cvs commit: jakarta-tomcat-connectors/jni/native/src sslcontext.c
mturk 2005/06/09 23:25:08
Modified:jni/java/org/apache/tomcat/jni SSLContext.java
jni/native/include ssl_private.h
jni/native/src sslcontext.c
Log:
Call certificate chain with option to skip the leading server certificate
Revision ChangesPath
1.16 +5 -2
jakarta-tomcat-connectors/jni/java/org/apache/tomcat/jni/SSLContext.java
Index: SSLContext.java
===
RCS file:
/home/cvs/jakarta-tomcat-connectors/jni/java/org/apache/tomcat/jni/SSLContext.java,v
retrieving revision 1.15
retrieving revision 1.16
diff -u -r1.15 -r1.16
--- SSLContext.java 9 Jun 2005 09:13:55 - 1.15
+++ SSLContext.java 10 Jun 2005 06:25:08 - 1.16
@@ -166,8 +166,11 @@
* confused in this situation.
* @param ctx Server or Client context to use.
* @param file File of PEM-encoded Server CA Certificates.
+ * @param skipfirst Skip first certificate if chain file is inside
+ * certificate file.
*/
-public static native boolean setCertificateChainFile(long ctx, String
file);
+public static native boolean setCertificateChainFile(long ctx, String
file,
+ boolean skipfirst);
/**
* Set Certificate
1.21 +1 -2
jakarta-tomcat-connectors/jni/native/include/ssl_private.h
Index: ssl_private.h
===
RCS file:
/home/cvs/jakarta-tomcat-connectors/jni/native/include/ssl_private.h,v
retrieving revision 1.20
retrieving revision 1.21
diff -u -r1.20 -r1.21
--- ssl_private.h 8 Jun 2005 07:15:57 - 1.20
+++ ssl_private.h 10 Jun 2005 06:25:08 - 1.21
@@ -169,7 +169,6 @@
/* we are one or the other */
int mode;
-const char *cert_chain;
/* certificate revocation list */
X509_STORE *crl;
const char *cert_files[SSL_AIDX_MAX];
1.30 +10 -8 jakarta-tomcat-connectors/jni/native/src/sslcontext.c
Index: sslcontext.c
===
RCS file: /home/cvs/jakarta-tomcat-connectors/jni/native/src/sslcontext.c,v
retrieving revision 1.29
retrieving revision 1.30
diff -u -r1.29 -r1.30
--- sslcontext.c 9 Jun 2005 09:13:55 - 1.29
+++ sslcontext.c 10 Jun 2005 06:25:08 - 1.30
@@ -317,18 +317,20 @@
}
TCN_IMPLEMENT_CALL(jboolean, SSLContext,
setCertificateChainFile)(TCN_STDARGS, jlong ctx,
- jstring
file)
+ jstring
file,
+ jboolean
skipfirst)
{
tcn_ssl_ctxt_t *c = J2P(ctx, tcn_ssl_ctxt_t *);
-jboolean rv = JNI_TRUE;
-
+jboolean rv = JNI_FALSE;
+TCN_ALLOC_CSTRING(file);
+
UNREFERENCED(o);
TCN_ASSERT(ctx != 0);
-if (!file)
+if (!J2S(file))
return JNI_FALSE;
-if ((c-cert_chain = tcn_pstrdup(e, file, c-pool)) == NULL)
-rv = JNI_FALSE;
-
+if (SSL_CTX_use_certificate_chain(c-ctx, J2S(file), skipfirst) 0)
+rv = JNI_TRUE;
+TCN_FREE_CSTRING(file);
return rv;
}
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
DO NOT REPLY [Bug 35156] - Stream closed exception
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT http://issues.apache.org/bugzilla/show_bug.cgi?id=35156. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND· INSERTED IN THE BUG DATABASE. http://issues.apache.org/bugzilla/show_bug.cgi?id=35156 --- Additional Comments From [EMAIL PROTECTED] 2005-06-10 08:28 --- Check bug# 33810. Try with 5.0.30 version and see if your problem goes away. -- Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are the assignee for the bug, or are watching the assignee. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
cvs commit: jakarta-tomcat-connectors/jni/native/src sslcontext.c
mturk 2005/06/09 23:44:35 Modified:jni/java/org/apache/tomcat/jni SSL.java SSLContext.java jni/native/include ssl_private.h jni/native/src sslcontext.c Log: Add option for setting the SSL connection shutdown type. Revision ChangesPath 1.16 +5 -1 jakarta-tomcat-connectors/jni/java/org/apache/tomcat/jni/SSL.java Index: SSL.java === RCS file: /home/cvs/jakarta-tomcat-connectors/jni/java/org/apache/tomcat/jni/SSL.java,v retrieving revision 1.15 retrieving revision 1.16 diff -u -r1.15 -r1.16 --- SSL.java 9 Jun 2005 09:13:54 - 1.15 +++ SSL.java 10 Jun 2005 06:44:35 - 1.16 @@ -153,6 +153,10 @@ public static final int SSL_MODE_SERVER = 1; public static final int SSL_MODE_COMBINED = 2; +public static final int SSL_SHUTDOWN_TYPE_UNSET= 0; +public static final int SSL_SHUTDOWN_TYPE_STANDARD = 1; +public static final int SSL_SHUTDOWN_TYPE_UNCLEAN = 2; +public static final int SSL_SHUTDOWN_TYPE_ACCURATE = 3; /* Return OpenSSL version number */ public static native int version(); 1.17 +18 -4 jakarta-tomcat-connectors/jni/java/org/apache/tomcat/jni/SSLContext.java Index: SSLContext.java === RCS file: /home/cvs/jakarta-tomcat-connectors/jni/java/org/apache/tomcat/jni/SSLContext.java,v retrieving revision 1.16 retrieving revision 1.17 diff -u -r1.16 -r1.17 --- SSLContext.java 10 Jun 2005 06:25:08 - 1.16 +++ SSLContext.java 10 Jun 2005 06:44:35 - 1.17 @@ -41,7 +41,7 @@ * SSL_MODE_CLIENT * SSL_MODE_SERVER * SSL_MODE_COMBINED - * /PRE + * /PRE */ public static native long make(long pool, int protocol, int mode) throws Exception; @@ -134,7 +134,7 @@ * Certificate Revocation Lists (CRL) of Certification Authorities (CA) * whose clients you deal with. These are used for Client Authentication. * Such a file is simply the concatenation of the various PEM-encoded CRL - * files, in order of preference. + * files, in order of preference. * br / * The files in this directory have to be PEM-encoded and are accessed through * hash filenames. So usually you can't just place the Certificate files there: @@ -167,7 +167,7 @@ * @param ctx Server or Client context to use. * @param file File of PEM-encoded Server CA Certificates. * @param skipfirst Skip first certificate if chain file is inside - * certificate file. + * certificate file. */ public static native boolean setCertificateChainFile(long ctx, String file, boolean skipfirst); @@ -249,6 +249,20 @@ public static native void setVerifyDepth(long ctx, int depth); /** + * Set SSL connection shutdown type + * br / + * The following levels are available for level: + * PRE + * SSL_SHUTDOWN_TYPE_STANDARD + * SSL_SHUTDOWN_TYPE_UNCLEAN + * SSL_SHUTDOWN_TYPE_ACCURATE + * /PRE + * @param ctx Server or Client context to use. + * @param type Shutdown type to use. + */ +public static native void setShutdowType(long ctx, int type); + +/** * Set Type of Client Certificate verification * br / * This directive sets the Certificate verification level for the Client 1.22 +8 -1 jakarta-tomcat-connectors/jni/native/include/ssl_private.h Index: ssl_private.h === RCS file: /home/cvs/jakarta-tomcat-connectors/jni/native/include/ssl_private.h,v retrieving revision 1.21 retrieving revision 1.22 diff -u -r1.21 -r1.22 --- ssl_private.h 10 Jun 2005 06:25:08 - 1.21 +++ ssl_private.h 10 Jun 2005 06:44:35 - 1.22 @@ -134,6 +134,11 @@ #define SSL_CVERIFY_OPTIONAL_NO_CA (3) #define SSL_VERIFY_PEER_STRICT (SSL_VERIFY_PEER|SSL_VERIFY_FAIL_IF_NO_PEER_CERT) +#define SSL_SHUTDOWN_TYPE_UNSET (0) +#define SSL_SHUTDOWN_TYPE_STANDARD (1) +#define SSL_SHUTDOWN_TYPE_UNCLEAN (2) +#define SSL_SHUTDOWN_TYPE_ACCURATE (3) + #define SSL_DEFAULT_PASS_PROMPT Some of your private key files are encrypted for security reasons.\n \ In order to read them you have to provide the pass phrases.\n \ Enter password : @@ -177,6 +182,7 @@ EVP_PKEY*keys[SSL_AIDX_MAX]; int ca_certs; +int shutdown_type; const char *cipher_suite; /* for client or
cvs commit: jakarta-tomcat-connectors/jni/native/src jnilib.c
mturk 2005/06/10 03:30:18 Modified:jni/native/src jnilib.c Log: Dump ssl network statistics. Revision ChangesPath 1.9 +3 -1 jakarta-tomcat-connectors/jni/native/src/jnilib.c Index: jnilib.c === RCS file: /home/cvs/jakarta-tomcat-connectors/jni/native/src/jnilib.c,v retrieving revision 1.8 retrieving revision 1.9 diff -u -r1.8 -r1.9 --- jnilib.c 1 Jun 2005 06:33:37 - 1.8 +++ jnilib.c 10 Jun 2005 10:30:18 - 1.9 @@ -35,6 +35,7 @@ #ifdef TCN_DO_STATISTICS extern void sp_poll_dump_statistics(); extern void sp_network_dump_statistics(); +extern void ssl_network_dump_statistics(); #endif apr_pool_t *tcn_global_pool = NULL; @@ -191,6 +192,7 @@ #ifdef TCN_DO_STATISTICS sp_poll_dump_statistics(); sp_network_dump_statistics(); +ssl_network_dump_statistics(); fprintf(stderr, APR Terminated\n); #endif } - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
cvs commit: jakarta-tomcat-connectors/jni/native/src sslnetwork.c
mturk 2005/06/10 03:47:37
Modified:jni/native/include ssl_private.h
jni/native/src sslnetwork.c
Log:
Implement close and shutdown for SSL sockets.
