[tomcat] branch 10.1.x updated: Update migration tool for Jakarta EE library for IDE configs
This is an automated email from the ASF dual-hosted git repository.
lihan pushed a commit to branch 10.1.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/10.1.x by this push:
new db9512d5f2 Update migration tool for Jakarta EE library for IDE configs
db9512d5f2 is described below
commit db9512d5f26b31ce64a9cc59ef9202b20b8b65f2
Author: lihan
AuthorDate: Wed Nov 9 09:52:29 2022 +0800
Update migration tool for Jakarta EE library for IDE configs
---
res/ide-support/eclipse/eclipse.classpath | 2 +-
res/ide-support/idea/tomcat.iml | 2 +-
res/ide-support/netbeans/project.xml | 2 +-
3 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/res/ide-support/eclipse/eclipse.classpath
b/res/ide-support/eclipse/eclipse.classpath
index b01f2e46a4..8aa90b04ac 100644
--- a/res/ide-support/eclipse/eclipse.classpath
+++ b/res/ide-support/eclipse/eclipse.classpath
@@ -30,7 +30,7 @@
-
+
diff --git a/res/ide-support/idea/tomcat.iml b/res/ide-support/idea/tomcat.iml
index af3b5ced15..66d7584593 100644
--- a/res/ide-support/idea/tomcat.iml
+++ b/res/ide-support/idea/tomcat.iml
@@ -122,7 +122,7 @@
-
+
diff --git a/res/ide-support/netbeans/project.xml
b/res/ide-support/netbeans/project.xml
index 92af4b3fb0..15f592ed9e 100644
--- a/res/ide-support/netbeans/project.xml
+++ b/res/ide-support/netbeans/project.xml
@@ -178,7 +178,7 @@
-->
java
-${base.path}/jaxrpc-1.1-rc4/geronimo-spec-jaxrpc-1.1-rc4.jar:${base.path}/wsdl4j-1.6.3/wsdl4j-1.6.3.jar:${base.path}/ecj-4.25/ecj-4.25.jar:${base.path}/bnd-6.3.1/biz.aQute.bnd-6.3.1.jar:${base.path}/migration-1.0.4/jakartaee-migration-1.0.4-shaded.jar:${ant.includes}/
+${base.path}/jaxrpc-1.1-rc4/geronimo-spec-jaxrpc-1.1-rc4.jar:${base.path}/wsdl4j-1.6.3/wsdl4j-1.6.3.jar:${base.path}/ecj-4.25/ecj-4.25.jar:${base.path}/bnd-6.3.1/biz.aQute.bnd-6.3.1.jar:${base.path}/migration-1.0.5/jakartaee-migration-1.0.5-shaded.jar:${ant.includes}/
1.7
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch main updated: Update migration tool for Jakarta EE library for IDE configs
This is an automated email from the ASF dual-hosted git repository.
lihan pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/main by this push:
new 722356932f Update migration tool for Jakarta EE library for IDE configs
722356932f is described below
commit 722356932f063705ee995e79e99e4572f6c765a9
Author: lihan
AuthorDate: Wed Nov 9 09:52:29 2022 +0800
Update migration tool for Jakarta EE library for IDE configs
---
res/ide-support/eclipse/eclipse.classpath | 2 +-
res/ide-support/idea/tomcat.iml | 2 +-
res/ide-support/netbeans/project.xml | 2 +-
3 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/res/ide-support/eclipse/eclipse.classpath
b/res/ide-support/eclipse/eclipse.classpath
index b01f2e46a4..8aa90b04ac 100644
--- a/res/ide-support/eclipse/eclipse.classpath
+++ b/res/ide-support/eclipse/eclipse.classpath
@@ -30,7 +30,7 @@
-
+
diff --git a/res/ide-support/idea/tomcat.iml b/res/ide-support/idea/tomcat.iml
index af3b5ced15..66d7584593 100644
--- a/res/ide-support/idea/tomcat.iml
+++ b/res/ide-support/idea/tomcat.iml
@@ -122,7 +122,7 @@
-
+
diff --git a/res/ide-support/netbeans/project.xml
b/res/ide-support/netbeans/project.xml
index 92af4b3fb0..15f592ed9e 100644
--- a/res/ide-support/netbeans/project.xml
+++ b/res/ide-support/netbeans/project.xml
@@ -178,7 +178,7 @@
-->
java
-${base.path}/jaxrpc-1.1-rc4/geronimo-spec-jaxrpc-1.1-rc4.jar:${base.path}/wsdl4j-1.6.3/wsdl4j-1.6.3.jar:${base.path}/ecj-4.25/ecj-4.25.jar:${base.path}/bnd-6.3.1/biz.aQute.bnd-6.3.1.jar:${base.path}/migration-1.0.4/jakartaee-migration-1.0.4-shaded.jar:${ant.includes}/
+${base.path}/jaxrpc-1.1-rc4/geronimo-spec-jaxrpc-1.1-rc4.jar:${base.path}/wsdl4j-1.6.3/wsdl4j-1.6.3.jar:${base.path}/ecj-4.25/ecj-4.25.jar:${base.path}/bnd-6.3.1/biz.aQute.bnd-6.3.1.jar:${base.path}/migration-1.0.5/jakartaee-migration-1.0.5-shaded.jar:${ant.includes}/
1.7
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: [tomcat] branch main updated: Fix BZ 66294. Make use of privileged block optional. Performance hotspot
Mark,
On 11/8/22 12:41, Mark Thomas wrote:
On 08/11/2022 16:52, Christopher Schultz wrote:
Mark,
Wouldn't it be "safer" to have this doPrivileged be an "opt-out"
permission rather than an "opt-in" permission?
Good question.
Nobody is going to know that they need to enable this options in order
to get "proper protection".
Until they see the exception.
It will be an ugly permission error, and they'll assume their
SecurityManager hasn't been configured properly. If we could throw an
error saying "you should enable this system property if you need to use
Tomcat EL in this way" than it would be nice. But we can't. :/
This change is not exactly backward-compatible. It may break people
who are otherwise happily using the Tomcat EL package by requiring
them to add a system property to get it to work.
I think the doPrivileged should be present /by default/ and the
preference should be opt-out if only to maintain
backward-compatibility. Evidently, only one user on the planet needs
to disable this privilege re-acquisition.
No test case was every provided for BZ 62080. I suspect it was a
theoretical issue rather than one observed in real code.
The performance issue is an issue for everyone using a SecurityManager.
Another factor I considered is that the SecurityManager is deprecated
and support for it is likely to be removed in Jakarta EE 11.
I went for disabled by default because I thought that was the best
solution for the majority - possible all - users.
I think we should mention this in the "Notable Changes" section of the UG.
-chris
On 11/8/22 08:16, ma...@apache.org wrote:
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/main by this push:
new 28ea2b9b2e Fix BZ 66294. Make use of privileged block
optional. Performance hotspot
28ea2b9b2e is described below
commit 28ea2b9b2e781d20e0651cb5e0b65bacd464150c
Author: Mark Thomas
AuthorDate: Tue Nov 8 13:16:32 2022 +
Fix BZ 66294. Make use of privileged block optional. Performance
hotspot
https://bz.apache.org/bugzilla/show_bug.cgi?id=66294
---
java/jakarta/el/Util.java | 5 -
webapps/docs/changelog.xml | 7 +++
webapps/docs/config/systemprops.xml | 9 +
3 files changed, 20 insertions(+), 1 deletion(-)
diff --git a/java/jakarta/el/Util.java b/java/jakarta/el/Util.java
index b0a995c59b..71527d2429 100644
--- a/java/jakarta/el/Util.java
+++ b/java/jakarta/el/Util.java
@@ -43,6 +43,9 @@ class Util {
private static final Class[] EMPTY_CLASS_ARRAY = new
Class[0];
private static final Object[] EMPTY_OBJECT_ARRAY = new Object[0];
+ private static final boolean GET_CLASSLOADER_USE_PRIVILEGED =
+ Boolean.getBoolean("org.apache.el.GET_CLASSLOADER_USE_PRIVILEGED");
+
/**
* Checks whether the supplied Throwable is one that needs to be
* rethrown and swallows all others.
@@ -655,7 +658,7 @@ class Util {
static ClassLoader getContextClassLoader() {
ClassLoader tccl;
- if (System.getSecurityManager() != null) {
+ if (System.getSecurityManager() != null &&
GET_CLASSLOADER_USE_PRIVILEGED) {
PrivilegedAction pa = new
PrivilegedGetTccl();
tccl = AccessController.doPrivileged(pa);
} else {
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 22c06cb070..33800616d7 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -167,6 +167,13 @@
+
+ 66294: Make the use of a privileged block to
obtain the
+ thread context class loader added to address
62080 optional
+ and disabled by default. This is now controlled by the
+ org.apache.el.GET_CLASSLOADER_USE_PRIVILEGED
system
+ property. (markt)
+
66317: Fix for Lambda coercion security manager
missing
privileges. Based on pull request #557 by Isaac Rivera
Rivas (lihan)
diff --git a/webapps/docs/config/systemprops.xml
b/webapps/docs/config/systemprops.xml
index 4225fd2bec..0def5feb97 100644
--- a/webapps/docs/config/systemprops.xml
+++ b/webapps/docs/config/systemprops.xml
@@ -74,6 +74,15 @@
+
+ Controls whether the EL API classes make use of a
privileged block to
+ obtain the thread context class loader. When using the EL API
within
+ Apache Tomcat this does not need to be set as all calls are
already
+ wrapped in a privileged block further up the stack. It may be
required if
+ using the EL API under a SecurityManager outside of Apache
Tomcat.
+ If not specified, the default of false will be
used.
+
+
The number of jakarta.el.BeanELResolver.BeanProperties
objects that will
be cached by the EL Parser.
--
Re: BZ 66294 - optionally disable some SecurityManager checks
Mark, On 11/8/22 12:36, Mark Thomas wrote: On 08/11/2022 16:47, Christopher Schultz wrote: Mark, On 11/7/22 16:53, Mark Thomas wrote: On 07/11/2022 21:08, Christopher Schultz wrote: Mark, On 11/7/22 11:24, Mark Thomas wrote: Hi, BZ 66294 [1] highlights the performance impact in Tomcat of some additional SecurityManager checks that were added to avoid AccessControlException when using the EL API JAR outside of Tomcat. Details of the performance impact are in the bug report. I think we have a few options here. 1. Assume Tomcat 11 will remove the SecurityManager. No nothing for now and advise the reporter to move to Tomcat 11 when available. 2. Do nothing. 3. Disable this check by default and an option (it will have to be a system property) to enable it. 4. Something else. Thoughts? I am currently leaning towards 3 given that the performance impact is noticeable and that the check isn't required in normal usage. I thought we only wrapped stuff in doPrivileged() when a SecurityManager was installed. Re-re-reading the bug report, it's clear that the reporter IS running under SM. If the reporter is running under SM and the code does not fail, doesn't that mean that the check isn't actually providing any benefit? The thread must already be running in a privileged context if making that call does not throw an exception at runtime. Can we just remove it entirely? Maybe I'm missing something... When used in Tomcat that code is always called from within another doPrivileged() call further up the stack and all the stack frames inbetween are for Tomcat provided code so the security checks pass. Hence you can skip this doPrivileged() if running in Tomcat. When used outside of Tomcat (EL is completely stand-alone) that isn't the case and you need to use doPrivileged() to avoid the exceptions. Gotcha. And I suppose it's not really possible to detect if we are already running as a privileged operation? (Similar to how the JVM knows that obtaining a lock a thread already has is very quick.) It might be. But the challenge is detecting if we are running under the right privileged operation. What we really need is "Are we on a Tomcat request processing thread?". In older Tomcat versions we have ContainerThreadMarker but it is unused and I don't really like referring to that - even via reflection - in the API classes. There is precedence but I still don't like it. If there is a neater way of doing this, I'm likely to be all for it as most solutions are likely to be better (in my view) than another system property. ThreadLocal? Or is that too fragile? -chris - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[ANN] Apache Tomcat Migration tool for Jakarta EE 1.0.5
The Apache Tomcat team announces the immediate availability of Apache Tomcat Migration Tool for Jakarta EE 1.0.5 Apache Tomcat Migration Tool for Jakarta EE is an open source software tool for migrating binary web applications (WAR files) and other binary artefacts from Java EE 8 to Jakarta EE 9. The notable changes since 1.0.4 include: - Narrow scope of javax.annotation conversion to Java EE. Pull request by Danny Thomas - Improve manifest handling and conversion performance. Pull request by Danny Thomas. Please refer to the change log for the complete list of changes: https://github.com/apache/tomcat-jakartaee-migration/blob/master/CHANGES.md Downloads: http://tomcat.apache.org/download-migration.cgi Enjoy! - The Apache Tomcat team - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1905165 - in /tomcat/site/trunk: docs/download-migration.html docs/index.html docs/oldnews.html xdocs/download-migration.xml xdocs/index.xml xdocs/oldnews.xml
