Re: Building all releases with Java 11
Am 2022-01-10 um 17:46 schrieb Mark Thomas: [...] Is this because of EJC going Java 11? Has anyone reached out to them? Why 11? I assume that 8 will outlive 11 for some time. Java 8 still seems like a good baseline. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 10.0.x updated: Improve Javadoc as suggested by schultz
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 10.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/10.0.x by this push:
new 045c960 Improve Javadoc as suggested by schultz
045c960 is described below
commit 045c9606d6e96214dbd307c006bf5c6d124b764c
Author: Mark Thomas
AuthorDate: Tue Jan 11 10:43:28 2022 +
Improve Javadoc as suggested by schultz
---
java/org/apache/tomcat/util/http/parser/HttpParser.java | 14 +-
1 file changed, 13 insertions(+), 1 deletion(-)
diff --git a/java/org/apache/tomcat/util/http/parser/HttpParser.java
b/java/org/apache/tomcat/util/http/parser/HttpParser.java
index 7dcb631..76d79ca 100644
--- a/java/org/apache/tomcat/util/http/parser/HttpParser.java
+++ b/java/org/apache/tomcat/util/http/parser/HttpParser.java
@@ -237,8 +237,20 @@ public class HttpParser {
}
+/**
+ * Is the provided String a token as per RFC 7230?
+ *
+ * Note: token = 1 * tchar (RFC 7230)
+ *
+ * Since a token requires at least 1 tchar, {@code null} and the empty
+ * string ({@code ""}) are not considered to be valid tokens.
+ *
+ * @param s The string to test
+ *
+ * @return {@code true} if the string is a valid token, otherwise
+ * {@code false}
+ */
public static boolean isToken(String s) {
-// token = 1 * tchar (RFC 7230)
if (s == null) {
return false;
}
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch main updated: Improve Javadoc as suggested by schultz
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/main by this push:
new 644c904 Improve Javadoc as suggested by schultz
644c904 is described below
commit 644c904205194e09a9c8e8d16bfd01d341a8ed2d
Author: Mark Thomas
AuthorDate: Tue Jan 11 10:43:28 2022 +
Improve Javadoc as suggested by schultz
---
java/org/apache/tomcat/util/http/parser/HttpParser.java | 14 +-
1 file changed, 13 insertions(+), 1 deletion(-)
diff --git a/java/org/apache/tomcat/util/http/parser/HttpParser.java
b/java/org/apache/tomcat/util/http/parser/HttpParser.java
index 7dcb631..76d79ca 100644
--- a/java/org/apache/tomcat/util/http/parser/HttpParser.java
+++ b/java/org/apache/tomcat/util/http/parser/HttpParser.java
@@ -237,8 +237,20 @@ public class HttpParser {
}
+/**
+ * Is the provided String a token as per RFC 7230?
+ *
+ * Note: token = 1 * tchar (RFC 7230)
+ *
+ * Since a token requires at least 1 tchar, {@code null} and the empty
+ * string ({@code ""}) are not considered to be valid tokens.
+ *
+ * @param s The string to test
+ *
+ * @return {@code true} if the string is a valid token, otherwise
+ * {@code false}
+ */
public static boolean isToken(String s) {
-// token = 1 * tchar (RFC 7230)
if (s == null) {
return false;
}
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 9.0.x updated: Improve Javadoc as suggested by schultz
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/9.0.x by this push:
new 199d99b Improve Javadoc as suggested by schultz
199d99b is described below
commit 199d99b704d043a5e87d0be78622117b62d799ae
Author: Mark Thomas
AuthorDate: Tue Jan 11 10:43:28 2022 +
Improve Javadoc as suggested by schultz
---
java/org/apache/tomcat/util/http/parser/HttpParser.java | 14 +-
1 file changed, 13 insertions(+), 1 deletion(-)
diff --git a/java/org/apache/tomcat/util/http/parser/HttpParser.java
b/java/org/apache/tomcat/util/http/parser/HttpParser.java
index 7dcb631..76d79ca 100644
--- a/java/org/apache/tomcat/util/http/parser/HttpParser.java
+++ b/java/org/apache/tomcat/util/http/parser/HttpParser.java
@@ -237,8 +237,20 @@ public class HttpParser {
}
+/**
+ * Is the provided String a token as per RFC 7230?
+ *
+ * Note: token = 1 * tchar (RFC 7230)
+ *
+ * Since a token requires at least 1 tchar, {@code null} and the empty
+ * string ({@code ""}) are not considered to be valid tokens.
+ *
+ * @param s The string to test
+ *
+ * @return {@code true} if the string is a valid token, otherwise
+ * {@code false}
+ */
public static boolean isToken(String s) {
-// token = 1 * tchar (RFC 7230)
if (s == null) {
return false;
}
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 8.5.x updated: Improve Javadoc as suggested by schultz
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/8.5.x by this push:
new 3dfde1c Improve Javadoc as suggested by schultz
3dfde1c is described below
commit 3dfde1ce7e0c3a29786dcfdc1e82ae8130d1a656
Author: Mark Thomas
AuthorDate: Tue Jan 11 10:43:28 2022 +
Improve Javadoc as suggested by schultz
---
java/org/apache/tomcat/util/http/parser/HttpParser.java | 14 +-
1 file changed, 13 insertions(+), 1 deletion(-)
diff --git a/java/org/apache/tomcat/util/http/parser/HttpParser.java
b/java/org/apache/tomcat/util/http/parser/HttpParser.java
index 37dcc55..5d70f61 100644
--- a/java/org/apache/tomcat/util/http/parser/HttpParser.java
+++ b/java/org/apache/tomcat/util/http/parser/HttpParser.java
@@ -257,8 +257,20 @@ public class HttpParser {
}
+/**
+ * Is the provided String a token as per RFC 7230?
