Author: markt
Date: Tue Jan 4 22:50:46 2011
New Revision: 1055230
URL: http://svn.apache.org/viewvc?rev=1055230&view=rev
Log:
Make SSL certificate encoding algorithm selection consistent between BIO and
NIO and update docs to reflect current BIO and post-patch NIO.
Modified:
tomcat/tc6.0.x/trunk/STATUS.txt
tomcat/tc6.0.x/trunk/java/org/apache/tomcat/util/net/NioEndpoint.java
tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml
tomcat/tc6.0.x/trunk/webapps/docs/config/http.xml
Modified: tomcat/tc6.0.x/trunk/STATUS.txt
URL:
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/STATUS.txt?rev=1055230&r1=1055229&r2=1055230&view=diff
==============================================================================
--- tomcat/tc6.0.x/trunk/STATUS.txt (original)
+++ tomcat/tc6.0.x/trunk/STATUS.txt Tue Jan 4 22:50:46 2011
@@ -288,12 +288,6 @@ PATCHES PROPOSED TO BACKPORT:
+1: kkolinko
-1:
-* Make SSL protocol selection consistent between BIO and NIO and update docs
- to reflect current BIO and post-patch NIO.
- http://people.apache.org/~markt/patches/2010-12-07-ssl-algorithm-tc6.patch
- +1: markt, kkolinko, fhanik
- -1:
-
* Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=50413
Ensure 304s are not returned when using static files as error pages
http://people.apache.org/~markt/patches/2011-01-04-bug50413-tc6.patch
Modified: tomcat/tc6.0.x/trunk/java/org/apache/tomcat/util/net/NioEndpoint.java
URL:
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/java/org/apache/tomcat/util/net/NioEndpoint.java?rev=1055230&r1=1055229&r2=1055230&view=diff
==============================================================================
--- tomcat/tc6.0.x/trunk/java/org/apache/tomcat/util/net/NioEndpoint.java
(original)
+++ tomcat/tc6.0.x/trunk/java/org/apache/tomcat/util/net/NioEndpoint.java Tue
Jan 4 22:50:46 2011
@@ -603,7 +603,7 @@ public class NioEndpoint {
public void setKeyAlias(String s ) { keyAlias = s;}
- protected String algorithm = "SunX509";
+ protected String algorithm = KeyManagerFactory.getDefaultAlgorithm();
public String getAlgorithm() { return algorithm;}
public void setAlgorithm(String s ) { this.algorithm = s;}
Modified: tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml
URL:
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml?rev=1055230&r1=1055229&r2=1055230&view=diff
==============================================================================
--- tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml Tue Jan 4 22:50:46 2011
@@ -250,7 +250,11 @@
result in large numbers of SEVERE log messages appearing in the logs as
a result of normal operation. (markt)
</add>
-
+ <fix>
+ Make SSL certificate encoding algorithm consistent between connectors
by
+ using the JVM default for all connectors. This also fixes an issue with
+ the NIO connector on IBM JVMs. (markt)
+ </fix>
</changelog>
</subsection>
<subsection name="Jasper">
Modified: tomcat/tc6.0.x/trunk/webapps/docs/config/http.xml
URL:
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/webapps/docs/config/http.xml?rev=1055230&r1=1055229&r2=1055230&view=diff
==============================================================================
--- tomcat/tc6.0.x/trunk/webapps/docs/config/http.xml (original)
+++ tomcat/tc6.0.x/trunk/webapps/docs/config/http.xml Tue Jan 4 22:50:46 2011
@@ -664,10 +664,11 @@
<attributes>
<attribute name="algorithm" required="false">
- <p>The certificate encoding algorithm to be used. This defaults to the
Sun
- implementation (<code>SunX509</code>). For IBM JVMs you should use the
- value <code>IbmX509</code>. For other vendors, consult the JVM
- documentation for the correct value.</p>
+ <p>The certificate encoding algorithm to be used. This defaults to
+ <code>KeyManagerFactory.getDefaultAlgorithm()</code> which returns
+ <code>SunX509</code> for Sun JVMs. IBM JVMs return
+ <code>IbmX509</code>. For other vendors, consult the JVM
+ documentation for the default value.</p>
</attribute>
<attribute name="clientAuth" required="false">
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
