(tomcat) branch 9.0.x updated: Add RealmBase.getPrincipal(GSSName, GSSCredential, GSSContext)
This is an automated email from the ASF dual-hosted git repository.
michaelo pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/9.0.x by this push:
new 9cace36b99 Add RealmBase.getPrincipal(GSSName, GSSCredential,
GSSContext)
9cace36b99 is described below
commit 9cace36b9917d978cc6760ed41d81bb1bb95d17f
Author: Michael Osipov
AuthorDate: Tue Jun 11 11:11:29 2024 +0200
Add RealmBase.getPrincipal(GSSName, GSSCredential, GSSContext)
A realm might want to access extended/additional information from an
established GSS context to properly build an authenticated princpal.
One prominent example is
com.sun.security.jgss.ExtendedGSSContext.inquireSecContext(InquireType).
---
java/org/apache/catalina/realm/RealmBase.java | 16 +++-
webapps/docs/changelog.xml| 5 +
2 files changed, 20 insertions(+), 1 deletion(-)
diff --git a/java/org/apache/catalina/realm/RealmBase.java
b/java/org/apache/catalina/realm/RealmBase.java
index 45082831ab..471bc6e896 100644
--- a/java/org/apache/catalina/realm/RealmBase.java
+++ b/java/org/apache/catalina/realm/RealmBase.java
@@ -492,7 +492,7 @@ public abstract class RealmBase extends LifecycleMBeanBase
implements Realm {
}
}
-return getPrincipal(gssName, gssCredential);
+return getPrincipal(gssName, gssCredential, gssContext);
}
} else {
log.error(sm.getString("realmBase.gssContextNotEstablished"));
@@ -1247,6 +1247,20 @@ public abstract class RealmBase extends
LifecycleMBeanBase implements Realm {
}
+/**
+ * Get the principal associated with the specified {@link GSSName}.
+ *
+ * @param gssName The GSS name
+ * @param gssCredential the GSS credential of the principal
+ * @param gssContext the established GSS context
+ *
+ * @return the principal associated with the given user name.
+ */
+protected Principal getPrincipal(GSSName gssName, GSSCredential
gssCredential, GSSContext gssContext) {
+return getPrincipal(gssName, gssCredential);
+}
+
+
/**
* Get the principal associated with the specified {@link GSSName}.
*
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 27569bd081..611c596507 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -130,6 +130,11 @@
attribute, thus causing facade objects to be discarded by default.
(remm)
+
+Add RealmBase.getPrincipal(GSSName, GSSCredential,
GSSContext)
+for retrieving extended/additional information from an established
+GSS context. (michaelo)
+
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
(tomcat) branch 10.1.x updated: Add RealmBase.getPrincipal(GSSName, GSSCredential, GSSContext)
This is an automated email from the ASF dual-hosted git repository.
michaelo pushed a commit to branch 10.1.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/10.1.x by this push:
new 2f0187e02b Add RealmBase.getPrincipal(GSSName, GSSCredential,
GSSContext)
2f0187e02b is described below
commit 2f0187e02b571c67e7d124bd21fb28e02721c98c
Author: Michael Osipov
AuthorDate: Tue Jun 11 11:11:29 2024 +0200
Add RealmBase.getPrincipal(GSSName, GSSCredential, GSSContext)
A realm might want to access extended/additional information from an
established GSS context to properly build an authenticated princpal.
One prominent example is
com.sun.security.jgss.ExtendedGSSContext.inquireSecContext(InquireType).
---
java/org/apache/catalina/realm/RealmBase.java | 16 +++-
webapps/docs/changelog.xml| 5 +
2 files changed, 20 insertions(+), 1 deletion(-)
diff --git a/java/org/apache/catalina/realm/RealmBase.java
b/java/org/apache/catalina/realm/RealmBase.java
index 438b7296df..0021696b50 100644
--- a/java/org/apache/catalina/realm/RealmBase.java
+++ b/java/org/apache/catalina/realm/RealmBase.java
@@ -492,7 +492,7 @@ public abstract class RealmBase extends LifecycleMBeanBase
implements Realm {
}
}
-return getPrincipal(gssName, gssCredential);
+return getPrincipal(gssName, gssCredential, gssContext);
}
} else {
log.error(sm.getString("realmBase.gssContextNotEstablished"));
@@ -1225,6 +1225,20 @@ public abstract class RealmBase extends
LifecycleMBeanBase implements Realm {
protected abstract Principal getPrincipal(String username);
+/**
+ * Get the principal associated with the specified {@link GSSName}.
+ *
+ * @param gssName The GSS name
+ * @param gssCredential the GSS credential of the principal
+ * @param gssContext the established GSS context
+ *
+ * @return the principal associated with the given user name.
+ */
+protected Principal getPrincipal(GSSName gssName, GSSCredential
gssCredential, GSSContext gssContext) {
+return getPrincipal(gssName, gssCredential);
+}
+
+
/**
* Get the principal associated with the specified {@link GSSName}.
*
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 390870161c..3e238ff8b4 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -118,6 +118,11 @@
69066: Fix regression in SPNEGO authenticator when
processing Base64. Submitted by Daniel Lyko. (remm)
+
+Add RealmBase.getPrincipal(GSSName, GSSCredential,
GSSContext)
+for retrieving extended/additional information from an established
+GSS context. (michaelo)
+
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
(tomcat) branch main updated: Add RealmBase.getPrincipal(GSSName, GSSCredential, GSSContext)
This is an automated email from the ASF dual-hosted git repository.
michaelo pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/main by this push:
new 956c4577ca Add RealmBase.getPrincipal(GSSName, GSSCredential,
GSSContext)
956c4577ca is described below
commit 956c4577caedca7d77c5eb996a83ebafdf80b889
Author: Michael Osipov
AuthorDate: Tue Jun 11 11:11:29 2024 +0200
Add RealmBase.getPrincipal(GSSName, GSSCredential, GSSContext)
A realm might want to access extended/additional information from an
established GSS context to properly build an authenticated princpal.
One prominent example is
com.sun.security.jgss.ExtendedGSSContext.inquireSecContext(InquireType).
---
java/org/apache/catalina/realm/RealmBase.java | 16 +++-
webapps/docs/changelog.xml| 5 +
2 files changed, 20 insertions(+), 1 deletion(-)
diff --git a/java/org/apache/catalina/realm/RealmBase.java
b/java/org/apache/catalina/realm/RealmBase.java
index c0aaa49068..c441d51ecf 100644
--- a/java/org/apache/catalina/realm/RealmBase.java
+++ b/java/org/apache/catalina/realm/RealmBase.java
@@ -484,7 +484,7 @@ public abstract class RealmBase extends LifecycleMBeanBase
implements Realm {
}
}
-return getPrincipal(gssName, gssCredential);
+return getPrincipal(gssName, gssCredential, gssContext);
}
} else {
log.error(sm.getString("realmBase.gssContextNotEstablished"));
@@ -1201,6 +1201,20 @@ public abstract class RealmBase extends
LifecycleMBeanBase implements Realm {
protected abstract Principal getPrincipal(String username);
+/**
+ * Get the principal associated with the specified {@link GSSName}.
+ *
+ * @param gssName The GSS name
+ * @param gssCredential the GSS credential of the principal
+ * @param gssContext the established GSS context
+ *
+ * @return the principal associated with the given user name.
+ */
+protected Principal getPrincipal(GSSName gssName, GSSCredential
gssCredential, GSSContext gssContext) {
+return getPrincipal(gssName, gssCredential);
+}
+
+
/**
* Get the principal associated with the specified {@link GSSName}.
*
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index cd704f988c..1273c41722 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -118,6 +118,11 @@
69066: Fix regression in SPNEGO authenticator when
processing Base64. Submitted by Daniel Lyko. (remm)
+
+Add RealmBase.getPrincipal(GSSName, GSSCredential,
GSSContext)
+for retrieving extended/additional information from an established
+GSS context. (michaelo)
+
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
(tomcat-native) branch 1.3.x updated: Fix a crash on Windows in SSLContext.setCACertificate()
This is an automated email from the ASF dual-hosted git repository.
michaelo pushed a commit to branch 1.3.x
in repository https://gitbox.apache.org/repos/asf/tomcat-native.git
The following commit(s) were added to refs/heads/1.3.x by this push:
new e77dcb05d Fix a crash on Windows in SSLContext.setCACertificate()
e77dcb05d is described below
commit e77dcb05d395e7dec6ed071a332af0e7287e0c35
Author: Michael Osipov
AuthorDate: Thu May 16 17:48:26 2024 +0200
Fix a crash on Windows in SSLContext.setCACertificate()
---
native/src/sslcontext.c | 2 +-
xdocs/miscellaneous/changelog.xml | 7 +++
2 files changed, 8 insertions(+), 1 deletion(-)
diff --git a/native/src/sslcontext.c b/native/src/sslcontext.c
index e3d67131d..76662cc09 100644
--- a/native/src/sslcontext.c
+++ b/native/src/sslcontext.c
@@ -709,7 +709,7 @@ TCN_IMPLEMENT_CALL(jboolean, SSLContext,
setCACertificate)(TCN_STDARGS,
SSL_CTX_set_client_CA_list(c->ctx, ca_certs);
}
else {
-if (!SSL_add_file_cert_subjects_to_stack(ca_certs, J2S(file)))
+if (file != NULL && !SSL_add_file_cert_subjects_to_stack(ca_certs,
J2S(file)))
ca_certs = NULL;
}
if (ca_certs == NULL && c->verify_mode == SSL_CVERIFY_REQUIRE) {
diff --git a/xdocs/miscellaneous/changelog.xml
b/xdocs/miscellaneous/changelog.xml
index 027f715f7..d88705ed6 100644
--- a/xdocs/miscellaneous/changelog.xml
+++ b/xdocs/miscellaneous/changelog.xml
@@ -33,6 +33,13 @@
+
+ Fix a crash on Windows when SSLContext.setCACertificate()
+ is invoked with a null value for
caCertificateFile
+ and a non-null value for caCertificatePath
+ until properly addressed with
+ https://github.com/openssl/openssl/issues/24416. (michaelo)
+
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
(tomcat-native) branch main updated: Fix a crash on Windows in SSLContext.setCACertificate()
This is an automated email from the ASF dual-hosted git repository.
michaelo pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat-native.git
The following commit(s) were added to refs/heads/main by this push:
new 745455f12 Fix a crash on Windows in SSLContext.setCACertificate()
745455f12 is described below
commit 745455f127e3181c75f694d5821eead9d5ab4c00
Author: Michael Osipov
AuthorDate: Thu May 16 17:48:26 2024 +0200
Fix a crash on Windows in SSLContext.setCACertificate()
---
native/src/sslcontext.c | 2 +-
xdocs/miscellaneous/changelog.xml | 7 +++
2 files changed, 8 insertions(+), 1 deletion(-)
diff --git a/native/src/sslcontext.c b/native/src/sslcontext.c
index 9fbe7a19b..72feb4324 100644
--- a/native/src/sslcontext.c
+++ b/native/src/sslcontext.c
@@ -708,7 +708,7 @@ TCN_IMPLEMENT_CALL(jboolean, SSLContext,
setCACertificate)(TCN_STDARGS,
SSL_CTX_set_client_CA_list(c->ctx, ca_certs);
}
else {
-if (!SSL_add_file_cert_subjects_to_stack(ca_certs, J2S(file)))
+if (file != NULL && !SSL_add_file_cert_subjects_to_stack(ca_certs,
J2S(file)))
ca_certs = NULL;
}
if (ca_certs == NULL && c->verify_mode == SSL_CVERIFY_REQUIRE) {
diff --git a/xdocs/miscellaneous/changelog.xml
b/xdocs/miscellaneous/changelog.xml
index 5d16781b6..5ee7eacf0 100644
--- a/xdocs/miscellaneous/changelog.xml
+++ b/xdocs/miscellaneous/changelog.xml
@@ -33,6 +33,13 @@
+
+ Fix a crash on Windows when SSLContext.setCACertificate()
+ is invoked with a null value for
caCertificateFile
+ and a non-null value for caCertificatePath
+ until properly addressed with
+ https://github.com/openssl/openssl/issues/24416. (michaelo)
+
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
(tomcat-native) branch 1.3.x updated: Add missing newlines to printf statements
This is an automated email from the ASF dual-hosted git repository.
michaelo pushed a commit to branch 1.3.x
in repository https://gitbox.apache.org/repos/asf/tomcat-native.git
The following commit(s) were added to refs/heads/1.3.x by this push:
new 6ddbab7fe Add missing newlines to printf statements
6ddbab7fe is described below
commit 6ddbab7fe4ac9e5c82ec26c5a2ba66ead8b405bd
Author: Michael Osipov
AuthorDate: Thu May 16 16:35:38 2024 +0200
Add missing newlines to printf statements
---
native/src/sslcontext.c | 8
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/native/src/sslcontext.c b/native/src/sslcontext.c
index 660aed768..e3d67131d 100644
--- a/native/src/sslcontext.c
+++ b/native/src/sslcontext.c
@@ -721,13 +721,13 @@ TCN_IMPLEMENT_CALL(jboolean, SSLContext,
setCACertificate)(TCN_STDARGS,
BIO_printf(c->bio_os,
"[WARN] Oops, you want to request client "
"authentication, but no CAs are known for "
-"verification!?");
+"verification!?\n");
}
else {
fprintf(stderr,
"[WARN] Oops, you want to request client "
"authentication, but no CAs are known for "
-"verification!?");
+"verification!?\n");
}
}
@@ -1680,10 +1680,10 @@ TCN_IMPLEMENT_CALL(void, SSLContext,
setSessionTicketKeys)(TCN_STDARGS, jlong ct
if ((*e)->GetArrayLength(e, keys) != TICKET_KEYS_SIZE) {
if (c->bio_os) {
-BIO_printf(c->bio_os, "[ERROR] Session ticket keys provided were
wrong size.");
+BIO_printf(c->bio_os, "[ERROR] Session ticket keys provided were
wrong size.\n");
}
else {
-fprintf(stderr, "[ERROR] Session ticket keys provided were wrong
size.");
+fprintf(stderr, "[ERROR] Session ticket keys provided were wrong
size.\n");
}
exit(1);
}
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
(tomcat-native) branch main updated: Add missing newlines to printf statements
This is an automated email from the ASF dual-hosted git repository.
michaelo pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat-native.git
The following commit(s) were added to refs/heads/main by this push:
new 6a6a6b239 Add missing newlines to printf statements
6a6a6b239 is described below
commit 6a6a6b2395036c6a6cabb2b8af22aa329e438436
Author: Michael Osipov
AuthorDate: Thu May 16 16:35:38 2024 +0200
Add missing newlines to printf statements
---
native/src/sslcontext.c | 8
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/native/src/sslcontext.c b/native/src/sslcontext.c
index a7951f53f..9fbe7a19b 100644
--- a/native/src/sslcontext.c
+++ b/native/src/sslcontext.c
@@ -720,13 +720,13 @@ TCN_IMPLEMENT_CALL(jboolean, SSLContext,
setCACertificate)(TCN_STDARGS,
BIO_printf(c->bio_os,
"[WARN] Oops, you want to request client "
"authentication, but no CAs are known for "
-"verification!?");
+"verification!?\n");
}
else {
fprintf(stderr,
"[WARN] Oops, you want to request client "
"authentication, but no CAs are known for "
-"verification!?");
+"verification!?\n");
}
}
@@ -1679,10 +1679,10 @@ TCN_IMPLEMENT_CALL(void, SSLContext,
setSessionTicketKeys)(TCN_STDARGS, jlong ct
if ((*e)->GetArrayLength(e, keys) != TICKET_KEYS_SIZE) {
if (c->bio_os) {
-BIO_printf(c->bio_os, "[ERROR] Session ticket keys provided were
wrong size.");
+BIO_printf(c->bio_os, "[ERROR] Session ticket keys provided were
wrong size.\n");
}
else {
-fprintf(stderr, "[ERROR] Session ticket keys provided were wrong
size.");
+fprintf(stderr, "[ERROR] Session ticket keys provided were wrong
size.\n");
}
exit(1);
}
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
(tomcat-native) branch 1.3.x updated: Fix comment
This is an automated email from the ASF dual-hosted git repository. michaelo pushed a commit to branch 1.3.x in repository https://gitbox.apache.org/repos/asf/tomcat-native.git The following commit(s) were added to refs/heads/1.3.x by this push: new 5998cbf84 Fix comment 5998cbf84 is described below commit 5998cbf8484e0b65dbb4a1fc17a5da9f5190b8b1 Author: Michael Osipov AuthorDate: Thu Apr 18 08:24:42 2024 +0200 Fix comment --- native/src/ssl.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/native/src/ssl.c b/native/src/ssl.c index 56304ee29..5ca7c0781 100644 --- a/native/src/ssl.c +++ b/native/src/ssl.c @@ -653,7 +653,7 @@ TCN_IMPLEMENT_CALL(jint, SSL, fipsModeGet)(TCN_STDARGS) const char *name; UNREFERENCED(o); -// Maps the OpenSSL 3. x onwards behaviour to theOpenSSL 1.x API +// Maps the OpenSSL 3.x onwards behaviour to the OpenSSL 1.x API // Checks that FIPS is the default provider md = EVP_MD_fetch(NULL, "SHA-512", NULL); - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
(tomcat-native) branch main updated: Fix comment
This is an automated email from the ASF dual-hosted git repository. michaelo pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/tomcat-native.git The following commit(s) were added to refs/heads/main by this push: new 43ddd1e80 Fix comment 43ddd1e80 is described below commit 43ddd1e8059528454110198ca0d7d191322beeaf Author: Michael Osipov AuthorDate: Thu Apr 18 08:24:42 2024 +0200 Fix comment --- native/src/ssl.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/native/src/ssl.c b/native/src/ssl.c index 7f4ca7e78..7624a4e67 100644 --- a/native/src/ssl.c +++ b/native/src/ssl.c @@ -405,7 +405,7 @@ TCN_IMPLEMENT_CALL(jint, SSL, fipsModeGet)(TCN_STDARGS) const char *name; UNREFERENCED(o); -// Maps the OpenSSL 3. x onwards behaviour to theOpenSSL 1.x API +// Maps the OpenSSL 3.x onwards behaviour to the OpenSSL 1.x API // Checks that FIPS is the default provider md = EVP_MD_fetch(NULL, "SHA-512", NULL); - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
(tomcat-native) branch main updated: Fix APR version check in M4 macro
This is an automated email from the ASF dual-hosted git repository.
michaelo pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat-native.git
The following commit(s) were added to refs/heads/main by this push:
new 49d1a3a5b Fix APR version check in M4 macro
49d1a3a5b is described below
commit 49d1a3a5baf3bd50a3d4761ceb96d3efa9c05159
Author: Michael Osipov
AuthorDate: Thu Apr 18 08:20:08 2024 +0200
Fix APR version check in M4 macro
---
native/build/tcnative.m4 | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/native/build/tcnative.m4 b/native/build/tcnative.m4
index 272eac47f..11789e5b5 100644
--- a/native/build/tcnative.m4
+++ b/native/build/tcnative.m4
@@ -38,9 +38,9 @@ AC_DEFUN([TCN_FIND_APR],[
set $sapr_version
IFS=$tc_save_IFS
decimal_apr_version=`printf %02d%02d%03d ${1} ${2} ${3}`
- if test "${decimal_apr_version}" -lt "0104003"
+ if test "${decimal_apr_version}" -lt "0107000"
then
-AC_MSG_ERROR(Found APR $sapr_version. You need version 1.4.3 or newer
installed.)
+AC_MSG_ERROR(Found APR $sapr_version. You need version 1.7.0 or newer
installed.)
fi
AC_MSG_NOTICE(APR $sapr_version detected.)
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
(tomcat) branch 8.5.x updated: BZ 67926: PEMFile prints unidentifiable string representation of ASN.1 OIDs
This is an automated email from the ASF dual-hosted git repository.
michaelo pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/8.5.x by this push:
new 40a1d14fd4 BZ 67926: PEMFile prints unidentifiable string
representation of ASN.1 OIDs
40a1d14fd4 is described below
commit 40a1d14fd4717505f756f08d5b76abaf55b7778c
Author: Michael Osipov
AuthorDate: Mon Oct 30 11:43:36 2023 +0100
BZ 67926: PEMFile prints unidentifiable string representation of ASN.1 OIDs
---
java/org/apache/tomcat/util/net/jsse/PEMFile.java | 20
webapps/docs/changelog.xml| 4
2 files changed, 20 insertions(+), 4 deletions(-)
diff --git a/java/org/apache/tomcat/util/net/jsse/PEMFile.java
b/java/org/apache/tomcat/util/net/jsse/PEMFile.java
index a136bef6a6..2499beda79 100644
--- a/java/org/apache/tomcat/util/net/jsse/PEMFile.java
+++ b/java/org/apache/tomcat/util/net/jsse/PEMFile.java
@@ -56,6 +56,8 @@ import org.apache.tomcat.util.buf.HexUtils;
import org.apache.tomcat.util.codec.binary.Base64;
import org.apache.tomcat.util.file.ConfigFileLoader;
import org.apache.tomcat.util.res.StringManager;
+import org.ietf.jgss.GSSException;
+import org.ietf.jgss.Oid;
/**
* RFC 1421 PEM file containing X509 certificates or private keys.
@@ -373,7 +375,7 @@ public class PEMFile {
*/
if (!Arrays.equals(oidEncryptionAlgorithm, OID_PBES2)) {
throw new
NoSuchAlgorithmException(sm.getString("pemFile.unknownPkcs8Algorithm",
-HexUtils.toHexString(oidEncryptionAlgorithm)));
+toDottedOidString(oidEncryptionAlgorithm)));
}
// PBES2-params
@@ -386,7 +388,7 @@ public class PEMFile {
byte[] oidKDF = p.parseOIDAsBytes();
if (!Arrays.equals(oidKDF, OID_PBKDF2)) {
throw new NoSuchAlgorithmException(
-sm.getString("pemFile.notPbkdf2",
HexUtils.toHexString(oidKDF)));
+sm.getString("pemFile.notPbkdf2",
toDottedOidString(oidKDF)));
}
// PBES2 KDF-params
@@ -404,7 +406,7 @@ public class PEMFile {
byte[] oidPRF = p.parseOIDAsBytes();
String prf = OID_TO_PRF.get(HexUtils.toHexString(oidPRF));
if (prf == null) {
-throw new
NoSuchAlgorithmException(sm.getString("pemFile.unknownPrfAlgorithm",
HexUtils.toHexString(oidPRF)));
+throw new
NoSuchAlgorithmException(sm.getString("pemFile.unknownPrfAlgorithm",
toDottedOidString(oidPRF)));
}
p.parseNull();
@@ -415,7 +417,7 @@ public class PEMFile {
Algorithm algorithm =
OID_TO_ALGORITHM.get(HexUtils.toHexString(oidCipher));
if (algorithm == null) {
throw new NoSuchAlgorithmException(
-
sm.getString("pemFile.unknownEncryptionAlgorithm",
HexUtils.toHexString(oidCipher)));
+
sm.getString("pemFile.unknownEncryptionAlgorithm",
toDottedOidString(oidCipher)));
}
byte[] iv = p.parseOctetString();
@@ -622,6 +624,16 @@ public class PEMFile {
}
return bytes;
}
+
+
+private String toDottedOidString(byte[] oidBytes) {
+try {
+Oid oid = new Oid(oidBytes);
+return oid.toString();
+} catch (GSSException e) {
+return HexUtils.toHexString(oidBytes);
+}
+}
}
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 72ea1e0402..2340769f7a 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -120,6 +120,10 @@
Optionally allow ServiceBindingPropertySource to trim a trailing
newline
from a file containing a property-value. (schultz)
+
+67926: PEMFile prints unidentifiable string
representation
+ of ASN.1 OIDs. (michaelo)
+
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
(tomcat) branch 10.1.x updated: BZ 67926: PEMFile prints unidentifiable string representation of ASN.1 OIDs
This is an automated email from the ASF dual-hosted git repository.
michaelo pushed a commit to branch 10.1.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/10.1.x by this push:
new 60b68d8f2a BZ 67926: PEMFile prints unidentifiable string
representation of ASN.1 OIDs
60b68d8f2a is described below
commit 60b68d8f2a84e10e275fa8d7b83d1a2da99e35c2
Author: Michael Osipov
AuthorDate: Mon Oct 30 11:43:36 2023 +0100
BZ 67926: PEMFile prints unidentifiable string representation of ASN.1 OIDs
---
java/org/apache/tomcat/util/net/jsse/PEMFile.java | 20
webapps/docs/changelog.xml| 4
2 files changed, 20 insertions(+), 4 deletions(-)
diff --git a/java/org/apache/tomcat/util/net/jsse/PEMFile.java
b/java/org/apache/tomcat/util/net/jsse/PEMFile.java
index b3f60ce0db..5bef5b6f24 100644
--- a/java/org/apache/tomcat/util/net/jsse/PEMFile.java
+++ b/java/org/apache/tomcat/util/net/jsse/PEMFile.java
@@ -56,6 +56,8 @@ import org.apache.tomcat.util.buf.HexUtils;
import org.apache.tomcat.util.codec.binary.Base64;
import org.apache.tomcat.util.file.ConfigFileLoader;
import org.apache.tomcat.util.res.StringManager;
+import org.ietf.jgss.GSSException;
+import org.ietf.jgss.Oid;
/**
* RFC 1421 PEM file containing X509 certificates or private keys.
@@ -375,7 +377,7 @@ public class PEMFile {
*/
if (!Arrays.equals(oidEncryptionAlgorithm, OID_PBES2)) {
throw new
NoSuchAlgorithmException(sm.getString("pemFile.unknownPkcs8Algorithm",
-HexUtils.toHexString(oidEncryptionAlgorithm)));
+toDottedOidString(oidEncryptionAlgorithm)));
}
// PBES2-params
@@ -388,7 +390,7 @@ public class PEMFile {
byte[] oidKDF = p.parseOIDAsBytes();
if (!Arrays.equals(oidKDF, OID_PBKDF2)) {
throw new NoSuchAlgorithmException(
-sm.getString("pemFile.notPbkdf2",
HexUtils.toHexString(oidKDF)));
+sm.getString("pemFile.notPbkdf2",
toDottedOidString(oidKDF)));
}
// PBES2 KDF-params
@@ -406,7 +408,7 @@ public class PEMFile {
byte[] oidPRF = p.parseOIDAsBytes();
String prf = OID_TO_PRF.get(HexUtils.toHexString(oidPRF));
if (prf == null) {
-throw new
NoSuchAlgorithmException(sm.getString("pemFile.unknownPrfAlgorithm",
HexUtils.toHexString(oidPRF)));
+throw new
NoSuchAlgorithmException(sm.getString("pemFile.unknownPrfAlgorithm",
toDottedOidString(oidPRF)));
}
p.parseNull();
@@ -417,7 +419,7 @@ public class PEMFile {
Algorithm algorithm =
OID_TO_ALGORITHM.get(HexUtils.toHexString(oidCipher));
if (algorithm == null) {
throw new NoSuchAlgorithmException(
-
sm.getString("pemFile.unknownEncryptionAlgorithm",
HexUtils.toHexString(oidCipher)));
+
sm.getString("pemFile.unknownEncryptionAlgorithm",
toDottedOidString(oidCipher)));
}
byte[] iv = p.parseOctetString();
@@ -624,6 +626,16 @@ public class PEMFile {
}
return bytes;
}
+
+
+private String toDottedOidString(byte[] oidBytes) {
+try {
+Oid oid = new Oid(oidBytes);
+return oid.toString();
+} catch (GSSException e) {
+return HexUtils.toHexString(oidBytes);
+}
+}
}
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 4301e1fa40..89f9ad68db 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -120,6 +120,10 @@
Optionally allow ServiceBindingPropertySource to trim a trailing
newline
from a file containing a property-value. (schultz)
+
+67926: PEMFile prints unidentifiable string
representation
+ of ASN.1 OIDs. (michaelo)
+
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
(tomcat) branch 9.0.x updated: BZ 67926: PEMFile prints unidentifiable string representation of ASN.1 OIDs
This is an automated email from the ASF dual-hosted git repository.
michaelo pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/9.0.x by this push:
new 96688ea1ff BZ 67926: PEMFile prints unidentifiable string
representation of ASN.1 OIDs
96688ea1ff is described below
commit 96688ea1ff1b622653dd9cc1c7cbe1a04ad5d81b
Author: Michael Osipov
AuthorDate: Mon Oct 30 11:43:36 2023 +0100
BZ 67926: PEMFile prints unidentifiable string representation of ASN.1 OIDs
---
java/org/apache/tomcat/util/net/jsse/PEMFile.java | 20
webapps/docs/changelog.xml| 4
2 files changed, 20 insertions(+), 4 deletions(-)
diff --git a/java/org/apache/tomcat/util/net/jsse/PEMFile.java
b/java/org/apache/tomcat/util/net/jsse/PEMFile.java
index b3f60ce0db..5bef5b6f24 100644
--- a/java/org/apache/tomcat/util/net/jsse/PEMFile.java
+++ b/java/org/apache/tomcat/util/net/jsse/PEMFile.java
@@ -56,6 +56,8 @@ import org.apache.tomcat.util.buf.HexUtils;
import org.apache.tomcat.util.codec.binary.Base64;
import org.apache.tomcat.util.file.ConfigFileLoader;
import org.apache.tomcat.util.res.StringManager;
+import org.ietf.jgss.GSSException;
+import org.ietf.jgss.Oid;
/**
* RFC 1421 PEM file containing X509 certificates or private keys.
@@ -375,7 +377,7 @@ public class PEMFile {
*/
if (!Arrays.equals(oidEncryptionAlgorithm, OID_PBES2)) {
throw new
NoSuchAlgorithmException(sm.getString("pemFile.unknownPkcs8Algorithm",
-HexUtils.toHexString(oidEncryptionAlgorithm)));
+toDottedOidString(oidEncryptionAlgorithm)));
}
// PBES2-params
@@ -388,7 +390,7 @@ public class PEMFile {
byte[] oidKDF = p.parseOIDAsBytes();
if (!Arrays.equals(oidKDF, OID_PBKDF2)) {
throw new NoSuchAlgorithmException(
-sm.getString("pemFile.notPbkdf2",
HexUtils.toHexString(oidKDF)));
+sm.getString("pemFile.notPbkdf2",
toDottedOidString(oidKDF)));
}
// PBES2 KDF-params
@@ -406,7 +408,7 @@ public class PEMFile {
byte[] oidPRF = p.parseOIDAsBytes();
String prf = OID_TO_PRF.get(HexUtils.toHexString(oidPRF));
if (prf == null) {
-throw new
NoSuchAlgorithmException(sm.getString("pemFile.unknownPrfAlgorithm",
HexUtils.toHexString(oidPRF)));
+throw new
NoSuchAlgorithmException(sm.getString("pemFile.unknownPrfAlgorithm",
toDottedOidString(oidPRF)));
}
p.parseNull();
@@ -417,7 +419,7 @@ public class PEMFile {
Algorithm algorithm =
OID_TO_ALGORITHM.get(HexUtils.toHexString(oidCipher));
if (algorithm == null) {
throw new NoSuchAlgorithmException(
-
sm.getString("pemFile.unknownEncryptionAlgorithm",
HexUtils.toHexString(oidCipher)));
+
sm.getString("pemFile.unknownEncryptionAlgorithm",
toDottedOidString(oidCipher)));
}
byte[] iv = p.parseOctetString();
@@ -624,6 +626,16 @@ public class PEMFile {
}
return bytes;
}
+
+
+private String toDottedOidString(byte[] oidBytes) {
+try {
+Oid oid = new Oid(oidBytes);
+return oid.toString();
+} catch (GSSException e) {
+return HexUtils.toHexString(oidBytes);
+}
+}
}
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index b576cb62b7..9f96c43e8e 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -120,6 +120,10 @@
Optionally allow ServiceBindingPropertySource to trim a trailing
newline
from a file containing a property-value. (schultz)
+
+67926: PEMFile prints unidentifiable string
representation
+ of ASN.1 OIDs. (michaelo)
+
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
(tomcat) branch main updated: BZ 67926: PEMFile prints unidentifiable string representation of ASN.1 OIDs
This is an automated email from the ASF dual-hosted git repository.
michaelo pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/main by this push:
new 3151ed38a6 BZ 67926: PEMFile prints unidentifiable string
representation of ASN.1 OIDs
3151ed38a6 is described below
commit 3151ed38a65a77f0bb2ef9668bd19ceb5f31c48a
Author: Michael Osipov
AuthorDate: Mon Oct 30 11:43:36 2023 +0100
BZ 67926: PEMFile prints unidentifiable string representation of ASN.1 OIDs
---
java/org/apache/tomcat/util/net/jsse/PEMFile.java | 20
webapps/docs/changelog.xml| 4
2 files changed, 20 insertions(+), 4 deletions(-)
diff --git a/java/org/apache/tomcat/util/net/jsse/PEMFile.java
b/java/org/apache/tomcat/util/net/jsse/PEMFile.java
index b3f60ce0db..5bef5b6f24 100644
--- a/java/org/apache/tomcat/util/net/jsse/PEMFile.java
+++ b/java/org/apache/tomcat/util/net/jsse/PEMFile.java
@@ -56,6 +56,8 @@ import org.apache.tomcat.util.buf.HexUtils;
import org.apache.tomcat.util.codec.binary.Base64;
import org.apache.tomcat.util.file.ConfigFileLoader;
import org.apache.tomcat.util.res.StringManager;
+import org.ietf.jgss.GSSException;
+import org.ietf.jgss.Oid;
/**
* RFC 1421 PEM file containing X509 certificates or private keys.
