Re: Which release artifact should we expect to be reproducible?
Emmanuel, On 10/12/23 18:13, Emmanuel Bourg wrote: Le 12/10/2023 à 23:27, Christopher Schultz a écrit : I installed the ZIP version of Temurin Java 21 to match your release toolchain and I get every file being different. But the versions are not exactly the same, so that may be the reason: Release Java: 21+25-2513 Local Java: 21+35-LTS I'm also using Cp1252 instead of UTF-8 (ew). I'll try to change that and see if it changes anything. Did you try comparing the files with diffoscope [1]? That would allow you to quickly see what varies and prevents the build from being reproducible. It looks like it does come down to the exact JDK being used. The summary of differences for, example, apache-tomcat-11.0.0-M13.tar.gz is: │ │ │ -Created-By: 21+35-2513 (Oracle Corporation) │ │ │ +Created-By: 21+35-LTS (Eclipse Adoptium) Over and over again in MANIFEST.MF files. So it does look like version string changes can be an issue. -chris - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 67732] APR Deprecation Note in 10.1 doc is missing
https://bz.apache.org/bugzilla/show_bug.cgi?id=67732 --- Comment #2 from Marcelo Marques --- Thanks, appreciated the information. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: [PR] BZ 66670: Add SSLHostConfig#certificateKeyPasswordFile and SSLHostConfig#certificateKeystorePasswordFile [tomcat]
michael-o commented on PR #672: URL: https://github.com/apache/tomcat/pull/672#issuecomment-1762134403 > > I'm a -0 on loading the password from native code. I would support "consistency" by _removing_ the existing BIO-loading of the cert, key, etc. in libtcnative if we wanted to go for that. > > I was saying earlier it would still need to use a different BIO type, so I was thinking "no benefit". Now that I think about it more, this is still better. I guess I'll do it eventually with the Panama code. I think this discussion should be moved to the dev mailing list. As far as I understand you both, you want to retain `setCertificateRaw()` only. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: [PR] BZ 66670: Add SSLHostConfig#certificateKeyPasswordFile and SSLHostConfig#certificateKeystorePasswordFile [tomcat]
rmaucher commented on PR #672: URL: https://github.com/apache/tomcat/pull/672#issuecomment-1762132365 > I'm a -0 on loading the password from native code. I would support "consistency" by _removing_ the existing BIO-loading of the cert, key, etc. in libtcnative if we wanted to go for that. > I was saying earlier it would still need to use a different BIO type, so I was thinking "no benefit". Now that I think about it more, this is still better. I guess I'll do it eventually with the Panama code. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 67732] APR Deprecation Note in 10.1 doc is missing
https://bz.apache.org/bugzilla/show_bug.cgi?id=67732 Christopher Schultz changed: What|Removed |Added Status|NEW |RESOLVED OS||All Resolution|--- |INVALID --- Comment #1 from Christopher Schultz --- We also don't support BIO in Tomcat 10.1. Should we put notes in all versions where support does not exist for some particular thing? The reason it was marked as deprecated in Tomcat 10 was because we intended to remove it in the next version. We have now removed it. There is no reason to document things that are no longer a part of the product. The migration guide exists for this sort of thing: https://tomcat.apache.org/migration-10.1.html#Tomcat_10.1.x_noteable_changes We specifically mention that the APR connector has been removed. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: [PR] BZ 66670: Add SSLHostConfig#certificateKeyPasswordFile and SSLHostConfig#certificateKeystorePasswordFile [tomcat]
michael-o commented on PR #672: URL: https://github.com/apache/tomcat/pull/672#issuecomment-1762123047 > I'm a -0 on loading the password from native code. I would support "consistency" by _removing_ the existing BIO-loading of the cert, key, etc. in libtcnative if we wanted to go for that. > > Honestly, libtcnative's days are numbered. Even having this conversation is not worth the time we are spending on it. This PR is not about libtcnative, but about Tomcat. If you consider, just like @rmaucher, the change in tcnative as unnecessary, express it in the other PR. Have a look at the actual changes which affect Tomcat. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: [PR] BZ 66670: Add SSLHostConfig#certificateKeyPasswordFile and SSLHostConfig#certificateKeystorePasswordFile [tomcat]
