[Bug 59134] New: Secure websocket connection through a proxy is not ok
https://bz.apache.org/bugzilla/show_bug.cgi?id=59134 Bug ID: 59134 Summary: Secure websocket connection through a proxy is not ok Product: Tomcat 8 Version: trunk Hardware: PC Status: NEW Severity: normal Priority: P2 Component: WebSocket Assignee: dev@tomcat.apache.org Reporter: zra...@gmail.com I have been trying to open a wss connection through a http proxy, and I always got the following exception: ... Caused by: javax.websocket.DeploymentException: The HTTP request to initiate the WebSocket connection failed ... Caused by: java.io.EOFException: null ... Looking at network traffic shows that the proxy connect request is sent, proxy connection is established and then a plain GET request is sent instead of the SSL handshake. Debugging in the WsWebSocketContainer::connectToServer() shows that there is a secure flag, to indicate whether an SSL connection is needed, but it never gets true when the connection is through a proxy. http://svn.apache.org/repos/asf/tomcat/trunk/java/org/apache/tomcat/websocket/WsWebSocketContainer.java public Session connectToServer(Endpoint endpoint, ClientEndpointConfig clientEndpointConfiguration, URI path) throws DeploymentException ... boolean secure = false ... if (sa == null) { if (port == -1) { if ("ws".equalsIgnoreCase(scheme)) { sa = new InetSocketAddress(host, 80); } else { // Must be wss due to scheme validation above sa = new InetSocketAddress(host, 443); secure = true; } } else { if ("wss".equalsIgnoreCase(scheme)) { secure = true; } sa = new InetSocketAddress(host, port); } } else { proxyConnect = createProxyRequest(host, port); } ... -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: svn commit: r1733827 - /tomcat/native/trunk/native/srclib/openssl/openssl-msvcrt.patch
Am 07.03.2016 um 08:27 schrieb Mark Thomas: On 06/03/2016 18:46, rj...@apache.org wrote: Author: rjung Date: Sun Mar 6 18:46:46 2016 New Revision: 1733827 URL: http://svn.apache.org/viewvc?rev=1733827&view=rev Log: Update OpenSSL patch for OpenSSL 1.0.2g. Why was this necessary? I built 1.2.5 with 1.0.2g on Windows without this patch. The srclib/BUILDING file contains: "Apply openssl-msvcrt.patch This patch makes sure that static version of OpenSSL libraries is linked to msvcrt.dll instead statically linking msvcrt. Without that patch it won't be possible to create statically linked Tomcat native .dll" And I followed this procedure. The patch seems to cover two areas: - making sure to link in the MSVC runtime library dynamically (see https://msdn.microsoft.com/de-de/library/2kzt1wy3.aspx) I didn't check, whether the above reasoning for a need of this is correct. - allowing to add further dependency libs via "EXTRA_LIBS" I will retry with the patch to check the differences. IMHO I didn't use any EXTRA_LIBS. Or was your question, why the update for the patch was needed? I got a reject file for the original patch. Regards, Rainer - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: svn commit: r1733827 - /tomcat/native/trunk/native/srclib/openssl/openssl-msvcrt.patch
On 07/03/2016 08:54, Rainer Jung wrote: > Am 07.03.2016 um 08:27 schrieb Mark Thomas: >> On 06/03/2016 18:46, rj...@apache.org wrote: >>> Author: rjung >>> Date: Sun Mar 6 18:46:46 2016 >>> New Revision: 1733827 >>> >>> URL: http://svn.apache.org/viewvc?rev=1733827&view=rev >>> Log: >>> Update OpenSSL patch for OpenSSL 1.0.2g. >> >> Why was this necessary? I built 1.2.5 with 1.0.2g on Windows without >> this patch. > Or was your question, why the update for the patch was needed? I got a > reject file for the original patch. That was my question. I didn't read the diff closely enough. I thought you were changing what the patch did, not updating it for 1.0.2g. I'm in the middle of building with APR 1.5.2 and OpenSSL 1.0.2g. I'll post the results as soon as I have them. Mark - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: [VOTE] Release Apache Tomcat Native 1.2.5
On 02/03/2016 13:43, Mark Thomas wrote: > Version 1.2.4 includes the following changes: > > - Report runtime rather than compile time version for OpenSSL > - Fixes to allow continued building with master > > The proposed release artefacts can be found at [1], > and the build was done using tag [2]. > > The Apache Tomcat Native 1.2.5 is > [ ] Stable, go ahead and release > [ ] Broken because of ... Ping. We have 2 PMC +1 votes for this but we need a third to get this release out of the door. Thanks, Mark - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[GUMP@vmgump]: Project tomcat-tc8.0.x-test-apr (in module tomcat-8.0.x) failed
To whom it may engage... This is an automated request, but not an unsolicited one. For more information please visit http://gump.apache.org/nagged.html, and/or contact the folk at gene...@gump.apache.org. Project tomcat-tc8.0.x-test-apr has an issue affecting its community integration. This issue affects 1 projects. The current state of this project is 'Failed', with reason 'Build Timed Out'. For reference only, the following projects are affected by this: - tomcat-tc8.0.x-test-apr : Tomcat 8.x, a web server implementing the Java Servlet 3.1, ... Full details are available at: http://vmgump.apache.org/gump/public/tomcat-8.0.x/tomcat-tc8.0.x-test-apr/index.html That said, some information snippets are provided here. The following annotations (debug/informational/warning/error messages) were provided: -DEBUG- Dependency on commons-daemon exists, no need to add for property commons-daemon.native.src.tgz. -DEBUG- Dependency on commons-daemon exists, no need to add for property tomcat-native.tar.gz. -INFO- Failed with reason build timed out -INFO- Project Reports in: /srv/gump/public/workspace/tomcat-8.0.x/output/logs-APR -INFO- Project Reports in: /srv/gump/public/workspace/tomcat-8.0.x/output/test-tmp-APR/logs -WARNING- No directory [/srv/gump/public/workspace/tomcat-8.0.x/output/test-tmp-APR/logs] The following work was performed: http://vmgump.apache.org/gump/public/tomcat-8.0.x/tomcat-tc8.0.x-test-apr/gump_work/build_tomcat-8.0.x_tomcat-tc8.0.x-test-apr.html Work Name: build_tomcat-8.0.x_tomcat-tc8.0.x-test-apr (Type: Build) Work ended in a state of : Failed Elapsed: 1 hour 2 secs Command Line: /usr/lib/jvm/java-8-oracle/bin/java -Djava.awt.headless=true -Dbuild.sysclasspath=only org.apache.tools.ant.Main -Dgump.merge=/srv/gump/public/gump/work/merge.xml -Djunit.jar=/srv/gump/public/workspace/junit/target/junit-4.13-SNAPSHOT.jar -Dobjenesis.jar=/srv/gump/public/workspace/objenesis/main/target/objenesis-2.3-SNAPSHOT.jar -Dtest.reports=output/logs-APR -Dtomcat-native.tar.gz=/srv/gump/public/workspace/apache-commons/daemon/dist/bin/commons-daemon-20160307-native-src.tar.gz -Dexamples.sources.skip=true -Dbase.path=/srv/gump/public/workspace/tomcat-8.0.x/tomcat-build-libs -Djdt.jar=/srv/gump/packages/eclipse/plugins/R-4.5-201506032000/ecj-4.5.jar -Dtest.apr.loc=/srv/gump/public/workspace/tomcat-native/dest-20160307/lib -Dcommons-daemon.jar=/srv/gump/public/workspace/apache-commons/daemon/dist/commons-daemon-20160307.jar -Dcommons-daemon.native.src.tgz=/srv/gump/public/workspace/apache-commons/daemon/dist/bin/commons-daemon-20160307-native-src.tar.gz -Dtest.temp=out put/test-tmp-APR -Dtest.accesslog=true -Dexecute.test.nio=false -Dtest.openssl.path=/srv/gump/public/workspace/openssl-1.0.2/dest-20160307/bin/openssl -Dexecute.test.bio=false -Dexecute.test.apr=true -Dtest.excludePerformance=true -Dexecute.test.nio2=false -Deasymock.jar=/srv/gump/public/workspace/easymock/core/target/easymock-3.5-SNAPSHOT.jar -Dhamcrest.jar=/srv/gump/packages/hamcrest/hamcrest-core-1.3.jar -Dcglib.jar=/srv/gump/packages/cglib/cglib-nodep-2.2.jar test [Working Directory: /srv/gump/public/workspace/tomcat-8.0.x] CLASSPATH: /usr/lib/jvm/java-8-oracle/lib/tools.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/webapps/examples/WEB-INF/classes:/srv/gump/public/workspace/tomcat-8.0.x/output/testclasses:/srv/gump/public/workspace/ant/dist/lib/ant.jar:/srv/gump/public/workspace/ant/dist/lib/ant-launcher.jar:/srv/gump/public/workspace/ant/dist/lib/ant-jmf.jar:/srv/gump/public/workspace/ant/dist/lib/ant-junit.jar:/srv/gump/public/workspace/ant/dist/lib/ant-junit4.jar:/srv/gump/public/workspace/ant/dist/lib/ant-swing.jar:/srv/gump/public/workspace/ant/dist/lib/ant-apache-resolver.jar:/srv/gump/public/workspace/ant/dist/lib/ant-apache-xalan2.jar:/srv/gump/public/workspace/xml-commons/java/build/resolver.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/bin/bootstrap.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/bin/tomcat-juli.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/lib/annotations-api.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/lib/servlet-api.ja r:/srv/gump/public/workspace/tomcat-8.0.x/output/build/lib/jsp-api.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/lib/el-api.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/lib/websocket-api.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/lib/catalina.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/lib/catalina-ant.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/lib/catalina-storeconfig.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/lib/tomcat-coyote.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/lib/jasper.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/lib/jasper-el.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/lib/catalina-tribes.jar:/srv/gump/public/workspace/tomcat-8.
Re: [VOTE] Release Apache Tomcat Native 1.2.5
Hi, 2016-03-02 15:43 GMT+02:00 Mark Thomas : > > Version 1.2.4 includes the following changes: > > - Report runtime rather than compile time version for OpenSSL > - Fixes to allow continued building with master > > The proposed release artefacts can be found at [1], > and the build was done using tag [2]. > > The Apache Tomcat Native 1.2.5 is > [X] Stable, go ahead and release > [ ] Broken because of ... > +1 Regards, Violeta > Thanks, > > Mark > > > [1] > https://dist.apache.org/repos/dist/dev/tomcat/tomcat-connectors/native/1.2.5/ > [2] https://svn.apache.org/repos/asf/tomcat/native/tags/TOMCAT_NATIVE_1_2_5 > > - > To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org > For additional commands, e-mail: dev-h...@tomcat.apache.org >
[GUMP@vmgump]: Project tomcat-trunk-test-nio (in module tomcat-trunk) failed
To whom it may engage... This is an automated request, but not an unsolicited one. For more information please visit http://gump.apache.org/nagged.html, and/or contact the folk at gene...@gump.apache.org. Project tomcat-trunk-test-nio has an issue affecting its community integration. This issue affects 1 projects. The current state of this project is 'Failed', with reason 'Build Failed'. For reference only, the following projects are affected by this: - tomcat-trunk-test-nio : Tomcat 9.x, a web server implementing the Java Servlet 4.0, ... Full details are available at: http://vmgump.apache.org/gump/public/tomcat-trunk/tomcat-trunk-test-nio/index.html That said, some information snippets are provided here. The following annotations (debug/informational/warning/error messages) were provided: -DEBUG- Dependency on commons-daemon exists, no need to add for property commons-daemon.native.src.tgz. -DEBUG- Dependency on commons-daemon exists, no need to add for property tomcat-native.tar.gz. -INFO- Failed with reason build failed -INFO- Project Reports in: /srv/gump/public/workspace/tomcat-trunk/output/logs-NIO -INFO- Project Reports in: /srv/gump/public/workspace/tomcat-trunk/output/test-tmp-NIO/logs -WARNING- No directory [/srv/gump/public/workspace/tomcat-trunk/output/test-tmp-NIO/logs] The following work was performed: http://vmgump.apache.org/gump/public/tomcat-trunk/tomcat-trunk-test-nio/gump_work/build_tomcat-trunk_tomcat-trunk-test-nio.html Work Name: build_tomcat-trunk_tomcat-trunk-test-nio (Type: Build) Work ended in a state of : Failed Elapsed: 46 mins 41 secs Command Line: /usr/lib/jvm/java-8-oracle/bin/java -Djava.awt.headless=true -Dbuild.sysclasspath=only org.apache.tools.ant.Main -Dgump.merge=/srv/gump/public/gump/work/merge.xml -Djunit.jar=/srv/gump/public/workspace/junit/target/junit-4.13-SNAPSHOT.jar -Dobjenesis.jar=/srv/gump/public/workspace/objenesis/main/target/objenesis-2.3-SNAPSHOT.jar -Dtest.reports=output/logs-NIO -Dtomcat-native.tar.gz=/srv/gump/public/workspace/apache-commons/daemon/dist/bin/commons-daemon-20160307-native-src.tar.gz -Dexamples.sources.skip=true -Dbase.path=/srv/gump/public/workspace/tomcat-trunk/tomcat-build-libs -Djdt.jar=/srv/gump/packages/eclipse/plugins/R-4.5-201506032000/ecj-4.5.jar -Dtest.relaxTiming=true -Dcommons-daemon.jar=/srv/gump/public/workspace/apache-commons/daemon/dist/commons-daemon-20160307.jar -Dcommons-daemon.native.src.tgz=/srv/gump/public/workspace/apache-commons/daemon/dist/bin/commons-daemon-20160307-native-src.tar.gz -Dtest.temp=output/test-tmp-NIO -Dtest.accesslog=true -Dexecute.t est.nio=true -Dtest.openssl.path=/srv/gump/public/workspace/openssl-master/dest-20160307/bin/openssl -Dexecute.test.apr=false -Dtest.excludePerformance=true -Dexecute.test.nio2=false -Deasymock.jar=/srv/gump/public/workspace/easymock/core/target/easymock-3.5-SNAPSHOT.jar -Dhamcrest.jar=/srv/gump/packages/hamcrest/hamcrest-core-1.3.jar -Dcglib.jar=/srv/gump/packages/cglib/cglib-nodep-2.2.jar test [Working Directory: /srv/gump/public/workspace/tomcat-trunk] CLASSPATH: /usr/lib/jvm/java-8-oracle/lib/tools.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/webapps/examples/WEB-INF/classes:/srv/gump/public/workspace/tomcat-trunk/output/testclasses:/srv/gump/public/workspace/ant/dist/lib/ant.jar:/srv/gump/public/workspace/ant/dist/lib/ant-launcher.jar:/srv/gump/public/workspace/ant/dist/lib/ant-jmf.jar:/srv/gump/public/workspace/ant/dist/lib/ant-junit.jar:/srv/gump/public/workspace/ant/dist/lib/ant-junit4.jar:/srv/gump/public/workspace/ant/dist/lib/ant-swing.jar:/srv/gump/public/workspace/ant/dist/lib/ant-apache-resolver.jar:/srv/gump/public/workspace/ant/dist/lib/ant-apache-xalan2.jar:/srv/gump/public/workspace/xml-commons/java/build/resolver.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/bin/bootstrap.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/bin/tomcat-juli.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/annotations-api.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/servlet-api.ja r:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/jsp-api.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/el-api.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/websocket-api.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/jaspic-api.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/catalina.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/catalina-ant.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/catalina-storeconfig.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/tomcat-coyote.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/jasper.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/jasper-el.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/catalina-tribes.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/
