svn commit: r1804754 - /tomcat/trunk/java/org/apache/coyote/http2/Stream.java

2017-08-11 Thread markt
Author: markt
Date: Fri Aug 11 07:06:46 2017
New Revision: 1804754

URL: http://svn.apache.org/viewvc?rev=1804754&view=rev
Log:
Now CVE-2017-7675 is public, make the comment more specific

Modified:
tomcat/trunk/java/org/apache/coyote/http2/Stream.java

Modified: tomcat/trunk/java/org/apache/coyote/http2/Stream.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/coyote/http2/Stream.java?rev=1804754&r1=1804753&r2=1804754&view=diff
==
--- tomcat/trunk/java/org/apache/coyote/http2/Stream.java (original)
+++ tomcat/trunk/java/org/apache/coyote/http2/Stream.java Fri Aug 11 07:06:46 
2017
@@ -313,8 +313,10 @@ class Stream extends AbstractStream impl
 String query = value.substring(queryStart + 1);
 coyoteRequest.queryString().setString(query);
 }
-// Bug 61120. Set the URI as bytes rather than String so any path
-// parameters are correctly processed
+// Bug 61120. Set the URI as bytes rather than String so:
+// - any path parameters are correctly processed
+// - the normalization security checks are performed that prevent
+//   directory traversal attacks
 byte[] uriBytes = uri.getBytes(StandardCharsets.ISO_8859_1);
 coyoteRequest.requestURI().setBytes(uriBytes, 0, uriBytes.length);
 break;



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



svn commit: r1804755 - in /tomcat/tc8.5.x/trunk: ./ java/org/apache/coyote/http2/Stream.java

2017-08-11 Thread markt
Author: markt
Date: Fri Aug 11 07:07:25 2017
New Revision: 1804755

URL: http://svn.apache.org/viewvc?rev=1804755&view=rev
Log:
Now CVE-2017-7675 is public, make the comment more specific

Modified:
tomcat/tc8.5.x/trunk/   (props changed)
tomcat/tc8.5.x/trunk/java/org/apache/coyote/http2/Stream.java

Propchange: tomcat/tc8.5.x/trunk/
--
--- svn:mergeinfo (original)
+++ svn:mergeinfo Fri Aug 11 07:07:25 2017
@@ -1 +1 @@
-/tomcat/trunk:1734785,1734799,1734845,1734928,1735041,1735044,1735480,1735577,1735597,1735599-1735600,1735615,1736145,1736162,1736209,1736280,1736297,1736299,1736489,1736646,1736703,1736836,1736849,1737104-1737105,1737112,1737117,1737119-1737120,1737155,1737157,1737192,1737280,1737339,1737632,1737664,1737715,1737748,1737785,1737834,1737860,1737903,1737959,1738005,1738007,1738014-1738015,1738018,1738022,1738039,1738043,1738059-1738060,1738147,1738149,1738174-1738175,1738261,1738589,1738623-1738625,1738643,1738816,1738850,1738855,1738946-1738948,1738953-1738954,1738979,1738982,1739079-1739081,1739087,1739113,1739153,1739172,1739176,1739191,1739474,1739726,1739762,1739775,1739814,1739817-1739818,1739975,1740131,1740324,1740465,1740495,1740508-1740509,1740520,1740535,1740707,1740803,1740810,1740969,1740980,1740991,1740997,1741015,1741033,1741036,1741058,1741060,1741080,1741147,1741159,1741164,1741173,1741181,1741190,1741197,1741202,1741208,1741213,1741221,1741225,1741232,1741409,1741501
 
,1741677,1741892,1741896,1741984,1742023,1742042,1742071,1742090,1742093,1742101,1742105,1742111,1742139,1742146,1742148,1742166,1742181,1742184,1742187,1742246,1742248-1742251,1742263-1742264,1742268,1742276,1742369,1742387,1742448,1742509-1742512,1742917,1742919,1742933,1742975-1742976,1742984,1742986,1743019,1743115,1743117,1743124-1743125,1743134,1743425,1743554,1743679,1743696-1743698,1743700-1743701,1744058,1744064-1744065,1744125,1744194,1744229,1744270,1744323,1744432,1744684,1744697,1744705,1744713,1744760,1744786,1745083,1745142-1745143,1745145,1745177,1745179-1745180,1745227,1745248,1745254,1745337,1745467,1745473,1745535,1745576,1745735,1745744,1746304,1746306-1746307,1746319,1746327,1746338,1746340-1746341,1746344,1746427,1746441,1746473,1746490,1746492,1746495-1746496,1746499-1746501,1746503-1746507,1746509,1746549,1746551,1746554,1746556,1746558,1746584,1746620,1746649,1746724,1746939,1746989,1747014,1747028,1747035,1747210,1747225,1747234,1747253,1747404,1747506,1747
 
536,1747924,1747980,1747993,1748001,1748253,1748452,1748547,1748629,1748676,1748715,1749287,1749296,1749328,1749373,1749465,1749506,1749508,1749665-1749666,1749763,1749865-1749866,1749898,1749978,1749980,1750011,1750015,1750056,1750480,1750617,1750634,1750692,1750697,1750700,1750703,1750707,1750714,1750718,1750723,1750774,1750899,1750975,1750995,1751061,1751097,1751173,1751438,1751447,1751463,1751702,1752212,1752737,1752745,1753078,1753080,1753358,1753363,1754111,1754140-1754141,1754281,1754310,1754445,1754467,1754494,1754496,1754528,1754532-1754533,1754613,1754714,1754874,1754941,1754944,1754950-1754951,1755005,1755007,1755009,1755132,1755180-1755181,1755185,1755190,1755204-1755206,1755208,1755214,1755224,1755227,1755230,1755629,1755646-1755647,1755650,1755653,1755675,1755680,1755683,1755693,1755717,1755731-1755737,1755812,1755828,1755884,1755890,1755918-1755919,1755942,1755958,1755960,1755970,1755993,1756013,1756019,1756039,1756056,1756083-1756114,1756175,1756288-1756289,1756408-1
 
756410,1756778,1756798,1756878,1756898,1756939,1757123-1757124,1757126,1757128,1757132-1757133,1757136,1757145,1757167-1757168,1757175,1757180,1757182,1757195,1757271,1757278,1757347,1757353-1757354,1757363,1757374,1757399,1757406,1757408,1757485,1757495,1757499,1757527,1757578,1757684,1757722,1757727,1757790,1757799,1757813,1757853,1757883,1757903,1757976,1757997,1758000,1758058,1758072-1758075,1758078-1758079,1758223,1758257,1758261,1758276,1758292,1758369,1758378-1758383,1758421,1758423,1758425-1758427,1758430,1758443,1758448,1758459,1758483,1758486-1758487,1758499,1758525,1758556,1758580,1758582,1758584,1758588,1758842,1759019,1759212,1759224,1759227,1759252,1759274,1759513-1759516,1759611,1759757,1759785-1759790,1760005,1760022,1760109-1760110,1760135,1760200-1760201,1760227,1760300,1760397,1760446,1760454,1760640,1760648,1761057,1761422,1761491,1761498,1761500-1761501,1761550,1761553,1761572,1761574,1761625-1761626,1761628,1761682,1761740,1761752,1762051-1762053,1762123,176216
 
