Re: Tomcat Native 2.0 Update
On 30/05/2022 20:05, Rémy Maucherat wrote: On Mon, May 30, 2022 at 6:49 PM Mark Thomas wrote: Hi all, I have made some progress. I have a trimmed down Tomcat Native 2.0 built with OpenSSL 3.0 working locally with Tomcat 10.1.x. I also have it working with the OpenSSL 3 FIPS provider. I have also been thinking about Tomcat Native 1.2.x and 2.0.x interoperability. Since Native 2.0 is mostly (apart from one new FIPS method) a subset of Native 1.2 it should be relatively easy for 10.1.x to work with Native 2.0.x or 1.2.x. Allowing Native 1.2.x use with Tomcat 10.1.x should make it easier on downstream distributions as it removes the need for them to update to APR 1.7.x and OpenSSL 3.0.x Getting 10.0.x and earlier working with Native 2.0.x is a little trickier although it doable if the limits are: - No APR/Native connector - No application usage of o.a.t.u.jni (as most of the native code is removed) Enabling Native 2.0.x use with Tomcat 10.0.x and earlier opens up the possibility of OpenSSL FIPS that doesn't depend on an unsupported version of OpenSSL. I am currently thinking along the following lines: - release Tomcat Native 1.2.34 that includes: - refactoring the caching of the FileInfo and Sockaddr classes so that are only cached if used - any additional refactoring to allow Native 1.2.x to be used in Tomcat 10.1.x with all the deprecated code removed - make Tomcat Native 1.2.34 the minimum required Tomcat Native version for Tomcat 10.1.x - release Tomcat Native 2.0.0 - make Tomcat Native 2.0.0 the minimum recommended Tomcat Native version for Tomcat 10.1.x - updates as required to Tomcat Native 1.2.x, 2.0.x and Tomcat <=10.0.x to allow Tomcat Native 2.0.x to be used (reasonably) safely with Tomcat <=10.0.x My plan is to do most of this work locally to make sure I haven't missed anything and then start committing and releasing in the order above. Sounds great. Any subtask for me or do you prefer doing it alone ? Thanks for the offer of help. I have a lot of the above ready locally already and everything is inter-related making it hard to extract independent sub-tasks. With all the inter-dependencies I might miss something so if you could keep that in mind when reviewing my commits that would be helpful. The tasks below, particularly the first and third, are largely independent. If you have time to look at either of those that would be great. I'll try and commit the bulk of the initial changes for Tomcat Native 2.0.x today. Thanks, Mark Additional tasks that don't have the any ordering dependencies (that I can think of) include: - update the Tomcat Native 2.0.x code not to use any of the deprecated OpenSSL APIs - when in FIPS required mode, consider checking individually negotiated ciphers are from the FIPS provider in case the user has multiple providers configured - Get LibreSSL fully working (my understanding that may be wrong is that it isn't currently working) Rémy Mark - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 10.0.x updated: Javadoc clean-up including removing @author tag
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 10.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/10.0.x by this push:
new 66969eaf73 Javadoc clean-up including removing @author tag
66969eaf73 is described below
commit 66969eaf73ed73fb90990d0a5440025b0973d35b
Author: Mark Thomas
AuthorDate: Wed May 25 09:05:49 2022 +0100
Javadoc clean-up including removing @author tag
---
java/org/apache/tomcat/jni/Buffer.java | 8 +---
java/org/apache/tomcat/jni/Pool.java | 20 +++-
2 files changed, 16 insertions(+), 12 deletions(-)
diff --git a/java/org/apache/tomcat/jni/Buffer.java
b/java/org/apache/tomcat/jni/Buffer.java
index 2645666357..a9d29edb1e 100644
--- a/java/org/apache/tomcat/jni/Buffer.java
+++ b/java/org/apache/tomcat/jni/Buffer.java
@@ -18,9 +18,9 @@ package org.apache.tomcat.jni;
import java.nio.ByteBuffer;
-/** Buffer
- *
- * @author Mladen Turk
+/**
+ * Provides utilities related to the use of directly allocated
+ * {@link ByteBuffer} instances with native code.
*/
public class Buffer {
@@ -93,7 +93,9 @@ public class Buffer {
/**
* Returns the memory address of the ByteBuffer.
+ *
* @param buf Previously allocated ByteBuffer.
+ *
* @return the memory address
*/
public static native long address(ByteBuffer buf);
diff --git a/java/org/apache/tomcat/jni/Pool.java
b/java/org/apache/tomcat/jni/Pool.java
index e3741f5cff..3668a508b9 100644
--- a/java/org/apache/tomcat/jni/Pool.java
+++ b/java/org/apache/tomcat/jni/Pool.java
@@ -18,18 +18,20 @@ package org.apache.tomcat.jni;
import java.nio.ByteBuffer;
-/** Pool
- *
- * @author Mladen Turk
+/**
+ * Provides access to APR memory pools which are used to manage memory
+ * allocations for natively created instances.
*/
public class Pool {
/**
* Create a new pool.
- * @param parent The parent pool. If this is 0, the new pool is a root
- * pool. If it is non-zero, the new pool will inherit all
- * of its parent pool's attributes, except the apr_pool_t will
- * be a sub-pool.
+ *
+ * @param parent The parent pool. If this is 0, the new pool is a root
pool.
+ * If it is non-zero, the new pool will inherit all of its
+ * parent pool's attributes, except the apr_pool_t will be a
+ * sub-pool.
+ *
* @return The pool we have just created.
*/
public static native long create(long parent);
@@ -48,8 +50,8 @@ public class Pool {
/**
* Destroy the pool. This takes similar action as apr_pool_clear() and then
- * frees all the memory.
- * This will actually free the memory
+ * frees all the memory. This will actually free the memory.
+ *
* @param pool The pool to destroy
*/
public static native void destroy(long pool);
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 9.0.x updated: Javadoc clean-up including removing @author tag
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/9.0.x by this push:
new 29666c6f2c Javadoc clean-up including removing @author tag
29666c6f2c is described below
commit 29666c6f2c6f79d0296b5ba4b6b2be739defd4c2
Author: Mark Thomas
AuthorDate: Wed May 25 09:05:49 2022 +0100
Javadoc clean-up including removing @author tag
---
java/org/apache/tomcat/jni/Buffer.java | 8 +---
java/org/apache/tomcat/jni/Pool.java | 20 +++-
2 files changed, 16 insertions(+), 12 deletions(-)
diff --git a/java/org/apache/tomcat/jni/Buffer.java
b/java/org/apache/tomcat/jni/Buffer.java
index 2645666357..a9d29edb1e 100644
--- a/java/org/apache/tomcat/jni/Buffer.java
+++ b/java/org/apache/tomcat/jni/Buffer.java
@@ -18,9 +18,9 @@ package org.apache.tomcat.jni;
import java.nio.ByteBuffer;
-/** Buffer
- *
- * @author Mladen Turk
+/**
+ * Provides utilities related to the use of directly allocated
+ * {@link ByteBuffer} instances with native code.
*/
public class Buffer {
@@ -93,7 +93,9 @@ public class Buffer {
/**
* Returns the memory address of the ByteBuffer.
+ *
* @param buf Previously allocated ByteBuffer.
+ *
* @return the memory address
*/
public static native long address(ByteBuffer buf);
diff --git a/java/org/apache/tomcat/jni/Pool.java
b/java/org/apache/tomcat/jni/Pool.java
index e3741f5cff..3668a508b9 100644
--- a/java/org/apache/tomcat/jni/Pool.java
+++ b/java/org/apache/tomcat/jni/Pool.java
@@ -18,18 +18,20 @@ package org.apache.tomcat.jni;
import java.nio.ByteBuffer;
-/** Pool
- *
- * @author Mladen Turk
+/**
+ * Provides access to APR memory pools which are used to manage memory
+ * allocations for natively created instances.
*/
public class Pool {
/**
* Create a new pool.
- * @param parent The parent pool. If this is 0, the new pool is a root
- * pool. If it is non-zero, the new pool will inherit all
- * of its parent pool's attributes, except the apr_pool_t will
- * be a sub-pool.
+ *
+ * @param parent The parent pool. If this is 0, the new pool is a root
pool.
+ * If it is non-zero, the new pool will inherit all of its
+ * parent pool's attributes, except the apr_pool_t will be a
+ * sub-pool.
+ *
* @return The pool we have just created.
*/
public static native long create(long parent);
@@ -48,8 +50,8 @@ public class Pool {
/**
* Destroy the pool. This takes similar action as apr_pool_clear() and then
- * frees all the memory.
- * This will actually free the memory
+ * frees all the memory. This will actually free the memory.
+ *
* @param pool The pool to destroy
*/
public static native void destroy(long pool);
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 8.5.x updated: Javadoc clean-up including removing @author tag
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/8.5.x by this push:
new f9e2c8d6e1 Javadoc clean-up including removing @author tag
f9e2c8d6e1 is described below
commit f9e2c8d6e17f8372d9caa8c1ba9a372af093d916
Author: Mark Thomas
AuthorDate: Wed May 25 09:05:49 2022 +0100
Javadoc clean-up including removing @author tag
---
java/org/apache/tomcat/jni/Buffer.java | 8 +---
java/org/apache/tomcat/jni/Pool.java | 20 +++-
2 files changed, 16 insertions(+), 12 deletions(-)
diff --git a/java/org/apache/tomcat/jni/Buffer.java
b/java/org/apache/tomcat/jni/Buffer.java
index 2645666357..a9d29edb1e 100644
--- a/java/org/apache/tomcat/jni/Buffer.java
+++ b/java/org/apache/tomcat/jni/Buffer.java
@@ -18,9 +18,9 @@ package org.apache.tomcat.jni;
import java.nio.ByteBuffer;
-/** Buffer
- *
- * @author Mladen Turk
+/**
+ * Provides utilities related to the use of directly allocated
+ * {@link ByteBuffer} instances with native code.
*/
public class Buffer {
@@ -93,7 +93,9 @@ public class Buffer {
/**
* Returns the memory address of the ByteBuffer.
+ *
* @param buf Previously allocated ByteBuffer.
+ *
* @return the memory address
*/
public static native long address(ByteBuffer buf);
diff --git a/java/org/apache/tomcat/jni/Pool.java
b/java/org/apache/tomcat/jni/Pool.java
index e3741f5cff..3668a508b9 100644
--- a/java/org/apache/tomcat/jni/Pool.java
+++ b/java/org/apache/tomcat/jni/Pool.java
@@ -18,18 +18,20 @@ package org.apache.tomcat.jni;
import java.nio.ByteBuffer;
-/** Pool
- *
- * @author Mladen Turk
+/**
+ * Provides access to APR memory pools which are used to manage memory
+ * allocations for natively created instances.
*/
public class Pool {
/**
* Create a new pool.
- * @param parent The parent pool. If this is 0, the new pool is a root
- * pool. If it is non-zero, the new pool will inherit all
- * of its parent pool's attributes, except the apr_pool_t will
- * be a sub-pool.
+ *
+ * @param parent The parent pool. If this is 0, the new pool is a root
pool.
+ * If it is non-zero, the new pool will inherit all of its
+ * parent pool's attributes, except the apr_pool_t will be a
+ * sub-pool.
+ *
* @return The pool we have just created.
*/
public static native long create(long parent);
@@ -48,8 +50,8 @@ public class Pool {
/**
* Destroy the pool. This takes similar action as apr_pool_clear() and then
- * frees all the memory.
- * This will actually free the memory
+ * frees all the memory. This will actually free the memory.
+ *
* @param pool The pool to destroy
*/
public static native void destroy(long pool);
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch main updated: Javadoc clean-up including removing @author tag
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/main by this push:
new b685d84874 Javadoc clean-up including removing @author tag
b685d84874 is described below
commit b685d8487483c726eedb1aa3e8b009c166c4bf45
Author: Mark Thomas
AuthorDate: Wed May 25 09:05:49 2022 +0100
Javadoc clean-up including removing @author tag
---
java/org/apache/tomcat/jni/Buffer.java | 8 +---
java/org/apache/tomcat/jni/Pool.java | 20 +++-
2 files changed, 16 insertions(+), 12 deletions(-)
diff --git a/java/org/apache/tomcat/jni/Buffer.java
b/java/org/apache/tomcat/jni/Buffer.java
index 2645666357..a9d29edb1e 100644
--- a/java/org/apache/tomcat/jni/Buffer.java
+++ b/java/org/apache/tomcat/jni/Buffer.java
@@ -18,9 +18,9 @@ package org.apache.tomcat.jni;
import java.nio.ByteBuffer;
-/** Buffer
- *
- * @author Mladen Turk
+/**
+ * Provides utilities related to the use of directly allocated
+ * {@link ByteBuffer} instances with native code.
*/
public class Buffer {
@@ -93,7 +93,9 @@ public class Buffer {
/**
* Returns the memory address of the ByteBuffer.
+ *
* @param buf Previously allocated ByteBuffer.
+ *
* @return the memory address
*/
public static native long address(ByteBuffer buf);
diff --git a/java/org/apache/tomcat/jni/Pool.java
b/java/org/apache/tomcat/jni/Pool.java
index e3741f5cff..3668a508b9 100644
--- a/java/org/apache/tomcat/jni/Pool.java
+++ b/java/org/apache/tomcat/jni/Pool.java
@@ -18,18 +18,20 @@ package org.apache.tomcat.jni;
import java.nio.ByteBuffer;
-/** Pool
- *
- * @author Mladen Turk
+/**
+ * Provides access to APR memory pools which are used to manage memory
+ * allocations for natively created instances.
*/
public class Pool {
/**
* Create a new pool.
- * @param parent The parent pool. If this is 0, the new pool is a root
- * pool. If it is non-zero, the new pool will inherit all
- * of its parent pool's attributes, except the apr_pool_t will
- * be a sub-pool.
+ *
+ * @param parent The parent pool. If this is 0, the new pool is a root
pool.
+ * If it is non-zero, the new pool will inherit all of its
+ * parent pool's attributes, except the apr_pool_t will be a
+ * sub-pool.
+ *
* @return The pool we have just created.
*/
public static native long create(long parent);
@@ -48,8 +50,8 @@ public class Pool {
/**
* Destroy the pool. This takes similar action as apr_pool_clear() and then
- * frees all the memory.
- * This will actually free the memory
+ * frees all the memory. This will actually free the memory.
+ *
* @param pool The pool to destroy
*/
public static native void destroy(long pool);
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat-native] branch main updated: Fix typo
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/tomcat-native.git The following commit(s) were added to refs/heads/main by this push: new 92828ca3a Fix typo 92828ca3a is described below commit 92828ca3a4f0734efbaddcf680dc88b0b1ec65fc Author: Mark Thomas AuthorDate: Tue May 31 09:22:42 2022 +0100 Fix typo --- native/src/pool.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/native/src/pool.c b/native/src/pool.c index 83c449449..901ed0206 100644 --- a/native/src/pool.c +++ b/native/src/pool.c @@ -42,7 +42,7 @@ TCN_IMPLEMENT_CALL(jlong, Pool, create)(TCN_STDARGS, jlong parent) apr_pool_t *n; UNREFERENCED(o); -/* Make sure our global pool is accessor for all pools */ +/* Make sure our global pool is ancestor for all pools */ if (p == NULL) p = tcn_global_pool; TCN_THROW_IF_ERR(apr_pool_create(&n, p), n); - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat-native] branch 1.2.x updated: Fix typo
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch 1.2.x in repository https://gitbox.apache.org/repos/asf/tomcat-native.git The following commit(s) were added to refs/heads/1.2.x by this push: new 9bbfb9231 Fix typo 9bbfb9231 is described below commit 9bbfb9231b8c2fe2c2b719fb325653c095a48260 Author: Mark Thomas AuthorDate: Tue May 31 09:22:42 2022 +0100 Fix typo --- native/src/pool.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/native/src/pool.c b/native/src/pool.c index 83c449449..901ed0206 100644 --- a/native/src/pool.c +++ b/native/src/pool.c @@ -42,7 +42,7 @@ TCN_IMPLEMENT_CALL(jlong, Pool, create)(TCN_STDARGS, jlong parent) apr_pool_t *n; UNREFERENCED(o); -/* Make sure our global pool is accessor for all pools */ +/* Make sure our global pool is ancestor for all pools */ if (p == NULL) p = tcn_global_pool; TCN_THROW_IF_ERR(apr_pool_create(&n, p), n); - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: Tomcat Native 2.0 Update
On Tue, May 31, 2022 at 9:46 AM Mark Thomas wrote: > > On 30/05/2022 20:05, Rémy Maucherat wrote: > > On Mon, May 30, 2022 at 6:49 PM Mark Thomas wrote: > >> > >> Hi all, > >> > >> I have made some progress. I have a trimmed down Tomcat Native 2.0 built > >> with OpenSSL 3.0 working locally with Tomcat 10.1.x. I also have it > >> working with the OpenSSL 3 FIPS provider. > >> > >> I have also been thinking about Tomcat Native 1.2.x and 2.0.x > >> interoperability. > >> > >> Since Native 2.0 is mostly (apart from one new FIPS method) a subset of > >> Native 1.2 it should be relatively easy for 10.1.x to work with Native > >> 2.0.x or 1.2.x. > >> > >> Allowing Native 1.2.x use with Tomcat 10.1.x should make it easier on > >> downstream distributions as it removes the need for them to update to > >> APR 1.7.x and OpenSSL 3.0.x > >> > >> Getting 10.0.x and earlier working with Native 2.0.x is a little > >> trickier although it doable if the limits are: > >> - No APR/Native connector > >> - No application usage of o.a.t.u.jni (as most of the native code is > >> removed) > >> > >> Enabling Native 2.0.x use with Tomcat 10.0.x and earlier opens up the > >> possibility of OpenSSL FIPS that doesn't depend on an unsupported > >> version of OpenSSL. > >> > >> I am currently thinking along the following lines: > >> > >> - release Tomcat Native 1.2.34 that includes: > >> - refactoring the caching of the FileInfo and Sockaddr classes so > >> that are only cached if used > >> - any additional refactoring to allow Native 1.2.x to be used in > >> Tomcat 10.1.x with all the deprecated code removed > >> > >> - make Tomcat Native 1.2.34 the minimum required Tomcat Native version > >> for Tomcat 10.1.x > >> > >> - release Tomcat Native 2.0.0 > >> > >> - make Tomcat Native 2.0.0 the minimum recommended Tomcat Native > >> version for Tomcat 10.1.x > >> > >> - updates as required to Tomcat Native 1.2.x, 2.0.x and Tomcat > >> <=10.0.x to allow Tomcat Native 2.0.x to be used (reasonably) safely > >> with Tomcat <=10.0.x > >> > >> My plan is to do most of this work locally to make sure I haven't missed > >> anything and then start committing and releasing in the order above. > > > > Sounds great. Any subtask for me or do you prefer doing it alone ? > > Thanks for the offer of help. > > I have a lot of the above ready locally already and everything is > inter-related making it hard to extract independent sub-tasks. With all > the inter-dependencies I might miss something so if you could keep that > in mind when reviewing my commits that would be helpful. > > The tasks below, particularly the first and third, are largely > independent. If you have time to look at either of those that would be > great. I'll try and commit the bulk of the initial changes for Tomcat > Native 2.0.x today. Ok ! About the first item, I don't recall any deprecated call being used for the OpenSSL 3.0 code path when I converted to Panama, but I will review again. About LibreSSL, it is not a good target for the Panama code. First reason is without ifdef then it makes things more complex. Second reason is possible use of extra APIs that would be only in OpenSSL (for example if they ever add the promised high level API for QUIC support). Rémy > Thanks, > > Mark > > >> Additional tasks that don't have the any ordering dependencies (that I > >> can think of) include: > >> > >> - update the Tomcat Native 2.0.x code not to use any of the deprecated > >> OpenSSL APIs > >> > >> - when in FIPS required mode, consider checking individually negotiated > >> ciphers are from the FIPS provider in case the user has multiple > >> providers configured > >> > >> - Get LibreSSL fully working (my understanding that may be wrong is that > >> it isn't currently working) > > > > Rémy > > > >> Mark > >> > >> - > >> To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org > >> For additional commands, e-mail: dev-h...@tomcat.apache.org > >> > > > > - > > To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org > > For additional commands, e-mail: dev-h...@tomcat.apache.org > > > > - > To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org > For additional commands, e-mail: dev-h...@tomcat.apache.org > - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] 02/02: Remove NPN support
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git
commit ca0a1b2f9d3bf773b5c28a0457bd1d9e78785728
Author: Mark Thomas
AuthorDate: Wed May 25 15:56:00 2022 +0100
Remove NPN support
---
java/org/apache/tomcat/jni/SSL.java| 10 --
java/org/apache/tomcat/jni/SSLContext.java | 24
2 files changed, 34 deletions(-)
diff --git a/java/org/apache/tomcat/jni/SSL.java
b/java/org/apache/tomcat/jni/SSL.java
index 652921bf6f..a66789bb6d 100644
--- a/java/org/apache/tomcat/jni/SSL.java
+++ b/java/org/apache/tomcat/jni/SSL.java
@@ -630,16 +630,6 @@ public final class SSL {
*/
public static native int isInInit(long ssl);
-/**
- * SSL_get0_next_proto_negotiated
- * @param ssl the SSL instance (SSL *)
- * @return the NPN protocol negotiated
- *
- * @deprecated Unused. Will be removed in Tomcat 10.1.x
- */
-@Deprecated
-public static native String getNextProtoNegotiated(long ssl);
-
/*
* End Twitter API Additions
*/
diff --git a/java/org/apache/tomcat/jni/SSLContext.java
b/java/org/apache/tomcat/jni/SSLContext.java
index 1363aeaf4b..58e45897e7 100644
--- a/java/org/apache/tomcat/jni/SSLContext.java
+++ b/java/org/apache/tomcat/jni/SSLContext.java
@@ -514,30 +514,6 @@ public final class SSLContext {
*/
public static native void setCertVerifyCallback(long ctx,
CertificateVerifier verifier);
-/**
- * Set next protocol for next protocol negotiation extension
- * @param ctx Server context to use.
