1caa6ee8b581 +Last-Update: 2021-02-24 +--- + .../activemq/ActiveMQConnectionMetaData.java | 1 + + .../activemq/openwire/OpenWireFormatFactory.java | 15 ++- + .../openwire/WireFormatInfoPropertiesTest.java | 101 +++++++++++---------- + 3 files changed, 68 insertions(+), 49 deletions(-) + +diff --git a/activemq-client/src/main/java/org/apache/activemq/ActiveMQConnectionMetaData.java b/activemq-client/src/main/java/org/apache/activemq/ActiveMQConnectionMetaData.java +index ff6c38f..2c4ee2b 100755 +--- a/activemq-client/src/main/java/org/apache/activemq/ActiveMQConnectionMetaData.java ++++ b/activemq-client/src/main/java/org/apache/activemq/ActiveMQConnectionMetaData.java +@@ -34,6 +34,7 @@ public final class ActiveMQConnectionMetaData implements ConnectionMetaData { + public static final int PROVIDER_MINOR_VERSION; + public static final String PROVIDER_NAME = "ActiveMQ"; + public static final String PLATFORM_DETAILS; ++ public static final String DEFAULT_PLATFORM_DETAILS = "Java"; + + public static final ActiveMQConnectionMetaData INSTANCE = new ActiveMQConnectionMetaData(); + +diff --git a/activemq-client/src/main/java/org/apache/activemq/openwire/OpenWireFormatFactory.java b/activemq-client/src/main/java/org/apache/activemq/openwire/OpenWireFormatFactory.java +index ba6d643..83bd47a 100755 +--- a/activemq-client/src/main/java/org/apache/activemq/openwire/OpenWireFormatFactory.java ++++ b/activemq-client/src/main/java/org/apache/activemq/openwire/OpenWireFormatFactory.java +@@ -44,8 +44,10 @@ public class OpenWireFormatFactory implements WireFormatFactory { + private String host=null; + private String providerName = ActiveMQConnectionMetaData.PROVIDER_NAME; + private String providerVersion = ActiveMQConnectionMetaData.PROVIDER_VERSION; +- private String platformDetails = ActiveMQConnectionMetaData.PLATFORM_DETAILS; ++ private String platformDetails = ActiveMQConnectionMetaData.DEFAULT_PLATFORM_DETAILS; ++ private boolean includePlatformDetails = false; + ++ @Override + public WireFormat createWireFormat() { + WireFormatInfo info = new WireFormatInfo(); + info.setVersion(version); +@@ -65,6 +67,9 @@ public class OpenWireFormatFactory implements WireFormatFactory { + } + info.setProviderName(providerName); + info.setProviderVersion(providerVersion); ++ if (includePlatformDetails) { ++ platformDetails = ActiveMQConnectionMetaData.PLATFORM_DETAILS; ++ } + info.setPlatformDetails(platformDetails); + } catch (Exception e) { + IllegalStateException ise = new IllegalStateException("Could not configure WireFormatInfo"); +@@ -190,4 +195,12 @@ public class OpenWireFormatFactory implements WireFormatFactory { + public void setPlatformDetails(String platformDetails) { + this.platformDetails = platformDetails; + } ++ ++ public boolean isIncludePlatformDetails() { ++ return includePlatformDetails; ++ } ++ ++ public void setIncludePlatformDetails(boolean includePlatformDetails) { ++ this.includePlatformDetails = includePlatformDetails; ++ } + } +diff --git a/activemq-unit-tests/src/test/java/org/apache/activemq/openwire/WireFormatInfoPropertiesTest.java b/activemq-unit-tests/src/test/java/org/apache/activemq/openwire/WireFormatInfoPropertiesTest.java +index 5c0608d..2eedd65 100644 +--- a/activemq-unit-tests/src/test/java/org/apache/activemq/openwire/WireFormatInfoPropertiesTest.java ++++ b/activemq-unit-tests/src/test/java/org/apache/activemq/openwire/WireFormatInfoPropertiesTest.java +@@ -25,7 +25,6 @@ import java.io.DataInputStream; + import java.io.DataOutputStream; + import java.io.IOException; + import java.net.URI; +-import java.util.concurrent.atomic.AtomicReference; + + import org.apache.activemq.ActiveMQConnection; + import org.apache.activemq.ActiveMQConnectionFactory; +@@ -33,7 +32,8 @@ import org.apache.activemq.ActiveMQConnectionMetaData; + import org.apache.activemq.broker.BrokerService; + import org.apache.activemq.broker.TransportConnector; + import org.apache.activemq.command.WireFormatInfo; +-import org.apache.activemq.transport.DefaultTransportListener; ++import org.junit.After; ++import org.junit.Before; + import org.junit.Test; + import org.slf4j.Logger; + import org.slf4j.LoggerFactory; +@@ -42,36 +42,60 @@ public class WireFormatInfoPropertiesTest { + + static final Logger LOG = LoggerFactory.getLogger(WireFormatInfoPropertiesTest.class); + +- protected BrokerService master; +- protected String brokerUri; ++ private BrokerService service; ++ private String brokerUri; ++ private TransportConnector connector; ++ ++ @Before ++ public void before() throws Exception { ++ service = new BrokerService(); ++ connector = service.addConnector("tcp://localhost:0"); ++ brokerUri = connector.getPublishableConnectString(); ++ service.setPersistent(false); ++ service.setUseJmx(false); ++ service.setBrokerName("Master"); ++ service.start(); ++ service.waitUntilStarted(); ++ } ++ ++ @After ++ public void after() throws Exception { ++ if (service != null) { ++ service.stop(); ++ service.waitUntilStopped(); ++ } ++ } + + @Test +- public void testClientProperties() throws Exception{ +- BrokerService service = createBrokerService(); +- try { +- ActiveMQConnectionFactory factory = new ActiveMQConnectionFactory(new URI(brokerUri)); +- ActiveMQConnection conn = (ActiveMQConnection)factory.createConnection(); +- final AtomicReference clientWf = new AtomicReference(); +- conn.addTransportListener(new DefaultTransportListener() { +- @Override +- public void onCommand(Object command) { +- if (command instanceof WireFormatInfo) { +- clientWf.set((WireFormatInfo)command); +- } +- } +- }); +- conn.start(); +- if (clientWf.get() == null) { +- fail("Wire format info is null"); +- } +- assertTrue(clientWf.get().getProperties().containsKey("ProviderName")); +- assertTrue(clientWf.get().getProperties().containsKey("ProviderVersion")); +- assertTrue(clientWf.get().getProperties().containsKey("PlatformDetails")); +- assertTrue(clientWf.get().getProviderName().equals(ActiveMQConnectionMetaData.PROVIDER_NAME)); +- assertTrue(clientWf.get().getPlatformDetails().equals(ActiveMQConnectionMetaData.PLATFORM_DETAILS)); +- } finally { +- stopBroker(service); ++ public void testClientPropertiesWithDefaultPlatformDetails() throws Exception{ ++ WireFormatInfo clientWf = testClientProperties(brokerUri); ++ assertTrue(clientWf.getPlatformDetails().equals(ActiveMQConnectionMetaData.DEFAULT_PLATFORM_DETAILS)); ++ } ++ ++ @Test ++ public void testClientPropertiesWithPlatformDetails() throws Exception{ ++ WireFormatInfo clientWf = testClientProperties(brokerUri + "?wireFormat.includePlatformDetails=true"); ++ assertTrue(clientWf.getPlatformDetails().equals(ActiveMQConnectionMetaData.PLATFORM_DETAILS)); ++ } ++ ++ private WireFormatInfo testClientProperties(String brokerUri) throws Exception { ++ ActiveMQConnectionFactory factory = new ActiveMQConnectionFactory(new URI(brokerUri)); ++ ActiveMQConnection conn = (ActiveMQConnection)factory.createConnection(); ++ conn.start(); ++ ++ assertTrue(connector.getConnections().size() == 1); ++ final WireFormatInfo clientWf = connector.getConnections().get(0).getRemoteWireFormatInfo(); ++ if (clientWf == null) { ++ fail("Wire format info is null"); + } ++ ++ //verify properties that the client sends to the broker ++ assertTrue(clientWf.getProperties().containsKey("ProviderName")); ++ assertTrue(clientWf.getProperties().containsKey("ProviderVersion")); ++ assertTrue(clientWf.getProperties().containsKey("PlatformDetails")); ++ assertTrue(clientWf.getProviderName().equals(ActiveMQConnectionMetaData.PROVIDER_NAME)); ++ ++ return clientWf; + } + + @Test +@@ -100,23 +124,4 @@ public class WireFormatInfoPropertiesTest { + assertTrue(result.getPlatformDetails().equals(orig.getPlatformDetails())); + } + +- private BrokerService createBrokerService() throws Exception { +- BrokerService service = new BrokerService(); +- TransportConnector connector = service.addConnector("tcp://localhost:0"); +- brokerUri = connector.getPublishableConnectString(); +- service.setPersistent(false); +- service.setUseJmx(false); +- service.setBrokerName("Master"); +- service.start(); +- service.waitUntilStarted(); +- return service; +- } +- +- private void stopBroker(BrokerService service) throws Exception { +- if (service != null) { +- service.stop(); +- service.waitUntilStopped(); +- } +- } +- + } ===================================== debian/patches/CVE-2018-11775.patch ===================================== @@ -0,0 +1,410 @@ +From: Debian Java Maintainers +Date: Tue, 2 Mar 2021 15:54:28 +0100 +Subject: CVE-2018-11775 + +TLS hostname verification +Origin: https://git-wip-us.apache.org/repos/asf?p=activemq.git;a=commit;h=bde7097fb8173cf871827df7811b3865679b963d + https://git-wip-us.apache.org/repos/asf?p=activemq.git;a=commit;h=02971a40e281713a8397d3a1809c164b594abfbb +Last-Update: 2021-02-24 +--- + .../activemq/transport/amqp/AmqpTestSupport.java | 6 ++-- + .../transport/nio/AutoInitNioSSLTransport.java | 7 ++++ + .../activemq/transport/nio/NIOSSLTransport.java | 16 +++++++++ + .../activemq/transport/tcp/SslTransport.java | 41 ++++++++++++++++++++++ + .../activemq/transport/tcp/SslTransportServer.java | 2 ++ + .../activemq/transport/tcp/TcpTransport.java | 3 +- + .../activemq/transport/tcp/TcpTransportServer.java | 15 ++++++++ + .../activemq/transport/stomp/StompSslAuthTest.java | 6 ++-- + .../auto/AutoTransportConnectionsTest.java | 3 ++ + .../activemq/transport/nio/NIOSSLBasicTest.java | 28 +++++++++++---- + .../activemq/transport/nio/NIOSSLLoadTest.java | 3 +- + 11 files changed, 116 insertions(+), 14 deletions(-) + +diff --git a/activemq-amqp/src/test/java/org/apache/activemq/transport/amqp/AmqpTestSupport.java b/activemq-amqp/src/test/java/org/apache/activemq/transport/amqp/AmqpTestSupport.java +index fd4accb..d7ce2ed 100644 +--- a/activemq-amqp/src/test/java/org/apache/activemq/transport/amqp/AmqpTestSupport.java ++++ b/activemq-amqp/src/test/java/org/apache/activemq/transport/amqp/AmqpTestSupport.java +@@ -189,7 +189,7 @@ public class AmqpTestSupport { + } + if (isUseSslConnector()) { + connector = brokerService.addConnector( +- "amqp+ssl://0.0.0.0:" + amqpSslPort + "?transport.transformer=" + getAmqpTransformer() + getAdditionalConfig()); ++ "amqp+ssl://0.0.0.0:" + amqpSslPort + "?transport.tcpNoDelay=true&transport.transformer=" + getAmqpTransformer() + getAdditionalConfig()); + amqpSslPort = connector.getConnectUri().getPort(); + amqpSslURI = connector.getPublishableConnectURI(); + LOG.debug("Using amqp+ssl port " + amqpSslPort); +@@ -203,7 +203,7 @@ public class AmqpTestSupport { + } + if (isUseNioPlusSslConnector()) { + connector = brokerService.addConnector( +- "amqp+nio+ssl://0.0.0.0:" + amqpNioPlusSslPort + "?transport.transformer=" + getAmqpTransformer() + getAdditionalConfig()); ++ "amqp+nio+ssl://0.0.0.0:" + amqpNioPlusSslPort + "?transport.tcpNoDelay=true&transport.transformer=" + getAmqpTransformer() + getAdditionalConfig()); + amqpNioPlusSslPort = connector.getConnectUri().getPort(); + amqpNioPlusSslURI = connector.getPublishableConnectURI(); + LOG.debug("Using amqp+nio+ssl port " + amqpNioPlusSslPort); +@@ -469,4 +469,4 @@ public class AmqpTestSupport { + .newProxyInstance(queueViewMBeanName, TopicViewMBean.class, true); + return proxy; + } +-} +\ No newline at end of file ++} +diff --git a/activemq-broker/src/main/java/org/apache/activemq/transport/nio/AutoInitNioSSLTransport.java b/activemq-broker/src/main/java/org/apache/activemq/transport/nio/AutoInitNioSSLTransport.java +index 449c7ae..9301b65 100644 +--- a/activemq-broker/src/main/java/org/apache/activemq/transport/nio/AutoInitNioSSLTransport.java ++++ b/activemq-broker/src/main/java/org/apache/activemq/transport/nio/AutoInitNioSSLTransport.java +@@ -30,6 +30,7 @@ import javax.net.SocketFactory; + import javax.net.ssl.SSLContext; + import javax.net.ssl.SSLEngine; + import javax.net.ssl.SSLEngineResult; ++import javax.net.ssl.SSLParameters; + + import org.apache.activemq.thread.TaskRunnerFactory; + import org.apache.activemq.util.IOExceptionSupport; +@@ -89,6 +90,12 @@ public class AutoInitNioSSLTransport extends NIOSSLTransport { + sslEngine = sslContext.createSSLEngine(); + } + ++ if (verifyHostName) { ++ SSLParameters sslParams = new SSLParameters(); ++ sslParams.setEndpointIdentificationAlgorithm("HTTPS"); ++ sslEngine.setSSLParameters(sslParams); ++ } ++ + sslEngine.setUseClientMode(false); + if (enabledCipherSuites != null) { + sslEngine.setEnabledCipherSuites(enabledCipherSuites); +diff --git a/activemq-client/src/main/java/org/apache/activemq/transport/nio/NIOSSLTransport.java b/activemq-client/src/main/java/org/apache/activemq/transport/nio/NIOSSLTransport.java +index 64e96be..9d64101 100644 +--- a/activemq-client/src/main/java/org/apache/activemq/transport/nio/NIOSSLTransport.java ++++ b/activemq-client/src/main/java/org/apache/activemq/transport/nio/NIOSSLTransport.java +@@ -35,6 +35,7 @@ import javax.net.SocketFactory; + import javax.net.ssl.SSLContext; + import javax.net.ssl.SSLEngine; + import javax.net.ssl.SSLEngineResult; ++import javax.net.ssl.SSLParameters; + import javax.net.ssl.SSLEngineResult.HandshakeStatus; + import javax.net.ssl.SSLPeerUnverifiedException; + import javax.net.ssl.SSLSession; +@@ -56,6 +57,7 @@ public class NIOSSLTransport extends NIOTransport { + protected boolean wantClientAuth; + protected String[] enabledCipherSuites; + protected String[] enabledProtocols; ++ protected boolean verifyHostName = false; + + protected SSLContext sslContext; + protected SSLEngine sslEngine; +@@ -119,6 +121,12 @@ public class NIOSSLTransport extends NIOTransport { + sslEngine = sslContext.createSSLEngine(); + } + ++ if (verifyHostName) { ++ SSLParameters sslParams = new SSLParameters(); ++ sslParams.setEndpointIdentificationAlgorithm("HTTPS"); ++ sslEngine.setSSLParameters(sslParams); ++ } ++ + sslEngine.setUseClientMode(false); + if (enabledCipherSuites != null) { + sslEngine.setEnabledCipherSuites(enabledCipherSuites); +@@ -543,4 +551,12 @@ public class NIOSSLTransport extends NIOTransport { + public void setEnabledProtocols(String[] enabledProtocols) { + this.enabledProtocols = enabledProtocols; + } ++ ++ public boolean isVerifyHostName() { ++ return verifyHostName; ++ } ++ ++ public void setVerifyHostName(boolean verifyHostName) { ++ this.verifyHostName = verifyHostName; ++ } + } +diff --git a/activemq-client/src/main/java/org/apache/activemq/transport/tcp/SslTransport.java b/activemq-client/src/main/java/org/apache/activemq/transport/tcp/SslTransport.java +index 0c2fab9..0754f76 100644 +--- a/activemq-client/src/main/java/org/apache/activemq/transport/tcp/SslTransport.java ++++ b/activemq-client/src/main/java/org/apache/activemq/transport/tcp/SslTransport.java +@@ -17,11 +17,14 @@ + package org.apache.activemq.transport.tcp; + + import java.io.IOException; ++import java.net.Socket; ++import java.net.SocketException; + import java.net.URI; + import java.net.UnknownHostException; + import java.security.cert.X509Certificate; + import java.util.HashMap; + ++import javax.net.ssl.SSLParameters; + import javax.net.ssl.SSLPeerUnverifiedException; + import javax.net.ssl.SSLSession; + import javax.net.ssl.SSLSocket; +@@ -43,6 +46,8 @@ import org.apache.activemq.wireformat.WireFormat; + */ + public class SslTransport extends TcpTransport { + ++ private Boolean verifyHostName = null; ++ + /** + * Connect to a remote node such as a Broker. + * +@@ -73,6 +78,38 @@ public class SslTransport extends TcpTransport { + } + } + ++ @Override ++ protected void initialiseSocket(Socket sock) throws SocketException, IllegalArgumentException { ++ //This needs to default to null because this transport class is used for both a server transport ++ //and a client connection and if we default it to a value it might override the transport server setting ++ //that was configured inside TcpTransportServer ++ ++ //The idea here is that if this is a server transport then verifyHostName will be set by the setter ++ //below and not be null (if using transport.verifyHostName) but if a client uses socket.verifyHostName ++ //then it will be null and we can check socketOptions ++ ++ //Unfortunately we have to do this to stay consistent because every other SSL option on the client ++ //side is configured using socket. but this particular option isn't actually part of the socket ++ //so it makes it tricky ++ if (verifyHostName == null) { ++ if (socketOptions != null && socketOptions.containsKey("verifyHostName")) { ++ verifyHostName = Boolean.parseBoolean(socketOptions.get("verifyHostName").toString()); ++ socketOptions.remove("verifyHostName"); ++ } else { ++ //If null and not set then this is a client so default to true ++ verifyHostName = true; ++ } ++ } ++ ++ if (verifyHostName) { ++ SSLParameters sslParams = new SSLParameters(); ++ sslParams.setEndpointIdentificationAlgorithm("HTTPS"); ++ ((SSLSocket)this.socket).setSSLParameters(sslParams); ++ } ++ ++ super.initialiseSocket(sock); ++ } ++ + /** + * Initialize from a ServerSocket. No access to needClientAuth is given + * since it is already set within the provided socket. +@@ -108,6 +145,10 @@ public class SslTransport extends TcpTransport { + super.doConsume(command); + } + ++ public void setVerifyHostName(Boolean verifyHostName) { ++ this.verifyHostName = verifyHostName; ++ } ++ + /** + * @return peer certificate chain associated with the ssl socket + */ +diff --git a/activemq-client/src/main/java/org/apache/activemq/transport/tcp/SslTransportServer.java b/activemq-client/src/main/java/org/apache/activemq/transport/tcp/SslTransportServer.java +index bfd6318..5106e4f 100644 +--- a/activemq-client/src/main/java/org/apache/activemq/transport/tcp/SslTransportServer.java ++++ b/activemq-client/src/main/java/org/apache/activemq/transport/tcp/SslTransportServer.java +@@ -100,6 +100,7 @@ public class SslTransportServer extends TcpTransportServer { + * + * @throws IOException passed up from TcpTransportServer. + */ ++ @Override + public void bind() throws IOException { + super.bind(); + if (needClientAuth) { +@@ -119,6 +120,7 @@ public class SslTransportServer extends TcpTransportServer { + * @return The newly return (SSL) Transport. + * @throws IOException + */ ++ @Override + protected Transport createTransport(Socket socket, WireFormat format) throws IOException { + return new SslTransport(format, (SSLSocket)socket); + } +diff --git a/activemq-client/src/main/java/org/apache/activemq/transport/tcp/TcpTransport.java b/activemq-client/src/main/java/org/apache/activemq/transport/tcp/TcpTransport.java +index 04d1636..e85cbaf 100755 +--- a/activemq-client/src/main/java/org/apache/activemq/transport/tcp/TcpTransport.java ++++ b/activemq-client/src/main/java/org/apache/activemq/transport/tcp/TcpTransport.java +@@ -133,7 +133,7 @@ public class TcpTransport extends TransportThreadSupport implements Transport, S + protected final AtomicReference stoppedLatch = new AtomicReference(); + protected volatile int receiveCounter; + +- private Map socketOptions; ++ protected Map socketOptions; + private int soLinger = Integer.MIN_VALUE; + private Boolean keepAlive; + private Boolean tcpNoDelay; +@@ -751,6 +751,7 @@ public class TcpTransport extends TransportThreadSupport implements Transport, S + return true; + } + ++ @Override + public WireFormat getWireFormat() { + return wireFormat; + } +diff --git a/activemq-client/src/main/java/org/apache/activemq/transport/tcp/TcpTransportServer.java b/activemq-client/src/main/java/org/apache/activemq/transport/tcp/TcpTransportServer.java +index 5d623b6..6060683 100755 +--- a/activemq-client/src/main/java/org/apache/activemq/transport/tcp/TcpTransportServer.java ++++ b/activemq-client/src/main/java/org/apache/activemq/transport/tcp/TcpTransportServer.java +@@ -40,6 +40,7 @@ import java.util.concurrent.TimeUnit; + import java.util.concurrent.atomic.AtomicInteger; + + import javax.net.ServerSocketFactory; ++import javax.net.ssl.SSLParameters; + import javax.net.ssl.SSLServerSocket; + + import org.apache.activemq.Service; +@@ -79,6 +80,7 @@ public class TcpTransportServer extends TransportServerThreadSupport implements + protected int minmumWireFormatVersion; + protected boolean useQueueForAccept = true; + protected boolean allowLinkStealing; ++ protected boolean verifyHostName = false; + + /** + * trace=true -> the Transport stack where this TcpTransport object will be, will have a TransportLogger layer +@@ -171,6 +173,19 @@ public class TcpTransportServer extends TransportServerThreadSupport implements + // see: https://issues.apache.org/jira/browse/AMQ-4582 + // + if (socket instanceof SSLServerSocket) { ++ if (transportOptions.containsKey("verifyHostName")) { ++ verifyHostName = Boolean.parseBoolean(transportOptions.get("verifyHostName").toString()); ++ } else { ++ transportOptions.put("verifyHostName", verifyHostName); ++ } ++ ++ if (verifyHostName) { ++ SSLParameters sslParams = new SSLParameters(); ++ sslParams.setEndpointIdentificationAlgorithm("HTTPS"); ++ ((SSLServerSocket)this.serverSocket).setSSLParameters(sslParams); ++ } ++ ++ + if (transportOptions.containsKey("enabledCipherSuites")) { + Object cipherSuites = transportOptions.remove("enabledCipherSuites"); + +diff --git a/activemq-stomp/src/test/java/org/apache/activemq/transport/stomp/StompSslAuthTest.java b/activemq-stomp/src/test/java/org/apache/activemq/transport/stomp/StompSslAuthTest.java +index 9b4d1c4..03c24c4 100644 +--- a/activemq-stomp/src/test/java/org/apache/activemq/transport/stomp/StompSslAuthTest.java ++++ b/activemq-stomp/src/test/java/org/apache/activemq/transport/stomp/StompSslAuthTest.java +@@ -54,13 +54,13 @@ public class StompSslAuthTest extends StompTest { + + @Override + public void addOpenWireConnector() throws Exception { +- TransportConnector connector = brokerService.addConnector("ssl://0.0.0.0:0?needClientAuth=true"); +- cf = new ActiveMQConnectionFactory(connector.getPublishableConnectString()); ++ TransportConnector connector = brokerService.addConnector("ssl://0.0.0.0:0?transport.needClientAuth=true"); ++ cf = new ActiveMQConnectionFactory(connector.getPublishableConnectString() + "?socket.verifyHostName=false"); + } + + @Override + protected String getAdditionalConfig() { +- return "?needClientAuth=true"; ++ return "?needClientAuth=true&transport.verifyHostName=false"; + } + + // NOOP - These operations handled by jaas cert login module +diff --git a/activemq-unit-tests/src/test/java/org/apache/activemq/transport/auto/AutoTransportConnectionsTest.java b/activemq-unit-tests/src/test/java/org/apache/activemq/transport/auto/AutoTransportConnectionsTest.java +index 5bfbe72..e100b6c 100644 +--- a/activemq-unit-tests/src/test/java/org/apache/activemq/transport/auto/AutoTransportConnectionsTest.java ++++ b/activemq-unit-tests/src/test/java/org/apache/activemq/transport/auto/AutoTransportConnectionsTest.java +@@ -105,6 +105,9 @@ public class AutoTransportConnectionsTest { + public void configureConnectorAndStart(String bindAddress) throws Exception { + connector = service.addConnector(bindAddress); + connectionUri = connector.getPublishableConnectString(); ++ if (connectionUri.contains("ssl")) { ++ connectionUri += connectionUri.contains("?") ? "&socket.verifyHostName=false" : "?socket.verifyHostName=false"; ++ } + service.start(); + service.waitUntilStarted(); + } +diff --git a/activemq-unit-tests/src/test/java/org/apache/activemq/transport/nio/NIOSSLBasicTest.java b/activemq-unit-tests/src/test/java/org/apache/activemq/transport/nio/NIOSSLBasicTest.java +index 473d785..6444d2c 100644 +--- a/activemq-unit-tests/src/test/java/org/apache/activemq/transport/nio/NIOSSLBasicTest.java ++++ b/activemq-unit-tests/src/test/java/org/apache/activemq/transport/nio/NIOSSLBasicTest.java +@@ -17,14 +17,14 @@ + package org.apache.activemq.transport.nio; + + import javax.jms.Connection; ++import javax.jms.JMSException; + import javax.jms.Message; + import javax.jms.MessageConsumer; + import javax.jms.MessageProducer; + import javax.jms.Queue; + import javax.jms.Session; + import javax.jms.TextMessage; +- +-import junit.framework.TestCase; ++import javax.net.ssl.SSLHandshakeException; + + import org.apache.activemq.ActiveMQConnectionFactory; + import org.apache.activemq.broker.BrokerService; +@@ -33,6 +33,8 @@ import org.junit.After; + import org.junit.Before; + import org.junit.Test; + ++import junit.framework.TestCase; ++ + public class NIOSSLBasicTest { + + public static final String KEYSTORE_TYPE = "jks"; +@@ -79,24 +81,38 @@ public class NIOSSLBasicTest { + @Test + public void basicConnector() throws Exception { + BrokerService broker = createBroker("nio+ssl", getTransportType() + "://localhost:0?transport.needClientAuth=true"); +- basicSendReceive("ssl://localhost:" + broker.getConnectorByName("nio+ssl").getConnectUri().getPort()); ++ basicSendReceive("ssl://localhost:" + broker.getConnectorByName("nio+ssl").getConnectUri().getPort() + "?socket.verifyHostName=false"); + stopBroker(broker); + } + + @Test + public void enabledCipherSuites() throws Exception { +- BrokerService broker = createBroker("nio+ssl", getTransportType() + "://localhost:0?transport.needClientAuth=true&transport.enabledCipherSuites=SSL_RSA_WITH_RC4_128_SHA,SSL_DH_anon_WITH_3DES_EDE_CBC_SHA"); +- basicSendReceive("ssl://localhost:" + broker.getConnectorByName("nio+ssl").getConnectUri().getPort()); ++ BrokerService broker = createBroker("nio+ssl", getTransportType() + "://localhost:0?transport.needClientAuth=true&transport.verifyHostName=false&transport.enabledCipherSuites=TLS_RSA_WITH_AES_256_CBC_SHA256"); ++ basicSendReceive("ssl://localhost:" + broker.getConnectorByName("nio+ssl").getConnectUri().getPort() + "?socket.verifyHostName=false"); + stopBroker(broker); + } + + @Test + public void enabledProtocols() throws Exception { + BrokerService broker = createBroker("nio+ssl", getTransportType() + "://localhost:61616?transport.needClientAuth=true&transport.enabledProtocols=TLSv1,TLSv1.1,TLSv1.2"); +- basicSendReceive("ssl://localhost:" + broker.getConnectorByName("nio+ssl").getConnectUri().getPort()); ++ basicSendReceive("ssl://localhost:" + broker.getConnectorByName("nio+ssl").getConnectUri().getPort() + "?socket.verifyHostName=false"); + stopBroker(broker); + } + ++ //Client is missing verifyHostName=false so it should fail as cert doesn't have right host name ++ @Test(expected = Exception.class) ++ public void verifyHostNameErrorClient() throws Exception { ++ BrokerService broker = null; ++ try { ++ broker = createBroker("nio+ssl", getTransportType() + "://localhost:61616?transport.needClientAuth=true"); ++ basicSendReceive("ssl://localhost:" + broker.getConnectorByName("nio+ssl").getConnectUri().getPort()); ++ } finally { ++ if (broker != null) { ++ stopBroker(broker); ++ } ++ } ++ } ++ + public void basicSendReceive(String uri) throws Exception { + ActiveMQConnectionFactory factory = new ActiveMQConnectionFactory(uri); + Connection connection = factory.createConnection(); +diff --git a/activemq-unit-tests/src/test/java/org/apache/activemq/transport/nio/NIOSSLLoadTest.java b/activemq-unit-tests/src/test/java/org/apache/activemq/transport/nio/NIOSSLLoadTest.java +index 4751c9f..0e50f44 100644 +--- a/activemq-unit-tests/src/test/java/org/apache/activemq/transport/nio/NIOSSLLoadTest.java ++++ b/activemq-unit-tests/src/test/java/org/apache/activemq/transport/nio/NIOSSLLoadTest.java +@@ -74,7 +74,7 @@ public class NIOSSLLoadTest { + broker = new BrokerService(); + broker.setPersistent(false); + broker.setUseJmx(false); +- connector = broker.addConnector("nio+ssl://localhost:0?transport.needClientAuth=true&transport.enabledCipherSuites=SSL_RSA_WITH_RC4_128_SHA,SSL_DH_anon_WITH_3DES_EDE_CBC_SHA"); ++ connector = broker.addConnector("nio+ssl://localhost:0?transport.needClientAuth=true&transport.enabledCipherSuites=TLS_RSA_WITH_AES_256_CBC_SHA256"); + broker.start(); + broker.waitUntilStarted(); + +@@ -113,6 +113,7 @@ public class NIOSSLLoadTest { + } + + Wait.waitFor(new Wait.Condition() { ++ @Override + public boolean isSatisified() throws Exception { + return getReceived() == PRODUCER_COUNT * MESSAGE_COUNT; + } ===================================== debian/patches/CVE-2021-26117.patch ===================================== @@ -0,0 +1,172 @@ +From: Debian Java Maintainers +Date: Tue, 2 Mar 2021 16:40:36 +0100 +Subject: CVE-2021-26117 + + no check on the password + +Author: Abhijith PA +Origin: https://github.com/apache/activemq/commit/c9f68f4c64b2687eee283b95538753665d2b229b/ +Last-Update: 2021-02-25 +--- + .../org/apache/activemq/jaas/LDAPLoginModule.java | 3 +- + .../apache/activemq/jaas/LDAPLoginModuleTest.java | 48 ++++++++++++++++++++-- + activemq-jaas/src/test/resources/login.config | 36 ++++++++++++++++ + 3 files changed, 83 insertions(+), 4 deletions(-) + +diff --git a/activemq-jaas/src/main/java/org/apache/activemq/jaas/LDAPLoginModule.java b/activemq-jaas/src/main/java/org/apache/activemq/jaas/LDAPLoginModule.java +index f0834a0..0a56204 100644 +--- a/activemq-jaas/src/main/java/org/apache/activemq/jaas/LDAPLoginModule.java ++++ b/activemq-jaas/src/main/java/org/apache/activemq/jaas/LDAPLoginModule.java +@@ -404,6 +404,7 @@ public class LDAPLoginModule implements LoginModule { + if (log.isDebugEnabled()) { + log.debug("Binding the user."); + } ++ context.addToEnvironment(Context.SECURITY_AUTHENTICATION, "simple"); + context.addToEnvironment(Context.SECURITY_PRINCIPAL, dn); + context.addToEnvironment(Context.SECURITY_CREDENTIALS, password); + try { +@@ -429,7 +430,7 @@ public class LDAPLoginModule implements LoginModule { + } else { + context.removeFromEnvironment(Context.SECURITY_CREDENTIALS); + } +- ++ context.addToEnvironment(Context.SECURITY_AUTHENTICATION, getLDAPPropertyValue(AUTHENTICATION)); + return isValid; + } + +diff --git a/activemq-jaas/src/test/java/org/apache/activemq/jaas/LDAPLoginModuleTest.java b/activemq-jaas/src/test/java/org/apache/activemq/jaas/LDAPLoginModuleTest.java +index ea2fb57..208dba2 100644 +--- a/activemq-jaas/src/test/java/org/apache/activemq/jaas/LDAPLoginModuleTest.java ++++ b/activemq-jaas/src/test/java/org/apache/activemq/jaas/LDAPLoginModuleTest.java +@@ -18,7 +18,6 @@ package org.apache.activemq.jaas; + + import org.apache.directory.server.core.integ.AbstractLdapTestUnit; + import org.apache.directory.server.core.integ.FrameworkRunner; +-import org.apache.directory.server.integ.ServerIntegrationUtils; + import org.apache.directory.server.ldap.LdapServer; + import org.apache.directory.server.annotations.CreateLdapServer; + import org.apache.directory.server.annotations.CreateTransport; +@@ -34,11 +33,11 @@ import javax.naming.NamingEnumeration; + import javax.naming.directory.DirContext; + import javax.naming.directory.InitialDirContext; + import javax.security.auth.callback.