Re: [VOTE] Release Apache Tomcat 8.5.94 [CORRECTION]

[Mark Thomas]

On 09/10/2023 19:01, Christopher Schultz wrote:


The proposed 8.5.94 release is:
[ ] Broken - do not release
[X] Stable - go ahead and release as 8.5.94 (stable)


Build is reproducible.

Unit tests pass on M1 MacOS, Linux and Windows.

Mark

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: [VOTE] Release Apache Tomcat 8.5.94 [CORRECTION]

[Han Li]

Christopher Schultz  于2023年10月10日周二 06:02写道：

> All,
>
> On 10/9/23 17:55, Christopher Schultz wrote:
> > The proposed Apache Tomcat 8.5.94 release is now available for voting.
> >
> > The notable changes compared to 8.5.93 are:
> >
> > - Update Tomcat Native to 1.2.39 to pick up Windows binaries built with
> >OpenSSL 3.0.11.
> >
> > - Provide a lifecycle listener that will automatically reload TLS
> >configurations a set time before the certificate is due to expire.
> >This is intended to be used with third-party tools that regularly
> >renew TLS certificates.
> >
> > - Improve performance of EL expressions in JSPs that use implicit
> >objects.
> >
> > - Several improvements to thread safety and recycling cleanup.
> >
> > Along with lots of other bug fixes and improvements.
> >
> > For full details, see the changelog:
> > https://nightlies.apache.org/tomcat/tomcat-8.5.x/docs/changelog.html
> >
> > It can be obtained from:
> > https://dist.apache.org/repos/dist/dev/tomcat/tomcat-8/v8.5.94/
> >
> > The Maven staging repo is:
> > https://repository.apache.org/content/repositories/orgapachetomcat-1436
>
> I had the Maven staging URL incorrect. Please use this one instead:
> https://repository.apache.org/content/repositories/orgapachetomcat-1457
>
> > The tag is:
> > https://github.com/apache/tomcat/tree/8.5.94/
> > 36d4f7d698f71cd322204a3b242a97c54860fb8c
> >
> > The proposed 8.5.94 release is:
> > [ ] Broken - do not release
> > [ X] Stable - go ahead and release as 8.5.94 (stable)
>

Han

>
> -
> To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: dev-h...@tomcat.apache.org
>
>

Re: [VOTE] Release Apache Tomcat 8.5.94 [CORRECTION]

[Igal Sapir]

On Mon, Oct 9, 2023 at 3:02 PM Christopher Schultz <
ch...@christopherschultz.net> wrote:

> All,
>
> On 10/9/23 17:55, Christopher Schultz wrote:
> > The proposed Apache Tomcat 8.5.94 release is now available for voting.
> >
> > The notable changes compared to 8.5.93 are:
> >
> > - Update Tomcat Native to 1.2.39 to pick up Windows binaries built with
> >OpenSSL 3.0.11.
> >
> > - Provide a lifecycle listener that will automatically reload TLS
> >configurations a set time before the certificate is due to expire.
> >This is intended to be used with third-party tools that regularly
> >renew TLS certificates.
> >
> > - Improve performance of EL expressions in JSPs that use implicit
> >objects.
> >
> > - Several improvements to thread safety and recycling cleanup.
> >
> > Along with lots of other bug fixes and improvements.
> >
> > For full details, see the changelog:
> > https://nightlies.apache.org/tomcat/tomcat-8.5.x/docs/changelog.html
> >
> > It can be obtained from:
> > https://dist.apache.org/repos/dist/dev/tomcat/tomcat-8/v8.5.94/
> >
> > The Maven staging repo is:
> > https://repository.apache.org/content/repositories/orgapachetomcat-1436
>
> I had the Maven staging URL incorrect. Please use this one instead:
> https://repository.apache.org/content/repositories/orgapachetomcat-1457
>
> > The tag is:
> > https://github.com/apache/tomcat/tree/8.5.94/
> > 36d4f7d698f71cd322204a3b242a97c54860fb8c
> >
> > The proposed 8.5.94 release is:
> > [ ] Broken - do not release
> > [X] Stable - go ahead and release as 8.5.94 (stable)
>

+1

Build is reproducible and unit tests passed on Ubuntu 22.04 with Java
1.8u382

Igal



>
> -
> To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: dev-h...@tomcat.apache.org
>
>

Re: [VOTE] Release Apache Tomcat 8.5.94 [CORRECTION]

[Igal Sapir]

Chris,

On Mon, Oct 9, 2023 at 7:29 PM Christopher Schultz <
ch...@christopherschultz.net> wrote:

> Igal,
>
> On 10/9/23 18:53, Igal Sapir wrote:
> > Chris,
> >
> > On Mon, Oct 9, 2023 at 3:22 PM Christopher Schultz <
> > ch...@christopherschultz.net> wrote:
> >
> >> Igal,
> >>
> >> On 10/9/23 18:13, Igal Sapir wrote:
> >>> Chris,
> >>>
> >>> I'm getting some errors when I run `ant clean test` with Java
> 1.8.0_322 -
> >>> any ideas?
> >>
> >> Yes, you will need to set some build properties. Have a look at this
> >> script and look ad what I do with the "opens":
> >>
> >>
> >>
> https://github.com/ChristopherSchultz/apache-tomcat-stuff/blob/master/bin/test-tomcat-release.sh#L269
> >
> >
> > OK, now I got two failures (details below):
> >
> >[concat] Testsuites with failed tests:
> >[concat] TEST-org.apache.tomcat.util.net.jsse.TestPEMFile.NIO2.txt
>
> Hmm, I thought this was fixed for Java 8.something-earlier-than-yours.
> I'm using 1.8.0_372 on Linux and it passes all unit tests with this
> build.properties:
>
> base.path=/path/to/downloads
> execute.validate=true
> java.7.home=/usr/local/java-7
> opens.javalang=-Dnop
> opens.javaio=-Dnop
> opens.sunrmi=-Dnop
> opens.javautil=-Dnop
> opens.javautilconcurrent=-Dnop
> test.openssl.unimplemented=IDEA
> test.openssl.loc=/path/to/openssl
>
> Maybe it behaves differently on Windows?
>

To clarify, I'm running Ubuntu 22.04


>
> >
> /workspace/build/tomcat/8.5.x/build/logs/TEST-org.apache.tomcat.websocket.TestWsWebSocketContainerSSL.NIO2.txt
> >
> > Testsuite: org.apache.tomcat.websocket.TestWsWebSocketContainerSSL
> > Tests run: 1, Failures: 0, Errors: 1, Skipped: 0, Time elapsed: 1.864 sec
> > - Standard Error -
> > 09-Oct-2023 15:49:12.260 INFO [main]
> > org.apache.catalina.startup.LoggingBaseTest.setUp Starting test case
> > [testConnectToServerEndpointSSL]
> > 09-Oct-2023 15:49:13.038 INFO [main]
> > org.apache.coyote.AbstractProtocol.init Initializing ProtocolHandler
> > ["https-jsse-nio2-127.0.0.1-auto-1"]
> > 09-Oct-2023 15:49:13.327 INFO [main]
> > org.apache.tomcat.util.net.AbstractEndpoint.logCertificate Connector
> > [https-jsse-nio2-127.0.0.1-auto-1], TLS virtual host [
> > _default_], certificate type [UNDEFINED] configured from keystore
> >
> [/workspace/src/tomcat/8.5.x/test/org/apache/tomcat/util/net/localhost-rsa.jks]
> > using alias [t
> > omcat] with trust store
> > [/workspace/src/tomcat/8.5.x/test/org/apache/tomcat/util/net/ca.jks]
> > 09-Oct-2023 15:49:13.341 INFO [main]
> > org.apache.catalina.core.StandardService.startInternal Starting service
> > [Tomcat]
> > 09-Oct-2023 15:49:13.342 INFO [main]
> > org.apache.catalina.core.StandardEngine.startInternal Starting Servlet
> > engine: [Apache Tomcat/8.5.94]
> > 09-Oct-2023 15:49:13.633 INFO [main]
> > org.apache.coyote.AbstractProtocol.start Starting ProtocolHandler
> > ["https-jsse-nio2-127.0.0.1-auto-1-44075"]
> > 09-Oct-2023 15:49:13.677 INFO [main]
> > org.apache.coyote.AbstractProtocol.pause Pausing ProtocolHandler
> > ["https-jsse-nio2-127.0.0.1-auto-1-44075"]
> > 09-Oct-2023 15:49:13.679 INFO [main]
> > org.apache.catalina.core.StandardService.stopInternal Stopping service
> > [Tomcat]
> > 09-Oct-2023 15:49:13.696 INFO [main]
> > org.apache.coyote.AbstractProtocol.stop Stopping ProtocolHandler
> > ["https-jsse-nio2-127.0.0.1-auto-1-44075"]
> > 09-Oct-2023 15:49:13.702 INFO [main]
> > org.apache.coyote.AbstractProtocol.destroy Destroying ProtocolHandler
> > ["https-jsse-nio2-127.0.0.1-auto-1-44075"]
> > -  ---
> >
> > Testcase: testConnectToServerEndpointSSL took 1.793 sec
> > Caused an ERROR
> > The HTTP request to initiate the WebSocket connection to
> > [wss://localhost:44075/echoAsync] failed
> > javax.websocket.DeploymentException: The HTTP request to initiate the
> > WebSocket connection to [wss://localhost:44075/echoAsync] failed
> > at
> >
> org.apache.tomcat.websocket.WsWebSocketContainer.connectToServerRecursive(WsWebSocketContainer.java:428)
> >
> > at
> >
> org.apache.tomcat.websocket.WsWebSocketContainer.connectToServer(WsWebSocketContainer.java:170)
> >
> > at
> >
> org.apache.tomcat.websocket.TestWsWebSocketContainerSSL.testConnectToServerEndpointSSL(TestWsWebSocketContainerSSL.java:64)
> >
> > Caused by: java.util.concurrent.ExecutionException:
> > javax.net.ssl.SSLHandshakeException: No appropriate protocol (protocol is
> > disabled or cipher suites are inap
> > propriate)
> > at
> >
> org.apache.tomcat.websocket.AsyncChannelWrapperSecure$WrapperFuture.get(AsyncChannelWrapperSecure.java:489)
> >
> > at
> >
> org.apache.tomcat.websocket.WsWebSocketContainer.connectToServerRecursive(WsWebSocketContainer.java:320)
> >
> > Caused by: javax.net.ssl.SSLHandshakeException: No appropriate protocol
> > (protocol is disabled or cipher suites are inappropriate)
> > at
> > sun.security.ssl.HandshakeContext.(HandshakeContext.java:171)
> > 

Re: [VOTE] Release Apache Tomcat 9.0.81

[Mark Thomas]

On 09/10/2023 18:36, Rémy Maucherat wrote:


The proposed 9.0.81 release is:
[ ] -1, Broken - do not release
[X] +1, Stable - go ahead and release as 9.0.81


Build is reproducible.

Tests pass on M1 MacOS, Windows and Linux.

There were some intermittent test failures for APR/Native on Windows. 
They appear to be related to stopping the connector.


Mark

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: [VOTE] Release Apache Tomcat 8.5.94

[Han Li]

> On Oct 10, 2023, at 05:55, Christopher Schultz  
> wrote:
> 
> The proposed Apache Tomcat 8.5.94 release is now available for voting.
> 
> The notable changes compared to 8.5.93 are:
> 
> - Update Tomcat Native to 1.2.39 to pick up Windows binaries built with
>  OpenSSL 3.0.11.
> 
> - Provide a lifecycle listener that will automatically reload TLS
>  configurations a set time before the certificate is due to expire.
>  This is intended to be used with third-party tools that regularly
>  renew TLS certificates.
> 
> - Improve performance of EL expressions in JSPs that use implicit
>  objects.
> 
> - Several improvements to thread safety and recycling cleanup.
> 
> Along with lots of other bug fixes and improvements.
> 
> For full details, see the changelog:
> https://nightlies.apache.org/tomcat/tomcat-8.5.x/docs/changelog.html
> 
> It can be obtained from:
> https://dist.apache.org/repos/dist/dev/tomcat/tomcat-8/v8.5.94/
> 
> The Maven staging repo is:
> https://repository.apache.org/content/repositories/orgapachetomcat-1436
> 
> The tag is:
> https://github.com/apache/tomcat/tree/8.5.94/
> 36d4f7d698f71cd322204a3b242a97c54860fb8c
> 
> The proposed 8.5.94 release is:
> [ ] Broken - do not release
> [X] Stable - go ahead and release as 8.5.94 (stable)


Han
> 
> -
> To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: dev-h...@tomcat.apache.org
> 


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: [VOTE] Release Apache Tomcat 10.1.14

[Christopher Schultz]

All,

On 10/9/23 18:18, Christopher Schultz wrote:

The proposed Apache Tomcat 10.1.14 release is now available for
voting.

The notable changes compared to 10.1.13 are:

- Update Tomcat Native to 1.2.39 to pick up Windows binaries built with
   OpenSSL 3.0.11.

- Provide a lifecycle listener that will automatically reload TLS
   configurations a set time before the certificate is due to expire.
   This is intended to be used with third-party tools that regularly
   renew TLS certificates.

- Improve performance of EL expressions in JSPs that use implicit
   objects.

- Several improvements to thread safety and recycling cleanup.

For full details, see the change log:
https://nightlies.apache.org/tomcat/tomcat-10.1.x/docs/changelog.html

Applications that run on Tomcat 9 and earlier will not run on Tomcat 10 
without changes. Java EE applications designed for Tomcat 9 and earlier 
may be placed in the $CATALINA_BASE/webapps-javaee directory and Tomcat 
will automatically convert them to Jakarta EE and copy them to the 
webapps directory.


It can be obtained from:
https://dist.apache.org/repos/dist/dev/tomcat/tomcat-10/v10.1.14/

The Maven staging repo is:
https://repository.apache.org/content/repositories/orgapachetomcat-1459

The tag is:
https://github.com/apache/tomcat/tree/10.1.14
5feba31fa86b38bd645bf9cc1ddee883ad7bc6a4

The proposed 10.1.14 release is:
[ ] Broken - do not release
[X] Stable - go ahead and release as 10.1.14


+1 for stable release

Builds clean and unit test pass with one exception on MacOS. Did not 
test with APR/OpenSSL.


Details:
java version "11.0.10" 2021-01-19 LTS
Java(TM) SE Runtime Environment 18.9 (build 11.0.10+8-LTS-162)
Java HotSpot(TM) 64-Bit Server VM 18.9 (build 11.0.10+8-LTS-162, mixed mode)

   [concat] Testsuites with failed tests:
   [concat] TEST-org.apache.tomcat.util.net.jsse.TestPEMFile.NIO.txt
   [concat] TEST-org.apache.tomcat.util.net.jsse.TestPEMFile.NIO2.txt

Failure details:
Testsuite: org.apache.tomcat.util.net.jsse.TestPEMFile
Tests run: 6, Failures: 0, Errors: 1, Skipped: 0, Time elapsed: 0.163 sec

Testcase: testKeyEncryptedPkcs1DesEde3Cbc took 0.104 sec
Testcase: testKeyPkcs1WithUnnecessaryPassword took 0.001 sec
Testcase: testKeyEncryptedPkcs8 took 0.045 sec
Caused an ERROR
Cannot retrieve the PKCS8EncodedKeySpec
java.security.spec.InvalidKeySpecException: Cannot retrieve the 
PKCS8EncodedKeySpec
at 
java.base/javax.crypto.EncryptedPrivateKeyInfo.getKeySpec(EncryptedPrivateKeyInfo.java:255)
at 
org.apache.tomcat.util.net.jsse.PEMFile$Part.toPrivateKey(PEMFile.java:228)

at org.apache.tomcat.util.net.jsse.PEMFile.(PEMFile.java:153)
at org.apache.tomcat.util.net.jsse.PEMFile.(PEMFile.java:102)
at org.apache.tomcat.util.net.jsse.PEMFile.(PEMFile.java:97)
at 
org.apache.tomcat.util.net.jsse.TestPEMFile.testKey(TestPEMFile.java:79)
at 
org.apache.tomcat.util.net.jsse.TestPEMFile.testKeyEncrypted(TestPEMFile.java:74)
at 
org.apache.tomcat.util.net.jsse.TestPEMFile.testKeyEncryptedPkcs8(TestPEMFile.java:69)
at 
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native 
Method)
at 
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at 
java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
Caused by: javax.crypto.BadPaddingException: Given final block not 
properly padded. Such issues can arise if a bad key is used during 
decryption.
at 
java.base/com.sun.crypto.provider.CipherCore.unpad(CipherCore.java:975)
at 
java.base/com.sun.crypto.provider.CipherCore.fillOutputBuffer(CipherCore.java:1056)
at 
java.base/com.sun.crypto.provider.CipherCore.doFinal(CipherCore.java:853)
at 
java.base/com.sun.crypto.provider.PBES2Core.engineDoFinal(PBES2Core.java:323)

at java.base/javax.crypto.Cipher.doFinal(Cipher.java:2202)
at 
java.base/javax.crypto.EncryptedPrivateKeyInfo.getKeySpec(EncryptedPrivateKeyInfo.java:250)


Testcase: testKeyPkcs1 took 0.001 sec
Testcase: testKeyEncryptedPkcs1Aes256 took 0.001 sec
Testcase: testKeyEncryptedPkcs1DesCbc took 0.001 sec

Re-running the tests repeated the same failure. Looking at my voting on 
10.1.11 indicates that upgrading to Java 11.0.19 may resolve this issue. 
I'm traveling and my local environment has Java 11.0.10 so I'm going to 
blame it on the OID issue likely resolved in Java 11 whose workaround 
was removed by markt in c4ffcf56a669aba1e508a0e769892f178879c1f5.


-chris

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: [VOTE] Release Apache Tomcat 8.5.94 [CORRECTION]

[Christopher Schultz]

Igal,

On 10/9/23 18:53, Igal Sapir wrote:

Chris,

On Mon, Oct 9, 2023 at 3:22 PM Christopher Schultz <
ch...@christopherschultz.net> wrote:


Igal,

On 10/9/23 18:13, Igal Sapir wrote:

Chris,

I'm getting some errors when I run `ant clean test` with Java 1.8.0_322 -
any ideas?


Yes, you will need to set some build properties. Have a look at this
script and look ad what I do with the "opens":


https://github.com/ChristopherSchultz/apache-tomcat-stuff/blob/master/bin/test-tomcat-release.sh#L269



OK, now I got two failures (details below):

   [concat] Testsuites with failed tests:
   [concat] TEST-org.apache.tomcat.util.net.jsse.TestPEMFile.NIO2.txt


Hmm, I thought this was fixed for Java 8.something-earlier-than-yours. 
I'm using 1.8.0_372 on Linux and it passes all unit tests with this 
build.properties:


base.path=/path/to/downloads
execute.validate=true
java.7.home=/usr/local/java-7
opens.javalang=-Dnop
opens.javaio=-Dnop
opens.sunrmi=-Dnop
opens.javautil=-Dnop
opens.javautilconcurrent=-Dnop
test.openssl.unimplemented=IDEA
test.openssl.loc=/path/to/openssl

Maybe it behaves differently on Windows?



/workspace/build/tomcat/8.5.x/build/logs/TEST-org.apache.tomcat.websocket.TestWsWebSocketContainerSSL.NIO2.txt

Testsuite: org.apache.tomcat.websocket.TestWsWebSocketContainerSSL
Tests run: 1, Failures: 0, Errors: 1, Skipped: 0, Time elapsed: 1.864 sec
- Standard Error -
09-Oct-2023 15:49:12.260 INFO [main]
org.apache.catalina.startup.LoggingBaseTest.setUp Starting test case
[testConnectToServerEndpointSSL]
09-Oct-2023 15:49:13.038 INFO [main]
org.apache.coyote.AbstractProtocol.init Initializing ProtocolHandler
["https-jsse-nio2-127.0.0.1-auto-1"]
09-Oct-2023 15:49:13.327 INFO [main]
org.apache.tomcat.util.net.AbstractEndpoint.logCertificate Connector
[https-jsse-nio2-127.0.0.1-auto-1], TLS virtual host [
_default_], certificate type [UNDEFINED] configured from keystore
[/workspace/src/tomcat/8.5.x/test/org/apache/tomcat/util/net/localhost-rsa.jks]
using alias [t
omcat] with trust store
[/workspace/src/tomcat/8.5.x/test/org/apache/tomcat/util/net/ca.jks]
09-Oct-2023 15:49:13.341 INFO [main]
org.apache.catalina.core.StandardService.startInternal Starting service
[Tomcat]
09-Oct-2023 15:49:13.342 INFO [main]
org.apache.catalina.core.StandardEngine.startInternal Starting Servlet
engine: [Apache Tomcat/8.5.94]
09-Oct-2023 15:49:13.633 INFO [main]
org.apache.coyote.AbstractProtocol.start Starting ProtocolHandler
["https-jsse-nio2-127.0.0.1-auto-1-44075"]
09-Oct-2023 15:49:13.677 INFO [main]
org.apache.coyote.AbstractProtocol.pause Pausing ProtocolHandler
["https-jsse-nio2-127.0.0.1-auto-1-44075"]
09-Oct-2023 15:49:13.679 INFO [main]
org.apache.catalina.core.StandardService.stopInternal Stopping service
[Tomcat]
09-Oct-2023 15:49:13.696 INFO [main]
org.apache.coyote.AbstractProtocol.stop Stopping ProtocolHandler
["https-jsse-nio2-127.0.0.1-auto-1-44075"]
09-Oct-2023 15:49:13.702 INFO [main]
org.apache.coyote.AbstractProtocol.destroy Destroying ProtocolHandler
["https-jsse-nio2-127.0.0.1-auto-1-44075"]
-  ---

Testcase: testConnectToServerEndpointSSL took 1.793 sec
Caused an ERROR
The HTTP request to initiate the WebSocket connection to
[wss://localhost:44075/echoAsync] failed
javax.websocket.DeploymentException: The HTTP request to initiate the
WebSocket connection to [wss://localhost:44075/echoAsync] failed
at
org.apache.tomcat.websocket.WsWebSocketContainer.connectToServerRecursive(WsWebSocketContainer.java:428)

at
org.apache.tomcat.websocket.WsWebSocketContainer.connectToServer(WsWebSocketContainer.java:170)

at
org.apache.tomcat.websocket.TestWsWebSocketContainerSSL.testConnectToServerEndpointSSL(TestWsWebSocketContainerSSL.java:64)

Caused by: java.util.concurrent.ExecutionException:
javax.net.ssl.SSLHandshakeException: No appropriate protocol (protocol is
disabled or cipher suites are inap
propriate)
at
org.apache.tomcat.websocket.AsyncChannelWrapperSecure$WrapperFuture.get(AsyncChannelWrapperSecure.java:489)

at
org.apache.tomcat.websocket.WsWebSocketContainer.connectToServerRecursive(WsWebSocketContainer.java:320)

Caused by: javax.net.ssl.SSLHandshakeException: No appropriate protocol
(protocol is disabled or cipher suites are inappropriate)
at
sun.security.ssl.HandshakeContext.(HandshakeContext.java:171)
at
sun.security.ssl.ClientHandshakeContext.(ClientHandshakeContext.java:103)

at
sun.security.ssl.TransportContext.kickstart(TransportContext.java:220)
at
sun.security.ssl.SSLEngineImpl.beginHandshake(SSLEngineImpl.java:97)
at
org.apache.tomcat.websocket.AsyncChannelWrapperSecure$WebSocketSslHandshakeThread.run(AsyncChannelWrapperSecure.java:347)


This one I cannot explain at all. Which connector failed this test? APR, 
NIO, or NIO2. They should all behave the same way, so if one of them 
fails I'd expect the others to fail. So if one of 

Re: [VOTE] Release Apache Tomcat 8.5.94 [CORRECTION]

[Christopher Schultz]

All,

On 10/9/23 18:01, Christopher Schultz wrote:

All,

On 10/9/23 17:55, Christopher Schultz wrote:

The proposed Apache Tomcat 8.5.94 release is now available for voting.

The notable changes compared to 8.5.93 are:

- Update Tomcat Native to 1.2.39 to pick up Windows binaries built with
   OpenSSL 3.0.11.

- Provide a lifecycle listener that will automatically reload TLS
   configurations a set time before the certificate is due to expire.
   This is intended to be used with third-party tools that regularly
   renew TLS certificates.

- Improve performance of EL expressions in JSPs that use implicit
   objects.

- Several improvements to thread safety and recycling cleanup.

Along with lots of other bug fixes and improvements.

For full details, see the changelog:
https://nightlies.apache.org/tomcat/tomcat-8.5.x/docs/changelog.html

It can be obtained from:
https://dist.apache.org/repos/dist/dev/tomcat/tomcat-8/v8.5.94/

The Maven staging repo is:
https://repository.apache.org/content/repositories/orgapachetomcat-1436


I had the Maven staging URL incorrect. Please use this one instead:
https://repository.apache.org/content/repositories/orgapachetomcat-1457


The tag is:
https://github.com/apache/tomcat/tree/8.5.94/
36d4f7d698f71cd322204a3b242a97c54860fb8c

The proposed 8.5.94 release is:
[ ] Broken - do not release
[X] Stable - go ahead and release as 8.5.94 (stable)


+1 for release stable.

Works on a vanilla servlet-based application in a development environment.

Some notes: checkstyle is unhappy about Java 8 again. I think we need to 
keep the checkstyle version low enough to allow a Java 8-based build. 
Though we always release using Java 11, the build should work for Java 8 
so I think we need to downgrade checkstyle. There is no reason to stop 
the release for this.


Details:

* Environment
*  Java (build): openjdk version "1.8.0_372" OpenJDK Runtime 
Environment (Temurin)(build 1.8.0_372-b07) OpenJDK 64-Bit Server VM 
(Temurin)(build 25.372-b07, mixed mode)
*  Java (test): openjdk version "1.8.0_372" OpenJDK Runtime 
Environment (Temurin)(build 1.8.0_372-b07) OpenJDK 64-Bit Server VM 
(Temurin)(build 25.372-b07, mixed mode)

*  OS:   Linux 6.1.0-12-amd64 x86_64
*  cc:   cc (Debian 12.2.0-14) 12.2.0
*  make: GNU Make 4.3
*  OpenSSL:  OpenSSL 1.1.1 11 Sep 2018
*  APR:  1.7.2
*
* Valid SHA-512 signature for apache-tomcat-8.5.94.zip
* Valid GPG signature for apache-tomcat-8.5.94.zip
* Valid SHA-512 signature for apache-tomcat-8.5.94.tar.gz
* Valid GPG signature for apache-tomcat-8.5.94.tar.gz
* Valid SHA-512 signature for apache-tomcat-8.5.94.exe
* Valid GPG signature for apache-tomcat-8.5.94.exe
* Valid Windows Digital Signature for apache-tomcat-8.5.94.exe
* Valid SHA512 signature for apache-tomcat-8.5.94-src.zip
* Valid GPG signature for apache-tomcat-8.5.94-src.zip
* Valid SHA512 signature for apache-tomcat-8.5.94-src.tar.gz
* Valid GPG signature for apache-tomcat-8.5.94-src.tar.gz
*
* Binary Zip and tarball: Same
* Source Zip and tarball: Same
*
* Building dependencies returned: 0
* tcnative builds cleanly
* Tomcat builds cleanly
* Junit Tests: PASSED

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch main updated: Fix typo.

[lihan]

This is an automated email from the ASF dual-hosted git repository.

lihan pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/main by this push:
 new 2fab725c2e Fix typo.
2fab725c2e is described below

commit 2fab725c2e8f7d7653617a25e831d3be4726eee0
Author: lihan 
AuthorDate: Tue Oct 10 09:52:29 2023 +0800

Fix typo.
---
 java/org/apache/catalina/valves/FilterValve.java | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/java/org/apache/catalina/valves/FilterValve.java 
b/java/org/apache/catalina/valves/FilterValve.java
index 2ac4ace086..2f47845322 100644
--- a/java/org/apache/catalina/valves/FilterValve.java
+++ b/java/org/apache/catalina/valves/FilterValve.java
@@ -203,7 +203,7 @@ public class FilterValve extends ValveBase implements 
FilterConfig {
 return executor;
 } else {
 throw new UnsupportedOperationException(
-"This ServletContet is not really 
meant to be used.");
+"This ServletContext is not really 
meant to be used.");
 }
 }
 });


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: [VOTE] Release Apache Tomcat 10.1.14

[Mark Thomas]

On 09/10/2023 19:18, Christopher Schultz wrote:


The proposed 10.1.14 release is:
[ ] Broken - do not release
[X] Stable - go ahead and release as 10.1.14


Build is reproducible.

Unit tests pass on M1 MacOS, Linux and Windows.