@@ -375,7 +377,7 @@ public class PEMFile {
*/
if (!Arrays.equals(oidEncryptionAlgorithm, OID_PBES2)) {
throw new
NoSuchAlgorithmException(sm.getString("pemFile.unknownPkcs8Algorithm",
-HexUtils.toHexString(oidEncryptionAlgorithm)));
+toDottedOidString(oidEncryptionAlgorithm)));
}
// PBES2-params
@@ -388,7 +390,7 @@ public class PEMFile {
byte[] oidKDF = p.parseOIDAsBytes();
if (!Arrays.equals(oidKDF, OID_PBKDF2)) {
throw new NoSuchAlgorithmException(
-sm.getString("pemFile.notPbkdf2",
HexUtils.toHexString(oidKDF)));
+sm.getString("pemFile.notPbkdf2",
toDottedOidString(oidKDF)));
}
// PBES2 KDF-params
@@ -406,7 +408,7 @@ public class PEMFile {
byte[] oidPRF = p.parseOIDAsBytes();
String prf = OID_TO_PRF.get(HexUtils.toHexString(oidPRF));
if (prf == null) {
-throw new
NoSuchAlgorithmException(sm.getString("pemFile.unknownPrfAlgorithm",
HexUtils.toHexString(oidPRF)));
+throw new
NoSuchAlgorithmException(sm.getString("pemFile.unknownPrfAlgorithm",
toDottedOidString(oidPRF)));
}
p.parseNull();
@@ -417,7 +419,7 @@ public class PEMFile {
Algorithm algorithm =
OID_TO_ALGORITHM.get(HexUtils.toHexString(oidCipher));
if (algorithm == null) {
throw new NoSuchAlgorithmException(
-
sm.getString("pemFile.unknownEncryptionAlgorithm",
HexUtils.toHexString(oidCipher)));
+
sm.getString("pemFile.unknownEncryptionAlgorithm",
toDottedOidString(oidCipher)));
}
byte[] iv = p.parseOctetString();
@@ -624,6 +626,16 @@ public class PEMFile {
}
return bytes;
}
+
+
+private String toDottedOidString(byte[] oidBytes) {
+try {
+Oid oid = new Oid(oidBytes);
+return oid.toString();
+} catch (GSSException e) {
+return HexUtils.toHexString(oidBytes);
+}
+}
}
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 575b08f3dc..edac7d0e60 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -125,6 +125,10 @@
support a broader range of environments, and to give better information
in the event of a failure. (schultz)
+
+67926: PEMFile prints unidentifiable string
representation
+ of ASN.1 OIDs. (michaelo)
+
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
(tomcat-native) branch 1.2.x updated: BZ 67818: SSL#setVerify()/SSLContext#setVerify() silently set undocumented default verify paths
This is an automated email from the ASF dual-hosted git repository.
michaelo pushed a commit to branch 1.2.x
in repository https://gitbox.apache.org/repos/asf/tomcat-native.git
The following commit(s) were added to refs/heads/1.2.x by this push:
new 193c4e504 BZ 67818: SSL#setVerify()/SSLContext#setVerify() silently
set undocumented default verify paths
193c4e504 is described below
commit 193c4e504fc10f74737b062ddd1b34f54f38a268
Author: Michael Osipov
AuthorDate: Wed Oct 18 22:22:06 2023 +0200
BZ 67818: SSL#setVerify()/SSLContext#setVerify() silently set undocumented
default verify paths
---
native/src/ssl.c | 11 ++-
native/src/sslcontext.c | 12 +++-
xdocs/miscellaneous/changelog.xml | 4
3 files changed, 9 insertions(+), 18 deletions(-)
diff --git a/native/src/ssl.c b/native/src/ssl.c
index 31493e74f..ff716091f 100644
--- a/native/src/ssl.c
+++ b/native/src/ssl.c
@@ -1894,15 +1894,8 @@ TCN_IMPLEMENT_CALL(void, SSL, setVerify)(TCN_STDARGS,
jlong ssl,
if ((c->verify_mode == SSL_CVERIFY_OPTIONAL) ||
(c->verify_mode == SSL_CVERIFY_OPTIONAL_NO_CA))
verify |= SSL_VERIFY_PEER;
-if (!c->store) {
-if (SSL_CTX_set_default_verify_paths(c->ctx)) {
-c->store = SSL_CTX_get_cert_store(c->ctx);
-X509_STORE_set_flags(c->store, 0);
-}
-else {
-/* XXX: See if this is fatal */
-}
-}
+if (!c->store)
+c->store = SSL_CTX_get_cert_store(c->ctx);
SSL_set_verify(ssl_, verify, SSL_callback_SSL_verify);
}
diff --git a/native/src/sslcontext.c b/native/src/sslcontext.c
index 646577e72..36cf11ed0 100644
--- a/native/src/sslcontext.c
+++ b/native/src/sslcontext.c
@@ -36,6 +36,7 @@ static apr_status_t ssl_context_cleanup(void *data)
if (c) {
int i;
c->crl = NULL;
+c->store = NULL;
if (c->ctx)
SSL_CTX_free(c->ctx);
c->ctx = NULL;
@@ -968,15 +969,8 @@ TCN_IMPLEMENT_CALL(void, SSLContext,
setVerify)(TCN_STDARGS, jlong ctx,
if ((c->verify_mode == SSL_CVERIFY_OPTIONAL) ||
(c->verify_mode == SSL_CVERIFY_OPTIONAL_NO_CA))
verify |= SSL_VERIFY_PEER;
-if (!c->store) {
-if (SSL_CTX_set_default_verify_paths(c->ctx)) {
-c->store = SSL_CTX_get_cert_store(c->ctx);
-X509_STORE_set_flags(c->store, 0);
-}
-else {
-/* XXX: See if this is fatal */
-}
-}
+if (!c->store)
+c->store = SSL_CTX_get_cert_store(c->ctx);
SSL_CTX_set_verify(c->ctx, verify, SSL_callback_SSL_verify);
}
diff --git a/xdocs/miscellaneous/changelog.xml
b/xdocs/miscellaneous/changelog.xml
index a7462ec00..cac6e1b2d 100644
--- a/xdocs/miscellaneous/changelog.xml
+++ b/xdocs/miscellaneous/changelog.xml
@@ -44,6 +44,10 @@
Remove an unreachable if condition around CRLs in sslcontext.c.
(michaelo)
+
+ 67818:
SSL.setVerify()/SSLContext.setVerify()
+ silently set undocumented default verify paths. (michaelo)
+
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
(tomcat-native) branch main updated: BZ 67818: SSL#setVerify()/SSLContext#setVerify() silently set undocumented default verify paths
This is an automated email from the ASF dual-hosted git repository.
michaelo pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat-native.git
The following commit(s) were added to refs/heads/main by this push:
new ccc6bfe99 BZ 67818: SSL#setVerify()/SSLContext#setVerify() silently
set undocumented default verify paths
ccc6bfe99 is described below
commit ccc6bfe99d1981aabde6a3175866f99d38207f03
Author: Michael Osipov
AuthorDate: Wed Oct 18 22:22:06 2023 +0200
BZ 67818: SSL#setVerify()/SSLContext#setVerify() silently set undocumented
default verify paths
---
native/src/ssl.c | 11 ++-
native/src/sslcontext.c | 12 +++-
xdocs/miscellaneous/changelog.xml | 4
3 files changed, 9 insertions(+), 18 deletions(-)
diff --git a/native/src/ssl.c b/native/src/ssl.c
index e0b0461a9..7f4ca7e78 100644
--- a/native/src/ssl.c
+++ b/native/src/ssl.c
@@ -1177,15 +1177,8 @@ TCN_IMPLEMENT_CALL(void, SSL, setVerify)(TCN_STDARGS,
jlong ssl,
if ((c->verify_mode == SSL_CVERIFY_OPTIONAL) ||
(c->verify_mode == SSL_CVERIFY_OPTIONAL_NO_CA))
verify |= SSL_VERIFY_PEER;
-if (!c->store) {
-if (SSL_CTX_set_default_verify_paths(c->ctx)) {
-c->store = SSL_CTX_get_cert_store(c->ctx);
-X509_STORE_set_flags(c->store, 0);
-}
-else {
-/* XXX: See if this is fatal */
-}
-}
+if (!c->store)
+c->store = SSL_CTX_get_cert_store(c->ctx);
SSL_set_verify(ssl_, verify, SSL_callback_SSL_verify);
}
diff --git a/native/src/sslcontext.c b/native/src/sslcontext.c
index 34669ff70..f5b2b9831 100644
--- a/native/src/sslcontext.c
+++ b/native/src/sslcontext.c
@@ -35,6 +35,7 @@ static apr_status_t ssl_context_cleanup(void *data)
if (c) {
int i;
c->crl = NULL;
+c->store = NULL;
if (c->ctx)
SSL_CTX_free(c->ctx);
c->ctx = NULL;
@@ -861,15 +862,8 @@ TCN_IMPLEMENT_CALL(void, SSLContext,
setVerify)(TCN_STDARGS, jlong ctx,
if ((c->verify_mode == SSL_CVERIFY_OPTIONAL) ||
(c->verify_mode == SSL_CVERIFY_OPTIONAL_NO_CA))
verify |= SSL_VERIFY_PEER;
-if (!c->store) {
-if (SSL_CTX_set_default_verify_paths(c->ctx)) {
-c->store = SSL_CTX_get_cert_store(c->ctx);
-X509_STORE_set_flags(c->store, 0);
-}
-else {
-/* XXX: See if this is fatal */
-}
-}
+if (!c->store)
+c->store = SSL_CTX_get_cert_store(c->ctx);
SSL_CTX_set_verify(c->ctx, verify, SSL_callback_SSL_verify);
}
diff --git a/xdocs/miscellaneous/changelog.xml
b/xdocs/miscellaneous/changelog.xml
index ffd0e10f5..0aedd8212 100644
--- a/xdocs/miscellaneous/changelog.xml
+++ b/xdocs/miscellaneous/changelog.xml
@@ -59,6 +59,10 @@
Remove an unreachable if condition around CRLs in sslcontext.c.
(michaelo)
+
+ 67818:
SSL.setVerify()/SSLContext.setVerify()
+ silently set undocumented default verify paths. (michaelo)
+
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
(tomcat-native) branch 1.2.x updated: Remove an unreachable if condition around CRLs in sslcontext.c
This is an automated email from the ASF dual-hosted git repository.
michaelo pushed a commit to branch 1.2.x
in repository https://gitbox.apache.org/repos/asf/tomcat-native.git
The following commit(s) were added to refs/heads/1.2.x by this push:
new de660b456 Remove an unreachable if condition around CRLs in
sslcontext.c
de660b456 is described below
commit de660b456ec6efdbc03e5c1e7324449756764481
Author: Michael Osipov
AuthorDate: Fri Oct 27 12:52:19 2023 +0200
Remove an unreachable if condition around CRLs in sslcontext.c
SSL_CTX_get_cert_store() will never return NULL because it is initialized at
context creation time with X509_STORE_new() and unless we have set it
explicitly
to NULL with SSL_CTX_set_cert_store().
---
native/src/sslcontext.c | 7 +++
xdocs/miscellaneous/changelog.xml | 3 +++
2 files changed, 6 insertions(+), 4 deletions(-)
diff --git a/native/src/sslcontext.c b/native/src/sslcontext.c
index 2cde86087..646577e72 100644
--- a/native/src/sslcontext.c
+++ b/native/src/sslcontext.c
@@ -718,10 +718,9 @@ TCN_IMPLEMENT_CALL(jboolean, SSLContext,
setCARevocation)(TCN_STDARGS, jlong ctx
return JNI_FALSE;
}
-if (!c->crl) {
-if ((c->crl = SSL_CTX_get_cert_store(c->ctx)) == NULL)
-goto cleanup;
-}
+if (!c->crl)
+c->crl = SSL_CTX_get_cert_store(c->ctx);
+
if (J2S(file)) {
lookup = X509_STORE_add_lookup(c->crl, X509_LOOKUP_file());
if (lookup == NULL) {
diff --git a/xdocs/miscellaneous/changelog.xml
b/xdocs/miscellaneous/changelog.xml
index 5e3f2ae8f..a7462ec00 100644
--- a/xdocs/miscellaneous/changelog.xml
+++ b/xdocs/miscellaneous/changelog.xml
@@ -41,6 +41,9 @@
Fix version set in DLL header on Windows. (michaelo)
+
+ Remove an unreachable if condition around CRLs in sslcontext.c.
(michaelo)
+
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
(tomcat-native) branch main updated: Remove an unreachable if condition around CRLs in sslcontext.c
This is an automated email from the ASF dual-hosted git repository.
michaelo pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat-native.git
The following commit(s) were added to refs/heads/main by this push:
new ac6f59b81 Remove an unreachable if condition around CRLs in
sslcontext.c
ac6f59b81 is described below
commit ac6f59b8162c52bc6fe1add64d38af9da9dd9c02
Author: Michael Osipov
AuthorDate: Fri Oct 27 12:52:19 2023 +0200
Remove an unreachable if condition around CRLs in sslcontext.c
SSL_CTX_get_cert_store() will never return NULL because it is initialized at
context creation time with X509_STORE_new() and unless we have set it
explicitly
to NULL with SSL_CTX_set_cert_store().
---
native/src/sslcontext.c | 7 +++
xdocs/miscellaneous/changelog.xml | 3 +++
2 files changed, 6 insertions(+), 4 deletions(-)
diff --git a/native/src/sslcontext.c b/native/src/sslcontext.c
index b52258914..34669ff70 100644
--- a/native/src/sslcontext.c
+++ b/native/src/sslcontext.c
@@ -611,10 +611,9 @@ TCN_IMPLEMENT_CALL(jboolean, SSLContext,
setCARevocation)(TCN_STDARGS, jlong ctx
return JNI_FALSE;
}
-if (!c->crl) {
-if ((c->crl = SSL_CTX_get_cert_store(c->ctx)) == NULL)
-goto cleanup;
-}
+if (!c->crl)
+c->crl = SSL_CTX_get_cert_store(c->ctx);
+
if (J2S(file)) {
lookup = X509_STORE_add_lookup(c->crl, X509_LOOKUP_file());
if (lookup == NULL) {
diff --git a/xdocs/miscellaneous/changelog.xml
b/xdocs/miscellaneous/changelog.xml
index c5ea8ce09..ffd0e10f5 100644
--- a/xdocs/miscellaneous/changelog.xml
+++ b/xdocs/miscellaneous/changelog.xml
@@ -56,6 +56,9 @@
Add Ant version (1.10.2) requirement identical to Tomcat. (michaelo)
+
+ Remove an unreachable if condition around CRLs in sslcontext.c.
(michaelo)
+
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 8.5.x updated: BZ 66670: Add SSLHostConfig#certificateKeyPasswordFile and SSLHostConfig#certificateKeystorePasswordFile
This is an automated email from the ASF dual-hosted git repository.
michaelo pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/8.5.x by this push:
new 8768cb1607 BZ 66670: Add SSLHostConfig#certificateKeyPasswordFile and
SSLHostConfig#certificateKeystorePasswordFile
8768cb1607 is described below
commit 8768cb160766487e43f861de9ded9d527fd9d334
Author: Michael Osipov
AuthorDate: Wed Sep 27 11:23:19 2023 +0200
BZ 66670: Add SSLHostConfig#certificateKeyPasswordFile and
SSLHostConfig#certificateKeystorePasswordFile
---
.../coyote/http11/AbstractHttp11Protocol.java | 34
java/org/apache/tomcat/util/net/SSLHostConfig.java | 34 +++-
.../tomcat/util/net/SSLHostConfigCertificate.java | 27 -
java/org/apache/tomcat/util/net/SSLUtilBase.java | 47 ++
java/org/apache/tomcat/util/net/jsse/PEMFile.java | 31 --
.../tomcat/util/net/openssl/OpenSSLContext.java| 17 +++-
test/org/apache/tomcat/util/net/TestSsl.java | 22 +-
test/org/apache/tomcat/util/net/TesterSupport.java | 12 +-
.../apache/tomcat/util/net/jsse/TestPEMFile.java | 39 +++---
test/org/apache/tomcat/util/net/jsse/key-password | 1 +
test/org/apache/tomcat/util/net/key-password | 1 +
test/org/apache/tomcat/util/net/keystore-password | 1 +
webapps/docs/changelog.xml | 4 ++
webapps/docs/config/http.xml | 20 -
14 files changed, 267 insertions(+), 23 deletions(-)
diff --git a/java/org/apache/coyote/http11/AbstractHttp11Protocol.java
b/java/org/apache/coyote/http11/AbstractHttp11Protocol.java
index 8e4f3efe98..18005783e2 100644
--- a/java/org/apache/coyote/http11/AbstractHttp11Protocol.java
+++ b/java/org/apache/coyote/http11/AbstractHttp11Protocol.java
@@ -1013,6 +1013,17 @@ public abstract class AbstractHttp11Protocol extends
AbstractProtocol {
}
+public String getKeystorePassFile() {
+registerDefaultSSLHostConfig();
+return defaultSSLHostConfig.getCertificateKeystorePasswordFile();
+}
+
+public void setKeystorePassFile(String certificateKeystorePasswordFile) {
+registerDefaultSSLHostConfig();
+
defaultSSLHostConfig.setCertificateKeystorePasswordFile(certificateKeystorePasswordFile);
+}
+
+
public String getKeyPass() {
registerDefaultSSLHostConfig();
return defaultSSLHostConfig.getCertificateKeyPassword();
@@ -1023,6 +1034,18 @@ public abstract class AbstractHttp11Protocol extends
AbstractProtocol {
defaultSSLHostConfig.setCertificateKeyPassword(certificateKeyPassword);
}
+
+public String getKeyPassFile() {
+registerDefaultSSLHostConfig();
+return defaultSSLHostConfig.getCertificateKeyPasswordFile();
+}
+
+public void setKeyPassFile(String certificateKeyPasswordFile) {
+registerDefaultSSLHostConfig();
+
defaultSSLHostConfig.setCertificateKeyPasswordFile(certificateKeyPasswordFile);
+}
+
+
public String getSSLPassword() {
registerDefaultSSLHostConfig();
return defaultSSLHostConfig.getCertificateKeyPassword();
@@ -1034,6 +1057,17 @@ public abstract class AbstractHttp11Protocol extends
AbstractProtocol {
}
+public String getSSLPasswordFile() {
+registerDefaultSSLHostConfig();
+return defaultSSLHostConfig.getCertificateKeyPasswordFile();
+}
+
+public void setSSLPasswordFile(String certificateKeyPasswordFile) {
+registerDefaultSSLHostConfig();
+
defaultSSLHostConfig.setCertificateKeyPasswordFile(certificateKeyPasswordFile);
+}
+
+
public String getCrlFile() {
registerDefaultSSLHostConfig();
return defaultSSLHostConfig.getCertificateRevocationListFile();
diff --git a/java/org/apache/tomcat/util/net/SSLHostConfig.java
b/java/org/apache/tomcat/util/net/SSLHostConfig.java
index 7563015373..c9b921026e 100644
--- a/java/org/apache/tomcat/util/net/SSLHostConfig.java
+++ b/java/org/apache/tomcat/util/net/SSLHostConfig.java
@@ -306,12 +306,29 @@ public class SSLHostConfig implements Serializable {
return defaultCertificate.getCertificateKeyPassword();
}
}
+
+
public void setCertificateKeyPassword(String certificateKeyPassword) {
registerDefaultCertificate();
defaultCertificate.setCertificateKeyPassword(certificateKeyPassword);
}
+public String getCertificateKeyPasswordFile() {
+if (defaultCertificate == null) {
+return null;
+} else {
+return defaultCertificate.getCertificateKeyPasswordFile();
+}
+}
+
+
+public void setCertificateKeyPasswordFile(String
certificateKeyPasswordFile) {
+registerDefaultCertificate();
+
defaultCertificate.setCertificateKeyPasswordFile(certificateKeyPasswordFile
[tomcat] branch 9.0.x updated: BZ 66670: Add SSLHostConfig#certificateKeyPasswordFile and SSLHostConfig#certificateKeystorePasswordFile
This is an automated email from the ASF dual-hosted git repository.
michaelo pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/9.0.x by this push:
new 3d8db8cd57 BZ 66670: Add SSLHostConfig#certificateKeyPasswordFile and
SSLHostConfig#certificateKeystorePasswordFile
3d8db8cd57 is described below
commit 3d8db8cd57b1e89be75b004b7401eb9581f531a2
Author: Michael Osipov
AuthorDate: Wed Sep 27 11:23:19 2023 +0200
BZ 66670: Add SSLHostConfig#certificateKeyPasswordFile and
SSLHostConfig#certificateKeystorePasswordFile
---
.../coyote/http11/AbstractHttp11Protocol.java | 34
java/org/apache/tomcat/util/net/SSLHostConfig.java | 34 +++-
.../tomcat/util/net/SSLHostConfigCertificate.java | 27 -
java/org/apache/tomcat/util/net/SSLUtilBase.java | 47 ++
java/org/apache/tomcat/util/net/jsse/PEMFile.java | 31 --
.../tomcat/util/net/openssl/OpenSSLContext.java| 17 +++-
test/org/apache/tomcat/util/net/TestSsl.java | 22 +-
test/org/apache/tomcat/util/net/TesterSupport.java | 12 +-
.../apache/tomcat/util/net/jsse/TestPEMFile.java | 39 +++---
test/org/apache/tomcat/util/net/jsse/key-password | 1 +
test/org/apache/tomcat/util/net/key-password | 1 +
test/org/apache/tomcat/util/net/keystore-password | 1 +
webapps/docs/changelog.xml | 4 ++
webapps/docs/config/http.xml | 20 -
14 files changed, 267 insertions(+), 23 deletions(-)
diff --git a/java/org/apache/coyote/http11/AbstractHttp11Protocol.java
b/java/org/apache/coyote/http11/AbstractHttp11Protocol.java
index cc6988d308..9f12ae8ec4 100644
--- a/java/org/apache/coyote/http11/AbstractHttp11Protocol.java
+++ b/java/org/apache/coyote/http11/AbstractHttp11Protocol.java
@@ -1009,6 +1009,17 @@ public abstract class AbstractHttp11Protocol extends
AbstractProtocol {
}
+public String getKeystorePassFile() {
+registerDefaultSSLHostConfig();
+return defaultSSLHostConfig.getCertificateKeystorePasswordFile();
+}
+
+public void setKeystorePassFile(String certificateKeystorePasswordFile) {
+registerDefaultSSLHostConfig();
+
defaultSSLHostConfig.setCertificateKeystorePasswordFile(certificateKeystorePasswordFile);
+}
+
+
public String getKeyPass() {
registerDefaultSSLHostConfig();
return defaultSSLHostConfig.getCertificateKeyPassword();
@@ -1019,6 +1030,18 @@ public abstract class AbstractHttp11Protocol extends
AbstractProtocol {
defaultSSLHostConfig.setCertificateKeyPassword(certificateKeyPassword);
}
+
+public String getKeyPassFile() {
+registerDefaultSSLHostConfig();
+return defaultSSLHostConfig.getCertificateKeyPasswordFile();
+}
+
+public void setKeyPassFile(String certificateKeyPasswordFile) {
+registerDefaultSSLHostConfig();
+
defaultSSLHostConfig.setCertificateKeyPasswordFile(certificateKeyPasswordFile);
+}
+
+
public String getSSLPassword() {
registerDefaultSSLHostConfig();
return defaultSSLHostConfig.getCertificateKeyPassword();
@@ -1030,6 +1053,17 @@ public abstract class AbstractHttp11Protocol extends
AbstractProtocol {
}
+public String getSSLPasswordFile() {
+registerDefaultSSLHostConfig();
+return defaultSSLHostConfig.getCertificateKeyPasswordFile();
+}
+
+public void setSSLPasswordFile(String certificateKeyPasswordFile) {
+registerDefaultSSLHostConfig();
+
defaultSSLHostConfig.setCertificateKeyPasswordFile(certificateKeyPasswordFile);
+}
+
+
public String getCrlFile() {
registerDefaultSSLHostConfig();
return defaultSSLHostConfig.getCertificateRevocationListFile();
diff --git a/java/org/apache/tomcat/util/net/SSLHostConfig.java
b/java/org/apache/tomcat/util/net/SSLHostConfig.java
index b2d944ee9b..af320dfbb6 100644
--- a/java/org/apache/tomcat/util/net/SSLHostConfig.java
+++ b/java/org/apache/tomcat/util/net/SSLHostConfig.java
@@ -305,12 +305,29 @@ public class SSLHostConfig implements Serializable {
return defaultCertificate.getCertificateKeyPassword();
}
}
+
+
public void setCertificateKeyPassword(String certificateKeyPassword) {
registerDefaultCertificate();
defaultCertificate.setCertificateKeyPassword(certificateKeyPassword);
}
+public String getCertificateKeyPasswordFile() {
+if (defaultCertificate == null) {
+return null;
+} else {
+return defaultCertificate.getCertificateKeyPasswordFile();
+}
+}
+
+
+public void setCertificateKeyPasswordFile(String
certificateKeyPasswordFile) {
+registerDefaultCertificate();
+
defaultCertificate.setCertificateKeyPasswordFile(certificateKeyPasswordFile
[tomcat] branch 10.1.x updated: BZ 66670: Add SSLHostConfig#certificateKeyPasswordFile and SSLHostConfig#certificateKeystorePasswordFile
This is an automated email from the ASF dual-hosted git repository.
michaelo pushed a commit to branch 10.1.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/10.1.x by this push:
new 62bbe46266 BZ 66670: Add SSLHostConfig#certificateKeyPasswordFile and
SSLHostConfig#certificateKeystorePasswordFile
62bbe46266 is described below
commit 62bbe462666b34eda971d1256cc1e830b500bdc1
Author: Michael Osipov
AuthorDate: Wed Sep 27 11:23:19 2023 +0200
BZ 66670: Add SSLHostConfig#certificateKeyPasswordFile and
SSLHostConfig#certificateKeystorePasswordFile
---
java/org/apache/tomcat/util/net/SSLHostConfig.java | 4 +-
.../tomcat/util/net/SSLHostConfigCertificate.java | 27 -
java/org/apache/tomcat/util/net/SSLUtilBase.java | 47 ++
java/org/apache/tomcat/util/net/jsse/PEMFile.java | 31 --
.../tomcat/util/net/openssl/OpenSSLContext.java| 17 +++-
test/org/apache/tomcat/util/net/TestSsl.java | 22 +-
test/org/apache/tomcat/util/net/TesterSupport.java | 12 +-
.../apache/tomcat/util/net/jsse/TestPEMFile.java | 39 +++---
test/org/apache/tomcat/util/net/jsse/key-password | 1 +
test/org/apache/tomcat/util/net/key-password | 1 +
test/org/apache/tomcat/util/net/keystore-password | 1 +
webapps/docs/changelog.xml | 4 ++
webapps/docs/config/http.xml | 20 -
13 files changed, 203 insertions(+), 23 deletions(-)
diff --git a/java/org/apache/tomcat/util/net/SSLHostConfig.java
b/java/org/apache/tomcat/util/net/SSLHostConfig.java
index 003c9b8b27..a447c7fec0 100644
--- a/java/org/apache/tomcat/util/net/SSLHostConfig.java
+++ b/java/org/apache/tomcat/util/net/SSLHostConfig.java
@@ -659,7 +659,7 @@ public class SSLHostConfig implements Serializable {
if (truststoreFile != null){
try {
result = SSLUtilBase.getStore(getTruststoreType(),
getTruststoreProvider(),
-getTruststoreFile(), getTruststorePassword());
+getTruststoreFile(), getTruststorePassword(),
null);
} catch (IOException ioe) {
Throwable cause = ioe.getCause();
if (cause instanceof UnrecoverableKeyException) {
@@ -668,7 +668,7 @@ public class SSLHostConfig implements Serializable {
cause);
// Re-try
result = SSLUtilBase.getStore(getTruststoreType(),
getTruststoreProvider(),
-getTruststoreFile(), null);
+getTruststoreFile(), null, null);
} else {
// Something else went wrong - re-throw
throw ioe;
diff --git a/java/org/apache/tomcat/util/net/SSLHostConfigCertificate.java
b/java/org/apache/tomcat/util/net/SSLHostConfigCertificate.java
index ff635bf588..0c0ebb7274 100644
--- a/java/org/apache/tomcat/util/net/SSLHostConfigCertificate.java
+++ b/java/org/apache/tomcat/util/net/SSLHostConfigCertificate.java
@@ -59,10 +59,12 @@ public class SSLHostConfigCertificate implements
Serializable {
private final SSLHostConfig sslHostConfig;
private final Type type;
private String certificateKeyPassword = null;
+private String certificateKeyPasswordFile = null;
// JSSE
private String certificateKeyAlias;
private String certificateKeystorePassword = DEFAULT_KEYSTORE_PASSWORD;
+private String certificateKeystorePasswordFile = null;
private String certificateKeystoreFile = DEFAULT_KEYSTORE_FILE;
private String certificateKeystoreProvider = DEFAULT_KEYSTORE_PROVIDER;
private String certificateKeystoreType = DEFAULT_KEYSTORE_TYPE;
@@ -131,6 +133,16 @@ public class SSLHostConfigCertificate implements
Serializable {
}
+public String getCertificateKeyPasswordFile() {
+return certificateKeyPasswordFile;
+}
+
+
+public void setCertificateKeyPasswordFile(String
certificateKeyPasswordFile) {
+this.certificateKeyPasswordFile = certificateKeyPasswordFile;
+}
+
+
// JSSE
public void setCertificateKeyAlias(String certificateKeyAlias) {
@@ -171,6 +183,19 @@ public class SSLHostConfigCertificate implements
Serializable {
}
+public void setCertificateKeystorePasswordFile(String
certificateKeystorePasswordFile) {
+sslHostConfig.setProperty(
+"Certificate.certificateKeystorePasswordFile",
SSLHostConfig.Type.JSSE);
+setStoreType("Certificate.certificateKeystorePasswordFile",
StoreType.KEYSTORE);
+this.certificateKeystorePasswordFile = certificateKeystorePasswordFile;
+}
+
+
+public String getCertificateKeystorePasswordFile() {
+return certificateKeystorePasswordFile;
+}
[tomcat] branch main updated: BZ 66670: Add SSLHostConfig#certificateKeyPasswordFile and SSLHostConfig#certificateKeystorePasswordFile
This is an automated email from the ASF dual-hosted git repository.