- * @param nextProtos comma delimited list of protocols in priority order
- *
- * @deprecated use {@link #setNpnProtos(long, String[], int)}
- */
-@Deprecated
-public static void setNextProtos(long ctx, String nextProtos) {
-setNpnProtos(ctx, nextProtos.split(","),
SSL.SSL_SELECTOR_FAILURE_CHOOSE_MY_LAST_PROTOCOL);
-}
-
-/**
- * Set next protocol for next protocol negotiation extension
- * @param ctx Server context to use.
- * @param nextProtos protocols in priority order
- * @param selectorFailureBehavior see {@link
SSL#SSL_SELECTOR_FAILURE_NO_ADVERTISE}
- *and {@link
SSL#SSL_SELECTOR_FAILURE_CHOOSE_MY_LAST_PROTOCOL}
- *
- * @deprecated Unused. Will be removed in Tomcat 10.1.x
- */
-@Deprecated
-public static native void setNpnProtos(long ctx, String[] nextProtos, int
selectorFailureBehavior);
-
/**
* Set application layer protocol for application layer protocol
negotiation extension
* @param ctx Server context to use.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch main updated (b685d84874 -> ca0a1b2f9d)
This is an automated email from the ASF dual-hosted git repository. markt pushed a change to branch main in repository https://gitbox.apache.org/repos/asf/tomcat.git from b685d84874 Javadoc clean-up including removing @author tag new b86f4c1f3a Remove NPN when using Tomcat Native new ca0a1b2f9d Remove NPN support The 2 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "add" were already present in the repository and have only been added to this reference. Summary of changes: java/org/apache/tomcat/jni/SSL.java | 7 --- java/org/apache/tomcat/jni/SSLContext.java | 21 - .../tomcat/util/net/openssl/OpenSSLContext.java | 1 - .../tomcat/util/net/openssl/OpenSSLEngine.java | 15 +-- webapps/docs/changelog.xml | 5 + 5 files changed, 6 insertions(+), 43 deletions(-) - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] 01/02: Remove NPN when using Tomcat Native
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git
commit b86f4c1f3ad50a303104bfdc59576638049e56fe
Author: Mark Thomas
AuthorDate: Tue May 31 09:36:30 2022 +0100
Remove NPN when using Tomcat Native
---
java/org/apache/tomcat/jni/SSL.java | 3 +++
java/org/apache/tomcat/jni/SSLContext.java| 3 +++
.../apache/tomcat/util/net/openssl/OpenSSLContext.java| 1 -
.../org/apache/tomcat/util/net/openssl/OpenSSLEngine.java | 15 +--
webapps/docs/changelog.xml| 5 +
5 files changed, 12 insertions(+), 15 deletions(-)
diff --git a/java/org/apache/tomcat/jni/SSL.java
b/java/org/apache/tomcat/jni/SSL.java
index 797df5293e..652921bf6f 100644
--- a/java/org/apache/tomcat/jni/SSL.java
+++ b/java/org/apache/tomcat/jni/SSL.java
@@ -634,7 +634,10 @@ public final class SSL {
* SSL_get0_next_proto_negotiated
* @param ssl the SSL instance (SSL *)
* @return the NPN protocol negotiated
+ *
+ * @deprecated Unused. Will be removed in Tomcat 10.1.x
*/
+@Deprecated
public static native String getNextProtoNegotiated(long ssl);
/*
diff --git a/java/org/apache/tomcat/jni/SSLContext.java
b/java/org/apache/tomcat/jni/SSLContext.java
index bb258e7a3a..1363aeaf4b 100644
--- a/java/org/apache/tomcat/jni/SSLContext.java
+++ b/java/org/apache/tomcat/jni/SSLContext.java
@@ -532,7 +532,10 @@ public final class SSLContext {
* @param nextProtos protocols in priority order
* @param selectorFailureBehavior see {@link
SSL#SSL_SELECTOR_FAILURE_NO_ADVERTISE}
*and {@link
SSL#SSL_SELECTOR_FAILURE_CHOOSE_MY_LAST_PROTOCOL}
+ *
+ * @deprecated Unused. Will be removed in Tomcat 10.1.x
*/
+@Deprecated
public static native void setNpnProtos(long ctx, String[] nextProtos, int
selectorFailureBehavior);
/**
diff --git a/java/org/apache/tomcat/util/net/openssl/OpenSSLContext.java
b/java/org/apache/tomcat/util/net/openssl/OpenSSLContext.java
index eb5056e0c3..9f09959e7a 100644
--- a/java/org/apache/tomcat/util/net/openssl/OpenSSLContext.java
+++ b/java/org/apache/tomcat/util/net/openssl/OpenSSLContext.java
@@ -392,7 +392,6 @@ public class OpenSSLContext implements
org.apache.tomcat.util.net.SSLContext {
protocols.add("http/1.1");
String[] protocolsArray = protocols.toArray(new String[0]);
SSLContext.setAlpnProtos(state.ctx, protocolsArray,
SSL.SSL_SELECTOR_FAILURE_NO_ADVERTISE);
-SSLContext.setNpnProtos(state.ctx, protocolsArray,
SSL.SSL_SELECTOR_FAILURE_NO_ADVERTISE);
}
// Apply OpenSSLConfCmd if used
diff --git a/java/org/apache/tomcat/util/net/openssl/OpenSSLEngine.java
b/java/org/apache/tomcat/util/net/openssl/OpenSSLEngine.java
index ed48e7afed..9fe686785e 100644
--- a/java/org/apache/tomcat/util/net/openssl/OpenSSLEngine.java
+++ b/java/org/apache/tomcat/util/net/openssl/OpenSSLEngine.java
@@ -931,9 +931,6 @@ public final class OpenSSLEngine extends SSLEngine
implements SSLUtil.ProtocolIn
} else {
if (alpn) {
selectedProtocol = SSL.getAlpnSelected(state.ssl);
-if (selectedProtocol == null) {
-selectedProtocol = SSL.getNextProtoNegotiated(state.ssl);
-}
}
session.lastAccessedTime = System.currentTimeMillis();
// if SSL_do_handshake returns > 0 it means the handshake was
finished. This means we can update
@@ -1069,9 +1066,6 @@ public final class OpenSSLEngine extends SSLEngine
implements SSLUtil.ProtocolIn
(SSL.getPostHandshakeAuthInProgress(state.ssl) == 0)) {
if (alpn) {
selectedProtocol = SSL.getAlpnSelected(state.ssl);
-if (selectedProtocol == null) {
-selectedProtocol =
SSL.getNextProtoNegotiated(state.ssl);
-}
}
session.lastAccessedTime = System.currentTimeMillis();
version = SSL.getVersion(state.ssl);
@@ -1416,14 +1410,7 @@ public final class OpenSSLEngine extends SSLEngine
implements SSLUtil.ProtocolIn
public String getProtocol() {
String applicationProtocol =
OpenSSLEngine.this.applicationProtocol;
if (applicationProtocol == null) {
-synchronized (OpenSSLEngine.this) {
-if (!destroyed) {
-applicationProtocol =
SSL.getNextProtoNegotiated(state.ssl);
-}
-}
-if (applicationProtocol == null) {
-applicationProtocol = fallbackApplicationProtocol;
-}
+applicationProtocol = fallbackApplicationProtocol;
[tomcat] branch 10.0.x updated: Remove NPN when using Tomcat Native
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 10.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/10.0.x by this push:
new 70f0a9b198 Remove NPN when using Tomcat Native
70f0a9b198 is described below
commit 70f0a9b198f5fe5fab6480a2da2067aff700b3f2
Author: Mark Thomas
AuthorDate: Tue May 31 09:36:30 2022 +0100
Remove NPN when using Tomcat Native
---
java/org/apache/tomcat/jni/SSL.java | 3 +++
java/org/apache/tomcat/jni/SSLContext.java| 3 +++
.../apache/tomcat/util/net/openssl/OpenSSLContext.java| 1 -
.../org/apache/tomcat/util/net/openssl/OpenSSLEngine.java | 15 +--
webapps/docs/changelog.xml| 5 +
5 files changed, 12 insertions(+), 15 deletions(-)
diff --git a/java/org/apache/tomcat/jni/SSL.java
b/java/org/apache/tomcat/jni/SSL.java
index 797df5293e..652921bf6f 100644
--- a/java/org/apache/tomcat/jni/SSL.java
+++ b/java/org/apache/tomcat/jni/SSL.java
@@ -634,7 +634,10 @@ public final class SSL {
* SSL_get0_next_proto_negotiated
* @param ssl the SSL instance (SSL *)
* @return the NPN protocol negotiated
+ *
+ * @deprecated Unused. Will be removed in Tomcat 10.1.x
*/
+@Deprecated
public static native String getNextProtoNegotiated(long ssl);
/*
diff --git a/java/org/apache/tomcat/jni/SSLContext.java
b/java/org/apache/tomcat/jni/SSLContext.java
index bb258e7a3a..1363aeaf4b 100644
--- a/java/org/apache/tomcat/jni/SSLContext.java
+++ b/java/org/apache/tomcat/jni/SSLContext.java
@@ -532,7 +532,10 @@ public final class SSLContext {
* @param nextProtos protocols in priority order
* @param selectorFailureBehavior see {@link
SSL#SSL_SELECTOR_FAILURE_NO_ADVERTISE}
*and {@link
SSL#SSL_SELECTOR_FAILURE_CHOOSE_MY_LAST_PROTOCOL}
+ *
+ * @deprecated Unused. Will be removed in Tomcat 10.1.x
*/
+@Deprecated
public static native void setNpnProtos(long ctx, String[] nextProtos, int
selectorFailureBehavior);
/**
diff --git a/java/org/apache/tomcat/util/net/openssl/OpenSSLContext.java
b/java/org/apache/tomcat/util/net/openssl/OpenSSLContext.java
index ed0b5afc65..4882a65304 100644
--- a/java/org/apache/tomcat/util/net/openssl/OpenSSLContext.java
+++ b/java/org/apache/tomcat/util/net/openssl/OpenSSLContext.java
@@ -390,7 +390,6 @@ public class OpenSSLContext implements
org.apache.tomcat.util.net.SSLContext {
protocols.add("http/1.1");
String[] protocolsArray = protocols.toArray(new String[0]);
SSLContext.setAlpnProtos(ctx, protocolsArray,
SSL.SSL_SELECTOR_FAILURE_NO_ADVERTISE);
-SSLContext.setNpnProtos(ctx, protocolsArray,
SSL.SSL_SELECTOR_FAILURE_NO_ADVERTISE);
}
// Apply OpenSSLConfCmd if used
diff --git a/java/org/apache/tomcat/util/net/openssl/OpenSSLEngine.java
b/java/org/apache/tomcat/util/net/openssl/OpenSSLEngine.java
index 0a9b4637be..172c6fc366 100644
--- a/java/org/apache/tomcat/util/net/openssl/OpenSSLEngine.java
+++ b/java/org/apache/tomcat/util/net/openssl/OpenSSLEngine.java
@@ -931,9 +931,6 @@ public final class OpenSSLEngine extends SSLEngine
implements SSLUtil.ProtocolIn
} else {
if (alpn) {
selectedProtocol = SSL.getAlpnSelected(ssl);
-if (selectedProtocol == null) {
-selectedProtocol = SSL.getNextProtoNegotiated(ssl);
-}
}
session.lastAccessedTime = System.currentTimeMillis();
// if SSL_do_handshake returns > 0 it means the handshake was
finished. This means we can update
@@ -1069,9 +1066,6 @@ public final class OpenSSLEngine extends SSLEngine
implements SSLUtil.ProtocolIn
(SSL.getPostHandshakeAuthInProgress(ssl) == 0)) {
if (alpn) {
selectedProtocol = SSL.getAlpnSelected(ssl);
-if (selectedProtocol == null) {
-selectedProtocol = SSL.getNextProtoNegotiated(ssl);
-}
}
session.lastAccessedTime = System.currentTimeMillis();
version = SSL.getVersion(ssl);
@@ -1422,14 +1416,7 @@ public final class OpenSSLEngine extends SSLEngine
implements SSLUtil.ProtocolIn
public String getProtocol() {
String applicationProtocol =
OpenSSLEngine.this.applicationProtocol;
if (applicationProtocol == null) {
-synchronized (OpenSSLEngine.this) {
-if (!destroyed) {
-applicationProtocol = SSL.getNextProtoNegotiated(ssl);
-}
-}
-if (applicationProtocol == null) {
-applicationProtocol = fallbackApplicationProtocol;
[tomcat] branch 9.0.x updated: Remove NPN when using Tomcat Native
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/9.0.x by this push:
new 9d0762e6c0 Remove NPN when using Tomcat Native
9d0762e6c0 is described below
commit 9d0762e6c0a22d2a07e2e674c8ed282191a4f6f2
Author: Mark Thomas
AuthorDate: Tue May 31 09:36:30 2022 +0100
Remove NPN when using Tomcat Native
---
java/org/apache/tomcat/jni/SSL.java | 3 +++
java/org/apache/tomcat/jni/SSLContext.java| 3 +++
.../apache/tomcat/util/net/openssl/OpenSSLContext.java| 1 -
.../org/apache/tomcat/util/net/openssl/OpenSSLEngine.java | 15 +--
webapps/docs/changelog.xml| 5 +
5 files changed, 12 insertions(+), 15 deletions(-)
diff --git a/java/org/apache/tomcat/jni/SSL.java
b/java/org/apache/tomcat/jni/SSL.java
index 797df5293e..652921bf6f 100644
--- a/java/org/apache/tomcat/jni/SSL.java
+++ b/java/org/apache/tomcat/jni/SSL.java
@@ -634,7 +634,10 @@ public final class SSL {
* SSL_get0_next_proto_negotiated
* @param ssl the SSL instance (SSL *)
* @return the NPN protocol negotiated
+ *
+ * @deprecated Unused. Will be removed in Tomcat 10.1.x
*/
+@Deprecated
public static native String getNextProtoNegotiated(long ssl);
/*
diff --git a/java/org/apache/tomcat/jni/SSLContext.java
b/java/org/apache/tomcat/jni/SSLContext.java
index bb258e7a3a..1363aeaf4b 100644
--- a/java/org/apache/tomcat/jni/SSLContext.java
+++ b/java/org/apache/tomcat/jni/SSLContext.java
@@ -532,7 +532,10 @@ public final class SSLContext {
* @param nextProtos protocols in priority order
* @param selectorFailureBehavior see {@link
SSL#SSL_SELECTOR_FAILURE_NO_ADVERTISE}
*and {@link
SSL#SSL_SELECTOR_FAILURE_CHOOSE_MY_LAST_PROTOCOL}
+ *
+ * @deprecated Unused. Will be removed in Tomcat 10.1.x
*/
+@Deprecated
public static native void setNpnProtos(long ctx, String[] nextProtos, int
selectorFailureBehavior);
/**
diff --git a/java/org/apache/tomcat/util/net/openssl/OpenSSLContext.java
b/java/org/apache/tomcat/util/net/openssl/OpenSSLContext.java
index ed0b5afc65..4882a65304 100644
--- a/java/org/apache/tomcat/util/net/openssl/OpenSSLContext.java
+++ b/java/org/apache/tomcat/util/net/openssl/OpenSSLContext.java
@@ -390,7 +390,6 @@ public class OpenSSLContext implements
org.apache.tomcat.util.net.SSLContext {
protocols.add("http/1.1");
String[] protocolsArray = protocols.toArray(new String[0]);
SSLContext.setAlpnProtos(ctx, protocolsArray,
SSL.SSL_SELECTOR_FAILURE_NO_ADVERTISE);
-SSLContext.setNpnProtos(ctx, protocolsArray,
SSL.SSL_SELECTOR_FAILURE_NO_ADVERTISE);
}
// Apply OpenSSLConfCmd if used
diff --git a/java/org/apache/tomcat/util/net/openssl/OpenSSLEngine.java
b/java/org/apache/tomcat/util/net/openssl/OpenSSLEngine.java
index 0a9b4637be..172c6fc366 100644
--- a/java/org/apache/tomcat/util/net/openssl/OpenSSLEngine.java
+++ b/java/org/apache/tomcat/util/net/openssl/OpenSSLEngine.java
@@ -931,9 +931,6 @@ public final class OpenSSLEngine extends SSLEngine
implements SSLUtil.ProtocolIn
} else {
if (alpn) {
selectedProtocol = SSL.getAlpnSelected(ssl);
-if (selectedProtocol == null) {
-selectedProtocol = SSL.getNextProtoNegotiated(ssl);
-}
}
session.lastAccessedTime = System.currentTimeMillis();
// if SSL_do_handshake returns > 0 it means the handshake was
finished. This means we can update
@@ -1069,9 +1066,6 @@ public final class OpenSSLEngine extends SSLEngine
implements SSLUtil.ProtocolIn
(SSL.getPostHandshakeAuthInProgress(ssl) == 0)) {
if (alpn) {
selectedProtocol = SSL.getAlpnSelected(ssl);
-if (selectedProtocol == null) {
-selectedProtocol = SSL.getNextProtoNegotiated(ssl);
-}
}
session.lastAccessedTime = System.currentTimeMillis();
version = SSL.getVersion(ssl);
@@ -1422,14 +1416,7 @@ public final class OpenSSLEngine extends SSLEngine
implements SSLUtil.ProtocolIn
public String getProtocol() {
String applicationProtocol =
OpenSSLEngine.this.applicationProtocol;
if (applicationProtocol == null) {
-synchronized (OpenSSLEngine.this) {
-if (!destroyed) {
-applicationProtocol = SSL.getNextProtoNegotiated(ssl);
-}
-}
-if (applicationProtocol == null) {
-applicationProtocol = fallbackApplicationProtocol;
-
[tomcat] branch 8.5.x updated: Remove NPN when using Tomcat Native
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/8.5.x by this push:
new 25ea533ec9 Remove NPN when using Tomcat Native
25ea533ec9 is described below
commit 25ea533ec974fa80e4181b76784f767bcb3832b8
Author: Mark Thomas
AuthorDate: Tue May 31 09:36:30 2022 +0100
Remove NPN when using Tomcat Native
---
java/org/apache/tomcat/jni/SSL.java | 3 +++
java/org/apache/tomcat/jni/SSLContext.java| 3 +++
.../apache/tomcat/util/net/openssl/OpenSSLContext.java| 1 -
.../org/apache/tomcat/util/net/openssl/OpenSSLEngine.java | 15 +--
webapps/docs/changelog.xml| 5 +
5 files changed, 12 insertions(+), 15 deletions(-)
diff --git a/java/org/apache/tomcat/jni/SSL.java
b/java/org/apache/tomcat/jni/SSL.java
index 797df5293e..652921bf6f 100644
--- a/java/org/apache/tomcat/jni/SSL.java
+++ b/java/org/apache/tomcat/jni/SSL.java
@@ -634,7 +634,10 @@ public final class SSL {
* SSL_get0_next_proto_negotiated
* @param ssl the SSL instance (SSL *)
* @return the NPN protocol negotiated
+ *
+ * @deprecated Unused. Will be removed in Tomcat 10.1.x
*/
+@Deprecated
public static native String getNextProtoNegotiated(long ssl);
/*
diff --git a/java/org/apache/tomcat/jni/SSLContext.java
b/java/org/apache/tomcat/jni/SSLContext.java
index bb258e7a3a..1363aeaf4b 100644
--- a/java/org/apache/tomcat/jni/SSLContext.java
+++ b/java/org/apache/tomcat/jni/SSLContext.java
@@ -532,7 +532,10 @@ public final class SSLContext {
* @param nextProtos protocols in priority order
* @param selectorFailureBehavior see {@link
SSL#SSL_SELECTOR_FAILURE_NO_ADVERTISE}
*and {@link
SSL#SSL_SELECTOR_FAILURE_CHOOSE_MY_LAST_PROTOCOL}
+ *
+ * @deprecated Unused. Will be removed in Tomcat 10.1.x
*/
+@Deprecated
public static native void setNpnProtos(long ctx, String[] nextProtos, int
selectorFailureBehavior);
/**
diff --git a/java/org/apache/tomcat/util/net/openssl/OpenSSLContext.java
b/java/org/apache/tomcat/util/net/openssl/OpenSSLContext.java
index 6d98744882..135dc3874a 100644
--- a/java/org/apache/tomcat/util/net/openssl/OpenSSLContext.java
+++ b/java/org/apache/tomcat/util/net/openssl/OpenSSLContext.java
@@ -395,7 +395,6 @@ public class OpenSSLContext implements
org.apache.tomcat.util.net.SSLContext {
protocols.add("http/1.1");
String[] protocolsArray = protocols.toArray(new String[0]);
SSLContext.setAlpnProtos(ctx, protocolsArray,
SSL.SSL_SELECTOR_FAILURE_NO_ADVERTISE);
-SSLContext.setNpnProtos(ctx, protocolsArray,
SSL.SSL_SELECTOR_FAILURE_NO_ADVERTISE);
}
// Apply OpenSSLConfCmd if used
diff --git a/java/org/apache/tomcat/util/net/openssl/OpenSSLEngine.java
b/java/org/apache/tomcat/util/net/openssl/OpenSSLEngine.java
index 0a9b4637be..172c6fc366 100644
--- a/java/org/apache/tomcat/util/net/openssl/OpenSSLEngine.java
+++ b/java/org/apache/tomcat/util/net/openssl/OpenSSLEngine.java
@@ -931,9 +931,6 @@ public final class OpenSSLEngine extends SSLEngine
implements SSLUtil.ProtocolIn
} else {
if (alpn) {
selectedProtocol = SSL.getAlpnSelected(ssl);
-if (selectedProtocol == null) {
-selectedProtocol = SSL.getNextProtoNegotiated(ssl);
-}
}
session.lastAccessedTime = System.currentTimeMillis();
// if SSL_do_handshake returns > 0 it means the handshake was
finished. This means we can update
@@ -1069,9 +1066,6 @@ public final class OpenSSLEngine extends SSLEngine
implements SSLUtil.ProtocolIn
(SSL.getPostHandshakeAuthInProgress(ssl) == 0)) {
if (alpn) {
selectedProtocol = SSL.getAlpnSelected(ssl);
-if (selectedProtocol == null) {
-selectedProtocol = SSL.getNextProtoNegotiated(ssl);
-}
}
session.lastAccessedTime = System.currentTimeMillis();
version = SSL.getVersion(ssl);
@@ -1422,14 +1416,7 @@ public final class OpenSSLEngine extends SSLEngine
implements SSLUtil.ProtocolIn
public String getProtocol() {
String applicationProtocol =
OpenSSLEngine.this.applicationProtocol;
if (applicationProtocol == null) {
-synchronized (OpenSSLEngine.this) {
-if (!destroyed) {
-applicationProtocol = SSL.getNextProtoNegotiated(ssl);
-}
-}
-if (applicationProtocol == null) {
-applicationProtocol = fallbackApplicationProtocol;
-
[tomcat] branch 9.0.x updated: Backport the Tomcat Native deprecation warnings
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/9.0.x by this push:
new f59e6ab4a5 Backport the Tomcat Native deprecation warnings
f59e6ab4a5 is described below
commit f59e6ab4a55dc244d14582c0458f01b0f6a790a1
Author: Mark Thomas
AuthorDate: Tue May 31 10:09:33 2022 +0100
Backport the Tomcat Native deprecation warnings
Once 10.1.x is stable and 10.0.x is EOL, 9.0.x will be the version
before 10.1.x so it needs to deprecate the APR/Native functionality that
will be removed between 9.0.x and 10.1.x
---
java/org/apache/catalina/connector/Connector.java | 2 ++
java/org/apache/coyote/ProtocolHandler.java| 4 +++
java/org/apache/coyote/ajp/AjpAprProtocol.java | 4 +++
.../apache/coyote/http11/Http11AprProtocol.java| 4 +++
java/org/apache/tomcat/jni/Address.java| 6
java/org/apache/tomcat/jni/Directory.java | 6
java/org/apache/tomcat/jni/File.java | 6
java/org/apache/tomcat/jni/FileInfo.java | 6
java/org/apache/tomcat/jni/Global.java | 6
java/org/apache/tomcat/jni/Local.java | 6
java/org/apache/tomcat/jni/Lock.java | 6
java/org/apache/tomcat/jni/Mmap.java | 6
java/org/apache/tomcat/jni/Multicast.java | 6
java/org/apache/tomcat/jni/OS.java | 6
java/org/apache/tomcat/jni/Poll.java | 6
java/org/apache/tomcat/jni/PoolCallback.java | 6
java/org/apache/tomcat/jni/Proc.java | 6
java/org/apache/tomcat/jni/ProcErrorCallback.java | 6
java/org/apache/tomcat/jni/Procattr.java | 6
java/org/apache/tomcat/jni/Registry.java | 6
java/org/apache/tomcat/jni/SSLSocket.java | 6
java/org/apache/tomcat/jni/Shm.java| 6
java/org/apache/tomcat/jni/Sockaddr.java | 6
java/org/apache/tomcat/jni/Socket.java | 6
java/org/apache/tomcat/jni/Status.java | 6
java/org/apache/tomcat/jni/Stdlib.java | 6
java/org/apache/tomcat/jni/Thread.java | 6
java/org/apache/tomcat/jni/Time.java | 6
java/org/apache/tomcat/jni/User.java | 6
java/org/apache/tomcat/util/net/AprEndpoint.java | 4 +++
java/org/apache/tomcat/util/net/AprSSLSupport.java | 4 +++
test/org/apache/tomcat/jni/TestFile.java | 9 +++--
test/org/apache/tomcat/jni/TestSocketServer.java | 5 +++
.../jni/TestSocketServerAnyLocalAddress.java | 5 +++
.../apache/tomcat/util/net/TestXxxEndpoint.java| 40 +-
35 files changed, 213 insertions(+), 18 deletions(-)
diff --git a/java/org/apache/catalina/connector/Connector.java
b/java/org/apache/catalina/connector/Connector.java
index 4c661f0d3d..9148495f0b 100644
--- a/java/org/apache/catalina/connector/Connector.java
+++ b/java/org/apache/catalina/connector/Connector.java
@@ -624,6 +624,7 @@ public class Connector extends LifecycleMBeanBase {
/**
* @return the Coyote protocol handler in use.