ChristopherSchultz commented on PR #672: URL: https://github.com/apache/tomcat/pull/672#issuecomment-1762120662 I'm a -0 on loading the password from native code. I would support "consistency" by _removing_ the existing BIO-loading of the cert, key, etc. in libtcnative if we wanted to go for that. Honestly, libtcnative's days are numbered. Even having this conversation is not worth the time we are spending on it. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 67732] New: APR Deprecation Note in 10.1 doc is missing
https://bz.apache.org/bugzilla/show_bug.cgi?id=67732 Bug ID: 67732 Summary: APR Deprecation Note in 10.1 doc is missing Product: Tomcat Native Version: 2.0.6 Hardware: PC Status: NEW Severity: normal Priority: P2 Component: Documentation Assignee: dev@tomcat.apache.org Reporter: marcelos...@gmail.com Target Milestone: --- Hello, I noticed that the note about APR deprecation was added to the 10.0.x doc https://tomcat.apache.org/tomcat-10.0-doc/config/http.html Note: The APR/Native HTTP Connector is deprecated and will be removed in Tomcat 10.1.x onwards. But the note is missing in the 10.1.x doc though. https://tomcat.apache.org/tomcat-10.1-doc/config/http.html If possible add the APR deprecation note in the 10.1 and 11.0 docs as well. Thanks. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 67722] Tomcat 10 Http11AprProtocol Protocol handler instantiation failed
https://bz.apache.org/bugzilla/show_bug.cgi?id=67722 --- Comment #3 from Marcelo Marques --- Thanks for the information. I noticed that the note about APR deprecations was added to the 10.0.x doc https://tomcat.apache.org/tomcat-10.0-doc/config/http.html But it is missing from the 10.1.x doc though. https://tomcat.apache.org/tomcat-10.1-doc/config/http.html -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: [VOTE] Release Apache Tomcat 8.5.95 [CORRECTED]
+1 thank you! El jue, 12 oct 2023 a las 10:05, Christopher Schultz (< ch...@christopherschultz.net>) escribió: > All, > > On 10/11/23 21:32, Christopher Schultz wrote: > > The proposed Apache Tomcat 8.5.95 release is now available for voting. > > > > The notable changes compared to 8.5.94 are: > > > > - Correct a regression in 8.5.94 that broke the Tomcat JBDC > >connection pool > > > > - Correct a regression in 8.5.94 that broke HTTP compression > > > > Along with lots of other bug fixes and improvements. > > > > For full details, see the changelog: > > https://nightlies.apache.org/tomcat/tomcat-8.5.x/docs/changelog.html > > > > It can be obtained from: > > https://dist.apache.org/repos/dist/dev/tomcat/tomcat-8/v8.5.95/ > > > > The Maven staging repo is: > > https://repository.apache.org/content/repositories/orgapachetomcat-1463 > > > > The tag is: > > https://github.com/apache/tomcat/tree/8.5.95/ > > > > The proposed 8.5.95 release is: > > [ ] Broken - do not release > > [X] Stable - go ahead and release as 8.5.95 (stable) > > +1 for stable release > > Works on a vanilla servlet-based application using both HTTP-NIO and > AJP-NIO connectors. Unit tests pass on Linux x86-64. > > Details: > * Environment > * Java (build): openjdk version "1.8.0_372" OpenJDK Runtime > Environment (Temurin)(build 1.8.0_372-b07) OpenJDK 64-Bit Server VM > (Temurin)(build 25.372-b07, mixed mode) > * Java (test): openjdk version "1.8.0_372" OpenJDK Runtime > Environment (Temurin)(build 1.8.0_372-b07) OpenJDK 64-Bit Server VM > (Temurin)(build 25.372-b07, mixed mode) > * OS: Linux 6.1.0-12-amd64 x86_64 > * cc: cc (Debian 12.2.0-14) 12.2.0 > * make: GNU Make 4.3 > * OpenSSL: OpenSSL 1.1.1 11 Sep 2018 > * APR: 1.7.2 > * > * Valid SHA-512 signature for apache-tomcat-8.5.95.zip > * Valid GPG signature for apache-tomcat-8.5.95.zip > * Valid SHA-512 signature for apache-tomcat-8.5.95.tar.gz > * Valid GPG signature for apache-tomcat-8.5.95.tar.gz > * Valid SHA-512 signature for apache-tomcat-8.5.95.exe > * Valid GPG signature for apache-tomcat-8.5.95.exe > * Valid Windows Digital Signature for apache-tomcat-8.5.95.exe > * Valid SHA512 signature for apache-tomcat-8.5.95-src.zip > * Valid GPG signature for apache-tomcat-8.5.95-src.zip > * Valid SHA512 signature for apache-tomcat-8.5.95-src.tar.gz > * Valid GPG signature for apache-tomcat-8.5.95-src.tar.gz > * > * Binary Zip and tarball: Same > * Source Zip and tarball: Same > * > * Building dependencies returned: 0 > * tcnative builds cleanly > * Tomcat builds cleanly > * Junit Tests: PASSED > > - > To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org > For additional commands, e-mail: dev-h...@tomcat.apache.org > > -- Atentamente: César Hernández.
