debian/0000755000000000000000000000000012314310101007150 5ustar debian/compat0000644000000000000000000000000212305325001010353 0ustar 7 debian/axis.bnd0000644000000000000000000000031612305325001010606 0ustar Bundle-Name: Apache Axis Bundle-SymbolicName: org.apache.axis Bundle-Version: 1.4 Bundle-Vendor: Debian.org Import-Package: !com.sun.net.ssl.*, !sun.awt.image.codec, !sun.security.provider, * -nouses: true debian/rules0000755000000000000000000000224312314307730010247 0ustar #!/usr/bin/make -f include /usr/share/cdbs/1/rules/debhelper.mk include /usr/share/cdbs/1/class/ant.mk JAVA_HOME := /usr/lib/jvm/default-java DEB_JARS := $(ANT_HOME)/lib/ant-nodeps.jar wsdl4j commons-logging commons-discovery commons-httpclient gnumail servlet-api-3.0 xmlParserAPIs xercesImpl DEB_ANT_BUILD_TARGET := compile javadocs common-post-build-indep:: for BNDFILE in debian/*.bnd; do \ JARPATH=build/lib/`basename $$BNDFILE .bnd`.jar; \ bnd wrap -properties $$BNDFILE -output $$JARPATH $$JARPATH; \ done DEB_INSTALL_CHANGELOGS_ALL := changelog.html install/libaxis-java:: mh_installpoms -plibaxis-java -e$(DEB_UPSTREAM_VERSION) mh_installjar -plibaxis-java -l debian/poms/axis.xml build/lib/axis.jar mh_installjar -plibaxis-java -l debian/poms/saaj.xml build/lib/saaj.jar mh_installjar -plibaxis-java -l debian/poms/jaxrpc.xml build/lib/jaxrpc.jar mh_installjar -plibaxis-java -l debian/poms/ant.xml build/lib/axis-ant.jar install/libaxis-java-doc:: mv build/javadocs build/api dh_install -plibaxis-java-doc build/api/ /usr/share/doc/libaxis-java/ clean:: -rm -rf debian/tmp -rm -rf build/api mh_clean get-orig-source:: uscan --force-download --rename debian/copyright0000644000000000000000000000132112305325001011105 0ustar Format: http://anonscm.debian.org/viewvc/dep/web/deps/dep5.mdwn?revision=202 Upstream-Name: Apache Axis Upstream-Contact: http://ws.apache.org/axis/ Source: http://www.apache.org/dist/ws/axis/1_4/ Files: * Copyright: 2006-2008, Apache Foundation License: Apache-2.0 Files: debian/* Copyright: 2006, Vladimír Lapáček 2006-2010, various Debian Contributors 2010, Damien Raude-Morvan License: Apache-2.0 License: Apache-2.0 Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. . The full text of the license can be found in `/usr/share/common-licenses/Apache-2.0'. debian/source/0000755000000000000000000000000012305331071010461 5ustar debian/source/format0000644000000000000000000000001412305325001011663 0ustar 3.0 (quilt) debian/libaxis-java.links0000644000000000000000000000025712305325001012575 0ustar /usr/share/java/axis-ant.jar /usr/share/ant/lib/axis-ant.jar /usr/share/java/axis-jaxrpc.jar /usr/share/java/jaxrpc.jar /usr/share/java/axis-saaj.jar /usr/share/java/saaj.jar debian/watch0000644000000000000000000000015112305325001010203 0ustar version=3 opts=uversionmangle=s/_/./ \ http://archive.apache.org/dist/ws/axis/1_4/ axis-src-(.*).tar.gz debian/libaxis-java-doc.doc-base0000644000000000000000000000042112305325001013666 0ustar Document: libaxis-java-doc Title: API Javadoc for Axis Author: Apache Axis Abstract: This is the API Javadoc provided by the Apache Axis library. Section: Programming Format: HTML Index: /usr/share/doc/libaxis-java/api/index.html Files: /usr/share/doc/libaxis-java/api/* debian/saaj.bnd0000644000000000000000000000016612305325001010563 0ustar Bundle-Name: SAAJ Bundle-SymbolicName: javax.xml.soap Bundle-Version: 1.4 Bundle-Vendor: Debian.org Import-Package: * debian/patches/0000755000000000000000000000000012305331071010610 5ustar debian/patches/series0000644000000000000000000000015112305325001012016 0ustar 01-libaxis-java-build.patch 02-gcj-4.4.patch axis-bz152255.patch javadoc.diff 06-fix-CVE-2012-5784.patch debian/patches/axis-bz152255.patch0000644000000000000000000002475212305325001013700 0ustar Description: Fix build with Java 1.5 Author: some Fedora packagers Forwarded: no Last-Update: 2010-03-20 --- a/src/org/apache/axis/SOAPPart.java +++ b/src/org/apache/axis/SOAPPart.java @@ -34,6 +34,7 @@ import org.w3c.dom.Attr; import org.w3c.dom.CDATASection; import org.w3c.dom.Comment; +import org.w3c.dom.DOMConfiguration; import org.w3c.dom.DOMException; import org.w3c.dom.DOMImplementation; import org.w3c.dom.Document; @@ -46,6 +47,7 @@ import org.w3c.dom.NodeList; import org.w3c.dom.ProcessingInstruction; import org.w3c.dom.Text; +import org.w3c.dom.UserDataHandler; import org.xml.sax.InputSource; import org.xml.sax.SAXException; @@ -1280,5 +1282,102 @@ public boolean isBodyStream() { return (currentForm == SOAPPart.FORM_INPUTSTREAM || currentForm == SOAPPart.FORM_BODYINSTREAM); } + + /** + * DOM Level 3 stubs + */ + + public String getBaseURI() { + throw new