*/
+@SuppressWarnings("deprecation")
public String getProtocol() {
boolean apr = AprStatus.getUseAprConnector();
if ((!apr &&
org.apache.coyote.http11.Http11NioProtocol.class.getName().equals(protocolHandlerClassName))
@@ -1001,6 +1002,7 @@ public class Connector extends LifecycleMBeanBase {
}
+@SuppressWarnings("deprecation")
@Override
protected void initInternal() throws LifecycleException {
diff --git a/java/org/apache/coyote/ProtocolHandler.java
b/java/org/apache/coyote/ProtocolHandler.java
index 5c7a9f9896..36d7eac602 100644
--- a/java/org/apache/coyote/ProtocolHandler.java
+++ b/java/org/apache/coyote/ProtocolHandler.java
@@ -153,7 +153,10 @@ public interface ProtocolHandler {
*
* @return true if this Protocol Handler requires the
* APR/native library, otherwise false
+ *
+ * @deprecated This method will be removed in Tomcat 10.1.x onwards
*/
+@Deprecated
public boolean isAprRequired();
@@ -230,6 +233,7 @@ public interface ProtocolHandler {
* @throws NoSuchMethodException Exception occurred
* @throws SecurityException Exception occurred
*/
+@SuppressWarnings("deprecation")
public static ProtocolHandler create(String protocol, boolean apr)
throws ClassNotFoundException, InstantiationException,
IllegalAccessException,
IllegalArgumentException, InvocationTargetException,
NoSuchMethodException, SecurityException {
diff --git a/java/org/apache/coyote/ajp/AjpAprProtocol.java
b/java/org/apache/coyote/ajp/AjpAprProtocol.java
index 92ad9c0504..34e34ebe42 100644
--- a/ja
[tomcat] branch 8.5.x updated: Backport the Tomcat Native deprecation warnings
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/8.5.x by this push:
new 3309333592 Backport the Tomcat Native deprecation warnings
3309333592 is described below
commit 3309333592c905c351b50ef8c1d2880f06ec2620
Author: Mark Thomas
AuthorDate: Tue May 31 10:12:21 2022 +0100
Backport the Tomcat Native deprecation warnings
While not strictly necessary since the deprecated code won't be removed
until Tomcat 10.1.x I think it is prudent to add the deprecation
warnings here given the scale of the change.
---
java/org/apache/catalina/connector/Connector.java | 1 +
java/org/apache/coyote/ProtocolHandler.java| 3 ++
java/org/apache/coyote/ajp/AjpAprProtocol.java | 4 +++
.../apache/coyote/http11/Http11AprProtocol.java| 4 +++
java/org/apache/tomcat/jni/Address.java| 6
java/org/apache/tomcat/jni/Directory.java | 6
java/org/apache/tomcat/jni/File.java | 14 +---
java/org/apache/tomcat/jni/FileInfo.java | 6
java/org/apache/tomcat/jni/Global.java | 6
java/org/apache/tomcat/jni/Local.java | 6
java/org/apache/tomcat/jni/Lock.java | 6
java/org/apache/tomcat/jni/Mmap.java | 6
java/org/apache/tomcat/jni/Multicast.java | 6
java/org/apache/tomcat/jni/OS.java | 15 ++--
java/org/apache/tomcat/jni/Poll.java | 6
java/org/apache/tomcat/jni/PoolCallback.java | 6
java/org/apache/tomcat/jni/Proc.java | 6
java/org/apache/tomcat/jni/ProcErrorCallback.java | 6
java/org/apache/tomcat/jni/Procattr.java | 6
java/org/apache/tomcat/jni/Registry.java | 6
java/org/apache/tomcat/jni/SSLSocket.java | 6
java/org/apache/tomcat/jni/Shm.java| 6
java/org/apache/tomcat/jni/Sockaddr.java | 6
java/org/apache/tomcat/jni/Socket.java | 6
java/org/apache/tomcat/jni/Status.java | 6
java/org/apache/tomcat/jni/Stdlib.java | 6
java/org/apache/tomcat/jni/Thread.java | 6
java/org/apache/tomcat/jni/Time.java | 6
java/org/apache/tomcat/jni/User.java | 6
java/org/apache/tomcat/util/net/AprEndpoint.java | 4 +++
java/org/apache/tomcat/util/net/AprSSLSupport.java | 4 +++
.../apache/tomcat/util/net/TestXxxEndpoint.java| 40 +-
32 files changed, 205 insertions(+), 22 deletions(-)
diff --git a/java/org/apache/catalina/connector/Connector.java
b/java/org/apache/catalina/connector/Connector.java
index c13b80e81c..d8bc16428c 100644
--- a/java/org/apache/catalina/connector/Connector.java
+++ b/java/org/apache/catalina/connector/Connector.java
@@ -1074,6 +1074,7 @@ public class Connector extends LifecycleMBeanBase {
}
+@SuppressWarnings("deprecation")
@Override
protected void initInternal() throws LifecycleException {
diff --git a/java/org/apache/coyote/ProtocolHandler.java
b/java/org/apache/coyote/ProtocolHandler.java
index a616347b19..17ed96cc92 100644
--- a/java/org/apache/coyote/ProtocolHandler.java
+++ b/java/org/apache/coyote/ProtocolHandler.java
@@ -130,7 +130,10 @@ public interface ProtocolHandler {
*
* @return true if this Protocol Handler requires the
* APR/native library, otherwise false
+ *
+ * @deprecated This method will be removed in Tomcat 10.1.x onwards
*/
+@Deprecated
public boolean isAprRequired();
diff --git a/java/org/apache/coyote/ajp/AjpAprProtocol.java
b/java/org/apache/coyote/ajp/AjpAprProtocol.java
index 92ad9c0504..34e34ebe42 100644
--- a/java/org/apache/coyote/ajp/AjpAprProtocol.java
+++ b/java/org/apache/coyote/ajp/AjpAprProtocol.java
@@ -23,7 +23,11 @@ import org.apache.tomcat.util.net.AprEndpoint;
/**
* This the APR/native based protocol handler implementation for AJP.
+ *
+ * @deprecated The APR/Native Connector will be removed in Tomcat 10.1.x
+ * onwards.
*/
+@Deprecated
public class AjpAprProtocol extends AbstractAjpProtocol {
private static final Log log = LogFactory.getLog(AjpAprProtocol.class);
diff --git a/java/org/apache/coyote/http11/Http11AprProtocol.java
b/java/org/apache/coyote/http11/Http11AprProtocol.java
index fc45b17df0..26b7871879 100644
--- a/java/org/apache/coyote/http11/Http11AprProtocol.java
+++ b/java/org/apache/coyote/http11/Http11AprProtocol.java
@@ -28,7 +28,11 @@ import org.apache.tomcat.util.net.AprEndpoint;
*
* @author Remy Maucherat
* @author Costin Manolache
+ *
+ * @deprecated The APR/Native Connector will be removed in Tomcat 10.1.x
+ * onwards.
*/
+@Deprecated
public class Http11AprP
[tomcat] branch main updated: Drop NPN calls
This is an automated email from the ASF dual-hosted git repository.
remm pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/main by this push:
new 2b1dfe5bc4 Drop NPN calls
2b1dfe5bc4 is described below
commit 2b1dfe5bc4befdc53d74a0333ac8931d78ec39f6
Author: remm
AuthorDate: Tue May 31 11:17:10 2022 +0200
Drop NPN calls
Tomcat-native is dropping them as well as they are obsolete.
---
modules/openssl-java17/openssl-tomcat.conf | 1 -
.../tomcat/util/net/openssl/panama/OpenSSLContext.java | 2 --
.../apache/tomcat/util/net/openssl/panama/OpenSSLEngine.java | 12 +---
.../java/org/apache/tomcat/util/openssl/constants$11.java| 10 --
.../main/java/org/apache/tomcat/util/openssl/openssl_h.java | 11 ---
5 files changed, 1 insertion(+), 35 deletions(-)
diff --git a/modules/openssl-java17/openssl-tomcat.conf
b/modules/openssl-java17/openssl-tomcat.conf
index 5273538daf..f6765453b4 100644
--- a/modules/openssl-java17/openssl-tomcat.conf
+++ b/modules/openssl-java17/openssl-tomcat.conf
@@ -214,7 +214,6 @@
--include-function SSL_get_shutdown # header:
/usr/include/openssl/ssl.h
--include-function SSL_get_version # header:
/usr/include/openssl/ssl.h
--include-function SSL_get0_alpn_selected# header:
/usr/include/openssl/ssl.h
---include-function SSL_get0_next_proto_negotiated# header:
/usr/include/openssl/ssl.h
--include-function SSL_in_init # header:
/usr/include/openssl/ssl.h
--include-function SSL_load_client_CA_file # header:
/usr/include/openssl/ssl.h
--include-function SSL_new # header:
/usr/include/openssl/ssl.h
diff --git
a/modules/openssl-java17/src/main/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLContext.java
b/modules/openssl-java17/src/main/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLContext.java
index ee2ab2f9d1..516f4c68ef 100644
---
a/modules/openssl-java17/src/main/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLContext.java
+++
b/modules/openssl-java17/src/main/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLContext.java
@@ -678,8 +678,6 @@ public class OpenSSLContext implements
org.apache.tomcat.util.net.SSLContext {
CLinker.getInstance().upcallStub(openSSLCallbackAlpnSelectProtoHandle,
openSSLCallbackAlpnSelectProtoFunctionDescriptor,
state.contextScope);
SSL_CTX_set_alpn_select_cb(state.sslCtx,
openSSLCallbackAlpnSelectProto, state.sslCtx);
-// Skip NPN (annoying and likely not useful anymore)
-//SSLContext.setNpnProtos(state.ctx, protocolsArray,
SSL.SSL_SELECTOR_FAILURE_NO_ADVERTISE);
}
// Apply OpenSSLConfCmd if used
diff --git
a/modules/openssl-java17/src/main/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLEngine.java
b/modules/openssl-java17/src/main/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLEngine.java
index 52e0677144..f3cc027298 100644
---
a/modules/openssl-java17/src/main/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLEngine.java
+++
b/modules/openssl-java17/src/main/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLEngine.java
@@ -1008,9 +1008,6 @@ public final class OpenSSLEngine extends SSLEngine
implements SSLUtil.ProtocolIn
MemorySegment lenAddress = allocator.allocate(CLinker.C_INT, 0);
MemorySegment protocolPointer = allocator.allocate(CLinker.C_POINTER,
MemoryAddress.NULL);
SSL_get0_alpn_selected(state.ssl, protocolPointer, lenAddress);
-if (MemoryAddress.NULL.equals(protocolPointer.address())) {
-SSL_get0_next_proto_negotiated(state.ssl, protocolPointer,
lenAddress);
-}
if (MemoryAddress.NULL.equals(protocolPointer.address())) {
return null;
}
@@ -1808,14 +1805,7 @@ public final class OpenSSLEngine extends SSLEngine
implements SSLUtil.ProtocolIn
public String getProtocol() {
String applicationProtocol =
OpenSSLEngine.this.applicationProtocol;
if (applicationProtocol == null) {
-synchronized (OpenSSLEngine.this) {
-if (!destroyed) {
-applicationProtocol = getProtocolNegotiated();
-}
-}
-if (applicationProtocol == null) {
-applicationProtocol = fallbackApplicationProtocol;
-}
+applicationProtocol = fallbackApplicationProtocol;
if (applicationProtocol != null) {
OpenSSLEngine.this.applicationProtocol =
applicationProtocol.replace(':', '_');
} else {
diff --git
a/modules/op
[tomcat] branch main updated: Drop NPN calls
This is an automated email from the ASF dual-hosted git repository.
remm pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/main by this push:
new eceae16d54 Drop NPN calls
eceae16d54 is described below
commit eceae16d54f98736b522342c8aef7c082f4cfa0c
Author: remm
AuthorDate: Tue May 31 11:28:32 2022 +0200
Drop NPN calls
Tomcat-native is dropping them as well as they are obsolete.
Also minor foreign API change.
---
modules/openssl-foreign/openssl-tomcat.conf| 1 -
.../util/net/openssl/panama/OpenSSLContext.java| 2 --
.../util/net/openssl/panama/OpenSSLEngine.java | 24 +++---
.../apache/tomcat/util/openssl/constants$12.java | 9
.../org/apache/tomcat/util/openssl/openssl_h.java | 11 --
5 files changed, 7 insertions(+), 40 deletions(-)
diff --git a/modules/openssl-foreign/openssl-tomcat.conf
b/modules/openssl-foreign/openssl-tomcat.conf
index 5273538daf..f6765453b4 100644
--- a/modules/openssl-foreign/openssl-tomcat.conf
+++ b/modules/openssl-foreign/openssl-tomcat.conf
@@ -214,7 +214,6 @@
--include-function SSL_get_shutdown # header:
/usr/include/openssl/ssl.h
--include-function SSL_get_version # header:
/usr/include/openssl/ssl.h
--include-function SSL_get0_alpn_selected# header:
/usr/include/openssl/ssl.h
---include-function SSL_get0_next_proto_negotiated# header:
/usr/include/openssl/ssl.h
--include-function SSL_in_init # header:
/usr/include/openssl/ssl.h
--include-function SSL_load_client_CA_file # header:
/usr/include/openssl/ssl.h
--include-function SSL_new # header:
/usr/include/openssl/ssl.h
diff --git
a/modules/openssl-foreign/src/main/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLContext.java
b/modules/openssl-foreign/src/main/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLContext.java
index 8f8e857d59..9657f33945 100644
---
a/modules/openssl-foreign/src/main/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLContext.java
+++
b/modules/openssl-foreign/src/main/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLContext.java
@@ -681,8 +681,6 @@ public class OpenSSLContext implements
org.apache.tomcat.util.net.SSLContext {
Linker.nativeLinker().upcallStub(openSSLCallbackAlpnSelectProtoHandle,
openSSLCallbackAlpnSelectProtoFunctionDescriptor,
state.contextMemorySession);
SSL_CTX_set_alpn_select_cb(state.sslCtx,
openSSLCallbackAlpnSelectProto, state.sslCtx);
-// Skip NPN (annoying and likely not useful anymore)
-//SSLContext.setNpnProtos(state.ctx, protocolsArray,
SSL.SSL_SELECTOR_FAILURE_NO_ADVERTISE);
}
// Apply OpenSSLConfCmd if used
diff --git
a/modules/openssl-foreign/src/main/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLEngine.java
b/modules/openssl-foreign/src/main/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLEngine.java
index b9c7ed64b0..3d355d5393 100644
---
a/modules/openssl-foreign/src/main/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLEngine.java
+++
b/modules/openssl-foreign/src/main/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLEngine.java
@@ -305,7 +305,7 @@ public final class OpenSSLEngine extends SSLEngine
implements SSLUtil.ProtocolIn
final int sslWrote;
if (src.isDirect()) {
-sslWrote = SSL_write(ssl, MemorySegment.ofByteBuffer(src), len);
+sslWrote = SSL_write(ssl, MemorySegment.ofBuffer(src), len);
if (sslWrote > 0) {
src.position(pos + sslWrote);
return sslWrote;
@@ -339,7 +339,7 @@ public final class OpenSSLEngine extends SSLEngine
implements SSLUtil.ProtocolIn
final int pos = src.position();
final int len = src.remaining();
if (src.isDirect()) {
-final int netWrote = BIO_write(networkBIO,
MemorySegment.ofByteBuffer(src), len);
+final int netWrote = BIO_write(networkBIO,
MemorySegment.ofBuffer(src), len);
if (netWrote > 0) {
src.position(pos + netWrote);
return netWrote;
@@ -352,7 +352,7 @@ public final class OpenSSLEngine extends SSLEngine
implements SSLUtil.ProtocolIn
try {
buf.put(src);
buf.flip();
-final int netWrote = BIO_write(networkBIO,
MemorySegment.ofByteBuffer(buf), len);
+final int netWrote = BIO_write(networkBIO,
MemorySegment.ofBuffer(buf), len);
if (netWrote > 0) {
src.position(pos + netWrote);
return netWrote;
@@ -379,7 +379,7 @@ public final class OpenSSLEngine ext
[tomcat] branch main updated: Enable Tomcat to find the Tomcat Native 1.x or 2.x library
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/main by this push:
new d1ef739e68 Enable Tomcat to find the Tomcat Native 1.x or 2.x library
d1ef739e68 is described below
commit d1ef739e68262f81ed45281aad5cb1d187cbbb9f
Author: Mark Thomas
AuthorDate: Tue May 31 11:46:20 2022 +0100
Enable Tomcat to find the Tomcat Native 1.x or 2.x library
---
java/org/apache/tomcat/jni/Library.java | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/java/org/apache/tomcat/jni/Library.java
b/java/org/apache/tomcat/jni/Library.java
index abda71f948..05e02d87dc 100644
--- a/java/org/apache/tomcat/jni/Library.java
+++ b/java/org/apache/tomcat/jni/Library.java
@@ -25,7 +25,7 @@ import java.io.File;
public final class Library {
/* Default library names */
-private static final String [] NAMES = {"tcnative-1", "libtcnative-1"};
+private static final String [] NAMES = {"tcnative-2", "libtcnative-2",
"tcnative-1", "libtcnative-1"};
/*
* A handle to the unique Library singleton instance.
*/
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 10.0.x updated: Enable Tomcat to find the Tomcat Native 1.x or 2.x library
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 10.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/10.0.x by this push:
new 0fb7bc03cb Enable Tomcat to find the Tomcat Native 1.x or 2.x library
0fb7bc03cb is described below
commit 0fb7bc03cb8bef76fb47ff8ef39466fbd376d3fb
Author: Mark Thomas
AuthorDate: Tue May 31 11:46:20 2022 +0100
Enable Tomcat to find the Tomcat Native 1.x or 2.x library
---
java/org/apache/tomcat/jni/Library.java | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/java/org/apache/tomcat/jni/Library.java
b/java/org/apache/tomcat/jni/Library.java
index abda71f948..05e02d87dc 100644
--- a/java/org/apache/tomcat/jni/Library.java
+++ b/java/org/apache/tomcat/jni/Library.java
@@ -25,7 +25,7 @@ import java.io.File;
public final class Library {
/* Default library names */
-private static final String [] NAMES = {"tcnative-1", "libtcnative-1"};
+private static final String [] NAMES = {"tcnative-2", "libtcnative-2",
"tcnative-1", "libtcnative-1"};
/*
* A handle to the unique Library singleton instance.