michaelo pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/main by this push:
new b1d20cc6b0 BZ 66670: Add SSLHostConfig#certificateKeyPasswordFile and
SSLHostConfig#certificateKeystorePasswordFile
b1d20cc6b0 is described below
commit b1d20cc6b04d64f35b3b5e47d68e02c93437867b
Author: Michael Osipov
AuthorDate: Wed Sep 27 11:23:19 2023 +0200
BZ 66670: Add SSLHostConfig#certificateKeyPasswordFile and
SSLHostConfig#certificateKeystorePasswordFile
---
java/org/apache/tomcat/util/net/SSLHostConfig.java | 4 +-
.../tomcat/util/net/SSLHostConfigCertificate.java | 27 -
java/org/apache/tomcat/util/net/SSLUtilBase.java | 47 ++
java/org/apache/tomcat/util/net/jsse/PEMFile.java | 31 --
.../tomcat/util/net/openssl/OpenSSLContext.java| 17 +++-
test/org/apache/tomcat/util/net/TestSsl.java | 22 +-
test/org/apache/tomcat/util/net/TesterSupport.java | 12 +-
.../apache/tomcat/util/net/jsse/TestPEMFile.java | 39 +++---
test/org/apache/tomcat/util/net/jsse/key-password | 1 +
test/org/apache/tomcat/util/net/key-password | 1 +
test/org/apache/tomcat/util/net/keystore-password | 1 +
webapps/docs/changelog.xml | 4 ++
webapps/docs/config/http.xml | 20 -
13 files changed, 203 insertions(+), 23 deletions(-)
diff --git a/java/org/apache/tomcat/util/net/SSLHostConfig.java
b/java/org/apache/tomcat/util/net/SSLHostConfig.java
index 003c9b8b27..a447c7fec0 100644
--- a/java/org/apache/tomcat/util/net/SSLHostConfig.java
+++ b/java/org/apache/tomcat/util/net/SSLHostConfig.java
@@ -659,7 +659,7 @@ public class SSLHostConfig implements Serializable {
if (truststoreFile != null){
try {
result = SSLUtilBase.getStore(getTruststoreType(),
getTruststoreProvider(),
-getTruststoreFile(), getTruststorePassword());
+getTruststoreFile(), getTruststorePassword(),
null);
} catch (IOException ioe) {
Throwable cause = ioe.getCause();
if (cause instanceof UnrecoverableKeyException) {
@@ -668,7 +668,7 @@ public class SSLHostConfig implements Serializable {
cause);
// Re-try
result = SSLUtilBase.getStore(getTruststoreType(),
getTruststoreProvider(),
-getTruststoreFile(), null);
+getTruststoreFile(), null, null);
} else {
// Something else went wrong - re-throw
throw ioe;
diff --git a/java/org/apache/tomcat/util/net/SSLHostConfigCertificate.java
b/java/org/apache/tomcat/util/net/SSLHostConfigCertificate.java
index ff635bf588..0c0ebb7274 100644
--- a/java/org/apache/tomcat/util/net/SSLHostConfigCertificate.java
+++ b/java/org/apache/tomcat/util/net/SSLHostConfigCertificate.java
@@ -59,10 +59,12 @@ public class SSLHostConfigCertificate implements
Serializable {
private final SSLHostConfig sslHostConfig;
private final Type type;
private String certificateKeyPassword = null;
+private String certificateKeyPasswordFile = null;
// JSSE
private String certificateKeyAlias;
private String certificateKeystorePassword = DEFAULT_KEYSTORE_PASSWORD;
+private String certificateKeystorePasswordFile = null;
private String certificateKeystoreFile = DEFAULT_KEYSTORE_FILE;
private String certificateKeystoreProvider = DEFAULT_KEYSTORE_PROVIDER;
private String certificateKeystoreType = DEFAULT_KEYSTORE_TYPE;
@@ -131,6 +133,16 @@ public class SSLHostConfigCertificate implements
Serializable {
}
+public String getCertificateKeyPasswordFile() {
+return certificateKeyPasswordFile;
+}
+
+
+public void setCertificateKeyPasswordFile(String
certificateKeyPasswordFile) {
+this.certificateKeyPasswordFile = certificateKeyPasswordFile;
+}
+
+
// JSSE
public void setCertificateKeyAlias(String certificateKeyAlias) {
@@ -171,6 +183,19 @@ public class SSLHostConfigCertificate implements
Serializable {
}
+public void setCertificateKeystorePasswordFile(String
certificateKeystorePasswordFile) {
+sslHostConfig.setProperty(
+"Certificate.certificateKeystorePasswordFile",
SSLHostConfig.Type.JSSE);
+setStoreType("Certificate.certificateKeystorePasswordFile",
StoreType.KEYSTORE);
+this.certificateKeystorePasswordFile = certificateKeystorePasswordFile;
+}
+
+
+public String getCertificateKeystorePasswordFile() {
+return certificateKeystorePasswordFile;
+}
[tomcat-native] branch 1.2.x updated: Fix version set in DLL header on Windows
This is an automated email from the ASF dual-hosted git repository. michaelo pushed a commit to branch 1.2.x in repository https://gitbox.apache.org/repos/asf/tomcat-native.git The following commit(s) were added to refs/heads/1.2.x by this push: new d5dbac61e Fix version set in DLL header on Windows d5dbac61e is described below commit d5dbac61e4357ea5c5c2a434b85bafd0321e065b Author: Michael Osipov AuthorDate: Thu Oct 12 17:12:19 2023 +0200 Fix version set in DLL header on Windows --- native/NMAKEmakefile | 4 ++-- xdocs/miscellaneous/changelog.xml | 3 +++ 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/native/NMAKEmakefile b/native/NMAKEmakefile index 1c91b5c47..ad02d3152 100644 --- a/native/NMAKEmakefile +++ b/native/NMAKEmakefile @@ -69,7 +69,7 @@ INCLUDES = $(INCLUDES) -I$(WITH_OPENSSL)\inc32 LDIRS = $(LDIRS) /libpath:"$(WITH_OPENSSL)\out32" !ENDIF -LFLAGS = $(LFLAGS) /version:1.1 +LFLAGS = $(LFLAGS) /version:1.2 LFLAGS = $(LFLAGS) user32.lib psapi.lib gdi32.lib shlwapi.lib wldap32.lib ole32.lib LFLAGS = $(LFLAGS) $(APR_LIB) !IF DEFINED(WITH_FIPS) @@ -78,7 +78,7 @@ LFLAGS = $(LFLAGS) libeayfips32.lib libeaycompat32.lib ssleay32.lib /NODEFAULTLI !IF DEFINED(OPENSSL_NEW_LIBS) LFLAGS = $(LFLAGS) libssl.lib libcrypto.lib crypt32.lib !ELSE -LFLAGS = $(LFLAGS) libeay32.lib ssleay32.lib +LFLAGS = $(LFLAGS) libeay32.lib ssleay32.lib !ENDIF !ENDIF diff --git a/xdocs/miscellaneous/changelog.xml b/xdocs/miscellaneous/changelog.xml index a80514dbf..5e3f2ae8f 100644 --- a/xdocs/miscellaneous/changelog.xml +++ b/xdocs/miscellaneous/changelog.xml @@ -38,6 +38,9 @@ Align Java source compile configuration with Tomcat. (michaelo) + + Fix version set in DLL header on Windows. (michaelo) + - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat-native] 01/02: Add Ant version (1.10.2) requirement identical to Tomcat
This is an automated email from the ASF dual-hosted git repository. michaelo pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/tomcat-native.git commit 4478b720db92369f08151b7976f30dabc969d2ce Author: Michael Osipov AuthorDate: Thu Oct 12 16:42:16 2023 +0200 Add Ant version (1.10.2) requirement identical to Tomcat --- build.properties.default | 3 +++ build.xml | 7 +++ xdocs/miscellaneous/changelog.xml | 3 +++ 3 files changed, 13 insertions(+) diff --git a/build.properties.default b/build.properties.default index f97fc6e24..dda9e6380 100644 --- a/build.properties.default +++ b/build.properties.default @@ -30,6 +30,9 @@ base.path=/usr/share/java #base.path=C:/path/to/the/repository #base.path=/usr/local +# - Build tools - +ant.version.required=1.10.2 + # - Build control flags - compile.debug=true # Do not pass -deprecation (-Xlint:deprecation) flag to javac diff --git a/build.xml b/build.xml index 3be0ed0ca..f8d6b767b 100644 --- a/build.xml +++ b/build.xml @@ -26,6 +26,13 @@ + + + + + + + diff --git a/xdocs/miscellaneous/changelog.xml b/xdocs/miscellaneous/changelog.xml index 2dc11b1a9..e37f73976 100644 --- a/xdocs/miscellaneous/changelog.xml +++ b/xdocs/miscellaneous/changelog.xml @@ -49,6 +49,9 @@ Align Java source compile configuration with Tomcat. (michaelo) + + Add Ant version (1.10.2) requirement identical to Tomcat. (michaelo) + - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat-native] 02/02: BZ 67538: Make use of Ant's task to enfore the mininum Java build version
This is an automated email from the ASF dual-hosted git repository. michaelo pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/tomcat-native.git commit 82a502dab27ac12d00079ae3310387b000f7e901 Author: Michael Osipov AuthorDate: Thu Oct 12 16:13:01 2023 +0200 BZ 67538: Make use of Ant's task to enfore the mininum Java build version --- build.xml | 7 +++ xdocs/miscellaneous/changelog.xml | 4 2 files changed, 11 insertions(+) diff --git a/build.xml b/build.xml index f8d6b767b..ce1f16c48 100644 --- a/build.xml +++ b/build.xml @@ -64,6 +64,13 @@ + + + + + + + diff --git a/xdocs/miscellaneous/changelog.xml b/xdocs/miscellaneous/changelog.xml index e37f73976..c5ea8ce09 100644 --- a/xdocs/miscellaneous/changelog.xml +++ b/xdocs/miscellaneous/changelog.xml @@ -33,6 +33,10 @@ + + 67538: Make use of Ant's javaversion / task + to enfore the mininum Java build version. (michaelo) + 67615: Windows binary for version 2 has incorrect version suffix compared to the GNU autoconf version. (michaelo) - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat-native] branch main updated (1f32d55d5 -> 82a502dab)
This is an automated email from the ASF dual-hosted git repository. michaelo pushed a change to branch main in repository https://gitbox.apache.org/repos/asf/tomcat-native.git from 1f32d55d5 Align Java source compile configuration with Tomcat new 4478b720d Add Ant version (1.10.2) requirement identical to Tomcat new 82a502dab BZ 67538: Make use of Ant's task to enfore the mininum Java build version The 2 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "add" were already present in the repository and have only been added to this reference. Summary of changes: build.properties.default | 3 +++ build.xml | 14 ++ xdocs/miscellaneous/changelog.xml | 7 +++ 3 files changed, 24 insertions(+) - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 8.5.x updated: BZ 67538: Make use of Ant's task to enfore the mininum Java build version
This is an automated email from the ASF dual-hosted git repository. michaelo pushed a commit to branch 8.5.x in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/8.5.x by this push: new 1927cd1b5c BZ 67538: Make use of Ant's task to enfore the mininum Java build version 1927cd1b5c is described below commit 1927cd1b5cc8b6da4fa4bcb2d6731421a7e84b66 Author: Michael Osipov AuthorDate: Thu Oct 12 15:14:46 2023 +0200 BZ 67538: Make use of Ant's task to enfore the mininum Java build version Introduce property 'skip.build.java.version' to skip Java build check to perform tests with Java 8. --- build.xml | 10 ++ webapps/docs/changelog.xml | 8 2 files changed, 18 insertions(+) diff --git a/build.xml b/build.xml index 723be26ac5..83f3eca952 100644 --- a/build.xml +++ b/build.xml @@ -116,6 +116,16 @@ + + + + + + + + + + diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml index f64befd633..3f6cd5e504 100644 --- a/webapps/docs/changelog.xml +++ b/webapps/docs/changelog.xml @@ -113,6 +113,14 @@ + + + +67538: Make use of Ant's javaversion / task +to enfore the mininum Java build version. (michaelo) + + + - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 10.1.x updated: BZ 67538: Make use of Ant's task to enfore the mininum Java build version
This is an automated email from the ASF dual-hosted git repository. michaelo pushed a commit to branch 10.1.x in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/10.1.x by this push: new cbfc9eb850 BZ 67538: Make use of Ant's task to enfore the mininum Java build version cbfc9eb850 is described below commit cbfc9eb85085cd32f2e7c23fadcf1303de46eb79 Author: Michael Osipov AuthorDate: Thu Oct 12 15:14:46 2023 +0200 BZ 67538: Make use of Ant's task to enfore the mininum Java build version --- build.xml | 7 +++ webapps/docs/changelog.xml | 8 2 files changed, 15 insertions(+) diff --git a/build.xml b/build.xml index be035680d5..ea6a2b9d52 100644 --- a/build.xml +++ b/build.xml @@ -109,6 +109,13 @@ + + + + + + + diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml index ad09a9ea3d..f13e0e0639 100644 --- a/webapps/docs/changelog.xml +++ b/webapps/docs/changelog.xml @@ -113,6 +113,14 @@ + + + +67538: Make use of Ant's javaversion / task +to enfore the mininum Java build version. (michaelo) + + + - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch main updated: BZ 67538: Make use of Ant's task to enfore the mininum Java build version
This is an automated email from the ASF dual-hosted git repository. michaelo pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/main by this push: new eb9913a7d7 BZ 67538: Make use of Ant's task to enfore the mininum Java build version eb9913a7d7 is described below commit eb9913a7d70522f60682728a8950e993085d1d33 Author: Michael Osipov AuthorDate: Thu Oct 12 15:14:46 2023 +0200 BZ 67538: Make use of Ant's task to enfore the mininum Java build version --- build.xml | 7 +++ webapps/docs/changelog.xml | 8 2 files changed, 15 insertions(+) diff --git a/build.xml b/build.xml index d1af5a62e2..071091425a 100644 --- a/build.xml +++ b/build.xml @@ -109,6 +109,13 @@ + + + + + + + diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml index faf938bb4a..ea64cd14b3 100644 --- a/webapps/docs/changelog.xml +++ b/webapps/docs/changelog.xml @@ -113,6 +113,14 @@ + + + +67538: Make use of Ant's javaversion / task +to enfore the mininum Java build version. (michaelo) + + + - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat-native] branch 1.2.x updated: Align Java source compile configuration with Tomcat
This is an automated email from the ASF dual-hosted git repository. michaelo pushed a commit to branch 1.2.x in repository https://gitbox.apache.org/repos/asf/tomcat-native.git The following commit(s) were added to refs/heads/1.2.x by this push: new 06fd25f1e Align Java source compile configuration with Tomcat 06fd25f1e is described below commit 06fd25f1e717d34d50e1938dc449540e79519277 Author: Michael Osipov AuthorDate: Thu Oct 12 14:05:42 2023 +0200 Align Java source compile configuration with Tomcat --- build.properties.default | 8 build.xml | 19 ++- xdocs/miscellaneous/changelog.xml | 3 +++ 3 files changed, 17 insertions(+), 13 deletions(-) diff --git a/build.properties.default b/build.properties.default index 5ddd86f88..37e678139 100644 --- a/build.properties.default +++ b/build.properties.default @@ -30,10 +30,10 @@ base.path=/usr/share/java #base.path=C:/path/to/the/repository #base.path=/usr/local -compile.source=1.8 -compile.target=1.8 -compile.debug=off -compile.deprecation=on +# - Build control flags - +compile.debug=true +# Do not pass -deprecation (-Xlint:deprecation) flag to javac +compile.deprecation=false base-maven.loc=https://repo.maven.apache.org/maven2 diff --git a/build.xml b/build.xml index e7fa10232..96358892d 100644 --- a/build.xml +++ b/build.xml @@ -55,6 +55,10 @@ + + + + @@ -204,12 +208,11 @@ limitations under the License.--"> - @@ -244,13 +247,11 @@ limitations under the License.--"> - diff --git a/xdocs/miscellaneous/changelog.xml b/xdocs/miscellaneous/changelog.xml index 34e0a77ef..a80514dbf 100644 --- a/xdocs/miscellaneous/changelog.xml +++ b/xdocs/miscellaneous/changelog.xml @@ -35,6 +35,9 @@ Drop useless compile.optimize option. (michaelo) + + Align Java source compile configuration with Tomcat. (michaelo) + - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat-native] branch main updated: Align Java source compile configuration with Tomcat
This is an automated email from the ASF dual-hosted git repository. michaelo pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/tomcat-native.git The following commit(s) were added to refs/heads/main by this push: new 1f32d55d5 Align Java source compile configuration with Tomcat 1f32d55d5 is described below commit 1f32d55d598b99cc5cb8369944bd75f3ff9d1144 Author: Michael Osipov AuthorDate: Thu Oct 12 14:05:42 2023 +0200 Align Java source compile configuration with Tomcat --- build.properties.default | 8 build.xml | 18 -- xdocs/miscellaneous/changelog.xml | 3 +++ 3 files changed, 15 insertions(+), 14 deletions(-) diff --git a/build.properties.default b/build.properties.default index edc5342db..f97fc6e24 100644 --- a/build.properties.default +++ b/build.properties.default @@ -30,10 +30,10 @@ base.path=/usr/share/java #base.path=C:/path/to/the/repository #base.path=/usr/local -compile.source=11 -compile.target=11 -compile.debug=off -compile.deprecation=on +# - Build control flags - +compile.debug=true +# Do not pass -deprecation (-Xlint:deprecation) flag to javac +compile.deprecation=false base-maven.loc=https://repo.maven.apache.org/maven2 diff --git a/build.xml b/build.xml index df6ed702a..3be0ed0ca 100644 --- a/build.xml +++ b/build.xml @@ -54,6 +54,9 @@ + + + @@ -197,12 +200,10 @@ limitations under the License.--"> - @@ -237,13 +238,10 @@ limitations under the License.--"> - diff --git a/xdocs/miscellaneous/changelog.xml b/xdocs/miscellaneous/changelog.xml index 88e9ed553..2dc11b1a9 100644 --- a/xdocs/miscellaneous/changelog.xml +++ b/xdocs/miscellaneous/changelog.xml @@ -46,6 +46,9 @@ Drop useless compile.optimize option. (michaelo) + + Align Java source compile configuration with Tomcat. (michaelo) + - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat-native] branch 1.2.x updated: Drop useless 'compile.optimize' option
This is an automated email from the ASF dual-hosted git repository.
michaelo pushed a commit to branch 1.2.x
in repository https://gitbox.apache.org/repos/asf/tomcat-native.git
The following commit(s) were added to refs/heads/1.2.x by this push:
new 5d19eda23 Drop useless 'compile.optimize' option
5d19eda23 is described below
commit 5d19eda231c9868c927e25659632847194b80d9b
Author: Michael Osipov
AuthorDate: Thu Oct 12 12:37:35 2023 +0200
Drop useless 'compile.optimize' option
---
build.properties.default | 5 ++---
build.xml | 1 -
xdocs/miscellaneous/changelog.xml | 5 -
3 files changed, 6 insertions(+), 5 deletions(-)
diff --git a/build.properties.default b/build.properties.default
index 0e6f0e9a8..5ddd86f88 100644
--- a/build.properties.default
+++ b/build.properties.default
@@ -5,9 +5,9 @@
# The ASF licenses this file to You under the Apache License, Version 2.0
# (the "License"); you may not use this file except in compliance with
# the License. You may obtain a copy of the License at
-#
+#
# http://www.apache.org/licenses/LICENSE-2.0
-#
+#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -34,7 +34,6 @@ compile.source=1.8
compile.target=1.8
compile.debug=off
compile.deprecation=on
-compile.optimize=on
base-maven.loc=https://repo.maven.apache.org/maven2
diff --git a/build.xml b/build.xml
index 227cb86df..e7fa10232 100644
--- a/build.xml
+++ b/build.xml
@@ -210,7 +210,6 @@ limitations under the License.--">
target="${compile.target}"
debug="${compile.debug}"
deprecation="${compile.deprecation}"
-optimize="${compile.optimize}"
encoding="ISO-8859-1"
includeantruntime="false">
diff --git a/xdocs/miscellaneous/changelog.xml
b/xdocs/miscellaneous/changelog.xml
index 59dfc0394..34e0a77ef 100644
--- a/xdocs/miscellaneous/changelog.xml
+++ b/xdocs/miscellaneous/changelog.xml
@@ -32,6 +32,9 @@
+
+ Drop useless compile.optimize option. (michaelo)
+
@@ -513,7 +516,7 @@
59797: Ensure that the per thread error hash maintained by
OpenSSL is cleaned up as individual threads exit to ensure it does not
- grow too large. Patch provided by Nate Clark. (markt)
+ grow too large. Patch provided by Nate Clark. (markt)
59996: Correctly handle building tc-native on a 64-bit system
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat-native] branch main updated: Drop useless 'compile.optimize' option
This is an automated email from the ASF dual-hosted git repository.
michaelo pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat-native.git
The following commit(s) were added to refs/heads/main by this push:
new 97a76c3a4 Drop useless 'compile.optimize' option
97a76c3a4 is described below
commit 97a76c3a441e1bb9f38b2e9664655b016d39d842
Author: Michael Osipov
AuthorDate: Thu Oct 12 12:37:35 2023 +0200
Drop useless 'compile.optimize' option
---
build.properties.default | 5 ++---
build.xml | 1 -
xdocs/miscellaneous/changelog.xml | 3 +++
3 files changed, 5 insertions(+), 4 deletions(-)
diff --git a/build.properties.default b/build.properties.default
index abef2f347..edc5342db 100644
--- a/build.properties.default
+++ b/build.properties.default
@@ -5,9 +5,9 @@
# The ASF licenses this file to You under the Apache License, Version 2.0
# (the "License"); you may not use this file except in compliance with
# the License. You may obtain a copy of the License at
-#
+#
# http://www.apache.org/licenses/LICENSE-2.0
-#
+#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -34,7 +34,6 @@ compile.source=11
compile.target=11
compile.debug=off
compile.deprecation=on
-compile.optimize=on
base-maven.loc=https://repo.maven.apache.org/maven2
diff --git a/build.xml b/build.xml
index c511fc473..df6ed702a 100644
--- a/build.xml
+++ b/build.xml
@@ -203,7 +203,6 @@ limitations under the License.--">
target="${compile.target}"
debug="${compile.debug}"
deprecation="${compile.deprecation}"
-optimize="${compile.optimize}"
encoding="ISO-8859-1"
includeantruntime="false">
diff --git a/xdocs/miscellaneous/changelog.xml
b/xdocs/miscellaneous/changelog.xml
index 638eb1fc4..88e9ed553 100644
--- a/xdocs/miscellaneous/changelog.xml
+++ b/xdocs/miscellaneous/changelog.xml
@@ -43,6 +43,9 @@
67616: o.a.tomcat.jni.SSL contains useless check for old
OpenSSL version. (michaelo)
+
+ Drop useless compile.optimize option. (michaelo)
+
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 8.5.x updated: BZ 67667: TLSCertificateReloadListener prints unreadable rendering of X509Certificate#getNotAfter()
This is an automated email from the ASF dual-hosted git repository.
michaelo pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/8.5.x by this push:
new b03e642842 BZ 67667: TLSCertificateReloadListener prints unreadable
rendering of X509Certificate#getNotAfter()
b03e642842 is described below
commit b03e6428420f874463fda9a44cd0031d0579a52e
Author: Michael Osipov
AuthorDate: Thu Oct 12 12:09:02 2023 +0200
BZ 67667: TLSCertificateReloadListener prints unreadable rendering of
X509Certificate#getNotAfter()
---
.../apache/catalina/security/TLSCertificateReloadListener.java| 4 +++-
webapps/docs/changelog.xml| 8
2 files changed, 11 insertions(+), 1 deletion(-)
diff --git
a/java/org/apache/catalina/security/TLSCertificateReloadListener.java
b/java/org/apache/catalina/security/TLSCertificateReloadListener.java
index 0596732575..3db6e286c3 100644
--- a/java/org/apache/catalina/security/TLSCertificateReloadListener.java
+++ b/java/org/apache/catalina/security/TLSCertificateReloadListener.java
@@ -17,6 +17,7 @@
package org.apache.catalina.security;
import java.security.cert.X509Certificate;
+import java.text.SimpleDateFormat;
import java.util.Calendar;
import java.util.Set;
@@ -45,6 +46,7 @@ public class TLSCertificateReloadListener implements
LifecycleListener {
private static final Log log =
LogFactory.getLog(TLSCertificateReloadListener.class);
private static final StringManager sm =
StringManager.getManager(TLSCertificateReloadListener.class);
+private final SimpleDateFormat dateFormat = new
SimpleDateFormat("-MM-dd'T'HH:mm:ssXXX");
// Configuration
private int checkPeriod = 24 * 60 * 60;
@@ -160,7 +162,7 @@ public class TLSCertificateReloadListener implements
LifecycleListener {
log.warn(sm.getString("tlsCertRenewalListener.notRenewed", connector,
sslHostConfig.getHostName(),
expiringCertificate.getSubjectX500Principal().getName(),
-
expiringCertificate.getNotAfter()));
+
dateFormat.format(expiringCertificate.getNotAfter(;
}
}
} catch (IllegalArgumentException iae) {
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index e4388d9f74..f64befd633 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -105,6 +105,14 @@
issues do not "pop up" wrt. others).
-->
+
+
+
+67667: TLSCertificateReloadListener prints
unreadable
+rendering of X509Certificate#getNotAfter(). (michaelo)
+
+
+
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 9.0.x updated: BZ 67667: TLSCertificateReloadListener prints unreadable rendering of X509Certificate#getNotAfter()
This is an automated email from the ASF dual-hosted git repository.
michaelo pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/9.0.x by this push:
new ec3c350dd6 BZ 67667: TLSCertificateReloadListener prints unreadable
rendering of X509Certificate#getNotAfter()
ec3c350dd6 is described below
commit ec3c350dd6993081408e5c8c82a0aea524bc59d5
Author: Michael Osipov
AuthorDate: Thu Oct 12 12:09:02 2023 +0200
BZ 67667: TLSCertificateReloadListener prints unreadable rendering of
X509Certificate#getNotAfter()
---
.../apache/catalina/security/TLSCertificateReloadListener.java| 4 +++-
webapps/docs/changelog.xml| 8
2 files changed, 11 insertions(+), 1 deletion(-)
diff --git
a/java/org/apache/catalina/security/TLSCertificateReloadListener.java
b/java/org/apache/catalina/security/TLSCertificateReloadListener.java
index 0596732575..3db6e286c3 100644
--- a/java/org/apache/catalina/security/TLSCertificateReloadListener.java
+++ b/java/org/apache/catalina/security/TLSCertificateReloadListener.java
@@ -17,6 +17,7 @@
package org.apache.catalina.security;
import java.security.cert.X509Certificate;
+import java.text.SimpleDateFormat;
import java.util.Calendar;
import java.util.Set;
@@ -45,6 +46,7 @@ public class TLSCertificateReloadListener implements
LifecycleListener {
private static final Log log =
LogFactory.getLog(TLSCertificateReloadListener.class);
private static final StringManager sm =
StringManager.getManager(TLSCertificateReloadListener.class);
+private final SimpleDateFormat dateFormat = new
SimpleDateFormat("-MM-dd'T'HH:mm:ssXXX");
// Configuration
private int checkPeriod = 24 * 60 * 60;
@@ -160,7 +162,7 @@ public class TLSCertificateReloadListener implements
LifecycleListener {
log.warn(sm.getString("tlsCertRenewalListener.notRenewed", connector,
sslHostConfig.getHostName(),
expiringCertificate.getSubjectX500Principal().getName(),
-
expiringCertificate.getNotAfter()));
+
dateFormat.format(expiringCertificate.getNotAfter(;
}
}
} catch (IllegalArgumentException iae) {
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 13a5ac0be2..cae843b18c 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -105,6 +105,14 @@
issues do not "pop up" wrt. others).
-->
+
+
+
+67667: TLSCertificateReloadListener prints
unreadable
+rendering of X509Certificate#getNotAfter(). (michaelo)
+
+
+
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 10.1.x updated: BZ 67667: TLSCertificateReloadListener prints unreadable rendering of X509Certificate#getNotAfter()
This is an automated email from the ASF dual-hosted git repository.
michaelo pushed a commit to branch 10.1.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/10.1.x by this push:
new 3ade127959 BZ 67667: TLSCertificateReloadListener prints unreadable
rendering of X509Certificate#getNotAfter()
3ade127959 is described below
commit 3ade1279599f08cfcaf6802a060a6d241988
Author: Michael Osipov
AuthorDate: Thu Oct 12 12:09:02 2023 +0200
BZ 67667: TLSCertificateReloadListener prints unreadable rendering of
X509Certificate#getNotAfter()
---
.../apache/catalina/security/TLSCertificateReloadListener.java| 4 +++-
webapps/docs/changelog.xml| 8
2 files changed, 11 insertions(+), 1 deletion(-)
diff --git
a/java/org/apache/catalina/security/TLSCertificateReloadListener.java
b/java/org/apache/catalina/security/TLSCertificateReloadListener.java
index 0596732575..3db6e286c3 100644
--- a/java/org/apache/catalina/security/TLSCertificateReloadListener.java
+++ b/java/org/apache/catalina/security/TLSCertificateReloadListener.java
@@ -17,6 +17,7 @@
package org.apache.catalina.security;
import java.security.cert.X509Certificate;
+import java.text.SimpleDateFormat;
import java.util.Calendar;
import java.util.Set;
@@ -45,6 +46,7 @@ public class TLSCertificateReloadListener implements
LifecycleListener {
private static final Log log =
LogFactory.getLog(TLSCertificateReloadListener.class);
private static final StringManager sm =
StringManager.getManager(TLSCertificateReloadListener.class);
+private final SimpleDateFormat dateFormat = new
SimpleDateFormat("-MM-dd'T'HH:mm:ssXXX");
// Configuration
private int checkPeriod = 24 * 60 * 60;
@@ -160,7 +162,7 @@ public class TLSCertificateReloadListener implements
LifecycleListener {
log.warn(sm.getString("tlsCertRenewalListener.notRenewed", connector,
sslHostConfig.getHostName(),
expiringCertificate.getSubjectX500Principal().getName(),
-
expiringCertificate.getNotAfter()));
+
dateFormat.format(expiringCertificate.getNotAfter(;
}
}
} catch (IllegalArgumentException iae) {
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 2582c4adc5..ad09a9ea3d 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -105,6 +105,14 @@
issues do not "pop up" wrt. others).
-->
+
+
+
+67667: TLSCertificateReloadListener prints
unreadable
+rendering of X509Certificate#getNotAfter(). (michaelo)
+
+
+
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch main updated: BZ 67667: TLSCertificateReloadListener prints unreadable rendering of X509Certificate#getNotAfter()
This is an automated email from the ASF dual-hosted git repository.
michaelo pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/main by this push:
new 69143e32da BZ 67667: TLSCertificateReloadListener prints unreadable
rendering of X509Certificate#getNotAfter()
69143e32da is described below
commit 69143e32da1b51c9f2c08e280f9133175f5b8dc1
Author: Michael Osipov
AuthorDate: Thu Oct 12 12:09:02 2023 +0200
BZ 67667: TLSCertificateReloadListener prints unreadable rendering of
X509Certificate#getNotAfter()
---
.../apache/catalina/security/TLSCertificateReloadListener.java| 4 +++-
webapps/docs/changelog.xml| 8
2 files changed, 11 insertions(+), 1 deletion(-)
diff --git
a/java/org/apache/catalina/security/TLSCertificateReloadListener.java
b/java/org/apache/catalina/security/TLSCertificateReloadListener.java
index 0596732575..3db6e286c3 100644
--- a/java/org/apache/catalina/security/TLSCertificateReloadListener.java
+++ b/java/org/apache/catalina/security/TLSCertificateReloadListener.java
@@ -17,6 +17,7 @@
package org.apache.catalina.security;
import java.security.cert.X509Certificate;
+import java.text.SimpleDateFormat;
import java.util.Calendar;
import java.util.Set;
@@ -45,6 +46,7 @@ public class TLSCertificateReloadListener implements
LifecycleListener {
private static final Log log =
LogFactory.getLog(TLSCertificateReloadListener.class);
private static final StringManager sm =
StringManager.getManager(TLSCertificateReloadListener.class);
+private final SimpleDateFormat dateFormat = new
SimpleDateFormat("-MM-dd'T'HH:mm:ssXXX");
// Configuration
private int checkPeriod = 24 * 60 * 60;
@@ -160,7 +162,7 @@ public class TLSCertificateReloadListener implements
LifecycleListener {
log.warn(sm.getString("tlsCertRenewalListener.notRenewed", connector,
sslHostConfig.getHostName(),
expiringCertificate.getSubjectX500Principal().getName(),
-
expiringCertificate.getNotAfter()));
+
dateFormat.format(expiringCertificate.getNotAfter(;
}
}
} catch (IllegalArgumentException iae) {
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 09b0227b59..faf938bb4a 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -105,6 +105,14 @@
issues do not "pop up" wrt. others).
-->
+
+
+
+67667: TLSCertificateReloadListener prints
unreadable
+rendering of X509Certificate#getNotAfter(). (michaelo)
+
+
+
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 8.5.x updated: Increment version number for next development cycle
This is an automated email from the ASF dual-hosted git repository. michaelo pushed a commit to branch 8.5.x in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/8.5.x by this push: new 8234f4dc31 Increment version number for next development cycle 8234f4dc31 is described below commit 8234f4dc31c0db7533caa976d42170c04e87b874 Author: Michael Osipov AuthorDate: Thu Oct 12 12:03:39 2023 +0200 Increment version number for next development cycle --- build.properties.default | 2 +- res/maven/mvn.properties.default | 2 +- webapps/docs/changelog.xml | 4 +++- 3 files changed, 5 insertions(+), 3 deletions(-) diff --git a/build.properties.default b/build.properties.default index 8fd2616b02..4722989dcc 100644 --- a/build.properties.default +++ b/build.properties.default @@ -31,7 +31,7 @@ # - Version Control Flags - version.major=8 version.minor=5 -version.build=95 +version.build=96 version.patch=0 version.suffix= version.dev=-dev diff --git a/res/maven/mvn.properties.default b/res/maven/mvn.properties.default index a6e44a1f26..99afd53698 100644 --- a/res/maven/mvn.properties.default +++ b/res/maven/mvn.properties.default @@ -39,7 +39,7 @@ maven.asf.release.repo.url=https://repository.apache.org/service/local/staging/d maven.asf.release.repo.repositoryId=apache.releases.https # Release version info -maven.asf.release.deploy.version=8.5.95 +maven.asf.release.deploy.version=8.5.96 #Where do we load the libraries from tomcat.lib.path=../../output/build/lib diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml index af3449284b..e4388d9f74 100644 --- a/webapps/docs/changelog.xml +++ b/webapps/docs/changelog.xml @@ -104,7 +104,9 @@ They eventually become mixed with the numbered issues (i.e., numbered issues do not "pop up" wrt. others). --> - + + + - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 10.1.x updated: Increment version number for next development cycle
This is an automated email from the ASF dual-hosted git repository. michaelo pushed a commit to branch 10.1.x in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/10.1.x by this push: new f1865eb249 Increment version number for next development cycle f1865eb249 is described below commit f1865eb2497f4855b3aa3e1340a6d42940508983 Author: Michael Osipov AuthorDate: Thu Oct 12 11:59:44 2023 +0200 Increment version number for next development cycle --- build.properties.default | 2 +- res/maven/mvn.properties.default | 2 +- webapps/docs/changelog.xml | 4 +++- 3 files changed, 5 insertions(+), 3 deletions(-) diff --git a/build.properties.default b/build.properties.default index 40b7ec4687..3e26aa27f6 100644 --- a/build.properties.default +++ b/build.properties.default @@ -31,7 +31,7 @@ # - Version Control Flags - version.major=10 version.minor=1 -version.build=15 +version.build=16 version.patch=0 version.suffix= version.dev=-dev diff --git a/res/maven/mvn.properties.default b/res/maven/mvn.properties.default index ae8200046a..2e69dcce7b 100644 --- a/res/maven/mvn.properties.default +++ b/res/maven/mvn.properties.default @@ -39,7 +39,7 @@ maven.asf.release.repo.url=https://repository.apache.org/service/local/staging/d maven.asf.release.repo.repositoryId=apache.releases.https # Release version info -maven.asf.release.deploy.version=10.1.15 +maven.asf.release.deploy.version=10.1.16 #Where do we load the libraries from tomcat.lib.path=../../output/build/lib diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml index 63b5577150..2582c4adc5 100644 --- a/webapps/docs/changelog.xml +++ b/webapps/docs/changelog.xml @@ -104,7 +104,9 @@ They eventually become mixed with the numbered issues (i.e., numbered issues do not "pop up" wrt. others). --> - + + + - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch main updated: Increment version number for next development cycle
This is an automated email from the ASF dual-hosted git repository. michaelo pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/main by this push: new c3d9dbc444 Increment version number for next development cycle c3d9dbc444 is described below commit c3d9dbc4448dabe1a47c65c9d22b05eaf33861f7 Author: Michael Osipov AuthorDate: Thu Oct 12 11:54:22 2023 +0200 Increment version number for next development cycle --- build.properties.default | 2 +- res/maven/mvn.properties.default | 2 +- webapps/docs/changelog.xml | 4 +++- 3 files changed, 5 insertions(+), 3 deletions(-) diff --git a/build.properties.default b/build.properties.default index 8ad061797f..b5af5f53c6 100644 --- a/build.properties.default +++ b/build.properties.default @@ -33,7 +33,7 @@ version.major=11 version.minor=0 version.build=0 version.patch=0 -version.suffix=-M13 +version.suffix=-M14 version.dev=-dev # - Build tools - diff --git a/res/maven/mvn.properties.default b/res/maven/mvn.properties.default index 288f82806d..310e4ac9b7 100644 --- a/res/maven/mvn.properties.default +++ b/res/maven/mvn.properties.default @@ -39,7 +39,7 @@ maven.asf.release.repo.url=https://repository.apache.org/service/local/staging/d maven.asf.release.repo.repositoryId=apache.releases.https # Release version info -maven.asf.release.deploy.version=11.0.0-M13 +maven.asf.release.deploy.version=11.0.0-M14 #Where do we load the libraries from tomcat.lib.path=../../output/build/lib diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml index 3771afc552..09b0227b59 100644 --- a/webapps/docs/changelog.xml +++ b/webapps/docs/changelog.xml @@ -104,7 +104,9 @@ They eventually become mixed with the numbered issues (i.e., numbered issues do not "pop up" wrt. others). --> - + + + - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat-native] branch main updated: BZ 67616: o.a.tomcat.jni.SSL contains useless check for old OpenSSL version
This is an automated email from the ASF dual-hosted git repository.
michaelo pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat-native.git
The following commit(s) were added to refs/heads/main by this push:
new 3549935bf BZ 67616: o.a.tomcat.jni.SSL contains useless check for old
OpenSSL version
3549935bf is described below
commit 3549935bfae8d3d9f870b79a346b8ae327a128db
Author: Michael Osipov
AuthorDate: Wed Oct 11 19:11:09 2023 +0200
BZ 67616: o.a.tomcat.jni.SSL contains useless check for old OpenSSL version
---
java/org/apache/tomcat/jni/SSL.java | 7 +--
xdocs/miscellaneous/changelog.xml | 3 +++
2 files changed, 4 insertions(+), 6 deletions(-)
diff --git a/java/org/apache/tomcat/jni/SSL.java
b/java/org/apache/tomcat/jni/SSL.java
index 4fff8081b..64da0ca9c 100644
--- a/java/org/apache/tomcat/jni/SSL.java
+++ b/java/org/apache/tomcat/jni/SSL.java
@@ -73,12 +73,7 @@ public final class SSL {
public static final int SSL_PROTOCOL_ALL;
static {
-if (version() >= 0x1010100f) {
-SSL_PROTOCOL_ALL = (SSL_PROTOCOL_TLSV1 | SSL_PROTOCOL_TLSV1_1 |
SSL_PROTOCOL_TLSV1_2 |
-SSL_PROTOCOL_TLSV1_3);
-} else {
-SSL_PROTOCOL_ALL = (SSL_PROTOCOL_TLSV1 | SSL_PROTOCOL_TLSV1_1 |
SSL_PROTOCOL_TLSV1_2);
-}
+SSL_PROTOCOL_ALL =
(SSL_PROTOCOL_TLSV1|SSL_PROTOCOL_TLSV1_1|SSL_PROTOCOL_TLSV1_2|SSL_PROTOCOL_TLSV1_3);
}
diff --git a/xdocs/miscellaneous/changelog.xml
b/xdocs/miscellaneous/changelog.xml
index d7e1fad4f..638eb1fc4 100644
--- a/xdocs/miscellaneous/changelog.xml
+++ b/xdocs/miscellaneous/changelog.xml
@@ -40,6 +40,9 @@
Align default pass phrase prompt with HTTPd on Windows as well.