8,1762172,1762182,1762201-1762202,1762204,1762208,1762288,1762296,1762324,1762348,1762353,1762362,1762374,1762492,1762503,1762505,1762541,1762608,1762710,1762753,1762766,1762769,1762944,1762947,1762953,1763167,1763179,1763232,1763259,1763271-1763272,1763276-1763277,1763319-1763320,1763370,1763372,1763375,1763377,1763393,1763412,1763430,1763450,1763462,1763505,1763511-1763512,1763516,1763518,1763520,1763529,1763559,1763565,1763568,1763574,1763619,1763634-1763635,1763718,1763786,1763798-1

svn commit: r1804756 - in /tomcat/site/trunk: docs/security-7.html docs/security-8.html docs/security-9.html xdocs/security-7.xml xdocs/security-8.xml xdocs/security-9.xml

2017-08-11 Thread markt
Author: markt
Date: Fri Aug 11 07:23:49 2017
New Revision: 1804756

URL: http://svn.apache.org/viewvc?rev=1804756&view=rev
Log:
Add missing word spotted by Mitre

Modified:
tomcat/site/trunk/docs/security-7.html
tomcat/site/trunk/docs/security-8.html
tomcat/site/trunk/docs/security-9.html
tomcat/site/trunk/xdocs/security-7.xml
tomcat/site/trunk/xdocs/security-8.xml
tomcat/site/trunk/xdocs/security-9.xml

Modified: tomcat/site/trunk/docs/security-7.html
URL: 
http://svn.apache.org/viewvc/tomcat/site/trunk/docs/security-7.html?rev=1804756&r1=1804755&r2=1804756&view=diff
==
--- tomcat/site/trunk/docs/security-7.html (original)
+++ tomcat/site/trunk/docs/security-7.html Fri Aug 11 07:23:49 2017
@@ -380,9 +380,9 @@
 
 
 
-The CORS Filter did not an HTTP Vary header indicating that the response
-   varies depending on Origin. This permitted client and server side cache
-   poisoning in some circumstances.
+The CORS Filter did not add an HTTP Vary header indicating that the
+   response varies depending on Origin. This permitted client and server
+   side cache poisoning in some circumstances.
 
 
 This was fixed in revision http://svn.apache.org/viewvc?view=rev&rev=1795816";>1795816.

Modified: tomcat/site/trunk/docs/security-8.html
URL: 
http://svn.apache.org/viewvc/tomcat/site/trunk/docs/security-8.html?rev=1804756&r1=1804755&r2=1804756&view=diff
==
--- tomcat/site/trunk/docs/security-8.html (original)
+++ tomcat/site/trunk/docs/security-8.html Fri Aug 11 07:23:49 2017
@@ -347,9 +347,9 @@
 
 
 
-The CORS Filter did not an HTTP Vary header indicating that the response
-   varies depending on Origin. This permitted client and server side cache
-   poisoning in some circumstances.
+The CORS Filter did not add an HTTP Vary header indicating that the
+   response varies depending on Origin. This permitted client and server
+   side cache poisoning in some circumstances.
 
 
 This was fixed in revision http://svn.apache.org/viewvc?view=rev&rev=1795815";>1795815.
@@ -398,9 +398,9 @@
 
 
 
-The CORS Filter did not an HTTP Vary header indicating that the response
-   varies depending on Origin. This permitted client and server side cache
-   poisoning in some circumstances.
+The CORS Filter did not add an HTTP Vary header indicating that the
+   response varies depending on Origin. This permitted client and server
+   side cache poisoning in some circumstances.
 
 
 This was fixed in revision http://svn.apache.org/viewvc?view=rev&rev=1795814";>1795814.

Modified: tomcat/site/trunk/docs/security-9.html
URL: 
http://svn.apache.org/viewvc/tomcat/site/trunk/docs/security-9.html?rev=1804756&r1=1804755&r2=1804756&view=diff
==
--- tomcat/site/trunk/docs/security-9.html (original)
+++ tomcat/site/trunk/docs/security-9.html Fri Aug 11 07:23:49 2017
@@ -322,9 +322,9 @@
 
 
 
-The CORS Filter did not an HTTP Vary header indicating that the response
-   varies depending on Origin. This permitted client and server side cache
-   poisoning in some circumstances.
+The CORS Filter did not add an HTTP Vary header indicating that the
+   response varies depending on Origin. This permitted client and server
+   side cache poisoning in some circumstances.
 
 
 This was fixed in revision http://svn.apache.org/viewvc?view=rev&rev=1795813";>1795813.

Modified: tomcat/site/trunk/xdocs/security-7.xml
URL: 
http://svn.apache.org/viewvc/tomcat/site/trunk/xdocs/security-7.xml?rev=1804756&r1=1804755&r2=1804756&view=diff
==
--- tomcat/site/trunk/xdocs/security-7.xml (original)
+++ tomcat/site/trunk/xdocs/security-7.xml Fri Aug 11 07:23:49 2017
@@ -55,9 +55,9 @@
 Moderate: Cache Poisoning
CVE-2017-7674
 
-The CORS Filter did not an HTTP Vary header indicating that the response
-   varies depending on Origin. This permitted client and server side cache
-   poisoning in some circumstances.
+The CORS Filter did not add an HTTP Vary header indicating that the
+   response varies depending on Origin. This permitted client and server
+   side cache poisoning in some circumstances.
 
 This was fixed in revision 1795816.
 

Modified: tomcat/site/trunk/xdocs/security-8.xml
URL: 
http://svn.apache.org/viewvc/tomcat/site/trunk/xdocs/security-8.xml?rev=1804756&r1=1804755&r2=1804756&view=diff
==
--- tomcat/site/trunk/xdocs/security-8.xml (original)
+++ tomcat/site/trunk/xdocs/security-8.xml Fri Aug 11 07:23:49 2017
@@ -55,9 +55,9 @@
 Moderate: Cache Poisoning
CVE-2017-7674
 
-The CORS Filter did not an HTTP Vary head

svn commit: r20928 - /dev/tomcat/tomcat-7/v7.0.80/

2017-08-11 Thread violetagg
Author: violetagg
Date: Fri Aug 11 10:03:21 2017
New Revision: 20928

Log:
Tomcat 7.0.80 did not pass the vote

Removed:
dev/tomcat/tomcat-7/v7.0.80/


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



svn commit: r1804761 - in /tomcat/tc7.0.x/tags/TOMCAT_7_0_81: ./ build.properties.default

2017-08-11 Thread violetagg
Author: violetagg
Date: Fri Aug 11 10:10:59 2017
New Revision: 1804761

URL: http://svn.apache.org/viewvc?rev=1804761&view=rev
Log:
Tag 7.0.81

Added:
tomcat/tc7.0.x/tags/TOMCAT_7_0_81/   (props changed)
  - copied from r1804760, tomcat/tc7.0.x/trunk/
Modified:
tomcat/tc7.0.x/tags/TOMCAT_7_0_81/build.properties.default

Propchange: tomcat/tc7.0.x/tags/TOMCAT_7_0_81/
--
bugtraq:append = false

Propchange: tomcat/tc7.0.x/tags/TOMCAT_7_0_81/
--
bugtraq:label = Bugzilla ID (optional)

Propchange: tomcat/tc7.0.x/tags/TOMCAT_7_0_81/
--
--- bugtraq:logregex (added)
+++ bugtraq:logregex Fri Aug 11 10:10:59 2017
@@ -0,0 +1,2 @@
+(https?\://(bz|issues)\.apache\.org/bugzilla/show_bug.cgi\?id=\d+|BZ\s?\d+)
+(\d+)

