[Bug 56780] IBM Java: server.startup gives error "java.lang.IllegalArgumentException: Only TLS1.2 protocol can be enabl ed in SP800_131 strict mode"

2014-10-21 Thread bugzilla 
https://issues.apache.org/bugzilla/show_bug.cgi?id=56780

--- Comment #6 from Hariharan, R  ---
@Mark Thomas: I am able to see the bug fix in 7.0.56.

@Karl Freburger:  Can you mail a 64-bit IBM JRE for Windows to
cloakcaval...@gmail.com?

-- 
You are receiving this mail because:
You are the assignee for the bug.

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 53952] Add support for TLS 1.1 and 1.2

2014-10-21 Thread bugzilla 
https://issues.apache.org/bugzilla/show_bug.cgi?id=53952

--- Comment #43 from Ralf Hauser  ---
I guess comment 30 ff. refers to 
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566  ?

-- 
You are receiving this mail because:
You are the assignee for the bug.

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

svn commit: r6809 - in /dev/tomcat/tomcat-connectors/native/1.1.32: ./ binaries/ source/

2014-10-21 Thread markt 
Author: markt
Date: Tue Oct 21 08:57:53 2014
New Revision: 6809

Log:
Upload Tomcat native 1.1.32 for voting

Added:
dev/tomcat/tomcat-connectors/native/1.1.32/
dev/tomcat/tomcat-connectors/native/1.1.32/binaries/

dev/tomcat/tomcat-connectors/native/1.1.32/binaries/tomcat-native-1.1.32-ocsp-win32-bin.zip
   (with props)

dev/tomcat/tomcat-connectors/native/1.1.32/binaries/tomcat-native-1.1.32-ocsp-win32-bin.zip.asc

dev/tomcat/tomcat-connectors/native/1.1.32/binaries/tomcat-native-1.1.32-oscp-win32-bin.zip.md5

dev/tomcat/tomcat-connectors/native/1.1.32/binaries/tomcat-native-1.1.32-oscp-win32-bin.zip.sha1

dev/tomcat/tomcat-connectors/native/1.1.32/binaries/tomcat-native-1.1.32-win32-bin.zip
   (with props)

dev/tomcat/tomcat-connectors/native/1.1.32/binaries/tomcat-native-1.1.32-win32-bin.zip.asc

dev/tomcat/tomcat-connectors/native/1.1.32/binaries/tomcat-native-1.1.32-win32-bin.zip.md5

dev/tomcat/tomcat-connectors/native/1.1.32/binaries/tomcat-native-1.1.32-win32-bin.zip.sha1
dev/tomcat/tomcat-connectors/native/1.1.32/source/

dev/tomcat/tomcat-connectors/native/1.1.32/source/tomcat-native-1.1.32-src.tar.gz
   (with props)

dev/tomcat/tomcat-connectors/native/1.1.32/source/tomcat-native-1.1.32-src.tar.gz.asc

dev/tomcat/tomcat-connectors/native/1.1.32/source/tomcat-native-1.1.32-src.tar.gz.md5

dev/tomcat/tomcat-connectors/native/1.1.32/source/tomcat-native-1.1.32-src.tar.gz.sha1

dev/tomcat/tomcat-connectors/native/1.1.32/source/tomcat-native-1.1.32-win32-src.zip
   (with props)

dev/tomcat/tomcat-connectors/native/1.1.32/source/tomcat-native-1.1.32-win32-src.zip.asc

dev/tomcat/tomcat-connectors/native/1.1.32/source/tomcat-native-1.1.32-win32-src.zip.md5

dev/tomcat/tomcat-connectors/native/1.1.32/source/tomcat-native-1.1.32-win32-src.zip.sha1

Added: 
dev/tomcat/tomcat-connectors/native/1.1.32/binaries/tomcat-native-1.1.32-ocsp-win32-bin.zip
==
Binary file - no diff available.

Propchange: 
dev/tomcat/tomcat-connectors/native/1.1.32/binaries/tomcat-native-1.1.32-ocsp-win32-bin.zip
--
svn:mime-type = application/octet-stream

Added: 
dev/tomcat/tomcat-connectors/native/1.1.32/binaries/tomcat-native-1.1.32-ocsp-win32-bin.zip.asc
==
--- 
dev/tomcat/tomcat-connectors/native/1.1.32/binaries/tomcat-native-1.1.32-ocsp-win32-bin.zip.asc
 (added)
+++ 
dev/tomcat/tomcat-connectors/native/1.1.32/binaries/tomcat-native-1.1.32-ocsp-win32-bin.zip.asc
 Tue Oct 21 08:57:53 2014
@@ -0,0 +1,17 @@
+-BEGIN PGP SIGNATURE-
+Version: GnuPG v1.4.9 (MingW32)
+
+iQIcBAABAgAGBQJURhrBAAoJEBDAHFovYFnn684P+wdp8tGePyaNFDKGsSUH93Cc
+ww4NTaWLmJs6BZzfwBW46x09BhnEyE4YUWj4SrX6ll7D3KRzTlKNzTPF978LuBXC
+BbJX8jt2XYAmcgcQ6pDNik4hlYFiIwRQGvVwDIdrm1PyZMoCt/fL1i8rDLqLIRov
+0yHDttR87JlI9smOgBEa1VlX1GaS9qSij/q2Kw3pgnWMvylaPVj3b+1i9lkOzIgS
+A4X7JGHpP1i1fgQZ5OT2HO+k/K0ItxcBKdVOcx+JaWafZfPyyyxTyNTu01AL95By
+Z/HsvRZ8EwUVJRYH9D3E9BRE7lskwBbuFQ/9e5Bt8XT16BFx+62fGurgoTngZvzJ
+p/0XqEHhv7r1d6L02Q5nhHFyE/t8s94sDRk/3/NNrTeW+ERnqml5pMjcuOphfw0t
+fKpafSyNiPcnh590y8+fNVXjmCua/XoRCrBvv2EYemBY4xrULtLRGCLXTc3ZHuLq
+NTVC60unuR94I8mBH8cc9NFSps/Lx9sskfNJhEg6GUKClIOFCBUm7h1GLas2Jb8f
+vqaWpnQPPXiDKucwq20A4UkWgvKAAqb96iMUwsY9JawFfPcX0Z8hfdqR4EeqXzWb
+Wo6KcBADBr0rpt2C8V1gwysMue6PAvNM6fGL3hE6R+5fuG9b2cyzsz4GqcSt89S3
+rjZJwdpoGqKhx5EzILWd
+=O/m2
+-END PGP SIGNATURE-

Added: 
dev/tomcat/tomcat-connectors/native/1.1.32/binaries/tomcat-native-1.1.32-oscp-win32-bin.zip.md5
==
--- 
dev/tomcat/tomcat-connectors/native/1.1.32/binaries/tomcat-native-1.1.32-oscp-win32-bin.zip.md5
 (added)
+++ 
dev/tomcat/tomcat-connectors/native/1.1.32/binaries/tomcat-native-1.1.32-oscp-win32-bin.zip.md5
 Tue Oct 21 08:57:53 2014
@@ -0,0 +1 @@
+0b0e1e4c77b9b7051fc2c751b70d2880 *tomcat-native-1.1.32-oscp-win32-bin.zip
\ No newline at end of file

Added: 
dev/tomcat/tomcat-connectors/native/1.1.32/binaries/tomcat-native-1.1.32-oscp-win32-bin.zip.sha1
==
--- 
dev/tomcat/tomcat-connectors/native/1.1.32/binaries/tomcat-native-1.1.32-oscp-win32-bin.zip.sha1
 (added)
+++ 
dev/tomcat/tomcat-connectors/native/1.1.32/binaries/tomcat-native-1.1.32-oscp-win32-bin.zip.sha1
 Tue Oct 21 08:57:53 2014
@@ -0,0 +1 @@
+b47f96dd3153d002a529e881b6b8f524cd6e321c 
*tomcat-native-1.1.32-oscp-win32-bin.zip
\ No newline at end of file

Added: 
dev/tomcat/tomcat-connectors/native/1.1.32/binaries/tomcat-native-1.1.32-win32-bin.zip
==
Binary file - no diff available.

Propchange: 
dev/tomcat/tomcat-connectors/native/1.1.32/binaries/tomcat-native-1.1.32-win32-bin.zip
--

[VOTE] Release Apache Tomcat Native 1.1.32

2014-10-21 Thread Mark Thomas 
Version 1.1.32 includes the following changes:
- Add support for TLS v1.1 and TLS v1.2
- Windows binaries built with APR 1.5.1 and OpenSSL 1.0.1j

The proposed release artefacts can be found at [1],
and the build was done using tag [2].

Since this release is primarily to address security issues, I may end
the vote earlier than 72 hours to speed up the process of getting Tomcat
releases out that address CVE-2014-3566.

The Apache Tomcat Native 1.1.31 is
 [ ] Stable, go ahead and release
 [ ] Broken because of ...


 [1]
https://dist.apache.org/repos/dist/dev/tomcat/tomcat-connectors/native/1.1.32/
 [2]
https://svn.apache.org/repos/asf/tomcat/native/tags/TOMCAT_NATIVE_1_1_32

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: [VOTE] Release Apache Tomcat Native 1.1.32

2014-10-21 Thread Mark Thomas 
On 21/10/2014 10:05, Mark Thomas wrote:
> Version 1.1.32 includes the following changes:
> - Add support for TLS v1.1 and TLS v1.2
> - Windows binaries built with APR 1.5.1 and OpenSSL 1.0.1j
> 
> The proposed release artefacts can be found at [1],
> and the build was done using tag [2].
> 
> Since this release is primarily to address security issues, I may end
> the vote earlier than 72 hours to speed up the process of getting Tomcat
> releases out that address CVE-2014-3566.
> 
> The Apache Tomcat Native 1.1.31 is
>  [X] Stable, go ahead and release
>  [ ] Broken because of ...

Tested on OSX and 64-bit Windows.

Configured an APR/native HTTPS connector
- confirmed the OpenSSL and APR versions
- used the OpenSSl client to confirm TLS 1.1 and 1.2 were supported

Mark


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

svn commit: r1633342 - in /tomcat/trunk: java/org/apache/tomcat/websocket/WsRemoteEndpointImplBase.java test/org/apache/tomcat/websocket/pojo/TestEncodingDecoding.java webapps/docs/changelog.xml

2014-10-21 Thread markt 
Author: markt
Date: Tue Oct 21 11:16:17 2014
New Revision: 1633342

URL: http://svn.apache.org/r1633342
Log:
Ensure that that an EncodeException is thrown by  
RemoteEndpoint.Basic.sendObject(Object) rather than an IOException when no 
suitable Encoder is configured for the given Object. 

Modified:
tomcat/trunk/java/org/apache/tomcat/websocket/WsRemoteEndpointImplBase.java
tomcat/trunk/test/org/apache/tomcat/websocket/pojo/TestEncodingDecoding.java
tomcat/trunk/webapps/docs/changelog.xml

Modified: 
tomcat/trunk/java/org/apache/tomcat/websocket/WsRemoteEndpointImplBase.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/websocket/WsRemoteEndpointImplBase.java?rev=1633342&r1=1633341&r2=1633342&view=diff
==
--- tomcat/trunk/java/org/apache/tomcat/websocket/WsRemoteEndpointImplBase.java 
(original)
+++ tomcat/trunk/java/org/apache/tomcat/websocket/WsRemoteEndpointImplBase.java 
Tue Oct 21 11:16:17 2014
@@ -509,12 +509,21 @@ public abstract class WsRemoteEndpointIm
 }
 
 
-public void sendObject(Object obj) throws IOException {
+public void sendObject(Object obj) throws IOException, EncodeException {
 Future f = sendObjectByFuture(obj);
 try {
 f.get();
-} catch (InterruptedException | ExecutionException e) {
+} catch (InterruptedException e) {
 throw new IOException(e);
+} catch (ExecutionException e) {
+Throwable cause = e.getCause();
+if (cause instanceof IOException) {
+throw (IOException) cause;
+} else if (cause instanceof EncodeException) {
+throw (EncodeException) cause;
+} else {
+throw new IOException(e);
+}
 }
 }
 

