[tomcat] branch 8.5.x updated: Switch from Cobertura to JaCoCo for code coverage

[markt]

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/8.5.x by this push:
 new 951e1b6  Switch from Cobertura to JaCoCo for code coverage
951e1b6 is described below

commit 951e1b64746194af49935b138e33632db3ae70be
Author: Mark Thomas 
AuthorDate: Mon Nov 8 12:41:36 2021 +

Switch from Cobertura to JaCoCo for code coverage
---
 build.properties.default   |  23 ++--
 build.xml  | 299 +++--
 webapps/docs/changelog.xml |   9 ++
 3 files changed, 149 insertions(+), 182 deletions(-)

diff --git a/build.properties.default b/build.properties.default
index d5d8f3c..a61dbeb 100644
--- a/build.properties.default
+++ b/build.properties.default
@@ -61,12 +61,11 @@ test.verbose=true
 
 # Number of parallel threads to use for testing. The recommended value is one
 # thread per core.
-# Note: Cobertura code coverage currently requires this to be set to 1. Setting
-#   a value above one will disable code coverage if enabled.
 test.threads=1
 
-# Note the Cobertura code coverage tool is GPLv2 licensed
-test.cobertura=false
+# Note the JaCoCo code coverage tool is EPLv2 licensed
+# Enabling code coverage extends the time taken to run the tests by ~50%
+test.coverage=false
 
 # Note the FindBugs is LGPL licensed
 execute.findbugs=false
@@ -287,14 +286,14 @@ 
checkstyle.home=${base.path}/checkstyle-backport-jre6-${checkstyle.version}
 checkstyle.jar=${checkstyle.home}/checkstyle-${checkstyle.version}-all.jar
 
checkstyle.loc=${base-checkstyle.loc}/com/puppycrawl/tools/checkstyle-backport-jre6/${checkstyle.version}/checkstyle-backport-jre6-${checkstyle.version}-all.jar
 
-# - Cobertura code coverage tool -
-cobertura.version=2.1.1
-cobertura.checksum.enabled=true
-cobertura.checksum.algorithm=MD5|SHA-1
-cobertura.checksum.value=4f46638aa8e4d89565c038092398ea06|99cb44d36555feedcedc46263c23c2f5394ef342
-cobertura.home=${base.path}/cobertura-${cobertura.version}
-cobertura.jar=${cobertura.home}/cobertura-${cobertura.version}.jar
-cobertura.loc=${base-sf.loc}/cobertura/cobertura-${cobertura.version}-bin.tar.gz
+# - JaCoCo code coverage tool -
+jacoco.version=0.8.7
+jacoco.checksum.enabled=true
+jacoco.checksum.algorithm=MD5|SHA-1
+jacoco.checksum.value=174fde230d1090a5622119d5096bce07|983a52a030f4123b671840a27426ed73479f45cc
+jacoco.home=${base.path}/jacoco-${jacoco.version}
+jacoco.jar=${jacoco.home}/lib/jacocoant.jar
+jacoco.loc=${base-maven.loc}/org/jacoco/jacoco/${jacoco.version}/jacoco-${jacoco.version}.zip
 
 # - SpotBugs (originally FindBugs) -
 # 3.1.12 is the last version that runs on Java 7
diff --git a/build.xml b/build.xml
index 15c8fb8..f5b7ad6 100644
--- a/build.xml
+++ b/build.xml
@@ -16,7 +16,10 @@
   limitations under the License.
 -->
 
+  xmlns:if="ant:if"
+  xmlns:unless="ant:unless"
+  xmlns:jacoco="antlib:org.jacoco.ant"
+  >
 
   
 
@@ -175,11 +178,9 @@
   
   
 
-  
-  
-  
-  
-  
+  
+  
+  
 
   
   
@@ -1462,7 +1463,7 @@
   
 
   
+  
depends="setup-jacoco,test-nio,test-nio2,test-apr,coverage-report,test-status" 
/>
 
   
@@ -1500,19 +1501,19 @@
   
 
   
+  depends="test-compile,deploy,test-openssl-exists" 
if="${execute.test.nio}">
 
   
 
   
+  depends="test-compile,deploy,test-openssl-exists" 
if="${execute.test.nio2}">
 
   
 
   
 
@@ -1549,162 +1550,106 @@
 
 
   
-  
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-  
-  
-
-
-
-
-
-
-
-
-
-
-  
-
-
-
-  
-
-  
+  
+
+
+  
+  
+  
+  
+  
+  
+
+  
+  
+  
+  
+  
+  
+
+  
+
+  
+  
+  
+  
+  
+  
+  
+  
+  
+  
+  
+  
+
+  
+
+  
+  
+  
+  
+
+
+  
+  
+  
+  
+  
+  
+  
+  
+  
+  
+
+  
+  
+  
+
+  
+
+  
 
   
 
-  
-
-  
-
-
-  
-
-
-  
-
-
-  
-
-  
-
-  
-
-  
-
-
-  
-
-  
-
-  
-
-  
-
-  
-
-
-  
-
-
-

[tomcat] branch 9.0.x updated: Align with 10.0.x

[markt]

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/9.0.x by this push:
 new 45cfe08  Align with 10.0.x
45cfe08 is described below

commit 45cfe08a1043a2e287b6f7933378808a4f460261
Author: Mark Thomas 
AuthorDate: Thu Nov 25 08:08:05 2021 +

Align with 10.0.x
---
 build.xml | 6 ++
 1 file changed, 2 insertions(+), 4 deletions(-)

diff --git a/build.xml b/build.xml
index 1fd83ff..5ce4b1b 100644
--- a/build.xml
+++ b/build.xml
@@ -1972,8 +1972,6 @@
   
   
   
-  
-  
 
   
   
+/>
   
+/>
   
 
 

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch 8.5.x updated: Align with 9.0.x

[markt]

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/8.5.x by this push:
 new 21fa8c8  Align with 9.0.x
21fa8c8 is described below

commit 21fa8c8cc13737f324c734fa6c7c3ba920ff9768
Author: Mark Thomas 
AuthorDate: Thu Nov 25 08:08:22 2021 +

Align with 9.0.x
---
 build.xml | 6 ++
 1 file changed, 2 insertions(+), 4 deletions(-)

diff --git a/build.xml b/build.xml
index f5b7ad6..d006d2e 100644
--- a/build.xml
+++ b/build.xml
@@ -1586,8 +1586,6 @@
   
   
   
-  
-  
 
   
   
+/>
   
+/>
   
 
 

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch main updated: More spec version updates

[markt]

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/main by this push:
 new a23c096  More spec version updates
a23c096 is described below

commit a23c096336636a970e82cd4b6cab5f3f975e9284
Author: Mark Thomas 
AuthorDate: Thu Nov 25 09:03:13 2021 +

More spec version updates
---
 BUILDING.txt|  2 +-
 webapps/docs/class-loader-howto.xml |  6 +++---
 webapps/docs/index.xml  | 12 ++--
 webapps/docs/project.xml|  2 +-
 webapps/docs/web-socket-howto.xml   |  2 +-
 5 files changed, 12 insertions(+), 12 deletions(-)

diff --git a/BUILDING.txt b/BUILDING.txt
index 27fb422..166ee1f 100644
--- a/BUILDING.txt
+++ b/BUILDING.txt
@@ -20,7 +20,7 @@
 
 
 This project contains the source code for Tomcat @VERSION_MAJOR_MINOR@, a 
container that
-implements the Jakarta Servlet 6.0, JSP 3.1, EL 5.0, WebSocket 2.0 and
+implements the Jakarta Servlet 6.0, JSP 3.1, EL 5.0, WebSocket 2.1 and
 Authentication 2.0 specifications from the Jakarta EE project at Eclipse
 .
 
diff --git a/webapps/docs/class-loader-howto.xml 
b/webapps/docs/class-loader-howto.xml
index 1906eda..814c0f9 100644
--- a/webapps/docs/class-loader-howto.xml
+++ b/webapps/docs/class-loader-howto.xml
@@ -159,9 +159,9 @@ loaders as it is initialized:
 documentation for more details.
 tomcat-util.jar — Common classes used by various 
components of
 Apache Tomcat.
-tomcat-websocket.jar — WebSocket 2.0 implementation
-websocket-api.jar — WebSocket 2.0 API
-websocket-client-api.jar — WebSocket 2.0 Client API
+tomcat-websocket.jar — WebSocket 2.1 implementation
+websocket-api.jar — WebSocket 2.1 API
+websocket-client-api.jar — WebSocket 2.1 Client API
 
 WebappX — A class loader is created for each web
 application that is deployed in a single Tomcat instance.  All unpacked
diff --git a/webapps/docs/index.xml b/webapps/docs/index.xml
index 16f4ad9..af15b2c 100644
--- a/webapps/docs/index.xml
+++ b/webapps/docs/index.xml
@@ -176,16 +176,16 @@ are responsible for installing, configuring, and 
operating an Apache Tomcat serv
 https://jakarta.ee/specifications/pages/3.1/apidocs";>
 Javadoc
 
-EL 4.0
-https://jakarta.ee/specifications/expression-language/4.0/";>
+EL 5.0
+https://jakarta.ee/specifications/expression-language/5.0/";>
 Specification and
-https://jakarta.ee/specifications/expression-language/4.0/apidocs";>
+https://jakarta.ee/specifications/expression-language/5.0/apidocs";>
 Javadoc
 
-WebSocket 2.0
-https://jakarta.ee/specifications/websocket/2.0/";>
+WebSocket 2.1
+https://jakarta.ee/specifications/websocket/2.1/";>
 Specification and
-https://jakarta.ee/specifications/websocket/2.0/apidocs";>
+https://jakarta.ee/specifications/websocket/2.1/apidocs";>
 Javadoc
 
 Authentication 2.0
diff --git a/webapps/docs/project.xml b/webapps/docs/project.xml
index 78752e4..a9356a1 100644
--- a/webapps/docs/project.xml
+++ b/webapps/docs/project.xml
@@ -86,7 +86,7 @@
 
 
 
-
 
 
 
 
-Tomcat implements the Jakarta WebSocket 2.0 API defined by the Tomcat implements the Jakarta WebSocket 2.1 API defined by the https://projects.eclipse.org/projects/ee4j.websocket";>Jakarta
WebSocket project.
 

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 65704] New: The class XmlUtil.java have XXE security issue

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=65704

Bug ID: 65704
   Summary: The class XmlUtil.java have XXE security issue
   Product: Taglibs
   Version: 1.2.5
  Hardware: PC
Status: NEW
  Severity: normal
  Priority: P2
 Component: Unknown Taglib
  Assignee: dev@tomcat.apache.org
  Reporter: powercomt...@huawei.com
  Target Milestone: ---

Created attachment 38102
  --> https://bz.apache.org/bugzilla/attachment.cgi?id=38102&action=edit
source code

At the line 88, XML parser configured 'tf' does not prevent nor limit external
entities resolution. This can expose the parser to an XML External Entities
attack.Using XML parsers configured to not prevent nor limit external entities
resolution can expose the parser to an XML External Entities attack. For
example as below:

 tf.setFeature("http://apache.org/xml/features/disallow-doctype-decl";, true);

i think taglibs can add the above content first and parse the xml on next step,
it will be better. Thanks

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 65704] The class XmlUtil.java have XXE security issue

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=65704

Mark Thomas  changed:

   What|Removed |Added

 Status|NEW |RESOLVED
 OS||All
 Resolution|--- |INVALID

--- Comment #1 from Mark Thomas  ---
1. Security reports should not be posted to public bug trackers or mailing
lists. The correct way to report security issues is described here:
http://tomcat.apache.org/security.html

2. The parser is not exposed to untrusted user input. It is not exploitable.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 65705] New: java.lang.NoSuchMethodError: java.nio.ByteBuffer.limit(I)Ljava/nio/ByteBuffer;

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=65705

Bug ID: 65705
   Summary: java.lang.NoSuchMethodError:
java.nio.ByteBuffer.limit(I)Ljava/nio/ByteBuffer;
   Product: Tomcat 9
   Version: 9.0.36
  Hardware: PC
OS: Linux
Status: NEW
  Severity: normal
  Priority: P2
 Component: Connectors
  Assignee: dev@tomcat.apache.org
  Reporter: laszlo.dobron...@raiffeisen.hu
  Target Milestone: -

I guess, the reason of the error is explained here:
https://www.morling.dev/blog/bytebuffer-and-the-dreaded-nosuchmethoderror/

24-Nov-2021 11:34:30.235 SEVERE [http-nio-8080-exec-84]
org.apache.catalina.core.StandardWrapperValve.invoke Servlet.service() for
servlet [WebServicePort] in context with path [/WwrService] threw exception
[Servlet execution threw an exception] with root cause
java.lang.NoSuchMethodError:
java.nio.ByteBuffer.limit(I)Ljava/nio/ByteBuffer;
at
org.apache.coyote.http11.filters.ChunkedInputFilter.doRead(ChunkedInputFilter.java:193)
at
org.apache.coyote.http11.Http11InputBuffer.doRead(Http11InputBuffer.java:250)
at org.apache.coyote.Request.doRead(Request.java:551)
at
org.apache.catalina.connector.InputBuffer.realReadBytes(InputBuffer.java:336)
at
org.apache.catalina.connector.InputBuffer.checkByteBufferEof(InputBuffer.java:632)
at
org.apache.catalina.connector.InputBuffer.read(InputBuffer.java:362)
at
org.apache.catalina.connector.CoyoteInputStream.read(CoyoteInputStream.java:132)
at java.io.FilterInputStream.read(FilterInputStream.java:133)
at com.ctc.wstx.io.BaseReader.readBytes(BaseReader.java:155)
at com.ctc.wstx.io.UTF8Reader.loadMore(UTF8Reader.java:369)
at com.ctc.wstx.io.UTF8Reader.read(UTF8Reader.java:112)
at
com.ctc.wstx.io.ReaderBootstrapper.initialLoad(ReaderBootstrapper.java:254)
at
com.ctc.wstx.io.ReaderBootstrapper.bootstrapInput(ReaderBootstrapper.java:134)
at
com.ctc.wstx.stax.WstxInputFactory.doCreateSR(WstxInputFactory.java:573)
at
com.ctc.wstx.stax.WstxInputFactory.createSR(WstxInputFactory.java:633)
at
com.ctc.wstx.stax.WstxInputFactory.createSR(WstxInputFactory.java:657)
at
com.ctc.wstx.stax.WstxInputFactory.createXMLStreamReader(WstxInputFactory.java:342)
at
org.apache.cxf.staxutils.StaxUtils.createXMLStreamReader(StaxUtils.java:1725)
at
org.apache.cxf.interceptor.StaxInInterceptor.handleMessage(StaxInInterceptor.java:127)
at
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:308)
at
org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:121)
at
org.apache.cxf.transport.http.AbstractHTTPDestination.invoke(AbstractHTTPDestination.java:267)
at
org.apache.cxf.transport.servlet.ServletController.invokeDestination(ServletController.java:234)
at
org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:208)
at
org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:160)
at
org.apache.cxf.transport.servlet.CXFNonSpringServlet.invoke(CXFNonSpringServlet.java:216)
at
org.apache.cxf.transport.servlet.AbstractHTTPServlet.handleRequest(AbstractHTTPServlet.java:301)
a.lang.NoSuchMethodError:
java.nio.ByteBuffer.limit(I)Ljava/nio/ByteBuffer;t
org.apache.cxf.transport.servlet.AbstractHTTPServlet.doPost(AbstractHTTPServlet.java:220)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:660)
at
org.apache.cxf.transport.servlet.AbstractHTTPServlet.service(AbstractHTTPServlet.java:276)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:231)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at
org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:53)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:202)
at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96)
at
org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:541)
at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:139)
at
org.apache.catalina.valves.ErrorR

[Bug 65705] java.lang.NoSuchMethodError: java.nio.ByteBuffer.limit(I)Ljava/nio/ByteBuffer;

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=65705

--- Comment #1 from Mark Thomas  ---
>From where, exactly, did you obtain your copy of Apache Tomcat 9.0.36?

