You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by re...@apache.org on 2020/06/05 09:11:53 UTC
[tomcat] branch 9.0.x updated: Document TLS environment update
This is an automated email from the ASF dual-hosted git repository.
remm pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/9.0.x by this push:
new 4689a26 Document TLS environment update
4689a26 is described below
commit 4689a266effcfa6960a8c79d25f5dc03e679a9e2
Author: remm <re...@apache.org>
AuthorDate: Fri Jun 5 11:09:42 2020 +0200
Document TLS environment update
---
webapps/docs/changelog.xml | 4 ++++
webapps/docs/rewrite.xml | 13 ++++++++++---
2 files changed, 14 insertions(+), 3 deletions(-)
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 1d18452..facde6e 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -53,6 +53,10 @@
the sole feature that depends on it (anti-resource locking) is
configured and can't be used. (markt)
</add>
+ <update>
+ Implement a significant portion of the TLS environment variables for
+ the rewrite valve. (remm)
+ </update>
</changelog>
</subsection>
<subsection name="Coyote">
diff --git a/webapps/docs/rewrite.xml b/webapps/docs/rewrite.xml
index be1befa..ea98d42 100644
--- a/webapps/docs/rewrite.xml
+++ b/webapps/docs/rewrite.xml
@@ -245,9 +245,16 @@
<li>
<code>%{SSL:variable}</code>, where <em>variable</em> is the
name of an SSL environment
- variable, are not implemented, except
- <code>SSL_PROTOCOL</code>, <code>SSL_SESSION_ID</code>,
- <code>SSL_CIPHER</code> and <code>SSL_CIPHER_USEKEYSIZE</code>.
+ variable, are implemented, except
+ <code>SSL_SESSION_RESUMED</code>, <code>SSL_SECURE_RENEG</code>,
+ <code>SSL_COMPRESS_METHOD</code>, <code>SSL_TLS_SNI</code>,
+ <code>SSL_SRP_USER</code>, <code>SSL_SRP_USERINFO</code>,
+ <code>SSL_CLIENT_VERIFY</code>,
+ <code>SSL_CLIENT_SAN_OTHER_msUPN_n</code>,
+ <code>SSL_CLIENT_CERT_RFC4523_CEA</code>,
+ <code>SSL_SERVER_SAN_OTHER_dnsSRV_n</code>.
+ When OpenSSL is used, the variables related to the server
+ certificate, prefixed by <code>SSL_SERVER_</code> are not available.
Example:
<code>%{SSL:SSL_CIPHER_USEKEYSIZE}</code> may expand to
<code>128</code>.</li>
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org