RuntimeException("not implemented"); + } + + public boolean getXmlStandalone() { + throw new RuntimeException("not implemented"); + } + + public Object setUserData( + String key, Object data, UserDataHandler handler) { + throw new RuntimeException("not implemented"); + } + + public void setDocumentURI(String documentURI) { + throw new RuntimeException("not implemented"); + } + + public void setXmlStandalone(boolean xmlStandalone) { + throw new RuntimeException("not implemented"); + } + + public Node renameNode(Node n, String namespaceURI, String qualifiedName) { + throw new RuntimeException("not implemented"); + } + + public String getInputEncoding() { + throw new RuntimeException("not implemented"); + } + + public String getXmlEncoding() { + throw new RuntimeException("not implemented"); + } + + public void setTextContent(String textContent) { + throw new RuntimeException("not implemented"); + } + + public boolean isSameNode(Node other) { + throw new RuntimeException("not implemented"); + } + + public String getDocumentURI() { + throw new RuntimeException("not implemented"); + } + + public Object getFeature(String feature, String version) { + throw new RuntimeException("not implemented"); + } + + public boolean isDefaultNamespace(String namespaceURI) { + throw new RuntimeException("not implemented"); + } + + public String lookupPrefix(String namespaceURI) { + throw new RuntimeException("not implemented"); + } + + public boolean isEqualNode(Node arg) { + throw new RuntimeException("not implemented"); + } + + public void setXmlVersion(String xmlVersion) { + throw new RuntimeException("not implemented"); + } + + public String getXmlVersion() { + throw new RuntimeException("not implemented"); + } + + public Object getUserData(String key) { + throw new RuntimeException("not implemented"); + } + + public String getTextContent() { + throw new RuntimeException("not implemented"); + } + + public void normalizeDocument() { + throw new RuntimeException("not implemented"); + } + + public String lookupNamespaceURI(String prefix) { + throw new RuntimeException("not implemented"); + } + + public DOMConfiguration getDomConfig() { + throw new RuntimeException("not implemented"); + } + + public short compareDocumentPosition(Node other) { + throw new RuntimeException("not implemented"); + } } --- a/src/org/apache/axis/message/NodeImpl.java +++ b/src/org/apache/axis/message/NodeImpl.java @@ -30,6 +30,8 @@ import org.w3c.dom.Node; import org.w3c.dom.NodeList; import org.w3c.dom.Text; +import org.w3c.dom.TypeInfo; +import org.w3c.dom.UserDataHandler; import org.xml.sax.Attributes; import org.xml.sax.helpers.AttributesImpl; @@ -857,4 +859,74 @@ } this._isDirty = false; } + + /** + * DOM Level 3 stubs + */ + + public void setIdAttributeNS( + String namespaceURI, String localName, boolean isId) { + throw new RuntimeException("not implemented"); + } + + public void setIdAttribute(String name, boolean isId) { + throw new RuntimeException("not implemented"); + } + + public void setIdAttributeNode(Attr idAttr, boolean isId) { + throw new RuntimeException("not implemented"); + } + + public TypeInfo getSchemaTypeInfo() { + throw new RuntimeException("not implemented"); + } + + public Object setUserData( + String key, Object data, UserDataHandler handler) { + throw new RuntimeException("not implemented"); + } + + public String getBaseURI() { + throw new RuntimeException("not implemented"); + } + + public String getTextContent() { + throw new RuntimeException("not implemented"); + } + + public boolean isSameNode(Node other) { + throw new RuntimeException("not implemented"); + } + + public void setTextContent(String textContent) { + throw new RuntimeException("not implemented"); + } + + public Object getUserData(String key) { + throw new RuntimeException("not implemented"); + } + + public boolean isDefaultNamespace(String namespaceURI) { + throw new RuntimeException("not implemented"); + } + + public Object getFeature(String feature, String version) { + throw new RuntimeException("not implemented"); + } + + public boolean isEqualNode(Node arg) { + throw new RuntimeException("not implemented"); + } + + public short compareDocumentPosition(Node other) { + throw new RuntimeException("not implemented"); + } + + public String lookupNamespaceURI(String prefix) { + throw new RuntimeException("not implemented"); + } + + public String lookupPrefix(String namespaceURI) { + throw new RuntimeException("not implemented"); + } } --- a/src/org/apache/axis/message/SOAPDocumentImpl.java +++ b/src/org/apache/axis/message/SOAPDocumentImpl.java @@ -25,6 +25,7 @@ import org.w3c.dom.Attr; import