Modified: 
tomcat/trunk/test/org/apache/tomcat/websocket/pojo/TestEncodingDecoding.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/test/org/apache/tomcat/websocket/pojo/TestEncodingDecoding.java?rev=1633342&r1=1633341&r2=1633342&view=diff
==
--- 
tomcat/trunk/test/org/apache/tomcat/websocket/pojo/TestEncodingDecoding.java 
(original)
+++ 
tomcat/trunk/test/org/apache/tomcat/websocket/pojo/TestEncodingDecoding.java 
Tue Oct 21 11:16:17 2014
@@ -598,4 +598,36 @@ public class TestEncodingDecoding extend
 }
 }
 }
+
+
+@Test
+public void testUnsupportedObject() throws Exception{
+Tomcat tomcat = getTomcatInstance();
+// Must have a real docBase - just use temp
+Context ctx = tomcat.addContext("", 
System.getProperty("java.io.tmpdir"));
+
ctx.addApplicationListener(ProgramaticServerEndpointConfig.class.getName());
+Tomcat.addServlet(ctx, "default", new DefaultServlet());
+ctx.addServletMapping("/", "default");
+
+WebSocketContainer wsContainer = 
ContainerProvider.getWebSocketContainer();
+
+tomcat.start();
+
+Client client = new Client();
+URI uri = new URI("ws://localhost:" + getPort() + 
PATH_PROGRAMMATIC_EP);
+Session session = wsContainer.connectToServer(client, uri);
+
+// This should fail
+Object msg1 = new Object();
+try {
+session.getBasicRemote().sendObject(msg1);
+Assert.fail("No exception thrown ");
+} catch (EncodeException e) {
+// Expected
+} catch (Throwable t) {
+Assert.fail("Wrong exception type");
+} finally {
+session.close();
+}
+}
 }

Modified: tomcat/trunk/webapps/docs/changelog.xml
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1633342&r1=1633341&r2=1633342&view=diff
==
--- tomcat/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/trunk/webapps/docs/changelog.xml Tue Oct 21 11:16:17 2014
@@ -220,6 +220,12 @@
   
 Add null checks for arguments in remote endpoint. (remm/kkolinko)
   
+  
+57118: Ensure that that an EncodeException is
+thrown by RemoteEndpoint.Basic.sendObject(Object) rather
+than an IOException when no suitable Encoder
+is configured for the given Object. (markt)
+  
 
   
   



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

svn commit: r1633346 - /tomcat/trunk/webapps/docs/changelog.xml

2014-10-21 Thread kkolinko 
Author: kkolinko
Date: Tue Oct 21 11:35:35 2014
New Revision: 1633346

URL: http://svn.apache.org/r1633346
Log:
Update changelog for BZ 47919 per r1630407
It logs not just key env vars, but all of them, and logs command line arguments.
I am emphasizing CATALINA_OPTS, JAVA_OPTS, as that may be a security concern 
for somebody.

Modified:
tomcat/trunk/webapps/docs/changelog.xml

Modified: tomcat/trunk/webapps/docs/changelog.xml
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1633346&r1=1633345&r2=1633346&view=diff
==
--- tomcat/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/trunk/webapps/docs/changelog.xml Tue Oct 21 11:35:35 2014
@@ -60,8 +60,10 @@
   
   
 47919: Extend the information logged when Tomcat starts to
-optionally include (disabled by default) the values of key environment
-variables. (markt)
+optionally log the values of command line arguments (enabled by
+default) and environment variables (disabled by default). Note that
+the values added to CATALINA_OPTS and JAVA_OPTS environment variables
+will be logged, as they are used to build up the command line. (markt)
   
   
 49939: Expose the method that clears the static resource



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Early Access builds for JDK 9 b35 and JDK 8u40 b10 are available on java.net

2014-10-21 Thread Rory O'Donnell 

Hi Mladen/Mark,

Early Access build for JDK 9 b35  is 
available on java.net, summary of changes are listed here 



Early Access build for JDK 8u40 b10  
is available on java.net, summary of changes are listed here. 



Rgds,Rory

--
Rgds,Rory O'Donnell
Quality Engineering Manager
Oracle EMEA , Dublin, Ireland

[Bug 57122] New: class loading during remote deployment not working (NoClassDefFoundError)

2014-10-21 Thread bugzilla 
https://issues.apache.org/bugzilla/show_bug.cgi?id=57122

Bug ID: 57122
   Summary: class loading during remote deployment not working
(NoClassDefFoundError)
   Product: Tomcat 7
   Version: 7.0.53
  Hardware: PC
OS: Linux
Status: NEW
  Severity: normal
  Priority: P2
 Component: Catalina
  Assignee: dev@tomcat.apache.org
  Reporter: michael.baul...@knipp.de

I have a Tomcat running a web application, which I then want to update
remotely. During this deployment a ServletContextListener instance (called
InitListener and configured in the web.xml) executes the contextDestroyed
method.

In this method some java classes cannot be loaded. In the tomcat's error log I
see errors like:

SEVERE: Exception sending context destroyed event to listener instance of class
x.y.z.InitListener
java.lang.NoClassDefFoundError:
org/jboss/netty/util/internal/ConcurrentHashMap$Values

However, if I access the same class (in this example the
ConcurrentHashMap$Values) at some previous point before the shutdown starts,
everything works fine.

It seems that Tomcat is not able to (newly) load the necessary classes when
doing the shutdown part of the remote deployment. To my knowledge at this point
arbitrary java code should still be executable.

-- 
You are receiving this mail because:
You are the assignee for the bug.

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 57122] class loading during remote deployment not working (NoClassDefFoundError)

2014-10-21 Thread bugzilla 
https://issues.apache.org/bugzilla/show_bug.cgi?id=57122

--- Comment #1 from Konstantin Kolinko  ---
(In reply to michael.bauland from comment #0)
> 
> SEVERE: Exception sending context destroyed event to listener instance of
> class x.y.z.InitListener
> java.lang.NoClassDefFoundError:
> org/jboss/netty/util/internal/ConcurrentHashMap$Values
> 

1. The full stack trace of the above error = ?

(Was "Exception sending context destroyed event" produced by Tomcat?
Was there a "root cause" of the above exception? What class loader was trying
to load the class?
Any other preceding error in the logs?)

2. Are jboss classes in your web application's WEB-INF/lib and absent from
Tomcat's lib directory?

3. Can you provide simple sample web application to reproduce this behaviour?

-- 
You are receiving this mail because:
You are the assignee for the bug.

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 57122] class loading during remote deployment not working (NoClassDefFoundError)

2014-10-21 Thread bugzilla 
https://issues.apache.org/bugzilla/show_bug.cgi?id=57122

--- Comment #2 from michael.baul...@knipp.de ---
Created attachment 32132
  --> https://issues.apache.org/bugzilla/attachment.cgi?id=32132&action=edit
error log

-- 
You are receiving this mail because:
You are the assignee for the bug.

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 57122] class loading during remote deployment not working (NoClassDefFoundError)

2014-10-21 Thread bugzilla 
https://issues.apache.org/bugzilla/show_bug.cgi?id=57122

--- Comment #3 from michael.baul...@knipp.de ---
Thanks for the quick response. 
1. I have attached the full stack trace. There have been no preceding errors in 
the log, as you can see.

2. No, we do not use jBoss (just richfaces) and have no jBoss classes present.

3. Sorry, the classes that cannot be loaded seem to be arbitrary, one
self-written utility class and one from the netty framework
(org/jboss/netty/util/internal/ConcurrentHashMap$Values), but I can't reproduce
with a simple sample.

-- 
You are receiving this mail because:
You are the assignee for the bug.

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

svn commit: r1633359 - in /tomcat/tc7.0.x/trunk: ./ java/org/apache/tomcat/websocket/WsRemoteEndpointImplBase.java test/org/apache/tomcat/websocket/pojo/TestEncodingDecoding.java webapps/docs/changelo

2014-10-21 Thread markt 
Author: markt
Date: Tue Oct 21 12:36:06 2014
New Revision: 1633359

URL: http://svn.apache.org/r1633359
Log:
Ensure that that an EncodeException is thrown by  
RemoteEndpoint.Basic.sendObject(Object) rather than an IOException when no 
suitable Encoder is configured for the given Object. 

Modified:
tomcat/tc7.0.x/trunk/   (props changed)

tomcat/tc7.0.x/trunk/java/org/apache/tomcat/websocket/WsRemoteEndpointImplBase.java

tomcat/tc7.0.x/trunk/test/org/apache/tomcat/websocket/pojo/TestEncodingDecoding.java
tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml

Propchange: tomcat/tc7.0.x/trunk/
--
  Merged /tomcat/trunk:r1633342

Modified: 
tomcat/tc7.0.x/trunk/java/org/apache/tomcat/websocket/WsRemoteEndpointImplBase.java
URL: 
http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/tomcat/websocket/WsRemoteEndpointImplBase.java?rev=1633359&r1=1633358&r2=1633359&view=diff
==
--- 
tomcat/tc7.0.x/trunk/java/org/apache/tomcat/websocket/WsRemoteEndpointImplBase.java
 (original)
+++ 
tomcat/tc7.0.x/trunk/java/org/apache/tomcat/websocket/WsRemoteEndpointImplBase.java
 Tue Oct 21 12:36:06 2014
@@ -512,14 +512,21 @@ public abstract class WsRemoteEndpointIm
 }
 
 
-public void sendObject(Object obj) throws IOException {
+public void sendObject(Object obj) throws IOException, EncodeException {
 Future f = sendObjectByFuture(obj);
 try {
 f.get();
 } catch (InterruptedException e) {
 throw new IOException(e);
 } catch (ExecutionException e) {
-throw new IOException(e);
+Throwable cause = e.getCause();
+if (cause instanceof IOException) {
+throw (IOException) cause;
+} else if (cause instanceof EncodeException) {
+throw (EncodeException) cause;
+} else {
+throw new IOException(e);
+}
 }
 }
 

Modified: 
tomcat/tc7.0.x/trunk/test/org/apache/tomcat/websocket/pojo/TestEncodingDecoding.java
URL: 
http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/test/org/apache/tomcat/websocket/pojo/TestEncodingDecoding.java?rev=1633359&r1=1633358&r2=1633359&view=diff
==
--- 
tomcat/tc7.0.x/trunk/test/org/apache/tomcat/websocket/pojo/TestEncodingDecoding.java
 (original)
+++ 
tomcat/tc7.0.x/trunk/test/org/apache/tomcat/websocket/pojo/TestEncodingDecoding.java
 Tue Oct 21 12:36:06 2014
@@ -603,4 +603,36 @@ public class TestEncodingDecoding extend
 }
 }
 }
+
+
+@Test
+public void testUnsupportedObject() throws Exception{
+Tomcat tomcat = getTomcatInstance();
+// Must have a real docBase - just use temp
+Context ctx = tomcat.addContext("", 
System.getProperty("java.io.tmpdir"));
+
ctx.addApplicationListener(ProgramaticServerEndpointConfig.class.getName());
+Tomcat.addServlet(ctx, "default", new DefaultServlet());
+ctx.addServletMapping("/", "default");
+
+WebSocketContainer wsContainer = 
ContainerProvider.getWebSocketContainer();
+
+tomcat.start();
+
+Client client = new Client();
+URI uri = new URI("ws://localhost:" + getPort() + 
PATH_PROGRAMMATIC_EP);
+Session session = wsContainer.connectToServer(client, uri);
+
+// This should fail
+Object msg1 = new Object();
+try {
+session.getBasicRemote().sendObject(msg1);
+Assert.fail("No exception thrown ");
+} catch (EncodeException e) {
+// Expected
+} catch (Throwable t) {
+Assert.fail("Wrong exception type");
+} finally {
+session.close();
+}
+}
 }

Modified: tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml
URL: 
http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml?rev=1633359&r1=1633358&r2=1633359&view=diff
==
--- tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml Tue Oct 21 12:36:06 2014
@@ -138,6 +138,12 @@
   
 Add null checks for arguments in remote endpoint. (remm/kkolinko)
   
+  
+57118: Ensure that that an EncodeException is
+thrown by RemoteEndpoint.Basic.sendObject(Object) rather
+than an IOException when no suitable Encoder
+is configured for the given Object. (markt)
+  
 
   
   



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 57118] Throw EncodeException from RemoteEndpoint.Basic.sendObject()

2014-10-21 Thread bugzilla 
https://issues.apache.org/bugzilla/show_bug.cgi?id=57118

Mark Thomas  changed:

   What|Removed |Added

 Status|NEW |RESOLVED
 Resolution|--- |FIXED
 OS||All

--- Comment #1 from Mark Thomas  ---
This has been fixed in 8.0.x for 8.0.15 onwards and in 7.0.x for 7.0.57
onwards.

-- 
You are receiving this mail because:
You are the assignee for the bug.

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 57122] class loading during remote deployment not working (NoClassDefFoundError)

2014-10-21 Thread bugzilla 
https://issues.apache.org/bugzilla/show_bug.cgi?id=57122

--- Comment #4 from Mark Thomas  ---
(In reply to michael.bauland from comment #3)
> Thanks for the quick response. 
> 1. I have attached the full stack trace. There have been no preceding errors
> in 
> the log, as you can see.
> 
> 2. No, we do not use jBoss (just richfaces) and have no jBoss classes
> present.
> 
> 3. Sorry, the classes that cannot be loaded seem to be arbitrary, one
> self-written utility class and one from the netty framework
> (org/jboss/netty/util/internal/ConcurrentHashMap$Values), but I can't
> reproduce with a simple sample.

