Re: [tomcat] branch test#PR140 created (now 6b3b338)

2019-03-18 Thread Keiichi Fujino 
Sorry for accidentally test branch.
please ignore it.

2019年3月19日(火) 14:37 :

> This is an automated email from the ASF dual-hosted git repository.
>
> kfujino pushed a change to branch test#PR140
> in repository https://gitbox.apache.org/repos/asf/tomcat.git.
>
>
>   at 6b3b338  Improved maxAge handling. This closes #140
>
> This branch includes the following new commits:
>
>  new 6b3b338  Improved maxAge handling. This closes #140
>
> The 1 revisions listed above as "new" are entirely new to this
> repository and will be described in separate emails.  The revisions
> listed as "add" were already present in the repository and have only
> been added to this reference.
>
>
>
> -
> To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: dev-h...@tomcat.apache.org
>
>

-- 
Keiichi.Fujino

[GitHub] [tomcat] KeiichiFujino closed pull request #140: jdbc-pool: Improve maxAge handling

2019-03-18 Thread GitBox 
KeiichiFujino closed pull request #140: jdbc-pool: Improve maxAge handling
URL: https://github.com/apache/tomcat/pull/140
 
 
   


This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


With regards,
Apache Git Services

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch master updated: Improved maxAge handling. This closes #140

2019-03-18 Thread kfujino 
This is an automated email from the ASF dual-hosted git repository.

kfujino pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/master by this push:
 new 116a63b  Improved maxAge handling. This closes #140
116a63b is described below

commit 116a63b516fc13ea614ca219dff1fc9d61257b90
Author: KeiichiFujino 
AuthorDate: Tue Mar 19 14:54:23 2019 +0900

Improved maxAge handling.
This closes #140
---
 modules/jdbc-pool/doc/jdbc-pool.xml| 15 ++--
 .../apache/tomcat/jdbc/pool/ConnectionPool.java| 79 +++---
 .../apache/tomcat/jdbc/pool/PoolConfiguration.java | 22 +++---
 .../apache/tomcat/jdbc/pool/PoolProperties.java|  1 +
 .../tomcat/jdbc/pool/jmx/ConnectionPool.java   | 40 ++-
 .../apache/tomcat/jdbc/test/PoolCleanerTest.java   | 41 ++-
 webapps/docs/changelog.xml |  9 +++
 7 files changed, 164 insertions(+), 43 deletions(-)

diff --git a/modules/jdbc-pool/doc/jdbc-pool.xml 
b/modules/jdbc-pool/doc/jdbc-pool.xml
index 7138771..890fe40 100644
--- a/modules/jdbc-pool/doc/jdbc-pool.xml
+++ b/modules/jdbc-pool/doc/jdbc-pool.xml
@@ -335,7 +335,7 @@
 
   (int) The number of milliseconds to sleep between runs of the idle 
connection validation/cleaner thread.
  This value should not be set under 1 second. It dictates how often we 
check for idle, abandoned connections, and how often
- we validate idle connections.
+ we validate idle connections. This value will be overridden by 
maxAge if the latter is non-zero and lower.
  The default value is 5000 (5 seconds). 
   
 
@@ -463,17 +463,22 @@
 
 
 
-  (long) Time in milliseconds to keep this connection. This attribute
- works both when returning connection and when borrowing connection.
+  (long) Time in milliseconds to keep a connection before recreating it.
  When a connection is borrowed from the pool, the pool will check to 
see
  if the now - time-when-connected > maxAge has been 
reached
  , and if so, it reconnects before borrow it. When a connection is
  returned to the pool, the pool will check to see if the
  now - time-when-connected > maxAge has been reached, and
- if so, it closes the connection rather than returning it to the pool.
+ if so, it tries to reconnect.
+ When a connection is idle and 
timeBetweenEvictionRunsMillis is
+ greater than zero, the pool will periodically check to see if the
+ now - time-when-connected > maxAge has been reached, and
+ if so, it tries to reconnect.
+ Setting maxAge to a value lower than 
timeBetweenEvictionRunsMillis
+ will override it (so idle connection validation/cleaning will run 
more frequently).
  The default value is 0, which implies that connections
  will be left open and no age check will be done upon borrowing from 
the
- pool and returning the connection to the pool.
+ pool, returning the connection to the pool or when checking idle 
connections.
 