org.w3c.dom.CDATASection; import org.w3c.dom.Comment; +import org.w3c.dom.DOMConfiguration; import org.w3c.dom.DOMException; import org.w3c.dom.DOMImplementation; import org.w3c.dom.Document; @@ -36,6 +37,7 @@ import org.w3c.dom.Node; import org.w3c.dom.NodeList; import org.w3c.dom.ProcessingInstruction; +import org.w3c.dom.UserDataHandler; import javax.xml.parsers.ParserConfigurationException; import javax.xml.soap.SOAPException; @@ -681,4 +683,113 @@ public boolean hasAttributes() { throw new DOMException(DOMException.NOT_SUPPORTED_ERR, ""); } + + /** + * DOM Level 3 stubs + */ + + public String getBaseURI() { + throw new DOMException(DOMException.NOT_SUPPORTED_ERR, ""); + } + + public boolean getXmlStandalone() { + throw new DOMException(DOMException.NOT_SUPPORTED_ERR, ""); + } + + public boolean getStrictErrorChecking() { + throw new DOMException(DOMException.NOT_SUPPORTED_ERR, ""); + } + + public void setXmlStandalone(boolean xmlStandalone) { + throw new DOMException(DOMException.NOT_SUPPORTED_ERR, ""); + } + + public Node renameNode(Node n, String namespaceURI, String qualifiedName) { + throw new DOMException(DOMException.NOT_SUPPORTED_ERR, ""); + } + + public void setStrictErrorChecking(boolean strictErrorChecking) { + throw new DOMException(DOMException.NOT_SUPPORTED_ERR, ""); + } + + public Object setUserData( + String key, Object data, UserDataHandler handler) { + throw new DOMException(DOMException.NOT_SUPPORTED_ERR, ""); + } + + public String getInputEncoding() { + throw new DOMException(DOMException.NOT_SUPPORTED_ERR, ""); + } + + public String getXmlEncoding() { + throw new DOMException(DOMException.NOT_SUPPORTED_ERR, ""); + } + + public void setTextContent(String textContent) { + throw new DOMException(DOMException.NOT_SUPPORTED_ERR, ""); + } + + public boolean isSameNode(Node other) { + throw new DOMException(DOMException.NOT_SUPPORTED_ERR, ""); + } + + public String getDocumentURI() { + throw new DOMException(DOMException.NOT_SUPPORTED_ERR, ""); + } + + public void setDocumentURI(String documentURI) { + throw new DOMException(DOMException.NOT_SUPPORTED_ERR, ""); + } + + public Object getFeature(String feature, String version) { + throw new DOMException(DOMException.NOT_SUPPORTED_ERR, ""); + } + + public Node adoptNode(Node source) { + throw new DOMException(DOMException.NOT_SUPPORTED_ERR, ""); + } + + public boolean isDefaultNamespace(String namespaceURI) { + throw new DOMException(DOMException.NOT_SUPPORTED_ERR, ""); + } + + public boolean isEqualNode(Node arg) { + throw new DOMException(DOMException.NOT_SUPPORTED_ERR, ""); + } + + public void setXmlVersion(String xmlVersion) { + throw new DOMException(DOMException.NOT_SUPPORTED_ERR, ""); + } + + public String getXmlVersion() { + throw new DOMException(DOMException.NOT_SUPPORTED_ERR, ""); + } + + public String lookupPrefix(String namespaceURI) { + throw new DOMException(DOMException.NOT_SUPPORTED_ERR, ""); + } + + public Object getUserData(String key) { + throw new DOMException(DOMException.NOT_SUPPORTED_ERR, ""); + } + + public String getTextContent() { + throw new DOMException(DOMException.NOT_SUPPORTED_ERR, ""); + } + + public void normalizeDocument() { + throw new DOMException(DOMException.NOT_SUPPORTED_ERR, ""); + } + + public String lookupNamespaceURI(String prefix) { + throw new DOMException(DOMException.NOT_SUPPORTED_ERR, ""); + } + + public DOMConfiguration getDomConfig() { + throw new DOMException(DOMException.NOT_SUPPORTED_ERR, ""); + } + + public short compareDocumentPosition(Node other) { + throw new DOMException(DOMException.NOT_SUPPORTED_ERR, ""); + } } --- a/src/org/apache/axis/message/Text.java +++ b/src/org/apache/axis/message/Text.java @@ -213,4 +213,19 @@ return ( textRep.getData() != null ? textRep.getData().hashCode() : 0 ); } + /** + * DOM Level 3 stubs + */ + + public String getWholeText() { + throw new RuntimeException("not implemented"); + } + + public boolean isElementContentWhitespace() { + throw new RuntimeException("not implemented"); + } + + public org.w3c.dom.Text replaceWholeText(String content) { + throw new RuntimeException("not implemented"); + } } debian/patches/06-fix-CVE-2012-5784.patch0000644000000000000000000002513112305325001014242 0ustar Description: Fixed CN extraction from DN of X500 principal and wildcard validation axis (1.4-16.2) unstable; urgency=low * Fixed CN extraction from DN of X500 principal and wildcard validation Author: Alberto Fernández Martínez Origin: other Bug-Debian: http://bugs.debian.org/692650 Forwarded: https://issues.apache.org/jira/browse/AXIS-2883 Last-Update: <2012-12-06> --- axis-1.4.orig/src/org/apache/axis/components/net/JSSESocketFactory.java +++ axis-1.4/src/org/apache/axis/components/net/JSSESocketFactory.java @@ -15,12 +15,6 @@ */ package org.apache.axis.components.net; -import org.apache.axis.utils.Messages; -import org.apache.axis.utils.XMLUtils; -import org.apache.axis.utils.StringUtils; - -import javax.net.ssl.SSLSocket; -import javax.net.ssl.SSLSocketFactory; import java.io.BufferedWriter; import java.io.IOException; import java.io.InputStream; @@ -28,7 +22,27 @@ import java.io.OutputStream; import java.io.OutputStreamWriter; import java.io.PrintWriter; import java.net.Socket; +import java.security.cert.Certificate; +import java.security.cert.CertificateParsingException; +import java.security.cert.X509Certificate; +import java.util.Arrays; +import java.util.Collection; import java.util.Hashtable; +import java.util.Iterator; +import java.util.LinkedList; +import java.util.List; +import java.util.Locale; +import java.util.StringTokenizer; +import java.util.regex.Pattern; + +import javax.net.ssl.SSLException; +import javax.net.ssl.SSLSession; +import javax.net.ssl.SSLSocket; +import javax.net.ssl.SSLSocketFactory; + +import org.apache.axis.utils.Messages; +import org.apache.axis.utils.StringUtils; +import org.apache.axis.utils.XMLUtils; /** @@ -41,6 +55,10 @@ import java.util.Hashtable; */ public class JSSESocketFactory extends DefaultSocketFactory implements SecureSocketFactory { + // This is a a sorted list, if you insert new elements do it orderdered. + private final static String[] BAD_COUNTRY_2LDS = + {"ac", "co", "com", "ed", "edu", "go", "gouv", "gov", "info", + "lg", "ne", "net", "or", "org"}; /** Field sslFactory */ protected SSLSocketFactory sslFactory = null; @@ -187,6 +205,260 @@ public class JSSESocketFactory extends D if (log.isDebugEnabled()) { log.debug(Messages.getMessage("createdSSL00")); } + verifyHostName(host, (SSLSocket) sslSocket); return sslSocket; } + /** + * Verifies that the given hostname in certicifate is the hostname we are trying to connect to + * http://www.cvedetails.com/cve/CVE-2012-5783/ + * @param host + * @param ssl + * @throws IOException + */ + + private static void verifyHostName(String host, SSLSocket ssl) + throws IOException { + if (host == null) { + throw new IllegalArgumentException("host to verify was null"); + } + + SSLSession session = ssl.getSession(); + if (session == null) { + // In our experience this only happens under IBM 1.4.x when + // spurious (unrelated) certificates show up in the server's chain. + // Hopefully this will unearth the real problem: + InputStream in = ssl.getInputStream(); + in.available(); + /* + If you're looking at the 2 lines of code above because you're + running into a problem, you probably have two options: + + #1. Clean up the certificate chain that your server + is presenting (e.g. edit "/etc/apache2/server.crt" or + wherever it is your server's certificate chain is + defined). + + OR + + #2. Upgrade to an IBM 1.5.x or greater JVM, or switch to a + non-IBM JVM. + */ + + // If ssl.getInputStream().available() didn't cause an exception, + // maybe at least now the session is available? + session = ssl.getSession(); + if (session == null) { + // If it's still null, probably a startHandshake() will + // unearth the real problem. + ssl.startHandshake(); + + // Okay, if we still haven't managed to cause an exception, + // might as well go for the NPE. Or maybe we're okay now? + session = ssl.getSession(); + } + } + + Certificate[] certs = session.getPeerCertificates(); + verifyHostName(host.trim().toLowerCase(Locale.US), (X509Certificate) certs[0]); + } + /** + * Extract the names from the certificate and tests host matches one of them + * @param host + * @param cert + * @throws SSLException + */ + + private static void verifyHostName(final String host, X509Certificate cert) + throws SSLException { + // I'm okay with being case-insensitive when comparing the host we used + // to establish the socket to the hostname in the certificate. + // Don't trim the CN, though. + + String cn = getCN(cert); + String[] subjectAlts = getDNSSubjectAlts(cert); + verifyHostName(host, cn.toLowerCase(Locale.US), subjectAlts); + + } + + /** + * Extract all alternative names from a certificate. + * @param cert + * @return + */ + private static String[] getDNSSubjectAlts(X509Certificate cert) { + LinkedList subjectAltList = new LinkedList(); + Collection c = null; + try { + c = cert.getSubjectAlternativeNames(); + } catch (CertificateParsingException cpe) { + // Should probably log.debug() this? + cpe.printStackTrace(); + } + if (c != null) { + Iterator it = c.iterator(); + while (it.hasNext()) { + List list = (List) it.next(); + int