Propchange: tomcat/tc7.0.x/tags/TOMCAT_7_0_81/
--
bugtraq:message = Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=%BUGID%

Propchange: tomcat/tc7.0.x/tags/TOMCAT_7_0_81/
--
bugtraq:url = https://bz.apache.org/bugzilla/show_bug.cgi?id=%BUGID%

Propchange: tomcat/tc7.0.x/tags/TOMCAT_7_0_81/
--
--- svn:ignore (added)
+++ svn:ignore Fri Aug 11 10:10:59 2017
@@ -0,0 +1,7 @@
+.*
+build.properties
+logs
+nbproject
+output
+work
+*.iml

Propchange: tomcat/tc7.0.x/tags/TOMCAT_7_0_81/
--
--- svn:mergeinfo (added)
+++ svn:mergeinfo Fri Aug 11 10:10:59 2017
@@ -0,0 +1,3 @@
+/tomcat/tc8.0.x/trunk:1636525,1637336,1637685,1637709,1638726,1640089,1640276,1640349,1640363,1640366,1640642,1640672,1640674,1640689,1640884,1641001,1641065,1641067,1641375,1641638,1641723,1641726,1641729-1641730,1641736,1641988,1642669-1642670,1642698,1642701,1643205,1643215,1643217,1643230,1643232,1643273,1643285,1643329-1643330,1643511,1643513,1643521,1643539,1643571,1643581-1643582,1643635,1643655,1643738,1643964,1644018,1644333,1644525,1644954,1644992,1645014,1645360,1645456,1645627,1645642,1645686,1645903-1645904,1645908-1645909,1645913,1645920,1646458,1646460-1646462,1646735,1646738-1646741,1646744,1646746,1646748-1646755,1646757,1646759-1646760,1647043,1648816,1651420-1651422,1651844,1652926,1652939-1652940,1652973,1653798,1653817,1653841,1654042,1654161,1654736,1654767,1654787,1656592,1659907,1662986,1663265,1663278,1663325,1663535,1663567,1663679,1663997,1664175,1664321,1664872,1665061,1665086,1666027,1666395,1666503,1666506,1666560,1666570,1666581,1666759,1666967,1666988
 
,1667553-1667555,1667558,1667617,1667633,1667637,1667747,1667767,1667873,1668028,1668137,1668634,1669432,1669801,1669840,1669895-1669896,1670398,1670435,1670592,1670605-1670607,1670609,1670632,1670720,1670725,1670727,1670731,1671114,1672273,1672285,1673759,1674220,1674295,1675469,1675488,1675595,1675831,1676232,1676367-1676369,1676382,1676394,1676483,1676556,1676635,1678178,1679536,1679988,1680256,1681124,1681182,1681703,1681730,1681840,1681864,1681869,1682010,1682034,1682047,1682052-1682053,1682062,1682064,1682070,1682312,1682325,1682331,1682386,1684367,1684385,1685759,1685774,1685827,1685892,1687341,1688904,1689358,1689657,1689921,1692850,1693093,1693108,1693324,1694060,1694115,1694291,1694427,1694431,1694503,1694549,1694789,1694873,1694881,1695356,1695372,1695823-1695825,1696200,1696281,1696379,1696468,1700608,1700871,1700897,1700978,1701094,1701124,1701608,1701668,1701676,1701766,1701944,1702248,1702252,1702314,1702390,1702723,1702725,1702728,1702730,1702733,1702735,1702737,1702
 
739,1702742,1702744,1702748,1702751,1702754,1702758,1702760,1702763,1702766,1708779,1708782,1708806,1709314,1709670,1710347,1710442,1710448,1710490,1710574,1710578,1712226,1712229,1712235,1712255,1712618,1712649,1712655,1712860,1712899,1712903,1712906,1712913,1712926,1712975,1713185,1713262,1713287,1713613,1713621,1713872,1713976,1713994,1713998,1714004,1714013,1714059,1714538,1714580,1715189,1715207,1715544,1715549,1715637,1715639-1715645,1715667,1715683,1715866,1715978,1715981,1716216-1716217,1716355,1716414,1716421,1717208-1717209,1717257,1717283,1717288,1717291,1717421,1717517,1717529,1718797,1718840-1718843,1719348,1719357-1719358,1719400,1719491,1719737,1720235,1720396,1720442,1720446,1720450,1720463,1720658-1720660,1720756,1720816,1721813,1721818,1721831,1721861,1721867,1721882,1722523,1722527,1722800,1722926,1722941,1722997,1723130,1723440,1723488,1723890,1724434,1724674,1724792,1724803,1724902,1725128,1725131,1725154,1725167,1725911,1725921,1725929,1725963-1725965,1725970,1
 
725974,1726171-1726173,1726175,1726179-1726182,1726190-1726191,1726195-1726200,1726203,1726226,1726576,1726630,1726992,1727029,1727037,1727671,1727676,17

svn commit: r20929 [2/2] - in /dev/tomcat/tomcat-7/v7.0.81: ./ bin/ bin/embed/ bin/extras/ src/

2017-08-11 Thread violetagg
Added: dev/tomcat/tomcat-7/v7.0.81/bin/extras/catalina-jmx-remote.jar.sha1
==
--- dev/tomcat/tomcat-7/v7.0.81/bin/extras/catalina-jmx-remote.jar.sha1 (added)
+++ dev/tomcat/tomcat-7/v7.0.81/bin/extras/catalina-jmx-remote.jar.sha1 Fri Aug 
11 11:10:12 2017
@@ -0,0 +1 @@
+a6a5a64f2a58b85033addff6d7d9481c1cdcdec5 *catalina-jmx-remote.jar
\ No newline at end of file

Added: dev/tomcat/tomcat-7/v7.0.81/bin/extras/catalina-ws.jar
==
Binary file - no diff available.

Propchange: dev/tomcat/tomcat-7/v7.0.81/bin/extras/catalina-ws.jar
--
svn:mime-type = application/octet-stream

Added: dev/tomcat/tomcat-7/v7.0.81/bin/extras/catalina-ws.jar.asc
==
--- dev/tomcat/tomcat-7/v7.0.81/bin/extras/catalina-ws.jar.asc (added)
+++ dev/tomcat/tomcat-7/v7.0.81/bin/extras/catalina-ws.jar.asc Fri Aug 11 
11:10:12 2017
@@ -0,0 +1,17 @@
+-BEGIN PGP SIGNATURE-
+Version: GnuPG v2
+
+iQIcBAABCgAGBQJZjYWoAAoJECCLCrHWMBHHSvQP/j7fxixiW5Zd54CK1HaLJ73T
+oZ3YNYKVldhmTEXDpJqDY5jEnY3MuETJemtlq78JJ95NWilyaLaGondpWeO+ndKR
+33aINWa14dnlZSYWTHLstpNhPdOZgbVNOwFpaeCKtcm/l0SVAYvl9EM8yoT9yu6q
+34U456vCcqR+Z9xlOjddN3dxkYwAp5GyPNAIeRCD7olQFH3et7P+Pw08m1pd/RjT
+mTngOVtlJ61kbAGuVOCs1f1ZKYAFrXzBcjl2stJW/OWbbLsY/3/uv3cQMsxOCRpi
+nB74dun/0v/jh2+t86Hhuegt172lZbt9yyVWd7UATa7a/IzYawyBK53i3pa4e5UL
+AqKKasA6XXLMXqtkhLEfORCgPQcbCWmuYy7o6xQ85ZGm77ZvZduaRu4d4zRSyHlt
+yqo/svEHI5SDbO0xdzKLiJ0a5Z45ptoBNt3RT1zQDuxtao+Y6FMxCcVdPGlAHjnK
+YEBx3DueBDIkR3ZPQBTFet7ope9R6GNYC37GG5y4KYffP1KmgVgM4zIkA5WBuJ3s
+od69ahsRAOBdK3YQD0BmgvU3CyMsRvIf+mMmjF2Gz3cV9MPjk2m/+8tXzzE2Vn/7
+Y1aTcKvm4n8ytMFMGeIslYvjB8KuWEgjik7UfPYoKzyrvkKYyTNBUm6khjIg0bOM
+6pZYaA760E50QlRWv2hq
+=c+od
+-END PGP SIGNATURE-

