Re: Early Access builds for JDK 9 b21, JDK 8u20 b21 are available on java.net

[Rory O'Donnell Oracle, Dublin Ireland]

Hi Mark,

If you log a bug, send me the incident number and I will follow up.

Rgds,Rory

On 07/07/2014 21:10, Mark Thomas wrote:

On 04/07/2014 10:22, Rory O'Donnell Oracle, Dublin Ireland wrote:

Hi Mladen/Mark,

Early Access builds for JDK 9 b21   and
JDK 8u20 b21   are available on
java.net.

As we enter the later phases of development for JDK 8u20 , please log
any show
stoppers as soon as possible.

Rory,

We have received a bug report that indicates that there may well be a
regression in ServerSocket.accept() in Java 7[1] (and I suspect later
versions but I haven't had a chance to look at the code yet).

Given that we have had much more success getting Java bugs fixed when
you point us in the best direction to report stuff, where would you
recommend that we report this issue?

Thanks,

Mark

[1] https://issues.apache.org/bugzilla/show_bug.cgi?id=56684



--
Rgds,Rory O'Donnell
Quality Engineering Manager
Oracle EMEA , Dublin, Ireland


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: Early Access builds for JDK 9 b21, JDK 8u20 b21 are available on java.net

[Mark Thomas]

On 08/07/2014 08:06, Rory O'Donnell Oracle, Dublin Ireland wrote:
> Hi Mark,
> 
> If you log a bug, send me the incident number and I will follow up.
> 
> Rgds,Rory

Thanks Rory,

This particular issue looks like the root cause might be elsewhere but
I'll let you know if that changes.

Mark

> 
> On 07/07/2014 21:10, Mark Thomas wrote:
>> On 04/07/2014 10:22, Rory O'Donnell Oracle, Dublin Ireland wrote:
>>> Hi Mladen/Mark,
>>>
>>> Early Access builds for JDK 9 b21   and
>>> JDK 8u20 b21   are available on
>>> java.net.
>>>
>>> As we enter the later phases of development for JDK 8u20 , please log
>>> any show
>>> stoppers as soon as possible.
>> Rory,
>>
>> We have received a bug report that indicates that there may well be a
>> regression in ServerSocket.accept() in Java 7[1] (and I suspect later
>> versions but I haven't had a chance to look at the code yet).
>>
>> Given that we have had much more success getting Java bugs fixed when
>> you point us in the best direction to report stuff, where would you
>> recommend that we report this issue?
>>
>> Thanks,
>>
>> Mark
>>
>> [1] https://issues.apache.org/bugzilla/show_bug.cgi?id=56684
>>
> 


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: Early Access builds for JDK 9 b21, JDK 8u20 b21 are available on java.net

[Rory O'Donnell Oracle, Dublin Ireland]

On 08/07/2014 09:19, Mark Thomas wrote:

On 08/07/2014 08:06, Rory O'Donnell Oracle, Dublin Ireland wrote:

Hi Mark,

If you log a bug, send me the incident number and I will follow up.

Rgds,Rory

Thanks Rory,

This particular issue looks like the root cause might be elsewhere but
I'll let you know if that changes.

Ok, please do.

Rgds,Rory


Mark


On 07/07/2014 21:10, Mark Thomas wrote:

On 04/07/2014 10:22, Rory O'Donnell Oracle, Dublin Ireland wrote:

Hi Mladen/Mark,

Early Access builds for JDK 9 b21   and
JDK 8u20 b21   are available on
java.net.

As we enter the later phases of development for JDK 8u20 , please log
any show
stoppers as soon as possible.

Rory,

We have received a bug report that indicates that there may well be a
regression in ServerSocket.accept() in Java 7[1] (and I suspect later
versions but I haven't had a chance to look at the code yet).

Given that we have had much more success getting Java bugs fixed when
you point us in the best direction to report stuff, where would you
recommend that we report this issue?

Thanks,

Mark

[1] https://issues.apache.org/bugzilla/show_bug.cgi?id=56684



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



--
Rgds,Rory O'Donnell
Quality Engineering Manager
Oracle EMEA , Dublin, Ireland


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Ant 1.9.4 cannot build "release" target of Tomcat. Use 1.9.3

[Konstantin Kolinko]

Hi!

FYI,  there is a regression in Ant 1.9.4 that makes it unable to build
"release" target of Tomcat 8 or Tomcat 7.

It fails when building "extra" components, because it cannot unpack
commons-logging-1.1.3-src.tar.gz file. The error is

[[[
java.io.IOException: Error detected parsing the header
...
Caused by: java.lang.IllegalArgumentException: Invalid byte 32 at
offset 7 in '   {NUL}' len=8
]]]

The issue is already known and have been fixed for the next version.
https://issues.apache.org/bugzilla/show_bug.cgi?id=56641

Ant 1.9.3 is working correctly.

I think buildbot uses 1.9.2 or 1.9.1, and official releases are done with 1.8.x.

Best regards,
Konstantin Kolinko

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

svn commit: r1608695 - in /tomcat/tc7.0.x/trunk: ./ build.properties.default build.xml webapps/docs/changelog.xml

[markt]

Author: markt
Date: Tue Jul  8 09:10:37 2014
New Revision: 1608695

URL: http://svn.apache.org/r1608695
Log:
Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=56685
Update to Tomcat Native Library version 1.1.31 to pick up the Windows binaries 
that are based on OpenSSL 1.0.1h.

Modified:
tomcat/tc7.0.x/trunk/   (props changed)
tomcat/tc7.0.x/trunk/build.properties.default
tomcat/tc7.0.x/trunk/build.xml
tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml

Propchange: tomcat/tc7.0.x/trunk/
--
  Merged /tomcat/trunk:r1608428

Modified: tomcat/tc7.0.x/trunk/build.properties.default
URL: 
http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/build.properties.default?rev=1608695&r1=1608694&r2=1608695&view=diff
==
--- tomcat/tc7.0.x/trunk/build.properties.default (original)
+++ tomcat/tc7.0.x/trunk/build.properties.default Tue Jul  8 09:10:37 2014
@@ -137,9 +137,11 @@ jdt.loc.1=http://archive.eclipse.org/ecl
 
jdt.loc.2=http://download.eclipse.org/eclipse/downloads/drops4/${jdt.release}/ecj-${jdt.version}.jar
 
 # - Tomcat native library -
-tomcat-native.version=1.1.30
+tomcat-native.version=1.1.31
 tomcat-native.home=${base.path}/tomcat-native-${tomcat-native.version}
 tomcat-native.tar.gz=${tomcat-native.home}/tomcat-native.tar.gz
+# Required due to packaging error in 1.1.31 - remove once fixed
+tomcat-native.win.path=tomcat-native-${tomcat-native.version}-win32-bin
 
tomcat-native.loc.1=${base-tomcat.loc.1}/tomcat-connectors/native/${tomcat-native.version}/source/tomcat-native-${tomcat-native.version}-src.tar.gz
 
tomcat-native.loc.2=${base-tomcat.loc.2}/tomcat-connectors/native/${tomcat-native.version}/source/tomcat-native-${tomcat-native.version}-src.tar.gz
 
tomcat-native.win.1=${base-tomcat.loc.1}/tomcat-connectors/native/${tomcat-native.version}/binaries/tomcat-native-${tomcat-native.version}-win32-bin.zip

Modified: tomcat/tc7.0.x/trunk/build.xml
URL: 
http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/build.xml?rev=1608695&r1=1608694&r2=1608695&view=diff
==
--- tomcat/tc7.0.x/trunk/build.xml (original)
+++ tomcat/tc7.0.x/trunk/build.xml Tue Jul  8 09:10:37 2014
@@ -1795,7 +1795,7 @@
 tofile="${tomcat.dist}/bin/i64/tomcat${version.major}.exe" />
 
 
-  
+  
 
 
   
@@ -2741,7 +2741,7 @@ Apache Tomcat ${version} native binaries
 
   
   
-  
+  
   
 
 

Modified: tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml
URL: 
http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml?rev=1608695&r1=1608694&r2=1608695&view=diff
==
--- tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml Tue Jul  8 09:10:37 2014
@@ -254,9 +254,13 @@
 Update optional Checkstyle library to 5.7. (kkolinko)
   
   
-56685: Add quotes necessary for daemon.sh to 
+56685: Add quotes necessary for daemon.sh to
 work correctly on Solaris. Based on a suggesiton by lfuka. (markt)
   
+  
+56596 Update to Tomcat Native Library version 1.1.31 to pick
+up the Windows binaries that are based on OpenSSL 1.0.1h. (markt)
+  
 
   
 



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

svn commit: r1608697 - in /tomcat/tc7.0.x/trunk: ./ test/org/apache/catalina/session/TestPersistentManager.java

[markt]

Author: markt
Date: Tue Jul  8 09:15:45 2014
New Revision: 1608697

URL: http://svn.apache.org/r1608697
Log:
Fix import order

Modified:
tomcat/tc7.0.x/trunk/   (props changed)

tomcat/tc7.0.x/trunk/test/org/apache/catalina/session/TestPersistentManager.java

Propchange: tomcat/tc7.0.x/trunk/
--
  Merged /tomcat/trunk:r1608645

Modified: 
tomcat/tc7.0.x/trunk/test/org/apache/catalina/session/TestPersistentManager.java
URL: 
http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/test/org/apache/catalina/session/TestPersistentManager.java?rev=1608697&r1=1608696&r2=1608697&view=diff
==
--- 
tomcat/tc7.0.x/trunk/test/org/apache/catalina/session/TestPersistentManager.java
 (original)
+++ 
tomcat/tc7.0.x/trunk/test/org/apache/catalina/session/TestPersistentManager.java
 Tue Jul  8 09:15:45 2014
@@ -27,6 +27,11 @@ import javax.servlet.http.HttpServlet;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
+import org.junit.After;
+import org.junit.Assert;
+import org.junit.Before;
+import org.junit.Test;
+
 import org.apache.catalina.Context;
 import org.apache.catalina.LifecycleException;
 import org.apache.catalina.Manager;
@@ -34,10 +39,6 @@ import org.apache.catalina.Session;
 import org.apache.catalina.Store;
 import org.apache.catalina.startup.Tomcat;
 import org.apache.catalina.startup.TomcatBaseTest;
-import org.junit.After;
-import org.junit.Assert;
-import org.junit.Before;
-import org.junit.Test;
 
 public class TestPersistentManager extends TomcatBaseTest {
 



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: Time for 7.0.55

[Mark Thomas]

On 27/06/2014 17:20, Konstantin Kolinko wrote:
> 2014-06-27 18:16 GMT+04:00 Mark Thomas :
>> On 23/06/2014 14:00, Violeta Georgieva wrote:
>>> 2014-06-22 21:33 GMT+03:00 Konstantin Kolinko :

 2014-06-20 23:59 GMT+04:00 Violeta Georgieva :
> Hi,
>
> I would like to start preparing Tomcat 7.0.55 for voting this weekend.
> If you want to include something in addition to this release, reply
>>> here.
>

 Hi!

 The Mapper issues are taking longer than I anticipated, and I expect
 myself to be busy on the start of next week.  It is impeded by
 implementation differences (Tomcat 7 has two mappers: in Connector and
 in Context, Tomcat 8 has one).

 I would like to backport fixes for 56653 and 56658 to Tomcat 7  (the
 latter has not been fixed in trunk yet) along with other improvements.

 I expect that fixing those issues requires changing internal classes
 of Mapper like I did in r1604319.  I think that we are OK with such
 change, as those are our internal APIs.


 The Tomcat-Native binaries for Windows are linked to an old version of
 OpenSSL that has known security issues.  Christopher has not yet
 succeeded in building it.
>>>
>>> Ok I'll wait for you and Chris.
>>> Meanwhile the new JDT compiler will be officially released (Luna release -
>>> 25.06) and we may include it in 7.0.55.
>>
>> I know we are still waiting for the fixed Windows binaries. What is the
>> status of the remaining work?
> 
> Mapper issues:
> BZ 44312: Fixed. Proposed for 6.0.
> 
> BZ 56653: Fix re-implemented in Tomcat 8 to be less intrusive.
> Not backported.
> I backported testcase for it (r1604846), but neither Gump nor Testbot
> fail with it.
> 
> BZ 56658: Not started.
> 
> I plan to work on Mapper tonight and tomorrow.

Any progress on this? Looking at Bugzilla, these are the only open
issues for 7.0.x and I assume we want to resolve them before a 7.0.55 tag.

Mark


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: Time for 7.0.55

[Konstantin Kolinko]

2014-07-08 13:17 GMT+04:00 Mark Thomas :
> On 27/06/2014 17:20, Konstantin Kolinko wrote:
>> 2014-06-27 18:16 GMT+04:00 Mark Thomas :
>>> On 23/06/2014 14:00, Violeta Georgieva wrote:
 2014-06-22 21:33 GMT+03:00 Konstantin Kolinko
>> Mapper issues:
>> BZ 44312: Fixed. Proposed for 6.0.
>>
>> BZ 56653: Fix re-implemented in Tomcat 8 to be less intrusive.
>> Not backported.
>> I backported testcase for it (r1604846), but neither Gump nor Testbot
>> fail with it.
>>
>> BZ 56658: Not started.
>>
>> I plan to work on Mapper tonight and tomorrow.
>
> Any progress on this? Looking at Bugzilla, these are the only open
> issues for 7.0.x and I assume we want to resolve them before a 7.0.55 tag.

All are fixed in Tomcat 8 a week ago.

I shall backport 56653, 56658 to Tomcat 7 today.

Best regards,
Konstantin Kolinko

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 56703] New: "Current number of backend connections" counter ever increasing when timeouts are defined

[bugzilla]

https://issues.apache.org/bugzilla/show_bug.cgi?id=56703

Bug ID: 56703
   Summary: "Current number of backend connections" counter ever
increasing when timeouts are defined
   Product: Tomcat Connectors
   Version: 1.2.40
  Hardware: PC
OS: Linux
Status: NEW
  Severity: normal
  Priority: P2
 Component: mod_jk
  Assignee: dev@tomcat.apache.org
  Reporter: kn...@knobisoft.de

Hi,

  our environment is (I know, some are old ...):

Apache 2.2.21
mod_jk-1.2.40
Tomcat 7.0.42

We have found that the numbers for "Con", the current number of backend
connections" is growing steadily, well over any sensible number.

The following configuration seems to trigger the behavior:

worker.template.type=ajp13
worker.template.lbfactor=1
worker.template.prepost_timeout=15000
worker.template.connect_timeout=15000
worker.template.ping_timeout=15000
worker.template.ping_mode=A
worker.template.connection_ping_interval=180
worker.template.retries=3
worker.template.connection_pool_timeout=30

Without setting the timeout values, the displayed number of backend connections
looks to be stable.

The behavior seems to have started between mod_jk-1.2.32 and mod_jk-1.2.37.
Looking at the code, I can see some heavy redo of the handling of the
"connected" counter. I suspect a "connected--" is missing, but hard to say
where.

Cheers
Martin

-- 
You are receiving this mail because:
You are the assignee for the bug.

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

NPE during shutdown in Tomcat 8 trunk (regression from r1603376)

[Konstantin Kolinko]

Hi!

Steps to reproduce:
1) Start one instance of Tomcat 8
2) Start second instance of Tomcat 8
3) The second instance shuts down (as expected), but the following
NPEs are logged into catalina.$date.log, both for HTTP and AJP
connectors:
[[[
08-Jul-2014 14:50:25.589 SEVERE [main]
org.apache.coyote.AbstractProtocol.stop Failed to stop end point
associated with ProtocolHandler ["http-nio-8080"]
 java.lang.NullPointerException
at org.apache.tomcat.util.net.NioEndpoint.stopInternal(NioEndpoint.java:457)
at 
org.apache.tomcat.util.net.AbstractEndpoint.stop(AbstractEndpoint.java:783)

]]]

The line is "eventCache.clear();" and the cause are changes in r1603376.

