Re: Timescale for 8.0.x EOL
On 06/14/2016 02:05 PM, Rémy Maucherat wrote: > 2016-06-14 10:31 GMT+02:00 Mark Thomas : > >> On 14/06/2016 09:00, Emmanuel Bourg wrote: >>> Le 13/06/2016 à 17:47, Mark Thomas a écrit : Now we have a stable release of 8.5.x, I'd like to finialise the end of life date for 8.0.x so we can publish it. We originally said we'd do parallel releases for 6 months. That gives an EOL date of 30 September 2016 for 8.0.x which seems reasonable to me. Any objections to that date or suggestions for a better one? >>> >>> Hi, >>> >>> Just a word with my Debian maintainer hat on, Tomcat 8.0.x was shipped >>> with Debian 8 Jessie with the expectation it would be supported during >>> the lifetime of this release (until May 2018). I'm currently maintaining >>> with other volunteers a stable version based on 8.0.14 (with backported >>> security patches). Canonical does a similar job for Ubuntu 16.04 LTS >>> based on Tomcat 8.0.32. >>> >>> The early EOL of 8.0.x is impractical because, at least in Debian, major >>> updates like the switch to 8.5 aren't allowed for the stable >> distribution. >>> >>> I understand you can't maintain so many branches for a long time, but if >>> Tomcat 8.0.x could be security supported at least until the Debian 9 >>> release (~April/May 2017) it would allow users following the stable >>> distribution to remain on a supported version of Tomcat (Debian 9 will >>> include Tomcat 8.5). >> >> That is unlikely unless someone volunteers for that task. >> > > Yes JF or myself could volunteer to do some additional limited 8.0 > releases, but we'll see how it goes in practice. We have to provide long term support for our customers, one way is to keep 8.0.x alive here so the community can benefit our efforts. Cheers Jean-Frederic - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 59704] New: shared loader
https://bz.apache.org/bugzilla/show_bug.cgi?id=59704 Bug ID: 59704 Summary: shared loader Product: Tomcat 8 Version: 8.0.30 Hardware: PC OS: Mac OS X 10.4 Status: NEW Severity: normal Priority: P2 Component: Catalina Assignee: dev@tomcat.apache.org Reporter: amit.pa...@veritas.com -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 59704] shared loader
https://bz.apache.org/bugzilla/show_bug.cgi?id=59704 Amit Pande changed: What|Removed |Added Priority|P2 |P1 OS|Mac OS X 10.4 |All --- Comment #1 from Amit Pande --- We develop multiple web application which happen to share the same stack (Spring, Hibernate,etc). Thinking of sharing these third party libraries instead of duplicating in each web app war. IIUC, putting those in Tomcat (8)’s lib folder might cause issues since the classes in there are loaded by a common loader. And sharing such libraries using the shared loader seems a better approach. Is my understanding correct ? Does it have any further issues ? That said, I don’t see much documentation around using shared loader. Any documentation/help in this regard is highly appreciated. Thanks, Amit -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 59704] shared loader
https://bz.apache.org/bugzilla/show_bug.cgi?id=59704 Mark Thomas changed: What|Removed |Added Resolution|--- |INVALID Status|NEW |RESOLVED --- Comment #2 from Mark Thomas --- Bugzilla is not a support forum. Please use the Apache Tomcat users' mailing list for your query. http://tomcat.apache.org/lists.html#tomcat-users -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Problems with default for sessionCookiePathUsesTrailingSlash
Hi all, A problem[1] with the default for sessionCookiePathUsesTrailingSlash has cropped up via $work and after some research I wanted to discuss whether the default should be changed. The default for sessionCookiePathUsesTrailingSlash is true to work around a potential security issue in a number of browsers. I did a quick test before writing this e-mail and it appears that IE, Edge and Safari are affected. Together they represent approximately 42% of the current browser market share[2]. The security issue is that for a cookie path of '/foo', these browsers include in the cookie when sending requests to '/foobar'. Tomcat therefore introduced sessionCookiePathUsesTrailingSlash which adds a '/' to the cookie path so '/foo' becomes '/foo/' since no user agent will include this in a request to '/foobar'. However, this can cause problems. To summarise [1], we have: A user request for '/foo' A security enforcing filter that uses cookies mapped to '/*' A web application with a controller servlet mapped to '/*' The sequence of events is: - Tomcat receives the request for '/foo' - Because of the servlet mapped to '/*', Tomcat does not redirect this to '/foo/' - The security filter creates a session cookie (path '/foo/') - The security filter performs authentication which includes additional requests from the client to '/foo' - The security filter rejects the authentication because the subsequent requests do not include the cookie because the path does not match RFC 6265, section 4.1.2.4 is clear that cookies with a path of '/foo' should not be included with requests for '/foobar'. However that same section also makes clear that cookie paths should not be relied upon for security. It references RFC 6265 section 8 which provides several reasons for this in addition to the broken behaviour described above. Given the problems caused by the current default for sessionCookiePathUsesTrailingSlash and the warnings in RFC 6265 regarding relying on cookie paths for security, I would like to propose the following changes: 1. Change the default for sessionCookiePathUsesTrailingSlash to false. 2. Add some explanatory notes to the documentation for sessionCookiePathUsesTrailingSlash that makes clear that the setting is: a) intended to work around broken browser behaviour b) while it closes one security hole, others are likely to remain and reference RFC 6265 section 8. Thoughts? Mark [1] https://github.com/grails/grails-core/issues/9024 [2] https://www.netmarketshare.com/browser-market-share.aspx?qprid=2&qpcustomd=0&qpcustom= - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1748547 - in /tomcat/trunk: java/org/apache/catalina/realm/RealmBase.java webapps/docs/changelog.xml webapps/docs/config/realm.xml
Author: markt
Date: Wed Jun 15 10:56:22 2016
New Revision: 1748547
URL: http://svn.apache.org/viewvc?rev=1748547&view=rev
Log:
Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=59399
Add a new option to the Realm implementations that ship with Tomcat that allows
the HTTP status code used for HTTP -> HTTPS redirects to be controlled per
Realm.
Modified:
tomcat/trunk/java/org/apache/catalina/realm/RealmBase.java
tomcat/trunk/webapps/docs/changelog.xml
tomcat/trunk/webapps/docs/config/realm.xml
Modified: tomcat/trunk/java/org/apache/catalina/realm/RealmBase.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/realm/RealmBase.java?rev=1748547&r1=1748546&r2=1748547&view=diff
==
--- tomcat/trunk/java/org/apache/catalina/realm/RealmBase.java (original)
+++ tomcat/trunk/java/org/apache/catalina/realm/RealmBase.java Wed Jun 15
10:56:22 2016
@@ -145,8 +145,34 @@ public abstract class RealmBase extends
protected boolean stripRealmForGss = true;
+private int transportGuaranteeRedirectStatus =
HttpServletResponse.SC_FOUND;
+
+
// - Properties
+
+/**
+ * @return The HTTP status code used when the container needs to issue an
+ * HTTP redirect to meet the requirements of a configured transport
+ * guarantee.
+ */
+public int getTransportGuaranteeRedirectStatus() {
+return transportGuaranteeRedirectStatus;
+}
+
+
+/**
+ * Set the HTTP status code used when the container needs to issue an HTTP
+ * redirect to meet the requirements of a configured transport guarantee.
+ *
+ * @param transportGuaranteeRedirectStatus The status to use. This value is
+ * not validated
+ */
+public void setTransportGuaranteeRedirectStatus(int
transportGuaranteeRedirectStatus) {
+this.transportGuaranteeRedirectStatus =
transportGuaranteeRedirectStatus;
+}
+
+
@Override
public CredentialHandler getCredentialHandler() {
return credentialHandler;
@@ -991,7 +1017,7 @@ public abstract class RealmBase extends
}
if (log.isDebugEnabled())
log.debug(" Redirecting to " + file.toString());
-response.sendRedirect(file.toString());
+response.sendRedirect(file.toString(),
transportGuaranteeRedirectStatus);
return false;
}
Modified: tomcat/trunk/webapps/docs/changelog.xml
URL:
http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1748547&r1=1748546&r2=1748547&view=diff
==
--- tomcat/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/trunk/webapps/docs/changelog.xml Wed Jun 15 10:56:22 2016
@@ -52,6 +52,11 @@
entire org.apache.juli package from the embedded JARs
rendering them unusable. (markt)
+
+59399: Add a new option to the Realm implementations that
+ship with Tomcat that allows the HTTP status code used for HTTP ->
HTTPS
+redirects to be controlled per Realm. (markt)
+
Modified: tomcat/trunk/webapps/docs/config/realm.xml
URL:
http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/config/realm.xml?rev=1748547&r1=1748546&r2=1748547&view=diff
==
--- tomcat/trunk/webapps/docs/config/realm.xml (original)
+++ tomcat/trunk/webapps/docs/config/realm.xml Wed Jun 15 10:56:22 2016
@@ -158,6 +158,13 @@
name. If not specified, the default is true.
+
+The HTTP status code to use when the container needs to issue an
HTTP
+ redirect to meet the requirements of a configured transport
+ guarantee. The prpvoded status code is not validated. If not
+ specified, the default value of 302 is used.