Added: dev/tomcat/tomcat-7/v7.0.81/bin/extras/catalina-ws.jar.md5
==
--- dev/tomcat/tomcat-7/v7.0.81/bin/extras/catalina-ws.jar.md5 (added)
+++ dev/tomcat/tomcat-7/v7.0.81/bin/extras/catalina-ws.jar.md5 Fri Aug 11 
11:10:12 2017
@@ -0,0 +1 @@
+046c8bd77699282dce9e5044632c7729 *catalina-ws.jar
\ No newline at end of file

Added: dev/tomcat/tomcat-7/v7.0.81/bin/extras/catalina-ws.jar.sha1
==
--- dev/tomcat/tomcat-7/v7.0.81/bin/extras/catalina-ws.jar.sha1 (added)
+++ dev/tomcat/tomcat-7/v7.0.81/bin/extras/catalina-ws.jar.sha1 Fri Aug 11 
11:10:12 2017
@@ -0,0 +1 @@
+d355664bfe828e82b5a41f24a1327b0ef5c01682 *catalina-ws.jar
\ No newline at end of file

Added: dev/tomcat/tomcat-7/v7.0.81/bin/extras/tomcat-juli-adapters.jar
==
Binary file - no diff available.

Propchange: dev/tomcat/tomcat-7/v7.0.81/bin/extras/tomcat-juli-adapters.jar
--
svn:mime-type = application/octet-stream

Added: dev/tomcat/tomcat-7/v7.0.81/bin/extras/tomcat-juli-adapters.jar.asc
==
--- dev/tomcat/tomcat-7/v7.0.81/bin/extras/tomcat-juli-adapters.jar.asc (added)
+++ dev/tomcat/tomcat-7/v7.0.81/bin/extras/tomcat-juli-adapters.jar.asc Fri Aug 
11 11:10:12 2017
@@ -0,0 +1,17 @@
+-BEGIN PGP SIGNATURE-
+Version: GnuPG v2
+
+iQIcBAABCgAGBQJZjYWnAAoJECCLCrHWMBHHwgYP+wamXnkQqtqALJp9b+O20lwY
+XqFn9A41p9dDOnwwlLgYJSMe7Bytftx98p29RY+vHEHwz2ByAFjb35VvwWkDYtSw
+Tj/rQlaDvJOhI8yIS8hWCuKp9KiRevu18RmBMQ2rvYRD+jwRQs41T1LEsxgx8WJf
+2OiScUu4imVQWqp9wLcO+hEoBTGjsPhljeSZLsofdDOhAoDEuqhpp3bZc0Jw96u5
+tlAemptb06zO9UTxjjjQZivLl5UjOvbsIyPo8UPD+GCtGsFiIt6yNcgKTCtDsTJ+
+UgIOPXJ/I07dhKNeCdjEQK/4LGyW2zeSwY7p3dvTGd9RRQRr1qzQHFvvyLlw6iRl
+b2vqRCr0DRRoJNNM22UzBjZApr5WoYx0EtBFeTeJ0jJBsVJY4FPT+/n3n1+PDPAc
+946vPVelX/IocJ3oe1ekwwX/BwvZ03ZjpmvDxixfqCSLyHDTDh9tk1hCZHsUt97V
+vahDcZmrv6mvWLn2UgQQB/oiFa3IpjkfEkfUg6HVIbisAwHgRLg5X9tJ78c3xL9Y
+d//A+qMibTVi4qp1Nq0vrHcxra+jbfJ18lxgUXDKelrwE4WJG0GuAkKUA5DLf8aL
+V8Pn+96LpfWwvBuz9d9fR9LRNvyZQ7sqRBbUX2O12QJeDSPZDDQMiVAcxG6hXvx7
+QwqgbUFUvSpTvYW3c8BO
+=mAEU
+-END PGP SIGNATURE-

Added: dev/tomcat/tomcat-7/v7.0.81/bin/extras/tomcat-juli-adapters.jar.md5
==
--- dev/tomcat/tomcat-7/v7.0.81/bin/extras/tomcat-juli-adapters.jar.md5 (added)
+++ dev/tomcat/tomcat-7/v7.0.81/bin/extras/tomcat-juli-adapters.jar.md5 Fri Aug 
11 11:10:12 2017
@@ -0,0 +1 @@
+e003f9b03b023cdbd63480b6b3a518be *tomcat-juli-adapters.jar
\ No newline at end of file

Added: dev/tomcat/tomcat-7/v7.0.81/bin/extras/tomcat-juli-adapters.jar.sha1
==
--- dev/tomcat/tomcat-7/v7.0.81/bin/extras/tomcat-juli-adapte

svn commit: r20929 [1/2] - in /dev/tomcat/tomcat-7/v7.0.81: ./ bin/ bin/embed/ bin/extras/ src/

2017-08-11 Thread violetagg
Author: violetagg
Date: Fri Aug 11 11:10:12 2017
New Revision: 20929