Re-reviewing r1603376:
- the only difference for NioEndpoint is that creation of caches is
deferred from constructor to startInternal().
- for Nio2Endpoint the creation is deferred and now depends on useCaches flag.

Is there a point in deferring creation of caches for Nio? Was there an
idea to make creation dependent on some flag ("useCaches"), like it is
done for Nio2?

If there is no point in deferring, then reverting that part of
r1603376 is a way to go. If there is, then adding null pointer checks
is the way to go.

Best regards,
Konstantin Kolinko

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

svn commit: r1608737 - in /tomcat/trunk: java/org/apache/tomcat/util/net/Nio2Endpoint.java java/org/apache/tomcat/util/net/NioEndpoint.java webapps/docs/changelog.xml

[remm]

Author: remm
Date: Tue Jul  8 11:55:24 2014
New Revision: 1608737

URL: http://svn.apache.org/r1608737
Log:
Avoid doing anything if the endpoint is not running (avoids possible NPE with 
the caches (?) ) and create caches first in start (just in case).
Note: I still don't see much real benefit in these caches, and their 
configuration is even more questionable (but it is there and documented).

Modified:
tomcat/trunk/java/org/apache/tomcat/util/net/Nio2Endpoint.java
tomcat/trunk/java/org/apache/tomcat/util/net/NioEndpoint.java
tomcat/trunk/webapps/docs/changelog.xml

Modified: tomcat/trunk/java/org/apache/tomcat/util/net/Nio2Endpoint.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/net/Nio2Endpoint.java?rev=1608737&r1=1608736&r2=1608737&view=diff
==
--- tomcat/trunk/java/org/apache/tomcat/util/net/Nio2Endpoint.java (original)
+++ tomcat/trunk/java/org/apache/tomcat/util/net/Nio2Endpoint.java Tue Jul  8 
11:55:24 2014
@@ -345,11 +345,6 @@ public class Nio2Endpoint extends Abstra
 running = true;
 paused = false;
 
-// Create worker collection
-if ( getExecutor() == null ) {
-createExecutor();
-}
-
 if (useCaches) {
 processorCache = new 
SynchronizedStack<>(SynchronizedStack.DEFAULT_SIZE,
 socketProperties.getProcessorCache());
@@ -359,6 +354,11 @@ public class Nio2Endpoint extends Abstra
 socketProperties.getBufferPool());
 }
 
+// Create worker collection
+if ( getExecutor() == null ) {
+createExecutor();
+}
+
 initializeConnectionLatch();
 startAcceptorThreads();
 
@@ -384,30 +384,30 @@ public class Nio2Endpoint extends Abstra
 running = false;
 getAsyncTimeout().stop();
 unlockAccept();
-}
-// Use the executor to avoid binding the main thread if something bad
-// occurs and unbind will also wait for a bit for it to complete
-getExecutor().execute(new Runnable() {
-@Override
-public void run() {
-// Timeout any pending async request
-for (SocketWrapper socket : waitingRequests) {
-processSocket(socket, SocketStatus.TIMEOUT, false);
-}
-// Then close all active connections if any remains
-try {
-handler.closeAll();
-} catch (Throwable t) {
-ExceptionUtils.handleThrowable(t);
-} finally {
-allClosed = true;
+// Use the executor to avoid binding the main thread if something 
bad
+// occurs and unbind will also wait for a bit for it to complete
+getExecutor().execute(new Runnable() {
+@Override
+public void run() {
+// Timeout any pending async request
+for (SocketWrapper socket : waitingRequests) {
+processSocket(socket, SocketStatus.TIMEOUT, false);
+}
+// Then close all active connections if any remains
+try {
+handler.closeAll();
+} catch (Throwable t) {
+ExceptionUtils.handleThrowable(t);
+} finally {
+allClosed = true;
+}
 }
+});
+if (useCaches) {
+socketWrapperCache.clear();
+nioChannels.clear();
+processorCache.clear();
 }
-});
-if (useCaches) {
-socketWrapperCache.clear();
-nioChannels.clear();
-processorCache.clear();
 }
 }
 

Modified: tomcat/trunk/java/org/apache/tomcat/util/net/NioEndpoint.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/net/NioEndpoint.java?rev=1608737&r1=1608736&r2=1608737&view=diff
==
--- tomcat/trunk/java/org/apache/tomcat/util/net/NioEndpoint.java (original)
+++ tomcat/trunk/java/org/apache/tomcat/util/net/NioEndpoint.java Tue Jul  8 
11:55:24 2014
@@ -401,11 +401,6 @@ public class NioEndpoint extends Abstrac
 running = true;
 paused = false;
 
-// Create worker collection
-if ( getExecutor() == null ) {
-createExecutor();
-}
-
 processorCache = new 
SynchronizedStack<>(SynchronizedStack.DEFAULT_SIZE,
 socketProperties.getProcessorCache());
 keyCache = new SynchronizedStack<>(SynchronizedStack.DEFAULT_SIZE,
@@ -415,6 +410,11 @@ public class

[Bug 56684] java7: java.net.SocketTimeoutException: Accept timed out

[bugzilla]

https://issues.apache.org/bugzilla/show_bug.cgi?id=56684

Mark Thomas  changed:

   What|Removed |Added

 Status|NEW |NEEDINFO

--- Comment #5 from Mark Thomas  ---
I was testing on Ubuntu Precise. After updating to Trusty I see the same value
as you of 4294967295. That, at least, explains why we were seeing different
values.

I've looked through both the Tomcat code and the Java 7 code and I don't see
anything wrong (although I am no C/C++ expert). Neither do I see anything that
explain the behaviour you are seeing.

I think the next steps are to see if you can reproduce this issue with a test
case that doesn't take ~50 days to run.

-- 
You are receiving this mail because:
You are the assignee for the bug.

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 56684] java7: java.net.SocketTimeoutException: Accept timed out

[bugzilla]

https://issues.apache.org/bugzilla/show_bug.cgi?id=56684

--- Comment #6 from Konstantin Kolinko  ---
Javadoc for ServerSocket.accept() says that SocketTimeoutException can be
thrown by the method "if a timeout was previously set with setSoTimeout". [1]


[1]
http://docs.oracle.com/javase/7/docs/api/java/net/ServerSocket.html#accept%28%29

BTW,
Javadoc for ServerSocket.setSoTimeout() says that to set an infinite timeout
one uses the value of "0". Is somebody confusing '0' and '-1'?

I think the javadoc for ServerSocket.accept() implies that the default timeout
is infinite. So I think it is a JRE bug.


In general it makes some sense to protect against this. A timeout is not a
"receiving a valid shutdown command" event, and encountering a timeout does not
make the server socket an invalid one, so we should be able to continue.

-- 
You are receiving this mail because:
You are the assignee for the bug.

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 56684] java7: java.net.SocketTimeoutException: Accept timed out

[bugzilla]

https://issues.apache.org/bugzilla/show_bug.cgi?id=56684

--- Comment #7 from Mark Thomas  ---
(In reply to Konstantin Kolinko from comment #6)
> BTW,
> Javadoc for ServerSocket.setSoTimeout() says that to set an infinite timeout
> one uses the value of "0". Is somebody confusing '0' and '-1'?

Not that I can see having looked at the JRE code.

> I think the javadoc for ServerSocket.accept() implies that the default
> timeout is infinite. So I think it is a JRE bug.

That is a possibility, but having looked at the JRE code, I don't see where the
problem is.

> In general it makes some sense to protect against this. A timeout is not a
> "receiving a valid shutdown command" event, and encountering a timeout does
> not make the server socket an invalid one, so we should be able to continue.

Agreed. There is no reason I can think of that accept should time out so we can
certiainly add some protection against this issue here. We can probably add
some useful debug info as well.

-- 
You are receiving this mail because:
You are the assignee for the bug.

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

svn commit: r1608753 - in /tomcat: native/branches/1.1.x/xdocs/ native/branches/1.1.x/xdocs/news/ site/trunk/docs/ site/trunk/docs/native-doc/ site/trunk/docs/native-doc/miscellaneous/ site/trunk/docs

[markt]

Author: markt
Date: Tue Jul  8 13:10:46 2014
New Revision: 1608753

URL: http://svn.apache.org/r1608753
Log:
Announce the Tomcat Native 1.1.31 release

Modified:
tomcat/native/branches/1.1.x/xdocs/index.xml
tomcat/native/branches/1.1.x/xdocs/news/2014.xml
tomcat/site/trunk/docs/index.html
tomcat/site/trunk/docs/native-doc/index.html
tomcat/site/trunk/docs/native-doc/miscellaneous/changelog.html
tomcat/site/trunk/docs/native-doc/news/2014.html
tomcat/site/trunk/docs/oldnews.html
tomcat/site/trunk/xdocs/index.xml
tomcat/site/trunk/xdocs/oldnews.xml

Modified: tomcat/native/branches/1.1.x/xdocs/index.xml
URL: 
http://svn.apache.org/viewvc/tomcat/native/branches/1.1.x/xdocs/index.xml?rev=1608753&r1=1608752&r2=1608753&view=diff
==
--- tomcat/native/branches/1.1.x/xdocs/index.xml (original)
+++ tomcat/native/branches/1.1.x/xdocs/index.xml Tue Jul  8 13:10:46 2014
@@ -64,8 +64,8 @@ manual is described in more detail below
 
 
 
-15 April 2014 - TC-Native-1.1.30 
released
-The Apache Tomcat team is proud to announce the immediate availability of 
Tomcat Native 1.1.30 Stable.
+7 July 2014 - TC-Native-1.1.31 
released
+The Apache Tomcat team is proud to announce the immediate availability of 
Tomcat Native 1.1.31 Stable.
 
 
  The sources and the binaries for selected platforms are available from the

Modified: tomcat/native/branches/1.1.x/xdocs/news/2014.xml
URL: 
http://svn.apache.org/viewvc/tomcat/native/branches/1.1.x/xdocs/news/2014.xml?rev=1608753&r1=1608752&r2=1608753&view=diff
==
--- tomcat/native/branches/1.1.x/xdocs/news/2014.xml (original)
+++ tomcat/native/branches/1.1.x/xdocs/news/2014.xml Tue Jul  8 13:10:46 2014
@@ -30,10 +30,10 @@
 
 
 
- 
+ 
   The Apache Tomcat team is proud to announce the immediate availability
-  of Tomcat Native 1.1.30. This is a bug fixing release with added support for
-  EC ciphers if supported by OpenSSL.
+  of Tomcat Native 1.1.31. This is a bug fixing release and includes Windows
+  binaries built with OpenSSL 1.0.1h.
   
  
 

Modified: tomcat/site/trunk/docs/index.html
URL: 
http://svn.apache.org/viewvc/tomcat/site/trunk/docs/index.html?rev=1608753&r1=1608752&r2=1608753&view=diff
==
--- tomcat/site/trunk/docs/index.html (original)
+++ tomcat/site/trunk/docs/index.html Tue Jul  8 13:10:46 2014
@@ -224,6 +224,33 @@ project logo are trademarks of the Apach
 
 
 
+
+2014-07-07 Tomcat Native 1.1.31 
Released
+
+
+
+The Apache Tomcat Project is proud to announce the release of version 1.1.31 of
+Tomcat Native. The notable changes since 1.1.30 include:
+
+
+
+  
+Windows binaries are linked with OpenSSL 1.0.1h. This provides a fix
+   for http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0224"; 
rel="nofollow">CVE-2014-0224, an OpenSSL MITM vulnerability.
+   (https://issues.apache.org/bugzilla/show_bug.cgi?id=56596";>56596)
+  
+Resolve an issue when using FIPS mode. (https://issues.apache.org/bugzilla/show_bug.cgi?id=56396";>56396)
+
+
+
+
+
+Download |
+ChangeLog for 1.1.31
+
+
+
+
 
 2014-06-25 Tomcat 8.0.9 Released
 
@@ -366,34 +393,6 @@ This version fixes few bugs found in pre
 
 
 
-
-2014-04-15 Tomcat Native 1.1.30 
Released
-
-
-
-The Apache Tomcat Project is proud to announce the release of version 1.1.30 of
-Tomcat Native. The notable changes since 1.1.29 include:
-
-
-
-  
-Windows binaries are linked with OpenSSL 1.0.1g. This provides a fix
-   for http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160"; 
rel="nofollow">CVE-2014-0160
-   (https://wiki.apache.org/tomcat/Security/Heartbleed";>Heartbleed)
-   SSL vulnerability.
-  
-Add support for ECDHE ciphers. (https://issues.apache.org/bugzilla/show_bug.cgi?id=55915";>55915)
-
-
-
-
-
-Download |
-ChangeLog for 1.1.30
-
-
-
-
 
 2014-01-02 Apache Standard Taglib 1.2.1 
Released
 

Modified: tomcat/site/trunk/docs/native-doc/index.html
URL: 
http://svn.apache.org/viewvc/tomcat/site/trunk/docs/native-doc/index.html?rev=1608753&r1=1608752&r2=1608753&view=diff
==
--- tomcat/site/trunk/docs/native-doc/index.html (original)
+++ tomcat/site/trunk/docs/native-doc/index.html Tue Jul  8 13:10:46 2014
@@ -32,8 +32,8 @@ manual is described in more detail below
 Headlines
 
 
-15 April 2014 - TC-Native-1.1.30 
released
-The Apache Tomcat team is proud to announce the immediate availability of 
Tomcat Native 1.1.30 Stable.
+7 July 2014 - TC-Native-1.1.31 
released
+The Apache Tomcat team is proud to announce the immediate availability of 
Tomcat Native 1.1.31 Stable.
 
