date:20201112

[Bug 64872] Inefficient enum resolution in JSPs

2020-11-12 Thread bugzilla

https://bz.apache.org/bugzilla/show_bug.cgi?id=64872

--- Comment #12 from John Engebretson  ---
Created attachment 37561
  --> https://bz.apache.org/bugzilla/attachment.cgi?id=37561=edit
Extract from Tomcat8 optimizations

Approval was rapid, and the extract is attached.  It is not a patch file
because of the issues described previously, however I added comments that I
hope will help.  During this process I noticed what appears to be
double-coverage of the Boolean/boolean case; that could be an error during
development or perhaps I can't remember the good reason for it.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 64921] LoadBalancerDrainingValve does not honour "Secure Session Cookie" settings

2020-11-12 Thread bugzilla

https://bz.apache.org/bugzilla/show_bug.cgi?id=64921

--- Comment #4 from Mark Thomas  ---
You should be able to do this in the Valve:
SessionCookieConfig scc =
request.getContext().getServletContext().getSessionCookieConfig()

Then the logic used when the session cookie is created is:
sessionCookie.setSecure(request.isSecure() || scc.isSecure())

It should be possible to replicate that in the Valve.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 64872] Inefficient enum resolution in JSPs

2020-11-12 Thread bugzilla

https://bz.apache.org/bugzilla/show_bug.cgi?id=64872

--- Comment #11 from Mark Thomas  ---
Tx.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 64872] Inefficient enum resolution in JSPs

2020-11-12 Thread bugzilla

https://bz.apache.org/bugzilla/show_bug.cgi?id=64872

--- Comment #10 from John Engebretson  ---
I'll have to run it past the lawyers, etc.  I'll submit the request
immediately.  Previous submissions have taken between one day and two weeks but
this should be an easy one.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 64872] Inefficient enum resolution in JSPs

2020-11-12 Thread bugzilla

https://bz.apache.org/bugzilla/show_bug.cgi?id=64872

--- Comment #9 from Mark Thomas  ---
Understood. Any chance you could provide that patch anyway? Saves re-inventing
the wheel.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 64922] Perl getopts function is not working in Tomcat 9

2020-11-12 Thread bugzilla

https://bz.apache.org/bugzilla/show_bug.cgi?id=64922

Mark Thomas  changed:

   What|Removed |Added

 Resolution|--- |INVALID
 Status|NEW |RESOLVED

--- Comment #1 from Mark Thomas  ---
Bugzilla is not a support forum. Please use the Tomcat users mailing list.
http://tomcat.apache.org/lists.html

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: Jakarta EE - JASPIC TCK (nightly)

2020-11-12 Thread Jean-Louis MONTEIRO

Hi,

Bumping this thread up. Sorry for the late reply. Been very busy getting
Jakarta EE 9 out. Ballot if open till next Friday, so back into this issue.

I created 2 tickets regarding JASPIC and I need to open another one for the
issue discussed in this thread.

https://github.com/eclipse-ee4j/jakartaee-tck/issues/570
https://github.com/eclipse-ee4j/jakartaee-tck/issues/571

I agree we need to clarify this part, as it looks most likely like a TCK
bug.
Anyway, thanks for the thoughts.


Le jeu. 23 juil. 2020 à 16:18, Mark Thomas  a écrit :

> Comments in line.
>
> On 22/07/2020 10:19, Jean-Louis MONTEIRO wrote:
> > Hi,
> >
> > Small update on the progress.
> > Passed: 52 and Failed: 9
> >
> > I had a lot of random passed/failed for quite a while and finally found
> > the reason yesterday.
>
> I took a look at running these myself for Tomcat. There is a lot of
> fiddly setup required. I may come back to this but for now I have other
> priorities.
>
> > I'd be interested in having some thoughts
> >
> > AuthenticatorBase uses by default CallbackHandlerImpl
> >
> > The CallbackHandlerImpl will create the GenericPrincipal for the subject
> > based on the supported callbacks (CallerPrincipalCallback
> > and GroupPrincipalCallback).
> >
> > The AuthenticatorBase will pull the GenericPrincipal from the subject
> > and do the register.
> >
> > Long story short, the TCK calls the CallbackHandlerImpl twice with the
> > CallerCallback and another time with CallerCallback + GroupCallback. We
> > end up having 2 GenericPrincipal in the subject, one with the name only
> > and another one with the name and roles.
> >
> > JASPIC
> > TCK
> https://github.com/eclipse-ee4j/jakartaee-tck/blob/master/src/com/sun/ts/tests/jaspic/tssv/module/servlet/TSServerAuthModule.java#L371
> >
> > See
> https://github.com/apache/tomcat/blob/master/java/org/apache/catalina/authenticator/jaspic/CallbackHandlerImpl.java#L96
> >
> > Issue is that AuthenticatorBase pulls the first one available.
> > See
> https://github.com/apache/tomcat/blob/master/java/org/apache/catalina/authenticator/AuthenticatorBase.java#L956
> >
> > It will randomly pull the GenericPrincipal with the name only or the
> > GenericPrincipal with the name and the roles.
>
> Nice find. That must have been a real pain to track down.
>
> I've been reading through the Jakarta Authentication specification (it
> should be essentially identical to the previous JASPIC spec).
>
> From 3.8.3.1
> 
> ... handle a CallerPrincipalCallback using the clientSubject as argument
> to the callback. If more than one module of a context uses the
> CallbackHandler to handle this callback, the context is responsible for
> coordinating the calls such that the appropriate caller principal value
> is established.
> 
>
> context here is referring to ServerAuthContext.
>
> I think, in this case, the ServerAuthContext is being provided by the
> TCK so my first impression is that this is a TCK bug.
>
> I think this is worth raising on the Jakarta Authentication mailing lists.
>
> > I did a fork in TomEE of the CallbackHandlerImpl to merge the
> > GenericPrincipal in the name is the same and switched the
> > CallbackHandlerImpl class in the BasicAuthenticator valve.
>
> Yes, that is the same solution I thought of. Rather than add the newly
> created GenericPrincipal to the Subject's private credentials, see if
> the new GenericPrincipal has the same name as an existing
> GenericPrincipal and if it does merge them.
>
> I'm not sure that would be safe to do in the general case though.
>
> Mark
>
>
> >
> > Hope it's more or less clear ;-)
> > Some thoughts would be very helpfup
> >
> >
> > Le ven. 17 juil. 2020 à 18:21, Mark Thomas  > > a écrit :
> >
> > On 17/07/2020 16:56, Jean-Louis MONTEIRO wrote:
> > > Hi,
> > >
> > > Following up on this thread.
> > > Pretty old I know. Haven't seen more recent topics on JASPIC and
> > Jakarta
> > > EE TCK.
> > >
> > > I tried to invest some time in TomEE to run the JASPIC TCK which is
> > > fully relying on Tomcat.
> > > I have counted 68 tests under the package com.sun.ts.tests.jaspic
> > >
> > > The wiki says 100+ so dunno where I'm missing some.
> > >
> > > Long story short, after some time configuring the thing, I've got
> > >
> > > Passed: 38
> > > Failed: 30
> > >
> > > Anyone looked at it already since Feb 2019?
> >
> > I'm probably the most likely candidate and I haven't looked at it.
> >
> > Mark
> >
> >
> > >
> > >
> > > Le lun. 11 févr. 2019 à 21:34, Mark Thomas  > 
> > > >> a écrit :
> > >
> > > All,
> > >
> > > I've started to look at the Jakarta EE JASPIC TCK.
> > >
> > > Again a nightly build so usual caveats apply.
> > >
> > > Progress is being tracked here:
> > >

Re: [VOTE] Release Apache Tomcat 8.5.60

2020-11-12 Thread Mark Thomas

On 12/11/2020 17:53, Mark Thomas wrote:

> The proposed 8.5.60 release is:
> [ ] Broken - do not release
> [X] Stable - go ahead and release as 8.5.60

Tests pass for NIO, NIO2 and APR/Native (1.2.25) on Linux, MacOs and
Windows.

