svn commit: r1847702 - in /tomcat/trunk/java/org/apache/catalina/ha/backend: CollectedInfo.java HeartbeatListener.java
Author: jfclere
Date: Thu Nov 29 09:14:27 2018
New Revision: 1847702
URL: http://svn.apache.org/viewvc?rev=1847702&view=rev
Log:
Add back the getters and setters and arrange the Listener so that it works in
tomcat9.
Modified:
tomcat/trunk/java/org/apache/catalina/ha/backend/CollectedInfo.java
tomcat/trunk/java/org/apache/catalina/ha/backend/HeartbeatListener.java
Modified: tomcat/trunk/java/org/apache/catalina/ha/backend/CollectedInfo.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/ha/backend/CollectedInfo.java?rev=1847702&r1=1847701&r2=1847702&view=diff
==
--- tomcat/trunk/java/org/apache/catalina/ha/backend/CollectedInfo.java
(original)
+++ tomcat/trunk/java/org/apache/catalina/ha/backend/CollectedInfo.java Thu Nov
29 09:14:27 2018
@@ -59,25 +59,36 @@ public class CollectedInfo {
Set set = mBeanServer.queryMBeans(objectName, null);
for (ObjectInstance oi : set) {
objName = oi.getObjectName();
+String subtype = objName.getKeyProperty("subType");
+if (subtype != null && subtype.equals("SocketProperties")) {
+objName = null;
+continue;
+}
String name = objName.getKeyProperty("name");
+name = name.replace("\"", "");
/* Name are:
- * http-8080
- * jk-10.33.144.3-8009
- * jk-jfcpc%2F10.33.144.3-8009
+ * ajp-nio-8009
+ * ajp-nio-127.0.0.1-8009
+ * ajp-nio-0:0:0:0:0:0:0:1-8009
+ * ajp-nio-10.36.116.209-8009
*/
String [] elenames = name.split("-");
String sport = elenames[elenames.length-1];
iport = Integer.parseInt(sport);
-String [] shosts = elenames[1].split("%2F");
-shost = shosts[0];
+if (elenames.length == 4)
+shost = elenames[2];
if (port==0 && host==null)
- break; /* Take the first one */
-if (host==null && iport==port)
-break; /* Only port done */
-if (shost.compareTo(host) == 0)
-break; /* Done port and host are the expected ones */
+break; /* Done: take the first one */
+if (iport==port) {
+if (host == null)
+break; /* Done: return the first with the right port */
+else if (shost != null && shost.compareTo(host) == 0)
+break; /* Done port and host are the expected ones */
+}
+objName = null;
+shost = null;
}
if (objName == null)
throw new Exception("Can't find connector for " + host + ":" +
port);
Modified:
tomcat/trunk/java/org/apache/catalina/ha/backend/HeartbeatListener.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/ha/backend/HeartbeatListener.java?rev=1847702&r1=1847701&r2=1847702&view=diff
==
--- tomcat/trunk/java/org/apache/catalina/ha/backend/HeartbeatListener.java
(original)
+++ tomcat/trunk/java/org/apache/catalina/ha/backend/HeartbeatListener.java Thu
Nov 29 09:14:27 2018
@@ -18,8 +18,6 @@
package org.apache.catalina.ha.backend;
-import org.apache.catalina.ContainerEvent;
-import org.apache.catalina.ContainerListener;
import org.apache.catalina.Lifecycle;
import org.apache.catalina.LifecycleEvent;
import org.apache.catalina.LifecycleListener;
@@ -33,45 +31,135 @@ import org.apache.juli.logging.LogFactor
* what about the bind(IP. port) only IP makes sense (for the moment).
* BTW:v = version :-)
*/
-public class HeartbeatListener implements LifecycleListener, ContainerListener
{
+public class HeartbeatListener implements LifecycleListener {
private static final Log log = LogFactory.getLog(HeartbeatListener.class);
/* To allow to select the connector */
-private int port = 0;
-private String host = null;
+protected int port = 8009;
+protected String host = null;
+
+/**
+ * @return the host corresponding to the connector
+ * we want to proxy.
+ */
+public String getHost() {
+return this.host;
+}
+
+/**
+ * Set the host corresponding to the connector.
+ *
+ * @param host the hostname or ip string.
+ */
+public void setHost(String host) {
+this.host = host;
+}
+
+/**
+ * @return the port of the connector we want to proxy.
+ */
+public int getPort() {
+return this.port;
+}
+
+/**
+ * Set the port corresponding to the connector.
+ *
+ * @param port default 8009 the ajp one.
+ */
+public void setPort(int port) {
+this.port = port;
+}
/* for multicasting stuff */
-private final String ip = "224.0.1.105"; /* Multicast
buildbot failure in on tomcat-trunk
The Buildbot has detected a new failure on builder tomcat-trunk while building . Full details are available at: https://ci.apache.org/builders/tomcat-trunk/builds/3803 Buildbot URL: https://ci.apache.org/ Buildslave for this Build: silvanus_ubuntu Build Reason: The AnyBranchScheduler scheduler named 'on-tomcat-commit' triggered this build Build Source Stamp: [branch tomcat/trunk] 1847702 Blamelist: jfclere BUILD FAILED: failed compile Sincerely, -The Buildbot - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1847704 - /tomcat/trunk/java/org/apache/catalina/ha/backend/HeartbeatListener.java
Author: markt Date: Thu Nov 29 09:46:49 2018 New Revision: 1847704 URL: http://svn.apache.org/viewvc?rev=1847704&view=rev Log: Fix issues reported by CI Modified: tomcat/trunk/java/org/apache/catalina/ha/backend/HeartbeatListener.java Modified: tomcat/trunk/java/org/apache/catalina/ha/backend/HeartbeatListener.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/ha/backend/HeartbeatListener.java?rev=1847704&r1=1847703&r2=1847704&view=diff == --- tomcat/trunk/java/org/apache/catalina/ha/backend/HeartbeatListener.java (original) +++ tomcat/trunk/java/org/apache/catalina/ha/backend/HeartbeatListener.java Thu Nov 29 09:46:49 2018 @@ -128,7 +128,6 @@ public class HeartbeatListener implement /** * Set the list of Proxies that send is requests, when not empty it toogles * the multi to off. A SetHandler heartbeat must be existing in httpd.conf. - * * * @param proxyList the list of proxy, format "address:port,address:port". */ @@ -140,15 +139,17 @@ public class HeartbeatListener implement protected String proxyURL = "/HeartbeatListener"; /** - * @return the URL specified in for the SetHandler heartbeat. + * @return the URL specified infor the SetHandler heartbeat. */ public String getProxyURL() { return proxyURL; } /** * Set the URL of receiver in httpd. That is the location used in - * + * + * *SetHandler heartbeat - * + * + * * All proxies MUST use the same location. * * @param proxyURL a String with the URL starting with / - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: svn commit: r1847704 - /tomcat/trunk/java/org/apache/catalina/ha/backend/HeartbeatListener.java
On 29/11/2018 09:56, jean-frederic clere wrote: > On 29/11/2018 10:46, ma...@apache.org wrote: >> Author: markt >> Date: Thu Nov 29 09:46:49 2018 >> New Revision: 1847704 >> >> URL: http://svn.apache.org/viewvc?rev=1847704&view=rev >> Log: >> Fix issues reported by CI >> > > Thanks np I was was nice to have an easy fix to start the day. At least I know I will have achieved something. Next on my list is the TLS 1.0 issue with NIO and the latest OpenSSL and I'm not sure how much progress I am going to be able to make on that. Mark - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1847709 - /tomcat/trunk/webapps/docs/config/listeners.xml
Author: jfclere Date: Thu Nov 29 10:26:05 2018 New Revision: 1847709 URL: http://svn.apache.org/viewvc?rev=1847709&view=rev Log: Add missing doc. Modified: tomcat/trunk/webapps/docs/config/listeners.xml Modified: tomcat/trunk/webapps/docs/config/listeners.xml URL: http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/config/listeners.xml?rev=1847709&r1=1847708&r2=1847709&view=diff == --- tomcat/trunk/webapps/docs/config/listeners.xml (original) +++ tomcat/trunk/webapps/docs/config/listeners.xml Thu Nov 29 10:26:05 2018 @@ -606,6 +606,50 @@ + + +The HTTPD mod_heartmonitor Listener allows tomcat to send heart beat message to +the Apache HTTPD mod_heartmonitor module. + +The following additional attributes are supported by the HTTPD mod_heartmonitor +Listener: + + + +Port the connector that will received proxied traffic from HTTPD, default the first connector will be used + + + +Host it is the IP corresponding the address of the connector that will received proxied traffic, +default empty the Port will be used + + + +proxyURL is the URL corresponding to the Location in httpd configuration of the heartbeat Handler, +default /HeartbeatListener + + + +ProxyList is the list of proxies from which tomcat is going to receive requests, +formatted like "address:port,address:port" once filled the multicast logic is disable and the multi parameters are +ignored + + + +Group is the Multicast IP to boardcast messages to HTTPD, default 224.0.1.105 + + + +Multiport is the Multicast port to boardcast messages to HTTPD, default 23364 + + + +Ttl is the TTL for the boardcast messages, default 16 + + + + + - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
buildbot success in on tomcat-trunk
The Buildbot has detected a restored build on builder tomcat-trunk while building . Full details are available at: https://ci.apache.org/builders/tomcat-trunk/builds/3805 Buildbot URL: https://ci.apache.org/ Buildslave for this Build: silvanus_ubuntu Build Reason: The AnyBranchScheduler scheduler named 'on-tomcat-commit' triggered this build Build Source Stamp: [branch tomcat/trunk] 1847709 Blamelist: jfclere Build succeeded! Sincerely, -The Buildbot - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1847714 - /tomcat/native/trunk/native/src/sslconf.c
Author: jfclere Date: Thu Nov 29 13:06:21 2018 New Revision: 1847714 URL: http://svn.apache.org/viewvc?rev=1847714&view=rev Log: Allow to compile with --enable-insecure-export-ciphers Modified: tomcat/native/trunk/native/src/sslconf.c Modified: tomcat/native/trunk/native/src/sslconf.c URL: http://svn.apache.org/viewvc/tomcat/native/trunk/native/src/sslconf.c?rev=1847714&r1=1847713&r2=1847714&view=diff == --- tomcat/native/trunk/native/src/sslconf.c (original) +++ tomcat/native/trunk/native/src/sslconf.c Thu Nov 29 13:06:21 2018 @@ -220,8 +220,8 @@ TCN_IMPLEMENT_CALL(jint, SSLConf, apply) unsigned long ec; #ifndef HAVE_EXPORT_CIPHERS size_t len; -char *buf = NULL; #endif +char *buf = NULL; TCN_ALLOC_CSTRING(cmd); TCN_ALLOC_CSTRING(value); UNREFERENCED(o); - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: svn commit: r1847704 - /tomcat/trunk/java/org/apache/catalina/ha/backend/HeartbeatListener.java
On 29/11/2018 11:04, Mark Thomas wrote: > On 29/11/2018 09:56, jean-frederic clere wrote: >> On 29/11/2018 10:46, ma...@apache.org wrote: >>> Author: markt >>> Date: Thu Nov 29 09:46:49 2018 >>> New Revision: 1847704 >>> >>> URL: http://svn.apache.org/viewvc?rev=1847704&view=rev >>> Log: >>> Fix issues reported by CI >>> >> >> Thanks > > np > > I was was nice to have an easy fix to start the day. At least I know I > will have achieved something. Next on my list is the TLS 1.0 issue with > NIO and the latest OpenSSL and I'm not sure how much progress I am going > to be able to make on that. I did a quick try, that looks hard :-( -- Cheers Jean-Frederic - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 62964] New: Add RFC7807 conformant Problem Details for HTTP status codes for Webdav Servlets
https://bz.apache.org/bugzilla/show_bug.cgi?id=62964 Bug ID: 62964 Summary: Add RFC7807 conformant Problem Details for HTTP status codes for Webdav Servlets Product: Tomcat 9 Version: 9.0.x Hardware: PC OS: Linux Status: NEW Severity: enhancement Priority: P2 Component: Servlet Assignee: dev@tomcat.apache.org Reporter: moydevi...@privasphere.com Target Milestone: - As bug 60362 comment 75 explains, the "reason" together with the http status code has been replaced with a new standard: In the case of non-specific HTTP status codes, information about specific 4xx codes should be included for the API client. These specifications should returned in an HTTP response in the form of a JSON problem details object as per [RFC7807] (https://tools.ietf.org/html/rfc7807). It would be useful to make these specific modifications in WebdavServlet.java available as a show-case. Or are there better places for this or already finished samples for Tomcat 7? -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: Current problems with TLS 1.0 and NIO(2)+native+openssl 1.1.1
On Sun, Nov 25, 2018 at 10:42 AM Rainer Jung
wrote:
> In our Java code, what happens is a call to unwrap() in OpenSSLEngine.
> This call writes I think 146 bytes, then checks
> pendingReadableBytesInSSL(). That call in turn calls SSL.readFromSSL()
> and gets back "0" (from SSL_read()). Up in unwrap() we then skip the
> while loop and finally return with BUFFER_UNDERFLOW. Then we hang,
> probably because the data was read by OpenSSL and no more socket event
> happens. If I artificially add another call to
> pendingReadableBytesInSSL() which triggers another SSL_read(), the hang
> does not occur.
