[Bug 65806] When running in FIPS mode on openjdk-17, SessionIdGeneratorBase.java throws SEVERE log messages
https://bz.apache.org/bugzilla/show_bug.cgi?id=65806 Mark Thomas changed: What|Removed |Added Status|NEW |RESOLVED Resolution|--- |FIXED --- Comment #2 from Mark Thomas --- Fixed in: - 10.1.x for 10.1.0-M11 onwards - 10.0.x for 10.0.17 onwards - 9.0.x for 9.0.59 onwards - 8.5.x for 8.5.76 onwards Tomcat now falls back to the platform default with a single log message at WARNING level if the default (SHA1PRNG) is not available. Explicit configuration of SHA1PRNG when it is not available will now trigger one SEVERE log message per web application. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 65806] When running in FIPS mode on openjdk-17, SessionIdGeneratorBase.java throws SEVERE log messages
https://bz.apache.org/bugzilla/show_bug.cgi?id=65806 --- Comment #1 from Mark Thomas --- If Tomcat could determine that FIPS is enabled then it could switch to "" without even trying SHA1PRNG first. Unfortunately, I don't see a way to do that as FIPS support isn't part of the standard JRE (that also makes testing any solution tricky). I think testing SHA1PRNG on class init is the way to go. Logging at SEVERE seemed reasonable originally as SHA1PRNG should always be supported but if FIPS changes that then a single WARNING does seem more appropriate. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 65806] When running in FIPS mode on openjdk-17, SessionIdGeneratorBase.java throws SEVERE log messages
https://bz.apache.org/bugzilla/show_bug.cgi?id=65806 Santiago Gala changed: What|Removed |Added Summary|When running in FIPS mode |When running in FIPS mode |on openjdk-17, |on openjdk-17, |SessionIdGeneratorBase.java |SessionIdGeneratorBase.java |thows SEVERE log messages |throws SEVERE log messages -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org