--- Begin Message ---
Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: unblock
Hi,
I'd like to request an unblock for a new version of tomcat-native. Testing
currently has the 1.2.10 version. The versions 1.2.11 and 1.2.12 are bug
fix releases improving the stability.
tomcat-native is the layer that enables tomcat8 to use OpenSSL for its https
connector. The version 1.2.12 was released 3 months ago and no issue has been
reported upstream since then. The new version was uploaded to experimental
one week ago and built fine on all release architectures. The tomcat8
testsuite passed successfully with the new version.
Here is the changelog:
Changes in 1.2.12
* Fix: Correct a regression in the fix for 59797 that triggered a JVM
crash on shutdown in some Tomcat unit tests when using the APR/native
connector.
Changes in 1.2.11
* Fix: 52627: Prevent a crash in File.infoGet() caused by the use of
uninitialised variables.
* Fix: 55113: Document the process for creating a static tc-native
library with a FIPS-enabled OpenSSL and update the nmake make file to
support the process.
* Fix: 55114: Clean up building instructions for the native component
and expand the instructions for building for Windows platforms.
* Fix: 55938: Resolve remaining clang-analyzer warnings. Note that the
use of -1 to indicate the full array in File.(read|write)[Full] has
been removed since it was only partially implemented and the
implementation was faulty.
* Fix: 58082: Update unit tests to use JUnit 4. Refactor unit tests into
separate tests and use an external to reference them in the same way
an external is used to reference the main code.
* Fix: 59797: Ensure that the per thread error hash maintained by
OpenSSL is cleaned up as individual threads exit to ensure it does not
grow too large.
* Fix: 59996: Correctly handle building tc-native on a 64-bit system
when using an OpenSSL distribution that is not in /usr.
* Fix: 60388: The --disable-maintainer-mode option of the configure
script no longer enables the maintainer mode.
* Update: Update minimum recommended OpenSSL version to 1.0.2k.
Thank you,
Emmanuel Bourg
diff --git a/CHANGELOG.txt b/CHANGELOG.txt
index 3812d79..e996676 100644
--- a/CHANGELOG.txt
+++ b/CHANGELOG.txt
@@ -2,9 +2,41 @@
This is the Changelog for Tomcat Native 1.2.
+ Changes in 1.2.12
+
+ * Fix: Correct a regression in the fix for 59797 that triggered a JVM
+ crash on shutdown in some Tomcat unit tests when using the APR/native
+ connector. (markt)
+
+ Changes in 1.2.11
+
+ * Fix: 52627: Prevent a crash in File.infoGet() caused by the use of
+ uninitialised variables. Based on patch by Ilya Maykov. (markt)
+ * Fix: 55113: Document the process for creating a static tc-native
+ library with a FIPS-enabled OpenSSL and update the nmake make file to
+ support the process. (markt)
+ * Fix: 55114: Clean up building instructions for the native component
+ and expand the instructions for building for Windows platforms.
+ (markt)
+ * Fix: 55938: Resolve remaining clang-analyzer warnings. Note that the
+ use of -1 to indicate the full array in File.(read|write)[Full] has
+ been removed since it was only partially implemented and the
+ implementation was faulty. (markt)
+ * Fix: 58082: Update unit tests to use JUnit 4. Refactor unit tests into
+ separate tests and use an external to reference them in the same way
+ an external is used to reference the main code. (markt)
+ * Fix: 59797: Ensure that the per thread error hash maintained by
+ OpenSSL is cleaned up as individual threads exit to ensure it does not
+ grow too large. Patch provided by Nate Clark. (markt)
+ * Fix: 59996: Correctly handle building tc-native on a 64-bit system
+ when using an OpenSSL distribution that is not in /usr. (csutherl)
+ * Fix: 60388: The --disable-maintainer-mode option of the configure
+ script no longer enables the maintainer mode. (ebourg)
+ * Update: Update minimum recommended OpenSSL version to 1.0.2k. (markt)
+
Changes in 1.2.10
- Update minimum recommended OpenSSL version to 1.0.2j. (markt)
+ * Update: Update minimum recommended OpenSSL version to 1.0.2j. (markt)
Changes in 1.2.9
@@ -114,4 +146,4 @@
Please see the 1.1.x changelog.
- Copyright © 2008-2016, The Apache Software Foundation
+ Copyright © 2008-2017, The Apache Software Foundation
diff --git a/NOTICE b/NOTICE
index bfbbf8a..3a7adfd 100644
--- a/NOTICE
+++ b/NOTICE
@@ -1,5 +1,5 @@
Apache Tomcat Native Library
-Copyright 2002-2016 The Apache Software Foundation
+Copyright 2002-2017 The Apache Software Foundation
This product includes software developed at
The Apache Software Foundation (http://www.apache.org/).
diff --git a/build.properties.default b/build.properties.default
index a4e1338..7fd7c2e 100644
--- a/build.properties.default
+++ b/build.properties.default
@@ -18,7 +18,7 @@
# ----- Version Control Flags -----
version.major=1
version.minor=2
-version.build=10
+version.build=12
version.patch=0
version.suffix=
@@ -36,16 +36,16 @@ compile.debug=off
compile.deprecation=on
compile.optimize=on
-base-tomcat.loc=http://archive.apache.org/dist/tomcat
-base-sf.loc=http://downloads.sourceforge.net
+base-maven.loc=http://repo.maven.apache.org/maven2
-# ----- JUnit Unit Test Suite, version 3.8 or later -----
-# The JUnit version we will use
-junit.version=3.8.2
-# The directory containing your binary distribution of JUnit
-# It will be automatically downloaded if it doesn't exist
-junit.home=${base.path}/junit${junit.version}
-# The pathname of the "junit.jar" JAR file
-junit.jar=${junit.home}/junit.jar
-# The URL used to download JUnit if needed
-junit.loc=${base-sf.loc}/junit/junit${junit.version}.zip
+# ----- JUnit Unit Test Suite, version 4.11 or later -----
+junit.version=4.11
+junit.home=${base.path}/junit-${junit.version}
+junit.jar=${junit.home}/junit-${junit.version}.jar
+junit.loc=${base-maven.loc}/junit/junit/${junit.version}/junit-${junit.version}.jar
+
+# ----- Hamcrest Library, used by JUnit, version 1.3 or later ----
+hamcrest.version=1.3
+hamcrest.home=${base.path}/hamcrest-${hamcrest.version}
+hamcrest.jar=${hamcrest.home}/hamcrest-core-${hamcrest.version}.jar
+hamcrest.loc=${base-maven.loc}/org/hamcrest/hamcrest-core/${hamcrest.version}/hamcrest-core-${hamcrest.version}.jar
diff --git a/build.xml b/build.xml
index b579535..54411ad 100644
--- a/build.xml
+++ b/build.xml
@@ -30,7 +30,7 @@
<property name="project" value="tomcat-native" />
<property name="name" value="Tomcat Native" />
<property name="title" value="Tomcat Native Library"/>
- <property name="year" value="2016" />
+ <property name="year" value="2017" />
<property name="test.runner" value="junit.textui.TestRunner"/>
@@ -68,6 +68,7 @@
<pathelement location="${build.dest}/java"/>
<pathelement location="${build.dest}/test"/>
<pathelement location="${junit.jar}"/>
+ <pathelement location="${hamcrest.jar}"/>
</path>
<!-- Examples classpath -->
@@ -91,6 +92,7 @@
<target name="prepare" depends="env">
<mkdir dir="${build.dir}"/>
+ <mkdir dir="${basedir}/logs"/>
</target>
<!-- Download and dependency building -->
@@ -162,7 +164,7 @@
packagenames="org.apache.tomcat.*"
windowtitle="${title} (Version ${version})"
doctitle="<h1>${title} (Version ${version})</h1>"
- bottom="Copyright 2002-2016 The Apache Software Foundation.<!--
+ bottom="Copyright 2002-2017 The Apache Software Foundation.<!--
Licensed under the Apache License, Version 2.0 (the 'License');
you may not use this file except in compliance with the License.
@@ -217,7 +219,8 @@ limitations under the License.-->">
debug="${compile.debug}"
deprecation="${compile.deprecation}"
optimize="${compile.optimize}"
- encoding="ISO-8859-1">
+ encoding="ISO-8859-1"
+ includeantruntime="false">
<classpath refid="classpath"/>
</javac>
@@ -281,7 +284,8 @@ limitations under the License.-->">
debug="on"
deprecation="${compile.deprecation}"
optimize="${compile.optimize}"
- encoding="ISO-8859-1">
+ encoding="ISO-8859-1"
+ includeantruntime="false">
<classpath refid="test.classpath"/>
</javac>
<copy todir="${build.dest}/test" filtering="yes" encoding="ISO-8859-1">
@@ -297,20 +301,19 @@ limitations under the License.-->">
<!-- =================================================================== -->
<target name="test" depends="compile-tests" description="Run the tests">
<echo message="Running Tomcat Native package tests ..."/>
- <java dir="${test.dir}" classname="${test.runner}" fork="yes" failonerror="${test.failonerror}">
- <arg value="org.apache.tomcat.jni.FileTestSuite"/>
- <classpath refid="test.classpath"/>
- <env key="PATH" path="${tc.library.path}:${java.library.path}"/>
- <env key="Path" path="${tc.library.path}:${java.library.path}"/>
+ <junit printsummary="yes" fork="yes" dir="." showoutput="yes"
+ haltonfailure="${test.failonerror}" >
+
+ <formatter type="plain"/>
+
<jvmarg value="-Djava.library.path=${tc.library.path}"/>
- </java>
- <java dir="${test.dir}" classname="${test.runner}" fork="yes" failonerror="${test.failonerror}">
- <arg value="org.apache.tomcat.jni.SocketServerTestSuite"/>
+
<classpath refid="test.classpath" />
- <env key="PATH" path="${tc.library.path}:${java.library.path}"/>
- <env key="Path" path="${tc.library.path}:${java.library.path}"/>
- <jvmarg value="-Djava.library.path=${tc.library.path}"/>
- </java>
+
+ <batchtest todir="${basedir}/logs">
+ <fileset dir="test" />
+ </batchtest>
+ </junit>
</target>
<!-- =================================================================== -->
diff --git a/debian/changelog b/debian/changelog
index a3f013a..3108c58 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,12 @@
+tomcat-native (1.2.12-1) experimental; urgency=medium
+
+ * Team upload.
+ * New upstream release
+ - Removed 01-disable-maintainer-mode.patch (fixed upstream)
+ * Removed the generated configure script from the upstream tarball
+
+ -- Emmanuel Bourg <ebourg@apache.org> Sun, 14 May 2017 12:55:40 +0200
+
tomcat-native (1.2.10-1) unstable; urgency=medium
* Team upload.
diff --git a/debian/copyright b/debian/copyright
index 68646cc..a514145 100644
--- a/debian/copyright
+++ b/debian/copyright
@@ -2,6 +2,7 @@ Format: http://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
Upstream-Name: Apache Tomcat Native Library
Upstream-Contact: <http://tomcat.apache.org/native-doc/>
Source: http://www.apache.org/dist/tomcat/tomcat-connectors/native/
+Files-Exluded: native/configure
Files: *
Copyright: 2004-2016, The Apache Software Foundation.
diff --git a/debian/patches/01-disable-maintainer-mode.patch b/debian/patches/01-disable-maintainer-mode.patch
deleted file mode 100644
index 65cda0c..0000000
--- a/debian/patches/01-disable-maintainer-mode.patch
+++ /dev/null
@@ -1,28 +0,0 @@
-Description: No longer enable the maintainer mode when --disable-maintainer-mode is specified
-Author: Emmanuel Bourg <ebourg@apache.org>
-Bug: https://bz.apache.org/bugzilla/show_bug.cgi?id=60388
---- a/native/configure.in
-+++ b/native/configure.in
-@@ -198,12 +198,16 @@
- maintainer-mode,
- [ --enable-maintainer-mode Turn on debugging and compile time warnings],
- [
-- if test "$GCC" = "yes"; then
-- CFLAGS="${CFLAGS} -DDEBUG -Wall"
-- else
-- CFLAGS="${CFLAGS} -DDEBUG"
-- fi
--AC_MSG_RESULT([...Enabling Maintainer mode...])
-+ case "${enableval}" in
-+ yes )
-+ if test "$GCC" = "yes"; then
-+ CFLAGS="${CFLAGS} -DDEBUG -Wall"
-+ else
-+ CFLAGS="${CFLAGS} -DDEBUG"
-+ fi
-+ AC_MSG_RESULT([...Enabling Maintainer mode...])
-+ ;;
-+ esac
- ])
-
- dnl
diff --git a/debian/patches/series b/debian/patches/series
deleted file mode 100644
index e1f1a9c..0000000
--- a/debian/patches/series
+++ /dev/null
@@ -1 +0,0 @@
-01-disable-maintainer-mode.patch
diff --git a/docs/index.html b/docs/index.html
index 1a3d29c..e2a6323 100644
--- a/docs/index.html
+++ b/docs/index.html
@@ -32,9 +32,10 @@ manual is described in more detail below.</p>
</div><h3 id="Headlines">Headlines</h3><div class="text">
<ul>
-<li><a href="news/2016.html#20160702">2 July 2016 - <b>TC-Native-1.2.8 released</b></a>
+<li><a href="news/2016.html#20161005">5 October 2016 - <b>TC-Native-1.2.10
+released</b></a>
<p>The Apache Tomcat team is proud to announce the immediate availability of
-Tomcat Native 1.2.8 Stable.</p>
+Tomcat Native 1.2.10 Stable.</p>
<p>
The sources and the binaries for selected platforms are available from the
<a href="../download-native.cgi">Download page</a>.
@@ -108,23 +109,20 @@ list of changes.
<div class="subsection"><h4 id="Building/Windows">Windows</h4><div class="text">
<p>
- Download the windows sources of tc-native and extract them.
+ Download the Windows sources of tc-native and extract them.
</p>
<p>
- Download OpenSSL sources (See <a href="http://www.openssl.org/related/binaries.html";><b>Binary Distributions</b></a>)
- OpenSSL is a crypto software so check if you are allowed to download it. If not you can still use tc-native without SSL.
+ Obtain the Windows sources for
+ <a href="http://apr.apache.org/download.cgi";>APR</a> and
+ <a href="https://www.openssl.org/source/";>OpenSSL</a>. Apply the patches from
+ native/srclib and build APR and OpenSSL for your platform (X86 or X64).
</p>
<p>
- Download APR sources for Windows. (See <a href="http://apr.apache.org/download.cgi";><b>Download</b></a>)
- Extract them in jni and rename the apr-1.x.y directory to apr.
+ Build with <div class="codeBox"><pre><code>nmake -f NMAKEMakefile WITH_APR=... WITH_OPENSSL=... APR_DECLARE_STATIC=1</code></pre></div>
</p>
<p>
- Use MS Visual Studio to open the workspace of the APR sources and build the library (libapr).