Author: markt Date: Tue Nov 8 18:46:35 2022 New Revision: 1905165 URL: http://svn.apache.org/viewvc?rev=1905165&view=rev Log: Update site for release of Apache Tomcat Migration Tool for Jakarta EE 1.0.5 Modified: tomcat/site/trunk/docs/download-migration.html tomcat/site/trunk/docs/index.html tomcat/site/trunk/docs/oldnews.html tomcat/site/trunk/xdocs/download-migration.xml tomcat/site/trunk/xdocs/index.xml tomcat/site/trunk/xdocs/oldnews.xml Modified: tomcat/site/trunk/docs/download-migration.html URL: http://svn.apache.org/viewvc/tomcat/site/trunk/docs/download-migration.html?rev=1905165&r1=1905164&r2=1905165&view=diff == --- tomcat/site/trunk/docs/download-migration.html (original) +++ tomcat/site/trunk/docs/download-migration.html Tue Nov 8 18:46:35 2022 @@ -7,7 +7,7 @@ Quick Navigation -[define v]1.0.4[end] +[define v]1.0.5[end] https://downloads.apache.org/tomcat/jakartaee-migration/KEYS";>KEYS | [v] | Browse | Modified: tomcat/site/trunk/docs/index.html URL: http://svn.apache.org/viewvc/tomcat/site/trunk/docs/index.html?rev=1905165&r1=1905164&r2=1905165&view=diff == --- tomcat/site/trunk/docs/index.html (original) +++ tomcat/site/trunk/docs/index.html Tue Nov 8 18:46:35 2022 @@ -34,6 +34,26 @@ wiki page. Apache Tomcat, Tomcat, Apache, the Apache feather, and the Apache Tomcat project logo are trademarks of the Apache Software Foundation. +2022-11-08 Tomcat Migration Tool for Jakarta EE 1.0.5 Released + +The Apache Tomcat Project is proud to announce the release of 1.0.5 of the +Apache Tomcat Migration Tool for Jakarta EE. This release contains a number of +bug fixes and improvements compared to version 1.0.4. +The notable changes in this release are: + +Narrow scope of javax.annotation conversion to Java EE. Pull request by +Danny Thomas +Improve manifest handling and conversion performance. Pull request by Danny +Thomas. + + +Full details of these changes, and all the other changes, are available in the +https://github.com/apache/tomcat-jakartaee-migration/blob/main/CHANGES.md";>changelog. + + + +https://tomcat.apache.org/download-migration.cgi";>Download + 2022-11-08 Tomcat Native 2.0.2 Released The Apache Tomcat Project is proud to announce the release of version 2.0.2 of @@ -154,25 +174,6 @@ changelog. https://tomcat.apache.org/download-90.cgi";>Download -2022-09-20 Tomcat Migration Tool for Jakarta EE 1.0.4 Released - -The Apache Tomcat Project is proud to announce the release of 1.0.4 of the -Apache Tomcat Migration Tool for Jakarta EE. This release contains a number of -bug fixes and improvements compared to version 1.0.3. -The notable changes in this release are: - -Improve the fix converting web applications that include JARs that store one -or more entries in uncompressed form. -Add a new conversion profile that converts from Jakarta EE 9 to Java EE 8. - - -Full details of these changes, and all the other changes, are available in the -https://github.com/apache/tomcat-jakartaee-migration/blob/main/CHANGES.md";>changelog. - - - -https://tomcat.apache.org/download-migration.cgi";>Download - 2022-07-20 Tomcat 9.0.65 Released The Apache Tomcat Project is proud to announce the release of version 9.0.65 Modified: tomcat/site/trunk/docs/oldnews.html URL: http://svn.apache.org/viewvc/tomcat/site/trunk/docs/oldnews.html?rev=1905165&r1=1905164&r2=1905165&view=diff == --- tomcat/site/trunk/docs/oldnews.html (original) +++ tomcat/site/trunk/docs/oldnews.html Tue Nov 8 18:46:35 2022 @@ -99,6 +99,25 @@ changelog. https://tomcat.apache.org/download-90.cgi";>Download +2022-09-20 Tomcat Migration Tool for Jakarta EE 1.0.4 Released + +The Apache Tomcat Project is proud to announce the release of 1.0.4 of the +Apache Tomcat Migration Tool for Jakarta EE. This release contains a number of +bug fixes and improvements compared to version 1.0.3. +The notable changes in this release are: + +Improve the fix converting web applications that include JARs that store one +or more entries in uncompressed form. +Add a new conversion profile that converts from Jakarta EE 9 to Java EE 8. + + +Full details of these changes, and all the other changes, are available in the +https://github.com/apache/tomcat-jakartaee-migration/blob/main/CHANGES.md";>changelog. + + + +https://tomcat.apache.org/download-migration.cgi";>Download + 2022-08-13 Tomcat 8.5.82 Released The Apache Tomcat Project is proud to announce the release of version 8.5.82. Modified: tomcat/site/trunk/xdocs/download-migration.xml URL: http://svn.apache.org/viewvc/tomcat/site/trunk/xdocs/download-migration.xml?rev=1905165&r1=1905164&r2=1905165&view=diff ==
[tomcat] branch 10.1.x updated: Update migration tool to 1.0.5
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 10.1.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/10.1.x by this push:
new 78d6f53b7e Update migration tool to 1.0.5
78d6f53b7e is described below
commit 78d6f53b7ea17287b4ae8dbf71c009b69f0887fd
Author: Mark Thomas
AuthorDate: Tue Nov 8 18:37:09 2022 +
Update migration tool to 1.0.5
---
build.properties.default | 6 +++---
java/org/apache/catalina/loader/WebappLoader.java | 3 ++-
webapps/docs/changelog.xml| 8 ++--
3 files changed, 11 insertions(+), 6 deletions(-)
diff --git a/build.properties.default b/build.properties.default
index 9d12e6db6a..6660ad5184 100644
--- a/build.properties.default
+++ b/build.properties.default
@@ -305,12 +305,12 @@ bnd.jar=${bnd.home}/biz.aQute.bnd-${bnd.version}.jar
bnd.loc=${base-maven.loc}/biz/aQute/bnd/biz.aQute.bnd/${bnd.version}/biz.aQute.bnd-${bnd.version}.jar
# - Tomcat Migration Tool for Jakarta EE -
-migration-lib.version=1.0.4
+migration-lib.version=1.0.5
-# checksums for jakartaee-migration-1.0.4-shaded.jar
+# checksums for jakartaee-migration-1.0.5-shaded.jar
migration-lib.checksum.enabled=true
migration-lib.checksum.algorithm=MD5|SHA-1
-migration-lib.checksum.value=2768a18586512c4713fe7bd9c67bc290|b71110ec32fc77893c98014690a6bbdb49a2be2a
+migration-lib.checksum.value=5af798dda8c3945635fba7a4bbfa1803|f7c41841a5bb28c058b106ae4b40082f1199c42f
migration-lib.home=${base.path}/migration-${migration-lib.version}
migration-lib.jar=${migration-lib.home}/jakartaee-migration-${migration-lib.version}-shaded.jar
diff --git a/java/org/apache/catalina/loader/WebappLoader.java
b/java/org/apache/catalina/loader/WebappLoader.java
index a50944c7b6..a8fe3cf806 100644
--- a/java/org/apache/catalina/loader/WebappLoader.java
+++ b/java/org/apache/catalina/loader/WebappLoader.java
@@ -41,6 +41,7 @@ import org.apache.juli.logging.Log;
import org.apache.juli.logging.LogFactory;
import org.apache.tomcat.jakartaee.ClassConverter;
import org.apache.tomcat.jakartaee.EESpecProfile;
+import org.apache.tomcat.jakartaee.EESpecProfiles;
import org.apache.tomcat.util.ExceptionUtils;
import org.apache.tomcat.util.buf.UDecoder;
import org.apache.tomcat.util.compat.JreCompat;
@@ -368,7 +369,7 @@ public class WebappLoader extends LifecycleMBeanBase
implements Loader{
if (getJakartaConverter() != null) {
EESpecProfile profile = null;
try {
-profile = EESpecProfile.valueOf(getJakartaConverter());
+profile = EESpecProfiles.valueOf(getJakartaConverter());
} catch (IllegalArgumentException ignored) {
// Use default value
log.warn(sm.getString("webappLoader.unknownProfile",
getJakartaConverter()));
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 924a1d0521..9df5bbcaab 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -204,8 +204,12 @@
Sébastien Deleuze. (markt)
-Update the packaged version of the Tomcat Native Library to 2.0.2 to
-pick up the Windows binaries built with with OpenSSL 3.0.7. (markt)
+Update the packaged version of the Apache Tomcat Native Library to
2.0.2
+to pick up the Windows binaries built with with OpenSSL 3.0.7. (markt)
+
+
+Update the packaged version of the Apache Tomcat Migration Tool for
+Jakarta EE to 1.0.5. (markt)
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch main updated: Update migration tool to 1.0.5
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/main by this push:
new 0dcae00bc2 Update migration tool to 1.0.5
0dcae00bc2 is described below
commit 0dcae00bc258215667cfe25fa58b8bb52e57acbf
Author: Mark Thomas
AuthorDate: Tue Nov 8 18:37:09 2022 +
Update migration tool to 1.0.5
---
build.properties.default | 6 +++---
java/org/apache/catalina/loader/WebappLoader.java | 3 ++-
webapps/docs/changelog.xml| 8 ++--
3 files changed, 11 insertions(+), 6 deletions(-)
diff --git a/build.properties.default b/build.properties.default
index 35d46599dc..39603acf65 100644
--- a/build.properties.default
+++ b/build.properties.default
@@ -305,12 +305,12 @@ bnd.jar=${bnd.home}/biz.aQute.bnd-${bnd.version}.jar
bnd.loc=${base-maven.loc}/biz/aQute/bnd/biz.aQute.bnd/${bnd.version}/biz.aQute.bnd-${bnd.version}.jar
# - Tomcat Migration Tool for Jakarta EE -
-migration-lib.version=1.0.4
+migration-lib.version=1.0.5
-# checksums for jakartaee-migration-1.0.4-shaded.jar
+# checksums for jakartaee-migration-1.0.5-shaded.jar
migration-lib.checksum.enabled=true
migration-lib.checksum.algorithm=MD5|SHA-1
-migration-lib.checksum.value=2768a18586512c4713fe7bd9c67bc290|b71110ec32fc77893c98014690a6bbdb49a2be2a
+migration-lib.checksum.value=5af798dda8c3945635fba7a4bbfa1803|f7c41841a5bb28c058b106ae4b40082f1199c42f
migration-lib.home=${base.path}/migration-${migration-lib.version}
migration-lib.jar=${migration-lib.home}/jakartaee-migration-${migration-lib.version}-shaded.jar
diff --git a/java/org/apache/catalina/loader/WebappLoader.java
b/java/org/apache/catalina/loader/WebappLoader.java
index a50944c7b6..a8fe3cf806 100644
--- a/java/org/apache/catalina/loader/WebappLoader.java
+++ b/java/org/apache/catalina/loader/WebappLoader.java
@@ -41,6 +41,7 @@ import org.apache.juli.logging.Log;
import org.apache.juli.logging.LogFactory;
import org.apache.tomcat.jakartaee.ClassConverter;
import org.apache.tomcat.jakartaee.EESpecProfile;
+import org.apache.tomcat.jakartaee.EESpecProfiles;
import org.apache.tomcat.util.ExceptionUtils;
import org.apache.tomcat.util.buf.UDecoder;
import org.apache.tomcat.util.compat.JreCompat;
@@ -368,7 +369,7 @@ public class WebappLoader extends LifecycleMBeanBase
implements Loader{
if (getJakartaConverter() != null) {
EESpecProfile profile = null;
try {
-profile = EESpecProfile.valueOf(getJakartaConverter());
+profile = EESpecProfiles.valueOf(getJakartaConverter());
} catch (IllegalArgumentException ignored) {
// Use default value
log.warn(sm.getString("webappLoader.unknownProfile",
getJakartaConverter()));
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 04d914f4c7..e187a7069e 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -219,8 +219,12 @@
Sébastien Deleuze. (markt)
-Update the packaged version of the Tomcat Native Library to 2.0.2 to
-pick up the Windows binaries built with with OpenSSL 3.0.7. (markt)
+Update the packaged version of the Apache Tomcat Native Library to
2.0.2
+to pick up the Windows binaries built with with OpenSSL 3.0.7. (markt)
+
+
+Update the packaged version of the Apache Tomcat Migration Tool for
+Jakarta EE to 1.0.5. (markt)
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r57892 - /dev/tomcat/jakartaee-migration/v1.0.5/ /release/tomcat/jakartaee-migration/v1.0.5/
Author: markt Date: Tue Nov 8 18:03:16 2022 New Revision: 57892 Log: Release the Apache Tomcat migration tool for Jakarta EE 1.0.5 Added: release/tomcat/jakartaee-migration/v1.0.5/ - copied from r57891, dev/tomcat/jakartaee-migration/v1.0.5/ Removed: dev/tomcat/jakartaee-migration/v1.0.5/ - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: [tomcat] branch main updated: Fix BZ 66294. Make use of privileged block optional. Performance hotspot
On 08/11/2022 16:52, Christopher Schultz wrote:
Mark,
Wouldn't it be "safer" to have this doPrivileged be an "opt-out"
permission rather than an "opt-in" permission?
Good question.
Nobody is going to know that they need to enable this options in order
to get "proper protection".
Until they see the exception.
This change is not exactly backward-compatible. It may break people who
are otherwise happily using the Tomcat EL package by requiring them to
add a system property to get it to work.
I think the doPrivileged should be present /by default/ and the
preference should be opt-out if only to maintain backward-compatibility.
Evidently, only one user on the planet needs to disable this privilege
re-acquisition.
No test case was every provided for BZ 62080. I suspect it was a
theoretical issue rather than one observed in real code.
The performance issue is an issue for everyone using a SecurityManager.
Another factor I considered is that the SecurityManager is deprecated
and support for it is likely to be removed in Jakarta EE 11.
I went for disabled by default because I thought that was the best
solution for the majority - possible all - users.
Mark
-chris
On 11/8/22 08:16, ma...@apache.org wrote:
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/main by this push:
new 28ea2b9b2e Fix BZ 66294. Make use of privileged block
optional. Performance hotspot
28ea2b9b2e is described below
commit 28ea2b9b2e781d20e0651cb5e0b65bacd464150c
Author: Mark Thomas
AuthorDate: Tue Nov 8 13:16:32 2022 +
Fix BZ 66294. Make use of privileged block optional. Performance
hotspot
https://bz.apache.org/bugzilla/show_bug.cgi?id=66294
---
java/jakarta/el/Util.java | 5 -
webapps/docs/changelog.xml | 7 +++
webapps/docs/config/systemprops.xml | 9 +
3 files changed, 20 insertions(+), 1 deletion(-)
diff --git a/java/jakarta/el/Util.java b/java/jakarta/el/Util.java
index b0a995c59b..71527d2429 100644
--- a/java/jakarta/el/Util.java
+++ b/java/jakarta/el/Util.java
@@ -43,6 +43,9 @@ class Util {
private static final Class[] EMPTY_CLASS_ARRAY = new
Class[0];
private static final Object[] EMPTY_OBJECT_ARRAY = new Object[0];
+ private static final boolean GET_CLASSLOADER_USE_PRIVILEGED =
+
Boolean.getBoolean("org.apache.el.GET_CLASSLOADER_USE_PRIVILEGED");
+
/**
* Checks whether the supplied Throwable is one that needs to be
* rethrown and swallows all others.