[PR] Reinstantiate an updated patch for OpenSSL 1.1.1 on Windows [tomcat-native]
michael-o opened a new pull request, #21: URL: https://github.com/apache/tomcat-native/pull/21 This patch has been recently removed because it does not apply to the latest version. Bring back an updated patch because Tomcat Native 1.2.x still supports 1.1.1 for those who need it on Windows, but strongly recommends to use 3.0 or newer. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 67731] Remove win-ipv6.patch
https://bz.apache.org/bugzilla/show_bug.cgi?id=67731 Michael Osipov changed: What|Removed |Added Status|NEW |RESOLVED Resolution|--- |INFORMATIONPROVIDED --- Comment #1 from Michael Osipov --- My bad, it is already gone. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 67731] Remove win-ipv6.patch
https://bz.apache.org/bugzilla/show_bug.cgi?id=67731 Michael Osipov changed: What|Removed |Added CC||micha...@apache.org -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 67731] New: Remove win-ipv6.patch
https://bz.apache.org/bugzilla/show_bug.cgi?id=67731 Bug ID: 67731 Summary: Remove win-ipv6.patch Product: Tomcat Native Version: 2.0.6 Hardware: All OS: All Status: NEW Severity: enhancement Priority: P2 Component: Library Assignee: dev@tomcat.apache.org Reporter: micha...@apache.org Target Milestone: --- All hunks from this patch are already upstream: * https://github.com/apache/apr/blob/1.7.4/network_io/win32/sockets.c * https://github.com/apache/apr/blob/1.7.4/misc/win32/misc.c * https://github.com/apache/apr/blob/1.7.4/include/arch/win32/apr_arch_misc.h The patch can be safely remove from main. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: [PR] BZ 66670: Add SSLHostConfig#certificateKeyPasswordFile and SSLHostConfig#certificateKeystorePasswordFile [tomcat]
michael-o commented on code in PR #672: URL: https://github.com/apache/tomcat/pull/672#discussion_r1358038098 ## java/org/apache/tomcat/util/net/SSLHostConfig.java: ## @@ -796,9 +796,6 @@ public static String adjustRelativePath(String path) throws FileNotFoundExceptio newPath = System.getProperty(Constants.CATALINA_BASE_PROP) + File.separator + newPath; f = new File(newPath); } -if (!f.exists()) { Review Comment: I left the commits intentionally for those who like to test this PR in action. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: [PR] BZ 66670: Add SSLHostConfig#certificateKeyPasswordFile and SSLHostConfig#certificateKeystorePasswordFile [tomcat]
rmaucher commented on code in PR #672: URL: https://github.com/apache/tomcat/pull/672#discussion_r1358035893 ## java/org/apache/tomcat/util/net/SSLHostConfig.java: ## @@ -796,9 +796,6 @@ public static String adjustRelativePath(String path) throws FileNotFoundExceptio newPath = System.getProperty(Constants.CATALINA_BASE_PROP) + File.separator + newPath; f = new File(newPath); } -if (!f.exists()) { Review Comment: Yes ok. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: [PR] BZ 66670: Add SSLHostConfig#certificateKeyPasswordFile and SSLHostConfig#certificateKeystorePasswordFile [tomcat]
michael-o commented on code in PR #672: URL: https://github.com/apache/tomcat/pull/672#discussion_r1358027078 ## java/org/apache/tomcat/util/net/SSLHostConfig.java: ## @@ -796,9 +796,6 @@ public static String adjustRelativePath(String path) throws FileNotFoundExceptio newPath = System.getProperty(Constants.CATALINA_BASE_PROP) + File.separator + newPath; f = new File(newPath); } -if (!f.exists()) { Review Comment: Note the first line of the PR and the prefix on the commit: NOTE: Disregard the [TEMPORARY] commits, they are for testing purposes only and will not be merged. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: [PR] BZ 66670: Add SSLHostConfig#certificateKeyPasswordFile and SSLHostConfig#certificateKeystorePasswordFile [tomcat]
