date:20210916

[Bug 65571] ClientAbortException in Tomcat 9.0.50 and 9.0.52

2021-09-16 Thread bugzilla

https://bz.apache.org/bugzilla/show_bug.cgi?id=65571

Mark Thomas  changed:

   What|Removed |Added

 Status|NEW |NEEDINFO

--- Comment #1 from Mark Thomas  ---
There is not enough information provided in this report for the Tomcat
community to investigate.

As a minimum we need:
- the full stack trace
- a description of what triggered the issue
- the steps to reproduce this issue from a clean install of the latest 9.0.x
release (9.0.53 as I write this).

Without the above information this issue will eventually be resolved as
WONTFIX.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 65553] Orphaned thread by JNDIRealm / clearReferencesThreads reports memory leak

2021-09-16 Thread bugzilla

https://bz.apache.org/bugzilla/show_bug.cgi?id=65553

--- Comment #5 from Mark Thomas  ---
OpenJDK bug created

https://bugs.openjdk.java.net/browse/JDK-8273874

We will still need to address this in Tomcat to cover the time until we can
guarantee that the version of the JRE that Tomcat is running on has the
appropriate fix.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch main updated: Align with KEYS file in download area

2021-09-16 Thread markt

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/main by this push:
 new ef12a62  Align with KEYS file in download area
ef12a62 is described below

commit ef12a6207b149120e4668b7d988b53ad66c9212f
Author: Mark Thomas 
AuthorDate: Thu Sep 16 09:29:06 2021 +0100

Align with KEYS file in download area
---
 KEYS | 1085 ++
 1 file changed, 431 insertions(+), 654 deletions(-)

diff --git a/KEYS b/KEYS
index b77087b..4b5ee9f 100644
--- a/KEYS
+++ b/KEYS
@@ -13,664 +13,441 @@ Apache developers: please ensure that your key is also 
available via the
 PGP keyservers (such as pgpkeys.mit.edu).
 
 
-Type Bits/KeyIDDate   User ID
-pub  2048/F22C4FED 2001/07/02 Andy Armstrong 
-
--BEGIN PGP PUBLIC KEY BLOCK-
-Version: PGPfreeware 7.0.3 for non-commercial use 
-
-mQGiBDtAWuURBADZ0KUEyUkSUiTA09e7tvEbX25STsjxrR+DNTainCls+XlkVOij
-gBv216lqge9tIsS0L6hCP4OQbFf/64qVtJssX4QXdyiZGb5wpmcj0Mz602Ew8r+N
-I0S5NvmogoYWW7BlP4r61jNxO5zrr03KaijM5r4ipJdLUxyOmM6P2jRPUwCg/5gm
-bpqiYl7pXX5FgDeB36tmD+UD/06iLqOnoiKO0vMbOk7URclhCObMNrHqxTxozMTS
-B9soYURbIeArei+plYo2n+1qB12ayybjhVu3uksXRdT9bEkyxMfslvLbIpDAG8Cz
-gNftTbKx/MVS7cQU0II8BKo2Akr+1FZah+sD4ovK8SfkMXUQUbTeefTntsAQKyyU
-9M9tA/9on9tBiHFl0qVJht6N4GiJ2G689v7rS2giLgKjetjiCduxBXEgvUSuyQID
-nF9ATrpXjITwsRlGKFmpZiFm5oCeCXihIVH0u6q066xNW2AXkLVoJ1l1Rs2Z0lsb
-0cq3xEAcwAmYLKQvCtgDV8CYgWKVmPi+49rSuQn7Lo9l02OUbLQgQW5keSBBcm1z
-dHJvbmcgPGFuZHlAdGFnaXNoLmNvbT6JAFgEEBECABgFAjtAWuUICwMJCAcCAQoC
-GQEFGwMACgkQajrT9PIsT+1plgCfXAovWnVL3MjrTfcGlFSKw7GHCSYAoJkz
-x+r2ANe8/0e+u5ZcYtSaSry+uQINBDtAWuUQCAD2Qle3CH8IF3KiutapQvMF6PlT
-ETlPtvFuuUs4INoBp1ajFOmPQFXz0AfGy0OplK33TGSGSfgMg71l6RfUodNQ+PVZ
-X9x2Uk89PY3bzpnhV5JZzf24rnRPxfx2vIPFRzBhznzJZv8V+bv9kV7HAarTW56N
-oKVyOtQa8L9GAFgr5fSI/VhOSdvNILSd5JEHNmszbDgNRR0PfIizHHxbLY7288kj
-wEPwpVsYjY67VYy4XTjTNP18F1dDox0YbN4zISy1Kv884bEpQBgRjXyEpwpy1obE
-AxnIByl6ypUM2Zafq9AKUJsCRtMIPWakXUGfnHy9iUsiGSa6q6Jew1XpMgs7AAIC
-B/0eHkYQ0Rv6s21TgpOzRBon+rQAv9ka0PlC7bj2eYWsCOBib8K7qO8hND0sW59p
-0uFQ01X7kC7L/4Ls1HTk0chEZMV0UrGAOKXHY1QFlxrNtFi5U3pTPITXDDfy+g/G
-6FTX3PLnGGvwXbtaiAq5UjQ6iXm03lh0BW6Q+kPtm8swPPfqfjYv0rrT+I8Ic3p2
-HplWKR2bpi3wqCSKB/AaTQJwTbh2x2+2cPVONPodgjZSJ9eQkErejkNSvqbumlTx
-dB81eoGa0Lo2xE7N+DNlCnILGE0X4hPMdj+N5fmyEbyx0WOB8crvCuODGGEQnXs/
-zbVO7FP+rj7YWjRh5pVD3bGiiQBMBBgRAgAMBQI7QFrlBRsMAAoJEGo60/Ty
-LE/tj/QAoOFNFa7rbAy+eT6mRNb7XztfcAbWAKD6Gd6S/7lEJU0k2TS5tozt4jMl
-vw==
-=/91Q
--END PGP PUBLIC KEY BLOCK-
-
-Type Bits/KeyIDDate   User ID
-pub  1024D/86867BA6 2001-11-22 Jean-Frederic Clere (jfclere) 