Mark

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[VOTE] Release Apache Tomcat 8.5.60

2020-11-12 Thread Mark Thomas

The proposed Apache Tomcat 8.5.60 release is now available for voting.

The notable changes compared to the 8.5.59 release are:

- Statistics are now available (via JMX) for HTTP/2, WebSocket and
  HTTP/1.1 upgraded connections

- Stability improvements for HTTP/2

- Improvements to error handling in the connection pool used by the JNDI
  Realm

Along with lots of other bug fixes and improvements.

For full details, see the changelog:
https://ci.apache.org/projects/tomcat/tomcat85/docs/changelog.html

It can be obtained from:
https://dist.apache.org/repos/dist/dev/tomcat/tomcat-8/v8.5.60/

The Maven staging repo is:
https://repository.apache.org/content/repositories/orgapachetomcat-1285/

The tag is:
https://github.com/apache/tomcat/tree/8.5.60
04d663d7541a013098db3a3f81b1c23c255c12a4

The proposed 8.5.60 release is:
[ ] Broken - do not release
[ ] Stable - go ahead and release as 8.5.60

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

svn commit: r44485 [1/2] - in /dev/tomcat/tomcat-8/v8.5.60: ./ bin/ bin/embed/ bin/extras/ src/

2020-11-12 Thread markt

Author: markt
Date: Thu Nov 12 17:53:19 2020
New Revision: 44485

Log:
Upload 8.5.60 for voting

Added:
dev/tomcat/tomcat-8/v8.5.60/
dev/tomcat/tomcat-8/v8.5.60/KEYS
dev/tomcat/tomcat-8/v8.5.60/README.html
dev/tomcat/tomcat-8/v8.5.60/RELEASE-NOTES
dev/tomcat/tomcat-8/v8.5.60/bin/
dev/tomcat/tomcat-8/v8.5.60/bin/README.html
dev/tomcat/tomcat-8/v8.5.60/bin/apache-tomcat-8.5.60-deployer.tar.gz   
(with props)
dev/tomcat/tomcat-8/v8.5.60/bin/apache-tomcat-8.5.60-deployer.tar.gz.asc
dev/tomcat/tomcat-8/v8.5.60/bin/apache-tomcat-8.5.60-deployer.tar.gz.sha512
dev/tomcat/tomcat-8/v8.5.60/bin/apache-tomcat-8.5.60-deployer.zip   (with 
props)
dev/tomcat/tomcat-8/v8.5.60/bin/apache-tomcat-8.5.60-deployer.zip.asc
dev/tomcat/tomcat-8/v8.5.60/bin/apache-tomcat-8.5.60-deployer.zip.sha512
dev/tomcat/tomcat-8/v8.5.60/bin/apache-tomcat-8.5.60-fulldocs.tar.gz   
(with props)
dev/tomcat/tomcat-8/v8.5.60/bin/apache-tomcat-8.5.60-fulldocs.tar.gz.asc
dev/tomcat/tomcat-8/v8.5.60/bin/apache-tomcat-8.5.60-fulldocs.tar.gz.sha512
dev/tomcat/tomcat-8/v8.5.60/bin/apache-tomcat-8.5.60-windows-x64.zip   
(with props)
dev/tomcat/tomcat-8/v8.5.60/bin/apache-tomcat-8.5.60-windows-x64.zip.asc
dev/tomcat/tomcat-8/v8.5.60/bin/apache-tomcat-8.5.60-windows-x64.zip.sha512
dev/tomcat/tomcat-8/v8.5.60/bin/apache-tomcat-8.5.60-windows-x86.zip   
(with props)
dev/tomcat/tomcat-8/v8.5.60/bin/apache-tomcat-8.5.60-windows-x86.zip.asc
dev/tomcat/tomcat-8/v8.5.60/bin/apache-tomcat-8.5.60-windows-x86.zip.sha512
dev/tomcat/tomcat-8/v8.5.60/bin/apache-tomcat-8.5.60.exe   (with props)
dev/tomcat/tomcat-8/v8.5.60/bin/apache-tomcat-8.5.60.exe.asc
dev/tomcat/tomcat-8/v8.5.60/bin/apache-tomcat-8.5.60.exe.sha512
dev/tomcat/tomcat-8/v8.5.60/bin/apache-tomcat-8.5.60.tar.gz   (with props)
dev/tomcat/tomcat-8/v8.5.60/bin/apache-tomcat-8.5.60.tar.gz.asc
dev/tomcat/tomcat-8/v8.5.60/bin/apache-tomcat-8.5.60.tar.gz.sha512
dev/tomcat/tomcat-8/v8.5.60/bin/apache-tomcat-8.5.60.zip   (with props)
dev/tomcat/tomcat-8/v8.5.60/bin/apache-tomcat-8.5.60.zip.asc
dev/tomcat/tomcat-8/v8.5.60/bin/apache-tomcat-8.5.60.zip.sha512
dev/tomcat/tomcat-8/v8.5.60/bin/embed/
dev/tomcat/tomcat-8/v8.5.60/bin/embed/apache-tomcat-8.5.60-embed.tar.gz   
(with props)
dev/tomcat/tomcat-8/v8.5.60/bin/embed/apache-tomcat-8.5.60-embed.tar.gz.asc

dev/tomcat/tomcat-8/v8.5.60/bin/embed/apache-tomcat-8.5.60-embed.tar.gz.sha512
dev/tomcat/tomcat-8/v8.5.60/bin/embed/apache-tomcat-8.5.60-embed.zip   
(with props)
dev/tomcat/tomcat-8/v8.5.60/bin/embed/apache-tomcat-8.5.60-embed.zip.asc
dev/tomcat/tomcat-8/v8.5.60/bin/embed/apache-tomcat-8.5.60-embed.zip.sha512
dev/tomcat/tomcat-8/v8.5.60/bin/extras/
dev/tomcat/tomcat-8/v8.5.60/bin/extras/catalina-jmx-remote.jar   (with 
props)
dev/tomcat/tomcat-8/v8.5.60/bin/extras/catalina-jmx-remote.jar.asc
dev/tomcat/tomcat-8/v8.5.60/bin/extras/catalina-jmx-remote.jar.sha512
dev/tomcat/tomcat-8/v8.5.60/bin/extras/catalina-ws.jar   (with props)
dev/tomcat/tomcat-8/v8.5.60/bin/extras/catalina-ws.jar.asc
dev/tomcat/tomcat-8/v8.5.60/bin/extras/catalina-ws.jar.sha512
dev/tomcat/tomcat-8/v8.5.60/src/
dev/tomcat/tomcat-8/v8.5.60/src/apache-tomcat-8.5.60-src.tar.gz   (with 
props)
dev/tomcat/tomcat-8/v8.5.60/src/apache-tomcat-8.5.60-src.tar.gz.asc
dev/tomcat/tomcat-8/v8.5.60/src/apache-tomcat-8.5.60-src.tar.gz.sha512
dev/tomcat/tomcat-8/v8.5.60/src/apache-tomcat-8.5.60-src.zip   (with props)
dev/tomcat/tomcat-8/v8.5.60/src/apache-tomcat-8.5.60-src.zip.asc
dev/tomcat/tomcat-8/v8.5.60/src/apache-tomcat-8.5.60-src.zip.sha512