Revision ChangesPath
1.24 +2 -1
jakarta-tomcat-connectors/jni/native/include/ssl_private.h
Index: ssl_private.h
===
RCS file:
/home/cvs/jakarta-tomcat-connectors/jni/native/include/ssl_private.h,v
retrieving revision 1.23
retrieving revision 1.24
diff -u -r1.23 -r1.24
--- ssl_private.h 10 Jun 2005 10:31:09 - 1.23
+++ ssl_private.h 10 Jun 2005 10:47:37 - 1.24
@@ -192,6 +192,7 @@
};
typedef struct {
+apr_pool_t *pool;
tcn_ssl_ctxt_t *ctx;
SSL*ssl;
X509 *cert;
1.3 +52 -4 jakarta-tomcat-connectors/jni/native/src/sslnetwork.c
Index: sslnetwork.c
===
RCS file: /home/cvs/jakarta-tomcat-connectors/jni/native/src/sslnetwork.c,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- sslnetwork.c 10 Jun 2005 10:31:09 - 1.2
+++ sslnetwork.c 10 Jun 2005 10:47:37 - 1.3
@@ -144,9 +144,9 @@
goto cleanup;
}
SSL_clear(ssl);
-
-con-ctx = c;
-con-ssl = ssl;
+con-pool = p;
+con-ctx = c;
+con-ssl = ssl;
con-shutdown_type = c-shutdown_type;
apr_pool_cleanup_register(p, (const void *)con,
ssl_socket_cleanup,
@@ -160,6 +160,54 @@
}
+TCN_IMPLEMENT_CALL(jint, SSLSocket, shutdown)(TCN_STDARGS, jlong sock,
+ jint how)
+{
+apr_status_t rv = APR_SUCCESS;
+tcn_ssl_conn_t *con = J2P(sock, tcn_ssl_conn_t *);
+
+UNREFERENCED_STDARGS;
+TCN_ASSERT(sock != 0);
+if (con-ssl) {
+if (how 0)
+how = con-shutdown_type;
+rv = ssl_smart_shutdown(con-ssl, how);
+/* TODO: Translate OpenSSL Error codes */
+SSL_free(con-ssl);
+con-ssl = NULL;
+}
+return (jint)rv;
+}
+
+TCN_IMPLEMENT_CALL(jint, SSLSocket, close)(TCN_STDARGS, jlong sock)
+{
+tcn_ssl_conn_t *con = J2P(sock, tcn_ssl_conn_t *);
+apr_status_t rv = APR_SUCCESS;
+UNREFERENCED_STDARGS;
+TCN_ASSERT(sock != 0);
+
+#ifdef TCN_DO_STATISTICS
+apr_atomic_inc32(ssl_closed);
+#endif
+apr_pool_cleanup_kill(con-pool, con, ssl_socket_cleanup);
+if (con-ssl) {
+rv = ssl_smart_shutdown(con-ssl, con-shutdown_type);
+SSL_free(con-ssl);
+con-ssl = NULL;
+}
+if (con-cert) {
+X509_free(con-cert);
+con-cert = NULL;
+}
+if (con-sock) {
+apr_status_t rc;
+if ((rc = apr_socket_close(con-sock)) != APR_SUCCESS)
+rv = rc;
+con-sock = NULL;
+}
+return (jint)rv;
+}
+
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
cvs commit: jakarta-tomcat-connectors/jni/java/org/apache/tomcat/jni SSLSocket.java
mturk 2005/06/10 03:55:32
Added: jni/java/org/apache/tomcat/jni SSLSocket.java
Log:
SSLSocket wrapper initial code.
Revision ChangesPath
1.1
jakarta-tomcat-connectors/jni/java/org/apache/tomcat/jni/SSLSocket.java
Index: SSLSocket.java
===
/*
* Copyright 1999-2004 The Apache Software Foundation
*
* Licensed under the Apache License, Version 2.0 (the License);
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an AS IS BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.apache.tomcat.jni;
/* Import needed classes */
import java.nio.ByteBuffer;
/** SSL Socket
*
* @author Mladen Turk
* @version $Revision: 1.1 $, $Date: 2005/06/10 10:55:32 $
*/
public class SSLSocket {
/**
* Create a socket.
* @param ctx SSLContext to use.
* @param pool The pool to use
* @return The new socket that has been set up.
*/
public static native long create(long ctx, long pool)
throws Exception;
/**
* Shutdown a socket.
* br /
* This does not actually close the socket descriptor, it just
* controls which calls are still valid on the socket.
* @param thesocket The socket to close
* @param how How to shutdown the socket. One of:
* PRE
* SSL_SHUTDOWN_TYPE_UNSET
* SSL_SHUTDOWN_TYPE_STANDARD
* SSL_SHUTDOWN_TYPE_UNCLEAN
* SSL_SHUTDOWN_TYPE_ACCURATE
* /PRE
* If SSL_SHUTDOWN_TYPE_UNSET is used the default context shutdown
* type is used.
*/
public static native int shutdown(long thesocket, int how);
/**
* Close a socket.
* @param thesocket The socket to close
*/
public static native int close(long thesocket);
}
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
cvs commit: jakarta-tomcat-connectors/util/java/org/apache/tomcat/util/net AprEndpoint.java
remm2005/06/10 04:03:32
Modified:util/java/org/apache/tomcat/util/net AprEndpoint.java
Log:
- Use the new Status constants.
Revision ChangesPath
1.38 +3 -3
jakarta-tomcat-connectors/util/java/org/apache/tomcat/util/net/AprEndpoint.java
Index: AprEndpoint.java
===
RCS file:
/home/cvs/jakarta-tomcat-connectors/util/java/org/apache/tomcat/util/net/AprEndpoint.java,v
retrieving revision 1.37
retrieving revision 1.38
diff -u -r1.37 -r1.38
--- AprEndpoint.java 27 May 2005 16:45:56 - 1.37
+++ AprEndpoint.java 10 Jun 2005 11:03:32 - 1.38
@@ -887,7 +887,7 @@
maintainTime += pollTime;
} else if (rv 0) {
/* Any non timeup error is critical */
-if (Status.APR_STATUS_IS_TIMEUP(-rv))
+if (-rv == Status.TIMEUP)
rv = 0;
else {
log.error(sm.getString(endpoint.poll.fail));
@@ -1139,7 +1139,7 @@
long nw = Socket.sendfile(data.socket, data.fd, null,
null,
data.pos, data.end, 0);
if (nw 0) {
-if (!Status.APR_STATUS_IS_EAGAIN((int) -nw)) {
+if (!(-nw == Status.EAGAIN)) {
Poll.destroy(data.pool);
return false;
} else {
@@ -1275,7 +1275,7 @@
}
} else if (rv 0) {
/* Any non timeup error is critical */
-if (Status.APR_STATUS_IS_TIMEUP(-rv))
+if (-rv == Status.TIMEUP)
rv = 0;
else {
log.error(sm.getString(endpoint.poll.fail));
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
cvs commit: jakarta-tomcat-connectors/util/java/org/apache/tomcat/util/net AprEndpoint.java
remm2005/06/10 05:55:12
Modified:util/java/org/apache/tomcat/util/net AprEndpoint.java
Log:
- Start with the end of the socket list.
