[GUMP@vmgump]: Project tomcat-native-trunk-make (in module tomcat-native-trunk) failed

[Bill Barker]

To whom it may engage...

This is an automated request, but not an unsolicited one. For 
more information please visit http://gump.apache.org/nagged.html, 
and/or contact the folk at gene...@gump.apache.org.

Project tomcat-native-trunk-make has an issue affecting its community 
integration.
This issue affects 3 projects,
 and has been outstanding for 45 runs.
The current state of this project is 'Failed', with reason 'Build Failed'.
For reference only, the following projects are affected by this:
- tomcat-native-trunk-make :  Tomcat native library using Apache Portable 
Runtime
- tomcat-native-trunk-make-install :  Tomcat native library using Apache 
Portable Runtime
- tomcat-trunk-test-apr :  Tomcat 9.x, a web server implementing the Java 
Servlet 4.0,
...


Full details are available at:

http://vmgump.apache.org/gump/public/tomcat-native-trunk/tomcat-native-trunk-make/index.html

That said, some information snippets are provided here.

The following annotations (debug/informational/warning/error messages) were 
provided:
 -INFO- Failed with reason build failed



The following work was performed:
http://vmgump.apache.org/gump/public/tomcat-native-trunk/tomcat-native-trunk-make/gump_work/build_tomcat-native-trunk_tomcat-native-trunk-make.html
Work Name: build_tomcat-native-trunk_tomcat-native-trunk-make (Type: Build)
Work ended in a state of : Failed
Elapsed: 37 secs
Command Line: make 
[Working Directory: /srv/gump/public/workspace/tomcat-native-trunk/native]
-
make[1]: Entering directory 
`/srv/gump/public/workspace/tomcat-native-trunk/native'
/bin/bash /srv/gump/public/workspace/apr-1/dest-20160616/build-1/libtool 
--silent --mode=compile gcc -g -O2 -pthread   -DHAVE_CONFIG_H  -DLINUX 
-D_REENTRANT -D_GNU_SOURCE   -g -O2 -DHAVE_OPENSSL -DHAVE_POLLSET_WAKEUP   
-I/srv/gump/public/workspace/tomcat-native-trunk/native/include 
-I/usr/lib/jvm/java-8-oracle/include -I/usr/lib/jvm/java-8-oracle/include/linux 
-I/srv/gump/public/workspace/openssl-master/dest-20160616/include  
-I/srv/gump/public/workspace/apr-1/dest-20160616/include/apr-1   -o 
src/address.lo -c src/address.c && touch src/address.lo
/bin/bash /srv/gump/public/workspace/apr-1/dest-20160616/build-1/libtool 
--silent --mode=compile gcc -g -O2 -pthread   -DHAVE_CONFIG_H  -DLINUX 
-D_REENTRANT -D_GNU_SOURCE   -g -O2 -DHAVE_OPENSSL -DHAVE_POLLSET_WAKEUP   
-I/srv/gump/public/workspace/tomcat-native-trunk/native/include 
-I/usr/lib/jvm/java-8-oracle/include -I/usr/lib/jvm/java-8-oracle/include/linux 
-I/srv/gump/public/workspace/openssl-master/dest-20160616/include  
-I/srv/gump/public/workspace/apr-1/dest-20160616/include/apr-1   -o src/bb.lo 
-c src/bb.c && touch src/bb.lo
/bin/bash /srv/gump/public/workspace/apr-1/dest-20160616/build-1/libtool 
--silent --mode=compile gcc -g -O2 -pthread   -DHAVE_CONFIG_H  -DLINUX 
-D_REENTRANT -D_GNU_SOURCE   -g -O2 -DHAVE_OPENSSL -DHAVE_POLLSET_WAKEUP   
-I/srv/gump/public/workspace/tomcat-native-trunk/native/include 
-I/usr/lib/jvm/java-8-oracle/include -I/usr/lib/jvm/java-8-oracle/include/linux 
-I/srv/gump/public/workspace/openssl-master/dest-20160616/include  
-I/srv/gump/public/workspace/apr-1/dest-20160616/include/apr-1   -o src/dir.lo 
-c src/dir.c && touch src/dir.lo
/bin/bash /srv/gump/public/workspace/apr-1/dest-20160616/build-1/libtool 
--silent --mode=compile gcc -g -O2 -pthread   -DHAVE_CONFIG_H  -DLINUX 
-D_REENTRANT -D_GNU_SOURCE   -g -O2 -DHAVE_OPENSSL -DHAVE_POLLSET_WAKEUP   
-I/srv/gump/public/workspace/tomcat-native-trunk/native/include 
-I/usr/lib/jvm/java-8-oracle/include -I/usr/lib/jvm/java-8-oracle/include/linux 
-I/srv/gump/public/workspace/openssl-master/dest-20160616/include  
-I/srv/gump/public/workspace/apr-1/dest-20160616/include/apr-1   -o 
src/error.lo -c src/error.c && touch src/error.lo
/bin/bash /srv/gump/public/workspace/apr-1/dest-20160616/build-1/libtool 
--silent --mode=compile gcc -g -O2 -pthread   -DHAVE_CONFIG_H  -DLINUX 
-D_REENTRANT -D_GNU_SOURCE   -g -O2 -DHAVE_OPENSSL -DHAVE_POLLSET_WAKEUP   
-I/srv/gump/public/workspace/tomcat-native-trunk/native/include 
-I/usr/lib/jvm/java-8-oracle/include -I/usr/lib/jvm/java-8-oracle/include/linux 
-I/srv/gump/public/workspace/openssl-master/dest-20160616/include  
-I/srv/gump/public/workspace/apr-1/dest-20160616/include/apr-1   -o src/file.lo 
-c src/file.c && touch src/file.lo
/bin/bash /srv/gump/public/workspace/apr-1/dest-20160616/build-1/libtool 
--silent --mode=compile gcc -g -O2 -pthread   -DHAVE_CONFIG_H  -DLINUX 
-D_REENTRANT -D_GNU_SOURCE   -g -O2 -DHAVE_OPENSSL -DHAVE_POLLSET_WAKEUP   
-I/srv/gump/public/workspace/tomcat-native-trunk/native/include 
-I/usr/lib/jvm/java-8-oracle/include -I/usr/lib/jvm/java-8-oracle/include/linux 
-I/srv/gump/public/workspace/openssl-master/dest-20160616/include  
-I/srv/gump/public/workspace/apr-1/dest-20160616/include/apr-1   -o src/info.lo 
-c src/info.c && touch src/info.lo
/bin/bash 

[Bug 59708] LockOutRealm Details

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=59708

--- Comment #2 from Ben  ---
Thanks for the clarification. I look forward to seeing this progress.

-- 
You are receiving this mail because:
You are the assignee for the bug.

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 59710] java.io.IOException: Connection timed out

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=59710

--- Comment #2 from hugo.lar...@yahoo.com ---
Will do!

BR,
Hugo

-- 
You are receiving this mail because:
You are the assignee for the bug.

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

svn commit: r1748629 - in /tomcat/trunk: java/org/apache/catalina/realm/LockOutRealm.java webapps/docs/changelog.xml webapps/docs/config/realm.xml

[markt]

Author: markt
Date: Wed Jun 15 20:26:17 2016
New Revision: 1748629

URL: http://svn.apache.org/viewvc?rev=1748629=rev
Log:
Modify the lock out logic. Valid authentication attempts during the lock out 
period will no longer reset the lock out timer to zero. 

Modified:
tomcat/trunk/java/org/apache/catalina/realm/LockOutRealm.java
tomcat/trunk/webapps/docs/changelog.xml
tomcat/trunk/webapps/docs/config/realm.xml

Modified: tomcat/trunk/java/org/apache/catalina/realm/LockOutRealm.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/realm/LockOutRealm.java?rev=1748629=1748628=1748629=diff
==
--- tomcat/trunk/java/org/apache/catalina/realm/LockOutRealm.java (original)
+++ tomcat/trunk/java/org/apache/catalina/realm/LockOutRealm.java Wed Jun 15 
20:26:17 2016
@@ -139,23 +139,9 @@ public class LockOutRealm extends Combin
 String nonce, String nc, String cnonce, String qop,
 String realmName, String md5a2) {
 
-if (isLocked(username)) {
-// Trying to authenticate a locked user is an automatic failure
-registerAuthFailure(username);
-
-log.warn(sm.getString("lockOutRealm.authLockedUser", username));
-return null;
-}
-
-Principal authenticatedUser = super.authenticate(username, 
clientDigest,
-nonce, nc, cnonce, qop, realmName, md5a2);
-
-if (authenticatedUser == null) {
-registerAuthFailure(username);
-} else {
-registerAuthSuccess(username);
-}
-return authenticatedUser;
+Principal authenticatedUser = super.authenticate(username, 
clientDigest, nonce, nc, cnonce,
+qop, realmName, md5a2);
+return filterLockedAccounts(username, authenticatedUser);
 }
 
 
@@ -169,22 +155,8 @@ public class LockOutRealm extends Combin
  */
 @Override
 public Principal authenticate(String username, String credentials) {
-if (isLocked(username)) {
-// Trying to authenticate a locked user is an automatic failure
-registerAuthFailure(username);
-
-log.warn(sm.getString("lockOutRealm.authLockedUser", username));
-return null;
-}
-
 Principal authenticatedUser = super.authenticate(username, 
credentials);
-
-if (authenticatedUser == null) {
-registerAuthFailure(username);
-} else {
-registerAuthSuccess(username);
-}
-return authenticatedUser;
+return filterLockedAccounts(username, authenticatedUser);
 }
 
 
@@ -202,22 +174,8 @@ public class LockOutRealm extends Combin
 username = certs[0].getSubjectDN().getName();
 }
 
-if (isLocked(username)) {
-// Trying to authenticate a locked user is an automatic failure
-registerAuthFailure(username);
-
-log.warn(sm.getString("lockOutRealm.authLockedUser", username));
-return null;
-}
-
 Principal authenticatedUser = super.authenticate(certs);
-
-if (authenticatedUser == null) {
-registerAuthFailure(username);
-} else {
-registerAuthSuccess(username);
-}
-return authenticatedUser;
+return filterLockedAccounts(username, authenticatedUser);
 }
 
 
@@ -238,23 +196,9 @@ public class LockOutRealm extends Combin
 
 username = name.toString();
 
-if (isLocked(username)) {
-// Trying to authenticate a locked user is an automatic failure
-registerAuthFailure(username);
+Principal authenticatedUser = super.authenticate(gssContext, 
storeCreds);
 
-log.warn(sm.getString("lockOutRealm.authLockedUser", 
username));
-return null;
-}
-
-Principal authenticatedUser =
-super.authenticate(gssContext, storeCreds);
-
-if (authenticatedUser == null) {
-registerAuthFailure(username);
-} else {
-registerAuthSuccess(username);
-}
-return authenticatedUser;
+return filterLockedAccounts(username, authenticatedUser);
 }
 
 // Fail in all other cases
@@ -262,6 +206,30 @@ public class LockOutRealm extends Combin
 }
 
 
+/*
+ * Filters authenticated principals to ensure that null is
+ * returned for any user that is currently locked out.
+ */
+private Principal filterLockedAccounts(String username, Principal 
authenticatedUser) {
+// Register all failed authentications
+if (authenticatedUser == null) {
+registerAuthFailure(username);
+}
+
+if (isLocked(username)) {
+// If the user is currently locked, authentication will always fail
+

[Bug 59708] LockOutRealm Details

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=59708

--- Comment #1 from Mark Thomas  ---
Thanks for the report.

To answer the question, the LockOutRealm currently treats any authentication
attempt during the lock out period as a failure. This does mean that once an
account is locked out, if the legitimate users attempts to login more
frequently that the lockout period that user is never going to regain access.

