[Bug 61542] Apache Tomcat Remote Code Execution via JSP Upload bypass
https://bz.apache.org/bugzilla/show_bug.cgi?id=61542 Chuck Caldarale changed: What|Removed |Added URL|https://forum.czaswojny.int | |eria.pl/index.php?page=User | |=30514 | -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 61542] Apache Tomcat Remote Code Execution via JSP Upload bypass
https://bz.apache.org/bugzilla/show_bug.cgi?id=61542 jhon005 changed: What|Removed |Added URL|https://animex2.statuspage. |https://forum.czaswojny.int |io |eria.pl/index.php?page=User ||=30514 -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 57665] support x-forwarded-host
https://bz.apache.org/bugzilla/show_bug.cgi?id=57665 jhon005 changed: What|Removed |Added URL||https://animex2.statuspage. ||io --- Comment #26 from jhon005 --- https://www.merdeka.com/?c=%3Ch1%3E%3Ca%20href=%22https://gogoanimex.me/category/nierautomata-ver1-1a%22%3Enierautomata-ver1-1a-gogoanime%3C/a%3E%3C/h1%3E https://www.flexmls.com/cgi-bin/mainmenu.cgi?cmd=url+search/reports/step1.html=Y_tech_id=_id=x%27230719212645540900%27=Our%20Land%20Listings_listings=Next5=list_price_text=nierautomata-ver1-1a-gogoanime_url=https://gogoanimex.me/category/nierautomata-ver1-1a https://hezuo.xcar.com.cn/index.php?partner=weixin_share=0=https://gogoanimex.me/category/nierautomata-ver1-1a=nierautomata-ver1-1a-gogoanime https://tool.lusongsong.com/Alexa/21.php?url=%3Ca%20href=%22https://gogoanimex.me/category/nierautomata-ver1-1a%22%3Enierautomata-ver1-1a-gogoanime%3C/a%3E https://www.omicsonline.org/recommend-to-librarian.php?title=nierautomata-ver1-1a-gogoanime=https://gogoanimex.me/category/nierautomata-ver1-1a https://www.merdeka.com/?c=%3Ch1%3E%3Ca%20href=%22https://gogoanimex.me/category/karakai-jouzu-no-takagi-san-2%22%3Ekarakai-jouzu-no-takagi-san-2-gogoanime%3C/a%3E%3C/h1%3E https://www.flexmls.com/cgi-bin/mainmenu.cgi?cmd=url+search/reports/step1.html=Y_tech_id=_id=x%27230719212645540900%27=Our%20Land%20Listings_listings=Next5=list_price_text=karakai-jouzu-no-takagi-san-2-gogoanime_url=https://gogoanimex.me/category/karakai-jouzu-no-takagi-san-2 https://hezuo.xcar.com.cn/index.php?partner=weixin_share=0=https://gogoanimex.me/category/karakai-jouzu-no-takagi-san-2=karakai-jouzu-no-takagi-san-2-gogoanime https://tool.lusongsong.com/Alexa/21.php?url=%3Ca%20href=%22https://gogoanimex.me/category/karakai-jouzu-no-takagi-san-2%22%3Ekarakai-jouzu-no-takagi-san-2-gogoanime%3C/a%3E https://www.omicsonline.org/recommend-to-librarian.php?title=karakai-jouzu-no-takagi-san-2-gogoanime=https://gogoanimex.me/category/karakai-jouzu-no-takagi-san-2 https://www.merdeka.com/?c=%3Ch1%3E%3Ca%20href=%22https://gogoanimex.me/category/big-order-tv%22%3Ebig-order-tv-gogoanime%3C/a%3E%3C/h1%3E https://www.flexmls.com/cgi-bin/mainmenu.cgi?cmd=url+search/reports/step1.html=Y_tech_id=_id=x%27230719212645540900%27=Our%20Land%20Listings_listings=Next5=list_price_text=big-order-tv-gogoanime_url=https://gogoanimex.me/category/big-order-tv https://hezuo.xcar.com.cn/index.php?partner=weixin_share=0=https://gogoanimex.me/category/big-order-tv=big-order-tv-gogoanime https://tool.lusongsong.com/Alexa/21.php?url=%3Ca%20href=%22https://gogoanimex.me/category/big-order-tv%22%3Ebig-order-tv-gogoanime%3C/a%3E https://www.omicsonline.org/recommend-to-librarian.php?title=big-order-tv-gogoanime=https://gogoanimex.me/category/big-order-tv https://www.merdeka.com/?c=%3Ch1%3E%3Ca%20href=%22https://gogoanimex.me/category/katsute-kami-datta-kemono-tachi-e%22%3Ekatsute-kami-datta-kemono-tachi-e-gogoanime%3C/a%3E%3C/h1%3E https://www.flexmls.com/cgi-bin/mainmenu.cgi?cmd=url+search/reports/step1.html=Y_tech_id=_id=x%27230719212645540900%27=Our%20Land%20Listings_listings=Next5=list_price_text=katsute-kami-datta-kemono-tachi-e-gogoanime_url=https://gogoanimex.me/category/katsute-kami-datta-kemono-tachi-e https://hezuo.xcar.com.cn/index.php?partner=weixin_share=0=https://gogoanimex.me/category/katsute-kami-datta-kemono-tachi-e=katsute-kami-datta-kemono-tachi-e-gogoanime https://tool.lusongsong.com/Alexa/21.php?url=%3Ca%20href=%22https://gogoanimex.me/category/katsute-kami-datta-kemono-tachi-e%22%3Ekatsute-kami-datta-kemono-tachi-e-gogoanime%3C/a%3E https://www.omicsonline.org/recommend-to-librarian.php?title=katsute-kami-datta-kemono-tachi-e-gogoanime=https://gogoanimex.me/category/katsute-kami-datta-kemono-tachi-e https://www.merdeka.com/?c=%3Ch1%3E%3Ca%20href=%22https://gogoanimex.me/category/tensei-shitara-slime-datta-ken-2nd-season%22%3Etensei-shitara-slime-datta-ken-2nd-season-gogoanime%3C/a%3E%3C/h1%3E https://www.flexmls.com/cgi-bin/mainmenu.cgi?cmd=url+search/reports/step1.html=Y_tech_id=_id=x%27230719212645540900%27=Our%20Land%20Listings_listings=Next5=list_price_text=tensei-shitara-slime-datta-ken-2nd-season-gogoanime_url=https://gogoanimex.me/category/tensei-shitara-slime-datta-ken-2nd-season https://hezuo.xcar.com.cn/index.php?partner=weixin_share=0=https://gogoanimex.me/category/tensei-shitara-slime-datta-ken-2nd-season=tensei-shitara-slime-datta-ken-2nd-season-gogoanime https://tool.lusongsong.com/Alexa/21.php?url=%3Ca%20href=%22https://gogoanimex.me/category/tensei-shitara-slime-datta-ken-2nd-season%22%3Etensei-shitara-slime-datta-ken-2nd-season-gogoanime%3C/a%3E
[Bug 61542] Apache Tomcat Remote Code Execution via JSP Upload bypass
https://bz.apache.org/bugzilla/show_bug.cgi?id=61542 jhon005 changed: What|Removed |Added URL||https://animex2.statuspage. ||io --- Comment #13 from jhon005 --- https://www.atoallinks.com/2022/how-does-gogoanime-stand-apart-from-different-sites/ https://www.addonface.com/read-blog/8286_gogoanime-features-and-things-to-be-aware-of-gogoanime.html https://www.onfeetnation.com/profiles/blogs/what-is-gogoanime-how-to-download-animated-videos-from-gogoanime https://www.vaca-ps.org/blogs/1508/How-To-Get-Familiar-With-Gogoanime https://community.wongcw.com/blogs/171924/All-You-Want-To-Know-About-Gogoanime https://pwonline.ru/forums/fredirect.php?url=https://gogoanimex.me https://www.merdeka.com/?c=%3Ch1%3E%3Ca%20href=%22https://gogoanimex.me/category/bungou-stray-dogs%22%3Ebungou-stray-dogs-gogoanime%3C/a%3E%3C/h1%3E http://services.nfpa.org/Authentication/GetSSOSession.aspx?return=https://gogoanimex.me/ https://tool.lusongsong.com/Alexa/21.php?url=%3Ca%20href=%22https://gogoanimex.me/category/spy-kyoushitsu%22%3Espy-kyoushitsu-gogoanime%3C/a%3E https://tool.lusongsong.com/Alexa/21.php?url=%3Ca%20href=%22https://gogoanimex.me/category/kono-subarashii-sekai-ni-shukufuku-wo-3%22%3Ekono-subarashii-sekai-ni-shukufuku-wo-3-GogoAnime%3C/a%3E https://www.middlesex.mass.edu/templateinframes/?Site=Help=https://gogoanimex.me https://www.merdeka.com/?c=%3Ch1%3E%3Ca%20href=%22https://gogoanimex.me/category/spy-kyoushitsu%22%3Espy-kyoushitsu-gogoanime%3C/a%3E%3C/h1%3E https://www.merdeka.com/?c=%3Ch1%3E%3Ca%20href=%22https://gogoanimex.me/category/kimi-wa-houkago-insomnia%22%3Ekimi-wa-houkago-insomnia-gogoanime%3C/a%3E%3C/h1%3E https://www.merdeka.com/?c=%3Ch1%3E%3Ca%20href=%22https://gogoanimex.me/category/kimetsu-no-yaiba-yuukaku-hen%22%3Ekimetsu-no-yaiba-yuukaku-hen-gogoanime%3C/a%3E%3C/h1%3E https://www.merdeka.com/?c=%3Ch1%3E%3Ca%20href=%22https://gogoanimex.me/category/tsuki-ga-michibiku-isekai-douchuu-2nd-season%22%3Etsuki-ga-michibiku-isekai-douchuu-2nd-season-GogoAnime%3C/a%3E%3C/h1%3E https://tool.lusongsong.com/Alexa/21.php?url=%3Ca%20href=%22https://gogoanimex.me/category/lord-el-melloi-ii-sei-no-jikenbo-rail-zeppelin-grace-note%22%3Elord-el-melloi-ii-sei-no-jikenbo-rail-zeppelin-grace-note-gogoanime%3C/a%3E https://tool.lusongsong.com/Alexa/21.php?url=%3Ca%20href=%22https://gogoanimex.me/category/ore-dake-level-up-na-ken%22%3Eore-dake-level-up-na-ken-GogoAnime%3C/a%3E https://www.merdeka.com/?c=%3Ch1%3E%3Ca%20href=%22https://gogoanimex.me/category/ore-dake-level-up-na-ken%22%3Eore-dake-level-up-na-ken-GogoAnime%3C/a%3E%3C/h1%3E https://www.merdeka.com/?c=%3Ch1%3E%3Ca%20href=%22https://gogoanimex.me/category/detective-conan%22%3Edetective-conan-GogoAnime%3C/a%3E%3C/h1%3E https://tool.lusongsong.com/Alexa/21.php?url=%3Ca%20href=%22https://gogoanimex.me/category/girls-band-cry%22%3Egirls-band-cry-GogoAnime%3C/a%3E https://auth.uq.edu.au/idp/module.php/core/loginuserpass.php?AuthState=_8c8c1c15cd67c821ee4e342ec9e5dc32e21f491c33:https://gogoanimex.me https://www.merdeka.com/?c=%3Ch1%3E%3Ca%20href=%22https://gogoanimex.me/category/kono-subarashii-sekai-ni-shukufuku-wo-3%22%3Ekono-subarashii-sekai-ni-shukufuku-wo-3-GogoAnime%3C/a%3E%3C/h1%3E https://ecms.des.wa.gov/ECMSUserManager/ForgotPassword.aspx?system=5=https://gogoanimex.me https://bbs.vivo.com/in/link?target=https://gogoanimex.me/hitori-no-shita-the-outcast-2nd-season-episode-1 https://tool.lusongsong.com/Alexa/21.php?url=%3Ca%20href=%22https://gogoanimex.me/category/nierautomata-ver1-1a%22%3Enierautomata-ver1-1a-gogoanime%3C/a%3E https://www.pasda.psu.edu/uci/lancasterAgreement.aspx?File=https://gogoanimex.me https://track-registry.theknot.com/track/forward/d191573b-9d7d-4bcc-8d7b-45ccb411128b?rt=10275=https://gogoanimex.me https://tool.lusongsong.com/Alexa/21.php?url=%3Ca%20href=%22https://gogoanimex.me/category/kimetsu-no-yaiba-yuukaku-hen%22%3Ekimetsu-no-yaiba-yuukaku-hen-gogoanime%3C/a%3E https://tool.lusongsong.com/Alexa/21.php?url=%3Ca%20href=%22https://gogoanimex.me/category/gakusen-toshi-asterisk-2nd-season%22%3Egakusen-toshi-asterisk-2nd-season-gogoanime%3C/a%3E https://www.merdeka.com/?c=%3Ch1%3E%3Ca%20href=%22https://gogoanimex.me/category/gakusen-toshi-asterisk-2nd-season%22%3Egakusen-toshi-asterisk-2nd-season-gogoanime%3C/a%3E%3C/h1%3E https://tool.lusongsong.com/Alexa/21.php?url=%3Ca%20href=%22https://gogoanimex.me/category/tensei-shitara-slime-datta-ken-2nd-season%22%3Etensei-shitara-slime-datta-ken-2nd-season-gogoanime%3C/a%3E https://tool.lusongsong.com/Alexa/21.php?url=%3Ca%20href=%22https://gogoanimex.me/category/bungou-stray-dogs%22%3Ebungou-stray-dogs-gogoanime%3C/a%3E https://www.merdeka.com/?c=%3Ch1%3E%3Ca%20href=%22https://gogoanimex.me/category/date-a-live-v%22%3Edate-a-live-v-GogoAnime%3C/a%3E%3C/h1%3E
[Bug 57665] support x-forwarded-host
https://bz.apache.org/bugzilla/show_bug.cgi?id=57665 --- Comment #25 from jhon005 --- https://www.merdeka.com/?c=%3Ch1%3E%3Ca%20href=%22https://gogoanimex.me/category/nierautomata-ver1-1a%22%3Enierautomata-ver1-1a-gogoanime%3C/a%3E%3C/h1%3E https://www.flexmls.com/cgi-bin/mainmenu.cgi?cmd=url+search/reports/step1.html=Y_tech_id=_id=x%27230719212645540900%27=Our%20Land%20Listings_listings=Next5=list_price_text=nierautomata-ver1-1a-gogoanime_url=https://gogoanimex.me/category/nierautomata-ver1-1a https://hezuo.xcar.com.cn/index.php?partner=weixin_share=0=https://gogoanimex.me/category/nierautomata-ver1-1a=nierautomata-ver1-1a-gogoanime https://tool.lusongsong.com/Alexa/21.php?url=%3Ca%20href=%22https://gogoanimex.me/category/nierautomata-ver1-1a%22%3Enierautomata-ver1-1a-gogoanime%3C/a%3E https://www.omicsonline.org/recommend-to-librarian.php?title=nierautomata-ver1-1a-gogoanime=https://gogoanimex.me/category/nierautomata-ver1-1a https://www.merdeka.com/?c=%3Ch1%3E%3Ca%20href=%22https://gogoanimex.me/category/karakai-jouzu-no-takagi-san-2%22%3Ekarakai-jouzu-no-takagi-san-2-gogoanime%3C/a%3E%3C/h1%3E https://www.flexmls.com/cgi-bin/mainmenu.cgi?cmd=url+search/reports/step1.html=Y_tech_id=_id=x%27230719212645540900%27=Our%20Land%20Listings_listings=Next5=list_price_text=karakai-jouzu-no-takagi-san-2-gogoanime_url=https://gogoanimex.me/category/karakai-jouzu-no-takagi-san-2 https://hezuo.xcar.com.cn/index.php?partner=weixin_share=0=https://gogoanimex.me/category/karakai-jouzu-no-takagi-san-2=karakai-jouzu-no-takagi-san-2-gogoanime https://tool.lusongsong.com/Alexa/21.php?url=%3Ca%20href=%22https://gogoanimex.me/category/karakai-jouzu-no-takagi-san-2%22%3Ekarakai-jouzu-no-takagi-san-2-gogoanime%3C/a%3E https://www.omicsonline.org/recommend-to-librarian.php?title=karakai-jouzu-no-takagi-san-2-gogoanime=https://gogoanimex.me/category/karakai-jouzu-no-takagi-san-2 https://www.merdeka.com/?c=%3Ch1%3E%3Ca%20href=%22https://gogoanimex.me/category/big-order-tv%22%3Ebig-order-tv-gogoanime%3C/a%3E%3C/h1%3E https://www.flexmls.com/cgi-bin/mainmenu.cgi?cmd=url+search/reports/step1.html=Y_tech_id=_id=x%27230719212645540900%27=Our%20Land%20Listings_listings=Next5=list_price_text=big-order-tv-gogoanime_url=https://gogoanimex.me/category/big-order-tv https://hezuo.xcar.com.cn/index.php?partner=weixin_share=0=https://gogoanimex.me/category/big-order-tv=big-order-tv-gogoanime https://tool.lusongsong.com/Alexa/21.php?url=%3Ca%20href=%22https://gogoanimex.me/category/big-order-tv%22%3Ebig-order-tv-gogoanime%3C/a%3E https://www.omicsonline.org/recommend-to-librarian.php?title=big-order-tv-gogoanime=https://gogoanimex.me/category/big-order-tv https://www.merdeka.com/?c=%3Ch1%3E%3Ca%20href=%22https://gogoanimex.me/category/katsute-kami-datta-kemono-tachi-e%22%3Ekatsute-kami-datta-kemono-tachi-e-gogoanime%3C/a%3E%3C/h1%3E https://www.flexmls.com/cgi-bin/mainmenu.cgi?cmd=url+search/reports/step1.html=Y_tech_id=_id=x%27230719212645540900%27=Our%20Land%20Listings_listings=Next5=list_price_text=katsute-kami-datta-kemono-tachi-e-gogoanime_url=https://gogoanimex.me/category/katsute-kami-datta-kemono-tachi-e https://hezuo.xcar.com.cn/index.php?partner=weixin_share=0=https://gogoanimex.me/category/katsute-kami-datta-kemono-tachi-e=katsute-kami-datta-kemono-tachi-e-gogoanime https://tool.lusongsong.com/Alexa/21.php?url=%3Ca%20href=%22https://gogoanimex.me/category/katsute-kami-datta-kemono-tachi-e%22%3Ekatsute-kami-datta-kemono-tachi-e-gogoanime%3C/a%3E https://www.omicsonline.org/recommend-to-librarian.php?title=katsute-kami-datta-kemono-tachi-e-gogoanime=https://gogoanimex.me/category/katsute-kami-datta-kemono-tachi-e https://www.merdeka.com/?c=%3Ch1%3E%3Ca%20href=%22https://gogoanimex.me/category/tensei-shitara-slime-datta-ken-2nd-season%22%3Etensei-shitara-slime-datta-ken-2nd-season-gogoanime%3C/a%3E%3C/h1%3E https://www.flexmls.com/cgi-bin/mainmenu.cgi?cmd=url+search/reports/step1.html=Y_tech_id=_id=x%27230719212645540900%27=Our%20Land%20Listings_listings=Next5=list_price_text=tensei-shitara-slime-datta-ken-2nd-season-gogoanime_url=https://gogoanimex.me/category/tensei-shitara-slime-datta-ken-2nd-season https://hezuo.xcar.com.cn/index.php?partner=weixin_share=0=https://gogoanimex.me/category/tensei-shitara-slime-datta-ken-2nd-season=tensei-shitara-slime-datta-ken-2nd-season-gogoanime https://tool.lusongsong.com/Alexa/21.php?url=%3Ca%20href=%22https://gogoanimex.me/category/tensei-shitara-slime-datta-ken-2nd-season%22%3Etensei-shitara-slime-datta-ken-2nd-season-gogoanime%3C/a%3E https://www.omicsonline.org/recommend-to-librarian.php?title=tensei-shitara-slime-datta-ken-2nd-season-gogoanime=https://gogoanimex.me/category/tensei-shitara-slime-datta-ken-2nd-season https://www.merdeka.com/?c=%3Ch1%3E%3Ca%20href=%22https://gogoanimex.me/category/boku-no-hero-academia%22%3Eboku-no-hero-academia-gogoanime%3C/a%3E%3C/h1%3E