svn commit: r1733914 - in /tomcat/trunk: java/org/apache/tomcat/websocket/AsyncChannelWrapperSecure.java webapps/docs/changelog.xml
Author: markt Date: Mon Mar 7 12:29:36 2016 New Revision: 1733914 URL: http://svn.apache.org/viewvc?rev=1733914&view=rev Log: Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=59119 Correct read logic Modified: tomcat/trunk/java/org/apache/tomcat/websocket/AsyncChannelWrapperSecure.java tomcat/trunk/webapps/docs/changelog.xml Modified: tomcat/trunk/java/org/apache/tomcat/websocket/AsyncChannelWrapperSecure.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/websocket/AsyncChannelWrapperSecure.java?rev=1733914&r1=1733913&r2=1733914&view=diff == --- tomcat/trunk/java/org/apache/tomcat/websocket/AsyncChannelWrapperSecure.java (original) +++ tomcat/trunk/java/org/apache/tomcat/websocket/AsyncChannelWrapperSecure.java Mon Mar 7 12:29:36 2016 @@ -263,8 +263,8 @@ public class AsyncChannelWrapperSecure i socketReadBuffer.compact(); if (forceRead) { -Future f = -socketChannel.read(socketReadBuffer); +forceRead = false; +Future f = socketChannel.read(socketReadBuffer); Integer socketRead = f.get(); if (socketRead.intValue() == -1) { throw new EOFException(sm.getString( Modified: tomcat/trunk/webapps/docs/changelog.xml URL: http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1733914&r1=1733913&r2=1733914&view=diff == --- tomcat/trunk/webapps/docs/changelog.xml (original) +++ tomcat/trunk/webapps/docs/changelog.xml Mon Mar 7 12:29:36 2016 @@ -207,6 +207,10 @@ Correctly handle compression of partial messages when the final message fragment has a zero length payload. (markt) + +59119: Correct read logic for WebSocket client when using +secure connections. (markt) + - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1733915 - in /tomcat/tc8.0.x/trunk: ./ java/org/apache/tomcat/websocket/AsyncChannelWrapperSecure.java webapps/docs/changelog.xml
Author: markt Date: Mon Mar 7 12:31:19 2016 New Revision: 1733915 URL: http://svn.apache.org/viewvc?rev=1733915&view=rev Log: Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=59119 Correct read logic Modified: tomcat/tc8.0.x/trunk/ (props changed) tomcat/tc8.0.x/trunk/java/org/apache/tomcat/websocket/AsyncChannelWrapperSecure.java tomcat/tc8.0.x/trunk/webapps/docs/changelog.xml Propchange: tomcat/tc8.0.x/trunk/ -- --- svn:mergeinfo (original) +++ svn:mergeinfo Mon Mar 7 12:31:19 2016 @@ -1 +1 @@ -/tomcat/trunk:1636524,1637156,1637176,1637188,1637331,1637684,1637695,1637890,1637892,1638720-1638725,1639653,1640010,1640083-1640084,1640088,1640275,1640322,1640347,1640361,1640365,1640403,1640410,1640652,1640655-1640658,1640688,1640700-1640883,1640903,1640976,1640978,1641000,1641026,1641038-1641039,1641051-1641052,1641058,1641064,1641300,1641369,1641374,1641380,1641486,1641634,1641656-1641692,1641704,1641707-1641718,1641720-1641722,1641735,1641981,1642233,1642280,1642554,1642564,1642595,1642606,1642668,1642679,1642697,1642699,1642766,1643002,1643045,1643054-1643055,1643066,1643121,1643128,1643206,1643209-1643210,1643216,1643249,1643270,1643283,1643309-1643310,1643323,1643365-1643366,1643370-1643371,1643465,1643474,1643536,1643570,1643634,1643649,1643651,1643654,1643675,1643731,1643733-1643734,1643761,1643766,1643814,1643937,1643963,1644017,1644169,1644201-1644203,1644321,1644323,1644516,1644523,1644529,1644535,1644730,1644768,1644784-1644785,1644790,1644793,1644815,1644884,1644886 ,1644890,1644892,1644910,1644924,1644929-1644930,1644935,1644989,1645011,1645247,1645355,1645357-1645358,1645455,1645465,1645469,1645471,1645473,1645475,1645486-1645488,1645626,1645641,1645685,1645743,1645763,1645951-1645953,1645955,1645993,1646098-1646106,1646178,1646220,1646302,1646304,1646420,1646470-1646471,1646476,1646559,1646717-1646723,1646773,1647026,1647042,1647530,1647655,1648304,1648815,1648907,1649973,1650081,1650365,1651116,1651120,1651280,1651470,1652938,1652970,1653041,1653471,1653550,1653574,1653797,1653815-1653816,1653819,1653840,1653857,1653888,1653972,1654013,1654030,1654050,1654123,1654148,1654159,1654513,1654515,1654517,1654522,1654524,1654725,1654735,1654766,1654785,1654851-1654852,1654978,1655122-1655124,1655126-1655127,1655129-1655130,1655132-1655133,1655312,1655351,1655438,1655441,1655454,168,1656087,1656299,1656319,1656331,1656345,1656350,1656590,1656648-1656650,1656657,1657041,1657054,1657374,1657492,1657510,1657565,1657580,1657584,1657586,1657589,1657 592,1657607,1657609,1657682,1657907,1658207,1658734,1658781,1658790,1658799,1658802,1658804,1658833,1658840,1658966,1659043,1659053,1659059,1659174,1659184,1659188-1659189,1659216,1659263,1659293,1659304,1659306-1659307,1659382,1659384,1659428,1659471,1659486,1659505,1659516,1659521,1659524,1659559,1659562,1659803,1659806,1659814,1659833,1659862,1659905,1659919,1659948,1659967,1659983-1659984,1660060,1660074,1660077,1660133,1660168,1660331-1660332,1660353,1660358,1660924,1661386,1661770,1661867,1661972,1661990,1662200,1662308-1662309,1662548,1662614,1662696,1662736,1662985,1662988-1662989,1663264,1663277,1663298,1663534,1663562,1663676,1663715,1663754,1663768,1663772,1663781,1663893,1663995,1664143,1664163,1664174,1664301,1664317,1664347,1664657,1664659,1664710,1664863-1664864,1664866,1665085,1665292,1665559,1665653,1665661,1665672,1665694,1665697,1665736,1665779,1665976-1665977,1665980-1665981,1665985-1665986,1665989,1665998,1666004,1666008,1666013,1666017,1666024,1666116,1666386-1 666387,1666494,1666496,1666552,1666569,1666579,137,149,1666757,1666966,1666972,1666985,1666995,1666997,1667292,1667402,1667406,1667546,1667615,1667630,1667636,1667688,1667764,1667871,1668026,1668135,1668193,1668593,1668596,1668630,1668639,1668843,1669353,1669370,1669451,1669800,1669838,1669876,1669882,1670394,1670433,1670591,1670598-1670600,1670610,1670631,1670719,1670724,1670726,1670730,1670940,1671112,1672272,1672284,1673754,1674294,1675461,1675486,1675594,1675830,1676231,1676250-1676251,1676364,1676381,1676393,1676479,1676525,1676552,1676615,1676630,1676634,1676721,1676926,1676943,1677140,1677802,1678011,1678162,1678174,1678339,1678426-1678427,1678694,1678701,1679534,1679708,1679710,1679716,1680034,1680246,1681056,1681123,1681138,1681280,1681283,1681286,1681450,1681697,1681699,1681701,1681729,1681770,1681779,1681793,1681807,1681837-1681838,1681854,1681862,1681958,1682028,1682033,1682311,1682315,1682317,1682320,1682324,1682330,1682842,1684172,1684366,1684383,1684526-168452 7,1684549-1684550,1685556,1685591,1685739,1685744,1685772,1685816,1685826,1685891,1687242,1687261,1687268,1687340,1687551,1688563,1688841,1688878,165,1688896,1688901,1689345-1689346,1689357,1689656,1689675-1689677,1689679,1689687,1689825,1689856,1689918,1690011,1690021,1690054,1690080,1690209,1691134,1691487,1691813,1692744-1692747,1692849,1692894,1692896,1693088,1693105,1693429,1693461,16940
svn commit: r1733916 - in /tomcat/tc7.0.x/trunk: ./ java/org/apache/tomcat/websocket/AsyncChannelWrapperSecure.java webapps/docs/changelog.xml
Author: markt Date: Mon Mar 7 12:33:06 2016 New Revision: 1733916 URL: http://svn.apache.org/viewvc?rev=1733916&view=rev Log: Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=59119 Correct read logic Modified: tomcat/tc7.0.x/trunk/ (props changed) tomcat/tc7.0.x/trunk/java/org/apache/tomcat/websocket/AsyncChannelWrapperSecure.java tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml Propchange: tomcat/tc7.0.x/trunk/ -- --- svn:mergeinfo (original) +++ svn:mergeinfo Mon Mar 7 12:33:06 2016 @@ -1,2 +1,2 @@ -/tomcat/tc8.0.x/trunk:1636525,1637336,1637685,1637709,1638726,1640089,1640276,1640349,1640363,1640366,1640642,1640672,1640674,1640689,1640884,1641001,1641065,1641067,1641375,1641638,1641723,1641726,1641729-1641730,1641736,1641988,1642669-1642670,1642698,1642701,1643205,1643215,1643217,1643230,1643232,1643273,1643285,1643329-1643330,1643511,1643513,1643521,1643539,1643571,1643581-1643582,1643635,1643655,1643738,1643964,1644018,1644333,1644954,1644992,1645014,1645360,1645456,1645627,1645642,1645686,1645903-1645904,1645908-1645909,1645913,1645920,1646458,1646460-1646462,1646735,1646738-1646741,1646744,1646746,1646748-1646755,1646757,1646759-1646760,1647043,1648816,1651420-1651422,1651844,1652926,1652939-1652940,1652973,1653798,1653817,1653841,1654042,1654161,1654736,1654767,1654787,1656592,1659907,1662986,1663265,1663278,1663325,1663535,1663567,1663679,1663997,1664175,1664321,1664872,1665061,1665086,1666027,1666395,1666503,1666506,1666560,1666570,1666581,1666759,1666967,1666988,1667553 -1667555,1667558,1667617,1667633,1667637,1667747,1667767,1667873,1668028,1668137,1668634,1669432,1669801,1669840,1669895-1669896,1670398,1670435,1670592,1670605-1670607,1670609,1670632,1670720,1670725,1670727,1670731,1671114,1672273,1672285,1673759,1674220,1674295,1675469,1675488,1675595,1675831,1676232,1676367-1676369,1676382,1676394,1676483,1676556,1676635,1678178,1679536,1679988,1680256,1681124,1681182,1681730,1681840,1681864,1681869,1682010,1682034,1682047,1682052-1682053,1682062,1682064,1682070,1682312,1682325,1682331,1682386,1684367,1684385,1685759,1685774,1685827,1685892,1687341,1688904,1689358,1689657,1689921,1692850,1693093,1693108,1693324,1694060,1694115,1694291,1694427,1694431,1694503,1694549,1694789,1694873,1694881,1695356,1695372,1695823-1695825,1696200,1696281,1696379,1696468,1700608,1700871,1700897,1700978,1701094,1701124,1701608,1701668,1701676,1701766,1701944,1702248,1702252,1702314,1702390,1702723,1702725,1702728,1702730,1702733,1702735,1702737,1702739,1702742,1702 744,1702748,1702751,1702754,1702758,1702760,1702763,1702766,1708779,1708782,1708806,1709314,1709670,1710347,1710442,1710448,1710490,1710574,1710578,1712226,1712229,1712235,1712255,1712618,1712649,1712655,1712860,1712899,1712903,1712906,1712913,1712926,1712975,1713185,1713262,1713287,1713613,1713621,1713872,1713976,1713994,1713998,1714004,1714013,1714059,1714538,1714580,1715189,1715207,1715544,1715549,1715637,1715639-1715645,1715667,1715683,1715978,1715981,1716216-1716217,1716355,1716414,1716421,1717208-1717209,1717257,1717283,1717288,1717291,1717421,1717517,1717529,1718797,1718840-1718843,1719348,1719357-1719358,1719400,1719491,1719737,1720235,1720396,1720442,1720446,1720450,1720463,1720658-1720660,1720756,1720816,1721813,1721818,1721831,1721861,1721867,1721882,1722523,1722527,1722800,1722926,1722941,1722997,1723130,1723440,1723488,1723890,1724434,1724674,1724792,1724803,1724902,1725128,1725131,1725154,1725167,1725911,1725921,1725929,1725963-1725965,1725970,1725974,1726171-1726173,1 726175,1726179-1726182,1726190-1726191,1726195-1726200,1726203,1726226,1726576,1726630,1726992,1727029,1727037,1727671,1727676,1727900,1728028,1728092,1728439,1728449,1729186,1729362,1731009,1731303,1731867,1731872,1731874,1731876,1731885,1731947,1731955,1731959,1731977,1731984,1732360,1732490,1732672,1732902,1733166,1733603,1733619,1733735,1733752,1733764 -/tomcat/trunk:1156115-1157160,1157162-1157859,1157862-1157942,1157945-1160347,1160349-1163716,1163718-1166689,1166691-1174340,1174342-1175596,1175598-1175611,1175613-1175932,1175934-1177783,1177785-1177980,1178006-1180720,1180722-1183094,1183096-1187753,1187755,1187775,1187801,1187806,1187809,1187826-1188312,1188314-1188401,1188646-1188840,1188842-1190176,1190178-1195223,1195225-1195953,1195955,1195957-1201238,1201240-1203345,1203347-1206623,1206625-1208046,1208073,1208096,1208114,1208145,1208772,1209194-1212125,1212127-1220291,1220293,1220295-1221321,1221323-1222329,1222332-1222401,1222405-1222795,1222850-1222950,1222969-1225326,1225328-1225463,1225465,1225627,1225629-1226534,1226536-1228908,1228911-1228923,1228927-1229532,1229534-1230766,1230768-1231625,1231627-1233414,1233419-1235207,1235209-1237425,1237427,1237429-1237977,1237981,1237985,1237995,1238070,1238073,1239024-1239048,1239050-1239062,1239135,1239256,1239258-1239485,1239785-1240046,1240101,1240106,1240109,1240112,1240114 ,1240116,1240118,1240121,1240329,12
[Bug 59119] Improper forced reading causing client read timeout
https://bz.apache.org/bugzilla/show_bug.cgi?id=59119 Mark Thomas changed: What|Removed |Added Resolution|--- |FIXED Status|NEW |RESOLVED --- Comment #2 from Mark Thomas --- Thanks for the report. This has been fixed in 9.0.x for 9.0.0.M4 onwards, 8.0.x for 8.0.33 onwards and 7.0.x for 7.0.69 onwards. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 59120] The protocol "TLS" has different interpretation in different JRE, better use "SSL"
https://bz.apache.org/bugzilla/show_bug.cgi?id=59120 --- Comment #1 from Mark Thomas --- The documentation you quote is not consistent with the claims you make regarding SSL being more general. Part of the problem is that this code has to work across multiple Java versions and multiple vendors and the respective behaviours are not always identical. There is always the option to provide your own, pre-configured SSLContext. Typically, I'd expect this value to not matter and the value obtained from org.apache.tomcat.websocket.SSL_PROTOCOLS to be much more important. One of the reasons for allowing a custom SSLContext was to avoid the mushrooming of TLS ocnfiguration options. I'm going to change this code to use SSLContext.getDefault() as that should return a good, secure choice on any OS / Vendor / Java version combination. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[GUMP@vmgump]: Project tomcat-trunk-test-nio2 (in module tomcat-trunk) failed
