buildbot failure in on tomcat-trunk
The Buildbot has detected a new failure on builder tomcat-trunk while building tomcat. Full details are available at: https://ci.apache.org/builders/tomcat-trunk/builds/5713 Buildbot URL: https://ci.apache.org/ Buildslave for this Build: asf946_ubuntu Build Reason: The AnyBranchScheduler scheduler named 'on-tomcat-commit' triggered this build Build Source Stamp: [branch master] 5138997fa3fb8fff4938adef55a2c15c2d3ed821 Blamelist: Mark Thomas BUILD FAILED: failed compile_1 Sincerely, -The Buildbot - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[GitHub] [tomcat] markt-asf commented on pull request #398: Ensure StandardContext#postWorkDirectory is protected
markt-asf commented on pull request #398: URL: https://github.com/apache/tomcat/pull/398#issuecomment-789977461 Applied manually so I could add a changelog entry This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[GitHub] [tomcat] markt-asf closed pull request #398: Ensure StandardContext#postWorkDirectory is protected
markt-asf closed pull request #398: URL: https://github.com/apache/tomcat/pull/398 This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 8.5.x updated: Make the StandardContext.postWorkDirectory() protected
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch 8.5.x in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/8.5.x by this push: new c4cc16d Make the StandardContext.postWorkDirectory() protected c4cc16d is described below commit c4cc16d8d99d278e14a229c20d31d01dfa8ec995 Author: Mark Thomas AuthorDate: Wed Mar 3 18:55:27 2021 + Make the StandardContext.postWorkDirectory() protected To help users wishing to customise the default work directory behaviour --- java/org/apache/catalina/core/StandardContext.java | 2 +- webapps/docs/changelog.xml | 5 + 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/java/org/apache/catalina/core/StandardContext.java b/java/org/apache/catalina/core/StandardContext.java index b3673ec..c213797 100644 --- a/java/org/apache/catalina/core/StandardContext.java +++ b/java/org/apache/catalina/core/StandardContext.java @@ -6036,7 +6036,7 @@ public class StandardContext extends ContainerBase /** * Set the appropriate context attribute for our work directory. */ -private void postWorkDirectory() { +protected void postWorkDirectory() { // Acquire (or calculate) the work directory path String workDir = getWorkDir(); diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml index 880dad9..47f4a7d 100644 --- a/webapps/docs/changelog.xml +++ b/webapps/docs/changelog.xml @@ -128,6 +128,11 @@ setLocale() with the recent clarification from the Jakarta Servlet project of the expected behaviour in these cases. (markt) + +Make the StandardContext.postWorkDirectory() protected +rather than private to help users wishing to customise the default +work directory behaviour. (markt) + - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 9.0.x updated: Make the StandardContext.postWorkDirectory() protected
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch 9.0.x in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/9.0.x by this push: new c1dda4a Make the StandardContext.postWorkDirectory() protected c1dda4a is described below commit c1dda4a08b54a7efb3dbc758c64c7a734cbffea1 Author: Mark Thomas AuthorDate: Wed Mar 3 18:55:27 2021 + Make the StandardContext.postWorkDirectory() protected To help users wishing to customise the default work directory behaviour --- java/org/apache/catalina/core/StandardContext.java | 2 +- webapps/docs/changelog.xml | 5 + 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/java/org/apache/catalina/core/StandardContext.java b/java/org/apache/catalina/core/StandardContext.java index 058664c..5518690 100644 --- a/java/org/apache/catalina/core/StandardContext.java +++ b/java/org/apache/catalina/core/StandardContext.java @@ -6054,7 +6054,7 @@ public class StandardContext extends ContainerBase /** * Set the appropriate context attribute for our work directory. */ -private void postWorkDirectory() { +protected void postWorkDirectory() { // Acquire (or calculate) the work directory path String workDir = getWorkDir(); diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml index e81fef9..c2cb87b 100644 --- a/webapps/docs/changelog.xml +++ b/webapps/docs/changelog.xml @@ -142,6 +142,11 @@ Correct syntax error in output of JsonErrorReportValve. Pull request provided by Viraj Kanwade. (markt) + +Make the StandardContext.postWorkDirectory() protected +rather than private to help users wishing to customise the default +work directory behaviour. (markt) + - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch master updated (56c95a8 -> 5138997)