[Bug 61542] Apache Tomcat Remote Code Execution via JSP Upload bypass
https://bz.apache.org/bugzilla/show_bug.cgi?id=61542 --- Comment #12 from jhon005 --- https://www.atoallinks.com/2022/how-does-gogoanime-stand-apart-from-different-sites/ https://www.addonface.com/read-blog/8286_gogoanime-features-and-things-to-be-aware-of-gogoanime.html https://www.onfeetnation.com/profiles/blogs/what-is-gogoanime-how-to-download-animated-videos-from-gogoanime https://www.vaca-ps.org/blogs/1508/How-To-Get-Familiar-With-Gogoanime https://community.wongcw.com/blogs/171924/All-You-Want-To-Know-About-Gogoanime https://pwonline.ru/forums/fredirect.php?url=https://gogoanimex.me https://www.merdeka.com/?c=%3Ch1%3E%3Ca%20href=%22https://gogoanimex.me/category/bungou-stray-dogs%22%3Ebungou-stray-dogs-gogoanime%3C/a%3E%3C/h1%3E http://services.nfpa.org/Authentication/GetSSOSession.aspx?return=https://gogoanimex.me/ https://tool.lusongsong.com/Alexa/21.php?url=%3Ca%20href=%22https://gogoanimex.me/category/spy-kyoushitsu%22%3Espy-kyoushitsu-gogoanime%3C/a%3E https://tool.lusongsong.com/Alexa/21.php?url=%3Ca%20href=%22https://gogoanimex.me/category/kono-subarashii-sekai-ni-shukufuku-wo-3%22%3Ekono-subarashii-sekai-ni-shukufuku-wo-3-GogoAnime%3C/a%3E https://www.middlesex.mass.edu/templateinframes/?Site=Help=https://gogoanimex.me https://www.merdeka.com/?c=%3Ch1%3E%3Ca%20href=%22https://gogoanimex.me/category/spy-kyoushitsu%22%3Espy-kyoushitsu-gogoanime%3C/a%3E%3C/h1%3E https://www.merdeka.com/?c=%3Ch1%3E%3Ca%20href=%22https://gogoanimex.me/category/kimi-wa-houkago-insomnia%22%3Ekimi-wa-houkago-insomnia-gogoanime%3C/a%3E%3C/h1%3E https://www.merdeka.com/?c=%3Ch1%3E%3Ca%20href=%22https://gogoanimex.me/category/kimetsu-no-yaiba-yuukaku-hen%22%3Ekimetsu-no-yaiba-yuukaku-hen-gogoanime%3C/a%3E%3C/h1%3E https://www.merdeka.com/?c=%3Ch1%3E%3Ca%20href=%22https://gogoanimex.me/category/tsuki-ga-michibiku-isekai-douchuu-2nd-season%22%3Etsuki-ga-michibiku-isekai-douchuu-2nd-season-GogoAnime%3C/a%3E%3C/h1%3E https://tool.lusongsong.com/Alexa/21.php?url=%3Ca%20href=%22https://gogoanimex.me/category/lord-el-melloi-ii-sei-no-jikenbo-rail-zeppelin-grace-note%22%3Elord-el-melloi-ii-sei-no-jikenbo-rail-zeppelin-grace-note-gogoanime%3C/a%3E https://tool.lusongsong.com/Alexa/21.php?url=%3Ca%20href=%22https://gogoanimex.me/category/ore-dake-level-up-na-ken%22%3Eore-dake-level-up-na-ken-GogoAnime%3C/a%3E https://www.merdeka.com/?c=%3Ch1%3E%3Ca%20href=%22https://gogoanimex.me/category/ore-dake-level-up-na-ken%22%3Eore-dake-level-up-na-ken-GogoAnime%3C/a%3E%3C/h1%3E https://www.merdeka.com/?c=%3Ch1%3E%3Ca%20href=%22https://gogoanimex.me/category/detective-conan%22%3Edetective-conan-GogoAnime%3C/a%3E%3C/h1%3E https://tool.lusongsong.com/Alexa/21.php?url=%3Ca%20href=%22https://gogoanimex.me/category/girls-band-cry%22%3Egirls-band-cry-GogoAnime%3C/a%3E https://auth.uq.edu.au/idp/module.php/core/loginuserpass.php?AuthState=_8c8c1c15cd67c821ee4e342ec9e5dc32e21f491c33:https://gogoanimex.me https://www.merdeka.com/?c=%3Ch1%3E%3Ca%20href=%22https://gogoanimex.me/category/kono-subarashii-sekai-ni-shukufuku-wo-3%22%3Ekono-subarashii-sekai-ni-shukufuku-wo-3-GogoAnime%3C/a%3E%3C/h1%3E https://ecms.des.wa.gov/ECMSUserManager/ForgotPassword.aspx?system=5=https://gogoanimex.me https://bbs.vivo.com/in/link?target=https://gogoanimex.me/hitori-no-shita-the-outcast-2nd-season-episode-1 https://tool.lusongsong.com/Alexa/21.php?url=%3Ca%20href=%22https://gogoanimex.me/category/nierautomata-ver1-1a%22%3Enierautomata-ver1-1a-gogoanime%3C/a%3E https://www.pasda.psu.edu/uci/lancasterAgreement.aspx?File=https://gogoanimex.me https://track-registry.theknot.com/track/forward/d191573b-9d7d-4bcc-8d7b-45ccb411128b?rt=10275=https://gogoanimex.me https://tool.lusongsong.com/Alexa/21.php?url=%3Ca%20href=%22https://gogoanimex.me/category/kimetsu-no-yaiba-yuukaku-hen%22%3Ekimetsu-no-yaiba-yuukaku-hen-gogoanime%3C/a%3E https://tool.lusongsong.com/Alexa/21.php?url=%3Ca%20href=%22https://gogoanimex.me/category/gakusen-toshi-asterisk-2nd-season%22%3Egakusen-toshi-asterisk-2nd-season-gogoanime%3C/a%3E https://www.merdeka.com/?c=%3Ch1%3E%3Ca%20href=%22https://gogoanimex.me/category/gakusen-toshi-asterisk-2nd-season%22%3Egakusen-toshi-asterisk-2nd-season-gogoanime%3C/a%3E%3C/h1%3E https://tool.lusongsong.com/Alexa/21.php?url=%3Ca%20href=%22https://gogoanimex.me/category/tensei-shitara-slime-datta-ken-2nd-season%22%3Etensei-shitara-slime-datta-ken-2nd-season-gogoanime%3C/a%3E https://tool.lusongsong.com/Alexa/21.php?url=%3Ca%20href=%22https://gogoanimex.me/category/bungou-stray-dogs%22%3Ebungou-stray-dogs-gogoanime%3C/a%3E https://www.merdeka.com/?c=%3Ch1%3E%3Ca%20href=%22https://gogoanimex.me/category/date-a-live-v%22%3Edate-a-live-v-GogoAnime%3C/a%3E%3C/h1%3E https://www.merdeka.com/?c=%3Ch1%3E%3Ca%20href=%22https://gogoanimex.me/category/prison-school%22%3Eprison-school-GogoAnime%3C/a%3E%3C/h1%3E https://guru.sanook.com/?URL=https://gogoanimex.me/category/hitori-no-shita-the-outcast
(tomcat) branch main updated: Revert following failed testing
This is an automated email from the ASF dual-hosted git repository. remm pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/main by this push: new f57681c6ef Revert following failed testing f57681c6ef is described below commit f57681c6ef0f0ebfc1f1c179732448f31433a6c8 Author: remm AuthorDate: Thu Jun 27 23:03:32 2024 +0200 Revert following failed testing --- .github/workflows/ci.yml | 4 +--- java/org/apache/tomcat/util/openssl/openssl_h.java | 14 +++--- 2 files changed, 12 insertions(+), 6 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 89a3f1eb4c..5ee36e337c 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -33,14 +33,12 @@ jobs: isMain: - ${{ contains(github.ref, 'main') }} java: [ 17, 21, 22 ] -os: [ ubuntu-latest, windows-latest, macos-latest ] +os: [ ubuntu-latest, windows-latest ] exclude: - isMain: true java: 17 - os: windows-latest java: 21 - - os: macos-latest -java: 21 name: JDK${{ matrix.java }} ${{ matrix.os }} runs-on: ${{ matrix.os }} steps: diff --git a/java/org/apache/tomcat/util/openssl/openssl_h.java b/java/org/apache/tomcat/util/openssl/openssl_h.java index a8f5777bdb..3c0dcd2046 100644 --- a/java/org/apache/tomcat/util/openssl/openssl_h.java +++ b/java/org/apache/tomcat/util/openssl/openssl_h.java @@ -22,6 +22,7 @@ package org.apache.tomcat.util.openssl; import java.lang.invoke.MethodHandle; import java.lang.invoke.MethodHandles; import java.util.Arrays; +import java.util.Locale; import java.util.stream.Collectors; import java.lang.foreign.*; import static java.lang.foreign.ValueLayout.*; @@ -49,9 +50,16 @@ public class openssl_h { static final boolean TRACE_DOWNCALLS = Boolean.getBoolean("jextract.trace.downcalls"); static final SymbolLookup SYMBOL_LOOKUP; static { -SYMBOL_LOOKUP = SymbolLookup.libraryLookup(System.mapLibraryName("ssl"), LIBRARY_ARENA) -.or(SymbolLookup.loaderLookup()) -.or(Linker.nativeLinker().defaultLookup()); +String os = System.getProperty("os.name").toLowerCase(Locale.ENGLISH); +// Note: Library loading is not portable for MacOS https://github.com/sergot/openssl/issues/81 +if (os.indexOf("mac") >= 0) { +System.loadLibrary("ssl"); +SYMBOL_LOOKUP = SymbolLookup.loaderLookup().or(Linker.nativeLinker().defaultLookup()); +} else { +SYMBOL_LOOKUP = SymbolLookup.libraryLookup(System.mapLibraryName("ssl"), LIBRARY_ARENA) +.or(SymbolLookup.loaderLookup()) +.or(Linker.nativeLinker().defaultLookup()); +} } static void traceDowncall(String name, Object... args) { - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
(tomcat) branch main updated: Retest new library loading code on MacOS using GH CI
This is an automated email from the ASF dual-hosted git repository. remm pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/main by this push: new e4ffa0fe09 Retest new library loading code on MacOS using GH CI e4ffa0fe09 is described below commit e4ffa0fe0985a848eecbd3d7c6c3250ecc025ea0 Author: remm AuthorDate: Thu Jun 27 22:25:56 2024 +0200 Retest new library loading code on MacOS using GH CI --- .github/workflows/ci.yml | 4 +++- java/org/apache/tomcat/util/openssl/openssl_h.java | 14 +++--- 2 files changed, 6 insertions(+), 12 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 5ee36e337c..89a3f1eb4c 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -33,12 +33,14 @@ jobs: isMain: - ${{ contains(github.ref, 'main') }} java: [ 17, 21, 22 ] -os: [ ubuntu-latest, windows-latest ] +os: [ ubuntu-latest, windows-latest, macos-latest ] exclude: - isMain: true java: 17 - os: windows-latest java: 21 + - os: macos-latest +java: 21 name: JDK${{ matrix.java }} ${{ matrix.os }} runs-on: ${{ matrix.os }} steps: diff --git a/java/org/apache/tomcat/util/openssl/openssl_h.java b/java/org/apache/tomcat/util/openssl/openssl_h.java index 3c0dcd2046..a8f5777bdb 100644 --- a/java/org/apache/tomcat/util/openssl/openssl_h.java +++ b/java/org/apache/tomcat/util/openssl/openssl_h.java @@ -22,7 +22,6 @@ package org.apache.tomcat.util.openssl; import java.lang.invoke.MethodHandle; import java.lang.invoke.MethodHandles; import java.util.Arrays; -import java.util.Locale; import java.util.stream.Collectors; import java.lang.foreign.*; import static java.lang.foreign.ValueLayout.*; @@ -50,16 +49,9 @@ public class openssl_h { static final boolean TRACE_DOWNCALLS = Boolean.getBoolean("jextract.trace.downcalls"); static final SymbolLookup SYMBOL_LOOKUP; static { -String os = System.getProperty("os.name").toLowerCase(Locale.ENGLISH); -// Note: Library loading is not portable for MacOS https://github.com/sergot/openssl/issues/81 -if (os.indexOf("mac") >= 0) { -System.loadLibrary("ssl"); -SYMBOL_LOOKUP = SymbolLookup.loaderLookup().or(Linker.nativeLinker().defaultLookup()); -} else { -SYMBOL_LOOKUP = SymbolLookup.libraryLookup(System.mapLibraryName("ssl"), LIBRARY_ARENA) -.or(SymbolLookup.loaderLookup()) -.or(Linker.nativeLinker().defaultLookup()); -} +SYMBOL_LOOKUP = SymbolLookup.libraryLookup(System.mapLibraryName("ssl"), LIBRARY_ARENA) +.or(SymbolLookup.loaderLookup()) +.or(Linker.nativeLinker().defaultLookup()); } static void traceDowncall(String name, Object... args) { - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
(tomcat) branch main updated: Revert
This is an automated email from the ASF dual-hosted git repository. remm pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/main by this push: new 26d30fc0b7 Revert 26d30fc0b7 is described below commit 26d30fc0b7b769fe11385d019aa521dd705ff7b5 Author: remm AuthorDate: Thu Jun 27 22:21:34 2024 +0200 Revert As Mark pointed out, continue-on-error false prevents the individual test logs from being available. However, the run's failure (if any) is not really visible in that case. --- .github/workflows/ci.yml | 7 --- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index e907d5ff77..5ee36e337c 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -33,14 +33,12 @@ jobs: isMain: - ${{ contains(github.ref, 'main') }} java: [ 17, 21, 22 ] -os: [ ubuntu-latest, windows-latest, macos-latest ] +os: [ ubuntu-latest, windows-latest ] exclude: - isMain: true java: 17 - os: windows-latest java: 21 - - os: macos-latest -java: 21 name: JDK${{ matrix.java }} ${{ matrix.os }} runs-on: ${{ matrix.os }} steps: @@ -56,6 +54,9 @@ jobs: ant -noinput echoproperties deploy embed test-nio test-status env: ANT_OPTS: -Dtest.openssl.exists=false -Dtest.excludePerformance=true -Dtest.exclude=jakarta/servlet/http/TestHttpServletDoHeadValidWrite0.java,jakarta/servlet/http/TestHttpServletDoHeadValidWrite1023.java,jakarta/servlet/http/TestHttpServletDoHeadValidWrite1024.java,jakarta/servlet/http/TestHttpServletDoHeadValidWrite1025.java,jakarta/servlet/http/TestHttpServletDoHeadValidWrite1.java,jakarta/servlet/http/TestHttpServletDoHeadValidWrite511.java,jakarta/servlet/http/TestHttpServle [...] + + continue-on-error: +true - name: Upload logs uses: actions/upload-artifact@v4 with: - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Buildbot success in on tomcat-11.0.x