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 65705] java.lang.NoSuchMethodError: java.nio.ByteBuffer.limit(I)Ljava/nio/ByteBuffer;

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=65705

--- Comment #2 from laszlo.dobron...@raiffeisen.hu ---
It's in the distribution SUSE Linux Enterprise Server 15 SP3

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 65705] java.lang.NoSuchMethodError: java.nio.ByteBuffer.limit(I)Ljava/nio/ByteBuffer;

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=65705

--- Comment #3 from Michael Osipov  ---
(In reply to laszlo.dobrontei from comment #2)
> It's in the distribution SUSE Linux Enterprise Server 15 SP3

Then talk to SUSE and try a vanilla Tomcat first.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 65705] java.lang.NoSuchMethodError: java.nio.ByteBuffer.limit(I)Ljava/nio/ByteBuffer;

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=65705

--- Comment #4 from Michael Osipov  ---
They have compiled Tomcat with Java 11 and did not supply: --release=8

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 65705] java.lang.NoSuchMethodError: java.nio.ByteBuffer.limit(I)Ljava/nio/ByteBuffer;

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=65705

Mark Thomas  changed:

   What|Removed |Added

 Status|NEW |RESOLVED
 Resolution|--- |INVALID

--- Comment #5 from Mark Thomas  ---
Yep. I've confirmed the official 9.0.36 distribution was compiled with Java 8.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 65705] java.lang.NoSuchMethodError: java.nio.ByteBuffer.limit(I)Ljava/nio/ByteBuffer;

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=65705

--- Comment #6 from laszlo.dobron...@raiffeisen.hu ---
OK, I see. That explains.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 65705] java.lang.NoSuchMethodError: java.nio.ByteBuffer.limit(I)Ljava/nio/ByteBuffer;

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=65705

--- Comment #7 from Remy Maucherat  ---
I am also very careful about using Java 8 to build 9.0.x ...

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 65705] java.lang.NoSuchMethodError: java.nio.ByteBuffer.limit(I)Ljava/nio/ByteBuffer;

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=65705

--- Comment #8 from laszlo.dobron...@raiffeisen.hu ---
Thank you for looking into. I will let SUSE the issue.

Building with JDK8 should fix the issue.

However the BUILDING.txt doesn't mention JDK8 as requirement and the code
actually does not compile with higher JDK if I add "--release=8" to the
"compile" target in build.xml.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch main updated: Fix BZ 65677 - improve error handling for HTTP reads with NIO2

[markt]

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/main by this push:
 new 717d69c  Fix BZ 65677 - improve error handling for HTTP reads with NIO2
717d69c is described below

commit 717d69c4808718341129e1c0669bf01af8cd7b43
Author: Mark Thomas 
AuthorDate: Thu Nov 25 12:08:36 2021 +

Fix BZ 65677 - improve error handling for HTTP reads with NIO2

https://bz.apache.org/bugzilla/show_bug.cgi?id=65677
---
 java/org/apache/coyote/http11/Http11InputBuffer.java | 17 +++--
 webapps/docs/changelog.xml   |  4 
 2 files changed, 19 insertions(+), 2 deletions(-)

diff --git a/java/org/apache/coyote/http11/Http11InputBuffer.java 
b/java/org/apache/coyote/http11/Http11InputBuffer.java
index 19aa56e..fd9d18d 100644
--- a/java/org/apache/coyote/http11/Http11InputBuffer.java
+++ b/java/org/apache/coyote/http11/Http11InputBuffer.java
@@ -794,7 +794,7 @@ public class Http11InputBuffer implements InputBuffer, 
ApplicationBufferHandler
 }
 
 int nRead = -1;
-byteBuffer.mark();
+int mark = byteBuffer.position();
 try {
 if (byteBuffer.position() < byteBuffer.limit()) {
 byteBuffer.position(byteBuffer.limit());
@@ -810,7 +810,20 @@ public class Http11InputBuffer implements InputBuffer, 
ApplicationBufferHandler
 // Ensure that the buffer limit and position are returned to a
 // consistent "ready for read" state if an error occurs during in
 // the above code block.
-byteBuffer.limit(byteBuffer.position()).reset();
+// Some error conditions can result in the position being reset to
+// zero which also invalidates the mark.
+// https://bz.apache.org/bugzilla/show_bug.cgi?id=65677
+if (byteBuffer.position() >= mark) {
+// // Position and mark are consistent. Assume a read (possibly
+// of zero bytes) has occurred.
+byteBuffer.limit(byteBuffer.position());
+byteBuffer.position(mark);
+} else {
+// Position and mark are inconsistent. Set position and limit 
to
+// zero so effectively no data is reported as read.
+byteBuffer.position(0);
+byteBuffer.limit(0);
+}
 }
 
 if (log.isDebugEnabled()) {
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index e77ab39..fff859c 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -149,6 +149,10 @@
 Avoid unnecessary duplicate read registrations for blocking I/O with 
the
 NIO connector. (markt)
   
+  
+65677: Improve exception handling for errors during HTTP/1.1
+reads with NIO2. (markt)
+  
 
   
   

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch 10.0.x updated: Fix BZ 65677 - improve error handling for HTTP reads with NIO2

[markt]

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 10.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/10.0.x by this push:
 new 543aab6  Fix BZ 65677 - improve error handling for HTTP reads with NIO2
543aab6 is described below

commit 543aab65e5a91a00631728a5c35290d8ea4a467c
Author: Mark Thomas 
AuthorDate: Thu Nov 25 12:08:36 2021 +

Fix BZ 65677 - improve error handling for HTTP reads with NIO2

https://bz.apache.org/bugzilla/show_bug.cgi?id=65677
---
 java/org/apache/coyote/http11/Http11InputBuffer.java | 17 +++--
 webapps/docs/changelog.xml   |  4 
 2 files changed, 19 insertions(+), 2 deletions(-)

diff --git a/java/org/apache/coyote/http11/Http11InputBuffer.java 
b/java/org/apache/coyote/http11/Http11InputBuffer.java
index 19aa56e..fd9d18d 100644
--- a/java/org/apache/coyote/http11/Http11InputBuffer.java
+++ b/java/org/apache/coyote/http11/Http11InputBuffer.java
@@ -794,7 +794,7 @@ public class Http11InputBuffer implements InputBuffer, 
ApplicationBufferHandler
 }
 
 int nRead = -1;
-byteBuffer.mark();
+int mark = byteBuffer.position();
 try {
 if (byteBuffer.position() < byteBuffer.limit()) {
 byteBuffer.position(byteBuffer.limit());
@@ -810,7 +810,20 @@ public class Http11InputBuffer implements InputBuffer, 
ApplicationBufferHandler
 // Ensure that the buffer limit and position are returned to a
 // consistent "ready for read" state if an error occurs during in
 // the above code block.
-byteBuffer.limit(byteBuffer.position()).reset();
+// Some error conditions can result in the position being reset to
+// zero which also invalidates the mark.
+// https://bz.apache.org/bugzilla/show_bug.cgi?id=65677
+if (byteBuffer.position() >= mark) {
+// // Position and mark are consistent. Assume a read (possibly
+// of zero bytes) has occurred.
+byteBuffer.limit(byteBuffer.position());
+byteBuffer.position(mark);
+} else {
+// Position and mark are inconsistent. Set position and limit 
to
+// zero so effectively no data is reported as read.
+byteBuffer.position(0);
+byteBuffer.limit(0);
+}
 }
 
 if (log.isDebugEnabled()) {
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 24fe3bd..899bfe7 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -137,6 +137,10 @@
 Avoid unnecessary duplicate read registrations for blocking I/O with 
the
 NIO connector. (markt)
   
+  
+65677: Improve exception handling for errors during HTTP/1.1
+reads with NIO2. (markt)
+  
 
   
 

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch 9.0.x updated: Fix BZ 65677 - improve error handling for HTTP reads with NIO2

[markt]

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/9.0.x by this push:
 new 4bb3fee  Fix BZ 65677 - improve error handling for HTTP reads with NIO2
4bb3fee is described below

commit 4bb3fee348fe30f8100cdf75cbc0d382105baeb6
Author: Mark Thomas 
AuthorDate: Thu Nov 25 12:08:36 2021 +

Fix BZ 65677 - improve error handling for HTTP reads with NIO2

https://bz.apache.org/bugzilla/show_bug.cgi?id=65677
---
 java/org/apache/coyote/http11/Http11InputBuffer.java | 17 +++--
 webapps/docs/changelog.xml   |  4 
 2 files changed, 19 insertions(+), 2 deletions(-)

diff --git a/java/org/apache/coyote/http11/Http11InputBuffer.java 
b/java/org/apache/coyote/http11/Http11InputBuffer.java
index f1346f1..413a1c4 100644
--- a/java/org/apache/coyote/http11/Http11InputBuffer.java
+++ b/java/org/apache/coyote/http11/Http11InputBuffer.java
@@ -794,7 +794,7 @@ public class Http11InputBuffer implements InputBuffer, 
ApplicationBufferHandler
 }
 
 int nRead = -1;
-byteBuffer.mark();
+int mark = byteBuffer.position();
 try {
 if (byteBuffer.position() < byteBuffer.limit()) {
 byteBuffer.position(byteBuffer.limit());
@@ -810,7 +810,20 @@ public class Http11InputBuffer implements InputBuffer, 
ApplicationBufferHandler
 // Ensure that the buffer limit and position are returned to a
 // consistent "ready for read" state if an error occurs during in
 // the above code block.
-byteBuffer.limit(byteBuffer.position()).reset();
+// Some error conditions can result in the position being reset to
+// zero which also invalidates the mark.
+// https://bz.apache.org/bugzilla/show_bug.cgi?id=65677
+if (byteBuffer.position() >= mark) {
+// // Position and mark are consistent. Assume a read (possibly
+// of zero bytes) has occurred.
+byteBuffer.limit(byteBuffer.position());
+byteBuffer.position(mark);
+} else {
+// Position and mark are inconsistent. Set position and limit 
to
+// zero so effectively no data is reported as read.
+byteBuffer.position(0);
+byteBuffer.limit(0);
+}
 }
 
 if (log.isDebugEnabled()) {
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 6075bfc..15455c9 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -137,6 +137,10 @@
 Avoid unnecessary duplicate read registrations for blocking I/O with 
the
 NIO connector. (markt)
   
+  
+65677: Improve exception handling for errors during HTTP/1.1
+reads with NIO2. (markt)
+  
 
   
   

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch 8.5.x updated: Fix BZ 65677 - improve error handling for HTTP reads with NIO2

[markt]

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/8.5.x by this push:
 new f350ee7  Fix BZ 65677 - improve error handling for HTTP reads with NIO2
f350ee7 is described below

commit f350ee783e2b33fb55bb5b5d731fb04ba92e4581
Author: Mark Thomas 
AuthorDate: Thu Nov 25 12:08:36 2021 +

Fix BZ 65677 - improve error handling for HTTP reads with NIO2

https://bz.apache.org/bugzilla/show_bug.cgi?id=65677
---
 java/org/apache/coyote/http11/Http11InputBuffer.java | 17 +++--
 webapps/docs/changelog.xml   |  4 
 2 files changed, 19 insertions(+), 2 deletions(-)

diff --git a/java/org/apache/coyote/http11/Http11InputBuffer.java 
b/java/org/apache/coyote/http11/Http11InputBuffer.java
index 8d279dc..2931f78 100644
--- a/java/org/apache/coyote/http11/Http11InputBuffer.java
+++ b/java/org/apache/coyote/http11/Http11InputBuffer.java
@@ -799,7 +799,7 @@ public class Http11InputBuffer implements InputBuffer, 
ApplicationBufferHandler
 }
 
 int nRead = -1;
-byteBuffer.mark();
+int mark = byteBuffer.position();
 try {
 if (byteBuffer.position() < byteBuffer.limit()) {
 byteBuffer.position(byteBuffer.limit());
@@ -810,7 +810,20 @@ public class Http11InputBuffer implements InputBuffer, 
ApplicationBufferHandler
 // Ensure that the buffer limit and position are returned to a
 // consistent "ready for read" state if an error occurs during in
 // the above code block.
-byteBuffer.limit(byteBuffer.position()).reset();
+// Some error conditions can result in the position being reset to
+// zero which also invalidates the mark.
+// https://bz.apache.org/bugzilla/show_bug.cgi?id=65677
+if (byteBuffer.position() >= mark) {
+// // Position and mark are consistent. Assume a read (possibly
+// of zero bytes) has occurred.
+byteBuffer.limit(byteBuffer.position());
+byteBuffer.position(mark);
+} else {
+// Position and mark are inconsistent. Set position and limit 
to
+// zero so effectively no data is reported as read.
+byteBuffer.position(0);
+byteBuffer.limit(0);
+}
 }
 
 if (log.isDebugEnabled()) {
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index dbebe35..bcf9695 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -130,6 +130,10 @@
 bug that causes the acceptor to report an incoming connection more
 than once. (markt)
   
+  
+65677: Improve exception handling for errors during HTTP/1.1
+reads with NIO2. (markt)
+  
 
   
   

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 65677] InvalidMarkException in Http11InputBuffer.fill when socket read throws AsynchronousCloseException

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=65677

Mark Thomas  changed:

   What|Removed |Added

 Status|NEW |RESOLVED
 Resolution|--- |FIXED

--- Comment #2 from Mark Thomas  ---
Thanks for the report and the analysis. It is rather odd that the position gets
set to zero but fixing it is relatively simple.