 
  The sources and the binaries for selected platforms are available from the

Modified: tomcat/site/trunk/docs/native-doc/miscellaneous/changelog.html
URL: 
http://svn.apache.org/viewvc/tomcat/site/trunk/docs/nat

svn commit: r1608761 - in /tomcat: native/branches/1.1.x/xdocs/news/ site/trunk/docs/native-doc/news/

[markt]

Author: markt
Date: Tue Jul  8 13:15:02 2014
New Revision: 1608761

URL: http://svn.apache.org/r1608761
Log:
Drop reference to mailing list that no longer exists

Modified:
tomcat/native/branches/1.1.x/xdocs/news/2008.xml
tomcat/native/branches/1.1.x/xdocs/news/2009.xml
tomcat/native/branches/1.1.x/xdocs/news/2010.xml
tomcat/native/branches/1.1.x/xdocs/news/2011.xml
tomcat/native/branches/1.1.x/xdocs/news/2012.xml
tomcat/native/branches/1.1.x/xdocs/news/2013.xml
tomcat/native/branches/1.1.x/xdocs/news/2014.xml
tomcat/site/trunk/docs/native-doc/news/2008.html
tomcat/site/trunk/docs/native-doc/news/2009.html
tomcat/site/trunk/docs/native-doc/news/2010.html
tomcat/site/trunk/docs/native-doc/news/2011.html
tomcat/site/trunk/docs/native-doc/news/2012.html
tomcat/site/trunk/docs/native-doc/news/2013.html
tomcat/site/trunk/docs/native-doc/news/2014.html

Modified: tomcat/native/branches/1.1.x/xdocs/news/2008.xml
URL: 
http://svn.apache.org/viewvc/tomcat/native/branches/1.1.x/xdocs/news/2008.xml?rev=1608761&r1=1608760&r2=1608761&view=diff
==
--- tomcat/native/branches/1.1.x/xdocs/news/2008.xml (original)
+++ tomcat/native/branches/1.1.x/xdocs/news/2008.xml Tue Jul  8 13:15:02 2014
@@ -23,7 +23,6 @@
   &project;
 
   
-Apache Tomcat Native 
Project
 2008 News and Status
   
 

Modified: tomcat/native/branches/1.1.x/xdocs/news/2009.xml
URL: 
http://svn.apache.org/viewvc/tomcat/native/branches/1.1.x/xdocs/news/2009.xml?rev=1608761&r1=1608760&r2=1608761&view=diff
==
--- tomcat/native/branches/1.1.x/xdocs/news/2009.xml (original)
+++ tomcat/native/branches/1.1.x/xdocs/news/2009.xml Tue Jul  8 13:15:02 2014
@@ -23,7 +23,6 @@
   &project;
 
   
-Apache Tomcat Native 
Project
 2009 News and Status
   
 

Modified: tomcat/native/branches/1.1.x/xdocs/news/2010.xml
URL: 
http://svn.apache.org/viewvc/tomcat/native/branches/1.1.x/xdocs/news/2010.xml?rev=1608761&r1=1608760&r2=1608761&view=diff
==
--- tomcat/native/branches/1.1.x/xdocs/news/2010.xml (original)
+++ tomcat/native/branches/1.1.x/xdocs/news/2010.xml Tue Jul  8 13:15:02 2014
@@ -23,7 +23,6 @@
   &project;
 
   
-Apache Tomcat Native 
Project
 2010 News and Status
   
 

Modified: tomcat/native/branches/1.1.x/xdocs/news/2011.xml
URL: 
http://svn.apache.org/viewvc/tomcat/native/branches/1.1.x/xdocs/news/2011.xml?rev=1608761&r1=1608760&r2=1608761&view=diff
==
--- tomcat/native/branches/1.1.x/xdocs/news/2011.xml (original)
+++ tomcat/native/branches/1.1.x/xdocs/news/2011.xml Tue Jul  8 13:15:02 2014
@@ -23,7 +23,6 @@
   &project;
 
   
-Apache Tomcat Native 
Project
 2011 News and Status
   
 

Modified: tomcat/native/branches/1.1.x/xdocs/news/2012.xml
URL: 
http://svn.apache.org/viewvc/tomcat/native/branches/1.1.x/xdocs/news/2012.xml?rev=1608761&r1=1608760&r2=1608761&view=diff
==
--- tomcat/native/branches/1.1.x/xdocs/news/2012.xml (original)
+++ tomcat/native/branches/1.1.x/xdocs/news/2012.xml Tue Jul  8 13:15:02 2014
@@ -23,7 +23,6 @@
   &project;
 
   
-Apache Tomcat Native 
Project
 2012 News and Status
   
 

Modified: tomcat/native/branches/1.1.x/xdocs/news/2013.xml
URL: 
http://svn.apache.org/viewvc/tomcat/native/branches/1.1.x/xdocs/news/2013.xml?rev=1608761&r1=1608760&r2=1608761&view=diff
==
--- tomcat/native/branches/1.1.x/xdocs/news/2013.xml (original)
+++ tomcat/native/branches/1.1.x/xdocs/news/2013.xml Tue Jul  8 13:15:02 2014
@@ -23,7 +23,6 @@
   &project;
 
   
-Apache Tomcat Native 
Project
 2013 News and Status
   
 

Modified: tomcat/native/branches/1.1.x/xdocs/news/2014.xml
URL: 
http://svn.apache.org/viewvc/tomcat/native/branches/1.1.x/xdocs/news/2014.xml?rev=1608761&r1=1608760&r2=1608761&view=diff
==
--- tomcat/native/branches/1.1.x/xdocs/news/2014.xml (original)
+++ tomcat/native/branches/1.1.x/xdocs/news/2014.xml Tue Jul  8 13:15:02 2014
@@ -23,7 +23,6 @@
   &project;
 
   
-Apache Tomcat Native 
Project
 2014 News and Status
   
 

Modified: tomcat/site/trunk/docs/native-doc/news/2008.html
URL: 
http://svn.apache.org/viewvc/tomcat/site/trunk/docs/native-doc/news/2008.html?rev=1608761&r1=1608760&r2=1608761&view=diff
==
--- tomcat/site/trunk/docs/native-doc/news/2008.html (original)
+++ tomcat/site/trunk/docs/native-doc/news/2008.html Tue Jul  8 13:15:02 2014
@@ -1,5 +1,5 @@
 
-The Apache Tomcat Native - News - 2008 News and 
Statushttp://tom

svn commit: r1608765 - in /tomcat: native/branches/1.1.x/xdocs/news/2014.xml site/trunk/docs/native-doc/news/2014.html

[markt]

Author: markt
Date: Tue Jul  8 13:18:13 2014
New Revision: 1608765

URL: http://svn.apache.org/r1608765
Log:
Restore accidentally deleted news item

Modified:
tomcat/native/branches/1.1.x/xdocs/news/2014.xml
tomcat/site/trunk/docs/native-doc/news/2014.html

Modified: tomcat/native/branches/1.1.x/xdocs/news/2014.xml
URL: 
http://svn.apache.org/viewvc/tomcat/native/branches/1.1.x/xdocs/news/2014.xml?rev=1608765&r1=1608764&r2=1608765&view=diff
==
--- tomcat/native/branches/1.1.x/xdocs/news/2014.xml (original)
+++ tomcat/native/branches/1.1.x/xdocs/news/2014.xml Tue Jul  8 13:18:13 2014
@@ -29,12 +29,18 @@
 
 
 
- 
+ 
   The Apache Tomcat team is proud to announce the immediate availability
   of Tomcat Native 1.1.31. This is a bug fixing release and includes Windows
   binaries built with OpenSSL 1.0.1h.
   
  
+ 
+  The Apache Tomcat team is proud to announce the immediate availability
+  of Tomcat Native 1.1.30. This is a bug fixing release with added support for
+  EC ciphers if supported by OpenSSL.
+  
+ 
 
 
 

Modified: tomcat/site/trunk/docs/native-doc/news/2014.html
URL: 
http://svn.apache.org/viewvc/tomcat/site/trunk/docs/native-doc/news/2014.html?rev=1608765&r1=1608764&r2=1608765&view=diff
==
--- tomcat/site/trunk/docs/native-doc/news/2014.html (original)
+++ tomcat/site/trunk/docs/native-doc/news/2014.html Tue Jul  8 13:18:13 2014
@@ -1,11 +1,17 @@
 
 The Apache Tomcat Native - News - 2014 News and 
Statushttp://tomcat.apache.org/";>http://www.apache.org/"; target="_blank">The Apache Tomcat Native - 
NewsLinksDocs Home
 Miscellaneous 
DocumentationChangelogNews20142013201220112010200920082014 News and Status2014 News & Status
- 7 July 2014 - TC-Native-1.1.31 
released
+ 7 July 2014 - TC-Native-1.1.31 
released
   The Apache Tomcat team is proud to announce the immediate availability
   of Tomcat Native 1.1.31. This is a bug fixing release and includes Windows
   binaries built with OpenSSL 1.0.1h.
   
  
+ 15 April - TC-Native-1.1.30 
released
+  The Apache Tomcat team is proud to announce the immediate availability
+  of Tomcat Native 1.1.30. This is a bug fixing release with added support for
+  EC ciphers if supported by OpenSSL.
+  
+ 
 
 Copyright © 2008-2014, The Apache Software Foundation
   
\ No newline at end of file



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

svn commit: r1608768 - in /tomcat: native/branches/1.1.x/xdocs/index.xml site/trunk/docs/native-doc/index.html

[markt]

Author: markt
Date: Tue Jul  8 13:19:02 2014
New Revision: 1608768

URL: http://svn.apache.org/r1608768
Log:
Fix copy/paste oversight

Modified:
tomcat/native/branches/1.1.x/xdocs/index.xml
tomcat/site/trunk/docs/native-doc/index.html

Modified: tomcat/native/branches/1.1.x/xdocs/index.xml
URL: 
http://svn.apache.org/viewvc/tomcat/native/branches/1.1.x/xdocs/index.xml?rev=1608768&r1=1608767&r2=1608768&view=diff
==
--- tomcat/native/branches/1.1.x/xdocs/index.xml (original)
+++ tomcat/native/branches/1.1.x/xdocs/index.xml Tue Jul  8 13:19:02 2014
@@ -64,7 +64,7 @@ manual is described in more detail below
 
 
 
-7 July 2014 - TC-Native-1.1.31 
released
+7 July 2014 - TC-Native-1.1.31 
released
 The Apache Tomcat team is proud to announce the immediate availability of 
Tomcat Native 1.1.31 Stable.
 
 

Modified: tomcat/site/trunk/docs/native-doc/index.html
URL: 
http://svn.apache.org/viewvc/tomcat/site/trunk/docs/native-doc/index.html?rev=1608768&r1=1608767&r2=1608768&view=diff
==
--- tomcat/site/trunk/docs/native-doc/index.html (original)
+++ tomcat/site/trunk/docs/native-doc/index.html Tue Jul  8 13:19:02 2014
@@ -32,7 +32,7 @@ manual is described in more detail below
 Headlines
 
 
-7 July 2014 - TC-Native-1.1.31 
released
+7 July 2014 - TC-Native-1.1.31 
released
 The Apache Tomcat team is proud to announce the immediate availability of 
Tomcat Native 1.1.31 Stable.
 
 



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

svn commit: r1608774 - in /tomcat/site/trunk: docs/download-native.html xdocs/download-native.xml

[markt]

Author: markt
Date: Tue Jul  8 13:22:52 2014
New Revision: 1608774

URL: http://svn.apache.org/r1608774
Log:
Update download page

Modified:
tomcat/site/trunk/docs/download-native.html
tomcat/site/trunk/xdocs/download-native.xml

Modified: tomcat/site/trunk/docs/download-native.html
URL: 
http://svn.apache.org/viewvc/tomcat/site/trunk/docs/download-native.html?rev=1608774&r1=1608773&r2=1608774&view=diff
==
--- tomcat/site/trunk/docs/download-native.html (original)
+++ tomcat/site/trunk/docs/download-native.html Tue Jul  8 13:22:52 2014
@@ -265,14 +265,14 @@
 
 
   
-
-Native 1.1.30 Source Release tar.gz (e.g. Unix, Linux, Mac 
OS)
+
+Native 1.1.31 Source Release tar.gz (e.g. Unix, Linux, Mac 
OS)
 
   
 
-[https://www.apache.org/dist/tomcat/tomcat-connectors/native/1.1.30/source/tomcat-native-1.1.30-src.tar.gz.asc";>PGP],
-[https://www.apache.org/dist/tomcat/tomcat-connectors/native/1.1.30/source/tomcat-native-1.1.30-src.tar.gz.md5";>MD5],
-[https://www.apache.org/dist/tomcat/tomcat-connectors/native/1.1.30/source/tomcat-native-1.1.30-src.tar.gz.sha1";>SHA1]
+[https://www.apache.org/dist/tomcat/tomcat-connectors/native/1.1.31/source/tomcat-native-1.1.31-src.tar.gz.asc";>PGP],
+[https://www.apache.org/dist/tomcat/tomcat-connectors/native/1.1.31/source/tomcat-native-1.1.31-src.tar.gz.md5";>MD5],
+[https://www.apache.org/dist/tomcat/tomcat-connectors/native/1.1.31/source/tomcat-native-1.1.31-src.tar.gz.sha1";>SHA1]
   
 
 
@@ -281,14 +281,14 @@
 
 
   
-
-Native 1.1.30 Source Release zip (e.g. Windows)
+
+Native 1.1.31 Source Release zip (e.g. Windows)
 
   
 
-[https://www.apache.org/dist/tomcat/tomcat-connectors/native/1.1.30/source/tomcat-native-1.1.30-win32-src.zip.asc";>PGP],
-[https://www.apache.org/dist/tomcat/tomcat-connectors/native/1.1.30/source/tomcat-native-1.1.30-win32-src.zip.md5";>MD5],
-[https://www.apache.org/dist/tomcat/tomcat-connectors/native/1.1.30/source/tomcat-native-1.1.30-win32-src.zip.sha1";>SHA1]
+[https://www.apache.org/dist/tomcat/tomcat-connectors/native/1.1.31/source/tomcat-native-1.1.31-win32-src.zip.asc";>PGP],
+[https://www.apache.org/dist/tomcat/tomcat-connectors/native/1.1.31/source/tomcat-native-1.1.31-win32-src.zip.md5";>MD5],
+[https://www.apache.org/dist/tomcat/tomcat-connectors/native/1.1.31/source/tomcat-native-1.1.31-win32-src.zip.sha1";>SHA1]
   
 
 
@@ -303,7 +303,7 @@
 
 You can find binaries release too.
 You may download them from
-  HERE
+  HERE
 
 
 
@@ -333,14 +333,14 @@
   
 
 
-
-  Native 1.1.30 Windows Binaries zip (recommended)
+
+  Native 1.1.31 Windows Binaries zip (recommended)
   
 
 
-  [https://www.apache.org/dist/tomcat/tomcat-connectors/native/1.1.30/binaries/tomcat-native-1.1.30-win32-bin.zip.asc";>PGP],
-  [https://www.apache.org/dist/tomcat/tomcat-connectors/native/1.1.30/binaries/tomcat-native-1.1.30-win32-bin.zip.md5";>MD5],
-  [https://www.apache.org/dist/tomcat/tomcat-connectors/native/1.1.30/binaries/tomcat-native-1.1.30-win32-bin.zip.sha1";>SHA1]
+  [https://www.apache.org/dist/tomcat/tomcat-connectors/native/1.1.31/binaries/tomcat-native-1.1.31-win32-bin.zip.asc";>PGP],
+  [https://www.apache.org/dist/tomcat/tomcat-connectors/native/1.1.31/binaries/tomcat-native-1.1.31-win32-bin.zip.md5";>MD5],
+  [https://www.apache.org/dist/tomcat/tomcat-connectors/native/1.1.31/binaries/tomcat-native-1.1.31-win32-bin.zip.sha1";>SHA1]
 
   
 
@@ -349,15 +349,15 @@
   
 
 
-
-  Native 1.1.30 Windows OCSP-enabled Binaries zip
+
+  Native 1.1.31 Windows OCSP-enabled Binaries zip
   
 
 
 
-  [https://www.apache.org/dist/tomcat/tomcat-connectors/native/1.1.30/binaries/tomcat-native-1.1.30-ocsp-win32-bin.zip.asc";>PGP],
-  [https://www.apache.org/dist/tomcat/tomcat-connectors/native/1.1.30/binaries/tomcat-native-1.1.30-ocsp-win32-bin.zip.md5";>MD5],
-  [https://www.apache.org/dist/tomcat/tomcat-connectors/native/1.1.30/binaries/tomcat-native-1.1.30-ocsp-win32-bin.zip.sha1";>SHA1]
+  [https://www.apache.org/dist/tomcat/tomcat-connectors/native/1.1.31/binaries/tomcat-native-1.1.31-ocsp-win32-bin.zip.asc";>PGP],
+  [https://www.apache.org/dist/tomcat/tomcat-connecto

svn commit: r5786 - in /release/tomcat/tomcat-connectors/native: 1.1.30/ README.html

[markt]

Author: markt
Date: Tue Jul  8 13:26:20 2014
New Revision: 5786

Log:
Remove 1.1.30. Update latest version.

Removed:
release/tomcat/tomcat-connectors/native/1.1.30/
Modified:
release/tomcat/tomcat-connectors/native/README.html

Modified: release/tomcat/tomcat-connectors/native/README.html
==
--- release/tomcat/tomcat-connectors/native/README.html (original)
+++ release/tomcat/tomcat-connectors/native/README.html Tue Jul  8 13:26:20 2014
@@ -1,5 +1,5 @@
 The Apache Tomcat Native
 
-Current release version is 1.1.30.
+Current release version is 1.1.31.
 