Build status: Build succeeded! Worker used: bb_worker2_ubuntu URL: https://ci2.apache.org/#builders/112/builds/1157 Blamelist: Mark Thomas , remm Build Text: build successful Status Detected: restored build Build Source Stamp: [branch main] 62567d8321ef8fae2f4c07d0b617281b3952ce2b Steps: worker_preparation: 0 git: 0 shell: 0 shell_1: 0 shell_2: 0 shell_3: 0 shell_4: 0 shell_5: 0 shell_6: 0 compile: 1 shell_7: 0 shell_8: 0 shell_9: 0 shell_10: 0 Rsync docs to nightlies.apache.org: 0 shell_11: 0 Rsync RAT to nightlies.apache.org: 0 compile_1: 1 shell_12: 0 Rsync Logs to nightlies.apache.org: 0 -- ASF Buildbot - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
(tomcat) branch main updated: Remove continue-on-error
This is an automated email from the ASF dual-hosted git repository. remm pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/main by this push: new cde8ceabf8 Remove continue-on-error cde8ceabf8 is described below commit cde8ceabf8c25263681da88f5666eb13cab21a77 Author: remm AuthorDate: Thu Jun 27 20:51:45 2024 +0200 Remove continue-on-error This seems to make the smoke test always pass (with an error annotation, but not really visible). Also do a macos Java 22 test, just for one run (quick testing FFM). --- .github/workflows/ci.yml | 7 +++ 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 5ee36e337c..e907d5ff77 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -33,12 +33,14 @@ jobs: isMain: - ${{ contains(github.ref, 'main') }} java: [ 17, 21, 22 ] -os: [ ubuntu-latest, windows-latest ] +os: [ ubuntu-latest, windows-latest, macos-latest ] exclude: - isMain: true java: 17 - os: windows-latest java: 21 + - os: macos-latest +java: 21 name: JDK${{ matrix.java }} ${{ matrix.os }} runs-on: ${{ matrix.os }} steps: @@ -54,9 +56,6 @@ jobs: ant -noinput echoproperties deploy embed test-nio test-status env: ANT_OPTS: -Dtest.openssl.exists=false -Dtest.excludePerformance=true -Dtest.exclude=jakarta/servlet/http/TestHttpServletDoHeadValidWrite0.java,jakarta/servlet/http/TestHttpServletDoHeadValidWrite1023.java,jakarta/servlet/http/TestHttpServletDoHeadValidWrite1024.java,jakarta/servlet/http/TestHttpServletDoHeadValidWrite1025.java,jakarta/servlet/http/TestHttpServletDoHeadValidWrite1.java,jakarta/servlet/http/TestHttpServletDoHeadValidWrite511.java,jakarta/servlet/http/TestHttpServle [...] - - continue-on-error: -true - name: Upload logs uses: actions/upload-artifact@v4 with: - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
(tomcat) branch 10.1.x updated: Try to adjust for Windows
This is an automated email from the ASF dual-hosted git repository. remm pushed a commit to branch 10.1.x in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/10.1.x by this push: new 7d90dd6bc5 Try to adjust for Windows 7d90dd6bc5 is described below commit 7d90dd6bc5dcafaab4bf50b9711ac372fb7f06fc Author: remm AuthorDate: Thu Jun 27 20:26:59 2024 +0200 Try to adjust for Windows --- java/org/apache/jasper/compiler/ParserController.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/java/org/apache/jasper/compiler/ParserController.java b/java/org/apache/jasper/compiler/ParserController.java index b35f58331d..2d89348a1e 100644 --- a/java/org/apache/jasper/compiler/ParserController.java +++ b/java/org/apache/jasper/compiler/ParserController.java @@ -533,7 +533,7 @@ class ParserController implements TagConstants { String fileName = inFileName.replace('\\', '/'); boolean isAbsolute = fileName.startsWith("/"); if (!isAbsolute) { -fileName = Paths.get(baseDirStack.peekFirst() + fileName).normalize().toString(); +fileName = Paths.get(baseDirStack.peekFirst() + fileName).normalize().toString().replace('\\', '/'); } String baseDir = fileName.substring(0, fileName.lastIndexOf('/') + 1); baseDirStack.addFirst(baseDir); - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Buildbot success in on tomcat-9.0.x
Build status: Build succeeded! Worker used: bb_worker2_ubuntu URL: https://ci2.apache.org/#builders/37/builds/993 Blamelist: Mark Thomas , remm Build Text: build successful Status Detected: restored build Build Source Stamp: [branch 9.0.x] 4f63ee0786ce9d2a1af5df7e1f054bff06a7 Steps: worker_preparation: 0 git: 0 shell: 0 shell_1: 0 shell_2: 0 shell_3: 0 shell_4: 0 shell_5: 0 compile: 1 shell_6: 0 shell_7: 0 shell_8: 0 shell_9: 0 Rsync docs to nightlies.apache.org: 0 shell_10: 0 Rsync RAT to nightlies.apache.org: 0 compile_1: 1 shell_11: 0 Rsync Logs to nightlies.apache.org: 0 -- ASF Buildbot - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
(tomcat) branch main updated: Try to adjust for Windows
This is an automated email from the ASF dual-hosted git repository. remm pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/main by this push: new 62567d8321 Try to adjust for Windows 62567d8321 is described below commit 62567d8321ef8fae2f4c07d0b617281b3952ce2b Author: remm AuthorDate: Thu Jun 27 20:26:59 2024 +0200 Try to adjust for Windows --- java/org/apache/jasper/compiler/ParserController.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/java/org/apache/jasper/compiler/ParserController.java b/java/org/apache/jasper/compiler/ParserController.java index b35f58331d..2d89348a1e 100644 --- a/java/org/apache/jasper/compiler/ParserController.java +++ b/java/org/apache/jasper/compiler/ParserController.java @@ -533,7 +533,7 @@ class ParserController implements TagConstants { String fileName = inFileName.replace('\\', '/'); boolean isAbsolute = fileName.startsWith("/"); if (!isAbsolute) { -fileName = Paths.get(baseDirStack.peekFirst() + fileName).normalize().toString(); +fileName = Paths.get(baseDirStack.peekFirst() + fileName).normalize().toString().replace('\\', '/'); } String baseDir = fileName.substring(0, fileName.lastIndexOf('/') + 1); baseDirStack.addFirst(baseDir); - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 61542] Apache Tomcat Remote Code Execution via JSP Upload bypass
https://bz.apache.org/bugzilla/show_bug.cgi?id=61542 Chuck Caldarale changed: What|Removed |Added URL|https://forum.czaswojny.int | |eria.pl/index.php?page=User | |=30514 | -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 61542] Apache Tomcat Remote Code Execution via JSP Upload bypass
https://bz.apache.org/bugzilla/show_bug.cgi?id=61542 user1000 <2305g...@navalcadets.com> changed: What|Removed |Added URL||https://forum.czaswojny.int ||eria.pl/index.php?page=User ||=30514 -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: Reduce default for maxParameterCount
Michael, On 6/27/24 08:46, Michael Osipov wrote: On 2023/03/09 14:23:33 Christopher Schultz wrote: A potential use-case for "large numbers of parameters" might be an application that uses something like a multi-select list and the number of choices is stupendously high. As in, when the application was designed, the designers said "we can use a multi-select list for this postal-code selector" and then 5-10 years later, someone said "hey let's dump all postal codes in the entire US into this multi-select" and there you have thousands of possibilities which the browser will happily package-off to the server. FTR, guess what? We have been hit by this. Nostradamus. We have an HTML form for the user where he sees a diff between a src and dest. Technical values, can be thousands. The selected value ids are POSTed. Users have been complaining that they miss data. I took me some time to remember (actually weeks between report and memory) that I have replicated maxParameterCount="1000" to our server.xml without using FailedRequestFilter. Retrospectively, it should have gone hand in hand with that filter and not without. Rather fail fast than suffer data truncation. I don't think there is really a way for us to push a into all web applications. I mean... there MAY be a way to do it, but it will likely be ugly and we would also have to "move" it if the application defines filters in a specific order including the FailedRequestFilter. The good news is it doesn't do anything weird like trigger request-parsing or try to do anything with character sets or whatever. The real question is whether or not this kind of thing should be handled in a Filter or just handled by Tomcat itself. Why bother waiting for the application to check: just throw an exception and kill the request processing. It could be a well-documented Exception class that any application could configure in an configuration and they can intercept it. -chris - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Buildbot failure in on tomcat-11.0.x
Build status: BUILD FAILED: failed compile (failure) Worker used: bb_worker2_ubuntu URL: https://ci2.apache.org/#builders/112/builds/1156 Blamelist: Mark Thomas Build Text: failed compile (failure) Status Detected: new failure Build Source Stamp: [branch main] 2d47ecf17f23593fd18c3285467531ff5e1545e8 Steps: worker_preparation: 0 git: 0 shell: 0 shell_1: 0 shell_2: 0 shell_3: 0 shell_4: 0 shell_5: 0 shell_6: 0 compile: 1 shell_7: 0 shell_8: 0 shell_9: 0 shell_10: 0 Rsync docs to nightlies.apache.org: 0 shell_11: 0 Rsync RAT to nightlies.apache.org: 0 compile_1: 2 shell_12: 0 Rsync Logs to nightlies.apache.org: 0 -- ASF Buildbot - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: (tomcat) branch main updated: Remove cglib dependency
Mark, \O/ | -chris On 6/26/24 11:45, ma...@apache.org wrote: This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/main by this push: new 449226d587 Remove cglib dependency 449226d587 is described below commit 449226d5874757f29663c177b3815bc6c240b089 Author: Mark Thomas AuthorDate: Wed Jun 26 16:44:54 2024 +0100 Remove cglib dependency --- build.properties.default| 13 ++--- build.xml | 11 --- res/ide-support/eclipse/eclipse.classpath | 1 - res/ide-support/idea/tomcat.iml | 9 - res/ide-support/netbeans/nb-tomcat-build.properties | 2 +- res/ide-support/netbeans/project.xml| 2 +- webapps/docs/changelog.xml | 4 7 files changed, 8 insertions(+), 34 deletions(-) diff --git a/build.properties.default b/build.properties.default index 0484c69fe6..01e7dc000b 100644 --- a/build.properties.default +++ b/build.properties.default @@ -216,7 +216,7 @@ hamcrest.home=${base.path}/hamcrest-${hamcrest.version} hamcrest.jar=${hamcrest.home}/hamcrest-${hamcrest.version}.jar hamcrest.loc=${base-maven.loc}/org/hamcrest/hamcrest/${hamcrest.version}/hamcrest-${hamcrest.version}.jar -# - EasyMock, version 3.2 or later - +# - EasyMock, version 4.0 or later - easymock.version=4.3 easymock.checksum.enabled=true easymock.checksum.algorithm=MD5|SHA-1 @@ -225,16 +225,7 @@ easymock.home=${base.path}/easymock-${easymock.version} easymock.jar=${easymock.home}/easymock-${easymock.version}.jar easymock.loc=${base-maven.loc}/org/easymock/easymock/${easymock.version}/easymock-${easymock.version}.jar -# - cglib, used by EasyMock, version 2.2 or later - -cglib.version=3.3.0 -cglib.checksum.enabled=true -cglib.checksum.algorithm=SHA-512 -cglib.checksum.value=faa1d2121e87ae69e179e3aae217accd0834e0da716b91a029fd526e192612e71675f2740bedf48e23ef1edc45f672a2be1b3e78bbfb1ad59c96dd3d2feeedba -cglib.home=${base.path}/cglib-${cglib.version} -cglib.jar=${cglib.home}/cglib-nodep-${cglib.version}.jar -cglib.loc=${base-maven.loc}/cglib/cglib-nodep/${cglib.version}/cglib-nodep-${cglib.version}.jar - -# - objenesis, used by EasyMock, version 1.2 or later - +# - objenesis, used by EasyMock, version 3.0.1 or later - objenesis.version=3.4 objenesis.checksum.enabled=true objenesis.checksum.algorithm=MD5|SHA-1 diff --git a/build.xml b/build.xml index b1fe152e54..214ccb2cfd 100644 --- a/build.xml +++ b/build.xml @@ -247,7 +247,6 @@ - @@ -263,7 +262,6 @@ - @@ -3395,15 +3393,6 @@ asf.ldap.username=${release.asfusername} - - - - - - - - - diff --git a/res/ide-support/eclipse/eclipse.classpath b/res/ide-support/eclipse/eclipse.classpath index 06cb31a56c..74456da20c 100644 --- a/res/ide-support/eclipse/eclipse.classpath +++ b/res/ide-support/eclipse/eclipse.classpath @@ -33,7 +33,6 @@ - diff --git a/res/ide-support/idea/tomcat.iml b/res/ide-support/idea/tomcat.iml index 95b36c35b1..5fc18897e4 100644 --- a/res/ide-support/idea/tomcat.iml +++ b/res/ide-support/idea/tomcat.iml @@ -81,15 +81,6 @@ - - - - - - - - - diff --git a/res/ide-support/netbeans/nb-tomcat-build.properties b/res/ide-support/netbeans/nb-tomcat-build.properties index 165bc2c1e4..dd4aac3c40 100644 --- a/res/ide-support/netbeans/nb-tomcat-build.properties +++ b/res/ide-support/netbeans/nb-tomcat-build.properties @@ -37,7 +37,7 @@ nb-test.io-method=org.apache.coyote.http11.Http11NioProtocol # it is not possible to retrieve the classpaths from the build to # use in the NetBeans targets, so they must be explicitly declared -nb-test.classpath=${test.classes}:${tomcat.build}/webapps/examples/WEB-INF/classes:@JUNIT_JAR@:@EASYMOCK_JAR@:@OBJENESIS_JAR@:@CGLIB_JAR@:@HAMCREST_JAR@:@ECJ_JAR@:@UNBOUNDID_JAR@:${tomcat.classes} +nb-test.classpath=${test.classes}:${tomcat.build}/webapps/examples/WEB-INF/classes:@JUNIT_JAR@:@EASYMOCK_JAR@:@OBJENESIS_JAR@:@HAMCREST_JAR@:@ECJ_JAR@:@UNBOUNDID_JAR@:${tomcat.classes} # Extra properties used by the Tomcat project additional NetBeans targets. diff --git a/res/ide-support/netbeans/project.xml b/res/ide-support/netbeans/project.xml index 37a55e20ed..71a1c1a84b 100644 --- a/res/ide-support/netbeans/project.xml +++ b/res/ide-support/netbeans/project.xml @@ -189,7 +189,7 @@ test -
