[tomcat] branch master updated: Default to "tomcat" as the Kube namespace

[remm]

This is an automated email from the ASF dual-hosted git repository.

remm pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/master by this push:
 new e40a946  Default to "tomcat" as the Kube namespace
e40a946 is described below

commit e40a9467e73c75f7e9c5d942c701bbfd6be6a960
Author: remm 
AuthorDate: Wed Jul 17 09:34:00 2019 +0200

Default to "tomcat" as the Kube namespace

Refactor to pull up common code (it doesn't prevent non Kube providers,
obviously). Warn instead of exit if the Kube environment is not present.
---
 .../membership/cloud/CloudMembershipProvider.java  | 26 +-
 .../membership/cloud/DNSMembershipProvider.java|  6 +
 .../cloud/KubernetesMembershipProvider.java|  7 +-
 webapps/docs/changelog.xml |  5 +
 4 files changed, 28 insertions(+), 16 deletions(-)

diff --git 
a/java/org/apache/catalina/tribes/membership/cloud/CloudMembershipProvider.java 
b/java/org/apache/catalina/tribes/membership/cloud/CloudMembershipProvider.java
index 70f5fa1..9940673 100644
--- 
a/java/org/apache/catalina/tribes/membership/cloud/CloudMembershipProvider.java
+++ 
b/java/org/apache/catalina/tribes/membership/cloud/CloudMembershipProvider.java
@@ -42,6 +42,8 @@ public abstract class CloudMembershipProvider extends 
MembershipProviderBase imp
 private static final Log log = 
LogFactory.getLog(CloudMembershipProvider.class);
 protected static final StringManager sm = 
StringManager.getManager(CloudMembershipProvider.class);
 
+protected static final String CUSTOM_ENV_PREFIX = "OPENSHIFT_KUBE_PING_";
+
 protected String url;
 protected StreamProvider streamProvider;
 protected int connectionTimeout;
@@ -65,21 +67,35 @@ public abstract class CloudMembershipProvider extends 
MembershipProviderBase imp
 }
 }
 
-// Get value of environment variable named keys[0]
-// If keys[0] isn't found, try keys[1], keys[2], ...
-// If nothing is found, return null
+/**
+ * Get value of environment variable.
+ * @param keys the environment variables
+ * @return the env variables values, or null if not found
+ */
 protected static String getEnv(String... keys) {
 String val = null;
-
 for (String key : keys) {
 val = AccessController.doPrivileged((PrivilegedAction) () 
-> System.getenv(key));
 if (val != null)
 break;
 }
-
 return val;
 }
 
+/**
+ * Get the Kubernetes namespace, or "tomcat" if the Kubernetes environment 
variable
+ * cannot be found (with a warning log about the missing namespace).
+ * @return the namespace
+ */
+protected String getNamespace() {
+String namespace = getEnv("KUBERNETES_NAMESPACE", CUSTOM_ENV_PREFIX + 
"NAMESPACE");
+if (namespace == null || namespace.length() == 0) {
+log.warn(sm.getString("kubernetesMembershipProvider.noNamespace"));
+namespace = "tomcat";
+}
+return namespace;
+}
+
 @Override
 public void init(Properties properties) throws IOException {
 startTime = Instant.now();
diff --git 
a/java/org/apache/catalina/tribes/membership/cloud/DNSMembershipProvider.java 
b/java/org/apache/catalina/tribes/membership/cloud/DNSMembershipProvider.java
index 43d02f1..25fcff1 100644
--- 
a/java/org/apache/catalina/tribes/membership/cloud/DNSMembershipProvider.java
+++ 
b/java/org/apache/catalina/tribes/membership/cloud/DNSMembershipProvider.java
@@ -33,7 +33,6 @@ import org.apache.juli.logging.LogFactory;
 public class DNSMembershipProvider extends CloudMembershipProvider {
 private static final Log log = 
LogFactory.getLog(DNSMembershipProvider.class);
 
