Re: OpenSSL SSL engine

2015-06-18 20:16 GMT+02:00 Mark Thomas : > I assume it only makes sense to run the various SSL tests. We should be > able to (possibly with a little renaming) set things up so we can filter > test classes by name for *SSL* (or better yet *TLS*) and run them as an > additional batch of tests in the

[Bug 58052] RewriteValve: Rewrite to a complete URI does not work because the colon is URL encoded

https://bz.apache.org/bugzilla/show_bug.cgi?id=58052 Volker Voßkämper changed: What|Removed |Added OS||All --- Comment #1 from Volker Voßk

[Bug 58052] New: RewriteValve: Rewrite to a complete URI does not work because the colon is URL encoded

https://bz.apache.org/bugzilla/show_bug.cgi?id=58052 Bug ID: 58052 Summary: RewriteValve: Rewrite to a complete URI does not work because the colon is URL encoded Product: Tomcat 8 Version: 8.0.21 Hardware: PC S

buildbot failure in ASF Buildbot on tomcat-trunk

The Buildbot has detected a new failure on builder tomcat-trunk while building ASF Buildbot. Full details are available at: http://ci.apache.org/builders/tomcat-trunk/builds/1410 Buildbot URL: http://ci.apache.org/ Buildslave for this Build: silvanus_ubuntu Build Reason: The AnyBranchSchedu

svn commit: r1686318 - /tomcat/trunk/java/org/apache/tomcat/util/net/jsse/openssl/Cipher.java

Author: markt Date: Thu Jun 18 20:33:07 2015 New Revision: 1686318 URL: http://svn.apache.org/r1686318 Log: Add some missing cipher IDs to the comments Modified: tomcat/trunk/java/org/apache/tomcat/util/net/jsse/openssl/Cipher.java Modified: tomcat/trunk/java/org/apache/tomcat/util/net/jsse/

svn commit: r1686317 - /tomcat/trunk/java/org/apache/tomcat/util/net/jsse/openssl/Cipher.java

Author: markt Date: Thu Jun 18 20:23:23 2015 New Revision: 1686317 URL: http://svn.apache.org/r1686317 Log: Add a reference to the OpenSSL cipher suite definitions. Fix some strength bits values Modified: tomcat/trunk/java/org/apache/tomcat/util/net/jsse/openssl/Cipher.java Modified: tomcat/

buildbot success in ASF Buildbot on tomcat-trunk

The Buildbot has detected a restored build on builder tomcat-trunk while building ASF Buildbot. Full details are available at: http://ci.apache.org/builders/tomcat-trunk/builds/1409 Buildbot URL: http://ci.apache.org/ Buildslave for this Build: silvanus_ubuntu Build Reason: The AnyBranchSch

svn commit: r1686312 - in /tomcat/trunk/java/org/apache/tomcat/util/net/jsse/openssl: Encryption.java EncryptionLevel.java MessageDigest.java

Author: markt Date: Thu Jun 18 20:03:35 2015 New Revision: 1686312 URL: http://svn.apache.org/r1686312 Log: Reformat Modified: tomcat/trunk/java/org/apache/tomcat/util/net/jsse/openssl/Encryption.java tomcat/trunk/java/org/apache/tomcat/util/net/jsse/openssl/EncryptionLevel.java tomc

svn commit: r1686306 - /tomcat/trunk/test/org/apache/coyote/http2/TestHttp2Section_6_1.java

Author: markt Date: Thu Jun 18 19:55:37 2015 New Revision: 1686306 URL: http://svn.apache.org/r1686306 Log: Add a test for zero length padding Modified: tomcat/trunk/test/org/apache/coyote/http2/TestHttp2Section_6_1.java Modified: tomcat/trunk/test/org/apache/coyote/http2/TestHttp2Section_6_

svn commit: r1686304 - in /tomcat/trunk: java/org/apache/coyote/http2/Http2Parser.java java/org/apache/coyote/http2/LocalStrings.properties test/org/apache/coyote/http2/TestHttp2Section_6_1.java