-
--BEGIN PGP PUBLIC KEY BLOCK-
-Version: GnuPG v1.0.5 (GNU/Linux)
-Comment: For info see http://www.gnupg.org
-
-mQGiBDv9Gx8RBADclmKwDLcibNVipQnhYW+bFIpuQjQnRrqRwn3gXM+/luzzJYJ4
-bbWpw13zjX0EkrAJ8qH2A/d0EIU1eZ0zHrLgRvMUfLGFUX7FFFw18JKFLTVGhG4/
-8sSl3ydHSA2Kd1PF6xjBP7iM7sg5dJfEkyMzvK5H4F0ZpTqy3087wsg1wwCgitRy
-Zg4x3lWZSkOwBj472qaO9GkD/2q6kyWfAK6XFe3GuB5AAs3poMfN1eqW+duM4TA8
-zUiWK0Wxx4JXJbL7n0i4d+JdXJsrjSjF++KKfelcxsrSxoUIBegez25MUSvHe09D
-R3nqkY8CVO+viEtzRBqkSgCMbUjAtfkQ+vp2jDnWSmmkNfY0OYAzt+KRyJKcjUSJ
-gvOOA/45+DN9wuTELoFTvsXh1JgOL/QvW1fmQ2HrcQk94BkzIsfVGWClCiig5gNw
-LCxTbfgA5htpI8U7vPR9/5gH7U8Wy3HR6xQUZxcbttMeYit2VbDEJzF5r5S0pJvD
-vyk3n1kiKU7r49sjhxGgE8J/VvDpO6YcIsDs8LoULwuJTg0DTrRDSmVhbi1GcmVk
-ZXJpYyBDbGVyZSAoamZjbGVyZSkgPEpGcmVkZXJpYy5DbGVyZUBmdWppdHN1LXNp
-ZW1lbnMuY29tPohXBBMRAgAXBQI7/RsfBQsHCgMEAxUDAgMWAgECF4AACgkQ0+/m
-toaGe6amGQCeJU5VZ8QCi8+PY0QJHPA63e5uPyoAmgOWIwFm8A/xmW8qjEvVAWtb
-TjZxuQENBDv9GyMQBACCbFlSF+udW/Qz2oknDen8Hoql4Q1Q7CUQTbPjoQAcYgZg
-LrsR6hc9aCIf3Kt4qZBgQ1Oe9M/AemOFhU04UNp3dgHk91EYRvx80Rua992p/8V7
-QOhwIBVb2XE8as5nL2j8w6Jz7eSs/bivxm9yD0AH/I5H01RAJivRbOTsUgSkDwAD
-BQP5ARlW2Nqc0U17asQsmMYvT1UMiOiyBwUD/DIEG2Xy1hlEvdljg8WU26jcjpGq
-MrT69T4Z+eZ2oVyiRQTW4qMUBKc0Nbz89hL0qv9K41ExxxH+JgE1csRVvmwAT8Iy
-lnhof7TJLRBtvan3+p21Kxl1uQ7MbmLT875u+vc+J098fIiIRgQYEQIABgUCO/0b
-IwAKCRDT7+a2hoZ7pn9UAJ9f0TK0QQOtjQBvxAissopYhDKHGACePZg0k9sj69yw
-nVWrBS9fvFC9jcA=
-=BTiM
--END PGP PUBLIC KEY BLOCK-
-
-Type Bits/KeyIDDate   User ID
-pub  1024D/E86E29AC 2002-02-13 kevin seguin 
-
--BEGIN PGP PUBLIC KEY BLOCK-
-Version: GnuPG v1.0.6 (MingW32)
-Comment: For info see http://www.gnupg.org
-
-mQGiBDxqtR8RBACbySxGrtf+flbowryS1Hj4z3zzEXD4CAEq6RjSGMtIraCDRJfp
-6Gexs+lQ6IhpdC4GfX70SUMjXXvT5suhXYeGOM4iJHqUsksgzEKjUqcfj1l3qmOs
-/doE8lcGGHcYbMplBcfuop+shZYiv9GEJ3gutwn/dNnhs/QA9bCdIj03lwCgvAcy
-QpT5JdTym2p2icd5e91mGIUEAJMw6JHTTcCiyoTRy7k8Cf65d8S7bTDLr6pqJVE2
-XU41CvW/pgL31akYAxpeZJJnsBaLaUiqh6K0qgfEMlDwDeC6gVogHBxWkEXdK1dr
-tGL4GIUcxQ1+ZvQhGg7dtjanmfMlylVgS+C48awJySkinRmaQDbQ0MKdFchLc/y1
-OR3IA/0VkIvlidehMPbZCalqhS9AEsDiFq5/u5AsQzDEp2nmTGlmBqjhc39kEnu4
-qKq08az1Gt6Q7sxXbjH/jYtDgd49FW5Yg4k5B3hpTgnbyRE6SGlKksu8qTmYkDve
-4rej6pvJRHwp6hDKxDG8qQoLWIgOfVC8960nurqx56QdV9YMsLQga2V2

[tomcat] branch 10.0.x updated: Align with KEYS file in download area

2021-09-16 Thread markt

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 10.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/10.0.x by this push:
 new cd96595  Align with KEYS file in download area
cd96595 is described below

commit cd96595e71ca6a37a243cf9bba87a7668a18d074
Author: Mark Thomas 
AuthorDate: Thu Sep 16 09:29:17 2021 +0100

Align with KEYS file in download area
---
 KEYS | 1085 ++
 1 file changed, 431 insertions(+), 654 deletions(-)

diff --git a/KEYS b/KEYS
index b77087b..4b5ee9f 100644
--- a/KEYS
+++ b/KEYS
@@ -13,664 +13,441 @@ Apache developers: please ensure that your key is also 
available via the
 PGP keyservers (such as pgpkeys.mit.edu).
 
