Am 15.01.26 um 21:11 schrieb Mark Thomas:
The key differences compared to 1.3.4 are:
- Fix regression with OCSP and APR/Native connector
The proposed release artifacts can be found at [1],
and the build was done using tag [2].
The Apache Tomcat Native 1.3.5 release is
[X] Stable, go ahead and release
[ ] Broken because of ...
Thanks,
Mark
[1]
https://dist.apache.org/repos/dist/dev/tomcat/tomcat-connectors/
native/1.3.5
[2] https://github.com/apache/tomcat-native/
commit/889f7ef35155df1fc0947c427b944fa738da5fbe
+1 for release
- checked artefacts for completeness
- checked artefact gpg signatures and sha512 hashes
- compared source tarballs against git sources
- checked OpenSSL version in Windows binaries
- checked some consistencies against own jnirelease.sh results
- built it against OpenSSL 3.6.0, 3.5.4 and 3.0.18, each on Platforms
SLES 12 and 15 and RHEL 7, 8, 9 and 10 (Linux on x86_64). APR was 1.7.6.
OK.
- tested via TC unit tests with tcnative/OpenSSL but only the SSL/TLS
related tests on the above platforms using TC 11.0.15, 10.1.50 and
9.0.113 with latest patch levels of JDK 8, 11, 17, 21, 25, 26 and 27
from Adoptium Temurin, Amazon Corretto, Azul Zulu, Oracle, RedHat and
OpenJDK where applicable.
No new failures or increased level of failures, only the normal
amount of crashes.
- OpenSSL 3.x deprecation warnings (some in multiple places):
'DH_free' is deprecated: Since OpenSSL 3.0
'DH_new' is deprecated: Since OpenSSL 3.0
'DH_set0_pqg' is deprecated: Since OpenSSL 3.0
'EC_KEY_free' is deprecated: Since OpenSSL 3.0
'EC_KEY_new_by_curve_name' is deprecated: Since OpenSSL 3.0
'ENGINE_by_id' is deprecated: Since OpenSSL 3.0
'ENGINE_ctrl_cmd_string' is deprecated: Since OpenSSL 3.0
'ENGINE_ctrl' is deprecated: Since OpenSSL 3.0
'ENGINE_free' is deprecated: Since OpenSSL 3.0
'ENGINE_load_private_key' is deprecated: Since OpenSSL 3.0
'ENGINE_register_all_complete' is deprecated: Since OpenSSL 3.0
'ENGINE_set_default' is deprecated: Since OpenSSL 3.0
'PEM_read_bio_DHparams' is deprecated: Since OpenSSL 3.0
'PEM_read_bio_ECPKParameters' is deprecated: Since OpenSSL 3.0
'SSL_CTX_set_tmp_dh_callback' is deprecated: Since OpenSSL 3.0
'SSL_SESSION_get_time' is deprecated: Since OpenSSL 3.4;not Y2038-safe,
replace with SSL_SESSION_get_time_ex()
I could provide more details, but they should show up during every
compilation attempts against e.g. OpenSSL 3.6.0.
Thanks a bunch for RM!
Best Regards,
Rainer
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
