tcnative commit flood

[Rainer Jung <ra...@kippdata.de>]

Just a short explanation: triggered by logjam I wanted to improve DH 
ephemeral key handling in tcnative. I had the BZ issue on my watch list 
and knew that mod_ssl had already improved a lot in that area.

When looking at tcnative I noticed, that trunk now is no longer just an 
old fork one could reset without loosing much. Instead it has nice new 
features written and used by Mark to support HTTP/2 (SNI and ALPN) in TC 
trunk. So I went the hard way and went through all changes between 1.1 
and trunk to decide, in which direction to merge or whether a difference 
should be kept.

If you go through the commits, then you will notice that by far most of 
the changes are ports from 1.1 to trunk. I tried to keep the risk for 
the ports in the other direction small, but I can't guarantee I haven't 
broken anything. The biggest change to 1.1 is DH ephemeral key handling.

I will at run the TC unit tests next.

All functional changes in trunk now have a changelog entry there. I have 
a few open points in the SSL area I will try to work on, but things will 
slow down now and some of that might be trunk only.

Regards,

Rainer

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org