+
+
Name of the column, in the "users" table, which contains
the user's credentials (i.e. password). If a
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1748548 - in /tomcat/tc8.5.x/trunk: ./ java/org/apache/catalina/realm/RealmBase.java webapps/docs/changelog.xml webapps/docs/config/realm.xml
Author: markt Date: Wed Jun 15 10:57:54 2016 New Revision: 1748548 URL: http://svn.apache.org/viewvc?rev=1748548&view=rev Log: Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=59399 Add a new option to the Realm implementations that ship with Tomcat that allows the HTTP status code used for HTTP -> HTTPS redirects to be controlled per Realm. Modified: tomcat/tc8.5.x/trunk/ (props changed) tomcat/tc8.5.x/trunk/java/org/apache/catalina/realm/RealmBase.java tomcat/tc8.5.x/trunk/webapps/docs/changelog.xml tomcat/tc8.5.x/trunk/webapps/docs/config/realm.xml Propchange: tomcat/tc8.5.x/trunk/ -- --- svn:mergeinfo (original) +++ svn:mergeinfo Wed Jun 15 10:57:54 2016 @@ -1 +1 @@ -/tomcat/trunk:1734785,1734799,1734845,1734928,1735041,1735044,1735480,1735577,1735597,1735599-1735600,1735615,1736145,1736162,1736209,1736280,1736297,1736299,1736489,1736646,1736703,1736836,1736849,1737104-1737105,1737112,1737117,1737119-1737120,1737155,1737157,1737192,1737280,1737339,1737632,1737664,1737715,1737748,1737785,1737834,1737860,1737959,1738005,1738007,1738014-1738015,1738018,1738022,1738039,1738043,1738059-1738060,1738147,1738149,1738174-1738175,1738261,1738589,1738623-1738625,1738643,1738816,1738850,1738855,1738946-1738948,1738953-1738954,1738979,1738982,1739079-1739081,1739087,1739113,1739153,1739172,1739176,1739191,1739474,1739726,1739762,1739775,1739814,1739817-1739818,1739975,1740131,1740324,1740465,1740495,1740508-1740509,1740520,1740535,1740707,1740803,1740810,1740969,1740980,1740991,1740997,1741015,1741033,1741036,1741058,1741060,1741080,1741147,1741159,1741164,1741173,1741181,1741190,1741197,1741202,1741208,1741213,1741221,1741225,1741232,1741409,1741501,1741677 ,1741892,1741896,1741984,1742023,1742042,1742071,1742090,1742093,1742101,1742105,1742111,1742139,1742146,1742148,1742166,1742181,1742184,1742187,1742246,1742248-1742251,1742263-1742264,1742268,1742276,1742369,1742387,1742448,1742509-1742512,1742917,1742919,1742933,1742975-1742976,1742984,1742986,1743019,1743115,1743117,1743124-1743125,1743134,1743425,1743554,1743679,1743696-1743698,1743700-1743701,1744058,1744064-1744065,1744125,1744194,1744229,1744270,1744323,1744432,1744684,1744697,1744705,1744713,1744760,1744786,1745142-1745143,1745145,1745177,1745179-1745180,1745227,1745248,1745254,1745337,1745467,1745576,1745735,1745744,1746304,1746306-1746307,1746319,1746327,1746338,1746340-1746341,1746344,1746427,1746441,1746473,1746490,1746492,1746495-1746496,1746499-1746501,1746503-1746507,1746509,1746549,1746551,1746554,1746556,1746558,1746584,1746620,1746649,1746724,1746939,1746989,1747014,1747028,1747035,1747210,1747225,1747234,1747253,1747404,1747506,1747536,1747924,1747980,1747993,1748 001,1748253,1748452 +/tomcat/trunk:1734785,1734799,1734845,1734928,1735041,1735044,1735480,1735577,1735597,1735599-1735600,1735615,1736145,1736162,1736209,1736280,1736297,1736299,1736489,1736646,1736703,1736836,1736849,1737104-1737105,1737112,1737117,1737119-1737120,1737155,1737157,1737192,1737280,1737339,1737632,1737664,1737715,1737748,1737785,1737834,1737860,1737959,1738005,1738007,1738014-1738015,1738018,1738022,1738039,1738043,1738059-1738060,1738147,1738149,1738174-1738175,1738261,1738589,1738623-1738625,1738643,1738816,1738850,1738855,1738946-1738948,1738953-1738954,1738979,1738982,1739079-1739081,1739087,1739113,1739153,1739172,1739176,1739191,1739474,1739726,1739762,1739775,1739814,1739817-1739818,1739975,1740131,1740324,1740465,1740495,1740508-1740509,1740520,1740535,1740707,1740803,1740810,1740969,1740980,1740991,1740997,1741015,1741033,1741036,1741058,1741060,1741080,1741147,1741159,1741164,1741173,1741181,1741190,1741197,1741202,1741208,1741213,1741221,1741225,1741232,1741409,1741501,1741677 ,1741892,1741896,1741984,1742023,1742042,1742071,1742090,1742093,1742101,1742105,1742111,1742139,1742146,1742148,1742166,1742181,1742184,1742187,1742246,1742248-1742251,1742263-1742264,1742268,1742276,1742369,1742387,1742448,1742509-1742512,1742917,1742919,1742933,1742975-1742976,1742984,1742986,1743019,1743115,1743117,1743124-1743125,1743134,1743425,1743554,1743679,1743696-1743698,1743700-1743701,1744058,1744064-1744065,1744125,1744194,1744229,1744270,1744323,1744432,1744684,1744697,1744705,1744713,1744760,1744786,1745142-1745143,1745145,1745177,1745179-1745180,1745227,1745248,1745254,1745337,1745467,1745576,1745735,1745744,1746304,1746306-1746307,1746319,1746327,1746338,1746340-1746341,1746344,1746427,1746441,1746473,1746490,1746492,1746495-1746496,1746499-1746501,1746503-1746507,1746509,1746549,1746551,1746554,1746556,1746558,1746584,1746620,1746649,1746724,1746939,1746989,1747014,1747028,1747035,1747210,1747225,1747234,1747253,1747404,1747506,1747536,1747924,1747980,1747993,1748 001,1748253,1748452,1748547 Modified: tomcat/tc8.5.x/trunk/java/org/apache/catalina/realm/RealmBase.java URL: http://svn.apache.org/viewvc/tomcat/tc8.5.x/trunk/java/org/apache/catalina/realm/RealmB
Re: Problems with default for sessionCookiePathUsesTrailingSlash
2016-06-15 12:31 GMT+02:00 Mark Thomas : > Hi all, > > A problem[1] with the default for sessionCookiePathUsesTrailingSlash has > cropped up via $work and after some research I wanted to discuss whether > the default should be changed. > > The default for sessionCookiePathUsesTrailingSlash is true to work > around a potential security issue in a number of browsers. I did a quick > test before writing this e-mail and it appears that IE, Edge and Safari > are affected. Together they represent approximately 42% of the current > browser market share[2]. > > The security issue is that for a cookie path of '/foo', these browsers > include in the cookie when sending requests to '/foobar'. Tomcat > therefore introduced sessionCookiePathUsesTrailingSlash which adds a '/' > to the cookie path so '/foo' becomes '/foo/' since no user agent will > include this in a request to '/foobar'. > > However, this can cause problems. To summarise [1], we have: > A user request for '/foo' > A security enforcing filter that uses cookies mapped to '/*' > A web application with a controller servlet mapped to '/*' > > The sequence of events is: > - Tomcat receives the request for '/foo' > - Because of the servlet mapped to '/*', Tomcat does not redirect > this to '/foo/' > - The security filter creates a session cookie (path '/foo/') > - The security filter performs authentication which includes > additional requests from the client to '/foo' > - The security filter rejects the authentication because the > subsequent requests do not include the cookie because the path > does not match > > RFC 6265, section 4.1.2.4 is clear that cookies with a path of '/foo' > should not be included with requests for '/foobar'. However that same > section also makes clear that cookie paths should not be relied upon for > security. It references RFC 6265 section 8 which provides several > reasons for this in addition to the broken behaviour described above. > > Given the problems caused by the current default for > sessionCookiePathUsesTrailingSlash and the warnings in RFC 6265 > regarding relying on cookie paths for security, I would like to propose > the following changes: > 1. Change the default for sessionCookiePathUsesTrailingSlash to false. > 2. Add some explanatory notes to the documentation for >sessionCookiePathUsesTrailingSlash that makes clear that the setting >is: >a) intended to work around broken browser behaviour >b) while it closes one security hole, others are likely to remain > and reference RFC 6265 section 8. > > Thoughts? > > +1 Rémy
svn commit: r1748550 - in /tomcat/tc8.0.x/trunk: ./ java/org/apache/catalina/realm/RealmBase.java webapps/docs/changelog.xml webapps/docs/config/realm.xml
Author: markt Date: Wed Jun 15 11:01:52 2016 New Revision: 1748550 URL: http://svn.apache.org/viewvc?rev=1748550&view=rev Log: Add a new option to the Realm implementations that ship with Tomcat that allows the HTTP status code used for HTTP -> HTTPS redirects to be controlled per Realm. Modified: tomcat/tc8.0.x/trunk/ (props changed) tomcat/tc8.0.x/trunk/java/org/apache/catalina/realm/RealmBase.java tomcat/tc8.0.x/trunk/webapps/docs/changelog.xml tomcat/tc8.0.x/trunk/webapps/docs/config/realm.xml Propchange: tomcat/tc8.0.x/trunk/ -- --- svn:mergeinfo (original) +++ svn:mergeinfo Wed Jun 15 11:01:52 2016 @@ -1,2 +1,2 @@ /tomcat/tc8.5.x/trunk:1735042,1737966,1743139-1743140,1744151,1747537,1747925,1748002 -/tomcat/trunk:1636524,1637156,1637176,1637188,1637331,1637684,1637695,1637890,1637892,1638720-1638725,1639653,1640010,1640083-1640084,1640088,1640275,1640322,1640347,1640361,1640365,1640403,1640410,1640652,1640655-1640658,1640688,1640700-1640883,1640903,1640976,1640978,1641000,1641026,1641038-1641039,1641051-1641052,1641058,1641064,1641300,1641369,1641374,1641380,1641486,1641634,1641656-1641692,1641704,1641707-1641718,1641720-1641722,1641735,1641981,1642233,1642280,1642554,1642564,1642595,1642606,1642668,1642679,1642697,1642699,1642766,1643002,1643045,1643054-1643055,1643066,1643121,1643128,1643206,1643209-1643210,1643216,1643249,1643270,1643283,1643309-1643310,1643323,1643365-1643366,1643370-1643371,1643465,1643474,1643536,1643570,1643634,1643649,1643651,1643654,1643675,1643731,1643733-1643734,1643761,1643766,1643814,1643937,1643963,1644017,1644169,1644201-1644203,1644321,1644323,1644516,1644523,1644529,1644535,1644730,1644768,1644784-1644785,1644790,1644793,1644815,1644884,1644886 ,1644890,1644892,1644910,1644924,1644929-1644930,1644935,1644989,1645011,1645247,1645355,1645357-1645358,1645455,1645465,1645469,1645471,1645473,1645475,1645486-1645488,1645626,1645641,1645685,1645743,1645763,1645951-1645953,1645955,1645993,1646098-1646106,1646178,1646220,1646302,1646304,1646420,1646470-1646471,1646476,1646559,1646717-1646723,1646773,1647026,1647042,1647530,1647655,1648304,1648815,1648907,1649973,1650081,1650365,1651116,1651120,1651280,1651470,1652938,1652970,1653041,1653471,1653550,1653574,1653797,1653815-1653816,1653819,1653840,1653857,1653888,1653972,1654013,1654030,1654050,1654123,1654148,1654159,1654513,1654515,1654517,1654522,1654524,1654725,1654735,1654766,1654785,1654851-1654852,1654978,1655122-1655124,1655126-1655127,1655129-1655130,1655132-1655133,1655312,1655351,1655438,1655441,1655454,168,1656087,1656299,1656319,1656331,1656345,1656350,1656590,1656648-1656650,1656657,1657041,1657054,1657374,1657492,1657510,1657565,1657580,1657584,1657586,1657589,1657 592,1657607,1657609,1657682,1657907,1658207,1658734,1658781,1658790,1658799,1658802,1658804,1658833,1658840,1658966,1659043,1659053,1659059,1659174,1659184,1659188-1659189,1659216,1659263,1659293,1659304,1659306-1659307,1659382,1659384,1659428,1659471,1659486,1659505,1659516,1659521,1659524,1659559,1659562,1659803,1659806,1659814,1659833,1659862,1659905,1659919,1659948,1659967,1659983-1659984,1660060,1660074,1660077,1660133,1660168,1660331-1660332,1660353,1660358,1660924,1661386,1661770,1661867,1661972,1661990,1662200,1662308-1662309,1662548,1662614,1662696,1662736,1662985,1662988-1662989,1663264,1663277,1663298,1663534,1663562,1663676,1663715,1663754,1663768,1663772,1663781,1663893,1663995,1664143,1664163,1664174,1664301,1664317,1664347,1664657,1664659,1664710,1664863-1664864,1664866,1665085,1665292,1665559,1665653,1665661,1665672,1665694,1665697,1665736,1665779,1665976-1665977,1665980-1665981,1665985-1665986,1665989,1665998,1666004,1666008,1666013,1666017,1666024,1666116,1666386-1 666387,1666494,1666496,1666552,1666569,1666579,137,149,1666757,1666966,1666972,1666985,1666995,1666997,1667292,1667402,1667406,1667546,1667615,1667630,1667636,1667688,1667764,1667871,1668026,1668135,1668193,1668593,1668596,1668630,1668639,1668843,1669353,1669370,1669451,1669800,1669838,1669876,1669882,1670394,1670433,1670591,1670598-1670600,1670610,1670631,1670719,1670724,1670726,1670730,1670940,1671112,1672272,1672284,1673754,1674294,1675461,1675486,1675594,1675830,1676231,1676250-1676251,1676364,1676381,1676393,1676479,1676525,1676552,1676615,1676630,1676634,1676721,1676926,1676943,1677140,1677802,1678011,1678162,1678174,1678339,1678426-1678427,1678694,1678701,1679534,1679708,1679710,1679716,1680034,1680246,1681056,1681123,1681138,1681280,1681283,1681286,1681450,1681697,1681699,1681701,1681729,1681770,1681779,1681793,1681807,1681837-1681838,1681854,1681862,1681958,1682028,1682033,1682311,1682315,1682317,1682320,1682324,1682330,1682842,1684172,1684366,1684383,1684526-168452 7,1684549-1684550,1685556,1685591,1685739,1685744,1685772,1685816,1685826,1685891,1687242,1687261,1687268,1687340,1687544,1687551,1688563,1688841,1688878,165,1688896,1688901,16893
svn commit: r1748552 - in /tomcat/tc7.0.x/trunk: ./ java/org/apache/catalina/connector/Response.java java/org/apache/catalina/realm/RealmBase.java webapps/docs/changelog.xml webapps/docs/config/realm.