Re: [tomcat] 02/03: Experimenting with Semgrep
All, On 6/26/24 11:38, Mark Thomas wrote: On 26/06/2024 16:30, Rémy Maucherat wrote: On Wed, Sep 13, 2023 at 12:53 PM Mark Thomas wrote: On 13/09/2023 11:18, ma...@apache.org wrote: This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/tomcat.git commit a78ed4a68522203def8f0c6b590678b1ff069fc0 Author: Mark Thomas AuthorDate: Wed Sep 13 11:16:49 2023 +0100 Experimenting with Semgrep Semgrep have offered Tomcat free access to the tool so I am setting it up to see if it is useful or not. The initial results are in. Just under 300 findings and they pretty much all look to be some degree of false positive. There are a few things (such as Javadoc links using http rather than https) that we might want to look at but nothing I can see that comes close to something we'd consider to be a vulnerability. I have noticed that the tool isn't good at understanding context. It looks like it is just using a form of grep to look for patterns as it can't distinguish between SomeOtherObject.setSecure() and Cookie.setSecure() I am currently wondering whether the low value results are worth the time it will take to review and dismiss the false positives. Maybe. But I have a long list of things I'd consider more important to do first. If any other committer wants access to the dashboard just ping me a private email and I'll get you added. I looked at the Semgrep output from the GH runs and it seems like a waste of resources in the context of Tomcat (does the ASF pay for the GH workflows ?). Basically, it doesn't like: - Path traversal stuff. - Cookies. - Class.forName. - URL rewriting with session ids. Overall those are very good pieces of advice for apps, but they don't apply to Tomcat. Can we drop it ? +1 +1 If this were an OSS project I would suggest bringing our use-case to their attention and working with them, but as they appear to be 100% commercial I would say just drop it. I see coverity might be used with GH instead. I like the output of that one, although in a few cases I would say it is a bit too good. https://community.synopsys.com/s/article/Coverity-Integrations-GitHub-with-GitHub-Hosted-Runners Would that work ? I'm really bad at GH stuff ... Not sure. That seems to be discussing a private Coverity instance rather than the one we use. -chris - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 61877] use web.xml from CATALINA_HOME by default
https://bz.apache.org/bugzilla/show_bug.cgi?id=61877 --- Comment #10 from Christopher Schultz --- :( -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 69016] HttpURLConnection getOutputStream createCapacityException
https://bz.apache.org/bugzilla/show_bug.cgi?id=69016 --- Comment #8 from Christopher Schultz --- We probably need an "InvalidArgumentException" with a nice error message as well as a documentation-fix. That error message is not readable by "normal people" :) -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: Clarifications and Suggestions on Tomcat Native Binary Distributions
Mark, On 6/24/24 08:14, Mark Thomas wrote: On 21/06/2024 15:35, Dimitris Soumis wrote: Hi all, I hope this message finds you well. I am writing to seek clarifications and provide some suggestions regarding the Tomcat Native binary distributions. Firstly, I have noticed that openssl.exe is included in the Tomcat Native binary distributions. It appears that the .dll file is sufficient for the component to function correctly. Thus, my question is why is openssl.exe included in the distribution? If openssl.exe is not essential, it might be worth considering its removal from the distribution to minimize the vulnerability footprint. Its inclusion predates me acting as release manager for Tomcat Native. If I had to guess, I'd guess that it was included so folks on Windows had an OpenSSL binary to use to work with keys, certificates, signing requests etc. +1 Secondly, I observed that Tomcat Native 1.3.0 does not include the .pdb file, which is present in version 2.0.7. I would like to confirm if this is intentional. No. That looks like an oversight. I feel like I've been told that providing "a debug version" or our .DLL files "was impossible" for #reasons. Would including the .PDB file actually improve anything for downstream users? Additionally, Tomcat Native 1.3.0 contains a deprecated VERSIONS file. Could you be more specific about this. I would also like to suggest pruning the "Building" and "Running the tests" sections in the README.txt for both versions. These sections are not applicable to the binary distribution and their exclusion could make the documentation more concise and user-friendly. I think separate README files for source and binary will be more work to manage and also more error prone. It might be simpler to mark those sections with "(source distribution only)" or similar. What would really make more sense would be to clean-up the whole source tree. It's still pretending that there is some significant Java portion of the project. Any time I check it out of revision-control or download a source distro, I *always* cd directly to tcnative/native and never do anything at all in tcnative/(root). The current tests are practicly useless. They do confirm that tcnative is being loaded, but not much else. I would love to have a proper test-harness for the non-Java components e.g. "make test" but maybe all we would really be testing would be plumbing, so ironically adding more Java code is the better solution. Thoughts? Lastly, I noticed a minor issue, the NOTICE file for both releases contains an outdated copyright date. Could you be more specific. The NOTICE file in both tags looks to have the correct date. -chris - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
(tomcat) branch 9.0.x updated: Fix Java 11 source compatibility
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch 9.0.x in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/9.0.x by this push: new 4f63ee Fix Java 11 source compatibility 4f63ee is described below commit 4f63ee0786ce9d2a1af5df7e1f054bff06a7 Author: Mark Thomas AuthorDate: Thu Jun 27 17:34:09 2024 +0100 Fix Java 11 source compatibility --- test/org/apache/catalina/manager/TestStatusTransformer.java | 11 --- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/test/org/apache/catalina/manager/TestStatusTransformer.java b/test/org/apache/catalina/manager/TestStatusTransformer.java index 78bcba76c8..c92f67a7df 100644 --- a/test/org/apache/catalina/manager/TestStatusTransformer.java +++ b/test/org/apache/catalina/manager/TestStatusTransformer.java @@ -91,9 +91,14 @@ public class TestStatusTransformer extends TomcatBaseTest { String requestline = null; switch (mode) { -case XML -> requestline = "GET /status/all?XML=true HTTP/1.1"; -case JSON -> requestline = "GET /status/all?JSON=true HTTP/1.1"; -default -> requestline = "GET /status/all HTTP/1.1"; +case XML: +requestline = "GET /status/all?XML=true HTTP/1.1"; +break; +case JSON: +requestline = "GET /status/all?JSON=true HTTP/1.1"; +break; +default: +requestline = "GET /status/all HTTP/1.1"; } client.setRequest(new String[] { requestline + CRLF + - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
(tomcat) 04/04: Fix Java 11 source compatibility
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch 10.1.x in repository https://gitbox.apache.org/repos/asf/tomcat.git commit fb7adcd900242da3e7c5f13deeeb3d79b22a2327 Author: Mark Thomas AuthorDate: Thu Jun 27 17:34:09 2024 +0100 Fix Java 11 source compatibility --- test/org/apache/catalina/manager/TestStatusTransformer.java | 11 --- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/test/org/apache/catalina/manager/TestStatusTransformer.java b/test/org/apache/catalina/manager/TestStatusTransformer.java index 78bcba76c8..c92f67a7df 100644 --- a/test/org/apache/catalina/manager/TestStatusTransformer.java +++ b/test/org/apache/catalina/manager/TestStatusTransformer.java @@ -91,9 +91,14 @@ public class TestStatusTransformer extends TomcatBaseTest { String requestline = null; switch (mode) { -case XML -> requestline = "GET /status/all?XML=true HTTP/1.1"; -case JSON -> requestline = "GET /status/all?JSON=true HTTP/1.1"; -default -> requestline = "GET /status/all HTTP/1.1"; +case XML: +requestline = "GET /status/all?XML=true HTTP/1.1"; +break; +case JSON: +requestline = "GET /status/all?JSON=true HTTP/1.1"; +break; +default: +requestline = "GET /status/all HTTP/1.1"; } client.setRequest(new String[] { requestline + CRLF + - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
(tomcat) 02/04: Expand BZ 69135 fix - fix relative includes inside JAR file
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch 10.1.x in repository https://gitbox.apache.org/repos/asf/tomcat.git commit 06b311e3ee7504c9a565399c252a362e939e7607 Author: Mark Thomas AuthorDate: Thu Jun 27 14:52:59 2024 +0100 Expand BZ 69135 fix - fix relative includes inside JAR file --- java/org/apache/jasper/compiler/ParserController.java | 5 - test/org/apache/jasper/TestJspCompilationContext.java | 6 +- test/webapp/WEB-INF/lib/bug69135-lib.jar | Bin 2443 -> 7365 bytes test/webapp/bug6/bug69135.jsp | 3 ++- 4 files changed, 11 insertions(+), 3 deletions(-) diff --git a/java/org/apache/jasper/compiler/ParserController.java b/java/org/apache/jasper/compiler/ParserController.java index 01e2b2a336..1b92d60b98 100644 --- a/java/org/apache/jasper/compiler/ParserController.java +++ b/java/org/apache/jasper/compiler/ParserController.java @@ -20,6 +20,7 @@ import java.io.BufferedInputStream; import java.io.FileNotFoundException; import java.io.IOException; import java.io.InputStreamReader; +import java.nio.file.Paths; import java.util.ArrayDeque; import java.util.Deque; @@ -519,7 +520,9 @@ class ParserController implements TagConstants { private String resolveFileName(String inFileName) { String fileName = inFileName.replace('\\', '/'); boolean isAbsolute = fileName.startsWith("/"); -fileName = isAbsolute ? fileName : baseDirStack.peekFirst() + fileName; +if (!isAbsolute) { +fileName = Paths.get(baseDirStack.peekFirst() + fileName).normalize().toString(); +} String baseDir = fileName.substring(0, fileName.lastIndexOf('/') + 1); baseDirStack.addFirst(baseDir); return fileName; diff --git a/test/org/apache/jasper/TestJspCompilationContext.java b/test/org/apache/jasper/TestJspCompilationContext.java index c86f18c8c4..bfd1671132 100644 --- a/test/org/apache/jasper/TestJspCompilationContext.java +++ b/test/org/apache/jasper/TestJspCompilationContext.java @@ -77,7 +77,7 @@ public class TestJspCompilationContext extends TomcatBaseTest { * Test case for https://bz.apache.org/bugzilla/show_bug.cgi?id=69135 */ @Test -public void testTagFileInJarIncludeAbsolute() throws Exception { +public void testTagFileInJarIncludesValid() throws Exception { getTomcatInstanceTestWebapp(false, true); ByteChunk body = new ByteChunk(); @@ -86,7 +86,11 @@ public class TestJspCompilationContext extends TomcatBaseTest { "/test/bug6/bug69135.jsp", body, null); Assert.assertEquals(HttpServletResponse.SC_OK, rc); + +// Context relative include (starts with "/") Assert.assertTrue(body.toString(), body.toString().contains("00 - OK")); +// Resource relative include (does not start with "/") +Assert.assertTrue(body.toString(), body.toString().contains("01 - OK")); } } diff --git a/test/webapp/WEB-INF/lib/bug69135-lib.jar b/test/webapp/WEB-INF/lib/bug69135-lib.jar index 433ffa286b..9080642316 100644 Binary files a/test/webapp/WEB-INF/lib/bug69135-lib.jar and b/test/webapp/WEB-INF/lib/bug69135-lib.jar differ diff --git a/test/webapp/bug6/bug69135.jsp b/test/webapp/bug6/bug69135.jsp index 8f0bc85e82..98163fca02 100644 --- a/test/webapp/bug6/bug69135.jsp +++ b/test/webapp/bug6/bug69135.jsp @@ -15,4 +15,5 @@ limitations under the License. --%> <%@ taglib uri="http://tomcat.apache.org/bug69135-lib; prefix="bz69135" %> - \ No newline at end of file + + \ No newline at end of file - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
(tomcat) 01/04: Partial fix for BZ 69135