This is an automated email from the ASF dual-hosted git repository. markt pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/tomcat.git. from 56c95a8 Correct syntax error in output of JsonErrorReportValve add 5138997 Make the StandardContext.postWorkDirectory() protected No new revisions were added by this update. Summary of changes: java/org/apache/catalina/core/StandardContext.java | 2 +- webapps/docs/changelog.xml | 5 + 2 files changed, 6 insertions(+), 1 deletion(-) - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[GitHub] [tomcat] markt-asf closed pull request #407: JsonErrorReportValve - fix json format typo
markt-asf closed pull request #407: URL: https://github.com/apache/tomcat/pull/407 This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[GitHub] [tomcat] markt-asf commented on pull request #407: JsonErrorReportValve - fix json format typo
markt-asf commented on pull request #407: URL: https://github.com/apache/tomcat/pull/407#issuecomment-789971464 Merged manually so I could add a change-log entry. Thanks for the PRs. This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[GitHub] [tomcat] markt-asf commented on pull request #408: JsonErrorReportValve - fix json typo
markt-asf commented on pull request #408: URL: https://github.com/apache/tomcat/pull/408#issuecomment-789971296 Merged manually so I could add a change-log entry. This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[GitHub] [tomcat] markt-asf closed pull request #408: JsonErrorReportValve - fix json typo
markt-asf closed pull request #408: URL: https://github.com/apache/tomcat/pull/408 This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 9.0.x updated: Correct syntax error in output of JsonErrorReportValve
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch 9.0.x in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/9.0.x by this push: new 5d50748 Correct syntax error in output of JsonErrorReportValve 5d50748 is described below commit 5d507489a48d6ad03e7d138ef1ffd522136234d4 Author: Mark Thomas AuthorDate: Wed Mar 3 18:45:06 2021 + Correct syntax error in output of JsonErrorReportValve Pull request provided by Viraj Kanwade --- java/org/apache/catalina/valves/JsonErrorReportValve.java | 2 +- webapps/docs/changelog.xml| 4 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/java/org/apache/catalina/valves/JsonErrorReportValve.java b/java/org/apache/catalina/valves/JsonErrorReportValve.java index bde4c57..8ba4acb 100644 --- a/java/org/apache/catalina/valves/JsonErrorReportValve.java +++ b/java/org/apache/catalina/valves/JsonErrorReportValve.java @@ -83,7 +83,7 @@ public class JsonErrorReportValve extends ErrorReportValve { } String jsonReport = "{\n" + " \"type\": \"" + type + "\",\n" + -" \"message\": \"" + message + "\"\n" + +" \"message\": \"" + message + "\",\n" + " \"description\": \"" + description + "\"\n" + "}"; try { diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml index ef767c8..e81fef9 100644 --- a/webapps/docs/changelog.xml +++ b/webapps/docs/changelog.xml @@ -138,6 +138,10 @@ WriteListener.onWritePossible() and ReadListener.onDataAvailable(). (markt) + +Correct syntax error in output of JsonErrorReportValve. +Pull request provided by Viraj Kanwade. (markt) + - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch master updated: Correct syntax error in output of JsonErrorReportValve
