[Bug 59703] RFC 6265 Cookie Processor doesn't allow cookie domains with a leading dot.

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=59703

--- Comment #5 from Shaeleigh Schneider  ---
Bugs are the error which presents the formation of the error for the kind of
good and best fortune to all of the basic things. The cookies error and the
password building have the link in
https://www.topaperwritingservices.com/review-bestdisseration-com/ for best
dissertion way of fortune building by grant allowance.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: [VOTE] Release Apache Tomcat 9.0.26

[Emmanuel Bourg]

Le 16/09/2019 à 18:15, Mark Thomas a écrit :

> The proposed 9.0.26 release is:
> [ ] Broken - do not release
> [X] Stable - go ahead and release as 9.0.26

Tested on Debian with OpenJDK 11.0.5+6, OpenSSL 1.1.1d and Tomcat Native
1.2.23. No failure on the 3 test suites.

Emmanuel Bourg



signature.asc
Description: OpenPGP digital signature

[tomcat] branch master updated: Use single quotes instead of custom build double quotes

[fschumacher]

This is an automated email from the ASF dual-hosted git repository.

fschumacher pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/master by this push:
 new c4285fb  Use single quotes instead of custom build double quotes
c4285fb is described below

commit c4285fb7635f5b54bec3c953749007377d12f95d
Author: Felix Schumacher 
AuthorDate: Tue Sep 17 12:36:16 2019 +0200

Use single quotes instead of custom build double quotes
---
 webapps/docs/rewrite.xml | 22 +++---
 1 file changed, 11 insertions(+), 11 deletions(-)

diff --git a/webapps/docs/rewrite.xml b/webapps/docs/rewrite.xml
index 4e2160e..af656ab 100644
--- a/webapps/docs/rewrite.xml
+++ b/webapps/docs/rewrite.xml
@@ -254,7 +254,7 @@
 value of a header sent in the HTTP request.
 Example: %{HTTP:Proxy-Connection} is
 the value of the HTTP header
-``Proxy-Connection:''.
+'Proxy-Connection:'.
 
   
 
@@ -366,7 +366,7 @@ RewriteRule ...some special stuff for any of these 
hosts...
   Example:
 
To rewrite the Homepage of a site according to the
-``User-Agent:'' header of the request, you can
+'User-Agent:' header of the request, you can
 use the following: 
 
 RewriteCond  %{HTTP_USER_AGENT}  ^Mozilla.*
@@ -418,7 +418,7 @@ public interface RewriteMap {
 
   Pattern is a perl compatible regular
   expression, which is applied to the current URL.
-  ``Current'' means the value of the URL when this rule is
+  'Current' means the value of the URL when this rule is
   applied. This may not be the originally requested URL,
   which may already have matched a previous rule, and have been
   altered.
@@ -440,8 +440,8 @@ public interface RewriteMap {
 
 Text:
   .   Any single character
-  [chars] 
Character class: Any character of the class ``chars''
-  [^chars]
Character class: Not a character of the class ``chars''
+  [chars] 
Character class: Any character of the class 'chars'
+  [^chars]
Character class: Not a character of the class 'chars'
   text1|text2 Alternative: text1 or text2
 
 Quantifiers:
@@ -481,8 +481,8 @@ public interface RewriteMap {
   In the rules, the NOT character
('!') is also available as a possible pattern
   prefix. This enables you to negate a pattern; to say, for instance:
-  ``if the current URL does NOT match this
-  pattern''. This can be used for exceptional cases, where
+  'if the current URL does NOT match this
+  pattern'. This can be used for exceptional cases, where
   it is easier to match the negative pattern, or as a last
   default rule.
 
@@ -565,9 +565,9 @@ cannot use $N in the substitution string!
 the flag has no effect. If the rule does
 not match, then all following chained
 rules are skipped. For instance, it can be used to remove the
-``.www'' part, inside a per-directory rule set,
+'.www' part, inside a per-directory rule set,
 when you let an external redirect happen (where the
-``.www'' part should not occur!).
+'.www' part should not occur!).
 
 
 
'cookie|CO=NAME:VAL:domain[:lifetime[:path]]'
@@ -698,8 +698,8 @@ cannot use $N in the substitution string!
   temp (default), permanent,
   seeother. Use this for rules to
   canonicalize the URL and return it to the client - to
-  translate ``/~'' into
-  ``/u/'', or to always append a slash to
+  translate '/~' into
+  '/u/', or to always append a slash to
   /u/user, etc.
   Note: When you use this flag, make
   sure that the substitution field is a valid URL! Otherwise,


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

buildbot failure in on tomcat-trunk

[buildbot]

The Buildbot has detected a new failure on builder tomcat-trunk while building 
tomcat. Full details are available at:
https://ci.apache.org/builders/tomcat-trunk/builds/4612

Buildbot URL: https://ci.apache.org/

Buildslave for this Build: asf946_ubuntu

Build Reason: The AnyBranchScheduler scheduler named 'on-tomcat-commit' 
triggered this build
Build Source Stamp: [branch master] c4285fb7635f5b54bec3c953749007377d12f95d
Blamelist: Felix Schumacher 

BUILD FAILED: failed compile_1

Sincerely,
 -The Buildbot




-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch master updated: Correct wording (typo)