+ *
+ * Note: token = 1 * tchar (RFC 7230)
+ *
+ * Since a token requires at least 1 tchar, {@code null} and the empty
+ * string ({@code ""}) are not considered to be valid tokens.
+ *
+ * @param s The string to test
+ *
+ * @return {@code true} if the string is a valid token, otherwise
+ * {@code false}
+ */
public static boolean isToken(String s) {
-// token = 1 * tchar (RFC 7230)
if (s == null) {
return false;
}
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 9.0.x updated: Remove the JmxRemoteLifecycleListener
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/9.0.x by this push:
new 510520c Remove the JmxRemoteLifecycleListener
510520c is described below
commit 510520cf49a764e305e709faa12b1b586fc67d71
Author: Mark Thomas
AuthorDate: Tue Jan 11 11:37:33 2022 +
Remove the JmxRemoteLifecycleListener
---
.../mbeans/JmxRemoteLifecycleListener.java | 647 -
.../apache/catalina/mbeans/LocalStrings.properties | 9 -
.../catalina/mbeans/LocalStrings_es.properties | 16 -
.../catalina/mbeans/LocalStrings_fr.properties | 8 -
.../catalina/mbeans/LocalStrings_ja.properties | 8 -
.../catalina/mbeans/LocalStrings_ko.properties | 8 -
.../catalina/mbeans/LocalStrings_zh_CN.properties | 5 -
.../buildutil/translate/BackportEnglish.java | 1 -
res/spotbugs/filter-false-positives.xml| 6 -
webapps/docs/changelog.xml | 3 +
webapps/docs/config/listeners.xml | 163 --
11 files changed, 3 insertions(+), 871 deletions(-)
diff --git a/java/org/apache/catalina/mbeans/JmxRemoteLifecycleListener.java
b/java/org/apache/catalina/mbeans/JmxRemoteLifecycleListener.java
deleted file mode 100644
index f62f8d1..000
--- a/java/org/apache/catalina/mbeans/JmxRemoteLifecycleListener.java
+++ /dev/null
@@ -1,647 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.catalina.mbeans;
-
-import java.io.IOException;
-import java.io.Serializable;
-import java.lang.management.ManagementFactory;
-import java.net.InetAddress;
-import java.net.MalformedURLException;
-import java.net.ServerSocket;
-import java.net.Socket;
-import java.net.UnknownHostException;
-import java.rmi.AccessException;
-import java.rmi.AlreadyBoundException;
-import java.rmi.NotBoundException;
-import java.rmi.Remote;
-import java.rmi.RemoteException;
-import java.rmi.server.RMIClientSocketFactory;
-import java.rmi.server.RMIServerSocketFactory;
-import java.util.HashMap;
-import java.util.Map;
-
-import javax.management.remote.JMXConnectorServer;
-import javax.management.remote.JMXServiceURL;
-import javax.management.remote.rmi.RMIConnectorServer;
-import javax.management.remote.rmi.RMIJRMPServerImpl;
-import javax.net.ssl.SSLContext;
-import javax.net.ssl.SSLServerSocket;
-import javax.net.ssl.SSLServerSocketFactory;
-import javax.net.ssl.SSLSessionContext;
-import javax.rmi.ssl.SslRMIClientSocketFactory;
-import javax.rmi.ssl.SslRMIServerSocketFactory;
-
-import org.apache.catalina.Lifecycle;
-import org.apache.catalina.LifecycleEvent;
-import org.apache.catalina.LifecycleListener;
-import org.apache.juli.logging.Log;
-import org.apache.juli.logging.LogFactory;
-import org.apache.tomcat.util.net.SSLHostConfig;
-import org.apache.tomcat.util.net.SSLHostConfigCertificate;
-import org.apache.tomcat.util.net.jsse.JSSEUtil;
-import org.apache.tomcat.util.res.StringManager;
-
-/**
- * This listener fixes the port used by JMX/RMI Server making things much
- * simpler if you need to connect jconsole or similar to a remote Tomcat
- * instance that is running behind a firewall. Only the ports are configured
via
- * the listener. The remainder of the configuration is via the standard system
- * properties for configuring JMX.
- *
- * @deprecated The features provided by this listener are now available in the
- * remote JMX capability included with the JRE.
- * This listener will be removed in Tomcat 10 and may be removed
- * from Tomcat 9.0.x some time after 2020-12-31.
