Re: Proposed new security pages

[William A. Rowe, Jr.]

Great stuff Mark!!!  Thanks :)

Bill

Mark Thomas wrote:
> All,
> 
> I have started to put together some additional security pages based on
> httpd. I have only added text for a couple vulnerabilities but the
> plan is to include all those in the CVE list plus any I can find in
> the archives.
> 
> The draft is currently on people.a.o at
> http://people.apache.org/~markt/tomcat-security/security.html
> 
> My plan is to commit as is and then work through the CVE list. Once I
> have all the CVE entries I'll remove the work in progress comment at
> the top of the first page and then start searching the archives and
> other public vulnerability databases.
> 
> Any comments before I commit these changes to the live site?
> 
> Mark
> 
> -
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
> 
> 
> 


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

svn commit: r511749 - /tomcat/connectors/trunk/jk/native/apache-1.3/mod_jk.c

[jfclere]

Author: jfclere
Date: Mon Feb 26 00:16:18 2007
New Revision: 511749

URL: http://svn.apache.org/viewvc?view=rev&rev=511749
Log:
jk_init has to be a void in Apache httpd-1.3.x

Modified:
tomcat/connectors/trunk/jk/native/apache-1.3/mod_jk.c

Modified: tomcat/connectors/trunk/jk/native/apache-1.3/mod_jk.c
URL: 
http://svn.apache.org/viewvc/tomcat/connectors/trunk/jk/native/apache-1.3/mod_jk.c?view=diff&rev=511749&r1=511748&r2=511749
==
--- tomcat/connectors/trunk/jk/native/apache-1.3/mod_jk.c (original)
+++ tomcat/connectors/trunk/jk/native/apache-1.3/mod_jk.c Mon Feb 26 00:16:18 
2007
@@ -2544,8 +2544,7 @@
  "No worker file and no worker options in httpd.conf "
  "use JkWorkerFile to set workers");
 }
-ap_log_error(APLOG_MARK, APLOG_EMERG | APLOG_NOERRNO, NULL, "Error in 
reading worker properties");
-return !OK;
+jk_error_exit(APLOG_MARK, APLOG_EMERG | APLOG_NOERRNO, s, p, "Error in 
reading worker properties");
 
 }
 #if MODULE_MAGIC_NUMBER >= 19980527



-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

DO NOT REPLY [Bug 37072] - Encoding mismatch in error condition

[bugzilla]

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=37072


[EMAIL PROTECTED] changed:

   What|Removed |Added

 CC||[EMAIL PROTECTED]
   ||om




--- Additional Comments From [EMAIL PROTECTED]  2007-02-26 00:25 ---
How about the following corrections?

org.apache.catalina.connector.Response:
---
public void reset(int status, String message) {
reset();
setStatus(status, message);
usingWriter = false; // add for user error page
}
---
This makes the user error page be able to set encoding again.
Even if there is already a generated Writer object,
I think it has not been referred any longer usually because 
the application(filter, servlet, etc.) is already over.


org.apache.catalina.valves.ErrorReportValve:
in  protected void report(Request request, Response response, Throwable 
throwable)
...
try {
response.setContentType("text/html");
response.setCharacterEncoding("utf-8");

// add for default error page
if(!"utf-8".equals(response.getCharacterEncoding())){
response.getCoyoteResponse().setCharacterEncoding("utf-8");
}
} catch (Throwable t) {
...
If the writer object is already generated, setCharacterEncoding will not work.
So I think we must force set encoding direct to coyote response.


I know the specification says setCharacterEncoding should effect only before 
getWriter,
and says nothing about getWriter in reset method description.
But we need a fix in multi byte character environment.


-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are the assignee for the bug, or are watching the assignee.

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

svn commit: r511751 - /tomcat/connectors/trunk/jk/native/apache-2.0/mod_jk.c

[jfclere]

Author: jfclere
Date: Mon Feb 26 00:37:49 2007
New Revision: 511751

URL: http://svn.apache.org/viewvc?view=rev&rev=511751
Log:
Return HTTP_INTERNAL_SERVER_ERROR instead !OK (even !OK shoudn't be DECLINED).

Modified:
tomcat/connectors/trunk/jk/native/apache-2.0/mod_jk.c

Modified: tomcat/connectors/trunk/jk/native/apache-2.0/mod_jk.c
URL: 
http://svn.apache.org/viewvc/tomcat/connectors/trunk/jk/native/apache-2.0/mod_jk.c?view=diff&rev=511751&r1=511750&r2=511751
==
--- tomcat/connectors/trunk/jk/native/apache-2.0/mod_jk.c (original)
+++ tomcat/connectors/trunk/jk/native/apache-2.0/mod_jk.c Mon Feb 26 00:37:49 
2007
@@ -2704,7 +2704,7 @@
   pconf)) != APR_SUCCESS) {
 ap_log_error(APLOG_MARK, APLOG_CRIT, rv, s,
  "mod_jk: could not create jk_log_lock");
-return !OK;
+return HTTP_INTERNAL_SERVER_ERROR;
 }
 
 #if JK_NEED_SET_MUTEX_PERMS
@@ -2713,7 +2713,7 @@
 ap_log_error(APLOG_MARK, APLOG_CRIT, rv, s,
  "mod_jk: Could not set permissions on "
  "jk_log_lock; check User and Group directives");
-return !OK;
+return HTTP_INTERNAL_SERVER_ERROR;
 }
 #endif
 
@@ -2731,7 +2731,7 @@
 jk_server_conf_t *sconf = (jk_server_conf_t 
*)ap_get_module_config(srv->module_config,

&jk_module);
 if (open_jklog(srv, pconf))
-return !OK;
+return HTTP_INTERNAL_SERVER_ERROR;
 if (sconf) {
 if (!uri_worker_map_alloc(&(sconf->uw_map),
   sconf->uri_to_context, 
sconf->log))
@@ -2780,7 +2780,7 @@
 }
 }
 if (init_jk(pconf, conf, s))
-return !OK;
+return HTTP_INTERNAL_SERVER_ERROR;
 }
 }
 



-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: svn commit: r511326 - in /tomcat/connectors/trunk/jk/native: apache-1.3/mod_jk.c apache-2.0/mod_jk.c common/jk_map.c common/jk_util.c

[Jean-Frederic]