Again, where are the classes that can't be loaded located?

-- 
You are receiving this mail because:
You are the assignee for the bug.

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 57122] class loading during remote deployment not working (NoClassDefFoundError)

2014-10-21 Thread bugzilla 
https://issues.apache.org/bugzilla/show_bug.cgi?id=57122

Konstantin Kolinko  changed:

   What|Removed |Added

 Status|NEW |RESOLVED
 Resolution|--- |DUPLICATE

--- Comment #5 from Konstantin Kolinko  ---
See bug 56321. Update to 7.0.54 or later.

*** This bug has been marked as a duplicate of bug 56321 ***

-- 
You are receiving this mail because:
You are the assignee for the bug.

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 56321] ServletContextListener.contextDestroyed not completely executed when updating war

2014-10-21 Thread bugzilla 
https://issues.apache.org/bugzilla/show_bug.cgi?id=56321

Konstantin Kolinko  changed:

   What|Removed |Added

 CC||michael.baul...@knipp.de

--- Comment #8 from Konstantin Kolinko  ---
*** Bug 57122 has been marked as a duplicate of this bug. ***

-- 
You are receiving this mail because:
You are the assignee for the bug.

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 57122] class loading during remote deployment not working (NoClassDefFoundError)

2014-10-21 Thread bugzilla 
https://issues.apache.org/bugzilla/show_bug.cgi?id=57122

--- Comment #6 from Mark Thomas  ---
Looks like the classes are located in the web application. I was just about to
mark this as a duplicate as well but Konstantin beat me to it.

-- 
You are receiving this mail because:
You are the assignee for the bug.

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: [VOTE] Release Apache Tomcat Native 1.1.32

2014-10-21 Thread Konstantin Kolinko 
2014-10-21 13:05 GMT+04:00 Mark Thomas :
> Version 1.1.32 includes the following changes:
> - Add support for TLS v1.1 and TLS v1.2
> - Windows binaries built with APR 1.5.1 and OpenSSL 1.0.1j
>
> The proposed release artefacts can be found at [1],
> and the build was done using tag [2].
>
> Since this release is primarily to address security issues, I may end
> the vote earlier than 72 hours to speed up the process of getting Tomcat
> releases out that address CVE-2014-3566.
>
> The Apache Tomcat Native 1.1.31 is
>  [x] Stable, go ahead and release
>  [ ] Broken because of ...

Tested 32-bit OCSP and non-OCSP binaries with 32-bit JDK 7 on Windows
7 using APR connector tests in Tomcat 8 testsuite.  All tests passed
successfully.

Best regards,
Konstantin Kolinko

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

svn commit: r1633365 - in /tomcat/tc7.0.x/trunk: ./ webapps/docs/changelog.xml

2014-10-21 Thread kkolinko 
Author: kkolinko
Date: Tue Oct 21 12:59:35 2014
New Revision: 1633365

URL: http://svn.apache.org/r1633365
Log:
Update changelog for BZ 47919 per r1630407
It logs not just key env vars, but all of them, and logs command line arguments.
I am emphasizing CATALINA_OPTS, JAVA_OPTS, as that may be a security concern 
for somebody.
(It is not a real security concern, as those are expected to be visible in "ps" 
command output as well)

Modified:
tomcat/tc7.0.x/trunk/   (props changed)
tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml

Propchange: tomcat/tc7.0.x/trunk/
--
  Merged /tomcat/trunk:r1633346

Modified: tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml
URL: 
http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml?rev=1633365&r1=1633364&r2=1633365&view=diff
==
--- tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml Tue Oct 21 12:59:35 2014
@@ -60,8 +60,10 @@
 
   
 47919: Extend the information logged when Tomcat starts to
-optionally include (disabled by default) the values of key environment
-variables. (markt)  
+optionally log the values of command line arguments (enabled by
+default) and environment variables (disabled by default). Note that
+the values added to CATALINA_OPTS and JAVA_OPTS environment variables
+will be logged, as they are used to build up the command line. (markt)
   
   
 56401: Log version information when Tomcat starts.



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

svn commit: r1633369 - in /tomcat/trunk/java/org/apache/tomcat/util/net/jsse: JSSESocketFactory.java res/LocalStrings.properties

2014-10-21 Thread markt 
Author: markt
Date: Tue Oct 21 13:07:55 2014
New Revision: 1633369

URL: http://svn.apache.org/r1633369
Log:
Add some debug logging for excluded protocols

Modified:
tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java

tomcat/trunk/java/org/apache/tomcat/util/net/jsse/res/LocalStrings.properties

Modified: 
tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java?rev=1633369&r1=1633368&r2=1633369&view=diff
==
--- tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java 
(original)
+++ tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java 
Tue Oct 21 13:07:55 2014
@@ -134,6 +134,7 @@ public class JSSESocketFactory implement
 List filteredProtocols = new ArrayList<>();
 for (String protocol : socket.getEnabledProtocols()) {
 if (protocol.contains("SSL")) {
+log.debug(sm.getString("jsse.excludeDefaultProtocol", 
protocol));
 continue;
 }
 filteredProtocols.add(protocol);

Modified: 
tomcat/trunk/java/org/apache/tomcat/util/net/jsse/res/LocalStrings.properties
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/net/jsse/res/LocalStrings.properties?rev=1633369&r1=1633368&r2=1633369&view=diff
==
--- 
tomcat/trunk/java/org/apache/tomcat/util/net/jsse/res/LocalStrings.properties 
(original)
+++ 
tomcat/trunk/java/org/apache/tomcat/util/net/jsse/res/LocalStrings.properties 
Tue Oct 21 13:07:55 2014
@@ -24,6 +24,7 @@ jsse.unsupported_ciphers=Some specified 
 jsse.requested_protocols_not_supported=None of the SSL protocols specified are 
supported by the SSL engine : {0}
 jsse.enableable_protocols=Specified SSL protocols that are supported and 
enableable are : {0}
 jsse.unsupported_protocols=Some specified SSL protocols are not supported by 
the SSL engine : {0}
+jsse.excludeDefaultProtocol=The SSL protocol [{0}] which is enabled by default 
in this JRE was excluded from the defaults used by Tomcat
 jsseSupport.clientCertError=Error trying to obtain a certificate from the 
client
 jseeSupport.certTranslationError=Error translating certificate [{0}]
 jsseSupport.noCertWant=No client certificate sent for want



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

svn commit: r1633370 - in /tomcat/tc7.0.x/trunk: ./ java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java java/org/apache/tomcat/util/net/jsse/res/LocalStrings.properties

2014-10-21 Thread markt 
Author: markt
Date: Tue Oct 21 13:08:28 2014
New Revision: 1633370

URL: http://svn.apache.org/r1633370
Log:
Add some debug logging for excluded protocols

Modified:
tomcat/tc7.0.x/trunk/   (props changed)

tomcat/tc7.0.x/trunk/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java

tomcat/tc7.0.x/trunk/java/org/apache/tomcat/util/net/jsse/res/LocalStrings.properties

Propchange: tomcat/tc7.0.x/trunk/
--
  Merged /tomcat/trunk:r1633369

Modified: 
tomcat/tc7.0.x/trunk/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java
URL: 
http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java?rev=1633370&r1=1633369&r2=1633370&view=diff
==
--- 
tomcat/tc7.0.x/trunk/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java
 (original)
+++ 
tomcat/tc7.0.x/trunk/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java
 Tue Oct 21 13:08:28 2014
@@ -134,6 +134,7 @@ public class JSSESocketFactory implement
 List filteredProtocols = new ArrayList();
 for (String protocol : socket.getEnabledProtocols()) {
 if (protocol.contains("SSL")) {
+log.debug(sm.getString("jsse.excludeDefaultProtocol", 
protocol));
 continue;
 }
 filteredProtocols.add(protocol);

Modified: 
tomcat/tc7.0.x/trunk/java/org/apache/tomcat/util/net/jsse/res/LocalStrings.properties
URL: 
http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/tomcat/util/net/jsse/res/LocalStrings.properties?rev=1633370&r1=1633369&r2=1633370&view=diff
==
--- 
tomcat/tc7.0.x/trunk/java/org/apache/tomcat/util/net/jsse/res/LocalStrings.properties
 (original)
+++ 
tomcat/tc7.0.x/trunk/java/org/apache/tomcat/util/net/jsse/res/LocalStrings.properties
 Tue Oct 21 13:08:28 2014
@@ -24,6 +24,7 @@ jsse.unsupported_ciphers=Some specified 
 jsse.requested_protocols_not_supported=None of the SSL protocols specified are 
supported by the SSL engine : {0}
 jsse.enableable_protocols=Specified SSL protocols that are supported and 
enableable are : {0}
 jsse.unsupported_protocols=Some specified SSL protocols are not supported by 
the SSL engine : {0}
+jsse.excludeDefaultProtocol=The SSL protocol [{0}] which is enabled by default 
in this JRE was excluded from the defaults used by Tomcat
 jsseSupport.clientCertError=Error trying to obtain a certificate from the 
client
 jseeSupport.certTranslationError=Error translating certificate [{0}]
 jsseSupport.noCertWant=No client certificate sent for want



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 57122] class loading during remote deployment not working (NoClassDefFoundError)

2014-10-21 Thread bugzilla 
https://issues.apache.org/bugzilla/show_bug.cgi?id=57122

--- Comment #7 from michael.baul...@knipp.de ---
Yes, sorry, didn't see you question about the location of the classes. They are
located in the WEB-INF/lib folder.

-- 
You are receiving this mail because:
You are the assignee for the bug.

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

svn commit: r1633386 - /tomcat/tc6.0.x/trunk/STATUS.txt

2014-10-21 Thread markt 
Author: markt
Date: Tue Oct 21 14:20:49 2014
New Revision: 1633386

URL: http://svn.apache.org/r1633386
Log:
Update proposal

Modified:
tomcat/tc6.0.x/trunk/STATUS.txt

Modified: tomcat/tc6.0.x/trunk/STATUS.txt
URL: 
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/STATUS.txt?rev=1633386&r1=1633385&r2=1633386&view=diff
==
--- tomcat/tc6.0.x/trunk/STATUS.txt (original)
+++ tomcat/tc6.0.x/trunk/STATUS.txt Tue Oct 21 14:20:49 2014
@@ -58,7 +58,7 @@ PATCHES PROPOSED TO BACKPORT:
   -1:
 
 * Mitigate POODLE by disabling SSLv3 by default for JSSE
-  http://people.apache.org/~markt/patches/2014-10-17-poodle-tc6-v1.patch
+  http://people.apache.org/~markt/patches/2014-10-21-poodle-tc6-v2.patch
   +1: markt
   -1:
   -0: kkolinko: I think that JSSESocketFactory.getEnabledProtocols() shall
@@ -70,12 +70,13 @@ PATCHES PROPOSED TO BACKPORT:
 
I wish there were some debug logging to see what protocols are being
filtered out by "if (protocol.contains("SSL"))".
+   markt: Addressed in v2 patch
   -0: schultz; I agree with Konstantin's critique. Small adjustments to the
 proposal are in order. Additionally, the code for filtering protocols
 should probably be factored-out into a separte method to ensure
 the filtering stays consistent between the two methods that currently
 do it.
-
+   markt: Addressed in v2 patch
 
 * Mitigate POODLE by disabling SSLv3 by default for APR/native
   http://svn.apache.org/r1632586
@@ -97,7 +98,6 @@ PATCHES PROPOSED TO BACKPORT:
   Add support for TLSv1.1 and TLSv1.2 to APR connector.
   Back-port r1632606 from Tomcat 7.
   http://people.apache.org/~schultz/patches/53952.tc6.patch
-
   +1: schultz
   -1:
 



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 57116] Bio connector: Do not fallback to default protocol list if "sslEnabledProtocols" has no matches

2014-10-21 Thread bugzilla 
https://issues.apache.org/bugzilla/show_bug.cgi?id=57116

--- Comment #2 from Mark Thomas  ---
Updated patch proposed for 6.0.x to address this.

-- 
You are receiving this mail because:
You are the assignee for the bug.

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: [VOTE] Release Apache Tomcat Native 1.1.32

2014-10-21 Thread Christopher Schultz 
All,

On 10/21/14 5:05 AM, Mark Thomas wrote:
> Version 1.1.32 includes the following changes:
> - Add support for TLS v1.1 and TLS v1.2
> - Windows binaries built with APR 1.5.1 and OpenSSL 1.0.1j
> 
> The proposed release artifacts can be found at [1],
> and the build was done using tag [2].
> 
> Since this release is primarily to address security issues, I may end
> the vote earlier than 72 hours to speed up the process of getting Tomcat
> releases out that address CVE-2014-3566.
> 
> The Apache Tomcat Native 1.1.31 is
>  [ ] Stable, go ahead and release
>  [ ] Broken because of ...