>
> IMHO TLS 1.0 is not such a big problem, but we should at least document
> it when we do a new release.
>
> Last time, Mark fixed pendingReadableBytesInSSL (=
SSL.pendingReadableBytesInSSL) not working by using a fake read
(SSL.readFromSSL(ssl, EMPTY_ADDR, 0)) to start a new record. So then we
actually need to make *two* fake reads (if the result of the first is zero)
and we would be fine ? This OpenSSL API sounds ridiculously bad ... (IMO)
So you made it sound like it would work:
Index: java/org/apache/tomcat/util/net/openssl/OpenSSLEngine.java
===
--- java/org/apache/tomcat/util/net/openssl/OpenSSLEngine.java(revision
1847712)
+++ java/org/apache/tomcat/util/net/openssl/OpenSSLEngine.java(working
copy)
@@ -635,6 +635,9 @@
// See https://www.openssl.org/docs/manmaster/ssl/SSL_pending.html
clearLastError();
int lastPrimingReadResult = SSL.readFromSSL(ssl, EMPTY_ADDR, 0);
// priming read
+if (lastPrimingReadResult == 0) {
+lastPrimingReadResult = SSL.readFromSSL(ssl, EMPTY_ADDR, 0);
+}
// check if SSL_read returned <= 0. In this case we need to check
the error and see if it was something
// fatal.
if (lastPrimingReadResult <= 0) {
Rémy
[Bug 62964] Add RFC7807 conformant Problem Details for HTTP status codes for Webdav Servlets
https://bz.apache.org/bugzilla/show_bug.cgi?id=62964 Ralf Hauser changed: What|Removed |Added CC||hau...@acm.org -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 60362] Missing reason phrase in response
https://bz.apache.org/bugzilla/show_bug.cgi?id=60362 --- Comment #78 from Ralf Hauser --- see also Bug 62964 -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 60618] Configurable reason phrase in HTTP response
https://bz.apache.org/bugzilla/show_bug.cgi?id=60618 --- Comment #2 from Ralf Hauser --- see also Bug 62964 -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 62964] Add RFC7807 conformant Problem Details for HTTP status codes for Webdav Servlets
https://bz.apache.org/bugzilla/show_bug.cgi?id=62964 --- Comment #1 from Mark Thomas --- How are RFC 7807 error messages meant to be provided to WebDAV clients since the WebDAV spec predates RFC 7807 and RFC 7807 provides no guidance on this. Which WebDAV clients support RFC 7807 error messages? How will a client that hasn't adopted RFC 7807 behave in the presence of an RFC 7807 error message? -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1847725 - in /tomcat/trunk: res/tomcat-maven/ res/tomcat-maven/Dockerfile res/tomcat-maven/README.md res/tomcat-maven/pom.xml webapps/docs/changelog.xml
Author: remm Date: Thu Nov 29 14:29:57 2018 New Revision: 1847725 URL: http://svn.apache.org/viewvc?rev=1847725&view=rev Log: As requested, add the packaging-using-Maven as well as the corresponding (much simpler than the official one) dockerfile. To be refined most likely. Added: tomcat/trunk/res/tomcat-maven/ tomcat/trunk/res/tomcat-maven/Dockerfile (with props) tomcat/trunk/res/tomcat-maven/README.md (with props) tomcat/trunk/res/tomcat-maven/pom.xml (with props) Modified: tomcat/trunk/webapps/docs/changelog.xml Added: tomcat/trunk/res/tomcat-maven/Dockerfile URL: http://svn.apache.org/viewvc/tomcat/trunk/res/tomcat-maven/Dockerfile?rev=1847725&view=auto == --- tomcat/trunk/res/tomcat-maven/Dockerfile (added) +++ tomcat/trunk/res/tomcat-maven/Dockerfile Thu Nov 29 14:29:57 2018 @@ -0,0 +1,37 @@ +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +FROM openjdk:8-jre-alpine +VOLUME /tmp + +USER root +RUN mkdir -m 777 -p /deployments + +ADD target/tomcat-maven-1.0.jar /deployments/app.jar +ADD conf /deployments/conf +ADD webapps /deployments/webapps + +WORKDIR /deployments + +ARG namespace=myproject +ENV KUBERNETES_NAMESPACE=$namespace +ARG port=8080 +EXPOSE $port + +RUN sh -c 'touch app.jar' +ENV JAVA_OPTS="-Dcatalina.base=. -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager -Djava.util.logging.config.file=conf/logging.properties -Djava.security.egd=file:/dev/urandom" +ENTRYPOINT [ "sh", "-c", "java $JAVA_OPTS -jar app.jar" ] + Propchange: tomcat/trunk/res/tomcat-maven/Dockerfile -- svn:eol-style = native Added: tomcat/trunk/res/tomcat-maven/README.md URL: http://svn.apache.org/viewvc/tomcat/trunk/res/tomcat-maven/README.md?rev=1847725&view=auto == --- tomcat/trunk/res/tomcat-maven/README.md (added) +++ tomcat/trunk/res/tomcat-maven/README.md Thu Nov 29 14:29:57 2018 @@ -0,0 +1,74 @@ + + +# Apache Tomcat distribution for Apache Maven + +## Configuration + +Configuration is located in `conf/server.xml`, `conf/web.xml`, `conf/logging.properties`, all other configuration files, resources and context files are located in `conf`, identical to standalone Tomcat. + +## Building + +### Maven build + +Update Tomcat version number in the `pom.xml`, customize Tomcat components in the dependencies to keep the ones needed (only the main `tomcat-catalina` is mandatory). Custom Tomcat components sources can be added to the usual Maven build path and will be included in the package that is built. +``` +mvn clean; mvn package +``` + +### Docker build + +``` +docker build -t apache/tomcat-maven:1.0 -f ./Dockerfile . +``` +Docker build arguments include `namepsace` (default is `myproject`) and `port` which should match the Tomcat port in `server.xml` (default is `8080`). Other ports that need to be exposed can be added in the `Dockerfile` as needed. Webapps should be added to the `webapps` folder where they will be auto deployed by the host if using the defaults. Otherwise, the `Dockerfile` command line can be edited like below to include the necesary resources and command line arguments to run a single or multiple hardcoded web applications. + +## Running + +Add a webapp as folder mywebapp (for this example, or specify another path), or a path from which a configured Host will auto deploy +``` +--path: Specify a path the wepapp will use +--war: Add the spcified path (directory or war) as a webapp (if no path has been specified, it will be the root webapp) +``` + +The JULI logging manager configuration is optional but makes logging more readable and configurable: +`-Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager -Djava.util.logging.config.file=conf/logging.properties` +The default JULI configuration uses `catalina.base`, so specifying the system property with `-Dcatalina.base=.` is also useful. + +### Command line example with a single root webapp + +``` +java -Dcatalina.base=. -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager -Djava.util.logging.config.file=c
Re: Current problems with TLS 1.0 and NIO(2)+native+openssl 1.1.1
On 29/11/2018 13:27, Rémy Maucherat wrote:
> On Sun, Nov 25, 2018 at 10:42 AM Rainer Jung
> wrote:
>
>> In our Java code, what happens is a call to unwrap() in OpenSSLEngine.
>> This call writes I think 146 bytes, then checks
>> pendingReadableBytesInSSL(). That call in turn calls SSL.readFromSSL()
>> and gets back "0" (from SSL_read()). Up in unwrap() we then skip the
>> while loop and finally return with BUFFER_UNDERFLOW. Then we hang,
>> probably because the data was read by OpenSSL and no more socket event
>> happens. If I artificially add another call to
>> pendingReadableBytesInSSL() which triggers another SSL_read(), the hang
>> does not occur.
>>
>> IMHO TLS 1.0 is not such a big problem, but we should at least document
>> it when we do a new release.
>>
> Last time, Mark fixed pendingReadableBytesInSSL (=
> SSL.pendingReadableBytesInSSL) not working by using a fake read
> (SSL.readFromSSL(ssl, EMPTY_ADDR, 0)) to start a new record. So then we
> actually need to make *two* fake reads (if the result of the first is zero)
> and we would be fine ? This OpenSSL API sounds ridiculously bad ... (IMO)
My research is leading me in that direction. So far, it looks like TLS
1.0 is sending two application data packets (I assume this is mitigation
for BEAST) whereas TLS 1.1 and later only send 1. It appears those two
packets each need a priming read. Not sure why. I'd expect to be able to
read a single character after the first packet but the API indicates 0
characters are available.
I have been trying to find some API to call that reliably indicates that
another priming read is required but I haven't found it yet. I am
currently looking at triggering a second priming read if:
- TLS 1.0 is being used
- a priming read returns 0
- SSL_get_error returns 5
- pendingReadableBytesInSSL returns 0
I also want to think about trying to reduce the number of times we call
into native code. I'm not sure how practical this is and - since it only
affects TLS 1.0 - I'm not overly concerned since folks should really be
on TLS 1.2 / 1.3 by now.
> So you made it sound like it would work:
> Index: java/org/apache/tomcat/util/net/openssl/OpenSSLEngine.java
> ===
> --- java/org/apache/tomcat/util/net/openssl/OpenSSLEngine.java(revision
> 1847712)
> +++ java/org/apache/tomcat/util/net/openssl/OpenSSLEngine.java(working
> copy)
> @@ -635,6 +635,9 @@
> // See https://www.openssl.org/docs/manmaster/ssl/SSL_pending.html
> clearLastError();
> int lastPrimingReadResult = SSL.readFromSSL(ssl, EMPTY_ADDR, 0);
> // priming read
> +if (lastPrimingReadResult == 0) {
> +lastPrimingReadResult = SSL.readFromSSL(ssl, EMPTY_ADDR, 0);
> +}
> // check if SSL_read returned <= 0. In this case we need to check
> the error and see if it was something
> // fatal.
> if (lastPrimingReadResult <= 0) {
Yep. That is a much cleaner version of what I have currently working.
Mark
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: Current problems with TLS 1.0 and NIO(2)+native+openssl 1.1.1
Am 29.11.2018 um 15:55 schrieb Mark Thomas:
On 29/11/2018 13:27, Rémy Maucherat wrote:
On Sun, Nov 25, 2018 at 10:42 AM Rainer Jung
wrote:
In our Java code, what happens is a call to unwrap() in OpenSSLEngine.
This call writes I think 146 bytes, then checks
pendingReadableBytesInSSL(). That call in turn calls SSL.readFromSSL()
and gets back "0" (from SSL_read()). Up in unwrap() we then skip the
while loop and finally return with BUFFER_UNDERFLOW. Then we hang,
probably because the data was read by OpenSSL and no more socket event
happens. If I artificially add another call to
pendingReadableBytesInSSL() which triggers another SSL_read(), the hang
does not occur.
IMHO TLS 1.0 is not such a big problem, but we should at least document
it when we do a new release.
Last time, Mark fixed pendingReadableBytesInSSL (=
SSL.pendingReadableBytesInSSL) not working by using a fake read
(SSL.readFromSSL(ssl, EMPTY_ADDR, 0)) to start a new record. So then we
actually need to make *two* fake reads (if the result of the first is zero)
and we would be fine ? This OpenSSL API sounds ridiculously bad ... (IMO)
My research is leading me in that direction. So far, it looks like TLS
1.0 is sending two application data packets (I assume this is mitigation
for BEAST) whereas TLS 1.1 and later only send 1. It appears those two
packets each need a priming read. Not sure why. I'd expect to be able to
read a single character after the first packet but the API indicates 0
characters are available.
I have been trying to find some API to call that reliably indicates that
another priming read is required but I haven't found it yet. I am
currently looking at triggering a second priming read if:
- TLS 1.0 is being used
- a priming read returns 0
- SSL_get_error returns 5
- pendingReadableBytesInSSL returns 0
I also want to think about trying to reduce the number of times we call
into native code. I'm not sure how practical this is and - since it only
affects TLS 1.0 - I'm not overly concerned since folks should really be
on TLS 1.2 / 1.3 by now.
I like the restriction of the workaround for TLS 1.0. My experiments
seemed to indicate, that such an additional priming read might not
directly help at the point in time where the normal read returns 0 byte,
but it might help indirectly, because it is also done at some
communication stage before and then the first read after processing no
longer returns 0 but instead some bytes. Everything quite vague, I know.
Regards,
Rainer
So you made it sound like it would work:
Index: java/org/apache/tomcat/util/net/openssl/OpenSSLEngine.java
===
--- java/org/apache/tomcat/util/net/openssl/OpenSSLEngine.java(revision
1847712)
+++ java/org/apache/tomcat/util/net/openssl/OpenSSLEngine.java(working
copy)
@@ -635,6 +635,9 @@
// See https://www.openssl.org/docs/manmaster/ssl/SSL_pending.html
clearLastError();
int lastPrimingReadResult = SSL.readFromSSL(ssl, EMPTY_ADDR, 0);
// priming read
+if (lastPrimingReadResult == 0) {
+lastPrimingReadResult = SSL.readFromSSL(ssl, EMPTY_ADDR, 0);
+}
// check if SSL_read returned <= 0. In this case we need to check
the error and see if it was something
// fatal.
if (lastPrimingReadResult <= 0) {
Yep. That is a much cleaner version of what I have currently working.