[fschumacher]

This is an automated email from the ASF dual-hosted git repository.

fschumacher pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/master by this push:
 new b5bc652  Correct wording (typo)
b5bc652 is described below

commit b5bc652379f8a43b092f2b0ff91cb94bc9a88ac7
Author: Felix Schumacher 
AuthorDate: Tue Sep 17 13:26:41 2019 +0200

Correct wording (typo)
---
 CONTRIBUTING.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
index 58ea4f9..d8fddc4 100644
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -84,7 +84,7 @@ Download Page. There is one such page for every major Tomcat 
version:
 
 If you have chosen to attach a patch to the Bugzilla issue (or email
 one), then you'll need to download the sources as noted above, make your
-desired changes and then manually generate your patch using diff (other
+desired changes and then manually generate your patch using diff (or any
 other tool).
 
 # GitHub


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

buildbot success in on tomcat-trunk

[buildbot]

The Buildbot has detected a restored build on builder tomcat-trunk while 
building tomcat. Full details are available at:
https://ci.apache.org/builders/tomcat-trunk/builds/4613

Buildbot URL: https://ci.apache.org/

Buildslave for this Build: asf946_ubuntu

Build Reason: The AnyBranchScheduler scheduler named 'on-tomcat-commit' 
triggered this build
Build Source Stamp: [branch master] b5bc652379f8a43b092f2b0ff91cb94bc9a88ac7
Blamelist: Felix Schumacher 

Build succeeded!

Sincerely,
 -The Buildbot




-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch master updated: Verified Graal 19.2.0.1 resolves the Linux showstopper

[remm]

This is an automated email from the ASF dual-hosted git repository.

remm pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/master by this push:
 new 99509fc  Verified Graal 19.2.0.1 resolves the Linux showstopper
 new 4ed0a57  Merge branch 'master' of g...@github.com:apache/tomcat.git
99509fc is described below

commit 99509fc3fb6c2b07eb1d2193d118d073be0424e1
Author: remm 
AuthorDate: Tue Sep 17 16:26:49 2019 +0200

Verified Graal 19.2.0.1 resolves the Linux showstopper

My demo setup suddenly becomes a lot less complex and the main readme
instructions work again on the affected platform.
---
 res/tomcat-maven/README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/res/tomcat-maven/README.md b/res/tomcat-maven/README.md
index 4188ed9..1072faa 100644
--- a/res/tomcat-maven/README.md
+++ b/res/tomcat-maven/README.md
@@ -82,7 +82,7 @@ oc policy add-role-to-user view system:serviceaccount:$(oc 
project -q):default -
 
 Download Graal native-image and tools.
 ```
-export JAVA_HOME=/absolute...path...to/graalvm-ce-19.1.0
+export JAVA_HOME=/absolute...path...to/graalvm-ce-19.2.0.1
 export TOMCAT_MAVEN=/absolute...path...to/tomcat-maven
 cd $JAVA_HOME/bin
 ./gu install native-image


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: [tomcat] branch master updated: Only decode in standard mode.

[Mark Thomas]

On 01/08/2019 22:55, ma...@apache.org wrote:
> This is an automated email from the ASF dual-hosted git repository.
> 
> markt pushed a commit to branch master
> in repository https://gitbox.apache.org/repos/asf/tomcat.git
> 
> 
> The following commit(s) were added to refs/heads/master by this push:
>  new 9fd972c  Only decode in standard mode.
> 9fd972c is described below
> 
> commit 9fd972c931cf3ce8829a69437b7340f9b0e1e731
> Author: Mark Thomas 
> AuthorDate: Thu Aug 1 22:54:41 2019 +0100
> 
> Only decode in standard mode.
> 
> The seamless decoding of both standard and URL-safe mode no longer works
> as expected in some cases when one of the two characters from the other
> mode appear in the encoded data. This is because rather than ignoring
> the unexpected "-" or "_" it gets decoded and if the result is invalid
> an exception is thrown due to the fix for CODEC-134.
> Tomcat doesn't use URL-safe mode so simply disable it.

I've discovered some TCK failures as a result of this change. The
HTTP2-Settings header present in an HTTP upgrade for h2c uses the
URL-safe form of base64 encoding.

The good news is that it is only h2c that is affected so the impact on
end users should be minimal.

I think I am going to have to tweak the codec so that users can opt for
standard or URL-safe mode as required. That looks doable without too
invasive a change. I'll look into applying the fix upstream.

Mark

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: [VOTE] Release Apache Tomcat 9.0.26

[Igal Sapir]

On 9/16/2019 9:15 AM, Mark Thomas wrote:

The proposed Apache Tomcat 9.0.26 release is now available for voting.

The major changes compared to the 9.0.24 release are:

- Update to Commons Daemon 1.2.1 to pick up fixes for regressions in
   Commons Daemon 1.2.0, most notably a failure to start when using
   a 32-bit JVM on Windows.

- Avoid an NPE when accessing an https port using http.

- Correct the invalid automatic module names for the embedded JARs.

- Fix a potential hang when using HTTP/2 with the asynchronous Servlet
   API.



The proposed 9.0.26 release is:
[ ] Broken - do not release
[X] Stable - go ahead and release as 9.0.26


Tested with Ubuntu and Windows.

On Windows I received an error on 
org.apache.catalina.core.TestAsyncContextImpl which tests bug 50753.  I 
think it is a fluke in the test case though.  Details below [1].


Igal

[1] Testsuite: org.apache.catalina.core.TestAsyncContextImpl
Tests run: 1, Failures: 0, Errors: 1, Skipped: 0, Time elapsed: 0 sec

Testcase: testBug50753 took 0.004 sec
Caused an ERROR
Forked Java VM exited abnormally. Please note the time in the report does not 
reflect the time until the VM exit.
junit.framework.AssertionFailedError: Forked Java VM exited abnormally. Please 
note the time in the report does not reflect the time until the VM exit.
at java.lang.Thread.run(Thread.java:748)

Re: [VOTE] Release Apache Tomcat 8.5.46

[Michael Osipov]

Am 2019-09-16 um 20:46 schrieb Mark Thomas:

The proposed Apache Tomcat 8.5.46 release is now available for voting.

The major changes compared to the 8.5.45 release are:

- Update to Commons Daemon 1.2.1 to pick up fixes for regressions in
   Commons Daemon 1.2.0, most notably a failure to start when using
   a 32-bit JVM on Windows.

- Avoid an NPE when accessing an https port using http.

- Fix a potential hang when using HTTP/2 with the asynchronous Servlet
   API.

Along with lots of other bug fixes and improvements.

For full details, see the changelog:
https://ci.apache.org/projects/tomcat/tomcat85/docs/changelog.html

It can be obtained from:
https://dist.apache.org/repos/dist/dev/tomcat/tomcat-8/v8.5.46/

The Maven staging repo is:
https://repository.apache.org/content/repositories/orgapachetomcat-1231/

The tag is:
https://github.com/apache/tomcat/tree/8.5.46
914f68b45127207170dff894e03ec31732cac898


+1

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Release Announcement: General Availability of Java 13 / JDK 13

[Rory O'Donnell]

 Hi Mark,

*Release Announcement: General Availability of Java 13 / JDK 13 [1] *

 * JDK 13, the reference implementation of Java 13, is now Generally
   Available.
 * GPL-licensed OpenJDK builds from Oracle are available here:
   https://jdk.java.net/13
 * Release notes - https://jdk.java.net/13/release-notes

This release includes the following five features:

 * 350: Dynamic CDS Archives
 * 351: ZGC: Uncommit Unused Memory
 * 353: Reimplement the Legacy Socket API
 * 354: Switch Expressions (Preview)
 * 355: Text Blocks (Preview)

Along with many smaller enhancements and bug fixes.

Thanks to everyone who contributed JDK 13, whether by creating features 
or enhancements, logging  bugs, or downloading and testing the 
early-access builds.


*JDK 14 EA build 14, under both the GPL and Oracle EA licenses, is now 