It does make sense to change this behaviour (and document it) so that valid
logins do not extend the lockout period. I'll take a look at a patch.

-- 
You are receiving this mail because:
You are the assignee for the bug.

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[VOTE] Release Apache Tomcat 7.0.70

[Violeta Georgieva]

The proposed Apache Tomcat 7.0.70 release is now available for voting.

It can be obtained from:
https://dist.apache.org/repos/dist/dev/tomcat/tomcat-7/v7.0.70/
The Maven staging repo is:
https://repository.apache.org/content/repositories/orgapachetomcat-1088/
The svn tag is:
http://svn.apache.org/repos/asf/tomcat/tc7.0.x/tags/TOMCAT_7_0_70/

The proposed 7.0.70 release is:
[ ] Broken - do not release
[ ] Stable - go ahead and release as 7.0.70 Stable

Regards,
Violeta

svn commit: r14014 [1/2] - in /dev/tomcat/tomcat-7/v7.0.70: ./ bin/ bin/embed/ bin/extras/ src/

[violetagg]

Author: violetagg
Date: Wed Jun 15 19:35:28 2016
New Revision: 14014

Log:
Stage 7.0.70 RC

Added:
dev/tomcat/tomcat-7/v7.0.70/
dev/tomcat/tomcat-7/v7.0.70/KEYS
dev/tomcat/tomcat-7/v7.0.70/README.html
dev/tomcat/tomcat-7/v7.0.70/RELEASE-NOTES
dev/tomcat/tomcat-7/v7.0.70/bin/
dev/tomcat/tomcat-7/v7.0.70/bin/README.html
dev/tomcat/tomcat-7/v7.0.70/bin/apache-tomcat-7.0.70-deployer.tar.gz   
(with props)
dev/tomcat/tomcat-7/v7.0.70/bin/apache-tomcat-7.0.70-deployer.tar.gz.asc
dev/tomcat/tomcat-7/v7.0.70/bin/apache-tomcat-7.0.70-deployer.tar.gz.md5
dev/tomcat/tomcat-7/v7.0.70/bin/apache-tomcat-7.0.70-deployer.tar.gz.sha1
dev/tomcat/tomcat-7/v7.0.70/bin/apache-tomcat-7.0.70-deployer.zip   (with 
props)
dev/tomcat/tomcat-7/v7.0.70/bin/apache-tomcat-7.0.70-deployer.zip.asc
dev/tomcat/tomcat-7/v7.0.70/bin/apache-tomcat-7.0.70-deployer.zip.md5
dev/tomcat/tomcat-7/v7.0.70/bin/apache-tomcat-7.0.70-deployer.zip.sha1
dev/tomcat/tomcat-7/v7.0.70/bin/apache-tomcat-7.0.70-fulldocs.tar.gz   
(with props)
dev/tomcat/tomcat-7/v7.0.70/bin/apache-tomcat-7.0.70-fulldocs.tar.gz.asc
dev/tomcat/tomcat-7/v7.0.70/bin/apache-tomcat-7.0.70-fulldocs.tar.gz.md5
dev/tomcat/tomcat-7/v7.0.70/bin/apache-tomcat-7.0.70-fulldocs.tar.gz.sha1
dev/tomcat/tomcat-7/v7.0.70/bin/apache-tomcat-7.0.70-windows-x64.zip   
(with props)
dev/tomcat/tomcat-7/v7.0.70/bin/apache-tomcat-7.0.70-windows-x64.zip.asc
dev/tomcat/tomcat-7/v7.0.70/bin/apache-tomcat-7.0.70-windows-x64.zip.md5
dev/tomcat/tomcat-7/v7.0.70/bin/apache-tomcat-7.0.70-windows-x64.zip.sha1
dev/tomcat/tomcat-7/v7.0.70/bin/apache-tomcat-7.0.70-windows-x86.zip   
(with props)
dev/tomcat/tomcat-7/v7.0.70/bin/apache-tomcat-7.0.70-windows-x86.zip.asc
dev/tomcat/tomcat-7/v7.0.70/bin/apache-tomcat-7.0.70-windows-x86.zip.md5
dev/tomcat/tomcat-7/v7.0.70/bin/apache-tomcat-7.0.70-windows-x86.zip.sha1
dev/tomcat/tomcat-7/v7.0.70/bin/apache-tomcat-7.0.70.exe   (with props)
dev/tomcat/tomcat-7/v7.0.70/bin/apache-tomcat-7.0.70.exe.asc
dev/tomcat/tomcat-7/v7.0.70/bin/apache-tomcat-7.0.70.exe.md5
dev/tomcat/tomcat-7/v7.0.70/bin/apache-tomcat-7.0.70.exe.sha1
dev/tomcat/tomcat-7/v7.0.70/bin/apache-tomcat-7.0.70.tar.gz   (with props)
dev/tomcat/tomcat-7/v7.0.70/bin/apache-tomcat-7.0.70.tar.gz.asc
dev/tomcat/tomcat-7/v7.0.70/bin/apache-tomcat-7.0.70.tar.gz.md5
dev/tomcat/tomcat-7/v7.0.70/bin/apache-tomcat-7.0.70.tar.gz.sha1
dev/tomcat/tomcat-7/v7.0.70/bin/apache-tomcat-7.0.70.zip   (with props)
dev/tomcat/tomcat-7/v7.0.70/bin/apache-tomcat-7.0.70.zip.asc
dev/tomcat/tomcat-7/v7.0.70/bin/apache-tomcat-7.0.70.zip.md5
dev/tomcat/tomcat-7/v7.0.70/bin/apache-tomcat-7.0.70.zip.sha1
dev/tomcat/tomcat-7/v7.0.70/bin/embed/
dev/tomcat/tomcat-7/v7.0.70/bin/embed/apache-tomcat-7.0.70-embed.tar.gz   
(with props)
dev/tomcat/tomcat-7/v7.0.70/bin/embed/apache-tomcat-7.0.70-embed.tar.gz.asc
dev/tomcat/tomcat-7/v7.0.70/bin/embed/apache-tomcat-7.0.70-embed.tar.gz.md5
dev/tomcat/tomcat-7/v7.0.70/bin/embed/apache-tomcat-7.0.70-embed.tar.gz.sha1
dev/tomcat/tomcat-7/v7.0.70/bin/embed/apache-tomcat-7.0.70-embed.zip   
(with props)
dev/tomcat/tomcat-7/v7.0.70/bin/embed/apache-tomcat-7.0.70-embed.zip.asc
dev/tomcat/tomcat-7/v7.0.70/bin/embed/apache-tomcat-7.0.70-embed.zip.md5
dev/tomcat/tomcat-7/v7.0.70/bin/embed/apache-tomcat-7.0.70-embed.zip.sha1
dev/tomcat/tomcat-7/v7.0.70/bin/extras/
dev/tomcat/tomcat-7/v7.0.70/bin/extras/catalina-jmx-remote.jar   (with 
props)
dev/tomcat/tomcat-7/v7.0.70/bin/extras/catalina-jmx-remote.jar.asc
dev/tomcat/tomcat-7/v7.0.70/bin/extras/catalina-jmx-remote.jar.md5
dev/tomcat/tomcat-7/v7.0.70/bin/extras/catalina-jmx-remote.jar.sha1
dev/tomcat/tomcat-7/v7.0.70/bin/extras/catalina-ws.jar   (with props)
dev/tomcat/tomcat-7/v7.0.70/bin/extras/catalina-ws.jar.asc
dev/tomcat/tomcat-7/v7.0.70/bin/extras/catalina-ws.jar.md5
dev/tomcat/tomcat-7/v7.0.70/bin/extras/catalina-ws.jar.sha1
dev/tomcat/tomcat-7/v7.0.70/bin/extras/tomcat-juli-adapters.jar   (with 
props)
dev/tomcat/tomcat-7/v7.0.70/bin/extras/tomcat-juli-adapters.jar.asc
dev/tomcat/tomcat-7/v7.0.70/bin/extras/tomcat-juli-adapters.jar.md5
dev/tomcat/tomcat-7/v7.0.70/bin/extras/tomcat-juli-adapters.jar.sha1
dev/tomcat/tomcat-7/v7.0.70/bin/extras/tomcat-juli.jar   (with props)
dev/tomcat/tomcat-7/v7.0.70/bin/extras/tomcat-juli.jar.asc
dev/tomcat/tomcat-7/v7.0.70/bin/extras/tomcat-juli.jar.md5
dev/tomcat/tomcat-7/v7.0.70/bin/extras/tomcat-juli.jar.sha1
dev/tomcat/tomcat-7/v7.0.70/src/
dev/tomcat/tomcat-7/v7.0.70/src/apache-tomcat-7.0.70-src.tar.gz   (with 
props)
dev/tomcat/tomcat-7/v7.0.70/src/apache-tomcat-7.0.70-src.tar.gz.asc
dev/tomcat/tomcat-7/v7.0.70/src/apache-tomcat-7.0.70-src.tar.gz.md5
dev/tomcat/tomcat-7/v7.0.70/src/apache-tomcat-7.0.70-src.tar.gz.sha1

svn commit: r14014 [2/2] - in /dev/tomcat/tomcat-7/v7.0.70: ./ bin/ bin/embed/ bin/extras/ src/

[violetagg]

Added: dev/tomcat/tomcat-7/v7.0.70/bin/extras/catalina-jmx-remote.jar.sha1
==
--- dev/tomcat/tomcat-7/v7.0.70/bin/extras/catalina-jmx-remote.jar.sha1 (added)
+++ dev/tomcat/tomcat-7/v7.0.70/bin/extras/catalina-jmx-remote.jar.sha1 Wed Jun 
15 19:35:28 2016
@@ -0,0 +1 @@
+42216aa5ec521f7fc7921d1982d7e73954b8aea0 *catalina-jmx-remote.jar
\ No newline at end of file

Added: dev/tomcat/tomcat-7/v7.0.70/bin/extras/catalina-ws.jar
==
Binary file - no diff available.