*; ++import javax.security.auth.login.FailedLoginException; + import javax.security.auth.login.LoginContext; + import javax.security.auth.login.LoginException; + + import java.io.IOException; +-import java.net.URL; + import java.util.HashSet; + import java.util.Hashtable; + +@@ -47,7 +46,7 @@ import static org.junit.Assert.assertTrue; + import static org.junit.Assert.fail; + + @RunWith ( FrameworkRunner.class ) +- at CreateLdapServer(transports = {@CreateTransport(protocol = "LDAP", port=1024)}) ++ at CreateLdapServer(transports = {@CreateTransport(protocol = "LDAP", port=1024)}, allowAnonymousAccess = true) + @ApplyLdifFiles( + "test.ldif" + ) +@@ -172,4 +171,47 @@ public class LDAPLoginModuleTest extends AbstractLdapTestUnit { + } + + ++ @Test ++ public void testAuthenticatedViaBindOnAnonConnection() throws Exception { ++ LoginContext context = new LoginContext("AnonBindCheckUserLDAPLogin", new CallbackHandler() { ++ @Override ++ public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException { ++ for (int i = 0; i < callbacks.length; i++) { ++ if (callbacks[i] instanceof NameCallback) { ++ ((NameCallback) callbacks[i]).setName("first"); ++ } else if (callbacks[i] instanceof PasswordCallback) { ++ ((PasswordCallback) callbacks[i]).setPassword("wrongSecret".toCharArray()); ++ } else { ++ throw new UnsupportedCallbackException(callbacks[i]); ++ } ++ } ++ } ++ }); ++ try { ++ context.login(); ++ fail("Should have failed authenticating"); ++ } catch (FailedLoginException expected) { ++ } ++ } ++ ++ @Test ++ public void testAuthenticatedOkViaBindOnAnonConnection() throws Exception { ++ LoginContext context = new LoginContext("AnonBindCheckUserLDAPLogin", new CallbackHandler() { ++ @Override ++ public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException { ++ for (int i = 0; i < callbacks.length; i++) { ++ if (callbacks[i] instanceof NameCallback) { ++ ((NameCallback) callbacks[i]).setName("first"); ++ } else if (callbacks[i] instanceof PasswordCallback) { ++ ((PasswordCallback) callbacks[i]).setPassword("secret".toCharArray()); ++ } else { ++ throw new UnsupportedCallbackException(callbacks[i]); ++ } ++ } ++ } ++ }); ++ context.login(); ++ context.logout(); ++ } ++ + } +diff --git a/activemq-jaas/src/test/resources/login.config b/activemq-jaas/src/test/resources/login.config +index dee62a5..b5e8cf8 100644 +--- a/activemq-jaas/src/test/resources/login.config ++++ b/activemq-jaas/src/test/resources/login.config +@@ -30,6 +30,23 @@ PropertiesLoginReload { + org.apache.activemq.jaas.properties.group="groups.properties"; + }; + ++EncryptedPropertiesLogin { ++ org.apache.activemq.jaas.PropertiesLoginModule required ++ debug=true ++ org.apache.activemq.jaas.properties.user="users-encrypted.properties" ++ org.apache.activemq.jaas.properties.group="groups.properties" ++ decrypt=true; ++}; ++ ++EncryptedAESPropertiesLogin { ++ org.apache.activemq.jaas.PropertiesLoginModule required ++ debug=true ++ org.apache.activemq.jaas.properties.user="users-encrypted-aes.properties" ++ org.apache.activemq.jaas.properties.group="groups.properties" ++ algorithm=PBEWITHHMACSHA1ANDAES_128 ++ decrypt=true; ++}; ++ + LDAPLogin { + org.apache.activemq.jaas.LDAPLoginModule required + debug=true +@@ -88,6 +105,25 @@ UnAuthenticatedLDAPLogin { + ; + }; + ++AnonBindCheckUserLDAPLogin { ++ org.apache.activemq.jaas.LDAPLoginModule required ++ debug=true ++ initialContextFactory=com.sun.jndi.ldap.LdapCtxFactory ++ connectionURL="ldap://localhost:1024" ++ connectionUsername=none ++ connectionPassword=none ++ connectionProtocol=s ++ authentication=none ++ userBase="ou=system" ++ userSearchMatching="(uid={0})" ++ userSearchSubtree=false ++ roleBase="ou=system" ++ roleName=cn ++ roleSearchMatching="(member=uid={1},ou=system)" ++ roleSearchSubtree=false ++ ; ++}; ++ + ExpandedLDAPLogin { + org.apache.activemq.jaas.LDAPLoginModule required + debug=true ===================================== debian/patches/series ===================================== @@ -4,3 +4,6 @@ activemq-client-jar.patch disable-broker-test-dependency.patch CVE-2017-7559.patch CVE-2020-13920.patch +CVE-2017-15709.patch +CVE-2018-11775.patch +CVE-2021-26117.patch View it on GitLab: https://salsa.debian.org/java-team/activemq/-/commit/3985e0c58102246e2d5bf3916b9ba548055e5ae3 -- View it on GitLab: https://salsa.debian.org/java-team/activemq/-/commit/3985e0c58102246e2d5bf3916b9ba548055e5ae3 You're receiving this email because of your account on salsa.debian.org. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gitlab at salsa.debian.org Thu Mar 11 16:55:14 2021 From: gitlab at salsa.debian.org (Pierre Gruet) Date: Thu, 11 Mar 2021 16:55:14 +0000 Subject: [Git][java-team/jalview][master] 3 commits: Using my debian.org address for the packaging Message-ID: <604a4b72378c5_1b452f8b47442a9@godard.mail> Pierre Gruet pushed to branch master at Debian Java Maintainers / jalview Commits: 8335966b by Pierre Gruet at 2021-03-08T21:37:36+01:00 Using my debian.org address for the packaging - - - - - 13f63b77 by Pierre Gruet at 2021-03-11T17:53:50+01:00 Updating German translation - - - - - 020ffe31 by Pierre Gruet at 2021-03-11T17:54:42+01:00 Adding (Brazilian) Portuguese, Dutch, Galician translations - - - - - 17 changed files: - debian/control - debian/copyright - debian/manpages/jalview.1 - debian/patches/change_package_jfree.patch - debian/patches/controlling_web_services.patch - debian/patches/correct_last_assertion_MemorySettingTest.patch - debian/patches/deactivate_classgraph.patch - debian/patches/deactivate_getdown.patch - debian/patches/deactivate_google_analytics.patch - debian/patches/get_rid_of_quaqua.patch - debian/patches/using_right_json_simple_package.patch - debian/po/de.po - + debian/po/gl.po - + debian/po/nl.po - + debian/po/pt.po - + debian/po/pt_BR.po - debian/tests/someCommandLineInvocations Changes: ===================================== debian/control ===================================== @@ -2,7 +2,7 @@ Source: jalview Section: science Priority: optional Maintainer: Debian Java Maintainers -Uploaders: Pierre Gruet +Uploaders: Pierre Gruet Build-Depends: debhelper-compat (= 13), po-debconf, default-jdk, ===================================== debian/copyright ===================================== @@ -78,7 +78,7 @@ License: Apache-2.0 Files: debian/* Copyright: 2009-2011 Vincent Fourmond - 2020 Pierre Gruet + 2020-2021 Pierre Gruet License: GPL-3+ License: Apache-2.0 ===================================== debian/manpages/jalview.1 ===================================== @@ -134,5 +134,5 @@ See https://www.jalview.org/help/html/memory.html for more details. .SH AUTHOR This manual page was written by Vincent Fourmond and -Pierre Gruet from the Debian project, but may be used +Pierre Gruet from the Debian project, but may be used by others. ===================================== debian/patches/change_package_jfree.patch ===================================== @@ -1,5 +1,5 @@ Description: change the package for org.jfree, which is not the correct one -Author: Pierre Gruet +Author: Pierre Gruet Forwarded: jalview-dev at jalview.org Last-Update: 2020-11-12 ===================================== debian/patches/controlling_web_services.patch ===================================== @@ -1,7 +1,7 @@ Description: Do not run web services if not allowed by the user/administrator Author: Jim Procter Forwarded: not-needed -Reviewed-by: Pierre Gruet +Reviewed-by: Pierre Gruet Last-Update: 2021-02-06 --- a/src/jalview/bin/Cache.java ===================================== debian/patches/correct_last_assertion_MemorySettingTest.patch ===================================== @@ -2,7 +2,7 @@ Description: correcting the last assertion in MemorySettingTest.java Author: Benedict Soares Origin: upstream Forwarded: not-needed -Reviewed-by: Pierre Gruet +Reviewed-by: Pierre Gruet Last-Update: 2020-11-19 --- a/test/jalview/bin/MemorySettingTest.java ===================================== debian/patches/deactivate_classgraph.patch ===================================== @@ -1,5 +1,5 @@ Description: avoid using classgraph, not needed to find the Debian jar -Author: Pierre Gruet +Author: Pierre Gruet Forwarded: not-needed Last-Update: 2020-11-16 ===================================== debian/patches/deactivate_getdown.patch ===================================== @@ -1,5 +1,5 @@ Description: Not using getdown inside Jalview -Author: Pierre Gruet +Author: Pierre Gruet Forwarded: not-needed Last-Update: 2020-11-16 ===================================== debian/patches/deactivate_google_analytics.patch ===================================== @@ -1,5 +1,5 @@ Description: Turn off Google analytics call, relies on non-packaged software -Author: Pierre Gruet +Author: Pierre Gruet Forwarded: not-needed Last-Update: 2020-11-25 ===================================== debian/patches/get_rid_of_quaqua.patch ===================================== @@ -1,5 +1,5 @@ Description: get rid of Quaqua look and feel, only licensed for Mac -Author: Pierre Gruet +Author: Pierre Gruet Forwarded: not-needed Last-Update: 2020-11-14 ===================================== debian/patches/using_right_json_simple_package.patch ===================================== @@ -2,7 +2,7 @@ Description: JSONObject was wrongly invoked It was called with a wrong package name, "simple" being forgotten. Moreover it is called on an AlignmentPojo object, I added the getAppSettings method in the call to get a HashMap. -Author: Pierre Gruet +Author: Pierre Gruet Forwarded: jalview-dev at jalview.org Last-Update: 2020-11-15 ===================================== debian/po/de.po ===================================== @@ -5,10 +5,10 @@ # msgid "" msgstr "" -"Project-Id-Version: jalview 2.11.1.3+dfsg2-3\n" +"Project-Id-Version: jalview 2.11.1.3+dfsg2-4\n" "Report-Msgid-Bugs-To: jalview at packages.debian.org\n" -"POT-Creation-Date: 2021-02-22 17:20+0100\n" -"PO-Revision-Date: 2021-02-27 08:23+0100\n" +"POT-Creation-Date: 2021-02-27 21:34+0100\n" +"PO-Revision-Date: 2021-03-01 19:43+0100\n" "Last-Translator: Helge Kreutzmann \n" "Language-Team: German \n" "Language: de\n" @@ -18,13 +18,18 @@ msgstr "" #. Type: boolean #. Description +#. Translators: "identifiers" or "accessions" are short tokens that may be +#. downloaded from identifiers.org to easily access some biological databases. +#. A bit more info at identifiers.org if needed. #: ../templates:1001 -msgid "Allow downloading identifiers automatically from www.jalview.org?" -msgstr "" -"Automatisches Herunterladen der Kennzeichner von www.jalview.org erlauben?" +msgid "Automatically download identifiers from jalview.org?" +msgstr "Kennzeichner von www.jalview.org automatisch herunterladen?" #. Type: boolean #. Description +#. Translators: "identifiers" or "accessions" are short tokens that may be +#. downloaded from identifiers.org to easily access some biological databases. +#. A bit more info at identifiers.org if needed. #: ../templates:1001 msgid "" "Jalview can automatically download a list of identifiers.org URL templates " @@ -35,6 +40,9 @@ msgstr "" #. Type: boolean #. Description +#. Translators: "identifiers" or "accessions" are short tokens that may be +#. downloaded from identifiers.org to easily access some biological databases. +#. A bit more info at identifiers.org if needed. #: ../templates:1001 msgid "" "This is a convenience for users but can be deactivated as it causes an " @@ -47,35 +55,39 @@ msgstr "" #. Type: boolean #. Description -#: ../templates:1001 -msgid "" -"Users can only override this preference from their own configuration file." +#. Translators: "identifiers" or "accessions" are short tokens that may be +#. downloaded from identifiers.org to easily access some biological databases. +#. A bit more info at identifiers.org if needed. +#. Type: boolean +#. Description +#: ../templates:1001 ../templates:5001 +msgid "Individual users can override this setting in their configuration file." msgstr "" -"Benutzer k?nnen diese Voreinstellung nur ?ber ihre eigene Konfigurationsdatei " -"au?er Kraft setzen." +"Einzelne Benutzer k?nnen diese Voreinstellung in ihrer eigenen " +"Konfigurationsdatei au?er Kraft setzen." #. Type: boolean #. Description #: ../templates:2001 -msgid "Allow automatic display of news from the Jalview website?" -msgstr "Automatische Anzeige der Neuigkeiten von der Jalview-Website erlauben?" +msgid "Automatically display news from jalview.org?" +msgstr "Neuigkeiten von jalview.org automatisch anzeigen?" #. Type: boolean #. Description #: ../templates:2001 msgid "" -"Users will be automatically shown updates from https://www.jalview.org/" -"feeds/desktop/rss in a popup window." +"Jalview can automatically show updates from https://www.jalview.org/feeds/" +"desktop/rss in a popup window." msgstr "" -"Benutzern werden automatisch Aktualisierungen von https://www.jalview.org/" -"feeds/desktop/rss in einem aufklappenden Fenster angezeigt." +"Jalview kann automatisch Aktualisierungen von https://www.jalview.org/feeds/" +"desktop/rss in einem aufklappenden Fenster anzeigen." #. Type: boolean #. Description #: ../templates:2001 msgid "" "The news feed is informative to users but its retrieval pings www.jalview." -"org, which records usage statistics." +"org, which records usage statistics." msgstr "" "Der Neuigkeiten-Feed ist f?r Benutzer informativ, aber beim Abruf wird www." "jalview.org kontaktiert, wo Benutzungsstatistiken aufgezeichnet werden." @@ -95,8 +107,8 @@ msgstr "" #. Type: boolean #. Description #: ../templates:3001 -msgid "Allow prompts from Jalview's website about a user questionnaire?" -msgstr "Anfragen von Jalviews Website ?ber einen Benutzerfragebogen erlauben?" +msgid "Automatically check for questionnaires from jalview.org?" +msgstr "Automatisch nach Benutzerfrageb?gen von jalview.org pr?fen?" #. Type: boolean #. Description @@ -135,13 +147,24 @@ msgstr "" #. Type: boolean #. Description +#. Translators: web services are tools for analysis that are located on web +#. servers in order to bring more functionality compared to the standalone +#. software. "discovering" them corresponds to seeing what services are +#. available. +#. The sentence beginning with "Otherwise" means the users can do this discovery +#. from the menu of the software if the administrator has disabled it. #: ../templates:4001 -msgid "Allow discovery of alignment and analysis web services at startup?" -msgstr "" -"Die Ermittlung von Alignment- und Analyse-Webdiensten beim Starten erlauben?" +msgid "Automatically discover JABA Web Services?" +msgstr "Automatisch JABA-Web-Dienste ermittelnAutomatisch JABA-Web-Dienste ermitteln??" #. Type: boolean #. Description +#. Translators: web services are tools for analysis that are located on web +#. servers in order to bring more functionality compared to the standalone +#. software. "discovering" them corresponds to seeing what services are +#. available. +#. The sentence beginning with "Otherwise" means the users can do this discovery +#. from the menu of the software if the administrator has disabled it. #: ../templates:4001 msgid "" "The JABAWS system (www.compbio.dundee.ac.uk/jabaws) provides access to a " @@ -152,13 +175,18 @@ msgstr "" "Reihe von multiplen Alignment- und Analysewerkzeugen als Webdiensten dritter " "Parteien." -# FIXME they ? users? #. Type: boolean #. Description +#. Translators: web services are tools for analysis that are located on web +#. servers in order to bring more functionality compared to the standalone +#. software. "discovering" them corresponds to seeing what services are +#. available. +#. The sentence beginning with "Otherwise" means the users can do this discovery +#. from the menu of the software if the administrator has disabled it. #: ../templates:4001 msgid "" "Jalview can automatically query the public (or any other configured) JABAWS " -"services on start-up. Otherwise, they will need to initiate discovery with a " +"services on startup. Otherwise, users will need to initiate discovery with a " "menu option." msgstr "" "Jalview kann beim Starten automatisch den ?ffentlichen (oder jeden anderen " @@ -167,6 +195,12 @@ msgstr "" #. Type: boolean #. Description +#. Translators: web services are tools for analysis that are located on web +#. servers in order to bring more functionality compared to the standalone +#. software. "discovering" them corresponds to seeing what services are +#. available. +#. The sentence beginning with "Otherwise" means the users can do this discovery +#. from the menu of the software if the administrator has disabled it. #: ../templates:4001 msgid "" "Users can enable or disable startup discovery from their own configuration " @@ -179,25 +213,26 @@ msgstr "" #. Type: boolean #. Description #: ../templates:5001 -msgid "Allow downloading HTML templates automatically from Github?" -msgstr "Automatisches Herunterladen von HTML-Vorlagen von Github erlauben?" +msgid "Automatically download HTML templates from Github?" +msgstr "HTML-Vorlagen von Github automatisch herunterladen?" +# FIXME cam ? can #. Type: boolean #. Description #: ../templates:5001 msgid "" -"Jalview automatically downloads the latest 'BioJS' HTML export template from " -"https://github.com/jalview/exporter-templates on startup." +"Jalview cam automatically download the latest \"BioJS\" HTML export template " +"from https://github.com/jalview/exporter-templates on startup." msgstr "" -"Jalview l?dt beim Starten automatisch die neuste ?BioJS?-HTML-Exportvorlage " -"von https://github.com/jalview/exporter-templates herunter." +"Jalview kann beim Starten automatisch die neuste ?BioJS?-HTML-Exportvorlage " +"von https://github.com/jalview/exporter-templates herunterladen." #. Type: boolean #. Description #: ../templates:5001 msgid "" -"Users can only enable or disable this feature from their own configuration " -"file." +"This is a convenience for users but can be deactivated as it causes an " +"automatic ping to Github." msgstr "" -"Benutzer k?nnen diese Funktionalit?t in ihrer eigenen Konfigurationsdatei " -"aktivieren oder deaktivieren." +"Dies dient der Bequemlichkeit der Benutzer, kann aber deaktiviert werden, da " +"es zu einem automatischen Ping an Github f?hrt." ===================================== debian/po/gl.po ===================================== @@ -0,0 +1,239 @@ +# Galician translation of Jalview +# Copyright (C) 2021 +# This file is distributed under the same license as the jalview package.. +# Pablo , 2021. +# +msgid "" +msgstr "" +"Project-Id-Version: jalview\n" +"Report-Msgid-Bugs-To: jalview at packages.debian.org\n" +"POT-Creation-Date: 2021-02-27 21:34+0100\n" +"PO-Revision-Date: 2021-03-01 12:14+0100\n" +"Language-Team: Galician \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" +"X-Generator: Poedit 2.2.1\n" +"Last-Translator: Pablo \n" +"Plural-Forms: nplurals=2; plural=(n != 1);\n" +"Language: gl\n" + +#. Type: boolean +#. Description +#. Translators: "identifiers" or "accessions" are short tokens that may be +#. downloaded from identifiers.org to easily access some biological databases. +#. A bit more info at identifiers.org if needed. +#: ../templates:1001 +msgid "Automatically download identifiers from jalview.org?" +msgstr "Descargar as identificaci?ns autom?ticamente dende jalview.org?" + +#. Type: boolean +#. Description +#. Translators: "identifiers" or "accessions" are short tokens that may be +#. downloaded from identifiers.org to easily access some biological databases. +#. A bit more info at identifiers.org if needed. +#: ../templates:1001 +msgid "" +"Jalview can automatically download a list of identifiers.org URL templates " +"for viewing accessions from various biological databases." +msgstr "" +"Jalview pode descargar autom?ticamente unha lista de modelos de URLs de " +"identifiers.org para ver claves de identificaci?n(accessions) de varias " +"bases de datos biol?xicas." + +#. Type: boolean +#. Description +#. Translators: "identifiers" or "accessions" are short tokens that may be +#. downloaded from identifiers.org to easily access some biological databases. +#. A bit more info at identifiers.org if needed. +#: ../templates:1001 +msgid "" +"This is a convenience for users but can be deactivated as it causes an " +"automatic ping to www.jalview.org/services/identifiers, which records usage " +"statistics." +msgstr "" +"Esto ? c?modo para os usuarios pero p?dese desactivar, por que fai unha " +"petici?n autom?tica a www.jalview.org/services/identifiers, que o rexistra " +"para as estad?sticas de uso." + +#. Type: boolean +#. Description +#. Translators: "identifiers" or "accessions" are short tokens that may be +#. downloaded from identifiers.org to easily access some biological databases. +#. A bit more info at identifiers.org if needed. +#. Type: boolean +#. Description +#: ../templates:1001 ../templates:5001 +msgid "Individual users can override this setting in their configuration file." +msgstr "" +"Cada usuario individual pode desactivar esta opci?n no seu ficheiro de " +"configuraci?n." + +#. Type: boolean +#. Description +#: ../templates:2001 +msgid "Automatically display news from jalview.org?" +msgstr "Amosar novas de jalview.org automaticamente?" + +#. Type: boolean +#. Description +#: ../templates:2001 +msgid "" +"Jalview can automatically show updates from https://www.jalview.org/feeds/" +"desktop/rss in a popup window." +msgstr "" +"Jalview pode amosar autom?ticamente actualizaci?ns de https://www.jalview." +"org/feeds/desktop/rss nunha xanela sa?nte." + +#. Type: boolean +#. Description +#: ../templates:2001 +msgid "" +"The news feed is informative to users but its retrieval pings www.jalview." +"org, which records usage statistics." +msgstr "" +"Para os usuarios ? instrutivo recibir as ?ltimas novas, pero obtelas implica " +"enviar petici?ns a www.jalview.org, que as rexistra para as estad?sticas de " +"uso." + +#. Type: boolean +#. Description +#: ../templates:2001 +msgid "" +"If this is disabled, users may still manually open the news reader. Users " +"can also override this preference in the Preferences window or from their " +"own configuration file." +msgstr "" +"Se isto est? desactivado, os usuarios poden abrir manualmente o lector de " +"novas. Tam?n os usuarios poden sobrescribir esta opci?n na xanela de " +"Preferencias ou dende o seu ficheiro de configuraci?n." + +#. Type: boolean +#. Description +#: ../templates:3001 +msgid "Automatically check for questionnaires from jalview.org?" +msgstr "Comprobar automaticamente se hai cuestionarios dende jalview.org?" + +#. Type: boolean +#. Description +#: ../templates:3001 +msgid "" +"User questionnaires are posted from time to time on www.jalview.org, and " +"Jalview can automatically query the site to look for them on startup, in " +"order to prompt users to complete them." +msgstr "" +"Os cuestionarios de usuarios publ?canse de cando en vez en www.jalview.org, " +"e Jalview pode preguntarlle autom?ticamente ao sitio cando arranque, e " +"pedirlle aos usuarios que os completen." + +#. Type: boolean +#. Description +#: ../templates:3001 +msgid "" +"Logs for the questionnaire service are used to record usage statistics, and " +"anonymised cookies are stored in the user's preferences to track whether " +"they have completed the latest questionnaire." +msgstr "" +"Os rexistros do servizo de cuestionarios ?sanse para rexistrar estad?sticas " +"de uso, e g?rdanse datos an?nimos na configuraci?n do usuario para comprobar " +"se xa contestaron o ?ltimo cuestionario." + +#. Type: boolean +#. Description +#: ../templates:3001 +msgid "" +"Users can enable or disable this query from their own configuration file, or " +"from the Preferences window in the application." +msgstr "" +"Os usuarios poden activar ou desactivar estas petici?ns dende o seu propio " +"ficheiro de configuraci?n, ou dende a xanela de Preferencias na aplicaci?n." + +#. Type: boolean +#. Description +#. Translators: web services are tools for analysis that are located on web +#. servers in order to bring more functionality compared to the standalone +#. software. "discovering" them corresponds to seeing what services are +#. available. +#. The sentence beginning with "Otherwise" means the users can do this discovery +#. from the menu of the software if the administrator has disabled it. +#: ../templates:4001 +msgid "Automatically discover JABA Web Services?" +msgstr "Descubrir Servizos na Rede JABA (JABAWS) automaticamente?" + +#. Type: boolean +#. Description +#. Translators: web services are tools for analysis that are located on web +#. servers in order to bring more functionality compared to the standalone +#. software. "discovering" them corresponds to seeing what services are +#. available. +#. The sentence beginning with "Otherwise" means the users can do this discovery +#. from the menu of the software if the administrator has disabled it. +#: ../templates:4001 +msgid "" +"The JABAWS system (www.compbio.dundee.ac.uk/jabaws) provides access to a " +"range of third party multiple sequence alignment and analysis tools as web " +"services." +msgstr "" +"O sistema JAVAWS (www.compbio.dundee.ac.uk/jabaws) permite o acceso a un " +"gran n?mero de ali?amento m?ltiple de secuencias e ferramentas de an?lise " +"alleos mediante servizos na rede." + +#. Type: boolean +#. Description +#. Translators: web services are tools for analysis that