Re: [VOTE] Release Apache Tomcat Native 1.2.17
On Thu, Jun 7, 2018 at 11:50 AM, jean-frederic clere wrote: > Version 1.2.17 includes the following changes compared to 1.2.16: > > - Windows binaries built with OpenSSL 1.0.2o and APR 1.6.3 > > Various other fixes and improvements. See the changelog for details. > > The proposed release artefacts can be found at [1], > and the build was done using tag [2]. > > The Apache Tomcat Native 1.2.17 is > [x] Stable, go ahead and release > [ ] Broken because of ... > +1, works fine for me on Fedora 26 (APR 1.6.3 and OpenSSL 1.1.0h-fips). > > Thanks, > > Jean-Frederic > > > [1] > https://dist.apache.org/repos/dist/dev/tomcat/tomcat- > connectors/native/1.2.17/ > [2] https://svn.apache.org/repos/asf/tomcat/native/tags/TOMCAT_ > NATIVE_1_2_17 > > - > To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org > For additional commands, e-mail: dev-h...@tomcat.apache.org > >
Re: [VOTE] Release Apache Tomcat Native 1.2.17
+1 Tested on Debian Sid with OpenJDK 10, OpenSSL 1.1.0h and GCC 7.3 Emmanuel Bourg Le 07/06/2018 à 17:50, jean-frederic clere a écrit : > Version 1.2.17 includes the following changes compared to 1.2.16: > > - Windows binaries built with OpenSSL 1.0.2o and APR 1.6.3 > > Various other fixes and improvements. See the changelog for details. > > The proposed release artefacts can be found at [1], > and the build was done using tag [2]. > > The Apache Tomcat Native 1.2.17 is > [ ] Stable, go ahead and release > [ ] Broken because of ... > > Thanks, > > Jean-Frederic > > > [1] > https://dist.apache.org/repos/dist/dev/tomcat/tomcat-connectors/native/1.2.17/ > [2] https://svn.apache.org/repos/asf/tomcat/native/tags/TOMCAT_NATIVE_1_2_17 > > - > To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org > For additional commands, e-mail: dev-h...@tomcat.apache.org > - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: [VOTE] Release Apache Tomcat Native 1.2.17
Am 07.06.2018 um 17:50 schrieb jean-frederic clere: Version 1.2.17 includes the following changes compared to 1.2.16: - Windows binaries built with OpenSSL 1.0.2o and APR 1.6.3 Various other fixes and improvements. See the changelog for details. The proposed release artefacts can be found at [1], and the build was done using tag [2]. The Apache Tomcat Native 1.2.17 is [X] Stable, go ahead and release [ ] Broken because of ... +1 to release, thanks for RMing. 2 remarks: - when I extract the zip sources on Unix, I get all dirs and files with group write (!) permission. That sounds unsafe. It wasn't like that for 1.2.16. I don't know on which platform and using which zip impl you created them, but many of those would reflect in the zip the permissions that the files had on your file system. Group write permissions is typically something we should avoid for security reasons. - OpenSSL used according to VERSIONS file is 1.0.2m. I would suggest taking the latest patch level for release builds but did not check the changelog and history to see, whether there was a relevant change between 1.0.2m and 1.0.2o. and one old remark: - it seems to me that on Unix/Linux OCSP support is always active if OpenSSL supports it, but on Windows one needs to enable it. See "ENABLE_OCSP" in files native/BUILDING and native/NMAKEmakefile. Is that still the right thing to do, or should we simply distribute the ocsp enabled windows binary and drop the non-ocsp one? I can't judge by myself, but currently Windows and Unix/Linux build differ in their defaults. Now for the test results: - Tested with APR 1.6.3, OpenSSL 1.0.2o plus patches, and unit tests of TC 8.5 head - Platforms Solaris 10 Sparc, SLES 11 and 12 64 Bit, RHEL 6 and 7 64 Bits - configure flag "--enable-maintainer-mode" - make with gcc 8.1.0 on Solaris and platform gcc on Linux - Using Java version 1.8.0_172 64 Bit - Using "-XX:-UseCompressedClassPointers" on 64 Bit Linux - SHA1 and MD5 OK - signatures OK - gz and zip for sources consistent - source dist consistent with svn tag - config.guess and config.sub from apr 1.6.3 (copied by buildconf) from last year (OK). - VERSIONS says OpenSSL 1.0.2m and APR 1.6.3 - more recent OpenSSL 1.0.2o might have been nice - recreated release with jnirelease script, results are consistent with source dist, except for minor expected diffs in generated docs - make succeeds and builds lib - no C warnings - unit test results for TC - no failures Regards, Rainer - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 62371] Improve logging in AbstractProcessor.parseHost()
https://bz.apache.org/bugzilla/show_bug.cgi?id=62371 --- Comment #30 from Robert Gacki --- Docker Swarm is not the only environment that may experience a regression. I have a client that has an "acme-xy" TLD for the internal network. We upgraded our Spring Boot applications to 2.0.2, which ships with Tomcat 5.8.31 and we were bitten by the same issue. Whether this is RFC compliant or not, I rather like to see such changes to be toggled and / or introduced gradually (like a warning first). -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