type = ((Integer) list.get(0)).intValue(); + // If type is 2, then we've got a dNSName + if (type == 2) { + String s = (String) list.get(1); + subjectAltList.add(s); + } + } + } + if (!subjectAltList.isEmpty()) { + String[] subjectAlts = new String[subjectAltList.size()]; + subjectAltList.toArray(subjectAlts); + return subjectAlts; + } else { + return new String[0]; + } + + } + /** + * Verifies + * @param host + * @param cn + * @param subjectAlts + * @throws SSLException + */ + + private static void verifyHostName(final String host, String cn, String[] subjectAlts)throws SSLException{ + StringBuffer cnTested = new StringBuffer(); + + for (int i = 0; i < subjectAlts.length; i++){ + String name = subjectAlts[i]; + if (name != null) { + name = name.toLowerCase(Locale.US); + if (verifyHostName(host, name)){ + return; + } + cnTested.append("/").append(name); + } + } + if (cn != null && verifyHostName(host, cn)){ + return; + } + cnTested.append("/").append(cn); + throw new SSLException("hostname in certificate didn't match: <" + + host + "> != <" + cnTested + ">"); + + } + + private static boolean verifyHostName(final String host, final String cn){ + if (doWildCard(cn) && !isIPAddress(host)) { + return matchesWildCard(cn, host); + } + return host.equalsIgnoreCase(cn); + } + private static boolean doWildCard(String cn) { + // Contains a wildcard + // wildcard in the first block + // not an ipaddress (ip addres must explicitily be equal) + // not using 2nd level common tld : ex: not for *.co.uk + String parts[] = cn.split("\\."); + return parts.length >= 3 && + parts[0].endsWith("*") && + acceptableCountryWildcard(cn) && + !isIPAddress(cn); + } + + private static final Pattern IPV4_PATTERN = + Pattern.compile("^(25[0-5]|2[0-4]\\d|[0-1]?\\d?\\d)(\\.(25[0-5]|2[0-4]\\d|[0-1]?\\d?\\d)){3}$"); + + private static final Pattern IPV6_STD_PATTERN = + Pattern.compile("^(?:[0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}$"); + + private static final Pattern IPV6_HEX_COMPRESSED_PATTERN = + Pattern.compile("^((?:[0-9A-Fa-f]{1,4}(?::[0-9A-Fa-f]{1,4})*)?)::((?:[0-9A-Fa-f]{1,4}(?::[0-9A-Fa-f]{1,4})*)?)$"); + + + private static boolean isIPAddress(final String hostname) { + return hostname != null + && ( + IPV4_PATTERN.matcher(hostname).matches() + || IPV6_STD_PATTERN.matcher(hostname).matches() + || IPV6_HEX_COMPRESSED_PATTERN.matcher(hostname).matches() + ); + + } + + private static boolean acceptableCountryWildcard(final String cn) { + // The CN better have at least two dots if it wants wildcard action, + // but can't be [*.co.uk] or [*.co.jp] or [*.org.uk], etc... + // The [*.co.uk] problem is an interesting one. Should we just + // hope that CA's would never foolishly allow such a + // certificate to happen? + + String[] parts = cn.split("\\."); + // Only checks for 3 levels, with country code of 2 letters. + if (parts.length > 3 || parts[parts.length - 1].length() != 2) { + return true; + } + String countryCode = parts[parts.length - 2]; + return Arrays.binarySearch(BAD_COUNTRY_2LDS, countryCode) < 0; + } + + private static boolean matchesWildCard(final String cn, + final String hostName) { + String parts[] = cn.split("\\."); + boolean match = false; + String firstpart = parts[0]; + if (firstpart.length() > 1) { + // server∗ + // e.g. server + String prefix = firstpart.substring(0, firstpart.length() - 1); + // skipwildcard part from cn + String suffix = cn.substring(firstpart.length()); + // skip wildcard part from host + String hostSuffix = hostName.substring(prefix.length()); + match = hostName.startsWith(prefix) && hostSuffix.endsWith(suffix); + } else { + match = hostName.endsWith(cn.substring(1)); + } + if (match) { + // I f we ’ r e i n s t r i c t mode , + // [ ∗.foo.com] is not allowed to match [a.b.foo.com] + match = countDots(hostName) == countDots(cn); + } + return match; + } + + private static int countDots(final String data) { + int dots = 0; + for (int i = 0; i < data.length(); i++) { + if (data.charAt(i) == '.') { + dots += 1; + } + } + return dots; + } + + + private static String getCN(X509Certificate cert) { + // Note: toString() seems to do a better job than getName() + // + // For example, getName() gives me this: + // 1.2.840.113549.1.9.1=#16166a756c6975736461766965734063756362632e636f6d + // + // whereas toString() gives me this: + // EMAILADDRESS=juliusdavies@cucbc.com + String subjectPrincipal = cert.getSubjectX500Principal().toString(); + + return getCN(subjectPrincipal); + + } + private static String getCN(String subjectPrincipal) { + StringTokenizer st = new StringTokenizer(subjectPrincipal, ","); + while(st.hasMoreTokens()) { + String