Re: Plan for 9.0.0.RC1

2015-10-19 Thread jean-frederic clere
On 10/19/2015 02:24 PM, Mark Thomas wrote: On 19/10/2015 12:27, Rémy Maucherat wrote: 2015-10-16 12:26 GMT+02:00 Mark Thomas : I think now is the time to give users a chance to use 9.0.x so we can start gathering feedback on what works and what doesn't. I'm still having problems with HTTP/2

Re: Plan for 9.0.0.RC1

2015-10-22 Thread jean-frederic clere
On 10/22/2015 05:19 PM, Rémy Maucherat wrote: > 2015-10-22 16:56 GMT+02:00 Mark Thomas : > >> On 19/10/2015 13:38, Rémy Maucherat wrote: >>> 2015-10-19 14:24 GMT+02:00 Mark Thomas : >> Anything reproducible? >>> >>> Chrome mostly, Firefox is a bit nicer for me. I use JF's ApacheCon >> example

Re: Plan for 9.0.0.RC1

2015-10-23 Thread jean-frederic clere
On 10/23/2015 03:12 PM, Mark Thomas wrote: > On 23/10/2015 12:26, Mark Thomas wrote: >> On 23/10/2015 11:54, Rémy Maucherat wrote: >>> 2015-10-23 10:12 GMT+02:00 Mark Thomas : >>> I've made a little progress. I can see in Wireshark that the initial HTTP/2 connection preface is s

Re: [VOTE] Release Apache Tomcat Native 1.2.0

2015-10-27 Thread jean-frederic clere
On 10/22/2015 12:47 PM, Mark Thomas wrote: > Version 1.2.0 includes the following changes: > - Windows binaries built with APR 1.5.1 and OpenSSL 1.0.2d > - ALPN support > > The proposed release artefacts can be found at [1], > and the build was done using tag [2]. > > The Apache Tomcat Native 1.2

Re: Tomcat 9.0.x, tc-native and itanium support

2015-10-27 Thread jean-frederic clere
On 10/22/2015 12:31 PM, Mark Thomas wrote: > how do folks feel about dropping the Itanium build from > the binary packages for tcnative 1.2.x and Tomcat 9.0.x? DROP IT!!! Cheers Jean-Frederic - To unsubscribe, e-mail: dev-unsu

Re: [VOTE] Switch 6.0.x from RTC to CTR

2015-10-29 Thread jean-frederic clere
On 10/28/2015 11:42 PM, Mark Thomas wrote: > [X] Switch 6.0.x to CTR Basically there are so few fixes in 6.0.x that the RTC blocks any move in 6.0.x Cheers Jean-Frederic - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.

Re: [VOTE][RESULT] Release Apache Tomcat Native 1.2.0

2015-10-30 Thread jean-frederic clere
On 10/30/2015 02:19 PM, Henri Gomez wrote: > Hi all > > I tried to build 1.2.0 today, from tarball found here : > > http://www.apache.org/dist/tomcat/tomcat-connectors/native/1.2.0/source/tomcat-native-1.2.0-src.tar.gz > > cd native > ./configure > > configure: error: cannot find install-sh, in

Re: Tomcat Native 1.2.2

2015-11-04 Thread jean-frederic clere
On 11/04/2015 02:00 AM, Mark Thomas wrote: > I've just finished running the unit tests for APR on OSX with the > current 1.2.x trunk and 9.0.x, 8.0.x and 7.0.x and all pass. > > I plan to tag 1.2.2 tomorrow morning and will hopefully be able to start > a new vote later in the day. I am trying som

Re: svn commit: r1715414 - in /tomcat/trunk: java/org/apache/catalina/ java/org/apache/catalina/core/ java/org/apache/catalina/mapper/ java/org/apache/catalina/mbeans/ java/org/apache/catalina/storeco

2015-11-22 Thread jean-frederic clere
On 11/20/2015 09:28 PM, ma...@apache.org wrote: > -public void setContainer(Container container) { > -setContainer((Engine) container); Hm does that explains why I get: +++ 22-Nov-2015 10:34:43.641 SEVERE [main] org.apache.tomcat.util.digester.Digester.endElement End event threw excep

Re: svn commit: r1715414 - in /tomcat/trunk: java/org/apache/catalina/ java/org/apache/catalina/core/ java/org/apache/catalina/mapper/ java/org/apache/catalina/mbeans/ java/org/apache/catalina/storeco

2015-11-22 Thread jean-frederic clere
On 11/22/2015 01:25 PM, Mark Thomas wrote: > On 22 November 2015 10:40:07 GMT+00:00, jean-frederic clere > wrote: >> On 11/20/2015 09:28 PM, ma...@apache.org wrote: >>> -public void setContainer(Container container) { >>> -setContainer((Engine) con

Re: svn commit: r1715414 - in /tomcat/trunk: java/org/apache/catalina/ java/org/apache/catalina/core/ java/org/apache/catalina/mapper/ java/org/apache/catalina/mbeans/ java/org/apache/catalina/storeco

2015-11-22 Thread jean-frederic clere
On 11/22/2015 05:03 PM, Mark Thomas wrote: > I've fixed the digester rules in trunk so you shouldn't need your patch > any more. Thanks Jean-Frederic - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional com