Fixed in:
- 10.1.x for 10.1.0-M8 onwards
- 10.0.x for 10.0.14 onwards
- 9.0.x for 9.0.56 onwards
- 8.5.x for 8.5.74 onwards

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[GitHub] [tomcat] markt-asf closed pull request #456: Document conditions under which the AprLifecycleListener can be used …

[GitBox]

markt-asf closed pull request #456:
URL: https://github.com/apache/tomcat/pull/456


   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[GitHub] [tomcat] markt-asf commented on pull request #456: Document conditions under which the AprLifecycleListener can be used …

[GitBox]

markt-asf commented on pull request #456:
URL: https://github.com/apache/tomcat/pull/456#issuecomment-979167233


   Merged manually


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch main updated: Document conditions of use for AprLifecycleListener to avoid JVM crashes

[markt]

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/main by this push:
 new 3e42a98  Document conditions of use for AprLifecycleListener to avoid 
JVM crashes
3e42a98 is described below

commit 3e42a98e88d1f3a1fd3b1a38e7d9bbc3aac2436b
Author: Michael Osipov 
AuthorDate: Fri Oct 29 11:19:43 2021 +0200

Document conditions of use for AprLifecycleListener to avoid JVM crashes

This basically documents how to avoid issues like
https://github.com/spring-projects/spring-boot/issues/28472
---
 java/org/apache/catalina/core/AprLifecycleListener.java | 6 ++
 webapps/docs/changelog.xml  | 4 
 2 files changed, 10 insertions(+)

diff --git a/java/org/apache/catalina/core/AprLifecycleListener.java 
b/java/org/apache/catalina/core/AprLifecycleListener.java
index 285abf9..0ab75c1 100644
--- a/java/org/apache/catalina/core/AprLifecycleListener.java
+++ b/java/org/apache/catalina/core/AprLifecycleListener.java
@@ -41,6 +41,12 @@ import org.apache.tomcat.util.res.StringManager;
  * and destroy APR.
  * 
  * This listener must only be nested within {@link Server} elements.
+ * 
+ * Note: If you are running Tomcat in an embedded fashion and
+ * have more than one Server instance per JVM, this listener must not
+ * be added to the {@code Server} instances, but handled outside by the calling
+ * code which is bootstrapping the embedded Tomcat instances. Not doing so will
+ * lead to JVM crashes.
  *
  * @since 4.1
  */
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index fff859c..ea01244 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -131,6 +131,10 @@
 65684: Fix a potential NullPointerException 
when
 using JULI. (markt)
   
+  
+Document conditions under which the AprLifecycleListener
+can be used to avoid JVM crashes. (michaelo)
+  
 
   
   

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch 9.0.x updated: Document conditions of use for AprLifecycleListener to avoid JVM crashes

[markt]

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/9.0.x by this push:
 new 25fe896  Document conditions of use for AprLifecycleListener to avoid 
JVM crashes
25fe896 is described below

commit 25fe896a2a3cf159ba5ee48769812f724c5cc8c9
Author: Michael Osipov 
AuthorDate: Fri Oct 29 11:19:43 2021 +0200

Document conditions of use for AprLifecycleListener to avoid JVM crashes

This basically documents how to avoid issues like
https://github.com/spring-projects/spring-boot/issues/28472
---
 java/org/apache/catalina/core/AprLifecycleListener.java | 6 ++
 webapps/docs/changelog.xml  | 4 
 2 files changed, 10 insertions(+)

diff --git a/java/org/apache/catalina/core/AprLifecycleListener.java 
b/java/org/apache/catalina/core/AprLifecycleListener.java
index 1c72b30..6009c60 100644
--- a/java/org/apache/catalina/core/AprLifecycleListener.java
+++ b/java/org/apache/catalina/core/AprLifecycleListener.java
@@ -41,6 +41,12 @@ import org.apache.tomcat.util.res.StringManager;
  * and destroy APR.
  * 
  * This listener must only be nested within {@link Server} elements.
+ * 
+ * Note: If you are running Tomcat in an embedded fashion and
+ * have more than one Server instance per JVM, this listener must not
+ * be added to the {@code Server} instances, but handled outside by the calling
+ * code which is bootstrapping the embedded Tomcat instances. Not doing so will
+ * lead to JVM crashes.
  *
  * @since 4.1
  */
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 15455c9..c163c15 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -115,6 +115,10 @@
 65684: Fix a potential NullPointerException 
when
 using JULI. (markt)
   
+  
+Document conditions under which the AprLifecycleListener
+can be used to avoid JVM crashes. (michaelo)
+  
 
   
   

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch 10.0.x updated: Document conditions of use for AprLifecycleListener to avoid JVM crashes

[markt]

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 10.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/10.0.x by this push:
 new 5e44d9d  Document conditions of use for AprLifecycleListener to avoid 
JVM crashes
5e44d9d is described below

commit 5e44d9d772b446d2d2506a5d1df8e929b58b8659
Author: Michael Osipov 
AuthorDate: Fri Oct 29 11:19:43 2021 +0200

Document conditions of use for AprLifecycleListener to avoid JVM crashes

This basically documents how to avoid issues like
https://github.com/spring-projects/spring-boot/issues/28472
---
 java/org/apache/catalina/core/AprLifecycleListener.java | 6 ++
 webapps/docs/changelog.xml  | 4 
 2 files changed, 10 insertions(+)

diff --git a/java/org/apache/catalina/core/AprLifecycleListener.java 
b/java/org/apache/catalina/core/AprLifecycleListener.java
index 285abf9..0ab75c1 100644
--- a/java/org/apache/catalina/core/AprLifecycleListener.java
+++ b/java/org/apache/catalina/core/AprLifecycleListener.java
@@ -41,6 +41,12 @@ import org.apache.tomcat.util.res.StringManager;
  * and destroy APR.
  * 
  * This listener must only be nested within {@link Server} elements.
+ * 
+ * Note: If you are running Tomcat in an embedded fashion and
+ * have more than one Server instance per JVM, this listener must not
+ * be added to the {@code Server} instances, but handled outside by the calling
+ * code which is bootstrapping the embedded Tomcat instances. Not doing so will
+ * lead to JVM crashes.
  *
  * @since 4.1
  */
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 899bfe7..299ed24 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -115,6 +115,10 @@
 65684: Fix a potential NullPointerException 
when
 using JULI. (markt)
   
+  
+Document conditions under which the AprLifecycleListener
+can be used to avoid JVM crashes. (michaelo)
+  
 
   
   

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch 8.5.x updated: Document conditions of use for AprLifecycleListener to avoid JVM crashes

[markt]

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/8.5.x by this push:
 new 2beeaa4  Document conditions of use for AprLifecycleListener to avoid 
JVM crashes
2beeaa4 is described below

commit 2beeaa46c72c446327cb3fd7832bee512591b1e6
Author: Michael Osipov 
AuthorDate: Fri Oct 29 11:19:43 2021 +0200

Document conditions of use for AprLifecycleListener to avoid JVM crashes

This basically documents how to avoid issues like
https://github.com/spring-projects/spring-boot/issues/28472
---
 java/org/apache/catalina/core/AprLifecycleListener.java | 6 ++
 webapps/docs/changelog.xml  | 4 
 2 files changed, 10 insertions(+)

diff --git a/java/org/apache/catalina/core/AprLifecycleListener.java 
b/java/org/apache/catalina/core/AprLifecycleListener.java
index 80dc5a5..862b513 100644
--- a/java/org/apache/catalina/core/AprLifecycleListener.java
+++ b/java/org/apache/catalina/core/AprLifecycleListener.java
@@ -41,6 +41,12 @@ import org.apache.tomcat.util.res.StringManager;
  * and destroy APR.
  * 
  * This listener must only be nested within {@link Server} elements.
+ * 
+ * Note: If you are running Tomcat in an embedded fashion and
+ * have more than one Server instance per JVM, this listener must not
+ * be added to the {@code Server} instances, but handled outside by the calling
+ * code which is bootstrapping the embedded Tomcat instances. Not doing so will
+ * lead to JVM crashes.
  *
  * @since 4.1
  */
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index bcf9695..7ea5915 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -115,6 +115,10 @@
 65684: Fix a potential NullPointerException 
when
 using JULI. (markt)
   
+  
+Document conditions under which the AprLifecycleListener
+can be used to avoid JVM crashes. (michaelo)
+  
 
   
   

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch main updated: Rename

[remm]

This is an automated email from the ASF dual-hosted git repository.

remm pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/main by this push:
 new aeb5b54  Rename
aeb5b54 is described below

commit aeb5b5477ecbe6efe08c33843e70b82ab4090d45
Author: remm 
AuthorDate: Thu Nov 25 14:20:16 2021 +0100

Rename

Might avoid hard to debug coding errors in the future.
---
 .../util/net/openssl/panama/OpenSSLContext.java| 46 +++---
 .../util/net/openssl/panama/OpenSSLEngine.java | 32 +++
 2 files changed, 39 insertions(+), 39 deletions(-)

diff --git 
a/modules/openssl-java17/src/main/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLContext.java
 
b/modules/openssl-java17/src/main/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLContext.java
index d665b57..4a56e39 100644
--- 
a/modules/openssl-java17/src/main/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLContext.java
+++ 
b/modules/openssl-java17/src/main/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLContext.java
@@ -167,7 +167,7 @@ public class OpenSSLContext implements 
org.apache.tomcat.util.net.SSLContext {
 }
 
 private final ContextState state;
-private final ResourceScope scope;
+private final ResourceScope contextScope;
 
 private static String[] getCiphers(MemoryAddress sslCtx) {
 MemoryAddress sk = SSL_CTX_get_ciphers(sslCtx);
@@ -198,7 +198,7 @@ public class OpenSSLContext implements 
org.apache.tomcat.util.net.SSLContext {
 
 this.sslHostConfig = certificate.getSSLHostConfig();
 this.certificate = certificate;
-scope = ResourceScope.newImplicitScope();
+contextScope = ResourceScope.newImplicitScope();
 
 MemoryAddress sslCtx = MemoryAddress.NULL;
 MemoryAddress confCtx = MemoryAddress.NULL;
@@ -208,7 +208,7 @@ public class OpenSSLContext implements 
org.apache.tomcat.util.net.SSLContext {
 // Create OpenSSLConfCmd context if used
 OpenSSLConf openSslConf = sslHostConfig.getOpenSslConf();
 if (openSslConf != null) {
-var allocator = SegmentAllocator.ofScope(scope);
+var allocator = SegmentAllocator.ofScope(contextScope);
 try {
 if (log.isDebugEnabled()) {
 log.debug(sm.getString("openssl.makeConf"));
@@ -319,7 +319,7 @@ public class OpenSSLContext implements 
org.apache.tomcat.util.net.SSLContext {
 // Set int pem_password_cb(char *buf, int size, int rwflag, void 
*u) callback
 openSSLCallbackPassword =
 
CLinker.getInstance().upcallStub(openSSLCallbackPasswordHandle,
-openSSLCallbackPasswordFunctionDescriptor, scope);
+openSSLCallbackPasswordFunctionDescriptor, contextScope);
 SSL_CTX_set_default_passwd_cb(sslCtx, openSSLCallbackPassword);
 
 alpn = (negotiableProtocols != null && negotiableProtocols.size() 
> 0);
@@ -347,7 +347,7 @@ public class OpenSSLContext implements 
org.apache.tomcat.util.net.SSLContext {
  * and the implicit scope will ensure that the associated native
  * resources are cleaned up.
  */
-scope.addCloseAction(state);
+contextScope.addCloseAction(state);
 
 if (!success) {
 destroy();
@@ -554,7 +554,7 @@ public class OpenSSLContext implements 
org.apache.tomcat.util.net.SSLContext {
 }
 
 // List the ciphers that the client is permitted to negotiate
-if (SSL_CTX_set_cipher_list(state.sslCtx, 
CLinker.toCString(sslHostConfig.getCiphers(), scope)) <= 0) {
+if (SSL_CTX_set_cipher_list(state.sslCtx, 
CLinker.toCString(sslHostConfig.getCiphers(), contextScope)) <= 0) {
 log.warn(sm.getString("engine.failedCipherSuite", 
sslHostConfig.getCiphers()));
 }
 
@@ -590,18 +590,18 @@ public class OpenSSLContext implements 
org.apache.tomcat.util.net.SSLContext {
 // Set int verify_callback(int preverify_ok, X509_STORE_CTX 
*x509_ctx) callback
 MemoryAddress openSSLCallbackVerify =
 
CLinker.getInstance().upcallStub(openSSLCallbackVerifyHandle,
-openSSLCallbackVerifyFunctionDescriptor, scope);
+openSSLCallbackVerifyFunctionDescriptor, contextScope);
 // Leave this just in case but in Tomcat this is always set again 
by the engine
 SSL_CTX_set_verify(state.sslCtx, value, openSSLCallbackVerify);
 
 // Trust and certificate verification
-var allocator = SegmentAllocator.ofScope(scope);
+var allocator = SegmentAllocator.ofScope(contextScope);
 if (tms != null) {
 // Client certificate verification based on custom trust 
managers
 

[tomcat] branch main updated (aeb5b54 -> c2a56ec)

[markt]

This is an automated email from the ASF dual-hosted git repository.

markt pushed a change to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git.


from aeb5b54  Rename
 new f03933f  Improve thread safety of open and close
 new 6d84fe7  Alternative fix for PR #453 - lost log messages on shutdown
 new c2a56ec  Refactor AsyncFileHandler to make use of system property 
unnecessary

The 3 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails.  The revisions
listed as "add" were already present in the repository and have only
been added to this reference.


Summary of changes:
 conf/catalina.policy   |  1 -
 java/org/apache/juli/AsyncFileHandler.java | 67 --
 webapps/docs/changelog.xml |  9 
 webapps/docs/config/systemprops.xml|  7 
 4 files changed, 64 insertions(+), 20 deletions(-)

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] 01/03: Improve thread safety of open and close

[markt]

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git

commit f03933faf8e54ed2b75607ca47200ec2a410ec52
Author: Mark Thomas 
AuthorDate: Thu Nov 25 13:50:42 2021 +

Improve thread safety of open and close
---
 java/org/apache/juli/AsyncFileHandler.java | 15 +--
 1 file changed, 13 insertions(+), 2 deletions(-)

diff --git a/java/org/apache/juli/AsyncFileHandler.java 
b/java/org/apache/juli/AsyncFileHandler.java
index 8176392..a218cc2 100644
--- a/java/org/apache/juli/AsyncFileHandler.java
+++ b/java/org/apache/juli/AsyncFileHandler.java
@@ -68,6 +68,7 @@ public class AsyncFileHandler extends FileHandler {
 logger.start();
 }
 
+private final Object closeLock = new Object();
 protected volatile boolean closed = false;
 
 public AsyncFileHandler() {
@@ -87,7 +88,12 @@ public class AsyncFileHandler extends FileHandler {
 if (closed) {
 return;
 }
-closed = true;
+synchronized (closeLock) {
+if (closed) {
+return;
+}
+closed = true;
+}
 super.close();
 }
 
@@ -96,7 +102,12 @@ public class AsyncFileHandler extends FileHandler {
 if (!closed) {
 return;
 }
-closed = false;
+synchronized (closeLock) {
+if (!closed) {
+return;
+}
+closed = false;
+}
 super.open();
 }
 

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] 03/03: Refactor AsyncFileHandler to make use of system property unnecessary

[markt]

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git

commit c2a56ec131db596265ccc9ffce3bbf34818f7c1a
Author: Mark Thomas 
AuthorDate: Thu Nov 25 14:12:45 2021 +

Refactor AsyncFileHandler to make use of system property unnecessary

System property: org.apache.juli.AsyncLoggerPollInterval
---
 conf/catalina.policy   |  1 -
 java/org/apache/juli/AsyncFileHandler.java | 12 ++--
 webapps/docs/changelog.xml |  5 +
 webapps/docs/config/systemprops.xml|  7 ---
 4 files changed, 7 insertions(+), 18 deletions(-)

diff --git a/conf/catalina.policy b/conf/catalina.policy
index d40cb1c..6a82bcb 100644
--- a/conf/catalina.policy
+++ b/conf/catalina.policy
@@ -88,7 +88,6 @@ grant codeBase "file:${catalina.home}/bin/tomcat-juli.jar" {
 
 permission java.util.PropertyPermission 
"java.util.logging.config.class", "read";
 permission java.util.PropertyPermission 
"java.util.logging.config.file", "read";
-permission java.util.PropertyPermission 
"org.apache.juli.AsyncLoggerPollInterval", "read";
 permission java.util.PropertyPermission 
"org.apache.juli.AsyncMaxRecordCount", "read";
 permission java.util.PropertyPermission 
"org.apache.juli.AsyncOverflowDropType", "read";
 permission java.util.PropertyPermission 
"org.apache.juli.ClassLoaderLogManager.debug", "read";
diff --git a/java/org/apache/juli/AsyncFileHandler.java 
b/java/org/apache/juli/AsyncFileHandler.java
index 08a80ef..3613f7d 100644
--- a/java/org/apache/juli/AsyncFileHandler.java
+++ b/java/org/apache/juli/AsyncFileHandler.java
@@ -33,8 +33,6 @@ import java.util.logging.LogRecord;
  *Default value: 1
  *   org.apache.juli.AsyncMaxRecordCount
  *Default value: 1
- *   org.apache.juli.AsyncLoggerPollInterval
- *Default value: 1000
  * 
  *
  * See the System Properties page in the configuration reference of 
Tomcat.
@@ -48,7 +46,6 @@ public class AsyncFileHandler extends FileHandler {
 
 public static final int DEFAULT_OVERFLOW_DROP_TYPE = 1;
 public static final int DEFAULT_MAX_RECORDS= 1;
-public static final int DEFAULT_LOGGER_SLEEP_TIME  = 1000;
 
 public static final int OVERFLOW_DROP_TYPE = Integer.parseInt(
 System.getProperty("org.apache.juli.AsyncOverflowDropType",
@@ -56,9 +53,6 @@ public class AsyncFileHandler extends FileHandler {
 public static final int MAX_RECORDS = Integer.parseInt(
 System.getProperty("org.apache.juli.AsyncMaxRecordCount",
Integer.toString(DEFAULT_MAX_RECORDS)));
-public static final int LOGGER_SLEEP_TIME = Integer.parseInt(
-System.getProperty("org.apache.juli.AsyncLoggerPollInterval",
-   Integer.toString(DEFAULT_LOGGER_SLEEP_TIME)));
 
 protected static final LinkedBlockingDeque queue =
 new LinkedBlockingDeque<>(MAX_RECORDS);
@@ -206,10 +200,8 @@ public class AsyncFileHandler extends FileHandler {
 public void run() {
 while (true) {
 try {
-LogEntry entry = queue.poll(LOGGER_SLEEP_TIME, 
TimeUnit.MILLISECONDS);
-if (entry != null) {
-entry.flush();
-}
+LogEntry entry = queue.take();
+entry.flush();
 } catch (InterruptedException x) {
 // Ignore the attempt to interrupt the thread.
 } catch (Exception x) {
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 81bdf49..d7445f5 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -139,6 +139,11 @@
 Refactor the AsyncFileHandler to reduce the possibility of
 log messages being lost on shutdown. (markt)
   
