[Bug 60497] JSP custom tags returned to the tag pools to be reused without executing the doEndTag method
https://bz.apache.org/bugzilla/show_bug.cgi?id=60497 --- Comment #10 from M. Manna --- Hello, We would like to go for TC 8.5.14 or 8.5.15. Will this patch be available there? -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 61250] Disabling shutdown port exit tomcat with System.exit(1) causes issue
https://bz.apache.org/bugzilla/show_bug.cgi?id=61250 --- Comment #2 from Mark Thomas --- The exit code of -1 is correct in that case. The user is trying to use the shutdown command when the port is disabled. We need to look at how we integrate with Commons Daemon and how Daemon handles this to see if there is a way to avoid the error message. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 61250] Disabling shutdown port exit tomcat with System.exit(1) causes issue
https://bz.apache.org/bugzilla/show_bug.cgi?id=61250 --- Comment #3 from Veeru --- Thanks you very much. Waiting for your input. At present I build the catalina.jar with system.exit(0) as 0 represent success. 0 -- success 1 -- exception -1 -- Error -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1800850 - in /tomcat/trunk/webapps/docs: changelog.xml config/http.xml
Author: markt Date: Wed Jul 5 08:52:54 2017 New Revision: 1800850 URL: http://svn.apache.org/viewvc?rev=1800850&view=rev Log: Clarify the documentation for certificateKeyPassword with information on the lack of support for multiple keys in a single key store, each with a separate password. Modified: tomcat/trunk/webapps/docs/changelog.xml tomcat/trunk/webapps/docs/config/http.xml Modified: tomcat/trunk/webapps/docs/changelog.xml URL: http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1800850&r1=1800849&r2=1800850&view=diff == --- tomcat/trunk/webapps/docs/changelog.xml (original) +++ tomcat/trunk/webapps/docs/changelog.xml Wed Jul 5 08:52:54 2017 @@ -65,6 +65,15 @@ + + + +Clarify the documentation for certificateKeyPassword with +information on the lack of support for multiple keys in a single key +store, each with a separate password. (markt) + + + Modified: tomcat/trunk/webapps/docs/config/http.xml URL: http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/config/http.xml?rev=1800850&r1=1800849&r2=1800850&view=diff == --- tomcat/trunk/webapps/docs/config/http.xml (original) +++ tomcat/trunk/webapps/docs/config/http.xml Wed Jul 5 08:52:54 2017 @@ -1402,6 +1402,11 @@ If not specified, the default behaviour for JSSE is to use the certificateKeystorePassword. For OpenSSL the default behaviour is not to use a password. + Note: While Java key stores may be configured with + different passwords for each key, the JRE's default provider can only use + the keystore if all keys have the same password. If you need to use + multiple keys each with a different password you must use a separate + keystore for each. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1800851 - in /tomcat/tc8.5.x/trunk: ./ webapps/docs/changelog.xml webapps/docs/config/http.xml
Author: markt Date: Wed Jul 5 08:54:02 2017 New Revision: 1800851 URL: http://svn.apache.org/viewvc?rev=1800851&view=rev Log: Clarify the documentation for certificateKeyPassword with information on the lack of support for multiple keys in a single key store, each with a separate password. Modified: tomcat/tc8.5.x/trunk/ (props changed) tomcat/tc8.5.x/trunk/webapps/docs/changelog.xml tomcat/tc8.5.x/trunk/webapps/docs/config/http.xml Propchange: tomcat/tc8.5.x/trunk/ -- --- svn:mergeinfo (original) +++ svn:mergeinfo Wed Jul 5 08:54:02 2017 @@ -1 +1 @@ -/tomcat/trunk:1734785,1734799,1734845,1734928,1735041,1735044,1735480,1735577,1735597,1735599-1735600,1735615,1736145,1736162,1736209,1736280,1736297,1736299,1736489,1736646,1736703,1736836,1736849,1737104-1737105,1737112,1737117,1737119-1737120,1737155,1737157,1737192,1737280,1737339,1737632,1737664,1737715,1737748,1737785,1737834,1737860,1737903,1737959,1738005,1738007,1738014-1738015,1738018,1738022,1738039,1738043,1738059-1738060,1738147,1738149,1738174-1738175,1738261,1738589,1738623-1738625,1738643,1738816,1738850,1738855,1738946-1738948,1738953-1738954,1738979,1738982,1739079-1739081,1739087,1739113,1739153,1739172,1739176,1739191,1739474,1739726,1739762,1739775,1739814,1739817-1739818,1739975,1740131,1740324,1740465,1740495,1740508-1740509,1740520,1740535,1740707,1740803,1740810,1740969,1740980,1740991,1740997,1741015,1741033,1741036,1741058,1741060,1741080,1741147,1741159,1741164,1741173,1741181,1741190,1741197,1741202,1741208,1741213,1741221,1741225,1741232,1741409,1741501 ,1741677,1741892,1741896,1741984,1742023,1742042,1742071,1742090,1742093,1742101,1742105,1742111,1742139,1742146,1742148,1742166,1742181,1742184,1742187,1742246,1742248-1742251,1742263-1742264,1742268,1742276,1742369,1742387,1742448,1742509-1742512,1742917,1742919,1742933,1742975-1742976,1742984,1742986,1743019,1743115,1743117,1743124-1743125,1743134,1743425,1743554,1743679,1743696-1743698,1743700-1743701,1744058,1744064-1744065,1744125,1744194,1744229,1744270,1744323,1744432,1744684,1744697,1744705,1744713,1744760,1744786,1745083,1745142-1745143,1745145,1745177,1745179-1745180,1745227,1745248,1745254,1745337,1745467,1745473,1745535,1745576,1745735,1745744,1746304,1746306-1746307,1746319,1746327,1746338,1746340-1746341,1746344,1746427,1746441,1746473,1746490,1746492,1746495-1746496,1746499-1746501,1746503-1746507,1746509,1746549,1746551,1746554,1746556,1746558,1746584,1746620,1746649,1746724,1746939,1746989,1747014,1747028,1747035,1747210,1747225,1747234,1747253,1747404,1747506,1747 536,1747924,1747980,1747993,1748001,1748253,1748452,1748547,1748629,1748676,1748715,1749287,1749296,1749328,1749373,1749465,1749506,1749508,1749665-1749666,1749763,1749865-1749866,1749898,1749978,1749980,1750011,1750015,1750056,1750480,1750617,1750634,1750692,1750697,1750700,1750703,1750707,1750714,1750718,1750723,1750774,1750899,1750975,1750995,1751061,1751097,1751173,1751438,1751447,1751463,1751702,1752212,1752737,1752745,1753078,1753080,1753358,1753363,1754111,1754140-1754141,1754281,1754310,1754445,1754467,1754494,1754496,1754528,1754532-1754533,1754613,1754714,1754874,1754941,1754944,1754950-1754951,1755005,1755007,1755009,1755132,1755180-1755181,1755185,1755190,1755204-1755206,1755208,1755214,1755224,1755227,1755230,1755629,1755646-1755647,1755650,1755653,1755675,1755680,1755683,1755693,1755717,1755731-1755737,1755812,1755828,1755884,1755890,1755918-1755919,1755942,1755958,1755960,1755970,1755993,1756013,1756019,1756039,1756056,1756083-1756114,1756175,1756288-1756289,1756408-1 756410,1756778,1756798,1756878,1756898,1756939,1757123-1757124,1757126,1757128,1757132-1757133,1757136,1757145,1757167-1757168,1757175,1757180,1757182,1757195,1757271,1757278,1757347,1757353-1757354,1757363,1757374,1757399,1757406,1757408,1757485,1757495,1757499,1757527,1757578,1757684,1757722,1757727,1757790,1757799,1757813,1757853,1757883,1757903,1757976,1757997,1758000,1758058,1758072-1758075,1758078-1758079,1758223,1758257,1758261,1758276,1758292,1758369,1758378-1758383,1758421,1758423,1758425-1758427,1758430,1758443,1758448,1758459,1758483,1758486-1758487,1758499,1758525,1758556,1758580,1758582,1758584,1758588,1758842,1759019,1759212,1759224,1759227,1759252,1759274,1759513-1759516,1759611,1759757,1759785-1759790,1760005,1760022,1760109-1760110,1760135,1760200-1760201,1760227,1760300,1760397,1760446,1760454,1760640,1760648,1761057,1761422,1761491,1761498,1761500-1761501,1761550,1761553,1761572,1761574,1761625-1761626,1761628,1761682,1761740,1761752,1762051-1762053,1762123,176216 8,1762172,1762182,1762201-1762202,1762204,1762208,1762288,1762296,1762324,1762348,1762353,1762362,1762374,1762492,1762503,1762505,1762541,1762608,1762710,1762753,1762766,1762769,1762944,1762947,1762953,1763167,1763179,1763232,1763259,1763271-1763272,1763276-1763277,1763319-1763320,1763370,1763372,1763375,1763377,1763393,1763412,1763430,176345
[Bug 61171] Add port offset attribute (portOffset?) to Server configuration in server.xml
https://bz.apache.org/bugzilla/show_bug.cgi?id=61171 --- Comment #6 from Mark Thomas --- My suggestion is as follows: Add a new getter for every getPort() or equivalent named getPortWithOffset() and use it in place of getPort() whenever code needs to get the actual port number to open. That would ensure that getPort()/setPort() (and getOffset()/setOffset() ) remain symmetrical so they continue to work with features like configuration saving. portWithOffset should be exposed as a read-only JMX attribute everywhere port is exposed. It does mean users using an offset will need to look at a different attribute to find the port they are actually using. That might confuse some tools but on balance I think this is lower risk than getPort()/setPort() not being symmetrical. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 61250] Disabling shutdown port exit tomcat with System.exit(1) causes issue
https://bz.apache.org/bugzilla/show_bug.cgi?id=61250 Mark Thomas changed: What|Removed |Added Resolution|--- |WONTFIX Status|NEW |RESOLVED --- Comment #4 from Mark Thomas --- If you use the default startMode of jvm, you won't see this problem. The problem is that with startModes java and exe, Tomcat runs in a separate process. Therefore daemon needs the shutdown port in order to be able to shut Tomcat down. catalina.bat has essentially the same restriction. When you run in jvm mode, Tomcat runs in the same process and when deamon calls stop() Tomcat can detect it is running in process and shutdown. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 61250] Disabling shutdown port exit tomcat with System.exit(1) causes issue