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch 10.1.x in repository https://gitbox.apache.org/repos/asf/tomcat.git commit c6b35f33ea4eda5b4b524b4e4b74abfe00920d47 Author: Mark Thomas AuthorDate: Thu Jun 27 12:30:47 2024 +0100 Partial fix for BZ 69135 Include directives where the file attribute starts with "/" should be relative to the context ROOT (rather than the JAR root when the file with the include is packaged in a JAR). --- java/org/apache/jasper/compiler/Parser.java | 10 +- .../catalina/loader/TestVirtualWebappLoader.java | 4 ++-- test/org/apache/jasper/TestJspCompilationContext.java | 18 ++ test/webapp/WEB-INF/lib/bug69135-lib.jar | Bin 0 -> 2443 bytes test/webapp/bug6/bug69135.jsp | 18 ++ test/webapp/ok.tagf | 16 6 files changed, 63 insertions(+), 3 deletions(-) diff --git a/java/org/apache/jasper/compiler/Parser.java b/java/org/apache/jasper/compiler/Parser.java index cc0be77c64..b3f08df5b6 100644 --- a/java/org/apache/jasper/compiler/Parser.java +++ b/java/org/apache/jasper/compiler/Parser.java @@ -338,7 +338,15 @@ class Parser implements TagConstants { } try { -parserController.parse(file, parent, jar); +/* + * Include directive defined by 1.10.3 which references 1.2.1 for the file attribute. As per 1.2.1, paths + * starting with "/" are context relative. + */ +if (file.startsWith("/")) { +parserController.parse(file, parent, null); +} else { +parserController.parse(file, parent, jar); +} } catch (FileNotFoundException ex) { err.jspError(start, "jsp.error.file.not.found", file); } catch (Exception ex) { diff --git a/test/org/apache/catalina/loader/TestVirtualWebappLoader.java b/test/org/apache/catalina/loader/TestVirtualWebappLoader.java index 8a158a9dd9..460341740d 100644 --- a/test/org/apache/catalina/loader/TestVirtualWebappLoader.java +++ b/test/org/apache/catalina/loader/TestVirtualWebappLoader.java @@ -89,7 +89,7 @@ public class TestVirtualWebappLoader extends TomcatBaseTest { loader.start(); String[] repos = loader.getLoaderRepositories(); -Assert.assertEquals(4,repos.length); +Assert.assertEquals(5,repos.length); loader.stop(); repos = loader.getLoaderRepositories(); @@ -98,7 +98,7 @@ public class TestVirtualWebappLoader extends TomcatBaseTest { // no leak loader.start(); repos = loader.getLoaderRepositories(); -Assert.assertEquals(4,repos.length); +Assert.assertEquals(5,repos.length); // clear loader ctx.setLoader(null); diff --git a/test/org/apache/jasper/TestJspCompilationContext.java b/test/org/apache/jasper/TestJspCompilationContext.java index 25236ac771..c86f18c8c4 100644 --- a/test/org/apache/jasper/TestJspCompilationContext.java +++ b/test/org/apache/jasper/TestJspCompilationContext.java @@ -71,4 +71,22 @@ public class TestJspCompilationContext extends TomcatBaseTest { Assert.assertEquals(HttpServletResponse.SC_OK, rc); Assert.assertTrue(body.toString().contains("00 - OK")); } + + +/* + * Test case for https://bz.apache.org/bugzilla/show_bug.cgi?id=69135 + */ +@Test +public void testTagFileInJarIncludeAbsolute() throws Exception { +getTomcatInstanceTestWebapp(false, true); + +ByteChunk body = new ByteChunk(); + +int rc = getUrl("http://localhost:; + getPort() + +"/test/bug6/bug69135.jsp", body, null); + +Assert.assertEquals(HttpServletResponse.SC_OK, rc); +Assert.assertTrue(body.toString(), body.toString().contains("00 - OK")); + +} } diff --git a/test/webapp/WEB-INF/lib/bug69135-lib.jar b/test/webapp/WEB-INF/lib/bug69135-lib.jar new file mode 100644 index 00..433ffa286b Binary files /dev/null and b/test/webapp/WEB-INF/lib/bug69135-lib.jar differ diff --git a/test/webapp/bug6/bug69135.jsp b/test/webapp/bug6/bug69135.jsp new file mode 100644 index 00..8f0bc85e82 --- /dev/null +++ b/test/webapp/bug6/bug69135.jsp @@ -0,0 +1,18 @@ +<%-- + Licensed to the Apache Software Foundation (ASF) under one or more + contributor license agreements. See the NOTICE file distributed with + this work for additional information regarding copyright ownership. + The ASF licenses this file to You under the Apache License, Version 2.0 + (the "License"); you may not use this file except in compliance with + the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on
(tomcat) 03/04: Complete fixes for BZ 69135 - prevent escape from /META-INF/tags/
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch 10.1.x in repository https://gitbox.apache.org/repos/asf/tomcat.git commit f23b1ac92a8ae474e9c810201d6a579a90264cf6 Author: Mark Thomas AuthorDate: Thu Jun 27 17:25:49 2024 +0100 Complete fixes for BZ 69135 - prevent escape from /META-INF/tags/ --- .../apache/jasper/compiler/ParserController.java | 12 .../jasper/resources/LocalStrings.properties | 1 + .../apache/jasper/TestJspCompilationContext.java | 32 + test/webapp/WEB-INF/lib/bug69135-lib.jar | Bin 7365 -> 7366 bytes .../bug6/bug69135-invalid-jar-escape.jsp | 18 test/webapp/bug6/bug69135-invalid-jar.jsp | 18 webapps/docs/changelog.xml | 16 +++ 7 files changed, 97 insertions(+) diff --git a/java/org/apache/jasper/compiler/ParserController.java b/java/org/apache/jasper/compiler/ParserController.java index 1b92d60b98..b35f58331d 100644 --- a/java/org/apache/jasper/compiler/ParserController.java +++ b/java/org/apache/jasper/compiler/ParserController.java @@ -43,6 +43,7 @@ import org.xml.sax.Attributes; class ParserController implements TagConstants { private static final String CHARSET = "charset="; +private static final String TAGS_IN_JAR_LOCATION = "/META-INF/tags/"; private final JspCompilationContext ctxt; private final Compiler compiler; @@ -186,6 +187,7 @@ class ParserController implements TagConstants { * @param jar The JAR file from which to read the JSP page or tag file, * or null if the JSP page or tag file is to be read from the filesystem */ +@SuppressWarnings("null") // jar can't be null if processingTagInJar is true private Node.Nodes doParse(String inFileName, Node parent, Jar jar) throws FileNotFoundException, JasperException, IOException { @@ -194,7 +196,17 @@ class ParserController implements TagConstants { isBomPresent = false; isDefaultPageEncoding = false; +boolean processingTagInJar = jar != null && baseDirStack.peekFirst() != null && +baseDirStack.peekFirst().startsWith(TAGS_IN_JAR_LOCATION); String absFileName = resolveFileName(inFileName); +if (processingTagInJar && !absFileName.startsWith(TAGS_IN_JAR_LOCATION)) { +/* + * An included file is being parsed that was included from the standard location for tag files in JAR but + * tries to escape that location to either somewhere in the JAR not under the standard location or outside + * of the JAR. Neither of these are permitted. + */ +err.jspError("jsp.error.invalid.includeInTagFileJar", inFileName, jar.getJarFileURL().toString()); +} String jspConfigPageEnc = getJspConfigPageEncoding(absFileName); // Figure out what type of JSP document and encoding type we are diff --git a/java/org/apache/jasper/resources/LocalStrings.properties b/java/org/apache/jasper/resources/LocalStrings.properties index d97e126885..a09ffe48b6 100644 --- a/java/org/apache/jasper/resources/LocalStrings.properties +++ b/java/org/apache/jasper/resources/LocalStrings.properties @@ -91,6 +91,7 @@ jsp.error.invalid.directive=Invalid directive jsp.error.invalid.expression=[{0}] contains invalid expression(s): [{1}] jsp.error.invalid.implicit=Invalid implicit TLD for tag file at [{0}] jsp.error.invalid.implicit.version=Invalid JSP version defined in implicit TLD for tag file at [{0}] +jsp.error.invalid.includeInTagFileJar=The include [{0}] is not valid since it is outside of /META-INF/tags in the current JAR jsp.error.invalid.name=File [{0}] uses name [{1}] in jsp:getProperty for a bean that was not previously introduced as per JSP.5.3 jsp.error.invalid.scope=Illegal value of ''scope'' attribute: [{0}] (must be one of "page", "request", "session", or "application") jsp.error.invalid.tagdir=Tag file directory [{0}] does not start with "/WEB-INF/tags" diff --git a/test/org/apache/jasper/TestJspCompilationContext.java b/test/org/apache/jasper/TestJspCompilationContext.java index bfd1671132..126fc16e76 100644 --- a/test/org/apache/jasper/TestJspCompilationContext.java +++ b/test/org/apache/jasper/TestJspCompilationContext.java @@ -93,4 +93,36 @@ public class TestJspCompilationContext extends TomcatBaseTest { // Resource relative include (does not start with "/") Assert.assertTrue(body.toString(), body.toString().contains("01 - OK")); } + + +/* + * Test case for https://bz.apache.org/bugzilla/show_bug.cgi?id=69135 + */ +@Test +public void testTagFileInJarIncludesInvalidJar() throws Exception { +getTomcatInstanceTestWebapp(false, true); + +ByteChunk body = new ByteChunk(); + +int rc = getUrl("http://localhost:; + getPort() + +
(tomcat) branch 10.1.x updated (92c37fb1fb -> fb7adcd900)
This is an automated email from the ASF dual-hosted git repository. markt pushed a change to branch 10.1.x in repository https://gitbox.apache.org/repos/asf/tomcat.git from 92c37fb1fb Fix NIO only check new c6b35f33ea Partial fix for BZ 69135 new 06b311e3ee Expand BZ 69135 fix - fix relative includes inside JAR file new f23b1ac92a Complete fixes for BZ 69135 - prevent escape from /META-INF/tags/ new fb7adcd900 Fix Java 11 source compatibility The 4 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "add" were already present in the repository and have only been added to this reference. Summary of changes: java/org/apache/jasper/compiler/Parser.java| 10 +++- .../apache/jasper/compiler/ParserController.java | 17 ++- .../jasper/resources/LocalStrings.properties | 1 + .../catalina/loader/TestVirtualWebappLoader.java | 4 +- .../catalina/manager/TestStatusTransformer.java| 11 +++-- .../apache/jasper/TestJspCompilationContext.java | 54 + test/webapp/WEB-INF/lib/bug69135-lib.jar | Bin 0 -> 7366 bytes .../bug6/bug69135-invalid-jar-escape.jsp} | 8 +-- .../bug6/bug69135-invalid-jar.jsp} | 8 +-- .../bug6/bug69135.jsp} | 9 ++-- .../tags/helloWorld.tag => test/webapp/ok.tagf | 5 +- webapps/docs/changelog.xml | 16 ++ 12 files changed, 115 insertions(+), 28 deletions(-) create mode 100644 test/webapp/WEB-INF/lib/bug69135-lib.jar copy test/{webapp-2.3/el-as-literal.jsp => webapp/bug6/bug69135-invalid-jar-escape.jsp} (84%) copy test/{webapp-2.3/el-as-literal.jsp => webapp/bug6/bug69135-invalid-jar.jsp} (85%) copy test/{webapp-2.3/el-as-literal.jsp => webapp/bug6/bug69135.jsp} (84%) copy webapps/examples/WEB-INF/tags/helloWorld.tag => test/webapp/ok.tagf (97%) - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
(tomcat) 02/03: Expand BZ 69135 fix - fix relative includes inside JAR file
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/tomcat.git commit be232ad503db678c7326d8faba7466f6c36b11df Author: Mark Thomas AuthorDate: Thu Jun 27 14:52:59 2024 +0100 Expand BZ 69135 fix - fix relative includes inside JAR file --- java/org/apache/jasper/compiler/ParserController.java | 5 - test/org/apache/jasper/TestJspCompilationContext.java | 6 +- test/webapp/WEB-INF/lib/bug69135-lib.jar | Bin 2443 -> 7365 bytes test/webapp/bug6/bug69135.jsp | 3 ++- 4 files changed, 11 insertions(+), 3 deletions(-) diff --git a/java/org/apache/jasper/compiler/ParserController.java b/java/org/apache/jasper/compiler/ParserController.java index 01e2b2a336..1b92d60b98 100644 --- a/java/org/apache/jasper/compiler/ParserController.java +++ b/java/org/apache/jasper/compiler/ParserController.java @@ -20,6 +20,7 @@ import java.io.BufferedInputStream; import java.io.FileNotFoundException; import java.io.IOException; import java.io.InputStreamReader; +import java.nio.file.Paths; import java.util.ArrayDeque; import java.util.Deque; @@ -519,7 +520,9 @@ class ParserController implements TagConstants { private String resolveFileName(String inFileName) { String fileName = inFileName.replace('\\', '/'); boolean isAbsolute = fileName.startsWith("/"); -fileName = isAbsolute ? fileName : baseDirStack.peekFirst() + fileName; +if (!isAbsolute) { +fileName = Paths.get(baseDirStack.peekFirst() + fileName).normalize().toString(); +} String baseDir = fileName.substring(0, fileName.lastIndexOf('/') + 1); baseDirStack.addFirst(baseDir); return fileName; diff --git a/test/org/apache/jasper/TestJspCompilationContext.java b/test/org/apache/jasper/TestJspCompilationContext.java index c86f18c8c4..bfd1671132 100644 --- a/test/org/apache/jasper/TestJspCompilationContext.java +++ b/test/org/apache/jasper/TestJspCompilationContext.java @@ -77,7 +77,7 @@ public class TestJspCompilationContext extends TomcatBaseTest { * Test case for https://bz.apache.org/bugzilla/show_bug.cgi?id=69135 */ @Test -public void testTagFileInJarIncludeAbsolute() throws Exception { +public void testTagFileInJarIncludesValid() throws Exception { getTomcatInstanceTestWebapp(false, true); ByteChunk body = new ByteChunk(); @@ -86,7 +86,11 @@ public class TestJspCompilationContext extends TomcatBaseTest { "/test/bug6/bug69135.jsp", body, null); Assert.assertEquals(HttpServletResponse.SC_OK, rc); + +// Context relative include (starts with "/") Assert.assertTrue(body.toString(), body.toString().contains("00 - OK")); +// Resource relative include (does not start with "/") +Assert.assertTrue(body.toString(), body.toString().contains("01 - OK")); } } diff --git a/test/webapp/WEB-INF/lib/bug69135-lib.jar b/test/webapp/WEB-INF/lib/bug69135-lib.jar index 433ffa286b..9080642316 100644 Binary files a/test/webapp/WEB-INF/lib/bug69135-lib.jar and b/test/webapp/WEB-INF/lib/bug69135-lib.jar differ diff --git a/test/webapp/bug6/bug69135.jsp b/test/webapp/bug6/bug69135.jsp index 8f0bc85e82..98163fca02 100644 --- a/test/webapp/bug6/bug69135.jsp +++ b/test/webapp/bug6/bug69135.jsp @@ -15,4 +15,5 @@ limitations under the License. --%> <%@ taglib uri="http://tomcat.apache.org/bug69135-lib; prefix="bz69135" %> - \ No newline at end of file + + \ No newline at end of file - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
(tomcat) branch main updated (2ef17f020f -> 2d47ecf17f)