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/master by this push: new 56c95a8 Correct syntax error in output of JsonErrorReportValve 56c95a8 is described below commit 56c95a84280f54455fac4bf59c85446fc0e20ee9 Author: Mark Thomas AuthorDate: Wed Mar 3 18:45:06 2021 + Correct syntax error in output of JsonErrorReportValve Pull request provided by Viraj Kanwade --- java/org/apache/catalina/valves/JsonErrorReportValve.java | 2 +- webapps/docs/changelog.xml| 4 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/java/org/apache/catalina/valves/JsonErrorReportValve.java b/java/org/apache/catalina/valves/JsonErrorReportValve.java index bde4c57..8ba4acb 100644 --- a/java/org/apache/catalina/valves/JsonErrorReportValve.java +++ b/java/org/apache/catalina/valves/JsonErrorReportValve.java @@ -83,7 +83,7 @@ public class JsonErrorReportValve extends ErrorReportValve { } String jsonReport = "{\n" + " \"type\": \"" + type + "\",\n" + -" \"message\": \"" + message + "\"\n" + +" \"message\": \"" + message + "\",\n" + " \"description\": \"" + description + "\"\n" + "}"; try { diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml index 826b326..1f37421 100644 --- a/webapps/docs/changelog.xml +++ b/webapps/docs/changelog.xml @@ -152,6 +152,10 @@ WriteListener.onWritePossible() and ReadListener.onDataAvailable(). (markt) + +Correct syntax error in output of JsonErrorReportValve. +Pull request provided by Viraj Kanwade. (markt) + - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 8.5.x updated: Improve handling of I/O errors during non-blocking writes
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch 8.5.x in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/8.5.x by this push: new 582ff39 Improve handling of I/O errors during non-blocking writes 582ff39 is described below commit 582ff396768c911ddacc35bc7b5bdaad537d8fea Author: Mark Thomas AuthorDate: Wed Mar 3 15:12:51 2021 + Improve handling of I/O errors during non-blocking writes --- .../apache/catalina/connector/CoyoteAdapter.java | 9 +++-- .../catalina/nonblocking/TestNonBlockingAPI.java | 42 ++ webapps/docs/changelog.xml | 5 +++ 3 files changed, 45 insertions(+), 11 deletions(-) diff --git a/java/org/apache/catalina/connector/CoyoteAdapter.java b/java/org/apache/catalina/connector/CoyoteAdapter.java index 1c4d694..9d06af9 100644 --- a/java/org/apache/catalina/connector/CoyoteAdapter.java +++ b/java/org/apache/catalina/connector/CoyoteAdapter.java @@ -169,12 +169,11 @@ public class CoyoteAdapter implements Adapter { if (res.getWriteListener() != null) { res.getWriteListener().onError(t); } +res.action(ActionCode.CLOSE_NOW, t); +asyncConImpl.setErrorState(t, true); } finally { context.unbind(false, oldCL); } -if (t != null) { -asyncConImpl.setErrorState(t, true); -} } // Check to see if non-blocking writes or reads are being used @@ -202,8 +201,8 @@ public class CoyoteAdapter implements Adapter { // Therefore no need to set success=false as that would trigger a // second call to AbstractProcessor.setErrorState() // https://bz.apache.org/bugzilla/show_bug.cgi?id=65001 -res.action(ActionCode.CLOSE_NOW, t); writeListener.onError(t); +res.action(ActionCode.CLOSE_NOW, t); asyncConImpl.setErrorState(t, true); } finally { context.unbind(false, oldCL); @@ -235,8 +234,8 @@ public class CoyoteAdapter implements Adapter { // Therefore no need to set success=false as that would trigger a // second call to AbstractProcessor.setErrorState() // https://bz.apache.org/bugzilla/show_bug.cgi?id=65001 -res.action(ActionCode.CLOSE_NOW, t); readListener.onError(t); +res.action(ActionCode.CLOSE_NOW, t); asyncConImpl.setErrorState(t, true); } finally { context.unbind(false, oldCL); diff --git a/test/org/apache/catalina/nonblocking/TestNonBlockingAPI.java b/test/org/apache/catalina/nonblocking/TestNonBlockingAPI.java index cd8321e..6217083 100644 --- a/test/org/apache/catalina/nonblocking/TestNonBlockingAPI.java +++ b/test/org/apache/catalina/nonblocking/TestNonBlockingAPI.java @@ -153,11 +153,13 @@ public class TestNonBlockingAPI extends TomcatBaseTest { } private void testNonBlockingWriteInternal(boolean keepAlive) throws Exception { +AtomicBoolean asyncContextIsComplete = new AtomicBoolean(false); + Tomcat tomcat = getTomcatInstance(); // No file system docBase required Context ctx = tomcat.addContext("", null); -NBWriteServlet servlet = new NBWriteServlet(); +NBWriteServlet servlet = new NBWriteServlet(asyncContextIsComplete); String servletName = NBWriteServlet.class.getName(); Tomcat.addServlet(ctx, servletName, servlet); ctx.addServletMappingDecoded("/", servletName); @@ -313,11 +315,25 @@ public class TestNonBlockingAPI extends TomcatBaseTest { } Assert.assertEquals(WRITE_SIZE, totalBodyRead); +Assert.assertTrue("AsyncContext should have been completed.", asyncContextIsComplete.get()); } @Test -public void testNonBlockingWriteError01() throws Exception { +public void testNonBlockingWriteError01ListenerComplete() throws Exception { +doTestNonBlockingWriteError01NoListenerComplete(true); +} + + +@Test +public void testNonBlockingWriteError01NoListenerComplete() throws Exception { +doTestNonBlockingWriteError01NoListenerComplete(false); +} + + +private void doTestNonBlockingWriteError01NoListenerComplete(boolean listenerCompletesOnError) throws Exception { +AtomicBoolean asyncContextIsComplete = new AtomicBoolean(false); + Tomcat tomcat = getTomcatInstance(); // No file system docBase required @@ -329,7 +345,7 @@ public class TestNonBlockingAPI extends