Added: dev/tomcat/tomcat-8/v8.5.60/KEYS
==
--- dev/tomcat/tomcat-8/v8.5.60/KEYS (added)
+++ dev/tomcat/tomcat-8/v8.5.60/KEYS Thu Nov 12 17:53:19 2020
@@ -0,0 +1,676 @@
+This file contains the PGP keys of various Apache developers.
+Please don't use them for email unless you have to. Their main
+purpose is code signing.
+
+Apache users: pgp < KEYS
+Apache developers:
+(pgpk -ll  && pgpk -xa ) >> this file.
+  or
+(gpg --fingerprint --list-sigs 
+ && gpg --armor --export ) >> this file.
+
+Apache developers: please ensure that your key is also available via the
+PGP keyservers (such as pgpkeys.mit.edu).
+
+
+Type Bits/KeyIDDate   User ID
+pub  2048/F22C4FED 2001/07/02 Andy Armstrong 
+
+-BEGIN PGP PUBLIC KEY BLOCK-
+Version: PGPfreeware 7.0.3 for non-commercial use 
+
+mQGiBDtAWuURBADZ0KUEyUkSUiTA09e7tvEbX25STsjxrR+DNTainCls+XlkVOij
+gBv216lqge9tIsS0L6hCP4OQbFf/64qVtJssX4QXdyiZGb5wpmcj0Mz602Ew8r+N
+I0S5NvmogoYWW7BlP4r61jNxO5zrr03KaijM5r4ipJdLUxyOmM6P2jRPUwCg/5gm
+bpqiYl7pXX5FgDeB36tmD+UD/06iLqOnoiKO0vMbOk7URclhCObMNrHqxTxozMTS
+B9soYURbIeArei+plYo2n+1qB12ayybjhVu3uksXRdT9bEkyxMfslvLbIpDAG8Cz

svn commit: r44485 [2/2] - in /dev/tomcat/tomcat-8/v8.5.60: ./ bin/ bin/embed/ bin/extras/ src/

2020-11-12 Thread markt

Added: dev/tomcat/tomcat-8/v8.5.60/src/apache-tomcat-8.5.60-src.zip.asc
==
--- dev/tomcat/tomcat-8/v8.5.60/src/apache-tomcat-8.5.60-src.zip.asc (added)
+++ dev/tomcat/tomcat-8/v8.5.60/src/apache-tomcat-8.5.60-src.zip.asc Thu Nov 12 
17:53:19 2020
@@ -0,0 +1,16 @@
+-BEGIN PGP SIGNATURE-
+
+iQIzBAABCAAdFiEEqcXfTSLpmZjZh1pREMAcWi9gWecFAl+tdCMACgkQEMAcWi9g
+WefEmQ//dU2F9xGov1i5+ApAqwNaB7EHtY3YE2GQEDXBeRR7B3gHxSUSPp0WJzMc
+RW5KZJgcbXFn+HAfUzI6EEu8cwF+dPfsempz4pL3dmLQqXmKTHgnIvA4aCtIpN+O
+FKkqd2NRX87DKHkZrc7cokANQfXOcyZ25BE48bdgN7YkIBoRsO4wLTnUbxotguB6
+eycX+eFpJbrgbDlp7Q39zNx4R3G3S/RC6DiMmyyuLW0eF1nNrBt6F62Tt/DC3Esp
+8pUo+2S5LNodbKLAl8Po6tWWI3SsviHgh6bOUrOwmq572t8Jsf1siSpezCV4cyLa
+qFW9oANczrtUwVPbgAke0bCi8DjFYokvMRvmTXFvp3HvPRDfEMsPK8pdkoQ5Xw0Y
+4A1pLsUSGfSIzlRLjIkoTQhsnxZinx4tJuPEX2WqX38iPWKOGrSzxTMZMCn1Wqmc
+dkzhMhRMXklmuAbz5KLn51fl8dIwBetuQ/9TuYnJ6SXxfV4EWkSGgBJlqkNYgZ4W
+jBANBlHJAVgsH1e+sL3ahEpEhwGCKmMQLS62Ixarp7um0k/gm7zNmxcq8RgMF1sh
+FfDkHP67nfRnpp09wBlhwzTUlcytaa7YpkbWjWNqmuGhMcJuV2DtoCTqomHsNbu2
+MMA0AYbfsLJs5mNlUHH3TgkLDS9wy32Y2UIewIFveSR0L5rOi3s=
+=aUhm
+-END PGP SIGNATURE-

Added: dev/tomcat/tomcat-8/v8.5.60/src/apache-tomcat-8.5.60-src.zip.sha512
==
--- dev/tomcat/tomcat-8/v8.5.60/src/apache-tomcat-8.5.60-src.zip.sha512 (added)
+++ dev/tomcat/tomcat-8/v8.5.60/src/apache-tomcat-8.5.60-src.zip.sha512 Thu Nov 
12 17:53:19 2020
@@ -0,0 +1 @@
+33cdcd5978a564c3a16ed5ed0ee12d137614d11a892456574cd6882d1e6e734e3d246b335a10663933ee5f576aea2ecbb7a645e3e166cbc60f34eab66c15b9e3
 *apache-tomcat-8.5.60-src.zip
\ No newline at end of file



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] 01/01: Tag 8.5.60

2020-11-12 Thread markt

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to tag 8.5.60
in repository https://gitbox.apache.org/repos/asf/tomcat.git

commit 04d663d7541a013098db3a3f81b1c23c255c12a4
Author: Mark Thomas 
AuthorDate: Thu Nov 12 17:29:16 2020 +

Tag 8.5.60
---
 build.properties.default   | 2 +-
 webapps/docs/changelog.xml | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/build.properties.default b/build.properties.default
index d19e2eb..7493f1f 100644
--- a/build.properties.default
+++ b/build.properties.default
@@ -27,7 +27,7 @@ version.major=8
 version.minor=5
 version.build=60
 version.patch=0
-version.suffix=-dev
+version.suffix=
 
 # - Source control flags -
 git.branch=8.5.x
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 91b214f..b73ceca 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -44,7 +44,7 @@
   They eventually become mixed with the numbered issues (i.e., numbered
   issues do not "pop up" wrt. others).
 -->
-
+
   
 
   


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] tag 8.5.60 created (now 04d663d)

2020-11-12 Thread markt

This is an automated email from the ASF dual-hosted git repository.

markt pushed a change to tag 8.5.60
in repository https://gitbox.apache.org/repos/asf/tomcat.git.


  at 04d663d  (commit)
This tag includes the following new commits:

 new 04d663d  Tag 8.5.60

The 1 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails.  The revisions
listed as "add" were already present in the repository and have only
been added to this reference.



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch 8.5.x updated: Fix Windows test failures

2020-11-12 Thread markt

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/8.5.x by this push:
 new 2d6d3bf  Fix Windows test failures
2d6d3bf is described below

commit 2d6d3bfbcd9b11f60d588203dab3c01cb1f972d7
Author: Mark Thomas 
AuthorDate: Tue Nov 10 13:41:48 2020 +

Fix Windows test failures
---
 test/org/apache/coyote/http11/TestHttp11Processor.java | 10 +-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/test/org/apache/coyote/http11/TestHttp11Processor.java 
b/test/org/apache/coyote/http11/TestHttp11Processor.java
index 0e42302..bc6281d 100644
--- a/test/org/apache/coyote/http11/TestHttp11Processor.java
+++ b/test/org/apache/coyote/http11/TestHttp11Processor.java
@@ -1744,7 +1744,15 @@ public class TestHttp11Processor extends TomcatBaseTest {
 client.setRequestPause(delay);
 
 client.connect();
-client.processRequest();
+try {
+client.processRequest();
+} catch (IOException ioe) {
+// Failure is expected on some platforms (notably Windows) if the
+// longer upload timeout is not used but record the exception in
+// case it is useful for debugging purposes.
+// The assertions below will check for the correct behaviour.
+ioe.printStackTrace();
+}
 
 if (useLongerUploadTimeout) {
 // Expected response is a 200 response.


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: [tomcat] branch master updated: Fix NIO concurrency issue that removes connections from the poller.