Re: svn commit: r1715732 - /tomcat/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLUtil.java

2015-11-23 Thread jean-frederic clere
On 11/23/2015 01:56 PM, Konstantin Kolinko wrote: > TW, a changelog, documentation =? Here I have a small question. In fact it possible to mix open pem and jsse keystore, is it something we want to support? I try it but removed it because I found it very confusing. Thanks for the review I will f

Re: svn commit: r1715732 - /tomcat/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLUtil.java

2015-11-23 Thread jean-frederic clere
On 11/23/2015 03:35 PM, Rémy Maucherat wrote: > 2015-11-23 15:31 GMT+01:00 jean-frederic clere : > >> On 11/23/2015 01:56 PM, Konstantin Kolinko wrote: >>> TW, a changelog, documentation =? >> >> Here I have a small question. In fact it possible to mix ope

Re: Time for a 6.0.x release in January?

2015-12-22 Thread jean-frederic clere
On 12/22/2015 10:23 AM, Mark Thomas wrote: > All, > > It has been over 6 months since the last 6.0.x release. The changelog > for 6.0.x is reasonably long so it is looks like time for a release. > > Jean-Frederic or I have done the last few releases. Are there any > volunteers for the release man

[ANN] Apache Tomcat Native 1.2.17 released

2018-06-19 Thread Jean-Frederic Clere
The Apache Tomcat team announces the immediate availability of Apache Tomcat Native 1.2.17 stable. The key features of this release are: - Windows binaries built with APR 1.6.3 and OpenSSL 1.0.2o. - Fix Certificate verification using CRL. - Arrange OCSP response processing. Note that users shoul

[SECURITY] CVE-2018-8019 Apache Tomcat Native Connector - Mishandled OCSP invalid response

2018-07-21 Thread Jean-Frederic Clere
CVE-2018-8019 Apache Tomcat Native Connector - Mishandled OCSP invalid response Severity: Moderate Vendor: The Apache Software Foundation Versions Affected: Apache Tomcat Native 1.2.0 to 1.2.16 Apache Tomcat Native 1.1.23 to 1.1.34 Description: When using an OCSP responder Tomcat Native did not

[SECURITY] CVE-2018-8020 Apache Tomcat Native Connector - Mishandled OCSP responses can allow clients to authenticate with revoked certificates

2018-07-21 Thread Jean-Frederic Clere
CVE-2018-8020 Apache Tomcat Native Connector - Mishandled OCSP responses can allow clients to authenticate with revoked certificates Severity: Important Vendor: The Apache Software Foundation Versions Affected: Apache Tomcat Native 1.2.0 to 1.2.16 Apache Tomcat Native 1.1.23 to 1.1.34 Descript

[SECURITY] CVE-2018-1336 Apache Tomcat - Denial of Service

2018-07-22 Thread Jean-Frederic Clere
CVE-2018-1336 Apache Tomcat - Denial of Service Severity: Important Vendor: The Apache Software Foundation Versions Affected: Apache Tomcat 9.0.0.M9 to 9.0.7 Apache Tomcat 8.5.0 to 8.5.30 Apache Tomcat 8.0.0.RC1 to 8.0.51 Apache Tomcat 7.0.28 to 7.0.86 Description: An improper handing of overf

[SECURITY] CVE-2018-8037 Apache Tomcat - Information Disclosure

2018-07-22 Thread Jean-Frederic Clere
CVE-2018-8037 Apache Tomcat - Information Disclosure Severity: Important Vendor: The Apache Software Foundation Versions Affected: Apache Tomcat 9.0.0.M9 to 9.0.9 Apache Tomcat 8.5.5 to 8.5.31 Description: A bug in the tracking of connection closures can lead to reuse of user sessions in a new

[SECURITY] CVE-2018-8034 Apache Tomcat - Security Constraint Bypass

2018-07-22 Thread Jean-Frederic Clere
CVE-2018-8034 Apache Tomcat - Security Constraint Bypass Severity: Low Vendor: The Apache Software Foundation Versions Affected: Apache Tomcat 9.0.0.M1 to 9.0.9 Apache Tomcat 8.5.0 to 8.5.31 Apache Tomcat 8.0.0.RC1 to 8.0.52 Apache Tomcat 7.0.35 to 7.0.88 Description: The host name verification

https://repository.apache.org/content/repositories/snapshots/org/apache/tomcat/tomcat-dbcp/9.0-SNAPSHOT

2018-08-06 Thread jean-frederic clere
Hi, I have a question about using those snapshots: How are they produced? -- Cheers Jean-Frederic - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: https://repository.apache.org/content/repositories/snapshots/org/apache/tomcat/tomcat-dbcp/9.0-SNAPSHOT

2018-08-06 Thread jean-frederic clere
On 06/08/18 16:34, Mark Thomas wrote: > On 06/08/18 15:26, jean-frederic clere wrote: >> Hi, >> >> I have a question about using those snapshots: How are they produced? > > The buidlbot jobs that run after every commit generate and upload them. > It is only configu

DBCP2 in Tomcat

2018-08-07 Thread jean-frederic clere
Hi, I just want to ask what is the process, we pick all changes after commons-dbcp releases a version, or could I pick the actual code? -- Cheers Jean-Frederic - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For ad