 



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[ANN] Apache Tomcat Native 1.1.31 released

[Mark Thomas]

The Apache Tomcat team announces the immediate availability of Apache
Tomcat Native 1.1.31 stable.

Please refer to the change log for the list of changes:
http://tomcat.apache.org/native-doc/miscellaneous/changelog.html

Downloads:
http://tomcat.apache.org/download-native.cgi

The Apache Tomcat Native Library provides portable API for features
not found in contemporary JDK's. It uses Apache Portable Runtime as
operating system abstraction layer and OpenSSL for SSL networking and
allows optimal performance in production environments.


Thank you,
-- 
The Apache Tomcat Team

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: Working tc native build

[Christopher Schultz]

Mark,

On 7/7/14, 11:31 AM, Mark Thomas wrote:
> On 07/07/2014 14:48, Christopher Schultz wrote:
>> Mark,
>>
>> On 7/1/14, 11:44 AM, Mark Thomas wrote:
>>> On 01/07/2014 16:04, Mark Thomas wrote:
 With some additional information from Mladen regrading the
 build tools to use, I now have a working build environment for
 the Tomcat Native connector binaries. This is documented at: 
 http://wiki.apache.org/tomcat/BuildTcNativeWin
>>>
>>> (excluding a working I64 build that I am still looking at)
>>
>> I just glanced through the current contents of BuildTcNativeWin on
>> the wiki, and I can still see this comment:
>>
 IA64 OpenSSL build failed. Commenting out destest from
 ms\nt.mak
>> worked around the issue.
>>
>> The problem is that the tests require a compatible supporting 
>> architecture.
> 
> I don't believe that is the problem. I shouldn't need a supporting
> architecture to build the tests (that part that is failing), only to
> run them.

Aah, I didn't realize that building the tests was failing, not running
them. I assumed without checking that "destest" was something like
"destination test" and therefore would require e.g. IA64 to be runnable.
Sorry for the noise.

>> That is, if you cross-compile to IA64 then try to run the tests,
>> the tests will fail because you are running on x86_84 and IA64 is 
>> not available. The same thing will happen if you try to build/test
>> on ia32: you can produce x86_64 binaries, but you will be unable to
>> test them.
> 
> Agreed.
> 
>> Therefore, it would be safest to specify in the instructions that
>> either x86_64 or IA64 should be used for the build -- that way, at
>> least one of the 64-bit architectures can be tested along with the
>> 32-bit one. It's also worth mentioning that a 32-bit environment
>> would need to comment-out *all* the 64-bit tests, and not just the
>> IA64 ones.
> 
> I don't believe any of the tests are specifically 32-bit or 64-bit.

The OpenSSL docs (INSTALL.W64) specifically say that to test the builds,
you must test on the target platform:

"
Naturally test-suite itself has to be executed on the target platform.
"

>> Thanks for continuing to work on this, Mark. I'm glad you've been
>> able to remove Cygwin as a requirement... looking at your initial
>> build instructions seemed overly complicated -- or at least had
>> many more requirements than strictly necessary. I'm not sure how
>> much of Mladen's magic environment is strictly necessary, either: I
>> think a lot of it could be put into scripts that ship with the
>> tcnative source distribution.
> 
> Keep in mind that these are build instructions for a completely clean
> OS install so there are a number of tools lists that I would normally
> expect to be present on a developers machine.

Right. Both of us are trying to come up with instructions that anyone --
even someone without an existing dev environment -- can follow.

> In terms of how much of this is necessary, experience suggests that
> most of it is required to avoid having to install a Visual C Runtime
> distribution. If you are prepared to do that (or more specifically
> prepared to make your users do that) then yes, this could get a lot
> simpler. Personally, I'm in favour of making the release manager jump
> through a few hoops rather than making our users jump through hoops.

Agreed, though it would be nice if the procedure could be performed by
end users as well.

>> I am still going to continue to work on getting all this stuff to
>> build using Microsoft Visual Studio Express: it should be possible
>> to do, and I *have* been able to get a 32-bit build working. But
>> these days, I think not having a 64-bit build available is not a
>> practical solution, of course.
> 
> I'm not sure it is possible to build with Visual Studio Express
> without introducing a dependency on a Visual C Runtime distribution
> but if you can find a way around that issue that would be great.

Evidently, the packages that I have installed do not include
depends.exe. A quick Google search yields this tool:
http://www.dependencywalker.com/

I'll rebuild the 32-bit version (which I can do reliably) and see what
the dependencies are.

Thanks,
-chris



signature.asc
Description: OpenPGP digital signature

KEYS file for TC-Native release

[Konstantin Kolinko]

Hi!

http://tomcat.apache.org/download-native.cgi

-> Verify the Integrity of the Files
  ->  https://www.apache.org/dist/tomcat/tomcat-connectors/KEYS

I see Mark's old key there (2004-09), but I do not see the current one
(2009-09).

Best regards,
Konstantin Kolinko

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Using EL expressions in JMX operations (e.g. expireSession)

[Christopher Schultz]

All,

In order to help me with a few sundry operations, I've written some
crude command-line tools that use JMXProxyServlet to do my bidding.

Here's a gem:

for sessionid in `wget -qO -
'http://localhost/manager/jmxproxy?invoke=Catalina:type=Manager,context=/myapp,host=localhost&op=listSessionIds'
| sed -e "s/ /\n/g" | grep '^[0-9A-Z]\+\(\..*\)\?$' | grep -v "^OK$"` ;
do wget -qO -
"http://localhost/manager/jmxproxy?invoke=Catalina:type=Manager,context=/myapp,host=localhost&op=getSessionAttribute&ps=$sessionid,user";
; done

That dumps out all the users currently logged-in, plus a bunch of "OK -
Operation getSessionAttribute without return value" outputs.

Tweaking the above command, I can get Tomcat to give me the list of
sessions for which there is no user, for example.

Now, let's say that I want to expire all the sessions for which there is
no user. I can run the above command (with obvious modifications) and
get a list of session ids for which there are are no users, and then I
can execute /another/ call to JMXProxyServlet calling expireSession with
the id of the session.

While that sounds like fun, I wonder if there isn't a better way. I also
think this idea could be useful for other operations as well: allow the
use of an EL expression that can be used to match sessions.

For instance, one could write an EL expression that would be executed on
each session and return a true/false (or maybe just true/not-true), and
then expireSessions (plural, to distinguish it from the existing
single-session expiration operation). Something like this:

${!empty session.user && ((now - session.lastAccessedTime) > 12)}

Asking JMXProxyServlet to expire all sessions matching the above
expression would then kill any session that had no user attribute (might
have to use session.getAttribute('user')... I'm no EL expert) and was
also left unattended for 2-minutes or more.

Is there any interest in this kind of thing? Parsing (specifically) and
executing EL expressions on the fly might be a bit expensive for
administrative operations, but of course one does not need to use such
features if one does not want to.

I haven't really thought about it too much, but I suspect there would be
other situations where being able to filter objects using an EL-based
predicate might be useful.

-chris



signature.asc
Description: OpenPGP digital signature

[GUMP@vmgump]: Project tomcat-trunk-test-nio2 (in module tomcat-trunk) failed

[Bill Barker]

To whom it may engage...

This is an automated request, but not an unsolicited one. For 
more information please visit http://gump.apache.org/nagged.html, 
and/or contact the folk at gene...@gump.apache.org.

Project tomcat-trunk-test-nio2 has an issue affecting its community integration.
This issue affects 1 projects.
The current state of this project is 'Failed', with reason 'Build Failed'.
For reference only, the following projects are affected by this:
- tomcat-trunk-test-nio2 :  Tomcat 8.x, a web server implementing the Java 
Servlet 3.1,
...


Full details are available at:

http://vmgump.apache.org/gump/public/tomcat-trunk/tomcat-trunk-test-nio2/index.html

That said, some information snippets are provided here.

The following annotations (debug/informational/warning/error messages) were 
provided:
 -DEBUG- Dependency on commons-daemon exists, no need to add for property 
commons-daemon.native.src.tgz.
 -DEBUG- Dependency on commons-daemon exists, no need to add for property 
tomcat-native.tar.gz.
 -INFO- Failed with reason build failed
 -INFO- Project Reports in: 
/srv/gump/public/workspace/tomcat-trunk/output/logs-NIO2
 -INFO- Project Reports in: 
/srv/gump/public/workspace/tomcat-trunk/output/test-tmp-NIO2/logs



The following work was performed:
http://vmgump.apache.org/gump/public/tomcat-trunk/tomcat-trunk-test-nio2/gump_work/build_tomcat-trunk_tomcat-trunk-test-nio2.html
Work Name: build_tomcat-trunk_tomcat-trunk-test-nio2 (Type: Build)
Work ended in a state of : Failed
Elapsed: 25 mins 26 secs
Command Line: /usr/lib/jvm/java-7-oracle/bin/java -Djava.awt.headless=true 
-Dbuild.sysclasspath=only org.apache.tools.ant.Main 
-Dgump.merge=/srv/gump/public/gump/work/merge.xml 
-Djunit.jar=/srv/gump/public/workspace/junit/target/junit-4.12-SNAPSHOT.jar 
-Dobjenesis.jar=/srv/gump/public/workspace/objenesis/main/target/objenesis-2.2-SNAPSHOT.jar
 -Dtest.reports=output/logs-NIO2 
-Dtomcat-native.tar.gz=/srv/gump/public/workspace/apache-commons/daemon/dist/bin/commons-daemon-20140708-native-src.tar.gz
 -Dexamples.sources.skip=true 
-Djdt.jar=/srv/gump/packages/eclipse/plugins/P20140317-1600/ecj-P20140317-1600.jar
 
-Dcommons-daemon.jar=/srv/gump/public/workspace/apache-commons/daemon/dist/commons-daemon-20140708.jar
 
-Dcommons-daemon.native.src.tgz=/srv/gump/public/workspace/apache-commons/daemon/dist/bin/commons-daemon-20140708-native-src.tar.gz
 -Dtest.temp=output/test-tmp-NIO2 -Dtest.accesslog=true 
-Dexecute.test.nio=false -Dexecute.test.apr=false -Dexecute.test.bio=false 
-Dexecute.tes
 t.nio2=true 
-Deasymock.jar=/srv/gump/public/workspace/easymock/easymock/target/easymock-3.3-SNAPSHOT.jar
 
-Dhamcrest.jar=/srv/gump/public/workspace/hamcrest/hamcrest-java/build/hamcrest-core-20140708.jar
 -Dcglib.jar=/srv/gump/packages/cglib/cglib-nodep-2.2.jar test 
[Working Directory: /srv/gump/public/workspace/tomcat-trunk]
CLASSPATH: 
/usr/lib/jvm/java-7-oracle/lib/tools.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/webapps/examples/WEB-INF/classes:/srv/gump/public/workspace/tomcat-trunk/output/testclasses:/srv/gump/public/workspace/ant/dist/lib/ant.jar:/srv/gump/public/workspace/ant/dist/lib/ant-launcher.jar:/srv/gump/public/workspace/ant/dist/lib/ant-jmf.jar:/srv/gump/public/workspace/ant/dist/lib/ant-junit.jar:/srv/gump/public/workspace/ant/dist/lib/ant-junit4.jar:/srv/gump/public/workspace/ant/dist/lib/ant-swing.jar:/srv/gump/public/workspace/ant/dist/lib/ant-apache-resolver.jar:/srv/gump/public/workspace/ant/dist/lib/ant-apache-xalan2.jar:/srv/gump/public/workspace/xml-commons/java/build/resolver.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/bin/bootstrap.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/bin/tomcat-juli.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/annotations-api.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/servle
 
t-api.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/jsp-api.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/el-api.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/websocket-api.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/catalina.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/catalina-ant.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/catalina-storeconfig.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/tomcat-coyote.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/jasper.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/jasper-el.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/catalina-tribes.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/catalina-ha.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/tomcat-api.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/tomcat-jni.jar:/srv/gump/public/workspace/tomcat
 
-trunk/output/build/lib/tomcat-spdy.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/tomca

svn commit: r1608824 - in /tomcat/trunk: java/org/apache/catalina/mapper/Mapper.java webapps/docs/changelog.xml

[kkolinko]

Author: kkolinko
Date: Tue Jul  8 15:07:45 2014
New Revision: 1608824

URL: http://svn.apache.org/r1608824
Log:
Improve the fix for https://issues.apache.org/bugzilla/show_bug.cgi?id=44312
Check that addWrapper/removeWrapper, add/clear/removeWelcomeFile[s] are 
performed on the real Host, as expected by the caller.

Modified:
tomcat/trunk/java/org/apache/catalina/mapper/Mapper.java
tomcat/trunk/webapps/docs/changelog.xml

Modified: tomcat/trunk/java/org/apache/catalina/mapper/Mapper.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/mapper/Mapper.java?rev=1608824&r1=1608823&r2=1608824&view=diff
==
--- tomcat/trunk/java/org/apache/catalina/mapper/Mapper.java (original)
+++ tomcat/trunk/java/org/apache/catalina/mapper/Mapper.java Tue Jul  8 
15:07:45 2014
@@ -331,7 +331,7 @@ public final class Mapper {
 private ContextVersion findContextVersion(String hostName,
 String contextPath, String version, boolean silent) {
 MappedHost host = exactFind(hosts, hostName);
-if (host == null) {
+if (host == null || host.isAlias()) {
 if (!silent) {
 log.error("No host found: " + hostName);
 }

Modified: tomcat/trunk/webapps/docs/changelog.xml
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1608824&r1=1608823&r2=1608824&view=diff
==
--- tomcat/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/trunk/webapps/docs/changelog.xml Tue Jul  8 15:07:45 2014
@@ -50,7 +50,8 @@
   
 44312: Log an error if there is a conflict between Host and
 Alias names. Improve host management methods in Mapper
-to avoid occasionally removing a wrong host. (kkolinko)
+to avoid occasionally removing a wrong host. Check that host management
+operations are performed on the host and not on an alias. (kkolinko)
   
   
 56611: Refactor code to remove inefficient calls to



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

svn commit: r1608831 - in /tomcat/tc7.0.x/trunk: java/org/apache/tomcat/util/http/mapper/Mapper.java test/org/apache/tomcat/util/http/mapper/TestMapper.java

[kkolinko]

Author: kkolinko
Date: Tue Jul  8 15:24:51 2014
New Revision: 1608831

URL: http://svn.apache.org/r1608831
Log:
Add reference from an alias Host to its real Host.
Add list of aliases to the real Host.
Amend the test case.

This backports r1606651 r1606680 minus a pair of isAlias() checks that will be 
committed separately.