2020-11-12 Thread Rémy Maucherat

On Thu, Nov 12, 2020 at 10:32 AM Mark Thomas  wrote:

> On 11/11/2020 22:37, Rémy Maucherat wrote:
> > On Wed, Nov 11, 2020 at 9:44 PM  wrote:
> >
> >> This is an automated email from the ASF dual-hosted git repository.
> >>
> >> markt pushed a commit to branch master
> >> in repository https://gitbox.apache.org/repos/asf/tomcat.git
> >>
> >>
> >> The following commit(s) were added to refs/heads/master by this push:
> >>  new 45aeed6  Fix NIO concurrency issue that removes connections
> from
> >> the poller.
> >> 45aeed6 is described below
> >>
> >> commit 45aeed655771308d5185d9dbab8e29a73d87509b
> >> Author: Mark Thomas 
> >> AuthorDate: Wed Nov 11 20:43:04 2020 +
> >>
> >> Fix NIO concurrency issue that removes connections from the poller.
> >>
> >> This is the source of the intermittent WebSocket test failure so
> this
> >> commit also removes the associated debug code for that issue.
> >>
> >
> > Great fix. I never expected this one ...
>
> Thanks. It took me long enough to find it.
>
> It only occurred every 1 in ~15 test runs. When a full test run takes
> ~8.5 mins it is a slow process. I was trying to narrow down the set of
> tests that triggered it but it was hard to determine if the failure was
> still being triggered. After about a day of getting nowhere I decided to
> start from the other end and ran the single test in a loop until it
> failed. That meant I could reproduce the failure in less than a minute.
> Things moved a lot faster from that point.
>
> Once I could reproduce the issue, it was just a case of adding debug
> statements to track down the root cause. Some of those statements
> altered the timing enough to prevent the failure but even that helped as
> it meant the issue was occurring after that point.
>
> The root cause surprised me as well. I'd suspected some sort of issue
> along these lines and had been looking at the source code during the
> longer test runs. Knowing NioChannel instances were being re-used I'd
> explicitly looked for places were this sort of mix-up could happen and
> completely failed to find this one.
>
> It will be interesting to see if any other intermittent issues disappear
> suggesting they had the same root cause.
>

That's interesting, I'll review some more with that closed channel behavior
in mind.

Rémy

[Bug 64922] Perl getopts function is not working in Tomcat 9

2020-11-12 Thread bugzilla

https://bz.apache.org/bugzilla/show_bug.cgi?id=64922

Swathi Jonnalagadda  changed:

   What|Removed |Added

 CC||swathi.jonnalagadda@xerox.c
   ||om

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 64922] New: Perl getopts function is not working in Tomcat 9

2020-11-12 Thread bugzilla

https://bz.apache.org/bugzilla/show_bug.cgi?id=64922

Bug ID: 64922
   Summary: Perl getopts function is not working in Tomcat 9
   Product: Tomcat 9
   Version: 9.0.38
  Hardware: All
OS: Solaris
Status: NEW
  Severity: critical
  Priority: P2
 Component: Catalina
  Assignee: dev@tomcat.apache.org
  Reporter: swathi.jonnalaga...@xerox.com
  Target Milestone: -

Hi 

We have our web application implemented in Perl cgi which is using below
function of perl. we are upgrading from Tomcat 8.0.21 to Tomcat 9.0.38. 

The below function (getopts) is working fine Tomcat 8.0.21 but is not working
in Tomcat 9.0.38. We even tried Tomcat 9.0.39 as well and it is not working
even in 9.0.39.

use Getopt::Std;

getopts('ei:npXP');

Could you please suggest a solution here.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: [VOTE] Release Apache Tomcat 9.0.40

2020-11-12 Thread Mark Thomas

On 12/11/2020 15:58, Mark Thomas wrote:
> The proposed 9.0.40 release is:
> [ ] Broken - do not release
> [X] Stable - go ahead and release as 9.0.40

Tests pass for NIO, NIO2 and APR/Native (1.2.25) on Linux, MacOs and
Windows.

Mark

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 64921] LoadBalancerDrainingValve does not honour "Secure Session Cookie" settings

2020-11-12 Thread bugzilla

https://bz.apache.org/bugzilla/show_bug.cgi?id=64921

--- Comment #3 from Christopher Schultz  ---
Yes, I was thinking about some permutation of that.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[VOTE] Release Apache Tomcat 9.0.40

2020-11-12 Thread Mark Thomas

The proposed Apache Tomcat 9.0.40 release is now available for voting.

The notable changes compared to the 9.0.39 release are:

- Statistics are now available (via JMX) for HTTP/2, WebSocket and
  HTTP/1.1 upgraded connections

- Stability improvements for HTTP/2

- Stability improvements for the NIO connector

Along with lots of other bug fixes and improvements.

For full details, see the changelog:
https://ci.apache.org/projects/tomcat/tomcat9/docs/changelog.html

It can be obtained from:
https://dist.apache.org/repos/dist/dev/tomcat/tomcat-9/v9.0.40/
The Maven staging repo is:
https://repository.apache.org/content/repositories/orgapachetomcat-1284/
The tag is:
https://github.com/apache/tomcat/tree/9.0.40
11cce490eb67a8aca64377a22c0cea2e38896725

The proposed 9.0.40 release is:
[ ] Broken - do not release
[ ] Stable - go ahead and release as 9.0.40

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

svn commit: r44483 - in /dev/tomcat/tomcat-9/v9.0.40: ./ bin/ bin/embed/ src/

2020-11-12 Thread markt

Author: markt
Date: Thu Nov 12 15:53:55 2020
New Revision: 44483

Log:
Upload 9.0.40 for voting

Added:
dev/tomcat/tomcat-9/v9.0.40/
dev/tomcat/tomcat-9/v9.0.40/KEYS
dev/tomcat/tomcat-9/v9.0.40/README.html
dev/tomcat/tomcat-9/v9.0.40/RELEASE-NOTES
dev/tomcat/tomcat-9/v9.0.40/bin/
dev/tomcat/tomcat-9/v9.0.40/bin/README.html
dev/tomcat/tomcat-9/v9.0.40/bin/apache-tomcat-9.0.40-deployer.tar.gz   
(with props)
dev/tomcat/tomcat-9/v9.0.40/bin/apache-tomcat-9.0.40-deployer.tar.gz.asc
dev/tomcat/tomcat-9/v9.0.40/bin/apache-tomcat-9.0.40-deployer.tar.gz.sha512
dev/tomcat/tomcat-9/v9.0.40/bin/apache-tomcat-9.0.40-deployer.zip   (with 
props)
dev/tomcat/tomcat-9/v9.0.40/bin/apache-tomcat-9.0.40-deployer.zip.asc
dev/tomcat/tomcat-9/v9.0.40/bin/apache-tomcat-9.0.40-deployer.zip.sha512
dev/tomcat/tomcat-9/v9.0.40/bin/apache-tomcat-9.0.40-fulldocs.tar.gz   
(with props)
dev/tomcat/tomcat-9/v9.0.40/bin/apache-tomcat-9.0.40-fulldocs.tar.gz.asc
dev/tomcat/tomcat-9/v9.0.40/bin/apache-tomcat-9.0.40-fulldocs.tar.gz.sha512
dev/tomcat/tomcat-9/v9.0.40/bin/apache-tomcat-9.0.40-windows-x64.zip   
(with props)
dev/tomcat/tomcat-9/v9.0.40/bin/apache-tomcat-9.0.40-windows-x64.zip.asc
dev/tomcat/tomcat-9/v9.0.40/bin/apache-tomcat-9.0.40-windows-x64.zip.sha512
dev/tomcat/tomcat-9/v9.0.40/bin/apache-tomcat-9.0.40-windows-x86.zip   
(with props)
dev/tomcat/tomcat-9/v9.0.40/bin/apache-tomcat-9.0.40-windows-x86.zip.asc
dev/tomcat/tomcat-9/v9.0.40/bin/apache-tomcat-9.0.40-windows-x86.zip.sha512
dev/tomcat/tomcat-9/v9.0.40/bin/apache-tomcat-9.0.40.exe   (with props)
dev/tomcat/tomcat-9/v9.0.40/bin/apache-tomcat-9.0.40.exe.asc
dev/tomcat/tomcat-9/v9.0.40/bin/apache-tomcat-9.0.40.exe.sha512
dev/tomcat/tomcat-9/v9.0.40/bin/apache-tomcat-9.0.40.tar.gz   (with props)
dev/tomcat/tomcat-9/v9.0.40/bin/apache-tomcat-9.0.40.tar.gz.asc
dev/tomcat/tomcat-9/v9.0.40/bin/apache-tomcat-9.0.40.tar.gz.sha512
dev/tomcat/tomcat-9/v9.0.40/bin/apache-tomcat-9.0.40.zip   (with props)
dev/tomcat/tomcat-9/v9.0.40/bin/apache-tomcat-9.0.40.zip.asc
dev/tomcat/tomcat-9/v9.0.40/bin/apache-tomcat-9.0.40.zip.sha512
dev/tomcat/tomcat-9/v9.0.40/bin/embed/
dev/tomcat/tomcat-9/v9.0.40/bin/embed/apache-tomcat-9.0.40-embed.tar.gz   
(with props)
dev/tomcat/tomcat-9/v9.0.40/bin/embed/apache-tomcat-9.0.40-embed.tar.gz.asc