Mark
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1847729 - /tomcat/trunk/webapps/docs/changelog.xml
Author: remm Date: Thu Nov 29 16:05:35 2018 New Revision: 1847729 URL: http://svn.apache.org/viewvc?rev=1847729&view=rev Log: Trivial fix (trigger a build) Modified: tomcat/trunk/webapps/docs/changelog.xml Modified: tomcat/trunk/webapps/docs/changelog.xml URL: http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1847729&r1=1847728&r2=1847729&view=diff == --- tomcat/trunk/webapps/docs/changelog.xml (original) +++ tomcat/trunk/webapps/docs/changelog.xml Thu Nov 29 16:05:35 2018 @@ -160,7 +160,7 @@ Refactor various operations performed in tribes using a scheduled executor. When tribes is not running standalone, it will use the -executor from the Catalina Service. If running independently, the +executor from the Catalina Server. If running independently, the Channel will provide the executor. (remm) - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 62964] Add RFC7807 conformant Problem Details for HTTP status codes for Webdav Servlets
https://bz.apache.org/bugzilla/show_bug.cgi?id=62964 --- Comment #2 from Sarah Moy de Vitry --- (In reply to Mark Thomas from comment #1) > How are RFC 7807 error messages meant to be provided to WebDAV clients since > the WebDAV spec predates RFC 7807 and RFC 7807 provides no guidance on this. We can include the error messages in the same format but as xml content. Since the Versioning Extension of Webdav allows additional information to be included in the body of an error in xml format(https://www.greenbytes.de/tech/webdav/rfc4918.html#RFC3253) this could be a viable possibility. Also, since the WebDAV protocol inherits many properties from HTTP(which has deprecated the practice of including reasons in headers and moved towards including details in the error body) we assumed that Webdav will follow this trend and update accordingly. > Which WebDAV clients support RFC 7807 error messages? We are currently in contact with a few WebDAV clients who have expressed interest in supporting RFC 7807 error messages. > How will a client that hasn't adopted RFC 7807 behave in the presence of an > RFC 7807 error message? Clients that haven't adopted RFC 7807 should still be able to take decidable action based on the original status code alone with the additional information being superfluous to them. Another possibility is to have specific xml errors returned when certain preconditions and postconditions are violated as per [RFC4918] (https://www.greenbytes.de/tech/webdav/rfc4918.html#precondition.postcondition.xml.elements) which is specific to WebDAV. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: svn commit: r1847714 - /tomcat/native/trunk/native/src/sslconf.c
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Jean-Frederic, On 11/29/18 08:06, jfcl...@apache.org wrote: > Author: jfclere Date: Thu Nov 29 13:06:21 2018 New Revision: > 1847714 > > URL: http://svn.apache.org/viewvc?rev=1847714&view=rev Log: Allow > to compile with --enable-insecure-export-ciphers **WHY**?! - -chris > Modified: tomcat/native/trunk/native/src/sslconf.c > > Modified: tomcat/native/trunk/native/src/sslconf.c URL: > http://svn.apache.org/viewvc/tomcat/native/trunk/native/src/sslconf.c? rev=1847714&r1=1847713&r2=1847714&view=diff > > == > --- tomcat/native/trunk/native/src/sslconf.c (original) +++ > tomcat/native/trunk/native/src/sslconf.c Thu Nov 29 13:06:21 2018 > @@ -220,8 +220,8 @@ TCN_IMPLEMENT_CALL(jint, SSLConf, apply) > unsigned long ec; #ifndef HAVE_EXPORT_CIPHERS size_t len; -char > *buf = NULL; #endif +char *buf = NULL; TCN_ALLOC_CSTRING(cmd); > TCN_ALLOC_CSTRING(value); UNREFERENCED(o); > > > > - > > To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org > For additional commands, e-mail: dev-h...@tomcat.apache.org > -BEGIN PGP SIGNATURE- Comment: Using GnuPG with Thunderbird - https://www.enigmail.net/ iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAlwAHh0ACgkQHPApP6U8 pFhw5A/+ID8JAnZYLfPn11OVem/f+LMuD+gI4Ixkee6a0tR/1ybbxB1Xf0nH4rqw HddBmCWncQaXwuQAahqkco8Oz5+h3aVA1FbZihsbSYoH68dWGZJGGgnQHZPvML9k ypC19B4I+AisD9XTbDczszvo+cNoH3aBpOvyhPGE1KHs6/eFR86phPJzcGrke04l UtYTLV/MO1RPYcOniCSm/5nrp8kJg2kSrIY2RfACFVFHQDSslPeMKkV0lLMg5/m3 NpvFF2v1pwf0HzW8SoUO72NMOYq/cyPmuyQAYSEgl0dO42Py2ZsG2TwYvQASRMzR o1KQ09EHvJnNbGU12NwG1O++0fH0C4URbXcVVCIgdTS79qVN+bcud+4YsU1pHMcf On6yvgeE9q2b0deyhAIkDyBel2v8z4ksDPBoHaCzxNfnDQJPnF9Bb54YTrfGj0qh OGe7Ir6GCYVlUj75S+tb/78k9Mc1if6Polpp0I4Y9Pu7AS45MU5+EYeJXhh1QK8q eiZ5UJt3/QEfXXltqNcbLSivmUxfXQE+DGSGP2tm/jC8Hii1V0BwiqZfMKnN6Z/E NYiuy6bWpEWCSZDaZDh+ZP9gR6H0DFfwDA1R5GpH7JH31JhTIHypEtjNg67ITymU oJU5XmiqaLegpx0n4HQi0E6By53HV6vDhAuN+Q767W7pBUUVQvA= =hyDx -END PGP SIGNATURE- - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: svn commit: r1847714 - /tomcat/native/trunk/native/src/sslconf.c
On 29/11/2018 18:13, Christopher Schultz wrote: > Jean-Frederic, > > On 11/29/18 08:06, jfcl...@apache.org wrote: >> Author: jfclere Date: Thu Nov 29 13:06:21 2018 New Revision: >> 1847714 > >> URL: http://svn.apache.org/viewvc?rev=1847714&view=rev Log: Allow >> to compile with --enable-insecure-export-ciphers > > **WHY**?! http://svn.apache.org/viewvc/tomcat/native/trunk/native/src/sslconf.c?view=markup&pathrev=1847714#l252 that can't compile otherwise. -- Cheers Jean-Frederic - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 62964] Add RFC7807 conformant Problem Details for HTTP status codes for Webdav Servlets
https://bz.apache.org/bugzilla/show_bug.cgi?id=62964 --- Comment #3 from Christopher Schultz --- The WebDAV servlet is fairly isolated from everything else in Tomcat. Patches are always welcome. Anything you add to the existing responses should be opt-in based upon configuration of the WebDAV servlet in a particular web application. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: Current problems with TLS 1.0 and NIO(2)+native+openssl 1.1.1
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Rémy,
On 11/29/18 08:27, Rémy Maucherat wrote:
> On Sun, Nov 25, 2018 at 10:42 AM Rainer Jung
> wrote:
>
>> In our Java code, what happens is a call to unwrap() in
>> OpenSSLEngine. This call writes I think 146 bytes, then checks
>> pendingReadableBytesInSSL(). That call in turn calls
>> SSL.readFromSSL() and gets back "0" (from SSL_read()). Up in
>> unwrap() we then skip the while loop and finally return with
>> BUFFER_UNDERFLOW. Then we hang, probably because the data was
>> read by OpenSSL and no more socket event happens. If I
>> artificially add another call to pendingReadableBytesInSSL()
>> which triggers another SSL_read(), the hang does not occur.
>>
>> IMHO TLS 1.0 is not such a big problem, but we should at least
>> document it when we do a new release.
>>
>> Last time, Mark fixed pendingReadableBytesInSSL (=
> SSL.pendingReadableBytesInSSL) not working by using a fake read
> (SSL.readFromSSL(ssl, EMPTY_ADDR, 0)) to start a new record. So
> then we actually need to make *two* fake reads (if the result of
> the first is zero) and we would be fine ? This OpenSSL API sounds
> ridiculously bad ... (IMO)
>
> So you made it sound like it would work: Index:
> java/org/apache/tomcat/util/net/openssl/OpenSSLEngine.java
> ===
>
>
- --- java/org/apache/tomcat/util/net/openssl/OpenSSLEngine.java(revis
ion
> 1847712) +++
> java/org/apache/tomcat/util/net/openssl/OpenSSLEngine.java
> (working copy) @@ -635,6 +635,9 @@ // See
> https://www.openssl.org/docs/manmaster/ssl/SSL_pending.html
> clearLastError(); int lastPrimingReadResult = SSL.readFromSSL(ssl,
> EMPTY_ADDR, 0); // priming read +if (lastPrimingReadResult
> == 0) { +lastPrimingReadResult = SSL.readFromSSL(ssl,
> EMPTY_ADDR, 0); +} // check if SSL_read returned <= 0. In
> this case we need to check the error and see if it was something //
> fatal. if (lastPrimingReadResult <= 0) {
Is anyone in contact with the OpenSSL folks?
I mean... we could bumble our way through this by ourselves, or we
could ask people who know everything about OpenSSL for some help...
- -chris
-BEGIN PGP SIGNATURE-
Comment: Using GnuPG with Thunderbird - https://www.enigmail.net/
iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAlwAIBYACgkQHPApP6U8
pFgvHw/7BREGqoGDkhGuoWM5dHc4NbaLyDOFF+sFVVDvgE6Ll9oT+jTnotlRlrNy
7ZVspEW6On9VdPKhZYW1itmu1iCqLMnh1Akk2HzUZzKmJR/oMz/gshb76rASwg+u
IyZwDfsemoXVXXIgkT6iEA4yzA3je/L3ahug6JNHC8EGp/QIBBun8OQfwWY30PHY
NfQ5tWmBeJ8bBdb1iV9YPdfWNvBX6LBTjr+iBFJs3QUDgAkiSWLRRu9h8QpfN4XH
gb8SbOGM/YLXHvNoY6flONWzXVFX9mERq4a1JKQHxRJm6HOYy3IX0CZnx+ebhiN1
G1PNVnUPMo5P6hUbo1/W186zFQI5X8C1F/pUKR43fWYyXpaY7q58vHKrfeHEpkbT
SmAUBpAJhT3v9qL+ITW51eeLkIC2CmFz1Xmj8xf89Z5gT37nM9MehtOp23fiu3+A
TrgGxmEjst3NJ6gNSD8OJllYoUHk+tsZXEUo1KH5amDYCk1d0LVpJ8/xorwBuZhX
AXkMgleq0l0Qk5WFaFkhswZ+w6uJCqoEVMbWWfHhp+aFreO5ZJzOQWouDrrMvOTi
WfbJl44qwgBSBwAWKxrDwPbj3ifc0rIhEIZ72A1f1Vf3AllT2moFodZ+HBym3Tgu
bqn1zWjWwP57mtFgvSQS7VWSp1zbZ6xQb7YnSQbIZr47TEYFSG4=
=43IP
-END PGP SIGNATURE-
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: svn commit: r1847714 - /tomcat/native/trunk/native/src/sslconf.c
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Jean-Frederic, On 11/29/18 12:18, jean-frederic clere wrote: > On 29/11/2018 18:13, Christopher Schultz wrote: >> Jean-Frederic, >> >> On 11/29/18 08:06, jfcl...@apache.org wrote: >>> Author: jfclere Date: Thu Nov 29 13:06:21 2018 New Revision: >>> 1847714 >> >>> URL: http://svn.apache.org/viewvc?rev=1847714&view=rev Log: >>> Allow to compile with --enable-insecure-export-ciphers >> >> **WHY**?! > > http://svn.apache.org/viewvc/tomcat/native/trunk/native/src/sslconf.c? view=markup&pathrev=1847714#l252 > > that can't compile otherwise. Oh, I know the "technical" answer, but why should we ever allow - --enable-insecure-export-ciphers? Are there a lot of people who want to use the TLS_RSA_ROT13_MD5 cipher suite? - -chris -BEGIN PGP SIGNATURE- Comment: Using GnuPG with Thunderbird - https://www.enigmail.net/ iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAlwAIOsACgkQHPApP6U8 pFi6eRAAqe8wjvpnbXUx1wu7OBnsKYNRndWJvCYJ5HqPP2Aq3BHj6afBi56MKsmU UVKC+/L6nPdzDhR9GmBAHCDYVdgWxpq1GtDH8QIoYiZh/2pwzGd7Ai5/XeRjpjqx m8Yl6k8vHIGcgTe1+AZ0/cU3zm925ENDNfcyEVqIfRT+n1PY0kZokcgJIZpg2du5 XsqwKwAw760CbiEt3ygF6AWOdQVZ1oFEQh8RhxIG9dhdApgVX6ddH4L4ikz5MGG8 r+Fdpd24XeSKMMXmi+tx81ADukcRY9ybHFCNZ+YMUqmfQLn3L0y6C0lF2vBk8qFa GmoE7J1KLbDd6qgAMRZLaleoTZIFyEYM53gAB0sOuPfu01dGvBhwj2GhiusDnWy7 n7R1GZfM6MUikNvGe2HBDF+lUyqixFJwrE1Q98ZNoGhD7jr7OIH+/5zDKDBDwuvK f2JnlE14lzsiqzjf51owkjQNizrUXF2Xilr17gmkJT8qckmW5rcVVfkOmnHdVKHS U3IEseOcZQkm4j0jwVjAosPtf25cupwSXTH368sszAa9sh287lJsFz5aaOp6E/Rt 2EsgDI03fE4vm9R+xaDKAd3cjO83nIT0REx2/DMTI6l/Y/d1vNP8KT6GsE4TzKIx PY5r6dWQV2qFvg0JtYxOedMKtoYCByRUmXM1YcRdJ3DYBgfMFeM= =MCjw -END PGP SIGNATURE- - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: svn commit: r1847714 - /tomcat/native/trunk/native/src/sslconf.c