- </p>
- <p>
- Use MS Visual Studio to open the workspace of the tc-native sources, adjust the OpenSSL includes and libraries location
- change the name of the libraries libeay32 and libssleay to libeay32MT and libssleayMT and build the tcn-native library.
- That should create a tcnative-1.dll.
+ More detailed instructions including the steps to create a standard release
+ distribution are provided on the <a href="https://cwiki.apache.org/confluence/display/TOMCAT/Building+the+Tomcat+Native+Connector+binaries+for+Windows";>Wiki</a>.
</p>
</div></div>
@@ -186,5 +184,5 @@ INFO: Initializing Coyote HTTP/1.1 on http-8080</code></pre></div>
</div></div>
</div></div></div></div></div><footer><div id="footer">
- Copyright © 2008-2016, The Apache Software Foundation
+ Copyright © 2008-2017, The Apache Software Foundation
</div></footer></div></body></html>
\ No newline at end of file
diff --git a/docs/miscellaneous/changelog.html b/docs/miscellaneous/changelog.html
index 4e75147..1b7557e 100644
--- a/docs/miscellaneous/changelog.html
+++ b/docs/miscellaneous/changelog.html
@@ -3,9 +3,63 @@
<p>
This is the Changelog for Tomcat Native 1.2.
</p>
+</div><h3 id="Changes_in_1.2.12">Changes in 1.2.12</h3><div class="text">
+ <ul class="changelog">
+ <li><img alt="Fix: " class="icon" src="../images/fix.gif">
+ Correct a regression in the fix for <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=59797";>59797</a> that triggered a JVM
+ crash on shutdown in some Tomcat unit tests when using the APR/native
+ connector. (markt)
+ </li>
+ </ul>
+</div><h3 id="Changes_in_1.2.11">Changes in 1.2.11</h3><div class="text">
+ <ul class="changelog">
+ <li><img alt="Fix: " class="icon" src="../images/fix.gif">
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=52627";>52627</a>: Prevent a crash in <code>File.infoGet()</code> caused by
+ the use of uninitialised variables. Based on patch by Ilya Maykov. (markt)
+ </li>
+ <li><img alt="Fix: " class="icon" src="../images/fix.gif">
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=55113";>55113</a>: Document the process for creating a static tc-native
+ library with a FIPS-enabled OpenSSL and update the nmake make file to
+ support the process. (markt)
+ </li>
+ <li><img alt="Fix: " class="icon" src="../images/fix.gif">
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=55114";>55114</a>: Clean up building instructions for the native component
+ and expand the instructions for building for Windows platforms. (markt)
+ </li>
+ <li><img alt="Fix: " class="icon" src="../images/fix.gif">
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=55938";>55938</a>: Resolve remaining clang-analyzer warnings. Note that the
+ use of <code>-1</code> to indicate the full array in
+ <code>File.(read|write)[Full]</code> has been removed since it was only
+ partially implemented and the implementation was faulty. (markt)
+ </li>
+ <li><img alt="Fix: " class="icon" src="../images/fix.gif">
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=58082";>58082</a>: Update unit tests to use JUnit 4. Refactor unit tests
+ into separate tests and use an external to reference them in the same way
+ an external is used to reference the main code. (markt)
+ </li>
+ <li><img alt="Fix: " class="icon" src="../images/fix.gif">
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=59797";>59797</a>: Ensure that the per thread error hash maintained by
+ OpenSSL is cleaned up as individual threads exit to ensure it does not
+ grow too large. Patch provided by Nate Clark. (markt)
+ </li>
+ <li><img alt="Fix: " class="icon" src="../images/fix.gif">
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=59996";>59996</a>: Correctly handle building tc-native on a 64-bit system
+ when using an OpenSSL distribution that is not in <code>/usr</code>.
+ (csutherl)
+ </li>
+ <li><img alt="Fix: " class="icon" src="../images/fix.gif">
+ <a href="http://issues.apache.org/bugzilla/show_bug.cgi?id=60388";>60388</a>: The --disable-maintainer-mode option of the configure
+ script no longer enables the maintainer mode. (ebourg)
+ </li>
+ <li><img alt="Update: " class="icon" src="../images/update.gif">
+ Update minimum recommended OpenSSL version to 1.0.2k. (markt)
+ </li>
+ </ul>
</div><h3 id="Changes_in_1.2.10">Changes in 1.2.10</h3><div class="text">
<ul class="changelog">
+ <li><img alt="Update: " class="icon" src="../images/update.gif">
Update minimum recommended OpenSSL version to 1.0.2j. (markt)
+ </li>
</ul>
</div><h3 id="Changes_in_1.2.9">Changes in 1.2.9</h3><div class="text">
<ul class="changelog">
@@ -194,5 +248,5 @@
<p>Please see the <a href="../../native-1.1-doc/miscellaneous/changelog.html">1.1.x
changelog</a>.</p>
</div></div></div></div></div><footer><div id="footer">
- Copyright © 2008-2016, The Apache Software Foundation
+ Copyright © 2008-2017, The Apache Software Foundation
</div></footer></div></body></html>
\ No newline at end of file
diff --git a/docs/news/2008.html b/docs/news/2008.html
index 9bd9f02..fd186c7 100644
--- a/docs/news/2008.html
+++ b/docs/news/2008.html
@@ -24,5 +24,5 @@ and some bug fixes.
</p>
</div></div>
</div></div></div></div></div><footer><div id="footer">
- Copyright © 2008-2016, The Apache Software Foundation
+ Copyright © 2008-2017, The Apache Software Foundation
</div></footer></div></body></html>
\ No newline at end of file
diff --git a/docs/news/2009.html b/docs/news/2009.html
index 14ae6d3..87677ff 100644
--- a/docs/news/2009.html
+++ b/docs/news/2009.html
@@ -8,5 +8,5 @@ of Tomcat Native 1.1.18. This is a stable release adding some bug fixes.
</p>
</div></div>
</div></div></div></div></div><footer><div id="footer">
- Copyright © 2008-2016, The Apache Software Foundation
+ Copyright © 2008-2017, The Apache Software Foundation
</div></footer></div></body></html>
\ No newline at end of file
diff --git a/docs/news/2010.html b/docs/news/2010.html
index fe4adba..bfe6ec8 100644
--- a/docs/news/2010.html
+++ b/docs/news/2010.html
@@ -13,5 +13,5 @@ of Tomcat Native 1.1.19. This is a stable release adding some bug fixes.
</p>
</div></div>
</div></div></div></div></div><footer><div id="footer">
- Copyright © 2008-2016, The Apache Software Foundation
+ Copyright © 2008-2017, The Apache Software Foundation
</div></footer></div></body></html>
\ No newline at end of file
diff --git a/docs/news/2011.html b/docs/news/2011.html
index 3d75fbc..68a68f4 100644
--- a/docs/news/2011.html
+++ b/docs/news/2011.html
@@ -9,5 +9,5 @@ of Tomcat Native 1.1.22. This is a stable release adding some bug fixes.
</p>
</div></div>
</div></div></div></div></div><footer><div id="footer">
- Copyright © 2008-2016, The Apache Software Foundation
+ Copyright © 2008-2017, The Apache Software Foundation
</div></footer></div></body></html>
\ No newline at end of file
diff --git a/docs/news/2012.html b/docs/news/2012.html
index 5813592..5819825 100644
--- a/docs/news/2012.html
+++ b/docs/news/2012.html
@@ -19,5 +19,5 @@ experimental support for OCSP and PKCS12 certificates.
</p>
</div></div>
</div></div></div></div></div><footer><div id="footer">
- Copyright © 2008-2016, The Apache Software Foundation
+ Copyright © 2008-2017, The Apache Software Foundation
</div></footer></div></body></html>
\ No newline at end of file
diff --git a/docs/news/2013.html b/docs/news/2013.html
index 97d237c..8e0f0db 100644
--- a/docs/news/2013.html
+++ b/docs/news/2013.html
@@ -22,5 +22,5 @@ of Tomcat Native 1.1.27. This is a bug fixing release.
</p>
</div></div>
</div></div></div></div></div><footer><div id="footer">
- Copyright © 2008-2016, The Apache Software Foundation
+ Copyright © 2008-2017, The Apache Software Foundation
</div></footer></div></body></html>
\ No newline at end of file
diff --git a/docs/news/2014.html b/docs/news/2014.html
index 72feded..e30bc65 100644
--- a/docs/news/2014.html
+++ b/docs/news/2014.html
@@ -19,5 +19,5 @@
</p>
</div></div>
</div></div></div></div></div><footer><div id="footer">
- Copyright © 2008-2016, The Apache Software Foundation
+ Copyright © 2008-2017, The Apache Software Foundation
</div></footer></div></body></html>
\ No newline at end of file
diff --git a/docs/news/2015.html b/docs/news/2015.html
index 912b9f8..fa3ae0c 100644
--- a/docs/news/2015.html
+++ b/docs/news/2015.html
@@ -26,5 +26,5 @@
</p>
</div></div>
</div></div></div></div></div><footer><div id="footer">
- Copyright © 2008-2016, The Apache Software Foundation
+ Copyright © 2008-2017, The Apache Software Foundation
</div></footer></div></body></html>
\ No newline at end of file
diff --git a/docs/news/2016.html b/docs/news/2016.html
index de25a01..e8b5899 100644
--- a/docs/news/2016.html
+++ b/docs/news/2016.html
@@ -1,5 +1,12 @@
<!DOCTYPE html SYSTEM "about:legacy-compat">
<html lang="en"><head><META http-equiv="Content-Type" content="text/html; charset=UTF-8"><link href="../images/docs-stylesheet.css" rel="stylesheet" type="text/css"><link href="../images/style.css" rel="stylesheet" type="text/css"><title>The Apache Tomcat Native - News - 2016 News and Status</title></head><body><div id="wrapper"><header><div id="header"><div><div><div class="logo noPrint"><a href="http://tomcat.apache.org/";><img alt="Tomcat Home" src="../images/tomcat.png"></a></div><div style="height: 1px;"></div><div class="asfLogo noPrint"><a href="http://www.apache.org/"; target="_blank"><img src="../images/asf-feather.png" alt="The Apache Software Foundation" style="width: 266px; height: 83px;"></a></div><h1>The Apache Tomcat Native - News</h1><div style="height: 1px;"></div><div style="clear: left;"></div></div></div></div></header><div id="middle"><div><div id="mainLeft" class="noprint"><div><nav><div><h2><strong>Links</strong></h2><ul><li><a href="../index.html">Docs Home</a></li></ul></div><div><h2><strong>Miscellaneous Documentation</strong></h2><ul><li><a href="../miscellaneous/changelog.html">Changelog</a></li></ul></div><div><h2><strong>News</strong></h2><ul><li><a href="../news/2016.html">2016</a></li><li><a href="../news/2015.html">2015</a></li><li><a href="../news/2014.html">2014</a></li><li><a href="../news/2013.html">2013</a></li><li><a href="../news/2012.html">2012</a></li><li><a href="../news/2011.html">2011</a></li><li><a href="../news/2010.html">2010</a></li><li><a href="../news/2009.html">2009</a></li><li><a href="../news/2008.html">2008</a></li></ul></div></nav></div></div><div id="mainRight"><div id="content"><h2>2016 News and Status</h2><h3 id="2016_News_&_Status">2016 News & Status</h3><div class="text">
+ <div class="subsection"><h4 id="20161005">5 October 2016 - TC-Native-1.2.10 released</h4><div class="text">
+ <p>The Apache Tomcat team is proud to announce the immediate availability
+ of Tomcat Native 1.2.10. This is a release to update dependencies for the
+ Windows binaries and includes Windows binaries built with OpenSSL 1.0.2j and
+ APR 1.5.2.
+ </p>
+ </div></div>
<div class="subsection"><h4 id="20160702">2 July 2016 - TC-Native-1.2.8 released</h4><div class="text">
<p>The Apache Tomcat team is proud to announce the immediate availability
of Tomcat Native 1.2.8. This is a bug fix release release and includes Windows
@@ -32,5 +39,5 @@
</p>
</div></div>
</div></div></div></div></div><footer><div id="footer">
- Copyright © 2008-2016, The Apache Software Foundation
+ Copyright © 2008-2017, The Apache Software Foundation
</div></footer></div></body></html>
\ No newline at end of file
diff --git a/examples/org/apache/tomcat/jni/Echo.java b/examples/org/apache/tomcat/jni/Echo.java
index dcc8704..1c84d31 100644
--- a/examples/org/apache/tomcat/jni/Echo.java
+++ b/examples/org/apache/tomcat/jni/Echo.java
@@ -50,7 +50,7 @@ public class Echo {
echoNmax = Integer.decode(props.getProperty("echo.max", "1")).intValue();
}
catch (Throwable t) {
- ; // Nothing
+ // NO-OP
}
}
@@ -90,6 +90,7 @@ public class Echo {
}
}
+ @Override
public void run() {
int i = 0;
try {
@@ -168,6 +169,7 @@ public class Echo {
}
}
+ @Override
public void run() {
while (true) {
try {
@@ -228,6 +230,7 @@ public class Echo {
from + "\r\n").getBytes();
}
+ @Override
public void run() {
boolean doClose = false;
try {
@@ -328,6 +331,7 @@ public class Echo {
System.out.println("Starting Native Echo server example on port " +
echoAddr + ":" + echoPort);
+ @SuppressWarnings("unused")
Echo echo = new Echo();
} catch (Exception e) {
e.printStackTrace();
diff --git a/examples/org/apache/tomcat/jni/LocalServer.java b/examples/org/apache/tomcat/jni/LocalServer.java
index 89070ff..ec84993 100644
--- a/examples/org/apache/tomcat/jni/LocalServer.java
+++ b/examples/org/apache/tomcat/jni/LocalServer.java
@@ -45,7 +45,7 @@ public class LocalServer {
serverNmax = Integer.decode(props.getProperty("local.max", "0")).intValue();
}
catch (Throwable t) {
- ; // Nothing
+ // NO-OP
}
}
@@ -96,6 +96,7 @@ public class LocalServer {
}
}
+ @Override
public void run() {
int i = 0;
try {
@@ -128,6 +129,7 @@ public class LocalServer {
from).getBytes();
}
+ @Override
public void run() {
boolean doClose = false;
try {
@@ -173,6 +175,7 @@ public class LocalServer {
try {
Library.initialize(null);
+ @SuppressWarnings("unused")
LocalServer server = new LocalServer();
} catch (Exception e) {
e.printStackTrace();
diff --git a/examples/org/apache/tomcat/jni/SSLServer.java b/examples/org/apache/tomcat/jni/SSLServer.java
index a19e91a..cb91f1c 100644
--- a/examples/org/apache/tomcat/jni/SSLServer.java
+++ b/examples/org/apache/tomcat/jni/SSLServer.java
@@ -58,7 +58,7 @@ public class SSLServer {
serverPassword = props.getProperty("server.password", null);
}
catch (Throwable t) {
- ; // Nothing
+ // NO-OP
}
}
@@ -121,6 +121,7 @@ public class SSLServer {
}
}
+ @Override
public void run() {
int i = 0;
try {
@@ -185,6 +186,7 @@ public class SSLServer {
from + "\r\n").getBytes();
}
+ @Override
public void run() {
boolean doClose = false;
try {
@@ -228,6 +230,7 @@ public class SSLServer {
Library.initialize(null);
SSL.initialize(null);
+ @SuppressWarnings("unused")
SSLServer server = new SSLServer();
} catch (Exception e) {
e.printStackTrace();
diff --git a/java/org/apache/tomcat/Apr.java b/java/org/apache/tomcat/Apr.java
index 53d5d06..71db199 100644
--- a/java/org/apache/tomcat/Apr.java
+++ b/java/org/apache/tomcat/Apr.java
@@ -14,28 +14,11 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*/
-
-
package org.apache.tomcat;
-import java.io.InputStream;
-import java.util.Properties;
-
+/**
+ * @deprecated This will be removed in 1.3.x
+ */
+@Deprecated
public class Apr {
- private static String aprInfo = null;
-
- static {
-
- try {
- InputStream is = Apr.class.getResourceAsStream
- ("/org/apache/tomcat/apr.properties");
- Properties props = new Properties();
- props.load(is);
- is.close();
- aprInfo = props.getProperty("tcn.info");
- }
- catch (Throwable t) {
- ; // Nothing
- }
- }
}
diff --git a/java/org/apache/tomcat/jni/File.java b/java/org/apache/tomcat/jni/File.java
index e1378d4..4ae5523 100644
--- a/java/org/apache/tomcat/jni/File.java
+++ b/java/org/apache/tomcat/jni/File.java
@@ -359,7 +359,7 @@ public class File {
* @param thefile The file descriptor to write to.