To whom it may engage... This is an automated request, but not an unsolicited one. For more information please visit http://gump.apache.org/nagged.html, and/or contact the folk at gene...@gump.apache.org. Project tomcat-trunk-test-nio2 has an issue affecting its community integration. This issue affects 1 projects. The current state of this project is 'Failed', with reason 'Build Failed'. For reference only, the following projects are affected by this: - tomcat-trunk-test-nio2 : Tomcat 9.x, a web server implementing the Java Servlet 4.0, ... Full details are available at: http://vmgump.apache.org/gump/public/tomcat-trunk/tomcat-trunk-test-nio2/index.html That said, some information snippets are provided here. The following annotations (debug/informational/warning/error messages) were provided: -DEBUG- Dependency on commons-daemon exists, no need to add for property commons-daemon.native.src.tgz. -DEBUG- Dependency on commons-daemon exists, no need to add for property tomcat-native.tar.gz. -INFO- Failed with reason build failed -INFO- Project Reports in: /srv/gump/public/workspace/tomcat-trunk/output/logs-NIO2 -INFO- Project Reports in: /srv/gump/public/workspace/tomcat-trunk/output/test-tmp-NIO2/logs -WARNING- No directory [/srv/gump/public/workspace/tomcat-trunk/output/test-tmp-NIO2/logs] The following work was performed: http://vmgump.apache.org/gump/public/tomcat-trunk/tomcat-trunk-test-nio2/gump_work/build_tomcat-trunk_tomcat-trunk-test-nio2.html Work Name: build_tomcat-trunk_tomcat-trunk-test-nio2 (Type: Build) Work ended in a state of : Failed Elapsed: 46 mins 3 secs Command Line: /usr/lib/jvm/java-8-oracle/bin/java -Djava.awt.headless=true -Dbuild.sysclasspath=only org.apache.tools.ant.Main -Dgump.merge=/srv/gump/public/gump/work/merge.xml -Djunit.jar=/srv/gump/public/workspace/junit/target/junit-4.13-SNAPSHOT.jar -Dobjenesis.jar=/srv/gump/public/workspace/objenesis/main/target/objenesis-2.3-SNAPSHOT.jar -Dtest.reports=output/logs-NIO2 -Dtomcat-native.tar.gz=/srv/gump/public/workspace/apache-commons/daemon/dist/bin/commons-daemon-20160307-native-src.tar.gz -Dexamples.sources.skip=true -Dbase.path=/srv/gump/public/workspace/tomcat-trunk/tomcat-build-libs -Djdt.jar=/srv/gump/packages/eclipse/plugins/R-4.5-201506032000/ecj-4.5.jar -Dtest.relaxTiming=true -Dcommons-daemon.jar=/srv/gump/public/workspace/apache-commons/daemon/dist/commons-daemon-20160307.jar -Dcommons-daemon.native.src.tgz=/srv/gump/public/workspace/apache-commons/daemon/dist/bin/commons-daemon-20160307-native-src.tar.gz -Dtest.temp=output/test-tmp-NIO2 -Dtest.accesslog=true -Dexecute .test.nio=false -Dtest.openssl.path=/srv/gump/public/workspace/openssl-master/dest-20160307/bin/openssl -Dexecute.test.apr=false -Dtest.excludePerformance=true -Dexecute.test.nio2=true -Deasymock.jar=/srv/gump/public/workspace/easymock/core/target/easymock-3.5-SNAPSHOT.jar -Dhamcrest.jar=/srv/gump/packages/hamcrest/hamcrest-core-1.3.jar -Dcglib.jar=/srv/gump/packages/cglib/cglib-nodep-2.2.jar test [Working Directory: /srv/gump/public/workspace/tomcat-trunk] CLASSPATH: /usr/lib/jvm/java-8-oracle/lib/tools.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/webapps/examples/WEB-INF/classes:/srv/gump/public/workspace/tomcat-trunk/output/testclasses:/srv/gump/public/workspace/ant/dist/lib/ant.jar:/srv/gump/public/workspace/ant/dist/lib/ant-launcher.jar:/srv/gump/public/workspace/ant/dist/lib/ant-jmf.jar:/srv/gump/public/workspace/ant/dist/lib/ant-junit.jar:/srv/gump/public/workspace/ant/dist/lib/ant-junit4.jar:/srv/gump/public/workspace/ant/dist/lib/ant-swing.jar:/srv/gump/public/workspace/ant/dist/lib/ant-apache-resolver.jar:/srv/gump/public/workspace/ant/dist/lib/ant-apache-xalan2.jar:/srv/gump/public/workspace/xml-commons/java/build/resolver.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/bin/bootstrap.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/bin/tomcat-juli.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/annotations-api.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/servlet-api.ja r:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/jsp-api.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/el-api.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/websocket-api.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/jaspic-api.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/catalina.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/catalina-ant.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/catalina-storeconfig.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/tomcat-coyote.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/jasper.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/jasper-el.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/catalina-tribes.jar:/srv/gump/public/workspace/tomcat-trunk/outpu
[Bug 59120] The protocol "TLS" has different interpretation in different JRE, better use "SSL"
https://bz.apache.org/bugzilla/show_bug.cgi?id=59120 Mark Thomas changed: What|Removed |Added Status|NEW |RESOLVED Resolution|--- |INVALID --- Comment #2 from Mark Thomas --- OK, that isn't going to work. I've done some testing with Oracle's JVM and the protocol used only determines the protocols enabled by default. All protocols remain supported and may be selected via org.apache.tomcat.websocket.SSL_PROTOCOLS. I tried to test a current IBM JVM but downloads require a registration and the registration is broken. I then tried to downlaod without registration and the IBM download director hangs. I managed to dig out an oldish IBM Java 8 install for Linux and a quick test shows that it behaves the same way as Oracle. There is no Tomcat issue here. Defaults will vary with platforms. You need to use org.apache.tomcat.websocket.SSL_PROTOCOL to configure the protocols you actually want to use. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[GUMP@vmgump]: Project tomcat-trunk-test-apr (in module tomcat-trunk) failed
To whom it may engage... This is an automated request, but not an unsolicited one. For more information please visit http://gump.apache.org/nagged.html, and/or contact the folk at gene...@gump.apache.org. Project tomcat-trunk-test-apr has an issue affecting its community integration. This issue affects 1 projects. The current state of this project is 'Failed', with reason 'Build Failed'. For reference only, the following projects are affected by this: - tomcat-trunk-test-apr : Tomcat 9.x, a web server implementing the Java Servlet 4.0, ... Full details are available at: http://vmgump.apache.org/gump/public/tomcat-trunk/tomcat-trunk-test-apr/index.html That said, some information snippets are provided here. The following annotations (debug/informational/warning/error messages) were provided: -DEBUG- Dependency on commons-daemon exists, no need to add for property commons-daemon.native.src.tgz. -DEBUG- Dependency on commons-daemon exists, no need to add for property tomcat-native.tar.gz. -INFO- Failed with reason build failed -INFO- Project Reports in: /srv/gump/public/workspace/tomcat-trunk/output/logs-APR -INFO- Project Reports in: /srv/gump/public/workspace/tomcat-trunk/output/test-tmp-APR/logs -WARNING- No directory [/srv/gump/public/workspace/tomcat-trunk/output/test-tmp-APR/logs] The following work was performed: http://vmgump.apache.org/gump/public/tomcat-trunk/tomcat-trunk-test-apr/gump_work/build_tomcat-trunk_tomcat-trunk-test-apr.html Work Name: build_tomcat-trunk_tomcat-trunk-test-apr (Type: Build) Work ended in a state of : Failed Elapsed: 42 mins 52 secs Command Line: /usr/lib/jvm/java-8-oracle/bin/java -Djava.awt.headless=true -Dbuild.sysclasspath=only org.apache.tools.ant.Main -Dgump.merge=/srv/gump/public/gump/work/merge.xml -Djunit.jar=/srv/gump/public/workspace/junit/target/junit-4.13-SNAPSHOT.jar -Dobjenesis.jar=/srv/gump/public/workspace/objenesis/main/target/objenesis-2.3-SNAPSHOT.jar -Dtest.reports=output/logs-APR -Dtomcat-native.tar.gz=/srv/gump/public/workspace/apache-commons/daemon/dist/bin/commons-daemon-20160307-native-src.tar.gz -Dexamples.sources.skip=true -Dbase.path=/srv/gump/public/workspace/tomcat-trunk/tomcat-build-libs -Djdt.jar=/srv/gump/packages/eclipse/plugins/R-4.5-201506032000/ecj-4.5.jar -Dtest.apr.loc=/srv/gump/public/workspace/tomcat-native-trunk/dest-20160307/lib -Dtest.relaxTiming=true -Dcommons-daemon.jar=/srv/gump/public/workspace/apache-commons/daemon/dist/commons-daemon-20160307.jar -Dcommons-daemon.native.src.tgz=/srv/gump/public/workspace/apache-commons/daemon/dist/bin/commons-daemon-20160307-nat ive-src.tar.gz -Dtest.temp=output/test-tmp-APR -Dtest.accesslog=true -Dexecute.test.nio=false -Dtest.openssl.path=/srv/gump/public/workspace/openssl-master/dest-20160307/bin/openssl -Dexecute.test.apr=true -Dtest.excludePerformance=true -Dexecute.test.nio2=false -Deasymock.jar=/srv/gump/public/workspace/easymock/core/target/easymock-3.5-SNAPSHOT.jar -Dhamcrest.jar=/srv/gump/packages/hamcrest/hamcrest-core-1.3.jar -Dcglib.jar=/srv/gump/packages/cglib/cglib-nodep-2.2.jar test [Working Directory: /srv/gump/public/workspace/tomcat-trunk] CLASSPATH: /usr/lib/jvm/java-8-oracle/lib/tools.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/webapps/examples/WEB-INF/classes:/srv/gump/public/workspace/tomcat-trunk/output/testclasses:/srv/gump/public/workspace/ant/dist/lib/ant.jar:/srv/gump/public/workspace/ant/dist/lib/ant-launcher.jar:/srv/gump/public/workspace/ant/dist/lib/ant-jmf.jar:/srv/gump/public/workspace/ant/dist/lib/ant-junit.jar:/srv/gump/public/workspace/ant/dist/lib/ant-junit4.jar:/srv/gump/public/workspace/ant/dist/lib/ant-swing.jar:/srv/gump/public/workspace/ant/dist/lib/ant-apache-resolver.jar:/srv/gump/public/workspace/ant/dist/lib/ant-apache-xalan2.jar:/srv/gump/public/workspace/xml-commons/java/build/resolver.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/bin/bootstrap.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/bin/tomcat-juli.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/annotations-api.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/servlet-api.ja r:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/jsp-api.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/el-api.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/websocket-api.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/jaspic-api.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/catalina.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/catalina-ant.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/catalina-storeconfig.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/tomcat-coyote.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/jasper.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/jasper-el.jar:/srv/gump/public/workspace/tomcat-trunk/outpu
Re: tcnative NMAKEmakefiles updates for APR 1.5.2
On 06/03/2016 21:20, Rainer Jung wrote: > Am 06.03.2016 um 19:49 schrieb Rainer Jung: >> I updated the tcnative NMAKEmakefiles and the provided openssl patch for >> building with APR 1.5.2 and OpenSSL 1.0.2g. >> >> Can others please see, whether it still works for them? I did run a >> build myself, but there are many possible variations of parameters >> influencing the build, so it would be better if others can have a look >> before the next release. >> >> I did not yet test the resulting tcnative using the Tomcat test suite. > > Tests on Windows using TC trunk ran without failure (well except NIO2 > TestHttp11InputBuffer). Built locally and tests passed for APR/native with trunk. Thanks for fixing our build script for APR. Mark - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 59120] The protocol "TLS" has different interpretation in different JRE, better use "SSL"
https://bz.apache.org/bugzilla/show_bug.cgi?id=59120 --- Comment #3 from Jack --- When you say "it behaves the same way as Oracle", did you mean the communication used the same TLS version? From my test (by setting -Djavax.net.debug=ssl) Oracle uses TLS v1.2, and IBM uses TLS v1.0. I think it's probably better to use SSLContext.getDefault() as you suggested in Comment #1 as THE DEFAULT, and then allow people to use org.apache.tomcat.websocket.SSL_PROTOCOLS to override. That way people can also use common JDK options like -Djdk.tls.client.protocols [1] to override. [1] https://docs.oracle.com/javase/8/docs/technotes/guides/security/enhancements-8.html -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 59092] Shutdown of ISAPI filter leads to infinite wait and hangs whole IIS
https://bz.apache.org/bugzilla/show_bug.cgi?id=59092 --- Comment #2 from Matthew Reiter --- This is the same defect as https://bz.apache.org/bugzilla/show_bug.cgi?id=58813 (Incoming requests hang after a website using the ISAPI connector is restarted). -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 59122] Browser send back to tomcat "likely valid" JSESSIONID but tomcat recreate session and response to browser a renewed JESSIONID
