[GitHub] [tomcat] shirayuki opened a new pull request #328: Fix indentation of versionLoggerListener.*
shirayuki opened a new pull request #328: URL: https://github.com/apache/tomcat/pull/328 versionLoggerListener.* properties are consistently indented with spaces. Japanese translations should follow English ones. This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
First impressions from OpenSSL 3.0.0 and httpd 2.4.45
Hi there, during release testing for 2.4.45 I also built and tested using OpenSSL 3.0.0alpha5 on the server. Overall first results are pretty good: - a few deprecation warnings during compilation: modules/ssl/ssl_engine_config.c:610:5: warning: 'ENGINE_by_id' is deprecated [-Wdeprecated-declarations] modules/ssl/ssl_engine_config.c:612:9: warning: 'ENGINE_free' is deprecated [-Wdeprecated-declarations] modules/ssl/ssl_engine_config.c:617:9: warning: 'ENGINE_get_first' is deprecated [-Wdeprecated-declarations] modules/ssl/ssl_engine_config.c:619:13: warning: 'ENGINE_get_id' is deprecated [-Wdeprecated-declarations] modules/ssl/ssl_engine_config.c:620:42: warning: 'ENGINE_get_name' is deprecated [-Wdeprecated-declarations] modules/ssl/ssl_engine_config.c:623:13: warning: 'ENGINE_get_next' is deprecated [-Wdeprecated-declarations] modules/ssl/ssl_engine_init.c:457:9: warning: 'ENGINE_by_id' is deprecated [-Wdeprecated-declarations] modules/ssl/ssl_engine_init.c:467:13: warning: 'ENGINE_ctrl' is deprecated [-Wdeprecated-declarations] modules/ssl/ssl_engine_init.c:471:9: warning: 'ENGINE_set_default' is deprecated [-Wdeprecated-declarations] modules/ssl/ssl_engine_init.c:482:9: warning: 'ENGINE_free' is deprecated [-Wdeprecated-declarations] modules/ssl/ssl_engine_kernel.c:2611:9: warning: 'HMAC_Init_ex' is deprecated [-Wdeprecated-declarations] modules/ssl/ssl_engine_kernel.c:2632:9: warning: 'HMAC_Init_ex' is deprecated [-Wdeprecated-declarations] modules/ssl/ssl_engine_log.c:90:5: warning: 'ERR_peek_error_line_data' is deprecated [-Wdeprecated-declarations] modules/ssl/ssl_engine_pphrase.c:856:5: warning: 'ENGINE_by_id' is deprecated [-Wdeprecated-declarations] modules/ssl/ssl_engine_pphrase.c:864:5: warning: 'ENGINE_init' is deprecated [-Wdeprecated-declarations] modules/ssl/ssl_engine_pphrase.c:877:9: warning: 'ENGINE_ctrl_cmd_string' is deprecated [-Wdeprecated-declarations] modules/ssl/ssl_engine_pphrase.c:886:9: warning: 'ENGINE_ctrl_cmd' is deprecated [-Wdeprecated-declarations] modules/ssl/ssl_engine_pphrase.c:896:5: warning: 'ENGINE_load_private_key' is deprecated [-Wdeprecated-declarations] modules/ssl/ssl_engine_pphrase.c:904:5: warning: 'ENGINE_finish' is deprecated [-Wdeprecated-declarations] modules/ssl/ssl_engine_pphrase.c:905:5: warning: 'ENGINE_free' is deprecated [-Wdeprecated-declarations] - a few const warnings modules/ssl/ssl_engine_kernel.c:608:55: warning: passing argument 2 of 'sk_SSL_CIPHER_find' discards 'const' qualifier from pointer target type [-Wdiscarded-qualifiers] modules/ssl/ssl_engine_kernel.c:627:61: warning: passing argument 2 of 'sk_SSL_CIPHER_find' discards 'const' qualifier from pointer target type [-Wdiscarded-qualifiers] modules/ssl/ssl_engine_kernel.c:638:57: warning: passing argument 2 of 'sk_SSL_CIPHER_find' discards 'const' qualifier from pointer target type [-Wdiscarded-qualifiers] modules/ssl/ssl_engine_kernel.c:1039:49: warning: passing argument 2 of 'sk_SSL_CIPHER_find' discards 'const' qualifier from pointer target type [-Wdiscarded-qualifiers] and unit tests show two problems, one will be fixed in OpenSSL itself: - during unit test preparation, our test script create a PKCS12 store with default encoding params. That's known to be broken in alpha5. So the "-configure" step of "t/TEST" should be run before the actual testing with a stable version of OpenSSL. https://github.com/openssl/openssl/pull/12540 