https://bz.apache.org/bugzilla/show_bug.cgi?id=61250 --- Comment #5 from Veeru --- Thanks for quick response. I am using WinRun4J.jar to start my tomcat as a windows service. I am not sure where to set this jvm mode. And I am disabling shutdown port by setting port="-1" in server.xml. Since the port < 0, catalina.java --> stopServer() invoking system.exit(1) So you are suggesting don't disable tomcat port and run tomcat in jvm mode ? Any pointers how to set this configuration is really helpful. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: [VOTE] Release Apache Tomcat 8.5.17
Le 4/07/2017 à 10:40, Mark Thomas a écrit : > The proposed 8.5.17 release is: > [ ] Broken - do not release > [X] Stable - go ahead and release as 8.5.17 +1, tested on Debian with OpenJDK 8u131. Emmanuel Bourg - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 61250] Disabling shutdown port exit tomcat with System.exit(1) causes issue
https://bz.apache.org/bugzilla/show_bug.cgi?id=61250 --- Comment #6 from Mark Thomas --- I've never used WinRun4J. I'd suggest the simplest solution is to configure a shutdown port with a strong shutdown password and ensure that server.xml is appropriately protected. If you need further help/advice, please use the users mailing list. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1800864 - in /tomcat/trunk/webapps/docs: changelog.xml config/http.xml
Author: markt Date: Wed Jul 5 12:12:47 2017 New Revision: 1800864 URL: http://svn.apache.org/viewvc?rev=1800864&view=rev Log: Revert r1800850. A better solution has been suggested on the users list. Modified: tomcat/trunk/webapps/docs/changelog.xml tomcat/trunk/webapps/docs/config/http.xml Modified: tomcat/trunk/webapps/docs/changelog.xml URL: http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1800864&r1=1800863&r2=1800864&view=diff == --- tomcat/trunk/webapps/docs/changelog.xml (original) +++ tomcat/trunk/webapps/docs/changelog.xml Wed Jul 5 12:12:47 2017 @@ -65,15 +65,6 @@ - - - -Clarify the documentation for certificateKeyPassword with -information on the lack of support for multiple keys in a single key -store, each with a separate password. (markt) - - - Modified: tomcat/trunk/webapps/docs/config/http.xml URL: http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/config/http.xml?rev=1800864&r1=1800863&r2=1800864&view=diff == --- tomcat/trunk/webapps/docs/config/http.xml (original) +++ tomcat/trunk/webapps/docs/config/http.xml Wed Jul 5 12:12:47 2017 @@ -1402,11 +1402,6 @@ If not specified, the default behaviour for JSSE is to use the certificateKeystorePassword. For OpenSSL the default behaviour is not to use a password. - Note: While Java key stores may be configured with - different passwords for each key, the JRE's default provider can only use - the keystore if all keys have the same password. If you need to use - multiple keys each with a different password you must use a separate - keystore for each. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1800865 - in /tomcat/tc8.5.x/trunk: ./ webapps/docs/changelog.xml webapps/docs/config/http.xml
Author: markt Date: Wed Jul 5 12:13:28 2017 New Revision: 1800865 URL: http://svn.apache.org/viewvc?rev=1800865&view=rev Log: Revert r1800851. A better solution has been suggested on the users list. Modified: tomcat/tc8.5.x/trunk/ (props changed) tomcat/tc8.5.x/trunk/webapps/docs/changelog.xml tomcat/tc8.5.x/trunk/webapps/docs/config/http.xml Propchange: tomcat/tc8.5.x/trunk/ -- --- svn:mergeinfo (original) +++ svn:mergeinfo Wed Jul 5 12:13:28 2017 @@ -1 +1 @@ -/tomcat/trunk:1734785,1734799,1734845,1734928,1735041,1735044,1735480,1735577,1735597,1735599-1735600,1735615,1736145,1736162,1736209,1736280,1736297,1736299,1736489,1736646,1736703,1736836,1736849,1737104-1737105,1737112,1737117,1737119-1737120,1737155,1737157,1737192,1737280,1737339,1737632,1737664,1737715,1737748,1737785,1737834,1737860,1737903,1737959,1738005,1738007,1738014-1738015,1738018,1738022,1738039,1738043,1738059-1738060,1738147,1738149,1738174-1738175,1738261,1738589,1738623-1738625,1738643,1738816,1738850,1738855,1738946-1738948,1738953-1738954,1738979,1738982,1739079-1739081,1739087,1739113,1739153,1739172,1739176,1739191,1739474,1739726,1739762,1739775,1739814,1739817-1739818,1739975,1740131,1740324,1740465,1740495,1740508-1740509,1740520,1740535,1740707,1740803,1740810,1740969,1740980,1740991,1740997,1741015,1741033,1741036,1741058,1741060,1741080,1741147,1741159,1741164,1741173,1741181,1741190,1741197,1741202,1741208,1741213,1741221,1741225,1741232,1741409,1741501 ,1741677,1741892,1741896,1741984,1742023,1742042,1742071,1742090,1742093,1742101,1742105,1742111,1742139,1742146,1742148,1742166,1742181,1742184,1742187,1742246,1742248-1742251,1742263-1742264,1742268,1742276,1742369,1742387,1742448,1742509-1742512,1742917,1742919,1742933,1742975-1742976,1742984,1742986,1743019,1743115,1743117,1743124-1743125,1743134,1743425,1743554,1743679,1743696-1743698,1743700-1743701,1744058,1744064-1744065,1744125,1744194,1744229,1744270,1744323,1744432,1744684,1744697,1744705,1744713,1744760,1744786,1745083,1745142-1745143,1745145,1745177,1745179-1745180,1745227,1745248,1745254,1745337,1745467,1745473,1745535,1745576,1745735,1745744,1746304,1746306-1746307,1746319,1746327,1746338,1746340-1746341,1746344,1746427,1746441,1746473,1746490,1746492,1746495-1746496,1746499-1746501,1746503-1746507,1746509,1746549,1746551,1746554,1746556,1746558,1746584,1746620,1746649,1746724,1746939,1746989,1747014,1747028,1747035,1747210,1747225,1747234,1747253,1747404,1747506,1747 536,1747924,1747980,1747993,1748001,1748253,1748452,1748547,1748629,1748676,1748715,1749287,1749296,1749328,1749373,1749465,1749506,1749508,1749665-1749666,1749763,1749865-1749866,1749898,1749978,1749980,1750011,1750015,1750056,1750480,1750617,1750634,1750692,1750697,1750700,1750703,1750707,1750714,1750718,1750723,1750774,1750899,1750975,1750995,1751061,1751097,1751173,1751438,1751447,1751463,1751702,1752212,1752737,1752745,1753078,1753080,1753358,1753363,1754111,1754140-1754141,1754281,1754310,1754445,1754467,1754494,1754496,1754528,1754532-1754533,1754613,1754714,1754874,1754941,1754944,1754950-1754951,1755005,1755007,1755009,1755132,1755180-1755181,1755185,1755190,1755204-1755206,1755208,1755214,1755224,1755227,1755230,1755629,1755646-1755647,1755650,1755653,1755675,1755680,1755683,1755693,1755717,1755731-1755737,1755812,1755828,1755884,1755890,1755918-1755919,1755942,1755958,1755960,1755970,1755993,1756013,1756019,1756039,1756056,1756083-1756114,1756175,1756288-1756289,1756408-1 756410,1756778,1756798,1756878,1756898,1756939,1757123-1757124,1757126,1757128,1757132-1757133,1757136,1757145,1757167-1757168,1757175,1757180,1757182,1757195,1757271,1757278,1757347,1757353-1757354,1757363,1757374,1757399,1757406,1757408,1757485,1757495,1757499,1757527,1757578,1757684,1757722,1757727,1757790,1757799,1757813,1757853,1757883,1757903,1757976,1757997,1758000,1758058,1758072-1758075,1758078-1758079,1758223,1758257,1758261,1758276,1758292,1758369,1758378-1758383,1758421,1758423,1758425-1758427,1758430,1758443,1758448,1758459,1758483,1758486-1758487,1758499,1758525,1758556,1758580,1758582,1758584,1758588,1758842,1759019,1759212,1759224,1759227,1759252,1759274,1759513-1759516,1759611,1759757,1759785-1759790,1760005,1760022,1760109-1760110,1760135,1760200-1760201,1760227,1760300,1760397,1760446,1760454,1760640,1760648,1761057,1761422,1761491,1761498,1761500-1761501,1761550,1761553,1761572,1761574,1761625-1761626,1761628,1761682,1761740,1761752,1762051-1762053,1762123,176216 8,1762172,1762182,1762201-1762202,1762204,1762208,1762288,1762296,1762324,1762348,1762353,1762362,1762374,1762492,1762503,1762505,1762541,1762608,1762710,1762753,1762766,1762769,1762944,1762947,1762953,1763167,1763179,1763232,1763259,1763271-1763272,1763276-1763277,1763319-1763320,1763370,1763372,1763375,1763377,1763393,1763412,1763430,1763450,1763462,1763505,1763511-1763512,1763516,1763518,1763520,1763529,1763559,1763565,1763568,1763
svn commit: r1800867 - in /tomcat/trunk: java/org/apache/tomcat/util/net/jsse/JSSEUtil.java webapps/docs/changelog.xml
Author: markt
Date: Wed Jul 5 12:18:26 2017
New Revision: 1800867
URL: http://svn.apache.org/viewvc?rev=1800867&view=rev
Log:
Enable TLS connectors to use Java key stores that contain multiple keys where
each key has a separate password.
Based on a patch by Frank Taffelt.
Modified:
tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSEUtil.java
tomcat/trunk/webapps/docs/changelog.xml
Modified: tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSEUtil.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSEUtil.java?rev=1800867&r1=1800866&r2=1800867&view=diff
==
--- tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSEUtil.java (original)
+++ tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSEUtil.java Wed Jul 5
12:18:26 2017
@@ -185,12 +185,21 @@ public class JSSEUtil extends SSLUtilBas
KeyStore ks = certificate.getCertificateKeystore();
-if (ks == null) {
-// create an in-memory keystore and import the private key
-// and the certificate chain from the PEM files
-ks = KeyStore.getInstance("JKS");
-ks.load(null, null);
+/*
+ * Always use an in memory key store.
+ * For PEM format keys and certificates, it allows them to be imported
+ * into the expected format.
+ * For Java key stores, it enables Tomcat to handle the case where
+ * multiple keys exist in the key store, each with a different
password.
+ * The KeyManagerFactory can't handle that so using an in memory key
+ * store with just the required key works around that.
