Re: [VOTE] Release Apache Tomcat 8.5.40
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Mark, On 4/11/19 12:40, Mark Thomas wrote: > On 11/04/2019 15:21, Christopher Schultz wrote: > > > >> I'm having a bit of trouble building the bundled tcnative. I'm >> tried building against OpenSSL 1.0.2k and 1.1.1 and both of the >> "configure" invocations given me a message similar to the >> following: >> >> checking for OpenSSL library... using openssl from >> /home/cschultz/openssl-1.0.2k/target/target/${exec_prefix}/lib >> and /home/cschultz/openssl-1.0.2k/target/target/include checking >> OpenSSL library version >= 1.0.2... configure: error: Your >> version of OpenSSL is not compatible with this version of >> tcnative >> >> Any ideas for what to check? That ${exec_prefix} in there looks a >> little fishy. Here's my configure command: >> >> ./configure --with-apr=/usr/bin >> --with-ssl=/home/cschultz/openssl-1.0.2k/target/target > > That looks odd with 2 targets on the end. You're right, it does. I corrected that and it seems that was the problem. :( That "configure" command was generated by my test-tomcat script. Hmm. I'll have to see what's wrong, there. Aha. A hardware migration + directory re-organization has simply broken the path. Oddly, this causes the build to fail. Had it fallen-back to the OS's default OpenSSL version (1.1.0j in my case), I would have expected it to succeed. Perhaps the fallback isn't working reliably? >> --with-java-home=/usr/lib/jvm/java-8-openjdk-amd64 > > I did a little testing with this. > > I agree the ${exec_prefix} looks odd but it doesn't appear to be > breaking anything. > > When I provide a valid path to an OpenSSL build everything works > as expected (1.0.2, 1.1.0, 1.1.1 and master). > > When I provide an invalid path to an OpenSSL build then it appears > to pick up up the version of OpenSSL installed by the OS. > > I see two (minor) problems we could fix: > > 1. The ${exec_prefix} oddity > > 2. If an invalid OpenSSL path is specified the build should fail > rather than pick up a system default. > > Given that everything appears to work as intended with valid input, > I don't see any immediate need to roll a Tomcat Native release. +1 - no release is necessary. - -chris -BEGIN PGP SIGNATURE- Comment: Using GnuPG with Thunderbird - https://www.enigmail.net/ iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAlyvdkIACgkQHPApP6U8 pFiYohAAmO0ouLCMydseViHj2PxfP10mj7uvgB5tCM8FEcoluuB97Lrq1erCT/CY EC5DHGuRdOBvIv+DSw4qkUOE0cCTUe90KZhoWPKJYQuM/Ins+fQwSy98aJMmXLHD d3rvyZ4fGnF6twwg6Sf/eFstq1tzkqUIC0cPuVwytirqZDNCVdgTSLp0xUkEf8yp wFY2AAjOGuW6fTLCs7ie85JrAF/eo9vjM40HRCTTpCL03gYvPi5mfYNbEtLUWJ4K 0qZOJGvbl8oxuAkG42ZzUZueA/pEtZDk6jfD1KDc8OOOkk77Yix/gVHdwSZpZR8l F8ihXEAigUdRqEyFo0sQ0KyaRq27E5yrrMMURpN2iOYJl9pyhcpowIEF7NMwMVYM tfH01qg/D/2AQYnpYnO9o7ou1rsyyXWVViJu6xIkZwC7eHuWkfGjQHGrfcYkc95o erTZ/VTkBE95zLNJHfkrMb3NQ7vX1h0E8hfBAIJNnhMrVRPbfsdGDjU+KST6qoid MXuQnvIefp2CQCtqPVSUVxC9irXdDWeR/IIDNThguVOu69SrEkK7BGQyHGEpPQvV 7ieuWQ4PVyQw85QUdzkbIhAtswl75b118e/NUtBiijUCGtX/tgLpaSgME+TeENny E3v0GaU1aLD9l9mwCQqWz5BEFHAymxC0XxqzPhsiSnLB21xA/hs= =6Wkm -END PGP SIGNATURE- - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: [VOTE] Release Apache Tomcat 8.5.40
