svn commit: r1665451 - in /tomcat/jk/trunk/native/common: jk_shm.c jk_shm.h

[rjung]

Author: rjung
Date: Tue Mar 10 10:32:33 2015
New Revision: 1665451

URL: http://svn.apache.org/r1665451
Log:
Remove unused code.

Modified:
tomcat/jk/trunk/native/common/jk_shm.c
tomcat/jk/trunk/native/common/jk_shm.h

Modified: tomcat/jk/trunk/native/common/jk_shm.c
URL: 
http://svn.apache.org/viewvc/tomcat/jk/trunk/native/common/jk_shm.c?rev=1665451&r1=1665450&r2=1665451&view=diff
==
--- tomcat/jk/trunk/native/common/jk_shm.c (original)
+++ tomcat/jk/trunk/native/common/jk_shm.c Tue Mar 10 10:32:33 2015
@@ -42,7 +42,6 @@ struct jk_shm_header_data
 unsigned int pos;
 unsigned int childs;
 unsigned int workers;
-time_t   modified;
 };
 
 typedef struct jk_shm_header_data jk_shm_header_data_t;
@@ -81,8 +80,6 @@ typedef struct jk_shm jk_shm_t;
 
 static const char shm_signature[] = { JK_SHM_MAGIC };
 static jk_shm_t jk_shmem = { 0, 0, 0, 0, NULL, NULL, -1, -1, 0, NULL};
-static time_t jk_workers_modified_time = 0;
-static time_t jk_workers_access_time = 0;
 #if defined (WIN32)
 static HANDLE jk_shm_map = NULL;
 static HANDLE jk_shm_hlock = NULL;
@@ -866,40 +863,6 @@ const char *jk_shm_name()
 return jk_shmem.filename;
 }
 
-
-time_t jk_shm_get_workers_time()
-{
-if (jk_shmem.hdr)
-return jk_shmem.hdr->h.data.modified;
-else
-return jk_workers_modified_time;
-}
-
-void jk_shm_set_workers_time(time_t t)
-{
-jk_shm_lock();
-if (jk_shmem.hdr)
-jk_shmem.hdr->h.data.modified = t;
-else
-jk_workers_modified_time = t;
-jk_workers_access_time = t;
-jk_shm_unlock();
-}
-
-int jk_shm_is_modified()
-{
-time_t m = jk_shm_get_workers_time();
-if (m != jk_workers_access_time)
-return 1;
-else
-return 0;
-}
-
-void jk_shm_sync_access_time()
-{
-jk_workers_access_time = jk_shm_get_workers_time();
-}
-
 int jk_shm_lock()
 {
 int rc = JK_TRUE;

Modified: tomcat/jk/trunk/native/common/jk_shm.h
URL: 
http://svn.apache.org/viewvc/tomcat/jk/trunk/native/common/jk_shm.h?rev=1665451&r1=1665450&r2=1665451&view=diff
==
--- tomcat/jk/trunk/native/common/jk_shm.h (original)
+++ tomcat/jk/trunk/native/common/jk_shm.h Tue Mar 10 10:32:33 2015
@@ -223,27 +223,6 @@ jk_shm_lb_sub_worker_t *jk_shm_alloc_lb_
 jk_shm_lb_worker_t *jk_shm_alloc_lb_worker(jk_pool_t *p, const char *name,
jk_logger_t *l);
 
-/* Return workers.properties last modified time
- */
-time_t jk_shm_get_workers_time(void);
-
-/* Set workers.properties last modified time
- */
-void jk_shm_set_workers_time(time_t t);
-
-/* Check if the shared memory has been modified
- * by some other process.
- */
-int jk_shm_is_modified(void);
-
-/* Synchronize access and modification time.
- * This function should be called when the shared memory
- * is modified and after we update the config acording
- * to the current shared memory data.
- */
-void jk_shm_sync_access_time(void);
-
-
 /* Lock shared memory for thread safe access */
 int jk_shm_lock(void);
 



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

svn commit: r1665454 - in /tomcat/jk/trunk: native/common/ xdocs/miscellaneous/

[rjung]

Author: rjung
Date: Tue Mar 10 10:37:33 2015
New Revision: 1665454

URL: http://svn.apache.org/r1665454
Log:
Reduce lock contention during maintenance function.
This was observable when using a big number of AJP13
and LB workers. 

Modified:
tomcat/jk/trunk/native/common/jk_ajp_common.c
tomcat/jk/trunk/native/common/jk_ajp_common.h
tomcat/jk/trunk/native/common/jk_lb_worker.c
tomcat/jk/trunk/native/common/jk_lb_worker.h
tomcat/jk/trunk/native/common/jk_service.h
tomcat/jk/trunk/native/common/jk_shm.c
tomcat/jk/trunk/native/common/jk_shm.h
tomcat/jk/trunk/native/common/jk_status.c
tomcat/jk/trunk/native/common/jk_worker.c
tomcat/jk/trunk/xdocs/miscellaneous/changelog.xml

Modified: tomcat/jk/trunk/native/common/jk_ajp_common.c
URL: 
http://svn.apache.org/viewvc/tomcat/jk/trunk/native/common/jk_ajp_common.c?rev=1665454&r1=1665453&r2=1665454&view=diff
==
--- tomcat/jk/trunk/native/common/jk_ajp_common.c (original)
+++ tomcat/jk/trunk/native/common/jk_ajp_common.c Tue Mar 10 10:37:33 2015
@@ -3376,38 +3376,17 @@ int ajp_get_endpoint(jk_worker_t *pThis,
 return JK_FALSE;
 }
 
-int JK_METHOD ajp_maintain(jk_worker_t *pThis, time_t mstarted, jk_logger_t *l)
+int JK_METHOD ajp_maintain(jk_worker_t *pThis, time_t mstarted, int global, 
jk_logger_t *l)
 {
 JK_TRACE_ENTER(l);
 
 if (pThis && pThis->worker_private) {
 ajp_worker_t *aw = pThis->worker_private;
 int i;
-long delta;
 unsigned int n = 0, k = 0, cnt = 0;
 unsigned int m, m_count = 0;
 jk_sock_t   *m_sock;
 
-jk_shm_lock();
-
-/* Now we check for global maintenance (once for all processes).
- * Checking workers for idleness.
- * Therefore we globally sync and we use a global timestamp.
- * Since it's possible that we come here a few milliseconds
- * before the interval has passed, we allow a little tolerance.
- */
-delta = (long)difftime(mstarted, aw->s->last_maintain_time) +
-JK_AJP_MAINTAIN_TOLERANCE;
-if (delta >= aw->maintain_time) {
-aw->s->last_maintain_time = mstarted;
-if (aw->s->state == JK_AJP_STATE_OK &&
-aw->s->used == aw->s->used_snapshot)
-aw->s->state = JK_AJP_STATE_IDLE;
-aw->s->used_snapshot = aw->s->used;
-}
-
-jk_shm_unlock();
-
 /* Do connection pool maintenance only if timeouts or keepalives are 
set
  */
 if (aw->cache_timeout <= 0 &&

Modified: tomcat/jk/trunk/native/common/jk_ajp_common.h
URL: 
http://svn.apache.org/viewvc/tomcat/jk/trunk/native/common/jk_ajp_common.h?rev=1665454&r1=1665453&r2=1665454&view=diff
==
--- tomcat/jk/trunk/native/common/jk_ajp_common.h (original)
+++ tomcat/jk/trunk/native/common/jk_ajp_common.h Tue Mar 10 10:37:33 2015
@@ -47,10 +47,6 @@ extern "C"
 #define JK_AJP_STATE_TEXT_MAX   (JK_AJP_STATE_PROBE)
 #define JK_AJP_STATE_TEXT_DEF   (JK_AJP_STATE_TEXT_IDLE)
 
-/* We accept doing global maintenance if we are */
-/* JK_AJP_MAINTAIN_TOLERANCE seconds early. */
-#define JK_AJP_MAINTAIN_TOLERANCE (2)
-
 /*
  * Conditional request attributes
  *
@@ -475,7 +471,7 @@ int ajp_connection_tcp_send_message(ajp_
 int ajp_connection_tcp_get_message(ajp_endpoint_t * ae,
jk_msg_buf_t *msg, jk_logger_t *l);
 
-int JK_METHOD ajp_maintain(jk_worker_t *pThis, time_t now, jk_logger_t *l);
+int JK_METHOD ajp_maintain(jk_worker_t *pThis, time_t now, int global, 
jk_logger_t *l);
 
 int JK_METHOD ajp_shutdown(jk_worker_t *pThis, jk_logger_t *l);
 

Modified: tomcat/jk/trunk/native/common/jk_lb_worker.c
URL: 
http://svn.apache.org/viewvc/tomcat/jk/trunk/native/common/jk_lb_worker.c?rev=1665454&r1=1665453&r2=1665454&view=diff
==
--- tomcat/jk/trunk/native/common/jk_lb_worker.c (original)
+++ tomcat/jk/trunk/native/common/jk_lb_worker.c Tue Mar 10 10:37:33 2015
@@ -728,24 +728,15 @@ static jk_uint64_t decay_load(lb_worker_
 return curmax;
 }
 
-static int JK_METHOD maintain_workers(jk_worker_t *p, time_t now, jk_logger_t 
*l)
+static int JK_METHOD maintain_workers(jk_worker_t *p, time_t now, int global, 
jk_logger_t *l)
 {
 unsigned int i = 0;
 jk_uint64_t curmax = 0;
-long delta;
 
 JK_TRACE_ENTER(l);
 if (p && p->worker_private) {
 lb_worker_t *lb = (lb_worker_t *)p->worker_private;
 
-for (i = 0; i < lb->num_of_workers; i++) {
-if (lb->lb_workers[i].worker->maintain) {
-lb->lb_workers[i].worker->maintain(lb->lb_workers[i].worker, 
now, l);
-}
-}
-
-jk_shm_lock();
-
 /* Now we check for global maintenance (once for all processes).
  * Checking workers fo

svn commit: r1665461 - /tomcat/jk/trunk/xdocs/miscellaneous/changelog.xml

[rjung]

Author: rjung
Date: Tue Mar 10 10:40:28 2015
New Revision: 1665461

URL: http://svn.apache.org/r1665461
Log:
Enhance one description.

Modified:
tomcat/jk/trunk/xdocs/miscellaneous/changelog.xml

Modified: tomcat/jk/trunk/xdocs/miscellaneous/changelog.xml
URL: 
http://svn.apache.org/viewvc/tomcat/jk/trunk/xdocs/miscellaneous/changelog.xml?rev=1665461&r1=1665460&r2=1665461&view=diff
==
--- tomcat/jk/trunk/xdocs/miscellaneous/changelog.xml (original)
+++ tomcat/jk/trunk/xdocs/miscellaneous/changelog.xml Tue Mar 10 10:40:28 2015
@@ -47,7 +47,8 @@
   
 AJP, LB: Reduce lock contention during maintenance function.
 This was observable when using a big number of AJP13 and LB
-workers. (rjung)
+workers, especially in combination with the Apache httpd prefork
+MPM. (rjung)
   
   
 57060: Allow building from outside of source tree.



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Early Access builds for JDK 9 b53 and JDK 8u60 b05 are available on java.net

[Rory O'Donnell]

Hi Mark/Mladen,

Early Access build for JDK 9 b53  
available on java.net, summary of  changes are listed here 



Early Access build for JDK 8u60 b05  
is available on java.net, summary of changes are listed here. 



I'd also like to use this opportunity to point you to JEP 238: 
Multi-Version JAR Files [0],

which is currently a Candidate JEP for JDK 9.

It's goal is to extend the JAR file format to allow multiple, JDK 
release-specific versions of class
files to coexist in a single file. An additional goal is to backport the 
run-time changes to
JDK 8u60, thereby enabling JDK 8 to consume multi-version JARs. For a 
detailed discussion,

please see the corresponding thread on the core-libs-dev mailing list. [1]

Please keep in mind that a JEP in the Candidate state is merely an idea 
worthy of consideration
by JDK Release Projects and related efforts; there is no commitment that 
it will be delivered in

any particular release.

Comments, questions, and suggestions are welcome on the corelibs-dev 
mailing list. (If you
haven’t already subscribed to that list then please do so first, 
otherwise your message will be

discarded as spam.)

Rgds,Rory

[0] http://openjdk.java.net/jeps/238
[1] 
http://mail.openjdk.java.net/pipermail/core-libs-dev/2015-February/031461.html 




--
Rgds,Rory O'Donnell
Quality Engineering Manager
Oracle EMEA , Dublin, Ireland

svn commit: r1665559 - /tomcat/trunk/java/org/apache/tomcat/util/net/AprEndpoint.java

[markt]

Author: markt
Date: Tue Mar 10 14:08:26 2015
New Revision: 1665559

URL: http://svn.apache.org/r1665559
Log:
pause() calls unlockAccept(). No need to call it again.

Modified:
tomcat/trunk/java/org/apache/tomcat/util/net/AprEndpoint.java

Modified: tomcat/trunk/java/org/apache/tomcat/util/net/AprEndpoint.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/net/AprEndpoint.java?rev=1665559&r1=1665558&r2=1665559&view=diff
==
--- tomcat/trunk/java/org/apache/tomcat/util/net/AprEndpoint.java (original)
+++ tomcat/trunk/java/org/apache/tomcat/util/net/AprEndpoint.java Tue Mar 10 
14:08:26 2015
@@ -696,7 +696,6 @@ public class AprEndpoint extends Abstrac
 running = false;
 poller.stop();
 getAsyncTimeout().stop();
-unlockAccept();
 for (AbstractEndpoint.Acceptor acceptor : acceptors) {
 long waitLeft = 1;
 while (waitLeft > 0 &&



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: Time for 7.0.60

[Christopher Schultz]

Mark,

On 3/8/15 12:58 PM, Mark Thomas wrote:
> On 07/03/2015 19:16, Christopher Schultz wrote:
>> Violetta,
>>
>> On 3/5/15 2:39 PM, Violeta Georgieva wrote:
>>> I plan to start preparing 7.0.60 for voting.
>>>
>>> If you want to add something to this release please reply here.
>>
>> Mark's got the input half the problem with AjpNioProcessor fixed, I
>> suspect he'll have the output half fixed very soon.
> 
> Thanks for the vote of confidence. I suspect - like the input - putting
> together the test case is going to take most of the time. I'm looking at
> this now. Should have something by the end of today.

Looks good to me in Tomcat 7.0.x trunk.

Violetta, thanks for waiting a bit. I'm okay to release, thought
Konstantin and Jeremy might want to get a few fixes in for the bundled JSTL.

Thanks,
-chris



signature.asc
Description: OpenPGP digital signature

[Bug 57683] New: Crash of stockticket async example caused by an aborted client request

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=57683

Bug ID: 57683
   Summary: Crash of stockticket async example caused by an
aborted client request
   Product: Tomcat 7
   Version: 7.0.59
  Hardware: PC
Status: NEW
  Severity: normal
  Priority: P2
 Component: Examples
  Assignee: dev@tomcat.apache.org
  Reporter: knst.koli...@gmail.com

I mentioned this issue in "Time for 7.0.60" thread on dev@.

It is a bug with error handling in example webapp. It is not a regression from
recent changes. It is reproducible with 7.0.59.

Steps to reproduce:
Using Tomcat 7.0.59, JDK 6u45.

1. Start Tomcat

2. Visit stockicker example,
http://localhost:8080/examples/async/stockticker

3. Abort the request while the page is being loaded (Press "Esc" key on
keyboard)

4. Re-visit the example
http://localhost:8080/examples/async/stockticker

Expected: Working stockicker example.

Actual:
1) Browser waits for a response. After several seconds the progress indicator
stops. A blank page is displayed.

2) Access log shows response status 200, but byte counter is zero ("-").

127.0.0.1 - - [10/Mar/2015:17:45:31 +0300] "GET /examples/async/stockticker
HTTP/1.1" 200 -

3) Looking into catalina.2015-03-10.log, there is the following exception:
[[[
10.03.2015 17:36:58 org.apache.coyote.AbstractProcessor setErrorState
INFO: An error occurred in processing while on a non-container thread. The
connection will be closed immediately
java.net.SocketException: Software caused connection abort: socket write error
at java.net.SocketOutputStream.socketWrite0(Native Method)
at java.net.SocketOutputStream.socketWrite(SocketOutputStream.java:92)
at java.net.SocketOutputStream.write(SocketOutputStream.java:136)
at
org.apache.coyote.http11.InternalOutputBuffer.realWriteBytes(InternalOutputBuffer.java:215)
at org.apache.tomcat.util.buf.ByteChunk.flushBuffer(ByteChunk.java:480)
at
org.apache.coyote.http11.InternalOutputBuffer.flush(InternalOutputBuffer.java:119)
at
org.apache.coyote.http11.AbstractHttp11Processor.action(AbstractHttp11Processor.java:800)
at org.apache.coyote.Response.action(Response.java:172)
at
org.apache.catalina.connector.OutputBuffer.doFlush(OutputBuffer.java:363)
at org.apache.catalina.connector.OutputBuffer.flush(OutputBuffer.java:331)
at org.apache.catalina.connector.CoyoteWriter.flush(CoyoteWriter.java:98)
at async.AsyncStockServlet.writeStock(AsyncStockServlet.java:98)
at async.AsyncStockServlet.tick(AsyncStockServlet.java:81)
at async.Stockticker.run(Stockticker.java:84)
at java.lang.Thread.run(Thread.java:662)
]]]

4) Looking at console,
There is the same exception as in "3)",
followed by the following exception:
[[[
java.lang.IllegalStateException: The request associated with the AsyncContext
has already completed processing.
at
org.apache.catalina.core.AsyncContextImpl.check(AsyncContextImpl.java
:553)
at
org.apache.catalina.core.AsyncContextImpl.getResponse(AsyncContextImp
l.java:265)
at async.AsyncStockServlet.writeStock(AsyncStockServlet.java:86)
at async.AsyncStockServlet.tick(AsyncStockServlet.java:81)
at async.Stockticker.run(Stockticker.java:84)
at java.lang.Thread.run(Thread.java:662)
]]]

Essentially, the async.Stockticker thread crashed due to a non handled ISE.
This explains the behaviour.

5) The exception in "4)" is logged to the console only. It is not logged into
Tomcat log files.

-- 
You are receiving this mail because:
You are the assignee for the bug.

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 56530] WebappClassLoader.loadClass synchronization issue due to coarse lock at WebappClassLoader instance level instead of been by class name

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=56530

--- Comment #18 from Christopher Schultz  ---
The performance hit would only occur during class loading. By the time a few
requests have been processed, class loading should have settled-down quite a
bit.

