DO NOT REPLY [Bug 44275] - isapi_redirect.dll denies access to URI's with META-INF / WEB-INF anywere in the URI

[bugzilla]

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=44275





--- Additional Comments From [EMAIL PROTECTED]  2008-01-24 02:55 ---
What "explanation" ?  Not one that I can see.  TC already has this check in
place so whats that reason again to not pass it through ?

-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are the assignee for the bug, or are watching the assignee.

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

svn commit: r614839 - /tomcat/tc6.0.x/trunk/STATUS.txt

[pero]

Author: pero
Date: Thu Jan 24 02:58:53 2008
New Revision: 614839

URL: http://svn.apache.org/viewvc?rev=614839&view=rev
Log:
Cast my Vote

Modified:
tomcat/tc6.0.x/trunk/STATUS.txt

Modified: tomcat/tc6.0.x/trunk/STATUS.txt
URL: 
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/STATUS.txt?rev=614839&r1=614838&r2=614839&view=diff
==
--- tomcat/tc6.0.x/trunk/STATUS.txt (original)
+++ tomcat/tc6.0.x/trunk/STATUS.txt Thu Jan 24 02:58:53 2008
@@ -72,5 +72,5 @@
 * Fix regression to removal of connection specific comet timeout
   http://people.apache.org/~fhanik/patches/comet-timeout.patch
   Would like for 6.0.16, trivial fix
-  +1: fhanik, jim (by inspection)
+  +1: fhanik, jim (by inspection), pero
   -1:



-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

DO NOT REPLY [Bug 44290] New: - mod_jk/1.2.26: retry is not useful for an important use case

[bugzilla]

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=44290

   Summary: mod_jk/1.2.26: retry is not useful for an important use
case
   Product: Tomcat 5
   Version: 5.5.5
  Platform: Other
OS/Version: other
Status: NEW
  Severity: normal
  Priority: P2
 Component: Connector:AJP
AssignedTo: [EMAIL PROTECTED]
ReportedBy: [EMAIL PROTECTED]


I am running mod_jk/1.2.26 on a front end server talking to a group of tomcats
running on solaris boxes at the back end.

The other day one of the Solaris boxes froze, leaving the network connection to
the switch up. mod_jk failed to notice that the tomcats on this box were down
and kept sending requests.

We can reproduce this consistently: if we halt the box, mod_jk does not notice
that the tomcat is down. On one occasion we waited more than one hour, and still
requests were being sent to the dead tomcat.

mod_jk has lots of options for setting timeouts, but none of them seem to deal
with this use case.

On Linux, we can workaround this by setting the mod_jk socket_timeout however
this setting is not supported on solaris. It would be nice to offer a workaround
on this platform to make failure monitoring useful.

-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are the assignee for the bug, or are watching the assignee.

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

DO NOT REPLY [Bug 44290] - mod_jk/1.2.26: retry is not useful for an important use case

[bugzilla]

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=44290





--- Additional Comments From [EMAIL PROTECTED]  2008-01-24 06:05 ---
Please provide your configuration.

-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are the assignee for the bug, or are watching the assignee.

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

DO NOT REPLY [Bug 44290] - mod_jk/1.2.26: retry is not useful for an important use case

[bugzilla]

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=44290





--- Additional Comments From [EMAIL PROTECTED]  2008-01-24 06:27 ---
workers.properties:

# default worker list
worker.list=word,jkstatus

# worker template
worker.template.port=9009
worker.template.type=ajp13
worker.template.lbfactor=1
worker.template.socket_keepalive=0
worker.template.connect_timeout=5000
worker.template.prepost_timeout=2000
worker.template.reply_timeout=4
worker.template.connection_pool_size=1
worker.template.connection_pool_timeout=60

# workers definition
worker.tomcat1.reference=worker.template
worker.tomcat1.host=tomtom1.online.local

# load balancer definition
worker.word.type=lb
worker.word.max_reply_timeouts=3
worker.word.balance_workers=escappdev1

# status definition
worker.jkstatus.type=status

-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are the assignee for the bug, or are watching the assignee.