 
 
diff --git 
a/modules/jdbc-pool/src/main/java/org/apache/tomcat/jdbc/pool/ConnectionPool.java
 
b/modules/jdbc-pool/src/main/java/org/apache/tomcat/jdbc/pool/ConnectionPool.java
index b2ede14..f5b1862 100644
--- 
a/modules/jdbc-pool/src/main/java/org/apache/tomcat/jdbc/pool/ConnectionPool.java
+++ 
b/modules/jdbc-pool/src/main/java/org/apache/tomcat/jdbc/pool/ConnectionPool.java
@@ -524,6 +524,11 @@ public class ConnectionPool {
 log.warn("maxIdle is smaller than minIdle, setting maxIdle to: 
"+properties.getMinIdle());
 properties.setMaxIdle(properties.getMinIdle());
 }
+if (properties.getMaxAge()>0 && properties.isPoolSweeperEnabled() &&
+
properties.getTimeBetweenEvictionRunsMillis()>properties.getMaxAge()) {
+log.warn("timeBetweenEvictionRunsMillis is larger than maxAge, 
setting timeBetweenEvictionRunsMillis to: " + properties.getMaxAge());
+
properties.setTimeBetweenEvictionRunsMillis((int)properties.getMaxAge());
+}
 }
 
 public void initializePoolCleaner(PoolConfiguration properties) {
@@ -824,10 +829,9 @@ public class ConnectionPool {
 try {
 con.reconnect();
 reconnectedCount.incrementAndGet();
-int validationMode = getPoolProperties().isTestOnConnect() || 
getPoolProperties().getInitSQL()!=null ?
-PooledConnection.VALIDATE_INIT :
-PooledConnection.VALIDATE_BORROW;
-
+int validationMode = isInitNewConnections() ?
+PooledConnection.VALIDATE_INIT:
+PooledConnection.VALIDATE_BORROW;
 if (con.validate(validationMode)) {
 //set the timestamp

[tomcat] branch test#PR140 deleted (was 6b3b338)

2019-03-18 Thread kfujino 
This is an automated email from the ASF dual-hosted git repository.

kfujino pushed a change to branch test#PR140
in repository https://gitbox.apache.org/repos/asf/tomcat.git.


 was 6b3b338  Improved maxAge handling. This closes #140

This change permanently discards the following revisions:

 discard 6b3b338  Improved maxAge handling. This closes #140


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] 01/01: Improved maxAge handling. This closes #140

2019-03-18 Thread kfujino 
This is an automated email from the ASF dual-hosted git repository.

kfujino pushed a commit to branch test#PR140
in repository https://gitbox.apache.org/repos/asf/tomcat.git

commit 6b3b338ed894633348e26b521d4ee0ce51f9ab18
Author: KeiichiFujino 
AuthorDate: Tue Mar 19 14:36:27 2019 +0900

Improved maxAge handling.
This closes #140
---
 modules/jdbc-pool/doc/jdbc-pool.xml| 15 ++--
 .../apache/tomcat/jdbc/pool/ConnectionPool.java| 79 +++---
 .../apache/tomcat/jdbc/pool/PoolConfiguration.java | 22 +++---
 .../apache/tomcat/jdbc/pool/PoolProperties.java|  1 +
 .../tomcat/jdbc/pool/jmx/ConnectionPool.java   | 40 ++-
 .../apache/tomcat/jdbc/test/PoolCleanerTest.java   | 41 ++-
 webapps/docs/changelog.xml |  9 +++
 7 files changed, 164 insertions(+), 43 deletions(-)

diff --git a/modules/jdbc-pool/doc/jdbc-pool.xml 
b/modules/jdbc-pool/doc/jdbc-pool.xml
index 7138771..890fe40 100644
--- a/modules/jdbc-pool/doc/jdbc-pool.xml
+++ b/modules/jdbc-pool/doc/jdbc-pool.xml
@@ -335,7 +335,7 @@
 
   (int) The number of milliseconds to sleep between runs of the idle 
connection validation/cleaner thread.
  This value should not be set under 1 second. It dictates how often we 
check for idle, abandoned connections, and how often
- we validate idle connections.
+ we validate idle connections. This value will be overridden by 
maxAge if the latter is non-zero and lower.
  The default value is 5000 (5 seconds). 
   