Some thoughts about performance:

1. This is mostly introducing a single "if" and a test against a static final
field (Jre7Compat.forLanguageTagMethod). The JIT will likely inline that
method.

2. If the branch is not tolerable at runtime, perhaps the branch can be
executed a single time to install a delegate adapter, something like this:

WebappClassLoader:

public static Java7 extends WebappClassLoader

 // etc, do Java 7 stuff

public static Java6 extends WebappClassLoader

 // etc, do Java 6 stuff

:

  if(JreCompat.getInstance().isJre7Supported())
   delegate = new Java7ClassLoader();
  else
   delegate = new Java6ClassLoader();

loadClass():

  return delegate.loadClass();

Or, if you don't want to use Java method dispatch because delegation is too
slow, you can use WebappClassLoader like a factory like this:

WebappClassLoader:

getInstance():

  return JreCompat.getInstance().isJre7Supported() ? new Java7() : new Java6();

Really, synchronization is going to dominate the performance equation here and
not the presence (or absence) of a trivial null-check.

-- 
You are receiving this mail because:
You are the assignee for the bug.

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: Time for 7.0.60

[Konstantin Kolinko]

2015-03-06 20:19 GMT+03:00 Konstantin Kolinko :
> 2015-03-05 22:39 GMT+03:00 Violeta Georgieva :
>> Hi,
>>
>> I plan to start preparing 7.0.60 for voting.
>>
>> If you want to add something to this release please reply here.
>>
>
> Testing the examples app with Security Manager enabled
>
> 1) JSPs using JSTL fail, in the same way as I mentioned for Tomcat 6
> in its STATUS.txt,
> http://svn.apache.org/r1664031
>
> A read permission for JSTL configuration property is needed.
>
> 2) An odd behaviour with  http://localhost:8080/examples/async/stockticker
>
> If I understand correctly it was triggered by pressing Esc while the
> page was being loaded for the first time. This resulted in the
> following:
> a) an ISE stacktrace on the console
> b) No more connections to
> http://localhost:8080/examples/async/stockticker can be done. Other
> servlet examples are working correctly,  but connecting to the
> stockticker page results in:
>
> The browser waits for 10 seconds and then abort the connection
> (showing a blank page; no messages in Tomcat logs, nor on console
> besides the fist one).
> Access log shows result code 200:
>
> 127.0.0.1 - - [06/Mar/2015:20:13:07 +0300] "GET
> /examples/async/stockticker HTTP/1.1" 200 -
>

I filed the stockticker example issue into Bugzilla.
https://bz.apache.org/bugzilla/show_bug.cgi?id=57683

It is not a regression from recent changes. It is reproducible with 7.0.59.

Best regards,
Konstantin Kolinko

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: Time for 7.0.60

[Robert Paasche]

Hi guys,

this may be a little offtopic, but I postet a fix for the native-library at
bug https://bz.apache.org/bugzilla/show_bug.cgi?id=56108.

The fix is based on the mod_ssl implementation of the httpd project for the
DH-based key exchange. This ensures that the used DH-Cipher is at least the
size of the private-key, otherwise the Cipher has a length of only 512 or
1024 bits. Is it possible to release this fix within Tomcat 7.0.60?

thanks,
Robert




Robert Paasche
Senior Developer


pripares GmbH
Altheimer Eck 2
80331 München


Tel +49 (0)89 45 22 808 - 30
Fax +49 (0)89 45 22 808 - 58
Mail r.paas...@pripares.com
Web www.pripares.com


Handelsregister: Registergericht München HRB 138701
Sitz der Gesellschaft: München
Geschäftsführer: Aßmann Christoph, Ertl Andreas


Diese E-Mail enthält vertrauliche und/oder rechtlich geschützte
Informationen. Wenn Sie nicht der richtige Adressat sind oder diese E-Mail
irrtümlich erhalten haben, informieren Sie bitte sofort den Absender und
löschen Sie diese Mail. Das unerlaubte Kopieren sowie die unbefugte
Weitergabe dieser Mail und der darin enthaltenen Informationen sind nicht
gestattet.


This e-mail may contain confidential and/or privileged information. If you
are not the intended recipient (or have received this e-mail in error)
please notify the sender immediately and delete this e-mail. Any
unauthorized copying, disclosure or distribution of the material in this
e-mail is strictly forbidden.

2015-03-10 15:44 GMT+01:00 Christopher Schultz :

> Mark,
>
> On 3/8/15 12:58 PM, Mark Thomas wrote:
> > On 07/03/2015 19:16, Christopher Schultz wrote:
> >> Violetta,
> >>
> >> On 3/5/15 2:39 PM, Violeta Georgieva wrote:
> >>> I plan to start preparing 7.0.60 for voting.
> >>>
> >>> If you want to add something to this release please reply here.
> >>
> >> Mark's got the input half the problem with AjpNioProcessor fixed, I
> >> suspect he'll have the output half fixed very soon.
> >
> > Thanks for the vote of confidence. I suspect - like the input - putting
> > together the test case is going to take most of the time. I'm looking at
> > this now. Should have something by the end of today.
>
> Looks good to me in Tomcat 7.0.x trunk.
>
> Violetta, thanks for waiting a bit. I'm okay to release, thought
> Konstantin and Jeremy might want to get a few fixes in for the bundled
> JSTL.
>
> Thanks,
> -chris
>
>

[Bug 57674] BufferOverflowException in AjpNioProcessor when writing content larger than the underlying buffer

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=57674

Christopher Schultz  changed:

   What|Removed |Added

 Status|RESOLVED|REOPENED
 Resolution|FIXED   |---

--- Comment #5 from Christopher Schultz  ---
Something is still not quite right.

While no errors are being thrown, content is being garbled at regular
intervals.

Using Tomcat 7.0.x at r1665573 with packetSize="65536" and no other
buffer-related configuration.

I see stuff like this periodically in long responses:

onclick="window.locatioAB ^D^C ^@s://[host]:443

I'm working on getting those byte values in there (after the "window.locatio"
and before the "s://") for you; they may tell us something.

-- 
You are receiving this mail because:
You are the assignee for the bug.

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 57674] BufferOverflowException in AjpNioProcessor when writing content larger than the underlying buffer

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=57674

--- Comment #6 from Christopher Schultz  ---
Okay, here's what od has to say about those bytes:

0017740  22  20  6f  6e  63  6c  69  63  6b  3d  22  77  69  6e  64  6f
  "  sp   o   n   c   l   i   c   k   =   "   w   i   n   d   o
0017760  77  2e  6c  6f  63  61  74  69  6f  41  42  20  04  03  20  00
  w   .   l   o   c   a   t   i   o   A   B  sp eot etx  sp nul

   Here's the weirdness ^^^

So, that's a literal "AB" followed by a space, EOT, ETX, space, and NUL bytes.
Then, the text continues on where it left off. The number of unexpected bytes
takes up the same number of bytes in the output, so it's a straight clobbering
of bytes and not something being inserted, and changing the total content
length.

002  73  3a  2f  2f   [etc]
  s   :   /   /   [etc]

With unprintable characters replaced with "x", the content is:

window.locatioAB xx xs://[host]:443

And it should be this:

window.location="https://[host]:443

So you can see that those bytes were replaced and not inserted (or deleted). So
the byte count is correct, but something else is wrong.

There are many other instances in thie page I'm looking at right now. I'll
check to see if they all have the same pattern.

-- 
You are receiving this mail because:
You are the assignee for the bug.

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 57674] BufferOverflowException in AjpNioProcessor when writing content larger than the underlying buffer

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=57674

--- Comment #7 from Christopher Schultz  ---
Yes, all occurrences of the garbled bytes are the same set of replacement
bytes:

  41  42   20  04  03  02  00
   A   B   sp eot etx  sp nul

-- 
You are receiving this mail because:
You are the assignee for the bug.

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 56530] WebappClassLoader.loadClass synchronization issue due to coarse lock at WebappClassLoader instance level instead of been by class name

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=56530

--- Comment #19 from Konstantin Kolinko  ---
(In reply to Christopher Schultz from comment #18)
> 
> 2. If the branch is not tolerable at runtime, perhaps the branch can be
> executed a single time to install a delegate adapter, something like this:
> 

This cannot be solved with an adapter that is installed atop the current
WebappClassLoader class.

See [1]. The class itself and all of its parent classes must be registered as
parallel-capable.

This needs
1. Refactoring, involving extraction of common parent class.

2. Implementation of alternative class loader class that is parallel-capable.

The default implementation (WebappClassLoader) must stay with being non
parallel capable. The common parent class must be registered as
parallel-capable.

If ClassLoader.registerAsParallelCapable() is called via reflection, I wonder
whether the registerAsParallelCapable() method can correctly determine the
calling class. We are not calling the method directly, but via reflection APIs.
It needs a proof of concept.

3. Testing, testing, testing...


[1]
http://docs.oracle.com/javase/7/docs/api/java/lang/ClassLoader.html#registerAsParallelCapable%28%29

-- 
You are receiving this mail because:
You are the assignee for the bug.

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: Time for 7.0.60

[Christopher Schultz]

Robert,

On 3/10/15 10:59 AM, Robert Paasche wrote:
> this may be a little offtopic, but I postet a fix for the native-library at
> bug https://bz.apache.org/bugzilla/show_bug.cgi?id=56108.

I saw that comment and proposed patch. I must admit I don't quite
understand both the problem and the solution (yet). I'd be happy to hear
an in-depth explanation in another thread. Care to start one and give me
a quick education?

> The fix is based on the mod_ssl implementation of the httpd project for the
> DH-based key exchange. This ensures that the used DH-Cipher is at least the
> size of the private-key, otherwise the Cipher has a length of only 512 or
> 1024 bits. Is it possible to release this fix within Tomcat 7.0.60?

That depends upon the status of tcnative. If we can get a release done
for tcnative before Violetta rolls 7.0.60, then it can go in. Otherwise,
it'll have to wait for 7.0.61. I suspect that 7.0.61 isn't going to be
months away, so it wouldn't be terrible if tcnative had to wait.

-chris



signature.asc
Description: OpenPGP digital signature

Re: Time for 7.0.60

[Christopher Schultz]

Violetta,

On 3/10/15 10:44 AM, Christopher Schultz wrote:
> On 3/8/15 12:58 PM, Mark Thomas wrote:
>> On 07/03/2015 19:16, Christopher Schultz wrote:
>>> Violetta,
>>>
>>> On 3/5/15 2:39 PM, Violeta Georgieva wrote:
 I plan to start preparing 7.0.60 for voting.

 If you want to add something to this release please reply here.
>>>
>>> Mark's got the input half the problem with AjpNioProcessor fixed, I
>>> suspect he'll have the output half fixed very soon.
>>
>> Thanks for the vote of confidence. I suspect - like the input - putting
>> together the test case is going to take most of the time. I'm looking at
>> this now. Should have something by the end of today.
> 
> Looks good to me in Tomcat 7.0.x trunk.

Whoops, I spoke too soon. Something is still wrong with the AjpNioProcessor.

Honestly, if you're itching to do a release, this can probably wait.
It's evidently been broken for a long time and nobody noticed except for
me. So if you want to go without a fix for
https://bz.apache.org/bugzilla/show_bug.cgi?id=57674 I'm okay with it.

When it's all done, I'm going to encourage another release, though ;)

Thanks,
-chris



signature.asc
Description: OpenPGP digital signature

svn commit: r1665576 - in /tomcat/taglibs/standard/trunk: build-tools/pom.xml compat/pom.xml impl/pom.xml jstlel/pom.xml pom.xml spec/pom.xml

[jboynes]

Author: jboynes
Date: Tue Mar 10 15:33:50 2015
New Revision: 1665576

URL: http://svn.apache.org/r1665576
Log:
[maven-release-plugin] prepare release taglibs-standard-1.2.4

Modified:
tomcat/taglibs/standard/trunk/build-tools/pom.xml
tomcat/taglibs/standard/trunk/compat/pom.xml
tomcat/taglibs/standard/trunk/impl/pom.xml
tomcat/taglibs/standard/trunk/jstlel/pom.xml
tomcat/taglibs/standard/trunk/pom.xml
tomcat/taglibs/standard/trunk/spec/pom.xml

Modified: tomcat/taglibs/standard/trunk/build-tools/pom.xml
URL: 
http://svn.apache.org/viewvc/tomcat/taglibs/standard/trunk/build-tools/pom.xml?rev=1665576&r1=1665575&r2=1665576&view=diff
==
--- tomcat/taglibs/standard/trunk/build-tools/pom.xml (original)
+++ tomcat/taglibs/standard/trunk/build-tools/pom.xml Tue Mar 10 15:33:50 2015
@@ -24,20 +24,20 @@
 
 org.apache.taglibs
 taglibs-standard
-1.2.4-SNAPSHOT
+1.2.4
 
 
 taglibs-build-tools
-1.2.4-SNAPSHOT
+1.2.4
 Apache Standard Taglib Build Tools
 
 Build tool settings common to all Standard Taglib 
modules
 
 
-
scm:svn:http://svn.apache.org/repos/asf/tomcat/taglibs/standard/trunk/build-tools
-
scm:svn:https://svn.apache.org/repos/asf/tomcat/taglibs/standard/trunk/build-tools
+
scm:svn:http://svn.apache.org/repos/asf/tomcat/taglibs/standard/tags/taglibs-standard-1.2.4/build-tools
+
scm:svn:https://svn.apache.org/repos/asf/tomcat/taglibs/standard/tags/taglibs-standard-1.2.4/build-tools
 
-
http://svn.apache.org/viewvc/tomcat/taglibs/standard/trunk/build-tools
+
http://svn.apache.org/viewvc/tomcat/taglibs/standard/tags/taglibs-standard-1.2.4/build-tools
 
 
 

Modified: tomcat/taglibs/standard/trunk/compat/pom.xml
URL: 
http://svn.apache.org/viewvc/tomcat/taglibs/standard/trunk/compat/pom.xml?rev=1665576&r1=1665575&r2=1665576&view=diff
==
--- tomcat/taglibs/standard/trunk/compat/pom.xml (original)
+++ tomcat/taglibs/standard/trunk/compat/pom.xml Tue Mar 10 15:33:50 2015
@@ -24,11 +24,11 @@
 
 org.apache.taglibs
 taglibs-standard
-1.2.4-SNAPSHOT
+1.2.4
 
 
 taglibs-standard-compat
-1.2.4-SNAPSHOT
+1.2.4
 bundle
 
 Apache Standard Taglib 1.0 Compatibility
@@ -39,10 +39,10 @@
 
 
 
-
scm:svn:http://svn.apache.org/repos/asf/tomcat/taglibs/standard/trunk/compat
-
scm:svn:https://svn.apache.org/repos/asf/tomcat/taglibs/standard/trunk/compat
+
scm:svn:http://svn.apache.org/repos/asf/tomcat/taglibs/standard/tags/taglibs-standard-1.2.4/compat
+
scm:svn:https://svn.apache.org/repos/asf/tomcat/taglibs/standard/tags/taglibs-standard-1.2.4/compat
 
-
http://svn.apache.org/viewvc/tomcat/taglibs/standard/trunk/compat
+
http://svn.apache.org/viewvc/tomcat/taglibs/standard/tags/taglibs-standard-1.2.4/compat
 
 
 
@@ -69,12 +69,12 @@
 
 org.apache.taglibs
 taglibs-standard-spec
-1.2.4-SNAPSHOT
+1.2.4
 
 
 org.apache.taglibs
 taglibs-standard-impl
-1.2.4-SNAPSHOT
+1.2.4
 
 
 

Modified: tomcat/taglibs/standard/trunk/impl/pom.xml
URL: 
http://svn.apache.org/viewvc/tomcat/taglibs/standard/trunk/impl/pom.xml?rev=1665576&r1=1665575&r2=1665576&view=diff
==
--- tomcat/taglibs/standard/trunk/impl/pom.xml (original)
+++ tomcat/taglibs/standard/trunk/impl/pom.xml Tue Mar 10 15:33:50 2015
@@ -24,11 +24,11 @@
 
 org.apache.taglibs
 taglibs-standard
-1.2.4-SNAPSHOT
+1.2.4
 
 
 taglibs-standard-impl
-1.2.4-SNAPSHOT
+1.2.4
 bundle
 
 Apache Standard Taglib Implementation
@@ -39,10 +39,10 @@
 
 
 
-
scm:svn:http://svn.apache.org/repos/asf/tomcat/taglibs/standard/trunk/impl
-
scm:svn:https://svn.apache.org/repos/asf/tomcat/taglibs/standard/trunk/impl
+
scm:svn:http://svn.apache.org/repos/asf/tomcat/taglibs/standard/tags/taglibs-standard-1.2.4/impl
+
scm:svn:https://svn.apache.org/repos/asf/tomcat/taglibs/standard/tags/taglibs-standard-1.2.4/impl
 
-
http://svn.apache.org/viewvc/tomcat/taglibs/standard/trunk/impl
+
http://svn.apache.org/viewvc/tomcat/taglibs/standard/tags/taglibs-standard-1.2.4/impl
 
 
 
@@ -69,7 +69,7 @@
 
 org.apache.taglibs
 taglibs-standard-spec
-1.2.4-SNAPSHOT
+1.2.4
 provided
 
 

Modified: tomcat/taglibs/standard/trunk/jstlel/pom.xml
URL: 
http://svn.apache.org/viewvc/tomcat/taglibs/standard/trunk/jstlel/pom.xml?rev=1665576&r1=1665575&r2=1665576&view=diff

svn commit: r1665577 - /tomcat/taglibs/standard/tags/taglibs-standard-1.2.4/

[jboynes]

Author: jboynes
Date: Tue Mar 10 15:33:51 2015
New Revision: 1665577

URL: http://svn.apache.org/r1665577
Log:
[maven-release-plugin]  copy for tag taglibs-standard-1.2.4

Added:
tomcat/taglibs/standard/tags/taglibs-standard-1.2.4/
  - copied from r1665576, tomcat/taglibs/standard/trunk/


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 56530] WebappClassLoader.loadClass synchronization issue due to coarse lock at WebappClassLoader instance level instead of been by class name

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=56530

--- Comment #20 from Christopher Schultz  ---
(In reply to Konstantin Kolinko from comment #19)
> (In reply to Christopher Schultz from comment #18)
> > 
> > 2. If the branch is not tolerable at runtime, perhaps the branch can be
> > executed a single time to install a delegate adapter, something like this:
> > 
> 
> This cannot be solved with an adapter that is installed atop the current
> WebappClassLoader class.
> 
> See [1]. The class itself and all of its parent classes must be registered
> as parallel-capable.