-private static final String CUSTOM_ENV_PREFIX = "OPENSHIFT_KUBE_PING_";
 private String namespace;
 
 @Override
@@ -45,10 +44,7 @@ public class DNSMembershipProvider extends 
CloudMembershipProvider {
 super.start(level);
 
 // Set up Kubernetes API parameters
-namespace = getEnv("KUBERNETES_NAMESPACE", CUSTOM_ENV_PREFIX + 
"NAMESPACE");
-if (namespace == null || namespace.length() == 0) {
-throw new 
IllegalArgumentException(sm.getString("kubernetesMembershipProvider.noNamespace"));
-}
+namespace = getNamespace();
 
 if (log.isDebugEnabled()) {
 log.debug(String.format("Namespace [%s] set; clustering enabled", 
namespace));
diff --git 
a/java/org/apache/catalina/tribes/membership/cloud/KubernetesMembershipProvider.java
 
b/java/org/apache/catalina/tribes/membership/cloud/KubernetesMembershipProvider.java
index e977542..2950f5a 100644
--- 
a/java/org/apache/catalina/tribes/membership/cloud/KubernetesMembershipProvider.java
+++ 
b/java/org/apache/catalina/tribes/membership/cloud/KubernetesMembershipProvider.java
@@ -42,8 +42,6 @@ import or

buildbot success in on tomcat-trunk

[buildbot]

The Buildbot has detected a restored build on builder tomcat-trunk while 
building tomcat. Full details are available at:
https://ci.apache.org/builders/tomcat-trunk/builds/4494

Buildbot URL: https://ci.apache.org/

Buildslave for this Build: asf946_ubuntu

Build Reason: The AnyBranchScheduler scheduler named 'on-tomcat-commit' 
triggered this build
Build Source Stamp: [branch master] e40a9467e73c75f7e9c5d942c701bbfd6be6a960
Blamelist: remm 

Build succeeded!

Sincerely,
 -The Buildbot




-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 63405] Tomcat 7.0.91.0 EXCEPTION_ACCESS_VIOLATION - Problematic frame tcnative-1.dll+0x802e

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=63405

--- Comment #2 from kd  ---
server.xml



  
  
  
  
  

  

  
  
  





  

  
  

  

  


REST API were invoked at the time of crash.
We also use Websocket for client server communication.
Please let me know if you need more details.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[jira] [Created] (MTOMCAT-318) configuration of plug-ins to map simple types, such as Boolean or Integer

[Roger Mbiama (JIRA)]

Roger Mbiama created MTOMCAT-318:


 Summary: configuration of plug-ins to map simple types, such as 
Boolean or Integer
 Key: MTOMCAT-318
 URL: https://issues.apache.org/jira/browse/MTOMCAT-318
 Project: Apache Tomcat Maven Plugin
  Issue Type: Bug
  Components: tomcat7
Affects Versions: 2.2
 Environment: localhost
Reporter: Roger Mbiama
Assignee: Olivier Lamy (*$^¨%`£)
 Fix For: 2.3


Plugin build and reporting:

This construction and repability plugin will run during construction in 
localhost, it should be configured in the  element.
The report generation plugin will run during tomcat 7 generation and must be 
configured in the  element.



--
This message was sent by Atlassian JIRA
(v7.6.14#76016)

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: Illegal reflective access in TC 9

[Mark Thomas]