*/
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 9.0.x updated: Enable Tomcat to find the Tomcat Native 1.x or 2.x library
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/9.0.x by this push:
new 4c3c213be9 Enable Tomcat to find the Tomcat Native 1.x or 2.x library
4c3c213be9 is described below
commit 4c3c213be9490670411061b9d5981602a4317136
Author: Mark Thomas
AuthorDate: Tue May 31 11:46:20 2022 +0100
Enable Tomcat to find the Tomcat Native 1.x or 2.x library
---
java/org/apache/tomcat/jni/Library.java | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/java/org/apache/tomcat/jni/Library.java
b/java/org/apache/tomcat/jni/Library.java
index abda71f948..05e02d87dc 100644
--- a/java/org/apache/tomcat/jni/Library.java
+++ b/java/org/apache/tomcat/jni/Library.java
@@ -25,7 +25,7 @@ import java.io.File;
public final class Library {
/* Default library names */
-private static final String [] NAMES = {"tcnative-1", "libtcnative-1"};
+private static final String [] NAMES = {"tcnative-2", "libtcnative-2",
"tcnative-1", "libtcnative-1"};
/*
* A handle to the unique Library singleton instance.
*/
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 8.5.x updated: Enable Tomcat to find the Tomcat Native 1.x or 2.x library
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/8.5.x by this push:
new 4332c60c9d Enable Tomcat to find the Tomcat Native 1.x or 2.x library
4332c60c9d is described below
commit 4332c60c9d508396f5faaa167d6fd708b5fe874c
Author: Mark Thomas
AuthorDate: Tue May 31 11:46:20 2022 +0100
Enable Tomcat to find the Tomcat Native 1.x or 2.x library
---
java/org/apache/tomcat/jni/Library.java | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/java/org/apache/tomcat/jni/Library.java
b/java/org/apache/tomcat/jni/Library.java
index 4c6cdfc054..f6199a6534 100644
--- a/java/org/apache/tomcat/jni/Library.java
+++ b/java/org/apache/tomcat/jni/Library.java
@@ -25,7 +25,7 @@ import java.io.File;
public final class Library {
/* Default library names */
-private static final String [] NAMES = {"tcnative-1", "libtcnative-1"};
+private static final String [] NAMES = {"tcnative-2", "libtcnative-2",
"tcnative-1", "libtcnative-1"};
/*
* A handle to the unique Library singleton instance.
*/
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat-native] branch main updated: Copyright year updates for 2022
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/tomcat-native.git The following commit(s) were added to refs/heads/main by this push: new df10e0847 Copyright year updates for 2022 df10e0847 is described below commit df10e0847c71bd94f2168e68fd1873e791b44ca8 Author: Mark Thomas AuthorDate: Tue May 31 14:25:54 2022 +0100 Copyright year updates for 2022 --- NOTICE| 2 +- build.xml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/NOTICE b/NOTICE index b21c25a25..f50335ae8 100644 --- a/NOTICE +++ b/NOTICE @@ -1,5 +1,5 @@ Apache Tomcat Native Library -Copyright 2002-2020 The Apache Software Foundation +Copyright 2002-2022 The Apache Software Foundation This product includes software developed at The Apache Software Foundation (http://www.apache.org/). diff --git a/build.xml b/build.xml index 1a1c83214..19da1f138 100644 --- a/build.xml +++ b/build.xml @@ -30,7 +30,7 @@ - + - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat-native] branch 1.2.x updated: Copyright year updates for 2022
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch 1.2.x in repository https://gitbox.apache.org/repos/asf/tomcat-native.git The following commit(s) were added to refs/heads/1.2.x by this push: new 5c639a927 Copyright year updates for 2022 5c639a927 is described below commit 5c639a927db109ec86f60dd54cd1508a8d23c1b2 Author: Mark Thomas AuthorDate: Tue May 31 14:25:54 2022 +0100 Copyright year updates for 2022 --- NOTICE| 2 +- build.xml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/NOTICE b/NOTICE index b21c25a25..f50335ae8 100644 --- a/NOTICE +++ b/NOTICE @@ -1,5 +1,5 @@ Apache Tomcat Native Library -Copyright 2002-2020 The Apache Software Foundation +Copyright 2002-2022 The Apache Software Foundation This product includes software developed at The Apache Software Foundation (http://www.apache.org/). diff --git a/build.xml b/build.xml index 1a1c83214..19da1f138 100644 --- a/build.xml +++ b/build.xml @@ -30,7 +30,7 @@ - + - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat-native] branch main updated: Update from 1.2.x to 2.0.x
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat-native.git
The following commit(s) were added to refs/heads/main by this push:
new 08a19997a Update from 1.2.x to 2.0.x
08a19997a is described below
commit 08a19997ad49632625d31667fc59a50b33ed4422
Author: Mark Thomas
AuthorDate: Tue May 31 15:19:03 2022 +0100
Update from 1.2.x to 2.0.x
---
build.properties.default | 6 +-
jnirelease.sh | 9 +-
native/build/rpm/tcnative.spec.in | 2 +
native/include/tcn_version.h | 6 +-
native/os/win32/libtcnative.rc| 10 +-
xdocs/miscellaneous/changelog.xml | 631 +-
6 files changed, 25 insertions(+), 639 deletions(-)
diff --git a/build.properties.default b/build.properties.default
index 25121a043..56aae9df6 100644
--- a/build.properties.default
+++ b/build.properties.default
@@ -16,9 +16,9 @@
#
# - Version Control Flags -
-version.major=1
-version.minor=2
-version.build=34
+version.major=2
+version.minor=0
+version.build=0
version.patch=0
version.suffix=-dev
diff --git a/jnirelease.sh b/jnirelease.sh
index 224658540..bcaefe33e 100755
--- a/jnirelease.sh
+++ b/jnirelease.sh
@@ -85,7 +85,7 @@ if [ "x$JKJNIEXT" = "x" ]; then
echo ""
echo "Unknown Git tag/branch"
echo "Use:"
-echo " --ver=|1.1.x|main|."
+echo " --ver=|1.1.x|1.2.x|main|."
echo ""
exit 1
fi
@@ -136,6 +136,9 @@ fi
if [ "x$JKJNIEXT" = "xmain" ]; then
JKJNIHASH=`git ls-remote $GITBASE refs/heads/main | awk '{print $1}'`
JKJNIVER="$JKJNIEXT-$JKJNIHASH"
+elif [ "x$JKJNIEXT" = "x1.2.x" ]; then
+JKJNIHASH=`git ls-remote $GITBASE refs/heads/1.2.x | awk '{print $1}'`
+JKJNIVER="$JKJNIEXT-$JKJNIHASH"
elif [ "x$JKJNIEXT" = "x1.1.x" ]; then
JKJNIHASH=`git ls-remote $GITBASE refs/heads/1.1.x | awk '{print $1}'`
JKJNIVER="$JKJNIEXT-$JKJNIHASH"
@@ -166,14 +169,14 @@ if [ ! -d .git/refs/remotes/tcjava ]; then
git remote add -f tcjava ${TCJAVA_GITBASE}
fi
git remote update tcjava
-diffcount=`git diff HEAD remotes/tcjava/10.0.x java/org/apache/tomcat/jni | wc
-l`
+diffcount=`git diff HEAD remotes/tcjava/main java/org/apache/tomcat/jni | wc
-l`
if [ $diffcount -ne 0 ]; then
echo "WARNING: git subtree is not up to date with"
echo " $TCJAVA_GITBASE"
echo " Either correct now by running"
echo " 'git rm -rf java/org/apache/tomcat/jni'"
-echo " 'git read-tree --prefix=java/org/apache/tomcat/jni/ -u
10.0.x/main:java/org/apache/tomcat/jni'"
+echo " 'git read-tree --prefix=java/org/apache/tomcat/jni/ -u
main:java/org/apache/tomcat/jni'"
echo " 'git commit'"
echo " or run this script with -f (force)"
if [ "X$JKJNIFORCE" = "X1" ]
diff --git a/native/build/rpm/tcnative.spec.in
b/native/build/rpm/tcnative.spec.in
index 73c164240..b2a719700 100644
--- a/native/build/rpm/tcnative.spec.in
+++ b/native/build/rpm/tcnative.spec.in
@@ -90,6 +90,8 @@ rm -rf $RPM_BUILD_ROOT
%doc --parents html
%changelog
+* Tue May 24 2022 Mark Thomas 2.0.0-1
+- update for tcnative 2.0
* Sat Oct 31 2015 Rainer Jung 1.2.0-1
- update for tcnative 1.2
* Tue Jun 22 2004 Mladen Turk 1.0.0-1
diff --git a/native/include/tcn_version.h b/native/include/tcn_version.h
index 60789f78c..e6a7d636c 100644
--- a/native/include/tcn_version.h
+++ b/native/include/tcn_version.h
@@ -54,16 +54,16 @@ extern "C" {
* programs such as structure size changes. No binary compatibility is
* possible across a change in the major version.
*/
-#define TCN_MAJOR_VERSION 1
+#define TCN_MAJOR_VERSION 2
/**
* Minor API changes that do not cause binary compatibility problems.
* Should be reset to 0 when upgrading TCN_MAJOR_VERSION
*/
-#define TCN_MINOR_VERSION 2
+#define TCN_MINOR_VERSION 0
/** patch level */
-#define TCN_PATCH_VERSION 34
+#define TCN_PATCH_VERSION 0
/**
* This symbol is defined for internal, "development" copies of TCN. This
diff --git a/native/os/win32/libtcnative.rc b/native/os/win32/libtcnative.rc
index 2d1b7580b..841d8ea3e 100644
--- a/native/os/win32/libtcnative.rc
+++ b/native/os/win32/libtcnative.rc
@@ -20,7 +20,7 @@ LANGUAGE 0x9,0x1
"See the License for the specific language governing " \
"permissions and limitations under the License."
-#define TCN_VERSION "1.2.34"
+#define TCN_VERSION "2.0.0"
1000 ICON "apache.ico"
1001 DIALOGEX 0, 0, 252, 51
@@ -36,8 +36,8 @@ BEGIN
END
1 VERSIONINFO
- FILEVERSION 1,2,34,0
- PRODUCTVERSION 1,2,34,0
+ FILEVERSION 2,0,0,0
+ PRODUCTVERSION 2,0,0,0
FILEFLAGSMASK 0x3fL
#ifdef _DEBUG
FILEFLAGS 0x1L
@@ -56,9 +56,9 @@ BEGIN
VALUE "CompanyName", "Apache Software Foundation\0"
VALUE "FileDescription", "Tomcat Native Java Library\0"
VALU
[tomcat-native] 01/02: Update OpenSSL to 3.0.0 and make it required
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat-native.git
commit f7930fa16f095717cfc641a8d24e60c343765adc
Author: Mark Thomas
AuthorDate: Tue May 24 21:49:45 2022 +0100
Update OpenSSL to 3.0.0 and make it required
---
CMakeLists.txt| 2 +-
native/NMAKEmakefile | 2 +-
native/build/rpm/tcnative.spec.in | 4 +-
native/build/tcnative.m4 | 193 --
native/configure.in | 24 +--
native/libtcnative.dsp| 4 +-
native/src/ssl.c | 407 --
native/src/sslconf.c | 60 --
native/src/sslcontext.c | 364 --
native/src/sslutils.c | 2 -
native/srclib/VERSIONS| 39 +---
native/tcnative.dsp | 4 +-
xdocs/miscellaneous/changelog.xml | 4 +
13 files changed, 103 insertions(+), 1006 deletions(-)
diff --git a/CMakeLists.txt b/CMakeLists.txt
index 5db4ca147..0191acec2 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -42,7 +42,7 @@ include_directories (${TOMCAT_JNI_SOURCE_DIR}/native/include
set (SSL_C_FLAGS "-DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H
-Wa,--noexecstack -DL_ENDIAN -DTERMIO -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT
-DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM
-DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM
-DGHASH_ASM ")
-set (CMAKE_C_FLAGS "-pthread -DHAVE_CONFIG_H -DLINUX=2 -D_REENTRANT
-D_GNU_SOURCE -DHAVE_OPENSSL -fPIC -DOPENSSL_PIC -m64 -O3 -Wall
${SSL_C_FLAGS}")
+set (CMAKE_C_FLAGS "-pthread -DHAVE_CONFIG_H -DLINUX=2 -D_REENTRANT
-D_GNU_SOURCE -fPIC -DOPENSSL_PIC -m64 -O3 -Wall ${SSL_C_FLAGS}")
set (OPENSSL_SRC ${DEPS}/openssl)
diff --git a/native/NMAKEmakefile b/native/NMAKEmakefile
index 1c91b5c47..e32c69e6c 100644
--- a/native/NMAKEmakefile
+++ b/native/NMAKEmakefile
@@ -83,7 +83,7 @@ LFLAGS = $(LFLAGS) libeay32.lib ssleay32.lib
!ENDIF
CFLAGS = $(CFLAGS) -DZLIB_WINAPI -DNO_IDEA -DNO_RC5 -DNO_MDC2
-DOPENSSL_NO_IDEA \
- -DOPENSSL_NO_RC5 -DOPENSSL_NO_MDC2 -DHAVE_OPENSSL -DHAVE_SSL_SET_STATE=1
+ -DOPENSSL_NO_RC5 -DOPENSSL_NO_MDC2 -DHAVE_SSL_SET_STATE=1
PDBFLAGS = -Fo$(WORKDIR)\ -Fd$(WORKDIR)\$(PROJECT)-src
diff --git a/native/build/rpm/tcnative.spec.in
b/native/build/rpm/tcnative.spec.in
index b2a719700..9b2cd6e05 100644
--- a/native/build/rpm/tcnative.spec.in
+++ b/native/build/rpm/tcnative.spec.in
@@ -28,7 +28,7 @@ Group: System Environment/Libraries
URL: http://apr.apache.org/
Source0: %{name}-%{version}.tar.gz
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-buildroot
-BuildPrereq: autoconf, libtool, doxygen, apr-devel >=
%{aprmajor}.%{aprminor}.0, openssl >= 1.0.2
+BuildPrereq: autoconf, libtool, doxygen, apr-devel >=
%{aprmajor}.%{aprminor}.0, openssl >= 3.0.0
%description
The mission of the Tomcat Native Library (TCN) is to provide a
@@ -38,7 +38,7 @@ contains additional utility interfaces for Java.
%package devel
Group: Development/Libraries
Summary: Tomcat Native development kit
-Requires: tcnative = %{version}-%{release}, apr-devel >=
%{aprmajor}.%{aprminor}.0, openssl-devel >= 1.0.2
+Requires: tcnative = %{version}-%{release}, apr-devel >=
%{aprmajor}.%{aprminor}.0, openssl-devel >= 3.0.0
%description devel
The mission of the Tomcat Native Library (TCN) is to provide a
diff --git a/native/build/tcnative.m4 b/native/build/tcnative.m4
index 9681586ae..4997968a5 100644
--- a/native/build/tcnative.m4
+++ b/native/build/tcnative.m4
@@ -149,137 +149,112 @@ dnl as the help string.
AC_DEFUN(TCN_HELP_STRING,[ifelse(regexp(AC_ACVERSION, 2\.1), -1,
AC_HELP_STRING($1,$2),[ ]$1 substr([ ],len($1))$2)])dnl
dnl
-dnl TCN_CHECK_SSL_TOOLKIT
+dnl TCN_FIND_SSL_TOOLKIT
dnl
dnl Configure for the detected openssl toolkit installation, giving
dnl preference to "--with-ssl=" if it was specified.
dnl
-AC_DEFUN(TCN_CHECK_SSL_TOOLKIT,[
-AC_MSG_CHECKING(for OpenSSL library)
-AC_ARG_WITH(ssl,
-[ --with-ssl[=PATH] Build with OpenSSL [yes|no|path]],
-use_openssl="$withval", use_openssl="auto")
-
-openssldirs="/usr /usr/local /usr/local/ssl /usr/pkg /usr/sfw"
-if test "$use_openssl" = "auto"
-then
+AC_DEFUN([TCN_FIND_SSL_TOOLKIT],[
+ AC_ARG_WITH(ssl,[ --with-ssl=DIR Specify the location of your OpenSSL
installation],[
+AC_MSG_CHECKING([for OpenSSL library])
+if test -d "$withval"
+then
+ use_openssl="$withval"
+ AC_MSG_RESULT([$use_openssl])
+else
+ AC_MSG_RESULT([failed])
+ AC_MSG_ERROR([$withval is not a directory])
+fi
+ ])
+
+ if test "x$use_openssl" = x
+ then
+# User did not specify a path - guess it
+AC_MSG_CHECKING([for OpenSSL location])
+openssldirs="/usr /usr/local /usr/local/ssl /usr/pkg /usr/sfw"
for d in $ope
[tomcat-native] 02/02: Minimum APR version is now 1.7.0
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat-native.git
commit 25196d38d5bff5c5db8ae6d09e112dc5d3f26277
Author: Mark Thomas
AuthorDate: Wed May 25 16:13:54 2022 +0100
Minimum APR version is now 1.7.0
---
native/src/jnilib.c | 6 +++---
xdocs/miscellaneous/changelog.xml | 3 +++
2 files changed, 6 insertions(+), 3 deletions(-)
diff --git a/native/src/jnilib.c b/native/src/jnilib.c
index 32f5151dd..97284fb1c 100644
--- a/native/src/jnilib.c
+++ b/native/src/jnilib.c
@@ -70,12 +70,12 @@ JNIEXPORT jint JNICALL JNI_OnLoad(JavaVM *vm, void
*reserved)
tcn_global_vm = vm;
env = (JNIEnv *)ppe;
/* Before doing anything else check if we have a valid
- * APR version. We need version 1.4.3 as minimum.
+ * APR version. We need version 1.7.0 as minimum.
*/
apr_version(&apv);
apvn = apv.major * 1000 + apv.minor * 100 + apv.patch;
-if (apvn < 1403) {
-tcn_Throw(env, "Unsupported APR version %s: this tcnative requires at
least 1.4.3",
+if (apvn < 1700) {
+tcn_Throw(env, "Unsupported APR version %s: this tcnative requires at
least 1.7.0",
apr_version_string());
return JNI_ERR;
}
diff --git a/xdocs/miscellaneous/changelog.xml
b/xdocs/miscellaneous/changelog.xml
index b75237453..3dc6e0461 100644
--- a/xdocs/miscellaneous/changelog.xml
+++ b/xdocs/miscellaneous/changelog.xml
@@ -41,6 +41,9 @@
Update the minimum required version of OpenSSL to 3.0.0 and make it a
madatory dependency. (markt)
+
+ Update the minimum required version of APR to 1.7.0. (markt)
+
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat-native] branch main updated (08a19997a -> 25196d38d)
This is an automated email from the ASF dual-hosted git repository. markt pushed a change to branch main in repository https://gitbox.apache.org/repos/asf/tomcat-native.git from 08a19997a Update from 1.2.x to 2.0.x new f7930fa16 Update OpenSSL to 3.0.0 and make it required new 25196d38d Minimum APR version is now 1.7.0 The 2 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "add" were already present in the repository and have only been added to this reference. Summary of changes: CMakeLists.txt| 2 +- native/NMAKEmakefile | 2 +- native/build/rpm/tcnative.spec.in | 4 +- native/build/tcnative.m4 | 193 -- native/configure.in | 24 +-- native/libtcnative.dsp| 4 +- native/src/jnilib.c | 6 +- native/src/ssl.c | 407 -- native/src/sslconf.c | 60 -- native/src/sslcontext.c | 364 -- native/src/sslutils.c | 2 - native/srclib/VERSIONS| 39 +--- native/tcnative.dsp | 4 +- xdocs/miscellaneous/changelog.xml | 7 + 14 files changed, 109 insertions(+), 1009 deletions(-) - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat-native] branch main updated: Remove NPN support
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat-native.git
The following commit(s) were added to refs/heads/main by this push:
new 15ec9876b Remove NPN support
15ec9876b is described below
commit 15ec9876b828572e10f9d0c9a2350961078f923c
Author: Mark Thomas
AuthorDate: Wed May 25 15:55:45 2022 +0100
Remove NPN support
---
download_deps.sh | 2 +-
native/include/ssl_private.h | 4 +---
native/src/ssl.c | 18 --
native/src/sslcontext.c | 22 +-
native/src/sslutils.c | 18 --
xdocs/miscellaneous/changelog.xml | 4
6 files changed, 7 insertions(+), 61 deletions(-)
diff --git a/download_deps.sh b/download_deps.sh
index ca6c46096..d9d7cd796 100755
--- a/download_deps.sh
+++ b/download_deps.sh
@@ -1,6 +1,6 @@
#!/bin/sh
-# Small script to get a recent openssl, with npn support
+# Small script to get a recent openssl
# Will run configure and build_libs to generate the .s files
cd $(dirname $0)
diff --git a/native/include/ssl_private.h b/native/include/ssl_private.h
index f6b2840a8..fc0f6ba9b 100644
--- a/native/include/ssl_private.h
+++ b/native/include/ssl_private.h
@@ -246,7 +246,7 @@ extern ENGINE *tcn_ssl_engine;
#define HAVE_KEYLOG_CALLBACK
#endif
-#define MAX_ALPN_NPN_PROTO_SIZE 65535
+#define MAX_ALPN_PROTO_SIZE 65535
#define SSL_SELECTOR_FAILURE_CHOOSE_MY_LAST_PROTOCOL1
typedef struct {
@@ -391,8 +391,6 @@ voidSSL_callback_handshake(const SSL *, int, int);
int SSL_CTX_use_certificate_chain(SSL_CTX *, const char *, int);
int SSL_callback_SSL_verify(int, X509_STORE_CTX *);
int SSL_rand_seed(const char *file);
-int SSL_callback_next_protos(SSL *, const unsigned char **, unsigned
int *, void *);
-int SSL_callback_select_next_proto(SSL *, unsigned char **, unsigned
char *, const unsigned char *, unsigned int,void *);
int SSL_callback_alpn_select_proto(SSL *, const unsigned char **,
unsigned char *, const unsigned char *, unsigned int, void *);
#ifdef HAVE_KEYLOG_CALLBACK
voidSSL_callback_add_keylog(SSL_CTX *);
diff --git a/native/src/ssl.c b/native/src/ssl.c
index ca6a5c26a..c48cb4247 100644
--- a/native/src/ssl.c
+++ b/native/src/ssl.c
@@ -1667,24 +1667,6 @@ TCN_IMPLEMENT_CALL(jint, SSL,
getPostHandshakeAuthInProgress)(TCN_STDARGS,
#endif
}
-/* Read which protocol was negotiated for the given SSL *. */
-TCN_IMPLEMENT_CALL(jstring, SSL, getNextProtoNegotiated)(TCN_STDARGS,
- jlong ssl /* SSL *
*/) {
-SSL *ssl_ = J2P(ssl, SSL *);
-const unsigned char *proto;
-unsigned int proto_len;
-
-if (ssl_ == NULL) {
-tcn_ThrowException(e, "ssl is null");
-return NULL;
-}
-
-UNREFERENCED(o);
-
-SSL_get0_next_proto_negotiated(ssl_, &proto, &proto_len);
-return tcn_new_stringn(e, (const char *)proto, (size_t) proto_len);
-}
-
/*** End Twitter API Additions ***/
/*** Apple API Additions ***/
diff --git a/native/src/sslcontext.c b/native/src/sslcontext.c
index d01c9d532..b69b4480f 100644
--- a/native/src/sslcontext.c
+++ b/native/src/sslcontext.c
@@ -1612,7 +1612,7 @@ static int initProtocols(JNIEnv *e, const tcn_ssl_ctxt_t
*c, unsigned char **pro
proto_chars = (*e)->GetStringUTFChars(e, proto_string, 0);
proto_chars_len = strlen(proto_chars);
- if (proto_chars_len > 0 && proto_chars_len <=
MAX_ALPN_NPN_PROTO_SIZE) {
+ if (proto_chars_len > 0 && proto_chars_len <= MAX_ALPN_PROTO_SIZE) {
// We need to add +1 as each protocol is prefixed by it's length
(unsigned char).