@@ -655,7 +658,7 @@ class Util {
static ClassLoader getContextClassLoader() {
ClassLoader tccl;
- if (System.getSecurityManager() != null) {
+ if (System.getSecurityManager() != null &&
GET_CLASSLOADER_USE_PRIVILEGED) {
PrivilegedAction pa = new PrivilegedGetTccl();
tccl = AccessController.doPrivileged(pa);
} else {
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 22c06cb070..33800616d7 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -167,6 +167,13 @@
+
+ 66294: Make the use of a privileged block to
obtain the
+ thread context class loader added to address 62080
optional
+ and disabled by default. This is now controlled by the
+ org.apache.el.GET_CLASSLOADER_USE_PRIVILEGED system
+ property. (markt)
+
66317: Fix for Lambda coercion security manager
missing
privileges. Based on pull request #557 by Isaac Rivera Rivas
(lihan)
diff --git a/webapps/docs/config/systemprops.xml
b/webapps/docs/config/systemprops.xml
index 4225fd2bec..0def5feb97 100644
--- a/webapps/docs/config/systemprops.xml
+++ b/webapps/docs/config/systemprops.xml
@@ -74,6 +74,15 @@
+
+ Controls whether the EL API classes make use of a privileged
block to
+ obtain the thread context class loader. When using the EL API
within
+ Apache Tomcat this does not need to be set as all calls are
already
+ wrapped in a privileged block further up the stack. It may be
required if
+ using the EL API under a SecurityManager outside of Apache
Tomcat.
+ If not specified, the default of false will be
used.
+
+
The number of jakarta.el.BeanELResolver.BeanProperties
objects that will
be cached by the EL Parser.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
-
Re: BZ 66294 - optionally disable some SecurityManager checks
On 08/11/2022 16:47, Christopher Schultz wrote: Mark, On 11/7/22 16:53, Mark Thomas wrote: On 07/11/2022 21:08, Christopher Schultz wrote: Mark, On 11/7/22 11:24, Mark Thomas wrote: Hi, BZ 66294 [1] highlights the performance impact in Tomcat of some additional SecurityManager checks that were added to avoid AccessControlException when using the EL API JAR outside of Tomcat. Details of the performance impact are in the bug report. I think we have a few options here. 1. Assume Tomcat 11 will remove the SecurityManager. No nothing for now and advise the reporter to move to Tomcat 11 when available. 2. Do nothing. 3. Disable this check by default and an option (it will have to be a system property) to enable it. 4. Something else. Thoughts? I am currently leaning towards 3 given that the performance impact is noticeable and that the check isn't required in normal usage. I thought we only wrapped stuff in doPrivileged() when a SecurityManager was installed. Re-re-reading the bug report, it's clear that the reporter IS running under SM. If the reporter is running under SM and the code does not fail, doesn't that mean that the check isn't actually providing any benefit? The thread must already be running in a privileged context if making that call does not throw an exception at runtime. Can we just remove it entirely? Maybe I'm missing something... When used in Tomcat that code is always called from within another doPrivileged() call further up the stack and all the stack frames inbetween are for Tomcat provided code so the security checks pass. Hence you can skip this doPrivileged() if running in Tomcat. When used outside of Tomcat (EL is completely stand-alone) that isn't the case and you need to use doPrivileged() to avoid the exceptions. Gotcha. And I suppose it's not really possible to detect if we are already running as a privileged operation? (Similar to how the JVM knows that obtaining a lock a thread already has is very quick.) It might be. But the challenge is detecting if we are running under the right privileged operation. What we really need is "Are we on a Tomcat request processing thread?". In older Tomcat versions we have ContainerThreadMarker but it is unused and I don't really like referring to that - even via reflection - in the API classes. There is precedence but I still don't like it. If there is a neater way of doing this, I'm likely to be all for it as most solutions are likely to be better (in my view) than another system property. Mark - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: [VOTE] Apache Tomcat migration tool for Jakarta EE 1.0.5
The following votes were cast: Binding: +1: remm, markt, jfclere Non-binding: +1: lihan No other votes were cast. The vote therefore passes. Thanks to everyone who contributed to this release. Mark - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: [tomcat] branch main updated: Fix BZ 66294. Make use of privileged block optional. Performance hotspot
Mark,
Wouldn't it be "safer" to have this doPrivileged be an "opt-out"
permission rather than an "opt-in" permission?
Nobody is going to know that they need to enable this options in order
to get "proper protection".
This change is not exactly backward-compatible. It may break people who
are otherwise happily using the Tomcat EL package by requiring them to
add a system property to get it to work.
I think the doPrivileged should be present /by default/ and the
preference should be opt-out if only to maintain backward-compatibility.
Evidently, only one user on the planet needs to disable this privilege
re-acquisition.
-chris
On 11/8/22 08:16, ma...@apache.org wrote:
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/main by this push:
new 28ea2b9b2e Fix BZ 66294. Make use of privileged block optional.
Performance hotspot
28ea2b9b2e is described below
commit 28ea2b9b2e781d20e0651cb5e0b65bacd464150c
Author: Mark Thomas
AuthorDate: Tue Nov 8 13:16:32 2022 +
Fix BZ 66294. Make use of privileged block optional. Performance hotspot
https://bz.apache.org/bugzilla/show_bug.cgi?id=66294
---
java/jakarta/el/Util.java | 5 -
webapps/docs/changelog.xml | 7 +++
webapps/docs/config/systemprops.xml | 9 +
3 files changed, 20 insertions(+), 1 deletion(-)
diff --git a/java/jakarta/el/Util.java b/java/jakarta/el/Util.java
index b0a995c59b..71527d2429 100644
--- a/java/jakarta/el/Util.java
+++ b/java/jakarta/el/Util.java
@@ -43,6 +43,9 @@ class Util {
private static final Class[] EMPTY_CLASS_ARRAY = new Class[0];
private static final Object[] EMPTY_OBJECT_ARRAY = new Object[0];
+private static final boolean GET_CLASSLOADER_USE_PRIVILEGED =
+Boolean.getBoolean("org.apache.el.GET_CLASSLOADER_USE_PRIVILEGED");
+
/**
* Checks whether the supplied Throwable is one that needs to be
* rethrown and swallows all others.
@@ -655,7 +658,7 @@ class Util {
static ClassLoader getContextClassLoader() {
ClassLoader tccl;
-if (System.getSecurityManager() != null) {
+if (System.getSecurityManager() != null &&
GET_CLASSLOADER_USE_PRIVILEGED) {
PrivilegedAction pa = new PrivilegedGetTccl();
tccl = AccessController.doPrivileged(pa);
} else {
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 22c06cb070..33800616d7 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -167,6 +167,13 @@
+
+66294: Make the use of a privileged block to obtain the
+thread context class loader added to address 62080 optional
+and disabled by default. This is now controlled by the
+org.apache.el.GET_CLASSLOADER_USE_PRIVILEGED system
+property. (markt)
+
66317: Fix for Lambda coercion security manager missing
privileges. Based on pull request #557 by Isaac Rivera Rivas (lihan)
diff --git a/webapps/docs/config/systemprops.xml
b/webapps/docs/config/systemprops.xml
index 4225fd2bec..0def5feb97 100644
--- a/webapps/docs/config/systemprops.xml
+++ b/webapps/docs/config/systemprops.xml
@@ -74,6 +74,15 @@
+
+ Controls whether the EL API classes make use of a privileged block to
+ obtain the thread context class loader. When using the EL API within
+ Apache Tomcat this does not need to be set as all calls are already
+ wrapped in a privileged block further up the stack. It may be required if
+ using the EL API under a SecurityManager outside of Apache Tomcat.
+ If not specified, the default of false will be used.
+
+
The number of jakarta.el.BeanELResolver.BeanProperties objects that
will
be cached by the EL Parser.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: BZ 66294 - optionally disable some SecurityManager checks
Mark, On 11/7/22 16:53, Mark Thomas wrote: On 07/11/2022 21:08, Christopher Schultz wrote: Mark, On 11/7/22 11:24, Mark Thomas wrote: Hi, BZ 66294 [1] highlights the performance impact in Tomcat of some additional SecurityManager checks that were added to avoid AccessControlException when using the EL API JAR outside of Tomcat. Details of the performance impact are in the bug report. I think we have a few options here. 1. Assume Tomcat 11 will remove the SecurityManager. No nothing for now and advise the reporter to move to Tomcat 11 when available. 2. Do nothing. 3. Disable this check by default and an option (it will have to be a system property) to enable it. 4. Something else. Thoughts? I am currently leaning towards 3 given that the performance impact is noticeable and that the check isn't required in normal usage. I thought we only wrapped stuff in doPrivileged() when a SecurityManager was installed. Re-re-reading the bug report, it's clear that the reporter IS running under SM. If the reporter is running under SM and the code does not fail, doesn't that mean that the check isn't actually providing any benefit? The thread must already be running in a privileged context if making that call does not throw an exception at runtime. Can we just remove it entirely? Maybe I'm missing something... When used in Tomcat that code is always called from within another doPrivileged() call further up the stack and all the stack frames inbetween are for Tomcat provided code so the security checks pass. Hence you can skip this doPrivileged() if running in Tomcat. When used outside of Tomcat (EL is completely stand-alone) that isn't the case and you need to use doPrivileged() to avoid the exceptions. Gotcha. And I suppose it's not really possible to detect if we are already running as a privileged operation? (Similar to how the JVM knows that obtaining a lock a thread already has is very quick.) -chris - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 66294] Util.getContextClassLoader() can be a hotspot
https://bz.apache.org/bugzilla/show_bug.cgi?id=66294 --- Comment #4 from Maximilian Hensel --- Thanks, that's great to hear. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: [VOTE] Apache Tomcat migration tool for Jakarta EE 1.0.5
On 11/2/22 13:43, Mark Thomas wrote: [X] +1: Acceptable. Go ahead and release. Tested on fedora using 9.0.67 examples on 10.1.0 tomcat. -- Cheers Jean-Frederic - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 10.1.x updated: Update the packaged version of the Tomcat Native Library to 2.0.2
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 10.1.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/10.1.x by this push:
new a710935349 Update the packaged version of the Tomcat Native Library to
2.0.2
a710935349 is described below
commit a7109353491431c31e580f2dfc6efd94d2f4abf1
Author: Mark Thomas
AuthorDate: Tue Nov 8 13:53:11 2022 +
Update the packaged version of the Tomcat Native Library to 2.0.2
Pick up the Windows binaries built with with OpenSSL 3.0.7.
---
build.properties.default | 10 +-
webapps/docs/changelog.xml | 4
2 files changed, 9 insertions(+), 5 deletions(-)
diff --git a/build.properties.default b/build.properties.default
index 4b6859cf61..9d12e6db6a 100644
--- a/build.properties.default
+++ b/build.properties.default
@@ -152,19 +152,19 @@
jdt.loc.1=http://archive.eclipse.org/eclipse/downloads/drops4/${jdt.release}/ecj
jdt.loc.2=http://download.eclipse.org/eclipse/downloads/drops4/${jdt.release}/ecj-${jdt.version}.jar
# - Tomcat native library -
-tomcat-native.version=2.0.1
+tomcat-native.version=2.0.2
tomcat-native.src.checksum.enabled=true
tomcat-native.src.checksum.algorithm=SHA-512
-tomcat-native.src.checksum.value=c56e4e739e74fbf627e6f503a0cb40a7b502663e2bed19468fac8d11bab3ce36a117eae41b3f0a19ebeef537123b7eb7d3346fc182f2e142f8c829df884c6f08
+tomcat-native.src.checksum.value=a0badfaa537dd8dc24901bbf2a11dbaab7cabe5c033eb9162daa5c748269c3dace08f99c0a477c0d0e051b7d226e2e2c6c3031ab7c45d007333cb53d72738c21
tomcat-native.win.checksum.enabled=true
tomcat-native.win.checksum.algorithm=SHA-512
-tomcat-native.win.checksum.value=9e727bd66db299058de647ab33c0612e184f6c05976e5b6cc330172588aab537f6e19f01129429039cb2516398850a5ceec0739993c226ab20f99b9677acf948
+tomcat-native.win.checksum.value=137771f91ed7bb53da3a4d0c834d22551373066f44282bd2a74e6c1c5040c82d14033f8d74f38eb79ac46486e828d0dc73fc4815404dc3f8fae72db9cd457ff1
tomcat-native.home=${base.path}/tomcat-native-${tomcat-native.version}
tomcat-native.tar.gz=${tomcat-native.home}/tomcat-native.tar.gz
tomcat-native.loc.1=${base-tomcat.loc.1}/tomcat-connectors/native/${tomcat-native.version}/source/tomcat-native-${tomcat-native.version}-src.tar.gz
tomcat-native.loc.2=${base-tomcat.loc.2}/tomcat-connectors/native/${tomcat-native.version}/source/tomcat-native-${tomcat-native.version}-src.tar.gz
-tomcat-native.win.1=${base-tomcat.loc.1}/tomcat-connectors/native/${tomcat-native.version}/binaries/tomcat-native-${tomcat-native.version}-openssl-3.0.5-win32-bin.zip
-tomcat-native.win.2=${base-tomcat.loc.2}/tomcat-connectors/native/${tomcat-native.version}/binaries/tomcat-native-${tomcat-native.version}-openssl-3.0.5-win32-bin.zip
+tomcat-native.win.1=${base-tomcat.loc.1}/tomcat-connectors/native/${tomcat-native.version}/binaries/tomcat-native-${tomcat-native.version}-openssl-3.0.7-win32-bin.zip
+tomcat-native.win.2=${base-tomcat.loc.2}/tomcat-connectors/native/${tomcat-native.version}/binaries/tomcat-native-${tomcat-native.version}-openssl-3.0.7-win32-bin.zip
# - NSIS, version 3.0 or later -
nsis.version=3.08
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index a3eea6f9e6..924a1d0521 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -203,6 +203,10 @@
Graal native image support. Pull request 564 provided by
Sébastien Deleuze. (markt)
+
+Update the packaged version of the Tomcat Native Library to 2.0.2 to
+pick up the Windows binaries built with with OpenSSL 3.0.7. (markt)
+
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch main updated: Update the packaged version of the Tomcat Native Library to 2.0.2
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/main by this push:
new c9ea207c70 Update the packaged version of the Tomcat Native Library to
2.0.2
c9ea207c70 is described below
commit c9ea207c70ea11b148a148674079a443fee57341
Author: Mark Thomas
AuthorDate: Tue Nov 8 13:53:11 2022 +
Update the packaged version of the Tomcat Native Library to 2.0.2
Pick up the Windows binaries built with with OpenSSL 3.0.7.