Revision ChangesPath
1.40 +2 -2
jakarta-tomcat-connectors/util/java/org/apache/tomcat/util/net/AprEndpoint.java
Index: AprEndpoint.java
===
RCS file:
/home/cvs/jakarta-tomcat-connectors/util/java/org/apache/tomcat/util/net/AprEndpoint.java,v
retrieving revision 1.39
retrieving revision 1.40
diff -u -r1.39 -r1.40
--- AprEndpoint.java 10 Jun 2005 12:49:56 - 1.39
+++ AprEndpoint.java 10 Jun 2005 12:55:12 - 1.40
@@ -856,7 +856,7 @@
// Add sockets which are waiting to the poller
if (addCount 0) {
synchronized (addS) {
-for (int i = 0; i addCount; i++) {
+for (int i = (addCount - 1); i = 0; i--) {
int rv = Poll.add
(serverPollset, addS[i], addP[i],
Poll.APR_POLLIN);
if (rv == Status.APR_SUCCESS) {
@@ -1217,7 +1217,7 @@
// Add socket to the poller
if (addS.size() 0) {
synchronized (addS) {
-for (int i = 0; i addS.size(); i++) {
+for (int i = addS.size() - 1; i = 0; i--) {
SendfileData data = (SendfileData)
addS.get(i);
int rv = Poll.add(sendfilePollset,
data.socket, 0, Poll.APR_POLLOUT);
if (rv == Status.APR_SUCCESS) {
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
cvs commit: jakarta-tomcat-connectors/jni/native/src network.c poll.c
mturk 2005/06/10 00:06:10
Modified:jni/java/org/apache/tomcat/jni Status.java
jni/native/include tcn.h
jni/native/src network.c poll.c
Log:
Use macros for portable wrapping of APR_STATUS_IS to
user error messages for most common return values
Revision ChangesPath
1.8 +4 -1
jakarta-tomcat-connectors/jni/java/org/apache/tomcat/jni/Status.java
Index: Status.java
===
RCS file:
/home/cvs/jakarta-tomcat-connectors/jni/java/org/apache/tomcat/jni/Status.java,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -r1.7 -r1.8
--- Status.java 9 Jun 2005 11:13:40 - 1.7
+++ Status.java 10 Jun 2005 07:06:10 - 1.8
@@ -177,6 +177,9 @@
public static final int TIMEUP= (APR_OS_START_USERERR + 1);
public static final int EAGAIN= (APR_OS_START_USERERR + 2);
+public static final int EINTR = (APR_OS_START_USERERR + 3);
+public static final int EINPROGRESS = (APR_OS_START_USERERR + 4);
+public static final int ETIMEDOUT = (APR_OS_START_USERERR + 5);
private static native boolean is(int err, int idx);
/**
1.15 +20 -3 jakarta-tomcat-connectors/jni/native/include/tcn.h
Index: tcn.h
===
RCS file: /home/cvs/jakarta-tomcat-connectors/jni/native/include/tcn.h,v
retrieving revision 1.14
retrieving revision 1.15
diff -u -r1.14 -r1.15
--- tcn.h 9 Jun 2005 11:13:40 - 1.14
+++ tcn.h 10 Jun 2005 07:06:10 - 1.15
@@ -39,8 +39,25 @@
#define APR_MAX_IOVEC_SIZE 1024
#endif
-#define TCN_TIMEUP APR_OS_START_USERERR + 1
-#define TCN_EAGAIN APR_OS_START_USERERR + 2
+#define TCN_TIMEUP APR_OS_START_USERERR + 1
+#define TCN_EAGAIN APR_OS_START_USERERR + 2
+#define TCN_EINTR APR_OS_START_USERERR + 3
+#define TCN_EINPROGRESS APR_OS_START_USERERR + 4
+#define TCN_ETIMEDOUT APR_OS_START_USERERR + 5
+
+#define TCN_ERROR_WRAP(E) \
+if (APR_STATUS_IS_TIMEUP(E))\
+(E) = TCN_TIMEUP; \
+else if (APR_STATUS_IS_EAGAIN(E)) \
+(E) = TCN_EAGAIN; \
+else if (APR_STATUS_IS_EINTR(E))\
+(E) = TCN_EINTR;\
+else if (APR_STATUS_IS_EINPROGRESS(E)) \
+(E) = TCN_EINPROGRESS; \
+else if (APR_STATUS_IS_ETIMEDOUT(E))\
+(E) = TCN_ETIMEDOUT;\
+else\
+(E) = (E)
#define TCN_CLASS_PATH org/apache/tomcat/jni/
#define TCN_FINFO_CLASS TCN_CLASS_PATH FileInfo
1.25 +11 -21jakarta-tomcat-connectors/jni/native/src/network.c
Index: network.c
===
RCS file: /home/cvs/jakarta-tomcat-connectors/jni/native/src/network.c,v
retrieving revision 1.24
retrieving revision 1.25
diff -u -r1.24 -r1.25
--- network.c 9 Jun 2005 11:13:40 - 1.24
+++ network.c 10 Jun 2005 07:06:10 - 1.25
@@ -292,8 +292,7 @@
if (ss == APR_SUCCESS)
return (jint)nbytes;
else {
-if (APR_STATUS_IS_EAGAIN(ss))
-ss = TCN_EAGAIN;
+TCN_ERROR_WRAP(ss);
return -(jint)ss;
}
}
@@ -315,8 +314,7 @@
if (ss == APR_SUCCESS)
return (jint)nbytes;
else {
-if (APR_STATUS_IS_EAGAIN(ss))
-ss = TCN_EAGAIN;
+TCN_ERROR_WRAP(ss);
return -(jint)ss;
}
}
@@ -351,8 +349,7 @@
if (ss == APR_SUCCESS)
return (jint)written;
else {
-if (APR_STATUS_IS_EAGAIN(ss))
-ss = TCN_EAGAIN;
+TCN_ERROR_WRAP(ss);
return -(jint)ss;
}
}
@@ -386,8 +383,7 @@
if (ss == APR_SUCCESS)
return (jint)nbytes;
else {
-if (APR_STATUS_IS_EAGAIN(ss))
-ss = TCN_EAGAIN;
+TCN_ERROR_WRAP(ss);
return -(jint)ss;
}
}
@@ -410,8 +406,7 @@
if (ss == APR_SUCCESS)
return (jint)nbytes;
else {
-if (APR_STATUS_IS_EAGAIN(ss))
-ss = TCN_EAGAIN;
+TCN_ERROR_WRAP(ss);
return -(jint)ss;
}
}
@@ -444,8 +439,7 @@
if (ss == APR_SUCCESS)
return (jint)nbytes;
else {
-if (APR_STATUS_IS_EAGAIN(ss))
-ss = TCN_EAGAIN;
+TCN_ERROR_WRAP(ss);
return -(jint)ss;
}
}
@@ -468,8 +462,7 @@
if (ss == APR_SUCCESS)
return (jint)nbytes;
else {
-if (APR_STATUS_IS_EAGAIN(ss))
-ss = TCN_EAGAIN;
+TCN_ERROR_WRAP(ss);
return
Re: Summer of code - next steps?
Tim Funk wrote: For those interested in Summer of code what do we need to do next? Is having the Wiki up to date enough? And we sit back while participants submit their proposals and Google chooses whom will get the stipend, while the folks listed on the Wiki mentor? http://code.google.com/soc_application.html Very good questions :) I'm interested too. I added the JSTL tag plugins for Jasper as another project, BTW. Rémy - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
cvs commit: jakarta-tomcat-connectors/jni/native/src error.c
mturk 2005/06/10 00:11:14
Modified:jni/native/src error.c
Log:
Use extended macro for checking user wrapped errors.
Revision ChangesPath
1.12 +7 -12 jakarta-tomcat-connectors/jni/native/src/error.c
Index: error.c
===
RCS file: /home/cvs/jakarta-tomcat-connectors/jni/native/src/error.c,v
retrieving revision 1.11
retrieving revision 1.12
diff -u -r1.11 -r1.12
--- error.c 9 Jun 2005 11:13:40 - 1.11
+++ error.c 10 Jun 2005 07:11:14 - 1.12
@@ -133,6 +133,7 @@
TCN_IMPLEMENT_CALL(jboolean, Status, is)(TCN_STDARGS, jint err, jint idx)
{
#define APR_IS(I, E) case I: if (E(err)) return JNI_TRUE; break
+#define APR_ISX(I, E, T) case I: if (E(err) || (err == T)) return JNI_TRUE;
break
UNREFERENCED_STDARGS;
switch (idx) {
@@ -173,10 +174,7 @@
APR_IS(54, APR_STATUS_IS_NOTDETACH);
APR_IS(55, APR_STATUS_IS_CHILD_DONE);
APR_IS(56, APR_STATUS_IS_CHILD_NOTDONE);
-case 57:
-if (APR_STATUS_IS_TIMEUP(err) || err == TCN_TIMEUP)
-return JNI_TRUE;
-break;
+APR_ISX(57, APR_STATUS_IS_TIMEUP, TCN_TIMEUP);
APR_IS(58, APR_STATUS_IS_INCOMPLETE);
/* empty slot: +9 */
/* empty slot: +10 */
@@ -196,15 +194,12 @@
APR_IS(74, APR_STATUS_IS_EMISMATCH);
APR_IS(75, APR_STATUS_IS_EBUSY);
/* Socket errors */
-case 90:
-if (APR_STATUS_IS_EAGAIN(err) || err == TCN_EAGAIN)
-return JNI_TRUE;
-break;
-APR_IS(91, TCN_STATUS_IS_ETIMEDOUT);
+APR_ISX(90, APR_STATUS_IS_EAGAIN, TCN_EAGAIN);
+APR_ISX(91, TCN_STATUS_IS_ETIMEDOUT, TCN_ETIMEDOUT);
APR_IS(92, APR_STATUS_IS_ECONNABORTED);
APR_IS(93, APR_STATUS_IS_ECONNRESET);
-APR_IS(94, APR_STATUS_IS_EINPROGRESS);
-APR_IS(95, APR_STATUS_IS_EINTR);
+APR_ISX(94, APR_STATUS_IS_EINPROGRESS, TCN_EINPROGRESS);
+APR_ISX(95, APR_STATUS_IS_EINTR, TCN_EINTR);
APR_IS(96, APR_STATUS_IS_ENOTSOCK);
APR_IS(97, APR_STATUS_IS_EINVAL);
}
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
cvs commit: jakarta-tomcat-connectors/jni/native/src sslnetwork.c
mturk 2005/06/10 04:30:54
Modified:jni/java/org/apache/tomcat/jni SSLSocket.java
jni/native/src sslnetwork.c
Log:
Remve create because the SSL connection will be created either
with accept or connect call.