Propchange: dev/tomcat/tomcat-7/v7.0.70/bin/extras/catalina-ws.jar
--
svn:mime-type = application/octet-stream

Added: dev/tomcat/tomcat-7/v7.0.70/bin/extras/catalina-ws.jar.asc
==
--- dev/tomcat/tomcat-7/v7.0.70/bin/extras/catalina-ws.jar.asc (added)
+++ dev/tomcat/tomcat-7/v7.0.70/bin/extras/catalina-ws.jar.asc Wed Jun 15 
19:35:28 2016
@@ -0,0 +1,17 @@
+-BEGIN PGP SIGNATURE-
+Version: GnuPG v2
+
+iQIcBAABCgAGBQJXYYQVAAoJECCLCrHWMBHHtRIP/iKUcjFNkYQkD11l8yWvxWHz
+K+poTQpjiuHrwNlsFYFJzbSnknfLb/53YMwqiebROQHN3HEM7LhW0voVe7VGJ2c/
+7MQeBHt2PgxrQuRx2NTjHezw4aC3nt1fvEW3cXHmUhvV22Y2tqusLj4dLoBzMqDv
+/USYmVBTigq1eQJHPiylJxobt5CfdQ8SqPlBfAyPRJOdep4+jcos4Ls2PMSc9++n
+VtS1g4FLPuU03GmX8Mo++lVzScjkhFndbnAiD40mna9WRgZDrHjfODfgqEnapjcj
+YW/fD3sF3aY+CynqSi763WY5Ti0Rn89UpMOQajdVImp6iKsvHpyJdY26WKRw/hi8
+pfRfGeESzJ8cyWfUszt769IA5FbpTETK5vP+MFlaMTee0RKASLTrYxMbR/hJiX0o
+m0rYC9ZV8ZanVArOZPKLGOFSrixOVr1ktI/CEN/8NHPjOIRvsp6DwkSb8qo0AFH1
+mDw1QUnsUF+3eEgAyZ/jFLYIT5Jb5Wc8NGvpgtvX84ZoVqxOIrbLyk52tl+oKvrW
++nMRKPTy918RBoqjNZHGnKe+WU38bqijkE9O+5rbsq1taBL6kd0dhus5r0iyDzwt
+NDup1qwb+pJYB0Br+yuPDoeanqHhu08NgvRtfXcdirD9KHNPanMbztzyxwKzxBHG
+VVizoQamOI3580aEBWEj
+=KaGK
+-END PGP SIGNATURE-

Added: dev/tomcat/tomcat-7/v7.0.70/bin/extras/catalina-ws.jar.md5
==
--- dev/tomcat/tomcat-7/v7.0.70/bin/extras/catalina-ws.jar.md5 (added)
+++ dev/tomcat/tomcat-7/v7.0.70/bin/extras/catalina-ws.jar.md5 Wed Jun 15 
19:35:28 2016
@@ -0,0 +1 @@
+3fdb90d63b9f24b4199cbdcb0b184d54 *catalina-ws.jar
\ No newline at end of file

Added: dev/tomcat/tomcat-7/v7.0.70/bin/extras/catalina-ws.jar.sha1
==
--- dev/tomcat/tomcat-7/v7.0.70/bin/extras/catalina-ws.jar.sha1 (added)
+++ dev/tomcat/tomcat-7/v7.0.70/bin/extras/catalina-ws.jar.sha1 Wed Jun 15 
19:35:28 2016
@@ -0,0 +1 @@
+10acfcc1c48c8a0c9b551f94b825562d1046f0fb *catalina-ws.jar
\ No newline at end of file

Added: dev/tomcat/tomcat-7/v7.0.70/bin/extras/tomcat-juli-adapters.jar
==
Binary file - no diff available.

Propchange: dev/tomcat/tomcat-7/v7.0.70/bin/extras/tomcat-juli-adapters.jar
--
svn:mime-type = application/octet-stream

Added: dev/tomcat/tomcat-7/v7.0.70/bin/extras/tomcat-juli-adapters.jar.asc
==
--- dev/tomcat/tomcat-7/v7.0.70/bin/extras/tomcat-juli-adapters.jar.asc (added)
+++ dev/tomcat/tomcat-7/v7.0.70/bin/extras/tomcat-juli-adapters.jar.asc Wed Jun 
15 19:35:28 2016
@@ -0,0 +1,17 @@
+-BEGIN PGP SIGNATURE-
+Version: GnuPG v2
+
+iQIcBAABCgAGBQJXYYQKAAoJECCLCrHWMBHH/xMP/jEpvsIYDuD5S3kU6uIcNoq1
+b6BOKoSLwwwu15WNKL6mzwPMpksj0QTgL8hjMnIFssi9Cuw557ecj+qvl8FNjYGU
+bwORCxgXKZychD9n+/95SQJOoVo55/2ILhGJYXFd5SNIh0sXMuc/7nQ0N+osxv/y
+kGIAo4g2SFtVHH8m5xsKnQsQZw+0API2PNSIrY/xjcoO9uXhSoV04C2TzTsi5MRG
+7v3aERounTPIIWgPoMjsdc3SAiv6ianSUbDgDv3xTxWrzBa9MniHpEUWjUF5aKYm
+svKyxG8p17P/9XxJpXI5AeuFwtJuQeHAGnWWOvyoVCv0/hUfXvx9BnOa4ntt53Do
+y8RU/c2QXhot5Gqb/XPjjTq5T9B97bo2XlyXx3r/ZBKMqS0gQSVjD1JPovzBxq4d
+KraloZdtEXa4SK8l3c1jaOQ2kSsYpv0QrZxrXn0B+ErgXcVyIz3ph9TkNPToVniV
+WnSjqGX/fisQ3xH2wP062mh48be7WvS9ic/D1lyilIekg5cuC8LjIuxL5mbULkl+
+Ezk0wktXx+fkCvY1NG6cr7pdsDoCAjjFOzE0fbz/bSYT7GMO9HXw28t2ONEaH/3s
++AMJh6wDM4j+wF6h4Ajw1Tl5DOK2bAM3wIWDPEiNHfUO3TK7BU5PFz1f/Nturcx8
+6CPJEpD391oJ53rwKhDf
+=gvUc
+-END PGP SIGNATURE-

Added: dev/tomcat/tomcat-7/v7.0.70/bin/extras/tomcat-juli-adapters.jar.md5
==
--- dev/tomcat/tomcat-7/v7.0.70/bin/extras/tomcat-juli-adapters.jar.md5 (added)
+++ dev/tomcat/tomcat-7/v7.0.70/bin/extras/tomcat-juli-adapters.jar.md5 Wed Jun 
15 19:35:28 2016
@@ -0,0 +1 @@
+eb8e3b02507888a8ae526df0882daf28 *tomcat-juli-adapters.jar
\ No newline at end of file

Added: dev/tomcat/tomcat-7/v7.0.70/bin/extras/tomcat-juli-adapters.jar.sha1
==
--- 

[Bug 59710] java.io.IOException: Connection timed out

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=59710

Mark Thomas  changed:

   What|Removed |Added

 Resolution|--- |FIXED
 Status|NEW |RESOLVED

--- Comment #1 from Mark Thomas  ---
This should be fixed in trunk and will be included in the 7.0.70 release
currently in progress. If you still see this issue with 7.0.70 please provide
the simplest possible test case that demonstrates the issue and we'll take
another look.

-- 
You are receiving this mail because:
You are the assignee for the bug.

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 59710] New: java.io.IOException: Connection timed out

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=59710

Bug ID: 59710
   Summary: java.io.IOException: Connection timed out
   Product: Tomcat 7
   Version: 7.0.69
  Hardware: PC
OS: Linux
Status: NEW
  Severity: normal
  Priority: P2
 Component: WebSocket
  Assignee: dev@tomcat.apache.org
  Reporter: hugo.lar...@yahoo.com

Hello, 

We are using Tomcat 7.0.69 and suspect a bug with session.close() when
"Connection timed out" happens sporadically. When the exception is thrown
@onError correctly is called and I call session.close but the connection is
still open in limbo which cause memory leak. 

On the client we use Tyrus with reconnectHandler and set HeartBeatIntervall to
1 minute. When the timeout exception is thrown in Tomcat, Tyrus is still happy
with the connection even though its closed in Tomcat. 

My theory is that there is a problem with session.close() when a timeout
occurs. It never really gets closed. 
I have set the connectionTimeout=-1 connectionUploadTimeout=-1 in server.xml. 

Anyone has a clue? 

BR, 
Hugo 

java.io.IOException: Connection timed out 
at sun.nio.ch.FileDispatcherImpl.read0(Native Method) 
at sun.nio.ch.SocketDispatcher.read(SocketDispatcher.java:39) 
at sun.nio.ch.IOUtil.readIntoNativeBuffer(IOUtil.java:223) 
at sun.nio.ch.IOUtil.read(IOUtil.java:192) 
at sun.nio.ch.SocketChannelImpl.read(SocketChannelImpl.java:384) 
at
org.apache.tomcat.util.net.SecureNioChannel.read(SecureNioChannel.java:442) 
at
org.apache.coyote.http11.upgrade.NioServletInputStream.fillReadBuffer(NioServletInputStream.java:136)
 
at
org.apache.coyote.http11.upgrade.NioServletInputStream.doRead(NioServletInputStream.java:80)
 
at
org.apache.coyote.http11.upgrade.AbstractServletInputStream.read(AbstractServletInputStream.java:129)
 
at
org.apache.tomcat.websocket.server.WsFrameServer.onDataAvailable(WsFrameServer.java:56)
 
at
org.apache.tomcat.websocket.server.WsHttpUpgradeHandler$WsReadListener.onDataAvailable(WsHttpUpgradeHa
 
ndler.java:205) 
at
org.apache.coyote.http11.upgrade.AbstractServletInputStream.onDataAvailable(AbstractServletInputStream
 
.java:203) 
at
org.apache.coyote.http11.upgrade.AbstractProcessor.upgradeDispatch(AbstractProcessor.java:93)
 
at
org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:623)
 
at
org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1749)
 
at
org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1708)
 
at
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) 
at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) 
at
org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
 
at java.lang.Thread.run(Thread.java:745)

-- 
You are receiving this mail because:
You are the assignee for the bug.

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 59708] New: LockOutRealm Details

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=59708

Bug ID: 59708
   Summary: LockOutRealm Details
   Product: Tomcat 8
   Version: 8.0.35
  Hardware: PC
OS: Linux
Status: NEW
  Severity: normal
  Priority: P2
 Component: Documentation
  Assignee: dev@tomcat.apache.org
  Reporter: b...@zvan.net

Documentation for LockOutRealm does not specify if failed logins due to being
locked out by the LockOutRealm count as failed logins for the purpose of
locking out a user.

For example: Lets say I'm protecting an API with LockOutRealm and the
authentication fails either due to maliciously bad password, accidentally bad
password, or back-end auth fail. This results in a LockOut condition because it
happened x times in y period. But the machines legitimately hitting the API
don't care and continue to fail to authenticate during the LockOut period. Will
the machines ever be allowed to authenticate or is this a critical failure of
the API?

-- 
You are receiving this mail because:
You are the assignee for the bug.

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

svn commit: r1748587 - in /tomcat/tc7.0.x/tags/TOMCAT_7_0_70: ./ build.properties.default

[violetagg]

Author: violetagg
Date: Wed Jun 15 14:24:03 2016
New Revision: 1748587

URL: http://svn.apache.org/viewvc?rev=1748587=rev
Log:
Tag 7.0.70

Added:
tomcat/tc7.0.x/tags/TOMCAT_7_0_70/   (props changed)
  - copied from r1748585, tomcat/tc7.0.x/trunk/
Modified:
tomcat/tc7.0.x/tags/TOMCAT_7_0_70/build.properties.default

Propchange: tomcat/tc7.0.x/tags/TOMCAT_7_0_70/
--
bugtraq:append = false

Propchange: tomcat/tc7.0.x/tags/TOMCAT_7_0_70/
--
bugtraq:label = Bugzilla ID (optional)

Propchange: tomcat/tc7.0.x/tags/TOMCAT_7_0_70/
--
--- bugtraq:logregex (added)
+++ bugtraq:logregex Wed Jun 15 14:24:03 2016
@@ -0,0 +1,2 @@
+(https?\://(bz|issues)\.apache\.org/bugzilla/show_bug.cgi\?id=\d+|BZ\s?\d+)
+(\d+)

Propchange: tomcat/tc7.0.x/tags/TOMCAT_7_0_70/
--
bugtraq:message = Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=%BUGID%

Propchange: tomcat/tc7.0.x/tags/TOMCAT_7_0_70/
--
bugtraq:url = https://bz.apache.org/bugzilla/show_bug.cgi?id=%BUGID%

Propchange: tomcat/tc7.0.x/tags/TOMCAT_7_0_70/
--
--- svn:ignore (added)
+++ svn:ignore Wed Jun 15 14:24:03 2016
@@ -0,0 +1,7 @@
+.*
+build.properties
+logs
+nbproject
+output
+work
+*.iml