Note that in order to test TLSv1.1 and TLSv1.2 with tcnative, you'll
have to be running Tomcat from subversion. No release version will allow
you to specify "TLSv1.2" for instance in SSLProtocol.

Using SSLProtocol="all" will still enable SSLv3, and using "TLSv1" also
enables SSLv3, so you can't properly test protocol support unless you
pull Tomcat from subversion.

-chris



signature.asc
Description: OpenPGP digital signature

Re: [VOTE] Release Apache Tomcat Native 1.1.32

2014-10-21 Thread Christopher Schultz 
All,

On 10/21/14 5:05 AM, Mark Thomas wrote:
> Version 1.1.32 includes the following changes:
> - Add support for TLS v1.1 and TLS v1.2
> - Windows binaries built with APR 1.5.1 and OpenSSL 1.0.1j
> 
> The proposed release artefacts can be found at [1],
> and the build was done using tag [2].
> 
> Since this release is primarily to address security issues, I may end
> the vote earlier than 72 hours to speed up the process of getting Tomcat
> releases out that address CVE-2014-3566.
> 
> The Apache Tomcat Native 1.1.31 is
>  [X] Stable, go ahead and release
>  [ ] Broken because of ...

Tested combinations of SSLv3, TLSv1, TLSv1.1, TLSv1.2 with Tomcat
8-trunk and all configured and responded as expected.

For instance, when using SSLProtocol="TLSv1+TLSv1.2", I can connect with
these protocol and cipher combinations from Java 7:

Supported Protocol Cipher Suite
 AcceptedTLSv1 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
 AcceptedTLSv1 TLS_RSA_WITH_AES_128_CBC_SHA
 AcceptedTLSv1 TLS_DHE_RSA_WITH_AES_128_CBC_SHA
 AcceptedTLSv1 TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
 AcceptedTLSv1 SSL_RSA_WITH_3DES_EDE_CBC_SHA
 AcceptedTLSv1 SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA
 Accepted  TLSv1.1 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
 Accepted  TLSv1.1 TLS_RSA_WITH_AES_128_CBC_SHA
 Accepted  TLSv1.1 TLS_DHE_RSA_WITH_AES_128_CBC_SHA
 Accepted  TLSv1.1 TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
 Accepted  TLSv1.1 SSL_RSA_WITH_3DES_EDE_CBC_SHA
 Accepted  TLSv1.1 SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA
 Accepted  TLSv1.2 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
 Accepted  TLSv1.2 TLS_RSA_WITH_AES_128_CBC_SHA256
 Accepted  TLSv1.2 TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
 Accepted  TLSv1.2 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
 Accepted  TLSv1.2 TLS_RSA_WITH_AES_128_CBC_SHA
 Accepted  TLSv1.2 TLS_DHE_RSA_WITH_AES_128_CBC_SHA
 Accepted  TLSv1.2 TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
 Accepted  TLSv1.2 SSL_RSA_WITH_3DES_EDE_CBC_SHA
 Accepted  TLSv1.2 SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA

No other protocol (SSLv2, SSLv3, TLSv1.1) were accepted and no other
cipher suites were accepted for either TLSv1 or TLSv1.2.

(I'm surprised there's not more overlap in the number of cipher suites
that Java 7 and OpenSSL support given those two protocols.)

Lightly tested AjpAprProtocol and HttpAprProtocol for regressions... all
seems well.

-chris



signature.asc
Description: OpenPGP digital signature

svn commit: r1633393 - /tomcat/tc6.0.x/trunk/STATUS.txt

2014-10-21 Thread schultz 
Author: schultz
Date: Tue Oct 21 15:12:27 2014
New Revision: 1633393

URL: http://svn.apache.org/r1633393
Log:
Revise vote

Modified:
tomcat/tc6.0.x/trunk/STATUS.txt

Modified: tomcat/tc6.0.x/trunk/STATUS.txt
URL: 
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/STATUS.txt?rev=1633393&r1=1633392&r2=1633393&view=diff
==
--- tomcat/tc6.0.x/trunk/STATUS.txt (original)
+++ tomcat/tc6.0.x/trunk/STATUS.txt Tue Oct 21 15:12:27 2014
@@ -59,7 +59,7 @@ PATCHES PROPOSED TO BACKPORT:
 
 * Mitigate POODLE by disabling SSLv3 by default for JSSE
   http://people.apache.org/~markt/patches/2014-10-21-poodle-tc6-v2.patch
-  +1: markt
+  +1: markt, schultz
   -1:
   -0: kkolinko: I think that JSSESocketFactory.getEnabledProtocols() shall
not return DEFAULT_SERVER_PROTOCOLS list in case if there are no
@@ -71,12 +71,12 @@ PATCHES PROPOSED TO BACKPORT:
I wish there were some debug logging to see what protocols are being
filtered out by "if (protocol.contains("SSL"))".
markt: Addressed in v2 patch
-  -0: schultz; I agree with Konstantin's critique. Small adjustments to the
-proposal are in order. Additionally, the code for filtering protocols
-should probably be factored-out into a separte method to ensure
-the filtering stays consistent between the two methods that currently
-do it.
-   markt: Addressed in v2 patch
+
+  schultz: it's not clear from the code what will happen if
+   DEFAULT_SERVER_PROTOCOLS remains null. Would it be more clear
+   to use an empty string array instead of null? I seem to recall
+   slightly different "null" behavior in Oracle/OpenJDK versus
+   IBM JVMs.
 
 * Mitigate POODLE by disabling SSLv3 by default for APR/native
   http://svn.apache.org/r1632586



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[GUMP@vmgump]: Project tomcat-trunk-test-apr (in module tomcat-trunk) failed

2014-10-21 Thread Bill Barker 
To whom it may engage...

This is an automated request, but not an unsolicited one. For 
more information please visit http://gump.apache.org/nagged.html, 
and/or contact the folk at gene...@gump.apache.org.

Project tomcat-trunk-test-apr has an issue affecting its community integration.
This issue affects 1 projects.
The current state of this project is 'Failed', with reason 'Build Failed'.
For reference only, the following projects are affected by this:
- tomcat-trunk-test-apr :  Tomcat 8.x, a web server implementing the Java 
Servlet 3.1,
...


Full details are available at:

http://vmgump.apache.org/gump/public/tomcat-trunk/tomcat-trunk-test-apr/index.html

That said, some information snippets are provided here.

The following annotations (debug/informational/warning/error messages) were 
provided:
 -DEBUG- Dependency on commons-daemon exists, no need to add for property 
commons-daemon.native.src.tgz.
 -DEBUG- Dependency on commons-daemon exists, no need to add for property 
tomcat-native.tar.gz.
 -INFO- Failed with reason build failed
 -INFO- Project Reports in: 
/srv/gump/public/workspace/tomcat-trunk/output/logs-APR
 -INFO- Project Reports in: 
/srv/gump/public/workspace/tomcat-trunk/output/test-tmp-APR/logs



The following work was performed:
http://vmgump.apache.org/gump/public/tomcat-trunk/tomcat-trunk-test-apr/gump_work/build_tomcat-trunk_tomcat-trunk-test-apr.html
Work Name: build_tomcat-trunk_tomcat-trunk-test-apr (Type: Build)
Work ended in a state of : Failed
Elapsed: 26 mins 3 secs
Command Line: /usr/lib/jvm/java-7-oracle/bin/java -Djava.awt.headless=true 
-Dbuild.sysclasspath=only org.apache.tools.ant.Main 
-Dgump.merge=/srv/gump/public/gump/work/merge.xml 
-Djunit.jar=/srv/gump/public/workspace/junit/target/junit-4.12-SNAPSHOT.jar 
-Dobjenesis.jar=/srv/gump/public/workspace/objenesis/main/target/objenesis-2.2-SNAPSHOT.jar
 -Dtest.reports=output/logs-APR 
-Dtomcat-native.tar.gz=/srv/gump/public/workspace/apache-commons/daemon/dist/bin/commons-daemon-20141021-native-src.tar.gz
 -Dexamples.sources.skip=true 
-Djdt.jar=/srv/gump/packages/eclipse/plugins/P20140317-1600/ecj-P20140317-1600.jar
 -Dtest.apr.loc=/srv/gump/public/workspace/tomcat-native/dest-20141021/lib 
-Dcommons-daemon.jar=/srv/gump/public/workspace/apache-commons/daemon/dist/commons-daemon-20141021.jar
 
-Dcommons-daemon.native.src.tgz=/srv/gump/public/workspace/apache-commons/daemon/dist/bin/commons-daemon-20141021-native-src.tar.gz
 -Dtest.temp=output/test-tmp-APR -Dtest.accesslog=true -Dexecute.test.nio=false
  
-Dtest.openssl.path=/srv/gump/public/workspace/openssl/dest-20141021/bin/openssl
 -Dexecute.test.apr=true -Dexecute.test.bio=false -Dexecute.test.nio2=false 
-Deasymock.jar=/srv/gump/public/workspace/easymock/easymock/target/easymock-3.3-SNAPSHOT.jar
 
-Dhamcrest.jar=/srv/gump/public/workspace/hamcrest/build/hamcrest-all-20141021.jar
 -Dcglib.jar=/srv/gump/packages/cglib/cglib-nodep-2.2.jar test 
[Working Directory: /srv/gump/public/workspace/tomcat-trunk]
CLASSPATH: 
/usr/lib/jvm/java-7-oracle/lib/tools.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/webapps/examples/WEB-INF/classes:/srv/gump/public/workspace/tomcat-trunk/output/testclasses:/srv/gump/public/workspace/ant/dist/lib/ant.jar:/srv/gump/public/workspace/ant/dist/lib/ant-launcher.jar:/srv/gump/public/workspace/ant/dist/lib/ant-jmf.jar:/srv/gump/public/workspace/ant/dist/lib/ant-junit.jar:/srv/gump/public/workspace/ant/dist/lib/ant-junit4.jar:/srv/gump/public/workspace/ant/dist/lib/ant-swing.jar:/srv/gump/public/workspace/ant/dist/lib/ant-apache-resolver.jar:/srv/gump/public/workspace/ant/dist/lib/ant-apache-xalan2.jar:/srv/gump/public/workspace/xml-commons/java/build/resolver.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/bin/bootstrap.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/bin/tomcat-juli.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/annotations-api.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/servlet-api.ja
 
r:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/jsp-api.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/el-api.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/websocket-api.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/catalina.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/catalina-ant.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/catalina-storeconfig.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/tomcat-coyote.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/jasper.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/jasper-el.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/catalina-tribes.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/catalina-ha.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/tomcat-api.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/tomcat-jni.jar:/srv/g

[Bug 57123] New: Update to Eclipse ECJ 4.4.1

2014-10-21 Thread bugzilla 
https://issues.apache.org/bugzilla/show_bug.cgi?id=57123

Bug ID: 57123
   Summary: Update to Eclipse ECJ 4.4.1
   Product: Tomcat 8
   Version: 8.0.14
  Hardware: PC
Status: NEW
  Severity: enhancement
  Priority: P2
 Component: Jasper
  Assignee: dev@tomcat.apache.org
  Reporter: knst.koli...@gmail.com

Eclipse 4.4.1 has been released. It is possible to update ECJ compiler from
current version 4.4 to 4.4.1.

Download page:
http://download.eclipse.org/eclipse/downloads/drops4/R-4.4.1-201409250400/
-> "JDT Core Batch Compiler"

(There have been a report about JSP compilation issue (crash) with the ECJ 4.4.
Unfortunately, updating to ecj-4.4.1 nor to a nightly does not fix that
particial issue. I filed a bug report upstream to Eclipse project:
https://bugs.eclipse.org/bugs/show_bug.cgi?id=448112
Thread at tomcat-users mailing list:
http://tomcat.markmail.org/thread/jblxumvub6o7nusr
)

(A warning: Regarding Eclipse IDE itself I would recommend against using
version 4.4.1 aka Luna SR1 as a development environment, because of known
regression that broke many components of the IDE,
https://bugs.eclipse.org/bugs/show_bug.cgi?id=445122#c7

This does not concern the ECJ compiler.
)

-- 
You are receiving this mail because:
You are the assignee for the bug.

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 57123] Update to Eclipse ECJ 4.4.1

2014-10-21 Thread bugzilla 
https://issues.apache.org/bugzilla/show_bug.cgi?id=57123

--- Comment #1 from Konstantin Kolinko  ---
Created attachment 32133
  --> https://issues.apache.org/bugzilla/attachment.cgi?id=32133&action=edit
2014-10-21_tc8_57123_ecj441.patch

Patch to update Tomcat 8 (trunk) to ECJ 4.4.1

-- 
You are receiving this mail because:
You are the assignee for the bug.

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Testing server SSL/TLS protocol and cipher support

2014-10-21 Thread Christopher Schultz 
All,

As part of my testing for the recent changes to Tomcat and tcnative, I
wanted to use something like "sslscan", but that tool does not support
anything above TLSv1.