On Sun, 2007-02-25 at 17:34 +0100, Rainer Jung wrote:
> Two more questions:
> 
> [EMAIL PROTECTED] schrieb:
> > Modified: tomcat/connectors/trunk/jk/native/apache-1.3/mod_jk.c
> > URL:
> http://svn.apache.org/viewvc/tomcat/connectors/trunk/jk/native/apache-1.3/mod_jk.c?view=diff&rev=511326&r1=511325&r2=511326
> >
> ==
> > --- tomcat/connectors/trunk/jk/native/apache-1.3/mod_jk.c (original)
> > +++ tomcat/connectors/trunk/jk/native/apache-1.3/mod_jk.c Sat Feb 24
> 11:02:40 2007
> > @@ -1744,9 +1744,9 @@
> >  jk_server_conf_t *conf =
> >  (jk_server_conf_t *) ap_get_module_config(s->module_config,
> >&jk_module);
> > -
> > + 
> >  if (jk_map_read_property(conf->worker_properties, line, 1,
> conf->log) == JK_FALSE)
> > -return ap_pstrcat(cmd->temp_pool, "Invalid JkWorkerProperty
> ", line);
> > +return ap_pstrcat(cmd->temp_pool, "Invalid JkWorkerProperty
> ", line, NULL);
> >  
> >  return NULL;
> >  }
> > @@ -2543,8 +2543,9 @@
> >  ap_log_error(APLOG_MARK, APLOG_EMERG, s,
> >   "No worker file and no worker options in
> httpd.conf "
> >   "use JkWorkerFile to set workers");
> > -return;
> >  }
> > +ap_log_error(APLOG_MARK, APLOG_EMERG | APLOG_NOERRNO, 0,
> NULL, "Error in reading worker properties");
> > +return !OK;
> 
> This is inside jk_init which is void. I think this is correct w.r.t
> the
> apache 1.3 module structure.

Fixed.

> 
> 
> > Modified: tomcat/connectors/trunk/jk/native/apache-2.0/mod_jk.c
> > URL:
> http://svn.apache.org/viewvc/tomcat/connectors/trunk/jk/native/apache-2.0/mod_jk.c?view=diff&rev=511326&r1=511325&r2=511326
> >
> ==
> > --- tomcat/connectors/trunk/jk/native/apache-2.0/mod_jk.c (original)
> > +++ tomcat/connectors/trunk/jk/native/apache-2.0/mod_jk.c Sat Feb 24
> 11:02:40 2007
> > @@ -2664,12 +2664,14 @@
> >   0, NULL,
> >   "No worker file and no worker options in
> httpd.conf"
> >   "use JkWorkerFile to set workers");
> > -return;
> >  }
> > +ap_log_error(APLOG_MARK, APLOG_EMERG | APLOG_NOERRNO, 0,
> NULL, "Error in reading worker properties");
> > +return !OK;
> >  }
> >  
> >  if (jk_map_resolve_references(init_map, "worker.", 1, 1,
> conf->log) == JK_FALSE) {
> > -jk_error_exit(APLOG_MARK, APLOG_EMERG, s, pconf, "Error in
> resolving configuration references");
> > +ap_log_error(APLOG_MARK, APLOG_EMERG | APLOG_NOERRNO, 0,
> NULL, "Error in resolving configuration references");
> > +return !OK;
> >  }
> >  
> >  /* we add the URI->WORKER MAP since workers using AJP14
> > @@ -2701,7 +2704,7 @@
> >pconf)) != APR_SUCCESS) {
> >  ap_log_error(APLOG_MARK, APLOG_CRIT, rv, s,
> >   "mod_jk: could not create jk_log_lock");
> > -return HTTP_INTERNAL_SERVER_ERROR;
> > +return !OK;
> >  }
> >  
> >  #if JK_NEED_SET_MUTEX_PERMS
> > @@ -2710,7 +2713,7 @@
> >  ap_log_error(APLOG_MARK, APLOG_CRIT, rv, s,
> >   "mod_jk: Could not set permissions on "
> >   "jk_log_lock; check User and Group
> directives");
> > -return HTTP_INTERNAL_SERVER_ERROR;
> > +return !OK;
> >  }
> >  #endif
> >  
> > @@ -2728,7 +2731,7 @@
> >  jk_server_conf_t *sconf = (jk_server_conf_t
> *)ap_get_module_config(srv->module_config,
> >
> &jk_module);
> >  if (open_jklog(srv, pconf))
> > -return HTTP_INTERNAL_SERVER_ERROR;
> > +return !OK;
> >  if (sconf) {
> >  if (!uri_worker_map_alloc(&(sconf->uw_map),
> >
> sconf->uri_to_context, sconf->log))
> > @@ -2776,7 +2779,8 @@
> >  }
> >  }
> >  }
> > -init_jk(pconf, conf, s);
> > +if (init_jk(pconf, conf, s))
> > +return !OK;
> >  }
> >  }
> 
> Apache 2.0/2.2 says, you can either return OK or DECLINED, everything
> else is an error. So returning !OK means depending on an
> implementation
> detail of apache return constants (!OK could be equal to DECLINED). I
> csn see, that the construct !OK is also used in apache code itself,
> but
> only in three modules.
> 
> I would prefer to return another code, that's known to be different
> form
> OK and DECLINED. If you insist on súsing !OK, there's still one
> "return
> HTTP_INTERNAL_SERVER_ERROR;" left in line 2766.

Ok it seems using HTTP_INTERNAL_SERVER_ERROR is a better idea.
I have fixed it.

Cheers

Jean-Frederic

> 
> Regards,
> 
> Rainer 


---

Re: svn commit: r511227 - in /tomcat/connectors/trunk/jk: native/apache-1.3/mod_jk.c native/apache-2

[Jean-Frederic]

On Mon, 2007-02-26 at 16:07 +1300, Tim Whittington wrote:
> Never mind the second issue - one should read the docs more carefully. 
> Apologies for the noise.
> The missing sizeof makes me nervous still.

sizeof(char) is one and there is a sprintf()...

Cheers

Jean-Frederic


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

svn commit: r511755 - /tomcat/connectors/trunk/jk/xdocs/miscellaneous/changelog.xml

[jfclere]

Author: jfclere
Date: Mon Feb 26 00:54:32 2007
New Revision: 511755

URL: http://svn.apache.org/viewvc?view=rev&rev=511755
Log:
Add a entry about jk_is_valid_property().