Modified:
tomcat/tc7.0.x/trunk/java/org/apache/tomcat/util/http/mapper/Mapper.java
tomcat/tc7.0.x/trunk/test/org/apache/tomcat/util/http/mapper/TestMapper.java

Modified: 
tomcat/tc7.0.x/trunk/java/org/apache/tomcat/util/http/mapper/Mapper.java
URL: 
http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/tomcat/util/http/mapper/Mapper.java?rev=1608831&r1=1608830&r2=1608831&view=diff
==
--- tomcat/tc7.0.x/trunk/java/org/apache/tomcat/util/http/mapper/Mapper.java 
(original)
+++ tomcat/tc7.0.x/trunk/java/org/apache/tomcat/util/http/mapper/Mapper.java 
Tue Jul  8 15:24:51 2014
@@ -17,6 +17,12 @@
 
 package org.apache.tomcat.util.http.mapper;
 
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.Collection;
+import java.util.List;
+import java.util.concurrent.CopyOnWriteArrayList;
+
 import javax.naming.NamingException;
 import javax.naming.directory.DirContext;
 
@@ -82,6 +88,7 @@ public final class Mapper {
  * Add a new host to the mapper.
  *
  * @param name Virtual host name
+ * @param aliases Alias names for the virtual host
  * @param host Host object
  */
 public synchronized void addHost(String name, String[] aliases,
@@ -97,9 +104,14 @@ public final class Mapper {
 // Do not add aliases, as removeHost(hostName) won't be able to 
remove them
 return;
 }
+List newAliases = new ArrayList(aliases.length);
 for (String alias : aliases) {
-addHostAliasImpl(alias, newHost);
+Host newAlias = new Host(alias, newHost);
+if (addHostAliasImpl(newAlias)) {
+newAliases.add(newAlias);
+}
 }
+newHost.addAliases(newAliases);
 }
 
 
@@ -114,21 +126,15 @@ public final class Mapper {
 if (host == null || host.isAlias()) {
 return;
 }
-Object catalinaHost = host.object;
-Host[] newHosts = new Host[hosts.length - 1];
-if (removeMap(hosts, newHosts, name)) {
-hosts = newHosts;
-
-// Remove all aliases (they will map to the same host object)
-for (int i = 0; i < newHosts.length; i++) {
-if (newHosts[i].object == catalinaHost) {
-Host[] newHosts2 = new Host[hosts.length - 1];
-if (removeMap(hosts, newHosts2, newHosts[i].name)) {
-hosts = newHosts2;
-}
-}
+Host[] newHosts = hosts.clone();
+// Remove real host and all its aliases
+int j = 0;
+for (int i = 0; i < newHosts.length; i++) {
+if (newHosts[i].getRealHost() != host) {
+newHosts[j++] = newHosts[i];
 }
 }
+hosts = Arrays.copyOf(newHosts, j);
 }
 
 /**
@@ -143,24 +149,28 @@ public final class Mapper {
 // just in case...
 return;
 }
-addHostAliasImpl(alias, realHost);
+Host newAlias = new Host(alias, realHost);
+if (addHostAliasImpl(newAlias)) {
+realHost.addAlias(newAlias);
+}
 }
 
-private void addHostAliasImpl(String alias, Host realHost) {
-Host newHost = new Host(alias, realHost);
+private boolean addHostAliasImpl(Host newAlias) {
 Host[] newHosts = new Host[hosts.length + 1];
-if (insertMap(hosts, newHosts, newHost)) {
+if (insertMap(hosts, newHosts, newAlias)) {
 hosts = newHosts;
+return true;
 } else {
-Host duplicate = hosts[find(hosts, alias)];
-if (duplicate.object == realHost.object) {
+Host duplicate = hosts[find(hosts, newAlias.name)];
+if (duplicate.getRealHost() == newAlias.getRealHost()) {
 // A duplicate Alias for the same Host.
 // A harmless redundancy. E.g.
 // localhost
-return;
+return false;
 }
-log.error(sm.getString("mapper.duplicateHostAlias", alias,
-realHost.getRealHostName(), duplicate.getRealHostName()));
+log.error(sm.getString("mapper.duplicateHostAlias", newAlias.name,
+newAlias.getRealHostName(), duplicate.getRealHostName()));
+return false;
 }
 }
 
@@ -177,6 +187,7 @@ public final class Mapper {
 Host[] newHosts = new Host[hosts.length - 1];
 if (removeMap(hosts, newHosts, alias)) {
 hosts = newHosts;
+host.getRealHost().removeAlias(host)

svn commit: r1608832 - /tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml

[kkolinko]

Author: kkolinko
Date: Tue Jul  8 15:37:07 2014
New Revision: 1608832

URL: http://svn.apache.org/r1608832
Log:
Add missing colon.

Modified:
tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml

Modified: tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml
URL: 
http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml?rev=1608832&r1=1608831&r2=1608832&view=diff
==
--- tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml Tue Jul  8 15:37:07 2014
@@ -258,7 +258,7 @@
 work correctly on Solaris. Based on a suggesiton by lfuka. (markt)
   
   
-56596 Update to Tomcat Native Library version 1.1.31 to pick
+56596: Update to Tomcat Native Library version 1.1.31 to 
pick
 up the Windows binaries that are based on OpenSSL 1.0.1h. (markt)
   
 



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: Working tc native build

[Christopher Schultz]

Mark,

On 7/8/14, 9:58 AM, Christopher Schultz wrote:
> Mark,
> 
> On 7/7/14, 11:31 AM, Mark Thomas wrote:
>> On 07/07/2014 14:48, Christopher Schultz wrote:
>>> Mark,
>>>
>>> On 7/1/14, 11:44 AM, Mark Thomas wrote:
 On 01/07/2014 16:04, Mark Thomas wrote:
> With some additional information from Mladen regrading the
> build tools to use, I now have a working build environment for
> the Tomcat Native connector binaries. This is documented at: 
> http://wiki.apache.org/tomcat/BuildTcNativeWin

 (excluding a working I64 build that I am still looking at)
>>>
>>> I just glanced through the current contents of BuildTcNativeWin on
>>> the wiki, and I can still see this comment:
>>>
> IA64 OpenSSL build failed. Commenting out destest from
> ms\nt.mak
>>> worked around the issue.
>>>
>>> The problem is that the tests require a compatible supporting 
>>> architecture.
>>
>> I don't believe that is the problem. I shouldn't need a supporting
>> architecture to build the tests (that part that is failing), only to
>> run them.
> 
> Aah, I didn't realize that building the tests was failing, not running
> them. I assumed without checking that "destest" was something like
> "destination test" and therefore would require e.g. IA64 to be runnable.
> Sorry for the noise.
> 
>>> That is, if you cross-compile to IA64 then try to run the tests,
>>> the tests will fail because you are running on x86_84 and IA64 is 
>>> not available. The same thing will happen if you try to build/test
>>> on ia32: you can produce x86_64 binaries, but you will be unable to
>>> test them.
>>
>> Agreed.
>>
>>> Therefore, it would be safest to specify in the instructions that
>>> either x86_64 or IA64 should be used for the build -- that way, at
>>> least one of the 64-bit architectures can be tested along with the
>>> 32-bit one. It's also worth mentioning that a 32-bit environment
>>> would need to comment-out *all* the 64-bit tests, and not just the
>>> IA64 ones.
>>
>> I don't believe any of the tests are specifically 32-bit or 64-bit.
> 
> The OpenSSL docs (INSTALL.W64) specifically say that to test the builds,
> you must test on the target platform:
> 
> "
> Naturally test-suite itself has to be executed on the target platform.
> "
> 
>>> Thanks for continuing to work on this, Mark. I'm glad you've been
>>> able to remove Cygwin as a requirement... looking at your initial
>>> build instructions seemed overly complicated -- or at least had
>>> many more requirements than strictly necessary. I'm not sure how
>>> much of Mladen's magic environment is strictly necessary, either: I
>>> think a lot of it could be put into scripts that ship with the
>>> tcnative source distribution.
>>
>> Keep in mind that these are build instructions for a completely clean
>> OS install so there are a number of tools lists that I would normally
>> expect to be present on a developers machine.
> 
> Right. Both of us are trying to come up with instructions that anyone --
> even someone without an existing dev environment -- can follow.
> 
>> In terms of how much of this is necessary, experience suggests that
>> most of it is required to avoid having to install a Visual C Runtime
>> distribution. If you are prepared to do that (or more specifically
>> prepared to make your users do that) then yes, this could get a lot
>> simpler. Personally, I'm in favour of making the release manager jump
>> through a few hoops rather than making our users jump through hoops.
> 
> Agreed, though it would be nice if the procedure could be performed by
> end users as well.
> 
>>> I am still going to continue to work on getting all this stuff to
>>> build using Microsoft Visual Studio Express: it should be possible
>>> to do, and I *have* been able to get a 32-bit build working. But
>>> these days, I think not having a 64-bit build available is not a
>>> practical solution, of course.
>>
>> I'm not sure it is possible to build with Visual Studio Express
>> without introducing a dependency on a Visual C Runtime distribution
>> but if you can find a way around that issue that would be great.
> 
> Evidently, the packages that I have installed do not include
> depends.exe. A quick Google search yields this tool:
> http://www.dependencywalker.com/
> 
> I'll rebuild the 32-bit version (which I can do reliably) and see what
> the dependencies are.

Evidently, the VS Express 2013 package can't build due to some odd bugs
described here:
http://markmail.org/thread/b7ze2fyrqyr6fb7i

I had to install the "Platform SDK" and was able to produce a 32-bit
binary again. I'll have to rollback my VM and see if I can build with
the SDK (which includes VS2010, evidently) only, to simplify things.

Anyway, here's what the above tool says tcnative-1.dll requires in terms
of direct dependencies:

- USER32.dll
- PSAPI.dll
- SHLWAPI.dll
- KERNEL32.dll
- ADVAPI32.dll
- WS2_32.dll
- MSWSOCK.dll
- MSVCR100.dll

Is that last one the one you were concerned about?

If so, what's the p

svn commit: r1608833 - in /tomcat/tc7.0.x/trunk: java/org/apache/tomcat/util/http/mapper/Mapper.java webapps/docs/changelog.xml

[kkolinko]

Author: kkolinko
Date: Tue Jul  8 15:43:21 2014
New Revision: 1608833

URL: http://svn.apache.org/r1608833
Log:
Improve the fix for https://issues.apache.org/bugzilla/show_bug.cgi?id=44312
Check that addContextVersion/removeContextVersion, addWrapper/removeWrapper, 
add/clear/removeWelcomeFile[s] are performed on the real Host, as expected by 
the caller.

This backports the checks from r1606680 and r1608824.

Modified:
tomcat/tc7.0.x/trunk/java/org/apache/tomcat/util/http/mapper/Mapper.java
tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml

Modified: 
tomcat/tc7.0.x/trunk/java/org/apache/tomcat/util/http/mapper/Mapper.java
URL: 
http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/tomcat/util/http/mapper/Mapper.java?rev=1608833&r1=1608832&r2=1608833&view=diff
==
--- tomcat/tc7.0.x/trunk/java/org/apache/tomcat/util/http/mapper/Mapper.java 
(original)
+++ tomcat/tc7.0.x/trunk/java/org/apache/tomcat/util/http/mapper/Mapper.java 
Tue Jul  8 15:43:21 2014
@@ -231,6 +231,10 @@ public final class Mapper {
 return;
 }
 }
+if (mappedHost.isAlias()) {
+log.error("No host found: " + hostName);
+return;
+}
 int slashCount = slashCount(path);
 synchronized (mappedHost) {
 Context[] contexts = mappedHost.contextList.contexts;
@@ -276,7 +280,7 @@ public final class Mapper {
 public void removeContextVersion(String hostName, String path,
 String version) {
 Host host = exactFind(hosts, hostName);
-if (host == null) {
+if (host == null || host.isAlias()) {
 return;
 }
 synchronized (host) {
@@ -312,22 +316,40 @@ public final class Mapper {
 }
 
 
-public void addWrapper(String hostName, String contextPath, String version,
-   String path, Object wrapper, boolean jspWildCard,
-   boolean resourceOnly) {
+private ContextVersion findContextVersion(String hostName,
+String contextPath, String version, boolean silent) {
 Host host = exactFind(hosts, hostName);
-if (host == null) {
-return;
+if (host == null || host.isAlias()) {
+if (!silent) {
+log.error("No host found: " + hostName);
+}
+return null;
 }
 Context context = exactFind(host.contextList.contexts, contextPath);
 if (context == null) {
-log.error("No context found: " + contextPath);
-return;
+if (!silent) {
+log.error("No context found: " + contextPath);
+}
+return null;
 }
 ContextVersion contextVersion = exactFind(context.versions, version);
 if (contextVersion == null) {
-log.error("No context version found: " + contextPath + " "
-+ version);
+if (!silent) {
+log.error("No context version found: " + contextPath + " "
++ version);
+}
+return null;
+}
+return contextVersion;
+}
+
+
+public void addWrapper(String hostName, String contextPath, String version,
+   String path, Object wrapper, boolean jspWildCard,
+   boolean resourceOnly) {
+ContextVersion contextVersion = findContextVersion(hostName,
+contextPath, version, false);
+if (contextVersion == null) {
 return;
 }
 addWrapper(contextVersion, path, wrapper, jspWildCard, resourceOnly);
@@ -428,15 +450,8 @@ public final class Mapper {
  */
 public void removeWrapper(String hostName, String contextPath,
 String version, String path) {
-Host host = exactFind(hosts, hostName);
-if (host == null) {
-return;
-}
-Context context = exactFind(host.contextList.contexts, contextPath);
-if (context == null) {
-return;
-}
-ContextVersion contextVersion = exactFind(context.versions, version);
+ContextVersion contextVersion = findContextVersion(hostName,
+contextPath, version, true);
 if (contextVersion == null) {
 return;
 }
@@ -518,19 +533,9 @@ public final class Mapper {
  */
 public void addWelcomeFile(String hostName, String contextPath,
 String version, String welcomeFile) {
-Host host = exactFind(hosts, hostName);
-if (host == null) {
-return;
-}
-Context context = exactFind(host.contextList.contexts, contextPath);
-if (context == null) {
-log.error("No context found: " + contextPath);
-return;
-}
-ContextVersion contextVersion = exactFind(context.versions, version);
+Context

svn commit: r1608835 - /tomcat/tc6.0.x/trunk/STATUS.txt

[kkolinko]

Author: kkolinko
Date: Tue Jul  8 15:56:56 2014
New Revision: 1608835

URL: http://svn.apache.org/r1608835
Log:
Note what additional commits have to be backported to amend the fix for BZ 
44312.

I would have to update the patch.

Modified:
tomcat/tc6.0.x/trunk/STATUS.txt

Modified: tomcat/tc6.0.x/trunk/STATUS.txt
URL: 
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/STATUS.txt?rev=1608835&r1=1608834&r2=1608835&view=diff
==
--- tomcat/tc6.0.x/trunk/STATUS.txt (original)
+++ tomcat/tc6.0.x/trunk/STATUS.txt Tue Jul  8 15:56:56 2014
@@ -56,15 +56,6 @@ PATCHES PROPOSED TO BACKPORT:
   +1: kkolinko
   -1:
 
-* Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=44312
-  Log an error if there is a conflict between Host and Alias names.
-  Improve host management methods in Mapper to avoid occasionally removing
-  a wrong host.
-  1) https://issues.apache.org/bugzilla/attachment.cgi?id=31744
-  2) http://svn.apache.org/r1608653
-  +1: kkolinko
-  -1:
-
 * Fix generics warnings in Mapper.
   It is just some local variables. No change in functionality or APIs.
   
https://people.apache.org/~kkolinko/patches/2014-06-23_tc6_Mapper_generics.patch
@@ -74,4 +65,16 @@ PATCHES PROPOSED TO BACKPORT:
 
 PATCHES/ISSUES THAT ARE STALLED:
 
-None
+* Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=44312
+  Log an error if there is a conflict between Host and Alias names.
+  Improve host management methods in Mapper to avoid occasionally removing
+  a wrong host. Check that host management operations are performed on
+  the host and not on an alias.
+  1) https://issues.apache.org/bugzilla/attachment.cgi?id=31744
+  2) http://svn.apache.org/r1608653
+  3) http://svn.apache.org/r1608833
+  4) TestMapper changes from http://svn.apache.org/r1608831
+  +1: kkolinko
+  -1:
+   kkolinko: Good for occasional review, but as backporting r1608833 won't
+   be trivial I'd have to update the patch.