One can use OpenSSL s_client but that's fairly tedious.

I took the opportunity to write a Java client that mimics the important
parts of sslscan's capabilities.

I'm posting it in case anyone wants to use it (or improve it). It's also
a good (I think) example of how to do a long of SSL-related stuff in Java.

I had originally written this using HttpsURLConnection but there are
some things you can't get from an HttpsURLConnection (like which
protocol was actually used when a connection is made) so I switched to
using more basic SSL sockets.

If you want to use this code to build something that works with
HttpsURLConnection, all you have to do is call
SSLUtils.getSSLSocketFactory() and pass the result to
HttpsURLConnection.setDefaultSSLSocketFactory().

Enjoy,
-chris
import java.io.IOException;
import java.net.InetSocketAddress;
import java.net.Socket;
import java.net.SocketTimeoutException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;

import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;

/**
 * A driver class to test a server's SSL/TLS support.
 * 
 * Usage: java SSLTest [opts] host[:port]
 * 
 * Try "java SSLTest -h" for help.
 * 
 * This tester will attempts to handshake with the target host with all
 * available protocols and ciphers and report which ones were accepted and
 * which were rejected. An HTTP connection is never fully made, so these
 * connections should not flood the host's access log with entries.
 * 
 * @author Christopher Schultz
 */
public class SSLTest
{
public static void usage()
{
System.out.println("Usage: java " + SSLTest.class + " [opts] 
host[:port]");
System.out.println();
System.out.println("-sslprotocol Sets the SSL/TLS 
protocol to be used (e.g. SSL, TLS, SSLv3, TLSv1.2, etc.)");
System.out.println("-enabledprotocols protocols  Sets individual 
SSL/TLS ptotocols that should be enabled");
System.out.println("-ciphers cipherspec  A comma-separated list 
of SSL/TLS ciphers");

System.out.println("-truststore  Sets the trust store 
for connections");
System.out.println("-truststoretype type Sets the type for the 
trust store");
System.out.println("-truststorepassword pass Sets the password for 
the trust store");
System.out.println("-truststorealgorithm alg Sets the algorithm for 
the trust store");
System.out.println("-truststoreprovider provider Sets the crypto 
provider for the trust store");

System.out.println("-no-check-certificateIgnores certificate 
errors");
System.out.println("-no-verify-hostname  Ignores hostname 
mismatches");

System.out.println("-h -help --help Shows this help message");
}

public static void main(String[] args)
throws Exception
{
int connectTimeout = 0; // default = infinite
int readTimeout = 1000;

boolean disableHostnameVerification = true;
boolean disableCertificateChecking = true;

String trustStoreFilename = 
System.getProperty("javax.net.ssl.trustStore");
String trustStorePassword = 
System.getProperty("javax.net.ssl.trustStorePassword");
String trustStoreType = 
System.getProperty("javax.net.ssl.trustStoreType");
String trustStoreProvider = 
System.getProperty("javax.net.ssl.trustStoreProvider");
String trustStoreAlgorithm = null;
String sslProtocol = "TLS";
String[] sslEnabledProtocols = new String[] { "TLSv1", "TLSv1.1", 
"TLSv1.2" };
String[] sslCipherSuites = null; // Default = default for protocol
String crlFilename = null;

if(args.length < 1)
{
usage();
System.exit(0);
}

int argIndex;
for(argIndex = 0; argIndex < args.length; ++argIndex)
{
String arg = args[argIndex];

if(!arg.startsWith("-"))
break;
else if("--".equals(arg))
break;
else if("-no-check-certificate".equals(arg))
disableCertificateChecking = true;
else if("-no-verify-hostname".equals(arg))
disableHostnameVerification = true;
else if("-sslprotocol".equals(arg))
sslProtocol = args[++argIndex];
else if("-enabledprotocols".equals(arg))
sslEnabledProtocols = args[++argIndex].split("\\s*,\\s*");
else if("-ciphers".equals(arg))
sslCipherSuites = args[++argIndex].split("\\s*,\\s*");
else if("-connecttimeout".equals(arg))
connectTimeout = Integer.parseInt(args[++argIndex]);

[Bug 57123] Update to Eclipse ECJ 4.4.1

2014-10-21 Thread bugzilla 
https://issues.apache.org/bugzilla/show_bug.cgi?id=57123

Konstantin Kolinko  changed:

   What|Removed |Added

 OS||All

--- Comment #2 from Konstantin Kolinko  ---
Tomcat 8:
- smoke testing: OK
- testsuite (Nio connector): OK

Thus ecj-4.4.1 can be used.

A pending question is update of jasper poms, as ecj-4.4.1.jar is not yet
available from Maven Central.
https://wiki.apache.org/tomcat/JDTCoreBatchCompiler

-- 
You are receiving this mail because:
You are the assignee for the bug.

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: Testing server SSL/TLS protocol and cipher support

2014-10-21 Thread Konstantin Kolinko 
2014-10-21 21:55 GMT+04:00 Christopher Schultz :
> All,
>
> As part of my testing for the recent changes to Tomcat and tcnative, I
> wanted to use something like "sslscan", but that tool does not support
> anything above TLSv1.
>
> One can use OpenSSL s_client but that's fairly tedious.

Here is a bash script that uses OpenSSL s_client enumerating all
available ciphers that are supported by that particular version of
OpenSSL:

http://superuser.com/a/224263
"Is there a tool that can test what SSL/TLS cipher suites a particular
website offers?"

Best regards,
Konstantin Kolinko

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: Testing server SSL/TLS protocol and cipher support

2014-10-21 Thread Christopher Schultz 
Konstantin,

On 10/21/14 2:18 PM, Konstantin Kolinko wrote:
> 2014-10-21 21:55 GMT+04:00 Christopher Schultz :
>> All,
>>
>> As part of my testing for the recent changes to Tomcat and tcnative, I
>> wanted to use something like "sslscan", but that tool does not support
>> anything above TLSv1.
>>
>> One can use OpenSSL s_client but that's fairly tedious.
> 
> Here is a bash script that uses OpenSSL s_client enumerating all
> available ciphers that are supported by that particular version of
> OpenSSL:
> 
> http://superuser.com/a/224263
> "Is there a tool that can test what SSL/TLS cipher suites a particular
> website offers?"

The script could be improved by trying the ciphers under each supported
protocol (e.g. TLSv1 versus TLSv1.1). That script can't distinguish
between being able to connect using SSLv3 and TLSv1, only the cipher
succeeds.

My Java code was written as an exercise also to be shared with the
community.

Thanks,
-chris



signature.asc
Description: OpenPGP digital signature

svn commit: r1633440 - in /tomcat/trunk: java/javax/el/ImportHandler.java test/javax/el/TestImportHandler.java webapps/docs/changelog.xml

2014-10-21 Thread markt 
Author: markt
Date: Tue Oct 21 19:26:01 2014
New Revision: 1633440

URL: http://svn.apache.org/r1633440
Log:
Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=57113
Fix broken package imports in Expression Language when more than one package 
was imported and the desired class was not in the last package imported.

Modified:
tomcat/trunk/java/javax/el/ImportHandler.java
tomcat/trunk/test/javax/el/TestImportHandler.java
tomcat/trunk/webapps/docs/changelog.xml

Modified: tomcat/trunk/java/javax/el/ImportHandler.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/javax/el/ImportHandler.java?rev=1633440&r1=1633439&r2=1633440&view=diff
==
--- tomcat/trunk/java/javax/el/ImportHandler.java (original)
+++ tomcat/trunk/java/javax/el/ImportHandler.java Tue Oct 21 19:26:01 2014
@@ -143,7 +143,10 @@ public class ImportHandler {
 // (which correctly triggers an error)
 for (String p : packages) {
 String className = p + '.' + name;
-result = findClass(className, true);
+Class clazz = findClass(className, true);
+if (clazz != null) {
+result = clazz;
+}
 }
 }
 

Modified: tomcat/trunk/test/javax/el/TestImportHandler.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/test/javax/el/TestImportHandler.java?rev=1633440&r1=1633439&r2=1633440&view=diff
==
--- tomcat/trunk/test/javax/el/TestImportHandler.java (original)
+++ tomcat/trunk/test/javax/el/TestImportHandler.java Tue Oct 21 19:26:01 2014
@@ -16,6 +16,8 @@
  */
 package javax.el;
 
+import java.util.ArrayList;
+
 import org.junit.Assert;
 import org.junit.Test;
 
@@ -64,6 +66,23 @@ public class TestImportHandler {
 
 
 /**
+ * Multiple package imports with a single match.
+ * https://issues.apache.org/bugzilla/show_bug.cgi?id=57113
+ */
+@Test
+public void testResolveClass04() {
+ImportHandler handler = new ImportHandler();
+
+handler.importPackage("java.util");
+handler.importPackage("java.net");
+
+Class clazz = handler.resolveClass("ArrayList");
+
+Assert.assertEquals(ArrayList.class, clazz);
+}
+
+
+/**
  * Import a valid class.
  */
 @Test

Modified: tomcat/trunk/webapps/docs/changelog.xml
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1633440&r1=1633439&r2=1633440&view=diff
==
--- tomcat/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/trunk/webapps/docs/changelog.xml Tue Oct 21 19:26:01 2014
@@ -191,6 +191,11 @@
 57099: Ensure that semi-colons are not permitted in JSP
 import page directives. (markt)
   
+  
+57113: Fix broken package imports in Expression Language 
when
+more than one package was imported and the desired class was not in the
+last package imported. (markt)
+  
 
   
   



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 57113] ImportHandler not returning class properly from resolveClass()

2014-10-21 Thread bugzilla 
https://issues.apache.org/bugzilla/show_bug.cgi?id=57113

Mark Thomas  changed:

   What|Removed |Added

 Status|NEW |RESOLVED
 Resolution|--- |FIXED
 OS||All

--- Comment #1 from Mark Thomas  ---
Thanks for the report. This has been fixed in 8.0.x for 8.0.15 onwards.

-- 
You are receiving this mail because:
You are the assignee for the bug.

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 53952] Add support for TLS 1.1 and 1.2

2014-10-21 Thread bugzilla 
https://issues.apache.org/bugzilla/show_bug.cgi?id=53952

--- Comment #44 from Christopher Schultz  ---
(In reply to Ralf Hauser from comment #43)
> I guess comment 30 ff. refers to 
> https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566  ?

Yes.

Patches are available for all supported versions of Tomcat as well as tcnative.
Voting is in process for tcnative 1.1.32 and I have voted to release
(successfully tested with Tomcat 8-trunk which will be Tomcat 8.0.15). Feedback
on the tcnative release candidate is welcome even for non-committers. Please
reply to the [VOTE] thread on dev@tomcat.apache.org for tcnative 1.1.32.

-- 
You are receiving this mail because:
You are the assignee for the bug.

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

svn commit: r1633447 - in /tomcat/trunk: java/org/apache/tomcat/util/descriptor/web/JspPropertyGroup.java webapps/docs/changelog.xml

2014-10-21 Thread markt 
Author: markt
Date: Tue Oct 21 20:21:08 2014
New Revision: 1633447

URL: http://svn.apache.org/r1633447
Log:
Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=57105
When parsing web.xml do not limit the buffer element of the jsp-property-group 
element to integer values as the allowed values are kb or none.

Modified:

tomcat/trunk/java/org/apache/tomcat/util/descriptor/web/JspPropertyGroup.java
tomcat/trunk/webapps/docs/changelog.xml

Modified: 
tomcat/trunk/java/org/apache/tomcat/util/descriptor/web/JspPropertyGroup.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/descriptor/web/JspPropertyGroup.java?rev=1633447&r1=1633446&r2=1633447&view=diff
==
--- 
tomcat/trunk/java/org/apache/tomcat/util/descriptor/web/JspPropertyGroup.java 
(original)
+++ 
tomcat/trunk/java/org/apache/tomcat/util/descriptor/web/JspPropertyGroup.java 
Tue Oct 21 20:21:08 2014
@@ -85,11 +85,11 @@ public class JspPropertyGroup {
 }
 public String getDefaultContentType() { return this.defaultContentType; }
 
-private Integer buffer = null;
+private String buffer = null;
 public void setBuffer(String buffer) {
-this.buffer = Integer.valueOf(buffer);
+this.buffer = buffer;
 }
-public Integer getBuffer() { return this.buffer; }
+public String getBuffer() { return this.buffer; }
 
 private Boolean errorOnUndeclaredNamespace = null;
 public void setErrorOnUndeclaredNamespace(

Modified: tomcat/trunk/webapps/docs/changelog.xml
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1633447&r1=1633446&r2=1633447&view=diff
==
--- tomcat/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/trunk/webapps/docs/changelog.xml Tue Oct 21 20:21:08 2014
@@ -156,6 +156,11 @@
 57089: Ensure that configuration of a session ID generator 
is
 not lost when a web application is reloaded. (markt)
   
+  
+57105: When parsing web.xml do not limit the buffer element
+of the jsp-property-group element to integer values as the allowed 
+values are kb or none. (markt)
+  
 
   
   



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

svn commit: r1633448 - /tomcat/trunk/java/org/apache/tomcat/util/descriptor/web/JspPropertyGroupDescriptorImpl.java

2014-10-21 Thread markt 
Author: markt
Date: Tue Oct 21 20:21:46 2014
New Revision: 1633448

URL: http://svn.apache.org/r1633448
Log:
Simplify. These values are already Strings.

