svn commit: r1804888 - /tomcat/trunk/test/org/apache/tomcat/util/net/TestSSLHostConfigIntegration.java

2017-08-13 Thread rjung
Author: rjung Date: Sun Aug 13 10:43:23 2017 New Revision: 1804888 URL: http://svn.apache.org/viewvc?rev=1804888=rev Log: No SSL communication done in this test, so we do not need to set up an ssl client. Modified:

buildbot failure in on tomcat-trunk

2017-08-13 Thread buildbot
The Buildbot has detected a new failure on builder tomcat-trunk while building . Full details are available at: https://ci.apache.org/builders/tomcat-trunk/builds/2616 Buildbot URL: https://ci.apache.org/ Buildslave for this Build: silvanus_ubuntu Build Reason: The AnyBranchScheduler

svn commit: r1804904 - in /tomcat/trunk/java/org/apache/tomcat/util/net/openssl: LocalStrings.properties OpenSSLContext.java

2017-08-13 Thread rjung
Author: rjung Date: Sun Aug 13 11:53:09 2017 New Revision: 1804904 URL: http://svn.apache.org/viewvc?rev=1804904=rev Log: Improve observability of new fix/feature. Modified: tomcat/trunk/java/org/apache/tomcat/util/net/openssl/LocalStrings.properties

[Bug 61394] NIO/NIO2 + OpenSSL renegotiation doesn't send list of CAs to user agent

2017-08-13 Thread bugzilla
https://bz.apache.org/bugzilla/show_bug.cgi?id=61394 --- Comment #9 from Rainer Jung --- I applied the patch, wrapping the new native call in a check for a UnsatisfiedLinkError to not break compatibility with older tcnative. I also added one new test and checks to

svn commit: r1804890 - in /tomcat/trunk/test/org/apache/tomcat: util/net/TestCustomSsl.java util/net/TestSsl.java util/net/TesterSupport.java websocket/TestWebSocketFrameClientSSL.java websocket/TestW

2017-08-13 Thread rjung
Author: rjung Date: Sun Aug 13 10:51:06 2017 New Revision: 1804890 URL: http://svn.apache.org/viewvc?rev=1804890=rev Log: - Use constants for test certificate file paths, aliases and passwords. - Change TesterSupport.initSsl() to use full path names. Modified:

svn commit: r1804907 - /tomcat/trunk/java/org/apache/tomcat/jni/SSLContext.java

2017-08-13 Thread rjung
Author: rjung Date: Sun Aug 13 12:18:07 2017 New Revision: 1804907 URL: http://svn.apache.org/viewvc?rev=1804907=rev Log: Fix new javadoc. Modified: tomcat/trunk/java/org/apache/tomcat/jni/SSLContext.java Modified: tomcat/trunk/java/org/apache/tomcat/jni/SSLContext.java URL:

svn commit: r1804908 - /tomcat/trunk/test/org/apache/tomcat/util/net/TestCustomSsl.java

2017-08-13 Thread rjung
Author: rjung Date: Sun Aug 13 12:38:22 2017 New Revision: 1804908 URL: http://svn.apache.org/viewvc?rev=1804908=rev Log: Add another custom trust manager test case based on a trust manager, that sequentially checks all CA certificates in a truststore using the new

buildbot success in on tomcat-trunk

2017-08-13 Thread buildbot
The Buildbot has detected a restored build on builder tomcat-trunk while building . Full details are available at: https://ci.apache.org/builders/tomcat-trunk/builds/2620 Buildbot URL: https://ci.apache.org/ Buildslave for this Build: silvanus_ubuntu Build Reason: The AnyBranchScheduler

OpenSSL SSL_CONF_cmd API

2017-08-13 Thread Rainer Jung
Hi, OpenSSl has an API named SSL_CONF_cmd. Te API allows application using OpenSSL to no longer implement an application specific configuration option per OpenSSL config feature the app wants to support, but instead use a more generic approach. The API can be seen here (it was added in

svn commit: r1804903 - in /tomcat/trunk: java/org/apache/tomcat/jni/SSLContext.java java/org/apache/tomcat/util/net/openssl/LocalStrings.properties java/org/apache/tomcat/util/net/openssl/OpenSSLConte

2017-08-13 Thread rjung
Author: rjung Date: Sun Aug 13 11:47:24 2017 New Revision: 1804903 URL: http://svn.apache.org/viewvc?rev=1804903=rev Log: Improve TLS handshake. When using JSSE TLS configuration with the OpenSSL implementation and client certificates: include client CA subjects in the TLS handshake so that the

svn commit: r1804905 - /tomcat/trunk/test/org/apache/tomcat/util/net/TesterSupport.java