Author: markt Date: Wed Jun 15 11:10:48 2016 New Revision: 1748552 URL: http://svn.apache.org/viewvc?rev=1748552&view=rev Log: Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=59399 Add a new option to the Realm implementations that ship with Tomcat that allows the HTTP status code used for HTTP -> HTTPS redirects to be controlled per Realm. Modified: tomcat/tc7.0.x/trunk/ (props changed) tomcat/tc7.0.x/trunk/java/org/apache/catalina/connector/Response.java tomcat/tc7.0.x/trunk/java/org/apache/catalina/realm/RealmBase.java tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml tomcat/tc7.0.x/trunk/webapps/docs/config/realm.xml Propchange: tomcat/tc7.0.x/trunk/ -- --- svn:mergeinfo (original) +++ svn:mergeinfo Wed Jun 15 11:10:48 2016 @@ -1,3 +1,3 @@ /tomcat/tc8.0.x/trunk:1636525,1637336,1637685,1637709,1638726,1640089,1640276,1640349,1640363,1640366,1640642,1640672,1640674,1640689,1640884,1641001,1641065,1641067,1641375,1641638,1641723,1641726,1641729-1641730,1641736,1641988,1642669-1642670,1642698,1642701,1643205,1643215,1643217,1643230,1643232,1643273,1643285,1643329-1643330,1643511,1643513,1643521,1643539,1643571,1643581-1643582,1643635,1643655,1643738,1643964,1644018,1644333,1644954,1644992,1645014,1645360,1645456,1645627,1645642,1645686,1645903-1645904,1645908-1645909,1645913,1645920,1646458,1646460-1646462,1646735,1646738-1646741,1646744,1646746,1646748-1646755,1646757,1646759-1646760,1647043,1648816,1651420-1651422,1651844,1652926,1652939-1652940,1652973,1653798,1653817,1653841,1654042,1654161,1654736,1654767,1654787,1656592,1659907,1662986,1663265,1663278,1663325,1663535,1663567,1663679,1663997,1664175,1664321,1664872,1665061,1665086,1666027,1666395,1666503,1666506,1666560,1666570,1666581,1666759,1666967,1666988,1667553 -1667555,1667558,1667617,1667633,1667637,1667747,1667767,1667873,1668028,1668137,1668634,1669432,1669801,1669840,1669895-1669896,1670398,1670435,1670592,1670605-1670607,1670609,1670632,1670720,1670725,1670727,1670731,1671114,1672273,1672285,1673759,1674220,1674295,1675469,1675488,1675595,1675831,1676232,1676367-1676369,1676382,1676394,1676483,1676556,1676635,1678178,1679536,1679988,1680256,1681124,1681182,1681730,1681840,1681864,1681869,1682010,1682034,1682047,1682052-1682053,1682062,1682064,1682070,1682312,1682325,1682331,1682386,1684367,1684385,1685759,1685774,1685827,1685892,1687341,1688904,1689358,1689657,1689921,1692850,1693093,1693108,1693324,1694060,1694115,1694291,1694427,1694431,1694503,1694549,1694789,1694873,1694881,1695356,1695372,1695823-1695825,1696200,1696281,1696379,1696468,1700608,1700871,1700897,1700978,1701094,1701124,1701608,1701668,1701676,1701766,1701944,1702248,1702252,1702314,1702390,1702723,1702725,1702728,1702730,1702733,1702735,1702737,1702739,1702742,1702 744,1702748,1702751,1702754,1702758,1702760,1702763,1702766,1708779,1708782,1708806,1709314,1709670,1710347,1710442,1710448,1710490,1710574,1710578,1712226,1712229,1712235,1712255,1712618,1712649,1712655,1712860,1712899,1712903,1712906,1712913,1712926,1712975,1713185,1713262,1713287,1713613,1713621,1713872,1713976,1713994,1713998,1714004,1714013,1714059,1714538,1714580,1715189,1715207,1715544,1715549,1715637,1715639-1715645,1715667,1715683,1715866,1715978,1715981,1716216-1716217,1716355,1716414,1716421,1717208-1717209,1717257,1717283,1717288,1717291,1717421,1717517,1717529,1718797,1718840-1718843,1719348,1719357-1719358,1719400,1719491,1719737,1720235,1720396,1720442,1720446,1720450,1720463,1720658-1720660,1720756,1720816,1721813,1721818,1721831,1721861,1721867,1721882,1722523,1722527,1722800,1722926,1722941,1722997,1723130,1723440,1723488,1723890,1724434,1724674,1724792,1724803,1724902,1725128,1725131,1725154,1725167,1725911,1725921,1725929,1725963-1725965,1725970,1725974,1726171-1 726173,1726175,1726179-1726182,1726190-1726191,1726195-1726200,1726203,1726226,1726576,1726630,1726992,1727029,1727037,1727671,1727676,1727900,1728028,1728092,1728439,1728449,1729186,1729362,1731009,1731303,1731867,1731872,1731874,1731876,1731885,1731947,1731955,1731959,1731977,1731984,1732360,1732490,1732672,1732902,1733166,1733603,1733619,1733735,1733752,1733764,1733915,1733941,1733964,1734115,1734133,1734261,1734421,1734531,1736286,1737967,1738173,1738182,1738992,1739039,1739089-1739091,1739294,1739777,1739821,1739981,1740513,1740726,1741019,1741162,1741217,1743647,1743681,1744152,1744272,1746732,1746750 -/tomcat/tc8.5.x/trunk:1735579,1736839,1737199,1737966,1738042,1738044,1738162,1738165,1738178,1739157,1739173,1739177,1739476,1740132,1740521,1740536,1740804,1740811,1740981,1741165,1741174,1741182,1741191,1741203,1741209,1741226,1741233,1741410,1742277,1743118,1743126,1743139-1743140,1743718,1743722,1743724,1744059,1744127,1744151,1744232,1744377,1744687,1744698,1744706,1745228,1746940 -/tomcat/trunk:1156115-1157160,1157162-1157859,1157862-1157942,1157945-1160347,1160349-1163716,1163718-1166689,1166691-1174340,117434
[Bug 59399] Tomcat doesn't support setting the response code for http -> https redirect
https://bz.apache.org/bugzilla/show_bug.cgi?id=59399 Mark Thomas changed: What|Removed |Added Status|NEW |RESOLVED Resolution|--- |FIXED --- Comment #1 from Mark Thomas --- This has been implemented as a new option in the Realm and will has implemented in: - 9.0.x for 9.0.0.M9 onwards - 8.5.x for 8.5.4 onwards - 8.0.x for 8.0.37 onwards - 7.0.x for 7.0.70 onwards -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1748554 - /tomcat/trunk/webapps/docs/changelog.xml
Author: markt Date: Wed Jun 15 11:16:03 2016 New Revision: 1748554 URL: http://svn.apache.org/viewvc?rev=1748554&view=rev Log: Add release date for 9.0.0.M8 Modified: tomcat/trunk/webapps/docs/changelog.xml Modified: tomcat/trunk/webapps/docs/changelog.xml URL: http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1748554&r1=1748553&r2=1748554&view=diff == --- tomcat/trunk/webapps/docs/changelog.xml (original) +++ tomcat/trunk/webapps/docs/changelog.xml Wed Jun 15 11:16:03 2016 @@ -75,7 +75,7 @@ - + - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1748555 - /tomcat/tc8.5.x/trunk/webapps/docs/changelog.xml
Author: markt Date: Wed Jun 15 11:16:39 2016 New Revision: 1748555 URL: http://svn.apache.org/viewvc?rev=1748555&view=rev Log: Add release date for 8.5.3 Modified: tomcat/tc8.5.x/trunk/webapps/docs/changelog.xml Modified: tomcat/tc8.5.x/trunk/webapps/docs/changelog.xml URL: http://svn.apache.org/viewvc/tomcat/tc8.5.x/trunk/webapps/docs/changelog.xml?rev=1748555&r1=1748554&r2=1748555&view=diff == --- tomcat/tc8.5.x/trunk/webapps/docs/changelog.xml (original) +++ tomcat/tc8.5.x/trunk/webapps/docs/changelog.xml Wed Jun 15 11:16:39 2016 @@ -60,7 +60,7 @@ - + - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1748556 - /tomcat/tc8.0.x/trunk/webapps/docs/changelog.xml
Author: markt Date: Wed Jun 15 11:17:12 2016 New Revision: 1748556 URL: http://svn.apache.org/viewvc?rev=1748556&view=rev Log: Add release date for 8.0.36 Modified: tomcat/tc8.0.x/trunk/webapps/docs/changelog.xml Modified: tomcat/tc8.0.x/trunk/webapps/docs/changelog.xml URL: http://svn.apache.org/viewvc/tomcat/tc8.0.x/trunk/webapps/docs/changelog.xml?rev=1748556&r1=1748555&r2=1748556&view=diff == --- tomcat/tc8.0.x/trunk/webapps/docs/changelog.xml (original) +++ tomcat/tc8.0.x/trunk/webapps/docs/changelog.xml Wed Jun 15 11:17:12 2016 @@ -55,7 +55,7 @@ - + - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: HTTP/2 optimizations and edge cases
On 13/06/2016 21:05, Rémy Maucherat wrote: > 2016-06-03 17:36 GMT+02:00 Mark Thomas : > >> On 03/06/2016 15:59, Rémy Maucherat wrote: I am not talking about a limit on concurrent streams where things are >> being >>> refused (and this is exposed through the settings), rather on streams >> which >>> are effectively being processed concurrently (= for example, in >> headersEnd, >>> we put the StreamProcessor in a queue rather than executing it >> immediately >>> ? unless it's a high priority stream, right ?). h2load allows comparing >>> with other servers, and JF told me httpd has a lower HTTP/2 performance >>> impact compared to Tomcat. Given the profiling, the problem is the heavy >>> lock contention (no surprise, this is something that is very expensive) >> and >>> we could get better performance by controlling the contention. JF's >>> original "HTTP/2 torture test" HTML page with 1000 images probably also >>> runs into this. IMO we will eventually need a better execution strategy >>> than what is in place at the moment, since all dumb benchmarks will run >>> into that edge case. But I agree that it's only partially legitimate, the >>> client has the opportunity to control it. >> >> Ah. Got it. >> > I added some rudimentary concurrency control for testing, the h2load > results are immediately up to 30% better when using low concurrency levels > (8 streams concurrently executed per connection). When allowing a larger > but still reasonable amount of concurrency, like 32 [that would correspond > to 32 connections for a single client for HTTP/1.1, so that's a lot], the > performance is up 20% over the default. As a sync contention gets higher, > the performance degrades fast and I verified using VM monitoring most of > the threads in the pool spend most of the time blocked while the test runs. > This depends on the thread pool size and the client behavior obviously, so > the impact can be arbitrarily large. > > My conclusion is that some sort of optional mechanism should be added. Makes sense to me. How did you implement this for your testing? Mark - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Big Data Interview
Good book on interview preparation for big data https://notionpress.com/read/big-data-interview-faqs
[Bug 59706] New: HTTP/2 load testing performance
https://bz.apache.org/bugzilla/show_bug.cgi?id=59706 Bug ID: 59706 Summary: HTTP/2 load testing performance Product: Tomcat 9 Version: unspecified Hardware: All OS: All Status: NEW Severity: enhancement Priority: P2 Component: Connectors Assignee: dev@tomcat.apache.org Reporter: r...@apache.org Using a load testing tool like h2load, performance can go down quickly due to very high multiplexing that occurs when processing the requests. Due to heavy sync contention, it is likely some resources are then wasted. It could be beneficial to explore solutions to that. Example: h2load -c 1 -n 100 http://127.0.0.1:8080/tomcat.gif Unlike HTTP/1.1, this will actually in most cases multiplex 100 concurrent requests over a single connection, using 100 processing threads. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
buildbot failure in on tomcat-8-trunk
The Buildbot has detected a new failure on builder tomcat-8-trunk while building . Full details are available at: https://ci.apache.org/builders/tomcat-8-trunk/builds/655 Buildbot URL: https://ci.apache.org/ Buildslave for this Build: silvanus_ubuntu Build Reason: The AnyBranchScheduler scheduler named 'on-tomcat-8-commit' triggered this build Build Source Stamp: [branch tomcat/tc8.0.x/trunk] 1748556 Blamelist: markt BUILD FAILED: failed compile_1 Sincerely, -The Buildbot - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 59706] HTTP/2 load testing performance
https://bz.apache.org/bugzilla/show_bug.cgi?id=59706 --- Comment #1 from Remy Maucherat --- Created attachment 33951 --> https://bz.apache.org/bugzilla/attachment.cgi?id=33951&action=edit Test code Test code which hijacks activeRemoteStreamCount. I tried putting code in StreamProcessor, among other possible options, but for some reason the performance improvement is not as large. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: HTTP/2 optimizations and edge cases
2016-06-15 13:27 GMT+02:00 Mark Thomas : > On 13/06/2016 21:05, Rémy Maucherat wrote: > > My conclusion is that some sort of optional mechanism should be added. > > Makes sense to me. How did you implement this for your testing? > > I'm not happy about it so I added a BZ to attach patches and discuss the best strategy. Rémy
[Bug 59703] RFC 6265 Cookie Processor doesn't allow cookie domains with a leading dot.