Revision ChangesPath
1.2 +14 -3
jakarta-tomcat-connectors/jni/java/org/apache/tomcat/jni/SSLSocket.java
Index: SSLSocket.java
===
RCS file:
/home/cvs/jakarta-tomcat-connectors/jni/java/org/apache/tomcat/jni/SSLSocket.java,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- SSLSocket.java10 Jun 2005 10:55:32 - 1.1
+++ SSLSocket.java10 Jun 2005 11:30:54 - 1.2
@@ -28,12 +28,23 @@
public class SSLSocket {
/**
- * Create a socket.
+ * Accept a SSL connection.
* @param ctx SSLContext to use.
+ * @param sock APR Socket that already did physical accept.
* @param pool The pool to use
* @return The new socket that has been set up.
*/
-public static native long create(long ctx, long pool)
+public static native long accept(long ctx, long sock long pool)
+throws Exception;
+
+/**
+ * Connect on a SSL connection.
+ * @param ctx SSLContext to use.
+ * @param sock APR Socket that already did physical connect.
+ * @param pool The pool to use
+ * @return The new socket that has been set up.
+ */
+public static native long connect(long ctx, long sock long pool)
throws Exception;
1.4 +67 -23jakarta-tomcat-connectors/jni/native/src/sslnetwork.c
Index: sslnetwork.c
===
RCS file: /home/cvs/jakarta-tomcat-connectors/jni/native/src/sslnetwork.c,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- sslnetwork.c 10 Jun 2005 10:47:37 - 1.3
+++ sslnetwork.c 10 Jun 2005 11:30:54 - 1.4
@@ -120,44 +120,35 @@
return APR_SUCCESS;
}
-TCN_IMPLEMENT_CALL(jlong, SSLSocket, create)(TCN_STDARGS, jlong ctx,
- jlong pool)
+static tcn_ssl_conn_t *ssl_create(JNIEnv *env, tcn_ssl_ctxt_t *ctx,
apr_pool_t *pool)
{
-tcn_ssl_ctxt_t *c = J2P(ctx, tcn_ssl_ctxt_t *);
-apr_pool_t *p = J2P(pool, apr_pool_t *);
tcn_ssl_conn_t *con;
SSL *ssl;
-UNREFERENCED(o);
-TCN_ASSERT(pool != 0);
-TCN_ASSERT(ctx != 0);
-
-if ((con = apr_pcalloc(p, sizeof(tcn_ssl_conn_t))) == NULL) {
-tcn_ThrowAPRException(e, apr_get_os_error());
-goto cleanup;
+if ((con = apr_pcalloc(pool, sizeof(tcn_ssl_conn_t))) == NULL) {
+tcn_ThrowAPRException(env, apr_get_os_error());
+return NULL;
}
-if ((ssl = SSL_new(c-ctx)) == NULL) {
+if ((ssl = SSL_new(ctx-ctx)) == NULL) {
char err[256];
ERR_error_string(ERR_get_error(), err);
-tcn_Throw(e, SSL_new failed (%s), err);
+tcn_Throw(env, SSL_new failed (%s), err);
con = NULL;
-goto cleanup;
+return NULL;
}
SSL_clear(ssl);
-con-pool = p;
-con-ctx = c;
+con-pool = pool;
+con-ctx = ctx;
con-ssl = ssl;
-con-shutdown_type = c-shutdown_type;
-apr_pool_cleanup_register(p, (const void *)con,
+con-shutdown_type = ctx-shutdown_type;
+apr_pool_cleanup_register(pool, (const void *)con,
ssl_socket_cleanup,
apr_pool_cleanup_null);
#ifdef TCN_DO_STATISTICS
ssl_created++;
#endif
-cleanup:
-return P2J(con);
-
+return con;
}
TCN_IMPLEMENT_CALL(jint, SSLSocket, shutdown)(TCN_STDARGS, jlong sock,
@@ -169,7 +160,7 @@
UNREFERENCED_STDARGS;
TCN_ASSERT(sock != 0);
if (con-ssl) {
-if (how 0)
+if (how 1)
how = con-shutdown_type;
rv = ssl_smart_shutdown(con-ssl, how);
/* TODO: Translate OpenSSL Error codes */
@@ -208,7 +199,60 @@
return (jint)rv;
}
+TCN_IMPLEMENT_CALL(jlong, SSLSocket, accept)(TCN_STDARGS, jlong ctx,
+ jlong sock, jlong pool)
+{
+tcn_ssl_ctxt_t *c = J2P(ctx, tcn_ssl_ctxt_t *);
+apr_socket_t *s = J2P(sock, apr_socket_t *);
+apr_pool_t *p = J2P(pool, apr_pool_t *);
+tcn_ssl_conn_t *con;
+apr_os_sock_t oss;
+
+UNREFERENCED(o);
+TCN_ASSERT(pool != 0);
+TCN_ASSERT(ctx != 0);
+TCN_ASSERT(sock != 0);
+
+if ((con = ssl_create(e, c, p)) == NULL)
+return 0;
+TCN_THROW_IF_ERR(apr_os_sock_get(oss, s), c);
+con-sock = s;
+
+SSL_set_fd(con-ssl, (int)oss);
+SSL_set_accept_state(con-ssl);
+
cvs commit: jakarta-tomcat-connectors/jni/java/org/apache/tomcat/jni SSLSocket.java
mturk 2005/06/10 04:34:03 Modified:jni/java/org/apache/tomcat/jni SSLSocket.java Log: Fix typo. Revision ChangesPath 1.3 +3 -3 jakarta-tomcat-connectors/jni/java/org/apache/tomcat/jni/SSLSocket.java Index: SSLSocket.java === RCS file: /home/cvs/jakarta-tomcat-connectors/jni/java/org/apache/tomcat/jni/SSLSocket.java,v retrieving revision 1.2 retrieving revision 1.3 diff -u -r1.2 -r1.3 --- SSLSocket.java10 Jun 2005 11:30:54 - 1.2 +++ SSLSocket.java10 Jun 2005 11:34:03 - 1.3 @@ -34,7 +34,7 @@ * @param pool The pool to use * @return The new socket that has been set up. */ -public static native long accept(long ctx, long sock long pool) +public static native long accept(long ctx, long sock, long pool) throws Exception; /** @@ -44,7 +44,7 @@ * @param pool The pool to use * @return The new socket that has been set up. */ -public static native long connect(long ctx, long sock long pool) +public static native long connect(long ctx, long sock, long pool) throws Exception; - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
cvs commit: jakarta-tomcat-connectors/jni/native/src sslnetwork.c
mturk 2005/06/10 03:31:09
Modified:jni/native/include ssl_private.h
jni/native/src sslnetwork.c
Log:
Add SSLSocket.create. This creates SSL from CTX.
Revision ChangesPath
1.23 +3 -1
jakarta-tomcat-connectors/jni/native/include/ssl_private.h
Index: ssl_private.h
===
RCS file:
/home/cvs/jakarta-tomcat-connectors/jni/native/include/ssl_private.h,v
retrieving revision 1.22
retrieving revision 1.23
diff -u -r1.22 -r1.23
--- ssl_private.h 10 Jun 2005 06:44:35 - 1.22
+++ ssl_private.h 10 Jun 2005 10:31:09 - 1.23
@@ -194,7 +194,9 @@
typedef struct {
tcn_ssl_ctxt_t *ctx;
SSL*ssl;
+X509 *cert;
int shutdown_type;
+apr_socket_t *sock;
} tcn_ssl_conn_t;
1.2 +134 -1jakarta-tomcat-connectors/jni/native/src/sslnetwork.c
Index: sslnetwork.c
===
RCS file: /home/cvs/jakarta-tomcat-connectors/jni/native/src/sslnetwork.c,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- sslnetwork.c 24 May 2005 10:53:20 - 1.1
+++ sslnetwork.c 10 Jun 2005 10:31:09 - 1.2
@@ -30,6 +30,139 @@
#ifdef HAVE_OPENSSL
#include ssl_private.h
+#ifdef TCN_DO_STATISTICS
+#include apr_atomic.h
+
+static volatile apr_uint32_t ssl_created = 0;
+static volatile apr_uint32_t ssl_closed = 0;
+static volatile apr_uint32_t ssl_cleared = 0;
+static volatile apr_uint32_t ssl_accepted = 0;
+
+void ssl_network_dump_statistics()
+{
+fprintf(stderr, SSL Network Statistics ..\n);
+fprintf(stderr, Sockets created : %d\n, ssl_created);
+fprintf(stderr, Sockets accepted: %d\n, ssl_accepted);
+fprintf(stderr, Sockets closed : %d\n, ssl_closed);
+fprintf(stderr, Sockets cleared : %d\n, ssl_cleared);
+}
+
+#endif
+
+static int ssl_smart_shutdown(SSL *ssl, int shutdown_type)
+{
+int i;
+int rc = 0;
+
+switch (shutdown_type) {
+case SSL_SHUTDOWN_TYPE_UNCLEAN:
+/* perform no close notify handshake at all
+ * (violates the SSL/TLS standard!)
