https://bz.apache.org/bugzilla/show_bug.cgi?id=57540
--- Comment #25 from Rainer Jung rainer.j...@kippdata.de ---
The support in mod_proxy_ajp was ported to Apache 2.4 today as r1662076.
It will be part of the next Apache HTTP server release 2.4.13.
--
You are receiving this mail because:
You
https://bz.apache.org/bugzilla/show_bug.cgi?id=57540
Christopher Schultz ch...@christopherschultz.net changed:
What|Removed |Added
Status|NEW
https://bz.apache.org/bugzilla/show_bug.cgi?id=57540
--- Comment #24 from Rainer Jung rainer.j...@kippdata.de ---
Support to forward the info via AJP has been added to mod_proxy_ajp in httpd
trunk in r1661067. The feature has been proposed for addition to mod_proxy_ajp
in httpd 2.4.
--
You are
https://bz.apache.org/bugzilla/show_bug.cgi?id=57540
--- Comment #21 from Christopher Schultz ch...@christopherschultz.net ---
Fixed in trunk in r1660924.
I'm working on back-porting this to Tomcat 8, since a lot has changed between
Tomcat 8 and Tomcat 9/trunk.
--
You are receiving this mail
https://bz.apache.org/bugzilla/show_bug.cgi?id=57540
--- Comment #22 from Christopher Schultz ch...@christopherschultz.net ---
Fixed in Tomcat 8 in r1660953. Will be in Tomcat 8.0.21.
I'll see about back-porting to Tomcat 7. It should be easy at this point.
--
You are receiving this mail
https://bz.apache.org/bugzilla/show_bug.cgi?id=57540
--- Comment #19 from Christopher Schultz ch...@christopherschultz.net ---
I have a question about your implementation in mod_jk: why are you passing the
SSL_PROTOCOL as a SC_A_REQ_ATTRIBUTE instead of a first-class piece of
information, like
https://bz.apache.org/bugzilla/show_bug.cgi?id=57540
--- Comment #20 from Rainer Jung rainer.j...@kippdata.de ---
Some attributes are known in the AJP 1.3 protocol and their names are
marshalled on the wire with hex abbreviations. Those must be known by the
receiver as well otherwise it is a
https://bz.apache.org/bugzilla/show_bug.cgi?id=57540
--- Comment #16 from Christopher Schultz ch...@christopherschultz.net ---
I've got an updated patch with AJP support that I'm testing now.
--
You are receiving this mail because:
You are the assignee for the bug.
https://bz.apache.org/bugzilla/show_bug.cgi?id=57540
Christopher Schultz ch...@christopherschultz.net changed:
What|Removed |Added
Attachment #32486|0 |1
https://bz.apache.org/bugzilla/show_bug.cgi?id=57540
Christopher Schultz ch...@christopherschultz.net changed:
What|Removed |Added
Attachment #32487|0 |1
https://bz.apache.org/bugzilla/show_bug.cgi?id=57540
--- Comment #18 from Rainer Jung rainer.j...@kippdata.de ---
Comment on attachment 32493
-- https://bz.apache.org/bugzilla/attachment.cgi?id=32493
Updated patch
The part for java/org/apache/coyote/ajp looks fine to me.
The rest also, but I
https://bz.apache.org/bugzilla/show_bug.cgi?id=57540
--- Comment #15 from Rainer Jung rainer.j...@kippdata.de ---
I added a proprietary request attribute named AJP_SSL_PROTOCOL to mod_jk in
r1660504. It could be mapped to a uniform attribute name, e.g.
https://bz.apache.org/bugzilla/show_bug.cgi?id=57540
Ralf Hauser hau...@acm.org changed:
What|Removed |Added
Attachment #32437|0 |1
is obsolete|
https://bz.apache.org/bugzilla/show_bug.cgi?id=57540
--- Comment #11 from Christopher Schultz ch...@christopherschultz.net ---
Something is missing, here. I can't get the NIO connector to give me the
protocol value. I changed the code to use (unknown) when the value returned
by SSLSupport is
https://bz.apache.org/bugzilla/show_bug.cgi?id=57540
--- Comment #12 from Christopher Schultz ch...@christopherschultz.net ---
Rats... looks like to support AJP, there need to be additional data sent by the
proxy. There is no pre-defined field for SSL_PROTOCOL (similar to
https://bz.apache.org/bugzilla/show_bug.cgi?id=57540
--- Comment #10 from Christopher Schultz ch...@christopherschultz.net ---
I'm evaluating this. The change for AprSSLSupport doesn't seem that onerous.