+  
+Refactor the AsyncFileHandler to remove the need for the
+org.apache.juli.AsyncLoggerPollInterval. If set, this
+property now has no effect. (markt)
+  
 
   
   
diff --git a/webapps/docs/config/systemprops.xml 
b/webapps/docs/config/systemprops.xml
index 8ec86a2..564fb87 100644
--- a/webapps/docs/config/systemprops.xml
+++ b/webapps/docs/config/systemprops.xml
@@ -189,13 +189,6 @@
   The default value is 1 (drop the newest record in the 
queue).
 
 
-
-  The poll interval in milliseconds for the asynchronous logger thread.
- If the log queue is empty, the async thread will issue a poll(poll 
interval)
- in order to not wake up too often.
-  The default value is 1000 milliseconds.
-
-
 
   The type of logging to use for errors generated by invalid input data.
  The options are: DEBUG_ALL, INFO_THEN_DEBUG,

-
To unsubscribe, e-mail: dev-unsubscr...

[tomcat] 02/03: Alternative fix for PR #453 - lost log messages on shutdown

[markt]

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git

commit 6d84fe760ec58527719222614f9a7fbfea7e664a
Author: Mark Thomas 
AuthorDate: Thu Nov 25 14:04:55 2021 +

Alternative fix for PR #453 - lost log messages on shutdown
---
 java/org/apache/juli/AsyncFileHandler.java | 40 ++
 webapps/docs/changelog.xml |  4 +++
 2 files changed, 44 insertions(+)

diff --git a/java/org/apache/juli/AsyncFileHandler.java 
b/java/org/apache/juli/AsyncFileHandler.java
index a218cc2..08a80ef 100644
--- a/java/org/apache/juli/AsyncFileHandler.java
+++ b/java/org/apache/juli/AsyncFileHandler.java
@@ -18,6 +18,7 @@ package org.apache.juli;
 
 import java.util.concurrent.LinkedBlockingDeque;
 import java.util.concurrent.TimeUnit;
+import java.util.concurrent.atomic.AtomicInteger;
 import java.util.logging.LogRecord;
 /**
  * A {@link FileHandler} implementation that uses a queue of log entries.
@@ -94,6 +95,7 @@ public class AsyncFileHandler extends FileHandler {
 }
 closed = true;
 }
+LoggerThread.deregisterHandler();
 super.close();
 }
 
@@ -108,6 +110,7 @@ public class AsyncFileHandler extends FileHandler {
 }
 closed = false;
 }
+LoggerThread.registerHandler();
 super.open();
 }
 
@@ -157,6 +160,43 @@ public class AsyncFileHandler extends FileHandler {
 }
 
 protected static class LoggerThread extends Thread {
+
+/*
+ * Implementation note: Use of this count could be extended to
+ * start/stop the LoggerThread but that would require careful locking 
as
+ * the current size of the queue also needs to be taken into account 
and
+ * there are lost of edge cases when rapidly starting and stopping
+ * handlers.
+ */
+private static final AtomicInteger handlerCount = new AtomicInteger();
+
+public static void registerHandler() {
+handlerCount.incrementAndGet();
+}
+
+public static void deregisterHandler() {
+int newCount = handlerCount.decrementAndGet();
+if (newCount == 0) {
+try {
+Thread dummyHook = new Thread();
+Runtime.getRuntime().addShutdownHook(dummyHook);
+Runtime.getRuntime().removeShutdownHook(dummyHook);
+} catch (IllegalStateException ise) {
+// JVM is shutting down.
+// Allow up to 10s for for the queue to be emptied
+int sleepCount = 0;
+while (!AsyncFileHandler.queue.isEmpty() && sleepCount < 
1) {
+try {
+Thread.sleep(1);
+} catch (InterruptedException e) {
+// Ignore
+}
+sleepCount++;
+}
+}
+}
+}
+
 public LoggerThread() {
 this.setDaemon(true);
 this.setName("AsyncFileHandlerWriter-" + 
System.identityHashCode(this));
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index ea01244..81bdf49 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -135,6 +135,10 @@
 Document conditions under which the AprLifecycleListener
 can be used to avoid JVM crashes. (michaelo)
   
+  
+Refactor the AsyncFileHandler to reduce the possibility of
+log messages being lost on shutdown. (markt)
+  
 
   
   

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch 10.0.x updated (5e44d9d -> 1e4955a)

[markt]

This is an automated email from the ASF dual-hosted git repository.

markt pushed a change to branch 10.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git.


from 5e44d9d  Document conditions of use for AprLifecycleListener to avoid 
JVM crashes
 new d953e59  Improve thread safety of open and close
 new 52b5ea7  Alternative fix for PR #453 - lost log messages on shutdown
 new 1e4955a  Refactor AsyncFileHandler to make use of system property 
unnecessary

The 3 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails.  The revisions
listed as "add" were already present in the repository and have only
been added to this reference.


Summary of changes:
 conf/catalina.policy   |  1 -
 java/org/apache/juli/AsyncFileHandler.java | 67 --
 webapps/docs/changelog.xml |  9 
 webapps/docs/config/systemprops.xml|  7 
 4 files changed, 64 insertions(+), 20 deletions(-)

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] 02/03: Alternative fix for PR #453 - lost log messages on shutdown

[markt]

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 10.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git

commit 52b5ea76ab3ff2fabca87ff1936ec799e23520f1
Author: Mark Thomas 
AuthorDate: Thu Nov 25 14:04:55 2021 +

Alternative fix for PR #453 - lost log messages on shutdown
---
 java/org/apache/juli/AsyncFileHandler.java | 40 ++
 webapps/docs/changelog.xml |  4 +++
 2 files changed, 44 insertions(+)

diff --git a/java/org/apache/juli/AsyncFileHandler.java 
b/java/org/apache/juli/AsyncFileHandler.java
index a218cc2..08a80ef 100644
--- a/java/org/apache/juli/AsyncFileHandler.java
+++ b/java/org/apache/juli/AsyncFileHandler.java
@@ -18,6 +18,7 @@ package org.apache.juli;
 
 import java.util.concurrent.LinkedBlockingDeque;
 import java.util.concurrent.TimeUnit;
+import java.util.concurrent.atomic.AtomicInteger;
 import java.util.logging.LogRecord;
 /**
  * A {@link FileHandler} implementation that uses a queue of log entries.
@@ -94,6 +95,7 @@ public class AsyncFileHandler extends FileHandler {
 }
 closed = true;
 }
+LoggerThread.deregisterHandler();
 super.close();
 }
 
@@ -108,6 +110,7 @@ public class AsyncFileHandler extends FileHandler {
 }
 closed = false;
 }
+LoggerThread.registerHandler();
 super.open();
 }
 
@@ -157,6 +160,43 @@ public class AsyncFileHandler extends FileHandler {
 }
 
 protected static class LoggerThread extends Thread {
+
+/*
+ * Implementation note: Use of this count could be extended to
+ * start/stop the LoggerThread but that would require careful locking 
as
+ * the current size of the queue also needs to be taken into account 
and
+ * there are lost of edge cases when rapidly starting and stopping
+ * handlers.
+ */
+private static final AtomicInteger handlerCount = new AtomicInteger();
+
+public static void registerHandler() {
+handlerCount.incrementAndGet();
+}
+
+public static void deregisterHandler() {
+int newCount = handlerCount.decrementAndGet();
+if (newCount == 0) {
+try {
+Thread dummyHook = new Thread();
+Runtime.getRuntime().addShutdownHook(dummyHook);
+Runtime.getRuntime().removeShutdownHook(dummyHook);
+} catch (IllegalStateException ise) {
+// JVM is shutting down.
+// Allow up to 10s for for the queue to be emptied
+int sleepCount = 0;
+while (!AsyncFileHandler.queue.isEmpty() && sleepCount < 
1) {
+try {
+Thread.sleep(1);
+} catch (InterruptedException e) {
+// Ignore
+}
+sleepCount++;
+}
+}
+}
+}
+
 public LoggerThread() {
 this.setDaemon(true);
 this.setName("AsyncFileHandlerWriter-" + 
System.identityHashCode(this));
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 299ed24..e7d1a91 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -119,6 +119,10 @@
 Document conditions under which the AprLifecycleListener
 can be used to avoid JVM crashes. (michaelo)
   
+  
+Refactor the AsyncFileHandler to reduce the possibility of
+log messages being lost on shutdown. (markt)
+  
 
   
   

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] 03/03: Refactor AsyncFileHandler to make use of system property unnecessary

[markt]

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 10.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git

commit 1e4955af7cfd073eece5836ded05d719c6c6c4cb
Author: Mark Thomas 
AuthorDate: Thu Nov 25 14:12:45 2021 +

Refactor AsyncFileHandler to make use of system property unnecessary

System property: org.apache.juli.AsyncLoggerPollInterval
---
 conf/catalina.policy   |  1 -
 java/org/apache/juli/AsyncFileHandler.java | 12 ++--
 webapps/docs/changelog.xml |  5 +
 webapps/docs/config/systemprops.xml|  7 ---
 4 files changed, 7 insertions(+), 18 deletions(-)

diff --git a/conf/catalina.policy b/conf/catalina.policy
index 91b7c83..7aab95d 100644
--- a/conf/catalina.policy
+++ b/conf/catalina.policy
@@ -89,7 +89,6 @@ grant codeBase "file:${catalina.home}/bin/tomcat-juli.jar" {
 
 permission java.util.PropertyPermission 
"java.util.logging.config.class", "read";
 permission java.util.PropertyPermission 
"java.util.logging.config.file", "read";
-permission java.util.PropertyPermission 
"org.apache.juli.AsyncLoggerPollInterval", "read";
 permission java.util.PropertyPermission 
"org.apache.juli.AsyncMaxRecordCount", "read";
 permission java.util.PropertyPermission 
"org.apache.juli.AsyncOverflowDropType", "read";
 permission java.util.PropertyPermission 
"org.apache.juli.ClassLoaderLogManager.debug", "read";
diff --git a/java/org/apache/juli/AsyncFileHandler.java 
b/java/org/apache/juli/AsyncFileHandler.java
index 08a80ef..3613f7d 100644
--- a/java/org/apache/juli/AsyncFileHandler.java
+++ b/java/org/apache/juli/AsyncFileHandler.java
@@ -33,8 +33,6 @@ import java.util.logging.LogRecord;
  *Default value: 1
  *   org.apache.juli.AsyncMaxRecordCount
  *Default value: 1
- *   org.apache.juli.AsyncLoggerPollInterval
- *Default value: 1000
  * 
  *
  * See the System Properties page in the configuration reference of 
Tomcat.
@@ -48,7 +46,6 @@ public class AsyncFileHandler extends FileHandler {
 
 public static final int DEFAULT_OVERFLOW_DROP_TYPE = 1;
 public static final int DEFAULT_MAX_RECORDS= 1;
-public static final int DEFAULT_LOGGER_SLEEP_TIME  = 1000;
 
 public static final int OVERFLOW_DROP_TYPE = Integer.parseInt(
 System.getProperty("org.apache.juli.AsyncOverflowDropType",
@@ -56,9 +53,6 @@ public class AsyncFileHandler extends FileHandler {
 public static final int MAX_RECORDS = Integer.parseInt(
 System.getProperty("org.apache.juli.AsyncMaxRecordCount",
Integer.toString(DEFAULT_MAX_RECORDS)));
-public static final int LOGGER_SLEEP_TIME = Integer.parseInt(
-System.getProperty("org.apache.juli.AsyncLoggerPollInterval",
-   Integer.toString(DEFAULT_LOGGER_SLEEP_TIME)));
 
 protected static final LinkedBlockingDeque queue =
 new LinkedBlockingDeque<>(MAX_RECORDS);
@@ -206,10 +200,8 @@ public class AsyncFileHandler extends FileHandler {
 public void run() {
 while (true) {
 try {
-LogEntry entry = queue.poll(LOGGER_SLEEP_TIME, 
TimeUnit.MILLISECONDS);
-if (entry != null) {
-entry.flush();
-}
+LogEntry entry = queue.take();
+entry.flush();
 } catch (InterruptedException x) {
 // Ignore the attempt to interrupt the thread.
 } catch (Exception x) {
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index e7d1a91..cee5ef4 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -123,6 +123,11 @@
 Refactor the AsyncFileHandler to reduce the possibility of
 log messages being lost on shutdown. (markt)
   
+  
+Refactor the AsyncFileHandler to remove the need for the
+org.apache.juli.AsyncLoggerPollInterval. If set, this
+property now has no effect. (markt)
+  
 
   
   
diff --git a/webapps/docs/config/systemprops.xml 
b/webapps/docs/config/systemprops.xml
index 349faab..ecf0b2f 100644
--- a/webapps/docs/config/systemprops.xml
+++ b/webapps/docs/config/systemprops.xml
@@ -200,13 +200,6 @@
   The default value is 1 (drop the newest record in the 
queue).
 
 
-
-  The poll interval in milliseconds for the asynchronous logger thread.
- If the log queue is empty, the async thread will issue a poll(poll 
interval)
- in order to not wake up too often.
-  The default value is 1000 milliseconds.
-
-
 
   The type of logging to use for errors generated by invalid input data.
  The options are: DEBUG_ALL, INFO_THEN_DEBUG,

-
To unsubscribe, e-mail: dev-unsubscr.