On July 17, 2019 5:56:36 AM UTC, Rainer Jung  wrote:
>I noticed (no regression) warnings during unit test run of the
>following 
>types for modern JDK:
>
>   [junit] WARNING: An illegal reflective access operation has occurred
> [junit] WARNING: Illegal reflective access by ...
>[junit] WARNING: Please consider reporting this to the maintainers 
>of ...
> [junit] WARNING: Use --illegal-access=warn to enable warnings of 
>further illegal reflective access operations
>[junit] WARNING: All illegal access operations will be denied in a 
>future release
>
>For the two lines with "..." I have the following statistics:
>
>Count type
>
>348   by org.apache.catalina.loader.WebappClassLoaderBase 
>(file:/path/to/my/output/classes/) to field 
>java.io.ObjectStreamClass$Caches.localDescs
>
>=> clearReferencesObjectStreamClassCaches() / clearCache()
>
>   2   by org.apache.catalina.loader.WebappClassLoaderBase 
>(file:/path/to/my/output/classes/) to field 
>java.util.TimerThread.newTasksMayBeScheduled
>
>=> clearReferencesStopTimerThread()
>
>   2   by org.apache.catalina.loader.WebappClassLoaderBase 
>(file:/path/to/my/output/classes/) to field java.lang.Thread.target
>
>=> clearReferencesThreads()
>
>  12   by net.sf.cglib.core.ReflectUtils$2 
>(file:/path/to/my/deps/cglib-2.2.2/cglib-nodep-2.2.2.jar) to method 
>java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int,java.security.ProtectionDomain)
>
>In the docs under 
>http://tomcat.apache.org/tomcat-9.0-doc/config/context.html a Java 9 
>hint about reflection is only mentioned for 
>clearReferencesObjectStreamClassCaches (and clearReferencesRmiTargets).
>
>Furthermore in the source file WebappClassLoaderBase.java, there's 
>comments about Java 9 and an exception capture plus test 
>jreCompat.isInstanceOfInaccessibleObjectException() in 
>checkThreadLocalsForLeaks() and clearReferencesRmiTargets(), but not
>all 
>of the above. Do we need to sync docs and code plus both with the above
>
>list of runtime warnings?
>
>Finally the docs contain a hint to -XaddExports:...=ALL-UNNAMED, but
>our 
>startup scripts contain --add-opens=...=ALL-UNNAMED for the same
>modules 
>and packages. Not sure, whether we should sync that and in which
>direction.
>
>Should I open a BZ?

Probably best to so we don't lose track of it.

Mark

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 63570] New: NioEndpoint.populateLocalAddr() populates remote address

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=63570

Bug ID: 63570
   Summary: NioEndpoint.populateLocalAddr() populates remote
address
   Product: Tomcat 9
   Version: 9.0.22
  Hardware: PC
OS: Linux
Status: NEW
  Severity: regression
  Priority: P2
 Component: Util
  Assignee: dev@tomcat.apache.org
  Reporter: akada...@salesforce.com
  Target Milestone: -

package org.apache.tomcat.util.net
class NioEndpoint
commit 65fb1ee548111021edde247f3b3c409ec95a5183
https://github.com/apache/tomcat/commit/65fb1ee548111021edde247f3b3c409ec95a5183#diff-0d8883b1aa000d427e4af3fa79f61483

Steps to reproduce:
The behavior-change/regression is evident by looking at diff above. Still if
steps are required, let me know. Also, make sure that local and remote address
are different while trying to reproduce E.g. Running as localhost, local and
remote addresses may be same which would mask the problem.

Actual Results:
Now NioEndpoint.populateLocalAddr populates the remote address. Thus, APIs to
return server's local address for e.g. RequestFacade.getLocalAddress will
return the remote address.

Expected Results:
NioEndpoint.populateLocalAddr populates the local address.

Build Date & Hardware:
First encountered the bug on 7/15/19, Intel Xeon, Ubuntu 16.04 LTS, Tomcat
9.0.22.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch master updated: 63570: Fix retrieving local address with the NIO connector

[remm]

This is an automated email from the ASF dual-hosted git repository.

remm pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/master by this push:
 new a6abd65  63570: Fix retrieving local address with the NIO connector
a6abd65 is described below

commit a6abd652314bfcd53182a2de1a97dde6b910b1b6
Author: remm 
AuthorDate: Thu Jul 18 00:12:00 2019 +0200