 
@@ -463,17 +463,22 @@
 
 
 
-  (long) Time in milliseconds to keep this connection. This attribute
- works both when returning connection and when borrowing connection.
+  (long) Time in milliseconds to keep a connection before recreating it.
  When a connection is borrowed from the pool, the pool will check to 
see
  if the now - time-when-connected > maxAge has been 
reached
  , and if so, it reconnects before borrow it. When a connection is
  returned to the pool, the pool will check to see if the
  now - time-when-connected > maxAge has been reached, and
- if so, it closes the connection rather than returning it to the pool.
+ if so, it tries to reconnect.
+ When a connection is idle and 
timeBetweenEvictionRunsMillis is
+ greater than zero, the pool will periodically check to see if the
+ now - time-when-connected > maxAge has been reached, and
+ if so, it tries to reconnect.
+ Setting maxAge to a value lower than 
timeBetweenEvictionRunsMillis
+ will override it (so idle connection validation/cleaning will run 
more frequently).
  The default value is 0, which implies that connections
  will be left open and no age check will be done upon borrowing from 
the
- pool and returning the connection to the pool.
+ pool, returning the connection to the pool or when checking idle 
connections.
 
 
 
diff --git 
a/modules/jdbc-pool/src/main/java/org/apache/tomcat/jdbc/pool/ConnectionPool.java
 
b/modules/jdbc-pool/src/main/java/org/apache/tomcat/jdbc/pool/ConnectionPool.java
index b2ede14..d5f 100644
--- 
a/modules/jdbc-pool/src/main/java/org/apache/tomcat/jdbc/pool/ConnectionPool.java
+++ 
b/modules/jdbc-pool/src/main/java/org/apache/tomcat/jdbc/pool/ConnectionPool.java
@@ -524,6 +524,11 @@ public class ConnectionPool {
 log.warn("maxIdle is smaller than minIdle, setting maxIdle to: 
"+properties.getMinIdle());
 properties.setMaxIdle(properties.getMinIdle());
 }
+if (properties.getMaxAge()>0 && properties.isPoolSweeperEnabled() &&
+
properties.getTimeBetweenEvictionRunsMillis()>properties.getMaxAge()) {
+log.warn("timeBetweenEvictionRunsMillis is larger than maxAge, 
setting timeBetweenEvictionRunsMillis to: " + properties.getMaxAge());
+
properties.setTimeBetweenEvictionRunsMillis((int)properties.getMaxAge());
+}
 }
 
 public void initializePoolCleaner(PoolConfiguration properties) {
@@ -824,10 +829,9 @@ public class ConnectionPool {
 try {
 con.reconnect();
 reconnectedCount.incrementAndGet();
-int validationMode = getPoolProperties().isTestOnConnect() || 
getPoolProperties().getInitSQL()!=null ?
-PooledConnection.VALIDATE_INIT :
-PooledConnection.VALIDATE_BORROW;
-
+int validationMode = isInitNewConnections() ?
+PooledConnection.VALIDATE_INIT:
+PooledConnection.VALIDATE_BORROW;
 if (con.validate(validationMode)) {
 //set the timestamp
 con.setTimestamp(now);
@@ -861,6 +865,18 @@ public class ConnectionPool {
 }
 }
 }
+
+/**
+ * Returns whether new connections

[tomcat] branch test#PR140 created (now 6b3b338)

2019-03-18 Thread kfujino 
This is an automated email from the ASF dual-hosted git repository.

kfujino pushed a change to branch test#PR140
in repository https://gitbox.apache.org/repos/asf/tomcat.git.


  at 6b3b338  Improved maxAge handling. This closes #140

This branch includes the following new commits:

 new 6b3b338  Improved maxAge handling. This closes #140

The 1 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails.  The revisions
listed as "add" were already present in the repository and have only
been added to this reference.



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: Tomcat 7, DBCP 1.x and generics

2019-03-18 Thread Igal Sapir 

On 3/18/2019 1:28 PM, Mark Thomas wrote:

All,

I started to work on cleaning up the DBCP generics warnings in 7.0.x 
before I remembered what "fun" it was when I did this for DBCP2. While 
some of it is straight-forward, some of it requires some refactoring. 
From memory, the refactoring did fix a few bugs along the way.


Given that the changes aren't trivial, I wanted to get some feedback 
from the community as to the best approach here. Options include:


a) No nothing

b) Fix the trivial generics

c) Fix all the generics including any necessary refactoring


I actually enjoy refactoring code so I'd be happy to help with (b) or 
(c) if either is chosen.


Best,

Igal




d) Something else


Thoughts?

mark

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: Tomcat 7, DBCP 1.x and generics

2019-03-18 Thread Phil Steitz 



> On Mar 18, 2019, at 1:28 PM, Mark Thomas  wrote:
> 
> All,
> 
> I started to work on cleaning up the DBCP generics warnings in 7.0.x before I 
> remembered what "fun" it was when I did this for DBCP2. While some of it is 
> straight-forward, some of it requires some refactoring. From memory, the 
> refactoring did fix a few bugs along the way.
> 
> Given that the changes aren't trivial, I wanted to get some feedback from the 
> community as to the best approach here. Options include:
> 
> a) No nothing
> 
> b) Fix the trivial generics
> 
> c) Fix all the generics including any necessary refactoring
> 
> d) Something else

IIRC, there was a 1.6 release that was really nothing but generics fixes over 
1.5.7.  You might try just pulling those sources in.