Mark

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: [VOTE] Release Apache Tomcat 9.0.81

[Han Li]

> On Oct 10, 2023, at 05:36, Rémy Maucherat  wrote:
> 
> The proposed Apache Tomcat 9.0.81 release is now available for voting.
> 
> The notable changes compared to 9.0.80 are:
> 
> - Provide a lifecycle listener that will automatically
>  reload TLS configurations a set time before the certificate is due to
>  expire. This is intended to be used with third-party tools that
>  regularly renew TLS certificates.
> 
> - Align validation of HTTP trailer fields with standard fields.
> 
> - Improvements to HTTP/2 overhead protection.
> 
> - Improve performance of EL expressions in JSPs that use
>  implicit objects.
> 
> Along with lots of other bug fixes and improvements.
> 
> For full details, see the changelog:
> https://nightlies.apache.org/tomcat/tomcat-9.0.x/docs/changelog.html
> 
> It can be obtained from:
> https://dist.apache.org/repos/dist/dev/tomcat/tomcat-9/v9.0.81/
> The Maven staging repo is:
> https://repository.apache.org/content/repositories/orgapachetomcat-1455
> The tag is:
> https://github.com/apache/tomcat/tree/9.0.81
> 90a0120a60faf9a3a657b113a7e2cdda2112be91
> 
> The proposed 9.0.81 release is:
> [ ] -1, Broken - do not release
> [X ] +1, Stable - go ahead and release as 9.0.81

Han
> 
> Rémy
> 
> -
> To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: dev-h...@tomcat.apache.org
> 


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: [VOTE] Release Apache Tomcat 10.1.14

[Han Li]

> On Oct 10, 2023, at 06:18, Christopher Schultz  
> wrote:
> 
> The proposed Apache Tomcat 10.1.14 release is now available for
> voting.
> 
> The notable changes compared to 10.1.13 are:
> 
> - Update Tomcat Native to 1.2.39 to pick up Windows binaries built with
>  OpenSSL 3.0.11.
> 
> - Provide a lifecycle listener that will automatically reload TLS
>  configurations a set time before the certificate is due to expire.
>  This is intended to be used with third-party tools that regularly
>  renew TLS certificates.
> 
> - Improve performance of EL expressions in JSPs that use implicit
>  objects.
> 
> - Several improvements to thread safety and recycling cleanup.
> 
> For full details, see the change log:
> https://nightlies.apache.org/tomcat/tomcat-10.1.x/docs/changelog.html
> 
> Applications that run on Tomcat 9 and earlier will not run on Tomcat 10 
> without changes. Java EE applications designed for Tomcat 9 and earlier may 
> be placed in the $CATALINA_BASE/webapps-javaee directory and Tomcat will 
> automatically convert them to Jakarta EE and copy them to the webapps 
> directory.
> 
> It can be obtained from:
> https://dist.apache.org/repos/dist/dev/tomcat/tomcat-10/v10.1.14/
> 
> The Maven staging repo is:
> https://repository.apache.org/content/repositories/orgapachetomcat-1459
> 
> The tag is:
> https://github.com/apache/tomcat/tree/10.1.14
> 5feba31fa86b38bd645bf9cc1ddee883ad7bc6a4
> 
> The proposed 10.1.14 release is:
> [ ] Broken - do not release
> [X] Stable - go ahead and release as 10.1.14

Han
> 
> -
> To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: dev-h...@tomcat.apache.org
> 


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: [VOTE] Release Apache Tomcat 11.0.0-M12

[Mark Thomas]

On 09/10/2023 18:42, Mark Thomas wrote:


The proposed 11.0.0-M12 release is:
[ ] -1 Broken - do not release
[X] +1 Alpha  - go ahead and release as 11.0.0-M12


Build is reproducible.

Unit tests pass on M1 MacOS, Windows & Linux.

Mark

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: [VOTE] Release Apache Tomcat 11.0.0-M12

[Han Li]

> On Oct 10, 2023, at 05:42, Mark Thomas  wrote:
> 
> The proposed Apache Tomcat 11.0.0-M12 release is now available for
> voting.
> 
> Apache Tomcat 11.0.0-M12 is a milestone release of the 11.0.x branch and has 
> been made to provide users with early access to the new features in Apache 
> Tomcat 11.0.x so that they may provide feedback. The notable changes compared 
> to the previous milestone include:
> 
> - Provide a lifecycle listener that will automatically
>  reload TLS configurations a set time before the certificate is due to
>  expire. This is intended to be used with third-party tools that
>  regularly renew TLS certificates.
> 
> - Remove support for HTTP/2 server push
> 
> - Update Tomcat Native to 2.0.6 to pick up Windows binaries built with
>  OpenSSL 3.0.11
> 
> For full details, see the change log:
> https://nightlies.apache.org/tomcat/tomcat-11.0.x/docs/changelog.html
> 
> Applications that run on Tomcat 9 and earlier will not run on Tomcat 11 
> without changes. Java EE applications designed for Tomcat 9 and earlier may 
> be placed in the $CATALINA_BASE/webapps-javaee directory and Tomcat will 
> automatically convert them to Jakarta EE and copy them to the webapps 
> directory. Applications using deprecated APIs may require further changes.
> 
> It can be obtained from:
> https://dist.apache.org/repos/dist/dev/tomcat/tomcat-11/v11.0.0-M12/
> 
> The Maven staging repo is:
> https://repository.apache.org/content/repositories/orgapachetomcat-1456
> 
> The tag is:
> https://github.com/apache/tomcat/tree/11.0.0-M12
> 5a67c7c58d8caf24969093e6423b7f0b43df2f6a
> 
> 
> The proposed 11.0.0-M12 release is:
> [ ] -1 Broken - do not release
> [X ] +1 Alpha  - go ahead and release as 11.0.0-M12

Han
> 
> -
> To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: dev-h...@tomcat.apache.org
> 


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: [VOTE] Release Apache Tomcat 9.0.81

[Coty Sutherland]

On Mon, Oct 9, 2023 at 5:36 PM Rémy Maucherat  wrote:

> The proposed Apache Tomcat 9.0.81 release is now available for voting.
>
> The notable changes compared to 9.0.80 are:
>
> - Provide a lifecycle listener that will automatically
>   reload TLS configurations a set time before the certificate is due to
>   expire. This is intended to be used with third-party tools that
>   regularly renew TLS certificates.
>
> - Align validation of HTTP trailer fields with standard fields.
>
> - Improvements to HTTP/2 overhead protection.
>
> - Improve performance of EL expressions in JSPs that use
>   implicit objects.
>
> Along with lots of other bug fixes and improvements.
>
> For full details, see the changelog:
> https://nightlies.apache.org/tomcat/tomcat-9.0.x/docs/changelog.html
>
> It can be obtained from:
> https://dist.apache.org/repos/dist/dev/tomcat/tomcat-9/v9.0.81/
> The Maven staging repo is:
> https://repository.apache.org/content/repositories/orgapachetomcat-1455
> The tag is:
> https://github.com/apache/tomcat/tree/9.0.81
> 90a0120a60faf9a3a657b113a7e2cdda2112be91
>
> The proposed 9.0.81 release is:
> [ ] -1, Broken - do not release
> [x] +1, Stable - go ahead and release as 9.0.81
>

Looks good on Fedora 38 with OpenJDK 17.

Re: [VOTE] Release Apache Tomcat 11.0.0-M12

[Coty Sutherland]

On Mon, Oct 9, 2023 at 9:22 PM Coty Sutherland  wrote:

>
>
> On Mon, Oct 9, 2023 at 5:42 PM Mark Thomas  wrote:
>
>> The proposed Apache Tomcat 11.0.0-M12 release is now available for
>> voting.
>>
>> Apache Tomcat 11.0.0-M12 is a milestone release of the 11.0.x branch and
>> has been made to provide users with early access to the new features in
>> Apache Tomcat 11.0.x so that they may provide feedback. The notable
>> changes compared to the previous milestone include:
>>
>> - Provide a lifecycle listener that will automatically
>>reload TLS configurations a set time before the certificate is due to
>>expire. This is intended to be used with third-party tools that
>>regularly renew TLS certificates.
>>
>> - Remove support for HTTP/2 server push
>>
>> - Update Tomcat Native to 2.0.6 to pick up Windows binaries built with
>>OpenSSL 3.0.11
>>
>> For full details, see the change log:
>> https://nightlies.apache.org/tomcat/tomcat-11.0.x/docs/changelog.html
>>
>> Applications that run on Tomcat 9 and earlier will not run on Tomcat 11
>> without changes. Java EE applications designed for Tomcat 9 and earlier
>> may be placed in the $CATALINA_BASE/webapps-javaee directory and Tomcat
>> will automatically convert them to Jakarta EE and copy them to the
>> webapps directory. Applications using deprecated APIs may require
>> further changes.
>>
>> It can be obtained from:
>> https://dist.apache.org/repos/dist/dev/tomcat/tomcat-11/v11.0.0-M12/
>>
>> The Maven staging repo is:
>> https://repository.apache.org/content/repositories/orgapachetomcat-1456
>>
>> The tag is:
>> https://github.com/apache/tomcat/tree/11.0.0-M12
>> 5a67c7c58d8caf24969093e6423b7f0b43df2f6a
>>
>>
>> The proposed 11.0.0-M12 release is:
>> [ ] -1 Broken - do not release
>> [x] +1 Alpha  - go ahead and release as 11.0.0-M12
>>
>
> Unit tests pass on Fedora 38 with OpenJDK 17.
>

Er, I meant OpenJDK 21 :)

Re: [VOTE] Release Apache Tomcat 10.1.14

[Coty Sutherland]

On Mon, Oct 9, 2023 at 6:19 PM Christopher Schultz <
ch...@christopherschultz.net> wrote:

> The proposed Apache Tomcat 10.1.14 release is now available for
> voting.
>
> The notable changes compared to 10.1.13 are:
>
> - Update Tomcat Native to 1.2.39 to pick up Windows binaries built with
>OpenSSL 3.0.11.
>
> - Provide a lifecycle listener that will automatically reload TLS
>configurations a set time before the certificate is due to expire.
>This is intended to be used with third-party tools that regularly
>renew TLS certificates.
>
> - Improve performance of EL expressions in JSPs that use implicit
>objects.
>
> - Several improvements to thread safety and recycling cleanup.
>
> For full details, see the change log:
> https://nightlies.apache.org/tomcat/tomcat-10.1.x/docs/changelog.html
>
> Applications that run on Tomcat 9 and earlier will not run on Tomcat 10
> without changes. Java EE applications designed for Tomcat 9 and earlier
> may be placed in the $CATALINA_BASE/webapps-javaee directory and Tomcat
> will automatically convert them to Jakarta EE and copy them to the
> webapps directory.
>
> It can be obtained from:
> https://dist.apache.org/repos/dist/dev/tomcat/tomcat-10/v10.1.14/
>
> The Maven staging repo is:
> https://repository.apache.org/content/repositories/orgapachetomcat-1459
>
> The tag is:
> https://github.com/apache/tomcat/tree/10.1.14
> 5feba31fa86b38bd645bf9cc1ddee883ad7bc6a4
>
> The proposed 10.1.14 release is:
> [ ] Broken - do not release
> [x] Stable - go ahead and release as 10.1.14
>

+1, unit tests pass on Fedora 38 with OpenJDK 17.

Re: [VOTE] Release Apache Tomcat 11.0.0-M12

[Coty Sutherland]

On Mon, Oct 9, 2023 at 5:42 PM Mark Thomas  wrote:

> The proposed Apache Tomcat 11.0.0-M12 release is now available for
> voting.
>
> Apache Tomcat 11.0.0-M12 is a milestone release of the 11.0.x branch and
> has been made to provide users with early access to the new features in
> Apache Tomcat 11.0.x so that they may provide feedback. The notable
> changes compared to the previous milestone include:
>
> - Provide a lifecycle listener that will automatically
>reload TLS configurations a set time before the certificate is due to
>expire. This is intended to be used with third-party tools that
>regularly renew TLS certificates.
>
> - Remove support for HTTP/2 server push
>
> - Update Tomcat Native to 2.0.6 to pick up Windows binaries built with
>OpenSSL 3.0.11
>
> For full details, see the change log:
> https://nightlies.apache.org/tomcat/tomcat-11.0.x/docs/changelog.html
>
> Applications that run on Tomcat 9 and earlier will not run on Tomcat 11
> without changes. Java EE applications designed for Tomcat 9 and earlier
> may be placed in the $CATALINA_BASE/webapps-javaee directory and Tomcat
> will automatically convert them to Jakarta EE and copy them to the
> webapps directory. Applications using deprecated APIs may require
> further changes.
>
> It can be obtained from:
> https://dist.apache.org/repos/dist/dev/tomcat/tomcat-11/v11.0.0-M12/
>
> The Maven staging repo is:
> https://repository.apache.org/content/repositories/orgapachetomcat-1456
>
> The tag is:
> https://github.com/apache/tomcat/tree/11.0.0-M12
> 5a67c7c58d8caf24969093e6423b7f0b43df2f6a
>
>
> The proposed 11.0.0-M12 release is:
> [ ] -1 Broken - do not release
> [x] +1 Alpha  - go ahead and release as 11.0.0-M12
>

Unit tests pass on Fedora 38 with OpenJDK 17.


>
> -
> To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: dev-h...@tomcat.apache.org
>
>

Re: [VOTE] Release Apache Tomcat 9.0.81

[jean-frederic clere]

On 10/9/23 23:36, Rémy Maucherat wrote:

[X] +1, Stable - go ahead and release as 9.0.81


tested with tc-native-1.2.39 on fedora 38

--
Cheers

Jean-Frederic


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: [VOTE] Release Apache Tomcat 10.1.14

[Emmanuel Bourg]

Le 10/10/2023 à 00:18, Christopher Schultz a écrit :


The proposed 10.1.14 release is:
[ ] Broken - do not release
[X] Stable - go ahead and release as 10.1.14


It looks good on Debian with OpenJDK 17.

Emmanuel Bourg


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Buildbot failure in on tomcat-9.0.x

[buildbot]

Build status: BUILD FAILED: failed Snapshot deployed to ASF Maven snapshot 
repository (failure)
Worker used: bb_worker2_ubuntu
URL: https://ci2.apache.org/#builders/37/builds/723
Blamelist: remm 
Build Text: failed Snapshot deployed to ASF Maven snapshot repository (failure)
Status Detected: new failure
Build Source Stamp: [branch 9.0.x] 520b2f22a03ab913798d82eed878e3e56fe7cd0f


Steps:

  worker_preparation: 0

  git: 0

  shell: 0

  shell_1: 0

  shell_2: 0

  shell_3: 0

  shell_4: 0

  shell_5: 0

  compile: 1

  shell_6: 0

  shell_7: 0

  shell_8: 2


-- ASF Buildbot


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: [VOTE] Release Apache Tomcat 10.1.14

[Igal Sapir]

On Mon, Oct 9, 2023 at 3:19 PM Christopher Schultz <
ch...@christopherschultz.net> wrote:

> The proposed Apache Tomcat 10.1.14 release is now available for
> voting.
>
> The notable changes compared to 10.1.13 are:
>
> - Update Tomcat Native to 1.2.39 to pick up Windows binaries built with
>OpenSSL 3.0.11.
>
> - Provide a lifecycle listener that will automatically reload TLS
>configurations a set time before the certificate is due to expire.
>This is intended to be used with third-party tools that regularly
>renew TLS certificates.
>
> - Improve performance of EL expressions in JSPs that use implicit
>objects.
>
> - Several improvements to thread safety and recycling cleanup.
>
> For full details, see the change log:
> https://nightlies.apache.org/tomcat/tomcat-10.1.x/docs/changelog.html
>
> Applications that run on Tomcat 9 and earlier will not run on Tomcat 10
> without changes. Java EE applications designed for Tomcat 9 and earlier
> may be placed in the $CATALINA_BASE/webapps-javaee directory and Tomcat
> will automatically convert them to Jakarta EE and copy them to the
> webapps directory.
>
> It can be obtained from:
> https://dist.apache.org/repos/dist/dev/tomcat/tomcat-10/v10.1.14/
>
> The Maven staging repo is:
> https://repository.apache.org/content/repositories/orgapachetomcat-1459
>
> The tag is:
> https://github.com/apache/tomcat/tree/10.1.14
> 5feba31fa86b38bd645bf9cc1ddee883ad7bc6a4
>
> The proposed 10.1.14 release is:
> [ ] Broken - do not release
> [X] Stable - go ahead and release as 10.1.14
>

Unit tests passed on Ubuntu 22.04

Igal



>
> -
> To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: dev-h...@tomcat.apache.org
>
>

Re: [VOTE] Release Apache Tomcat 8.5.94 [CORRECTION]

[Igal Sapir]

Chris,

On Mon, Oct 9, 2023 at 3:22 PM Christopher Schultz <
ch...@christopherschultz.net> wrote:

> Igal,
>
> On 10/9/23 18:13, Igal Sapir wrote:
> > Chris,
> >
> > I'm getting some errors when I run `ant clean test` with Java 1.8.0_322 -
> > any ideas?
>
> Yes, you will need to set some build properties. Have a look at this
> script and look ad what I do with the "opens":
>
>
> https://github.com/ChristopherSchultz/apache-tomcat-stuff/blob/master/bin/test-tomcat-release.sh#L269


OK, now I got two failures (details below):

  [concat] Testsuites with failed tests:
  [concat] TEST-org.apache.tomcat.util.net.jsse.TestPEMFile.NIO2.txt
  [concat]
TEST-org.apache.tomcat.websocket.TestWsWebSocketContainerSSL.NIO2.txt

❯ cat
/workspace/build/tomcat/8.5.x/build/logs/TEST-org.apache.tomcat.util.net.jsse.TestPEMFile.NIO2.txt

Testsuite: org.apache.tomcat.util.net.jsse.TestPEMFile
Tests run: 6, Failures: 0, Errors: 1, Skipped: 0, Time elapsed: 0.569 sec

Testcase: testKeyEncryptedPkcs1DesEde3Cbc took 0.264 sec
Testcase: testKeyPkcs1WithUnnecessaryPassword took 0.013 sec
Testcase: testKeyEncryptedPkcs8 took 0.202 sec
   Caused an ERROR
Cannot retrieve the PKCS8EncodedKeySpec
java.security.spec.InvalidKeySpecException: Cannot retrieve the
PKCS8EncodedKeySpec
   at
javax.crypto.EncryptedPrivateKeyInfo.getKeySpec(EncryptedPrivateKeyInfo.java:258)

   at
org.apache.tomcat.util.net.jsse.PEMFile$Part.toPrivateKey(PEMFile.java:228)
   at org.apache.tomcat.util.net.jsse.PEMFile.(PEMFile.java:153)
   at org.apache.tomcat.util.net.jsse.PEMFile.(PEMFile.java:102)
   at org.apache.tomcat.util.net.jsse.PEMFile.(PEMFile.java:97)
   at
org.apache.tomcat.util.net.jsse.TestPEMFile.testKey(TestPEMFile.java:79)
   at
org.apache.tomcat.util.net.jsse.TestPEMFile.testKeyEncrypted(TestPEMFile.java:74)

   at
org.apache.tomcat.util.net.jsse.TestPEMFile.testKeyEncryptedPkcs8(TestPEMFile.java:69)

Caused by: javax.crypto.BadPaddingException: Given final block not properly
padded. Such issues can arise if a bad key is used during decryption.
   at com.sun.crypto.provider.CipherCore.unpad(CipherCore.java:975)
   at
com.sun.crypto.provider.CipherCore.fillOutputBuffer(CipherCore.java:1056)
   at com.sun.crypto.provider.CipherCore.doFinal(CipherCore.java:853)
   at
com.sun.crypto.provider.PBES2Core.engineDoFinal(PBES2Core.java:323)
   at javax.crypto.Cipher.doFinal(Cipher.java:2168)
   at
javax.crypto.EncryptedPrivateKeyInfo.getKeySpec(EncryptedPrivateKeyInfo.java:253)


Testcase: testKeyPkcs1 took 0.001 sec
Testcase: testKeyEncryptedPkcs1Aes256 took 0.025 sec
Testcase: testKeyEncryptedPkcs1DesCbc took 0.007 sec

❯ cat
/workspace/build/tomcat/8.5.x/build/logs/TEST-org.apache.tomcat.websocket.TestWsWebSocketContainerSSL.NIO2.txt

Testsuite: org.apache.tomcat.websocket.TestWsWebSocketContainerSSL
Tests run: 1, Failures: 0, Errors: 1, Skipped: 0, Time elapsed: 1.864 sec
- Standard Error -
09-Oct-2023 15:49:12.260 INFO [main]
org.apache.catalina.startup.LoggingBaseTest.setUp Starting test case
[testConnectToServerEndpointSSL]
09-Oct-2023 15:49:13.038 INFO [main]
org.apache.coyote.AbstractProtocol.init Initializing ProtocolHandler
["https-jsse-nio2-127.0.0.1-auto-1"]
09-Oct-2023 15:49:13.327 INFO [main]
org.apache.tomcat.util.net.AbstractEndpoint.logCertificate Connector
[https-jsse-nio2-127.0.0.1-auto-1], TLS virtual host [
_default_], certificate type [UNDEFINED] configured from keystore
[/workspace/src/tomcat/8.5.x/test/org/apache/tomcat/util/net/localhost-rsa.jks]
using alias [t
omcat] with trust store
[/workspace/src/tomcat/8.5.x/test/org/apache/tomcat/util/net/ca.jks]
09-Oct-2023 15:49:13.341 INFO [main]
org.apache.catalina.core.StandardService.startInternal Starting service
[Tomcat]
09-Oct-2023 15:49:13.342 INFO [main]
org.apache.catalina.core.StandardEngine.startInternal Starting Servlet
engine: [Apache Tomcat/8.5.94]
09-Oct-2023 15:49:13.633 INFO [main]
org.apache.coyote.AbstractProtocol.start Starting ProtocolHandler
["https-jsse-nio2-127.0.0.1-auto-1-44075"]
09-Oct-2023 15:49:13.677 INFO [main]
org.apache.coyote.AbstractProtocol.pause Pausing ProtocolHandler
["https-jsse-nio2-127.0.0.1-auto-1-44075"]
09-Oct-2023 15:49:13.679 INFO [main]
org.apache.catalina.core.StandardService.stopInternal Stopping service
[Tomcat]
09-Oct-2023 15:49:13.696 INFO [main]
org.apache.coyote.AbstractProtocol.stop Stopping ProtocolHandler
["https-jsse-nio2-127.0.0.1-auto-1-44075"]
09-Oct-2023 15:49:13.702 INFO [main]
org.apache.coyote.AbstractProtocol.destroy Destroying ProtocolHandler
["https-jsse-nio2-127.0.0.1-auto-1-44075"]
-  ---

Testcase: testConnectToServerEndpointSSL took 1.793 sec
   Caused an ERROR
The HTTP request to initiate the WebSocket connection to
[wss://localhost:44075/echoAsync] failed
javax.websocket.DeploymentException: The HTTP request to initiate the
WebSocket connection to [wss://localhost:44075/echoAsync] 

Re: [VOTE] Release Apache Tomcat 11.0.0-M12

[Igal Sapir]

On Mon, Oct 9, 2023 at 2:42 PM Mark Thomas  wrote:

> The proposed Apache Tomcat 11.0.0-M12 release is now available for
> voting.
>
> Apache Tomcat 11.0.0-M12 is a milestone release of the 11.0.x branch and
> has been made to provide users with early access to the new features in
> Apache Tomcat 11.0.x so that they may provide feedback. The notable
> changes compared to the previous milestone include:
>
> - Provide a lifecycle listener that will automatically
>reload TLS configurations a set time before the certificate is due to
>expire. This is intended to be used with third-party tools that
>regularly renew TLS certificates.
>
> - Remove support for HTTP/2 server push
>
> - Update Tomcat Native to 2.0.6 to pick up Windows binaries built with
>OpenSSL 3.0.11
>
> For full details, see the change log:
> https://nightlies.apache.org/tomcat/tomcat-11.0.x/docs/changelog.html
>
> Applications that run on Tomcat 9 and earlier will not run on Tomcat 11
> without changes. Java EE applications designed for Tomcat 9 and earlier
> may be placed in the $CATALINA_BASE/webapps-javaee directory and Tomcat
> will automatically convert them to Jakarta EE and copy them to the
> webapps directory. Applications using deprecated APIs may require
> further changes.
>
> It can be obtained from:
> https://dist.apache.org/repos/dist/dev/tomcat/tomcat-11/v11.0.0-M12/
>
> The Maven staging repo is:
> https://repository.apache.org/content/repositories/orgapachetomcat-1456
>
> The tag is:
> https://github.com/apache/tomcat/tree/11.0.0-M12
> 5a67c7c58d8caf24969093e6423b7f0b43df2f6a
>
>
> The proposed 11.0.0-M12 release is:
> [ ] -1 Broken - do not release
> [X] +1 Alpha  - go ahead and release as 11.0.0-M12
>

Unit tests passed on Ubuntu 22.04

Igal



>
> -
> To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: dev-h...@tomcat.apache.org
>
>

Buildbot success in on tomcat-11.0.x

[buildbot]

Build status: Build succeeded!
Worker used: bb_worker2_ubuntu
URL: https://ci2.apache.org/#builders/112/builds/664
Blamelist: Christopher Schultz , Mark Thomas 
, remm 
Build Text: build successful
Status Detected: restored build
Build Source Stamp: [branch main] 6a96bcadb934051bd3054fb21989caf868106c29


Steps:

  worker_preparation: 0

  git: 0

  shell: 0

  shell_1: 0

  shell_2: 0

  shell_3: 0

  shell_4: 0

  shell_5: 0

  compile: 1

  shell_6: 0

  shell_7: 0

  shell_8: 0

  shell_9: 0

  Rsync docs to nightlies.apache.org: 0

  shell_10: 0

  Rsync RAT to nightlies.apache.org: 0

  compile_1: 1

  shell_11: 0

  Rsync Logs to nightlies.apache.org: 0


-- ASF Buildbot


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: [VOTE] Release Apache Tomcat 8.5.94 [CORRECTION]

[Christopher Schultz]

Igal,

On 10/9/23 18:13, Igal Sapir wrote:

Chris,

I'm getting some errors when I run `ant clean test` with Java 1.8.0_322 -
any ideas?


Yes, you will need to set some build properties. Have a look at this 
script and look ad what I do with the "opens":


https://github.com/ChristopherSchultz/apache-tomcat-stuff/blob/master/bin/test-tomcat-release.sh#L269

-chris


test-nio2:
[junit] Unrecognized option: --add-opens=java.base/java.lang=ALL-UNNAMED
[junit] Error: Could not create the Java Virtual Machine.
[junit] Error: A fatal exception has occurred. Program will exit.
[junit] Unrecognized option: --add-opens=java.base/java.lang=ALL-UNNAMED
[junit] Error: Could not create the Java Virtual Machine.
[junit] Error: A fatal exception has occurred. Program will exit.
[junit] Unrecognized option: --add-opens=java.base/java.lang=ALL-UNNAMED
[junit] Error: Could not create the Java Virtual Machine.
[junit] Unrecognized option: --add-opens=java.base/java.lang=ALL-UNNAMED
[junit] Error: Could not create the Java Virtual Machine.
[junit] Error: A fatal exception has occurred. Program will exit.
[junit] Error: A fatal exception has occurred. Program will exit.
[junit] Unrecognized option: --add-opens=java.base/java.lang=ALL-UNNAMED
[junit] Error: Could not create the Java Virtual Machine.
[junit] Error: A fatal exception has occurred. Program will exit.
[junit] Unrecognized option: --add-opens=java.base/java.lang=ALL-UNNAMED
[junit] Error: Could not create the Java Virtual Machine.
[junit] Error: A fatal exception has occurred. Program will exit.
[junit] Running javax.el.TestArrayELResolver in thread 1
[junit] Running javax.el.TestBeanELResolver in thread 2
[junit] Tests run: 1, Failures: 0, Errors: 1, Skipped: 0, Time elapsed:
0 sec, Thread: 1, Class: javax.el.TestArrayELResolver
[junit] Tests run: 1, Failures: 0, Errors: 1, Skipped: 0, Time elapsed:
0 sec, Thread: 2, Class: javax.el.TestBeanELResolver
[junit] Test javax.el.TestArrayELResolver FAILED (crashed)
[junit] Test javax.el.TestBeanELResolver FAILED (crashed)
[junit] Running javax.el.TestBeanNameELResolver in thread 4
[junit] Tests run: 1, Failures: 0, Errors: 1, Skipped: 0, Time elapsed:
0 sec, Thread: 4, Class: javax.el.TestBeanNameELResolver
[junit] Test javax.el.TestBeanNameELResolver FAILED (crashed)
[junit] Running javax.el.TestELContext in thread 6
[junit] Tests run: 1, Failures: 0, Errors: 1, Skipped: 0, Time elapsed:
0 sec, Thread: 6, Class: javax.el.TestELContext
[junit] Test javax.el.TestELContext FAILED (crashed)

BUILD FAILED
/workspace/src/tomcat/8.5.x/build.xml:1544: The following error occurred
while executing this line:
/workspace/src/tomcat/8.5.x/build.xml:1594: Context loader has not been
reset

Total time: 18 seconds

Igal

On Mon, Oct 9, 2023 at 3:02 PM Christopher Schultz <
ch...@christopherschultz.net> wrote:


All,

On 10/9/23 17:55, Christopher Schultz wrote:

The proposed Apache Tomcat 8.5.94 release is now available for voting.

The notable changes compared to 8.5.93 are:

- Update Tomcat Native to 1.2.39 to pick up Windows binaries built with
OpenSSL 3.0.11.

- Provide a lifecycle listener that will automatically reload TLS
configurations a set time before the certificate is due to expire.
This is intended to be used with third-party tools that regularly
renew TLS certificates.

- Improve performance of EL expressions in JSPs that use implicit
objects.

- Several improvements to thread safety and recycling cleanup.

Along with lots of other bug fixes and improvements.

