  Preface

   This is the Changelog for Apache Tomcat Native 2.0.x. The Tomcat Native
   2.0.x branch started from the 1.2.33 tag.

  Changes in 2.0.9

     * Update: Update the Windows build environment to use Visual Studio
       2022. (markt)
     * Update: Update the recommended minimum version of OpenSSL to 3.5.0.
       (markt)
     * Update: Update the recommended minimum version of APR to 1.7.6.
       (markt)

  Changes in 2.0.8

     * Fix: Fix a crash on Windows when SSLContext.setCACertificate() is
       invoked with a null value for caCertificateFile and a non-null value
       for caCertificatePath until properly addressed with
       https://github.com/openssl/openssl/issues/24416. (michaelo)
     * Add: Use ERR_error_string_n with a definite buffer length as a named
       constant. (schultz)
     * Add: Ensure local reference capacity is available when creating new
       arrays and Strings. (schultz)
     * Update: Update the recommended minimum version of OpenSSL to 3.0.14.
       (markt)

  Changes in 2.0.7

     * Add: 67538: Make use of Ant's <javaversion /> task to enforce the
       mininum Java build version. (michaelo)
     * Fix: 67615: Windows binary for version 2 has incorrect version suffix
       compared to the GNU autoconf version. (michaelo)
     * Update: Align default pass phrase prompt with HTTPd on Windows as
       well. (michaelo)
     * Fix: 67616: o.a.tomcat.jni.SSL contains useless check for old OpenSSL
       version. (michaelo)
     * Update: Drop useless compile.optimize option. (michaelo)
     * Update: Align Java source compile configuration with Tomcat.
       (michaelo)
     * Add: Add Ant version (1.10.2) requirement identical to Tomcat.
       (michaelo)
     * Update: Remove an unreachable if condition around CRLs in
       sslcontext.c. (michaelo)
     * Fix: 67818: When calling SSL.setVerify() or SSLContext.setVerify(),
       the default verify paths are no longer set. Only the explicitly
       configured trust store, if any, will be used. (michaelo)
     * Update: Update the recommended minimum version of OpenSSL to 3.0.13.
       (markt)

  Changes in 2.0.6

     * Fix: 67061: If the insecure optionalNoCA certificate verification mode
       is used, disable OCSP if enabled else client certificates from unknown
       certificate authorities will be rejected. (markt)
     * Update: Update the recommended minimum version of OpenSSL to 3.0.11.
       (markt)

  Changes in 2.0.5

     * Update: 66666: Remove non-reachable functions from ssl.c. (michaelo)
     * Update: Align default pass phrase prompt with HTTPd. (michaelo)
     * Update: Rename configure.in to modern autotools style configure.ac.
       (rjung)
     * Update: Fix incomplete updates for autotools generated files during
       "buildconf" execution. (rjung)
     * Update: Improve quoting in tcnative.m4. (rjung)
     * Update: Update the minimum version of autoconf for releasing to 2.68.
       (rjung)
     * Fix: 66669: Fix memory leak in SNI processing. (markt)
     * Update: Update the recommended minimum version of OpenSSL to 3.0.10.
       (markt)

  Changes in 2.0.4

     * Update: Update the recommended minimum version of APR to 1.7.4.
       (markt)
     * Update: Update the recommended minimum version of OpenSSL to 3.0.9.
       (markt)

  Changes in 2.0.3

     * Update: Update the recommended minimum version of APR to 1.7.2.
       (markt)
     * Update: Update the recommended minimum version of OpenSSL to 3.0.8.
       (markt)

  Changes in 2.0.2

     * Update: Update the minimum supported version of LibreSSL to 3.5.2.
       Based on pull request #13 provided by orbea. (markt)
     * Fix: Fix build when building with rlibtool. Pull request #14 provided
       by orbea. (markt)

  Changes in 2.0.1

     * Update: Update recommended OpenSSL version to 3.0.5 or later. (markt)

  Changes in 2.0.0

     * Update: Update the minimum required version of OpenSSL to 3.0.0 and
       make it a madatory dependency. (markt)
     * Update: Update the minimum required version of APR to 1.7.0. (markt)
     * Design: Remove NPN support as NPN was never standardised and browser
       support was removed in 2019. (markt)
     * Add: Add support for using OpenSSL when the FIPS provider is
       configured as the default provider. (markt)
     * Design: Remove all API methods (and supporting code) that are not used
       by Tomcat 10.1.x to support the use of OpenSSL as a replacement for
       JSSE to provide TLS functionality. (markt)
     * Docs: Document the TLS rengotiation behaviour. (markt)
     * Update: Update the minimum required Java version to Java 11. (markt)
     * Update: Remove support for Windows 2000, Windows XP, Windows Server
       2003, Windows Vista and Windows Server 2008. The minimum Windows
       version is now Windows 7 / Windows Server 2008 R2. (markt)
     * Docs: Add HOWTO-RELEASE.txt that describes the release process.
       (markt)
     * Fix: Fix the autoconf warnings when creating a release. (markt)

  Changes in 1.3.x

   Please see the 1.3.x changelog.

  Changes in 1.2.x

   Please see the 1.2.x changelog.

  Changes in 1.1.x

   Please see the 1.1.x changelog.

   Copyright  2008-2025, The Apache Software Foundation