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 56704] New: Support OpenSSL syntax for cipher suite in JSSE connectors

[bugzilla]

https://issues.apache.org/bugzilla/show_bug.cgi?id=56704

Bug ID: 56704
   Summary: Support OpenSSL syntax for cipher suite in JSSE
connectors
   Product: Tomcat 8
   Version: trunk
  Hardware: PC
OS: All
Status: NEW
  Severity: enhancement
  Priority: P2
 Component: Connectors
  Assignee: dev@tomcat.apache.org
  Reporter: r...@apache.org

Benefits:
- allows using the same value for both native and JSSE
- makes it easy to define safe default or custom cipher suites

-- 
You are receiving this mail because:
You are the assignee for the bug.

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: Working tc native build

[Mark Thomas]

On 08/07/2014 16:39, Christopher Schultz wrote:

> Anyway, here's what the above tool says tcnative-1.dll requires in
> terms of direct dependencies:
> 
> - USER32.dll - PSAPI.dll - SHLWAPI.dll - KERNEL32.dll -
> ADVAPI32.dll - WS2_32.dll - MSWSOCK.dll - MSVCR100.dll
> 
> Is that last one the one you were concerned about?

Yes.

> If so, what's the procedure for statically-linking that library
> into tcnative ... or, better yet, why is that library not necessary
> when using MSVS 2006 or whatever?

Using VS6 or Mladen's toolkit, it builds against msvcrt.dll which is
part of the base OS.

For reasons I haven't dug into, later versions of Visual Studio build
upon a newer version of that library and despite quite a lot of
searching I haven't found a way to make later versions of Visual
Studio build against the older dll.

> I checked, and the openssl.exe binary that was built also requires
> that same library (specifically, MSVCR100.dll).

Yeah, I'd expect that.

Mark


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

svn commit: r1608840 [2/2] - in /tomcat/trunk: java/org/apache/tomcat/util/net/jsse/ java/org/apache/tomcat/util/net/jsse/openssl/ java/org/apache/tomcat/util/net/jsse/res/ webapps/docs/

[remm]

Added: 
tomcat/trunk/java/org/apache/tomcat/util/net/jsse/openssl/OpenSSLCipherConfigurationParser.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/net/jsse/openssl/OpenSSLCipherConfigurationParser.java?rev=1608840&view=auto
==
--- 
tomcat/trunk/java/org/apache/tomcat/util/net/jsse/openssl/OpenSSLCipherConfigurationParser.java
 (added)
+++ 
tomcat/trunk/java/org/apache/tomcat/util/net/jsse/openssl/OpenSSLCipherConfigurationParser.java
 Tue Jul  8 16:20:54 2014
@@ -0,0 +1,684 @@
+/*
+ *  Licensed to the Apache Software Foundation (ASF) under one or more
+ *  contributor license agreements.  See the NOTICE file distributed with
+ *  this work for additional information regarding copyright ownership.
+ *  The ASF licenses this file to You under the Apache License, Version 2.0
+ *  (the "License"); you may not use this file except in compliance with
+ *  the License.  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+
+package org.apache.tomcat.util.net.jsse.openssl;
+
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.Collection;
+import java.util.Collections;
+import java.util.HashSet;
+import java.util.LinkedHashMap;
+import java.util.LinkedHashSet;
+import java.util.List;
+import java.util.Map;
+import java.util.Set;
+
+import org.apache.tomcat.util.res.StringManager;
+
+/**
+ * Class in charge with parsing openSSL expressions to define a list of 
ciphers.
+ */
+public class OpenSSLCipherConfigurationParser {
+
+private static final org.apache.juli.logging.Log log =
+
org.apache.juli.logging.LogFactory.getLog(OpenSSLCipherConfigurationParser.class);
+private static final StringManager sm =
+StringManager.getManager("org.apache.tomcat.util.net.jsse.res");
+
+/**
+ * System property key to define the DEFAULT ciphers.
+ */
+public static final String DEFAULT_EXPRESSION_KEY = 
"openssl.default.ciphers";
+
+private static boolean initialized = false;
+
+private static final String SEPARATOR = ":|,| ";
+/**
+ * If ! is used then the ciphers are permanently deleted from the list. 
The ciphers deleted can never reappear in the list
+ * even if they are explicitly stated.
+ */
+private final static String EXCLUDE = "!";
+/**
+ * If - is used then the ciphers are deleted from the list, but some or 
all of the ciphers can be added again by later
+ * options.
+ */
+private static final String DELETE = "-";
+/**
+ * If + is used then the ciphers are moved to the end of the list. This 
option doesn't add any new ciphers it just moves
+ * matching existing ones.
+ */
+private static final String TO_END = "+";
+ /**
+ * Lists of cipher suites can be combined in a single cipher string using 
the + character. 
+ * This is used as a logical and operation. 
+ * For example SHA1+DES represents all cipher suites containing the SHA1 
and the DES algorithms. 
+ */
+private static final String AND = "+";
+/**
+ * All ciphers by their openssl alias name.
+ */
+private static final Map> aliases = new 
LinkedHashMap>();
+
+/**
+ * the 'NULL' ciphers that is those offering no encryption. Because these 
offer no encryption at all and are a security risk
+ * they are disabled unless explicitly included.
+ */
+private static final String eNULL = "eNULL";
+/**
+ * The cipher suites offering no authentication. This is currently the 
anonymous DH algorithms. T These cipher suites are
+ * vulnerable to a 'man in the middle' attack and so their use is normally 
discouraged.
+ */
+private static final String aNULL = "aNULL";
+
+/**
+ * 'high' encryption cipher suites. This currently means those with key 
lengths larger than 128 bits, and some cipher suites
+ * with 128-bit keys.
+ */
+private static final String HIGH = "HIGH";
+/**
+ * 'medium' encryption cipher suites, currently some of those using 128 
bit encryption.
+ */
+private static final String MEDIUM = "MEDIUM";
+/**
+ * 'low' encryption cipher suites, currently those using 64 or 56 bit 
encryption algorithms but excluding export cipher
+ * suites.
+ */
+private static final String LOW = "LOW";
+/**
+ * Export encryption algorithms. Including 40 and 56 bits algorithms.
+ */
+private static final String EXPORT = "EXPORT";
+/**
+ * 40 bit export encryption algorithms.
+ */
+private static final Strin

[Bug 56704] Support OpenSSL syntax for cipher suite in JSSE connectors

[bugzilla]

https://issues.apache.org/bugzilla/show_bug.cgi?id=56704

Remy Maucherat  changed:

   What|Removed |Added

 Status|NEW |RESOLVED
 Resolution|--- |FIXED

--- Comment #1 from Remy Maucherat  ---
Comitted as r1608840. Code submitted by Emmanuel Hugonnet and included in
Tomcat 8.0.10+.

-- 
You are receiving this mail because:
You are the assignee for the bug.

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 50604] Incorrect dependency in jasper.pom for eclipse ecj

[bugzilla]

https://issues.apache.org/bugzilla/show_bug.cgi?id=50604

James Childers  changed:

   What|Removed |Added

 CC||james.child...@gmail.com

-- 
You are receiving this mail because:
You are the assignee for the bug.

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: Using EL expressions in JMX operations (e.g. expireSession)

[Mark Thomas]

On 08/07/2014 15:28, Christopher Schultz wrote:
> All,
> 
> In order to help me with a few sundry operations, I've written
> some crude command-line tools that use JMXProxyServlet to do my
> bidding.
> 
> Here's a gem:
> 
> for sessionid in `wget -qO - 
> 'http://localhost/manager/jmxproxy?invoke=Catalina:type=Manager,context=/myapp,host=localhost&op=listSessionIds'
>
> 
| sed -e "s/ /\n/g" | grep '^[0-9A-Z]\+\(\..*\)\?$' | grep -v "^OK$"` ;
> do wget -qO - 
> "http://localhost/manager/jmxproxy?invoke=Catalina:type=Manager,context=/myapp,host=localhost&op=getSessionAttribute&ps=$sessionid,user";
>
> 
; done
> 
> That dumps out all the users currently logged-in, plus a bunch of
> "OK - Operation getSessionAttribute without return value" outputs.
> 
> Tweaking the above command, I can get Tomcat to give me the list
> of sessions for which there is no user, for example.
> 
> Now, let's say that I want to expire all the sessions for which
> there is no user. I can run the above command (with obvious
> modifications) and get a list of session ids for which there are
> are no users, and then I can execute /another/ call to
> JMXProxyServlet calling expireSession with the id of the session.
> 
> While that sounds like fun, I wonder if there isn't a better way. I
> also think this idea could be useful for other operations as well:
> allow the use of an EL expression that can be used to match
> sessions.
> 
> For instance, one could write an EL expression that would be
> executed on each session and return a true/false (or maybe just
> true/not-true), and then expireSessions (plural, to distinguish it
> from the existing single-session expiration operation). Something
> like this:
> 
> ${!empty session.user && ((now - session.lastAccessedTime) >
> 12)}
> 
> Asking JMXProxyServlet to expire all sessions matching the above 
> expression would then kill any session that had no user attribute
> (might have to use session.getAttribute('user')... I'm no EL
> expert) and was also left unattended for 2-minutes or more.
> 
> Is there any interest in this kind of thing? Parsing (specifically)
> and executing EL expressions on the fly might be a bit expensive
> for administrative operations, but of course one does not need to
> use such features if one does not want to.
> 
> I haven't really thought about it too much, but I suspect there
> would be other situations where being able to filter objects using
> an EL-based predicate might be useful.

Executing arbitrary user provided EL expressions often creates all
sorts of security problems.

My concern is that the complexity of implementing this securely may
outweigh the benefit it brings.

Mark


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: svn commit: r1608840 [1/2] - in /tomcat/trunk: java/org/apache/tomcat/util/net/jsse/ java/org/apache/tomcat/util/net/jsse/openssl/ java/org/apache/tomcat/util/net/jsse/res/ webapps/docs/

[Mark Thomas]

On 08/07/2014 17:20, r...@apache.org wrote:
> Author: remm
> Date: Tue Jul  8 16:20:54 2014
> New Revision: 1608840
> 
> URL: http://svn.apache.org/r1608840
> Log:
> Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=56704
> Add OpenSSL cipher suite parser for JSSE. It allows using the same value for 
> both native and JSSE, and makes it easy to define safe default or custom 
> cipher suites.
> Code submitted by Emmanuel Hugonnet.

+1 to the general idea.

One comment:
The docs need updating.

One question:
How do we ensure that we keep this list of ciphers in sync with what is
available in OpenSSL and JSSE?

Mark

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

svn commit: r1608941 - /tomcat/trunk/java/org/apache/tomcat/util/net/jsse/openssl/OpenSSLCipherConfigurationParser.java

[markt]

Author: markt
Date: Tue Jul  8 20:29:55 2014
New Revision: 1608941

URL: http://svn.apache.org/r1608941
Log:
Fix warnings

Modified:

tomcat/trunk/java/org/apache/tomcat/util/net/jsse/openssl/OpenSSLCipherConfigurationParser.java

Modified: 
tomcat/trunk/java/org/apache/tomcat/util/net/jsse/openssl/OpenSSLCipherConfigurationParser.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/net/jsse/openssl/OpenSSLCipherConfigurationParser.java?rev=1608941&r1=1608940&r2=1608941&view=diff
==
--- 
tomcat/trunk/java/org/apache/tomcat/util/net/jsse/openssl/OpenSSLCipherConfigurationParser.java
 (original)
+++ 
tomcat/trunk/java/org/apache/tomcat/util/net/jsse/openssl/OpenSSLCipherConfigurationParser.java
 Tue Jul  8 20:29:55 2014
@@ -64,15 +64,15 @@ public class OpenSSLCipherConfigurationP
  */
 private static final String TO_END = "+";
  /**
- * Lists of cipher suites can be combined in a single cipher string using 
the + character. 
- * This is used as a logical and operation. 
- * For example SHA1+DES represents all cipher suites containing the SHA1 
and the DES algorithms. 
+ * Lists of cipher suites can be combined in a single cipher string using 
the + character.
+ * This is used as a logical and operation.
+ * For example SHA1+DES represents all cipher suites containing the SHA1 
and the DES algorithms.
  */
 private static final String AND = "+";
 /**
  * All ciphers by their openssl alias name.
  */
-private static final Map> aliases = new 
LinkedHashMap>();
+private static final Map> aliases = new 
LinkedHashMap<>();
 
 /**
  * the 'NULL' ciphers that is those offering no encryption. Because these 
offer no encryption at all and are a security risk
@@ -366,7 +366,7 @@ public class OpenSSLCipherConfigurationP
 if (aliases.containsKey(alias)) {
 aliases.get(alias).add(cipher);
 } else {
-List list = new ArrayList();
+List list = new ArrayList<>();
 list.add(cipher);
 aliases.put(alias, list);
 }
@@ -374,12 +374,12 @@ public class OpenSSLCipherConfigurationP
 }
 List allCiphers = Arrays.asList(Ciphers.values());
 Collections.reverse(allCiphers);
-LinkedHashSet all = defaultSort(new 
LinkedHashSet(allCiphers));
+LinkedHashSet all = defaultSort(new 
LinkedHashSet<>(allCiphers));
 addListAlias(ALL, all);
 addListAlias(HIGH, filterByEncryptionLevel(all, 
Collections.singleton(EncryptionLevel.HIGH)));
 addListAlias(MEDIUM, filterByEncryptionLevel(all, 
Collections.singleton(EncryptionLevel.MEDIUM)));
 addListAlias(LOW, filterByEncryptionLevel(all, 
Collections.singleton(EncryptionLevel.LOW)));
-addListAlias(EXPORT, filterByEncryptionLevel(all, new 
HashSet(Arrays.asList(EncryptionLevel.EXP40, 
EncryptionLevel.EXP56;
+addListAlias(EXPORT, filterByEncryptionLevel(all, new 
HashSet<>(Arrays.asList(EncryptionLevel.EXP40, EncryptionLevel.EXP56;
 aliases.put("EXP", aliases.get(EXPORT));
 addListAlias(EXPORT40, filterByEncryptionLevel(all, 
Collections.singleton(EncryptionLevel.EXP40)));
 addListAlias(EXPORT56, filterByEncryptionLevel(all, 
Collections.singleton(EncryptionLevel.EXP56)));
@@ -398,11 +398,11 @@ public class OpenSSLCipherConfigurationP
 addListAlias(DHE, edh);
 addListAlias(kDHr, filterByKeyExchange(all, 
Collections.singleton(KeyExchange.DHr)));
 addListAlias(kDHd, filterByKeyExchange(all, 
Collections.singleton(KeyExchange.DHd)));
-addListAlias(kDH, filterByKeyExchange(all, new 
HashSet(Arrays.asList(KeyExchange.DHr, KeyExchange.DHd;
+addListAlias(kDH, filterByKeyExchange(all, new 
HashSet<>(Arrays.asList(KeyExchange.DHr, KeyExchange.DHd;
 
 addListAlias(kECDHr, filterByKeyExchange(all, 
Collections.singleton(KeyExchange.ECDHr)));
 addListAlias(kECDHe, filterByKeyExchange(all, 
Collections.singleton(KeyExchange.ECDHe)));
-addListAlias(kECDH, filterByKeyExchange(all, new 
HashSet(Arrays.asList(KeyExchange.ECDHe, KeyExchange.ECDHr;
+addListAlias(kECDH, filterByKeyExchange(all, new 
HashSet<>(Arrays.asList(KeyExchange.ECDHe, KeyExchange.ECDHr;
 aliases.put(ECDH, aliases.get(kECDH));
 addListAlias(kECDHE, filterByKeyExchange(all, 
Collections.singleton(KeyExchange.ECDHe)));
 aliases.put(ECDHE, aliases.get(kECDHE));
@@ -411,7 +411,7 @@ public class OpenSSLCipherConfigurationP
 addListAlias(aDSS, filterByAuthentication(all, 
Collections.singleton(Authentication.DSS)));
 aliases.put("DSS", aliases.get(aDSS));
 addListAlias(aDH, filterByAuthentication(all, 
Collections.singleton(Authentication.DH)));
-Set aecdh = filterByKeyExchange(all, new 
HashSet(Arrays.asList(K

[Bug 56684] java7: java.net.SocketTimeoutException: Accept timed out

[bugzilla]

https://issues.apache.org/bugzilla/show_bug.cgi?id=56684

--- Comment #8 from Mark Thomas  ---
Note that the protection and debug info is going to go into Tomcat 8. It would
help a lot if you could upgrade at least one system experiencing this error to
Tomcat 8.