Modified:
tomcat/connectors/trunk/jk/xdocs/miscellaneous/changelog.xml

Modified: tomcat/connectors/trunk/jk/xdocs/miscellaneous/changelog.xml
URL: 
http://svn.apache.org/viewvc/tomcat/connectors/trunk/jk/xdocs/miscellaneous/changelog.xml?view=diff&rev=511755&r1=511754&r2=511755
==
--- tomcat/connectors/trunk/jk/xdocs/miscellaneous/changelog.xml (original)
+++ tomcat/connectors/trunk/jk/xdocs/miscellaneous/changelog.xml Mon Feb 26 
00:54:32 2007
@@ -27,6 +27,9 @@
   
 
   
+  
+  Check the worker. parameters and don't start if the parameter is not a 
valid one. (jfclere)
+  
 41439: Allow session IDs to get stripped off URLs of static
 content in Apache by adding JkStripSession
 directive (configurable per vhost). (mturk)



-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

DO NOT REPLY [Bug 41675] - Add a debug statement when some necessary header information is missing

[bugzilla]

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=41675





--- Additional Comments From [EMAIL PROTECTED]  2007-02-26 01:22 ---
Created an attachment (id=19634)
 --> (http://issues.apache.org/bugzilla/attachment.cgi?id=19634&action=view)
Http11Processor.patch


-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are the assignee for the bug, or are watching the assignee.

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

DO NOT REPLY [Bug 41695] - mod_jk with httpd 2.0.58 on Solaris-10 11/06 dumping core

[bugzilla]

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=41695


[EMAIL PROTECTED] changed:

   What|Removed |Added

 AssignedTo|bugs@httpd.apache.org   |tomcat-
   ||[EMAIL PROTECTED]
 Status|NEEDINFO|NEW




--- Additional Comments From [EMAIL PROTECTED]  2007-02-26 02:12 ---
[reassigned bug owner]

-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are the assignee for the bug, or are watching the assignee.

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

DO NOT REPLY [Bug 41703] New: - Variable assigned with it's own value.

[bugzilla]

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=41703

   Summary: Variable assigned with it's own value.
   Product: Tomcat 6
   Version: unspecified
  Platform: Other
OS/Version: All
Status: NEW
  Severity: normal
  Priority: P2
 Component: Catalina
AssignedTo: tomcat-dev@jakarta.apache.org
ReportedBy: [EMAIL PROTECTED]


The variable this.address is assigned by it's own value instead of assigning the
data provided by the parameter to the method setAddress().

Patch below will take the parameter and assign it to this.address.


Index:
C:/Work/Apache/tomcat6/java/org/apache/catalina/ha/authenticator/SingleSignOnMessage.java
===
---
C:/Work/Apache/tomcat6/java/org/apache/catalina/ha/authenticator/SingleSignOnMessage.java
(revision 511768)
+++
C:/Work/Apache/tomcat6/java/org/apache/catalina/ha/authenticator/SingleSignOnMessage.java
(working copy)
@@ -71,7 +71,7 @@
  * @param member Member
  */
 public void setAddress(Member member) {
-   this.address = address;
+   this.address = member;
 }
 
 /**

-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are the assignee for the bug, or are watching the assignee.

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

DO NOT REPLY [Bug 41695] - mod_jk with httpd 2.0.58 on Solaris-10 11/06 dumping core

[bugzilla]

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=41695





--- Additional Comments From [EMAIL PROTECTED]  2007-02-26 02:26 ---
What is the output from
ldd /usr/apache2/libexec/mod_jk.so


-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are the assignee for the bug, or are watching the assignee.

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

DO NOT REPLY [Bug 41697] - charset for "application/x-www-form-urlencoded"

[bugzilla]

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=41697





--- Additional Comments From [EMAIL PROTECTED]  2007-02-26 04:15 ---
Created an attachment (id=19636)
 --> (http://issues.apache.org/bugzilla/attachment.cgi?id=19636&action=view)
Request.patch

Remy, you are right. The problem was on our side.
During the migration of our app to UTF-8 a developer had in a StrutsForm's
reset() done a 
   request.setCharacterEncoding("UTF-8");

The following patch might alert people with similar problems about
irregularities in their own code...

-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are the assignee for the bug, or are watching the assignee.

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: Processing result of mod_jk for Apache2.0.x is unexpected, differs from the one for Apache1.3.x.

[Taka J.S.]

I have already opened it in bugzlilla as Bug 41563.
http://issues.apache.org/bugzilla/show_bug.cgi?id=41563

Thanks,

Taka J.S.

Rainer Jung<[EMAIL PROTECTED]>  wrote:

Please open an item in bugzilla (issues.apache.org).

Thanks,

Rainer



-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

DO NOT REPLY [Bug 41697] - make visible in debug output if charset from browser ignored

[bugzilla]

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=41697


[EMAIL PROTECTED] changed:

   What|Removed |Added

 Status|RESOLVED|VERIFIED
Summary|charset for "application/x- |make visible in debug output
   |www-form-urlencoded"|if charset from browser
   ||ignored




-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are the assignee for the bug, or are watching the assignee.

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

DO NOT REPLY [Bug 41695] - mod_jk with httpd 2.0.58 on Solaris-10 11/06 dumping core

[bugzilla]

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=41695





--- Additional Comments From [EMAIL PROTECTED]  2007-02-26 04:41 ---
here is the ldd of mod_jk.so

$ ldd /usr/apache2/libexec/mod_jk.so 
libc.so.1 => /lib/libc.so.1
libm.so.2 => /lib/libm.so.2


$ nm -p /usr/apache2/libexec/mod_jk.so | egrep 'apr|mem'
00 U _memcpy
00 U apr_array_make
00 U apr_array_push
00 U apr_date_parse_http
00 U apr_file_inherit_set
00 U apr_file_open
00 U apr_file_write
00 U apr_filepath_merge
00 U apr_filepath_name_get
00 U apr_global_mutex_child_init
00 U apr_global_mutex_create
00 U apr_global_mutex_lock
00 U apr_global_mutex_unlock
00 U apr_off_t_toa
00 U apr_palloc
00 U apr_pool_cleanup_register
00 U apr_pool_create_ex
00 U apr_psprintf
00 U apr_pstrcat
00 U apr_pstrdup
00 U apr_pstrndup
00 U apr_pvsprintf
00 U apr_sockaddr_info_get
00 U apr_sockaddr_ip_get
00 U apr_stat
00 U apr_strerror
00 U apr_table_add
00 U apr_table_elts
00 U apr_table_get
00 U apr_table_make
00 U apr_table_overlay
00 U apr_table_set
00 U apr_table_setn
00 U apr_uri_unparse
262280 d jk_apr_pool
031776 t jk_apr_pool_cleanup
029104 t jk_cleanup_shmem
262808 d jk_shmem
00 U memcmp
00 U memcpy
00 U memmove


Please do let me know for any other information required.

