Resin Documentation

resin 4.0.42 release notes

We encourage people to report 4.0.42 bugs at http://bugs.caucho.com.

4.0.42 is primarily a bug fix release. Please see changes.xtp for a list of changes.

Disabling -sslv3 is now recommended for all SSL ports because of a newly discovered security attack. The configuration is already available; you don't need to upgrade Resin versions. The configuration to disable SSL3 looks like:

<resin ...>
<cluster ...>
  <server...>
  
    <http port="443">
      <openssl>
         ...
         <protocol>-sslv3</protocol>
      </openssl>

• websocket: read loop needs to use getAvailableBuffer() (ep by Arun Durairaju)
• bam: too much logging for queue full (rep by Dan Stilts)
• bam: use smallest queue for remoting instead of round-robin to handle frozen connections (rep by Dan Stilts)
• comet: cleanup of comet state machine (#5826, rep by S. Nobuaki)
• cxf: missing servlet config for CXFProtocolServletFactory (#5825, rep by balaiitm)
• servlet: setHeader("foo", null) now removes header value (#5824)
• db: fixed expires and orphan queries to remove expired sessions (#5748, rep by Thomas Rogan)
• ejb: added scan-persistence-xml to <ejb-server> to allow disabling of persistence-unit scanning (#4908)
• ssl: update openssl option processing. Update SSL_free/SSL_new
• health: add snapshot-jmx and snapshot-heap-dump to avoid issues on weekly reports (#5495, rep by ssbbartgroup)
• resin.sh: chdir to $RESIN_HOME before starting (#5668, rep by balaiitm)
• apache: NPE issues with Apache locking (#5747, #5744, rep by vicsanca, ssmax)
• apache: configure/make issues with Apache 24
• jni: add loading of classes/native/*.so (or native/*.so in a jar) (#5760, rep by William Damage)
• openssl: SSL field (ssl_sock) value was being cleared by std.c (#5815, rep by Nick Stephens, Sarah Gillespie)
• openssl: SSLv3 is now disabled by default (#5819)
• health: StartProfiler was saving data in text, not json (#5736, rep by S Nobuaki)
• admin: load-balance connection state could get stuck in "starting" on certain success cases (#5653)
• async: on comet restart, allow the previous state to be completed (#5684, rep by KC Baltz)
• async: send 500 on empty response with timeout (#5570, rep by Shinomiya Nobuaki)
• async: issues with starting async in forward (#5544, rep by Shinomiya Nobuaki)
• cache: update FileServlet to generate ETag including mime-type to support mime-type updates (#5761, rep by M. Lowe)
• servlet: multipart parts were not supported for namedDispatcher forward (#5543, rep by Shinomiya Nobuaki)
• dbpool: on manual init(), do not register JNDI, CDI, or JMX (#5595, rep by Shinomiya Nobuaki)
• webapp: sort initializers by web-fragment (#5514, rep by beamerblvd)
• ring-queue: offer with no wait and full requires a wake before blocking (#5599)
• jsp: allow binary output stream with non text/ contentType (#5027)
• async/gzip: issues with async combined with gzip (#5033)
• rpm: added %postun to shutdown resin (#5635, rep by S. Gillespie)
• i18n: classloading issues with utf-8 names (#5549, rep by konfetov)
• database: use JDK's ReentrantReadWriteLock instead of custom Resin lock (#5624, rep by Shinomiya Nobuaki)
• database: on close, fsync validation is does not allow for late writes (#5636, rep by Shinomiya Nobuaki)
• servlet: relax checking of public for Filter constructor (#5701)
• log: limit log message database (#5802, rep by R. Murayama)
• database: force remove of old file when file is created (#5803, rep by R. Murayama)
• jni: only epoll is supported as select-manager (#5811, rep by qjian)
• jni: on windows use File.lastModified() instead of stat result to avoid windows DST bug (rep by Jason Barr)
• health: add <mail> to PdfReport configuration (rep by Steffen Busch)