(michaelo)
+
+ 67616: o.a.tomcat.jni.SSL contains useless check for old
OpenSSL version. (michaelo)
+
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat-native] branch 1.2.x updated: Fix incorrect comment
This is an automated email from the ASF dual-hosted git repository.
michaelo pushed a commit to branch 1.2.x
in repository https://gitbox.apache.org/repos/asf/tomcat-native.git
The following commit(s) were added to refs/heads/1.2.x by this push:
new 7064b588d Fix incorrect comment
7064b588d is described below
commit 7064b588d5962a4fccd30d895212a60ea95dfdd3
Author: Michael Osipov
AuthorDate: Wed Oct 11 18:42:11 2023 +0200
Fix incorrect comment
---
java/org/apache/tomcat/jni/SSL.java | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/java/org/apache/tomcat/jni/SSL.java
b/java/org/apache/tomcat/jni/SSL.java
index 91a8bc66f..ac0ca9da5 100644
--- a/java/org/apache/tomcat/jni/SSL.java
+++ b/java/org/apache/tomcat/jni/SSL.java
@@ -254,7 +254,7 @@ public final class SSL {
public static final int SSL_SELECTOR_FAILURE_NO_ADVERTISE = 0;
public static final int SSL_SELECTOR_FAILURE_CHOOSE_MY_LAST_PROTOCOL = 1;
-/* Return OpenSSL version number (compile time version, if version <
1.1.0) */
+/* Return OpenSSL version number (run time version) */
public static native int version();
/* Return OpenSSL version string (run time version) */
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat-native] branch main updated: Fix incorrect comment
This is an automated email from the ASF dual-hosted git repository.
michaelo pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat-native.git
The following commit(s) were added to refs/heads/main by this push:
new fd3df8fc4 Fix incorrect comment
fd3df8fc4 is described below
commit fd3df8fc42fc5981bd4519363a5f8be80a1590a7
Author: Michael Osipov
AuthorDate: Wed Oct 11 18:42:11 2023 +0200
Fix incorrect comment
---
java/org/apache/tomcat/jni/SSL.java | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/java/org/apache/tomcat/jni/SSL.java
b/java/org/apache/tomcat/jni/SSL.java
index 974e998c7..4fff8081b 100644
--- a/java/org/apache/tomcat/jni/SSL.java
+++ b/java/org/apache/tomcat/jni/SSL.java
@@ -241,7 +241,7 @@ public final class SSL {
public static final int SSL_SELECTOR_FAILURE_NO_ADVERTISE = 0;
public static final int SSL_SELECTOR_FAILURE_CHOOSE_MY_LAST_PROTOCOL = 1;
-/* Return OpenSSL version number (compile time version, if version <
1.1.0) */
+/* Return OpenSSL version number (run time version) */
public static native int version();
/* Return OpenSSL version string (run time version) */
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat-native] branch main updated: Align default pass phrase prompt with HTTPd on Windows as well
This is an automated email from the ASF dual-hosted git repository. michaelo pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/tomcat-native.git The following commit(s) were added to refs/heads/main by this push: new 161333137 Align default pass phrase prompt with HTTPd on Windows as well 161333137 is described below commit 161333137499255cd01761517a1eacedd1ddfede Author: Michael Osipov AuthorDate: Wed Oct 11 17:19:49 2023 +0200 Align default pass phrase prompt with HTTPd on Windows as well --- native/os/win32/libtcnative.rc| 4 ++-- xdocs/miscellaneous/changelog.xml | 3 +++ 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/native/os/win32/libtcnative.rc b/native/os/win32/libtcnative.rc index aa195e393..a0b8b28cf 100644 --- a/native/os/win32/libtcnative.rc +++ b/native/os/win32/libtcnative.rc @@ -24,13 +24,13 @@ LANGUAGE 0x9,0x1 1001 DIALOGEX 0, 0, 252, 51 STYLE DS_SETFONT | DS_MODALFRAME | DS_FIXEDSYS | DS_CENTER | WS_CAPTION -CAPTION "Password prompt" +CAPTION "Pass Phrase Prompt" FONT 8, "MS Shell Dlg", 0, 0, 0x0 BEGIN ICON1000,-1,8,6,21,20 LTEXT "Some of your private key files are encrypted for security reasons.\nIn order to read them you have to provide the pass phrases.", -1,29,5,220,19 -LTEXT "Enter password:",-1,7,28,75,8 +LTEXT "Enter pass phrase:",-1,7,28,75,8 EDITTEXT1002,67,27,174,12,ES_PASSWORD | ES_AUTOHSCROLL END diff --git a/xdocs/miscellaneous/changelog.xml b/xdocs/miscellaneous/changelog.xml index 9772a91a9..d7e1fad4f 100644 --- a/xdocs/miscellaneous/changelog.xml +++ b/xdocs/miscellaneous/changelog.xml @@ -37,6 +37,9 @@ 67615: Windows binary for version 2 has incorrect version suffix compared to the GNU autoconf version. (michaelo) + + Align default pass phrase prompt with HTTPd on Windows as well. (michaelo) + - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat-native] branch main updated: BZ 67615: Windows binary for version 2 has incorrect version suffix compared to the GNU autoconf version
This is an automated email from the ASF dual-hosted git repository. michaelo pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/tomcat-native.git The following commit(s) were added to refs/heads/main by this push: new d280a8d1e BZ 67615: Windows binary for version 2 has incorrect version suffix compared to the GNU autoconf version d280a8d1e is described below commit d280a8d1e3e8f8e0ff23b53ead03c429f4e8ad35 Author: Michael Osipov AuthorDate: Wed Oct 11 17:08:34 2023 +0200 BZ 67615: Windows binary for version 2 has incorrect version suffix compared to the GNU autoconf version --- native/NMAKEmakefile | 4 ++-- native/libtcnative.dsp| 4 ++-- native/tcnative.dsp | 4 ++-- xdocs/miscellaneous/changelog.xml | 6 ++ 4 files changed, 12 insertions(+), 6 deletions(-) diff --git a/native/NMAKEmakefile b/native/NMAKEmakefile index 51653caf5..011cbb06a 100644 --- a/native/NMAKEmakefile +++ b/native/NMAKEmakefile @@ -29,9 +29,9 @@ # !IF !DEFINED(APR_DECLARE_STATIC) || "$(APR_DECLARE_STATIC)" == "" -PROJECT = libtcnative-1 +PROJECT = libtcnative-2 !ELSE -PROJECT = tcnative-1 +PROJECT = tcnative-2 !ENDIF TARGET = DLL diff --git a/native/libtcnative.dsp b/native/libtcnative.dsp index 1e88b7c57..02c512b42 100644 --- a/native/libtcnative.dsp +++ b/native/libtcnative.dsp @@ -53,7 +53,7 @@ BSC32=bscmake.exe # ADD BSC32 /nologo LINK32=link.exe # ADD BASE LINK32 kernel32.lib advapi32.lib ws2_32.lib mswsock.lib wldap32.lib psapi.lib ole32.lib shlwapi.lib /nologo /base:"0x6EE0" /subsystem:windows /dll /debug /machine:I386 /opt:ref -# ADD LINK32 kernel32.lib advapi32.lib ws2_32.lib mswsock.lib wldap32.lib psapi.lib ole32.lib shlwapi.lib rpcrt4.lib libeay32.lib ssleay32.lib /nologo /base:"0x6EE0" /subsystem:windows /dll /debug /machine:I386 /out:"Release/libtcnative-1.dll" /libpath:"./srclib/openssl/out32" /libpath:"./srclib/openssl/out32dll" /opt:ref +# ADD LINK32 kernel32.lib advapi32.lib ws2_32.lib mswsock.lib wldap32.lib psapi.lib ole32.lib shlwapi.lib rpcrt4.lib libeay32.lib ssleay32.lib /nologo /base:"0x6EE0" /subsystem:windows /dll /debug /machine:I386 /out:"Release/libtcnative-2.dll" /libpath:"./srclib/openssl/out32" /libpath:"./srclib/openssl/out32dll" /opt:ref !ELSEIF "$(CFG)" == "libtcnative - Win32 Debug" @@ -79,7 +79,7 @@ BSC32=bscmake.exe # ADD BSC32 /nologo LINK32=link.exe # ADD BASE LINK32 kernel32.lib advapi32.lib ws2_32.lib mswsock.lib wldap32.lib psapi.lib ole32.lib shlwapi.lib /nologo /base:"0x6EE0" /subsystem:windows /dll /incremental:no /debug /machine:I386 -# ADD LINK32 kernel32.lib advapi32.lib ws2_32.lib mswsock.lib wldap32.lib psapi.lib ole32.lib shlwapi.lib rpcrt4.lib libeay32.lib ssleay32.lib /nologo /base:"0x6EE0" /subsystem:windows /dll /incremental:no /debug /machine:I386 /out:"Debug/libtcnative-1.dll" /libpath:"./srclib/openssl/out32" /libpath:"./srclib/openssl/out32dll" +# ADD LINK32 kernel32.lib advapi32.lib ws2_32.lib mswsock.lib wldap32.lib psapi.lib ole32.lib shlwapi.lib rpcrt4.lib libeay32.lib ssleay32.lib /nologo /base:"0x6EE0" /subsystem:windows /dll /incremental:no /debug /machine:I386 /out:"Debug/libtcnative-2.dll" /libpath:"./srclib/openssl/out32" /libpath:"./srclib/openssl/out32dll" !ENDIF diff --git a/native/tcnative.dsp b/native/tcnative.dsp index 56c9db8c7..dbaeae301 100644 --- a/native/tcnative.dsp +++ b/native/tcnative.dsp @@ -53,7 +53,7 @@ BSC32=bscmake.exe # ADD BSC32 /nologo LINK32=link.exe # ADD BASE LINK32 kernel32.lib advapi32.lib ws2_32.lib mswsock.lib wldap32.lib psapi.lib ole32.lib shlwapi.lib /nologo /base:"0x6EE0" /subsystem:windows /dll /debug /machine:I386 /opt:ref -# ADD LINK32 kernel32.lib advapi32.lib ws2_32.lib mswsock.lib wldap32.lib psapi.lib ole32.lib shlwapi.lib rpcrt4.lib libeay32.lib ssleay32.lib /nologo /base:"0x6EE0" /subsystem:windows /dll /debug /machine:I386 /out:"LibR/tcnative-1.dll" /libpath:"./srclib/openssl/out32" /libpath:"./srclib/openssl/out32dll" /opt:ref +# ADD LINK32 kernel32.lib advapi32.lib ws2_32.lib mswsock.lib wldap32.lib psapi.lib ole32.lib shlwapi.lib rpcrt4.lib libeay32.lib ssleay32.lib /nologo /base:"0x6EE0" /subsystem:windows /dll /debug /machine:I386 /out:"LibR/tcnative-2.dll" /libpath:"./srclib/openssl/out32" /libpath:"./srclib/openssl/out32dll" /opt:ref !ELSEIF "$(CFG)" == "tcnative - Win32 Debug" @@ -79,7 +79,7 @@ BSC32=bscmake.exe # ADD BSC32 /nologo LINK32=link.exe # ADD BASE LINK32 kernel32.lib advapi32.lib ws2_32.lib mswsock.lib wldap32.lib psapi.lib ole32.lib shlwapi.lib /nologo /base:"0x6EE
[tomcat] branch 9.0.x updated: Remove used property
This is an automated email from the ASF dual-hosted git repository.
michaelo pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/9.0.x by this push:
new 0df28a6201 Remove used property
0df28a6201 is described below
commit 0df28a6201defbce8b835e9336d260b4574fc6e3
Author: Michael Osipov
AuthorDate: Fri Jun 30 13:24:02 2023 +0200
Remove used property
---
java/org/apache/catalina/core/LocalStrings.properties | 1 -
1 file changed, 1 deletion(-)
diff --git a/java/org/apache/catalina/core/LocalStrings.properties
b/java/org/apache/catalina/core/LocalStrings.properties
index 8f71f2d9b6..4d72b24c78 100644
--- a/java/org/apache/catalina/core/LocalStrings.properties
+++ b/java/org/apache/catalina/core/LocalStrings.properties
@@ -172,7 +172,6 @@ propertiesRoleMappingListener.linkedRole=Successfully
linked application role [{
propertiesRoleMappingListener.linkedRoleCount=Linked [{0}] application roles
to technical roles
propertiesRoleMappingListener.roleMappingFileEmpty=Role mapping file cannot be
empty
propertiesRoleMappingListener.roleMappingFileFail=Failed to load role mapping
file [{0}]
-propertiesRoleMappingListener.roleMappingFileNotFound=Role mapping file [{0}]
not found
propertiesRoleMappingListener.roleMappingFileNull=Role mapping file cannot be
null
pushBuilder.noPath=It is illegal to call push() before setting a path
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 10.1.x updated: Remove used property
This is an automated email from the ASF dual-hosted git repository.
michaelo pushed a commit to branch 10.1.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/10.1.x by this push:
new 8b1833f75b Remove used property
8b1833f75b is described below
commit 8b1833f75bfce59a05791dede5eb9904b51da3da
Author: Michael Osipov
AuthorDate: Fri Jun 30 13:24:02 2023 +0200
Remove used property
---
java/org/apache/catalina/core/LocalStrings.properties | 1 -
1 file changed, 1 deletion(-)
diff --git a/java/org/apache/catalina/core/LocalStrings.properties
b/java/org/apache/catalina/core/LocalStrings.properties
index a45cfbff54..44cd9a37a5 100644
--- a/java/org/apache/catalina/core/LocalStrings.properties
+++ b/java/org/apache/catalina/core/LocalStrings.properties
@@ -166,7 +166,6 @@ propertiesRoleMappingListener.linkedRole=Successfully
linked application role [{
propertiesRoleMappingListener.linkedRoleCount=Linked [{0}] application roles
to technical roles
propertiesRoleMappingListener.roleMappingFileEmpty=Role mapping file cannot be
empty
propertiesRoleMappingListener.roleMappingFileFail=Failed to load role mapping
file [{0}]
-propertiesRoleMappingListener.roleMappingFileNotFound=Role mapping file [{0}]
not found
propertiesRoleMappingListener.roleMappingFileNull=Role mapping file cannot be
null
pushBuilder.noPath=It is illegal to call push() before setting a path
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch main updated: Remove used property
This is an automated email from the ASF dual-hosted git repository.
michaelo pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/main by this push:
new b9a8bd4fda Remove used property
b9a8bd4fda is described below
commit b9a8bd4fdaf31b0cc08cc72f95c802d35bb885f2
Author: Michael Osipov
AuthorDate: Fri Jun 30 13:24:02 2023 +0200
Remove used property
---
java/org/apache/catalina/core/LocalStrings.properties | 1 -
1 file changed, 1 deletion(-)
diff --git a/java/org/apache/catalina/core/LocalStrings.properties
b/java/org/apache/catalina/core/LocalStrings.properties
index aa6e810ba7..fd59aa65dc 100644
--- a/java/org/apache/catalina/core/LocalStrings.properties
+++ b/java/org/apache/catalina/core/LocalStrings.properties
@@ -166,7 +166,6 @@ pushBuilder.noPath=It is illegal to call push() before
setting a path
propertiesRoleMappingListener.roleMappingFileNull=Role mapping file cannot be
null
propertiesRoleMappingListener.roleMappingFileEmpty=Role mapping file cannot be
empty
-propertiesRoleMappingListener.roleMappingFileNotFound=Role mapping file [{0}]
not found
propertiesRoleMappingListener.roleMappingFileFail=Failed to load role mapping
file [{0}]
propertiesRoleMappingListener.linkedRole=Successfully linked application role
[{0}] to technical role [{1}]
propertiesRoleMappingListener.linkedRoleCount=Linked [{0}] application roles
to technical roles
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 8.5.x updated: Align PropertiesRoleMappingListener for API difference
This is an automated email from the ASF dual-hosted git repository.
michaelo pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/8.5.x by this push:
new d79954dfc7 Align PropertiesRoleMappingListener for API difference
d79954dfc7 is described below
commit d79954dfc7171417231eaaa0ec6586e50f69f8e6
Author: Michael Osipov
AuthorDate: Thu Jun 29 12:27:59 2023 +0200
Align PropertiesRoleMappingListener for API difference
---
java/org/apache/catalina/core/PropertiesRoleMappingListener.java | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/java/org/apache/catalina/core/PropertiesRoleMappingListener.java
b/java/org/apache/catalina/core/PropertiesRoleMappingListener.java
index 60b135d27f..2dc44e9adb 100644
--- a/java/org/apache/catalina/core/PropertiesRoleMappingListener.java
+++ b/java/org/apache/catalina/core/PropertiesRoleMappingListener.java
@@ -115,7 +115,7 @@ public class PropertiesRoleMappingListener implements
LifecycleListener {
is = context.getServletContext().getResourceAsStream(path);
} else {
try {
-is =
ConfigFileLoader.getSource().getResource(roleMappingFile).getInputStream();
+is = ConfigFileLoader.getInputStream(roleMappingFile);
} catch (FileNotFoundException e1) {
is = null;
} catch (IOException e2) {
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] 01/02: Add BZ issue ID
This is an automated email from the ASF dual-hosted git repository. michaelo pushed a commit to branch 9.0.x in repository https://gitbox.apache.org/repos/asf/tomcat.git commit 4480ff33ff30413993c2773564164f72ae07b76d Author: Michael Osipov AuthorDate: Thu Jun 29 11:22:38 2023 +0200 Add BZ issue ID --- webapps/docs/changelog.xml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml index e28909a12b..605533ba40 100644 --- a/webapps/docs/changelog.xml +++ b/webapps/docs/changelog.xml @@ -108,7 +108,8 @@ -Add org.apache.catalina.core.ContextNamingInfoListener, +59232: Add +org.apache.catalina.core.ContextNamingInfoListener, a listener which creates context naming information environment entries. (michaelo) - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] 01/02: Add BZ issue ID
This is an automated email from the ASF dual-hosted git repository. michaelo pushed a commit to branch 8.5.x in repository https://gitbox.apache.org/repos/asf/tomcat.git commit d936b7058990a749414161fb38250cca9593669e Author: Michael Osipov AuthorDate: Thu Jun 29 11:22:38 2023 +0200 Add BZ issue ID --- webapps/docs/changelog.xml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml index a47a8898d1..e8934b7e27 100644 --- a/webapps/docs/changelog.xml +++ b/webapps/docs/changelog.xml @@ -108,7 +108,8 @@ -Add org.apache.catalina.core.ContextNamingInfoListener, +59232: Add +org.apache.catalina.core.ContextNamingInfoListener, a listener which creates context naming information environment entries. (michaelo) - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] 02/02: Bug 66665: Provide option to supply role mapping from a properties file
This is an automated email from the ASF dual-hosted git repository.
michaelo pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
commit 5ae93dda3d7e2834666f9c223dcf90db830c2193
Author: Michael Osipov
AuthorDate: Fri Jun 23 15:07:25 2023 +0200
Bug 5: Provide option to supply role mapping from a properties file
---
.../apache/catalina/core/LocalStrings.properties | 7 +
.../core/PropertiesRoleMappingListener.java| 168 +
.../core/TestPropertiesRoleMappingListener.java| 168 +
.../com/example/prefixed-role-mapping.properties | 2 +
.../classes/com/example/role-mapping.properties| 2 +
.../WEB-INF/prefixed-role-mapping.properties | 2 +
.../WEB-INF/role-mapping.properties| 2 +
test/webapp-role-mapping/admin | 1 +
test/webapp-role-mapping/unmapped | 1 +
test/webapp-role-mapping/user | 1 +
webapps/docs/changelog.xml | 6 +
webapps/docs/config/listeners.xml | 31
12 files changed, 391 insertions(+)
diff --git a/java/org/apache/catalina/core/LocalStrings.properties
b/java/org/apache/catalina/core/LocalStrings.properties
index 98accac8e3..47ccb88279 100644
--- a/java/org/apache/catalina/core/LocalStrings.properties
+++ b/java/org/apache/catalina/core/LocalStrings.properties
@@ -173,6 +173,13 @@ noPluggabilityServletContext.notAllowed=Section 4.4 of the
Servlet 3.0 specifica
pushBuilder.noPath=It is illegal to call push() before setting a path
+propertiesRoleMappingListener.roleMappingFileNull=Role mapping file cannot be
null
+propertiesRoleMappingListener.roleMappingFileEmpty=Role mapping file cannot be
empty
+propertiesRoleMappingListener.roleMappingFileNotFound=Role mapping file [{0}]
not found
+propertiesRoleMappingListener.roleMappingFileFail=Failed to load role mapping
file [{0}]
+propertiesRoleMappingListener.linkedRole=Successfully linked application role
[{0}] to technical role [{1}]
+propertiesRoleMappingListener.linkedRoleCount=Linked [{0}] application roles
to technical roles
+
standardContext.applicationListener=Error configuring application listener of
class [{0}]
standardContext.applicationSkipped=Skipped installing application listeners
due to previous error(s)
standardContext.backgroundProcess.instanceManager=Exception processing
instance manager [{0}] background process
diff --git a/java/org/apache/catalina/core/PropertiesRoleMappingListener.java
b/java/org/apache/catalina/core/PropertiesRoleMappingListener.java
new file mode 100644
index 00..60b135d27f
--- /dev/null
+++ b/java/org/apache/catalina/core/PropertiesRoleMappingListener.java
@@ -0,0 +1,168 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.catalina.core;
+
+import java.io.FileNotFoundException;
+import java.io.IOException;
+import java.io.InputStream;
+import java.util.Map.Entry;
+import java.util.Objects;
+import java.util.Properties;
+
+import org.apache.catalina.Context;
+import org.apache.catalina.Lifecycle;
+import org.apache.catalina.LifecycleEvent;
+import org.apache.catalina.LifecycleListener;
+import org.apache.juli.logging.Log;
+import org.apache.juli.logging.LogFactory;
+import org.apache.tomcat.util.file.ConfigFileLoader;
+import org.apache.tomcat.util.res.StringManager;
+
+/**
+ * Implementation of {@code LifecycleListener} that will populate the
context's role mapping from a properties file.
+ *
+ * This listener must only be nested within {@link Context} elements.
+ *
+ * The keys represent application roles (e.g., admin, user, uservisor, etc.)
while the values represent technical roles
+ * (e.g., DNs, SIDs, UUIDs, etc.). A key can also be prefixed if, e.g., the
properties file contains generic
+ * application configuration as well: {@code app-roles.}.
+ *
+ * Note: The default value for the {@code roleMappingFile} is {@code
webapp:/WEB-INF/role-mapping.properties}.
+ */
+public class PropertiesRoleMappingListener implements LifecycleListener {
+
+private static final String WEBAPP_PROTOCOL = "webapp:";
+
+
[tomcat] branch 8.5.x updated (54ff8b3240 -> 5ae93dda3d)
This is an automated email from the ASF dual-hosted git repository. michaelo pushed a change to branch 8.5.x in repository https://gitbox.apache.org/repos/asf/tomcat.git from 54ff8b3240 Improve Javadoc new d936b70589 Add BZ issue ID new 5ae93dda3d Bug 5: Provide option to supply role mapping from a properties file The 2 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "add" were already present in the repository and have only been added to this reference. Summary of changes: .../apache/catalina/core/LocalStrings.properties | 7 + .../core/PropertiesRoleMappingListener.java| 168 + .../core/TestPropertiesRoleMappingListener.java| 168 + .../com/example/prefixed-role-mapping.properties | 2 + .../classes/com/example/role-mapping.properties| 2 + .../WEB-INF/prefixed-role-mapping.properties | 2 + .../WEB-INF/role-mapping.properties| 2 + test/webapp-role-mapping/admin | 1 + test/webapp-role-mapping/unmapped | 1 + test/webapp-role-mapping/user | 1 + webapps/docs/changelog.xml | 9 +- webapps/docs/config/listeners.xml | 31 12 files changed, 393 insertions(+), 1 deletion(-) create mode 100644 java/org/apache/catalina/core/PropertiesRoleMappingListener.java create mode 100644 test/org/apache/catalina/core/TestPropertiesRoleMappingListener.java create mode 100644 test/webapp-role-mapping/WEB-INF/classes/com/example/prefixed-role-mapping.properties create mode 100644 test/webapp-role-mapping/WEB-INF/classes/com/example/role-mapping.properties create mode 100644 test/webapp-role-mapping/WEB-INF/prefixed-role-mapping.properties create mode 100644 test/webapp-role-mapping/WEB-INF/role-mapping.properties create mode 100644 test/webapp-role-mapping/admin create mode 100644 test/webapp-role-mapping/unmapped create mode 100644 test/webapp-role-mapping/user - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 9.0.x updated (b00c5c80b4 -> e393ce35cb)
This is an automated email from the ASF dual-hosted git repository. michaelo pushed a change to branch 9.0.x in repository https://gitbox.apache.org/repos/asf/tomcat.git from b00c5c80b4 Improve Javadoc new 4480ff33ff Add BZ issue ID new e393ce35cb Bug 5: Provide option to supply role mapping from a properties file The 2 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "add" were already present in the repository and have only been added to this reference. Summary of changes: .../apache/catalina/core/LocalStrings.properties | 7 + .../core/PropertiesRoleMappingListener.java| 168 + .../core/TestPropertiesRoleMappingListener.java| 168 + .../com/example/prefixed-role-mapping.properties | 2 + .../classes/com/example/role-mapping.properties| 2 + .../WEB-INF/prefixed-role-mapping.properties | 2 + .../WEB-INF/role-mapping.properties| 2 + test/webapp-role-mapping/admin | 1 + test/webapp-role-mapping/unmapped | 1 + test/webapp-role-mapping/user | 1 + webapps/docs/changelog.xml | 9 +- webapps/docs/config/listeners.xml | 31 12 files changed, 393 insertions(+), 1 deletion(-) create mode 100644 java/org/apache/catalina/core/PropertiesRoleMappingListener.java create mode 100644 test/org/apache/catalina/core/TestPropertiesRoleMappingListener.java create mode 100644 test/webapp-role-mapping/WEB-INF/classes/com/example/prefixed-role-mapping.properties create mode 100644 test/webapp-role-mapping/WEB-INF/classes/com/example/role-mapping.properties create mode 100644 test/webapp-role-mapping/WEB-INF/prefixed-role-mapping.properties create mode 100644 test/webapp-role-mapping/WEB-INF/role-mapping.properties create mode 100644 test/webapp-role-mapping/admin create mode 100644 test/webapp-role-mapping/unmapped create mode 100644 test/webapp-role-mapping/user - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] 02/02: Bug 66665: Provide option to supply role mapping from a properties file
This is an automated email from the ASF dual-hosted git repository.
michaelo pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
commit e393ce35cb769c3e54d0904db3ec349efb53ffbc
Author: Michael Osipov
AuthorDate: Fri Jun 23 15:07:25 2023 +0200
Bug 5: Provide option to supply role mapping from a properties file
---
.../apache/catalina/core/LocalStrings.properties | 7 +
.../core/PropertiesRoleMappingListener.java| 168 +
.../core/TestPropertiesRoleMappingListener.java| 168 +
.../com/example/prefixed-role-mapping.properties | 2 +
.../classes/com/example/role-mapping.properties| 2 +
.../WEB-INF/prefixed-role-mapping.properties | 2 +
.../WEB-INF/role-mapping.properties| 2 +
test/webapp-role-mapping/admin | 1 +
test/webapp-role-mapping/unmapped | 1 +
test/webapp-role-mapping/user | 1 +
webapps/docs/changelog.xml | 6 +
webapps/docs/config/listeners.xml | 31
12 files changed, 391 insertions(+)
diff --git a/java/org/apache/catalina/core/LocalStrings.properties
b/java/org/apache/catalina/core/LocalStrings.properties
index d1a5762c84..744a93b31b 100644
--- a/java/org/apache/catalina/core/LocalStrings.properties
+++ b/java/org/apache/catalina/core/LocalStrings.properties
@@ -170,6 +170,13 @@ noPluggabilityServletContext.notAllowed=Section 4.4 of the
Servlet 3.0 specifica
pushBuilder.noPath=It is illegal to call push() before setting a path
+propertiesRoleMappingListener.roleMappingFileNull=Role mapping file cannot be
null
+propertiesRoleMappingListener.roleMappingFileEmpty=Role mapping file cannot be
empty
+propertiesRoleMappingListener.roleMappingFileNotFound=Role mapping file [{0}]
not found
+propertiesRoleMappingListener.roleMappingFileFail=Failed to load role mapping
file [{0}]
+propertiesRoleMappingListener.linkedRole=Successfully linked application role
[{0}] to technical role [{1}]
+propertiesRoleMappingListener.linkedRoleCount=Linked [{0}] application roles
to technical roles
+
standardContext.applicationListener=Error configuring application listener of
class [{0}]
standardContext.applicationSkipped=Skipped installing application listeners
due to previous error(s)
standardContext.backgroundProcess.instanceManager=Exception processing
instance manager [{0}] background process
diff --git a/java/org/apache/catalina/core/PropertiesRoleMappingListener.java
b/java/org/apache/catalina/core/PropertiesRoleMappingListener.java
new file mode 100644
index 00..60b135d27f
--- /dev/null
+++ b/java/org/apache/catalina/core/PropertiesRoleMappingListener.java
@@ -0,0 +1,168 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.catalina.core;
+
+import java.io.FileNotFoundException;
+import java.io.IOException;
+import java.io.InputStream;
+import java.util.Map.Entry;
+import java.util.Objects;
+import java.util.Properties;
+
+import org.apache.catalina.Context;
+import org.apache.catalina.Lifecycle;
+import org.apache.catalina.LifecycleEvent;
+import org.apache.catalina.LifecycleListener;
+import org.apache.juli.logging.Log;
+import org.apache.juli.logging.LogFactory;
+import org.apache.tomcat.util.file.ConfigFileLoader;
+import org.apache.tomcat.util.res.StringManager;
+
+/**
+ * Implementation of {@code LifecycleListener} that will populate the
context's role mapping from a properties file.
+ *
+ * This listener must only be nested within {@link Context} elements.
+ *
+ * The keys represent application roles (e.g., admin, user, uservisor, etc.)
while the values represent technical roles
+ * (e.g., DNs, SIDs, UUIDs, etc.). A key can also be prefixed if, e.g., the
properties file contains generic
+ * application configuration as well: {@code app-roles.}.
+ *
+ * Note: The default value for the {@code roleMappingFile} is {@code
webapp:/WEB-INF/role-mapping.properties}.
+ */
+public class PropertiesRoleMappingListener implements LifecycleListener {
+
+private static final String WEBAPP_PROTOCOL = "webapp:";
+
+
[tomcat] 01/02: Add BZ issue ID
This is an automated email from the ASF dual-hosted git repository. michaelo pushed a commit to branch 10.1.x in repository https://gitbox.apache.org/repos/asf/tomcat.git commit 6e435d8ae45fbf9f35845173eddf58228153575c Author: Michael Osipov AuthorDate: Thu Jun 29 11:22:38 2023 +0200 Add BZ issue ID --- webapps/docs/changelog.xml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml index 751a70e277..6d65651c81 100644 --- a/webapps/docs/changelog.xml +++ b/webapps/docs/changelog.xml @@ -108,7 +108,8 @@ -Add org.apache.catalina.core.ContextNamingInfoListener, +59232: Add +org.apache.catalina.core.ContextNamingInfoListener, a listener which creates context naming information environment entries. (michaelo) - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 10.1.x updated (26555450d3 -> 6cb448a3f2)
This is an automated email from the ASF dual-hosted git repository. michaelo pushed a change to branch 10.1.x in repository https://gitbox.apache.org/repos/asf/tomcat.git from 26555450d3 Improve Javadoc new 6e435d8ae4 Add BZ issue ID new 6cb448a3f2 Bug 5: Provide option to supply role mapping from a properties file The 2 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "add" were already present in the repository and have only been added to this reference. Summary of changes: .../apache/catalina/core/LocalStrings.properties | 7 + .../core/PropertiesRoleMappingListener.java| 168 + .../core/TestPropertiesRoleMappingListener.java| 168 + .../com/example/prefixed-role-mapping.properties | 2 + .../classes/com/example/role-mapping.properties| 2 + .../WEB-INF/prefixed-role-mapping.properties | 2 + .../WEB-INF/role-mapping.properties| 2 + test/webapp-role-mapping/admin | 1 + test/webapp-role-mapping/unmapped | 1 + test/webapp-role-mapping/user | 1 + webapps/docs/changelog.xml | 9 +- webapps/docs/config/listeners.xml | 31 12 files changed, 393 insertions(+), 1 deletion(-) create mode 100644 java/org/apache/catalina/core/PropertiesRoleMappingListener.java create mode 100644 test/org/apache/catalina/core/TestPropertiesRoleMappingListener.java create mode 100644 test/webapp-role-mapping/WEB-INF/classes/com/example/prefixed-role-mapping.properties create mode 100644 test/webapp-role-mapping/WEB-INF/classes/com/example/role-mapping.properties create mode 100644 test/webapp-role-mapping/WEB-INF/prefixed-role-mapping.properties create mode 100644 test/webapp-role-mapping/WEB-INF/role-mapping.properties create mode 100644 test/webapp-role-mapping/admin create mode 100644 test/webapp-role-mapping/unmapped create mode 100644 test/webapp-role-mapping/user - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] 02/02: Bug 66665: Provide option to supply role mapping from a properties file
This is an automated email from the ASF dual-hosted git repository.
michaelo pushed a commit to branch 10.1.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
commit 6cb448a3f2ac4d936a01098fb032f32cac9960e4
Author: Michael Osipov
AuthorDate: Fri Jun 23 15:07:25 2023 +0200
Bug 5: Provide option to supply role mapping from a properties file
---
.../apache/catalina/core/LocalStrings.properties | 7 +
.../core/PropertiesRoleMappingListener.java| 168 +
.../core/TestPropertiesRoleMappingListener.java| 168 +
.../com/example/prefixed-role-mapping.properties | 2 +
.../classes/com/example/role-mapping.properties| 2 +
.../WEB-INF/prefixed-role-mapping.properties | 2 +
.../WEB-INF/role-mapping.properties| 2 +
test/webapp-role-mapping/admin | 1 +
test/webapp-role-mapping/unmapped | 1 +
test/webapp-role-mapping/user | 1 +
webapps/docs/changelog.xml | 6 +
webapps/docs/config/listeners.xml | 31
12 files changed, 391 insertions(+)
diff --git a/java/org/apache/catalina/core/LocalStrings.properties
b/java/org/apache/catalina/core/LocalStrings.properties
index c5ab4a3506..7e419226f0 100644
--- a/java/org/apache/catalina/core/LocalStrings.properties
+++ b/java/org/apache/catalina/core/LocalStrings.properties
@@ -164,6 +164,13 @@ noPluggabilityServletContext.notAllowed=Section 4.4 of the
Servlet 3.0 specifica
pushBuilder.noPath=It is illegal to call push() before setting a path
+propertiesRoleMappingListener.roleMappingFileNull=Role mapping file cannot be
null
+propertiesRoleMappingListener.roleMappingFileEmpty=Role mapping file cannot be
empty
+propertiesRoleMappingListener.roleMappingFileNotFound=Role mapping file [{0}]
not found
+propertiesRoleMappingListener.roleMappingFileFail=Failed to load role mapping
file [{0}]
+propertiesRoleMappingListener.linkedRole=Successfully linked application role
[{0}] to technical role [{1}]
+propertiesRoleMappingListener.linkedRoleCount=Linked [{0}] application roles
to technical roles
+
standardContext.applicationListener=Error configuring application listener of
class [{0}]
standardContext.applicationSkipped=Skipped installing application listeners
due to previous error(s)
standardContext.backgroundProcess.instanceManager=Exception processing
instance manager [{0}] background process
diff --git a/java/org/apache/catalina/core/PropertiesRoleMappingListener.java
b/java/org/apache/catalina/core/PropertiesRoleMappingListener.java
new file mode 100644
index 00..60b135d27f
--- /dev/null
+++ b/java/org/apache/catalina/core/PropertiesRoleMappingListener.java
@@ -0,0 +1,168 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.catalina.core;
+
+import java.io.FileNotFoundException;
+import java.io.IOException;
+import java.io.InputStream;
+import java.util.Map.Entry;
+import java.util.Objects;
+import java.util.Properties;
+
+import org.apache.catalina.Context;
+import org.apache.catalina.Lifecycle;
+import org.apache.catalina.LifecycleEvent;
+import org.apache.catalina.LifecycleListener;
+import org.apache.juli.logging.Log;
+import org.apache.juli.logging.LogFactory;
+import org.apache.tomcat.util.file.ConfigFileLoader;
+import org.apache.tomcat.util.res.StringManager;
+
+/**
+ * Implementation of {@code LifecycleListener} that will populate the
context's role mapping from a properties file.
+ *
+ * This listener must only be nested within {@link Context} elements.
+ *
+ * The keys represent application roles (e.g., admin, user, uservisor, etc.)
while the values represent technical roles
+ * (e.g., DNs, SIDs, UUIDs, etc.). A key can also be prefixed if, e.g., the
properties file contains generic
+ * application configuration as well: {@code app-roles.}.
+ *
+ * Note: The default value for the {@code roleMappingFile} is {@code
webapp:/WEB-INF/role-mapping.properties}.