are located on web +#. servers in order to bring more functionality compared to the standalone +#. software. "discovering" them corresponds to seeing what services are +#. available. +#. The sentence beginning with "Otherwise" means the users can do this discovery +#. from the menu of the software if the administrator has disabled it. +#: ../templates:4001 +msgid "" +"Jalview can automatically query the public (or any other configured) JABAWS " +"services on startup. Otherwise, users will need to initiate discovery with a " +"menu option." +msgstr "" +"Jalview pode preguntarlle autom?ticamente aos servizos p?blicos (ou calquera " +"outro configurado) de JABAWS durante o arranque. Se isto est? desactivado os " +"usuarios poden iniciar a busca mediante unha opci?n do men?." + +#. Type: boolean +#. Description +#. Translators: web services are tools for analysis that are located on web +#. servers in order to bring more functionality compared to the standalone +#. software. "discovering" them corresponds to seeing what services are +#. available. +#. The sentence beginning with "Otherwise" means the users can do this discovery +#. from the menu of the software if the administrator has disabled it. +#: ../templates:4001 +msgid "" +"Users can enable or disable startup discovery from their own configuration " +"file or from the Preferences window in the application." +msgstr "" +"Os usuarios poden activar ou desactivar a busca dende o seu propio ficheiro " +"de configuraci?n ou dende a xanela de Preferencias na aplicaci?n." + +#. Type: boolean +#. Description +#: ../templates:5001 +msgid "Automatically download HTML templates from Github?" +msgstr "Descargar os modelos HTML dende Github automaticamente?" + +#. Type: boolean +#. Description +#: ../templates:5001 +msgid "" +"Jalview cam automatically download the latest \"BioJS\" HTML export template " +"from https://github.com/jalview/exporter-templates on startup." +msgstr "" +"Jalview pode descargar automaticamente o ?ltimo modelo HTML exportado \"BioJS" +"\" dende https://github.com/jalview/exporter-templates durante o arranque." + +#. Type: boolean +#. Description +#: ../templates:5001 +msgid "" +"This is a convenience for users but can be deactivated as it causes an " +"automatic ping to Github." +msgstr "" +"Isto ? c?modo para os usuarios, pero p?dese desactivar por que obriga a " +"facer unha petici?n a Github." ===================================== debian/po/nl.po ===================================== @@ -0,0 +1,208 @@ +# Dutch translation of jalview debconf templates. +# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER +# This file is distributed under the same license as the jalview package.. +# FIRST AUTHOR , YEAR. +# Frans Spiesschaert , 2021. +# +msgid "" +msgstr "" +"Project-Id-Version: jalview_2.11.1.3+dfsg2-3\n" +"Report-Msgid-Bugs-To: jalview at packages.debian.org\n" +"POT-Creation-Date: 2021-02-22 17:20+0100\n" +"PO-Revision-Date: 2021-02-26 21:28+0100\n" +"Last-Translator: Frans Spiesschaert \n" +"Language-Team: Debian Dutch l10n Team \n" +"Language: nl\n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" +"Plural-Forms: nplurals=2; plural=(n != 1);\n" +"X-Generator: Poedit 2.2.1\n" + +#. Type: boolean +#. Description +#: ../templates:1001 +msgid "Allow downloading identifiers automatically from www.jalview.org?" +msgstr "" +"Het automatisch downloaden van identificatiegegevens van www.jalview.org " +"toestaan?" + +#. Type: boolean +#. Description +#: ../templates:1001 +msgid "" +"Jalview can automatically download a list of identifiers.org URL templates " +"for viewing accessions from various biological databases." +msgstr "" +"Jalview kan automatisch een lijst met URL-sjablonen van identifiers.org " +"downloaden voor het bekijken van aanwinsten van verschillende biologische " +"databases." + +#. Type: boolean +#. Description +#: ../templates:1001 +msgid "" +"This is a convenience for users but can be deactivated as it causes an " +"automatic ping to www.jalview.org/services/identifiers, which records usage " +"statistics." +msgstr "" +"Dit is handig voor gebruikers, maar kan worden uitgeschakeld omdat het een " +"automatische ping veroorzaakt naar www.jalview.org/services/identifiers, " +"waar gebruiksstatistieken geregistreerd worden." + +#. Type: boolean +#. Description +#: ../templates:1001 +msgid "" +"Users can only override this preference from their own configuration file." +msgstr "" +"Gebruikers kunnen deze voorkeur alleen opheffen in hun eigen " +"configuratiebestand." + +#. Type: boolean +#. Description +#: ../templates:2001 +msgid "Allow automatic display of news from the Jalview website?" +msgstr "Automatische weergave van nieuws van de Jalview-website toestaan?" + +#. Type: boolean +#. Description +#: ../templates:2001 +msgid "" +"Users will be automatically shown updates from https://www.jalview.org/" +"feeds/desktop/rss in a popup window." +msgstr "" +"Gebruikers krijgen automatisch updates van https://www.jalview.org/feeds/" +"desktop/rss te zien in een pop-upvenster." + +#. Type: boolean +#. Description +#: ../templates:2001 +msgid "" +"The news feed is informative to users but its retrieval pings www.jalview." +"org, which records usage statistics." +msgstr "" +"De nieuwsstroom is informatief voor gebruikers, maar het ophalen ervan pingt " +"www.jalview.org, waar gebruiksstatistieken bijgehouden worden." + +#. Type: boolean +#. Description +#: ../templates:2001 +msgid "" +"If this is disabled, users may still manually open the news reader. Users " +"can also override this preference in the Preferences window or from their " +"own configuration file." +msgstr "" +"Als dit is uitgeschakeld, kunnen gebruikers nog steeds handmatig de " +"nieuwslezer openen. Gebruikers kunnen deze voorkeur ook opheffen in het " +"venster Voorkeuren (Preferences) of in hun eigen configuratiebestand." + +#. Type: boolean +#. Description +#: ../templates:3001 +msgid "Allow prompts from Jalview's website about a user questionnaire?" +msgstr "Gebruikersvragenlijsten van de website van Jalview toelaten?" + +#. Type: boolean +#. Description +#: ../templates:3001 +msgid "" +"User questionnaires are posted from time to time on www.jalview.org, and " +"Jalview can automatically query the site to look for them on startup, in " +"order to prompt users to complete them." +msgstr "" +"Gebruikersvragenlijsten worden van tijd tot tijd op www.jalview.org gepost " +"en Jalview kan er bij het opstarten automatisch naar op zoek gaan op de site " +"om gebruikers te vragen ze in te vullen." + +#. Type: boolean +#. Description +#: ../templates:3001 +msgid "" +"Logs for the questionnaire service are used to record usage statistics, and " +"anonymised cookies are stored in the user's preferences to track whether " +"they have completed the latest questionnaire." +msgstr "" +"De logs over de vragenlijstdienst worden gebruikt om gebruiksstatistieken " +"bij te houden, en er worden geanonimiseerde cookies opgeslagen in de " +"voorkeuren van de gebruiker om na te gaan of deze de laatste vragenlijst " +"heeft ingevuld." + +#. Type: boolean +#. Description +#: ../templates:3001 +msgid "" +"Users can enable or disable this query from their own configuration file, or " +"from the Preferences window in the application." +msgstr "" +"Gebruikers kunnen deze opzoekingen in- of uitschakelen in hun eigen " +"configuratiebestand of in het venster Voorkeuren (Preferences) in de " +"applicatie." + +#. Type: boolean +#. Description +#: ../templates:4001 +msgid "Allow discovery of alignment and analysis web services at startup?" +msgstr "" +"Webdiensten voor uitlijning en analyse laten opsporen bij het opstarten?" + +#. Type: boolean +#. Description +#: ../templates:4001 +msgid "" +"The JABAWS system (www.compbio.dundee.ac.uk/jabaws) provides access to a " +"range of third party multiple sequence alignment and analysis tools as web " +"services." +msgstr "" +"Het JABAWS-systeem (www.compbio.dundee.ac.uk/jabaws) biedt toegang tot een " +"reeks instrumenten van derden voor meervoudige sequentie-uitlijning en " +"analyse als webdienst." + +#. Type: boolean +#. Description +#: ../templates:4001 +msgid "" +"Jalview can automatically query the public (or any other configured) JABAWS " +"services on start-up. Otherwise, they will need to initiate discovery with a " +"menu option." +msgstr "" +"Jalview kan automatisch de openbare (en alle andere geconfigureerde) JABAWS-" +"diensten opsporen bij het opstarten. Anders moet dit zoekproces met een " +"menuoptie gestart worden." + +#. Type: boolean +#. Description +#: ../templates:4001 +msgid "" +"Users can enable or disable startup discovery from their own configuration " +"file or from the Preferences window in the application." +msgstr "" +"Gebruikers kunnen deze opsporingen bij het opstarten in- of uitschakelen in " +"hun eigen configuratiebestand of in het venster Voorkeuren (Preferences) in " +"de applicatie." + +#. Type: boolean +#. Description +#: ../templates:5001 +msgid "Allow downloading HTML templates automatically from Github?" +msgstr "Het automatisch downloaden van HTML-sjablonen van Github toestaan?" + +#. Type: boolean +#. Description +#: ../templates:5001 +msgid "" +"Jalview automatically downloads the latest 'BioJS' HTML export template from " +"https://github.com/jalview/exporter-templates on startup." +msgstr "" +"Jalview downloadt bij het opstarten automatisch het recentste 'BioJS' HTML-" +"exportsjabloon van https://github.com/jalview/exporter-templates." + +#. Type: boolean +#. Description +#: ../templates:5001 +msgid "" +"Users can only enable or disable this feature from their own configuration " +"file." +msgstr "" +"Gebruikers kunnen deze functie enkel in hun eigen configuratiebestand in- of " +"uitschakelen." ===================================== debian/po/pt.po ===================================== @@ -0,0 +1,243 @@ +# Translation of jalview debconf messages to European Portuguese +# Copyright (C) 2021 THE jalview'S COPYRIGHT HOLDER +# This file is distributed under the same license as the jalview package.. +# +# Am?rico Monteiro , 2021. +msgid "" +msgstr "" +"Project-Id-Version: jalview 2.11.1.3-4\n" +"Report-Msgid-Bugs-To: jalview at packages.debian.org\n" +"POT-Creation-Date: 2021-02-27 21:34+0100\n" +"PO-Revision-Date: 2021-03-10 15:23+0000\n" +"Last-Translator: Am?rico Monteiro \n" +"Language-Team: Portuguese <>\n" +"Language: pt\n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" +"Plural-Forms: nplurals=2; plural=(n != 1);\n" +"X-Generator: Lokalize 2.0\n" + +#. Type: boolean +#. Description +#. Translators: "identifiers" or "accessions" are short tokens that may be +#. downloaded from identifiers.org to easily access some biological databases. +#. A bit more info at identifiers.org if needed. +#: ../templates:1001 +msgid "Automatically download identifiers from jalview.org?" +msgstr "Descarregar identificadores automaticamente de jalview.org?" + +#. Type: boolean +#. Description +#. Translators: "identifiers" or "accessions" are short tokens that may be +#. downloaded from identifiers.org to easily access some biological databases. +#. A bit more info at identifiers.org if needed. +#: ../templates:1001 +msgid "" +"Jalview can automatically download a list of identifiers.org URL templates " +"for viewing accessions from various biological databases." +msgstr "" +"Jalview pode descarregar automaticamente uma lista de modelos URL de " +"identifiers.org para visualizar acessos a partir de v?rias bases de dados " +"biol?gicas." + +#. Type: boolean +#. Description +#. Translators: "identifiers" or "accessions" are short tokens that may be +#. downloaded from identifiers.org to easily access some biological databases. +#. A bit more info at identifiers.org if needed. +#: ../templates:1001 +msgid "" +"This is a convenience for users but can be deactivated as it causes an " +"automatic ping to www.jalview.org/services/identifiers, which records usage " +"statistics." +msgstr "" +"Isto ? conveniente para utilizadores mas pode ser desactivado porque causa " +"um ping autom?tico a www.jalview.org/services/identifiers, o que fica " +"gravado nas estat?sticas de utiliza??o." + +#. Type: boolean +#. Description +#. Translators: "identifiers" or "accessions" are short tokens that may be +#. downloaded from identifiers.org to easily access some biological databases. +#. A bit more info at identifiers.org if needed. +#. Type: boolean +#. Description +#: ../templates:1001 ../templates:5001 +msgid "Individual users can override this setting in their configuration file." +msgstr "" +"Os utilizadores individuais podem sobrepor esta defini??o no seu ficheiro " +"de configura??o." + +#. Type: boolean +#. Description +#: ../templates:2001 +msgid "Automatically display news from jalview.org?" +msgstr "Mostra not?cias automaticamente de jalview.org?" + +#. Type: boolean +#. Description +#: ../templates:2001 +msgid "" +"Jalview can automatically show updates from https://www.jalview.org/feeds/" +"desktop/rss in a popup window." +msgstr "" +"Jalview pode mostrar automaticamente actualiza??es de https://www.jalview.org/" +"feeds/desktop/rss numa janela popup." + +#. Type: boolean +#. Description +#: ../templates:2001 +msgid "" +"The news feed is informative to users but its retrieval pings www.jalview." +"org, which records usage statistics." +msgstr "" +"A feed de not?cias ? informativa para utilizadores mas os seus pings de " +"obten??o a www.jalview.org s?o guardados nas estat?sticas de utiliza??o." + +#. Type: boolean +#. Description +#: ../templates:2001 +msgid "" +"If this is disabled, users may still manually open the news reader. Users " +"can also override this preference in the Preferences window or from their " +"own configuration file." +msgstr "" +"Se isto estiver desactivado, os utilizadores podem ainda abrir manualmente o " +"leitor de not?cias. Os utilizadores tamb?m podem sobrepor esta prefer?ncia " +"na janela Prefer?ncias ou a partir do seu pr?prio ficheiro de configura??o." + +#. Type: boolean +#. Description +#: ../templates:3001 +msgid "Automatically check for questionnaires from jalview.org?" +msgstr "Verificar automaticamente question?rios de jalview.org?" + +#. Type: boolean +#. Description +#: ../templates:3001 +msgid "" +"User questionnaires are posted from time to time on www.jalview.org, and " +"Jalview can automatically query the site to look for them on startup, in " +"order to prompt users to complete them." +msgstr "" +"Question?rios de utilizador s?o postados de tempo em tempo em " +"www.jalview.org, e o Jalview pode questionar o site automaticamente para " +"procurar por eles no arranque. De modo a pedir aos utilizadores que os " +"preencham." + +#. Type: boolean +#. Description +#: ../templates:3001 +msgid "" +"Logs for the questionnaire service are used to record usage statistics, and " +"anonymised cookies are stored in the user's preferences to track whether " +"they have completed the latest questionnaire." +msgstr "" +"Os registos do servi?o de question?rios s?o usados para gravar estat?sticas " +"de utiliza??o, e cookies an?nimos s?o guardados nas prefer?ncias do " +"utilizador para acompanhar se eles preencheram o question?rio mais recente." + +#. Type: boolean +#. Description +#: ../templates:3001 +msgid "" +"Users can enable or disable this query from their own configuration file, or " +"from the Preferences window in the application." +msgstr "" +"Os utilizadores pode activar ou desactivar esta consulta a partir do seu " +"pr?prio ficheiro de configura??o, ou a partir da janela Prefer?ncias na " +"sua aplica??o." + +#. Type: boolean +#. Description +#. Translators: web services are tools for analysis that are located on web +#. servers in order to bring more functionality compared to the standalone +#. software. "discovering" them corresponds to seeing what services are +#. available. +#. The sentence beginning with "Otherwise" means the users can do this discovery +#. from the menu of the software if the administrator has disabled it. +#: ../templates:4001 +msgid "Automatically discover JABA Web Services?" +msgstr "Descobrir automaticamente JABA Web Services?" + +#. Type: boolean +#. Description +#. Translators: web services are tools for analysis that are located on web +#. servers in order to bring more functionality compared to the standalone +#. software. "discovering" them corresponds to seeing what services are +#. available. +#. The sentence beginning with "Otherwise" means the users can do this discovery +#. from the menu of the software if the administrator has disabled it. +#: ../templates:4001 +msgid "" +"The JABAWS system (www.compbio.dundee.ac.uk/jabaws) provides access to a " +"range of third party multiple sequence alignment and analysis tools as web " +"services." +msgstr "" +"O sistema JABAWS (www.compbio.dundee.ac.uk/jabaws) fornece acesso a um " +"n?mero de ferramentas de alinhamento de sequ?ncias m?ltiplas e an?lise de " +"terceiros como servi?os web." + +#. Type: boolean +#. Description +#. Translators: web services are tools for analysis that are located on web +#. servers in order to bring more functionality compared to the standalone +#. software. "discovering" them corresponds to seeing what services are +#. available. +#. The sentence beginning with "Otherwise" means the users can do this discovery +#. from the menu of the software if the administrator has disabled it. +#: ../templates:4001 +msgid "" +"Jalview can automatically query the public (or any other configured) JABAWS " +"services on startup. Otherwise, users will need to initiate discovery with a " +"menu option." +msgstr "" +"Jalview pode automaticamente consultar o servi?o JABAWS (ou qualquer " +"outro configurado) p?blico no arranque. Caso contr?rio, os utilizadores " +"ter?o de iniciar a descoberta com uma op??o no menu." + +#. Type: boolean +#. Description +#. Translators: web services are tools for analysis that are located on web +#. servers in order to bring more functionality compared to the standalone +#. software. "discovering" them corresponds to seeing what services are +#. available. +#. The sentence beginning with "Otherwise" means the users can do this discovery +#. from the menu of the software if the administrator has disabled it. +#: ../templates:4001 +msgid "" +"Users can enable or disable startup discovery from their own configuration " +"file or from the Preferences window in the application." +msgstr "" +"Os utilizadores podem activar ou desactivar a descoberta no arranque a partir " +"do seu pr?prio ficheiro de configura??o, ou a partir da janela Prefer?ncias " +"na sua aplica??o." + +#. Type: boolean +#. Description +#: ../templates:5001 +msgid "Automatically download HTML templates from Github?" +msgstr "Descarregar automaticamente modelos HTML de Github?" + +#. Type: boolean +#. Description +#: ../templates:5001 +msgid "" +"Jalview cam automatically download the latest \"BioJS\" HTML export template " +"from https://github.com/jalview/exporter-templates on startup." +msgstr "" +"Jalview pode descarregar automaticamente o modelo de exporta??o HTML " +"\"BioJS\" mais recente a partir de " +"https://github.com/jalview/exporter-templates no arranque." + +#. Type: boolean +#. Description +#: ../templates:5001 +msgid "" +"This is a convenience for users but can be deactivated as it causes an " +"automatic ping to Github." +msgstr "" +"Isto ? conveniente para utilizadores mas pode ser desactivado porque causa " +"um ping autom?tico ao Github." + ===================================== debian/po/pt_BR.po ===================================== @@ -0,0 +1,239 @@ +# Translation of the jalview package to Brazilian Portuguese. +# Copyright (C) 2021 THE jalview'S COPYRIGHT HOLDER +# This file is distributed under the same license as the jalview package.. +# Tassia Camoes Araujo , 2021. +# +msgid "" +msgstr "" +"Project-Id-Version: jalview\n" +"Report-Msgid-Bugs-To: jalview at packages.debian.org\n" +"POT-Creation-Date: 2021-02-27 21:34+0100\n" +"PO-Revision-Date: 2021-03-11 10:09-0300\n" +"Last-Translator: Tassia Camoes Araujo \n" +"Language-Team: Brazilian Portuguese \n" +"Language: pt_BR\n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" + +#. Type: boolean +#. Description +#. Translators: "identifiers" or "accessions" are short tokens that may be +#. downloaded from identifiers.org to easily access some biological databases. +#. A bit more info at identifiers.org if needed. +#: ../templates:1001 +msgid "Automatically download identifiers from jalview.org?" +msgstr "Baixar identificadores de jalview.org automaticamente?" + +#. Type: boolean +#. Description +#. Translators: "identifiers" or "accessions" are short tokens that may be +#. downloaded from identifiers.org to easily access some biological databases. +#. A bit more info at identifiers.org if needed. +#: ../templates:1001 +msgid "" +"Jalview can automatically download a list of identifiers.org URL templates " +"for viewing accessions from various biological databases." +msgstr "" +"Jalview pode baixar automaticamente uma lista de modelos de URL de " +"identifiers.org para visualizar registros de diversos bancos de dados " +"biol?gicos." + +#. Type: boolean +#. Description +#. Translators: "identifiers" or "accessions" are short tokens that may be +#. downloaded from identifiers.org to easily access some biological databases. +#. A bit more info at identifiers.org if needed. +#: ../templates:1001 +msgid "" +"This is a convenience for users but can be deactivated as it causes an " +"automatic ping to www.jalview.org/services/identifiers, which records usage " +"statistics." +msgstr "" +"Esta ? uma conveni?ncia para usu?rios, mas pode ser desativada visto que " +"causa um ping autom?tico para www.jalview.org/services/identifiers, o qual " +"registra estat?sticas de uso." + +#. Type: boolean +#. Description +#. Translators: "identifiers" or "accessions" are short tokens that may be +#. downloaded from identifiers.org to easily access some biological databases. +#. A bit more info at identifiers.org if needed. +#. Type: boolean +#. Description +#: ../templates:1001 ../templates:5001 +msgid "Individual users can override this setting in their configuration file." +msgstr "" +"Usu?rios podem individualmente anular esta prefer?ncia a partir de seus " +"pr?prios arquivos de configura??o." + +#. Type: boolean +#. Description +#: ../templates:2001 +msgid "Automatically display news from jalview.org?" +msgstr "Exibir not?cias de jalview.org automaticamente?" + +#. Type: boolean +#. Description +#: ../templates:2001 +msgid "" +"Jalview can automatically show updates from https://www.jalview.org/feeds/" +"desktop/rss in a popup window." +msgstr "" +"Jalview pode apresentar automaticamente em uma caixa de di?logo not?cias de " +"https://www.jalview.org/feeds/desktop/rss." + +#. Type: boolean +#. Description +#: ../templates:2001 +msgid "" +"The news feed is informative to users but its retrieval pings www.jalview." +"org, which records usage statistics." +msgstr "" +"O feed de not?cias ? informativo para usu?rios, mas sua coleta pinga www." +"jalview.org, o qual registra estat?sticas de uso." + +#. Type: boolean +#. Description +#: ../templates:2001 +msgid "" +"If this is disabled, users may still manually open the news reader. Users " +"can also override this preference in the Preferences window or from their " +"own configuration file." +msgstr "" +"Se isto for desativado, usu?rios ainda podem abrir o leitor de not?cias " +"manualmente. Usu?rios tamb?m podem anular esta prefer?ncia na janela de " +"Prefer?ncias, ou a partir de seus pr?prios arquivos de configura??o." + +#. Type: boolean +#. Description +#: ../templates:3001 +msgid "Automatically check for questionnaires from jalview.org?" +msgstr "Checar question?rios em jalview.org automaticamente?" + +#. Type: boolean +#. Description +#: ../templates:3001 +msgid "" +"User questionnaires are posted from time to time on www.jalview.org, and " +"Jalview can automatically query the site to look for them on startup, in " +"order to prompt users to complete them." +msgstr "" +"Question?rios de usu?rios s?o publicados em www.jalview.org de tempos em " +"tempos, e Jalview pode solicitar automaticamente ao site que busque por eles " +"na inicializa??o, para alertar usu?rios a respond?-los." + +#. Type: boolean +#. Description +#: ../templates:3001 +msgid "" +"Logs for the questionnaire service are used to record usage statistics, and " +"anonymised cookies are stored in the user's preferences to track whether " +"they have completed the latest questionnaire." +msgstr "" +"Registros do servi?o de question?rio s?o usados para armazenar estat?sticas " +"de uso, e cookies anonimizados s?o guardados nas prefer?ncias do usu?rio " +"para monitorar se o ?ltimo question?rio foi respondido." + +#. Type: boolean +#. Description +#: ../templates:3001 +msgid "" +"Users can enable or disable this query from their own configuration file, or " +"from the Preferences window in the application." +msgstr "" +"Usu?rios podem habilitar ou desabilitar a solicita??o na inicializa??o a " +"partir de seus pr?prios arquivos de configura??o ou a partir da janela de " +"Prefer?ncias na aplica??o." + +#. Type: boolean +#. Description +#. Translators: web services are tools for analysis that are located on web +#. servers in order to bring more functionality compared to the standalone +#. software. "discovering" them corresponds to seeing what services are +#. available. +#. The sentence beginning with "Otherwise" means the users can do this discovery +#. from the menu of the software if the administrator has disabled it. +#: ../templates:4001 +msgid "Automatically discover JABA Web Services?" +msgstr "Descobrir servi?os web JABA automaticamente?" + +#. Type: boolean +#. Description +#. Translators: web services are tools for analysis that are located on web +#. servers in order to bring more functionality compared to the standalone +#. software. "discovering" them corresponds to seeing what services are +#. available. +#. The sentence beginning with "Otherwise" means the users can do this discovery +#. from the menu of the software if the administrator has disabled it. +#: ../templates:4001 +msgid "" +"The JABAWS system (www.compbio.dundee.ac.uk/jabaws) provides access to a " +"range of third party multiple sequence alignment and analysis tools as web " +"services." +msgstr "" +"O sistema JABAWS (www.compbio.dundee.ac.uk/jabaws) prov? acesso a um " +"conjunto de ferramentas de terceiros para an?lise e alinhamento m?ltiplo " +"de sequ?ncia como servi?os web." + +#. Type: boolean +#. Description +#. Translators: web services are tools for analysis that are located on web +#. servers in order to bring more functionality compared to the standalone +#. software. "discovering" them corresponds to seeing what services are +#. available. +#. The sentence beginning with "Otherwise" means the users can do this discovery +#. from the menu of the software if the administrator has disabled it. +#: ../templates:4001 +msgid "" +"Jalview can automatically query the public (or any other configured) JABAWS " +"services on startup. Otherwise, users will need to initiate discovery with a " +"menu option." +msgstr "" +"Na inicializa??o, Jalview pode automaticamente consultar servi?os JABAWS " +"p?blicos (ou qualquer outro configurado). Caso contr?rio, usu?rios ter?o que " +"iniciar a descoberta atrav?s do menu." + +#. Type: boolean +#. Description +#. Translators: web services are tools for analysis that are located on web +#. servers in order to bring more functionality compared to the standalone +#. software. "discovering" them corresponds to seeing what services are +#. available. +#. The sentence beginning with "Otherwise" means the users can do this discovery +#. from the menu of the software if the administrator has disabled it. +#: ../templates:4001 +msgid "" +"Users can enable or disable startup discovery from their own configuration " +"file or from the Preferences window in the application." +msgstr "" +"Usu?rios podem habilitar ou desabilitar a descoberta na inicializa??o a " +"partir de seus pr?prios arquivos de configura??o ou a partir da janela de " +"Prefer?ncias na aplica??o." + +#. Type: boolean +#. Description +#: ../templates:5001 +msgid "Automatically download HTML templates from Github?" +msgstr "Baixar modelos HTML do Github automaticamente?" + +#. Type: boolean +#. Description +#: ../templates:5001 +msgid "" +"Jalview cam automatically download the latest \"BioJS\" HTML export template " +"from https://github.com/jalview/exporter-templates on startup." +msgstr "" +"Na inicializa??o, Jalview pode baixar automaticamente os modelos HTML " +"\"BioJS\" mais recentes de https://github.com/jalview/exporter-templates." + +#. Type: boolean +#. Description +#: ../templates:5001 +msgid "" +"This is a convenience for users but can be deactivated as it causes an " +"automatic ping to Github." +msgstr "" +"Esta ? uma conveni?ncia para usu?rios, mas pode ser desativada visto que " +"causa um ping autom?tico para o GitHub." ===================================== debian/tests/someCommandLineInvocations ===================================== @@ -2,7 +2,7 @@ # autopkgtest check: take an example input file and have outputs in different # formats, to be compared with reference ones.. # (C) 2020-2021 Pierre Gruet. -# Author: Pierre Gruet +# Author: Pierre Gruet set -e View it on GitLab: https://salsa.debian.org/java-team/jalview/-/compare/ef7d23524027150c8423e18ac5c9a36214fa0bcb...020ffe31901b28115c2de28eadc2a00f0031398f -- View it on GitLab: https://salsa.debian.org/java-team/jalview/-/compare/ef7d23524027150c8423e18ac5c9a36214fa0bcb...020ffe31901b28115c2de28eadc2a00f0031398f You're receiving this email because of your account on salsa.debian.org. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gitlab at salsa.debian.org Thu Mar 11 21:34:54 2021 From: gitlab at salsa.debian.org (Pierre Gruet) Date: Thu, 11 Mar 2021 21:34:54 +0000 Subject: [Git][java-team/jalview] Pushed new tag debian/2.11.1.3+dfsg2-4 Message-ID: <604a8cfe45a37_1b4584d98807784cb@godard.mail> Pierre Gruet pushed new tag debian/2.11.1.3+dfsg2-4 at Debian Java Maintainers / jalview -- View it on GitLab: https://salsa.debian.org/java-team/jalview/-/tree/debian/2.11.1.3+dfsg2-4 You're receiving this email because of your account on salsa.debian.org. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gitlab at salsa.debian.org Thu Mar 11 21:35:00 2021 From: gitlab at salsa.debian.org (Pierre Gruet) Date: Thu, 11 Mar 2021 21:35:00 +0000 Subject: [Git][java-team/jalview][master] 3 commits: Correcting a typo in d/templates and unfuzzying translations accordingly Message-ID: <604a8d04f3e5e_1b4588505407787c@godard.mail> Pierre Gruet pushed to branch master at Debian Java Maintainers / jalview Commits: 45c1d179 by Pierre Gruet at 2021-03-11T21:25:21+01:00 Correcting a typo in d/templates and unfuzzying translations accordingly - - - - - 7535717a by Pierre Gruet at 2021-03-11T21:48:51+01:00 Updating changelog - - - - - 6cb38f91 by Pierre Gruet at 2021-03-11T22:34:39+01:00 Upload to unstable - - - - - 8 changed files: - debian/changelog - debian/po/de.po - debian/po/gl.po - debian/po/nl.po - debian/po/pt.po - debian/po/pt_BR.po - debian/po/templates.pot - debian/templates Changes: ===================================== debian/changelog ===================================== @@ -1,3 +1,14 @@ +jalview (2.11.1.3+dfsg2-4) unstable; urgency=medium + + * Building the .build_properties file using dpkg-parsechangelog -STimestamp + * Updating the description in d/control and the d/templates file for debconf + after debian-l10n-english review (Closes: #983580) + * Adding translations of debconf questionnaire in Brazilian Portuguese, + Dutch, Galician, German, Portuguese + (Closes: #983579, #984822, #984935, #984963) + + -- Pierre Gruet Thu, 11 Mar 2021 21:49:35 +0100 + jalview (2.11.1.3+dfsg2-3) unstable; urgency=medium * Writing the .build_properties file needed in the jar ===================================== debian/po/de.po ===================================== @@ -76,21 +76,22 @@ msgstr "Neuigkeiten von jalview.org automatisch anzeigen?" #. Description #: ../templates:2001 msgid "" -"Jalview can automatically show updates from https://www.jalview.org/feeds/" -"desktop/rss in a popup window." +"Jalview can automatically show updates from " +"https://www.jalview.org/feeds/desktop/rss in a popup window." msgstr "" -"Jalview kann automatisch Aktualisierungen von https://www.jalview.org/feeds/" -"desktop/rss in einem aufklappenden Fenster anzeigen." +"Jalview kann automatisch Aktualisierungen von " +"https://www.jalview.org/feeds/desktop/rss in einem aufklappenden Fenster " +"anzeigen." #. Type: boolean #. Description #: ../templates:2001 msgid "" -"The news feed is informative to users but its retrieval pings www.jalview." -"org, which records usage statistics." +"The news feed is informative to users but its retrieval pings " +"www.jalview.org, which records usage statistics." msgstr "" -"Der Neuigkeiten-Feed ist f?r Benutzer informativ, aber beim Abruf wird www." -"jalview.org kontaktiert, wo Benutzungsstatistiken aufgezeichnet werden." +"Der Neuigkeiten-Feed ist f?r Benutzer informativ, aber beim Abruf wird " +"www.jalview.org kontaktiert, wo Benutzungsstatistiken aufgezeichnet werden." #. Type: boolean #. Description @@ -155,7 +156,9 @@ msgstr "" #. from the menu of the software if the administrator has disabled it. #: ../templates:4001 msgid "Automatically discover JABA Web Services?" -msgstr "Automatisch JABA-Web-Dienste ermittelnAutomatisch JABA-Web-Dienste ermitteln??" +msgstr "" +"Automatisch JABA-Web-Dienste ermittelnAutomatisch JABA-Web-Dienste " +"ermitteln??" #. Type: boolean #. Description @@ -221,7 +224,7 @@ msgstr "HTML-Vorlagen von Github automatisch herunterladen?" #. Description #: ../templates:5001 msgid "" -"Jalview cam automatically download the latest \"BioJS\" HTML export template " +"Jalview can automatically download the latest \"BioJS\" HTML export template " "from https://github.com/jalview/exporter-templates on startup." msgstr "" "Jalview kann beim Starten automatisch die neuste ?BioJS?-HTML-Exportvorlage " ===================================== debian/po/gl.po ===================================== @@ -9,14 +9,14 @@ msgstr "" "Report-Msgid-Bugs-To: jalview at packages.debian.org\n" "POT-Creation-Date: 2021-02-27 21:34+0100\n" "PO-Revision-Date: 2021-03-01 12:14+0100\n" +"Last-Translator: Pablo \n" "Language-Team: Galician \n" +"Language: gl\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" "X-Generator: Poedit 2.2.1\n" -"Last-Translator: Pablo \n" "Plural-Forms: nplurals=2; plural=(n != 1);\n" -"Language: gl\n" #. Type: boolean #. Description @@ -79,18 +79,18 @@ msgstr "Amosar novas de jalview.org automaticamente?" #. Description #: ../templates:2001 msgid "" -"Jalview can automatically show updates from https://www.jalview.org/feeds/" -"desktop/rss in a popup window." +"Jalview can automatically show updates from " +"https://www.jalview.org/feeds/desktop/rss in a popup window." msgstr "" -"Jalview pode amosar autom?ticamente actualizaci?ns de https://www.jalview." -"org/feeds/desktop/rss nunha xanela sa?nte." +"Jalview pode amosar autom?ticamente actualizaci?ns de " +"https://www.jalview.org/feeds/desktop/rss nunha xanela sa?nte." #. Type: boolean #. Description #: ../templates:2001 msgid "" -"The news feed is informative to users but its retrieval pings www.jalview." -"org, which records usage statistics." +"The news feed is informative to users but its retrieval pings " +"www.jalview.org, which records usage statistics." msgstr "" "Para os usuarios ? instrutivo recibir as ?ltimas novas, pero obtelas implica " "enviar petici?ns a www.jalview.org, que as rexistra para as estad?sticas de " @@ -222,11 +222,12 @@ msgstr "Descargar os modelos HTML dende Github automaticamente?" #. Description #: ../templates:5001 msgid "" -"Jalview cam automatically download the latest \"BioJS\" HTML export template " +"Jalview can automatically download the latest \"BioJS\" HTML export template " "from https://github.com/jalview/exporter-templates on startup." msgstr "" -"Jalview pode descargar automaticamente o ?ltimo modelo HTML exportado \"BioJS" -"\" dende https://github.com/jalview/exporter-templates durante o arranque." +"Jalview pode descargar automaticamente o ?ltimo modelo HTML exportado " +"\"BioJS\" dende https://github.com/jalview/exporter-templates durante o " +"arranque." #. Type: boolean #. Description ===================================== debian/po/nl.po ===================================== @@ -8,7 +8,7 @@ msgid "" msgstr "" "Project-Id-Version: jalview_2.11.1.3+dfsg2-3\n" "Report-Msgid-Bugs-To: jalview at packages.debian.org\n" -"POT-Creation-Date: 2021-02-22 17:20+0100\n" +"POT-Creation-Date: 2021-02-27 21:34+0100\n" "PO-Revision-Date: 2021-02-26 21:28+0100\n" "Last-Translator: Frans Spiesschaert \n" "Language-Team: Debian Dutch l10n Team \n" @@ -21,14 +21,22 @@ msgstr "" #. Type: boolean #. Description +#. Translators: "identifiers" or "accessions" are short tokens that may be +#. downloaded from identifiers.org to easily access some biological databases. +#. A bit more info at identifiers.org if needed. #: ../templates:1001 -msgid "Allow downloading identifiers automatically from www.jalview.org?" +#, fuzzy +#| msgid "Allow downloading identifiers automatically from www.jalview.org?" +msgid "Automatically download identifiers from jalview.org?" msgstr "" "Het automatisch downloaden van identificatiegegevens van www.jalview.org " "toestaan?" #. Type: boolean #. Description +#. Translators: "identifiers" or "accessions" are short tokens that may be +#. downloaded from identifiers.org to easily access some biological databases. +#. A bit more info at identifiers.org if needed. #: ../templates:1001 msgid "" "Jalview can automatically download a list of identifiers.org URL templates " @@ -40,6 +48,9 @@ msgstr "" #. Type: boolean #. Description +#. Translators: "identifiers" or "accessions" are short tokens that may be +#. downloaded from identifiers.org to easily access some biological databases. +#. A bit more info at identifiers.org if needed. #: ../templates:1001 msgid "" "This is a convenience for users but can be deactivated as it causes an " @@ -52,9 +63,16 @@ msgstr "" #. Type: boolean #. Description -#: ../templates:1001 -msgid "" -"Users can only override this preference from their own configuration file." +#. Translators: "identifiers" or "accessions" are short tokens that may be +#. downloaded from identifiers.org to easily access some biological databases. +#. A bit more info at identifiers.org if needed. +#. Type: boolean +#. Description +#: ../templates:1001 ../templates:5001 +#, fuzzy +#| msgid "" +#| "Users can only override this preference from their own configuration file." +msgid "Individual users can override this setting in their configuration file." msgstr "" "Gebruikers kunnen deze voorkeur alleen opheffen in hun eigen " "configuratiebestand." @@ -62,25 +80,35 @@ msgstr "" #. Type: boolean #. Description #: ../templates:2001 -msgid "Allow automatic display of news from the Jalview website?" +#, fuzzy +#| msgid "Allow automatic display of news from the Jalview website?" +msgid "Automatically display news from jalview.org?" msgstr "Automatische weergave van nieuws van de Jalview-website toestaan?" #. Type: boolean #. Description #: ../templates:2001 +#, fuzzy +#| msgid "" +#| "Users will be automatically shown updates from https://www.jalview.org/" +#| "feeds/desktop/rss in a popup window." msgid "" -"Users will be automatically shown updates from https://www.jalview.org/" -"feeds/desktop/rss in a popup window." +"Jalview can automatically show updates from " +"https://www.jalview.org/feeds/desktop/rss in a popup window." msgstr "" -"Gebruikers krijgen automatisch updates van https://www.jalview.org/feeds/" -"desktop/rss te zien in een pop-upvenster." +"Gebruikers krijgen automatisch updates van " +"https://www.jalview.org/feeds/desktop/rss te zien in een pop-upvenster." #. Type: boolean #. Description #: ../templates:2001 +#, fuzzy +#| msgid "" +#| "The news feed is informative to users but its retrieval pings www.jalview." +#| "org, which records usage statistics." msgid "" -"The news feed is informative to users but its retrieval pings www.jalview." -"org, which records usage statistics." +"The news feed is informative to users but its retrieval pings " +"www.jalview.org, which records usage statistics." msgstr "" "De nieuwsstroom is informatief voor gebruikers, maar het ophalen ervan pingt " "www.jalview.org, waar gebruiksstatistieken bijgehouden worden." @@ -100,8 +128,8 @@ msgstr "" #. Type: boolean #. Description #: ../templates:3001 -msgid "Allow prompts from Jalview's website about a user questionnaire?" -msgstr "Gebruikersvragenlijsten van de website van Jalview toelaten?" +msgid "Automatically check for questionnaires from jalview.org?" +msgstr "" #. Type: boolean #. Description @@ -141,13 +169,24 @@ msgstr "" #. Type: boolean #. Description +#. Translators: web services are tools for analysis that are located on web +#. servers in order to bring more functionality compared to the standalone +#. software. "discovering" them corresponds to seeing what services are +#. available. +#. The sentence beginning with "Otherwise" means the users can do this discovery +#. from the menu of the software if the administrator has disabled it. #: ../templates:4001 -msgid "Allow discovery of alignment and analysis web services at startup?" +msgid "Automatically discover JABA Web Services?" msgstr "" -"Webdiensten voor uitlijning en analyse laten opsporen bij het opstarten?" #. Type: boolean #. Description +#. Translators: web services are tools for analysis that are located on web +#. servers in order to bring more functionality compared to the standalone +#. software. "discovering" them corresponds to seeing what services are +#. available. +#. The sentence beginning with "Otherwise" means the users can do this discovery +#. from the menu of the software if the administrator has disabled it. #: ../templates:4001 msgid "" "The JABAWS system (www.compbio.dundee.ac.uk/jabaws) provides access to a " @@ -160,18 +199,35 @@ msgstr "" #. Type: boolean #. Description +#. Translators: web services are tools for analysis that are located on web +#. servers in order to bring more functionality compared to the standalone +#. software. "discovering" them corresponds to seeing what services are +#. available. +#. The sentence beginning with "Otherwise" means the users can do this discovery +#. from the menu of the software if the administrator has disabled it. #: ../templates:4001 +#, fuzzy +#| msgid "" +#| "Jalview can automatically query the public (or any other configured) " +#| "JABAWS services on start-up. Otherwise, they will need to initiate " +#| "discovery with a menu option." msgid "" "Jalview can automatically query the public (or any other configured) JABAWS " -"services on start-up. Otherwise, they will need to initiate discovery with a " +"services on startup. Otherwise, users will need to initiate discovery with a " "menu option." msgstr "" -"Jalview kan automatisch de openbare (en alle andere geconfigureerde) JABAWS-" -"diensten opsporen bij het opstarten. Anders moet dit zoekproces met een " -"menuoptie gestart worden." +"Jalview kan automatisch de openbare (en alle andere geconfigureerde) " +"JABAWS-diensten opsporen bij het opstarten. Anders moet dit zoekproces met " +"een menuoptie gestart worden." #. Type: boolean #. Description +#. Translators: web services are tools for analysis that are located on web +#. servers in order to bring more functionality compared to the standalone +#. software. "discovering" them corresponds to seeing what services are +#. available. +#. The sentence beginning with "Otherwise" means the users can do this discovery +#. from the menu of the software if the administrator has disabled it. #: ../templates:4001 msgid "" "Users can enable or disable startup discovery from their own configuration " @@ -184,25 +240,50 @@ msgstr "" #. Type: boolean #. Description #: ../templates:5001 -msgid "Allow downloading HTML templates automatically from Github?" +#, fuzzy +#| msgid "Allow downloading HTML templates automatically from Github?" +msgid "Automatically download HTML templates from Github?" msgstr "Het automatisch downloaden van HTML-sjablonen van Github toestaan?" #. Type: boolean #. Description #: ../templates:5001 +#, fuzzy +#| msgid "" +#| "Jalview automatically downloads the latest 'BioJS' HTML export template " +#| "from https://github.com/jalview/exporter-templates on startup." msgid "" -"Jalview automatically downloads the latest 'BioJS' HTML export template from " -"https://github.com/jalview/exporter-templates on startup." +"Jalview can automatically download the latest \"BioJS\" HTML export template " +"from https://github.com/jalview/exporter-templates on startup." msgstr "" -"Jalview downloadt bij het opstarten automatisch het recentste 'BioJS' HTML-" -"exportsjabloon van https://github.com/jalview/exporter-templates." +"Jalview downloadt bij het opstarten automatisch het recentste 'BioJS' " +"HTML-exportsjabloon van https://github.com/jalview/exporter-templates." #. Type: boolean #. Description #: ../templates:5001 +#, fuzzy +#| msgid "" +#| "This is a convenience for users but can be deactivated as it causes an " +#| "automatic ping to www.jalview.org/services/identifiers, which records " +#| "usage statistics." msgid "" -"Users can only enable or disable this feature from their own configuration " -"file." +"This is a convenience for users but can be deactivated as it causes an " +"automatic ping to Github." msgstr "" -"Gebruikers kunnen deze functie enkel in hun eigen configuratiebestand in- of " -"uitschakelen." +"Dit is handig voor gebruikers, maar kan worden uitgeschakeld omdat het een " +"automatische ping veroorzaakt naar www.jalview.org/services/identifiers, " +"waar gebruiksstatistieken geregistreerd worden." +#~ msgid "Allow prompts from Jalview's website about a user questionnaire?" +#~ msgstr "Gebruikersvragenlijsten van de website van Jalview toelaten?" + +#~ msgid "Allow discovery of alignment and analysis web services at startup?" +#~ msgstr "" +#~ "Webdiensten voor uitlijning en analyse laten opsporen bij het opstarten?" + +#~ msgid "" +#~ "Users can only enable or disable this feature from their own " +#~ "configuration file." +#~ msgstr "" +#~ "Gebruikers kunnen deze functie enkel in hun eigen configuratiebestand in- " +#~ "of uitschakelen." ===================================== debian/po/pt.po ===================================== @@ -66,8 +66,8 @@ msgstr "" #: ../templates:1001 ../templates:5001 msgid "Individual users can override this setting in their configuration file." msgstr "" -"Os utilizadores individuais podem sobrepor esta defini??o no seu ficheiro " -"de configura??o." +"Os utilizadores individuais podem sobrepor esta defini??o no seu ficheiro de " +"configura??o." #. Type: boolean #. Description @@ -79,18 +79,18 @@ msgstr "Mostra not?cias automaticamente de jalview.org?" #. Description #: ../templates:2001 msgid "" -"Jalview can automatically show updates from https://www.jalview.org/feeds/" -"desktop/rss in a popup window." +"Jalview can automatically show updates from " +"https://www.jalview.org/feeds/desktop/rss in a popup window." msgstr "" -"Jalview pode mostrar automaticamente actualiza??es de https://www.jalview.org/" -"feeds/desktop/rss numa janela popup." +"Jalview pode mostrar automaticamente actualiza??es de " +"https://www.jalview.org/feeds/desktop/rss numa janela popup." #. Type: boolean #. Description #: ../templates:2001 msgid "" -"The news feed is informative to users but its retrieval pings www.jalview." -"org, which records usage statistics." +"The news feed is informative to users but its retrieval pings " +"www.jalview.org, which records usage statistics." msgstr "" "A feed de not?cias ? informativa para utilizadores mas os seus pings de " "obten??o a www.jalview.org s?o guardados nas estat?sticas de utiliza??o." @@ -146,8 +146,8 @@ msgid "" "from the Preferences window in the application." msgstr "" "Os utilizadores pode activar ou desactivar esta consulta a partir do seu " -"pr?prio ficheiro de configura??o, ou a partir da janela Prefer?ncias na " -"sua aplica??o." +"pr?prio ficheiro de configura??o, ou a partir da janela Prefer?ncias na sua " +"aplica??o." #. Type: boolean #. Description @@ -193,9 +193,9 @@ msgid "" "services on startup. Otherwise, users will need to initiate discovery with a " "menu option." msgstr "" -"Jalview pode automaticamente consultar o servi?o JABAWS (ou qualquer " -"outro configurado) p?blico no arranque. Caso contr?rio, os utilizadores " -"ter?o de iniciar a descoberta com uma op??o no menu." +"Jalview pode automaticamente consultar o servi?o JABAWS (ou qualquer outro " +"configurado) p?blico no arranque. Caso contr?rio, os utilizadores ter?o de " +"iniciar a descoberta com uma op??o no menu." #. Type: boolean #. Description @@ -210,9 +210,9 @@ msgid "" "Users can enable or disable startup discovery from their own configuration " "file or from the Preferences window in the application." msgstr "" -"Os utilizadores podem activar ou desactivar a descoberta no arranque a partir " -"do seu pr?prio ficheiro de configura??o, ou a partir da janela Prefer?ncias " -"na sua aplica??o." +"Os utilizadores podem activar ou desactivar a descoberta no arranque a " +"partir do seu pr?prio ficheiro de configura??o, ou a partir da janela " +"Prefer?ncias na sua aplica??o." #. Type: boolean #. Description @@ -224,7 +224,7 @@ msgstr "Descarregar automaticamente modelos HTML de Github?" #. Description #: ../templates:5001 msgid "" -"Jalview cam automatically download the latest \"BioJS\" HTML export template " +"Jalview can automatically download the latest \"BioJS\" HTML export template " "from https://github.com/jalview/exporter-templates on startup." msgstr "" "Jalview pode descarregar automaticamente o modelo de exporta??o HTML " @@ -240,4 +240,3 @@ msgid "" msgstr "" "Isto ? conveniente para utilizadores mas pode ser desactivado porque causa " "um ping autom?tico ao Github." - ===================================== debian/po/pt_BR.po ===================================== @@ -10,8 +10,8 @@ msgstr "" "POT-Creation-Date: 2021-02-27 21:34+0100\n" "PO-Revision-Date: 2021-03-11 10:09-0300\n" "Last-Translator: Tassia Camoes Araujo \n" -"Language-Team: Brazilian Portuguese \n" +"Language-Team: Brazilian Portuguese " +"\n" "Language: pt_BR\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" @@ -78,8 +78,8 @@ msgstr "Exibir not?cias de jalview.org automaticamente?" #. Description #: ../templates:2001 msgid "" -"Jalview can automatically show updates from https://www.jalview.org/feeds/" -"desktop/rss in a popup window." +"Jalview can automatically show updates from " +"https://www.jalview.org/feeds/desktop/rss in a popup window." msgstr "" "Jalview pode apresentar automaticamente em uma caixa de di?logo not?cias de " "https://www.jalview.org/feeds/desktop/rss." @@ -88,11 +88,11 @@ msgstr "" #. Description #: ../templates:2001 msgid "" -"The news feed is informative to users but its retrieval pings www.jalview." -"org, which records usage statistics." +"The news feed is informative to users but its retrieval pings " +"www.jalview.org, which records usage statistics." msgstr "" -"O feed de not?cias ? informativo para usu?rios, mas sua coleta pinga www." -"jalview.org, o qual registra estat?sticas de uso." +"O feed de not?cias ? informativo para usu?rios, mas sua coleta pinga " +"www.jalview.org, o qual registra estat?sticas de uso." #. Type: boolean #. Description @@ -174,8 +174,8 @@ msgid "" "services." msgstr "" "O sistema JABAWS (www.compbio.dundee.ac.uk/jabaws) prov? acesso a um " -"conjunto de ferramentas de terceiros para an?lise e alinhamento m?ltiplo " -"de sequ?ncia como servi?os web." +"conjunto de ferramentas de terceiros para an?lise e alinhamento m?ltiplo de " +"sequ?ncia como servi?os web." #. Type: boolean #. Description @@ -222,7 +222,7 @@ msgstr "Baixar modelos HTML do Github automaticamente?" #. Description #: ../templates:5001 msgid "" -"Jalview cam automatically download the latest \"BioJS\" HTML export template " +"Jalview can automatically download the latest \"BioJS\" HTML export template " "from https://github.com/jalview/exporter-templates on startup." msgstr "" "Na inicializa??o, Jalview pode baixar automaticamente os modelos HTML " ===================================== debian/po/templates.pot ===================================== @@ -8,7 +8,7 @@ msgid "" msgstr "" "Project-Id-Version: jalview\n" "Report-Msgid-Bugs-To: jalview at packages.debian.org\n" -"POT-Creation-Date: 2021-02-27 21:34+0100\n" +"POT-Creation-Date: 2021-03-11 21:18+0100\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "Last-Translator: FULL NAME \n" "Language-Team: LANGUAGE \n" @@ -189,7 +189,7 @@ msgstr "" #. Description #: ../templates:5001 msgid "" -"Jalview cam automatically download the latest \"BioJS\" HTML export template " +"Jalview can automatically download the latest \"BioJS\" HTML export template " "from https://github.com/jalview/exporter-templates on startup." msgstr "" ===================================== debian/templates ===================================== @@ -67,7 +67,7 @@ Template: jalview/htmltemplates Type: boolean Default: true _Description: Automatically download HTML templates from Github? - Jalview cam automatically download the latest "BioJS" HTML export template + Jalview can automatically download the latest "BioJS" HTML export template from https://github.com/jalview/exporter-templates on startup. . This is a convenience for users but can be deactivated as it causes an View it on GitLab: https://salsa.debian.org/java-team/jalview/-/compare/020ffe31901b28115c2de28eadc2a00f0031398f...6cb38f915bf98bc1742e57c51ad9c279736c8e59 -- View it on GitLab: https://salsa.debian.org/java-team/jalview/-/compare/020ffe31901b28115c2de28eadc2a00f0031398f...6cb38f915bf98bc1742e57c51ad9c279736c8e59 You're receiving this email because of your account on salsa.debian.org. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gitlab at salsa.debian.org Sat Mar 13 21:50:01 2021 From: gitlab at salsa.debian.org (Markus Koschany) Date: Sat, 13 Mar 2021 21:50:01 +0000 Subject: [Git][java-team/undertow][pristine-tar] pristine-tar data for undertow_2.2.5.orig.tar.gz Message-ID: <604d3389b0f1_1b45bb87800100328@godard.mail> Markus Koschany pushed to branch pristine-tar at Debian Java Maintainers / undertow Commits: 37371f95 by Markus Koschany at 2021-03-13T22:38:11+01:00 pristine-tar data for undertow_2.2.5.orig.tar.gz - - - - - 2 changed files: - + undertow_2.2.5.orig.tar.gz.delta - + undertow_2.2.5.orig.tar.gz.id Changes: ===================================== undertow_2.2.5.orig.tar.gz.delta ===================================== Binary files /dev/null and b/undertow_2.2.5.orig.tar.gz.delta differ ===================================== undertow_2.2.5.orig.tar.gz.id ===================================== @@ -0,0 +1 @@ +8669a12a33c2c16767809f9b29b5ca59834e4706 View it on GitLab: https://salsa.debian.org/java-team/undertow/-/commit/37371f951dc0755811f1d35abed3049c33a8f4de -- View it on GitLab: https://salsa.debian.org/java-team/undertow/-/commit/37371f951dc0755811f1d35abed3049c33a8f4de You're receiving this email because of your account on salsa.debian.org. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gitlab at salsa.debian.org Sat Mar 13 21:50:06 2021 From: gitlab at salsa.debian.org (Markus Koschany) Date: Sat, 13 Mar 2021 21:50:06 +0000 Subject: [Git][java-team/undertow] Pushed new tag debian/2.2.5-1 Message-ID: <604d338e22c1a_1b45bb8780010036bd@godard.mail> Markus Koschany pushed new tag debian/2.2.5-1 at Debian Java Maintainers / undertow -- View it on GitLab: https://salsa.debian.org/java-team/undertow/-/tree/debian/2.2.5-1 You're receiving this email because of your account on salsa.debian.org. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gitlab at salsa.debian.org Sat Mar 13 21:50:08 2021 From: gitlab at salsa.debian.org (Markus Koschany) Date: Sat, 13 Mar 2021 21:50:08 +0000 Subject: [Git][java-team/undertow] Pushed new tag upstream/2.2.5 Message-ID: <604d33901f557_1b459e8a0f4100396d@godard.mail> Markus Koschany pushed new tag upstream/2.2.5 at Debian Java Maintainers / undertow -- View it on GitLab: https://salsa.debian.org/java-team/undertow/-/tree/upstream/2.2.5 You're receiving this email because of your account on salsa.debian.org. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gitlab at salsa.debian.org Sat Mar 13 21:50:10 2021 From: gitlab at salsa.debian.org (Markus Koschany) Date: Sat, 13 Mar 2021 21:50:10 +0000 Subject: [Git][java-team/undertow][master] 3 commits: New upstream version 2.2.5 Message-ID: <604d33921bb6a_1b45aab35d81004155@godard.mail> Markus Koschany pushed to branch master at Debian Java Maintainers / undertow Commits: 4bf240b6 by Markus Koschany at 2021-03-13T22:38:05+01:00 New upstream version 2.2.5 - - - - - 9155462c by Markus Koschany at 2021-03-13T22:38:15+01:00 Update upstream source from tag 'upstream/2.2.5' Update to upstream version '2.2.5' with Debian dir 78499ed817880f19b576924dc94db2ee3c695f22 - - - - - 60043e2b by Markus Koschany at 2021-03-13T22:39:05+01:00 Update changelog - - - - - 24 changed files: - benchmarks/pom.xml - core/pom.xml - core/src/main/java/io/undertow/Undertow.java - core/src/main/java/io/undertow/UndertowLogger.java - core/src/main/java/io/undertow/protocols/ssl/SslConduit.java - core/src/main/java/io/undertow/protocols/ssl/UndertowAcceptingSslChannel.java - core/src/main/java/io/undertow/protocols/ssl/UndertowSslConnection.java - core/src/main/java/io/undertow/protocols/ssl/UndertowXnioSsl.java - core/src/main/java/io/undertow/server/handlers/PathHandler.java - core/src/main/java/io/undertow/server/protocol/framed/AbstractFramedChannel.java - core/src/main/java/io/undertow/util/PathMatcher.java - + core/src/test/java/io/undertow/server/ssl/DelegatedTaskExecutorTestCase.java - coverage-report/pom.xml - debian/changelog - dist/pom.xml - examples/pom.xml - + jakartaee9/deploy-jakartaee9-artifacts.sh - jakartaee9/pom.xml - + karaf/pom.xml - + karaf/src/main/resources/features.xml - parser-generator/pom.xml - pom.xml - servlet/pom.xml - websockets-jsr/pom.xml Changes: ===================================== benchmarks/pom.xml ===================================== @@ -25,11 +25,11 @@ io.undertow undertow-parent - 2.2.4.Final + 2.2.5.Final undertow-benchmarks - 2.2.4.Final + 2.2.5.Final Undertow Benchmarks ===================================== core/pom.xml ===================================== @@ -25,12 +25,12 @@ io.undertow undertow-parent - 2.2.4.Final + 2.2.5.Final io.undertow undertow-core - 2.2.4.Final + 2.2.5.Final Undertow Core @@ -174,6 +174,32 @@ + + org.apache.felix + maven-bundle-plugin + + + generate-manifest + + manifest + + + + + io.undertow.*;version=${project.version};-noimport:=true + + + org.eclipse.jetty.*;resolution:=optional;version="[1,2)", + !org.xnio._private, + org.xnio.*;version="[3.8,4)", + !., !sun.*, + * + + + + + + org.apache.maven.plugins maven-jar-plugin @@ -188,6 +214,11 @@ + + + ${project.build.outputDirectory}/META-INF/MANIFEST.MF + + org.bitstrings.maven.plugins ===================================== core/src/main/java/io/undertow/Undertow.java ===================================== @@ -54,6 +54,7 @@ import java.util.ArrayList; import java.util.Collections; import java.util.List; import java.util.concurrent.CountDownLatch; +import java.util.concurrent.Executor; import java.util.concurrent.TimeUnit; /** @@ -88,6 +89,7 @@ public final class Undertow { private ByteBufferPool byteBufferPool; private XnioWorker worker; + private Executor sslEngineDelegatedTaskExecutor; private List> channels; private Xnio xnio; @@ -100,6 +102,7 @@ public final class Undertow { this.listeners.addAll(builder.listeners); this.rootHandler = builder.handler; this.worker = builder.worker; + this.sslEngineDelegatedTaskExecutor = builder.sslEngineDelegatedTaskExecutor; this.internalWorker = builder.worker == null; this.workerOptions = builder.workerOptions.getMap(); this.socketOptions = builder.socketOptions.getMap(); @@ -213,14 +216,18 @@ public final class Undertow { UndertowXnioSsl xnioSsl; if (listener.sslContext != null) { - xnioSsl = new UndertowXnioSsl(xnio, OptionMap.create(Options.USE_DIRECT_BUFFERS, true), listener.sslContext); + xnioSsl = new UndertowXnioSsl(xnio, OptionMap.create(Options.USE_DIRECT_BUFFERS, true), listener.sslContext, sslEngineDelegatedTaskExecutor); } else { OptionMap.Builder builder = OptionMap.builder() .addAll(socketOptionsWithOverrides); if (!socketOptionsWithOverrides.contains(Options.SSL_PROTOCOL)) { builder.set(Options.SSL_PROTOCOL, "TLSv1.2"); } - xnioSsl = new UndertowXnioSsl(xnio, OptionMap.create(Options.USE_DIRECT_BUFFERS, true), JsseSslUtils.createSSLContext(listener.keyManagers, listener.trustManagers, new SecureRandom(), builder.getMap())); + xnioSsl = new UndertowXnioSsl( + xnio, + OptionMap.create(Options.USE_DIRECT_BUFFERS, true), + JsseSslUtils.createSSLContext(listener.keyManagers, listener.trustManagers, new SecureRandom(), builder.getMap()), + sslEngineDelegatedTaskExecutor); } AcceptingChannel sslServer; @@ -420,6 +427,7 @@ public final class Undertow { private final List listeners = new ArrayList<>(); private HttpHandler handler; private XnioWorker worker; + private Executor sslEngineDelegatedTaskExecutor; private ByteBufferPool byteBufferPool; private final OptionMap.Builder workerOptions = OptionMap.builder(); @@ -571,6 +579,11 @@ public final class Undertow { return this; } + public Builder setSslEngineDelegatedTaskExecutor(Executor sslEngineDelegatedTaskExecutor) { + this.sslEngineDelegatedTaskExecutor = sslEngineDelegatedTaskExecutor; + return this; + } + public Builder setByteBufferPool(ByteBufferPool byteBufferPool) { this.byteBufferPool = byteBufferPool; return this; ===================================== core/src/main/java/io/undertow/UndertowLogger.java ===================================== @@ -43,6 +43,7 @@ import java.net.URI; import java.nio.file.Path; import java.util.Date; import java.util.List; +import java.util.concurrent.RejectedExecutionException; import static org.jboss.logging.Logger.Level.DEBUG; import static org.jboss.logging.Logger.Level.ERROR; @@ -434,4 +435,8 @@ public interface UndertowLogger extends BasicLogger { @LogMessage(level = DEBUG) @Message(id = 5094, value = "Blocking write timed out") void blockingWriteTimedOut(@Cause WriteTimeoutException rte); + + @LogMessage(level = DEBUG) + @Message(id = 5095, value = "SSLEngine delegated task was rejected") + void sslEngineDelegatedTaskRejected(@Cause RejectedExecutionException ree); } ===================================== core/src/main/java/io/undertow/protocols/ssl/SslConduit.java ===================================== @@ -25,6 +25,8 @@ import java.nio.channels.ClosedChannelException; import java.nio.channels.FileChannel; import java.util.ArrayList; import java.util.List; +import java.util.concurrent.Executor; +import java.util.concurrent.RejectedExecutionException; import java.util.concurrent.TimeUnit; import javax.net.ssl.SSLEngine; @@ -132,6 +134,7 @@ public class SslConduit implements StreamSourceConduit, StreamSinkConduit { private final UndertowSslConnection connection; private final StreamConnection delegate; + private final Executor delegatedTaskExecutor; private SSLEngine engine; private final StreamSinkConduit sink; private final StreamSourceConduit source; @@ -196,13 +199,14 @@ public class SslConduit implements StreamSourceConduit, StreamSinkConduit { } }; - SslConduit(UndertowSslConnection connection, StreamConnection delegate, SSLEngine engine, ByteBufferPool bufferPool, Runnable handshakeCallback) { + SslConduit(UndertowSslConnection connection, StreamConnection delegate, SSLEngine engine, Executor delegatedTaskExecutor, ByteBufferPool bufferPool, Runnable handshakeCallback) { this.connection = connection; this.delegate = delegate; this.handshakeCallback = handshakeCallback; this.sink = delegate.getSinkChannel().getConduit(); this.source = delegate.getSourceChannel().getConduit(); this.engine = engine; + this.delegatedTaskExecutor = delegatedTaskExecutor; this.bufferPool = bufferPool; delegate.getSourceChannel().getConduit().setReadReadyHandler(readReadyHandler = new SslReadReadyHandler(null)); delegate.getSinkChannel().getConduit().setWriteReadyHandler(writeReadyHandler = new SslWriteReadyHandler(null)); @@ -596,6 +600,10 @@ public class SslConduit implements StreamSourceConduit, StreamSinkConduit { return delegate.getWorker(); } + private Executor getDelegatedTaskExecutor() { + return delegatedTaskExecutor == null ? getWorker() : delegatedTaskExecutor; + } + void notifyWriteClosed() { if(anyAreSet(state, FLAG_WRITE_CLOSED)) { return; @@ -1084,11 +1092,11 @@ public class SslConduit implements StreamSourceConduit, StreamSinkConduit { } /** - * Execute all the tasks in the worker + * Execute all the delegated tasks on an executor which allows blocking, the worker executor by default. * * Once they are complete we notify any waiting threads and wakeup reads/writes as appropriate */ - private void runTasks() { + private void runTasks() throws IOException { //don't run anything in the IO thread till the tasks are done delegate.getSinkChannel().suspendWrites(); delegate.getSourceChannel().suspendReads(); @@ -1102,7 +1110,7 @@ public class SslConduit implements StreamSourceConduit, StreamSinkConduit { synchronized (this) { outstandingTasks += tasks.size(); for (final Runnable task : tasks) { - getWorker().execute(new Runnable() { + Runnable wrappedTask = new Runnable() { @Override public void run() { try { @@ -1137,13 +1145,46 @@ public class SslConduit implements StreamSourceConduit, StreamSinkConduit { } } } - } - }); + }; + try { + getDelegatedTaskExecutor().execute(wrappedTask); + } catch (RejectedExecutionException e) { + UndertowLogger.REQUEST_IO_LOGGER.sslEngineDelegatedTaskRejected(e); + IoUtils.safeClose(connection); + throw DelegatedTaskRejectedClosedChannelException.INSTANCE; + } } } } + /** + * A specialized {@link ClosedChannelException} which does not provide a stack trace. Tasks may be rejected + * when the server is overloaded, so it's important not to create more work than necessary. + */ + private static final class DelegatedTaskRejectedClosedChannelException extends ClosedChannelException { + + private static final DelegatedTaskRejectedClosedChannelException INSTANCE = + new DelegatedTaskRejectedClosedChannelException(); + + @Override + public Throwable fillInStackTrace() { + // Avoid the most expensive part of exception creation. + return this; + } + + // Ignore mutations + @Override + public Throwable initCause(Throwable ignored) { + return this; + } + + @Override + public void setStackTrace(StackTraceElement[] ignored) { + // no-op + } + } + public SSLEngine getSSLEngine() { return engine; } ===================================== core/src/main/java/io/undertow/protocols/ssl/UndertowAcceptingSslChannel.java ===================================== @@ -208,7 +208,7 @@ class UndertowAcceptingSslChannel implements AcceptingChannel { } protected UndertowSslConnection accept(StreamConnection tcpServer, SSLEngine sslEngine) throws IOException { - return new UndertowSslConnection(tcpServer, sslEngine, applicationBufferPool); + return new UndertowSslConnection(tcpServer, sslEngine, applicationBufferPool, ssl.getDelegatedTaskExecutor()); } public ChannelListener.Setter> getCloseSetter() { ===================================== core/src/main/java/io/undertow/protocols/ssl/UndertowSslConnection.java ===================================== @@ -32,6 +32,7 @@ import javax.net.ssl.SSLSession; import java.io.IOException; import java.net.SocketAddress; import java.util.Set; +import java.util.concurrent.Executor; /** * @author Stuart Douglas @@ -50,11 +51,11 @@ class UndertowSslConnection extends SslConnection { * * @param delegate the underlying connection */ - UndertowSslConnection(StreamConnection delegate, SSLEngine engine, ByteBufferPool bufferPool) { + UndertowSslConnection(StreamConnection delegate, SSLEngine engine, ByteBufferPool bufferPool, Executor delegatedTaskExecutor) { super(delegate.getIoThread()); this.delegate = delegate; this.engine = engine; - sslConduit = new SslConduit(this, delegate, engine, bufferPool, new HandshakeCallback()); + sslConduit = new SslConduit(this, delegate, engine, delegatedTaskExecutor, bufferPool, new HandshakeCallback()); setSourceConduit(sslConduit); setSinkConduit(sslConduit); } ===================================== core/src/main/java/io/undertow/protocols/ssl/UndertowXnioSsl.java ===================================== @@ -33,6 +33,7 @@ import java.util.Collections; import java.util.HashSet; import java.util.List; import java.util.Set; +import java.util.concurrent.Executor; import java.util.concurrent.TimeUnit; import javax.net.ssl.SNIHostName; @@ -78,6 +79,7 @@ public class UndertowXnioSsl extends XnioSsl { private static final ByteBufferPool DEFAULT_BUFFER_POOL = new DefaultByteBufferPool(true, 17 * 1024, -1, 12); private final ByteBufferPool bufferPool; + private final Executor delegatedTaskExecutor; private volatile SSLContext sslContext; /** @@ -95,7 +97,7 @@ public class UndertowXnioSsl extends XnioSsl { /** * Construct a new instance. - * @param xnio the XNIO instance to associate with + * @param xnio the XNIO instance to associate with * @param optionMap the options for this provider * @param sslContext the SSL context to use for this instance */ @@ -103,6 +105,17 @@ public class UndertowXnioSsl extends XnioSsl { this(xnio, optionMap, DEFAULT_BUFFER_POOL, sslContext); } + /** + * Construct a new instance. + * @param xnio the XNIO instance to associate with + * @param optionMap the options for this provider + * @param sslContext the SSL context to use for this instance + * @param delegatedTaskExecutor Executor instance used to run {@link SSLEngine#getDelegatedTask() delegated tasks}. + */ + public UndertowXnioSsl(final Xnio xnio, final OptionMap optionMap, final SSLContext sslContext, final Executor delegatedTaskExecutor) { + this(xnio, optionMap, DEFAULT_BUFFER_POOL, sslContext, delegatedTaskExecutor); + } + /** * Construct a new instance. * @@ -125,9 +138,22 @@ public class UndertowXnioSsl extends XnioSsl { * @param sslContext the SSL context to use for this instance */ public UndertowXnioSsl(final Xnio xnio, final OptionMap optionMap, ByteBufferPool bufferPool, final SSLContext sslContext) { + this(xnio, optionMap, bufferPool, sslContext, null); + } + + /** + * Construct a new instance. + * @param xnio the XNIO instance to associate with + * @param optionMap the options for this provider + * @param bufferPool + * @param sslContext the SSL context to use for this instance + * @param delegatedTaskExecutor Executor instance used to run {@link SSLEngine#getDelegatedTask() delegated tasks}. + */ + public UndertowXnioSsl(final Xnio xnio, final OptionMap optionMap, ByteBufferPool bufferPool, final SSLContext sslContext, final Executor delegatedTaskExecutor) { super(xnio, sslContext, optionMap); this.bufferPool = bufferPool; this.sslContext = sslContext; + this.delegatedTaskExecutor = delegatedTaskExecutor; } /** @@ -140,6 +166,15 @@ public class UndertowXnioSsl extends XnioSsl { return sslContext; } + /** + * Get the {@link Executor} used to run delegated tasks or {@code null} if no executor is configured. + * + * @return the delegated task executor or null + */ + Executor getDelegatedTaskExecutor() { + return delegatedTaskExecutor; + } + /** * Get the SSL engine for a given connection. * @@ -200,11 +235,11 @@ public class UndertowXnioSsl extends XnioSsl { } public SslConnection wrapExistingConnection(StreamConnection connection, OptionMap optionMap) { - return new UndertowSslConnection(connection, createSSLEngine(sslContext, optionMap, (InetSocketAddress) connection.getPeerAddress(), true), bufferPool); + return new UndertowSslConnection(connection, createSSLEngine(sslContext, optionMap, (InetSocketAddress) connection.getPeerAddress(), true), bufferPool, delegatedTaskExecutor); } public SslConnection wrapExistingConnection(StreamConnection connection, OptionMap optionMap, boolean clientMode) { - return new UndertowSslConnection(connection, createSSLEngine(sslContext, optionMap, (InetSocketAddress) connection.getPeerAddress(), clientMode), bufferPool); + return new UndertowSslConnection(connection, createSSLEngine(sslContext, optionMap, (InetSocketAddress) connection.getPeerAddress(), clientMode), bufferPool, delegatedTaskExecutor); } public SslConnection wrapExistingConnection(StreamConnection connection, OptionMap optionMap, URI destinationURI) { @@ -214,7 +249,7 @@ public class UndertowXnioSsl extends XnioSsl { sslParameters.setServerNames(Collections.singletonList(new SNIHostName(destinationURI.getHost()))); sslEngine.setSSLParameters(sslParameters); } - return new UndertowSslConnection(connection, sslEngine, bufferPool); + return new UndertowSslConnection(connection, sslEngine, bufferPool, delegatedTaskExecutor); } private InetSocketAddress getPeerAddress(URI destinationURI) { @@ -447,7 +482,7 @@ public class UndertowXnioSsl extends XnioSsl { sslEngine.setSSLParameters(params); - final SslConnection wrappedConnection = new UndertowSslConnection(connection, sslEngine, bufferPool); + final SslConnection wrappedConnection = new UndertowSslConnection(connection, sslEngine, bufferPool, delegatedTaskExecutor); if (!futureResult.setResult(wrappedConnection)) { IoUtils.safeClose(connection); } else { ===================================== core/src/main/java/io/undertow/server/handlers/PathHandler.java ===================================== @@ -108,7 +108,7 @@ public class PathHandler implements HttpHandler { * Adds a path prefix and a handler for that path. If the path does not start * with a / then one will be prepended. *

- * The match is done on a prefix bases, so registering /foo will also match /bar. Exact + * The match is done on a prefix bases, so registering /foo will also match /foo/bar. Exact * path matches are taken into account first. *

* If / is specified as the path then it will replace the default handler. @@ -129,7 +129,7 @@ public class PathHandler implements HttpHandler { *

* The match is done on a prefix bases, so registering /foo will also match /foo/bar. * Though exact path matches are taken into account before prefix path matches. So - * if an exact path match exists it's handler will be triggered. + * if an exact path match exists its handler will be triggered. *

* If / is specified as the path then it will replace the default handler. * ===================================== core/src/main/java/io/undertow/server/protocol/framed/AbstractFramedChannel.java ===================================== @@ -335,7 +335,7 @@ public abstract class AbstractFramedChannel * Calling this method can also have the side effect of making additional data available to @@ -948,7 +948,7 @@ public abstract class AbstractFramedChannel { * Adds a path prefix and a handler for that path. If the path does not start * with a / then one will be prepended. *

* If / is specified as the path then it will replace the default handler. @@ -129,7 +129,7 @@ public class PathHandler implements HttpHandler { *

* If / is specified as the path then it will replace the default handler. ===================================== core/src/test/java/io/undertow/server/ssl/DelegatedTaskExecutorTestCase.java ===================================== @@ -0,0 +1,124 @@ +/* + * JBoss, Home of Professional Open Source. + * Copyright 2021 Red Hat, Inc., and individual contributors + * as indicated by the @author tags. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package io.undertow.server.ssl; + + +import io.undertow.Undertow; +import io.undertow.server.handlers.ResponseCodeHandler; +import io.undertow.testutils.DefaultServer; +import io.undertow.testutils.TestHttpClient; +import org.apache.http.client.methods.CloseableHttpResponse; +import org.apache.http.client.methods.HttpGet; +import org.junit.Test; + +import javax.net.ssl.SSLHandshakeException; +import java.io.IOException; +import java.net.InetSocketAddress; +import java.util.concurrent.ExecutorService; +import java.util.concurrent.Executors; +import java.util.concurrent.RejectedExecutionException; +import java.util.concurrent.TimeUnit; +import java.util.concurrent.atomic.AtomicInteger; + +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertTrue; +import static org.junit.Assert.fail; + +/** + * @author Carter Kozak + */ +public class DelegatedTaskExecutorTestCase { + + @Test + public void testDelegatedTaskExecutorIsUsed() throws Exception { + ExecutorService delegatedTaskExecutor = Executors.newSingleThreadExecutor(); + AtomicInteger counter = new AtomicInteger(); + Undertow undertow = Undertow.builder() + .addHttpsListener(0, null, DefaultServer.getServerSslContext()) + .setSslEngineDelegatedTaskExecutor(task -> { + counter.getAndIncrement(); + delegatedTaskExecutor.execute(task); + }) + .setHandler(ResponseCodeHandler.HANDLE_200) + .build(); + + TestHttpClient client = new TestHttpClient(); + client.setSSLContext(DefaultServer.getClientSSLContext()); + undertow.start(); + int port = port(undertow); + try(CloseableHttpResponse response = client.execute(new HttpGet("https://localhost:" + port))) { + assertEquals(200, response.getStatusLine().getStatusCode()); + assertTrue("expected interactions with the delegated task executor", counter.get() > 0); + } finally { + undertow.stop(); + client.getConnectionManager().shutdown(); + delegatedTaskExecutor.shutdownNow(); + assertTrue( + "ExecutorService did not shut down in time", + delegatedTaskExecutor.awaitTermination(1, TimeUnit.SECONDS)); + } + } + + @Test + public void testRejection() { + Undertow undertow = Undertow.builder() + .addHttpsListener(0, null, DefaultServer.getServerSslContext()) + .setSslEngineDelegatedTaskExecutor(ignoredTask -> { + throw new RejectedExecutionException(); + }) + .setHandler(ResponseCodeHandler.HANDLE_200) + .build(); + + TestHttpClient client = new TestHttpClient(); + client.setSSLContext(DefaultServer.getClientSSLContext()); + undertow.start(); + try { + int port = port(undertow); + HttpGet request = new HttpGet("https://localhost:" + port); + try { + client.execute(request); + fail("Expected an exception"); + } catch (SSLHandshakeException handshakeException) { + // expected one of: + // - Remote host closed connection during handshake + // - Remote host terminated the handshake + // This exception comes from the jvm and may change in future + // releases so we don't verify an exact match. + String message = handshakeException.getMessage(); + System.out.println(message); + assertTrue( + "message was: " + message, + message != null && (message.contains("closed") || message.contains("terminated"))); + } catch (IOException e) { + throw new AssertionError(e); + } + } finally { + undertow.stop(); + client.getConnectionManager().shutdown(); + } + } + + private static int port(Undertow undertow) { + if (undertow.getListenerInfo().size() != 1) { + throw new IllegalStateException("Expected exactly one listener"); + } + InetSocketAddress address = (InetSocketAddress) undertow.getListenerInfo().get(0).getAddress(); + return address.getPort(); + } +} ===================================== coverage-report/pom.xml ===================================== @@ -3,7 +3,7 @@ io.undertow undertow-parent - 2.2.4.Final + 2.2.5.Final undertow-coverage-report Undertow Test Coverage Report ===================================== dist/pom.xml ===================================== @@ -25,12 +25,12 @@ io.undertow undertow-parent - 2.2.4.Final + 2.2.5.Final io.undertow undertow-dist - 2.2.4.Final + 2.2.5.Final Undertow: Distribution ===================================== examples/pom.xml ===================================== @@ -25,12 +25,12 @@ io.undertow undertow-parent - 2.2.4.Final + 2.2.5.Final io.undertow undertow-examples - 2.2.4.Final + 2.2.5.Final Undertow Examples ===================================== jakartaee9/deploy-jakartaee9-artifacts.sh ===================================== @@ -0,0 +1,55 @@ +#!/bin/sh +# file: deploy-jakartaee9-artifacts.sh +# +# JBoss, Home of Professional Open Source. +# Copyright 2021 Red Hat, Inc., and individual contributors +# as indicated by the @author tags. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +deploy_artifact(){ + version=$1 + module=$2 + + jakarta_dir=$(pwd) + jar_file=$jakarta_dir/target/output/undertow-$module-jakartaee9-$version.jar + pom_file=$jakarta_dir/target/output/undertow-$module-jakartaee9-$version.pom + if [ -e $jakarta_dir/../$module/target/undertow-$module-sources.jar ] + then + sources_file=$jakarta_dir/../$module/target/undertow-$module-sources.jar + else + sources_file=$jakarta_dir/../$module/target/undertow-$module-$version-sources.jar + fi + + check_file_exists $jar_file + check_file_exists $pom_file + check_file_exists $sources_file + + mvn deploy:deploy-file -DrepositoryId=jboss-releases-repository -Durl=https://repository.jboss.org/nexus/service/local/staging/deploy/maven2 -DaltDeploymentRepository=jboss-releases-repository::default::https://repository.jboss.org/nexus/service/local/staging/deploy/maven2 -Pjboss-release -Drelease -Dfile=$jar_file -DpomFile=$pom_file -Dsources=$sources_file +} + +check_file_exists(){ + if ! [ -e $1 ] + then + echo "ERROR: File $1 not found" + exit 1 + fi +} + +version=$(mvn help:evaluate -Dexpression=project.version -q -DforceStdout) +deploy_artifact $version "servlet" +deploy_artifact $version "websockets-jsr" +deploy_artifact $version "examples" + + ===================================== jakartaee9/pom.xml ===================================== @@ -25,12 +25,12 @@ io.undertow undertow-parent - 2.2.4.Final + 2.2.5.Final io.undertow undertow-jakartaee9 - 2.2.4.Final + 2.2.5.Final Undertow Jakarta EE9 ===================================== karaf/pom.xml ===================================== @@ -0,0 +1,144 @@ + + + + + 4.0.0 + + + io.undertow + undertow-parent + 2.2.5.Final + + + io.undertow + karaf + 2.2.5.Final + + Undertow Karaf feature + + pom + + + 4.2.10 + + + + + + org.apache.karaf.features + framework + kar + provided + ${version.karaf.plugin} + + + * + * + + + + + + + + + + src/main/resources + true + + + + + + + org.apache.karaf.tooling + karaf-maven-plugin + ${version.karaf.plugin} + + + + + + + org.apache.maven.plugins + maven-resources-plugin + + + default + generate-resources + + resources + + + + + + org.apache.karaf.tooling + karaf-maven-plugin + + + verify + process-resources + + verify + + + + mvn:org.apache.karaf.features/framework/${version.karaf.plugin}/xml/features + mvn:org.apache.karaf.features/standard/${version.karaf.plugin}/xml/features + file:${project.build.directory}/classes/features.xml + + org.apache.karaf.features:framework + 1.8 + + framework + + + undertow + + + + + + + org.codehaus.mojo + build-helper-maven-plugin + + + attach-artifacts + package + + attach-artifact + + + + + target/classes/features.xml + xml + features + + + + + + + + + + ===================================== karaf/src/main/resources/features.xml ===================================== @@ -0,0 +1,38 @@ + + + + + + + mvn:org.jboss.spec.javax.annotation/jboss-annotations-api_1.3_spec/${version.org.jboss.spec.javax.annotation.jboss-annotations-api_1.3_spec} + mvn:org.jboss.spec.javax.servlet/jboss-servlet-api_4.0_spec/${version.org.jboss.spec.javax.servlet.jboss-servlet-api_4.0_spec} + mvn:org.jboss.spec.javax.websocket/jboss-websocket-api_1.1_spec/${version.org.jboss.spec.javax.websockets} + + mvn:org.jboss.xnio/xnio-api/${version.xnio} + mvn:org.jboss.xnio/xnio-nio/${version.xnio} + mvn:io.undertow/undertow-core/${project.version} + mvn:io.undertow/undertow-servlet/${project.version} + mvn:io.undertow/undertow-websockets-jsr/${project.version} + + wrap:mvn:org.jboss.threads/jboss-threads/${version.org.jboss.threads} + wrap:mvn:org.wildfly.common/wildfly-common/${version.org.wildfly.common}$Export-Package=org.wildfly.common.