On 11/04/2019 15:21, Christopher Schultz wrote: > I'm having a bit of trouble building the bundled tcnative. I'm tried > building against OpenSSL 1.0.2k and 1.1.1 and both of the "configure" > invocations given me a message similar to the following: > > checking for OpenSSL library... using openssl from > /home/cschultz/openssl-1.0.2k/target/target/${exec_prefix}/lib and > /home/cschultz/openssl-1.0.2k/target/target/include > checking OpenSSL library version >= 1.0.2... configure: error: Your > version of OpenSSL is not compatible with this version of tcnative > > Any ideas for what to check? That ${exec_prefix} in there looks a little > fishy. Here's my configure command: > > ./configure --with-apr=/usr/bin > --with-ssl=/home/cschultz/openssl-1.0.2k/target/target That looks odd with 2 targets on the end. > --with-java-home=/usr/lib/jvm/java-8-openjdk-amd64 I did a little testing with this. I agree the ${exec_prefix} looks odd but it doesn't appear to be breaking anything. When I provide a valid path to an OpenSSL build everything works as expected (1.0.2, 1.1.0, 1.1.1 and master). When I provide an invalid path to an OpenSSL build then it appears to pick up up the version of OpenSSL installed by the OS. I see two (minor) problems we could fix: 1. The ${exec_prefix} oddity 2. If an invalid OpenSSL path is specified the build should fail rather than pick up a system default. Given that everything appears to work as intended with valid input, I don't see any immediate need to roll a Tomcat Native release. Thoughts? Mark - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: [VOTE] Release Apache Tomcat 8.5.40
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 All, Gah. I replied to Mark only yesterday. :( On 4/10/19 10:58, Mark Thomas wrote: > The proposed Apache Tomcat 8.5.40 release is now available for > voting. > > The major changes compared to the 8.5.39 release are: > > - Fix for CVE-2019-0232 a RCE vulnerability on Windows > > - Add support for Java 11 to the JSP compiler. Java 12 and 13 are > also now supported if used with a ECJ version with support for > those Java versions > > - Various NIO2 stability improvements > > > Along with lots of other bug fixes and improvements. > > For full details, see the changelog: > https://ci.apache.org/projects/tomcat/tomcat85/docs/changelog.html > > It can be obtained from: > https://dist.apache.org/repos/dist/dev/tomcat/tomcat-8/v8.5.40/ > > The Maven staging repo is: > https://repository.apache.org/content/repositories/orgapachetomcat-120 8/ > > The tag is: https://github.com/apache/tomcat/tree/8.5.40 > 5ec070352b283535946327b44228b610a27a76c5 > > > The proposed 8.5.40 release is: [ ] Broken - do not release [ ] > Stable - go ahead and release as 8.5.40 I'm having a bit of trouble building the bundled tcnative. I'm tried building against OpenSSL 1.0.2k and 1.1.1 and both of the "configure" invocations given me a message similar to the following: checking for OpenSSL library... using openssl from /home/cschultz/openssl-1.0.2k/target/target/${exec_prefix}/lib and /home/cschultz/openssl-1.0.2k/target/target/include checking OpenSSL library version >= 1.0.2... configure: error: Your version of OpenSSL is not compatible with this version of tcnative Any ideas for what to check? That ${exec_prefix} in there looks a little fishy. Here's my configure command: ./configure --with-apr=/usr/bin - --with-ssl=/home/cschultz/openssl-1.0.2k/target/target - --with-java-home=/usr/lib/jvm/java-8-openjdk-amd64 - -chris -BEGIN PGP SIGNATURE- Comment: Using GnuPG with Thunderbird - https://www.enigmail.net/ iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAlyvTXEACgkQHPApP6U8 pFjhjhAAtwtSAb3LDFBOH+1QalBOdgoMR9ewqqGsQWSTKcvO1agdtzDeIuqOqBN8 