+ */
+KeyStore inMemoryKeyStore = KeyStore.getInstance("JKS");
+inMemoryKeyStore.load(null, null);
+
+char[] keyPassArray = keyPass.toCharArray();
+if (ks == null) {
PEMFile privateKeyFile = new
PEMFile(SSLHostConfig.adjustRelativePath
(certificate.getCertificateKeyFile() != null ?
certificate.getCertificateKeyFile() : certificate.getCertificateFile()),
keyPass);
@@ -206,15 +215,19 @@ public class JSSEUtil extends SSLUtilBas
if (keyAlias == null) {
keyAlias = "tomcat";
}
-ks.setKeyEntry(keyAlias, privateKeyFile.getPrivateKey(),
keyPass.toCharArray(), chain.toArray(new Certificate[chain.size()]));
-}
+inMemoryKeyStore.setKeyEntry(keyAlias,
privateKeyFile.getPrivateKey(), keyPass.toCharArray(), chain.toArray(new
Certificate[chain.size()]));
+} else {
+if (keyAlias != null && !ks.isKeyEntry(keyAlias)) {
+throw new IOException(sm.getString("jsse.alias_no_key_entry",
keyAlias));
+}
-if (keyAlias != null && !ks.isKeyEntry(keyAlias)) {
-throw new IOException(sm.getString("jsse.alias_no_key_entry",
keyAlias));
+inMemoryKeyStore.setKeyEntry(keyAlias, ks.getKey(keyAlias,
keyPassArray), keyPassArray,
+ks.getCertificateChain(keyAlias));
}
+
KeyManagerFactory kmf = KeyManagerFactory.getInstance(algorithm);
-kmf.init(ks, keyPass.toCharArray());
+kmf.init(inMemoryKeyStore, keyPassArray);
kms = kmf.getKeyManagers();
if (kms == null) {
Modified: tomcat/trunk/webapps/docs/changelog.xml
URL:
http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1800867&r1=1800866&r2=1800867&view=diff
==
--- tomcat/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/trunk/webapps/docs/changelog.xml Wed Jul 5 12:18:26 2017
@@ -57,6 +57,15 @@
+
+
+
+Enable TLS connectors to use Java key stores that contain multiple keys
+where each key has a separate password. Based on a patch by Frank
+Taffelt. (markt)
+
+
+
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1800868 - in /tomcat/tc8.5.x/trunk: ./ java/org/apache/tomcat/util/net/jsse/JSSEUtil.java webapps/docs/changelog.xml
Author: markt Date: Wed Jul 5 12:18:54 2017 New Revision: 1800868 URL: http://svn.apache.org/viewvc?rev=1800868&view=rev Log: Enable TLS connectors to use Java key stores that contain multiple keys where each key has a separate password. Based on a patch by Frank Taffelt. Modified: tomcat/tc8.5.x/trunk/ (props changed) tomcat/tc8.5.x/trunk/java/org/apache/tomcat/util/net/jsse/JSSEUtil.java tomcat/tc8.5.x/trunk/webapps/docs/changelog.xml Propchange: tomcat/tc8.5.x/trunk/ -- --- svn:mergeinfo (original) +++ svn:mergeinfo Wed Jul 5 12:18:54 2017 @@ -1 +1 @@ -/tomcat/trunk:1734785,1734799,1734845,1734928,1735041,1735044,1735480,1735577,1735597,1735599-1735600,1735615,1736145,1736162,1736209,1736280,1736297,1736299,1736489,1736646,1736703,1736836,1736849,1737104-1737105,1737112,1737117,1737119-1737120,1737155,1737157,1737192,1737280,1737339,1737632,1737664,1737715,1737748,1737785,1737834,1737860,1737903,1737959,1738005,1738007,1738014-1738015,1738018,1738022,1738039,1738043,1738059-1738060,1738147,1738149,1738174-1738175,1738261,1738589,1738623-1738625,1738643,1738816,1738850,1738855,1738946-1738948,1738953-1738954,1738979,1738982,1739079-1739081,1739087,1739113,1739153,1739172,1739176,1739191,1739474,1739726,1739762,1739775,1739814,1739817-1739818,1739975,1740131,1740324,1740465,1740495,1740508-1740509,1740520,1740535,1740707,1740803,1740810,1740969,1740980,1740991,1740997,1741015,1741033,1741036,1741058,1741060,1741080,1741147,1741159,1741164,1741173,1741181,1741190,1741197,1741202,1741208,1741213,1741221,1741225,1741232,1741409,1741501 ,1741677,1741892,1741896,1741984,1742023,1742042,1742071,1742090,1742093,1742101,1742105,1742111,1742139,1742146,1742148,1742166,1742181,1742184,1742187,1742246,1742248-1742251,1742263-1742264,1742268,1742276,1742369,1742387,1742448,1742509-1742512,1742917,1742919,1742933,1742975-1742976,1742984,1742986,1743019,1743115,1743117,1743124-1743125,1743134,1743425,1743554,1743679,1743696-1743698,1743700-1743701,1744058,1744064-1744065,1744125,1744194,1744229,1744270,1744323,1744432,1744684,1744697,1744705,1744713,1744760,1744786,1745083,1745142-1745143,1745145,1745177,1745179-1745180,1745227,1745248,1745254,1745337,1745467,1745473,1745535,1745576,1745735,1745744,1746304,1746306-1746307,1746319,1746327,1746338,1746340-1746341,1746344,1746427,1746441,1746473,1746490,1746492,1746495-1746496,1746499-1746501,1746503-1746507,1746509,1746549,1746551,1746554,1746556,1746558,1746584,1746620,1746649,1746724,1746939,1746989,1747014,1747028,1747035,1747210,1747225,1747234,1747253,1747404,1747506,1747 536,1747924,1747980,1747993,1748001,1748253,1748452,1748547,1748629,1748676,1748715,1749287,1749296,1749328,1749373,1749465,1749506,1749508,1749665-1749666,1749763,1749865-1749866,1749898,1749978,1749980,1750011,1750015,1750056,1750480,1750617,1750634,1750692,1750697,1750700,1750703,1750707,1750714,1750718,1750723,1750774,1750899,1750975,1750995,1751061,1751097,1751173,1751438,1751447,1751463,1751702,1752212,1752737,1752745,1753078,1753080,1753358,1753363,1754111,1754140-1754141,1754281,1754310,1754445,1754467,1754494,1754496,1754528,1754532-1754533,1754613,1754714,1754874,1754941,1754944,1754950-1754951,1755005,1755007,1755009,1755132,1755180-1755181,1755185,1755190,1755204-1755206,1755208,1755214,1755224,1755227,1755230,1755629,1755646-1755647,1755650,1755653,1755675,1755680,1755683,1755693,1755717,1755731-1755737,1755812,1755828,1755884,1755890,1755918-1755919,1755942,1755958,1755960,1755970,1755993,1756013,1756019,1756039,1756056,1756083-1756114,1756175,1756288-1756289,1756408-1 756410,1756778,1756798,1756878,1756898,1756939,1757123-1757124,1757126,1757128,1757132-1757133,1757136,1757145,1757167-1757168,1757175,1757180,1757182,1757195,1757271,1757278,1757347,1757353-1757354,1757363,1757374,1757399,1757406,1757408,1757485,1757495,1757499,1757527,1757578,1757684,1757722,1757727,1757790,1757799,1757813,1757853,1757883,1757903,1757976,1757997,1758000,1758058,1758072-1758075,1758078-1758079,1758223,1758257,1758261,1758276,1758292,1758369,1758378-1758383,1758421,1758423,1758425-1758427,1758430,1758443,1758448,1758459,1758483,1758486-1758487,1758499,1758525,1758556,1758580,1758582,1758584,1758588,1758842,1759019,1759212,1759224,1759227,1759252,1759274,1759513-1759516,1759611,1759757,1759785-1759790,1760005,1760022,1760109-1760110,1760135,1760200-1760201,1760227,1760300,1760397,1760446,1760454,1760640,1760648,1761057,1761422,1761491,1761498,1761500-1761501,1761550,1761553,1761572,1761574,1761625-1761626,1761628,1761682,1761740,1761752,1762051-1762053,1762123,176216 8,1762172,1762182,1762201-1762202,1762204,1762208,1762288,1762296,1762324,1762348,1762353,1762362,1762374,1762492,1762503,1762505,1762541,1762608,1762710,1762753,1762766,1762769,1762944,1762947,1762953,1763167,1763179,1763232,1763259,1763271-1763272,1763276-1763277,1763319-1763320,1763370,1763372,1763375,1763377,1763393,1763412,1763430,176
[Bug 61250] Disabling shutdown port exit tomcat with System.exit(1) causes issue
https://bz.apache.org/bugzilla/show_bug.cgi?id=61250 --- Comment #7 from Veeru --- Yes I have tried it. But that time I was seeing another issue that Error 1503. I would suggest , It would be better to invoke system.exit(0) as we are doing intentionally in case of port is disabled. Thanks again for your prompt response. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1800874 - in /tomcat/trunk/java/org/apache/tomcat/util/net: jsse/JSSEKeyManager.java jsse/JSSEUtil.java openssl/OpenSSLContext.java
Author: markt
Date: Wed Jul 5 13:51:27 2017
New Revision: 1800874
URL: http://svn.apache.org/viewvc?rev=1800874&view=rev
Log:
Follow-up to r1800867
Avoid NPE when no alias is specified.
Now an in memory key store with a single key is used, there is no need for the
JSSEKeyManager - so remove it.