63570: Fix retrieving local address with the NIO connector

The remote address was retrieved rather than the local address.
Submitted by Aditya Kadakia.
---
 java/org/apache/tomcat/util/net/NioEndpoint.java | 4 ++--
 webapps/docs/changelog.xml   | 4 
 2 files changed, 6 insertions(+), 2 deletions(-)

diff --git a/java/org/apache/tomcat/util/net/NioEndpoint.java 
b/java/org/apache/tomcat/util/net/NioEndpoint.java
index d41898d..85bfa9d 100644
--- a/java/org/apache/tomcat/util/net/NioEndpoint.java
+++ b/java/org/apache/tomcat/util/net/NioEndpoint.java
@@ -1352,7 +1352,7 @@ public class NioEndpoint extends 
AbstractJsseEndpoint
 protected void populateLocalName() {
 SocketChannel sc = getSocket().getIOChannel();
 if (sc != null) {
-InetAddress inetAddr = sc.socket().getInetAddress();
+InetAddress inetAddr = sc.socket().getLocalAddress();
 if (inetAddr != null) {
 localName = inetAddr.getHostName();
 }
@@ -1364,7 +1364,7 @@ public class NioEndpoint extends 
AbstractJsseEndpoint
 protected void populateLocalAddr() {
 SocketChannel sc = getSocket().getIOChannel();
 if (sc != null) {
-InetAddress inetAddr = sc.socket().getInetAddress();
+InetAddress inetAddr = sc.socket().getLocalAddress();
 if (inetAddr != null) {
 localAddr = inetAddr.getHostAddress();
 }
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index bfe2afd..af61944 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -76,6 +76,10 @@
 Add callback when finishing the set properties rule in the digester.
 (remm)
   
+  
+63570: Fix regression retrieving local address with
+the NIO connector. Submitted by Aditya Kadakia. (remm)
+  
 
   
   


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 63570] NioEndpoint.populateLocalAddr() populates remote address

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=63570

Remy Maucherat  changed:

   What|Removed |Added

 Resolution|--- |FIXED
 Status|NEW |RESOLVED

--- Comment #1 from Remy Maucherat  ---
Sorry for the trouble, the fix will be in Tomcat 9.0.23.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch master updated: Discard large byte buffers on request recycle

[remm]

This is an automated email from the ASF dual-hosted git repository.

remm pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/master by this push:
 new 3ed7483  Discard large byte buffers on request recycle
3ed7483 is described below

commit 3ed74837215700081a5917d4d871f973dd27745a
Author: remm 
AuthorDate: Thu Jul 18 00:32:38 2019 +0200

Discard large byte buffers on request recycle

With the ByteBuffer based code, buffers allocated when using
setBufferSize with a large value would never be discarded.
---
 java/org/apache/catalina/connector/OutputBuffer.java | 10 ++
 webapps/docs/changelog.xml   |  4 
 2 files changed, 14 insertions(+)

diff --git a/java/org/apache/catalina/connector/OutputBuffer.java 
b/java/org/apache/catalina/connector/OutputBuffer.java
index 22c8fa3..5fa8fc2 100644
--- a/java/org/apache/catalina/connector/OutputBuffer.java
+++ b/java/org/apache/catalina/connector/OutputBuffer.java
@@ -58,6 +58,11 @@ public class OutputBuffer extends Writer {
 private final Map encoders = new HashMap<>();
 
 
+/**
+ * Default buffer size.
+ */
+private final int defaultBufferSize;
+
 // - Instance Variables
 
 /**
@@ -128,6 +133,7 @@ public class OutputBuffer extends Writer {
  * @param size Buffer size to use
  */
 public OutputBuffer(int size) {
+defaultBufferSize = size;
 bb = ByteBuffer.allocate(size);
 clear(bb);
 cb = CharBuffer.allocate(size);
@@ -188,6 +194,10 @@ public class OutputBuffer extends Writer {
 bytesWritten = 0;
 charsWritten = 0;
 
+if (bb.capacity() > 16 * defaultBufferSize) {
+// Discard buffers which are too large
+bb = ByteBuffer.allocate(defaultBufferSize);
+}
 clear(bb);
 clear(cb);
 closed = false;
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index af61944..20dea22 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -56,6 +56,10 @@
 AsyncContext.start(Runnable), process it using the 
standard
 error page mechanism. (markt)
   
+  
+Discard large byte buffers allocated using setBufferSize when recycling
+the request. (remm)
+  
  
   
   


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch 8.5.x updated: Discard large byte buffers on request recycle

[remm]

This is an automated email from the ASF dual-hosted git repository.

remm pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/8.5.x by this push:
 new 5f03949  Discard large byte buffers on request recycle
5f03949 is described below

commit 5f039493cf3f503eb279cddbd7d6d70a1d21ffc5
Author: remm 
AuthorDate: Thu Jul 18 00:39:05 2019 +0200

Discard large byte buffers on request recycle

With the ByteBuffer based code, buffers allocated when using
setBufferSize with a large value would never be discarded.
---
 java/org/apache/catalina/connector/OutputBuffer.java | 12 ++--
 webapps/docs/changelog.xml   |  4 
 2 files changed, 14 insertions(+), 2 deletions(-)

diff --git a/java/org/apache/catalina/connector/OutputBuffer.java 
b/java/org/apache/catalina/connector/OutputBuffer.java
index e23fa20..6e0e951 100644
--- a/java/org/apache/catalina/connector/OutputBuffer.java
+++ b/java/org/apache/catalina/connector/OutputBuffer.java
@@ -59,6 +59,11 @@ public class OutputBuffer extends Writer {
 private final Map encoders = new HashMap<>();
 
 
+/**
+ * Default buffer size.
+ */
+private final int defaultBufferSize;
+
 // - Instance Variables
 
 /**
@@ -146,12 +151,11 @@ public class OutputBuffer extends Writer {
  * @param size Buffer size to use
  */
 public OutputBuffer(int size) {
-
+defaultBufferSize = size;
 bb = ByteBuffer.allocate(size);
 clear(bb);
 cb = CharBuffer.allocate(size);
 clear(cb);
-
 }
 
 
@@ -209,6 +213,10 @@ public class OutputBuffer extends Writer {
 bytesWritten = 0;
 charsWritten = 0;
 
+if (bb.capacity() > 16 * defaultBufferSize) {
+// Discard buffers which are too large
+bb = ByteBuffer.allocate(defaultBufferSize);
+}
 clear(bb);
 clear(cb);
 closed = false;
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 32774ff..696cddc 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -56,6 +56,10 @@
 AsyncContext.start(Runnable), process it using the 
standard
 error page mechanism. (markt)
   
+  
+Discard large byte buffers allocated using setBufferSize when recycling
+the request. (remm)
+  
  
   
   


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 63405] Tomcat 7.0.91.0 EXCEPTION_ACCESS_VIOLATION - Problematic frame tcnative-1.dll+0x802e

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=63405

kd  changed:

   What|Removed |Added

 Status|NEEDINFO|NEW

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: [tomcat] branch master updated: Add JNI configuration

[Rainer Jung]

Am 15.07.2019 um 18:17 schrieb r...@apache.org:

This is an automated email from the ASF dual-hosted git repository.

remm pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/master by this push:
  new 5f32b50  Add JNI configuration
5f32b50 is described below

commit 5f32b5084921488cfbae8fe4d154919fd2678052
Author: remm 
AuthorDate: Mon Jul 15 18:17:08 2019 +0200

 Add JNI configuration
---
  res/tomcat-maven/README.md   | 2 +-
  res/tomcat-maven/tomcat-jni.json | 8 
  2 files changed, 9 insertions(+), 1 deletion(-)


...


diff --git a/res/tomcat-maven/tomcat-jni.json b/res/tomcat-maven/tomcat-jni.json
new file mode 100644
index 000..1ca1093
--- /dev/null
+++ b/res/tomcat-maven/tomcat-jni.json
@@ -0,0 +1,8 @@
+[
+{ "name":"org.apache.tomcat.jni.FileInfo" },
+{ "name":"org.apache.tomcat.jni.Sockaddr" },
+{ "name":"org.apache.tomcat.jni.FileInfo" },


Really twice FileInfo?