2017-08-13 Thread rjung
Author: rjung Date: Sun Aug 13 12:01:16 2017 New Revision: 1804905 URL: http://svn.apache.org/viewvc?rev=1804905=rev Log: Add custom class that allows to test client certificate handshake with a trustmanager (named SequentialTrustManager), that should be equivalent to our default trust store.

svn commit: r1804906 - /tomcat/trunk/test/org/apache/tomcat/util/net/TesterSupport.java

2017-08-13 Thread rjung
Author: rjung Date: Sun Aug 13 12:09:04 2017 New Revision: 1804906 URL: http://svn.apache.org/viewvc?rev=1804906=rev Log: Replace hard-coded client certificate subject by retrieving it from the certificate. Modified: tomcat/trunk/test/org/apache/tomcat/util/net/TesterSupport.java Modified:

Re: OpenSSL SSL_CONF_cmd API

2017-08-13 Thread Mark Thomas
On 13/08/17 16:42, Rainer Jung wrote: > Hi, > > OpenSSl has an API named SSL_CONF_cmd. Te API allows application using > OpenSSL to no longer implement an application specific configuration > option per OpenSSL config feature the app wants to support, but instead > use a more generic approach.

svn commit: r1804941 - in /tomcat/site/trunk: docs/conference.html docs/images/liferay.png xdocs/conference.xml xdocs/images/liferay.png

2017-08-13 Thread markt
Author: markt Date: Sun Aug 13 19:26:31 2017 New Revision: 1804941 URL: http://svn.apache.org/viewvc?rev=1804941=rev Log: Add liferay text Keep a session open for jfc (if available) Added: tomcat/site/trunk/docs/images/liferay.png (with props) tomcat/site/trunk/xdocs/images/liferay.png

Bug report for Tomcat Modules [2017/08/13]

2017-08-13 Thread bugzilla
+---+ | Bugzilla Bug ID | | +-+ | | Status: UNC=Unconfirmed NEW=New ASS=Assigned

Bug report for Tomcat Native [2017/08/13]

2017-08-13 Thread bugzilla
+---+ | Bugzilla Bug ID | | +-+ | | Status: UNC=Unconfirmed NEW=New ASS=Assigned

Bug report for Tomcat 8 [2017/08/13]

2017-08-13 Thread bugzilla
+---+ | Bugzilla Bug ID | | +-+ | | Status: UNC=Unconfirmed NEW=New ASS=Assigned

Bug report for Tomcat Connectors [2017/08/13]

2017-08-13 Thread bugzilla
+---+ | Bugzilla Bug ID | | +-+ | | Status: UNC=Unconfirmed NEW=New ASS=Assigned

Bug report for Taglibs [2017/08/13]

2017-08-13 Thread bugzilla
+---+ | Bugzilla Bug ID | | +-+ | | Status: UNC=Unconfirmed NEW=New ASS=Assigned

Bug report for Tomcat 9 [2017/08/13]

2017-08-13 Thread bugzilla
+---+ | Bugzilla Bug ID | | +-+ | | Status: UNC=Unconfirmed NEW=New ASS=Assigned

Bug report for Tomcat 7 [2017/08/13]

2017-08-13 Thread bugzilla
+---+ | Bugzilla Bug ID | | +-+ | | Status: UNC=Unconfirmed NEW=New ASS=Assigned

svn commit: r1804944 - in /tomcat/site/trunk: docs/conference.html docs/images/tomcatcon-london-2017.jpg xdocs/conference.xml xdocs/images/tomcatcon-london-2017.jpg

2017-08-13 Thread markt
Author: markt Date: Sun Aug 13 19:38:48 2017 New Revision: 1804944 URL: http://svn.apache.org/viewvc?rev=1804944=rev Log: Add a banner (same one as eventbrite) Added: tomcat/site/trunk/docs/images/tomcatcon-london-2017.jpg (with props)

svn commit: r1804915 - /tomcat/trunk/test/org/apache/tomcat/util/net/TesterSupport.java

2017-08-13 Thread rjung
Author: rjung Date: Sun Aug 13 14:35:05 2017 New Revision: 1804915 URL: http://svn.apache.org/viewvc?rev=1804915=rev Log: Wrap the KeyManagers used by the client to allow tracking for which CA subjects a client certificate was requested. Modified:

svn commit: r1804917 - in /tomcat/trunk/test/org/apache/tomcat/util/net: TestClientCert.java TestCustomSsl.java TestSsl.java

2017-08-13 Thread rjung
Author: rjung Date: Sun Aug 13 14:37:06 2017 New Revision: 1804917 URL: http://svn.apache.org/viewvc?rev=1804917=rev Log: Improve some existing test cases with a check, whether client certificates from the right CA was demanded during the TLS handshake. Especially detect, if no CA was announced