Phil
> 
> 
> Thoughts?
> 
> mark
> 
> -
> To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: dev-h...@tomcat.apache.org
> 

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[GUMP@vmgump-vm3]: Project tomcat-tc7.0.x-validate (in module tomcat-7.0.x) failed

2019-03-18 Thread Bill Barker 
To whom it may engage...

This is an automated request, but not an unsolicited one. For 
more information please visit http://gump.apache.org/nagged.html, 
and/or contact the folk at gene...@gump.apache.org.

Project tomcat-tc7.0.x-validate has an issue affecting its community 
integration.
This issue affects 1 projects,
 and has been outstanding for 12 runs.
The current state of this project is 'Failed', with reason 'Build Failed'.
For reference only, the following projects are affected by this:
- tomcat-tc7.0.x-validate :  Tomcat 7.x, a web server implementing Java 
Servlet 3.0,
...


Full details are available at:
http://vmgump-vm3.apache.org/tomcat-7.0.x/tomcat-tc7.0.x-validate/index.html

That said, some information snippets are provided here.

The following annotations (debug/informational/warning/error messages) were 
provided:
 -DEBUG- Dependency on checkstyle exists, no need to add for property 
checkstyle.jar.
 -INFO- Failed with reason build failed



The following work was performed:
http://vmgump-vm3.apache.org/tomcat-7.0.x/tomcat-tc7.0.x-validate/gump_work/build_tomcat-7.0.x_tomcat-tc7.0.x-validate.html
Work Name: build_tomcat-7.0.x_tomcat-tc7.0.x-validate (Type: Build)
Work ended in a state of : Failed
Elapsed: 1 sec
Command Line: /usr/lib/jvm/java-8-oracle/bin/java -Djava.awt.headless=true 
-Dbuild.sysclasspath=only -Dsun.zip.disableMemoryMapping=true 
org.apache.tools.ant.Main -Dgump.merge=/srv/gump/public/gump/work/merge.xml 
-Dbase.path=/srv/gump/public/workspace/tomcat-7.0.x/tomcat-build-libs 
-Dcheckstyle.jar=/srv/gump/public/workspace/checkstyle/target/checkstyle-8.19-SNAPSHOT.jar
 -Dexecute.validate=true validate 
[Working Directory: /srv/gump/public/workspace/tomcat-7.0.x]
CLASSPATH: 
/usr/lib/jvm/java-8-oracle/lib/tools.jar:/srv/gump/public/workspace/ant/dist/lib/ant.jar:/srv/gump/public/workspace/ant/dist/lib/ant-launcher.jar:/srv/gump/public/workspace/ant/dist/lib/ant-jmf.jar:/srv/gump/public/workspace/ant/dist/lib/ant-junit.jar:/srv/gump/public/workspace/ant/dist/lib/ant-junit4.jar:/srv/gump/public/workspace/ant/dist/lib/ant-swing.jar:/srv/gump/public/workspace/ant/dist/lib/ant-apache-resolver.jar:/srv/gump/public/workspace/ant/dist/lib/ant-apache-xalan2.jar:/srv/gump/public/workspace/xml-commons/java/build/resolver.jar:/srv/gump/public/workspace/checkstyle/target/checkstyle-8.19-SNAPSHOT.jar:/srv/gump/packages/antlr/antlr-3.1.3.jar:/srv/gump/public/workspace/commons-beanutils/dist/commons-beanutils-20190319.jar:/srv/gump/packages/commons-collections3/commons-collections-3.2.1.jar:/srv/gump/public/workspace/commons-cli/target/commons-cli-1.5-SNAPSHOT.jar:/srv/gump/public/workspace/commons-lang-trunk/target/commons-lang3-3.9-SNAPSHOT.jar:/srv/gump/pu
 
blic/workspace/apache-commons/logging/target/commons-logging-20190319.jar:/srv/gump/public/workspace/apache-commons/logging/target/commons-logging-api-20190319.jar:/srv/gump/public/workspace/google-guava/guava/target/guava-HEAD-jre-SNAPSHOT.jar
-
Buildfile: /srv/gump/public/workspace/tomcat-7.0.x/build.xml

build-prepare:
   [delete] Deleting directory 
/srv/gump/public/workspace/tomcat-7.0.x/output/build/temp
[mkdir] Created dir: 
/srv/gump/public/workspace/tomcat-7.0.x/output/build/temp

compile-prepare:

download-validate:

proxyflags:

setproxy:

testexist:
 [echo] Testing  for 
/srv/gump/public/workspace/checkstyle/target/checkstyle-8.19-SNAPSHOT.jar

downloadfile:

validate:
[mkdir] Created dir: 
/srv/gump/public/workspace/tomcat-7.0.x/output/res/checkstyle