*;-noimport:=true;version="${version.org.wildfly.common}" + mvn:org.wildfly.client/wildfly-client-config/${version.org.wildfly.client-config} + + + ===================================== parser-generator/pom.xml ===================================== @@ -25,12 +25,12 @@ io.undertow undertow-parent - 2.2.4.Final + 2.2.5.Final io.undertow undertow-parser-generator - 2.2.4.Final + 2.2.5.Final Undertow Parser Generator An annotation processor that is used to generate the HTTP parser ===================================== pom.xml ===================================== @@ -28,7 +28,7 @@ io.undertow undertow-parent - 2.2.4.Final + 2.2.5.Final Undertow Undertow @@ -77,6 +77,7 @@ 3.1.0.Final 1.5.4.Final + 1.0.1.Final 0.7.9 @@ -99,6 +100,7 @@ 1.0.4.Final 7.1 + 5.1.1 1.21 @@ -267,6 +269,11 @@ + + org.apache.felix + maven-bundle-plugin + ${version.bundle.plugin} + @@ -651,6 +658,18 @@ NOT io.undertow.testutils.category.UnitTest + + + osgi + + + osgi + + + + karaf + + ===================================== servlet/pom.xml ===================================== @@ -25,12 +25,12 @@ io.undertow undertow-parent - 2.2.4.Final + 2.2.5.Final io.undertow undertow-servlet - 2.2.4.Final + 2.2.5.Final Undertow Servlet @@ -154,6 +154,30 @@ + + org.apache.felix + maven-bundle-plugin + + + generate-manifest + + manifest + + + + + io.undertow.servlet*;version=${project.version};-noimport:=true + + + javax.annotation.security;version="[1.2,3)", + !sun.*, + * + + + + + + org.apache.maven.plugins maven-jar-plugin @@ -168,6 +192,11 @@ + + + ${project.build.outputDirectory}/META-INF/MANIFEST.MF + + org.apache.maven.plugins ===================================== websockets-jsr/pom.xml ===================================== @@ -25,12 +25,12 @@ io.undertow undertow-parent - 2.2.4.Final + 2.2.5.Final io.undertow undertow-websockets-jsr - 2.2.4.Final + 2.2.5.Final Undertow WebSockets JSR356 implementations @@ -128,6 +128,38 @@ + + org.apache.felix + maven-bundle-plugin + + + generate-manifest + + manifest + + + + + io.undertow.websockets.jsr*;version=${project.version};-noimport:=true + + + !sun.*, + * + + + + + + + + org.apache.maven.plugins + maven-jar-plugin + + + ${project.build.outputDirectory}/META-INF/MANIFEST.MF + + + org.apache.maven.plugins maven-surefire-plugin View it on GitLab: https://salsa.debian.org/java-team/undertow/-/commit/4bf240b6da6d7b391589fc44acfbdf3eb829b428 -- View it on GitLab: https://salsa.debian.org/java-team/undertow/-/commit/4bf240b6da6d7b391589fc44acfbdf3eb829b428 You're receiving this email because of your account on salsa.debian.org. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gitlab at salsa.debian.org Wed Mar 17 03:36:26 2021 From: gitlab at salsa.debian.org (Tony Mancill) Date: Wed, 17 Mar 2021 03:36:26 +0000 Subject: [Git][java-team/velocity][master] Import Debian changes 1.7-5.1 Message-ID: <6051793a172e_1b4512940e001421543@godard.mail> Tony Mancill pushed to branch master at Debian Java Maintainers / velocity Commits: 2d759d42 by Holger Levsen at 2021-03-16T20:33:33-07:00 Import Debian changes 1.7-5.1 velocity (1.7-5.1) unstable; urgency=medium .. * Non maintainer upload by the Reproducible Builds team. * No source change upload to rebuild on buildd with .buildinfo files. - - - - - 1 changed file: - debian/changelog Changes: ===================================== debian/changelog ===================================== @@ -1,3 +1,10 @@ +velocity (1.7-5.1) unstable; urgency=medium + + * Non maintainer upload by the Reproducible Builds team. + * No source change upload to rebuild on buildd with .buildinfo files. + + -- Holger Levsen Mon, 28 Dec 2020 14:41:58 +0100 + velocity (1.7-5) unstable; urgency=medium * Team upload. View it on GitLab: https://salsa.debian.org/java-team/velocity/-/commit/2d759d4219119074defc31e93f93310cb63a417e -- View it on GitLab: https://salsa.debian.org/java-team/velocity/-/commit/2d759d4219119074defc31e93f93310cb63a417e You're receiving this email because of your account on salsa.debian.org. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gitlab at salsa.debian.org Wed Mar 17 03:36:27 2021 From: gitlab at salsa.debian.org (Tony Mancill) Date: Wed, 17 Mar 2021 03:36:27 +0000 Subject: [Git][java-team/velocity] Pushed new tag debian/1.7-5.1 Message-ID: <6051793b2b293_1b4512940dec14218b8@godard.mail> Tony Mancill pushed new tag debian/1.7-5.1 at Debian Java Maintainers / velocity -- View it on GitLab: https://salsa.debian.org/java-team/velocity/-/tree/debian/1.7-5.1 You're receiving this email because of your account on salsa.debian.org. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gitlab at salsa.debian.org Wed Mar 17 04:53:39 2021 From: gitlab at salsa.debian.org (Tony Mancill) Date: Wed, 17 Mar 2021 04:53:39 +0000 Subject: [Git][java-team/velocity][master] 4 commits: Update Vcs URLs to point to Salsa Message-ID: <60518b53f3017_1b451204982414277bb@godard.mail> Tony Mancill pushed to branch master at Debian Java Maintainers / velocity Commits: 765693d6 by tony mancill at 2021-03-16T20:37:42-07:00 Update Vcs URLs to point to Salsa - - - - - 8ca516ee by tony mancill at 2021-03-16T20:55:02-07:00 Patch for CVE-2020-13936 (Closes: #985220) - - - - - adc1b0d3 by tony mancill at 2021-03-16T21:07:54-07:00 Ship Apache NOTICE file with package - - - - - 1eb28765 by tony mancill at 2021-03-16T21:08:19-07:00 prepare changelog for upload to unstable - - - - - 5 changed files: - debian/changelog - debian/control - + debian/patches/CVE-2020-13936.patch - debian/patches/series - + debian/velocity.docs Changes: ===================================== debian/changelog ===================================== @@ -1,3 +1,12 @@ +velocity (1.7-6) unstable; urgency=high + + * Team upload. + * Update Vcs URLs to point to Salsa + * Patch for CVE-2020-13936 (Closes: #985220) + * Ship Apache NOTICE file with package + + -- tony mancill Tue, 16 Mar 2021 21:07:58 -0700 + velocity (1.7-5.1) unstable; urgency=medium * Non maintainer upload by the Reproducible Builds team. ===================================== debian/control ===================================== @@ -26,8 +26,8 @@ Build-Depends-Indep: ant, libservlet3.1-java, libwerken.xpath-java Standards-Version: 3.9.8 -Vcs-Git: https://anonscm.debian.org/git/pkg-java/velocity.git -Vcs-Browser: https://anonscm.debian.org/cgit/pkg-java/velocity.git +Vcs-Git: https://salsa.debian.org/java-team/velocity.git +Vcs-Browser: https://salsa.debian.org/java-team/velocity Homepage: http://velocity.apache.org/ Package: velocity ===================================== debian/patches/CVE-2020-13936.patch ===================================== @@ -0,0 +1,48 @@ +Description: patch for CVE-2020-13936; disallow ClassLoader, Thread, and subclasses +Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985220 +Source: https://github.com/apache/velocity-engine/commit/1ba60771d23dae7e6b3138ae6bee09cf6f9d2485 +Comment: patch adapted to apply against Velocity 1.7 + +--- a/src/java/org/apache/velocity/util/introspection/SecureIntrospectorImpl.java ++++ b/src/java/org/apache/velocity/util/introspection/SecureIntrospectorImpl.java +@@ -121,6 +121,15 @@ + return true; + } + ++ /** ++ * Always disallow ClassLoader, Thread and subclasses ++ */ ++ if (ClassLoader.class.isAssignableFrom(clazz) || ++ Thread.class.isAssignableFrom(clazz)) ++ { ++ return false; ++ } ++ + /** + * check the classname (minus any array info) + * whether it matches disallowed classes or packages +--- a/src/java/org/apache/velocity/runtime/defaults/velocity.properties ++++ b/src/java/org/apache/velocity/runtime/defaults/velocity.properties +@@ -247,13 +247,9 @@ + + introspector.restrict.packages = java.lang.reflect + +-# The two most dangerous classes ++## ClassLoader, Thread, and subclasses disabled by default in SecureIntrospectorImpl + + introspector.restrict.classes = java.lang.Class +-introspector.restrict.classes = java.lang.ClassLoader +- +-# Restrict these for extra safety +- + introspector.restrict.classes = java.lang.Compiler + introspector.restrict.classes = java.lang.InheritableThreadLocal + introspector.restrict.classes = java.lang.Package +@@ -262,7 +258,6 @@ + introspector.restrict.classes = java.lang.RuntimePermission + introspector.restrict.classes = java.lang.SecurityManager + introspector.restrict.classes = java.lang.System +-introspector.restrict.classes = java.lang.Thread + introspector.restrict.classes = java.lang.ThreadGroup + introspector.restrict.classes = java.lang.ThreadLocal + ===================================== debian/patches/series ===================================== @@ -1 +1,2 @@ 0001-fix-example-scripts.patch +CVE-2020-13936.patch ===================================== debian/velocity.docs ===================================== @@ -0,0 +1 @@ +NOTICE View it on GitLab: https://salsa.debian.org/java-team/velocity/-/compare/2d759d4219119074defc31e93f93310cb63a417e...1eb28765705512a868fd6507b06ca51e5e5208cb -- View it on GitLab: https://salsa.debian.org/java-team/velocity/-/compare/2d759d4219119074defc31e93f93310cb63a417e...1eb28765705512a868fd6507b06ca51e5e5208cb You're receiving this email because of your account on salsa.debian.org. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gitlab at salsa.debian.org Wed Mar 17 04:53:40 2021 From: gitlab at salsa.debian.org (Tony Mancill) Date: Wed, 17 Mar 2021 04:53:40 +0000 Subject: [Git][java-team/velocity] Pushed new tag debian/1.7-6 Message-ID: <60518b541ca84_1b45121634581428068@godard.mail> Tony Mancill pushed new tag debian/1.7-6 at Debian Java Maintainers / velocity -- View it on GitLab: https://salsa.debian.org/java-team/velocity/-/tree/debian/1.7-6 You're receiving this email because of your account on salsa.debian.org. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gitlab at salsa.debian.org Thu Mar 18 20:59:29 2021 From: gitlab at salsa.debian.org (Pierre Gruet) Date: Thu, 18 Mar 2021 20:59:29 +0000 Subject: [Git][java-team/jalview][master] Building reproducibly by calling date with --utc in d/write_build_properties_file.sh.in Message-ID: <6053bf3129f01_27aa23669464713@godard.mail> Pierre Gruet pushed to branch master at Debian Java Maintainers / jalview Commits: 4649fdaa by Pierre Gruet at 2021-03-18T21:58:44+01:00 Building reproducibly by calling date with --utc in d/write_build_properties_file.sh.in - - - - - 2 changed files: - debian/changelog - debian/write_build_properties_file.sh.in Changes: ===================================== debian/changelog ===================================== @@ -1,3 +1,10 @@ +jalview (2.11.1.3+dfsg2-5) UNRELEASED; urgency=medium + + * Making the build reproducible thanks to Chris Lamb's patch about a + timestamp issue (Closes: #985448) + + -- Pierre Gruet Thu, 18 Mar 2021 21:39:16 +0100 + jalview (2.11.1.3+dfsg2-4) unstable; urgency=medium * Building the .build_properties file using dpkg-parsechangelog -STimestamp ===================================== debian/write_build_properties_file.sh.in ===================================== @@ -3,7 +3,7 @@ set -e echo "#--Jalview Build Details--" > resources/.build_properties -echo "#"$(date --date="@$(dpkg-parsechangelog -STimestamp)" +"%Y-%m-%d %H:%M:%S") >> resources/.build_properties -echo "BUILD_DATE="$(date --date="@$(dpkg-parsechangelog -STimestamp)" +"%H\\:%M\\:%S %d %B %Y") >> resources/.build_properties +echo "#"$(date --utc --date="@$(dpkg-parsechangelog -STimestamp)" +"%Y-%m-%d %H:%M:%S") >> resources/.build_properties +echo "BUILD_DATE="$(date --utc --date="@$(dpkg-parsechangelog -STimestamp)" +"%H\\:%M\\:%S %d %B %Y") >> resources/.build_properties echo "INSTALLATION=deb" >> resources/.build_properties echo "VERSION=VERSION_NUMBER" >> resources/.build_properties View it on GitLab: https://salsa.debian.org/java-team/jalview/-/commit/4649fdaaefb12bd67a24192927308ecc4296d7b5 -- View it on GitLab: https://salsa.debian.org/java-team/jalview/-/commit/4649fdaaefb12bd67a24192927308ecc4296d7b5 You're receiving this email because of your account on salsa.debian.org. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gitlab at salsa.debian.org Thu Mar 18 21:46:46 2021 From: gitlab at salsa.debian.org (Pierre Gruet) Date: Thu, 18 Mar 2021 21:46:46 +0000 Subject: [Git][java-team/jalview] Pushed new tag debian/2.11.1.3+dfsg2-5 Message-ID: <6053ca46723c5_27aa38a8c47162b@godard.mail> Pierre Gruet pushed new tag debian/2.11.1.3+dfsg2-5 at Debian Java Maintainers / jalview -- View it on GitLab: https://salsa.debian.org/java-team/jalview/-/tree/debian/2.11.1.3+dfsg2-5 You're receiving this email because of your account on salsa.debian.org. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gitlab at salsa.debian.org Thu Mar 18 21:46:52 2021 From: gitlab at salsa.debian.org (Pierre Gruet) Date: Thu, 18 Mar 2021 21:46:52 +0000 Subject: [Git][java-team/jalview][master] Upload to unstable Message-ID: <6053ca4cd1d37_27aa2f8dc71978@godard.mail> Pierre Gruet pushed to branch master at Debian Java Maintainers / jalview Commits: 2ddc27cc by Pierre Gruet at 2021-03-18T22:46:36+01:00 Upload to unstable - - - - - 1 changed file: - debian/changelog Changes: ===================================== debian/changelog ===================================== @@ -1,9 +1,9 @@ -jalview (2.11.1.3+dfsg2-5) UNRELEASED; urgency=medium +jalview (2.11.1.3+dfsg2-5) unstable; urgency=medium * Making the build reproducible thanks to Chris Lamb's patch about a timestamp issue (Closes: #985448) - -- Pierre Gruet Thu, 18 Mar 2021 21:39:16 +0100 + -- Pierre Gruet Thu, 18 Mar 2021 21:59:31 +0100 jalview (2.11.1.3+dfsg2-4) unstable; urgency=medium View it on GitLab: https://salsa.debian.org/java-team/jalview/-/commit/2ddc27ccee8bdf13c3eb5bb5bb13974035d74354 -- View it on GitLab: https://salsa.debian.org/java-team/jalview/-/commit/2ddc27ccee8bdf13c3eb5bb5bb13974035d74354 You're receiving this email because of your account on salsa.debian.org. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gitlab at salsa.debian.org Fri Mar 19 11:14:24 2021 From: gitlab at salsa.debian.org (Matthias Klose) Date: Fri, 19 Mar 2021 11:14:24 +0000 Subject: [Git][java-team/ca-certificates-java][master] 26 commits: switch to debhelper-compat (= 13) Message-ID: <6054879049b54_27aabf4cd01250ad@godard.mail> Matthias Klose pushed to branch master at Debian Java Maintainers / ca-certificates-java Commits: b59b0dcf by Andreas Beckmann at 2021-02-18T21:13:17+01:00 switch to debhelper-compat (= 13) - - - - - bb08d9e8 by Andreas Beckmann at 2021-02-18T21:18:22+01:00 use dh_installinit to install /etc/default/cacerts - - - - - ec56da1d by Andreas Beckmann at 2021-02-18T21:23:17+01:00 use dh_install to install jar and hook - - - - - c0c962f4 by Andreas Beckmann at 2021-02-19T21:11:35+01:00 ship /etc/default/cacerts with mode 0600 - - - - - dfd0e87a by Andreas Beckmann at 2021-02-19T21:20:07+01:00 add test with empty command - - - - - 5ee5835f by Andreas Beckmann at 2021-02-19T21:22:38+01:00 UpdateCertificates.java: ignore empty lines in stdin - - - - - 63507424 by Andreas Beckmann at 2021-02-19T23:00:18+01:00 avoid warning about missing /etc/ssl/certs/java/cacerts on initial install - - - - - 18fa5707 by Andreas Beckmann at 2021-02-19T23:04:29+01:00 do not be satisfied by java7-runtime-headless - - - - - 1e3e4280 by Andreas Beckmann at 2021-02-19T23:24:30+01:00 remove support for upgrading from versions predating wheezy - - - - - 3bc73bdb by Andreas Beckmann at 2021-02-19T23:47:14+01:00 clean up misplaced symlinks from ancient versions - - - - - 62313abf by Andreas Beckmann at 2021-02-20T00:28:53+01:00 remove redundant bits from the maintainer scripts - - - - - 049a5639 by Andreas Beckmann at 2021-02-20T01:11:43+01:00 set Rules-Requires-Root: no - - - - - 3d8a3e1b by Andreas Beckmann at 2021-02-23T12:02:35+01:00 drop libnss3 manipulations - - - - - 651ef32a by Andreas Beckmann at 2021-02-23T12:07:01+01:00 postinst: add a shared update_cacerts() function - - - - - eba4aea5 by Andreas Beckmann at 2021-02-23T12:08:21+01:00 run convert_pkcs12_keystore_to_jks from update_cacerts - - - - - c45c3c9b by Andreas Beckmann at 2021-02-23T02:01:09+01:00 let update_cacerts handle initial creation of cacerts - - - - - adec85a6 by Andreas Beckmann at 2021-02-23T12:13:02+01:00 move processing of +/- certs to new update-ca-certificates-java trigger the hook script is executed in the context of ca-certificates and nothing is known at that time about the configuration state of ca-certificates-java or its rdepends so just record the pending updates and execute them in a context where ca-certificates-java and its rdepends are in a usable state - - - - - be511adf by Andreas Beckmann at 2021-02-23T12:13:12+01:00 add update-ca-certificates-java-fresh trigger - - - - - 8821ee55 by Andreas Beckmann at 2021-02-23T12:13:17+01:00 remove obsolete certificates when building a fresh cacerts file - - - - - 6260c58f by Andreas Beckmann at 2021-02-23T13:45:49+01:00 bump ca-certificates dependency to 20210120 - - - - - 58057f06 by Andreas Beckmann at 2021-02-23T13:46:35+01:00 skip Java certificates setup if no JRE is available pending actions will be stored in /var/lib/ca-certificates-java - - - - - 9825a4a7 by Andreas Beckmann at 2021-02-23T13:46:39+01:00 add trigger on /usr/lib/jvm to perform Java certificates setup if a JRE becomes available - - - - - 7d2d460c by Andreas Beckmann at 2021-02-23T13:47:17+01:00 demote JRE dependency to Recommends to break dependency cycle - - - - - 33232621 by Andreas Beckmann at 2021-02-23T13:48:32+01:00 Standards-Version: 4.5.1 - - - - - ed71672c by Andreas Beckmann at 2021-02-23T13:58:20+01:00 simplify setup_path() - - - - - 96009a75 by Andreas Beckmann at 2021-02-23T15:34:19+01:00 close more fixed bugs - - - - - 18 changed files: - debian/default ? debian/ca-certificates-java.cacerts.default - debian/ca-certificates-java.dirs - + debian/ca-certificates-java.install - + debian/ca-certificates-java.lintian-overrides - + debian/ca-certificates-java.postinst - + debian/ca-certificates-java.postrm - + debian/ca-certificates-java.preinst - debian/ca-certificates-java.triggers - debian/changelog - ? debian/compat - debian/control - + debian/jks-keystore - ? debian/jks-keystore.hook - ? debian/postinst - ? debian/postrm - debian/rules - src/main/java/org/debian/security/UpdateCertificates.java - src/test/java/org/debian/security/UpdateCertificatesTest.java Changes: ===================================== debian/default ? debian/ca-certificates-java.cacerts.default ===================================== ===================================== debian/ca-certificates-java.dirs ===================================== @@ -1,3 +1,2 @@ -etc/default etc/ssl/certs/java -etc/ca-certificates/update.d +var/lib/ca-certificates-java ===================================== debian/ca-certificates-java.install ===================================== @@ -0,0 +1,2 @@ +debian/jks-keystore etc/ca-certificates/update.d/ +target/ca-certificates-java.jar usr/share/ca-certificates-java/ ===================================== debian/ca-certificates-java.lintian-overrides ===================================== @@ -0,0 +1 @@ +non-standard-file-perm etc/default/cacerts 0600 != 0644 ===================================== debian/ca-certificates-java.postinst ===================================== @@ -0,0 +1,181 @@ +#!/bin/sh +set -e + +# use the locale C.UTF-8 +unset LC_ALL +LC_CTYPE=C.UTF-8 +export LC_CTYPE + +storepass='changeit' +if [ -f /etc/default/cacerts ]; then + . /etc/default/cacerts +fi + +arch=`dpkg --print-architecture` +JAR=/usr/share/ca-certificates-java/ca-certificates-java.jar +CERTSDIR=/usr/share/ca-certificates +LOCALCERTSDIR=/usr/local/share/ca-certificates +ETCCERTSDIR=/etc/ssl/certs +CACERTS=$ETCCERTSDIR/java/cacerts + +setup_path() +{ + for version in 8 9 10 11 12 13 14 15 16 17 ; do + for jvm in \ + java-${version}-openjdk-${arch} \ + java-${version}-openjdk \ + oracle-java${version}-jre-${arch} \ + oracle-java${version}-server-jre-${arch} \ + oracle-java${version}-jdk-${arch} + do + if [ -x /usr/lib/jvm/$jvm/bin/java ]; then + export JAVA_HOME=/usr/lib/jvm/$jvm + PATH=$JAVA_HOME/bin:$PATH + break 2 + fi + done + done + + if ! which java >/dev/null; then + echo "No JRE found. Skipping Java certificates setup." + exit 0 + fi +} + +check_proc() +{ + if ! mountpoint -q /proc; then + echo >&2 "the keytool command requires a mounted proc fs (/proc)." + exit 1 + fi +} + +convert_pkcs12_keystore_to_jks() +{ + check_proc + if ! keytool -importkeystore \ + -srckeystore /etc/ssl/certs/java/cacerts \ + -destkeystore /etc/ssl/certs/java/cacerts.dpkg-new \ + -srcstoretype PKCS12 \ + -deststoretype JKS \ + -srcstorepass "$storepass" \ + -deststorepass "$storepass" \ + -noprompt; then + echo "failed to convert PKCS12 keystore to JKS" >&2 + exit 1 + fi + + # only update if /etc/default/cacerts allows + if [ "$cacerts_updates" = "yes" ]; then + mv -f /etc/ssl/certs/java/cacerts /etc/ssl/certs/java/cacerts.dpkg-old + mv -f /etc/ssl/certs/java/cacerts.dpkg-new /etc/ssl/certs/java/cacerts + fi +} + +find_pem_files() +{ + find $ETCCERTSDIR -type l -name \*.pem | sort | while read symlink ; do + case $(readlink "$symlink") in + $CERTSDIR*|$LOCALCERTSDIR*) + echo "$symlink" + ;; + esac + done +} + +update_cacerts() +{ + if [ "$cacerts_updates" != "yes" ] || [ "$CACERT_UPDATES" = "disabled" ]; then + echo "Updates of cacerts keystore are disabled." + exit 0 + fi + + setup_path + + if [ -f /var/lib/ca-certificates-java/convert_pkcs12_keystore_to_jks ]; then + convert_pkcs12_keystore_to_jks + rm /var/lib/ca-certificates-java/convert_pkcs12_keystore_to_jks + fi + + if [ -f /var/lib/ca-certificates-java/fresh ]; then + >/var/lib/ca-certificates-java/fresh + pem_files=$(find_pem_files) + + if [ -f "$CACERTS" ]; then + check_proc + cacerts_aliases=$(keytool -cacerts -storepass "$storepass" -list -rfc | sed -n 's/^Alias name: *debian://ip' | tr '\n' ' ') + etc_ssl_certs_aliases=$(for pem in $pem_files ; do echo -n "$(basename "$pem" | tr A-Z a-z) "; done) + for alias in $cacerts_aliases ; do + case " $etc_ssl_certs_aliases " in + *" ${alias} "*) + : # keep + ;; + *) + echo "-${alias}" >> /var/lib/ca-certificates-java/fresh + ;; + esac + done + fi + + for pem in $pem_files ; do + echo "+${pem}" >> /var/lib/ca-certificates-java/fresh + done + fi + + if [ -s /var/lib/ca-certificates-java/fresh ]; then + java -Xmx64m -jar $JAR -storepass "$storepass" < /var/lib/ca-certificates-java/fresh + elif [ -s /var/lib/ca-certificates-java/pending ]; then + java -Xmx64m -jar $JAR -storepass "$storepass" < /var/lib/ca-certificates-java/pending + fi + echo "done." + + rm -f /var/lib/ca-certificates-java/fresh + rm -f /var/lib/ca-certificates-java/pending +} + +#DEBHELPER# + +if [ "$1" = "configure" ]; then + if dpkg --compare-versions "$2" lt-nl "20210218" ; then + # clean up misplaced symlinks from ancient versions (#688415) + if [ -L /libnss3.so ]; then + rm -v /libnss3.so + fi + if [ -L /libsoftokn3.so ]; then + rm -v /libsoftokn3.so + fi + + if [ -f /etc/default/cacerts ]; then + chmod 0600 /etc/default/cacerts + fi + fi + + if dpkg --compare-versions "$2" lt-nl "20180516"; then + if [ -e /etc/ssl/certs/java/cacerts ] && \ + [ "$(head -c4 /etc/ssl/certs/java/cacerts)" != "$(echo -en '\xfe\xed\xfe\xed')" ]; then + touch /var/lib/ca-certificates-java/convert_pkcs12_keystore_to_jks + fi + fi + + # older versions may not have received all updates from ca-certificates + if dpkg --compare-versions "$2" lt-nl "20210218" ; then + touch /var/lib/ca-certificates-java/fresh + fi + + # initial install + if [ -z "$2" ]; then + touch /var/lib/ca-certificates-java/fresh + fi + + update_cacerts +fi + +if [ "$1" = "triggered" ]; then + case " $2 " in + *" update-ca-certificates-java-fresh "*) + touch /var/lib/ca-certificates-java/fresh + ;; + esac + + update_cacerts +fi ===================================== debian/ca-certificates-java.postrm ===================================== @@ -0,0 +1,10 @@ +#!/bin/sh +set -e + +if [ "$1" = "purge" ]; then + rm -rf /etc/ssl/certs/java + rmdir /etc/ssl/certs 2>/dev/null || true + rm -rf /var/lib/ca-certificates-java +fi + +#DEBHELPER# ===================================== debian/ca-certificates-java.preinst ===================================== @@ -0,0 +1,11 @@ +#!/bin/sh +set -e + +# rebuild cacerts on reinstallation after removal since certificate updates +# that happened while the package was removed are missing +if [ "$1" = "install" ] && [ -n "$2" ]; then + mkdir -p /var/lib/ca-certificates-java + touch /var/lib/ca-certificates-java/fresh +fi + +#DEBHELPER# ===================================== debian/ca-certificates-java.triggers ===================================== @@ -1 +1,3 @@ -activate update-ca-certificates +interest update-ca-certificates-java +interest update-ca-certificates-java-fresh +interest /usr/lib/jvm ===================================== debian/changelog ===================================== @@ -1,3 +1,36 @@ +ca-certificates-java (20210218) UNRELEASED; urgency=medium + + * Team upload. + * Switch to debhelper-compat (= 13). + * Set Rules-Requires-Root: no. + * UpdateCertificates.java: Ignore empty lines in stdin. (Closes: #795244) + * Avoid warning about missing /etc/ssl/certs/java/cacerts on initial + install. + * Do not be satisfied by java7-runtime-headless. + * Remove support for upgrading from versions predating wheezy. + * Clean up misplaced symlinks in the root directory left over by ancient + versions. (Closes: #688415) + * Drop libnss3 manipulations, no longer needed since openjdk-6-jre-headless + at least. + * Add update-ca-certificates-java trigger and let jks-keystore record the + pending certificate updates and postpone them to the processing of this + trigger. (Closes: #908858) + * Add update-ca-certificates-java-fresh trigger, will be activated by + update-ca-certificates -f. (Closes: #922981) + * Remove obsolete certificates when building a fresh cacerts file. + (Closes: #767272) + * Bump ca-certificates dependency to 20210120. + * Skip Java certificates setup if no JRE is available. + * Add trigger on /usr/lib/jvm to perform Java certificates setup if a JRE + becomes available. + * Demote JRE dependency to Recommends to break dependency cycle. + (Closes: #929685, #940297) + * Foreign architecture JREs that place java in PATH are also usable. + (Closes: #776860, #864331) + * Bump Standards-Version to 4.5.1. + + -- Andreas Beckmann Thu, 18 Feb 2021 21:12:52 +0100 + ca-certificates-java (20190909) unstable; urgency=medium * Team upload. @@ -63,10 +96,11 @@ ca-certificates-java (20170930) unstable; urgency=medium * Team upload. * Revert the last two NMUs. - - Depend again on openjdk-8 after the stretch release. + - Depend again on openjdk-8 after the stretch release. (Closes: #863803) - Stop fiddling around with jvm-*.cfg files. ca-certificates-java has no business with providing an initial cacerts file. This is implemented in the openjdk packages. We are not 2008 anymore. + (Closes: #912187) * Bump standards version. * Remove Torsten Werner as uploader. @@ -114,7 +148,7 @@ ca-certificates-java (20161107) unstable; urgency=medium ca-certificates-java (20160321) unstable; urgency=medium * Team upload. - * Drop support for obsolete Java 6 (Closes: #776897) + * Drop support for obsolete Java 6 (Closes: #776897, #816541) * Add support for Java 8 and 9 (Closes: #775775) * Bump Standards-Version to 3.9.7 (no changes) * Use secure HTTPS URI for Vcs-Browser @@ -226,7 +260,7 @@ ca-certificates-java (20120524) unstable; urgency=low [ James Page ] * d/rules: Ensure java is built with source/target == 1.6 for backwards - compatibility with openjdk-6. + compatibility with openjdk-6. [ Damien Raude-Morvan ] * Sync handling of nss.cfg between debian/jks-keystore.hook.in and @@ -415,4 +449,3 @@ ca-certificates-java (20080514) unstable; urgency=low * Initial release. -- Matthias Klose Mon, 02 Jun 2008 14:52:46 +0000 - ===================================== debian/compat deleted ===================================== @@ -1 +0,0 @@ -11 ===================================== debian/control ===================================== @@ -4,19 +4,24 @@ Priority: optional Maintainer: Debian Java Maintainers Uploaders: Matthias Klose , James Page -Build-Depends: debhelper (>= 11), default-jdk, javahelper, junit4 -Standards-Version: 4.4.0 +Build-Depends: + debhelper-compat (= 13), + dh-sequence-javahelper, + default-jdk, + junit4, +Rules-Requires-Root: no +Standards-Version: 4.5.1 Vcs-Git: https://salsa.debian.org/java-team/ca-certificates-java.git Vcs-Browser: https://salsa.debian.org/java-team/ca-certificates-java Package: ca-certificates-java Architecture: all Multi-Arch: foreign -Depends: ca-certificates (>= 20121114), - default-jre-headless | java8-runtime-headless, - libnss3 (>= 3.12.10-2~), - ${misc:Depends} -# We need a versioned Depends due to multiarch changes (bug #635571). +Depends: + ca-certificates (>= 20210120), + ${misc:Depends}, +Recommends: + default-jre-headless (>= 2:1.8) | java8-runtime-headless, Description: Common CA certificates (JKS keystore) This package uses the hooks of the ca-certificates package to update the cacerts JKS keystore used for many java runtimes. ===================================== debian/jks-keystore ===================================== @@ -0,0 +1,30 @@ +#!