Re: DBCP2 in Tomcat

2018-08-07 Thread jean-frederic clere
On 07/08/18 10:10, Mark Thomas wrote: > On 07/08/18 08:55, jean-frederic clere wrote: >> Hi, >> >> I just want to ask what is the process, we pick all changes after >> commons-dbcp releases a version, or could I pick the actual code? > > Generally, I keep an e

ant problems

2018-08-09 Thread jean-frederic clere
Hi, I have problems while building trunk: /home/jfclere/TMP/tomcat/build.xml:693: javac doesn't support the "release" attribute Is that expected I have tried java11 and java8 (openjdk)? -- Cheers Jean-Frederic - To unsubscri

tomcat-native trunk

2018-09-03 Thread jean-frederic clere
Hi, I am working on a jar to laod the libraries in tomcat-native. I have noted that the examples don't compile and that the test directory is empty. I am planning to clean that and go for maven build for the new jar. Comments? -- Cheers Jean-Frederic --

Re: tomcat-native trunk

2018-09-03 Thread jean-frederic clere
On 03/09/18 12:31, Rainer Jung wrote: > Am 03.09.2018 um 11:41 schrieb Mark Thomas: >> On 03/09/18 09:38, jean-frederic clere wrote: >>> Hi, >>> >>> I am working on a jar to laod the libraries in tomcat-native. I have >>> noted that the examples

Re: [VOTE] Release Apache Tomcat 9.0.12

2018-09-06 Thread jean-frederic clere
On 05/09/18 00:32, Mark Thomas wrote: > [X] Stable - go ahead and release as 9.0.12 Tested on fedora 28. -- Cheers Jean-Frederic - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-

Re: [VOTE] Release Apache Tomcat 8.5.0

2016-03-18 Thread jean-frederic clere
On 03/18/2016 03:47 PM, Mark Thomas wrote: > On 18/03/2016 14:44, jean-frederic clere wrote: >> On 03/17/2016 09:00 PM, Mark Thomas wrote: >>> [x] Alpha - go ahead and release as 8.5.0 >> >> I have failure in the following tests:

Re: [VOTE] Release Apache Tomcat 8.5.0

2016-03-18 Thread jean-frederic clere
On 03/17/2016 09:00 PM, Mark Thomas wrote: > [x] Alpha - go ahead and release as 8.5.0 I have failure in the following tests: +++ [concat] TEST-org.apache.tomcat.util.net.openssl.ciphers.TestCipher.NIO.txt [concat] TEST-org.apache.tomcat.util.net.openssl.ciphers.TestCipher.NIO2.txt [con

Re: Time for tc-native 1.2.6

2016-04-18 Thread jean-frederic clere
On 04/18/2016 05:03 PM, Rainer Jung wrote: > Hi Mark, > > Am 18.04.2016 um 16:37 schrieb Mark Thomas: >> I'd like to get the next tc-native release out before the end of the >> month so the next round of Tomcat releases can pick it up - particularly >> the cert chain from Java keystore fix. >> >>

Re: svn commit: r1741984 - in /tomcat/trunk: java/org/apache/coyote/ java/org/apache/coyote/ajp/ java/org/apache/coyote/http11/ java/org/apache/coyote/http11/upgrade/ java/org/apache/coyote/http2/ web

2016-05-02 Thread jean-frederic clere
Cool now the following h2 proxy configuration of httpd (trunk) works: +++ Protocols h2 http/1.1 ProtocolsHonorOrder on SSLEngine on ProxyPass "/" "h2c://localhost:8003/" +++ and h2load http://localhost:8003/ works too. On 8003 I have the tomcat running configured as: +++

Re: Timescale for 8.0.x EOL

2016-06-15 Thread jean-frederic clere
On 06/14/2016 02:05 PM, Rémy Maucherat wrote: > 2016-06-14 10:31 GMT+02:00 Mark Thomas : > >> On 14/06/2016 09:00, Emmanuel Bourg wrote: >>> Le 13/06/2016 à 17:47, Mark Thomas a écrit : Now we have a stable release of 8.5.x, I'd like to finialise the end of life date for 8.0.x so we can

Re: Timescale for 8.0.x EOL

2016-06-20 Thread jean-frederic clere
On 06/20/2016 12:12 PM, Mark Thomas wrote: > Since it seems there is some interest in maintaining 8.0.x beyond > September, how about we announce that: > - the monthly release cycle for 8.0.x will end in September > - new features and bug fixes are unlikely to be back-ported from that > point > -

Re: OpenSSL without APR experiment

2016-06-27 Thread jean-frederic clere
On 06/27/2016 06:07 PM, Rémy Maucherat wrote: > 2016-06-27 17:52 GMT+02:00 Mark Thomas : > >> Is the performance any different from NIO[2] + tc-native 1.2 + OpenSSL? >> If I recall correctly, when I asked previously you said APR/native >> generally had better performance. >> > > The performance i

Re: svn commit: r1750514 - in /tomcat/native/trunk: native/src/ssl.c xdocs/miscellaneous/changelog.xml

2016-06-28 Thread jean-frederic clere
On 06/28/2016 04:05 PM, ma...@apache.org wrote: > + Correct a potential performance problem identified by Nate Clark due to > + Tomcat Native providing OpenSSL with thread identifiers poorly suited > to > + the hash function used by OpenSSL when selecting a bucket for the hash > +