+ */
+shutdown_type = SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN;
+break;
+case SSL_SHUTDOWN_TYPE_ACCURATE:
+/* send close notify and wait for clients close notify
+ * (standard compliant, but usually causes connection hangs)
+ */
+shutdown_type = 0;
+break;
+default:
+/*
+ * case SSL_SHUTDOWN_TYPE_UNSET:
+ * case SSL_SHUTDOWN_TYPE_STANDARD:
+ * send close notify, but don't wait for clients close notify
+ * (standard compliant and safe, so it's the DEFAULT!)
+ */
+shutdown_type = SSL_RECEIVED_SHUTDOWN;
+break;
+}
+
+SSL_set_shutdown(ssl, shutdown_type);
+/*
+ * Repeat the calls, because SSL_shutdown internally dispatches through a
+ * little state machine. Usually only one or two interation should be
+ * needed, so we restrict the total number of restrictions in order to
+ * avoid process hangs in case the client played bad with the socket
+ * connection and OpenSSL cannot recognize it.
+ * max 2x pending + 2x data = 4
+ */
+for (i = 0; i 4; i++) {
+if ((rc = SSL_shutdown(ssl)))
+break;
+}
+return rc;
+}
+
+static apr_status_t ssl_socket_cleanup(void *data)
+{
+tcn_ssl_conn_t *con = (tcn_ssl_conn_t *)data;
+
+if (con) {
+if (con-ssl) {
+ssl_smart_shutdown(con-ssl, con-shutdown_type);
+SSL_free(con-ssl);
+con-ssl = NULL;
+}
+if (con-cert) {
+X509_free(con-cert);
+con-cert = NULL;
+}
+if (con-sock) {
+apr_socket_close(con-sock);
+con-sock = NULL;
+}
+}
+
+#ifdef TCN_DO_STATISTICS
+apr_atomic_inc32(ssl_cleared);
+#endif
+return APR_SUCCESS;
+}
+
+TCN_IMPLEMENT_CALL(jlong, SSLSocket, create)(TCN_STDARGS, jlong ctx,
+ jlong pool)
+{
+tcn_ssl_ctxt_t *c = J2P(ctx, tcn_ssl_ctxt_t *);
+apr_pool_t *p = J2P(pool, apr_pool_t *);
+tcn_ssl_conn_t *con;
+SSL *ssl;
+
+UNREFERENCED(o);
+TCN_ASSERT(pool != 0);
+TCN_ASSERT(ctx != 0);
+
+if ((con = apr_pcalloc(p, sizeof(tcn_ssl_conn_t))) == NULL) {
+tcn_ThrowAPRException(e, apr_get_os_error());
+goto cleanup;
+}
+if ((ssl = SSL_new(c-ctx)) == NULL) {
+char err[256];
+
cvs commit: jakarta-tomcat-connectors/util/java/org/apache/tomcat/util/net AprEndpoint.java
remm2005/06/10 05:49:56
Modified:util/java/org/apache/tomcat/util/net AprEndpoint.java
Log:
- Fix bad address usage.
Revision ChangesPath
1.39 +1 -1
jakarta-tomcat-connectors/util/java/org/apache/tomcat/util/net/AprEndpoint.java
Index: AprEndpoint.java
===
RCS file:
/home/cvs/jakarta-tomcat-connectors/util/java/org/apache/tomcat/util/net/AprEndpoint.java,v
retrieving revision 1.38
retrieving revision 1.39
diff -u -r1.38 -r1.39
--- AprEndpoint.java 10 Jun 2005 11:03:32 - 1.38
+++ AprEndpoint.java 10 Jun 2005 12:49:56 - 1.39
@@ -863,7 +863,7 @@
keepAliveCount++;
} else {
// Can't do anything: close the socket
right away
-Pool.destroy(pool);
+Pool.destroy(addP[i]);
}
}
addCount = 0;
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
DO NOT REPLY [Bug 35308] New: - Create a graceful restart mechanism like an Apache-http-server
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT http://issues.apache.org/bugzilla/show_bug.cgi?id=35308. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND· INSERTED IN THE BUG DATABASE. http://issues.apache.org/bugzilla/show_bug.cgi?id=35308 Summary: Create a graceful restart mechanism like an Apache-http- server Product: Tomcat 5 Version: Unknown Platform: All OS/Version: All Status: NEW Severity: normal Priority: P3 Component: Catalina AssignedTo: tomcat-dev@jakarta.apache.org ReportedBy: [EMAIL PROTECTED] Graceful restart should wait for thread-termination to restart smooth -- Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are the assignee for the bug, or are watching the assignee. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
DO NOT REPLY [Bug 35308] - Create a graceful restart mechanism like an Apache-http-server
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT http://issues.apache.org/bugzilla/show_bug.cgi?id=35308. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND· INSERTED IN THE BUG DATABASE. http://issues.apache.org/bugzilla/show_bug.cgi?id=35308 [EMAIL PROTECTED] changed: What|Removed |Added Status|NEW |RESOLVED Resolution||INVALID --- Additional Comments From [EMAIL PROTECTED] 2005-06-10 16:40 --- It does wait a little already. Please do not reopen the report. -- Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are the assignee for the bug, or are watching the assignee. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
cvs commit: jakarta-tomcat-connectors/http11/src/java/org/apache/coyote/http11 InternalAprInputBuffer.java
remm2005/06/10 07:36:18
Modified:util/java/org/apache/tomcat/util/net AprEndpoint.java
http11/src/java/org/apache/coyote/http11
InternalAprInputBuffer.java
Log:
- Update after change of the status codes used.
Revision ChangesPath
1.41 +1 -1
jakarta-tomcat-connectors/util/java/org/apache/tomcat/util/net/AprEndpoint.java
Index: AprEndpoint.java
===
RCS file:
/home/cvs/jakarta-tomcat-connectors/util/java/org/apache/tomcat/util/net/AprEndpoint.java,v
retrieving revision 1.40
retrieving revision 1.41
diff -u -r1.40 -r1.41
--- AprEndpoint.java 10 Jun 2005 12:55:12 - 1.40
+++ AprEndpoint.java 10 Jun 2005 14:36:18 - 1.41
@@ -1217,7 +1217,7 @@
// Add socket to the poller
if (addS.size() 0) {
synchronized (addS) {
-for (int i = addS.size() - 1; i = 0; i--) {
+for (int i = (addS.size() - 1); i = 0; i--) {
SendfileData data = (SendfileData)
addS.get(i);
int rv = Poll.add(sendfilePollset,
data.socket, 0, Poll.APR_POLLOUT);
if (rv == Status.APR_SUCCESS) {
1.8 +3 -3
jakarta-tomcat-connectors/http11/src/java/org/apache/coyote/http11/InternalAprInputBuffer.java
Index: InternalAprInputBuffer.java
===
RCS file:
/home/cvs/jakarta-tomcat-connectors/http11/src/java/org/apache/coyote/http11/InternalAprInputBuffer.java,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -r1.7 -r1.8
--- InternalAprInputBuffer.java 25 May 2005 12:45:38 - 1.7
+++ InternalAprInputBuffer.java 10 Jun 2005 14:36:18 - 1.8
@@ -412,7 +412,7 @@
bbuf.get(buf, pos, nRead);
lastValid = pos + nRead;
} else {
-if (Status.APR_STATUS_IS_ETIMEDOUT(-nRead)) {
+if ((-nRead) == Status.ETIMEDOUT || (-nRead) ==
Status.TIMEUP) {
return false;
} else {
throw new
IOException(sm.getString(iib.failedread));
@@ -442,7 +442,7 @@
bbuf.get(buf, pos, nRead);
lastValid = pos + nRead;
} else {
-if (Status.APR_STATUS_IS_ETIMEDOUT(-nRead)) {
+if ((-nRead) == Status.ETIMEDOUT || (-nRead) ==
Status.TIMEUP) {
return false;
} else {
throw new IOException(sm.getString(iib.failedread));
@@ -786,7 +786,7 @@
bbuf.get(buf, pos, nRead);
lastValid = pos + nRead;
} else {
-if (Status.APR_STATUS_IS_EAGAIN(-nRead)) {
+if ((-nRead) == Status.EAGAIN) {
return false;
} else {
throw new IOException(sm.getString(iib.failedread));
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
cvs commit: jakarta-tomcat-connectors/jni/native/src sslcontext.c
mturk 2005/06/10 00:53:24
Modified:jni/java/org/apache/tomcat/jni SSLContext.java
jni/native/src sslcontext.c
Log:
Combine verfyClient and verifyDepth to a single function
because they are related.