- */
-@Deprecated
-public class JmxRemoteLifecycleListener extends SSLHostConfig implements
LifecycleListener {
-
-private static final long serialVersionUID = 1L;
-
-private static final Log log =
LogFactory.getLog(JmxRemoteLifecycleListener.class);
-
-protected static final StringManager sm =
-StringManager.getManager(JmxRemoteLifecycleListener.class);
-
-protected String rmiBindAddress = null;
-protected int rmiRegistryPortPlatform = -1;
-protected int rmiServ
[tomcat] branch 8.5.x updated: Remove the JmxRemoteLifecycleListener
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/8.5.x by this push:
new 1b9e8fd Remove the JmxRemoteLifecycleListener
1b9e8fd is described below
commit 1b9e8fd1f43ed08d6b87cad5182713e1830e499e
Author: Mark Thomas
AuthorDate: Tue Jan 11 11:40:18 2022 +
Remove the JmxRemoteLifecycleListener
---
.../mbeans/JmxRemoteLifecycleListener.java | 551 -
.../apache/catalina/mbeans/LocalStrings.properties | 8 -
.../catalina/mbeans/LocalStrings_es.properties | 16 -
.../catalina/mbeans/LocalStrings_fr.properties | 7 -
.../catalina/mbeans/LocalStrings_ja.properties | 7 -
.../catalina/mbeans/LocalStrings_ko.properties | 7 -
.../catalina/mbeans/LocalStrings_zh_CN.properties | 4 -
res/spotbugs/filter-false-positives.xml| 6 -
webapps/docs/changelog.xml | 3 +
webapps/docs/config/listeners.xml | 107
10 files changed, 3 insertions(+), 713 deletions(-)
diff --git a/java/org/apache/catalina/mbeans/JmxRemoteLifecycleListener.java
b/java/org/apache/catalina/mbeans/JmxRemoteLifecycleListener.java
deleted file mode 100644
index bdc3a89..000
--- a/java/org/apache/catalina/mbeans/JmxRemoteLifecycleListener.java
+++ /dev/null
@@ -1,551 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.catalina.mbeans;
-
-import java.io.IOException;
-import java.io.Serializable;
-import java.lang.management.ManagementFactory;
-import java.net.InetAddress;
-import java.net.MalformedURLException;
-import java.net.ServerSocket;
-import java.net.Socket;
-import java.net.UnknownHostException;
-import java.rmi.AccessException;
-import java.rmi.AlreadyBoundException;
-import java.rmi.NotBoundException;
-import java.rmi.Remote;
-import java.rmi.RemoteException;
-import java.rmi.server.RMIClientSocketFactory;
-import java.rmi.server.RMIServerSocketFactory;
-import java.security.NoSuchAlgorithmException;
-import java.util.ArrayList;
-import java.util.HashMap;
-import java.util.List;
-import java.util.Locale;
-
-import javax.management.remote.JMXConnectorServer;
-import javax.management.remote.JMXServiceURL;
-import javax.management.remote.rmi.RMIConnectorServer;
-import javax.management.remote.rmi.RMIJRMPServerImpl;
-import javax.net.ssl.SSLContext;
-import javax.net.ssl.SSLServerSocket;
-import javax.net.ssl.SSLServerSocketFactory;
-import javax.rmi.ssl.SslRMIClientSocketFactory;
-import javax.rmi.ssl.SslRMIServerSocketFactory;
-
-import org.apache.catalina.Lifecycle;
-import org.apache.catalina.LifecycleEvent;
-import org.apache.catalina.LifecycleListener;
-import org.apache.juli.logging.Log;
-import org.apache.juli.logging.LogFactory;
-import org.apache.tomcat.util.res.StringManager;
-
-/**
- * This listener fixes the port used by JMX/RMI Server making things much
- * simpler if you need to connect jconsole or similar to a remote Tomcat
- * instance that is running behind a firewall. Only the ports are configured
via
- * the listener. The remainder of the configuration is via the standard system
- * properties for configuring JMX.
- *
- * @deprecated The features provided by this listener are now available in the
- * remote JMX capability included with the JRE.
- * This listener will be removed in Tomcat 10 and may be removed
- * from Tomcat 8.5.x some time after 2020-12-31.
- */
-@Deprecated
-public class JmxRemoteLifecycleListener implements LifecycleListener {
-
-private static final Log log =
LogFactory.getLog(JmxRemoteLifecycleListener.class);
-
-protected static final StringManager sm =
-StringManager.getManager(JmxRemoteLifecycleListener.class);
-
-protected String rmiBindAddress = null;
-protected int rmiRegistryPortPlatform = -1;
-protected int rmiServerPortPlatform = -1;
-protected boolean rmiRegistrySSL = true;
-protected boolean rmiServerSSL = true;
-protected String ciphers[] = null;
-protected String protocols[] = null;
-protected boolean clientAuth = true;
-
[tomcat] branch main updated: Update copyright dates to 2022
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/main by this push:
new 83bb6fc Update copyright dates to 2022
83bb6fc is described below
commit 83bb6fc94b1e37613785375db6b4831466293bbb
Author: Mark Thomas
AuthorDate: Tue Jan 11 12:16:48 2022 +
Update copyright dates to 2022
---
NOTICE | 2 +-
java/org/apache/catalina/manager/Constants.java | 2 +-
java/org/apache/catalina/manager/HTMLManagerServlet.java | 2 +-
java/org/apache/catalina/manager/host/Constants.java | 2 +-
modules/jdbc-pool/NOTICE | 2 +-
webapps/manager/WEB-INF/jsp/connectorCerts.jsp | 2 +-
webapps/manager/WEB-INF/jsp/connectorCiphers.jsp | 2 +-
webapps/manager/WEB-INF/jsp/connectorTrustedCerts.jsp| 2 +-
webapps/manager/WEB-INF/jsp/sessionDetail.jsp| 2 +-
webapps/manager/WEB-INF/jsp/sessionsList.jsp | 2 +-
10 files changed, 10 insertions(+), 10 deletions(-)
diff --git a/NOTICE b/NOTICE
index 43bc6be..74fd3c4 100644
--- a/NOTICE
+++ b/NOTICE
@@ -1,5 +1,5 @@
Apache Tomcat
-Copyright 1999-2021 The Apache Software Foundation
+Copyright 1999-2022 The Apache Software Foundation
This product includes software developed at
The Apache Software Foundation (https://www.apache.org/).
