You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by lu...@apache.org on 2003/07/31 02:19:42 UTC
cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/coyote/tomcat5 CoyoteConnector.java mbeans-descriptors.xml
luehe 2003/07/30 17:19:42
Modified: catalina/src/share/org/apache/coyote/tomcat5
CoyoteConnector.java mbeans-descriptors.xml
Log:
Added new "sslProtocol" property + minor javadoc edits
The "protocol" property is a little confusing, as it means different
things in different classes:
- In CoyoteConnector, it refers to the Coyote protocol name (i.e.,
HTTP/1.1 or AJP/1.3).
- In Http11Processor and CoyoteServerSocketFactory, it refers to the
SSL protocol variant.
We may want to fix this.
Revision Changes Path
1.18 +32 -6 jakarta-tomcat-catalina/catalina/src/share/org/apache/coyote/tomcat5/CoyoteConnector.java
Index: CoyoteConnector.java
===================================================================
RCS file: /home/cvs/jakarta-tomcat-catalina/catalina/src/share/org/apache/coyote/tomcat5/CoyoteConnector.java,v
retrieving revision 1.17
retrieving revision 1.18
diff -u -r1.17 -r1.18
--- CoyoteConnector.java 29 Jul 2003 16:29:57 -0000 1.17
+++ CoyoteConnector.java 31 Jul 2003 00:19:42 -0000 1.18
@@ -819,10 +819,9 @@
/**
- * Set the Coyote protocol which will be used
- * by the connector.
+ * Set the Coyote protocol which will be used by the connector.
*
- * @param protocolHandlerClassName The new class name
+ * @param protocol The Coyote protocol name
*/
public void setProtocol(String protocol) {
@@ -1317,9 +1316,11 @@
IntrospectionUtils.setProperty(protocolHandler, "secure",
"" + false);
}
+
/* Set the configured properties. This only sets the ones that were
- explicitly configured. Default values are the responsibility of
- the protocolHandler. */
+ * explicitly configured. Default values are the responsibility of
+ * the protocolHandler.
+ */
Iterator keys = properties.keySet().iterator();
while( keys.hasNext() ) {
String name = (String)keys.next();
@@ -1519,6 +1520,31 @@
ServerSocketFactory factory = getFactory();
if (factory instanceof CoyoteServerSocketFactory) {
((CoyoteServerSocketFactory)factory).setCiphers(ciphers);
+ }
+ }
+
+ /**
+ * Gets the SSL protocol variant to be used.
+ *
+ * @return SSL protocol variant
+ */
+ public String getSslProtocol() {
+ ServerSocketFactory factory = getFactory();
+ if (factory instanceof CoyoteServerSocketFactory) {
+ return ((CoyoteServerSocketFactory)factory).getProtocol();
+ }
+ return null;
+ }
+
+ /**
+ * Sets the SSL protocol variant to be used.
+ *
+ * @param sslProtocol SSL protocol variant
+ */
+ public void setSslProtocol(String sslProtocol) {
+ ServerSocketFactory factory = getFactory();
+ if (factory instanceof CoyoteServerSocketFactory) {
+ ((CoyoteServerSocketFactory)factory).setProtocol(sslProtocol);
}
}
1.3 +4 -0 jakarta-tomcat-catalina/catalina/src/share/org/apache/coyote/tomcat5/mbeans-descriptors.xml
Index: mbeans-descriptors.xml
===================================================================
RCS file: /home/cvs/jakarta-tomcat-catalina/catalina/src/share/org/apache/coyote/tomcat5/mbeans-descriptors.xml,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- mbeans-descriptors.xml 11 Jul 2003 01:04:43 -0000 1.2
+++ mbeans-descriptors.xml 31 Jul 2003 00:19:42 -0000 1.3
@@ -32,6 +32,10 @@
description="Comma-separated list of SSL cipher suites to be enabled"
type="java.lang.String"/>
+ <attribute name="sslProtocol"
+ description="SSL protocol variant to be used"
+ type="java.lang.String"/>
+
<attribute name="connectionTimeout"
description="Timeout value on the incoming connection"
type="int"/>
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org
[4.1.27] Release [5.0.6] New build
Posted by Remy Maucherat <re...@apache.org>.
I'll tag and release Tomcat 4.1.27 Stable today, which includes fixes
for minor security bugs over 4.1.26.
Please -1 quickly if you don't want that release to happen without more
review.
I'll also tag and release a new 5.0.6 build, ask for a vote on the
Tomcat 5.0.x release plan, and ask for a stability vote on the build (to
get in the mood).
