subject:"svn commit\: r1199980 \- in \/tomcat\/trunk\/java\/org\/apache\: catalina\/core\/AprLifecycleListener.java catalina\/core\/LocalStrings.properties tomcat\/jni\/SSL.java"

Re: svn commit: r1199980 - in /tomcat/trunk/java/org/apache: catalina/core/AprLifecycleListener.java catalina/core/LocalStrings.properties tomcat/jni/SSL.java

2011-11-10 Thread Mark Thomas

On 09/11/2011 23:39, Konstantin Kolinko wrote: Maybe add explicit FIPS mode status check below the above error handling? Something like: if (on.equalsIgnoreCase(FIPSMode) !fipsModeActive) { fail fatally; } +1 Mark -

Re: svn commit: r1199980 - in /tomcat/trunk/java/org/apache: catalina/core/AprLifecycleListener.java catalina/core/LocalStrings.properties tomcat/jni/SSL.java

2011-11-10 Thread Christopher Schultz

Mark, On 11/10/11 6:28 AM, Mark Thomas wrote: On 09/11/2011 23:39, Konstantin Kolinko wrote: Maybe add explicit FIPS mode status check below the above error handling? Something like: if (on.equalsIgnoreCase(FIPSMode) !fipsModeActive) { fail fatally; } +1 Sounds good to me. What

svn commit: r1199980 - in /tomcat/trunk/java/org/apache: catalina/core/AprLifecycleListener.java catalina/core/LocalStrings.properties tomcat/jni/SSL.java

2011-11-09 Thread schultz

Author: schultz Date: Wed Nov 9 21:34:31 2011 New Revision: 1199980 URL: http://svn.apache.org/viewvc?rev=1199980view=rev Log: Fixed bug #50570 - Allow explicit use of FIPS mode in APR lifecycle listener - Added FIPSMode attribute to AprLifecycleListener that causes OpenSSL to go into FIPS mode

Re: svn commit: r1199980 - in /tomcat/trunk/java/org/apache: catalina/core/AprLifecycleListener.java catalina/core/LocalStrings.properties tomcat/jni/SSL.java

2011-11-09 Thread Mark Thomas

On 09/11/2011 21:34, schu...@apache.org wrote: Author: schultz Date: Wed Nov 9 21:34:31 2011 New Revision: 1199980 URL: http://svn.apache.org/viewvc?rev=1199980view=rev Log: Fixed bug #50570 - Allow explicit use of FIPS mode in APR lifecycle listener - Added FIPSMode attribute to

Re: svn commit: r1199980 - in /tomcat/trunk/java/org/apache: catalina/core/AprLifecycleListener.java catalina/core/LocalStrings.properties tomcat/jni/SSL.java

2011-11-09 Thread Christopher Schultz

Mark, On 11/9/11 2:06 PM, Mark Thomas wrote: On 09/11/2011 21:34, schu...@apache.org wrote: Author: schultz Date: Wed Nov 9 21:34:31 2011 New Revision: 1199980 URL: http://svn.apache.org/viewvc?rev=1199980view=rev Log: Fixed bug #50570 - Allow explicit use of FIPS mode in APR lifecycle

Re: svn commit: r1199980 - in /tomcat/trunk/java/org/apache: catalina/core/AprLifecycleListener.java catalina/core/LocalStrings.properties tomcat/jni/SSL.java

2011-11-09 Thread Mark Thomas

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 09/11/2011 22:09, Christopher Schultz wrote: Mark, On 11/9/11 2:06 PM, Mark Thomas wrote: On 09/11/2011 21:34, schu...@apache.org wrote: Author: schultz Date: Wed Nov 9 21:34:31 2011 New Revision: 1199980 URL:

Re: svn commit: r1199980 - in /tomcat/trunk/java/org/apache: catalina/core/AprLifecycleListener.java catalina/core/LocalStrings.properties tomcat/jni/SSL.java

2011-11-09 Thread Konstantin Kolinko

2011/11/10 Mark Thomas ma...@apache.org: On 09/11/2011 21:34, schu...@apache.org wrote: Author: schultz Date: Wed Nov 9 21:34:31 2011 New Revision: 1199980 URL: http://svn.apache.org/viewvc?rev=1199980view=rev Log: Fixed bug #50570 - Allow explicit use of FIPS mode in APR lifecycle

Re: svn commit: r1199980 - in /tomcat/trunk/java/org/apache: catalina/core/AprLifecycleListener.java catalina/core/LocalStrings.properties tomcat/jni/SSL.java

2011-11-09 Thread Christopher Schultz

Konstantin, On 11/9/11 2:24 PM, Konstantin Kolinko wrote: 2011/11/10 Mark Thomas ma...@apache.org: On 09/11/2011 21:34, schu...@apache.org wrote: Author: schultz Date: Wed Nov 9 21:34:31 2011 New Revision: 1199980 URL: http://svn.apache.org/viewvc?rev=1199980view=rev Log: Fixed bug #50570