michael-o commented on code in PR #672: URL: https://github.com/apache/tomcat/pull/672#discussion_r1358027078 ## java/org/apache/tomcat/util/net/SSLHostConfig.java: ## @@ -796,9 +796,6 @@ public static String adjustRelativePath(String path) throws FileNotFoundExceptio newPath = System.getProperty(Constants.CATALINA_BASE_PROP) + File.separator + newPath; f = new File(newPath); } -if (!f.exists()) { Review Comment: Note the first line of the PR and the prefix on the commit. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: [PR] BZ 66670: Add SSLHostConfig#certificateKeyPasswordFile and SSLHostConfig#certificateKeystorePasswordFile [tomcat]
rmaucher commented on code in PR #672: URL: https://github.com/apache/tomcat/pull/672#discussion_r1358020057 ## java/org/apache/tomcat/util/net/SSLHostConfig.java: ## @@ -796,9 +796,6 @@ public static String adjustRelativePath(String path) throws FileNotFoundExceptio newPath = System.getProperty(Constants.CATALINA_BASE_PROP) + File.separator + newPath; f = new File(newPath); } -if (!f.exists()) { Review Comment: Why remove this ? -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: [PR] BZ 66670: Add SSLHostConfig#certificateKeyPasswordFile and SSLHostConfig#certificateKeystorePasswordFile [tomcat]
michael-o commented on PR #672: URL: https://github.com/apache/tomcat/pull/672#issuecomment-1761201586 > For certificate (key) file, there's an attempt to always use PEMFile. When that fails, it uses the code path where it simply passes the file name, since that's what the native API has had since forever. It actually does not change the native code in a significant way since it would have to use a memory BIO rather than a file BIO, this is not a simple string like the password. So, if you are totally against adding the method overload in tomcat-native, please leave a comment in that specific PR. I still think, yes, you are partially right, but it does not hurt either, it just adds convenience. I'd like to know the opinion of other committers as well. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: [PR] BZ 66670: Add SSLHostConfig#certificateKeyPasswordFile and SSLHostConfig#certificateKeystorePasswordFile [tomcat]
rmaucher commented on PR #672: URL: https://github.com/apache/tomcat/pull/672#issuecomment-1761197570 For certificate (key) file, there's an attempt to always use PEMFile. When that fails, it uses the code path where it simply passes the file name, since that's what the native API has had since forever. It actually does not change the native code in a significant way since it would have to use a memory BIO rather than a file BIO, this is not a simple string like the password. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: [PR] BZ 66670: Add SSLHostConfig#certificateKeyPasswordFile and SSLHostConfig#certificateKeystorePasswordFile [tomcat]
michael-o commented on PR #672: URL: https://github.com/apache/tomcat/pull/672#issuecomment-1761175235 > Ok trying again. So the code addition in tomcat-native simply uses a file BIO to load the contents of the file and use it as a password. So overall, I do not understand the benefit of the rather significant amount of changes over simply loading the password files in the Java code and calling tomcat-native as before. I don't understand why any third party users of tomcat-native are not able to do the same as well, there's very little value add here and API compatibility seems more useful. I understand your point. It is basically for consistency with the Java code. We do also pass the path of the certificate and key to OpenSSL while we could load it in Java and pass raw bytes. This is the same. Consistency. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: [PR] BZ 66670: Add SSLHostConfig#certificateKeyPasswordFile and SSLHostConfig#certificateKeystorePasswordFile [tomcat]