Aah, yes; I had forgotten about that. Well, that makes things ugly.

> This needs
> 1. Refactoring, involving extraction of common parent class.
> 
> 2. Implementation of alternative class loader class that is parallel-capable.
> 
> The default implementation (WebappClassLoader) must stay with being non
> parallel capable. The common parent class must be registered as
> parallel-capable.
> 
> If ClassLoader.registerAsParallelCapable() is called via reflection, I
> wonder whether the registerAsParallelCapable() method can correctly
> determine the calling class. We are not calling the method directly, but via
> reflection APIs. It needs a proof of concept.

If registerAsParallelCapable can't be called via reflection, then it means that
both Java 6 and Java 7 are required to build Tomcat 7.

We already require Java 7 for building the (optional) WebSocket components.
Could this simply be added to that list?

> 3. Testing, testing, testing...

Since the "regular" WebappClassLoader is still available (and the default CL),
I think it's okay to mark it as an experimental feature and allow users to try
it out.

-- 
You are receiving this mail because:
You are the assignee for the bug.

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

svn commit: r1665578 - in /tomcat/taglibs/standard/trunk: build-tools/pom.xml compat/pom.xml impl/pom.xml jstlel/pom.xml pom.xml spec/pom.xml

[jboynes]

Author: jboynes
Date: Tue Mar 10 15:33:52 2015
New Revision: 1665578

URL: http://svn.apache.org/r1665578
Log:
[maven-release-plugin] prepare for next development iteration

Modified:
tomcat/taglibs/standard/trunk/build-tools/pom.xml
tomcat/taglibs/standard/trunk/compat/pom.xml
tomcat/taglibs/standard/trunk/impl/pom.xml
tomcat/taglibs/standard/trunk/jstlel/pom.xml
tomcat/taglibs/standard/trunk/pom.xml
tomcat/taglibs/standard/trunk/spec/pom.xml

Modified: tomcat/taglibs/standard/trunk/build-tools/pom.xml
URL: 
http://svn.apache.org/viewvc/tomcat/taglibs/standard/trunk/build-tools/pom.xml?rev=1665578&r1=1665577&r2=1665578&view=diff
==
--- tomcat/taglibs/standard/trunk/build-tools/pom.xml (original)
+++ tomcat/taglibs/standard/trunk/build-tools/pom.xml Tue Mar 10 15:33:52 2015
@@ -24,20 +24,20 @@
 
 org.apache.taglibs
 taglibs-standard
-1.2.4
+1.2.5-SNAPSHOT
 
 
 taglibs-build-tools
-1.2.4
+1.2.5-SNAPSHOT
 Apache Standard Taglib Build Tools
 
 Build tool settings common to all Standard Taglib 
modules
 
 
-
scm:svn:http://svn.apache.org/repos/asf/tomcat/taglibs/standard/tags/taglibs-standard-1.2.4/build-tools
-
scm:svn:https://svn.apache.org/repos/asf/tomcat/taglibs/standard/tags/taglibs-standard-1.2.4/build-tools
+
scm:svn:http://svn.apache.org/repos/asf/tomcat/taglibs/standard/trunk/build-tools
+
scm:svn:https://svn.apache.org/repos/asf/tomcat/taglibs/standard/trunk/build-tools
 
-
http://svn.apache.org/viewvc/tomcat/taglibs/standard/tags/taglibs-standard-1.2.4/build-tools
+
http://svn.apache.org/viewvc/tomcat/taglibs/standard/trunk/build-tools
 
 
 

Modified: tomcat/taglibs/standard/trunk/compat/pom.xml
URL: 
http://svn.apache.org/viewvc/tomcat/taglibs/standard/trunk/compat/pom.xml?rev=1665578&r1=1665577&r2=1665578&view=diff
==
--- tomcat/taglibs/standard/trunk/compat/pom.xml (original)
+++ tomcat/taglibs/standard/trunk/compat/pom.xml Tue Mar 10 15:33:52 2015
@@ -24,11 +24,11 @@
 
 org.apache.taglibs
 taglibs-standard
-1.2.4
+1.2.5-SNAPSHOT
 
 
 taglibs-standard-compat
-1.2.4
+1.2.5-SNAPSHOT
 bundle
 
 Apache Standard Taglib 1.0 Compatibility
@@ -39,10 +39,10 @@
 
 
 
-
scm:svn:http://svn.apache.org/repos/asf/tomcat/taglibs/standard/tags/taglibs-standard-1.2.4/compat
-
scm:svn:https://svn.apache.org/repos/asf/tomcat/taglibs/standard/tags/taglibs-standard-1.2.4/compat
+
scm:svn:http://svn.apache.org/repos/asf/tomcat/taglibs/standard/trunk/compat
+
scm:svn:https://svn.apache.org/repos/asf/tomcat/taglibs/standard/trunk/compat
 
-
http://svn.apache.org/viewvc/tomcat/taglibs/standard/tags/taglibs-standard-1.2.4/compat
+
http://svn.apache.org/viewvc/tomcat/taglibs/standard/trunk/compat
 
 
 
@@ -69,12 +69,12 @@
 
 org.apache.taglibs
 taglibs-standard-spec
-1.2.4
+1.2.5-SNAPSHOT
 
 
 org.apache.taglibs
 taglibs-standard-impl
-1.2.4
+1.2.5-SNAPSHOT
 
 
 

Modified: tomcat/taglibs/standard/trunk/impl/pom.xml
URL: 
http://svn.apache.org/viewvc/tomcat/taglibs/standard/trunk/impl/pom.xml?rev=1665578&r1=1665577&r2=1665578&view=diff
==
--- tomcat/taglibs/standard/trunk/impl/pom.xml (original)
+++ tomcat/taglibs/standard/trunk/impl/pom.xml Tue Mar 10 15:33:52 2015
@@ -24,11 +24,11 @@
 
 org.apache.taglibs
 taglibs-standard
-1.2.4
+1.2.5-SNAPSHOT
 
 
 taglibs-standard-impl
-1.2.4
+1.2.5-SNAPSHOT
 bundle
 
 Apache Standard Taglib Implementation
@@ -39,10 +39,10 @@
 
 
 
-
scm:svn:http://svn.apache.org/repos/asf/tomcat/taglibs/standard/tags/taglibs-standard-1.2.4/impl
-
scm:svn:https://svn.apache.org/repos/asf/tomcat/taglibs/standard/tags/taglibs-standard-1.2.4/impl
+
scm:svn:http://svn.apache.org/repos/asf/tomcat/taglibs/standard/trunk/impl
+
scm:svn:https://svn.apache.org/repos/asf/tomcat/taglibs/standard/trunk/impl
 
-
http://svn.apache.org/viewvc/tomcat/taglibs/standard/tags/taglibs-standard-1.2.4/impl
+
http://svn.apache.org/viewvc/tomcat/taglibs/standard/trunk/impl
 
 
 
@@ -69,7 +69,7 @@
 
 org.apache.taglibs
 taglibs-standard-spec
-1.2.4
+1.2.5-SNAPSHOT
 provided
 
 

Modified: tomcat/taglibs/standard/trunk/jstlel/pom.xml
URL: 
http://svn.apache.org/viewvc/tomcat/taglibs/standard/trunk/jstlel/pom.xml?rev=1665578&r1=1665577&r2=1665578&view=diff

svn commit: r1665588 - in /tomcat/taglibs/standard/trunk: CHANGES.txt README_bin.txt README_src.txt RELEASING impl/src/main/java/org/apache/taglibs/standard/Version.java impl/src/test/java/org/apache/

[jboynes]

Author: jboynes
Date: Tue Mar 10 16:01:40 2015
New Revision: 1665588

URL: http://svn.apache.org/r1665588
Log:
Update version numbers in project for 1.2.5 release

Added:
tomcat/taglibs/standard/trunk/RELEASING
Modified:
tomcat/taglibs/standard/trunk/CHANGES.txt
tomcat/taglibs/standard/trunk/README_bin.txt
tomcat/taglibs/standard/trunk/README_src.txt

tomcat/taglibs/standard/trunk/impl/src/main/java/org/apache/taglibs/standard/Version.java

tomcat/taglibs/standard/trunk/impl/src/test/java/org/apache/taglibs/standard/VersionTest.java

Modified: tomcat/taglibs/standard/trunk/CHANGES.txt
URL: 
http://svn.apache.org/viewvc/tomcat/taglibs/standard/trunk/CHANGES.txt?rev=1665588&r1=1665587&r2=1665588&view=diff
==
--- tomcat/taglibs/standard/trunk/CHANGES.txt (original)
+++ tomcat/taglibs/standard/trunk/CHANGES.txt Tue Mar 10 16:01:40 2015
@@ -1,4 +1,8 @@
-Changes in 1.2.4 release
+Changes in 1.2.5 release
+- Set version identifiers correctly, no other changes.
+
+Changes in 1.2.4 release (not released due to incorrect version numbers)
+
 57673 AccessControlException accessing 
org.apache.taglibs.standard.xml.accessExternalEntity
 37466 Reverted changes that overrode HTTP method when importing local 
resources.
 

Modified: tomcat/taglibs/standard/trunk/README_bin.txt
URL: 
http://svn.apache.org/viewvc/tomcat/taglibs/standard/trunk/README_bin.txt?rev=1665588&r1=1665587&r2=1665588&view=diff
==
--- tomcat/taglibs/standard/trunk/README_bin.txt (original)
+++ tomcat/taglibs/standard/trunk/README_bin.txt Tue Mar 10 16:01:40 2015
@@ -1,5 +1,5 @@
 ---
-Apache Standard Tag Library 1.2.3 -- BINARY DISTRIBUTION
+Apache Standard Tag Library 1.2.5 -- BINARY DISTRIBUTION
 ---
 Thanks for downloading this release of the Standard tag library, 
 an implementation of the JavaServer Pages(tm)(JSP) 
@@ -41,9 +41,9 @@ ADD DEPENDENCIES TO A WEB APPLICATION
 
 To use this distribution with your own web applications, add the following JAR
 files to the '/WEB-INF/lib' directory of your application:
-   - taglibs-standard-spec-1.2.3.jar
-   - taglibs-standard-impl-1.2.3.jar
-   - taglibs-standard-jstlel-1.2.3.jar
+   - taglibs-standard-spec-1.2.5.jar
+   - taglibs-standard-impl-1.2.5.jar
+   - taglibs-standard-jstlel-1.2.5.jar
- xalan-2.7.1.jar
- serializer-2.7.1.jar
 
@@ -57,12 +57,12 @@ your pom.xml file:
 
   org.apache.taglibs
   taglibs-standard-spec
-  1.2.3
+  1.2.5
 
 
   org.apache.taglibs
   taglibs-standard-impl
-  1.2.3
+  1.2.5
 
 
 ---

Modified: tomcat/taglibs/standard/trunk/README_src.txt
URL: 
http://svn.apache.org/viewvc/tomcat/taglibs/standard/trunk/README_src.txt?rev=1665588&r1=1665587&r2=1665588&view=diff
==
--- tomcat/taglibs/standard/trunk/README_src.txt (original)
+++ tomcat/taglibs/standard/trunk/README_src.txt Tue Mar 10 16:01:40 2015
@@ -1,5 +1,5 @@
 ---
-Apache Standard Tag Library 1.2.3 -- SOURCE DISTRIBUTION
+Apache Standard Tag Library 1.2.5 -- SOURCE DISTRIBUTION
 ---
 Thanks for downloading the source code for the Apache Software Foundation's
 implementation of the JavaServer Pages(tm)(JSP) Standard Tag Library (JSTL)

Added: tomcat/taglibs/standard/trunk/RELEASING
URL: 
http://svn.apache.org/viewvc/tomcat/taglibs/standard/trunk/RELEASING?rev=1665588&view=auto
==
--- tomcat/taglibs/standard/trunk/RELEASING (added)
+++ tomcat/taglibs/standard/trunk/RELEASING Tue Mar 10 16:01:40 2015
@@ -0,0 +1,42 @@
+The project is configured to be released using the Maven Release Plugin.
+
+Some manual steps are required before performing a release build.
+
+* Update the version strings in README_bin.txt and README_src.tst
+* Update the version number in the Version class
+* Update the version number in the VersionTest class
+Commit these changes.
+
+Push the Maven Artifacts to the Apache Staging Repository:
+$ mvn release:prepare -Papache-release -DautoVersionSubmodules=true
+$ mvn release:perform
+
+Don't forget to close the staging repository prior to the vote.
+
+Stage the Apache download repository at
+  https://dist.apache.org/repos/dist/dev/tomcat/taglibs
+with the following files:
+NOTICE
+README_bin.txt
+README_src.txt
+taglibs-standard-1.2.x-source-release.zip
+taglibs-standard-1.2.x-source-release.zip.asc
+taglibs-standard-1.2.x-source-release.zip.md5
+taglibs-standard-1.2.x-source-

[Bug 57681] Allow parallel class loading in web application class loader by synchronizing on class specific object

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=57681

--- Comment #5 from Alex Koturanov  ---
Created attachment 32554
  --> https://bz.apache.org/bugzilla/attachment.cgi?id=32554&action=edit
Patch to work with JDK6

-- 
You are receiving this mail because:
You are the assignee for the bug.

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

svn commit: r1665595 - /tomcat/taglibs/standard/trunk/pom.xml

[jboynes]

Author: jboynes
Date: Tue Mar 10 16:09:12 2015
New Revision: 1665595

URL: http://svn.apache.org/r1665595
Log:
Add RELEASING file to RAT exclusion list

Modified:
tomcat/taglibs/standard/trunk/pom.xml

Modified: tomcat/taglibs/standard/trunk/pom.xml
URL: 
http://svn.apache.org/viewvc/tomcat/taglibs/standard/trunk/pom.xml?rev=1665595&r1=1665594&r2=1665595&view=diff
==
--- tomcat/taglibs/standard/trunk/pom.xml (original)
+++ tomcat/taglibs/standard/trunk/pom.xml Tue Mar 10 16:09:12 2015
@@ -106,6 +106,7 @@
 DEPENDENCIES
 README_bin.txt
 README_src.txt
+RELEASING
   
 
   



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 57674] BufferOverflowException in AjpNioProcessor when writing content larger than the underlying buffer

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=57674

--- Comment #8 from Christopher Schultz  ---
This does it on a fresh Tomcat 7.0.x trunk:

1. Modify the AJP  thusly:



  (redirectPort and URIEncoding probably have nothing to do with it)

2. Set up your mod_jk worker thusly:

  worker.template.type=ajp13
  worker.template.host=localhost
  worker.template.connection_pool_timeout=60
  worker.template.socket_timeout=300
  worker.template.max_packet_size=65536

  worker.list=test-worker
  worker.test-worker.reference=worker.template
  worker.test-worker.port=8009

  (the 'template' worker is probably not necessary)

3. Run this simple JSP:

<%@page buffer="20kb" contentType="text/plain" %><%
  int iterations = 12500;
  int bytes = 0;
  for(int i=0; i

Note the large (ish) buffer size and the long (ish) content.

Search the output for the text "AB" which is never actually intended to be in
the output; you'll see scarring of the response text at regular intervals.

-- 
You are receiving this mail because:
You are the assignee for the bug.

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

svn commit: r1665600 - /tomcat/taglibs/standard/tags/taglibs-standard-1.2.5/

[jboynes]

Author: jboynes
Date: Tue Mar 10 16:10:58 2015
New Revision: 1665600

URL: http://svn.apache.org/r1665600
Log:
[maven-release-plugin]  copy for tag taglibs-standard-1.2.5

Added:
tomcat/taglibs/standard/tags/taglibs-standard-1.2.5/
  - copied from r1665599, tomcat/taglibs/standard/trunk/


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

svn commit: r1665601 - in /tomcat/taglibs/standard/trunk: build-tools/pom.xml compat/pom.xml impl/pom.xml jstlel/pom.xml pom.xml spec/pom.xml

[jboynes]

Author: jboynes
Date: Tue Mar 10 16:10:59 2015
New Revision: 1665601

URL: http://svn.apache.org/r1665601
Log:
[maven-release-plugin] prepare for next development iteration

Modified:
tomcat/taglibs/standard/trunk/build-tools/pom.xml
tomcat/taglibs/standard/trunk/compat/pom.xml
tomcat/taglibs/standard/trunk/impl/pom.xml
tomcat/taglibs/standard/trunk/jstlel/pom.xml
tomcat/taglibs/standard/trunk/pom.xml
tomcat/taglibs/standard/trunk/spec/pom.xml

Modified: tomcat/taglibs/standard/trunk/build-tools/pom.xml
URL: 
http://svn.apache.org/viewvc/tomcat/taglibs/standard/trunk/build-tools/pom.xml?rev=1665601&r1=1665600&r2=1665601&view=diff
==
--- tomcat/taglibs/standard/trunk/build-tools/pom.xml (original)
+++ tomcat/taglibs/standard/trunk/build-tools/pom.xml Tue Mar 10 16:10:59 2015
@@ -24,20 +24,20 @@
 
 org.apache.taglibs
 taglibs-standard
-1.2.5
+1.2.6-SNAPSHOT
 
 
 taglibs-build-tools
-1.2.5
+1.2.6-SNAPSHOT
 Apache Standard Taglib Build Tools
 
 Build tool settings common to all Standard Taglib 
modules
 
 
-
scm:svn:http://svn.apache.org/repos/asf/tomcat/taglibs/standard/tags/taglibs-standard-1.2.5/build-tools
-
scm:svn:https://svn.apache.org/repos/asf/tomcat/taglibs/standard/tags/taglibs-standard-1.2.5/build-tools
+
scm:svn:http://svn.apache.org/repos/asf/tomcat/taglibs/standard/trunk/build-tools
+
scm:svn:https://svn.apache.org/repos/asf/tomcat/taglibs/standard/trunk/build-tools
 
-
http://svn.apache.org/viewvc/tomcat/taglibs/standard/tags/taglibs-standard-1.2.5/build-tools
+
http://svn.apache.org/viewvc/tomcat/taglibs/standard/trunk/build-tools
 
 
 

Modified: tomcat/taglibs/standard/trunk/compat/pom.xml
URL: 
http://svn.apache.org/viewvc/tomcat/taglibs/standard/trunk/compat/pom.xml?rev=1665601&r1=1665600&r2=1665601&view=diff
==
--- tomcat/taglibs/standard/trunk/compat/pom.xml (original)
+++ tomcat/taglibs/standard/trunk/compat/pom.xml Tue Mar 10 16:10:59 2015
@@ -24,11 +24,11 @@
 
 org.apache.taglibs
 taglibs-standard
-1.2.5
+1.2.6-SNAPSHOT
 
 
 taglibs-standard-compat
-1.2.5
+1.2.6-SNAPSHOT
 bundle
 
 Apache Standard Taglib 1.0 Compatibility
@@ -39,10 +39,10 @@
 
 
 