vEkJqHLGeuIECNGYShtobU0mPPgyuYL36BTBZgGaziBgEPqbqzxFU7P4zCc8BN8J W7pWbX9Pz8h+OYeegxiwzX+Rvb/57gpBgiD8haerhvuf6xpkzpVBiyLkGtmFqSD7 lxzomgZ3yFwFaYD7nAeuwjPB/NK37VGkzBPxMPaqZ2ftd1B9ziEMjqzs34kFsOAE /+rAuQi9THnJqgG07OjUH5qI4YmFYzHNmbQyGFHXt4dYDE9juhNsfQLHBuaijqDb ZAMNk6sHllm55QOIADxUsBEa8AAm5LvGF4PGcPzcL9jJ57qRYm7hqSHpyz7D7v5Z bvjoA5kwPzKRH7PGDSTBME07eog5lCRil00ZCpp+dWzRtnu/FJdjQLKQfGVsf9i0 oIdJY7hHGnUEyVZsOdKc0EecSgf0KvmtcOnhL5MIuif5U8KHkiZuwuXJeEq2S4cP IXoRPEOjARyP4BLFxgfWL/dNLgoi2wFf500zkcoW5PjtJOq9rfx3YsfbO9W+aU+k 2vAbEw83dv9LJxxK/Dv+00JLqIVIYxLmgp49LpqICva2Pk1SuRzbL2UQJt1fA6mn /QTyKGH4hn5B2XGeiyYKdE867RqASaSo6z7sc4REcoIp1PnxCpY= =77BG -END PGP SIGNATURE- - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: [VOTE] Release Apache Tomcat 8.5.40
On Wed, Apr 10, 2019 at 10:58 AM Mark Thomas wrote: > The proposed Apache Tomcat 8.5.40 release is now available for voting. > > The major changes compared to the 8.5.39 release are: > > - Fix for CVE-2019-0232 a RCE vulnerability on Windows > > - Add support for Java 11 to the JSP compiler. Java 12 and 13 are also > now supported if used with a ECJ version with support for those Java > versions > > - Various NIO2 stability improvements > > > Along with lots of other bug fixes and improvements. > > For full details, see the changelog: > https://ci.apache.org/projects/tomcat/tomcat85/docs/changelog.html > > It can be obtained from: > https://dist.apache.org/repos/dist/dev/tomcat/tomcat-8/v8.5.40/ > > The Maven staging repo is: > https://repository.apache.org/content/repositories/orgapachetomcat-1208/ > > The tag is: > https://github.com/apache/tomcat/tree/8.5.40 > 5ec070352b283535946327b44228b610a27a76c5 > > > The proposed 8.5.40 release is: > [ ] Broken - do not release > [x] Stable - go ahead and release as 8.5.40 > +1 > > > Due to the security fix contained in this release, the voting period may > be shortened once sufficient votes are cast to enable a faster release. > > - > To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org > For additional commands, e-mail: dev-h...@tomcat.apache.org > >
Re: [VOTE] Release Apache Tomcat 8.5.40
On Wed, Apr 10, 2019 at 4:58 PM Mark Thomas wrote: > The proposed 8.5.40 release is: > [ ] Broken - do not release > [X] Stable - go ahead and release as 8.5.40 > Rémy
Re: [VOTE] Release Apache Tomcat 8.5.40
На ср, 10.04.2019 г. в 17:58 ч. Mark Thomas написа: > > The proposed Apache Tomcat 8.5.40 release is now available for voting. > > The major changes compared to the 8.5.39 release are: > > - Fix for CVE-2019-0232 a RCE vulnerability on Windows > > - Add support for Java 11 to the JSP compiler. Java 12 and 13 are also > now supported if used with a ECJ version with support for those Java > versions > > - Various NIO2 stability improvements > > > Along with lots of other bug fixes and improvements. > > For full details, see the changelog: > https://ci.apache.org/projects/tomcat/tomcat85/docs/changelog.html > > It can be obtained from: > https://dist.apache.org/repos/dist/dev/tomcat/tomcat-8/v8.5.40/ > > The Maven staging repo is: > https://repository.apache.org/content/repositories/orgapachetomcat-1208/ > > The tag is: > https://github.com/apache/tomcat/tree/8.5.40 > 5ec070352b283535946327b44228b610a27a76c5 > > > The proposed 8.5.40 release is: > [ ] Broken - do not release > [X] Stable - go ahead and release as 8.5.40 Regards, Violeta > > Due to the security fix contained in this release, the voting period may > be shortened once sufficient votes are cast to enable a faster release. > > - > To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org > For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: [VOTE] Release Apache Tomcat 8.5.40