rmaucher commented on PR #672: URL: https://github.com/apache/tomcat/pull/672#issuecomment-1761170846 Ok trying again. So the code addition in tomcat-native simply uses a file BIO to load the contents of the file and use it as a password. So overall, I do not understand the benefit of the rather significant amount of changes over simply loading the password files in the Java code and calling tomcat-native as before. I don't understand why any third party users of tomcat-native are not able to do the same as well, there's very little value add here and API compatibility seems more useful. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: [PR] BZ 66670: Add SSLHostConfig#certificateKeyPasswordFile and SSLHostConfig#certificateKeystorePasswordFile [tomcat]
michael-o commented on PR #672: URL: https://github.com/apache/tomcat/pull/672#issuecomment-1761153823 > I don't get it overall. Since that's what ultimately happens (the tomcat-native patch simply does that), I think the content of the files should simply be loaded as the password in the Java code. While I don't fully understand your statement, please read mine: https://github.com/apache/tomcat-native/pull/20#issue-1941460224 Long term I'd like to use this in Spring API Gateway with Netty and libtcnative instead of SunJSSE and well as neo4j. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: [PR] BZ 66670: Add SSLHostConfig#certificateKeyPasswordFile and SSLHostConfig#certificateKeystorePasswordFile [tomcat]
rmaucher commented on PR #672: URL: https://github.com/apache/tomcat/pull/672#issuecomment-1761136665 I don't get it overall. Since that's what ultimately happens (the tomcat-native patch simply does that), I think the content of the files should simply be loaded as the password in the Java code. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Buildbot failure in on tomcat-9.0.x
Build status: BUILD FAILED: failed compile (failure) Worker used: bb_worker2_ubuntu URL: https://ci2.apache.org/#builders/37/builds/732 Blamelist: remm Build Text: failed compile (failure) Status Detected: new failure Build Source Stamp: [branch 9.0.x] 93d70e339b378d2c2aeeb4ae1ad5324731b31c33 Steps: worker_preparation: 0 git: 0 shell: 0 shell_1: 0 shell_2: 0 shell_3: 0 shell_4: 0 shell_5: 0 compile: 1 shell_6: 0 shell_7: 0 shell_8: 0 shell_9: 0 Rsync docs to nightlies.apache.org: 0 shell_10: 0 Rsync RAT to nightlies.apache.org: 0 compile_1: 2 shell_11: 0 Rsync Logs to nightlies.apache.org: 0 -- ASF Buildbot - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: [PR] Fix NioChannel's toString() throwing NullPointerException in some cases [tomcat]
michael-o commented on PR #671: URL: https://github.com/apache/tomcat/pull/671#issuecomment-1761094466 > The benefit seems null IMO, in the debugger it will print out that this is null instead of a NPE, which should mean the same for a developer. Also, Nio2Channel.toString is the same. In terms of consistency we likely still should care, no? -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[PR] BZ 66670: Add SSLHostConfig#certificateKeyPasswordFile and SSLHostConfig#certificateKeystorePasswordFile [tomcat]