---
build.properties.default | 10 +-
webapps/docs/changelog.xml | 4
2 files changed, 9 insertions(+), 5 deletions(-)
diff --git a/build.properties.default b/build.properties.default
index 82fb31bc3e..35d46599dc 100644
--- a/build.properties.default
+++ b/build.properties.default
@@ -152,19 +152,19 @@
jdt.loc.1=http://archive.eclipse.org/eclipse/downloads/drops4/${jdt.release}/ecj
jdt.loc.2=http://download.eclipse.org/eclipse/downloads/drops4/${jdt.release}/ecj-${jdt.version}.jar
# - Tomcat native library -
-tomcat-native.version=2.0.1
+tomcat-native.version=2.0.2
tomcat-native.src.checksum.enabled=true
tomcat-native.src.checksum.algorithm=SHA-512
-tomcat-native.src.checksum.value=c56e4e739e74fbf627e6f503a0cb40a7b502663e2bed19468fac8d11bab3ce36a117eae41b3f0a19ebeef537123b7eb7d3346fc182f2e142f8c829df884c6f08
+tomcat-native.src.checksum.value=a0badfaa537dd8dc24901bbf2a11dbaab7cabe5c033eb9162daa5c748269c3dace08f99c0a477c0d0e051b7d226e2e2c6c3031ab7c45d007333cb53d72738c21
tomcat-native.win.checksum.enabled=true
tomcat-native.win.checksum.algorithm=SHA-512
-tomcat-native.win.checksum.value=9e727bd66db299058de647ab33c0612e184f6c05976e5b6cc330172588aab537f6e19f01129429039cb2516398850a5ceec0739993c226ab20f99b9677acf948
+tomcat-native.win.checksum.value=137771f91ed7bb53da3a4d0c834d22551373066f44282bd2a74e6c1c5040c82d14033f8d74f38eb79ac46486e828d0dc73fc4815404dc3f8fae72db9cd457ff1
tomcat-native.home=${base.path}/tomcat-native-${tomcat-native.version}
tomcat-native.tar.gz=${tomcat-native.home}/tomcat-native.tar.gz
tomcat-native.loc.1=${base-tomcat.loc.1}/tomcat-connectors/native/${tomcat-native.version}/source/tomcat-native-${tomcat-native.version}-src.tar.gz
tomcat-native.loc.2=${base-tomcat.loc.2}/tomcat-connectors/native/${tomcat-native.version}/source/tomcat-native-${tomcat-native.version}-src.tar.gz
-tomcat-native.win.1=${base-tomcat.loc.1}/tomcat-connectors/native/${tomcat-native.version}/binaries/tomcat-native-${tomcat-native.version}-openssl-3.0.5-win32-bin.zip
-tomcat-native.win.2=${base-tomcat.loc.2}/tomcat-connectors/native/${tomcat-native.version}/binaries/tomcat-native-${tomcat-native.version}-openssl-3.0.5-win32-bin.zip
+tomcat-native.win.1=${base-tomcat.loc.1}/tomcat-connectors/native/${tomcat-native.version}/binaries/tomcat-native-${tomcat-native.version}-openssl-3.0.7-win32-bin.zip
+tomcat-native.win.2=${base-tomcat.loc.2}/tomcat-connectors/native/${tomcat-native.version}/binaries/tomcat-native-${tomcat-native.version}-openssl-3.0.7-win32-bin.zip
# - NSIS, version 3.0 or later -
nsis.version=3.08
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 33800616d7..04d914f4c7 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -218,6 +218,10 @@
Graal native image support. Pull request 564 provided by
Sébastien Deleuze. (markt)
+
+Update the packaged version of the Tomcat Native Library to 2.0.2 to
+pick up the Windows binaries built with with OpenSSL 3.0.7. (markt)
+
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 10.1.x updated: Update tomcat-embed-core native metadata
This is an automated email from the ASF dual-hosted git repository.
lihan pushed a commit to branch 10.1.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/10.1.x by this push:
new cc11b294da Update tomcat-embed-core native metadata
cc11b294da is described below
commit cc11b294da62bd243e574cf6e5d58de1a4efc1ec
Author: lihan
AuthorDate: Tue Nov 8 21:33:57 2022 +0800
Update tomcat-embed-core native metadata
- Some JNI has been removed(314568fa).
---
.../tomcat-embed-core/native-image/tomcat-jni.json | 22 --
1 file changed, 22 deletions(-)
diff --git a/res/graal/tomcat-embed-core/native-image/tomcat-jni.json
b/res/graal/tomcat-embed-core/native-image/tomcat-jni.json
index d53270c05b..4479fb8230 100644
--- a/res/graal/tomcat-embed-core/native-image/tomcat-jni.json
+++ b/res/graal/tomcat-embed-core/native-image/tomcat-jni.json
@@ -1,34 +1,12 @@
[
- { "name":"org.apache.tomcat.jni.Address", "allDeclaredConstructors" :
true,"allPublicConstructors" : true,"allDeclaredMethods" :
true,"allPublicMethods" : true,"allDeclaredClasses" : true,"allPublicClasses" :
true,"allPublicFields" : true,"allDeclaredFields" : true},
{ "name":"org.apache.tomcat.jni.Buffer", "allDeclaredConstructors" :
true,"allPublicConstructors" : true,"allDeclaredMethods" :
true,"allPublicMethods" : true,"allDeclaredClasses" : true,"allPublicClasses" :
true,"allPublicFields" : true,"allDeclaredFields" : true},
- { "name":"org.apache.tomcat.jni.Directory", "allDeclaredConstructors" :
true,"allPublicConstructors" : true,"allDeclaredMethods" :
true,"allPublicMethods" : true,"allDeclaredClasses" : true,"allPublicClasses" :
true,"allPublicFields" : true,"allDeclaredFields" : true},
- { "name":"org.apache.tomcat.jni.Error", "allDeclaredConstructors" :
true,"allPublicConstructors" : true,"allDeclaredMethods" :
true,"allPublicMethods" : true,"allDeclaredClasses" : true,"allPublicClasses" :
true,"allPublicFields" : true,"allDeclaredFields" : true},
- { "name":"org.apache.tomcat.jni.File", "allDeclaredConstructors" :
true,"allPublicConstructors" : true,"allDeclaredMethods" :
true,"allPublicMethods" : true,"allDeclaredClasses" : true,"allPublicClasses" :
true,"allPublicFields" : true,"allDeclaredFields" : true},
{ "name":"org.apache.tomcat.jni.FileInfo", "allDeclaredConstructors" :
true,"allPublicConstructors" : true,"allDeclaredMethods" :
true,"allPublicMethods" : true,"allDeclaredClasses" : true,"allPublicClasses" :
true,"allPublicFields" : true,"allDeclaredFields" : true},
- { "name":"org.apache.tomcat.jni.Global", "allDeclaredConstructors" :
true,"allPublicConstructors" : true,"allDeclaredMethods" :
true,"allPublicMethods" : true,"allDeclaredClasses" : true,"allPublicClasses" :
true,"allPublicFields" : true,"allDeclaredFields" : true},
{ "name":"org.apache.tomcat.jni.Library", "allDeclaredConstructors" :
true,"allPublicConstructors" : true,"allDeclaredMethods" :
true,"allPublicMethods" : true,"allDeclaredClasses" : true,"allPublicClasses" :
true,"allPublicFields" : true,"allDeclaredFields" : true},
- { "name":"org.apache.tomcat.jni.Local", "allDeclaredConstructors" :
true,"allPublicConstructors" : true,"allDeclaredMethods" :
true,"allPublicMethods" : true,"allDeclaredClasses" : true,"allPublicClasses" :
true,"allPublicFields" : true,"allDeclaredFields" : true},
- { "name":"org.apache.tomcat.jni.Lock", "allDeclaredConstructors" :
true,"allPublicConstructors" : true,"allDeclaredMethods" :
true,"allPublicMethods" : true,"allDeclaredClasses" : true,"allPublicClasses" :
true,"allPublicFields" : true,"allDeclaredFields" : true},
- { "name":"org.apache.tomcat.jni.Mmap", "allDeclaredConstructors" :
true,"allPublicConstructors" : true,"allDeclaredMethods" :
true,"allPublicMethods" : true,"allDeclaredClasses" : true,"allPublicClasses" :
true,"allPublicFields" : true,"allDeclaredFields" : true},
- { "name":"org.apache.tomcat.jni.Multicast", "allDeclaredConstructors" :
true,"allPublicConstructors" : true,"allDeclaredMethods" :
true,"allPublicMethods" : true,"allDeclaredClasses" : true,"allPublicClasses" :
true,"allPublicFields" : true,"allDeclaredFields" : true},
- { "name":"org.apache.tomcat.jni.OS", "allDeclaredConstructors" :
true,"allPublicConstructors" : true,"allDeclaredMethods" :
true,"allPublicMethods" : true,"allDeclaredClasses" : true,"allPublicClasses" :
true,"allPublicFields" : true,"allDeclaredFields" : true},
- { "name":"org.apache.tomcat.jni.Poll", "allDeclaredConstructors" :
true,"allPublicConstructors" : true,"allDeclaredMethods" :
true,"allPublicMethods" : true,"allDeclaredClasses" : true,"allPublicClasses" :
true,"allPublicFields" : true,"allDeclaredFields" : true},
{ "name":"org.apache.tomcat.jni.Pool", "allDeclaredConstructors" :
true,"allPublicConstructors" : true,"allDeclaredMethods" :
true,"allPublicMethods" : true,"allDeclaredClasses" : true,"allPublicClasses" :
true,"
[tomcat] branch main updated: Update tomcat-embed-core native metadata
This is an automated email from the ASF dual-hosted git repository.
lihan pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/main by this push:
new 0e17fee857 Update tomcat-embed-core native metadata
0e17fee857 is described below
commit 0e17fee8571e580ae2fc973ac08e2abf3dc13c9d
Author: lihan
AuthorDate: Tue Nov 8 21:31:10 2022 +0800
Update tomcat-embed-core native metadata
- Some JNI has been removed(314568fa).
- AbstractHttp11JsseProtocol has been removed(2b4be933).
- Added AbstractNetworkChannelEndpoint(1c21f344).
---
.../ObjectReflectionPropertyInspector.java | 2 +-
.../tomcat-embed-core/native-image/tomcat-jni.json | 22 --
.../native-image/tomcat-reflection.json| 2 +-
3 files changed, 2 insertions(+), 24 deletions(-)
diff --git
a/java/org/apache/tomcat/util/xreflection/ObjectReflectionPropertyInspector.java
b/java/org/apache/tomcat/util/xreflection/ObjectReflectionPropertyInspector.java
index c816a794d8..752d0405a9 100644
---
a/java/org/apache/tomcat/util/xreflection/ObjectReflectionPropertyInspector.java
+++
b/java/org/apache/tomcat/util/xreflection/ObjectReflectionPropertyInspector.java
@@ -86,7 +86,6 @@ public final class ObjectReflectionPropertyInspector {
Class.forName("org.apache.coyote.ajp.AbstractAjpProtocol"),
Class.forName("org.apache.coyote.ajp.AjpNio2Protocol"),
Class.forName("org.apache.coyote.ajp.AjpNioProtocol"),
-
Class.forName("org.apache.coyote.http11.AbstractHttp11JsseProtocol"),
Class.forName("org.apache.coyote.http11.AbstractHttp11Protocol"),
Class.forName("org.apache.coyote.http11.Http11Nio2Protocol"),
Class.forName("org.apache.coyote.http11.Http11NioProtocol"),
@@ -98,6 +97,7 @@ public final class ObjectReflectionPropertyInspector {
Class.forName("org.apache.tomcat.util.modeler.OperationInfo"),
Class.forName("org.apache.tomcat.util.modeler.ParameterInfo"),
Class.forName("org.apache.tomcat.util.net.AbstractEndpoint"),
+
Class.forName("org.apache.tomcat.util.net.AbstractNetworkChannelEndpoint"),
Class.forName("org.apache.tomcat.util.net.Nio2Endpoint"),
Class.forName("org.apache.tomcat.util.net.NioEndpoint"),
Class.forName("org.apache.tomcat.util.net.SocketProperties")
diff --git a/res/graal/tomcat-embed-core/native-image/tomcat-jni.json
b/res/graal/tomcat-embed-core/native-image/tomcat-jni.json
index d53270c05b..4479fb8230 100644
--- a/res/graal/tomcat-embed-core/native-image/tomcat-jni.json
+++ b/res/graal/tomcat-embed-core/native-image/tomcat-jni.json
@@ -1,34 +1,12 @@
[
- { "name":"org.apache.tomcat.jni.Address", "allDeclaredConstructors" :
true,"allPublicConstructors" : true,"allDeclaredMethods" :
true,"allPublicMethods" : true,"allDeclaredClasses" : true,"allPublicClasses" :
true,"allPublicFields" : true,"allDeclaredFields" : true},
{ "name":"org.apache.tomcat.jni.Buffer", "allDeclaredConstructors" :
true,"allPublicConstructors" : true,"allDeclaredMethods" :
true,"allPublicMethods" : true,"allDeclaredClasses" : true,"allPublicClasses" :
true,"allPublicFields" : true,"allDeclaredFields" : true},
- { "name":"org.apache.tomcat.jni.Directory", "allDeclaredConstructors" :
true,"allPublicConstructors" : true,"allDeclaredMethods" :
true,"allPublicMethods" : true,"allDeclaredClasses" : true,"allPublicClasses" :
true,"allPublicFields" : true,"allDeclaredFields" : true},
- { "name":"org.apache.tomcat.jni.Error", "allDeclaredConstructors" :
true,"allPublicConstructors" : true,"allDeclaredMethods" :
true,"allPublicMethods" : true,"allDeclaredClasses" : true,"allPublicClasses" :
true,"allPublicFields" : true,"allDeclaredFields" : true},
- { "name":"org.apache.tomcat.jni.File", "allDeclaredConstructors" :
true,"allPublicConstructors" : true,"allDeclaredMethods" :
true,"allPublicMethods" : true,"allDeclaredClasses" : true,"allPublicClasses" :
true,"allPublicFields" : true,"allDeclaredFields" : true},
{ "name":"org.apache.tomcat.jni.FileInfo", "allDeclaredConstructors" :
true,"allPublicConstructors" : true,"allDeclaredMethods" :
true,"allPublicMethods" : true,"allDeclaredClasses" : true,"allPublicClasses" :
true,"allPublicFields" : true,"allDeclaredFields" : true},
- { "name":"org.apache.tomcat.jni.Global", "allDeclaredConstructors" :
true,"allPublicConstructors" : true,"allDeclaredMethods" :
true,"allPublicMethods" : true,"allDeclaredClasses" : true,"allPublicClasses" :
true,"allPublicFields" : true,"allDeclaredFields" : true},
{ "name":"org.apache.tomcat.jni.Library", "allDeclaredConstructors" :
true,"allPublicConstructors" : true,"
[ANN] Apache Tomcat Native 2.0.2 released
The Apache Tomcat team announces the immediate availability of Apache Tomcat Native 2.0.2 stable. The key features of this release are: - Update the minimum supported version of LibreSSL to 3.5.2. Based on a #13 provided by orbea. - The windows binaries in this release have been built with OpenSSL 3.0.7 The 2.0.x branch is primarily intended for use with Tomcat 10.1.x or later but can be used with earlier versions as long as the APR/native connector is not used. Please refer to the change log for the complete list of changes: http://tomcat.apache.org/native-doc/miscellaneous/changelog.html Downloads: http://tomcat.apache.org/download-native.cgi The Apache Tomcat Native Library 2.0.x provides an API for using OpenSSL for SSL networking with Apache Tomcat. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: [tomcat] branch main updated: Fix BZ 66294. Make use of privileged block optional. Performance hotspot
On 08/11/2022 13:25, Rémy Maucherat wrote:
On Tue, Nov 8, 2022 at 2:16 PM wrote:
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/main by this push:
new 28ea2b9b2e Fix BZ 66294. Make use of privileged block optional.