Removed:
tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSEKeyManager.java
Modified:
tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSEUtil.java
tomcat/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLContext.java
Modified: tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSEUtil.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSEUtil.java?rev=1800874&r1=1800873&r2=1800874&view=diff
==
--- tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSEUtil.java (original)
+++ tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSEUtil.java Wed Jul 5
13:51:27 2017
@@ -52,7 +52,6 @@ import javax.net.ssl.ManagerFactoryParam
import javax.net.ssl.SSLSessionContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
-import javax.net.ssl.X509KeyManager;
import org.apache.juli.logging.Log;
import org.apache.juli.logging.LogFactory;
@@ -171,7 +170,6 @@ public class JSSEUtil extends SSLUtilBas
@Override
public KeyManager[] getKeyManagers() throws Exception {
-String keystoreType = certificate.getCertificateKeystoreType();
String keyAlias = certificate.getCertificateKeyAlias();
String algorithm = sslHostConfig.getKeyManagerAlgorithm();
String keyPass = certificate.getCertificateKeyPassword();
@@ -181,8 +179,6 @@ public class JSSEUtil extends SSLUtilBas
keyPass = certificate.getCertificateKeystorePassword();
}
-KeyManager[] kms = null;
-
KeyStore ks = certificate.getCertificateKeystore();
/*
@@ -219,6 +215,8 @@ public class JSSEUtil extends SSLUtilBas
} else {
if (keyAlias != null && !ks.isKeyEntry(keyAlias)) {
throw new IOException(sm.getString("jsse.alias_no_key_entry",
keyAlias));
+} else if (keyAlias == null) {
+keyAlias = "tomcat";
}
inMemoryKeyStore.setKeyEntry(keyAlias, ks.getKey(keyAlias,
keyPassArray), keyPassArray,
@@ -229,23 +227,7 @@ public class JSSEUtil extends SSLUtilBas
KeyManagerFactory kmf = KeyManagerFactory.getInstance(algorithm);
kmf.init(inMemoryKeyStore, keyPassArray);
-kms = kmf.getKeyManagers();
-if (kms == null) {
-return kms;
-}
-
-if (keyAlias != null) {
-String alias = keyAlias;
-// JKS keystores always convert the alias name to lower case
-if ("JKS".equals(keystoreType)) {
-alias = alias.toLowerCase(Locale.ENGLISH);
-}
-for(int i = 0; i < kms.length; i++) {
-kms[i] = new JSSEKeyManager((X509KeyManager)kms[i], alias);
-}
-}
-
-return kms;
+return kmf.getKeyManagers();
}
Modified:
tomcat/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLContext.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLContext.java?rev=1800874&r1=1800873&r2=1800874&view=diff
==
--- tomcat/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLContext.java
(original)
+++ tomcat/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLContext.java
Wed Jul 5 13:51:27 2017
@@ -50,7 +50,6 @@ import org.apache.tomcat.util.net.Consta
import org.apache.tomcat.util.net.SSLHostConfig;
import org.apache.tomcat.util.net.SSLHostConfigCertificate;
import org.apache.tomcat.util.net.SSLHostConfigCertificate.Type;
-import org.apache.tomcat.util.net.jsse.JSSEKeyManager;
import
org.apache.tomcat.util.net.openssl.ciphers.OpenSSLCipherConfigurationParser;
import org.apache.tomcat.util.res.StringManager;
@@ -365,11 +364,6 @@ public class OpenSSLContext implements o
private static X509KeyManager chooseKeyManager(KeyManager[] managers)
throws Exception {
for (KeyManager manager : managers) {
-if (manager instanceof JSSEKeyManager) {
-return (JSSEKeyManager) manager;
-}
-}
-for (KeyManager manager : managers) {
if (manager instanceof X509KeyManager) {
return (X509KeyManager) manager;
}
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1800875 - in /tomcat/tc8.5.x/trunk: ./ java/org/apache/tomcat/util/net/jsse/JSSEKeyManager.java java/org/apache/tomcat/util/net/jsse/JSSEUtil.java java/org/apache/tomcat/util/net/openssl/
Author: markt Date: Wed Jul 5 13:53:49 2017 New Revision: 1800875 URL: http://svn.apache.org/viewvc?rev=1800875&view=rev Log: Follow-up to r1800867 Avoid NPE when no alias is specified. Now an in memory key store with a single key is used, there is no need for the JSSEKeyManager - so deprecate it. Modified: tomcat/tc8.5.x/trunk/ (props changed) tomcat/tc8.5.x/trunk/java/org/apache/tomcat/util/net/jsse/JSSEKeyManager.java tomcat/tc8.5.x/trunk/java/org/apache/tomcat/util/net/jsse/JSSEUtil.java tomcat/tc8.5.x/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLContext.java Propchange: tomcat/tc8.5.x/trunk/ -- --- svn:mergeinfo (original) +++ svn:mergeinfo Wed Jul 5 13:53:49 2017 @@ -1 +1 @@ -/tomcat/trunk:1734785,1734799,1734845,1734928,1735041,1735044,1735480,1735577,1735597,1735599-1735600,1735615,1736145,1736162,1736209,1736280,1736297,1736299,1736489,1736646,1736703,1736836,1736849,1737104-1737105,1737112,1737117,1737119-1737120,1737155,1737157,1737192,1737280,1737339,1737632,1737664,1737715,1737748,1737785,1737834,1737860,1737903,1737959,1738005,1738007,1738014-1738015,1738018,1738022,1738039,1738043,1738059-1738060,1738147,1738149,1738174-1738175,1738261,1738589,1738623-1738625,1738643,1738816,1738850,1738855,1738946-1738948,1738953-1738954,1738979,1738982,1739079-1739081,1739087,1739113,1739153,1739172,1739176,1739191,1739474,1739726,1739762,1739775,1739814,1739817-1739818,1739975,1740131,1740324,1740465,1740495,1740508-1740509,1740520,1740535,1740707,1740803,1740810,1740969,1740980,1740991,1740997,1741015,1741033,1741036,1741058,1741060,1741080,1741147,1741159,1741164,1741173,1741181,1741190,1741197,1741202,1741208,1741213,1741221,1741225,1741232,1741409,1741501 ,1741677,1741892,1741896,1741984,1742023,1742042,1742071,1742090,1742093,1742101,1742105,1742111,1742139,1742146,1742148,1742166,1742181,1742184,1742187,1742246,1742248-1742251,1742263-1742264,1742268,1742276,1742369,1742387,1742448,1742509-1742512,1742917,1742919,1742933,1742975-1742976,1742984,1742986,1743019,1743115,1743117,1743124-1743125,1743134,1743425,1743554,1743679,1743696-1743698,1743700-1743701,1744058,1744064-1744065,1744125,1744194,1744229,1744270,1744323,1744432,1744684,1744697,1744705,1744713,1744760,1744786,1745083,1745142-1745143,1745145,1745177,1745179-1745180,1745227,1745248,1745254,1745337,1745467,1745473,1745535,1745576,1745735,1745744,1746304,1746306-1746307,1746319,1746327,1746338,1746340-1746341,1746344,1746427,1746441,1746473,1746490,1746492,1746495-1746496,1746499-1746501,1746503-1746507,1746509,1746549,1746551,1746554,1746556,1746558,1746584,1746620,1746649,1746724,1746939,1746989,1747014,1747028,1747035,1747210,1747225,1747234,1747253,1747404,1747506,1747 536,1747924,1747980,1747993,1748001,1748253,1748452,1748547,1748629,1748676,1748715,1749287,1749296,1749328,1749373,1749465,1749506,1749508,1749665-1749666,1749763,1749865-1749866,1749898,1749978,1749980,1750011,1750015,1750056,1750480,1750617,1750634,1750692,1750697,1750700,1750703,1750707,1750714,1750718,1750723,1750774,1750899,1750975,1750995,1751061,1751097,1751173,1751438,1751447,1751463,1751702,1752212,1752737,1752745,1753078,1753080,1753358,1753363,1754111,1754140-1754141,1754281,1754310,1754445,1754467,1754494,1754496,1754528,1754532-1754533,1754613,1754714,1754874,1754941,1754944,1754950-1754951,1755005,1755007,1755009,1755132,1755180-1755181,1755185,1755190,1755204-1755206,1755208,1755214,1755224,1755227,1755230,1755629,1755646-1755647,1755650,1755653,1755675,1755680,1755683,1755693,1755717,1755731-1755737,1755812,1755828,1755884,1755890,1755918-1755919,1755942,1755958,1755960,1755970,1755993,1756013,1756019,1756039,1756056,1756083-1756114,1756175,1756288-1756289,1756408-1 756410,1756778,1756798,1756878,1756898,1756939,1757123-1757124,1757126,1757128,1757132-1757133,1757136,1757145,1757167-1757168,1757175,1757180,1757182,1757195,1757271,1757278,1757347,1757353-1757354,1757363,1757374,1757399,1757406,1757408,1757485,1757495,1757499,1757527,1757578,1757684,1757722,1757727,1757790,1757799,1757813,1757853,1757883,1757903,1757976,1757997,1758000,1758058,1758072-1758075,1758078-1758079,1758223,1758257,1758261,1758276,1758292,1758369,1758378-1758383,1758421,1758423,1758425-1758427,1758430,1758443,1758448,1758459,1758483,1758486-1758487,1758499,1758525,1758556,1758580,1758582,1758584,1758588,1758842,1759019,1759212,1759224,1759227,1759252,1759274,1759513-1759516,1759611,1759757,1759785-1759790,1760005,1760022,1760109-1760110,1760135,1760200-1760201,1760227,1760300,1760397,1760446,1760454,1760640,1760648,1761057,1761422,1761491,1761498,1761500-1761501,1761550,1761553,1761572,1761574,1761625-1761626,1761628,1761682,1761740,1761752,1762051-1762053,1762123,176216 8,1762172,1762182,1762201-1762202,1762204,1762208,1762288,1762296,1762324,1762348,1762353,1762362,1762374,1762492,1762503,1762505,1762541,1762608,1762710,1762753,1762766,1762769,1762944,1762947,1762
Re: svn commit: r1800874 - in /tomcat/trunk/java/org/apache/tomcat/util/net: jsse/JSSEKeyManager.java jsse/JSSEUtil.java openssl/OpenSSLContext.java
On Wed, Jul 5, 2017 at 8:51 AM, wrote:
> Author: markt
> Date: Wed Jul 5 13:51:27 2017
> New Revision: 1800874
>
> URL: http://svn.apache.org/viewvc?rev=1800874&view=rev
> Log:
> Follow-up to r1800867
> Avoid NPE when no alias is specified.
> Now an in memory key store with a single key is used, there is no need for
> the JSSEKeyManager - so remove it.
>
https://bz.apache.org/bugzilla/show_bug.cgi?id=59910
So this was about not hardcoding a default to "tomcat" then.
Rémy
>
> Removed:
> tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSEKeyManager.java
> Modified:
> tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSEUtil.java
> tomcat/trunk/java/org/apache/tomcat/util/net/openssl/
> OpenSSLContext.java
>
> Modified: tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSEUtil.java
> URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/
> tomcat/util/net/jsse/JSSEUtil.java?rev=1800874&r1=1800873&
> r2=1800874&view=diff
>
> ==
> --- tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSEUtil.java
> (original)
> +++ tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSEUtil.java Wed
> Jul 5 13:51:27 2017
> @@ -52,7 +52,6 @@ import javax.net.ssl.ManagerFactoryParam
> import javax.net.ssl.SSLSessionContext;
> import javax.net.ssl.TrustManager;
> import javax.net.ssl.TrustManagerFactory;
> -import javax.net.ssl.X509KeyManager;
>
> import org.apache.juli.logging.Log;
> import org.apache.juli.logging.LogFactory;
> @@ -171,7 +170,6 @@ public class JSSEUtil extends SSLUtilBas
>
> @Override
> public KeyManager[] getKeyManagers() throws Exception {
> -String keystoreType = certificate.getCertificateKeystoreType();
> String keyAlias = certificate.getCertificateKeyAlias();
> String algorithm = sslHostConfig.getKeyManagerAlgorithm();
> String keyPass = certificate.getCertificateKeyPassword();
> @@ -181,8 +179,6 @@ public class JSSEUtil extends SSLUtilBas
> keyPass = certificate.getCertificateKeystorePassword();
> }
>
> -KeyManager[] kms = null;
> -
> KeyStore ks = certificate.getCertificateKeystore();
>
> /*
> @@ -219,6 +215,8 @@ public class JSSEUtil extends SSLUtilBas
> } else {
> if (keyAlias != null && !ks.isKeyEntry(keyAlias)) {
> throw new IOException(sm.getString("jsse.alias_no_key_entry",
> keyAlias));
> +} else if (keyAlias == null) {
> +keyAlias = "tomcat";
> }
>
> inMemoryKeyStore.setKeyEntry(keyAlias, ks.getKey(keyAlias,
> keyPassArray), keyPassArray,
> @@ -229,23 +227,7 @@ public class JSSEUtil extends SSLUtilBas
> KeyManagerFactory kmf = KeyManagerFactory.getInstance(algorithm);
> kmf.init(inMemoryKeyStore, keyPassArray);
>
> -kms = kmf.getKeyManagers();
> -if (kms == null) {
> -return kms;
> -}
> -
> -if (keyAlias != null) {
> -String alias = keyAlias;
> -// JKS keystores always convert the alias name to lower case
> -if ("JKS".equals(keystoreType)) {
> -alias = alias.toLowerCase(Locale.ENGLISH);
> -}
> -for(int i = 0; i < kms.length; i++) {
> -kms[i] = new JSSEKeyManager((X509KeyManager)kms[i],
> alias);
> -}
> -}
> -
> -return kms;
> +return kmf.getKeyManagers();
> }
>
>
>
> Modified: tomcat/trunk/java/org/apache/tomcat/util/net/openssl/
> OpenSSLContext.java
> URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/
> tomcat/util/net/openssl/OpenSSLContext.java?rev=
> 1800874&r1=1800873&r2=1800874&view=diff
>
> ==
> --- tomcat/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLContext.java
> (original)
> +++ tomcat/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLContext.java
> Wed Jul 5 13:51:27 2017
> @@ -50,7 +50,6 @@ import org.apache.tomcat.util.net.Consta
> import org.apache.tomcat.util.net.SSLHostConfig;
> import org.apache.tomcat.util.net.SSLHostConfigCertificate;
> import org.apache.tomcat.util.net.SSLHostConfigCertificate.Type;
> -import org.apache.tomcat.util.net.jsse.JSSEKeyManager;
> import org.apache.tomcat.util.net.openssl.ciphers.