Modified:

tomcat/trunk/java/org/apache/tomcat/util/descriptor/web/JspPropertyGroupDescriptorImpl.java

Modified: 
tomcat/trunk/java/org/apache/tomcat/util/descriptor/web/JspPropertyGroupDescriptorImpl.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/descriptor/web/JspPropertyGroupDescriptorImpl.java?rev=1633448&r1=1633447&r2=1633448&view=diff
==
--- 
tomcat/trunk/java/org/apache/tomcat/util/descriptor/web/JspPropertyGroupDescriptorImpl.java
 (original)
+++ 
tomcat/trunk/java/org/apache/tomcat/util/descriptor/web/JspPropertyGroupDescriptorImpl.java
 Tue Oct 21 20:21:46 2014
@@ -37,25 +37,13 @@ public class JspPropertyGroupDescriptorI
 
 @Override
 public String getBuffer() {
-String result = null;
-
-if (jspPropertyGroup.getBuffer() != null) {
-result = jspPropertyGroup.getBuffer().toString();
-}
-
-return result;
+return jspPropertyGroup.getBuffer();
 }
 
 
 @Override
 public String getDefaultContentType() {
-String result = null;
-
-if (jspPropertyGroup.getDefaultContentType() != null) {
-result = jspPropertyGroup.getDefaultContentType().toString();
-}
-
-return result;
+return jspPropertyGroup.getDefaultContentType();
 }
 
 
@@ -122,13 +110,7 @@ public class JspPropertyGroupDescriptorI
 
 @Override
 public String getPageEncoding() {
-String result = null;
-
-if (jspPropertyGroup.getPageEncoding() != null) {
-result = jspPropertyGroup.getPageEncoding().toString();
-}
-
-return result;
+return jspPropertyGroup.getPageEncoding();
 }
 
 



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

svn commit: r1633452 - in /tomcat/tc7.0.x/trunk: ./ java/org/apache/catalina/deploy/JspPropertyGroup.java webapps/docs/changelog.xml

2014-10-21 Thread markt 
Author: markt
Date: Tue Oct 21 20:33:51 2014
New Revision: 1633452

URL: http://svn.apache.org/r1633452
Log:
Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=57105
When parsing web.xml do not limit the buffer element of the jsp-property-group 
element to integer values as the allowed values are kb or none.

Modified:
tomcat/tc7.0.x/trunk/   (props changed)
tomcat/tc7.0.x/trunk/java/org/apache/catalina/deploy/JspPropertyGroup.java
tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml

Propchange: tomcat/tc7.0.x/trunk/
--
  Merged /tomcat/trunk:r1633447

Modified: 
tomcat/tc7.0.x/trunk/java/org/apache/catalina/deploy/JspPropertyGroup.java
URL: 
http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/catalina/deploy/JspPropertyGroup.java?rev=1633452&r1=1633451&r2=1633452&view=diff
==
--- tomcat/tc7.0.x/trunk/java/org/apache/catalina/deploy/JspPropertyGroup.java 
(original)
+++ tomcat/tc7.0.x/trunk/java/org/apache/catalina/deploy/JspPropertyGroup.java 
Tue Oct 21 20:33:51 2014
@@ -83,11 +83,11 @@ public class JspPropertyGroup {
 }
 public String getDefaultContentType() { return this.defaultContentType; }
 
-private Integer buffer = null;
+private String buffer = null;
 public void setBuffer(String buffer) {
-this.buffer = Integer.valueOf(buffer);
+this.buffer = buffer;
 }
-public Integer getBuffer() { return this.buffer; }
+public String getBuffer() { return this.buffer; }
 
 private Boolean errorOnUndeclaredNamespace = null;
 public void setErrorOnUndeclaredNamespace(

Modified: tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml
URL: 
http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml?rev=1633452&r1=1633451&r2=1633452&view=diff
==
--- tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml Tue Oct 21 20:33:51 2014
@@ -88,6 +88,11 @@
 information in the constructor since it then gets logged at undesirable
 times such as when using StoreConfig. (markt)
   
+  
+57105: When parsing web.xml do not limit the buffer element
+of the jsp-property-group element to integer values as the allowed 
+values are kb or none. (markt)
+  
 
   
   



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 57105] under in web.xml only accept integer which doesn't follow spec and cause jsp compile fail

2014-10-21 Thread bugzilla 
https://issues.apache.org/bugzilla/show_bug.cgi?id=57105

Mark Thomas  changed:

   What|Removed |Added

 Status|NEW |RESOLVED
 Resolution|--- |FIXED

--- Comment #3 from Mark Thomas  ---
Thanks for the report. This has been fixed in 8.0.x for 8.0.15 onwards and in
7.0.x for 7.0.57 onwards.

-- 
You are receiving this mail because:
You are the assignee for the bug.

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 57103] Download page should provide details on how to verify the downloads

2014-10-21 Thread bugzilla 
https://issues.apache.org/bugzilla/show_bug.cgi?id=57103

Mark Thomas  changed:

   What|Removed |Added

 Status|NEW |RESOLVED
 Resolution|--- |FIXED

--- Comment #5 from Mark Thomas  ---
Fixed. Should be live for all download pages by the time you read this.

-- 
You are receiving this mail because:
You are the assignee for the bug.

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

svn commit: r1633457 - in /tomcat/site/trunk: docs/download-60.html docs/download-70.html docs/download-80.html xdocs/download-60.xml xdocs/download-70.xml xdocs/download-80.xml

2014-10-21 Thread markt 
Author: markt
Date: Tue Oct 21 20:43:00 2014
New Revision: 1633457

URL: http://svn.apache.org/r1633457
Log:
Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=57103. Add verification 
link

Modified:
tomcat/site/trunk/docs/download-60.html
tomcat/site/trunk/docs/download-70.html
tomcat/site/trunk/docs/download-80.html
tomcat/site/trunk/xdocs/download-60.xml
tomcat/site/trunk/xdocs/download-70.xml
tomcat/site/trunk/xdocs/download-80.xml

Modified: tomcat/site/trunk/docs/download-60.html
URL: 
http://svn.apache.org/viewvc/tomcat/site/trunk/docs/download-60.html?rev=1633457&r1=1633456&r2=1633457&view=diff
==
--- tomcat/site/trunk/docs/download-60.html (original)
+++ tomcat/site/trunk/docs/download-60.html Tue Oct 21 20:43:00 2014
@@ -212,9 +212,10 @@
 Release Integrity
 
 
-You must verify the integrity of the downloaded files.
-We provide OpenPGP signatures for every release file.  This signature 
should
-be matched against the
+You must
+http://www.apache.org/info/verification.html";>verify the
+integrity of the downloaded files. We provide OpenPGP signatures for every
+release file.  This signature should be matched against the
 https://www.apache.org/dist/tomcat/tomcat-6/KEYS";>KEYS file
 which contains the OpenPGP keys of Tomcat's Release Managers. We also
 provide an MD5 checksum for every release file. After you

Modified: tomcat/site/trunk/docs/download-70.html
URL: 
http://svn.apache.org/viewvc/tomcat/site/trunk/docs/download-70.html?rev=1633457&r1=1633456&r2=1633457&view=diff
==
--- tomcat/site/trunk/docs/download-70.html (original)
+++ tomcat/site/trunk/docs/download-70.html Tue Oct 21 20:43:00 2014
@@ -212,9 +212,10 @@
 Release Integrity
 
 
-You must verify the integrity of the downloaded files.
-We provide OpenPGP signatures for every release file.  This signature 
should
-be matched against the
+You must
+http://www.apache.org/info/verification.html";>verify the
+integrity of the downloaded files. We provide OpenPGP signatures for every
+release file.  This signature should be matched against the
 https://www.apache.org/dist/tomcat/tomcat-7/KEYS";>KEYS file
 which contains the OpenPGP keys of Tomcat's Release Managers. We also
 provide an MD5 checksum for every release file. After you

Modified: tomcat/site/trunk/docs/download-80.html
URL: 
http://svn.apache.org/viewvc/tomcat/site/trunk/docs/download-80.html?rev=1633457&r1=1633456&r2=1633457&view=diff
==
--- tomcat/site/trunk/docs/download-80.html (original)
+++ tomcat/site/trunk/docs/download-80.html Tue Oct 21 20:43:00 2014
@@ -212,9 +212,10 @@
 Release Integrity
 
 
-You must verify the integrity of the downloaded files.
-We provide OpenPGP signatures for every release file.  This signature 
should
-be matched against the
+You must
+http://www.apache.org/info/verification.html";>verify the
+integrity of the downloaded files. We provide OpenPGP signatures for every
+release file.  This signature should be matched against the
 https://www.apache.org/dist/tomcat/tomcat-8/KEYS";>KEYS file
 which contains the OpenPGP keys of Tomcat's Release Managers. We also
 provide an MD5 checksum for every release file. After you

Modified: tomcat/site/trunk/xdocs/download-60.xml
URL: 
http://svn.apache.org/viewvc/tomcat/site/trunk/xdocs/download-60.xml?rev=1633457&r1=1633456&r2=1633457&view=diff
==
--- tomcat/site/trunk/xdocs/download-60.xml (original)
+++ tomcat/site/trunk/xdocs/download-60.xml Tue Oct 21 20:43:00 2014
@@ -24,9 +24,10 @@
 
 
   
-You must verify the integrity of the downloaded files.
-We provide OpenPGP signatures for every release file.  This signature 
should
-be matched against the
+You must
+http://www.apache.org/info/verification.html";>verify the
+integrity of the downloaded files. We provide OpenPGP signatures for every
+release file.  This signature should be matched against the
 https://www.apache.org/dist/tomcat/tomcat-6/KEYS";>KEYS file
 which contains the OpenPGP keys of Tomcat's Release Managers. We also
 provide an MD5 checksum for every release file. After you

Modified: tomcat/site/trunk/xdocs/download-70.xml
URL: 
http://svn.apache.org/viewvc/tomcat/site/trunk/xdocs/download-70.xml?rev=1633457&r1=1633456&r2=1633457&view=diff
==
--- tomcat/site/trunk/xdocs/download-70.xml (original)
+++ tomcat/site/trunk/xdocs/download-70.xml Tue Oct 21 20:43:00 2014
@@ -24,9 +24,10 @@
 
 
   
-You must verify the integrity of the downloaded files.
-We provide OpenPGP signatures for ever

svn commit: r1633474 - in /tomcat/site/trunk: docs/ xdocs/

2014-10-21 Thread kkolinko 
Author: kkolinko
Date: Tue Oct 21 21:58:26 2014
New Revision: 1633474

URL: http://svn.apache.org/r1633474
Log:
Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=57103
Add verify link to other download pages and use HTTPS for it. (Followup to 
r1633457)

Modified:
tomcat/site/trunk/docs/download-60.html
tomcat/site/trunk/docs/download-70.html
tomcat/site/trunk/docs/download-80.html
tomcat/site/trunk/docs/download-connectors.html
tomcat/site/trunk/docs/download-native.html
tomcat/site/trunk/docs/download-taglibs.html
tomcat/site/trunk/xdocs/download-60.xml
tomcat/site/trunk/xdocs/download-70.xml
tomcat/site/trunk/xdocs/download-80.xml
tomcat/site/trunk/xdocs/download-connectors.xml
tomcat/site/trunk/xdocs/download-native.xml
tomcat/site/trunk/xdocs/download-taglibs.xml

Modified: tomcat/site/trunk/docs/download-60.html
URL: 
http://svn.apache.org/viewvc/tomcat/site/trunk/docs/download-60.html?rev=1633474&r1=1633473&r2=1633474&view=diff
==
--- tomcat/site/trunk/docs/download-60.html (original)
+++ tomcat/site/trunk/docs/download-60.html Tue Oct 21 21:58:26 2014
@@ -213,7 +213,7 @@
 
 
 You must
-http://www.apache.org/info/verification.html";>verify the
+https://www.apache.org/info/verification.html";>verify the
 integrity of the downloaded files. We provide OpenPGP signatures for every
 release file.  This signature should be matched against the
 https://www.apache.org/dist/tomcat/tomcat-6/KEYS";>KEYS file