Performance hotspot
28ea2b9b2e is described below
commit 28ea2b9b2e781d20e0651cb5e0b65bacd464150c
Author: Mark Thomas
AuthorDate: Tue Nov 8 13:16:32 2022 +
Fix BZ 66294. Make use of privileged block optional. Performance hotspot
https://bz.apache.org/bugzilla/show_bug.cgi?id=66294
That was the best option IMO. Too bad, another system property though ;)
Indeed. You know how much I dislike configuration via system property.
The good news is that if Jakarta EE 11 drops support for the
SecurityManager we can remove this and a whole bunch of other code as well.
Mark
Rémy
---
java/jakarta/el/Util.java | 5 -
webapps/docs/changelog.xml | 7 +++
webapps/docs/config/systemprops.xml | 9 +
3 files changed, 20 insertions(+), 1 deletion(-)
diff --git a/java/jakarta/el/Util.java b/java/jakarta/el/Util.java
index b0a995c59b..71527d2429 100644
--- a/java/jakarta/el/Util.java
+++ b/java/jakarta/el/Util.java
@@ -43,6 +43,9 @@ class Util {
private static final Class[] EMPTY_CLASS_ARRAY = new Class[0];
private static final Object[] EMPTY_OBJECT_ARRAY = new Object[0];
+private static final boolean GET_CLASSLOADER_USE_PRIVILEGED =
+Boolean.getBoolean("org.apache.el.GET_CLASSLOADER_USE_PRIVILEGED");
+
/**
* Checks whether the supplied Throwable is one that needs to be
* rethrown and swallows all others.
@@ -655,7 +658,7 @@ class Util {
static ClassLoader getContextClassLoader() {
ClassLoader tccl;
-if (System.getSecurityManager() != null) {
+if (System.getSecurityManager() != null &&
GET_CLASSLOADER_USE_PRIVILEGED) {
PrivilegedAction pa = new PrivilegedGetTccl();
tccl = AccessController.doPrivileged(pa);
} else {
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 22c06cb070..33800616d7 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -167,6 +167,13 @@
+
+66294: Make the use of a privileged block to obtain the
+thread context class loader added to address 62080 optional
+and disabled by default. This is now controlled by the
+org.apache.el.GET_CLASSLOADER_USE_PRIVILEGED system
+property. (markt)
+
66317: Fix for Lambda coercion security manager missing
privileges. Based on pull request #557 by Isaac Rivera Rivas (lihan)
diff --git a/webapps/docs/config/systemprops.xml
b/webapps/docs/config/systemprops.xml
index 4225fd2bec..0def5feb97 100644
--- a/webapps/docs/config/systemprops.xml
+++ b/webapps/docs/config/systemprops.xml
@@ -74,6 +74,15 @@
+
+ Controls whether the EL API classes make use of a privileged block to
+ obtain the thread context class loader. When using the EL API within
+ Apache Tomcat this does not need to be set as all calls are already
+ wrapped in a privileged block further up the stack. It may be required if
+ using the EL API under a SecurityManager outside of Apache Tomcat.
+ If not specified, the default of false will be used.
+
+
The number of jakarta.el.BeanELResolver.BeanProperties objects that
will
be cached by the EL Parser.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: [tomcat] branch main updated: Fix BZ 66294. Make use of privileged block optional. Performance hotspot
On Tue, Nov 8, 2022 at 2:16 PM wrote:
>
> This is an automated email from the ASF dual-hosted git repository.
>
> markt pushed a commit to branch main
> in repository https://gitbox.apache.org/repos/asf/tomcat.git
>
>
> The following commit(s) were added to refs/heads/main by this push:
> new 28ea2b9b2e Fix BZ 66294. Make use of privileged block optional.
> Performance hotspot
> 28ea2b9b2e is described below
>
> commit 28ea2b9b2e781d20e0651cb5e0b65bacd464150c
> Author: Mark Thomas
> AuthorDate: Tue Nov 8 13:16:32 2022 +
>
> Fix BZ 66294. Make use of privileged block optional. Performance hotspot
>
> https://bz.apache.org/bugzilla/show_bug.cgi?id=66294
That was the best option IMO. Too bad, another system property though ;)
Rémy
> ---
> java/jakarta/el/Util.java | 5 -
> webapps/docs/changelog.xml | 7 +++
> webapps/docs/config/systemprops.xml | 9 +
> 3 files changed, 20 insertions(+), 1 deletion(-)
>
> diff --git a/java/jakarta/el/Util.java b/java/jakarta/el/Util.java
> index b0a995c59b..71527d2429 100644
> --- a/java/jakarta/el/Util.java
> +++ b/java/jakarta/el/Util.java
> @@ -43,6 +43,9 @@ class Util {
> private static final Class[] EMPTY_CLASS_ARRAY = new Class[0];
> private static final Object[] EMPTY_OBJECT_ARRAY = new Object[0];
>
> +private static final boolean GET_CLASSLOADER_USE_PRIVILEGED =
> +
> Boolean.getBoolean("org.apache.el.GET_CLASSLOADER_USE_PRIVILEGED");
> +
> /**
> * Checks whether the supplied Throwable is one that needs to be
> * rethrown and swallows all others.
> @@ -655,7 +658,7 @@ class Util {
>
> static ClassLoader getContextClassLoader() {
> ClassLoader tccl;
> -if (System.getSecurityManager() != null) {
> +if (System.getSecurityManager() != null &&
> GET_CLASSLOADER_USE_PRIVILEGED) {
> PrivilegedAction pa = new PrivilegedGetTccl();
> tccl = AccessController.doPrivileged(pa);
> } else {
> diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
> index 22c06cb070..33800616d7 100644
> --- a/webapps/docs/changelog.xml
> +++ b/webapps/docs/changelog.xml
> @@ -167,6 +167,13 @@
>
>
>
> +
> +66294: Make the use of a privileged block to obtain the
> +thread context class loader added to address 62080
> optional
> +and disabled by default. This is now controlled by the
> +org.apache.el.GET_CLASSLOADER_USE_PRIVILEGED system
> +property. (markt)
> +
>
> 66317: Fix for Lambda coercion security manager missing
> privileges. Based on pull request #557 by Isaac Rivera Rivas (lihan)
> diff --git a/webapps/docs/config/systemprops.xml
> b/webapps/docs/config/systemprops.xml
> index 4225fd2bec..0def5feb97 100644
> --- a/webapps/docs/config/systemprops.xml
> +++ b/webapps/docs/config/systemprops.xml
> @@ -74,6 +74,15 @@
>
>
>
> +
> + Controls whether the EL API classes make use of a privileged block
> to
> + obtain the thread context class loader. When using the EL API within
> + Apache Tomcat this does not need to be set as all calls are already
> + wrapped in a privileged block further up the stack. It may be required
> if
> + using the EL API under a SecurityManager outside of Apache Tomcat.
> + If not specified, the default of false will be
> used.
> +
> +
>
>The number of jakarta.el.BeanELResolver.BeanProperties objects that
> will
>be cached by the EL Parser.
>
>
> -
> To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: dev-h...@tomcat.apache.org
>
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r57887 - /release/tomcat/tomcat-connectors/native/2.0.1/
Author: markt Date: Tue Nov 8 13:22:58 2022 New Revision: 57887 Log: Drop Tomcat Native 2.0.1 from mirror network Removed: release/tomcat/tomcat-connectors/native/2.0.1/ - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1905152 - in /tomcat/site/trunk: docs/download-native.html docs/index.html docs/oldnews.html xdocs/download-native.xml xdocs/index.xml xdocs/oldnews.xml
Author: markt Date: Tue Nov 8 13:22:15 2022 New Revision: 1905152 URL: http://svn.apache.org/viewvc?rev=1905152&view=rev Log: Update site for Tomcat Native 2.0.2 release Modified: tomcat/site/trunk/docs/download-native.html tomcat/site/trunk/docs/index.html tomcat/site/trunk/docs/oldnews.html tomcat/site/trunk/xdocs/download-native.xml tomcat/site/trunk/xdocs/index.xml tomcat/site/trunk/xdocs/oldnews.xml Modified: tomcat/site/trunk/docs/download-native.html URL: http://svn.apache.org/viewvc/tomcat/site/trunk/docs/download-native.html?rev=1905152&r1=1905151&r2=1905152&view=diff == --- tomcat/site/trunk/docs/download-native.html (original) +++ tomcat/site/trunk/docs/download-native.html Tue Nov 8 13:22:15 2022 @@ -10,7 +10,7 @@ archive download site. Quick Navigation -[define v]2.0.1[end] +[define v]2.0.2[end] [define w]1.2.35[end] [define y]3.0.5[end] [define z]1.1.1q[end] Modified: tomcat/site/trunk/docs/index.html URL: http://svn.apache.org/viewvc/tomcat/site/trunk/docs/index.html?rev=1905152&r1=1905151&r2=1905152&view=diff == --- tomcat/site/trunk/docs/index.html (original) +++ tomcat/site/trunk/docs/index.html Tue Nov 8 13:22:15 2022 @@ -34,6 +34,19 @@ wiki page. Apache Tomcat, Tomcat, Apache, the Apache feather, and the Apache Tomcat project logo are trademarks of the Apache Software Foundation. +2022-11-08 Tomcat Native 2.0.2 Released + +The Apache Tomcat Project is proud to announce the release of version 2.0.2 of +Tomcat Native. The notable changes compared to 2.0.1 include: + + +The minimum supported version of LibreSSL has been increased to 3.5.2. +The windows binaries in this release have been built with OpenSSL 3.0.7 + + +https://tomcat.apache.org/download-native.cgi";>Download | +ChangeLog for 2.0.1 + 2022-10-11 Tomcat 10.1.1 Released The Apache Tomcat Project is proud to announce the release of version 10.1.1 @@ -181,24 +194,6 @@ changelog. https://tomcat.apache.org/download-90.cgi";>Download -2022-07-12 Tomcat Native 2.0.1 Released - -The Apache Tomcat Project is proud to announce the release of version 2.0.1 of -Tomcat Native. This is the first release of the 2.0.x branch. The notable -changes compared to the 1.2x branch include: - - -The JNI API has been reduced to just that required to support Tomcat's -OpenSSL based TLS implementation. The APR/native connector is no longer -supported in the 2.0.x branch. -The minimum supported versions have been increased to OpenSSL 3.0.x, Apache -APR 1.7.x, Java 11, Windows 7 / Server 2008 R2. -The windows binaries in this release have been built with OpenSSL 3.0.5 - - -https://tomcat.apache.org/download-native.cgi";>Download | -ChangeLog for 2.0.1 - 2022-07-12 Tomcat Native 1.2.35 Released The Apache Tomcat Project is proud to announce the release of version 1.2.35 of Modified: tomcat/site/trunk/docs/oldnews.html URL: http://svn.apache.org/viewvc/tomcat/site/trunk/docs/oldnews.html?rev=1905152&r1=1905151&r2=1905152&view=diff == --- tomcat/site/trunk/docs/oldnews.html (original) +++ tomcat/site/trunk/docs/oldnews.html Tue Nov 8 13:22:15 2022 @@ -226,6 +226,24 @@ Full details of these changes, and all t https://tomcat.apache.org/download-10.cgi";>Download +2022-07-12 Tomcat Native 2.0.1 Released + +The Apache Tomcat Project is proud to announce the release of version 2.0.1 of +Tomcat Native. This is the first release of the 2.0.x branch. The notable +changes compared to the 1.2.x branch include: + + +The JNI API has been reduced to just that required to support Tomcat's +OpenSSL based TLS implementation. The APR/native connector is no longer +supported in the 2.0.x branch. +The minimum supported versions have been increased to OpenSSL 3.0.x, Apache +APR 1.7.x, Java 11, Windows 7 / Server 2008 R2. +The windows binaries in this release have been built with OpenSSL 3.0.5 + + +https://tomcat.apache.org/download-native.cgi";>Download | +ChangeLog for 2.0.1 + 2022-07-11 Tomcat Migration Tool for Jakarta EE 1.0.1 Released The Apache Tomcat Project is proud to announce the release of 1.0.1 of the Modified: tomcat/site/trunk/xdocs/download-native.xml URL: http://svn.apache.org/viewvc/tomcat/site/trunk/xdocs/download-native.xml?rev=1905152&r1=1905151&r2=1905152&view=diff == --- tomcat/site/trunk/xdocs/download-native.xml (original) +++ tomcat/site/trunk/xdocs/download-native.xml Tue Nov 8 13:22:15 2022 @@ -22,7 +22,7 @@ Define variables to hold the current version numbers. Documentation for ezt.py: https://code.google.com/p/ezt/wiki/Syntax --> -[define v]2.0.1[end] +[define v]2.0.2[end] [define w]1.2.35[end] [define y]3.0.5
[Bug 66294] Util.getContextClassLoader() can be a hotspot
https://bz.apache.org/bugzilla/show_bug.cgi?id=66294 Mark Thomas changed: What|Removed |Added Status|NEW |RESOLVED Resolution|--- |FIXED --- Comment #3 from Mark Thomas --- Fixed in: - 10.1.x for 10.1.2 onwards - 9.0.x for 9.0.69 onwards - 8.5.x for 8.5.84 onwards The privileged block is now disabled by default so this should "just work" once you upgrade. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 8.5.x updated: Fix BZ 66294. Make use of privileged block optional. Performance hotspot
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/8.5.x by this push:
new ace5902d14 Fix BZ 66294. Make use of privileged block optional.