For full details, see the changelog:
https://nightlies.apache.org/tomcat/tomcat-8.5.x/docs/changelog.html

It can be obtained from:
https://dist.apache.org/repos/dist/dev/tomcat/tomcat-8/v8.5.94/

The Maven staging repo is:
https://repository.apache.org/content/repositories/orgapachetomcat-1436


I had the Maven staging URL incorrect. Please use this one instead:
https://repository.apache.org/content/repositories/orgapachetomcat-1457


The tag is:
https://github.com/apache/tomcat/tree/8.5.94/
36d4f7d698f71cd322204a3b242a97c54860fb8c

The proposed 8.5.94 release is:
[ ] Broken - do not release
[ ] Stable - go ahead and release as 8.5.94 (stable)









-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org






-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[VOTE] Release Apache Tomcat 10.1.14

[Christopher Schultz]

The proposed Apache Tomcat 10.1.14 release is now available for
voting.

The notable changes compared to 10.1.13 are:

- Update Tomcat Native to 1.2.39 to pick up Windows binaries built with
  OpenSSL 3.0.11.

- Provide a lifecycle listener that will automatically reload TLS
  configurations a set time before the certificate is due to expire.
  This is intended to be used with third-party tools that regularly
  renew TLS certificates.

- Improve performance of EL expressions in JSPs that use implicit
  objects.

- Several improvements to thread safety and recycling cleanup.

For full details, see the change log:
https://nightlies.apache.org/tomcat/tomcat-10.1.x/docs/changelog.html

Applications that run on Tomcat 9 and earlier will not run on Tomcat 10 
without changes. Java EE applications designed for Tomcat 9 and earlier 
may be placed in the $CATALINA_BASE/webapps-javaee directory and Tomcat 
will automatically convert them to Jakarta EE and copy them to the 
webapps directory.


It can be obtained from:
https://dist.apache.org/repos/dist/dev/tomcat/tomcat-10/v10.1.14/

The Maven staging repo is:
https://repository.apache.org/content/repositories/orgapachetomcat-1459

The tag is:
https://github.com/apache/tomcat/tree/10.1.14
5feba31fa86b38bd645bf9cc1ddee883ad7bc6a4

The proposed 10.1.14 release is:
[ ] Broken - do not release
[ ] Stable - go ahead and release as 10.1.14

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

svn commit: r64438 - in /dev/tomcat/tomcat-10/v10.1.14: ./ bin/ bin/embed/ src/

[schultz]

Author: schultz
Date: Mon Oct  9 22:15:07 2023
New Revision: 64438

Log:
Upload 10.1.14 for voting.

Added:
dev/tomcat/tomcat-10/v10.1.14/
dev/tomcat/tomcat-10/v10.1.14/KEYS
dev/tomcat/tomcat-10/v10.1.14/README.html
dev/tomcat/tomcat-10/v10.1.14/RELEASE-NOTES
dev/tomcat/tomcat-10/v10.1.14/bin/
dev/tomcat/tomcat-10/v10.1.14/bin/README.html
dev/tomcat/tomcat-10/v10.1.14/bin/apache-tomcat-10.1.14-deployer.tar.gz   
(with props)
dev/tomcat/tomcat-10/v10.1.14/bin/apache-tomcat-10.1.14-deployer.tar.gz.asc

dev/tomcat/tomcat-10/v10.1.14/bin/apache-tomcat-10.1.14-deployer.tar.gz.sha512
dev/tomcat/tomcat-10/v10.1.14/bin/apache-tomcat-10.1.14-deployer.zip   
(with props)
dev/tomcat/tomcat-10/v10.1.14/bin/apache-tomcat-10.1.14-deployer.zip.asc
dev/tomcat/tomcat-10/v10.1.14/bin/apache-tomcat-10.1.14-deployer.zip.sha512
dev/tomcat/tomcat-10/v10.1.14/bin/apache-tomcat-10.1.14-fulldocs.tar.gz   
(with props)
dev/tomcat/tomcat-10/v10.1.14/bin/apache-tomcat-10.1.14-fulldocs.tar.gz.asc

dev/tomcat/tomcat-10/v10.1.14/bin/apache-tomcat-10.1.14-fulldocs.tar.gz.sha512
dev/tomcat/tomcat-10/v10.1.14/bin/apache-tomcat-10.1.14-windows-x64.zip   
(with props)
dev/tomcat/tomcat-10/v10.1.14/bin/apache-tomcat-10.1.14-windows-x64.zip.asc

dev/tomcat/tomcat-10/v10.1.14/bin/apache-tomcat-10.1.14-windows-x64.zip.sha512
dev/tomcat/tomcat-10/v10.1.14/bin/apache-tomcat-10.1.14-windows-x86.zip   
(with props)
dev/tomcat/tomcat-10/v10.1.14/bin/apache-tomcat-10.1.14-windows-x86.zip.asc

dev/tomcat/tomcat-10/v10.1.14/bin/apache-tomcat-10.1.14-windows-x86.zip.sha512
dev/tomcat/tomcat-10/v10.1.14/bin/apache-tomcat-10.1.14.exe   (with props)
dev/tomcat/tomcat-10/v10.1.14/bin/apache-tomcat-10.1.14.exe.asc
dev/tomcat/tomcat-10/v10.1.14/bin/apache-tomcat-10.1.14.exe.sha512
dev/tomcat/tomcat-10/v10.1.14/bin/apache-tomcat-10.1.14.tar.gz   (with 
props)
dev/tomcat/tomcat-10/v10.1.14/bin/apache-tomcat-10.1.14.tar.gz.asc
dev/tomcat/tomcat-10/v10.1.14/bin/apache-tomcat-10.1.14.tar.gz.sha512
dev/tomcat/tomcat-10/v10.1.14/bin/apache-tomcat-10.1.14.zip   (with props)
dev/tomcat/tomcat-10/v10.1.14/bin/apache-tomcat-10.1.14.zip.asc
dev/tomcat/tomcat-10/v10.1.14/bin/apache-tomcat-10.1.14.zip.sha512
dev/tomcat/tomcat-10/v10.1.14/bin/embed/
dev/tomcat/tomcat-10/v10.1.14/bin/embed/apache-tomcat-10.1.14-embed.tar.gz  
 (with props)

dev/tomcat/tomcat-10/v10.1.14/bin/embed/apache-tomcat-10.1.14-embed.tar.gz.asc

dev/tomcat/tomcat-10/v10.1.14/bin/embed/apache-tomcat-10.1.14-embed.tar.gz.sha512
dev/tomcat/tomcat-10/v10.1.14/bin/embed/apache-tomcat-10.1.14-embed.zip   
(with props)
dev/tomcat/tomcat-10/v10.1.14/bin/embed/apache-tomcat-10.1.14-embed.zip.asc

dev/tomcat/tomcat-10/v10.1.14/bin/embed/apache-tomcat-10.1.14-embed.zip.sha512
dev/tomcat/tomcat-10/v10.1.14/src/
dev/tomcat/tomcat-10/v10.1.14/src/apache-tomcat-10.1.14-src.tar.gz   (with 
props)
dev/tomcat/tomcat-10/v10.1.14/src/apache-tomcat-10.1.14-src.tar.gz.asc
dev/tomcat/tomcat-10/v10.1.14/src/apache-tomcat-10.1.14-src.tar.gz.sha512
dev/tomcat/tomcat-10/v10.1.14/src/apache-tomcat-10.1.14-src.zip   (with 
props)
dev/tomcat/tomcat-10/v10.1.14/src/apache-tomcat-10.1.14-src.zip.asc
dev/tomcat/tomcat-10/v10.1.14/src/apache-tomcat-10.1.14-src.zip.sha512

Added: dev/tomcat/tomcat-10/v10.1.14/KEYS
==
--- dev/tomcat/tomcat-10/v10.1.14/KEYS (added)
+++ dev/tomcat/tomcat-10/v10.1.14/KEYS Mon Oct  9 22:15:07 2023
@@ -0,0 +1,562 @@
+This file contains the PGP keys of various Apache developers.
+Please don't use them for email unless you have to. Their main
+purpose is code signing.
+
+Apache users: pgp < KEYS
+Apache developers:
+(pgpk -ll  && pgpk -xa ) >> this file.
+  or
+(gpg --fingerprint --list-sigs 
+ && gpg --armor --export ) >> this file.
+
+Apache developers: please ensure that your key is also available via the
+PGP keyservers (such as pgpkeys.mit.edu).
+
+
+pub   4096R/2F6059E7 2009-09-18
+  Key fingerprint = A9C5 DF4D 22E9 9998 D987  5A51 10C0 1C5A 2F60 59E7
+uid  Mark E D Thomas 
+sub   4096R/5E763BEC 2009-09-18
+
+-BEGIN PGP PUBLIC KEY BLOCK-
+Comment: GPGTools - http://gpgtools.org
+
+mQINBEq0DukBEAD4jovHOPJDxoD+JnO1Go2kiwpgRULasGlrVKuSUdP6wzcaqWmX
+pqtOJKKwW2MQFQLmg7nQ9RjJwy3QCbKNDJQA/bwbQT1F7WzTCz2S6vxC4zxKck4t
+6RZBq2dJsYKF0CEh6ZfY4dmKvhq+3istSoFRdHYoOPGWZpuRDqfZPdGm/m335/6K
+GH59oysn1NE7a2a+kZzjBSEgv23+l4Z1Rg7+fpz1JcdHSdC2Z+ZRxML25eVatRVz
+4yvDOZItqDURP24zWOodxgboldV6Y88C3v/7KRR+1vklzkuA2FqF8Q4r/2f0su7M
+UVviQcy29y/RlLSDTTYoVlCZ1ni14qFU7Hpw43KJtgXmcUwq31T1+SlXdYjNJ1aF
+kUi8BjCHDcSgE/IReKUanjHzm4XSymKDTeqqzidi4k6PDD4jyHb8k8vxi6qT6Udn
+lcfo5NBkkUT1TauhEy8ktHhbl9k60BvvMBP9l6cURiJg1WS77egI4P/82oPbzzFi
+GFqXyJKULVgxtdQ3JikCpodp3f1fh6PlYZwkW4xCJLJucJ5MiQp07HAkMVW5w+k8

Re: [VOTE] Release Apache Tomcat 8.5.94 [CORRECTION]

[Igal Sapir]

Chris,

I'm getting some errors when I run `ant clean test` with Java 1.8.0_322 -
any ideas?

test-nio2:
   [junit] Unrecognized option: --add-opens=java.base/java.lang=ALL-UNNAMED
   [junit] Error: Could not create the Java Virtual Machine.
   [junit] Error: A fatal exception has occurred. Program will exit.
   [junit] Unrecognized option: --add-opens=java.base/java.lang=ALL-UNNAMED
   [junit] Error: Could not create the Java Virtual Machine.
   [junit] Error: A fatal exception has occurred. Program will exit.
   [junit] Unrecognized option: --add-opens=java.base/java.lang=ALL-UNNAMED
   [junit] Error: Could not create the Java Virtual Machine.
   [junit] Unrecognized option: --add-opens=java.base/java.lang=ALL-UNNAMED
   [junit] Error: Could not create the Java Virtual Machine.
   [junit] Error: A fatal exception has occurred. Program will exit.
   [junit] Error: A fatal exception has occurred. Program will exit.
   [junit] Unrecognized option: --add-opens=java.base/java.lang=ALL-UNNAMED
   [junit] Error: Could not create the Java Virtual Machine.
   [junit] Error: A fatal exception has occurred. Program will exit.
   [junit] Unrecognized option: --add-opens=java.base/java.lang=ALL-UNNAMED
   [junit] Error: Could not create the Java Virtual Machine.
   [junit] Error: A fatal exception has occurred. Program will exit.
   [junit] Running javax.el.TestArrayELResolver in thread 1
   [junit] Running javax.el.TestBeanELResolver in thread 2
   [junit] Tests run: 1, Failures: 0, Errors: 1, Skipped: 0, Time elapsed:
0 sec, Thread: 1, Class: javax.el.TestArrayELResolver
   [junit] Tests run: 1, Failures: 0, Errors: 1, Skipped: 0, Time elapsed:
0 sec, Thread: 2, Class: javax.el.TestBeanELResolver
   [junit] Test javax.el.TestArrayELResolver FAILED (crashed)
   [junit] Test javax.el.TestBeanELResolver FAILED (crashed)
   [junit] Running javax.el.TestBeanNameELResolver in thread 4
   [junit] Tests run: 1, Failures: 0, Errors: 1, Skipped: 0, Time elapsed:
0 sec, Thread: 4, Class: javax.el.TestBeanNameELResolver
   [junit] Test javax.el.TestBeanNameELResolver FAILED (crashed)
   [junit] Running javax.el.TestELContext in thread 6
   [junit] Tests run: 1, Failures: 0, Errors: 1, Skipped: 0, Time elapsed:
0 sec, Thread: 6, Class: javax.el.TestELContext
   [junit] Test javax.el.TestELContext FAILED (crashed)

BUILD FAILED
/workspace/src/tomcat/8.5.x/build.xml:1544: The following error occurred
while executing this line:
/workspace/src/tomcat/8.5.x/build.xml:1594: Context loader has not been
reset

Total time: 18 seconds

Igal

On Mon, Oct 9, 2023 at 3:02 PM Christopher Schultz <
ch...@christopherschultz.net> wrote:

> All,
>
> On 10/9/23 17:55, Christopher Schultz wrote:
> > The proposed Apache Tomcat 8.5.94 release is now available for voting.
> >
> > The notable changes compared to 8.5.93 are:
> >
> > - Update Tomcat Native to 1.2.39 to pick up Windows binaries built with
> >OpenSSL 3.0.11.
> >
> > - Provide a lifecycle listener that will automatically reload TLS
> >configurations a set time before the certificate is due to expire.
> >This is intended to be used with third-party tools that regularly
> >renew TLS certificates.
> >
> > - Improve performance of EL expressions in JSPs that use implicit
> >objects.
> >
> > - Several improvements to thread safety and recycling cleanup.
> >
> > Along with lots of other bug fixes and improvements.
> >
> > For full details, see the changelog:
> > https://nightlies.apache.org/tomcat/tomcat-8.5.x/docs/changelog.html
> >
> > It can be obtained from:
> > https://dist.apache.org/repos/dist/dev/tomcat/tomcat-8/v8.5.94/
> >
> > The Maven staging repo is:
> > https://repository.apache.org/content/repositories/orgapachetomcat-1436
>
> I had the Maven staging URL incorrect. Please use this one instead:
> https://repository.apache.org/content/repositories/orgapachetomcat-1457
>
> > The tag is:
> > https://github.com/apache/tomcat/tree/8.5.94/
> > 36d4f7d698f71cd322204a3b242a97c54860fb8c
> >
> > The proposed 8.5.94 release is:
> > [ ] Broken - do not release
> > [ ] Stable - go ahead and release as 8.5.94 (stable)
>




>
> -
> To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: dev-h...@tomcat.apache.org
>
>

Re: [VOTE] Release Apache Tomcat 9.0.81

[Igal Sapir]

On Mon, Oct 9, 2023 at 2:36 PM Rémy Maucherat  wrote:

> The proposed Apache Tomcat 9.0.81 release is now available for voting.
>
> The notable changes compared to 9.0.80 are:
>
> - Provide a lifecycle listener that will automatically
>   reload TLS configurations a set time before the certificate is due to
>   expire. This is intended to be used with third-party tools that
>   regularly renew TLS certificates.
>
> - Align validation of HTTP trailer fields with standard fields.
>
> - Improvements to HTTP/2 overhead protection.
>
> - Improve performance of EL expressions in JSPs that use
>   implicit objects.
>
> Along with lots of other bug fixes and improvements.
>
> For full details, see the changelog:
> https://nightlies.apache.org/tomcat/tomcat-9.0.x/docs/changelog.html
>
> It can be obtained from:
> https://dist.apache.org/repos/dist/dev/tomcat/tomcat-9/v9.0.81/
> The Maven staging repo is:
> https://repository.apache.org/content/repositories/orgapachetomcat-1455
> The tag is:
> https://github.com/apache/tomcat/tree/9.0.81
> 90a0120a60faf9a3a657b113a7e2cdda2112be91
>
> The proposed 9.0.81 release is:
> [ ] -1, Broken - do not release
> [X] +1, Stable - go ahead and release as 9.0.81
>

Unit tests passed on Ubuntu 22.04

Igal


>
> Rémy
>
> -
> To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: dev-h...@tomcat.apache.org
>
>

Re: [VOTE] Release Apache Tomcat 8.5.94 [CORRECTION]

[Christopher Schultz]

All,

On 10/9/23 17:55, Christopher Schultz wrote:

The proposed Apache Tomcat 8.5.94 release is now available for voting.

The notable changes compared to 8.5.93 are:

- Update Tomcat Native to 1.2.39 to pick up Windows binaries built with
   OpenSSL 3.0.11.

- Provide a lifecycle listener that will automatically reload TLS
   configurations a set time before the certificate is due to expire.
   This is intended to be used with third-party tools that regularly
   renew TLS certificates.

- Improve performance of EL expressions in JSPs that use implicit
   objects.

- Several improvements to thread safety and recycling cleanup.

Along with lots of other bug fixes and improvements.

For full details, see the changelog:
https://nightlies.apache.org/tomcat/tomcat-8.5.x/docs/changelog.html

It can be obtained from:
https://dist.apache.org/repos/dist/dev/tomcat/tomcat-8/v8.5.94/

The Maven staging repo is:
https://repository.apache.org/content/repositories/orgapachetomcat-1436


I had the Maven staging URL incorrect. Please use this one instead:
https://repository.apache.org/content/repositories/orgapachetomcat-1457


The tag is:
https://github.com/apache/tomcat/tree/8.5.94/
36d4f7d698f71cd322204a3b242a97c54860fb8c

The proposed 8.5.94 release is:
[ ] Broken - do not release
[ ] Stable - go ahead and release as 8.5.94 (stable)


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[VOTE] Release Apache Tomcat 8.5.94

[Christopher Schultz]

The proposed Apache Tomcat 8.5.94 release is now available for voting.

The notable changes compared to 8.5.93 are:

- Update Tomcat Native to 1.2.39 to pick up Windows binaries built with
  OpenSSL 3.0.11.

- Provide a lifecycle listener that will automatically reload TLS
  configurations a set time before the certificate is due to expire.
  This is intended to be used with third-party tools that regularly
  renew TLS certificates.

- Improve performance of EL expressions in JSPs that use implicit
  objects.

- Several improvements to thread safety and recycling cleanup.

Along with lots of other bug fixes and improvements.

For full details, see the changelog:
https://nightlies.apache.org/tomcat/tomcat-8.5.x/docs/changelog.html

It can be obtained from:
https://dist.apache.org/repos/dist/dev/tomcat/tomcat-8/v8.5.94/

The Maven staging repo is:
https://repository.apache.org/content/repositories/orgapachetomcat-1436

The tag is:
https://github.com/apache/tomcat/tree/8.5.94/
36d4f7d698f71cd322204a3b242a97c54860fb8c

The proposed 8.5.94 release is:
[ ] Broken - do not release
[ ] Stable - go ahead and release as 8.5.94 (stable)

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[VOTE] Release Apache Tomcat 11.0.0-M12

[Mark Thomas]

The proposed Apache Tomcat 11.0.0-M12 release is now available for
voting.

Apache Tomcat 11.0.0-M12 is a milestone release of the 11.0.x branch and 
has been made to provide users with early access to the new features in 
Apache Tomcat 11.0.x so that they may provide feedback. The notable 
changes compared to the previous milestone include:


- Provide a lifecycle listener that will automatically
  reload TLS configurations a set time before the certificate is due to
  expire. This is intended to be used with third-party tools that
  regularly renew TLS certificates.

- Remove support for HTTP/2 server push

- Update Tomcat Native to 2.0.6 to pick up Windows binaries built with
  OpenSSL 3.0.11

For full details, see the change log:
https://nightlies.apache.org/tomcat/tomcat-11.0.x/docs/changelog.html

Applications that run on Tomcat 9 and earlier will not run on Tomcat 11 
without changes. Java EE applications designed for Tomcat 9 and earlier 
may be placed in the $CATALINA_BASE/webapps-javaee directory and Tomcat 
will automatically convert them to Jakarta EE and copy them to the 
webapps directory. Applications using deprecated APIs may require 
further changes.


It can be obtained from:
https://dist.apache.org/repos/dist/dev/tomcat/tomcat-11/v11.0.0-M12/

The Maven staging repo is:
https://repository.apache.org/content/repositories/orgapachetomcat-1456

The tag is:
https://github.com/apache/tomcat/tree/11.0.0-M12
5a67c7c58d8caf24969093e6423b7f0b43df2f6a


The proposed 11.0.0-M12 release is:
[ ] -1 Broken - do not release
[ ] +1 Alpha  - go ahead and release as 11.0.0-M12

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[VOTE] Release Apache Tomcat 9.0.81

[Rémy Maucherat]

The proposed Apache Tomcat 9.0.81 release is now available for voting.

The notable changes compared to 9.0.80 are:

- Provide a lifecycle listener that will automatically
  reload TLS configurations a set time before the certificate is due to
  expire. This is intended to be used with third-party tools that
  regularly renew TLS certificates.

- Align validation of HTTP trailer fields with standard fields.

- Improvements to HTTP/2 overhead protection.

- Improve performance of EL expressions in JSPs that use
  implicit objects.

Along with lots of other bug fixes and improvements.

For full details, see the changelog:
https://nightlies.apache.org/tomcat/tomcat-9.0.x/docs/changelog.html

It can be obtained from:
https://dist.apache.org/repos/dist/dev/tomcat/tomcat-9/v9.0.81/
The Maven staging repo is:
https://repository.apache.org/content/repositories/orgapachetomcat-1455
The tag is:
https://github.com/apache/tomcat/tree/9.0.81
90a0120a60faf9a3a657b113a7e2cdda2112be91

The proposed 9.0.81 release is:
[ ] -1, Broken - do not release
[ ] +1, Stable - go ahead and release as 9.0.81

Rémy

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

svn commit: r64437 [2/2] - in /dev/tomcat/tomcat-8/v8.5.94: ./ bin/ bin/embed/ bin/extras/ src/

[schultz]

Added: dev/tomcat/tomcat-8/v8.5.94/bin/extras/catalina-ws.jar.asc
==
--- dev/tomcat/tomcat-8/v8.5.94/bin/extras/catalina-ws.jar.asc (added)
+++ dev/tomcat/tomcat-8/v8.5.94/bin/extras/catalina-ws.jar.asc Mon Oct  9 
21:33:56 2023
@@ -0,0 +1,16 @@
+-BEGIN PGP SIGNATURE-
+
+iQIzBAABCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAmUkbsMACgkQHPApP6U8
+pFhyFg//XxLJ0SuFJKiAlxMIGH2+CxpzaTgArRcrNR1g4IN/0hkPHpdw+tyrzgoA
+LkmncWrSNYHIioFDn35c7qiJlY+K4nDWopidi9KqizJUE+eZoTMvLwdMwRh/XYVV
+/l9ZmOO0FYZC2guzf/eJZCGBX6h0IzKE8Xrp7vZSmrBqtlpoL7Zan5C1iqFNXDjM
+BuS+qcZjJ2JTfTj32Dz17HvWdyWP5+zl/ORduRaSYlKlttcOjC6i6+00LFEww1vc
+L/Nune4Cc2WYa+QWso3+B8JpAE0IQXSJHuLKQO9w/zAE1Dxt1mTHJ3txzgxqpGUw
+Esb1UGg/tJsQwEpuQ6HQsASrM+YDnHeEvi626weIZOYfnVStoQKkHk7IJrYCqWbX
+qD7+WhAfYwqaKpqxIevXBmd2OMCSKpEu3vte6S15YSmcQh6ruavowdZyWmqT8ZfX
+WWzRoglFnVlU2JmhFzxMulUXTdfrr6AjJekZJezkuRNoPS7Z4guFKqvtjjHRv0O/
+bbBhzVEWqfN/mfBPsv6+uOrTudYZaAWaj9v0BEJyZo1Mdi7kV9hyY9hLX2B4K4i7
+VnFsc6OE+1+k28QPUlB03J1GReSLTbS7xV8/DvnfTmKXUqhBzGsejkpy0TnbImub
+frC5CPm0vmDBavAv288hGRU7UnLDc9VJ8zQeX5jk7RsnX6s+kj4=
+=sW0k
+-END PGP SIGNATURE-

Added: dev/tomcat/tomcat-8/v8.5.94/bin/extras/catalina-ws.jar.sha512
==
--- dev/tomcat/tomcat-8/v8.5.94/bin/extras/catalina-ws.jar.sha512 (added)
+++ dev/tomcat/tomcat-8/v8.5.94/bin/extras/catalina-ws.jar.sha512 Mon Oct  9 
21:33:56 2023
@@ -0,0 +1 @@
+e852f30571e390e39c67121d3fbdba9ddeeab0d52f9712f514ebfc37b47b094683dad75c2087c3234ece2ae04e424a81de155e339fa59d7b90776292ba5438a4
 *catalina-ws.jar
\ No newline at end of file

Added: dev/tomcat/tomcat-8/v8.5.94/src/apache-tomcat-8.5.94-src.tar.gz
==
Binary file - no diff available.

Propchange: dev/tomcat/tomcat-8/v8.5.94/src/apache-tomcat-8.5.94-src.tar.gz
--
svn:mime-type = application/octet-stream

Added: dev/tomcat/tomcat-8/v8.5.94/src/apache-tomcat-8.5.94-src.tar.gz.asc
==
--- dev/tomcat/tomcat-8/v8.5.94/src/apache-tomcat-8.5.94-src.tar.gz.asc (added)
+++ dev/tomcat/tomcat-8/v8.5.94/src/apache-tomcat-8.5.94-src.tar.gz.asc Mon Oct 
 9 21:33:56 2023
@@ -0,0 +1,16 @@
+-BEGIN PGP SIGNATURE-
+
+iQIzBAABCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAmUkcIYACgkQHPApP6U8
+pFhUPw/+J93MUhne3CowvNIyxkWK0ewd0qbLfM8ZzuDr6d9X4T8xhwXrZRme0gPg
+WKTAwYbBBNdUWlYnCjpEnVAVEwU0aUGQc2aqUixyGYu1hL4V9NAJFUkz323cczxU
+Ck+0lFZ5FGL0OV9+YT1YHM1r256419vmp6VTp6MxgDCARqO+iHuRlIb9xTY63C9z
+Ep6zEufbMy9TomB7UOq3es0qN5eZBg/47rB7f0NI+H4QB2EDG+1HVQxBIMpPzJ0D
+gkGfx2KMJd3646GQi8QvaulmK8HrM1gDrQtFv+HEJA07svSYMyRkKc3/TsP3+3ie
+gWyHjuH48WpCjBWTFVDNxHybCcWQtv3B7a1dtDW7q1wKbaPgbpKyday6DjBG4Ieu
+bS6VWkHAE7NHNCwCWI7Qc8QHceXQrqO6qYC3RDVkkxlWoKts47BJi09AYImE0AM6
+695ZLtrnIr4D+ktl5r7meW4oJYXCQhF/Xu4YRNs1ajkGIpUji8Mi9H8+yDuibV7o
+zKT2GIr4Ww/ca25kgsmSOT7XMLK7ZBFiBahkB/IWk4W95iZk3QV0+E0CxQTbLbxb
+638RYgd7NcVRlHjyyJdFUnQ5HiyB/DIUimhaaRu9xBqpYzR1gmkP67Jousc+k5Pf
+mqMlmaD72Ak4CbejSRUKONBRQ5NeIJSpOGgQ3YsRqNMPyFRj9Mg=
+=DS9q
+-END PGP SIGNATURE-

Added: dev/tomcat/tomcat-8/v8.5.94/src/apache-tomcat-8.5.94-src.tar.gz.sha512
==
--- dev/tomcat/tomcat-8/v8.5.94/src/apache-tomcat-8.5.94-src.tar.gz.sha512 
(added)
+++ dev/tomcat/tomcat-8/v8.5.94/src/apache-tomcat-8.5.94-src.tar.gz.sha512 Mon 
Oct  9 21:33:56 2023
@@ -0,0 +1 @@
+0b03b5ee0cfafb34d7f428dfbd5de2f1c3c676b320883d5da5a0613576a6eb68a46bfcbaf15adc015f75ef43fe1bb76dc528942502ac1ea9d3f5b95ed91a
 *apache-tomcat-8.5.94-src.tar.gz
\ No newline at end of file

Added: dev/tomcat/tomcat-8/v8.5.94/src/apache-tomcat-8.5.94-src.zip
==
Binary file - no diff available.