Re: [VOTE] Release Apache Tomcat Native 1.2.8

2016-06-30 Thread jean-frederic clere
On 06/28/2016 10:25 PM, Mark Thomas wrote: > Version 1.2.8 includes the following changes: > > - Fix OCSP / no OCSP status of Windows builds > - Improve handling of OS level EAGAIN return codes > - Fix a potential performance problem on Linux and OSX > > The proposed release artefacts can be fou

Re: JSSE-based crypto performance

2016-09-30 Thread jean-frederic clere
On 09/29/2016 08:35 PM, Christopher Schultz wrote: > All, > > In the past few years, jfclere has been dong some performance testing > with JSSE-based crypto versus OpenSSL-based crypto, and it had always > been clear that the pure-Java crypto was slower by orders of magnitude. Correct, it is stil

try to release taglibs-standard-1.2.6

2017-04-30 Thread jean-frederic clere
Hi, I will try to tag and propose taglibs-standard-1.2.6 for release tomorrow, any comments? Cheers Jean-Frederic - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apac

http://svn.apache.org/viewvc/tomcat/taglibs/standard/ in git?

2016-11-08 Thread jean-frederic clere
Hi, Anyone knows we have a git mirror of the taglibs? What would be the process to get it? Ticket to infra? Cheers Jean-Frederic - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h

Re: TomcatCon @ ApacheCon

2017-01-09 Thread jean-frederic clere
On 01/09/2017 12:58 PM, Mark Thomas wrote: > All, > > After speaking to various folks at various times about some form of > Tomcat conference, I've finally got around to actually doing something > about it. I'm like to try and do something alongside ApacheCon NA 2017. That makes sense since the A

Re: [POLL] Will you be at ApacheCon NA 2017?

2017-01-27 Thread jean-frederic clere
On 01/24/2017 04:46 PM, Mark Thomas wrote: > Hi, > > I'm sure you have all seen the TomcatCon discussion I started on the > users@ list. We are getting enthusiastic support from the ApacheCon > organisers at both the ASF and the Linux Foundation. > > I am starting to think about the overall sched

Re: [VOTE-RESTARTED] Release Apache Tomcat Native 1.2.4

2016-01-08 Thread jean-frederic clere
On 01/06/2016 01:56 PM, Mark Thomas wrote: > On 05/01/2016 15:46, Mark Thomas wrote: >> Version 1.2.4 includes the following change: >> >> - Renegotiation improvements >> >> The proposed release artefacts can be found at [1], >> and the build was done using tag [2]. >> >> The Apache Tomcat Native 1

Re: [VOTE-RESTARTED] Release Apache Tomcat Native 1.2.4

2016-01-08 Thread jean-frederic clere
On 01/06/2016 08:45 PM, Mark Thomas wrote: > On 06/01/2016 19:34, Rainer Jung wrote: >> Hi Mark, >> >> there's no file bin/openssl.exe in the Windows binariy zip files. >> >> It existed in 1.2.3 but was also missing for 1.2.2. It also exists in >> 1.2.0 and 1.2.1 as well as 1.1.33 and 1.1.34. So I

tagging tomcat 6.0.45

2016-01-08 Thread jean-frederic clere
Hi, I am planning to test and tag tomcat 6.0.45 during the week-end. Any objections? Cheers Jean-Frederic - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: tagging tomcat 6.0.45

2016-01-10 Thread jean-frederic clere
On 01/08/2016 11:28 PM, Mark Thomas wrote: > On 08/01/2016 14:21, jean-frederic clere wrote: >> Hi, >> >> I am planning to test and tag tomcat 6.0.45 during the week-end. >> >> Any objections? > > I'm working on some session stuff that really should

Re: tagging tomcat 6.0.45

2016-01-10 Thread jean-frederic clere
On 01/08/2016 07:27 PM, Konstantin Kolinko wrote: > 2016-01-08 17:21 GMT+03:00 jean-frederic clere : >> Hi, >> >> I am planning to test and tag tomcat 6.0.45 during the week-end. > > 1) A bug in a new feature: > https://bz.apache.org/bugzilla/show_bug.cgi?id=5

dropping windows ia64 in Tomcat6

2016-01-10 Thread jean-frederic clere
Hi, I would like to drop Itanium support in the windows binaries, we have dropped it in native 1.1.34 so we can't have a complete Itanium in Tomcat 6.0.45. Comments? Cheers Jean-Frederic - To unsubscribe, e-mail: dev-unsubscr

Re: [VOTE-RESTARTED] Release Apache Tomcat Native 1.2.4

2016-01-11 Thread jean-frederic clere
On 01/11/2016 03:10 PM, Giorgio Zoppi wrote: > Jean, > trying to move to CMake for making portable? That might be something to look at my previous tries with CMake weren't successful but feel free to contribute. Cheers Jean-Frederic --

Re: openssl 1.0.2f released

2016-01-28 Thread jean-frederic clere
On 01/28/2016 08:48 PM, Mark Thomas wrote: > On 28/01/2016 15:47, Rainer Jung wrote: >> My first thoughts: >> >> - DH small subgroups (CVE-2016-0701) >> >> Our native code sets SSL_OP_SINGLE_DH_USE in sslcontext.c (in the native >> impl of SSLContext.make()). This is true for trunk and 1.1.x. This

tagging tomcat 6.0.45 (try2)