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

DO NOT REPLY [Bug 44275] - isapi_redirect.dll denies access to URI's with META-INF / WEB-INF anywere in the URI

[bugzilla]

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=44275





--- Additional Comments From [EMAIL PROTECTED]  2008-01-24 06:38 ---
(In reply to comment #5)
> What "explanation" ?  Not one that I can see.  TC already has this check in
> place so whats that reason again to not pass it through ?

Dunno - i reported this as a Bug for that reason (useless check). The
'explanation' is something i got as reply when i reported the bug (not fixed
because ..).

-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are the assignee for the bug, or are watching the assignee.

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

svn commit: r614930 - /tomcat/tc6.0.x/trunk/webapps/manager/WEB-INF/web.xml

[rjung]

Author: rjung
Date: Thu Jan 24 09:30:31 2008
New Revision: 614930

URL: http://svn.apache.org/viewvc?rev=614930&view=rev
Log:
Add entries for expire command on ManagerServlet to
manager web.xml. Otherwise it will only work
in the HTMLManager, although it's implemented for
the Manager servlet to.

Modified:
tomcat/tc6.0.x/trunk/webapps/manager/WEB-INF/web.xml

Modified: tomcat/tc6.0.x/trunk/webapps/manager/WEB-INF/web.xml
URL: 
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/webapps/manager/WEB-INF/web.xml?rev=614930&r1=614929&r2=614930&view=diff
==
--- tomcat/tc6.0.x/trunk/webapps/manager/WEB-INF/web.xml (original)
+++ tomcat/tc6.0.x/trunk/webapps/manager/WEB-INF/web.xml Thu Jan 24 09:30:31 
2008
@@ -70,6 +70,10 @@
   
   
 Manager
+  /expire
+  
+  
+Manager
   /sessions
   
   
@@ -150,6 +154,7 @@
   /jmxproxy/*
   /html/*
   /list
+  /expire
   /sessions
   /start
   /stop



-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

svn commit: r614932 - /tomcat/tc6.0.x/trunk/webapps/manager/WEB-INF/web.xml

[rjung]

Author: rjung
Date: Thu Jan 24 09:33:07 2008
New Revision: 614932

URL: http://svn.apache.org/viewvc?rev=614932&view=rev
Log:
Revert r614930. Need to patch trunk first.
Sorry for the noise.

Modified:
tomcat/tc6.0.x/trunk/webapps/manager/WEB-INF/web.xml

Modified: tomcat/tc6.0.x/trunk/webapps/manager/WEB-INF/web.xml
URL: 
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/webapps/manager/WEB-INF/web.xml?rev=614932&r1=614931&r2=614932&view=diff
==
--- tomcat/tc6.0.x/trunk/webapps/manager/WEB-INF/web.xml (original)
+++ tomcat/tc6.0.x/trunk/webapps/manager/WEB-INF/web.xml Thu Jan 24 09:33:07 
2008
@@ -70,10 +70,6 @@
   
   
 Manager
-  /expire
-  
-  
-Manager
   /sessions
   
   
@@ -154,7 +150,6 @@
   /jmxproxy/*
   /html/*
   /list
-  /expire
   /sessions
   /start
   /stop



-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

svn commit: r614933 - /tomcat/trunk/webapps/manager/WEB-INF/web.xml

[rjung]

Author: rjung
Date: Thu Jan 24 09:34:38 2008
New Revision: 614933

URL: http://svn.apache.org/viewvc?rev=614933&view=rev
Log:
Add entries for expire command on ManagerServlet to
manager web.xml. Otherwise it will only work
in the HTMLManager, although it's implemented for
the Manager servlet to.