michael-o opened a new pull request, #672: URL: https://github.com/apache/tomcat/pull/672 NOTE: Disregard the `[TEMPORARY]` commits, they are for testing purposes only and will *not* be merged. Test matrix: * OpenSSL: 1.1.1, 3.0 * Tomcat Native: 1.2, 2.0 * OS: Windows, HP-UX, FreeBSD * Java versions: 8, 11, 21 * Combinations: * NIO + JSSE + PEM * NIO + JSSE + Keystore * NIO + OpenSSL + PEM * NIO + OpenSSL + Keystore * APR + OpenSSL + PEM * APR + OpenSSL + Keystore * Password file combinations: * valid password (`key-password`/`keystore-password`) * non-existing file (`non-existing-password`) * unreadable file (`key-perm-password`/`keystore-perm-password`) * empty file (`empty-password`) * invalid password (`invalid-password`) * multiple lines (`key-multi-password`/`keystore-multi-password`) * Certificates: self-signed and issued by our enterprise CA system `server.xml` snippet: ``` ``` This has also been tried with: ``` ``` It plays every nicely with the reloader and you can now swap everything: key, cert *and* password as likely required by many. Full automation, if desired. I have tried all of the above combinations to the extend they are available/possible. It just worked with positive and negative cases. Found issues: * https://bz.apache.org/bugzilla/show_bug.cgi?id=67675 * https://bz.apache.org/bugzilla/show_bug.cgi?id=67666 * https://bz.apache.org/bugzilla/show_bug.cgi?id=67628 * https://bz.apache.org/bugzilla/show_bug.cgi?id=67609 Important: First https://github.com/apache/tomcat-native/pull/20 needs to be merged and released, then Tomcat branches synched and then this can be merged. Approriate, ready-to-merge branches exist for all active versions. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[PR] BZ 66670: Add SSLHostConfig#certificateKeyPasswordFile and SSLHostCon… [tomcat-native]
michael-o opened a new pull request, #20: URL: https://github.com/apache/tomcat-native/pull/20 …fig#certificateKeystorePasswordFile This has been done on purpose because Tomcat is not the only consumer of this library and this should be available consistently to everyone out there. This is required for the main issue. Approriate, ready-to-merge branches exist for all active versions. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: [PR] Fix NioChannel's toString() throwing NullPointerException in some cases [tomcat]
rmaucher commented on PR #671: URL: https://github.com/apache/tomcat/pull/671#issuecomment-1761084688 The benefit seems null IMO, in the debugger it will print out that this is null instead of a NPE, which should mean the same for a developer. Also, Nio2Channel.toString is the same. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: [PR] Fix NioChannel's toString() throwing NullPointerException in some cases [tomcat]
michael-o commented on PR #671: URL: https://github.com/apache/tomcat/pull/671#issuecomment-1761073554 @markt-asf Are we good to merge this one? -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 9.0.x updated: Add release date for 9.0.82
This is an automated email from the ASF dual-hosted git repository. remm pushed a commit to branch 9.0.x in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/9.0.x by this push: new 93d70e339b Add release date for 9.0.82 93d70e339b is described below commit 93d70e339b378d2c2aeeb4ae1ad5324731b31c33 Author: remm AuthorDate: Fri Oct 13 09:45:12 2023 +0200 Add release date for 9.0.82 --- webapps/docs/changelog.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml index cfdcc0a7c2..6a726b6548 100644 --- a/webapps/docs/changelog.xml +++ b/webapps/docs/changelog.xml @@ -122,7 +122,7 @@ - + - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[ANN] Apache Tomcat 9.0.82 available