2016-01-29 Thread jean-frederic clere
Hi, I am planning to test and tag tomcat 6.0.45 during the week-end. Mark has fixed his session stuff and the openssl we use isn't affected with the latest vulnerability. Any objections? Cheers Jean-Frederic - To unsubscribe,

Re: tagging tomcat 6.0.45 (try2)

2016-01-31 Thread jean-frederic clere
On 01/31/2016 07:47 PM, Konstantin Kolinko wrote: > 2016-01-30 15:54 GMT+03:00 Konstantin Kolinko : >> 2016-01-29 18:50 GMT+03:00 jean-frederic clere : >>> Hi, >>> >>> I am planning to test and tag tomcat 6.0.45 during the week-end. >>> >>> M

[VOTE] Release Apache Tomcat 6.0.45

2016-02-01 Thread jean-frederic clere
The proposed Apache Tomcat 6.0.45 release is now available for voting. It can be obtained from: https://dist.apache.org/repos/dist/dev/tomcat/tomcat-6/v6.0.45/ The Maven staging repo is: https://repository.apache.org/content/repositories/orgapachetomcat-1061/ The svn tag is: http://svn.apache.org/

Re: svn commit: r1728005 - in /tomcat/tags/TOMCAT_9_0_0_M3: ./ build.properties.default webapps/docs/changelog.xml

2016-02-02 Thread jean-frederic clere
On 02/01/2016 09:51 PM, ma...@apache.org wrote: > Author: markt > Date: Mon Feb 1 20:51:24 2016 > New Revision: 1728005 > > URL: http://svn.apache.org/viewvc?rev=1728005&view=rev > Log: > Tag 9.0.0.M3 > > Added: > tomcat/tags/TOMCAT_9_0_0_M3/ > - copied from r1727998, tomcat/trunk/ W

Re: svn commit: r1728005 - in /tomcat/tags/TOMCAT_9_0_0_M3: ./ build.properties.default webapps/docs/changelog.xml

2016-02-03 Thread jean-frederic clere
On 02/03/2016 09:52 AM, Mark Thomas wrote: > On 03/02/2016 07:53, jean-frederic clere wrote: >> On 02/01/2016 09:51 PM, ma...@apache.org wrote: >>> Author: markt >>> Date: Mon Feb 1 20:51:24 2016 >>> New Revision: 1728005 >>> >>> URL: htt

Re: [VOTE] Release Apache Tomcat 6.0.45

2016-02-03 Thread jean-frederic clere
On 02/03/2016 02:22 PM, Mark Thomas wrote: > On 01/02/2016 18:52, jean-frederic clere wrote: >> The proposed Apache Tomcat 6.0.45 release is now available for voting. >> >> It can be obtained from: >> https://dist.apache.org/repos/dist/dev/tomcat/tomcat-6/v6.0.45/ &

Re: svn commit: r1713220 - /tomcat/native/trunk/native/src/sslcontext.c

2016-02-03 Thread jean-frederic clere
On 02/03/2016 05:01 PM, Christopher Schultz wrote: > Jean-Frederic, > > On 11/8/15 5:34 AM, jfcl...@apache.org wrote: >> Author: jfclere Date: Sun Nov 8 10:34:31 2015 New Revision: >> 1713220 > >> URL: http://svn.apache.org/viewvc?rev=1713220&view=rev Log: >> Allow to use raw (well keystore) ce

Re: [VOTE] Release Apache Tomcat 9.0.0.M3

2016-02-03 Thread jean-frederic clere
On 02/02/2016 01:20 AM, Mark Thomas wrote: > The proposed 9.0.0.M3 release is: > [ ] Broken - do not release > [X] Alpha - go ahead and release as 9.0.0.M3 I have the following errors: +++ hudson@neo2 logs]$ grep -l FAILED *.txt TEST-org.apache.tomcat.util.net.openssl.ciphers.TestCipher.APR.txt TE

Re: [VOTE] Release Apache Tomcat 9.0.0.M3

2016-02-04 Thread jean-frederic clere
On 02/03/2016 07:08 PM, Mark Thomas wrote: > On 03/02/2016 16:20, jean-frederic clere wrote: >> On 02/02/2016 01:20 AM, Mark Thomas wrote: >>> The proposed 9.0.0.M3 release is: >>> [ ] Broken - do not release >>> [X] Alpha - go ahead and release as 9.0.0.

Re: [VOTE] Release Apache Tomcat 9.0.0.M3

2016-02-04 Thread jean-frederic clere
On 02/04/2016 02:38 PM, jean-frederic clere wrote: > That looks like something different in the openssl configuration, if > someone has an hint I can try to find the problem. Release first and I will look after the release ;-) Cheers Jean-Fr

Re: [VOTE] Release Apache Tomcat 6.0.45

2016-02-09 Thread jean-frederic clere
On 02/01/2016 07:52 PM, jean-frederic clere wrote: > The proposed Apache Tomcat 6.0.45 release is now available for voting. > > It can be obtained from: > https://dist.apache.org/repos/dist/dev/tomcat/tomcat-6/v6.0.45/ > The Maven staging repo is: > https://repository.