This is an automated email from the ASF dual-hosted git repository. markt pushed a change to branch main in repository https://gitbox.apache.org/repos/asf/tomcat.git from 2ef17f020f Fix NIO only check new 658b5b61e9 Partial fix for BZ 69135 new be232ad503 Expand BZ 69135 fix - fix relative includes inside JAR file new 2d47ecf17f Complete fixes for BZ 69135 - prevent escape from /META-INF/tags/ The 3 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "add" were already present in the repository and have only been added to this reference. Summary of changes: java/org/apache/jasper/compiler/Parser.java| 10 +++- .../apache/jasper/compiler/ParserController.java | 17 ++- .../jasper/resources/LocalStrings.properties | 1 + .../catalina/loader/TestVirtualWebappLoader.java | 4 +- .../apache/jasper/TestJspCompilationContext.java | 54 + test/webapp/WEB-INF/lib/bug69135-lib.jar | Bin 0 -> 7366 bytes .../bug6/bug69135-invalid-jar-escape.jsp} | 8 +-- .../bug6/bug69135-invalid-jar.jsp} | 8 +-- .../bug6/bug69135.jsp} | 9 ++-- .../tags/helloWorld.tag => test/webapp/ok.tagf | 5 +- webapps/docs/changelog.xml | 16 ++ 11 files changed, 107 insertions(+), 25 deletions(-) create mode 100644 test/webapp/WEB-INF/lib/bug69135-lib.jar copy test/{webapp-2.4/el-as-literal.jsp => webapp/bug6/bug69135-invalid-jar-escape.jsp} (84%) copy test/{webapp-2.4/el-as-literal.jsp => webapp/bug6/bug69135-invalid-jar.jsp} (85%) copy test/{webapp-2.4/el-as-literal.jsp => webapp/bug6/bug69135.jsp} (84%) copy webapps/examples/WEB-INF/tags/helloWorld.tag => test/webapp/ok.tagf (97%) - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
(tomcat) 01/03: Partial fix for BZ 69135
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/tomcat.git commit 658b5b61e90673bb9c526efeee874213f7e70872 Author: Mark Thomas AuthorDate: Thu Jun 27 12:30:47 2024 +0100 Partial fix for BZ 69135 Include directives where the file attribute starts with "/" should be relative to the context ROOT (rather than the JAR root when the file with the include is packaged in a JAR). --- java/org/apache/jasper/compiler/Parser.java | 10 +- .../catalina/loader/TestVirtualWebappLoader.java | 4 ++-- test/org/apache/jasper/TestJspCompilationContext.java | 18 ++ test/webapp/WEB-INF/lib/bug69135-lib.jar | Bin 0 -> 2443 bytes test/webapp/bug6/bug69135.jsp | 18 ++ test/webapp/ok.tagf | 16 6 files changed, 63 insertions(+), 3 deletions(-) diff --git a/java/org/apache/jasper/compiler/Parser.java b/java/org/apache/jasper/compiler/Parser.java index 444aa8736c..e9ff08ffd6 100644 --- a/java/org/apache/jasper/compiler/Parser.java +++ b/java/org/apache/jasper/compiler/Parser.java @@ -335,7 +335,15 @@ class Parser implements TagConstants { } try { -parserController.parse(file, parent, jar); +/* + * Include directive defined by 1.10.3 which references 1.2.1 for the file attribute. As per 1.2.1, paths + * starting with "/" are context relative. + */ +if (file.startsWith("/")) { +parserController.parse(file, parent, null); +} else { +parserController.parse(file, parent, jar); +} } catch (FileNotFoundException ex) { err.jspError(start, "jsp.error.file.not.found", file); } catch (Exception ex) { diff --git a/test/org/apache/catalina/loader/TestVirtualWebappLoader.java b/test/org/apache/catalina/loader/TestVirtualWebappLoader.java index 8a158a9dd9..460341740d 100644 --- a/test/org/apache/catalina/loader/TestVirtualWebappLoader.java +++ b/test/org/apache/catalina/loader/TestVirtualWebappLoader.java @@ -89,7 +89,7 @@ public class TestVirtualWebappLoader extends TomcatBaseTest { loader.start(); String[] repos = loader.getLoaderRepositories(); -Assert.assertEquals(4,repos.length); +Assert.assertEquals(5,repos.length); loader.stop(); repos = loader.getLoaderRepositories(); @@ -98,7 +98,7 @@ public class TestVirtualWebappLoader extends TomcatBaseTest { // no leak loader.start(); repos = loader.getLoaderRepositories(); -Assert.assertEquals(4,repos.length); +Assert.assertEquals(5,repos.length); // clear loader ctx.setLoader(null); diff --git a/test/org/apache/jasper/TestJspCompilationContext.java b/test/org/apache/jasper/TestJspCompilationContext.java index 25236ac771..c86f18c8c4 100644 --- a/test/org/apache/jasper/TestJspCompilationContext.java +++ b/test/org/apache/jasper/TestJspCompilationContext.java @@ -71,4 +71,22 @@ public class TestJspCompilationContext extends TomcatBaseTest { Assert.assertEquals(HttpServletResponse.SC_OK, rc); Assert.assertTrue(body.toString().contains("00 - OK")); } + + +/* + * Test case for https://bz.apache.org/bugzilla/show_bug.cgi?id=69135 + */ +@Test +public void testTagFileInJarIncludeAbsolute() throws Exception { +getTomcatInstanceTestWebapp(false, true); + +ByteChunk body = new ByteChunk(); + +int rc = getUrl("http://localhost:; + getPort() + +"/test/bug6/bug69135.jsp", body, null); + +Assert.assertEquals(HttpServletResponse.SC_OK, rc); +Assert.assertTrue(body.toString(), body.toString().contains("00 - OK")); + +} } diff --git a/test/webapp/WEB-INF/lib/bug69135-lib.jar b/test/webapp/WEB-INF/lib/bug69135-lib.jar new file mode 100644 index 00..433ffa286b Binary files /dev/null and b/test/webapp/WEB-INF/lib/bug69135-lib.jar differ diff --git a/test/webapp/bug6/bug69135.jsp b/test/webapp/bug6/bug69135.jsp new file mode 100644 index 00..8f0bc85e82 --- /dev/null +++ b/test/webapp/bug6/bug69135.jsp @@ -0,0 +1,18 @@ +<%-- + Licensed to the Apache Software Foundation (ASF) under one or more + contributor license agreements. See the NOTICE file distributed with + this work for additional information regarding copyright ownership. + The ASF licenses this file to You under the Apache License, Version 2.0 + (the "License"); you may not use this file except in compliance with + the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on
(tomcat) 03/03: Complete fixes for BZ 69135 - prevent escape from /META-INF/tags/
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/tomcat.git commit 2d47ecf17f23593fd18c3285467531ff5e1545e8 Author: Mark Thomas AuthorDate: Thu Jun 27 17:25:49 2024 +0100 Complete fixes for BZ 69135 - prevent escape from /META-INF/tags/ --- .../apache/jasper/compiler/ParserController.java | 12 .../jasper/resources/LocalStrings.properties | 1 + .../apache/jasper/TestJspCompilationContext.java | 32 + test/webapp/WEB-INF/lib/bug69135-lib.jar | Bin 7365 -> 7366 bytes .../bug6/bug69135-invalid-jar-escape.jsp | 18 test/webapp/bug6/bug69135-invalid-jar.jsp | 18 webapps/docs/changelog.xml | 16 +++ 7 files changed, 97 insertions(+) diff --git a/java/org/apache/jasper/compiler/ParserController.java b/java/org/apache/jasper/compiler/ParserController.java index 1b92d60b98..b35f58331d 100644 --- a/java/org/apache/jasper/compiler/ParserController.java +++ b/java/org/apache/jasper/compiler/ParserController.java @@ -43,6 +43,7 @@ import org.xml.sax.Attributes; class ParserController implements TagConstants { private static final String CHARSET = "charset="; +private static final String TAGS_IN_JAR_LOCATION = "/META-INF/tags/"; private final JspCompilationContext ctxt; private final Compiler compiler; @@ -186,6 +187,7 @@ class ParserController implements TagConstants { * @param jar The JAR file from which to read the JSP page or tag file, * or null if the JSP page or tag file is to be read from the filesystem */ +@SuppressWarnings("null") // jar can't be null if processingTagInJar is true private Node.Nodes doParse(String inFileName, Node parent, Jar jar) throws FileNotFoundException, JasperException, IOException { @@ -194,7 +196,17 @@ class ParserController implements TagConstants { isBomPresent = false; isDefaultPageEncoding = false; +boolean processingTagInJar = jar != null && baseDirStack.peekFirst() != null && +baseDirStack.peekFirst().startsWith(TAGS_IN_JAR_LOCATION); String absFileName = resolveFileName(inFileName); +if (processingTagInJar && !absFileName.startsWith(TAGS_IN_JAR_LOCATION)) { +/* + * An included file is being parsed that was included from the standard location for tag files in JAR but + * tries to escape that location to either somewhere in the JAR not under the standard location or outside + * of the JAR. Neither of these are permitted. + */ +err.jspError("jsp.error.invalid.includeInTagFileJar", inFileName, jar.getJarFileURL().toString()); +} String jspConfigPageEnc = getJspConfigPageEncoding(absFileName); // Figure out what type of JSP document and encoding type we are diff --git a/java/org/apache/jasper/resources/LocalStrings.properties b/java/org/apache/jasper/resources/LocalStrings.properties index 8fec3e4fa9..65f8feb76b 100644 --- a/java/org/apache/jasper/resources/LocalStrings.properties +++ b/java/org/apache/jasper/resources/LocalStrings.properties @@ -90,6 +90,7 @@ jsp.error.invalid.directive=Invalid directive jsp.error.invalid.expression=[{0}] contains invalid expression(s): [{1}] jsp.error.invalid.implicit=Invalid implicit TLD for tag file at [{0}] jsp.error.invalid.implicit.version=Invalid JSP version defined in implicit TLD for tag file at [{0}] +jsp.error.invalid.includeInTagFileJar=The include [{0}] is not valid since it is outside of /META-INF/tags in the current JAR jsp.error.invalid.name=File [{0}] uses name [{1}] in jsp:getProperty for a bean that was not previously introduced as per JSP.5.3 jsp.error.invalid.scope=Illegal value of ''scope'' attribute: [{0}] (must be one of "page", "request", "session", or "application") jsp.error.invalid.tagdir=Tag file directory [{0}] does not start with "/WEB-INF/tags" diff --git a/test/org/apache/jasper/TestJspCompilationContext.java b/test/org/apache/jasper/TestJspCompilationContext.java index bfd1671132..126fc16e76 100644 --- a/test/org/apache/jasper/TestJspCompilationContext.java +++ b/test/org/apache/jasper/TestJspCompilationContext.java @@ -93,4 +93,36 @@ public class TestJspCompilationContext extends TomcatBaseTest { // Resource relative include (does not start with "/") Assert.assertTrue(body.toString(), body.toString().contains("01 - OK")); } + + +/* + * Test case for https://bz.apache.org/bugzilla/show_bug.cgi?id=69135 + */ +@Test +public void testTagFileInJarIncludesInvalidJar() throws Exception { +getTomcatInstanceTestWebapp(false, true); + +ByteChunk body = new ByteChunk(); + +int rc = getUrl("http://localhost:; + getPort() + +
Buildbot success in on tomcat-11.0.x
Build status: Build succeeded! Worker used: bb_worker2_ubuntu URL: https://ci2.apache.org/#builders/112/builds/1155 Blamelist: remm Build Text: build successful Status Detected: restored build Build Source Stamp: [branch main] 2ef17f020fcffaf0383e9789f481ff4aae9df8e3 Steps: worker_preparation: 0 git: 0 shell: 0 shell_1: 0 shell_2: 0 shell_3: 0 shell_4: 0 shell_5: 0 shell_6: 0 compile: 1 shell_7: 0 shell_8: 0 shell_9: 0 shell_10: 0 Rsync docs to nightlies.apache.org: 0 shell_11: 0 Rsync RAT to nightlies.apache.org: 0 compile_1: 1 shell_12: 0 Rsync Logs to nightlies.apache.org: 0 -- ASF Buildbot - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Buildbot failure in on tomcat-9.0.x
Build status: BUILD FAILED: failed compile (failure) Logs copied. (failure) Worker used: bb_worker2_ubuntu URL: https://ci2.apache.org/#builders/37/builds/991 Blamelist: remm Build Text: failed compile (failure) Logs copied. (failure) Status Detected: new failure Build Source Stamp: [branch 9.0.x] 772c39df5372edfb305e4537851963f77c2e38f3 Steps: worker_preparation: 0 git: 0 shell: 0 shell_1: 0 shell_2: 0 shell_3: 0 shell_4: 0 shell_5: 0 compile: 1 shell_6: 0 shell_7: 0 shell_8: 0 shell_9: 0 Rsync docs to nightlies.apache.org: 0 shell_10: 0 Rsync RAT to nightlies.apache.org: 0 compile_1: 2 shell_11: 2 -- ASF Buildbot - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
(tomcat) branch 9.0.x updated: Fix NIO only check
This is an automated email from the ASF dual-hosted git repository. remm pushed a commit to branch 9.0.x in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/9.0.x by this push: new 3c1ff43668 Fix NIO only check 3c1ff43668 is described below commit 3c1ff43668bc79998494e6932d21f50f57d3bdb6 Author: remm AuthorDate: Thu Jun 27 14:03:44 2024 +0200 Fix NIO only check --- test/org/apache/catalina/manager/TestStatusTransformer.java | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/test/org/apache/catalina/manager/TestStatusTransformer.java b/test/org/apache/catalina/manager/TestStatusTransformer.java index 1a7ecfa4fc..78bcba76c8 100644 --- a/test/org/apache/catalina/manager/TestStatusTransformer.java +++ b/test/org/apache/catalina/manager/TestStatusTransformer.java @@ -110,11 +110,10 @@ public class TestStatusTransformer extends TomcatBaseTest { try (StringReader reader = new StringReader(body)) { Document xmlDocument = DocumentBuilderFactory.newInstance().newDocumentBuilder().parse(new InputSource(reader)); String serialized = ((DOMImplementationLS) xmlDocument.getImplementation()).createLSSerializer().writeToString(xmlDocument); - Assert.assertTrue(serialized.contains("http-nio-127.0.0.1-auto-")); +// Verify that a request is being processed Assert.assertTrue(serialized.contains("stage=\"S\"")); } } else { -Assert.assertTrue(body.contains("http-nio-127.0.0.1-auto-")); // Verify that a request is being processed Assert.assertTrue(body.contains("S")); } - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
(tomcat) branch 10.1.x updated: Fix NIO only check