dev/tomcat/tomcat-9/v9.0.40/bin/embed/apache-tomcat-9.0.40-embed.tar.gz.sha512
dev/tomcat/tomcat-9/v9.0.40/bin/embed/apache-tomcat-9.0.40-embed.zip   
(with props)
dev/tomcat/tomcat-9/v9.0.40/bin/embed/apache-tomcat-9.0.40-embed.zip.asc
dev/tomcat/tomcat-9/v9.0.40/bin/embed/apache-tomcat-9.0.40-embed.zip.sha512
dev/tomcat/tomcat-9/v9.0.40/src/
dev/tomcat/tomcat-9/v9.0.40/src/apache-tomcat-9.0.40-src.tar.gz   (with 
props)
dev/tomcat/tomcat-9/v9.0.40/src/apache-tomcat-9.0.40-src.tar.gz.asc
dev/tomcat/tomcat-9/v9.0.40/src/apache-tomcat-9.0.40-src.tar.gz.sha512
dev/tomcat/tomcat-9/v9.0.40/src/apache-tomcat-9.0.40-src.zip   (with props)
dev/tomcat/tomcat-9/v9.0.40/src/apache-tomcat-9.0.40-src.zip.asc
dev/tomcat/tomcat-9/v9.0.40/src/apache-tomcat-9.0.40-src.zip.sha512

Added: dev/tomcat/tomcat-9/v9.0.40/KEYS
==
--- dev/tomcat/tomcat-9/v9.0.40/KEYS (added)
+++ dev/tomcat/tomcat-9/v9.0.40/KEYS Thu Nov 12 15:53:55 2020
@@ -0,0 +1,676 @@
+This file contains the PGP keys of various Apache developers.
+Please don't use them for email unless you have to. Their main
+purpose is code signing.
+
+Apache users: pgp < KEYS
+Apache developers:
+(pgpk -ll  && pgpk -xa ) >> this file.
+  or
+(gpg --fingerprint --list-sigs 
+ && gpg --armor --export ) >> this file.
+
+Apache developers: please ensure that your key is also available via the
+PGP keyservers (such as pgpkeys.mit.edu).
+
+
+Type Bits/KeyIDDate   User ID
+pub  2048/F22C4FED 2001/07/02 Andy Armstrong 
+
+-BEGIN PGP PUBLIC KEY BLOCK-
+Version: PGPfreeware 7.0.3 for non-commercial use 
+
+mQGiBDtAWuURBADZ0KUEyUkSUiTA09e7tvEbX25STsjxrR+DNTainCls+XlkVOij
+gBv216lqge9tIsS0L6hCP4OQbFf/64qVtJssX4QXdyiZGb5wpmcj0Mz602Ew8r+N
+I0S5NvmogoYWW7BlP4r61jNxO5zrr03KaijM5r4ipJdLUxyOmM6P2jRPUwCg/5gm
+bpqiYl7pXX5FgDeB36tmD+UD/06iLqOnoiKO0vMbOk7URclhCObMNrHqxTxozMTS
+B9soYURbIeArei+plYo2n+1qB12ayybjhVu3uksXRdT9bEkyxMfslvLbIpDAG8Cz
+gNftTbKx/MVS7cQU0II8BKo2Akr+1FZah+sD4ovK8SfkMXUQUbTeefTntsAQKyyU
+9M9tA/9on9tBiHFl0qVJht6N4GiJ2G689v7rS2giLgKjetjiCduxBXEgvUSuyQID
+nF9ATrpXjITwsRlGKFmpZiFm5oCeCXihIVH0u6q066xNW2AXkLVoJ1l1Rs2Z0lsb
+0cq3xEAcwAmYLKQvCtgDV8CYgWKVmPi+49rSuQn7Lo9l02OUbLQgQW5keSBBcm1z
+dHJvbmcgPGFuZHlAdGFnaXNoLmNvbT6JAFgEEBECABgFAjtAWuUICwMJCAcCAQoC
+GQEFGwMACgkQajrT9PIsT+1plgCfXAovWnVL3MjrTfcGlFSKw7GHCSYAoJkz
+x+r2ANe8/0e+u5ZcYtSaSry+uQINBDtAWuUQCAD2Qle3CH8IF3KiutapQvMF6PlT

[tomcat] 01/01: Tag 9.0.40

2020-11-12 Thread markt

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to tag 9.0.40
in repository https://gitbox.apache.org/repos/asf/tomcat.git

commit 11cce490eb67a8aca64377a22c0cea2e38896725
Author: Mark Thomas 
AuthorDate: Thu Nov 12 15:32:53 2020 +

Tag 9.0.40
---
 build.properties.default   | 2 +-
 webapps/docs/changelog.xml | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/build.properties.default b/build.properties.default
index 5a8ca83..cad803e 100644
--- a/build.properties.default
+++ b/build.properties.default
@@ -27,7 +27,7 @@ version.major=9
 version.minor=0
 version.build=40
 version.patch=0
-version.suffix=-dev
+version.suffix=
 
 # - Source control flags -
 git.branch=master
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 8617401..bccab38 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -44,7 +44,7 @@
   They eventually become mixed with the numbered issues (i.e., numbered
   issues do not "pop up" wrt. others).
 -->
-
+
   
 
   


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch master updated: Increment version for next development cycle

2020-11-12 Thread markt

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/master by this push:
 new b34ecb6  Increment version for next development cycle
b34ecb6 is described below

commit b34ecb6e684ffc31f56e213210d947e646fd1283
Author: Mark Thomas 
AuthorDate: Thu Nov 12 15:32:13 2020 +

Increment version for next development cycle
---
 build.properties.default | 2 +-
 res/maven/mvn.properties.default | 2 +-
 webapps/docs/changelog.xml   | 4 +++-
 3 files changed, 5 insertions(+), 3 deletions(-)

diff --git a/build.properties.default b/build.properties.default
index de2407b..a34cc44 100644
--- a/build.properties.default
+++ b/build.properties.default
@@ -27,7 +27,7 @@ version.major=10
 version.minor=0
 version.build=0
 version.patch=0
-version.suffix=-M10-dev
+version.suffix=-M11-dev
 
 # - Source control flags -
 git.branch=master
diff --git a/res/maven/mvn.properties.default b/res/maven/mvn.properties.default
index 1532af0..2c756e3 100644
--- a/res/maven/mvn.properties.default
+++ b/res/maven/mvn.properties.default
@@ -39,7 +39,7 @@ 
maven.asf.release.repo.url=https://repository.apache.org/service/local/staging/d
 maven.asf.release.repo.repositoryId=apache.releases.https
 
 # Release version info
-maven.asf.release.deploy.version=10.0.0-M10
+maven.asf.release.deploy.version=10.0.0-M11
 
 #Where do we load the libraries from
 tomcat.lib.path=../../output/build/lib
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index f5e8b66..57754b7 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -44,7 +44,9 @@
   They eventually become mixed with the numbered issues (i.e., numbered
   issues do not "pop up" wrt. others).
 -->
-
+
+
+
   
 
   


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] tag 9.0.40 created (now 11cce49)

2020-11-12 Thread markt

This is an automated email from the ASF dual-hosted git repository.

markt pushed a change to tag 9.0.40
in repository https://gitbox.apache.org/repos/asf/tomcat.git.


  at 11cce49  (commit)
This tag includes the following new commits:

 new 11cce49  Tag 9.0.40

The 1 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails.  The revisions
listed as "add" were already present in the repository and have only
been added to this reference.