Performance hotspot
ace5902d14 is described below
commit ace5902d14f280fd0c3ee3374a6f98a3e8a42391
Author: Mark Thomas
AuthorDate: Tue Nov 8 13:16:32 2022 +
Fix BZ 66294. Make use of privileged block optional. Performance hotspot
https://bz.apache.org/bugzilla/show_bug.cgi?id=66294
---
java/javax/el/Util.java | 5 -
webapps/docs/changelog.xml | 7 +++
webapps/docs/config/systemprops.xml | 9 +
3 files changed, 20 insertions(+), 1 deletion(-)
diff --git a/java/javax/el/Util.java b/java/javax/el/Util.java
index 7e7812a102..58d16e8d77 100644
--- a/java/javax/el/Util.java
+++ b/java/javax/el/Util.java
@@ -43,6 +43,9 @@ class Util {
private static final Class[] EMPTY_CLASS_ARRAY = new Class[0];
private static final Object[] EMPTY_OBJECT_ARRAY = new Object[0];
+private static final boolean GET_CLASSLOADER_USE_PRIVILEGED =
+Boolean.getBoolean("org.apache.el.GET_CLASSLOADER_USE_PRIVILEGED");
+
/**
* Checks whether the supplied Throwable is one that needs to be
* rethrown and swallows all others.
@@ -649,7 +652,7 @@ class Util {
static ClassLoader getContextClassLoader() {
ClassLoader tccl;
-if (System.getSecurityManager() != null) {
+if (System.getSecurityManager() != null &&
GET_CLASSLOADER_USE_PRIVILEGED) {
PrivilegedAction pa = new PrivilegedGetTccl();
tccl = AccessController.doPrivileged(pa);
} else {
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 21ecf497b1..fcd0ce3c6f 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -150,6 +150,13 @@
+
+66294: Make the use of a privileged block to obtain the
+thread context class loader added to address 62080 optional
+and disabled by default. This is now controlled by the
+org.apache.el.GET_CLASSLOADER_USE_PRIVILEGED system
+property. (markt)
+
66325: Fix concurrency issue in evaluation of expression
language containing lambda expressions. (markt)
diff --git a/webapps/docs/config/systemprops.xml
b/webapps/docs/config/systemprops.xml
index 0448008e48..691e22420e 100644
--- a/webapps/docs/config/systemprops.xml
+++ b/webapps/docs/config/systemprops.xml
@@ -89,6 +89,15 @@
+
+ Controls whether the EL API classes make use of a privileged block to
+ obtain the thread context class loader. When using the EL API within
+ Apache Tomcat this does not need to be set as all calls are already
+ wrapped in a privileged block further up the stack. It may be required if
+ using the EL API under a SecurityManager outside of Apache Tomcat.
+ If not specified, the default of false will be used.
+
+
The number of javax.el.BeanELResolver.BeanProperties objects that will
be cached by the EL Parser.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 9.0.x updated: Fix BZ 66294. Make use of privileged block optional. Performance hotspot
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/9.0.x by this push:
new ef1f4ee2b3 Fix BZ 66294. Make use of privileged block optional.
Performance hotspot
ef1f4ee2b3 is described below
commit ef1f4ee2b3e9a83a857e3fbc94b5a0ce60ce9df1
Author: Mark Thomas
AuthorDate: Tue Nov 8 13:16:32 2022 +
Fix BZ 66294. Make use of privileged block optional. Performance hotspot
https://bz.apache.org/bugzilla/show_bug.cgi?id=66294
---
java/javax/el/Util.java | 5 -
webapps/docs/changelog.xml | 7 +++
webapps/docs/config/systemprops.xml | 9 +
3 files changed, 20 insertions(+), 1 deletion(-)
diff --git a/java/javax/el/Util.java b/java/javax/el/Util.java
index 8fdc2bb22f..e1ae0851c0 100644
--- a/java/javax/el/Util.java
+++ b/java/javax/el/Util.java
@@ -42,6 +42,9 @@ class Util {
private static final Class[] EMPTY_CLASS_ARRAY = new Class[0];
private static final Object[] EMPTY_OBJECT_ARRAY = new Object[0];
+private static final boolean GET_CLASSLOADER_USE_PRIVILEGED =
+Boolean.getBoolean("org.apache.el.GET_CLASSLOADER_USE_PRIVILEGED");
+
/**
* Checks whether the supplied Throwable is one that needs to be
* rethrown and swallows all others.
@@ -647,7 +650,7 @@ class Util {
static ClassLoader getContextClassLoader() {
ClassLoader tccl;
-if (System.getSecurityManager() != null) {
+if (System.getSecurityManager() != null &&
GET_CLASSLOADER_USE_PRIVILEGED) {
PrivilegedAction pa = new PrivilegedGetTccl();
tccl = AccessController.doPrivileged(pa);
} else {
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 76df264394..41ee170f56 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -159,6 +159,13 @@
+
+66294: Make the use of a privileged block to obtain the
+thread context class loader added to address 62080 optional
+and disabled by default. This is now controlled by the
+org.apache.el.GET_CLASSLOADER_USE_PRIVILEGED system
+property. (markt)
+
66325: Fix concurrency issue in evaluation of expression
language containing lambda expressions. (markt)
diff --git a/webapps/docs/config/systemprops.xml
b/webapps/docs/config/systemprops.xml
index 1dbf0baed0..71420b234b 100644
--- a/webapps/docs/config/systemprops.xml
+++ b/webapps/docs/config/systemprops.xml
@@ -89,6 +89,15 @@
+
+ Controls whether the EL API classes make use of a privileged block to
+ obtain the thread context class loader. When using the EL API within
+ Apache Tomcat this does not need to be set as all calls are already
+ wrapped in a privileged block further up the stack. It may be required if
+ using the EL API under a SecurityManager outside of Apache Tomcat.
+ If not specified, the default of false will be used.
+
+
The number of javax.el.BeanELResolver.BeanProperties objects that will
be cached by the EL Parser.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 10.1.x updated: Fix BZ 66294. Make use of privileged block optional. Performance hotspot
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 10.1.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/10.1.x by this push:
new 7b3bc9f30e Fix BZ 66294. Make use of privileged block optional.
Performance hotspot
7b3bc9f30e is described below
commit 7b3bc9f30e927afe48b1083f54657a51643b404c
Author: Mark Thomas
AuthorDate: Tue Nov 8 13:16:32 2022 +
Fix BZ 66294. Make use of privileged block optional. Performance hotspot
https://bz.apache.org/bugzilla/show_bug.cgi?id=66294
---
java/jakarta/el/Util.java | 5 -
webapps/docs/changelog.xml | 7 +++
webapps/docs/config/systemprops.xml | 9 +
3 files changed, 20 insertions(+), 1 deletion(-)
diff --git a/java/jakarta/el/Util.java b/java/jakarta/el/Util.java
index b0a995c59b..71527d2429 100644
--- a/java/jakarta/el/Util.java
+++ b/java/jakarta/el/Util.java
@@ -43,6 +43,9 @@ class Util {
private static final Class[] EMPTY_CLASS_ARRAY = new Class[0];
private static final Object[] EMPTY_OBJECT_ARRAY = new Object[0];
+private static final boolean GET_CLASSLOADER_USE_PRIVILEGED =
+Boolean.getBoolean("org.apache.el.GET_CLASSLOADER_USE_PRIVILEGED");
+
/**
* Checks whether the supplied Throwable is one that needs to be
* rethrown and swallows all others.
@@ -655,7 +658,7 @@ class Util {
static ClassLoader getContextClassLoader() {
ClassLoader tccl;
-if (System.getSecurityManager() != null) {
+if (System.getSecurityManager() != null &&
GET_CLASSLOADER_USE_PRIVILEGED) {
PrivilegedAction pa = new PrivilegedGetTccl();
tccl = AccessController.doPrivileged(pa);
} else {
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 2db3d895a7..a3eea6f9e6 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -159,6 +159,13 @@
+
+66294: Make the use of a privileged block to obtain the
+thread context class loader added to address 62080 optional
+and disabled by default. This is now controlled by the
+org.apache.el.GET_CLASSLOADER_USE_PRIVILEGED system
+property. (markt)
+
66317: Fix for Lambda coercion security manager missing
privileges. Based on pull request #557 by Isaac Rivera Rivas (lihan)
diff --git a/webapps/docs/config/systemprops.xml
b/webapps/docs/config/systemprops.xml
index 4225fd2bec..0def5feb97 100644
--- a/webapps/docs/config/systemprops.xml
+++ b/webapps/docs/config/systemprops.xml
@@ -74,6 +74,15 @@
+
+ Controls whether the EL API classes make use of a privileged block to
+ obtain the thread context class loader. When using the EL API within
+ Apache Tomcat this does not need to be set as all calls are already
+ wrapped in a privileged block further up the stack. It may be required if
+ using the EL API under a SecurityManager outside of Apache Tomcat.
+ If not specified, the default of false will be used.
+
+
The number of jakarta.el.BeanELResolver.BeanProperties objects that
will
be cached by the EL Parser.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch main updated: Fix BZ 66294. Make use of privileged block optional. Performance hotspot
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/main by this push:
new 28ea2b9b2e Fix BZ 66294. Make use of privileged block optional.
Performance hotspot
28ea2b9b2e is described below
commit 28ea2b9b2e781d20e0651cb5e0b65bacd464150c
Author: Mark Thomas
AuthorDate: Tue Nov 8 13:16:32 2022 +
Fix BZ 66294. Make use of privileged block optional. Performance hotspot
https://bz.apache.org/bugzilla/show_bug.cgi?id=66294
---
java/jakarta/el/Util.java | 5 -
webapps/docs/changelog.xml | 7 +++
webapps/docs/config/systemprops.xml | 9 +
3 files changed, 20 insertions(+), 1 deletion(-)
diff --git a/java/jakarta/el/Util.java b/java/jakarta/el/Util.java
index b0a995c59b..71527d2429 100644
--- a/java/jakarta/el/Util.java
+++ b/java/jakarta/el/Util.java
@@ -43,6 +43,9 @@ class Util {
private static final Class[] EMPTY_CLASS_ARRAY = new Class[0];
private static final Object[] EMPTY_OBJECT_ARRAY = new Object[0];
+private static final boolean GET_CLASSLOADER_USE_PRIVILEGED =
+Boolean.getBoolean("org.apache.el.GET_CLASSLOADER_USE_PRIVILEGED");
+
/**
* Checks whether the supplied Throwable is one that needs to be
* rethrown and swallows all others.
@@ -655,7 +658,7 @@ class Util {
static ClassLoader getContextClassLoader() {
ClassLoader tccl;
-if (System.getSecurityManager() != null) {
+if (System.getSecurityManager() != null &&
GET_CLASSLOADER_USE_PRIVILEGED) {
PrivilegedAction pa = new PrivilegedGetTccl();
tccl = AccessController.doPrivileged(pa);
} else {
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 22c06cb070..33800616d7 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -167,6 +167,13 @@
+
+66294: Make the use of a privileged block to obtain the
+thread context class loader added to address 62080 optional
+and disabled by default. This is now controlled by the
+org.apache.el.GET_CLASSLOADER_USE_PRIVILEGED system
+property. (markt)
+
66317: Fix for Lambda coercion security manager missing
privileges. Based on pull request #557 by Isaac Rivera Rivas (lihan)
diff --git a/webapps/docs/config/systemprops.xml
b/webapps/docs/config/systemprops.xml
index 4225fd2bec..0def5feb97 100644
--- a/webapps/docs/config/systemprops.xml
+++ b/webapps/docs/config/systemprops.xml
@@ -74,6 +74,15 @@
+
+ Controls whether the EL API classes make use of a privileged block to
+ obtain the thread context class loader. When using the EL API within
+ Apache Tomcat this does not need to be set as all calls are already
+ wrapped in a privileged block further up the stack. It may be required if
+ using the EL API under a SecurityManager outside of Apache Tomcat.
+ If not specified, the default of false will be used.
+
+
The number of jakarta.el.BeanELResolver.BeanProperties objects that
will
be cached by the EL Parser.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 66342] magoda
https://bz.apache.org/bugzilla/show_bug.cgi?id=66342 Michael Osipov changed: What|Removed |Added Resolution|--- |INVALID Status|NEW |RESOLVED OS||All -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 66342] New: magoda
https://bz.apache.org/bugzilla/show_bug.cgi?id=66342 Bug ID: 66342 Summary: magoda Product: Tomcat Connectors Version: 1.2.46 Hardware: PC Status: NEW Severity: normal Priority: P2 Component: JK2 Assignee: dev@tomcat.apache.org Reporter: jordankelvin...@gmail.com Target Milestone: --- I am ameliaethan688, working for magoda as PR consultant. With more than 6 years experience in PR and Digital Industry, helping teams to achieve goals by streamilining the process. https://www.magoda.com/ -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch main updated (9d4c579238 -> be23ed3897)
This is an automated email from the ASF dual-hosted git repository. markt pushed a change to branch main in repository https://gitbox.apache.org/repos/asf/tomcat.git from 9d4c579238 Remove unnecessary code new bfc5243c15 Update tomcat-embed-core native metadata new 035abb846e Update tomcat-embed-el native metadata new be23ed3897 Update changelog The 3 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "add" were already present in the repository and have only been added to this reference. Summary of changes: res/graal/tomcat-embed-core/native-image/tomcat-reflection.json | 2 ++ res/graal/tomcat-embed-el/native-image/tomcat-resource.json | 2 +- webapps/docs/changelog.xml | 5 + 3 files changed, 8 insertions(+), 1 deletion(-) - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] 03/03: Update changelog
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/tomcat.git commit be23ed38972700125fa3122c68bf51cdded78a98 Author: Mark Thomas AuthorDate: Tue Nov 8 11:49:22 2022 + Update changelog --- webapps/docs/changelog.xml | 5 + 1 file changed, 5 insertions(+) diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml index fae235b53d..22c06cb070 100644 --- a/webapps/docs/changelog.xml +++ b/webapps/docs/changelog.xml @@ -206,6 +206,11 @@ Improvements to Spanish translations. (markt) + +Correct a regression in the removal of the APR connector that broke +Graal native image support. Pull request 564 provided by +Sébastien Deleuze. (markt) + - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] 02/03: Update tomcat-embed-el native metadata
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git
commit 035abb846e5374c59d9b637e7f663d89c63936ce
Author: Sébastien Deleuze
AuthorDate: Tue Nov 8 11:41:17 2022 +0100
Update tomcat-embed-el native metadata
In a37f7a11a1b644c4e9e965da730824ea656d3a3a org.apache.el.Messages
has been renamed to org.apache.el.LocalStrings.
This commit updates the native metadata accordingly.