Propchange: dev/tomcat/tomcat-8/v8.5.94/src/apache-tomcat-8.5.94-src.zip
--
svn:mime-type = application/octet-stream

Added: dev/tomcat/tomcat-8/v8.5.94/src/apache-tomcat-8.5.94-src.zip.asc
==
--- dev/tomcat/tomcat-8/v8.5.94/src/apache-tomcat-8.5.94-src.zip.asc (added)
+++ dev/tomcat/tomcat-8/v8.5.94/src/apache-tomcat-8.5.94-src.zip.asc Mon Oct  9 
21:33:56 2023
@@ -0,0 +1,16 @@
+-BEGIN PGP SIGNATURE-
+
+iQIzBAABCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAmUkcD8ACgkQHPApP6U8
+pFiLmg/+IdZuPhsI05TFwarWwbQ3i8Vzbjp99Ka/rXurQo1LmZx7ew3l+SlsF8y/
+G28JAJqUrSv+JCII6lclviL8abUpuKKFgtHQtuHsC7DwTpU75hulsNvl8NyKtPj6
+cA1UHiCLpVtDyMt6LMGRGFSuE0AuiLtest430OtbVHycCW12SzBw24MYAjrTy9ta
+uLk7EKFJQS01ESrS02ZZYiL3Fv+8j17sAo3a5pCa/MGdP+wpyv4lnSRmynomIc1w
+v145w4Dtt++vbTEDyXKkqvcT5Cm9YS2Gv9yN9afNmn2CFobUl4/v9UDzDuiUWFWb

svn commit: r64437 [1/2] - in /dev/tomcat/tomcat-8/v8.5.94: ./ bin/ bin/embed/ bin/extras/ src/

[schultz]

Author: schultz
Date: Mon Oct  9 21:33:56 2023
New Revision: 64437

Log:
Upload 8.5.94 for voting

Added:
dev/tomcat/tomcat-8/v8.5.94/
dev/tomcat/tomcat-8/v8.5.94/KEYS
dev/tomcat/tomcat-8/v8.5.94/README.html
dev/tomcat/tomcat-8/v8.5.94/RELEASE-NOTES
dev/tomcat/tomcat-8/v8.5.94/bin/
dev/tomcat/tomcat-8/v8.5.94/bin/README.html
dev/tomcat/tomcat-8/v8.5.94/bin/apache-tomcat-8.5.94-deployer.tar.gz   
(with props)
dev/tomcat/tomcat-8/v8.5.94/bin/apache-tomcat-8.5.94-deployer.tar.gz.asc
dev/tomcat/tomcat-8/v8.5.94/bin/apache-tomcat-8.5.94-deployer.tar.gz.sha512
dev/tomcat/tomcat-8/v8.5.94/bin/apache-tomcat-8.5.94-deployer.zip   (with 
props)
dev/tomcat/tomcat-8/v8.5.94/bin/apache-tomcat-8.5.94-deployer.zip.asc
dev/tomcat/tomcat-8/v8.5.94/bin/apache-tomcat-8.5.94-deployer.zip.sha512
dev/tomcat/tomcat-8/v8.5.94/bin/apache-tomcat-8.5.94-fulldocs.tar.gz   
(with props)
dev/tomcat/tomcat-8/v8.5.94/bin/apache-tomcat-8.5.94-fulldocs.tar.gz.asc
dev/tomcat/tomcat-8/v8.5.94/bin/apache-tomcat-8.5.94-fulldocs.tar.gz.sha512
dev/tomcat/tomcat-8/v8.5.94/bin/apache-tomcat-8.5.94-windows-x64.zip   
(with props)
dev/tomcat/tomcat-8/v8.5.94/bin/apache-tomcat-8.5.94-windows-x64.zip.asc
dev/tomcat/tomcat-8/v8.5.94/bin/apache-tomcat-8.5.94-windows-x64.zip.sha512
dev/tomcat/tomcat-8/v8.5.94/bin/apache-tomcat-8.5.94-windows-x86.zip   
(with props)
dev/tomcat/tomcat-8/v8.5.94/bin/apache-tomcat-8.5.94-windows-x86.zip.asc
dev/tomcat/tomcat-8/v8.5.94/bin/apache-tomcat-8.5.94-windows-x86.zip.sha512
dev/tomcat/tomcat-8/v8.5.94/bin/apache-tomcat-8.5.94.exe   (with props)
dev/tomcat/tomcat-8/v8.5.94/bin/apache-tomcat-8.5.94.exe.asc
dev/tomcat/tomcat-8/v8.5.94/bin/apache-tomcat-8.5.94.exe.sha512
dev/tomcat/tomcat-8/v8.5.94/bin/apache-tomcat-8.5.94.tar.gz   (with props)
dev/tomcat/tomcat-8/v8.5.94/bin/apache-tomcat-8.5.94.tar.gz.asc
dev/tomcat/tomcat-8/v8.5.94/bin/apache-tomcat-8.5.94.tar.gz.sha512
dev/tomcat/tomcat-8/v8.5.94/bin/apache-tomcat-8.5.94.zip   (with props)
dev/tomcat/tomcat-8/v8.5.94/bin/apache-tomcat-8.5.94.zip.asc
dev/tomcat/tomcat-8/v8.5.94/bin/apache-tomcat-8.5.94.zip.sha512
dev/tomcat/tomcat-8/v8.5.94/bin/embed/
dev/tomcat/tomcat-8/v8.5.94/bin/embed/apache-tomcat-8.5.94-embed.tar.gz   
(with props)
dev/tomcat/tomcat-8/v8.5.94/bin/embed/apache-tomcat-8.5.94-embed.tar.gz.asc

dev/tomcat/tomcat-8/v8.5.94/bin/embed/apache-tomcat-8.5.94-embed.tar.gz.sha512
dev/tomcat/tomcat-8/v8.5.94/bin/embed/apache-tomcat-8.5.94-embed.zip   
(with props)
dev/tomcat/tomcat-8/v8.5.94/bin/embed/apache-tomcat-8.5.94-embed.zip.asc
dev/tomcat/tomcat-8/v8.5.94/bin/embed/apache-tomcat-8.5.94-embed.zip.sha512
dev/tomcat/tomcat-8/v8.5.94/bin/extras/
dev/tomcat/tomcat-8/v8.5.94/bin/extras/catalina-ws.jar   (with props)
dev/tomcat/tomcat-8/v8.5.94/bin/extras/catalina-ws.jar.asc
dev/tomcat/tomcat-8/v8.5.94/bin/extras/catalina-ws.jar.sha512
dev/tomcat/tomcat-8/v8.5.94/src/
dev/tomcat/tomcat-8/v8.5.94/src/apache-tomcat-8.5.94-src.tar.gz   (with 
props)
dev/tomcat/tomcat-8/v8.5.94/src/apache-tomcat-8.5.94-src.tar.gz.asc
dev/tomcat/tomcat-8/v8.5.94/src/apache-tomcat-8.5.94-src.tar.gz.sha512
dev/tomcat/tomcat-8/v8.5.94/src/apache-tomcat-8.5.94-src.zip   (with props)
dev/tomcat/tomcat-8/v8.5.94/src/apache-tomcat-8.5.94-src.zip.asc
dev/tomcat/tomcat-8/v8.5.94/src/apache-tomcat-8.5.94-src.zip.sha512

Added: dev/tomcat/tomcat-8/v8.5.94/KEYS
==
--- dev/tomcat/tomcat-8/v8.5.94/KEYS (added)
+++ dev/tomcat/tomcat-8/v8.5.94/KEYS Mon Oct  9 21:33:56 2023
@@ -0,0 +1,785 @@
+This file contains the PGP keys of various Apache developers.
+Please don't use them for email unless you have to. Their main
+purpose is code signing.
+
+Apache users: pgp < KEYS
+Apache developers:
+(pgpk -ll  && pgpk -xa ) >> this file.
+  or
+(gpg --fingerprint --list-sigs 
+ && gpg --armor --export ) >> this file.
+
+Apache developers: please ensure that your key is also available via the
+PGP keyservers (such as pgpkeys.mit.edu).
+
+
+Type Bits/KeyIDDate   User ID
+pub  2048/F22C4FED 2001/07/02 Andy Armstrong 
+
+-BEGIN PGP PUBLIC KEY BLOCK-
+Version: PGPfreeware 7.0.3 for non-commercial use 
+
+mQGiBDtAWuURBADZ0KUEyUkSUiTA09e7tvEbX25STsjxrR+DNTainCls+XlkVOij
+gBv216lqge9tIsS0L6hCP4OQbFf/64qVtJssX4QXdyiZGb5wpmcj0Mz602Ew8r+N
+I0S5NvmogoYWW7BlP4r61jNxO5zrr03KaijM5r4ipJdLUxyOmM6P2jRPUwCg/5gm
+bpqiYl7pXX5FgDeB36tmD+UD/06iLqOnoiKO0vMbOk7URclhCObMNrHqxTxozMTS
+B9soYURbIeArei+plYo2n+1qB12ayybjhVu3uksXRdT9bEkyxMfslvLbIpDAG8Cz
+gNftTbKx/MVS7cQU0II8BKo2Akr+1FZah+sD4ovK8SfkMXUQUbTeefTntsAQKyyU
+9M9tA/9on9tBiHFl0qVJht6N4GiJ2G689v7rS2giLgKjetjiCduxBXEgvUSuyQID
+nF9ATrpXjITwsRlGKFmpZiFm5oCeCXihIVH0u6q066xNW2AXkLVoJ1l1Rs2Z0lsb

[tomcat] branch 9.0.x updated: Fix javadoc warning (for branches built with Java 11)

[remm]

This is an automated email from the ASF dual-hosted git repository.

remm pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/9.0.x by this push:
 new 520b2f22a0 Fix javadoc warning (for branches built with Java 11)
520b2f22a0 is described below

commit 520b2f22a03ab913798d82eed878e3e56fe7cd0f
Author: remm 
AuthorDate: Mon Oct 9 23:29:08 2023 +0200

Fix javadoc warning (for branches built with Java 11)
---
 java/org/apache/catalina/security/TLSCertificateReloadListener.java | 1 -
 1 file changed, 1 deletion(-)

diff --git 
a/java/org/apache/catalina/security/TLSCertificateReloadListener.java 
b/java/org/apache/catalina/security/TLSCertificateReloadListener.java
index d9fe20f462..0596732575 100644
--- a/java/org/apache/catalina/security/TLSCertificateReloadListener.java
+++ b/java/org/apache/catalina/security/TLSCertificateReloadListener.java
@@ -40,7 +40,6 @@ import org.apache.tomcat.util.res.StringManager;
  * 
  * This listener does NOT re-read the Tomcat configuration from 
server.xml. If you make changes to server.xml you
  * must restart the Tomcat process to pick up those changes.
- * 
  */
 public class TLSCertificateReloadListener implements LifecycleListener {
 


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch 8.5.x updated: Fix javadoc warning (for branches built with Java 11)

[remm]

This is an automated email from the ASF dual-hosted git repository.

remm pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/8.5.x by this push:
 new 6dc0820587 Fix javadoc warning (for branches built with Java 11)
6dc0820587 is described below

commit 6dc08205874743d172e8f097489fb6a413e951c9
Author: remm 
AuthorDate: Mon Oct 9 23:29:08 2023 +0200

Fix javadoc warning (for branches built with Java 11)
---
 java/org/apache/catalina/security/TLSCertificateReloadListener.java | 1 -
 1 file changed, 1 deletion(-)

diff --git 
a/java/org/apache/catalina/security/TLSCertificateReloadListener.java 
b/java/org/apache/catalina/security/TLSCertificateReloadListener.java
index d9fe20f462..0596732575 100644
--- a/java/org/apache/catalina/security/TLSCertificateReloadListener.java
+++ b/java/org/apache/catalina/security/TLSCertificateReloadListener.java
@@ -40,7 +40,6 @@ import org.apache.tomcat.util.res.StringManager;
  * 
  * This listener does NOT re-read the Tomcat configuration from 
server.xml. If you make changes to server.xml you
  * must restart the Tomcat process to pick up those changes.
- * 
  */
 public class TLSCertificateReloadListener implements LifecycleListener {
 


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch 10.1.x updated: Fix javadoc warning (for branches built with Java 11)

[remm]

This is an automated email from the ASF dual-hosted git repository.

remm pushed a commit to branch 10.1.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/10.1.x by this push:
 new 5f54502793 Fix javadoc warning (for branches built with Java 11)
5f54502793 is described below

commit 5f54502793c88b8cf716b16fba09e8c426476c14
Author: remm 
AuthorDate: Mon Oct 9 23:29:08 2023 +0200

Fix javadoc warning (for branches built with Java 11)
---
 java/org/apache/catalina/security/TLSCertificateReloadListener.java | 1 -
 1 file changed, 1 deletion(-)

diff --git 
a/java/org/apache/catalina/security/TLSCertificateReloadListener.java 
b/java/org/apache/catalina/security/TLSCertificateReloadListener.java
index d9fe20f462..0596732575 100644
--- a/java/org/apache/catalina/security/TLSCertificateReloadListener.java
+++ b/java/org/apache/catalina/security/TLSCertificateReloadListener.java
@@ -40,7 +40,6 @@ import org.apache.tomcat.util.res.StringManager;
  * 
  * This listener does NOT re-read the Tomcat configuration from 
server.xml. If you make changes to server.xml you
  * must restart the Tomcat process to pick up those changes.
- * 
  */
 public class TLSCertificateReloadListener implements LifecycleListener {
 


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] 01/01: Tag 8.5.94

[schultz]

This is an automated email from the ASF dual-hosted git repository.

schultz pushed a commit to tag 8.5.94
in repository https://gitbox.apache.org/repos/asf/tomcat.git

commit 36d4f7d698f71cd322204a3b242a97c54860fb8c
Author: schultz 
AuthorDate: Mon Oct 9 14:29:31 2023 -0700

Tag 8.5.94
---
 build.properties.release |  52 +++
 res/install-win/Uninstall.exe.sig| Bin 0 -> 10253 bytes
 res/install-win/tomcat-installer.exe.sig | Bin 0 -> 10253 bytes
 res/maven/mvn.properties.release |  27 
 webapps/docs/changelog.xml   |   2 +-
 5 files changed, 80 insertions(+), 1 deletion(-)

diff --git a/build.properties.release b/build.properties.release
new file mode 100644
index 00..54b88bf708
--- /dev/null
+++ b/build.properties.release
@@ -0,0 +1,52 @@
+# -
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements.  See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License.  You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# -
+
+# This file was auto-generated by the pre-release Ant target.
+
+# Any unwanted settings may be over-ridden in a build.properties file located
+# in the same directory as this file.
+
+# Set the version-dev to "" (empty string) as this is not a development 
release.
+version.dev=
+
+# Ensure consistent timestamps for reproducible builds.
+ant.tstamp.now.iso=2023-10-09T21:16:48Z
+
+# Enable insertion of detached signatures into the Windows installer.
+do.codesigning=true
+
+# Re-use the same GPG executable.
+gpg.exec=C:/Program Files (x86)/gnupg/bin/gpg.exe
+
+# Reproducible builds require the use of the build tools defined below. The
+# vendors (where appropriate) and versions must match exactly for a 
reproducible
+# build since this data is embedded in various files, particularly JAR file
+# manifests, as part of the build process.
+#
+# Apache Ant:  Apache Ant(TM) version 1.10.12 compiled on October 13 2021
+#
+# Java Name:   OpenJDK 64-Bit Server VM
+# Java Vendor: Eclipse Adoptium
+# Java Version:11.0.20+8
+
+# The following is provided for information only. Builds will be repeatable
+# whether or not the build environment in consistent with this information.
+#
+# OS:  amd64 Windows 10 10.0
+# File encoding:   Cp1252
+#
+# Release Manager: schultz
diff --git a/res/install-win/Uninstall.exe.sig 
b/res/install-win/Uninstall.exe.sig
new file mode 100644
index 00..950efafa61
Binary files /dev/null and b/res/install-win/Uninstall.exe.sig differ
diff --git a/res/install-win/tomcat-installer.exe.sig 
b/res/install-win/tomcat-installer.exe.sig
new file mode 100644
index 00..35dc0922c2
Binary files /dev/null and b/res/install-win/tomcat-installer.exe.sig differ
diff --git a/res/maven/mvn.properties.release b/res/maven/mvn.properties.release
new file mode 100644
index 00..c6a6487eb4
--- /dev/null
+++ b/res/maven/mvn.properties.release
@@ -0,0 +1,27 @@
+# -
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements.  See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License.  You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# -
+
+# This file was auto-generated by the pre-release Ant target.
+
+# Remove "-dev" from the version since this is not a development release.
+maven.asf.release.deploy.version=8.5.94
+
+# Re-use the same GPG executable.
+gpg.exec=C:/Program Files (x86)/gnupg/bin/gpg.exe
+
+# Set the user name to 

[tomcat] tag 8.5.94 created (now 36d4f7d698)

[schultz]

This is an automated email from the ASF dual-hosted git repository.

schultz pushed a change to tag 8.5.94
in repository https://gitbox.apache.org/repos/asf/tomcat.git


  at 36d4f7d698 (commit)
This tag includes the following new commits:

 new 36d4f7d698 Tag 8.5.94

The 1 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails.  The revisions
listed as "add" were already present in the repository and have only
been added to this reference.



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch main updated: Fix javadoc warning (for branches built with Java 11)

[remm]

This is an automated email from the ASF dual-hosted git repository.

remm pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/main by this push:
 new 6a96bcadb9 Fix javadoc warning (for branches built with Java 11)
6a96bcadb9 is described below

commit 6a96bcadb934051bd3054fb21989caf868106c29
Author: remm 
AuthorDate: Mon Oct 9 23:29:08 2023 +0200

Fix javadoc warning (for branches built with Java 11)
---
 java/org/apache/catalina/security/TLSCertificateReloadListener.java | 1 -
 1 file changed, 1 deletion(-)

diff --git 
a/java/org/apache/catalina/security/TLSCertificateReloadListener.java 
b/java/org/apache/catalina/security/TLSCertificateReloadListener.java
index d9fe20f462..0596732575 100644
--- a/java/org/apache/catalina/security/TLSCertificateReloadListener.java
+++ b/java/org/apache/catalina/security/TLSCertificateReloadListener.java
@@ -40,7 +40,6 @@ import org.apache.tomcat.util.res.StringManager;
  * 
  * This listener does NOT re-read the Tomcat configuration from 
server.xml. If you make changes to server.xml you
  * must restart the Tomcat process to pick up those changes.
- * 
  */
 public class TLSCertificateReloadListener implements LifecycleListener {
 


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

svn commit: r64436 - in /dev/tomcat/tomcat-11/v11.0.0-M12: ./ bin/ bin/embed/ src/

[markt]

Author: markt
Date: Mon Oct  9 21:21:55 2023
New Revision: 64436

Log:
Upload 11.0.0-M12 for voting

Added:
dev/tomcat/tomcat-11/v11.0.0-M12/
dev/tomcat/tomcat-11/v11.0.0-M12/KEYS
dev/tomcat/tomcat-11/v11.0.0-M12/README.html
dev/tomcat/tomcat-11/v11.0.0-M12/RELEASE-NOTES
dev/tomcat/tomcat-11/v11.0.0-M12/bin/
dev/tomcat/tomcat-11/v11.0.0-M12/bin/README.html

dev/tomcat/tomcat-11/v11.0.0-M12/bin/apache-tomcat-11.0.0-M12-deployer.tar.gz   
(with props)

dev/tomcat/tomcat-11/v11.0.0-M12/bin/apache-tomcat-11.0.0-M12-deployer.tar.gz.asc

dev/tomcat/tomcat-11/v11.0.0-M12/bin/apache-tomcat-11.0.0-M12-deployer.tar.gz.sha512
dev/tomcat/tomcat-11/v11.0.0-M12/bin/apache-tomcat-11.0.0-M12-deployer.zip  
 (with props)

dev/tomcat/tomcat-11/v11.0.0-M12/bin/apache-tomcat-11.0.0-M12-deployer.zip.asc

dev/tomcat/tomcat-11/v11.0.0-M12/bin/apache-tomcat-11.0.0-M12-deployer.zip.sha512

dev/tomcat/tomcat-11/v11.0.0-M12/bin/apache-tomcat-11.0.0-M12-fulldocs.tar.gz   
(with props)

dev/tomcat/tomcat-11/v11.0.0-M12/bin/apache-tomcat-11.0.0-M12-fulldocs.tar.gz.asc

dev/tomcat/tomcat-11/v11.0.0-M12/bin/apache-tomcat-11.0.0-M12-fulldocs.tar.gz.sha512

dev/tomcat/tomcat-11/v11.0.0-M12/bin/apache-tomcat-11.0.0-M12-windows-x64.zip   
(with props)

dev/tomcat/tomcat-11/v11.0.0-M12/bin/apache-tomcat-11.0.0-M12-windows-x64.zip.asc

dev/tomcat/tomcat-11/v11.0.0-M12/bin/apache-tomcat-11.0.0-M12-windows-x64.zip.sha512
dev/tomcat/tomcat-11/v11.0.0-M12/bin/apache-tomcat-11.0.0-M12.exe   (with 
props)
dev/tomcat/tomcat-11/v11.0.0-M12/bin/apache-tomcat-11.0.0-M12.exe.asc
dev/tomcat/tomcat-11/v11.0.0-M12/bin/apache-tomcat-11.0.0-M12.exe.sha512
dev/tomcat/tomcat-11/v11.0.0-M12/bin/apache-tomcat-11.0.0-M12.tar.gz   
(with props)
dev/tomcat/tomcat-11/v11.0.0-M12/bin/apache-tomcat-11.0.0-M12.tar.gz.asc
dev/tomcat/tomcat-11/v11.0.0-M12/bin/apache-tomcat-11.0.0-M12.tar.gz.sha512
dev/tomcat/tomcat-11/v11.0.0-M12/bin/apache-tomcat-11.0.0-M12.zip   (with 
props)
dev/tomcat/tomcat-11/v11.0.0-M12/bin/apache-tomcat-11.0.0-M12.zip.asc
dev/tomcat/tomcat-11/v11.0.0-M12/bin/apache-tomcat-11.0.0-M12.zip.sha512
dev/tomcat/tomcat-11/v11.0.0-M12/bin/embed/

dev/tomcat/tomcat-11/v11.0.0-M12/bin/embed/apache-tomcat-11.0.0-M12-embed.tar.gz
   (with props)

dev/tomcat/tomcat-11/v11.0.0-M12/bin/embed/apache-tomcat-11.0.0-M12-embed.tar.gz.asc

dev/tomcat/tomcat-11/v11.0.0-M12/bin/embed/apache-tomcat-11.0.0-M12-embed.tar.gz.sha512

dev/tomcat/tomcat-11/v11.0.0-M12/bin/embed/apache-tomcat-11.0.0-M12-embed.zip   
(with props)

dev/tomcat/tomcat-11/v11.0.0-M12/bin/embed/apache-tomcat-11.0.0-M12-embed.zip.asc

dev/tomcat/tomcat-11/v11.0.0-M12/bin/embed/apache-tomcat-11.0.0-M12-embed.zip.sha512
dev/tomcat/tomcat-11/v11.0.0-M12/src/
dev/tomcat/tomcat-11/v11.0.0-M12/src/apache-tomcat-11.0.0-M12-src.tar.gz   
(with props)
dev/tomcat/tomcat-11/v11.0.0-M12/src/apache-tomcat-11.0.0-M12-src.tar.gz.asc

dev/tomcat/tomcat-11/v11.0.0-M12/src/apache-tomcat-11.0.0-M12-src.tar.gz.sha512
dev/tomcat/tomcat-11/v11.0.0-M12/src/apache-tomcat-11.0.0-M12-src.zip   
(with props)
dev/tomcat/tomcat-11/v11.0.0-M12/src/apache-tomcat-11.0.0-M12-src.zip.asc
dev/tomcat/tomcat-11/v11.0.0-M12/src/apache-tomcat-11.0.0-M12-src.zip.sha512

Added: dev/tomcat/tomcat-11/v11.0.0-M12/KEYS
==
--- dev/tomcat/tomcat-11/v11.0.0-M12/KEYS (added)
+++ dev/tomcat/tomcat-11/v11.0.0-M12/KEYS Mon Oct  9 21:21:55 2023
@@ -0,0 +1,453 @@
+This file contains the PGP keys of various Apache developers.
+Please don't use them for email unless you have to. Their main
+purpose is code signing.
+
+Apache users: pgp < KEYS
+Apache developers:
+(pgpk -ll  && pgpk -xa ) >> this file.
+  or
+(gpg --fingerprint --list-sigs 
+ && gpg --armor --export ) >> this file.
+
+Apache developers: please ensure that your key is also available via the
+PGP keyservers (such as pgpkeys.mit.edu).
+
+
+pub   4096R/2F6059E7 2009-09-18
+  Key fingerprint = A9C5 DF4D 22E9 9998 D987  5A51 10C0 1C5A 2F60 59E7
+uid  Mark E D Thomas 
+sub   4096R/5E763BEC 2009-09-18
+
+-BEGIN PGP PUBLIC KEY BLOCK-
+Comment: GPGTools - http://gpgtools.org
+
+mQINBEq0DukBEAD4jovHOPJDxoD+JnO1Go2kiwpgRULasGlrVKuSUdP6wzcaqWmX
+pqtOJKKwW2MQFQLmg7nQ9RjJwy3QCbKNDJQA/bwbQT1F7WzTCz2S6vxC4zxKck4t
+6RZBq2dJsYKF0CEh6ZfY4dmKvhq+3istSoFRdHYoOPGWZpuRDqfZPdGm/m335/6K
+GH59oysn1NE7a2a+kZzjBSEgv23+l4Z1Rg7+fpz1JcdHSdC2Z+ZRxML25eVatRVz
+4yvDOZItqDURP24zWOodxgboldV6Y88C3v/7KRR+1vklzkuA2FqF8Q4r/2f0su7M
+UVviQcy29y/RlLSDTTYoVlCZ1ni14qFU7Hpw43KJtgXmcUwq31T1+SlXdYjNJ1aF
+kUi8BjCHDcSgE/IReKUanjHzm4XSymKDTeqqzidi4k6PDD4jyHb8k8vxi6qT6Udn
+lcfo5NBkkUT1TauhEy8ktHhbl9k60BvvMBP9l6cURiJg1WS77egI4P/82oPbzzFi
+GFqXyJKULVgxtdQ3JikCpodp3f1fh6PlYZwkW4xCJLJucJ5MiQp07HAkMVW5w+k8

[tomcat] branch 9.0.x updated: Next is 9.0.82

[remm]

This is an automated email from the ASF dual-hosted git repository.

remm pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/9.0.x by this push:
 new 4d56461a37 Next is 9.0.82
4d56461a37 is described below

commit 4d56461a379950d993164a6ec5c66b9188645faf
Author: remm 
AuthorDate: Mon Oct 9 23:19:28 2023 +0200

Next is 9.0.82
---
 res/maven/mvn.properties.default | 2 +-
 webapps/docs/changelog.xml   | 4 +++-
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/res/maven/mvn.properties.default b/res/maven/mvn.properties.default
index 13b9f16e81..8f93c7ee78 100644
--- a/res/maven/mvn.properties.default
+++ b/res/maven/mvn.properties.default
@@ -39,7 +39,7 @@ 
maven.asf.release.repo.url=https://repository.apache.org/service/local/staging/d
 maven.asf.release.repo.repositoryId=apache.releases.https
 
 # Release version info
-maven.asf.release.deploy.version=9.0.81
+maven.asf.release.deploy.version=9.0.82
 
 #Where do we load the libraries from
 tomcat.lib.path=../../output/build/lib
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index a589223fd8..0cb16afab5 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -104,7 +104,9 @@
   They eventually become mixed with the numbered issues (i.e., numbered
   issues do not "pop up" wrt. others).
 -->
-
+
+
+
   
 
   


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

svn commit: r64435 - in /dev/tomcat/tomcat-9/v9.0.81: ./ bin/ bin/embed/ src/

[remm]

