date:20230111

Re: [VOTE] Release Apache Tomcat 9.0.71

2023-01-11 Thread jean-frederic clere


On 1/9/23 23:53, Rémy Maucherat wrote:

[X] Stable - go ahead and release as 9.0.71


Tested on fedora 37
--
Cheers

Jean-Frederic


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: [VOTE] Release Apache Tomcat 8.5.85

2023-01-11 Thread Mark Thomas


On 11/01/2023 01:47, Christopher Schultz wrote:


The proposed 8.5.85 release is:
[X] Broken - do not release
[ ] Stable - go ahead and release as 8.5.85 (stable)


The signature files required for a reproducible build are missing from 
the tag.


Compare

https://github.com/apache/tomcat/tree/10.1.5/res/install-win

with

https://github.com/apache/tomcat/tree/8.5.85/res/install-win

Mark

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: [VOTE] Release Apache Tomcat 10.1.5

2023-01-11 Thread jean-frederic clere


On 1/9/23 21:25, Mark Thomas wrote:

[X] Stable - go ahead and release as 10.1.5


Tested on fedora 37.
--
Cheers

Jean-Frederic


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Tomcat 11 - minimum Java version

2023-01-11 Thread Mark Thomas


Hi all,

The Jakarta EE platform group has announced that the minimum Java 
version for Jakarta EE 11 will be Java 21. [1]


Given that the Java SecurityManager was deprecated in Java 17 and 
planned for removal I intend to remove all references to the 
SecurityManager from the Tomcat 11 code base. I plan to do this shortly.


We would normally make Java 21 the minimum Java version. Given that Java 
21 is still in EA, I don't plan to do that yet.


We could switch all branches to Java 17 as the the default build JRE now 
as that supports targeting Java 7 onwards. That would allow us to easily 
use some newer Java features in Tomcat 11 whilst still only requiring 
RMs to use a single JDK version. If there are no objections I'll do this 
shortly.


Java 21 supports targeting Java 8 onwards which means we won't be able 
to switch to that when available for all branches unless Tomcat 8.5.x 
has already reached EOL.


The target date for Jakarta EE 11 is Q1 2024. Given that there are no 
Java 21 features we want to use in Tomcat 11 right now I suggest we wait 
until we need to build Tomcat 11 with Java 21 to decide what to do. 
Worst case, we'll need to build most branches with Java 21 and 8.5.x 
with Java 17 until 8.5.x reaches EOL (31 March 2024).


I don't think there are any other immediate implications for Tomcat 11. 
I'll continue to track the changes in the various specifications. The 
summary at the moment is:

- removal of SecurityManager references from all
- servlet
  - minor improvements / new features
  - lots of clarifications of the Async API
  - possible new low level HTTP API but not much movement so far
- EL
  - removing reference to JavaBean spec is largish piece of work
- JSP
  - no plans other than necessary updates triggered by changes in
EL/Servlet
- WebSocket
  - minor improvements / new features
  - clarifications

Mark

[1] https://www.eclipse.org/lists/jakartaee-platform-dev/msg03898.html

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: Tomcat 11 - minimum Java version

2023-01-11 Thread Rémy Maucherat

On Wed, Jan 11, 2023 at 12:23 PM Mark Thomas  wrote:
>
> Hi all,
>
> The Jakarta EE platform group has announced that the minimum Java
> version for Jakarta EE 11 will be Java 21. [1]

Oh wow, big surprise.

> Given that the Java SecurityManager was deprecated in Java 17 and
> planned for removal I intend to remove all references to the
> SecurityManager from the Tomcat 11 code base. I plan to do this shortly.
>
> We would normally make Java 21 the minimum Java version. Given that Java
> 21 is still in EA, I don't plan to do that yet.

+1

> We could switch all branches to Java 17 as the the default build JRE now
> as that supports targeting Java 7 onwards. That would allow us to easily
> use some newer Java features in Tomcat 11 whilst still only requiring
> RMs to use a single JDK version. If there are no objections I'll do this
> shortly.

Ok.

> Java 21 supports targeting Java 8 onwards which means we won't be able
> to switch to that when available for all branches unless Tomcat 8.5.x
> has already reached EOL.
>
> The target date for Jakarta EE 11 is Q1 2024. Given that there are no
> Java 21 features we want to use in Tomcat 11 right now I suggest we wait
> until we need to build Tomcat 11 with Java 21 to decide what to do.
> Worst case, we'll need to build most branches with Java 21 and 8.5.x
> with Java 17 until 8.5.x reaches EOL (31 March 2024).

If Java 21 is the baseline, I would like to propose to drop
tomcat-native from Tomcat 11 and replace it with Panama. This is of
course assuming Panama is non preview in 21, and this also needs to
wait for some time (probably until June).

> I don't think there are any other immediate implications for Tomcat 11.
> I'll continue to track the changes in the various specifications. The
> summary at the moment is:
> - removal of SecurityManager references from all
> - servlet
>- minor improvements / new features
>- lots of clarifications of the Async API
>- possible new low level HTTP API but not much movement so far
> - EL
>- removing reference to JavaBean spec is largish piece of work
> - JSP
>- no plans other than necessary updates triggered by changes in
>  EL/Servlet
> - WebSocket
>- minor improvements / new features
>- clarifications

Rémy

> Mark
>
> [1] https://www.eclipse.org/lists/jakartaee-platform-dev/msg03898.html
>
> -
> To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: dev-h...@tomcat.apache.org
>

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: Tomcat 11 - minimum Java version

2023-01-11 Thread Mark Thomas


On 11/01/2023 11:38, Rémy Maucherat wrote:

On Wed, Jan 11, 2023 at 12:23 PM Mark Thomas  wrote:





The target date for Jakarta EE 11 is Q1 2024. Given that there are no
Java 21 features we want to use in Tomcat 11 right now I suggest we wait
until we need to build Tomcat 11 with Java 21 to decide what to do.
Worst case, we'll need to build most branches with Java 21 and 8.5.x
with Java 17 until 8.5.x reaches EOL (31 March 2024).


If Java 21 is the baseline, I would like to propose to drop
tomcat-native from Tomcat 11 and replace it with Panama. This is of
course assuming Panama is non preview in 21, and this also needs to
wait for some time (probably until June).


Just playing devils advocate for a second, is Java 21 going to be too 
big a leap for the majority of users? Might the Tomcat community be 
better with Java 17 as the minimum version for Tomcat 11?


Personally, I am in favour of Java 21 for Tomcat 11. There is always 
Tomcat 10.1x for those that don't want to / can't move to Java 21. But I 
did at least want to ask the question in case my views are in the minority.


Mark


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: Tomcat 11 - minimum Java version

2023-01-11 Thread Romain Manni-Bucau

Hi,

As an user we are adopting Tomcat 11 (even if still "on the edge") with
Java 17 (in particular for some lib/stacks) and the more reactive servlet
6.1 is very interesting so hope it can be made Java 17 compliant until
technically blocked.

Romain Manni-Bucau
@rmannibucau  |  Blog
 | Old Blog
 | Github  |
LinkedIn  | Book



Le mer. 11 janv. 2023 à 12:44, Mark Thomas  a écrit :

> On 11/01/2023 11:38, Rémy Maucherat wrote:
> > On Wed, Jan 11, 2023 at 12:23 PM Mark Thomas  wrote:
>
> 
>
> >> The target date for Jakarta EE 11 is Q1 2024. Given that there are no
> >> Java 21 features we want to use in Tomcat 11 right now I suggest we wait
> >> until we need to build Tomcat 11 with Java 21 to decide what to do.
> >> Worst case, we'll need to build most branches with Java 21 and 8.5.x
> >> with Java 17 until 8.5.x reaches EOL (31 March 2024).
> >
> > If Java 21 is the baseline, I would like to propose to drop
> > tomcat-native from Tomcat 11 and replace it with Panama. This is of
> > course assuming Panama is non preview in 21, and this also needs to
> > wait for some time (probably until June).
>
> Just playing devils advocate for a second, is Java 21 going to be too
> big a leap for the majority of users? Might the Tomcat community be
> better with Java 17 as the minimum version for Tomcat 11?
>
> Personally, I am in favour of Java 21 for Tomcat 11. There is always
> Tomcat 10.1x for those that don't want to / can't move to Java 21. But I
> did at least want to ask the question in case my views are in the minority.
>
> Mark
>
>
> -
> To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: dev-h...@tomcat.apache.org
>
>