The Apache Tomcat team announces the immediate availability of Apache Tomcat 9.0.82. Apache Tomcat 9 is an open source software implementation of the Java Servlet, JavaServer Pages, Java Unified Expression Language, Java WebSocket and JASPIC technologies. Apache Tomcat 9.0.82 is a bugfix and feature release. The notable changes compared to 9.0.81 include: - Correct a regression in 9.0.81 that broke the Tomcat JBDC connection pool. - Correct a regression in 9.0.81 that broke HTTP compression. Along with lots of other bug fixes and improvements. Please refer to the change log for the complete list of changes: https://tomcat.apache.org/tomcat-9.0-doc/changelog.html Downloads: https://tomcat.apache.org/download-90.cgi Migration guides from Apache Tomcat 7.x and 8.x: https://tomcat.apache.org/migration.html Enjoy! - The Apache Tomcat team - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1912930 - in /tomcat/site/trunk/docs/tomcat-9.0-doc: ./ annotationapi/ annotationapi/javax/annotation/ annotationapi/javax/annotation/security/ annotationapi/javax/annotation/sql/ api/ ap
Author: remm Date: Fri Oct 13 07:35:21 2023 New Revision: 1912930 URL: http://svn.apache.org/viewvc?rev=1912930=rev Log: Docs update for 9.0.82 [This commit notification would consist of 68 parts, which exceeds the limit of 50 ones, so it was shortened to the summary.] - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1912929 - in /tomcat/site/trunk: ./ docs/ xdocs/
Author: remm Date: Fri Oct 13 07:29:28 2023 New Revision: 1912929 URL: http://svn.apache.org/viewvc?rev=1912929=rev Log: Update website for 9.0.82 Modified: tomcat/site/trunk/build.properties.default tomcat/site/trunk/docs/doap_Tomcat.rdf tomcat/site/trunk/docs/download-90.html tomcat/site/trunk/docs/index.html tomcat/site/trunk/docs/migration-9.html tomcat/site/trunk/docs/oldnews.html tomcat/site/trunk/docs/whichversion.html tomcat/site/trunk/xdocs/doap_Tomcat.rdf tomcat/site/trunk/xdocs/download-90.xml tomcat/site/trunk/xdocs/index.xml tomcat/site/trunk/xdocs/migration-9.xml tomcat/site/trunk/xdocs/oldnews.xml tomcat/site/trunk/xdocs/whichversion.xml Modified: tomcat/site/trunk/build.properties.default URL: http://svn.apache.org/viewvc/tomcat/site/trunk/build.properties.default?rev=1912929=1912928=1912929=diff == --- tomcat/site/trunk/build.properties.default (original) +++ tomcat/site/trunk/build.properties.default Fri Oct 13 07:29:28 2023 @@ -37,7 +37,7 @@ tomcat.loc=https://downloads.apache.org/ # - Tomcat versions - tomcat8.5=8.5.94 -tomcat9.0=9.0.81 +tomcat9.0=9.0.82 tomcat10.1=10.1.14 tomcat11.0=11.0.0-M12 Modified: tomcat/site/trunk/docs/doap_Tomcat.rdf URL: http://svn.apache.org/viewvc/tomcat/site/trunk/docs/doap_Tomcat.rdf?rev=1912929=1912928=1912929=diff == --- tomcat/site/trunk/docs/doap_Tomcat.rdf (original) +++ tomcat/site/trunk/docs/doap_Tomcat.rdf Fri Oct 13 07:29:28 2023 @@ -74,8 +74,8 @@ Latest Stable 9.0.x Release -2023-10-10 -9.0.81 +2023-10-13 +9.0.82 Modified: tomcat/site/trunk/docs/download-90.html URL: http://svn.apache.org/viewvc/tomcat/site/trunk/docs/download-90.html?rev=1912929=1912928=1912929=diff == --- tomcat/site/trunk/docs/download-90.html (original) +++ tomcat/site/trunk/docs/download-90.html Fri Oct 13 07:29:28 2023 @@ -10,7 +10,7 @@ Quick Navigation -[define v]9.0.81[end] +[define v]9.0.82[end] https://downloads.apache.org/tomcat/tomcat-9/KEYS;>KEYS | [v] | Browse | Modified: tomcat/site/trunk/docs/index.html URL: http://svn.apache.org/viewvc/tomcat/site/trunk/docs/index.html?rev=1912929=1912928=1912929=diff == --- tomcat/site/trunk/docs/index.html (original) +++ tomcat/site/trunk/docs/index.html Fri Oct 13 07:29:28 2023 @@ -34,6 +34,25 @@ wiki page. Apache Tomcat, Tomcat, Apache, the Apache feather, and the Apache Tomcat project logo are trademarks of the Apache Software Foundation. +2023-10-13 Tomcat 9.0.82 Released + +The Apache Tomcat Project is proud to announce the release of version 9.0.82 +of Apache Tomcat. This release implements specifications that are part of the +Java EE 8 platform. The notable changes compared to 9.0.81 include: + + Correct a regression in 9.0.81 that broke the Tomcat JBDC + connection pool. + Correct a regression in 9.0.81 that broke HTTP compression. + + +Full details