https://bz.apache.org/bugzilla/show_bug.cgi?id=59703 Mark Thomas changed: What|Removed |Added Status|NEW |RESOLVED Resolution|--- |INVALID --- Comment #1 from Mark Thomas --- RFC 6265 does not permit domain values to begin with ".". Tomcat correctly rejects these. >From RFC 6265, Section 4.1.1 domain-av = "Domain=" domain-value domain-value = ; defined in [RFC1034], Section 3.5, as ; enhanced by [RFC1123], Section 2.1 >From RFC 1034, Section 3.5 ::= | "." ::= [ [ ] ] ::= | ::= | "-" ::= | ::= any one of the 52 alphabetic characters A through Z in upper case and a through z in lower case ::= any one of the ten digits 0 through 9 Note that while upper and lower case letters are allowed in domain names, no significance is attached to the case. That is, two names with the same spelling but different case are to be treated as if identical. The labels must follow the rules for ARPANET host names. They must start with a letter, end with a letter or digit, and have as interior characters only letters, digits, and hyphen. There are also some restrictions on the length. Labels must be 63 characters or less. >From RFC 1123, Section 2.1 One aspect of host name syntax is hereby changed: the restriction on the first character is relaxed to allow either a letter or a digit. Host software MUST support this more liberal syntax. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1748578 - in /tomcat/tc8.5.x/trunk: ./ build.properties.default res/checkstyle/checkstyle.xml res/checkstyle/javax-checkstyle.xml res/checkstyle/org-checkstyle.xml webapps/docs/changelog.
Author: markt Date: Wed Jun 15 13:41:09 2016 New Revision: 1748578 URL: http://svn.apache.org/viewvc?rev=1748578&view=rev Log: Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=59276 Update to Checkstyle 6.17 This includes a configuration change, breaking compatibility with versions earlier than 6.16. Modified: tomcat/tc8.5.x/trunk/ (props changed) tomcat/tc8.5.x/trunk/build.properties.default tomcat/tc8.5.x/trunk/res/checkstyle/checkstyle.xml tomcat/tc8.5.x/trunk/res/checkstyle/javax-checkstyle.xml tomcat/tc8.5.x/trunk/res/checkstyle/org-checkstyle.xml tomcat/tc8.5.x/trunk/webapps/docs/changelog.xml Propchange: tomcat/tc8.5.x/trunk/ -- --- svn:mergeinfo (original) +++ svn:mergeinfo Wed Jun 15 13:41:09 2016 @@ -1 +1 @@ -/tomcat/trunk:1734785,1734799,1734845,1734928,1735041,1735044,1735480,1735577,1735597,1735599-1735600,1735615,1736145,1736162,1736209,1736280,1736297,1736299,1736489,1736646,1736703,1736836,1736849,1737104-1737105,1737112,1737117,1737119-1737120,1737155,1737157,1737192,1737280,1737339,1737632,1737664,1737715,1737748,1737785,1737834,1737860,1737959,1738005,1738007,1738014-1738015,1738018,1738022,1738039,1738043,1738059-1738060,1738147,1738149,1738174-1738175,1738261,1738589,1738623-1738625,1738643,1738816,1738850,1738855,1738946-1738948,1738953-1738954,1738979,1738982,1739079-1739081,1739087,1739113,1739153,1739172,1739176,1739191,1739474,1739726,1739762,1739775,1739814,1739817-1739818,1739975,1740131,1740324,1740465,1740495,1740508-1740509,1740520,1740535,1740707,1740803,1740810,1740969,1740980,1740991,1740997,1741015,1741033,1741036,1741058,1741060,1741080,1741147,1741159,1741164,1741173,1741181,1741190,1741197,1741202,1741208,1741213,1741221,1741225,1741232,1741409,1741501,1741677 ,1741892,1741896,1741984,1742023,1742042,1742071,1742090,1742093,1742101,1742105,1742111,1742139,1742146,1742148,1742166,1742181,1742184,1742187,1742246,1742248-1742251,1742263-1742264,1742268,1742276,1742369,1742387,1742448,1742509-1742512,1742917,1742919,1742933,1742975-1742976,1742984,1742986,1743019,1743115,1743117,1743124-1743125,1743134,1743425,1743554,1743679,1743696-1743698,1743700-1743701,1744058,1744064-1744065,1744125,1744194,1744229,1744270,1744323,1744432,1744684,1744697,1744705,1744713,1744760,1744786,1745142-1745143,1745145,1745177,1745179-1745180,1745227,1745248,1745254,1745337,1745467,1745576,1745735,1745744,1746304,1746306-1746307,1746319,1746327,1746338,1746340-1746341,1746344,1746427,1746441,1746473,1746490,1746492,1746495-1746496,1746499-1746501,1746503-1746507,1746509,1746549,1746551,1746554,1746556,1746558,1746584,1746620,1746649,1746724,1746939,1746989,1747014,1747028,1747035,1747210,1747225,1747234,1747253,1747404,1747506,1747536,1747924,1747980,1747993,1748 001,1748253,1748452,1748547 +/tomcat/trunk:1734785,1734799,1734845,1734928,1735041,1735044,1735480,1735577,1735597,1735599-1735600,1735615,1736145,1736162,1736209,1736280,1736297,1736299,1736489,1736646,1736703,1736836,1736849,1737104-1737105,1737112,1737117,1737119-1737120,1737155,1737157,1737192,1737280,1737339,1737632,1737664,1737715,1737748,1737785,1737834,1737860,1737903,1737959,1738005,1738007,1738014-1738015,1738018,1738022,1738039,1738043,1738059-1738060,1738147,1738149,1738174-1738175,1738261,1738589,1738623-1738625,1738643,1738816,1738850,1738855,1738946-1738948,1738953-1738954,1738979,1738982,1739079-1739081,1739087,1739113,1739153,1739172,1739176,1739191,1739474,1739726,1739762,1739775,1739814,1739817-1739818,1739975,1740131,1740324,1740465,1740495,1740508-1740509,1740520,1740535,1740707,1740803,1740810,1740969,1740980,1740991,1740997,1741015,1741033,1741036,1741058,1741060,1741080,1741147,1741159,1741164,1741173,1741181,1741190,1741197,1741202,1741208,1741213,1741221,1741225,1741232,1741409,1741501 ,1741677,1741892,1741896,1741984,1742023,1742042,1742071,1742090,1742093,1742101,1742105,1742111,1742139,1742146,1742148,1742166,1742181,1742184,1742187,1742246,1742248-1742251,1742263-1742264,1742268,1742276,1742369,1742387,1742448,1742509-1742512,1742917,1742919,1742933,1742975-1742976,1742984,1742986,1743019,1743115,1743117,1743124-1743125,1743134,1743425,1743554,1743679,1743696-1743698,1743700-1743701,1744058,1744064-1744065,1744125,1744194,1744229,1744270,1744323,1744432,1744684,1744697,1744705,1744713,1744760,1744786,1745142-1745143,1745145,1745177,1745179-1745180,1745227,1745248,1745254,1745337,1745467,1745576,1745735,1745744,1746304,1746306-1746307,1746319,1746327,1746338,1746340-1746341,1746344,1746427,1746441,1746473,1746490,1746492,1746495-1746496,1746499-1746501,1746503-1746507,1746509,1746549,1746551,1746554,1746556,1746558,1746584,1746620,1746649,1746724,1746939,1746989,1747014,1747028,1747035,1747210,1747225,1747234,1747253,1747404,1747506,1747536,1747924,1747980,1747 993,1748001,1748253,1748452,1748547 Modified: tomcat/tc8.5.x/trunk/build.properties.default URL: http://svn.apache.org/viewvc/tomcat/
svn commit: r1748580 - in /tomcat/tc8.0.x/trunk: ./ build.properties.default res/checkstyle/checkstyle.xml res/checkstyle/javax-checkstyle.xml res/checkstyle/org-checkstyle.xml webapps/docs/changelog.