Log:
Stage 7.0.81 RC

Added:
dev/tomcat/tomcat-7/v7.0.81/
dev/tomcat/tomcat-7/v7.0.81/KEYS
dev/tomcat/tomcat-7/v7.0.81/README.html
dev/tomcat/tomcat-7/v7.0.81/RELEASE-NOTES
dev/tomcat/tomcat-7/v7.0.81/bin/
dev/tomcat/tomcat-7/v7.0.81/bin/README.html
dev/tomcat/tomcat-7/v7.0.81/bin/apache-tomcat-7.0.81-deployer.tar.gz   
(with props)
dev/tomcat/tomcat-7/v7.0.81/bin/apache-tomcat-7.0.81-deployer.tar.gz.asc
dev/tomcat/tomcat-7/v7.0.81/bin/apache-tomcat-7.0.81-deployer.tar.gz.md5
dev/tomcat/tomcat-7/v7.0.81/bin/apache-tomcat-7.0.81-deployer.tar.gz.sha1
dev/tomcat/tomcat-7/v7.0.81/bin/apache-tomcat-7.0.81-deployer.zip   (with 
props)
dev/tomcat/tomcat-7/v7.0.81/bin/apache-tomcat-7.0.81-deployer.zip.asc
dev/tomcat/tomcat-7/v7.0.81/bin/apache-tomcat-7.0.81-deployer.zip.md5
dev/tomcat/tomcat-7/v7.0.81/bin/apache-tomcat-7.0.81-deployer.zip.sha1
dev/tomcat/tomcat-7/v7.0.81/bin/apache-tomcat-7.0.81-fulldocs.tar.gz   
(with props)
dev/tomcat/tomcat-7/v7.0.81/bin/apache-tomcat-7.0.81-fulldocs.tar.gz.asc
dev/tomcat/tomcat-7/v7.0.81/bin/apache-tomcat-7.0.81-fulldocs.tar.gz.md5
dev/tomcat/tomcat-7/v7.0.81/bin/apache-tomcat-7.0.81-fulldocs.tar.gz.sha1
dev/tomcat/tomcat-7/v7.0.81/bin/apache-tomcat-7.0.81-windows-x64.zip   
(with props)
dev/tomcat/tomcat-7/v7.0.81/bin/apache-tomcat-7.0.81-windows-x64.zip.asc
dev/tomcat/tomcat-7/v7.0.81/bin/apache-tomcat-7.0.81-windows-x64.zip.md5
dev/tomcat/tomcat-7/v7.0.81/bin/apache-tomcat-7.0.81-windows-x64.zip.sha1
dev/tomcat/tomcat-7/v7.0.81/bin/apache-tomcat-7.0.81-windows-x86.zip   
(with props)
dev/tomcat/tomcat-7/v7.0.81/bin/apache-tomcat-7.0.81-windows-x86.zip.asc
dev/tomcat/tomcat-7/v7.0.81/bin/apache-tomcat-7.0.81-windows-x86.zip.md5
dev/tomcat/tomcat-7/v7.0.81/bin/apache-tomcat-7.0.81-windows-x86.zip.sha1
dev/tomcat/tomcat-7/v7.0.81/bin/apache-tomcat-7.0.81.exe   (with props)
dev/tomcat/tomcat-7/v7.0.81/bin/apache-tomcat-7.0.81.exe.asc
dev/tomcat/tomcat-7/v7.0.81/bin/apache-tomcat-7.0.81.exe.md5
dev/tomcat/tomcat-7/v7.0.81/bin/apache-tomcat-7.0.81.exe.sha1
dev/tomcat/tomcat-7/v7.0.81/bin/apache-tomcat-7.0.81.tar.gz   (with props)
dev/tomcat/tomcat-7/v7.0.81/bin/apache-tomcat-7.0.81.tar.gz.asc
dev/tomcat/tomcat-7/v7.0.81/bin/apache-tomcat-7.0.81.tar.gz.md5
dev/tomcat/tomcat-7/v7.0.81/bin/apache-tomcat-7.0.81.tar.gz.sha1
dev/tomcat/tomcat-7/v7.0.81/bin/apache-tomcat-7.0.81.zip   (with props)
dev/tomcat/tomcat-7/v7.0.81/bin/apache-tomcat-7.0.81.zip.asc
dev/tomcat/tomcat-7/v7.0.81/bin/apache-tomcat-7.0.81.zip.md5
dev/tomcat/tomcat-7/v7.0.81/bin/apache-tomcat-7.0.81.zip.sha1
dev/tomcat/tomcat-7/v7.0.81/bin/embed/
dev/tomcat/tomcat-7/v7.0.81/bin/embed/apache-tomcat-7.0.81-embed.tar.gz   
(with props)
dev/tomcat/tomcat-7/v7.0.81/bin/embed/apache-tomcat-7.0.81-embed.tar.gz.asc
dev/tomcat/tomcat-7/v7.0.81/bin/embed/apache-tomcat-7.0.81-embed.tar.gz.md5
dev/tomcat/tomcat-7/v7.0.81/bin/embed/apache-tomcat-7.0.81-embed.tar.gz.sha1
dev/tomcat/tomcat-7/v7.0.81/bin/embed/apache-tomcat-7.0.81-embed.zip   
(with props)
dev/tomcat/tomcat-7/v7.0.81/bin/embed/apache-tomcat-7.0.81-embed.zip.asc
dev/tomcat/tomcat-7/v7.0.81/bin/embed/apache-tomcat-7.0.81-embed.zip.md5
dev/tomcat/tomcat-7/v7.0.81/bin/embed/apache-tomcat-7.0.81-embed.zip.sha1
dev/tomcat/tomcat-7/v7.0.81/bin/extras/
dev/tomcat/tomcat-7/v7.0.81/bin/extras/catalina-jmx-remote.jar   (with 
props)
dev/tomcat/tomcat-7/v7.0.81/bin/extras/catalina-jmx-remote.jar.asc
dev/tomcat/tomcat-7/v7.0.81/bin/extras/catalina-jmx-remote.jar.md5
dev/tomcat/tomcat-7/v7.0.81/bin/extras/catalina-jmx-remote.jar.sha1
dev/tomcat/tomcat-7/v7.0.81/bin/extras/catalina-ws.jar   (with props)
dev/tomcat/tomcat-7/v7.0.81/bin/extras/catalina-ws.jar.asc
dev/tomcat/tomcat-7/v7.0.81/bin/extras/catalina-ws.jar.md5
dev/tomcat/tomcat-7/v7.0.81/bin/extras/catalina-ws.jar.sha1
dev/tomcat/tomcat-7/v7.0.81/bin/extras/tomcat-juli-adapters.jar   (with 
props)
dev/tomcat/tomcat-7/v7.0.81/bin/extras/tomcat-juli-adapters.jar.asc
dev/tomcat/tomcat-7/v7.0.81/bin/extras/tomcat-juli-adapters.jar.md5
dev/tomcat/tomcat-7/v7.0.81/bin/extras/tomcat-juli-adapters.jar.sha1
dev/tomcat/tomcat-7/v7.0.81/bin/extras/tomcat-juli.jar   (with props)
dev/tomcat/tomcat-7/v7.0.81/bin/extras/tomcat-juli.jar.asc
dev/tomcat/tomcat-7/v7.0.81/bin/extras/tomcat-juli.jar.md5
dev/tomcat/tomcat-7/v7.0.81/bin/extras/tomcat-juli.jar.sha1
dev/tomcat/tomcat-7/v7.0.81/src/
dev/tomcat/tomcat-7/v7.0.81/src/apache-tomcat-7.0.81-src.tar.gz   (with 
props)
dev/tomcat/tomcat-7/v7.0.81/src/apache-tomcat-7.0.81-src.tar.gz.asc
dev/tomcat/tomcat-7/v7.0.81/src/apache-tomcat-7.0.81-src.tar.gz.md5
dev/tomcat/tomcat-7/v7.0.81/src/apache-tomcat-7.0.81-src.tar.gz.sha1
dev/tomcat/tomcat-7/v7.0.

[VOTE] Release Apache Tomcat 7.0.81

2017-08-11 Thread Violeta Georgieva
The proposed Apache Tomcat 7.0.81 release is now available for voting.