https://bz.apache.org/bugzilla/show_bug.cgi?id=59122 Mark Thomas changed: What|Removed |Added Resolution|--- |INVALID Status|NEW |RESOLVED OS||All --- Comment #1 from Mark Thomas --- There is insufficient evidence in this report of a bug in Tomcat. The most likely explanation is an application bug. The Tomcat 7 version being used is quite old. I don't recall any session handling issues but it is worth testing to see if an upgrade resolves the issue. There are only things that can trigger a Set-Cookie header. The first is creation of a new session and the second is the session ID change on authentication. Given that the original session expires 30 mins after the new session is created this isn't a session ID change due to authentication. Therefore, a new session is being created because the previous session cannot be found. The Set-Cookie="-" looks very strange. You'll need to do some more investigation with the application to figure out what is going wrong. You might want to consider logging the HTTP requets headers and the stack trace for the session creation. If you need help with investigating your application, the users@ mailing list is the place to ask, not Bugzilla. If the discussion on users@ identifies a Tomcat bug then please feel free to re-open this issue and provide the details. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[GUMP@vmgump]: Project tomcat-tc7.0.x-test-apr (in module tomcat-7.0.x) failed
To whom it may engage... This is an automated request, but not an unsolicited one. For more information please visit http://gump.apache.org/nagged.html, and/or contact the folk at gene...@gump.apache.org. Project tomcat-tc7.0.x-test-apr has an issue affecting its community integration. This issue affects 1 projects. The current state of this project is 'Failed', with reason 'Build Failed'. For reference only, the following projects are affected by this: - tomcat-tc7.0.x-test-apr : Tomcat 7.x, a web server implementing Java Servlet 3.0, ... Full details are available at: http://vmgump.apache.org/gump/public/tomcat-7.0.x/tomcat-tc7.0.x-test-apr/index.html That said, some information snippets are provided here. The following annotations (debug/informational/warning/error messages) were provided: -DEBUG- Dependency on tomcat-tc7.0.x-dbcp exists, no need to add for property tomcat-dbcp-src.jar. -DEBUG- Dependency on commons-daemon exists, no need to add for property commons-daemon.native.src.tgz. -DEBUG- Dependency on commons-daemon exists, no need to add for property tomcat-native.tar.gz. -DEBUG- Dependency on tomcat-tc7.0.x-dbcp exists, no need to add for property tomcat-dbcp.home. -INFO- Failed with reason build failed -INFO- Project Reports in: /srv/gump/public/workspace/tomcat-7.0.x/output/logs-APR -INFO- Project Reports in: /srv/gump/public/workspace/tomcat-7.0.x/output/test-tmp-APR/logs The following work was performed: http://vmgump.apache.org/gump/public/tomcat-7.0.x/tomcat-tc7.0.x-test-apr/gump_work/build_tomcat-7.0.x_tomcat-tc7.0.x-test-apr.html Work Name: build_tomcat-7.0.x_tomcat-tc7.0.x-test-apr (Type: Build) Work ended in a state of : Failed Elapsed: 54 mins 22 secs Command Line: /usr/lib/jvm/java-8-oracle/bin/java -Djava.awt.headless=true -Dbuild.sysclasspath=only org.apache.tools.ant.Main -Dgump.merge=/srv/gump/public/gump/work/merge.xml -Dbase.path=/srv/gump/public/workspace/tomcat-7.0.x/tomcat-build-libs -Dcommons-pool.home=/srv/gump/public/workspace/commons-pool-1.x -Dtest.temp=output/test-tmp-APR -Djunit.jar=/srv/gump/public/workspace/junit/target/junit-4.13-SNAPSHOT.jar -Dobjenesis.jar=/srv/gump/public/workspace/objenesis/main/target/objenesis-2.3-SNAPSHOT.jar -Dexamples.sources.skip=true -Dcommons-daemon.jar=/srv/gump/public/workspace/apache-commons/daemon/dist/commons-daemon-20160307.jar -Dtomcat-dbcp-src.jar=/srv/gump/public/workspace/tomcat-7.0.x/tomcat-deps/tomcat-dbcp-src.jar -Dtomcat-dbcp.home=/srv/gump/public/workspace/tomcat-7.0.x/tomcat-deps -Dtest.excludePerformance=true -Dhamcrest.jar=/srv/gump/packages/hamcrest/hamcrest-core-1.3.jar -Dcommons-dbcp.home=/srv/gump/public/workspace/commons-dbcp-1.x -Dexecute.test.apr=true -Dexec ute.test.bio=false -Dcommons-daemon.native.src.tgz=/srv/gump/public/workspace/apache-commons/daemon/dist/bin/commons-daemon-20160307-native-src.tar.gz -Dtest.reports=output/logs-APR -Dtomcat-native.tar.gz=/srv/gump/public/workspace/apache-commons/daemon/dist/bin/commons-daemon-20160307-native-src.tar.gz -Djdt.jar=/srv/gump/packages/eclipse/plugins/R-4.5-201506032000/ecj-4.5.jar -Dtest.apr.loc=/srv/gump/public/workspace/tomcat-native/dest-20160307/lib -Dexecute.test.nio=false -Dtest.accesslog=true -Dtomcat-dbcp.jar=/srv/gump/public/workspace/tomcat-7.0.x/tomcat-deps/tomcat-dbcp-20160307.jar -Deasymock.jar=/srv/gump/public/workspace/easymock/core/target/easymock-3.5-SNAPSHOT.jar -Dcglib.jar=/srv/gump/packages/cglib/cglib-nodep-2.2.jar test [Working Directory: /srv/gump/public/workspace/tomcat-7.0.x] CLASSPATH: /usr/lib/jvm/java-8-oracle/lib/tools.jar:/srv/gump/public/workspace/tomcat-7.0.x/output/build/webapps/examples/WEB-INF/classes:/srv/gump/public/workspace/tomcat-7.0.x/output/testclasses:/srv/gump/public/workspace/ant/dist/lib/ant.jar:/srv/gump/public/workspace/ant/dist/lib/ant-launcher.jar:/srv/gump/public/workspace/ant/dist/lib/ant-jmf.jar:/srv/gump/public/workspace/ant/dist/lib/ant-junit.jar:/srv/gump/public/workspace/ant/dist/lib/ant-junit4.jar:/srv/gump/public/workspace/ant/dist/lib/ant-swing.jar:/srv/gump/public/workspace/ant/dist/lib/ant-apache-resolver.jar:/srv/gump/public/workspace/ant/dist/lib/ant-apache-xalan2.jar:/srv/gump/public/workspace/xml-commons/java/build/resolver.jar:/srv/gump/public/workspace/tomcat-7.0.x/output/build/bin/bootstrap.jar:/srv/gump/public/workspace/tomcat-7.0.x/output/build/bin/tomcat-juli.jar:/srv/gump/public/workspace/tomcat-7.0.x/output/build/lib/annotations-api.jar:/srv/gump/public/workspace/tomcat-7.0.x/output/build/lib/servlet-api.ja r:/srv/gump/public/workspace/tomcat-7.0.x/output/build/lib/jsp-api.jar:/srv/gump/public/workspace/tomcat-7.0.x/output/build/lib/el-api.jar:/srv/gump/public/workspace/tomcat-7.0.x/output/build/lib/catalina.jar:/srv/gump/public/workspace/tomcat-7.0.x/output/build/lib/catalina-ant.jar:/srv/gump/public/workspace/tomcat-7.0.x/output/build/lib/tomcat-coyote.jar:/srv/gump/public/workspace
svn commit: r1733940 - in /tomcat/trunk: java/org/apache/catalina/realm/JNDIRealm.java webapps/docs/changelog.xml
Author: markt Date: Mon Mar 7 16:28:09 2016 New Revision: 1733940 URL: http://svn.apache.org/viewvc?rev=1733940&view=rev Log: Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=59123 Close NamingEnumeration objects used by the JNDIRealm once they are no longer required. Modified: tomcat/trunk/java/org/apache/catalina/realm/JNDIRealm.java tomcat/trunk/webapps/docs/changelog.xml Modified: tomcat/trunk/java/org/apache/catalina/realm/JNDIRealm.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/realm/JNDIRealm.java?rev=1733940&r1=1733939&r2=1733940&view=diff == --- tomcat/trunk/java/org/apache/catalina/realm/JNDIRealm.java (original) +++ tomcat/trunk/java/org/apache/catalina/realm/JNDIRealm.java Mon Mar 7 16:28:09 2016 @@ -1685,60 +1685,65 @@ public class JNDIRealm extends RealmBase NamingEnumeration results = context.search(userBase, filter, constraints); - -// Fail if no entries found try { -if (results == null || !results.hasMore()) { -return null; -} -} catch (PartialResultException ex) { -if (!adCompat) -throw ex; -else -return null; -} - -// Get result for the first entry found -SearchResult result = results.next(); - -// Check no further entries were found -try { -if (results.hasMore()) { -if(containerLog.isInfoEnabled()) -containerLog.info("username " + username + " has multiple entries"); +// Fail if no entries found +try { +if (results == null || !results.hasMore()) { +return null; +} +} catch (PartialResultException ex) { +if (!adCompat) +throw ex; +else +return null; +} + +// Get result for the first entry found +SearchResult result = results.next(); + +// Check no further entries were found +try { +if (results.hasMore()) { +if(containerLog.isInfoEnabled()) +containerLog.info("username " + username + " has multiple entries"); +return null; +} +} catch (PartialResultException ex) { +if (!adCompat) +throw ex; +} + +String dn = getDistinguishedName(context, userBase, result); + +if (containerLog.isTraceEnabled()) +containerLog.trace(" entry found for " + username + " with dn " + dn); + +// Get the entry's attributes +Attributes attrs = result.getAttributes(); +if (attrs == null) return null; + +// Retrieve value of userPassword +String password = null; +if (userPassword != null) +password = getAttributeValue(userPassword, attrs); + +String userRoleAttrValue = null; +if (userRoleAttribute != null) { +userRoleAttrValue = getAttributeValue(userRoleAttribute, attrs); +} + +// Retrieve values of userRoleName attribute +ArrayList roles = null; +if (userRoleName != null) +roles = addAttributeValues(userRoleName, attrs, roles); + +return new User(username, dn, password, roles, userRoleAttrValue); +} finally { +if (results != null) { +results.close(); } -} catch (PartialResultException ex) { -if (!adCompat) -throw ex; } - -String dn = getDistinguishedName(context, userBase, result); - -if (containerLog.isTraceEnabled()) -containerLog.trace(" entry found for " + username + " with dn " + dn); - -// Get the entry's attributes -Attributes attrs = result.getAttributes(); -if (attrs == null) -return null; - -// Retrieve value of userPassword -String password = null; -if (userPassword != null) -password = getAttributeValue(userPassword, attrs); - -String userRoleAttrValue = null; -if (userRoleAttribute != null) { -userRoleAttrValue = getAttributeValue(userRoleAttribute, attrs); -} - -// Retrieve values of userRoleName attribute -ArrayList roles = null; -if (userRoleName != null) -roles = addAttributeValues(userRoleName, attrs, roles); - -return new User(username, dn, password, roles, userRoleAttrValue); } @@ -2003,6 +2008,8 @@ public class JNDIRealm extends RealmBase } catch (PartialResultException ex) { if
svn commit: r1733941 - in /tomcat/tc8.0.x/trunk: ./ java/org/apache/catalina/realm/JNDIRealm.java webapps/docs/changelog.xml
Author: markt Date: Mon Mar 7 16:29:15 2016 New Revision: 1733941 URL: http://svn.apache.org/viewvc?rev=1733941&view=rev Log: Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=59123 Close NamingEnumeration objects used by the JNDIRealm once they are no longer required. Modified: tomcat/tc8.0.x/trunk/ (props changed) tomcat/tc8.0.x/trunk/java/org/apache/catalina/realm/JNDIRealm.java tomcat/tc8.0.x/trunk/webapps/docs/changelog.xml Propchange: tomcat/tc8.0.x/trunk/ -- --- svn:mergeinfo (original) +++ svn:mergeinfo Mon Mar 7 16:29:15 2016 @@ -1 +1 @@ -/tomcat/trunk:1636524,1637156,1637176,1637188,1637331,1637684,1637695,1637890,1637892,1638720-1638725,1639653,1640010,1640083-1640084,1640088,1640275,1640322,1640347,1640361,1640365,1640403,1640410,1640652,1640655-1640658,1640688,1640700-1640883,1640903,1640976,1640978,1641000,1641026,1641038-1641039,1641051-1641052,1641058,1641064,1641300,1641369,1641374,1641380,1641486,1641634,1641656-1641692,1641704,1641707-1641718,1641720-1641722,1641735,1641981,1642233,1642280,1642554,1642564,1642595,1642606,1642668,1642679,1642697,1642699,1642766,1643002,1643045,1643054-1643055,1643066,1643121,1643128,1643206,1643209-1643210,1643216,1643249,1643270,1643283,1643309-1643310,1643323,1643365-1643366,1643370-1643371,1643465,1643474,1643536,1643570,1643634,1643649,1643651,1643654,1643675,1643731,1643733-1643734,1643761,1643766,1643814,1643937,1643963,1644017,1644169,1644201-1644203,1644321,1644323,1644516,1644523,1644529,1644535,1644730,1644768,1644784-1644785,1644790,1644793,1644815,1644884,1644886 ,1644890,1644892,1644910,1644924,1644929-1644930,1644935,1644989,1645011,1645247,1645355,1645357-1645358,1645455,1645465,1645469,1645471,1645473,1645475,1645486-1645488,1645626,1645641,1645685,1645743,1645763,1645951-1645953,1645955,1645993,1646098-1646106,1646178,1646220,1646302,1646304,1646420,1646470-1646471,1646476,1646559,1646717-1646723,1646773,1647026,1647042,1647530,1647655,1648304,1648815,1648907,1649973,1650081,1650365,1651116,1651120,1651280,1651470,1652938,1652970,1653041,1653471,1653550,1653574,1653797,1653815-1653816,1653819,1653840,1653857,1653888,1653972,1654013,1654030,1654050,1654123,1654148,1654159,1654513,1654515,1654517,1654522,1654524,1654725,1654735,1654766,1654785,1654851-1654852,1654978,1655122-1655124,1655126-1655127,1655129-1655130,1655132-1655133,1655312,1655351,1655438,1655441,1655454,168,1656087,1656299,1656319,1656331,1656345,1656350,1656590,1656648-1656650,1656657,1657041,1657054,1657374,1657492,1657510,1657565,1657580,1657584,1657586,1657589,1657 592,1657607,1657609,1657682,1657907,1658207,1658734,1658781,1658790,1658799,1658802,1658804,1658833,1658840,1658966,1659043,1659053,1659059,1659174,1659184,1659188-1659189,1659216,1659263,1659293,1659304,1659306-1659307,1659382,1659384,1659428,1659471,1659486,1659505,1659516,1659521,1659524,1659559,1659562,1659803,1659806,1659814,1659833,1659862,1659905,1659919,1659948,1659967,1659983-1659984,1660060,1660074,1660077,1660133,1660168,1660331-1660332,1660353,1660358,1660924,1661386,1661770,1661867,1661972,1661990,1662200,1662308-1662309,1662548,1662614,1662696,1662736,1662985,1662988-1662989,1663264,1663277,1663298,1663534,1663562,1663676,1663715,1663754,1663768,1663772,1663781,1663893,1663995,1664143,1664163,1664174,1664301,1664317,1664347,1664657,1664659,1664710,1664863-1664864,1664866,1665085,1665292,1665559,1665653,1665661,1665672,1665694,1665697,1665736,1665779,1665976-1665977,1665980-1665981,1665985-1665986,1665989,1665998,1666004,1666008,1666013,1666017,1666024,1666116,1666386-1 666387,1666494,1666496,1666552,1666569,1666579,137,149,1666757,1666966,1666972,1666985,1666995,1666997,1667292,1667402,1667406,1667546,1667615,1667630,1667636,1667688,1667764,1667871,1668026,1668135,1668193,1668593,1668596,1668630,1668639,1668843,1669353,1669370,1669451,1669800,1669838,1669876,1669882,1670394,1670433,1670591,1670598-1670600,1670610,1670631,1670719,1670724,1670726,1670730,1670940,1671112,1672272,1672284,1673754,1674294,1675461,1675486,1675594,1675830,1676231,1676250-1676251,1676364,1676381,1676393,1676479,1676525,1676552,1676615,1676630,1676634,1676721,1676926,1676943,1677140,1677802,1678011,1678162,1678174,1678339,1678426-1678427,1678694,1678701,1679534,1679708,1679710,1679716,1680034,1680246,1681056,1681123,1681138,1681280,1681283,1681286,1681450,1681697,1681699,1681701,1681729,1681770,1681779,1681793,1681807,1681837-1681838,1681854,1681862,1681958,1682028,1682033,1682311,1682315,1682317,1682320,1682324,1682330,1682842,1684172,1684366,1684383,1684526-168452 7,1684549-1684550,1685556,1685591,1685739,1685744,1685772,1685816,1685826,1685891,1687242,1687261,1687268,1687340,1687551,1688563,1688841,1688878,165,1688896,1688901,1689345-1689346,1689357,1689656,1689675-1689677,1689679,1689687,1689825,1689856,1689918,1690011,1690021,1690054,1690080,1690209,1691134,1691487,1691813,1692744-1692747,1692849,16