Author: markt Date: Wed Jun 15 13:44:41 2016 New Revision: 1748580 URL: http://svn.apache.org/viewvc?rev=1748580&view=rev Log: Update to Checkstyle 6.17 This includes a configuration change, breaking compatibility with versions earlier than 6.16. Modified: tomcat/tc8.0.x/trunk/ (props changed) tomcat/tc8.0.x/trunk/build.properties.default tomcat/tc8.0.x/trunk/res/checkstyle/checkstyle.xml tomcat/tc8.0.x/trunk/res/checkstyle/javax-checkstyle.xml tomcat/tc8.0.x/trunk/res/checkstyle/org-checkstyle.xml tomcat/tc8.0.x/trunk/webapps/docs/changelog.xml Propchange: tomcat/tc8.0.x/trunk/ -- --- svn:mergeinfo (original) +++ svn:mergeinfo Wed Jun 15 13:44:41 2016 @@ -1,2 +1,2 @@ /tomcat/tc8.5.x/trunk:1735042,1737966,1743139-1743140,1744151,1747537,1747925,1748002 -/tomcat/trunk:1636524,1637156,1637176,1637188,1637331,1637684,1637695,1637890,1637892,1638720-1638725,1639653,1640010,1640083-1640084,1640088,1640275,1640322,1640347,1640361,1640365,1640403,1640410,1640652,1640655-1640658,1640688,1640700-1640883,1640903,1640976,1640978,1641000,1641026,1641038-1641039,1641051-1641052,1641058,1641064,1641300,1641369,1641374,1641380,1641486,1641634,1641656-1641692,1641704,1641707-1641718,1641720-1641722,1641735,1641981,1642233,1642280,1642554,1642564,1642595,1642606,1642668,1642679,1642697,1642699,1642766,1643002,1643045,1643054-1643055,1643066,1643121,1643128,1643206,1643209-1643210,1643216,1643249,1643270,1643283,1643309-1643310,1643323,1643365-1643366,1643370-1643371,1643465,1643474,1643536,1643570,1643634,1643649,1643651,1643654,1643675,1643731,1643733-1643734,1643761,1643766,1643814,1643937,1643963,1644017,1644169,1644201-1644203,1644321,1644323,1644516,1644523,1644529,1644535,1644730,1644768,1644784-1644785,1644790,1644793,1644815,1644884,1644886 ,1644890,1644892,1644910,1644924,1644929-1644930,1644935,1644989,1645011,1645247,1645355,1645357-1645358,1645455,1645465,1645469,1645471,1645473,1645475,1645486-1645488,1645626,1645641,1645685,1645743,1645763,1645951-1645953,1645955,1645993,1646098-1646106,1646178,1646220,1646302,1646304,1646420,1646470-1646471,1646476,1646559,1646717-1646723,1646773,1647026,1647042,1647530,1647655,1648304,1648815,1648907,1649973,1650081,1650365,1651116,1651120,1651280,1651470,1652938,1652970,1653041,1653471,1653550,1653574,1653797,1653815-1653816,1653819,1653840,1653857,1653888,1653972,1654013,1654030,1654050,1654123,1654148,1654159,1654513,1654515,1654517,1654522,1654524,1654725,1654735,1654766,1654785,1654851-1654852,1654978,1655122-1655124,1655126-1655127,1655129-1655130,1655132-1655133,1655312,1655351,1655438,1655441,1655454,168,1656087,1656299,1656319,1656331,1656345,1656350,1656590,1656648-1656650,1656657,1657041,1657054,1657374,1657492,1657510,1657565,1657580,1657584,1657586,1657589,1657 592,1657607,1657609,1657682,1657907,1658207,1658734,1658781,1658790,1658799,1658802,1658804,1658833,1658840,1658966,1659043,1659053,1659059,1659174,1659184,1659188-1659189,1659216,1659263,1659293,1659304,1659306-1659307,1659382,1659384,1659428,1659471,1659486,1659505,1659516,1659521,1659524,1659559,1659562,1659803,1659806,1659814,1659833,1659862,1659905,1659919,1659948,1659967,1659983-1659984,1660060,1660074,1660077,1660133,1660168,1660331-1660332,1660353,1660358,1660924,1661386,1661770,1661867,1661972,1661990,1662200,1662308-1662309,1662548,1662614,1662696,1662736,1662985,1662988-1662989,1663264,1663277,1663298,1663534,1663562,1663676,1663715,1663754,1663768,1663772,1663781,1663893,1663995,1664143,1664163,1664174,1664301,1664317,1664347,1664657,1664659,1664710,1664863-1664864,1664866,1665085,1665292,1665559,1665653,1665661,1665672,1665694,1665697,1665736,1665779,1665976-1665977,1665980-1665981,1665985-1665986,1665989,1665998,1666004,1666008,1666013,1666017,1666024,1666116,1666386-1 666387,1666494,1666496,1666552,1666569,1666579,137,149,1666757,1666966,1666972,1666985,1666995,1666997,1667292,1667402,1667406,1667546,1667615,1667630,1667636,1667688,1667764,1667871,1668026,1668135,1668193,1668593,1668596,1668630,1668639,1668843,1669353,1669370,1669451,1669800,1669838,1669876,1669882,1670394,1670433,1670591,1670598-1670600,1670610,1670631,1670719,1670724,1670726,1670730,1670940,1671112,1672272,1672284,1673754,1674294,1675461,1675486,1675594,1675830,1676231,1676250-1676251,1676364,1676381,1676393,1676479,1676525,1676552,1676615,1676630,1676634,1676721,1676926,1676943,1677140,1677802,1678011,1678162,1678174,1678339,1678426-1678427,1678694,1678701,1679534,1679708,1679710,1679716,1680034,1680246,1681056,1681123,1681138,1681280,1681283,1681286,1681450,1681697,1681699,1681701,1681729,1681770,1681779,1681793,1681807,1681837-1681838,1681854,1681862,1681958,1682028,1682033,1682311,1682315,1682317,1682320,1682324,1682330,1682842,1684172,1684366,1684383,1684526-168452 7,1684549-1684550,1685556,1685591,1685739,1685744,1685772,1685816,1685826,1685891,1687242,1687261,1687268,1687340,1687544,16875
[Bug 59276] Update Checkstyle to version 6.17 needs a configuration change
https://bz.apache.org/bugzilla/show_bug.cgi?id=59276 Mark Thomas changed: What|Removed |Added Status|NEW |RESOLVED Resolution|--- |FIXED --- Comment #2 from Mark Thomas --- Fixed for 8.5.x and 8.0.x as well. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 59253] IOExceptions in websockets
https://bz.apache.org/bugzilla/show_bug.cgi?id=59253 Mark Thomas changed: What|Removed |Added Resolution|--- |WONTFIX Status|NEW |RESOLVED --- Comment #7 from Mark Thomas --- Tomcat is correctly calling onError when something goes wrong. It appears from the stack traces that it is Atmosphere that is logging the stack traces, not Tomcat. While Tomcat could filter the calls to onError(), I don't think it should. The application may well wish to be informed of unexpected client disconnects. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
buildbot success in on tomcat-8-trunk
The Buildbot has detected a restored build on builder tomcat-8-trunk while building . Full details are available at: https://ci.apache.org/builders/tomcat-8-trunk/builds/656 Buildbot URL: https://ci.apache.org/ Buildslave for this Build: silvanus_ubuntu Build Reason: The AnyBranchScheduler scheduler named 'on-tomcat-8-commit' triggered this build Build Source Stamp: [branch tomcat/tc8.0.x/trunk] 1748580 Blamelist: markt Build succeeded! Sincerely, -The Buildbot - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 58289] request.getRemoteAddr() sometimes returning IP address from the previous request
https://bz.apache.org/bugzilla/show_bug.cgi?id=58289 Mark Thomas changed: What|Removed |Added Resolution|--- |WORKSFORME Status|NEEDINFO|RESOLVED --- Comment #5 from Mark Thomas --- Can't reproduce and not reproduction information provided after 9+ months. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 58721] Http11Nio2Protocol is leaking open file handles for TCP connections
https://bz.apache.org/bugzilla/show_bug.cgi?id=58721 Remy Maucherat changed: What|Removed |Added Resolution|--- |WORKSFORME Status|NEEDINFO|RESOLVED --- Comment #7 from Remy Maucherat --- This should be retested with 8.5, at least. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1748587 - in /tomcat/tc7.0.x/tags/TOMCAT_7_0_70: ./ build.properties.default