Revision ChangesPath
1.18 +13 -27
jakarta-tomcat-connectors/jni/java/org/apache/tomcat/jni/SSLContext.java
Index: SSLContext.java
===
RCS file:
/home/cvs/jakarta-tomcat-connectors/jni/java/org/apache/tomcat/jni/SSLContext.java,v
retrieving revision 1.17
retrieving revision 1.18
diff -u -r1.17 -r1.18
--- SSLContext.java 10 Jun 2005 06:44:35 - 1.17
+++ SSLContext.java 10 Jun 2005 07:53:24 - 1.18
@@ -225,30 +225,6 @@
throws Exception;
/**
- * Set Maximum depth of CA Certificates in Client Certificate
verification
- * br /
- * This directive sets how deeply mod_ssl should verify before deciding
that
- * the clients don't have a valid certificate. Notice that this
directive can
- * be used both in per-server and per-directory context. In per-server
context
- * it applies to the client authentication process used in the standard
SSL
- * handshake when a connection is established. In per-directory context
it forces
- * a SSL renegotation with the reconfigured client verification depth
after the
- * HTTP request was read but before the HTTP response is sent.
- * br /
- * The depth actually is the maximum number of intermediate certificate
issuers,
- * i.e. the number of CA certificates which are max allowed to be
followed while
- * verifying the client certificate. A depth of 0 means that self-signed
client
- * certificates are accepted only, the default depth of 1 means the
client
- * certificate can be self-signed or has to be signed by a CA which is
directly
- * known to the server (i.e. the CA's certificate is under
- * codesetCACertificatePath/code), etc.
- * @param ctx Server or Client context to use.
- * @param depth Maximum depth of CA Certificates in Client Certificate
- * verification.
- */
-public static native void setVerifyDepth(long ctx, int depth);
-
-/**
* Set SSL connection shutdown type
* br /
* The following levels are available for level:
@@ -263,7 +239,8 @@
public static native void setShutdowType(long ctx, int type);
/**
- * Set Type of Client Certificate verification
+ * Set Type of Client Certificate verification and Maximum depth of CA
Certificates
+ * in Client Certificate verification.
* br /
* This directive sets the Certificate verification level for the Client
* Authentication. Notice that this directive can be used both in
per-server
@@ -281,10 +258,19 @@
* SSL_CVERIFY_OPTIONAL_NO_CA - The client may present a valid
Certificate
* but it need not to be (successfully)
verifiable
* /PRE
+ * br /
+ * The depth actually is the maximum number of intermediate certificate
issuers,
+ * i.e. the number of CA certificates which are max allowed to be
followed while
+ * verifying the client certificate. A depth of 0 means that self-signed
client
+ * certificates are accepted only, the default depth of 1 means the
client
+ * certificate can be self-signed or has to be signed by a CA which is
directly
+ * known to the server (i.e. the CA's certificate is under
* codesetCACertificatePath/code), etc.
* @param ctx Server or Client context to use.
* @param level Type of Client Certificate verification.
+ * @param depth Maximum depth of CA Certificates in Client Certificate
+ * verification.
*/
-public static native void setVerifyClient(long ctx, int level);
+public static native void setVerify(long ctx, int level, int depth);
}
1.32 +5 -14 jakarta-tomcat-connectors/jni/native/src/sslcontext.c
Index: sslcontext.c
===
RCS file: /home/cvs/jakarta-tomcat-connectors/jni/native/src/sslcontext.c,v
retrieving revision 1.31
retrieving revision 1.32
diff -u -r1.31 -r1.32
--- sslcontext.c 10 Jun 2005 06:44:35 - 1.31
+++ sslcontext.c 10 Jun 2005 07:53:24 - 1.32
@@ -392,16 +392,6 @@
return rv;
}
-TCN_IMPLEMENT_CALL(void, SSLContext, setVerifyDepth)(TCN_STDARGS, jlong ctx,
- jint depth)
-{
-tcn_ssl_ctxt_t *c = J2P(ctx, tcn_ssl_ctxt_t *);
-
-UNREFERENCED_STDARGS;
-TCN_ASSERT(ctx != 0);
-c-verify_depth = depth;
-}
-
TCN_IMPLEMENT_CALL(void, SSLContext, setShutdownType)(TCN_STDARGS,
cvs commit: jakarta-tomcat-connectors/jni/native/src sslnetwork.c
jfclere 2005/06/10 10:15:56
Modified:jni build.xml
jni/java/org/apache/tomcat/jni SSLSocket.java
jni/native/src sslnetwork.c
Added: jni/examples/org/apache/tomcat/jni BIOSSLServer.java
Log:
Try to used apr sockets instead the openssl ones.
Revision ChangesPath
1.8 +10 -0 jakarta-tomcat-connectors/jni/build.xml
Index: build.xml
===
RCS file: /home/cvs/jakarta-tomcat-connectors/jni/build.xml,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -r1.7 -r1.8
--- build.xml 6 Jun 2005 08:53:06 - 1.7
+++ build.xml 10 Jun 2005 17:15:55 - 1.8
@@ -309,4 +309,14 @@
jvmarg value=-Djava.library.path=${tc.library.path}/
/java
/target
+target name=bioserver-example depends=examples
+echo message=Running another Tomcat Native SSL Server example
.../
+java dir=${examples.dir}
classname=org.apache.tomcat.jni.BIOSSLServer
+ fork=yes failonerror=${test.failonerror}
+env key=PATH path=${tc.library.path}:${java.library.path}/
+env key=Path path=${tc.library.path}:${java.library.path}/
+classpath refid=examples.classpath/
+jvmarg value=-Djava.library.path=${tc.library.path}/
+/java
+/target
/project
1.1
jakarta-tomcat-connectors/jni/examples/org/apache/tomcat/jni/BIOSSLServer.java
Index: BIOSSLServer.java
===
package org.apache.tomcat.jni;
import java.util.Properties;
import java.io.*;
import java.net.*;
import java.lang.*;
/** SSL Server server example
*
* @author Mladen Turk
* @version $Revision: 1.1 $, $Date: 2005/06/10 17:15:56 $
*/
public class BIOSSLServer {
public static String serverAddr = null;
public static int serverPort= 0;
public static int serverNmax= 0;
public static long serverPool = 0;
public static long serverCtx= 0;
public static String serverCert = null;
public static String serverKey = null;
public static String serverCiphers = null;
public static String serverPassword = null;
private static Object threadLock = new Object();
static {
try {
InputStream is = BIOSSLServer.class.getResourceAsStream
(/org/apache/tomcat/jni/SSL.properties);
Properties props = new Properties();
props.load(is);
is.close();
serverAddr = props.getProperty(server.ip, 127.0.0.1);
serverPort = Integer.decode(props.getProperty(server.port,
4443)).intValue();
serverNmax = Integer.decode(props.getProperty(server.max,
1)).intValue();
serverCert = props.getProperty(server.cert, server.pem);
serverKey = props.getProperty(server.key, null);
serverCiphers = props.getProperty(server.ciphers, ALL);
serverPassword = props.getProperty(server.password, null);
}
catch (Throwable t) {
; // Nothing
}
}
private class CallBack implements BIOCallback {
long clientSock = 0;
public int write(byte [] buf) {
return(Socket.send(clientSock, buf, 0, buf.length));
}
public int read(byte [] buf) {
return(Socket.recv(clientSock, buf, 0, buf.length));
}
public int puts(String data) {
System.out.println(CallBack.puts);
return -1;
}
public String gets(int len) {
System.out.println(CallBack.gets);
return ;
}
public void setsock(long sock) {
clientSock = sock;
}
}
public BIOSSLServer()
{
int i;
serverPool = Pool.create(0);
try {
/* Create SSL Context, one for each Virtual Host */
serverCtx = SSLContext.make(serverPool, SSL.SSL_PROTOCOL_SSLV2 |
SSL.SSL_PROTOCOL_SSLV3, SSL.SSL_MODE_SERVER);
// serverCtx = SSLContext.make(serverPool,
SSL.SSL_PROTOCOL_TLSV1, SSL.SSL_MODE_SERVER);
/* List the ciphers that the client is permitted to negotiate. */
SSLContext.setCipherSuite(serverCtx, serverCiphers);
/* Load Server key and certificate */
SSLContext.setCertificate(serverCtx, serverCert, serverKey,
serverPassword, SSL.SSL_AIDX_RSA);
SSLContext.setVerify(serverCtx, SSL.SSL_CVERIFY_NONE, 0);
/*
CallBack SSLCallBack = new CallBack();
long callback = SSL.newBIO(serverPool, SSLCallBack);
SSLContext.setBIO(serverCtx, callback, 1);
DO NOT REPLY [Bug 35320] New: - broken pdf
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT http://issues.apache.org/bugzilla/show_bug.cgi?id=35320. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND· INSERTED IN THE BUG DATABASE. http://issues.apache.org/bugzilla/show_bug.cgi?id=35320 Summary: broken pdf Product: Tomcat 5 Version: 5.5.9 Platform: Other URL: http://jakarta.apache.org/tomcat/tomcat-5.5- doc/architecture/requestProcess.html OS/Version: other Status: NEW Severity: normal Priority: P4 Component: Webapps:Documentation AssignedTo: tomcat-dev@jakarta.apache.org ReportedBy: [EMAIL PROTECTED] The pdf file at http://jakarta.apache.org/tomcat/tomcat-5.5-doc/architecture/requestProcess/requestProcess.pdf is broken. Line endings appear to have been corrupted in some way. The version included with tomcat 5.5.9 binary package is fine. -- Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are the assignee for the bug, or are watching the assignee. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: AJP using APR
Bill Barker wrote: If I understand you correctly, you want MsgAjp to use ByteBuffer instead of byte []. At the cost of never supporting JDK 1.3 ever again, this would probably actually improve the performance of ChannelSocket (after changing it to use a blocking SocketChannel). The biggest difference will be if it's a 'direct' buffer, i.e. zero copy. Classpath ( gcj, kaffe, etc ) also has byte buffer support - so it should be ok, if anyone needs jdk1.3, they can use the old code. But where is the code ? Costin Rémy This message is intended only for the use of the person(s) listed above as the intended recipient(s), and may contain information that is PRIVILEGED and CONFIDENTIAL. If you are not an intended recipient, you may not read, copy, or distribute this message or any attachment. If you received this communication in error, please notify us immediately by e-mail and then delete all copies of this message and any attachments. In addition you should be aware that ordinary (unencrypted) e-mail sent through the Internet is not secure. Do not send confidential or sensitive information, such as social security numbers, account numbers, personal identification numbers and passwords, to us via ordinary (unencrypted) e-mail. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
cvs commit: jakarta-tomcat-connectors/jni/native/src sslnetwork.c
mturk 2005/06/10 11:42:42
Modified:jni/native/src sslnetwork.c
Log:
Disable JFC code by default.