Modified:
tomcat/trunk/webapps/manager/WEB-INF/web.xml

Modified: tomcat/trunk/webapps/manager/WEB-INF/web.xml
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/webapps/manager/WEB-INF/web.xml?rev=614933&r1=614932&r2=614933&view=diff
==
--- tomcat/trunk/webapps/manager/WEB-INF/web.xml (original)
+++ tomcat/trunk/webapps/manager/WEB-INF/web.xml Thu Jan 24 09:34:38 2008
@@ -70,6 +70,10 @@
   
   
 Manager
+  /expire
+  
+  
+Manager
   /sessions
   
   
@@ -150,6 +154,7 @@
   /jmxproxy/*
   /html/*
   /list
+  /expire
   /sessions
   /start
   /stop



-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

svn commit: r614938 - /tomcat/tc6.0.x/trunk/STATUS.txt

[rjung]

Author: rjung
Date: Thu Jan 24 09:45:07 2008
New Revision: 614938

URL: http://svn.apache.org/viewvc?rev=614938&view=rev
Log:
Add backport proposal.

Modified:
tomcat/tc6.0.x/trunk/STATUS.txt

Modified: tomcat/tc6.0.x/trunk/STATUS.txt
URL: 
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/STATUS.txt?rev=614938&r1=614937&r2=614938&view=diff
==
--- tomcat/tc6.0.x/trunk/STATUS.txt (original)
+++ tomcat/tc6.0.x/trunk/STATUS.txt Thu Jan 24 09:45:07 2008
@@ -74,3 +74,11 @@
   Would like for 6.0.16, trivial fix
   +1: fhanik, jim (by inspection), pero
   -1:
+
+* Include expire command of manager webapp's Manager servlet
+  in URL mapping and security constraint.
+  Otherwise it's only reachable in the HTMLManager.
+  http://people.apache.org/~rjung/patches/web_xml_expire.patch
+  (backport of r614933 from trunk)
+  +1: rjung
+  -1:



-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

svn commit: r614974 - in /tomcat/tc6.0.x/trunk: STATUS.txt java/org/apache/coyote/http11/Http11NioProcessor.java

[fhanik]

Author: fhanik
Date: Thu Jan 24 12:22:59 2008
New Revision: 614974

URL: http://svn.apache.org/viewvc?rev=614974&view=rev
Log:
vote and implement

Modified:
tomcat/tc6.0.x/trunk/STATUS.txt
tomcat/tc6.0.x/trunk/java/org/apache/coyote/http11/Http11NioProcessor.java

Modified: tomcat/tc6.0.x/trunk/STATUS.txt
URL: 
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/STATUS.txt?rev=614974&r1=614973&r2=614974&view=diff
==
--- tomcat/tc6.0.x/trunk/STATUS.txt (original)
+++ tomcat/tc6.0.x/trunk/STATUS.txt Thu Jan 24 12:22:59 2008
@@ -80,5 +80,5 @@
   Otherwise it's only reachable in the HTMLManager.
   http://people.apache.org/~rjung/patches/web_xml_expire.patch
   (backport of r614933 from trunk)
-  +1: rjung
+  +1: rjung, fhanik
   -1:

Modified: 
tomcat/tc6.0.x/trunk/java/org/apache/coyote/http11/Http11NioProcessor.java
URL: 
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/java/org/apache/coyote/http11/Http11NioProcessor.java?rev=614974&r1=614973&r2=614974&view=diff
==
--- tomcat/tc6.0.x/trunk/java/org/apache/coyote/http11/Http11NioProcessor.java 
(original)
+++ tomcat/tc6.0.x/trunk/java/org/apache/coyote/http11/Http11NioProcessor.java 
Thu Jan 24 12:22:59 2008
@@ -751,7 +751,10 @@
 NioEndpoint.KeyAttachment attach = 
(NioEndpoint.KeyAttachment)socket.getAttachment(false);
 if (attach != null) {
 attach.setComet(comet);
-if (!comet) {
+if (comet) {
+Integer comettimeout = (Integer) 
request.getAttribute("org.apache.tomcat.comet.timeout");
+if (comettimeout != null) 
attach.setTimeout(comettimeout.longValue());
+} else {
 //reset the timeout
 