* @param buf The buffer which contains the data.
* @param offset Start offset in buf
- * @param nbytes The number of bytes to write; (-1) for full array.
+ * @param nbytes The number of bytes to write
* @return The number of bytes written.
*/
public static native int write(long thefile, byte[] buf, int offset, int nbytes);
@@ -400,7 +400,7 @@ public class File {
* @param thefile The file descriptor to write to.
* @param buf The buffer which contains the data.
* @param offset Start offset in buf
- * @param nbytes The number of bytes to write; (-1) for full array.
+ * @param nbytes The number of bytes to write
* @return The number of bytes written.
*/
public static native int writeFull(long thefile, byte[] buf, int offset, int nbytes);
@@ -469,7 +469,7 @@ public class File {
* @param thefile The file descriptor to read from.
* @param buf The buffer to store the data to.
* @param offset Start offset in buf
- * @param nbytes The number of bytes to read (-1) for full array.
+ * @param nbytes The number of bytes to read
* @return the number of bytes read.
*/
public static native int read(long thefile, byte[] buf, int offset, int nbytes);
@@ -512,7 +512,7 @@ public class File {
* @param thefile The file descriptor to read from.
* @param buf The buffer to store the data to.
* @param offset Start offset in buf
- * @param nbytes The number of bytes to read (-1) for full array.
+ * @param nbytes The number of bytes to read
* @return the number of bytes read.
*/
public static native int readFull(long thefile, byte[] buf, int offset, int nbytes);
diff --git a/java/org/apache/tomcat/jni/Registry.java b/java/org/apache/tomcat/jni/Registry.java
index e1f814c..209e02f 100644
--- a/java/org/apache/tomcat/jni/Registry.java
+++ b/java/org/apache/tomcat/jni/Registry.java
@@ -17,7 +17,7 @@
package org.apache.tomcat.jni;
-/** Windows Registy support
+/** Windows Registry support
*
* @author Mladen Turk
*/
diff --git a/java/org/apache/tomcat/jni/Status.java b/java/org/apache/tomcat/jni/Status.java
index 53b5dd4..56d9445 100644
--- a/java/org/apache/tomcat/jni/Status.java
+++ b/java/org/apache/tomcat/jni/Status.java
@@ -144,7 +144,7 @@ public class Status {
* APR_ANONYMOUS APR is using anonymous shared memory
* APR_FILEBASED APR is using a file name as the key to the shared memory
* APR_KEYBASED APR is using a shared key as the key to the shared memory
- * APR_EINIT Ininitalizer value. If no option has been found, but
+ * APR_EINIT Initializer value. If no option has been found, but
* the status variable requires a value, this should be used
* APR_ENOTIMPL The APR function has not been implemented on this
* platform, either because nobody has gotten to it yet,
diff --git a/native/BUILDING b/native/BUILDING
index fbfbd73..f3dd72b 100644
--- a/native/BUILDING
+++ b/native/BUILDING
@@ -15,88 +15,181 @@
limitations under the License.
================================================================================
-Prerequisites
--------------
+Linux / Unix / OSX (dynamic linking)
+====================================
-You need OpenSSL version 1.0.2 or higher and APR version 1.4.0 or higher.
+1. Prerequisites
-Building from source package
------------------------------
+ Install OpenSSL version 1.0.2 or higher
+ Install APR version 1.4.0 or higher.
+ Download and expand the source package or use an svn checkout
-> configure --with-apr=apr_install_location --with-ssl=openssl_install_location
-> make
-
-Building from the svn tree
---------------------------
+ > cd native
-> sh buildconf --with-apr=apr_source_location.
-> configure --with-apr=apr_install_location --with-ssl=openssl_install_location
-> make
+2. Configure build environment
-Testing the build
------------------
+ Note: This step is only required if you are building from an svn checkout. It
+ is not required when building from a source package.
-The make should produce a .so file named libtcnative-1.so.
-Build the jar containing the examples by
+ > sh buildconf --with-apr=apr_source_location.
-> cd ..
-> ant jar
- Run one of the example (the echo one):
-> ant run-echo
+3. Build
-Using it in Tomcat
-------------------
+ > configure --with-apr=apr_install_location --with-ssl=openssl_install_location
+ > make
-1. In <Connector> use of conf/server.xml:
- protocol="org.apache.coyote.http11.Http11AprProtocol"
-2. In bin/setenv.sh add the following:
- CATALINA_OPTS="$CATALINA_OPTS -Djava.library.path=tclib_location"
- In my machine I am using:
- /home/jfclere/native/native/.libs for tclib_location
+ This should produce a file named libtcnative-1.so
-NOTES
------
- - configure --disable-openssl: Configure without ssl support.
- - To use it in Tomcat you may have to add in bin/setenv.sh:
- LD_LIBRARY_PATH=openssl_install_location/lib; export LD_LIBRARY_PATH
- (use ldd ./.libs/libtcnative-1.so to check it).
- - quick testing: openssl s_client -connect localhost:8443
- - For MAC OS X you must manually add a link
- cd ${tcnative installdir}
- ln -d libtcnative-1.dylib libtcnative-1.jnilib
+ Note: To build without SSL support use:
+ > configure --disable-openssl --with-apr=apr_install_location
-Building statically linked library on Unixes
---------------------------------------------
-To statically link apr and openssl dependencies use the following
-procedure.
+Linux / Unix / OSX (static linking)
+===================================
-You will need to build static version of openssl library.
+1. Build static version of OpenSSL 1.0.2 or later
> ./config --prefix=~/natives/openssl no-shared -fPIC
> make
> make install_sw
-Note that for Solaris platform you should use -KPIC instead -fPIC
-so that library is compiled with position independent code.
+ Note: For the Solaris platform you should use -KPIC instead -fPIC so that the
+ library is compiled with position independent code.
-Apr by default builds both static and dynamic libraries.
+2. Build static version of APR 1.4.0 or later
> ./configure --prefix=~/natives/apr
> make
> make install
-After that edit the ~/natives/apr/lib/libapr-1.la file
-and comment or delete the following sections:
-dlname='...' and library_names='...'
+ Note: APR builds both static and dynamic libraries by default.
+
+3. Ensure the static APR library is used
+
+ Edit the ~/natives/apr/lib/libapr-1.la file and comment or delete the
+ following sections: dlname='...' and library_names='...'
This is needed so that libtool picks the static version of the library.
-Build Tomcat native by executing
+4. Build tc-native
> ./configure --with-apr=~/natives/apr --with-ssl=~/natives/openssl --prefix=~/natives/tomcat
> make
> make install
-That's it. You have just build libtcnative-1.so with statically linked
-apr and openssl.
+
+Windows
+=======
+
+1. Prerequisites
+
+ These steps assume a suitable build environment has been set up.
+ https://cwiki.apache.org/confluence/display/TOMCAT/Common+Native+Build+Environment
+
+2. Obtain tc-native source
+
+ Download and expand the source package or use an svn checkout
+
+3. Build APR
+
+ Unpack the APR source distribution into native\srclib\apr
+ Apply apr-enable-ipv6.patch
+
+ > c:\cmsc\setenv.bat /x86
+ > nmake -f NMAKEmakefile BUILD_CPU=x86 APR_DECLARE_STATIC=1
+ > mkdir WINXP_X86_LIB_RELEASE\include
+ > mkdir WINXP_X86_LIB_RELEASE\lib
+ > xcopy /E include WINXP_X86_LIB_RELEASE\include\
+ > copy WINXP_X86_LIB_RELEASE\apr-1.lib WINXP_X86_LIB_RELEASE\lib
+
+ > c:\cmsc\setenv.bat /x64
+ > nmake -f NMAKEmakefile BUILD_CPU=x64 APR_DECLARE_STATIC=1
+ > mkdir WINXP_X64_LIB_RELEASE\include
+ > mkdir WINXP_X64_LIB_RELEASE\lib
+ > xcopy /E include WINXP_X64_LIB_RELEASE\include\
+ > copy WINXP_X64_LIB_RELEASE\apr-1.lib WINXP_X64_LIB_RELEASE\lib
+
+4. Build OpenSSL
+
+ Unpack the OpenSSL source distribution into native\srclib\openssl
+ Apply openssl-msvcrt.patch
+
+ > c:\cmsc\setenv.bat /x86
+ > perl Configure VC-WIN32
+ > ms\do_nasm
+ > nmake -f ms\nt.mak
+ > mkdir release-x86
+ > mkdir release-x86\include
+ > mkdir release-x86\lib
+ > xcopy /E inc32 release-x86\include\
+ > copy out32\*.lib release-x86\lib\
+
+ > c:\cmsc\setenv.bat /x64
+ > perl Configure VC-WIN64A
+ > ms\do_win64a
+ > nmake -f ms\nt.mak clean
+ > nmake -f ms\nt.mak
+ > mkdir release-x64
+ > mkdir release-x64\include
+ > mkdir release-x64\lib
+ > xcopy /E inc32 release-x64\include\
+ > copy out32\*.lib release-x64\lib\
+
+5. Build tc-native
+
+ > SET JAVA_HOME=C:\Program Files\Java\jdk1.7.0_71
+
+ > c:\cmsc\setenv.bat /x86
+ > nmake -f NMAKEMakefile WITH_APR=srclib\apr\WINXP_X86_LIB_RELEASE WITH_OPENSSL=srclib\openssl\release-x86 APR_DECLARE_STATIC=1
+
+ > c:\cmsc\setenv.bat /x64
+ > nmake -f NMAKEMakefile WITH_APR=srclib\apr\WINXP_X64_LIB_RELEASE WITH_OPENSSL=srclib\openssl\release-x64 APR_DECLARE_STATIC=1
+
+ Note: Use ENABLE_OCSP=1 to create OCSP enabled builds
+
+
+Windows with FIPS
+=================
+
+The steps are broadly the same as the non-FIPS build with the following additions and changes.
+
+Note: The build process has only been verified with 64-bit Windows. The process
+ for 32-bit Windows should be very similar.
+
+1. Build the FIPS object module
+
+ This step should be completed immediately before building OpenSSL.
+
+ Unpack the openssl-fips-2.0.x.tar.gz distribution into native\srclib\openssl-fips
+ The tar.gz contains symbolic links. Ensure you unpack the archive with a tool
+ that replaces these with the linked file or manually replace the symbolic
+ links with associated the linked file before continuing.
+
+ > c:\cmsc\setenv.bat /x64
+ > set FIPSDIR=%cd%\lib-x64
+ > ms\do_fips
+
+2. Modify the OpenSSL build configuration
+
+ Add 'fips' to the OpenSSL build configuration
+
+ > perl Configure VC-WIN64A fips
+
+3. Test the OpenSSL build
+
+ This step should be completed immediately after building OpenSSL.
+
+ > SET OPENSSL_FIPS=1
+ > openssl md5 openssl.exe
+
+ This should fail since MD5 is disabled in FIPS mode.
+
+ > SET OPENSSL_FIPS=
+ > openssl md5 openssl.exe
+
+ This should work.
