Client certificate checking
All, I've been lazily looking at this issue on SO: http://stackoverflow.com/questions/33688020 I haven't independently verified that Tomcat (or the JRE, more likely) validates expired certificates but I can see arguments in favor of both behaviors: 1. If the client cert (not an intermediate) is in the trust store, the client cert should be trusted, even if it has expired. The CRL is not being used, here. 2. If an intermediate cert is in the trust store, trust the client cert unless it has expired. I think the OP in the SO issue is talking about case #1 above. I haven't dug into the JRE's implementation of a TrustManager under the covers, but I wonder if anyone has experience with this kind of thing to know what's (a) supposed to happen and (b) whether or not Tomcat could change the behavior. The X509TrustManager interface isn't very flexible, though the implementation itself certainly can be. -chris - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: tagging tomcat 6.0.45
On 01/08/2016 11:28 PM, Mark Thomas wrote: > On 08/01/2016 14:21, jean-frederic clere wrote: >> Hi, >> >> I am planning to test and tag tomcat 6.0.45 during the week-end. >> >> Any objections? > > I'm working on some session stuff that really should be in the next 6 > release. I don't think it will be ready until early next week. OK ping me when you are ready. Cheers Jean-Frederic > > Mark > > > - > To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org > For additional commands, e-mail: dev-h...@tomcat.apache.org > > - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: tagging tomcat 6.0.45
On 01/08/2016 07:27 PM, Konstantin Kolinko wrote: > 2016-01-08 17:21 GMT+03:00 jean-frederic clere : >> Hi, >> >> I am planning to test and tag tomcat 6.0.45 during the week-end. > > 1) A bug in a new feature: > https://bz.apache.org/bugzilla/show_bug.cgi?id=58817 > > I plan to look there together with old Mapper patch (currently in > STATUS), but I think it needs backporting some tests. I have not > looked at Mapper for 1,5 years (that proposed patch is dated 2014-06) > > If anyone beets me with a fix, then OK. Maybe there is a simple > solution / some trivial oversight. > > > 2) Updating to any recent version of Tomcat Native needs update to > tomcat.nsi to skip Itanium binaries. We should drop Itanium, shouldn't we? > Tomcat 7 has this issue as well. > > I am not sure that we want to ship it with native 1.1.33. 1.1.34 means drop Itanium, which is easy ;-) Cheers Jean-Frederic > > > Best regards, > Konstantin Kolinko > > - > To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org > For additional commands, e-mail: dev-h...@tomcat.apache.org > > - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: tagging tomcat 6.0.45
On 10/01/2016 16:39, jean-frederic clere wrote: > On 01/08/2016 11:28 PM, Mark Thomas wrote: >> On 08/01/2016 14:21, jean-frederic clere wrote: >>> Hi, >>> >>> I am planning to test and tag tomcat 6.0.45 during the week-end. >>> >>> Any objections? >> >> I'm working on some session stuff that really should be in the next 6 >> release. I don't think it will be ready until early next week. > > OK ping me when you are ready. Will do. Tx. Mark - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1723971 - /tomcat/tc8.0.x/trunk/webapps/docs/building.xml
Author: kkolinko
Date: Sun Jan 10 23:41:28 2016
New Revision: 1723971
URL: http://svn.apache.org/viewvc?rev=1723971&view=rev
Log:
Fix Apache Ant version typo in building.html
Modified:
tomcat/tc8.0.x/trunk/webapps/docs/building.xml
Modified: tomcat/tc8.0.x/trunk/webapps/docs/building.xml
URL:
http://svn.apache.org/viewvc/tomcat/tc8.0.x/trunk/webapps/docs/building.xml?rev=1723971&r1=1723970&r2=1723971&view=diff
==
--- tomcat/tc8.0.x/trunk/webapps/docs/building.xml (original)
+++ tomcat/tc8.0.x/trunk/webapps/docs/building.xml Sun Jan 10 23:41:28 2016
@@ -69,7 +69,7 @@ Download a binary distribution of Ant 1.