-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are the assignee for the bug, or are watching the assignee.

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

svn commit: r511845 - in /tomcat/connectors/trunk/jk/native/common: jk_map.c jk_uri_worker_map.c

[rjung]

Author: rjung
Date: Mon Feb 26 07:16:38 2007
New Revision: 511845

URL: http://svn.apache.org/viewvc?view=rev&rev=511845
Log:
Adjust debug message in jk_uri_worker_map.c to make it better distinguishable
from new message regarding JkStripSession (the old message was misleading).

Make the new validity check for worker attributes compatible with
the "reference" feature. reference was not implemented using jk_util,
so it't not part of the attribute list. It's more kind of an instrinsic map 
feature.

Modified:
tomcat/connectors/trunk/jk/native/common/jk_map.c
tomcat/connectors/trunk/jk/native/common/jk_uri_worker_map.c

Modified: tomcat/connectors/trunk/jk/native/common/jk_map.c
URL: 
http://svn.apache.org/viewvc/tomcat/connectors/trunk/jk/native/common/jk_map.c?view=diff&rev=511845&r1=511844&r2=511845
==
--- tomcat/connectors/trunk/jk/native/common/jk_map.c (original)
+++ tomcat/connectors/trunk/jk/native/common/jk_map.c Mon Feb 26 07:16:38 2007
@@ -364,21 +364,25 @@
 trim(prp);
 trim(v);
 if (strlen(v) && strlen(prp)) {
-const char *oldv = jk_map_get_string(m, prp, NULL);
+const char *oldv;
+int off = strlen(prp) - JK_MAP_REFERENCE_SZ;
 /* check the worker properties */
-if (!jk_is_valid_property(prp)) {
-jk_log(l, JK_LOG_ERROR,
-   "The attribute '%s' is not supported - please check"
-   " the documentation for the supported attributes.",
-   prp);
-return JK_FALSE;
-}
-if (jk_is_deprecated_property(prp)) {
-jk_log(l, JK_LOG_WARNING,
-   "The attribute '%s' is deprecated - please check"
-   " the documentation for the correct replacement.",
-   prp);
+if (off <= 0 || strncmp(&prp[off], JK_MAP_REFERENCE, 
JK_MAP_REFERENCE_SZ) ) {
+if (!jk_is_valid_property(prp)) {
+jk_log(l, JK_LOG_ERROR,
+   "The attribute '%s' is not supported - please 
check"
+   " the documentation for the supported 
attributes.",
+   prp);
+return JK_FALSE;
+}
+if (jk_is_deprecated_property(prp)) {
+jk_log(l, JK_LOG_WARNING,
+   "The attribute '%s' is deprecated - please 
check"
+   " the documentation for the correct 
replacement.",
+   prp);
+}
 }
+oldv = jk_map_get_string(m, prp, NULL);
 v = jk_map_replace_properties(m, v);
 if (oldv) {
 if (allow_duplicates && jk_is_unique_property(prp) == 
JK_FALSE) {

Modified: tomcat/connectors/trunk/jk/native/common/jk_uri_worker_map.c
URL: 
http://svn.apache.org/viewvc/tomcat/connectors/trunk/jk/native/common/jk_uri_worker_map.c?view=diff&rev=511845&r1=511844&r2=511845
==
--- tomcat/connectors/trunk/jk/native/common/jk_uri_worker_map.c (original)
+++ tomcat/connectors/trunk/jk/native/common/jk_uri_worker_map.c Mon Feb 26 
07:16:38 2007
@@ -582,7 +582,7 @@
 if (JK_IS_DEBUG_LEVEL(l)) {
 char *url_rewrite = strstr(uri, JK_PATH_SESSION_IDENTIFIER);
 if (url_rewrite)
-jk_log(l, JK_LOG_DEBUG, "Removed session id '%s' from '%s'",
+jk_log(l, JK_LOG_DEBUG, "separating session identifier '%s' from 
url '%s'",
url_rewrite, uri);
 }
 if (JK_IS_DEBUG_LEVEL(l))



-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

svn commit: r511854 - in /tomcat/tc6.0.x/trunk/java/org/apache: coyote/http11/Http11NioProtocol.java tomcat/util/net/NioEndpoint.java

[fhanik]

Author: fhanik
Date: Mon Feb 26 07:30:34 2007
New Revision: 511854

URL: http://svn.apache.org/viewvc?view=rev&rev=511854
Log:
properties are getting stuck in the attributes list, and not making it down to 
the endpoint

Modified:
tomcat/tc6.0.x/trunk/java/org/apache/coyote/http11/Http11NioProtocol.java
tomcat/tc6.0.x/trunk/java/org/apache/tomcat/util/net/NioEndpoint.java

Modified: 
tomcat/tc6.0.x/trunk/java/org/apache/coyote/http11/Http11NioProtocol.java
URL: 
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/java/org/apache/coyote/http11/Http11NioProtocol.java?view=diff&rev=511854&r1=511853&r2=511854
==
--- tomcat/tc6.0.x/trunk/java/org/apache/coyote/http11/Http11NioProtocol.java 
(original)
+++ tomcat/tc6.0.x/trunk/java/org/apache/coyote/http11/Http11NioProtocol.java 
Mon Feb 26 07:30:34 2007
@@ -95,6 +95,8 @@
 public void setProperty(String name, String value) {
 if ( name!=null && (name.startsWith("socket.") 
||name.startsWith("selectorPool.")) ){
 ep.setProperty(name, value);
+} else {
+ep.setProperty(name,value); //make sure we at least try to set all 
properties
 }
 setAttribute(name, value);
 }

Modified: tomcat/tc6.0.x/trunk/java/org/apache/tomcat/util/net/NioEndpoint.java
URL: 
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/java/org/apache/tomcat/util/net/NioEndpoint.java?view=diff&rev=511854&r1=511853&r2=511854
==
--- tomcat/tc6.0.x/trunk/java/org/apache/tomcat/util/net/NioEndpoint.java 
(original)
+++ tomcat/tc6.0.x/trunk/java/org/apache/tomcat/util/net/NioEndpoint.java Mon 
Feb 26 07:30:34 2007
@@ -438,6 +438,8 @@
 IntrospectionUtils.setProperty(selectorPool, 
name.substring(selectorPoolName.length()), value);
 } else if (name.startsWith(socketName)) {
 IntrospectionUtils.setProperty(socketProperties, 
name.substring(socketName.length()), value);
+} else {
+IntrospectionUtils.setProperty(this,name,value);
 }
 }catch ( Exception x ) {
 log.error("Unable to set attribute \""+name+"\" to 
\""+value+"\"",x);



-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

svn commit: r511864 - /tomcat/connectors/trunk/jk/xdocs/miscellaneous/changelog.xml

[rjung]

Author: rjung
Date: Mon Feb 26 07:51:39 2007
New Revision: 511864

URL: http://svn.apache.org/viewvc?view=rev&rev=511864
Log:
Fix xml syntax of jfclere's last change log entry.