[tomcat] branch 9.0.x updated (ca5d265 -> f3ab4f8)
This is an automated email from the ASF dual-hosted git repository. markt pushed a change to branch 9.0.x in repository https://gitbox.apache.org/repos/asf/tomcat.git. from ca5d265 Fix typos add f3ab4f8 Improve handling of I/O errors during non-blocking writes No new revisions were added by this update. Summary of changes: .../apache/catalina/connector/CoyoteAdapter.java | 9 +++-- .../catalina/nonblocking/TestNonBlockingAPI.java | 42 ++ webapps/docs/changelog.xml | 5 +++ 3 files changed, 45 insertions(+), 11 deletions(-) - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch master updated: Improve handling of I/O errors during non-blocking writes
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/master by this push: new 68991aa Improve handling of I/O errors during non-blocking writes 68991aa is described below commit 68991aac79a497dff9882efe3082d099ec79d222 Author: Mark Thomas AuthorDate: Wed Mar 3 15:12:51 2021 + Improve handling of I/O errors during non-blocking writes --- .../apache/catalina/connector/CoyoteAdapter.java | 9 +++-- .../catalina/nonblocking/TestNonBlockingAPI.java | 42 ++ webapps/docs/changelog.xml | 5 +++ 3 files changed, 45 insertions(+), 11 deletions(-) diff --git a/java/org/apache/catalina/connector/CoyoteAdapter.java b/java/org/apache/catalina/connector/CoyoteAdapter.java index 8af8cd6..b39f07b 100644 --- a/java/org/apache/catalina/connector/CoyoteAdapter.java +++ b/java/org/apache/catalina/connector/CoyoteAdapter.java @@ -158,12 +158,11 @@ public class CoyoteAdapter implements Adapter { if (res.getWriteListener() != null) { res.getWriteListener().onError(t); } +res.action(ActionCode.CLOSE_NOW, t); +asyncConImpl.setErrorState(t, true); } finally { context.unbind(false, oldCL); } -if (t != null) { -asyncConImpl.setErrorState(t, true); -} } // Check to see if non-blocking writes or reads are being used @@ -191,8 +190,8 @@ public class CoyoteAdapter implements Adapter { // Therefore no need to set success=false as that would trigger a // second call to AbstractProcessor.setErrorState() // https://bz.apache.org/bugzilla/show_bug.cgi?id=65001 -res.action(ActionCode.CLOSE_NOW, t); writeListener.onError(t); +res.action(ActionCode.CLOSE_NOW, t); asyncConImpl.setErrorState(t, true); } finally { context.unbind(false, oldCL); @@ -224,8 +223,8 @@ public class CoyoteAdapter implements Adapter { // Therefore no need to set success=false as that would trigger a // second call to AbstractProcessor.setErrorState() // https://bz.apache.org/bugzilla/show_bug.cgi?id=65001 -res.action(ActionCode.CLOSE_NOW, t); readListener.onError(t); +res.action(ActionCode.CLOSE_NOW, t); asyncConImpl.setErrorState(t, true); } finally { context.unbind(false, oldCL); diff --git a/test/org/apache/catalina/nonblocking/TestNonBlockingAPI.java b/test/org/apache/catalina/nonblocking/TestNonBlockingAPI.java index 97c6a22..738b2aa 100644 --- a/test/org/apache/catalina/nonblocking/TestNonBlockingAPI.java +++ b/test/org/apache/catalina/nonblocking/TestNonBlockingAPI.java @@ -154,11 +154,13 @@ public class TestNonBlockingAPI extends TomcatBaseTest { } private void testNonBlockingWriteInternal(boolean keepAlive) throws Exception { +AtomicBoolean asyncContextIsComplete = new AtomicBoolean(false); + Tomcat tomcat = getTomcatInstance(); // No file system docBase required Context ctx = tomcat.addContext("", null); -NBWriteServlet servlet = new NBWriteServlet(); +NBWriteServlet servlet = new NBWriteServlet(asyncContextIsComplete); String servletName = NBWriteServlet.class.getName(); Tomcat.addServlet(ctx, servletName, servlet); ctx.addServletMappingDecoded("/", servletName); @@ -314,11 +316,25 @@ public class TestNonBlockingAPI extends TomcatBaseTest { } Assert.assertEquals(WRITE_SIZE, totalBodyRead); +Assert.assertTrue("AsyncContext should have been completed.", asyncContextIsComplete.get()); } @Test -public void testNonBlockingWriteError01() throws Exception { +public void testNonBlockingWriteError01ListenerComplete() throws Exception { +doTestNonBlockingWriteError01NoListenerComplete(true); +} + + +@Test +public void testNonBlockingWriteError01NoListenerComplete() throws Exception { +doTestNonBlockingWriteError01NoListenerComplete(false); +} + + +private void doTestNonBlockingWriteError01NoListenerComplete(boolean listenerCompletesOnError) throws Exception { +AtomicBoolean asyncContextIsComplete = new AtomicBoolean(false); + Tomcat tomcat = getTomcatInstance(); // No file system docBase required @@ -330,7 +346,7 @@ public class TestNonBlockingAPI extends
[tomcat] branch 7.0.x updated: Fix typos
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch 7.0.x in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/7.0.x by this push: new 4e9acc1 Fix typos 4e9acc1 is described below commit 4e9acc127b9b215dfd92db0167b6b5af6f8e254b Author: Mark Thomas AuthorDate: Wed Mar 3 12:03:28 2021 + Fix typos --- webapps/docs/security-howto.xml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/webapps/docs/security-howto.xml b/webapps/docs/security-howto.xml index 29b96aa..e50b304 100644 --- a/webapps/docs/security-howto.xml +++ b/webapps/docs/security-howto.xml @@ -455,10 +455,10 @@ when the session is persisted during a restart or to a Store. When using the JDBCStore, the session store should be - secured (dedciated credentials, appropriate permissions) such that only + secured (dedicated credentials, appropriate permissions) such that only the JDBCStore is able to access the persisted session - data. In particular, the JDBCStore should be accessible - via any credentials available to a web application. + data. In particular, the JDBCStore should not be + accessible via any credentials available to a web application. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 8.5.x updated: Fix typos
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch 8.5.x in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/8.5.x by this push: new 7dc1857 Fix typos 7dc1857 is described below commit 7dc18575d7b6e78f8de9d127fa64dfcdb877c8d9 Author: Mark Thomas AuthorDate: Wed Mar 3 12:03:28 2021 + Fix typos --- webapps/docs/security-howto.xml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/webapps/docs/security-howto.xml b/webapps/docs/security-howto.xml index e6caca1..8d429a8 100644 --- a/webapps/docs/security-howto.xml +++ b/webapps/docs/security-howto.xml @@ -458,10 +458,10 @@ when the session is persisted during a restart or to a Store. When using the JDBCStore, the session store should be - secured (dedciated credentials, appropriate permissions) such that only + secured (dedicated credentials, appropriate permissions) such that only the JDBCStore is able to access the persisted session - data. In particular, the JDBCStore should be accessible - via any credentials available to a web application. + data. In particular, the JDBCStore should not be + accessible via any credentials available to a web application. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 9.0.x updated (d4b340f -> ca5d265)
This is an automated email from the ASF dual-hosted git repository. markt pushed a change to branch 9.0.x in repository https://gitbox.apache.org/repos/asf/tomcat.git. from d4b340f Improve robustness add ca5d265 Fix typos No new revisions were added by this update. Summary of changes: webapps/docs/security-howto.xml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch master updated: Fix typos