of these changes, and all the other changes, are available in the +Tomcat 9 +changelog. + + + +https://tomcat.apache.org/download-90.cgi;>Download + 2023-10-10 Tomcat 10.1.14 Released The Apache Tomcat Project is proud to announce the release of version 10.1.14 Modified: tomcat/site/trunk/docs/migration-9.html URL: http://svn.apache.org/viewvc/tomcat/site/trunk/docs/migration-9.html?rev=1912929=1912928=1912929=diff == --- tomcat/site/trunk/docs/migration-9.html (original) +++ tomcat/site/trunk/docs/migration-9.html Fri Oct 13 07:29:28 2023 @@ -464,7 +464,8 @@ versions of Apache Tomcat. 9.0.76 9.0.78 9.0.79 -9.0.90 +9.0.80 +9.0.81 , new version: 9.0.0-M1 @@ -548,7 +549,8 @@ versions of Apache Tomcat. 9.0.78 9.0.79 9.0.80 -9.0.81 +9.0.81 +9.0.82 trunk (unreleased) Modified: tomcat/site/trunk/docs/oldnews.html URL: http://svn.apache.org/viewvc/tomcat/site/trunk/docs/oldnews.html?rev=1912929=1912928=1912929=diff == --- tomcat/site/trunk/docs/oldnews.html (original) +++ tomcat/site/trunk/docs/oldnews.html Fri Oct 13 07:29:28 2023 @@ -17,6 +17,37 @@ year 2011 year 2010 +2023-10-10 Tomcat 9.0.81 Released + +The Apache Tomcat Project is proud to announce the release of version 9.0.81 +of Apache Tomcat. This release implements specifications that are part of the +Java EE 8 platform. The notable changes compared to 9.0.81 include: + + Update Tomcat Native to 1.2.39 to pick up Windows binaries built with + OpenSSL 3.0.11. + Provide
[Bug 67722] Tomcat 10 Http11AprProtocol Protocol handler instantiation failed
https://bz.apache.org/bugzilla/show_bug.cgi?id=67722 --- Comment #2 from Michael Osipov --- (In reply to Remy Maucherat from comment #1) > In the logs, the first error is: > 12-Oct-2023 14:42:21.043 SEVERE [main] > org.apache.catalina.connector.Connector. Protocol handler > instantiation failed > java.lang.ClassNotFoundException: > org.apache.coyote.http11.Http11AprProtocol > > Indeed, the APR connector has been removed. You have to use another one, > either NIO or NIO2. OpenSSL can be used with them, which would replicate all > the functionality from the APR connector in the TLS area. Such a report is an indicator that if this class name is provided additionally an error should be logged which explains what to do... -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r64510 - /dev/tomcat/tomcat-9/v9.0.82/ /release/tomcat/tomcat-9/v9.0.82/
Author: remm Date: Fri Oct 13 06:48:15 2023 New Revision: 64510 Log: Release Apache Tomcat 9.0.82 Added: release/tomcat/tomcat-9/v9.0.82/ - copied from r64509, dev/tomcat/tomcat-9/v9.0.82/ Removed: dev/tomcat/tomcat-9/v9.0.82/ - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[VOTE][RESULT] Release Apache Tomcat 9.0.82
The following votes were cast: Binding: +1: isapir, fschumacher, remm, csutherl, markt, lihan, schultz Non-binding: +1: Cesar Hernandez No other votes were cast. The vote therefore passes. Thanks to everyone who contributed to this release. Rémy - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 67722] Tomcat 10 Http11AprProtocol Protocol handler instantiation failed
https://bz.apache.org/bugzilla/show_bug.cgi?id=67722 Remy Maucherat changed: What|Removed |Added Resolution|--- |INVALID Status|NEW |RESOLVED --- Comment #1 from Remy Maucherat --- In the logs, the first error is: 12-Oct-2023 14:42:21.043 SEVERE [main] org.apache.catalina.connector.Connector. Protocol handler instantiation failed java.lang.ClassNotFoundException: org.apache.coyote.http11.Http11AprProtocol Indeed, the APR connector has been removed. You have to use another one, either NIO or NIO2. OpenSSL can be used with them, which would replicate all the functionality from the APR connector in the TLS area. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org