-- 
You are receiving this mail because:
You are the assignee for the bug.

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

svn commit: r1608962 - /tomcat/trunk/java/org/apache/tomcat/util/net/jsse/openssl/OpenSSLCipherConfigurationParser.java

[markt]

Author: markt
Date: Tue Jul  8 22:01:30 2014
New Revision: 1608962

URL: http://svn.apache.org/r1608962
Log:
Checkstyle

Modified:

tomcat/trunk/java/org/apache/tomcat/util/net/jsse/openssl/OpenSSLCipherConfigurationParser.java

Modified: 
tomcat/trunk/java/org/apache/tomcat/util/net/jsse/openssl/OpenSSLCipherConfigurationParser.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/net/jsse/openssl/OpenSSLCipherConfigurationParser.java?rev=1608962&r1=1608961&r2=1608962&view=diff
==
--- 
tomcat/trunk/java/org/apache/tomcat/util/net/jsse/openssl/OpenSSLCipherConfigurationParser.java
 (original)
+++ 
tomcat/trunk/java/org/apache/tomcat/util/net/jsse/openssl/OpenSSLCipherConfigurationParser.java
 Tue Jul  8 22:01:30 2014
@@ -52,7 +52,7 @@ public class OpenSSLCipherConfigurationP
  * If ! is used then the ciphers are permanently deleted from the list. 
The ciphers deleted can never reappear in the list
  * even if they are explicitly stated.
  */
-private final static String EXCLUDE = "!";
+private static final String EXCLUDE = "!";
 /**
  * If - is used then the ciphers are deleted from the list, but some or 
all of the ciphers can be added again by later
  * options.



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

svn commit: r1608963 - in /tomcat/trunk: java/org/apache/catalina/core/LocalStrings.properties java/org/apache/catalina/core/StandardServer.java webapps/docs/changelog.xml

[markt]

Author: markt
Date: Tue Jul  8 22:08:26 2014
New Revision: 1608963

URL: http://svn.apache.org/r1608963
Log:
Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=56684
Add a workaround for a bug that should never happen along with some basic debug 
logging.

Modified:
tomcat/trunk/java/org/apache/catalina/core/LocalStrings.properties
tomcat/trunk/java/org/apache/catalina/core/StandardServer.java
tomcat/trunk/webapps/docs/changelog.xml

Modified: tomcat/trunk/java/org/apache/catalina/core/LocalStrings.properties
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/core/LocalStrings.properties?rev=1608963&r1=1608962&r2=1608963&view=diff
==
--- tomcat/trunk/java/org/apache/catalina/core/LocalStrings.properties 
(original)
+++ tomcat/trunk/java/org/apache/catalina/core/LocalStrings.properties Tue Jul  
8 22:08:26 2014
@@ -163,6 +163,7 @@ standardHost.noContext=No Context config
 standardHost.notContext=Child of a Host must be a Context
 standardHost.nullName=Host name is required
 standardServer.shutdownViaPort=A valid shutdown command was received via the 
shutdown port. Stopping the Server instance.
+standardServer.accept.timeout=The socket listening for the shutdown command 
experienced an unexpected timeout [{0}] milliseconds after the call to 
accept(). Is this an instance of bug 56684?
 standardService.connector.initFailed=Failed to initialize connector [{0}]
 standardService.connector.pauseFailed=Failed to pause connector [{0}]
 standardService.connector.startFailed=Failed to start connector [{0}]

Modified: tomcat/trunk/java/org/apache/catalina/core/StandardServer.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/core/StandardServer.java?rev=1608963&r1=1608962&r2=1608963&view=diff
==
--- tomcat/trunk/java/org/apache/catalina/core/StandardServer.java (original)
+++ tomcat/trunk/java/org/apache/catalina/core/StandardServer.java Tue Jul  8 
22:08:26 2014
@@ -24,6 +24,7 @@ import java.io.InputStream;
 import java.net.InetAddress;
 import java.net.ServerSocket;
 import java.net.Socket;
+import java.net.SocketTimeoutException;
 import java.net.URISyntaxException;
 import java.net.URL;
 import java.net.URLClassLoader;
@@ -440,10 +441,18 @@ public final class StandardServer extend
 StringBuilder command = new StringBuilder();
 try {
 InputStream stream;
+long acceptStartTime = System.currentTimeMillis();
 try {
+serverSocket.setSoTimeout(5000);
 socket = serverSocket.accept();
 socket.setSoTimeout(10 * 1000);  // Ten seconds
 stream = socket.getInputStream();
+} catch (SocketTimeoutException ste) {
+// This should never happen but bug 56684 suggests that
+// it does.
+log.warn(sm.getString("standardServer.accept.timeout",
+Long.valueOf(System.currentTimeMillis() - 
acceptStartTime)), ste);
+continue;
 } catch (AccessControlException ace) {
 log.warn("StandardServer.accept security exception: "
 + ace.getMessage(), ace);

Modified: tomcat/trunk/webapps/docs/changelog.xml
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1608963&r1=1608962&r2=1608963&view=diff
==
--- tomcat/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/trunk/webapps/docs/changelog.xml Tue Jul  8 22:08:26 2014
@@ -107,6 +107,11 @@
 value during a cross-context dispatch. (markt)
   
   
+56684: Ensure that Tomcat does not shut down if the socket
+waiting for the shutdown command experiences a
+SocketTimeoutException. (markt)
+  
+  
 56693: Fix various issues in the static resource cache
 implementation where the cache retained a stale entry after the
 successful completion of an operation that always invalidates the cache



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 56684] java7: java.net.SocketTimeoutException: Accept timed out

[bugzilla]

https://issues.apache.org/bugzilla/show_bug.cgi?id=56684

--- Comment #9 from Mark Thomas  ---
Workaround added to 8.0.x for 8.0.10 onwards. If the timout occurs a warning is
logged that reports how long accept was blocking for before the timeout.

-- 
You are receiving this mail because:
You are the assignee for the bug.

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: svn commit: r1608963 - in /tomcat/trunk: java/org/apache/catalina/core/LocalStrings.properties java/org/apache/catalina/core/StandardServer.java webapps/docs/changelog.xml

[Konstantin Kolinko]

2014-07-09 2:08 GMT+04:00  :
> Author: markt
> Date: Tue Jul  8 22:08:26 2014
> New Revision: 1608963
>
> URL: http://svn.apache.org/r1608963
> Log:
> Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=56684
> Add a workaround for a bug that should never happen along with some basic 
> debug logging.
>
> Modified:
> tomcat/trunk/java/org/apache/catalina/core/LocalStrings.properties
> tomcat/trunk/java/org/apache/catalina/core/StandardServer.java
> tomcat/trunk/webapps/docs/changelog.xml
>

> --- tomcat/trunk/java/org/apache/catalina/core/StandardServer.java (original)
> +++ tomcat/trunk/java/org/apache/catalina/core/StandardServer.java Tue Jul  8 
> 22:08:26 2014
> @@ -24,6 +24,7 @@ import java.io.InputStream;
>  import java.net.InetAddress;
>  import java.net.ServerSocket;
>  import java.net.Socket;
> +import java.net.SocketTimeoutException;
>  import java.net.URISyntaxException;
>  import java.net.URL;
>  import java.net.URLClassLoader;
> @@ -440,10 +441,18 @@ public final class StandardServer extend
>  StringBuilder command = new StringBuilder();
>  try {
>  InputStream stream;
> +long acceptStartTime = System.currentTimeMillis();
>  try {
> +serverSocket.setSoTimeout(5000);

I think the above line is a leftover from testing the log message.

>  socket = serverSocket.accept();
>  socket.setSoTimeout(10 * 1000);  // Ten seconds
>  stream = socket.getInputStream();
> +} catch (SocketTimeoutException ste) {
> +// This should never happen but bug 56684 suggests 
> that
> +// it does.
> +
> log.warn(sm.getString("standardServer.accept.timeout",
> +Long.valueOf(System.currentTimeMillis() - 
> acceptStartTime)), ste);
> +continue;
>  } catch (AccessControlException ace) {
>  log.warn("StandardServer.accept security exception: "
>  + ace.getMessage(), ace);
>

Best regards,
Konstantin Kolinko

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: Using EL expressions in JMX operations (e.g. expireSession)

[Christopher Schultz]

Mark,

On 7/8/14, 4:16 PM, Mark Thomas wrote:
> On 08/07/2014 15:28, Christopher Schultz wrote:
>> All,
>>
>> In order to help me with a few sundry operations, I've written
>> some crude command-line tools that use JMXProxyServlet to do my
>> bidding.
>>
>> Here's a gem:
>>
>> for sessionid in `wget -qO - 
>> 'http://localhost/manager/jmxproxy?invoke=Catalina:type=Manager,context=/myapp,host=localhost&op=listSessionIds'
>>
>>
> | sed -e "s/ /\n/g" | grep '^[0-9A-Z]\+\(\..*\)\?$' | grep -v "^OK$"` ;
>> do wget -qO - 
>> "http://localhost/manager/jmxproxy?invoke=Catalina:type=Manager,context=/myapp,host=localhost&op=getSessionAttribute&ps=$sessionid,user";
>>
>>
> ; done
>>
>> That dumps out all the users currently logged-in, plus a bunch of
>> "OK - Operation getSessionAttribute without return value" outputs.
>>
>> Tweaking the above command, I can get Tomcat to give me the list
>> of sessions for which there is no user, for example.
>>
>> Now, let's say that I want to expire all the sessions for which
>> there is no user. I can run the above command (with obvious
>> modifications) and get a list of session ids for which there are
>> are no users, and then I can execute /another/ call to
>> JMXProxyServlet calling expireSession with the id of the session.
>>
>> While that sounds like fun, I wonder if there isn't a better way. I
>> also think this idea could be useful for other operations as well:
>> allow the use of an EL expression that can be used to match
>> sessions.
>>
>> For instance, one could write an EL expression that would be
>> executed on each session and return a true/false (or maybe just
>> true/not-true), and then expireSessions (plural, to distinguish it
>> from the existing single-session expiration operation). Something
>> like this:
>>
>> ${!empty session.user && ((now - session.lastAccessedTime) >
>> 12)}
>>
>> Asking JMXProxyServlet to expire all sessions matching the above 
>> expression would then kill any session that had no user attribute
>> (might have to use session.getAttribute('user')... I'm no EL
>> expert) and was also left unattended for 2-minutes or more.
>>
>> Is there any interest in this kind of thing? Parsing (specifically)
>> and executing EL expressions on the fly might be a bit expensive
>> for administrative operations, but of course one does not need to
>> use such features if one does not want to.
>>
>> I haven't really thought about it too much, but I suspect there
>> would be other situations where being able to filter objects using
>> an EL-based predicate might be useful.
> 
> Executing arbitrary user provided EL expressions often creates all
> sorts of security problems.

I agree in general, but the policy about the manager webapp has always
been that if one has access to it, then one already has the keys to the
kingdom. We could introduce (yet) another role to the manager for this
kind of thing.

> My concern is that the complexity of implementing this securely may
> outweigh the benefit it brings.

A fair argument.

This use case is fairly rare and, honestly, could be handled with a
small amount of custom code on my part. I just thought something like
this might have some utility to others, so I figured I'd present the idea.

If there's additional interest, we can re-visit it.

-chris



signature.asc
Description: OpenPGP digital signature

Re: Working tc native build

[Christopher Schultz]

Mark,

On 7/8/14, 12:14 PM, Mark Thomas wrote:
> On 08/07/2014 16:39, Christopher Schultz wrote:
> 
>> Anyway, here's what the above tool says tcnative-1.dll requires in
>> terms of direct dependencies:
>>
>> - USER32.dll - PSAPI.dll - SHLWAPI.dll - KERNEL32.dll -
>> ADVAPI32.dll - WS2_32.dll - MSWSOCK.dll - MSVCR100.dll
>>
>> Is that last one the one you were concerned about?
> 
> Yes.
> 
>> If so, what's the procedure for statically-linking that library
>> into tcnative ... or, better yet, why is that library not necessary
>> when using MSVS 2006 or whatever?
> 
> Using VS6 or Mladen's toolkit, it builds against msvcrt.dll which is
> part of the base OS.
> 
> For reasons I haven't dug into, later versions of Visual Studio build
> upon a newer version of that library and despite quite a lot of
> searching I haven't found a way to make later versions of Visual
> Studio build against the older dll.

Here is an exhaustive explanation of what in the world is going on:
http://kobyk.wordpress.com/2007/07/20/dynamically-linking-with-msvcrtdll-using-visual-c-2005/

I found this via SO:
http://stackoverflow.com/questions/10166412/how-to-link-against-msvcrt-dll-instead-of-msvcr100-dll-in-vc-10-0

The upshot is that one should use the Windows Driver (Development) Kit
(WDK/DDK) instead of Visual Studio in order to get a more modern
compiler (than the 2005 version) whilst enjoying a build against MSVCRT.dll.

The SO answer mentions that the Windows 8 WDK no longer links against
the system MSVCRT.dll, so it looks like the Windows 7 WDK is the latest
version that will produce acceptable results.

I'll investigate whether the WDK (which includes a C/C++ compiler and
tool chain) alone can build OpenSSL, APR, and tcnative. If so, your
existing instructions might be able to reduce another prerequisite (the
Windows SDK itself).

Thanks,
-chris



signature.asc
Description: OpenPGP digital signature

svn commit: r1608968 - /tomcat/trunk/test/META-INF/services/javax.servlet.ServletContainerInitializer

[kkolinko]

Author: kkolinko
Date: Tue Jul  8 23:07:16 2014
New Revision: 1608968

URL: http://svn.apache.org/r1608968
Log:
Set svn:eol-style=native
This file is mentioned in "text.files" patternset in build.xml.