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch 7.0.x updated: Ensure tests pass with newer versions of Java 8

2020-11-12 Thread markt

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 7.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/7.0.x by this push:
 new cafbb85  Ensure tests pass with newer versions of Java 8
cafbb85 is described below

commit cafbb85dd716b14114e264cb4587347fb64a1886
Author: Mark Thomas 
AuthorDate: Wed Aug 12 19:52:35 2020 +0100

Ensure tests pass with newer versions of Java 8
---
 test/org/apache/tomcat/util/net/TesterSupport.java | 7 ++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/test/org/apache/tomcat/util/net/TesterSupport.java 
b/test/org/apache/tomcat/util/net/TesterSupport.java
index 2b14955..13b08ab 100644
--- a/test/org/apache/tomcat/util/net/TesterSupport.java
+++ b/test/org/apache/tomcat/util/net/TesterSupport.java
@@ -200,7 +200,12 @@ public final class TesterSupport {
 protected static void configureClientSsl(String protocol) {
 try {
 System.setProperty("https.protocols", protocol);
-SSLContext sc = SSLContext.getInstance(Constants.SSL_PROTO_TLS);
+SSLContext sc;
+if (TesterSupport.TLSV13_AVAILABLE) {
+ sc = SSLContext.getInstance("TLSv1.3");
+} else {
+sc = SSLContext.getInstance(Constants.SSL_PROTO_TLS);
+}
 sc.init(TesterSupport.getUser1KeyManagers(),
 TesterSupport.getTrustManagers(),
 null);


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch 8.5.x updated: Attempt to get JDK 8 smoke tests working on Github

2020-11-12 Thread markt

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/8.5.x by this push:
 new 8046dde  Attempt to get JDK 8 smoke tests working on Github
8046dde is described below

commit 8046dde1fe9cc33cca4979120e5a5be755f53145
Author: Mark Thomas 
AuthorDate: Wed Aug 12 19:52:35 2020 +0100

Attempt to get JDK 8 smoke tests working on Github

Github uses Zulu which supports TLS 1.3 but does not enable it by
default.
---
 test/org/apache/tomcat/util/net/TesterSupport.java | 7 ++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/test/org/apache/tomcat/util/net/TesterSupport.java 
b/test/org/apache/tomcat/util/net/TesterSupport.java
index bc7aca9..9d7773e 100644
--- a/test/org/apache/tomcat/util/net/TesterSupport.java
+++ b/test/org/apache/tomcat/util/net/TesterSupport.java
@@ -197,7 +197,12 @@ public final class TesterSupport {
 public static ClientSSLSocketFactory configureClientSsl() {
 ClientSSLSocketFactory clientSSLSocketFactory = null;
 try {
-SSLContext sc = SSLContext.getInstance(Constants.SSL_PROTO_TLS);
+SSLContext sc;
+if (TesterSupport.TLSV13_AVAILABLE) {
+ sc = SSLContext.getInstance("TLSv1.3");
+} else {
+sc = SSLContext.getInstance(Constants.SSL_PROTO_TLS);
+}
 sc.init(TesterSupport.getUser1KeyManagers(),
 TesterSupport.getTrustManagers(),
 null);


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch 9.0.x updated: Attempt to get JDK 8 smoke tests working on Github

2020-11-12 Thread markt

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/9.0.x by this push:
 new dbe0ce7  Attempt to get JDK 8 smoke tests working on Github
dbe0ce7 is described below

commit dbe0ce7d7c4830edc53ea36235decd2c4119ee98
Author: Mark Thomas 
AuthorDate: Wed Aug 12 19:52:35 2020 +0100

Attempt to get JDK 8 smoke tests working on Github

Github uses Zulu which supports TLS 1.3 but does not enable it by
default.
---
 test/org/apache/tomcat/util/net/TesterSupport.java | 7 ++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/test/org/apache/tomcat/util/net/TesterSupport.java 
b/test/org/apache/tomcat/util/net/TesterSupport.java
index 5cda3aa..7e9accc 100644
--- a/test/org/apache/tomcat/util/net/TesterSupport.java
+++ b/test/org/apache/tomcat/util/net/TesterSupport.java
@@ -199,7 +199,12 @@ public final class TesterSupport {
 public static ClientSSLSocketFactory configureClientSsl() {
 ClientSSLSocketFactory clientSSLSocketFactory = null;
 try {
-SSLContext sc = SSLContext.getInstance(Constants.SSL_PROTO_TLS);
+SSLContext sc;
+if (TesterSupport.TLSV13_AVAILABLE) {
+ sc = SSLContext.getInstance("TLSv1.3");
+} else {
+sc = SSLContext.getInstance(Constants.SSL_PROTO_TLS);
+}
 sc.init(TesterSupport.getUser1KeyManagers(),
 TesterSupport.getTrustManagers(),
 null);


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 64921] LoadBalancerDrainingValve does not honour "Secure Session Cookie" settings

2020-11-12 Thread bugzilla

https://bz.apache.org/bugzilla/show_bug.cgi?id=64921

--- Comment #2 from Andreas Kurth  ---
Setting "Secure" unconditionally would raise another issue: Chrome doesn't
accept the Secure flag when not run under SSL. A possible – still naive –
implementation might be:

if (request.isSecure()) {
sessionCookie.setSecure(true);
}

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch 9.0.x updated: Fix Windows test failures

2020-11-12 Thread markt

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/9.0.x by this push:
 new 996a65c  Fix Windows test failures
996a65c is described below

commit 996a65c8d9335960507a1198a193b17d62307bc7
Author: Mark Thomas 
AuthorDate: Tue Nov 10 13:41:48 2020 +

Fix Windows test failures
---
 test/org/apache/coyote/http11/TestHttp11Processor.java | 10 +-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/test/org/apache/coyote/http11/TestHttp11Processor.java 
b/test/org/apache/coyote/http11/TestHttp11Processor.java
index e9013dd..f3ddb8b 100644
--- a/test/org/apache/coyote/http11/TestHttp11Processor.java
+++ b/test/org/apache/coyote/http11/TestHttp11Processor.java
@@ -1728,7 +1728,15 @@ public class TestHttp11Processor extends TomcatBaseTest {
 client.setRequestPause(delay);
 
 client.connect();
-client.processRequest();
+try {
+client.processRequest();
+} catch (IOException ioe) {
+// Failure is expected on some platforms (notably Windows) if the
+// longer upload timeout is not used but record the exception in
+// case it is useful for debugging purposes.
+// The assertions below will check for the correct behaviour.
+ioe.printStackTrace();
+}
 
 if (useLongerUploadTimeout) {
 // Expected response is a 200 response.