Author: violetagg Date: Wed Jun 15 14:24:03 2016 New Revision: 1748587 URL: http://svn.apache.org/viewvc?rev=1748587&view=rev Log: Tag 7.0.70 Added: tomcat/tc7.0.x/tags/TOMCAT_7_0_70/ (props changed) - copied from r1748585, tomcat/tc7.0.x/trunk/ Modified: tomcat/tc7.0.x/tags/TOMCAT_7_0_70/build.properties.default Propchange: tomcat/tc7.0.x/tags/TOMCAT_7_0_70/ -- bugtraq:append = false Propchange: tomcat/tc7.0.x/tags/TOMCAT_7_0_70/ -- bugtraq:label = Bugzilla ID (optional) Propchange: tomcat/tc7.0.x/tags/TOMCAT_7_0_70/ -- --- bugtraq:logregex (added) +++ bugtraq:logregex Wed Jun 15 14:24:03 2016 @@ -0,0 +1,2 @@ +(https?\://(bz|issues)\.apache\.org/bugzilla/show_bug.cgi\?id=\d+|BZ\s?\d+) +(\d+) Propchange: tomcat/tc7.0.x/tags/TOMCAT_7_0_70/ -- bugtraq:message = Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=%BUGID% Propchange: tomcat/tc7.0.x/tags/TOMCAT_7_0_70/ -- bugtraq:url = https://bz.apache.org/bugzilla/show_bug.cgi?id=%BUGID% Propchange: tomcat/tc7.0.x/tags/TOMCAT_7_0_70/ -- --- svn:ignore (added) +++ svn:ignore Wed Jun 15 14:24:03 2016 @@ -0,0 +1,7 @@ +.* +build.properties +logs +nbproject +output +work +*.iml Propchange: tomcat/tc7.0.x/tags/TOMCAT_7_0_70/ -- --- svn:mergeinfo (added) +++ svn:mergeinfo Wed Jun 15 14:24:03 2016 @@ -0,0 +1,3 @@ +/tomcat/tc8.0.x/trunk:1636525,1637336,1637685,1637709,1638726,1640089,1640276,1640349,1640363,1640366,1640642,1640672,1640674,1640689,1640884,1641001,1641065,1641067,1641375,1641638,1641723,1641726,1641729-1641730,1641736,1641988,1642669-1642670,1642698,1642701,1643205,1643215,1643217,1643230,1643232,1643273,1643285,1643329-1643330,1643511,1643513,1643521,1643539,1643571,1643581-1643582,1643635,1643655,1643738,1643964,1644018,1644333,1644954,1644992,1645014,1645360,1645456,1645627,1645642,1645686,1645903-1645904,1645908-1645909,1645913,1645920,1646458,1646460-1646462,1646735,1646738-1646741,1646744,1646746,1646748-1646755,1646757,1646759-1646760,1647043,1648816,1651420-1651422,1651844,1652926,1652939-1652940,1652973,1653798,1653817,1653841,1654042,1654161,1654736,1654767,1654787,1656592,1659907,1662986,1663265,1663278,1663325,1663535,1663567,1663679,1663997,1664175,1664321,1664872,1665061,1665086,1666027,1666395,1666503,1666506,1666560,1666570,1666581,1666759,1666967,1666988,1667553 -1667555,1667558,1667617,1667633,1667637,1667747,1667767,1667873,1668028,1668137,1668634,1669432,1669801,1669840,1669895-1669896,1670398,1670435,1670592,1670605-1670607,1670609,1670632,1670720,1670725,1670727,1670731,1671114,1672273,1672285,1673759,1674220,1674295,1675469,1675488,1675595,1675831,1676232,1676367-1676369,1676382,1676394,1676483,1676556,1676635,1678178,1679536,1679988,1680256,1681124,1681182,1681730,1681840,1681864,1681869,1682010,1682034,1682047,1682052-1682053,1682062,1682064,1682070,1682312,1682325,1682331,1682386,1684367,1684385,1685759,1685774,1685827,1685892,1687341,1688904,1689358,1689657,1689921,1692850,1693093,1693108,1693324,1694060,1694115,1694291,1694427,1694431,1694503,1694549,1694789,1694873,1694881,1695356,1695372,1695823-1695825,1696200,1696281,1696379,1696468,1700608,1700871,1700897,1700978,1701094,1701124,1701608,1701668,1701676,1701766,1701944,1702248,1702252,1702314,1702390,1702723,1702725,1702728,1702730,1702733,1702735,1702737,1702739,1702742,1702 744,1702748,1702751,1702754,1702758,1702760,1702763,1702766,1708779,1708782,1708806,1709314,1709670,1710347,1710442,1710448,1710490,1710574,1710578,1712226,1712229,1712235,1712255,1712618,1712649,1712655,1712860,1712899,1712903,1712906,1712913,1712926,1712975,1713185,1713262,1713287,1713613,1713621,1713872,1713976,1713994,1713998,1714004,1714013,1714059,1714538,1714580,1715189,1715207,1715544,1715549,1715637,1715639-1715645,1715667,1715683,1715866,1715978,1715981,1716216-1716217,1716355,1716414,1716421,1717208-1717209,1717257,1717283,1717288,1717291,1717421,1717517,1717529,1718797,1718840-1718843,1719348,1719357-1719358,1719400,1719491,1719737,1720235,1720396,1720442,1720446,1720450,1720463,1720658-1720660,1720756,1720816,1721813,1721818,1721831,1721861,1721867,1721882,1722523,1722527,1722800,1722926,1722941,1722997,1723130,1723440,1723488,1723890,1724434,1724674,1724792,1724803,1724902,1725128,1725131,1725154,1725167,1725911,1725921,1725929,1725963-1725965,1725970,1725974,1726171-1 726173,1726175,1726179-1726182,1726190-1726191,1726195-1726200,1726203,1726226,1726576,1726630,1726992,1727029,1727037,1727671,1727676,1727900,1728028,17
[Bug 59708] New: LockOutRealm Details
https://bz.apache.org/bugzilla/show_bug.cgi?id=59708 Bug ID: 59708 Summary: LockOutRealm Details Product: Tomcat 8 Version: 8.0.35 Hardware: PC OS: Linux Status: NEW Severity: normal Priority: P2 Component: Documentation Assignee: dev@tomcat.apache.org Reporter: b...@zvan.net Documentation for LockOutRealm does not specify if failed logins due to being locked out by the LockOutRealm count as failed logins for the purpose of locking out a user. For example: Lets say I'm protecting an API with LockOutRealm and the authentication fails either due to maliciously bad password, accidentally bad password, or back-end auth fail. This results in a LockOut condition because it happened x times in y period. But the machines legitimately hitting the API don't care and continue to fail to authenticate during the LockOut period. Will the machines ever be allowed to authenticate or is this a critical failure of the API? -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 59710] New: java.io.IOException: Connection timed out
https://bz.apache.org/bugzilla/show_bug.cgi?id=59710 Bug ID: 59710 Summary: java.io.IOException: Connection timed out Product: Tomcat 7 Version: 7.0.69 Hardware: PC OS: Linux Status: NEW Severity: normal Priority: P2 Component: WebSocket Assignee: dev@tomcat.apache.org Reporter: hugo.lar...@yahoo.com Hello, We are using Tomcat 7.0.69 and suspect a bug with session.close() when "Connection timed out" happens sporadically. When the exception is thrown @onError correctly is called and I call session.close but the connection is still open in limbo which cause memory leak. On the client we use Tyrus with reconnectHandler and set HeartBeatIntervall to 1 minute. When the timeout exception is thrown in Tomcat, Tyrus is still happy with the connection even though its closed in Tomcat. My theory is that there is a problem with session.close() when a timeout occurs. It never really gets closed. I have set the connectionTimeout=-1 connectionUploadTimeout=-1 in server.xml. Anyone has a clue? BR, Hugo java.io.IOException: Connection timed out at sun.nio.ch.FileDispatcherImpl.read0(Native Method) at sun.nio.ch.SocketDispatcher.read(SocketDispatcher.java:39) at sun.nio.ch.IOUtil.readIntoNativeBuffer(IOUtil.java:223) at sun.nio.ch.IOUtil.read(IOUtil.java:192) at sun.nio.ch.SocketChannelImpl.read(SocketChannelImpl.java:384) at org.apache.tomcat.util.net.SecureNioChannel.read(SecureNioChannel.java:442) at org.apache.coyote.http11.upgrade.NioServletInputStream.fillReadBuffer(NioServletInputStream.java:136) at org.apache.coyote.http11.upgrade.NioServletInputStream.doRead(NioServletInputStream.java:80) at org.apache.coyote.http11.upgrade.AbstractServletInputStream.read(AbstractServletInputStream.java:129) at org.apache.tomcat.websocket.server.WsFrameServer.onDataAvailable(WsFrameServer.java:56) at org.apache.tomcat.websocket.server.WsHttpUpgradeHandler$WsReadListener.onDataAvailable(WsHttpUpgradeHa ndler.java:205) at org.apache.coyote.http11.upgrade.AbstractServletInputStream.onDataAvailable(AbstractServletInputStream .java:203) at org.apache.coyote.http11.upgrade.AbstractProcessor.upgradeDispatch(AbstractProcessor.java:93) at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:623) at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1749) at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1708) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) at java.lang.Thread.run(Thread.java:745) -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 59710] java.io.IOException: Connection timed out
https://bz.apache.org/bugzilla/show_bug.cgi?id=59710 Mark Thomas changed: What|Removed |Added Resolution|--- |FIXED Status|NEW |RESOLVED --- Comment #1 from Mark Thomas --- This should be fixed in trunk and will be included in the 7.0.70 release currently in progress. If you still see this issue with 7.0.70 please provide the simplest possible test case that demonstrates the issue and we'll take another look. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r14014 [2/2] - in /dev/tomcat/tomcat-7/v7.0.70: ./ bin/ bin/embed/ bin/extras/ src/