Unpack the binary distribution into a convenient location so that the
Ant release resides in its own directory (conventionally named
-apache-ant-1.8.x). For the remainder of this guide,
+apache-ant-1.9.x). For the remainder of this guide,
the symbolic name ${ant.home} is used to refer to the full
pathname of
the Ant installation directory.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[GUMP@vmgump]: Project tomcat-tc8.0.x-test-apr (in module tomcat-8.0.x) failed
To whom it may engage... This is an automated request, but not an unsolicited one. For more information please visit http://gump.apache.org/nagged.html, and/or contact the folk at gene...@gump.apache.org. Project tomcat-tc8.0.x-test-apr has an issue affecting its community integration. This issue affects 1 projects. The current state of this project is 'Failed', with reason 'Build Failed'. For reference only, the following projects are affected by this: - tomcat-tc8.0.x-test-apr : Tomcat 8.x, a web server implementing the Java Servlet 3.1, ... Full details are available at: http://vmgump.apache.org/gump/public/tomcat-8.0.x/tomcat-tc8.0.x-test-apr/index.html That said, some information snippets are provided here. The following annotations (debug/informational/warning/error messages) were provided: -DEBUG- Dependency on commons-daemon exists, no need to add for property commons-daemon.native.src.tgz. -DEBUG- Dependency on commons-daemon exists, no need to add for property tomcat-native.tar.gz. -INFO- Failed with reason build failed -INFO- Project Reports in: /srv/gump/public/workspace/tomcat-8.0.x/output/logs-APR -INFO- Project Reports in: /srv/gump/public/workspace/tomcat-8.0.x/output/test-tmp-APR/logs -WARNING- No directory [/srv/gump/public/workspace/tomcat-8.0.x/output/test-tmp-APR/logs] The following work was performed: http://vmgump.apache.org/gump/public/tomcat-8.0.x/tomcat-tc8.0.x-test-apr/gump_work/build_tomcat-8.0.x_tomcat-tc8.0.x-test-apr.html Work Name: build_tomcat-8.0.x_tomcat-tc8.0.x-test-apr (Type: Build) Work ended in a state of : Failed Elapsed: 9 mins 40 secs Command Line: /usr/lib/jvm/java-8-oracle/bin/java -Djava.awt.headless=true -Dbuild.sysclasspath=only org.apache.tools.ant.Main -Dgump.merge=/srv/gump/public/gump/work/merge.xml -Djunit.jar=/srv/gump/public/workspace/junit/target/junit-4.13-SNAPSHOT.jar -Dobjenesis.jar=/srv/gump/public/workspace/objenesis/main/target/objenesis-2.3-SNAPSHOT.jar -Dtest.reports=output/logs-APR -Dtomcat-native.tar.gz=/srv/gump/public/workspace/apache-commons/daemon/dist/bin/commons-daemon-20160111-native-src.tar.gz -Dexamples.sources.skip=true -Djdt.jar=/srv/gump/packages/eclipse/plugins/R-4.5-201506032000/ecj-4.5.jar -Dtest.apr.loc=/srv/gump/public/workspace/tomcat-native/dest-20160111/lib -Dcommons-daemon.jar=/srv/gump/public/workspace/apache-commons/daemon/dist/commons-daemon-20160111.jar -Dcommons-daemon.native.src.tgz=/srv/gump/public/workspace/apache-commons/daemon/dist/bin/commons-daemon-20160111-native-src.tar.gz -Dtest.temp=output/test-tmp-APR -Dtest.accesslog=true -Dexecute.test.nio=false -Dtest .openssl.path=/srv/gump/public/workspace/openssl-1.0.2/dest-20160111/bin/openssl -Dexecute.test.bio=false -Dexecute.test.apr=true -Dtest.excludePerformance=true -Dexecute.test.nio2=false -Deasymock.jar=/srv/gump/public/workspace/easymock/core/target/easymock-3.5-SNAPSHOT.jar -Dhamcrest.jar=/srv/gump/packages/hamcrest/hamcrest-core-1.3.jar -Dcglib.jar=/srv/gump/packages/cglib/cglib-nodep-2.2.jar test [Working Directory: /srv/gump/public/workspace/tomcat-8.0.x] CLASSPATH: /usr/lib/jvm/java-8-oracle/lib/tools.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/webapps/examples/WEB-INF/classes:/srv/gump/public/workspace/tomcat-8.0.x/output/testclasses:/srv/gump/public/workspace/ant/dist/lib/ant.jar:/srv/gump/public/workspace/ant/dist/lib/ant-launcher.jar:/srv/gump/public/workspace/ant/dist/lib/ant-jmf.jar:/srv/gump/public/workspace/ant/dist/lib/ant-junit.jar:/srv/gump/public/workspace/ant/dist/lib/ant-junit4.jar:/srv/gump/public/workspace/ant/dist/lib/ant-swing.jar:/srv/gump/public/workspace/ant/dist/lib/ant-apache-resolver.jar:/srv/gump/public/workspace/ant/dist/lib/ant-apache-xalan2.jar:/srv/gump/public/workspace/xml-commons/java/build/resolver.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/bin/bootstrap.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/bin/tomcat-juli.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/lib/annotations-api.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/lib/servlet-api.ja r:/srv/gump/public/workspace/tomcat-8.0.x/output/build/lib/jsp-api.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/lib/el-api.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/lib/websocket-api.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/lib/catalina.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/lib/catalina-ant.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/lib/catalina-storeconfig.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/lib/tomcat-coyote.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/lib/jasper.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/lib/jasper-el.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/lib/catalina-tribes.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/lib/catalina-ha.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/lib/tomca
dropping windows ia64 in Tomcat6
Hi, I would like to drop Itanium support in the windows binaries, we have dropped it in native 1.1.34 so we can't have a complete Itanium in Tomcat 6.0.45. Comments? Cheers Jean-Frederic - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: dropping windows ia64 in Tomcat6
2016-01-11 10:03 GMT+03:00 jean-frederic clere : > Hi, > > > I would like to drop Itanium support in the windows binaries, we have > dropped it in native 1.1.34 so we can't have a complete Itanium in > Tomcat 6.0.45. +1. Best regards, Konstantin Kolinko - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