Lots of stuff :)
Remy
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org
Re: cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/coyote/tomcat5 CoyoteConnector.java mbeans-descriptors.xml
Posted by Bill Barker <wb...@wilshire.com>.
Sorry for using gmane, but the original is on my machine at work, and I
really didn't have time to follow tomcat-dev today. Reply below.
"Remy Maucherat" <re...@apache.org> wrote in message
news:3F28E107.50205@apache.org...
> Bill Barker wrote:
> >>luehe@apache.org wrote:
> >>
> >>>luehe 2003/07/30 17:19:42
> >>>
> >>> Modified: catalina/src/share/org/apache/coyote/tomcat5
> >>> CoyoteConnector.java mbeans-descriptors.xml
> >>> Log:
> >>> Added new "sslProtocol" property + minor javadoc edits
> >>>
> >>> The "protocol" property is a little confusing, as it means different
> >>> things in different classes:
> >>>
> >>> - In CoyoteConnector, it refers to the Coyote protocol name (i.e.,
> >>> HTTP/1.1 or AJP/1.3).
> >>>
> >>> - In Http11Processor and CoyoteServerSocketFactory, it refers to the
> >>> SSL protocol variant.
> >>>
> >>> We may want to fix this.
> >>
> >>Well, protocol for HTTP and AJP is the accurate name. Protocol for the
> >>secure layer is also the right name (note that this parameter is
> >>remarkably useless, as everything supports TLS now, and the old SSL2 is
> >>supposedly insecure).
> >
> > Yeah, well everything that you've said is true. However, in the
interest of
> > deprecating the Factory (which is even more useless than the parameter
;-),
> > I'm +1 on Jan's patch.
>
> I have nothing against Jan's patch this time.
> I added passing arbitrary parameters on the connector element, so it
> should be actually possible to avoid using the fake socket factory. I
> don't have much time to tweak stuff, but the server.xml should IMO be
> updated, removing the factory for the SSL example. Can you do it ?
>
Sure, no problem. I probably won't be able to do it until the weekend, but
you won't be back before then anyway ;-).
> (and then the SSL Howto and connector docs will need to be updated)
I'm notoriously bad at doc-writing (I've yet to submit a doc patch that
hasn't been substantially re-written ;-). However, since TC 5 is still in
alpha, I'll post changes to the docs as well. There is still time for
someone with writing skills to improve on it ;-).
>
> Remy
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org
Re: cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/coyote/tomcat5 CoyoteConnector.java mbeans-descriptors.xml
Posted by Bill Barker <wb...@wilshire.com>.
Sorry for using gmane, but the original is on my machine at work, and I
really didn't have time to follow tomcat-dev today. Reply below.
"Remy Maucherat" <re...@apache.org> wrote in message
news:3F28E107.50205@apache.org...
> Bill Barker wrote:
> >>luehe@apache.org wrote:
> >>
> >>>luehe 2003/07/30 17:19:42
> >>>
> >>> Modified: catalina/src/share/org/apache/coyote/tomcat5
> >>> CoyoteConnector.java mbeans-descriptors.xml
> >>> Log:
> >>> Added new "sslProtocol" property + minor javadoc edits
> >>>
> >>> The "protocol" property is a little confusing, as it means different
> >>> things in different classes:
> >>>
> >>> - In CoyoteConnector, it refers to the Coyote protocol name (i.e.,
> >>> HTTP/1.1 or AJP/1.3).
> >>>
> >>> - In Http11Processor and CoyoteServerSocketFactory, it refers to the
> >>> SSL protocol variant.
> >>>
> >>> We may want to fix this.
> >>
> >>Well, protocol for HTTP and AJP is the accurate name. Protocol for the
> >>secure layer is also the right name (note that this parameter is
> >>remarkably useless, as everything supports TLS now, and the old SSL2 is
> >>supposedly insecure).
> >
> > Yeah, well everything that you've said is true. However, in the
interest of
> > deprecating the Factory (which is even more useless than the parameter
;-),
> > I'm +1 on Jan's patch.
>
> I have nothing against Jan's patch this time.
> I added passing arbitrary parameters on the connector element, so it
> should be actually possible to avoid using the fake socket factory. I
> don't have much time to tweak stuff, but the server.xml should IMO be
> updated, removing the factory for the SSL example. Can you do it ?
>
Sure, no problem. I probably won't be able to do it until the weekend, but
you won't be back before then anyway ;-).