2019年4月10日(水) 23:58 Mark Thomas : > The proposed Apache Tomcat 8.5.40 release is now available for voting. > > The major changes compared to the 8.5.39 release are: > > - Fix for CVE-2019-0232 a RCE vulnerability on Windows > > - Add support for Java 11 to the JSP compiler. Java 12 and 13 are also > now supported if used with a ECJ version with support for those Java > versions > > - Various NIO2 stability improvements > > > Along with lots of other bug fixes and improvements. > > For full details, see the changelog: > https://ci.apache.org/projects/tomcat/tomcat85/docs/changelog.html > > It can be obtained from: > https://dist.apache.org/repos/dist/dev/tomcat/tomcat-8/v8.5.40/ > > The Maven staging repo is: > https://repository.apache.org/content/repositories/orgapachetomcat-1208/ > > The tag is: > https://github.com/apache/tomcat/tree/8.5.40 > 5ec070352b283535946327b44228b610a27a76c5 > > > The proposed 8.5.40 release is: > [ ] Broken - do not release > [X] Stable - go ahead and release as 8.5.40 > +1 Tested on simple hand-made app.(enable session replication). > Due to the security fix contained in this release, the voting period may > be shortened once sufficient votes are cast to enable a faster release. > > - > To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org > For additional commands, e-mail: dev-h...@tomcat.apache.org > > -- Keiichi.Fujino
Re: [VOTE] Release Apache Tomcat 8.5.40
On 4/10/2019 7:58 AM, Mark Thomas wrote: The proposed 8.5.40 release is: [ ] Broken - do not release [X] Stable - go ahead and release as 8.5.40 Unit tests pass for NIO, NIO2, and APR on Windows 10 with Java 1.8u181 and TC-Native 1.2.21 and Ubuntu 18.04 with Java 1.8u202 and TC-Native 1.2.21 Igal - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: [VOTE] Release Apache Tomcat 8.5.40
On 10/04/2019 15:58, Mark Thomas wrote: > The proposed 8.5.40 release is: > [ ] Broken - do not release > [X] Stable - go ahead and release as 8.5.40 Unit tests pass for NIO, NIO2 and APR/Native on Windows, Linux and MacOS with Tomcat-Native 1.2.21 Mark - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[VOTE] Release Apache Tomcat 8.5.40
The proposed Apache Tomcat 8.5.40 release is now available for voting. The major changes compared to the 8.5.39 release are: - Fix for CVE-2019-0232 a RCE vulnerability on Windows - Add support for Java 11 to the JSP compiler. Java 12 and 13 are also now supported if used with a ECJ version with support for those Java versions - Various NIO2 stability improvements Along with lots of other bug fixes and improvements. For full details, see the changelog: https://ci.apache.org/projects/tomcat/tomcat85/docs/changelog.html It can be obtained from: https://dist.apache.org/repos/dist/dev/tomcat/tomcat-8/v8.5.40/ The Maven staging repo is: https://repository.apache.org/content/repositories/orgapachetomcat-1208/ The tag is: https://github.com/apache/tomcat/tree/8.5.40 5ec070352b283535946327b44228b610a27a76c5 The proposed 8.5.40 release is: [ ] Broken - do not release [ ] Stable - go ahead and release as 8.5.40 Due to the security fix contained in this release, the voting period may be shortened once sufficient votes are cast to enable a faster release. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org