On 29/11/2018 18:25, Christopher Schultz wrote: > Jean-Frederic, > > On 11/29/18 12:18, jean-frederic clere wrote: >> On 29/11/2018 18:13, Christopher Schultz wrote: >>> Jean-Frederic, >>> >>> On 11/29/18 08:06, jfcl...@apache.org wrote: Author: jfclere Date: Thu Nov 29 13:06:21 2018 New Revision: 1847714 >>> URL: http://svn.apache.org/viewvc?rev=1847714&view=rev Log: Allow to compile with --enable-insecure-export-ciphers >>> >>> **WHY**?! > >> http://svn.apache.org/viewvc/tomcat/native/trunk/native/src/sslconf.c? > view=markup&pathrev=1847714#l252 > >> that can't compile otherwise. > > Oh, I know the "technical" answer, but why should we ever allow > --enable-insecure-export-ciphers? > > Are there a lot of people who want to use the TLS_RSA_ROT13_MD5 cipher > suite? To test the broken TLS-1.0 in my case :D, customers using broken, unsafe browser or clients... -- Cheers Jean-Frederic - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1847744 - in /tomcat/trunk: modules/jdbc-pool/ res/maven/ res/tomcat-maven/ webapps/docs/
Author: csutherl Date: Thu Nov 29 17:46:45 2018 New Revision: 1847744 URL: http://svn.apache.org/viewvc?rev=1847744&view=rev Log: Add XML Namespace to the project element of all POM files so that XML files are Well Formed and Valid Modified: tomcat/trunk/modules/jdbc-pool/pom.xml tomcat/trunk/res/maven/tomcat-annotations-api.pom tomcat/trunk/res/maven/tomcat-api.pom tomcat/trunk/res/maven/tomcat-catalina-ant.pom tomcat/trunk/res/maven/tomcat-catalina-ha.pom tomcat/trunk/res/maven/tomcat-catalina-jmx-remote.pom tomcat/trunk/res/maven/tomcat-catalina-ws.pom tomcat/trunk/res/maven/tomcat-catalina.pom tomcat/trunk/res/maven/tomcat-coyote.pom tomcat/trunk/res/maven/tomcat-dbcp.pom tomcat/trunk/res/maven/tomcat-el-api.pom tomcat/trunk/res/maven/tomcat-embed-core.pom tomcat/trunk/res/maven/tomcat-embed-el.pom tomcat/trunk/res/maven/tomcat-embed-jasper.pom tomcat/trunk/res/maven/tomcat-embed-websocket.pom tomcat/trunk/res/maven/tomcat-i18n-de.pom tomcat/trunk/res/maven/tomcat-i18n-es.pom tomcat/trunk/res/maven/tomcat-i18n-fr.pom tomcat/trunk/res/maven/tomcat-i18n-ja.pom tomcat/trunk/res/maven/tomcat-i18n-ko.pom tomcat/trunk/res/maven/tomcat-i18n-pt-BR.pom tomcat/trunk/res/maven/tomcat-i18n-ru.pom tomcat/trunk/res/maven/tomcat-i18n-zh-CN.pom tomcat/trunk/res/maven/tomcat-jasper-el.pom tomcat/trunk/res/maven/tomcat-jasper.pom tomcat/trunk/res/maven/tomcat-jaspic-api.pom tomcat/trunk/res/maven/tomcat-jdbc.pom tomcat/trunk/res/maven/tomcat-jni.pom tomcat/trunk/res/maven/tomcat-jsp-api.pom tomcat/trunk/res/maven/tomcat-juli.pom tomcat/trunk/res/maven/tomcat-servlet-api.pom tomcat/trunk/res/maven/tomcat-storeconfig.pom tomcat/trunk/res/maven/tomcat-tribes.pom tomcat/trunk/res/maven/tomcat-util-scan.pom tomcat/trunk/res/maven/tomcat-util.pom tomcat/trunk/res/maven/tomcat-websocket-api.pom tomcat/trunk/res/maven/tomcat-websocket.pom tomcat/trunk/res/maven/tomcat.pom tomcat/trunk/res/tomcat-maven/pom.xml tomcat/trunk/webapps/docs/changelog.xml Modified: tomcat/trunk/modules/jdbc-pool/pom.xml URL: http://svn.apache.org/viewvc/tomcat/trunk/modules/jdbc-pool/pom.xml?rev=1847744&r1=1847743&r2=1847744&view=diff == --- tomcat/trunk/modules/jdbc-pool/pom.xml (original) +++ tomcat/trunk/modules/jdbc-pool/pom.xml Thu Nov 29 17:46:45 2018 @@ -15,8 +15,10 @@ See the License for the specific language governing permissions and limitations under the License. --> -http://maven.apache.org/POM/4.0.0"; xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; - xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd";> +http://maven.apache.org/POM/4.0.0"; + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; + xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 + http://maven.apache.org/xsd/maven-4.0.0.xsd";> 4.0.0 Modified: tomcat/trunk/res/maven/tomcat-annotations-api.pom URL: http://svn.apache.org/viewvc/tomcat/trunk/res/maven/tomcat-annotations-api.pom?rev=1847744&r1=1847743&r2=1847744&view=diff == --- tomcat/trunk/res/maven/tomcat-annotations-api.pom (original) +++ tomcat/trunk/res/maven/tomcat-annotations-api.pom Thu Nov 29 17:46:45 2018 @@ -15,7 +15,10 @@ See the License for the specific language governing permissions and limitations under the License. --> - +http://maven.apache.org/POM/4.0.0"; + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; + xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 + http://maven.apache.org/xsd/maven-4.0.0.xsd";> 4.0.0 org.apache.tomcat tomcat-annotations-api Modified: tomcat/trunk/res/maven/tomcat-api.pom URL: http://svn.apache.org/viewvc/tomcat/trunk/res/maven/tomcat-api.pom?rev=1847744&r1=1847743&r2=1847744&view=diff == --- tomcat/trunk/res/maven/tomcat-api.pom (original) +++ tomcat/trunk/res/maven/tomcat-api.pom Thu Nov 29 17:46:45 2018 @@ -15,7 +15,10 @@ See the License for the specific language governing permissions and limitations under the License. --> - +http://maven.apache.org/POM/4.0.0"; + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; + xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 + http://maven.apache.org/xsd/maven-4.0.0.xsd";> 4.0.0 org.apache.tomcat tomcat-api Modified: tomcat/trunk/res/maven/tomcat-catalina-ant.pom URL: http://svn.apache.org/viewvc/tomcat/trunk/res/maven/tomcat-catalina-ant.pom?rev=1847744&r1=1847743&r2=1847744&view=diff == --- tomcat/trunk/res/maven/tomcat-catalina-ant.pom (original) +++ tomcat/trunk/res/maven/tomcat-catalina-ant.pom Thu Nov 29 17:46:45 2018 @@ -15,7 +15,10 @
[Bug 62965] New: Some request will get the response intended for others similar to CVE-2018-8037
https://bz.apache.org/bugzilla/show_bug.cgi?id=62965 Bug ID: 62965 Summary: Some request will get the response intended for others similar to CVE-2018-8037 Product: Tomcat Connectors Version: 1.2.43 Hardware: Other OS: Linux Status: NEW Severity: major Priority: P2 Component: mod_jk Assignee: dev@tomcat.apache.org Reporter: yo...@oclc.org Target Milestone: --- Tomcat Version: 8.5.34 Apache Version: 2.4.29 mod_jk Version: 1.2.43 java Version: jdk1.8.0_20 Operating System: Red Hat Enterprise Linux Kernel Release: 3.10.0-862.6.3.el7.x86_64 AJP Connector configuration:
[Bug 62965] Some request will get the response intended for others similar to CVE-2018-8037
https://bz.apache.org/bugzilla/show_bug.cgi?id=62965 --- Comment #1 from Christopher Schultz --- (a) What is your evidence that tomcat responses are being confused? (b) Why would you report a vulnerability "this bad" on a public bug-tracker? If you have legitimate proof of a vulnerability, please submit it to secur...@tomcat.apache.org. Before submitting anything else, anywhere, please enable facade-recycling by setting this system property and re-testing. org.apache.catalina.connector.RECYCLE_FACADES=true If your response-confusion turns into IllegalStateExceptions, then the problem is with your application's code retaining references to request and response objects past their intended lifetimes, and the bug is within your application. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 62965] Some request will get the response intended for others similar to CVE-2018-8037
https://bz.apache.org/bugzilla/show_bug.cgi?id=62965 Mark Thomas changed: What|Removed |Added Resolution|--- |INVALID Status|NEW |RESOLVED -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1847747 - in /tomcat/trunk/java/org/apache: catalina/core/LocalStrings.properties catalina/core/StandardEngine.java catalina/startup/Catalina.java catalina/startup/LocalStrings.properties
Author: remm
Date: Thu Nov 29 19:46:04 2018
New Revision: 1847747
URL: http://svn.apache.org/viewvc?rev=1847747&view=rev
Log:
i18n and cleanup
Modified:
tomcat/trunk/java/org/apache/catalina/core/LocalStrings.properties
tomcat/trunk/java/org/apache/catalina/core/StandardEngine.java
tomcat/trunk/java/org/apache/catalina/startup/Catalina.java
tomcat/trunk/java/org/apache/catalina/startup/LocalStrings.properties
tomcat/trunk/java/org/apache/tomcat/util/net/NioSelectorPool.java
Modified: tomcat/trunk/java/org/apache/catalina/core/LocalStrings.properties
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/core/LocalStrings.properties?rev=1847747&r1=1847746&r2=1847747&view=diff
==
--- tomcat/trunk/java/org/apache/catalina/core/LocalStrings.properties [UTF-8]
(original)
+++ tomcat/trunk/java/org/apache/catalina/core/LocalStrings.properties [UTF-8]
Thu Nov 29 19:46:04 2018
@@ -209,6 +209,7 @@ standardContextValve.acknowledgeExceptio
standardEngine.jvmRouteFail=Failed to set Engine's jvmRoute attribute from
system property
standardEngine.notHost=Child of an Engine must be a Host
standardEngine.notParent=Engine cannot have a parent Container
+standardEngine.start=Starting Servlet engine: [{0}]
standardHost.clientAbort=Remote Client Aborted Request, IOException: [{0}]
standardHost.invalidErrorReportValveClass=Couldn''t load specified error
report valve class: [{0}]
Modified: tomcat/trunk/java/org/apache/catalina/core/StandardEngine.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/core/StandardEngine.java?rev=1847747&r1=1847746&r2=1847747&view=diff
==
--- tomcat/trunk/java/org/apache/catalina/core/StandardEngine.java (original)
+++ tomcat/trunk/java/org/apache/catalina/core/StandardEngine.java Thu Nov 29
19:46:04 2018
@@ -254,8 +254,9 @@ public class StandardEngine extends Cont
protected synchronized void startInternal() throws LifecycleException {
// Log our server identification information
-if(log.isInfoEnabled())
-log.info( "Starting Servlet Engine: " +
ServerInfo.getServerInfo());
+if (log.isInfoEnabled()) {
+log.info(sm.getString("standardEngine.start",
ServerInfo.getServerInfo()));
+}
// Standard container startup
super.startInternal();
Modified: tomcat/trunk/java/org/apache/catalina/startup/Catalina.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/startup/Catalina.java?rev=1847747&r1=1847746&r2=1847747&view=diff
==
--- tomcat/trunk/java/org/apache/catalina/startup/Catalina.java (original)
+++ tomcat/trunk/java/org/apache/catalina/startup/Catalina.java Thu Nov 29
19:46:04 2018
@@ -626,7 +626,7 @@ public class Catalina {
}
if (getServer() == null) {
-log.fatal("Cannot start server. Server instance is not
configured.");
+log.fatal(sm.getString("catalina.noServer"));
return;
}
@@ -647,7 +647,7 @@ public class Catalina {
long t2 = System.nanoTime();
if(log.isInfoEnabled()) {
-log.info("Server startup in " + ((t2 - t1) / 100) + " ms");
+log.info(sm.getString("catalina.startup", ((t2 - t1) / 100)));
}
// Register shutdown hook
Modified: tomcat/trunk/java/org/apache/catalina/startup/LocalStrings.properties
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/startup/LocalStrings.properties?rev=1847747&r1=1847746&r2=1847747&view=diff
==
--- tomcat/trunk/java/org/apache/catalina/startup/LocalStrings.properties
[UTF-8] (original)
+++ tomcat/trunk/java/org/apache/catalina/startup/LocalStrings.properties
[UTF-8] Thu Nov 29 19:46:04 2018
@@ -15,8 +15,10 @@
catalina.configFail=Unable to load server configuration from [{0}]
catalina.noCluster=Cluster RuleSet not found due to [{0}]. Cluster
configuration disabled.