Modified:

tomcat/trunk/test/META-INF/services/javax.servlet.ServletContainerInitializer   
(props changed)

Propchange: 
tomcat/trunk/test/META-INF/services/javax.servlet.ServletContainerInitializer
--
svn:eol-style = native



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

svn commit: r1608969 - in /tomcat/trunk/java/org/apache/tomcat/util/net/jsse/openssl: Authentication.java Ciphers.java Encryption.java EncryptionLevel.java KeyExchange.java MessageDigest.java OpenSSLC

[kkolinko]

Author: kkolinko
Date: Tue Jul  8 23:08:20 2014
New Revision: 1608969

URL: http://svn.apache.org/r1608969
Log:
Set svn:eol-style=native

Modified:

tomcat/trunk/java/org/apache/tomcat/util/net/jsse/openssl/Authentication.java   
(props changed)
tomcat/trunk/java/org/apache/tomcat/util/net/jsse/openssl/Ciphers.java   
(props changed)
tomcat/trunk/java/org/apache/tomcat/util/net/jsse/openssl/Encryption.java   
(props changed)

tomcat/trunk/java/org/apache/tomcat/util/net/jsse/openssl/EncryptionLevel.java  
 (props changed)
tomcat/trunk/java/org/apache/tomcat/util/net/jsse/openssl/KeyExchange.java  
 (props changed)

tomcat/trunk/java/org/apache/tomcat/util/net/jsse/openssl/MessageDigest.java   
(props changed)

tomcat/trunk/java/org/apache/tomcat/util/net/jsse/openssl/OpenSSLCipherConfigurationParser.java
   (props changed)
tomcat/trunk/java/org/apache/tomcat/util/net/jsse/openssl/Protocol.java   
(props changed)

Propchange: 
tomcat/trunk/java/org/apache/tomcat/util/net/jsse/openssl/Authentication.java
--
svn:eol-style = native

Propchange: 
tomcat/trunk/java/org/apache/tomcat/util/net/jsse/openssl/Ciphers.java
--
svn:eol-style = native

Propchange: 
tomcat/trunk/java/org/apache/tomcat/util/net/jsse/openssl/Encryption.java
--
svn:eol-style = native

Propchange: 
tomcat/trunk/java/org/apache/tomcat/util/net/jsse/openssl/EncryptionLevel.java
--
svn:eol-style = native

Propchange: 
tomcat/trunk/java/org/apache/tomcat/util/net/jsse/openssl/KeyExchange.java
--
svn:eol-style = native

Propchange: 
tomcat/trunk/java/org/apache/tomcat/util/net/jsse/openssl/MessageDigest.java
--
svn:eol-style = native

Propchange: 
tomcat/trunk/java/org/apache/tomcat/util/net/jsse/openssl/OpenSSLCipherConfigurationParser.java
--
svn:eol-style = native

Propchange: 
tomcat/trunk/java/org/apache/tomcat/util/net/jsse/openssl/Protocol.java
--
svn:eol-style = native



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: Using EL expressions in JMX operations (e.g. expireSession)

[Konstantin Kolinko]

2014-07-08 18:28 GMT+04:00 Christopher Schultz :
>
> (...)
>
> For instance, one could write an EL expression that would be executed on
> each session and return a true/false (or maybe just true/not-true), and
> then expireSessions (plural, to distinguish it from the existing
> single-session expiration operation). Something like this:
>
> ${!empty session.user && ((now - session.lastAccessedTime) > 12)}
>
> Asking JMXProxyServlet to expire all sessions matching the above
> expression would then kill any session that had no user attribute (might
> have to use session.getAttribute('user')... I'm no EL expert) and was
> also left unattended for 2-minutes or more.
>
> Is there any interest in this kind of thing? Parsing (specifically) and
> executing EL expressions on the fly might be a bit expensive for
> administrative operations, but of course one does not need to use such
> features if one does not want to.
>
> I haven't really thought about it too much, but I suspect there would be
> other situations where being able to filter objects using an EL-based
> predicate might be useful.
>

1. This example is not self-contained. It does not define "now". It
does not define where "session" comes from.

2. Do you expect evaluation of EL to turn into series of JMX calls? I
think those session properties are not available directly. You need to
ask for them.

3. Error processing = ? Thread safety = ?

I think this needs three or more use case examples to better
understand the problem.

If it is just a single use case, a custom JSP page may do better.


Best regards,
Konstantin Kolinko

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

svn commit: r1608983 - /tomcat/tc7.0.x/trunk/java/org/apache/tomcat/util/http/mapper/Mapper.java

[kkolinko]

Author: kkolinko
Date: Wed Jul  9 01:48:59 2014
New Revision: 1608983

URL: http://svn.apache.org/r1608983
Log:
For BZ 56653
Improve handling of Context.versions field.
Do not assign an empty array to this field, neither when creating a new 
versions list, nor when removing the last version from it. The mapping 
algorithm does not expect this list to be empty. Mark the versions list field 
as volatile, because it is updated when a Context is started or stopped.

This backports r1604435 and a bit from r1604320 and r1604928.

Modified:
tomcat/tc7.0.x/trunk/java/org/apache/tomcat/util/http/mapper/Mapper.java

Modified: 
tomcat/tc7.0.x/trunk/java/org/apache/tomcat/util/http/mapper/Mapper.java
URL: 
http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/tomcat/util/http/mapper/Mapper.java?rev=1608983&r1=1608982&r2=1608983&view=diff
==
--- tomcat/tc7.0.x/trunk/java/org/apache/tomcat/util/http/mapper/Mapper.java 
(original)
+++ tomcat/tc7.0.x/trunk/java/org/apache/tomcat/util/http/mapper/Mapper.java 
Wed Jul  9 01:48:59 2014
@@ -237,6 +237,14 @@ public final class Mapper {
 }
 int slashCount = slashCount(path);
 synchronized (mappedHost) {
+ContextVersion newContextVersion = new ContextVersion();
+newContextVersion.path = path;
+newContextVersion.slashCount = slashCount;
+newContextVersion.name = version;
+newContextVersion.object = context;
+newContextVersion.welcomeResources = welcomeResources;
+newContextVersion.resources = resources;
+
 Context[] contexts = mappedHost.contextList.contexts;
 // Update nesting
 if (slashCount > mappedHost.contextList.nesting) {
@@ -244,26 +252,18 @@ public final class Mapper {
 }
 Context mappedContext = exactFind(contexts, path);
 if (mappedContext == null) {
-mappedContext = new Context();
-mappedContext.name = path;
+mappedContext = new Context(path, newContextVersion);
 Context[] newContexts = new Context[contexts.length + 1];
 if (insertMap(contexts, newContexts, mappedContext)) {
 mappedHost.contextList.contexts = newContexts;
 }
-}
-
-ContextVersion[] contextVersions = mappedContext.versions;
-ContextVersion[] newContextVersions =
-new ContextVersion[contextVersions.length + 1];
-ContextVersion newContextVersion = new ContextVersion();
-newContextVersion.path = path;
-newContextVersion.slashCount = slashCount;
-newContextVersion.name = version;
-newContextVersion.object = context;
-newContextVersion.welcomeResources = welcomeResources;
-newContextVersion.resources = resources;
-if (insertMap(contextVersions, newContextVersions, 
newContextVersion)) {
-mappedContext.versions = newContextVersions;
+} else {
+ContextVersion[] contextVersions = mappedContext.versions;
+ContextVersion[] newContextVersions =
+new ContextVersion[contextVersions.length + 1];
+if (insertMap(contextVersions, newContextVersions, 
newContextVersion)) {
+mappedContext.versions = newContextVersions;
+}
 }
 }
 
@@ -294,8 +294,6 @@ public final class Mapper {
 ContextVersion[] newContextVersions =
 new ContextVersion[contextVersions.length - 1];
 if (removeMap(contextVersions, newContextVersions, version)) {
-context.versions = newContextVersions;
-
 if (context.versions.length == 0) {
 // Remove the context
 Context[] newContexts = new Context[contexts.length -1];
@@ -310,6 +308,8 @@ public final class Mapper {
 }
 }
 }
+} else {
+context.versions = newContextVersions;
 }
 }
 }
@@ -1542,7 +1542,12 @@ public final class Mapper {
 
 
 protected static final class Context extends MapElement {
-public ContextVersion[] versions = new ContextVersion[0];
+public volatile ContextVersion[] versions;
+
+public Context(String name, ContextVersion firstVersion) {
+super(name, null);
+versions = new ContextVersion[] { firstVersion };
+}
 }
 
 



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

svn commit: r1608986 - /tomcat/tc7.0.x/trunk/java/org/apache/tomcat/util/http/mapper/Mapper.java

[kkolinko]

Author: kkolinko
Date: Wed Jul  9 02:10:50 2014
New Revision: 1608986

URL: http://svn.apache.org/r1608986
Log:
Correct javadoc.

Modified:
tomcat/tc7.0.x/trunk/java/org/apache/tomcat/util/http/mapper/Mapper.java

Modified: 
tomcat/tc7.0.x/trunk/java/org/apache/tomcat/util/http/mapper/Mapper.java
URL: 
http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/tomcat/util/http/mapper/Mapper.java?rev=1608986&r1=1608985&r2=1608986&view=diff
==
--- tomcat/tc7.0.x/trunk/java/org/apache/tomcat/util/http/mapper/Mapper.java 
(original)
+++ tomcat/tc7.0.x/trunk/java/org/apache/tomcat/util/http/mapper/Mapper.java 
Wed Jul  9 02:10:50 2014
@@ -1466,13 +1466,13 @@ public final class Mapper {
 public ContextList contextList;
 
 /**
- * Link to the "real" MappedHost, shared by all aliases.
+ * Link to the "real" Host, shared by all aliases.
  */
 private final Host realHost;
 
 /**
  * Links to all registered aliases, for easy enumeration. This field
- * is available only in the "real" MappedHost. In an alias this field
+ * is available only in the "real" Host. In an alias this field
  * is null.
  */
 private final List aliases;



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

svn commit: r1608990 - /tomcat/trunk/webapps/docs/changelog.xml

[kkolinko]

Author: kkolinko
Date: Wed Jul  9 02:23:01 2014
New Revision: 1608990

URL: http://svn.apache.org/r1608990
Log:
Improve changelog entry wording.

Modified:
tomcat/trunk/webapps/docs/changelog.xml

Modified: tomcat/trunk/webapps/docs/changelog.xml
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1608990&r1=1608989&r2=1608990&view=diff
==
--- tomcat/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/trunk/webapps/docs/changelog.xml Wed Jul  9 02:23:01 2014
@@ -64,8 +64,8 @@
 the fix for bug 56588. (kkolinko)
   
   
-56653: Fix concurrency issue with
-Mapper$ContextList when stopping Contexts. (kkolinko)
+56653: Fix concurrency issue with lists of contexts in
+Mapper when stopping Contexts. (kkolinko)
   
   
 56657: When using parallel deployment, if the same session 
id



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

svn commit: r1608993 - in /tomcat/tc7.0.x/trunk: java/org/apache/tomcat/util/http/mapper/Mapper.java webapps/docs/changelog.xml

[kkolinko]

Author: kkolinko
Date: Wed Jul  9 02:31:47 2014
New Revision: 1608993

URL: http://svn.apache.org/r1608993
Log:
Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=56653
Fix concurrency issue with lists of contexts in Mapper when stopping Contexts.

The ContextList fields are made final.
Instead of sharing the same ContextList object instance among Hosts,
the ContextList is made an immutable object and is updated via 
updateContextList() method.

Modified:
tomcat/tc7.0.x/trunk/java/org/apache/tomcat/util/http/mapper/Mapper.java
tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml

Modified: 
tomcat/tc7.0.x/trunk/java/org/apache/tomcat/util/http/mapper/Mapper.java
URL: 
http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/tomcat/util/http/mapper/Mapper.java?rev=1608993&r1=1608992&r2=1608993&view=diff
==
--- tomcat/tc7.0.x/trunk/java/org/apache/tomcat/util/http/mapper/Mapper.java 
(original)
+++ tomcat/tc7.0.x/trunk/java/org/apache/tomcat/util/http/mapper/Mapper.java 
Wed Jul  9 02:31:47 2014
@@ -192,6 +192,16 @@ public final class Mapper {
 
 }
 
+/**
+ * Replace {@link Host#contextList} field in realHost and
+ * all its aliases with a new value.
+ */
+private void updateContextList(Host realHost, ContextList newContextList) {
+realHost.contextList = newContextList;
+for (Host alias : realHost.getAliases()) {
+alias.contextList = newContextList;
+}
+}
 
 /**
  * Set context, used for wrapper mapping (request dispatcher).
@@ -245,17 +255,14 @@ public final class Mapper {
 newContextVersion.welcomeResources = welcomeResources;
 newContextVersion.resources = resources;
 
-Context[] contexts = mappedHost.contextList.contexts;
-// Update nesting
-if (slashCount > mappedHost.contextList.nesting) {
-mappedHost.contextList.nesting = slashCount;
-}
-Context mappedContext = exactFind(contexts, path);
+ContextList contextList = mappedHost.contextList;
+Context mappedContext = exactFind(contextList.contexts, path);
 if (mappedContext == null) {
 mappedContext = new Context(path, newContextVersion);
-Context[] newContexts = new Context[contexts.length + 1];
-if (insertMap(contexts, newContexts, mappedContext)) {
-mappedHost.contextList.contexts = newContexts;
+ContextList newContextList = contextList.addContext(
+mappedContext, slashCount);
+if (newContextList != null) {
+updateContextList(mappedHost, newContextList);
 }
 } else {
 ContextVersion[] contextVersions = mappedContext.versions;
@@ -284,8 +291,8 @@ public final class Mapper {
 return;
 }
 synchronized (host) {
-Context[] contexts = host.contextList.contexts;
-Context context = exactFind(contexts, path);
+ContextList contextList = host.contextList;
+Context context = exactFind(contextList.contexts, path);
 if (context == null) {
 return;
 }
@@ -296,17 +303,9 @@ public final class Mapper {
 if (removeMap(contextVersions, newContextVersions, version)) {
 if (context.versions.length == 0) {
 // Remove the context
-Context[] newContexts = new Context[contexts.length -1];
-if (removeMap(contexts, newContexts, path)) {
-host.contextList.contexts = newContexts;
-// Recalculate nesting
-host.contextList.nesting = 0;
-for (int i = 0; i < newContexts.length; i++) {
-int slashCount = slashCount(newContexts[i].name);
-if (slashCount > host.contextList.nesting) {
-host.contextList.nesting = slashCount;
-}
-}
+ContextList newContextList = 
contextList.removeContext(path);
+if (newContextList != null) {
+updateContextList(host, newContextList);
 }
 } else {
 context.versions = newContextVersions;
@@ -1463,7 +1462,7 @@ public final class Mapper {
 
 protected static final class Host extends MapElement {
 
-public ContextList contextList;
+public volatile ContextList contextList;
 
 /**
  * Link to the "real" Host, shared by all aliases.
@@ -1532,9 +1531,38 @@ public final class Mapper {
 
 protected static final class ContextList {
 
-public Context[] contexts = new Context[0];
-public int 

[Bug 56653] Concurrency issue with Mapper$ContextList when stopping Contexts

[bugzilla]

https://issues.apache.org/bugzilla/show_bug.cgi?id=56653

Konstantin Kolinko  changed:

   What|Removed |Added

  Component|Catalina|Catalina
Version|7.0.54  |6.0.41
Product|Tomcat 7|Tomcat 6
   Target Milestone|--- |default

--- Comment #5 from Konstantin Kolinko  ---
Fixed in Tomcat 7 with r1608983 and r1608993 and  will be in 7.0.55 onwards.

-- 
You are receiving this mail because:
You are the assignee for the bug.

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: Time for 7.0.55

[Konstantin Kolinko]

2014-07-08 13:45 GMT+04:00 Konstantin Kolinko :
> 2014-07-08 13:17 GMT+04:00 Mark Thomas :
>> On 27/06/2014 17:20, Konstantin Kolinko wrote:
>>> 2014-06-27 18:16 GMT+04:00 Mark Thomas :
 On 23/06/2014 14:00, Violeta Georgieva wrote:
> 2014-06-22 21:33 GMT+03:00 Konstantin Kolinko
>>> Mapper issues:
>>> BZ 44312: Fixed. Proposed for 6.0.
>>>
>>> BZ 56653: Fix re-implemented in Tomcat 8 to be less intrusive.
>>> Not backported.
>>> I backported testcase for it (r1604846), but neither Gump nor Testbot
>>> fail with it.
>>>
>>> BZ 56658: Not started.
>>>
>>> I plan to work on Mapper tonight and tomorrow.
>>
>> Any progress on this? Looking at Bugzilla, these are the only open
>> issues for 7.0.x and I assume we want to resolve them before a 7.0.55 tag.
>
> All are fixed in Tomcat 8 a week ago.
>
> I shall backport 56653, 56658 to Tomcat 7 today.
>

Issue 56653 fixed. This leaves 56658.

Best regards,
Konstantin Kolinko

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org