diff --git a/java/org/apache/catalina/manager/Constants.java
b/java/org/apache/catalina/manager/Constants.java
index 4dfa5c3..a0cfa76 100644
--- a/java/org/apache/catalina/manager/Constants.java
+++ b/java/org/apache/catalina/manager/Constants.java
@@ -129,7 +129,7 @@ public class Constants {
HTML_TAIL_SECTION =
"\n" +
"\n" +
-" Copyright © 1999-2021, Apache Software Foundation"
+
+" Copyright © 1999-2022, Apache Software Foundation"
+
"\n" +
"\n" +
"\n" +
diff --git a/java/org/apache/catalina/manager/HTMLManagerServlet.java
b/java/org/apache/catalina/manager/HTMLManagerServlet.java
index 49f9a23..5e83630 100644
--- a/java/org/apache/catalina/manager/HTMLManagerServlet.java
+++ b/java/org/apache/catalina/manager/HTMLManagerServlet.java
@@ -797,7 +797,7 @@ public final class HTMLManagerServlet extends
ManagerServlet {
*/
@Override
public String getServletInfo() {
-return "HTMLManagerServlet, Copyright (c) 1999-2021, The Apache
Software Foundation";
+return "HTMLManagerServlet, Copyright (c) 1999-2022, The Apache
Software Foundation";
}
/**
diff --git a/java/org/apache/catalina/manager/host/Constants.java
b/java/org/apache/catalina/manager/host/Constants.java
index ddfebb1..e03c564 100644
--- a/java/org/apache/catalina/manager/host/Constants.java
+++ b/java/org/apache/catalina/manager/host/Constants.java
@@ -79,7 +79,7 @@ public class Constants {
public static final String HTML_TAIL_SECTION =
"\n" +
"\n" +
-" Copyright © 1999-2021, Apache Software Foundation" +
+" Copyright © 1999-2022, Apache Software Foundation" +
"\n" +
"\n" +
"\n" +
diff --git a/modules/jdbc-pool/NOTICE b/modules/jdbc-pool/NOTICE
index ad8a327..7545628 100644
--- a/modules/jdbc-pool/NOTICE
+++ b/modules/jdbc-pool/NOTICE
@@ -1,5 +1,5 @@
Apache Tomcat JDBC Pool
-Copyright 2008-2021 The Apache Software Foundation
+Copyright 2008-2022 The Apache Software Foundation
This product includes software developed at
The Apache Software Foundation (http://www.apache.org/).
diff --git a/webapps/manager/WEB-INF/jsp/connectorCerts.jsp
b/webapps/manager/WEB-INF/jsp/connectorCerts.jsp
index 9d86a46..3357016 100644
--- a/webapps/manager/WEB-INF/jsp/connectorCerts.jsp
+++ b/webapps/manager/WEB-INF/jsp/connectorCerts.jsp
@@ -32,7 +32,7 @@
-
+
Configured certificate chains per Connector
diff --git a/webapps/manager/WEB-INF/jsp/connectorCiphers.jsp
b/webapps/manager/WEB-INF/jsp/connectorCiphers.jsp
index 8c0f940..71e4cd9 100644
--- a/webapps/manager/WEB-INF/jsp/connectorCiphers.jsp
+++ b/webapps/manager/WEB-INF/jsp/connectorCiphers.jsp
@@ -32,7 +32,7 @@
-
+
Configured ciphers per Connector
diff --git a/webapps/manager/WEB-INF/jsp/connectorTrustedCerts.jsp
b/webapps/manager/WEB-INF/jsp/connectorTrustedCerts.jsp
index a9ec0e0..e4e5d3f 100644
--- a/webapps/manager/WEB-INF/jsp/connectorTrustedCerts.jsp
+++ b/webapps/manager/WEB-INF/jsp/connectorTrustedCerts.jsp
@@ -32,7 +32,7 @@
-
+
Trusted certificates per Connector
diff --git a/webapps/manager/WEB-INF/jsp/sessionDetail.jsp
b/webapps/manager/WEB-INF/jsp/sessionDetail.jsp
index d4c5fbc..0289efc 100644
--- a/webapps/manager/WEB-INF/jsp/sessionDetail.jsp
+++ b/webapps/manager/WEB-INF/jsp/sessionDetail.jsp
@@ -51,7
[tomcat] branch 10.0.x updated: Update copyright dates to 2022
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 10.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/10.0.x by this push:
new 18a0ca3 Update copyright dates to 2022
18a0ca3 is described below
commit 18a0ca3fde3e118123660bbb4e31103059083fd8
Author: Mark Thomas
AuthorDate: Tue Jan 11 12:24:38 2022 +
Update copyright dates to 2022
---
NOTICE | 2 +-
java/org/apache/catalina/manager/Constants.java | 2 +-
java/org/apache/catalina/manager/HTMLManagerServlet.java | 2 +-
java/org/apache/catalina/manager/host/Constants.java | 2 +-
modules/jdbc-pool/NOTICE | 2 +-
webapps/manager/WEB-INF/jsp/connectorCerts.jsp | 2 +-
webapps/manager/WEB-INF/jsp/connectorCiphers.jsp | 2 +-
webapps/manager/WEB-INF/jsp/connectorTrustedCerts.jsp| 2 +-
webapps/manager/WEB-INF/jsp/sessionDetail.jsp| 2 +-
webapps/manager/WEB-INF/jsp/sessionsList.jsp | 2 +-
10 files changed, 10 insertions(+), 10 deletions(-)
diff --git a/NOTICE b/NOTICE
index 43bc6be..74fd3c4 100644
--- a/NOTICE
+++ b/NOTICE
@@ -1,5 +1,5 @@
Apache Tomcat
-Copyright 1999-2021 The Apache Software Foundation
+Copyright 1999-2022 The Apache Software Foundation
This product includes software developed at
The Apache Software Foundation (https://www.apache.org/).