Author: remm
Date: Mon Oct  9 21:16:34 2023
New Revision: 64435

Log:
Upload 9.0.81 for voting

Added:
dev/tomcat/tomcat-9/v9.0.81/
dev/tomcat/tomcat-9/v9.0.81/KEYS
dev/tomcat/tomcat-9/v9.0.81/README.html
dev/tomcat/tomcat-9/v9.0.81/RELEASE-NOTES
dev/tomcat/tomcat-9/v9.0.81/bin/
dev/tomcat/tomcat-9/v9.0.81/bin/README.html
dev/tomcat/tomcat-9/v9.0.81/bin/apache-tomcat-9.0.81-deployer.tar.gz   
(with props)
dev/tomcat/tomcat-9/v9.0.81/bin/apache-tomcat-9.0.81-deployer.tar.gz.asc   
(with props)
dev/tomcat/tomcat-9/v9.0.81/bin/apache-tomcat-9.0.81-deployer.tar.gz.sha512
dev/tomcat/tomcat-9/v9.0.81/bin/apache-tomcat-9.0.81-deployer.zip   (with 
props)
dev/tomcat/tomcat-9/v9.0.81/bin/apache-tomcat-9.0.81-deployer.zip.asc   
(with props)
dev/tomcat/tomcat-9/v9.0.81/bin/apache-tomcat-9.0.81-deployer.zip.sha512
dev/tomcat/tomcat-9/v9.0.81/bin/apache-tomcat-9.0.81-fulldocs.tar.gz   
(with props)
dev/tomcat/tomcat-9/v9.0.81/bin/apache-tomcat-9.0.81-fulldocs.tar.gz.asc   
(with props)
dev/tomcat/tomcat-9/v9.0.81/bin/apache-tomcat-9.0.81-fulldocs.tar.gz.sha512
dev/tomcat/tomcat-9/v9.0.81/bin/apache-tomcat-9.0.81-windows-x64.zip   
(with props)
dev/tomcat/tomcat-9/v9.0.81/bin/apache-tomcat-9.0.81-windows-x64.zip.asc   
(with props)
dev/tomcat/tomcat-9/v9.0.81/bin/apache-tomcat-9.0.81-windows-x64.zip.sha512
dev/tomcat/tomcat-9/v9.0.81/bin/apache-tomcat-9.0.81-windows-x86.zip   
(with props)
dev/tomcat/tomcat-9/v9.0.81/bin/apache-tomcat-9.0.81-windows-x86.zip.asc   
(with props)
dev/tomcat/tomcat-9/v9.0.81/bin/apache-tomcat-9.0.81-windows-x86.zip.sha512
dev/tomcat/tomcat-9/v9.0.81/bin/apache-tomcat-9.0.81.exe   (with props)
dev/tomcat/tomcat-9/v9.0.81/bin/apache-tomcat-9.0.81.exe.asc   (with props)
dev/tomcat/tomcat-9/v9.0.81/bin/apache-tomcat-9.0.81.exe.sha512
dev/tomcat/tomcat-9/v9.0.81/bin/apache-tomcat-9.0.81.tar.gz   (with props)
dev/tomcat/tomcat-9/v9.0.81/bin/apache-tomcat-9.0.81.tar.gz.asc   (with 
props)
dev/tomcat/tomcat-9/v9.0.81/bin/apache-tomcat-9.0.81.tar.gz.sha512
dev/tomcat/tomcat-9/v9.0.81/bin/apache-tomcat-9.0.81.zip   (with props)
dev/tomcat/tomcat-9/v9.0.81/bin/apache-tomcat-9.0.81.zip.asc   (with props)
dev/tomcat/tomcat-9/v9.0.81/bin/apache-tomcat-9.0.81.zip.sha512
dev/tomcat/tomcat-9/v9.0.81/bin/embed/
dev/tomcat/tomcat-9/v9.0.81/bin/embed/apache-tomcat-9.0.81-embed.tar.gz   
(with props)
dev/tomcat/tomcat-9/v9.0.81/bin/embed/apache-tomcat-9.0.81-embed.tar.gz.asc 
  (with props)

dev/tomcat/tomcat-9/v9.0.81/bin/embed/apache-tomcat-9.0.81-embed.tar.gz.sha512
dev/tomcat/tomcat-9/v9.0.81/bin/embed/apache-tomcat-9.0.81-embed.zip   
(with props)
dev/tomcat/tomcat-9/v9.0.81/bin/embed/apache-tomcat-9.0.81-embed.zip.asc   
(with props)
dev/tomcat/tomcat-9/v9.0.81/bin/embed/apache-tomcat-9.0.81-embed.zip.sha512
dev/tomcat/tomcat-9/v9.0.81/src/
dev/tomcat/tomcat-9/v9.0.81/src/apache-tomcat-9.0.81-src.tar.gz   (with 
props)
dev/tomcat/tomcat-9/v9.0.81/src/apache-tomcat-9.0.81-src.tar.gz.asc   (with 
props)
dev/tomcat/tomcat-9/v9.0.81/src/apache-tomcat-9.0.81-src.tar.gz.sha512
dev/tomcat/tomcat-9/v9.0.81/src/apache-tomcat-9.0.81-src.zip   (with props)
dev/tomcat/tomcat-9/v9.0.81/src/apache-tomcat-9.0.81-src.zip.asc   (with 
props)
dev/tomcat/tomcat-9/v9.0.81/src/apache-tomcat-9.0.81-src.zip.sha512

Added: dev/tomcat/tomcat-9/v9.0.81/KEYS
==
--- dev/tomcat/tomcat-9/v9.0.81/KEYS (added)
+++ dev/tomcat/tomcat-9/v9.0.81/KEYS Mon Oct  9 21:16:34 2023
@@ -0,0 +1,237 @@
+This file contains the PGP keys of various Apache developers.
+Please don't use them for email unless you have to. Their main
+purpose is code signing.
+
+Apache users: pgp < KEYS
+Apache developers:
+(pgpk -ll  && pgpk -xa ) >> this file.
+  or
+(gpg --fingerprint --list-sigs 
+ && gpg --armor --export ) >> this file.
+
+Apache developers: please ensure that your key is also available via the
+PGP keyservers (such as pgpkeys.mit.edu).
+
+
+pub   1024D/33C60243 2004-09-12
+  Key fingerprint = DCFD 35E0 BF8C A734 4752  DE8B 6FB2 1E89 33C6 0243
+uid  Mark E D Thomas 
+uid  Mark E D Thomas 
+uid  Mark E D Thomas 
+sub   2048g/0BECE548 2004-09-12
+
+pub   4096R/2F6059E7 2009-09-18
+  Key fingerprint = A9C5 DF4D 22E9 9998 D987  5A51 10C0 1C5A 2F60 59E7
+uid  Mark E D Thomas 
+sub   4096R/5E763BEC 2009-09-18
+
+-BEGIN PGP PUBLIC KEY BLOCK-
+Version: GnuPG v1.4.9 (MingW32)
+
+mQGiBEFEjegRBADocGttfROvtLGrTOW3xRqZHmFWybmEaI6jmnRdN/1gGXmb3wQL
+rHsS3fLFIIOYLPph0Kov9q4qNq36LekShIvjMBDFoj2/wRxaUtFq81asaRZg8Mcw
+4kVeIoe8OIOuWmvYhU8SH2jJNUnVVrpTPAa6QWquTmseNi6UJMjLxuL7DwCg//9u
+k2yj0vk6e4WSO6Fe5+EkQDED/AjQsy0kj9TpNHkKSSUR2evRlWPYA0YtxBSbsgON
+tT0cYipAp5IcYt6Zq5QzHiZreyQXLAjItDS2oGCIXfNbTYJ3kxxJTCU/3wlefVdq

[tomcat] 01/01: Tag 10.1.14

[schultz]

This is an automated email from the ASF dual-hosted git repository.

schultz pushed a commit to tag 10.1.14
in repository https://gitbox.apache.org/repos/asf/tomcat.git

commit 5feba31fa86b38bd645bf9cc1ddee883ad7bc6a4
Author: schultz 
AuthorDate: Mon Oct 9 14:12:42 2023 -0700

Tag 10.1.14
---
 build.properties.release |  52 +++
 res/install-win/Uninstall.exe.sig| Bin 0 -> 10253 bytes
 res/install-win/tomcat-installer.exe.sig | Bin 0 -> 10253 bytes
 res/maven/mvn.properties.release |  27 
 webapps/docs/changelog.xml   |   2 +-
 5 files changed, 80 insertions(+), 1 deletion(-)

diff --git a/build.properties.release b/build.properties.release
new file mode 100644
index 00..8bcb341d23
--- /dev/null
+++ b/build.properties.release
@@ -0,0 +1,52 @@
+# -
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements.  See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License.  You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# -
+
+# This file was auto-generated by the pre-release Ant target.
+
+# Any unwanted settings may be over-ridden in a build.properties file located
+# in the same directory as this file.
+
+# Set the version-dev to "" (empty string) as this is not a development 
release.
+version.dev=
+
+# Ensure consistent timestamps for reproducible builds.
+ant.tstamp.now.iso=2023-10-09T21:01:11Z
+
+# Enable insertion of detached signatures into the Windows installer.
+do.codesigning=true
+
+# Re-use the same GPG executable.
+gpg.exec=C:/Program Files (x86)/gnupg/bin/gpg.exe
+
+# Reproducible builds require the use of the build tools defined below. The
+# vendors (where appropriate) and versions must match exactly for a 
reproducible
+# build since this data is embedded in various files, particularly JAR file
+# manifests, as part of the build process.
+#
+# Apache Ant:  Apache Ant(TM) version 1.10.12 compiled on October 13 2021
+#
+# Java Name:   OpenJDK 64-Bit Server VM
+# Java Vendor: Eclipse Adoptium
+# Java Version:11.0.20+8
+
+# The following is provided for information only. Builds will be repeatable
+# whether or not the build environment in consistent with this information.
+#
+# OS:  amd64 Windows 10 10.0
+# File encoding:   Cp1252
+#
+# Release Manager: schultz
diff --git a/res/install-win/Uninstall.exe.sig 
b/res/install-win/Uninstall.exe.sig
new file mode 100644
index 00..b3c9a721a6
Binary files /dev/null and b/res/install-win/Uninstall.exe.sig differ
diff --git a/res/install-win/tomcat-installer.exe.sig 
b/res/install-win/tomcat-installer.exe.sig
new file mode 100644
index 00..926635b001
Binary files /dev/null and b/res/install-win/tomcat-installer.exe.sig differ
diff --git a/res/maven/mvn.properties.release b/res/maven/mvn.properties.release
new file mode 100644
index 00..cef7904844
--- /dev/null
+++ b/res/maven/mvn.properties.release
@@ -0,0 +1,27 @@
+# -
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements.  See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License.  You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# -
+
+# This file was auto-generated by the pre-release Ant target.
+
+# Remove "-dev" from the version since this is not a development release.
+maven.asf.release.deploy.version=10.1.14
+
+# Re-use the same GPG executable.
+gpg.exec=C:/Program Files (x86)/gnupg/bin/gpg.exe
+
+# Set the user name to 

[tomcat] tag 10.1.14 created (now 5feba31fa8)

[schultz]

This is an automated email from the ASF dual-hosted git repository.

schultz pushed a change to tag 10.1.14
in repository https://gitbox.apache.org/repos/asf/tomcat.git


  at 5feba31fa8 (commit)
This tag includes the following new commits:

 new 5feba31fa8 Tag 10.1.14

The 1 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails.  The revisions
listed as "add" were already present in the repository and have only
been added to this reference.



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] tag 9.0.81 created (now 90a0120a60)

[remm]

This is an automated email from the ASF dual-hosted git repository.

remm pushed a change to tag 9.0.81
in repository https://gitbox.apache.org/repos/asf/tomcat.git


  at 90a0120a60 (commit)
This tag includes the following new commits:

 new 90a0120a60 Tag 9.0.81

The 1 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails.  The revisions
listed as "add" were already present in the repository and have only
been added to this reference.



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] 01/01: Tag 9.0.81

[remm]

This is an automated email from the ASF dual-hosted git repository.

remm pushed a commit to tag 9.0.81
in repository https://gitbox.apache.org/repos/asf/tomcat.git

commit 90a0120a60faf9a3a657b113a7e2cdda2112be91
Author: remm 
AuthorDate: Mon Oct 9 23:10:06 2023 +0200

Tag 9.0.81
---
 build.properties.release |  52 +++
 res/install-win/Uninstall.exe.sig| Bin 0 -> 10253 bytes
 res/install-win/tomcat-installer.exe.sig | Bin 0 -> 10253 bytes
 res/maven/mvn.properties.release |  27 
 webapps/docs/changelog.xml   |   2 +-
 5 files changed, 80 insertions(+), 1 deletion(-)

diff --git a/build.properties.release b/build.properties.release
new file mode 100644
index 00..13362cdde6
--- /dev/null
+++ b/build.properties.release
@@ -0,0 +1,52 @@
+# -
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements.  See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License.  You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# -
+
+# This file was auto-generated by the pre-release Ant target.
+
+# Any unwanted settings may be over-ridden in a build.properties file located
+# in the same directory as this file.
+
+# Set the version-dev to "" (empty string) as this is not a development 
release.
+version.dev=
+
+# Ensure consistent timestamps for reproducible builds.
+ant.tstamp.now.iso=2023-10-09T21:04:55Z
+
+# Enable insertion of detached signatures into the Windows installer.
+do.codesigning=true
+
+# Re-use the same GPG executable.
+gpg.exec=/usr/bin/gpg
+
+# Reproducible builds require the use of the build tools defined below. The
+# vendors (where appropriate) and versions must match exactly for a 
reproducible
+# build since this data is embedded in various files, particularly JAR file
+# manifests, as part of the build process.
+#
+# Apache Ant:  Apache Ant(TM) version 1.10.12 compiled on January 18 2023
+#
+# Java Name:   OpenJDK 64-Bit Server VM
+# Java Vendor: Eclipse Adoptium
+# Java Version:11.0.20+8
+
+# The following is provided for information only. Builds will be repeatable
+# whether or not the build environment in consistent with this information.
+#
+# OS:  amd64 Linux 6.5.5-200.fc38.x86_64
+# File encoding:   UTF-8
+#
+# Release Manager: remm
diff --git a/res/install-win/Uninstall.exe.sig 
b/res/install-win/Uninstall.exe.sig
new file mode 100644
index 00..511d5e5b68
Binary files /dev/null and b/res/install-win/Uninstall.exe.sig differ
diff --git a/res/install-win/tomcat-installer.exe.sig 
b/res/install-win/tomcat-installer.exe.sig
new file mode 100644
index 00..6deac09132
Binary files /dev/null and b/res/install-win/tomcat-installer.exe.sig differ
diff --git a/res/maven/mvn.properties.release b/res/maven/mvn.properties.release
new file mode 100644
index 00..87c0c5d3fa
--- /dev/null
+++ b/res/maven/mvn.properties.release
@@ -0,0 +1,27 @@
+# -
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements.  See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License.  You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# -
+
+# This file was auto-generated by the pre-release Ant target.
+
+# Remove "-dev" from the version since this is not a development release.
+maven.asf.release.deploy.version=9.0.81
+
+# Re-use the same GPG executable.
+gpg.exec=/usr/bin/gpg
+
+# Set the user name to use to upload the artefacts to Nexus.

[tomcat] 03/03: Improvements to HTTP/2 overhead protection.

[markt]

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git

commit 944332bb15bd2f3bf76ec2caeb1ff0a58a3bc628
Author: Mark Thomas 
AuthorDate: Thu Oct 5 20:54:14 2023 +0100

Improvements to HTTP/2 overhead protection.
---
 java/org/apache/coyote/http2/Http2Protocol.java   | 19 ++-
 java/org/apache/coyote/http2/Http2UpgradeHandler.java |  2 ++
 webapps/docs/changelog.xml|  3 +++
 webapps/docs/config/http2.xml |  9 -
 4 files changed, 31 insertions(+), 2 deletions(-)

diff --git a/java/org/apache/coyote/http2/Http2Protocol.java 
b/java/org/apache/coyote/http2/Http2Protocol.java
index bfcf50a977..6ed50c84cf 100644
--- a/java/org/apache/coyote/http2/Http2Protocol.java
+++ b/java/org/apache/coyote/http2/Http2Protocol.java
@@ -63,8 +63,10 @@ public class Http2Protocol implements UpgradeProtocol {
 // Maximum amount of streams which can be concurrently executed over
 // a single connection
 static final int DEFAULT_MAX_CONCURRENT_STREAM_EXECUTION = 20;
-
+// Default factor used when adjusting overhead count for overhead frames
 static final int DEFAULT_OVERHEAD_COUNT_FACTOR = 10;
+// Default factor used when adjusting overhead count for reset frames
+static final int DEFAULT_OVERHEAD_RESET_FACTOR = 50;
 // Not currently configurable. This makes the practical limit for
 // overheadCountFactor to be ~20. The exact limit will vary with traffic
 // patterns.
@@ -98,6 +100,7 @@ public class Http2Protocol implements UpgradeProtocol {
 private int maxTrailerCount = Constants.DEFAULT_MAX_TRAILER_COUNT;
 private int maxTrailerSize = Constants.DEFAULT_MAX_TRAILER_SIZE;
 private int overheadCountFactor = DEFAULT_OVERHEAD_COUNT_FACTOR;
+private int overheadResetFactor = DEFAULT_OVERHEAD_RESET_FACTOR;
 private int overheadContinuationThreshold = 
DEFAULT_OVERHEAD_CONTINUATION_THRESHOLD;
 private int overheadDataThreshold = DEFAULT_OVERHEAD_DATA_THRESHOLD;
 private int overheadWindowUpdateThreshold = 
DEFAULT_OVERHEAD_WINDOW_UPDATE_THRESHOLD;
@@ -339,6 +342,20 @@ public class Http2Protocol implements UpgradeProtocol {
 }
 
 
+public int getOverheadResetFactor() {
+return overheadResetFactor;
+}
+
+
+public void setOverheadResetFactor(int overheadResetFactor) {
+if (overheadResetFactor < 0) {
+this.overheadResetFactor = 0;
+} else {
+this.overheadResetFactor = overheadResetFactor;
+}
+}
+
+
 public int getOverheadContinuationThreshold() {
 return overheadContinuationThreshold;
 }
diff --git a/java/org/apache/coyote/http2/Http2UpgradeHandler.java 
b/java/org/apache/coyote/http2/Http2UpgradeHandler.java
index b5e5d5ce08..32298adb01 100644
--- a/java/org/apache/coyote/http2/Http2UpgradeHandler.java
+++ b/java/org/apache/coyote/http2/Http2UpgradeHandler.java
@@ -1812,6 +1812,7 @@ class Http2UpgradeHandler extends AbstractStream 
implements InternalHttpUpgradeH
 log.debug(sm.getString("upgradeHandler.reset.receive", 
getConnectionId(), Integer.toString(streamId),
 Long.toString(errorCode)));
 }
+increaseOverheadCount(FrameType.RST, 
getProtocol().getOverheadResetFactor());
 AbstractNonZeroStream abstractNonZeroStream = 
getAbstractNonZeroStream(streamId, true);
 abstractNonZeroStream.checkState(FrameType.RST);
 if (abstractNonZeroStream instanceof Stream) {
@@ -1945,6 +1946,7 @@ class Http2UpgradeHandler extends AbstractStream 
implements InternalHttpUpgradeH
 
 @Override
 public void priorityUpdate(int prioritizedStreamID, Priority p) throws 
Http2Exception {
+increaseOverheadCount(FrameType.PRIORITY_UPDATE);
 AbstractNonZeroStream abstractNonZeroStream = 
getAbstractNonZeroStream(prioritizedStreamID, true);
 if (abstractNonZeroStream instanceof Stream) {
 Stream stream = (Stream) abstractNonZeroStream;
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index d833560c08..5d7614a1a7 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -163,6 +163,9 @@
   
 Align validation of HTTP trailer fields with standard fields. (markt)
   
+  
+Improvements to HTTP/2 overhead protection. (markt)
+  
 
   
   
diff --git a/webapps/docs/config/http2.xml b/webapps/docs/config/http2.xml
index 34d4c9e603..9c95189fdc 100644
--- a/webapps/docs/config/http2.xml
+++ b/webapps/docs/config/http2.xml
@@ -222,7 +222,7 @@
   count starts at -10 * overheadCountFactor. The count is
   decreased by 20 for each data frame sent or received and each headers 
frame
   received. The count is increased by the overheadCountFactor
-  for each setting received, priority frame received and ping received. If
+  for 

[tomcat] branch 8.5.x updated (28c22d727b -> 944332bb15)

[markt]

This is an automated email from the ASF dual-hosted git repository.

markt pushed a change to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


from 28c22d727b Restore i18n string incorrectly removed back in 2011
 new c83fe47725 Align processing of trailer headers with standard processing
 new 30f8063d7a Improve handling of failures during recycle() methods
 new 944332bb15 Improvements to HTTP/2 overhead protection.

The 3 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails.  The revisions
listed as "add" were already present in the repository and have only
been added to this reference.


Summary of changes:
 .../apache/catalina/connector/LocalStrings.properties |  1 +
 java/org/apache/catalina/connector/Request.java   |  7 ---
 .../apache/catalina/core/ApplicationHttpRequest.java  |  8 +++-
 java/org/apache/catalina/core/LocalStrings.properties |  1 +
 .../apache/catalina/core/LocalStrings_es.properties   |  2 ++
 .../apache/catalina/core/LocalStrings_fr.properties   |  1 +
 .../apache/catalina/core/LocalStrings_ja.properties   |  1 +
 .../apache/catalina/core/LocalStrings_ko.properties   |  1 +
 .../catalina/core/LocalStrings_zh_CN.properties   |  1 +
 java/org/apache/coyote/http11/Http11InputBuffer.java  |  8 +++-
 .../coyote/http11/filters/ChunkedInputFilter.java | 15 ++-
 .../coyote/http11/filters/LocalStrings.properties |  2 ++
 java/org/apache/coyote/http2/Http2Protocol.java   | 19 ++-
 java/org/apache/coyote/http2/Http2UpgradeHandler.java |  2 ++
 java/org/apache/tomcat/util/buf/B2CConverter.java | 11 ++-
 java/org/apache/tomcat/util/buf/C2BConverter.java | 15 ++-
 .../apache/tomcat/util/buf/LocalStrings.properties|  3 +++
 webapps/docs/changelog.xml| 10 ++
 webapps/docs/config/http2.xml |  9 -
 19 files changed, 107 insertions(+), 10 deletions(-)


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] 02/03: Improve handling of failures during recycle() methods

[markt]

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git

commit 30f8063d7a9b4c43ae4722f5e382a76af1d7a6bf
Author: Mark Thomas 
AuthorDate: Thu Oct 5 20:52:46 2023 +0100

Improve handling of failures during recycle() methods
---
 .../org/apache/catalina/connector/LocalStrings.properties |  1 +
 java/org/apache/catalina/connector/Request.java   |  7 ---
 java/org/apache/catalina/core/ApplicationHttpRequest.java |  8 +++-
 java/org/apache/catalina/core/LocalStrings.properties |  1 +
 java/org/apache/catalina/core/LocalStrings_es.properties  |  2 ++
 java/org/apache/catalina/core/LocalStrings_fr.properties  |  1 +
 java/org/apache/catalina/core/LocalStrings_ja.properties  |  1 +
 java/org/apache/catalina/core/LocalStrings_ko.properties  |  1 +
 .../apache/catalina/core/LocalStrings_zh_CN.properties|  1 +
 java/org/apache/tomcat/util/buf/B2CConverter.java | 11 ++-
 java/org/apache/tomcat/util/buf/C2BConverter.java | 15 ++-
 java/org/apache/tomcat/util/buf/LocalStrings.properties   |  3 +++
 webapps/docs/changelog.xml|  4 
 13 files changed, 50 insertions(+), 6 deletions(-)

diff --git a/java/org/apache/catalina/connector/LocalStrings.properties 
b/java/org/apache/catalina/connector/LocalStrings.properties
index f511e2e836..945e7b88f1 100644
--- a/java/org/apache/catalina/connector/LocalStrings.properties
+++ b/java/org/apache/catalina/connector/LocalStrings.properties
@@ -51,6 +51,7 @@ coyoteRequest.attributeEvent=Exception thrown by attributes 
event listener
 coyoteRequest.authenticate.ise=Cannot call authenticate() after the response 
has been committed
 coyoteRequest.changeSessionId=Cannot change session ID. There is no session 
associated with this request.
 coyoteRequest.chunkedPostTooLarge=Parameters were not parsed because the size 
of the posted data was too big. Because this request was a chunked request, it 
could not be processed further. Use the maxPostSize attribute of the connector 
to resolve this if the application should accept large POSTs.
+coyoteRequest.deletePartFailed=Failed to deleted temporary file used for part 
[{0}]
 coyoteRequest.filterAsyncSupportUnknown=Unable to determine if any filters do 
not support async processing
 coyoteRequest.getContextPath.ise=Unable to find match between the canonical 
context path [{0}] and the URI presented by the user agent [{1}]
 coyoteRequest.getInputStream.ise=getReader() has already been called for this 
request
diff --git a/java/org/apache/catalina/connector/Request.java 
b/java/org/apache/catalina/connector/Request.java
index 6055001b98..dcf037a140 100644
--- a/java/org/apache/catalina/connector/Request.java
+++ b/java/org/apache/catalina/connector/Request.java
@@ -466,8 +466,9 @@ public class Request implements HttpServletRequest {
 for (Part part : parts) {
 try {
 part.delete();
-} catch (IOException ignored) {
-// ApplicationPart.delete() never throws an IOEx
+} catch (Throwable t) {
+ExceptionUtils.handleThrowable(t);
+log.warn(sm.getString("coyoteRequest.deletePartFailed", 
part.getName()), t);
 }
 }
 parts = null;
@@ -520,8 +521,8 @@ public class Request implements HttpServletRequest {
 asyncSupported = null;
 if (asyncContext != null) {
 asyncContext.recycle();
+asyncContext = null;
 }
-asyncContext = null;
 }
 
 
diff --git a/java/org/apache/catalina/core/ApplicationHttpRequest.java 
b/java/org/apache/catalina/core/ApplicationHttpRequest.java
index c7f61d816b..c45f895819 100644
--- a/java/org/apache/catalina/core/ApplicationHttpRequest.java
+++ b/java/org/apache/catalina/core/ApplicationHttpRequest.java
@@ -45,6 +45,7 @@ import org.apache.catalina.connector.RequestFacade;
 import org.apache.catalina.util.ParameterMap;
 import org.apache.catalina.util.RequestUtil;
 import org.apache.catalina.util.URLEncoder;
+import org.apache.tomcat.util.ExceptionUtils;
 import org.apache.tomcat.util.buf.B2CConverter;
 import org.apache.tomcat.util.buf.MessageBytes;
 import org.apache.tomcat.util.http.Parameters;
@@ -613,7 +614,12 @@ class ApplicationHttpRequest extends 
HttpServletRequestWrapper {
  */
 public void recycle() {
 if (session != null) {
-session.endAccess();
+try {
+session.endAccess();
+} catch (Throwable t) {
+ExceptionUtils.handleThrowable(t);
+
context.getLogger().warn(sm.getString("applicationHttpRequest.sessionEndAccessFail"),
 t);
+}
 }
 }
 
diff --git a/java/org/apache/catalina/core/LocalStrings.properties 
b/java/org/apache/catalina/core/LocalStrings.properties

[tomcat] 01/03: Align processing of trailer headers with standard processing

[markt]

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git

commit c83fe47725f7ae9ae213568d9039171124fb7ec6
Author: Mark Thomas 
AuthorDate: Thu Oct 5 20:51:48 2023 +0100

Align processing of trailer headers with standard processing
---
 java/org/apache/coyote/http11/Http11InputBuffer.java  |  8 +++-
 .../apache/coyote/http11/filters/ChunkedInputFilter.java  | 15 ++-
 .../apache/coyote/http11/filters/LocalStrings.properties  |  2 ++
 webapps/docs/changelog.xml|  3 +++
 4 files changed, 26 insertions(+), 2 deletions(-)

diff --git a/java/org/apache/coyote/http11/Http11InputBuffer.java 
b/java/org/apache/coyote/http11/Http11InputBuffer.java
index da3e456d2f..60e5027961 100644
--- a/java/org/apache/coyote/http11/Http11InputBuffer.java
+++ b/java/org/apache/coyote/http11/Http11InputBuffer.java
@@ -830,6 +830,12 @@ public class Http11InputBuffer implements InputBuffer, 
ApplicationBufferHandler
  */
 private HeaderParseStatus parseHeader() throws IOException {
 
+/*
+ * Implementation note: Any changes to this method probably need to be 
echoed in
+ * ChunkedInputFilter.parseHeader(). Why not use a common 
implementation? In short, this code uses non-blocking
+ * reads whereas ChunkedInputFilter using blocking reads. The code is 
just different enough that a common
+ * implementation wasn't viewed as practical.
+ */
 while (headerParsePos == HeaderParsePosition.HEADER_START) {
 
 // Read new bytes if needed
@@ -972,7 +978,7 @@ public class Http11InputBuffer implements InputBuffer, 
ApplicationBufferHandler
 } else if (prevChr == Constants.CR) {
 // Invalid value - also need to delete header
 return skipLine(true);
-} else if (chr != Constants.HT && 
HttpParser.isControl(chr)) {
+} else if (HttpParser.isControl(chr) && chr != 
Constants.HT) {
 // Invalid value - also need to delete header
 return skipLine(true);
 } else if (chr == Constants.SP || chr == Constants.HT) {
diff --git a/java/org/apache/coyote/http11/filters/ChunkedInputFilter.java 
b/java/org/apache/coyote/http11/filters/ChunkedInputFilter.java
index d19b4eaa13..90489e7f45 100644
--- a/java/org/apache/coyote/http11/filters/ChunkedInputFilter.java
+++ b/java/org/apache/coyote/http11/filters/ChunkedInputFilter.java
@@ -31,6 +31,7 @@ import org.apache.tomcat.util.buf.ByteChunk;
 import org.apache.tomcat.util.buf.HexUtils;
 import org.apache.tomcat.util.buf.MessageBytes;
 import org.apache.tomcat.util.http.MimeHeaders;
+import org.apache.tomcat.util.http.parser.HttpParser;
 import org.apache.tomcat.util.net.ApplicationBufferHandler;
 import org.apache.tomcat.util.res.StringManager;
 
@@ -503,6 +504,13 @@ public class ChunkedInputFilter implements InputFilter, 
ApplicationBufferHandler
 
 private boolean parseHeader() throws IOException {
 
+/*
+ * Implementation note: Any changes to this method probably need to be 
echoed in
+ * Http11InputBuffer.parseHeader(). Why not use a common 
implementation? In short, this code uses blocking
+ * reads whereas Http11InputBuffer using non-blocking reads. The code 
is just different enough that a common
+ * implementation wasn't viewed as practical.
+ */
+
 MimeHeaders headers = request.getMimeHeaders();
 
 byte chr = 0;
@@ -549,6 +557,9 @@ public class ChunkedInputFilter implements InputFilter, 
ApplicationBufferHandler
 
 if (chr == Constants.COLON) {
 colon = true;
+} else if (!HttpParser.isToken(chr)) {
+// Non-token characters are illegal in header names
+throw new 
IOException(sm.getString("chunkedInputFilter.invalidTrailerHeaderName"));
 } else {
 trailingHeaders.append(chr);
 }
@@ -610,7 +621,9 @@ public class ChunkedInputFilter implements InputFilter, 
ApplicationBufferHandler
 if (chr == Constants.CR || chr == Constants.LF) {
 parseCRLF(true);
 eol = true;
-} else if (chr == Constants.SP) {
+} else if (HttpParser.isControl(chr) && chr != Constants.HT) {
+throw new 
IOException(sm.getString("chunkedInputFilter.invalidTrailerHeaderValue"));
+} else if (chr == Constants.SP || chr == Constants.HT) {
 trailingHeaders.append(chr);
 } else {
 trailingHeaders.append(chr);
diff --git a/java/org/apache/coyote/http11/filters/LocalStrings.properties 
b/java/org/apache/coyote/http11/filters/LocalStrings.properties
index 72dc788bc5..3114a87d0a 100644
--- 

[tomcat] 01/01: Tag 11.0.0-M12

[markt]

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to tag 11.0.0-M12
in repository https://gitbox.apache.org/repos/asf/tomcat.git

commit 5a67c7c58d8caf24969093e6423b7f0b43df2f6a
Author: Mark Thomas 
AuthorDate: Mon Oct 9 21:50:43 2023 +0100

Tag 11.0.0-M12
---
 build.properties.release |  52 +++
 res/install-win/Uninstall.exe.sig| Bin 0 -> 10253 bytes
 res/install-win/tomcat-installer.exe.sig | Bin 0 -> 10253 bytes
 res/maven/mvn.properties.release |  27 
 webapps/docs/changelog.xml   |   2 +-
 5 files changed, 80 insertions(+), 1 deletion(-)

diff --git a/build.properties.release b/build.properties.release
new file mode 100644
index 00..f1f0b2921e
--- /dev/null
+++ b/build.properties.release
@@ -0,0 +1,52 @@
+# -
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements.  See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License.  You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# -
+
+# This file was auto-generated by the pre-release Ant target.
+
+# Any unwanted settings may be over-ridden in a build.properties file located
+# in the same directory as this file.
+
+# Set the version-dev to "" (empty string) as this is not a development 
release.
+version.dev=
+
+# Ensure consistent timestamps for reproducible builds.
+ant.tstamp.now.iso=2023-10-09T20:38:17Z
+
+# Enable insertion of detached signatures into the Windows installer.
+do.codesigning=true
+
+# Re-use the same GPG executable.
+gpg.exec=C:/Progra~2/GnuPG/bin/gpg.exe
+
+# Reproducible builds require the use of the build tools defined below. The
+# vendors (where appropriate) and versions must match exactly for a 
reproducible
+# build since this data is embedded in various files, particularly JAR file
+# manifests, as part of the build process.
+#
+# Apache Ant:  Apache Ant(TM) version 1.10.12 compiled on October 13 2021
+#
+# Java Name:   OpenJDK 64-Bit Server VM
+# Java Vendor: Oracle Corporation
+# Java Version:21+35-2513
+
+# The following is provided for information only. Builds will be repeatable
+# whether or not the build environment in consistent with this information.
+#
+# OS:  amd64 Windows 10 10.0
+# File encoding:   UTF-8
+#
+# Release Manager: markt
diff --git a/res/install-win/Uninstall.exe.sig 
b/res/install-win/Uninstall.exe.sig
new file mode 100644
index 00..b22a5b7787
Binary files /dev/null and b/res/install-win/Uninstall.exe.sig differ
diff --git a/res/install-win/tomcat-installer.exe.sig 
b/res/install-win/tomcat-installer.exe.sig
new file mode 100644
index 00..d1d629585f
Binary files /dev/null and b/res/install-win/tomcat-installer.exe.sig differ
diff --git a/res/maven/mvn.properties.release b/res/maven/mvn.properties.release
new file mode 100644
index 00..f4688f0939
--- /dev/null
+++ b/res/maven/mvn.properties.release
@@ -0,0 +1,27 @@
+# -
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements.  See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License.  You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# -
+
+# This file was auto-generated by the pre-release Ant target.
+
+# Remove "-dev" from the version since this is not a development release.
+maven.asf.release.deploy.version=11.0.0-M12
+
+# Re-use the same GPG executable.
+gpg.exec=C:/Progra~2/GnuPG/bin/gpg.exe
+
+# Set the user name to use to 

[tomcat] tag 11.0.0-M12 created (now 5a67c7c58d)

[markt]

This is an automated email from the ASF dual-hosted git repository.

markt pushed a change to tag 11.0.0-M12
in repository https://gitbox.apache.org/repos/asf/tomcat.git


  at 5a67c7c58d (commit)
This tag includes the following new commits:

 new 5a67c7c58d Tag 11.0.0-M12

The 1 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails.  The revisions
listed as "add" were already present in the repository and have only
been added to this reference.