Added: dev/tomcat/tomcat-7/v7.0.70/bin/extras/catalina-jmx-remote.jar.sha1 == --- dev/tomcat/tomcat-7/v7.0.70/bin/extras/catalina-jmx-remote.jar.sha1 (added) +++ dev/tomcat/tomcat-7/v7.0.70/bin/extras/catalina-jmx-remote.jar.sha1 Wed Jun 15 19:35:28 2016 @@ -0,0 +1 @@ +42216aa5ec521f7fc7921d1982d7e73954b8aea0 *catalina-jmx-remote.jar \ No newline at end of file Added: dev/tomcat/tomcat-7/v7.0.70/bin/extras/catalina-ws.jar == Binary file - no diff available. Propchange: dev/tomcat/tomcat-7/v7.0.70/bin/extras/catalina-ws.jar -- svn:mime-type = application/octet-stream Added: dev/tomcat/tomcat-7/v7.0.70/bin/extras/catalina-ws.jar.asc == --- dev/tomcat/tomcat-7/v7.0.70/bin/extras/catalina-ws.jar.asc (added) +++ dev/tomcat/tomcat-7/v7.0.70/bin/extras/catalina-ws.jar.asc Wed Jun 15 19:35:28 2016 @@ -0,0 +1,17 @@ +-BEGIN PGP SIGNATURE- +Version: GnuPG v2 + +iQIcBAABCgAGBQJXYYQVAAoJECCLCrHWMBHHtRIP/iKUcjFNkYQkD11l8yWvxWHz +K+poTQpjiuHrwNlsFYFJzbSnknfLb/53YMwqiebROQHN3HEM7LhW0voVe7VGJ2c/ +7MQeBHt2PgxrQuRx2NTjHezw4aC3nt1fvEW3cXHmUhvV22Y2tqusLj4dLoBzMqDv +/USYmVBTigq1eQJHPiylJxobt5CfdQ8SqPlBfAyPRJOdep4+jcos4Ls2PMSc9++n +VtS1g4FLPuU03GmX8Mo++lVzScjkhFndbnAiD40mna9WRgZDrHjfODfgqEnapjcj +YW/fD3sF3aY+CynqSi763WY5Ti0Rn89UpMOQajdVImp6iKsvHpyJdY26WKRw/hi8 +pfRfGeESzJ8cyWfUszt769IA5FbpTETK5vP+MFlaMTee0RKASLTrYxMbR/hJiX0o +m0rYC9ZV8ZanVArOZPKLGOFSrixOVr1ktI/CEN/8NHPjOIRvsp6DwkSb8qo0AFH1 +mDw1QUnsUF+3eEgAyZ/jFLYIT5Jb5Wc8NGvpgtvX84ZoVqxOIrbLyk52tl+oKvrW ++nMRKPTy918RBoqjNZHGnKe+WU38bqijkE9O+5rbsq1taBL6kd0dhus5r0iyDzwt +NDup1qwb+pJYB0Br+yuPDoeanqHhu08NgvRtfXcdirD9KHNPanMbztzyxwKzxBHG +VVizoQamOI3580aEBWEj +=KaGK +-END PGP SIGNATURE- Added: dev/tomcat/tomcat-7/v7.0.70/bin/extras/catalina-ws.jar.md5 == --- dev/tomcat/tomcat-7/v7.0.70/bin/extras/catalina-ws.jar.md5 (added) +++ dev/tomcat/tomcat-7/v7.0.70/bin/extras/catalina-ws.jar.md5 Wed Jun 15 19:35:28 2016 @@ -0,0 +1 @@ +3fdb90d63b9f24b4199cbdcb0b184d54 *catalina-ws.jar \ No newline at end of file Added: dev/tomcat/tomcat-7/v7.0.70/bin/extras/catalina-ws.jar.sha1 == --- dev/tomcat/tomcat-7/v7.0.70/bin/extras/catalina-ws.jar.sha1 (added) +++ dev/tomcat/tomcat-7/v7.0.70/bin/extras/catalina-ws.jar.sha1 Wed Jun 15 19:35:28 2016 @@ -0,0 +1 @@ +10acfcc1c48c8a0c9b551f94b825562d1046f0fb *catalina-ws.jar \ No newline at end of file Added: dev/tomcat/tomcat-7/v7.0.70/bin/extras/tomcat-juli-adapters.jar == Binary file - no diff available. Propchange: dev/tomcat/tomcat-7/v7.0.70/bin/extras/tomcat-juli-adapters.jar -- svn:mime-type = application/octet-stream Added: dev/tomcat/tomcat-7/v7.0.70/bin/extras/tomcat-juli-adapters.jar.asc == --- dev/tomcat/tomcat-7/v7.0.70/bin/extras/tomcat-juli-adapters.jar.asc (added) +++ dev/tomcat/tomcat-7/v7.0.70/bin/extras/tomcat-juli-adapters.jar.asc Wed Jun 15 19:35:28 2016 @@ -0,0 +1,17 @@ +-BEGIN PGP SIGNATURE- +Version: GnuPG v2 + +iQIcBAABCgAGBQJXYYQKAAoJECCLCrHWMBHH/xMP/jEpvsIYDuD5S3kU6uIcNoq1 +b6BOKoSLwwwu15WNKL6mzwPMpksj0QTgL8hjMnIFssi9Cuw557ecj+qvl8FNjYGU +bwORCxgXKZychD9n+/95SQJOoVo55/2ILhGJYXFd5SNIh0sXMuc/7nQ0N+osxv/y +kGIAo4g2SFtVHH8m5xsKnQsQZw+0API2PNSIrY/xjcoO9uXhSoV04C2TzTsi5MRG +7v3aERounTPIIWgPoMjsdc3SAiv6ianSUbDgDv3xTxWrzBa9MniHpEUWjUF5aKYm +svKyxG8p17P/9XxJpXI5AeuFwtJuQeHAGnWWOvyoVCv0/hUfXvx9BnOa4ntt53Do +y8RU/c2QXhot5Gqb/XPjjTq5T9B97bo2XlyXx3r/ZBKMqS0gQSVjD1JPovzBxq4d +KraloZdtEXa4SK8l3c1jaOQ2kSsYpv0QrZxrXn0B+ErgXcVyIz3ph9TkNPToVniV +WnSjqGX/fisQ3xH2wP062mh48be7WvS9ic/D1lyilIekg5cuC8LjIuxL5mbULkl+ +Ezk0wktXx+fkCvY1NG6cr7pdsDoCAjjFOzE0fbz/bSYT7GMO9HXw28t2ONEaH/3s ++AMJh6wDM4j+wF6h4Ajw1Tl5DOK2bAM3wIWDPEiNHfUO3TK7BU5PFz1f/Nturcx8 +6CPJEpD391oJ53rwKhDf +=gvUc +-END PGP SIGNATURE- Added: dev/tomcat/tomcat-7/v7.0.70/bin/extras/tomcat-juli-adapters.jar.md5 == --- dev/tomcat/tomcat-7/v7.0.70/bin/extras/tomcat-juli-adapters.jar.md5 (added) +++ dev/tomcat/tomcat-7/v7.0.70/bin/extras/tomcat-juli-adapters.jar.md5 Wed Jun 15 19:35:28 2016 @@ -0,0 +1 @@ +eb8e3b02507888a8ae526df0882daf28 *tomcat-juli-adapters.jar \ No newline at end of file Added: dev/tomcat/tomcat-7/v7.0.70/bin/extras/tomcat-juli-adapters.jar.sha1 == --- dev/tomcat/tomcat-7/v7.0.70/bin/extras/tomcat-juli-adapte
svn commit: r14014 [1/2] - in /dev/tomcat/tomcat-7/v7.0.70: ./ bin/ bin/embed/ bin/extras/ src/
Author: violetagg Date: Wed Jun 15 19:35:28 2016 New Revision: 14014 Log: Stage 7.0.70 RC Added: dev/tomcat/tomcat-7/v7.0.70/ dev/tomcat/tomcat-7/v7.0.70/KEYS dev/tomcat/tomcat-7/v7.0.70/README.html dev/tomcat/tomcat-7/v7.0.70/RELEASE-NOTES dev/tomcat/tomcat-7/v7.0.70/bin/ dev/tomcat/tomcat-7/v7.0.70/bin/README.html dev/tomcat/tomcat-7/v7.0.70/bin/apache-tomcat-7.0.70-deployer.tar.gz (with props) dev/tomcat/tomcat-7/v7.0.70/bin/apache-tomcat-7.0.70-deployer.tar.gz.asc dev/tomcat/tomcat-7/v7.0.70/bin/apache-tomcat-7.0.70-deployer.tar.gz.md5 dev/tomcat/tomcat-7/v7.0.70/bin/apache-tomcat-7.0.70-deployer.tar.gz.sha1 dev/tomcat/tomcat-7/v7.0.70/bin/apache-tomcat-7.0.70-deployer.zip (with props) dev/tomcat/tomcat-7/v7.0.70/bin/apache-tomcat-7.0.70-deployer.zip.asc dev/tomcat/tomcat-7/v7.0.70/bin/apache-tomcat-7.0.70-deployer.zip.md5 dev/tomcat/tomcat-7/v7.0.70/bin/apache-tomcat-7.0.70-deployer.zip.sha1 dev/tomcat/tomcat-7/v7.0.70/bin/apache-tomcat-7.0.70-fulldocs.tar.gz (with props) dev/tomcat/tomcat-7/v7.0.70/bin/apache-tomcat-7.0.70-fulldocs.tar.gz.asc dev/tomcat/tomcat-7/v7.0.70/bin/apache-tomcat-7.0.70-fulldocs.tar.gz.md5 dev/tomcat/tomcat-7/v7.0.70/bin/apache-tomcat-7.0.70-fulldocs.tar.gz.sha1 dev/tomcat/tomcat-7/v7.0.70/bin/apache-tomcat-7.0.70-windows-x64.zip (with props) dev/tomcat/tomcat-7/v7.0.70/bin/apache-tomcat-7.0.70-windows-x64.zip.asc dev/tomcat/tomcat-7/v7.0.70/bin/apache-tomcat-7.0.70-windows-x64.zip.md5 dev/tomcat/tomcat-7/v7.0.70/bin/apache-tomcat-7.0.70-windows-x64.zip.sha1 dev/tomcat/tomcat-7/v7.0.70/bin/apache-tomcat-7.0.70-windows-x86.zip (with props) dev/tomcat/tomcat-7/v7.0.70/bin/apache-tomcat-7.0.70-windows-x86.zip.asc dev/tomcat/tomcat-7/v7.0.70/bin/apache-tomcat-7.0.70-windows-x86.zip.md5 dev/tomcat/tomcat-7/v7.0.70/bin/apache-tomcat-7.0.70-windows-x86.zip.sha1 dev/tomcat/tomcat-7/v7.0.70/bin/apache-tomcat-7.0.70.exe (with props) dev/tomcat/tomcat-7/v7.0.70/bin/apache-tomcat-7.0.70.exe.asc dev/tomcat/tomcat-7/v7.0.70/bin/apache-tomcat-7.0.70.exe.md5 dev/tomcat/tomcat-7/v7.0.70/bin/apache-tomcat-7.0.70.exe.sha1 dev/tomcat/tomcat-7/v7.0.70/bin/apache-tomcat-7.0.70.tar.gz (with props) dev/tomcat/tomcat-7/v7.0.70/bin/apache-tomcat-7.0.70.tar.gz.asc dev/tomcat/tomcat-7/v7.0.70/bin/apache-tomcat-7.0.70.tar.gz.md5 dev/tomcat/tomcat-7/v7.0.70/bin/apache-tomcat-7.0.70.tar.gz.sha1 dev/tomcat/tomcat-7/v7.0.70/bin/apache-tomcat-7.0.70.zip (with props) dev/tomcat/tomcat-7/v7.0.70/bin/apache-tomcat-7.0.70.zip.asc dev/tomcat/tomcat-7/v7.0.70/bin/apache-tomcat-7.0.70.zip.md5 dev/tomcat/tomcat-7/v7.0.70/bin/apache-tomcat-7.0.70.zip.sha1 dev/tomcat/tomcat-7/v7.0.70/bin/embed/ dev/tomcat/tomcat-7/v7.0.70/bin/embed/apache-tomcat-7.0.70-embed.tar.gz (with props) dev/tomcat/tomcat-7/v7.0.70/bin/embed/apache-tomcat-7.0.70-embed.tar.gz.asc dev/tomcat/tomcat-7/v7.0.70/bin/embed/apache-tomcat-7.0.70-embed.tar.gz.md5 dev/tomcat/tomcat-7/v7.0.70/bin/embed/apache-tomcat-7.0.70-embed.tar.gz.sha1 dev/tomcat/tomcat-7/v7.0.70/bin/embed/apache-tomcat-7.0.70-embed.zip (with props) dev/tomcat/tomcat-7/v7.0.70/bin/embed/apache-tomcat-7.0.70-embed.zip.asc dev/tomcat/tomcat-7/v7.0.70/bin/embed/apache-tomcat-7.0.70-embed.zip.md5 dev/tomcat/tomcat-7/v7.0.70/bin/embed/apache-tomcat-7.0.70-embed.zip.sha1 dev/tomcat/tomcat-7/v7.0.70/bin/extras/ dev/tomcat/tomcat-7/v7.0.70/bin/extras/catalina-jmx-remote.jar (with props) dev/tomcat/tomcat-7/v7.0.70/bin/extras/catalina-jmx-remote.jar.asc dev/tomcat/tomcat-7/v7.0.70/bin/extras/catalina-jmx-remote.jar.md5 dev/tomcat/tomcat-7/v7.0.70/bin/extras/catalina-jmx-remote.jar.sha1 dev/tomcat/tomcat-7/v7.0.70/bin/extras/catalina-ws.jar (with props) dev/tomcat/tomcat-7/v7.0.70/bin/extras/catalina-ws.jar.asc dev/tomcat/tomcat-7/v7.0.70/bin/extras/catalina-ws.jar.md5 dev/tomcat/tomcat-7/v7.0.70/bin/extras/catalina-ws.jar.sha1 dev/tomcat/tomcat-7/v7.0.70/bin/extras/tomcat-juli-adapters.jar (with props) dev/tomcat/tomcat-7/v7.0.70/bin/extras/tomcat-juli-adapters.jar.asc dev/tomcat/tomcat-7/v7.0.70/bin/extras/tomcat-juli-adapters.jar.md5 dev/tomcat/tomcat-7/v7.0.70/bin/extras/tomcat-juli-adapters.jar.sha1 dev/tomcat/tomcat-7/v7.0.70/bin/extras/tomcat-juli.jar (with props) dev/tomcat/tomcat-7/v7.0.70/bin/extras/tomcat-juli.jar.asc dev/tomcat/tomcat-7/v7.0.70/bin/extras/tomcat-juli.jar.md5 dev/tomcat/tomcat-7/v7.0.70/bin/extras/tomcat-juli.jar.sha1 dev/tomcat/tomcat-7/v7.0.70/src/ dev/tomcat/tomcat-7/v7.0.70/src/apache-tomcat-7.0.70-src.tar.gz (with props) dev/tomcat/tomcat-7/v7.0.70/src/apache-tomcat-7.0.70-src.tar.gz.asc dev/tomcat/tomcat-7/v7.0.70/src/apache-tomcat-7.0.70-src.tar.gz.md5 dev/tomcat/tomcat-7/v7.0.70/src/apache-tomcat-7.0.70-src.tar.gz.sha1 dev/tomcat/tomcat-7/v7.0.
