subject:"Re\: \[VOTE\] Release Apache Tomcat 8.5.30"

Re: [VOTE] Release Apache Tomcat 8.5.30

2018-04-22 Thread Rainer Jung


Hi Emmanuel,

Am 12.04.2018 um 07:59 schrieb Emmanuel Bourg:

Le 12/04/2018 à 07:08, Rainer Jung a écrit :


These errors are strange and not expected. With which version of
tcnative was this tested, and which version of OpenSSL does that
tcnative use?


That was tcnative 1.2.16 with OpenSSL 1.1.0h


thanks for the info and sorry for coming back to this so late.

I could not reproduce the problem with these versions. Are you aware of 
any special build flags which were used for your OpenSSL 1.1.0h? 
Concentrating on the second test failure:


> Testcase: testOpenSSLConfCmdProtocol took 0.008 sec
>  FAILED
> Protocol TLSv1 is not allowed
> junit.framework.AssertionFailedError: Protocol TLSv1 is not allowed
>  at 
org.apache.tomcat.util.net.openssl.TestOpenSSLConf.testOpenSSLConfCmdProtocol(TestOpenSSLConf.java:105)

> ...


I really do not understand How TLSv1 could be enabled if OpenSSLConf 
works at all. Are there any errors in the logs?


You could also run the test with log level for package 
org.apache.tomcat.util.net.openssl increased to debug.


You might already know, but a convenient way of running a single test is 
by configuring in build.properties:


test.name=**/TestOpenSSLConf.java

Thanks and regards,

Rainer

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: [VOTE] Release Apache Tomcat 8.5.30

2018-04-11 Thread Emmanuel Bourg

Le 12/04/2018 à 07:08, Rainer Jung a écrit :

> These errors are strange and not expected. With which version of
> tcnative was this tested, and which version of OpenSSL does that
> tcnative use?

That was tcnative 1.2.16 with OpenSSL 1.1.0h

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: [VOTE] Release Apache Tomcat 8.5.30

2018-04-11 Thread Rainer Jung


Am 07.04.2018 um 01:17 schrieb Emmanuel Bourg:

Tested on Debian sid with OpenJDK 9.

I got a couple of test failures in TestOpenSSLConf
but that doesn't seem critical:

Testcase: testOpenSSLConfCmdCipher took 0.481 sec
 FAILED
Wrong HostConfig ciphers
Expected: is ["AES256-SHA256"]
  but: was ["TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8", "TLS_ECDHE_ECDSA_WITH_AES_256_CCM", 
"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384", "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384", 
"TLS_ECDHE_RSA_WITH_AES_256_CBC_$
junit.framework.AssertionFailedError: Wrong HostConfig ciphers
Expected: is ["AES256-SHA256"]
  but: was ["TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8", "TLS_ECDHE_ECDSA_WITH_AES_256_CCM", 
"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384", "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384", 
"TLS_ECDHE_RSA_WITH_AES_256_CBC_$
 at org.hamcrest.MatcherAssert.assertThat(MatcherAssert.java:20)
 at 
org.apache.tomcat.util.net.openssl.TestOpenSSLConf.testOpenSSLConfCmdCipher(TestOpenSSLConf.java:85)
 at 
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
 at 
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
 at 
java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)

Testcase: testOpenSSLConfCmdProtocol took 0.008 sec
 FAILED
Protocol TLSv1 is not allowed
junit.framework.AssertionFailedError: Protocol TLSv1 is not allowed
 at 
org.apache.tomcat.util.net.openssl.TestOpenSSLConf.testOpenSSLConfCmdProtocol(TestOpenSSLConf.java:105)
 at 
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
 at 
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
 at 
java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)


These errors are strange and not expected. With which version of 
tcnative was this tested, and which version of OpenSSL does that 
tcnative use?


Thanks and regards,

Rainer


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: [VOTE] Release Apache Tomcat 8.5.30

2018-04-06 Thread Emmanuel Bourg

Le 03/04/2018 à 22:36, Mark Thomas a écrit :

> The proposed 8.5.30 release is:
> [ ] Broken - do not release
> [X] Stable - go ahead and release as 8.5.30

Tested on Debian sid with OpenJDK 9.