diff --git a/java/org/apache/catalina/manager/Constants.java
b/java/org/apache/catalina/manager/Constants.java
index 4dfa5c3..a0cfa76 100644
--- a/java/org/apache/catalina/manager/Constants.java
+++ b/java/org/apache/catalina/manager/Constants.java
@@ -129,7 +129,7 @@ public class Constants {
HTML_TAIL_SECTION =
"\n" +
"\n" +
-" Copyright © 1999-2021, Apache Software Foundation"
+
+" Copyright © 1999-2022, Apache Software Foundation"
+
"\n" +
"\n" +
"\n" +
diff --git a/java/org/apache/catalina/manager/HTMLManagerServlet.java
b/java/org/apache/catalina/manager/HTMLManagerServlet.java
index 49f9a23..5e83630 100644
--- a/java/org/apache/catalina/manager/HTMLManagerServlet.java
+++ b/java/org/apache/catalina/manager/HTMLManagerServlet.java
@@ -797,7 +797,7 @@ public final class HTMLManagerServlet extends
ManagerServlet {
*/
@Override
public String getServletInfo() {
-return "HTMLManagerServlet, Copyright (c) 1999-2021, The Apache
Software Foundation";
+return "HTMLManagerServlet, Copyright (c) 1999-2022, The Apache
Software Foundation";
}
/**
diff --git a/java/org/apache/catalina/manager/host/Constants.java
b/java/org/apache/catalina/manager/host/Constants.java
index ddfebb1..e03c564 100644
--- a/java/org/apache/catalina/manager/host/Constants.java
+++ b/java/org/apache/catalina/manager/host/Constants.java
@@ -79,7 +79,7 @@ public class Constants {
public static final String HTML_TAIL_SECTION =
"\n" +
"\n" +
-" Copyright © 1999-2021, Apache Software Foundation" +
+" Copyright © 1999-2022, Apache Software Foundation" +
"\n" +
"\n" +
"\n" +
diff --git a/modules/jdbc-pool/NOTICE b/modules/jdbc-pool/NOTICE
index ad8a327..7545628 100644
--- a/modules/jdbc-pool/NOTICE
+++ b/modules/jdbc-pool/NOTICE
@@ -1,5 +1,5 @@
Apache Tomcat JDBC Pool
-Copyright 2008-2021 The Apache Software Foundation
+Copyright 2008-2022 The Apache Software Foundation
This product includes software developed at
The Apache Software Foundation (http://www.apache.org/).
diff --git a/webapps/manager/WEB-INF/jsp/connectorCerts.jsp
b/webapps/manager/WEB-INF/jsp/connectorCerts.jsp
index 9d86a46..3357016 100644
--- a/webapps/manager/WEB-INF/jsp/connectorCerts.jsp
+++ b/webapps/manager/WEB-INF/jsp/connectorCerts.jsp
@@ -32,7 +32,7 @@
-
+
Configured certificate chains per Connector
diff --git a/webapps/manager/WEB-INF/jsp/connectorCiphers.jsp
b/webapps/manager/WEB-INF/jsp/connectorCiphers.jsp
index 8c0f940..71e4cd9 100644
--- a/webapps/manager/WEB-INF/jsp/connectorCiphers.jsp
+++ b/webapps/manager/WEB-INF/jsp/connectorCiphers.jsp
@@ -32,7 +32,7 @@
-
+
Configured ciphers per Connector
diff --git a/webapps/manager/WEB-INF/jsp/connectorTrustedCerts.jsp
b/webapps/manager/WEB-INF/jsp/connectorTrustedCerts.jsp
index a9ec0e0..e4e5d3f 100644
--- a/webapps/manager/WEB-INF/jsp/connectorTrustedCerts.jsp
+++ b/webapps/manager/WEB-INF/jsp/connectorTrustedCerts.jsp
@@ -32,7 +32,7 @@
-
+
Trusted certificates per Connector
diff --git a/webapps/manager/WEB-INF/jsp/sessionDetail.jsp
b/webapps/manager/WEB-INF/jsp/sessionDetail.jsp
index d4c5fbc..0289efc 100644
--- a/webapps/manager/WEB-INF/jsp/sessionDetail.jsp
+++ b/webapps/manager/WEB-INF/jsp/sessionDetail.jsp
@@ -
[tomcat] branch 9.0.x updated: Update copyright dates to 2022
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/9.0.x by this push:
new 6488f8a Update copyright dates to 2022
6488f8a is described below
commit 6488f8afbeb41bcb8186a5f7a75a991fbc2f8e1c
Author: Mark Thomas
AuthorDate: Tue Jan 11 12:30:59 2022 +
Update copyright dates to 2022
---
NOTICE | 2 +-
java/org/apache/catalina/manager/Constants.java | 2 +-
java/org/apache/catalina/manager/HTMLManagerServlet.java | 2 +-
java/org/apache/catalina/manager/host/Constants.java | 2 +-
modules/jdbc-pool/NOTICE | 2 +-
webapps/manager/WEB-INF/jsp/connectorCerts.jsp | 2 +-
webapps/manager/WEB-INF/jsp/connectorCiphers.jsp | 2 +-
webapps/manager/WEB-INF/jsp/connectorTrustedCerts.jsp| 2 +-
webapps/manager/WEB-INF/jsp/sessionDetail.jsp| 2 +-
webapps/manager/WEB-INF/jsp/sessionsList.jsp | 2 +-
10 files changed, 10 insertions(+), 10 deletions(-)
diff --git a/NOTICE b/NOTICE
index 43bc6be..74fd3c4 100644
--- a/NOTICE
+++ b/NOTICE
@@ -1,5 +1,5 @@
Apache Tomcat
-Copyright 1999-2021 The Apache Software Foundation
+Copyright 1999-2022 The Apache Software Foundation
This product includes software developed at
The Apache Software Foundation (https://www.apache.org/).