This is an automated email from the ASF dual-hosted git repository. remm pushed a commit to branch 10.1.x in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/10.1.x by this push: new 92c37fb1fb Fix NIO only check 92c37fb1fb is described below commit 92c37fb1fb7ec855b81b3efb106b0616fe538951 Author: remm AuthorDate: Thu Jun 27 14:03:44 2024 +0200 Fix NIO only check --- test/org/apache/catalina/manager/TestStatusTransformer.java | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/test/org/apache/catalina/manager/TestStatusTransformer.java b/test/org/apache/catalina/manager/TestStatusTransformer.java index 1a7ecfa4fc..78bcba76c8 100644 --- a/test/org/apache/catalina/manager/TestStatusTransformer.java +++ b/test/org/apache/catalina/manager/TestStatusTransformer.java @@ -110,11 +110,10 @@ public class TestStatusTransformer extends TomcatBaseTest { try (StringReader reader = new StringReader(body)) { Document xmlDocument = DocumentBuilderFactory.newInstance().newDocumentBuilder().parse(new InputSource(reader)); String serialized = ((DOMImplementationLS) xmlDocument.getImplementation()).createLSSerializer().writeToString(xmlDocument); - Assert.assertTrue(serialized.contains("http-nio-127.0.0.1-auto-")); +// Verify that a request is being processed Assert.assertTrue(serialized.contains("stage=\"S\"")); } } else { -Assert.assertTrue(body.contains("http-nio-127.0.0.1-auto-")); // Verify that a request is being processed Assert.assertTrue(body.contains("S")); } - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
(tomcat) branch main updated: Fix NIO only check
This is an automated email from the ASF dual-hosted git repository. remm pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/main by this push: new 2ef17f020f Fix NIO only check 2ef17f020f is described below commit 2ef17f020fcffaf0383e9789f481ff4aae9df8e3 Author: remm AuthorDate: Thu Jun 27 14:03:44 2024 +0200 Fix NIO only check --- test/org/apache/catalina/manager/TestStatusTransformer.java | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/test/org/apache/catalina/manager/TestStatusTransformer.java b/test/org/apache/catalina/manager/TestStatusTransformer.java index 1a7ecfa4fc..78bcba76c8 100644 --- a/test/org/apache/catalina/manager/TestStatusTransformer.java +++ b/test/org/apache/catalina/manager/TestStatusTransformer.java @@ -110,11 +110,10 @@ public class TestStatusTransformer extends TomcatBaseTest { try (StringReader reader = new StringReader(body)) { Document xmlDocument = DocumentBuilderFactory.newInstance().newDocumentBuilder().parse(new InputSource(reader)); String serialized = ((DOMImplementationLS) xmlDocument.getImplementation()).createLSSerializer().writeToString(xmlDocument); - Assert.assertTrue(serialized.contains("http-nio-127.0.0.1-auto-")); +// Verify that a request is being processed Assert.assertTrue(serialized.contains("stage=\"S\"")); } } else { -Assert.assertTrue(body.contains("http-nio-127.0.0.1-auto-")); // Verify that a request is being processed Assert.assertTrue(body.contains("S")); } - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Buildbot failure in on tomcat-10.1.x
Build status: BUILD FAILED: failed compile (failure) Logs copied. (failure) Worker used: bb_worker2_ubuntu URL: https://ci2.apache.org/#builders/44/builds/1307 Blamelist: remm Build Text: failed compile (failure) Logs copied. (failure) Status Detected: new failure Build Source Stamp: [branch 10.1.x] 79469a8d861ad34113ab33bf32906f3707a13456 Steps: worker_preparation: 0 git: 0 shell: 0 shell_1: 0 shell_2: 0 shell_3: 0 shell_4: 0 shell_5: 0 compile: 1 shell_6: 0 shell_7: 0 shell_8: 0 shell_9: 0 Rsync docs to nightlies.apache.org: 0 shell_10: 0 Rsync RAT to nightlies.apache.org: 0 compile_1: 2 shell_11: 2 -- ASF Buildbot - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Buildbot failure in on tomcat-11.0.x
Build status: BUILD FAILED: failed compile (failure) Worker used: bb_worker2_ubuntu URL: https://ci2.apache.org/#builders/112/builds/1154 Blamelist: remm Build Text: failed compile (failure) Status Detected: new failure Build Source Stamp: [branch main] de7b89c3c9935c7db421d5deea2a1410a2968c27 Steps: worker_preparation: 0 git: 0 shell: 0 shell_1: 0 shell_2: 0 shell_3: 0 shell_4: 0 shell_5: 0 shell_6: 0 compile: 1 shell_7: 0 shell_8: 0 shell_9: 0 shell_10: 0 Rsync docs to nightlies.apache.org: 0 shell_11: 0 Rsync RAT to nightlies.apache.org: 0 compile_1: 2 shell_12: 0 Rsync Logs to nightlies.apache.org: 0 -- ASF Buildbot - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
(tomcat-tck) 02/02: Remove unused imports
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/tomcat-tck.git commit 8f3a678a8457eccc685c1aaa1ba06ef150cdfac6 Author: Mark Thomas AuthorDate: Thu Jun 27 12:15:45 2024 +0100 Remove unused imports --- .../java/org/apache/tomcat/tck/jsp/TomcatJspTckConfiguration.java | 7 --- 1 file changed, 7 deletions(-) diff --git a/jsp-tck/src/test/java/org/apache/tomcat/tck/jsp/TomcatJspTckConfiguration.java b/jsp-tck/src/test/java/org/apache/tomcat/tck/jsp/TomcatJspTckConfiguration.java index 7eb507b..8b03eda 100644 --- a/jsp-tck/src/test/java/org/apache/tomcat/tck/jsp/TomcatJspTckConfiguration.java +++ b/jsp-tck/src/test/java/org/apache/tomcat/tck/jsp/TomcatJspTckConfiguration.java @@ -17,19 +17,12 @@ package org.apache.tomcat.tck.jsp; import java.lang.reflect.Field; -import java.net.URL; -import org.apache.catalina.Host; import org.apache.catalina.connector.Connector; import org.apache.catalina.startup.Tomcat; -import org.apache.tomcat.util.net.SSLHostConfig; -import org.apache.tomcat.util.net.SSLHostConfigCertificate; -import org.apache.tomcat.util.net.SSLHostConfigCertificate.Type; -import org.apache.tomcat.util.scan.StandardJarScanner; import org.jboss.arquillian.container.spi.event.container.BeforeDeploy; import org.jboss.arquillian.core.api.annotation.Observes; import org.jboss.arquillian.core.spi.LoadableExtension; -import org.jboss.arquillian.container.tomcat.embedded.EmbeddedContextConfig; import org.jboss.arquillian.container.tomcat.embedded.Tomcat10EmbeddedContainer; public class TomcatJspTckConfiguration implements LoadableExtension { - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
(tomcat-tck) 01/02: Bump version under test to 11.0.0-M21
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/tomcat-tck.git commit 0920cf4b41d3b2862ecc4435c077d15cd6205873 Author: Mark Thomas AuthorDate: Mon Jun 24 15:32:39 2024 +0100 Bump version under test to 11.0.0-M21 --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index a84eb8a..731bb54 100644 --- a/pom.xml +++ b/pom.xml @@ -31,7 +31,7 @@ 17 -11.0.0-M20 +11.0.0-M21 6.0.0 - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
(tomcat-tck) branch main updated (d89e488 -> 8f3a678)
This is an automated email from the ASF dual-hosted git repository. markt pushed a change to branch main in repository https://gitbox.apache.org/repos/asf/tomcat-tck.git from d89e488 No longer required new 0920cf4 Bump version under test to 11.0.0-M21 new 8f3a678 Remove unused imports The 2 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "add" were already present in the repository and have only been added to this reference. Summary of changes: .../java/org/apache/tomcat/tck/jsp/TomcatJspTckConfiguration.java | 7 --- pom.xml| 2 +- 2 files changed, 1 insertion(+), 8 deletions(-) - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
(tomcat) branch 9.0.x updated: Fix detailed view of a connector with auto port
This is an automated email from the ASF dual-hosted git repository. remm pushed a commit to branch 9.0.x in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/9.0.x by this push: new 772c39df53 Fix detailed view of a connector with auto port 772c39df53 is described below commit 772c39df5372edfb305e4537851963f77c2e38f3 Author: remm AuthorDate: Thu Jun 27 13:05:33 2024 +0200 Fix detailed view of a connector with auto port Using the port in the mbean name for request processor is not necessarily a bad idea, but this is only added after binding so there's a difference with the connector mbean name. --- .../apache/catalina/manager/StatusTransformer.java | 17 ++- .../catalina/manager/TestStatusTransformer.java| 54 +++--- webapps/docs/changelog.xml | 8 3 files changed, 71 insertions(+), 8 deletions(-) diff --git a/java/org/apache/catalina/manager/StatusTransformer.java b/java/org/apache/catalina/manager/StatusTransformer.java index b968e1dced..6efe96e4d7 100644 --- a/java/org/apache/catalina/manager/StatusTransformer.java +++ b/java/org/apache/catalina/manager/StatusTransformer.java @@ -451,7 +451,7 @@ public class StatusTransformer { "" + args[17] + ""); for (ObjectName objectName : requestProcessors) { -if (name.equals(objectName.getKeyProperty("worker"))) { +if (name.equals(getConnectorName(objectName.getKeyProperty("worker" { writer.print(""); writeProcessorState(writer, objectName, mBeanServer, mode); writer.print(""); @@ -494,7 +494,7 @@ public class StatusTransformer { writer.write(""); for (ObjectName objectName : requestProcessors) { -if (name.equals(objectName.getKeyProperty("worker"))) { +if (name.equals(getConnectorName(objectName.getKeyProperty("worker" { writeProcessorState(writer, objectName, mBeanServer, mode); } } @@ -550,6 +550,19 @@ public class StatusTransformer { } +/** + * Return the connector name without the port, for auto port connectors. + * @param name the connector name + * @return the name without the port for the auto connectors + */ +protected static String getConnectorName(String name) { +if (name.indexOf("-auto-") > 0) { +return name.substring(0, name.lastIndexOf("-")) + "\""; +} else { +return name; +} +} + /** * Write processor state. * diff --git a/test/org/apache/catalina/manager/TestStatusTransformer.java b/test/org/apache/catalina/manager/TestStatusTransformer.java index 3cd772fdd4..1a7ecfa4fc 100644 --- a/test/org/apache/catalina/manager/TestStatusTransformer.java +++ b/test/org/apache/catalina/manager/TestStatusTransformer.java @@ -17,6 +17,9 @@ package org.apache.catalina.manager; import java.io.File; +import java.io.StringReader; + +import javax.xml.parsers.DocumentBuilderFactory; import org.junit.Assert; import org.junit.Test; @@ -28,11 +31,32 @@ import org.apache.catalina.startup.SimpleHttpClient; import org.apache.catalina.startup.Tomcat; import org.apache.catalina.startup.TomcatBaseTest; import org.apache.tomcat.util.json.JSONParser; +import org.w3c.dom.Document; +import org.w3c.dom.ls.DOMImplementationLS; +import org.xml.sax.InputSource; public class TestStatusTransformer extends TomcatBaseTest { +enum Mode { +HTML, XML, JSON +} + @Test public void testJSON() throws Exception { +testStatusServlet(Mode.JSON); +} + +@Test +public void testXML() throws Exception { +testStatusServlet(Mode.XML); +} + +@Test +public void testHTML() throws Exception { +testStatusServlet(Mode.HTML); +} + +protected void testStatusServlet(Mode mode) throws Exception { Tomcat tomcat = getTomcatInstance(); // Add default servlet to make some requests @@ -65,17 +89,35 @@ public class TestStatusTransformer extends TomcatBaseTest { client.connect(); client.processRequest(true); +String requestline = null; +switch (mode) { +case XML -> requestline = "GET /status/all?XML=true HTTP/1.1"; +case JSON -> requestline = "GET /status/all?JSON=true HTTP/1.1"; +default -> requestline = "GET /status/all HTTP/1.1"; +} client.setRequest(new String[] { -"GET /status/all?JSON=true HTTP/1.1" + CRLF + +requestline + CRLF + "Host: localhost" + CRLF + "Connection: Close" + CRLF + CRLF }); client.connect(); client.processRequest(true); -String json = client.getResponseBody(); -
(tomcat) branch 10.1.x updated: Fix detailed view of a connector with auto port