Modified:
tomcat/connectors/trunk/jk/xdocs/miscellaneous/changelog.xml

Modified: tomcat/connectors/trunk/jk/xdocs/miscellaneous/changelog.xml
URL: 
http://svn.apache.org/viewvc/tomcat/connectors/trunk/jk/xdocs/miscellaneous/changelog.xml?view=diff&rev=511864&r1=511863&r2=511864
==
--- tomcat/connectors/trunk/jk/xdocs/miscellaneous/changelog.xml (original)
+++ tomcat/connectors/trunk/jk/xdocs/miscellaneous/changelog.xml Mon Feb 26 
07:51:39 2007
@@ -27,8 +27,8 @@
   
 
   
-  
   Check the worker. parameters and don't start if the parameter is not a 
valid one. (jfclere)
+  
   
 41439: Allow session IDs to get stripped off URLs of static
 content in Apache by adding JkStripSession



-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

svn commit: r511887 - /tomcat/connectors/trunk/jk/native/common/jk_map.c

[mturk]

Author: mturk
Date: Mon Feb 26 08:47:21 2007
New Revision: 511887

URL: http://svn.apache.org/viewvc?view=rev&rev=511887
Log:
Fix compile time warning. No functional change

Modified:
tomcat/connectors/trunk/jk/native/common/jk_map.c

Modified: tomcat/connectors/trunk/jk/native/common/jk_map.c
URL: 
http://svn.apache.org/viewvc/tomcat/connectors/trunk/jk/native/common/jk_map.c?view=diff&rev=511887&r1=511886&r2=511887
==
--- tomcat/connectors/trunk/jk/native/common/jk_map.c (original)
+++ tomcat/connectors/trunk/jk/native/common/jk_map.c Mon Feb 26 08:47:21 2007
@@ -365,7 +365,7 @@
 trim(v);
 if (strlen(v) && strlen(prp)) {
 const char *oldv;
-int off = strlen(prp) - JK_MAP_REFERENCE_SZ;
+int off = (int)strlen(prp) - (int)JK_MAP_REFERENCE_SZ;
 /* check the worker properties */
 if (off <= 0 || strncmp(&prp[off], JK_MAP_REFERENCE, 
JK_MAP_REFERENCE_SZ) ) {
 if (!jk_is_valid_property(prp)) {



-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

svn commit: r511888 - /tomcat/connectors/trunk/jk/native/iis/jk_isapi_plugin.c

[mturk]

Author: mturk
Date: Mon Feb 26 08:47:49 2007
New Revision: 511888

URL: http://svn.apache.org/viewvc?view=rev&rev=511888
Log:
Fix compile time warning. No functional change

Modified:
tomcat/connectors/trunk/jk/native/iis/jk_isapi_plugin.c

Modified: tomcat/connectors/trunk/jk/native/iis/jk_isapi_plugin.c
URL: 
http://svn.apache.org/viewvc/tomcat/connectors/trunk/jk/native/iis/jk_isapi_plugin.c?view=diff&rev=511888&r1=511887&r2=511888
==
--- tomcat/connectors/trunk/jk/native/iis/jk_isapi_plugin.c (original)
+++ tomcat/connectors/trunk/jk/native/iis/jk_isapi_plugin.c Mon Feb 26 08:47:49 
2007
@@ -549,7 +549,7 @@
 status_str = (char *)malloc((6 + strlen(reason)));
 StringCbPrintf(status_str, 6 + strlen(reason), "%d %s", status, 
reason);
 hi.pszStatus = status_str;
-hi.cchStatus = strlen(status_str);
+hi.cchStatus = (DWORD)strlen(status_str);
 
 /*
  * Create response headers string
@@ -574,7 +574,7 @@
 }
 StringCbCat(headers_str, len_of_headers, crlf);
 hi.pszHeader = headers_str;
-hi.cchHeader = strlen(headers_str);
+hi.cchHeader = (DWORD)strlen(headers_str);
 }
 else {
 hi.pszHeader = crlf;



-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

EJBs

[Carrion, Fabian \(GE Money, consultant\)]

Hi the list,

In the class org.apache.naming.factory.EjbFactory

The exception line 136 is not forwarded to the parent class.

We have :
if (factoryClass != null) {
try {
factory = (ObjectFactory) factoryClass.newInstance();
} catch(Throwable t) {
}
and it should be:
if (factoryClass != null) {
try {
factory = (ObjectFactory) factoryClass.newInstance();
} catch(Throwable t) {
NamingException ex = new NamingException
("Could not load resource factory class");
ex.initCause(t);
throw ex;
}
}
So the user can know what is his configuration problem.

-- 
Fabien Carrion

()  Campagne du ruban ASCII -- Contre les mails en html
/\  contre les pieces-jointes Microsoft
Web: http://fcarrion.carrion.free.fr/


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

DO NOT REPLY [Bug 41706] New: - StandardWrapper uses double-checked locking

[bugzilla]

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=41706

   Summary: StandardWrapper uses double-checked locking
   Product: Tomcat 5
   Version: 5.5.20
  Platform: Other
OS/Version: other
Status: NEW
  Severity: normal
  Priority: P2
 Component: Catalina
AssignedTo: tomcat-dev@jakarta.apache.org
ReportedBy: [EMAIL PROTECTED]


StandardWrapper.allocate includes the following code:

// Load and initialize our instance if necessary
if (instance == null) {
synchronized (this) {
if (instance == null) {
try {
if (log.isDebugEnabled())
log.debug("Allocating non-STM instance");

instance = loadServlet();
} catch (ServletException e) {
throw e;
} catch (Throwable e) {
throw new ServletException
(sm.getString("standardWrapper.allocate"), e);
}
}
}
}

The behavior of the null check before the synchronized block is unspecified, and
can fail.

The additional check should be removed leaving only the check within the
synchronized block:

// Load and initialize our instance if necessary
synchronized (this) {
if (instance == null) {
try {
if (log.isDebugEnabled())
log.debug("Allocating non-STM instance");

instance = loadServlet();
} catch (ServletException e) {
throw e;
} catch (Throwable e) {
throw new ServletException
(sm.getString("standardWrapper.allocate"), e);
}
}
}

-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are the assignee for the bug, or are watching the assignee.