[RESULT] [VOTE] Release Apache Tomcat 6.0.45

2016-02-09 Thread jean-frederic clere
The following votes were cast: Binding: +1: markt, remm, violetagg, jfclere This vote therefore passes. Thanks to every one who tested and/or voted. I'll start the final release steps shortly. Cheers Jean-Frederic - To unsubs

[ANN] Apache Tomcat 6.0.45 available

2016-02-12 Thread Jean-Frederic Clere
The Apache Tomcat team announces the immediate availability of Apache Tomcat 6.0.45. Apache Tomcat is an open source software implementation of the Java Servlet, JavaServer Pages and Java Expression Language technologies. This release contains a number of bug fixes and improvements compared to ve

Re: NIO + JSSE + NIO + OpenSSL

2016-02-15 Thread jean-frederic clere
On 02/15/2016 11:30 AM, Rémy Maucherat wrote: > 2016-02-15 10:45 GMT+01:00 Mark Thomas : > >> Looks like such a claim is indeed over simplified. >> >> Having tweaking the test so the same cipher is used, NIO+JSSE is about >> 10% faster than NIO+OpenSSL :( >> >> Enabling direct buffers didn't seem

Re: Tomcat 8.next

2016-03-02 Thread jean-frederic clere
On 03/01/2016 11:30 PM, Rémy Maucherat wrote: > 2016-03-01 23:12 GMT+01:00 Mark Thomas : > >> To summarise where I think this discussion is going: >> >> - Create 8.5.x from 9.0.x with the following changes >> - revert all changes to spec APIs >> > > Yes. Do we have a plan when everyone wants to

Re: Tomcat 8.next

2016-03-02 Thread jean-frederic clere
On 02/25/2016 02:52 PM, Rémy Maucherat wrote: > b) A more radical option is to use 9 as 8.x but remove the Servlet API > changes. This would force Java 8 and many incompatible changes. That looks the best for me, tomcat-8.5.x Cheers Jean-Frederic

Re: [VOTE] Release JK 1.2.46

2018-10-12 Thread jean-frederic clere
On 01/10/2018 17:30, Mark Thomas wrote: > Tag: > http://svn.apache.org/viewvc/tomcat/jk/tags/JK_1_2_46/ > > Source: > https://dist.apache.org/repos/dist/dev/tomcat/tomcat-connectors/jk/ > > > This is a maintenance release with a handful of bug fixes (compared to > 1.2.44) and some clean-up. It a

Re: [VOTE] Release Apache Tomcat Native 1.2.18

2018-10-19 Thread jean-frederic clere
On 18/10/2018 00:19, Mark Thomas wrote: > [X] Stable, go ahead and release tested with nio/apr on rhel7 (apr: 1.5.2 openssl: 1.0.2k-fips), fedora28 (apr: 1.6.3 openssl: 1.1.0i-fips). scripts in https://github.com/jfclere/tomcat-native-tests.git -- Cheers Jean-Frederic ---

Re: svn commit: r1847704 - /tomcat/trunk/java/org/apache/catalina/ha/backend/HeartbeatListener.java

2018-11-29 Thread jean-frederic clere
On 29/11/2018 11:04, Mark Thomas wrote: > On 29/11/2018 09:56, jean-frederic clere wrote: >> On 29/11/2018 10:46, ma...@apache.org wrote: >>> Author: markt >>> Date: Thu Nov 29 09:46:49 2018 >>> New Revision: 1847704 >>> >>> URL: http://svn.a

Re: svn commit: r1847714 - /tomcat/native/trunk/native/src/sslconf.c

2018-11-29 Thread jean-frederic clere
On 29/11/2018 18:13, Christopher Schultz wrote: > Jean-Frederic, > > On 11/29/18 08:06, jfcl...@apache.org wrote: >> Author: jfclere Date: Thu Nov 29 13:06:21 2018 New Revision: >> 1847714 > >> URL: http://svn.apache.org/viewvc?rev=1847714&view=rev Log: Allow >> to compile with --enable-insecure-

Re: svn commit: r1847714 - /tomcat/native/trunk/native/src/sslconf.c

2018-11-29 Thread jean-frederic clere
On 29/11/2018 18:25, Christopher Schultz wrote: > Jean-Frederic, > > On 11/29/18 12:18, jean-frederic clere wrote: >> On 29/11/2018 18:13, Christopher Schultz wrote: >>> Jean-Frederic, >>> >>> On 11/29/18 08:06, jfcl...@apache.org wrote: >>>&

Re: [VOTE] Release Apache Tomcat Native 1.2.19

2018-12-04 Thread jean-frederic clere
On 30/11/2018 21:00, Mark Thomas wrote: > [X] Stable, go ahead and release tested on fedora29 with tomcat-9.0.13. -- Cheers Jean-Frederic - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-

Re: [Git migration] Merge strategy

2018-01-22 Thread jean-frederic clere
On 22/01/18 22:16, Mark Thomas wrote: > 1. Make the change in master and cherry-pick as required to earlier >versions. This is, essentially, what we do now in svn. That is what most of the github "hosted" projects are doing, so +1 for it. Additionally it prevents forgetting fixing master...