> OpenSSLCipherConfigurationParser;
> import org.apache.tomcat.util.res.StringManager;
>
> @@ -365,11 +364,6 @@ public class OpenSSLContext implements o
>
> private static X509KeyManager chooseKeyManager(KeyManager[] managers)
> throws Exception {
> for (KeyManager manager : managers) {
> -if (manager instanceof JSSEKeyManager) {
> -return (JSSEKeyManager) manager;
> -}
> -}
> -for (KeyManager manager : managers) {
> if (manager instanceof X509KeyManager) {
> return (X509KeyManager) m
Re: svn commit: r1800874 - in /tomcat/trunk/java/org/apache/tomcat/util/net: jsse/JSSEKeyManager.java jsse/JSSEUtil.java openssl/OpenSSLContext.java
On 05/07/17 14:54, Rémy Maucherat wrote: > On Wed, Jul 5, 2017 at 8:51 AM, wrote: > >> Author: markt >> Date: Wed Jul 5 13:51:27 2017 >> New Revision: 1800874 >> >> URL: http://svn.apache.org/viewvc?rev=1800874&view=rev >> Log: >> Follow-up to r1800867 >> Avoid NPE when no alias is specified. >> Now an in memory key store with a single key is used, there is no need for >> the JSSEKeyManager - so remove it. >> > > https://bz.apache.org/bugzilla/show_bug.cgi?id=59910 > So this was about not hardcoding a default to "tomcat" then. This patch should not change that. The in memory key store uses a fixed alias of "tomcat" but that should be transparent to the user. The key store provided by the user should be able to use any alias. I'm still finding some unexpected edge cases with this patch. I hope to fix them shortly. Mark - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1800885 - in /tomcat/trunk/java/org/apache/tomcat/util/net/jsse: JSSEUtil.java LocalStrings.properties
Author: markt
Date: Wed Jul 5 14:21:56 2017
New Revision: 1800885
URL: http://svn.apache.org/viewvc?rev=1800885&view=rev
Log:
Follow-up to r1800867
Better handling for when user does not specify an alias to use
Modified:
tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSEUtil.java
tomcat/trunk/java/org/apache/tomcat/util/net/jsse/LocalStrings.properties
Modified: tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSEUtil.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSEUtil.java?rev=1800885&r1=1800884&r2=1800885&view=diff
==
--- tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSEUtil.java (original)
+++ tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSEUtil.java Wed Jul 5
14:21:56 2017
@@ -216,7 +216,11 @@ public class JSSEUtil extends SSLUtilBas
if (keyAlias != null && !ks.isKeyEntry(keyAlias)) {
throw new IOException(sm.getString("jsse.alias_no_key_entry",
keyAlias));
} else if (keyAlias == null) {
-keyAlias = "tomcat";
+Enumeration aliases = ks.aliases();
+if (!aliases.hasMoreElements()) {
+throw new IOException(sm.getString("jsse.noKeys"));
+}
+keyAlias = aliases.nextElement();
}
inMemoryKeyStore.setKeyEntry(keyAlias, ks.getKey(keyAlias,
keyPassArray), keyPassArray,
Modified:
tomcat/trunk/java/org/apache/tomcat/util/net/jsse/LocalStrings.properties
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/net/jsse/LocalStrings.properties?rev=1800885&r1=1800884&r2=1800885&view=diff
==
--- tomcat/trunk/java/org/apache/tomcat/util/net/jsse/LocalStrings.properties
(original)
+++ tomcat/trunk/java/org/apache/tomcat/util/net/jsse/LocalStrings.properties
Wed Jul 5 14:21:56 2017
@@ -22,6 +22,7 @@ jsse.unsupported_ciphers=Some specified
jsse.excludeProtocol=The SSL protocol [{0}] which is supported in this JRE was
excluded from the protocols available to Tomcat
jsse.noDefaultCiphers=Unable to determine a default for ciphers for [{0}]. Set
an explicit value to ensure the connector can start.
jsse.noDefaultProtocols=Unable to determine a default for sslEnabledProtocols.
Set an explicit value to ensure the connector can start.
+jsse.noKeys=No aliases for private keys found in key store
jsse.exceptionOnClose=Failure to close socket.
jsse.pemParseError=Unable to parse the key from [{0}]
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1800886 - in /tomcat/tc8.5.x/trunk: ./ java/org/apache/tomcat/util/net/jsse/JSSEUtil.java java/org/apache/tomcat/util/net/jsse/LocalStrings.properties
Author: markt Date: Wed Jul 5 14:22:45 2017 New Revision: 1800886 URL: http://svn.apache.org/viewvc?rev=1800886&view=rev Log: Follow-up to r1800868 Better handling for when user does not specify an alias to use Modified: tomcat/tc8.5.x/trunk/ (props changed) tomcat/tc8.5.x/trunk/java/org/apache/tomcat/util/net/jsse/JSSEUtil.java tomcat/tc8.5.x/trunk/java/org/apache/tomcat/util/net/jsse/LocalStrings.properties Propchange: tomcat/tc8.5.x/trunk/ -- --- svn:mergeinfo (original) +++ svn:mergeinfo Wed Jul 5 14:22:45 2017 @@ -1 +1 @@ -/tomcat/trunk:1734785,1734799,1734845,1734928,1735041,1735044,1735480,1735577,1735597,1735599-1735600,1735615,1736145,1736162,1736209,1736280,1736297,1736299,1736489,1736646,1736703,1736836,1736849,1737104-1737105,1737112,1737117,1737119-1737120,1737155,1737157,1737192,1737280,1737339,1737632,1737664,1737715,1737748,1737785,1737834,1737860,1737903,1737959,1738005,1738007,1738014-1738015,1738018,1738022,1738039,1738043,1738059-1738060,1738147,1738149,1738174-1738175,1738261,1738589,1738623-1738625,1738643,1738816,1738850,1738855,1738946-1738948,1738953-1738954,1738979,1738982,1739079-1739081,1739087,1739113,1739153,1739172,1739176,1739191,1739474,1739726,1739762,1739775,1739814,1739817-1739818,1739975,1740131,1740324,1740465,1740495,1740508-1740509,1740520,1740535,1740707,1740803,1740810,1740969,1740980,1740991,1740997,1741015,1741033,1741036,1741058,1741060,1741080,1741147,1741159,1741164,1741173,1741181,1741190,1741197,1741202,1741208,1741213,1741221,1741225,1741232,1741409,1741501 ,1741677,1741892,1741896,1741984,1742023,1742042,1742071,1742090,1742093,1742101,1742105,1742111,1742139,1742146,1742148,1742166,1742181,1742184,1742187,1742246,1742248-1742251,1742263-1742264,1742268,1742276,1742369,1742387,1742448,1742509-1742512,1742917,1742919,1742933,1742975-1742976,1742984,1742986,1743019,1743115,1743117,1743124-1743125,1743134,1743425,1743554,1743679,1743696-1743698,1743700-1743701,1744058,1744064-1744065,1744125,1744194,1744229,1744270,1744323,1744432,1744684,1744697,1744705,1744713,1744760,1744786,1745083,1745142-1745143,1745145,1745177,1745179-1745180,1745227,1745248,1745254,1745337,1745467,1745473,1745535,1745576,1745735,1745744,1746304,1746306-1746307,1746319,1746327,1746338,1746340-1746341,1746344,1746427,1746441,1746473,1746490,1746492,1746495-1746496,1746499-1746501,1746503-1746507,1746509,1746549,1746551,1746554,1746556,1746558,1746584,1746620,1746649,1746724,1746939,1746989,1747014,1747028,1747035,1747210,1747225,1747234,1747253,1747404,1747506,1747 536,1747924,1747980,1747993,1748001,1748253,1748452,1748547,1748629,1748676,1748715,1749287,1749296,1749328,1749373,1749465,1749506,1749508,1749665-1749666,1749763,1749865-1749866,1749898,1749978,1749980,1750011,1750015,1750056,1750480,1750617,1750634,1750692,1750697,1750700,1750703,1750707,1750714,1750718,1750723,1750774,1750899,1750975,1750995,1751061,1751097,1751173,1751438,1751447,1751463,1751702,1752212,1752737,1752745,1753078,1753080,1753358,1753363,1754111,1754140-1754141,1754281,1754310,1754445,1754467,1754494,1754496,1754528,1754532-1754533,1754613,1754714,1754874,1754941,1754944,1754950-1754951,1755005,1755007,1755009,1755132,1755180-1755181,1755185,1755190,1755204-1755206,1755208,1755214,1755224,1755227,1755230,1755629,1755646-1755647,1755650,1755653,1755675,1755680,1755683,1755693,1755717,1755731-1755737,1755812,1755828,1755884,1755890,1755918-1755919,1755942,1755958,1755960,1755970,1755993,1756013,1756019,1756039,1756056,1756083-1756114,1756175,1756288-1756289,1756408-1 756410,1756778,1756798,1756878,1756898,1756939,1757123-1757124,1757126,1757128,1757132-1757133,1757136,1757145,1757167-1757168,1757175,1757180,1757182,1757195,1757271,1757278,1757347,1757353-1757354,1757363,1757374,1757399,1757406,1757408,1757485,1757495,1757499,1757527,1757578,1757684,1757722,1757727,1757790,1757799,1757813,1757853,1757883,1757903,1757976,1757997,1758000,1758058,1758072-1758075,1758078-1758079,1758223,1758257,1758261,1758276,1758292,1758369,1758378-1758383,1758421,1758423,1758425-1758427,1758430,1758443,1758448,1758459,1758483,1758486-1758487,1758499,1758525,1758556,1758580,1758582,1758584,1758588,1758842,1759019,1759212,1759224,1759227,1759252,1759274,1759513-1759516,1759611,1759757,1759785-1759790,1760005,1760022,1760109-1760110,1760135,1760200-1760201,1760227,1760300,1760397,1760446,1760454,1760640,1760648,1761057,1761422,1761491,1761498,1761500-1761501,1761550,1761553,1761572,1761574,1761625-1761626,1761628,1761682,1761740,1761752,1762051-1762053,1762123,176216 8,1762172,1762182,1762201-1762202,1762204,1762208,1762288,1762296,1762324,1762348,1762353,1762362,1762374,1762492,1762503,1762505,1762541,1762608,1762710,1762753,1762766,1762769,1762944,1762947,1762953,1763167,1763179,1763232,1763259,1763271-1763272,1763276-1763277,1763319-1763320,1763370,1763372,1763375,1763377,1763393,1763412,1763430,1763450,1763462,1763505,1763511
buildbot failure in on tomcat-trunk
The Buildbot has detected a new failure on builder tomcat-trunk while building . Full details are available at: https://ci.apache.org/builders/tomcat-trunk/builds/2529 Buildbot URL: https://ci.apache.org/ Buildslave for this Build: silvanus_ubuntu Build Reason: The AnyBranchScheduler scheduler named 'on-tomcat-commit' triggered this build Build Source Stamp: [branch tomcat/trunk] 1800867 Blamelist: markt BUILD FAILED: failed compile_1 Sincerely, -The Buildbot - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
buildbot success in on tomcat-trunk