BUILD FAILED
/srv/gump/public/workspace/tomcat-7.0.x/build.xml:548: Unable to create Root 
Module: config {res/checkstyle/checkstyle.xml}, classpath {null}.

Total time: 1 second
-

To subscribe to this information via syndicated feeds:
- RSS: http://vmgump-vm3.apache.org/tomcat-7.0.x/tomcat-tc7.0.x-validate/rss.xml
- Atom: 
http://vmgump-vm3.apache.org/tomcat-7.0.x/tomcat-tc7.0.x-validate/atom.xml

== Gump Tracking Only ===
Produced by Apache Gump(TM) version 2.3.
Gump Run 2019031905, vmgump-vm3.apache.org:vmgump:2019031905
Gump E-mail Identifier (unique within run) #5.

--
Apache Gump
http://gump.apache.org/ [Instance: vmgump-vm3]

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch master updated: Add release date for 9.0.17

2019-03-18 Thread markt 
This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/master by this push:
 new fe1be88  Add release date for 9.0.17
fe1be88 is described below

commit fe1be88fdf1f765f3f7e8b901a705c22102a142b
Author: Mark Thomas 
AuthorDate: Mon Mar 18 20:50:16 2019 +

Add release date for 9.0.17
---
 webapps/docs/changelog.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 2e73125..30fa02a 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -94,7 +94,7 @@
 
   
 
-
+
   
 
   


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

svn commit: r33055 - /dev/tomcat/tomcat-9/v9.0.17/ /release/tomcat/tomcat-9/v9.0.17/

2019-03-18 Thread markt 
Author: markt
Date: Mon Mar 18 20:47:54 2019
New Revision: 33055

Log:
Release Apache Tomcat 9.0.17

Added:
release/tomcat/tomcat-9/v9.0.17/
  - copied from r33054, dev/tomcat/tomcat-9/v9.0.17/
Removed:
dev/tomcat/tomcat-9/v9.0.17/


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[VOTE][RESULT] Release Apache Tomcat 9.0.17

2019-03-18 Thread Mark Thomas 

The following votes were cast:

Binding:
+1: remm, markt, isapir, kfujino, ebourg

Non-binding:
+1: rmannibucau

The vote therefore passes.

Thanks to everyone who contributed to this release.

Mark


On 13/03/2019 18:23, Mark Thomas wrote:

The proposed Apache Tomcat 9.0.17 release is now available for voting.

The major changes compared to the 9.0.16 release are:

- The APR/Native connector now supports both OpenSSL and JSSE TLS
   configuration syntax (NIO and NIO2 already support this)

- Various improvements to NIO2

- Various fixes for HTTP/2 push requests


Along with lots of other bug fixes and improvements.

For full details, see the changelog:
https://ci.apache.org/projects/tomcat/tomcat9/docs/changelog.html

It can be obtained from:
https://dist.apache.org/repos/dist/dev/tomcat/tomcat-9/v9.0.17/
The Maven staging repo is:
https://repository.apache.org/content/repositories/orgapachetomcat-1205/
The tag is:
https://github.com/apache/tomcat/tree/9.0.17
25d7c99e8c44a41a08ba85ccaba3cfec6af9c801

The proposed 9.0.17 release is:
[ ] Broken - do not release
[ ] Stable - go ahead and release as 9.0.17

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Tomcat 7, DBCP 1.x and generics

2019-03-18 Thread Mark Thomas 

All,

I started to work on cleaning up the DBCP generics warnings in 7.0.x 
before I remembered what "fun" it was when I did this for DBCP2. While 
some of it is straight-forward, some of it requires some refactoring. 
From memory, the refactoring did fix a few bugs along the way.


