On 10/04/2014, at 11:50 pm, Mladen Turk <mt...@apache.org> wrote: > Version 1.1.30 is bug fixing release with added ECDH > if supported by OpenSSL library. > The proposed release artefacts can be found at [1], > and the build was done using tag [2]. > > The VOTE will remain open for at least 48 hours. > > The Apache Tomcat Native 1.1.30 is > [X] Stable, go ahead and release > [ ] Broken because of ...
Tested on OS X Mavericks with Tomcat 7.0.x. Builds cleanly against OpenSSL 1.0.1g and APR 1.50. HTTP and HTTPS APR connectors tested. Testing with Firefox, Chrome, Safari and openssl s_client shows TLSv1.2 and ECDHE cipher suites being used. Testing with https://github.com/FiloSottile/Heartbleed shows SAFE from Heartbleed (as expected, linking against 1.0.1g). There’s one problem using APR/HTTPS in Tomcat on OS X, where SSL_library_init needs to be called on the same thread that invokes SSLContext.make to make things work, but that’s not a tcnative issue. cheers tim --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