The Buildbot has detected a restored build on builder tomcat-trunk while building . Full details are available at: https://ci.apache.org/builders/tomcat-trunk/builds/2530 Buildbot URL: https://ci.apache.org/ Buildslave for this Build: silvanus_ubuntu Build Reason: The AnyBranchScheduler scheduler named 'on-tomcat-commit' triggered this build Build Source Stamp: [branch tomcat/trunk] 1800885 Blamelist: markt Build succeeded! Sincerely, -The Buildbot - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: ApacheCon slides with .odp extension
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Huxing, On 6/20/17 10:48 PM, Huxing Zhang wrote: > These two pdf files are not accessible to me: > http://people.apache.org/~schultz/ApacheCon%20NA%202017/Let's%20Encryp t%20Apache%20Tomcat.pdf > > http://people.apache.org/~schultz/ApacheCon%20NA%202017/Seamless%20Upgra des%20for%20Credential%20Security%20in%20Apache%20Tomcat.pdf > > I got 403 FORBIDDEN for the above links. Apologies for the late reply: the permissions on these files have been corrected. I'm also going to be changing the public URLs to the presentations to be the .pdf versions. Thanks, - -chris > -- > From:Christopher Schultz Time:2017 > Jun 21 (Wed) 02:05 To:dev Subject:Re: > ApacheCon slides with .odp extension > > > Huxing, > > On 6/16/17 1:40 AM, Huxing Zhang wrote: >> Hi >> >> I have noticed that some of the ApacheCon slides are in .odp >> format: >> >> > http://people.apache.org/~schultz/ApacheCon%20NA%202017/Seamless%20Upg rades%20for%20Credential%20Security%20in%20Apache%20Tomcat.odp >> > > http://people.apache.org/~schultz/ApacheCon%20NA%202017/Let's%20Encrypt% 20Apache%20Tomcat.odp >> >> The .odp format does not work for me because it is for OpenOffice >> (I > don't have OpenOffice installed on my Mac OS), and neither Pages > and Microsoft PowerPoint could open it. >> >> I am wondering that should it be convert it to a more universal >> format > like pdf, so that more people can open it without any confusion. > > Sorry about that... I usually convert to PDF as well. Looks like I > idn't do it in this case. I've published the PDF versions in the > same directory. > > Thanks, -chris > - > > To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org > For additional commands, e-mail: dev-h...@tomcat.apache.org > -BEGIN PGP SIGNATURE- Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBCAAGBQJZXQoOAAoJEBzwKT+lPKRYkssP/j14YbaWsJoiu+2nNKKTnYRv Phj40Fw0DjnnuUEocFn9eVzYsC+MO2Rga4jjRTgWpavAEdyuZntC0vD1M9j7NY1Z w6gZP+F5H3x3VnJgVJBrikPZKxHkivJaFHLWl/zxQEPOeNxPlVuj6M0eBsuditcU vDvrmGtL/XscWvUaSHgWF7oIZLxJJXx2AqmQojQbUkXweW97J2/TblZaiDH9CfRF a4NOqWtpeZzvxXSYu2CBVlK91XxmWmYqYha2/SpbCiX1IUDQjEBWFcomk07ba4mg vBJwt9IR0dOyGQ0jxzgrdjH7H1GxGj6lIcTSlt9yIDVSyViAL/TBFPzLdQPzqAAy V4RePhhVg+h1VFn1QhxChFgJ0A79hQZwEQTTwuhrVLTa+liBG0OeEm3z+aImYg0f N1/XMQ4jW22hGu3SaGHCo37AlkEYTewfhNZ6no9aKlvtDjH+yRKJBphbJ0pp3flY GC4J5u6jkrOrkyBNvFykcbtKMMs2fCBacCRdrmhKdXkqq/ZaJhZGTuoMqjCTZAvM ij39Nyp4/UnvC3LvjYsAK+fBlBZTLUvKuJrCZDcO6ah9d7ELD/k/UxMPOmwb0ETD GWYpQQphF2cu4x40041A50weP1WKSeQOV4aoKKbnGahgrWJ3GhC5QzPQBENyO1PY k3t0e/ua53ASYTt9jZUy =7eVk -END PGP SIGNATURE- - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1800891 - in /tomcat/site/trunk: docs/presentations.html xdocs/presentations.xml
Author: schultz Date: Wed Jul 5 15:49:33 2017 New Revision: 1800891 URL: http://svn.apache.org/viewvc?rev=1800891&view=rev Log: Change .odp -> .pdf for presentation slides. Modified: tomcat/site/trunk/docs/presentations.html tomcat/site/trunk/xdocs/presentations.xml Modified: tomcat/site/trunk/docs/presentations.html URL: http://svn.apache.org/viewvc/tomcat/site/trunk/docs/presentations.html?rev=1800891&r1=1800890&r2=1800891&view=diff == --- tomcat/site/trunk/docs/presentations.html (original) +++ tomcat/site/trunk/docs/presentations.html Wed Jul 5 15:49:33 2017 @@ -274,7 +274,7 @@ mailing list. Seamless Upgrades for Credential Security in Apache Tomcat - Christopher Schultz, -http://people.apache.org/~schultz/ApacheCon%20NA%202017/Seamless%20Upgrades%20for%20Credential%20Security%20in%20Apache%20Tomcat.odp";>slides, +http://people.apache.org/~schultz/ApacheCon%20NA%202017/Seamless%20Upgrades%20for%20Credential%20Security%20in%20Apache%20Tomcat.pdf";>slides, http://people.apache.org/~schultz/ApacheCon%20NA%202017/";>sample code @@ -287,7 +287,7 @@ mailing list. Let's Encrypt Apache Tomcat - Christopher Schultz, -http://people.apache.org/~schultz/ApacheCon%20NA%202017/Let's%20Encrypt%20Apache%20Tomcat.odp">slides, +http://people.apache.org/~schultz/ApacheCon%20NA%202017/Let's%20Encrypt%20Apache%20Tomcat.pdf">slides, http://people.apache.org/~schultz/ApacheCon%20NA%202017/";>sample code Modified: tomcat/site/trunk/xdocs/presentations.xml URL: http://svn.apache.org/viewvc/tomcat/site/trunk/xdocs/presentations.xml?rev=1800891&r1=1800890&r2=1800891&view=diff == --- tomcat/site/trunk/xdocs/presentations.xml (original) +++ tomcat/site/trunk/xdocs/presentations.xml Wed Jul 5 15:49:33 2017 @@ -43,7 +43,7 @@ mailing list. Seamless Upgrades for Credential Security in Apache Tomcat - Christopher Schultz, -http://people.apache.org/~schultz/ApacheCon%20NA%202017/Seamless%20Upgrades%20for%20Credential%20Security%20in%20Apache%20Tomcat.odp";>slides, +http://people.apache.org/~schultz/ApacheCon%20NA%202017/Seamless%20Upgrades%20for%20Credential%20Security%20in%20Apache%20Tomcat.pdf";>slides, http://people.apache.org/~schultz/ApacheCon%20NA%202017/";>sample code @@ -52,7 +52,7 @@ mailing list. Let's Encrypt Apache Tomcat - Christopher Schultz, -http://people.apache.org/~schultz/ApacheCon%20NA%202017/Let's%20Encrypt%20Apache%20Tomcat.odp">slides, +http://people.apache.org/~schultz/ApacheCon%20NA%202017/Let's%20Encrypt%20Apache%20Tomcat.pdf">slides, http://people.apache.org/~schultz/ApacheCon%20NA%202017/";>sample code - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 61253] New: Tomcat's Digester silently ignore's failed property replacement
https://bz.apache.org/bugzilla/show_bug.cgi?id=61253 Bug ID: 61253 Summary: Tomcat's Digester silently ignore's failed property replacement Product: Tomcat 8 Version: 8.5.x-trunk Hardware: PC OS: Linux Status: NEW Severity: normal Priority: P2 Component: Util Assignee: dev@tomcat.apache.org Reporter: csuth...@redhat.com Target Milestone: I don't see much of a problem with this for vanilla tomcat, but if you're using a PropertySource implementation with org.apache.tomcat.util.digester.PROPERTY_SOURCE and it bombs somehow, the Digester quietly eats the exception leaving the developer/user clueless. Could we log a warn message in the catch block here https://github.com/apache/tomcat85/blob/trunk/java/org/apache/tomcat/util/digester/Digester.java#L1990 saying that the replacement failed and that the property was not updated? -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 61253] Tomcat's Digester silently ignore's failed property replacement
https://bz.apache.org/bugzilla/show_bug.cgi?id=61253 Coty Sutherland changed: What|Removed |Added Keywords||Beginner -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 61210] When using the Security Manager, Tomcat prints warning about a non-existent file
https://bz.apache.org/bugzilla/show_bug.cgi?id=61210 --- Comment #8 from Mark Thomas --- Coty, I have a patch for this but I thought you might want to figure this out for yourself. If you want another hint (or just want me to apply my patch), let me know. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 61253] Tomcat's Digester silently ignore's failed property replacement
https://bz.apache.org/bugzilla/show_bug.cgi?id=61253 --- Comment #1 from Christopher Schultz --- +1000 I believe that any empty catch block is a bug, unless it's one of those "never happen" exceptions, and even those should be logged at an ERROR/FATAL level. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
How long should we give Beginner bugs on Bugzilla before fixing them?
Hi all, I've been on a mission of sorts to find some small bugs in Tomcat and file them in BZ for new contributors to fix. I think that's a good entry ramp for new contributors to see how the process works, etc. The reason for this email though is that I'm not sure how long we should wait to see if anyone is interested. Anyone have any ideas here? The Beginner things that I've been filing are small/not-super-important things so they don't really have any urgency, however as a new contributor myself I'd like to get my contribution count up ;) Also, while I have your attention I'd like to say that I've been working under the assumption that no committer comments on a BZ after a few days means that it's OK to proceed with and isn't a stupid idea. Is that accurate? Thanks, Coty - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 61210] When using the Security Manager, Tomcat prints warning about a non-existent file
https://bz.apache.org/bugzilla/show_bug.cgi?id=61210 --- Comment #9 from Coty Sutherland --- I've been meaning to circle back to this (and a few others...) but haven't been able to make time just yet. I do recall being a bit confused by your last hint because I couldn't see the correlation between how WebappProperties was used and what I should be doing. Care to drop another hint? If you want to push the patch you have ready, you can commit it and I'll just review what you did and maybe do something similar next time :) -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 61210] When using the Security Manager, Tomcat prints warning about a non-existent file
https://bz.apache.org/bugzilla/show_bug.cgi?id=61210 --- Comment #10 from Mark Thomas --- A slightly bigger hint: JULI cannot have any external dependencies. The "Does this file exist?" test needs to happen in a privileged block. That privileged block needs to be located in a class in a JAR that has full privs (i.e. CATALINA_BASE/lib). You need a way to call into a that class from JULI. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: How long should we give Beginner bugs on Bugzilla before fixing them?