svn commit: r1733942 - in /tomcat/tc7.0.x/trunk: ./ java/org/apache/catalina/realm/JNDIRealm.java webapps/docs/changelog.xml
Author: markt Date: Mon Mar 7 16:29:52 2016 New Revision: 1733942 URL: http://svn.apache.org/viewvc?rev=1733942&view=rev Log: Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=59123 Close NamingEnumeration objects used by the JNDIRealm once they are no longer required. Modified: tomcat/tc7.0.x/trunk/ (props changed) tomcat/tc7.0.x/trunk/java/org/apache/catalina/realm/JNDIRealm.java tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml Propchange: tomcat/tc7.0.x/trunk/ -- --- svn:mergeinfo (original) +++ svn:mergeinfo Mon Mar 7 16:29:52 2016 @@ -1,2 +1,2 @@ -/tomcat/tc8.0.x/trunk:1636525,1637336,1637685,1637709,1638726,1640089,1640276,1640349,1640363,1640366,1640642,1640672,1640674,1640689,1640884,1641001,1641065,1641067,1641375,1641638,1641723,1641726,1641729-1641730,1641736,1641988,1642669-1642670,1642698,1642701,1643205,1643215,1643217,1643230,1643232,1643273,1643285,1643329-1643330,1643511,1643513,1643521,1643539,1643571,1643581-1643582,1643635,1643655,1643738,1643964,1644018,1644333,1644954,1644992,1645014,1645360,1645456,1645627,1645642,1645686,1645903-1645904,1645908-1645909,1645913,1645920,1646458,1646460-1646462,1646735,1646738-1646741,1646744,1646746,1646748-1646755,1646757,1646759-1646760,1647043,1648816,1651420-1651422,1651844,1652926,1652939-1652940,1652973,1653798,1653817,1653841,1654042,1654161,1654736,1654767,1654787,1656592,1659907,1662986,1663265,1663278,1663325,1663535,1663567,1663679,1663997,1664175,1664321,1664872,1665061,1665086,1666027,1666395,1666503,1666506,1666560,1666570,1666581,1666759,1666967,1666988,1667553 -1667555,1667558,1667617,1667633,1667637,1667747,1667767,1667873,1668028,1668137,1668634,1669432,1669801,1669840,1669895-1669896,1670398,1670435,1670592,1670605-1670607,1670609,1670632,1670720,1670725,1670727,1670731,1671114,1672273,1672285,1673759,1674220,1674295,1675469,1675488,1675595,1675831,1676232,1676367-1676369,1676382,1676394,1676483,1676556,1676635,1678178,1679536,1679988,1680256,1681124,1681182,1681730,1681840,1681864,1681869,1682010,1682034,1682047,1682052-1682053,1682062,1682064,1682070,1682312,1682325,1682331,1682386,1684367,1684385,1685759,1685774,1685827,1685892,1687341,1688904,1689358,1689657,1689921,1692850,1693093,1693108,1693324,1694060,1694115,1694291,1694427,1694431,1694503,1694549,1694789,1694873,1694881,1695356,1695372,1695823-1695825,1696200,1696281,1696379,1696468,1700608,1700871,1700897,1700978,1701094,1701124,1701608,1701668,1701676,1701766,1701944,1702248,1702252,1702314,1702390,1702723,1702725,1702728,1702730,1702733,1702735,1702737,1702739,1702742,1702 744,1702748,1702751,1702754,1702758,1702760,1702763,1702766,1708779,1708782,1708806,1709314,1709670,1710347,1710442,1710448,1710490,1710574,1710578,1712226,1712229,1712235,1712255,1712618,1712649,1712655,1712860,1712899,1712903,1712906,1712913,1712926,1712975,1713185,1713262,1713287,1713613,1713621,1713872,1713976,1713994,1713998,1714004,1714013,1714059,1714538,1714580,1715189,1715207,1715544,1715549,1715637,1715639-1715645,1715667,1715683,1715978,1715981,1716216-1716217,1716355,1716414,1716421,1717208-1717209,1717257,1717283,1717288,1717291,1717421,1717517,1717529,1718797,1718840-1718843,1719348,1719357-1719358,1719400,1719491,1719737,1720235,1720396,1720442,1720446,1720450,1720463,1720658-1720660,1720756,1720816,1721813,1721818,1721831,1721861,1721867,1721882,1722523,1722527,1722800,1722926,1722941,1722997,1723130,1723440,1723488,1723890,1724434,1724674,1724792,1724803,1724902,1725128,1725131,1725154,1725167,1725911,1725921,1725929,1725963-1725965,1725970,1725974,1726171-1726173,1 726175,1726179-1726182,1726190-1726191,1726195-1726200,1726203,1726226,1726576,1726630,1726992,1727029,1727037,1727671,1727676,1727900,1728028,1728092,1728439,1728449,1729186,1729362,1731009,1731303,1731867,1731872,1731874,1731876,1731885,1731947,1731955,1731959,1731977,1731984,1732360,1732490,1732672,1732902,1733166,1733603,1733619,1733735,1733752,1733764,1733915 -/tomcat/trunk:1156115-1157160,1157162-1157859,1157862-1157942,1157945-1160347,1160349-1163716,1163718-1166689,1166691-1174340,1174342-1175596,1175598-1175611,1175613-1175932,1175934-1177783,1177785-1177980,1178006-1180720,1180722-1183094,1183096-1187753,1187755,1187775,1187801,1187806,1187809,1187826-1188312,1188314-1188401,1188646-1188840,1188842-1190176,1190178-1195223,1195225-1195953,1195955,1195957-1201238,1201240-1203345,1203347-1206623,1206625-1208046,1208073,1208096,1208114,1208145,1208772,1209194-1212125,1212127-1220291,1220293,1220295-1221321,1221323-1222329,1222332-1222401,1222405-1222795,1222850-1222950,1222969-1225326,1225328-1225463,1225465,1225627,1225629-1226534,1226536-1228908,1228911-1228923,1228927-1229532,1229534-1230766,1230768-1231625,1231627-1233414,1233419-1235207,1235209-1237425,1237427,1237429-1237977,1237981,1237985,1237995,1238070,1238073,1239024-1239048,1239050-1239062,1239135,1239256,1239258-1239485,1239785-1240046,1240101,1240106,12
svn commit: r1733943 - in /tomcat/tc6.0.x/trunk: ./ java/org/apache/catalina/realm/JNDIRealm.java webapps/docs/changelog.xml
Author: markt Date: Mon Mar 7 16:35:51 2016 New Revision: 1733943 URL: http://svn.apache.org/viewvc?rev=1733943&view=rev Log: Close NamingEnumeration objects used by the JNDIRealm once they are no longer required. Modified: tomcat/tc6.0.x/trunk/ (props changed) tomcat/tc6.0.x/trunk/java/org/apache/catalina/realm/JNDIRealm.java tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml Propchange: tomcat/tc6.0.x/trunk/ -- --- svn:mergeinfo (original) +++ svn:mergeinfo Mon Mar 7 16:35:51 2016 @@ -1,3 +1,3 @@ -/tomcat/tc7.0.x/trunk:1190476,1224802,1243045,1298635,1304471,1311997,1312007,1331772,1333164,1333176,1348992,1354866,1371298,1371302,1371620,1402110,1409014,1413553,1413557,1413563,1430083,1438415,1446641-1446660,1447013,1453106,1453119,1484919,1486877,1500065,1503852,1505844,1513151,1521040,1526470,1536524,1539176-1539177,1544469,1544473,1552805,1558894,1558917,1561368,1561382,1561386,1561552,1561561,1561636,1561641,1561643,1561737,1562748,1564317,1568922,1570163,1577328,1577464-1577465,1578814,1586659,1586897,1586960,1588199,1588997,1589740,1589851,1589997,1590019,1590028,1590337,1590492,1590651,1590838,1590845,1590848,1590912,1593262,1593288,1593371,1593835,1594230,1595174,1595366,1600956,1601333,1601856,1601909,1609079,1609606,1617364,1617374,1617433,1617457-1617458,1624249,1626579,1627420,1627469,1632586,1637686,1637711,1640675,1642045,1643515,1643540,1643572,1643585-1643586,1643642,1643647,1644019,1648817,1656301,1658815,1659523,1659564,1664001,1664176,1665087,1666968,1666989 ,1668541,1668635,1669802,1676557,1681183,1681841,1681865,1681867,1685829,1693109,1694293,1694433,1694875,1696381,1701945,1710353,1712656,1713873,1714000,1714005,1714540,1715213,1716221,1716417,1717107,1717210,1717212,1720236,1720398,1720443,1720464,1721814,1721883,1722645,1722801,1723151,1724435,1724553,1724675,1724797,1724806,1725931,1726631,1726808,1726813,1726815,1726817,1726819,1726917,1726919,1726922-1726924,1727031,1727034,1727043,1727158,1727672,1727903,1728450,1729363,1731010,1731119,1731956,1731978,1732362,1732674-1732675 -/tomcat/tc8.0.x/trunk:1637685,1637709,1640674,1641726,1641729-1641730,1643513,1643539,1643571,1643581-1643582,1644018,1648816,1656300,1658801-1658803,1658811,1659522,1663997,1664175,1665086,1666967,1666988,1668634,1669801,1676556,1681182,1681840,1681864,1685827,1689921,1693108,1694291,1694427,1694873,1696379,1701944,1710347,1712618,1712655,1713872,1713998,1714004,1714538,1715207,1716216-1716217,1716414,1717208-1717209,1720235,1720396,1720442,1720463,1721813,1721882,1722800,1723130,1724434,1724674,1724792,1724803,1725929,1725963-1725965,1725970,1725974,1726172,1726175,1726179-1726182,1726195-1726198,1726200,1726203,1726226,1726576,1726630,1727029,1727037,1727671,1727900,1728449,1729362,1731009,1731955,1731977,1732360,1732672 -/tomcat/trunk:601180,606992,612607,630314,640888,652744,653247,656018,666232,673796,673820,677910,683969,683982,684001,684081,684234,684269-684270,685177,687503,687645,689402,690781,691392,691805,692748,693378,694992,695053,695311,696780,696782,698012,698227,698236,698613,699427,699634,701355,709294,709811,709816,710063,710066,710125,710205,711126,711600,712461,712467,713953,714002,718360,719119,719124,719602,719626,719628,720046,720069,721040,721286,721708,721886,723404,723738,726052,727303,728032,728768,728947,729057,729567,729569,729571,729681,729809,729815,729934,730250,730590,731651,732859,732863,734734,740675,740684,742677,742697,742714,744160,744238,746321,746384,746425,747834,747863,748344,750258,750291,750921,751286-751287,751289,751295,752323,753039,757335,757774,758249,758365,758596,758616,758664,759074,761601,762868,762929,762936-762937,763166,763183,763193,763228,763262,763298,763302,763325,763599,763611,763654,763681,763706,764985,764997,765662,768335,769979,770716,770 809,770876,772872,776921,776924,776935,776945,777464,777466,777576,777625,778379,778523-778524,781528,781779,782145,782791,783316,783696,783724,783756,783762,783766,783863,783934,784453,784602,784614,785381,785688,785768,785859,786468,786487,786490,786496,786667,787627,787770,787985,789389,790405,791041,791184,791194,791224,791243,791326,791328,791789,792740,793372,793757,793882,793981,794082,794673,794822,795043,795152,795210,795457,795466,797168,797425,797596,797607,802727,802940,804462,804544,804734,805153,809131,809603,810916,810977,812125,812137,812432,813001,813013,813866,814180,814708,814876,815972,816252,817442,817822,819339,819361,820110,820132,820874,820954,821397,828196,828201,828210,828225,828759,830378-830379,830999,831106,831774,831785,831828,831850,831860,832214,832218,833121,833545,834047,835036,835336,836405,881396,881412,883130,883134,883146,883165,883177,883362,883565,884341,885038,885231,885241,885260,885901,885991,886019,888072,889363,889606,889716,890139,890265 ,890349-890350,890417,891185-891187,891583,892198,892341,892415,892464,892555,892812,892814,892817,892843,892887,893321,893493,8
svn commit: r1733944 - /tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml
Author: markt Date: Mon Mar 7 16:36:16 2016 New Revision: 1733944 URL: http://svn.apache.org/viewvc?rev=1733944&view=rev Log: Correct changelog Modified: tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml Modified: tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml?rev=1733944&r1=1733943&r2=1733944&view=diff == --- tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml (original) +++ tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml Mon Mar 7 16:36:16 2016 @@ -52,7 +52,7 @@ Manager.setMaxInactiveInterval() method. (markt) -Correct a regression introduced in 7.0.68 where the deprecated +Correct a regression introduced in 6.0.45 where the deprecated Manager.getMaxInactiveInterval() method returned the current default session timeout in minutes rather than seconds. (markt) - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 59123] The JNDIRealm does not close the NamingEnumeration
https://bz.apache.org/bugzilla/show_bug.cgi?id=59123 Mark Thomas changed: What|Removed |Added Resolution|--- |FIXED Status|NEW |RESOLVED --- Comment #2 from Mark Thomas --- Thanks for the report. I've applied Felix's patch to 9.0.x (for 9.0.0.M4 onwards), 8.0.x (for 8.0.33 onwards) and 7.0.x (for 7.0.69 onwards). It has also been back-ported to 6.0.x for 6.0.46 onwards. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: Tomcat Configuration Hardening
On 05/03/2016 18:36, Mark Thomas wrote: > On 05/03/2016 17:08, Christopher Schultz wrote: > >>> First of all we could add the remote address valve and limit access to >>> localhost by default. That will limit some remote attacks but possibly >>> not all depending on reverse proxy configurations >> >> I was thinking about this as well. It would definitely make a stock >> Tomcat more secure. >> >>> I'd also be in favour of hard-coding a check into the MemoryRealm and >>> the MemoryUserDatabase that rejects [1] any of those three users if they >>> have the default password and anything other than the roles defined in >>> the comments. >> >> Why not ignore the roles and just refuse to use "tomcat" as passwords? >> Then, of course, we'll have millions of servers running with "tomcat1" >> as the password. :( > > Indeed. Having thought about this some more, I'm going off this idea. > > I still quite like my original idea which was: > "Fire the idiot that did this." > >> If we completely remove the "password" attribute, I believe the code >> will currently reject all logins. That would force admins to make-up >> their own, since there would be no default. > > That is my reading of the code as well but we should double check that > is what actually happens. I started to work on this. If we remove the password attribute entirely we'll need to add something to the file that explains how to add it back. That probably needs an example which brings us right back to the copy/paste problem. I think I have a better idea. If we change it to something that will break if simply uncommented then that solves the problem without making it too much harder for inexperienced users. Something like: password="" Now they could just edit this to remove '<' and '>' but at that point they really do deserve to be fired. The comments above could also make clear that the passwords need to be set if that block is uncommented. WDYT? Mark - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 59125] Client disconnect causes java.lang.IllegalStateException when using WriteListener