I got a couple of test failures in TestOpenSSLConf
but that doesn't seem critical:

Testcase: testOpenSSLConfCmdCipher took 0.481 sec
FAILED
Wrong HostConfig ciphers
Expected: is ["AES256-SHA256"]
 but: was ["TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8", 
"TLS_ECDHE_ECDSA_WITH_AES_256_CCM", "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384", 
"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384", "TLS_ECDHE_RSA_WITH_AES_256_CBC_$
junit.framework.AssertionFailedError: Wrong HostConfig ciphers
Expected: is ["AES256-SHA256"]
 but: was ["TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8", 
"TLS_ECDHE_ECDSA_WITH_AES_256_CCM", "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384", 
"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384", "TLS_ECDHE_RSA_WITH_AES_256_CBC_$
at org.hamcrest.MatcherAssert.assertThat(MatcherAssert.java:20)
at 
org.apache.tomcat.util.net.openssl.TestOpenSSLConf.testOpenSSLConfCmdCipher(TestOpenSSLConf.java:85)
at 
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at 
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at 
java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)

Testcase: testOpenSSLConfCmdProtocol took 0.008 sec
FAILED
Protocol TLSv1 is not allowed
junit.framework.AssertionFailedError: Protocol TLSv1 is not allowed
at 
org.apache.tomcat.util.net.openssl.TestOpenSSLConf.testOpenSSLConfCmdProtocol(TestOpenSSLConf.java:105)
at 
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at 
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at 
java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)

Emmanuel Bourg

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: [VOTE] Release Apache Tomcat 8.5.30

2018-04-06 Thread Christopher Schultz

Mark,

On 4/3/18 4:36 PM, Mark Thomas wrote:
> The proposed Apache Tomcat 8.5.30 release is now available for voting.
> 
> The major changes compared to the 8.5.29 release are:
> 
> - Add support for the maxDays attribute to the AccessLogValve and
>   ExtendedAccessLogValve. This allows the maximum number of days for
>   which rotated access logs should be retained before deletion to be
>   defined.
> 
> - Avoid infinite recursion, when trying to validate a session while
>   loading it with PersistentManager.
> 
> - Correct two protocol errors with HTTP/2 PUSH_PROMISE frames.
> 
> - The OpenSSL engine SSL session will now ignore invalid accesses.
> 
> Along with lots of other bug fixes and improvements.
> 
> 
> It can be obtained from:
> https://dist.apache.org/repos/dist/dev/tomcat/tomcat-8/v8.5.30/
> The Maven staging repo is:
> https://repository.apache.org/content/repositories/orgapachetomcat-1177/
> The svn tag is:
> http://svn.apache.org/repos/asf/tomcat/tc8.5.x/tags/TOMCAT_8_5_30/
> 
> The proposed 8.5.30 release is:
> [ ] Broken - do not release
> [X] Stable - go ahead and release as 8.5.30

Works without any problems with a mundane application in a development
environment.

Details:
* Environment
*  Java (build): java version "1.8.0_151" Java(TM) SE Runtime
Environment (build 1.8.0_151-b12) Java HotSpot(TM) 64-Bit Server VM
(build 25.151-b12, mixed mode)
*  Java (test): java version "1.8.0_151" Java(TM) SE Runtime
Environment (build 1.8.0_151-b12) Java HotSpot(TM) 64-Bit Server VM
(build 25.151-b12, mixed mode)
*  OS:   Linux 2.6.32-312-ec2 x86_64
*  cc:   cc (Debian 4.7.2-5) 4.7.2
*  make: GNU Make 3.81
*  OpenSSL:  OpenSSL 1.0.2k 26 Jan 2017
*  APR:  1.4.6
*
* !! Invalid MD5 signature for apache-tomcat-8.5.30.zip
* Valid GPG signature for apache-tomcat-8.5.30.zip
* !! Invalid MD5 signature for apache-tomcat-8.5.30.tar.gz
* Valid GPG signature for apache-tomcat-8.5.30.tar.gz
* !! Invalid MD5 signature for apache-tomcat-8.5.30.exe
* Valid GPG signature for apache-tomcat-8.5.30.exe
* !! Invalid MD5 signature for apache-tomcat-8.5.30-src.zip
* Valid GPG signature for apache-tomcat-8.5.30-src.zip
* !! Invalid MD5 signature for apache-tomcat-8.5.30-src.tar.gz
* Valid GPG signature for apache-tomcat-8.5.30-src.tar.gz

No problem: MD5 signatures are no longer used. I've updated my script to
check SHA-1 and SHA-512 signatures for the future.