Althought it is usable, it just complicates the things, because
we can obtain the underlaying APR os socket.
Revision ChangesPath
1.6 +53 -53jakarta-tomcat-connectors/jni/native/src/sslnetwork.c
Index: sslnetwork.c
===
RCS file: /home/cvs/jakarta-tomcat-connectors/jni/native/src/sslnetwork.c,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -r1.5 -r1.6
--- sslnetwork.c 10 Jun 2005 17:15:56 - 1.5
+++ sslnetwork.c 10 Jun 2005 18:42:42 - 1.6
@@ -151,6 +151,56 @@
return con;
}
+TCN_IMPLEMENT_CALL(jint, SSLSocket, shutdown)(TCN_STDARGS, jlong sock,
+ jint how)
+{
+apr_status_t rv = APR_SUCCESS;
+tcn_ssl_conn_t *con = J2P(sock, tcn_ssl_conn_t *);
+
+UNREFERENCED_STDARGS;
+TCN_ASSERT(sock != 0);
+if (con-ssl) {
+if (how 1)
+how = con-shutdown_type;
+rv = ssl_smart_shutdown(con-ssl, how);
+/* TODO: Translate OpenSSL Error codes */
+SSL_free(con-ssl);
+con-ssl = NULL;
+}
+return (jint)rv;
+}
+
+TCN_IMPLEMENT_CALL(jint, SSLSocket, close)(TCN_STDARGS, jlong sock)
+{
+tcn_ssl_conn_t *con = J2P(sock, tcn_ssl_conn_t *);
+apr_status_t rv = APR_SUCCESS;
+UNREFERENCED_STDARGS;
+TCN_ASSERT(sock != 0);
+
+#ifdef TCN_DO_STATISTICS
+apr_atomic_inc32(ssl_closed);
+#endif
+apr_pool_cleanup_kill(con-pool, con, ssl_socket_cleanup);
+if (con-ssl) {
+rv = ssl_smart_shutdown(con-ssl, con-shutdown_type);
+SSL_free(con-ssl);
+con-ssl = NULL;
+}
+if (con-cert) {
+X509_free(con-cert);
+con-cert = NULL;
+}
+if (con-sock) {
+apr_status_t rc;
+if ((rc = apr_socket_close(con-sock)) != APR_SUCCESS)
+rv = rc;
+con-sock = NULL;
+}
+return (jint)rv;
+}
+
+#define JFC_TEST 0
+#if JFC_TEST
/*
* Use APR sockets directly
*/
@@ -232,57 +282,6 @@
return(jbs_apr_methods);
}
-TCN_IMPLEMENT_CALL(jint, SSLSocket, shutdown)(TCN_STDARGS, jlong sock,
- jint how)
-{
-apr_status_t rv = APR_SUCCESS;
-tcn_ssl_conn_t *con = J2P(sock, tcn_ssl_conn_t *);
-
-UNREFERENCED_STDARGS;
-TCN_ASSERT(sock != 0);
-if (con-ssl) {
-if (how 1)
-how = con-shutdown_type;
-rv = ssl_smart_shutdown(con-ssl, how);
-/* TODO: Translate OpenSSL Error codes */
-SSL_free(con-ssl);
-con-ssl = NULL;
-}
-return (jint)rv;
-}
-
-TCN_IMPLEMENT_CALL(jint, SSLSocket, close)(TCN_STDARGS, jlong sock)
-{
-tcn_ssl_conn_t *con = J2P(sock, tcn_ssl_conn_t *);
-apr_status_t rv = APR_SUCCESS;
-UNREFERENCED_STDARGS;
-TCN_ASSERT(sock != 0);
-
-#ifdef TCN_DO_STATISTICS
-apr_atomic_inc32(ssl_closed);
-#endif
-apr_pool_cleanup_kill(con-pool, con, ssl_socket_cleanup);
-if (con-ssl) {
-rv = ssl_smart_shutdown(con-ssl, con-shutdown_type);
-SSL_free(con-ssl);
-con-ssl = NULL;
-}
-if (con-cert) {
-X509_free(con-cert);
-con-cert = NULL;
-}
-if (con-sock) {
-apr_status_t rc;
-if ((rc = apr_socket_close(con-sock)) != APR_SUCCESS)
-rv = rc;
-con-sock = NULL;
-}
-return (jint)rv;
-}
-
-#define JFC_TEST 1
-#ifdef JFC_TEST
-
TCN_IMPLEMENT_CALL(jint, SSLSocket, geterror)(TCN_STDARGS, jlong ctx, jint
retcode)
{
tcn_ssl_conn_t *c = J2P(ctx, tcn_ssl_conn_t *);
@@ -338,6 +337,7 @@
cleanup:
return P2J(con);
}
+
#else
TCN_IMPLEMENT_CALL(jlong, SSLSocket, accept)(TCN_STDARGS, jlong ctx,
jlong sock, jlong pool)
@@ -365,7 +365,7 @@
cleanup:
return P2J(con);
}
-#endif
+#endif /* JFC_TEST */
TCN_IMPLEMENT_CALL(jlong, SSLSocket, connect)(TCN_STDARGS, jlong ctx,
jlong sock, jlong pool)
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
DO NOT REPLY [Bug 35317] New: - HttpServletRequest.getRequestURL() does not work.
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT http://issues.apache.org/bugzilla/show_bug.cgi?id=35317. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND· INSERTED IN THE BUG DATABASE. http://issues.apache.org/bugzilla/show_bug.cgi?id=35317 Summary: HttpServletRequest.getRequestURL() does not work. Product: Tomcat 5 Version: 5.5.9 Platform: PC OS/Version: Windows 2000 Status: NEW Severity: critical Priority: P1 Component: Servlet JSP API AssignedTo: tomcat-dev@jakarta.apache.org ReportedBy: [EMAIL PROTECTED] I have an application running on Tomcat 5.0.25, which, in a forwarded JSP page, correctly returns this on request.getRequestURL(): http://host:port/Context/ServletMappingName In Tomcat 5.5.9 I get this: http://host:port/Context/JspFile.jspx?parm1=value1parm2=value2 This is clearly wrong: http://java.sun.com/j2ee/1.4/docs/api/javax/servlet/http/HttpServletRequest.html#getRequestURL() Reconstructs the URL the client used to make the request. but it does not include query string parameters. The URL used was: http://host:port/Context/ServletMappingName?parm1=value1parm2=value2 So Tomcat 5.0.25 behavior is correct, and Tomcat 5.5.9 is incorrect. -- Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are the assignee for the bug, or are watching the assignee. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
DO NOT REPLY [Bug 35317] - HttpServletRequest.getRequestURL() does not work.