 
-Type Bits/KeyIDDate   User ID
-pub  2048/F22C4FED 2001/07/02 Andy Armstrong 
-
--BEGIN PGP PUBLIC KEY BLOCK-
-Version: PGPfreeware 7.0.3 for non-commercial use 
-
-mQGiBDtAWuURBADZ0KUEyUkSUiTA09e7tvEbX25STsjxrR+DNTainCls+XlkVOij
-gBv216lqge9tIsS0L6hCP4OQbFf/64qVtJssX4QXdyiZGb5wpmcj0Mz602Ew8r+N
-I0S5NvmogoYWW7BlP4r61jNxO5zrr03KaijM5r4ipJdLUxyOmM6P2jRPUwCg/5gm
-bpqiYl7pXX5FgDeB36tmD+UD/06iLqOnoiKO0vMbOk7URclhCObMNrHqxTxozMTS
-B9soYURbIeArei+plYo2n+1qB12ayybjhVu3uksXRdT9bEkyxMfslvLbIpDAG8Cz
-gNftTbKx/MVS7cQU0II8BKo2Akr+1FZah+sD4ovK8SfkMXUQUbTeefTntsAQKyyU
-9M9tA/9on9tBiHFl0qVJht6N4GiJ2G689v7rS2giLgKjetjiCduxBXEgvUSuyQID
-nF9ATrpXjITwsRlGKFmpZiFm5oCeCXihIVH0u6q066xNW2AXkLVoJ1l1Rs2Z0lsb
-0cq3xEAcwAmYLKQvCtgDV8CYgWKVmPi+49rSuQn7Lo9l02OUbLQgQW5keSBBcm1z
-dHJvbmcgPGFuZHlAdGFnaXNoLmNvbT6JAFgEEBECABgFAjtAWuUICwMJCAcCAQoC
-GQEFGwMACgkQajrT9PIsT+1plgCfXAovWnVL3MjrTfcGlFSKw7GHCSYAoJkz
-x+r2ANe8/0e+u5ZcYtSaSry+uQINBDtAWuUQCAD2Qle3CH8IF3KiutapQvMF6PlT
-ETlPtvFuuUs4INoBp1ajFOmPQFXz0AfGy0OplK33TGSGSfgMg71l6RfUodNQ+PVZ
-X9x2Uk89PY3bzpnhV5JZzf24rnRPxfx2vIPFRzBhznzJZv8V+bv9kV7HAarTW56N
-oKVyOtQa8L9GAFgr5fSI/VhOSdvNILSd5JEHNmszbDgNRR0PfIizHHxbLY7288kj
-wEPwpVsYjY67VYy4XTjTNP18F1dDox0YbN4zISy1Kv884bEpQBgRjXyEpwpy1obE
-AxnIByl6ypUM2Zafq9AKUJsCRtMIPWakXUGfnHy9iUsiGSa6q6Jew1XpMgs7AAIC
-B/0eHkYQ0Rv6s21TgpOzRBon+rQAv9ka0PlC7bj2eYWsCOBib8K7qO8hND0sW59p
-0uFQ01X7kC7L/4Ls1HTk0chEZMV0UrGAOKXHY1QFlxrNtFi5U3pTPITXDDfy+g/G
-6FTX3PLnGGvwXbtaiAq5UjQ6iXm03lh0BW6Q+kPtm8swPPfqfjYv0rrT+I8Ic3p2
-HplWKR2bpi3wqCSKB/AaTQJwTbh2x2+2cPVONPodgjZSJ9eQkErejkNSvqbumlTx
-dB81eoGa0Lo2xE7N+DNlCnILGE0X4hPMdj+N5fmyEbyx0WOB8crvCuODGGEQnXs/
-zbVO7FP+rj7YWjRh5pVD3bGiiQBMBBgRAgAMBQI7QFrlBRsMAAoJEGo60/Ty
-LE/tj/QAoOFNFa7rbAy+eT6mRNb7XztfcAbWAKD6Gd6S/7lEJU0k2TS5tozt4jMl
-vw==
-=/91Q
--END PGP PUBLIC KEY BLOCK-
-
-Type Bits/KeyIDDate   User ID
-pub  1024D/86867BA6 2001-11-22 Jean-Frederic Clere (jfclere) 

-
--BEGIN PGP PUBLIC KEY BLOCK-
-Version: GnuPG v1.0.5 (GNU/Linux)
-Comment: For info see http://www.gnupg.org
-
-mQGiBDv9Gx8RBADclmKwDLcibNVipQnhYW+bFIpuQjQnRrqRwn3gXM+/luzzJYJ4
-bbWpw13zjX0EkrAJ8qH2A/d0EIU1eZ0zHrLgRvMUfLGFUX7FFFw18JKFLTVGhG4/
-8sSl3ydHSA2Kd1PF6xjBP7iM7sg5dJfEkyMzvK5H4F0ZpTqy3087wsg1wwCgitRy
-Zg4x3lWZSkOwBj472qaO9GkD/2q6kyWfAK6XFe3GuB5AAs3poMfN1eqW+duM4TA8
-zUiWK0Wxx4JXJbL7n0i4d+JdXJsrjSjF++KKfelcxsrSxoUIBegez25MUSvHe09D
-R3nqkY8CVO+viEtzRBqkSgCMbUjAtfkQ+vp2jDnWSmmkNfY0OYAzt+KRyJKcjUSJ
-gvOOA/45+DN9wuTELoFTvsXh1JgOL/QvW1fmQ2HrcQk94BkzIsfVGWClCiig5gNw
-LCxTbfgA5htpI8U7vPR9/5gH7U8Wy3HR6xQUZxcbttMeYit2VbDEJzF5r5S0pJvD
-vyk3n1kiKU7r49sjhxGgE8J/VvDpO6YcIsDs8LoULwuJTg0DTrRDSmVhbi1GcmVk
-ZXJpYyBDbGVyZSAoamZjbGVyZSkgPEpGcmVkZXJpYy5DbGVyZUBmdWppdHN1LXNp
-ZW1lbnMuY29tPohXBBMRAgAXBQI7/RsfBQsHCgMEAxUDAgMWAgECF4AACgkQ0+/m
-toaGe6amGQCeJU5VZ8QCi8+PY0QJHPA63e5uPyoAmgOWIwFm8A/xmW8qjEvVAWtb
-TjZxuQENBDv9GyMQBACCbFlSF+udW/Qz2oknDen8Hoql4Q1Q7CUQTbPjoQAcYgZg
-LrsR6hc9aCIf3Kt4qZBgQ1Oe9M/AemOFhU04UNp3dgHk91EYRvx80Rua992p/8V7
-QOhwIBVb2XE8as5nL2j8w6Jz7eSs/bivxm9yD0AH/I5H01RAJivRbOTsUgSkDwAD
-BQP5ARlW2Nqc0U17asQsmMYvT1UMiOiyBwUD/DIEG2Xy1hlEvdljg8WU26jcjpGq
-MrT69T4Z+eZ2oVyiRQTW4qMUBKc0Nbz89hL0qv9K41ExxxH+JgE1csRVvmwAT8Iy
-lnhof7TJLRBtvan3+p21Kxl1uQ7MbmLT875u+vc+J098fIiIRgQYEQIABgUCO/0b
-IwAKCRDT7+a2hoZ7pn9UAJ9f0TK0QQOtjQBvxAissopYhDKHGACePZg0k9sj69yw
-nVWrBS9fvFC9jcA=
-=BTiM
--END PGP PUBLIC KEY BLOCK-
-
-Type Bits/KeyIDDate   User ID
-pub  1024D/E86E29AC 2002-02-13 kevin seguin 
-
--BEGIN PGP PUBLIC KEY BLOCK-
-Version: GnuPG v1.0.6 (MingW32)
-Comment: For info see http://www.gnupg.org
-
-mQGiBDxqtR8RBACbySxGrtf+flbowryS1Hj4z3zzEXD4CAEq6RjSGMtIraCDRJfp
-6Gexs+lQ6IhpdC4GfX70SUMjXXvT5suhXYeGOM4iJHqUsksgzEKjUqcfj1l3qmOs
-/doE8lcGGHcYbMplBcfuop+shZYiv9GEJ3gutwn/dNnhs/QA9bCdIj03lwCgvAcy
-QpT5JdTym2p2icd5e91mGIUEAJMw6JHTTcCiyoTRy7k8Cf65d8S7bTDLr6pqJVE2
-XU41CvW/pgL31akYAxpeZJJnsBaLaUiqh6K0qgfEMlDwDeC6gVogHBxWkEXdK1dr
-tGL4GIUcxQ1+ZvQhGg7dtjanmfMlylVgS+C48awJySkinRmaQDbQ0MKdFchLc/y1
-OR3IA/0VkIvlidehMPbZCalqhS9AEsDiFq5/u5AsQzDEp2nmTGlmBqjhc39kEnu4
-qKq08az1Gt6Q7sxXbjH/jYtDgd49FW5Yg4k5B3hpTgnbyRE6SGlKksu8qTmYkDve
-4rej6pvJRHwp6hDKxDG8qQoLWIgOfVC8960nurqx56QdV9YMsLQg

