svn commit: r1033266 - /tomcat/tc6.0.x/trunk/STATUS.txt

Tue, 09 Nov 2010 14:16:54 -0800 

Author: markt
Date: Tue Nov  9 22:15:39 2010
New Revision: 1033266

URL: http://svn.apache.org/viewvc?rev=1033266&view=rev
Log:
Withdraw my patch, vote for Konstantin's
jfclere's concerns are addressed by the patch (keystorePass will be used if 
present)

Modified:
    tomcat/tc6.0.x/trunk/STATUS.txt

Modified: tomcat/tc6.0.x/trunk/STATUS.txt
URL: 
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/STATUS.txt?rev=1033266&r1=1033265&r2=1033266&view=diff
==============================================================================
--- tomcat/tc6.0.x/trunk/STATUS.txt (original)
+++ tomcat/tc6.0.x/trunk/STATUS.txt Tue Nov  9 22:15:39 2010
@@ -48,27 +48,8 @@ PATCHES PROPOSED TO BACKPORT:
 * Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=48545
   Truststores don't have to have passwords
   Based on a patch by 'smmwpf54'
-  https://issues.apache.org/bugzilla/attachment.cgi?id=25848
-  +1: markt
-  +1: kkolinko: OK with this one, but I am proposing a slightly corrected 
version below.
-  -1:
-  Comments on previous patch
-    jfclere: Doc says it should use keystorePass 
(http://tomcat.apache.org/tomcat-6.0-doc/config/http.html).
-               so that would break existing configurations.
-      markt: It shouldn't break existing configs. JSSE allows trust stores to 
be
-             read without providing the password
-      kkolinko: 1. My understanding of KeyStore.load(stream,pwd) doc is that 
when the
-             password is not needed to open a store, it is used to verify its 
integrity.
-             So, this patch changes behaviour: skips the verification.
-             2. Note, that the password might be provided by overriding the
-             getKeystorePassword() method. There is no way to provide such 
password
-             for the truststore in the new code.
-             3. I would be fine if this new behaviour in TC6 were triggered by 
some
-             system property, but defaults to the old behaviour.
-
-  Updated patch:
   https://issues.apache.org/bugzilla/attachment.cgi?id=26268
-  +1: kkolinko
+  +1: kkolinko, markt
   -1:
 
 * Configure Tomcat to use HttpOnly for session cookies by default



---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to