TODO.txt

rjung Thu, 14 Jun 2012 06:29:09 -0700

Author: rjung
Date: Thu Jun 14 13:28:40 2012
New Revision: 1350231

URL: http://svn.apache.org/viewvc?rev=1350231&view=rev
Log:
Add a TODO file.


Added:
    tomcat/native/branches/1.1.x/TODO.txt   (with props)

Added: tomcat/native/branches/1.1.x/TODO.txt
URL: 
http://svn.apache.org/viewvc/tomcat/native/branches/1.1.x/TODO.txt?rev=1350231&view=auto
==============================================================================
--- tomcat/native/branches/1.1.x/TODO.txt (added)
+++ tomcat/native/branches/1.1.x/TODO.txt Thu Jun 14 13:28:40 2012
@@ -0,0 +1,165 @@
+================================================================================
+  Licensed to the Apache Software Foundation (ASF) under one or more
+  contributor license agreements.  See the NOTICE file distributed with
+  this work for additional information regarding copyright ownership.
+  The ASF licenses this file to You under the Apache License, Version 2.0
+  (the "License"); you may not use this file except in compliance with
+  the License.  You may obtain a copy of the License at
+
+      http://www.apache.org/licenses/LICENSE-2.0
+
+  Unless required by applicable law or agreed to in writing, software
+  distributed under the License is distributed on an "AS IS" BASIS,
+  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  See the License for the specific language governing permissions and
+  limitations under the License.
+================================================================================
+
+
+            Apache Tomcat Native Library
+
+                        TODO
+
+
+SSL Renegotiation
+-----------------
+
+It is unclear to me, what the current state is. It looks like we support
+the unsafe legacy reneg whenever the OpenSSL used during build time
+supports it. There is no configuration option to switch it off during
+runtime. Right?
+
+Is it correct, that client initiated reneg is not supported and thus the
+known attacks will not work even with old OpenSSL?
+
+Should we add a remark about this topic to the docs?
+
+
+Java Tests and Examples
+-----------------------
+
+- No mentioning of running "ant download" before tests. Without
+  it test compilation fails.
+
+- "ant test" fails in line 85 of SocketServerTestSuite.java, because
+  on my system the checking for precisely 2 milliseconds won't work.
+  The call returns after 11 millis not after 2
+
+- "ant run-echo": will fail, because by default uses privileged
+  port 23. Maybe switch to 8023 as a default?
+  Users should not run tests as root and on most systems the default
+  port should just work.
+
+- "ant run-echo": what is the expected behaviour of this example.
+  I couldn't get it to do something understandable.
+  Document the example in the README.txt.
+
+- "ant run-ssl-server": Could't we include a test certificate in the
+  distribution?
+
+- "ant run-ssl-server": What should the test produce, if run successfully?
+  Document the example in the README.txt.
+
+- "ant run-local-server": Creates a unix socket "\\.\PIPE\test" in the
+  examples directory, then waits. How is the test expected to work?
+  And the file name doesn't seem to be appropriate for Unix.
+  Document the example in the README.txt.
+
+
+Compilation Warnings
+--------------------
+
+On Solaris:
+
+src/file.c: In function 'Java_org_apache_tomcat_jni_File_writev':
+src/file.c:384: warning: pointer targets in assignment differ in signedness
+src/file.c:390: warning: pointer targets in passing argument 3 of 
'(*e)->ReleaseByteArrayElements' differ in signedness
+src/file.c: In function 'Java_org_apache_tomcat_jni_File_writevFull':
+src/file.c:418: warning: pointer targets in assignment differ in signedness
+src/file.c:428: warning: pointer targets in passing argument 3 of 
'(*e)->ReleaseByteArrayElements' differ in signedness
+
+src/network.c: In function 'Java_org_apache_tomcat_jni_Socket_sendv':
+src/network.c:668: warning: pointer targets in assignment differ in signedness
+src/network.c:674: warning: pointer targets in passing argument 3 of 
'(*e)->ReleaseByteArrayElements' differ in signedness
+src/network.c: In function 'Java_org_apache_tomcat_jni_Socket_sendfile':
+src/network.c:1220: warning: pointer targets in assignment differ in signedness
+src/network.c:1225: warning: pointer targets in assignment differ in signedness
+src/network.c:1243: warning: pointer targets in passing argument 3 of 
'(*e)->ReleaseByteArrayElements' differ in signedness
+src/network.c:1247: warning: pointer targets in passing argument 3 of 
'(*e)->ReleaseByteArrayElements' differ in signedness
+
+src/poll.c:271: warning: 'remove_all' defined but not used
+
+src/ssl.c: In function 'ssl_rand_make':
+src/ssl.c:469: warning: value computed is not used
+
+Some info on that: "The JNI functions take a jbyte*, which is a signed char*
+on my Solaris system. Whereas the iovec iov_base is a caddr_t, which is a 
char*."
+
+
+Java Classes Source Distribution
+--------------------------------
+
+Aren't the official sources in trunk/java/org/apache/tomcat/jni?
+
+Note that they are not identical with the ones contained in tcnative.
+The tcnative version of the classes is outdated and not maintained any more.
+So IMHO we should no longer distribute these. I suggest removing them from
+native svn and adding the ones from tc 7 or tc trunk to the native source
+distribution.
+
+Then check on how to reintegrate the test and examples classes.
+I think they have no other home.
+
+Furthermore some of the old files do not exist inside TC:
+- Apr.java, apr.properties, jni/Buffer.java and jni/Thread.java
+I don't know their purpose and whether we can delete them.
+
+
+Incomplete implementation on Linux
+----------------------------------
+
+There is no impl for Linux to retrieve
+
+     * inf[7]  - Idle Time in microseconds
+     * inf[8]  - Kernel Time in microseconds
+     * inf[9]  - User Time in microseconds
+     * inf[10] - Process creation time (apr_time_t)
+     * inf[11] - Process Kernel Time in microseconds
+     * inf[12] - Process User Time in microseconds
+
+I implemented those for Solaris long ago and thought they existed for
+Linux from the beginning. But in fact for Linux there are only memory
+figures implemented.
+
+
+Releasing
+---------
+
+- Document how to release.
+
+- Add info about updating config.guess and config.sub from 
+
+http://git.savannah.gnu.org/gitweb/?p=config.git;a=blob_plain;f=config.guess;hb=HEAD
+http://git.savannah.gnu.org/gitweb/?p=config.git;a=blob_plain;f=config.sub;hb=HEAD
+
+- ZIP download seems to have group write permissions set
+  (at least after I extract it on Solaris).
+  It's a bit strange that permissions differ between the
+  tar and zip archives.
+
+- OCSP enabled Windows binary
+  - Document build
+  - Use consistent naming
+    (1.1.22 used ...win32-ocsp..., 1.1.24 used ...ocsp-win32...)
+
+
+Trunk
+-----
+
+Trunk isn't really maintained. A lot of merges
+need to be done. AFAIK the trunk native classes
+contain some additions, so we can't simply remove trunk.
+
+Change release layout when releasing trunk: don't insert
+the additional "jni" directory, instead keep layout in sync
+between svn and source distribution.

Propchange: tomcat/native/branches/1.1.x/TODO.txt
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: tomcat/native/branches/1.1.x/TODO.txt
------------------------------------------------------------------------------
    svn:keywords = Author Date Id Revision



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

svn commit: r1350231 - /tomcat/native/branches/1.1.x/TODO.txt

Reply via email to