https://github.com/openssl/openssl/issues/11672 - independent of OpenSSL 3.0.0: to work around the previous observation I tried using the env var "APACHE_TEST_OPENSSL_CMD". Unfortunately this is slightly broken, because it tests for the existence using the "which" function in TestConfig.pm and that function is broken when used for a command containing a path component. I temporarily fixed it using: @@ -1782,6 +1782,11 @@ return undef unless $program; +# No need to search PATH components +# if $program already contains a path +return $program if !OSX and !WINFU and +$program =~ /\// and -f $program and -x $program; + my @dirs = File::Spec->path(); require Config; - when testing with client >= OpenSSL 1.1.0 against 3.0.0alpha5, only t/ssl/proxy.t shows failures, especially in eat_post but already during TLS handshake: [ssl:info] [pid 9162:tid 140326149928720] [client 127.0.0.1:56312] AH01964: Connection to child 82 established (server localhost:8532) [ssl:info] [pid 9162:tid 140326166714128] [remote 127.0.0.1:8532] AH02276: Certificate Verification: Error (3): unable to get certificate CRL [subject: emailAddress=test-...@httpd.apache.org,CN=localhost,OU=httpd-test/rsa-test,O=ASF,L=San Francisco,ST=California,C=US / issuer: emailAddress=test-...@httpd.apache.org,CN=ca,OU=httpd-test,O=ASF,L=San Francisco,ST=California,C=US / serial: 0C / notbefore: Jul 30 23:29:05 2020 GMT / notafter: Jul 30 23:29:05 2021 GMT] [ssl:info] [pid 9162:tid 140326149928720] [client
Re: First impressions from OpenSSL 3.0.0 and httpd 2.4.45
Sorry, wrong dev list. Am 01.08.2020 um 12:07 schrieb Rainer Jung: Hi there, during release testing for 2.4.45 I also built and tested using OpenSSL 3.0.0alpha5 on the server. Overall first results are pretty good: - a few deprecation warnings during compilation: modules/ssl/ssl_engine_config.c:610:5: warning: 'ENGINE_by_id' is deprecated [-Wdeprecated-declarations] modules/ssl/ssl_engine_config.c:612:9: warning: 'ENGINE_free' is deprecated [-Wdeprecated-declarations] modules/ssl/ssl_engine_config.c:617:9: warning: 'ENGINE_get_first' is deprecated [-Wdeprecated-declarations] modules/ssl/ssl_engine_config.c:619:13: warning: 'ENGINE_get_id' is deprecated [-Wdeprecated-declarations] modules/ssl/ssl_engine_config.c:620:42: warning: 'ENGINE_get_name' is deprecated [-Wdeprecated-declarations] modules/ssl/ssl_engine_config.c:623:13: warning: 'ENGINE_get_next' is deprecated [-Wdeprecated-declarations] modules/ssl/ssl_engine_init.c:457:9: warning: 'ENGINE_by_id' is deprecated [-Wdeprecated-declarations] modules/ssl/ssl_engine_init.c:467:13: warning: 'ENGINE_ctrl' is deprecated [-Wdeprecated-declarations] modules/ssl/ssl_engine_init.c:471:9: warning: 'ENGINE_set_default' is deprecated [-Wdeprecated-declarations] modules/ssl/ssl_engine_init.c:482:9: warning: 'ENGINE_free' is deprecated [-Wdeprecated-declarations] modules/ssl/ssl_engine_kernel.c:2611:9: warning: 'HMAC_Init_ex' is deprecated [-Wdeprecated-declarations] modules/ssl/ssl_engine_kernel.c:2632:9: warning: 'HMAC_Init_ex' is deprecated [-Wdeprecated-declarations] modules/ssl/ssl_engine_log.c:90:5: warning: 'ERR_peek_error_line_data' is deprecated [-Wdeprecated-declarations] modules/ssl/ssl_engine_pphrase.c:856:5: warning: 'ENGINE_by_id' is deprecated [-Wdeprecated-declarations] modules/ssl/ssl_engine_pphrase.c:864:5: warning: 'ENGINE_init' is deprecated [-Wdeprecated-declarations] modules/ssl/ssl_engine_pphrase.c:877:9: warning: 'ENGINE_ctrl_cmd_string' is deprecated [-Wdeprecated-declarations] modules/ssl/ssl_engine_pphrase.c:886:9: warning: 'ENGINE_ctrl_cmd' is deprecated [-Wdeprecated-declarations] modules/ssl/ssl_engine_pphrase.c:896:5: warning: 'ENGINE_load_private_key' is deprecated [-Wdeprecated-declarations] modules/ssl/ssl_engine_pphrase.c:904:5: warning: 'ENGINE_finish' is deprecated [-Wdeprecated-declarations] modules/ssl/ssl_engine_pphrase.c:905:5: warning: 'ENGINE_free' is deprecated [-Wdeprecated-declarations] - a few const warnings modules/ssl/ssl_engine_kernel.c:608:55: warning: passing argument 2 of 'sk_SSL_CIPHER_find' discards 'const' qualifier from pointer target type [-Wdiscarded-qualifiers] modules/ssl/ssl_engine_kernel.c:627:61: warning: passing argument 2 of 'sk_SSL_CIPHER_find' discards 'const' qualifier from pointer target type [-Wdiscarded-qualifiers] modules/ssl/ssl_engine_kernel.c:638:57: warning: passing argument 2 of 'sk_SSL_CIPHER_find' discards 'const' qualifier from pointer target type [-Wdiscarded-qualifiers] modules/ssl/ssl_engine_kernel.c:1039:49: warning: passing argument 2 of 'sk_SSL_CIPHER_find' discards 'const' qualifier from pointer target type [-Wdiscarded-qualifiers] and unit tests show two problems, one will be fixed in OpenSSL itself: - during unit test preparation, our test script create a PKCS12 store with default encoding params. That's known to be broken in alpha5. So the "-configure" step of "t/TEST" should be run before the actual testing with a stable version of OpenSSL. https://github.com/openssl/openssl/pull/12540 https://github.com/openssl/openssl/issues/11672 - independent of OpenSSL 3.0.0: to work around the previous observation I tried using the env var "APACHE_TEST_OPENSSL_CMD". Unfortunately this is slightly broken, because it tests for the existence using the "which" function in TestConfig.pm and that function is broken when used for a command containing a path component. I temporarily fixed it using: @@ -1782,6 +1782,11 @@ return undef unless $program; + # No need to search PATH components + # if $program already contains a path + return $program if !OSX and !WINFU and + $program =~ /\// and -f $program and -x $program; + my @dirs = File::Spec->path(); require Config; - when testing with client >= OpenSSL 1.1.0 against 3.0.0alpha5, only t/ssl/proxy.t shows failures, especially in eat_post but already during TLS handshake: [ssl:info] [pid 9162:tid 140326149928720] [client 127.0.0.1:56312] AH01964: Connection to child 82 established (server localhost:8532) [ssl:info] [pid 9162:tid 140326166714128] [remote 127.0.0.1:8532] AH02276: Certificate Verification: Error (3): unable to get certificate CRL [subject: emailAddress=test-...@httpd.apache.org,CN=localhost,OU=httpd-test/rsa-test,O=ASF,L=San Francisco,ST=California,C=US / issuer: emailAddress=test-...@httpd.apache.org,CN=ca,OU=httpd-test,O=ASF,L=San Francisco,ST=California,C=US / serial: 0C / notbefore: Jul 30 23:29:05 2020 GMT / notafter: Jul 30
Re: First impressions from OpenSSL 3.0.0 and httpd 2.4.45
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Rainer, On 8/1/20 11:44, Rainer Jung wrote: > Sorry, wrong dev list. I thought it was interesting anyway :) How about libtcnative built against OpenSSL 3.0.0? - -chris > Am 01.08.2020 um 12:07 schrieb Rainer Jung: >> Hi there, >> >> during release testing for 2.4.45 I also built and tested using >> OpenSSL 3.0.0alpha5 on the server. Overall first results are >> pretty good: >> >> - a few deprecation warnings during compilation: >> >> modules/ssl/ssl_engine_config.c:610:5: warning: 'ENGINE_by_id' >> is deprecated [-Wdeprecated-declarations] >> modules/ssl/ssl_engine_config.c:612:9: warning: 'ENGINE_free' is >> deprecated [-Wdeprecated-declarations] >> modules/ssl/ssl_engine_config.c:617:9: warning: >> 'ENGINE_get_first' is deprecated [-Wdeprecated-declarations] >> modules/ssl/ssl_engine_config.c:619:13: warning: 'ENGINE_get_id' >> is deprecated [-Wdeprecated-declarations] >> modules/ssl/ssl_engine_config.c:620:42: warning: >> 'ENGINE_get_name' is deprecated [-Wdeprecated-declarations] >> modules/ssl/ssl_engine_config.c:623:13: warning: >> 'ENGINE_get_next' is deprecated [-Wdeprecated-declarations] >> modules/ssl/ssl_engine_init.c:457:9: warning: 'ENGINE_by_id' is >> deprecated [-Wdeprecated-declarations] >> modules/ssl/ssl_engine_init.c:467:13: warning: 'ENGINE_ctrl' is >> deprecated [-Wdeprecated-declarations] >> modules/ssl/ssl_engine_init.c:471:9: warning: >> 'ENGINE_set_default' is deprecated [-Wdeprecated-declarations] >> modules/ssl/ssl_engine_init.c:482:9: warning: 'ENGINE_free' is >> deprecated [-Wdeprecated-declarations] >> modules/ssl/ssl_engine_kernel.c:2611:9: warning: 'HMAC_Init_ex' >> is deprecated [-Wdeprecated-declarations] >> modules/ssl/ssl_engine_kernel.c:2632:9: warning: 'HMAC_Init_ex' >> is deprecated [-Wdeprecated-declarations] >> modules/ssl/ssl_engine_log.c:90:5: warning: >> 'ERR_peek_error_line_data' is deprecated >> [-Wdeprecated-declarations] >> modules/ssl/ssl_engine_pphrase.c:856:5: warning: 'ENGINE_by_id' >> is deprecated [-Wdeprecated-declarations] >> modules/ssl/ssl_engine_pphrase.c:864:5: warning: 'ENGINE_init' >> is deprecated [-Wdeprecated-declarations] >> modules/ssl/ssl_engine_pphrase.c:877:9: warning: >> 'ENGINE_ctrl_cmd_string' is deprecated >> [-Wdeprecated-declarations] >> modules/ssl/ssl_engine_pphrase.c:886:9: warning: >> 'ENGINE_ctrl_cmd' is deprecated [-Wdeprecated-declarations] >> modules/ssl/ssl_engine_pphrase.c:896:5: warning: >> 'ENGINE_load_private_key' is deprecated >> [-Wdeprecated-declarations] >> modules/ssl/ssl_engine_pphrase.c:904:5: warning: 'ENGINE_finish' >> is deprecated [-Wdeprecated-declarations] >> modules/ssl/ssl_engine_pphrase.c:905:5: warning: 'ENGINE_free' >> is deprecated [-Wdeprecated-declarations] >> >> - a few const warnings >> >> modules/ssl/ssl_engine_kernel.c:608:55: warning: passing argument >> 2 of 'sk_SSL_CIPHER_find' discards 'const' qualifier from pointer >> target type [-Wdiscarded-qualifiers] >> modules/ssl/ssl_engine_kernel.c:627:61: warning: passing argument >> 2 of 'sk_SSL_CIPHER_find' discards 'const' qualifier from pointer >> target type [-Wdiscarded-qualifiers] >> modules/ssl/ssl_engine_kernel.c:638:57: warning: passing argument >> 2 of 'sk_SSL_CIPHER_find' discards 'const' qualifier from pointer >> target type [-Wdiscarded-qualifiers] >> modules/ssl/ssl_engine_kernel.c:1039:49: warning: passing >> argument 2 of 'sk_SSL_CIPHER_find' discards 'const' qualifier >> from pointer target type [-Wdiscarded-qualifiers] >> >> and unit tests show two problems, one will be fixed in OpenSSL >> itself: >> >> - during unit test preparation, our test script create a PKCS12 >> store with default encoding params. That's known to be broken in >> alpha5. So the "-configure" step of "t/TEST" should be run before >> the actual testing with a stable version of OpenSSL. >> https://github.com/openssl/openssl/pull/12540 >> https://github.com/openssl/openssl/issues/11672 >> >> - independent of OpenSSL 3.0.0: to work around the previous >> observation I tried using the env var "APACHE_TEST_OPENSSL_CMD". >> Unfortunately this is slightly broken, because it tests for the >> existence using the "which" function in TestConfig.pm and that >> function is broken when used for a command containing a path >> component. I temporarily fixed it using: >> >> @@ -1782,6 +1782,11 @@ >> >> return undef unless $program; >> >> +# No need to search PATH components +# if $program >> already contains a path +return $program if !OSX and !WINFU >> and +$program =~ /\// and -f $program and -x $program; + >> my @dirs = File::Spec->path(); >> >> require Config; >> >> >> - when testing with client >= OpenSSL 1.1.0 against 3.0.0alpha5, >> only t/ssl/proxy.t shows failures, especially in eat_post but >> already during TLS handshake: >> >> [ssl:info] [pid 9162:tid 140326149928720] [client >> 127.0.0.1:56312] AH01964: Connection to child 82 established >> (server localhost:8532) >> >> [ssl:info] [pid 9162:
