[GitHub] [tomcat] markt-asf closed pull request #458: Typos fix
markt-asf closed pull request #458: URL: https://github.com/apache/tomcat/pull/458 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[GitHub] [tomcat] markt-asf commented on pull request #458: Typos fix
markt-asf commented on pull request #458: URL: https://github.com/apache/tomcat/pull/458#issuecomment-972646135 Tomcat can't change these files. Please report this up stream at: https://github.com/eclipse-ee4j/jakartaee-schemas -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 10.0.x updated: Protect against a known OS bug
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 10.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/10.0.x by this push:
new c13a76f Protect against a known OS bug
c13a76f is described below
commit c13a76f78bb1e4988a787f354a1be82e67d87186
Author: Mark Thomas
AuthorDate: Wed Nov 17 18:48:33 2021 +
Protect against a known OS bug
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1924298
---
java/org/apache/tomcat/util/net/AprEndpoint.java| 15 +++
java/org/apache/tomcat/util/net/LocalStrings.properties | 1 +
java/org/apache/tomcat/util/net/Nio2Endpoint.java | 12 +++-
java/org/apache/tomcat/util/net/NioEndpoint.java| 11 ++-
webapps/docs/changelog.xml | 6 ++
5 files changed, 43 insertions(+), 2 deletions(-)
diff --git a/java/org/apache/tomcat/util/net/AprEndpoint.java
b/java/org/apache/tomcat/util/net/AprEndpoint.java
index 7b93b3d..578a571 100644
--- a/java/org/apache/tomcat/util/net/AprEndpoint.java
+++ b/java/org/apache/tomcat/util/net/AprEndpoint.java
@@ -116,6 +116,9 @@ public class AprEndpoint extends
AbstractEndpoint implements SNICallB
protected long sslContext = 0;
+private int previousAcceptedPort = -1;
+private String previousAcceptedAddress = null;
+
// Constructor
public AprEndpoint() {
@@ -794,7 +797,18 @@ public class AprEndpoint extends
AbstractEndpoint implements SNICallB
if (log.isDebugEnabled()) {
log.debug(sm.getString("endpoint.debug.socket", socket));
}
+
+// Do the duplicate accept check here rather than in
serverSocketaccept()
+// so we can cache the results in the SocketWrapper
AprSocketWrapper wrapper = new AprSocketWrapper(socket, this);
+if (wrapper.getRemotePort() == previousAcceptedPort) {
+if (wrapper.getRemoteAddr().equals(previousAcceptedAddress)) {
+throw new
IOException(sm.getString("endpoint.err.duplicateAccept"));
+}
+}
+previousAcceptedPort = wrapper.getRemotePort();
+previousAcceptedAddress = wrapper.getRemoteAddr();
+
connections.put(socket, wrapper);
wrapper.setKeepAliveLeft(getMaxKeepAliveRequests());
wrapper.setReadTimeout(getConnectionTimeout());
@@ -815,6 +829,7 @@ public class AprEndpoint extends
AbstractEndpoint implements SNICallB
@Override
protected Long serverSocketAccept() throws Exception {
+// See setSocketOptions(Long) for duplicate accept check
long socket = Socket.accept(serverSock);
if (socket == 0) {
throw new IOException(sm.getString("endpoint.err.accept",
getName()));
diff --git a/java/org/apache/tomcat/util/net/LocalStrings.properties
b/java/org/apache/tomcat/util/net/LocalStrings.properties
index 3e306ec..0cc32e4 100644
--- a/java/org/apache/tomcat/util/net/LocalStrings.properties
+++ b/java/org/apache/tomcat/util/net/LocalStrings.properties
@@ -82,6 +82,7 @@ endpoint.duplicateSslHostName=Multiple SSLHostConfig elements
were provided for
endpoint.err.accept=Failed to accept socket for end point [{0}]
endpoint.err.attach=Failed to attach SSLContext to socket - error [{0}]
endpoint.err.close=Caught exception trying to close socket
+endpoint.err.duplicateAccept=Duplicate accept detected. This is a known OS
bug. Please consider reporting that you are affected:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1924298
endpoint.err.handshake=Handshake failed
endpoint.err.unexpected=Unexpected error processing socket
endpoint.executor.fail=Executor rejected socket [{0}] for processing
diff --git a/java/org/apache/tomcat/util/net/Nio2Endpoint.java
b/java/org/apache/tomcat/util/net/Nio2Endpoint.java
index be724c4..c46a3c4 100644
--- a/java/org/apache/tomcat/util/net/Nio2Endpoint.java
+++ b/java/org/apache/tomcat/util/net/Nio2Endpoint.java
@@ -84,6 +84,8 @@ public class Nio2Endpoint extends
AbstractJsseEndpoint nioChannels;
+private SocketAddress previousAcceptedSocketRemoteAddress = null;
+
// - Public Methods
@@ -355,7 +357,15 @@ public class Nio2Endpoint extends
AbstractJsseEndpoint
*/
private SynchronizedStack nioChannels;
+private SocketAddress previousAcceptedSocketRemoteAddress = null;
+
// - Properties
@@ -510,7 +512,14 @@ public class NioEndpoint extends
AbstractJsseEndpoint
@Override
protected SocketChannel serverSocketAccept() throws Exception {
-return serverSock.accept();
+SocketChannel result = serverSock.accept();
+SocketAddress currentRemoteAd
[tomcat] branch 9.0.x updated: Protect against a known OS bug
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/9.0.x by this push:
new 7a8 Protect against a known OS bug
7a8 is described below
commit 7a8c4315bbd5f6b3d620f748cf30a41ba2e9
Author: Mark Thomas
AuthorDate: Wed Nov 17 18:48:33 2021 +
Protect against a known OS bug
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1924298
---
java/org/apache/tomcat/util/net/AprEndpoint.java| 15 +++
java/org/apache/tomcat/util/net/LocalStrings.properties | 1 +
java/org/apache/tomcat/util/net/Nio2Endpoint.java | 15 ---
java/org/apache/tomcat/util/net/NioEndpoint.java| 11 ++-
webapps/docs/changelog.xml | 6 ++
5 files changed, 44 insertions(+), 4 deletions(-)
diff --git a/java/org/apache/tomcat/util/net/AprEndpoint.java
b/java/org/apache/tomcat/util/net/AprEndpoint.java
index 48c6716..dde0e0c 100644
--- a/java/org/apache/tomcat/util/net/AprEndpoint.java
+++ b/java/org/apache/tomcat/util/net/AprEndpoint.java
@@ -112,6 +112,9 @@ public class AprEndpoint extends
AbstractEndpoint implements SNICallB
protected long sslContext = 0;
+private int previousAcceptedPort = -1;
+private String previousAcceptedAddress = null;
+
// Constructor
public AprEndpoint() {
@@ -790,7 +793,18 @@ public class AprEndpoint extends
AbstractEndpoint implements SNICallB
if (log.isDebugEnabled()) {
log.debug(sm.getString("endpoint.debug.socket", socket));
}
+
+// Do the duplicate accept check here rather than in
serverSocketaccept()
+// so we can cache the results in the SocketWrapper
AprSocketWrapper wrapper = new AprSocketWrapper(socket, this);
+if (wrapper.getRemotePort() == previousAcceptedPort) {
+if (wrapper.getRemoteAddr().equals(previousAcceptedAddress)) {
+throw new
IOException(sm.getString("endpoint.err.duplicateAccept"));
+}
+}
+previousAcceptedPort = wrapper.getRemotePort();
+previousAcceptedAddress = wrapper.getRemoteAddr();
+
connections.put(socket, wrapper);
wrapper.setKeepAliveLeft(getMaxKeepAliveRequests());
wrapper.setReadTimeout(getConnectionTimeout());
@@ -811,6 +825,7 @@ public class AprEndpoint extends
AbstractEndpoint implements SNICallB
@Override
protected Long serverSocketAccept() throws Exception {
+// See setSocketOptions(Long) for duplicate accept check
long socket = Socket.accept(serverSock);
if (socket == 0) {
throw new IOException(sm.getString("endpoint.err.accept",
getName()));
diff --git a/java/org/apache/tomcat/util/net/LocalStrings.properties
b/java/org/apache/tomcat/util/net/LocalStrings.properties
index 3e306ec..0cc32e4 100644
--- a/java/org/apache/tomcat/util/net/LocalStrings.properties
+++ b/java/org/apache/tomcat/util/net/LocalStrings.properties
@@ -82,6 +82,7 @@ endpoint.duplicateSslHostName=Multiple SSLHostConfig elements
were provided for
endpoint.err.accept=Failed to accept socket for end point [{0}]
endpoint.err.attach=Failed to attach SSLContext to socket - error [{0}]
endpoint.err.close=Caught exception trying to close socket
+endpoint.err.duplicateAccept=Duplicate accept detected. This is a known OS
bug. Please consider reporting that you are affected:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1924298
endpoint.err.handshake=Handshake failed
endpoint.err.unexpected=Unexpected error processing socket
endpoint.executor.fail=Executor rejected socket [{0}] for processing
diff --git a/java/org/apache/tomcat/util/net/Nio2Endpoint.java
b/java/org/apache/tomcat/util/net/Nio2Endpoint.java
index 365fe3a..125261a 100644
--- a/java/org/apache/tomcat/util/net/Nio2Endpoint.java
+++ b/java/org/apache/tomcat/util/net/Nio2Endpoint.java
@@ -84,8 +84,10 @@ public class Nio2Endpoint extends
AbstractJsseEndpoint nioChannels;
-// - Properties
+private SocketAddress previousAcceptedSocketRemoteAddress = null;
+
+// - Properties
/**
* Is deferAccept supported?
@@ -99,7 +101,6 @@ public class Nio2Endpoint extends
AbstractJsseEndpoint
*/
private SynchronizedStack nioChannels;
+private SocketAddress previousAcceptedSocketRemoteAddress = null;
+
// - Properties
@@ -537,7 +539,14 @@ public class NioEndpoint extends
AbstractJsseEndpoint
@Override
protected SocketChannel serverSocketAccept() throws Exception {
-
Re: [tomcat] branch 9.0.x updated: Protect against a known OS bug
On 18/11/2021 09:18, ma...@apache.org wrote: This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch 9.0.x in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/9.0.x by this push: new 7a8 Protect against a known OS bug 7a8 is described below commit 7a8c4315bbd5f6b3d620f748cf30a41ba2e9 Author: Mark Thomas AuthorDate: Wed Nov 17 18:48:33 2021 + Protect against a known OS bug https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1924298 Hi all, Back-porting this to 8.5.x is complicated by 8.5.x having the option for multiple acceptor threads. I can see the following options. 1. Don't back-port this protection to 8.5.x. === 8.5.x has survived this long without the protection. There aren't any outstanding 8.5.x bug reports that could be attributable to this issue. Having the protection (and log message) in the other branches should be enough to raise visibility of the bug and get it fixed. There may be uses that are experiencing this bug on rare occasions without realising it. 2. Limit 8.5.x to a single acceptor thread and back-port the 9.0.x fix === Multiple acceptor threads have been shown to offer little/no performance benefit. Making the acceptorThreadCount setter a NO-OP and hard-coding the getter to return 1 would be relatively simple. This feels like a fairly big change this late in the 8.5.x series. 3. Introduce a synchronization block around the accept() call and add the duplicate check inside the synchronization block. === There may be a performance impact for users who have configured multiple acceptor threads. My current preference order is 2 first, closely followed by 1 with 3 further behind. Thoughts? Mark - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch main updated: Add docs for using CacheStrategy
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/main by this push: new 475dc42 Add docs for using CacheStrategy 475dc42 is described below commit 475dc42f61ab2844dc0e06d79ad4dd42be955d95 Author: Mark Thomas AuthorDate: Thu Nov 18 10:06:57 2021 + Add docs for using CacheStrategy --- webapps/docs/config/resources.xml | 21 +++-- 1 file changed, 19 insertions(+), 2 deletions(-) diff --git a/webapps/docs/config/resources.xml b/webapps/docs/config/resources.xml index 81108d6..12e74cb 100644 --- a/webapps/docs/config/resources.xml +++ b/webapps/docs/config/resources.xml @@ -180,8 +180,8 @@ A web application's main resources are defined by the docBase defined for the Context. - Additional resources may be made available to the web application by defining - one or more nested components. + Additional configuration settings and/or resources may be made available to + the web application by defining one or more nested components. PreResources @@ -323,6 +323,23 @@ FileResourceSet mapped to /WEB-INF/lib. + Cache Strategy + + Additional control over the caching of static resources can be obtained by + configuring a custom cache strategy. To configure a custom cache straegy, + nest aelement inside the element + with the following attributes: + + + + + Java class name of the implementation to use. This class must implement + the org.apache.catalina.WebResourceRoot$CacheStrategy + interface. + + + + - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 10.0.x updated: Add docs for using CacheStrategy
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch 10.0.x in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/10.0.x by this push: new ec218b5 Add docs for using CacheStrategy ec218b5 is described below commit ec218b51d44f47ea04ffaf29276cb0f8f17368ef Author: Mark Thomas AuthorDate: Thu Nov 18 10:06:57 2021 + Add docs for using CacheStrategy --- webapps/docs/config/resources.xml | 21 +++-- 1 file changed, 19 insertions(+), 2 deletions(-) diff --git a/webapps/docs/config/resources.xml b/webapps/docs/config/resources.xml index 81108d6..12e74cb 100644 --- a/webapps/docs/config/resources.xml +++ b/webapps/docs/config/resources.xml @@ -180,8 +180,8 @@ A web application's main resources are defined by the docBase defined for the Context. - Additional resources may be made available to the web application by defining - one or more nested components. + Additional configuration settings and/or resources may be made available to + the web application by defining one or more nested components. PreResources @@ -323,6 +323,23 @@ FileResourceSet mapped to /WEB-INF/lib. + Cache Strategy + + Additional control over the caching of static resources can be obtained by + configuring a custom cache strategy. To configure a custom cache straegy, + nest aelement inside the element + with the following attributes: + + + + + Java class name of the implementation to use. This class must implement + the org.apache.catalina.WebResourceRoot$CacheStrategy + interface. + + + + - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 9.0.x updated: Add docs for using CacheStrategy
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch 9.0.x in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/9.0.x by this push: new b9640d1 Add docs for using CacheStrategy b9640d1 is described below commit b9640d1f77f6c20dfbf9593ccbe52880b41bf67f Author: Mark Thomas AuthorDate: Thu Nov 18 10:06:57 2021 + Add docs for using CacheStrategy --- webapps/docs/config/resources.xml | 21 +++-- 1 file changed, 19 insertions(+), 2 deletions(-) diff --git a/webapps/docs/config/resources.xml b/webapps/docs/config/resources.xml index 81108d6..12e74cb 100644 --- a/webapps/docs/config/resources.xml +++ b/webapps/docs/config/resources.xml @@ -180,8 +180,8 @@ A web application's main resources are defined by the docBase defined for the Context. - Additional resources may be made available to the web application by defining - one or more nested components. + Additional configuration settings and/or resources may be made available to + the web application by defining one or more nested components. PreResources @@ -323,6 +323,23 @@ FileResourceSet mapped to /WEB-INF/lib. + Cache Strategy + + Additional control over the caching of static resources can be obtained by + configuring a custom cache strategy. To configure a custom cache straegy, + nest aelement inside the element + with the following attributes: + + + + + Java class name of the implementation to use. This class must implement + the org.apache.catalina.WebResourceRoot$CacheStrategy + interface. + + + + - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 8.5.x updated: Add docs for using CacheStrategy
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch 8.5.x in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/8.5.x by this push: new 815273a Add docs for using CacheStrategy 815273a is described below commit 815273a6c9aceb014210515d02b2df20572deae9 Author: Mark Thomas AuthorDate: Thu Nov 18 10:06:57 2021 + Add docs for using CacheStrategy --- webapps/docs/config/resources.xml | 21 +++-- 1 file changed, 19 insertions(+), 2 deletions(-) diff --git a/webapps/docs/config/resources.xml b/webapps/docs/config/resources.xml index 81108d6..12e74cb 100644 --- a/webapps/docs/config/resources.xml +++ b/webapps/docs/config/resources.xml @@ -180,8 +180,8 @@ A web application's main resources are defined by the docBase defined for the Context. - Additional resources may be made available to the web application by defining - one or more nested components. + Additional configuration settings and/or resources may be made available to + the web application by defining one or more nested components. PreResources @@ -323,6 +323,23 @@ FileResourceSet mapped to /WEB-INF/lib. + Cache Strategy + + Additional control over the caching of static resources can be obtained by + configuring a custom cache strategy. To configure a custom cache straegy, + nest aelement inside the element + with the following attributes: + + + + + Java class name of the implementation to use. This class must implement + the org.apache.catalina.WebResourceRoot$CacheStrategy + interface. + + + + - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch main updated: Improve memory management
This is an automated email from the ASF dual-hosted git repository.
remm pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/main by this push:
new 590877b Improve memory management
590877b is described below
commit 590877b9b7063973606013614c6eff609df925a5
Author: remm
AuthorDate: Thu Nov 18 11:16:34 2021 +0100
Improve memory management
Switch to an implicit scope for the context, and remove the cleaner (as
the scope is the cleaner).
Although not being able to use bound method handles is frustrating, this
is overall more realistic and sustainable.
Verify correct behavior with heap dump and the SSLHostConfig reload
command.
Document problems with hardcoded defines with jextract (this is a good
idea in most cases, but not always). Will examine if there is a
workaround.
---
.../util/net/openssl/panama/OpenSSLContext.java| 393 +
.../util/net/openssl/panama/OpenSSLEngine.java | 30 +-
.../openssl/panama/OpenSSLLifecycleListener.java | 1 +
.../net/openssl/panama/LocalStrings.properties | 3 +-
4 files changed, 187 insertions(+), 240 deletions(-)
diff --git
a/modules/openssl-java17/src/main/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLContext.java
b/modules/openssl-java17/src/main/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLContext.java
index 612a0fe..14957c9 100644
---
a/modules/openssl-java17/src/main/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLContext.java
+++
b/modules/openssl-java17/src/main/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLContext.java
@@ -30,8 +30,6 @@ import java.io.File;
import java.lang.invoke.MethodHandle;
import java.lang.invoke.MethodHandles;
import java.lang.invoke.MethodType;
-import java.lang.ref.Cleaner;
-import java.lang.ref.Cleaner.Cleanable;
import java.nio.charset.StandardCharsets;
import java.security.PrivateKey;
import java.security.SecureRandom;
@@ -43,6 +41,7 @@ import java.util.Arrays;
import java.util.Base64;
import java.util.Iterator;
import java.util.List;
+import java.util.concurrent.ConcurrentHashMap;
import javax.net.ssl.KeyManager;
import javax.net.ssl.SSLEngine;
@@ -132,13 +131,13 @@ public class OpenSSLContext implements
org.apache.tomcat.util.net.SSLContext {
static {
MethodHandles.Lookup lookup = MethodHandles.lookup();
try {
-openSSLCallbackVerifyHandle =
lookup.findVirtual(OpenSSLContext.class, "openSSLCallbackVerify",
+openSSLCallbackVerifyHandle =
lookup.findStatic(OpenSSLContext.class, "openSSLCallbackVerify",
MethodType.methodType(int.class, int.class,
MemoryAddress.class));
-openSSLCallbackPasswordHandle =
lookup.findVirtual(OpenSSLContext.class, "openSSLCallbackPassword",
+openSSLCallbackPasswordHandle =
lookup.findStatic(OpenSSLContext.class, "openSSLCallbackPassword",
MethodType.methodType(int.class, MemoryAddress.class,
int.class, int.class, MemoryAddress.class));
-openSSLCallbackCertVerifyHandle =
lookup.findVirtual(OpenSSLContext.class, "openSSLCallbackCertVerify",
+openSSLCallbackCertVerifyHandle =
lookup.findStatic(OpenSSLContext.class, "openSSLCallbackCertVerify",
MethodType.methodType(int.class, MemoryAddress.class,
MemoryAddress.class));
-openSSLCallbackAlpnSelectProtoHandle =
lookup.findVirtual(OpenSSLContext.class, "openSSLCallbackAlpnSelectProto",
+openSSLCallbackAlpnSelectProtoHandle =
lookup.findStatic(OpenSSLContext.class, "openSSLCallbackAlpnSelectProto",
MethodType.methodType(int.class, MemoryAddress.class,
MemoryAddress.class,
MemoryAddress.class, MemoryAddress.class,
int.class, MemoryAddress.class));
openSSLCallbackTmpDHHandle =
lookup.findStatic(OpenSSLContext.class, "openSSLCallbackTmpDH",
@@ -208,17 +207,11 @@ public class OpenSSLContext implements
org.apache.tomcat.util.net.SSLContext {
dhParameters[5] = new DHParam(dh, 0);
}
-private static final Cleaner cleaner = Cleaner.create();
-
private final SSLHostConfig sslHostConfig;
private final SSLHostConfigCertificate certificate;
private final boolean alpn;
-private final List negotiableProtocols;
-
-private int certificateVerifyMode = -1;
private OpenSSLSessionContext sessionContext;
-private X509TrustManager x509TrustManager;
private String enabledProtocol;
private boolean initialized = false;
@@ -227,8 +220,14 @@ public class OpenSSLContext implements
org.apache.tomcat.util.net.SSLContext {
// Password callback
private final MemoryAddress openSSLCallbackPassword;
-private final OpenSSLState state;
-private final Cleanable cleanable;
+private static final ConcurrentHashMap states = new
ConcurrentH
Re: [tomcat] branch main updated: Add docs for using CacheStrategy
Small typo in new docs: Am 18.11.2021 um 11:10 schrieb ma...@apache.org: diff --git a/webapps/docs/config/resources.xml b/webapps/docs/config/resources.xml index 81108d6..12e74cb 100644 --- a/webapps/docs/config/resources.xml +++ b/webapps/docs/config/resources.xml @@ -323,6 +323,23 @@ FileResourceSet mapped to /WEB-INF/lib. + Cache Strategy + + Additional control over the caching of static resources can be obtained by + configuring a custom cache strategy. To configure a custom cache straegy, s/straegy/strategy/ - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch main updated: Improve changelog
This is an automated email from the ASF dual-hosted git repository. remm pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/main by this push: new b994e15 Improve changelog b994e15 is described below commit b994e15dfc3f7b5f98ba9e0f9b3a4bdc7a32c767 Author: remm AuthorDate: Thu Nov 18 11:19:59 2021 +0100 Improve changelog --- webapps/docs/changelog.xml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml index ef6b181..a01e8fc 100644 --- a/webapps/docs/changelog.xml +++ b/webapps/docs/changelog.xml @@ -116,8 +116,8 @@ -Use an implicit scope to tie the cleanup of OpenSSL memory to the Java -GC. (remm) +Use implicit scopes in the OpenSSL Panama module to tie the cleanup of +OpenSSL memory to the Java GC. (remm) Provide protection against a known
Re: [tomcat] branch main updated: Add docs for using CacheStrategy
On 18/11/2021 10:19, Rainer Jung wrote: Small typo in new docs: Am 18.11.2021 um 11:10 schrieb ma...@apache.org: diff --git a/webapps/docs/config/resources.xml b/webapps/docs/config/resources.xml index 81108d6..12e74cb 100644 --- a/webapps/docs/config/resources.xml +++ b/webapps/docs/config/resources.xml @@ -323,6 +323,23 @@ FileResourceSet mapped to /WEB-INF/lib. + Cache Strategy + + Additional control over the caching of static resources can be obtained by + configuring a custom cache strategy. To configure a custom cache straegy, s/straegy/strategy/ Drat. Thanks for spotting that. Fix on the way. Mark - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch main updated: Fix typo
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/main by this push: new 27630c4 Fix typo 27630c4 is described below commit 27630c4d28f04c7748b926df6b7678840beecc19 Author: Mark Thomas AuthorDate: Thu Nov 18 10:22:09 2021 + Fix typo --- webapps/docs/config/resources.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/webapps/docs/config/resources.xml b/webapps/docs/config/resources.xml index 12e74cb..64a1610 100644 --- a/webapps/docs/config/resources.xml +++ b/webapps/docs/config/resources.xml @@ -326,7 +326,7 @@ Cache Strategy Additional control over the caching of static resources can be obtained by - configuring a custom cache strategy. To configure a custom cache straegy, + configuring a custom cache strategy. To configure a custom cache strategy, nest aelement inside the element with the following attributes: - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 10.0.x updated: Fix typo
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch 10.0.x in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/10.0.x by this push: new ff337d8 Fix typo ff337d8 is described below commit ff337d8ef49efb9eb42a67348b1511cef364c078 Author: Mark Thomas AuthorDate: Thu Nov 18 10:22:09 2021 + Fix typo --- webapps/docs/config/resources.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/webapps/docs/config/resources.xml b/webapps/docs/config/resources.xml index 12e74cb..64a1610 100644 --- a/webapps/docs/config/resources.xml +++ b/webapps/docs/config/resources.xml @@ -326,7 +326,7 @@ Cache Strategy Additional control over the caching of static resources can be obtained by - configuring a custom cache strategy. To configure a custom cache straegy, + configuring a custom cache strategy. To configure a custom cache strategy, nest aelement inside the element with the following attributes: - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 9.0.x updated: Fix typo
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch 9.0.x in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/9.0.x by this push: new 9803980 Fix typo 9803980 is described below commit 9803980ca5ed74c6bfdaee4c0e661a236df966c5 Author: Mark Thomas AuthorDate: Thu Nov 18 10:22:09 2021 + Fix typo --- webapps/docs/config/resources.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/webapps/docs/config/resources.xml b/webapps/docs/config/resources.xml index 12e74cb..64a1610 100644 --- a/webapps/docs/config/resources.xml +++ b/webapps/docs/config/resources.xml @@ -326,7 +326,7 @@ Cache Strategy Additional control over the caching of static resources can be obtained by - configuring a custom cache strategy. To configure a custom cache straegy, + configuring a custom cache strategy. To configure a custom cache strategy, nest aelement inside the element with the following attributes: - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 8.5.x updated: Fix typo
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch 8.5.x in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/8.5.x by this push: new 3570c6c Fix typo 3570c6c is described below commit 3570c6c2946beca328ad4e260392fdb480031b20 Author: Mark Thomas AuthorDate: Thu Nov 18 10:22:09 2021 + Fix typo --- webapps/docs/config/resources.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/webapps/docs/config/resources.xml b/webapps/docs/config/resources.xml index 12e74cb..64a1610 100644 --- a/webapps/docs/config/resources.xml +++ b/webapps/docs/config/resources.xml @@ -326,7 +326,7 @@ Cache Strategy Additional control over the caching of static resources can be obtained by - configuring a custom cache strategy. To configure a custom cache straegy, + configuring a custom cache strategy. To configure a custom cache strategy, nest aelement inside the element with the following attributes: - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch main updated: Fix OpenSSL version with the actual library version
This is an automated email from the ASF dual-hosted git repository. remm pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/main by this push: new fdc4c79 Fix OpenSSL version with the actual library version fdc4c79 is described below commit fdc4c79b4747b3560f4f16268fbe021296e5e929 Author: remm AuthorDate: Thu Nov 18 12:49:34 2021 +0100 Fix OpenSSL version with the actual library version Previously this was hardcoded by jextract based on the header files. Also expose the OpenSSL version number (for likely use eventually). Stop using constant "String"s generated by jextract since the code is so inefficient (not important very here, but it also makes scope tracking harder: one string means one implicit scope that will stay forever). --- modules/openssl-java17/openssl-tomcat.conf | 14 +- .../util/net/openssl/panama/OpenSSLContext.java| 10 +- .../openssl/panama/OpenSSLLifecycleListener.java | 3 +- .../util/openssl/SSL_set_info_callback$cb.java | 2 +- .../apache/tomcat/util/openssl/constants$0.java| 30 ++- .../apache/tomcat/util/openssl/constants$1.java| 36 ++- .../apache/tomcat/util/openssl/constants$10.java | 41 ++-- .../apache/tomcat/util/openssl/constants$11.java | 35 +-- .../apache/tomcat/util/openssl/constants$12.java | 32 +-- .../apache/tomcat/util/openssl/constants$13.java | 35 ++- .../apache/tomcat/util/openssl/constants$14.java | 35 +-- .../apache/tomcat/util/openssl/constants$15.java | 34 ++- .../apache/tomcat/util/openssl/constants$16.java | 36 +-- .../apache/tomcat/util/openssl/constants$17.java | 34 +-- .../apache/tomcat/util/openssl/constants$18.java | 33 ++- .../apache/tomcat/util/openssl/constants$19.java | 33 +-- .../apache/tomcat/util/openssl/constants$2.java| 35 +-- .../apache/tomcat/util/openssl/constants$20.java | 29 ++- .../apache/tomcat/util/openssl/constants$21.java | 33 +-- .../apache/tomcat/util/openssl/constants$22.java | 34 ++- .../apache/tomcat/util/openssl/constants$23.java | 38 +-- .../apache/tomcat/util/openssl/constants$24.java | 37 +-- .../apache/tomcat/util/openssl/constants$25.java | 38 ++- .../apache/tomcat/util/openssl/constants$26.java | 39 +-- .../apache/tomcat/util/openssl/constants$27.java | 33 +-- .../apache/tomcat/util/openssl/constants$28.java | 19 +- .../apache/tomcat/util/openssl/constants$29.java | 36 --- .../apache/tomcat/util/openssl/constants$3.java| 31 ++- .../apache/tomcat/util/openssl/constants$4.java| 32 +-- .../apache/tomcat/util/openssl/constants$5.java| 30 +-- .../apache/tomcat/util/openssl/constants$6.java| 26 +- .../apache/tomcat/util/openssl/constants$7.java| 28 +-- .../apache/tomcat/util/openssl/constants$8.java| 35 ++- .../apache/tomcat/util/openssl/constants$9.java| 41 ++-- .../org/apache/tomcat/util/openssl/openssl_h.java | 269 ++--- 35 files changed, 635 insertions(+), 671 deletions(-) diff --git a/modules/openssl-java17/openssl-tomcat.conf b/modules/openssl-java17/openssl-tomcat.conf index 8775c52..9256996 100644 --- a/modules/openssl-java17/openssl-tomcat.conf +++ b/modules/openssl-java17/openssl-tomcat.conf @@ -61,6 +61,8 @@ --include-function CRYPTO_free # header: /usr/include/openssl/crypto.h --include-function FIPS_mode # header: /usr/include/openssl/crypto.h --include-function FIPS_mode_set # header: /usr/include/openssl/crypto.h +--include-function OpenSSL_version # header: /usr/include/openssl/crypto.h +--include-function OpenSSL_version_num # header: /usr/include/openssl/crypto.h --include-macro OPENSSL_INIT_ENGINE_ALL_BUILTIN# header: /usr/include/openssl/crypto.h Extracted from: /usr/include/openssl/dh.h @@ -133,13 +135,6 @@ --include-macro OPENSSL_LINE # header: /usr/include/openssl/opensslconf-x86_64.h --include-macro OPENSSL_MIN_API # header: /usr/include/openssl/opensslconf-x86_64.h - Extracted from: /usr/include/openssl/opensslv.h - ---include-macro OPENSSL_VERSION_NUMBER# header: /usr/include/openssl/opensslv.h ---include-macro OPENSSL_VERSION_TEXT # header: /usr/include/openssl/opensslv.h ---include-macro SHLIB_VERSION_HISTORY # header: /usr/include/openssl/opensslv.h ---include-macro SHLIB_VERSION_NUMBER # header: /usr/include/openssl/opensslv.h - Extracted from: /usr/include/openssl/pem.h --include-function PEM_read_bio_DHparams# header: /usr/include/openssl/pem.h @@ -287,11 +282,6 @@ --include-macro SSL_SENT_SHUTDOWN# header: /usr/include/openssl/ssl.h --include-macro SSL_SESS_CACHE_OFF # header: /usr/include/openssl/ssl.h --include-macro SSL
[tomcat] branch main updated: WS
This is an automated email from the ASF dual-hosted git repository. remm pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/main by this push: new e028cad WS e028cad is described below commit e028cad86598fdee037363ae694911231f0df3bb Author: remm AuthorDate: Thu Nov 18 13:35:15 2021 +0100 WS --- webapps/docs/config/resources.xml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/webapps/docs/config/resources.xml b/webapps/docs/config/resources.xml index 64a1610..f0a96d6 100644 --- a/webapps/docs/config/resources.xml +++ b/webapps/docs/config/resources.xml @@ -331,13 +331,13 @@ with the following attributes: - + Java class name of the implementation to use. This class must implement the org.apache.catalina.WebResourceRoot$CacheStrategy interface. - + - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch main updated: Refactor check of cluster start to improve robustness
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/main by this push:
new 99d3559 Refactor check of cluster start to improve robustness
99d3559 is described below
commit 99d35599fa16dfa1f9bedc021b30ba3e1bf658f3
Author: Mark Thomas
AuthorDate: Thu Nov 18 12:49:56 2021 +
Refactor check of cluster start to improve robustness
BuiltBot tests were sometime failing when sending messages because there
were no other nodes in the cluster.
---
.../tribes/group/interceptors/TestOrderInterceptor.java | 16 +---
1 file changed, 13 insertions(+), 3 deletions(-)
diff --git
a/test/org/apache/catalina/tribes/group/interceptors/TestOrderInterceptor.java
b/test/org/apache/catalina/tribes/group/interceptors/TestOrderInterceptor.java
index 824a4ce..63cf646 100644
---
a/test/org/apache/catalina/tribes/group/interceptors/TestOrderInterceptor.java
+++
b/test/org/apache/catalina/tribes/group/interceptors/TestOrderInterceptor.java
@@ -81,10 +81,20 @@ public class TestOrderInterceptor {
for ( int i=0; i 6) {
+Assert.fail("Cluster took more than 60s to start");
+}
+Thread.sleep(50);
+m = channels[i].getMembers();
+}
}
-Thread.sleep(1500);
}
@Test
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 10.0.x updated: Refactor check of cluster start to improve robustness
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 10.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/10.0.x by this push:
new 5a2b573 Refactor check of cluster start to improve robustness
5a2b573 is described below
commit 5a2b57368ce6157711f3b72552efe3031fe25360
Author: Mark Thomas
AuthorDate: Thu Nov 18 12:49:56 2021 +
Refactor check of cluster start to improve robustness
BuiltBot tests were sometime failing when sending messages because there
were no other nodes in the cluster.
---
.../tribes/group/interceptors/TestOrderInterceptor.java | 16 +---
1 file changed, 13 insertions(+), 3 deletions(-)
diff --git
a/test/org/apache/catalina/tribes/group/interceptors/TestOrderInterceptor.java
b/test/org/apache/catalina/tribes/group/interceptors/TestOrderInterceptor.java
index 824a4ce..63cf646 100644
---
a/test/org/apache/catalina/tribes/group/interceptors/TestOrderInterceptor.java
+++
b/test/org/apache/catalina/tribes/group/interceptors/TestOrderInterceptor.java
@@ -81,10 +81,20 @@ public class TestOrderInterceptor {
for ( int i=0; i 6) {
+Assert.fail("Cluster took more than 60s to start");
+}
+Thread.sleep(50);
+m = channels[i].getMembers();
+}
}
-Thread.sleep(1500);
}
@Test
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 9.0.x updated: Refactor check of cluster start to improve robustness
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/9.0.x by this push:
new f7cf970 Refactor check of cluster start to improve robustness
f7cf970 is described below
commit f7cf97062d8d7207331ee7f29ba6f3a381f33e62
Author: Mark Thomas
AuthorDate: Thu Nov 18 12:49:56 2021 +
Refactor check of cluster start to improve robustness
BuiltBot tests were sometime failing when sending messages because there
were no other nodes in the cluster.
---
.../tribes/group/interceptors/TestOrderInterceptor.java | 16 +---
1 file changed, 13 insertions(+), 3 deletions(-)
diff --git
a/test/org/apache/catalina/tribes/group/interceptors/TestOrderInterceptor.java
b/test/org/apache/catalina/tribes/group/interceptors/TestOrderInterceptor.java
index 824a4ce..63cf646 100644
---
a/test/org/apache/catalina/tribes/group/interceptors/TestOrderInterceptor.java
+++
b/test/org/apache/catalina/tribes/group/interceptors/TestOrderInterceptor.java
@@ -81,10 +81,20 @@ public class TestOrderInterceptor {
for ( int i=0; i 6) {
+Assert.fail("Cluster took more than 60s to start");
+}
+Thread.sleep(50);
+m = channels[i].getMembers();
+}
}
-Thread.sleep(1500);
}
@Test
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 8.5.x updated: Refactor check of cluster start to improve robustness
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/8.5.x by this push:
new 1c87ae7 Refactor check of cluster start to improve robustness
1c87ae7 is described below
commit 1c87ae7f90a951f727e443b9a6aaee70bfc0bb0d
Author: Mark Thomas
AuthorDate: Thu Nov 18 12:49:56 2021 +
Refactor check of cluster start to improve robustness
BuiltBot tests were sometime failing when sending messages because there
were no other nodes in the cluster.
---
.../tribes/group/interceptors/TestOrderInterceptor.java | 16 +---
1 file changed, 13 insertions(+), 3 deletions(-)
diff --git
a/test/org/apache/catalina/tribes/group/interceptors/TestOrderInterceptor.java
b/test/org/apache/catalina/tribes/group/interceptors/TestOrderInterceptor.java
index 824a4ce..63cf646 100644
---
a/test/org/apache/catalina/tribes/group/interceptors/TestOrderInterceptor.java
+++
b/test/org/apache/catalina/tribes/group/interceptors/TestOrderInterceptor.java
@@ -81,10 +81,20 @@ public class TestOrderInterceptor {
for ( int i=0; i 6) {
+Assert.fail("Cluster took more than 60s to start");
+}
+Thread.sleep(50);
+m = channels[i].getMembers();
+}
}
-Thread.sleep(1500);
}
@Test
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 10.0.x updated: WS
This is an automated email from the ASF dual-hosted git repository. remm pushed a commit to branch 10.0.x in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/10.0.x by this push: new 7eb6ab6 WS 7eb6ab6 is described below commit 7eb6ab618849be8f82e3c190e63eb8505d1e3d14 Author: remm AuthorDate: Thu Nov 18 13:35:15 2021 +0100 WS --- webapps/docs/config/resources.xml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/webapps/docs/config/resources.xml b/webapps/docs/config/resources.xml index 64a1610..f0a96d6 100644 --- a/webapps/docs/config/resources.xml +++ b/webapps/docs/config/resources.xml @@ -331,13 +331,13 @@ with the following attributes: - + Java class name of the implementation to use. This class must implement the org.apache.catalina.WebResourceRoot$CacheStrategy interface. - + - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 9.0.x updated: WS
This is an automated email from the ASF dual-hosted git repository. remm pushed a commit to branch 9.0.x in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/9.0.x by this push: new fecbe62 WS fecbe62 is described below commit fecbe623760478808c162fb4cd5fd6c83f94b922 Author: remm AuthorDate: Thu Nov 18 13:35:15 2021 +0100 WS --- webapps/docs/config/resources.xml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/webapps/docs/config/resources.xml b/webapps/docs/config/resources.xml index 64a1610..f0a96d6 100644 --- a/webapps/docs/config/resources.xml +++ b/webapps/docs/config/resources.xml @@ -331,13 +331,13 @@ with the following attributes: - + Java class name of the implementation to use. This class must implement the org.apache.catalina.WebResourceRoot$CacheStrategy interface. - + - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 8.5.x updated: WS
This is an automated email from the ASF dual-hosted git repository. remm pushed a commit to branch 8.5.x in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/8.5.x by this push: new c7ca462 WS c7ca462 is described below commit c7ca46273fd8e1f4337f8db86250d076ec8e6db8 Author: remm AuthorDate: Thu Nov 18 13:35:15 2021 +0100 WS --- webapps/docs/config/resources.xml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/webapps/docs/config/resources.xml b/webapps/docs/config/resources.xml index 64a1610..f0a96d6 100644 --- a/webapps/docs/config/resources.xml +++ b/webapps/docs/config/resources.xml @@ -331,13 +331,13 @@ with the following attributes: - + Java class name of the implementation to use. This class must implement the org.apache.catalina.WebResourceRoot$CacheStrategy interface. - + - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: [tomcat] branch 9.0.x updated: Protect against a known OS bug
On Thu, Nov 18, 2021 at 10:53 AM Mark Thomas wrote: > > On 18/11/2021 09:18, ma...@apache.org wrote: > > This is an automated email from the ASF dual-hosted git repository. > > > > markt pushed a commit to branch 9.0.x > > in repository https://gitbox.apache.org/repos/asf/tomcat.git > > > > > > The following commit(s) were added to refs/heads/9.0.x by this push: > > new 7a8 Protect against a known OS bug > > 7a8 is described below > > > > commit 7a8c4315bbd5f6b3d620f748cf30a41ba2e9 > > Author: Mark Thomas > > AuthorDate: Wed Nov 17 18:48:33 2021 + > > > > Protect against a known OS bug > > > > https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1924298 > > Hi all, > > Back-porting this to 8.5.x is complicated by 8.5.x having the option for > multiple acceptor threads. I can see the following options. > > 1. Don't back-port this protection to 8.5.x. > === > 8.5.x has survived this long without the protection. > There aren't any outstanding 8.5.x bug reports that could be > attributable to this issue. > Having the protection (and log message) in the other branches should > be enough to raise visibility of the bug and get it fixed. > There may be uses that are experiencing this bug on rare occasions > without realising it. > > 2. Limit 8.5.x to a single acceptor thread and back-port the 9.0.x fix > === > Multiple acceptor threads have been shown to offer little/no > performance benefit. > Making the acceptorThreadCount setter a NO-OP and hard-coding the > getter to return 1 would be relatively simple. > This feels like a fairly big change this late in the 8.5.x series. > > 3. Introduce a synchronization block around the accept() call and add > the duplicate check inside the synchronization block. > === > There may be a performance impact for users who have configured > multiple acceptor threads. > > > My current preference order is 2 first, closely followed by 1 with 3 > further behind. > > Thoughts? Ok for 2 if you feel like trying it. Rémy - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch main updated: Remove some unnecessary restrictions. Aligns with Servlet 6.0
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/main by this push:
new bdb3c45 Remove some unnecessary restrictions. Aligns with Servlet 6.0
bdb3c45 is described below
commit bdb3c4589fb28ca121c032dafaa0170cb29ee7eb
Author: Mark Thomas
AuthorDate: Thu Nov 18 16:48:34 2021 +
Remove some unnecessary restrictions. Aligns with Servlet 6.0
---
java/jakarta/servlet/ServletContext.java | 75 ++
java/org/apache/catalina/core/StandardContext.java | 27 +++-
.../apache/catalina/core/TesterTldListener.java| 4 +-
webapps/docs/changelog.xml | 8 +++
4 files changed, 26 insertions(+), 88 deletions(-)
diff --git a/java/jakarta/servlet/ServletContext.java
b/java/jakarta/servlet/ServletContext.java
index 6a61c2d..8f93735 100644
--- a/java/jakarta/servlet/ServletContext.java
+++ b/java/jakarta/servlet/ServletContext.java
@@ -121,14 +121,6 @@ public interface ServletContext {
*
* @return The major version declared in web.xml
*
- * @throws UnsupportedOperationExceptionIf called from a
- *{@link
ServletContextListener#contextInitialized(ServletContextEvent)}
- *method of a {@link ServletContextListener} that was not defined in a
- *web.xml file, a web-fragment.xml file nor annotated with
- *{@link jakarta.servlet.annotation.WebListener}. For example, a
- *{@link ServletContextListener} defined in a TLD would not be able to
- *use this method.
- *
* @since Servlet 3.0
*/
public int getEffectiveMajorVersion();
@@ -139,14 +131,6 @@ public interface ServletContext {
*
* @return The minor version declared in web.xml
*
- * @throws UnsupportedOperationExceptionIf called from a
- *{@link
ServletContextListener#contextInitialized(ServletContextEvent)}
- *method of a {@link ServletContextListener} that was not defined in a
- *web.xml file, a web-fragment.xml file nor annotated with
- *{@link jakarta.servlet.annotation.WebListener}. For example, a
- *{@link ServletContextListener} defined in a TLD would not be able to
- *use this method.
- *
* @since Servlet 3.0
*/
public int getEffectiveMinorVersion();
@@ -795,15 +779,10 @@ public interface ServletContext {
* SessionTrackingMode#SSL} is supported if at least one of the connectors
* used by this context has the attribute secure set to
* true.
+ *
* @return The set of default session tracking modes for this web
* application
- * @throws UnsupportedOperationExceptionIf called from a
- *{@link
ServletContextListener#contextInitialized(ServletContextEvent)}
- *method of a {@link ServletContextListener} that was not defined in a
- *web.xml file, a web-fragment.xml file nor annotated with
- *{@link jakarta.servlet.annotation.WebListener}. For example, a
- *{@link ServletContextListener} defined in a TLD would not be able to
- *use this method.
+ *
* @since Servlet 3.0
*/
public Set getDefaultSessionTrackingModes();
@@ -811,15 +790,10 @@ public interface ServletContext {
/**
* Obtains the currently enabled session tracking modes for this web
* application.
+ *
* @return The value supplied via {@link #setSessionTrackingModes(Set)} if
* one was previously set, else return the defaults
- * @throws UnsupportedOperationExceptionIf called from a
- *{@link
ServletContextListener#contextInitialized(ServletContextEvent)}
- *method of a {@link ServletContextListener} that was not defined in a
- *web.xml file, a web-fragment.xml file nor annotated with
- *{@link jakarta.servlet.annotation.WebListener}. For example, a
- *{@link ServletContextListener} defined in a TLD would not be able to
- *use this method.
+ *
* @since Servlet 3.0
*/
public Set getEffectiveSessionTrackingModes();
@@ -887,13 +861,7 @@ public interface ServletContext {
/**
* @return TODO
- * @throws UnsupportedOperationExceptionIf called from a
- *{@link
ServletContextListener#contextInitialized(ServletContextEvent)}
- *method of a {@link ServletContextListener} that was not defined in a
- *web.xml file, a web-fragment.xml file nor annotated with
- *{@link jakarta.servlet.annotation.WebListener}. For example, a
- *{@link ServletContextListener} defined in a TLD would not be able to
- *use this method.
+ *
* @since Servlet 3.0 TODO SERVLET3 - Add comments
*/
public JspConfigDescriptor getJspConfigDescriptor();
@@ -903,15 +871,9 @@ public interface ServletContext {
*
[tomcat] branch main updated: Version updates
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/main by this push:
new 5ce0239 Version updates
5ce0239 is described below
commit 5ce0239ceed91275cb353d0c2a7bb0c323b0dd22
Author: Mark Thomas
AuthorDate: Thu Nov 18 19:22:18 2021 +
Version updates
---
java/org/apache/catalina/core/Constants.java | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/java/org/apache/catalina/core/Constants.java
b/java/org/apache/catalina/core/Constants.java
index 13b8334..3a2bd5b 100644
--- a/java/org/apache/catalina/core/Constants.java
+++ b/java/org/apache/catalina/core/Constants.java
@@ -18,8 +18,8 @@ package org.apache.catalina.core;
public class Constants {
-public static final int MAJOR_VERSION = 5;
-public static final int MINOR_VERSION = 1;
+public static final int MAJOR_VERSION = 6;
+public static final int MINOR_VERSION = 0;
public static final String JSP_SERVLET_CLASS =
"org.apache.jasper.servlet.JspServlet";
}
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch main updated: Fix typo
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/main by this push:
new 1062cf4 Fix typo
1062cf4 is described below
commit 1062cf4527f15c8c4cd679b3fa2bbe57adcf3441
Author: Mark Thomas
AuthorDate: Thu Nov 18 19:22:39 2021 +
Fix typo
---
java/jakarta/servlet/http/Cookie.java | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/java/jakarta/servlet/http/Cookie.java
b/java/jakarta/servlet/http/Cookie.java
index de184f2..2e7bb98 100644
--- a/java/jakarta/servlet/http/Cookie.java
+++ b/java/jakarta/servlet/http/Cookie.java
@@ -334,7 +334,7 @@ public class Cookie implements Cloneable, Serializable {
* using any protocol.
*
* @return true if the browser uses a secure protocol;
- * otherwise, true
+ * otherwise, false
* @see #setSecure
*/
public boolean getSecure() {
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 10.0.x updated: Fix typo
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 10.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/10.0.x by this push:
new 412cfcd Fix typo
412cfcd is described below
commit 412cfcd3d34d0ff7faef4425d31e03a51d3defc5
Author: Mark Thomas
AuthorDate: Thu Nov 18 19:22:39 2021 +
Fix typo
---
java/jakarta/servlet/http/Cookie.java | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/java/jakarta/servlet/http/Cookie.java
b/java/jakarta/servlet/http/Cookie.java
index 31f814f..9b8d622 100644
--- a/java/jakarta/servlet/http/Cookie.java
+++ b/java/jakarta/servlet/http/Cookie.java
@@ -324,7 +324,7 @@ public class Cookie implements Cloneable, Serializable {
* using any protocol.
*
* @return true if the browser uses a secure protocol;
- * otherwise, true
+ * otherwise, false
* @see #setSecure
*/
public boolean getSecure() {
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 9.0.x updated: Fix typo
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/9.0.x by this push:
new ec075e4 Fix typo
ec075e4 is described below
commit ec075e4b92c7a042c1467efe82e845897079d5b8
Author: Mark Thomas
AuthorDate: Thu Nov 18 19:22:39 2021 +
Fix typo
---
java/javax/servlet/http/Cookie.java | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/java/javax/servlet/http/Cookie.java
b/java/javax/servlet/http/Cookie.java
index b1e23c0..e0ff6a0 100644
--- a/java/javax/servlet/http/Cookie.java
+++ b/java/javax/servlet/http/Cookie.java
@@ -324,7 +324,7 @@ public class Cookie implements Cloneable, Serializable {
* using any protocol.
*
* @return true if the browser uses a secure protocol;
- * otherwise, true
+ * otherwise, false
* @see #setSecure
*/
public boolean getSecure() {
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 8.5.x updated: Fix typo
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/8.5.x by this push:
new 82ce33d Fix typo
82ce33d is described below
commit 82ce33da6957ae7bb4fa56cc5680fb2135f12aab
Author: Mark Thomas
AuthorDate: Thu Nov 18 19:22:39 2021 +
Fix typo
---
java/javax/servlet/http/Cookie.java | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/java/javax/servlet/http/Cookie.java
b/java/javax/servlet/http/Cookie.java
index 4bd2940..3e41134 100644
--- a/java/javax/servlet/http/Cookie.java
+++ b/java/javax/servlet/http/Cookie.java
@@ -342,7 +342,7 @@ public class Cookie implements Cloneable, Serializable {
* using any protocol.
*
* @return true if the browser uses a secure protocol;
- * otherwise, true
+ * otherwise, false
* @see #setSecure
*/
public boolean getSecure() {
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch main updated: Expand tests
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/main by this push:
new e44bce9 Expand tests
e44bce9 is described below
commit e44bce996489db31d710d189ba51ef0649379df3
Author: Mark Thomas
AuthorDate: Thu Nov 18 19:36:18 2021 +
Expand tests
---
test/jakarta/servlet/http/TestCookie.java | 23 +++
1 file changed, 23 insertions(+)
diff --git a/test/jakarta/servlet/http/TestCookie.java
b/test/jakarta/servlet/http/TestCookie.java
index 7885de5..fa1d6da 100644
--- a/test/jakarta/servlet/http/TestCookie.java
+++ b/test/jakarta/servlet/http/TestCookie.java
@@ -180,6 +180,29 @@ public class TestCookie {
cookie.setAttribute("Max-Age", "bbb");
}
+@Test
+public void testClone() {
+Cookie a = new Cookie("a","a");
+a.setComment("comment");
+a.setDomain("domain");
+a.setHttpOnly(true);
+a.setMaxAge(123);
+a.setPath("/path");
+a.setSecure(true);
+
+Cookie b = (Cookie) a.clone();
+
+Assert.assertEquals("a", b.getName());
+Assert.assertEquals("a", b.getValue());
+Assert.assertEquals("comment", b.getComment());
+Assert.assertEquals("domain", b.getDomain());
+Assert.assertTrue(b.isHttpOnly());
+Assert.assertEquals(123, b.getMaxAge());
+Assert.assertEquals("/path", b.getPath());
+Assert.assertTrue(b.getSecure());
+}
+
+
public static void checkCharInName(CookieNameValidator validator, BitSet
allowed) {
for (char ch = 0; ch < allowed.size(); ch++) {
boolean expected = allowed.get(ch);
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 10.0.x updated: Expand tests
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 10.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/10.0.x by this push:
new bb2b393 Expand tests
bb2b393 is described below
commit bb2b393c78d30327121bdce218b485f66327
Author: Mark Thomas
AuthorDate: Thu Nov 18 19:36:18 2021 +
Expand tests
---
test/jakarta/servlet/http/TestCookie.java | 23 +++
1 file changed, 23 insertions(+)
diff --git a/test/jakarta/servlet/http/TestCookie.java
b/test/jakarta/servlet/http/TestCookie.java
index 353004e..40182ab 100644
--- a/test/jakarta/servlet/http/TestCookie.java
+++ b/test/jakarta/servlet/http/TestCookie.java
@@ -134,6 +134,29 @@ public class TestCookie {
Cookie cookie = new Cookie("$Foo", null);
}
+@Test
+public void testClone() {
+Cookie a = new Cookie("a","a");
+a.setComment("comment");
+a.setDomain("domain");
+a.setHttpOnly(true);
+a.setMaxAge(123);
+a.setPath("/path");
+a.setSecure(true);
+
+Cookie b = (Cookie) a.clone();
+
+Assert.assertEquals("a", b.getName());
+Assert.assertEquals("a", b.getValue());
+Assert.assertEquals("comment", b.getComment());
+Assert.assertEquals("domain", b.getDomain());
+Assert.assertTrue(b.isHttpOnly());
+Assert.assertEquals(123, b.getMaxAge());
+Assert.assertEquals("/path", b.getPath());
+Assert.assertTrue(b.getSecure());
+}
+
+
public static void checkCharInName(CookieNameValidator validator, BitSet
allowed) {
for (char ch = 0; ch < allowed.size(); ch++) {
boolean expected = allowed.get(ch);
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 9.0.x updated: Expand tests
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/9.0.x by this push:
new dc07a52 Expand tests
dc07a52 is described below
commit dc07a5245698bdf0a8c44425ff9c5b11635133cb
Author: Mark Thomas
AuthorDate: Thu Nov 18 19:36:18 2021 +
Expand tests
---
test/javax/servlet/http/TestCookie.java | 23 +++
1 file changed, 23 insertions(+)
diff --git a/test/javax/servlet/http/TestCookie.java
b/test/javax/servlet/http/TestCookie.java
index 358f4b9..3331eb3 100644
--- a/test/javax/servlet/http/TestCookie.java
+++ b/test/javax/servlet/http/TestCookie.java
@@ -134,6 +134,29 @@ public class TestCookie {
Cookie cookie = new Cookie("$Foo", null);
}
+@Test
+public void testClone() {
+Cookie a = new Cookie("a","a");
+a.setComment("comment");
+a.setDomain("domain");
+a.setHttpOnly(true);
+a.setMaxAge(123);
+a.setPath("/path");
+a.setSecure(true);
+
+Cookie b = (Cookie) a.clone();
+
+Assert.assertEquals("a", b.getName());
+Assert.assertEquals("a", b.getValue());
+Assert.assertEquals("comment", b.getComment());
+Assert.assertEquals("domain", b.getDomain());
+Assert.assertTrue(b.isHttpOnly());
+Assert.assertEquals(123, b.getMaxAge());
+Assert.assertEquals("/path", b.getPath());
+Assert.assertTrue(b.getSecure());
+}
+
+
public static void checkCharInName(CookieNameValidator validator, BitSet
allowed) {
for (char ch = 0; ch < allowed.size(); ch++) {
boolean expected = allowed.get(ch);
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 8.5.x updated: Expand tests
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/8.5.x by this push:
new 52ab757 Expand tests
52ab757 is described below
commit 52ab757e2f15cb9b6ee2565777e5d564372acb36
Author: Mark Thomas
AuthorDate: Thu Nov 18 19:36:18 2021 +
Expand tests
---
test/javax/servlet/http/TestCookie.java | 23 +++
1 file changed, 23 insertions(+)
diff --git a/test/javax/servlet/http/TestCookie.java
b/test/javax/servlet/http/TestCookie.java
index 358f4b9..3331eb3 100644
--- a/test/javax/servlet/http/TestCookie.java
+++ b/test/javax/servlet/http/TestCookie.java
@@ -134,6 +134,29 @@ public class TestCookie {
Cookie cookie = new Cookie("$Foo", null);
}
+@Test
+public void testClone() {
+Cookie a = new Cookie("a","a");
+a.setComment("comment");
+a.setDomain("domain");
+a.setHttpOnly(true);
+a.setMaxAge(123);
+a.setPath("/path");
+a.setSecure(true);
+
+Cookie b = (Cookie) a.clone();
+
+Assert.assertEquals("a", b.getName());
+Assert.assertEquals("a", b.getValue());
+Assert.assertEquals("comment", b.getComment());
+Assert.assertEquals("domain", b.getDomain());
+Assert.assertTrue(b.isHttpOnly());
+Assert.assertEquals(123, b.getMaxAge());
+Assert.assertEquals("/path", b.getPath());
+Assert.assertTrue(b.getSecure());
+}
+
+
public static void checkCharInName(CookieNameValidator validator, BitSet
allowed) {
for (char ch = 0; ch < allowed.size(); ch++) {
boolean expected = allowed.get(ch);
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch main updated: Rename logger to log
This is an automated email from the ASF dual-hosted git repository.
remm pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/main by this push:
new c3412ad Rename logger to log
c3412ad is described below
commit c3412ad28f72cbaf024967978c1c1690d3c5a27d
Author: remm
AuthorDate: Thu Nov 18 22:57:38 2021 +0100
Rename logger to log
Also remove FIXME since it looks good enough to me.
---
.../util/net/openssl/panama/OpenSSLEngine.java | 37 +++---
1 file changed, 18 insertions(+), 19 deletions(-)
diff --git
a/modules/openssl-java17/src/main/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLEngine.java
b/modules/openssl-java17/src/main/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLEngine.java
index 4fb17a4..75cca5a 100644
---
a/modules/openssl-java17/src/main/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLEngine.java
+++
b/modules/openssl-java17/src/main/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLEngine.java
@@ -74,7 +74,7 @@ import org.apache.tomcat.util.res.StringManager;
*/
public final class OpenSSLEngine extends SSLEngine implements
SSLUtil.ProtocolInfo {
-private static final Log logger = LogFactory.getLog(OpenSSLEngine.class);
+private static final Log log = LogFactory.getLog(OpenSSLEngine.class);
private static final StringManager sm =
StringManager.getManager(OpenSSLEngine.class);
private static final Certificate[] EMPTY_CERTIFICATES = new Certificate[0];
@@ -127,7 +127,7 @@ public final class OpenSSLEngine extends SSLEngine
implements SSLUtil.ProtocolIn
SSL_CTX_free(sslCtx);
}
} catch (Exception e) {
-logger.warn(sm.getString("engine.ciphersFailure"), e);
+log.warn(sm.getString("engine.ciphersFailure"), e);
}
AVAILABLE_CIPHER_SUITES =
Collections.unmodifiableSet(availableCipherSuites);
@@ -814,7 +814,7 @@ public final class OpenSSLEngine extends SSLEngine
implements SSLUtil.ProtocolIn
}
String converted =
OpenSSLCipherConfigurationParser.jsseToOpenSSL(cipherSuite);
if (!AVAILABLE_CIPHER_SUITES.contains(cipherSuite)) {
-logger.debug(sm.getString("engine.unsupportedCipher",
cipherSuite, converted));
+log.debug(sm.getString("engine.unsupportedCipher",
cipherSuite, converted));
}
if (converted != null) {
cipherSuite = converted;
@@ -1022,8 +1022,8 @@ public final class OpenSSLEngine extends SSLEngine
implements SSLUtil.ProtocolIn
}
MemoryAddress protocolAddress =
MemoryAccess.getAddress(protocolPointer);
byte[] name = protocolAddress.asSegment(length, scope).toByteArray();
-if (logger.isDebugEnabled()) {
-logger.debug("Protocol negotiated [" + new String(name) + "]");
+if (log.isDebugEnabled()) {
+log.debug("Protocol negotiated [" + new String(name) + "]");
}
return new String(name);
}
@@ -1051,8 +1051,8 @@ public final class OpenSSLEngine extends SSLEngine
implements SSLUtil.ProtocolIn
}
private synchronized void renegotiate() throws SSLException {
-if (logger.isDebugEnabled()) {
-logger.debug("Start renegotiate");
+if (log.isDebugEnabled()) {
+log.debug("Start renegotiate");
}
clearLastError();
int code;
@@ -1117,8 +1117,8 @@ public final class OpenSSLEngine extends SSLEngine
implements SSLUtil.ProtocolIn
if (sslError == null) {
sslError = err;
}
-if (logger.isDebugEnabled()) {
-logger.debug(sm.getString("engine.openSSLError",
Long.toString(error), err));
+if (log.isDebugEnabled()) {
+log.debug(sm.getString("engine.openSSLError",
Long.toString(error), err));
}
} while ((error = ERR_get_error()) != SSL_ERROR_NONE());
}
@@ -1277,7 +1277,7 @@ public final class OpenSSLEngine extends SSLEngine
implements SSLUtil.ProtocolIn
public static void openSSLCallbackInfo(MemoryAddress ssl, int where, int
ret) {
EngineState state = getState(ssl);
if (state == null) {
-logger.warn(sm.getString("engine.noSSL",
Long.valueOf(ssl.toRawLongValue(;
+log.warn(sm.getString("engine.noSSL",
Long.valueOf(ssl.toRawLongValue(;
return;
}
if (0 != (where & SSL_CB_HANDSHAKE_DONE())) {
@@ -1289,11 +1289,11 @@ public final class OpenSSLEngine extends SSLEngine
implements SSLUtil.ProtocolIn
MemoryAddress ssl = X509_STORE_CTX_get_ex_data(x509ctx,
SSL_get_ex_data_X509_STORE_CTX_idx());
EngineState state = getState(ssl);
if (state == null) {
-logger.warn(sm.getString("engine.noSSL",
Lon
[tomcat] branch main updated: Move DH params to the listener
This is an automated email from the ASF dual-hosted git repository.
remm pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/main by this push:
new 248e9b7 Move DH params to the listener
248e9b7 is described below
commit 248e9b74c9ccb8fb7b5072acd932f9deb3e979fb
Author: remm
AuthorDate: Thu Nov 18 22:59:29 2021 +0100
Move DH params to the listener
Add a destroy method.
Add the server listener check.
---
.../util/net/openssl/panama/OpenSSLContext.java| 66 +---
.../openssl/panama/OpenSSLLifecycleListener.java | 116 ++---
.../net/openssl/panama/LocalStrings.properties | 1 +
3 files changed, 106 insertions(+), 77 deletions(-)
diff --git
a/modules/openssl-java17/src/main/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLContext.java
b/modules/openssl-java17/src/main/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLContext.java
index c5def28..735acb3 100644
---
a/modules/openssl-java17/src/main/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLContext.java
+++
b/modules/openssl-java17/src/main/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLContext.java
@@ -147,66 +147,6 @@ public class OpenSSLContext implements
org.apache.tomcat.util.net.SSLContext {
}
}
-/*
-{ BN_get_rfc3526_prime_8192, NULL, 6145 },
-{ BN_get_rfc3526_prime_6144, NULL, 4097 },
-{ BN_get_rfc3526_prime_4096, NULL, 3073 },
-{ BN_get_rfc3526_prime_3072, NULL, 2049 },
-{ BN_get_rfc3526_prime_2048, NULL, 1025 },
-{ BN_get_rfc2409_prime_1024, NULL, 0 }
- */
-private static final class DHParam {
-private final MemoryAddress dh;
-private final int min;
-private DHParam(MemoryAddress dh, int min) {
-this.dh = dh;
-this.min = min;
-}
-}
-private static final DHParam[] dhParameters = new DHParam[6];
-
-static {
-
-OpenSSLLifecycleListener.initLibrary();
-
-var dh = DH_new();
-var p = BN_get_rfc3526_prime_8192(MemoryAddress.NULL);
-var g = BN_new();
-BN_set_word(g, 2);
-DH_set0_pqg(dh, p, MemoryAddress.NULL, g);
-dhParameters[0] = new DHParam(dh, 6145);
-dh = DH_new();
-p = BN_get_rfc3526_prime_6144(MemoryAddress.NULL);
-g = BN_new();
-BN_set_word(g, 2);
-DH_set0_pqg(dh, p, MemoryAddress.NULL, g);
-dhParameters[1] = new DHParam(dh, 4097);
-dh = DH_new();
-p = BN_get_rfc3526_prime_4096(MemoryAddress.NULL);
-g = BN_new();
-BN_set_word(g, 2);
-DH_set0_pqg(dh, p, MemoryAddress.NULL, g);
-dhParameters[2] = new DHParam(dh, 3073);
-dh = DH_new();
-p = BN_get_rfc3526_prime_3072(MemoryAddress.NULL);
-g = BN_new();
-BN_set_word(g, 2);
-DH_set0_pqg(dh, p, MemoryAddress.NULL, g);
-dhParameters[3] = new DHParam(dh, 2049);
-dh = DH_new();
-p = BN_get_rfc3526_prime_2048(MemoryAddress.NULL);
-g = BN_new();
-BN_set_word(g, 2);
-DH_set0_pqg(dh, p, MemoryAddress.NULL, g);
-dhParameters[4] = new DHParam(dh, 1025);
-dh = DH_new();
-p = BN_get_rfc2409_prime_1024(MemoryAddress.NULL);
-g = BN_new();
-BN_set_word(g, 2);
-DH_set0_pqg(dh, p, MemoryAddress.NULL, g);
-dhParameters[5] = new DHParam(dh, 0);
-}
-
private final SSLHostConfig sslHostConfig;
private final SSLHostConfigCertificate certificate;
private final boolean alpn;
@@ -821,9 +761,9 @@ public class OpenSSLContext implements
org.apache.tomcat.util.net.SSLContext {
if ((type == EVP_PKEY_RSA()) || (type == EVP_PKEY_DSA())) {
keylen = EVP_PKEY_bits(pkey);
}
-for (int i = 0; i < dhParameters.length; i++) {
-if (keylen >= dhParameters[i].min) {
-return dhParameters[i].dh;
+for (int i = 0; i < OpenSSLLifecycleListener.dhParameters.length; i++)
{
+if (keylen >= OpenSSLLifecycleListener.dhParameters[i].min) {
+return OpenSSLLifecycleListener.dhParameters[i].dh;
}
}
return MemoryAddress.NULL;
diff --git
a/modules/openssl-java17/src/main/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLLifecycleListener.java
b/modules/openssl-java17/src/main/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLLifecycleListener.java
index a4541f1..76637bc 100644
---
a/modules/openssl-java17/src/main/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLLifecycleListener.java
+++
b/modules/openssl-java17/src/main/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLLifecycleListener.java
@@ -29,6 +29,7 @@ import java.security.SecureRandom;
import org.apache.catalina.Lifecycle;
import org.apache.catalina.LifecycleEvent;
import org.apache.catalina.LifecycleListener;
+import org.apache.catalina.S
[tomcat] branch main updated: POM update
This is an automated email from the ASF dual-hosted git repository. remm pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/main by this push: new d83479e POM update d83479e is described below commit d83479efe35e15125a3be781c9670269abe74bfe Author: remm AuthorDate: Thu Nov 18 23:00:09 2021 +0100 POM update --- modules/openssl-java17/pom.xml | 51 +++--- 1 file changed, 33 insertions(+), 18 deletions(-) diff --git a/modules/openssl-java17/pom.xml b/modules/openssl-java17/pom.xml index b4affb6..9ccec48 100644 --- a/modules/openssl-java17/pom.xml +++ b/modules/openssl-java17/pom.xml @@ -21,7 +21,7 @@ org.apache apache -23 +24 org.apache.tomcat @@ -33,8 +33,24 @@ 10.0.13 +10 + + + Development List + dev-subscr...@tomcat.apache.org + dev-unsubscr...@tomcat.apache.org + dev@tomcat.apache.org + + + Users List + users-subscr...@tomcat.apache.org + users-unsubscr...@tomcat.apache.org + us...@tomcat.apache.org + + + org.apache.tomcat @@ -50,22 +66,21 @@ - - - -org.apache.maven.plugins -maven-compiler-plugin -3.8.1 - -17 -17 - ---add-modules -jdk.incubator.foreign - - - - - + + + + org.apache.maven.plugins + maven-compiler-plugin + + 17 + 17 + + --add-modules + jdk.incubator.foreign + + + + + - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