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/master by this push: new 4cb12b1 Fix typos 4cb12b1 is described below commit 4cb12b194b07d0dad978c13f47e0a838421ff520 Author: Mark Thomas AuthorDate: Wed Mar 3 12:03:28 2021 + Fix typos --- webapps/docs/security-howto.xml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/webapps/docs/security-howto.xml b/webapps/docs/security-howto.xml index b986dc7..197cbe9 100644 --- a/webapps/docs/security-howto.xml +++ b/webapps/docs/security-howto.xml @@ -466,10 +466,10 @@ when the session is persisted during a restart or to a Store. When using the JDBCStore, the session store should be - secured (dedciated credentials, appropriate permissions) such that only + secured (dedicated credentials, appropriate permissions) such that only the JDBCStore is able to access the persisted session - data. In particular, the JDBCStore should be accessible - via any credentials available to a web application. + data. In particular, the JDBCStore should not be + accessible via any credentials available to a web application. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 8.5.x updated: Improve robustness
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch 8.5.x in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/8.5.x by this push: new b90d4fc Improve robustness b90d4fc is described below commit b90d4fc1ff44f30e4b3aba622ba6677e3f003822 Author: Mark Thomas AuthorDate: Wed Mar 3 12:00:46 2021 + Improve robustness --- java/org/apache/tomcat/util/net/openssl/LocalStrings.properties | 1 + java/org/apache/tomcat/util/net/openssl/OpenSSLEngine.java | 6 -- webapps/docs/changelog.xml | 4 3 files changed, 9 insertions(+), 2 deletions(-) diff --git a/java/org/apache/tomcat/util/net/openssl/LocalStrings.properties b/java/org/apache/tomcat/util/net/openssl/LocalStrings.properties index 84990f3..34ec880 100644 --- a/java/org/apache/tomcat/util/net/openssl/LocalStrings.properties +++ b/java/org/apache/tomcat/util/net/openssl/LocalStrings.properties @@ -17,6 +17,7 @@ engine.ciphersFailure=Failed getting cipher list engine.emptyCipherSuite=Empty cipher suite engine.engineClosed=Engine is closed engine.failedCipherSuite=Failed to enable cipher suite [{0}] +engine.failedToReadAvailableBytes=There are plain text bytes available to read but no bytes were read engine.inboundClose=Inbound closed before receiving peer's close_notify engine.invalidBufferArray=offset: [{0}], length: [{1}] (expected: offset <= offset + length <= srcs.length [{2}]) engine.invalidDestinationBuffersState=The state of the destination buffers changed concurrently while unwrapping bytes diff --git a/java/org/apache/tomcat/util/net/openssl/OpenSSLEngine.java b/java/org/apache/tomcat/util/net/openssl/OpenSSLEngine.java index 59c1d5f..4700c2a 100644 --- a/java/org/apache/tomcat/util/net/openssl/OpenSSLEngine.java +++ b/java/org/apache/tomcat/util/net/openssl/OpenSSLEngine.java @@ -591,8 +591,10 @@ public final class OpenSSLEngine extends SSLEngine implements SSLUtil.ProtocolIn throw new SSLException(e); } -if (bytesRead == 0) { -break; +if (bytesRead <= 0) { +// This should not be possible. pendingApp is positive +// therefore the read should have read at least one byte. +throw new IllegalStateException(sm.getString("engine.failedToReadAvailableBytes")); } bytesProduced += bytesRead; diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml index eca9372..eeca5be 100644 --- a/webapps/docs/changelog.xml +++ b/webapps/docs/changelog.xml @@ -159,6 +159,10 @@ fully cleared, as there could be more than one error present after an operation (confirmed in the OpenSSL API documentation). (remm) + +Make handling of OpenSSL read errors more robust when plain text data is +reported to be available to read. (markt) + - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 9.0.x updated: Improve robustness
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch 9.0.x in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/9.0.x by this push: new d4b340f Improve robustness d4b340f is described below commit d4b340fa8feaf55831f9a59350578f7b6ca048b8 Author: Mark Thomas AuthorDate: Wed Mar 3 12:00:46 2021 + Improve robustness --- java/org/apache/tomcat/util/net/openssl/LocalStrings.properties | 1 + java/org/apache/tomcat/util/net/openssl/OpenSSLEngine.java | 6 -- webapps/docs/changelog.xml | 4 3 files changed, 9 insertions(+), 2 deletions(-) diff --git a/java/org/apache/tomcat/util/net/openssl/LocalStrings.properties b/java/org/apache/tomcat/util/net/openssl/LocalStrings.properties index 84990f3..34ec880 100644 --- a/java/org/apache/tomcat/util/net/openssl/LocalStrings.properties +++ b/java/org/apache/tomcat/util/net/openssl/LocalStrings.properties @@ -17,6 +17,7 @@ engine.ciphersFailure=Failed getting cipher list engine.emptyCipherSuite=Empty cipher suite engine.engineClosed=Engine is closed