> (and then the SSL Howto and connector docs will need to be updated)
I'm notoriously bad at doc-writing (I've yet to submit a doc patch that
hasn't been substantially re-written ;-). However, since TC 5 is still in
alpha, I'll post changes to the docs as well. There is still time for
someone with writing skills to improve on it ;-).
>
> Remy
Re: cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/coyote/tomcat5
CoyoteConnector.java mbeans-descriptors.xml
Posted by Remy Maucherat <re...@apache.org>.
Bill Barker wrote:
>>luehe@apache.org wrote:
>>
>>>luehe 2003/07/30 17:19:42
>>>
>>> Modified: catalina/src/share/org/apache/coyote/tomcat5
>>> CoyoteConnector.java mbeans-descriptors.xml
>>> Log:
>>> Added new "sslProtocol" property + minor javadoc edits
>>>
>>> The "protocol" property is a little confusing, as it means different
>>> things in different classes:
>>>
>>> - In CoyoteConnector, it refers to the Coyote protocol name (i.e.,
>>> HTTP/1.1 or AJP/1.3).
>>>
>>> - In Http11Processor and CoyoteServerSocketFactory, it refers to the
>>> SSL protocol variant.
>>>
>>> We may want to fix this.
>>
>>Well, protocol for HTTP and AJP is the accurate name. Protocol for the
>>secure layer is also the right name (note that this parameter is
>>remarkably useless, as everything supports TLS now, and the old SSL2 is
>>supposedly insecure).
>
> Yeah, well everything that you've said is true. However, in the interest of
> deprecating the Factory (which is even more useless than the parameter ;-),
> I'm +1 on Jan's patch.
I have nothing against Jan's patch this time.
I added passing arbitrary parameters on the connector element, so it
should be actually possible to avoid using the fake socket factory. I
don't have much time to tweak stuff, but the server.xml should IMO be
updated, removing the factory for the SSL example. Can you do it ?
(and then the SSL Howto and connector docs will need to be updated)
Remy
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org
Re: cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/coyote/tomcat5 CoyoteConnector.java mbeans-descriptors.xml
Posted by Bill Barker <wb...@wilshire.com>.
----- Original Message -----
From: "Remy Maucherat" <re...@apache.org>
To: "Tomcat Developers List" <to...@jakarta.apache.org>
Sent: Thursday, July 31, 2003 1:41 AM
Subject: Re: cvs commit:
jakarta-tomcat-catalina/catalina/src/share/org/apache/coyote/tomcat5
CoyoteConnector.java mbeans-descriptors.xml
> luehe@apache.org wrote:
> > luehe 2003/07/30 17:19:42
> >
> > Modified: catalina/src/share/org/apache/coyote/tomcat5
> > CoyoteConnector.java mbeans-descriptors.xml
> > Log:
> > Added new "sslProtocol" property + minor javadoc edits
> >
> > The "protocol" property is a little confusing, as it means different
> > things in different classes:
> >
> > - In CoyoteConnector, it refers to the Coyote protocol name (i.e.,
> > HTTP/1.1 or AJP/1.3).
> >
> > - In Http11Processor and CoyoteServerSocketFactory, it refers to the
> > SSL protocol variant.
> >
> > We may want to fix this.
>
> Well, protocol for HTTP and AJP is the accurate name. Protocol for the
> secure layer is also the right name (note that this parameter is
> remarkably useless, as everything supports TLS now, and the old SSL2 is
> supposedly insecure).
>
Yeah, well everything that you've said is true. However, in the interest of
deprecating the Factory (which is even more useless than the parameter ;-),
I'm +1 on Jan's patch.
> Remy
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org
>
>
Re: cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/coyote/tomcat5
CoyoteConnector.java mbeans-descriptors.xml
Posted by Remy Maucherat <re...@apache.org>.
luehe@apache.org wrote:
> luehe 2003/07/30 17:19:42
>
> Modified: catalina/src/share/org/apache/coyote/tomcat5
> CoyoteConnector.java mbeans-descriptors.xml
> Log:
> Added new "sslProtocol" property + minor javadoc edits
>
> The "protocol" property is a little confusing, as it means different
> things in different classes:
>
> - In CoyoteConnector, it refers to the Coyote protocol name (i.e.,
> HTTP/1.1 or AJP/1.3).
>
> - In Http11Processor and CoyoteServerSocketFactory, it refers to the
> SSL protocol variant.
>
> We may want to fix this.
Well, protocol for HTTP and AJP is the accurate name. Protocol for the
secure layer is also the right name (note that this parameter is
remarkably useless, as everything supports TLS now, and the old SSL2 is
supposedly insecure).
Remy
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org