// For all except of the last one we already have the extra space
as everything is
// delimited by ','.
@@ -1655,26 +1655,6 @@ static int initProtocols(JNIEnv *e, const tcn_ssl_ctxt_t
*c, unsigned char **pro
}
}
-TCN_IMPLEMENT_CALL(void, SSLContext, setNpnProtos)(TCN_STDARGS, jlong ctx,
jobjectArray next_protos,
-jint selectorFailureBehavior)
-{
-tcn_ssl_ctxt_t *c = J2P(ctx, tcn_ssl_ctxt_t *);
-
-TCN_ASSERT(ctx != 0);
-UNREFERENCED(o);
-
-if (initProtocols(e, c, &c->next_proto_data, &c->next_proto_len,
next_protos) == 0) {
-c->next_selector_failure_behavior = selectorFailureBehavior;
-
-// depending on if it's client mode or not we need to call different
functions.
-if (c->mode == SSL_MODE_CLIENT) {
-SSL_CTX_set_next_proto_select_cb(c->ctx,
SSL_callback_select_next_proto, (void *)c);
-} else {
-SSL_CTX_set_next_protos_advertised_cb(c->ctx,
SSL_callback_next_protos, (void *)c);
-}
-}
-}
-
TCN_IMPLEMENT_CALL(void, SSLContext, setAlpnProtos)(TCN_STDARGS, jlong ctx,
jobjectArray alpn_protos,
jint selectorFailureBehavio
[tomcat-native] branch main updated (15ec9876b -> a8f07805e)
This is an automated email from the ASF dual-hosted git repository. markt pushed a change to branch main in repository https://gitbox.apache.org/repos/asf/tomcat-native.git from 15ec9876b Remove NPN support new b6952740d Minimum OpenSSl version is 3.0.0 is keylog callback is always available new a8f07805e Remove conditional compilation expressions for OpenSSL versions before 3 The 2 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "add" were already present in the repository and have only been added to this reference. Summary of changes: native/include/ssl_private.h | 14 ++--- native/src/ssl.c | 50 +-- native/src/sslcontext.c | 146 ++- native/src/sslutils.c| 11 4 files changed, 39 insertions(+), 182 deletions(-) - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat-native] 02/02: Remove conditional compilation expressions for OpenSSL versions before 3
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat-native.git
commit a8f07805eb0bd8897239c7a8f8a4581ffd3fb2c9
Author: Mark Thomas
AuthorDate: Wed May 25 19:04:26 2022 +0100
Remove conditional compilation expressions for OpenSSL versions before 3
---
native/include/ssl_private.h | 8 +--
native/src/ssl.c | 42 +
native/src/sslcontext.c | 144 ++-
native/src/sslutils.c| 11
4 files changed, 39 insertions(+), 166 deletions(-)
diff --git a/native/include/ssl_private.h b/native/include/ssl_private.h
index 4d99ece20..be0c7d563 100644
--- a/native/include/ssl_private.h
+++ b/native/include/ssl_private.h
@@ -214,8 +214,8 @@ extern ENGINE *tcn_ssl_engine;
#endif /* !defined(OPENSSL_NO_TLSEXT) && defined(SSL_set_tlsext_host_name) */
-/* OpenSSL 1.0.2 compatibility */
-#if OPENSSL_VERSION_NUMBER < 0x1010L || defined(LIBRESSL_VERSION_NUMBER)
+/* LibreSSL compatibility */
+#if defined(LIBRESSL_VERSION_NUMBER)
#define OpenSSL_version SSLeay_version
#define OpenSSL_version_num SSLeay
#define OPENSSL_VERSION SSLEAY_VERSION
@@ -240,7 +240,7 @@ extern ENGINE *tcn_ssl_engine;
#define TLS_method SSLv23_method
#define TLS_client_methodSSLv23_client_method
#define TLS_server_methodSSLv23_server_method
-#endif /* OPENSSL_VERSION_NUMBER < 0x1010L ||
defined(LIBRESSL_VERSION_NUMBER) */
+#endif /* defined(LIBRESSL_VERSION_NUMBER) */
#define MAX_ALPN_PROTO_SIZE 65535
#define SSL_SELECTOR_FAILURE_CHOOSE_MY_LAST_PROTOCOL1
@@ -390,7 +390,7 @@ int SSL_rand_seed(const char *file);
int SSL_callback_alpn_select_proto(SSL *, const unsigned char **,
unsigned char *, const unsigned char *, unsigned int, void *);
voidSSL_callback_add_keylog(SSL_CTX *);
-#if (OPENSSL_VERSION_NUMBER < 0x1010L || defined(LIBRESSL_VERSION_NUMBER))
&& ! (defined(WIN32) || defined(WIN64))
+#if defined(LIBRESSL_VERSION_NUMBER) && ! (defined(WIN32) || defined(WIN64))
unsigned long SSL_ERR_get(void);
void SSL_ERR_clear(void);
#else
diff --git a/native/src/ssl.c b/native/src/ssl.c
index fa8209cbe..d6f19ef44 100644
--- a/native/src/ssl.c
+++ b/native/src/ssl.c
@@ -43,7 +43,7 @@ static void ssl_keylog_callback(const SSL *ssl, const char
*line)
static jclass byteArrayClass;
static jclass stringClass;
-#if OPENSSL_VERSION_NUMBER < 0x1010L || defined(LIBRESSL_VERSION_NUMBER)
+#if defined(LIBRESSL_VERSION_NUMBER)
/* Global reference to the pool used by the dynamic mutexes */
static apr_pool_t *dynlockpool = NULL;
@@ -207,8 +207,8 @@ static const jint supported_ssl_opts = 0
#endif
| 0;
-#if OPENSSL_VERSION_NUMBER < 0x1010L || defined(LIBRESSL_VERSION_NUMBER)
-/* OpenSSL Pre-1.1.0 compatibility */
+#if defined(LIBRESSL_VERSION_NUMBER)
+/* LibreSSL compatibility */
/* Taken from OpenSSL 1.1.0 snapshot 20160410 */
int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g)
{
@@ -316,7 +316,7 @@ DH *SSL_get_dh_params(unsigned keylen)
return NULL; /* impossible to reach. */
}
-#if OPENSSL_VERSION_NUMBER >= 0x1010L && !defined(LIBRESSL_VERSION_NUMBER)
+#if !defined(LIBRESSL_VERSION_NUMBER)
static void init_bio_methods(void);
static void free_bio_methods(void);
#endif
@@ -344,7 +344,7 @@ static apr_status_t ssl_init_cleanup(void *data)
return APR_SUCCESS;
ssl_initialized = 0;
-#if (OPENSSL_VERSION_NUMBER < 0x1010L || defined(LIBRESSL_VERSION_NUMBER))
&& ! (defined(WIN32) || defined(WIN64))
+#if defined(LIBRESSL_VERSION_NUMBER) && ! (defined(WIN32) || defined(WIN64))
if (threadkey_initialized) {
threadkey_initialized = 0;
apr_threadkey_private_delete(thread_exit_key);
@@ -357,7 +357,7 @@ static apr_status_t ssl_init_cleanup(void *data)
tcn_password_callback.cb.obj);
}
-#if OPENSSL_VERSION_NUMBER >= 0x1010L && !defined(LIBRESSL_VERSION_NUMBER)
+#if !defined(LIBRESSL_VERSION_NUMBER)
free_bio_methods();
#endif
free_dh_params();
@@ -370,7 +370,7 @@ static apr_status_t ssl_init_cleanup(void *data)
}
#endif
-#if OPENSSL_VERSION_NUMBER >= 0x1010L && !defined(LIBRESSL_VERSION_NUMBER)
+#if !defined(LIBRESSL_VERSION_NUMBER)
/* Openssl v1.1+ handles all termination automatically. Do
* nothing in this case.
*/
@@ -378,9 +378,6 @@ static apr_status_t ssl_init_cleanup(void *data)
/*
* Try to kill the internals of the SSL library.
*/
-#ifdef OPENSSL_FIPS
-FIPS_mode_set(0);
-#endif
/* Corresponds to OPENSSL_load_builtin_modules() */
CONF_modules_free();
/* Corresponds to SSL_library_init: */
@@ -392,9 +389,7 @@ static apr_status_t ssl_init_cleanup(void *data)
SSL_COMP_free_compression_methods();
#endif
CRYPTO_cleanup_all_
[tomcat-native] 01/02: Minimum OpenSSl version is 3.0.0 is keylog callback is always available
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat-native.git
commit b6952740dd64fa8ea7edd1764d4b14661527a0eb
Author: Mark Thomas
AuthorDate: Wed May 25 16:15:02 2022 +0100
Minimum OpenSSl version is 3.0.0 is keylog callback is always available
---
native/include/ssl_private.h | 6 --
native/src/ssl.c | 8
native/src/sslcontext.c | 2 --
3 files changed, 16 deletions(-)
diff --git a/native/include/ssl_private.h b/native/include/ssl_private.h
index fc0f6ba9b..4d99ece20 100644
--- a/native/include/ssl_private.h
+++ b/native/include/ssl_private.h
@@ -242,10 +242,6 @@ extern ENGINE *tcn_ssl_engine;
#define TLS_server_methodSSLv23_server_method
#endif /* OPENSSL_VERSION_NUMBER < 0x1010L ||
defined(LIBRESSL_VERSION_NUMBER) */
-#if OPENSSL_VERSION_NUMBER >= 0x10101000L && !defined(LIBRESSL_VERSION_NUMBER)
-#define HAVE_KEYLOG_CALLBACK
-#endif
-
#define MAX_ALPN_PROTO_SIZE 65535
#define SSL_SELECTOR_FAILURE_CHOOSE_MY_LAST_PROTOCOL1
@@ -392,9 +388,7 @@ int SSL_CTX_use_certificate_chain(SSL_CTX *, const
char *, int);
int SSL_callback_SSL_verify(int, X509_STORE_CTX *);
int SSL_rand_seed(const char *file);
int SSL_callback_alpn_select_proto(SSL *, const unsigned char **,
unsigned char *, const unsigned char *, unsigned int, void *);
-#ifdef HAVE_KEYLOG_CALLBACK
voidSSL_callback_add_keylog(SSL_CTX *);
-#endif
#if (OPENSSL_VERSION_NUMBER < 0x1010L || defined(LIBRESSL_VERSION_NUMBER))
&& ! (defined(WIN32) || defined(WIN64))
unsigned long SSL_ERR_get(void);
diff --git a/native/src/ssl.c b/native/src/ssl.c
index c48cb4247..fa8209cbe 100644
--- a/native/src/ssl.c
+++ b/native/src/ssl.c
@@ -29,7 +29,6 @@ extern apr_pool_t *tcn_global_pool;
ENGINE *tcn_ssl_engine = NULL;
tcn_pass_cb_t tcn_password_callback;
-#ifdef HAVE_KEYLOG_CALLBACK
static BIO *key_log_file = NULL;
static void ssl_keylog_callback(const SSL *ssl, const char *line)
@@ -39,7 +38,6 @@ static void ssl_keylog_callback(const SSL *ssl, const char
*line)
BIO_puts(key_log_file, "\n");
}
}
-#endif
/* From netty-tcnative */
static jclass byteArrayClass;
@@ -293,14 +291,12 @@ static void free_dh_params(void)
}
}
-#ifdef HAVE_KEYLOG_CALLBACK
void SSL_callback_add_keylog(SSL_CTX *ctx)
{
if (key_log_file) {
SSL_CTX_set_keylog_callback(ctx, ssl_keylog_callback);
}
}
-#endif
/* Hand out the same DH structure though once generated as we leak
* memory otherwise and freeing the structure up after use would be
@@ -401,12 +397,10 @@ static apr_status_t ssl_init_cleanup(void *data)
#endif
#endif
-#ifdef HAVE_KEYLOG_CALLBACK
if (key_log_file) {
BIO_free(key_log_file);
key_log_file = NULL;
}
-#endif
/* Don't call ERR_free_strings here; ERR_load_*_strings only
* actually load the error strings once per process due to static
@@ -863,7 +857,6 @@ TCN_IMPLEMENT_CALL(jint, SSL, initialize)(TCN_STDARGS,
jstring engine)
sClazz = (*e)->FindClass(e, "java/lang/String");
stringClass = (jclass) (*e)->NewGlobalRef(e, sClazz);
-#ifdef HAVE_KEYLOG_CALLBACK
if (!key_log_file) {
char *key_log_file_name = getenv("SSLKEYLOGFILE");
if (key_log_file_name) {
@@ -877,7 +870,6 @@ TCN_IMPLEMENT_CALL(jint, SSL, initialize)(TCN_STDARGS,
jstring engine)
}
}
}
-#endif
return (jint)APR_SUCCESS;
}
diff --git a/native/src/sslcontext.c b/native/src/sslcontext.c
index b69b4480f..80a252021 100644
--- a/native/src/sslcontext.c
+++ b/native/src/sslcontext.c
@@ -325,9 +325,7 @@ TCN_IMPLEMENT_CALL(jlong, SSLContext, make)(TCN_STDARGS,
jlong pool,
goto init_failed;
}
-#ifdef HAVE_KEYLOG_CALLBACK
SSL_callback_add_keylog(ctx);
-#endif
c->protocol = protocol;
c->mode = mode;
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: [tomcat-native] 01/02: Minimum OpenSSl version is 3.0.0 is keylog callback is always available
Mark,
On 5/31/22 11:30, ma...@apache.org wrote:
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat-native.git
commit b6952740dd64fa8ea7edd1764d4b14661527a0eb
Author: Mark Thomas
AuthorDate: Wed May 25 16:15:02 2022 +0100
Minimum OpenSSl version is 3.0.0 is keylog callback is always available
If the minimum version of OpenSSL is 3.0.0, then probably MANY MANY
#ifdefs can be removed.
Removing the would, of course, cause lots of merge conflicts when
back-ports are done so it's probably not worth it. Given that (chaos),
I'm curious: why did you remove this one in particular?
-chris
---
native/include/ssl_private.h | 6 --
native/src/ssl.c | 8
native/src/sslcontext.c | 2 --
3 files changed, 16 deletions(-)
diff --git a/native/include/ssl_private.h b/native/include/ssl_private.h
index fc0f6ba9b..4d99ece20 100644
--- a/native/include/ssl_private.h
+++ b/native/include/ssl_private.h
@@ -242,10 +242,6 @@ extern ENGINE *tcn_ssl_engine;
#define TLS_server_methodSSLv23_server_method
#endif /* OPENSSL_VERSION_NUMBER < 0x1010L ||
defined(LIBRESSL_VERSION_NUMBER) */
-#if OPENSSL_VERSION_NUMBER >= 0x10101000L && !defined(LIBRESSL_VERSION_NUMBER)
-#define HAVE_KEYLOG_CALLBACK
-#endif
-
#define MAX_ALPN_PROTO_SIZE 65535
#define SSL_SELECTOR_FAILURE_CHOOSE_MY_LAST_PROTOCOL1
@@ -392,9 +388,7 @@ int SSL_CTX_use_certificate_chain(SSL_CTX *, const char *, int);
int SSL_callback_SSL_verify(int, X509_STORE_CTX *);
int SSL_rand_seed(const char *file);
int SSL_callback_alpn_select_proto(SSL *, const unsigned char **,
unsigned char *, const unsigned char *, unsigned int, void *);
-#ifdef HAVE_KEYLOG_CALLBACK
voidSSL_callback_add_keylog(SSL_CTX *);
-#endif
#if (OPENSSL_VERSION_NUMBER < 0x1010L || defined(LIBRESSL_VERSION_NUMBER)) && ! (defined(WIN32) || defined(WIN64))
unsigned long SSL_ERR_get(void);
diff --git a/native/src/ssl.c b/native/src/ssl.c
index c48cb4247..fa8209cbe 100644
--- a/native/src/ssl.c
+++ b/native/src/ssl.c
@@ -29,7 +29,6 @@ extern apr_pool_t *tcn_global_pool;
ENGINE *tcn_ssl_engine = NULL;
tcn_pass_cb_t tcn_password_callback;
-#ifdef HAVE_KEYLOG_CALLBACK
static BIO *key_log_file = NULL;
static void ssl_keylog_callback(const SSL *ssl, const char *line)
@@ -39,7 +38,6 @@ static void ssl_keylog_callback(const SSL *ssl, const char
*line)
BIO_puts(key_log_file, "\n");
}
}
-#endif
/* From netty-tcnative */
static jclass byteArrayClass;
@@ -293,14 +291,12 @@ static void free_dh_params(void)
}
}
-#ifdef HAVE_KEYLOG_CALLBACK
void SSL_callback_add_keylog(SSL_CTX *ctx)
{
if (key_log_file) {
SSL_CTX_set_keylog_callback(ctx, ssl_keylog_callback);
}
}
-#endif
/* Hand out the same DH structure though once generated as we leak
* memory otherwise and freeing the structure up after use would be
@@ -401,12 +397,10 @@ static apr_status_t ssl_init_cleanup(void *data)
#endif
#endif
-#ifdef HAVE_KEYLOG_CALLBACK
if (key_log_file) {
BIO_free(key_log_file);
key_log_file = NULL;
}
-#endif
/* Don't call ERR_free_strings here; ERR_load_*_strings only
* actually load the error strings once per process due to static
@@ -863,7 +857,6 @@ TCN_IMPLEMENT_CALL(jint, SSL, initialize)(TCN_STDARGS,
jstring engine)
sClazz = (*e)->FindClass(e, "java/lang/String");
stringClass = (jclass) (*e)->NewGlobalRef(e, sClazz);
-#ifdef HAVE_KEYLOG_CALLBACK
if (!key_log_file) {
char *key_log_file_name = getenv("SSLKEYLOGFILE");
if (key_log_file_name) {
@@ -877,7 +870,6 @@ TCN_IMPLEMENT_CALL(jint, SSL, initialize)(TCN_STDARGS,
jstring engine)
}
}
}
-#endif
return (jint)APR_SUCCESS;
}
diff --git a/native/src/sslcontext.c b/native/src/sslcontext.c
index b69b4480f..80a252021 100644
--- a/native/src/sslcontext.c
+++ b/native/src/sslcontext.c
@@ -325,9 +325,7 @@ TCN_IMPLEMENT_CALL(jlong, SSLContext, make)(TCN_STDARGS,
jlong pool,
goto init_failed;
}
-#ifdef HAVE_KEYLOG_CALLBACK
SSL_callback_add_keylog(ctx);
-#endif
c->protocol = protocol;
c->mode = mode;
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: [tomcat-native] 01/02: Minimum OpenSSl version is 3.0.0 is keylog callback is always available
On 31/05/2022 17:34, Christopher Schultz wrote: Mark, On 5/31/22 11:30, ma...@apache.org wrote: This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/tomcat-native.git commit b6952740dd64fa8ea7edd1764d4b14661527a0eb Author: Mark Thomas AuthorDate: Wed May 25 16:15:02 2022 +0100 Minimum OpenSSl version is 3.0.0 is keylog callback is always available If the minimum version of OpenSSL is 3.0.0, then probably MANY MANY #ifdefs can be removed. Removing the would, of course, cause lots of merge conflicts when back-ports are done so it's probably not worth it. Given that (chaos), I'm curious: why did you remove this one in particular? A lot look like they might need to stay - at least in some form - if we want to continue to support LibreSSL in Tomcat Native 2.0.x. I do have a large commit that removes a lot of unused code. I need to wait until Tomcat Native 1.2.34 is released before I merge that commit else Tomcat 10.1.x won't be able to use Tomcat Native unless you build Tomcat native from source. I'm generally removing stuff as I spot that it is no longer required. My intention is to remove everything I can. The merge conflicts might not be too bad... On that topic, I originally made the decision to keep LibreSSL support when I thought that 10.1.x would required Tomcat Native 2.0.x. The plan has since shifted and 10.1.x will ship with Tomcat Native 2.0.x but will still be able to use (a sufficiently recent) Tomcat Native 1.2.x. With that in mind, do we want to keep LibreSSL support in Tomcat Native 2.0.x? Mark - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: [tomcat-native] 01/02: Minimum OpenSSl version is 3.0.0 is keylog callback is always available
On Tue, May 31, 2022 at 6:48 PM Mark Thomas wrote: > > On 31/05/2022 17:34, Christopher Schultz wrote: > > Mark, > > > > On 5/31/22 11:30, ma...@apache.org wrote: > >> This is an automated email from the ASF dual-hosted git repository. > >> > >> markt pushed a commit to branch main > >> in repository https://gitbox.apache.org/repos/asf/tomcat-native.git > >> > >> commit b6952740dd64fa8ea7edd1764d4b14661527a0eb > >> Author: Mark Thomas > >> AuthorDate: Wed May 25 16:15:02 2022 +0100 > >> > >> Minimum OpenSSl version is 3.0.0 is keylog callback is always > >> available > > > > If the minimum version of OpenSSL is 3.0.0, then probably MANY MANY > > #ifdefs can be removed. > > > > Removing the would, of course, cause lots of merge conflicts when > > back-ports are done so it's probably not worth it. Given that (chaos), > > I'm curious: why did you remove this one in particular? > > A lot look like they might need to stay - at least in some form - if we > want to continue to support LibreSSL in Tomcat Native 2.0.x. > > I do have a large commit that removes a lot of unused code. I need to > wait until Tomcat Native 1.2.34 is released before I merge that commit > else Tomcat 10.1.x won't be able to use Tomcat Native unless you build > Tomcat native from source. > > I'm generally removing stuff as I spot that it is no longer required. My > intention is to remove everything I can. The merge conflicts might not > be too bad... > > On that topic, I originally made the decision to keep LibreSSL support > when I thought that 10.1.x would required Tomcat Native 2.0.x. The plan > has since shifted and 10.1.x will ship with Tomcat Native 2.0.x but will > still be able to use (a sufficiently recent) Tomcat Native 1.2.x. With > that in mind, do we want to keep LibreSSL support in Tomcat Native 2.0.x? If tomcat-native 2.0 is fully aligned with what the Panama code does (so no LibreSSL), it would be better for a future transition to it. OTOH, it would force supporting 1.2 for (much) longer. Rémy - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: [tomcat-native] 01/02: Minimum OpenSSl version is 3.0.0 is keylog callback is always available
On 31/05/2022 17:59, Rémy Maucherat wrote: On Tue, May 31, 2022 at 6:48 PM Mark Thomas wrote: On that topic, I originally made the decision to keep LibreSSL support when I thought that 10.1.x would required Tomcat Native 2.0.x. The plan has since shifted and 10.1.x will ship with Tomcat Native 2.0.x but will still be able to use (a sufficiently recent) Tomcat Native 1.2.x. With that in mind, do we want to keep LibreSSL support in Tomcat Native 2.0.x? If tomcat-native 2.0 is fully aligned with what the Panama code does (so no LibreSSL), it would be better for a future transition to it. OTOH, it would force supporting 1.2 for (much) longer. Hmm. Tricky. If we assume that we need to support Tomcat Native 1.x until EOL of 9.0.x (due to the o.a.t.u.jni package) the we will be supporting 1.x for (best guess) until 2028 or so. OpenSSL 1.1.1 is EOL 2023-09-11 so there is a 4/5 year gap there. However, various distributions are committed to supporting OpenSSL 1.1.1 for much longer. Looking at the various timescales, I think we should be helpful to the downstream distributions where we can but they are going to have to take on some of the maintenance work for their LTS distributions once OpenSSL 1.1.1 reaches EOL. So that starts to look like 1.3.x (built with OpenSSL 3.0.x) around the middle of next year. That should be good to Sept 2026. Not sure what we'd for the last few years of 9.0.x. 1.4.x built on whatever the new OpenSSL LTS is? Then what do we do with LibreSSL? Maintain support in the 1.x branch? Given the direction of travel (towards Panama and using OpenSSL directly) how much effort do we want to put into LibreSSL support? Do we want to announce an early EOL for the deprecated parts of the o.a.t.u.jni package with a view to removing them during the lifetime of 8.5.x and 9.0.x? That would simplify planning (Tomcat Native 1.2.x would EOL at the same time). But it would be highly unusual for us to do that and could cause breakage with a point release. What about LibreSSL? Are we looking towards a panama module for LibreSSL and then some glue code so you can swap between panama modules for different TLS native libraries? Lots of questions there. Nothing jumps out at me as the "obvious" plan. Thoughts? Mark - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch main updated: Include major version in the Tomcat Native recommended version
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/main by this push:
new 7ddb09b031 Include major version in the Tomcat Native recommended
version
7ddb09b031 is described below
commit 7ddb09b03129083214800f45a01fefa5d1db3476
Author: Mark Thomas
AuthorDate: Tue May 31 19:06:53 2022 +0100
Include major version in the Tomcat Native recommended version
---
java/org/apache/catalina/core/AprLifecycleListener.java | 9 -
webapps/docs/changelog.xml | 4
2 files changed, 8 insertions(+), 5 deletions(-)
diff --git a/java/org/apache/catalina/core/AprLifecycleListener.java
b/java/org/apache/catalina/core/AprLifecycleListener.java
index 0ab75c121a..865131136f 100644
--- a/java/org/apache/catalina/core/AprLifecycleListener.java
+++ b/java/org/apache/catalina/core/AprLifecycleListener.java
@@ -16,7 +16,6 @@
*/
package org.apache.catalina.core;
-
import java.lang.reflect.InvocationTargetException;
import java.lang.reflect.Method;
import java.util.ArrayList;
@@ -34,8 +33,6 @@ import org.apache.tomcat.jni.SSL;
import org.apache.tomcat.util.ExceptionUtils;
import org.apache.tomcat.util.res.StringManager;
-
-
/**
* Implementation of LifecycleListener that will init and
* and destroy APR.