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: Proposed new security pages

[Ian Darwin]

Good stuff. Minor typo in the 5-x page:

>If directory listings are enabled,
>a diretcory listing will be shown.
  ^^

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

DO NOT REPLY [Bug 41697] - make visible in debug output if charset from browser ignored

[bugzilla]

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=41697





--- Additional Comments From [EMAIL PROTECTED]  2007-02-26 10:21 ---
The warning message seems reasonable.

-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are the assignee for the bug, or are watching the assignee.

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Quality check mod_jk 1.2.21-dev

[Rainer Jung]

Hi all,

the next version of mod_jk is approaching its release. A code snapshot 
is available at


http://people.apache.org/~rjung/mod_jk-dev/

It is in the same format as a release download, so easy to build. Under 
the same URL you can find the updated documentation.


It would be nice, if we could get some testing feedback from the 
community. Feel free to post any observations. Depending on your 
feedback we plan to tag the release at the end of the week.


The most important changes are:

Configuration parsing:

- Check worker attributes for unknown names during startup
- Add warning if duplicate map keys are read and are not allowed, e.g. 
when parsing uriworkermap.properties.
- Don't concat worker names, if uriworkermap.properties has a duplicate 
pattern, instead overwrite the worker.
- Fix uriworkermap.properties: Fix off-by-one problem when deleting URL 
mapping during reloading of uriworkermap.properties.


Features

- Optional session id stripping for URLs, that are *not* being forwarded 
(Apache, IIS)


Apache

- Changed semantics of empty defaults for JkEnvVar variables.
- BZ 41610: Fix incorrect detection of missing Content-Length header 
leading to duplicate headers.


IIS Plugin

- Refactoring isapi_plugin configuration reading.

Sun Web Server

- Better build support for SunONE (Netscape/iPlanet) webservers.

Status Worker

- JkStatus: Allow lb sub workers in error state to be marked for 
recovery administratively from the status worker.

- Add configuration to make status worker user name checks case insensitive.
- JkStatus: Show estimated time until next global maintenance.
- Change displayed time until next recovery to a min/max pair.
- JkStatus: Allow a user of a read/write status worker to switch it to 
and from read_only mode temporarily.

- JkStatus: Do not show read/write commands in a read_only status worker.
- JkStatus: Improved logging by adding status worker name to messages. 
Added messages to the recover worker action.
- Load Balancer: Do not try to recover multiple times in parallel. Use 
additional runtime states "PROBE" and "FORCED".

- JkStatus: Improve data synchronization between different processes.
- JkStatus: Refactoring searching for workers and sub workers.

Stability

- 41381: Fix segfault in feature fail_on_status.

Miscellaneous

- Use correct windows line endings for log file on WIN32 platform.
- Add some more errno logging and unify the format.

The full change log is available under

http://people.apache.org/~rjung/mod_jk-dev/docs/miscellaneous/changelog.html

Thanks for your valuable time!

Regards,

Rainer

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: Quality check mod_jk 1.2.21-dev

[Rainer Jung]

... and now you can find windows binaries there too (thanks Mladen) ...

http://people.apache.org/~rjung/mod_jk-dev/

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

svn commit: r511951 - /tomcat/connectors/trunk/jk/native/apache-2.0/mod_jk.c

[mturk]

Author: mturk
Date: Mon Feb 26 11:09:41 2007
New Revision: 511951

URL: http://svn.apache.org/viewvc?view=rev&rev=511951
Log:
Use r->filename because mod_dir or mod_alias could already set that

Modified:
tomcat/connectors/trunk/jk/native/apache-2.0/mod_jk.c

Modified: tomcat/connectors/trunk/jk/native/apache-2.0/mod_jk.c
URL: 
http://svn.apache.org/viewvc/tomcat/connectors/trunk/jk/native/apache-2.0/mod_jk.c?view=diff&rev=511951&r1=511950&r2=511951
==
--- tomcat/connectors/trunk/jk/native/apache-2.0/mod_jk.c (original)
+++ tomcat/connectors/trunk/jk/native/apache-2.0/mod_jk.c Mon Feb 26 11:09:41 
2007
@@ -2799,7 +2799,7 @@
   &jk_module);
 
 if (conf) {
-const char *worker;
+const char *worker;
 if ((r->handler != NULL) && (!strcmp(r->handler, JK_HANDLER))) {
 /* Somebody already set the handler, probably manual config
  * or "native" configuration, no need for extra overhead
@@ -2959,16 +2959,6 @@
 }
 }
 }
-else if (conf->strip_session == JK_TRUE) {
-char *jsessionid = strstr(r->uri, JK_PATH_SESSION_IDENTIFIER);
-if (jsessionid) {
-if (JK_IS_DEBUG_LEVEL(conf->log))
-jk_log(conf->log, JK_LOG_DEBUG,
-   "removing session identifier [%s] for non 
servlet url [%s]",
-   jsessionid, r->uri);
-*jsessionid = '\0';
-}
-}
 }
 }
 
@@ -3019,14 +3009,23 @@
 
 }
 else if (conf->strip_session == JK_TRUE) {
-char *jsessionid = strstr(r->uri, JK_PATH_SESSION_IDENTIFIER);
-if (jsessionid) {
-if (JK_IS_DEBUG_LEVEL(conf->log))
-jk_log(conf->log, JK_LOG_DEBUG,
-   "removing session identifier [%s] for non 
servlet url [%s]",
-   jsessionid, r->uri);
-*jsessionid = '\0';
+char *jsessionid;
+if (r->uri) {
+jsessionid = strstr(r->uri, JK_PATH_SESSION_IDENTIFIER);
+if (jsessionid) {
+if (JK_IS_DEBUG_LEVEL(conf->log))
+jk_log(conf->log, JK_LOG_DEBUG,
+   "removing session identifier [%s] for non 
servlet url [%s]",
+   jsessionid, r->uri);
+*jsessionid = '\0';
+}
 }
+if (r->filename) {
+jsessionid = strstr(r->filename, 
JK_PATH_SESSION_IDENTIFIER);
+if (jsessionid)
+*jsessionid = '\0';
+}
+return DECLINED;
 }
 }
 }



-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

svn commit: r511952 - /tomcat/connectors/trunk/jk/native/apache-1.3/mod_jk.c

[mturk]