+catalina.noServer=Cannot start server, server instance is not configured
catalina.serverStartFail=The required Server component failed to start so
Tomcat is unable to start.
catalina.shutdownHookFail=The shutdown hook experienced an error while trying
to stop the server
+catalina.startup=Server startup in [{0}] milliseconds
catalina.stopServer=No shutdown port configured. Shut down server through OS
signal. Server not shut down.
catalina.stopServer.connectException=Could not contact [{0}:{1}] (base port
[{2}] and offset [{3}]). Tomcat may not be running.
Modified: tomcat/trunk/java/org/apache/tomcat/util/net/NioSelectorPool.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/net/NioSelectorPool.java?rev=1847747&r1
Re: svn commit: r1847747 - in /tomcat/trunk/java/org/apache: catalina/core/LocalStrings.properties catalina/core/StandardEngine.java catalina/startup/Catalina.java catalina/startup/LocalStrings.proper
On 29/11/2018 19:46, r...@apache.org wrote: > Author: remm > Date: Thu Nov 29 19:46:04 2018 > New Revision: 1847747 > > URL: http://svn.apache.org/viewvc?rev=1847747&view=rev > Log: > i18n and cleanup I've added these new terms to POEditor. Mark - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: svn commit: r1847747 - in /tomcat/trunk/java/org/apache: catalina/core/LocalStrings.properties catalina/core/StandardEngine.java catalina/startup/Catalina.java catalina/startup/LocalStrings.proper
On Thu, Nov 29, 2018 at 9:02 PM Mark Thomas wrote: > On 29/11/2018 19:46, r...@apache.org wrote: > > Author: remm > > Date: Thu Nov 29 19:46:04 2018 > > New Revision: 1847747 > > > > URL: http://svn.apache.org/viewvc?rev=1847747&view=rev > > Log: > > i18n and cleanup > > I've added these new terms to POEditor. > Thanks, I started with the "100%" French i18n (first time ever !) and noticed some most common strings were hardcoded. i18n is still a WIP I guess. Rémy
Re: svn commit: r1847747 - in /tomcat/trunk/java/org/apache: catalina/core/LocalStrings.properties catalina/core/StandardEngine.java catalina/startup/Catalina.java catalina/startup/LocalStrings.proper
On 29/11/2018 20:05, Rémy Maucherat wrote: > On Thu, Nov 29, 2018 at 9:02 PM Mark Thomas wrote: > >> On 29/11/2018 19:46, r...@apache.org wrote: >>> Author: remm >>> Date: Thu Nov 29 19:46:04 2018 >>> New Revision: 1847747 >>> >>> URL: http://svn.apache.org/viewvc?rev=1847747&view=rev >>> Log: >>> i18n and cleanup >> >> I've added these new terms to POEditor. >> > > Thanks, I started with the "100%" French i18n (first time ever !) and > noticed some most common strings were hardcoded. i18n is still a WIP I > guess. Indeed. There is some low hanging fruit for a new contributor there. It shouldn't be too hard to write a regular expression to look for (non-debug) logging calls that don't use a StringManager. I see you've added the French translations. I'll get those imported shortly. Mark - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1847751 - in /tomcat/trunk/java/org/apache: catalina/core/LocalStrings_fr.properties catalina/startup/LocalStrings_fr.properties coyote/http11/LocalStrings_fr.properties
Author: markt
Date: Thu Nov 29 20:15:11 2018
New Revision: 1847751
URL: http://svn.apache.org/viewvc?rev=1847751&view=rev
Log:
Update French translations
Modified:
tomcat/trunk/java/org/apache/catalina/core/LocalStrings_fr.properties
tomcat/trunk/java/org/apache/catalina/startup/LocalStrings_fr.properties
tomcat/trunk/java/org/apache/coyote/http11/LocalStrings_fr.properties
Modified: tomcat/trunk/java/org/apache/catalina/core/LocalStrings_fr.properties
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/core/LocalStrings_fr.properties?rev=1847751&r1=1847750&r2=1847751&view=diff
==
--- tomcat/trunk/java/org/apache/catalina/core/LocalStrings_fr.properties
[UTF-8] (original)
+++ tomcat/trunk/java/org/apache/catalina/core/LocalStrings_fr.properties
[UTF-8] Thu Nov 29 20:15:11 2018
@@ -209,6 +209,7 @@ standardContextValve.acknowledgeExceptio
standardEngine.jvmRouteFail=Impossible de fixer la jvmRoute de l'Engine à
partir d'une propriété système
standardEngine.notHost=Le fils d'un moteur (child of an Engine) doit être un
hôte
standardEngine.notParent=Un moteur (engine) ne peut avoir de conteneur parent
(container)
+standardEngine.start=Démarrage du moteur de Servlets: [{0}]
standardHost.clientAbort=Le client distant a abandonné la requête,
IOException: [{0}]
standardHost.invalidErrorReportValveClass=Impossible de charger la classe
valve de rapport d''erreur: [{0}]
@@ -221,6 +222,7 @@ standardHostValue.customStatusFailed=La
standardServer.accept.timeout=Le socket qui écoute en attendant la commande
d''arrêt a rencontré un délai d''attente dépassé inattendu [{0}] millisecondes
après l''appel à accept()
standardServer.awaitSocket.fail=Impossible de créer le sokcet d''arrêt du
serveur à l''adresse [{0}] et au port [{1}] (port de base [{2}] et offset [{3}])
+standardServer.periodicEventError=Erreur lors de l'envoi de l'évènement
périodique
standardServer.portOffset.invalid=La valeur [{0}] pour portOffset est invalide
car elle ne peut pas être négative
standardServer.shutdownViaPort=Une commande d'arrêt valide a été reçue sur le
port d'arrêt, arrêt de l'instance du serveur
standardServer.storeConfig.notAvailable=Aucune implémentation de StoreConfig
n''a été enregistrée comme un MBean nommé [{0}], et aucune configuration n''a
donc été enregistrée. Un MBean adéquat est normalement référencé via le
StoreConfigLifecycleListener
Modified:
tomcat/trunk/java/org/apache/catalina/startup/LocalStrings_fr.properties
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/startup/LocalStrings_fr.properties?rev=1847751&r1=1847750&r2=1847751&view=diff
==
--- tomcat/trunk/java/org/apache/catalina/startup/LocalStrings_fr.properties
[UTF-8] (original)
+++ tomcat/trunk/java/org/apache/catalina/startup/LocalStrings_fr.properties
[UTF-8] Thu Nov 29 20:15:11 2018
@@ -15,8 +15,10 @@
catalina.configFail=Impossible de charger la configuration du serveur depuis
[{0}]
catalina.noCluster=le RuleSet du cluster n''a pas été trouvé à cause de [{0}],
la configuration du cluster est désactivée
+catalina.noServer=Impossible de démarrer le serveur, l'instance n'est pas
configurée
catalina.serverStartFail=Le composant Server requis n'a pas démarré, en
conséquence Tomcat ne peut démarrer.
catalina.shutdownHookFail=Le crochet d'arrêt a rencontré une erreur en tentant
d'arrêter le serveur
+catalina.startup=Le démarrage du serveur a pris [{0}] millisecondes
catalina.stopServer=Pas de port d'arrêt configuré, l'arrêt du serveur se fera
via un signal du système d'exploitation; le serveur est en cours d'exécution
catalina.stopServer.connectException=Impossible de se connecter à [{0}:{1}]
(port de base [{2}] et offset [{3}]), Tomcat peut ne pas être en cours
d'exécution
@@ -109,7 +111,7 @@ hostConfig.deploy.error=Exception lors d
hostConfig.deployDescriptor=Déploiement du descripteur de configuration [{0}]
hostConfig.deployDescriptor.blocked=L''application web dont le chemin est
[{0}] n''a pas été déployée car elle contenait un descripteur de déploiement
[{1}] qui pourrait inclure de la configuration nécessaire pour le déploiement
sécurisé de l''application mais ce traitement est empêché par le paramètre
deployXML pour cet hôte, un descripteur approprié devrait être crée à [{2}]
pour déployer cette application
hostConfig.deployDescriptor.error=Erreur lors du déploiement du descripteur de
configuration [{0}]
-hostConfig.deployDescriptor.finished=Le traitement du descripteur de
traitement [{0}] a pris [{1}] ms
+hostConfig.deployDescriptor.finished=Le traitement du descripteur de
déploiement [{0}] a pris [{1}] ms
hostConfig.deployDescriptor.hiddenDir=Le déploiement du descripteur [{0}] avec
une docBase externe signifie que le répertoire [{1}] qui est dans appBase sera
ignoré
hostConfig.deployDescr
svn commit: r1847752 - in /tomcat/trunk: java/org/apache/catalina/authenticator/ java/org/apache/catalina/authenticator/jaspic/ java/org/apache/catalina/connector/ java/org/apache/catalina/core/ java/
Author: markt
Date: Thu Nov 29 20:22:29 2018
New Revision: 1847752
URL: http://svn.apache.org/viewvc?rev=1847752&view=rev
Log:
Update Japanese translations
Added:
tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/LocalStrings_ja.properties
(with props)
tomcat/trunk/java/org/apache/catalina/deploy/LocalStrings_ja.properties
(with props)
tomcat/trunk/java/org/apache/catalina/manager/host/LocalStrings_ja.properties
(with props)
tomcat/trunk/java/org/apache/catalina/tribes/group/LocalStrings_ja.properties
(with props)
tomcat/trunk/java/org/apache/catalina/tribes/membership/cloud/LocalStrings_ja.properties
(with props)
tomcat/trunk/java/org/apache/catalina/tribes/tipis/LocalStrings_ja.properties
(with props)
tomcat/trunk/java/org/apache/catalina/tribes/util/LocalStrings_ja.properties
(with props)
tomcat/trunk/java/org/apache/tomcat/util/buf/LocalStrings_ja.properties
(with props)
tomcat/trunk/java/org/apache/tomcat/util/compat/LocalStrings_ja.properties
(with props)
tomcat/trunk/java/org/apache/tomcat/util/descriptor/web/LocalStrings_ja.properties
(with props)
tomcat/trunk/java/org/apache/tomcat/util/digester/LocalStrings_ja.properties
(with props)
tomcat/trunk/java/org/apache/tomcat/util/http/parser/LocalStrings_ja.properties
(with props)
tomcat/trunk/java/org/apache/tomcat/util/scan/LocalStrings_ja.properties
(with props)
Modified:
tomcat/trunk/java/org/apache/catalina/authenticator/LocalStrings_ja.properties
tomcat/trunk/java/org/apache/catalina/connector/LocalStrings_ja.properties
tomcat/trunk/java/org/apache/catalina/core/LocalStrings_ja.properties
tomcat/trunk/java/org/apache/catalina/filters/LocalStrings_ja.properties
tomcat/trunk/java/org/apache/catalina/ha/deploy/LocalStrings_ja.properties
tomcat/trunk/java/org/apache/catalina/ha/session/LocalStrings_ja.properties
tomcat/trunk/java/org/apache/catalina/loader/LocalStrings_ja.properties
tomcat/trunk/java/org/apache/catalina/manager/LocalStrings_ja.properties
tomcat/trunk/java/org/apache/catalina/realm/LocalStrings_ja.properties
tomcat/trunk/java/org/apache/catalina/servlets/LocalStrings_ja.properties
tomcat/trunk/java/org/apache/catalina/startup/LocalStrings_ja.properties
tomcat/trunk/java/org/apache/catalina/tribes/group/interceptors/LocalStrings_ja.properties
tomcat/trunk/java/org/apache/catalina/tribes/membership/LocalStrings_ja.properties
tomcat/trunk/java/org/apache/catalina/users/LocalStrings_ja.properties
tomcat/trunk/java/org/apache/catalina/valves/LocalStrings_ja.properties
tomcat/trunk/java/org/apache/coyote/http11/LocalStrings_ja.properties
tomcat/trunk/java/org/apache/coyote/http11/filters/LocalStrings_ja.properties
tomcat/trunk/java/org/apache/coyote/http11/upgrade/LocalStrings_ja.properties
tomcat/trunk/java/org/apache/coyote/http2/LocalStrings_ja.properties
tomcat/trunk/java/org/apache/jasper/resources/LocalStrings_ja.properties
tomcat/trunk/java/org/apache/tomcat/util/LocalStrings_ja.properties
tomcat/trunk/java/org/apache/tomcat/util/net/LocalStrings_ja.properties
tomcat/trunk/java/org/apache/tomcat/util/net/openssl/LocalStrings_ja.properties
tomcat/trunk/java/org/apache/tomcat/websocket/LocalStrings_ja.properties
tomcat/trunk/webapps/examples/WEB-INF/classes/LocalStrings_ja.properties
Modified:
tomcat/trunk/java/org/apache/catalina/authenticator/LocalStrings_ja.properties
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/authenticator/LocalStrings_ja.properties?rev=1847752&r1=1847751&r2=1847752&view=diff
==
---
tomcat/trunk/java/org/apache/catalina/authenticator/LocalStrings_ja.properties
[UTF-8] (original)
+++
tomcat/trunk/java/org/apache/catalina/authenticator/LocalStrings_ja.properties
[UTF-8] Thu Nov 29 20:22:29 2018
@@ -23,3 +23,4 @@ authenticator.unauthorized=用意され�
singleSignOn.debug.principalFound=SSO のキャッシュされたプリンシパル [{0}] を取得しました。認証タイプは
[{1}] です。
singleSignOn.sessionExpire.hostNotFound=ホストが見つからないため SSO セッション [{0}] を失効できません。
+singleSignOn.sessionExpire.managerError=セッションを検索するときにManagerが例外をスローしたため、SSOはセッション[{0}]を期限切れにできません
Added:
tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/LocalStrings_ja.properties
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/LocalStrings_ja.properties?rev=1847752&view=auto
==
---
tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/LocalStrings_ja.properties
(added)
+++
tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/LocalStrings_ja.properties
Thu Nov 29 20:22:29 2018
@@ -0,0 +1,19 @@
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements. See the NOTICE file distributed with
+# thi
svn commit: r1847754 - in /tomcat/trunk/java/org/apache: catalina/authenticator/ catalina/connector/ catalina/core/ catalina/ha/deploy/ catalina/tribes/group/interceptors/ catalina/tribes/tipis/ coyot
Author: markt
Date: Thu Nov 29 20:24:54 2018
New Revision: 1847754
URL: http://svn.apache.org/viewvc?rev=1847754&view=rev
Log:
Update Spanish translations
Added:
tomcat/trunk/java/org/apache/tomcat/websocket/pojo/LocalStrings_es.properties
(with props)
Modified:
tomcat/trunk/java/org/apache/catalina/authenticator/LocalStrings_es.properties
tomcat/trunk/java/org/apache/catalina/connector/LocalStrings_es.properties
tomcat/trunk/java/org/apache/catalina/core/LocalStrings_es.properties
tomcat/trunk/java/org/apache/catalina/ha/deploy/LocalStrings_es.properties
tomcat/trunk/java/org/apache/catalina/tribes/group/interceptors/LocalStrings_es.properties
tomcat/trunk/java/org/apache/catalina/tribes/tipis/LocalStrings_es.properties
tomcat/trunk/java/org/apache/coyote/http11/filters/LocalStrings_es.properties
tomcat/trunk/java/org/apache/tomcat/util/LocalStrings_es.properties
tomcat/trunk/java/org/apache/tomcat/util/net/LocalStrings_es.properties
Modified:
tomcat/trunk/java/org/apache/catalina/authenticator/LocalStrings_es.properties
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/authenticator/LocalStrings_es.properties?rev=1847754&r1=1847753&r2=1847754&view=diff
==
---
tomcat/trunk/java/org/apache/catalina/authenticator/LocalStrings_es.properties
[UTF-8] (original)
+++
tomcat/trunk/java/org/apache/catalina/authenticator/LocalStrings_es.properties
[UTF-8] Thu Nov 29 20:24:54 2018
@@ -15,6 +15,7 @@
authenticator.certificates=No hay cadena de certificados del cliente en esta
petición
authenticator.formlogin=Referencia directa al formulario de conexión (página
de formulario de login) inválida
+authenticator.jaspicCleanSubjectFail=Fallo al limpiar el elemento JASPIC \n
authenticator.jaspicServerAuthContextFail=Fallo al intentar obtener una
instancia JASPIC ServerAuthContext
authenticator.loginFail=No pude ingresar
authenticator.manager=Excepción inicializando administradores de confianza
Modified:
tomcat/trunk/java/org/apache/catalina/connector/LocalStrings_es.properties
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/connector/LocalStrings_es.properties?rev=1847754&r1=1847753&r2=1847754&view=diff
==
--- tomcat/trunk/java/org/apache/catalina/connector/LocalStrings_es.properties
[UTF-8] (original)
+++ tomcat/trunk/java/org/apache/catalina/connector/LocalStrings_es.properties
[UTF-8] Thu Nov 29 20:24:54 2018
@@ -31,6 +31,7 @@ coyoteRequest.authenticate.ise=No puedo
coyoteRequest.chunkedPostTooLarge=No se han analizado los parámetros porque la
medida de los datos enviados meiante "post" era demasiado grande. Debido a que
este requerimiento es una parte del original, no puede ser procesado. Utiliza
el atributo "maxPostSize" del conector para resolver esta situación, en caso de
que la aplicación deba de aceptar POSTs mayores.