Re: Merging Netty and Twitter fork of tcnative back

2015-06-05 Thread jean-frederic clere
On 06/04/2015 03:13 PM, Rainer Jung wrote: I think we can safely drop NPN as it seems to be a dead end The Netty people are using it in SPDY it would be better to keep it if possible. Cheers Jean-Frederic - To unsubscribe,

porting netty-tcnative to tomcat-native

2015-06-14 Thread jean-frederic clere
Hi, The netty-tcnative is based on the 1.1.x so the porting taking more than excepted. I would like some comments on the class caching for performances like in ssl.c: +++ TCN_FREE_CSTRING(engine); + +/* Cache the byte[].class for performance reasons */ +clazz = (*e)->FindClass(e,

Re: porting netty-tcnative to tomcat-native

2015-06-15 Thread jean-frederic clere
On 06/15/2015 08:25 AM, Mark Thomas wrote: On 15/06/2015 06:55, jean-frederic clere wrote: Hi, The netty-tcnative is based on the 1.1.x so the porting taking more than excepted. Are you going to be able to commit this in multiple commits or is it going to be one big commit? A big commit it

removing empty stubs in tc-native trunk

2015-06-15 Thread jean-frederic clere
Hi, We have empty stubs in tc-native when openssl isn't detected, are those still needed? With NIO and NIO2 connectors we don't need native when we aren't using SSL. Comments? Cheers Jean-Frederic - To unsubscribe, e-mail

Re: removing empty stubs in tc-native trunk

2015-06-15 Thread jean-frederic clere
On 06/15/2015 01:32 PM, Mark Thomas wrote: On 15/06/2015 12:27, jean-frederic clere wrote: Hi, We have empty stubs in tc-native when openssl isn't detected, are those still needed? Yes, if we want to be able to support the APR/native connector without OpenSSL. With NIO and NIO2 conne

SSLSocket.getALPN()

2015-06-15 Thread jean-frederic clere
Hi, We are using SSLSocket.getALPN() but in fact that belongs to SSL according to the C code, should we move that to SSL and use the netty-tc-native code there? SSL.getAlpnSelected() would do the trick, Cheers Jean-Frederic --

Re: SSLSocket.getALPN()

2015-06-15 Thread jean-frederic clere
On 06/15/2015 04:25 PM, Mark Thomas wrote: On 15/06/2015 15:17, jean-frederic clere wrote: Hi, We are using SSLSocket.getALPN() but in fact that belongs to SSL according to the C code, should we move that to SSL and use the netty-tc-native code there? I don't understand. ALPN is negot

Re: [GitHub] tomcat-native pull request: Port Netty-tc-native code to tomcat-na...

2015-06-18 Thread jean-frederic clere
I am going to merge it today and fix in svn what will be broken after. Cheers Jean-Frederic - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: [GitHub] tomcat-native pull request: Port Netty-tc-native code to tomcat-na...

2015-06-18 Thread jean-frederic clere
On 06/18/2015 02:41 PM, Mark Thomas wrote: On 18 June 2015 13:12:52 BST, jean-frederic clere wrote: I am going to merge it today and fix in svn what will be broken after. Cheers Jean-Frederic - To unsubscribe, e-mail: dev

Re: tc-native and multiple certificates for a single virtual host

2015-06-21 Thread jean-frederic clere
On 06/19/2015 10:01 PM, Mark Thomas wrote: I'm looking at integrating multiple certificate support with APR/native and the new OpenSSLContext. I have a query about the following method that I hope those that have been working in this area recently will be able to answer. SSLContext.setCertifica

Re: tc-native and multiple certificates for a single virtual host

2015-06-23 Thread jean-frederic clere
On 06/23/2015 02:11 PM, Konstantin Kolinko wrote: 2015-06-22 9:06 GMT+03:00 jean-frederic clere : On 06/19/2015 10:01 PM, Mark Thomas wrote: I'm looking at integrating multiple certificate support with APR/native and the new OpenSSLContext. I have a query about the following method t

Re: Heads up on OpenSSL vulnerability

2015-07-09 Thread jean-frederic clere
On 07/07/2015 10:53 AM, Mark Thomas wrote: FYI https://mta.openssl.org/pipermail/openssl-announce/2015-July/37.html We might need to point Windows users to this: http://wiki.apache.org/tomcat/BuildTcNativeWin until we can get an updated build out (assuming the issue affects us). It is look

Re: svn commit: r1690279 - /tomcat/native/trunk/native/src/network.c

2015-07-14 Thread jean-frederic clere
On 07/13/2015 07:35 PM, Christopher Schultz wrote: Jean-Frederic, On 7/10/15 10:48 AM, jfcl...@apache.org wrote: Author: jfclere Date: Fri Jul 10 15:48:01 2015 New Revision: 1690279 URL: http://svn.apache.org/r1690279 Log: Make sure we don't core the JVM if called wrongly from a destroyed or c

Re: svn commit: r1691565 - in /tomcat/trunk/java/org/apache/tomcat/util/net/openssl: OpenSSLContext.java OpenSSLEngine.java

2015-07-19 Thread jean-frederic clere
On 07/17/2015 04:03 PM, r...@apache.org wrote: Find the new better API for ALPN. Should we remove the old one? Basically it should be use only by tomcat. Cheers Jean-Frederic - To unsubscribe, e-mail: dev-unsubscr...@tomcat