-
scm:svn:http://svn.apache.org/repos/asf/tomcat/taglibs/standard/tags/taglibs-standard-1.2.5/compat
-
scm:svn:https://svn.apache.org/repos/asf/tomcat/taglibs/standard/tags/taglibs-standard-1.2.5/compat
+
scm:svn:http://svn.apache.org/repos/asf/tomcat/taglibs/standard/trunk/compat
+
scm:svn:https://svn.apache.org/repos/asf/tomcat/taglibs/standard/trunk/compat
 
-
http://svn.apache.org/viewvc/tomcat/taglibs/standard/tags/taglibs-standard-1.2.5/compat
+
http://svn.apache.org/viewvc/tomcat/taglibs/standard/trunk/compat
 
 
 
@@ -69,12 +69,12 @@
 
 org.apache.taglibs
 taglibs-standard-spec
-1.2.5
+1.2.6-SNAPSHOT
 
 
 org.apache.taglibs
 taglibs-standard-impl
-1.2.5
+1.2.6-SNAPSHOT
 
 
 

Modified: tomcat/taglibs/standard/trunk/impl/pom.xml
URL: 
http://svn.apache.org/viewvc/tomcat/taglibs/standard/trunk/impl/pom.xml?rev=1665601&r1=1665600&r2=1665601&view=diff
==
--- tomcat/taglibs/standard/trunk/impl/pom.xml (original)
+++ tomcat/taglibs/standard/trunk/impl/pom.xml Tue Mar 10 16:10:59 2015
@@ -24,11 +24,11 @@
 
 org.apache.taglibs
 taglibs-standard
-1.2.5
+1.2.6-SNAPSHOT
 
 
 taglibs-standard-impl
-1.2.5
+1.2.6-SNAPSHOT
 bundle
 
 Apache Standard Taglib Implementation
@@ -39,10 +39,10 @@
 
 
 
-
scm:svn:http://svn.apache.org/repos/asf/tomcat/taglibs/standard/tags/taglibs-standard-1.2.5/impl
-
scm:svn:https://svn.apache.org/repos/asf/tomcat/taglibs/standard/tags/taglibs-standard-1.2.5/impl
+
scm:svn:http://svn.apache.org/repos/asf/tomcat/taglibs/standard/trunk/impl
+
scm:svn:https://svn.apache.org/repos/asf/tomcat/taglibs/standard/trunk/impl
 
-
http://svn.apache.org/viewvc/tomcat/taglibs/standard/tags/taglibs-standard-1.2.5/impl
+
http://svn.apache.org/viewvc/tomcat/taglibs/standard/trunk/impl
 
 
 
@@ -69,7 +69,7 @@
 
 org.apache.taglibs
 taglibs-standard-spec
-1.2.5
+1.2.6-SNAPSHOT
 provided
 
 

Modified: tomcat/taglibs/standard/trunk/jstlel/pom.xml
URL: 
http://svn.apache.org/viewvc/tomcat/taglibs/standard/trunk/jstlel/pom.xml?rev=1665601&r1=1665600&r2=1665601&view=diff

svn commit: r1665599 - in /tomcat/taglibs/standard/trunk: build-tools/pom.xml compat/pom.xml impl/pom.xml jstlel/pom.xml pom.xml spec/pom.xml

[jboynes]

Author: jboynes
Date: Tue Mar 10 16:10:55 2015
New Revision: 1665599

URL: http://svn.apache.org/r1665599
Log:
[maven-release-plugin] prepare release taglibs-standard-1.2.5

Modified:
tomcat/taglibs/standard/trunk/build-tools/pom.xml
tomcat/taglibs/standard/trunk/compat/pom.xml
tomcat/taglibs/standard/trunk/impl/pom.xml
tomcat/taglibs/standard/trunk/jstlel/pom.xml
tomcat/taglibs/standard/trunk/pom.xml
tomcat/taglibs/standard/trunk/spec/pom.xml

Modified: tomcat/taglibs/standard/trunk/build-tools/pom.xml
URL: 
http://svn.apache.org/viewvc/tomcat/taglibs/standard/trunk/build-tools/pom.xml?rev=1665599&r1=1665598&r2=1665599&view=diff
==
--- tomcat/taglibs/standard/trunk/build-tools/pom.xml (original)
+++ tomcat/taglibs/standard/trunk/build-tools/pom.xml Tue Mar 10 16:10:55 2015
@@ -24,20 +24,20 @@
 
 org.apache.taglibs
 taglibs-standard
-1.2.5-SNAPSHOT
+1.2.5
 
 
 taglibs-build-tools
-1.2.5-SNAPSHOT
+1.2.5
 Apache Standard Taglib Build Tools
 
 Build tool settings common to all Standard Taglib 
modules
 
 
-
scm:svn:http://svn.apache.org/repos/asf/tomcat/taglibs/standard/trunk/build-tools
-
scm:svn:https://svn.apache.org/repos/asf/tomcat/taglibs/standard/trunk/build-tools
+
scm:svn:http://svn.apache.org/repos/asf/tomcat/taglibs/standard/tags/taglibs-standard-1.2.5/build-tools
+
scm:svn:https://svn.apache.org/repos/asf/tomcat/taglibs/standard/tags/taglibs-standard-1.2.5/build-tools
 
-
http://svn.apache.org/viewvc/tomcat/taglibs/standard/trunk/build-tools
+
http://svn.apache.org/viewvc/tomcat/taglibs/standard/tags/taglibs-standard-1.2.5/build-tools
 
 
 

Modified: tomcat/taglibs/standard/trunk/compat/pom.xml
URL: 
http://svn.apache.org/viewvc/tomcat/taglibs/standard/trunk/compat/pom.xml?rev=1665599&r1=1665598&r2=1665599&view=diff
==
--- tomcat/taglibs/standard/trunk/compat/pom.xml (original)
+++ tomcat/taglibs/standard/trunk/compat/pom.xml Tue Mar 10 16:10:55 2015
@@ -24,11 +24,11 @@
 
 org.apache.taglibs
 taglibs-standard
-1.2.5-SNAPSHOT
+1.2.5
 
 
 taglibs-standard-compat
-1.2.5-SNAPSHOT
+1.2.5
 bundle
 
 Apache Standard Taglib 1.0 Compatibility
@@ -39,10 +39,10 @@
 
 
 
-
scm:svn:http://svn.apache.org/repos/asf/tomcat/taglibs/standard/trunk/compat
-
scm:svn:https://svn.apache.org/repos/asf/tomcat/taglibs/standard/trunk/compat
+
scm:svn:http://svn.apache.org/repos/asf/tomcat/taglibs/standard/tags/taglibs-standard-1.2.5/compat
+
scm:svn:https://svn.apache.org/repos/asf/tomcat/taglibs/standard/tags/taglibs-standard-1.2.5/compat
 
-
http://svn.apache.org/viewvc/tomcat/taglibs/standard/trunk/compat
+
http://svn.apache.org/viewvc/tomcat/taglibs/standard/tags/taglibs-standard-1.2.5/compat
 
 
 
@@ -69,12 +69,12 @@
 
 org.apache.taglibs
 taglibs-standard-spec
-1.2.5-SNAPSHOT
+1.2.5
 
 
 org.apache.taglibs
 taglibs-standard-impl
-1.2.5-SNAPSHOT
+1.2.5
 
 
 

Modified: tomcat/taglibs/standard/trunk/impl/pom.xml
URL: 
http://svn.apache.org/viewvc/tomcat/taglibs/standard/trunk/impl/pom.xml?rev=1665599&r1=1665598&r2=1665599&view=diff
==
--- tomcat/taglibs/standard/trunk/impl/pom.xml (original)
+++ tomcat/taglibs/standard/trunk/impl/pom.xml Tue Mar 10 16:10:55 2015
@@ -24,11 +24,11 @@
 
 org.apache.taglibs
 taglibs-standard
-1.2.5-SNAPSHOT
+1.2.5
 
 
 taglibs-standard-impl
-1.2.5-SNAPSHOT
+1.2.5
 bundle
 
 Apache Standard Taglib Implementation
@@ -39,10 +39,10 @@
 
 
 
-
scm:svn:http://svn.apache.org/repos/asf/tomcat/taglibs/standard/trunk/impl
-
scm:svn:https://svn.apache.org/repos/asf/tomcat/taglibs/standard/trunk/impl
+
scm:svn:http://svn.apache.org/repos/asf/tomcat/taglibs/standard/tags/taglibs-standard-1.2.5/impl
+
scm:svn:https://svn.apache.org/repos/asf/tomcat/taglibs/standard/tags/taglibs-standard-1.2.5/impl
 
-
http://svn.apache.org/viewvc/tomcat/taglibs/standard/trunk/impl
+
http://svn.apache.org/viewvc/tomcat/taglibs/standard/tags/taglibs-standard-1.2.5/impl
 
 
 
@@ -69,7 +69,7 @@
 
 org.apache.taglibs
 taglibs-standard-spec
-1.2.5-SNAPSHOT
+1.2.5
 provided
 
 

Modified: tomcat/taglibs/standard/trunk/jstlel/pom.xml
URL: 
http://svn.apache.org/viewvc/tomcat/taglibs/standard/trunk/jstlel/pom.xml?rev=1665599&r1=1665598&r2=1665599&view=diff

[Bug 57681] Allow parallel class loading in web application class loader by synchronizing on class specific object

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=57681

--- Comment #6 from Alex Koturanov  ---
Attachment 'Parallel classloading port from Tc8.0 into Tc7.0' was incomplete
and should not be used, apologies for attaching a wrong diff.

'Patch to work with JDK6' re-implements getClassLoadingLock() in
WebappClassloader and turns serial WebappClassLoader into parallel.

-- 
You are receiving this mail because:
You are the assignee for the bug.

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 57681] Allow parallel class loading in web application class loader by synchronizing on class specific object

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=57681

Alex Koturanov  changed:

   What|Removed |Added

  Attachment #32554|Patch to work with JDK6 |Patch to work with JDK1.6
description||

-- 
You are receiving this mail because:
You are the assignee for the bug.

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 57681] Allow parallel class loading in web application class loader by synchronizing on class specific object

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=57681

Alex Koturanov  changed:

   What|Removed |Added

  Attachment #32553|0   |1
is obsolete||

-- 
You are receiving this mail because:
You are the assignee for the bug.

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

svn commit: r8242 - /dev/tomcat/taglibs/taglbs-standard-1.2.5/

[jboynes]

Author: jboynes
Date: Tue Mar 10 16:18:00 2015
New Revision: 8242

Log:
Stage Apache Standard Taglib 1.2.5 files for voting

Added:
dev/tomcat/taglibs/taglbs-standard-1.2.5/
dev/tomcat/taglibs/taglbs-standard-1.2.5/NOTICE
dev/tomcat/taglibs/taglbs-standard-1.2.5/README_bin.txt
dev/tomcat/taglibs/taglbs-standard-1.2.5/README_src.txt

dev/tomcat/taglibs/taglbs-standard-1.2.5/taglibs-standard-1.2.5-source-release.zip
   (with props)

dev/tomcat/taglibs/taglbs-standard-1.2.5/taglibs-standard-1.2.5-source-release.zip.asc

dev/tomcat/taglibs/taglbs-standard-1.2.5/taglibs-standard-1.2.5-source-release.zip.md5

dev/tomcat/taglibs/taglbs-standard-1.2.5/taglibs-standard-1.2.5-source-release.zip.sha1
dev/tomcat/taglibs/taglbs-standard-1.2.5/taglibs-standard-compat-1.2.5.jar  
 (with props)

dev/tomcat/taglibs/taglbs-standard-1.2.5/taglibs-standard-compat-1.2.5.jar.asc

dev/tomcat/taglibs/taglbs-standard-1.2.5/taglibs-standard-compat-1.2.5.jar.md5

dev/tomcat/taglibs/taglbs-standard-1.2.5/taglibs-standard-compat-1.2.5.jar.sha1
dev/tomcat/taglibs/taglbs-standard-1.2.5/taglibs-standard-impl-1.2.5.jar   
(with props)
dev/tomcat/taglibs/taglbs-standard-1.2.5/taglibs-standard-impl-1.2.5.jar.asc
dev/tomcat/taglibs/taglbs-standard-1.2.5/taglibs-standard-impl-1.2.5.jar.md5

dev/tomcat/taglibs/taglbs-standard-1.2.5/taglibs-standard-impl-1.2.5.jar.sha1
dev/tomcat/taglibs/taglbs-standard-1.2.5/taglibs-standard-jstlel-1.2.5.jar  
 (with props)

dev/tomcat/taglibs/taglbs-standard-1.2.5/taglibs-standard-jstlel-1.2.5.jar.asc

dev/tomcat/taglibs/taglbs-standard-1.2.5/taglibs-standard-jstlel-1.2.5.jar.md5

dev/tomcat/taglibs/taglbs-standard-1.2.5/taglibs-standard-jstlel-1.2.5.jar.sha1
dev/tomcat/taglibs/taglbs-standard-1.2.5/taglibs-standard-spec-1.2.5.jar   
(with props)
dev/tomcat/taglibs/taglbs-standard-1.2.5/taglibs-standard-spec-1.2.5.jar.asc
dev/tomcat/taglibs/taglbs-standard-1.2.5/taglibs-standard-spec-1.2.5.jar.md5

dev/tomcat/taglibs/taglbs-standard-1.2.5/taglibs-standard-spec-1.2.5.jar.sha1

Added: dev/tomcat/taglibs/taglbs-standard-1.2.5/NOTICE
==
--- dev/tomcat/taglibs/taglbs-standard-1.2.5/NOTICE (added)
+++ dev/tomcat/taglibs/taglbs-standard-1.2.5/NOTICE Tue Mar 10 16:18:00 2015
@@ -0,0 +1,5 @@
+Apache Standard Taglib
+Copyright 2001-2015 The Apache Software Foundation
+
+This product includes software developed at
+The Apache Software Foundation (http://www.apache.org/).

Added: dev/tomcat/taglibs/taglbs-standard-1.2.5/README_bin.txt
==
--- dev/tomcat/taglibs/taglbs-standard-1.2.5/README_bin.txt (added)
+++ dev/tomcat/taglibs/taglbs-standard-1.2.5/README_bin.txt Tue Mar 10 16:18:00 
2015
@@ -0,0 +1,116 @@
+---
+Apache Standard Tag Library 1.2.5 -- BINARY DISTRIBUTION
+---
+Thanks for downloading this release of the Standard tag library, 
+an implementation of the JavaServer Pages(tm)(JSP) 
+Standard Tag Library (JSTL).
+
+This code is licensed to you by the Apache Software Foundation and its
+contributors under the terms of the Apache License V2.0;
+please see the included NOTICE and LICENSE files for details.
+
+JSTL is an effort of the Java Community Process (JCP) and
+comes out of the JSR-052 expert group. For more information on JSTL,
+please go to http://jcp.org/en/jsr/detail?id=52 .
+
+---
+LIBRARY DEPENDENCIES
+
+This version of the Standard Tag Library has the following runtime
+dependencies:
+
+   1. Dependencies provided by a JSP 2.1 container:
+  - Java 1.5 or later
+  - Servlet 2.5 or later
+  - JSP 2.1 or later
+
+   2. Additional dependencies
+  - The XML tag library requires Apache Xalan 2.7.1 or later
+
+---
+Apache Xalan 2.7.1
+
+To address performance issues with XSLT processing, this version relies on
+implementation specific functionality from Apache Xalan. The following
+libraries should be included in the classpath for your application:
+   - xalan-2.7.1.jar
+   - serializer-2.7.1.jar
+
+---
+ADD DEPENDENCIES TO A WEB APPLICATION
+
+To use this distribution with your own web applications, add the following JAR
+files to the '/WEB-INF/lib' directory of your application:
+   - taglibs-standard-spec-1.2.5.jar
+   - taglibs-standard-impl-1.2.5.jar
+   - taglibs-standard-jstlel-1.2.5.jar
+   - xalan-2.7.1.jar
+   - serializer-2.7.1.jar
+
+If you do not use JSTL 1.0 tags then the "taglibs-standard-jstlel" JAR may be
+omitted. If you do not use the XML library, then the Apache Xalan dependencies
+may also be omitted.
+
+If you build you application with Maven, add

Unsecure use of DH-Cipher

[Robert Paasche]

Hi guys,

as requested by chris some explanation to the problem.

The problem is, that openssl call the method  "SSL_callback_tmp_DH" with keylen
value of 512 or 1024. This cause that the cipher of the ssl handshake (key
exchange) for a ssl-connection will never be longer as 1024 bit, even if
the private key is longer (2048 bit and more are very common).

The needed changes to ensure that the used cipher has at least the length
of the private key are posted as a comment to the ticket
https://bz.apache.org/bugzilla/show_bug.cgi?id=56108

Explained code changes:

Get the Privatekey:
  pkey = SSL_get_privatekey(ssl);
  type = pkey ? EVP_PKEY_type(pkey->type) : EVP_PKEY_NONE;

if the encryption algorithem is either RSA or DSA we override the given
keylen parameter to match the length of the private key:
  keylen = EVP_PKEY_bits(pkey);

This changes ensure Perfect Forward Secrecy (PFS) for DH key exchange usage.

The changes is based of the lines 1339 - 1357 from the following file of
mod_ssl:
http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/modules/ssl/ssl_engine_kernel.c?view=markup

For a more detailed description of this problem can be found on:
http://security.stackexchange.com/a/42816

Best,
Robert

Robert Paasche
Senior Developer


pripares GmbH
Altheimer Eck 2
80331 München


Tel +49 (0)89 45 22 808 - 30
Fax +49 (0)89 45 22 808 - 58
Mail r.paas...@pripares.com
Web www.pripares.com


Handelsregister: Registergericht München HRB 138701
Sitz der Gesellschaft: München
Geschäftsführer: Aßmann Christoph, Ertl Andreas


Diese E-Mail enthält vertrauliche und/oder rechtlich geschützte
Informationen. Wenn Sie nicht der richtige Adressat sind oder diese E-Mail
irrtümlich erhalten haben, informieren Sie bitte sofort den Absender und
löschen Sie diese Mail. Das unerlaubte Kopieren sowie die unbefugte
Weitergabe dieser Mail und der darin enthaltenen Informationen sind nicht
gestattet.