diff --git a/java/org/apache/catalina/manager/Constants.java
b/java/org/apache/catalina/manager/Constants.java
index 4dfa5c3..a0cfa76 100644
--- a/java/org/apache/catalina/manager/Constants.java
+++ b/java/org/apache/catalina/manager/Constants.java
@@ -129,7 +129,7 @@ public class Constants {
HTML_TAIL_SECTION =
"\n" +
"\n" +
-" Copyright © 1999-2021, Apache Software Foundation"
+
+" Copyright © 1999-2022, Apache Software Foundation"
+
"\n" +
"\n" +
"\n" +
diff --git a/java/org/apache/catalina/manager/HTMLManagerServlet.java
b/java/org/apache/catalina/manager/HTMLManagerServlet.java
index eb00d70..aa77541 100644
--- a/java/org/apache/catalina/manager/HTMLManagerServlet.java
+++ b/java/org/apache/catalina/manager/HTMLManagerServlet.java
@@ -797,7 +797,7 @@ public final class HTMLManagerServlet extends
ManagerServlet {
*/
@Override
public String getServletInfo() {
-return "HTMLManagerServlet, Copyright (c) 1999-2021, The Apache
Software Foundation";
+return "HTMLManagerServlet, Copyright (c) 1999-2022, The Apache
Software Foundation";
}
/**
diff --git a/java/org/apache/catalina/manager/host/Constants.java
b/java/org/apache/catalina/manager/host/Constants.java
index ddfebb1..e03c564 100644
--- a/java/org/apache/catalina/manager/host/Constants.java
+++ b/java/org/apache/catalina/manager/host/Constants.java
@@ -79,7 +79,7 @@ public class Constants {
public static final String HTML_TAIL_SECTION =
"\n" +
"\n" +
-" Copyright © 1999-2021, Apache Software Foundation" +
+" Copyright © 1999-2022, Apache Software Foundation" +
"\n" +
"\n" +
"\n" +
diff --git a/modules/jdbc-pool/NOTICE b/modules/jdbc-pool/NOTICE
index ad8a327..7545628 100644
--- a/modules/jdbc-pool/NOTICE
+++ b/modules/jdbc-pool/NOTICE
@@ -1,5 +1,5 @@
Apache Tomcat JDBC Pool
-Copyright 2008-2021 The Apache Software Foundation
+Copyright 2008-2022 The Apache Software Foundation
This product includes software developed at
The Apache Software Foundation (http://www.apache.org/).
diff --git a/webapps/manager/WEB-INF/jsp/connectorCerts.jsp
b/webapps/manager/WEB-INF/jsp/connectorCerts.jsp
index 9d86a46..3357016 100644
--- a/webapps/manager/WEB-INF/jsp/connectorCerts.jsp
+++ b/webapps/manager/WEB-INF/jsp/connectorCerts.jsp
@@ -32,7 +32,7 @@
-
+
Configured certificate chains per Connector
diff --git a/webapps/manager/WEB-INF/jsp/connectorCiphers.jsp
b/webapps/manager/WEB-INF/jsp/connectorCiphers.jsp
index 8c0f940..71e4cd9 100644
--- a/webapps/manager/WEB-INF/jsp/connectorCiphers.jsp
+++ b/webapps/manager/WEB-INF/jsp/connectorCiphers.jsp
@@ -32,7 +32,7 @@
-
+
Configured ciphers per Connector
diff --git a/webapps/manager/WEB-INF/jsp/connectorTrustedCerts.jsp
b/webapps/manager/WEB-INF/jsp/connectorTrustedCerts.jsp
index a9ec0e0..e4e5d3f 100644
--- a/webapps/manager/WEB-INF/jsp/connectorTrustedCerts.jsp
+++ b/webapps/manager/WEB-INF/jsp/connectorTrustedCerts.jsp
@@ -32,7 +32,7 @@
-
+
Trusted certificates per Connector
diff --git a/webapps/manager/WEB-INF/jsp/sessionDetail.jsp
b/webapps/manager/WEB-INF/jsp/sessionDetail.jsp
index 9f149e1..142eac8 100644
--- a/webapps/manager/WEB-INF/jsp/sessionDetail.jsp
+++ b/webapps/manager/WEB-INF/jsp/sessionDetail.jsp
@@ -51
[tomcat] branch 8.5.x updated: Update copyright dates to 2022
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/8.5.x by this push:
new 38992ee Update copyright dates to 2022
38992ee is described below
commit 38992ee818abd601948f1a36538b4e643953c693
Author: Mark Thomas
AuthorDate: Tue Jan 11 12:36:08 2022 +
Update copyright dates to 2022
---
NOTICE | 2 +-
java/org/apache/catalina/manager/Constants.java | 2 +-
java/org/apache/catalina/manager/HTMLManagerServlet.java | 2 +-
java/org/apache/catalina/manager/host/Constants.java | 2 +-
modules/jdbc-pool/NOTICE | 2 +-
webapps/manager/WEB-INF/jsp/connectorCerts.jsp | 2 +-
webapps/manager/WEB-INF/jsp/connectorCiphers.jsp | 2 +-
webapps/manager/WEB-INF/jsp/connectorTrustedCerts.jsp| 2 +-
webapps/manager/WEB-INF/jsp/sessionDetail.jsp| 2 +-
webapps/manager/WEB-INF/jsp/sessionsList.jsp | 2 +-
10 files changed, 10 insertions(+), 10 deletions(-)
diff --git a/NOTICE b/NOTICE
index 3b3937a..07ce9eb 100644
--- a/NOTICE
+++ b/NOTICE
@@ -1,5 +1,5 @@
Apache Tomcat
-Copyright 1999-2021 The Apache Software Foundation
+Copyright 1999-2022 The Apache Software Foundation
This product includes software developed at
The Apache Software Foundation (https://www.apache.org/).