It can be obtained from:
https://dist.apache.org/repos/dist/dev/tomcat/tomcat-7/v7.0.81/
The Maven staging repo is:
https://repository.apache.org/content/repositories/orgapachetomcat-1151/
The svn tag is:
http://svn.apache.org/repos/asf/tomcat/tc7.0.x/tags/TOMCAT_7_0_81/

The proposed 7.0.81 release is:
[ ] Broken - do not release
[ ] Stable - go ahead and release as 7.0.81 Stable

Regards,
Violeta


svn commit: r1804776 - in /tomcat/tc7.0.x/trunk: build.properties.default res/maven/mvn.properties.default webapps/docs/changelog.xml

2017-08-11 Thread violetagg
Author: violetagg
Date: Fri Aug 11 11:20:08 2017
New Revision: 1804776

URL: http://svn.apache.org/viewvc?rev=1804776&view=rev
Log:
Increment version for next dev cycle

Modified:
tomcat/tc7.0.x/trunk/build.properties.default
tomcat/tc7.0.x/trunk/res/maven/mvn.properties.default
tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml

Modified: tomcat/tc7.0.x/trunk/build.properties.default
URL: 
http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/build.properties.default?rev=1804776&r1=1804775&r2=1804776&view=diff
==
--- tomcat/tc7.0.x/trunk/build.properties.default (original)
+++ tomcat/tc7.0.x/trunk/build.properties.default Fri Aug 11 11:20:08 2017
@@ -25,7 +25,7 @@
 # - Version Control Flags -
 version.major=7
 version.minor=0
-version.build=81
+version.build=82
 version.patch=0
 version.suffix=-dev
 

Modified: tomcat/tc7.0.x/trunk/res/maven/mvn.properties.default
URL: 
http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/res/maven/mvn.properties.default?rev=1804776&r1=1804775&r2=1804776&view=diff
==
--- tomcat/tc7.0.x/trunk/res/maven/mvn.properties.default (original)
+++ tomcat/tc7.0.x/trunk/res/maven/mvn.properties.default Fri Aug 11 11:20:08 
2017
@@ -35,7 +35,7 @@ maven.asf.release.repo.url=https://repos
 maven.asf.release.repo.repositoryId=apache.releases
 
 # Release version info
-maven.asf.release.deploy.version=7.0.81
+maven.asf.release.deploy.version=7.0.82
 
 #Where do we load the libraries from
 tomcat.lib.path=../../output/build/lib

Modified: tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml
URL: 
http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml?rev=1804776&r1=1804775&r2=1804776&view=diff
==
--- tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml Fri Aug 11 11:20:08 2017
@@ -57,6 +57,8 @@
   They eventually become mixed with the numbered issues. (I.e., numbered
   issues do not "pop up" wrt. others).
 -->
+
+
 
   
 



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



buildbot failure in on tomcat-7-trunk

2017-08-11 Thread buildbot
The Buildbot has detected a new failure on builder tomcat-7-trunk while 
building . Full details are available at:
https://ci.apache.org/builders/tomcat-7-trunk/builds/844

Buildbot URL: https://ci.apache.org/

Buildslave for this Build: silvanus_ubuntu

Build Reason: The AnyBranchScheduler scheduler named 'on-tomcat-7-commit' 
triggered this build
Build Source Stamp: [branch tomcat/tc7.0.x/trunk] 1804776
Blamelist: violetagg

BUILD FAILED: failed compile_1

Sincerely,
 -The Buildbot




-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Re: Server TLS renegotiation issues with tc-native

2017-08-11 Thread Mark Thomas
On 09/08/17 15:51, Mark Thomas wrote:

> I'll take a look at this. I think the hint about the statistics hack
> will help me get further than I have so far. Whether it is far enough,
> we'll see.

As it happened, the statistics weren't the fix I needed but they got me
looking in the right direction where I found SSL_renegotiate_pending() -
thanks for the hint.

I have attached my proposed patch for review.

It seems to be moving back towards an a previous approach. The commit
history suggests this approach should not be necessary. I have tested
both 7.0.x and 9.0.x and both versions need the additional reads. I'm
not 100% sure what is going on.

If there aren't any objections, I plan to apply this patch roll 1.2.13
in time for it to be included in the September round of Tomcat releases.

Mark
Index: native/src/sslnetwork.c
===
--- native/src/sslnetwork.c	(revision 180)
+++ native/src/sslnetwork.c	(working copy)
@@ -365,7 +365,7 @@
 * Check for failed client authentication
 */
 if (con->ctx->verify_mode != SSL_VERIFY_NONE &&
-	(vr = SSL_get_verify_result(con->ssl)) != X509_V_OK) {
+(vr = SSL_get_verify_result(con->ssl)) != X509_V_OK) {
 
 if (SSL_VERIFY_ERROR_IS_OPTIONAL(vr) &&
 con->ctx->verify_mode == SSL_CVERIFY_OPTIONAL_NO_CA) {
@@ -622,8 +622,9 @@
 {
 tcn_socket_t *s   = J2P(sock, tcn_socket_t *);
 tcn_ssl_conn_t *con;
-int retVal;
+int retVal, error;
 char peekbuf[1];
+apr_interval_time_t timeout;
 
 UNREFERENCED_STDARGS;
 TCN_ASSERT(sock != 0);
@@ -633,28 +634,59 @@
  * handshake to proceed.
  */
 con->reneg_state = RENEG_ALLOW;
+
+// Schedule a renegotiation request
 retVal = SSL_renegotiate(con->ssl);
 if (retVal <= 0)
 return APR_EGENERAL;
 
-retVal = SSL_do_handshake(con->ssl);
-if (retVal <= 0)
-return APR_EGENERAL;
-if (!SSL_is_init_finished(con->ssl)) {
-return APR_EGENERAL;
-}
-
-/* Need to trigger renegotiation handshake by reading.
+/* Need to trigger the renegotiation handshake by reading.
  * Peeking 0 bytes actually works.
  * See: http://marc.info/?t=14549335922&r=1&w=2
+ *
+ * This will normally return SSL_ERROR_WANT_READ whether the renegotiation
+ * has been completed or not. Afterwards, need to determine if I/O needs to
+ * be triggered or not.
  */
-SSL_peek(con->ssl, peekbuf, 0);
+retVal = SSL_peek(con->ssl, peekbuf, 0);
+if (retVal < 1) {
+error = SSL_get_error(con->ssl, retVal);
+}
 
-con->reneg_state = RENEG_REJECT;
+apr_socket_timeout_get(con->sock, &timeout);
+// If the renegotiation is still pending, then I/O needs to be triggered
+while (SSL_renegotiate_pending(con->ssl)) {
+		if (error == SSL_ERROR_WANT_READ) {
+			retVal = wait_for_io_or_timeout(con, error, timeout);
+			/*
+			 * Since this is blocking I/O, anything other than APR_SUCCESS is an
+			 * error.
+			 */
+			if (retVal != APR_SUCCESS) {
+printf("ERROR\n");
+con->shutdown_type = SSL_SHUTDOWN_TYPE_UNCLEAN;
+return retVal;
+			}
+		} else {
+			// SSL_ERROR_WANT_READ is expected. Anything else is an error.
+			return APR_EGENERAL;
+		}
 
-if (!SSL_is_init_finished(con->ssl)) {
-return APR_EGENERAL;
+		// Re-try SSL_peek after I/O
+		retVal = SSL_peek(con->ssl, peekbuf, 0);
+	if (retVal < 1) {
+	error = SSL_get_error(con->ssl, retVal);
+	} else {
+		/*
+		 * Reset error to handle case where SSL_Peek returns 0 but
+		 * SSL_renegotiate_pending returns true. This will trigger an error
+		 * to be returned.
+		 */
+		error = 0;
+	}
 }
+
+con->reneg_state = RENEG_REJECT;
 
 return APR_SUCCESS;
 }


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

svn commit: r1804813 - in /tomcat/trunk: java/org/apache/coyote/http11/upgrade/UpgradeServletInputStream.java java/org/apache/coyote/http11/upgrade/UpgradeServletOutputStream.java webapps/docs/changel

2017-08-11 Thread remm
Author: remm
Date: Fri Aug 11 16:01:41 2017
New Revision: 1804813

URL: http://svn.apache.org/viewvc?rev=1804813&view=rev
Log:
Fix possible race condition when using an upgraded connection and setting the 
IO listeners, it now uses the same processing as non upgraded connections.