This e-mail may contain confidential and/or privileged information. If you
are not the intended recipient (or have received this e-mail in error)
please notify the sender immediately and delete this e-mail. Any
unauthorized copying, disclosure or distribution of the material in this
e-mail is strictly forbidden.

2015-03-10 16:26 GMT+01:00 Christopher Schultz :

> Robert,
>
> On 3/10/15 10:59 AM, Robert Paasche wrote:
> > this may be a little offtopic, but I postet a fix for the native-library
> at
> > bug https://bz.apache.org/bugzilla/show_bug.cgi?id=56108.
>
> I saw that comment and proposed patch. I must admit I don't quite
> understand both the problem and the solution (yet). I'd be happy to hear
> an in-depth explanation in another thread. Care to start one and give me
> a quick education?
>
> > The fix is based on the mod_ssl implementation of the httpd project for
> the
> > DH-based key exchange. This ensures that the used DH-Cipher is at least
> the
> > size of the private-key, otherwise the Cipher has a length of only 512 or
> > 1024 bits. Is it possible to release this fix within Tomcat 7.0.60?
>
> That depends upon the status of tcnative. If we can get a release done
> for tcnative before Violetta rolls 7.0.60, then it can go in. Otherwise,
> it'll have to wait for 7.0.61. I suspect that 7.0.61 isn't going to be
> months away, so it wouldn't be terrible if tcnative had to wait.
>
> -chris
>
>

[Bug 56530] WebappClassLoader.loadClass synchronization issue due to coarse lock at WebappClassLoader instance level instead of been by class name

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=56530

--- Comment #21 from Alex Koturanov  ---
Is there a use case were WebappClassLoader must not be parallel? 
Is it an option to re-implement jdk1.7 method
java.lang.ClassLoader#getClassLoadingLock(String) directly in WebappClassLoader
for Tomcat7.0?
I attached a patch that solves my Tomcat7.0 problem with waiting on lock for
3-10 sec in https://bz.apache.org/bugzilla/show_bug.cgi?id=57681

-- 
You are receiving this mail because:
You are the assignee for the bug.

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 57674] BufferOverflowException in AjpNioProcessor when writing content larger than the underlying buffer

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=57674

--- Comment #9 from Rainer Jung  ---
(In reply to Christopher Schultz from comment #7)
> Yes, all occurrences of the garbled bytes are the same set of replacement
> bytes:
> 
>   41  42   20  04  03  02  00
>A   B   sp eot etx  sp nul

AB is the start on a tomcat-to-web-server-packet. The 0x20 and 0x04 are the
length of the packet, so here it is 8196 bytes. Next is packet type 0x03 which
is a body chunk packet. Next is 0x02 0x00 but I think it actually is 0x20 0x00
(see your previous post) which is the chunk size, so here it is 8KB. The rest
is the raw data.

So it looks like the TC AJP connector has somehow framed the response into to
small packets not respecting the configured packet size. It would be
interesting though to see the data before these bytes. Namely whether the
previous AJP packet had the right size, so the "AB" starts right after the
previous packet and the error is on the reassembling side (mod_jk), or whether
th previous packet announced more data than it actually sended and then
"suddenly" a new packet started.

Regards,

Rainer

-- 
You are receiving this mail because:
You are the assignee for the bug.

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 57684] New: Version info should be taken from project version

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=57684

Bug ID: 57684
   Summary: Version info should be taken from project version
   Product: Taglibs
   Version: unspecified
  Hardware: All
OS: All
Status: NEW
  Severity: minor
  Priority: P2
 Component: Standard Taglib
  Assignee: dev@tomcat.apache.org
  Reporter: jboy...@apache.org

When performing a release manual steps need to be done to update the version
number. This information should be extracted from the version in the project's
POM.

-- 
You are receiving this mail because:
You are the assignee for the bug.

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[VOTE] Release Apache Standard Taglib 1.2.5

[Jeremy Boynes]

The proposed Apache Standard Taglib 1.2.5 release is now available for voting.

This release contains two minor bug fixes:
57673 AccessControlException accessing 
org.apache.taglibs.standard.xml.accessExternalEntity
37466 Reverted changes that overrode HTTP method when importing local resources.

It can be obtained from:
https://dist.apache.org/repos/dist/dev/tomcat/taglibs/taglibs-standard-1.2.5/

The Maven staging repo is:
https://repository.apache.org/content/repositories/orgapachetomcat-1038/

The SVN tag is:
http://svn.apache.org/repos/asf/tomcat/taglibs/standard/tags/taglibs-standard-1.2.5/

The proposed 1.2.5 release is:
[ ] Broken - do not release
[ ] Stable - go ahead and release as 1.2.5 Stable

Thanks
Jeremy


signature.asc
Description: Message signed with OpenPGP using GPGMail

[Bug 57674] BufferOverflowException in AjpNioProcessor when writing content larger than the underlying buffer

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=57674

--- Comment #10 from Christopher Schultz  ---
When I run that script, the first hiccup comes at byte 0x00248a (decimal 9354):

002478
002480
00AB ^D^C ^@2490
  ^ byte 0x2480 + 8 + 2)

  (Note that each line is 8 bytes long: 6 bytes of address + \r\n,
   so the "AB" starts at 0x2480 + 8 + 2)
002498
0024a0

Then it happens again at byte 0x491a (decimal 18714):

004908
004910
0049AB ^D^C ^@20
004928
004930

The distance between the first and second scars is 0x2490 (9360) bytes.

Then again at 0x6dae (decimal 28078):

006d98
006da0
006da8AB ^D^C ^@
006db8
006dc0

That's an offset to the previous scar of 0x2494 (decimal 9364).

Then again at 0x9241 (decimal 37441):

009230
009238
0AB ^D^C ^@09248
009250
009258

That's an offset of 9363.

I've taken another look at AjpNioProcessor.output, and the loop looks very
straightforward. As long as writeBuffer.put() and NioSelectorPool.write work as
advertized, and no IOException occurs at line 316 (selector = pool.get()), it
should work.

-- 
You are receiving this mail because:
You are the assignee for the bug.

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 57674] BufferOverflowException in AjpNioProcessor when writing content larger than the underlying buffer

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=57674

--- Comment #11 from Christopher Schultz  ---
(In reply to Rainer Jung from comment #9)
> (In reply to Christopher Schultz from comment #7)
> > Yes, all occurrences of the garbled bytes are the same set of replacement
> > bytes:
> > 
> >   41  42   20  04  03  02  00
> >A   B   sp eot etx  sp nul
> 
> AB is the start on a tomcat-to-web-server-packet.

This is starting to make a lot of sense, now.

> The 0x20 and 0x04 are the
> length of the packet, so here it is 8196 bytes. Next is packet type 0x03
> which is a body chunk packet. Next is 0x02 0x00 but I think it actually is
> 0x20 0x00 (see your previous post) which is the chunk size, so here it is
> 8KB. The rest is the raw data.

Yes, the "02" was a typo: it should of course be "20" for a space.

So it looks like maybe the underlying AJP protocol component has the problem:
it appears to be clobbering response message bytes with its own
packet-headers... packet headers that don't need to be added to the response
bytes because there is still plenty of space left in the current AJP packet.

> So it looks like the TC AJP connector has somehow framed the response into
> to small packets not respecting the configured packet size.

That would be okay, as long as the AJP headers weren't clobbering content. :)

Introducing superfluous packets would be okay, even if it were a little
inefficient.

> It would be
> interesting though to see the data before these bytes. Namely whether the
> previous AJP packet had the right size, so the "AB" starts right after the
> previous packet and the error is on the reassembling side (mod_jk), or
> whether th previous packet announced more data than it actually sended and
> then "suddenly" a new packet started.

I can enable trace logging at the web server level. Let me get this working on
an isolated instance where nobody else will fill-up my logs with extraneous
logging.

-- 
You are receiving this mail because:
You are the assignee for the bug.

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: Unsecure use of DH-Cipher

[Rainer Jung]

Am 10.03.2015 um 17:16 schrieb Robert Paasche:

Hi guys,

as requested by chris some explanation to the problem.

The problem is, that openssl call the method  "SSL_callback_tmp_DH" with keylen
value of 512 or 1024. This cause that the cipher of the ssl handshake (key
exchange) for a ssl-connection will never be longer as 1024 bit, even if
the private key is longer (2048 bit and more are very common).

The needed changes to ensure that the used cipher has at least the length
of the private key are posted as a comment to the ticket
https://bz.apache.org/bugzilla/show_bug.cgi?id=56108

Explained code changes:

Get the Privatekey:
   pkey = SSL_get_privatekey(ssl);
   type = pkey ? EVP_PKEY_type(pkey->type) : EVP_PKEY_NONE;

if the encryption algorithem is either RSA or DSA we override the given
keylen parameter to match the length of the private key:
   keylen = EVP_PKEY_bits(pkey);

This changes ensure Perfect Forward Secrecy (PFS) for DH key exchange usage.

The changes is based of the lines 1339 - 1357 from the following file of
mod_ssl:
http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/modules/ssl/ssl_engine_kernel.c?view=markup

For a more detailed description of this problem can be found on:
http://security.stackexchange.com/a/42816


Some more data points: the change in httpd was introduced by

http://svn.apache.org/viewvc?view=revision&revision=1542327

in November. It is a backport to httpd 2.4 from trunk of the following 5 
changes:


http://svn.apache.org/viewvc?view=revision&revision=1526168

http://svn.apache.org/viewvc?view=revision&revision=1527291

http://svn.apache.org/viewvc?view=revision&revision=1527294

http://svn.apache.org/viewvc?view=revision&revision=1527295

http://svn.apache.org/viewvc?view=revision&revision=1527926
(not relevant here)

The r1527295 change contains the following change which IMHO is the one 
in question:


http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/ssl/ssl_engine_kernel.c?r1=1527295&r2=1527294&pathrev=1527295

Most of the other listed changes might be interesting as well.

Regards,

Rainer

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: Unsecure use of DH-Cipher

[Rainer Jung]

Am 10.03.2015 um 17:36 schrieb Rainer Jung:

Am 10.03.2015 um 17:16 schrieb Robert Paasche:

Hi guys,

as requested by chris some explanation to the problem.

The problem is, that openssl call the method  "SSL_callback_tmp_DH"
with keylen
value of 512 or 1024. This cause that the cipher of the ssl handshake
(key
exchange) for a ssl-connection will never be longer as 1024 bit, even if
the private key is longer (2048 bit and more are very common).

The needed changes to ensure that the used cipher has at least the length
of the private key are posted as a comment to the ticket
https://bz.apache.org/bugzilla/show_bug.cgi?id=56108

Explained code changes:

Get the Privatekey:
   pkey = SSL_get_privatekey(ssl);
   type = pkey ? EVP_PKEY_type(pkey->type) : EVP_PKEY_NONE;

if the encryption algorithem is either RSA or DSA we override the given
keylen parameter to match the length of the private key:
   keylen = EVP_PKEY_bits(pkey);

This changes ensure Perfect Forward Secrecy (PFS) for DH key exchange
usage.

The changes is based of the lines 1339 - 1357 from the following file of
mod_ssl:
http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/modules/ssl/ssl_engine_kernel.c?view=markup


For a more detailed description of this problem can be found on:
http://security.stackexchange.com/a/42816


Some more data points: the change in httpd was introduced by

http://svn.apache.org/viewvc?view=revision&revision=1542327

in November. It is a backport to httpd 2.4 from trunk of the following 5
changes:

http://svn.apache.org/viewvc?view=revision&revision=1526168

http://svn.apache.org/viewvc?view=revision&revision=1527291

http://svn.apache.org/viewvc?view=revision&revision=1527294

http://svn.apache.org/viewvc?view=revision&revision=1527295

http://svn.apache.org/viewvc?view=revision&revision=1527926
(not relevant here)

The r1527295 change contains the following change which IMHO is the one
in question:

http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/ssl/ssl_engine_kernel.c?r1=1527295&r2=1527294&pathrev=1527295


Most of the other listed changes might be interesting as well.


According to

http://httpd.apache.org/docs/trunk/ssl/ssl_faq.html#javadh

there could be interop problems with Java 7 clients and DH params with 
primes longer than 1024 bits.


Rainer


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 57674] BufferOverflowException in AjpNioProcessor when writing content larger than the underlying buffer

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=57674

--- Comment #12 from Christopher Schultz  ---
Running the example JSP I posted on my Mac gives me no output at all: the
server returns "Content-Length: 0" (probably httpd adding that, since there is
no Content-Length header sent by the JSP or Tomcat).

Requesting the JSP resource via the BIO HTTP connector yields the expected
output.

Here's the [debug] output from mod_jk when I get zero bytes back:

[Tue Mar 10 12:46:06.517 2015] [1213:140735223407360] [debug]
map_uri_to_worker_ext::jk_uri_worker_map.c (1179): Attempting to map URI
'/examples/test.jsp' from 2 maps
[Tue Mar 10 12:46:06.517 2015] [1213:140735223407360] [debug]
find_match::jk_uri_worker_map.c (978): Attempting to map context URI
'/examples/*=broken' source 'JkMount'
[Tue Mar 10 12:46:06.517 2015] [1213:140735223407360] [debug]
find_match::jk_uri_worker_map.c (991): Found a wildchar match
'/examples/*=broken'
[Tue Mar 10 12:46:06.517 2015] [1213:140735223407360] [debug]
jk_handler::mod_jk.c (2823): Into handler jakarta-servlet worker=broken
r->proxyreq=0
[Tue Mar 10 12:46:06.517 2015] [1213:140735223407360] [debug]
wc_get_worker_for_name::jk_worker.c (119): found a worker broken
[Tue Mar 10 12:46:06.517 2015] [1213:140735223407360] [debug]
wc_maintain::jk_worker.c (348): Maintaining worker myworker
[Tue Mar 10 12:46:06.517 2015] [1213:140735223407360] [debug]
wc_maintain::jk_worker.c (348): Maintaining worker lb
[Tue Mar 10 12:46:06.517 2015] [1213:140735223407360] [debug]
maintain_workers::jk_lb_worker.c (760): decay with 2^2
[Tue Mar 10 12:46:06.517 2015] [1213:140735223407360] [debug]
wc_maintain::jk_worker.c (348): Maintaining worker test-worker
[Tue Mar 10 12:46:06.517 2015] [1213:140735223407360] [debug]
wc_maintain::jk_worker.c (348): Maintaining worker broken
[Tue Mar 10 12:46:06.517 2015] [1213:140735223407360] [debug]
wc_get_name_for_type::jk_worker.c (303): Found worker type 'ajp13'
[Tue Mar 10 12:46:06.517 2015] [1213:140735223407360] [debug]
init_ws_service::mod_jk.c (1196): Service protocol=HTTP/1.1 method=GET
ssl=false host=(null) addr=::1 name=localhost port=80 auth=(null) user=(null)
laddr=::1 raddr=::1 uaddr=::1 uri=/examples/test.jsp
[Tue Mar 10 12:46:06.517 2015] [1213:140735223407360] [debug]
ajp_get_endpoint::jk_ajp_common.c (3351): (broken) acquired connection pool
slot=0 after 0 retries
[Tue Mar 10 12:46:06.517 2015] [1213:140735223407360] [debug]
ajp_marshal_into_msgb::jk_ajp_common.c (684): (broken) ajp marshaling done
[Tue Mar 10 12:46:06.518 2015] [1213:140735223407360] [debug]
ajp_service::jk_ajp_common.c (2586): processing broken with 2 retries
[Tue Mar 10 12:46:06.518 2015] [1213:140735223407360] [debug]
ajp_send_request::jk_ajp_common.c (1722): (broken) no usable connection found,
will create a new one.
[Tue Mar 10 12:46:06.518 2015] [1213:140735223407360] [debug]
jk_open_socket::jk_connect.c (675): socket TCP_NODELAY set to On
[Tue Mar 10 12:46:06.518 2015] [1213:140735223407360] [debug]
jk_open_socket::jk_connect.c (799): trying to connect socket 23 to ::1:8009
[Tue Mar 10 12:46:06.518 2015] [1213:140735223407360] [debug]
jk_open_socket::jk_connect.c (825): socket 23 [::1c1e:1f49:0:0:53443 ->
::e6f0:1e50:40d2:f2:8009] connected
[Tue Mar 10 12:46:06.518 2015] [1213:140735223407360] [debug]
ajp_connection_tcp_send_message::jk_ajp_common.c (1267): sending to ajp13 pos=4
len=185 max=8192
[Tue Mar 10 12:46:06.518 2015] [1213:140735223407360] [debug]
ajp_connection_tcp_send_message::jk_ajp_common.c (1267): 12 34 00 B5 02
02 00 08 48 54 54 50 2F 31 2E 31  - .4..HTTP/1.1
[Tue Mar 10 12:46:06.518 2015] [1213:140735223407360] [debug]
ajp_connection_tcp_send_message::jk_ajp_common.c (1267): 001000 00 12 2F 65
78 61 6D 70 6C 65 73 2F 74 65 73  - .../examples/tes
[Tue Mar 10 12:46:06.518 2015] [1213:140735223407360] [debug]
ajp_connection_tcp_send_message::jk_ajp_common.c (1267): 002074 2E 6A 73 70
00 00 03 3A 3A 31 00 FF FF 00 09  - t.jsp...::1.
[Tue Mar 10 12:46:06.518 2015] [1213:140735223407360] [debug]
ajp_connection_tcp_send_message::jk_ajp_common.c (1267): 00306C 6F 63 61 6C
68 6F 73 74 00 00 50 00 00 04 A0  - localhost..P
[Tue Mar 10 12:46:06.518 2015] [1213:140735223407360] [debug]
ajp_connection_tcp_send_message::jk_ajp_common.c (1267): 00400E 00 0B 63 75
72 6C 2F 37 2E 33 37 2E 31 00 A0  - ...curl/7.37.1..
[Tue Mar 10 12:46:06.518 2015] [1213:140735223407360] [debug]
ajp_connection_tcp_send_message::jk_ajp_common.c (1267): 00500B 00 09 6C 6F
63 61 6C 68 6F 73 74 00 A0 01 00  - ...localhost
[Tue Mar 10 12:46:06.518 2015] [1213:140735223407360] [debug]
ajp_connection_tcp_send_message::jk_ajp_common.c (1267): 006003 2A 2F 2A 00
A0 08 00 01 30 00 0A 00 0F 41 4A  - .*/*.0AJ
[Tue Mar 10 12:46:06.518 2015] [1213:140735223407360] [debug]
ajp_connection_tcp_send_message::jk_ajp_common.c (1267): 007050 5F 52 45 4D
4F 54 45 5F 50 4F 52 54 00 00 05  - P_REMOTE_PORT...
[Tue Mar 10 12:46:06.518 2015] [1213:140735

Re: Unsecure use of DH-Cipher

[Robert Paasche]

A DH Cipher of length 2048 bits uses a prime of 256 so even a private key
of 8192 bits should match the requirements of java 7.