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 64921] LoadBalancerDrainingValve does not honour "Secure Session Cookie" settings

2020-11-12 Thread bugzilla

https://bz.apache.org/bugzilla/show_bug.cgi?id=64921

--- Comment #1 from Christopher Schultz  ---
Hmm. It's not possible to know whether or not the browser thinks the cookie
should be "secure" since the client doesn't send the "secure" flag to the
server (it's a one-way flag, from server -> client).

Are you able to test a patch (or have you already developed one)?

Assuming the only thing missing is:

  sessionCookie.setSecure(true);

then we only have to worry about knowing when to set that flag. Modern systems
should probably *always* set that flag, but someone out there surely needs is
to NOT set the "secure" flag so we need a way to disable that. Probably via a
configuration option "secure" which defaults to "true" but can be set to
"false".

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: [VOTE] Release Apache Tomcat 10.0.0-M10

2020-11-12 Thread Mark Thomas

On 12/11/2020 12:32, Mark Thomas wrote:
> The proposed 10.0.0-M10 release is:
> [ ] Broken - do not release
> [X] Alpha  - go ahead and release as 10.0.0-M10

Tests pass for NIO, NIO2 and APR/Native (1.2.25) on Linux, MacOs and
Windows.

Mark

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[VOTE] Release Apache Tomcat 10.0.0-M10

2020-11-12 Thread Mark Thomas

The proposed Apache Tomcat 10.0.0-M10 release is now available for
voting.

Apache Tomcat 10.x implements Jakarta EE 9 and, as such, the primary
package for all the specification APIs has changed from javax.* to jakarta.*
Applications that run on Tomcat 9 will not run on Tomcat 10 without changes.

The notable changes compared to 10.0.0-M9 are:

- Statistics are now available (via JMX) for HTTP/2, WebSocket and
  HTTP/1.1 upgraded connections

- Stability improvements for HTTP/2

- Stability improvements for the NIO connector

Along with lots of other bug fixes and improvements.


For full details, see the changelog:
https://ci.apache.org/projects/tomcat/tomcat10/docs/changelog.html

It can be obtained from:
https://dist.apache.org/repos/dist/dev/tomcat/tomcat-10/v10.0.0-M10/
The Maven staging repo is:
https://repository.apache.org/content/repositories/orgapachetomcat-1283/
The tag is:
https://github.com/apache/tomcat/tree/10.0.0-M10
9826be4c8368c94eab1e804b456867ca1cb766c3

The proposed 10.0.0-M10 release is:
[ ] Broken - do not release
[ ] Alpha  - go ahead and release as 10.0.0-M10

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

svn commit: r44480 - in /dev/tomcat/tomcat-10/v10.0.0-M10: ./ bin/ bin/embed/ src/

2020-11-12 Thread markt

Author: markt
Date: Thu Nov 12 12:13:24 2020
New Revision: 44480

Log:
Upload 10.0.0-M10 for voting

Added:
dev/tomcat/tomcat-10/v10.0.0-M10/
dev/tomcat/tomcat-10/v10.0.0-M10/KEYS
dev/tomcat/tomcat-10/v10.0.0-M10/README.html
dev/tomcat/tomcat-10/v10.0.0-M10/RELEASE-NOTES
dev/tomcat/tomcat-10/v10.0.0-M10/bin/
dev/tomcat/tomcat-10/v10.0.0-M10/bin/README.html

dev/tomcat/tomcat-10/v10.0.0-M10/bin/apache-tomcat-10.0.0-M10-deployer.tar.gz   
(with props)

dev/tomcat/tomcat-10/v10.0.0-M10/bin/apache-tomcat-10.0.0-M10-deployer.tar.gz.asc

dev/tomcat/tomcat-10/v10.0.0-M10/bin/apache-tomcat-10.0.0-M10-deployer.tar.gz.sha512
dev/tomcat/tomcat-10/v10.0.0-M10/bin/apache-tomcat-10.0.0-M10-deployer.zip  
 (with props)

dev/tomcat/tomcat-10/v10.0.0-M10/bin/apache-tomcat-10.0.0-M10-deployer.zip.asc

dev/tomcat/tomcat-10/v10.0.0-M10/bin/apache-tomcat-10.0.0-M10-deployer.zip.sha512

dev/tomcat/tomcat-10/v10.0.0-M10/bin/apache-tomcat-10.0.0-M10-fulldocs.tar.gz   
(with props)

dev/tomcat/tomcat-10/v10.0.0-M10/bin/apache-tomcat-10.0.0-M10-fulldocs.tar.gz.asc

dev/tomcat/tomcat-10/v10.0.0-M10/bin/apache-tomcat-10.0.0-M10-fulldocs.tar.gz.sha512

dev/tomcat/tomcat-10/v10.0.0-M10/bin/apache-tomcat-10.0.0-M10-windows-x64.zip   
(with props)

dev/tomcat/tomcat-10/v10.0.0-M10/bin/apache-tomcat-10.0.0-M10-windows-x64.zip.asc

dev/tomcat/tomcat-10/v10.0.0-M10/bin/apache-tomcat-10.0.0-M10-windows-x64.zip.sha512

dev/tomcat/tomcat-10/v10.0.0-M10/bin/apache-tomcat-10.0.0-M10-windows-x86.zip   
(with props)

dev/tomcat/tomcat-10/v10.0.0-M10/bin/apache-tomcat-10.0.0-M10-windows-x86.zip.asc

dev/tomcat/tomcat-10/v10.0.0-M10/bin/apache-tomcat-10.0.0-M10-windows-x86.zip.sha512
dev/tomcat/tomcat-10/v10.0.0-M10/bin/apache-tomcat-10.0.0-M10.exe   (with 
props)
dev/tomcat/tomcat-10/v10.0.0-M10/bin/apache-tomcat-10.0.0-M10.exe.asc
dev/tomcat/tomcat-10/v10.0.0-M10/bin/apache-tomcat-10.0.0-M10.exe.sha512
dev/tomcat/tomcat-10/v10.0.0-M10/bin/apache-tomcat-10.0.0-M10.tar.gz   
(with props)
dev/tomcat/tomcat-10/v10.0.0-M10/bin/apache-tomcat-10.0.0-M10.tar.gz.asc
dev/tomcat/tomcat-10/v10.0.0-M10/bin/apache-tomcat-10.0.0-M10.tar.gz.sha512
dev/tomcat/tomcat-10/v10.0.0-M10/bin/apache-tomcat-10.0.0-M10.zip   (with 
props)
dev/tomcat/tomcat-10/v10.0.0-M10/bin/apache-tomcat-10.0.0-M10.zip.asc
dev/tomcat/tomcat-10/v10.0.0-M10/bin/apache-tomcat-10.0.0-M10.zip.sha512
dev/tomcat/tomcat-10/v10.0.0-M10/bin/embed/

dev/tomcat/tomcat-10/v10.0.0-M10/bin/embed/apache-tomcat-10.0.0-M10-embed.tar.gz
   (with props)

dev/tomcat/tomcat-10/v10.0.0-M10/bin/embed/apache-tomcat-10.0.0-M10-embed.tar.gz.asc

dev/tomcat/tomcat-10/v10.0.0-M10/bin/embed/apache-tomcat-10.0.0-M10-embed.tar.gz.sha512

dev/tomcat/tomcat-10/v10.0.0-M10/bin/embed/apache-tomcat-10.0.0-M10-embed.zip   
(with props)

dev/tomcat/tomcat-10/v10.0.0-M10/bin/embed/apache-tomcat-10.0.0-M10-embed.zip.asc

dev/tomcat/tomcat-10/v10.0.0-M10/bin/embed/apache-tomcat-10.0.0-M10-embed.zip.sha512
dev/tomcat/tomcat-10/v10.0.0-M10/src/
dev/tomcat/tomcat-10/v10.0.0-M10/src/apache-tomcat-10.0.0-M10-src.tar.gz   
(with props)
dev/tomcat/tomcat-10/v10.0.0-M10/src/apache-tomcat-10.0.0-M10-src.tar.gz.asc

dev/tomcat/tomcat-10/v10.0.0-M10/src/apache-tomcat-10.0.0-M10-src.tar.gz.sha512
dev/tomcat/tomcat-10/v10.0.0-M10/src/apache-tomcat-10.0.0-M10-src.zip   
(with props)
dev/tomcat/tomcat-10/v10.0.0-M10/src/apache-tomcat-10.0.0-M10-src.zip.asc
dev/tomcat/tomcat-10/v10.0.0-M10/src/apache-tomcat-10.0.0-M10-src.zip.sha512