Propchange: tomcat/tc7.0.x/tags/TOMCAT_7_0_70/
--
--- svn:mergeinfo (added)
+++ svn:mergeinfo Wed Jun 15 14:24:03 2016
@@ -0,0 +1,3 @@
+/tomcat/tc8.0.x/trunk:1636525,1637336,1637685,1637709,1638726,1640089,1640276,1640349,1640363,1640366,1640642,1640672,1640674,1640689,1640884,1641001,1641065,1641067,1641375,1641638,1641723,1641726,1641729-1641730,1641736,1641988,1642669-1642670,1642698,1642701,1643205,1643215,1643217,1643230,1643232,1643273,1643285,1643329-1643330,1643511,1643513,1643521,1643539,1643571,1643581-1643582,1643635,1643655,1643738,1643964,1644018,1644333,1644954,1644992,1645014,1645360,1645456,1645627,1645642,1645686,1645903-1645904,1645908-1645909,1645913,1645920,1646458,1646460-1646462,1646735,1646738-1646741,1646744,1646746,1646748-1646755,1646757,1646759-1646760,1647043,1648816,1651420-1651422,1651844,1652926,1652939-1652940,1652973,1653798,1653817,1653841,1654042,1654161,1654736,1654767,1654787,1656592,1659907,1662986,1663265,1663278,1663325,1663535,1663567,1663679,1663997,1664175,1664321,1664872,1665061,1665086,1666027,1666395,1666503,1666506,1666560,1666570,1666581,1666759,1666967,1666988,1667553
 
-1667555,1667558,1667617,1667633,1667637,1667747,1667767,1667873,1668028,1668137,1668634,1669432,1669801,1669840,1669895-1669896,1670398,1670435,1670592,1670605-1670607,1670609,1670632,1670720,1670725,1670727,1670731,1671114,1672273,1672285,1673759,1674220,1674295,1675469,1675488,1675595,1675831,1676232,1676367-1676369,1676382,1676394,1676483,1676556,1676635,1678178,1679536,1679988,1680256,1681124,1681182,1681730,1681840,1681864,1681869,1682010,1682034,1682047,1682052-1682053,1682062,1682064,1682070,1682312,1682325,1682331,1682386,1684367,1684385,1685759,1685774,1685827,1685892,1687341,1688904,1689358,1689657,1689921,1692850,1693093,1693108,1693324,1694060,1694115,1694291,1694427,1694431,1694503,1694549,1694789,1694873,1694881,1695356,1695372,1695823-1695825,1696200,1696281,1696379,1696468,1700608,1700871,1700897,1700978,1701094,1701124,1701608,1701668,1701676,1701766,1701944,1702248,1702252,1702314,1702390,1702723,1702725,1702728,1702730,1702733,1702735,1702737,1702739,1702742,1702
 
744,1702748,1702751,1702754,1702758,1702760,1702763,1702766,1708779,1708782,1708806,1709314,1709670,1710347,1710442,1710448,1710490,1710574,1710578,1712226,1712229,1712235,1712255,1712618,1712649,1712655,1712860,1712899,1712903,1712906,1712913,1712926,1712975,1713185,1713262,1713287,1713613,1713621,1713872,1713976,1713994,1713998,1714004,1714013,1714059,1714538,1714580,1715189,1715207,1715544,1715549,1715637,1715639-1715645,1715667,1715683,1715866,1715978,1715981,1716216-1716217,1716355,1716414,1716421,1717208-1717209,1717257,1717283,1717288,1717291,1717421,1717517,1717529,1718797,1718840-1718843,1719348,1719357-1719358,1719400,1719491,1719737,1720235,1720396,1720442,1720446,1720450,1720463,1720658-1720660,1720756,1720816,1721813,1721818,1721831,1721861,1721867,1721882,1722523,1722527,1722800,1722926,1722941,1722997,1723130,1723440,1723488,1723890,1724434,1724674,1724792,1724803,1724902,1725128,1725131,1725154,1725167,1725911,1725921,1725929,1725963-1725965,1725970,1725974,1726171-1
 

[Bug 58721] Http11Nio2Protocol is leaking open file handles for TCP connections

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=58721

Remy Maucherat  changed:

   What|Removed |Added

 Resolution|--- |WORKSFORME
 Status|NEEDINFO|RESOLVED

--- Comment #7 from Remy Maucherat  ---
This should be retested with 8.5, at least.

-- 
You are receiving this mail because:
You are the assignee for the bug.

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 58289] request.getRemoteAddr() sometimes returning IP address from the previous request

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=58289

Mark Thomas  changed:

   What|Removed |Added

 Resolution|--- |WORKSFORME
 Status|NEEDINFO|RESOLVED

--- Comment #5 from Mark Thomas  ---
Can't reproduce and not reproduction information provided after 9+ months.

-- 
You are receiving this mail because:
You are the assignee for the bug.

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

buildbot success in on tomcat-8-trunk

[buildbot]

The Buildbot has detected a restored build on builder tomcat-8-trunk while 
building . Full details are available at:
https://ci.apache.org/builders/tomcat-8-trunk/builds/656

Buildbot URL: https://ci.apache.org/

Buildslave for this Build: silvanus_ubuntu

Build Reason: The AnyBranchScheduler scheduler named 'on-tomcat-8-commit' 
triggered this build
Build Source Stamp: [branch tomcat/tc8.0.x/trunk] 1748580
Blamelist: markt

Build succeeded!

Sincerely,
 -The Buildbot




-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 59253] IOExceptions in websockets

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=59253

Mark Thomas  changed:

   What|Removed |Added

 Resolution|--- |WONTFIX
 Status|NEW |RESOLVED

--- Comment #7 from Mark Thomas  ---
Tomcat is correctly calling onError when something goes wrong. It appears from
the stack traces that it is Atmosphere that is logging the stack traces, not
Tomcat. While Tomcat could filter the calls to onError(), I don't think it
should. The application may well wish to be informed of unexpected client
disconnects.

-- 
You are receiving this mail because:
You are the assignee for the bug.

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 59276] Update Checkstyle to version 6.17 needs a configuration change

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=59276

Mark Thomas  changed:

   What|Removed |Added

 Status|NEW |RESOLVED
 Resolution|--- |FIXED

--- Comment #2 from Mark Thomas  ---
Fixed for 8.5.x and 8.0.x as well.

-- 
You are receiving this mail because:
You are the assignee for the bug.

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

svn commit: r1748580 - in /tomcat/tc8.0.x/trunk: ./ build.properties.default res/checkstyle/checkstyle.xml res/checkstyle/javax-checkstyle.xml res/checkstyle/org-checkstyle.xml webapps/docs/changelog.

[markt]

Author: markt
Date: Wed Jun 15 13:44:41 2016
New Revision: 1748580

URL: http://svn.apache.org/viewvc?rev=1748580=rev
Log:
Update to Checkstyle 6.17
This includes a configuration change, breaking compatibility with versions 
earlier than 6.16.

Modified:
tomcat/tc8.0.x/trunk/   (props changed)
tomcat/tc8.0.x/trunk/build.properties.default
tomcat/tc8.0.x/trunk/res/checkstyle/checkstyle.xml
tomcat/tc8.0.x/trunk/res/checkstyle/javax-checkstyle.xml
tomcat/tc8.0.x/trunk/res/checkstyle/org-checkstyle.xml
tomcat/tc8.0.x/trunk/webapps/docs/changelog.xml

Propchange: tomcat/tc8.0.x/trunk/
--
--- svn:mergeinfo (original)
+++ svn:mergeinfo Wed Jun 15 13:44:41 2016
@@ -1,2 +1,2 @@
 
/tomcat/tc8.5.x/trunk:1735042,1737966,1743139-1743140,1744151,1747537,1747925,1748002
-/tomcat/trunk:1636524,1637156,1637176,1637188,1637331,1637684,1637695,1637890,1637892,1638720-1638725,1639653,1640010,1640083-1640084,1640088,1640275,1640322,1640347,1640361,1640365,1640403,1640410,1640652,1640655-1640658,1640688,1640700-1640883,1640903,1640976,1640978,1641000,1641026,1641038-1641039,1641051-1641052,1641058,1641064,1641300,1641369,1641374,1641380,1641486,1641634,1641656-1641692,1641704,1641707-1641718,1641720-1641722,1641735,1641981,1642233,1642280,1642554,1642564,1642595,1642606,1642668,1642679,1642697,1642699,1642766,1643002,1643045,1643054-1643055,1643066,1643121,1643128,1643206,1643209-1643210,1643216,1643249,1643270,1643283,1643309-1643310,1643323,1643365-1643366,1643370-1643371,1643465,1643474,1643536,1643570,1643634,1643649,1643651,1643654,1643675,1643731,1643733-1643734,1643761,1643766,1643814,1643937,1643963,1644017,1644169,1644201-1644203,1644321,1644323,1644516,1644523,1644529,1644535,1644730,1644768,1644784-1644785,1644790,1644793,1644815,1644884,1644886
 
,1644890,1644892,1644910,1644924,1644929-1644930,1644935,1644989,1645011,1645247,1645355,1645357-1645358,1645455,1645465,1645469,1645471,1645473,1645475,1645486-1645488,1645626,1645641,1645685,1645743,1645763,1645951-1645953,1645955,1645993,1646098-1646106,1646178,1646220,1646302,1646304,1646420,1646470-1646471,1646476,1646559,1646717-1646723,1646773,1647026,1647042,1647530,1647655,1648304,1648815,1648907,1649973,1650081,1650365,1651116,1651120,1651280,1651470,1652938,1652970,1653041,1653471,1653550,1653574,1653797,1653815-1653816,1653819,1653840,1653857,1653888,1653972,1654013,1654030,1654050,1654123,1654148,1654159,1654513,1654515,1654517,1654522,1654524,1654725,1654735,1654766,1654785,1654851-1654852,1654978,1655122-1655124,1655126-1655127,1655129-1655130,1655132-1655133,1655312,1655351,1655438,1655441,1655454,168,1656087,1656299,1656319,1656331,1656345,1656350,1656590,1656648-1656650,1656657,1657041,1657054,1657374,1657492,1657510,1657565,1657580,1657584,1657586,1657589,1657
 
592,1657607,1657609,1657682,1657907,1658207,1658734,1658781,1658790,1658799,1658802,1658804,1658833,1658840,1658966,1659043,1659053,1659059,1659174,1659184,1659188-1659189,1659216,1659263,1659293,1659304,1659306-1659307,1659382,1659384,1659428,1659471,1659486,1659505,1659516,1659521,1659524,1659559,1659562,1659803,1659806,1659814,1659833,1659862,1659905,1659919,1659948,1659967,1659983-1659984,1660060,1660074,1660077,1660133,1660168,1660331-1660332,1660353,1660358,1660924,1661386,1661770,1661867,1661972,1661990,1662200,1662308-1662309,1662548,1662614,1662696,1662736,1662985,1662988-1662989,1663264,1663277,1663298,1663534,1663562,1663676,1663715,1663754,1663768,1663772,1663781,1663893,1663995,1664143,1664163,1664174,1664301,1664317,1664347,1664657,1664659,1664710,1664863-1664864,1664866,1665085,1665292,1665559,1665653,1665661,1665672,1665694,1665697,1665736,1665779,1665976-1665977,1665980-1665981,1665985-1665986,1665989,1665998,1666004,1666008,1666013,1666017,1666024,1666116,1666386-1
 
666387,1666494,1666496,1666552,1666569,1666579,137,149,1666757,1666966,1666972,1666985,1666995,1666997,1667292,1667402,1667406,1667546,1667615,1667630,1667636,1667688,1667764,1667871,1668026,1668135,1668193,1668593,1668596,1668630,1668639,1668843,1669353,1669370,1669451,1669800,1669838,1669876,1669882,1670394,1670433,1670591,1670598-1670600,1670610,1670631,1670719,1670724,1670726,1670730,1670940,1671112,1672272,1672284,1673754,1674294,1675461,1675486,1675594,1675830,1676231,1676250-1676251,1676364,1676381,1676393,1676479,1676525,1676552,1676615,1676630,1676634,1676721,1676926,1676943,1677140,1677802,1678011,1678162,1678174,1678339,1678426-1678427,1678694,1678701,1679534,1679708,1679710,1679716,1680034,1680246,1681056,1681123,1681138,1681280,1681283,1681286,1681450,1681697,1681699,1681701,1681729,1681770,1681779,1681793,1681807,1681837-1681838,1681854,1681862,1681958,1682028,1682033,1682311,1682315,1682317,1682320,1682324,1682330,1682842,1684172,1684366,1684383,1684526-168452
 

svn commit: r1748578 - in /tomcat/tc8.5.x/trunk: ./ build.properties.default res/checkstyle/checkstyle.xml res/checkstyle/javax-checkstyle.xml res/checkstyle/org-checkstyle.xml webapps/docs/changelog.