Modified:

tomcat/trunk/java/org/apache/coyote/http11/upgrade/UpgradeServletInputStream.java

tomcat/trunk/java/org/apache/coyote/http11/upgrade/UpgradeServletOutputStream.java
tomcat/trunk/webapps/docs/changelog.xml

Modified: 
tomcat/trunk/java/org/apache/coyote/http11/upgrade/UpgradeServletInputStream.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/coyote/http11/upgrade/UpgradeServletInputStream.java?rev=1804813&r1=1804812&r2=1804813&view=diff
==
--- 
tomcat/trunk/java/org/apache/coyote/http11/upgrade/UpgradeServletInputStream.java
 (original)
+++ 
tomcat/trunk/java/org/apache/coyote/http11/upgrade/UpgradeServletInputStream.java
 Fri Aug 11 16:01:41 2017
@@ -101,6 +101,8 @@ public class UpgradeServletInputStream e
 throw new 
IllegalStateException(sm.getString("upgrade.sis.read.closed"));
 }
 
+this.listener = listener;
+
 // Container is responsible for first call to onDataAvailable().
 if (ContainerThreadMarker.isContainerThread()) {
 processor.addDispatch(DispatchType.NON_BLOCKING_READ);
@@ -108,7 +110,6 @@ public class UpgradeServletInputStream e
 socketWrapper.registerReadInterest();
 }
 
-this.listener = listener;
 // Switching to non-blocking. Don't know if data is available.
 ready = null;
 }

Modified: 
tomcat/trunk/java/org/apache/coyote/http11/upgrade/UpgradeServletOutputStream.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/coyote/http11/upgrade/UpgradeServletOutputStream.java?rev=1804813&r1=1804812&r2=1804813&view=diff
==
--- 
tomcat/trunk/java/org/apache/coyote/http11/upgrade/UpgradeServletOutputStream.java
 (original)
+++ 
tomcat/trunk/java/org/apache/coyote/http11/upgrade/UpgradeServletOutputStream.java
 Fri Aug 11 16:01:41 2017
@@ -112,6 +112,7 @@ public class UpgradeServletOutputStream
 if (closed) {
 throw new 
IllegalStateException(sm.getString("upgrade.sos.write.closed"));
 }
+this.listener = listener;
 // Container is responsible for first call to onWritePossible().
 synchronized (registeredLock) {
 registered = true;
@@ -123,7 +124,6 @@ public class UpgradeServletOutputStream
 }
 }
 
-this.listener = listener;
 }
 
 

Modified: tomcat/trunk/webapps/docs/changelog.xml
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1804813&r1=1804812&r2=1804813&view=diff
==
--- tomcat/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/trunk/webapps/docs/changelog.xml Fri Aug 11 16:01:41 2017
@@ -72,6 +72,10 @@
 Prevent exceptions being thrown during normal shutdown of NIO
 connections. This enables TLS connections to close cleanly. (markt)
   
+  
+Fix possible race condition when setting IO listeners on an upgraded
+connection. (remm)
+  
 
   
 



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



svn commit: r1804814 - in /tomcat/tc8.5.x/trunk: ./ java/org/apache/coyote/http11/upgrade/UpgradeServletInputStream.java java/org/apache/coyote/http11/upgrade/UpgradeServletOutputStream.java webapps/d

2017-08-11 Thread remm
Author: remm
Date: Fri Aug 11 16:04:50 2017
New Revision: 1804814

URL: http://svn.apache.org/viewvc?rev=1804814&view=rev
Log:
Fix possible race condition when using an upgraded connection and setting the 
IO listeners, it now uses the same processing as non upgraded connections.

Modified:
tomcat/tc8.5.x/trunk/   (props changed)

tomcat/tc8.5.x/trunk/java/org/apache/coyote/http11/upgrade/UpgradeServletInputStream.java

tomcat/tc8.5.x/trunk/java/org/apache/coyote/http11/upgrade/UpgradeServletOutputStream.java
tomcat/tc8.5.x/trunk/webapps/docs/changelog.xml

Propchange: tomcat/tc8.5.x/trunk/
--
--- svn:mergeinfo (original)
+++ svn:mergeinfo Fri Aug 11 16:04:50 2017
@@ -1 +1 @@
-/tomcat/trunk:1734785,1734799,1734845,1734928,1735041,1735044,1735480,1735577,1735597,1735599-1735600,1735615,1736145,1736162,1736209,1736280,1736297,1736299,1736489,1736646,1736703,1736836,1736849,1737104-1737105,1737112,1737117,1737119-1737120,1737155,1737157,1737192,1737280,1737339,1737632,1737664,1737715,1737748,1737785,1737834,1737860,1737903,1737959,1738005,1738007,1738014-1738015,1738018,1738022,1738039,1738043,1738059-1738060,1738147,1738149,1738174-1738175,1738261,1738589,1738623-1738625,1738643,1738816,1738850,1738855,1738946-1738948,1738953-1738954,1738979,1738982,1739079-1739081,1739087,1739113,1739153,1739172,1739176,1739191,1739474,1739726,1739762,1739775,1739814,1739817-1739818,1739975,1740131,1740324,1740465,1740495,1740508-1740509,1740520,1740535,1740707,1740803,1740810,1740969,1740980,1740991,1740997,1741015,1741033,1741036,1741058,1741060,1741080,1741147,1741159,1741164,1741173,1741181,1741190,1741197,1741202,1741208,1741213,1741221,1741225,1741232,1741409,1741501
 
,1741677,1741892,1741896,1741984,1742023,1742042,1742071,1742090,1742093,1742101,1742105,1742111,1742139,1742146,1742148,1742166,1742181,1742184,1742187,1742246,1742248-1742251,1742263-1742264,1742268,1742276,1742369,1742387,1742448,1742509-1742512,1742917,1742919,1742933,1742975-1742976,1742984,1742986,1743019,1743115,1743117,1743124-1743125,1743134,1743425,1743554,1743679,1743696-1743698,1743700-1743701,1744058,1744064-1744065,1744125,1744194,1744229,1744270,1744323,1744432,1744684,1744697,1744705,1744713,1744760,1744786,1745083,1745142-1745143,1745145,1745177,1745179-1745180,1745227,1745248,1745254,1745337,1745467,1745473,1745535,1745576,1745735,1745744,1746304,1746306-1746307,1746319,1746327,1746338,1746340-1746341,1746344,1746427,1746441,1746473,1746490,1746492,1746495-1746496,1746499-1746501,1746503-1746507,1746509,1746549,1746551,1746554,1746556,1746558,1746584,1746620,1746649,1746724,1746939,1746989,1747014,1747028,1747035,1747210,1747225,1747234,1747253,1747404,1747506,1747
 