diff --git a/java/org/apache/catalina/manager/Constants.java
b/java/org/apache/catalina/manager/Constants.java
index 4dfa5c3..a0cfa76 100644
--- a/java/org/apache/catalina/manager/Constants.java
+++ b/java/org/apache/catalina/manager/Constants.java
@@ -129,7 +129,7 @@ public class Constants {
HTML_TAIL_SECTION =
"\n" +
"\n" +
-" Copyright © 1999-2021, Apache Software Foundation"
+
+" Copyright © 1999-2022, Apache Software Foundation"
+
"\n" +
"\n" +
"\n" +
diff --git a/java/org/apache/catalina/manager/HTMLManagerServlet.java
b/java/org/apache/catalina/manager/HTMLManagerServlet.java
index d6cf018..9df6540 100644
--- a/java/org/apache/catalina/manager/HTMLManagerServlet.java
+++ b/java/org/apache/catalina/manager/HTMLManagerServlet.java
@@ -791,7 +791,7 @@ public final class HTMLManagerServlet extends
ManagerServlet {
*/
@Override
public String getServletInfo() {
-return "HTMLManagerServlet, Copyright (c) 1999-2021, The Apache
Software Foundation";
+return "HTMLManagerServlet, Copyright (c) 1999-2022, The Apache
Software Foundation";
}
/**
diff --git a/java/org/apache/catalina/manager/host/Constants.java
b/java/org/apache/catalina/manager/host/Constants.java
index ddfebb1..e03c564 100644
--- a/java/org/apache/catalina/manager/host/Constants.java
+++ b/java/org/apache/catalina/manager/host/Constants.java
@@ -79,7 +79,7 @@ public class Constants {
public static final String HTML_TAIL_SECTION =
"\n" +
"\n" +
-" Copyright © 1999-2021, Apache Software Foundation" +
+" Copyright © 1999-2022, Apache Software Foundation" +
"\n" +
"\n" +
"\n" +
diff --git a/modules/jdbc-pool/NOTICE b/modules/jdbc-pool/NOTICE
index ad8a327..7545628 100644
--- a/modules/jdbc-pool/NOTICE
+++ b/modules/jdbc-pool/NOTICE
@@ -1,5 +1,5 @@
Apache Tomcat JDBC Pool
-Copyright 2008-2021 The Apache Software Foundation
+Copyright 2008-2022 The Apache Software Foundation
This product includes software developed at
The Apache Software Foundation (http://www.apache.org/).
diff --git a/webapps/manager/WEB-INF/jsp/connectorCerts.jsp
b/webapps/manager/WEB-INF/jsp/connectorCerts.jsp
index 9d86a46..3357016 100644
--- a/webapps/manager/WEB-INF/jsp/connectorCerts.jsp
+++ b/webapps/manager/WEB-INF/jsp/connectorCerts.jsp
@@ -32,7 +32,7 @@
-
+
Configured certificate chains per Connector
diff --git a/webapps/manager/WEB-INF/jsp/connectorCiphers.jsp
b/webapps/manager/WEB-INF/jsp/connectorCiphers.jsp
index 8c0f940..71e4cd9 100644
--- a/webapps/manager/WEB-INF/jsp/connectorCiphers.jsp
+++ b/webapps/manager/WEB-INF/jsp/connectorCiphers.jsp
@@ -32,7 +32,7 @@
-
+
Configured ciphers per Connector
diff --git a/webapps/manager/WEB-INF/jsp/connectorTrustedCerts.jsp
b/webapps/manager/WEB-INF/jsp/connectorTrustedCerts.jsp
index a9ec0e0..e4e5d3f 100644
--- a/webapps/manager/WEB-INF/jsp/connectorTrustedCerts.jsp
+++ b/webapps/manager/WEB-INF/jsp/connectorTrustedCerts.jsp
@@ -32,7 +32,7 @@
-
+
Trusted certificates per Connector
diff --git a/webapps/manager/WEB-INF/jsp/sessionDetail.jsp
b/webapps/manager/WEB-INF/jsp/sessionDetail.jsp
index 9f149e1..142eac8 100644
--- a/webapps/manager/WEB-INF/jsp/sessionDetail.jsp
+++ b/webapps/manager/WEB-INF/jsp/sessionDetail.jsp
@@ -51
[Bug 65778] Don't create URL from string
https://bz.apache.org/bugzilla/show_bug.cgi?id=65778 Mark Thomas changed: What|Removed |Added Status|NEW |RESOLVED Resolution|--- |WONTFIX --- Comment #1 from Mark Thomas --- Not all dependencies are identified by URI. String is the lowest common denominator. Also, claims that an approach is "better" needs evidence to back up that claim. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 65779] Introduce CATALINA_BASE_DATA
https://bz.apache.org/bugzilla/show_bug.cgi?id=65779 --- Comment #1 from Mark Thomas --- Why is this required? The work directory can already be configured per host and per context. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: Sensitive session cookies on error are exposed by the parser
Hi Mark, Am 10.01.22 um 22:50 schrieb Mark Thomas: On 07/01/2022 15:02, Christopher Schultz wrote: Our only official feedback on your publication is that we do not consider it a security vulnerability that warrants a CVE, coordinated disclosure, etc. We would be happy to have you raise this issue on the development mailing list where we can openly discuss options for hardening Tomcat installations. I was looking at options for hardening this and it was fairly simple to limit the log message to just the invalid cookie so I'll be committing a change to that effect shortly. Happy to have further discussions on alternative approaches on the dev@ list of there is interest in that. Mark I reviewed that commit & approach and that is fine for me as mitigation. But there is maybe another