On 05/07/17 18:29, Coty Sutherland wrote: > Hi all, > > I've been on a mission of sorts to find some small bugs in Tomcat and > file them in BZ for new contributors to fix. I think that's a good > entry ramp for new contributors to see how the process works, etc. The > reason for this email though is that I'm not sure how long we should > wait to see if anyone is interested. Anyone have any ideas here? The > Beginner things that I've been filing are small/not-super-important > things so they don't really have any urgency, however as a new > contributor myself I'd like to get my contribution count up ;) At the moment, I think 2 or 3 bugs would be plenty given the frequency that new people pop up and ask "What can I do?" > Also, while I have your attention I'd like to say that I've been > working under the assumption that no committer comments on a BZ after > a few days means that it's OK to proceed with and isn't a stupid idea. > Is that accurate? Generally, yes. Rarely, a review of a commit might ID issues but that is unusual. Mark - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 61253] Tomcat's Digester silently ignore's failed property replacement
https://bz.apache.org/bugzilla/show_bug.cgi?id=61253
--- Comment #2 from Konstantin Kolinko ---
Bad idea.
The end user does not need to know that somebody tried a property substitution
here. It is not an error to write literal ${foo}. The correct substitution for
"${foo}" if foo does not exist is "${foo}" (no changes). There is no error
here.
The TLDs files in Standard taglib (JSTL) are an example of this: they have
documentation elements - examples - with a lot of ${}s in them. The examples
web application uses this library. You will see a lot of "failed substitution"
occurrences when running it. (I saw them when testing the patch for
CVE-2016-6794)
I do not mind if there is a debug logging for failed substitutions.
I think that logging a warning is a bad idea.
--
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: [VOTE] Release Apache Tomcat 8.5.17
On Tue, Jul 4, 2017 at 4:40 AM, Mark Thomas wrote: > The proposed Apache Tomcat 8.5.17 release is now available for voting. > > The major changes compared to the 8.5.17 release are: > > - Make asynchronous error handling more robust. In particular ensure > that onError() is called for any registered AsyncListeners after an > I/O error on a non-container thread. > > - Correct a regression in 9.0.0.M22 that prevented Tomcat from shutting > down cleanly. > > - Sync SSL session access for the APR connector to prevent errors when > accessing the session. > > > Along with lots of other bug fixes and improvements. > > > It can be obtained from: > https://dist.apache.org/repos/dist/dev/tomcat/tomcat-8/v8.5.17/ > The Maven staging repo is: > https://repository.apache.org/content/repositories/orgapachetomcat-1142/ > The svn tag is: > http://svn.apache.org/repos/asf/tomcat/tc8.5.x/tags/TOMCAT_8_5_17/ > > The proposed 8.5.17 release is: > [ ] Broken - do not release > [x] Stable - go ahead and release as 8.5.17 +1, looks good to me. > - > To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org > For additional commands, e-mail: dev-h...@tomcat.apache.org > - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1800915 - in /tomcat/trunk/java/org/apache/catalina/webresources: AbstractArchiveResourceSet.java AbstractSingleArchiveResourceSet.java JarWarResourceSet.java
Author: markt
Date: Wed Jul 5 19:16:39 2017
New Revision: 1800915
URL: http://svn.apache.org/viewvc?rev=1800915&view=rev
Log:
Use Map rather than a specific implementation
Modified:
tomcat/trunk/java/org/apache/catalina/webresources/AbstractArchiveResourceSet.java
tomcat/trunk/java/org/apache/catalina/webresources/AbstractSingleArchiveResourceSet.java
tomcat/trunk/java/org/apache/catalina/webresources/JarWarResourceSet.java
Modified:
tomcat/trunk/java/org/apache/catalina/webresources/AbstractArchiveResourceSet.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/webresources/AbstractArchiveResourceSet.java?rev=1800915&r1=1800914&r2=1800915&view=diff
==
---
tomcat/trunk/java/org/apache/catalina/webresources/AbstractArchiveResourceSet.java
(original)
+++
tomcat/trunk/java/org/apache/catalina/webresources/AbstractArchiveResourceSet.java
Wed Jul 5 19:16:39 2017
@@ -21,7 +21,6 @@ import java.io.IOException;
import java.io.InputStream;
import java.net.URL;
import java.util.ArrayList;
-import java.util.HashMap;
import java.util.Map;
import java.util.Set;
import java.util.jar.JarEntry;
@@ -38,7 +37,7 @@ public abstract class AbstractArchiveRes
private String baseUrlString;
private JarFile archive = null;
-protected HashMap archiveEntries = null;
+protected Map archiveEntries = null;
protected final Object archiveLock = new Object();
private long archiveUseCount = 0;
@@ -174,7 +173,7 @@ public abstract class AbstractArchiveRes
* @return The archives entries mapped to their names or null if
* {@link #getArchiveEntry(String)} should be used.
*/
-protected abstract HashMap getArchiveEntries(boolean
single);
+protected abstract Map getArchiveEntries(boolean single);
/**
Modified:
tomcat/trunk/java/org/apache/catalina/webresources/AbstractSingleArchiveResourceSet.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/webresources/AbstractSingleArchiveResourceSet.java?rev=1800915&r1=1800914&r2=1800915&view=diff
==
---
tomcat/trunk/java/org/apache/catalina/webresources/AbstractSingleArchiveResourceSet.java
(original)
+++
tomcat/trunk/java/org/apache/catalina/webresources/AbstractSingleArchiveResourceSet.java
Wed Jul 5 19:16:39 2017
@@ -21,6 +21,7 @@ import java.io.IOException;
import java.net.MalformedURLException;
import java.util.Enumeration;
import java.util.HashMap;
+import java.util.Map;
import java.util.jar.JarEntry;
import java.util.jar.JarFile;
@@ -59,7 +60,7 @@ public abstract class AbstractSingleArch
@Override
-protected HashMap getArchiveEntries(boolean single) {
+protected Map getArchiveEntries(boolean single) {
synchronized (archiveLock) {
if (archiveEntries == null && !single) {
JarFile jarFile = null;
Modified:
tomcat/trunk/java/org/apache/catalina/webresources/JarWarResourceSet.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/webresources/JarWarResourceSet.java?rev=1800915&r1=1800914&r2=1800915&view=diff
==
--- tomcat/trunk/java/org/apache/catalina/webresources/JarWarResourceSet.java
(original)
+++ tomcat/trunk/java/org/apache/catalina/webresources/JarWarResourceSet.java
Wed Jul 5 19:16:39 2017
@@ -21,6 +21,7 @@ import java.io.IOException;
import java.io.InputStream;
import java.net.MalformedURLException;
import java.util.HashMap;
+import java.util.Map;
import java.util.jar.JarEntry;
import java.util.jar.JarFile;
import java.util.jar.JarInputStream;
@@ -94,7 +95,7 @@ public class JarWarResourceSet extends A
* returned.
*/
@Override
-protected HashMap getArchiveEntries(boolean single) {
+protected Map getArchiveEntries(boolean single) {
synchronized (archiveLock) {
if (archiveEntries == null) {
JarFile warFile = null;
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 60963] Optimize class loading for unpackWARs=false case
https://bz.apache.org/bugzilla/show_bug.cgi?id=60963 --- Comment #22 from Mark Thomas --- Unfortunately, Boot depends on the outer JAR/WAR being uncompressed. Tomcat does not have the option to require that. My current test (a WAR that just contains all the JAR files from Jira 7.3.4) takes ~3s to start unpacked, ~110s to start packed and ~95s to start packed with the latest patch. There is clear improvement but it is still a long way off the unpacked start time. Nearly all the additional time is spent in decompression. The fundamental problem is that we have to decompress the input stream associated with the inner JAR file before we can read any resources from it. And we have to do this for every resource we read. The obvious answer is to unpack the JAR files to the work directory. This is what Tomcat 7 does. Start-up time there is ~9s (including the time to unpack the JARs to work). However, one of the aims of the resources re-write in 8.0.x was to avoid the complexity of file locking protection that that entailed. Which brings me back to an old question on this topic. What is it that prevents you from running with unpackWARs="true"? It might turn out to be simpler to address whatever is preventing you from using that default config. Still mulling over how best to handle this... -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 60963] Optimize class loading for unpackWARs=false case
https://bz.apache.org/bugzilla/show_bug.cgi?id=60963 --- Comment #23 from Thomas Meyer --- I was told that all tomcats are run with unpackWARs=false for security reasons. I really tried to convince the ops from changing the parameter to true, but no chance. I think you can run Tomcat with ro filesystem with unpackWARs=false?! So this is why I tried to optimise this case a bit. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: ApacheCon slides with .odp extension
Hi Chris, Works for me, thanks! -- From:Christopher Schultz Time:2017 Jul 5 (Wed) 23:47 To:dev Subject:Re: ApacheCon slides with .odp extension -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Huxing, On 6/20/17 10:48 PM, Huxing Zhang wrote: > These two pdf files are not accessible to me: > http://people.apache.org/~schultz/ApacheCon%20NA%202017/Let's%20Encryp t%20Apache%20Tomcat.pdf > > http://people.apache.org/~schultz/ApacheCon%20NA%202017/Seamless%20Upgra des%20for%20Credential%20Security%20in%20Apache%20Tomcat.pdf > > I got 403 FORBIDDEN for the above links. Apologies for the late reply: the permissions on these files have been corrected. I'm also going to be changing the public URLs to the presentations to be the .pdf versions. Thanks, - -chris > -- > From:Christopher Schultz Time:2017 > Jun 21 (Wed) 02:05 To:dev Subject:Re: > ApacheCon slides with .odp extension > > > Huxing, > > On 6/16/17 1:40 AM, Huxing Zhang wrote: >> Hi >> >> I have noticed that some of the ApacheCon slides are in .odp >> format: >> >> > http://people.apache.org/~schultz/ApacheCon%20NA%202017/Seamless%20Upg rades%20for%20Credential%20Security%20in%20Apache%20Tomcat.odp >> > > http://people.apache.org/~schultz/ApacheCon%20NA%202017/Let's%20Encrypt% 20Apache%20Tomcat.odp >> >> The .odp format does not work for me because it is for OpenOffice >> (I > don't have OpenOffice installed on my Mac OS), and neither Pages > and Microsoft PowerPoint could open it. >> >> I am wondering that should it be convert it to a more universal >> format > like pdf, so that more people can open it without any confusion. > > Sorry about that... I usually convert to PDF as well. Looks like I > idn't do it in this case. I've published the PDF versions in the > same directory. > > Thanks, -chris > - > > To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org > For additional commands, e-mail: dev-h...@tomcat.apache.org > -BEGIN PGP SIGNATURE- Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBCAAGBQJZXQoOAAoJEBzwKT+lPKRYkssP/j14YbaWsJoiu+2nNKKTnYRv Phj40Fw0DjnnuUEocFn9eVzYsC+MO2Rga4jjRTgWpavAEdyuZntC0vD1M9j7NY1Z w6gZP+F5H3x3VnJgVJBrikPZKxHkivJaFHLWl/zxQEPOeNxPlVuj6M0eBsuditcU vDvrmGtL/XscWvUaSHgWF7oIZLxJJXx2AqmQojQbUkXweW97J2/TblZaiDH9CfRF a4NOqWtpeZzvxXSYu2CBVlK91XxmWmYqYha2/SpbCiX1IUDQjEBWFcomk07ba4mg vBJwt9IR0dOyGQ0jxzgrdjH7H1GxGj6lIcTSlt9yIDVSyViAL/TBFPzLdQPzqAAy V4RePhhVg+h1VFn1QhxChFgJ0A79hQZwEQTTwuhrVLTa+liBG0OeEm3z+aImYg0f N1/XMQ4jW22hGu3SaGHCo37AlkEYTewfhNZ6no9aKlvtDjH+yRKJBphbJ0pp3flY GC4J5u6jkrOrkyBNvFykcbtKMMs2fCBacCRdrmhKdXkqq/ZaJhZGTuoMqjCTZAvM ij39Nyp4/UnvC3LvjYsAK+fBlBZTLUvKuJrCZDcO6ah9d7ELD/k/UxMPOmwb0ETD GWYpQQphF2cu4x40041A50weP1WKSeQOV4aoKKbnGahgrWJ3GhC5QzPQBENyO1PY k3t0e/ua53ASYTt9jZUy =7eVk -END PGP SIGNATURE- - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[GUMP@vmgump-vm3]: Project tomcat-trunk-test-apr (in module tomcat-trunk) failed