536,1747924,1747980,1747993,1748001,1748253,1748452,1748547,1748629,1748676,1748715,1749287,1749296,1749328,1749373,1749465,1749506,1749508,1749665-1749666,1749763,1749865-1749866,1749898,1749978,1749980,1750011,1750015,1750056,1750480,1750617,1750634,1750692,1750697,1750700,1750703,1750707,1750714,1750718,1750723,1750774,1750899,1750975,1750995,1751061,1751097,1751173,1751438,1751447,1751463,1751702,1752212,1752737,1752745,1753078,1753080,1753358,1753363,1754111,1754140-1754141,1754281,1754310,1754445,1754467,1754494,1754496,1754528,1754532-1754533,1754613,1754714,1754874,1754941,1754944,1754950-1754951,1755005,1755007,1755009,1755132,1755180-1755181,1755185,1755190,1755204-1755206,1755208,1755214,1755224,1755227,1755230,1755629,1755646-1755647,1755650,1755653,1755675,1755680,1755683,1755693,1755717,1755731-1755737,1755812,1755828,1755884,1755890,1755918-1755919,1755942,1755958,1755960,1755970,1755993,1756013,1756019,1756039,1756056,1756083-1756114,1756175,1756288-1756289,1756408-1
 
756410,1756778,1756798,1756878,1756898,1756939,1757123-1757124,1757126,1757128,1757132-1757133,1757136,1757145,1757167-1757168,1757175,1757180,1757182,1757195,1757271,1757278,1757347,1757353-1757354,1757363,1757374,1757399,1757406,1757408,1757485,1757495,1757499,1757527,1757578,1757684,1757722,1757727,1757790,1757799,1757813,1757853,1757883,1757903,1757976,1757997,1758000,1758058,1758072-1758075,1758078-1758079,1758223,1758257,1758261,1758276,1758292,1758369,1758378-1758383,1758421,1758423,1758425-1758427,1758430,1758443,1758448,1758459,1758483,1758486-1758487,1758499,1758525,1758556,1758580,1758582,1758584,1758588,1758842,1759019,1759212,1759224,1759227,1759252,1759274,1759513-1759516,1759611,1759757,1759785-1759790,1760005,1760022,1760109-1760110,1760135,1760200-1760201,1760227,1760300,1760397,1760446,1760454,1760640,1760648,1761057,1761422,1761491,1761498,1761500-1761501,1761550,1761553,1761572,1761574,1761625-1761626,1761628,1761682,1761740,1761752,1762051-1762053,1762123,176216
 
8,1762172,1762182,1762201-1762202,1762204,1762208,1762288,1762296,1762324,1762348,1762353,1762362,1762374,1762492,1762503,1762505,1762541,1762608,1762710,1762753,1762766,1762769,1762944,1762947,1762953,1763167,1763179,176

svn commit: r1804815 - in /tomcat/tc8.0.x/trunk: java/org/apache/coyote/http11/upgrade/AbstractServletOutputStream.java webapps/docs/changelog.xml

2017-08-11 Thread remm
Author: remm
Date: Fri Aug 11 16:10:32 2017
New Revision: 1804815

URL: http://svn.apache.org/viewvc?rev=1804815&view=rev
Log:
Fix possible race condition when using an upgraded connection and setting the 
IO listeners, it now uses the same processing as non upgraded connections.

Modified:

tomcat/tc8.0.x/trunk/java/org/apache/coyote/http11/upgrade/AbstractServletOutputStream.java
tomcat/tc8.0.x/trunk/webapps/docs/changelog.xml

Modified: 
tomcat/tc8.0.x/trunk/java/org/apache/coyote/http11/upgrade/AbstractServletOutputStream.java
URL: 
http://svn.apache.org/viewvc/tomcat/tc8.0.x/trunk/java/org/apache/coyote/http11/upgrade/AbstractServletOutputStream.java?rev=1804815&r1=1804814&r2=1804815&view=diff
==
--- 
tomcat/tc8.0.x/trunk/java/org/apache/coyote/http11/upgrade/AbstractServletOutputStream.java
 (original)
+++ 
tomcat/tc8.0.x/trunk/java/org/apache/coyote/http11/upgrade/AbstractServletOutputStream.java
 Fri Aug 11 16:10:32 2017
@@ -100,14 +100,14 @@ public abstract class AbstractServletOut
 throw new IllegalArgumentException(
 sm.getString("upgrade.sos.writeListener.set"));
 }
+this.listener = listener;
+this.applicationLoader = 
Thread.currentThread().getContextClassLoader();
 // Container is responsible for first call to onWritePossible() but 
only
 // need to do this if setting the listener for the first time.
 synchronized (fireListenerLock) {
 fireListener = true;
 }
 socketWrapper.addDispatch(DispatchType.NON_BLOCKING_WRITE);
-this.listener = listener;
-this.applicationLoader = 
Thread.currentThread().getContextClassLoader();
 }
 
 

Modified: tomcat/tc8.0.x/trunk/webapps/docs/changelog.xml
URL: 
http://svn.apache.org/viewvc/tomcat/tc8.0.x/trunk/webapps/docs/changelog.xml?rev=1804815&r1=1804814&r2=1804815&view=diff
==
--- tomcat/tc8.0.x/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/tc8.0.x/trunk/webapps/docs/changelog.xml Fri Aug 11 16:10:32 2017
@@ -45,6 +45,14 @@
   issues do not "pop up" wrt. others).
 -->
 
+  
+
+  
+Fix possible race condition when setting IO listeners on an upgraded
+connection. (remm)
+  
+
+  
 
 
   



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Re: Server TLS renegotiation issues with tc-native

2017-08-11 Thread Konstantin Kolinko
2017-08-11 18:20 GMT+03:00 Mark Thomas :
> On 09/08/17 15:51, Mark Thomas wrote:
>
>> I'll take a look at this. I think the hint about the statistics hack
>> will help me get further than I have so far. Whether it is far enough,
>> we'll see.
>
> As it happened, the statistics weren't the fix I needed but they got me
> looking in the right direction where I found SSL_renegotiate_pending() -
> thanks for the hint.
>
> I have attached my proposed patch for review.

1. Sanity check:  You need to explicitly initialize new local variable
"error = 0".

Current code initializes it only when "if (retVal < 1)" and subsequent
if (error == SSL_ERROR_WANT_READ) reads an uninitialized value.

Local variables need explicit initialization in C (they do not default to 0).
https://stackoverflow.com/questions/14049777/why-are-global-variables-always-initialized-to-0-but-not-local-variables

2. Many new lines have tab characters and some have trailing whitespace.

Best regards,
Konstantin Kolinko

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



svn commit: r1804856 - /tomcat/trunk/test/org/apache/tomcat/util/net/ca.jks

2017-08-11 Thread rjung
Author: rjung
Date: Fri Aug 11 21:25:37 2017
New Revision: 1804856

URL: http://svn.apache.org/viewvc?rev=1804856&view=rev
Log:
Change alias name from "mykey" to "ca".

Command used was:
keytool -changealias -alias mykey -destalias ca \
-keystore ca.jks

Modified:
tomcat/trunk/test/org/apache/tomcat/util/net/ca.jks

Modified: tomcat/trunk/test/org/apache/tomcat/util/net/ca.jks
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/test/org/apache/tomcat/util/net/ca.jks?rev=1804856&r1=1804855&r2=1804856&view=diff
==
Binary files - no diff available.



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org