Example:
TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 (0x9f)   DH 2048 bits (p: 256, g: 1,
Ys: 256)

p = prime


Robert Paasche
Senior Developer


pripares GmbH
Altheimer Eck 2
80331 München


Tel +49 (0)89 45 22 808 - 30
Fax +49 (0)89 45 22 808 - 58
Mail r.paas...@pripares.com
Web www.pripares.com


Handelsregister: Registergericht München HRB 138701
Sitz der Gesellschaft: München
Geschäftsführer: Aßmann Christoph, Ertl Andreas


Diese E-Mail enthält vertrauliche und/oder rechtlich geschützte
Informationen. Wenn Sie nicht der richtige Adressat sind oder diese E-Mail
irrtümlich erhalten haben, informieren Sie bitte sofort den Absender und
löschen Sie diese Mail. Das unerlaubte Kopieren sowie die unbefugte
Weitergabe dieser Mail und der darin enthaltenen Informationen sind nicht
gestattet.


This e-mail may contain confidential and/or privileged information. If you
are not the intended recipient (or have received this e-mail in error)
please notify the sender immediately and delete this e-mail. Any
unauthorized copying, disclosure or distribution of the material in this
e-mail is strictly forbidden.

2015-03-10 17:40 GMT+01:00 Rainer Jung :

> Am 10.03.2015 um 17:36 schrieb Rainer Jung:
>
>  Am 10.03.2015 um 17:16 schrieb Robert Paasche:
>>
>>> Hi guys,
>>>
>>> as requested by chris some explanation to the problem.
>>>
>>> The problem is, that openssl call the method  "SSL_callback_tmp_DH"
>>> with keylen
>>> value of 512 or 1024. This cause that the cipher of the ssl handshake
>>> (key
>>> exchange) for a ssl-connection will never be longer as 1024 bit, even if
>>> the private key is longer (2048 bit and more are very common).
>>>
>>> The needed changes to ensure that the used cipher has at least the length
>>> of the private key are posted as a comment to the ticket
>>> https://bz.apache.org/bugzilla/show_bug.cgi?id=56108
>>>
>>> Explained code changes:
>>>
>>> Get the Privatekey:
>>>pkey = SSL_get_privatekey(ssl);
>>>type = pkey ? EVP_PKEY_type(pkey->type) : EVP_PKEY_NONE;
>>>
>>> if the encryption algorithem is either RSA or DSA we override the given
>>> keylen parameter to match the length of the private key:
>>>keylen = EVP_PKEY_bits(pkey);
>>>
>>> This changes ensure Perfect Forward Secrecy (PFS) for DH key exchange
>>> usage.
>>>
>>> The changes is based of the lines 1339 - 1357 from the following file of
>>> mod_ssl:
>>> http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/
>>> modules/ssl/ssl_engine_kernel.c?view=markup
>>>
>>>
>>> For a more detailed description of this problem can be found on:
>>> http://security.stackexchange.com/a/42816
>>>
>>
>> Some more data points: the change in httpd was introduced by
>>
>> http://svn.apache.org/viewvc?view=revision&revision=1542327
>>
>> in November. It is a backport to httpd 2.4 from trunk of the following 5
>> changes:
>>
>> http://svn.apache.org/viewvc?view=revision&revision=1526168
>>
>> http://svn.apache.org/viewvc?view=revision&revision=1527291
>>
>> http://svn.apache.org/viewvc?view=revision&revision=1527294
>>
>> http://svn.apache.org/viewvc?view=revision&revision=1527295
>>
>> http://svn.apache.org/viewvc?view=revision&revision=1527926
>> (not relevant here)
>>
>> The r1527295 change contains the following change which IMHO is the one
>> in question:
>>
>> http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/ssl/
>> ssl_engine_kernel.c?r1=1527295&r2=1527294&pathrev=1527295
>>
>>
>> Most of the other listed changes might be interesting as well.
>>
>
> According to
>
> http://httpd.apache.org/docs/trunk/ssl/ssl_faq.html#javadh
>
> there could be interop problems with Java 7 clients and DH params with
> primes longer than 1024 bits.
>
>
> Rainer
>
>
> -
> To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: dev-h...@tomcat.apache.org
>
>

Re: Time for 7.0.60

[Violeta Georgieva]

Hi,

2015-03-10 17:28 GMT+02:00 Christopher Schultz :
>
> Violetta,
>
> On 3/10/15 10:44 AM, Christopher Schultz wrote:
> > On 3/8/15 12:58 PM, Mark Thomas wrote:
> >> On 07/03/2015 19:16, Christopher Schultz wrote:
> >>> Violetta,
> >>>
> >>> On 3/5/15 2:39 PM, Violeta Georgieva wrote:
>  I plan to start preparing 7.0.60 for voting.
> 
>  If you want to add something to this release please reply here.
> >>>
> >>> Mark's got the input half the problem with AjpNioProcessor fixed, I
> >>> suspect he'll have the output half fixed very soon.
> >>
> >> Thanks for the vote of confidence. I suspect - like the input - putting
> >> together the test case is going to take most of the time. I'm looking
at
> >> this now. Should have something by the end of today.
> >
> > Looks good to me in Tomcat 7.0.x trunk.
>
> Whoops, I spoke too soon. Something is still wrong with the
AjpNioProcessor.
>
> Honestly, if you're itching to do a release, this can probably wait.
> It's evidently been broken for a long time and nobody noticed except for
> me. So if you want to go without a fix for
> https://bz.apache.org/bugzilla/show_bug.cgi?id=57674 I'm okay with it.
>
> When it's all done, I'm going to encourage another release, though ;)

I'll wait.

Regards,
Violetta

> Thanks,
> -chris
>

[Bug 57681] Allow parallel class loading in web application class loader by synchronizing on class specific object

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=57681

--- Comment #7 from Mark Thomas  ---
This patch is also wrong.

THe correct way to address this is described in bug 56530.

-- 
You are receiving this mail because:
You are the assignee for the bug.

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 56530] WebappClassLoader.loadClass synchronization issue due to coarse lock at WebappClassLoader instance level instead of been by class name

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=56530

--- Comment #22 from Mark Thomas  ---
(In reply to Alex Koturanov from comment #21)
> Is there a use case were WebappClassLoader must not be parallel?

Parallel class loading has proved to be unreliable in the past. Until the
stability of parallel loading is demonstrated by experience, serial loading
needs to remain the default.

> Is it an option to re-implement jdk1.7 method
> java.lang.ClassLoader#getClassLoadingLock(String) directly in
> WebappClassLoader for Tomcat7.0?

No.

> I attached a patch that solves my Tomcat7.0 problem with waiting on lock for
> 3-10 sec in https://bz.apache.org/bugzilla/show_bug.cgi?id=57681

As I commented on that patch, that won't work.

-- 
You are receiving this mail because:
You are the assignee for the bug.

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 56530] WebappClassLoader.loadClass synchronization issue due to coarse lock at WebappClassLoader instance level instead of been by class name

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=56530

--- Comment #23 from Mark Thomas  ---
(In reply to Christopher Schultz from comment #20)
> (In reply to Konstantin Kolinko from comment #19)

> > This needs
> > 1. Refactoring, involving extraction of common parent class.
> > 
> > 2. Implementation of alternative class loader class that is 
> > parallel-capable.
> > 
> > The default implementation (WebappClassLoader) must stay with being non
> > parallel capable. The common parent class must be registered as
> > parallel-capable.
> > 
> > If ClassLoader.registerAsParallelCapable() is called via reflection, I
> > wonder whether the registerAsParallelCapable() method can correctly
> > determine the calling class. We are not calling the method directly, but via
> > reflection APIs. It needs a proof of concept.
> 
> If registerAsParallelCapable can't be called via reflection, then it means
> that both Java 6 and Java 7 are required to build Tomcat 7.

If we are going to have to play reflection tricks then we might was well go all
the way, change the access permissions and call ParallelLoaders.register()
directly.

> We already require Java 7 for building the (optional) WebSocket components.
> Could this simply be added to that list?

I'd really rather not. WebSocket is optional. The web application class loader
is a little more fundamental.

> > 3. Testing, testing, testing...
> 
> Since the "regular" WebappClassLoader is still available (and the default
> CL), I think it's okay to mark it as an experimental feature and allow users
> to try it out.

No objections to that. With the usual caveats about minimal impact on the
existing implementation of course.

-- 
You are receiving this mail because:
You are the assignee for the bug.

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: Unsecure use of DH-Cipher

[Christopher Schultz]

Robert,

On 3/10/15 12:16 PM, Robert Paasche wrote:
> Explained code changes:
> 
> Get the Privatekey:
>   pkey = SSL_get_privatekey(ssl);
>   type = pkey ? EVP_PKEY_type(pkey->type) : EVP_PKEY_NONE;
> 
> if the encryption algorithem is either RSA or DSA we override the given
> keylen parameter to match the length of the private key:
>   keylen = EVP_PKEY_bits(pkey);


I think we might also want to change the "switch" at the bottom of the
function to instead check ranges of bits rather than exact sizes.

Due to a typo in generating a certificate at some point, we had a server
certificate with a 4906-bit key. Yes, that's four-nine-oh-six bits
instead of 4096-bit.

(Note that there were some SSL stacks that couldn't handshake with us
because of inflexible acceptable key lengths.)

Given the switch statement that's in sslcontext.c, we'd end up with a
1024-bit DH key instead of the more appropriate and available 4096-bit key.

-chris



signature.asc
Description: OpenPGP digital signature

Re: Unsecure use of DH-Cipher

[Robert Paasche]

sorry some mails dose not reach the list, i will add the information inline:
2015-03-10 18:23 GMT+01:00 Christopher Schultz :

> Robert,
>
> On 3/10/15 12:16 PM, Robert Paasche wrote:
> > The problem is, that openssl call the method  "SSL_callback_tmp_DH" with
> > keylen value of 512 or 1024. This cause that the cipher of the ssl
> > handshake (key exchange) for a ssl-connection will never be longer as
> > 1024 bit, even if the private key is longer (2048 bit and more are very
> > common).
> >
> > The needed changes to ensure that the used cipher has at least the
> > length of the private key are posted as a comment to the
> > ticket https://bz.apache.org/bugzilla/show_bug.cgi?id=56108
> >
> > Explained code changes:
> >
> > Get the Privatekey:
> >   pkey = SSL_get_privatekey(ssl);
> >   type = pkey ? EVP_PKEY_type(pkey->type) : EVP_PKEY_NONE;
> >
> > if the encryption algorithem is either RSA or DSA we override the given
> > keylen parameter to match the length of the private key:
> >   keylen = EVP_PKEY_bits(pkey);
>
> So if using a 4096-bit RSA key, a 4096-bit ephemeral DH key will be
> generated on the fly for the handshake? That seems excessive.
>
> It might make more sense to allow the client (Tomcat, in this case, and
> therefore the administrator who is configuring the server) to specify
> the size of the DH key size.
>

This an option too. Httpd offers alternative way to do this.


>
> > This changes ensure Perfect Forward Secrecy (PFS) for DH key exchange
> usage.
>
> Isn't DH key-exchange always PFS? The only question is of how many bits
> the ephemeral key will be.
>
>
Yes its always PFS but the question is how effective.
DH with keys of 512 and 1024 bit length are declared as insecure at least
since PRISM in 2013.
This the reasons apache httpd added the changes to mod_ssl mentioned by
rainer.

The session key will be somewhere in the 128-256 bit range, and if
> 1024-bit DH is roughly equivalent to an 80-bit symmetric key, then
> obviously that should change. But, if you have a large asymmetric key
> (e.g. 4906-bit), should the handshake really use that "much"?


> > The changes is based of the lines 1339 - 1357 from the following file of
> > mod_ssl:
> >
> http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/modules/ssl/ssl_engine_kernel.c?view=markup
>
> So the short answer is that httpd did this about 18 months ago:
>
>
> http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/modules/ssl/ssl_engine_kernel.c?r1=1510527&r2=1542327&diff_format=h
>
> Those changes were far more extensive, including the complete removal of
> ephemeral RSA, which was only available for export-quality (=garbage)
> ciphers.
>
> Perhaps we should adopt the same stance.
>
> -chris
>
>
DH with keys of 512 and 1024 bit length are declared as insecure at least
since PRISM in 2013.
This the reasons apache httpd added the changes to mod_ssl mentioned by
rainer.
For example its reduce your scoring from ssllabs.

http://blog.erratasec.com/2013/09/tor-is-still-dhe-1024-nsa-crackable.html#.VP8lU1WG-X4
https://blog.cloudflare.com/cloudflare-prism-secure-ciphers/

Best,
Robert

[Bug 56530] WebappClassLoader.loadClass synchronization issue due to coarse lock at WebappClassLoader instance level instead of been by class name

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=56530

--- Comment #24 from Alex Koturanov  ---
(In reply to Mark Thomas from comment #22)
> (In reply to Alex Koturanov from comment #21)
> > I attached a patch that solves my Tomcat7.0 problem with waiting on lock for
> > 3-10 sec in https://bz.apache.org/bugzilla/show_bug.cgi?id=57681
> 
> As I commented on that patch, that won't work.
A bit more details would be very helpful.

-- 
You are receiving this mail because:
You are the assignee for the bug.

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: Time for 7.0.60

[Felix Schumacher]

Am 05.03.2015 um 20:39 schrieb Violeta Georgieva:

Hi,

I plan to start preparing 7.0.60 for voting.

If you want to add something to this release please reply here.
I am not sure about adding one thing. In the new starttls jndi-realm 
extension I have made one decision about, which I am more and more 
unsure about.


When setting the hostname verifier or the ssl socket factory fails, the 
realm will emit a warning and continue using the default setting.


Should the realm throw an error instead?

Regards
 Felix


Regards,
Violeta




-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: Time for 7.0.60

[Christopher Schultz]

Felix,

On 3/10/15 1:46 PM, Felix Schumacher wrote:
> Am 05.03.2015 um 20:39 schrieb Violeta Georgieva:
>> Hi,
>>
>> I plan to start preparing 7.0.60 for voting.
>>
>> If you want to add something to this release please reply here.
> I am not sure about adding one thing. In the new starttls jndi-realm
> extension I have made one decision about, which I am more and more
> unsure about.
> 
> When setting the hostname verifier or the ssl socket factory fails, the
> realm will emit a warning and continue using the default setting.
> 
> Should the realm throw an error instead?

I think whenever security as at stake, failure to enforce the
more-secure rules should be fatal.

In this case, does the hostname verifier represent an increase or
decrease in security? I've seen hostname verifiers replaced with ones
that allow anything (just return true) and failing to set that could be
considered a warning and not a failure.

But if the user is instead setting something more stringent, failure
should cause the Realm to fail to start up IMO.

It might be hard to tell the user's intentions, so perhaps always
failing catastrophically would be a better policy.

-chris



signature.asc
Description: OpenPGP digital signature

svn commit: r1665653 - /tomcat/trunk/java/org/apache/tomcat/util/net/AprEndpoint.java

[markt]

Author: markt
Date: Tue Mar 10 19:19:32 2015
New Revision: 1665653

URL: http://svn.apache.org/r1665653
Log:
While looking at BZ 57653 I found (and can reproduce with a debugger) an issue 
where sockets could end up being closed twice if they were in the poller, the 
connector is stopped and then closeSocket() was called.

Modified:
tomcat/trunk/java/org/apache/tomcat/util/net/AprEndpoint.java

Modified: tomcat/trunk/java/org/apache/tomcat/util/net/AprEndpoint.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/net/AprEndpoint.java?rev=1665653&r1=1665652&r2=1665653&view=diff
==
--- tomcat/trunk/java/org/apache/tomcat/util/net/AprEndpoint.java (original)
+++ tomcat/trunk/java/org/apache/tomcat/util/net/AprEndpoint.java Tue Mar 10 
19:19:32 2015
@@ -947,9 +947,7 @@ public class AprEndpoint extends Abstrac
 // countDownConnection() in that case
 Poller poller = this.poller;
 if (poller != null) {
-if (!poller.close(socket)) {
-destroySocket(socket);
-}
+poller.close(socket);
 }
 }
 
@@ -1420,9 +1418,24 @@ public class AprEndpoint extends Abstrac
 } catch (InterruptedException e) {
 // Ignore
 }
+// Close all sockets in the close queue
+SocketInfo info = closeList.get();
+while (info != null) {
+// Make sure we aren't trying add the socket as well as close 
it
+addList.remove(info.socket);
+// Make sure the  socket isn't in the poller before we close it
+removeFromPoller(info.socket);
+// Poller isn't running at this point so use destroySocket()
+// directly
+destroySocket(info.socket);
+info = closeList.get();
+}
+closeList.clear();
 // Close all sockets in the add queue
-SocketInfo info = addList.get();
+info = addList.get();
 while (info != null) {
+// Make sure the  socket isn't in the poller before we close it
+removeFromPoller(info.socket);
 // Poller isn't running at this point so use destroySocket()
 // directly
 destroySocket(info.socket);
@@ -1516,17 +1529,10 @@ public class AprEndpoint extends Abstrac
 }
 
 
-protected boolean close(long socket) {
-if (!pollerRunning) {
-return false;
-}
+protected void close(long socket) {
 synchronized (this) {
-if (!pollerRunning) {
-return false;
-}
 closeList.add(socket, 0, 0);
 this.notify();
-return true;
 }
 }
 



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 57674] BufferOverflowException in AjpNioProcessor when writing content larger than the underlying buffer

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=57674

--- Comment #14 from Mark Thomas  ---
Sounds like I need to look at this some more. I'll take a look later.

-- 
You are receiving this mail because:
You are the assignee for the bug.

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

svn commit: r1665661 - /tomcat/trunk/webapps/docs/config/jar-scan-filter.xml

[violetagg]

Author: violetagg
Date: Tue Mar 10 19:36:22 2015
New Revision: 1665661

URL: http://svn.apache.org/r1665661
Log:
Fixed 'pluggabilityScan' description. Issue reported via comments at apache org.