+ */
+public class PropertiesRoleMappingListener implements LifecycleListener {
+
+private static final String WEBAPP_PROTOCOL = "webapp:";
+
+
[tomcat] 02/02: Bug 66665: Provide option to supply role mapping from a properties file
This is an automated email from the ASF dual-hosted git repository.
michaelo pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git
commit c8adc4c4869f432b900606ae52a89e54c324f3dd
Author: Michael Osipov
AuthorDate: Fri Jun 23 15:07:25 2023 +0200
Bug 5: Provide option to supply role mapping from a properties file
---
.../apache/catalina/core/LocalStrings.properties | 7 +
.../core/PropertiesRoleMappingListener.java| 168 +
.../core/TestPropertiesRoleMappingListener.java| 168 +
.../com/example/prefixed-role-mapping.properties | 2 +
.../classes/com/example/role-mapping.properties| 2 +
.../WEB-INF/prefixed-role-mapping.properties | 2 +
.../WEB-INF/role-mapping.properties| 2 +
test/webapp-role-mapping/admin | 1 +
test/webapp-role-mapping/unmapped | 1 +
test/webapp-role-mapping/user | 1 +
webapps/docs/changelog.xml | 6 +
webapps/docs/config/listeners.xml | 31
12 files changed, 391 insertions(+)
diff --git a/java/org/apache/catalina/core/LocalStrings.properties
b/java/org/apache/catalina/core/LocalStrings.properties
index 66e5067aac..aa6e810ba7 100644
--- a/java/org/apache/catalina/core/LocalStrings.properties
+++ b/java/org/apache/catalina/core/LocalStrings.properties
@@ -164,6 +164,13 @@ noPluggabilityServletContext.notAllowed=Section 4.4 of the
Servlet 3.0 specifica
pushBuilder.noPath=It is illegal to call push() before setting a path
+propertiesRoleMappingListener.roleMappingFileNull=Role mapping file cannot be
null
+propertiesRoleMappingListener.roleMappingFileEmpty=Role mapping file cannot be
empty
+propertiesRoleMappingListener.roleMappingFileNotFound=Role mapping file [{0}]
not found
+propertiesRoleMappingListener.roleMappingFileFail=Failed to load role mapping
file [{0}]
+propertiesRoleMappingListener.linkedRole=Successfully linked application role
[{0}] to technical role [{1}]
+propertiesRoleMappingListener.linkedRoleCount=Linked [{0}] application roles
to technical roles
+
standardContext.applicationListener=Error configuring application listener of
class [{0}]
standardContext.applicationSkipped=Skipped installing application listeners
due to previous error(s)
standardContext.backgroundProcess.instanceManager=Exception processing
instance manager [{0}] background process
diff --git a/java/org/apache/catalina/core/PropertiesRoleMappingListener.java
b/java/org/apache/catalina/core/PropertiesRoleMappingListener.java
new file mode 100644
index 00..60b135d27f
--- /dev/null
+++ b/java/org/apache/catalina/core/PropertiesRoleMappingListener.java
@@ -0,0 +1,168 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.catalina.core;
+
+import java.io.FileNotFoundException;
+import java.io.IOException;
+import java.io.InputStream;
+import java.util.Map.Entry;
+import java.util.Objects;
+import java.util.Properties;
+
+import org.apache.catalina.Context;
+import org.apache.catalina.Lifecycle;
+import org.apache.catalina.LifecycleEvent;
+import org.apache.catalina.LifecycleListener;
+import org.apache.juli.logging.Log;
+import org.apache.juli.logging.LogFactory;
+import org.apache.tomcat.util.file.ConfigFileLoader;
+import org.apache.tomcat.util.res.StringManager;
+
+/**
+ * Implementation of {@code LifecycleListener} that will populate the
context's role mapping from a properties file.
+ *
+ * This listener must only be nested within {@link Context} elements.
+ *
+ * The keys represent application roles (e.g., admin, user, uservisor, etc.)
while the values represent technical roles
+ * (e.g., DNs, SIDs, UUIDs, etc.). A key can also be prefixed if, e.g., the
properties file contains generic
+ * application configuration as well: {@code app-roles.}.
+ *
+ * Note: The default value for the {@code roleMappingFile} is {@code
webapp:/WEB-INF/role-mapping.properties}.
+ */
+public class PropertiesRoleMappingListener implements LifecycleListener {
+
+private static final String WEBAPP_PROTOCOL = "webapp:";
+
+
[tomcat] branch main updated (d1f0c34b18 -> c8adc4c486)
This is an automated email from the ASF dual-hosted git repository. michaelo pushed a change to branch main in repository https://gitbox.apache.org/repos/asf/tomcat.git from d1f0c34b18 Pull up as default method since it avoids API compatibility issues new ecca27f193 Add BZ issue ID new c8adc4c486 Bug 5: Provide option to supply role mapping from a properties file The 2 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "add" were already present in the repository and have only been added to this reference. Summary of changes: .../apache/catalina/core/LocalStrings.properties | 7 + .../core/PropertiesRoleMappingListener.java| 168 + .../core/TestPropertiesRoleMappingListener.java| 168 + .../com/example/prefixed-role-mapping.properties | 2 + .../classes/com/example/role-mapping.properties| 2 + .../WEB-INF/prefixed-role-mapping.properties | 2 + .../WEB-INF/role-mapping.properties| 2 + test/webapp-role-mapping/admin | 1 + test/webapp-role-mapping/unmapped | 1 + test/webapp-role-mapping/user | 1 + webapps/docs/changelog.xml | 9 +- webapps/docs/config/listeners.xml | 31 12 files changed, 393 insertions(+), 1 deletion(-) create mode 100644 java/org/apache/catalina/core/PropertiesRoleMappingListener.java create mode 100644 test/org/apache/catalina/core/TestPropertiesRoleMappingListener.java create mode 100644 test/webapp-role-mapping/WEB-INF/classes/com/example/prefixed-role-mapping.properties create mode 100644 test/webapp-role-mapping/WEB-INF/classes/com/example/role-mapping.properties create mode 100644 test/webapp-role-mapping/WEB-INF/prefixed-role-mapping.properties create mode 100644 test/webapp-role-mapping/WEB-INF/role-mapping.properties create mode 100644 test/webapp-role-mapping/admin create mode 100644 test/webapp-role-mapping/unmapped create mode 100644 test/webapp-role-mapping/user - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] 01/02: Add BZ issue ID
This is an automated email from the ASF dual-hosted git repository. michaelo pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/tomcat.git commit ecca27f193585ff7b4bd17a1739fa0d59138b02c Author: Michael Osipov AuthorDate: Thu Jun 29 11:22:38 2023 +0200 Add BZ issue ID --- webapps/docs/changelog.xml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml index 537749e57a..dd909b6b1a 100644 --- a/webapps/docs/changelog.xml +++ b/webapps/docs/changelog.xml @@ -108,7 +108,8 @@ -Add org.apache.catalina.core.ContextNamingInfoListener, +59232: Add +org.apache.catalina.core.ContextNamingInfoListener, a listener which creates context naming information environment entries. (michaelo) - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat-native] branch main updated: Bug 66666: Remove non-reachable functions from ssl.c
This is an automated email from the ASF dual-hosted git repository.
michaelo pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat-native.git
The following commit(s) were added to refs/heads/main by this push:
new 2e865ff87 Bug 6: Remove non-reachable functions from ssl.c
2e865ff87 is described below
commit 2e865ff8788b3c738170713771ba5a2ec0e2e364
Author: Michael Osipov
AuthorDate: Fri Jun 23 11:09:58 2023 +0200
Bug 6: Remove non-reachable functions from ssl.c
---
native/include/ssl_private.h | 1 -
native/src/ssl.c | 156 +-
native/src/sslutils.c | 27 +--
xdocs/miscellaneous/changelog.xml | 3 +
4 files changed, 8 insertions(+), 179 deletions(-)
diff --git a/native/include/ssl_private.h b/native/include/ssl_private.h
index 242ab4dd4..6c5c9d297 100644
--- a/native/include/ssl_private.h
+++ b/native/include/ssl_private.h
@@ -232,7 +232,6 @@ typedef struct tcn_ssl_ctxt_t tcn_ssl_ctxt_t;
typedef struct {
charpassword[SSL_MAX_PASSWORD_LEN];
const char *prompt;
-tcn_callback_t cb;
} tcn_pass_cb_t;
extern tcn_pass_cb_t tcn_password_callback;
diff --git a/native/src/ssl.c b/native/src/ssl.c
index 53ae4b4a9..a1ab58fa0 100644
--- a/native/src/ssl.c
+++ b/native/src/ssl.c
@@ -45,8 +45,7 @@ static jclass stringClass;
/*
* supported_ssl_opts is a bitmask that contains all supported SSL_OP_*
- * options at compile-time. This is used in hasOp to determine which
- * SSL_OP_* options are available at runtime.
+ * options at compile-time.
*
* Note that at least up through OpenSSL 0.9.8o, checking SSL_OP_ALL will
* return JNI_FALSE because SSL_OP_ALL is a mask that covers all bug
@@ -301,13 +300,6 @@ static apr_status_t ssl_init_cleanup(void *data)
return APR_SUCCESS;
ssl_initialized = 0;
-if (tcn_password_callback.cb.obj) {
-JNIEnv *env;
-tcn_get_java_env();
-TCN_UNLOAD_CLASS(env,
- tcn_password_callback.cb.obj);
-}
-
free_bio_methods();
free_dh_params();
@@ -600,37 +592,6 @@ TCN_IMPLEMENT_CALL(jint, SSL, initialize)(TCN_STDARGS,
jstring engine)
return (jint)APR_SUCCESS;
}
-TCN_IMPLEMENT_CALL(jboolean, SSL, randLoad)(TCN_STDARGS, jstring file)
-{
-TCN_ALLOC_CSTRING(file);
-int r;
-UNREFERENCED(o);
-r = SSL_rand_seed(J2S(file));
-TCN_FREE_CSTRING(file);
-return r ? JNI_TRUE : JNI_FALSE;
-}
-
-TCN_IMPLEMENT_CALL(jboolean, SSL, randSave)(TCN_STDARGS, jstring file)
-{
-TCN_ALLOC_CSTRING(file);
-int r;
-UNREFERENCED(o);
-r = ssl_rand_save_file(J2S(file));
-TCN_FREE_CSTRING(file);
-return r ? JNI_TRUE : JNI_FALSE;
-}
-
-TCN_IMPLEMENT_CALL(jboolean, SSL, randMake)(TCN_STDARGS, jstring file,
-jint length, jboolean base64)
-{
-TCN_ALLOC_CSTRING(file);
-int r;
-UNREFERENCED(o);
-r = ssl_rand_make(J2S(file), length, base64);
-TCN_FREE_CSTRING(file);
-return r ? JNI_TRUE : JNI_FALSE;
-}
-
TCN_IMPLEMENT_CALL(void, SSL, randSet)(TCN_STDARGS, jstring file)
{
TCN_ALLOC_CSTRING(file);
@@ -894,96 +855,6 @@ static BIO_METHOD *BIO_jbs()
return jbs_methods;
}
-TCN_IMPLEMENT_CALL(jlong, SSL, newBIO)(TCN_STDARGS, jlong pool,
- jobject callback)
-{
-BIO *bio = NULL;
-BIO_JAVA *j;
-jclass cls;
-
-UNREFERENCED(o);
-
-if ((bio = BIO_new(BIO_jbs())) == NULL) {
-tcn_ThrowException(e, "Create BIO failed");
-goto init_failed;
-}
-j = (BIO_JAVA *)BIO_get_data(bio);
-if (j == NULL) {
-tcn_ThrowException(e, "Create BIO failed");
-goto init_failed;
-}
-j->pool = J2P(pool, apr_pool_t *);
-if (j->pool) {
-apr_pool_cleanup_register(j->pool, (const void *)bio,
- generic_bio_cleanup,
- apr_pool_cleanup_null);
-}
-
-cls = (*e)->GetObjectClass(e, callback);
-j->cb.mid[0] = (*e)->GetMethodID(e, cls, "write", "([B)I");
-j->cb.mid[1] = (*e)->GetMethodID(e, cls, "read", "([B)I");
-j->cb.mid[2] = (*e)->GetMethodID(e, cls, "puts", "(Ljava/lang/String;)I");
-j->cb.mid[3] = (*e)->GetMethodID(e, cls, "gets", "(I)Ljava/lang/String;");
-/* TODO: Check if method id's are valid */
-j->cb.obj= (*e)->NewGlobalRef(e, callback);
-
-BIO_set_init(bio, 1);
-BIO_set_flags(bio, SSL_BIO_FLAG_CALLBACK);
-return P2J(bio);
-init_failed:
-return 0;
-}
-
-TCN_IMPLEMENT_CALL(jint, SSL, closeBIO)(TCN_STDARGS, jlong bio)
-{
-BIO *b = J2P(bio, BIO *);
-UNREFERENCED_STDARGS;
-SSL_BIO_close(b);
-return APR_SUCCESS;
-}
-
-TCN_IMPLEMENT_CALL(void, SSL, setPasswordCallback)(TCN_STDARGS,
-
[tomcat-native] branch 1.2.x updated: Align default pass phrase prompt with HTTPd
This is an automated email from the ASF dual-hosted git repository.
michaelo pushed a commit to branch 1.2.x
in repository https://gitbox.apache.org/repos/asf/tomcat-native.git
The following commit(s) were added to refs/heads/1.2.x by this push:
new 8049561c8 Align default pass phrase prompt with HTTPd
8049561c8 is described below
commit 8049561c86c3270b86dfd484fd07f1e8627d6b41
Author: Michael Osipov
AuthorDate: Mon Jun 26 18:05:40 2023 +0200
Align default pass phrase prompt with HTTPd
---
native/include/ssl_private.h | 6 +++---
xdocs/miscellaneous/changelog.xml | 3 +++
2 files changed, 6 insertions(+), 3 deletions(-)
diff --git a/native/include/ssl_private.h b/native/include/ssl_private.h
index b48f7ca84..d90bc1f4b 100644
--- a/native/include/ssl_private.h
+++ b/native/include/ssl_private.h
@@ -171,9 +171,9 @@ extern ENGINE *tcn_ssl_engine;
|| (errnum == X509_V_ERR_CERT_UNTRUSTED) \
|| (errnum == X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE))
-#define SSL_DEFAULT_PASS_PROMPT "Some of your private key files are encrypted
for security reasons.\n" \
-"In order to read them you have to provide the
pass phrases.\n" \
-"Enter password :"
+#define SSL_DEFAULT_PASS_PROMPT "Some of your private key files are encrypted
for security reasons.\n" \
+"In order to read them you have to provide the
pass phrases.\n"\
+"Enter pass phrase:"
#define SSL_CIPHERS_ALWAYS_DISABLED ("!aNULL:!eNULL:!EXP:")
diff --git a/xdocs/miscellaneous/changelog.xml
b/xdocs/miscellaneous/changelog.xml
index 2f6d3d9a8..c4dd3694b 100644
--- a/xdocs/miscellaneous/changelog.xml
+++ b/xdocs/miscellaneous/changelog.xml
@@ -32,6 +32,9 @@
+
+ Align default pass phrase prompt with HTTPd. (michaelo)
+
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat-native] branch main updated: Align default pass phrase prompt with HTTPd
This is an automated email from the ASF dual-hosted git repository.
michaelo pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat-native.git
The following commit(s) were added to refs/heads/main by this push:
new cea4e7e87 Align default pass phrase prompt with HTTPd
cea4e7e87 is described below
commit cea4e7e87749613ae639a9236d0e531d190ee8d7
Author: Michael Osipov
AuthorDate: Mon Jun 26 18:05:40 2023 +0200
Align default pass phrase prompt with HTTPd
---
native/include/ssl_private.h | 6 +++---
xdocs/miscellaneous/changelog.xml | 3 +++
2 files changed, 6 insertions(+), 3 deletions(-)
diff --git a/native/include/ssl_private.h b/native/include/ssl_private.h
index be2397053..242ab4dd4 100644
--- a/native/include/ssl_private.h
+++ b/native/include/ssl_private.h
@@ -171,9 +171,9 @@ extern ENGINE *tcn_ssl_engine;
|| (errnum == X509_V_ERR_CERT_UNTRUSTED) \
|| (errnum == X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE))
-#define SSL_DEFAULT_PASS_PROMPT "Some of your private key files are encrypted
for security reasons.\n" \
-"In order to read them you have to provide the
pass phrases.\n" \
-"Enter password :"
+#define SSL_DEFAULT_PASS_PROMPT "Some of your private key files are encrypted
for security reasons.\n" \
+"In order to read them you have to provide the
pass phrases.\n"\
+"Enter pass phrase:"
#define SSL_CIPHERS_ALWAYS_DISABLED ("!aNULL:!eNULL:!EXP:")
diff --git a/xdocs/miscellaneous/changelog.xml
b/xdocs/miscellaneous/changelog.xml
index 918615532..76d06de91 100644
--- a/xdocs/miscellaneous/changelog.xml
+++ b/xdocs/miscellaneous/changelog.xml
@@ -33,6 +33,9 @@
+
+ Align default pass phrase prompt with HTTPd. (michaelo)
+
Rename configure.in to modern autotools style configure.ac. (rjung)
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat-native] branch 1.2.x updated: Trim trailing whitespace
This is an automated email from the ASF dual-hosted git repository.
michaelo pushed a commit to branch 1.2.x
in repository https://gitbox.apache.org/repos/asf/tomcat-native.git
The following commit(s) were added to refs/heads/1.2.x by this push:
new d108b0288 Trim trailing whitespace
d108b0288 is described below
commit d108b02885cea1d46948939883bfe02da464fdb1
Author: Michael Osipov
AuthorDate: Mon Jun 26 18:00:16 2023 +0200
Trim trailing whitespace
---
native/src/address.c| 2 +-
native/src/info.c | 2 +-
native/src/poll.c | 2 +-
native/src/sslconf.c| 2 +-
native/src/sslcontext.c | 6 +++---
5 files changed, 7 insertions(+), 7 deletions(-)
diff --git a/native/src/address.c b/native/src/address.c
index 87a877178..af43122d6 100644
--- a/native/src/address.c
+++ b/native/src/address.c
@@ -46,7 +46,7 @@ TCN_IMPLEMENT_CALL(jlong, Address, info)(TCN_STDARGS,
J2S(hostname), f, (apr_port_t)port,
(apr_int32_t)flags, p), sa);
sl = sa;
-/*
+/*
* apr_sockaddr_info_get may return several address so this is not
* go to work in some cases (but as least it works for Linux)
* XXX: with AP_ENABLE_V4_MAPPED it is going to work otherwise it won't.
diff --git a/native/src/info.c b/native/src/info.c
index 4734e542b..01d1ae4c2 100644
--- a/native/src/info.c
+++ b/native/src/info.c
@@ -140,7 +140,7 @@ apr_status_t tcn_load_finfo_class(JNIEnv *e, jclass finfo)
GET_FINFO_S(fname);
GET_FINFO_S(name);
GET_FINFO_J(filehand);
-
+
finfo_class_init = (*e)->GetMethodID(e, finfo,
"", "()V");
if (finfo_class_init == NULL)
diff --git a/native/src/poll.c b/native/src/poll.c
index 4414ec821..f5f2992c9 100644
--- a/native/src/poll.c
+++ b/native/src/poll.c
@@ -403,7 +403,7 @@ TCN_IMPLEMENT_CALL(jint, Poll, poll)(TCN_STDARGS, jlong
pollset,
array or as multiple pairs depending on implementation. On OSX
at
least, multiple pairs have been observed. In this case do not
try
and remove socket from the pollset for a second time else a
crash
- will result. */
+ will result. */
if (remove) {
if (s->pe) {
apr_pollset_remove(p->pollset, fd);
diff --git a/native/src/sslconf.c b/native/src/sslconf.c
index e2ece6fe5..6ff028b66 100644
--- a/native/src/sslconf.c
+++ b/native/src/sslconf.c
@@ -265,7 +265,7 @@ TCN_IMPLEMENT_CALL(jint, SSLConf, apply)(TCN_STDARGS, jlong
cctx,
c->no_ocsp_check = 1;
TCN_FREE_CSTRING(cmd);
TCN_FREE_CSTRING(value);
-return 1;
+return 1;
}
SSL_ERR_clear();
rc = SSL_CONF_cmd(c->cctx, J2S(cmd), buf != NULL ? buf : J2S(value));
diff --git a/native/src/sslcontext.c b/native/src/sslcontext.c
index c0541bd72..afec601c8 100644
--- a/native/src/sslcontext.c
+++ b/native/src/sslcontext.c
@@ -142,7 +142,7 @@ int ssl_callback_ClientHello(SSL *ssl, int *al, void *arg)
const unsigned char *pos;
size_t len, remaining;
tcn_ssl_ctxt_t *c = (tcn_ssl_ctxt_t *) arg;
-
+
(*javavm)->AttachCurrentThread(javavm, (void **), NULL);
// Continue only if the static method exists
if (sni_java_callback == NULL) {
@@ -162,7 +162,7 @@ int ssl_callback_ClientHello(SSL *ssl, int *al, void *arg)
*/
if (!SSL_client_hello_get0_ext(ssl, TLSEXT_TYPE_server_name, ,
)
-|| remaining <= 2)
+|| remaining <= 2)
goto give_up;
/* Extract the length of the supplied list of names. */
@@ -222,7 +222,7 @@ give_up:
SSL_set_session_id_context(ssl, &(c->context_id[0]), sizeof
c->context_id);
}
}
-
+
}
return SSL_CLIENT_HELLO_SUCCESS;
}
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat-native] branch main updated: Trim trailing whitespace
This is an automated email from the ASF dual-hosted git repository.
michaelo pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat-native.git
The following commit(s) were added to refs/heads/main by this push:
new 3fbe5615c Trim trailing whitespace
3fbe5615c is described below
commit 3fbe5615c3350c21cdca2a84ba44888a58129aad
Author: Michael Osipov
AuthorDate: Mon Jun 26 18:00:16 2023 +0200
Trim trailing whitespace
---
native/src/sslconf.c| 2 +-
native/src/sslcontext.c | 6 +++---
2 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/native/src/sslconf.c b/native/src/sslconf.c
index a3b8cfdfd..e5b18a7ce 100644
--- a/native/src/sslconf.c
+++ b/native/src/sslconf.c
@@ -263,7 +263,7 @@ TCN_IMPLEMENT_CALL(jint, SSLConf, apply)(TCN_STDARGS, jlong
cctx,
c->no_ocsp_check = 1;
TCN_FREE_CSTRING(cmd);
TCN_FREE_CSTRING(value);
-return 1;
+return 1;
}
SSL_ERR_clear();
rc = SSL_CONF_cmd(c->cctx, J2S(cmd), buf != NULL ? buf : J2S(value));
diff --git a/native/src/sslcontext.c b/native/src/sslcontext.c
index 7305d72ae..73446a95d 100644
--- a/native/src/sslcontext.c
+++ b/native/src/sslcontext.c
@@ -141,7 +141,7 @@ int ssl_callback_ClientHello(SSL *ssl, int *al, void *arg)
const unsigned char *pos;
size_t len, remaining;
tcn_ssl_ctxt_t *c = (tcn_ssl_ctxt_t *) arg;
-
+
(*javavm)->AttachCurrentThread(javavm, (void **), NULL);
// Continue only if the static method exists
if (sni_java_callback == NULL) {
@@ -161,7 +161,7 @@ int ssl_callback_ClientHello(SSL *ssl, int *al, void *arg)
*/
if (!SSL_client_hello_get0_ext(ssl, TLSEXT_TYPE_server_name, ,
)
-|| remaining <= 2)
+|| remaining <= 2)
goto give_up;
/* Extract the length of the supplied list of names. */
@@ -221,7 +221,7 @@ give_up:
SSL_set_session_id_context(ssl, &(c->context_id[0]), sizeof
c->context_id);
}
}
-
+
}
return SSL_CLIENT_HELLO_SUCCESS;
}
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat-native] branch 1.2.x updated: Replace tabs with spaces
This is an automated email from the ASF dual-hosted git repository.
michaelo pushed a commit to branch 1.2.x
in repository https://gitbox.apache.org/repos/asf/tomcat-native.git
The following commit(s) were added to refs/heads/1.2.x by this push:
new df4c93e20 Replace tabs with spaces
df4c93e20 is described below
commit df4c93e205ca6f0341d54eec2d105f5400375c55
Author: Michael Osipov
AuthorDate: Thu Jun 22 10:52:40 2023 +0200
Replace tabs with spaces
---
native/include/ssl_private.h | 6 +++---
native/src/ssl.c | 4 ++--
native/src/sslcontext.c | 4 ++--
native/src/sslutils.c| 2 +-
4 files changed, 8 insertions(+), 8 deletions(-)
diff --git a/native/include/ssl_private.h b/native/include/ssl_private.h
index 545022ba2..b48f7ca84 100644
--- a/native/include/ssl_private.h
+++ b/native/include/ssl_private.h
@@ -358,9 +358,9 @@ typedef struct {
*/
} reneg_state;
enum {
- PHA_NONE = 0, /* Before PHA */
- PHA_STARTED,/* PHA req sent to client but no response */
- PHA_COMPLETE/* Client has returned cert */
+PHA_NONE = 0, /* Before PHA */
+PHA_STARTED,/* PHA req sent to client but no response */
+PHA_COMPLETE/* Client has returned cert */
} pha_state;
apr_socket_t *sock;
apr_pollset_t *pollset;
diff --git a/native/src/ssl.c b/native/src/ssl.c
index 92414e611..31493e74f 100644
--- a/native/src/ssl.c
+++ b/native/src/ssl.c
@@ -817,7 +817,7 @@ TCN_IMPLEMENT_CALL(jint, SSL, initialize)(TCN_STDARGS,
jstring engine)
err = APR_ENOTIMPL;
else {
#ifdef ENGINE_CTRL_CHIL_SET_FORKCHECK
- if (strcmp(J2S(engine), "chil") == 0)
+if (strcmp(J2S(engine), "chil") == 0)
ENGINE_ctrl(ee, ENGINE_CTRL_CHIL_SET_FORKCHECK, 1, 0, 0);
#endif
if (!ENGINE_set_default(ee, ENGINE_METHOD_ALL))
@@ -947,7 +947,7 @@ TCN_IMPLEMENT_CALL(jint, SSL, fipsModeGet)(TCN_STDARGS)
if (strcmp("fips", name)) {
return 0;
} else {
- return 1;
+return 1;
}
#else
UNREFERENCED(o);
diff --git a/native/src/sslcontext.c b/native/src/sslcontext.c
index 483446dd6..c0541bd72 100644
--- a/native/src/sslcontext.c
+++ b/native/src/sslcontext.c
@@ -923,8 +923,8 @@ TCN_IMPLEMENT_CALL(void, SSLContext,
setTmpECDHByCurveName)(TCN_STDARGS, jlong c
EC_KEY_free(ecdh);
TCN_FREE_CSTRING(curveName);
#else
- tcn_Throw(e, "Cant't configure elliptic curve: unsupported by this
OpenSSL version");
- return;
+tcn_Throw(e, "Cant't configure elliptic curve: unsupported by this OpenSSL
version");
+return;
#endif
}
diff --git a/native/src/sslutils.c b/native/src/sslutils.c
index c3bd41a45..619a6537e 100644
--- a/native/src/sslutils.c
+++ b/native/src/sslutils.c
@@ -741,7 +741,7 @@ static char **decode_OCSP_url(ASN1_OCTET_STRING *os,
apr_pool_t *p)
return NULL;
}
if (parse_ASN1_Sequence(ocsp_urls, , , p) ||
- numofresponses ==0) {
+numofresponses ==0) {
response = NULL;
}
return response;
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat-native] branch main updated: Replace tabs with spaces
This is an automated email from the ASF dual-hosted git repository.
michaelo pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat-native.git
The following commit(s) were added to refs/heads/main by this push:
new f247f0af0 Replace tabs with spaces
f247f0af0 is described below
commit f247f0af00e17af194d183daf6239967d698e731
Author: Michael Osipov
AuthorDate: Thu Jun 22 10:52:40 2023 +0200
Replace tabs with spaces
---
native/include/ssl_private.h | 6 +++---
native/src/ssl.c | 4 ++--
native/src/sslcontext.c | 4 ++--
native/src/sslutils.c| 2 +-
4 files changed, 8 insertions(+), 8 deletions(-)
diff --git a/native/include/ssl_private.h b/native/include/ssl_private.h
index 091634df2..be2397053 100644
--- a/native/include/ssl_private.h
+++ b/native/include/ssl_private.h
@@ -326,9 +326,9 @@ typedef struct {
*/
} reneg_state;
enum {
- PHA_NONE = 0, /* Before PHA */
- PHA_STARTED,/* PHA req sent to client but no response */
- PHA_COMPLETE/* Client has returned cert */
+PHA_NONE = 0, /* Before PHA */
+PHA_STARTED,/* PHA req sent to client but no response */
+PHA_COMPLETE/* Client has returned cert */
} pha_state;
apr_socket_t *sock;
apr_pollset_t *pollset;
diff --git a/native/src/ssl.c b/native/src/ssl.c
index a008ec44d..53ae4b4a9 100644
--- a/native/src/ssl.c
+++ b/native/src/ssl.c
@@ -538,7 +538,7 @@ TCN_IMPLEMENT_CALL(jint, SSL, initialize)(TCN_STDARGS,
jstring engine)
err = APR_ENOTIMPL;
else {
#ifdef ENGINE_CTRL_CHIL_SET_FORKCHECK
- if (strcmp(J2S(engine), "chil") == 0)
+if (strcmp(J2S(engine), "chil") == 0)
ENGINE_ctrl(ee, ENGINE_CTRL_CHIL_SET_FORKCHECK, 1, 0, 0);
#endif
if (!ENGINE_set_default(ee, ENGINE_METHOD_ALL))
@@ -665,7 +665,7 @@ TCN_IMPLEMENT_CALL(jint, SSL, fipsModeGet)(TCN_STDARGS)
if (strcmp("fips", name)) {
return 0;
} else {
- return 1;
+return 1;
}
#endif
}
diff --git a/native/src/sslcontext.c b/native/src/sslcontext.c
index 9bd7e7657..7305d72ae 100644
--- a/native/src/sslcontext.c
+++ b/native/src/sslcontext.c
@@ -816,8 +816,8 @@ TCN_IMPLEMENT_CALL(void, SSLContext,
setTmpECDHByCurveName)(TCN_STDARGS, jlong c
EC_KEY_free(ecdh);
TCN_FREE_CSTRING(curveName);
#else
- tcn_Throw(e, "Cant't configure elliptic curve: unsupported by this
OpenSSL version");
- return;
+tcn_Throw(e, "Cant't configure elliptic curve: unsupported by this OpenSSL
version");
+return;
#endif
}
diff --git a/native/src/sslutils.c b/native/src/sslutils.c
index db4486212..2194aac11 100644
--- a/native/src/sslutils.c
+++ b/native/src/sslutils.c
@@ -718,7 +718,7 @@ static char **decode_OCSP_url(ASN1_OCTET_STRING *os,
apr_pool_t *p)
return NULL;
}
if (parse_ASN1_Sequence(ocsp_urls, , , p) ||
- numofresponses ==0) {
+numofresponses ==0) {
response = NULL;
}
return response;
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 8.5.x updated: Add ContextNamingInfoListener
This is an automated email from the ASF dual-hosted git repository.
michaelo pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/8.5.x by this push:
new ed1277b29b Add ContextNamingInfoListener
ed1277b29b is described below
commit ed1277b29b6b017059bb101030e4cddb6ccd0d8c
Author: Michael Osipov
AuthorDate: Thu Jun 8 12:09:15 2023 +0200
Add ContextNamingInfoListener
A listener which creates context naming information environment entries.
---
.../catalina/core/ContextNamingInfoListener.java | 121 +
.../apache/catalina/core/LocalStrings.properties | 3 +
.../core/TestContextNamingInfoListener.java| 119
webapps/docs/changelog.xml | 5 +
webapps/docs/config/listeners.xml | 27 +
5 files changed, 275 insertions(+)
diff --git a/java/org/apache/catalina/core/ContextNamingInfoListener.java
b/java/org/apache/catalina/core/ContextNamingInfoListener.java
new file mode 100644
index 00..b77915c7d7
--- /dev/null
+++ b/java/org/apache/catalina/core/ContextNamingInfoListener.java
@@ -0,0 +1,121 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.catalina.core;
+
+import org.apache.catalina.Context;
+import org.apache.catalina.Lifecycle;
+import org.apache.catalina.LifecycleEvent;
+import org.apache.catalina.LifecycleListener;
+import org.apache.juli.logging.Log;
+import org.apache.juli.logging.LogFactory;
+import org.apache.tomcat.util.descriptor.web.ContextEnvironment;
+import org.apache.tomcat.util.res.StringManager;
+
+/**
+ * Implementation of {@code LifecycleListener} that will create context
naming information
+ * environment entries.
+ *
+ * This listener must only be nested within {@link Context} elements.
+ *
+ * The following entries will be added to the initial context ({@code
java:comp/env} implied):
+ *
+ * Path: {@code context/path} from {@link Context#getPath()}
+ * Encoded Path: {@code context/encodedPath} from {@link
Context#getEncodedPath()}
+ * Webapp Version: {@code context/webappVersion} from {@link
Context#getWebappVersion()}
+ * Name: {@code context/name} from {@link Context#getName()}
+ * Base Name: {@code context/baseName} from {@link
Context#getBaseName()}
+ * Display Name: {@code context/displayName} from {@link
Context#getDisplayName()}
+ *
+ *
+ * See the https://tomcat.apache.org/tomcat-8.5-doc/config/context.html#Naming;>Tomcat
+ * documentation for more details on the values.
+ */
+public class ContextNamingInfoListener implements LifecycleListener {
+
+private static final String PATH_ENTRY_NAME = "context/path";
+private static final String ENCODED_PATH_ENTRY_NAME =
"context/encodedPath";
+private static final String WEBAPP_VERSION_ENTRY_NAME =
"context/webappVersion";
+private static final String NAME_ENTRY_NAME = "context/name";
+private static final String BASE_NAME_ENTRY_NAME = "context/baseName";
+private static final String DISPLAY_NAME_ENTRY_NAME =
"context/displayName";
+
+private static final Log log =
LogFactory.getLog(ContextNamingInfoListener.class);
+/**
+ * The string manager for this package.
+ */
+private static final StringManager sm =
StringManager.getManager(ContextNamingInfoListener.class);
+
+private boolean emptyOnRoot = true;
+
+/**
+ * Sets whether for the root context {@code context/path} and {@code
context/encodedPath} will
+ * contain {@code "/"} and {@code context/name} will contain {@code
"ROOT"} with a version, if any.
+ *
+ * @param emptyOnRoot whether paths and name for root context shall be
empty
+ */
+public void setEmptyOnRoot(boolean emptyOnRoot) {
+this.emptyOnRoot = emptyOnRoot;
+}
+
+/**
+ * Gets whether paths and name for the root context will be empty.
+ *
+ * @return indicator whether paths and name for the root context will be
empty
+ */
+public boolean isEmptyOnRoot() {
+return emptyOnRoot;
+}
+
+
[tomcat] branch 9.0.x updated: Add ContextNamingInfoListener
This is an automated email from the ASF dual-hosted git repository.
michaelo pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/9.0.x by this push:
new 594a878ec4 Add ContextNamingInfoListener
594a878ec4 is described below
commit 594a878ec4a566a463259a92536b3228af0d2999
Author: Michael Osipov
AuthorDate: Thu Jun 8 12:09:15 2023 +0200
Add ContextNamingInfoListener
A listener which creates context naming information environment entries.
---
.../catalina/core/ContextNamingInfoListener.java | 121 +
.../apache/catalina/core/LocalStrings.properties | 3 +
.../core/TestContextNamingInfoListener.java| 119
webapps/docs/changelog.xml | 5 +
webapps/docs/config/listeners.xml | 27 +
5 files changed, 275 insertions(+)
diff --git a/java/org/apache/catalina/core/ContextNamingInfoListener.java
b/java/org/apache/catalina/core/ContextNamingInfoListener.java
new file mode 100644
index 00..0e1926877b
--- /dev/null
+++ b/java/org/apache/catalina/core/ContextNamingInfoListener.java
@@ -0,0 +1,121 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.catalina.core;
+
+import org.apache.catalina.Context;
+import org.apache.catalina.Lifecycle;
+import org.apache.catalina.LifecycleEvent;
+import org.apache.catalina.LifecycleListener;
+import org.apache.juli.logging.Log;
+import org.apache.juli.logging.LogFactory;
+import org.apache.tomcat.util.descriptor.web.ContextEnvironment;
+import org.apache.tomcat.util.res.StringManager;
+
+/**
+ * Implementation of {@code LifecycleListener} that will create context
naming information
+ * environment entries.