[tomcat] 01/03: Improve thread safety of open and close

[markt]

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 10.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git

commit d953e59c10df3b06af71d63b613e076344f8693f
Author: Mark Thomas 
AuthorDate: Thu Nov 25 13:50:42 2021 +

Improve thread safety of open and close
---
 java/org/apache/juli/AsyncFileHandler.java | 15 +--
 1 file changed, 13 insertions(+), 2 deletions(-)

diff --git a/java/org/apache/juli/AsyncFileHandler.java 
b/java/org/apache/juli/AsyncFileHandler.java
index 8176392..a218cc2 100644
--- a/java/org/apache/juli/AsyncFileHandler.java
+++ b/java/org/apache/juli/AsyncFileHandler.java
@@ -68,6 +68,7 @@ public class AsyncFileHandler extends FileHandler {
 logger.start();
 }
 
+private final Object closeLock = new Object();
 protected volatile boolean closed = false;
 
 public AsyncFileHandler() {
@@ -87,7 +88,12 @@ public class AsyncFileHandler extends FileHandler {
 if (closed) {
 return;
 }
-closed = true;
+synchronized (closeLock) {
+if (closed) {
+return;
+}
+closed = true;
+}
 super.close();
 }
 
@@ -96,7 +102,12 @@ public class AsyncFileHandler extends FileHandler {
 if (!closed) {
 return;
 }
-closed = false;
+synchronized (closeLock) {
+if (!closed) {
+return;
+}
+closed = false;
+}
 super.open();
 }
 

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] 01/03: Improve thread safety of open and close

[markt]

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git

commit dd849b10bd85ee98755332479a04013afa969b3a
Author: Mark Thomas 
AuthorDate: Thu Nov 25 13:50:42 2021 +

Improve thread safety of open and close
---
 java/org/apache/juli/AsyncFileHandler.java | 15 +--
 1 file changed, 13 insertions(+), 2 deletions(-)

diff --git a/java/org/apache/juli/AsyncFileHandler.java 
b/java/org/apache/juli/AsyncFileHandler.java
index f779d18..e947456 100644
--- a/java/org/apache/juli/AsyncFileHandler.java
+++ b/java/org/apache/juli/AsyncFileHandler.java
@@ -68,6 +68,7 @@ public class AsyncFileHandler extends FileHandler {
 logger.start();
 }
 
+private final Object closeLock = new Object();
 protected volatile boolean closed = false;
 
 public AsyncFileHandler() {
@@ -88,7 +89,12 @@ public class AsyncFileHandler extends FileHandler {
 if (closed) {
 return;
 }
-closed = true;
+synchronized (closeLock) {
+if (closed) {
+return;
+}
+closed = true;
+}
 super.close();
 }
 
@@ -97,7 +103,12 @@ public class AsyncFileHandler extends FileHandler {
 if (!closed) {
 return;
 }
-closed = false;
+synchronized (closeLock) {
+if (!closed) {
+return;
+}
+closed = false;
+}
 super.open();
 }
 

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch 9.0.x updated (25fe896 -> 1ac77ad)

[markt]

This is an automated email from the ASF dual-hosted git repository.

markt pushed a change to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git.


from 25fe896  Document conditions of use for AprLifecycleListener to avoid 
JVM crashes
 new dd849b1  Improve thread safety of open and close
 new a224cbd  Alternative fix for PR #453 - lost log messages on shutdown
 new 1ac77ad  Refactor AsyncFileHandler to make use of system property 
unnecessary

The 3 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails.  The revisions
listed as "add" were already present in the repository and have only
been added to this reference.


Summary of changes:
 conf/catalina.policy   |  1 -
 java/org/apache/juli/AsyncFileHandler.java | 67 --
 webapps/docs/changelog.xml |  9 
 webapps/docs/config/systemprops.xml|  7 
 4 files changed, 64 insertions(+), 20 deletions(-)

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] 03/03: Refactor AsyncFileHandler to make use of system property unnecessary

[markt]

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git

commit 1ac77adb0f06d20f8c5691264daae29c000c31ce
Author: Mark Thomas 
AuthorDate: Thu Nov 25 14:12:45 2021 +

Refactor AsyncFileHandler to make use of system property unnecessary

System property: org.apache.juli.AsyncLoggerPollInterval
---
 conf/catalina.policy   |  1 -
 java/org/apache/juli/AsyncFileHandler.java | 12 ++--
 webapps/docs/changelog.xml |  5 +
 webapps/docs/config/systemprops.xml|  7 ---
 4 files changed, 7 insertions(+), 18 deletions(-)

diff --git a/conf/catalina.policy b/conf/catalina.policy
index 91b7c83..7aab95d 100644
--- a/conf/catalina.policy
+++ b/conf/catalina.policy
@@ -89,7 +89,6 @@ grant codeBase "file:${catalina.home}/bin/tomcat-juli.jar" {
 
 permission java.util.PropertyPermission 
"java.util.logging.config.class", "read";
 permission java.util.PropertyPermission 
"java.util.logging.config.file", "read";
-permission java.util.PropertyPermission 
"org.apache.juli.AsyncLoggerPollInterval", "read";
 permission java.util.PropertyPermission 
"org.apache.juli.AsyncMaxRecordCount", "read";
 permission java.util.PropertyPermission 
"org.apache.juli.AsyncOverflowDropType", "read";
 permission java.util.PropertyPermission 
"org.apache.juli.ClassLoaderLogManager.debug", "read";
diff --git a/java/org/apache/juli/AsyncFileHandler.java 
b/java/org/apache/juli/AsyncFileHandler.java
index e1ac89b..f76291c 100644
--- a/java/org/apache/juli/AsyncFileHandler.java
+++ b/java/org/apache/juli/AsyncFileHandler.java
@@ -33,8 +33,6 @@ import java.util.logging.LogRecord;
  *Default value: 1
  *   org.apache.juli.AsyncMaxRecordCount
  *Default value: 1
- *   org.apache.juli.AsyncLoggerPollInterval
- *Default value: 1000
  * 
  *
  * See the System Properties page in the configuration reference of 
Tomcat.
@@ -48,7 +46,6 @@ public class AsyncFileHandler extends FileHandler {
 
 public static final int DEFAULT_OVERFLOW_DROP_TYPE = 1;
 public static final int DEFAULT_MAX_RECORDS= 1;
-public static final int DEFAULT_LOGGER_SLEEP_TIME  = 1000;
 
 public static final int OVERFLOW_DROP_TYPE = Integer.parseInt(
 System.getProperty("org.apache.juli.AsyncOverflowDropType",
@@ -56,9 +53,6 @@ public class AsyncFileHandler extends FileHandler {
 public static final int MAX_RECORDS = Integer.parseInt(
 System.getProperty("org.apache.juli.AsyncMaxRecordCount",
Integer.toString(DEFAULT_MAX_RECORDS)));
-public static final int LOGGER_SLEEP_TIME = Integer.parseInt(
-System.getProperty("org.apache.juli.AsyncLoggerPollInterval",
-   Integer.toString(DEFAULT_LOGGER_SLEEP_TIME)));
 
 protected static final LinkedBlockingDeque queue =
 new LinkedBlockingDeque<>(MAX_RECORDS);
@@ -207,10 +201,8 @@ public class AsyncFileHandler extends FileHandler {
 public void run() {
 while (true) {
 try {
-LogEntry entry = queue.poll(LOGGER_SLEEP_TIME, 
TimeUnit.MILLISECONDS);
-if (entry != null) {
-entry.flush();
-}
+LogEntry entry = queue.take();
+entry.flush();
 } catch (InterruptedException x) {
 // Ignore the attempt to interrupt the thread.
 } catch (Exception x) {
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index cc1ff07..4d495d0 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -123,6 +123,11 @@
 Refactor the AsyncFileHandler to reduce the possibility of
 log messages being lost on shutdown. (markt)
   
+  
+Refactor the AsyncFileHandler to remove the need for the
+org.apache.juli.AsyncLoggerPollInterval. If set, this
+property now has no effect. (markt)
+  
 
   
   
diff --git a/webapps/docs/config/systemprops.xml 
b/webapps/docs/config/systemprops.xml
index c286703..2dfac10 100644
--- a/webapps/docs/config/systemprops.xml
+++ b/webapps/docs/config/systemprops.xml
@@ -463,13 +463,6 @@
   The default value is 1 (drop the newest record in the 
queue).
 
 
-
-  The poll interval in milliseconds for the asynchronous logger thread.
- If the log queue is empty, the async thread will issue a poll(poll 
interval)
- in order to not wake up too often.
-  The default value is 1000 milliseconds.
-
-
 
   The type of logging to use for errors generated by invalid input data.
  The options are: DEBUG_ALL, INFO_THEN_DEBUG,

-
To unsubscribe, e-mail: dev-unsubscr..

[tomcat] branch 8.5.x updated (2beeaa4 -> 9489ce5)

[markt]

This is an automated email from the ASF dual-hosted git repository.

markt pushed a change to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git.


from 2beeaa4  Document conditions of use for AprLifecycleListener to avoid 
JVM crashes
 new 8068889  Improve thread safety of open and close
 new 11e39ff  Alternative fix for PR #453 - lost log messages on shutdown
 new 9489ce5  Refactor AsyncFileHandler to make use of system property 
unnecessary

The 3 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails.  The revisions
listed as "add" were already present in the repository and have only
been added to this reference.


Summary of changes:
 conf/catalina.policy   |  1 -
 java/org/apache/juli/AsyncFileHandler.java | 67 --
 webapps/docs/changelog.xml |  9 
 webapps/docs/config/systemprops.xml|  7 
 4 files changed, 64 insertions(+), 20 deletions(-)

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] 01/03: Improve thread safety of open and close

[markt]

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git

commit 80688892b50d02acef05686f54451d85f725de77
Author: Mark Thomas 
AuthorDate: Thu Nov 25 13:50:42 2021 +

Improve thread safety of open and close
---
 java/org/apache/juli/AsyncFileHandler.java | 15 +--
 1 file changed, 13 insertions(+), 2 deletions(-)

diff --git a/java/org/apache/juli/AsyncFileHandler.java 
b/java/org/apache/juli/AsyncFileHandler.java
index 20a9e16..3ad32ab 100644
--- a/java/org/apache/juli/AsyncFileHandler.java
+++ b/java/org/apache/juli/AsyncFileHandler.java
@@ -68,6 +68,7 @@ public class AsyncFileHandler extends FileHandler {
 logger.start();
 }
 
+private final Object closeLock = new Object();
 protected volatile boolean closed = false;
 
 public AsyncFileHandler() {
@@ -88,7 +89,12 @@ public class AsyncFileHandler extends FileHandler {
 if (closed) {
 return;
 }
-closed = true;
+synchronized (closeLock) {
+if (closed) {
+return;
+}
+closed = true;
+}
 super.close();
 }
 
@@ -97,7 +103,12 @@ public class AsyncFileHandler extends FileHandler {
 if (!closed) {
 return;
 }
-closed = false;
+synchronized (closeLock) {
+if (!closed) {
+return;
+}
+closed = false;
+}
 super.open();
 }
 

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] 02/03: Alternative fix for PR #453 - lost log messages on shutdown

[markt]

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git

commit 11e39ff97e55d2749f28da837e866eeb26c2a0e6
Author: Mark Thomas 
AuthorDate: Thu Nov 25 14:04:55 2021 +

Alternative fix for PR #453 - lost log messages on shutdown
---
 java/org/apache/juli/AsyncFileHandler.java | 40 ++
 webapps/docs/changelog.xml |  4 +++
 2 files changed, 44 insertions(+)

diff --git a/java/org/apache/juli/AsyncFileHandler.java 
b/java/org/apache/juli/AsyncFileHandler.java
index 3ad32ab..e8f8970 100644
--- a/java/org/apache/juli/AsyncFileHandler.java
+++ b/java/org/apache/juli/AsyncFileHandler.java
@@ -18,6 +18,7 @@ package org.apache.juli;
 
 import java.util.concurrent.LinkedBlockingDeque;
 import java.util.concurrent.TimeUnit;
+import java.util.concurrent.atomic.AtomicInteger;
 import java.util.logging.LogRecord;
 /**
  * A {@link FileHandler} implementation that uses a queue of log entries.
@@ -95,6 +96,7 @@ public class AsyncFileHandler extends FileHandler {
 }
 closed = true;
 }
+LoggerThread.deregisterHandler();
 super.close();
 }
 
@@ -109,6 +111,7 @@ public class AsyncFileHandler extends FileHandler {
 }
 closed = false;
 }
+LoggerThread.registerHandler();
 super.open();
 }
 
@@ -158,6 +161,43 @@ public class AsyncFileHandler extends FileHandler {
 }
 
 protected static class LoggerThread extends Thread {
+
+/*
+ * Implementation note: Use of this count could be extended to
+ * start/stop the LoggerThread but that would require careful locking 
as
+ * the current size of the queue also needs to be taken into account 
and
+ * there are lost of edge cases when rapidly starting and stopping
+ * handlers.
+ */
+private static final AtomicInteger handlerCount = new AtomicInteger();
+
+public static void registerHandler() {
+handlerCount.incrementAndGet();
+}
+
+public static void deregisterHandler() {
+int newCount = handlerCount.decrementAndGet();
+if (newCount == 0) {
+try {
+Thread dummyHook = new Thread();
+Runtime.getRuntime().addShutdownHook(dummyHook);
+Runtime.getRuntime().removeShutdownHook(dummyHook);
+} catch (IllegalStateException ise) {
+// JVM is shutting down.
+// Allow up to 10s for for the queue to be emptied
+int sleepCount = 0;
+while (!AsyncFileHandler.queue.isEmpty() && sleepCount < 
1) {
+try {
+Thread.sleep(1);
+} catch (InterruptedException e) {
+// Ignore
+}
+sleepCount++;
+}
+}
+}
+}
+
 public LoggerThread() {
 this.setDaemon(true);
 this.setName("AsyncFileHandlerWriter-" + 
System.identityHashCode(this));
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 7ea5915..cff0716 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -119,6 +119,10 @@
 Document conditions under which the AprLifecycleListener
 can be used to avoid JVM crashes. (michaelo)
   
+  
+Refactor the AsyncFileHandler to reduce the possibility of
+log messages being lost on shutdown. (markt)
+  
 
   
   

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] 02/03: Alternative fix for PR #453 - lost log messages on shutdown

[markt]

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git

commit a224cbdb603c29a63c14a3f8b921b26870222f86
Author: Mark Thomas 
AuthorDate: Thu Nov 25 14:04:55 2021 +

Alternative fix for PR #453 - lost log messages on shutdown
---
 java/org/apache/juli/AsyncFileHandler.java | 40 ++
 webapps/docs/changelog.xml |  4 +++
 2 files changed, 44 insertions(+)

diff --git a/java/org/apache/juli/AsyncFileHandler.java 
b/java/org/apache/juli/AsyncFileHandler.java
index e947456..e1ac89b 100644
--- a/java/org/apache/juli/AsyncFileHandler.java
+++ b/java/org/apache/juli/AsyncFileHandler.java
@@ -18,6 +18,7 @@ package org.apache.juli;
 
 import java.util.concurrent.LinkedBlockingDeque;
 import java.util.concurrent.TimeUnit;
+import java.util.concurrent.atomic.AtomicInteger;
 import java.util.logging.LogRecord;
 /**
  * A {@link FileHandler} implementation that uses a queue of log entries.
@@ -95,6 +96,7 @@ public class AsyncFileHandler extends FileHandler {
 }
 closed = true;
 }
+LoggerThread.deregisterHandler();
 super.close();
 }
 
@@ -109,6 +111,7 @@ public class AsyncFileHandler extends FileHandler {
 }
 closed = false;
 }
+LoggerThread.registerHandler();
 super.open();
 }
 