[VOTE] Release Apache Tomcat 7.0.70
The proposed Apache Tomcat 7.0.70 release is now available for voting. It can be obtained from: https://dist.apache.org/repos/dist/dev/tomcat/tomcat-7/v7.0.70/ The Maven staging repo is: https://repository.apache.org/content/repositories/orgapachetomcat-1088/ The svn tag is: http://svn.apache.org/repos/asf/tomcat/tc7.0.x/tags/TOMCAT_7_0_70/ The proposed 7.0.70 release is: [ ] Broken - do not release [ ] Stable - go ahead and release as 7.0.70 Stable Regards, Violeta
[Bug 59708] LockOutRealm Details
https://bz.apache.org/bugzilla/show_bug.cgi?id=59708 --- Comment #1 from Mark Thomas --- Thanks for the report. To answer the question, the LockOutRealm currently treats any authentication attempt during the lock out period as a failure. This does mean that once an account is locked out, if the legitimate users attempts to login more frequently that the lockout period that user is never going to regain access. It does make sense to change this behaviour (and document it) so that valid logins do not extend the lockout period. I'll take a look at a patch. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1748629 - in /tomcat/trunk: java/org/apache/catalina/realm/LockOutRealm.java webapps/docs/changelog.xml webapps/docs/config/realm.xml
Author: markt
Date: Wed Jun 15 20:26:17 2016
New Revision: 1748629
URL: http://svn.apache.org/viewvc?rev=1748629&view=rev
Log:
Modify the lock out logic. Valid authentication attempts during the lock out
period will no longer reset the lock out timer to zero.
Modified:
tomcat/trunk/java/org/apache/catalina/realm/LockOutRealm.java
tomcat/trunk/webapps/docs/changelog.xml
tomcat/trunk/webapps/docs/config/realm.xml
Modified: tomcat/trunk/java/org/apache/catalina/realm/LockOutRealm.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/realm/LockOutRealm.java?rev=1748629&r1=1748628&r2=1748629&view=diff
==
--- tomcat/trunk/java/org/apache/catalina/realm/LockOutRealm.java (original)
+++ tomcat/trunk/java/org/apache/catalina/realm/LockOutRealm.java Wed Jun 15
20:26:17 2016
@@ -139,23 +139,9 @@ public class LockOutRealm extends Combin
String nonce, String nc, String cnonce, String qop,
String realmName, String md5a2) {
-if (isLocked(username)) {
-// Trying to authenticate a locked user is an automatic failure
-registerAuthFailure(username);
-
-log.warn(sm.getString("lockOutRealm.authLockedUser", username));
-return null;
-}
-
-Principal authenticatedUser = super.authenticate(username,
clientDigest,
-nonce, nc, cnonce, qop, realmName, md5a2);
-
-if (authenticatedUser == null) {
-registerAuthFailure(username);
-} else {
-registerAuthSuccess(username);
-}
-return authenticatedUser;
+Principal authenticatedUser = super.authenticate(username,
clientDigest, nonce, nc, cnonce,
+qop, realmName, md5a2);
+return filterLockedAccounts(username, authenticatedUser);
}
@@ -169,22 +155,8 @@ public class LockOutRealm extends Combin
*/
@Override
public Principal authenticate(String username, String credentials) {
-if (isLocked(username)) {
-// Trying to authenticate a locked user is an automatic failure
-registerAuthFailure(username);
-
-log.warn(sm.getString("lockOutRealm.authLockedUser", username));
-return null;
-}
-
Principal authenticatedUser = super.authenticate(username,
credentials);
-
-if (authenticatedUser == null) {
-registerAuthFailure(username);
-} else {
-registerAuthSuccess(username);
-}
-return authenticatedUser;
+return filterLockedAccounts(username, authenticatedUser);
}
@@ -202,22 +174,8 @@ public class LockOutRealm extends Combin
username = certs[0].getSubjectDN().getName();
}
-if (isLocked(username)) {
-// Trying to authenticate a locked user is an automatic failure
-registerAuthFailure(username);
-
-log.warn(sm.getString("lockOutRealm.authLockedUser", username));
-return null;
-}
-
Principal authenticatedUser = super.authenticate(certs);
-
-if (authenticatedUser == null) {
-registerAuthFailure(username);
-} else {
-registerAuthSuccess(username);
-}
-return authenticatedUser;
+return filterLockedAccounts(username, authenticatedUser);
}
@@ -238,23 +196,9 @@ public class LockOutRealm extends Combin
username = name.toString();
-if (isLocked(username)) {
-// Trying to authenticate a locked user is an automatic failure
-registerAuthFailure(username);
+Principal authenticatedUser = super.authenticate(gssContext,
storeCreds);
-log.warn(sm.getString("lockOutRealm.authLockedUser",
username));
-return null;
-}
-
-Principal authenticatedUser =
-super.authenticate(gssContext, storeCreds);
-
-if (authenticatedUser == null) {
-registerAuthFailure(username);
-} else {
-registerAuthSuccess(username);
-}
-return authenticatedUser;
+return filterLockedAccounts(username, authenticatedUser);
}
// Fail in all other cases
@@ -262,6 +206,30 @@ public class LockOutRealm extends Combin
}
+/*
+ * Filters authenticated principals to ensure that null is
+ * returned for any user that is currently locked out.
+ */
+private Principal filterLockedAccounts(String username, Principal
authenticatedUser) {
+// Register all failed authentications
+if (authenticatedUser == null) {
+registerAuthFailure(username);
+}
+
+if (isLocked(username)) {
+// If the user is currently locked, authentication will always fail
+log.warn(sm.getString("lockO
[Bug 59710] java.io.IOException: Connection timed out
https://bz.apache.org/bugzilla/show_bug.cgi?id=59710 --- Comment #2 from hugo.lar...@yahoo.com --- Will do! BR, Hugo -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 59708] LockOutRealm Details
https://bz.apache.org/bugzilla/show_bug.cgi?id=59708 --- Comment #2 from Ben --- Thanks for the clarification. I look forward to seeing this progress. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[GUMP@vmgump]: Project tomcat-native-trunk-make (in module tomcat-native-trunk) failed
To whom it may engage... This is an automated request, but not an unsolicited one. For more information please visit http://gump.apache.org/nagged.html, and/or contact the folk at gene...@gump.apache.org. Project tomcat-native-trunk-make has an issue affecting its community integration. This issue affects 3 projects, and has been outstanding for 45 runs. The current state of this project is 'Failed', with reason 'Build Failed'. For reference only, the following projects are affected by this: - tomcat-native-trunk-make : Tomcat native library using Apache Portable Runtime - tomcat-native-trunk-make-install : Tomcat native library using Apache Portable Runtime - tomcat-trunk-test-apr : Tomcat 9.x, a web server implementing the Java Servlet 4.0, ... Full details are available at: http://vmgump.apache.org/gump/public/tomcat-native-trunk/tomcat-native-trunk-make/index.html That said, some information snippets are provided here. The following annotations (debug/informational/warning/error messages) were provided: -INFO- Failed with reason build failed The following work was performed: http://vmgump.apache.org/gump/public/tomcat-native-trunk/tomcat-native-trunk-make/gump_work/build_tomcat-native-trunk_tomcat-native-trunk-make.html Work Name: build_tomcat-native-trunk_tomcat-native-trunk-make (Type: Build) Work ended in a state of : Failed Elapsed: 37 secs Command Line: make [Working Directory: /srv/gump/public/workspace/tomcat-native-trunk/native] - make[1]: Entering directory `/srv/gump/public/workspace/tomcat-native-trunk/native' /bin/bash /srv/gump/public/workspace/apr-1/dest-20160616/build-1/libtool --silent --mode=compile gcc -g -O2 -pthread -DHAVE_CONFIG_H -DLINUX -D_REENTRANT -D_GNU_SOURCE -g -O2 -DHAVE_OPENSSL -DHAVE_POLLSET_WAKEUP -I/srv/gump/public/workspace/tomcat-native-trunk/native/include -I/usr/lib/jvm/java-8-oracle/include -I/usr/lib/jvm/java-8-oracle/include/linux -I/srv/gump/public/workspace/openssl-master/dest-20160616/include -I/srv/gump/public/workspace/apr-1/dest-20160616/include/apr-1 -o src/address.lo -c src/address.c && touch src/address.lo /bin/bash /srv/gump/public/workspace/apr-1/dest-20160616/build-1/libtool --silent --mode=compile gcc -g -O2 -pthread -DHAVE_CONFIG_H -DLINUX -D_REENTRANT -D_GNU_SOURCE -g -O2 -DHAVE_OPENSSL -DHAVE_POLLSET_WAKEUP -I/srv/gump/public/workspace/tomcat-native-trunk/native/include -I/usr/lib/jvm/java-8-oracle/include -I/usr/lib/jvm/java-8-oracle/include/linux -I/srv/gump/public/workspace/openssl-master/dest-20160616/include -I/srv/gump/public/workspace/apr-1/dest-20160616/include/apr-1 -o src/bb.lo -c src/bb.c && touch src/bb.lo /bin/bash /srv/gump/public/workspace/apr-1/dest-20160616/build-1/libtool --silent --mode=compile gcc -g -O2 -pthread -DHAVE_CONFIG_H -DLINUX -D_REENTRANT -D_GNU_SOURCE -g -O2 -DHAVE_OPENSSL -DHAVE_POLLSET_WAKEUP -I/srv/gump/public/workspace/tomcat-native-trunk/native/include -I/usr/lib/jvm/java-8-oracle/include -I/usr/lib/jvm/java-8-oracle/include/linux -I/srv/gump/public/workspace/openssl-master/dest-20160616/include -I/srv/gump/public/workspace/apr-1/dest-20160616/include/apr-1 -o src/dir.lo -c src/dir.c && touch src/dir.lo /bin/bash /srv/gump/public/workspace/apr-1/dest-20160616/build-1/libtool --silent --mode=compile gcc -g -O2 -pthread -DHAVE_CONFIG_H -DLINUX -D_REENTRANT -D_GNU_SOURCE -g -O2 -DHAVE_OPENSSL -DHAVE_POLLSET_WAKEUP -I/srv/gump/public/workspace/tomcat-native-trunk/native/include -I/usr/lib/jvm/java-8-oracle/include -I/usr/lib/jvm/java-8-oracle/include/linux -I/srv/gump/public/workspace/openssl-master/dest-20160616/include -I/srv/gump/public/workspace/apr-1/dest-20160616/include/apr-1 -o src/error.lo -c src/error.c && touch src/error.lo /bin/bash /srv/gump/public/workspace/apr-1/dest-20160616/build-1/libtool --silent --mode=compile gcc -g -O2 -pthread -DHAVE_CONFIG_H -DLINUX -D_REENTRANT -D_GNU_SOURCE -g -O2 -DHAVE_OPENSSL -DHAVE_POLLSET_WAKEUP -I/srv/gump/public/workspace/tomcat-native-trunk/native/include -I/usr/lib/jvm/java-8-oracle/include -I/usr/lib/jvm/java-8-oracle/include/linux -I/srv/gump/public/workspace/openssl-master/dest-20160616/include -I/srv/gump/public/workspace/apr-1/dest-20160616/include/apr-1 -o src/file.lo -c src/file.c && touch src/file.lo /bin/bash /srv/gump/public/workspace/apr-1/dest-20160616/build-1/libtool --silent --mode=compile gcc -g -O2 -pthread -DHAVE_CONFIG_H -DLINUX -D_REENTRANT -D_GNU_SOURCE -g -O2 -DHAVE_OPENSSL -DHAVE_POLLSET_WAKEUP -I/srv/gump/public/workspace/tomcat-native-trunk/native/include -I/usr/lib/jvm/java-8-oracle/include -I/usr/lib/jvm/java-8-oracle/include/linux -I/srv/gump/public/workspace/openssl-master/dest-20160616/include -I/srv/gump/public/workspace/apr-1/dest-20160616/include/apr-1 -o src/info.lo -c src/info.c && touch src/info.lo /bin/bash /srv/gump/public/workspace/apr-