Given that the changes aren't trivial, I wanted to get some feedback 
from the community as to the best approach here. Options include:


a) No nothing

b) Fix the trivial generics

c) Fix all the generics including any necessary refactoring

d) Something else


Thoughts?

mark

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[GitHub] [tomcat] salgattas opened a new pull request #149: Adding ReDoS warning/documentation to RewriteValve

2019-03-18 Thread GitBox 
salgattas opened a new pull request #149: Adding ReDoS warning/documentation to 
RewriteValve
URL: https://github.com/apache/tomcat/pull/149
 
 
   After reporting a potential DoS in "Rewrite Rules" to the Tomcat security 
team, it was decided that there was no bug in Tomcat itself, but rather in how 
a user sets up their Tomcat server. Thus, I was instructed by the security team 
to create a PR for updated documentation to better educate users on appropriate 
usage of Rewrite Rules. This commit added javadoc comments for the RewriteValve 
class, as instructed.
   
   Furthermore, I'd like to update the documentation on this page as well, 
however I cannot find a mechanism to do so: 
https://tomcat.apache.org/tomcat-9.0-doc/rewrite.html


This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


With regards,
Apache Git Services

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 63266] NullPointerException at org.apache.catalina.loader.WebappClassLoaderBase.binaryNameToPath

2019-03-18 Thread bugzilla 
https://bz.apache.org/bugzilla/show_bug.cgi?id=63266

--- Comment #2 from Mark Thomas  ---
For completeness, you need to set xmlNamespaceAware="true" for validation to
work.

Validation won't flag this as an error as, starting with Servlet 3.0 the
servlet-class / jsp-file that was required in prior versions becomes optional.
This is because the information may be provided via an annotation. If it is not
provided via any means then a ServletException will be thrown on first access
and the Servlet marked as unavailable.

Generally, the failure to start a Servlet doesn't prevent a web application
from starting.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: [VOTE] Release Apache Tomcat 8.5.39

2019-03-18 Thread Emmanuel Bourg 
Le 14/03/2019 à 14:43, Mark Thomas a écrit :

> The proposed 8.5.39 release is:
> [ ] Broken - do not release
> [X] Stable - go ahead and release as 8.5.39

+1, tested on Debian 10 with OpenJDK 11.0.3+1 and OpenSSL 1.1.1b

Emmanuel Bourg

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 63266] NullPointerException at org.apache.catalina.loader.WebappClassLoaderBase.binaryNameToPath

2019-03-18 Thread bugzilla 
https://bz.apache.org/bugzilla/show_bug.cgi?id=63266

Mark Thomas  changed:

   What|Removed |Added

 Resolution|--- |FIXED
 Status|NEW |RESOLVED

--- Comment #1 from Mark Thomas  ---
This looks to be caused by a Servlet being defined without a class name. That
is a configuration error that should be caught by enabling validation (testing
this on 7.0.x has thrown up a bunch of validation errors that I need to
investigate).

The code path that leads to the NPE is no longer present in 7.0.x. It was
removed as part of the fix for CVE-2018-1305.

I am therefore resolving this as fixed.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: [VOTE] Release Apache Tomcat 8.5.39

2019-03-18 Thread Rémy Maucherat 
On Thu, Mar 14, 2019 at 2:43 PM Mark Thomas  wrote:

> The proposed Apache Tomcat 8.5.39 release is now available for voting.
>
> The major changes compared to the 8.5.38 release are:
>
> - The APR/Native connector now supports both OpenSSL and JSSE TLS
>   configuration syntax (NIO and NIO2 already support this)
>
> - Various improvements to NIO2
>
> - Various fixes for HTTP/2 push requests
>
> - Refactor error handling so that errors that occur early in request
>   processing are handled by the application's error handling where the
>   application can be identified
>
>
> Along with lots of other bug fixes and improvements.
>
> For full details, see the changelog:
> https://ci.apache.org/projects/tomcat/tomcat85/docs/changelog.html
>
> It can be obtained from:
> https://dist.apache.org/repos/dist/dev/tomcat/tomcat-8/v8.5.39/
>
> The Maven staging repo is:
> https://repository.apache.org/content/repositories/orgapachetomcat-1206/
>
> The tag is:
> https://github.com/apache/tomcat/tree/8.5.39
> f481565d959dc5a5eae1576cc294774c8683b4dc
>
>
> The proposed 8.5.39 release is:
> [ ] Broken - do not release
> [X] Stable - go ahead and release as 8.5.39
>
> Rémy

Re: [Bug 63267] New: bugzilla assigment

2019-03-18 Thread Mark Thomas 

On 18/03/2019 10:29, bugzi...@apache.org wrote:

https://bz.apache.org/bugzilla/show_bug.cgi?id=63267

 Bug ID: 63267
Summary: bugzilla assigment
Product: Tomcat 8
Version: 8.5.0
   Hardware: PC
 Status: NEW
   Severity: normal
   Priority: P2
  Component: Documentation
   Assignee: dev@tomcat.apache.org
   Reporter: antoncrist...@gmail.com


I've disabled this idiot's account.