https://bz.apache.org/bugzilla/show_bug.cgi?id=59125 Mark Thomas changed: What|Removed |Added Attachment #33626|text/x-java |text/plain mime type|| Attachment #33626|0 |1 is patch|| --- Comment #1 from Mark Thomas --- Comment on attachment 33626 --> https://bz.apache.org/bugzilla/attachment.cgi?id=33626 Servlet using WriteListener and CompletionStage Make the patch accessible in the BZ UI -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 59125] Client disconnect causes java.lang.IllegalStateException when using WriteListener
https://bz.apache.org/bugzilla/show_bug.cgi?id=59125 Mark Thomas changed: What|Removed |Added Attachment #33626|1 |0 is patch|| --- Comment #2 from Mark Thomas --- Comment on attachment 33626 --> https://bz.apache.org/bugzilla/attachment.cgi?id=33626 Servlet using WriteListener and CompletionStage Whoops. Test case, not patch. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 57130] Allow digest.sh to accept password from a file or from stdin
https://bz.apache.org/bugzilla/show_bug.cgi?id=57130 --- Comment #4 from Coty Sutherland --- Hmm, lack of experience in the area I suppose...I thought I did a pretty literal implementation of the requirements from the description (specifically the first point). I could rewrite it if you would like me to if you can elaborate on where my misunderstanding was. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 59134] Secure websocket connection through a proxy is not ok
https://bz.apache.org/bugzilla/show_bug.cgi?id=59134 Christopher Schultz changed: What|Removed |Added OS||All Resolution|--- |INVALID Status|NEW |RESOLVED --- Comment #1 from Christopher Schultz --- Sounds like your (reverse?) proxy is switching from HTTPS top HTTP internally. Bugzilla is not a support forum. Please post a message to the users list with questions, and only reopen this issue if there is a bug discovered in Tomcat. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 59125] Client disconnect causes java.lang.IllegalStateException when using WriteListener
https://bz.apache.org/bugzilla/show_bug.cgi?id=59125 Mark Thomas changed: What|Removed |Added Status|NEW |RESOLVED Resolution|--- |INVALID OS||All --- Comment #3 from Mark Thomas --- The Servlet spec requires Tomcat (or the application) to call AsyncContext.complete() during the error handling. In the provided sample code, AsyncContext.complete() is always called even after an error. For correct operation it needs to only call complete when called via complete() but not when called via completeExceptionally() -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 59134] Secure websocket connection through a proxy is not ok
https://bz.apache.org/bugzilla/show_bug.cgi?id=59134 Mark Thomas changed: What|Removed |Added Resolution|INVALID |--- Status|RESOLVED|REOPENED --- Comment #2 from Mark Thomas --- The original report looks valid. secure is never set when using a proxy -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 59138] New: checkThreadLocalMapForLeaks has false positives
https://bz.apache.org/bugzilla/show_bug.cgi?id=59138 Bug ID: 59138 Summary: checkThreadLocalMapForLeaks has false positives Product: Tomcat 7 Version: unspecified Hardware: PC Status: NEW Severity: normal Priority: P2 Component: Catalina Assignee: dev@tomcat.apache.org Reporter: bjk...@gmail.com ThreadLocal$ThreadLocalMap weakly references keys but strongly references values. However, it appears the checkThreadLocalMapForLeaks checking reports false positives if the key is a ThreadLocal subclass (e.g., anonymous class) but the value does not strongly reference the class loader (e.g., Integer, int[], List, etc.). Example output: 07-Mar-2016 11:27:08.258 SEVERE [localhost-startStop-2] org.apache.catalina.loader.WebappClassLoaderBase.checkThreadLocalMapForLeaks The web application [servlettest-0.1] created a ThreadLocal with key of type [servlettest.TestServlet$1] (value [servlettest.TestServlet$1@40d92399]) and a value of type [java.lang.Integer] (value [1]) but failed to remove it when the web application was stopped. Threads are going to be renewed over time to try and avoid a probable memory leak. For large web applications with many such false positives, this output makes tracking down (or even noticing new) real issues more difficult. Third party libraries refuse to adjust their use of ThreadLocal because they believe (IMO rightly) their code is not causing leaks. I have read bug 50175 comment 6, but given that the current heuristic has false positives, can some compromise be reached? Perhaps some configuration for stifling the warning on a per key class name basis could be added? It would even be acceptable for us if that configuration hid the per-instance message but issued a single overall "suppressing N ThreadLocal warnings based on config" info/warning message. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: Tomcat Configuration Hardening
2016-03-07 17:52 GMT+01:00 Mark Thomas : > On 05/03/2016 18:36, Mark Thomas wrote: > > On 05/03/2016 17:08, Christopher Schultz wrote: > > > >>> First of all we could add the remote address valve and limit access to > >>> localhost by default. That will limit some remote attacks but possibly > >>> not all depending on reverse proxy configurations > >> > >> I was thinking about this as well. It would definitely make a stock > >> Tomcat more secure. > >> > >>> I'd also be in favour of hard-coding a check into the MemoryRealm and > >>> the MemoryUserDatabase that rejects [1] any of those three users if > they > >>> have the default password and anything other than the roles defined in > >>> the comments. > >> > >> Why not ignore the roles and just refuse to use "tomcat" as passwords? > >> Then, of course, we'll have millions of servers running with "tomcat1" > >> as the password. :( > > > > Indeed. Having thought about this some more, I'm going off this idea. > > > > I still quite like my original idea which was: > > "Fire the idiot that did this." > > > >> If we completely remove the "password" attribute, I believe the code > >> will currently reject all logins. That would force admins to make-up > >> their own, since there would be no default. > > > > That is my reading of the code as well but we should double check that > > is what actually happens. > > I started to work on this. If we remove the password attribute entirely > we'll need to add something to the file that explains how to add it > back. That probably needs an example which brings us right back to the > copy/paste problem. > > I think I have a better idea. If we change it to something that will > break if simply uncommented then that solves the problem without making > it too much harder for inexperienced users. Something like: > > password="" > > Now they could just edit this to remove '<' and '>' but at that point > they really do deserve to be fired. > Great trick actually. > > The comments above could also make clear that the passwords need to be > set if that block is uncommented. > > WDYT? > > Rémy
svn commit: r1733963 - in /tomcat/trunk: java/org/apache/tomcat/websocket/WsWebSocketContainer.java webapps/docs/changelog.xml
Author: markt Date: Mon Mar 7 19:41:36 2016 New Revision: 1733963 URL: http://svn.apache.org/viewvc?rev=1733963&view=rev Log: Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=59134 Correct client connect logic for secure connections made through a proxy. Modified: tomcat/trunk/java/org/apache/tomcat/websocket/WsWebSocketContainer.java tomcat/trunk/webapps/docs/changelog.xml Modified: tomcat/trunk/java/org/apache/tomcat/websocket/WsWebSocketContainer.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/websocket/WsWebSocketContainer.java?rev=1733963&r1=1733962&r2=1733963&view=diff == --- tomcat/trunk/java/org/apache/tomcat/websocket/WsWebSocketContainer.java (original) +++ tomcat/trunk/java/org/apache/tomcat/websocket/WsWebSocketContainer.java Mon Mar 7 19:41:36 2016 @@ -202,6 +202,7 @@ public class WsWebSocketContainer implem proxyPath = URI.create("http" + path.toString().substring(2)); } else if ("wss".equalsIgnoreCase(scheme)) { proxyPath = URI.create("https" + path.toString().substring(3)); +secure = true; } else { throw new DeploymentException(sm.getString( "wsWebSocketContainer.pathWrongScheme", scheme)); @@ -243,12 +244,8 @@ public class WsWebSocketContainer implem } else { // Must be wss due to scheme validation above sa = new InetSocketAddress(host, 443); -secure = true; } } else { -if ("wss".equalsIgnoreCase(scheme)) { -secure = true; -} sa = new InetSocketAddress(host, port); } } else { Modified: tomcat/trunk/webapps/docs/changelog.xml URL: http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1733963&r1=1733962&r2=1733963&view=diff == --- tomcat/trunk/webapps/docs/changelog.xml (original) +++ tomcat/trunk/webapps/docs/changelog.xml Mon Mar 7 19:41:36 2016 @@ -216,6 +216,10 @@ 59119: Correct read logic for WebSocket client when using secure connections. (markt) + +59134: Correct client connect logic for secure connections +made through a proxy. (markt) + - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1733964 - in /tomcat/tc8.0.x/trunk: ./ java/org/apache/tomcat/websocket/WsWebSocketContainer.java webapps/docs/changelog.xml
Author: markt Date: Mon Mar 7 19:42:18 2016 New Revision: 1733964 URL: http://svn.apache.org/viewvc?rev=1733964&view=rev Log: Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=59134 Correct client connect logic for secure connections made through a proxy. Modified: tomcat/tc8.0.x/trunk/ (props changed) tomcat/tc8.0.x/trunk/java/org/apache/tomcat/websocket/WsWebSocketContainer.java tomcat/tc8.0.x/trunk/webapps/docs/changelog.xml Propchange: tomcat/tc8.0.x/trunk/ -- --- svn:mergeinfo (original) +++ svn:mergeinfo Mon Mar 7 19:42:18 2016 @@ -1 +1 @@ -/tomcat/trunk:1636524,1637156,1637176,1637188,1637331,1637684,1637695,1637890,1637892,1638720-1638725,1639653,1640010,1640083-1640084,1640088,1640275,1640322,1640347,1640361,1640365,1640403,1640410,1640652,1640655-1640658,1640688,1640700-1640883,1640903,1640976,1640978,1641000,1641026,1641038-1641039,1641051-1641052,1641058,1641064,1641300,1641369,1641374,1641380,1641486,1641634,1641656-1641692,1641704,1641707-1641718,1641720-1641722,1641735,1641981,1642233,1642280,1642554,1642564,1642595,1642606,1642668,1642679,1642697,1642699,1642766,1643002,1643045,1643054-1643055,1643066,1643121,1643128,1643206,1643209-1643210,1643216,1643249,1643270,1643283,1643309-1643310,1643323,1643365-1643366,1643370-1643371,1643465,1643474,1643536,1643570,1643634,1643649,1643651,1643654,1643675,1643731,1643733-1643734,1643761,1643766,1643814,1643937,1643963,1644017,1644169,1644201-1644203,1644321,1644323,1644516,1644523,1644529,1644535,1644730,1644768,1644784-1644785,1644790,1644793,1644815,1644884,1644886 ,1644890,1644892,1644910,1644924,1644929-1644930,1644935,1644989,1645011,1645247,1645355,1645357-1645358,1645455,1645465,1645469,1645471,1645473,1645475,1645486-1645488,1645626,1645641,1645685,1645743,1645763,1645951-1645953,1645955,1645993,1646098-1646106,1646178,1646220,1646302,1646304,1646420,1646470-1646471,1646476,1646559,1646717-1646723,1646773,1647026,1647042,1647530,1647655,1648304,1648815,1648907,1649973,1650081,1650365,1651116,1651120,1651280,1651470,1652938,1652970,1653041,1653471,1653550,1653574,1653797,1653815-1653816,1653819,1653840,1653857,1653888,1653972,1654013,1654030,1654050,1654123,1654148,1654159,1654513,1654515,1654517,1654522,1654524,1654725,1654735,1654766,1654785,1654851-1654852,1654978,1655122-1655124,1655126-1655127,1655129-1655130,1655132-1655133,1655312,1655351,1655438,1655441,1655454,168,1656087,1656299,1656319,1656331,1656345,1656350,1656590,1656648-1656650,1656657,1657041,1657054,1657374,1657492,1657510,1657565,1657580,1657584,1657586,1657589,1657 592,1657607,1657609,1657682,1657907,1658207,1658734,1658781,1658790,1658799,1658802,1658804,1658833,1658840,1658966,1659043,1659053,1659059,1659174,1659184,1659188-1659189,1659216,1659263,1659293,1659304,1659306-1659307,1659382,1659384,1659428,1659471,1659486,1659505,1659516,1659521,1659524,1659559,1659562,1659803,1659806,1659814,1659833,1659862,1659905,1659919,1659948,1659967,1659983-1659984,1660060,1660074,1660077,1660133,1660168,1660331-1660332,1660353,1660358,1660924,1661386,1661770,1661867,1661972,1661990,1662200,1662308-1662309,1662548,1662614,1662696,1662736,1662985,1662988-1662989,1663264,1663277,1663298,1663534,1663562,1663676,1663715,1663754,1663768,1663772,1663781,1663893,1663995,1664143,1664163,1664174,1664301,1664317,1664347,1664657,1664659,1664710,1664863-1664864,1664866,1665085,1665292,1665559,1665653,1665661,1665672,1665694,1665697,1665736,1665779,1665976-1665977,1665980-1665981,1665985-1665986,1665989,1665998,1666004,1666008,1666013,1666017,1666024,1666116,1666386-1 666387,1666494,1666496,1666552,1666569,1666579,137,149,1666757,1666966,1666972,1666985,1666995,1666997,1667292,1667402,1667406,1667546,1667615,1667630,1667636,1667688,1667764,1667871,1668026,1668135,1668193,1668593,1668596,1668630,1668639,1668843,1669353,1669370,1669451,1669800,1669838,1669876,1669882,1670394,1670433,1670591,1670598-1670600,1670610,1670631,1670719,1670724,1670726,1670730,1670940,1671112,1672272,1672284,1673754,1674294,1675461,1675486,1675594,1675830,1676231,1676250-1676251,1676364,1676381,1676393,1676479,1676525,1676552,1676615,1676630,1676634,1676721,1676926,1676943,1677140,1677802,1678011,1678162,1678174,1678339,1678426-1678427,1678694,1678701,1679534,1679708,1679710,1679716,1680034,1680246,1681056,1681123,1681138,1681280,1681283,1681286,1681450,1681697,1681699,1681701,1681729,1681770,1681779,1681793,1681807,1681837-1681838,1681854,1681862,1681958,1682028,1682033,1682311,1682315,1682317,1682320,1682324,1682330,1682842,1684172,1684366,1684383,1684526-168452 7,1684549-1684550,1685556,1685591,1685739,1685744,1685772,1685816,1685826,1685891,1687242,1687261,1687268,1687340,1687551,1688563,1688841,1688878,165,1688896,1688901,1689345-1689346,1689357,1689656,1689675-1689677,1689679,1689687,1689825,1689856,1689918,1690011,1690021,1690054,1690080,1690209,1691134,1691487,1691813,1692744-1692747,1692849,169