engine.failedCipherSuite=Failed to enable cipher suite [{0}] +engine.failedToReadAvailableBytes=There are plain text bytes available to read but no bytes were read engine.inboundClose=Inbound closed before receiving peer's close_notify engine.invalidBufferArray=offset: [{0}], length: [{1}] (expected: offset <= offset + length <= srcs.length [{2}]) engine.invalidDestinationBuffersState=The state of the destination buffers changed concurrently while unwrapping bytes diff --git a/java/org/apache/tomcat/util/net/openssl/OpenSSLEngine.java b/java/org/apache/tomcat/util/net/openssl/OpenSSLEngine.java index 59c1d5f..4700c2a 100644 --- a/java/org/apache/tomcat/util/net/openssl/OpenSSLEngine.java +++ b/java/org/apache/tomcat/util/net/openssl/OpenSSLEngine.java @@ -591,8 +591,10 @@ public final class OpenSSLEngine extends SSLEngine implements SSLUtil.ProtocolIn throw new SSLException(e); } -if (bytesRead == 0) { -break; +if (bytesRead <= 0) { +// This should not be possible. pendingApp is positive +// therefore the read should have read at least one byte. +throw new IllegalStateException(sm.getString("engine.failedToReadAvailableBytes")); } bytesProduced += bytesRead; diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml index d4f756f..0ad4971 100644 --- a/webapps/docs/changelog.xml +++ b/webapps/docs/changelog.xml @@ -166,6 +166,10 @@ fully cleared, as there could be more than one error present after an operation (confirmed in the OpenSSL API documentation). (remm) + +Make handling of OpenSSL read errors more robust when plain text data is +reported to be available to read. (markt) + - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch master updated: Improve robustness
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/master by this push: new 34115fb Improve robustness 34115fb is described below commit 34115fb3c83f6cd97772232316a492a4cc5729e0 Author: Mark Thomas AuthorDate: Wed Mar 3 12:00:46 2021 + Improve robustness --- java/org/apache/tomcat/util/net/openssl/LocalStrings.properties | 1 + java/org/apache/tomcat/util/net/openssl/OpenSSLEngine.java | 6 -- webapps/docs/changelog.xml | 4 3 files changed, 9 insertions(+), 2 deletions(-) diff --git a/java/org/apache/tomcat/util/net/openssl/LocalStrings.properties b/java/org/apache/tomcat/util/net/openssl/LocalStrings.properties index 84990f3..34ec880 100644 --- a/java/org/apache/tomcat/util/net/openssl/LocalStrings.properties +++ b/java/org/apache/tomcat/util/net/openssl/LocalStrings.properties @@ -17,6 +17,7 @@ engine.ciphersFailure=Failed getting cipher list engine.emptyCipherSuite=Empty cipher suite engine.engineClosed=Engine is closed engine.failedCipherSuite=Failed to enable cipher suite [{0}] +engine.failedToReadAvailableBytes=There are plain text bytes available to read but no bytes were read engine.inboundClose=Inbound closed before receiving peer's close_notify engine.invalidBufferArray=offset: [{0}], length: [{1}] (expected: offset <= offset + length <= srcs.length [{2}]) engine.invalidDestinationBuffersState=The state of the destination buffers changed concurrently while unwrapping bytes diff --git a/java/org/apache/tomcat/util/net/openssl/OpenSSLEngine.java b/java/org/apache/tomcat/util/net/openssl/OpenSSLEngine.java index 59c1d5f..4700c2a 100644 --- a/java/org/apache/tomcat/util/net/openssl/OpenSSLEngine.java +++ b/java/org/apache/tomcat/util/net/openssl/OpenSSLEngine.java @@ -591,8 +591,10 @@ public final class OpenSSLEngine extends SSLEngine implements SSLUtil.ProtocolIn throw new SSLException(e); } -if (bytesRead == 0) { -break; +if (bytesRead <= 0) { +// This should not be possible. pendingApp is positive +// therefore the read should have read at least one byte. +throw new IllegalStateException(sm.getString("engine.failedToReadAvailableBytes")); } bytesProduced += bytesRead; diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml index 64eefbb..370572e 100644 --- a/webapps/docs/changelog.xml +++ b/webapps/docs/changelog.xml @@ -185,6 +185,10 @@ fully cleared, as there could be more than one error present after an operation (confirmed in the OpenSSL API documentation). (remm) + +Make handling of OpenSSL read errors more robust when plain text data is +reported to be available to read. (markt) + - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: Tagging 10.0.x (and 9.0.x, 8.5.x)