Author: markt Date: Thu Jun 18 19:50:29 2015 New Revision: 1686304 URL: http://svn.apache.org/r1686304 Log: Validate that the padding is not too long Modified: tomcat/trunk/java/org/apache/coyote/http2/Http2Parser.java tomcat/trunk/java/org/apache/coyote/http2/LocalStrings.properties

svn commit: r1686302 - /tomcat/trunk/test/org/apache/coyote/http2/TestHttp2Section_6_1.java

Author: markt Date: Thu Jun 18 19:40:20 2015 New Revision: 1686302 URL: http://svn.apache.org/r1686302 Log: Add a test for data frames on stream 0. Modified: tomcat/trunk/test/org/apache/coyote/http2/TestHttp2Section_6_1.java Modified: tomcat/trunk/test/org/apache/coyote/http2/TestHttp2Secti

svn commit: r1686300 - in /tomcat/trunk: java/org/apache/coyote/http2/Http2Parser.java java/org/apache/coyote/http2/LocalStrings.properties test/org/apache/coyote/http2/TestHttp2Section_6_1.java

Author: markt Date: Thu Jun 18 19:33:54 2015 New Revision: 1686300 URL: http://svn.apache.org/r1686300 Log: Implement optional padding validation Modified: tomcat/trunk/java/org/apache/coyote/http2/Http2Parser.java tomcat/trunk/java/org/apache/coyote/http2/LocalStrings.properties tomc

buildbot failure in ASF Buildbot on tomcat-trunk

The Buildbot has detected a new failure on builder tomcat-trunk while building ASF Buildbot. Full details are available at: http://ci.apache.org/builders/tomcat-trunk/builds/1405 Buildbot URL: http://ci.apache.org/ Buildslave for this Build: silvanus_ubuntu Build Reason: The AnyBranchSchedu

svn commit: r1686288 - /tomcat/trunk/java/org/apache/catalina/Context.java

Author: markt Date: Thu Jun 18 18:50:38 2015 New Revision: 1686288 URL: http://svn.apache.org/r1686288 Log: Trivial commit to test CI Modified: tomcat/trunk/java/org/apache/catalina/Context.java Modified: tomcat/trunk/java/org/apache/catalina/Context.java URL: http://svn.apache.org/viewvc/t

Re: OpenSSL SSL engine

On 18/06/2015 18:22, Rémy Maucherat wrote: > Hi, > > I have now committed the initial work for this new feature. Advanced SSL > functionality (renegotiation) is disabled since that was like that upstream > and I didn't dare trying to hack it yet. > > Testsuite integration (I have it in my git rep

OpenSSL SSL engine

Hi, I have now committed the initial work for this new feature. Advanced SSL functionality (renegotiation) is disabled since that was like that upstream and I didn't dare trying to hack it yet. Testsuite integration (I have it in my git repository https://github.com/rmaucher/tomcat ) is convolute

svn commit: r1686281 - in /tomcat/trunk: java/org/apache/tomcat/util/net/AbstractJsseEndpoint.java webapps/docs/changelog.xml webapps/docs/config/http.xml webapps/docs/ssl-howto.xml

Author: remm Date: Thu Jun 18 17:15:51 2015 New Revision: 1686281 URL: http://svn.apache.org/r1686281 Log: - When using the OpenSSL SSL engine, use the OpenSSL style configuration. - Add some "documentation" that says the APR SSL configuration should be used when using the OpenSSL sslImplementati

svn commit: r1686279 [2/2] - /tomcat/trunk/java/org/apache/tomcat/util/net/openssl/

Added: tomcat/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLEngine.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLEngine.java?rev=1686279&view=auto == --- tomcat/t

svn commit: r1686279 [1/2] - /tomcat/trunk/java/org/apache/tomcat/util/net/openssl/

Author: remm Date: Thu Jun 18 17:13:40 2015 New Revision: 1686279 URL: http://svn.apache.org/r1686279 Log: Add SSL engine backed by OpenSSL, based on code from Nume de Montmollin and derived from work done by Netty and Twitter. Added: tomcat/trunk/java/org/apache/tomcat/util/net/openssl/

svn commit: r1686277 - /tomcat/trunk/java/org/apache/catalina/startup/LocalStrings.properties