+
+4. Modify the tc-native build configuration
+
+ > c:\cmsc\setenv.bat /x64
+ > nmake -f NMAKEMakefile WITH_APR=srclib\apr\WINXP_X64_LIB_RELEASE WITH_OPENSSL=srclib\openssl\release-x64 WITH_FIPS=srclib\openssl-fips\lib-x64 APR_DECLARE_STATIC=1
diff --git a/native/NMAKEmakefile b/native/NMAKEmakefile
index c22d97c..bfd5a2d 100644
--- a/native/NMAKEmakefile
+++ b/native/NMAKEmakefile
@@ -71,7 +71,11 @@ LDIRS = $(LDIRS) /libpath:"$(WITH_OPENSSL)\out32"
LFLAGS = $(LFLAGS) /version:1.1
LFLAGS = $(LFLAGS) user32.lib psapi.lib gdi32.lib shlwapi.lib wldap32.lib ole32.lib
LFLAGS = $(LFLAGS) $(APR_LIB)
+!IF DEFINED(WITH_FIPS)
+LFLAGS = $(LFLAGS) libeayfips32.lib libeaycompat32.lib ssleay32.lib /NODEFAULTLIB:LIBCMT
+!ELSE
LFLAGS = $(LFLAGS) libeay32.lib ssleay32.lib
+!ENDIF
CFLAGS = $(CFLAGS) -DZLIB_WINAPI -DNO_IDEA -DNO_RC5 -DNO_MDC2 -DOPENSSL_NO_IDEA \
-DOPENSSL_NO_RC5 -DOPENSSL_NO_MDC2 -DHAVE_OPENSSL -DHAVE_SSL_SET_STATE=1
@@ -107,6 +111,16 @@ OBJECTS = \
$(WORKDIR)\ntpipe.obj \
$(WORKDIR)\registry.obj \
$(WORKDIR)\system.obj
+!IF DEFINED(WITH_FIPS)
+OBJECTS = $(OBJECTS) srclib\openssl\tmp32\fips_premain.obj
+!ENDIF
+
+!IF DEFINED(WITH_FIPS)
+FIPS_OPTS = /map
+LINK_WRAPPER = perl $(FIPSDIR)\bin\fipslink.pl
+!ELSE
+LINK_WRAPPER = $(LINK)
+!ENDIF
HEADERS = \
$(SRCDIR)\include\tcn.h \
@@ -140,7 +154,15 @@ $(BUILDRES): $(SRCDIR)\os\win32\libtcnative.rc $(HEADERS)
$(RC) $(RCFLAGS) /i "$(SRCDIR)\include" /fo $(BUILDRES) $(SRCDIR)\os\win32\libtcnative.rc
$(BUILDBIN): $(WORKDIR) $(OBJECTS) $(BUILDRES)
- $(LINK) $(LFLAGS) $(OBJECTS) $(BUILDRES) $(LIBS) $(LDIRS) /pdb:$(BUILDPDB) /out:$(BUILDBIN)
+ SET FIPSLINK=perl $(FIPSDIR)\bin\fipslink.pl
+ SET FIPS_LINK=$(LINK)
+ SET FIPS_CC=$(CC)
+ SET FIPS_CC_ARGS=/Fosrclib\openssl\tmp32\fips_premain.obj /MD -c
+ SET PREMAIN_DSO_EXE=srclib\openssl\\out32\fips_premain_dso.exe
+ SET FIPS_TARGET=$(BUILDBIN)
+ SET FIPS_SHA1_EXE=$(FIPSDIR)\bin\fips_standalone_sha1.exe
+ SET FIPSLIB_D=$(FIPSDIR)\lib
+ $(LINK_WRAPPER) $(LFLAGS) $(OBJECTS) $(BUILDRES) $(LIBS) $(LDIRS) /pdb:$(BUILDPDB) $(FIPS_OPTS) /out:$(BUILDBIN)
IF EXIST $(BUILDMAN) \
mt -nologo -manifest $(BUILDMAN) -outputresource:$(BUILDBIN);2
diff --git a/native/build/config.guess b/native/build/config.guess
index 72625d4..1f5c50c 100755
--- a/native/build/config.guess
+++ b/native/build/config.guess
@@ -2,7 +2,7 @@
# Attempt to guess a canonical system name.
# Copyright 1992-2014 Free Software Foundation, Inc.
-timestamp='2014-02-12'
+timestamp='2014-03-23'
# This file is free software; you can redistribute it and/or modify it
# under the terms of the GNU General Public License as published by
@@ -826,7 +826,7 @@ EOF
*:MINGW*:*)
echo ${UNAME_MACHINE}-pc-mingw32
exit ;;
- i*:MSYS*:*)
+ *:MSYS*:*)
echo ${UNAME_MACHINE}-pc-msys
exit ;;
i*:windows32*:*)
@@ -969,10 +969,10 @@ EOF
eval `$CC_FOR_BUILD -E $dummy.c 2>/dev/null | grep '^CPU'`
test x"${CPU}" != x && { echo "${CPU}-unknown-linux-${LIBC}"; exit; }
;;
- or1k:Linux:*:*)
- echo ${UNAME_MACHINE}-unknown-linux-${LIBC}
+ openrisc*:Linux:*:*)
+ echo or1k-unknown-linux-${LIBC}
exit ;;
- or32:Linux:*:*)
+ or32:Linux:*:* | or1k*:Linux:*:*)
echo ${UNAME_MACHINE}-unknown-linux-${LIBC}
exit ;;
padre:Linux:*:*)
diff --git a/native/build/config.sub b/native/build/config.sub
index 092cff0..bba4efb 100755
--- a/native/build/config.sub
+++ b/native/build/config.sub
@@ -2,7 +2,7 @@
# Configuration validation subroutine script.
# Copyright 1992-2014 Free Software Foundation, Inc.
-timestamp='2014-01-01'
+timestamp='2014-09-11'
# This file is free software; you can redistribute it and/or modify it
# under the terms of the GNU General Public License as published by
@@ -283,8 +283,10 @@ case $basic_machine in
| mips64vr5900 | mips64vr5900el \
| mipsisa32 | mipsisa32el \
| mipsisa32r2 | mipsisa32r2el \
+ | mipsisa32r6 | mipsisa32r6el \
| mipsisa64 | mipsisa64el \
| mipsisa64r2 | mipsisa64r2el \
+ | mipsisa64r6 | mipsisa64r6el \
| mipsisa64sb1 | mipsisa64sb1el \
| mipsisa64sr71k | mipsisa64sr71kel \
| mipsr5900 | mipsr5900el \
@@ -296,11 +298,11 @@ case $basic_machine in
| nds32 | nds32le | nds32be \
| nios | nios2 | nios2eb | nios2el \
| ns16k | ns32k \
- | open8 \
- | or1k | or32 \
+ | open8 | or1k | or1knd | or32 \
| pdp10 | pdp11 | pj | pjl \
| powerpc | powerpc64 | powerpc64le | powerpcle \
| pyramid \
+ | riscv32 | riscv64 \
| rl78 | rx \
| score \
| sh | sh[1234] | sh[24]a | sh[24]aeb | sh[23]e | sh[34]eb | sheb | shbe | shle | sh[1234]le | sh3ele \
@@ -402,8 +404,10 @@ case $basic_machine in
| mips64vr5900-* | mips64vr5900el-* \
| mipsisa32-* | mipsisa32el-* \
| mipsisa32r2-* | mipsisa32r2el-* \
+ | mipsisa32r6-* | mipsisa32r6el-* \
| mipsisa64-* | mipsisa64el-* \
| mipsisa64r2-* | mipsisa64r2el-* \
+ | mipsisa64r6-* | mipsisa64r6el-* \
| mipsisa64sb1-* | mipsisa64sb1el-* \
| mipsisa64sr71k-* | mipsisa64sr71kel-* \
| mipsr5900-* | mipsr5900el-* \
@@ -415,6 +419,7 @@ case $basic_machine in
| nios-* | nios2-* | nios2eb-* | nios2el-* \
| none-* | np1-* | ns16k-* | ns32k-* \
| open8-* \
+ | or1k*-* \
| orion-* \
| pdp10-* | pdp11-* | pj-* | pjl-* | pn-* | power-* \
| powerpc-* | powerpc64-* | powerpc64le-* | powerpcle-* \
@@ -824,6 +829,10 @@ case $basic_machine in
basic_machine=powerpc-unknown
os=-morphos
;;
+ moxiebox)
+ basic_machine=moxie-unknown
+ os=-moxiebox
+ ;;
msdos)
basic_machine=i386-pc
os=-msdos
@@ -1369,14 +1378,14 @@ case $os in
| -cygwin* | -msys* | -pe* | -psos* | -moss* | -proelf* | -rtems* \
| -mingw32* | -mingw64* | -linux-gnu* | -linux-android* \
| -linux-newlib* | -linux-musl* | -linux-uclibc* \
- | -uxpv* | -beos* | -mpeix* | -udk* \
+ | -uxpv* | -beos* | -mpeix* | -udk* | -moxiebox* \
| -interix* | -uwin* | -mks* | -rhapsody* | -darwin* | -opened* \
| -openstep* | -oskit* | -conix* | -pw32* | -nonstopux* \
| -storm-chaos* | -tops10* | -tenex* | -tops20* | -its* \
| -os2* | -vos* | -palmos* | -uclinux* | -nucleus* \
| -morphos* | -superux* | -rtmk* | -rtmk-nova* | -windiss* \
| -powermax* | -dnix* | -nx6 | -nx7 | -sei* | -dragonfly* \
- | -skyos* | -haiku* | -rdos* | -toppers* | -drops* | -es*)
+ | -skyos* | -haiku* | -rdos* | -toppers* | -drops* | -es* | -tirtos*)
# Remember, each alternative MUST END IN *, to match a version number.
;;
-qnx*)
@@ -1594,9 +1603,6 @@ case $basic_machine in
mips*-*)
os=-elf
;;
- or1k-*)
- os=-elf
- ;;
or32-*)
os=-coff
;;
diff --git a/native/build/tcnative.m4 b/native/build/tcnative.m4
index d57ffe1..0927afd 100644
--- a/native/build/tcnative.m4
+++ b/native/build/tcnative.m4
@@ -210,22 +210,23 @@ case "$use_openssl" in
TCN_OPENSSL_LIBS="-lssl -lcrypto"
else
TCN_OPENSSL_INC="-I$use_openssl/include"
+ test -d $use_openssl/lib64 && ssllibdir=lib64 || ssllibdir=lib
case $host in
*-solaris*)
- TCN_OPENSSL_LIBS="-L$use_openssl/lib -R$use_openssl/lib -lssl -lcrypto"
+ TCN_OPENSSL_LIBS="-L$use_openssl/$ssllibdir -R$use_openssl/$ssllibdir -lssl -lcrypto"
;;
*-hp-hpux*)
- TCN_OPENSSL_LIBS="-L$use_openssl/lib -Wl,+b: -lssl -lcrypto"
+ TCN_OPENSSL_LIBS="-L$use_openssl/$ssllibdir -Wl,+b: -lssl -lcrypto"
;;
*linux*)
- TCN_OPENSSL_LIBS="-L$use_openssl/lib -Wl,-rpath,$use_openssl/lib -lssl -lcrypto"
+ TCN_OPENSSL_LIBS="-L$use_openssl/$ssllibdir -Wl,-rpath,$use_openssl/$ssllibdir -lssl -lcrypto"
;;
*)
- TCN_OPENSSL_LIBS="-L$use_openssl/lib -lssl -lcrypto"
+ TCN_OPENSSL_LIBS="-L$use_openssl/$ssllibdir -lssl -lcrypto"
;;
esac
fi
- AC_MSG_RESULT(using openssl from $use_openssl/lib and $use_openssl/include)
+ AC_MSG_RESULT(using openssl from $use_openssl/$libdir and $use_openssl/include)
saved_cflags="$CFLAGS"
saved_libs="$LIBS"
diff --git a/native/configure.in b/native/configure.in
index af6c034..209ba6b 100644
--- a/native/configure.in
+++ b/native/configure.in
@@ -194,16 +194,19 @@ AC_SUBST(EXTRA_OS_LINK)
dnl CFLAGS for maintainer mode
dnl it also allows the CFLAGS environment variable.
CFLAGS="${CFLAGS}"
-AC_ARG_ENABLE(
-maintainer-mode,
-[ --enable-maintainer-mode Turn on debugging and compile time warnings],
+AC_ARG_ENABLE(maintainer-mode,
+[AS_HELP_STRING([--enable-maintainer-mode],[Turn on debugging and compile time warnings])],
[
+ case "${enableval}" in
+ yes )
if test "$GCC" = "yes"; then
CFLAGS="${CFLAGS} -DDEBUG -Wall"
else
CFLAGS="${CFLAGS} -DDEBUG"
fi
AC_MSG_RESULT([...Enabling Maintainer mode...])
+ ;;
+ esac
])
dnl
diff --git a/native/include/ssl_private.h b/native/include/ssl_private.h
index ca0da64..0a165ab 100644
--- a/native/include/ssl_private.h
+++ b/native/include/ssl_private.h
@@ -362,5 +362,12 @@ int SSL_callback_next_protos(SSL *, const unsigned char **, unsigned int
int SSL_callback_select_next_proto(SSL *, unsigned char **, unsigned char *, const unsigned char *, unsigned int,void *);
int SSL_callback_alpn_select_proto(SSL *, const unsigned char **, unsigned char *, const unsigned char *, unsigned int, void *);
+#if (OPENSSL_VERSION_NUMBER < 0x10100000L) && ! (defined(WIN32) || defined(WIN64))
+unsigned long SSL_ERR_get(void);
+void SSL_ERR_clear(void);
+#else
+#define SSL_ERR_get() ERR_get_error()
+#define SSL_ERR_clear() ERR_clear_error()
+#endif
#endif /* SSL_PRIVATE_H */
diff --git a/native/include/tcn_api.h b/native/include/tcn_api.h
index c334af5..3a8703d 100644
--- a/native/include/tcn_api.h
+++ b/native/include/tcn_api.h
@@ -36,7 +36,7 @@
* Tomcat Native Public API
*/
-/* Return global apr pool
+/* Return global apr pool, creating it if necessary
*/
apr_pool_t *tcn_get_global_pool(void);
diff --git a/native/include/tcn_version.h b/native/include/tcn_version.h
index ba80e10..6d627ff 100644
--- a/native/include/tcn_version.h
+++ b/native/include/tcn_version.h
@@ -63,7 +63,7 @@ extern "C" {
#define TCN_MINOR_VERSION 2
/** patch level */
-#define TCN_PATCH_VERSION 10
+#define TCN_PATCH_VERSION 12
/**
* This symbol is defined for internal, "development" copies of TCN. This
diff --git a/native/os/win32/libtcnative.rc b/native/os/win32/libtcnative.rc
index c109620..6a83b87 100644
--- a/native/os/win32/libtcnative.rc
+++ b/native/os/win32/libtcnative.rc
@@ -20,7 +20,7 @@ LANGUAGE 0x9,0x1
"See the License for the specific language governing " \
"permissions and limitations under the License."
-#define TCN_VERSION "1.2.10"
+#define TCN_VERSION "1.2.12"
1000 ICON "apache.ico"
1001 DIALOGEX 0, 0, 252, 51
@@ -36,8 +36,8 @@ BEGIN
END
1 VERSIONINFO
- FILEVERSION 1,2,10,0
- PRODUCTVERSION 1,2,10,0
+ FILEVERSION 1,2,12,0
+ PRODUCTVERSION 1,2,12,0
FILEFLAGSMASK 0x3fL
#ifdef _DEBUG
FILEFLAGS 0x1L
diff --git a/native/os/win32/system.c b/native/os/win32/system.c
index e6f8fdf..4731d17 100644
--- a/native/os/win32/system.c
+++ b/native/os/win32/system.c
@@ -101,6 +101,9 @@ DllMain(
/** The thread of the attached process terminates.