Re: svn commit: r1199980 - in /tomcat/trunk/java/org/apache: catalina/core/AprLifecycleListener.java catalina/core/LocalStrings.properties tomcat/jni/SSL.java

2011-11-09 Thread Konstantin Kolinko

2011/11/10 Christopher Schultz ch...@christopherschultz.net: There is java.lang.UnsatisfiedLinkError (and not the IllegalStateException that the code throws). Despite this error, Tomcat startup sequence continues. I guess that from FIPS PoV the failure to initialize FIPS mode should be

Re: svn commit: r1199980 - in /tomcat/trunk/java/org/apache: catalina/core/AprLifecycleListener.java catalina/core/LocalStrings.properties tomcat/jni/SSL.java

2011-11-09 Thread Christopher Schultz

Mark, On 11/9/11 2:12 PM, Mark Thomas wrote: What happens if I try this with 1.1.22? Here is the behavior under various circumstances: 1.1.23, openssl-fips, FIPSMode!=on : regular startup 1.1.23, openssl-fips, FIPSMode=on : enter FIPS mode 1.1.23, openssl, FIPSMode!=on : regular startup

Re: svn commit: r1199980 - in /tomcat/trunk/java/org/apache: catalina/core/AprLifecycleListener.java catalina/core/LocalStrings.properties tomcat/jni/SSL.java

2011-11-09 Thread Christopher Schultz

All, On 11/9/11 4:32 PM, Christopher Schultz wrote: I see several ways to move forward, here, not necessarily mutually exclusive: 1. terminate SSL on FIPS error 2. set sslInitialized after initialization is complete (including FIPS), not before 3. set error state in SSL class to

Re: svn commit: r1199980 - in /tomcat/trunk/java/org/apache: catalina/core/AprLifecycleListener.java catalina/core/LocalStrings.properties tomcat/jni/SSL.java

2011-11-09 Thread Christopher Schultz

Konstantin, On 11/9/11 3:39 PM, Konstantin Kolinko wrote: 2011/11/10 Christopher Schultz ch...@christopherschultz.net: There is java.lang.UnsatisfiedLinkError (and not the IllegalStateException that the code throws). Despite this error, Tomcat startup sequence continues. I guess that from

Re: svn commit: r1199980 - in /tomcat/trunk/java/org/apache: catalina/core/AprLifecycleListener.java catalina/core/LocalStrings.properties tomcat/jni/SSL.java

Re: svn commit: r1199980 - in /tomcat/trunk/java/org/apache: catalina/core/AprLifecycleListener.java catalina/core/LocalStrings.properties tomcat/jni/SSL.java

svn commit: r1199980 - in /tomcat/trunk/java/org/apache: catalina/core/AprLifecycleListener.java catalina/core/LocalStrings.properties tomcat/jni/SSL.java

Re: svn commit: r1199980 - in /tomcat/trunk/java/org/apache: catalina/core/AprLifecycleListener.java catalina/core/LocalStrings.properties tomcat/jni/SSL.java

Re: svn commit: r1199980 - in /tomcat/trunk/java/org/apache: catalina/core/AprLifecycleListener.java catalina/core/LocalStrings.properties tomcat/jni/SSL.java

Re: svn commit: r1199980 - in /tomcat/trunk/java/org/apache: catalina/core/AprLifecycleListener.java catalina/core/LocalStrings.properties tomcat/jni/SSL.java

Re: svn commit: r1199980 - in /tomcat/trunk/java/org/apache: catalina/core/AprLifecycleListener.java catalina/core/LocalStrings.properties tomcat/jni/SSL.java

Re: svn commit: r1199980 - in /tomcat/trunk/java/org/apache: catalina/core/AprLifecycleListener.java catalina/core/LocalStrings.properties tomcat/jni/SSL.java

Re: svn commit: r1199980 - in /tomcat/trunk/java/org/apache: catalina/core/AprLifecycleListener.java catalina/core/LocalStrings.properties tomcat/jni/SSL.java

Re: svn commit: r1199980 - in /tomcat/trunk/java/org/apache: catalina/core/AprLifecycleListener.java catalina/core/LocalStrings.properties tomcat/jni/SSL.java

Re: svn commit: r1199980 - in /tomcat/trunk/java/org/apache: catalina/core/AprLifecycleListener.java catalina/core/LocalStrings.properties tomcat/jni/SSL.java

Re: svn commit: r1199980 - in /tomcat/trunk/java/org/apache: catalina/core/AprLifecycleListener.java catalina/core/LocalStrings.properties tomcat/jni/SSL.java

12 matches

Site Navigation

Mail list logo

Footer information