Modified:
tomcat/trunk/webapps/docs/config/jar-scan-filter.xml

Modified: tomcat/trunk/webapps/docs/config/jar-scan-filter.xml
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/config/jar-scan-filter.xml?rev=1665661&r1=1665660&r2=1665661&view=diff
==
--- tomcat/trunk/webapps/docs/config/jar-scan-filter.xml (original)
+++ tomcat/trunk/webapps/docs/config/jar-scan-filter.xml Tue Mar 10 19:36:22 
2015
@@ -121,7 +121,7 @@
 
   
The comma separated list of JAR file name patterns
-   to skip when scanning for pluggable features introduced by Servlet 3.0
+   to scan when scanning for pluggable features introduced by Servlet 3.0
specification. If not specified, the default is obtained from the
tomcat.util.scan.StandardJarScanFilter.jarsToScan system
property.



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

svn commit: r1665664 - in /tomcat/tc8.0.x/trunk: ./ webapps/docs/config/jar-scan-filter.xml

[violetagg]

Author: violetagg
Date: Tue Mar 10 19:45:03 2015
New Revision: 1665664

URL: http://svn.apache.org/r1665664
Log:
Merged revision 1665661 from tomcat/trunk:
Fixed 'pluggabilityScan' description. Issue reported via comments at apache org.

Modified:
tomcat/tc8.0.x/trunk/   (props changed)
tomcat/tc8.0.x/trunk/webapps/docs/config/jar-scan-filter.xml

Propchange: tomcat/tc8.0.x/trunk/
--
--- svn:mergeinfo (original)
+++ svn:mergeinfo Tue Mar 10 19:45:03 2015
@@ -1 +1 @@
-/tomcat/trunk:1636524,1637156,1637176,1637188,1637331,1637684,1637695,1638720-1638725,1639653,1640010,1640083-1640084,1640088,1640275,1640322,1640347,1640361,1640365,1640403,1640410,1640652,1640655-1640658,1640688,1640700-1640883,1640903,1640976,1640978,1641000,1641026,1641038-1641039,1641051-1641052,1641058,1641064,1641300,1641369,1641374,1641380,1641486,1641634,1641656-1641692,1641704,1641707-1641718,1641720-1641722,1641735,1641981,1642233,1642280,1642554,1642564,1642595,1642606,1642668,1642679,1642697,1642699,1642766,1643002,1643045,1643054-1643055,1643066,1643121,1643128,1643206,1643209-1643210,1643216,1643249,1643270,1643283,1643309-1643310,1643323,1643365-1643366,1643370-1643371,1643465,1643474,1643536,1643570,1643634,1643649,1643651,1643654,1643675,1643731,1643733-1643734,1643761,1643766,1643814,1643937,1643963,1644017,1644169,1644201-1644203,1644321,1644323,1644516,1644523,1644529,1644535,1644730,1644768,1644784-1644785,1644790,1644793,1644815,1644884,1644886,1644890,1644892
 
,1644910,1644924,1644929-1644930,1644935,1644989,1645011,1645247,1645355,1645357-1645358,1645455,1645465,1645469,1645471,1645473,1645475,1645486-1645488,1645626,1645641,1645685,1645743,1645763,1645951-1645953,1645955,1645993,1646098-1646106,1646178,1646220,1646302,1646304,1646420,1646470-1646471,1646476,1646559,1646717-1646723,1646773,1647026,1647042,1647530,1647655,1648304,1648815,1648907,1650081,1650365,1651116,1651120,1651280,1651470,1652938,1652970,1653041,1653471,1653550,1653574,1653797,1653815-1653816,1653819,1653840,1653857,1653888,1653972,1654013,1654030,1654050,1654123,1654148,1654159,1654513,1654515,1654517,1654522,1654524,1654725,1654735,1654766,1654785,1654851-1654852,1654978,1655122-1655124,1655126-1655127,1655129-1655130,1655132-1655133,1655312,1655438,1655441,1655454,168,1656087,1656299,1656319,1656331,1656345,1656350,1656590,1656648-1656650,1656657,1657041,1657054,1657374,1657492,1657510,1657565,1657580,1657584,1657586,1657589,1657592,1657607,1657609,1657682,1657
 
907,1658207,1658734,1658781,1658790,1658799,1658802,1658804,1658833,1658840,1658966,1659043,1659053,1659059,1659188-1659189,1659216,1659263,1659293,1659304,1659306-1659307,1659382,1659384,1659428,1659471,1659486,1659505,1659516,1659521,1659524,1659559,1659562,1659803,1659806,1659814,1659833,1659862,1659905,1659919,1659948,1659967,1659983-1659984,1660060,1660074,1660077,1660133,1660168,1660331-1660332,1660353,1660358,1660924,1661386,1661867,1661972,1661990,1662200,1662308-1662309,1662548,1662614,1662736,1662985,1662988-1662989,1663264,1663277,1663298,1663324,1663534,1663562,1663676,1663715,1663754,1663768,1663772,1663781,1663893,1663995,1664143,1664163,1664174,1664301,1664317,1664347,1664657,1664659,1664710,1664863-1664864,1664866,1665085,1665292
+/tomcat/trunk:1636524,1637156,1637176,1637188,1637331,1637684,1637695,1638720-1638725,1639653,1640010,1640083-1640084,1640088,1640275,1640322,1640347,1640361,1640365,1640403,1640410,1640652,1640655-1640658,1640688,1640700-1640883,1640903,1640976,1640978,1641000,1641026,1641038-1641039,1641051-1641052,1641058,1641064,1641300,1641369,1641374,1641380,1641486,1641634,1641656-1641692,1641704,1641707-1641718,1641720-1641722,1641735,1641981,1642233,1642280,1642554,1642564,1642595,1642606,1642668,1642679,1642697,1642699,1642766,1643002,1643045,1643054-1643055,1643066,1643121,1643128,1643206,1643209-1643210,1643216,1643249,1643270,1643283,1643309-1643310,1643323,1643365-1643366,1643370-1643371,1643465,1643474,1643536,1643570,1643634,1643649,1643651,1643654,1643675,1643731,1643733-1643734,1643761,1643766,1643814,1643937,1643963,1644017,1644169,1644201-1644203,1644321,1644323,1644516,1644523,1644529,1644535,1644730,1644768,1644784-1644785,1644790,1644793,1644815,1644884,1644886,1644890,1644892
 
,1644910,1644924,1644929-1644930,1644935,1644989,1645011,1645247,1645355,1645357-1645358,1645455,1645465,1645469,1645471,1645473,1645475,1645486-1645488,1645626,1645641,1645685,1645743,1645763,1645951-1645953,1645955,1645993,1646098-1646106,1646178,1646220,1646302,1646304,1646420,1646470-1646471,1646476,1646559,1646717-1646723,1646773,1647026,1647042,1647530,1647655,1648304,1648815,1648907,1650081,1650365,1651116,1651120,1651280,1651470,1652938,1652970,1653041,1653471,1653550,1653574,1653797,1653815-1653816,1653819,1653840,1653857,1653888,1653972,1654013,1654030,1654050,1654123,1654148,1654159,1654513,1654515,1654517,1654522,1654524,1654725,1654735,1654766,1654785,1654851-16548

svn commit: r1665672 - /tomcat/trunk/java/org/apache/tomcat/util/net/AprEndpoint.java

[markt]

Author: markt
Date: Tue Mar 10 20:10:45 2015
New Revision: 1665672

URL: http://svn.apache.org/r1665672
Log:
While looking at BZ 57653 I noticed a couple of places where modification to 
the addList and closeList was not protected by a sync. This could have led to 
corruption of these lists.

Modified:
tomcat/trunk/java/org/apache/tomcat/util/net/AprEndpoint.java

Modified: tomcat/trunk/java/org/apache/tomcat/util/net/AprEndpoint.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/net/AprEndpoint.java?rev=1665672&r1=1665671&r2=1665672&view=diff
==
--- tomcat/trunk/java/org/apache/tomcat/util/net/AprEndpoint.java (original)
+++ tomcat/trunk/java/org/apache/tomcat/util/net/AprEndpoint.java Tue Mar 10 
20:10:45 2015
@@ -1299,13 +1299,13 @@ public class AprEndpoint extends Abstrac
 /**
  * List of sockets to be added to the poller.
  */
-private SocketList addList = null;
+private SocketList addList = null;  // Modifications guarded by this
 
 
 /**
  * List of sockets to be closed.
  */
-private SocketList closeList = null;
+private SocketList closeList = null; // Modifications guarded by this
 
 
 /**
@@ -1340,7 +1340,7 @@ public class AprEndpoint extends Abstrac
  * Create the poller. With some versions of APR, the maximum poller 
size
  * will be 62 (recompiling APR is necessary to remove this limitation).
  */
-protected void init() {
+protected synchronized void init() {
 
 pool = Pool.create(serverSockPool);
 
@@ -1406,15 +1406,13 @@ public class AprEndpoint extends Abstrac
 /**
  * Destroy the poller.
  */
-protected void destroy() {
+protected synchronized void destroy() {
 // Wait for pollerTime before doing anything, so that the poller
 // threads exit, otherwise parallel destruction of sockets which 
are
 // still in the poller can cause problems
 try {
-synchronized (this) {
-this.notify();
-this.wait(pollTime / 1000);
-}
+this.notify();
+this.wait(pollTime / 1000);
 } catch (InterruptedException e) {
 // Ignore
 }
@@ -1568,7 +1566,7 @@ public class AprEndpoint extends Abstrac
 /**
  * Timeout checks. Must only be called from {@link Poller#run()}.
  */
-private void maintain() {
+private synchronized void maintain() {
 
 long date = System.currentTimeMillis();
 // Maintain runs at most once every 1s, although it will likely get
@@ -1633,7 +1631,7 @@ public class AprEndpoint extends Abstrac
 // Ignore
 }
 }
-// Check timeouts if the poller is empty
+// Check timeouts if the poller is empty.
 while (pollerRunning && connectionCount.get() < 1 &&
 addList.size() < 1 && closeList.size() < 1) {
 // Reset maintain time.



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

svn commit: r1665682 - /tomcat/tc7.0.x/trunk/java/org/apache/coyote/ajp/AjpNioProcessor.java

[markt]

Author: markt
Date: Tue Mar 10 20:44:56 2015
New Revision: 1665682

URL: http://svn.apache.org/r1665682
Log:
Follow-up to r1665297
Correct output loop. Forgot to increment offset for subsequent writes.

Modified:
tomcat/tc7.0.x/trunk/java/org/apache/coyote/ajp/AjpNioProcessor.java

Modified: tomcat/tc7.0.x/trunk/java/org/apache/coyote/ajp/AjpNioProcessor.java
URL: 
http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/coyote/ajp/AjpNioProcessor.java?rev=1665682&r1=1665681&r2=1665682&view=diff
==
--- tomcat/tc7.0.x/trunk/java/org/apache/coyote/ajp/AjpNioProcessor.java 
(original)
+++ tomcat/tc7.0.x/trunk/java/org/apache/coyote/ajp/AjpNioProcessor.java Tue 
Mar 10 20:44:56 2015
@@ -302,11 +302,11 @@ public class AjpNioProcessor extends Abs
 ByteBuffer writeBuffer =
 socketWrapper.getSocket().getBufHandler().getWriteBuffer();
 
-int left = length;
+int thisTime = 0;
 int written = 0;
-while (left > 0) {
-int toWrite = Math.min(left, writeBuffer.remaining());
-writeBuffer.put(src, offset, toWrite);
+while (written < length) {
+int toWrite = Math.min(length - written, writeBuffer.remaining());
+writeBuffer.put(src, offset + written, toWrite);
 
 writeBuffer.flip();
 
@@ -318,13 +318,13 @@ public class AjpNioProcessor extends Abs
 //ignore
 }
 try {
-written = pool.write(writeBuffer, socketWrapper.getSocket(),
+thisTime = pool.write(writeBuffer, socketWrapper.getSocket(),
 selector, writeTimeout, true);
 } finally { 
 writeBuffer.clear();
 if ( selector != null ) pool.put(selector);
 }
-left -= written;
+written += thisTime;
 }
 }
 



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 57674] BufferOverflowException in AjpNioProcessor when writing content larger than the underlying buffer

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=57674

--- Comment #15 from Mark Thomas  ---
(In reply to Mark Thomas from comment #14)
> Sounds like I need to look at this some more. I'll take a look later.

Try now.

-- 
You are receiving this mail because:
You are the assignee for the bug.

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

svn commit: r1665694 - /tomcat/trunk/java/org/apache/tomcat/util/net/AprEndpoint.java

[markt]

Author: markt
Date: Tue Mar 10 21:02:00 2015
New Revision: 1665694

URL: http://svn.apache.org/r1665694
Log:
Noticed while reviewing BZ 57653.
When destroy() waits for the poller to exit, it needs to account for when there 
are multiple pollers.

Modified:
tomcat/trunk/java/org/apache/tomcat/util/net/AprEndpoint.java

Modified: tomcat/trunk/java/org/apache/tomcat/util/net/AprEndpoint.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/net/AprEndpoint.java?rev=1665694&r1=1665693&r2=1665694&view=diff
==
--- tomcat/trunk/java/org/apache/tomcat/util/net/AprEndpoint.java (original)
+++ tomcat/trunk/java/org/apache/tomcat/util/net/AprEndpoint.java Tue Mar 10 
21:02:00 2015
@@ -1412,7 +1412,7 @@ public class AprEndpoint extends Abstrac
 // still in the poller can cause problems
 try {
 this.notify();
-this.wait(pollTime / 1000);
+this.wait(pollerCount * pollTime / 1000);
 } catch (InterruptedException e) {
 // Ignore
 }



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

svn commit: r1665697 - /tomcat/trunk/java/org/apache/tomcat/util/net/AprEndpoint.java

[markt]

Author: markt
Date: Tue Mar 10 21:08:18 2015
New Revision: 1665697

URL: http://svn.apache.org/r1665697
Log:
Let destroy() handle the socket close if the poller has stopped in case the 
socket is already in the poller for a different event.

Modified:
tomcat/trunk/java/org/apache/tomcat/util/net/AprEndpoint.java

Modified: tomcat/trunk/java/org/apache/tomcat/util/net/AprEndpoint.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/net/AprEndpoint.java?rev=1665697&r1=1665696&r2=1665697&view=diff
==
--- tomcat/trunk/java/org/apache/tomcat/util/net/AprEndpoint.java (original)
+++ tomcat/trunk/java/org/apache/tomcat/util/net/AprEndpoint.java Tue Mar 10 
21:08:18 2015
@@ -1489,21 +1489,13 @@ public class AprEndpoint extends Abstrac
 // Always put a timeout in
 timeout = Integer.MAX_VALUE;
 }
-boolean ok = false;
 synchronized (this) {
 // Add socket to the list. Newly added sockets will wait
-// at most for pollTime before being polled. Don't add the
-// socket once the poller has stopped but destroy it straight
-// away
-if (pollerRunning && addList.add(socket, timeout, flags)) {
-ok = true;
+// at most for pollTime before being polled.
+if (addList.add(socket, timeout, flags)) {
 this.notify();
 }
 }
-if (!ok) {
-// Can't do anything: close the socket right away
-closeSocket(socket);
-}
 }
 
 



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

svn commit: r1665736 - in /tomcat/trunk/java/org/apache/tomcat/util/net: AprEndpoint.java Nio2Endpoint.java NioEndpoint.java SocketWrapperBase.java

[markt]

Author: markt
Date: Tue Mar 10 22:35:19 2015
New Revision: 1665736

URL: http://svn.apache.org/r1665736
Log:
Stop re-using the SocketWrapper
With the introduction of upgrade and non-blocking, I/O can occur on 
non-container threads. This makes it near impossible to track whether a 
SocketWrapper (== connection) is still referenced or not, making re-use a risky 
proposition.

Modified:
tomcat/trunk/java/org/apache/tomcat/util/net/AprEndpoint.java
tomcat/trunk/java/org/apache/tomcat/util/net/Nio2Endpoint.java
tomcat/trunk/java/org/apache/tomcat/util/net/NioEndpoint.java
tomcat/trunk/java/org/apache/tomcat/util/net/SocketWrapperBase.java

Modified: tomcat/trunk/java/org/apache/tomcat/util/net/AprEndpoint.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/net/AprEndpoint.java?rev=1665736&r1=1665735&r2=1665736&view=diff
==
--- tomcat/trunk/java/org/apache/tomcat/util/net/AprEndpoint.java (original)
+++ tomcat/trunk/java/org/apache/tomcat/util/net/AprEndpoint.java Tue Mar 10 
22:35:19 2015
@@ -2332,7 +2332,6 @@ public class AprEndpoint extends Abstrac
 if (state == Handler.SocketState.CLOSED) {
 // Close socket and pool
 closeSocket(socket.getSocket().longValue());
-socket.reset(null, 1);
 } else if (state == Handler.SocketState.LONG) {
 if (socket.isAsync()) {
 waitingRequests.add(socket);
@@ -2375,12 +2374,6 @@ public class AprEndpoint extends Abstrac
 }
 
 
-@Override
-protected void resetSocketBufferHandler(Long socket) {
-socketBufferHandler.reset();
-}
-
-
 @Override
 public int read(boolean block, byte[] b, int off, int len)
 throws IOException {

Modified: tomcat/trunk/java/org/apache/tomcat/util/net/Nio2Endpoint.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/net/Nio2Endpoint.java?rev=1665736&r1=1665735&r2=1665736&view=diff
==
--- tomcat/trunk/java/org/apache/tomcat/util/net/Nio2Endpoint.java (original)
+++ tomcat/trunk/java/org/apache/tomcat/util/net/Nio2Endpoint.java Tue Mar 10 
22:35:19 2015
@@ -118,11 +118,6 @@ public class Nio2Endpoint extends Abstra
 private SynchronizedStack processorCache;
 
 /**
- * Cache for socket wrapper objects
- */
-private SynchronizedStack socketWrapperCache;
-
-/**
  * Bytebuffer cache, each channel holds a set of buffers (two, except for 
SSL holds four)
  */
 private SynchronizedStack nioChannels;
@@ -234,7 +229,6 @@ public class Nio2Endpoint extends Abstra
 
 protected void releaseCaches() {
 if (useCaches) {
-this.socketWrapperCache.clear();
 this.nioChannels.clear();
 this.processorCache.clear();
 }
@@ -337,8 +331,6 @@ public class Nio2Endpoint extends Abstra
 if (useCaches) {
 processorCache = new 
SynchronizedStack<>(SynchronizedStack.DEFAULT_SIZE,
 socketProperties.getProcessorCache());
-socketWrapperCache = new 
SynchronizedStack<>(SynchronizedStack.DEFAULT_SIZE,
-socketProperties.getSocketWrapperCache());
 nioChannels = new 
SynchronizedStack<>(SynchronizedStack.DEFAULT_SIZE,
 socketProperties.getBufferPool());
 }
@@ -395,7 +387,6 @@ public class Nio2Endpoint extends Abstra
 }
 });
 if (useCaches) {
-socketWrapperCache.clear();
 nioChannels.clear();
 processorCache.clear();
 }
@@ -506,12 +497,10 @@ public class Nio2Endpoint extends Abstra
 ((SecureNio2Channel) channel).setSSLEngine(engine);
 }
 }
-Nio2SocketWrapper socketWrapper = (useCaches) ? 
socketWrapperCache.pop() : null;
-if (socketWrapper == null) {
-socketWrapper = new Nio2SocketWrapper(channel, this);
-}
+Nio2SocketWrapper socketWrapper = new Nio2SocketWrapper(channel, 
this);
 channel.reset(socket, socketWrapper);
-socketWrapper.reset(channel, getSocketProperties().getSoTimeout());
+socketWrapper.setReadTimeout(getSocketProperties().getSoTimeout());
+
socketWrapper.setWriteTimeout(getSocketProperties().getSoTimeout());
 
socketWrapper.setKeepAliveLeft(Nio2Endpoint.this.getMaxKeepAliveRequests());
 socketWrapper.setSecure(isSSLEnabled());
 socketWrapper.setReadTimeout(getSoTimeout());
@@ -621,7 +610,6 @@ public class Nio2Endpoint extends Abstra
 }
 } catch (Exception ignore) {
 }
-nio2Socket.r

[Bug 57674] BufferOverflowException in AjpNioProcessor when writing content larger than the underlying buffer

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=57674

--- Comment #16 from Rainer Jung  ---
Now it does fill the 8196 bytes completely and the packets fit neatly one after
the other. So the result unmarshalled by mod_jk is fine.