tok = st.nextToken().trim(); + if (tok.length() > 3) { + if (tok.substring(0, 3).equalsIgnoreCase("CN=")) { + return tok.substring(3); + } + } + } + return null; + } + } debian/patches/01-libaxis-java-build.patch0000644000000000000000000000140212305325001015507 0ustar Description: build.xml: Don't copy jars during build Author: Forwarded: not-needed Last-Update: 2010-03-20 --- a/build.xml +++ b/build.xml @@ -223,12 +223,12 @@ - + debian/patches/javadoc.diff0000644000000000000000000000070712305325001013051 0ustar Description: Ensure Javadoc call get correct source version (1.3) Author: Damien Raude-Morvan Last-Update: 2010-03-25 Forwarded: no --- a/build.xml +++ b/build.xml @@ -369,6 +369,7 @@ use="true" windowtitle="${Name} API" doctitle="${Name}" + source="${source}" bottom="Copyright © ${year} Apache Web Services Project. All Rights Reserved." /> debian/patches/02-gcj-4.4.patch0000644000000000000000000000116512305325001013115 0ustar Description: Fix FTBFS with GCJ-4.4: "Cannot override the final method from ResourceBundle" Disable function clearCache() which is not used anyway. Bug-Debian: http://bugs.debian.org/531995 Author: Torsten Werner Forwarded: no Last-Update: 2010-03-20 --- a/src/org/apache/axis/i18n/ProjectResourceBundle.java +++ b/src/org/apache/axis/i18n/ProjectResourceBundle.java @@ -360,10 +360,12 @@ /** * Clears the internal cache */ + /* public static void clearCache() { bundleCache.clear(); } + */ public String toString() { return resourceName; debian/jaxrpc.bnd0000644000000000000000000000017012305325001011127 0ustar Bundle-Name: JAX-RPC Bundle-SymbolicName: javax.xml.rpc Bundle-Version: 1.4 Bundle-Vendor: Debian.org Import-Package: * debian/control0000644000000000000000000000473212314307775010610 0ustar Source: axis Section: java Priority: optional Maintainer: Ubuntu Developers XSBC-Original-Maintainer: Debian Java Maintainers Uploaders: Torsten Werner , Damien Raude-Morvan , Jakub Adam , Emmanuel Bourg Build-Depends: debhelper (>= 7), cdbs, ant-optional, default-jdk, libwsdl4j-java, libcommons-logging-java, libcommons-httpclient-java, bnd, libcommons-discovery-java, libgnumail-java, libservlet3.0-java, maven-repo-helper Standards-Version: 3.9.4 Vcs-Svn: svn://svn.debian.org/svn/pkg-java/trunk/axis Vcs-Browser: http://svn.debian.org/wsvn/pkg-java/trunk/axis Homepage: http://ws.apache.org/axis/ Package: libaxis-java Architecture: all Recommends: ant Suggests: libaxis-java-doc Depends: libwsdl4j-java, libcommons-logging-java, libcommons-discovery-java, libcommons-httpclient-java, libgnumail-java, libservlet3.0-java, ${misc:Depends} Description: SOAP implementation in Java Apache AXIS is an implementation of the SOAP ("Simple Object Access Protocol") submission to W3C. . From the draft W3C specification: . SOAP is a lightweight protocol for exchange of information in a decentralized, distributed environment. It is an XML based protocol that consists of three parts: an envelope that defines a framework for describing what is in a message and how to process it, a set of encoding rules for expressing instances of application-defined datatypes, and a convention for representing remote procedure calls and responses. . This project is a follow-on to the Apache SOAP project. Package: libaxis-java-doc Architecture: all Section: doc Depends: ${misc:Depends} Suggests: libaxis-java Description: SOAP implementation in Java (documentation) Apache AXIS is an implementation of the SOAP ("Simple Object Access Protocol") submission to W3C. . From the draft W3C specification: . SOAP is a lightweight protocol for exchange of information in a decentralized, distributed environment. It is an XML based protocol that consists of three parts: an envelope that defines a framework for describing what is in a message and how to process it, a set of encoding rules for expressing instances of application-defined datatypes, and a convention for representing remote procedure calls and responses. . This project is a follow-on to the Apache SOAP project. . This package contains the Javadoc API documentation. debian/poms/0000755000000000000000000000000012305331071010137 5ustar debian/poms/ant.xml0000644000000000000000000000042512305325001011440 0ustar 4.0.0 axis axis-ant 1.4 org.apache.axis debian/poms/jaxrpc.xml0000644000000000000000000000043012305325001012141 0ustar 4.0.0 axis axis-jaxrpc 1.4 org.apache.axis debian/poms/saaj.xml0000644000000000000000000000042612305325001011575 0ustar 4.0.0 axis axis-saaj 1.4 org.apache.axis debian/poms/axis.xml0000644000000000000000000000335612305325001011630 0ustar 4.0.0 axis axis 1.4 jar Axis Web Services An implementation of the SOAP ("Simple Object Access Protocol") submission to W3C. http://ws.apache.org/axis The Apache Software License, Version 2.0 http://www.apache.org/licenses/LICENSE-2.0.txt repo http://svn.apache.org/viewcvs/webservices/axis/trunk/java/ axis axis-jaxrpc 1.4 axis axis-saaj 1.4 wsdl4j wsdl4j 1.6.2 true commons-logging commons-logging 1.1.1 commons-discovery commons-discovery 0.4 debian/libaxis-java.poms0000644000000000000000000000012612305325001012426 0ustar debian/poms/ant.xml debian/poms/axis.xml debian/poms/jaxrpc.xml debian/poms/saaj.xml debian/changelog0000644000000000000000000002340312314310051011030 0ustar axis (1.4-20ubuntu3) trusty; urgency=medium * Revert: d/control,rules: Drop use of bnd to generate OSGi headers. Package is in universe again. -- Matthias Klose Tue, 25 Mar 2014 15:01:16 +0100 axis (1.4-20ubuntu2) trusty; urgency=medium * d/control,rules,libaxis-java.manifest: Add missing OSGi data to manifests for axis jar files using javahelper (LP: #894302). -- James Page Tue, 04 Mar 2014 11:00:06 +0000 axis (1.4-20ubuntu1) saucy; urgency=low * Merge from Debian unstable. Remaining changes: - d/control,rules: Drop use of bnd to generate OSGi headers as its not in main. * Dropped changes (now in Debian): - Transition libservlet2.5-java -> libservlet3.0-java. -- James Page Mon, 03 Jun 2013 11:19:00 +0100 axis (1.4-20) unstable; urgency=low * Updated the dependency on the Servlet API (2.5 -> 3.0) * Removed the obsolete dependency on the Activation Framework (libgnujaf-java) * Added the upstream changelog * debian/rules: Improved the clean target to allow rebuilds -- Emmanuel Bourg Wed, 15 May 2013 00:56:15 +0200 axis (1.4-19ubuntu1) saucy; urgency=low * Merge from Debian unstable. Remaining changes: - Transition libservlet2.5-java -> libservlet3.0-java. * d/control,rules: Drop use of bnd to generate OSGi headers as its not in main. -- James Page Thu, 16 May 2013 14:34:16 +0100 axis (1.4-19) unstable; urgency=low * Team upload. * Upload to unstable. -- tony mancill Mon, 13 May 2013 22:00:05 -0700 axis (1.4-18) experimental; urgency=low * Team upload. * debian/watch: Fixed the URL * debian/control: Add Emmanuel Bourg to list of Uploaders. -- Emmanuel Bourg Tue, 02 Apr 2013 17:02:15 +0200 axis (1.4-17) experimental; urgency=low * Team upload. [ Jakub Adam ] * Use bnd to generate OSGi metadata. * Remove Michael Koch from Uploaders (Closes: #653992). - Thanks for your contribution to this package. * Bump Standards-Version to 3.9.4. [ tony mancill ] * Acknowledge NMU: Thank you to Alberto Fernández Martínez. - Fix CVE-2012-5784 (Closes: #692650) * Update d/copyright to add lintian warnings. -- tony mancill Mon, 04 Feb 2013 22:14:27 -0800 axis (1.4-16.2ubuntu1) raring; urgency=low * Merge from Debian unstable. Remaining changes: - Transition libservlet2.5-java -> libservlet3.0-java. -- James Page Tue, 05 Feb 2013 13:26:37 +0000 axis (1.4-16.2) unstable; urgency=low * Non-maintainer upload. * Fix CVE-2012-5784 (Closes: #692650) * Fix CN extraction from DN of X500 principal. * Fix wildcard validation on ssl connections -- Alberto Fernández Martínez Thu, 6 Dec 2012 14:28:00 +0100 axis (1.4-16.1) unstable; urgency=low * Non-maintainer upload. * Fix CVE-2012-5784 (Closes: #692650) -- Alberto Fernández Martínez Wed, 5 Dec 2012 17:28:00 +0100 axis (1.4-16ubuntu1) quantal; urgency=low * Transition libservlet2.5-java -> libservlet3.0-java. -- James Page Thu, 12 Jul 2012 14:22:03 +0100 axis (1.4-16build1) quantal; urgency=low * No-change rebuild with openjdk-7 as default-jdk. -- James Page Fri, 18 May 2012 11:34:21 +0100 axis (1.4-16) unstable; urgency=low * Add missing dependency on libcommons-httpclient-java * Update Export-Package OSGi attribute in manifest * Add Require-Bundle OSGi attributes -- Jakub Adam Mon, 31 Oct 2011 11:07:24 +0100 axis (1.4-15) unstable; urgency=low * Add OSGi metadata to jar manifests * Bump to Standards-Version 3.9.2 * Updated the DEP-5 copyright to r202 -- Jakub Adam Thu, 27 Oct 2011 19:23:14 +0200 axis (1.4-14) unstable; urgency=low * Team upload. * Drop package libaxis-java-gcj. -- Torsten Werner Thu, 08 Sep 2011 17:13:34 +0200 axis (1.4-13) unstable; urgency=low [ tony mancill ] * libaxis-java-gcj: Remove incorrect libservlet2.4 depedency; the dependency on libaxis-java is sufficient. Thanks to Matthias Klose. (Closes: #597950) [ Damien Raude-Morvan ] * d/control: Bump Standards-Versions to 3.9.1 (no changes required). * d/control: Change short synopsis of packages. * Finaly upload to unstable. -- Damien Raude-Morvan Sun, 06 Mar 2011 19:08:04 +0100 axis (1.4-12) unstable; urgency=low [ Niels Thykier ] * Bumped Standards-Versions to 3.9.0 - no changes required. * Replaced B-D on default-jdk-builddep with gcj-native-helper and default-jdk. [ Damien Raude-Morvan ] * Downgrade libaxis-java-gcj from Recommends to Suggest (Closes: #582151). * Remove Depends on JRE since Axis is a library. -- Damien Raude-Morvan Thu, 08 Jul 2010 00:06:06 +0200 axis (1.4-11) unstable; urgency=low * Merge changes from Ubuntu: - debian/control, debian/rules: (Build-)Depend on libservlet2.5-java instead of libservlet2.4-java (LP: #534913) * Remove Stephan and Vladimír from Uploaders list. -- Torsten Werner Sun, 09 May 2010 02:53:34 +0200 axis (1.4-10) unstable; urgency=low * Add symlinks for old JAR names to fix some FTBFS (Closes: #575041): - saaj.jar -> axis-saaj.jar - jaxrpc.jar -> axis-jaxrpc.jar * Javadoc: - Install Javadoc to /usr/share/doc/libaxis-java/api/ - Register Javadoc with doc-base - d/patches/javadoc.diff and d/rules: Fix javadoc call to only use javadoc and no gjdoc (which fail with UnmappableCharacterException) and force 1.3 source format. * Fix short description of libaxis-java-doc to contains "documentation" * Rework d/copyright to use DEP5 format -- Damien Raude-Morvan Thu, 25 Mar 2010 23:45:41 +0100 axis (1.4-9) unstable; urgency=low * debian/rules: Fix FTBFS when doing arch build: - overrive install/libaxis-java for mh_installjar calls (instead of binary-post-install) -- Damien Raude-Morvan Sat, 20 Mar 2010 23:46:28 +0100 axis (1.4-8) unstable; urgency=low * Add Maven support: - debian/control: Build-Depends on maven-repo-helper - Add pom's files to debian/poms/ - debian/rules: Use mh_installpoms and mh_installjar * Update Standards-Version: 3.8.4 - debian/rules: Add recommended get-orig-source target * Bump to debhelper >= 7 * Use 3.0 (quilt) source format: - debian/source/format: Set 3.0 (quilt) - debian/control: Remove quilt - debian/rules: Remove simpl-patchsys.mk - Refresh all debian/patches/* * Add DEP-3 headers to all patches -- Damien Raude-Morvan Sat, 20 Mar 2010 23:00:50 +0100 axis (1.4-7) unstable; urgency=low * Change Build-Depends: ant1.7-optional because gij is failing with ant 1.8. -- Torsten Werner Sat, 27 Feb 2010 18:52:14 +0100 axis (1.4-6ubuntu1) lucid; urgency=low * debian/control, debian/rules: (Build-)Depend on libservlet2.5-java instead of libservlet2.4-java (LP: #534913) * debian/rules: Drop extra JAVA_HOME entry, build with default-jdk -- Thierry Carrez Tue, 09 Mar 2010 09:39:09 +0100 axis (1.4-6) unstable; urgency=low [ Matthias Klose ] * axis: Depend on default-jre-headless. * Build using java-gcj (axis is not 1.6 source compatible). [ Torsten Werner ] * Add patch for gcj-4.4: do not build function clearCache() which is not used anyway. (Closes: #531995) * Add myself to Uploaders. * Do no longer quote the full text of the Apache license. * Fix lintian warnings. * Move package to Section: java. * Update Standards-Version: 3.8.2 (no changes). * Add missing Depends: ${misc:Depends}. -- Torsten Werner Fri, 24 Jul 2009 18:38:59 +0200 axis (1.4-5) unstable; urgency=low * Added missing packages to Depends of libaxis-java. Closes: #432582, #432582 * Build-Depend on default-jdk-builddep instead of java-gcj-compat-dev. Closes: #477846 * Cleaned up debian/copyright. * Added watch file. * Added Homepage, Vcs-Svn and Vcs-Browser fields. * Updated Standards-Version to 3.7.3. -- Michael Koch Sat, 26 Apr 2008 22:49:29 +0200 axis (1.4-3) unstable; urgency=low * Added xmlParserAPIs.jar and xercesImpl.jar to classpath. Closes: #432538. -- Michael Koch Sat, 14 Jul 2007 21:10:45 +0200 axis (1.4-2) unstable; urgency=low * Upload to unstable. * Inlcude javadocs. -- Michael Koch Fri, 20 Apr 2007 17:32:10 -0100 axis (1.4-1) experimental; urgency=low * Merged from Ubuntu. * Upload to experimental. -- Michael Koch Sat, 3 Mar 2007 10:48:11 +0100 axis (1.4-0ubuntu5) feisty; urgency=low * Fix build failure for binary arch builds. -- Matthias Klose Wed, 28 Feb 2007 17:10:36 +0100 axis (1.4-0ubuntu4) feisty; urgency=low * Recommend ant, instead of depending on it. * Install axis-ant.jar into usr/share/ant/lib. -- Matthias Klose Wed, 28 Feb 2007 12:22:49 +0100 axis (1.4-0ubuntu3) feisty; urgency=low * Build a libaxis-java-gcj package. * Set Ubuntu maintainer address. -- Matthias Klose Wed, 28 Feb 2007 01:06:05 +0100 axis (1.4-0ubuntu2) feisty; urgency=low * Added axis-ant.jar to the binary package -- Vladimír Lapáček Sat, 20 Jan 2007 11:09:48 +0100 axis (1.4-0ubuntu1) edgy; urgency=low * New upstream release. -- Vladimír Lapáček Wed, 6 Sep 2006 22:31:39 +0200 axis (1.2.1-1) unstable; urgency=low * Initial version based of the work of the Fedora packagers. -- Stephan Michels Mon, 9 Jan 2006 11:40:09 +0100