@@ -53,6 +50,7 @@ import org.apache.tomcat.util.res.StringManager;
public class AprLifecycleListener implements LifecycleListener {
private static final Log log =
LogFactory.getLog(AprLifecycleListener.class);
+
/**
* Info messages during init() are cached until Lifecycle.BEFORE_INIT_EVENT
* so that, in normal (non-error) cases, init() related log messages appear
@@ -68,15 +66,16 @@ public class AprLifecycleListener implements
LifecycleListener {
// -- Constants
-
protected static final int TCN_REQUIRED_MAJOR = 1;
protected static final int TCN_REQUIRED_MINOR = 2;
protected static final int TCN_REQUIRED_PATCH = 14;
+protected static final int TCN_RECOMMENDED_MAJOR = 1;
protected static final int TCN_RECOMMENDED_MINOR = 2;
protected static final int TCN_RECOMMENDED_PV = 30;
// -- Properties
+
protected static String SSLEngine = "on"; //default on
protected static String FIPSMode = "off"; // default off, valid only when
SSLEngine="on"
protected static String SSLRandomSeed = "builtin";
@@ -192,7 +191,7 @@ public class AprLifecycleListener implements
LifecycleListener {
int patch = 0;
int apver = 0;
int rqver = TCN_REQUIRED_MAJOR * 1000 + TCN_REQUIRED_MINOR * 100 +
TCN_REQUIRED_PATCH;
-int rcver = TCN_REQUIRED_MAJOR * 1000 + TCN_RECOMMENDED_MINOR * 100 +
TCN_RECOMMENDED_PV;
+int rcver = TCN_RECOMMENDED_MAJOR * 1000 + TCN_RECOMMENDED_MINOR * 100
+ TCN_RECOMMENDED_PV;
if (AprStatus.isAprInitialized()) {
return;
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 3f4c2e9ad2..ca415aa134 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -129,6 +129,10 @@
RemoteIPValve persist after the request is put into
asynchronous mode. (markt)
+
+Include the major version in the recommended version used for Tomcat
+Native with the AprLifecycleListener. (markt)
+
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 10.0.x updated: Include major version in the Tomcat Native recommended version
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 10.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/10.0.x by this push:
new 7c081f641a Include major version in the Tomcat Native recommended
version
7c081f641a is described below
commit 7c081f641a0534891440468eb590b4fefb0d0d92
Author: Mark Thomas
AuthorDate: Tue May 31 19:06:53 2022 +0100
Include major version in the Tomcat Native recommended version
---
java/org/apache/catalina/core/AprLifecycleListener.java | 9 -
webapps/docs/changelog.xml | 4
2 files changed, 8 insertions(+), 5 deletions(-)
diff --git a/java/org/apache/catalina/core/AprLifecycleListener.java
b/java/org/apache/catalina/core/AprLifecycleListener.java
index 0ab75c121a..865131136f 100644
--- a/java/org/apache/catalina/core/AprLifecycleListener.java
+++ b/java/org/apache/catalina/core/AprLifecycleListener.java
@@ -16,7 +16,6 @@
*/
package org.apache.catalina.core;
-
import java.lang.reflect.InvocationTargetException;
import java.lang.reflect.Method;
import java.util.ArrayList;
@@ -34,8 +33,6 @@ import org.apache.tomcat.jni.SSL;
import org.apache.tomcat.util.ExceptionUtils;
import org.apache.tomcat.util.res.StringManager;
-
-
/**
* Implementation of LifecycleListener that will init and
* and destroy APR.
@@ -53,6 +50,7 @@ import org.apache.tomcat.util.res.StringManager;
public class AprLifecycleListener implements LifecycleListener {
private static final Log log =
LogFactory.getLog(AprLifecycleListener.class);
+
/**
* Info messages during init() are cached until Lifecycle.BEFORE_INIT_EVENT
* so that, in normal (non-error) cases, init() related log messages appear
@@ -68,15 +66,16 @@ public class AprLifecycleListener implements
LifecycleListener {
// -- Constants
-
protected static final int TCN_REQUIRED_MAJOR = 1;
protected static final int TCN_REQUIRED_MINOR = 2;
protected static final int TCN_REQUIRED_PATCH = 14;
+protected static final int TCN_RECOMMENDED_MAJOR = 1;
protected static final int TCN_RECOMMENDED_MINOR = 2;
protected static final int TCN_RECOMMENDED_PV = 30;
// -- Properties
+
protected static String SSLEngine = "on"; //default on
protected static String FIPSMode = "off"; // default off, valid only when
SSLEngine="on"
protected static String SSLRandomSeed = "builtin";
@@ -192,7 +191,7 @@ public class AprLifecycleListener implements
LifecycleListener {
int patch = 0;
int apver = 0;
int rqver = TCN_REQUIRED_MAJOR * 1000 + TCN_REQUIRED_MINOR * 100 +
TCN_REQUIRED_PATCH;
-int rcver = TCN_REQUIRED_MAJOR * 1000 + TCN_RECOMMENDED_MINOR * 100 +
TCN_RECOMMENDED_PV;
+int rcver = TCN_RECOMMENDED_MAJOR * 1000 + TCN_RECOMMENDED_MINOR * 100
+ TCN_RECOMMENDED_PV;
if (AprStatus.isAprInitialized()) {
return;
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 37faed1e7e..4468c08de7 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -129,6 +129,10 @@
RemoteIPValve persist after the request is put into
asynchronous mode. (markt)
+
+Include the major version in the recommended version used for Tomcat
+Native with the AprLifecycleListener. (markt)
+
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 9.0.x updated: Include major version in the Tomcat Native recommended version
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/9.0.x by this push:
new 14996f800a Include major version in the Tomcat Native recommended
version
14996f800a is described below
commit 14996f800aeaed59008eedc8c195889697dfc8e1
Author: Mark Thomas
AuthorDate: Tue May 31 19:06:53 2022 +0100
Include major version in the Tomcat Native recommended version
---
java/org/apache/catalina/core/AprLifecycleListener.java | 9 -
webapps/docs/changelog.xml | 4
2 files changed, 8 insertions(+), 5 deletions(-)
diff --git a/java/org/apache/catalina/core/AprLifecycleListener.java
b/java/org/apache/catalina/core/AprLifecycleListener.java
index 6009c60d63..d16f7fea30 100644
--- a/java/org/apache/catalina/core/AprLifecycleListener.java
+++ b/java/org/apache/catalina/core/AprLifecycleListener.java
@@ -16,7 +16,6 @@
*/
package org.apache.catalina.core;
-
import java.lang.reflect.InvocationTargetException;
import java.lang.reflect.Method;
import java.util.ArrayList;
@@ -34,8 +33,6 @@ import org.apache.tomcat.jni.SSL;
import org.apache.tomcat.util.ExceptionUtils;
import org.apache.tomcat.util.res.StringManager;
-
-
/**
* Implementation of LifecycleListener that will init and
* and destroy APR.
@@ -53,6 +50,7 @@ import org.apache.tomcat.util.res.StringManager;
public class AprLifecycleListener implements LifecycleListener {
private static final Log log =
LogFactory.getLog(AprLifecycleListener.class);
+
/**
* Info messages during init() are cached until Lifecycle.BEFORE_INIT_EVENT
* so that, in normal (non-error) cases, init() related log messages appear
@@ -68,15 +66,16 @@ public class AprLifecycleListener implements
LifecycleListener {
// -- Constants
-
protected static final int TCN_REQUIRED_MAJOR = 1;
protected static final int TCN_REQUIRED_MINOR = 2;
protected static final int TCN_REQUIRED_PATCH = 14;
+protected static final int TCN_RECOMMENDED_MAJOR = 1;
protected static final int TCN_RECOMMENDED_MINOR = 2;
protected static final int TCN_RECOMMENDED_PV = 30;
// -- Properties
+
protected static String SSLEngine = "on"; //default on
protected static String FIPSMode = "off"; // default off, valid only when
SSLEngine="on"
protected static String SSLRandomSeed = "builtin";
@@ -192,7 +191,7 @@ public class AprLifecycleListener implements
LifecycleListener {
int patch = 0;
int apver = 0;
int rqver = TCN_REQUIRED_MAJOR * 1000 + TCN_REQUIRED_MINOR * 100 +
TCN_REQUIRED_PATCH;
-int rcver = TCN_REQUIRED_MAJOR * 1000 + TCN_RECOMMENDED_MINOR * 100 +
TCN_RECOMMENDED_PV;
+int rcver = TCN_RECOMMENDED_MAJOR * 1000 + TCN_RECOMMENDED_MINOR * 100
+ TCN_RECOMMENDED_PV;
if (AprStatus.isAprInitialized()) {
return;
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 7c3b3d11a6..c1ecdc81d6 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -129,6 +129,10 @@
RemoteIPValve persist after the request is put into
asynchronous mode. (markt)
+
+Include the major version in the recommended version used for Tomcat
+Native with the AprLifecycleListener. (markt)
+
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 8.5.x updated: Include major version in the Tomcat Native recommended version
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/8.5.x by this push:
new e5fb671a1f Include major version in the Tomcat Native recommended
version
e5fb671a1f is described below
commit e5fb671a1f9c6e229d542bcd7bc02252eb20f4bb
Author: Mark Thomas
AuthorDate: Tue May 31 19:06:53 2022 +0100
Include major version in the Tomcat Native recommended version
---
java/org/apache/catalina/core/AprLifecycleListener.java | 10 +-
webapps/docs/changelog.xml | 4
2 files changed, 9 insertions(+), 5 deletions(-)
diff --git a/java/org/apache/catalina/core/AprLifecycleListener.java
b/java/org/apache/catalina/core/AprLifecycleListener.java
index 862b51361a..4fdbc6c500 100644
--- a/java/org/apache/catalina/core/AprLifecycleListener.java
+++ b/java/org/apache/catalina/core/AprLifecycleListener.java
@@ -16,7 +16,6 @@
*/
package org.apache.catalina.core;
-
import java.lang.reflect.InvocationTargetException;
import java.lang.reflect.Method;
import java.util.ArrayList;
@@ -34,8 +33,6 @@ import org.apache.tomcat.jni.SSL;
import org.apache.tomcat.util.ExceptionUtils;
import org.apache.tomcat.util.res.StringManager;
-
-
/**
* Implementation of LifecycleListener that will init and
* and destroy APR.
@@ -53,7 +50,9 @@ import org.apache.tomcat.util.res.StringManager;
public class AprLifecycleListener implements LifecycleListener {
private static final Log log =
LogFactory.getLog(AprLifecycleListener.class);
+
private static boolean instanceCreated = false;
+
/**
* Info messages during init() are cached until Lifecycle.BEFORE_INIT_EVENT
* so that, in normal (non-error) cases, init() related log messages appear
@@ -69,15 +68,16 @@ public class AprLifecycleListener implements
LifecycleListener {
// -- Constants
-
protected static final int TCN_REQUIRED_MAJOR = 1;
protected static final int TCN_REQUIRED_MINOR = 2;
protected static final int TCN_REQUIRED_PATCH = 14;
+protected static final int TCN_RECOMMENDED_MAJOR = 1;
protected static final int TCN_RECOMMENDED_MINOR = 2;
protected static final int TCN_RECOMMENDED_PV = 30;
// -- Properties
+
protected static String SSLEngine = "on"; //default on
protected static String FIPSMode = "off"; // default off, valid only when
SSLEngine="on"
protected static String SSLRandomSeed = "builtin";
@@ -197,7 +197,7 @@ public class AprLifecycleListener implements
LifecycleListener {
int patch = 0;
int apver = 0;
int rqver = TCN_REQUIRED_MAJOR * 1000 + TCN_REQUIRED_MINOR * 100 +
TCN_REQUIRED_PATCH;
-int rcver = TCN_REQUIRED_MAJOR * 1000 + TCN_RECOMMENDED_MINOR * 100 +
TCN_RECOMMENDED_PV;
+int rcver = TCN_RECOMMENDED_MAJOR * 1000 + TCN_RECOMMENDED_MINOR * 100
+ TCN_RECOMMENDED_PV;
if (aprInitialized) {
return;
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index af5c307e70..cab494ea09 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -125,6 +125,10 @@
RemoteIPValve persist after the request is put into
asynchronous mode. (markt)
+
+Include the major version in the recommended version used for Tomcat
+Native with the AprLifecycleListener. (markt)
+
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch main updated: Remove the reporting of the unused APR feature flags.
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/main by this push:
new 192f0d889f Remove the reporting of the unused APR feature flags.
192f0d889f is described below
commit 192f0d889f4e57f811e1aa1306d9eb28f7d7d5b2
Author: Mark Thomas
AuthorDate: Tue May 31 19:27:48 2022 +0100
Remove the reporting of the unused APR feature flags.
---
java/org/apache/catalina/core/AprLifecycleListener.java | 8
java/org/apache/catalina/core/LocalStrings.properties | 1 -
java/org/apache/catalina/core/LocalStrings_es.properties| 1 -
java/org/apache/catalina/core/LocalStrings_fr.properties| 1 -
java/org/apache/catalina/core/LocalStrings_ja.properties| 1 -
java/org/apache/catalina/core/LocalStrings_ko.properties| 1 -
java/org/apache/catalina/core/LocalStrings_zh_CN.properties | 1 -
webapps/docs/changelog.xml | 3 +++
8 files changed, 3 insertions(+), 14 deletions(-)
diff --git a/java/org/apache/catalina/core/AprLifecycleListener.java
b/java/org/apache/catalina/core/AprLifecycleListener.java
index 865131136f..839343b7bc 100644
--- a/java/org/apache/catalina/core/AprLifecycleListener.java
+++ b/java/org/apache/catalina/core/AprLifecycleListener.java
@@ -249,14 +249,6 @@ public class AprLifecycleListener implements
LifecycleListener {
Library.versionString(),
Library.aprVersionString()));
-// Log APR flags
-initInfoLogMessages.add(sm.getString("aprListener.flags",
-Boolean.valueOf(Library.APR_HAVE_IPV6),
-Boolean.valueOf(Library.APR_HAS_SENDFILE),
-Boolean.valueOf(Library.APR_HAS_SO_ACCEPTFILTER),
-Boolean.valueOf(Library.APR_HAS_RANDOM),
-Boolean.valueOf(Library.APR_HAVE_UNIX)));
-
AprStatus.setAprAvailable(true);
}
diff --git a/java/org/apache/catalina/core/LocalStrings.properties
b/java/org/apache/catalina/core/LocalStrings.properties
index 0fd769eaef..e0ae670445 100644
--- a/java/org/apache/catalina/core/LocalStrings.properties
+++ b/java/org/apache/catalina/core/LocalStrings.properties
@@ -74,7 +74,6 @@ aprListener.aprInitDebug=The Apache Tomcat Native library
could not be found usi
aprListener.aprInitError=The Apache Tomcat Native library failed to load. The
error reported was [{0}]
aprListener.currentFIPSMode=Current FIPS mode: [{0}]
aprListener.enterAlreadyInFIPSMode=AprLifecycleListener is configured to force
entering FIPS mode, but library is already in FIPS mode [{0}]
-aprListener.flags=APR capabilities: IPv6 [{0}], sendfile [{1}], accept filters
[{2}], random [{3}], UDS [{4}].
aprListener.initializeFIPSFailed=Failed to enter FIPS mode
aprListener.initializeFIPSSuccess=Successfully entered FIPS mode
aprListener.initializedOpenSSL=OpenSSL successfully initialized [{0}]
diff --git a/java/org/apache/catalina/core/LocalStrings_es.properties
b/java/org/apache/catalina/core/LocalStrings_es.properties
index a49be00548..7e8748f1b7 100644
--- a/java/org/apache/catalina/core/LocalStrings_es.properties
+++ b/java/org/apache/catalina/core/LocalStrings_es.properties
@@ -57,7 +57,6 @@ applicationServletRegistration.setServletSecurity.ise=No se
pueden añadir restr
aprListener.aprDestroy=No pude apagar la biblioteca nativa de Apache Tomcat
aprListener.aprInit=La biblioteca nativa de Apache Tomcat basada en ARP que
permite un rendimiento óptimo en entornos de desarrollo no ha sido hallada en
java.library.path: [{0}]
-aprListener.flags=Capacidades APR: IPv6 [{0}], enviar fichero [{1}], aceptar
filtros [{2}], aleatorio [{3}], UDS [{4}].
aprListener.initializedOpenSSL=OpenSSL inicializado correctamente [{0}]
aprListener.initializingFIPS=Inicializando modo FIPS...
aprListener.sslInit=No pude inicializar el SSLEngine (Motor SSL)
diff --git a/java/org/apache/catalina/core/LocalStrings_fr.properties
b/java/org/apache/catalina/core/LocalStrings_fr.properties
index a61c810c98..25ccf04b36 100644
--- a/java/org/apache/catalina/core/LocalStrings_fr.properties
+++ b/java/org/apache/catalina/core/LocalStrings_fr.properties
@@ -74,7 +74,6 @@ aprListener.aprInitDebug=La librairie Apache Tomcat Native
basée sur APR n''a p
aprListener.aprInitError=La librairie Apache Tomcat Native basée sur APR n''a
pas pu être chargée, l''erreur retournée est [{0}]
aprListener.currentFIPSMode=Mode FIPS actuel : [{0}]
aprListener.enterAlreadyInFIPSMode=AprLifecycleListener est configuré pour
forcer le mode FIPS mais la librairie est déjà en mode FIPS [{0}]
-aprListener.flags=Fonctionnalités d''APR : IPv6 [{0}], sendfile [{1}], accept
filters [{2}], random [{3}], UDS [{4}]
aprListener.initializeFIPSFailed=Echec d'entrée en mode FIPS
aprListener.initializeFIPSSuccess=Entrée avec succès en mode FIPS
aprListener.initializedOpenSSL=OpenSSL a é
[tomcat] branch main updated: Deprecate unused code
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/main by this push:
new 9afbb3d67c Deprecate unused code
9afbb3d67c is described below
commit 9afbb3d67c7157f4d42b8d855f629db1b6f346f5
Author: Mark Thomas
AuthorDate: Tue May 31 19:38:34 2022 +0100
Deprecate unused code
---
java/org/apache/tomcat/jni/Library.java | 6 ++
1 file changed, 6 insertions(+)
diff --git a/java/org/apache/tomcat/jni/Library.java
b/java/org/apache/tomcat/jni/Library.java
index 05e02d87dc..ec84b968d2 100644
--- a/java/org/apache/tomcat/jni/Library.java
+++ b/java/org/apache/tomcat/jni/Library.java
@@ -269,7 +269,10 @@ public final class Library {
* configurations), so that it can be loaded by multiple Webapps.