available at **http://jdk.java.net/14**.*


 * JEPs targeted to JDK 14, so far
 o 352 - Non-Volatile Mapped Byte Buffers
   
 * Release Notes
 o https://jdk.java.net/14/release-notes
 * Recent Bug fixes of Interest
 o Build 14:
 + 8229785: MethodType::fromMethodDescriptorString requires
   "getClassLoader" permission
 + 8212117: Classes are now loaded and linked by Class.forName()
 + 8228854: Default ErrorListener No Longer Reports Warnings
   and Errors to the Console
 * Changes in this build
   

   [14]

*Quality Report for September 2019 is available*

 * 
https://wiki.openjdk.java.net/display/quality/Quality+Outreach+report+September+2019

Rgds,Rory

[1] 
https://mail.openjdk.java.net/pipermail/jdk-dev/2019-September/003335.html


--
Rgds,Rory O'Donnell
Quality Engineering Manager
Oracle EMEA, Dublin,Ireland

Re: [VOTE] Release Apache Tomcat 9.0.26

[Mark Thomas]

On 17/09/2019 19:46, Igal Sapir wrote:
> On 9/16/2019 9:15 AM, Mark Thomas wrote:
>> The proposed Apache Tomcat 9.0.26 release is now available for voting.
>>
>> The major changes compared to the 9.0.24 release are:
>>
>> - Update to Commons Daemon 1.2.1 to pick up fixes for regressions in
>>   Commons Daemon 1.2.0, most notably a failure to start when using
>>   a 32-bit JVM on Windows.
>>
>> - Avoid an NPE when accessing an https port using http.
>>
>> - Correct the invalid automatic module names for the embedded JARs.
>>
>> - Fix a potential hang when using HTTP/2 with the asynchronous Servlet
>>   API.
>>
>> 
>>
>> The proposed 9.0.26 release is:
>> [ ] Broken - do not release
>> [X] Stable - go ahead and release as 9.0.26
> 
> Tested with Ubuntu and Windows.
> 
> On Windows I received an error on
> org.apache.catalina.core.TestAsyncContextImpl which tests bug 50753.  I
> think it is a fluke in the test case though.  Details below [1].
> 
> Igal
> 
> [1] Testsuite: org.apache.catalina.core.TestAsyncContextImpl
> Tests run: 1, Failures: 0, Errors: 1, Skipped: 0, Time elapsed: 0 sec
> 
> Testcase: testBug50753 took 0.004 sec
>   Caused an ERROR
> Forked Java VM exited abnormally. Please note the time in the report does not 
> reflect the time until the VM exit.
> junit.framework.AssertionFailedError: Forked Java VM exited abnormally. 
> Please note the time in the report does not reflect the time until the VM 
> exit.
>   at java.lang.Thread.run(Thread.java:748)

That usually indicates an APR/native crash during Windows shutdown. It
means we have a (possibly timing related) bug in the APR/native code we
still haven't tracked down. That they aren't easy to reproduce makes
fixing bugs like this tricky.

Mark

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch master updated (4ed0a57 -> 6d6e899)

[markt]

This is an automated email from the ASF dual-hosted git repository.

markt pushed a change to branch master
in repository https://gitbox.apache.org/repos/asf/tomcat.git.


from 4ed0a57  Merge branch 'master' of g...@github.com:apache/tomcat.git
 new 117bbda  Revert "Only decode in standard mode."
 new 6d6e899  Fix HTTP/2 related TCK failures

The 2 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails.  The revisions
listed as "add" were already present in the repository and have only
been added to this reference.


Summary of changes:
 .../apache/coyote/http2/Http2UpgradeHandler.java   |  2 +-
 .../apache/tomcat/util/codec/binary/Base64.java| 39 --
 test/org/apache/coyote/http2/Http2TestBase.java|  2 +-
 webapps/docs/changelog.xml |  9 +
 4 files changed, 40 insertions(+), 12 deletions(-)


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] 02/02: Fix HTTP/2 related TCK failures

[markt]

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/tomcat.git

commit 6d6e899482e889a37fa6c5fe1d7190d7b0ebbf38
Author: Mark Thomas 
AuthorDate: Tue Sep 17 22:03:31 2019 +0100

Fix HTTP/2 related TCK failures

Use URL safe base 64 encoding rather than standard base 64 encoding when
generating or parsing the HTTP2-Settings header as part of
an HTTP upgrade to h2c as required by RFC 7540.
---
 .../apache/coyote/http2/Http2UpgradeHandler.java   |  2 +-
 .../apache/tomcat/util/codec/binary/Base64.java| 32 +-
 test/org/apache/coyote/http2/Http2TestBase.java|  2 +-
 webapps/docs/changelog.xml |  9 ++
 4 files changed, 36 insertions(+), 9 deletions(-)

diff --git a/java/org/apache/coyote/http2/Http2UpgradeHandler.java 
b/java/org/apache/coyote/http2/Http2UpgradeHandler.java
index 10a1f65..e0f3dde 100644
--- a/java/org/apache/coyote/http2/Http2UpgradeHandler.java
+++ b/java/org/apache/coyote/http2/Http2UpgradeHandler.java
@@ -214,7 +214,7 @@ class Http2UpgradeHandler extends AbstractStream implements 
InternalHttpUpgradeH
 // Process the initial settings frame
 stream = getStream(1, true);
 String base64Settings = 
stream.getCoyoteRequest().getHeader(HTTP2_SETTINGS_HEADER);
-byte[] settings = Base64.decodeBase64(base64Settings);
+byte[] settings = Base64.decodeBase64URLSafe(base64Settings);
 
 // Settings are only valid on stream 0
 FrameType.SETTINGS.check(0, settings.length);
diff --git a/java/org/apache/tomcat/util/codec/binary/Base64.java 
b/java/org/apache/tomcat/util/codec/binary/Base64.java
index 99a501c..da1487f 100644
--- a/java/org/apache/tomcat/util/codec/binary/Base64.java
+++ b/java/org/apache/tomcat/util/codec/binary/Base64.java
@@ -110,18 +110,30 @@ public class Base64 extends BaseNCodec {
  * Thanks to "commons" project in ws.apache.org for this code.
  * https://svn.apache.org/repos/asf/webservices/commons/trunk/modules/util/
  */
-private static final byte[] DECODE_TABLE = {
+private static final byte[] STANDARD_DECODE_TABLE = {
 //   0   1   2   3   4   5   6   7   8   9   A   B   C   D   E   F
 -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, // 
00-0f
 -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, // 
10-1f
--1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, 62, -1, 62, -1, 63, // 
20-2f + - /
+-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, 62, -1, -1, -1, 63, // 
20-2f + /
 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, -1, -1, -1, -1, -1, -1, // 
30-3f 0-9
 -1,  0,  1,  2,  3,  4,  5,  6,  7,  8,  9, 10, 11, 12, 13, 14, // 
40-4f A-O
-15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, -1, -1, -1, -1, 63, // 
50-5f P-Z _
+15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, -1, -1, -1, -1, -1, // 
50-5f P-Z
 -1, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, // 
60-6f a-o
 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51  // 
70-7a p-z
 };
 
+private static final byte[] URL_SAFE_DECODE_TABLE = {
+//   0   1   2   3   4   5   6   7   8   9   A   B   C   D   E   F
+-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, 
-1, // 00-0f
+-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, 
-1, // 10-1f
+-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, 62, -1, 
-1, // 20-2f -
+52, 53, 54, 55, 56, 57, 58, 59, 60, 61, -1, -1, -1, -1, -1, 
-1, // 30-3f 0-9
+-1,  0,  1,  2,  3,  4,  5,  6,  7,  8,  9, 10, 11, 12, 13, 
14, // 40-4f A-O
+15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, -1, -1, -1, -1, 
63, // 50-5f P-Z _
+-1, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 
40, // 60-6f a-o
+41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51 
 // 70-7a p-z
+};
+
 /**
  * Base64 uses 6-bit fields.
  */
@@ -140,7 +152,7 @@ public class Base64 extends BaseNCodec {
 private final byte[] encodeTable;
 
 // Only one decode table currently; keep for consistency with Base32 code
-private final byte[] decodeTable = DECODE_TABLE;
+private final byte[] decodeTable;
 
 /**
  * Line separator for encoding. Not used when decoding. Only used if 
lineLength > 0.
@@ -273,6 +285,8 @@ public class Base64 extends BaseNCodec {
 super(BYTES_PER_UNENCODED_BLOCK, BYTES_PER_ENCODED_BLOCK,
 lineLength,
 lineSeparator == null ? 0 : lineSeparator.length);
+// Needs to be set early to avoid NPE during call to 
containsAlphabetOrPad() below
+this.decodeTable = urlSafe ? URL_SAFE_DECODE_TABLE : 
STANDA

[tomcat] 01/02: Revert "Only decode in standard mode."

[markt]

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/tomcat.git

commit 117bbdab820d9be87bff80a773e77c738fb9502c
Author: Mark Thomas 
AuthorDate: Tue Sep 17 20:23:35 2019 +0100

Revert "Only decode in standard mode."

This reverts commit 9fd972c931cf3ce8829a69437b7340f9b0e1e731.
The original commit broke parsing of HTTP upgrade to h2c
---
 java/org/apache/tomcat/util/codec/binary/Base64.java | 15 ---
 1 file changed, 8 insertions(+), 7 deletions(-)

diff --git a/java/org/apache/tomcat/util/codec/binary/Base64.java 
b/java/org/apache/tomcat/util/codec/binary/Base64.java
index 059ff66..99a501c 100644
--- a/java/org/apache/tomcat/util/codec/binary/Base64.java
+++ b/java/org/apache/tomcat/util/codec/binary/Base64.java
@@ -35,7 +35,7 @@ import java.math.BigInteger;
  * Line separator: Default is CRLF ("\r\n")
  * 
  * 
- * The URL-safe parameter is only applied to encode operations. Decoding only 
handles standard mode.
+ * The URL-safe parameter is only applied to encode operations. Decoding 
seamlessly handles both modes.
  * 
  * 
  * Since this class operates directly on byte streams, and not character 
streams, it is hard-coded to only
@@ -104,7 +104,8 @@ public class Base64 extends BaseNCodec {
  * in Table 1 of RFC 2045) into their 6-bit positive integer equivalents. 
Characters that are not in the Base64
  * alphabet but fall within the bounds of the array are translated to -1.
  *
- * Note: The seamless decoding of URL safe values has been disabled 
because Tomcat doesn't use it.
+ * Note: '+' and '-' both decode to 62. '/' and '_' both decode to 63. 
This means decoder seamlessly handles both
+ * URL_SAFE and STANDARD base64. (The encoder, on the other hand, needs to 
know ahead of time what to emit).
  *
  * Thanks to "commons" project in ws.apache.org for this code.
  * https://svn.apache.org/repos/asf/webservices/commons/trunk/modules/util/
@@ -113,10 +114,10 @@ public class Base64 extends BaseNCodec {
 //   0   1   2   3   4   5   6   7   8   9   A   B   C   D   E   F
 -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, // 
00-0f
 -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, // 
10-1f
--1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, 62, -1, -1, -1, 63, // 
20-2f + /
+-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, 62, -1, 62, -1, 63, // 
20-2f + - /