To whom it may engage... This is an automated request, but not an unsolicited one. For more information please visit http://gump.apache.org/nagged.html, and/or contact the folk at gene...@gump.apache.org. Project tomcat-trunk-test-apr has an issue affecting its community integration. This issue affects 1 projects, and has been outstanding for 20 runs. The current state of this project is 'Failed', with reason 'Build Timed Out'. For reference only, the following projects are affected by this: - tomcat-trunk-test-apr : Tomcat 9.x, a web server implementing the Java Servlet 4.0, ... Full details are available at: http://vmgump-vm3.apache.org/tomcat-trunk/tomcat-trunk-test-apr/index.html That said, some information snippets are provided here. The following annotations (debug/informational/warning/error messages) were provided: -DEBUG- Dependency on commons-daemon exists, no need to add for property commons-daemon.native.src.tgz. -DEBUG- Dependency on commons-daemon exists, no need to add for property tomcat-native.tar.gz. -INFO- Failed with reason build timed out -INFO- Project Reports in: /srv/gump/public/workspace/tomcat-trunk/output/logs-APR -INFO- Project Reports in: /srv/gump/public/workspace/tomcat-trunk/output/test-tmp-APR/logs -WARNING- No directory [/srv/gump/public/workspace/tomcat-trunk/output/test-tmp-APR/logs] The following work was performed: http://vmgump-vm3.apache.org/tomcat-trunk/tomcat-trunk-test-apr/gump_work/build_tomcat-trunk_tomcat-trunk-test-apr.html Work Name: build_tomcat-trunk_tomcat-trunk-test-apr (Type: Build) Work ended in a state of : Failed Elapsed: 60 mins Command Line: /usr/lib/jvm/java-8-oracle/bin/java -Djava.awt.headless=true -Dbuild.sysclasspath=only org.apache.tools.ant.Main -Dgump.merge=/srv/gump/public/gump/work/merge.xml -Dbase.path=/srv/gump/public/workspace/tomcat-trunk/tomcat-build-libs -Dtest.temp=output/test-tmp-APR -Djunit.jar=/srv/gump/public/workspace/junit/target/junit-4.13-SNAPSHOT.jar -Dtest.accesslog=true -Dobjenesis.jar=/srv/gump/public/workspace/objenesis/main/target/objenesis-2.7-SNAPSHOT.jar -Dexamples.sources.skip=true -Dcommons-daemon.jar=/srv/gump/public/workspace/apache-commons/daemon/dist/commons-daemon-20170706.jar -Dtest.openssl.path=/srv/gump/public/workspace/openssl-master/dest-20170706/bin/openssl -Dexecute.test.nio=false -Dhamcrest.jar=/srv/gump/packages/hamcrest/hamcrest-core-1.3.jar -Dexecute.test.apr=true -Dexecute.test.nio2=false -Dcommons-daemon.native.src.tgz=/srv/gump/public/workspace/apache-commons/daemon/dist/bin/commons-daemon-20170706-native-src.tar.gz -Dtest.reports=output/logs-APR -Dtomc at-native.tar.gz=/srv/gump/public/workspace/apache-commons/daemon/dist/bin/commons-daemon-20170706-native-src.tar.gz -Djdt.jar=/srv/gump/packages/eclipse/plugins/R-4.5-201506032000/ecj-4.5.jar -Dtest.apr.loc=/srv/gump/public/workspace/tomcat-native-trunk/dest-20170706/lib -Dtest.relaxTiming=true -Dtest.excludePerformance=true -Djava.net.preferIPv4Stack=/srv/gump/public/workspace/tomcat-trunk/true -Deasymock.jar=/srv/gump/public/workspace/easymock/core/target/easymock-3.5-SNAPSHOT.jar -Dcglib.jar=/srv/gump/packages/cglib/cglib-nodep-2.2.jar test [Working Directory: /srv/gump/public/workspace/tomcat-trunk] CLASSPATH: /usr/lib/jvm/java-8-oracle/lib/tools.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/webapps/examples/WEB-INF/classes:/srv/gump/public/workspace/tomcat-trunk/output/testclasses:/srv/gump/public/workspace/ant/dist/lib/ant.jar:/srv/gump/public/workspace/ant/dist/lib/ant-launcher.jar:/srv/gump/public/workspace/ant/dist/lib/ant-jmf.jar:/srv/gump/public/workspace/ant/dist/lib/ant-junit.jar:/srv/gump/public/workspace/ant/dist/lib/ant-junit4.jar:/srv/gump/public/workspace/ant/dist/lib/ant-swing.jar:/srv/gump/public/workspace/ant/dist/lib/ant-apache-resolver.jar:/srv/gump/public/workspace/ant/dist/lib/ant-apache-xalan2.jar:/srv/gump/public/workspace/xml-commons/java/build/resolver.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/bin/bootstrap.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/bin/tomcat-juli.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/annotations-api.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/servlet-api.ja r:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/jsp-api.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/el-api.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/websocket-api.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/jaspic-api.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/catalina.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/catalina-ant.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/catalina-storeconfig.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/tomcat-coyote.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/jasper.jar:/srv/gump/public/workspace/tomcat-trunk/output/build
Re: [VOTE] Release Apache Tomcat 8.5.17
Am 4. Juli 2017 10:40:41 MESZ schrieb Mark Thomas : >The proposed Apache Tomcat 8.5.17 release is now available for voting. > >The major changes compared to the 8.5.17 release are: > >- Make asynchronous error handling more robust. In particular ensure > that onError() is called for any registered AsyncListeners after an > I/O error on a non-container thread. > >- Correct a regression in 9.0.0.M22 that prevented Tomcat from shutting > down cleanly. > >- Sync SSL session access for the APR connector to prevent errors when > accessing the session. > > >Along with lots of other bug fixes and improvements. > > >It can be obtained from: >https://dist.apache.org/repos/dist/dev/tomcat/tomcat-8/v8.5.17/ >The Maven staging repo is: >https://repository.apache.org/content/repositories/orgapachetomcat-1142/ >The svn tag is: >http://svn.apache.org/repos/asf/tomcat/tc8.5.x/tags/TOMCAT_8_5_17/ > >The proposed 8.5.17 release is: >[ ] Broken - do not release >[x] Stable - go ahead and release as 8.5.17 Felix > >- >To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org >For additional commands, e-mail: dev-h...@tomcat.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: [VOTE] Release Apache Tomcat 9.0.0.M23
Am 4. Juli 2017 10:19:05 MESZ schrieb Mark Thomas : >The proposed Apache Tomcat 9.0.0.M23 release is now available for >voting. > >This is a milestone release for the 9.0.x branch. It should be >noted that, as a milestone release: >- Servlet 4.0 is not finalised >- The EGs have not started work on JSP 2.4, EL 3.1 or WebSocket 1.2/2.0 > >The major changes compared to the 9.0.0.M22 release are: > >- Correct a regression in 9.0.0.M22 that prevented Tomcat from shutting > down cleanly. > >- Add LoadBalancerDrainingValve, a Valve designed to reduce the amount > of time required for a node to drain its authenticated users. > >- When generating JSP runtime error messages that quote the relevant >JSP > source code, switch from using the results of the JSP page parsing > process to using the JSR 045 source map data to identify the correct > part of the JSP source from the stack trace. This significantly > reduces the memory footprint of Jasper in development mode, provides a > small performance improvement for error page generation and enables > source quotes to continue to be provided after a Tomcat restart. > >Along with lots of other bug fixes and improvements. > > >For full details, see the changelog: >http://svn.apache.org/repos/asf/tomcat/trunk/webapps/docs/changelog.xml > >It can be obtained from: >https://dist.apache.org/repos/dist/dev/tomcat/tomcat-9/v9.0.0.M23/ >The Maven staging repo is: >https://repository.apache.org/content/repositories/orgapachetomcat-1141/ >The svn tag is: >http://svn.apache.org/repos/asf/tomcat/tags/TOMCAT_9_0_0_M23/ > >The proposed 9.0.0.M23 release is: >[ ] Broken - do not release >[x] Alpha - go ahead and release as 9.0.0.M23 Felix > >- >To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org >For additional commands, e-mail: dev-h...@tomcat.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: [VOTE] Release Apache Tomcat 9.0.0.M23
2017-07-04 11:19 GMT+03:00 Mark Thomas : > > The proposed Apache Tomcat 9.0.0.M23 release is now available for voting. > > This is a milestone release for the 9.0.x branch. It should be > noted that, as a milestone release: > - Servlet 4.0 is not finalised > - The EGs have not started work on JSP 2.4, EL 3.1 or WebSocket 1.2/2.0 > > The major changes compared to the 9.0.0.M22 release are: > > - Correct a regression in 9.0.0.M22 that prevented Tomcat from shutting > down cleanly. > > - Add LoadBalancerDrainingValve, a Valve designed to reduce the amount > of time required for a node to drain its authenticated users. > > - When generating JSP runtime error messages that quote the relevant JSP > source code, switch from using the results of the JSP page parsing > process to using the JSR 045 source map data to identify the correct > part of the JSP source from the stack trace. This significantly > reduces the memory footprint of Jasper in development mode, provides a > small performance improvement for error page generation and enables > source quotes to continue to be provided after a Tomcat restart. > > Along with lots of other bug fixes and improvements. > > > For full details, see the changelog: > http://svn.apache.org/repos/asf/tomcat/trunk/webapps/docs/changelog.xml > > It can be obtained from: > https://dist.apache.org/repos/dist/dev/tomcat/tomcat-9/v9.0.0.M23/ > The Maven staging repo is: > https://repository.apache.org/content/repositories/orgapachetomcat-1141/ > The svn tag is: > http://svn.apache.org/repos/asf/tomcat/tags/TOMCAT_9_0_0_M23/ > > The proposed 9.0.0.M23 release is: > [ ] Broken - do not release > [X] Alpha - go ahead and release as 9.0.0.M23 Regards, Violeta > - > To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org > For additional commands, e-mail: dev-h...@tomcat.apache.org >