*/
case DLL_THREAD_DETACH:
+#ifdef HAVE_OPENSSL
+ ERR_remove_thread_state(NULL);
+#endif
break;
/** DLL unload due to process termination
diff --git a/native/src/file.c b/native/src/file.c
index afbb0dd..e9bd5cf 100644
--- a/native/src/file.c
+++ b/native/src/file.c
@@ -286,8 +286,6 @@ TCN_IMPLEMENT_CALL(jint, File, write)(TCN_STDARGS, jlong file,
apr_status_t ss;
UNREFERENCED(o);
- if (towrite < 0)
- towrite = (*e)->GetArrayLength(e, buf);
ss = apr_file_write(f, bytes + offset, &nbytes);
(*e)->ReleasePrimitiveArrayCritical(e, buf, bytes, JNI_ABORT);
@@ -325,8 +323,6 @@ TCN_IMPLEMENT_CALL(jint, File, writeFull)(TCN_STDARGS, jlong file,
jbyte *bytes = (*e)->GetByteArrayElements(e, buf, NULL);
UNREFERENCED(o);
- if (towrite < 0)
- towrite = (*e)->GetArrayLength(e, buf);
ss = apr_file_write_full(f, bytes + offset, nbytes, &written);
(*e)->ReleaseByteArrayElements(e, buf, bytes, JNI_ABORT);
diff --git a/native/src/info.c b/native/src/info.c
index b6448d4..23afa31 100644
--- a/native/src/info.c
+++ b/native/src/info.c
@@ -216,7 +216,7 @@ TCN_IMPLEMENT_CALL(jint, File, stat)(TCN_STDARGS, jobject finfo,
apr_pool_t *p = J2P(pool, apr_pool_t *);
TCN_ALLOC_CSTRING(fname);
apr_status_t rv;
- apr_finfo_t info;
+ apr_finfo_t info = {0};
UNREFERENCED(o);
@@ -235,7 +235,7 @@ TCN_IMPLEMENT_CALL(jobject, File, getStat)(TCN_STDARGS, jstring fname,
apr_pool_t *p = J2P(pool, apr_pool_t *);
TCN_ALLOC_CSTRING(fname);
apr_status_t rv;
- apr_finfo_t info;
+ apr_finfo_t info = {0};
jobject finfo = NULL;
UNREFERENCED(o);
@@ -258,7 +258,7 @@ TCN_IMPLEMENT_CALL(jint, File, infoGet)(TCN_STDARGS, jobject finfo,
{
apr_file_t *f = J2P(file, apr_file_t *);
apr_status_t rv;
- apr_finfo_t info;
+ apr_finfo_t info = {0};
UNREFERENCED(o);
@@ -274,7 +274,7 @@ TCN_IMPLEMENT_CALL(jobject, File, getInfo)(TCN_STDARGS, jint wanted, jlong file)
{
apr_file_t *f = J2P(file, apr_file_t *);
apr_status_t rv;
- apr_finfo_t info;
+ apr_finfo_t info = {0};
UNREFERENCED(o);
@@ -296,7 +296,7 @@ TCN_IMPLEMENT_CALL(jint, Directory, read)(TCN_STDARGS, jobject finfo,
{
apr_dir_t *d = J2P(dir, apr_dir_t *);
apr_status_t rv;
- apr_finfo_t info;
+ apr_finfo_t info = {0};
UNREFERENCED(o);
diff --git a/native/src/network.c b/native/src/network.c
index 400f47d..1914ef0 100644
--- a/native/src/network.c
+++ b/native/src/network.c
@@ -404,6 +404,7 @@ TCN_IMPLEMENT_CALL(jlong, Socket, accept)(TCN_STDARGS, jlong sock)
}
return P2J(a);
cleanup:
+ TCN_ASSERT(p != 0);
apr_pool_destroy(p);
return 0;
}
diff --git a/native/src/pool.c b/native/src/pool.c
index cb83cde..83c4494 100644
--- a/native/src/pool.c
+++ b/native/src/pool.c
@@ -203,6 +203,7 @@ TCN_IMPLEMENT_CALL(jint, Pool, dataSet)(TCN_STDARGS, jlong pool,
UNREFERENCED(o);
TCN_ASSERT(pool != 0);
+ TCN_ASSERT(key != 0);
if (apr_pool_userdata_get(&old, J2S(key), p) == APR_SUCCESS) {
if (old)
@@ -237,6 +238,7 @@ TCN_IMPLEMENT_CALL(jobject, Pool, dataGet)(TCN_STDARGS, jlong pool,
UNREFERENCED(o);
TCN_ASSERT(pool != 0);
+ TCN_ASSERT(key != 0);
if (apr_pool_userdata_get(&old, J2S(key), p) == APR_SUCCESS) {
if (old) {
diff --git a/native/src/ssl.c b/native/src/ssl.c
index d9fd657..3a153f3 100644
--- a/native/src/ssl.c
+++ b/native/src/ssl.c
@@ -49,6 +49,10 @@ struct CRYPTO_dynlock_value {
int line;
apr_thread_mutex_t *mutex;
};
+
+#if ! (defined(WIN32) || defined(WIN64))
+apr_threadkey_t *thread_exit_key;
+#endif
#endif
/*
@@ -436,6 +440,28 @@ static unsigned long ssl_thread_id(void)
}
#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#if ! (defined(WIN32) || defined(WIN64))
+void SSL_thread_exit(void) {
+ ERR_remove_thread_state(NULL);
+ apr_threadkey_private_set(NULL, thread_exit_key);
+}
+
+unsigned long SSL_ERR_get() {
+ apr_threadkey_private_set(thread_exit_key, thread_exit_key);
+ return ERR_get_error();
+}
+
+void SSL_ERR_clear() {
+ apr_threadkey_private_set(thread_exit_key, thread_exit_key);
+ ERR_clear_error();
+}
+
+static void _ssl_thread_exit(void *data) {
+ UNREFERENCED(data);
+ SSL_thread_exit();
+}
+#endif
+
static void ssl_set_thread_id(CRYPTO_THREADID *id)
{
CRYPTO_THREADID_set_numeric(id, ssl_thread_id());
@@ -700,6 +726,9 @@ TCN_IMPLEMENT_CALL(jint, SSL, initialize)(TCN_STDARGS, jstring engine)
{
jclass clazz;
jclass sClazz;
+#if !defined(OPENSSL_NO_ENGINE) || OPENSSL_VERSION_NUMBER < 0x10100000L
+ apr_status_t err = APR_SUCCESS;
+#endif
TCN_ALLOC_CSTRING(engine);
@@ -729,6 +758,15 @@ TCN_IMPLEMENT_CALL(jint, SSL, initialize)(TCN_STDARGS, jstring engine)
OPENSSL_load_builtin_modules();
#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#if ! (defined(WIN32) || defined(WIN64))
+ err = apr_threadkey_private_create(&thread_exit_key, _ssl_thread_exit,
+ tcn_global_pool);
+ if (err != APR_SUCCESS) {
+ ssl_init_cleanup(NULL);
+ tcn_ThrowAPRException(e, err);
+ return (jint)err;
+ }
+#endif
/* Initialize thread support */
ssl_thread_setup(tcn_global_pool);
#endif
@@ -736,7 +774,6 @@ TCN_IMPLEMENT_CALL(jint, SSL, initialize)(TCN_STDARGS, jstring engine)
#ifndef OPENSSL_NO_ENGINE
if (J2S(engine)) {
ENGINE *ee = NULL;
- apr_status_t err = APR_SUCCESS;
if(strcmp(J2S(engine), "auto") == 0) {
ENGINE_register_all_complete();
}
@@ -859,7 +896,7 @@ TCN_IMPLEMENT_CALL(jint, SSL, fipsModeSet)(TCN_STDARGS, jint mode)
#ifdef OPENSSL_FIPS
if(1 != (r = (jint)FIPS_mode_set((int)mode))) {
/* arrange to get a human-readable error message */
- unsigned long err = ERR_get_error();
+ unsigned long err = SSL_ERR_get();
char msg[256];
/* ERR_load_crypto_strings() already called in initialize() */
@@ -1196,7 +1233,7 @@ TCN_IMPLEMENT_CALL(jstring, SSL, getLastError)(TCN_STDARGS)
{
char buf[256];
UNREFERENCED(o);
- ERR_error_string(ERR_get_error(), buf);
+ ERR_error_string(SSL_ERR_get(), buf);
return tcn_new_string(e, buf);
}
@@ -1208,7 +1245,7 @@ TCN_IMPLEMENT_CALL(jboolean, SSL, hasOp)(TCN_STDARGS, jint op)
/*** Begin Twitter 1:1 API addition ***/
TCN_IMPLEMENT_CALL(jint, SSL, getLastErrorNumber)(TCN_STDARGS) {
UNREFERENCED_STDARGS;
- return ERR_get_error();
+ return SSL_ERR_get();
}
static void ssl_info_callback(const SSL *ssl, int where, int ret) {
@@ -1784,7 +1821,7 @@ TCN_IMPLEMENT_CALL(jboolean, SSL, setCipherSuites)(TCN_STDARGS, jlong ssl,
}
if (!SSL_set_cipher_list(ssl_, J2S(ciphers))) {
char err[256];
- ERR_error_string(ERR_get_error(), err);
+ ERR_error_string(SSL_ERR_get(), err);
tcn_Throw(e, "Unable to configure permitted SSL ciphers (%s)", err);
rv = JNI_FALSE;
}
@@ -2096,12 +2133,14 @@ TCN_IMPLEMENT_CALL(jint, SSL, doHandshake)(TCN_STDARGS, jlong ssl) {
UNREFERENCED(o);
UNREFERENCED(ssl);
tcn_ThrowException(e, "Not implemented");
+ return 0;
}
TCN_IMPLEMENT_CALL(jint, SSL, renegotiate)(TCN_STDARGS, jlong ssl) {
UNREFERENCED(o);
UNREFERENCED(ssl);
tcn_ThrowException(e, "Not implemented");
+ return 0;
}
TCN_IMPLEMENT_CALL(jstring, SSL, getNextProtoNegotiated)(TCN_STDARGS, jlong ssl) {
@@ -2207,12 +2246,14 @@ TCN_IMPLEMENT_CALL(jbyteArray, SSL, getSessionId)(TCN_STDARGS, jlong ssl)
UNREFERENCED(o);
UNREFERENCED(ssl);
tcn_ThrowException(e, "Not implemented");
+ return 0;
}
TCN_IMPLEMENT_CALL(jint, SSL, getHandshakeCount)(TCN_STDARGS, jlong ssl)
{
UNREFERENCED(o);
UNREFERENCED(ssl);
tcn_ThrowException(e, "Not implemented");
+ return 0;
}
/*** End Apple API Additions ***/
#endif /* HAVE_OPENSSL */
diff --git a/native/src/sslcontext.c b/native/src/sslcontext.c
index 8858ce0..4440d8b 100644
--- a/native/src/sslcontext.c
+++ b/native/src/sslcontext.c
@@ -206,7 +206,7 @@ TCN_IMPLEMENT_CALL(jlong, SSLContext, make)(TCN_STDARGS, jlong pool,
if (!ctx) {
char err[256];
- ERR_error_string(ERR_get_error(), err);
+ ERR_error_string(SSL_ERR_get(), err);
tcn_Throw(e, "Invalid Server SSL Protocol (%s)", err);
goto init_failed;
}
@@ -478,7 +478,7 @@ TCN_IMPLEMENT_CALL(jboolean, SSLContext, setCipherSuite)(TCN_STDARGS, jlong ctx,
if (!SSL_CTX_set_cipher_list(c->ctx, J2S(ciphers))) {
#endif
char err[256];
- ERR_error_string(ERR_get_error(), err);
+ ERR_error_string(SSL_ERR_get(), err);
tcn_Throw(e, "Unable to configure permitted SSL ciphers (%s)", err);
rv = JNI_FALSE;
}
@@ -512,7 +512,7 @@ TCN_IMPLEMENT_CALL(jboolean, SSLContext, setCARevocation)(TCN_STDARGS, jlong ctx
if (J2S(file)) {
lookup = X509_STORE_add_lookup(c->crl, X509_LOOKUP_file());
if (lookup == NULL) {
- ERR_error_string(ERR_get_error(), err);
+ ERR_error_string(SSL_ERR_get(), err);
X509_STORE_free(c->crl);
c->crl = NULL;
tcn_Throw(e, "Lookup failed for file %s (%s)", J2S(file), err);
@@ -523,7 +523,7 @@ TCN_IMPLEMENT_CALL(jboolean, SSLContext, setCARevocation)(TCN_STDARGS, jlong ctx
if (J2S(path)) {
lookup = X509_STORE_add_lookup(c->crl, X509_LOOKUP_hash_dir());
if (lookup == NULL) {
- ERR_error_string(ERR_get_error(), err);
+ ERR_error_string(SSL_ERR_get(), err);
X509_STORE_free(c->crl);
c->crl = NULL;
tcn_Throw(e, "Lookup failed for path %s (%s)", J2S(file), err);
@@ -577,7 +577,7 @@ TCN_IMPLEMENT_CALL(jboolean, SSLContext, setCACertificate)(TCN_STDARGS,
if (!SSL_CTX_load_verify_locations(c->ctx,
J2S(file), J2S(path))) {
char err[256];
- ERR_error_string(ERR_get_error(), err);
+ ERR_error_string(SSL_ERR_get(), err);
tcn_Throw(e, "Unable to configure locations "
"for client authentication (%s)", err);
rv = JNI_FALSE;
@@ -642,7 +642,7 @@ TCN_IMPLEMENT_CALL(void, SSLContext, setTmpDH)(TCN_STDARGS, jlong ctx,
bio = BIO_new_file(J2S(file), "r");
if (!bio) {
char err[256];
- ERR_error_string(ERR_get_error(), err);
+ ERR_error_string(SSL_ERR_get(), err);
tcn_Throw(e, "Error while configuring DH using %s: %s", J2S(file), err);
TCN_FREE_CSTRING(file);
return;
@@ -652,7 +652,7 @@ TCN_IMPLEMENT_CALL(void, SSLContext, setTmpDH)(TCN_STDARGS, jlong ctx,
BIO_free(bio);
if (!dh) {
char err[256];
- ERR_error_string(ERR_get_error(), err);
+ ERR_error_string(SSL_ERR_get(), err);
tcn_Throw(e, "Error while configuring DH: no DH parameter found in %s (%s)", J2S(file), err);
TCN_FREE_CSTRING(file);
return;
@@ -661,7 +661,7 @@ TCN_IMPLEMENT_CALL(void, SSLContext, setTmpDH)(TCN_STDARGS, jlong ctx,
if (1 != SSL_CTX_set_tmp_dh(c->ctx, dh)) {
char err[256];
DH_free(dh);
- ERR_error_string(ERR_get_error(), err);
+ ERR_error_string(SSL_ERR_get(), err);
tcn_Throw(e, "Error while configuring DH with file %s: %s", J2S(file), err);
TCN_FREE_CSTRING(file);
return;
@@ -702,7 +702,7 @@ TCN_IMPLEMENT_CALL(void, SSLContext, setTmpECDHByCurveName)(TCN_STDARGS, jlong c
if (1 != SSL_CTX_set_tmp_ecdh(c->ctx, ecdh)) {
char err[256];
EC_KEY_free(ecdh);
- ERR_error_string(ERR_get_error(), err);
+ ERR_error_string(SSL_ERR_get(), err);
tcn_Throw(e, "Error while configuring elliptic curve %s: %s", J2S(curveName), err);
TCN_FREE_CSTRING(curveName);
return;
@@ -809,7 +809,7 @@ static X509 *load_pem_cert(tcn_ssl_ctxt_t *c, const char *file)
(void *)cb_data);
if (cert == NULL &&
(ERR_GET_REASON(ERR_peek_last_error()) == PEM_R_NO_START_LINE)) {
- ERR_clear_error();
+ SSL_ERR_clear();
BIO_ctrl(bio, BIO_CTRL_RESET, 0, NULL);
cert = d2i_X509_bio(bio, NULL);
}
@@ -921,7 +921,7 @@ TCN_IMPLEMENT_CALL(jboolean, SSLContext, setCertificate)(TCN_STDARGS, jlong ctx,
}
if ((p = strrchr(cert_file, '.')) != NULL && strcmp(p, ".pkcs12") == 0) {
if (!ssl_load_pkcs12(c, cert_file, &c->keys[idx], &c->certs[idx], 0)) {
- ERR_error_string(ERR_get_error(), err);
+ ERR_error_string(SSL_ERR_get(), err);
tcn_Throw(e, "Unable to load certificate %s (%s)",
cert_file, err);
rv = JNI_FALSE;
@@ -930,14 +930,14 @@ TCN_IMPLEMENT_CALL(jboolean, SSLContext, setCertificate)(TCN_STDARGS, jlong ctx,