*
* @param filename - absolute path of the native library
+ *
+ * @deprecated Unused. Will be removed in Tomcat 10.1.x
*/
+@Deprecated
public static void load(String filename){
System.load(filename);
}
@@ -287,7 +290,10 @@ public final class Library {
* configurations), so that it can be loaded by multiple Webapps.
*
* @param libname - the name of the native library
+ *
+ * @deprecated Unused. Will be removed in Tomcat 10.1.x
*/
+@Deprecated
public static void loadLibrary(String libname){
System.loadLibrary(libname);
}
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 10.0.x updated: Deprecate unused code
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 10.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/10.0.x by this push:
new 79c77e31da Deprecate unused code
79c77e31da is described below
commit 79c77e31da5ee0860947ce881e719c2934ba378f
Author: Mark Thomas
AuthorDate: Tue May 31 19:38:34 2022 +0100
Deprecate unused code
---
java/org/apache/tomcat/jni/Library.java | 6 ++
1 file changed, 6 insertions(+)
diff --git a/java/org/apache/tomcat/jni/Library.java
b/java/org/apache/tomcat/jni/Library.java
index 05e02d87dc..ec84b968d2 100644
--- a/java/org/apache/tomcat/jni/Library.java
+++ b/java/org/apache/tomcat/jni/Library.java
@@ -269,7 +269,10 @@ public final class Library {
* configurations), so that it can be loaded by multiple Webapps.
*
* @param filename - absolute path of the native library
+ *
+ * @deprecated Unused. Will be removed in Tomcat 10.1.x
*/
+@Deprecated
public static void load(String filename){
System.load(filename);
}
@@ -287,7 +290,10 @@ public final class Library {
* configurations), so that it can be loaded by multiple Webapps.
*
* @param libname - the name of the native library
+ *
+ * @deprecated Unused. Will be removed in Tomcat 10.1.x
*/
+@Deprecated
public static void loadLibrary(String libname){
System.loadLibrary(libname);
}
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 8.5.x updated: Deprecate unused code
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/8.5.x by this push:
new 1b961e7ece Deprecate unused code
1b961e7ece is described below
commit 1b961e7ece6a73fe1d7dd85e80a1fbbc49b2279e
Author: Mark Thomas
AuthorDate: Tue May 31 19:38:34 2022 +0100
Deprecate unused code
---
java/org/apache/tomcat/jni/Library.java | 6 ++
1 file changed, 6 insertions(+)
diff --git a/java/org/apache/tomcat/jni/Library.java
b/java/org/apache/tomcat/jni/Library.java
index f6199a6534..d82a752c1c 100644
--- a/java/org/apache/tomcat/jni/Library.java
+++ b/java/org/apache/tomcat/jni/Library.java
@@ -237,7 +237,10 @@ public final class Library {
* configurations), so that it can be loaded by multiple Webapps.
*
* @param filename - absolute path of the native library
+ *
+ * @deprecated Unused. Will be removed in Tomcat 10.1.x
*/
+@Deprecated
public static void load(String filename){
System.load(filename);
}
@@ -255,7 +258,10 @@ public final class Library {
* configurations), so that it can be loaded by multiple Webapps.
*
* @param libname - the name of the native library
+ *
+ * @deprecated Unused. Will be removed in Tomcat 10.1.x
*/
+@Deprecated
public static void loadLibrary(String libname){
System.loadLibrary(libname);
}
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 9.0.x updated: Deprecate unused code
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/9.0.x by this push:
new cde10d265b Deprecate unused code
cde10d265b is described below
commit cde10d265b42c317448b0baf3f451e38263cf3d6
Author: Mark Thomas
AuthorDate: Tue May 31 19:38:34 2022 +0100
Deprecate unused code
---
java/org/apache/tomcat/jni/Library.java | 6 ++
1 file changed, 6 insertions(+)
diff --git a/java/org/apache/tomcat/jni/Library.java
b/java/org/apache/tomcat/jni/Library.java
index 05e02d87dc..ec84b968d2 100644
--- a/java/org/apache/tomcat/jni/Library.java
+++ b/java/org/apache/tomcat/jni/Library.java
@@ -269,7 +269,10 @@ public final class Library {
* configurations), so that it can be loaded by multiple Webapps.
*
* @param filename - absolute path of the native library
+ *
+ * @deprecated Unused. Will be removed in Tomcat 10.1.x
*/
+@Deprecated
public static void load(String filename){
System.load(filename);
}
@@ -287,7 +290,10 @@ public final class Library {
* configurations), so that it can be loaded by multiple Webapps.
*
* @param libname - the name of the native library
+ *
+ * @deprecated Unused. Will be removed in Tomcat 10.1.x
*/
+@Deprecated
public static void loadLibrary(String libname){
System.loadLibrary(libname);
}
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch main updated: Remove unused code
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/main by this push:
new 8ee6741d06 Remove unused code
8ee6741d06 is described below
commit 8ee6741d06195e7efbbca4690beb1705a5462e12
Author: Mark Thomas
AuthorDate: Tue May 31 19:39:15 2022 +0100
Remove unused code
---
java/org/apache/tomcat/jni/Library.java | 43 -
1 file changed, 43 deletions(-)
diff --git a/java/org/apache/tomcat/jni/Library.java
b/java/org/apache/tomcat/jni/Library.java
index ec84b968d2..3beb0d2562 100644
--- a/java/org/apache/tomcat/jni/Library.java
+++ b/java/org/apache/tomcat/jni/Library.java
@@ -255,47 +255,4 @@ public final class Library {
}
return initialize();
}
-
-/**
- * Calls System.load(filename). System.load() associates the
- * loaded library with the class loader of the class that called
- * the System method. A native library may not be loaded by more
- * than one class loader, so calling the System method from a class that
- * was loaded by a Webapp class loader will make it impossible for
- * other Webapps to load it.
- *
- * Using this method will load the native library via a shared class
- * loader (typically the Common class loader, but may vary in some
- * configurations), so that it can be loaded by multiple Webapps.
- *
- * @param filename - absolute path of the native library
- *
- * @deprecated Unused. Will be removed in Tomcat 10.1.x
- */
-@Deprecated
-public static void load(String filename){
-System.load(filename);
-}
-
-/**
- * Calls System.loadLibrary(libname). System.loadLibrary() associates the
- * loaded library with the class loader of the class that called
- * the System method. A native library may not be loaded by more
- * than one class loader, so calling the System method from a class that
- * was loaded by a Webapp class loader will make it impossible for
- * other Webapps to load it.
- *
- * Using this method will load the native library via a shared class
- * loader (typically the Common class loader, but may vary in some
- * configurations), so that it can be loaded by multiple Webapps.
- *
- * @param libname - the name of the native library
- *
- * @deprecated Unused. Will be removed in Tomcat 10.1.x
- */
-@Deprecated
-public static void loadLibrary(String libname){
-System.loadLibrary(libname);
-}
-
}
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch main updated: Deprecate the unused APR feature flags
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/main by this push:
new bceabb38f4 Deprecate the unused APR feature flags
bceabb38f4 is described below
commit bceabb38f43b63819f0382c1c4a868282640b55c
Author: Mark Thomas
AuthorDate: Tue May 31 19:45:53 2022 +0100
Deprecate the unused APR feature flags
---
java/org/apache/tomcat/jni/Library.java | 30 ++
1 file changed, 30 insertions(+)
diff --git a/java/org/apache/tomcat/jni/Library.java
b/java/org/apache/tomcat/jni/Library.java
index 3beb0d2562..fced9180ed 100644
--- a/java/org/apache/tomcat/jni/Library.java
+++ b/java/org/apache/tomcat/jni/Library.java
@@ -137,51 +137,81 @@ public final class Library {
public static native String aprVersionString();
/* APR Feature Macros */
+@Deprecated
public static boolean APR_HAVE_IPV6 = false;
+@Deprecated
public static boolean APR_HAS_SHARED_MEMORY = false;
+@Deprecated
public static boolean APR_HAS_THREADS = false;
+@Deprecated
public static boolean APR_HAS_SENDFILE= false;
+@Deprecated
public static boolean APR_HAS_MMAP= false;
+@Deprecated
public static boolean APR_HAS_FORK= false;
+@Deprecated
public static boolean APR_HAS_RANDOM = false;
+@Deprecated
public static boolean APR_HAS_OTHER_CHILD = false;
+@Deprecated
public static boolean APR_HAS_DSO = false;
+@Deprecated
public static boolean APR_HAS_SO_ACCEPTFILTER = false;
+@Deprecated
public static boolean APR_HAS_UNICODE_FS = false;
+@Deprecated
public static boolean APR_HAS_PROC_INVOKED= false;
+@Deprecated
public static boolean APR_HAS_USER= false;
+@Deprecated
public static boolean APR_HAS_LARGE_FILES = false;
+@Deprecated
public static boolean APR_HAS_XTHREAD_FILES = false;
+@Deprecated
public static boolean APR_HAS_OS_UUID = false;
/* Are we big endian? */
+@Deprecated
public static boolean APR_IS_BIGENDIAN= false;
/* APR sets APR_FILES_AS_SOCKETS to 1 on systems where it is possible
* to poll on files/pipes.
*/
+@Deprecated
public static boolean APR_FILES_AS_SOCKETS= false;
/* This macro indicates whether or not EBCDIC is the native character set.
*/
+@Deprecated
public static boolean APR_CHARSET_EBCDIC = false;
/* Is the TCP_NODELAY socket option inherited from listening sockets?
*/
+@Deprecated
public static boolean APR_TCP_NODELAY_INHERITED = false;
/* Is the O_NONBLOCK flag inherited from listening sockets?
*/
+@Deprecated
public static boolean APR_O_NONBLOCK_INHERITED = false;
/* Poll operations are interruptable by apr_pollset_wakeup().
*/
+@Deprecated
public static boolean APR_POLLSET_WAKEABLE = false;
/* Support for Unix Domain Sockets.
*/
+@Deprecated
public static boolean APR_HAVE_UNIX = false;
+@Deprecated
public static int APR_SIZEOF_VOIDP;
+@Deprecated
public static int APR_PATH_MAX;
+@Deprecated
public static int APRMAXHOSTLEN;
+@Deprecated
public static int APR_MAX_IOVEC_SIZE;
+@Deprecated
public static int APR_MAX_SECS_TO_LINGER;
+@Deprecated
public static int APR_MMAP_THRESHOLD;
+@Deprecated
public static int APR_MMAP_LIMIT;
/* return global TCN's APR pool */
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 10.0.x updated: Deprecate the unused APR feature flags
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 10.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/10.0.x by this push:
new 588d145fb1 Deprecate the unused APR feature flags
588d145fb1 is described below
commit 588d145fb1b0e79fdc13d04dae1c199145372ad4
Author: Mark Thomas
AuthorDate: Tue May 31 19:45:53 2022 +0100
Deprecate the unused APR feature flags
---
java/org/apache/tomcat/jni/Library.java | 30 ++
1 file changed, 30 insertions(+)
diff --git a/java/org/apache/tomcat/jni/Library.java
b/java/org/apache/tomcat/jni/Library.java
index ec84b968d2..b7febeb43d 100644
--- a/java/org/apache/tomcat/jni/Library.java
+++ b/java/org/apache/tomcat/jni/Library.java
@@ -137,51 +137,81 @@ public final class Library {
public static native String aprVersionString();
/* APR Feature Macros */
+@Deprecated
public static boolean APR_HAVE_IPV6 = false;
+@Deprecated
public static boolean APR_HAS_SHARED_MEMORY = false;
+@Deprecated
public static boolean APR_HAS_THREADS = false;
+@Deprecated
public static boolean APR_HAS_SENDFILE= false;
+@Deprecated
public static boolean APR_HAS_MMAP= false;
+@Deprecated
public static boolean APR_HAS_FORK= false;
+@Deprecated
public static boolean APR_HAS_RANDOM = false;
+@Deprecated
public static boolean APR_HAS_OTHER_CHILD = false;
+@Deprecated
public static boolean APR_HAS_DSO = false;
+@Deprecated
public static boolean APR_HAS_SO_ACCEPTFILTER = false;
+@Deprecated
public static boolean APR_HAS_UNICODE_FS = false;
+@Deprecated
public static boolean APR_HAS_PROC_INVOKED= false;
+@Deprecated
public static boolean APR_HAS_USER= false;
+@Deprecated
public static boolean APR_HAS_LARGE_FILES = false;
+@Deprecated
public static boolean APR_HAS_XTHREAD_FILES = false;
+@Deprecated
public static boolean APR_HAS_OS_UUID = false;
/* Are we big endian? */
+@Deprecated
public static boolean APR_IS_BIGENDIAN= false;
/* APR sets APR_FILES_AS_SOCKETS to 1 on systems where it is possible
* to poll on files/pipes.
*/
+@Deprecated
public static boolean APR_FILES_AS_SOCKETS= false;
/* This macro indicates whether or not EBCDIC is the native character set.
*/
+@Deprecated
public static boolean APR_CHARSET_EBCDIC = false;
/* Is the TCP_NODELAY socket option inherited from listening sockets?
*/
+@Deprecated
public static boolean APR_TCP_NODELAY_INHERITED = false;
/* Is the O_NONBLOCK flag inherited from listening sockets?
*/
+@Deprecated
public static boolean APR_O_NONBLOCK_INHERITED = false;
/* Poll operations are interruptable by apr_pollset_wakeup().
*/
+@Deprecated
public static boolean APR_POLLSET_WAKEABLE = false;
/* Support for Unix Domain Sockets.
*/
+@Deprecated
public static boolean APR_HAVE_UNIX = false;
+@Deprecated
public static int APR_SIZEOF_VOIDP;
+@Deprecated
public static int APR_PATH_MAX;
+@Deprecated
public static int APRMAXHOSTLEN;
+@Deprecated
public static int APR_MAX_IOVEC_SIZE;
+@Deprecated
public static int APR_MAX_SECS_TO_LINGER;
+@Deprecated
public static int APR_MMAP_THRESHOLD;
+@Deprecated
public static int APR_MMAP_LIMIT;
/* return global TCN's APR pool */
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 9.0.x updated: Deprecate the unused APR feature flags
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/9.0.x by this push:
new a305620685 Deprecate the unused APR feature flags
a305620685 is described below
commit a305620685d413e712d43cef9e52685b28b953f9
Author: Mark Thomas
AuthorDate: Tue May 31 19:45:53 2022 +0100
Deprecate the unused APR feature flags
---
java/org/apache/tomcat/jni/Library.java | 30 ++
1 file changed, 30 insertions(+)
diff --git a/java/org/apache/tomcat/jni/Library.java
b/java/org/apache/tomcat/jni/Library.java
index ec84b968d2..b7febeb43d 100644
--- a/java/org/apache/tomcat/jni/Library.java
+++ b/java/org/apache/tomcat/jni/Library.java
@@ -137,51 +137,81 @@ public final class Library {
public static native String aprVersionString();
/* APR Feature Macros */
+@Deprecated
public static boolean APR_HAVE_IPV6 = false;
+@Deprecated
public static boolean APR_HAS_SHARED_MEMORY = false;
+@Deprecated
public static boolean APR_HAS_THREADS = false;
+@Deprecated
public static boolean APR_HAS_SENDFILE= false;
+@Deprecated
public static boolean APR_HAS_MMAP= false;
+@Deprecated
public static boolean APR_HAS_FORK= false;
+@Deprecated
public static boolean APR_HAS_RANDOM = false;
+@Deprecated
public static boolean APR_HAS_OTHER_CHILD = false;
+@Deprecated
public static boolean APR_HAS_DSO = false;
+@Deprecated
public static boolean APR_HAS_SO_ACCEPTFILTER = false;
+@Deprecated
public static boolean APR_HAS_UNICODE_FS = false;
+@Deprecated
public static boolean APR_HAS_PROC_INVOKED= false;
+@Deprecated
public static boolean APR_HAS_USER= false;
+@Deprecated
public static boolean APR_HAS_LARGE_FILES = false;
+@Deprecated
public static boolean APR_HAS_XTHREAD_FILES = false;
+@Deprecated
public static boolean APR_HAS_OS_UUID = false;
/* Are we big endian? */
+@Deprecated
public static boolean APR_IS_BIGENDIAN= false;
/* APR sets APR_FILES_AS_SOCKETS to 1 on systems where it is possible
* to poll on files/pipes.
*/
+@Deprecated
public static boolean APR_FILES_AS_SOCKETS= false;
/* This macro indicates whether or not EBCDIC is the native character set.
*/
+@Deprecated
public static boolean APR_CHARSET_EBCDIC = false;
/* Is the TCP_NODELAY socket option inherited from listening sockets?
*/
+@Deprecated
public static boolean APR_TCP_NODELAY_INHERITED = false;
/* Is the O_NONBLOCK flag inherited from listening sockets?
*/
+@Deprecated
public static boolean APR_O_NONBLOCK_INHERITED = false;
/* Poll operations are interruptable by apr_pollset_wakeup().
*/
+@Deprecated
public static boolean APR_POLLSET_WAKEABLE = false;
/* Support for Unix Domain Sockets.
*/
+@Deprecated
public static boolean APR_HAVE_UNIX = false;
+@Deprecated
public static int APR_SIZEOF_VOIDP;
+@Deprecated
public static int APR_PATH_MAX;
+@Deprecated
public static int APRMAXHOSTLEN;
+@Deprecated
public static int APR_MAX_IOVEC_SIZE;
+@Deprecated
public static int APR_MAX_SECS_TO_LINGER;
+@Deprecated
public static int APR_MMAP_THRESHOLD;
+@Deprecated
public static int APR_MMAP_LIMIT;
/* return global TCN's APR pool */
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 8.5.x updated: Deprecate the unused APR feature flags
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/8.5.x by this push:
new 943b098ac0 Deprecate the unused APR feature flags
943b098ac0 is described below
commit 943b098ac0435aada223271975d029882956a94a
Author: Mark Thomas
AuthorDate: Tue May 31 19:45:53 2022 +0100
Deprecate the unused APR feature flags
---
java/org/apache/tomcat/jni/Library.java | 29 -
1 file changed, 28 insertions(+), 1 deletion(-)
diff --git a/java/org/apache/tomcat/jni/Library.java
b/java/org/apache/tomcat/jni/Library.java
index d82a752c1c..0d542c0852 100644
--- a/java/org/apache/tomcat/jni/Library.java
+++ b/java/org/apache/tomcat/jni/Library.java
@@ -113,45 +113,72 @@ public final class Library {
public static native String aprVersionString();
/* APR Feature Macros */
+@Deprecated
public static boolean APR_HAVE_IPV6 = false;
+@Deprecated
public static boolean APR_HAS_SHARED_MEMORY = false;
+@Deprecated
public static boolean APR_HAS_THREADS = false;
+@Deprecated
public static boolean APR_HAS_SENDFILE= false;
+@Deprecated
public static boolean APR_HAS_MMAP= false;
+@Deprecated
public static boolean APR_HAS_FORK= false;
+@Deprecated
public static boolean APR_HAS_RANDOM = false;
+@Deprecated
public static boolean APR_HAS_OTHER_CHILD = false;
+@Deprecated
public static boolean APR_HAS_DSO = false;
+@Deprecated
public static boolean APR_HAS_SO_ACCEPTFILTER = false;
+@Deprecated
public static boolean APR_HAS_UNICODE_FS = false;
+@Deprecated
public static boolean APR_HAS_PROC_INVOKED= false;
+@Deprecated
public static boolean APR_HAS_USER= false;
+@Deprecated
public static boolean APR_HAS_LARGE_FILES = false;
+@Deprecated
public static boolean APR_HAS_XTHREAD_FILES = false;
+@Deprecated
public static boolean APR_HAS_OS_UUID = false;
/* Are we big endian? */
+@Deprecated
public static boolean APR_IS_BIGENDIAN= false;
/* APR sets APR_FILES_AS_SOCKETS to 1 on systems where it is possible
* to poll on files/pipes.
*/
+@Deprecated
public static boolean APR_FILES_AS_SOCKETS= false;
/* This macro indicates whether or not EBCDIC is the native character set.