Let's see what Chris gets, but looks good to me. Thanks.

Rainer

-- 
You are receiving this mail because:
You are the assignee for the bug.

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: [maven-tomcat-plugin] Tomcat 8 Support?

[Olivier Lamy]

Hi,
I started a branch tc8.x to support that:
https://github.com/apache/tomcat-maven-plugin/tree/tc8.x
It's currently working except for jsp.
Due $DAYJOB and lack of time, I couldn't figure out what is the problem.
So I didn't investigate so much :-(.
We had discussion on the mailing list
http://markmail.org/message/fqtl62xpqsigibkc
But nothing happened :-(

Any help will be appreciated.
Olivier


On 6 March 2015 at 19:40, Franken, Arne  wrote:

> Hi,
>
> Is there a plan to release a version of the maven-tomcat-plugin with
> Tomcat 8 support?
>
> Couldn't find announcements / discussions in the mailing lists or the Jira
> project.
>
> Cheers,
> Arne
>



-- 
Olivier Lamy
http://twitter.com/olamy | http://linkedin.com/in/olamy

[GUMP@vmgump]: Project tomcat-tc8.0.x-test-nio2 (in module tomcat-8.0.x) failed

[Bill Barker]

To whom it may engage...

This is an automated request, but not an unsolicited one. For 
more information please visit http://gump.apache.org/nagged.html, 
and/or contact the folk at gene...@gump.apache.org.

Project tomcat-tc8.0.x-test-nio2 has an issue affecting its community 
integration.
This issue affects 1 projects,
 and has been outstanding for 6 runs.
The current state of this project is 'Failed', with reason 'Build Failed'.
For reference only, the following projects are affected by this:
- tomcat-tc8.0.x-test-nio2 :  Tomcat 8.x, a web server implementing the 
Java Servlet 3.1,
...


Full details are available at:

http://vmgump.apache.org/gump/public/tomcat-8.0.x/tomcat-tc8.0.x-test-nio2/index.html

That said, some information snippets are provided here.

The following annotations (debug/informational/warning/error messages) were 
provided:
 -DEBUG- Dependency on commons-daemon exists, no need to add for property 
commons-daemon.native.src.tgz.
 -DEBUG- Dependency on commons-daemon exists, no need to add for property 
tomcat-native.tar.gz.
 -INFO- Failed with reason build failed
 -INFO- Project Reports in: 
/srv/gump/public/workspace/tomcat-8.0.x/output/logs-NIO2
 -INFO- Project Reports in: 
/srv/gump/public/workspace/tomcat-8.0.x/output/test-tmp-NIO2/logs



The following work was performed:
http://vmgump.apache.org/gump/public/tomcat-8.0.x/tomcat-tc8.0.x-test-nio2/gump_work/build_tomcat-8.0.x_tomcat-tc8.0.x-test-nio2.html
Work Name: build_tomcat-8.0.x_tomcat-tc8.0.x-test-nio2 (Type: Build)
Work ended in a state of : Failed
Elapsed: 54 mins 29 secs
Command Line: /usr/lib/jvm/java-8-oracle/bin/java -Djava.awt.headless=true 
-Dbuild.sysclasspath=only org.apache.tools.ant.Main 
-Dgump.merge=/srv/gump/public/gump/work/merge.xml 
-Djunit.jar=/srv/gump/public/workspace/junit/target/junit-4.13-SNAPSHOT.jar 
-Dobjenesis.jar=/srv/gump/public/workspace/objenesis/main/target/objenesis-2.2-SNAPSHOT.jar
 -Dtest.reports=output/logs-NIO2 
-Dtomcat-native.tar.gz=/srv/gump/public/workspace/apache-commons/daemon/dist/bin/commons-daemon-20150311-native-src.tar.gz
 -Dexamples.sources.skip=true 
-Djdt.jar=/srv/gump/packages/eclipse/plugins/R-4.4-201406061215/ecj-4.4.jar 
-Dcommons-daemon.jar=/srv/gump/public/workspace/apache-commons/daemon/dist/commons-daemon-20150311.jar
 
-Dcommons-daemon.native.src.tgz=/srv/gump/public/workspace/apache-commons/daemon/dist/bin/commons-daemon-20150311-native-src.tar.gz
 -Dtest.temp=output/test-tmp-NIO2 -Dtest.accesslog=true 
-Dexecute.test.nio=false 
-Dtest.openssl.path=/srv/gump/public/workspace/openssl-1.0.2/dest-20150311/bin
 /openssl -Dexecute.test.apr=false -Dexecute.test.bio=false 
-Dexecute.test.nio2=true 
-Deasymock.jar=/srv/gump/public/workspace/easymock/easymock/target/easymock-3.4-SNAPSHOT.jar
 -Dhamcrest.jar=/srv/gump/packages/hamcrest/hamcrest-core-1.3.jar 
-Dcglib.jar=/srv/gump/packages/cglib/cglib-nodep-2.2.jar test 
[Working Directory: /srv/gump/public/workspace/tomcat-8.0.x]
CLASSPATH: 
/usr/lib/jvm/java-8-oracle/lib/tools.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/webapps/examples/WEB-INF/classes:/srv/gump/public/workspace/tomcat-8.0.x/output/testclasses:/srv/gump/public/workspace/ant/dist/lib/ant.jar:/srv/gump/public/workspace/ant/dist/lib/ant-launcher.jar:/srv/gump/public/workspace/ant/dist/lib/ant-jmf.jar:/srv/gump/public/workspace/ant/dist/lib/ant-junit.jar:/srv/gump/public/workspace/ant/dist/lib/ant-junit4.jar:/srv/gump/public/workspace/ant/dist/lib/ant-swing.jar:/srv/gump/public/workspace/ant/dist/lib/ant-apache-resolver.jar:/srv/gump/public/workspace/ant/dist/lib/ant-apache-xalan2.jar:/srv/gump/public/workspace/xml-commons/java/build/resolver.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/bin/bootstrap.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/bin/tomcat-juli.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/lib/annotations-api.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/lib/servlet-api.ja
 
r:/srv/gump/public/workspace/tomcat-8.0.x/output/build/lib/jsp-api.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/lib/el-api.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/lib/websocket-api.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/lib/catalina.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/lib/catalina-ant.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/lib/catalina-storeconfig.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/lib/tomcat-coyote.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/lib/jasper.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/lib/jasper-el.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/lib/catalina-tribes.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/lib/catalina-ha.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/lib/tomcat-api.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/lib/tomcat-jni.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/bu
 
ild/lib/tomc

Re: svn commit: r1665736 - in /tomcat/trunk/java/org/apache/tomcat/util/net: AprEndpoint.java Nio2Endpoint.java NioEndpoint.java SocketWrapperBase.java

[Keiichi Fujino]

2015-03-11 7:35 GMT+09:00 :

> Author: markt
> Date: Tue Mar 10 22:35:19 2015
> New Revision: 1665736
>
> URL: http://svn.apache.org/r1665736
> Log:
> Stop re-using the SocketWrapper
> With the introduction of upgrade and non-blocking, I/O can occur on
> non-container threads. This makes it near impossible to track whether a
> SocketWrapper (== connection) is still referenced or not, making re-use a
> risky proposition.
>
> Modified:
> tomcat/trunk/java/org/apache/tomcat/util/net/AprEndpoint.java
> tomcat/trunk/java/org/apache/tomcat/util/net/Nio2Endpoint.java
> tomcat/trunk/java/org/apache/tomcat/util/net/NioEndpoint.java
> tomcat/trunk/java/org/apache/tomcat/util/net/SocketWrapperBase.java
>
> Modified: tomcat/trunk/java/org/apache/tomcat/util/net/AprEndpoint.java
> URL:
> http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/net/AprEndpoint.java?rev=1665736&r1=1665735&r2=1665736&view=diff
>
> ==
> --- tomcat/trunk/java/org/apache/tomcat/util/net/AprEndpoint.java
> (original)
> +++ tomcat/trunk/java/org/apache/tomcat/util/net/AprEndpoint.java Tue Mar
> 10 22:35:19 2015
> @@ -2332,7 +2332,6 @@ public class AprEndpoint extends Abstrac
>  if (state == Handler.SocketState.CLOSED) {
>  // Close socket and pool
>  closeSocket(socket.getSocket().longValue());
> -socket.reset(null, 1);
>  } else if (state == Handler.SocketState.LONG) {
>  if (socket.isAsync()) {
>  waitingRequests.add(socket);
> @@ -2375,12 +2374,6 @@ public class AprEndpoint extends Abstrac
>  }
>
>
> -@Override
> -protected void resetSocketBufferHandler(Long socket) {
> -socketBufferHandler.reset();
> -}
> -
> -
>  @Override
>  public int read(boolean block, byte[] b, int off, int len)
>  throws IOException {
>
> Modified: tomcat/trunk/java/org/apache/tomcat/util/net/Nio2Endpoint.java
> URL:
> http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/net/Nio2Endpoint.java?rev=1665736&r1=1665735&r2=1665736&view=diff
>
> ==
> --- tomcat/trunk/java/org/apache/tomcat/util/net/Nio2Endpoint.java
> (original)
> +++ tomcat/trunk/java/org/apache/tomcat/util/net/Nio2Endpoint.java Tue Mar
> 10 22:35:19 2015
> @@ -118,11 +118,6 @@ public class Nio2Endpoint extends Abstra
>  private SynchronizedStack processorCache;
>
>  /**
> - * Cache for socket wrapper objects
> - */
> -private SynchronizedStack socketWrapperCache;
> -
> -/**
>   * Bytebuffer cache, each channel holds a set of buffers (two, except
> for SSL holds four)
>   */
>  private SynchronizedStack nioChannels;
> @@ -234,7 +229,6 @@ public class Nio2Endpoint extends Abstra
>
>  protected void releaseCaches() {
>  if (useCaches) {
> -this.socketWrapperCache.clear();
>  this.nioChannels.clear();
>  this.processorCache.clear();
>  }
> @@ -337,8 +331,6 @@ public class Nio2Endpoint extends Abstra
>  if (useCaches) {
>  processorCache = new
> SynchronizedStack<>(SynchronizedStack.DEFAULT_SIZE,
>  socketProperties.getProcessorCache());
> -socketWrapperCache = new
> SynchronizedStack<>(SynchronizedStack.DEFAULT_SIZE,
> -socketProperties.getSocketWrapperCache());
>  nioChannels = new
> SynchronizedStack<>(SynchronizedStack.DEFAULT_SIZE,
>  socketProperties.getBufferPool());
>  }
> @@ -395,7 +387,6 @@ public class Nio2Endpoint extends Abstra
>  }
>  });
>  if (useCaches) {
> -socketWrapperCache.clear();
>  nioChannels.clear();
>  processorCache.clear();
>  }
> @@ -506,12 +497,10 @@ public class Nio2Endpoint extends Abstra
>  ((SecureNio2Channel) channel).setSSLEngine(engine);
>  }
>  }
> -Nio2SocketWrapper socketWrapper = (useCaches) ?
> socketWrapperCache.pop() : null;
> -if (socketWrapper == null) {
> -socketWrapper = new Nio2SocketWrapper(channel, this);
> -}
> +Nio2SocketWrapper socketWrapper = new
> Nio2SocketWrapper(channel, this);
>  channel.reset(socket, socketWrapper);
> -socketWrapper.reset(channel,
> getSocketProperties().getSoTimeout());
> +
> socketWrapper.setReadTimeout(getSocketProperties().getSoTimeout());
> +
> socketWrapper.setWriteTimeout(getSocketProperties().getSoTimeout());
>
>  socketWrapper.setKeepAliveLeft(Nio2Endpoint.this.getMaxKeepAliveRequests());
>  socketWrapper.setSecure(isSSLEnabled());
>

[GUMP@vmgump]: Project tomcat-tc8.0.x-test-apr (in module tomcat-8.0.x) failed

[Bill Barker]

To whom it may engage...

This is an automated request, but not an unsolicited one. For 
more information please visit http://gump.apache.org/nagged.html, 
and/or contact the folk at gene...@gump.apache.org.

Project tomcat-tc8.0.x-test-apr has an issue affecting its community 
integration.
This issue affects 1 projects,
 and has been outstanding for 2 runs.
The current state of this project is 'Failed', with reason 'Build Failed'.
For reference only, the following projects are affected by this:
- tomcat-tc8.0.x-test-apr :  Tomcat 8.x, a web server implementing the Java 
Servlet 3.1,
...


Full details are available at:

http://vmgump.apache.org/gump/public/tomcat-8.0.x/tomcat-tc8.0.x-test-apr/index.html

That said, some information snippets are provided here.

The following annotations (debug/informational/warning/error messages) were 
provided:
 -DEBUG- Dependency on commons-daemon exists, no need to add for property 
commons-daemon.native.src.tgz.
 -DEBUG- Dependency on commons-daemon exists, no need to add for property 
tomcat-native.tar.gz.
 -INFO- Failed with reason build failed
 -INFO- Project Reports in: 
/srv/gump/public/workspace/tomcat-8.0.x/output/logs-APR
 -INFO- Project Reports in: 
/srv/gump/public/workspace/tomcat-8.0.x/output/test-tmp-APR/logs



The following work was performed:
http://vmgump.apache.org/gump/public/tomcat-8.0.x/tomcat-tc8.0.x-test-apr/gump_work/build_tomcat-8.0.x_tomcat-tc8.0.x-test-apr.html
Work Name: build_tomcat-8.0.x_tomcat-tc8.0.x-test-apr (Type: Build)
Work ended in a state of : Failed
Elapsed: 57 mins 15 secs
Command Line: /usr/lib/jvm/java-8-oracle/bin/java -Djava.awt.headless=true 
-Dbuild.sysclasspath=only org.apache.tools.ant.Main 
-Dgump.merge=/srv/gump/public/gump/work/merge.xml 
-Djunit.jar=/srv/gump/public/workspace/junit/target/junit-4.13-SNAPSHOT.jar 
-Dobjenesis.jar=/srv/gump/public/workspace/objenesis/main/target/objenesis-2.2-SNAPSHOT.jar
 -Dtest.reports=output/logs-APR 
-Dtomcat-native.tar.gz=/srv/gump/public/workspace/apache-commons/daemon/dist/bin/commons-daemon-20150311-native-src.tar.gz
 -Dexamples.sources.skip=true 
-Djdt.jar=/srv/gump/packages/eclipse/plugins/R-4.4-201406061215/ecj-4.4.jar 
-Dtest.apr.loc=/srv/gump/public/workspace/tomcat-native/dest-20150311/lib 
-Dcommons-daemon.jar=/srv/gump/public/workspace/apache-commons/daemon/dist/commons-daemon-20150311.jar
 
-Dcommons-daemon.native.src.tgz=/srv/gump/public/workspace/apache-commons/daemon/dist/bin/commons-daemon-20150311-native-src.tar.gz
 -Dtest.temp=output/test-tmp-APR -Dtest.accesslog=true -Dexecute.test.nio=false 
-Dtest
 
.openssl.path=/srv/gump/public/workspace/openssl-1.0.2/dest-20150311/bin/openssl
 -Dexecute.test.apr=true -Dexecute.test.bio=false -Dexecute.test.nio2=false 
-Deasymock.jar=/srv/gump/public/workspace/easymock/easymock/target/easymock-3.4-SNAPSHOT.jar
 -Dhamcrest.jar=/srv/gump/packages/hamcrest/hamcrest-core-1.3.jar 
-Dcglib.jar=/srv/gump/packages/cglib/cglib-nodep-2.2.jar test 
[Working Directory: /srv/gump/public/workspace/tomcat-8.0.x]
CLASSPATH: 
/usr/lib/jvm/java-8-oracle/lib/tools.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/webapps/examples/WEB-INF/classes:/srv/gump/public/workspace/tomcat-8.0.x/output/testclasses:/srv/gump/public/workspace/ant/dist/lib/ant.jar:/srv/gump/public/workspace/ant/dist/lib/ant-launcher.jar:/srv/gump/public/workspace/ant/dist/lib/ant-jmf.jar:/srv/gump/public/workspace/ant/dist/lib/ant-junit.jar:/srv/gump/public/workspace/ant/dist/lib/ant-junit4.jar:/srv/gump/public/workspace/ant/dist/lib/ant-swing.jar:/srv/gump/public/workspace/ant/dist/lib/ant-apache-resolver.jar:/srv/gump/public/workspace/ant/dist/lib/ant-apache-xalan2.jar:/srv/gump/public/workspace/xml-commons/java/build/resolver.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/bin/bootstrap.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/bin/tomcat-juli.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/lib/annotations-api.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/lib/servlet-api.ja
 
r:/srv/gump/public/workspace/tomcat-8.0.x/output/build/lib/jsp-api.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/lib/el-api.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/lib/websocket-api.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/lib/catalina.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/lib/catalina-ant.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/lib/catalina-storeconfig.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/lib/tomcat-coyote.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/lib/jasper.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/lib/jasper-el.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/lib/catalina-tribes.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/lib/catalina-ha.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/lib/tomcat-api.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/lib/tomcat-jni.jar