Re: [ANN] Apache Tomcat Connectors 1.2.41 released

2015-08-19 Thread jean-frederic clere
On 08/17/2015 01:10 PM, Mark Thomas wrote: The Apache Tomcat Project is proud to announce the release of version 1.2.41 of the Apache Tomcat Connectors. This version fixes one security issue (CVE-2014-8111) and a number of bugs found in previous releases. Many thanks for the release and sorry f

Re: svn commit: r1700964 - /tomcat/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLEngine.java

2015-09-03 Thread jean-frederic clere
On 09/03/2015 11:16 AM, jfcl...@apache.org wrote: Author: jfclere Date: Thu Sep 3 09:16:48 2015 New Revision: 1700964 URL: http://svn.apache.org/r1700964 Log: Remove useless code. Well it reset the pos after the put... I will rollback that might be used somewhere no? Cheers Jean-Frederic

tagging http://svn.apache.org/repos/asf/tomcat/native/trunk/

2015-09-08 Thread jean-frederic clere
Hi, I think it is time to tag trunk of native to go forward for native What tag should I use? 1.2.0 as it still work with the APR connector? I am planning to drop APR and have an OpenSSL only native in a near future (that might takes times to lack of cycles). Comments on that? Cheers Jea

Re: tagging http://svn.apache.org/repos/asf/tomcat/native/trunk/

2015-09-09 Thread jean-frederic clere
On 09/09/2015 10:18 AM, Mark Thomas wrote: On 09/09/2015 07:20, jean-frederic clere wrote: Hi, I think it is time to tag trunk of native to go forward for native What tag should I use? 1.2.0 as it still work with the APR connector? 1.2.0 works for me. I don't think we are finished

ApacheCon tomcat9 or tomcat-trunk

2015-09-10 Thread jean-frederic clere
Hi, I have a wording questions from my ApacheCon presentations, I am using tomcat9 to speak about trunk but basically tomcat9 should be with java9 and the new servlet specifications. AKA far future. It will be probably interesting to promote an intermediate tomcat version with HTTP/2 and rel

Re: ApacheCon tomcat9 or tomcat-trunk

2015-09-10 Thread jean-frederic clere
On 09/10/2015 02:10 PM, Rémy Maucherat wrote: I don't exactly know what is in trunk that couldn't be in a 8.1. The removals of existing features make a lot of the rest probably acceptable. The EE schedule saying 2017, it's really a long time to be in beta [or not maybe;) ]. HTTP/2 seems t

NIO sendfile

2015-09-14 Thread jean-frederic clere
Hi, I have noted that "sendfile" with the NIO connector doesn't fill the CPU on a load test I am testing HTTP/1.1 with: sslImplementationName="org.apache.tomcat.util.net.openssl.OpenSSLImplementation" 16 ab creating 80 connections requesting files from 4K to 32M NIO2 works as excepted with th

Re: NIO sendfile

2015-09-14 Thread jean-frederic clere
On 09/14/2015 10:21 AM, Mark Thomas wrote: On 14/09/2015 09:16, jean-frederic clere wrote: Hi, I have noted that "sendfile" with the NIO connector doesn't fill the CPU on a load test I am testing HTTP/1.1 with: sslImplementationName="org.apache.tomcat.util.net.openssl.O

Re: NIO sendfile

2015-09-14 Thread jean-frederic clere
On 09/14/2015 10:44 AM, jean-frederic clere wrote: On 09/14/2015 10:21 AM, Mark Thomas wrote: On 14/09/2015 09:16, jean-frederic clere wrote: Hi, I have noted that "sendfile" with the NIO connector doesn't fill the CPU on a load test I am testing HTTP/1.1 with: sslImp

Re: svn commit: r1702962 - /tomcat/trunk/java/org/apache/tomcat/util/net/NioEndpoint.java

2015-09-15 Thread jean-frederic clere
On 09/14/2015 04:44 PM, r...@apache.org wrote: Author: remm Date: Mon Sep 14 14:44:06 2015 New Revision: 1702962 URL: http://svn.apache.org/r1702962 Log: Similar to NIO2, async NIO sendfile needs to deallocate and recycle the buffer. That fixed the java.lang.OutOfMemoryError: Direct buffer mem

Re: Time for a 6.0.x release

2015-05-08 Thread jean-frederic clere
On 05/06/2015 12:37 AM, Mark Thomas wrote: It has been about 6 months since the last release, the changelog is reasonably long so I think it is time for 6.0.44. I am on it Cheers Jean-Frederic - To unsubscribe, e-mail: dev-u

[VOTE] Release Apache Tomcat 6.0.44

2015-05-08 Thread jean-frederic clere
The proposed Apache Tomcat 6.0.44 release is now available for voting. It can be obtained from: https://dist.apache.org/repos/dist/dev/tomcat/tomcat-6/v6.0.44/ The Maven staging repo is: https://repository.apache.org/content/repositories/orgapachetomcat-1044/ The svn tag is: http://svn.apache.org

Re: [VOTE] Release Apache Tomcat 6.0.44

2015-05-12 Thread jean-frederic clere
On 05/08/2015 04:24 PM, jean-frederic clere wrote: [ ] Stable - go ahead and release as 6.0.44 Stable All my tests are OK. Cheers Jean-Frederic - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional

<    1   2   3   4   5   6   7   8   >