approach, during my research I encountered most time one of two cases: timestamp; key1=value1; key2=value2;... OR key1=value1; key2=value2;...;timestamp I didn't take a deeper look, why browsers add the timestamp to the cookie header, so ignoring the timestamp and log it once seems fine for me. But in case of multiple broken cookies, maybe all malformed content of the header should be logged on INFO and not just once? I usually don't like approaches, which distinguish between expected malformed content and unexpected malformed content, but on the other hand, if malformed content appears way too often it might be worth to have that information. Regarding my reported possible CVE, that behavior wouldn't have any impact, since the key-value pair of the cookies was always valid. The most common and probably only issue was a stand-alone timestamp in the cookie header, lead the parser to print the entire header. Joscha -- neuland - Büro für Informatik GmbH Konsul-Smidt-Str. 8g, 28217 Bremen Telefon (0421) 380107 845 Fax (0421) 380107 99 https://www.neuland-bfi.de https://twitter.com/neuland https://facebook.com/neulandbfi https://xing.com/company/neulandbfi Geschäftsführer: Thomas Gebauer, Jan Zander Registergericht: Amtsgericht Bremen, HRB 23395 HB USt-ID. DE 246585501 - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: Sensitive session cookies on error are exposed by the parser
On 11/01/2022 14:50, Joscha Cepok wrote I didn't take a deeper look, why browsers add the timestamp to the cookie header, so ignoring the timestamp and log it once seems fine for me. But in case of multiple broken cookies, maybe all malformed content of the header should be logged on INFO and not just once? I usually don't like approaches, which distinguish between expected malformed content and unexpected malformed content, but on the other hand, if malformed content appears way too often it might be worth to have that information. I don't think there is a one size fits all solution which is why it is configurable with a a reasonable default. The error is logged via the UserDataHelper so system admins can choose from: - all at debug - first per day at info then debug for the rest - all at info - none See https://tomcat.apache.org/tomcat-9.0-doc/config/systemprops.html for full details. Mark - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 65779] Introduce CATALINA_BASE_DATA
https://bz.apache.org/bugzilla/show_bug.cgi?id=65779 --- Comment #2 from Gael Lalire --- In Vestige each application instance got 3 directories (I put default location on a Linux below, but is is OS dependent) : - conf : $HOME/.config/vestige/app/ - data : $HOME/.local/share/vestige/app/ - cache : $HOME/.cache/vestige/app/ To install tomcat, I removed : - bin (a Runnable or Callable Java class is used to launch it, no need to keep a bat or sh script) - RUNNING.txt (not relevant since the launching is from the Vestige console) - lib (the .m2/repository is used) - logs (using system log [mac or systemd service] or put them in cache directory) - temp (using system temporary directory) So in conf dir it remains - conf (correct location) - logs (only non static logs localhost_access_log.txt, I would prefer it to be in CATALINA_BASE_CACHE by default) - pre-resources (a new directory to emulate classpath hack, whose conf is in conf/context.xml) - webapps (correct location for .war, but unzipped war is not a conf it should be in CATALINA_BASE_DATA by default) - work (I would like it to be in data by default, if you introduce CATALINA_BASE_DATA, I will set it in the Java class launcher) I know you can change the directories with some conf but I would like the default location to be modifiable. I hope I'm clear. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 65778] Don't create URL from string
https://bz.apache.org/bugzilla/show_bug.cgi?id=65778
Gael Lalire changed:
What|Removed |Added
Status|RESOLVED|REOPENED
Resolution|WONTFIX |---
--- Comment #2 from Gael Lalire ---
If you convert a URL to a string and then back to URL you will lose a specific
URLHandler.
I'm using a specific URLHandler it allows me to open, read, and verify a jar
against a checksum (sha512) once. The jar data is then kept in memory
channel.map(MapMode.PRIVATE, 0, size), so I'm sure that tomcat parsers are
getting the signed data.
To get it working I put in the URL string something like
m2://groupid/artifactid/version so it will reopen the file from .m2/repository
but the data may not be correct.
If you want to keep other format you can create a class like this :
class URLorString {
URL url;
String string;
getURL() {
url != null ? url : new URL(string)
}
}
--
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