}
else {
if ((c->keys[idx] = load_pem_key(c, key_file)) == NULL) {
- ERR_error_string(ERR_get_error(), err);
+ ERR_error_string(SSL_ERR_get(), err);
tcn_Throw(e, "Unable to load certificate key %s (%s)",
key_file, err);
rv = JNI_FALSE;
goto cleanup;
}
if ((c->certs[idx] = load_pem_cert(c, cert_file)) == NULL) {
- ERR_error_string(ERR_get_error(), err);
+ ERR_error_string(SSL_ERR_get(), err);
tcn_Throw(e, "Unable to load certificate %s (%s)",
cert_file, err);
rv = JNI_FALSE;
@@ -945,19 +945,19 @@ TCN_IMPLEMENT_CALL(jboolean, SSLContext, setCertificate)(TCN_STDARGS, jlong ctx,
}
}
if (SSL_CTX_use_certificate(c->ctx, c->certs[idx]) <= 0) {
- ERR_error_string(ERR_get_error(), err);
+ ERR_error_string(SSL_ERR_get(), err);
tcn_Throw(e, "Error setting certificate (%s)", err);
rv = JNI_FALSE;
goto cleanup;
}
if (SSL_CTX_use_PrivateKey(c->ctx, c->keys[idx]) <= 0) {
- ERR_error_string(ERR_get_error(), err);
+ ERR_error_string(SSL_ERR_get(), err);
tcn_Throw(e, "Error setting private key (%s)", err);
rv = JNI_FALSE;
goto cleanup;
}
if (SSL_CTX_check_private_key(c->ctx) <= 0) {
- ERR_error_string(ERR_get_error(), err);
+ ERR_error_string(SSL_ERR_get(), err);
tcn_Throw(e, "Private key does not match the certificate public key (%s)",
err);
rv = JNI_FALSE;
@@ -1050,7 +1050,7 @@ TCN_IMPLEMENT_CALL(jboolean, SSLContext, setCertificateRaw)(TCN_STDARGS, jlong c
tmp = (const unsigned char *)cert;
certs = d2i_X509(NULL, &tmp, lengthOfCert);
if (certs == NULL) {
- ERR_error_string(ERR_get_error(), err);
+ ERR_error_string(SSL_ERR_get(), err);
tcn_Throw(e, "Error reading certificate (%s)", err);
rv = JNI_FALSE;
goto cleanup;
@@ -1066,7 +1066,7 @@ TCN_IMPLEMENT_CALL(jboolean, SSLContext, setCertificateRaw)(TCN_STDARGS, jlong c
evp = PEM_read_bio_PrivateKey(bio, NULL, 0, NULL);
if (evp == NULL) {
BIO_free(bio);
- ERR_error_string(ERR_get_error(), err);
+ ERR_error_string(SSL_ERR_get(), err);
tcn_Throw(e, "Error reading private key (%s)", err);
rv = JNI_FALSE;
goto cleanup;
@@ -1078,19 +1078,19 @@ TCN_IMPLEMENT_CALL(jboolean, SSLContext, setCertificateRaw)(TCN_STDARGS, jlong c
c->keys[idx] = evp;
if (SSL_CTX_use_certificate(c->ctx, c->certs[idx]) <= 0) {
- ERR_error_string(ERR_get_error(), err);
+ ERR_error_string(SSL_ERR_get(), err);
tcn_Throw(e, "Error setting certificate (%s)", err);
rv = JNI_FALSE;
goto cleanup;
}
if (SSL_CTX_use_PrivateKey(c->ctx, c->keys[idx]) <= 0) {
- ERR_error_string(ERR_get_error(), err);
+ ERR_error_string(SSL_ERR_get(), err);
tcn_Throw(e, "Error setting private key (%s)", err);
rv = JNI_FALSE;
goto cleanup;
}
if (SSL_CTX_check_private_key(c->ctx) <= 0) {
- ERR_error_string(ERR_get_error(), err);
+ ERR_error_string(SSL_ERR_get(), err);
tcn_Throw(e, "Private key does not match the certificate public key (%s)",
err);
rv = JNI_FALSE;
@@ -1145,11 +1145,11 @@ TCN_IMPLEMENT_CALL(jboolean, SSLContext, addChainCertificateRaw)(TCN_STDARGS, jl
tmp = (const unsigned char *)cert;
certs = d2i_X509(NULL, &tmp, lengthOfCert);
if (certs == NULL) {
- ERR_error_string(ERR_get_error(), err);
+ ERR_error_string(SSL_ERR_get(), err);
tcn_Throw(e, "Error reading certificate (%s)", err);
rv = JNI_FALSE;
} else if (SSL_CTX_add0_chain_cert(c->ctx, certs) <= 0) {
- ERR_error_string(ERR_get_error(), err);
+ ERR_error_string(SSL_ERR_get(), err);
tcn_Throw(e, "Error adding certificate to chain (%s)", err);
rv = JNI_FALSE;
}
@@ -1913,6 +1913,7 @@ TCN_IMPLEMENT_CALL(jint, SSLContext, getOptions)(TCN_STDARGS, jlong ctx)
{
UNREFERENCED_STDARGS;
UNREFERENCED(ctx);
+ return 0;
}
TCN_IMPLEMENT_CALL(void, SSLContext, clearOptions)(TCN_STDARGS, jlong ctx,
diff --git a/native/src/sslnetwork.c b/native/src/sslnetwork.c
index 849510e..768cf0c 100644
--- a/native/src/sslnetwork.c
+++ b/native/src/sslnetwork.c
@@ -127,7 +127,7 @@ static tcn_ssl_conn_t *ssl_create(JNIEnv *env, tcn_ssl_ctxt_t *ctx, apr_pool_t *
}
if ((ssl = SSL_new(ctx->ctx)) == NULL) {
char err[256];
- ERR_error_string(ERR_get_error(), err);
+ ERR_error_string(SSL_ERR_get(), err);
tcn_Throw(env, "SSL_new failed (%s)", err);
con = NULL;
return NULL;
@@ -320,7 +320,7 @@ TCN_IMPLEMENT_CALL(jint, SSLSocket, handshake)(TCN_STDARGS, jlong sock)
apr_socket_timeout_get(con->sock, &timeout);
while (!SSL_is_init_finished(con->ssl)) {
- ERR_clear_error();
+ SSL_ERR_clear();
if ((s = SSL_do_handshake(con->ssl)) <= 0) {
if (!con->ssl)
return APR_ENOTSOCK;
@@ -406,7 +406,7 @@ ssl_socket_recv(apr_socket_t *sock, char *buf, apr_size_t *len)
}
apr_socket_timeout_get(con->sock, &timeout);
for (;;) {
- ERR_clear_error();
+ SSL_ERR_clear();
if ((s = SSL_read(con->ssl, buf, rd)) <= 0) {
if (!con->ssl)
return APR_ENOTSOCK;
@@ -488,7 +488,7 @@ ssl_socket_send(apr_socket_t *sock, const char *buf,
}
apr_socket_timeout_get(con->sock, &timeout);
for (;;) {
- ERR_clear_error();
+ SSL_ERR_clear();
if ((s = SSL_write(con->ssl, buf, wr)) <= 0) {
if (!con->ssl)
return APR_ENOTSOCK;
diff --git a/native/src/sslutils.c b/native/src/sslutils.c
index 4182fb8..bec3155 100644
--- a/native/src/sslutils.c
+++ b/native/src/sslutils.c
@@ -281,7 +281,7 @@ int SSL_CTX_use_certificate_chain(SSL_CTX *ctx, const char *file,
BIO_free(bio);
return -1;
}
- while (ERR_get_error() > 0) ;
+ while (SSL_ERR_get() > 0) ;
}
BIO_free(bio);
return n;
diff --git a/native/srclib/VERSIONS b/native/srclib/VERSIONS
index a28b65b..76ef50c 100644
--- a/native/srclib/VERSIONS
+++ b/native/srclib/VERSIONS
@@ -1,4 +1,4 @@
Use the following version of the libraries
- APR 1.5.2, http://apr.apache.org
-- OpenSSL 1.0.2j or later, http://www.openssl.org
+- OpenSSL 1.0.2k or later, http://www.openssl.org
diff --git a/native/tcnative.spec b/native/tcnative.spec
index 2b8e907..6c551e0 100644
--- a/native/tcnative.spec
+++ b/native/tcnative.spec
@@ -21,7 +21,7 @@
Summary: Tomcat Native Java library
Name: tcnative
-Version: 1.2.10
+Version: 1.2.12
Release: 1
License: Apache Software License
Group: System Environment/Libraries
diff --git a/test/org/apache/tomcat/jni/AbstractJniTest.java b/test/org/apache/tomcat/jni/AbstractJniTest.java
new file mode 100644
index 0000000..84ed1ac
--- /dev/null
+++ b/test/org/apache/tomcat/jni/AbstractJniTest.java
@@ -0,0 +1,46 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.tomcat.jni;
+
+import org.junit.After;
+import org.junit.Assume;
+import org.junit.Before;
+
+public abstract class AbstractJniTest {
+
+ private boolean nativeLibraryPresent = false;
+
+ @Before
+ public void initBase() throws Exception {
+ try {
+ Library.initialize(null);
+ nativeLibraryPresent = true;
+ } catch (LibraryNotFoundError lnfe) {
+ nativeLibraryPresent = false;
+ }
+ Assume.assumeTrue("APR Library not found", nativeLibraryPresent);
+ }
+
+
+ @After
+ public void destroyBase() {
+ if (nativeLibraryPresent) {
+ Library.terminate();
+ }
+ }
+
+}
diff --git a/test/org/apache/tomcat/jni/FileTestSuite.java b/test/org/apache/tomcat/jni/FileTestSuite.java
deleted file mode 100644
index e375b85..0000000
--- a/test/org/apache/tomcat/jni/FileTestSuite.java
+++ /dev/null
@@ -1,41 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.tomcat.jni;
-
-import junit.framework.Test;
-import junit.framework.TestSuite;
-import junit.textui.TestRunner;
-
-/**
- * A basic test suite that tests File IO.
- *
- * @see org.apache.tomcat.jni
- */
-public class FileTestSuite
-{
-
- public static void main(String[] args) {
- TestRunner.run(suite());
- }
-
- public static Test suite()
- {
- TestSuite suite = new TestSuite( "Tomcat Native File IO" );
- return suite;
- }
-}
diff --git a/test/org/apache/tomcat/jni/SocketServerTestBind.java b/test/org/apache/tomcat/jni/SocketServerTestBind.java
deleted file mode 100644
index efa2272..0000000
--- a/test/org/apache/tomcat/jni/SocketServerTestBind.java
+++ /dev/null
@@ -1,130 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.tomcat.jni;
-
-import junit.framework.Test;
-import junit.framework.TestSuite;
-import junit.textui.TestRunner;
-import junit.framework.TestCase;
-
-import java.io.OutputStream;
-import java.io.InputStream;
-import java.net.NetworkInterface;
-import java.net.InetAddress;
-import java.util.*;
-
-/**
- * A basic test suite that tests Socket Server feature.
- *
- * @see org.apache.tomcat.jni
- */
-public class SocketServerTestBind extends TestCase {
-
- private long serverSock = 0;
- private int port=6666;
- private String host=null;
-
- public static long serverPool = 0;
-
- public void testSocketServerTestBind() throws Exception {
-
- System.out.println("Starting: testSocketServerTestBind");
- /* Load APR library */
- Library.initialize(null);
-
- /* Create the server socket and listen on it */
- serverPool = Pool.create(0);
- long inetAddress = Address.info(host, Socket.APR_UNSPEC,
- port, 0, serverPool);
- serverSock = Socket.create(Address.getInfo(inetAddress).family,
- Socket.SOCK_STREAM,
- Socket.APR_PROTO_TCP, serverPool);
- int rc = Socket.bind(serverSock, inetAddress);
- if (rc != 0) {
- throw(new Exception("Can't bind: " + Error.strerror(rc)));
- }
- Socket.listen(serverSock, 5);
-
- /* Start the client that connects to the server */
- Client client = new Client();
- client.start();
- java.lang.Thread.sleep(100);
-
- boolean running = true;
- while (running) {
- /* Accept it */
- long clientSock = Socket.accept(serverSock);
- Socket.timeoutSet(clientSock, 10000);
- byte [] buf = new byte[1];
- while (Socket.recv(clientSock, buf, 0, 1) == 1) {
- if (buf[0] == 'A') {
- buf[0] = 'Z';
- Socket.send(clientSock, buf, 0, 1);
- }
- }
- Socket.close(clientSock);
- if (buf[0] != 'Z')
- running = false;
- }
- client.join();
- Library.terminate();
- System.out.println("Done: testSocketServerTestBind");
- }
-
- /* small client that connects and sends one byte */
- private class Client extends java.lang.Thread {
- public void run() {
- try {
- Enumeration nets = NetworkInterface.getNetworkInterfaces();
- while (nets.hasMoreElements()) {
- NetworkInterface net = (NetworkInterface) nets.nextElement();
-
- Enumeration addrs = net.getInetAddresses();
-
- while (addrs.hasMoreElements()) {
- InetAddress ia = (InetAddress)addrs.nextElement();
- System.out.println("Trying: " + ia.getHostAddress());
- java.net.Socket sock = new java.net.Socket(ia, port);
- sock.setSoTimeout(10000);
- OutputStream ou = sock.getOutputStream();
- InputStream in = sock.getInputStream();
- ou.write('A');
- ou.flush();
- int rep = in.read();
- sock.close();
- if (rep != 'Z')
- throw new Exception("Read wrong data");
- }
- }
- } catch(Exception ex ) {
- ex.printStackTrace();
- }
-
- /* Now use localhost to write 'E' */
- try {
- java.net.Socket sock = new java.net.Socket("localhost", port);
- OutputStream ou = sock.getOutputStream();
- ou.write('E');
- ou.flush();
- sock.close();
- } catch(Exception ex ) {
- ex.printStackTrace();
- }
- }
- }
-}
diff --git a/test/org/apache/tomcat/jni/SocketServerTestSuite.java b/test/org/apache/tomcat/jni/SocketServerTestSuite.java
deleted file mode 100644
index a71f4b6..0000000
--- a/test/org/apache/tomcat/jni/SocketServerTestSuite.java
+++ /dev/null
@@ -1,204 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.tomcat.jni;
-
-import junit.framework.Test;
-import junit.framework.TestSuite;
-import junit.textui.TestRunner;
-import junit.framework.TestCase;
-
-import java.io.OutputStream;
-
-/**
- * A basic test suite that tests Socket Server feature.