I'll delete the issue and repair any other vandalism I find.

Mark

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 63267] New: bugzilla assigment

2019-03-18 Thread bugzilla 
https://bz.apache.org/bugzilla/show_bug.cgi?id=63267

Bug ID: 63267
   Summary: bugzilla assigment
   Product: Tomcat 8
   Version: 8.5.0
  Hardware: PC
Status: NEW
  Severity: normal
  Priority: P2
 Component: Documentation
  Assignee: dev@tomcat.apache.org
  Reporter: antoncrist...@gmail.com
  Target Milestone: 

anton cristo 
regev sabag
moshe golan

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: [VOTE] Release Apache Tomcat 9.0.17

2019-03-18 Thread Emmanuel Bourg 
Le 13/03/2019 à 19:23, Mark Thomas a écrit :

> The proposed 9.0.17 release is:
> [ ] Broken - do not release
> [X] Stable - go ahead and release as 9.0.17
> 

+1, tested on Debian 10 with OpenJDK 11.0.3+1 and OpenSSL 1.1.1b

Emmanuel Bourg



signature.asc
Description: OpenPGP digital signature

Re: [GUMP@vmgump-vm3]: Project tomcat-tc7.0.x-validate (in module tomcat-7.0.x) failed

2019-03-18 Thread Mark Thomas 

Hi all,

Sorry about this. I think it is fixed now. There was a mkdir in the 
removed tomcat-jdbc project that I think the validate task depends on.


I've done a diff to the Tomcat 8.5 config and I think I have everything 
in place now. The next run is at 12.00 UTC so we should find out if this 
fix works a few hours after that.


Mark


On 18/03/2019 01:46, Bill Barker wrote:

To whom it may engage...
 
This is an automated request, but not an unsolicited one. For

more information please visit http://gump.apache.org/nagged.html,
and/or contact the folk at gene...@gump.apache.org.

Project tomcat-tc7.0.x-validate has an issue affecting its community 
integration.
This issue affects 1 projects,
  and has been outstanding for 8 runs.
The current state of this project is 'Failed', with reason 'Build Failed'.
For reference only, the following projects are affected by this:
 - tomcat-tc7.0.x-validate :  Tomcat 7.x, a web server implementing Java 
Servlet 3.0,
 ...


Full details are available at:
 
http://vmgump-vm3.apache.org/tomcat-7.0.x/tomcat-tc7.0.x-validate/index.html

That said, some information snippets are provided here.

The following annotations (debug/informational/warning/error messages) were 
provided:
  -DEBUG- Dependency on checkstyle exists, no need to add for property 
checkstyle.jar.
  -INFO- Failed with reason build failed



The following work was performed:
http://vmgump-vm3.apache.org/tomcat-7.0.x/tomcat-tc7.0.x-validate/gump_work/build_tomcat-7.0.x_tomcat-tc7.0.x-validate.html
Work Name: build_tomcat-7.0.x_tomcat-tc7.0.x-validate (Type: Build)
Work ended in a state of : Failed
Elapsed: 1 sec
Command Line: /usr/lib/jvm/java-8-oracle/bin/java -Djava.awt.headless=true 
-Dbuild.sysclasspath=only -Dsun.zip.disableMemoryMapping=true 
org.apache.tools.ant.Main -Dgump.merge=/srv/gump/public/gump/work/merge.xml 
-Dbase.path=/srv/gump/public/workspace/tomcat-7.0.x/tomcat-build-libs 
-Dcheckstyle.jar=/srv/gump/public/workspace/checkstyle/target/checkstyle-8.19-SNAPSHOT.jar
 -Dexecute.validate=true validate
[Working Directory: /srv/gump/public/workspace/tomcat-7.0.x]
CLASSPATH: 
/usr/lib/jvm/java-8-oracle/lib/tools.jar:/srv/gump/public/workspace/ant/dist/lib/ant.jar:/srv/gump/public/workspace/ant/dist/lib/ant-launcher.jar:/srv/gump/public/workspace/ant/dist/lib/ant-jmf.jar:/srv/gump/public/workspace/ant/dist/lib/ant-junit.jar:/srv/gump/public/workspace/ant/dist/lib/ant-junit4.jar:/srv/gump/public/workspace/ant/dist/lib/ant-swing.jar:/srv/gump/public/workspace/ant/dist/lib/ant-apache-resolver.jar:/srv/gump/public/workspace/ant/dist/lib/ant-apache-xalan2.jar:/srv/gump/public/workspace/xml-commons/java/build/resolver.jar:/srv/gump/public/workspace/checkstyle/target/checkstyle-8.19-SNAPSHOT.jar:/srv/gump/packages/antlr/antlr-3.1.3.jar:/srv/gump/public/workspace/commons-beanutils/dist/commons-beanutils-20190318.jar:/srv/gump/packages/commons-collections3/commons-collections-3.2.1.jar:/srv/gump/public/workspace/commons-cli/target/commons-cli-1.5-SNAPSHOT.jar:/srv/gump/public/workspace/commons-lang-trunk/target/commons-lang3-3.9-SNAPSHOT.jar:/srv/gump/pu
  