Modified: tomcat/site/trunk/docs/download-70.html
URL: 
http://svn.apache.org/viewvc/tomcat/site/trunk/docs/download-70.html?rev=1633474&r1=1633473&r2=1633474&view=diff
==
--- tomcat/site/trunk/docs/download-70.html (original)
+++ tomcat/site/trunk/docs/download-70.html Tue Oct 21 21:58:26 2014
@@ -213,7 +213,7 @@
 
 
 You must
-http://www.apache.org/info/verification.html";>verify the
+https://www.apache.org/info/verification.html";>verify the
 integrity of the downloaded files. We provide OpenPGP signatures for every
 release file.  This signature should be matched against the
 https://www.apache.org/dist/tomcat/tomcat-7/KEYS";>KEYS file

Modified: tomcat/site/trunk/docs/download-80.html
URL: 
http://svn.apache.org/viewvc/tomcat/site/trunk/docs/download-80.html?rev=1633474&r1=1633473&r2=1633474&view=diff
==
--- tomcat/site/trunk/docs/download-80.html (original)
+++ tomcat/site/trunk/docs/download-80.html Tue Oct 21 21:58:26 2014
@@ -213,7 +213,7 @@
 
 
 You must
-http://www.apache.org/info/verification.html";>verify the
+https://www.apache.org/info/verification.html";>verify the
 integrity of the downloaded files. We provide OpenPGP signatures for every
 release file.  This signature should be matched against the
 https://www.apache.org/dist/tomcat/tomcat-8/KEYS";>KEYS file

Modified: tomcat/site/trunk/docs/download-connectors.html
URL: 
http://svn.apache.org/viewvc/tomcat/site/trunk/docs/download-connectors.html?rev=1633474&r1=1633473&r2=1633474&view=diff
==
--- tomcat/site/trunk/docs/download-connectors.html (original)
+++ tomcat/site/trunk/docs/download-connectors.html Tue Oct 21 21:58:26 2014
@@ -334,9 +334,11 @@
 Verify the Integrity of the 
Files
 
 
-You must verify the integrity of the downloaded
-files. We provide OpenPGP signatures for every release file. This
-signature should be matched against the
+You must
+https://www.apache.org/info/verification.html";>verify
+the integrity of the downloaded files. We provide OpenPGP
+signatures for every release file. This signature should be matched
+against the
 https://www.apache.org/dist/tomcat/tomcat-connectors/KEYS";>KEYS file
 which contains the OpenPGP keys of Tomcat's Release Managers. We also
 provide MD5 and SHA1 checksums for every 
release file. After you

Modified: tomcat/site/trunk/docs/download-native.html
URL: 
http://svn.apache.org/viewvc/tomcat/site/trunk/docs/download-native.html?rev=1633474&r1=1633473&r2=1633474&view=diff
==
--- tomcat/site/trunk/docs/download-native.html (original)
+++ tomcat/site/trunk/docs/download-native.html Tue Oct 21 21:58:26 2014
@@ -379,9 +379,11 @@
 Verify the Integrity of the 
Files
 
 
-You must verify the integrity of the downloaded
-files. We provide OpenPGP signatures for every release file. This
-signature should be matched against the
+You must
+https://www.apache.org/info/verification.html";>verify
+the integrity of the downloaded files. We provide OpenPGP
+signatures for every

[Bug 53952] Add support for TLS 1.1 and 1.2

2014-10-21 Thread bugzilla 
https://issues.apache.org/bugzilla/show_bug.cgi?id=53952

--- Comment #45 from Mark Woon  ---
In reply to comment #43: yes.

I also agree with comment #33 - SSLv2 and SSLv3 should just be removed from the
options.

So glad to see that this is moving forward.

-- 
You are receiving this mail because:
You are the assignee for the bug.

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: [VOTE] Release Apache Tomcat Native 1.1.32

2014-10-21 Thread Mark Thomas 
On 21/10/2014 10:05, Mark Thomas wrote:
> Version 1.1.32 includes the following changes:
> - Add support for TLS v1.1 and TLS v1.2
> - Windows binaries built with APR 1.5.1 and OpenSSL 1.0.1j
> 
> The proposed release artefacts can be found at [1],
> and the build was done using tag [2].
> 
> Since this release is primarily to address security issues, I may end
> the vote earlier than 72 hours to speed up the process of getting Tomcat
> releases out that address CVE-2014-3566.

Just to note that we have enough votes to release this now but I am
planning on leaving the vote open until I am ready to tag the next 8.0.x
release. I have still have a couple of things to do for 8.0.x that I
hope to wrap up tomorrow.

Mark

> 
> The Apache Tomcat Native 1.1.31 is
>  [ ] Stable, go ahead and release
>  [ ] Broken because of ...
> 
> 
>  [1]
> https://dist.apache.org/repos/dist/dev/tomcat/tomcat-connectors/native/1.1.32/
>  [2]
> https://svn.apache.org/repos/asf/tomcat/native/tags/TOMCAT_NATIVE_1_1_32
> 
> -
> To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: dev-h...@tomcat.apache.org
> 


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

svn commit: r1633478 - in /tomcat/tc7.0.x/trunk: ./ build.xml webapps/docs/changelog.xml

2014-10-21 Thread kkolinko 
Author: kkolinko
Date: Tue Oct 21 22:51:35 2014
New Revision: 1633478

URL: http://svn.apache.org/r1633478
Log:
Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=57079
Use Tomcat version number for jdbc-pool module when building and shipping the 
module as part of Tomcat.

It is backport of r1632425 from tomcat/trunk.

Modified:
tomcat/tc7.0.x/trunk/   (props changed)
tomcat/tc7.0.x/trunk/build.xml
tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml

Propchange: tomcat/tc7.0.x/trunk/
--
  Merged /tomcat/trunk:r1632425

Modified: tomcat/tc7.0.x/trunk/build.xml
URL: 
http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/build.xml?rev=1633478&r1=1633477&r2=1633478&view=diff
==
--- tomcat/tc7.0.x/trunk/build.xml (original)
+++ tomcat/tc7.0.x/trunk/build.xml Tue Oct 21 22:51:35 2014
@@ -1021,6 +1021,9 @@
   
   
   
+  
+  
+  
 
 
   

Modified: tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml
URL: 
http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml?rev=1633478&r1=1633477&r2=1633478&view=diff
==
--- tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml Tue Oct 21 22:51:35 2014
@@ -170,6 +170,14 @@
   
 
   
+  
+
+  
+57079: Use Tomcat version number for jdbc-pool module when
+building and shipping the module as part of Tomcat. (markt/kkolinko)
+  
+
+  
   
 
   



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 57079] Use Tomcat version number in jdbc-pool manifest when building it as part of Tomcat

2014-10-21 Thread bugzilla 
https://issues.apache.org/bugzilla/show_bug.cgi?id=57079

--- Comment #2 from Konstantin Kolinko  ---
Backported to Tomcat 7 in r1633478 and will be in 7.0.57 onwards.

-- 
You are receiving this mail because:
You are the assignee for the bug.

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

svn commit: r1633484 - in /tomcat/tc7.0.x/trunk: ./ build.xml webapps/docs/changelog.xml

2014-10-21 Thread kkolinko 
Author: kkolinko
Date: Tue Oct 21 23:25:17 2014
New Revision: 1633484

URL: http://svn.apache.org/r1633484
Log:
Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=57079
When Eclipse Compiler JAR is updated, make sure to delete its old version from 
Tomcat lib directory.

It is backport of r1606114 from tomcat/trunk.

Modified:
tomcat/tc7.0.x/trunk/   (props changed)
tomcat/tc7.0.x/trunk/build.xml
tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml

Propchange: tomcat/tc7.0.x/trunk/
--
  Merged /tomcat/trunk:r1606114

Modified: tomcat/tc7.0.x/trunk/build.xml
URL: 
http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/build.xml?rev=1633484&r1=1633483&r2=1633484&view=diff
==
--- tomcat/tc7.0.x/trunk/build.xml (original)
+++ tomcat/tc7.0.x/trunk/build.xml Tue Oct 21 23:25:17 2014
@@ -1007,12 +1007,22 @@
   
 
 
+
+
+
+
+  
+
+
+  
+
+
+
 
 
 
 
-
 
 
 

Modified: tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml
URL: 
http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml?rev=1633484&r1=1633483&r2=1633484&view=diff
==
--- tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml Tue Oct 21 23:25:17 2014
@@ -189,6 +189,11 @@
 Fix timestamps in Tomcat build and jdbc-pool to use 24-hour format
 instead of 12-hour one and use UTC timezone. (markt/kkolinko)
   
+  
+Improve Tomcat build script to ensure that only one ecj-nn.jar file
+is present in Tomcat lib directory when Eclipse JDT
+Compiler is updated to a new version. (kkolinko)
+  
 
   
 



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: [VOTE] Release Apache Tomcat Native 1.1.32

2014-10-21 Thread Christopher Schultz 
Mark,

On 10/21/14 6:11 PM, Mark Thomas wrote:
> On 21/10/2014 10:05, Mark Thomas wrote:
>> Version 1.1.32 includes the following changes:
>> - Add support for TLS v1.1 and TLS v1.2
>> - Windows binaries built with APR 1.5.1 and OpenSSL 1.0.1j
>>
>> The proposed release artefacts can be found at [1],
>> and the build was done using tag [2].
>>
>> Since this release is primarily to address security issues, I may end
>> the vote earlier than 72 hours to speed up the process of getting Tomcat
>> releases out that address CVE-2014-3566.
> 
> Just to note that we have enough votes to release this now but I am
> planning on leaving the vote open until I am ready to tag the next 8.0.x
> release.

+1

Since tcnative really requires the update to Tomcat as well, rushing a
tcnative release doesn't help if we will have to wait for Tomcat 7/8
releases as well.

> I have still have a couple of things to do for 8.0.x that I
> hope to wrap up tomorrow.

Great. I'll be ready for a vote whenever you post it.

-chris



signature.asc
Description: OpenPGP digital signature

svn commit: r1633489 - in /tomcat/tc7.0.x/trunk: ./ webapps/docs/changelog.xml webapps/examples/WEB-INF/web.xml webapps/examples/jsp/chat/ webapps/examples/jsp/index.html webapps/examples/servlets/cha

2014-10-21 Thread kkolinko 
Author: kkolinko
Date: Tue Oct 21 23:55:32 2014
New Revision: 1633489

URL: http://svn.apache.org/r1633489
Log:
Move Async and Comet examples from JSP examples page to Servlets examples page,
like it have already been done in Tomcat 8.

Merged r1518578, r1518581, r1518589 from tomcat/trunk.

Added:
tomcat/tc7.0.x/trunk/webapps/examples/servlets/chat/
  - copied from r1518589, tomcat/trunk/webapps/examples/servlets/chat/
Removed:
tomcat/tc7.0.x/trunk/webapps/examples/jsp/chat/
Modified:
tomcat/tc7.0.x/trunk/   (props changed)
tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml
tomcat/tc7.0.x/trunk/webapps/examples/WEB-INF/web.xml
tomcat/tc7.0.x/trunk/webapps/examples/jsp/index.html
tomcat/tc7.0.x/trunk/webapps/examples/servlets/index.html

Propchange: tomcat/tc7.0.x/trunk/
--
  Merged /tomcat/trunk:r1518578,1518581,1518589

Modified: tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml
URL: 
http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml?rev=1633489&r1=1633488&r2=1633489&view=diff
==
--- tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml Tue Oct 21 23:55:32 2014
@@ -168,6 +168,10 @@
 Correct version of Java WebSocket mentioned in documentation
 (s/1.0/1.1/). (markt/kkolinko)
   
+  
+In examples web application move Async and Comet examples from JSP
+to Servlet examples page. (kkolinko)
+  
 
   
   

Modified: tomcat/tc7.0.x/trunk/webapps/examples/WEB-INF/web.xml
URL: 
http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/webapps/examples/WEB-INF/web.xml?rev=1633489&r1=1633488&r2=1633489&view=diff
==
--- tomcat/tc7.0.x/trunk/webapps/examples/WEB-INF/web.xml (original)
+++ tomcat/tc7.0.x/trunk/webapps/examples/WEB-INF/web.xml Tue Oct 21 23:55:32 
2014
@@ -157,7 +157,7 @@
 
 
 ChatServlet
-/jsp/chat/chat
+/servlets/chat/chat
 
 
 CompressionFilterTestServlet

Modified: tomcat/tc7.0.x/trunk/webapps/examples/jsp/index.html
URL: 
http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/webapps/examples/jsp/index.html?rev=1633489&r1=1633488&r2=1633489&view=diff
==
--- tomcat/tc7.0.x/trunk/webapps/examples/jsp/index.html (original)
+++ tomcat/tc7.0.x/trunk/webapps/examples/jsp/index.html Tue Oct 21 23:55:32 
2014
@@ -392,63 +392,6 @@ ght=24 width=24 align=TOP>
 is configured to have these roles.
 