[markt]

Author: markt
Date: Wed Jun 15 13:41:09 2016
New Revision: 1748578

URL: http://svn.apache.org/viewvc?rev=1748578=rev
Log:
Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=59276
Update to Checkstyle 6.17
This includes a configuration change, breaking compatibility with versions 
earlier than 6.16.

Modified:
tomcat/tc8.5.x/trunk/   (props changed)
tomcat/tc8.5.x/trunk/build.properties.default
tomcat/tc8.5.x/trunk/res/checkstyle/checkstyle.xml
tomcat/tc8.5.x/trunk/res/checkstyle/javax-checkstyle.xml
tomcat/tc8.5.x/trunk/res/checkstyle/org-checkstyle.xml
tomcat/tc8.5.x/trunk/webapps/docs/changelog.xml

Propchange: tomcat/tc8.5.x/trunk/
--
--- svn:mergeinfo (original)
+++ svn:mergeinfo Wed Jun 15 13:41:09 2016
@@ -1 +1 @@
-/tomcat/trunk:1734785,1734799,1734845,1734928,1735041,1735044,1735480,1735577,1735597,1735599-1735600,1735615,1736145,1736162,1736209,1736280,1736297,1736299,1736489,1736646,1736703,1736836,1736849,1737104-1737105,1737112,1737117,1737119-1737120,1737155,1737157,1737192,1737280,1737339,1737632,1737664,1737715,1737748,1737785,1737834,1737860,1737959,1738005,1738007,1738014-1738015,1738018,1738022,1738039,1738043,1738059-1738060,1738147,1738149,1738174-1738175,1738261,1738589,1738623-1738625,1738643,1738816,1738850,1738855,1738946-1738948,1738953-1738954,1738979,1738982,1739079-1739081,1739087,1739113,1739153,1739172,1739176,1739191,1739474,1739726,1739762,1739775,1739814,1739817-1739818,1739975,1740131,1740324,1740465,1740495,1740508-1740509,1740520,1740535,1740707,1740803,1740810,1740969,1740980,1740991,1740997,1741015,1741033,1741036,1741058,1741060,1741080,1741147,1741159,1741164,1741173,1741181,1741190,1741197,1741202,1741208,1741213,1741221,1741225,1741232,1741409,1741501,1741677
 
,1741892,1741896,1741984,1742023,1742042,1742071,1742090,1742093,1742101,1742105,1742111,1742139,1742146,1742148,1742166,1742181,1742184,1742187,1742246,1742248-1742251,1742263-1742264,1742268,1742276,1742369,1742387,1742448,1742509-1742512,1742917,1742919,1742933,1742975-1742976,1742984,1742986,1743019,1743115,1743117,1743124-1743125,1743134,1743425,1743554,1743679,1743696-1743698,1743700-1743701,1744058,1744064-1744065,1744125,1744194,1744229,1744270,1744323,1744432,1744684,1744697,1744705,1744713,1744760,1744786,1745142-1745143,1745145,1745177,1745179-1745180,1745227,1745248,1745254,1745337,1745467,1745576,1745735,1745744,1746304,1746306-1746307,1746319,1746327,1746338,1746340-1746341,1746344,1746427,1746441,1746473,1746490,1746492,1746495-1746496,1746499-1746501,1746503-1746507,1746509,1746549,1746551,1746554,1746556,1746558,1746584,1746620,1746649,1746724,1746939,1746989,1747014,1747028,1747035,1747210,1747225,1747234,1747253,1747404,1747506,1747536,1747924,1747980,1747993,1748
 001,1748253,1748452,1748547
+/tomcat/trunk:1734785,1734799,1734845,1734928,1735041,1735044,1735480,1735577,1735597,1735599-1735600,1735615,1736145,1736162,1736209,1736280,1736297,1736299,1736489,1736646,1736703,1736836,1736849,1737104-1737105,1737112,1737117,1737119-1737120,1737155,1737157,1737192,1737280,1737339,1737632,1737664,1737715,1737748,1737785,1737834,1737860,1737903,1737959,1738005,1738007,1738014-1738015,1738018,1738022,1738039,1738043,1738059-1738060,1738147,1738149,1738174-1738175,1738261,1738589,1738623-1738625,1738643,1738816,1738850,1738855,1738946-1738948,1738953-1738954,1738979,1738982,1739079-1739081,1739087,1739113,1739153,1739172,1739176,1739191,1739474,1739726,1739762,1739775,1739814,1739817-1739818,1739975,1740131,1740324,1740465,1740495,1740508-1740509,1740520,1740535,1740707,1740803,1740810,1740969,1740980,1740991,1740997,1741015,1741033,1741036,1741058,1741060,1741080,1741147,1741159,1741164,1741173,1741181,1741190,1741197,1741202,1741208,1741213,1741221,1741225,1741232,1741409,1741501
 
,1741677,1741892,1741896,1741984,1742023,1742042,1742071,1742090,1742093,1742101,1742105,1742111,1742139,1742146,1742148,1742166,1742181,1742184,1742187,1742246,1742248-1742251,1742263-1742264,1742268,1742276,1742369,1742387,1742448,1742509-1742512,1742917,1742919,1742933,1742975-1742976,1742984,1742986,1743019,1743115,1743117,1743124-1743125,1743134,1743425,1743554,1743679,1743696-1743698,1743700-1743701,1744058,1744064-1744065,1744125,1744194,1744229,1744270,1744323,1744432,1744684,1744697,1744705,1744713,1744760,1744786,1745142-1745143,1745145,1745177,1745179-1745180,1745227,1745248,1745254,1745337,1745467,1745576,1745735,1745744,1746304,1746306-1746307,1746319,1746327,1746338,1746340-1746341,1746344,1746427,1746441,1746473,1746490,1746492,1746495-1746496,1746499-1746501,1746503-1746507,1746509,1746549,1746551,1746554,1746556,1746558,1746584,1746620,1746649,1746724,1746939,1746989,1747014,1747028,1747035,1747210,1747225,1747234,1747253,1747404,1747506,1747536,1747924,1747980,1747
 993,1748001,1748253,1748452,1748547

Modified: tomcat/tc8.5.x/trunk/build.properties.default
URL: 

[Bug 59703] RFC 6265 Cookie Processor doesn't allow cookie domains with a leading dot.

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=59703

Mark Thomas  changed:

   What|Removed |Added

 Status|NEW |RESOLVED
 Resolution|--- |INVALID

--- Comment #1 from Mark Thomas  ---
RFC 6265 does not permit domain values to begin with ".". Tomcat correctly
rejects these.

>From RFC 6265, Section 4.1.1
domain-av = "Domain=" domain-value
domain-value  = 
  ; defined in [RFC1034], Section 3.5, as
  ; enhanced by [RFC1123], Section 2.1

>From RFC 1034, Section 3.5
 ::=  |  "." 
 ::=  [ [  ]  ]
 ::=  |  
 ::=  | "-"
 ::=  | 
 ::= any one of the 52 alphabetic characters A through Z in
upper case and a through z in lower case
 ::= any one of the ten digits 0 through 9
Note that while upper and lower case letters are allowed in domain
names, no significance is attached to the case.  That is, two names with
the same spelling but different case are to be treated as if identical.

The labels must follow the rules for ARPANET host names.  They must
start with a letter, end with a letter or digit, and have as interior
characters only letters, digits, and hyphen.  There are also some
restrictions on the length.  Labels must be 63 characters or less.

>From RFC 1123, Section 2.1
One aspect of host name syntax is hereby changed: the
restriction on the first character is relaxed to allow either a
letter or a digit.  Host software MUST support this more liberal
syntax.

-- 
You are receiving this mail because:
You are the assignee for the bug.

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: HTTP/2 optimizations and edge cases

[Rémy Maucherat]

2016-06-15 13:27 GMT+02:00 Mark Thomas :

> On 13/06/2016 21:05, Rémy Maucherat wrote:
> > My conclusion is that some sort of optional mechanism should be added.
>
> Makes sense to me. How did you implement this for your testing?
>
> I'm not happy about it so I added a BZ to attach patches and discuss the
best strategy.

Rémy

[Bug 59706] HTTP/2 load testing performance

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=59706

--- Comment #1 from Remy Maucherat  ---
Created attachment 33951
  --> https://bz.apache.org/bugzilla/attachment.cgi?id=33951=edit
Test code

Test code which hijacks activeRemoteStreamCount. I tried putting code in
StreamProcessor, among other possible options, but for some reason the
performance improvement is not as large.

-- 
You are receiving this mail because:
You are the assignee for the bug.

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

buildbot failure in on tomcat-8-trunk

[buildbot]

The Buildbot has detected a new failure on builder tomcat-8-trunk while 
building . Full details are available at:
https://ci.apache.org/builders/tomcat-8-trunk/builds/655

Buildbot URL: https://ci.apache.org/

Buildslave for this Build: silvanus_ubuntu

Build Reason: The AnyBranchScheduler scheduler named 'on-tomcat-8-commit' 
triggered this build
Build Source Stamp: [branch tomcat/tc8.0.x/trunk] 1748556
Blamelist: markt

BUILD FAILED: failed compile_1

Sincerely,
 -The Buildbot




-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 59706] New: HTTP/2 load testing performance

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=59706

Bug ID: 59706
   Summary: HTTP/2 load testing performance
   Product: Tomcat 9
   Version: unspecified
  Hardware: All
OS: All
Status: NEW
  Severity: enhancement
  Priority: P2
 Component: Connectors
  Assignee: dev@tomcat.apache.org
  Reporter: r...@apache.org

Using a load testing tool like h2load, performance can go down quickly due to
very high multiplexing that occurs when processing the requests. Due to heavy
sync contention, it is likely some resources are then wasted. It could be
beneficial to explore solutions to that.

Example: h2load -c 1 -n 100 http://127.0.0.1:8080/tomcat.gif
Unlike HTTP/1.1, this will actually in most cases multiplex 100 concurrent
requests over a single connection, using 100 processing threads.

-- 
You are receiving this mail because:
You are the assignee for the bug.