+ *
+ * This listener must only be nested within {@link Context} elements.
+ *
+ * The following entries will be added to the initial context ({@code
java:comp/env} implied):
+ *
+ * Path: {@code context/path} from {@link Context#getPath()}
+ * Encoded Path: {@code context/encodedPath} from {@link
Context#getEncodedPath()}
+ * Webapp Version: {@code context/webappVersion} from {@link
Context#getWebappVersion()}
+ * Name: {@code context/name} from {@link Context#getName()}
+ * Base Name: {@code context/baseName} from {@link
Context#getBaseName()}
+ * Display Name: {@code context/displayName} from {@link
Context#getDisplayName()}
+ *
+ *
+ * See the https://tomcat.apache.org/tomcat-9.0-doc/config/context.html#Naming;>Tomcat
+ * documentation for more details on the values.
+ */
+public class ContextNamingInfoListener implements LifecycleListener {
+
+private static final String PATH_ENTRY_NAME = "context/path";
+private static final String ENCODED_PATH_ENTRY_NAME =
"context/encodedPath";
+private static final String WEBAPP_VERSION_ENTRY_NAME =
"context/webappVersion";
+private static final String NAME_ENTRY_NAME = "context/name";
+private static final String BASE_NAME_ENTRY_NAME = "context/baseName";
+private static final String DISPLAY_NAME_ENTRY_NAME =
"context/displayName";
+
+private static final Log log =
LogFactory.getLog(ContextNamingInfoListener.class);
+/**
+ * The string manager for this package.
+ */
+private static final StringManager sm =
StringManager.getManager(ContextNamingInfoListener.class);
+
+private boolean emptyOnRoot = true;
+
+/**
+ * Sets whether for the root context {@code context/path} and {@code
context/encodedPath} will
+ * contain {@code "/"} and {@code context/name} will contain {@code
"ROOT"} with a version, if any.
+ *
+ * @param emptyOnRoot whether paths and name for root context shall be
empty
+ */
+public void setEmptyOnRoot(boolean emptyOnRoot) {
+this.emptyOnRoot = emptyOnRoot;
+}
+
+/**
+ * Gets whether paths and name for the root context will be empty.
+ *
+ * @return indicator whether paths and name for the root context will be
empty
+ */
+public boolean isEmptyOnRoot() {
+return emptyOnRoot;
+}
+
+
[tomcat] branch 10.1.x updated: Add ContextNamingInfoListener
This is an automated email from the ASF dual-hosted git repository.
michaelo pushed a commit to branch 10.1.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/10.1.x by this push:
new 966ba70198 Add ContextNamingInfoListener
966ba70198 is described below
commit 966ba701982d2779bed3246adc4e48b70971400b
Author: Michael Osipov
AuthorDate: Thu Jun 8 12:09:15 2023 +0200
Add ContextNamingInfoListener
A listener which creates context naming information environment entries.
---
.../catalina/core/ContextNamingInfoListener.java | 121 +
.../apache/catalina/core/LocalStrings.properties | 3 +
.../core/TestContextNamingInfoListener.java| 119
webapps/docs/changelog.xml | 5 +
webapps/docs/config/listeners.xml | 27 +
5 files changed, 275 insertions(+)
diff --git a/java/org/apache/catalina/core/ContextNamingInfoListener.java
b/java/org/apache/catalina/core/ContextNamingInfoListener.java
new file mode 100644
index 00..cf0db7f8ed
--- /dev/null
+++ b/java/org/apache/catalina/core/ContextNamingInfoListener.java
@@ -0,0 +1,121 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.catalina.core;
+
+import org.apache.catalina.Context;
+import org.apache.catalina.Lifecycle;
+import org.apache.catalina.LifecycleEvent;
+import org.apache.catalina.LifecycleListener;
+import org.apache.juli.logging.Log;
+import org.apache.juli.logging.LogFactory;
+import org.apache.tomcat.util.descriptor.web.ContextEnvironment;
+import org.apache.tomcat.util.res.StringManager;
+
+/**
+ * Implementation of {@code LifecycleListener} that will create context
naming information
+ * environment entries.
+ *
+ * This listener must only be nested within {@link Context} elements.
+ *
+ * The following entries will be added to the initial context ({@code
java:comp/env} implied):
+ *
+ * Path: {@code context/path} from {@link Context#getPath()}
+ * Encoded Path: {@code context/encodedPath} from {@link
Context#getEncodedPath()}
+ * Webapp Version: {@code context/webappVersion} from {@link
Context#getWebappVersion()}
+ * Name: {@code context/name} from {@link Context#getName()}
+ * Base Name: {@code context/baseName} from {@link
Context#getBaseName()}
+ * Display Name: {@code context/displayName} from {@link
Context#getDisplayName()}
+ *
+ *
+ * See the https://tomcat.apache.org/tomcat-10.1-doc/config/context.html#Naming;>Tomcat
+ * documentation for more details on the values.
+ */
+public class ContextNamingInfoListener implements LifecycleListener {
+
+private static final String PATH_ENTRY_NAME = "context/path";
+private static final String ENCODED_PATH_ENTRY_NAME =
"context/encodedPath";
+private static final String WEBAPP_VERSION_ENTRY_NAME =
"context/webappVersion";
+private static final String NAME_ENTRY_NAME = "context/name";
+private static final String BASE_NAME_ENTRY_NAME = "context/baseName";
+private static final String DISPLAY_NAME_ENTRY_NAME =
"context/displayName";
+
+private static final Log log =
LogFactory.getLog(ContextNamingInfoListener.class);
+/**
+ * The string manager for this package.
+ */
+private static final StringManager sm =
StringManager.getManager(ContextNamingInfoListener.class);
+
+private boolean emptyOnRoot = true;
+
+/**
+ * Sets whether for the root context {@code context/path} and {@code
context/encodedPath} will
+ * contain {@code "/"} and {@code context/name} will contain {@code
"ROOT"} with a version, if any.
+ *
+ * @param emptyOnRoot whether paths and name for root context shall be
empty
+ */
+public void setEmptyOnRoot(boolean emptyOnRoot) {
+this.emptyOnRoot = emptyOnRoot;
+}
+
+/**
+ * Gets whether paths and name for the root context will be empty.
+ *
+ * @return indicator whether paths and name for the root context will be
empty
+ */
+public boolean isEmptyOnRoot() {
+return emptyOnRoot;
+}
+
+
[tomcat] branch main updated (26e49bba4b -> f3adc26288)
This is an automated email from the ASF dual-hosted git repository. michaelo pushed a change to branch main in repository https://gitbox.apache.org/repos/asf/tomcat.git from 26e49bba4b Expand security guidance to cover embedded usage add f3adc26288 Add ContextNamingInfoListener No new revisions were added by this update. Summary of changes: .../catalina/core/ContextNamingInfoListener.java | 121 + .../apache/catalina/core/LocalStrings.properties | 3 + .../core/TestContextNamingInfoListener.java| 119 webapps/docs/changelog.xml | 5 + webapps/docs/config/listeners.xml | 27 + 5 files changed, 275 insertions(+) create mode 100644 java/org/apache/catalina/core/ContextNamingInfoListener.java create mode 100644 test/org/apache/catalina/core/TestContextNamingInfoListener.java - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat-native] branch main updated: Fix typo
This is an automated email from the ASF dual-hosted git repository. michaelo pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/tomcat-native.git The following commit(s) were added to refs/heads/main by this push: new c4c3b1372 Fix typo c4c3b1372 is described below commit c4c3b1372fe1b4db8a21de6f40334a83533a382f Author: Michael Osipov AuthorDate: Wed Apr 13 08:27:03 2022 +0200 Fix typo --- xdocs/miscellaneous/changelog.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/xdocs/miscellaneous/changelog.xml b/xdocs/miscellaneous/changelog.xml index 2dafcbde9..8bd9bf42d 100644 --- a/xdocs/miscellaneous/changelog.xml +++ b/xdocs/miscellaneous/changelog.xml @@ -142,7 +142,7 @@ Remove default option passed for rpath to linker on HP-UX. (michaelo) - Add an option to allow the OCSP responder check to by bypassed. Note that + Add an option to allow the OCSP responder check to be bypassed. Note that if OCSP is enabled, a missing responder is now treated as an error. (jfclere) - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 9.0.x updated: Add support for additional user attributes in TomcatPrincipal
This is an automated email from the ASF dual-hosted git repository.
michaelo pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/9.0.x by this push:
new 024a495 Add support for additional user attributes in TomcatPrincipal
024a495 is described below
commit 024a4956f0053569beb3f842dc1154c9b7979977
Author: Carsten Klein
AuthorDate: Tue Feb 8 16:53:22 2022 +0100
Add support for additional user attributes in TomcatPrincipal
This closes #472
---
java/org/apache/catalina/TomcatPrincipal.java | 32
.../apache/catalina/realm/GenericPrincipal.java| 42 ++---
java/org/apache/catalina/realm/JNDIRealm.java | 2 +-
webapps/docs/changelog.xml | 5 +++
webapps/examples/jsp/security/protected/index.jsp | 44 ++
5 files changed, 119 insertions(+), 6 deletions(-)
diff --git a/java/org/apache/catalina/TomcatPrincipal.java
b/java/org/apache/catalina/TomcatPrincipal.java
index 83f9035..b74f187 100644
--- a/java/org/apache/catalina/TomcatPrincipal.java
+++ b/java/org/apache/catalina/TomcatPrincipal.java
@@ -17,6 +17,8 @@
package org.apache.catalina;
import java.security.Principal;
+import java.util.Collections;
+import java.util.Enumeration;
import org.ietf.jgss.GSSCredential;
@@ -47,4 +49,34 @@ public interface TomcatPrincipal extends Principal {
* exception to LoginContext
*/
void logout() throws Exception;
+
+/**
+ * Returns the value of the named attribute as an Object, or
+ * null if no attribute of the given name exists, or if
+ * null has been specified as the attribute's name.
+ *
+ * Only the servlet container may set attributes to make available custom
+ * information about a Principal or the user it represents.
+ *
+ * @param name a String specifying the name of the attribute
+ * @return an Object containing the value of the attribute, or
+ * null if the attribute does not exist, or if
+ * null has been specified as the attribute's name
+ */
+default Object getAttribute(String name) {
+return null;
+}
+
+/**
+ * Returns an Enumeration containing the names of the
+ * attributes available to this Principal. This method returns an empty
+ * Enumeration if the Principal has no attributes available to
+ * it.
+ *
+ * @return an Enumeration of strings containing the names of
+ * the Principal's attributes
+ */
+default Enumeration getAttributeNames() {
+return Collections.emptyEnumeration();
+}
}
diff --git a/java/org/apache/catalina/realm/GenericPrincipal.java
b/java/org/apache/catalina/realm/GenericPrincipal.java
index d8a8167..52a039b 100644
--- a/java/org/apache/catalina/realm/GenericPrincipal.java
+++ b/java/org/apache/catalina/realm/GenericPrincipal.java
@@ -19,7 +19,10 @@ package org.apache.catalina.realm;
import java.io.Serializable;
import java.security.Principal;
import java.util.Arrays;
+import java.util.Collections;
+import java.util.Enumeration;
import java.util.List;
+import java.util.Map;
import javax.security.auth.login.LoginContext;
@@ -83,7 +86,7 @@ public class GenericPrincipal implements TomcatPrincipal,
Serializable {
*/
public GenericPrincipal(String name, String password, List roles,
Principal userPrincipal, LoginContext loginContext) {
-this(name, password, roles, userPrincipal, loginContext, null);
+this(name, password, roles, userPrincipal, loginContext, null, null);
}
/**
@@ -99,10 +102,12 @@ public class GenericPrincipal implements TomcatPrincipal,
Serializable {
* @param loginContext - If provided, this will be used to log out the
user
*at the appropriate time
* @param gssCredential - If provided, the user's delegated credentials
+ * @param attributes - If provided, additional attributes associated with
+ *this Principal
*/
public GenericPrincipal(String name, String password, List roles,
Principal userPrincipal, LoginContext loginContext,
-GSSCredential gssCredential) {
+GSSCredential gssCredential, Map attributes) {
super();
this.name = name;
this.password = password;
@@ -117,6 +122,7 @@ public class GenericPrincipal implements TomcatPrincipal,
Serializable {
}
this.loginContext = loginContext;
this.gssCredential = gssCredential;
+this.attributes = attributes != null ?
Collections.unmodifiableMap(attributes) : null;
}
@@ -189,6 +195,11 @@ public class GenericPrincipal implements TomcatPrincipal,
Serializable {
this.gssCredential = gssCredential;
}
+/**
+ * The additional attributes associated with this Principal.
+ */
+protected final Map
[tomcat] branch 10.0.x updated: Add support for additional user attributes in TomcatPrincipal
This is an automated email from the ASF dual-hosted git repository.
michaelo pushed a commit to branch 10.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/10.0.x by this push:
new 8ced4ec Add support for additional user attributes in TomcatPrincipal
8ced4ec is described below
commit 8ced4ec586696db64639de08dad3293611737e32
Author: Carsten Klein
AuthorDate: Wed Jan 12 15:06:42 2022 +0100
Add support for additional user attributes in TomcatPrincipal
This closes #471
---
java/org/apache/catalina/TomcatPrincipal.java | 32 +++
.../apache/catalina/realm/GenericPrincipal.java| 46 ++
java/org/apache/catalina/realm/JNDIRealm.java | 2 +-
webapps/docs/changelog.xml | 5 +++
webapps/examples/jsp/security/protected/index.jsp | 44 +
5 files changed, 121 insertions(+), 8 deletions(-)
diff --git a/java/org/apache/catalina/TomcatPrincipal.java
b/java/org/apache/catalina/TomcatPrincipal.java
index 83f9035..b74f187 100644
--- a/java/org/apache/catalina/TomcatPrincipal.java
+++ b/java/org/apache/catalina/TomcatPrincipal.java
@@ -17,6 +17,8 @@
package org.apache.catalina;
import java.security.Principal;
+import java.util.Collections;
+import java.util.Enumeration;
import org.ietf.jgss.GSSCredential;
@@ -47,4 +49,34 @@ public interface TomcatPrincipal extends Principal {
* exception to LoginContext
*/
void logout() throws Exception;
+
+/**
+ * Returns the value of the named attribute as an Object, or
+ * null if no attribute of the given name exists, or if
+ * null has been specified as the attribute's name.
+ *
+ * Only the servlet container may set attributes to make available custom
+ * information about a Principal or the user it represents.
+ *
+ * @param name a String specifying the name of the attribute
+ * @return an Object containing the value of the attribute, or
+ * null if the attribute does not exist, or if
+ * null has been specified as the attribute's name
+ */
+default Object getAttribute(String name) {
+return null;
+}
+
+/**
+ * Returns an Enumeration containing the names of the
+ * attributes available to this Principal. This method returns an empty
+ * Enumeration if the Principal has no attributes available to
+ * it.
+ *
+ * @return an Enumeration of strings containing the names of
+ * the Principal's attributes
+ */
+default Enumeration getAttributeNames() {
+return Collections.emptyEnumeration();
+}
}
diff --git a/java/org/apache/catalina/realm/GenericPrincipal.java
b/java/org/apache/catalina/realm/GenericPrincipal.java
index 7260da4..584c104 100644
--- a/java/org/apache/catalina/realm/GenericPrincipal.java
+++ b/java/org/apache/catalina/realm/GenericPrincipal.java
@@ -19,7 +19,10 @@ package org.apache.catalina.realm;
import java.io.Serializable;
import java.security.Principal;
import java.util.Arrays;
+import java.util.Collections;
+import java.util.Enumeration;
import java.util.List;
+import java.util.Map;
import javax.security.auth.login.LoginContext;
@@ -120,7 +123,7 @@ public class GenericPrincipal implements TomcatPrincipal,
Serializable {
*/
public GenericPrincipal(String name, List roles,
Principal userPrincipal, LoginContext loginContext) {
-this(name, roles, userPrincipal, loginContext, null);
+this(name, roles, userPrincipal, loginContext, null, null);
}
/**
@@ -140,7 +143,7 @@ public class GenericPrincipal implements TomcatPrincipal,
Serializable {
@Deprecated
public GenericPrincipal(String name, String password, List roles,
Principal userPrincipal, LoginContext loginContext) {
-this(name, roles, userPrincipal, loginContext, null);
+this(name, roles, userPrincipal, loginContext, null, null);
}
/**
@@ -154,10 +157,12 @@ public class GenericPrincipal implements TomcatPrincipal,
Serializable {
* @param loginContext - If provided, this will be used to log out the
user
*at the appropriate time
* @param gssCredential - If provided, the user's delegated credentials
+ * @param attributes - If provided, additional attributes associated with
+ *this Principal
*/
public GenericPrincipal(String name, List roles,
Principal userPrincipal, LoginContext loginContext,
-GSSCredential gssCredential) {
+GSSCredential gssCredential, Map attributes) {
super();
this.name = name;
this.userPrincipal = userPrincipal;
@@ -171,6 +176,7 @@ public class GenericPrincipal implements TomcatPrincipal,
Serializable {
}
this.loginContext = loginContext;
this.gssCredential = gssCredential
[tomcat] branch main updated: Add support for additional user attributes in TomcatPrincipal
This is an automated email from the ASF dual-hosted git repository.
michaelo pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/main by this push:
new c3edf43 Add support for additional user attributes in TomcatPrincipal
c3edf43 is described below
commit c3edf437da20af0f11edc0ad6d893399b01e6287
Author: Carsten Klein
AuthorDate: Wed Jan 12 15:06:42 2022 +0100
Add support for additional user attributes in TomcatPrincipal
This closes #463
---
java/org/apache/catalina/TomcatPrincipal.java | 28 +
.../apache/catalina/realm/GenericPrincipal.java| 46 ++
java/org/apache/catalina/realm/JNDIRealm.java | 2 +-
webapps/docs/changelog.xml | 5 +++
webapps/examples/jsp/security/protected/index.jsp | 44 +
5 files changed, 117 insertions(+), 8 deletions(-)
diff --git a/java/org/apache/catalina/TomcatPrincipal.java
b/java/org/apache/catalina/TomcatPrincipal.java
index 83f9035..1e3d9f6 100644
--- a/java/org/apache/catalina/TomcatPrincipal.java
+++ b/java/org/apache/catalina/TomcatPrincipal.java
@@ -17,6 +17,8 @@
package org.apache.catalina;
import java.security.Principal;
+import java.util.Collections;
+import java.util.Enumeration;
import org.ietf.jgss.GSSCredential;
@@ -47,4 +49,30 @@ public interface TomcatPrincipal extends Principal {
* exception to LoginContext
*/
void logout() throws Exception;
+
+/**
+ * Returns the value of the named attribute as an Object, or
+ * null if no attribute of the given name exists, or if
+ * null has been specified as the attribute's name.
+ *
+ * Only the servlet container may set attributes to make available custom
+ * information about a Principal or the user it represents.
+ *
+ * @param name a String specifying the name of the attribute
+ * @return an Object containing the value of the attribute, or
+ * null if the attribute does not exist, or if
+ * null has been specified as the attribute's name
+ */
+Object getAttribute(String name);
+
+/**
+ * Returns an Enumeration containing the names of the
+ * attributes available to this Principal. This method returns an empty
+ * Enumeration if the Principal has no attributes available to
+ * it.
+ *
+ * @return an Enumeration of strings containing the names of
+ * the Principal's attributes
+ */
+Enumeration getAttributeNames();
}
diff --git a/java/org/apache/catalina/realm/GenericPrincipal.java
b/java/org/apache/catalina/realm/GenericPrincipal.java
index 7260da4..584c104 100644
--- a/java/org/apache/catalina/realm/GenericPrincipal.java
+++ b/java/org/apache/catalina/realm/GenericPrincipal.java
@@ -19,7 +19,10 @@ package org.apache.catalina.realm;
import java.io.Serializable;
import java.security.Principal;
import java.util.Arrays;
+import java.util.Collections;
+import java.util.Enumeration;
import java.util.List;
+import java.util.Map;
import javax.security.auth.login.LoginContext;
@@ -120,7 +123,7 @@ public class GenericPrincipal implements TomcatPrincipal,
Serializable {
*/
public GenericPrincipal(String name, List roles,
Principal userPrincipal, LoginContext loginContext) {
-this(name, roles, userPrincipal, loginContext, null);
+this(name, roles, userPrincipal, loginContext, null, null);
}
/**
@@ -140,7 +143,7 @@ public class GenericPrincipal implements TomcatPrincipal,
Serializable {
@Deprecated
public GenericPrincipal(String name, String password, List roles,
Principal userPrincipal, LoginContext loginContext) {
-this(name, roles, userPrincipal, loginContext, null);
+this(name, roles, userPrincipal, loginContext, null, null);
}
/**
@@ -154,10 +157,12 @@ public class GenericPrincipal implements TomcatPrincipal,
Serializable {
* @param loginContext - If provided, this will be used to log out the
user
*at the appropriate time
* @param gssCredential - If provided, the user's delegated credentials
+ * @param attributes - If provided, additional attributes associated with
+ *this Principal
*/
public GenericPrincipal(String name, List roles,
Principal userPrincipal, LoginContext loginContext,
-GSSCredential gssCredential) {
+GSSCredential gssCredential, Map attributes) {
super();
this.name = name;
this.userPrincipal = userPrincipal;
@@ -171,6 +176,7 @@ public class GenericPrincipal implements TomcatPrincipal,
Serializable {
}
this.loginContext = loginContext;
this.gssCredential = gssCredential;
+this.attributes = attributes != null ?
Collections.unmodifiableMap(attributes) : null
[tomcat] branch 9.0.x updated: jarsToSkip += derby-*.jar jaxws-rt-*.jar
This is an automated email from the ASF dual-hosted git repository. michaelo pushed a commit to branch 9.0.x in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/9.0.x by this push: new e9eae92 jarsToSkip += derby-*.jar jaxws-rt-*.jar e9eae92 is described below commit e9eae92766e7471c229afd09e614f5653405d2a9 Author: Michael Osipov AuthorDate: Mon Jan 24 12:05:29 2022 +0100 jarsToSkip += derby-*.jar jaxws-rt-*.jar --- conf/catalina.properties | 2 ++ webapps/docs/changelog.xml | 9 + 2 files changed, 11 insertions(+) diff --git a/conf/catalina.properties b/conf/catalina.properties index 918f8f1..19f6718 100644 --- a/conf/catalina.properties +++ b/conf/catalina.properties @@ -141,6 +141,7 @@ ecj-*.jar,\ el-api.jar,\ geronimo-spec-jaxrpc*.jar,\ h2*.jar,\ +ha-api-*.jar,\ hamcrest-*.jar,\ hibernate*.jar,\ httpclient*.jar,\ @@ -150,6 +151,7 @@ jasper.jar,\ jaspic-api.jar,\ jaxb-*.jar,\ jaxen-*.jar,\ +jaxws-rt-*.jar,\ jdom-*.jar,\ jetty-*.jar,\ jmx-tools.jar,\ diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml index 5cb306d..2e4f6fe 100644 --- a/webapps/docs/changelog.xml +++ b/webapps/docs/changelog.xml @@ -105,6 +105,15 @@ issues do not "pop up" wrt. others). --> + + + +Add ha-api-*.jar and jaxws-rt-*.jar to the +list of JARs to skip when scanning for TLDs, web fragments and +annotations. (michaelo) + + + - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 8.5.x updated: jarsToSkip += derby-*.jar jaxws-rt-*.jar
This is an automated email from the ASF dual-hosted git repository. michaelo pushed a commit to branch 8.5.x in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/8.5.x by this push: new 85d9d0e jarsToSkip += derby-*.jar jaxws-rt-*.jar 85d9d0e is described below commit 85d9d0e1eb9aad3b1dc22139db18e1658ae22d17 Author: Michael Osipov AuthorDate: Mon Jan 24 12:05:29 2022 +0100 jarsToSkip += derby-*.jar jaxws-rt-*.jar --- conf/catalina.properties | 2 ++ webapps/docs/changelog.xml | 9 + 2 files changed, 11 insertions(+) diff --git a/conf/catalina.properties b/conf/catalina.properties index a3f7349..a6c423a 100644 --- a/conf/catalina.properties +++ b/conf/catalina.properties @@ -142,6 +142,7 @@ ecj-*.jar,\ el-api.jar,\ geronimo-spec-jaxrpc*.jar,\ h2*.jar,\ +ha-api-*.jar,\ hamcrest-*.jar,\ hibernate*.jar,\ httpclient*.jar,\ @@ -151,6 +152,7 @@ jasper.jar,\ jaspic-api.jar,\ jaxb-*.jar,\ jaxen-*.jar,\ +jaxws-rt-*.jar,\ jdom-*.jar,\ jetty-*.jar,\ jmx-tools.jar,\ diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml index d16f9b6..8ba5867 100644 --- a/webapps/docs/changelog.xml +++ b/webapps/docs/changelog.xml @@ -105,6 +105,15 @@ issues do not "pop up" wrt. others). --> + + + +Add ha-api-*.jar and jaxws-rt-*.jar to the +list of JARs to skip when scanning for TLDs, web fragments and +annotations. (michaelo) + + + - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 10.0.x updated: jarsToSkip += derby-*.jar jaxws-rt-*.jar
This is an automated email from the ASF dual-hosted git repository. michaelo pushed a commit to branch 10.0.x in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/10.0.x by this push: new 562762f jarsToSkip += derby-*.jar jaxws-rt-*.jar 562762f is described below commit 562762f8c9dcabc92ae2601f59be808684f8add1 Author: Michael Osipov AuthorDate: Mon Jan 24 12:05:29 2022 +0100 jarsToSkip += derby-*.jar jaxws-rt-*.jar --- conf/catalina.properties | 2 ++ webapps/docs/changelog.xml | 9 + 2 files changed, 11 insertions(+) diff --git a/conf/catalina.properties b/conf/catalina.properties index d73a8bf..9f0c046 100644 --- a/conf/catalina.properties +++ b/conf/catalina.properties @@ -141,6 +141,7 @@ ecj-*.jar,\ el-api.jar,\ geronimo-spec-jaxrpc*.jar,\ h2*.jar,\ +ha-api-*.jar,\ hamcrest-*.jar,\ hibernate*.jar,\ httpclient*.jar,\ @@ -151,6 +152,7 @@ jasper.jar,\ jaspic-api.jar,\ jaxb-*.jar,\ jaxen-*.jar,\ +jaxws-rt-*.jar,\ jdom-*.jar,\ jetty-*.jar,\ jmx-tools.jar,\ diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml index cd3c9f9..b6647cf 100644 --- a/webapps/docs/changelog.xml +++ b/webapps/docs/changelog.xml @@ -105,6 +105,15 @@ issues do not "pop up" wrt. others). --> + + + +Add ha-api-*.jar and jaxws-rt-*.jar to the +list of JARs to skip when scanning for TLDs, web fragments and +annotations. (michaelo) + + + - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch main updated: Fix position of entry in changelog.xml
This is an automated email from the ASF dual-hosted git repository. michaelo pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/main by this push: new ee9b1c6 Fix position of entry in changelog.xml ee9b1c6 is described below commit ee9b1c687406f3f52e99df1de121cabd2a1935bd Author: Michael Osipov AuthorDate: Mon Jan 24 12:05:29 2022 +0100 Fix position of entry in changelog.xml --- webapps/docs/changelog.xml | 14 +- 1 file changed, 9 insertions(+), 5 deletions(-) diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml index 2d13033..e988f47 100644 --- a/webapps/docs/changelog.xml +++ b/webapps/docs/changelog.xml @@ -105,6 +105,15 @@ issues do not "pop up" wrt. others). --> + + + +Add ha-api-*.jar and jaxws-rt-*.jar to the +list of JARs to skip when scanning for TLDs, web fragments and +annotations. (michaelo) + + + @@ -720,11 +729,6 @@ 447. Correct JPMS metadata for catalina.jar. Pull request provided by Hui Wang. (markt) - -Add ha-api-*.jar and jaxws-rt-*.jar to the -list of JARs to skip when scanning for TLDs, web fragments and -annotations. (michaelo) - - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch main updated: jarsToSkip += derby-*.jar jaxws-rt-*.jar
This is an automated email from the ASF dual-hosted git repository. michaelo pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/main by this push: new 1710c7b jarsToSkip += derby-*.jar jaxws-rt-*.jar 1710c7b is described below commit 1710c7ba940f114a11fbc7fe8f10b2c68d95d9b7 Author: Michael Osipov AuthorDate: Mon Jan 24 12:01:43 2022 +0100 jarsToSkip += derby-*.jar jaxws-rt-*.jar --- conf/catalina.properties | 2 ++ webapps/docs/changelog.xml | 5 + 2 files changed, 7 insertions(+) diff --git a/conf/catalina.properties b/conf/catalina.properties index 2596547..6a31180 100644 --- a/conf/catalina.properties +++ b/conf/catalina.properties @@ -141,6 +141,7 @@ ecj-*.jar,\ el-api.jar,\ geronimo-spec-jaxrpc*.jar,\ h2*.jar,\ +ha-api-*.jar,\ hamcrest-*.jar,\ hibernate*.jar,\ httpclient*.jar,\ @@ -151,6 +152,7 @@ jasper.jar,\ jaspic-api.jar,\ jaxb-*.jar,\ jaxen-*.jar,\ +jaxws-rt-*.jar,\ jdom-*.jar,\ jetty-*.jar,\ jmx-tools.jar,\ diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml index 9ba81fb..2d13033 100644 --- a/webapps/docs/changelog.xml +++ b/webapps/docs/changelog.xml @@ -720,6 +720,11 @@ 447. Correct JPMS metadata for catalina.jar. Pull request provided by Hui Wang. (markt) + +Add ha-api-*.jar and jaxws-rt-*.jar to the +list of JARs to skip when scanning for TLDs, web fragments and +annotations. (michaelo) + - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 8.5.x updated: Log warning if a listener is incorrectly placed
This is an automated email from the ASF dual-hosted git repository.
michaelo pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/8.5.x by this push:
new 4896083 Log warning if a listener is incorrectly placed
4896083 is described below
commit 48960832ca7e5c6da77d2fb83548e4f92fb37040
Author: Michael Osipov
AuthorDate: Mon Nov 8 20:39:09 2021 +0100
Log warning if a listener is incorrectly placed
Some listeners are intented to be nested inside a Server element only.
If a listener is misplaced a warning message is logged.
---
java/org/apache/catalina/core/AprLifecycleListener.java | 4
.../org/apache/catalina/core/JreMemoryLeakPreventionListener.java | 4
java/org/apache/catalina/core/LocalStrings.properties | 2 ++
.../apache/catalina/mbeans/GlobalResourcesLifecycleListener.java | 4
java/org/apache/catalina/security/LocalStrings.properties | 2 ++
java/org/apache/catalina/security/SecurityListener.java | 4
java/org/apache/catalina/startup/LocalStrings.properties | 2 ++
java/org/apache/catalina/startup/VersionLoggerListener.java | 4
.../apache/catalina/storeconfig/StoreConfigLifecycleListener.java | 8 +---
webapps/docs/changelog.xml| 4
10 files changed, 35 insertions(+), 3 deletions(-)
diff --git a/java/org/apache/catalina/core/AprLifecycleListener.java
b/java/org/apache/catalina/core/AprLifecycleListener.java
index 3546946..80dc5a5 100644
--- a/java/org/apache/catalina/core/AprLifecycleListener.java
+++ b/java/org/apache/catalina/core/AprLifecycleListener.java
@@ -126,6 +126,10 @@ public class AprLifecycleListener implements
LifecycleListener {
if (Lifecycle.BEFORE_INIT_EVENT.equals(event.getType())) {
synchronized (lock) {
+if (!(event.getLifecycle() instanceof Server)) {
+log.warn(sm.getString("listener.notServer",
+event.getLifecycle().getClass().getSimpleName()));
+}
init();
for (String msg : initInfoLogMessages) {
log.info(msg);
diff --git a/java/org/apache/catalina/core/JreMemoryLeakPreventionListener.java
b/java/org/apache/catalina/core/JreMemoryLeakPreventionListener.java
index 59e8ff7..58f1382 100644
--- a/java/org/apache/catalina/core/JreMemoryLeakPreventionListener.java
+++ b/java/org/apache/catalina/core/JreMemoryLeakPreventionListener.java
@@ -234,6 +234,10 @@ public class JreMemoryLeakPreventionListener implements
LifecycleListener {
public void lifecycleEvent(LifecycleEvent event) {
// Initialise these classes when Tomcat starts
if (Lifecycle.BEFORE_INIT_EVENT.equals(event.getType())) {
+if (!(event.getLifecycle() instanceof Server)) {
+log.warn(sm.getString("listener.notServer",
+event.getLifecycle().getClass().getSimpleName()));
+}
/*
* First call to this loads all drivers visible to the current
class
diff --git a/java/org/apache/catalina/core/LocalStrings.properties
b/java/org/apache/catalina/core/LocalStrings.properties
index 3c5b58a..1e5d56e 100644
--- a/java/org/apache/catalina/core/LocalStrings.properties
+++ b/java/org/apache/catalina/core/LocalStrings.properties
@@ -150,6 +150,8 @@ jreLeakListener.jarUrlConnCacheFail=Failed to disable Jar
URL connection caching
jreLeakListener.ldapPoolManagerFail=Failed to trigger creation of the
com.sun.jndi.ldap.LdapPoolManager class during Tomcat start to prevent possible
memory leaks. This is expected on non-Sun JVMs.
jreLeakListener.xmlParseFail=Error whilst attempting to prevent memory leaks
during XML parsing
+listener.notServer=This listener must only be nested within Server elements,
but is in [{0}].
+
naming.addEnvEntry=Adding environment entry [{0}]
naming.addResourceEnvRef=Adding resource env ref [{0}]
naming.bindFailed=Failed to bind object: [{0}]
diff --git
a/java/org/apache/catalina/mbeans/GlobalResourcesLifecycleListener.java
b/java/org/apache/catalina/mbeans/GlobalResourcesLifecycleListener.java
index 125d044..4539b31 100644
--- a/java/org/apache/catalina/mbeans/GlobalResourcesLifecycleListener.java
+++ b/java/org/apache/catalina/mbeans/GlobalResourcesLifecycleListener.java
@@ -79,6 +79,10 @@ public class GlobalResourcesLifecycleListener implements
LifecycleListener {
public void lifecycleEvent(LifecycleEvent event) {
if (Lifecycle.START_EVENT.equals(event.getType())) {
+if (!(event.getLifecycle() instanceof Server)) {
+log.warn("This listener must only be nested within Server
elements, but is in [" +
+event.getLifecycle().getClass().getSimpleName() +
"].");
+}
[tomcat] branch 9.0.x updated: Log warning if a listener is incorrectly placed
This is an automated email from the ASF dual-hosted git repository.
michaelo pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/9.0.x by this push:
new ae9f1d6 Log warning if a listener is incorrectly placed
ae9f1d6 is described below
commit ae9f1d6821c5c3364b86a140d962f1504f243ccd
Author: Michael Osipov
AuthorDate: Mon Nov 8 20:39:09 2021 +0100
Log warning if a listener is incorrectly placed
Some listeners are intented to be nested inside a Server element only.
If a listener is misplaced a warning message is logged.