Author: mturk
Date: Mon Feb 26 11:11:22 2007
New Revision: 511952

URL: http://svn.apache.org/viewvc?view=rev&rev=511952
Log:
Use r->filename because mod_dir or mod_alias could already set that

Modified:
tomcat/connectors/trunk/jk/native/apache-1.3/mod_jk.c

Modified: tomcat/connectors/trunk/jk/native/apache-1.3/mod_jk.c
URL: 
http://svn.apache.org/viewvc/tomcat/connectors/trunk/jk/native/apache-1.3/mod_jk.c?view=diff&rev=511952&r1=511951&r2=511952
==
--- tomcat/connectors/trunk/jk/native/apache-1.3/mod_jk.c (original)
+++ tomcat/connectors/trunk/jk/native/apache-1.3/mod_jk.c Mon Feb 26 11:11:22 
2007
@@ -2705,13 +2705,21 @@
 }
 }
 else if (conf->strip_session == JK_TRUE) {
-char *jsessionid = strstr(r->uri, JK_PATH_SESSION_IDENTIFIER);
-if (jsessionid) {
-if (JK_IS_DEBUG_LEVEL(conf->log))
-jk_log(conf->log, JK_LOG_DEBUG,
-   "removing session identifier [%s] for non 
servlet url [%s]",
-   jsessionid, r->uri);
-*jsessionid = '\0';
+char *jsessionid;
+if (r->uri) {
+jsessionid = strstr(r->uri, JK_PATH_SESSION_IDENTIFIER);
+if (jsessionid) {
+if (JK_IS_DEBUG_LEVEL(conf->log))
+jk_log(conf->log, JK_LOG_DEBUG,
+   "removing session identifier [%s] for non 
servlet url [%s]",
+   jsessionid, r->uri);
+*jsessionid = '\0';
+}
+}
+if (r->filename) {
+jsessionid = strstr(r->filename, 
JK_PATH_SESSION_IDENTIFIER);
+if (jsessionid)
+*jsessionid = '\0';
 }
 }
 }



-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

DO NOT REPLY [Bug 41706] - StandardWrapper uses double-checked locking

[bugzilla]

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=41706


[EMAIL PROTECTED] changed:

   What|Removed |Added

 Status|NEW |RESOLVED
 Resolution||WONTFIX




--- Additional Comments From [EMAIL PROTECTED]  2007-02-26 10:23 ---
Thanks. This is obviously not going to be addressed, however.

-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are the assignee for the bug, or are watching the assignee.

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: Releasing mod_jk 1.2.21

[Jim Jagielski]

On Feb 23, 2007, at 1:10 PM, Jean-Frederic wrote:

I also  have the pending patch... To prevent typos in the  
properties no

beeing detected what starting httpd.

Should I include it?



Sorry for the delay... unless it's too late, why
the change from HTTP_INTERNAL_SERVER_ERROR to !OK?


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: Quality check mod_jk 1.2.21-dev

[William L. Thomson Jr.]

Packaged and available in a few hours for sync and emerge on Gentoo.

Np with compiling or etc.

-- 
William L. Thomson Jr.
Gentoo/Java


signature.asc
Description: This is a digitally signed message part

Re: Releasing mod_jk 1.2.21

[Mladen Turk]

Jim Jagielski wrote:


On Feb 23, 2007, at 1:10 PM, Jean-Frederic wrote:


I also  have the pending patch... To prevent typos in the properties no
beeing detected what starting httpd.

Should I include it?



Sorry for the delay... unless it's too late, why
the change from HTTP_INTERNAL_SERVER_ERROR to !OK?



No it's not too late. Rainer just did a 'worm-start' :)
However, Jean-Frederic already changed that back to
HTTP_INTERNAL_SERVER_ERROR before release tryout.

Regards,
Mladen.

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: Quality check mod_jk 1.2.21-dev

[William A. Rowe, Jr.]

Will, this doesn't belong on Gentoo - it's a dev/quality check, no different
than any other snapshot.  (If you ship snaps on Gentoo, be our guest.)

William L. Thomson Jr. wrote:
> Packaged and available in a few hours for sync and emerge on Gentoo.
> 
> Np with compiling or etc.
> 


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: Quality check mod_jk 1.2.21-dev

[William L. Thomson Jr.]

On Mon, 2007-02-26 at 13:37 -0600, William A. Rowe, Jr. wrote:
> Will, this doesn't belong on Gentoo - it's a dev/quality check, no different
> than any other snapshot.

Sure but it's sources of a future release, so I will make them available
for anyone to test. Just as I would with alpha, beta, etc. If upstream
has no use for this. Then surely I won't mind not doing bumps, etc for
dev/qa snapshots or etc. Less work ++

>   (If you ship snaps on Gentoo, be our guest.)

We don't really have a suffix for that. Some of the other stuff residing
on p.a.o, I have recently suffixed with _pre. A _dev would be nice,
other stuff get's _alpha, _beta, respectively. This one slipped by me,
should have done _pre I guess. Not sure if we have anything in
particular for snapshots.

We can even do cvs/svn ones if we really want/need to follow development
that closely. What ever upstream prefers, and of course downstream
packager me. :) Now these do not go into stable, they go into ~arch
which is experimental or testing. If really bad, they could go into
overlay. But I prefer main tree/repository. For ease of use, and
greatest exposure.

These types of bumps are minor, and I like to test myself in my own
envs. So can't hurt to make it available for others to test etc.

But if I can ignore them, or etc, just confirm that, and I will do so
from now on.

Thanks much :)


-- 
William L. Thomson Jr.
Gentoo/Java


signature.asc
Description: This is a digitally signed message part

DO NOT REPLY [Bug 41706] - StandardWrapper uses double-checked locking

[bugzilla]

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=41706





--- Additional Comments From [EMAIL PROTECTED]  2007-02-26 11:56 ---
Any particular reason not to address this?

I realize that the Tomcat devs are very sensitive about performance issues, but
in this case (actually, all cases) the use of DCL doesn't guarantee correct
operation. For instance, "instance" could be non-null but also not initialized.

Perhaps nobody ever sees this in the wild.

I haven't had an actual problem, but noticed the use of the DCL anti-pattern
while reading the source for other reasons.


-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are the assignee for the bug, or are watching the assignee.

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: Quality check mod_jk 1.2.21-dev

[William A. Rowe, Jr.]

William L. Thomson Jr. wrote:
> 
> These types of bumps are minor, and I like to test myself in my own
> envs. So can't hurt to make it available for others to test etc.