Why didn't you implement that?
--
You are receiving this mail because:
You are the assignee
https://bz.apache.org/bugzilla/show_bug.cgi?id=57540
--- Comment #13 from Christopher Schultz ch...@christopherschultz.net ---
Okay, the patch doesn't work as presented.
If you request the SSL protocol before any of the other SSL attributes, then
the protocol comes back as null. That's because
https://bz.apache.org/bugzilla/show_bug.cgi?id=57540
--- Comment #14 from Christopher Schultz ch...@christopherschultz.net ---
Created attachment 32487
-- https://bz.apache.org/bugzilla/attachment.cgi?id=32487action=edit
Updated patch
This patch supports APR-based connectors and also works
Am 17.02.2015 um 21:13 schrieb bugzi...@apache.org:
https://bz.apache.org/bugzilla/show_bug.cgi?id=57540
--- Comment #12 from Christopher Schultz ch...@christopherschultz.net ---
Rats... looks like to support AJP, there need to be additional data sent by the
proxy. There is no pre-defined field
https://issues.apache.org/bugzilla/show_bug.cgi?id=57540
--- Comment #7 from Mark Thomas ma...@apache.org ---
Reviewing the proposed patch:
1. The changes to tomcat/util/net/jsse/openssl/Protocol.java need to be removed
2. There looks to be the right hooks in tc-native to obtain the protocol so
https://issues.apache.org/bugzilla/show_bug.cgi?id=57540
--- Comment #8 from Christopher Schultz ch...@christopherschultz.net ---
(In reply to Ralf Hauser from comment #6)
Created attachment 32437 [details]
apache.tomcat.tls.protocol.57540.patch
Is IOException the most natural exception type
https://issues.apache.org/bugzilla/show_bug.cgi?id=57540
--- Comment #2 from Mark Thomas ma...@apache.org ---
The key needs to be in the org.apache.tomcat name space, not the javax.servlet
space since the Servlet name space is reserved.
--
You are receiving this mail because:
You are the
https://issues.apache.org/bugzilla/show_bug.cgi?id=57540
--- Comment #3 from Ralf Hauser hau...@acm.org ---
thanks Mark, so 1a) should rather be:
org.apache.tomcat.util.net.secure_protocol_version
--
You are receiving this mail because:
You are the assignee for the bug.
https://issues.apache.org/bugzilla/show_bug.cgi?id=57540
--- Comment #1 from Ralf Hauser hau...@acm.org ---
4) furthermore, I suggest to add in
org.apache.tomcat.util.net.jsse.openssl.Protocol
TLSv1_1(TLSv1.1)
--
You are receiving this mail because:
You are the assignee for the bug.
https://issues.apache.org/bugzilla/show_bug.cgi?id=57540
--- Comment #5 from Mark Thomas ma...@apache.org ---
(In reply to Christopher Schultz from comment #4)
(In reply to Ralf Hauser from comment #1)
4) furthermore, I suggest to add in
org.apache.tomcat.util.net.jsse.openssl.Protocol
https://issues.apache.org/bugzilla/show_bug.cgi?id=57540
--- Comment #4 from Christopher Schultz ch...@christopherschultz.net ---
(In reply to Ralf Hauser from comment #1)
4) furthermore, I suggest to add in
org.apache.tomcat.util.net.jsse.openssl.Protocol
TLSv1_1(TLSv1.1)
And TLSv1.0
https://issues.apache.org/bugzilla/show_bug.cgi?id=57540
--- Comment #6 from Ralf Hauser hau...@acm.org ---
Created attachment 32437
-- https://issues.apache.org/bugzilla/attachment.cgi?id=32437action=edit
apache.tomcat.tls.protocol.57540.patch
--
You are receiving this mail because:
You are
27 matches
Mail list logo