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] tag 11.0.0-M12 deleted (was fb0cf97252)

[markt]

This is an automated email from the ASF dual-hosted git repository.

markt pushed a change to tag 11.0.0-M12
in repository https://gitbox.apache.org/repos/asf/tomcat.git


*** WARNING: tag 11.0.0-M12 was deleted! ***

 was fb0cf97252 Tag 11.0.0-M12

This change permanently discards the following revisions:

 discard fb0cf97252 Tag 11.0.0-M12


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] 01/01: Tag 11.0.0-M12

[markt]

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to tag 11.0.0-M12
in repository https://gitbox.apache.org/repos/asf/tomcat.git

commit fb0cf9725299c2d0d9e6b87300510b22e095fd1e
Author: Mark Thomas 
AuthorDate: Mon Oct 9 21:46:48 2023 +0100

Tag 11.0.0-M12
---
 webapps/docs/changelog.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index ff38fc4ac6..97e043423e 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -104,7 +104,7 @@
   They eventually become mixed with the numbered issues (i.e., numbered
   issues do not "pop up" wrt. others).
 -->
-
+
   
 
   


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] tag 11.0.0-M12 created (now fb0cf97252)

[markt]

This is an automated email from the ASF dual-hosted git repository.

markt pushed a change to tag 11.0.0-M12
in repository https://gitbox.apache.org/repos/asf/tomcat.git


  at fb0cf97252 (commit)
This tag includes the following new commits:

 new fb0cf97252 Tag 11.0.0-M12

The 1 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails.  The revisions
listed as "add" were already present in the repository and have only
been added to this reference.



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Buildbot failure in on tomcat-11.0.x

[buildbot]

Build status: BUILD FAILED: failed compile (failure)
Worker used: bb_worker2_ubuntu
URL: https://ci2.apache.org/#builders/112/builds/663
Blamelist: Christopher Schultz , Mark Thomas 

Build Text: failed compile (failure)
Status Detected: new failure
Build Source Stamp: [branch main] 9cdfe25bad707f34b3e5da2994f3f1952a163c3e


Steps:

  worker_preparation: 0

  git: 0

  shell: 0

  shell_1: 0

  shell_2: 0

  shell_3: 0

  shell_4: 0

  shell_5: 0

  compile: 2


-- ASF Buildbot


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch main updated: Fix Javadoc

[markt]

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/main by this push:
 new 7175eb5089 Fix Javadoc
7175eb5089 is described below

commit 7175eb5089abc66550f1242132bba69abb63e553
Author: Mark Thomas 
AuthorDate: Mon Oct 9 17:31:09 2023 -0300

Fix Javadoc
---
 java/org/apache/catalina/valves/FilterValve.java | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/java/org/apache/catalina/valves/FilterValve.java 
b/java/org/apache/catalina/valves/FilterValve.java
index d3f3da5f1b..2ac4ace086 100644
--- a/java/org/apache/catalina/valves/FilterValve.java
+++ b/java/org/apache/catalina/valves/FilterValve.java
@@ -59,7 +59,7 @@ import 
org.apache.tomcat.util.threads.ScheduledThreadPoolExecutor;
  * will be thrown.
  * 
  *
- * @see Valve
+ * @see org.apache.catalina.Valve
  * @see Filter
  */
 public class FilterValve extends ValveBase implements FilterConfig {


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] 02/03: Reformat code

[markt]

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git

commit f5956bd73bbd55675a55e29ec0d4fe54397f8fed
Author: Mark Thomas 
AuthorDate: Mon Oct 9 17:29:14 2023 -0300

Reformat code
---
 java/org/apache/catalina/valves/FilterValve.java | 95 +++-
 1 file changed, 44 insertions(+), 51 deletions(-)

diff --git a/java/org/apache/catalina/valves/FilterValve.java 
b/java/org/apache/catalina/valves/FilterValve.java
index 636ae3d3b3..c76065e4c2 100644
--- a/java/org/apache/catalina/valves/FilterValve.java
+++ b/java/org/apache/catalina/valves/FilterValve.java
@@ -42,32 +42,27 @@ import jakarta.servlet.ServletRequest;
 import jakarta.servlet.ServletResponse;
 
 /**
- * A Valve to wrap a Filter, allowing a user to run Servlet Filters as a
- * part of the Valve chain.
- *
- * There are some caveats you must be aware of when using this Valve
- * to wrap a Filter:
- *
+ * 
+ * A Valve to wrap a Filter, allowing a user to run Servlet Filters as a part 
of the Valve chain.
+ * 
+ * 
+ * There are some caveats you must be aware of when using this Valve to wrap a 
Filter:
+ * 
  * 
- *   You get a separate instance of your Filter class distinct
- *   from any that may be instantiated within your application.
- *   Calls to {@link FilterConfig#getFilterName()} will return 
null.
- *   Calling {@link FilterConfig#getServletContext()} will return
- *   the proper ServletContext for a Valve/Filter attached to a
- *   Context, but will return a ServletContext
- *   which is nearly useless for any Valve/Filter specified on
- *   an Engine or Host.
- *   Your Filter MUST NOT wrap the {@link ServletRequest} or
- *   {@link ServletResponse} objects, or an exception will be thrown.
+ * You get a separate instance of your Filter class distinct from 
any that may be instantiated within your
+ * application.
+ * Calls to {@link FilterConfig#getFilterName()} will return 
null.
+ * Calling {@link FilterConfig#getServletContext()} will return the proper 
ServletContext for a Valve/Filter
+ * attached to a Context, but will return a 
ServletContext which is nearly useless for any
+ * Valve/Filter specified on an Engine or 
Host.
+ * Your Filter MUST NOT wrap the {@link ServletRequest} or {@link 
ServletResponse} objects, or an exception
+ * will be thrown.
  * 
  *
  * @see Valve
  * @see Filter
  */
-public class FilterValve
-extends ValveBase
-implements FilterConfig
-{
+public class FilterValve extends ValveBase implements FilterConfig {
 /**
  * The name of the Filter class that will be instantiated.
  */
@@ -118,11 +113,11 @@ public class FilterValve
 /**
  * Adds an initialization parameter for the Filter.
  *
- * @param paramName The name of the parameter.
+ * @param paramName  The name of the parameter.
  * @param paramValue The value of the parameter.
  */
 public void addInitParam(String paramName, String paramValue) {
-if(null == filterInitParams) {
+if (null == filterInitParams) {
 filterInitParams = new HashMap<>();
 }
 
@@ -140,15 +135,14 @@ public class FilterValve
 }
 
 /**
- * Gets the ServletContext.
- *
- * Note that this will be of limited use if the Valve/Filter is not
- * attached to a Context.
+ * Gets the ServletContext. Note that this will be of limited use if the 
Valve/Filter is not attached to a
+ * Context.
  */
 @Override
 public ServletContext getServletContext() {
-if(null == application) {
-throw new IllegalStateException("Filter " + filter + " has called 
getServletContext from FilterValve, but this FilterValve is not ");
+if (null == application) {
+throw new IllegalStateException("Filter " + filter +
+" has called getServletContext from FilterValve, but this 
FilterValve is not ");
 } else {
 return application;
 }
@@ -159,13 +153,12 @@ public class FilterValve
  *
  * @param name The name of the initialization parameter.
  *
- * @return The value for the initialization parameter, or
- * null if there is no value for the
- * specified initialization parameter name.
+ * @return The value for the initialization parameter, or 
null if there is no value for the specified
+ * initialization parameter name.
  */
 @Override
 public String getInitParameter(String name) {
-if(null == filterInitParams) {
+if (null == filterInitParams) {
 return null;
 } else {
 return filterInitParams.get(name);
@@ -179,7 +172,7 @@ public class FilterValve
  */
 @Override
 public Enumeration getInitParameterNames() {
-if(null == filterInitParams) {
+if (null == filterInitParams) {
 return 

[tomcat] 01/03: Add license

[markt]

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git

commit 0479ffad61ec5cc5cdc3a580353ac54a7b5774ed
Author: Mark Thomas 
AuthorDate: Mon Oct 9 17:28:57 2023 -0300

Add license
---
 java/org/apache/catalina/valves/FilterValve.java | 16 
 1 file changed, 16 insertions(+)

diff --git a/java/org/apache/catalina/valves/FilterValve.java 
b/java/org/apache/catalina/valves/FilterValve.java
index 44192671c9..636ae3d3b3 100644
--- a/java/org/apache/catalina/valves/FilterValve.java
+++ b/java/org/apache/catalina/valves/FilterValve.java
@@ -1,3 +1,19 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
 package org.apache.catalina.valves;
 
 import java.io.IOException;


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] 03/03: Fix Checkstyle (import order)

[markt]

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git

commit 2dfc6dabf990a4abce9b986132530c6cf6eb596b
Author: Mark Thomas 
AuthorDate: Mon Oct 9 17:30:24 2023 -0300

Fix Checkstyle (import order)
---
 java/org/apache/catalina/valves/FilterValve.java | 14 +++---
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/java/org/apache/catalina/valves/FilterValve.java 
b/java/org/apache/catalina/valves/FilterValve.java
index c76065e4c2..d3f3da5f1b 100644
--- a/java/org/apache/catalina/valves/FilterValve.java
+++ b/java/org/apache/catalina/valves/FilterValve.java
@@ -26,13 +26,6 @@ import java.util.Enumeration;
 import java.util.HashMap;
 import java.util.concurrent.ScheduledExecutorService;
 
-import org.apache.catalina.Container;
-import org.apache.catalina.Context;
-import org.apache.catalina.LifecycleException;
-import org.apache.catalina.connector.Request;
-import org.apache.catalina.connector.Response;
-import org.apache.tomcat.util.threads.ScheduledThreadPoolExecutor;
-
 import jakarta.servlet.Filter;
 import jakarta.servlet.FilterChain;
 import jakarta.servlet.FilterConfig;
@@ -41,6 +34,13 @@ import jakarta.servlet.ServletException;
 import jakarta.servlet.ServletRequest;
 import jakarta.servlet.ServletResponse;
 
+import org.apache.catalina.Container;
+import org.apache.catalina.Context;
+import org.apache.catalina.LifecycleException;
+import org.apache.catalina.connector.Request;
+import org.apache.catalina.connector.Response;
+import org.apache.tomcat.util.threads.ScheduledThreadPoolExecutor;
+
 /**
  * 
  * A Valve to wrap a Filter, allowing a user to run Servlet Filters as a part 
of the Valve chain.


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch main updated (9cdfe25bad -> 2dfc6dabf9)

[markt]

This is an automated email from the ASF dual-hosted git repository.

markt pushed a change to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git


from 9cdfe25bad Improvements to HTTP/2 overhead protection.
 new 0479ffad61 Add license
 new f5956bd73b Reformat code
 new 2dfc6dabf9 Fix Checkstyle (import order)

The 3 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails.  The revisions
listed as "add" were already present in the repository and have only
been added to this reference.


Summary of changes:
 java/org/apache/catalina/valves/FilterValve.java | 125 ---
 1 file changed, 67 insertions(+), 58 deletions(-)


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] 01/03: Align processing of trailer headers with standard processing

[markt]

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git

commit 59583245639d8c42ae0009f4a4a70464d3ea70a0
Author: Mark Thomas 
AuthorDate: Thu Oct 5 20:51:48 2023 +0100

Align processing of trailer headers with standard processing
---
 java/org/apache/coyote/http11/Http11InputBuffer.java  |  8 +++-
 .../apache/coyote/http11/filters/ChunkedInputFilter.java  | 15 ++-
 .../apache/coyote/http11/filters/LocalStrings.properties  |  2 ++
 webapps/docs/changelog.xml|  3 +++
 4 files changed, 26 insertions(+), 2 deletions(-)

diff --git a/java/org/apache/coyote/http11/Http11InputBuffer.java 
b/java/org/apache/coyote/http11/Http11InputBuffer.java
index 6558d8b8d8..3721b1b712 100644
--- a/java/org/apache/coyote/http11/Http11InputBuffer.java
+++ b/java/org/apache/coyote/http11/Http11InputBuffer.java
@@ -830,6 +830,12 @@ public class Http11InputBuffer implements InputBuffer, 
ApplicationBufferHandler
  */
 private HeaderParseStatus parseHeader() throws IOException {
 
+/*
+ * Implementation note: Any changes to this method probably need to be 
echoed in
+ * ChunkedInputFilter.parseHeader(). Why not use a common 
implementation? In short, this code uses non-blocking
+ * reads whereas ChunkedInputFilter using blocking reads. The code is 
just different enough that a common
+ * implementation wasn't viewed as practical.
+ */
 while (headerParsePos == HeaderParsePosition.HEADER_START) {
 
 // Read new bytes if needed
@@ -972,7 +978,7 @@ public class Http11InputBuffer implements InputBuffer, 
ApplicationBufferHandler
 } else if (prevChr == Constants.CR) {
 // Invalid value - also need to delete header
 return skipLine(true);
-} else if (chr != Constants.HT && 
HttpParser.isControl(chr)) {
+} else if (HttpParser.isControl(chr) && chr != 
Constants.HT) {
 // Invalid value - also need to delete header
 return skipLine(true);
 } else if (chr == Constants.SP || chr == Constants.HT) {
diff --git a/java/org/apache/coyote/http11/filters/ChunkedInputFilter.java 
b/java/org/apache/coyote/http11/filters/ChunkedInputFilter.java
index 7fe17f7b9d..3e844afb11 100644
--- a/java/org/apache/coyote/http11/filters/ChunkedInputFilter.java
+++ b/java/org/apache/coyote/http11/filters/ChunkedInputFilter.java
@@ -30,6 +30,7 @@ import org.apache.coyote.http11.Constants;
 import org.apache.coyote.http11.InputFilter;
 import org.apache.tomcat.util.buf.ByteChunk;
 import org.apache.tomcat.util.buf.HexUtils;
+import org.apache.tomcat.util.http.parser.HttpParser;
 import org.apache.tomcat.util.net.ApplicationBufferHandler;
 import org.apache.tomcat.util.res.StringManager;
 
@@ -443,6 +444,13 @@ public class ChunkedInputFilter implements InputFilter, 
ApplicationBufferHandler
 
 private boolean parseHeader() throws IOException {
 
+/*
+ * Implementation note: Any changes to this method probably need to be 
echoed in
+ * Http11InputBuffer.parseHeader(). Why not use a common 
implementation? In short, this code uses blocking
+ * reads whereas Http11InputBuffer using non-blocking reads. The code 
is just different enough that a common
+ * implementation wasn't viewed as practical.
+ */
+
 Map headers = request.getTrailerFields();
 
 byte chr = 0;
@@ -489,6 +497,9 @@ public class ChunkedInputFilter implements InputFilter, 
ApplicationBufferHandler
 
 if (chr == Constants.COLON) {
 colon = true;
+} else if (!HttpParser.isToken(chr)) {
+// Non-token characters are illegal in header names
+throw new 
IOException(sm.getString("chunkedInputFilter.invalidTrailerHeaderName"));
 } else {
 trailingHeaders.append(chr);
 }
@@ -550,7 +561,9 @@ public class ChunkedInputFilter implements InputFilter, 
ApplicationBufferHandler
 if (chr == Constants.CR || chr == Constants.LF) {
 parseCRLF(true);
 eol = true;
-} else if (chr == Constants.SP) {
+} else if (HttpParser.isControl(chr) && chr != Constants.HT) {
+throw new 
IOException(sm.getString("chunkedInputFilter.invalidTrailerHeaderValue"));
+} else if (chr == Constants.SP || chr == Constants.HT) {
 trailingHeaders.append(chr);
 } else {
 trailingHeaders.append(chr);
diff --git a/java/org/apache/coyote/http11/filters/LocalStrings.properties 
b/java/org/apache/coyote/http11/filters/LocalStrings.properties
index 72dc788bc5..3114a87d0a 100644
--- 

[tomcat] 03/03: Improvements to HTTP/2 overhead protection.

[markt]

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git

commit 6d1a9fd6642387969e4410b9989c85856b74917a
Author: Mark Thomas 
AuthorDate: Thu Oct 5 20:54:14 2023 +0100

Improvements to HTTP/2 overhead protection.
---
 java/org/apache/coyote/http2/Http2AsyncParser.java | 51 --
 java/org/apache/coyote/http2/Http2Protocol.java| 19 +++-
 .../apache/coyote/http2/Http2UpgradeHandler.java   |  9 +++-
 webapps/docs/changelog.xml |  3 ++
 webapps/docs/config/http2.xml  |  9 +++-
 5 files changed, 64 insertions(+), 27 deletions(-)

diff --git a/java/org/apache/coyote/http2/Http2AsyncParser.java 
b/java/org/apache/coyote/http2/Http2AsyncParser.java
index 3785962f7d..2a6a2b47a6 100644
--- a/java/org/apache/coyote/http2/Http2AsyncParser.java
+++ b/java/org/apache/coyote/http2/Http2AsyncParser.java
@@ -284,36 +284,39 @@ class Http2AsyncParser extends Http2Parser {
 readUnknownFrame(streamId, frameTypeId, 
flags, payloadSize, payload);
 }
 }
-// See if there is a new 9 byte header and continue 
parsing if possible
-if (payload.remaining() >= 9) {
-int position = payload.position();
-payloadSize = ByteUtil.getThreeBytes(payload, 
position);
-frameTypeId = ByteUtil.getOneByte(payload, 
position + 3);
-frameType = FrameType.valueOf(frameTypeId);
-flags = ByteUtil.getOneByte(payload, position + 4);
-streamId = ByteUtil.get31Bits(payload, position + 
5);
-streamException = false;
-if (payload.remaining() - 9 >= payloadSize) {
-continueParsing = true;
-// Now go over frame header
-payload.position(payload.position() + 9);
-try {
-validateFrame(null, frameType, streamId, 
flags, payloadSize);
-} catch (StreamException e) {
-error = e;
-streamException = true;
-} catch (Http2Exception e) {
-error = e;
-continueParsing = false;
+if (!upgradeHandler.isOverheadLimitExceeded()) {
+// See if there is a new 9 byte header and 
continue parsing if possible
+if (payload.remaining() >= 9) {
+int position = payload.position();
+payloadSize = ByteUtil.getThreeBytes(payload, 
position);
+frameTypeId = ByteUtil.getOneByte(payload, 
position + 3);
+frameType = FrameType.valueOf(frameTypeId);
+flags = ByteUtil.getOneByte(payload, position 
+ 4);
+streamId = ByteUtil.get31Bits(payload, 
position + 5);
+streamException = false;
+if (payload.remaining() - 9 >= payloadSize) {
+continueParsing = true;
+// Now go over frame header
+payload.position(payload.position() + 9);
+try {
+validateFrame(null, frameType, 
streamId, flags, payloadSize);
+} catch (StreamException e) {
+error = e;
+streamException = true;
+} catch (Http2Exception e) {
+error = e;
+continueParsing = false;
+}
 }
 }
 }
 } while (continueParsing);
 } catch (RuntimeException | IOException | Http2Exception e) {
 error = e;
-}
-if (payload.hasRemaining()) {
-socketWrapper.unRead(payload);
+} finally {
+if (payload.hasRemaining()) {
+socketWrapper.unRead(payload);
+}
 }
 }
 if (state == CompletionState.DONE) {
diff --git a/java/org/apache/coyote/http2/Http2Protocol.java 

[tomcat] branch 9.0.x updated (529370e1cc -> 6d1a9fd664)

[markt]

This is an automated email from the ASF dual-hosted git repository.

markt pushed a change to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


from 529370e1cc Restore i18n string incorrectly removed back in 2011
 new 5958324563 Align processing of trailer headers with standard processing
 new 44d05d75d6 Improve handling of failures during recycle() methods
 new 6d1a9fd664 Improvements to HTTP/2 overhead protection.

The 3 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails.  The revisions
listed as "add" were already present in the repository and have only
been added to this reference.


Summary of changes:
 .../catalina/connector/LocalStrings.properties |  1 +
 java/org/apache/catalina/connector/Request.java|  7 +--
 .../catalina/core/ApplicationHttpRequest.java  |  8 +++-
 .../apache/catalina/core/LocalStrings.properties   |  1 +
 .../catalina/core/LocalStrings_cs.properties   |  2 +
 .../catalina/core/LocalStrings_es.properties   |  2 +
 .../catalina/core/LocalStrings_fr.properties   |  1 +
 .../catalina/core/LocalStrings_ja.properties   |  1 +
 .../catalina/core/LocalStrings_ko.properties   |  1 +
 .../catalina/core/LocalStrings_zh_CN.properties|  1 +
 .../apache/coyote/http11/Http11InputBuffer.java|  8 +++-
 .../coyote/http11/filters/ChunkedInputFilter.java  | 15 ++-
 .../coyote/http11/filters/LocalStrings.properties  |  2 +
 java/org/apache/coyote/http2/Http2AsyncParser.java | 51 --
 java/org/apache/coyote/http2/Http2Protocol.java| 19 +++-
 .../apache/coyote/http2/Http2UpgradeHandler.java   |  9 +++-
 java/org/apache/tomcat/util/buf/B2CConverter.java  | 11 -
 java/org/apache/tomcat/util/buf/C2BConverter.java  | 15 ++-
 .../apache/tomcat/util/buf/LocalStrings.properties |  3 ++
 webapps/docs/changelog.xml | 10 +
 webapps/docs/config/http2.xml  |  9 +++-
 21 files changed, 142 insertions(+), 35 deletions(-)


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] 02/03: Improve handling of failures during recycle() methods

[markt]

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git

commit 44d05d75d696ca10ce251e4e370511e38f20ae75
Author: Mark Thomas 
AuthorDate: Thu Oct 5 20:52:46 2023 +0100

Improve handling of failures during recycle() methods
---
 .../org/apache/catalina/connector/LocalStrings.properties |  1 +
 java/org/apache/catalina/connector/Request.java   |  7 ---
 java/org/apache/catalina/core/ApplicationHttpRequest.java |  8 +++-
 java/org/apache/catalina/core/LocalStrings.properties |  1 +
 java/org/apache/catalina/core/LocalStrings_cs.properties  |  2 ++
 java/org/apache/catalina/core/LocalStrings_es.properties  |  2 ++
 java/org/apache/catalina/core/LocalStrings_fr.properties  |  1 +
 java/org/apache/catalina/core/LocalStrings_ja.properties  |  1 +
 java/org/apache/catalina/core/LocalStrings_ko.properties  |  1 +
 .../apache/catalina/core/LocalStrings_zh_CN.properties|  1 +
 java/org/apache/tomcat/util/buf/B2CConverter.java | 11 ++-
 java/org/apache/tomcat/util/buf/C2BConverter.java | 15 ++-
 java/org/apache/tomcat/util/buf/LocalStrings.properties   |  3 +++
 webapps/docs/changelog.xml|  4 
 14 files changed, 52 insertions(+), 6 deletions(-)

diff --git a/java/org/apache/catalina/connector/LocalStrings.properties 
b/java/org/apache/catalina/connector/LocalStrings.properties
index eba56eb075..df1de99f90 100644
--- a/java/org/apache/catalina/connector/LocalStrings.properties
+++ b/java/org/apache/catalina/connector/LocalStrings.properties
@@ -51,6 +51,7 @@ coyoteRequest.attributeEvent=Exception thrown by attributes 
event listener
 coyoteRequest.authenticate.ise=Cannot call authenticate() after the response 
has been committed
 coyoteRequest.changeSessionId=Cannot change session ID. There is no session 
associated with this request.
 coyoteRequest.chunkedPostTooLarge=Parameters were not parsed because the size 
of the posted data was too big. Because this request was a chunked request, it 
could not be processed further. Use the maxPostSize attribute of the connector 
to resolve this if the application should accept large POSTs.
+coyoteRequest.deletePartFailed=Failed to deleted temporary file used for part 
[{0}]
 coyoteRequest.filterAsyncSupportUnknown=Unable to determine if any filters do 
not support async processing
 coyoteRequest.getContextPath.ise=Unable to find match between the canonical 
context path [{0}] and the URI presented by the user agent [{1}]
 coyoteRequest.getInputStream.ise=getReader() has already been called for this 
request
diff --git a/java/org/apache/catalina/connector/Request.java 
b/java/org/apache/catalina/connector/Request.java
index 2305d147f4..e5fb06f152 100644
--- a/java/org/apache/catalina/connector/Request.java
+++ b/java/org/apache/catalina/connector/Request.java
@@ -473,8 +473,9 @@ public class Request implements HttpServletRequest {
 for (Part part : parts) {
 try {
 part.delete();
-} catch (IOException ignored) {
-// ApplicationPart.delete() never throws an IOEx
+} catch (Throwable t) {
+ExceptionUtils.handleThrowable(t);
+log.warn(sm.getString("coyoteRequest.deletePartFailed", 
part.getName()), t);
 }
 }
 parts = null;
@@ -527,8 +528,8 @@ public class Request implements HttpServletRequest {
 asyncSupported = null;
 if (asyncContext != null) {
 asyncContext.recycle();
+asyncContext = null;
 }
-asyncContext = null;
 }
 
 
diff --git a/java/org/apache/catalina/core/ApplicationHttpRequest.java 
b/java/org/apache/catalina/core/ApplicationHttpRequest.java
index aa81c1196d..cc86ba88db 100644
--- a/java/org/apache/catalina/core/ApplicationHttpRequest.java
+++ b/java/org/apache/catalina/core/ApplicationHttpRequest.java
@@ -48,6 +48,7 @@ import org.apache.catalina.connector.RequestFacade;
 import org.apache.catalina.util.ParameterMap;
 import org.apache.catalina.util.RequestUtil;
 import org.apache.catalina.util.URLEncoder;
+import org.apache.tomcat.util.ExceptionUtils;
 import org.apache.tomcat.util.buf.B2CConverter;
 import org.apache.tomcat.util.buf.MessageBytes;
 import org.apache.tomcat.util.http.Parameters;
@@ -618,7 +619,12 @@ class ApplicationHttpRequest extends 
HttpServletRequestWrapper {
  */
 public void recycle() {
 if (session != null) {
-session.endAccess();
+try {
+session.endAccess();
+} catch (Throwable t) {
+ExceptionUtils.handleThrowable(t);
+
context.getLogger().warn(sm.getString("applicationHttpRequest.sessionEndAccessFail"),
 t);
+}
 }
 }
 
diff --git 

[tomcat] branch 10.1.x updated (437e0d4385 -> 76bb4bfbfe)

[markt]

This is an automated email from the ASF dual-hosted git repository.

markt pushed a change to branch 10.1.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


from 437e0d4385 Restore i18n string incorrectly removed back in 2011
 new 8ecff30650 Align processing of trailer headers with standard processing
 new 9375d67106 Improve handling of failures during recycle() methods
 new 76bb4bfbfe Improvements to HTTP/2 overhead protection.