 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, -1, -1, -1, -1, -1, -1, // 
30-3f 0-9
 -1,  0,  1,  2,  3,  4,  5,  6,  7,  8,  9, 10, 11, 12, 13, 14, // 
40-4f A-O
-15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, -1, -1, -1, -1, -1, // 
50-5f P-Z
+15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, -1, -1, -1, -1, 63, // 
50-5f P-Z _
 -1, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, // 
60-6f a-o
 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51  // 
70-7a p-z
 };
@@ -262,7 +263,7 @@ public class Base64 extends BaseNCodec {
  *Each line of encoded data will end with this sequence of 
bytes.
  * @param urlSafe
  *Instead of emitting '+' and '/' we emit '-' and '_' 
respectively. urlSafe is only applied to encode
- *operations. Decoding only handles standard mode.
+ *operations. Decoding seamlessly handles both modes.
  *Note: no padding is added when using the URL-safe 
alphabet.
  * @throws IllegalArgumentException
  * The provided lineSeparator included some base64 characters. 
That's not going to work!
@@ -665,7 +666,7 @@ public class Base64 extends BaseNCodec {
 /**
  * Decodes a Base64 String into octets.
  * 
- * Note: this method only handles data encoded in standard mode.
+ * Note: this method seamlessly handles data encoded in URL-safe or 
normal mode.
  * 
  *
  * @param base64String
@@ -680,7 +681,7 @@ public class Base64 extends BaseNCodec {
 /**
  * Decodes Base64 data into octets.
  * 
- * Note: this method only handles data encoded in standard mode.
+ * Note: this method seamlessly handles data encoded in URL-safe or 
normal mode.
  * 
  *
  * @param base64Data


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] 01/02: Revert "Only decode in standard mode."

[markt]

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git

commit c8fcc65e74d43b8201a50a30f88836264e565f79
Author: Mark Thomas 
AuthorDate: Tue Sep 17 20:23:35 2019 +0100

Revert "Only decode in standard mode."

This reverts commit 9fd972c931cf3ce8829a69437b7340f9b0e1e731.
The original commit broke parsing of HTTP upgrade to h2c
---
 java/org/apache/tomcat/util/codec/binary/Base64.java | 15 ---
 1 file changed, 8 insertions(+), 7 deletions(-)

diff --git a/java/org/apache/tomcat/util/codec/binary/Base64.java 
b/java/org/apache/tomcat/util/codec/binary/Base64.java
index 059ff66..99a501c 100644
--- a/java/org/apache/tomcat/util/codec/binary/Base64.java
+++ b/java/org/apache/tomcat/util/codec/binary/Base64.java
@@ -35,7 +35,7 @@ import java.math.BigInteger;
  * Line separator: Default is CRLF ("\r\n")
  * 
  * 
- * The URL-safe parameter is only applied to encode operations. Decoding only 
handles standard mode.
+ * The URL-safe parameter is only applied to encode operations. Decoding 
seamlessly handles both modes.
  * 
  * 
  * Since this class operates directly on byte streams, and not character 
streams, it is hard-coded to only
@@ -104,7 +104,8 @@ public class Base64 extends BaseNCodec {
  * in Table 1 of RFC 2045) into their 6-bit positive integer equivalents. 
Characters that are not in the Base64
  * alphabet but fall within the bounds of the array are translated to -1.
  *
- * Note: The seamless decoding of URL safe values has been disabled 
because Tomcat doesn't use it.
+ * Note: '+' and '-' both decode to 62. '/' and '_' both decode to 63. 
This means decoder seamlessly handles both
+ * URL_SAFE and STANDARD base64. (The encoder, on the other hand, needs to 
know ahead of time what to emit).
  *
  * Thanks to "commons" project in ws.apache.org for this code.
  * https://svn.apache.org/repos/asf/webservices/commons/trunk/modules/util/
@@ -113,10 +114,10 @@ public class Base64 extends BaseNCodec {
 //   0   1   2   3   4   5   6   7   8   9   A   B   C   D   E   F
 -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, // 
00-0f
 -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, // 
10-1f
--1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, 62, -1, -1, -1, 63, // 
20-2f + /
+-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, 62, -1, 62, -1, 63, // 
20-2f + - /
 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, -1, -1, -1, -1, -1, -1, // 
30-3f 0-9
 -1,  0,  1,  2,  3,  4,  5,  6,  7,  8,  9, 10, 11, 12, 13, 14, // 
40-4f A-O
-15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, -1, -1, -1, -1, -1, // 
50-5f P-Z
+15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, -1, -1, -1, -1, 63, // 
50-5f P-Z _
 -1, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, // 
60-6f a-o
 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51  // 
70-7a p-z
 };
@@ -262,7 +263,7 @@ public class Base64 extends BaseNCodec {
  *Each line of encoded data will end with this sequence of 
bytes.
  * @param urlSafe
  *Instead of emitting '+' and '/' we emit '-' and '_' 
respectively. urlSafe is only applied to encode
- *operations. Decoding only handles standard mode.
+ *operations. Decoding seamlessly handles both modes.
  *Note: no padding is added when using the URL-safe 
alphabet.
  * @throws IllegalArgumentException
  * The provided lineSeparator included some base64 characters. 
That's not going to work!
@@ -665,7 +666,7 @@ public class Base64 extends BaseNCodec {
 /**
  * Decodes a Base64 String into octets.
  * 
- * Note: this method only handles data encoded in standard mode.
+ * Note: this method seamlessly handles data encoded in URL-safe or 
normal mode.
  * 
  *
  * @param base64String
@@ -680,7 +681,7 @@ public class Base64 extends BaseNCodec {
 /**
  * Decodes Base64 data into octets.
  * 
- * Note: this method only handles data encoded in standard mode.
+ * Note: this method seamlessly handles data encoded in URL-safe or 
normal mode.
  * 
  *
  * @param base64Data


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] 02/02: Fix HTTP/2 related TCK failures

[markt]

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git

commit 709b45b42020d6cbc59940ab04380f5b0134b946
Author: Mark Thomas 
AuthorDate: Tue Sep 17 22:03:31 2019 +0100

Fix HTTP/2 related TCK failures

Use URL safe base 64 encoding rather than standard base 64 encoding when
generating or parsing the HTTP2-Settings header as part of
an HTTP upgrade to h2c as required by RFC 7540.
---
 .../apache/coyote/http2/Http2UpgradeHandler.java   |  2 +-
 .../apache/tomcat/util/codec/binary/Base64.java| 32 +-
 test/org/apache/coyote/http2/Http2TestBase.java|  2 +-
 webapps/docs/changelog.xml |  9 ++
 4 files changed, 36 insertions(+), 9 deletions(-)

diff --git a/java/org/apache/coyote/http2/Http2UpgradeHandler.java 
b/java/org/apache/coyote/http2/Http2UpgradeHandler.java
index 0b7c05a..159e5d4 100644
--- a/java/org/apache/coyote/http2/Http2UpgradeHandler.java
+++ b/java/org/apache/coyote/http2/Http2UpgradeHandler.java
@@ -230,7 +230,7 @@ public class Http2UpgradeHandler extends AbstractStream 
implements InternalHttpU
 // Process the initial settings frame
 stream = getStream(1, true);
 String base64Settings = 
stream.getCoyoteRequest().getHeader(HTTP2_SETTINGS_HEADER);
-byte[] settings = Base64.decodeBase64(base64Settings);
+byte[] settings = Base64.decodeBase64URLSafe(base64Settings);
 
 // Settings are only valid on stream 0
 FrameType.SETTINGS.check(0, settings.length);
diff --git a/java/org/apache/tomcat/util/codec/binary/Base64.java 
b/java/org/apache/tomcat/util/codec/binary/Base64.java
index 99a501c..da1487f 100644
--- a/java/org/apache/tomcat/util/codec/binary/Base64.java
+++ b/java/org/apache/tomcat/util/codec/binary/Base64.java
@@ -110,18 +110,30 @@ public class Base64 extends BaseNCodec {
  * Thanks to "commons" project in ws.apache.org for this code.
  * https://svn.apache.org/repos/asf/webservices/commons/trunk/modules/util/
  */
-private static final byte[] DECODE_TABLE = {
+private static final byte[] STANDARD_DECODE_TABLE = {
 //   0   1   2   3   4   5   6   7   8   9   A   B   C   D   E   F
 -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, // 
00-0f
 -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, // 
10-1f
--1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, 62, -1, 62, -1, 63, // 
20-2f + - /
+-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, 62, -1, -1, -1, 63, // 
20-2f + /
 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, -1, -1, -1, -1, -1, -1, // 
30-3f 0-9
 -1,  0,  1,  2,  3,  4,  5,  6,  7,  8,  9, 10, 11, 12, 13, 14, // 
40-4f A-O
-15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, -1, -1, -1, -1, 63, // 
50-5f P-Z _
+15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, -1, -1, -1, -1, -1, // 
50-5f P-Z
 -1, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, // 
60-6f a-o
 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51  // 
70-7a p-z
 };
 
+private static final byte[] URL_SAFE_DECODE_TABLE = {
+//   0   1   2   3   4   5   6   7   8   9   A   B   C   D   E   F
+-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, 
-1, // 00-0f
+-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, 
-1, // 10-1f
+-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, 62, -1, 
-1, // 20-2f -
+52, 53, 54, 55, 56, 57, 58, 59, 60, 61, -1, -1, -1, -1, -1, 
-1, // 30-3f 0-9
+-1,  0,  1,  2,  3,  4,  5,  6,  7,  8,  9, 10, 11, 12, 13, 
14, // 40-4f A-O
+15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, -1, -1, -1, -1, 
63, // 50-5f P-Z _
+-1, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 
40, // 60-6f a-o
+41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51 
 // 70-7a p-z
+};
+
 /**
  * Base64 uses 6-bit fields.
  */
@@ -140,7 +152,7 @@ public class Base64 extends BaseNCodec {
 private final byte[] encodeTable;
 
 // Only one decode table currently; keep for consistency with Base32 code
-private final byte[] decodeTable = DECODE_TABLE;
+private final byte[] decodeTable;
 
 /**
  * Line separator for encoding. Not used when decoding. Only used if 
lineLength > 0.
@@ -273,6 +285,8 @@ public class Base64 extends BaseNCodec {
 super(BYTES_PER_UNENCODED_BLOCK, BYTES_PER_ENCODED_BLOCK,
 lineLength,
 lineSeparator == null ? 0 : lineSeparator.length);
+// Needs to be set early to avoid NPE during call to 
containsAlphabetOrPad() below
+this.decodeTable = urlSafe ? URL_SAFE_DECODE_TABLE : 
STANDAR

[tomcat] branch 8.5.x updated (cddf523 -> 709b45b)

[markt]

This is an automated email from the ASF dual-hosted git repository.

markt pushed a change to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git.


from cddf523  Increment version number for next development cycle