blic/workspace/apache-commons/logging/target/commons-logging-20190318.jar:/srv/gump/public/workspace/apache-commons/logging/target/commons-logging-api-20190318.jar:/srv/gump/public/workspace/google-guava/guava/target/guava-HEAD-jre-SNAPSHOT.jar
-
Buildfile: /srv/gump/public/workspace/tomcat-7.0.x/build.xml

build-prepare:
[delete] Deleting directory 
/srv/gump/public/workspace/tomcat-7.0.x/output/build/temp
 [mkdir] Created dir: 
/srv/gump/public/workspace/tomcat-7.0.x/output/build/temp

compile-prepare:

download-validate:

proxyflags:

setproxy:

testexist:
  [echo] Testing  for 
/srv/gump/public/workspace/checkstyle/target/checkstyle-8.19-SNAPSHOT.jar

downloadfile:

validate:
 [mkdir] Created dir: 
/srv/gump/public/workspace/tomcat-7.0.x/output/res/checkstyle

BUILD FAILED
/srv/gump/public/workspace/tomcat-7.0.x/build.xml:548: Unable to create Root 
Module: config {res/checkstyle/checkstyle.xml}, classpath {null}.

Total time: 1 second
-

To subscribe to this information via syndicated feeds:
- RSS: http://vmgump-vm3.apache.org/tomcat-7.0.x/tomcat-tc7.0.x-validate/rss.xml
- Atom: 
http://vmgump-vm3.apache.org/tomcat-7.0.x/tomcat-tc7.0.x-validate/atom.xml

== Gump Tracking Only ===
Produced by Apache Gump(TM) version 2.3.
Gump Run 2019031807, vmgump-vm3.apache.org:vmgump:2019031807
Gump E-mail Identifier (unique within run) #5.

--
Apache Gump
http://gump.apache.org/ [Instance: vmgump-vm3]

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: [VOTE] Release Apache Tomcat 9.0.17

2019-03-18 Thread Romain Manni-Bucau 
+1 (non binding), tested in custom apps and meecrowave

Romain Manni-Bucau
@rmannibucau  |  Blog
 | Old Blog
 | Github  |
LinkedIn  | Book



Le ven. 15 mars 2019 à 09:38, Keiichi Fujino  a écrit :

> 2019年3月14日(木) 3:23 Mark Thomas :
>
> > The proposed Apache Tomcat 9.0.17 release is now available for voting.
> >
> > The major changes compared to the 9.0.16 release are:
> >
> > - The APR/Native connector now supports both OpenSSL and JSSE TLS
> >   configuration syntax (NIO and NIO2 already support this)
> >
> > - Various improvements to NIO2
> >
> > - Various fixes for HTTP/2 push requests
> >
> >
> > Along with lots of other bug fixes and improvements.
> >
> > For full details, see the changelog:
> > https://ci.apache.org/projects/tomcat/tomcat9/docs/changelog.html
> >
> > It can be obtained from:
> > https://dist.apache.org/repos/dist/dev/tomcat/tomcat-9/v9.0.17/
> > The Maven staging repo is:
> > https://repository.apache.org/content/repositories/orgapachetomcat-1205/
> > The tag is:
> > https://github.com/apache/tomcat/tree/9.0.17
> > 25d7c99e8c44a41a08ba85ccaba3cfec6af9c801
> >
> > The proposed 9.0.17 release is:
> > [ ] Broken - do not release
> > [X] Stable - go ahead and release as 9.0.17
> >
> >
> +1
> Tested on some test application (enable session replication).
>
>
>
> > -
> > To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
> > For additional commands, e-mail: dev-h...@tomcat.apache.org
> >
> >
>
> --
> Keiichi.Fujino
>