---
java/org/apache/catalina/core/AprLifecycleListener.java | 4
.../org/apache/catalina/core/JreMemoryLeakPreventionListener.java | 4
java/org/apache/catalina/core/LocalStrings.properties | 2 ++
.../apache/catalina/mbeans/GlobalResourcesLifecycleListener.java | 4
java/org/apache/catalina/mbeans/LocalStrings.properties | 3 +++
java/org/apache/catalina/security/LocalStrings.properties | 2 ++
java/org/apache/catalina/security/SecurityListener.java | 4
java/org/apache/catalina/startup/LocalStrings.properties | 1 +
java/org/apache/catalina/startup/VersionLoggerListener.java | 4
java/org/apache/catalina/storeconfig/LocalStrings.properties | 2 +-
.../apache/catalina/storeconfig/StoreConfigLifecycleListener.java | 8 +---
webapps/docs/changelog.xml| 4
12 files changed, 38 insertions(+), 4 deletions(-)
diff --git a/java/org/apache/catalina/core/AprLifecycleListener.java
b/java/org/apache/catalina/core/AprLifecycleListener.java
index a3bd1db..1c72b30 100644
--- a/java/org/apache/catalina/core/AprLifecycleListener.java
+++ b/java/org/apache/catalina/core/AprLifecycleListener.java
@@ -121,6 +121,10 @@ public class AprLifecycleListener implements
LifecycleListener {
if (Lifecycle.BEFORE_INIT_EVENT.equals(event.getType())) {
synchronized (lock) {
+if (!(event.getLifecycle() instanceof Server)) {
+log.warn(sm.getString("listener.notServer",
+event.getLifecycle().getClass().getSimpleName()));
+}
init();
for (String msg : initInfoLogMessages) {
log.info(msg);
diff --git a/java/org/apache/catalina/core/JreMemoryLeakPreventionListener.java
b/java/org/apache/catalina/core/JreMemoryLeakPreventionListener.java
index 5163623..baa34c2 100644
--- a/java/org/apache/catalina/core/JreMemoryLeakPreventionListener.java
+++ b/java/org/apache/catalina/core/JreMemoryLeakPreventionListener.java
@@ -209,6 +209,10 @@ public class JreMemoryLeakPreventionListener implements
LifecycleListener {
public void lifecycleEvent(LifecycleEvent event) {
// Initialise these classes when Tomcat starts
if (Lifecycle.BEFORE_INIT_EVENT.equals(event.getType())) {
+if (!(event.getLifecycle() instanceof Server)) {
+log.warn(sm.getString("listener.notServer",
+event.getLifecycle().getClass().getSimpleName()));
+}
/*
* First call to this loads all drivers visible to the current
class
diff --git a/java/org/apache/catalina/core/LocalStrings.properties
b/java/org/apache/catalina/core/LocalStrings.properties
index 03e9351..2ad9cc5 100644
--- a/java/org/apache/catalina/core/LocalStrings.properties
+++ b/java/org/apache/catalina/core/LocalStrings.properties
@@ -147,6 +147,8 @@ jreLeakListener.jarUrlConnCacheFail=Failed to disable Jar
URL connection caching
jreLeakListener.ldapPoolManagerFail=Failed to trigger creation of the
com.sun.jndi.ldap.LdapPoolManager class during Tomcat start to prevent possible
memory leaks. This is expected on non-Sun JVMs.
jreLeakListener.xmlParseFail=Error whilst attempting to prevent memory leaks
during XML parsing
+listener.notServer=This listener must only be nested within Server elements,
but is in [{0}].
+
naming.addEnvEntry=Adding environment entry [{0}]
naming.addResourceEnvRef=Adding resource env ref [{0}]
naming.bindFailed=Failed to bind object: [{0}]
diff --git
a/java/org/apache/catalina/mbeans/GlobalResourcesLifecycleListener.java
b/java/org/apache/catalina/mbeans/GlobalResourcesLifecycleListener.java
index d6d7506..4f2f2dc 100644
--- a/java/org/apache/catalina/mbeans/GlobalResourcesLifecycleListener.java
+++ b/java/org/apache/catalina/mbeans/GlobalResourcesLifecycleListener.java
@@ -74,6 +74,10 @@ public class GlobalResourcesLifecycleListener implements
LifecycleListener {
public void lifecycleEvent(LifecycleEvent event) {
if (Lifecycle.START_EVENT.equals(event.getType())) {
+if (!(event.getLifecycle() instanceof Server)) {
+log.warn(sm.getString
[tomcat] branch 10.0.x updated: Log warning if a listener is incorrectly placed
This is an automated email from the ASF dual-hosted git repository.
michaelo pushed a commit to branch 10.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/10.0.x by this push:
new 85f41ba Log warning if a listener is incorrectly placed
85f41ba is described below
commit 85f41ba9f76c719f4d17c54c6bd88393f17993c2
Author: Michael Osipov
AuthorDate: Mon Nov 8 20:39:09 2021 +0100
Log warning if a listener is incorrectly placed
Some listeners are intented to be nested inside a Server element only.
If a listener is misplaced a warning message is logged.
---
java/org/apache/catalina/core/AprLifecycleListener.java | 4
.../org/apache/catalina/core/JreMemoryLeakPreventionListener.java | 4
java/org/apache/catalina/core/LocalStrings.properties | 2 ++
.../apache/catalina/mbeans/GlobalResourcesLifecycleListener.java | 4
java/org/apache/catalina/mbeans/LocalStrings.properties | 2 ++
java/org/apache/catalina/security/LocalStrings.properties | 2 ++
java/org/apache/catalina/security/SecurityListener.java | 4
java/org/apache/catalina/startup/LocalStrings.properties | 1 +
java/org/apache/catalina/startup/VersionLoggerListener.java | 4
java/org/apache/catalina/storeconfig/LocalStrings.properties | 2 +-
.../apache/catalina/storeconfig/StoreConfigLifecycleListener.java | 8 +---
webapps/docs/changelog.xml| 4
12 files changed, 37 insertions(+), 4 deletions(-)
diff --git a/java/org/apache/catalina/core/AprLifecycleListener.java
b/java/org/apache/catalina/core/AprLifecycleListener.java
index d92ac14..285abf9 100644
--- a/java/org/apache/catalina/core/AprLifecycleListener.java
+++ b/java/org/apache/catalina/core/AprLifecycleListener.java
@@ -121,6 +121,10 @@ public class AprLifecycleListener implements
LifecycleListener {
if (Lifecycle.BEFORE_INIT_EVENT.equals(event.getType())) {
synchronized (lock) {
+if (!(event.getLifecycle() instanceof Server)) {
+log.warn(sm.getString("listener.notServer",
+event.getLifecycle().getClass().getSimpleName()));
+}
init();
for (String msg : initInfoLogMessages) {
log.info(msg);
diff --git a/java/org/apache/catalina/core/JreMemoryLeakPreventionListener.java
b/java/org/apache/catalina/core/JreMemoryLeakPreventionListener.java
index 5163623..baa34c2 100644
--- a/java/org/apache/catalina/core/JreMemoryLeakPreventionListener.java
+++ b/java/org/apache/catalina/core/JreMemoryLeakPreventionListener.java
@@ -209,6 +209,10 @@ public class JreMemoryLeakPreventionListener implements
LifecycleListener {
public void lifecycleEvent(LifecycleEvent event) {
// Initialise these classes when Tomcat starts
if (Lifecycle.BEFORE_INIT_EVENT.equals(event.getType())) {
+if (!(event.getLifecycle() instanceof Server)) {
+log.warn(sm.getString("listener.notServer",
+event.getLifecycle().getClass().getSimpleName()));
+}
/*
* First call to this loads all drivers visible to the current
class
diff --git a/java/org/apache/catalina/core/LocalStrings.properties
b/java/org/apache/catalina/core/LocalStrings.properties
index 7c05313..54747cc 100644
--- a/java/org/apache/catalina/core/LocalStrings.properties
+++ b/java/org/apache/catalina/core/LocalStrings.properties
@@ -146,6 +146,8 @@ jreLeakListener.jarUrlConnCacheFail=Failed to disable Jar
URL connection caching
jreLeakListener.ldapPoolManagerFail=Failed to trigger creation of the
com.sun.jndi.ldap.LdapPoolManager class during Tomcat start to prevent possible
memory leaks. This is expected on non-Sun JVMs.
jreLeakListener.xmlParseFail=Error whilst attempting to prevent memory leaks
during XML parsing
+listener.notServer=This listener must only be nested within Server elements,
but is in [{0}].
+
naming.addEnvEntry=Adding environment entry [{0}]
naming.addResourceEnvRef=Adding resource env ref [{0}]
naming.bindFailed=Failed to bind object: [{0}]
diff --git
a/java/org/apache/catalina/mbeans/GlobalResourcesLifecycleListener.java
b/java/org/apache/catalina/mbeans/GlobalResourcesLifecycleListener.java
index d6d7506..4f2f2dc 100644
--- a/java/org/apache/catalina/mbeans/GlobalResourcesLifecycleListener.java
+++ b/java/org/apache/catalina/mbeans/GlobalResourcesLifecycleListener.java
@@ -74,6 +74,10 @@ public class GlobalResourcesLifecycleListener implements
LifecycleListener {
public void lifecycleEvent(LifecycleEvent event) {
if (Lifecycle.START_EVENT.equals(event.getType())) {
+if (!(event.getLifecycle() instanceof Server)) {
+log.warn(sm.getString
[tomcat] branch main updated: Log warning if a listener is incorrectly placed
This is an automated email from the ASF dual-hosted git repository.
michaelo pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/main by this push:
new 322a9ab Log warning if a listener is incorrectly placed
322a9ab is described below
commit 322a9aba6f891f0e11e2aea8fb99894b595e07a0
Author: Michael Osipov
AuthorDate: Mon Nov 8 20:39:09 2021 +0100
Log warning if a listener is incorrectly placed
Some listeners are intented to be nested inside a Server element only.
If a listener is misplaced a warning message is logged.
---
java/org/apache/catalina/core/AprLifecycleListener.java | 4
.../org/apache/catalina/core/JreMemoryLeakPreventionListener.java | 4
java/org/apache/catalina/core/LocalStrings.properties | 2 ++
.../apache/catalina/mbeans/GlobalResourcesLifecycleListener.java | 4
java/org/apache/catalina/mbeans/LocalStrings.properties | 2 ++
java/org/apache/catalina/security/LocalStrings.properties | 2 ++
java/org/apache/catalina/security/SecurityListener.java | 4
java/org/apache/catalina/startup/LocalStrings.properties | 1 +
java/org/apache/catalina/startup/VersionLoggerListener.java | 4
java/org/apache/catalina/storeconfig/LocalStrings.properties | 2 +-
.../apache/catalina/storeconfig/StoreConfigLifecycleListener.java | 8 +---
webapps/docs/changelog.xml| 8
12 files changed, 41 insertions(+), 4 deletions(-)
diff --git a/java/org/apache/catalina/core/AprLifecycleListener.java
b/java/org/apache/catalina/core/AprLifecycleListener.java
index d92ac14..285abf9 100644
--- a/java/org/apache/catalina/core/AprLifecycleListener.java
+++ b/java/org/apache/catalina/core/AprLifecycleListener.java
@@ -121,6 +121,10 @@ public class AprLifecycleListener implements
LifecycleListener {
if (Lifecycle.BEFORE_INIT_EVENT.equals(event.getType())) {
synchronized (lock) {
+if (!(event.getLifecycle() instanceof Server)) {
+log.warn(sm.getString("listener.notServer",
+event.getLifecycle().getClass().getSimpleName()));
+}
init();
for (String msg : initInfoLogMessages) {
log.info(msg);
diff --git a/java/org/apache/catalina/core/JreMemoryLeakPreventionListener.java
b/java/org/apache/catalina/core/JreMemoryLeakPreventionListener.java
index 47c5624..4206ff7 100644
--- a/java/org/apache/catalina/core/JreMemoryLeakPreventionListener.java
+++ b/java/org/apache/catalina/core/JreMemoryLeakPreventionListener.java
@@ -107,6 +107,10 @@ public class JreMemoryLeakPreventionListener implements
LifecycleListener {
public void lifecycleEvent(LifecycleEvent event) {
// Initialise these classes when Tomcat starts
if (Lifecycle.BEFORE_INIT_EVENT.equals(event.getType())) {
+if (!(event.getLifecycle() instanceof Server)) {
+log.warn(sm.getString("listener.notServer",
+event.getLifecycle().getClass().getSimpleName()));
+}
/*
* First call to this loads all drivers visible to the current
class
diff --git a/java/org/apache/catalina/core/LocalStrings.properties
b/java/org/apache/catalina/core/LocalStrings.properties
index 345d197..80dbc79 100644
--- a/java/org/apache/catalina/core/LocalStrings.properties
+++ b/java/org/apache/catalina/core/LocalStrings.properties
@@ -142,6 +142,8 @@ jniLifecycleListener.missingPathOrName=One of libraryName
or libraryPath must be
jreLeakListener.classToInitializeFail=Failed to load class [{0}] during Tomcat
start to prevent possible memory leaks.
+listener.notServer=This listener must only be nested within Server elements,
but is in [{0}].
+
naming.addEnvEntry=Adding environment entry [{0}]
naming.addResourceEnvRef=Adding resource env ref [{0}]
naming.bindFailed=Failed to bind object: [{0}]
diff --git
a/java/org/apache/catalina/mbeans/GlobalResourcesLifecycleListener.java
b/java/org/apache/catalina/mbeans/GlobalResourcesLifecycleListener.java
index d6d7506..4f2f2dc 100644
--- a/java/org/apache/catalina/mbeans/GlobalResourcesLifecycleListener.java
+++ b/java/org/apache/catalina/mbeans/GlobalResourcesLifecycleListener.java
@@ -74,6 +74,10 @@ public class GlobalResourcesLifecycleListener implements
LifecycleListener {
public void lifecycleEvent(LifecycleEvent event) {
if (Lifecycle.START_EVENT.equals(event.getType())) {
+if (!(event.getLifecycle() instanceof Server)) {
+log.warn(sm.getString("listener.notServer",
+event.getLifecycle().getClass().getSimpleName()));
+}
component = event.getLifecycle();
createMBeans();
} else i
[tomcat] branch 8.5.x updated: Add Javadoc comment about nesting of server-wide listeners
This is an automated email from the ASF dual-hosted git repository.
michaelo pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/8.5.x by this push:
new 6a58001 Add Javadoc comment about nesting of server-wide listeners
6a58001 is described below
commit 6a580010d4f8ffafdc5237402604f91aa1cdd919
Author: Michael Osipov
AuthorDate: Mon Nov 1 09:18:47 2021 +0100
Add Javadoc comment about nesting of server-wide listeners
---
java/org/apache/catalina/core/AprLifecycleListener.java | 3 +++
.../org/apache/catalina/core/JreMemoryLeakPreventionListener.java | 1 +
.../apache/catalina/core/ThreadLocalLeakPreventionListener.java | 8 ++--
.../apache/catalina/mbeans/GlobalResourcesLifecycleListener.java | 3 +++
java/org/apache/catalina/security/SecurityListener.java | 4
java/org/apache/catalina/startup/VersionLoggerListener.java | 4
webapps/docs/changelog.xml| 4
7 files changed, 21 insertions(+), 6 deletions(-)
diff --git a/java/org/apache/catalina/core/AprLifecycleListener.java
b/java/org/apache/catalina/core/AprLifecycleListener.java
index 5a35ce7..3546946 100644
--- a/java/org/apache/catalina/core/AprLifecycleListener.java
+++ b/java/org/apache/catalina/core/AprLifecycleListener.java
@@ -25,6 +25,7 @@ import java.util.List;
import org.apache.catalina.Lifecycle;
import org.apache.catalina.LifecycleEvent;
import org.apache.catalina.LifecycleListener;
+import org.apache.catalina.Server;
import org.apache.juli.logging.Log;
import org.apache.juli.logging.LogFactory;
import org.apache.tomcat.jni.Library;
@@ -38,6 +39,8 @@ import org.apache.tomcat.util.res.StringManager;
/**
* Implementation of LifecycleListener that will init and
* and destroy APR.
+ *
+ * This listener must only be nested within {@link Server} elements.
*
* @since 4.1
*/
diff --git a/java/org/apache/catalina/core/JreMemoryLeakPreventionListener.java
b/java/org/apache/catalina/core/JreMemoryLeakPreventionListener.java
index d7f6f33..c8d4847 100644
--- a/java/org/apache/catalina/core/JreMemoryLeakPreventionListener.java
+++ b/java/org/apache/catalina/core/JreMemoryLeakPreventionListener.java
@@ -33,6 +33,7 @@ import org.apache.catalina.Lifecycle;
import org.apache.catalina.LifecycleEvent;
import org.apache.catalina.LifecycleListener;
import org.apache.catalina.startup.SafeForkJoinWorkerThreadFactory;
+import org.apache.catalina.Server;
import org.apache.juli.logging.Log;
import org.apache.juli.logging.LogFactory;
import org.apache.tomcat.util.ExceptionUtils;
diff --git
a/java/org/apache/catalina/core/ThreadLocalLeakPreventionListener.java
b/java/org/apache/catalina/core/ThreadLocalLeakPreventionListener.java
index b619771..c242eeb 100644
--- a/java/org/apache/catalina/core/ThreadLocalLeakPreventionListener.java
+++ b/java/org/apache/catalina/core/ThreadLocalLeakPreventionListener.java
@@ -37,19 +37,15 @@ import org.apache.tomcat.util.res.StringManager;
import org.apache.tomcat.util.threads.ThreadPoolExecutor;
/**
- *
* A {@link LifecycleListener} that triggers the renewal of threads in Executor
* pools when a {@link Context} is being stopped to avoid thread-local related
* memory leaks.
- *
*
* Note : active threads will be renewed one by one when they come back to the
* pool after executing their task, see
* {@link org.apache.tomcat.util.threads.ThreadPoolExecutor}.afterExecute().
- *
- *
- * This listener must be declared in server.xml to be active.
- *
+ *
+ * This listener must only be nested within {@link Server} elements.
*/
public class ThreadLocalLeakPreventionListener implements LifecycleListener,
ContainerListener {
diff --git
a/java/org/apache/catalina/mbeans/GlobalResourcesLifecycleListener.java
b/java/org/apache/catalina/mbeans/GlobalResourcesLifecycleListener.java
index b298f7e..125d044 100644
--- a/java/org/apache/catalina/mbeans/GlobalResourcesLifecycleListener.java
+++ b/java/org/apache/catalina/mbeans/GlobalResourcesLifecycleListener.java
@@ -31,6 +31,7 @@ import org.apache.catalina.Lifecycle;
import org.apache.catalina.LifecycleEvent;
import org.apache.catalina.LifecycleListener;
import org.apache.catalina.Role;
+import org.apache.catalina.Server;
import org.apache.catalina.User;
import org.apache.catalina.UserDatabase;
import org.apache.juli.logging.Log;
@@ -42,6 +43,8 @@ import org.apache.tomcat.util.modeler.Registry;
* Implementation of LifecycleListener that instantiates the
* set of MBeans associated with global JNDI resources that are subject to
* management.
+ *
+ * This listener must only be nested within {@link Server} elements.
*
* @author Craig R. McClanahan
* @since 4.1
diff --git a/java/org/apache/catalina/security/SecurityListener.java
b/java/org/apache/catalina/security/SecurityListener.java
index 782753f..cee5ae0 100644
--- a/java/org/apache
[tomcat] branch 9.0.x updated: Add Javadoc comment about nesting of server-wide listeners
This is an automated email from the ASF dual-hosted git repository.
michaelo pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/9.0.x by this push:
new 9a5c21c Add Javadoc comment about nesting of server-wide listeners
9a5c21c is described below
commit 9a5c21cb604edd63e28a343f3603e79ab792074b
Author: Michael Osipov
AuthorDate: Mon Nov 1 09:18:47 2021 +0100
Add Javadoc comment about nesting of server-wide listeners
---
java/org/apache/catalina/core/AprLifecycleListener.java | 3 +++
.../org/apache/catalina/core/JreMemoryLeakPreventionListener.java | 1 +
.../apache/catalina/core/ThreadLocalLeakPreventionListener.java | 8 ++--
.../apache/catalina/mbeans/GlobalResourcesLifecycleListener.java | 3 +++
java/org/apache/catalina/security/SecurityListener.java | 4
java/org/apache/catalina/startup/VersionLoggerListener.java | 4
webapps/docs/changelog.xml| 4
7 files changed, 21 insertions(+), 6 deletions(-)
diff --git a/java/org/apache/catalina/core/AprLifecycleListener.java
b/java/org/apache/catalina/core/AprLifecycleListener.java
index ee2a648..a3bd1db 100644
--- a/java/org/apache/catalina/core/AprLifecycleListener.java
+++ b/java/org/apache/catalina/core/AprLifecycleListener.java
@@ -25,6 +25,7 @@ import java.util.List;
import org.apache.catalina.Lifecycle;
import org.apache.catalina.LifecycleEvent;
import org.apache.catalina.LifecycleListener;
+import org.apache.catalina.Server;
import org.apache.juli.logging.Log;
import org.apache.juli.logging.LogFactory;
import org.apache.tomcat.jni.Library;
@@ -38,6 +39,8 @@ import org.apache.tomcat.util.res.StringManager;
/**
* Implementation of LifecycleListener that will init and
* and destroy APR.
+ *
+ * This listener must only be nested within {@link Server} elements.
*
* @since 4.1
*/
diff --git a/java/org/apache/catalina/core/JreMemoryLeakPreventionListener.java
b/java/org/apache/catalina/core/JreMemoryLeakPreventionListener.java
index b3c56a5..12bf11e 100644
--- a/java/org/apache/catalina/core/JreMemoryLeakPreventionListener.java
+++ b/java/org/apache/catalina/core/JreMemoryLeakPreventionListener.java
@@ -33,6 +33,7 @@ import org.apache.catalina.Lifecycle;
import org.apache.catalina.LifecycleEvent;
import org.apache.catalina.LifecycleListener;
import org.apache.catalina.startup.SafeForkJoinWorkerThreadFactory;
+import org.apache.catalina.Server;
import org.apache.juli.logging.Log;
import org.apache.juli.logging.LogFactory;
import org.apache.tomcat.util.ExceptionUtils;
diff --git
a/java/org/apache/catalina/core/ThreadLocalLeakPreventionListener.java
b/java/org/apache/catalina/core/ThreadLocalLeakPreventionListener.java
index f13b19a..9000576 100644
--- a/java/org/apache/catalina/core/ThreadLocalLeakPreventionListener.java
+++ b/java/org/apache/catalina/core/ThreadLocalLeakPreventionListener.java
@@ -34,19 +34,15 @@ import org.apache.tomcat.util.res.StringManager;
import org.apache.tomcat.util.threads.ThreadPoolExecutor;
/**
- *
* A {@link LifecycleListener} that triggers the renewal of threads in Executor
* pools when a {@link Context} is being stopped to avoid thread-local related
* memory leaks.
- *
*
* Note : active threads will be renewed one by one when they come back to the
* pool after executing their task, see
* {@link org.apache.tomcat.util.threads.ThreadPoolExecutor}.afterExecute().
- *
- *
- * This listener must be declared in server.xml to be active.
- *
+ *
+ * This listener must only be nested within {@link Server} elements.
*/
public class ThreadLocalLeakPreventionListener extends FrameworkListener {
diff --git
a/java/org/apache/catalina/mbeans/GlobalResourcesLifecycleListener.java
b/java/org/apache/catalina/mbeans/GlobalResourcesLifecycleListener.java
index bca1ed7..d6d7506 100644
--- a/java/org/apache/catalina/mbeans/GlobalResourcesLifecycleListener.java
+++ b/java/org/apache/catalina/mbeans/GlobalResourcesLifecycleListener.java
@@ -31,6 +31,7 @@ import org.apache.catalina.Lifecycle;
import org.apache.catalina.LifecycleEvent;
import org.apache.catalina.LifecycleListener;
import org.apache.catalina.Role;
+import org.apache.catalina.Server;
import org.apache.catalina.User;
import org.apache.catalina.UserDatabase;
import org.apache.juli.logging.Log;
@@ -42,6 +43,8 @@ import org.apache.tomcat.util.res.StringManager;
* Implementation of LifecycleListener that instantiates the
* set of MBeans associated with global JNDI resources that are subject to
* management.
+ *
+ * This listener must only be nested within {@link Server} elements.
*
* @author Craig R. McClanahan
* @since 4.1
diff --git a/java/org/apache/catalina/security/SecurityListener.java
b/java/org/apache/catalina/security/SecurityListener.java
index 782753f..cee5ae0 100644
--- a/java/org/apache/catalina/security
[tomcat] branch 10.0.x updated: Add Javadoc comment about nesting of server-wide listeners
This is an automated email from the ASF dual-hosted git repository.
michaelo pushed a commit to branch 10.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/10.0.x by this push:
new 8fe8c81 Add Javadoc comment about nesting of server-wide listeners
8fe8c81 is described below
commit 8fe8c814bbc48d6ddbc1cd721096ababac637fa9
Author: Michael Osipov
AuthorDate: Mon Nov 1 09:18:47 2021 +0100
Add Javadoc comment about nesting of server-wide listeners
---
java/org/apache/catalina/core/AprLifecycleListener.java | 3 +++
.../org/apache/catalina/core/JreMemoryLeakPreventionListener.java | 1 +
.../apache/catalina/core/ThreadLocalLeakPreventionListener.java | 8 ++--
.../apache/catalina/mbeans/GlobalResourcesLifecycleListener.java | 3 +++
java/org/apache/catalina/security/SecurityListener.java | 4
java/org/apache/catalina/startup/VersionLoggerListener.java | 4
webapps/docs/changelog.xml| 4
7 files changed, 21 insertions(+), 6 deletions(-)
diff --git a/java/org/apache/catalina/core/AprLifecycleListener.java
b/java/org/apache/catalina/core/AprLifecycleListener.java
index 9ff9496..d92ac14 100644
--- a/java/org/apache/catalina/core/AprLifecycleListener.java
+++ b/java/org/apache/catalina/core/AprLifecycleListener.java
@@ -25,6 +25,7 @@ import java.util.List;
import org.apache.catalina.Lifecycle;
import org.apache.catalina.LifecycleEvent;
import org.apache.catalina.LifecycleListener;
+import org.apache.catalina.Server;
import org.apache.juli.logging.Log;
import org.apache.juli.logging.LogFactory;
import org.apache.tomcat.jni.Library;
@@ -38,6 +39,8 @@ import org.apache.tomcat.util.res.StringManager;
/**
* Implementation of LifecycleListener that will init and
* and destroy APR.
+ *
+ * This listener must only be nested within {@link Server} elements.
*
* @since 4.1
*/
diff --git a/java/org/apache/catalina/core/JreMemoryLeakPreventionListener.java
b/java/org/apache/catalina/core/JreMemoryLeakPreventionListener.java
index b3c56a5..12bf11e 100644
--- a/java/org/apache/catalina/core/JreMemoryLeakPreventionListener.java
+++ b/java/org/apache/catalina/core/JreMemoryLeakPreventionListener.java
@@ -33,6 +33,7 @@ import org.apache.catalina.Lifecycle;
import org.apache.catalina.LifecycleEvent;
import org.apache.catalina.LifecycleListener;
import org.apache.catalina.startup.SafeForkJoinWorkerThreadFactory;
+import org.apache.catalina.Server;
import org.apache.juli.logging.Log;
import org.apache.juli.logging.LogFactory;
import org.apache.tomcat.util.ExceptionUtils;
diff --git
a/java/org/apache/catalina/core/ThreadLocalLeakPreventionListener.java
b/java/org/apache/catalina/core/ThreadLocalLeakPreventionListener.java
index f13b19a..9000576 100644
--- a/java/org/apache/catalina/core/ThreadLocalLeakPreventionListener.java
+++ b/java/org/apache/catalina/core/ThreadLocalLeakPreventionListener.java
@@ -34,19 +34,15 @@ import org.apache.tomcat.util.res.StringManager;
import org.apache.tomcat.util.threads.ThreadPoolExecutor;
/**
- *
* A {@link LifecycleListener} that triggers the renewal of threads in Executor
* pools when a {@link Context} is being stopped to avoid thread-local related
* memory leaks.
- *
*
* Note : active threads will be renewed one by one when they come back to the
* pool after executing their task, see
* {@link org.apache.tomcat.util.threads.ThreadPoolExecutor}.afterExecute().
- *
- *
- * This listener must be declared in server.xml to be active.
- *
+ *
+ * This listener must only be nested within {@link Server} elements.
*/
public class ThreadLocalLeakPreventionListener extends FrameworkListener {
diff --git
a/java/org/apache/catalina/mbeans/GlobalResourcesLifecycleListener.java
b/java/org/apache/catalina/mbeans/GlobalResourcesLifecycleListener.java
index bca1ed7..d6d7506 100644
--- a/java/org/apache/catalina/mbeans/GlobalResourcesLifecycleListener.java
+++ b/java/org/apache/catalina/mbeans/GlobalResourcesLifecycleListener.java
@@ -31,6 +31,7 @@ import org.apache.catalina.Lifecycle;
import org.apache.catalina.LifecycleEvent;
import org.apache.catalina.LifecycleListener;
import org.apache.catalina.Role;
+import org.apache.catalina.Server;
import org.apache.catalina.User;
import org.apache.catalina.UserDatabase;
import org.apache.juli.logging.Log;
@@ -42,6 +43,8 @@ import org.apache.tomcat.util.res.StringManager;
* Implementation of LifecycleListener that instantiates the
* set of MBeans associated with global JNDI resources that are subject to
* management.
+ *
+ * This listener must only be nested within {@link Server} elements.
*
* @author Craig R. McClanahan
* @since 4.1
diff --git a/java/org/apache/catalina/security/SecurityListener.java
b/java/org/apache/catalina/security/SecurityListener.java
index 782753f..cee5ae0 100644
--- a/java/org/apache/catalina/security
[tomcat] branch main updated: Add Javadoc comment about nesting of server-wide listeners
This is an automated email from the ASF dual-hosted git repository.
michaelo pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/main by this push:
new fab59e5 Add Javadoc comment about nesting of server-wide listeners
fab59e5 is described below
commit fab59e5e07082b067060f16921c028f3d1991ae4
Author: Michael Osipov
AuthorDate: Mon Nov 1 09:18:47 2021 +0100
Add Javadoc comment about nesting of server-wide listeners
---
java/org/apache/catalina/core/AprLifecycleListener.java | 3 +++
.../org/apache/catalina/core/JreMemoryLeakPreventionListener.java | 3 +++
.../apache/catalina/core/ThreadLocalLeakPreventionListener.java | 8 ++--
.../apache/catalina/mbeans/GlobalResourcesLifecycleListener.java | 3 +++
java/org/apache/catalina/security/SecurityListener.java | 4
java/org/apache/catalina/startup/VersionLoggerListener.java | 4
webapps/docs/changelog.xml| 4
7 files changed, 23 insertions(+), 6 deletions(-)
diff --git a/java/org/apache/catalina/core/AprLifecycleListener.java
b/java/org/apache/catalina/core/AprLifecycleListener.java
index 9ff9496..d92ac14 100644
--- a/java/org/apache/catalina/core/AprLifecycleListener.java
+++ b/java/org/apache/catalina/core/AprLifecycleListener.java
@@ -25,6 +25,7 @@ import java.util.List;
import org.apache.catalina.Lifecycle;
import org.apache.catalina.LifecycleEvent;
import org.apache.catalina.LifecycleListener;
+import org.apache.catalina.Server;
import org.apache.juli.logging.Log;
import org.apache.juli.logging.LogFactory;
import org.apache.tomcat.jni.Library;
@@ -38,6 +39,8 @@ import org.apache.tomcat.util.res.StringManager;
/**
* Implementation of LifecycleListener that will init and
* and destroy APR.
+ *
+ * This listener must only be nested within {@link Server} elements.
*
* @since 4.1
*/
diff --git a/java/org/apache/catalina/core/JreMemoryLeakPreventionListener.java
b/java/org/apache/catalina/core/JreMemoryLeakPreventionListener.java
index dce3cfe..47c5624 100644
--- a/java/org/apache/catalina/core/JreMemoryLeakPreventionListener.java
+++ b/java/org/apache/catalina/core/JreMemoryLeakPreventionListener.java
@@ -25,6 +25,7 @@ import javax.imageio.ImageIO;
import org.apache.catalina.Lifecycle;
import org.apache.catalina.LifecycleEvent;
import org.apache.catalina.LifecycleListener;
+import org.apache.catalina.Server;
import org.apache.juli.logging.Log;
import org.apache.juli.logging.LogFactory;
import org.apache.tomcat.util.res.StringManager;
@@ -42,6 +43,8 @@ import org.apache.tomcat.util.res.StringManager;
* Locked files usually occur when a resource inside a JAR is accessed without
* first disabling Jar URL connection caching. The workaround is to disable
this
* caching by default.
+ *
+ * This listener must only be nested within {@link Server} elements.
*/
public class JreMemoryLeakPreventionListener implements LifecycleListener {
diff --git
a/java/org/apache/catalina/core/ThreadLocalLeakPreventionListener.java
b/java/org/apache/catalina/core/ThreadLocalLeakPreventionListener.java
index f13b19a..9000576 100644
--- a/java/org/apache/catalina/core/ThreadLocalLeakPreventionListener.java
+++ b/java/org/apache/catalina/core/ThreadLocalLeakPreventionListener.java
@@ -34,19 +34,15 @@ import org.apache.tomcat.util.res.StringManager;
import org.apache.tomcat.util.threads.ThreadPoolExecutor;
/**
- *
* A {@link LifecycleListener} that triggers the renewal of threads in Executor
* pools when a {@link Context} is being stopped to avoid thread-local related
* memory leaks.
- *
*
* Note : active threads will be renewed one by one when they come back to the
* pool after executing their task, see
* {@link org.apache.tomcat.util.threads.ThreadPoolExecutor}.afterExecute().
- *
- *
- * This listener must be declared in server.xml to be active.
- *
+ *
+ * This listener must only be nested within {@link Server} elements.
*/
public class ThreadLocalLeakPreventionListener extends FrameworkListener {
diff --git
a/java/org/apache/catalina/mbeans/GlobalResourcesLifecycleListener.java
b/java/org/apache/catalina/mbeans/GlobalResourcesLifecycleListener.java
index bca1ed7..d6d7506 100644
--- a/java/org/apache/catalina/mbeans/GlobalResourcesLifecycleListener.java
+++ b/java/org/apache/catalina/mbeans/GlobalResourcesLifecycleListener.java
@@ -31,6 +31,7 @@ import org.apache.catalina.Lifecycle;
import org.apache.catalina.LifecycleEvent;
import org.apache.catalina.LifecycleListener;
import org.apache.catalina.Role;
+import org.apache.catalina.Server;
import org.apache.catalina.User;
import org.apache.catalina.UserDatabase;
import org.apache.juli.logging.Log;
@@ -42,6 +43,8 @@ import org.apache.tomcat.util.res.StringManager;
* Implementation of LifecycleListener that instantiates the
* set of MBeans associated with global JNDI
[tomcat-native] branch main updated: Revert "Simplify Address#getInfo() native implementation"
This is an automated email from the ASF dual-hosted git repository.
michaelo pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat-native.git
The following commit(s) were added to refs/heads/main by this push:
new 73c347b Revert "Simplify Address#getInfo() native implementation"
73c347b is described below
commit 73c347b8d2565a87e5a5d98bfa1f89eef71c6211
Author: Michael Osipov
AuthorDate: Wed May 26 11:31:18 2021 +0200
Revert "Simplify Address#getInfo() native implementation"
This reverts commit 420cd1c159e4f27bb5d2a873dbd1fb7ea5d3473c.