 new c8fcc65  Revert "Only decode in standard mode."
 new 709b45b  Fix HTTP/2 related TCK failures

The 2 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails.  The revisions
listed as "add" were already present in the repository and have only
been added to this reference.


Summary of changes:
 .../apache/coyote/http2/Http2UpgradeHandler.java   |  2 +-
 .../apache/tomcat/util/codec/binary/Base64.java| 39 --
 test/org/apache/coyote/http2/Http2TestBase.java|  2 +-
 webapps/docs/changelog.xml |  9 +
 4 files changed, 40 insertions(+), 12 deletions(-)


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: [VOTE] Release Apache Tomcat 9.0.26

[Rémy Maucherat]

On Mon, Sep 16, 2019 at 6:15 PM Mark Thomas  wrote:

> The proposed Apache Tomcat 9.0.26 release is now available for voting.
>
> The major changes compared to the 9.0.24 release are:
>
> - Update to Commons Daemon 1.2.1 to pick up fixes for regressions in
>   Commons Daemon 1.2.0, most notably a failure to start when using
>   a 32-bit JVM on Windows.
>
> - Avoid an NPE when accessing an https port using http.
>
> - Correct the invalid automatic module names for the embedded JARs.
>
> - Fix a potential hang when using HTTP/2 with the asynchronous Servlet
>   API.
>
> Along with lots of other bug fixes and improvements.
>
> For full details, see the changelog:
> https://ci.apache.org/projects/tomcat/tomcat9/docs/changelog.html
>
> It can be obtained from:
> https://dist.apache.org/repos/dist/dev/tomcat/tomcat-9/v9.0.26/
> The Maven staging repo is:
> https://repository.apache.org/content/repositories/orgapachetomcat-1230/
> The tag is:
> https://github.com/apache/tomcat/tree/9.0.26
>
>
> The proposed 9.0.26 release is:
> [ ] Broken - do not release
> [X] Stable - go ahead and release as 9.0.26
>
> Rémy

Re: [VOTE] Release Apache Tomcat 8.5.46

[Rémy Maucherat]

On Mon, Sep 16, 2019 at 8:46 PM Mark Thomas  wrote:

> The proposed Apache Tomcat 8.5.46 release is now available for voting.
>
> The major changes compared to the 8.5.45 release are:
>
> - Update to Commons Daemon 1.2.1 to pick up fixes for regressions in
>   Commons Daemon 1.2.0, most notably a failure to start when using
>   a 32-bit JVM on Windows.
>
> - Avoid an NPE when accessing an https port using http.
>
> - Fix a potential hang when using HTTP/2 with the asynchronous Servlet
>   API.
>
> Along with lots of other bug fixes and improvements.
>
> For full details, see the changelog:
> https://ci.apache.org/projects/tomcat/tomcat85/docs/changelog.html
>
> It can be obtained from:
> https://dist.apache.org/repos/dist/dev/tomcat/tomcat-8/v8.5.46/
>
> The Maven staging repo is:
> https://repository.apache.org/content/repositories/orgapachetomcat-1231/
>
> The tag is:
> https://github.com/apache/tomcat/tree/8.5.46
> 914f68b45127207170dff894e03ec31732cac898
>
> The proposed 8.5.46 release is:
> [ ] Broken - do not release
> [X] Stable - go ahead and release as 8.5.46
>

Rémy

buildbot failure in on tomcat-trunk

[buildbot]

The Buildbot has detected a new failure on builder tomcat-trunk while building 
tomcat. Full details are available at:
https://ci.apache.org/builders/tomcat-trunk/builds/4615

Buildbot URL: https://ci.apache.org/

Buildslave for this Build: asf946_ubuntu

Build Reason: The AnyBranchScheduler scheduler named 'on-tomcat-commit' 
triggered this build
Build Source Stamp: [branch master] 6d6e899482e889a37fa6c5fe1d7190d7b0ebbf38
Blamelist: Mark Thomas 

BUILD FAILED: failed compile_1

Sincerely,
 -The Buildbot




-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: [VOTE] Release Apache Tomcat 9.0.26

[Igal Sapir]

Mark,

On 9/17/2019 1:56 PM, Mark Thomas wrote:

On 17/09/2019 19:46, Igal Sapir wrote:

On 9/16/2019 9:15 AM, Mark Thomas wrote:

The proposed Apache Tomcat 9.0.26 release is now available for voting.



[1] Testsuite: org.apache.catalina.core.TestAsyncContextImpl
Tests run: 1, Failures: 0, Errors: 1, Skipped: 0, Time elapsed: 0 sec

Testcase: testBug50753 took 0.004 sec
Caused an ERROR
Forked Java VM exited abnormally. Please note the time in the report does not 
reflect the time until the VM exit.
junit.framework.AssertionFailedError: Forked Java VM exited abnormally. Please 
note the time in the report does not reflect the time until the VM exit.
at java.lang.Thread.run(Thread.java:748)

That usually indicates an APR/native crash during Windows shutdown. It
means we have a (possibly timing related) bug in the APR/native code we
still haven't tracked down. That they aren't easy to reproduce makes
fixing bugs like this tricky.


In my user's home directory I have a build.properties file pointing to 
an older native lib:


test.apr.loc=E:/Downloads/tomcat-native-1.2.21-openssl-1.1.1a-win32-bin/bin/x64

I will try to test again with the current version (1.2.23) in the coming 
days.


Thanks,

Igal




-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: [VOTE] Release Apache Tomcat 8.5.46

[Igal Sapir]

On 9/16/2019 11:46 AM, Mark Thomas wrote:

The proposed Apache Tomcat 8.5.46 release is now available for voting.

The proposed 8.5.46 release is:
[ ] Broken - do not release
[X] Stable - go ahead and release as 8.5.46


Igal




-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org