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Big Data Interview

[Chaturvedi Chola]

Good book on interview preparation for big data

https://notionpress.com/read/big-data-interview-faqs

Re: HTTP/2 optimizations and edge cases

[Mark Thomas]

On 13/06/2016 21:05, Rémy Maucherat wrote:
> 2016-06-03 17:36 GMT+02:00 Mark Thomas :
> 
>> On 03/06/2016 15:59, Rémy Maucherat wrote:
 I am not talking about a limit on concurrent streams where things are
>> being
>>> refused (and this is exposed through the settings), rather on streams
>> which
>>> are effectively being processed concurrently (= for example, in
>> headersEnd,
>>> we put the StreamProcessor in a queue rather than executing it
>> immediately
>>> ? unless it's a high priority stream, right ?). h2load allows comparing
>>> with other servers, and JF told me httpd has a lower HTTP/2 performance
>>> impact compared to Tomcat. Given the profiling, the problem is the heavy
>>> lock contention (no surprise, this is something that is very expensive)
>> and
>>> we could get better performance by controlling the contention. JF's
>>> original "HTTP/2 torture test" HTML page with 1000 images probably also
>>> runs into this. IMO we will eventually need a better execution strategy
>>> than what is in place at the moment, since all dumb benchmarks will run
>>> into that edge case. But I agree that it's only partially legitimate, the
>>> client has the opportunity to control it.
>>
>> Ah. Got it.
>>
> I added some rudimentary concurrency control for testing, the h2load
> results are immediately up to 30% better when using low concurrency levels
> (8 streams concurrently executed per connection). When allowing a larger
> but still reasonable amount of concurrency, like 32 [that would correspond
> to 32 connections for a single client for HTTP/1.1, so that's a lot], the
> performance is up 20% over the default. As a sync contention gets higher,
> the performance degrades fast and I verified using VM monitoring most of
> the threads in the pool spend most of the time blocked while the test runs.
> This depends on the thread pool size and the client behavior obviously, so
> the impact can be arbitrarily large.
> 
> My conclusion is that some sort of optional mechanism should be added.

Makes sense to me. How did you implement this for your testing?

Mark


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

svn commit: r1748555 - /tomcat/tc8.5.x/trunk/webapps/docs/changelog.xml

[markt]

Author: markt
Date: Wed Jun 15 11:16:39 2016
New Revision: 1748555

URL: http://svn.apache.org/viewvc?rev=1748555=rev
Log:
Add release date for 8.5.3

Modified:
tomcat/tc8.5.x/trunk/webapps/docs/changelog.xml

Modified: tomcat/tc8.5.x/trunk/webapps/docs/changelog.xml
URL: 
http://svn.apache.org/viewvc/tomcat/tc8.5.x/trunk/webapps/docs/changelog.xml?rev=1748555=1748554=1748555=diff
==
--- tomcat/tc8.5.x/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/tc8.5.x/trunk/webapps/docs/changelog.xml Wed Jun 15 11:16:39 2016
@@ -60,7 +60,7 @@
 
   
 
-
+
   
 
   



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

svn commit: r1748556 - /tomcat/tc8.0.x/trunk/webapps/docs/changelog.xml

[markt]

Author: markt
Date: Wed Jun 15 11:17:12 2016
New Revision: 1748556

URL: http://svn.apache.org/viewvc?rev=1748556=rev
Log:
Add release date for 8.0.36

Modified:
tomcat/tc8.0.x/trunk/webapps/docs/changelog.xml

Modified: tomcat/tc8.0.x/trunk/webapps/docs/changelog.xml
URL: 
http://svn.apache.org/viewvc/tomcat/tc8.0.x/trunk/webapps/docs/changelog.xml?rev=1748556=1748555=1748556=diff
==
--- tomcat/tc8.0.x/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/tc8.0.x/trunk/webapps/docs/changelog.xml Wed Jun 15 11:17:12 2016
@@ -55,7 +55,7 @@
 
   
 
-
+
   
 
   



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

svn commit: r1748554 - /tomcat/trunk/webapps/docs/changelog.xml

[markt]

Author: markt
Date: Wed Jun 15 11:16:03 2016
New Revision: 1748554

URL: http://svn.apache.org/viewvc?rev=1748554=rev
Log:
Add release date for 9.0.0.M8

Modified:
tomcat/trunk/webapps/docs/changelog.xml

Modified: tomcat/trunk/webapps/docs/changelog.xml
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1748554=1748553=1748554=diff
==
--- tomcat/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/trunk/webapps/docs/changelog.xml Wed Jun 15 11:16:03 2016
@@ -75,7 +75,7 @@
 
   
 
-
+
   
 
   



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 59399] Tomcat doesn't support setting the response code for http -> https redirect

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=59399

Mark Thomas  changed:

   What|Removed |Added

 Status|NEW |RESOLVED
 Resolution|--- |FIXED

--- Comment #1 from Mark Thomas  ---
This has been implemented as a new option in the Realm and will has implemented
in:
- 9.0.x for 9.0.0.M9 onwards
- 8.5.x for 8.5.4 onwards
- 8.0.x for 8.0.37 onwards
- 7.0.x for 7.0.70 onwards

-- 
You are receiving this mail because:
You are the assignee for the bug.

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

svn commit: r1748552 - in /tomcat/tc7.0.x/trunk: ./ java/org/apache/catalina/connector/Response.java java/org/apache/catalina/realm/RealmBase.java webapps/docs/changelog.xml webapps/docs/config/realm.

[markt]

Author: markt
Date: Wed Jun 15 11:10:48 2016
New Revision: 1748552

URL: http://svn.apache.org/viewvc?rev=1748552=rev
Log:
Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=59399
Add a new option to the Realm implementations that ship with Tomcat that allows 
the HTTP status code used for HTTP -> HTTPS redirects to be controlled per 
Realm.

Modified:
tomcat/tc7.0.x/trunk/   (props changed)
tomcat/tc7.0.x/trunk/java/org/apache/catalina/connector/Response.java
tomcat/tc7.0.x/trunk/java/org/apache/catalina/realm/RealmBase.java
tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml
tomcat/tc7.0.x/trunk/webapps/docs/config/realm.xml

Propchange: tomcat/tc7.0.x/trunk/
--
--- svn:mergeinfo (original)
+++ svn:mergeinfo Wed Jun 15 11:10:48 2016
@@ -1,3 +1,3 @@
 
/tomcat/tc8.0.x/trunk:1636525,1637336,1637685,1637709,1638726,1640089,1640276,1640349,1640363,1640366,1640642,1640672,1640674,1640689,1640884,1641001,1641065,1641067,1641375,1641638,1641723,1641726,1641729-1641730,1641736,1641988,1642669-1642670,1642698,1642701,1643205,1643215,1643217,1643230,1643232,1643273,1643285,1643329-1643330,1643511,1643513,1643521,1643539,1643571,1643581-1643582,1643635,1643655,1643738,1643964,1644018,1644333,1644954,1644992,1645014,1645360,1645456,1645627,1645642,1645686,1645903-1645904,1645908-1645909,1645913,1645920,1646458,1646460-1646462,1646735,1646738-1646741,1646744,1646746,1646748-1646755,1646757,1646759-1646760,1647043,1648816,1651420-1651422,1651844,1652926,1652939-1652940,1652973,1653798,1653817,1653841,1654042,1654161,1654736,1654767,1654787,1656592,1659907,1662986,1663265,1663278,1663325,1663535,1663567,1663679,1663997,1664175,1664321,1664872,1665061,1665086,1666027,1666395,1666503,1666506,1666560,1666570,1666581,1666759,1666967,1666988,1667553
 
-1667555,1667558,1667617,1667633,1667637,1667747,1667767,1667873,1668028,1668137,1668634,1669432,1669801,1669840,1669895-1669896,1670398,1670435,1670592,1670605-1670607,1670609,1670632,1670720,1670725,1670727,1670731,1671114,1672273,1672285,1673759,1674220,1674295,1675469,1675488,1675595,1675831,1676232,1676367-1676369,1676382,1676394,1676483,1676556,1676635,1678178,1679536,1679988,1680256,1681124,1681182,1681730,1681840,1681864,1681869,1682010,1682034,1682047,1682052-1682053,1682062,1682064,1682070,1682312,1682325,1682331,1682386,1684367,1684385,1685759,1685774,1685827,1685892,1687341,1688904,1689358,1689657,1689921,1692850,1693093,1693108,1693324,1694060,1694115,1694291,1694427,1694431,1694503,1694549,1694789,1694873,1694881,1695356,1695372,1695823-1695825,1696200,1696281,1696379,1696468,1700608,1700871,1700897,1700978,1701094,1701124,1701608,1701668,1701676,1701766,1701944,1702248,1702252,1702314,1702390,1702723,1702725,1702728,1702730,1702733,1702735,1702737,1702739,1702742,1702
 
744,1702748,1702751,1702754,1702758,1702760,1702763,1702766,1708779,1708782,1708806,1709314,1709670,1710347,1710442,1710448,1710490,1710574,1710578,1712226,1712229,1712235,1712255,1712618,1712649,1712655,1712860,1712899,1712903,1712906,1712913,1712926,1712975,1713185,1713262,1713287,1713613,1713621,1713872,1713976,1713994,1713998,1714004,1714013,1714059,1714538,1714580,1715189,1715207,1715544,1715549,1715637,1715639-1715645,1715667,1715683,1715866,1715978,1715981,1716216-1716217,1716355,1716414,1716421,1717208-1717209,1717257,1717283,1717288,1717291,1717421,1717517,1717529,1718797,1718840-1718843,1719348,1719357-1719358,1719400,1719491,1719737,1720235,1720396,1720442,1720446,1720450,1720463,1720658-1720660,1720756,1720816,1721813,1721818,1721831,1721861,1721867,1721882,1722523,1722527,1722800,1722926,1722941,1722997,1723130,1723440,1723488,1723890,1724434,1724674,1724792,1724803,1724902,1725128,1725131,1725154,1725167,1725911,1725921,1725929,1725963-1725965,1725970,1725974,1726171-1
 
726173,1726175,1726179-1726182,1726190-1726191,1726195-1726200,1726203,1726226,1726576,1726630,1726992,1727029,1727037,1727671,1727676,1727900,1728028,1728092,1728439,1728449,1729186,1729362,1731009,1731303,1731867,1731872,1731874,1731876,1731885,1731947,1731955,1731959,1731977,1731984,1732360,1732490,1732672,1732902,1733166,1733603,1733619,1733735,1733752,1733764,1733915,1733941,1733964,1734115,1734133,1734261,1734421,1734531,1736286,1737967,1738173,1738182,1738992,1739039,1739089-1739091,1739294,1739777,1739821,1739981,1740513,1740726,1741019,1741162,1741217,1743647,1743681,1744152,1744272,1746732,1746750
-/tomcat/tc8.5.x/trunk:1735579,1736839,1737199,1737966,1738042,1738044,1738162,1738165,1738178,1739157,1739173,1739177,1739476,1740132,1740521,1740536,1740804,1740811,1740981,1741165,1741174,1741182,1741191,1741203,1741209,1741226,1741233,1741410,1742277,1743118,1743126,1743139-1743140,1743718,1743722,1743724,1744059,1744127,1744151,1744232,1744377,1744687,1744698,1744706,1745228,1746940

svn commit: r1748550 - in /tomcat/tc8.0.x/trunk: ./ java/org/apache/catalina/realm/RealmBase.java webapps/docs/changelog.xml webapps/docs/config/realm.xml

[markt]

Author: markt
Date: Wed Jun 15 11:01:52 2016
New Revision: 1748550

URL: http://svn.apache.org/viewvc?rev=1748550=rev
Log:
Add a new option to the Realm implementations that ship with Tomcat that allows 
the HTTP status code used for HTTP -> HTTPS redirects to be controlled per 
Realm.