The 3 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails.  The revisions
listed as "add" were already present in the repository and have only
been added to this reference.


Summary of changes:
 .../catalina/connector/LocalStrings.properties |  1 +
 java/org/apache/catalina/connector/Request.java|  7 +--
 .../catalina/core/ApplicationHttpRequest.java  |  8 +++-
 .../apache/catalina/core/LocalStrings.properties   |  1 +
 .../catalina/core/LocalStrings_cs.properties   |  2 +
 .../catalina/core/LocalStrings_es.properties   |  2 +
 .../catalina/core/LocalStrings_fr.properties   |  1 +
 .../catalina/core/LocalStrings_ja.properties   |  1 +
 .../catalina/core/LocalStrings_ko.properties   |  1 +
 .../catalina/core/LocalStrings_zh_CN.properties|  1 +
 .../apache/coyote/http11/Http11InputBuffer.java|  8 +++-
 .../coyote/http11/filters/ChunkedInputFilter.java  | 15 ++-
 .../coyote/http11/filters/LocalStrings.properties  |  2 +
 java/org/apache/coyote/http2/Http2AsyncParser.java | 51 --
 java/org/apache/coyote/http2/Http2Protocol.java| 19 +++-
 .../apache/coyote/http2/Http2UpgradeHandler.java   |  9 +++-
 java/org/apache/tomcat/util/buf/B2CConverter.java  | 11 -
 java/org/apache/tomcat/util/buf/C2BConverter.java  | 15 ++-
 .../apache/tomcat/util/buf/LocalStrings.properties |  3 ++
 webapps/docs/changelog.xml | 10 +
 webapps/docs/config/http2.xml  |  9 +++-
 21 files changed, 142 insertions(+), 35 deletions(-)


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] 02/03: Improve handling of failures during recycle() methods

[markt]

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 10.1.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git

commit 9375d67106f8df9eb9d7b360b2bef052fe67d3d4
Author: Mark Thomas 
AuthorDate: Thu Oct 5 20:52:46 2023 +0100

Improve handling of failures during recycle() methods
---
 .../org/apache/catalina/connector/LocalStrings.properties |  1 +
 java/org/apache/catalina/connector/Request.java   |  7 ---
 java/org/apache/catalina/core/ApplicationHttpRequest.java |  8 +++-
 java/org/apache/catalina/core/LocalStrings.properties |  1 +
 java/org/apache/catalina/core/LocalStrings_cs.properties  |  2 ++
 java/org/apache/catalina/core/LocalStrings_es.properties  |  2 ++
 java/org/apache/catalina/core/LocalStrings_fr.properties  |  1 +
 java/org/apache/catalina/core/LocalStrings_ja.properties  |  1 +
 java/org/apache/catalina/core/LocalStrings_ko.properties  |  1 +
 .../apache/catalina/core/LocalStrings_zh_CN.properties|  1 +
 java/org/apache/tomcat/util/buf/B2CConverter.java | 11 ++-
 java/org/apache/tomcat/util/buf/C2BConverter.java | 15 ++-
 java/org/apache/tomcat/util/buf/LocalStrings.properties   |  3 +++
 webapps/docs/changelog.xml|  4 
 14 files changed, 52 insertions(+), 6 deletions(-)

diff --git a/java/org/apache/catalina/connector/LocalStrings.properties 
b/java/org/apache/catalina/connector/LocalStrings.properties
index 2b0e8c6998..1efd59b6b5 100644
--- a/java/org/apache/catalina/connector/LocalStrings.properties
+++ b/java/org/apache/catalina/connector/LocalStrings.properties
@@ -49,6 +49,7 @@ coyoteRequest.attributeEvent=Exception thrown by attributes 
event listener
 coyoteRequest.authenticate.ise=Cannot call authenticate() after the response 
has been committed
 coyoteRequest.changeSessionId=Cannot change session ID. There is no session 
associated with this request.
 coyoteRequest.chunkedPostTooLarge=Parameters were not parsed because the size 
of the posted data was too big. Because this request was a chunked request, it 
could not be processed further. Use the maxPostSize attribute of the connector 
to resolve this if the application should accept large POSTs.
+coyoteRequest.deletePartFailed=Failed to deleted temporary file used for part 
[{0}]
 coyoteRequest.filterAsyncSupportUnknown=Unable to determine if any filters do 
not support async processing
 coyoteRequest.getContextPath.ise=Unable to find match between the canonical 
context path [{0}] and the URI presented by the user agent [{1}]
 coyoteRequest.getInputStream.ise=getReader() has already been called for this 
request
diff --git a/java/org/apache/catalina/connector/Request.java 
b/java/org/apache/catalina/connector/Request.java
index 77f7c18bbc..88bb9bc822 100644
--- a/java/org/apache/catalina/connector/Request.java
+++ b/java/org/apache/catalina/connector/Request.java
@@ -444,8 +444,9 @@ public class Request implements HttpServletRequest {
 for (Part part : parts) {
 try {
 part.delete();
-} catch (IOException ignored) {
-// ApplicationPart.delete() never throws an IOEx
+} catch (Throwable t) {
+ExceptionUtils.handleThrowable(t);
+log.warn(sm.getString("coyoteRequest.deletePartFailed", 
part.getName()), t);
 }
 }
 parts = null;
@@ -498,8 +499,8 @@ public class Request implements HttpServletRequest {
 asyncSupported = null;
 if (asyncContext != null) {
 asyncContext.recycle();
+asyncContext = null;
 }
-asyncContext = null;
 }
 
 
diff --git a/java/org/apache/catalina/core/ApplicationHttpRequest.java 
b/java/org/apache/catalina/core/ApplicationHttpRequest.java
index 1b93479d32..494f4a41cd 100644
--- a/java/org/apache/catalina/core/ApplicationHttpRequest.java
+++ b/java/org/apache/catalina/core/ApplicationHttpRequest.java
@@ -48,6 +48,7 @@ import org.apache.catalina.connector.RequestFacade;
 import org.apache.catalina.util.ParameterMap;
 import org.apache.catalina.util.RequestUtil;
 import org.apache.catalina.util.URLEncoder;
+import org.apache.tomcat.util.ExceptionUtils;
 import org.apache.tomcat.util.buf.B2CConverter;
 import org.apache.tomcat.util.buf.MessageBytes;
 import org.apache.tomcat.util.http.Parameters;
@@ -618,7 +619,12 @@ class ApplicationHttpRequest extends 
HttpServletRequestWrapper {
  */
 public void recycle() {
 if (session != null) {
-session.endAccess();
+try {
+session.endAccess();
+} catch (Throwable t) {
+ExceptionUtils.handleThrowable(t);
+
context.getLogger().warn(sm.getString("applicationHttpRequest.sessionEndAccessFail"),
 t);
+}
 }
 }
 
diff --git 

[tomcat] 03/03: Improvements to HTTP/2 overhead protection.

[markt]

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 10.1.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git

commit 76bb4bfbfeae827dce896f650655bbf6e251ed49
Author: Mark Thomas 
AuthorDate: Thu Oct 5 20:54:14 2023 +0100

Improvements to HTTP/2 overhead protection.
---
 java/org/apache/coyote/http2/Http2AsyncParser.java | 51 --
 java/org/apache/coyote/http2/Http2Protocol.java| 19 +++-
 .../apache/coyote/http2/Http2UpgradeHandler.java   |  9 +++-
 webapps/docs/changelog.xml |  3 ++
 webapps/docs/config/http2.xml  |  9 +++-
 5 files changed, 64 insertions(+), 27 deletions(-)

diff --git a/java/org/apache/coyote/http2/Http2AsyncParser.java 
b/java/org/apache/coyote/http2/Http2AsyncParser.java
index 1965123bc4..e1c8170765 100644
--- a/java/org/apache/coyote/http2/Http2AsyncParser.java
+++ b/java/org/apache/coyote/http2/Http2AsyncParser.java
@@ -284,36 +284,39 @@ class Http2AsyncParser extends Http2Parser {
 readUnknownFrame(streamId, frameTypeId, 
flags, payloadSize, payload);
 }
 }
-// See if there is a new 9 byte header and continue 
parsing if possible
-if (payload.remaining() >= 9) {
-int position = payload.position();
-payloadSize = ByteUtil.getThreeBytes(payload, 
position);
-frameTypeId = ByteUtil.getOneByte(payload, 
position + 3);
-frameType = FrameType.valueOf(frameTypeId);
-flags = ByteUtil.getOneByte(payload, position + 4);
-streamId = ByteUtil.get31Bits(payload, position + 
5);
-streamException = false;
-if (payload.remaining() - 9 >= payloadSize) {
-continueParsing = true;
-// Now go over frame header
-payload.position(payload.position() + 9);
-try {
-validateFrame(null, frameType, streamId, 
flags, payloadSize);
-} catch (StreamException e) {
-error = e;
-streamException = true;
-} catch (Http2Exception e) {
-error = e;
-continueParsing = false;
+if (!upgradeHandler.isOverheadLimitExceeded()) {
+// See if there is a new 9 byte header and 
continue parsing if possible
+if (payload.remaining() >= 9) {
+int position = payload.position();
+payloadSize = ByteUtil.getThreeBytes(payload, 
position);
+frameTypeId = ByteUtil.getOneByte(payload, 
position + 3);
+frameType = FrameType.valueOf(frameTypeId);
+flags = ByteUtil.getOneByte(payload, position 
+ 4);
+streamId = ByteUtil.get31Bits(payload, 
position + 5);
+streamException = false;
+if (payload.remaining() - 9 >= payloadSize) {
+continueParsing = true;
+// Now go over frame header
+payload.position(payload.position() + 9);
+try {
+validateFrame(null, frameType, 
streamId, flags, payloadSize);
+} catch (StreamException e) {
+error = e;
+streamException = true;
+} catch (Http2Exception e) {
+error = e;
+continueParsing = false;
+}
 }
 }
 }
 } while (continueParsing);
 } catch (RuntimeException | IOException | Http2Exception e) {
 error = e;
-}
-if (payload.hasRemaining()) {
-socketWrapper.unRead(payload);
+} finally {
+if (payload.hasRemaining()) {
+socketWrapper.unRead(payload);
+}
 }
 }
 if (state == CompletionState.DONE) {
diff --git a/java/org/apache/coyote/http2/Http2Protocol.java 

[tomcat] 01/03: Align processing of trailer headers with standard processing

[markt]

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 10.1.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git

commit 8ecff306507be8e4fd3adee1ae5de1ea6661a8f4
Author: Mark Thomas 
AuthorDate: Thu Oct 5 20:51:48 2023 +0100

Align processing of trailer headers with standard processing
---
 java/org/apache/coyote/http11/Http11InputBuffer.java  |  8 +++-
 .../apache/coyote/http11/filters/ChunkedInputFilter.java  | 15 ++-
 .../apache/coyote/http11/filters/LocalStrings.properties  |  2 ++
 webapps/docs/changelog.xml|  3 +++
 4 files changed, 26 insertions(+), 2 deletions(-)

diff --git a/java/org/apache/coyote/http11/Http11InputBuffer.java 
b/java/org/apache/coyote/http11/Http11InputBuffer.java
index aadf5823b2..4b01560c37 100644
--- a/java/org/apache/coyote/http11/Http11InputBuffer.java
+++ b/java/org/apache/coyote/http11/Http11InputBuffer.java
@@ -830,6 +830,12 @@ public class Http11InputBuffer implements InputBuffer, 
ApplicationBufferHandler
  */
 private HeaderParseStatus parseHeader() throws IOException {
 
+/*
+ * Implementation note: Any changes to this method probably need to be 
echoed in
+ * ChunkedInputFilter.parseHeader(). Why not use a common 
implementation? In short, this code uses non-blocking
+ * reads whereas ChunkedInputFilter using blocking reads. The code is 
just different enough that a common
+ * implementation wasn't viewed as practical.
+ */
 while (headerParsePos == HeaderParsePosition.HEADER_START) {
 
 // Read new bytes if needed
@@ -972,7 +978,7 @@ public class Http11InputBuffer implements InputBuffer, 
ApplicationBufferHandler
 } else if (prevChr == Constants.CR) {
 // Invalid value - also need to delete header
 return skipLine(true);
-} else if (chr != Constants.HT && 
HttpParser.isControl(chr)) {
+} else if (HttpParser.isControl(chr) && chr != 
Constants.HT) {
 // Invalid value - also need to delete header
 return skipLine(true);
 } else if (chr == Constants.SP || chr == Constants.HT) {
diff --git a/java/org/apache/coyote/http11/filters/ChunkedInputFilter.java 
b/java/org/apache/coyote/http11/filters/ChunkedInputFilter.java
index 7fe17f7b9d..3e844afb11 100644
--- a/java/org/apache/coyote/http11/filters/ChunkedInputFilter.java
+++ b/java/org/apache/coyote/http11/filters/ChunkedInputFilter.java
@@ -30,6 +30,7 @@ import org.apache.coyote.http11.Constants;
 import org.apache.coyote.http11.InputFilter;
 import org.apache.tomcat.util.buf.ByteChunk;
 import org.apache.tomcat.util.buf.HexUtils;
+import org.apache.tomcat.util.http.parser.HttpParser;
 import org.apache.tomcat.util.net.ApplicationBufferHandler;
 import org.apache.tomcat.util.res.StringManager;
 
@@ -443,6 +444,13 @@ public class ChunkedInputFilter implements InputFilter, 
ApplicationBufferHandler
 
 private boolean parseHeader() throws IOException {
 
+/*
+ * Implementation note: Any changes to this method probably need to be 
echoed in
+ * Http11InputBuffer.parseHeader(). Why not use a common 
implementation? In short, this code uses blocking
+ * reads whereas Http11InputBuffer using non-blocking reads. The code 
is just different enough that a common
+ * implementation wasn't viewed as practical.
+ */
+
 Map headers = request.getTrailerFields();
 
 byte chr = 0;
@@ -489,6 +497,9 @@ public class ChunkedInputFilter implements InputFilter, 
ApplicationBufferHandler
 
 if (chr == Constants.COLON) {
 colon = true;
+} else if (!HttpParser.isToken(chr)) {
+// Non-token characters are illegal in header names
+throw new 
IOException(sm.getString("chunkedInputFilter.invalidTrailerHeaderName"));
 } else {
 trailingHeaders.append(chr);
 }
@@ -550,7 +561,9 @@ public class ChunkedInputFilter implements InputFilter, 
ApplicationBufferHandler
 if (chr == Constants.CR || chr == Constants.LF) {
 parseCRLF(true);
 eol = true;
-} else if (chr == Constants.SP) {
+} else if (HttpParser.isControl(chr) && chr != Constants.HT) {
+throw new 
IOException(sm.getString("chunkedInputFilter.invalidTrailerHeaderValue"));
+} else if (chr == Constants.SP || chr == Constants.HT) {
 trailingHeaders.append(chr);
 } else {
 trailingHeaders.append(chr);
diff --git a/java/org/apache/coyote/http11/filters/LocalStrings.properties 
b/java/org/apache/coyote/http11/filters/LocalStrings.properties
index 72dc788bc5..3114a87d0a 100644
--- 

Re: [tomcat] branch main updated: Add experimental FilterValve, which allows a Filter to be run within the Valve chain.

[Christopher Schultz]

All,

Okay, bear with me, here.

This was a crazy idea to see if I could get Igal's RateLimitFilter 
running earlier in the process to provide protection earlier than the 
Filters would get a chance to run.


For example, running before the AuthenticationFilter to prevent 
/successful/ authentication spamming.


It may be a little contrived, but I was able to configure this for a 
test inside a Host like this:


  

  bucketDuration
  1


  bucketRequests
  1

  

It's very bare-bones. I have neither documented it nor added it to the 
changelog because I'd like some feedback. If this is successful, we can 
perhaps look at reducing the amount of code we have duplicated between 
certain Valves and Filters.


There is a related conversation about how to deal with the application's 
(i.e. Filter's) access to Tomcat internals through the request, 
response, application, etc.. That is both complicated AND motivated by 
the removal of the SecurityManager, which used to provide protection 
against reflective-access to Tomcat internals. My concern is not 
security-related, but stability-related. We would not want an 
application to "accidentally" retain a reference to the underlying 
request or response, so continuing to use facades still makes a fair bit 
of sense.


Anyhow, enjoy.

-chris

On 10/9/23 15:47, schu...@apache.org wrote:

This is an automated email from the ASF dual-hosted git repository.

schultz pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/main by this push:
  new dc5b18d898 Add experimental FilterValve, which allows a Filter to be 
run within the Valve chain.
dc5b18d898 is described below

commit dc5b18d8989cf816c0870f236f6ccaade8b16ff3
Author: Christopher Schultz 
AuthorDate: Mon Oct 9 15:45:42 2023 -0400

 Add experimental FilterValve, which allows a Filter to be run within the 
Valve chain.
---
  .../apache/catalina/startup/ContextRuleSet.java|   3 +
  .../org/apache/catalina/startup/EngineRuleSet.java |   3 +
  java/org/apache/catalina/startup/HostRuleSet.java  |   3 +
  java/org/apache/catalina/valves/FilterValve.java   | 262 +
  4 files changed, 271 insertions(+)

diff --git a/java/org/apache/catalina/startup/ContextRuleSet.java 
b/java/org/apache/catalina/startup/ContextRuleSet.java
index 4aa081e083..5864a104c2 100644
--- a/java/org/apache/catalina/startup/ContextRuleSet.java
+++ b/java/org/apache/catalina/startup/ContextRuleSet.java
@@ -212,6 +212,9 @@ public class ContextRuleSet implements RuleSet {
   null, // MUST be specified in the element
   "className");
  digester.addSetProperties(prefix + "Context/Valve");
+digester.addCallMethod(prefix + "Context/Valve/init-param", 
"addInitParam", 2);
+digester.addCallParam(prefix + "Context/Valve/init-param/param-name", 
0);
+digester.addCallParam(prefix + "Context/Valve/init-param/param-value", 
1);
  digester.addSetNext(prefix + "Context/Valve",
  "addValve",
  "org.apache.catalina.Valve");
diff --git a/java/org/apache/catalina/startup/EngineRuleSet.java 
b/java/org/apache/catalina/startup/EngineRuleSet.java
index f98e285a86..153d364854 100644
--- a/java/org/apache/catalina/startup/EngineRuleSet.java
+++ b/java/org/apache/catalina/startup/EngineRuleSet.java
@@ -111,6 +111,9 @@ public class EngineRuleSet implements RuleSet {
   null, // MUST be specified in the element
   "className");
  digester.addSetProperties(prefix + "Engine/Valve");
+digester.addCallMethod(prefix + "Engine/Valve/init-param", 
"addInitParam", 2);
+digester.addCallParam(prefix + "Engine/Valve/init-param/param-name", 
0);
+digester.addCallParam(prefix + "Engine/Valve/init-param/param-value", 
1);
  digester.addSetNext(prefix + "Engine/Valve",
  "addValve",
  "org.apache.catalina.Valve");
diff --git a/java/org/apache/catalina/startup/HostRuleSet.java 
b/java/org/apache/catalina/startup/HostRuleSet.java
index 3114cc1f9a..135ceb06c4 100644
--- a/java/org/apache/catalina/startup/HostRuleSet.java
+++ b/java/org/apache/catalina/startup/HostRuleSet.java
@@ -115,6 +115,9 @@ public class HostRuleSet implements RuleSet {
   null, // MUST be specified in the element
   "className");
  digester.addSetProperties(prefix + "Host/Valve");
+digester.addCallMethod(prefix + "Host/Valve/init-param", 
"addInitParam", 2);
+digester.addCallParam(prefix + "Host/Valve/init-param/param-name", 0);
+digester.addCallParam(prefix + "Host/Valve/init-param/param-value", 1);
  digester.addSetNext(prefix + "Host/Valve",

[tomcat] 02/03: Improve handling of failures during recycle() methods

[markt]

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git

commit d6db22e411307c97ddf78315c15d5889356eca38
Author: Mark Thomas 
AuthorDate: Thu Oct 5 20:52:46 2023 +0100

Improve handling of failures during recycle() methods
---
 .../org/apache/catalina/connector/LocalStrings.properties |  1 +
 java/org/apache/catalina/connector/Request.java   |  7 ---
 java/org/apache/catalina/core/ApplicationHttpRequest.java |  8 +++-
 java/org/apache/catalina/core/LocalStrings.properties |  1 +
 java/org/apache/catalina/core/LocalStrings_cs.properties  |  2 ++
 java/org/apache/catalina/core/LocalStrings_es.properties  |  2 ++
 java/org/apache/catalina/core/LocalStrings_fr.properties  |  1 +
 java/org/apache/catalina/core/LocalStrings_ja.properties  |  1 +
 java/org/apache/catalina/core/LocalStrings_ko.properties  |  1 +
 .../apache/catalina/core/LocalStrings_zh_CN.properties|  1 +
 java/org/apache/tomcat/util/buf/B2CConverter.java | 11 ++-
 java/org/apache/tomcat/util/buf/C2BConverter.java | 15 ++-
 java/org/apache/tomcat/util/buf/LocalStrings.properties   |  3 +++
 webapps/docs/changelog.xml|  4 
 14 files changed, 52 insertions(+), 6 deletions(-)

diff --git a/java/org/apache/catalina/connector/LocalStrings.properties 
b/java/org/apache/catalina/connector/LocalStrings.properties
index b278705d74..077cf46136 100644
--- a/java/org/apache/catalina/connector/LocalStrings.properties
+++ b/java/org/apache/catalina/connector/LocalStrings.properties
@@ -50,6 +50,7 @@ coyoteRequest.attributeEvent=Exception thrown by attributes 
event listener
 coyoteRequest.authenticate.ise=Cannot call authenticate() after the response 
has been committed
 coyoteRequest.changeSessionId=Cannot change session ID. There is no session 
associated with this request.
 coyoteRequest.chunkedPostTooLarge=Parameters were not parsed because the size 
of the posted data was too big. Because this request was a chunked request, it 
could not be processed further. Use the maxPostSize attribute of the connector 
to resolve this if the application should accept large POSTs.
+coyoteRequest.deletePartFailed=Failed to deleted temporary file used for part 
[{0}]
 coyoteRequest.filterAsyncSupportUnknown=Unable to determine if any filters do 
not support async processing
 coyoteRequest.getContextPath.ise=Unable to find match between the canonical 
context path [{0}] and the URI presented by the user agent [{1}]
 coyoteRequest.getInputStream.ise=getReader() has already been called for this 
request
diff --git a/java/org/apache/catalina/connector/Request.java 
b/java/org/apache/catalina/connector/Request.java
index cc9a515f96..aa67ec5df5 100644
--- a/java/org/apache/catalina/connector/Request.java
+++ b/java/org/apache/catalina/connector/Request.java
@@ -443,8 +443,9 @@ public class Request implements HttpServletRequest {
 for (Part part : parts) {
 try {
 part.delete();
-} catch (IOException ignored) {
-// ApplicationPart.delete() never throws an IOEx
+} catch (Throwable t) {
+ExceptionUtils.handleThrowable(t);
+log.warn(sm.getString("coyoteRequest.deletePartFailed", 
part.getName()), t);
 }
 }
 parts = null;
@@ -498,8 +499,8 @@ public class Request implements HttpServletRequest {
 asyncSupported = null;
 if (asyncContext != null) {
 asyncContext.recycle();
+asyncContext = null;
 }
-asyncContext = null;
 }
 
 
diff --git a/java/org/apache/catalina/core/ApplicationHttpRequest.java 
b/java/org/apache/catalina/core/ApplicationHttpRequest.java
index 14f0855b9e..11779d364f 100644
--- a/java/org/apache/catalina/core/ApplicationHttpRequest.java
+++ b/java/org/apache/catalina/core/ApplicationHttpRequest.java
@@ -44,6 +44,7 @@ import org.apache.catalina.Session;
 import org.apache.catalina.util.ParameterMap;
 import org.apache.catalina.util.RequestUtil;
 import org.apache.catalina.util.URLEncoder;
+import org.apache.tomcat.util.ExceptionUtils;
 import org.apache.tomcat.util.buf.B2CConverter;
 import org.apache.tomcat.util.buf.MessageBytes;
 import org.apache.tomcat.util.http.Parameters;
@@ -600,7 +601,12 @@ class ApplicationHttpRequest extends 
HttpServletRequestWrapper {
  */
 public void recycle() {
 if (session != null) {
-session.endAccess();
+try {
+session.endAccess();
+} catch (Throwable t) {
+ExceptionUtils.handleThrowable(t);
+
context.getLogger().warn(sm.getString("applicationHttpRequest.sessionEndAccessFail"),
 t);
+}
 }
 }
 
diff --git a/java/org/apache/catalina/core/LocalStrings.properties 

[tomcat] 03/03: Improvements to HTTP/2 overhead protection.

[markt]

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git

commit 9cdfe25bad707f34b3e5da2994f3f1952a163c3e
Author: Mark Thomas 
AuthorDate: Thu Oct 5 20:54:14 2023 +0100

Improvements to HTTP/2 overhead protection.
---
 java/org/apache/coyote/http2/Http2AsyncParser.java | 51 --
 java/org/apache/coyote/http2/Http2Protocol.java| 19 +++-
 .../apache/coyote/http2/Http2UpgradeHandler.java   |  9 +++-
 webapps/docs/changelog.xml |  3 ++
 webapps/docs/config/http2.xml  |  9 +++-
 5 files changed, 64 insertions(+), 27 deletions(-)

diff --git a/java/org/apache/coyote/http2/Http2AsyncParser.java 
b/java/org/apache/coyote/http2/Http2AsyncParser.java
index 1965123bc4..e1c8170765 100644
--- a/java/org/apache/coyote/http2/Http2AsyncParser.java
+++ b/java/org/apache/coyote/http2/Http2AsyncParser.java
@@ -284,36 +284,39 @@ class Http2AsyncParser extends Http2Parser {
 readUnknownFrame(streamId, frameTypeId, 
flags, payloadSize, payload);
 }
 }
-// See if there is a new 9 byte header and continue 
parsing if possible
-if (payload.remaining() >= 9) {
-int position = payload.position();
-payloadSize = ByteUtil.getThreeBytes(payload, 
position);
-frameTypeId = ByteUtil.getOneByte(payload, 
position + 3);
-frameType = FrameType.valueOf(frameTypeId);
-flags = ByteUtil.getOneByte(payload, position + 4);
-streamId = ByteUtil.get31Bits(payload, position + 
5);
-streamException = false;
-if (payload.remaining() - 9 >= payloadSize) {
-continueParsing = true;
-// Now go over frame header
-payload.position(payload.position() + 9);
-try {
-validateFrame(null, frameType, streamId, 
flags, payloadSize);
-} catch (StreamException e) {
-error = e;
-streamException = true;
-} catch (Http2Exception e) {
-error = e;
-continueParsing = false;
+if (!upgradeHandler.isOverheadLimitExceeded()) {
+// See if there is a new 9 byte header and 
continue parsing if possible
+if (payload.remaining() >= 9) {
+int position = payload.position();
+payloadSize = ByteUtil.getThreeBytes(payload, 
position);
+frameTypeId = ByteUtil.getOneByte(payload, 
position + 3);
+frameType = FrameType.valueOf(frameTypeId);
+flags = ByteUtil.getOneByte(payload, position 
+ 4);
+streamId = ByteUtil.get31Bits(payload, 
position + 5);
+streamException = false;
+if (payload.remaining() - 9 >= payloadSize) {
+continueParsing = true;
+// Now go over frame header
+payload.position(payload.position() + 9);
+try {
+validateFrame(null, frameType, 
streamId, flags, payloadSize);
+} catch (StreamException e) {
+error = e;
+streamException = true;
+} catch (Http2Exception e) {
+error = e;
+continueParsing = false;
+}
 }
 }
 }
 } while (continueParsing);
 } catch (RuntimeException | IOException | Http2Exception e) {
 error = e;
-}
-if (payload.hasRemaining()) {
-socketWrapper.unRead(payload);
+} finally {
+if (payload.hasRemaining()) {
+socketWrapper.unRead(payload);
+}
 }
 }
 if (state == CompletionState.DONE) {
diff --git a/java/org/apache/coyote/http2/Http2Protocol.java 

[tomcat] branch main updated (dc5b18d898 -> 9cdfe25bad)

[markt]

This is an automated email from the ASF dual-hosted git repository.

markt pushed a change to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git


from dc5b18d898 Add experimental FilterValve, which allows a Filter to be 
run within the Valve chain.
 new eb5c094e55 Align processing of trailer headers with standard processing
 new d6db22e411 Improve handling of failures during recycle() methods
 new 9cdfe25bad Improvements to HTTP/2 overhead protection.