@@ -158,6 +161,43 @@ public class AsyncFileHandler extends FileHandler {
 }
 
 protected static class LoggerThread extends Thread {
+
+/*
+ * Implementation note: Use of this count could be extended to
+ * start/stop the LoggerThread but that would require careful locking 
as
+ * the current size of the queue also needs to be taken into account 
and
+ * there are lost of edge cases when rapidly starting and stopping
+ * handlers.
+ */
+private static final AtomicInteger handlerCount = new AtomicInteger();
+
+public static void registerHandler() {
+handlerCount.incrementAndGet();
+}
+
+public static void deregisterHandler() {
+int newCount = handlerCount.decrementAndGet();
+if (newCount == 0) {
+try {
+Thread dummyHook = new Thread();
+Runtime.getRuntime().addShutdownHook(dummyHook);
+Runtime.getRuntime().removeShutdownHook(dummyHook);
+} catch (IllegalStateException ise) {
+// JVM is shutting down.
+// Allow up to 10s for for the queue to be emptied
+int sleepCount = 0;
+while (!AsyncFileHandler.queue.isEmpty() && sleepCount < 
1) {
+try {
+Thread.sleep(1);
+} catch (InterruptedException e) {
+// Ignore
+}
+sleepCount++;
+}
+}
+}
+}
+
 public LoggerThread() {
 this.setDaemon(true);
 this.setName("AsyncFileHandlerWriter-" + 
System.identityHashCode(this));
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index c163c15..cc1ff07 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -119,6 +119,10 @@
 Document conditions under which the AprLifecycleListener
 can be used to avoid JVM crashes. (michaelo)
   
+  
+Refactor the AsyncFileHandler to reduce the possibility of
+log messages being lost on shutdown. (markt)
+  
 
   
   

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] 03/03: Refactor AsyncFileHandler to make use of system property unnecessary

[markt]

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git

commit 9489ce53edacc72214a3df2c5d56edf111cf6efe
Author: Mark Thomas 
AuthorDate: Thu Nov 25 14:12:45 2021 +

Refactor AsyncFileHandler to make use of system property unnecessary

System property: org.apache.juli.AsyncLoggerPollInterval
---
 conf/catalina.policy   |  1 -
 java/org/apache/juli/AsyncFileHandler.java | 12 ++--
 webapps/docs/changelog.xml |  5 +
 webapps/docs/config/systemprops.xml|  7 ---
 4 files changed, 7 insertions(+), 18 deletions(-)

diff --git a/conf/catalina.policy b/conf/catalina.policy
index 5cfab09..6b2fa6d 100644
--- a/conf/catalina.policy
+++ b/conf/catalina.policy
@@ -89,7 +89,6 @@ grant codeBase "file:${catalina.home}/bin/tomcat-juli.jar" {
 
 permission java.util.PropertyPermission 
"java.util.logging.config.class", "read";
 permission java.util.PropertyPermission 
"java.util.logging.config.file", "read";
-permission java.util.PropertyPermission 
"org.apache.juli.AsyncLoggerPollInterval", "read";
 permission java.util.PropertyPermission 
"org.apache.juli.AsyncMaxRecordCount", "read";
 permission java.util.PropertyPermission 
"org.apache.juli.AsyncOverflowDropType", "read";
 permission java.util.PropertyPermission 
"org.apache.juli.ClassLoaderLogManager.debug", "read";
diff --git a/java/org/apache/juli/AsyncFileHandler.java 
b/java/org/apache/juli/AsyncFileHandler.java
index e8f8970..32b0809 100644
--- a/java/org/apache/juli/AsyncFileHandler.java
+++ b/java/org/apache/juli/AsyncFileHandler.java
@@ -33,8 +33,6 @@ import java.util.logging.LogRecord;
  *Default value: 1
  *   org.apache.juli.AsyncMaxRecordCount
  *Default value: 1
- *   org.apache.juli.AsyncLoggerPollInterval
- *Default value: 1000
  * 
  *
  * See the System Properties page in the configuration reference of 
Tomcat.
@@ -48,7 +46,6 @@ public class AsyncFileHandler extends FileHandler {
 
 public static final int DEFAULT_OVERFLOW_DROP_TYPE = 1;
 public static final int DEFAULT_MAX_RECORDS= 1;
-public static final int DEFAULT_LOGGER_SLEEP_TIME  = 1000;
 
 public static final int OVERFLOW_DROP_TYPE = Integer.parseInt(
 System.getProperty("org.apache.juli.AsyncOverflowDropType",
@@ -56,9 +53,6 @@ public class AsyncFileHandler extends FileHandler {
 public static final int MAX_RECORDS = Integer.parseInt(
 System.getProperty("org.apache.juli.AsyncMaxRecordCount",
Integer.toString(DEFAULT_MAX_RECORDS)));
-public static final int LOGGER_SLEEP_TIME = Integer.parseInt(
-System.getProperty("org.apache.juli.AsyncLoggerPollInterval",
-   Integer.toString(DEFAULT_LOGGER_SLEEP_TIME)));
 
 protected static final LinkedBlockingDeque queue =
 new LinkedBlockingDeque<>(MAX_RECORDS);
@@ -207,10 +201,8 @@ public class AsyncFileHandler extends FileHandler {
 public void run() {
 while (true) {
 try {
-LogEntry entry = queue.poll(LOGGER_SLEEP_TIME, 
TimeUnit.MILLISECONDS);
-if (entry != null) {
-entry.flush();
-}
+LogEntry entry = queue.take();
+entry.flush();
 } catch (InterruptedException x) {
 // Ignore the attempt to interrupt the thread.
 } catch (Exception x) {
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index cff0716..9ee926b 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -123,6 +123,11 @@
 Refactor the AsyncFileHandler to reduce the possibility of
 log messages being lost on shutdown. (markt)
   
+  
+Refactor the AsyncFileHandler to remove the need for the
+org.apache.juli.AsyncLoggerPollInterval. If set, this
+property now has no effect. (markt)
+  
 
   
   
diff --git a/webapps/docs/config/systemprops.xml 
b/webapps/docs/config/systemprops.xml
index f488302..da9cae1 100644
--- a/webapps/docs/config/systemprops.xml
+++ b/webapps/docs/config/systemprops.xml
@@ -466,13 +466,6 @@
   The default value is 1 (drop the newest record in the 
queue).
 
 
-
-  The poll interval in milliseconds for the asynchronous logger thread.
- If the log queue is empty, the async thread will issue a poll(poll 
interval)
- in order to not wake up too often.
-  The default value is 1000 milliseconds.
-
-
 
   The type of logging to use for errors generated by invalid input data.
  The options are: DEBUG_ALL, INFO_THEN_DEBUG,

-
To unsubscribe, e-mail: dev-unsubscr..

svn commit: r1895332 - in /tomcat/site/trunk: docs/.htaccess docs/migration-10.html docs/migration-85.html docs/migration-9.html xdocs/.htaccess xdocs/migration-10.xml xdocs/migration-85.xml xdocs/mig

[markt]

Author: markt
Date: Thu Nov 25 14:38:46 2021
New Revision: 1895332

URL: http://svn.apache.org/viewvc?rev=1895332&view=rev
Log:
Add system property removal to migration guide

Modified:
tomcat/site/trunk/docs/.htaccess
tomcat/site/trunk/docs/migration-10.html
tomcat/site/trunk/docs/migration-85.html
tomcat/site/trunk/docs/migration-9.html
tomcat/site/trunk/xdocs/.htaccess
tomcat/site/trunk/xdocs/migration-10.xml
tomcat/site/trunk/xdocs/migration-85.xml
tomcat/site/trunk/xdocs/migration-9.xml

Modified: tomcat/site/trunk/docs/.htaccess
URL: 
http://svn.apache.org/viewvc/tomcat/site/trunk/docs/.htaccess?rev=1895332&r1=1895331&r2=1895332&view=diff
==
--- tomcat/site/trunk/docs/.htaccess (original)
+++ tomcat/site/trunk/docs/.htaccess Thu Nov 25 14:38:46 2021
@@ -1,4 +1,3 @@
 RewriteEngine  On
 RewriteRulesvn.html %{REQUEST_SCHEME}://%{HTTP_HOST}/source.html [R=301]
 RewriteRule ^security.txt 
%{REQUEST_SCHEME}://%{HTTP_HOST}/.well-known/security.txt [R=301]
-

Modified: tomcat/site/trunk/docs/migration-10.html
URL: 
http://svn.apache.org/viewvc/tomcat/site/trunk/docs/migration-10.html?rev=1895332&r1=1895331&r2=1895332&view=diff
==
--- tomcat/site/trunk/docs/migration-10.html (original)
+++ tomcat/site/trunk/docs/migration-10.html Thu Nov 25 14:38:46 2021
@@ -176,6 +176,10 @@ of Apache Tomcat.
 sufficient direct memory to store all in progress multi-part
 uploads.
   
+  In 10.0.14 onwards, the system property
+org.apache.juli.AsyncLoggerPollInterval is no longer
+used.
+  
 
   
 

Modified: tomcat/site/trunk/docs/migration-85.html
URL: 
http://svn.apache.org/viewvc/tomcat/site/trunk/docs/migration-85.html?rev=1895332&r1=1895331&r2=1895332&view=diff
==
--- tomcat/site/trunk/docs/migration-85.html (original)
+++ tomcat/site/trunk/docs/migration-85.html Thu Nov 25 14:38:46 2021
@@ -269,6 +269,10 @@ of Apache Tomcat.
 sufficient direct memory to store all in progress multi-part
 uploads.
   
+  In 8.5.74 onwards, the system property
+org.apache.juli.AsyncLoggerPollInterval is no longer
+used.
+  
 
   
   

Modified: tomcat/site/trunk/docs/migration-9.html
URL: 
http://svn.apache.org/viewvc/tomcat/site/trunk/docs/migration-9.html?rev=1895332&r1=1895331&r2=1895332&view=diff
==
--- tomcat/site/trunk/docs/migration-9.html (original)
+++ tomcat/site/trunk/docs/migration-9.html Thu Nov 25 14:38:46 2021
@@ -349,6 +349,10 @@ of Apache Tomcat.
 sufficient direct memory to store all in progress multi-part
 uploads.
   
+  In 9.0.56 onwards, the system property
+org.apache.juli.AsyncLoggerPollInterval is no longer
+used.
+  
 
   
 

Modified: tomcat/site/trunk/xdocs/.htaccess
URL: 
http://svn.apache.org/viewvc/tomcat/site/trunk/xdocs/.htaccess?rev=1895332&r1=1895331&r2=1895332&view=diff
==
--- tomcat/site/trunk/xdocs/.htaccess (original)
+++ tomcat/site/trunk/xdocs/.htaccess Thu Nov 25 14:38:46 2021
@@ -1,3 +1,3 @@
 RewriteEngine  On
 RewriteRulesvn.html %{REQUEST_SCHEME}://%{HTTP_HOST}/source.html [R=301]
-
+RewriteRule ^security.txt 
%{REQUEST_SCHEME}://%{HTTP_HOST}/.well-known/security.txt [R=301]

Modified: tomcat/site/trunk/xdocs/migration-10.xml
URL: 
http://svn.apache.org/viewvc/tomcat/site/trunk/xdocs/migration-10.xml?rev=1895332&r1=1895331&r2=1895332&view=diff
==
--- tomcat/site/trunk/xdocs/migration-10.xml (original)
+++ tomcat/site/trunk/xdocs/migration-10.xml Thu Nov 25 14:38:46 2021
@@ -189,6 +189,10 @@ of Apache Tomcat.
 sufficient direct memory to store all in progress multi-part
 uploads.
   
+  In 10.0.14 onwards, the system property
+org.apache.juli.AsyncLoggerPollInterval is no longer
+used.
+  
 
   
 

Modified: tomcat/site/trunk/xdocs/migration-85.xml
URL: 
http://svn.apache.org/viewvc/tomcat/site/trunk/xdocs/migration-85.xml?rev=1895332&r1=1895331&r2=1895332&view=diff
==
--- tomcat/site/trunk/xdocs/migration-85.xml (original)
+++ tomcat/site/trunk/xdocs/migration-85.xml Thu Nov 25 14:38:46 2021
@@ -282,6 +282,10 @@ of Apache Tomcat.
 sufficient direct memory to store all in progress multi-part
 uploads.
   
+  In 8.5.74 onwards, the system property
+org.apache.juli.AsyncLoggerPollInterval is no longer
+used.
+  
 
   
   

Modified: tomcat/site/trunk/xdocs/migration-9.xml
URL: 
http://svn.apach

[tomcat] branch main updated: Document how to run the testsuite

[remm]

This is an automated email from the ASF dual-hosted git repository.

remm pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/main by this push:
 new aabe992  Document how to run the testsuite
aabe992 is described below

commit aabe992723ec0c8f718e86e2a942ac4e3f75d216
Author: remm 
AuthorDate: Thu Nov 25 15:41:03 2021 +0100

Document how to run the testsuite
---
 modules/openssl-java17/README.md | 46 +++-
 1 file changed, 45 insertions(+), 1 deletion(-)

diff --git a/modules/openssl-java17/README.md b/modules/openssl-java17/README.md
index 01be3fc..babc338 100644
--- a/modules/openssl-java17/README.md
+++ b/modules/openssl-java17/README.md
@@ -6,7 +6,9 @@ It uses an incubating Java API, and is not supported at this 
time.
 
 ## Building
 
-The module can be built using Java 17, and requires Java 17 at runtime.
+The module can be built using Java 17, this will be the only Java version that
+is supported as the foreign API is incbating and will continue to evolve.
+It then requires OpenSSL 1.1 or newer at runtime.
 ```
 mvn package
 ```
@@ -38,6 +40,48 @@ Run Tomcat using:
 export JAVA_OPTS="--enable-native-access=ALL-UNNAMED --add-modules 
jdk.incubator.foreign"
 ```
 
+## Running the testsuite
+
+Use the following patch for `build.xml` before running the testuite:
+```
+diff --git a/build.xml b/build.xml
+index dc1260b..dd9fba9 100644
+--- a/build.xml
 b/build.xml
+@@ -213,6 +213,8 @@
+   
+   
+
+   
+   
+ 
+@@ -240,6 +242,7 @@
+ 
+ 
+ 
++
+ 
+ 
+   
+@@ -1944,7 +1947,6 @@
+
+   
+   
+-  
+   
+   
+   
+@@ -1952,6 +1954,9 @@
+   
+   
+   
++  
++  
++  
+
+   
+```
+
 ## Generating OpenSSL API code using jextract (optional)
 
 This step is only useful to be able to use additional native APIs from OpenSSL

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[GitHub] [tomcat] markt-asf commented on pull request #453: AsyncFileHandler: try to flush on close

[GitBox]

markt-asf commented on pull request #453:
URL: https://github.com/apache/tomcat/pull/453#issuecomment-979270093


   Thanks for the PR. I applied a slightly different fix with an eye to a 
larger refactoring that would start/stop the thread as handlers were 
open/closed.
   I also removed the system property. I agree there is no need for it.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[GitHub] [tomcat] markt-asf closed pull request #453: AsyncFileHandler: try to flush on close

[GitBox]

markt-asf closed pull request #453:
URL: https://github.com/apache/tomcat/pull/453


   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch main updated: Additional improvements

[remm]

This is an automated email from the ASF dual-hosted git repository.

remm pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/main by this push:
 new 72fdb26  Additional improvements
72fdb26 is described below

commit 72fdb26a5511b51471cf5042e3750febf1994e4a
Author: remm 
AuthorDate: Thu Nov 25 16:15:23 2021 +0100

Additional improvements
---
 modules/openssl-java17/README.md | 23 +--
 1 file changed, 13 insertions(+), 10 deletions(-)

diff --git a/modules/openssl-java17/README.md b/modules/openssl-java17/README.md
index babc338..e9e2561 100644
--- a/modules/openssl-java17/README.md
+++ b/modules/openssl-java17/README.md
@@ -2,13 +2,13 @@
 
 ## This module is experimental
 
-It uses an incubating Java API, and is not supported at this time.
+It uses the incubating JEP 412 Java API, and is not supported at this time.
+More details on this API are available at `https://openjdk.java.net/jeps/412`.
 
 ## Building
 
-The module can be built using Java 17, this will be the only Java version that
-is supported as the foreign API is incbating and will continue to evolve.
-It then requires OpenSSL 1.1 or newer at runtime.
+The module can be built using Java 17. This will be the only Java version that
+is supported as the foreign API is incubating and will continue to evolve.
 ```
 mvn package
 ```
@@ -16,7 +16,10 @@ Note: The build path for the JDK will be different on other 
platforms.
 
 ## Running in Tomcat
 
-Copy `tomcat-openssl-X.X.jar` to Tomcat lib folder.
+Copy `tomcat-openssl-1.0.jar` to the Apache Tomcat `lib` folder.
+
+The module requires OpenSSL 1.1 or a newer API compatible version or
+alternative, available from the system library path.
 
 Remove `AprLifecycleListener` from `server.xml`.
 
@@ -92,15 +95,15 @@ extract it to a path.
 
 Find include paths using `gcc -xc -E -v -`, on Fedora it is
 `/usr/lib/gcc/x86_64-redhat-linux/11/include`. Edit `openssl-tomcat.conf`
-accordingly.
+accordingly to set the appropriate path.
 