Added: dev/tomcat/tomcat-10/v10.0.0-M10/KEYS
==
--- dev/tomcat/tomcat-10/v10.0.0-M10/KEYS (added)
+++ dev/tomcat/tomcat-10/v10.0.0-M10/KEYS Thu Nov 12 12:13:24 2020
@@ -0,0 +1,676 @@
+This file contains the PGP keys of various Apache developers.
+Please don't use them for email unless you have to. Their main
+purpose is code signing.
+
+Apache users: pgp < KEYS
+Apache developers:
+(pgpk -ll  && pgpk -xa ) >> this file.
+  or
+(gpg --fingerprint --list-sigs 
+ && gpg --armor --export ) >> this file.
+
+Apache developers: please ensure that your key is also available via the
+PGP keyservers (such as pgpkeys.mit.edu).
+
+
+Type Bits/KeyIDDate   User ID
+pub  2048/F22C4FED 2001/07/02 Andy Armstrong 
+
+-BEGIN PGP PUBLIC KEY BLOCK-
+Version: PGPfreeware 7.0.3 for non-commercial use 
+
+mQGiBDtAWuURBADZ0KUEyUkSUiTA09e7tvEbX25STsjxrR+DNTainCls+XlkVOij
+gBv216lqge9tIsS0L6hCP4OQbFf/64qVtJssX4QXdyiZGb5wpmcj0Mz602Ew8r+N
+I0S5NvmogoYWW7BlP4r61jNxO5zrr03KaijM5r4ipJdLUxyOmM6P2jRPUwCg/5gm
+bpqiYl7pXX5FgDeB36tmD+UD/06iLqOnoiKO0vMbOk7URclhCObMNrHqxTxozMTS
+B9soYURbIeArei+plYo2n+1qB12ayybjhVu3uksXRdT9bEkyxMfslvLbIpDAG8Cz
+gNftTbKx/MVS7cQU0II8BKo2Akr+1FZah+sD4ovK8SfkMXUQUbTeefTntsAQKyyU

svn commit: r44479 - in /release/tomcat: tomcat-10/v10.0.0-M8/ tomcat-8/v8.5.58/ tomcat-9/v9.0.38/

2020-11-12 Thread markt

Author: markt
Date: Thu Nov 12 12:06:50 2020
New Revision: 44479

Log:
Drop older versions from mirrors

Removed:
release/tomcat/tomcat-10/v10.0.0-M8/
release/tomcat/tomcat-8/v8.5.58/
release/tomcat/tomcat-9/v9.0.38/


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 64921] New: LoadBalancerDrainingValve does not honour "Secure Session Cookie" settings

2020-11-12 Thread bugzilla

https://bz.apache.org/bugzilla/show_bug.cgi?id=64921

Bug ID: 64921
   Summary: LoadBalancerDrainingValve does not honour "Secure
Session Cookie" settings
   Product: Tomcat 9
   Version: 9.0.39
  Hardware: PC
OS: Linux
Status: NEW
  Severity: normal
  Priority: P2
 Component: Catalina
  Assignee: dev@tomcat.apache.org
  Reporter: apa...@akurth.de
  Target Milestone: -

With Chrome browsers a redirection loop will be triggered when all of the
following conditions apply:

* sameSiteCookies=none attribute has been set at the CookieProcessor
* LoadBalancerDrainingValve has been activated
* Site is called with timed out session

Reason: LoadBalancerDrainingValve tries to reset the JSESSIONID cookie. It adds
"SameSite=None" as expected. But no matter what is configured for the "Secure
Session Cookie" setting, it will never add the "Secure" attribute, too. Since
Chrome does not accept "SameSite=None" without "Secure", it will reject the
cookie, which will then be sent again and again in a redirection loop.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] 01/01: Tag 10.0.0-M10

2020-11-12 Thread markt

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to tag 10.0.0-M10
in repository https://gitbox.apache.org/repos/asf/tomcat.git

commit 9826be4c8368c94eab1e804b456867ca1cb766c3
Author: Mark Thomas 
AuthorDate: Thu Nov 12 10:46:46 2020 +

Tag 10.0.0-M10
---
 build.properties.default   | 2 +-
 webapps/docs/changelog.xml | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/build.properties.default b/build.properties.default
index de2407b..864120b 100644
--- a/build.properties.default
+++ b/build.properties.default
@@ -27,7 +27,7 @@ version.major=10
 version.minor=0
 version.build=0
 version.patch=0
-version.suffix=-M10-dev
+version.suffix=-M10
 
 # - Source control flags -
 git.branch=master
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index f5e8b66..b9a6206 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -44,7 +44,7 @@
   They eventually become mixed with the numbered issues (i.e., numbered
   issues do not "pop up" wrt. others).
 -->
-
+
   
 
   


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] tag 10.0.0-M10 created (now 9826be4)

2020-11-12 Thread markt

This is an automated email from the ASF dual-hosted git repository.

markt pushed a change to tag 10.0.0-M10
in repository https://gitbox.apache.org/repos/asf/tomcat.git.


  at 9826be4  (commit)
This tag includes the following new commits:

 new 9826be4  Tag 10.0.0-M10

The 1 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails.  The revisions
listed as "add" were already present in the repository and have only
been added to this reference.



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: [tomcat] branch master updated: Fix NIO concurrency issue that removes connections from the poller.

2020-11-12 Thread Mark Thomas

On 11/11/2020 22:37, Rémy Maucherat wrote:
> On Wed, Nov 11, 2020 at 9:44 PM  wrote:
> 
>> This is an automated email from the ASF dual-hosted git repository.
>>
>> markt pushed a commit to branch master
>> in repository https://gitbox.apache.org/repos/asf/tomcat.git
>>
>>
>> The following commit(s) were added to refs/heads/master by this push:
>>  new 45aeed6  Fix NIO concurrency issue that removes connections from
>> the poller.
>> 45aeed6 is described below
>>
>> commit 45aeed655771308d5185d9dbab8e29a73d87509b
>> Author: Mark Thomas 
>> AuthorDate: Wed Nov 11 20:43:04 2020 +
>>
>> Fix NIO concurrency issue that removes connections from the poller.
>>
>> This is the source of the intermittent WebSocket test failure so this
>> commit also removes the associated debug code for that issue.
>>
> 
> Great fix. I never expected this one ...

Thanks. It took me long enough to find it.

It only occurred every 1 in ~15 test runs. When a full test run takes
~8.5 mins it is a slow process. I was trying to narrow down the set of
tests that triggered it but it was hard to determine if the failure was
still being triggered. After about a day of getting nowhere I decided to
start from the other end and ran the single test in a loop until it
failed. That meant I could reproduce the failure in less than a minute.
Things moved a lot faster from that point.

Once I could reproduce the issue, it was just a case of adding debug
statements to track down the root cause. Some of those statements
altered the timing enough to prevent the failure but even that helped as
it meant the issue was occurring after that point.

The root cause surprised me as well. I'd suspected some sort of issue
along these lines and had been looking at the source code during the
longer test runs. Knowing NioChannel instances were being re-used I'd
explicitly looked for places were this sort of mix-up could happen and
completely failed to find this one.

It will be interesting to see if any other intermittent issues disappear
suggesting they had the same root cause.

Mark

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

38 matches

Mail list logo