Will this include the latest Tomcat Native source as well?
-Rob
From: Mark Thomas [ma...@apache.org]
Sent: Thursday, November 13, 2014 11:07 AM
To: Tomcat Developers List
Subject: Re: Tomcat 6.0.x release
On 13/11/2014 16:01, Andrew Carr wrote:
Mark,
Now I'm confused. When Mladen posted his patch against bug 56396 I'd pulled
that code and tested it and it worked. So I thought it would be in TCN 1.1.30.
But when I look at TCNative 1.1.30 (included in Tomcat 6.0.41) I don't see
that code, and without it my tests should have failed.
So it
think there was some debris from testing that actually made things work when
I tried to verify this earlier.
-R
From: Robert Sanders [rsand...@trustedcs.com]
Sent: Wednesday, July 02, 2014 10:42 AM
To: Tomcat Developers List
Subject: RE: [Bug 56027] Unable
I tested TCN 1_1_30 with Tomcat 6 (which our app uses) and everything appears
to work just fine. I haven't updated our install to try working with Tomcat 7.
This is on a CentOS 6.5 (yum updated) box with fips mode enabled at boot, and
a server.xml similar to yours.
Just looking quickly at
Is the TCN portion of BZ 56027 address completely or partially with this
release? I see the exposure of the FIPS_mode setting, but it looks like the
temporary 512 bit RSA key is still being done in the SSL_TMP_KEYS_INIT macro
(line 77). When I hacked my workaround eariier this year I had to
that BZ 56027 is only partially addressed, in that
the fipsModeGet() method is now available.
-Rob
From: Robert Sanders [rsand...@trustedcs.com]
Sent: Thursday, April 10, 2014 9:15 AM
To: Tomcat Developers List
Subject: RE: [VOTE] Release Apache Tomcat Native
I'll concur with Chris for release. WRT BZ 56027 there is no regression. The
exposure of the fipsModeGet will be useful moving forward to have the main
Tomcat code avoid a double call to initialize SSL, but some one with more
understanding of the FIPS requirements that I do should look at how
TCN was updated? I still see 1.1.29 (15 October 2013) on the tomcat.apache.org
links (both docs and download). or am I missing something (likely).
-Rob
From: Christopher Schultz [ch...@christopherschultz.net]
Sent: Tuesday, March 18, 2014 3:46 PM
Konstantin,
Don't want to be putting words in Chris's mouth, but when I filed 56027 I did
some poking around in the underlying openSSL code (at least on my RHEL6 box).
Calling the openssl FIPS_mode_set() method twice causes an error. I'd proposed
exposing an additional routine to check the
I posted this on Monday from my home account, and have some followups from my
work account:
Recap: On a RHEL6 box with FIPS enabled at boot time Tomcat 6.0.37 and Tomcat
Native Library 1.1.29 will not start if the APR listener is configured with
'FIPSMode=on.
There appear to be two places
if it is the first thing done in a
program even if the system is in fips mode
-Rob
From: Robert Sanders [rsand...@trustedcs.com]
Sent: Thursday, January 16, 2014 1:59 PM
To: dev@tomcat.apache.org
Subject: Tomcat/FIPS mode on HEL6
I posted this on Monday from
...@christopherschultz.net]
Sent: Thursday, January 16, 2014 4:23 PM
To: Tomcat Developers List
Subject: Re: Tomcat/FIPS mode on HEL6
Robert,
On 1/16/14, 1:59 PM, Robert Sanders wrote:
I posted this on Monday from my home account, and have some followups
from my work account:
Recap: On a RHEL6 box with FIPS
12 matches
Mail list logo