+1 on testing that the packages all build in advance of any release,
just please don't represent these as releases.  Until you see those
3 +1's and an announce, they are not.

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: Quality check mod_jk 1.2.21-dev

[William L. Thomson Jr.]

On Mon, 2007-02-26 at 13:56 -0600, William A. Rowe, Jr. wrote:
> William L. Thomson Jr. wrote:
> > 
> > These types of bumps are minor, and I like to test myself in my own
> > envs. So can't hurt to make it available for others to test etc.
> 
> +1 on testing that the packages all build in advance of any release,
> just please don't represent these as releases.  Until you see those
> 3 +1's and an announce, they are not.

Sure, I don't call them releases at all. Almost always mention what they
are in logs as well, cvs and package changelog. Nor will I request
stabilization of anything that is not an official release. No stable
alpha's, beta's, etc.

Granted this one I should have tagged _pre, or etc, so it might appear
as a full release. Most people using ~arch on Gentoo, know they are
running unstable where testing and breakage takes place. So it's not
uncommon for snapshot/cvs/svn/dev/alpha/beta/etc stuff to go in there.
Just ideally package name reflects that. Totally my bad with this
one ;) 

If it's release soon enough will be moot. Otherwise I will go and rename
package, and remove other one with incorrect name.


-- 
William L. Thomson Jr.
Gentoo/Java


signature.asc
Description: This is a digitally signed message part

DO NOT REPLY [Bug 41706] - StandardWrapper uses double-checked locking

[bugzilla]

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=41706





--- Additional Comments From [EMAIL PROTECTED]  2007-02-26 12:20 ---
Oh, wait. I'm sorry.

I think that since this piece of code calls a method to instantiate and
initialize the "instance" member, it turns out that this is actually NOT a bug.

You can even avoid the synchronized block, since the loadServlet method itself
is synchronized, and uses only local variables.

My recommendation would be to document the code to mention DCL and why it's
still safe to do in this case, remove the synchronization within the allocate()
method, or both.

This code will be functionally the same as the existing code:
// Load and initialize our instance if necessary
if (instance == null) {
try {
if (log.isDebugEnabled())
log.debug("Allocating non-STM instance");

instance = loadServlet();
} catch (ServletException e) {
throw e;
} catch (Throwable e) {
throw new ServletException
(sm.getString("standardWrapper.allocate"), e);
}
}


-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are the assignee for the bug, or are watching the assignee.

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: Quality check mod_jk 1.2.21-dev

[Jim Jagielski]

On Feb 26, 2007, at 11:11 AM, Rainer Jung wrote:


Hi all,

the next version of mod_jk is approaching its release. A code  
snapshot is available at


http://people.apache.org/~rjung/mod_jk-dev/

It is in the same format as a release download, so easy to build.  
Under the same URL you can find the updated documentation.


It would be nice, if we could get some testing feedback from the  
community. Feel free to post any observations. Depending on your  
feedback we plan to tag the release at the end of the week.




So far so good... I haven't seen any problems with the snap.


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: Quality check mod_jk 1.2.21-dev

[Rainer Jung]

Due to a bug one user found (thanks) in the new JkStripSession feature 
(only in the Apache httpd implementation of it), there is now a new 
tarball available at the old address.


http://people.apache.org/~rjung/mod_jk-dev/

Happy testing!

Regards,

Rainer

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

svn commit: r512088 - in /tomcat/site/trunk: docs/security-5.html xdocs/security-5.xml

[markt]

Author: markt
Date: Mon Feb 26 16:14:01 2007
New Revision: 512088

URL: http://svn.apache.org/viewvc?view=rev&rev=512088
Log:
Fix typo.

Modified:
tomcat/site/trunk/docs/security-5.html
tomcat/site/trunk/xdocs/security-5.xml

Modified: tomcat/site/trunk/docs/security-5.html
URL: 
http://svn.apache.org/viewvc/tomcat/site/trunk/docs/security-5.html?view=diff&rev=512088&r1=512087&r2=512088
==
--- tomcat/site/trunk/docs/security-5.html (original)
+++ tomcat/site/trunk/docs/security-5.html Mon Feb 26 16:14:01 2007
@@ -227,7 +227,7 @@
 This is expected behaviour when directory listings are enabled. The
semicolon (;) is the separator for path parameters so inserting one
before a file name changes the request into a request for a directory
-   with a path parameter. If directory listings are enabled, a diretcory
+   with a path parameter. If directory listings are enabled, a directory
listing will be shown. In response to this and other directory listing
issues, directory listings were changed to be disabled by default.
 

Modified: tomcat/site/trunk/xdocs/security-5.xml
URL: 
http://svn.apache.org/viewvc/tomcat/site/trunk/xdocs/security-5.xml?view=diff&rev=512088&r1=512087&r2=512088
==
--- tomcat/site/trunk/xdocs/security-5.xml (original)
+++ tomcat/site/trunk/xdocs/security-5.xml Mon Feb 26 16:14:01 2007
@@ -32,7 +32,7 @@
 This is expected behaviour when directory listings are enabled. The
semicolon (;) is the separator for path parameters so inserting one
before a file name changes the request into a request for a directory
-   with a path parameter. If directory listings are enabled, a diretcory
+   with a path parameter. If directory listings are enabled, a directory
listing will be shown. In response to this and other directory listing
issues, directory listings were changed to be disabled by default.
 



-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: Proposed new security pages

[Mark Thomas]

Ian Darwin wrote:
> Good stuff. Minor typo in the 5-x page:
> 
>>If directory listings are enabled,
>>a diretcory listing will be shown.

Thanks. Fixed.

Mark

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

DO NOT REPLY [Bug 41709] New: - When calling the API that relates to the buffer after the response is committed, ISE with no messages is thrown.

[bugzilla]

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=41709

   Summary: When calling the API that relates to the buffer after
the response is committed, ISE with no messages is
thrown.
   Product: Tomcat 5
   Version: 5.5.20
  Platform: PC
OS/Version: Windows XP
Status: NEW
  Severity: enhancement
  Priority: P3
 Component: Catalina
AssignedTo: tomcat-dev@jakarta.apache.org
ReportedBy: [EMAIL PROTECTED]


After the response is committed, following API throws IllegalStateException.
It's O.K. but the message of the exception is not set.

- HttpServletResponse#resetBuffer
- HttpServletResponse#sendError
- HttpServletResponse#sendRedirect
- HttpServletResponse#setBufferSize

To understand the bug of the application, it is hoped that the message is set 
like other exceptions.

-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are the assignee for the bug, or are watching the assignee.

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]