- *
- * @see org.apache.tomcat.jni
- */
-public class SocketServerTestSuite extends TestCase {
-
- private long serverSock = 0;
- private int port=6666;
- private String host="localhost";
-
- public static long serverPool = 0;
-
- public void testSocketServerTestSuite() throws Exception {
-
- /* Load APR library */
- Library.initialize(null);
-
- /* Create the server socket and listen on it */
- serverPool = Pool.create(0);
- long inetAddress = Address.info(host, Socket.APR_INET,
- port, 0, serverPool);
- serverSock = Socket.create(Socket.APR_INET, Socket.SOCK_STREAM,
- Socket.APR_PROTO_TCP, serverPool);
- int rc = Socket.bind(serverSock, inetAddress);
- if (rc != 0) {
- Socket.close(serverSock);
- throw(new Exception("Can't bind: " + Error.strerror(rc)));
- }
- Socket.listen(serverSock, 5);
-
- /* Start the client that connects to the server */
- Client client = new Client();
- client.start();
- java.lang.Thread.sleep(100);
-
- /* Accept it */
- long clientSock = Socket.accept(serverSock);
-
- /* Try 2 milliseconds timeout */
- Socket.timeoutSet(clientSock, 2000);
- long timeout = Socket.timeoutGet(clientSock);
- if (timeout != 2000) {
- Socket.close(clientSock);
- Socket.close(serverSock);
- throw new Exception("Socket.timeoutGet clientSock failed");
- }
-
- long start = System.currentTimeMillis();
- byte [] buf = new byte[1];
- while (Socket.recv(clientSock, buf, 0, 1) == 1) {
- }
- long wait = System.currentTimeMillis() - start;
- /* allow some margin between set timeout and observed return time */
- if (wait < 1 || wait > 12) {
- Socket.close(clientSock);
- Socket.close(serverSock);
- throw new Exception("2 milliseconds client Socket.timeoutSet failed");
- }
-
- /* Try 2 milliseconds timeout on accept socket */
- Socket.timeoutSet(serverSock, 2000);
- timeout = Socket.timeoutGet(serverSock);
- if (timeout != 2000) {
- Socket.close(serverSock);
- throw new Exception("Socket.timeoutGet serverSock failed");
- }
-
- start = System.currentTimeMillis();
- boolean ok = false;
- try {
- clientSock = Socket.accept(serverSock);
- } catch (Exception ex) {
- ok = true;
- }
- wait = System.currentTimeMillis() - start;
- /* allow some margin between set timeout and observed return time */
- if (wait < 1 || wait > 12 && ! ok) {
- Socket.close(clientSock);
- Socket.close(serverSock);
- throw new Exception("2 milliseconds accept Socket.timeoutSet failed");
- }
-
- /* Try APR_SO_NONBLOCK */
- Socket.optSet(serverSock, Socket.APR_SO_NONBLOCK, 1);
- int val = Socket.optGet(serverSock, Socket.APR_SO_NONBLOCK);
- if (val != 1) {
- Socket.close(serverSock);
- throw new Exception("Socket.optGet serverSock failed");
- }
-
- start = System.currentTimeMillis();
- ok = false;
- try {
- clientSock = Socket.accept(serverSock);
- } catch (Exception ex) {
- ok = true;
- }
- wait = System.currentTimeMillis() - start;
- if (wait > 1 && ! ok) {
- Socket.close(clientSock);
- Socket.close(serverSock);
- throw new Exception("non_blocking accept Socket.APR_SO_NONBLOCK failed");
- }
- client.join();
- Socket.close(clientSock);
-
- /* Try the same on client socket */
- client = new Client();
- client.start();
- java.lang.Thread.sleep(100);
- clientSock = Socket.accept(serverSock);
- Socket.optSet(clientSock, Socket.APR_SO_NONBLOCK, 1);
- val = Socket.optGet(clientSock, Socket.APR_SO_NONBLOCK);
- if (val != 1) {
- Socket.close(clientSock);
- Socket.close(serverSock);
- throw new Exception("Socket.optGet clientSock failed");
- }
- start = System.currentTimeMillis();
- while (Socket.recv(clientSock, buf, 0, 1) == 1) {
- }
- wait = System.currentTimeMillis() - start;
- if (wait > 1) {
- Socket.close(clientSock);
- Socket.close(serverSock);
- throw new Exception("non_blocking client Socket.APR_SO_NONBLOCK failed");
- }
-
- /* Now blocking */
- Socket.optSet(clientSock, Socket.APR_SO_NONBLOCK, 0);
- start = System.currentTimeMillis();
- while (Socket.recv(clientSock, buf, 0, 1) == 1) {
- }
- wait = System.currentTimeMillis() - start;
- if (wait < 1) {
- Socket.close(clientSock);
- Socket.close(serverSock);
- throw new Exception("non_blocking client Socket.APR_SO_NONBLOCK false failed");
- }
-
- client.join();
- Socket.close(clientSock);
- Socket.close(serverSock);
- Library.terminate();
- }
-
- /* small client that connects and sends one byte */
- private class Client extends java.lang.Thread {
- java.net.Socket sock;
- public Client() throws Exception {
- sock = new java.net.Socket(host, port);
- }
- public void run() {
- try {
- OutputStream ou = sock.getOutputStream();
- ou.write('A');
- ou.flush();
- java.lang.Thread.sleep(10000);
- sock.close();
- } catch(Exception ex ) {
- ex.printStackTrace();
- }
- }
- }
-
- public static void main(String[] args) {
- TestRunner.run(suite());
- }
-
- public static Test suite()
- {
- TestSuite suite = new TestSuite( "Tomcat Native Server Socket" );
- suite.addTest(new TestSuite(SocketServerTestSuite.class));
- suite.addTest(new TestSuite(SocketServerTestBind.class));
- return suite;
- }
-}
diff --git a/test/org/apache/tomcat/jni/TestFile.java b/test/org/apache/tomcat/jni/TestFile.java
new file mode 100644
index 0000000..433939f
--- /dev/null
+++ b/test/org/apache/tomcat/jni/TestFile.java
@@ -0,0 +1,67 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.tomcat.jni;
+
+import org.junit.Assert;
+import org.junit.Test;
+
+
+public class TestFile extends AbstractJniTest {
+
+ @Test
+ public void testInfoGet() throws Exception {
+ String testFile = "test/org/apache/tomcat/jni/TestFile.java";
+ java.io.File file = new java.io.File(testFile);
+ Assert.assertTrue("File " + testFile + " does not exist!", file.exists());
+
+ Library.initialize(null);
+ long pool = Pool.create(0L);
+ int openFlags = File.APR_FOPEN_READ | File.APR_FOPEN_BUFFERED | File.APR_FOPEN_XTHREAD;
+ int openPermissions = File.APR_FPROT_OS_DEFAULT;
+ int statFlags = File.APR_FINFO_MIN;
+ long fd = File.open(testFile, openFlags, openPermissions, pool);
+ FileInfo fileInfo = new FileInfo();
+ for (int i = 0; i < 100000; i++) {
+ org.apache.tomcat.jni.File.infoGet(fileInfo, statFlags, fd);
+ @SuppressWarnings("unused")
+ String info = inspectFileInfo(fileInfo);
+ }
+ }
+
+ public static String inspectFileInfo(FileInfo fileInfo) {
+ String result = fileInfo.toString() + " : {" +
+ String.format("\n pool : %d", Long.valueOf(fileInfo.pool)) +
+ String.format("\n valid : %d", Integer.valueOf(fileInfo.valid)) +
+ String.format("\n protection : %d", Integer.valueOf(fileInfo.protection)) +
+ String.format("\n filetype : %d", Integer.valueOf(fileInfo.filetype)) +
+ String.format("\n user : %d", Integer.valueOf(fileInfo.user)) +
+ String.format("\n group : %d", Integer.valueOf(fileInfo.group)) +
+ String.format("\n inode : %d", Integer.valueOf(fileInfo.inode)) +
+ String.format("\n device : %d", Integer.valueOf(fileInfo.device)) +
+ String.format("\n nlink : %d", Integer.valueOf(fileInfo.nlink)) +
+ String.format("\n size : %d", Long.valueOf(fileInfo.size)) +
+ String.format("\n csize : %d", Long.valueOf(fileInfo.csize)) +
+ String.format("\n atime : %d", Long.valueOf(fileInfo.atime)) +
+ String.format("\n mtime : %d", Long.valueOf(fileInfo.mtime)) +
+ String.format("\n ctime : %d", Long.valueOf(fileInfo.ctime)) +
+ String.format("\n fname : %s", fileInfo.fname) +
+ String.format("\n name : %s", fileInfo.name) +
+ String.format("\n filehand : %d", Long.valueOf(fileInfo.filehand)) +
+ "\n}";
+ return result;
+ }
+}
\ No newline at end of file
diff --git a/test/org/apache/tomcat/jni/TestSocketServer.java b/test/org/apache/tomcat/jni/TestSocketServer.java
new file mode 100644
index 0000000..45c865e
--- /dev/null
+++ b/test/org/apache/tomcat/jni/TestSocketServer.java
@@ -0,0 +1,219 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.tomcat.jni;
+
+import java.io.OutputStream;
+import java.util.concurrent.CountDownLatch;
+
+import org.junit.After;
+import org.junit.Assert;
+import org.junit.Before;
+import org.junit.Test;
+
+/**
+ * Tests for server-side sockets.
+ */
+public class TestSocketServer extends AbstractJniTest {
+
+ private static final String HOST = "localhost";
+
+ private int port = 0;
+ private long serverSocket = 0;
+ private long clientSocket = 0;
+
+
+ @Before
+ public void init() throws Exception {
+ long serverPool = Pool.create(0);
+ long inetAddress = Address.info(HOST, Socket.APR_INET,
+ 0, 0, serverPool);
+ serverSocket = Socket.create(Socket.APR_INET, Socket.SOCK_STREAM,
+ Socket.APR_PROTO_TCP, serverPool);
+ if (OS.IS_UNIX) {
+ Socket.optSet(serverSocket, Socket.APR_SO_REUSEADDR, 1);
+ }
+ int rc = Socket.bind(serverSocket, inetAddress);
+ Assert.assertEquals("Can't bind: " + Error.strerror(rc), 0, rc);
+ Socket.listen(serverSocket, 5);
+ if (!OS.IS_UNIX) {
+ Socket.optSet(serverSocket, Socket.APR_SO_REUSEADDR, 1);
+ }
+
+ long localAddress = Address.get(Socket.APR_LOCAL, serverSocket);
+ port = Address.getInfo(localAddress).port;
+ }
+
+
+ @After
+ public void destroy() {
+ if (clientSocket != 0) {
+ Socket.close(clientSocket);
+ Socket.destroy(clientSocket);
+ }
+ if (serverSocket != 0) {
+ Socket.close(serverSocket);
+ Socket.destroy(serverSocket);
+ }
+ }
+
+
+ @Test
+ public void testPort() {
+ Assert.assertTrue(port > 0);
+ }
+
+
+ @Test
+ public void testBlockingReadFromClientWithTimeout() throws Exception {
+ /* Start the client that connects to the server */
+ Client client = new Client(port);
+ client.start();
+
+ /* Accept the client connection */
+ clientSocket = Socket.accept(serverSocket);
+
+ /* Configure a 1s timeout for reading from client */
+ Socket.timeoutSet(clientSocket, 1000000);
+ long timeout = Socket.timeoutGet(clientSocket);
+ Assert.assertEquals("Socket.timeoutGet clientSocket failed", 1000000, timeout);
+
+ byte [] buf = new byte[1];
+ long start = System.nanoTime();
+ while (Socket.recv(clientSocket, buf, 0, 1) == 1) {
+ }
+ long wait = System.nanoTime() - start;
+ Assert.assertFalse("Socket.timeoutSet failed (<1s) [" + wait + "]", wait < 1000000000);
+ Assert.assertFalse("Socket.timeoutSet failed (>2s) [" + wait + "]", wait > 2000000000);
+
+ client.countDown();
+ client.join();
+ }
+
+
+ @Test
+ public void testNonBlockingReadFromClient() throws Exception {
+ /* Start the client that connects to the server */
+ Client client = new Client(port);
+ client.start();
+
+ /* Accept the client connection */
+ clientSocket = Socket.accept(serverSocket);
+
+ /* Configure the connection for non-blocking */
+ Socket.optSet(clientSocket, Socket.APR_SO_NONBLOCK, 1);
+ int val = Socket.optGet(clientSocket, Socket.APR_SO_NONBLOCK);
+ Assert.assertEquals("Socket.optGet clientSocket failed", 1, val);
+
+ byte [] buf = new byte[1];
+ long start = System.nanoTime();
+ while (Socket.recv(clientSocket, buf, 0, 1) == 1) {
+ }
+ long wait = System.nanoTime() - start;
+ Assert.assertFalse("non_blocking client Socket.APR_SO_NONBLOCK failed (>1ms)",
+ wait > 1000000);
+
+ client.countDown();
+ client.join();
+ }
+
+
+ @Test
+ public void testNonBlockingReadThenBlockingReadFromClient() throws Exception {
+ /* Start the client that connects to the server */
+ Client client = new Client(port);
+ client.start();
+
+ /* Accept the client connection */
+ clientSocket = Socket.accept(serverSocket);
+
+ /* Configure the connection for non-blocking */
+ Socket.optSet(clientSocket, Socket.APR_SO_NONBLOCK, 1);
+
+ byte [] buf = new byte[1];
+ long start = System.nanoTime();
+ while (Socket.recv(clientSocket, buf, 0, 1) == 1) {
+ }
+ long wait = System.nanoTime() - start;
+ Assert.assertFalse("non_blocking client Socket.APR_SO_NONBLOCK failed (>1ms)",
+ wait > 1000000);
+
+ /* Configure for blocking */
+ Socket.optSet(clientSocket, Socket.APR_SO_NONBLOCK, 0);
+ Socket.timeoutSet(clientSocket, 2000);
+ start = System.nanoTime();
+ while (Socket.recv(clientSocket, buf, 0, 1) == 1) {
+ }
+ wait = System.nanoTime() - start;
+ Assert.assertFalse("non_blocking client Socket.APR_SO_NONBLOCK false failed",
+ wait < 1000000);
+
+ client.countDown();
+ client.join();
+ }
+
+
+ @Test
+ public void testNonBlockingAcceptWithNoClient() throws Exception {
+ Socket.optSet(serverSocket, Socket.APR_SO_NONBLOCK, 1);
+ int val = Socket.optGet(serverSocket, Socket.APR_SO_NONBLOCK);
+ Assert.assertEquals("Socket.optGet serverSocket failed", 1, val);
+
+ long start = System.nanoTime();
+ boolean ok = false;
+ try {
+ Socket.accept(serverSocket);
+ } catch (Exception ex) {
+ ok = true;
+ }
+ long wait = System.nanoTime() - start;
+ Assert.assertTrue("Timeout failed", ok);
+ Assert.assertFalse("non_blocking accept Socket.APR_SO_NONBLOCK failed (>1ms)",
+ wait > 1000000);
+ }
+
+
+ /**
+ * Simple client that connects, sends a single byte then closes the
+ * connection.