/bin/sh +set -e + +if [ -t 0 ]; then + echo "This hook script expects the list of PEM files to be added/removed" >&2 + echo "prefixed with '+'/'-' to be piped into stdin." >&2 + exit 1 +fi + +# record the pending certificate updates for later execution by the +# triggers in ca-certificates-java + +mkdir -p /var/lib/ca-certificates-java +cat - >> /var/lib/ca-certificates-java/pending + +case "$1" in + -f|--fresh) + dpkg-trigger --no-await update-ca-certificates-java-fresh + ;; + *) + dpkg-trigger --no-await update-ca-certificates-java + ;; +esac + +# if the hook was activated by a manual run of update-ca-certificates +# (and not from a maintainer script), ensure the triggers get processed + +if [ -z "$DPKG_MAINTSCRIPT_PACKAGE" ]; then + dpkg --triggers-only --pending +fi ===================================== debian/jks-keystore.hook deleted ===================================== @@ -1,89 +0,0 @@ -#!/bin/sh - -set -e - -# use the locale C.UTF-8 -unset LC_ALL -LC_CTYPE=C.UTF-8 -export LC_CTYPE - -storepass='changeit' -if [ -f /etc/default/cacerts ]; then - . /etc/default/cacerts -fi - -arch=`dpkg --print-architecture` -JAR=/usr/share/ca-certificates-java/ca-certificates-java.jar - -nsslib_name() -{ - if dpkg --assert-multi-arch 2>/dev/null; then - echo "libnss3:${arch}" - else - echo "libnss3" - fi -} - -echo "" -if [ "$cacerts_updates" != yes ] || [ "$CACERT_UPDATES" = disabled ] || [ ! -e $JAR ]; then - echo "updates of cacerts keystore disabled." - exit 0 -fi - -if ! mountpoint -q /proc; then - echo >&2 "the keytool command requires a mounted proc fs (/proc)." - exit 1 -fi - -for jvm in java-7-openjdk-$arch java-7-openjdk \ - oracle-java7-jre-$arch oracle-java7-server-jre-$arch oracle-java7-jdk-$arch \ - java-8-openjdk-$arch java-8-openjdk \ - oracle-java8-jre-$arch oracle-java8-server-jre-$arch oracle-java8-jdk-$arch \ - java-9-openjdk-$arch java-9-openjdk \ - oracle-java9-jre-$arch oracle-java9-server-jre-$arch oracle-java9-jdk-$arch \ - java-10-openjdk-$arch java-10-openjdk \ - oracle-java10-jre-$arch oracle-java10-server-jre-$arch oracle-java10-jdk-$arch \ - java-11-openjdk-$arch java-11-openjdk \ - oracle-java11-jre-$arch oracle-java11-server-jre-$arch oracle-java11-jdk-$arch; do - if [ -x /usr/lib/jvm/$jvm/bin/java ]; then - export JAVA_HOME=/usr/lib/jvm/$jvm - PATH=$JAVA_HOME/bin:$PATH - break - fi -done - -if dpkg-query --version >/dev/null; then - nsspkg=$(dpkg-query -L "$(nsslib_name)" | sed -n 's,$.*$/libnss3\.so$,\1,p'|head -n 1) - nsscfg=/etc/${jvm%-$arch}/security/nss.cfg - nssjdk=$(test ! -f $nsscfg || sed -n '/nssLibraryDirectory/s/.*= *$.*$/\1/p' $nsscfg) - if [ -n "$nsspkg" ] && [ -n "$nssjdk" ] && [ "$nsspkg" != "$nssjdk" ]; then - ln -sf $nsspkg/libnss3.so $nssjdk/libnss3.so - fi - softokn3pkg=$(dpkg-query -L "$(nsslib_name)" | sed -n 's,$.*$/libsoftokn3\.so$,\1,p'|head -n 1) - if [ -n "$softokn3pkg" ] && [ -n "$nssjdk" ] && [ "$softokn3pkg" != "$nssjdk" ]; then - ln -sf $softokn3pkg/libsoftokn3.so $nssjdk/libsoftokn3.so - fi -fi - -do_cleanup() -{ - [ -z "$temp_jvm_cfg" ] || rm -f $temp_jvm_cfg - if [ -n "$nsspkg" ] && [ -n "$nssjdk" ] && [ "$nsspkg" != "$nssjdk" ] - then - rm -f $nssjdk/libnss3.so - fi - if [ -n "$softokn3pkg" ] && [ -n "$nssjdk" ] \ - && [ "$softokn3pkg" != "$nssjdk" ] - then - rm -f $nssjdk/libsoftokn3.so - fi -} - -if java -Xmx64m -jar $JAR -storepass "$storepass"; then - do_cleanup -else - do_cleanup - exit 1 -fi - -echo "done." ===================================== debian/postinst deleted ===================================== @@ -1,165 +0,0 @@ -#!/bin/bash -set -e - -# use the locale C.UTF-8 -unset LC_ALL -LC_CTYPE=C.UTF-8 -export LC_CTYPE - -storepass='changeit' -if [ -f /etc/default/cacerts ]; then - . /etc/default/cacerts -fi - -arch=`dpkg --print-architecture` -JAR=/usr/share/ca-certificates-java/ca-certificates-java.jar - -nsslib_name() -{ - if dpkg --assert-multi-arch 2>/dev/null; then - echo "libnss3:${arch}" - else - echo "libnss3" - fi -} - -setup_path() -{ - for jvm in java-7-openjdk-$arch java-7-openjdk \ - oracle-java7-jre-$arch oracle-java7-server-jre-$arch oracle-java7-jdk-$arch \ - java-8-openjdk-$arch java-8-openjdk \ - oracle-java8-jre-$arch oracle-java8-server-jre-$arch oracle-java8-jdk-$arch \ - java-9-openjdk-$arch java-9-openjdk \ - oracle-java9-jre-$arch oracle-java9-server-jre-$arch oracle-java9-jdk-$arch \ - java-10-openjdk-$arch java-10-openjdk \ - oracle-java10-jre-$arch oracle-java10-server-jre-$arch oracle-java10-jdk-$arch \ - java-11-openjdk-$arch java-11-openjdk \ - oracle-java11-jre-$arch oracle-java11-server-jre-$arch oracle-java11-jdk-$arch \ - java-12-openjdk-$arch java-12-openjdk \ - oracle-java12-jre-$arch oracle-java12-server-jre-$arch oracle-java12-jdk-$arch \ - java-13-openjdk-$arch java-13-openjdk \ - oracle-java13-jre-$arch oracle-java13-server-jre-$arch oracle-java13-jdk-$arch \ - java-14-openjdk-$arch java-14-openjdk \ - oracle-java14-jre-$arch oracle-java14-server-jre-$arch oracle-java14-jdk-$arch \ - java-15-openjdk-$arch java-15-openjdk \ - oracle-java15-jre-$arch oracle-java15-server-jre-$arch oracle-java15-jdk-$arch \ - java-16-openjdk-$arch java-16-openjdk \ - oracle-java16-jre-$arch oracle-java16-server-jre-$arch oracle-java16-jdk-$arch \ - java-17-openjdk-$arch java-17-openjdk \ - oracle-java17-jre-$arch oracle-java17-server-jre-$arch oracle-java17-jdk-$arch; do - if [ -x /usr/lib/jvm/$jvm/bin/java ]; then - export JAVA_HOME=/usr/lib/jvm/$jvm - PATH=$JAVA_HOME/bin:$PATH - break - fi - done -} - -check_proc() -{ - if ! mountpoint -q /proc; then - echo >&2 "the keytool command requires a mounted proc fs (/proc)." - exit 1 - fi -} - -convert_pkcs12_keystore_to_jks() -{ - if ! keytool -importkeystore \ - -srckeystore /etc/ssl/certs/java/cacerts \ - -destkeystore /etc/ssl/certs/java/cacerts.dpkg-new \ - -srcstoretype PKCS12 \ - -deststoretype JKS \ - -srcstorepass "$storepass" \ - -deststorepass "$storepass" \ - -noprompt; then - echo "failed to convert PKCS12 keystore to JKS" >&2 - exit 1 - fi - - # only update if /etc/default/cacerts allows - if [ "$cacerts_updates" = "yes" ]; then - mv -f /etc/ssl/certs/java/cacerts /etc/ssl/certs/java/cacerts.dpkg-old - mv -f /etc/ssl/certs/java/cacerts.dpkg-new /etc/ssl/certs/java/cacerts - fi -} - -first_install() -{ - if which dpkg-query >/dev/null; then - nsspkg=$(dpkg-query -L "$(nsslib_name)" | sed -n 's,$.*$/libnss3\.so$,\1,p'|head -n 1) - nsscfg=/etc/${jvm%-$arch}/security/nss.cfg - nssjdk=$(test ! -f $nsscfg || sed -n '/nssLibraryDirectory/s/.*= *$.*$/\1/p' $nsscfg) - if [ -n "$nsspkg" ] && [ -n "$nssjdk" ] && [ "$nsspkg" != "$nssjdk" ]; then - ln -sf $nsspkg/libnss3.so $nssjdk/libnss3.so - fi - fi - - # Forcibly remove diginotar cert (LP: #920758) - if [ -n "$FIXOLD" ]; then - echo -e "-diginotar_root_ca\n-diginotar_root_ca_pem" | \ - java -Xmx64m -jar $JAR -storepass "$storepass" - fi - - find /etc/ssl/certs -name \*.pem | \ - while read filename; do - alias=$(basename $filename .pem | tr A-Z a-z | tr -cs a-z0-9 _) - alias=${alias%*_} - if [ -n "$FIXOLD" ]; then - echo "-${alias}" - echo "-${alias}_pem" - fi - echo "+${filename}" - done | \ - java -Xmx64m -jar $JAR -storepass "$storepass" - echo "done." -} - -do_cleanup() -{ - [ -z "$temp_jvm_cfg" ] || rm -f $temp_jvm_cfg - if [ -n "$nsspkg" ] && [ -n "$nssjdk" ] && [ "$nsspkg" != "$nssjdk" ] - then - rm -f $nssjdk/libnss3.so - fi -} - -case "$1" in - configure) - if dpkg --compare-versions "$2" lt "20110912ubuntu6"; then - FIXOLD="true" - if [ -e /etc/ssl/certs/java/cacerts ]; then - cp -f /etc/ssl/certs/java/cacerts /etc/ssl/certs/java/cacerts.dpkg-old - fi - fi - - setup_path - - if dpkg --compare-versions "$2" lt "20180516"; then - if [ -e /etc/ssl/certs/java/cacerts \ - -a "$(head -c4 /etc/ssl/certs/java/cacerts)" != "$(echo -en '\xfe\xed\xfe\xed')" ]; then - check_proc - convert_pkcs12_keystore_to_jks - fi - fi - - if [ -z "$2" -o -n "$FIXOLD" ]; then - check_proc - trap do_cleanup EXIT - first_install - fi - chmod 600 /etc/default/cacerts || true - ;; - - abort-upgrade|abort-remove|abort-deconfigure) - ;; - - *) - echo "postinst called with unknown argument \`$1'" >&2 - exit 1 - ;; -esac - -#DEBHELPER# - -exit 0 ===================================== debian/postrm deleted ===================================== @@ -1,23 +0,0 @@ -#!/bin/sh - -set -e - -case "$1" in - purge) - rm -f /etc/ca-certificates/update.d/jks-keystore - rm -rf /etc/ssl/certs/java - rmdir /etc/ssl/certs 2>/dev/null || true - ;; - remove|upgrade|failed-upgrade|abort-install|abort-upgrade|disappear) - ;; - *) - echo "postrm called with unknown argument \`$1'" >&2 - exit 1 - ;; -esac - -#DEBHELPER# - -exit 0 - - ===================================== debian/rules ===================================== @@ -1,7 +1,7 @@ #!/usr/bin/make -f %: - dh $@ --with javahelper + dh $@ override_dh_auto_build: mkdir target @@ -27,12 +27,8 @@ ifeq (,$(filter nocheck,$(DEB_BUILD_OPTIONS))) org.debian.security.UpdateCertificatesTest org.debian.security.KeyStoreHandlerTest endif -override_dh_auto_install: - install -m755 debian/jks-keystore.hook debian/ca-certificates-java/etc/ca-certificates/update.d/jks-keystore - install -m600 debian/default debian/ca-certificates-java/etc/default/cacerts +override_dh_installinit: + dh_installinit --name=cacerts - dh_install target/ca-certificates-java.jar /usr/share/ca-certificates-java/ - -override_dh_link: - dh_link - rm debian/ca-certificates-java/etc/default/ca-certificates-java +execute_after_dh_fixperms: + chmod 0600 debian/ca-certificates-java/etc/default/cacerts ===================================== src/main/java/org/debian/security/UpdateCertificates.java ===================================== @@ -86,6 +86,9 @@ public class UpdateCertificates { * or {@link #deleteAlias(String)}. */ protected void parseLine(final String line) throws GeneralSecurityException, IOException, UnknownInputException { + if (line.isEmpty()) { + return; + } String path = line.substring(1); String filename = path.substring(path.lastIndexOf("/") + 1); String alias = "debian:" + filename; @@ -93,9 +96,6 @@ public class UpdateCertificates { keystore.addAlias(alias, path); } else if (line.startsWith("-")) { keystore.deleteAlias(alias); - // Remove old non-prefixed aliases, too. This code should be - // removed after the release of Wheezy. - keystore.deleteAlias(filename); } else { throw new UnknownInputException(line); } ===================================== src/test/java/org/debian/security/UpdateCertificatesTest.java ===================================== @@ -49,6 +49,16 @@ public class UpdateCertificatesTest { keystore.delete(); } + /** + * Try to send an empty command ("") in parseLine + */ + @Test + public void testEmptyCommand() throws Exception { + UpdateCertificates uc = new UpdateCertificates(ksFilename, ksPassword); + uc.parseLine(""); + uc.finish(); + } + /** * Try to send an invalid command ("x") in parseLine : throw UnknownInput */ View it on GitLab: https://salsa.debian.org/java-team/ca-certificates-java/-/compare/d1bbd3f24d600c3e5486cfcb6e372d1866d2c3c4...96009a759fa3a3b940f3f3fc86f3520bdff66f0a -- View it on GitLab: https://salsa.debian.org/java-team/ca-certificates-java/-/compare/d1bbd3f24d600c3e5486cfcb6e372d1866d2c3c4...96009a759fa3a3b940f3f3fc86f3520bdff66f0a You're receiving this email because of your account on salsa.debian.org. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gitlab at salsa.debian.org Sat Mar 20 13:27:06 2021 From: gitlab at salsa.debian.org (Pierre Gruet) Date: Sat, 20 Mar 2021 13:27:06 +0000 Subject: [Git][java-team/jalview][master] Adding French translation of debconf template Message-ID: <6055f82a4a09_27aa1e73dd4263027@godard.mail> Pierre Gruet pushed to branch master at Debian Java Maintainers / jalview Commits: 7deb8b00 by Pierre Gruet at 2021-03-20T14:26:18+01:00 Adding French translation of debconf template - - - - - 2 changed files: - debian/changelog - + debian/po/fr.po Changes: ===================================== debian/changelog ===================================== @@ -1,3 +1,10 @@ +jalview (2.11.1.3+dfsg2-6) UNRELEASED; urgency=medium + + * Adding French translation of debconf templates, thanks to Jean-Pierre + Giraud! (Closes: #985567) + + -- Pierre Gruet Sat, 20 Mar 2021 14:25:48 +0100 + jalview (2.11.1.3+dfsg2-5) unstable; urgency=medium * Making the build reproducible thanks to Chris Lamb's patch about a ===================================== debian/po/fr.po ===================================== @@ -0,0 +1,302 @@ +# Translation of jalview debconf templates to French. +# Copyright (C) 2021, French l10n team +# This file is distributed under the same license as the jalview package.. +# +# Jean-Pierre Giraud , 2021. +msgid "" +msgstr "" +"Project-Id-Version: jalview\n" +"Report-Msgid-Bugs-To: jalview at packages.debian.org\n" +"POT-Creation-Date: 2021-03-11 21:18+0100\n" +"PO-Revision-Date: 2021-03-02 19:13+0100\n" +"Last-Translator: Jean-Pierre Giraud \n" +"Language-Team: French \n" +"Language: fr_FR\n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" +"Plural-Forms: nplurals=2; plural=(n > 1);\n" +"X-Generator: Lokalize 2.0\n" + +#. Type: boolean +#. Description +#. Translators: "identifiers" or "accessions" are short tokens that may be +#. downloaded from identifiers.org to easily access some biological databases. +#. A bit more info at identifiers.org if needed. +#: ../templates:1001 +#, fuzzy +#| msgid "Allow downloading identifiers automatically from www.jalview.org?" +msgid "Automatically download identifiers from jalview.org?" +msgstr "" +"Faut-il autoriser le t?l?chargement automatique des identifiants depuis www." +"jalview.org??" + +#. Type: boolean +#. Description +#. Translators: "identifiers" or "accessions" are short tokens that may be +#. downloaded from identifiers.org to easily access some biological databases. +#. A bit more info at identifiers.org if needed. +#: ../templates:1001 +msgid "" +"Jalview can automatically download a list of identifiers.org URL templates " +"for viewing accessions from various biological databases." +msgstr "" +"Jalview peut t?l?charger automatiquement une liste de mod?les d'URL " +"d'identifiers.org pour acc?der ? la visualisation de diverses bases de " +"donn?es biologiques." + +#. Type: boolean +#. Description +#. Translators: "identifiers" or "accessions" are short tokens that may be +#. downloaded from identifiers.org to easily access some biological databases. +#. A bit more info at identifiers.org if needed. +#: ../templates:1001 +msgid "" +"This is a convenience for users but can be deactivated as it causes an " +"automatic ping to www.jalview.org/services/identifiers, which records usage " +"statistics." +msgstr "" +"Cette fonction est une facilit? offerte aux utilisateurs mais elle peut ?tre " +"d?sactiv?e parce qu'elle provoque l'envoi automatique d'un ??ping?? ? www." +"jalview.org/services/identifiers qui enregistre des statistiques " +"d'utilisation." + +#. Type: boolean +#. Description +#. Translators: "identifiers" or "accessions" are short tokens that may be +#. downloaded from identifiers.org to easily access some biological databases. +#. A bit more info at identifiers.org if needed. +#. Type: boolean +#. Description +#: ../templates:1001 ../templates:5001 +#, fuzzy +#| msgid "" +#| "Users can only override this preference from their own configuration file." +msgid "Individual users can override this setting in their configuration file." +msgstr "" +"Les utilisateurs ne peuvent annuler cette pr?f?rence qu'? partir de leur " +"fichier de configuration." + +#. Type: boolean +#. Description +#: ../templates:2001 +#, fuzzy +#| msgid "Allow automatic display of news from the Jalview website?" +msgid "Automatically display news from jalview.org?" +msgstr "" +"Faut-il permettre l'affichage automatique de nouvelles ? partir du site web " +"de Jalview??" + +#. Type: boolean +#. Description +#: ../templates:2001 +#, fuzzy +#| msgid "" +#| "Users will be automatically shown updates from https://www.jalview.org/" +#| "feeds/desktop/rss in a popup window." +msgid "" +"Jalview can automatically show updates from https://www.jalview.org/feeds/" +"desktop/rss in a popup window." +msgstr "" +"Les mises ? jour du flux ? partir de https://www.jalview.org/feeds/desktop/" +"rss seront automatiquement affich?es dans une fen?tre surgissante." + +#. Type: boolean +#. Description +#: ../templates:2001 +#, fuzzy +#| msgid "" +#| "The news feed is informative to users but its retrieval pings www.jalview." +#| "org, which records usage statistics." +msgid "" +"The news feed is informative to users but its retrieval pings www.jalview." +"org, which records usage statistics." +msgstr "" +"Le flux de nouvelles apporte des informations ? l'utilisateur, mais sa " +"r?cup?ration envoie un ??ping?? ? www.jalview.org qui enregistre des " +"statistiques d'utilisation." + +#. Type: boolean +#. Description +#: ../templates:2001 +msgid "" +"If this is disabled, users may still manually open the news reader. Users " +"can also override this preference in the Preferences window or from their " +"own configuration file." +msgstr "" +"Si cette fonction n'est pas activ?e, les utilisateurs peuvent quand m?me " +"ouvrir manuellement le lecteur de nouvelles. Les utilisateurs peuvent aussi " +"annuler cette pr?f?rence dans la fen?tre Pr?f?rences ou ? partir de leur " +"fichier de configuration." + +#. Type: boolean +#. Description +#: ../templates:3001 +msgid "Automatically check for questionnaires from jalview.org?" +msgstr "" + +#. Type: boolean +#. Description +#: ../templates:3001 +msgid "" +"User questionnaires are posted from time to time on www.jalview.org, and " +"Jalview can automatically query the site to look for them on startup, in " +"order to prompt users to complete them." +msgstr "" +"Des questionnaires ? l'intention des utilisateurs sont publi?s de temps en " +"temps sur www.jalview.org et Jalview peut demander au site de les charger " +"automatiquement au d?marrage, afin de demander aux utilisateurs de les " +"remplir." + +#. Type: boolean +#. Description +#: ../templates:3001 +msgid "" +"Logs for the questionnaire service are used to record usage statistics, and " +"anonymised cookies are stored in the user's preferences to track whether " +"they have completed the latest questionnaire." +msgstr "" +"Les journaux du service de questionnaire sont utilis?s pour enregistrer des " +"statistiques d'utilisation et des cookies anonymes sont stock?s dans les " +"pr?f?rences de l'utilisateur pour v?rifier s'il a rempli le dernier " +"questionnaire." + +#. Type: boolean +#. Description +#: ../templates:3001 +msgid "" +"Users can enable or disable this query from their own configuration file, or " +"from the Preferences window in the application." +msgstr "" +"Les utilisateurs peuvent activer ou d?sactiver cette requ?te ? partir de " +"leur fichier de configuration ou dans la fen?tre Pr?f?rences de " +"l'application." + +#. Type: boolean +#. Description +#. Translators: web services are tools for analysis that are located on web +#. servers in order to bring more functionality compared to the standalone +#. software. "discovering" them corresponds to seeing what services are +#. available. +#. The sentence beginning with "Otherwise" means the users can do this discovery +#. from the menu of the software if the administrator has disabled it. +#: ../templates:4001 +msgid "Automatically discover JABA Web Services?" +msgstr "" + +#. Type: boolean +#. Description +#. Translators: web services are tools for analysis that are located on web +#. servers in order to bring more functionality compared to the standalone +#. software. "discovering" them corresponds to seeing what services are +#. available. +#. The sentence beginning with "Otherwise" means the users can do this discovery +#. from the menu of the software if the administrator has disabled it. +#: ../templates:4001 +msgid "" +"The JABAWS system (www.compbio.dundee.ac.uk/jabaws) provides access to a " +"range of third party multiple sequence alignment and analysis tools as web " +"services." +msgstr "" +"Le syst?me JABAWS (www.compbio.dundee.ac.uk/jabaws) donne acc?s ? un " +"?ventail d'outils tiers d'alignement de s?quences multiples et d'analyse en " +"tant que service web." + +#. Type: boolean +#. Description +#. Translators: web services are tools for analysis that are located on web +#. servers in order to bring more functionality compared to the standalone +#. software. "discovering" them corresponds to seeing what services are +#. available. +#. The sentence beginning with "Otherwise" means the users can do this discovery +#. from the menu of the software if the administrator has disabled it. +#: ../templates:4001 +#, fuzzy +#| msgid "" +#| "Jalview can automatically query the public (or any other configured) " +#| "JABAWS services on start-up. Otherwise, they will need to initiate " +#| "discovery with a menu option." +msgid "" +"Jalview can automatically query the public (or any other configured) JABAWS " +"services on startup. Otherwise, users will need to initiate discovery with a " +"menu option." +msgstr "" +"Jalview peut automatiquement requ?rir les services publics JABAWS (ou " +"n'importe quel autre service configur?) au d?marrage. Sinon, l'utilisateur " +"doit lancer leur d?couverte avec une option du menu." + +#. Type: boolean +#. Description +#. Translators: web services are tools for analysis that are located on web +#. servers in order to bring more functionality compared to the standalone +#. software. "discovering" them corresponds to seeing what services are +#. available. +#. The sentence beginning with "Otherwise" means the users can do this discovery +#. from the menu of the software if the administrator has disabled it. +#: ../templates:4001 +msgid "" +"Users can enable or disable startup discovery from their own configuration " +"file or from the Preferences window in the application." +msgstr "" +"Les utilisateurs peuvent activer ou d?sactiver la d?couverte au d?marrage ? " +"partir de leur fichier de configuration ou dans la fen?tre Pr?f?rences de " +"l'application." + +#. Type: boolean +#. Description +#: ../templates:5001 +#, fuzzy +#| msgid "Allow downloading HTML templates automatically from Github?" +msgid "Automatically download HTML templates from Github?" +msgstr "" +"Faut-il permettre le t?l?chargement automatique de mod?les HTML ? partir de " +"Github??" + +#. Type: boolean +#. Description +#: ../templates:5001 +#, fuzzy +#| msgid "" +#| "Jalview automatically downloads the latest 'BioJS' HTML export template " +#| "from https://github.com/jalview/exporter-templates on startup." +msgid "" +"Jalview can automatically download the latest \"BioJS\" HTML export template " +"from https://github.com/jalview/exporter-templates on startup." +msgstr "" +"Jalview t?l?charge automatiquement le dernier mod?le HTML d'exportation de " +"??BioJS?? ? partir de https://github.com/jalview/exporter-templates au " +"d?marrage." + +#. Type: boolean +#. Description +#: ../templates:5001 +#, fuzzy +#| msgid "" +#| "This is a convenience for users but can be deactivated as it causes an " +#| "automatic ping to www.jalview.org/services/identifiers, which records " +#| "usage statistics." +msgid "" +"This is a convenience for users but can be deactivated as it causes an " +"automatic ping to Github." +msgstr "" +"Cette fonction est une facilit? offerte aux utilisateurs mais elle peut ?tre " +"d?sactiv?e parce qu'elle provoque l'envoi automatique d'un ??ping?? ? www." +"jalview.org/services/identifiers qui enregistre des statistiques " +"d'utilisation." + +#~ msgid "Allow prompts from Jalview's website about a user questionnaire?" +#~ msgstr "" +#~ "Faut-il permettre au site web de Jalview d'afficher un questionnaire ? " +#~ "l'intention de l'utilisateur??" + +#~ msgid "Allow discovery of alignment and analysis web services at startup?" +#~ msgstr "" +#~ "Faut-il permettre la d?couverte des services web d?alignement et " +#~ "d'analyse au d?marrage??" + +#~ msgid "" +#~ "Users can only enable or disable this feature from their own " +#~ "configuration file." +#~ msgstr "" +#~ "Les utilisateurs ne peuvent activer ou d?sactiver cette fonctionnalit? " +#~ "qu'? partir de leur fichier de configuration." View it on GitLab: https://salsa.debian.org/java-team/jalview/-/commit/7deb8b00b8934079d63628a9ec8e10dd295e5b07 -- View it on GitLab: https://salsa.debian.org/java-team/jalview/-/commit/7deb8b00b8934079d63628a9ec8e10dd295e5b07 You're receiving this email because of your account on salsa.debian.org. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gitlab at salsa.debian.org Mon Mar 22 03:18:44 2021 From: gitlab at salsa.debian.org (Tony Mancill) Date: Mon, 22 Mar 2021 03:18:44 +0000 Subject: [Git][java-team/velocity-tools][master] 5 commits: Initial upstream branch. Message-ID: <60580c942fa55_27aa2f8dc42280@godard.mail> Tony Mancill pushed to branch master at Debian Java Maintainers / velocity-tools Commits: 836dccdd by tony mancill at 2021-03-21T19:01:05-07:00 Initial upstream branch. - - - - - 8c973d86 by tony mancill at 2021-03-21T19:01:05-07:00 New upstream version 2.0 - - - - - 78808191 by tony mancill at 2021-03-21T19:01:05-07:00 Update Vcs URLs to point to Salsa - - - - - bde5dc61 by tony mancill at 2021-03-21T19:01:05-07:00 Apply patch for CVE-2020-13959 (closes: #985221) - - - - - abb7e7f0 by tony mancill at 2021-03-21T19:01:05-07:00 prepare changelog for upload to unstable - - - - - 30 changed files: - + CONTRIBUTORS - + LICENSE - + NOTICE - + README.txt - + STATUS - + WHY_THREE_JARS.txt - + build.properties - + build.xml - debian/changelog - debian/control - + debian/patches/CVE-2020-13959.patch - debian/patches/series - + download.xml - + examples.xml - + examples/showcase/Error.vm - + examples/showcase/VM_global_library.vm - + examples/showcase/WEB-INF/src/LayoutLinkTool.java - + examples/showcase/WEB-INF/src/MySearchTool.java - + examples/showcase/WEB-INF/src/file.xml - + examples/showcase/WEB-INF/src/otherStuff.properties - + examples/showcase/WEB-INF/src/resources.properties - + examples/showcase/WEB-INF/src/resources_de.properties - + examples/showcase/WEB-INF/src/resources_fr.properties - + examples/showcase/WEB-INF/tools.xml - + examples/showcase/WEB-INF/velocity.properties - + examples/showcase/WEB-INF/web.xml - + examples/showcase/alternator.vm - + examples/showcase/browser.vm - + examples/showcase/class.vm - + examples/showcase/context.vm The diff was not included because it is too large. View it on GitLab: https://salsa.debian.org/java-team/velocity-tools/-/compare/704ae15f285a3b345127fdc350d89b4fb7f0685d...abb7e7f0e7ac3062704824f4ab42fec67352d7f3 -- View it on GitLab: https://salsa.debian.org/java-team/velocity-tools/-/compare/704ae15f285a3b345127fdc350d89b4fb7f0685d...abb7e7f0e7ac3062704824f4ab42fec67352d7f3 You're receiving this email because of your account on salsa.debian.org. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gitlab at salsa.debian.org Mon Mar 22 03:18:45 2021 From: gitlab at salsa.debian.org (Tony Mancill) Date: Mon, 22 Mar 2021 03:18:45 +0000 Subject: [Git][java-team/velocity-tools] Pushed new tag upstream/2.0 Message-ID: <60580c95b9f97_27aa2f8dc42337@godard.mail> Tony Mancill pushed new tag upstream/2.0 at Debian Java Maintainers / velocity-tools -- View it on GitLab: https://salsa.debian.org/java-team/velocity-tools/-/tree/upstream/2.0 You're receiving this email because of your account on salsa.debian.org. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gitlab at salsa.debian.org Mon Mar 22 03:18:45 2021 From: gitlab at salsa.debian.org (Tony Mancill) Date: Mon, 22 Mar 2021 03:18:45 +0000 Subject: [Git][java-team/velocity-tools] Pushed new branch pristine-tar Message-ID: <60580c95b0a42_27aa4ef479c4232f1@godard.mail> Tony Mancill pushed new branch pristine-tar at Debian Java Maintainers / velocity-tools -- View it on GitLab: https://salsa.debian.org/java-team/velocity-tools/-/tree/pristine-tar You're receiving this email because of your account on salsa.debian.org. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gitlab at salsa.debian.org Mon Mar 22 03:18:45 2021 From: gitlab at salsa.debian.org (Tony Mancill) Date: Mon, 22 Mar 2021 03:18:45 +0000 Subject: [Git][java-team/velocity-tools] Pushed new tag debian/2.0-8 Message-ID: <60580c95cba76_27aa2f87842351@godard.mail> Tony Mancill pushed new tag debian/2.0-8 at Debian Java Maintainers / velocity-tools -- View it on GitLab: https://salsa.debian.org/java-team/velocity-tools/-/tree/debian/2.0-8 You're receiving this email because of your account on salsa.debian.org. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gitlab at salsa.debian.org Mon Mar 22 03:21:54 2021 From: gitlab at salsa.debian.org (Tony Mancill) Date: Mon, 22 Mar 2021 03:21:54 +0000 Subject: [Git][java-team/velocity-tools][upstream] 2 commits: Initial upstream branch. Message-ID: <60580d52f287_27aa45f44d04240e4@godard.mail> Tony Mancill pushed to branch upstream at Debian Java Maintainers / velocity-tools Commits: c6651ad9 by tony mancill at 2021-03-21T18:45:17-07:00 Initial upstream branch. - - - - - a912caa7 by tony mancill at 2021-03-21T18:46:06-07:00 New upstream version 2.0 - - - - - 28 changed files: - + CONTRIBUTORS - + LICENSE - + NOTICE - + README.txt - + STATUS - + WHY_THREE_JARS.txt - + build.properties - + build.xml - + download.xml - + examples.xml - + examples/showcase/Error.vm - + examples/showcase/VM_global_library.vm - + examples/showcase/WEB-INF/src/LayoutLinkTool.java - + examples/showcase/WEB-INF/src/MySearchTool.java - + examples/showcase/WEB-INF/src/file.xml - + examples/showcase/WEB-INF/src/otherStuff.properties - + examples/showcase/WEB-INF/src/resources.properties - + examples/showcase/WEB-INF/src/resources_de.properties - + examples/showcase/WEB-INF/src/resources_fr.properties - + examples/showcase/WEB-INF/tools.xml - + examples/showcase/WEB-INF/velocity.properties - + examples/showcase/WEB-INF/web.xml - + examples/showcase/alternator.vm - + examples/showcase/browser.vm - + examples/showcase/class.vm - + examples/showcase/context.vm - + examples/showcase/convert.vm - + examples/showcase/cookies.vm The diff was not included because it is too large. View it on GitLab: https://salsa.debian.org/java-team/velocity-tools/-/compare/3908a0cf8472381bcfcae956cf7a20e6a767b447...a912caa7a849089ec60c6f9a5c04c9ae5b3fad8c -- View it on GitLab: https://salsa.debian.org/java-team/velocity-tools/-/compare/3908a0cf8472381bcfcae956cf7a20e6a767b447...a912caa7a849089ec60c6f9a5c04c9ae5b3fad8c You're receiving this email because of your account on salsa.debian.org. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gitlab at salsa.debian.org Mon Mar 22 05:43:33 2021 From: gitlab at salsa.debian.org (Andrius Merkys) Date: Mon, 22 Mar 2021 05:43:33 +0000 Subject: [Git][java-team/sweethome3d][master] Locating freehep-graphicsbase (Closes: #985604) Message-ID: <60582e85c0381_27aa45f44d043295a@godard.mail> Andrius Merkys pushed to branch master at Debian Java Maintainers / sweethome3d Commits: 8bbdbf3d by Andrius Merkys at 2021-03-22T01:42:43-04:00 Locating freehep-graphicsbase (Closes: #985604) - - - - - 1 changed file: - debian/sweethome3d.sh Changes: ===================================== debian/sweethome3d.sh ===================================== @@ -13,7 +13,7 @@ find_java_runtime java7 find_jars j3dcore j3dutils vecmath batik find_jars sunflow itext janino freehep-util freehep-io freehep-xml -find_jars freehep-graphics2d freehep-graphicsio freehep-graphicsio-svg +find_jars freehep-graphics2d freehep-graphicsbase freehep-graphicsio freehep-graphicsio-svg find_jars /usr/share/sweethome3d/sweethome3d.jar find_jars /usr/share/icedtea-web/netx.jar View it on GitLab: https://salsa.debian.org/java-team/sweethome3d/-/commit/8bbdbf3d47da4d10b70f714fd158157c90114fc1 -- View it on GitLab: https://salsa.debian.org/java-team/sweethome3d/-/commit/8bbdbf3d47da4d10b70f714fd158157c90114fc1 You're receiving this email because of your account on salsa.debian.org. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gitlab at salsa.debian.org Tue Mar 23 05:42:57 2021 From: gitlab at salsa.debian.org (Andrius Merkys) Date: Tue, 23 Mar 2021 05:42:57 +0000 Subject: [Git][java-team/sweethome3d] Pushed new tag debian/6.4.2+dfsg-2 Message-ID: <60597fe1bc244_27aa7646d2c6337b0@godard.mail> Andrius Merkys pushed new tag debian/6.4.2+dfsg-2 at Debian Java Maintainers / sweethome3d -- View it on GitLab: https://salsa.debian.org/java-team/sweethome3d/-/tree/debian/6.4.2+dfsg-2 You're receiving this email because of your account on salsa.debian.org. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gitlab at salsa.debian.org Tue Mar 23 05:42:57 2021 From: gitlab at salsa.debian.org (Andrius Merkys) Date: Tue, 23 Mar 2021 05:42:57 +0000 Subject: [Git][java-team/sweethome3d][master] Update changelog for 6.4.2+dfsg-2 release Message-ID: <60597fe18ad35_27aa78f72ec633495@godard.mail> Andrius Merkys pushed to branch master at Debian Java Maintainers / sweethome3d Commits: f1b5a00f by Andrius Merkys at 2021-03-22T05:44:13-04:00 Update changelog for 6.4.2+dfsg-2 release - - - - - 1 changed file: - debian/changelog Changes: ===================================== debian/changelog ===================================== @@ -1,3 +1,10 @@ +sweethome3d (6.4.2+dfsg-2) unstable; urgency=medium + + * Team upload. + * Locating freehep-graphicsbase (Closes: #985604) + + -- Andrius Merkys Mon, 22 Mar 2021 05:44:09 -0400 + sweethome3d (6.4.2+dfsg-1) unstable; urgency=medium * New upstream version 6.4.2+dfsg. View it on GitLab: https://salsa.debian.org/java-team/sweethome3d/-/commit/f1b5a00f422e5ef91b43675a920e045994921ab3 -- View it on GitLab: https://salsa.debian.org/java-team/sweethome3d/-/commit/f1b5a00f422e5ef91b43675a920e045994921ab3 You're receiving this email because of your account on salsa.debian.org. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gitlab at salsa.debian.org Fri Mar 26 22:31:45 2021 From: gitlab at salsa.debian.org (Markus Koschany) Date: Fri, 26 Mar 2021 22:31:45 +0000 Subject: [Git][java-team/netty] Pushed new tag debian/1%4.1.48-3 Message-ID: <605e60d194ad3_40f15ef92415678a@godard.mail> Markus Koschany pushed new tag debian/1%4.1.48-3 at Debian Java Maintainers / netty -- View it on GitLab: https://salsa.debian.org/java-team/netty/-/tree/debian/1%254.1.48-3 You're receiving this email because of your account on salsa.debian.org. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gitlab at salsa.debian.org Fri Mar 26 22:31:45 2021 From: gitlab at salsa.debian.org (Markus Koschany) Date: Fri, 26 Mar 2021 22:31:45 +0000 Subject: [Git][java-team/netty][master] 3 commits: Fix CVE-2021-21295 Message-ID: <605e60d1590b4_40f15ef98815659a@godard.mail> Markus Koschany pushed to branch master at Debian Java Maintainers / netty Commits: 224b8b5c by Markus Koschany at 2021-03-26T13:36:08+01:00 Fix CVE-2021-21295 - - - - - 2110fec9 by Markus Koschany at 2021-03-26T13:38:29+01:00 Updae changelog - - - - - 200e9921 by Markus Koschany at 2021-03-26T23:25:32+01:00 Update CVE-2021-21295.patch - - - - - 3 changed files: - debian/changelog - + debian/patches/CVE-2021-21295.patch - debian/patches/series Changes: ===================================== debian/changelog ===================================== @@ -1,3 +1,19 @@ +netty (1:4.1.48-3) unstable; urgency=high + + * Team upload. + * Fix CVE-2021-21295: + There is a vulnerability that enables request smuggling. If a + Content-Length header is present in the original HTTP/2 request, the field + is not validated by `Http2MultiplexHandler` as it is propagated up. This is + fine as long as the request is not proxied through as HTTP/1.1. If the + request comes in as an HTTP/2 stream, gets converted into the HTTP/1.1 + domain objects (`HttpRequest`, `HttpContent`, etc.) via + `Http2StreamFrameToHttpObjectCodec `and then sent up to the child channel's + pipeline and proxied through a remote peer as HTTP/1.1 this may result in + request smuggling. (Closes: #984948) + + -- Markus Koschany Fri, 26 Mar 2021 13:37:15 +0100 + netty (1:4.1.48-2) unstable; urgency=high * Team upload. ===================================== debian/patches/CVE-2021-21295.patch ===================================== @@ -0,0 +1,553 @@ +From: Markus Koschany +Date: Fri, 26 Mar 2021 13:30:44 +0100 +Subject: CVE-2021-21295 + +Origin: https://github.com/netty/netty/commit/89c241e3b1795ff257af4ad6eadc616cb2fb3dc4 +--- + .../handler/codec/http/HttpObjectDecoder.java | 44 +++---- + .../java/io/netty/handler/codec/http/HttpUtil.java | 86 ++++++++++++++ + .../codec/http2/DefaultHttp2ConnectionDecoder.java | 100 ++++++++++++++-- + .../http2/DefaultHttp2ConnectionDecoderTest.java | 128 +++++++++++++++++++++ + 4 files changed, 329 insertions(+), 29 deletions(-) + +diff --git a/codec-http/src/main/java/io/netty/handler/codec/http/HttpObjectDecoder.java b/codec-http/src/main/java/io/netty/handler/codec/http/HttpObjectDecoder.java +index 4134735..1384df7 100644 +--- a/codec-http/src/main/java/io/netty/handler/codec/http/HttpObjectDecoder.java ++++ b/codec-http/src/main/java/io/netty/handler/codec/http/HttpObjectDecoder.java +@@ -102,11 +102,13 @@ import java.util.List; + * implement all abstract methods properly. + */ + public abstract class HttpObjectDecoder extends ByteToMessageDecoder { ++ public static final boolean DEFAULT_ALLOW_DUPLICATE_CONTENT_LENGTHS = false; + private static final String EMPTY_VALUE = ""; + + private final int maxChunkSize; + private final boolean chunkedSupported; + protected final boolean validateHeaders; ++ private final boolean allowDuplicateContentLengths; + private final HeaderParser headerParser; + private final LineParser lineParser; + +@@ -170,6 +172,14 @@ public abstract class HttpObjectDecoder extends ByteToMessageDecoder { + protected HttpObjectDecoder( + int maxInitialLineLength, int maxHeaderSize, int maxChunkSize, + boolean chunkedSupported, boolean validateHeaders, int initialBufferSize) { ++ this(maxInitialLineLength, maxHeaderSize, maxChunkSize, chunkedSupported, validateHeaders, initialBufferSize, ++ DEFAULT_ALLOW_DUPLICATE_CONTENT_LENGTHS); ++ } ++ ++ protected HttpObjectDecoder( ++ int maxInitialLineLength, int maxHeaderSize, int maxChunkSize, ++ boolean chunkedSupported, boolean validateHeaders, int initialBufferSize, ++ boolean allowDuplicateContentLengths) { + checkPositive(maxInitialLineLength, "maxInitialLineLength"); + checkPositive(maxHeaderSize, "maxHeaderSize"); + checkPositive(maxChunkSize, "maxChunkSize"); +@@ -180,6 +190,7 @@ public abstract class HttpObjectDecoder extends ByteToMessageDecoder { + this.maxChunkSize = maxChunkSize; + this.chunkedSupported = chunkedSupported; + this.validateHeaders = validateHeaders; ++ this.allowDuplicateContentLengths = allowDuplicateContentLengths; + } + + @Override +@@ -585,34 +596,27 @@ public abstract class HttpObjectDecoder extends ByteToMessageDecoder { + name = null; + value = null; + +- List values = headers.getAll(HttpHeaderNames.CONTENT_LENGTH); +- int contentLengthValuesCount = values.size(); ++ List contentLengthFields = headers.getAll(HttpHeaderNames.CONTENT_LENGTH); + +- if (contentLengthValuesCount > 0) { ++ if (!contentLengthFields.isEmpty()) { ++ HttpVersion version = message.protocolVersion(); ++ boolean isHttp10OrEarlier = version.majorVersion() < 1 || (version.majorVersion() == 1 ++ && version.minorVersion() == 0); + // Guard against multiple Content-Length headers as stated in + // https://tools.ietf.org/html/rfc7230#section-3.3.2: +- // +- // If a message is received that has multiple Content-Length header +- // fields with field-values consisting of the same decimal value, or a +- // single Content-Length header field with a field value containing a +- // list of identical decimal values (e.g., "Content-Length: 42, 42"), +- // indicating that duplicate Content-Length header fields have been +- // generated or combined by an upstream message processor, then the +- // recipient MUST either reject the message as invalid or replace the +- // duplicated field-values with a single valid Content-Length field +- // containing that decimal value prior to determining the message body +- // length or forwarding the message. +- if (contentLengthValuesCount > 1 && message.protocolVersion() == HttpVersion.HTTP_1_1) { +- throw new IllegalArgumentException("Multiple Content-Length headers found"); +- } +- contentLength = Long.parseLong(values.get(0)); +- } ++ ++ contentLength = HttpUtil.normalizeAndGetContentLength(contentLengthFields, ++ isHttp10OrEarlier, allowDuplicateContentLengths); ++ if (contentLength != -1) { ++ headers.set(HttpHeaderNames.CONTENT_LENGTH, contentLength); ++ } ++ } + + if (isContentAlwaysEmpty(message)) { + HttpUtil.setTransferEncodingChunked(message, false); + return State.SKIP_CONTROL_CHARS; + } else if (HttpUtil.isTransferEncodingChunked(message)) { +- if (contentLengthValuesCount > 0 && message.protocolVersion() == HttpVersion.HTTP_1_1) { ++ if (!contentLengthFields.isEmpty() && message.protocolVersion() == HttpVersion.HTTP_1_1) { + handleTransferEncodingChunkedWithContentLength(message); + } + return State.READ_CHUNK_SIZE; +diff --git a/codec-http/src/main/java/io/netty/handler/codec/http/HttpUtil.java b/codec-http/src/main/java/io/netty/handler/codec/http/HttpUtil.java +index 31fd14d..afa3ec4 100644 +--- a/codec-http/src/main/java/io/netty/handler/codec/http/HttpUtil.java ++++ b/codec-http/src/main/java/io/netty/handler/codec/http/HttpUtil.java +@@ -24,10 +24,14 @@ import java.util.ArrayList; + import java.util.Iterator; + import java.util.List; + ++import io.netty.handler.codec.Headers; + import io.netty.util.AsciiString; + import io.netty.util.CharsetUtil; + import io.netty.util.NetUtil; + import io.netty.util.internal.ObjectUtil; ++import io.netty.util.internal.UnstableApi; ++ ++import static io.netty.util.internal.StringUtil.COMMA; + + /** + * Utility methods useful in the HTTP context. +@@ -36,6 +40,7 @@ public final class HttpUtil { + + private static final AsciiString CHARSET_EQUALS = AsciiString.of(HttpHeaderValues.CHARSET + "="); + private static final AsciiString SEMICOLON = AsciiString.cached(";"); ++ private static final String COMMA_STRING = String.valueOf(COMMA); + + private HttpUtil() { } + +@@ -530,4 +535,85 @@ public final class HttpUtil { + } + return hostString; + } ++ ++ /** ++ * Validates, and optionally extracts the content length from headers. This method is not intended for ++ * general use, but is here to be shared between HTTP/1 and HTTP/2 parsing. ++ * ++ * @param contentLengthFields the content-length header fields. ++ * @param isHttp10OrEarlier {@code true} if we are handling HTTP/1.0 or earlier ++ * @param allowDuplicateContentLengths {@code true} if multiple, identical-value content lengths should be allowed. ++ * @return the normalized content length from the headers or {@code -1} if the fields were empty. ++ * @throws IllegalArgumentException if the content-length fields are not valid ++ */ ++ @UnstableApi ++ public static long normalizeAndGetContentLength( ++ List contentLengthFields, boolean isHttp10OrEarlier, ++ boolean allowDuplicateContentLengths) { ++ if (contentLengthFields.isEmpty()) { ++ return -1; ++ } ++ ++ // Guard against multiple Content-Length headers as stated in ++ // https://tools.ietf.org/html/rfc7230#section-3.3.2: ++ // ++ // If a message is received that has multiple Content-Length header ++ // fields with field-values consisting of the same decimal value, or a ++ // single Content-Length header field with a field value containing a ++ // list of identical decimal values (e.g., "Content-Length: 42, 42"), ++ // indicating that duplicate Content-Length header fields have been ++ // generated or combined by an upstream message processor, then the ++ // recipient MUST either reject the message as invalid or replace the ++ // duplicated field-values with a single valid Content-Length field ++ // containing that decimal value prior to determining the message body ++ // length or forwarding the message. ++ String firstField = contentLengthFields.get(0).toString(); ++ boolean multipleContentLengths = ++ contentLengthFields.size() > 1 || firstField.indexOf(COMMA) >= 0; ++ ++ if (multipleContentLengths && !isHttp10OrEarlier) { ++ if (allowDuplicateContentLengths) { ++ // Find and enforce that all Content-Length values are the same ++ String firstValue = null; ++ for (CharSequence field : contentLengthFields) { ++ String[] tokens = field.toString().split(COMMA_STRING, -1); ++ for (String token : tokens) { ++ String trimmed = token.trim(); ++ if (firstValue == null) { ++ firstValue = trimmed; ++ } else if (!trimmed.equals(firstValue)) { ++ throw new IllegalArgumentException( ++ "Multiple Content-Length values found: " + contentLengthFields); ++ } ++ } ++ } ++ // Replace the duplicated field-values with a single valid Content-Length field ++ firstField = firstValue; ++ } else { ++ // Reject the message as invalid ++ throw new IllegalArgumentException( ++ "Multiple Content-Length values found: " + contentLengthFields); ++ } ++ } ++ // Ensure we not allow sign as part of the content-length: ++ // See https://github.com/squid-cache/squid/security/advisories/GHSA-qf3v-rc95-96j5 ++ if (!Character.isDigit(firstField.charAt(0))) { ++ // Reject the message as invalid ++ throw new IllegalArgumentException( ++ "Content-Length value is not a number: " + firstField); ++ } ++ try { ++ final long value = Long.parseLong(firstField); ++ if (value < 0) { ++ // Reject the message as invalid ++ throw new IllegalArgumentException( ++ "Content-Length value must be >=0: " + value); ++ } ++ return value; ++ } catch (NumberFormatException e) { ++ // Reject the message as invalid ++ throw new IllegalArgumentException( ++ "Content-Length value is not a number: " + firstField, e); ++ } ++ } + } +diff --git a/codec-http2/src/main/java/io/netty/handler/codec/http2/DefaultHttp2ConnectionDecoder.java b/codec-http2/src/main/java/io/netty/handler/codec/http2/DefaultHttp2ConnectionDecoder.java +index 10da347..5b6e3f7 100644 +--- a/codec-http2/src/main/java/io/netty/handler/codec/http2/DefaultHttp2ConnectionDecoder.java ++++ b/codec-http2/src/main/java/io/netty/handler/codec/http2/DefaultHttp2ConnectionDecoder.java +@@ -16,8 +16,11 @@ package io.netty.handler.codec.http2; + + import io.netty.buffer.ByteBuf; + import io.netty.channel.ChannelHandlerContext; ++import io.netty.handler.codec.http.HttpHeaderNames; + import io.netty.handler.codec.http.HttpStatusClass; ++import io.netty.handler.codec.http.HttpUtil; + import io.netty.handler.codec.http2.Http2Connection.Endpoint; ++import io.netty.util.internal.SystemPropertyUtil; + import io.netty.util.internal.UnstableApi; + import io.netty.util.internal.logging.InternalLogger; + import io.netty.util.internal.logging.InternalLoggerFactory; +@@ -49,6 +52,8 @@ import static java.lang.Math.min; + */ + @UnstableApi + public class DefaultHttp2ConnectionDecoder implements Http2ConnectionDecoder { ++ private static final boolean VALIDATE_CONTENT_LENGTH = ++ SystemPropertyUtil.getBoolean("io.netty.http2.validateContentLength", true); + private static final InternalLogger logger = InternalLoggerFactory.getInstance(DefaultHttp2ConnectionDecoder.class); + private Http2FrameListener internalFrameListener = new PrefaceFrameListener(); + private final Http2Connection connection; +@@ -59,6 +64,7 @@ public class DefaultHttp2ConnectionDecoder implements Http2ConnectionDecoder { + private final Http2PromisedRequestVerifier requestVerifier; + private final Http2SettingsReceivedConsumer settingsReceivedConsumer; + private final boolean autoAckPing; ++ private final Http2Connection.PropertyKey contentLengthKey; + + public DefaultHttp2ConnectionDecoder(Http2Connection connection, + Http2ConnectionEncoder encoder, +@@ -125,6 +131,7 @@ public class DefaultHttp2ConnectionDecoder implements Http2ConnectionDecoder { + settingsReceivedConsumer = (Http2SettingsReceivedConsumer) encoder; + } + this.connection = checkNotNull(connection, "connection"); ++ contentLengthKey = this.connection.newKey(); + this.frameReader = checkNotNull(frameReader, "frameReader"); + this.encoder = checkNotNull(encoder, "encoder"); + this.requestVerifier = checkNotNull(requestVerifier, "requestVerifier"); +@@ -223,6 +230,23 @@ public class DefaultHttp2ConnectionDecoder implements Http2ConnectionDecoder { + listener.onUnknownFrame(ctx, frameType, streamId, flags, payload); + } + ++ // See https://tools.ietf.org/html/rfc7540#section-8.1.2.6 ++ private void verifyContentLength(Http2Stream stream, int data, boolean isEnd) throws Http2Exception { ++ if (!VALIDATE_CONTENT_LENGTH) { ++ return; ++ } ++ ContentLength contentLength = stream.getProperty(contentLengthKey); ++ if (contentLength != null) { ++ try { ++ contentLength.increaseReceivedBytes(connection.isServer(), stream.id(), data, isEnd); ++ } finally { ++ if (isEnd) { ++ stream.removeProperty(contentLengthKey); ++ } ++ } ++ } ++ } ++ + /** + * Handles all inbound frames from the network. + */ +@@ -232,7 +256,8 @@ public class DefaultHttp2ConnectionDecoder implements Http2ConnectionDecoder { + boolean endOfStream) throws Http2Exception { + Http2Stream stream = connection.stream(streamId); + Http2LocalFlowController flowController = flowController(); +- int bytesToReturn = data.readableBytes() + padding; ++ int readable = data.readableBytes(); ++ int bytesToReturn = readable + padding; + + final boolean shouldIgnore; + try { +@@ -259,7 +284,6 @@ public class DefaultHttp2ConnectionDecoder implements Http2ConnectionDecoder { + // All bytes have been consumed. + return bytesToReturn; + } +- + Http2Exception error = null; + switch (stream.state()) { + case OPEN: +@@ -287,6 +311,8 @@ public class DefaultHttp2ConnectionDecoder implements Http2ConnectionDecoder { + throw error; + } + ++ verifyContentLength(stream, readable, endOfStream); ++ + // Call back the application and retrieve the number of bytes that have been + // immediately processed. + bytesToReturn = listener.onDataRead(ctx, streamId, data, padding, endOfStream); +@@ -367,14 +393,34 @@ public class DefaultHttp2ConnectionDecoder implements Http2ConnectionDecoder { + stream.state()); + } + +- stream.headersReceived(isInformational); +- encoder.flowController().updateDependencyTree(streamId, streamDependency, weight, exclusive); +- +- listener.onHeadersRead(ctx, streamId, headers, streamDependency, weight, exclusive, padding, endOfStream); ++ if (!stream.isHeadersReceived()) { ++ // extract the content-length header ++ List contentLength = headers.getAll(HttpHeaderNames.CONTENT_LENGTH); ++ if (contentLength != null && !contentLength.isEmpty()) { ++ try { ++ long cLength = HttpUtil.normalizeAndGetContentLength(contentLength, false, true); ++ if (cLength != -1) { ++ headers.setLong(HttpHeaderNames.CONTENT_LENGTH, cLength); ++ stream.setProperty(contentLengthKey, new ContentLength(cLength)); ++ } ++ } catch (IllegalArgumentException e) { ++ throw streamError(stream.id(), PROTOCOL_ERROR, ++ "Multiple content-length headers received", e); ++ } ++ } ++ } + +- // If the headers completes this stream, close it. +- if (endOfStream) { +- lifecycleManager.closeStreamRemote(stream, ctx.newSucceededFuture()); ++ stream.headersReceived(isInformational); ++ try { ++ verifyContentLength(stream, 0, endOfStream); ++ encoder.flowController().updateDependencyTree(streamId, streamDependency, weight, exclusive); ++ listener.onHeadersRead(ctx, streamId, headers, streamDependency, ++ weight, exclusive, padding, endOfStream); ++ } finally { ++ // If the headers completes this stream, close it. ++ if (endOfStream) { ++ lifecycleManager.closeStreamRemote(stream, ctx.newSucceededFuture()); ++ } + } + } + +@@ -740,4 +786,40 @@ public class DefaultHttp2ConnectionDecoder implements Http2ConnectionDecoder { + onUnknownFrame0(ctx, frameType, streamId, flags, payload); + } + } ++ ++ private static final class ContentLength { ++ private final long expected; ++ private long seen; ++ ++ ContentLength(long expected) { ++ this.expected = expected; ++ } ++ ++ void increaseReceivedBytes(boolean server, int streamId, int bytes, boolean isEnd) throws Http2Exception { ++ seen += bytes; ++ // Check for overflow ++ if (seen < 0) { ++ throw streamError(streamId, PROTOCOL_ERROR, ++ "Received amount of data did overflow and so not match content-length header %d", expected); ++ } ++ // Check if we received more data then what was advertised via the content-length header. ++ if (seen > expected) { ++ throw streamError(streamId, PROTOCOL_ERROR, ++ "Received amount of data %d does not match content-length header %d", seen, expected); ++ } ++ ++ if (isEnd) { ++ if (seen == 0 && !server) { ++ // This may be a response to a HEAD request, let's just allow it. ++ return; ++ } ++ ++ // Check that we really saw what was told via the content-length header. ++ if (expected > seen) { ++ throw streamError(streamId, PROTOCOL_ERROR, ++ "Received amount of data %d does not match content-length header %d", seen, expected); ++ } ++ } ++ } ++ } + } +diff --git a/codec-http2/src/test/java/io/netty/handler/codec/http2/DefaultHttp2ConnectionDecoderTest.java b/codec-http2/src/test/java/io/netty/handler/codec/http2/DefaultHttp2ConnectionDecoderTest.java +index 9eb66bc..c1bcc33 100644 +--- a/codec-http2/src/test/java/io/netty/handler/codec/http2/DefaultHttp2ConnectionDecoderTest.java ++++ b/codec-http2/src/test/java/io/netty/handler/codec/http2/DefaultHttp2ConnectionDecoderTest.java +@@ -21,17 +21,21 @@ import io.netty.channel.ChannelFuture; + import io.netty.channel.ChannelHandlerContext; + import io.netty.channel.ChannelPromise; + import io.netty.channel.DefaultChannelPromise; ++import io.netty.handler.codec.http.HttpHeaderNames; + import io.netty.handler.codec.http.HttpResponseStatus; + import junit.framework.AssertionFailedError; + import org.junit.Before; + import org.junit.Test; + import org.mockito.ArgumentCaptor; ++import org.mockito.ArgumentMatchers; + import org.mockito.Mock; + import org.mockito.MockitoAnnotations; + import org.mockito.invocation.InvocationOnMock; + import org.mockito.stubbing.Answer; + + import java.util.Collections; ++import java.util.IdentityHashMap; ++import java.util.Map; + import java.util.concurrent.atomic.AtomicInteger; + + import static io.netty.buffer.Unpooled.EMPTY_BUFFER; +@@ -133,6 +137,21 @@ public class DefaultHttp2ConnectionDecoderTest { + when(stream.id()).thenReturn(STREAM_ID); + when(stream.state()).thenReturn(OPEN); + when(stream.open(anyBoolean())).thenReturn(stream); ++ ++ final Map properties = new IdentityHashMap(); ++ when(stream.getProperty(ArgumentMatchers.any())).thenAnswer(new Answer