---
res/graal/tomcat-embed-el/native-image/tomcat-resource.json | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/res/graal/tomcat-embed-el/native-image/tomcat-resource.json
b/res/graal/tomcat-embed-el/native-image/tomcat-resource.json
index 55b2fb3490..82e41a96f0 100644
--- a/res/graal/tomcat-embed-el/native-image/tomcat-resource.json
+++ b/res/graal/tomcat-embed-el/native-image/tomcat-resource.json
@@ -1,7 +1,7 @@
{
"bundles":[
{"name":"jakarta.el.LocalStrings"},
-{"name":"org.apache.el.Messages"}
+{"name":"org.apache.el.LocalStrings"}
],
"resources":[
{"pattern":".*/mbeans-descriptors.xml$"},
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] 01/03: Update tomcat-embed-core native metadata
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git
commit bfc5243c152ce16c3acc97efd2864f116cc4ba1c
Author: Sébastien Deleuze
AuthorDate: Tue Nov 8 11:38:33 2022 +0100
Update tomcat-embed-core native metadata
In Tomcat 10.0, reflection metadata on Http11AprProtocol were
registering metadata on AbstractProtocol as a side effect.
Tomcat 10.1 removed this protocol and related metadata, breaking
setting and getting properties set reflectively on protocols from
org.apache.catalina.connector.Connector.
This commit contributes reflection metadata for those properties.
---
res/graal/tomcat-embed-core/native-image/tomcat-reflection.json | 2 ++
1 file changed, 2 insertions(+)
diff --git a/res/graal/tomcat-embed-core/native-image/tomcat-reflection.json
b/res/graal/tomcat-embed-core/native-image/tomcat-reflection.json
index 66ad019304..31f01ed8f3 100644
--- a/res/graal/tomcat-embed-core/native-image/tomcat-reflection.json
+++ b/res/graal/tomcat-embed-core/native-image/tomcat-reflection.json
@@ -40,6 +40,8 @@
{ "name":"org.apache.catalina.loader.ParallelWebappClassLoader",
"allDeclaredConstructors" : true, "allPublicConstructors" : true,
"allDeclaredMethods" : true, "allPublicMethods" : true},
{ "name":"org.apache.catalina.servlets.DefaultServlet",
"allDeclaredFields":true, "allDeclaredMethods":true },
{ "name":"org.apache.catalina.valves.ErrorReportValve", "methods" : [{"name":
"","parameterTypes":[]}] },
+{ "name":"org.apache.coyote.AbstractProtocol", "methods": [{"name":
"getLocalPort","parameterTypes": []},{"name": "getPort","parameterTypes": []},
{"name": "setPortOffset","parameterTypes": ["int"]}, {"name":
"getPortOffset","parameterTypes": []}, {"name": "setPort","parameterTypes":
["int"]}]},
+{ "name":"org.apache.coyote.http11.AbstractHttp11Protocol", "methods":
[{"name": "setSecure","parameterTypes": ["boolean"]}, {"name":
"setMaxSavePostSize","parameterTypes": ["int"]}]},
{ "name":"org.apache.coyote.http11.Http11NioProtocol", "methods" : [{"name":
"","parameterTypes":[]}] },
{ "name":"org.apache.coyote.http11.Http11Nio2Protocol", "methods" : [{"name":
"","parameterTypes":[]}] },
{ "name":"org.apache.coyote.UpgradeProtocol" },
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 10.1.x updated: Update changelog
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch 10.1.x in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/10.1.x by this push: new fbd98cbd26 Update changelog fbd98cbd26 is described below commit fbd98cbd26958b327dcd78ac9994bbd83f460ba0 Author: Mark Thomas AuthorDate: Tue Nov 8 11:49:22 2022 + Update changelog --- webapps/docs/changelog.xml | 5 + 1 file changed, 5 insertions(+) diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml index 80333480dd..2db3d895a7 100644 --- a/webapps/docs/changelog.xml +++ b/webapps/docs/changelog.xml @@ -191,6 +191,11 @@ Improvements to Japanese translations. Contributed by Shirayuking. (markt) + +Correct a regression in the removal of the APR connector that broke +Graal native image support. Pull request 564 provided by +Sébastien Deleuze. (markt) + - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 10.1.x updated (423e812dec -> 853ffd0e4a)
This is an automated email from the ASF dual-hosted git repository. markt pushed a change to branch 10.1.x in repository https://gitbox.apache.org/repos/asf/tomcat.git from 423e812dec Remove unnecessary code new 2dd9920868 Update tomcat-embed-core native metadata new 853ffd0e4a Update tomcat-embed-el native metadata The 2 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "add" were already present in the repository and have only been added to this reference. Summary of changes: res/graal/tomcat-embed-core/native-image/tomcat-reflection.json | 2 ++ res/graal/tomcat-embed-el/native-image/tomcat-resource.json | 2 +- 2 files changed, 3 insertions(+), 1 deletion(-) - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] 01/02: Update tomcat-embed-core native metadata
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 10.1.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
commit 2dd9920868e97feadf8d64a1d0fe6df5ef38ba8e
Author: Sébastien Deleuze
AuthorDate: Tue Nov 8 11:38:33 2022 +0100
Update tomcat-embed-core native metadata
In Tomcat 10.0, reflection metadata on Http11AprProtocol were
registering metadata on AbstractProtocol as a side effect.
Tomcat 10.1 removed this protocol and related metadata, breaking
setting and getting properties set reflectively on protocols from
org.apache.catalina.connector.Connector.
This commit contributes reflection metadata for those properties.
---
res/graal/tomcat-embed-core/native-image/tomcat-reflection.json | 2 ++
1 file changed, 2 insertions(+)
diff --git a/res/graal/tomcat-embed-core/native-image/tomcat-reflection.json
b/res/graal/tomcat-embed-core/native-image/tomcat-reflection.json
index 66ad019304..31f01ed8f3 100644
--- a/res/graal/tomcat-embed-core/native-image/tomcat-reflection.json
+++ b/res/graal/tomcat-embed-core/native-image/tomcat-reflection.json
@@ -40,6 +40,8 @@
{ "name":"org.apache.catalina.loader.ParallelWebappClassLoader",
"allDeclaredConstructors" : true, "allPublicConstructors" : true,
"allDeclaredMethods" : true, "allPublicMethods" : true},
{ "name":"org.apache.catalina.servlets.DefaultServlet",
"allDeclaredFields":true, "allDeclaredMethods":true },
{ "name":"org.apache.catalina.valves.ErrorReportValve", "methods" : [{"name":
"","parameterTypes":[]}] },
+{ "name":"org.apache.coyote.AbstractProtocol", "methods": [{"name":
"getLocalPort","parameterTypes": []},{"name": "getPort","parameterTypes": []},
{"name": "setPortOffset","parameterTypes": ["int"]}, {"name":
"getPortOffset","parameterTypes": []}, {"name": "setPort","parameterTypes":
["int"]}]},
+{ "name":"org.apache.coyote.http11.AbstractHttp11Protocol", "methods":
[{"name": "setSecure","parameterTypes": ["boolean"]}, {"name":
"setMaxSavePostSize","parameterTypes": ["int"]}]},
{ "name":"org.apache.coyote.http11.Http11NioProtocol", "methods" : [{"name":
"","parameterTypes":[]}] },
{ "name":"org.apache.coyote.http11.Http11Nio2Protocol", "methods" : [{"name":
"","parameterTypes":[]}] },
{ "name":"org.apache.coyote.UpgradeProtocol" },
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] 02/02: Update tomcat-embed-el native metadata
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 10.1.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
commit 853ffd0e4ab01f3b3ffb07a69fe7015781059f71
Author: Sébastien Deleuze
AuthorDate: Tue Nov 8 11:41:17 2022 +0100
Update tomcat-embed-el native metadata
In a37f7a11a1b644c4e9e965da730824ea656d3a3a org.apache.el.Messages
has been renamed to org.apache.el.LocalStrings.
This commit updates the native metadata accordingly.
---
res/graal/tomcat-embed-el/native-image/tomcat-resource.json | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/res/graal/tomcat-embed-el/native-image/tomcat-resource.json
b/res/graal/tomcat-embed-el/native-image/tomcat-resource.json
index 55b2fb3490..82e41a96f0 100644
--- a/res/graal/tomcat-embed-el/native-image/tomcat-resource.json
+++ b/res/graal/tomcat-embed-el/native-image/tomcat-resource.json
@@ -1,7 +1,7 @@
{
"bundles":[
{"name":"jakarta.el.LocalStrings"},
-{"name":"org.apache.el.Messages"}
+{"name":"org.apache.el.LocalStrings"}
],
"resources":[
{"pattern":".*/mbeans-descriptors.xml$"},
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[GitHub] [tomcat] markt-asf merged pull request #564: Native metadata update for Tomcat 10.1
markt-asf merged PR #564: URL: https://github.com/apache/tomcat/pull/564 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 8.5.x updated: Remove unnecessary code
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/8.5.x by this push:
new 274945612c Remove unnecessary code
274945612c is described below
commit 274945612c96a9c24b84ef21e06bee8488d2dca8
Author: Mark Thomas
AuthorDate: Tue Nov 8 11:41:41 2022 +
Remove unnecessary code
The default async timeout is stored on the Connector and retrieved from
there by the request. The request then sets it on the Processor. It is
never used by the protocol or the endpoint.
---
java/org/apache/catalina/connector/Connector.java | 1 -
webapps/docs/changelog.xml| 4
2 files changed, 4 insertions(+), 1 deletion(-)
diff --git a/java/org/apache/catalina/connector/Connector.java
b/java/org/apache/catalina/connector/Connector.java
index d8bc16428c..151da536eb 100644
--- a/java/org/apache/catalina/connector/Connector.java
+++ b/java/org/apache/catalina/connector/Connector.java
@@ -422,7 +422,6 @@ public class Connector extends LifecycleMBeanBase {
*/
public void setAsyncTimeout(long asyncTimeout) {
this.asyncTimeout= asyncTimeout;
-setProperty("asyncTimeout", String.valueOf(asyncTimeout));
}
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index f501abd8c4..21ecf497b1 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -142,6 +142,10 @@
not to do so and remove checks for this return value. Based on
562 by tianshuang. (markt)
+
+Remove unnecessary code that exposed the asyncTimeout to
+components that never used it. (markt)
+
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 9.0.x updated: Remove unnecessary code
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/9.0.x by this push:
new 2630fcbae0 Remove unnecessary code
2630fcbae0 is described below
commit 2630fcbae089f1f74438247214d4fe622f610545
Author: Mark Thomas
AuthorDate: Tue Nov 8 11:41:41 2022 +
Remove unnecessary code
The default async timeout is stored on the Connector and retrieved from
there by the request. The request then sets it on the Processor. It is
never used by the protocol or the endpoint.
---
java/org/apache/catalina/connector/Connector.java | 1 -
webapps/docs/changelog.xml| 4
2 files changed, 4 insertions(+), 1 deletion(-)
diff --git a/java/org/apache/catalina/connector/Connector.java
b/java/org/apache/catalina/connector/Connector.java
index 9148495f0b..3066b33ab6 100644
--- a/java/org/apache/catalina/connector/Connector.java
+++ b/java/org/apache/catalina/connector/Connector.java
@@ -393,7 +393,6 @@ public class Connector extends LifecycleMBeanBase {
*/
public void setAsyncTimeout(long asyncTimeout) {
this.asyncTimeout= asyncTimeout;
-setProperty("asyncTimeout", String.valueOf(asyncTimeout));
}
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 346f510c47..76df264394 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -151,6 +151,10 @@
not to do so and remove checks for this return value. Based on
562 by tianshuang. (markt)
+
+Remove unnecessary code that exposed the asyncTimeout to
+components that never used it. (markt)
+
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 10.1.x updated (e25d13624e -> 423e812dec)
This is an automated email from the ASF dual-hosted git repository. markt pushed a change to branch 10.1.x in repository https://gitbox.apache.org/repos/asf/tomcat.git from e25d13624e NIO writes don't return -1 so neither should CLOSED_NIO_CHANNEL add 423e812dec Remove unnecessary code No new revisions were added by this update. Summary of changes: java/org/apache/catalina/connector/Connector.java | 1 - webapps/docs/changelog.xml| 4 2 files changed, 4 insertions(+), 1 deletion(-) - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch main updated: Remove unnecessary code
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/main by this push:
new 9d4c579238 Remove unnecessary code
9d4c579238 is described below
commit 9d4c57923896df66408ecb8ab6006f32df652cb3
Author: Mark Thomas
AuthorDate: Tue Nov 8 11:41:41 2022 +
Remove unnecessary code
The default async timeout is stored on the Connector and retrieved from
there by the request. The request then sets it on the Processor. It is
never used by the protocol or the endpoint.