Author: remm Date: Thu Jun 18 17:10:30 2015 New Revision: 1686277 URL: http://svn.apache.org/r1686277 Log: Remove extra space. Modified: tomcat/trunk/java/org/apache/catalina/startup/LocalStrings.properties Modified: tomcat/trunk/java/org/apache/catalina/startup/LocalStrings.properties URL:

svn commit: r1686276 [2/2] - in /tomcat/trunk: ./ java/org/apache/catalina/core/ java/org/apache/tomcat/jni/ java/org/apache/tomcat/jni/socket/

Added: tomcat/trunk/java/org/apache/tomcat/jni/socket/AprSocketContext.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/jni/socket/AprSocketContext.java?rev=1686276&view=auto == --- tomcat/trunk/j

svn commit: r1686276 [1/2] - in /tomcat/trunk: ./ java/org/apache/catalina/core/ java/org/apache/tomcat/jni/ java/org/apache/tomcat/jni/socket/

Author: remm Date: Thu Jun 18 17:10:08 2015 New Revision: 1686276 URL: http://svn.apache.org/r1686276 Log: - Add JNI API updates from Netty and Twitter. jni.socket.* is not useful to Tomcat at the moment, but is a NIO2 style API on top of APR. - Update recommended native library version to 1.2. I

Re: [GitHub] tomcat-native pull request: Port Netty-tc-native code to tomcat-na...

On 06/18/2015 02:41 PM, Mark Thomas wrote: On 18 June 2015 13:12:52 BST, jean-frederic clere wrote: I am going to merge it today and fix in svn what will be broken after. Cheers Jean-Frederic - To unsubscribe, e-mail: dev-un

svn commit: r1686259 - /tomcat/native/trunk/native/src/sslcontext.c

Author: jfclere Date: Thu Jun 18 15:56:00 2015 New Revision: 1686259 URL: http://svn.apache.org/r1686259 Log: Add empty stubs when without openssl. Modified: tomcat/native/trunk/native/src/sslcontext.c Modified: tomcat/native/trunk/native/src/sslcontext.c URL: http://svn.apache.org/viewvc/

svn commit: r1686258 - in /tomcat/native/trunk/native: include/ssl_private.h src/sslcontext.c src/sslutils.c

Author: jfclere Date: Thu Jun 18 15:55:06 2015 New Revision: 1686258 URL: http://svn.apache.org/r1686258 Log: Add netty-tcnative methods to sslcontext.c Modified: tomcat/native/trunk/native/include/ssl_private.h tomcat/native/trunk/native/src/sslcontext.c tomcat/native/trunk/native/s

svn commit: r1686257 - in /tomcat/native/trunk/native: include/ssl_private.h src/ssl.c src/sslutils.c

Author: jfclere Date: Thu Jun 18 15:53:35 2015 New Revision: 1686257 URL: http://svn.apache.org/r1686257 Log: Add more Twitter and Apple code and fix warnings. Modified: tomcat/native/trunk/native/include/ssl_private.h tomcat/native/trunk/native/src/ssl.c tomcat/native/trunk/native/s

svn commit: r1686255 - /tomcat/native/trunk/native/src/ssl.c

Author: jfclere Date: Thu Jun 18 15:51:04 2015 New Revision: 1686255 URL: http://svn.apache.org/r1686255 Log: Add empty stubs from netty-tcnative. Modified: tomcat/native/trunk/native/src/ssl.c Modified: tomcat/native/trunk/native/src/ssl.c URL: http://svn.apache.org/viewvc/tomcat/native/

svn commit: r1686252 - in /tomcat/native/trunk/native: include/ssl_private.h src/ssl.c src/sslutils.c

Author: jfclere Date: Thu Jun 18 15:49:12 2015 New Revision: 1686252 URL: http://svn.apache.org/r1686252 Log: Add netty-tc-native ssl.c modifications. Modified: tomcat/native/trunk/native/include/ssl_private.h tomcat/native/trunk/native/src/ssl.c tomcat/native/trunk/native/src/sslutil

Re: connector redirect

Mark, On 6/18/15 5:57 AM, Mark Thomas wrote: > On 18/06/2015 09:41, Romain Manni-Bucau wrote: >> Hi guys, >> >> when redirecting ports between connectors tomcat uses a 302 ATM, any reason >> to not use a 307 (ie support POST redirect as well)? > > Because the servlet spec says it has to be a 302.