 
-
-  Servlet 3.0 Asynchronous processing examples 
-Examples that demonstrate using Servlet 3.0 asynchronous
-request processing API.
-
-
-  async0 
-  
- Execute
-  
-  
-
-
-  async1 
-  
- Execute
-  
-  
-
-
-  async2 
-  
- Execute
-  
-  
-
-
-  async3 
-  
- Execute
-  
-  
-
-
-  stockticker 
-  
- Execute
-  
-  
-
-
-
-  Comet processing example 
-Example that demonstrates asynchronous request processing
-using Comet API. See "Advanced IO" chapter in the
-User Guide for details. It works only with connectors that support
-Comet processing (APR or NIO
-HTTP connectors).
-
-
-  Comet Chat 
-  
- 
Execute
-  
-  
-
-
 
 
 

Modified: tomcat/tc7.0.x/trunk/webapps/examples/servlets/index.html
URL: 
http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/webapps/examples/servlets/index.html?rev=1633489&r1=1633488&r2=1633489&view=diff
==
--- tomcat/tc7.0.x/trunk/webapps/examples/servlets/index.html (original)
+++ tomcat/tc7.0.x/trunk/webapps/examples/servlets/index.html Tue Oct 21 
23:55:32 2014
@@ -116,6 +116,65 @@ when looking at the cookie demo.
 Note: The source code for these examples does not contain all of the
 source code that is actually in the example, only the important sections
 of code. Code not important to understand the example has been removed
-for clarity.
+for clarity.
+
+Other Examples
+
+
+
+  Servlet 3.0 Asynchronous processing examples:
+
+
+  async0 
+  
+ Execute
+  
+  
+
+
+  async1 
+  
+ Execute
+  
+  
+
+
+  async2 
+  
+ Execute
+  
+  
+
+
+  async3 
+  
+ Execute
+  
+  
+
+
+  stockticker 
+  
+ Execute
+  
+  
+
+
+
+  Comet processing example:
+See the "Advanced IO" chapter in the User Guide for
+details. This example only works with the HTTP NIO or HTTP APR/native
+connectors as these are the only connectors that support Comet.
+
+
+  Comet Chat 
+  
+ 
Execute
+  
+  
+
+
+
+
 
 



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

svn commit: r1633500 - in /tomcat/trunk: build.xml webapps/docs/changelog.xml

2014-10-21 Thread kkolinko 
Author: kkolinko
Date: Wed Oct 22 00:40:56 2014
New Revision: 1633500

URL: http://svn.apache.org/r1633500
Log:
Suppress timestamp comment in generated Javadoc. Such as


Those comments result in one changed line per each HTML file,
which makes the diff between different versions of documentation unnecessary 
huge.

Documentation:
http://docs.oracle.com/javase/7/docs/technotes/tools/solaris/javadoc.html#standard

Modified:
tomcat/trunk/build.xml
tomcat/trunk/webapps/docs/changelog.xml

Modified: tomcat/trunk/build.xml
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/build.xml?rev=1633500&r1=1633499&r2=1633500&view=diff
==
--- tomcat/trunk/build.xml (original)
+++ tomcat/trunk/build.xml Wed Oct 22 00:40:56 2014
@@ -1875,7 +1875,7 @@ Apache Tomcat ${version} native binaries
   header="Servlet 3.1 - Apache Tomcat ${version}"
   bottom="Copyright © 2000-${year} Apache Software Foundation. 
All Rights Reserved."
   encoding="ISO-8859-1"
-  additionalparam="-breakiterator"
+  additionalparam="-breakiterator -notimestamp"
   maxmemory="256m" >
   
 
@@ -1892,7 +1892,7 @@ Apache Tomcat ${version} native binaries
   header="JSP 2.3 - Apache Tomcat ${version}"
   bottom="Copyright © 2000-${year} Apache Software Foundation. 
All Rights Reserved."
   encoding="ISO-8859-1"
-  additionalparam="-breakiterator"
+  additionalparam="-breakiterator -notimestamp"
   maxmemory="256m" >
   
 
@@ -1909,7 +1909,7 @@ Apache Tomcat ${version} native binaries
   header="EL 3.0 - Apache Tomcat ${version}"
   bottom="Copyright © 2000-${year} Apache Software Foundation. 
All Rights Reserved."
   encoding="ISO-8859-1"
-  additionalparam="-breakiterator"
+  additionalparam="-breakiterator -notimestamp"
   maxmemory="256m" >
   
 
@@ -1926,7 +1926,7 @@ Apache Tomcat ${version} native binaries
   header="WebSocket 1.1 - Apache Tomcat ${version}"
   bottom="Copyright © 2000-${year} Apache Software Foundation. 
All Rights Reserved."
   encoding="ISO-8859-1"
-  additionalparam="-breakiterator"
+  additionalparam="-breakiterator -notimestamp"
   maxmemory="256m" >
   
 
@@ -1942,7 +1942,7 @@ Apache Tomcat ${version} native binaries
   header="Apache Tomcat ${version}"
   bottom="Copyright © 2000-${year} Apache Software Foundation. 
All Rights Reserved."
   encoding="ISO-8859-1"
-  additionalparam="-breakiterator"
+  additionalparam="-breakiterator -notimestamp"
   maxmemory="256m" >
   
 

Modified: tomcat/trunk/webapps/docs/changelog.xml
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1633500&r1=1633499&r2=1633500&view=diff
==
--- tomcat/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/trunk/webapps/docs/changelog.xml Wed Oct 22 00:40:56 2014
@@ -258,6 +258,9 @@
 Correct version of Java WebSocket mentioned in documentation
 (s/1.0/1.1/). (markt/kkolinko)
   
+  
+Suppress timestamp comments in Javadoc. (kkolinko)
+  
 
   
   



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[GUMP@vmgump]: Project tomcat-trunk-validate (in module tomcat-trunk) failed

2014-10-21 Thread Bill Barker 
To whom it may engage...

This is an automated request, but not an unsolicited one. For 
more information please visit http://gump.apache.org/nagged.html, 
and/or contact the folk at gene...@gump.apache.org.

Project tomcat-trunk-validate has an issue affecting its community integration.
This issue affects 1 projects,
 and has been outstanding for 27 runs.
The current state of this project is 'Failed', with reason 'Build Failed'.
For reference only, the following projects are affected by this:
- tomcat-trunk-validate :  Tomcat 8.x, a web server implementing the Java 
Servlet 3.1,
...


Full details are available at:

http://vmgump.apache.org/gump/public/tomcat-trunk/tomcat-trunk-validate/index.html

That said, some information snippets are provided here.

The following annotations (debug/informational/warning/error messages) were 
provided:
 -DEBUG- Dependency on checkstyle exists, no need to add for property 
checkstyle.jar.
 -INFO- Failed with reason build failed



The following work was performed:
http://vmgump.apache.org/gump/public/tomcat-trunk/tomcat-trunk-validate/gump_work/build_tomcat-trunk_tomcat-trunk-validate.html
Work Name: build_tomcat-trunk_tomcat-trunk-validate (Type: Build)
Work ended in a state of : Failed
Elapsed: 21 secs
Command Line: /usr/lib/jvm/java-7-oracle/bin/java -Djava.awt.headless=true 
-Dbuild.sysclasspath=only org.apache.tools.ant.Main 
-Dgump.merge=/srv/gump/public/gump/work/merge.xml 
-Dcheckstyle.jar=/srv/gump/public/workspace/checkstyle/target/checkstyle-6.0-SNAPSHOT.jar
 -Dexecute.validate=true validate 
[Working Directory: /srv/gump/public/workspace/tomcat-trunk]
CLASSPATH: 
/usr/lib/jvm/java-7-oracle/lib/tools.jar:/srv/gump/public/workspace/ant/dist/lib/ant.jar:/srv/gump/public/workspace/ant/dist/lib/ant-launcher.jar:/srv/gump/public/workspace/ant/dist/lib/ant-jmf.jar:/srv/gump/public/workspace/ant/dist/lib/ant-junit.jar:/srv/gump/public/workspace/ant/dist/lib/ant-junit4.jar:/srv/gump/public/workspace/ant/dist/lib/ant-swing.jar:/srv/gump/public/workspace/ant/dist/lib/ant-apache-resolver.jar:/srv/gump/public/workspace/ant/dist/lib/ant-apache-xalan2.jar:/srv/gump/public/workspace/xml-commons/java/build/resolver.jar:/srv/gump/packages/antlr/antlr-3.1.3.jar:/srv/gump/public/workspace/checkstyle/target/checkstyle-6.0-SNAPSHOT.jar:/srv/gump/public/workspace/apache-commons/beanutils/dist/commons-beanutils-20141022.jar:/srv/gump/public/workspace/apache-commons/cli/target/commons-cli-1.3-SNAPSHOT.jar:/srv/gump/public/workspace/commons-collections-3.x/target/commons-collections-3.3-SNAPSHOT.jar:/srv/gump/public/workspace/apache-commons/exec/target/comm
 
ons-exec-1.3-SNAPSHOT.jar:/srv/gump/public/workspace/apache-commons/logging/target/commons-logging-20141022.jar:/srv/gump/public/workspace/apache-commons/logging/target/commons-logging-api-20141022.jar:/srv/gump/public/workspace/apache-commons/validator/dist/commons-validator-20141022.jar:/srv/gump/public/workspace/google-guava/guava/target/guava-19.0-SNAPSHOT.jar
-
Buildfile: /srv/gump/public/workspace/tomcat-trunk/build.xml

build-prepare:
   [delete] Deleting directory 
/srv/gump/public/workspace/tomcat-trunk/output/build/temp
[mkdir] Created dir: 
/srv/gump/public/workspace/tomcat-trunk/output/build/temp

compile-prepare:

download-validate:

testexist:
 [echo] Testing  for 
/srv/gump/public/workspace/checkstyle/target/checkstyle-6.0-SNAPSHOT.jar

setproxy:

downloadzip:

validate:
[mkdir] Created dir: 
/srv/gump/public/workspace/tomcat-trunk/output/res/checkstyle
[checkstyle] Running Checkstyle 6.0-SNAPSHOT on 2915 files
[checkstyle] 
/srv/gump/public/workspace/tomcat-trunk/webapps/docs/changelog.xml:161: Line 
matches the illegal pattern '\s+$'.

BUILD FAILED
/srv/gump/public/workspace/tomcat-trunk/build.xml:542: Got 1 errors and 0 
warnings.

Total time: 21 seconds
-

To subscribe to this information via syndicated feeds:
- RSS: 
http://vmgump.apache.org/gump/public/tomcat-trunk/tomcat-trunk-validate/rss.xml
- Atom: 
http://vmgump.apache.org/gump/public/tomcat-trunk/tomcat-trunk-validate/atom.xml

== Gump Tracking Only ===
Produced by Apache Gump(TM) version 2.3.
Gump Run 20141022000104, vmgump.apache.org:vmgump:20141022000104
Gump E-mail Identifier (unique within run) #5.

--
Apache Gump
http://gump.apache.org/ [Instance: vmgump]

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 57129] New: Regression. Load WEB-INF/lib jarfiles in alphabetical order

2014-10-21 Thread bugzilla 
https://issues.apache.org/bugzilla/show_bug.cgi?id=57129

Bug ID: 57129
   Summary: Regression. Load WEB-INF/lib jarfiles in alphabetical
order
   Product: Tomcat 8
   Version: trunk
  Hardware: PC
OS: Linux
Status: NEW
  Severity: normal
  Priority: P2
 Component: Catalina
  Assignee: dev@tomcat.apache.org
  Reporter: j...@jorgenpersson.se

When the classpath are created for the webapp classloader, the ordering of the
jar files are not the same in Tomcat7 vs Tomcat8. 

This is due to that in Tomcat7, the FileDirContext.list(File) method sorts the
jar files in the WEB-ING/lib folder alpabetically:
...
Arrays.sort(names); // Sort alphabetically
NamingEntry entry = null;

for (int i = 0; i < names.length; i++) {
...

The new design in Tomcat8 does not do this. I've identified two places where
WEB-INF/lib is read:
StandardRoot.list(String, boolean)
and
DirResourceSet.listWebAppPaths(String)

Even though it is not a requirement that the entries are ordered
alphabetically, it would be nice if they were. And there is no harm in doing it
for web applications that does not depend on classpath ordering.

I've attached a patch file, tomcat8.patch, based on tomcat8 trunk (@ rev.
1633538).

-- 
You are receiving this mail because:
You are the assignee for the bug.

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 57129] Regression. Load WEB-INF/lib jarfiles in alphabetical order

2014-10-21 Thread bugzilla 
https://issues.apache.org/bugzilla/show_bug.cgi?id=57129

--- Comment #1 from Jörgen Persson  ---
Created attachment 32134
  --> https://issues.apache.org/bugzilla/attachment.cgi?id=32134&action=edit
Adds Arrays.sort(...) in the two identified methods

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org