tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Tim Whittington <t...@apache.org>
Subject Re: [VOTE] Release Apache Tomcat Native 1.1.30
Date Fri, 11 Apr 2014 09:56:57 GMT

On 10/04/2014, at 11:50 pm, Mladen Turk <mturk@apache.org> wrote:

> Version 1.1.30 is bug fixing release with added ECDH
> if supported by OpenSSL library.
> The proposed release artefacts can be found at [1],
> and the build was done using tag [2].
> 
> The VOTE will remain open for at least 48 hours.
> 
> The Apache Tomcat Native 1.1.30 is
> [X] Stable, go ahead and release
> [ ] Broken because of ...


Tested on OS X Mavericks with Tomcat 7.0.x.
Builds cleanly against OpenSSL 1.0.1g and APR 1.50.
HTTP and HTTPS APR connectors tested.

Testing with Firefox, Chrome, Safari and openssl s_client shows TLSv1.2 and ECDHE cipher suites
being used.
Testing with https://github.com/FiloSottile/Heartbleed shows SAFE from Heartbleed (as expected,
linking against 1.0.1g).

There’s one problem using APR/HTTPS in Tomcat on OS X, where SSL_library_init needs to be
called on the same thread that invokes SSLContext.make to make things work, but that’s not
a tcnative issue.

cheers
tim
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org


Mime
View raw message