*/
+@Deprecated
public static boolean APR_CHARSET_EBCDIC = false;
/* Is the TCP_NODELAY socket option inherited from listening sockets?
*/
+@Deprecated
public static boolean APR_TCP_NODELAY_INHERITED = false;
/* Is the O_NONBLOCK flag inherited from listening sockets?
*/
+@Deprecated
public static boolean APR_O_NONBLOCK_INHERITED = false;
-
+@Deprecated
public static int APR_SIZEOF_VOIDP;
+@Deprecated
public static int APR_PATH_MAX;
+@Deprecated
public static int APRMAXHOSTLEN;
+@Deprecated
public static int APR_MAX_IOVEC_SIZE;
+@Deprecated
public static int APR_MAX_SECS_TO_LINGER;
+@Deprecated
public static int APR_MMAP_THRESHOLD;
+@Deprecated
public static int APR_MMAP_LIMIT;
/* return global TCN's APR pool */
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch main updated: Remove deprecated, unused code
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/main by this push:
new f3bc9506bf Remove deprecated, unused code
f3bc9506bf is described below
commit f3bc9506bf48192804b20a566d3c8cec0755262f
Author: Mark Thomas
AuthorDate: Tue May 31 19:50:25 2022 +0100
Remove deprecated, unused code
---
java/org/apache/tomcat/jni/Library.java | 120
1 file changed, 120 deletions(-)
diff --git a/java/org/apache/tomcat/jni/Library.java
b/java/org/apache/tomcat/jni/Library.java
index fced9180ed..4461724a54 100644
--- a/java/org/apache/tomcat/jni/Library.java
+++ b/java/org/apache/tomcat/jni/Library.java
@@ -108,11 +108,7 @@ public final class Library {
*/
public static native void terminate();
/* Internal function for loading APR Features */
-private static native boolean has(int what);
-/* Internal function for loading APR Features */
private static native int version(int what);
-/* Internal function for loading APR sizes */
-private static native int size(int what);
/* TCN_MAJOR_VERSION */
public static int TCN_MAJOR_VERSION = 0;
@@ -136,88 +132,6 @@ public final class Library {
/* APR_VERSION_STRING */
public static native String aprVersionString();
-/* APR Feature Macros */
-@Deprecated
-public static boolean APR_HAVE_IPV6 = false;
-@Deprecated
-public static boolean APR_HAS_SHARED_MEMORY = false;
-@Deprecated
-public static boolean APR_HAS_THREADS = false;
-@Deprecated
-public static boolean APR_HAS_SENDFILE= false;
-@Deprecated
-public static boolean APR_HAS_MMAP= false;
-@Deprecated
-public static boolean APR_HAS_FORK= false;
-@Deprecated
-public static boolean APR_HAS_RANDOM = false;
-@Deprecated
-public static boolean APR_HAS_OTHER_CHILD = false;
-@Deprecated
-public static boolean APR_HAS_DSO = false;
-@Deprecated
-public static boolean APR_HAS_SO_ACCEPTFILTER = false;
-@Deprecated
-public static boolean APR_HAS_UNICODE_FS = false;
-@Deprecated
-public static boolean APR_HAS_PROC_INVOKED= false;
-@Deprecated
-public static boolean APR_HAS_USER= false;
-@Deprecated
-public static boolean APR_HAS_LARGE_FILES = false;
-@Deprecated
-public static boolean APR_HAS_XTHREAD_FILES = false;
-@Deprecated
-public static boolean APR_HAS_OS_UUID = false;
-/* Are we big endian? */
-@Deprecated
-public static boolean APR_IS_BIGENDIAN= false;
-/* APR sets APR_FILES_AS_SOCKETS to 1 on systems where it is possible
- * to poll on files/pipes.
- */
-@Deprecated
-public static boolean APR_FILES_AS_SOCKETS= false;
-/* This macro indicates whether or not EBCDIC is the native character set.
- */
-@Deprecated
-public static boolean APR_CHARSET_EBCDIC = false;
-/* Is the TCP_NODELAY socket option inherited from listening sockets?
- */
-@Deprecated
-public static boolean APR_TCP_NODELAY_INHERITED = false;
-/* Is the O_NONBLOCK flag inherited from listening sockets?
- */
-@Deprecated
-public static boolean APR_O_NONBLOCK_INHERITED = false;
-/* Poll operations are interruptable by apr_pollset_wakeup().
- */
-@Deprecated
-public static boolean APR_POLLSET_WAKEABLE = false;
-/* Support for Unix Domain Sockets.
- */
-@Deprecated
-public static boolean APR_HAVE_UNIX = false;
-
-
-@Deprecated
-public static int APR_SIZEOF_VOIDP;
-@Deprecated
-public static int APR_PATH_MAX;
-@Deprecated
-public static int APRMAXHOSTLEN;
-@Deprecated
-public static int APR_MAX_IOVEC_SIZE;
-@Deprecated
-public static int APR_MAX_SECS_TO_LINGER;
-@Deprecated
-public static int APR_MMAP_THRESHOLD;
-@Deprecated
-public static int APR_MMAP_LIMIT;
-
-/* return global TCN's APR pool */
-@Deprecated
-public static native long globalPool();
-
/**
* Setup any APR internal data structures. This MUST be the first function
* called for any APR library.
@@ -244,44 +158,10 @@ public final class Library {
APR_PATCH_VERSION = version(0x13);
APR_IS_DEV_VERSION = version(0x14);
-APR_SIZEOF_VOIDP= size(1);
-APR_PATH_MAX= size(2);
-APRMAXHOSTLEN = size(3);
-APR_MAX_IOVEC_SIZE = size(4);
-APR_MAX_SECS_TO_LINGER = size(5);
-APR_MMAP_THRESHOLD = size(6);
-APR_MMAP_LIMIT = size(7);
-
-APR_HAVE_IPV6 = has(0);
-APR_HAS_SHARED_MEMORY = has(1);
-
[tomcat] branch main updated: Tomcat Native 2.x onwards will require SSL
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/main by this push:
new e60f080415 Tomcat Native 2.x onwards will require SSL
e60f080415 is described below
commit e60f0804154a1434ef523d1db2b51c23e094ec40
Author: Mark Thomas
AuthorDate: Tue May 31 21:02:33 2022 +0100
Tomcat Native 2.x onwards will require SSL
---
java/org/apache/catalina/core/AprLifecycleListener.java | 11 +++
java/org/apache/catalina/core/LocalStrings.properties | 1 +
webapps/docs/config/listeners.xml | 3 +++
3 files changed, 15 insertions(+)
diff --git a/java/org/apache/catalina/core/AprLifecycleListener.java
b/java/org/apache/catalina/core/AprLifecycleListener.java
index 839343b7bc..6d2ef5df21 100644
--- a/java/org/apache/catalina/core/AprLifecycleListener.java
+++ b/java/org/apache/catalina/core/AprLifecycleListener.java
@@ -221,6 +221,17 @@ public class AprLifecycleListener implements
LifecycleListener {
log.warn(sm.getString("aprListener.aprInitError", t.getMessage()),
t);
return;
}
+if (major > 1 && "off".equalsIgnoreCase(SSLEngine)) {
+log.error(sm.getString("aprListener.sslRequired", SSLEngine,
Library.versionString()));
+try {
+// Tomcat Native 2.x onwards requires SSL
+terminateAPR();
+} catch (Throwable t) {
+t = ExceptionUtils.unwrapInvocationTargetException(t);
+ExceptionUtils.handleThrowable(t);
+}
+return;
+}
if (apver < rqver) {
log.error(sm.getString("aprListener.tcnInvalid",
Library.versionString(),
diff --git a/java/org/apache/catalina/core/LocalStrings.properties
b/java/org/apache/catalina/core/LocalStrings.properties
index e0ae670445..3b67c1fffd 100644
--- a/java/org/apache/catalina/core/LocalStrings.properties
+++ b/java/org/apache/catalina/core/LocalStrings.properties
@@ -81,6 +81,7 @@ aprListener.initializingFIPS=Initializing FIPS mode...
aprListener.requireNotInFIPSMode=AprLifecycleListener is configured to require
the library to already be in FIPS mode, but it was not in FIPS mode
aprListener.skipFIPSInitialization=Already in FIPS mode; skipping FIPS
initialization.
aprListener.sslInit=Failed to initialize the SSLEngine.
+aprListener.sslRequired=[{0}] is not a valid value for SSLEngine when using
version [{1}] of the Tomcat Native library since SSL is required for version
2.x onwards.
aprListener.tcnInvalid=An incompatible version [{0}] of the Apache Tomcat
Native library is installed, while Tomcat requires version [{1}]
aprListener.tcnValid=Loaded Apache Tomcat Native library [{0}] using APR
version [{1}].
aprListener.tcnVersion=An older version [{0}] of the Apache Tomcat Native
library is installed, while Tomcat recommends a minimum version of [{1}]
diff --git a/webapps/docs/config/listeners.xml
b/webapps/docs/config/listeners.xml
index 1638dfc175..be2b87aac1 100644
--- a/webapps/docs/config/listeners.xml
+++ b/webapps/docs/config/listeners.xml
@@ -103,6 +103,9 @@
See the http://www.openssl.org/";>Official OpenSSL
website
for more details on supported SSL hardware engines and manufacturers.
+Tomcat Native 2.x onwards requires SSL so if SSLEngine is set to
+off when using Tomcat Native 2.x onwards, the APR/native
+library will be disabled.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 10.0.x updated: Tomcat Native 2.x onwards will require SSL
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 10.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/10.0.x by this push:
new ad7281d113 Tomcat Native 2.x onwards will require SSL
ad7281d113 is described below
commit ad7281d11321fc73d00676d8147f5cc5a3d14ea0
Author: Mark Thomas
AuthorDate: Tue May 31 21:02:33 2022 +0100
Tomcat Native 2.x onwards will require SSL
---
java/org/apache/catalina/core/AprLifecycleListener.java | 11 +++
java/org/apache/catalina/core/LocalStrings.properties | 1 +
webapps/docs/config/listeners.xml | 3 +++
3 files changed, 15 insertions(+)
diff --git a/java/org/apache/catalina/core/AprLifecycleListener.java
b/java/org/apache/catalina/core/AprLifecycleListener.java
index 865131136f..ea7b421a37 100644
--- a/java/org/apache/catalina/core/AprLifecycleListener.java
+++ b/java/org/apache/catalina/core/AprLifecycleListener.java
@@ -221,6 +221,17 @@ public class AprLifecycleListener implements
LifecycleListener {
log.warn(sm.getString("aprListener.aprInitError", t.getMessage()),
t);
return;
}
+if (major > 1 && "off".equalsIgnoreCase(SSLEngine)) {
+log.error(sm.getString("aprListener.sslRequired", SSLEngine,
Library.versionString()));
+try {
+// Tomcat Native 2.x onwards requires SSL
+terminateAPR();
+} catch (Throwable t) {
+t = ExceptionUtils.unwrapInvocationTargetException(t);
+ExceptionUtils.handleThrowable(t);
+}
+return;
+}
if (apver < rqver) {
log.error(sm.getString("aprListener.tcnInvalid",
Library.versionString(),
diff --git a/java/org/apache/catalina/core/LocalStrings.properties
b/java/org/apache/catalina/core/LocalStrings.properties
index 9c6d6fa0e2..67fdf68951 100644
--- a/java/org/apache/catalina/core/LocalStrings.properties
+++ b/java/org/apache/catalina/core/LocalStrings.properties
@@ -82,6 +82,7 @@ aprListener.initializingFIPS=Initializing FIPS mode...
aprListener.requireNotInFIPSMode=AprLifecycleListener is configured to require
the library to already be in FIPS mode, but it was not in FIPS mode
aprListener.skipFIPSInitialization=Already in FIPS mode; skipping FIPS
initialization.
aprListener.sslInit=Failed to initialize the SSLEngine.
+aprListener.sslRequired=[{0}] is not a valid value for SSLEngine when using
version [{1}] of the Tomcat Native library since SSL is required for version
2.x onwards.
aprListener.tcnInvalid=An incompatible version [{0}] of the Apache Tomcat
Native library is installed, while Tomcat requires version [{1}]
aprListener.tcnValid=Loaded Apache Tomcat Native library [{0}] using APR
version [{1}].
aprListener.tcnVersion=An older version [{0}] of the Apache Tomcat Native
library is installed, while Tomcat recommends a minimum version of [{1}]
diff --git a/webapps/docs/config/listeners.xml
b/webapps/docs/config/listeners.xml
index 3a512bff25..9018caecab 100644
--- a/webapps/docs/config/listeners.xml
+++ b/webapps/docs/config/listeners.xml
@@ -103,6 +103,9 @@
See the http://www.openssl.org/";>Official OpenSSL
website
for more details on supported SSL hardware engines and manufacturers.
+Tomcat Native 2.x onwards requires SSL so if SSLEngine is set to
+off when using Tomcat Native 2.x onwards, the APR/native
+library will be disabled.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 9.0.x updated: Tomcat Native 2.x onwards will require SSL
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/9.0.x by this push:
new 8827c8ba54 Tomcat Native 2.x onwards will require SSL
8827c8ba54 is described below
commit 8827c8ba544f617ae22fe3bc94694733cc52b113
Author: Mark Thomas
AuthorDate: Tue May 31 21:02:33 2022 +0100
Tomcat Native 2.x onwards will require SSL
---
java/org/apache/catalina/core/AprLifecycleListener.java | 11 +++
java/org/apache/catalina/core/LocalStrings.properties | 1 +
webapps/docs/config/listeners.xml | 3 +++
3 files changed, 15 insertions(+)
diff --git a/java/org/apache/catalina/core/AprLifecycleListener.java
b/java/org/apache/catalina/core/AprLifecycleListener.java
index d16f7fea30..f8656c37f4 100644
--- a/java/org/apache/catalina/core/AprLifecycleListener.java
+++ b/java/org/apache/catalina/core/AprLifecycleListener.java
@@ -221,6 +221,17 @@ public class AprLifecycleListener implements
LifecycleListener {
log.warn(sm.getString("aprListener.aprInitError", t.getMessage()),
t);
return;
}
+if (major > 1 && "off".equalsIgnoreCase(SSLEngine)) {
+log.error(sm.getString("aprListener.sslRequired", SSLEngine,
Library.versionString()));
+try {
+// Tomcat Native 2.x onwards requires SSL
+terminateAPR();
+} catch (Throwable t) {
+t = ExceptionUtils.unwrapInvocationTargetException(t);
+ExceptionUtils.handleThrowable(t);
+}
+return;
+}
if (apver < rqver) {
log.error(sm.getString("aprListener.tcnInvalid",
Library.versionString(),
diff --git a/java/org/apache/catalina/core/LocalStrings.properties
b/java/org/apache/catalina/core/LocalStrings.properties
index d3739b6b66..da364dc716 100644
--- a/java/org/apache/catalina/core/LocalStrings.properties
+++ b/java/org/apache/catalina/core/LocalStrings.properties
@@ -83,6 +83,7 @@ aprListener.initializingFIPS=Initializing FIPS mode...
aprListener.requireNotInFIPSMode=AprLifecycleListener is configured to require
the library to already be in FIPS mode, but it was not in FIPS mode
aprListener.skipFIPSInitialization=Already in FIPS mode; skipping FIPS
initialization.
aprListener.sslInit=Failed to initialize the SSLEngine.
+aprListener.sslRequired=[{0}] is not a valid value for SSLEngine when using
version [{1}] of the Tomcat Native library since SSL is required for version
2.x onwards.
aprListener.tcnInvalid=An incompatible version [{0}] of the Apache Tomcat
Native library is installed, while Tomcat requires version [{1}]
aprListener.tcnValid=Loaded Apache Tomcat Native library [{0}] using APR
version [{1}].
aprListener.tcnVersion=An older version [{0}] of the Apache Tomcat Native
library is installed, while Tomcat recommends a minimum version of [{1}]
diff --git a/webapps/docs/config/listeners.xml
b/webapps/docs/config/listeners.xml
index 878d44918f..af09bdebc7 100644
--- a/webapps/docs/config/listeners.xml
+++ b/webapps/docs/config/listeners.xml
@@ -103,6 +103,9 @@
See the http://www.openssl.org/";>Official OpenSSL
website
for more details on supported SSL hardware engines and manufacturers.
+Tomcat Native 2.x onwards requires SSL so if SSLEngine is set to
+off when using Tomcat Native 2.x onwards, the APR/native
+library will be disabled.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 8.5.x updated: Tomcat Native 2.x onwards will require SSL
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/8.5.x by this push:
new 19e66ad3ad Tomcat Native 2.x onwards will require SSL
19e66ad3ad is described below
commit 19e66ad3adaa275081b5473c959486de9c3ab379
Author: Mark Thomas
AuthorDate: Tue May 31 21:02:33 2022 +0100
Tomcat Native 2.x onwards will require SSL
---
java/org/apache/catalina/core/AprLifecycleListener.java | 11 +++
java/org/apache/catalina/core/LocalStrings.properties | 1 +
webapps/docs/config/listeners.xml | 3 +++
3 files changed, 15 insertions(+)
diff --git a/java/org/apache/catalina/core/AprLifecycleListener.java
b/java/org/apache/catalina/core/AprLifecycleListener.java
index 4fdbc6c500..49c5f58d8e 100644
--- a/java/org/apache/catalina/core/AprLifecycleListener.java
+++ b/java/org/apache/catalina/core/AprLifecycleListener.java
@@ -227,6 +227,17 @@ public class AprLifecycleListener implements
LifecycleListener {
log.warn(sm.getString("aprListener.aprInitError", t.getMessage()),
t);
return;
}
+if (major > 1 && "off".equalsIgnoreCase(SSLEngine)) {
+log.error(sm.getString("aprListener.sslRequired", SSLEngine,
Library.versionString()));
+try {
+// Tomcat Native 2.x onwards requires SSL
+terminateAPR();
+} catch (Throwable t) {
+t = ExceptionUtils.unwrapInvocationTargetException(t);
+ExceptionUtils.handleThrowable(t);
+}
+return;
+}
if (apver < rqver) {
log.error(sm.getString("aprListener.tcnInvalid",
Library.versionString(),
diff --git a/java/org/apache/catalina/core/LocalStrings.properties
b/java/org/apache/catalina/core/LocalStrings.properties
index 8e10444ba9..823718ee70 100644
--- a/java/org/apache/catalina/core/LocalStrings.properties
+++ b/java/org/apache/catalina/core/LocalStrings.properties
@@ -84,6 +84,7 @@ aprListener.initializingFIPS=Initializing FIPS mode...
aprListener.requireNotInFIPSMode=AprLifecycleListener is configured to require
the library to already be in FIPS mode, but it was not in FIPS mode
aprListener.skipFIPSInitialization=Already in FIPS mode; skipping FIPS
initialization.
aprListener.sslInit=Failed to initialize the SSLEngine.
+aprListener.sslRequired=[{0}] is not a valid value for SSLEngine when using
version [{1}] of the Tomcat Native library since SSL is required for version
2.x onwards.
aprListener.tcnInvalid=An incompatible version [{0}] of the Apache Tomcat
Native library is installed, while Tomcat requires version [{1}]
aprListener.tcnValid=Loaded Apache Tomcat Native library [{0}] using APR
version [{1}].
aprListener.tcnVersion=An older version [{0}] of the Apache Tomcat Native
library is installed, while Tomcat recommends a minimum version of [{1}]
diff --git a/webapps/docs/config/listeners.xml
b/webapps/docs/config/listeners.xml
index 4a636e817f..c1cf3b95c7 100644
--- a/webapps/docs/config/listeners.xml
+++ b/webapps/docs/config/listeners.xml
@@ -103,6 +103,9 @@
See the http://www.openssl.org/";>Official OpenSSL
website
for more details on supported SSL hardware engines and manufacturers.
+Tomcat Native 2.x onwards requires SSL so if SSLEngine is set to
+off when using Tomcat Native 2.x onwards, the APR/native
+library will be disabled.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: [tomcat-native] 01/02: Minimum OpenSSl version is 3.0.0 is keylog callback is always available
Mark, On 5/31/22 12:48, Mark Thomas wrote: On 31/05/2022 17:34, Christopher Schultz wrote: Mark, On 5/31/22 11:30, ma...@apache.org wrote: This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/tomcat-native.git commit b6952740dd64fa8ea7edd1764d4b14661527a0eb Author: Mark Thomas AuthorDate: Wed May 25 16:15:02 2022 +0100 Minimum OpenSSl version is 3.0.0 is keylog callback is always available If the minimum version of OpenSSL is 3.0.0, then probably MANY MANY #ifdefs can be removed. Removing the would, of course, cause lots of merge conflicts when back-ports are done so it's probably not worth it. Given that (chaos), I'm curious: why did you remove this one in particular? A lot look like they might need to stay - at least in some form - if we want to continue to support LibreSSL in Tomcat Native 2.0.x. Oh, right... there's that. I do have a large commit that removes a lot of unused code. I need to wait until Tomcat Native 1.2.34 is released before I merge that commit else Tomcat 10.1.x won't be able to use Tomcat Native unless you build Tomcat native from source. I'm generally removing stuff as I spot that it is no longer required. My intention is to remove everything I can. The merge conflicts might not be too bad... On that topic, I originally made the decision to keep LibreSSL support when I thought that 10.1.x would required Tomcat Native 2.0.x. The plan has since shifted and 10.1.x will ship with Tomcat Native 2.0.x but will still be able to use (a sufficiently recent) Tomcat Native 1.2.x. With that in mind, do we want to keep LibreSSL support in Tomcat Native 2.0.x? IMO libressl support is a *very* nice to have. If it's not to much trouble, I think we should try to support it. Theoretically, it has API (ABI?) compatibility with OpenSSL (1.x) so it shouldn't be thqt bad if we still support earlier versions OpenSSL. But since you've bumped-up the requirement to 3.0.x... I'm not sure where that leaves us. There is a large deployment of OpenSSL 1.x that isn't likely to change for a while. I still see many environments on 1.0.x these days, and they wouldn't be able to upgrade to tcnative 2, which isn't necessarily a deal-breaker. I wouldn't want to require tcnative-2 on 10.0 or below any time soon, possible ever. So I think there's still quite a future for tcnative-1. -chris - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