[Bug 59134] Secure websocket connection through a proxy is not ok
https://bz.apache.org/bugzilla/show_bug.cgi?id=59134 Mark Thomas changed: What|Removed |Added Status|REOPENED|RESOLVED Resolution|--- |FIXED -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1733965 - in /tomcat/tc7.0.x/trunk: ./ java/org/apache/tomcat/websocket/WsWebSocketContainer.java webapps/docs/changelog.xml
Author: markt Date: Mon Mar 7 19:42:49 2016 New Revision: 1733965 URL: http://svn.apache.org/viewvc?rev=1733965&view=rev Log: Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=59134 Correct client connect logic for secure connections made through a proxy. Modified: tomcat/tc7.0.x/trunk/ (props changed) tomcat/tc7.0.x/trunk/java/org/apache/tomcat/websocket/WsWebSocketContainer.java tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml Propchange: tomcat/tc7.0.x/trunk/ -- --- svn:mergeinfo (original) +++ svn:mergeinfo Mon Mar 7 19:42:49 2016 @@ -1,2 +1,2 @@ -/tomcat/tc8.0.x/trunk:1636525,1637336,1637685,1637709,1638726,1640089,1640276,1640349,1640363,1640366,1640642,1640672,1640674,1640689,1640884,1641001,1641065,1641067,1641375,1641638,1641723,1641726,1641729-1641730,1641736,1641988,1642669-1642670,1642698,1642701,1643205,1643215,1643217,1643230,1643232,1643273,1643285,1643329-1643330,1643511,1643513,1643521,1643539,1643571,1643581-1643582,1643635,1643655,1643738,1643964,1644018,1644333,1644954,1644992,1645014,1645360,1645456,1645627,1645642,1645686,1645903-1645904,1645908-1645909,1645913,1645920,1646458,1646460-1646462,1646735,1646738-1646741,1646744,1646746,1646748-1646755,1646757,1646759-1646760,1647043,1648816,1651420-1651422,1651844,1652926,1652939-1652940,1652973,1653798,1653817,1653841,1654042,1654161,1654736,1654767,1654787,1656592,1659907,1662986,1663265,1663278,1663325,1663535,1663567,1663679,1663997,1664175,1664321,1664872,1665061,1665086,1666027,1666395,1666503,1666506,1666560,1666570,1666581,1666759,1666967,1666988,1667553 -1667555,1667558,1667617,1667633,1667637,1667747,1667767,1667873,1668028,1668137,1668634,1669432,1669801,1669840,1669895-1669896,1670398,1670435,1670592,1670605-1670607,1670609,1670632,1670720,1670725,1670727,1670731,1671114,1672273,1672285,1673759,1674220,1674295,1675469,1675488,1675595,1675831,1676232,1676367-1676369,1676382,1676394,1676483,1676556,1676635,1678178,1679536,1679988,1680256,1681124,1681182,1681730,1681840,1681864,1681869,1682010,1682034,1682047,1682052-1682053,1682062,1682064,1682070,1682312,1682325,1682331,1682386,1684367,1684385,1685759,1685774,1685827,1685892,1687341,1688904,1689358,1689657,1689921,1692850,1693093,1693108,1693324,1694060,1694115,1694291,1694427,1694431,1694503,1694549,1694789,1694873,1694881,1695356,1695372,1695823-1695825,1696200,1696281,1696379,1696468,1700608,1700871,1700897,1700978,1701094,1701124,1701608,1701668,1701676,1701766,1701944,1702248,1702252,1702314,1702390,1702723,1702725,1702728,1702730,1702733,1702735,1702737,1702739,1702742,1702 744,1702748,1702751,1702754,1702758,1702760,1702763,1702766,1708779,1708782,1708806,1709314,1709670,1710347,1710442,1710448,1710490,1710574,1710578,1712226,1712229,1712235,1712255,1712618,1712649,1712655,1712860,1712899,1712903,1712906,1712913,1712926,1712975,1713185,1713262,1713287,1713613,1713621,1713872,1713976,1713994,1713998,1714004,1714013,1714059,1714538,1714580,1715189,1715207,1715544,1715549,1715637,1715639-1715645,1715667,1715683,1715978,1715981,1716216-1716217,1716355,1716414,1716421,1717208-1717209,1717257,1717283,1717288,1717291,1717421,1717517,1717529,1718797,1718840-1718843,1719348,1719357-1719358,1719400,1719491,1719737,1720235,1720396,1720442,1720446,1720450,1720463,1720658-1720660,1720756,1720816,1721813,1721818,1721831,1721861,1721867,1721882,1722523,1722527,1722800,1722926,1722941,1722997,1723130,1723440,1723488,1723890,1724434,1724674,1724792,1724803,1724902,1725128,1725131,1725154,1725167,1725911,1725921,1725929,1725963-1725965,1725970,1725974,1726171-1726173,1 726175,1726179-1726182,1726190-1726191,1726195-1726200,1726203,1726226,1726576,1726630,1726992,1727029,1727037,1727671,1727676,1727900,1728028,1728092,1728439,1728449,1729186,1729362,1731009,1731303,1731867,1731872,1731874,1731876,1731885,1731947,1731955,1731959,1731977,1731984,1732360,1732490,1732672,1732902,1733166,1733603,1733619,1733735,1733752,1733764,1733915,1733941 -/tomcat/trunk:1156115-1157160,1157162-1157859,1157862-1157942,1157945-1160347,1160349-1163716,1163718-1166689,1166691-1174340,1174342-1175596,1175598-1175611,1175613-1175932,1175934-1177783,1177785-1177980,1178006-1180720,1180722-1183094,1183096-1187753,1187755,1187775,1187801,1187806,1187809,1187826-1188312,1188314-1188401,1188646-1188840,1188842-1190176,1190178-1195223,1195225-1195953,1195955,1195957-1201238,1201240-1203345,1203347-1206623,1206625-1208046,1208073,1208096,1208114,1208145,1208772,1209194-1212125,1212127-1220291,1220293,1220295-1221321,1221323-1222329,1222332-1222401,1222405-1222795,1222850-1222950,1222969-1225326,1225328-1225463,1225465,1225627,1225629-1226534,1226536-1228908,1228911-1228923,1228927-1229532,1229534-1230766,1230768-1231625,1231627-1233414,1233419-1235207,1235209-1237425,1237427,1237429-1237977,1237981,1237985,1237995,1238070,1238073,1239024-1239048,1239050-1239062,1239135,1239256,1239258-1239485,1239785-1240046,1240101,124
[Bug 59134] Secure websocket connection through a proxy is not ok
https://bz.apache.org/bugzilla/show_bug.cgi?id=59134 --- Comment #3 from Mark Thomas --- Thanks for the report. This has been fixed in 9.0.x for 9.0.0.M4 onwards, 8.0.x for 8.0.33 onwards and 7.0.x for 7.0.69 onwards. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
buildbot exception in on tomcat-8-trunk
The Buildbot has detected a build exception on builder tomcat-8-trunk while building . Full details are available at: https://ci.apache.org/builders/tomcat-8-trunk/builds/493 Buildbot URL: https://ci.apache.org/ Buildslave for this Build: silvanus_ubuntu Build Reason: The AnyBranchScheduler scheduler named 'on-tomcat-8-commit' triggered this build Build Source Stamp: [branch tomcat/tc8.0.x/trunk] 1733964 Blamelist: markt BUILD FAILED: exception upload_2 Sincerely, -The Buildbot - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1733968 - /tomcat/trunk/java/org/apache/catalina/realm/JNDIRealm.java
Author: markt Date: Mon Mar 7 19:56:37 2016 New Revision: 1733968 URL: http://svn.apache.org/viewvc?rev=1733968&view=rev Log: ws police Modified: tomcat/trunk/java/org/apache/catalina/realm/JNDIRealm.java Modified: tomcat/trunk/java/org/apache/catalina/realm/JNDIRealm.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/realm/JNDIRealm.java?rev=1733968&r1=1733967&r2=1733968&view=diff == --- tomcat/trunk/java/org/apache/catalina/realm/JNDIRealm.java (original) +++ tomcat/trunk/java/org/apache/catalina/realm/JNDIRealm.java Mon Mar 7 19:56:37 2016 @@ -1697,10 +1697,10 @@ public class JNDIRealm extends RealmBase else return null; } - + // Get result for the first entry found SearchResult result = results.next(); - + // Check no further entries were found try { if (results.hasMore()) { @@ -1712,32 +1712,32 @@ public class JNDIRealm extends RealmBase if (!adCompat) throw ex; } - + String dn = getDistinguishedName(context, userBase, result); - + if (containerLog.isTraceEnabled()) containerLog.trace(" entry found for " + username + " with dn " + dn); - + // Get the entry's attributes Attributes attrs = result.getAttributes(); if (attrs == null) return null; - + // Retrieve value of userPassword String password = null; if (userPassword != null) password = getAttributeValue(userPassword, attrs); - + String userRoleAttrValue = null; if (userRoleAttribute != null) { userRoleAttrValue = getAttributeValue(userRoleAttribute, attrs); } - + // Retrieve values of userRoleName attribute ArrayList roles = null; if (userRoleName != null) roles = addAttributeValues(userRoleName, attrs, roles); - + return new User(username, dn, password, roles, userRoleAttrValue); } finally { if (results != null) { - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 58750] Provide way to disable Server header completely
https://bz.apache.org/bugzilla/show_bug.cgi?id=58750 Michael Osipov <1983-01...@gmx.net> changed: What|Removed |Added CC||1983-01...@gmx.net -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 59138] checkThreadLocalMapForLeaks has false positives
https://bz.apache.org/bugzilla/show_bug.cgi?id=59138 Mark Thomas changed: What|Removed |Added Status|NEW |RESOLVED OS||All Resolution|--- |INVALID --- Comment #1 from Mark Thomas --- The situation described is a memory leak. The problem is not the value but the anonymous class. It is loaded by the web application class loader. That pins the web application class loader in memory creating the memory leak. The Tomcat code has been carefully written to avoid false positives. Tomcat checks the implementing class of the key and the value and if either of them have been loaded by the web application class loader then there is a memory leak and it will be reported. The current code errs on the side of false negatives. It is possible to construct a memory leak that this code won't spot but, given how the code is written, a false positive could only occur as a result of a bug. There has been no such bug reported in the previous 5+ years that this code has been in place in this form (I could have gone back further but 5 years seem long enough to make my point). If you see a warning, it is extremely likely that you have a memory leak. If a 3rd-party library believes Tomcat is falsely reporting a false positive for a ThreadLocal that that library creates and it has been checked with a profiler that the implementing classes for both the key and the value have not been loaded by the web application class loader (or a child class loader) then I'll happily take a look and fix any bug. But experience tells me that it is far more likely that the library does have a memory leak. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 59138] checkThreadLocalMapForLeaks has false positives
https://bz.apache.org/bugzilla/show_bug.cgi?id=59138 --- Comment #2 from Mark Thomas --- And for the record while I was 99% sure just from reading the description what the problem was I did go to the trouble of building a simple test case and confirming the memory leak with a profiler. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 59139] undeployOldVersions sorts alphabetically though version numbers are normally numeric in part
https://bz.apache.org/bugzilla/show_bug.cgi?id=59139 Louis Burton changed: What|Removed |Added CC||louis.bur...@gmail.com -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 59139] New: undeployOldVersions sorts alphabetically though version numbers are normally numeric in part
https://bz.apache.org/bugzilla/show_bug.cgi?id=59139 Bug ID: 59139 Summary: undeployOldVersions sorts alphabetically though version numbers are normally numeric in part Product: Tomcat 8 Version: trunk Hardware: All OS: All Status: NEW Severity: normal Priority: P2 Component: Catalina Assignee: dev@tomcat.apache.org Reporter: louis.bur...@gmail.com The following function is supposed to identify old applications deployed using parallel deployment: org.apache.catalina.startup.HostConfig#checkUndeploy The application names are qualified with a '##' and a version identifier. This would often be expected to be numeric. However, comparison is done using a TreeSet: // Need ordered set of names SortedSet sortedAppNames = new TreeSet<>(); This will result in alphabet ordering. 'myApp##9' will be considered newer than 'myApp##10'. This does not seem sensible or intuitive to me. This can be worked around by ensuring zero padding or otherwise guaranteeing lexicographical ordering. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 59139] undeployOldVersions sorts alphabetically though version numbers are normally numeric in part
https://bz.apache.org/bugzilla/show_bug.cgi?id=59139 Mark Thomas changed: What|Removed |Added Status|NEW |RESOLVED Resolution|--- |INVALID --- Comment #1 from Mark Thomas --- This is working as designed. The documentation for parallel deployment makes clear that versions are ordered using Strign ordering and that zero padding should be used if using a purely numerical scheme. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[VOTE][RESULT] Release Apache Tomcat Native 1.2.5
The following votes were cast: Binding: +1: markt, rjung, violetagg No other votes were cast. This vote therefore passes. Thanks to everyone who tested and voted. I'll start the release now with a view to announcing tomorrow. Mark - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 59125] Client disconnect causes java.lang.IllegalStateException when using WriteListener
https://bz.apache.org/bugzilla/show_bug.cgi?id=59125 --- Comment #4 from Jes Wulfsberg Nielsen --- As in, "complete" is not a "release resources", and you don't need to do it in case of errors? That runs counter to all examples I've seen of async servlets, where the "complete" is specifically outside any try-catch around the read/write. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r12678 - /dev/tomcat/tomcat-connectors/native/1.2.5/ /release/tomcat/tomcat-connectors/native/1.2.5/
Author: markt Date: Mon Mar 7 20:48:37 2016 New Revision: 12678 Log: Release Tomcat Native 1.2.5 Added: release/tomcat/tomcat-connectors/native/1.2.5/ - copied from r12592, dev/tomcat/tomcat-connectors/native/1.2.5/ Removed: dev/tomcat/tomcat-connectors/native/1.2.5/ - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1733978 - in /tomcat/trunk: build.properties.default webapps/docs/changelog.xml