Modified:
tomcat/tc8.0.x/trunk/   (props changed)
tomcat/tc8.0.x/trunk/java/org/apache/catalina/realm/RealmBase.java
tomcat/tc8.0.x/trunk/webapps/docs/changelog.xml
tomcat/tc8.0.x/trunk/webapps/docs/config/realm.xml

Propchange: tomcat/tc8.0.x/trunk/
--
--- svn:mergeinfo (original)
+++ svn:mergeinfo Wed Jun 15 11:01:52 2016
@@ -1,2 +1,2 @@
 
/tomcat/tc8.5.x/trunk:1735042,1737966,1743139-1743140,1744151,1747537,1747925,1748002
-/tomcat/trunk:1636524,1637156,1637176,1637188,1637331,1637684,1637695,1637890,1637892,1638720-1638725,1639653,1640010,1640083-1640084,1640088,1640275,1640322,1640347,1640361,1640365,1640403,1640410,1640652,1640655-1640658,1640688,1640700-1640883,1640903,1640976,1640978,1641000,1641026,1641038-1641039,1641051-1641052,1641058,1641064,1641300,1641369,1641374,1641380,1641486,1641634,1641656-1641692,1641704,1641707-1641718,1641720-1641722,1641735,1641981,1642233,1642280,1642554,1642564,1642595,1642606,1642668,1642679,1642697,1642699,1642766,1643002,1643045,1643054-1643055,1643066,1643121,1643128,1643206,1643209-1643210,1643216,1643249,1643270,1643283,1643309-1643310,1643323,1643365-1643366,1643370-1643371,1643465,1643474,1643536,1643570,1643634,1643649,1643651,1643654,1643675,1643731,1643733-1643734,1643761,1643766,1643814,1643937,1643963,1644017,1644169,1644201-1644203,1644321,1644323,1644516,1644523,1644529,1644535,1644730,1644768,1644784-1644785,1644790,1644793,1644815,1644884,1644886
 
,1644890,1644892,1644910,1644924,1644929-1644930,1644935,1644989,1645011,1645247,1645355,1645357-1645358,1645455,1645465,1645469,1645471,1645473,1645475,1645486-1645488,1645626,1645641,1645685,1645743,1645763,1645951-1645953,1645955,1645993,1646098-1646106,1646178,1646220,1646302,1646304,1646420,1646470-1646471,1646476,1646559,1646717-1646723,1646773,1647026,1647042,1647530,1647655,1648304,1648815,1648907,1649973,1650081,1650365,1651116,1651120,1651280,1651470,1652938,1652970,1653041,1653471,1653550,1653574,1653797,1653815-1653816,1653819,1653840,1653857,1653888,1653972,1654013,1654030,1654050,1654123,1654148,1654159,1654513,1654515,1654517,1654522,1654524,1654725,1654735,1654766,1654785,1654851-1654852,1654978,1655122-1655124,1655126-1655127,1655129-1655130,1655132-1655133,1655312,1655351,1655438,1655441,1655454,168,1656087,1656299,1656319,1656331,1656345,1656350,1656590,1656648-1656650,1656657,1657041,1657054,1657374,1657492,1657510,1657565,1657580,1657584,1657586,1657589,1657
 
592,1657607,1657609,1657682,1657907,1658207,1658734,1658781,1658790,1658799,1658802,1658804,1658833,1658840,1658966,1659043,1659053,1659059,1659174,1659184,1659188-1659189,1659216,1659263,1659293,1659304,1659306-1659307,1659382,1659384,1659428,1659471,1659486,1659505,1659516,1659521,1659524,1659559,1659562,1659803,1659806,1659814,1659833,1659862,1659905,1659919,1659948,1659967,1659983-1659984,1660060,1660074,1660077,1660133,1660168,1660331-1660332,1660353,1660358,1660924,1661386,1661770,1661867,1661972,1661990,1662200,1662308-1662309,1662548,1662614,1662696,1662736,1662985,1662988-1662989,1663264,1663277,1663298,1663534,1663562,1663676,1663715,1663754,1663768,1663772,1663781,1663893,1663995,1664143,1664163,1664174,1664301,1664317,1664347,1664657,1664659,1664710,1664863-1664864,1664866,1665085,1665292,1665559,1665653,1665661,1665672,1665694,1665697,1665736,1665779,1665976-1665977,1665980-1665981,1665985-1665986,1665989,1665998,1666004,1666008,1666013,1666017,1666024,1666116,1666386-1
 
666387,1666494,1666496,1666552,1666569,1666579,137,149,1666757,1666966,1666972,1666985,1666995,1666997,1667292,1667402,1667406,1667546,1667615,1667630,1667636,1667688,1667764,1667871,1668026,1668135,1668193,1668593,1668596,1668630,1668639,1668843,1669353,1669370,1669451,1669800,1669838,1669876,1669882,1670394,1670433,1670591,1670598-1670600,1670610,1670631,1670719,1670724,1670726,1670730,1670940,1671112,1672272,1672284,1673754,1674294,1675461,1675486,1675594,1675830,1676231,1676250-1676251,1676364,1676381,1676393,1676479,1676525,1676552,1676615,1676630,1676634,1676721,1676926,1676943,1677140,1677802,1678011,1678162,1678174,1678339,1678426-1678427,1678694,1678701,1679534,1679708,1679710,1679716,1680034,1680246,1681056,1681123,1681138,1681280,1681283,1681286,1681450,1681697,1681699,1681701,1681729,1681770,1681779,1681793,1681807,1681837-1681838,1681854,1681862,1681958,1682028,1682033,1682311,1682315,1682317,1682320,1682324,1682330,1682842,1684172,1684366,1684383,1684526-168452
 

Re: Problems with default for sessionCookiePathUsesTrailingSlash

[Rémy Maucherat]

2016-06-15 12:31 GMT+02:00 Mark Thomas :

> Hi all,
>
> A problem[1] with the default for sessionCookiePathUsesTrailingSlash has
> cropped up via $work and after some research I wanted to discuss whether
> the default should be changed.
>
> The default for sessionCookiePathUsesTrailingSlash is true to work
> around a potential security issue in a number of browsers. I did a quick
> test before writing this e-mail and it appears that IE, Edge and Safari
> are affected. Together they represent approximately 42% of the current
> browser market share[2].
>
> The security issue is that for a cookie path of '/foo', these browsers
> include in the cookie when sending requests to '/foobar'. Tomcat
> therefore introduced sessionCookiePathUsesTrailingSlash which adds a '/'
> to the cookie path so '/foo' becomes '/foo/' since no user agent will
> include this in a request to '/foobar'.
>
> However, this can cause problems. To summarise [1], we have:
> A user request for '/foo'
> A security enforcing filter that uses cookies mapped to '/*'
> A web application with a controller servlet mapped to '/*'
>
> The sequence of events is:
> - Tomcat receives the request for '/foo'
> - Because of the servlet mapped to '/*', Tomcat does not redirect
>   this to '/foo/'
> - The security filter creates a session cookie (path '/foo/')
> - The security filter performs authentication which includes
>   additional requests from the client to '/foo'
> - The security filter rejects the authentication because the
>   subsequent requests do not include the cookie because the path
>   does not match
>
> RFC 6265, section 4.1.2.4 is clear that cookies with a path of '/foo'
> should not be included with requests for '/foobar'. However that same
> section also makes clear that cookie paths should not be relied upon for
> security. It references RFC 6265 section 8 which provides several
> reasons for this in addition to the broken behaviour described above.
>
> Given the problems caused by the current default for
> sessionCookiePathUsesTrailingSlash and the warnings in RFC 6265
> regarding relying on cookie paths for security, I would like to propose
> the following changes:
> 1. Change the default for sessionCookiePathUsesTrailingSlash to false.
> 2. Add some explanatory notes to the documentation for
>sessionCookiePathUsesTrailingSlash that makes clear that the setting
>is:
>a) intended to work around broken browser behaviour
>b) while it closes one security hole, others are likely to remain
>   and reference RFC 6265 section 8.
>
> Thoughts?
>
> +1

Rémy

svn commit: r1748548 - in /tomcat/tc8.5.x/trunk: ./ java/org/apache/catalina/realm/RealmBase.java webapps/docs/changelog.xml webapps/docs/config/realm.xml

[markt]

Author: markt
Date: Wed Jun 15 10:57:54 2016
New Revision: 1748548

URL: http://svn.apache.org/viewvc?rev=1748548=rev
Log:
Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=59399
Add a new option to the Realm implementations that ship with Tomcat that allows 
the HTTP status code used for HTTP -> HTTPS redirects to be controlled per 
Realm.

Modified:
tomcat/tc8.5.x/trunk/   (props changed)
tomcat/tc8.5.x/trunk/java/org/apache/catalina/realm/RealmBase.java
tomcat/tc8.5.x/trunk/webapps/docs/changelog.xml
tomcat/tc8.5.x/trunk/webapps/docs/config/realm.xml

Propchange: tomcat/tc8.5.x/trunk/
--
--- svn:mergeinfo (original)
+++ svn:mergeinfo Wed Jun 15 10:57:54 2016
@@ -1 +1 @@
-/tomcat/trunk:1734785,1734799,1734845,1734928,1735041,1735044,1735480,1735577,1735597,1735599-1735600,1735615,1736145,1736162,1736209,1736280,1736297,1736299,1736489,1736646,1736703,1736836,1736849,1737104-1737105,1737112,1737117,1737119-1737120,1737155,1737157,1737192,1737280,1737339,1737632,1737664,1737715,1737748,1737785,1737834,1737860,1737959,1738005,1738007,1738014-1738015,1738018,1738022,1738039,1738043,1738059-1738060,1738147,1738149,1738174-1738175,1738261,1738589,1738623-1738625,1738643,1738816,1738850,1738855,1738946-1738948,1738953-1738954,1738979,1738982,1739079-1739081,1739087,1739113,1739153,1739172,1739176,1739191,1739474,1739726,1739762,1739775,1739814,1739817-1739818,1739975,1740131,1740324,1740465,1740495,1740508-1740509,1740520,1740535,1740707,1740803,1740810,1740969,1740980,1740991,1740997,1741015,1741033,1741036,1741058,1741060,1741080,1741147,1741159,1741164,1741173,1741181,1741190,1741197,1741202,1741208,1741213,1741221,1741225,1741232,1741409,1741501,1741677
 
,1741892,1741896,1741984,1742023,1742042,1742071,1742090,1742093,1742101,1742105,1742111,1742139,1742146,1742148,1742166,1742181,1742184,1742187,1742246,1742248-1742251,1742263-1742264,1742268,1742276,1742369,1742387,1742448,1742509-1742512,1742917,1742919,1742933,1742975-1742976,1742984,1742986,1743019,1743115,1743117,1743124-1743125,1743134,1743425,1743554,1743679,1743696-1743698,1743700-1743701,1744058,1744064-1744065,1744125,1744194,1744229,1744270,1744323,1744432,1744684,1744697,1744705,1744713,1744760,1744786,1745142-1745143,1745145,1745177,1745179-1745180,1745227,1745248,1745254,1745337,1745467,1745576,1745735,1745744,1746304,1746306-1746307,1746319,1746327,1746338,1746340-1746341,1746344,1746427,1746441,1746473,1746490,1746492,1746495-1746496,1746499-1746501,1746503-1746507,1746509,1746549,1746551,1746554,1746556,1746558,1746584,1746620,1746649,1746724,1746939,1746989,1747014,1747028,1747035,1747210,1747225,1747234,1747253,1747404,1747506,1747536,1747924,1747980,1747993,1748
 001,1748253,1748452
+/tomcat/trunk:1734785,1734799,1734845,1734928,1735041,1735044,1735480,1735577,1735597,1735599-1735600,1735615,1736145,1736162,1736209,1736280,1736297,1736299,1736489,1736646,1736703,1736836,1736849,1737104-1737105,1737112,1737117,1737119-1737120,1737155,1737157,1737192,1737280,1737339,1737632,1737664,1737715,1737748,1737785,1737834,1737860,1737959,1738005,1738007,1738014-1738015,1738018,1738022,1738039,1738043,1738059-1738060,1738147,1738149,1738174-1738175,1738261,1738589,1738623-1738625,1738643,1738816,1738850,1738855,1738946-1738948,1738953-1738954,1738979,1738982,1739079-1739081,1739087,1739113,1739153,1739172,1739176,1739191,1739474,1739726,1739762,1739775,1739814,1739817-1739818,1739975,1740131,1740324,1740465,1740495,1740508-1740509,1740520,1740535,1740707,1740803,1740810,1740969,1740980,1740991,1740997,1741015,1741033,1741036,1741058,1741060,1741080,1741147,1741159,1741164,1741173,1741181,1741190,1741197,1741202,1741208,1741213,1741221,1741225,1741232,1741409,1741501,1741677
 