attach.setTimeout(endpoint.getSocketProperties().getSoTimeout());
 }
@@ -889,6 +892,10 @@
 NioEndpoint.KeyAttachment attach = 
(NioEndpoint.KeyAttachment) key.attachment();
 if (attach != null)  {
 attach.setComet(comet);
+if (comet) {
+Integer comettimeout = (Integer) 
request.getAttribute("org.apache.tomcat.comet.timeout");
+if (comettimeout != null) 
attach.setTimeout(comettimeout.longValue());
+}
 }
 }
 } catch (InterruptedIOException e) {



-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

DO NOT REPLY [Bug 44285] - ssl.SessionId Cache Control

[bugzilla]

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=44285


[EMAIL PROTECTED] changed:

   What|Removed |Added

   Severity|major   |enhancement




--- Additional Comments From [EMAIL PROTECTED]  2008-01-24 13:13 ---
Marking as an enhancement. Patches are always welcome.

-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are the assignee for the bug, or are watching the assignee.

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Patch for tomcat 5.5.25 to actually close on Connection: close

[John Wehle]

Currently if a servlet uses:

  res.setHeader("Connection", "close");

tomcat just sets the header and sends the reponse to the client.  It
then waits for the client to close the connection.  In some cases (i.e.
buggy client) the client doesn't process the close which causes resources
to be unduly tied up on the server until the connectionTimeout is reached
which then closes the connection.  This also causes the user to experience
a browser delay corresponding to connectionTimeout.

This patches causes tomcat to close a connection after sending a response
which includes "Connection: close".

-- John Wehle
--8<8<
*** 
connectors/http11/src/java/org/apache/coyote/http11/Http11Processor.java.ORIGINAL
   Wed Jan 23 18:35:31 2008
--- connectors/http11/src/java/org/apache/coyote/http11/Http11Processor.java
Thu Jan 24 16:21:36 2008
*** public class Http11Processor implements 
*** 923,928 
--- 923,938 
  }
  request.updateCounters();
  
+ MimeHeaders headers = response.getMimeHeaders();
+ 
+ // Check connection header
+ MessageBytes connectionValueMB = headers.getValue("connection");
+ if (connectionValueMB != null) {
+ if (connectionValueMB.equalsIgnoreCase(Constants.CLOSE)) {
+ keepAlive = false;
+ }
+ }
+ 
  thrA.setCurrentStage(threadPool, "ended");
  rp.setStage(org.apache.coyote.Constants.STAGE_KEEPALIVE);
  
-
|   Feith Systems  |   Voice: 1-215-646-8000  |  Email: [EMAIL PROTECTED]  |
|John Wehle| Fax: 1-215-540-5495  | |
-


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

DOS-Lineends in many files contained in distribution tar.gz

[Rainer Jung]

Hi,

I stumbled today over DOS line endings in the web.xml file of the 
manager contained in TC 6.0.14 tar.gz download.


A little check reveals, that the following files have DOS line endings, 
although the tar.gz is supposed to use Unix convention were appropriate:


- RELEASE-NOTES
- bin/catalina-tasks.xml

and in webapps all files with suffixes:

Count Suffix
 286 html
  46 java
  48 jsp
  12 txt
  11 xml
   5 properties
   4 tag
   3 tld
   2 jspf
   2 jspx
   2 svg
   1 xsd
   1 xsl
   1 mdl

All of those suffixes under webapps always have DOS lineendings (one 
file even has mixed ending: webapps/manager/sessionDetail.jsp misses the 
^M in the last line).


I don't know if dist.xml is actually used for packaging. It uses fixcrlf 
for a couple of files (mainly *.sh, *.txt, conf/*, some [A-Z]*) but it 
would be nice, if we would also transform the above mentioned.


Regards,

Rainer



-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]