 ```
 export JAVA_HOME=
 $JAVA_HOME/bin/jextract @openssl-tomcat.conf openssl.h
 ```
 
-The code included was generated for OpenSSL 1.1.1. As long as things remain API
-compatible, this will still work.
+The code included was generated using OpenSSL 1.1.1. As long as things remain
+API compatible, the generated code will still work.
 
 The `openssl-tomcat.conf` will generate a trimmed down OpenSSL API. When
 developing new features, the full API can be generated instead using:
@@ -109,8 +112,8 @@ $JAVA_HOME/bin/jextract --source -t 
org.apache.tomcat.util.openssl -lssl -I /usr
 ```
 
 The `openssl.conf` file lists all the API calls and constants that can be
-generated using jextract, as a reference to what is available. Macros are not
-supported and have to be reproduced in code.
+generated using jextract, as a reference to what is available. Some macros are
+not supported and have to be reproduced in code.
 
 Before committing updated generated files, they need to have the license header
 added. The `addlicense.sh` script can do that and process all Java source files

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: OpenSSL module build releases

[Rémy Maucherat]

On Tue, Nov 23, 2021 at 10:36 AM Martin Grigorov  wrote:
>
> On Tue, Nov 23, 2021 at 11:18 AM Rémy Maucherat  wrote:
>
> > On Tue, Nov 23, 2021 at 9:33 AM Martin Grigorov 
> > wrote:
> > >
> > > Hi Remy,
> > >
> > > On Tue, Nov 23, 2021 at 9:49 AM Rémy Maucherat  wrote:
> > >
> > > > On Mon, Nov 22, 2021 at 10:55 PM Christopher Schultz
> > > >  wrote:
> > > > >
> > > > > Rémy,
> > > > >
> > > > > On 11/22/21 02:00, Rémy Maucherat wrote:
> > > > > > I am done with the initial version of the OpenSSL with Panama
> > module.
> > > > >
> > > > > Fantastic.
> > > > >
> > > > > > It could be time for more testing and build releases (obviously
> > > > > > targeting only Java 17). It should also be easy to add new
> > features as
> > > > > > needed since the full OpenSSL API is available and there's no hard
> > to
> > > > > > update subcomponent to release first. I only focused on replicating
> > > > > > the functionality that was in tomcat-native.
> > > > > >
> > > > > > What would be the best way to proceed ?
> > > > >
> > > > > What does it take to run Tomcat's unit-test suite with Panama
> > enabled,
> > > > > instead of e.g. tcnative?
> > > >
> > > > This needs some modifications to the tests, just as there's code to
> > > > run JSSE (or tomcat-native).
> > > >  parameterSets.add(new Object[] {
> > > > "JSSE", Boolean.FALSE,
> > > > "org.apache.tomcat.util.net.jsse.JSSEImplementation"});
> > > > would be:
> > > > "OpenSSL-Panama", Boolean.FALSE,
> > > > "org.apache.tomcat.util.net.openssl.panama.OpenSSLImplementation"});
> > > > I did that in all relevant tests for testing (and removed the two
> > > > others to get faster runs). This now needs extra code to make it run
> > > > only on Java 17.
> > >
> > >
> > > > build.xml needs some changes too (and they need to be optional, as the
> > > > arguments only work on Java 17):
> > > >
> > > > diff --git a/build.xml b/build.xml
> > > > index fbba5d7..4046afe 100644
> > > > --- a/build.xml
> > > > +++ b/build.xml
> > > > @@ -238,6 +238,7 @@
> > > >  
> > > >  
> > > >  
> > > > +
> > > >  
> > > >  
> > > >
> > > > @@ -1938,6 +1938,9 @@
> > > > > > > value="--add-opens=java.rmi/sun.rmi.transport=ALL-UNNAMED"/>
> > > > > value="--add-opens=java.base/java.util=ALL-UNNAMED"/>
> > > > > > > value="--add-opens=java.base/java.util.concurrent=ALL-UNNAMED"/>
> > > > +  
> > > > +  
> > > > +  
> > > >
> > > >
> > > >
> > > > I'm not sure how to make the tests fail nice if OpenSSL isn't there.
> > > > The first step is to release a build (like for the migration tool)
> > > > since otherwise this cannot really be done properly.
> > > >
> > >
> > > I could test it on Linux ARM64!
> >
> > Ok !
> >
> > > But to make it easier for me and anyone else: can we control the JVM args
> > > in build.xml and the JVM properties in the tests via build.properties ?
> > > I.e. if I set some new property in build.properties then all of the above
> > > to be done for me wthout manually patching around.
> >
> > I cannot do anything to make the testsuite "ready to run" without a
> > build out first. The current mechanism for selecting
> > sslImplementationName does not use system properties, so I have to
> > change all the tests.
> >
>
> Yes, the respective tests have to be updated.
> I could do it too in the coming weeks.

I have updated the TLS tests in the testsuite to run with that new
implementation (if available) and documented at
https://github.com/apache/tomcat/tree/main/modules/openssl-java17 (it
needs new jvm arguments to run the tests).

Rémy

>
>
> >
> > Rémy
> >
> > > Martin
> > >
> > >
> > > >
> > > > > It might help to post an "invitation to try something out" and see if
> > > > > anyone gets failures you didn't get during your work.
> > > > >
> > > > > > I also updated the panama-foreign version of it since it is now
> > > > > > stable-with-workaround, at:
> > > > > > https://github.com/rmaucher/openssl-panama-foreign . It will
> > > > > > eventually require whichever Java first gets the non incubator
> > version
> > > > > > of the API (it could be 19 or 20).
> > > > >
> > > > > I may have asked this already: would this be expected to work with
> > > > > LibreSSL? I think they have a goal of binary-compatibility with
> > OpenSSL.
> > > > >
> > > > > Similarly, Stefan @ httpd has produced an experimental mod_tls for
> > httpd
> > > > > which uses RustTLS as its underlying crypto library instead of
> > OpenSSL.
> > > > > It might be interesting to see how difficult it would be to use
> > RustTLS
> > > > > instead of OpenSSL, though that may require some significant changes
> > to
> > > > > Tomcat's code to deal with any "philosophical" differences between
> > the
> > > > > OpenSSL API and RustTLS.
> > > >
> > > > This supports the OpenSSL 1.1+ API. It doesn't support older versions
> > > > (it may require adding back some annoying code, or wors

[tomcat] branch main updated: Add debug logging. Based on a PR by Polina Georgieva

[markt]

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/main by this push:
 new 142b72a  Add debug logging. Based on a PR by Polina Georgieva
142b72a is described below

commit 142b72aab616e6e2f3f2039ff89de7ef32cd525e
Author: Mark Thomas 
AuthorDate: Thu Nov 25 19:02:35 2021 +

Add debug logging. Based on a PR by Polina Georgieva
---
 .../catalina/filters/LocalStrings.properties   |  3 +++
 .../catalina/filters/RestCsrfPreventionFilter.java | 29 --
 webapps/docs/changelog.xml |  4 +++
 3 files changed, 29 insertions(+), 7 deletions(-)

diff --git a/java/org/apache/catalina/filters/LocalStrings.properties 
b/java/org/apache/catalina/filters/LocalStrings.properties
index 5877b76..31f7bd0 100644
--- a/java/org/apache/catalina/filters/LocalStrings.properties
+++ b/java/org/apache/catalina/filters/LocalStrings.properties
@@ -62,7 +62,10 @@ remoteIpFilter.invalidRemoteAddress=Unable to determine the 
remote host because
 
 requestFilter.deny=Denied request for [{0}] based on property [{1}]
 
+restCsrfPreventionFilter.fetch.debug=CSRF Fetch request is successfully 
handled - nonce is added to the response. Request method: [{0}] and URI [{1}].
 restCsrfPreventionFilter.invalidNonce=CSRF nonce validation failed
+restCsrfPreventionFilter.invalidNonce.debug=CSRF validation for REST failed! 
Request with method [{0}] and URI [{1}] will be rejected. Details: request has 
session ID [{2}]; requested session exists [{3}]; csrf nonce in request exists 
[{4}]; csrf nonce in session exists [{5}].
+restCsrfPreventionFilter.multipleNonce.debug=Different CSRF nonces are sent as 
request parameters, none of them will be used. Request method: [{0}] and URI 
[{1}].
 
 webDavFilter.xpProblem=WebdavFixFilter: the XP-x64-SP2 client is known not to 
work with WebDAV Servlet
 webDavFilter.xpRootContext=WebdavFixFilter: the XP-x64-SP2 client will only 
work with the root context
diff --git a/java/org/apache/catalina/filters/RestCsrfPreventionFilter.java 
b/java/org/apache/catalina/filters/RestCsrfPreventionFilter.java
index dd787bc..fd13d69 100644
--- a/java/org/apache/catalina/filters/RestCsrfPreventionFilter.java
+++ b/java/org/apache/catalina/filters/RestCsrfPreventionFilter.java
@@ -145,16 +145,24 @@ public class RestCsrfPreventionFilter extends 
CsrfPreventionFilterBase {
 @Override
 public boolean apply(HttpServletRequest request, HttpServletResponse 
response)
 throws IOException {
-if (isValidStateChangingRequest(
-extractNonceFromRequest(request),
-nonceFromSession.getNonce(request.getSession(false), 
Constants.CSRF_REST_NONCE_SESSION_ATTR_NAME))) {
+
+String nonceRequest = extractNonceFromRequest(request);
+HttpSession session = request.getSession(false);
+String nonceSession = nonceFromSession.getNonce(session, 
Constants.CSRF_REST_NONCE_SESSION_ATTR_NAME);
+
+if (isValidStateChangingRequest(nonceRequest, nonceSession)) {
 return true;
 }
 
 nonceToResponse.setNonce(response, 
Constants.CSRF_REST_NONCE_HEADER_NAME,
 Constants.CSRF_REST_NONCE_HEADER_REQUIRED_VALUE);
-response.sendError(getDenyStatus(),
-sm.getString("restCsrfPreventionFilter.invalidNonce"));
+response.sendError(getDenyStatus(), 
sm.getString("restCsrfPreventionFilter.invalidNonce"));
+
+if (getLogger().isDebugEnabled()) {
+
getLogger().debug(sm.getString("restCsrfPreventionFilter.invalidNonce.debug", 
request.getMethod(),
+request.getRequestURI(), 
Boolean.valueOf(request.getRequestedSessionId() != null),
+session, Boolean.valueOf(nonceRequest != null), 
Boolean.valueOf(nonceSession != null)));
+}
 return false;
 }
 
@@ -175,12 +183,15 @@ public class RestCsrfPreventionFilter extends 
CsrfPreventionFilterBase {
 }
 
 private String extractNonceFromRequestParams(HttpServletRequest 
request) {
-String[] params = nonceFromRequestParams.getNonce(request,
-Constants.CSRF_REST_NONCE_HEADER_NAME);
+String[] params = nonceFromRequestParams.getNonce(request, 
Constants.CSRF_REST_NONCE_HEADER_NAME);
 if (Objects.nonNull(params) && params.length > 0) {
 String nonce = params[0];
 for (String param : params) {
 if (!Objects.equals(param, nonce)) {
+if (getLogger().isDebugEnabled()) {
+
getLogger().debug(sm.getString("restCsrfPreventionFilter.multipleNonce.debug",
+request.getMethod(), 
request.getRequestURI(

[tomcat] branch 10.0.x updated: Add debug logging. Based on a PR by Polina Georgieva

[markt]

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 10.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/10.0.x by this push:
 new 5d6ac5a  Add debug logging. Based on a PR by Polina Georgieva
5d6ac5a is described below

commit 5d6ac5a4088322e8e381c672be88472d47053f7c
Author: Mark Thomas 
AuthorDate: Thu Nov 25 19:02:35 2021 +

Add debug logging. Based on a PR by Polina Georgieva
---
 .../catalina/filters/LocalStrings.properties   |  3 +++
 .../catalina/filters/RestCsrfPreventionFilter.java | 29 --
 webapps/docs/changelog.xml |  4 +++
 3 files changed, 29 insertions(+), 7 deletions(-)

diff --git a/java/org/apache/catalina/filters/LocalStrings.properties 
b/java/org/apache/catalina/filters/LocalStrings.properties
index 5877b76..31f7bd0 100644
--- a/java/org/apache/catalina/filters/LocalStrings.properties
+++ b/java/org/apache/catalina/filters/LocalStrings.properties
@@ -62,7 +62,10 @@ remoteIpFilter.invalidRemoteAddress=Unable to determine the 
remote host because
 
 requestFilter.deny=Denied request for [{0}] based on property [{1}]
 
+restCsrfPreventionFilter.fetch.debug=CSRF Fetch request is successfully 
handled - nonce is added to the response. Request method: [{0}] and URI [{1}].
 restCsrfPreventionFilter.invalidNonce=CSRF nonce validation failed
+restCsrfPreventionFilter.invalidNonce.debug=CSRF validation for REST failed! 
Request with method [{0}] and URI [{1}] will be rejected. Details: request has 
session ID [{2}]; requested session exists [{3}]; csrf nonce in request exists 
[{4}]; csrf nonce in session exists [{5}].
+restCsrfPreventionFilter.multipleNonce.debug=Different CSRF nonces are sent as 
request parameters, none of them will be used. Request method: [{0}] and URI 
[{1}].
 
 webDavFilter.xpProblem=WebdavFixFilter: the XP-x64-SP2 client is known not to 
work with WebDAV Servlet
 webDavFilter.xpRootContext=WebdavFixFilter: the XP-x64-SP2 client will only 
work with the root context
diff --git a/java/org/apache/catalina/filters/RestCsrfPreventionFilter.java 
b/java/org/apache/catalina/filters/RestCsrfPreventionFilter.java
index dd787bc..fd13d69 100644
--- a/java/org/apache/catalina/filters/RestCsrfPreventionFilter.java
+++ b/java/org/apache/catalina/filters/RestCsrfPreventionFilter.java
@@ -145,16 +145,24 @@ public class RestCsrfPreventionFilter extends 
CsrfPreventionFilterBase {
 @Override
 public boolean apply(HttpServletRequest request, HttpServletResponse 
response)
 throws IOException {
-if (isValidStateChangingRequest(
-extractNonceFromRequest(request),
-nonceFromSession.getNonce(request.getSession(false), 
Constants.CSRF_REST_NONCE_SESSION_ATTR_NAME))) {
+
+String nonceRequest = extractNonceFromRequest(request);
+HttpSession session = request.getSession(false);
+String nonceSession = nonceFromSession.getNonce(session, 
Constants.CSRF_REST_NONCE_SESSION_ATTR_NAME);
+
+if (isValidStateChangingRequest(nonceRequest, nonceSession)) {
 return true;
 }
 
 nonceToResponse.setNonce(response, 
Constants.CSRF_REST_NONCE_HEADER_NAME,
 Constants.CSRF_REST_NONCE_HEADER_REQUIRED_VALUE);
-response.sendError(getDenyStatus(),
-sm.getString("restCsrfPreventionFilter.invalidNonce"));
+response.sendError(getDenyStatus(), 
sm.getString("restCsrfPreventionFilter.invalidNonce"));
+
+if (getLogger().isDebugEnabled()) {
+
getLogger().debug(sm.getString("restCsrfPreventionFilter.invalidNonce.debug", 
request.getMethod(),
+request.getRequestURI(), 
Boolean.valueOf(request.getRequestedSessionId() != null),
+session, Boolean.valueOf(nonceRequest != null), 
Boolean.valueOf(nonceSession != null)));
+}
 return false;
 }
 