This is an automated email from the ASF dual-hosted git repository. remm pushed a commit to branch 10.1.x in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/10.1.x by this push: new 79469a8d86 Fix detailed view of a connector with auto port 79469a8d86 is described below commit 79469a8d861ad34113ab33bf32906f3707a13456 Author: remm AuthorDate: Thu Jun 27 13:05:33 2024 +0200 Fix detailed view of a connector with auto port Using the port in the mbean name for request processor is not necessarily a bad idea, but this is only added after binding so there's a difference with the connector mbean name. --- .../apache/catalina/manager/StatusTransformer.java | 17 ++- .../catalina/manager/TestStatusTransformer.java| 54 +++--- webapps/docs/changelog.xml | 8 3 files changed, 71 insertions(+), 8 deletions(-) diff --git a/java/org/apache/catalina/manager/StatusTransformer.java b/java/org/apache/catalina/manager/StatusTransformer.java index bef7f8edb7..bfc83dc006 100644 --- a/java/org/apache/catalina/manager/StatusTransformer.java +++ b/java/org/apache/catalina/manager/StatusTransformer.java @@ -385,7 +385,7 @@ public class StatusTransformer { "" + args[17] + ""); for (ObjectName objectName : requestProcessors) { -if (name.equals(objectName.getKeyProperty("worker"))) { +if (name.equals(getConnectorName(objectName.getKeyProperty("worker" { writer.print(""); writeProcessorState(writer, objectName, mBeanServer, mode); writer.print(""); @@ -428,7 +428,7 @@ public class StatusTransformer { writer.write(""); for (ObjectName objectName : requestProcessors) { -if (name.equals(objectName.getKeyProperty("worker"))) { +if (name.equals(getConnectorName(objectName.getKeyProperty("worker" { writeProcessorState(writer, objectName, mBeanServer, mode); } } @@ -484,6 +484,19 @@ public class StatusTransformer { } +/** + * Return the connector name without the port, for auto port connectors. + * @param name the connector name + * @return the name without the port for the auto connectors + */ +protected static String getConnectorName(String name) { +if (name.indexOf("-auto-") > 0) { +return name.substring(0, name.lastIndexOf("-")) + "\""; +} else { +return name; +} +} + /** * Write processor state. * diff --git a/test/org/apache/catalina/manager/TestStatusTransformer.java b/test/org/apache/catalina/manager/TestStatusTransformer.java index 3cd772fdd4..1a7ecfa4fc 100644 --- a/test/org/apache/catalina/manager/TestStatusTransformer.java +++ b/test/org/apache/catalina/manager/TestStatusTransformer.java @@ -17,6 +17,9 @@ package org.apache.catalina.manager; import java.io.File; +import java.io.StringReader; + +import javax.xml.parsers.DocumentBuilderFactory; import org.junit.Assert; import org.junit.Test; @@ -28,11 +31,32 @@ import org.apache.catalina.startup.SimpleHttpClient; import org.apache.catalina.startup.Tomcat; import org.apache.catalina.startup.TomcatBaseTest; import org.apache.tomcat.util.json.JSONParser; +import org.w3c.dom.Document; +import org.w3c.dom.ls.DOMImplementationLS; +import org.xml.sax.InputSource; public class TestStatusTransformer extends TomcatBaseTest { +enum Mode { +HTML, XML, JSON +} + @Test public void testJSON() throws Exception { +testStatusServlet(Mode.JSON); +} + +@Test +public void testXML() throws Exception { +testStatusServlet(Mode.XML); +} + +@Test +public void testHTML() throws Exception { +testStatusServlet(Mode.HTML); +} + +protected void testStatusServlet(Mode mode) throws Exception { Tomcat tomcat = getTomcatInstance(); // Add default servlet to make some requests @@ -65,17 +89,35 @@ public class TestStatusTransformer extends TomcatBaseTest { client.connect(); client.processRequest(true); +String requestline = null; +switch (mode) { +case XML -> requestline = "GET /status/all?XML=true HTTP/1.1"; +case JSON -> requestline = "GET /status/all?JSON=true HTTP/1.1"; +default -> requestline = "GET /status/all HTTP/1.1"; +} client.setRequest(new String[] { -"GET /status/all?JSON=true HTTP/1.1" + CRLF + +requestline + CRLF + "Host: localhost" + CRLF + "Connection: Close" + CRLF + CRLF }); client.connect(); client.processRequest(true); -String json = client.getResponseBody(); -
(tomcat) branch main updated: Fix detailed view of a connector with auto port
This is an automated email from the ASF dual-hosted git repository. remm pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/main by this push: new de7b89c3c9 Fix detailed view of a connector with auto port de7b89c3c9 is described below commit de7b89c3c9935c7db421d5deea2a1410a2968c27 Author: remm AuthorDate: Thu Jun 27 13:05:33 2024 +0200 Fix detailed view of a connector with auto port Using the port in the mbean name for request processor is not necessarily a bad idea, but this is only added after binding so there's a difference with the connector mbean name. --- .../apache/catalina/manager/StatusTransformer.java | 17 ++- .../catalina/manager/TestStatusTransformer.java| 54 +++--- webapps/docs/changelog.xml | 8 3 files changed, 71 insertions(+), 8 deletions(-) diff --git a/java/org/apache/catalina/manager/StatusTransformer.java b/java/org/apache/catalina/manager/StatusTransformer.java index bef7f8edb7..bfc83dc006 100644 --- a/java/org/apache/catalina/manager/StatusTransformer.java +++ b/java/org/apache/catalina/manager/StatusTransformer.java @@ -385,7 +385,7 @@ public class StatusTransformer { "" + args[17] + ""); for (ObjectName objectName : requestProcessors) { -if (name.equals(objectName.getKeyProperty("worker"))) { +if (name.equals(getConnectorName(objectName.getKeyProperty("worker" { writer.print(""); writeProcessorState(writer, objectName, mBeanServer, mode); writer.print(""); @@ -428,7 +428,7 @@ public class StatusTransformer { writer.write(""); for (ObjectName objectName : requestProcessors) { -if (name.equals(objectName.getKeyProperty("worker"))) { +if (name.equals(getConnectorName(objectName.getKeyProperty("worker" { writeProcessorState(writer, objectName, mBeanServer, mode); } } @@ -484,6 +484,19 @@ public class StatusTransformer { } +/** + * Return the connector name without the port, for auto port connectors. + * @param name the connector name + * @return the name without the port for the auto connectors + */ +protected static String getConnectorName(String name) { +if (name.indexOf("-auto-") > 0) { +return name.substring(0, name.lastIndexOf("-")) + "\""; +} else { +return name; +} +} + /** * Write processor state. * diff --git a/test/org/apache/catalina/manager/TestStatusTransformer.java b/test/org/apache/catalina/manager/TestStatusTransformer.java index 3cd772fdd4..1a7ecfa4fc 100644 --- a/test/org/apache/catalina/manager/TestStatusTransformer.java +++ b/test/org/apache/catalina/manager/TestStatusTransformer.java @@ -17,6 +17,9 @@ package org.apache.catalina.manager; import java.io.File; +import java.io.StringReader; + +import javax.xml.parsers.DocumentBuilderFactory; import org.junit.Assert; import org.junit.Test; @@ -28,11 +31,32 @@ import org.apache.catalina.startup.SimpleHttpClient; import org.apache.catalina.startup.Tomcat; import org.apache.catalina.startup.TomcatBaseTest; import org.apache.tomcat.util.json.JSONParser; +import org.w3c.dom.Document; +import org.w3c.dom.ls.DOMImplementationLS; +import org.xml.sax.InputSource; public class TestStatusTransformer extends TomcatBaseTest { +enum Mode { +HTML, XML, JSON +} + @Test public void testJSON() throws Exception { +testStatusServlet(Mode.JSON); +} + +@Test +public void testXML() throws Exception { +testStatusServlet(Mode.XML); +} + +@Test +public void testHTML() throws Exception { +testStatusServlet(Mode.HTML); +} + +protected void testStatusServlet(Mode mode) throws Exception { Tomcat tomcat = getTomcatInstance(); // Add default servlet to make some requests @@ -65,17 +89,35 @@ public class TestStatusTransformer extends TomcatBaseTest { client.connect(); client.processRequest(true); +String requestline = null; +switch (mode) { +case XML -> requestline = "GET /status/all?XML=true HTTP/1.1"; +case JSON -> requestline = "GET /status/all?JSON=true HTTP/1.1"; +default -> requestline = "GET /status/all HTTP/1.1"; +} client.setRequest(new String[] { -"GET /status/all?JSON=true HTTP/1.1" + CRLF + +requestline + CRLF + "Host: localhost" + CRLF + "Connection: Close" + CRLF + CRLF }); client.connect(); client.processRequest(true); -String json = client.getResponseBody(); -
(tomcat) branch main updated: Performance tests are already excluded
This is an automated email from the ASF dual-hosted git repository. remm pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/main by this push: new b3646ed4c1 Performance tests are already excluded b3646ed4c1 is described below commit b3646ed4c129be29cb466fdec44b0e0e4b681f49 Author: remm AuthorDate: Thu Jun 27 11:11:42 2024 +0200 Performance tests are already excluded Nice reduction on Linux. Windows did 29mins -> 13mins. Very acceptable times for a single thread run. --- .github/workflows/ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index ec726f1eb4..5ee36e337c 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -53,7 +53,7 @@ jobs: run: | ant -noinput echoproperties deploy embed test-nio test-status env: -ANT_OPTS: -Dtest.openssl.exists=false -Dtest.excludePerformance=true -Dtest.exclude=jakarta/servlet/http/TestHttpServletDoHeadValidWrite0.java,jakarta/servlet/http/TestHttpServletDoHeadValidWrite1023.java,jakarta/servlet/http/TestHttpServletDoHeadValidWrite1024.java,jakarta/servlet/http/TestHttpServletDoHeadValidWrite1025.java,jakarta/servlet/http/TestHttpServletDoHeadValidWrite1.java,jakarta/servlet/http/TestHttpServletDoHeadValidWrite511.java,jakarta/servlet/http/TestHttpServle [...] +ANT_OPTS: -Dtest.openssl.exists=false -Dtest.excludePerformance=true -Dtest.exclude=jakarta/servlet/http/TestHttpServletDoHeadValidWrite0.java,jakarta/servlet/http/TestHttpServletDoHeadValidWrite1023.java,jakarta/servlet/http/TestHttpServletDoHeadValidWrite1024.java,jakarta/servlet/http/TestHttpServletDoHeadValidWrite1025.java,jakarta/servlet/http/TestHttpServletDoHeadValidWrite1.java,jakarta/servlet/http/TestHttpServletDoHeadValidWrite511.java,jakarta/servlet/http/TestHttpServle [...] continue-on-error: true - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
(tomcat) branch 10.1.x updated: Only tomcat-native needs the extra initializeSSL call
This is an automated email from the ASF dual-hosted git repository. remm pushed a commit to branch 10.1.x in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/10.1.x by this push: new 9091500a81 Only tomcat-native needs the extra initializeSSL call 9091500a81 is described below commit 9091500a815e3ba9c3370478fe6a9b7aba353aef Author: remm AuthorDate: Thu Jun 27 11:06:55 2024 +0200 Only tomcat-native needs the extra initializeSSL call --- test/org/apache/tomcat/util/net/openssl/TestOpenSSLConf.java | 10 -- 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/test/org/apache/tomcat/util/net/openssl/TestOpenSSLConf.java b/test/org/apache/tomcat/util/net/openssl/TestOpenSSLConf.java index aa429ca917..cbf957d195 100644 --- a/test/org/apache/tomcat/util/net/openssl/TestOpenSSLConf.java +++ b/test/org/apache/tomcat/util/net/openssl/TestOpenSSLConf.java @@ -86,21 +86,19 @@ public class TestOpenSSLConf extends TomcatBaseTest { Assert.assertTrue(tomcat.getConnector().setProperty("sslImplementationName", sslImplementationName)); -LifecycleListener listener = null; if (OpenSSLImplementation.class.getName().equals(sslImplementationName)) { -listener = new AprLifecycleListener(); +LifecycleListener listener = new AprLifecycleListener(); Assume.assumeTrue(AprLifecycleListener.isAprAvailable()); StandardServer server = (StandardServer) tomcat.getServer(); server.addLifecycleListener(listener); +// Initialize only the listener as the OpenSSL version is not available before initializeSSL +listener.lifecycleEvent(new LifecycleEvent(tomcat.getServer(), Lifecycle.BEFORE_INIT_EVENT, null)); } else if ("org.apache.tomcat.util.net.openssl.panama.OpenSSLImplementation".equals(sslImplementationName)) { -listener = new OpenSSLLifecycleListener(); +LifecycleListener listener = new OpenSSLLifecycleListener(); Assume.assumeTrue(OpenSSLLifecycleListener.isAvailable()); StandardServer server = (StandardServer) tomcat.getServer(); server.addLifecycleListener(listener); } -Assert.assertNotNull("Test configuragiton error: Invalid sslImplementationName", listener); -// Initialize only the listener as the OpenSSL version is not available before -listener.lifecycleEvent(new LifecycleEvent(tomcat.getServer(), Lifecycle.BEFORE_INIT_EVENT, null)); } private SSLHostConfig initOpenSSLConfCmd(String... commands) throws Exception { - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
(tomcat) branch main updated: Only tomcat-native needs the extra initializeSSL call
This is an automated email from the ASF dual-hosted git repository. remm pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/main by this push: new a810be5a10 Only tomcat-native needs the extra initializeSSL call a810be5a10 is described below commit a810be5a10ae950b3f45661f5d51b68dd297c5f1 Author: remm AuthorDate: Thu Jun 27 11:06:55 2024 +0200 Only tomcat-native needs the extra initializeSSL call --- test/org/apache/tomcat/util/net/openssl/TestOpenSSLConf.java | 10 -- 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/test/org/apache/tomcat/util/net/openssl/TestOpenSSLConf.java b/test/org/apache/tomcat/util/net/openssl/TestOpenSSLConf.java index aa429ca917..cbf957d195 100644 --- a/test/org/apache/tomcat/util/net/openssl/TestOpenSSLConf.java +++ b/test/org/apache/tomcat/util/net/openssl/TestOpenSSLConf.java @@ -86,21 +86,19 @@ public class TestOpenSSLConf extends TomcatBaseTest { Assert.assertTrue(tomcat.getConnector().setProperty("sslImplementationName", sslImplementationName)); -LifecycleListener listener = null; if (OpenSSLImplementation.class.getName().equals(sslImplementationName)) { -listener = new AprLifecycleListener(); +LifecycleListener listener = new AprLifecycleListener(); Assume.assumeTrue(AprLifecycleListener.isAprAvailable()); StandardServer server = (StandardServer) tomcat.getServer(); server.addLifecycleListener(listener); +// Initialize only the listener as the OpenSSL version is not available before initializeSSL +listener.lifecycleEvent(new LifecycleEvent(tomcat.getServer(), Lifecycle.BEFORE_INIT_EVENT, null)); } else if ("org.apache.tomcat.util.net.openssl.panama.OpenSSLImplementation".equals(sslImplementationName)) { -listener = new OpenSSLLifecycleListener(); +LifecycleListener listener = new OpenSSLLifecycleListener(); Assume.assumeTrue(OpenSSLLifecycleListener.isAvailable()); StandardServer server = (StandardServer) tomcat.getServer(); server.addLifecycleListener(listener); } -Assert.assertNotNull("Test configuragiton error: Invalid sslImplementationName", listener); -// Initialize only the listener as the OpenSSL version is not available before -listener.lifecycleEvent(new LifecycleEvent(tomcat.getServer(), Lifecycle.BEFORE_INIT_EVENT, null)); } private SSLHostConfig initOpenSSLConfCmd(String... commands) throws Exception { - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org