[tomcat] branch 9.0.x updated: Align with KEYS file in download area

2021-09-16 Thread markt

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/9.0.x by this push:
 new 1bc0068  Align with KEYS file in download area
1bc0068 is described below

commit 1bc006862f4b96e07798edc6e3fee36b363d0bf8
Author: Mark Thomas 
AuthorDate: Thu Sep 16 09:29:26 2021 +0100

Align with KEYS file in download area
---
 KEYS | 499 ---
 1 file changed, 499 deletions(-)

diff --git a/KEYS b/KEYS
index 14fee51..9290cf2 100644
--- a/KEYS
+++ b/KEYS
@@ -13,209 +13,6 @@ Apache developers: please ensure that your key is also 
available via the
 PGP keyservers (such as pgpkeys.mit.edu).
 
 
-Type Bits/KeyIDDate   User ID
-pub  2048/F22C4FED 2001/07/02 Andy Armstrong 
-
--BEGIN PGP PUBLIC KEY BLOCK-
-Version: PGPfreeware 7.0.3 for non-commercial use 
-
-mQGiBDtAWuURBADZ0KUEyUkSUiTA09e7tvEbX25STsjxrR+DNTainCls+XlkVOij
-gBv216lqge9tIsS0L6hCP4OQbFf/64qVtJssX4QXdyiZGb5wpmcj0Mz602Ew8r+N
-I0S5NvmogoYWW7BlP4r61jNxO5zrr03KaijM5r4ipJdLUxyOmM6P2jRPUwCg/5gm
-bpqiYl7pXX5FgDeB36tmD+UD/06iLqOnoiKO0vMbOk7URclhCObMNrHqxTxozMTS
-B9soYURbIeArei+plYo2n+1qB12ayybjhVu3uksXRdT9bEkyxMfslvLbIpDAG8Cz
-gNftTbKx/MVS7cQU0II8BKo2Akr+1FZah+sD4ovK8SfkMXUQUbTeefTntsAQKyyU
-9M9tA/9on9tBiHFl0qVJht6N4GiJ2G689v7rS2giLgKjetjiCduxBXEgvUSuyQID
-nF9ATrpXjITwsRlGKFmpZiFm5oCeCXihIVH0u6q066xNW2AXkLVoJ1l1Rs2Z0lsb
-0cq3xEAcwAmYLKQvCtgDV8CYgWKVmPi+49rSuQn7Lo9l02OUbLQgQW5keSBBcm1z
-dHJvbmcgPGFuZHlAdGFnaXNoLmNvbT6JAFgEEBECABgFAjtAWuUICwMJCAcCAQoC
-GQEFGwMACgkQajrT9PIsT+1plgCfXAovWnVL3MjrTfcGlFSKw7GHCSYAoJkz
-x+r2ANe8/0e+u5ZcYtSaSry+uQINBDtAWuUQCAD2Qle3CH8IF3KiutapQvMF6PlT
-ETlPtvFuuUs4INoBp1ajFOmPQFXz0AfGy0OplK33TGSGSfgMg71l6RfUodNQ+PVZ
-X9x2Uk89PY3bzpnhV5JZzf24rnRPxfx2vIPFRzBhznzJZv8V+bv9kV7HAarTW56N
-oKVyOtQa8L9GAFgr5fSI/VhOSdvNILSd5JEHNmszbDgNRR0PfIizHHxbLY7288kj
-wEPwpVsYjY67VYy4XTjTNP18F1dDox0YbN4zISy1Kv884bEpQBgRjXyEpwpy1obE
-AxnIByl6ypUM2Zafq9AKUJsCRtMIPWakXUGfnHy9iUsiGSa6q6Jew1XpMgs7AAIC
-B/0eHkYQ0Rv6s21TgpOzRBon+rQAv9ka0PlC7bj2eYWsCOBib8K7qO8hND0sW59p
-0uFQ01X7kC7L/4Ls1HTk0chEZMV0UrGAOKXHY1QFlxrNtFi5U3pTPITXDDfy+g/G
-6FTX3PLnGGvwXbtaiAq5UjQ6iXm03lh0BW6Q+kPtm8swPPfqfjYv0rrT+I8Ic3p2
-HplWKR2bpi3wqCSKB/AaTQJwTbh2x2+2cPVONPodgjZSJ9eQkErejkNSvqbumlTx
-dB81eoGa0Lo2xE7N+DNlCnILGE0X4hPMdj+N5fmyEbyx0WOB8crvCuODGGEQnXs/
-zbVO7FP+rj7YWjRh5pVD3bGiiQBMBBgRAgAMBQI7QFrlBRsMAAoJEGo60/Ty
-LE/tj/QAoOFNFa7rbAy+eT6mRNb7XztfcAbWAKD6Gd6S/7lEJU0k2TS5tozt4jMl
-vw==
-=/91Q
--END PGP PUBLIC KEY BLOCK-
-
-Type Bits/KeyIDDate   User ID
-pub  1024D/86867BA6 2001-11-22 Jean-Frederic Clere (jfclere) 

-
--BEGIN PGP PUBLIC KEY BLOCK-
-Version: GnuPG v1.0.5 (GNU/Linux)
-Comment: For info see http://www.gnupg.org
-
-mQGiBDv9Gx8RBADclmKwDLcibNVipQnhYW+bFIpuQjQnRrqRwn3gXM+/luzzJYJ4
-bbWpw13zjX0EkrAJ8qH2A/d0EIU1eZ0zHrLgRvMUfLGFUX7FFFw18JKFLTVGhG4/
-8sSl3ydHSA2Kd1PF6xjBP7iM7sg5dJfEkyMzvK5H4F0ZpTqy3087wsg1wwCgitRy
-Zg4x3lWZSkOwBj472qaO9GkD/2q6kyWfAK6XFe3GuB5AAs3poMfN1eqW+duM4TA8
-zUiWK0Wxx4JXJbL7n0i4d+JdXJsrjSjF++KKfelcxsrSxoUIBegez25MUSvHe09D
-R3nqkY8CVO+viEtzRBqkSgCMbUjAtfkQ+vp2jDnWSmmkNfY0OYAzt+KRyJKcjUSJ
-gvOOA/45+DN9wuTELoFTvsXh1JgOL/QvW1fmQ2HrcQk94BkzIsfVGWClCiig5gNw
-LCxTbfgA5htpI8U7vPR9/5gH7U8Wy3HR6xQUZxcbttMeYit2VbDEJzF5r5S0pJvD
-vyk3n1kiKU7r49sjhxGgE8J/VvDpO6YcIsDs8LoULwuJTg0DTrRDSmVhbi1GcmVk
-ZXJpYyBDbGVyZSAoamZjbGVyZSkgPEpGcmVkZXJpYy5DbGVyZUBmdWppdHN1LXNp
-ZW1lbnMuY29tPohXBBMRAgAXBQI7/RsfBQsHCgMEAxUDAgMWAgECF4AACgkQ0+/m
-toaGe6amGQCeJU5VZ8QCi8+PY0QJHPA63e5uPyoAmgOWIwFm8A/xmW8qjEvVAWtb
-TjZxuQENBDv9GyMQBACCbFlSF+udW/Qz2oknDen8Hoql4Q1Q7CUQTbPjoQAcYgZg
-LrsR6hc9aCIf3Kt4qZBgQ1Oe9M/AemOFhU04UNp3dgHk91EYRvx80Rua992p/8V7
-QOhwIBVb2XE8as5nL2j8w6Jz7eSs/bivxm9yD0AH/I5H01RAJivRbOTsUgSkDwAD
-BQP5ARlW2Nqc0U17asQsmMYvT1UMiOiyBwUD/DIEG2Xy1hlEvdljg8WU26jcjpGq
-MrT69T4Z+eZ2oVyiRQTW4qMUBKc0Nbz89hL0qv9K41ExxxH+JgE1csRVvmwAT8Iy
-lnhof7TJLRBtvan3+p21Kxl1uQ7MbmLT875u+vc+J098fIiIRgQYEQIABgUCO/0b
-IwAKCRDT7+a2hoZ7pn9UAJ9f0TK0QQOtjQBvxAissopYhDKHGACePZg0k9sj69yw
-nVWrBS9fvFC9jcA=
-=BTiM
--END PGP PUBLIC KEY BLOCK-
-
-Type Bits/KeyIDDate   User ID
-pub  1024D/E86E29AC 2002-02-13 kevin seguin 
-
--BEGIN PGP PUBLIC KEY BLOCK-
-Version: GnuPG v1.0.6 (MingW32)
-Comment: For info see http://www.gnupg.org
-
-mQGiBDxqtR8RBACbySxGrtf+flbowryS1Hj4z3zzEXD4CAEq6RjSGMtIraCDRJfp
-6Gexs+lQ6IhpdC4GfX70SUMjXXvT5suhXYeGOM4iJHqUsksgzEKjUqcfj1l3qmOs
-/doE8lcGGHcYbMplBcfuop+shZYiv9GEJ3gutwn/dNnhs/QA9bCdIj03lwCgvAcy
-QpT5JdTym2p2icd5e91mGIUEAJMw6JHTTcCiyoTRy7k8Cf65d8S7bTDLr6pqJVE2
-XU41CvW/pgL31akYAxpeZJJnsBaLaUiqh6K0qgfEMlDwDeC6gVogHBxWkEXdK1dr
-tGL4GIUcxQ1+ZvQhGg7dtjanmfMlylVgS+C48awJySkinRmaQDbQ0MKdFchLc/y1
-OR3IA/0VkIvlidehMPbZCalqhS9AEsDiFq5/u5AsQzDEp2nmTGlmBqjhc39kEnu4
-qKq08az1Gt6Q7sxXbjH/jYtDgd49FW5Yg4k5B3hpTgnbyRE6SGlKksu8qTmYkDve
-4rej6pvJRHwp6hDKxDG8qQoLWIgOfVC8960nurqx56QdV9YMsLQga2V2aW4gc2Vn
-dWluIDxzZ

[Bug 65570] Shared KEYS files must contain keys for all relevant release

2021-09-16 Thread bugzilla

https://bz.apache.org/bugzilla/show_bug.cgi?id=65570

Mark Thomas  changed:

   What|Removed |Added

 Resolution|--- |FIXED
 Status|NEW |RESOLVED

--- Comment #6 from Mark Thomas  ---
You don't have to understand the project's decision to use per release branch
KEYS files. The project has made the decision and it is clear from the comments
on this issue and the archives that that is a decision that the Tomcat project
community is happy with.

KEYS files in current branches have been aligned with the per version KEYS
files.

violetagg's key has been added to the per version keys for 8.x

remm's old DSA key has been added to the per version keys for 6.x

markt's key has been added to the per version keys for 5.x

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch main updated: Refactor ScopedAttributeELResolver into three.

2021-09-16 Thread markt

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/main by this push:
 new 6519345  Refactor ScopedAttributeELResolver into three.
6519345 is described below

commit 65193458a48af7c966dd10f02d95941a52836a4d
Author: Mark Thomas 
AuthorDate: Thu Sep 16 17:15:03 2021 +0100

Refactor ScopedAttributeELResolver into three.

ScopedAttributeELResolver - handles scoped attributes
ImportELResolver - handles imports
NotFoundELResolver - handles anything that isn't resolved

Separating them out makes the role of each clearer and makes some
planned (minor) functional enhancements simpler.

This is implemented in Tomcat first to confirm that it works before
making the same changes in the JSP API.
---
 java/jakarta/servlet/jsp/el/ImportELResolver.java  | 141 +
 .../jakarta/servlet/jsp/el/NotFoundELResolver.java | 104 +++
 .../servlet/jsp/el/ScopedAttributeELResolver.java  |  58 +
 java/org/apache/jasper/el/JasperELResolver.java|   7 +-
 .../org/apache/jasper/el/TestJasperELResolver.java |   6 +-
 webapps/docs/changelog.xml |   7 +
 6 files changed, 264 insertions(+), 59 deletions(-)

diff --git a/java/jakarta/servlet/jsp/el/ImportELResolver.java 
b/java/jakarta/servlet/jsp/el/ImportELResolver.java
new file mode 100644
index 000..535e877
--- /dev/null
+++ b/java/jakarta/servlet/jsp/el/ImportELResolver.java
@@ -0,0 +1,141 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package jakarta.servlet.jsp.el;
+
+import java.beans.FeatureDescriptor;
+import java.util.Collections;
+import java.util.Iterator;
+import java.util.Objects;
+
+import jakarta.el.ELClass;
+import jakarta.el.ELContext;
+import jakarta.el.ELResolver;
+import jakarta.el.ImportHandler;
+
+/**
+ * Providers resolution of imports and static imports in the Jakarta Server
+ * Pages ELResolver chain.
+ *
+ * @since JSP 3.1
+ */
+public class ImportELResolver extends ELResolver {
+
+// Indicates if a performance short-cut is available
+private static final Class AST_IDENTIFIER_KEY;
+
+static {
+Class key = null;
+try {
+key = Class.forName("org.apache.el.parser.AstIdentifier");
+} catch (Exception e) {
+// Ignore: Expected if not running on Tomcat. Not a problem since
+// this just allows a short-cut.
+}
+AST_IDENTIFIER_KEY = key;
+}
+
+@Override
+public Object getValue(ELContext context, Object base, Object property) {
+Objects.requireNonNull(context);
+
+Object result = null;
+
+if (base == null) {
+if (property != null) {
+boolean resolveClass = true;
+// Performance short-cut available when running on Tomcat
+if (AST_IDENTIFIER_KEY != null) {
+// Tomcat will set this key to Boolean.TRUE if the
+// identifier is a stand-alone identifier (i.e.
+// identifier) rather than part of an AstValue (i.e.
+// identifier.something). Imports do not need to be
+// checked if this is a stand-alone identifier
+Boolean value = (Boolean) 
context.getContext(AST_IDENTIFIER_KEY);
+if (value != null && value.booleanValue()) {
+resolveClass = false;
+}
+}
+
+ImportHandler importHandler = context.getImportHandler();
+if (importHandler != null) {
+String key = property.toString();
+Class clazz = null;
+if (resolveClass) {
+clazz = importHandler.resolveClass(key);
+if (clazz != null) {
+result = new ELClass(clazz);
+}
+}
+if (result == null) {
+// This might be the name of an imported static field
+

[Bug 65577] New: Intermittent AccessControlException using NIO2 with security manager enabled

2021-09-16 Thread bugzilla

https://bz.apache.org/bugzilla/show_bug.cgi?id=65577

Bug ID: 65577
   Summary: Intermittent AccessControlException using NIO2 with
security manager enabled
   Product: Tomcat 8
   Version: 8.5.70
  Hardware: PC
Status: NEW
  Severity: normal
  Priority: P2
 Component: Connectors
  Assignee: dev@tomcat.apache.org
  Reporter: shakita.3df4f...@nicoric.com
  Target Milestone: 

We are doing some testing prior to upgrading from 8.5.66 to 8.5.70. When we
configure a SSL/TLS connector using Nio2 and run Tomcat with Security Manger
enabled we are getting intermittent java.security.AccessControlException errors
when accessing the default Tomcat root, e.g. https://hostname:8443/

We have observed the issue using Oracle Java 1.8.0_251, 1.8.0_301 and 11.0.8
2020-07-14 LTS on Windows Server 2019 and RedHat Linux 7.

When we change the connector configuration to use
org.apache.coyote.http11.Http11NioProtocol the errors are not present.

Example connector configuration








The catalina.policy is the default one which comes with the 8.5.70 release

Startup command:

.\catalina.bat start -security

Example error message


16-Sep-2021 12:38:11.824 SEVERE [https-jsse-nio2-8443-exec-4]
org.apache.tomcat.util.net.Nio2Endpoint$SocketProcessor.doRun Error running
socket processor
java.security.AccessControlException: access denied
("java.lang.RuntimePermission"
"accessClassInPackage.org.apache.tomcat.util.net")
at
java.security.AccessControlContext.checkPermission(AccessControlContext.java:472)
at
java.security.AccessController.checkPermission(AccessController.java:886)
at
java.lang.SecurityManager.checkPermission(SecurityManager.java:549)
at
java.lang.SecurityManager.checkPackageAccess(SecurityManager.java:1564)
at
sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:335)
at java.lang.ClassLoader.loadClass(ClassLoader.java:405)
at java.lang.ClassLoader.loadClass(ClassLoader.java:351)
at
org.apache.tomcat.util.net.SecureNio2Channel.processSNI(SecureNio2Channel.java:387)
at
org.apache.tomcat.util.net.SecureNio2Channel.handshakeInternal(SecureNio2Channel.java:231)
at
org.apache.tomcat.util.net.SecureNio2Channel.handshake(SecureNio2Channel.java:222)
at
org.apache.tomcat.util.net.Nio2Endpoint$SocketProcessor.doRun(Nio2Endpoint.java:1593)
at
org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
at
org.apache.tomcat.util.net.AbstractEndpoint.processSocket(AbstractEndpoint.java:)
at
org.apache.tomcat.util.net.SecureNio2Channel$HandshakeReadCompletionHandler.completed(SecureNio2Channel.java:104)
at
org.apache.tomcat.util.net.SecureNio2Channel$HandshakeReadCompletionHandler.completed(SecureNio2Channel.java:97)
at sun.nio.ch.Invoker.invokeUnchecked(Invoker.java:126)
at sun.nio.ch.Invoker$2.run(Invoker.java:218)
at
sun.nio.ch.AsynchronousChannelGroupImpl$1.run(AsynchronousChannelGroupImpl.java:112)
at
org.apache.tomcat.util.threads.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1191)
at
org.apache.tomcat.util.threads.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:659)
at
org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
at java.lang.Thread.run(Thread.java:748)

Example Java security debug output
-

access: access denied ("java.lang.RuntimePermission"
"accessClassInPackage.org.apache.tomcat.util.net")
java.lang.Exception: Stack trace
at java.base/java.lang.Thread.dumpStack(Thread.java:1387)
at
java.base/java.security.AccessControlContext.checkPermission(AccessControlContext.java:462)
at
java.base/java.security.AccessController.checkPermission(AccessController.java:897)
at
java.base/java.lang.SecurityManager.checkPermission(SecurityManager.java:322)
at
java.base/java.lang.SecurityManager.checkPackageAccess(SecurityManager.java:1290)
at
java.base/jdk.internal.loader.ClassLoaders$AppClassLoader.loadClass(ClassLoaders.java:174)
at java.base/java.lang.ClassLoader.loadClass(ClassLoader.java:575)
at java.base/java.lang.ClassLoader.loadClass(ClassLoader.java:521)
at
org.apache.tomcat.util.net.SecureNio2Channel.processSNI(SecureNio2Channel.java:387)
at
org.apache.tomcat.util.net.SecureNio2Channel.handshakeInternal(SecureNio2Channel.java:231)
at
org.apache.tomcat.util.net.SecureNio2Channel.handshake(SecureNio2Channel.java:222)
at
org.apache.tomcat.util.net.Nio2Endpoint$SocketProcessor.doRun(Nio2Endpoint.java:1593)

[Bug 65577] Intermittent AccessControlException using NIO2 with security manager enabled

2021-09-16 Thread bugzilla

https://bz.apache.org/bugzilla/show_bug.cgi?id=65577

Mark Thomas  changed:

   What|Removed |Added

 OS||All

--- Comment #1 from Mark Thomas  ---
We'll tale a look but given that the long term future of the Java security
manager doesn't look good you might want to look at why you want to run under a
security manager and what alternative solutions are available.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch main updated: Fix BZ 65577 - additional permissions required by security manager

2021-09-16 Thread markt

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/main by this push:
 new 910c67c  Fix BZ 65577 - additional permissions required by security 
manager
910c67c is described below

commit 910c67cc198dbb2288ceb639d049deb744b55a67
Author: Mark Thomas 
AuthorDate: Thu Sep 16 21:33:16 2021 +0100

Fix BZ 65577 - additional permissions required by security manager
---
 java/org/apache/catalina/security/SecurityClassLoad.java | 2 ++
 webapps/docs/changelog.xml   | 4 
 2 files changed, 6 insertions(+)

diff --git a/java/org/apache/catalina/security/SecurityClassLoad.java 
b/java/org/apache/catalina/security/SecurityClassLoad.java
index 72a389f..62951ec 100644
--- a/java/org/apache/catalina/security/SecurityClassLoad.java
+++ b/java/org/apache/catalina/security/SecurityClassLoad.java
@@ -194,6 +194,8 @@ public final class SecurityClassLoad {
 loader.loadClass(basePackage + 
"util.net.SocketWrapperBase$CompletionHandlerCall");
 loader.loadClass(basePackage + 
"util.net.SocketWrapperBase$CompletionState");
 loader.loadClass(basePackage + 
"util.net.SocketWrapperBase$VectoredIOCompletionHandler");
+loader.loadClass(basePackage + "util.net.TLSClientHelloExtractor");
+loader.loadClass(basePackage + 
"util.net.TLSClientHelloExtractor$ExtractorResult");
 // security
 loader.loadClass(basePackage + "util.security.PrivilegedGetTccl");
 loader.loadClass(basePackage + "util.security.PrivilegedSetTccl");
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 0f3f4bb..80b359c 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -131,6 +131,10 @@
 incorrectly report that they had timed out waiting for an allocation
 from the connection flow control window. (markt)
   
+  
+65577: Fix a AccessControlException reporting
+when running an NIO2 connector with TLS enabled. (markt)
+  
 
   
   

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch 10.0.x updated: Fix BZ 65577 - additional permissions required by security manager

2021-09-16 Thread markt

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 10.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/10.0.x by this push:
 new 1ee3262  Fix BZ 65577 - additional permissions required by security 
manager
1ee3262 is described below

commit 1ee3262fc32dd1d7e2ab6ac626e778232454bce7
Author: Mark Thomas 
AuthorDate: Thu Sep 16 21:33:16 2021 +0100