+{ "name":"org.apache.tomcat.jni.Error" },
+{ "name":"org.apache.tomcat.jni.SSL", 
"methods":[{"name":"newSSL","parameterTypes":["long","boolean"]}] },
+{ "name":"java.lang.String", 
"methods":[{"name":"","parameterTypes":["byte[]"]},{"name":"getBytes","parameterTypes":[]}] }
+]


Regards,

Rainer

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 63571] New: The SSL sessionCacheSize config overwrites javax.net.ssl.sessionCacheSize

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=63571

Bug ID: 63571
   Summary: The SSL sessionCacheSize config overwrites
javax.net.ssl.sessionCacheSize
   Product: Tomcat 9
   Version: 9.0.x
  Hardware: PC
OS: Linux
Status: NEW
  Severity: normal
  Priority: P2
 Component: Connectors
  Assignee: dev@tomcat.apache.org
  Reporter: yor...@gmail.com
  Target Milestone: -

In JDK bug https://bugs.openjdk.java.net/browse/JDK-8213577 , it clearly
mentioned that setting the SSL session cache size to indefinite is dangerous
and could cause serious memory leak issue. I have seen a couple of cases in my
company. The fix has updated the default value from 0 (indefinite) to 20480.
This has also been backported to JDK8
https://bugs.openjdk.java.net/browse/JDK-8213577 .

However, the default value in Tomcat is still 0. Also, when it set the value,
it does not consider whether the a different value has been set in JDK for
JSSE. JDK allow users to use the system property javax.net.ssl.sessionCacheSize
to set it as well. At the moment, Tomcat would overwrite both the JDK default
value and also javax.net.ssl.sessionCacheSize. This basically reversed the fix
in JDK.

There could be a couple of ways to fix this. I would suggest:
 - change the default value in Tomcat for sessionCacheSize to 20480, which is
the same as the JDK fix.
 - unless the Tomcat user explicitly set sessionCacheSize to a different value,
it should not try to call SSLSessionContext.setSessionCacheSize to change it,
since it could overwrite the configuration user set via
javax.net.ssl.sessionCacheSize.

Tomcat 7 and 8 have the same issue.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: Graal and Tomcat Native

[jean-frederic clere]