Author: markt Date: Mon Mar 7 20:51:19 2016 New Revision: 1733978 URL: http://svn.apache.org/viewvc?rev=1733978&view=rev Log: Update to Tomcat Native Library 1.2.5 Modified: tomcat/trunk/build.properties.default tomcat/trunk/webapps/docs/changelog.xml Modified: tomcat/trunk/build.properties.default URL: http://svn.apache.org/viewvc/tomcat/trunk/build.properties.default?rev=1733978&r1=1733977&r2=1733978&view=diff == --- tomcat/trunk/build.properties.default (original) +++ tomcat/trunk/build.properties.default Mon Mar 7 20:51:19 2016 @@ -154,7 +154,7 @@ jdt.loc.1=http://archive.eclipse.org/ecl jdt.loc.2=http://download.eclipse.org/eclipse/downloads/drops4/${jdt.release}/ecj-${jdt.version}.jar # - Tomcat native library - -tomcat-native.version=1.2.4 +tomcat-native.version=1.2.5 tomcat-native.home=${base.path}/tomcat-native-${tomcat-native.version} tomcat-native.tar.gz=${tomcat-native.home}/tomcat-native.tar.gz tomcat-native.loc.1=${base-tomcat.loc.1}/tomcat-connectors/native/${tomcat-native.version}/source/tomcat-native-${tomcat-native.version}-src.tar.gz Modified: tomcat/trunk/webapps/docs/changelog.xml URL: http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1733978&r1=1733977&r2=1733978&view=diff == --- tomcat/trunk/webapps/docs/changelog.xml (original) +++ tomcat/trunk/webapps/docs/changelog.xml Mon Mar 7 20:51:19 2016 @@ -253,6 +253,11 @@ contents of any directories that have been symlinked into the Tomcat directory structure. (markt) + +Update the packaged version of the Tomcat Native Library to 1.2.5 to +pick up the Windows binaries that are based on OpenSSL 1.0.2g and APR +1.5.1. (markt) + - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1733979 - in /tomcat/tc8.0.x/trunk: ./ build.properties.default webapps/docs/changelog.xml
Author: markt Date: Mon Mar 7 20:52:55 2016 New Revision: 1733979 URL: http://svn.apache.org/viewvc?rev=1733979&view=rev Log: Update to Tomcat Native Library 1.2.5 Modified: tomcat/tc8.0.x/trunk/ (props changed) tomcat/tc8.0.x/trunk/build.properties.default tomcat/tc8.0.x/trunk/webapps/docs/changelog.xml Propchange: tomcat/tc8.0.x/trunk/ -- --- svn:mergeinfo (original) +++ svn:mergeinfo Mon Mar 7 20:52:55 2016 @@ -1 +1 @@ -/tomcat/trunk:1636524,1637156,1637176,1637188,1637331,1637684,1637695,1637890,1637892,1638720-1638725,1639653,1640010,1640083-1640084,1640088,1640275,1640322,1640347,1640361,1640365,1640403,1640410,1640652,1640655-1640658,1640688,1640700-1640883,1640903,1640976,1640978,1641000,1641026,1641038-1641039,1641051-1641052,1641058,1641064,1641300,1641369,1641374,1641380,1641486,1641634,1641656-1641692,1641704,1641707-1641718,1641720-1641722,1641735,1641981,1642233,1642280,1642554,1642564,1642595,1642606,1642668,1642679,1642697,1642699,1642766,1643002,1643045,1643054-1643055,1643066,1643121,1643128,1643206,1643209-1643210,1643216,1643249,1643270,1643283,1643309-1643310,1643323,1643365-1643366,1643370-1643371,1643465,1643474,1643536,1643570,1643634,1643649,1643651,1643654,1643675,1643731,1643733-1643734,1643761,1643766,1643814,1643937,1643963,1644017,1644169,1644201-1644203,1644321,1644323,1644516,1644523,1644529,1644535,1644730,1644768,1644784-1644785,1644790,1644793,1644815,1644884,1644886 ,1644890,1644892,1644910,1644924,1644929-1644930,1644935,1644989,1645011,1645247,1645355,1645357-1645358,1645455,1645465,1645469,1645471,1645473,1645475,1645486-1645488,1645626,1645641,1645685,1645743,1645763,1645951-1645953,1645955,1645993,1646098-1646106,1646178,1646220,1646302,1646304,1646420,1646470-1646471,1646476,1646559,1646717-1646723,1646773,1647026,1647042,1647530,1647655,1648304,1648815,1648907,1649973,1650081,1650365,1651116,1651120,1651280,1651470,1652938,1652970,1653041,1653471,1653550,1653574,1653797,1653815-1653816,1653819,1653840,1653857,1653888,1653972,1654013,1654030,1654050,1654123,1654148,1654159,1654513,1654515,1654517,1654522,1654524,1654725,1654735,1654766,1654785,1654851-1654852,1654978,1655122-1655124,1655126-1655127,1655129-1655130,1655132-1655133,1655312,1655351,1655438,1655441,1655454,168,1656087,1656299,1656319,1656331,1656345,1656350,1656590,1656648-1656650,1656657,1657041,1657054,1657374,1657492,1657510,1657565,1657580,1657584,1657586,1657589,1657 592,1657607,1657609,1657682,1657907,1658207,1658734,1658781,1658790,1658799,1658802,1658804,1658833,1658840,1658966,1659043,1659053,1659059,1659174,1659184,1659188-1659189,1659216,1659263,1659293,1659304,1659306-1659307,1659382,1659384,1659428,1659471,1659486,1659505,1659516,1659521,1659524,1659559,1659562,1659803,1659806,1659814,1659833,1659862,1659905,1659919,1659948,1659967,1659983-1659984,1660060,1660074,1660077,1660133,1660168,1660331-1660332,1660353,1660358,1660924,1661386,1661770,1661867,1661972,1661990,1662200,1662308-1662309,1662548,1662614,1662696,1662736,1662985,1662988-1662989,1663264,1663277,1663298,1663534,1663562,1663676,1663715,1663754,1663768,1663772,1663781,1663893,1663995,1664143,1664163,1664174,1664301,1664317,1664347,1664657,1664659,1664710,1664863-1664864,1664866,1665085,1665292,1665559,1665653,1665661,1665672,1665694,1665697,1665736,1665779,1665976-1665977,1665980-1665981,1665985-1665986,1665989,1665998,1666004,1666008,1666013,1666017,1666024,1666116,1666386-1 666387,1666494,1666496,1666552,1666569,1666579,137,149,1666757,1666966,1666972,1666985,1666995,1666997,1667292,1667402,1667406,1667546,1667615,1667630,1667636,1667688,1667764,1667871,1668026,1668135,1668193,1668593,1668596,1668630,1668639,1668843,1669353,1669370,1669451,1669800,1669838,1669876,1669882,1670394,1670433,1670591,1670598-1670600,1670610,1670631,1670719,1670724,1670726,1670730,1670940,1671112,1672272,1672284,1673754,1674294,1675461,1675486,1675594,1675830,1676231,1676250-1676251,1676364,1676381,1676393,1676479,1676525,1676552,1676615,1676630,1676634,1676721,1676926,1676943,1677140,1677802,1678011,1678162,1678174,1678339,1678426-1678427,1678694,1678701,1679534,1679708,1679710,1679716,1680034,1680246,1681056,1681123,1681138,1681280,1681283,1681286,1681450,1681697,1681699,1681701,1681729,1681770,1681779,1681793,1681807,1681837-1681838,1681854,1681862,1681958,1682028,1682033,1682311,1682315,1682317,1682320,1682324,1682330,1682842,1684172,1684366,1684383,1684526-168452 7,1684549-1684550,1685556,1685591,1685739,1685744,1685772,1685816,1685826,1685891,1687242,1687261,1687268,1687340,1687551,1688563,1688841,1688878,165,1688896,1688901,1689345-1689346,1689357,1689656,1689675-1689677,1689679,1689687,1689825,1689856,1689918,1690011,1690021,1690054,1690080,1690209,1691134,1691487,1691813,1692744-1692747,1692849,1692894,1692896,1693088,1693105,1693429,1693461,1694058,1694111,1694290,1694501,1694548,1694658,1694660,1694788,1694872,1694878,169
[Bug 59125] Client disconnect causes java.lang.IllegalStateException when using WriteListener
https://bz.apache.org/bugzilla/show_bug.cgi?id=59125 --- Comment #5 from Mark Thomas --- As in complete() is required (by the spec) to be called as part of the error handling and if it isn't the container has to do it. See 2.3.3.3 of the servlet spec and search for onError. If you have further questions, the users@ mailing list is the place to ask. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 59125] Client disconnect causes java.lang.IllegalStateException when using WriteListener
https://bz.apache.org/bugzilla/show_bug.cgi?id=59125 --- Comment #6 from Jes Wulfsberg Nielsen --- Thanks for the clarifications; re-reading the fine print I see the point on "complete" being called from an AsyncContext listener. Shouldn't it then be a similar state error to call it using .whenCompleteAsync? (Is Tomcat doing something lenient here?) -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 59139] undeployOldVersions sorts alphabetically though version numbers are normally numeric in part
https://bz.apache.org/bugzilla/show_bug.cgi?id=59139 --- Comment #2 from Louis Burton --- Thanks for clarifying. Apologies, I was looking at the documentation for 'undeployOldVersions' and didn't see reference to this: http://tomcat.apache.org/tomcat-8.0-doc/config/host.html I see it explained explicitly here: http://tomcat.apache.org/tomcat-8.0-doc/config/context.html#Naming -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 59138] checkThreadLocalMapForLeaks has false positives
https://bz.apache.org/bugzilla/show_bug.cgi?id=59138 --- Comment #3 from Brett Kail --- Entries in ThreadLocalMap weakly reference the key, which is the ThreadLocal subclass that is loaded by the application class loader. Assuming there are no other retained references to the application class loader, the JVM will clear this weak reference at the next GC. This is basically the same as a WeakHashMap, and the javadoc there describes the same semantics: in order for the entry to be cleared, you need to ensure the value does not refer to the key. Assuming the ThreadLocal subclass is held in a static variable (common case), that means the value must not reference anything that directly/indirectly references the application class loader. In this case, the value refers to the bootstrap class loader only, so the ThreadLocal entry does not pin the application class loader. I cannot reproduce a memory leak, but I can reproduce the false positive: 1. Start an empty Tomcat instance (no webapps) 2. Use jvisualvm, collect a heapdump, run the "select x from org.apache.catalina.loader.WebappClassLoader x" OQL, and see "The query returned no results" (baseline) 3. Deploy a WAR that contains a servlet with a static ThreadLocal subclass, and have the doGet method set the ThreadLocal to an integer. 5. Use jvisualvm again, and see there is one class loader 6. Ping the servlet so that the ThreadLocal is loaded 7. Undeploy the WAR, and see the checkThreadLocalMapForLeaks message 8. Use jvisualvm again, and see there are no class loaders In this case, the message is a false positive. The presence of the ThreadLocal does not prevent the class loader from being garbage collected. However, if I change step #3 to set the ThreadLocal to the servlet instance itself, then I see the class loaders accumulate as I repeat this process. Are you able to reproduce these steps? Can you provide more details on what you did to create the memory leak? -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
buildbot success in on tomcat-8-trunk
The Buildbot has detected a restored build on builder tomcat-8-trunk while building . Full details are available at: https://ci.apache.org/builders/tomcat-8-trunk/builds/494 Buildbot URL: https://ci.apache.org/ Buildslave for this Build: silvanus_ubuntu Build Reason: The AnyBranchScheduler scheduler named 'on-tomcat-8-commit' triggered this build Build Source Stamp: [branch tomcat/tc8.0.x/trunk] 1733979 Blamelist: markt Build succeeded! Sincerely, -The Buildbot - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 59138] checkThreadLocalMapForLeaks has false positives
https://bz.apache.org/bugzilla/show_bug.cgi?id=59138 --- Comment #4 from Mark Thomas --- Hmm. The profiler was showing the key as strongly reachable. That explains why it wasn't collected but not why it was strongly reachable. Let me take another look at the results. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 59123] The JNDIRealm does not close the NamingEnumeration
https://bz.apache.org/bugzilla/show_bug.cgi?id=59123 --- Comment #3 from Emmanuel L --- Sounds good to me. Thanks for the patch and sorry for having been lazy and not have provided it... -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 58750] Provide way to disable Server header completely
https://bz.apache.org/bugzilla/show_bug.cgi?id=58750 --- Comment #18 from Anthony J. Biacco --- I usually just modify server.* org/apache/catalina/util/ServerInfo.properties and rebuild catalina.jar. Not exactly ideal, but fairly trivial for me at least to mask the info. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 58750] Provide way to disable Server header completely
https://bz.apache.org/bugzilla/show_bug.cgi?id=58750 --- Comment #19 from Anthony J. Biacco --- Sorry, i don't REBUILD the jar, i just leave org/apache/catalina/util/ServerInfo.properties there after modded as suggested in the Valves section of https://tomcat.apache.org/tomcat-8.0-doc/security-howto.html -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 59138] checkThreadLocalMapForLeaks has false positives
https://bz.apache.org/bugzilla/show_bug.cgi?id=59138 Mark Thomas changed: What|Removed |Added Resolution|INVALID |--- Status|RESOLVED|REOPENED --- Comment #5 from Mark Thomas --- I still had the memory dump so I was able to confirm that the key was strongly reachable. There were a number of GC roots listed of which one was the ThreadLocal map. Digging into the GC roots found the problem. Somehow (and I haven't figured out how to reproduce this yet) one of the profiler's classes was loaded by the WebappClassLoader. That was pinning the class loader in memory hence the ThreadLocal key was strongly held. I'm as sure as I can be that this is what I was seeing previously. If I run the test all the way through then attach the profiler (rather than attaching at the start so I can monitor what is going on) then the key is not strongly held, the garbage collector does it's job after which the class loader is released. I am therefore re-opening this issue. At first glance, the fix appears to be as simple as removing the class loader check for the ThreadLocal key. However, we have had issues reported where objects being retained after web application stop until the next GC has been sufficient to cause problems. If memory serves me correctly, those were all JDBC related. In this case, I don't think that will be an issue. Currently, ThreadLocal issues are cleaned up by renewing the thread pool and that won't change with the proposed change. All that changes is that keys won't trigger the warning messages. We could log issues with keys at debug level on the grounds that users might find it useful. That will complicate the code though. I'm not sure that is worth doing. I'll think about it over night and come back to this tomorrow. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org