coyoteRequest.getInputStream.ise=getReader() ya ha sido llamado para este
requerimiento
coyoteRequest.getReader.ise=getInputStream() ya ha sido llamado para este
requerimiento
+coyoteRequest.gssLifetimeFail=Fallo al obtener el tiempo de vida restante para
el usuario principal [{0}]\n
coyoteRequest.noMultipartConfig=Imposible procesar partes debido a que se ha
proveído una configuración no multipartes
coyoteRequest.parseParameters=Excepción lanzada al procesar parámetros POST
coyoteRequest.postTooLarge=No se analizaron los parámetros porque la medida de
los datos enviados era demasiado grande. Usa el atributo maxPostSize del
conector para resolver esto en caso de que la aplicación debiera de aceptar
POSTs más grandes.
Modified: tomcat/trunk/java/org/apache/catalina/core/LocalStrings_es.properties
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/core/LocalStrings_es.properties?rev=1847754&r1=1847753&r2=1847754&view=diff
==
--- tomcat/trunk/java/org/apache/catalina/core/LocalStrings_es.properties
[UTF-8] (original)
+++ tomcat/trunk/java/org/apache/catalina/core/LocalStrings_es.properties
[UTF-8] Thu Nov 29 20:24:54 2018
@@ -48,6 +48,8 @@ applicationFilterConfig.jmxUnregisterFai
applicationFilterRegistration.nullInitParam=No puedo poner el parámetro de
inicialización para el filtro debido a un nombre nulo y/o valor. Nombre [{0}],
Valor [{1}]
applicationFilterRegistration.nullInitParams=No puedo poner los parámetros de
inicialización para el filtro debido a un nombre nulo y/o valor. Nombre [{0}],
Valor [{1}]
+applicationPushBuilder.noCoyoteRequest=Imposible encontrar la petición de
objeto original de Coyote (La cual es requerida para crear una solicitud tipo
push) de la solicitud de tipo [{0}]
+
applicationServletRegistration.setServletSecurity.iae=Se ha especificado
restricción Null para el servlet [{0}] desple
svn commit: r1847755 - in /tomcat/trunk: java/org/apache/catalina/connector/LocalStrings_de.properties java/org/apache/jasper/resources/LocalStrings_de.properties webapps/examples/WEB-INF/classes/Loca
Author: markt
Date: Thu Nov 29 20:25:43 2018
New Revision: 1847755
URL: http://svn.apache.org/viewvc?rev=1847755&view=rev
Log:
Update German translations
Modified:
tomcat/trunk/java/org/apache/catalina/connector/LocalStrings_de.properties
tomcat/trunk/java/org/apache/jasper/resources/LocalStrings_de.properties
tomcat/trunk/webapps/examples/WEB-INF/classes/LocalStrings_de.properties
Modified:
tomcat/trunk/java/org/apache/catalina/connector/LocalStrings_de.properties
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/connector/LocalStrings_de.properties?rev=1847755&r1=1847754&r2=1847755&view=diff
==
--- tomcat/trunk/java/org/apache/catalina/connector/LocalStrings_de.properties
(original)
+++ tomcat/trunk/java/org/apache/catalina/connector/LocalStrings_de.properties
Thu Nov 29 20:25:43 2018
@@ -13,6 +13,8 @@
# See the License for the specific language governing permissions and
# limitations under the License.
+coyoteConnector.invalidEncoding=Das Encoding [{0}] wird von der JRE nicht
erkannt. Der Konnektor wird weiterhin [{1}] nutzen
+
coyoteRequest.gssLifetimeFail=Die verbleibende Lebenzeit für den Principal
[{0}] konnte nicht ermittelt werden.
responseFacade.nullResponse=Das Response Objekt ist wiederverwendet worden und
nicht mehr mit der Facade verknüpft.
Modified:
tomcat/trunk/java/org/apache/jasper/resources/LocalStrings_de.properties
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/jasper/resources/LocalStrings_de.properties?rev=1847755&r1=1847754&r2=1847755&view=diff
==
--- tomcat/trunk/java/org/apache/jasper/resources/LocalStrings_de.properties
(original)
+++ tomcat/trunk/java/org/apache/jasper/resources/LocalStrings_de.properties
Thu Nov 29 20:25:43 2018
@@ -19,11 +19,13 @@ jsp.error.attribute.noequal=Gleichheitsz
jsp.error.attribute.nowhitespace=Die JSP Spezifikation verlangt, dass einem
Attribut Namen ein Leerzeichen vorangeht.
jsp.error.data.file.processing=Fehler beim Verarbeiten der Datei [{0}]
jsp.error.el.template.deferred=#{...} is im Template Text nicht erlaubt
+jsp.error.jspbody.required=jsp:body muss für den Tag Inhalt für [{0}]
genutzt genutzt werden, wenn jsp:attribute benutzt wird
jsp.error.no.scriptlets=Die Skript-Elemente ( <%!,
svn commit: r1847756 - in /tomcat/trunk/java/org/apache: catalina/connector/ catalina/core/ catalina/filters/ catalina/ha/deploy/ catalina/loader/ catalina/realm/ catalina/servlets/ catalina/startup/
Author: markt
Date: Thu Nov 29 20:26:32 2018
New Revision: 1847756
URL: http://svn.apache.org/viewvc?rev=1847756&view=rev
Log:
UPdate Russian
Added:
tomcat/trunk/java/org/apache/catalina/loader/LocalStrings_ru.properties
(with props)
tomcat/trunk/java/org/apache/catalina/tribes/membership/LocalStrings_ru.properties
(with props)
tomcat/trunk/java/org/apache/catalina/tribes/tipis/LocalStrings_ru.properties
(with props)
tomcat/trunk/java/org/apache/coyote/http11/upgrade/LocalStrings_ru.properties
(with props)
tomcat/trunk/java/org/apache/tomcat/util/http/LocalStrings_ru.properties
(with props)
tomcat/trunk/java/org/apache/tomcat/websocket/LocalStrings_ru.properties
(with props)
tomcat/trunk/java/org/apache/tomcat/websocket/pojo/LocalStrings_ru.properties
(with props)
Modified:
tomcat/trunk/java/org/apache/catalina/connector/LocalStrings_ru.properties
tomcat/trunk/java/org/apache/catalina/core/LocalStrings_ru.properties
tomcat/trunk/java/org/apache/catalina/filters/LocalStrings_ru.properties
tomcat/trunk/java/org/apache/catalina/ha/deploy/LocalStrings_ru.properties
tomcat/trunk/java/org/apache/catalina/realm/LocalStrings_ru.properties
tomcat/trunk/java/org/apache/catalina/servlets/LocalStrings_ru.properties
tomcat/trunk/java/org/apache/catalina/startup/LocalStrings_ru.properties
tomcat/trunk/java/org/apache/catalina/valves/LocalStrings_ru.properties
tomcat/trunk/java/org/apache/jasper/resources/LocalStrings_ru.properties
tomcat/trunk/java/org/apache/tomcat/util/net/LocalStrings_ru.properties
Modified:
tomcat/trunk/java/org/apache/catalina/connector/LocalStrings_ru.properties
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/connector/LocalStrings_ru.properties?rev=1847756&r1=1847755&r2=1847756&view=diff
==
--- tomcat/trunk/java/org/apache/catalina/connector/LocalStrings_ru.properties
(original)
+++ tomcat/trunk/java/org/apache/catalina/connector/LocalStrings_ru.properties
Thu Nov 29 20:26:32 2018
@@ -13,4 +13,5 @@
# See the License for the specific language governing permissions and
# limitations under the License.
+coyoteAdapter.debug=ÐеÑÐµÐ¼ÐµÐ½Ð½Ð°Ñ [{0}] Ð¸Ð¼ÐµÐµÑ Ð·Ð½Ð°Ñение
[{1}]
coyoteAdapter.parsePathParam=Ðевозможно ÑазобÑаÑÑ
паÑамеÑÑÑ Ð¿ÑÑи иÑполÑзÑÑ ÐºÐ¾Ð´Ð¸ÑÐ¾Ð²ÐºÑ [{0}].
ÐаÑамеÑÑÑ Ð±ÑдÑÑ Ð¿ÑоигноÑиÑованÑ.
Modified: tomcat/trunk/java/org/apache/catalina/core/LocalStrings_ru.properties
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/core/LocalStrings_ru.properties?rev=1847756&r1=1847755&r2=1847756&view=diff
==
--- tomcat/trunk/java/org/apache/catalina/core/LocalStrings_ru.properties
(original)
+++ tomcat/trunk/java/org/apache/catalina/core/LocalStrings_ru.properties Thu
Nov 29 20:26:32 2018
@@ -14,4 +14,7 @@
# limitations under the License.
applicationContext.addJspFile.iae=Файл JSP [{0}] ÑодеÑжиÑ
оÑибки
+applicationContext.addListener.iae.cnfe=Ðевозможно ÑоздаÑÑ
ÑкземплÑÑ Ñипа [{0}]
applicationContext.setAttribute.namenull=ÐÐ¼Ñ Ð½Ðµ Ð¼Ð¾Ð¶ÐµÑ Ð±ÑÑÑ
пÑÑÑÑм
+
+standardWrapper.isUnavailable=СеÑÐ²Ð»ÐµÑ [{0}] вÑеменно
недоÑÑÑпен
Modified:
tomcat/trunk/java/org/apache/catalina/filters/LocalStrings_ru.properties
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/filters/LocalStrings_ru.properties?rev=1847756&r1=1847755&r2=1847756&view=diff
==
--- tomcat/trunk/java/org/apache/catalina/filters/LocalStrings_ru.properties
(original)
+++ tomcat/trunk/java/org/apache/catalina/filters/LocalStrings_ru.properties
Thu Nov 29 20:26:32 2018
@@ -13,6 +13,8 @@
# See the License for the specific language governing permissions and
# limitations under the License.
+corsFilter.invalidPreflightMaxAge=Ðевозможно обÑабоÑаÑÑ
знаÑение preflightMaxAge
+
csrfPrevention.invalidRandomClass=Ðевозможно ÑоздаÑÑ
СлÑÑайнÑй иÑÑоÑник Ñ Ð¿Ð¾Ð¼Ð¾ÑÑÑ [{0}]
http.403=ÐоÑÑÑп к ÑеÑÑÑÑÑ [{0}] бÑл запÑеÑÑн.