* Binary Zip and tarball: Same
* Source Zip and tarball: Same
*
* Building dependencies returned: 0
* tcnative builds cleanly
* Tomcat builds cleanly
* Junit Tests: FAILED

These tests are expected to fail in this environment:

* Tests that failed:
* org.apache.catalina.session.TestStandardSessionIntegration.APR.txt
* org.apache.catalina.session.TestStandardSessionIntegration.NIO.txt
* org.apache.catalina.session.TestStandardSessionIntegration.NIO2.txt
* org.apache.catalina.tribes.group.TestGroupChannelMemberArrival.APR.txt
* org.apache.catalina.tribes.group.TestGroupChannelMemberArrival.NIO.txt
* org.apache.catalina.tribes.group.TestGroupChannelMemberArrival.NIO2.txt
* org.apache.catalina.tribes.group.TestGroupChannelSenderConnections.APR.txt
* org.apache.catalina.tribes.group.TestGroupChannelSenderConnections.NIO.txt
*
org.apache.catalina.tribes.group.TestGroupChannelSenderConnections.NIO2.txt
* org.apache.catalina.tribes.group.TestGroupChannelStartStop.APR.txt
* org.apache.catalina.tribes.group.TestGroupChannelStartStop.NIO.txt
* org.apache.catalina.tribes.group.TestGroupChannelStartStop.NIO2.txt
*
org.apache.catalina.tribes.group.interceptors.TestNonBlockingCoordinator.APR.txt
*
org.apache.catalina.tribes.group.interceptors.TestNonBlockingCoordinator.NIO.txt
*
org.apache.catalina.tribes.group.interceptors.TestNonBlockingCoordinator.NIO2.txt
* org.apache.catalina.tribes.group.interceptors.TestOrderInterceptor.APR.txt
* org.apache.catalina.tribes.group.interceptors.TestOrderInterceptor.NIO.txt
*
org.apache.catalina.tribes.group.interceptors.TestOrderInterceptor.NIO2.txt
*
org.apache.catalina.tribes.group.interceptors.TestTcpFailureDetector.APR.txt
*
org.apache.catalina.tribes.group.interceptors.TestTcpFailureDetector.NIO.txt
*
org.apache.catalina.tribes.group.interceptors.TestTcpFailureDetector.NIO2.txt
* org.apache.tomcat.util.net.openssl.TestOpenSSLConf.APR.txt
* org.apache.tomcat.util.net.openssl.ciphers.TestCipher.APR.txt
* org.apache.tomcat.util.net.openssl.ciphers.TestCipher.NIO.txt
* org.apache.tomcat.util.net.openssl.ciphers.TestCipher.NIO2.txt
*
org.apache.tomcat.util.net.openssl.ciphers.TestOpenSSLCipherConfigurationParser.APR.txt
*
org.apache.tomcat.util.net.openssl.ciphers.TestOpenSSLCipherConfigurationParser.NIO.txt
*
org.apache.tomcat.util.net.openssl.ciphers.TestOpenSSLCipherConfigurationParser.NIO2.txt


-chris

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: [VOTE] Release Apache Tomcat 8.5.30

2018-04-06 Thread Mark Thomas

On 03/04/18 21:36, Mark Thomas wrote:

> The proposed 8.5.30 release is:
> [ ] Broken - do not release
> [X] Stable - go ahead and release as 8.5.30

Unit tests pass (allowing for expected OpenSSL failures due to version
mis-match) for NIO, NIO2 and APR/native (1.2.16) on Linux, OSX and Windows.

Mark

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: [VOTE] Release Apache Tomcat 8.5.30

2018-04-05 Thread Felix Schumacher



Am 3. April 2018 22:36:45 MESZ schrieb Mark Thomas :
>The proposed Apache Tomcat 8.5.30 release is now available for voting.
>
>The major changes compared to the 8.5.29 release are:
>
>- Add support for the maxDays attribute to the AccessLogValve and
>  ExtendedAccessLogValve. This allows the maximum number of days for
>  which rotated access logs should be retained before deletion to be
>  defined.
>
>- Avoid infinite recursion, when trying to validate a session while
>  loading it with PersistentManager.
>
>- Correct two protocol errors with HTTP/2 PUSH_PROMISE frames.
>
>- The OpenSSL engine SSL session will now ignore invalid accesses.
>
>Along with lots of other bug fixes and improvements.
>
>
>It can be obtained from:
>https://dist.apache.org/repos/dist/dev/tomcat/tomcat-8/v8.5.30/
>The Maven staging repo is:
>https://repository.apache.org/content/repositories/orgapachetomcat-1177/
>The svn tag is:
>http://svn.apache.org/repos/asf/tomcat/tc8.5.x/tags/TOMCAT_8_5_30/
>
>The proposed 8.5.30 release is:
>[ ] Broken - do not release
>[x] Stable - go ahead and release as 8.5.30

Regards, 
 Felix 

>
>-
>To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
>For additional commands, e-mail: dev-h...@tomcat.apache.org

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: [VOTE] Release Apache Tomcat 8.5.30