---
native/src/address.c | 42 ++-
xdocs/miscellaneous/changelog.xml | 5 -
2 files changed, 41 insertions(+), 6 deletions(-)
diff --git a/native/src/address.c b/native/src/address.c
index fb17431..87a8771 100644
--- a/native/src/address.c
+++ b/native/src/address.c
@@ -23,19 +23,59 @@ TCN_IMPLEMENT_CALL(jlong, Address, info)(TCN_STDARGS,
{
apr_pool_t *p = J2P(pool, apr_pool_t *);
TCN_ALLOC_CSTRING(hostname);
+char *sp = NULL;
+int scope_id = 0;
apr_sockaddr_t *sa = NULL;
+apr_sockaddr_t *sl = NULL;
apr_int32_t f;
UNREFERENCED(o);
GET_S_FAMILY(f, family);
+#if APR_HAVE_IPV6
+if (hostname) {
+/* XXX: This only works for real scope_id's
+ */
+if ((sp = strchr(J2S(hostname), '%'))) {
+*sp++ = '\0';
+scope_id = atoi(sp);
+}
+}
+#endif
TCN_THROW_IF_ERR(apr_sockaddr_info_get(,
J2S(hostname), f, (apr_port_t)port,
(apr_int32_t)flags, p), sa);
+sl = sa;
+/*
+ * apr_sockaddr_info_get may return several address so this is not
+ * go to work in some cases (but as least it works for Linux)
+ * XXX: with AP_ENABLE_V4_MAPPED it is going to work otherwise it won't.
+ */
+#if APR_HAVE_IPV6
+if (hostname == NULL) {
+/* Try all address using IPV6 one */
+while (sl) {
+if (sl->family == APR_INET6)
+break; /* Done */
+sl = sl->next;
+}
+/* If we don't find an IPv6 address, use the original one */
+if (sl == NULL) {
+sl = sa;
+}
+}
+if (sp) {
+/* Set the provided scope id
+ * APR lack the api for setting this directly so lets presume
+ * the sin6_scope_id is present everywhere
+ */
+sl->sa.sin6.sin6_scope_id = scope_id;
+}
+#endif
cleanup:
TCN_FREE_CSTRING(hostname);
-return P2J(sa);
+return P2J(sl);
}
TCN_IMPLEMENT_CALL(jstring, Address, getnameinfo)(TCN_STDARGS,
diff --git a/xdocs/miscellaneous/changelog.xml
b/xdocs/miscellaneous/changelog.xml
index c735980..9f35b6e 100644
--- a/xdocs/miscellaneous/changelog.xml
+++ b/xdocs/miscellaneous/changelog.xml
@@ -35,11 +35,6 @@
-
-
- Simplify Address.getInfo() native implementation. (michaelo)
-
-
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat-native] branch main updated: Simplify Address#getInfo() native implementation
This is an automated email from the ASF dual-hosted git repository.
michaelo pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat-native.git
The following commit(s) were added to refs/heads/main by this push:
new 420cd1c Simplify Address#getInfo() native implementation
420cd1c is described below
commit 420cd1c159e4f27bb5d2a873dbd1fb7ea5d3473c
Author: Michael Osipov
AuthorDate: Fri May 21 23:31:14 2021 +0200
Simplify Address#getInfo() native implementation
Don't apply tricks and rely on OS behavior to resolve addresses. It is the
caller's responsibility to properly process socket addresses if more than
one exists.
This mimics the behavior of HTTPd's listen.c for apr_sockaddr_info_get().
---
native/src/address.c | 42 +--
xdocs/miscellaneous/changelog.xml | 5 +
2 files changed, 6 insertions(+), 41 deletions(-)
diff --git a/native/src/address.c b/native/src/address.c
index 87a8771..fb17431 100644
--- a/native/src/address.c
+++ b/native/src/address.c
@@ -23,59 +23,19 @@ TCN_IMPLEMENT_CALL(jlong, Address, info)(TCN_STDARGS,
{
apr_pool_t *p = J2P(pool, apr_pool_t *);
TCN_ALLOC_CSTRING(hostname);
-char *sp = NULL;
-int scope_id = 0;
apr_sockaddr_t *sa = NULL;
-apr_sockaddr_t *sl = NULL;
apr_int32_t f;
UNREFERENCED(o);
GET_S_FAMILY(f, family);
-#if APR_HAVE_IPV6
-if (hostname) {
-/* XXX: This only works for real scope_id's
- */
-if ((sp = strchr(J2S(hostname), '%'))) {
-*sp++ = '\0';
-scope_id = atoi(sp);
-}
-}
-#endif
TCN_THROW_IF_ERR(apr_sockaddr_info_get(,
J2S(hostname), f, (apr_port_t)port,
(apr_int32_t)flags, p), sa);
-sl = sa;
-/*
- * apr_sockaddr_info_get may return several address so this is not
- * go to work in some cases (but as least it works for Linux)
- * XXX: with AP_ENABLE_V4_MAPPED it is going to work otherwise it won't.
- */
-#if APR_HAVE_IPV6
-if (hostname == NULL) {
-/* Try all address using IPV6 one */
-while (sl) {
-if (sl->family == APR_INET6)
-break; /* Done */
-sl = sl->next;
-}
-/* If we don't find an IPv6 address, use the original one */
-if (sl == NULL) {
-sl = sa;
-}
-}
-if (sp) {
-/* Set the provided scope id
- * APR lack the api for setting this directly so lets presume
- * the sin6_scope_id is present everywhere
- */
-sl->sa.sin6.sin6_scope_id = scope_id;
-}
-#endif
cleanup:
TCN_FREE_CSTRING(hostname);
-return P2J(sl);
+return P2J(sa);
}
TCN_IMPLEMENT_CALL(jstring, Address, getnameinfo)(TCN_STDARGS,
diff --git a/xdocs/miscellaneous/changelog.xml
b/xdocs/miscellaneous/changelog.xml
index 9f35b6e..c735980 100644
--- a/xdocs/miscellaneous/changelog.xml
+++ b/xdocs/miscellaneous/changelog.xml
@@ -35,6 +35,11 @@
+
+
+ Simplify Address.getInfo() native implementation. (michaelo)
+
+
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 7.0.x updated: Simplify AprEndpoint socket bind for all platforms
This is an automated email from the ASF dual-hosted git repository.
michaelo pushed a commit to branch 7.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/7.0.x by this push:
new f505e38 Simplify AprEndpoint socket bind for all platforms
f505e38 is described below
commit f505e38f91cdf3a59affa011f316f6cca9655086
Author: Michael Osipov
AuthorDate: Sat May 22 13:36:57 2021 +0200
Simplify AprEndpoint socket bind for all platforms
* Unconditionally use APR_UNSPEC on all platforms and especially on *BSD
which
runs fine on IPv4 and IPv6 hosts.
socket address is of family APR_INET6.
This mimics the behavior of HTTPd's listen.c for apr_sockaddr_info_get()
along
with open_listeners() and make_sock().
---
java/org/apache/tomcat/util/net/AprEndpoint.java | 14 +++---
test/org/apache/tomcat/util/net/TestXxxEndpoint.java | 6 +-
webapps/docs/changelog.xml | 3 +++
3 files changed, 7 insertions(+), 16 deletions(-)
diff --git a/java/org/apache/tomcat/util/net/AprEndpoint.java
b/java/org/apache/tomcat/util/net/AprEndpoint.java
index 6226aee..3d15a6a 100644
--- a/java/org/apache/tomcat/util/net/AprEndpoint.java
+++ b/java/org/apache/tomcat/util/net/AprEndpoint.java
@@ -472,21 +472,13 @@ public class AprEndpoint extends AbstractEndpoint {
if (getAddress() != null) {
addressStr = getAddress().getHostAddress();
}
-int family = Socket.APR_INET;
-if (Library.APR_HAVE_IPV6) {
-if (addressStr == null) {
-if (!OS.IS_BSD && !OS.IS_WIN32 && !OS.IS_WIN64) {
-family = Socket.APR_UNSPEC;
-}
-} else if (addressStr.indexOf(':') >= 0) {
-family = Socket.APR_UNSPEC;
-}
- }
+int family = Socket.APR_UNSPEC;
long inetAddress = Address.info(addressStr, family,
getPort(), 0, rootPool);
// Create the APR server socket
-serverSock = Socket.create(Address.getInfo(inetAddress).family,
+int saFamily = Address.getInfo(inetAddress).family;
+serverSock = Socket.create(saFamily,
Socket.SOCK_STREAM,
Socket.APR_PROTO_TCP, rootPool);
if (OS.IS_UNIX) {
diff --git a/test/org/apache/tomcat/util/net/TestXxxEndpoint.java
b/test/org/apache/tomcat/util/net/TestXxxEndpoint.java
index 128a3e2..79ed04d 100644
--- a/test/org/apache/tomcat/util/net/TestXxxEndpoint.java
+++ b/test/org/apache/tomcat/util/net/TestXxxEndpoint.java
@@ -64,11 +64,7 @@ public class TestXxxEndpoint extends TomcatBaseTest {
String address = InetAddress.getByName("localhost").getHostAddress();
// Create the APR address that will be bound
-int family = Socket.APR_INET;
-if (Library.APR_HAVE_IPV6) {
-if (!OS.IS_BSD && !OS.IS_WIN32 && !OS.IS_WIN64)
-family = Socket.APR_UNSPEC;
- }
+int family = Socket.APR_UNSPEC;
long inetAddress = 0;
try {
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index bbfc78a..c0ae266 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -137,6 +137,9 @@
Fix failing to run any tests on Windows with Java 8u292 onwards.
(markt/kkolinko)
+
+Simplify AprEndpoint socket bind for all platforms. (michaelo)
+
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 8.5.x updated: Simplify AprEndpoint socket bind for all platforms
This is an automated email from the ASF dual-hosted git repository.
michaelo pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/8.5.x by this push:
new cf8b603 Simplify AprEndpoint socket bind for all platforms
cf8b603 is described below
commit cf8b6035ef7a3349a6fbf971dbbf73263a030036
Author: Michael Osipov
AuthorDate: Sat May 22 13:36:57 2021 +0200
Simplify AprEndpoint socket bind for all platforms
* Unconditionally use APR_UNSPEC on all platforms and especially on *BSD
which
runs fine on IPv4 and IPv6 hosts.
* Apply IPV6_V6ONLY only if libapr has been compiled with IPv6 support and
the
socket address is of family APR_INET6.
This mimics the behavior of HTTPd's listen.c for apr_sockaddr_info_get()
along
with open_listeners() and make_sock() with IPV6_V6ONLY flag.
---
java/org/apache/tomcat/util/net/AprEndpoint.java | 16
test/org/apache/tomcat/util/net/TestXxxEndpoint.java | 6 +-
webapps/docs/changelog.xml | 3 +++
3 files changed, 8 insertions(+), 17 deletions(-)
diff --git a/java/org/apache/tomcat/util/net/AprEndpoint.java
b/java/org/apache/tomcat/util/net/AprEndpoint.java
index b03c797..3e3b2c9 100644
--- a/java/org/apache/tomcat/util/net/AprEndpoint.java
+++ b/java/org/apache/tomcat/util/net/AprEndpoint.java
@@ -304,27 +304,19 @@ public class AprEndpoint extends AbstractEndpoint
implements SNICallBack {
if (getAddress() != null) {
addressStr = getAddress().getHostAddress();
}
-int family = Socket.APR_INET;
-if (Library.APR_HAVE_IPV6) {
-if (addressStr == null) {
-if (!OS.IS_BSD) {
-family = Socket.APR_UNSPEC;
-}
-} else if (addressStr.indexOf(':') >= 0) {
-family = Socket.APR_UNSPEC;
-}
- }
+int family = Socket.APR_UNSPEC;
long inetAddress = Address.info(addressStr, family,
getPort(), 0, rootPool);
// Create the APR server socket
-serverSock = Socket.create(Address.getInfo(inetAddress).family,
+int saFamily = Address.getInfo(inetAddress).family;
+serverSock = Socket.create(saFamily,
Socket.SOCK_STREAM,
Socket.APR_PROTO_TCP, rootPool);
if (OS.IS_UNIX) {
Socket.optSet(serverSock, Socket.APR_SO_REUSEADDR, 1);
}
-if (Library.APR_HAVE_IPV6) {
+if (Library.APR_HAVE_IPV6 && saFamily == Socket.APR_INET6) {
if (getIpv6v6only()) {
Socket.optSet(serverSock, Socket.APR_IPV6_V6ONLY, 1);
} else {
diff --git a/test/org/apache/tomcat/util/net/TestXxxEndpoint.java
b/test/org/apache/tomcat/util/net/TestXxxEndpoint.java
index ab08bf7..c27f588 100644
--- a/test/org/apache/tomcat/util/net/TestXxxEndpoint.java
+++ b/test/org/apache/tomcat/util/net/TestXxxEndpoint.java
@@ -60,11 +60,7 @@ public class TestXxxEndpoint extends TomcatBaseTest {
String address = InetAddress.getByName("localhost").getHostAddress();
// Create the APR address that will be bound
-int family = Socket.APR_INET;
-if (Library.APR_HAVE_IPV6) {
-if (!OS.IS_BSD && !OS.IS_WIN32 && !OS.IS_WIN64)
-family = Socket.APR_UNSPEC;
- }
+int family = Socket.APR_UNSPEC;
long inetAddress = 0;
try {
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 9958e20..2a6e035 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -162,6 +162,9 @@
NioBlockingSelector that could cause a delay to select
operations. (markt)
+
+Simplify AprEndpoint socket bind for all platforms. (michaelo)
+
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 9.0.x updated: Simplify AprEndpoint socket bind for all platforms
This is an automated email from the ASF dual-hosted git repository.
michaelo pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/9.0.x by this push:
new 2ab367a Simplify AprEndpoint socket bind for all platforms
2ab367a is described below
commit 2ab367ad34c4381f1daac8e997883a5dbe472e99
Author: Michael Osipov
AuthorDate: Sat May 22 13:36:57 2021 +0200
Simplify AprEndpoint socket bind for all platforms
* Unconditionally use APR_UNSPEC on all platforms and especially on *BSD
which
runs fine on IPv4 and IPv6 hosts.
* Apply IPV6_V6ONLY only if libapr has been compiled with IPv6 support and
the
socket address is of family APR_INET6.
This mimics the behavior of HTTPd's listen.c for apr_sockaddr_info_get()
along
with open_listeners() and make_sock() with IPV6_V6ONLY flag.
---
java/org/apache/tomcat/util/net/AprEndpoint.java | 16
test/org/apache/tomcat/util/net/TestXxxEndpoint.java | 6 +-
webapps/docs/changelog.xml | 3 +++
3 files changed, 8 insertions(+), 17 deletions(-)
diff --git a/java/org/apache/tomcat/util/net/AprEndpoint.java
b/java/org/apache/tomcat/util/net/AprEndpoint.java
index 99f8b7c..9de8c0c 100644
--- a/java/org/apache/tomcat/util/net/AprEndpoint.java
+++ b/java/org/apache/tomcat/util/net/AprEndpoint.java
@@ -336,16 +336,7 @@ public class AprEndpoint extends
AbstractEndpoint implements SNICallB
if (getAddress() != null) {
hostname = getAddress().getHostAddress();
}
-family = Socket.APR_INET;
-if (Library.APR_HAVE_IPV6) {
-if (hostname == null) {
-if (!OS.IS_BSD) {
-family = Socket.APR_UNSPEC;
-}
-} else if (hostname.indexOf(':') >= 0) {
-family = Socket.APR_UNSPEC;
-}
-}
+family = Socket.APR_UNSPEC;
}
long sockAddress = Address.info(hostname, family, getPortWithOffset(),
0, rootPool);
@@ -355,13 +346,14 @@ public class AprEndpoint extends
AbstractEndpoint implements SNICallB
serverSock = Socket.create(family, Socket.SOCK_STREAM, 0,
rootPool);
}
else {
-serverSock = Socket.create(Address.getInfo(sockAddress).family,
+int saFamily = Address.getInfo(sockAddress).family;
+serverSock = Socket.create(saFamily,
Socket.SOCK_STREAM,
Socket.APR_PROTO_TCP, rootPool);
if (OS.IS_UNIX) {
Socket.optSet(serverSock, Socket.APR_SO_REUSEADDR, 1);
}
-if (Library.APR_HAVE_IPV6) {
+if (Library.APR_HAVE_IPV6 && saFamily == Socket.APR_INET6) {
if (getIpv6v6only()) {
Socket.optSet(serverSock, Socket.APR_IPV6_V6ONLY, 1);
} else {
diff --git a/test/org/apache/tomcat/util/net/TestXxxEndpoint.java
b/test/org/apache/tomcat/util/net/TestXxxEndpoint.java
index f54723b..6ee9a09 100644
--- a/test/org/apache/tomcat/util/net/TestXxxEndpoint.java
+++ b/test/org/apache/tomcat/util/net/TestXxxEndpoint.java
@@ -65,11 +65,7 @@ public class TestXxxEndpoint extends TomcatBaseTest {
String address = InetAddress.getByName("localhost").getHostAddress();
// Create the APR address that will be bound
-int family = Socket.APR_INET;
-if (Library.APR_HAVE_IPV6) {
-if (!OS.IS_BSD && !OS.IS_WIN32 && !OS.IS_WIN64)
-family = Socket.APR_UNSPEC;
- }
+int family = Socket.APR_UNSPEC;
long inetAddress = 0;
try {
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index c86d65a..1855d4a 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -167,6 +167,9 @@
NioBlockingSelector that could cause a delay to select
operations. (markt)
+
+Simplify AprEndpoint socket bind for all platforms. (michaelo)
+
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 10.0.x updated: Simplify AprEndpoint socket bind for all platforms
This is an automated email from the ASF dual-hosted git repository.
michaelo pushed a commit to branch 10.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/10.0.x by this push:
new f1db089 Simplify AprEndpoint socket bind for all platforms
f1db089 is described below
commit f1db08931a27f808f4cbe235ee92cc22545e5757
Author: Michael Osipov
AuthorDate: Sat May 22 13:36:57 2021 +0200
Simplify AprEndpoint socket bind for all platforms
* Unconditionally use APR_UNSPEC on all platforms and especially on *BSD
which
runs fine on IPv4 and IPv6 hosts.
* Apply IPV6_V6ONLY only if libapr has been compiled with IPv6 support and
the
socket address is of family APR_INET6.
This mimics the behavior of HTTPd's listen.c for apr_sockaddr_info_get()
along
with open_listeners() and make_sock() with IPV6_V6ONLY flag.
---
java/org/apache/tomcat/util/net/AprEndpoint.java | 16
test/org/apache/tomcat/util/net/TestXxxEndpoint.java | 8 +---
webapps/docs/changelog.xml | 3 +++
3 files changed, 8 insertions(+), 19 deletions(-)
diff --git a/java/org/apache/tomcat/util/net/AprEndpoint.java
b/java/org/apache/tomcat/util/net/AprEndpoint.java
index b388d04..d11d69a 100644
--- a/java/org/apache/tomcat/util/net/AprEndpoint.java
+++ b/java/org/apache/tomcat/util/net/AprEndpoint.java
@@ -351,16 +351,7 @@ public class AprEndpoint extends
AbstractEndpoint implements SNICallB
if (getAddress() != null) {
hostname = getAddress().getHostAddress();
}
-family = Socket.APR_INET;
-if (Library.APR_HAVE_IPV6) {
-if (hostname == null) {
-if (!OS.IS_BSD) {
-family = Socket.APR_UNSPEC;
-}
-} else if (hostname.indexOf(':') >= 0) {
-family = Socket.APR_UNSPEC;
-}
-}
+family = Socket.APR_UNSPEC;
}
long sockAddress = Address.info(hostname, family, getPortWithOffset(),
0, rootPool);
@@ -370,13 +361,14 @@ public class AprEndpoint extends
AbstractEndpoint implements SNICallB
serverSock = Socket.create(family, Socket.SOCK_STREAM, 0,
rootPool);
}
else {
-serverSock = Socket.create(Address.getInfo(sockAddress).family,
+int saFamily = Address.getInfo(sockAddress).family;
+serverSock = Socket.create(saFamily,
Socket.SOCK_STREAM,
Socket.APR_PROTO_TCP, rootPool);
if (OS.IS_UNIX) {
Socket.optSet(serverSock, Socket.APR_SO_REUSEADDR, 1);
}
-if (Library.APR_HAVE_IPV6) {
+if (Library.APR_HAVE_IPV6 && saFamily == Socket.APR_INET6) {
if (getIpv6v6only()) {
Socket.optSet(serverSock, Socket.APR_IPV6_V6ONLY, 1);
} else {
diff --git a/test/org/apache/tomcat/util/net/TestXxxEndpoint.java
b/test/org/apache/tomcat/util/net/TestXxxEndpoint.java
index d77132f..1bdd1b1 100644
--- a/test/org/apache/tomcat/util/net/TestXxxEndpoint.java
+++ b/test/org/apache/tomcat/util/net/TestXxxEndpoint.java
@@ -68,13 +68,7 @@ public class TestXxxEndpoint extends TomcatBaseTest {
String address = InetAddress.getByName("localhost").getHostAddress();
// Create the APR address that will be bound
-int family = org.apache.tomcat.jni.Socket.APR_INET;
-if (Library.APR_HAVE_IPV6) {
-if (!org.apache.tomcat.jni.OS.IS_BSD &&
!org.apache.tomcat.jni.OS.IS_WIN32 &&
-!org.apache.tomcat.jni.OS.IS_WIN64) {
-family = org.apache.tomcat.jni.Socket.APR_UNSPEC;
-}
- }
+int family = org.apache.tomcat.jni.Socket.APR_UNSPEC;
long inetAddress = 0;
try {
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index c2c3b5a..ba7c4b2 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -148,6 +148,9 @@
an error occurs on an HTTP/1.1 connection being upgraded to HTTP/2 or
on
a pushed HTTP/2 stream. (markt)
+
+Simplify AprEndpoint socket bind for all platforms. (michaelo)
+
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch main updated: Simplify AprEndpoint socket bind for all platforms
This is an automated email from the ASF dual-hosted git repository.
michaelo pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/main by this push:
new cfcefa0 Simplify AprEndpoint socket bind for all platforms
cfcefa0 is described below
commit cfcefa0cc132b2442f01adf0ae81ca661cb84ea2
Author: Michael Osipov
AuthorDate: Sat May 22 13:36:57 2021 +0200
Simplify AprEndpoint socket bind for all platforms
* Unconditionally use APR_UNSPEC on all platforms and especially on *BSD
which
runs fine on IPv4 and IPv6 hosts.
* Apply IPV6_V6ONLY only if libapr has been compiled with IPv6 support and
the
socket address is of family APR_INET6.
This mimics the behavior of HTTPd's listen.c for apr_sockaddr_info_get()
along
with open_listeners() and make_sock() with IPV6_V6ONLY flag.
---
java/org/apache/tomcat/util/net/AprEndpoint.java | 16
test/org/apache/tomcat/util/net/TestXxxEndpoint.java | 8 +---
webapps/docs/changelog.xml | 3 +++
3 files changed, 8 insertions(+), 19 deletions(-)
diff --git a/java/org/apache/tomcat/util/net/AprEndpoint.java
b/java/org/apache/tomcat/util/net/AprEndpoint.java
index b388d04..d11d69a 100644
--- a/java/org/apache/tomcat/util/net/AprEndpoint.java
+++ b/java/org/apache/tomcat/util/net/AprEndpoint.java
@@ -351,16 +351,7 @@ public class AprEndpoint extends
AbstractEndpoint implements SNICallB
if (getAddress() != null) {
hostname = getAddress().getHostAddress();
}
-family = Socket.APR_INET;
-if (Library.APR_HAVE_IPV6) {
-if (hostname == null) {
-if (!OS.IS_BSD) {
-family = Socket.APR_UNSPEC;
-}
-} else if (hostname.indexOf(':') >= 0) {
-family = Socket.APR_UNSPEC;
-}
-}
+family = Socket.APR_UNSPEC;
}
long sockAddress = Address.info(hostname, family, getPortWithOffset(),
0, rootPool);
@@ -370,13 +361,14 @@ public class AprEndpoint extends
AbstractEndpoint implements SNICallB
serverSock = Socket.create(family, Socket.SOCK_STREAM, 0,
rootPool);
}
else {
-serverSock = Socket.create(Address.getInfo(sockAddress).family,
+int saFamily = Address.getInfo(sockAddress).family;
+serverSock = Socket.create(saFamily,
Socket.SOCK_STREAM,
Socket.APR_PROTO_TCP, rootPool);
if (OS.IS_UNIX) {
Socket.optSet(serverSock, Socket.APR_SO_REUSEADDR, 1);
}
-if (Library.APR_HAVE_IPV6) {
+if (Library.APR_HAVE_IPV6 && saFamily == Socket.APR_INET6) {
if (getIpv6v6only()) {
Socket.optSet(serverSock, Socket.APR_IPV6_V6ONLY, 1);
} else {
diff --git a/test/org/apache/tomcat/util/net/TestXxxEndpoint.java
b/test/org/apache/tomcat/util/net/TestXxxEndpoint.java
index d77132f..1bdd1b1 100644
--- a/test/org/apache/tomcat/util/net/TestXxxEndpoint.java
+++ b/test/org/apache/tomcat/util/net/TestXxxEndpoint.java
@@ -68,13 +68,7 @@ public class TestXxxEndpoint extends TomcatBaseTest {
String address = InetAddress.getByName("localhost").getHostAddress();
// Create the APR address that will be bound
-int family = org.apache.tomcat.jni.Socket.APR_INET;
-if (Library.APR_HAVE_IPV6) {
-if (!org.apache.tomcat.jni.OS.IS_BSD &&
!org.apache.tomcat.jni.OS.IS_WIN32 &&
-!org.apache.tomcat.jni.OS.IS_WIN64) {
-family = org.apache.tomcat.jni.Socket.APR_UNSPEC;
-}
- }
+int family = org.apache.tomcat.jni.Socket.APR_UNSPEC;
long inetAddress = 0;
try {
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 6e20426..c190b2c 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -169,6 +169,9 @@
an error occurs on an HTTP/1.1 connection being upgraded to HTTP/2 or
on
a pushed HTTP/2 stream. (markt)
+
+Simplify AprEndpoint socket bind for all platforms. (michaelo)
+
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 7.0.x updated: AprLifecycleListener does not show dev version suffix for libtcnative and libapr
This is an automated email from the ASF dual-hosted git repository.
michaelo pushed a commit to branch 7.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/7.0.x by this push:
new d283a04 AprLifecycleListener does not show dev version suffix for
libtcnative and libapr
d283a04 is described below
commit d283a04f7e63035012183e76ebfa9e7a31eab040
Author: Michael Osipov
AuthorDate: Tue May 25 20:14:19 2021 +0200
AprLifecycleListener does not show dev version suffix for libtcnative and
libapr
---
java/org/apache/catalina/core/AprLifecycleListener.java | 12 +---
webapps/docs/changelog.xml | 4
2 files changed, 9 insertions(+), 7 deletions(-)
diff --git a/java/org/apache/catalina/core/AprLifecycleListener.java
b/java/org/apache/catalina/core/AprLifecycleListener.java
index acf4301..4cc0955 100644
--- a/java/org/apache/catalina/core/AprLifecycleListener.java
+++ b/java/org/apache/catalina/core/AprLifecycleListener.java
@@ -220,8 +220,8 @@ public class AprLifecycleListener
return;
}
if (apver < rqver) {
-log.error(sm.getString("aprListener.tcnInvalid", major + "."
-+ minor + "." + patch,
+log.error(sm.getString("aprListener.tcnInvalid",
+Library.versionString(),
TCN_REQUIRED_MAJOR + "." +
TCN_REQUIRED_MINOR + "." +
TCN_REQUIRED_PATCH));
@@ -237,17 +237,15 @@ public class AprLifecycleListener
}
if (apver < rcver) {
initInfoLogMessages.add(sm.getString("aprListener.tcnVersion",
-major + "." + minor + "." + patch,
+Library.versionString(),
TCN_REQUIRED_MAJOR + "." +
TCN_RECOMMENDED_MINOR + "." +
TCN_RECOMMENDED_PV));
}
initInfoLogMessages.add(sm.getString("aprListener.tcnValid",
-major + "." + minor + "." + patch,
-Library.APR_MAJOR_VERSION + "." +
-Library.APR_MINOR_VERSION + "." +
-Library.APR_PATCH_VERSION));
+Library.versionString(),
+Library.aprVersionString()));
// Log APR flags
initInfoLogMessages.add(sm.getString("aprListener.flags",
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 1994d8c..bbfc78a 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -125,6 +125,10 @@
63508: NPE in JNDIRealm when no
userRoleAttribute
is given. (fschumacher)
+
+AprLifecycleListener does not show dev version suffix for libtcnative
+and libapr. (michaelo)
+
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 8.5.x updated: AprLifecycleListener does not show dev version suffix for libtcnative and libapr
This is an automated email from the ASF dual-hosted git repository.
michaelo pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/8.5.x by this push:
new 018083f AprLifecycleListener does not show dev version suffix for
libtcnative and libapr
018083f is described below
commit 018083f93b0a6ad4fd8290959bebbb40cf1edd75
Author: Michael Osipov
AuthorDate: Tue May 25 20:14:19 2021 +0200
AprLifecycleListener does not show dev version suffix for libtcnative and
libapr
---
java/org/apache/catalina/core/AprLifecycleListener.java | 12 +---
webapps/docs/changelog.xml | 4
2 files changed, 9 insertions(+), 7 deletions(-)
diff --git a/java/org/apache/catalina/core/AprLifecycleListener.java
b/java/org/apache/catalina/core/AprLifecycleListener.java
index 0bde68c..1bd2e24 100644
--- a/java/org/apache/catalina/core/AprLifecycleListener.java
+++ b/java/org/apache/catalina/core/AprLifecycleListener.java
@@ -218,8 +218,8 @@ public class AprLifecycleListener
return;
}
if (apver < rqver) {
-log.error(sm.getString("aprListener.tcnInvalid", major + "."
-+ minor + "." + patch,
+log.error(sm.getString("aprListener.tcnInvalid",
+Library.versionString(),
TCN_REQUIRED_MAJOR + "." +
TCN_REQUIRED_MINOR + "." +
TCN_REQUIRED_PATCH));
@@ -235,17 +235,15 @@ public class AprLifecycleListener
}
if (apver < rcver) {
initInfoLogMessages.add(sm.getString("aprListener.tcnVersion",
-major + "." + minor + "." + patch,
+Library.versionString(),
TCN_REQUIRED_MAJOR + "." +
TCN_RECOMMENDED_MINOR + "." +
TCN_RECOMMENDED_PV));
}
initInfoLogMessages.add(sm.getString("aprListener.tcnValid",
-major + "." + minor + "." + patch,
-Library.APR_MAJOR_VERSION + "." +
-Library.APR_MINOR_VERSION + "." +
-Library.APR_PATCH_VERSION));
+Library.versionString(),
+Library.aprVersionString()));
// Log APR flags
initInfoLogMessages.add(sm.getString("aprListener.flags",
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 4e0e299..72311eb 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -144,6 +144,10 @@
it does not contain a charset. Also remove the outdated workaround for
the buggy Adobe Reader 9 plug-in for IE. (markt)
+
+AprLifecycleListener does not show dev version suffix for libtcnative
+and libapr. (michaelo)
+
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 9.0.x updated: AprLifecycleListener does not show dev version suffix for libtcnative and libapr
This is an automated email from the ASF dual-hosted git repository.
michaelo pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/9.0.x by this push:
new 9745d4b AprLifecycleListener does not show dev version suffix for
libtcnative and libapr
9745d4b is described below
commit 9745d4b5eda124a3fc7f843a8d7d99bb164b36ca
Author: Michael Osipov
AuthorDate: Tue May 25 20:14:19 2021 +0200
AprLifecycleListener does not show dev version suffix for libtcnative and
libapr
---
java/org/apache/catalina/core/AprLifecycleListener.java | 12 +---
webapps/docs/changelog.xml | 4
2 files changed, 9 insertions(+), 7 deletions(-)
diff --git a/java/org/apache/catalina/core/AprLifecycleListener.java
b/java/org/apache/catalina/core/AprLifecycleListener.java
index 51c8308..b8ddb71 100644
--- a/java/org/apache/catalina/core/AprLifecycleListener.java
+++ b/java/org/apache/catalina/core/AprLifecycleListener.java
@@ -213,8 +213,8 @@ public class AprLifecycleListener
return;
}
if (apver < rqver) {
-log.error(sm.getString("aprListener.tcnInvalid", major + "."
-+ minor + "." + patch,
+log.error(sm.getString("aprListener.tcnInvalid",
+Library.versionString(),
TCN_REQUIRED_MAJOR + "." +
TCN_REQUIRED_MINOR + "." +
TCN_REQUIRED_PATCH));
@@ -230,17 +230,15 @@ public class AprLifecycleListener
}
if (apver < rcver) {
initInfoLogMessages.add(sm.getString("aprListener.tcnVersion",
-major + "." + minor + "." + patch,
+Library.versionString(),
TCN_REQUIRED_MAJOR + "." +
TCN_RECOMMENDED_MINOR + "." +
TCN_RECOMMENDED_PV));
}
initInfoLogMessages.add(sm.getString("aprListener.tcnValid",
-major + "." + minor + "." + patch,
-Library.APR_MAJOR_VERSION + "." +
-Library.APR_MINOR_VERSION + "." +
-Library.APR_PATCH_VERSION));
+Library.versionString(),
+Library.aprVersionString()));
// Log APR flags
initInfoLogMessages.add(sm.getString("aprListener.flags",
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 043903f..bfa9611 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -144,6 +144,10 @@
it does not contain a charset. Also remove the outdated workaround for
the buggy Adobe Reader 9 plug-in for IE. (markt)
+
+AprLifecycleListener does not show dev version suffix for libtcnative
+and libapr. (michaelo)
+
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 10.0.x updated: AprLifecycleListener does not show dev version suffix for libtcnative and libapr
This is an automated email from the ASF dual-hosted git repository.
michaelo pushed a commit to branch 10.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/10.0.x by this push:
new f5e5091 AprLifecycleListener does not show dev version suffix for
libtcnative and libapr
f5e5091 is described below
commit f5e50917669f1c102ea9f07bf99dfdba8a63cb9e
Author: Michael Osipov
AuthorDate: Tue May 25 20:14:19 2021 +0200
AprLifecycleListener does not show dev version suffix for libtcnative and
libapr
---
java/org/apache/catalina/core/AprLifecycleListener.java | 12 +---
webapps/docs/changelog.xml | 4
2 files changed, 9 insertions(+), 7 deletions(-)
diff --git a/java/org/apache/catalina/core/AprLifecycleListener.java
b/java/org/apache/catalina/core/AprLifecycleListener.java
index 6b6a8e7..ca6e4cd 100644
--- a/java/org/apache/catalina/core/AprLifecycleListener.java
+++ b/java/org/apache/catalina/core/AprLifecycleListener.java
@@ -213,8 +213,8 @@ public class AprLifecycleListener
return;
}
if (apver < rqver) {
-log.error(sm.getString("aprListener.tcnInvalid", major + "."
-+ minor + "." + patch,
+log.error(sm.getString("aprListener.tcnInvalid",
+Library.versionString(),
TCN_REQUIRED_MAJOR + "." +
TCN_REQUIRED_MINOR + "." +
TCN_REQUIRED_PATCH));
@@ -230,17 +230,15 @@ public class AprLifecycleListener
}
if (apver < rcver) {
initInfoLogMessages.add(sm.getString("aprListener.tcnVersion",
-major + "." + minor + "." + patch,
+Library.versionString(),
TCN_REQUIRED_MAJOR + "." +
TCN_RECOMMENDED_MINOR + "." +
TCN_RECOMMENDED_PV));
}
initInfoLogMessages.add(sm.getString("aprListener.tcnValid",
-major + "." + minor + "." + patch,
-Library.APR_MAJOR_VERSION + "." +
-Library.APR_MINOR_VERSION + "." +
-Library.APR_PATCH_VERSION));
+Library.versionString(),
+Library.aprVersionString()));
// Log APR flags
initInfoLogMessages.add(sm.getString("aprListener.flags",
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 2ae624f..fd166d2 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -135,6 +135,10 @@
before attempting conversion to String. Pull request provided by
tianshuang. (markt)
+
+AprLifecycleListener does not show dev version suffix for libtcnative
+and libapr. (michaelo)
+
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