Modified:
tomcat/trunk/java/org/apache/catalina/ha/deploy/LocalStrings_ru.properties
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/ha/deploy/LocalStrings_ru.properties?rev=1847756&r1=1847755&r2=1847756&view=diff
==
--- tomcat/trunk/java/org/apache/catalina/ha/deploy/LocalStrings_ru.properties
(original)
+++ tomcat/trunk/java/org/apache/catalina/ha/deploy/LocalStrings_ru.properties
Thu Nov 29 20:26:32 2018
@@ -13,4 +13,6 @@
# See the License for the specific language go
svn commit: r1847757 - in /tomcat/trunk/java/org/apache: catalina/ha/authenticator/LocalStrings_zh_CN.properties catalina/session/LocalStrings_zh_CN.properties coyote/http2/LocalStrings_zh_CN.properti
Author: markt
Date: Thu Nov 29 20:27:17 2018
New Revision: 1847757
URL: http://svn.apache.org/viewvc?rev=1847757&view=rev
Log:
Update Simplified Chinese translations
Added:
tomcat/trunk/java/org/apache/catalina/ha/authenticator/LocalStrings_zh_CN.properties
(with props)
Modified:
tomcat/trunk/java/org/apache/catalina/session/LocalStrings_zh_CN.properties
tomcat/trunk/java/org/apache/coyote/http2/LocalStrings_zh_CN.properties
tomcat/trunk/java/org/apache/tomcat/util/net/LocalStrings_zh_CN.properties
Added:
tomcat/trunk/java/org/apache/catalina/ha/authenticator/LocalStrings_zh_CN.properties
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/ha/authenticator/LocalStrings_zh_CN.properties?rev=1847757&view=auto
==
---
tomcat/trunk/java/org/apache/catalina/ha/authenticator/LocalStrings_zh_CN.properties
(added)
+++
tomcat/trunk/java/org/apache/catalina/ha/authenticator/LocalStrings_zh_CN.properties
Thu Nov 29 20:27:17 2018
@@ -0,0 +1,16 @@
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements. See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+clusterSingleSignOn.clusterLoad.fail=å¨é群å è½½æ¶ï¼
é群åç¹ç»å½å¼å¸¸
Propchange:
tomcat/trunk/java/org/apache/catalina/ha/authenticator/LocalStrings_zh_CN.properties
--
svn:eol-style = native
Modified:
tomcat/trunk/java/org/apache/catalina/session/LocalStrings_zh_CN.properties
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/session/LocalStrings_zh_CN.properties?rev=1847757&r1=1847756&r2=1847757&view=diff
==
--- tomcat/trunk/java/org/apache/catalina/session/LocalStrings_zh_CN.properties
(original)
+++ tomcat/trunk/java/org/apache/catalina/session/LocalStrings_zh_CN.properties
Thu Nov 29 20:27:17 2018
@@ -21,6 +21,7 @@ fileStore.deleteFailed=æ æ³å�
managerBase.contextNull=ä½¿ç¨ Manager ä¹åï¼å¿
é¡»å° Context 设置为é
null å¼
managerBase.createSession.ise=createSessionï¼æ´»è·sessionè¿å¤
+persistentManager.storeKeysException=ä¸è½ä» sessionåå¨ä¸è·åsession
ID çå表ï¼å设åå¨ä¸ºç©º
persistentManager.storeSizeException=æ æ³ç¡®å® session
åå¨åºçä¼è¯æ°ï¼åå®åå¨åºä¸ºç©º
persistentManager.swapIn=å¨è¡¨ååå¨ä¸,交æ¢ä¼è¯[{0}]
persistentManager.swapMaxIdle=交æ¢ä¼è¯[{0}]以åå¨ï¼ç©ºé²ä¸º[{1}]ç§
Modified:
tomcat/trunk/java/org/apache/coyote/http2/LocalStrings_zh_CN.properties
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/coyote/http2/LocalStrings_zh_CN.properties?rev=1847757&r1=1847756&r2=1847757&view=diff
==
--- tomcat/trunk/java/org/apache/coyote/http2/LocalStrings_zh_CN.properties
(original)
+++ tomcat/trunk/java/org/apache/coyote/http2/LocalStrings_zh_CN.properties Thu
Nov 29 20:27:17 2018
@@ -27,6 +27,7 @@ hpackdecoder.tableSizeUpdateNotAtStart=�
http2Parser.headers.wrongStream=è¿æ¥[{0}],
头é¨ä¿¡æ¯å¯¹äºæµ[{1}]æ£å¨è¿è¡ä½å¯¹äºæµ[{2}]çä¸å¸§å·²ç»æ¶å°äºã
http2Parser.nonZeroPadding=è¿æ¥[{0}]ï¼æµ[{1}]ï¼éé¶å¡«å
http2Parser.processFrameData.window=è¿æ¥[{0}]ï¼å®¢æ·ç«¯åéçæ°æ®æ¯æµçªå£å
许çå¤
+http2Parser.processFrameHeaders.decodingDataLeft=æ°æ®å¨HPACK解ç
åä¾ç¶ä¿ç - å®æ¬åºè¯¥è¢«æ¶è´¹æ
http2Parser.processFramePriority.invalidPayloadSize=以[{0}]æ
æçææè´è½½å¤§å°æ¥æ¶çä¼å
级帧ï¼åºè¯¥æ¯5ï¼
http2Parser.processFramePushPromise=请æ±äºæ°çè¿ç¨æµID[{0}]ï¼ä½ææè¿ç¨æµé½å¿
须使ç¨å¥æ°æ è¯ç¬¦\n\
\n
@@ -40,6 +41,7 @@ upgradeHandler.pingFailed=对客æ
upgradeHandler.socketCloseFailed=å
³é socket é误
upgradeHandler.stream.even=\
请æ±äºæ°çè¿ç¨æµID[{0}]ï¼ä½ææè¿ç¨æµé½å¿
须使ç¨å¥æ°æ
è¯ç¬¦\n\
\n
+upgradeHandler.upgrade=è¿æ¥[{0}], HTTP/1.1 å级å°æµ[1]
upgradeHandler.writeBody=è¿æ¥ [{0}],æ°æ®æµ[{1}], æ°æ®é¿åº¦[{2}]
upgradeHandler.writeHeaders=è¿æ¥ [{0}]ï¼æµ [{1}]
Modified:
tomcat/trunk/java/org/apache/tomcat/util/net/LocalStrings_zh_CN.properties
URL:
http
svn commit: r1847758 - /tomcat/trunk/java/org/apache/catalina/util/LocalStrings_ru.properties
Author: markt
Date: Thu Nov 29 20:27:42 2018
New Revision: 1847758
URL: http://svn.apache.org/viewvc?rev=1847758&view=rev
Log:
Update Russian translations
Added:
tomcat/trunk/java/org/apache/catalina/util/LocalStrings_ru.properties
(with props)
Added: tomcat/trunk/java/org/apache/catalina/util/LocalStrings_ru.properties
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/util/LocalStrings_ru.properties?rev=1847758&view=auto
==
--- tomcat/trunk/java/org/apache/catalina/util/LocalStrings_ru.properties
(added)
+++ tomcat/trunk/java/org/apache/catalina/util/LocalStrings_ru.properties Thu
Nov 29 20:27:42 2018
@@ -0,0 +1,16 @@
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements. See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+introspection.classLoadFailed=Ðе возможно закÑÑзиÑÑ
клаÑÑ [{0}]
Propchange:
tomcat/trunk/java/org/apache/catalina/util/LocalStrings_ru.properties
--
svn:eol-style = native
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1847759 - /tomcat/trunk/java/org/apache/coyote/LocalStrings_ja.properties
Author: markt Date: Thu Nov 29 20:27:59 2018 New Revision: 1847759 URL: http://svn.apache.org/viewvc?rev=1847759&view=rev Log: Update Japanese translations Modified: tomcat/trunk/java/org/apache/coyote/LocalStrings_ja.properties Modified: tomcat/trunk/java/org/apache/coyote/LocalStrings_ja.properties URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/coyote/LocalStrings_ja.properties?rev=1847759&r1=1847758&r2=1847759&view=diff == --- tomcat/trunk/java/org/apache/coyote/LocalStrings_ja.properties (original) +++ tomcat/trunk/java/org/apache/coyote/LocalStrings_ja.properties Thu Nov 29 20:27:59 2018 @@ -13,4 +13,6 @@ # See the License for the specific language governing permissions and # limitations under the License. +abstractProtocolHandler.asyncTimeoutError=éåæã¿ã¤ã ã¢ã¦ãå¦çã¨ã©ã¼ + response.writeListenerSet=ãã³ããããã³ã°æ¸ãè¾¼ã¿ãªã¹ãã¼ãè¨å®æ¸ã¿ã§ã - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1847760 - /tomcat/trunk/java/org/apache/catalina/authenticator/LocalStrings_pt_BR.properties
Author: markt
Date: Thu Nov 29 20:28:40 2018
New Revision: 1847760
URL: http://svn.apache.org/viewvc?rev=1847760&view=rev
Log:
Update Brazilian Portuguese
Modified:
tomcat/trunk/java/org/apache/catalina/authenticator/LocalStrings_pt_BR.properties
Modified:
tomcat/trunk/java/org/apache/catalina/authenticator/LocalStrings_pt_BR.properties
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/authenticator/LocalStrings_pt_BR.properties?rev=1847760&r1=1847759&r2=1847760&view=diff
==
---
tomcat/trunk/java/org/apache/catalina/authenticator/LocalStrings_pt_BR.properties
(original)
+++
tomcat/trunk/java/org/apache/catalina/authenticator/LocalStrings_pt_BR.properties
Thu Nov 29 20:28:40 2018
@@ -15,5 +15,6 @@
authenticator.jaspicServerAuthContextFail=Falha ao obter uma instância do
JASPIC ServerAuthContext
+singleSignOn.debug.principalFound=SSO encontrou Principal cacheado [{0}] com
tipo de autenticação [{1}]
singleSignOn.sessionExpire.hostNotFound=ImpossÃvel experar sessão SSO [{0}]
porque o host não foi encontrado
singleSignOn.sessionExpire.managerError=SSO impossÃvel de esperar sessão
[{0}] porque o Manager lançou uma exception quando realizava busca pela sessão
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1847761 - /tomcat/trunk/webapps/docs/changelog.xml
Author: markt Date: Thu Nov 29 20:33:28 2018 New Revision: 1847761 URL: http://svn.apache.org/viewvc?rev=1847761&view=rev Log: Update translation contributors Modified: tomcat/trunk/webapps/docs/changelog.xml Modified: tomcat/trunk/webapps/docs/changelog.xml URL: http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1847761&r1=1847760&r2=1847761&view=diff == --- tomcat/trunk/webapps/docs/changelog.xml (original) +++ tomcat/trunk/webapps/docs/changelog.xml Thu Nov 29 20:33:28 2018 @@ -203,8 +203,8 @@ Expand the coverage and quality of the Russian translations provided -with Apache Tomcat. Includes contributions from solomax and Rafael -Sachakov. (markt) +with Apache Tomcat. Includes contributions from solomax, Rafael Sachakov +and Andrei Maiseyenka. (markt) Expand the coverage and quality of the German translations provided @@ -212,6 +212,11 @@ Daniel Wehringer and Felix Schumacher. (markt) +Expand the coverage and quality of the Japanese translations provided +with Apache Tomcat. Includes contributions from Yujiorama, +motohashi.yuki and kfujino. (markt) + + Add Brazilian Portuguese translations to Apache Tomcat. Includes contributions from geraldo netto. (markt) - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: svn commit: r1847747 - in /tomcat/trunk/java/org/apache: catalina/core/LocalStrings.properties catalina/core/StandardEngine.java catalina/startup/Catalina.java catalina/startup/LocalStrings.proper
On Thu, Nov 29, 2018 at 9:08 PM Mark Thomas wrote: > Indeed. There is some low hanging fruit for a new contributor there. It > shouldn't be too hard to write a regular expression to look for > (non-debug) logging calls that don't use a StringManager. > > I see you've added the French translations. I'll get those imported > shortly. > > Now that the initial poeditor setup is done, you could update only once before each tag, it would probably be enough. Rémy
svn commit: r1847762 - in /tomcat/trunk/java/org/apache/catalina/startup: Catalina.java LocalStrings.properties
Author: remm
Date: Thu Nov 29 20:36:53 2018
New Revision: 1847762
URL: http://svn.apache.org/viewvc?rev=1847762&view=rev
Log:
More cleanups and strings for Catalina
Modified:
tomcat/trunk/java/org/apache/catalina/startup/Catalina.java
tomcat/trunk/java/org/apache/catalina/startup/LocalStrings.properties
Modified: tomcat/trunk/java/org/apache/catalina/startup/Catalina.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/startup/Catalina.java?rev=1847762&r1=1847761&r2=1847762&view=diff
==
--- tomcat/trunk/java/org/apache/catalina/startup/Catalina.java (original)
+++ tomcat/trunk/java/org/apache/catalina/startup/Catalina.java Thu Nov 29
20:36:53 2018
@@ -494,7 +494,7 @@ public class Catalina {
digester.push(this);
digester.parse(is);
} catch (Exception e) {
-log.error("Catalina.stop: ", e);
+log.error(sm.getString("catalina.stopError"), e);
System.exit(1);
}
} else {
@@ -502,7 +502,7 @@ public class Catalina {
try {
s.stop();