@@ -175,12 +183,15 @@ public class RestCsrfPreventionFilter extends 
CsrfPreventionFilterBase {
 }
 
 private String extractNonceFromRequestParams(HttpServletRequest 
request) {
-String[] params = nonceFromRequestParams.getNonce(request,
-Constants.CSRF_REST_NONCE_HEADER_NAME);
+String[] params = nonceFromRequestParams.getNonce(request, 
Constants.CSRF_REST_NONCE_HEADER_NAME);
 if (Objects.nonNull(params) && params.length > 0) {
 String nonce = params[0];
 for (String param : params) {
 if (!Objects.equals(param, nonce)) {
+if (getLogger().isDebugEnabled()) {
+
getLogger().debug(sm.getString("restCsrfPreventionFilter.multipleNonce.debug",
+request.getMethod(), 
request.getRequest

[tomcat] branch 9.0.x updated: Add debug logging. Based on a PR by Polina Georgieva

[markt]

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/9.0.x by this push:
 new d9fb319  Add debug logging. Based on a PR by Polina Georgieva
d9fb319 is described below

commit d9fb31905132df032aa9b8f59441744040aa3ad3
Author: Mark Thomas 
AuthorDate: Thu Nov 25 19:02:35 2021 +

Add debug logging. Based on a PR by Polina Georgieva
---
 .../catalina/filters/LocalStrings.properties   |  3 +++
 .../catalina/filters/RestCsrfPreventionFilter.java | 29 --
 webapps/docs/changelog.xml |  4 +++
 3 files changed, 29 insertions(+), 7 deletions(-)

diff --git a/java/org/apache/catalina/filters/LocalStrings.properties 
b/java/org/apache/catalina/filters/LocalStrings.properties
index 5877b76..31f7bd0 100644
--- a/java/org/apache/catalina/filters/LocalStrings.properties
+++ b/java/org/apache/catalina/filters/LocalStrings.properties
@@ -62,7 +62,10 @@ remoteIpFilter.invalidRemoteAddress=Unable to determine the 
remote host because
 
 requestFilter.deny=Denied request for [{0}] based on property [{1}]
 
+restCsrfPreventionFilter.fetch.debug=CSRF Fetch request is successfully 
handled - nonce is added to the response. Request method: [{0}] and URI [{1}].
 restCsrfPreventionFilter.invalidNonce=CSRF nonce validation failed
+restCsrfPreventionFilter.invalidNonce.debug=CSRF validation for REST failed! 
Request with method [{0}] and URI [{1}] will be rejected. Details: request has 
session ID [{2}]; requested session exists [{3}]; csrf nonce in request exists 
[{4}]; csrf nonce in session exists [{5}].
+restCsrfPreventionFilter.multipleNonce.debug=Different CSRF nonces are sent as 
request parameters, none of them will be used. Request method: [{0}] and URI 
[{1}].
 
 webDavFilter.xpProblem=WebdavFixFilter: the XP-x64-SP2 client is known not to 
work with WebDAV Servlet
 webDavFilter.xpRootContext=WebdavFixFilter: the XP-x64-SP2 client will only 
work with the root context
diff --git a/java/org/apache/catalina/filters/RestCsrfPreventionFilter.java 
b/java/org/apache/catalina/filters/RestCsrfPreventionFilter.java
index 78769ce..b7811bb 100644
--- a/java/org/apache/catalina/filters/RestCsrfPreventionFilter.java
+++ b/java/org/apache/catalina/filters/RestCsrfPreventionFilter.java
@@ -144,16 +144,24 @@ public class RestCsrfPreventionFilter extends 
CsrfPreventionFilterBase {
 @Override
 public boolean apply(HttpServletRequest request, HttpServletResponse 
response)
 throws IOException {
-if (isValidStateChangingRequest(
-extractNonceFromRequest(request),
-nonceFromSession.getNonce(request.getSession(false), 
Constants.CSRF_REST_NONCE_SESSION_ATTR_NAME))) {
+
+String nonceRequest = extractNonceFromRequest(request);
+HttpSession session = request.getSession(false);
+String nonceSession = nonceFromSession.getNonce(session, 
Constants.CSRF_REST_NONCE_SESSION_ATTR_NAME);
+
+if (isValidStateChangingRequest(nonceRequest, nonceSession)) {
 return true;
 }
 
 nonceToResponse.setNonce(response, 
Constants.CSRF_REST_NONCE_HEADER_NAME,
 Constants.CSRF_REST_NONCE_HEADER_REQUIRED_VALUE);
-response.sendError(getDenyStatus(),
-sm.getString("restCsrfPreventionFilter.invalidNonce"));
+response.sendError(getDenyStatus(), 
sm.getString("restCsrfPreventionFilter.invalidNonce"));
+
+if (getLogger().isDebugEnabled()) {
+
getLogger().debug(sm.getString("restCsrfPreventionFilter.invalidNonce.debug", 
request.getMethod(),
+request.getRequestURI(), 
Boolean.valueOf(request.getRequestedSessionId() != null),
+session, Boolean.valueOf(nonceRequest != null), 
Boolean.valueOf(nonceSession != null)));
+}
 return false;
 }
 
@@ -174,12 +182,15 @@ public class RestCsrfPreventionFilter extends 
CsrfPreventionFilterBase {
 }
 
 private String extractNonceFromRequestParams(HttpServletRequest 
request) {
-String[] params = nonceFromRequestParams.getNonce(request,
-Constants.CSRF_REST_NONCE_HEADER_NAME);
+String[] params = nonceFromRequestParams.getNonce(request, 
Constants.CSRF_REST_NONCE_HEADER_NAME);
 if (Objects.nonNull(params) && params.length > 0) {
 String nonce = params[0];
 for (String param : params) {
 if (!Objects.equals(param, nonce)) {
+if (getLogger().isDebugEnabled()) {
+
getLogger().debug(sm.getString("restCsrfPreventionFilter.multipleNonce.debug",
+request.getMethod(), 
request.getRequestUR

[tomcat] branch 8.5.x updated: Add debug logging. Based on a PR by Polina Georgieva

[markt]

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/8.5.x by this push:
 new 130e832  Add debug logging. Based on a PR by Polina Georgieva
130e832 is described below

commit 130e832a816b1d6131ebbabaa4fc3d8c1bf6dbba
Author: Mark Thomas 
AuthorDate: Thu Nov 25 19:02:35 2021 +

Add debug logging. Based on a PR by Polina Georgieva
---
 .../catalina/filters/LocalStrings.properties   |  3 +++
 .../catalina/filters/RestCsrfPreventionFilter.java | 30 --
 webapps/docs/changelog.xml |  4 +++
 3 files changed, 29 insertions(+), 8 deletions(-)

diff --git a/java/org/apache/catalina/filters/LocalStrings.properties 
b/java/org/apache/catalina/filters/LocalStrings.properties
index 5877b76..31f7bd0 100644
--- a/java/org/apache/catalina/filters/LocalStrings.properties
+++ b/java/org/apache/catalina/filters/LocalStrings.properties
@@ -62,7 +62,10 @@ remoteIpFilter.invalidRemoteAddress=Unable to determine the 
remote host because
 
 requestFilter.deny=Denied request for [{0}] based on property [{1}]
 
+restCsrfPreventionFilter.fetch.debug=CSRF Fetch request is successfully 
handled - nonce is added to the response. Request method: [{0}] and URI [{1}].
 restCsrfPreventionFilter.invalidNonce=CSRF nonce validation failed
+restCsrfPreventionFilter.invalidNonce.debug=CSRF validation for REST failed! 
Request with method [{0}] and URI [{1}] will be rejected. Details: request has 
session ID [{2}]; requested session exists [{3}]; csrf nonce in request exists 
[{4}]; csrf nonce in session exists [{5}].
+restCsrfPreventionFilter.multipleNonce.debug=Different CSRF nonces are sent as 
request parameters, none of them will be used. Request method: [{0}] and URI 
[{1}].
 
 webDavFilter.xpProblem=WebdavFixFilter: the XP-x64-SP2 client is known not to 
work with WebDAV Servlet
 webDavFilter.xpRootContext=WebdavFixFilter: the XP-x64-SP2 client will only 
work with the root context
diff --git a/java/org/apache/catalina/filters/RestCsrfPreventionFilter.java 
b/java/org/apache/catalina/filters/RestCsrfPreventionFilter.java
index 4fd6efc..66d3ea9 100644
--- a/java/org/apache/catalina/filters/RestCsrfPreventionFilter.java
+++ b/java/org/apache/catalina/filters/RestCsrfPreventionFilter.java
@@ -155,17 +155,24 @@ public class RestCsrfPreventionFilter extends 
CsrfPreventionFilterBase {
 @Override
 public boolean apply(HttpServletRequest request, HttpServletResponse 
response)
 throws IOException {
-if (isValidStateChangingRequest(
-extractNonceFromRequest(request),
-extractNonceFromSession(request.getSession(false),
-Constants.CSRF_REST_NONCE_SESSION_ATTR_NAME))) {
+
+String nonceRequest = extractNonceFromRequest(request);
+HttpSession session = request.getSession(false);
+String nonceSession = extractNonceFromSession(session, 
Constants.CSRF_REST_NONCE_SESSION_ATTR_NAME);
+
+if (isValidStateChangingRequest(nonceRequest, nonceSession)) {
 return true;
 }
 
 storeNonceToResponse(response, 
Constants.CSRF_REST_NONCE_HEADER_NAME,
 Constants.CSRF_REST_NONCE_HEADER_REQUIRED_VALUE);
-response.sendError(getDenyStatus(),
-sm.getString("restCsrfPreventionFilter.invalidNonce"));
+response.sendError(getDenyStatus(), 
sm.getString("restCsrfPreventionFilter.invalidNonce"));
+
+if (getLogger().isDebugEnabled()) {
+
getLogger().debug(sm.getString("restCsrfPreventionFilter.invalidNonce.debug", 
request.getMethod(),
+request.getRequestURI(), 
Boolean.valueOf(request.getRequestedSessionId() != null),
+session, Boolean.valueOf(nonceRequest != null), 
Boolean.valueOf(nonceSession != null)));
+}
 return false;
 }
 
@@ -186,12 +193,15 @@ public class RestCsrfPreventionFilter extends 
CsrfPreventionFilterBase {
 }
 
 private String extractNonceFromRequestParams(HttpServletRequest 
request) {
-String[] params = extractNonceFromRequestParams(request,
-Constants.CSRF_REST_NONCE_HEADER_NAME);
+String[] params = extractNonceFromRequestParams(request, 
Constants.CSRF_REST_NONCE_HEADER_NAME);
 if (params != null && params.length > 0) {
 String nonce = params[0];
 for (String param : params) {
 if (!Objects.equals(param, nonce)) {
+if (getLogger().isDebugEnabled()) {
+
getLogger().debug(sm.getString("restCsrfPreventionFilter.multipleNonce.debug",
+request.getMethod(), 
request.getRe

[GitHub] [tomcat] markt-asf commented on pull request #452: Introduce logs in RestCsrfPreventionFilter to improve troubleshooting.

[GitBox]

markt-asf commented on pull request #452:
URL: https://github.com/apache/tomcat/pull/452#issuecomment-979431354


   It has been 2 months and the requested changes have not been made. I made 
the changes and a number of other fixes and applied this manually.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[GitHub] [tomcat] markt-asf closed pull request #452: Introduce logs in RestCsrfPreventionFilter to improve troubleshooting.

[GitBox]

markt-asf closed pull request #452:
URL: https://github.com/apache/tomcat/pull/452


   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[GitHub] [tomcat] markt-asf closed pull request #434: Optionally inherit request parameters

[GitBox]

markt-asf closed pull request #434:
URL: https://github.com/apache/tomcat/pull/434


   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[GitHub] [tomcat] markt-asf commented on pull request #434: Optionally inherit request parameters

[GitBox]

markt-asf commented on pull request #434:
URL: https://github.com/apache/tomcat/pull/434#issuecomment-979437308


   This is not going to be applied. The users mailing list is the place to 
discuss your requirement and possible solutions.
   
   As a starting point, how about ensuring the target servlets take only the 
first value for any parameter. Then you can rely on the precedence rules in the 
specification.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch main updated: Correct capitalisation of method name

[markt]

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/main by this push:
 new 6e21c5d  Correct capitalisation of method name
6e21c5d is described below

commit 6e21c5d4c237348a6568eba5a71d457cf6b16a46
Author: Mark Thomas 
AuthorDate: Thu Nov 25 19:53:37 2021 +

Correct capitalisation of method name
---
 test/org/apache/tomcat/util/http/TestCookieProcessorGeneration.java | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git 
a/test/org/apache/tomcat/util/http/TestCookieProcessorGeneration.java 
b/test/org/apache/tomcat/util/http/TestCookieProcessorGeneration.java
index 30ff103..3ec05ae 100644
--- a/test/org/apache/tomcat/util/http/TestCookieProcessorGeneration.java
+++ b/test/org/apache/tomcat/util/http/TestCookieProcessorGeneration.java
@@ -24,7 +24,7 @@ import org.junit.Test;
 public class TestCookieProcessorGeneration {
 
 @Test
-public void SimpleCookie() {
+public void simpleCookie() {
 doTest(new Cookie("foo", "bar"), "foo=bar");
 }
 

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

default context path

[Mark Thomas]

Hi all,

I am working on updating the Servlet TCK for Servlet 6 and I have been 
discussing with the Jakarta Servlet community whether or not we could 
disable the TCK test that checks default-context-path support.


Tomcat doesn't implement this feature as the container is allowed to 
override this default and we always do - primarily to avoid a bunch of 
edge cases.


Other containers do implement the feature and the preference looks to be 
keeping the TCK test enabled.


If we want to fully pass the TCK, one option is to hard-code the 
deployer to deploy the specific TCK WAR to the correct path if 
STRICT_SERVLET_COMPLIANCE was enabled. This is a fairly ugly hack but it 
would enable Tomcat to fully pass the TCK.


What do we think?
a) Do we want to fully pass the TCK? Is a hack along the lines I
   described an acceptable way to do this?
b) Do we do nothing now and keep this as an option if we get to the
   point where we do want to fully pass the TCK and certify compliance?
c) Do we make a formal challenge of the TCK test on the grounds the
   little documentation there is says the container can override this
   default so the test is invalid on the basis it doesn't allow for the
   override?

Assuming the Servlet team decides to keep the test, I am leaning towards 
b) or maybe a)


Thoughts?

The last time we discussed this:
https://tomcat.markmail.org/thread/4g7nb36fzf4byrej

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org