The 3 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails.  The revisions
listed as "add" were already present in the repository and have only
been added to this reference.


Summary of changes:
 .../catalina/connector/LocalStrings.properties |  1 +
 java/org/apache/catalina/connector/Request.java|  7 +--
 .../catalina/core/ApplicationHttpRequest.java  |  8 +++-
 .../apache/catalina/core/LocalStrings.properties   |  1 +
 .../catalina/core/LocalStrings_cs.properties   |  2 +
 .../catalina/core/LocalStrings_es.properties   |  2 +
 .../catalina/core/LocalStrings_fr.properties   |  1 +
 .../catalina/core/LocalStrings_ja.properties   |  1 +
 .../catalina/core/LocalStrings_ko.properties   |  1 +
 .../catalina/core/LocalStrings_zh_CN.properties|  1 +
 .../apache/coyote/http11/Http11InputBuffer.java|  8 +++-
 .../coyote/http11/filters/ChunkedInputFilter.java  | 15 ++-
 .../coyote/http11/filters/LocalStrings.properties  |  2 +
 java/org/apache/coyote/http2/Http2AsyncParser.java | 51 --
 java/org/apache/coyote/http2/Http2Protocol.java| 19 +++-
 .../apache/coyote/http2/Http2UpgradeHandler.java   |  9 +++-
 java/org/apache/tomcat/util/buf/B2CConverter.java  | 11 -
 java/org/apache/tomcat/util/buf/C2BConverter.java  | 15 ++-
 .../apache/tomcat/util/buf/LocalStrings.properties |  3 ++
 webapps/docs/changelog.xml | 10 +
 webapps/docs/config/http2.xml  |  9 +++-
 21 files changed, 142 insertions(+), 35 deletions(-)


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] 01/03: Align processing of trailer headers with standard processing

[markt]

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git

commit eb5c094e5560764cda436362254997511a3ca1f6
Author: Mark Thomas 
AuthorDate: Thu Oct 5 20:51:48 2023 +0100

Align processing of trailer headers with standard processing
---
 java/org/apache/coyote/http11/Http11InputBuffer.java  |  8 +++-
 .../apache/coyote/http11/filters/ChunkedInputFilter.java  | 15 ++-
 .../apache/coyote/http11/filters/LocalStrings.properties  |  2 ++
 webapps/docs/changelog.xml|  3 +++
 4 files changed, 26 insertions(+), 2 deletions(-)

diff --git a/java/org/apache/coyote/http11/Http11InputBuffer.java 
b/java/org/apache/coyote/http11/Http11InputBuffer.java
index 78c9c1463b..1ae9eba04b 100644
--- a/java/org/apache/coyote/http11/Http11InputBuffer.java
+++ b/java/org/apache/coyote/http11/Http11InputBuffer.java
@@ -826,6 +826,12 @@ public class Http11InputBuffer implements InputBuffer, 
ApplicationBufferHandler
  */
 private HeaderParseStatus parseHeader() throws IOException {
 
+/*
+ * Implementation note: Any changes to this method probably need to be 
echoed in
+ * ChunkedInputFilter.parseHeader(). Why not use a common 
implementation? In short, this code uses non-blocking
+ * reads whereas ChunkedInputFilter using blocking reads. The code is 
just different enough that a common
+ * implementation wasn't viewed as practical.
+ */
 while (headerParsePos == HeaderParsePosition.HEADER_START) {
 
 // Read new bytes if needed
@@ -968,7 +974,7 @@ public class Http11InputBuffer implements InputBuffer, 
ApplicationBufferHandler
 } else if (prevChr == Constants.CR) {
 // Invalid value - also need to delete header
 return skipLine();
-} else if (chr != Constants.HT && 
HttpParser.isControl(chr)) {
+} else if (HttpParser.isControl(chr) && chr != 
Constants.HT) {
 // Invalid value - also need to delete header
 return skipLine();
 } else if (chr == Constants.SP || chr == Constants.HT) {
diff --git a/java/org/apache/coyote/http11/filters/ChunkedInputFilter.java 
b/java/org/apache/coyote/http11/filters/ChunkedInputFilter.java
index 7fe17f7b9d..3e844afb11 100644
--- a/java/org/apache/coyote/http11/filters/ChunkedInputFilter.java
+++ b/java/org/apache/coyote/http11/filters/ChunkedInputFilter.java
@@ -30,6 +30,7 @@ import org.apache.coyote.http11.Constants;
 import org.apache.coyote.http11.InputFilter;
 import org.apache.tomcat.util.buf.ByteChunk;
 import org.apache.tomcat.util.buf.HexUtils;
+import org.apache.tomcat.util.http.parser.HttpParser;
 import org.apache.tomcat.util.net.ApplicationBufferHandler;
 import org.apache.tomcat.util.res.StringManager;
 
@@ -443,6 +444,13 @@ public class ChunkedInputFilter implements InputFilter, 
ApplicationBufferHandler
 
 private boolean parseHeader() throws IOException {
 
+/*
+ * Implementation note: Any changes to this method probably need to be 
echoed in
+ * Http11InputBuffer.parseHeader(). Why not use a common 
implementation? In short, this code uses blocking
+ * reads whereas Http11InputBuffer using non-blocking reads. The code 
is just different enough that a common
+ * implementation wasn't viewed as practical.
+ */
+
 Map headers = request.getTrailerFields();
 
 byte chr = 0;
@@ -489,6 +497,9 @@ public class ChunkedInputFilter implements InputFilter, 
ApplicationBufferHandler
 
 if (chr == Constants.COLON) {
 colon = true;
+} else if (!HttpParser.isToken(chr)) {
+// Non-token characters are illegal in header names
+throw new 
IOException(sm.getString("chunkedInputFilter.invalidTrailerHeaderName"));
 } else {
 trailingHeaders.append(chr);
 }
@@ -550,7 +561,9 @@ public class ChunkedInputFilter implements InputFilter, 
ApplicationBufferHandler
 if (chr == Constants.CR || chr == Constants.LF) {
 parseCRLF(true);
 eol = true;
-} else if (chr == Constants.SP) {
+} else if (HttpParser.isControl(chr) && chr != Constants.HT) {
+throw new 
IOException(sm.getString("chunkedInputFilter.invalidTrailerHeaderValue"));
+} else if (chr == Constants.SP || chr == Constants.HT) {
 trailingHeaders.append(chr);
 } else {
 trailingHeaders.append(chr);
diff --git a/java/org/apache/coyote/http11/filters/LocalStrings.properties 
b/java/org/apache/coyote/http11/filters/LocalStrings.properties
index 72dc788bc5..3114a87d0a 100644
--- 

Buildbot success in on tomcat-9.0.x

[buildbot]

Build status: Build succeeded!
Worker used: bb_worker2_ubuntu
URL: https://ci2.apache.org/#builders/37/builds/721
Blamelist: Mark Thomas , remm 
Build Text: build successful
Status Detected: restored build
Build Source Stamp: [branch 9.0.x] 529370e1ccef7b4082e33c4b6399a25b8b9f3d22


Steps:

  worker_preparation: 0

  git: 0

  shell: 0

  shell_1: 0

  shell_2: 0

  shell_3: 0

  shell_4: 0

  shell_5: 0

  compile: 1

  shell_6: 0

  shell_7: 0

  shell_8: 0

  shell_9: 0

  Rsync docs to nightlies.apache.org: 0

  shell_10: 0

  Rsync RAT to nightlies.apache.org: 0

  compile_1: 1

  shell_11: 0

  Rsync Logs to nightlies.apache.org: 0


-- ASF Buildbot


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch main updated: Add experimental FilterValve, which allows a Filter to be run within the Valve chain.

[schultz]

This is an automated email from the ASF dual-hosted git repository.

schultz pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/main by this push:
 new dc5b18d898 Add experimental FilterValve, which allows a Filter to be 
run within the Valve chain.
dc5b18d898 is described below

commit dc5b18d8989cf816c0870f236f6ccaade8b16ff3
Author: Christopher Schultz 
AuthorDate: Mon Oct 9 15:45:42 2023 -0400

Add experimental FilterValve, which allows a Filter to be run within the 
Valve chain.
---
 .../apache/catalina/startup/ContextRuleSet.java|   3 +
 .../org/apache/catalina/startup/EngineRuleSet.java |   3 +
 java/org/apache/catalina/startup/HostRuleSet.java  |   3 +
 java/org/apache/catalina/valves/FilterValve.java   | 262 +
 4 files changed, 271 insertions(+)

diff --git a/java/org/apache/catalina/startup/ContextRuleSet.java 
b/java/org/apache/catalina/startup/ContextRuleSet.java
index 4aa081e083..5864a104c2 100644
--- a/java/org/apache/catalina/startup/ContextRuleSet.java
+++ b/java/org/apache/catalina/startup/ContextRuleSet.java
@@ -212,6 +212,9 @@ public class ContextRuleSet implements RuleSet {
  null, // MUST be specified in the element
  "className");
 digester.addSetProperties(prefix + "Context/Valve");
+digester.addCallMethod(prefix + "Context/Valve/init-param", 
"addInitParam", 2);
+digester.addCallParam(prefix + "Context/Valve/init-param/param-name", 
0);
+digester.addCallParam(prefix + "Context/Valve/init-param/param-value", 
1);
 digester.addSetNext(prefix + "Context/Valve",
 "addValve",
 "org.apache.catalina.Valve");
diff --git a/java/org/apache/catalina/startup/EngineRuleSet.java 
b/java/org/apache/catalina/startup/EngineRuleSet.java
index f98e285a86..153d364854 100644
--- a/java/org/apache/catalina/startup/EngineRuleSet.java
+++ b/java/org/apache/catalina/startup/EngineRuleSet.java
@@ -111,6 +111,9 @@ public class EngineRuleSet implements RuleSet {
  null, // MUST be specified in the element
  "className");
 digester.addSetProperties(prefix + "Engine/Valve");
+digester.addCallMethod(prefix + "Engine/Valve/init-param", 
"addInitParam", 2);
+digester.addCallParam(prefix + "Engine/Valve/init-param/param-name", 
0);
+digester.addCallParam(prefix + "Engine/Valve/init-param/param-value", 
1);
 digester.addSetNext(prefix + "Engine/Valve",
 "addValve",
 "org.apache.catalina.Valve");
diff --git a/java/org/apache/catalina/startup/HostRuleSet.java 
b/java/org/apache/catalina/startup/HostRuleSet.java
index 3114cc1f9a..135ceb06c4 100644
--- a/java/org/apache/catalina/startup/HostRuleSet.java
+++ b/java/org/apache/catalina/startup/HostRuleSet.java
@@ -115,6 +115,9 @@ public class HostRuleSet implements RuleSet {
  null, // MUST be specified in the element
  "className");
 digester.addSetProperties(prefix + "Host/Valve");
+digester.addCallMethod(prefix + "Host/Valve/init-param", 
"addInitParam", 2);
+digester.addCallParam(prefix + "Host/Valve/init-param/param-name", 0);
+digester.addCallParam(prefix + "Host/Valve/init-param/param-value", 1);
 digester.addSetNext(prefix + "Host/Valve",
 "addValve",
 "org.apache.catalina.Valve");
diff --git a/java/org/apache/catalina/valves/FilterValve.java 
b/java/org/apache/catalina/valves/FilterValve.java
new file mode 100644
index 00..44192671c9
--- /dev/null
+++ b/java/org/apache/catalina/valves/FilterValve.java
@@ -0,0 +1,262 @@
+package org.apache.catalina.valves;
+
+import java.io.IOException;
+import java.lang.reflect.InvocationHandler;
+import java.lang.reflect.InvocationTargetException;
+import java.lang.reflect.Method;
+import java.lang.reflect.Proxy;
+import java.util.Collections;
+import java.util.Enumeration;
+import java.util.HashMap;
+import java.util.concurrent.ScheduledExecutorService;
+
+import org.apache.catalina.Container;
+import org.apache.catalina.Context;
+import org.apache.catalina.LifecycleException;
+import org.apache.catalina.connector.Request;
+import org.apache.catalina.connector.Response;
+import org.apache.tomcat.util.threads.ScheduledThreadPoolExecutor;
+
+import jakarta.servlet.Filter;
+import jakarta.servlet.FilterChain;
+import jakarta.servlet.FilterConfig;
+import jakarta.servlet.ServletContext;
+import jakarta.servlet.ServletException;
+import jakarta.servlet.ServletRequest;
+import jakarta.servlet.ServletResponse;
+
+/**
+ * A Valve to wrap a Filter, allowing a user to run Servlet Filters as a
+ * part of the Valve chain.
+ *
+ * There are 

Buildbot failure in on tomcat-9.0.x

[buildbot]

Build status: BUILD FAILED: failed compile (failure)
Worker used: bb_worker2_ubuntu
URL: https://ci2.apache.org/#builders/37/builds/720
Blamelist: remm 
Build Text: failed compile (failure)
Status Detected: new failure
Build Source Stamp: [branch 9.0.x] 55380893300280ecfdba3ec74b49651c39fe82f6


Steps:

  worker_preparation: 0

  git: 0

  shell: 0

  shell_1: 0

  shell_2: 0

  shell_3: 0

  shell_4: 0

  shell_5: 0

  compile: 1

  shell_6: 0

  shell_7: 0

  shell_8: 0

  shell_9: 0

  Rsync docs to nightlies.apache.org: 0

  shell_10: 0

  Rsync RAT to nightlies.apache.org: 0

  compile_1: 2

  shell_11: 0

  Rsync Logs to nightlies.apache.org: 0


-- ASF Buildbot


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch 8.5.x updated: Restore i18n string incorrectly removed back in 2011

[markt]

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/8.5.x by this push:
 new 28c22d727b Restore i18n string incorrectly removed back in 2011
28c22d727b is described below

commit 28c22d727b094ae326f5790c2d21b900d2ea79e7
Author: Mark Thomas 
AuthorDate: Mon Oct 9 13:51:36 2023 -0300

Restore i18n string incorrectly removed back in 2011
---
 java/javax/el/LocalStrings.properties | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/java/javax/el/LocalStrings.properties 
b/java/javax/el/LocalStrings.properties
index 3c510859e1..02ce32b154 100644
--- a/java/javax/el/LocalStrings.properties
+++ b/java/javax/el/LocalStrings.properties
@@ -44,6 +44,8 @@ propertyNotWritable=Property [{1}] not writable on type [{0}]
 propertyReadError=Error reading [{1}] on type [{0}]
 propertyWriteError=Error writing [{1}] on type [{0}]
 
+resolverNotWritable=ELResolver not writable for type [{0}]
+
 staticFieldELResolver.methodNotFound=No matching public static method named 
[{0}] found on class [{1}]
 staticFieldELResolver.notFound=No public static field named [{0}] was found on 
(exported for Java 9+) class [{1}]
 staticFieldELResolver.notWritable=Writing to static fields (in this case field 
[{0}] on class [{1}]) is not permitted


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch 9.0.x updated: Restore i18n string incorrectly removed back in 2011

[markt]

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/9.0.x by this push:
 new 529370e1cc Restore i18n string incorrectly removed back in 2011
529370e1cc is described below

commit 529370e1ccef7b4082e33c4b6399a25b8b9f3d22
Author: Mark Thomas 
AuthorDate: Mon Oct 9 13:51:36 2023 -0300

Restore i18n string incorrectly removed back in 2011
---
 java/javax/el/LocalStrings.properties | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/java/javax/el/LocalStrings.properties 
b/java/javax/el/LocalStrings.properties
index 3c510859e1..02ce32b154 100644
--- a/java/javax/el/LocalStrings.properties
+++ b/java/javax/el/LocalStrings.properties
@@ -44,6 +44,8 @@ propertyNotWritable=Property [{1}] not writable on type [{0}]
 propertyReadError=Error reading [{1}] on type [{0}]
 propertyWriteError=Error writing [{1}] on type [{0}]
 
+resolverNotWritable=ELResolver not writable for type [{0}]
+
 staticFieldELResolver.methodNotFound=No matching public static method named 
[{0}] found on class [{1}]
 staticFieldELResolver.notFound=No public static field named [{0}] was found on 
(exported for Java 9+) class [{1}]
 staticFieldELResolver.notWritable=Writing to static fields (in this case field 
[{0}] on class [{1}]) is not permitted


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch 10.1.x updated: Restore i18n string incorrectly removed back in 2011

[markt]

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 10.1.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/10.1.x by this push:
 new 437e0d4385 Restore i18n string incorrectly removed back in 2011
437e0d4385 is described below

commit 437e0d438546c13d74cbf2e10effeb7b8634861d
Author: Mark Thomas 
AuthorDate: Mon Oct 9 13:51:36 2023 -0300

Restore i18n string incorrectly removed back in 2011
---
 java/jakarta/el/LocalStrings.properties | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/java/jakarta/el/LocalStrings.properties 
b/java/jakarta/el/LocalStrings.properties
index 068877d62e..c337c071e5 100644
--- a/java/jakarta/el/LocalStrings.properties
+++ b/java/jakarta/el/LocalStrings.properties
@@ -44,6 +44,8 @@ propertyNotWritable=Property [{1}] not writable on type [{0}]
 propertyReadError=Error reading [{1}] on type [{0}]
 propertyWriteError=Error writing [{1}] on type [{0}]
 
+resolverNotWritable=ELResolver not writable for type [{0}]
+
 staticFieldELResolver.methodNotFound=No matching public static method named 
[{0}] found on class [{1}]
 staticFieldELResolver.notFound=No public static field named [{0}] was found on 
exported class [{1}]
 staticFieldELResolver.notWritable=Writing to static fields (in this case field 
[{0}] on class [{1}]) is not permitted


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch main updated: Restore i18n string incorrectly removed back in 2011

[markt]

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/main by this push:
 new 2bc30cedd2 Restore i18n string incorrectly removed back in 2011
2bc30cedd2 is described below

commit 2bc30cedd2364a7f736547f73b44a4213f09e399
Author: Mark Thomas 
AuthorDate: Mon Oct 9 13:51:36 2023 -0300

Restore i18n string incorrectly removed back in 2011
---
 java/jakarta/el/LocalStrings.properties | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/java/jakarta/el/LocalStrings.properties 
b/java/jakarta/el/LocalStrings.properties
index 068877d62e..c337c071e5 100644
--- a/java/jakarta/el/LocalStrings.properties
+++ b/java/jakarta/el/LocalStrings.properties
@@ -44,6 +44,8 @@ propertyNotWritable=Property [{1}] not writable on type [{0}]
 propertyReadError=Error reading [{1}] on type [{0}]
 propertyWriteError=Error writing [{1}] on type [{0}]
 
+resolverNotWritable=ELResolver not writable for type [{0}]
+
 staticFieldELResolver.methodNotFound=No matching public static method named 
[{0}] found on class [{1}]
 staticFieldELResolver.notFound=No public static field named [{0}] was found on 
exported class [{1}]
 staticFieldELResolver.notWritable=Writing to static fields (in this case field 
[{0}] on class [{1}]) is not permitted


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 67626] multipart request parts require Content-Disposition: form-data, even when another multipart-subtype is used

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=67626

--- Comment #4 from hans.ris...@data-experts.de ---
Hi Michael, thanks for the additional context - I just wanted to make sure I
follow completely.

> The bundled Commons Upload MUST NOT be used to parse anything but, as Mark 
> said,
> form data as per Servlet spec. Use an external Commons FileUpload.

Do you mean to say that
1) you disagree with Mark that Tomcat _maybe_ could go beyond the spec if it
permits or
2) that the spec doesn't permit it?

---

I'm also not positive I understand your proposal to 

> Use an external Commons FileUpload

Do you mean to say we should opt to receive a bare HttpRequest and put it
through Commons FileUpload ourselves instead of through the Framework, and then
make use of some kind of configuration or extension options? 

---

As for your comments of Spring Boot - I believe it would, from that piece of
documentation, allow us to integrate our own Multipart resolver and handle all
of this ourselves, but as an application developer, that doesn't seem to be a
very enticing prospect.

---

Since we are in a situation to do that, we have chosen to take a pragmatic
approach and use multipart/form-data, even though I would have preferred
multipart/mixed from the semantic descriptions, so if you believe there's no
further interest in this, feel free to close.

It was surprising to me that other multipart types aren't in the scope of
Tomcat here, but if that's the situation I thank you for taking the time to
enlighten me at the very least =)

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch 8.5.x updated: Remove some printStackTrace

[remm]

This is an automated email from the ASF dual-hosted git repository.

remm pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/8.5.x by this push:
 new d637c1d89d Remove some printStackTrace
d637c1d89d is described below

commit d637c1d89da031ec76f18b01571a764ad884dbe8
Author: remm 
AuthorDate: Mon Oct 9 16:49:25 2023 +0200

Remove some printStackTrace
---
 java/org/apache/catalina/startup/Bootstrap.java | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/java/org/apache/catalina/startup/Bootstrap.java 
b/java/org/apache/catalina/startup/Bootstrap.java
index 018b899bb1..57d9f8ddf7 100644
--- a/java/org/apache/catalina/startup/Bootstrap.java
+++ b/java/org/apache/catalina/startup/Bootstrap.java
@@ -447,7 +447,7 @@ public final class Bootstrap {
 bootstrap.init();
 } catch (Throwable t) {
 handleThrowable(t);
-t.printStackTrace();
+log.error("Init exception", t);
 return;
 }
 daemon = bootstrap;
@@ -497,7 +497,7 @@ public final class Bootstrap {
 t = t.getCause();
 }
 handleThrowable(t);
-t.printStackTrace();
+log.error("Error running command", t);
 System.exit(1);
 }
 }


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch 9.0.x updated: Remove some printStackTrace

[remm]

This is an automated email from the ASF dual-hosted git repository.

remm pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/9.0.x by this push:
 new 5538089330 Remove some printStackTrace
5538089330 is described below

commit 55380893300280ecfdba3ec74b49651c39fe82f6
Author: remm 
AuthorDate: Mon Oct 9 16:49:25 2023 +0200

Remove some printStackTrace
---
 java/org/apache/catalina/startup/Bootstrap.java | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/java/org/apache/catalina/startup/Bootstrap.java 
b/java/org/apache/catalina/startup/Bootstrap.java
index 461d54b304..edf2ea81e5 100644
--- a/java/org/apache/catalina/startup/Bootstrap.java
+++ b/java/org/apache/catalina/startup/Bootstrap.java
@@ -447,7 +447,7 @@ public final class Bootstrap {
 bootstrap.init();
 } catch (Throwable t) {
 handleThrowable(t);
-t.printStackTrace();
+log.error("Init exception", t);
 return;
 }
 daemon = bootstrap;
@@ -497,7 +497,7 @@ public final class Bootstrap {
 t = t.getCause();
 }
 handleThrowable(t);
-t.printStackTrace();
+log.error("Error running command", t);
 System.exit(1);
 }
 }


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch 10.1.x updated: Remove some printStackTrace

[remm]

This is an automated email from the ASF dual-hosted git repository.

remm pushed a commit to branch 10.1.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/10.1.x by this push:
 new 623233e57d Remove some printStackTrace
623233e57d is described below

commit 623233e57d41ec29fb7db3aabf4218327669078b
Author: remm 
AuthorDate: Mon Oct 9 16:49:25 2023 +0200

Remove some printStackTrace
---
 java/org/apache/catalina/startup/Bootstrap.java | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/java/org/apache/catalina/startup/Bootstrap.java 
b/java/org/apache/catalina/startup/Bootstrap.java
index 461d54b304..edf2ea81e5 100644
--- a/java/org/apache/catalina/startup/Bootstrap.java
+++ b/java/org/apache/catalina/startup/Bootstrap.java
@@ -447,7 +447,7 @@ public final class Bootstrap {
 bootstrap.init();
 } catch (Throwable t) {
 handleThrowable(t);
-t.printStackTrace();
+log.error("Init exception", t);
 return;
 }
 daemon = bootstrap;
@@ -497,7 +497,7 @@ public final class Bootstrap {
 t = t.getCause();
 }
 handleThrowable(t);
-t.printStackTrace();
+log.error("Error running command", t);
 System.exit(1);
 }
 }


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch main updated: Remove some printStackTrace

[remm]

This is an automated email from the ASF dual-hosted git repository.

remm pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/main by this push:
 new a495839b67 Remove some printStackTrace
a495839b67 is described below

commit a495839b671eb9d7483636fb5b8eb83633a87930
Author: remm 
AuthorDate: Mon Oct 9 16:49:25 2023 +0200

Remove some printStackTrace
---
 java/org/apache/catalina/startup/Bootstrap.java | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/java/org/apache/catalina/startup/Bootstrap.java 
b/java/org/apache/catalina/startup/Bootstrap.java
index d5a6bdcd29..dfe35fd682 100644
--- a/java/org/apache/catalina/startup/Bootstrap.java
+++ b/java/org/apache/catalina/startup/Bootstrap.java
@@ -444,7 +444,7 @@ public final class Bootstrap {
 bootstrap.init();
 } catch (Throwable t) {
 handleThrowable(t);
-t.printStackTrace();
+log.error("Init exception", t);
 return;
 }
 daemon = bootstrap;
@@ -494,7 +494,7 @@ public final class Bootstrap {
 t = t.getCause();
 }
 handleThrowable(t);
-t.printStackTrace();
+log.error("Error running command", t);
 System.exit(1);
 }
 }


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: Alternative TLS 1.3 cipher suite names

[Rémy Maucherat]

On Mon, Oct 9, 2023 at 4:39 PM Christopher Schultz
 wrote:
>
> All,
>
> I was cleaning some things up today and I found this patch in my tomcat
> fork. I tried to find the place where I found these cipher suite aliases
> and I think it's only present in CloudFlare's documentation[1].
>
> Is this patch at all useful?

I thinkMark is always syncing with the OpenSSL upstream cipher list.
So it never fully matches with derivatives and distro packaged ones
basically.

Rémy

> -chris
>
> [1]
> https://developers.cloudflare.com/ssl/origin-configuration/cipher-suites/
>
>  CUT 
>
> diff --git a/java/org/apache/tomcat/util/net/openssl/ciphers/Cipher.java
> b/java/org/apache/tomcat/util/net/openssl/ciphers/Cipher.java
> index a5aee1292d..e433f5987f 100644
> --- a/java/org/apache/tomcat/util/net/openssl/ciphers/Cipher.java
> +++ b/java/org/apache/tomcat/util/net/openssl/ciphers/Cipher.java
> @@ -2713,7 +2713,7 @@ public enum Cipher {
>   128,
>   128,
>   null,
> -null
> +new String[] { "AEAD-AES128-GCM-SHA256" }
>   ),
>   // Cipher 1302
>   TLS_AES_256_GCM_SHA384(
> @@ -2730,7 +2730,7 @@ public enum Cipher {
>   256,
>   256,
>   null,
> -null
> +new String[] { "AEAD-AES256-GCM-SHA384" }
>   ),
>   // Cipher 1303
>   TLS_CHACHA20_POLY1305_SHA256(
> @@ -2747,7 +2747,7 @@ public enum Cipher {
>   256,
>   256,
>   null,
> -null
> +new String[] { "AEAD-CHACHA20-POLY1305-SHA256" }
>   ),
>   // Cipher 1304
>   TLS_AES_128_CCM_SHA256(
>
> -
> To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: dev-h...@tomcat.apache.org
>

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Alternative TLS 1.3 cipher suite names

[Christopher Schultz]

All,

I was cleaning some things up today and I found this patch in my tomcat 
fork. I tried to find the place where I found these cipher suite aliases 
and I think it's only present in CloudFlare's documentation[1].


Is this patch at all useful?

-chris

[1] 
https://developers.cloudflare.com/ssl/origin-configuration/cipher-suites/


 CUT 

diff --git a/java/org/apache/tomcat/util/net/openssl/ciphers/Cipher.java 
b/java/org/apache/tomcat/util/net/openssl/ciphers/Cipher.java

index a5aee1292d..e433f5987f 100644
--- a/java/org/apache/tomcat/util/net/openssl/ciphers/Cipher.java
+++ b/java/org/apache/tomcat/util/net/openssl/ciphers/Cipher.java
@@ -2713,7 +2713,7 @@ public enum Cipher {
 128,
 128,
 null,
-null
+new String[] { "AEAD-AES128-GCM-SHA256" }
 ),
 // Cipher 1302
 TLS_AES_256_GCM_SHA384(
@@ -2730,7 +2730,7 @@ public enum Cipher {
 256,
 256,
 null,
-null
+new String[] { "AEAD-AES256-GCM-SHA384" }
 ),
 // Cipher 1303
 TLS_CHACHA20_POLY1305_SHA256(
@@ -2747,7 +2747,7 @@ public enum Cipher {
 256,
 256,
 null,
-null
+new String[] { "AEAD-CHACHA20-POLY1305-SHA256" }
 ),
 // Cipher 1304
 TLS_AES_128_CCM_SHA256(

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org