} catch (LifecycleException e) {
-log.error("Catalina.stop: ", e);
+log.error(sm.getString("catalina.stopError"), e);
}
return;
}
@@ -521,10 +521,10 @@ public class Catalina {
log.error(sm.getString("catalina.stopServer.connectException",
s.getAddress(),
String.valueOf(s.getPortWithOffset()),
String.valueOf(s.getPort()),
String.valueOf(s.getPortOffset(;
-log.error("Catalina.stop: ", ce);
+log.error(sm.getString("catalina.stopError"), ce);
System.exit(1);
} catch (IOException e) {
-log.error("Catalina.stop: ", e);
+log.error(sm.getString("catalina.stopError"), e);
System.exit(1);
}
} else {
@@ -566,11 +566,11 @@ public class Catalina {
digester.parse(inputSource);
} catch (Exception e) {
if (file == null) {
-log.warn(sm.getString("catalina.configFail", getConfigFile() +
"] or [server-embed.xml]"), e);
+log.warn(sm.getString("catalina.configFail", getConfigFile() +
"] or [server-embed.xml"), e);
} else {
log.warn(sm.getString("catalina.configFail",
file.getAbsolutePath()), e);
if (file.exists() && !file.canRead()) {
-log.warn("Permissions incorrect, read permission is not
allowed on the file.");
+log.warn(sm.getString("catalina.incorrectPermissions"));
}
}
return;
@@ -590,13 +590,13 @@ public class Catalina {
if
(Boolean.getBoolean("org.apache.catalina.startup.EXIT_ON_INIT_FAILURE")) {
throw new java.lang.Error(e);
} else {
-log.error("Catalina.start", e);
+log.error(sm.getString("catalina.initError"), e);
}
}
long t2 = System.nanoTime();
if(log.isInfoEnabled()) {
-log.info("Initialization processed in " + ((t2 - t1) / 100) +
" ms");
+log.info(sm.getString("catalina.init", ((t2 - t1) / 100)));
}
}
@@ -711,7 +711,7 @@ public class Catalina {
s.destroy();
}
} catch (LifecycleException e) {
-log.error("Catalina.stop", e);
+log.error(sm.getString("catalina.stopError"), e);
}
}
@@ -732,11 +732,7 @@ public class Catalina {
*/
protected void usage() {
-System.out.println
-("usage: java org.apache.catalina.startup.Catalina"
- + " [ -config {pathname} ]"
- + " [ -nonaming ] "
- + " { -help | start | stop }");
+System.out.println(sm.getString("catalina.usage"));
}
@@ -759,7 +755,7 @@ public class Catalina {
protected void initNaming() {
// Setting additional variables
if (!useNaming) {
-log.info( "Catalina naming disabled");
+log.info(sm.getString("catalina.noNatming"));
System.setProperty("catalina.useNaming", "false");
} else {
System.setProperty("catalina.useNaming", "true");
@@ -780,7 +776,7 @@ public class Catalina {
(javax.naming.Context.INITIAL_CONTEXT_FACTORY,
"org.apache.naming.java.javaURLContextFactory");
} else {
-log.debug( "INITIAL_CONTEXT_FACTORY already set " + value );
+log.debug("INITIAL_CONTEXT_FACTORY already set " + value );
}
}
}
Modified: tomcat/trunk/java/org/apache/catalina/startup/LocalStrings.properties
URL:
http://sv
svn commit: r1847763 - in /tomcat/trunk/java/org/apache/catalina/startup: LocalStrings.properties Tomcat.java
Author: remm
Date: Thu Nov 29 20:50:59 2018
New Revision: 1847763
URL: http://svn.apache.org/viewvc?rev=1847763&view=rev
Log:
More cleanups and strings
Modified:
tomcat/trunk/java/org/apache/catalina/startup/LocalStrings.properties
tomcat/trunk/java/org/apache/catalina/startup/Tomcat.java
Modified: tomcat/trunk/java/org/apache/catalina/startup/LocalStrings.properties
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/startup/LocalStrings.properties?rev=1847763&r1=1847762&r2=1847763&view=diff
==
--- tomcat/trunk/java/org/apache/catalina/startup/LocalStrings.properties
[UTF-8] (original)
+++ tomcat/trunk/java/org/apache/catalina/startup/LocalStrings.properties
[UTF-8] Thu Nov 29 20:50:59 2018
@@ -154,6 +154,7 @@ tomcat.invalidCommandLine=Invalid comman
tomcat.baseDirMakeFail=Unable to create the directory [{0}] to use as the base
directory
tomcat.baseDirNotDir=The location [{0}] specified for the base directory is
not a directory
tomcat.homeDirMakeFail=Unable to create the directory [{0}] to use as the home
directory
+tomcat.noContextClass=Failed to instantiate context class [{0}] for host [{1}]
and url [{2}]
tomcat.noContextXml=Unable to determine web application context.xml [{0}]
userConfig.database=Exception loading user database
Modified: tomcat/trunk/java/org/apache/catalina/startup/Tomcat.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/startup/Tomcat.java?rev=1847763&r1=1847762&r2=1847763&view=diff
==
--- tomcat/trunk/java/org/apache/catalina/startup/Tomcat.java (original)
+++ tomcat/trunk/java/org/apache/catalina/startup/Tomcat.java Thu Nov 29
20:50:59 2018
@@ -907,10 +907,7 @@ public class Tomcat {
return (Context) Class.forName(contextClass).getConstructor()
.newInstance();
} catch (ReflectiveOperationException | IllegalArgumentException |
SecurityException e) {
-throw new IllegalArgumentException(
-"Can't instantiate context-class " + contextClass
-+ " for host " + host + " and url "
-+ url, e);
+throw new
IllegalArgumentException(sm.getString("tomcat.noContextClass", contextClass,
host, url), e);
}
}
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: svn commit: r1847747 - in /tomcat/trunk/java/org/apache: catalina/core/LocalStrings.properties catalina/core/StandardEngine.java catalina/startup/Catalina.java catalina/startup/LocalStrings.proper
On 29/11/2018 20:36, Rémy Maucherat wrote: > On Thu, Nov 29, 2018 at 9:08 PM Mark Thomas wrote: > >> Indeed. There is some low hanging fruit for a new contributor there. It >> shouldn't be too hard to write a regular expression to look for >> (non-debug) logging calls that don't use a StringManager. >> >> I see you've added the French translations. I'll get those imported >> shortly. >> > Now that the initial poeditor setup is done, you could update only once > before each tag, it would probably be enough. ACK. I'm trying to strike a balance between keeping svn and POEditor reasonably in sync and not spending too much time on the imports. That the export/import is mostly automated helps. Mark - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1847765 - in /tomcat/trunk: java/org/apache/tomcat/util/net/openssl/OpenSSLEngine.java webapps/docs/changelog.xml
Author: markt
Date: Thu Nov 29 21:27:43 2018
New Revision: 1847765
URL: http://svn.apache.org/viewvc?rev=1847765&view=rev
Log:
Avoid hang with TLS 1.0 and NIO/NIO2+OpenSSL 1.1.1
Modified:
tomcat/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLEngine.java
tomcat/trunk/webapps/docs/changelog.xml
Modified:
tomcat/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLEngine.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLEngine.java?rev=1847765&r1=1847764&r2=1847765&view=diff
==
--- tomcat/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLEngine.java
(original)
+++ tomcat/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLEngine.java Thu
Nov 29 21:27:43 2018
@@ -145,6 +145,7 @@ public final class OpenSSLEngine extends
// Use an invalid cipherSuite until the handshake is completed
// See
http://docs.oracle.com/javase/7/docs/api/javax/net/ssl/SSLEngine.html#getSession()
+private volatile String version;
private volatile String cipher;
private volatile String applicationProtocol;
@@ -632,7 +633,7 @@ public final class OpenSSLEngine extends
throws SSLException {
// NOTE: Calling a fake read is necessary before calling
pendingReadableBytesInSSL because
// SSL_pending will return 0 if OpenSSL has not started the current
TLS record
-// See https://www.openssl.org/docs/manmaster/ssl/SSL_pending.html
+// See https://www.openssl.org/docs/manmaster/man3/SSL_pending.html
clearLastError();
int lastPrimingReadResult = SSL.readFromSSL(ssl, EMPTY_ADDR, 0); //
priming read
// check if SSL_read returned <= 0. In this case we need to check the
error and see if it was something
@@ -640,7 +641,22 @@ public final class OpenSSLEngine extends
if (lastPrimingReadResult <= 0) {
checkLastError();
}
-return SSL.pendingReadableBytesInSSL(ssl);
+int pendingReadableBytesInSSL = SSL.pendingReadableBytesInSSL(ssl);
+
+// TLS 1.0 needs additional handling
+// TODO Figure out why this is necessary and if a simpler / better
+// solution is available
+if (Constants.SSL_PROTO_TLSv1.equals(version) && lastPrimingReadResult
== 0 &&
+pendingReadableBytesInSSL == 0) {
+// Perform another priming read
+lastPrimingReadResult = SSL.readFromSSL(ssl, EMPTY_ADDR, 0);
+if (lastPrimingReadResult <= 0) {
+checkLastError();
+}
+pendingReadableBytesInSSL = SSL.pendingReadableBytesInSSL(ssl);
+}
+
+return pendingReadableBytesInSSL;
}
@Override
@@ -1027,6 +1043,7 @@ public final class OpenSSLEngine extends
}
}
session.lastAccessedTime = System.currentTimeMillis();
+version = SSL.getVersion(ssl);
handshakeFinished = true;
return SSLEngineResult.HandshakeStatus.FINISHED;
}
Modified: tomcat/trunk/webapps/docs/changelog.xml
URL:
http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1847765&r1=1847764&r2=1847765&view=diff
==
--- tomcat/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/trunk/webapps/docs/changelog.xml Thu Nov 29 21:27:43 2018
@@ -128,6 +128,11 @@
Avoid bad SSLHostConfig JMX registrations before init. (remm)
+
+Avoid a potential hang when a client connects using TLS 1.0 to a Tomcat
+HTTPS connector configured to use NIO or NIO with OpenSSL 1.1.1 or
+later. (markt)
+
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: Tagging Tomcat Native 1.2.19
I think the issues are resolved now so I plan to review the current state of the code and then tag either later today or early tomorrow. Mark - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: Tagging Tomcat Native 1.2.19
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Mark, On 11/29/18 16:29, Mark Thomas wrote: > I think the issues are resolved now so I plan to review the > current state of the code and then tag either later today or early > tomorrow. +1 - -chris -BEGIN PGP SIGNATURE- Comment: Using GnuPG with Thunderbird - https://www.enigmail.net/ iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAlwAeLkACgkQHPApP6U8 pFjleA//QZOwUHSz2ftNeAL8ttzEta6/tZcldS/8AmFrzF4ptTm+4tNADZzHi8Vs 7i6Z2CyXHK0vVXYgpk9LxkpU+jUo2n3RNKemErlNlqCsTSC2ccVgAKVZYBbCN2SU cw1+TUhMx77e1EnV9DWHWQpmrxD8+hE6QjGzCgCve0C5JqZ2+UoyCyaCNI+8sTtt 0iG8zw7Z2DV6M1RD5755FWdv8qQaHiOWGZ3fEsdZRjYFs2JR+yXeXRuDxsd1O3gC A17srVjoWgPhph8cL0+zZCTEXL858+pEuvZuL2VqiFSiDc2YhCQhE1TF/UMzBJwJ QsUgx5Lu4M3KQD3BLCkCCl4VQCOsi5nCTq5ViLYgQCyDY7J2fbb1gEDJAKkVDUdU wSRCB5wIYTTwMhzje+8USFzr4PmftR4Da1kJcxsBGUgVXH1N4Kld29TCJtB4D0GU 4inuoIYdM7GtWPZ8q5NmRjTX81botvkGq4ThO95lg09wE7DSWaGjhZGhqHegShaW r2KU5ICou01e0HEr8uwndQJ7T01Mn2Fu3unYGkrg8VDQ0jmb0f0iHB7rXVYqCSbq vfHaYo6JzdZllmK7uFsKZS3nwUAYpucSd4sr7q+job5ZeYDawmuXiYq4DyCZa4BY UkWIdt2I+ZTEVj8GHC/3DiVEbqiwos6QTd4BV0SYuxXBVpkXFUM= =PRnY -END PGP SIGNATURE- - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