[Bug 58031] Posting data exceeding maxPostSize should result in HTTP 413.

https://bz.apache.org/bugzilla/show_bug.cgi?id=58031 --- Comment #9 from Christopher Schultz --- I'd prefer being able to set the response code using an init-param. If we want to keep the current behavior and add on to it, it seems we need a second attribute to indicate the second condition. In e

svn commit: r1686209 - in /tomcat/trunk/java/org/apache/catalina/startup: ConnectorCreateRule.java LocalStrings.properties

Author: remm Date: Thu Jun 18 12:57:13 2015 New Revision: 1686209 URL: http://svn.apache.org/r1686209 Log: Make sslImplementationName a special attribute (like protocol) so that it is set before any other and can be used to validate. Modified: tomcat/trunk/java/org/apache/catalina/startup/Co

Re: [GitHub] tomcat-native pull request: Port Netty-tc-native code to tomcat-na...

On 18 June 2015 13:12:52 BST, jean-frederic clere wrote: >I am going to merge it today and fix in svn what will be broken after. > >Cheers > >Jean-Frederic > >- >To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org >For addit

Re: [GitHub] tomcat-native pull request: Port Netty-tc-native code to tomcat-na...

I am going to merge it today and fix in svn what will be broken after. Cheers Jean-Frederic - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 57530] Reimplement TestAbstractHttp11Processor.testNon2xxResponseWithExpectation test using SimpleHttpClient instead of Java 6

https://bz.apache.org/bugzilla/show_bug.cgi?id=57530 Violeta Georgieva changed: What|Removed |Added Resolution|--- |FIXED Status|NEW

svn commit: r1686185 - in /tomcat/tc7.0.x/trunk/test/org/apache: catalina/startup/SimpleHttpClient.java coyote/http11/TestAbstractHttp11Processor.java

Author: violetagg Date: Thu Jun 18 11:15:08 2015 New Revision: 1686185 URL: http://svn.apache.org/r1686185 Log: Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=57530 Reimplement TestAbstractHttp11Processor.testNon2xxResponseWithExpectation test using SimpleHttpClient instead of Java 6 Modifie

Re: connector redirect

Hmm, link between connectors is tomcat specific so I guess we could have a flag to support all http methods and not rely on default sendRedirect Romain Manni-Bucau @rmannibucau | Blog | Github |

Re: connector redirect

On 18/06/2015 09:41, Romain Manni-Bucau wrote: > Hi guys, > > when redirecting ports between connectors tomcat uses a 302 ATM, any reason > to not use a 307 (ie support POST redirect as well)? Because the servlet spec says it has to be a 302. https://java.net/jira/browse/SERVLET_SPEC-100 Additi

svn commit: r1686157 - in /tomcat/trunk/java/org/apache/coyote/http2: Http2UpgradeHandler.java LocalStrings.properties

Author: markt Date: Thu Jun 18 09:45:43 2015 New Revision: 1686157 URL: http://svn.apache.org/r1686157 Log: Remove unused code Modified: tomcat/trunk/java/org/apache/coyote/http2/Http2UpgradeHandler.java tomcat/trunk/java/org/apache/coyote/http2/LocalStrings.properties Modified: tomcat/t

svn commit: r1686156 - in /tomcat/trunk: java/org/apache/coyote/http2/ test/org/apache/coyote/http2/

Author: markt Date: Thu Jun 18 09:43:06 2015 New Revision: 1686156 URL: http://svn.apache.org/r1686156 Log: Add unit tests for data frames with padding including support for simple POST requests. Fix errors in parsing of padded data frames. Make parser responsible for swallowing unwanted data rat

connector redirect

Hi guys, when redirecting ports between connectors tomcat uses a 302 ATM, any reason to not use a 307 (ie support POST redirect as well)? Romain Manni-Bucau @rmannibucau | Blog | Github | Linked