+ */
+ private static class Client extends java.lang.Thread {
+
+ private final int port;
+ private final CountDownLatch complete = new CountDownLatch(1);
+
+ public Client(int port) throws Exception {
+ this.port = port;
+ }
+
+ public void countDown() {
+ complete.countDown();
+ }
+
+ @Override
+ public void run() {
+
+ try (java.net.Socket sock = new java.net.Socket(TestSocketServer.HOST, port)) {
+ OutputStream os = sock.getOutputStream();
+ os.write('A');
+ os.flush();
+ complete.await();
+ } catch (Exception ex) {
+ ex.printStackTrace();
+ }
+ }
+ }
+}
diff --git a/test/org/apache/tomcat/jni/TestSocketServerAnyLocalAddress.java b/test/org/apache/tomcat/jni/TestSocketServerAnyLocalAddress.java
new file mode 100644
index 0000000..fe23038
--- /dev/null
+++ b/test/org/apache/tomcat/jni/TestSocketServerAnyLocalAddress.java
@@ -0,0 +1,204 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.tomcat.jni;
+
+import java.io.InputStream;
+import java.io.OutputStream;
+import java.net.InetAddress;
+import java.net.InetSocketAddress;
+import java.net.NetworkInterface;
+import java.util.Enumeration;
+
+import org.junit.After;
+import org.junit.Assert;
+import org.junit.Before;
+import org.junit.Test;
+
+/**
+ * Tests for server-side sockets using any local address (0.0.0.0 or ::).
+ */
+public class TestSocketServerAnyLocalAddress extends AbstractJniTest {
+
+ private long serverSocket = 0;
+ private long clientSocket = 0;
+
+
+ @Before
+ public void init() throws Exception {
+ long serverPool = Pool.create(0);
+ long inetAddress = Address.info(null, Socket.APR_UNSPEC,
+ 0, 0, serverPool);
+ serverSocket = Socket.create(Address.getInfo(inetAddress).family, Socket.SOCK_STREAM,
+ Socket.APR_PROTO_TCP, serverPool);
+ if (OS.IS_UNIX) {
+ Socket.optSet(serverSocket, Socket.APR_SO_REUSEADDR, 1);
+ }
+ int rc = Socket.bind(serverSocket, inetAddress);
+ Assert.assertEquals("Can't bind: " + Error.strerror(rc), 0, rc);
+ Socket.listen(serverSocket, 5);
+ if (!OS.IS_UNIX) {
+ Socket.optSet(serverSocket, Socket.APR_SO_REUSEADDR, 1);
+ }
+ }
+
+
+ @After
+ public void destroy() {
+ if (clientSocket != 0) {
+ Socket.close(clientSocket);
+ Socket.destroy(clientSocket);
+ }
+ if (serverSocket != 0) {
+ Socket.close(serverSocket);
+ Socket.destroy(serverSocket);
+ }
+ }
+
+
+ @Test
+ public void testWithClient() throws Exception {
+ /* Start the client that connects to the server */
+ Client client = new Client(serverSocket);
+ client.start();
+
+ boolean running = true;
+ while (running) {
+ /* Accept the client connection */
+ clientSocket = Socket.accept(serverSocket);
+
+ /* Configure a 2ms timeout for reading from client */
+ Socket.timeoutSet(clientSocket, 10000);
+
+ byte [] buf = new byte[1];
+ while (Socket.recv(clientSocket, buf, 0, 1) == 1) {
+ // If 'A' was read, echo back 'Z'
+ if (buf[0] == 'A') {
+ buf[0] = 'Z';
+ Socket.send(clientSocket, buf, 0, 1);
+ }
+ }
+ if (buf[0] == 'E') {
+ running = false;
+ } else if (buf[0] == 'Z') {
+ // NO-OP - connection closing
+ } else {
+ Assert.fail("Unexpected data");
+ }
+ }
+
+ client.join();
+ }
+
+
+ /**
+ * Simple client that connects, sends a single byte then closes the
+ * connection.
+ */
+ private static class Client extends java.lang.Thread {
+
+ private final long serverSocket;
+
+ public Client(long serverSocket) throws Exception {
+ this.serverSocket = serverSocket;
+ }
+
+ @Override
+ public void run() {
+
+ try {
+ InetSocketAddress connectAddress = getConnectAddress(serverSocket);
+ java.net.Socket sock = new java.net.Socket();
+ sock.connect(connectAddress, 10000);
+ sock.setSoTimeout(10000);
+ OutputStream ou = sock.getOutputStream();
+ InputStream in = sock.getInputStream();
+ ou.write('A');
+ ou.flush();
+ int rep = in.read();
+ sock.close();
+ if (rep != 'Z') {
+ throw new Exception("Read wrong data");
+ }
+
+ sock = new java.net.Socket();
+ sock.connect(connectAddress, 10000);
+ sock.setSoTimeout(10000);
+ ou = sock.getOutputStream();
+ ou.write('E');
+ ou.flush();
+ sock.close();
+ } catch (Exception e) {
+ e.printStackTrace();
+ }
+ }
+
+
+ /*
+ * Assumes server is listening on any local address
+ */
+ private static InetSocketAddress getConnectAddress(long serverSocket) throws Exception {
+ long sa = Address.get(Socket.APR_LOCAL, serverSocket);
+ Sockaddr addr = Address.getInfo(sa);
+ InetSocketAddress localAddress;
+ if (addr.family == Socket.APR_INET6) {
+ localAddress = new InetSocketAddress("::", addr.port);
+ } else {
+ localAddress = new InetSocketAddress("0.0.0.0", addr.port);
+ }
+
+ // Need a local address of the same type (IPv4 or IPV6) as the
+ // configured bind address since the connector may be configured
+ // to not map between types.
+ InetAddress loopbackConnectAddress = null;
+ InetAddress linkLocalConnectAddress = null;
+
+ Enumeration<NetworkInterface> networkInterfaces = NetworkInterface.getNetworkInterfaces();
+ while (networkInterfaces.hasMoreElements()) {
+ NetworkInterface networkInterface = networkInterfaces.nextElement();
+ Enumeration<InetAddress> inetAddresses = networkInterface.getInetAddresses();
+ while (inetAddresses.hasMoreElements()) {
+ InetAddress inetAddress = inetAddresses.nextElement();
+ if (localAddress.getAddress().getClass().isAssignableFrom(inetAddress.getClass())) {
+ if (inetAddress.isLoopbackAddress()) {
+ if (loopbackConnectAddress == null) {
+ loopbackConnectAddress = inetAddress;
+ }
+ } else if (inetAddress.isLinkLocalAddress()) {
+ if (linkLocalConnectAddress == null) {
+ linkLocalConnectAddress = inetAddress;
+ }
+ } else {
+ // Use a non-link local, non-loop back address by default
+ return new InetSocketAddress(inetAddress, localAddress.getPort());
+ }
+ }
+ }
+ }
+ // Prefer loop back over link local since on some platforms (e.g.
+ // OSX) some link local addresses are not included when listening on
+ // all local addresses.
+ if (loopbackConnectAddress != null) {
+ return new InetSocketAddress(loopbackConnectAddress, localAddress.getPort());
+ }
+ if (linkLocalConnectAddress != null) {
+ return new InetSocketAddress(linkLocalConnectAddress, localAddress.getPort());
+ }
+ // Fallback
+ return new InetSocketAddress("localhost", localAddress.getPort());
+ }
+ }
+}
diff --git a/xdocs/index.xml b/xdocs/index.xml
index 0f3bfe0..95d82f0 100644
--- a/xdocs/index.xml
+++ b/xdocs/index.xml
@@ -64,9 +64,10 @@ manual is described in more detail below.</p>
<section name="Headlines">
<ul>
-<li><a href="news/2016.html#20160702">2 July 2016 - <b>TC-Native-1.2.8 released</b></a>
+<li><a href="news/2016.html#20161005">5 October 2016 - <b>TC-Native-1.2.10
+released</b></a>
<p>The Apache Tomcat team is proud to announce the immediate availability of
-Tomcat Native 1.2.8 Stable.</p>
+Tomcat Native 1.2.10 Stable.</p>
<p>
The sources and the binaries for selected platforms are available from the
<a href="../download-native.cgi">Download page</a>.
@@ -144,23 +145,22 @@ list of changes.
<subsection name="Windows">
<p>
- Download the windows sources of tc-native and extract them.
+ Download the Windows sources of tc-native and extract them.
</p>
<p>
- Download OpenSSL sources (See <a href="http://www.openssl.org/related/binaries.html";><b>Binary Distributions</b></a>)
- OpenSSL is a crypto software so check if you are allowed to download it. If not you can still use tc-native without SSL.
+ Obtain the Windows sources for
+ <a href="http://apr.apache.org/download.cgi";>APR</a> and
+ <a href="https://www.openssl.org/source/";>OpenSSL</a>. Apply the patches from
+ native/srclib and build APR and OpenSSL for your platform (X86 or X64).
</p>
<p>
- Download APR sources for Windows. (See <a href="http://apr.apache.org/download.cgi";><b>Download</b></a>)
- Extract them in jni and rename the apr-1.x.y directory to apr.
+ Build with <source
+>nmake -f NMAKEMakefile WITH_APR=... WITH_OPENSSL=... APR_DECLARE_STATIC=1</source>
</p>
<p>
- Use MS Visual Studio to open the workspace of the APR sources and build the library (libapr).
- </p>
- <p>
- Use MS Visual Studio to open the workspace of the tc-native sources, adjust the OpenSSL includes and libraries location
- change the name of the libraries libeay32 and libssleay to libeay32MT and libssleayMT and build the tcn-native library.
- That should create a tcnative-1.dll.
+ More detailed instructions including the steps to create a standard release
+ distribution are provided on the <a
+ href="https://cwiki.apache.org/confluence/display/TOMCAT/Building+the+Tomcat+Native+Connector+binaries+for+Windows";>Wiki</a>.
</p>
</subsection>
diff --git a/xdocs/miscellaneous/changelog.xml b/xdocs/miscellaneous/changelog.xml
index f5ab0ce..2b04f4a 100644
--- a/xdocs/miscellaneous/changelog.xml
+++ b/xdocs/miscellaneous/changelog.xml
@@ -34,9 +34,65 @@
This is the Changelog for Tomcat Native 1.2.
</p>
</section>
+<section name="Changes in 1.2.12">
+ <changelog>
+ <fix>
+ Correct a regression in the fix for <bug>59797</bug> that triggered a JVM
+ crash on shutdown in some Tomcat unit tests when using the APR/native
+ connector. (markt)
+ </fix>
+ </changelog>
+</section>
+<section name="Changes in 1.2.11">
+ <changelog>
+ <fix>
+ <bug>52627</bug>: Prevent a crash in <code>File.infoGet()</code> caused by
+ the use of uninitialised variables. Based on patch by Ilya Maykov. (markt)
+ </fix>
+ <fix>
+ <bug>55113</bug>: Document the process for creating a static tc-native
+ library with a FIPS-enabled OpenSSL and update the nmake make file to
+ support the process. (markt)
+ </fix>
+ <fix>
+ <bug>55114</bug>: Clean up building instructions for the native component
+ and expand the instructions for building for Windows platforms. (markt)
+ </fix>
+ <fix>
+ <bug>55938</bug>: Resolve remaining clang-analyzer warnings. Note that the
+ use of <code>-1</code> to indicate the full array in
+ <code>File.(read|write)[Full]</code> has been removed since it was only
+ partially implemented and the implementation was faulty. (markt)
+ </fix>
+ <fix>
+ <bug>58082</bug>: Update unit tests to use JUnit 4. Refactor unit tests
+ into separate tests and use an external to reference them in the same way
+ an external is used to reference the main code. (markt)
+ </fix>
+ <fix>
+ <bug>59797</bug>: Ensure that the per thread error hash maintained by
+ OpenSSL is cleaned up as individual threads exit to ensure it does not
+ grow too large. Patch provided by Nate Clark. (markt)
+ </fix>
+ <fix>
+ <bug>59996</bug>: Correctly handle building tc-native on a 64-bit system
+ when using an OpenSSL distribution that is not in <code>/usr</code>.
+ (csutherl)
+ </fix>
+ <fix>
+ <bug>60388</bug>: The --disable-maintainer-mode option of the configure
+ script no longer enables the maintainer mode. (ebourg)
+ </fix>
+ <update>
+ Update minimum recommended OpenSSL version to 1.0.2k. (markt)
+ </update>
+ </changelog>
+</section>
<section name="Changes in 1.2.10">
<changelog>
+ <update>
Update minimum recommended OpenSSL version to 1.0.2j. (markt)
+ </update>
</changelog>
</section>
<section name="Changes in 1.2.9">
diff --git a/xdocs/news/2016.xml b/xdocs/news/2016.xml
index 2c80867..4a5fd66 100644
--- a/xdocs/news/2016.xml
+++ b/xdocs/news/2016.xml
@@ -29,6 +29,13 @@
<body>
<section name="2016 News & Status">
+ <subsection anchor="20161005" name="5 October 2016 - TC-Native-1.2.10 released">
+ <p>The Apache Tomcat team is proud to announce the immediate availability
+ of Tomcat Native 1.2.10. This is a release to update dependencies for the
+ Windows binaries and includes Windows binaries built with OpenSSL 1.0.2j and
+ APR 1.5.2.
+ </p>
+ </subsection>
<subsection anchor="20160702" name="2 July 2016 - TC-Native-1.2.8 released">
<p>The Apache Tomcat team is proud to announce the immediate availability
of Tomcat Native 1.2.8. This is a bug fix release release and includes Windows
diff --git a/xdocs/style.xsl b/xdocs/style.xsl
index e77762c..e7dd283 100644
--- a/xdocs/style.xsl
+++ b/xdocs/style.xsl
@@ -125,7 +125,7 @@
<!-- Footer -->
<footer><div id="footer">
- Copyright © 2008-2016, The Apache Software Foundation
+ Copyright © 2008-2017, The Apache Software Foundation
</div></footer>
</div>
</body>
--- End Message ---