2018-04-05 Thread Violeta Georgieva

2018-04-03 23:36 GMT+03:00 Mark Thomas :
>
> The proposed Apache Tomcat 8.5.30 release is now available for voting.
>
> The major changes compared to the 8.5.29 release are:
>
> - Add support for the maxDays attribute to the AccessLogValve and
>   ExtendedAccessLogValve. This allows the maximum number of days for
>   which rotated access logs should be retained before deletion to be
>   defined.
>
> - Avoid infinite recursion, when trying to validate a session while
>   loading it with PersistentManager.
>
> - Correct two protocol errors with HTTP/2 PUSH_PROMISE frames.
>
> - The OpenSSL engine SSL session will now ignore invalid accesses.
>
> Along with lots of other bug fixes and improvements.
>
>
> It can be obtained from:
> https://dist.apache.org/repos/dist/dev/tomcat/tomcat-8/v8.5.30/
> The Maven staging repo is:
> https://repository.apache.org/content/repositories/orgapachetomcat-1177/
> The svn tag is:
> http://svn.apache.org/repos/asf/tomcat/tc8.5.x/tags/TOMCAT_8_5_30/
>
> The proposed 8.5.30 release is:
> [ ] Broken - do not release
> [X] Stable - go ahead and release as 8.5.30


+1

Regards,
Violeta

Re: [VOTE] Release Apache Tomcat 8.5.30

2018-04-05 Thread Huxing Zhang

Hi,

The proposed 8.5.30 release is:
[ ] Broken - do not release
[X] Stable - go ahead and release as 8.5.30

Unit test: ok
Examples: ok
Tested running on Java 10: ok

On Wed, Apr 4, 2018 at 4:36 AM, Mark Thomas  wrote:
> The proposed Apache Tomcat 8.5.30 release is now available for voting.
>
> The major changes compared to the 8.5.29 release are:
>
> - Add support for the maxDays attribute to the AccessLogValve and
>   ExtendedAccessLogValve. This allows the maximum number of days for
>   which rotated access logs should be retained before deletion to be
>   defined.
>
> - Avoid infinite recursion, when trying to validate a session while
>   loading it with PersistentManager.
>
> - Correct two protocol errors with HTTP/2 PUSH_PROMISE frames.
>
> - The OpenSSL engine SSL session will now ignore invalid accesses.
>
> Along with lots of other bug fixes and improvements.
>
>
> It can be obtained from:
> https://dist.apache.org/repos/dist/dev/tomcat/tomcat-8/v8.5.30/
> The Maven staging repo is:
> https://repository.apache.org/content/repositories/orgapachetomcat-1177/
> The svn tag is:
> http://svn.apache.org/repos/asf/tomcat/tc8.5.x/tags/TOMCAT_8_5_30/
>
> The proposed 8.5.30 release is:
> [ ] Broken - do not release
> [ ] Stable - go ahead and release as 8.5.30
>
> -
> To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: dev-h...@tomcat.apache.org
>



-- 
Best Regards！
Huxing

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: [VOTE] Release Apache Tomcat 8.5.30

2018-04-04 Thread Rémy Maucherat

On Tue, Apr 3, 2018 at 10:36 PM, Mark Thomas  wrote:

> The proposed Apache Tomcat 8.5.30 release is now available for voting.
>
> The major changes compared to the 8.5.29 release are:
>
> - Add support for the maxDays attribute to the AccessLogValve and
>   ExtendedAccessLogValve. This allows the maximum number of days for
>   which rotated access logs should be retained before deletion to be
>   defined.
>
> - Avoid infinite recursion, when trying to validate a session while
>   loading it with PersistentManager.
>
> - Correct two protocol errors with HTTP/2 PUSH_PROMISE frames.
>
> - The OpenSSL engine SSL session will now ignore invalid accesses.
>
> Along with lots of other bug fixes and improvements.
>
>
> It can be obtained from:
> https://dist.apache.org/repos/dist/dev/tomcat/tomcat-8/v8.5.30/
> The Maven staging repo is:
> https://repository.apache.org/content/repositories/orgapachetomcat-1177/
> The svn tag is:
> http://svn.apache.org/repos/asf/tomcat/tc8.5.x/tags/TOMCAT_8_5_30/
>
> The proposed 8.5.30 release is:
> [ ] Broken - do not release
> [X] Stable - go ahead and release as 8.5.30
>
> Rémy

Re: [VOTE] Release Apache Tomcat 8.5.30

Re: [VOTE] Release Apache Tomcat 8.5.30

Re: [VOTE] Release Apache Tomcat 8.5.30

Re: [VOTE] Release Apache Tomcat 8.5.30

Re: [VOTE] Release Apache Tomcat 8.5.30

Re: [VOTE] Release Apache Tomcat 8.5.30

Re: [VOTE] Release Apache Tomcat 8.5.30

Re: [VOTE] Release Apache Tomcat 8.5.30

Re: [VOTE] Release Apache Tomcat 8.5.30

Re: [VOTE] Release Apache Tomcat 8.5.30

10 matches

Site Navigation

Mail list logo

Footer information