,1741892,1741896,1741984,1742023,1742042,1742071,1742090,1742093,1742101,1742105,1742111,1742139,1742146,1742148,1742166,1742181,1742184,1742187,1742246,1742248-1742251,1742263-1742264,1742268,1742276,1742369,1742387,1742448,1742509-1742512,1742917,1742919,1742933,1742975-1742976,1742984,1742986,1743019,1743115,1743117,1743124-1743125,1743134,1743425,1743554,1743679,1743696-1743698,1743700-1743701,1744058,1744064-1744065,1744125,1744194,1744229,1744270,1744323,1744432,1744684,1744697,1744705,1744713,1744760,1744786,1745142-1745143,1745145,1745177,1745179-1745180,1745227,1745248,1745254,1745337,1745467,1745576,1745735,1745744,1746304,1746306-1746307,1746319,1746327,1746338,1746340-1746341,1746344,1746427,1746441,1746473,1746490,1746492,1746495-1746496,1746499-1746501,1746503-1746507,1746509,1746549,1746551,1746554,1746556,1746558,1746584,1746620,1746649,1746724,1746939,1746989,1747014,1747028,1747035,1747210,1747225,1747234,1747253,1747404,1747506,1747536,1747924,1747980,1747993,1748
 001,1748253,1748452,1748547

Modified: tomcat/tc8.5.x/trunk/java/org/apache/catalina/realm/RealmBase.java
URL: 

svn commit: r1748547 - in /tomcat/trunk: java/org/apache/catalina/realm/RealmBase.java webapps/docs/changelog.xml webapps/docs/config/realm.xml

[markt]

Author: markt
Date: Wed Jun 15 10:56:22 2016
New Revision: 1748547

URL: http://svn.apache.org/viewvc?rev=1748547=rev
Log:
Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=59399
Add a new option to the Realm implementations that ship with Tomcat that allows 
the HTTP status code used for HTTP -> HTTPS redirects to be controlled per 
Realm.

Modified:
tomcat/trunk/java/org/apache/catalina/realm/RealmBase.java
tomcat/trunk/webapps/docs/changelog.xml
tomcat/trunk/webapps/docs/config/realm.xml

Modified: tomcat/trunk/java/org/apache/catalina/realm/RealmBase.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/realm/RealmBase.java?rev=1748547=1748546=1748547=diff
==
--- tomcat/trunk/java/org/apache/catalina/realm/RealmBase.java (original)
+++ tomcat/trunk/java/org/apache/catalina/realm/RealmBase.java Wed Jun 15 
10:56:22 2016
@@ -145,8 +145,34 @@ public abstract class RealmBase extends
 protected boolean stripRealmForGss = true;
 
 
+private int transportGuaranteeRedirectStatus = 
HttpServletResponse.SC_FOUND;
+
+
 // - Properties
 
+
+/**
+ * @return The HTTP status code used when the container needs to issue an
+ * HTTP redirect to meet the requirements of a configured transport
+ * guarantee.
+ */
+public int getTransportGuaranteeRedirectStatus() {
+return transportGuaranteeRedirectStatus;
+}
+
+
+/**
+ * Set the HTTP status code used when the container needs to issue an HTTP
+ * redirect to meet the requirements of a configured transport guarantee.
+ *
+ * @param transportGuaranteeRedirectStatus The status to use. This value is
+ * not validated
+ */
+public void setTransportGuaranteeRedirectStatus(int 
transportGuaranteeRedirectStatus) {
+this.transportGuaranteeRedirectStatus = 
transportGuaranteeRedirectStatus;
+}
+
+
 @Override
 public CredentialHandler getCredentialHandler() {
 return credentialHandler;
@@ -991,7 +1017,7 @@ public abstract class RealmBase extends
 }
 if (log.isDebugEnabled())
 log.debug("  Redirecting to " + file.toString());
-response.sendRedirect(file.toString());
+response.sendRedirect(file.toString(), 
transportGuaranteeRedirectStatus);
 return false;
 
 }

Modified: tomcat/trunk/webapps/docs/changelog.xml
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1748547=1748546=1748547=diff
==
--- tomcat/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/trunk/webapps/docs/changelog.xml Wed Jun 15 10:56:22 2016
@@ -52,6 +52,11 @@
 entire org.apache.juli package from the embedded JARs
 rendering them unusable. (markt)
   
+  
+59399: Add a new option to the Realm implementations that
+ship with Tomcat that allows the HTTP status code used for HTTP -> 
HTTPS
+redirects to be controlled per Realm. (markt)
+  
 
   
   

Modified: tomcat/trunk/webapps/docs/config/realm.xml
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/config/realm.xml?rev=1748547=1748546=1748547=diff
==
--- tomcat/trunk/webapps/docs/config/realm.xml (original)
+++ tomcat/trunk/webapps/docs/config/realm.xml Wed Jun 15 10:56:22 2016
@@ -158,6 +158,13 @@
 name. If not specified, the default is true.
   
 
+  
+The HTTP status code to use when the container needs to issue an 
HTTP
+   redirect to meet the requirements of a configured transport
+   guarantee. The prpvoded status code is not validated. If not
+   specified, the default value of 302 is used.
+  
+
   
 Name of the column, in the "users" table, which contains
 the user's credentials (i.e. password).  If a



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Problems with default for sessionCookiePathUsesTrailingSlash

[Mark Thomas]

Hi all,

A problem[1] with the default for sessionCookiePathUsesTrailingSlash has
cropped up via $work and after some research I wanted to discuss whether
the default should be changed.

The default for sessionCookiePathUsesTrailingSlash is true to work
around a potential security issue in a number of browsers. I did a quick
test before writing this e-mail and it appears that IE, Edge and Safari
are affected. Together they represent approximately 42% of the current
browser market share[2].

The security issue is that for a cookie path of '/foo', these browsers
include in the cookie when sending requests to '/foobar'. Tomcat
therefore introduced sessionCookiePathUsesTrailingSlash which adds a '/'
to the cookie path so '/foo' becomes '/foo/' since no user agent will
include this in a request to '/foobar'.

However, this can cause problems. To summarise [1], we have:
A user request for '/foo'
A security enforcing filter that uses cookies mapped to '/*'
A web application with a controller servlet mapped to '/*'

The sequence of events is:
- Tomcat receives the request for '/foo'
- Because of the servlet mapped to '/*', Tomcat does not redirect
  this to '/foo/'
- The security filter creates a session cookie (path '/foo/')
- The security filter performs authentication which includes
  additional requests from the client to '/foo'
- The security filter rejects the authentication because the
  subsequent requests do not include the cookie because the path
  does not match

RFC 6265, section 4.1.2.4 is clear that cookies with a path of '/foo'
should not be included with requests for '/foobar'. However that same
section also makes clear that cookie paths should not be relied upon for
security. It references RFC 6265 section 8 which provides several
reasons for this in addition to the broken behaviour described above.

Given the problems caused by the current default for
sessionCookiePathUsesTrailingSlash and the warnings in RFC 6265
regarding relying on cookie paths for security, I would like to propose
the following changes:
1. Change the default for sessionCookiePathUsesTrailingSlash to false.
2. Add some explanatory notes to the documentation for
   sessionCookiePathUsesTrailingSlash that makes clear that the setting
   is:
   a) intended to work around broken browser behaviour
   b) while it closes one security hole, others are likely to remain
  and reference RFC 6265 section 8.

Thoughts?

Mark


[1] https://github.com/grails/grails-core/issues/9024
[2]
https://www.netmarketshare.com/browser-market-share.aspx?qprid=2=0=

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 59704] shared loader

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=59704

Mark Thomas  changed:

   What|Removed |Added

 Resolution|--- |INVALID
 Status|NEW |RESOLVED

--- Comment #2 from Mark Thomas  ---
Bugzilla is not a support forum. Please use the Apache Tomcat users' mailing
list for your query.
http://tomcat.apache.org/lists.html#tomcat-users

-- 
You are receiving this mail because:
You are the assignee for the bug.

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 59704] shared loader

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=59704

Amit Pande  changed:

   What|Removed |Added

   Priority|P2  |P1
 OS|Mac OS X 10.4   |All

--- Comment #1 from Amit Pande  ---
We develop multiple web application which happen to share the same stack
(Spring, Hibernate,etc).

Thinking of sharing these third party libraries instead of duplicating in each
web app war. 

IIUC, putting those in Tomcat (8)’s lib folder might cause issues since the
classes in there are loaded by a common loader. 

And sharing such libraries using the shared loader seems a better approach.  Is
my understanding correct ? Does it have any further issues ?

That said, I don’t see much documentation around using shared loader. Any
documentation/help in this regard is highly appreciated. 

Thanks,
Amit

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 59704] New: shared loader

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=59704

Bug ID: 59704
   Summary: shared loader
   Product: Tomcat 8
   Version: 8.0.30
  Hardware: PC
OS: Mac OS X 10.4
Status: NEW
  Severity: normal
  Priority: P2
 Component: Catalina
  Assignee: dev@tomcat.apache.org
  Reporter: amit.pa...@veritas.com

-- 
You are receiving this mail because:
You are the assignee for the bug.

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: Timescale for 8.0.x EOL

[jean-frederic clere]

On 06/14/2016 02:05 PM, Rémy Maucherat wrote:
> 2016-06-14 10:31 GMT+02:00 Mark Thomas :
> 
>> On 14/06/2016 09:00, Emmanuel Bourg wrote:
>>> Le 13/06/2016 à 17:47, Mark Thomas a écrit :
 Now we have a stable release of 8.5.x, I'd like to finialise the end of
 life date for 8.0.x so we can publish it.

 We originally said we'd do parallel releases for 6 months. That gives an
 EOL date of 30 September 2016 for 8.0.x which seems reasonable to me.

 Any objections to that date or suggestions for a better one?
>>>
>>> Hi,
>>>
>>> Just a word with my Debian maintainer hat on, Tomcat 8.0.x was shipped
>>> with Debian 8 Jessie with the expectation it would be supported during
>>> the lifetime of this release (until May 2018). I'm currently maintaining
>>> with other volunteers a stable version based on 8.0.14 (with backported
>>> security patches). Canonical does a similar job for Ubuntu 16.04 LTS
>>> based on Tomcat 8.0.32.
>>>
>>> The early EOL of 8.0.x is impractical because, at least in Debian, major
>>> updates like the switch to 8.5 aren't allowed for the stable
>> distribution.
>>>
>>> I understand you can't maintain so many branches for a long time, but if
>>> Tomcat 8.0.x could be security supported at least until the Debian 9
>>> release (~April/May 2017) it would allow users following the stable
>>> distribution to remain on a supported version of Tomcat (Debian 9 will
>>> include Tomcat 8.5).
>>
>> That is unlikely unless someone volunteers for that task.
>>
> 
> Yes JF or myself could volunteer to do some additional limited 8.0
> releases, but we'll see how it goes in practice.

We have to provide long term support for our customers, one way is to
keep 8.0.x alive here so the community can benefit our efforts.

Cheers

Jean-Frederic

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org