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT http://issues.apache.org/bugzilla/show_bug.cgi?id=35317. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND· INSERTED IN THE BUG DATABASE. http://issues.apache.org/bugzilla/show_bug.cgi?id=35317 [EMAIL PROTECTED] changed: What|Removed |Added Status|NEW |RESOLVED Resolution||DUPLICATE --- Additional Comments From [EMAIL PROTECTED] 2005-06-10 21:52 --- *** This bug has been marked as a duplicate of 28222 *** -- Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are the assignee for the bug, or are watching the assignee. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
DO NOT REPLY [Bug 28222] - getRequestURL() in forwarded jsp/servlet doesn't return new url
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT http://issues.apache.org/bugzilla/show_bug.cgi?id=28222. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND· INSERTED IN THE BUG DATABASE. http://issues.apache.org/bugzilla/show_bug.cgi?id=28222 [EMAIL PROTECTED] changed: What|Removed |Added CC||Nils_Kilden- ||[EMAIL PROTECTED] --- Additional Comments From [EMAIL PROTECTED] 2005-06-10 21:52 --- *** Bug 35317 has been marked as a duplicate of this bug. *** -- Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are the assignee for the bug, or are watching the assignee. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
mod_jk 1.2.14-dev testing status report
Tested mod_jk 1.2.14-dev with nb_connect() and setsockopt() enabled for NetWare in jk_connect.c: (all testing on NetWare 6.5 SP3 and SP4) 2.0.52 and Tomcat 4.1.30: build correctly and stress tested, 2.0.54 and Tomcat 4.1.31: build correctly, stress and functional testing done, 2.1.x: build correctly, 1.3.33: build with minor tweaking to environment and makefile, stress tested with UP version of Apache. Crash with MP version of Apache (unsupported, so not a problem), 1.3.head: build with same minor tweaking as with 1.3.33. The tweaking to build with 1.3.x might need to be fixed in the future, but it is a low priority item for me. Next week, I will try to push 1.2.14-dev in our official build in order to get it exposed to more testers. The ap_rflush() changes speed up our download rate by a factor of three on large files (700MB), this is cool. Thanks, Jean-Jacques
DO NOT REPLY [Bug 35317] - HttpServletRequest.getRequestURL() does not work.
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT http://issues.apache.org/bugzilla/show_bug.cgi?id=35317. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND· INSERTED IN THE BUG DATABASE. http://issues.apache.org/bugzilla/show_bug.cgi?id=35317 [EMAIL PROTECTED] changed: What|Removed |Added Status|RESOLVED|REOPENED Resolution|DUPLICATE | --- Additional Comments From [EMAIL PROTECTED] 2005-06-10 22:12 --- This is only half a duplicate of 28222. My second point is that Request.getRequestURL() returns query parameters, which is prohibited, per the Javadocs. -- Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are the assignee for the bug, or are watching the assignee. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
cvs commit: jakarta-tomcat-connectors/jni/native/common/jk_connect.c
clar2005/06/10 13:31:49
Modified:jk/native/common jk_connect.c
Log:
Enabling nb_connect() and setsockopt for apache build with LibC (2.0.x) on
NetWare.
Revision ChangesPath
1.61 +4 -4 jakarta-tomcat-connectors/jk/native/common/jk_connect.c
Index: jk_connect.c
===
RCS file: /home/cvs/jakarta-tomcat-connectors/jk/native/common/jk_connect.c,v
retrieving revision 1.60
retrieving revision 1.61
diff -u -r1.60 -r1.61
--- jk_connect.c26 May 2005 14:39:37 -1.60
+++ jk_connect.c10 Jun 2005 20:31:49 -1.61
@@ -109,7 +109,7 @@
return 0;
}
-#if defined (WIN32)
+#if defined (WIN32) || (defined(NETWARE) defined(__NOVELL_LIBC__))
/* WIN32 implementation */
static int nb_connect(int sock, struct sockaddr *addr, int timeout)
{
@@ -372,7 +372,7 @@
}
if (timeout 0) {
-#if defined(WIN32)
+#if defined(WIN32) || (defined(NETWARE) defined(__NOVELL_LIBC__))
int tmout = timeout * 1000;
setsockopt(sock, SOL_SOCKET, SO_RCVTIMEO,
(const char *) tmout, sizeof(int));
@@ -503,7 +503,7 @@
if (shutdown(s, SHUT_WR)) {
return jk_close_socket(s);
}
-#if defined(WIN32)
+#if defined(WIN32) || (defined(NETWARE) defined(__NOVELL_LIBC__))
setsockopt(s, SOL_SOCKET, SO_RCVTIMEO,
(const char *) tmout, sizeof(int));
#elif defined(SO_RCVTIMEO) defined(USE_SO_RCVTIMEO)
cvs commit: jakarta-tomcat-connectors/jk/native/apache-1.3 Makefile.netware
clar2005/06/10 09:24:35 Modified:jk/native/apache-1.3 Makefile.netware Log: mod_jk is not MT safe for NetWare on Apache 1.3.x Revision ChangesPath 1.7 +1 -1 jakarta-tomcat-connectors/jk/native/apache-1.3/Makefile.netware Index: Makefile.netware === RCS file: /home/cvs/jakarta-tomcat-connectors/jk/native/apache-1.3/Makefile.netware,v retrieving revision 1.6 retrieving revision 1.7 diff -u -r1.6 -r1.7 --- Makefile.netware13 Feb 2005 22:28:07 -1.6 +++ Makefile.netware10 Jun 2005 16:24:35 -1.7 @@ -22,7 +22,7 @@ VERSION= $(JK_VERSION) COPYR= Copyright (c) 2000-2004 The Apache Software Foundation. All rights reserved. DESCR= Apache $(AP_VERSION_STR) plugin for Jakarta/Tomcat $(JK_VERSION_STR) -MTSAFE= YES +MTSAFE= NO STACK= 49152 #SCREEN= NONE EXPORTS= jk_module
DO NOT REPLY [Bug 35308] - Create a graceful restart mechanism like an Apache-http-server
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT http://issues.apache.org/bugzilla/show_bug.cgi?id=35308. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND· INSERTED IN THE BUG DATABASE. http://issues.apache.org/bugzilla/show_bug.cgi?id=35308 [EMAIL PROTECTED] changed: What|Removed |Added CC||[EMAIL PROTECTED] --- Additional Comments From [EMAIL PROTECTED] 2005-06-10 23:56 --- Please also also refer to bug 34140. I was (probably incorrectly) assuming that the Tomcat implementation of the stop() method in the org.apache.commons.daemon.Daemon interface blocks until all requests are serviced and no new requests are admitted. If what Remy Maucherat says is correct that Tomcat only waits a little then this is not sufficient as one cannot possibly know how long a request takes to complete unless on can watch pending requests. I am kindly asking for confirmation that Tomcat truly waits for the last pending request to terminate and then immediately returns from stop(). If that question cannot be answered with yes then re-opening of this bug should be considered. Another thought which is probaly close to what the reporter has in mind is a reload function that avoids re-instantiating the server but re-loads configuration files, i.e. calls stop(), init() and start() in that sequence. I guess this would have to be implemented through BOTH the socket control interface and the commons-daemon project. This also be useful for those who run httpd mod_jk with the only difference that they have to use an extended sequence: httpd stop, tomcat reload, httpd start. Obviously they they have to stop httpd entirely because otherwise server errors would occur while httpd is running and cannot connect to the reloading tomcat. -- Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are the assignee for the bug, or are watching the assignee. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
DO NOT REPLY [Bug 35317] - HttpServletRequest.getRequestURL() does not work.
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT http://issues.apache.org/bugzilla/show_bug.cgi?id=35317. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND· INSERTED IN THE BUG DATABASE. http://issues.apache.org/bugzilla/show_bug.cgi?id=35317 [EMAIL PROTECTED] changed: What|Removed |Added Status|REOPENED|RESOLVED Resolution||INVALID --- Additional Comments From [EMAIL PROTECTED] 2005-06-11 00:22 --- Ok, I wasted 10 minutes to test this, thanks. It should be obvious by looking at the code. Please don't reopen the report. -- Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are the assignee for the bug, or are watching the assignee. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
DO NOT REPLY [Bug 16290] - Unresolved entities in included JSP file
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT http://issues.apache.org/bugzilla/show_bug.cgi?id=16290. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND· INSERTED IN THE BUG DATABASE. http://issues.apache.org/bugzilla/show_bug.cgi?id=16290 [EMAIL PROTECTED] changed: What|Removed |Added Status|NEW |RESOLVED Resolution||INVALID --- Additional Comments From [EMAIL PROTECTED] 2005-06-11 00:45 --- The DTD does apply to all nodes of the document, but from an XML point of view test_include.jsp is the entire document. The include is a JSP include rather than an XML include, therefore the included page is not viewed as part of the XML document and the enity definition is not applied. -- Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are the assignee for the bug, or are watching the assignee. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: AJP using APR
Costin Manolache [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] Bill Barker wrote: If I understand you correctly, you want MsgAjp to use ByteBuffer instead of byte []. At the cost of never supporting JDK 1.3 ever again, this would probably actually improve the performance of ChannelSocket (after changing it to use a blocking SocketChannel). The biggest difference will be if it's a 'direct' buffer, i.e. zero copy. Classpath ( gcj, kaffe, etc ) also has byte buffer support - so it should be ok, if anyone needs jdk1.3, they can use the old code. Yes, the idea was that it would be a direct buffer. But where is the code ? It's on my hard-drive. Unlike Remy's APR stuff, o.a.jk is supposed to be a pretty stable package(s) at this point. I can't just check in stuff like this without a lot of testing to make sure that it doesn't break anything more than JDK 1.3 compatibility ;-). Costin Rémy This message is intended only for the use of the person(s) listed above as the intended recipient(s), and may contain information that is PRIVILEGED and CONFIDENTIAL. If you are not an intended recipient, you may not read, copy, or distribute this message or any attachment. If you received this communication in error, please notify us immediately by e-mail and then delete all copies of this message and any attachments. In addition you should be aware that ordinary (unencrypted) e-mail sent through the Internet is not secure. Do not send confidential or sensitive information, such as social security numbers, account numbers, personal identification numbers and passwords, to us via ordinary (unencrypted) e-mail. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