On Wed, Mar 3, 2021 at 12:47 PM Mark Thomas wrote: > Hi all, > > It is the beginning of the month so it is release time again. > > I am currently working on a fix for some async error handling bugs > reported via Spring WebFlux: > https://github.com/spring-projects/spring-framework/issues/26434 > > I think I have a fix but I want to try and create a test case first. > > I have a couple of other small things to do so I expect I'll be tagging > some time tomorrow unless the new tests uncover additional issues. > +1 Rémy > > Mark > > - > To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org > For additional commands, e-mail: dev-h...@tomcat.apache.org > >
Tagging 10.0.x (and 9.0.x, 8.5.x)
Hi all, It is the beginning of the month so it is release time again. I am currently working on a fix for some async error handling bugs reported via Spring WebFlux: https://github.com/spring-projects/spring-framework/issues/26434 I think I have a fix but I want to try and create a test case first. I have a couple of other small things to do so I expect I'll be tagging some time tomorrow unless the new tests uncover additional issues. Mark - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: [tomcat] branch master updated: Add a note on securing the JDBC store
On 03/03/2021 09:15, Konstantin Kolinko wrote: ср, 3 мар. 2021 г. в 00:59, : This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/master by this push: new 63300af Add a note on securing the JDBC store 63300af is described below commit 63300af16bcf90414f51323b82bbcbbc0ebe3a87 Author: Mark Thomas AuthorDate: Tue Mar 2 21:58:23 2021 + Add a note on securing the JDBC store --- webapps/docs/security-howto.xml | 6 ++ 1 file changed, 6 insertions(+) diff --git a/webapps/docs/security-howto.xml b/webapps/docs/security-howto.xml index 34c62da..b986dc7 100644 --- a/webapps/docs/security-howto.xml +++ b/webapps/docs/security-howto.xml @@ -464,6 +464,12 @@ The persistAuthentication controls whether the authenticated Principal associated with the session (if any) is included when the session is persisted during a restart or to a Store. + + When using the JDBCStore, the session store should be + secured (dedciated credentials, appropriate permissions) such that only + the JDBCStore is able to access the persisted session + data. In particular, the JDBCStore should be accessible + via any credentials available to a web application. I think that you meant to use "should not" in the last sentence. Whoops :) Also s/dedciated /dedicated/ Thanks. I'll get those fixed. Mark - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: [tomcat] branch master updated: Add a note on securing the JDBC store
ср, 3 мар. 2021 г. в 00:59, : > > This is an automated email from the ASF dual-hosted git repository. > > markt pushed a commit to branch master > in repository https://gitbox.apache.org/repos/asf/tomcat.git > > > The following commit(s) were added to refs/heads/master by this push: > new 63300af Add a note on securing the JDBC store > 63300af is described below > > commit 63300af16bcf90414f51323b82bbcbbc0ebe3a87 > Author: Mark Thomas > AuthorDate: Tue Mar 2 21:58:23 2021 + > > Add a note on securing the JDBC store > --- > webapps/docs/security-howto.xml | 6 ++ > 1 file changed, 6 insertions(+) > > diff --git a/webapps/docs/security-howto.xml b/webapps/docs/security-howto.xml > index 34c62da..b986dc7 100644 > --- a/webapps/docs/security-howto.xml > +++ b/webapps/docs/security-howto.xml > @@ -464,6 +464,12 @@ >The persistAuthentication controls whether the >authenticated Principal associated with the session (if any) is > included >when the session is persisted during a restart or to a Store. > + > + When using the JDBCStore, the session store should > be > + secured (dedciated credentials, appropriate permissions) such that only > + the JDBCStore is able to access the persisted session > + data. In particular, the JDBCStore should be > accessible > + via any credentials available to a web application. I think that you meant to use "should not" in the last sentence. Also s/dedciated /dedicated/ > > > > > > - > To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org > For additional commands, e-mail: dev-h...@tomcat.apache.org > - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org