On 12/07/2019 11:21, Rémy Maucherat wrote:
> On Thu, Jul 11, 2019 at 11:01 PM Rainer Jung  > wrote:
> 
> Am 11.07.2019 um 22:10 schrieb Rémy Maucherat:
> > On Thu, Jul 11, 2019 at 8:42 PM Rainer Jung
> mailto:rainer.j...@kippdata.de>
> > >>
> wrote:
> >
> >     Hi Rémy,
> >
> >     When one looks up the macros in native/include/tcn.h, this boils
> >     down to
> >     the following returning null:
> >
> >     (*env)->FindClass(env, "org/apache/tomcat/jni/FileInfo")
> >
> >     So our own FileInfo class can not be found. FindClass docs
> indicate its
> >     searched in the CLASSPATH although I'm not sure whether its
> really the
> >     classpath or some search paths of a class loader hierarchy.
> >
> >     You might want to add the JVM commandline flag
> "-verbose:class" for any
> >     easy way to track class loading.
> >
> >     I didn't really grok what you meant with "define in JNI
> configuration".
> >     For normal JVMs the code just works, so what might be special
> for Graal
> >     that org.apache.tomcat.jni.FileInfo can't be found?
> >
> >
> > A Graal native image is indeed not a normal JVM and does not
> support any
> > kind of dynamic class loading, it has to be declared first in these
> > configuration files.
> 
> Ah OK.
> 
> > So I am adding this to the jni one:
> > { "name":"org.apache.tomcat.jni.FileInfo" },
> > { "name":"org.apache.tomcat.jni.Sockaddr" },
> > { "name":"org.apache.tomcat.jni.FileInfo" },
> 
> Again FileInfo? I think instead "org.apache.tomcat.jni.Error" should be
> the third one.
> 
> > { "name":"java.lang.String", "methods" :
> >
> 
> [{"name":"","parameterTypes":["byte[]"]},{"name":"getBytes","parameterTypes":[]}]
> 
> > }
> > And loading now works.
> > Jul 11, 2019 9:39:28 PM org.apache.catalina.core.AprLifecycleListener
> > lifecycleEvent
> > INFO: Loaded APR based Apache Tomcat Native library [1.2.23] using
> APR
> > version [1.6.5].
> > Jul 11, 2019 9:39:28 PM org.apache.catalina.core.AprLifecycleListener
> > lifecycleEvent
> > INFO: APR capabilities: IPv6 [true], sendfile [true], accept filters
> > [false], random [true].
> > Jul 11, 2019 9:39:28 PM org.apache.catalina.core.AprLifecycleListener
> > lifecycleEvent
> > INFO: APR/OpenSSL configuration: useAprConnector [false],
> useOpenSSL [true]
> > Jul 11, 2019 9:39:28 PM org.apache.catalina.core.AprLifecycleListener
> > initializeSSL
> > INFO: OpenSSL successfully initialized [OpenSSL 1.1.1c FIPS  28
> May 2019]
> >
> > However when trying to actually connect I got:
> > Segmentation fault (core dumped)
> >
> > Oops.
> 
> If the above duplicate class was just a copy and paste typo, but you
> had
> it right in your actual work, the next one could try, would be
> activating writing core dumps in the underlying OS. The resulting core
> should be inspectable depending on OS via gdb or similar tools. The
> simplest gdb invocation would be
> 
> gdb /path/to/my/bin/java /path/to/my/corefile
> 
> and then at the gdb prompt the command
> 
>    bt
> 
> or
> 
>    bt full
> 
> or
> 
>    thread apply all bt
> 
> or
> 
>    thread apply all bt full
> 
> That way we should at least see, in which function the crash happens.
> Depending on symbols etc. you might even get line numbers.
> 
> 
> In the native code, it crashes on:
> https://github.com/apache/tomcat-native/blob/master/native/src/ssl.c#L635
> 
> I modified the code to:
>     double d = (((double)(rand()%RAND_MAX)/RAND_MAX)*(h-l));
>     apr_snprintf(buf, sizeof(buf), "%.0f", d);
> 
> And it cores on the apr_snprintf. I don't see how it is unsafe though.
> 
> Rémy
> 

I also have the same core using the AprConnector I can't really see what
is wrong there.

gdb doesn't really help :-( I have replaced the apr_snprintf by snprintf
and I also have a core:
+++
Thread 19 "apr-8443-exec-1" received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0x7fffa700 (LWP 24724)]
0x7792e41a in __GI___printf_fp_l (fp=,
loc=, info=, args=) at
../include/ctype.h:53
53return __libc_tsd_address (const int32_t *, CTYPE_TOLOWER);
Missing separate debuginfos, use: dnf debuginfo-install
sssd-client-2.2.0-3.fc30.x86_64 zlib-1.2.11-15.fc30.x86_64
(gdb) bt
#0  0x7792e41a in __GI___printf_fp_l (fp=,
loc=, info=, args=) at
../include/ctype.h:53
#1  0x77946f71 in __vfprintf_internal (s=0x7fffafffe660,
format=0x77ff05f7 "%.0f", ap=0x7fffafffe7e0, mode_flags=) at vfprintf-internal.c:1644
#2  0x77959f8a in __vsnprintf_internal (string=0x77ffa2a0
 "", maxlen=, format=0x77ff05f7 "%.0f",
args=0x7fffafffe7e0, mode