Fix BZ 65577 - additional permissions required by security manager
---
 java/org/apache/catalina/security/SecurityClassLoad.java | 2 ++
 webapps/docs/changelog.xml   | 4 
 2 files changed, 6 insertions(+)

diff --git a/java/org/apache/catalina/security/SecurityClassLoad.java 
b/java/org/apache/catalina/security/SecurityClassLoad.java
index a111c65..fe5dc61 100644
--- a/java/org/apache/catalina/security/SecurityClassLoad.java
+++ b/java/org/apache/catalina/security/SecurityClassLoad.java
@@ -195,6 +195,8 @@ public final class SecurityClassLoad {
 loader.loadClass(basePackage + 
"util.net.SocketWrapperBase$CompletionHandlerCall");
 loader.loadClass(basePackage + 
"util.net.SocketWrapperBase$CompletionState");
 loader.loadClass(basePackage + 
"util.net.SocketWrapperBase$VectoredIOCompletionHandler");
+loader.loadClass(basePackage + "util.net.TLSClientHelloExtractor");
+loader.loadClass(basePackage + 
"util.net.TLSClientHelloExtractor$ExtractorResult");
 // security
 loader.loadClass(basePackage + "util.security.PrivilegedGetTccl");
 loader.loadClass(basePackage + "util.security.PrivilegedSetTccl");
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index cb1841a..068deb4 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -131,6 +131,10 @@
 incorrectly report that they had timed out waiting for an allocation
 from the connection flow control window. (markt)
   
+  
+65577: Fix a AccessControlException reporting
+when running an NIO2 connector with TLS enabled. (markt)
+  
 
   
 

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch 9.0.x updated: Fix BZ 65577 - additional permissions required by security manager

2021-09-16 Thread markt

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/9.0.x by this push:
 new beca3b5  Fix BZ 65577 - additional permissions required by security 
manager
beca3b5 is described below

commit beca3b5a25313a749e7c5070a0c486fb6bfac46e
Author: Mark Thomas 
AuthorDate: Thu Sep 16 21:33:16 2021 +0100

Fix BZ 65577 - additional permissions required by security manager
---
 java/org/apache/catalina/security/SecurityClassLoad.java | 2 ++
 webapps/docs/changelog.xml   | 4 
 2 files changed, 6 insertions(+)

diff --git a/java/org/apache/catalina/security/SecurityClassLoad.java 
b/java/org/apache/catalina/security/SecurityClassLoad.java
index 19b9c21..bf86414 100644
--- a/java/org/apache/catalina/security/SecurityClassLoad.java
+++ b/java/org/apache/catalina/security/SecurityClassLoad.java
@@ -195,6 +195,8 @@ public final class SecurityClassLoad {
 loader.loadClass(basePackage + 
"util.net.SocketWrapperBase$CompletionHandlerCall");
 loader.loadClass(basePackage + 
"util.net.SocketWrapperBase$CompletionState");
 loader.loadClass(basePackage + 
"util.net.SocketWrapperBase$VectoredIOCompletionHandler");
+loader.loadClass(basePackage + "util.net.TLSClientHelloExtractor");
+loader.loadClass(basePackage + 
"util.net.TLSClientHelloExtractor$ExtractorResult");
 // security
 loader.loadClass(basePackage + "util.security.PrivilegedGetTccl");
 loader.loadClass(basePackage + "util.security.PrivilegedSetTccl");
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 310c73c..e2f28ac 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -131,6 +131,10 @@
 incorrectly report that they had timed out waiting for an allocation
 from the connection flow control window. (markt)
   
+  
+65577: Fix a AccessControlException reporting
+when running an NIO2 connector with TLS enabled. (markt)
+  
 
   
 

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch 8.5.x updated: Fix BZ 65577 - additional permissions required by security manager

2021-09-16 Thread markt

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/8.5.x by this push:
 new 92e9051  Fix BZ 65577 - additional permissions required by security 
manager
92e9051 is described below

commit 92e9051d614d430676ef8002e8b7ef4875d8017c
Author: Mark Thomas 
AuthorDate: Thu Sep 16 21:33:16 2021 +0100

Fix BZ 65577 - additional permissions required by security manager
---
 java/org/apache/catalina/security/SecurityClassLoad.java | 2 ++
 webapps/docs/changelog.xml   | 4 
 2 files changed, 6 insertions(+)

diff --git a/java/org/apache/catalina/security/SecurityClassLoad.java 
b/java/org/apache/catalina/security/SecurityClassLoad.java
index 144a869..c2cb0fc 100644
--- a/java/org/apache/catalina/security/SecurityClassLoad.java
+++ b/java/org/apache/catalina/security/SecurityClassLoad.java
@@ -194,6 +194,8 @@ public final class SecurityClassLoad {
 loader.loadClass(basePackage + 
"util.net.SocketWrapperBase$CompletionHandlerCall");
 loader.loadClass(basePackage + 
"util.net.SocketWrapperBase$CompletionState");
 loader.loadClass(basePackage + 
"util.net.SocketWrapperBase$VectoredIOCompletionHandler");
+loader.loadClass(basePackage + "util.net.TLSClientHelloExtractor");
+loader.loadClass(basePackage + 
"util.net.TLSClientHelloExtractor$ExtractorResult");
 // security
 loader.loadClass(basePackage + "util.security.PrivilegedGetTccl");
 loader.loadClass(basePackage + "util.security.PrivilegedSetTccl");
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 80f8d02..5a1cd81 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -113,6 +113,10 @@
 incorrectly report that they had timed out waiting for an allocation
 from the connection flow control window. (markt)
   
+  
+65577: Fix a AccessControlException reporting
+when running an NIO2 connector with TLS enabled. (markt)
+  
 
   
 

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 65571] ClientAbortException in Tomcat 9.0.50 and 9.0.52

[Bug 65553] Orphaned thread by JNDIRealm / clearReferencesThreads reports memory leak

[tomcat] branch main updated: Align with KEYS file in download area

[tomcat] branch 10.0.x updated: Align with KEYS file in download area

[tomcat] branch 9.0.x updated: Align with KEYS file in download area

[Bug 65570] Shared KEYS files must contain keys for all relevant release

[tomcat] branch main updated: Refactor ScopedAttributeELResolver into three.

[Bug 65577] New: Intermittent AccessControlException using NIO2 with security manager enabled

[Bug 65577] Intermittent AccessControlException using NIO2 with security manager enabled

[tomcat] branch main updated: Fix BZ 65577 - additional permissions required by security manager

[tomcat] branch 10.0.x updated: Fix BZ 65577 - additional permissions required by security manager

[tomcat] branch 9.0.x updated: Fix BZ 65577 - additional permissions required by security manager

[tomcat] branch 8.5.x updated: Fix BZ 65577 - additional permissions required by security manager

13 matches

Site Navigation

Mail list logo

Footer information