---
java/org/apache/catalina/connector/Connector.java | 1 -
webapps/docs/changelog.xml| 4
2 files changed, 4 insertions(+), 1 deletion(-)
diff --git a/java/org/apache/catalina/connector/Connector.java
b/java/org/apache/catalina/connector/Connector.java
index 26eb13c181..26e432ef5d 100644
--- a/java/org/apache/catalina/connector/Connector.java
+++ b/java/org/apache/catalina/connector/Connector.java
@@ -400,7 +400,6 @@ public class Connector extends LifecycleMBeanBase {
*/
public void setAsyncTimeout(long asyncTimeout) {
this.asyncTimeout= asyncTimeout;
-setProperty("asyncTimeout", String.valueOf(asyncTimeout));
}
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index da5668d3f5..fae235b53d 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -159,6 +159,10 @@
not to do so and remove checks for this return value. Based on
562 by tianshuang. (markt)
+
+Remove unnecessary code that exposed the asyncTimeout to
+components that never used it. (markt)
+
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1905147 - in /tomcat/site/trunk/docs/native-doc: index.html miscellaneous/changelog.html news/2022.html
Author: markt Date: Tue Nov 8 11:06:53 2022 New Revision: 1905147 URL: http://svn.apache.org/viewvc?rev=1905147&view=rev Log: Update docs for Tomcat Native 2.0.2 release Modified: tomcat/site/trunk/docs/native-doc/index.html tomcat/site/trunk/docs/native-doc/miscellaneous/changelog.html tomcat/site/trunk/docs/native-doc/news/2022.html Modified: tomcat/site/trunk/docs/native-doc/index.html URL: http://svn.apache.org/viewvc/tomcat/site/trunk/docs/native-doc/index.html?rev=1905147&r1=1905146&r2=1905147&view=diff == --- tomcat/site/trunk/docs/native-doc/index.html (original) +++ tomcat/site/trunk/docs/native-doc/index.html Tue Nov 8 11:06:53 2022 @@ -10,10 +10,10 @@ Headlines -12 July 2022 - TC-Native-2.0.1 +08 November 2022 - TC-Native-2.0.2 released The Apache Tomcat team is proud to announce the immediate availability of -Tomcat Native 2.0.1 Stable. +Tomcat Native 2.0.2 Stable. The sources and the binaries for selected platforms are available from the Download page. Modified: tomcat/site/trunk/docs/native-doc/miscellaneous/changelog.html URL: http://svn.apache.org/viewvc/tomcat/site/trunk/docs/native-doc/miscellaneous/changelog.html?rev=1905147&r1=1905146&r2=1905147&view=diff == --- tomcat/site/trunk/docs/native-doc/miscellaneous/changelog.html (original) +++ tomcat/site/trunk/docs/native-doc/miscellaneous/changelog.html Tue Nov 8 11:06:53 2022 @@ -4,6 +4,17 @@ This is the Changelog for Apache Tomcat Native 2.0.x. The Tomcat Native 2.0.x branch started from the 1.2.33 tag. +Changes in 2.0.2 + + + Update the minimum supported version of LibreSSL to 3.5.2. Based on pull + request https://github.com/apache/tomcat-native/pull/13";>#13 provided by orbea. (markt) + + + Fix build when building with rlibtool. Pull request https://github.com/apache/tomcat-native/pull/14";>#14 provided + by orbea. (markt) + + Changes in 2.0.1 Modified: tomcat/site/trunk/docs/native-doc/news/2022.html URL: http://svn.apache.org/viewvc/tomcat/site/trunk/docs/native-doc/news/2022.html?rev=1905147&r1=1905146&r2=1905147&view=diff == --- tomcat/site/trunk/docs/native-doc/news/2022.html (original) +++ tomcat/site/trunk/docs/native-doc/news/2022.html Tue Nov 8 11:06:53 2022 @@ -1,10 +1,15 @@ The Apache Tomcat Native - News - 2022 News and Statushttp://tomcat.apache.org/";>http://www.apache.org/"; target="_blank">The Apache Tomcat Native - NewsLinksDocs Home Miscellaneous DocumentationChangelogTLS renegotiationNews20222022 News and Status2022 News & Status + 11 November 2022 - TC-Native-2.0.2 released +The Apache Tomcat team is proud to announce the immediate +availability of Tomcat Native 2.0.2. + + 12 July 2022 - TC-Native-2.0.1 released The Apache Tomcat team is proud to announce the immediate availability of Tomcat Native 2.0.1. This is the first release of the -2.0.x branch +2.0.x branch. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat-native] branch main updated: Add 2.0.2 release information
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/tomcat-native.git The following commit(s) were added to refs/heads/main by this push: new 20452f7c0 Add 2.0.2 release information 20452f7c0 is described below commit 20452f7c0d834a02c11dd6009387c14e128bf451 Author: Mark Thomas AuthorDate: Tue Nov 8 11:02:56 2022 + Add 2.0.2 release information --- xdocs/index.xml | 4 ++-- xdocs/news/2022.xml | 7 ++- 2 files changed, 8 insertions(+), 3 deletions(-) diff --git a/xdocs/index.xml b/xdocs/index.xml index e58c2a32b..950d53354 100644 --- a/xdocs/index.xml +++ b/xdocs/index.xml @@ -42,10 +42,10 @@ -12 July 2022 - TC-Native-2.0.1 +08 November 2022 - TC-Native-2.0.2 released The Apache Tomcat team is proud to announce the immediate availability of -Tomcat Native 2.0.1 Stable. +Tomcat Native 2.0.2 Stable. The sources and the binaries for selected platforms are available from the Download page. diff --git a/xdocs/news/2022.xml b/xdocs/news/2022.xml index 1c4aef511..fbfe51dff 100644 --- a/xdocs/news/2022.xml +++ b/xdocs/news/2022.xml @@ -30,10 +30,15 @@ + +The Apache Tomcat team is proud to announce the immediate +availability of Tomcat Native 2.0.2. + + The Apache Tomcat team is proud to announce the immediate availability of Tomcat Native 2.0.1. This is the first release of the -2.0.x branch +2.0.x branch. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r57882 - /dev/tomcat/tomcat-connectors/native/2.0.2/ /release/tomcat/tomcat-connectors/native/2.0.2/
Author: markt Date: Tue Nov 8 10:56:04 2022 New Revision: 57882 Log: Release Apache Tomcat Native 2.0.2 Added: release/tomcat/tomcat-connectors/native/2.0.2/ - copied from r57881, dev/tomcat/tomcat-connectors/native/2.0.2/ Removed: dev/tomcat/tomcat-connectors/native/2.0.2/ - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[VOTE][RESULT] Release Apache Tomcat Native 2.0.2
The following votes were cast: Binding: +1: remm, markt, schultz Non-binding: +1: lihan The vote therefore passes. Thanks to everyone who contributed to this release. Mark - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: [VOTE] Apache Tomcat migration tool for Jakarta EE 1.0.5
Ping. We need one more PMC vote for this release. Mark On 02/11/2022 12:43, Mark Thomas wrote: The proposed Apache Tomcat migration tool for Jakarta EE 1.0.5 is now available for voting. The significant changes since 1.0.4 are: - #37 narrow scope of javax.annotation conversion to Java EE. PR by Danny Thomas - #36 Improve manifest handling and conversion performance. PR by Danny Thomas. It can be obtained from: https://dist.apache.org/repos/dist/dev/tomcat/jakartaee-migration/v1.0.5/ The Maven staging repo is: https://repository.apache.org/content/repositories/orgapachetomcat-1404/ The tag is: https://github.com/apache/tomcat-jakartaee-migration/tree/1.0.5 d87e1ec7e67c8d61340111b796e3bb8179a6f0ba The proposed 1.0.5 release is: [ ] -1: Broken. Do not release because... [ ] +1: Acceptable. Go ahead and release. Thanks, Mark - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[GitHub] [tomcat] sdeleuze opened a new pull request, #564: Native metadata update for Tomcat 10.1
sdeleuze opened a new pull request, #564: URL: https://github.com/apache/tomcat/pull/564 This pull request fixes regressions in the Tomcat 10.1 native support compared to Tomcat 10.0. It brings back required reflection metadata on `AbstractProtocol` and `AbstractHttp11Protocol` lost after `Http11AprProtocol` removal, and rename resource metadata from `org.apache.el.Messages` to `org.apache.el.LocalStrings`. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch main updated: Another round of Panama API updates for Java 20
This is an automated email from the ASF dual-hosted git repository.
remm pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/main by this push:
new 3d1d990fb4 Another round of Panama API updates for Java 20
3d1d990fb4 is described below
commit 3d1d990fb469add362eeb51ab468d2a9eb23be0e
Author: remm
AuthorDate: Tue Nov 8 10:33:24 2022 +0100
Another round of Panama API updates for Java 20
The session now hides its lifecycle from segments.
Back to using the cleaner since the close action is removed (there is a
close action on unsafe segments instead).
---
.../util/net/openssl/panama/OpenSSLContext.java| 54 +++---
.../util/net/openssl/panama/OpenSSLEngine.java | 51 +++-
.../openssl/panama/OpenSSLLifecycleListener.java | 4 +-
.../net/openssl/panama/OpenSSLSessionContext.java | 6 +--
.../apache/tomcat/util/openssl/RuntimeHelper.java | 2 +-
5 files changed, 61 insertions(+), 56 deletions(-)
diff --git
a/modules/openssl-foreign/src/main/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLContext.java
b/modules/openssl-foreign/src/main/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLContext.java
index 47d2f5aaca..fa336091a8 100644
---
a/modules/openssl-foreign/src/main/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLContext.java
+++
b/modules/openssl-foreign/src/main/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLContext.java
@@ -20,10 +20,10 @@ import static org.apache.tomcat.util.openssl.openssl_h.*;
import static org.apache.tomcat.util.openssl.openssl_compat_h.*;
import java.io.File;
+import java.lang.foreign.Arena;
import java.lang.foreign.FunctionDescriptor;
import java.lang.foreign.Linker;
import java.lang.foreign.MemorySegment;
-import java.lang.foreign.MemorySession;
import java.lang.foreign.SegmentAllocator;
import java.lang.foreign.ValueLayout;
import java.lang.invoke.MethodHandle;
@@ -205,7 +205,7 @@ public class OpenSSLContext implements
org.apache.tomcat.util.net.SSLContext {
this.sslHostConfig = certificate.getSSLHostConfig();
this.certificate = certificate;
-MemorySession contextMemorySession = MemorySession.openShared();
+Arena contextMemorySession = Arena.openShared();
MemorySegment sslCtx = MemorySegment.NULL;
MemorySegment confCtx = MemorySegment.NULL;
@@ -222,7 +222,7 @@ public class OpenSSLContext implements
org.apache.tomcat.util.net.SSLContext {
confCtx = SSL_CONF_CTX_new();
long errCode = ERR_get_error();
if (errCode != 0) {
-try (var memorySession = MemorySession.openConfined())
{
+try (var memorySession = Arena.openConfined()) {
var buf =
memorySession.allocateArray(ValueLayout.JAVA_BYTE, new byte[128]);
ERR_error_string(errCode, buf);
log.error(sm.getString("openssl.errorLoadingCertificate",
buf.getUtf8String(0)));
@@ -329,7 +329,7 @@ public class OpenSSLContext implements
org.apache.tomcat.util.net.SSLContext {
// Set int pem_password_cb(char *buf, int size, int rwflag, void
*u) callback
openSSLCallbackPassword =
Linker.nativeLinker().upcallStub(openSSLCallbackPasswordHandle,
-openSSLCallbackPasswordFunctionDescriptor,
contextMemorySession);
+openSSLCallbackPasswordFunctionDescriptor,
contextMemorySession.session());
SSL_CTX_set_default_passwd_cb(sslCtx, openSSLCallbackPassword);
alpn = (negotiableProtocols != null && negotiableProtocols.size()
> 0);
@@ -400,7 +400,7 @@ public class OpenSSLContext implements
org.apache.tomcat.util.net.SSLContext {
if (log.isDebugEnabled()) {
log.debug(sm.getString("opensslconf.checkCommand", name,
value));
}
-try (var memorySession = MemorySession.openConfined()) {
+try (var memorySession = Arena.openConfined()) {
// rc = SSLConf.check(confCtx, name, value);
if (name.equals("NO_OCSP_CHECK")) {
rc = 1;
@@ -475,7 +475,7 @@ public class OpenSSLContext implements
org.apache.tomcat.util.net.SSLContext {
if (log.isDebugEnabled()) {
log.debug(sm.getString("opensslconf.applyCommand", name,
value));
}
-try (var memorySession = MemorySession.openConfined()) {
+try (var memorySession = Arena.openConfined()) {
// rc = SSLConf.apply(confCtx, name, value);
if (name.equals("NO_OCSP_CHECK")) {
noOcspCheck = Boolean.valueOf(value);
@@ -533,7 +533,7 @@ public class OpenSSLContext implements
org.apache.tomcat.util.net.SSLContext {
log.wa
svn commit: r1905145 - in /tomcat/site/trunk: docs/presentations.html xdocs/presentations.xml
Author: huxing
Date: Tue Nov 8 08:06:09 2022
New Revision: 1905145
URL: http://svn.apache.org/viewvc?rev=1905145&view=rev
Log:
Add ApacheCon Asia 2022 talks
Modified:
tomcat/site/trunk/docs/presentations.html
tomcat/site/trunk/xdocs/presentations.xml
Modified: tomcat/site/trunk/docs/presentations.html
URL:
http://svn.apache.org/viewvc/tomcat/site/trunk/docs/presentations.html?rev=1905145&r1=1905144&r2=1905145&view=diff
==
--- tomcat/site/trunk/docs/presentations.html (original)
+++ tomcat/site/trunk/docs/presentations.html Tue Nov 8 08:06:09 2022
@@ -62,6 +62,40 @@ li.targeted {
+ApacheCon Asia
2022
+
+
+State of the Cat - Mark Thomas,
+slides,
+https://www.youtube.com/watch?v=Sun8EF0jTZk";>video
+
+
+Design and implementation of application graceful shutdown based on Tomcat
- Zihao Rao,
+slides,
+https://www.youtube.com/watch?v=lnp51wz4PlQ";>video (Chinese)
+
+
+Extending Valves in Tomcat - Dennis Jacob,
+slides,
+https://www.youtube.com/watch?v=Jmw-d0kyZ_4";>video
+
+
+The application practice of Tomcat in Kuaishou - Yang Song,
+slides,
+https://www.youtube.com/watch?v=40hRY00TbV8";>video (Chinese)
+
+
+Jakarta EE - Mark Thomas,
+slides,
+https://www.youtube.com/watch?v=C0y3w8yBeWg";>video
+
+
+How we use and optimize Tomcat at Alibaba - Huxing Zhang,
+slides,
+https://www.youtube.com/watch?v=LTMSjzgyNb8";>video
+
+
+
ApacheCon @Home
2021
Modified: tomcat/site/trunk/xdocs/presentations.xml
URL:
http://svn.apache.org/viewvc/tomcat/site/trunk/xdocs/presentations.xml?rev=1905145&r1=1905144&r2=1905145&view=diff
==
--- tomcat/site/trunk/xdocs/presentations.xml (original)
+++ tomcat/site/trunk/xdocs/presentations.xml Tue Nov 8 08:06:09 2022
@@ -70,6 +70,40 @@ li.targeted {
+
+
+
+State of the Cat - Mark Thomas,
+slides,
+https://www.youtube.com/watch?v=Sun8EF0jTZk";>video
+
+
+Design and implementation of application graceful shutdown based on Tomcat
- Zihao Rao,
+slides,
+https://www.youtube.com/watch?v=lnp51wz4PlQ";>video (Chinese)
+
+
+Extending Valves in Tomcat - Dennis Jacob,
+slides,
+https://www.youtube.com/watch?v=Jmw-d0kyZ_4";>video
+
+
+The application practice of Tomcat in Kuaishou - Yang Song,
+slides,
+https://www.youtube.com/watch?v=40hRY00TbV8";>video (Chinese)
+
+
+Jakarta EE - Mark Thomas,
+slides,
+https://www.youtube.com/watch?v=C0y3w8yBeWg";>video
+
+
+How we use and optimize Tomcat at Alibaba - Huxing Zhang,
+slides,
+https://www.youtube.com/watch?v=LTMSjzgyNb8";>video
+
+
+
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