Re: Tomcat 11 - minimum Java version

2023-01-11 Thread Tim Funk

On Wed, Jan 11, 2023 at 6:44 AM Mark Thomas  wrote:

> On 11/01/2023 11:38, Rémy Maucherat wrote:
> > On Wed, Jan 11, 2023 at 12:23 PM Mark Thomas  wrote:
>
> 
>
> Just playing devils advocate for a second, is Java 21 going to be too
> big a leap for the majority of users? Might the Tomcat community be
> better with Java 17 as the minimum version for Tomcat 11?
>
>
>From a sysadmin and app developer perspective  I have a feeling Tomcat
9 will linger for a very long time due to the javax -> jakarta migration.
To jump from 9-->11 requires that migration. So additionally requiring Java
21 doesn't seem like a horrible barrier.

-Tim

Re: Tomcat 11 - minimum Java version

2023-01-11 Thread Mark Thomas


On 11/01/2023 11:49, Romain Manni-Bucau wrote:

Hi,

As an user we are adopting Tomcat 11 (even if still "on the edge") with
Java 17 (in particular for some lib/stacks) and the more reactive servlet
6.1 is very interesting so hope it can be made Java 17 compliant until
technically blocked.


Chatting with the Spring folks at $dayjob, they expressed the view that 
Java 17 was likely to be the baseline for corporate users for a long 
time to come.


At the moment, I see the drivers for Java 21 as:
- use new APIs (applications can do this even if the minimum version
  supported is lower)
- non-preview versions of Panama and Loom (if available)

Are there are other API changes introduced between Java 17 and Java 21 
that we would want to make use of?


JreCompat has a Java 19 instance but that is just controlling whether or 
not to work around a bug.


Given the plan was to switch to Java 17 for building shortly and Java 21 
later we don't need to make a final decision now (although gathering 
views and data now is a good thing). We could switch the minimum version 
for Tomcat 11 to Java 17 now and wait and see for Java 21. We'd have 
from when Java 21 is released to when Tomcat 11 is declared stable to 
decide whether to move the Java 21 as the minimum version.


Mark




Romain Manni-Bucau
@rmannibucau  |  Blog
 | Old Blog
 | Github  |
LinkedIn  | Book



Le mer. 11 janv. 2023 à 12:44, Mark Thomas  a écrit :


On 11/01/2023 11:38, Rémy Maucherat wrote:

On Wed, Jan 11, 2023 at 12:23 PM Mark Thomas  wrote:





The target date for Jakarta EE 11 is Q1 2024. Given that there are no
Java 21 features we want to use in Tomcat 11 right now I suggest we wait
until we need to build Tomcat 11 with Java 21 to decide what to do.
Worst case, we'll need to build most branches with Java 21 and 8.5.x
with Java 17 until 8.5.x reaches EOL (31 March 2024).


If Java 21 is the baseline, I would like to propose to drop
tomcat-native from Tomcat 11 and replace it with Panama. This is of
course assuming Panama is non preview in 21, and this also needs to
wait for some time (probably until June).


Just playing devils advocate for a second, is Java 21 going to be too
big a leap for the majority of users? Might the Tomcat community be
better with Java 17 as the minimum version for Tomcat 11?

Personally, I am in favour of Java 21 for Tomcat 11. There is always
Tomcat 10.1x for those that don't want to / can't move to Java 21. But I
did at least want to ask the question in case my views are in the minority.

Mark


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org






-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: [tomcat] branch main updated: Update testing/validation libraries

2023-01-11 Thread Rainer Jung


Hi Mark,

Am 06.01.23 um 16:25 schrieb ma...@apache.org:

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/main by this push:
  new 1c75ed6ec3 Update testing/validation libraries
1c75ed6ec3 is described below

commit 1c75ed6ec354e0a0b50ababc4616fdb8f922cb17
Author: Mark Thomas 
AuthorDate: Fri Jan 6 15:25:20 2023 +

 Update testing/validation libraries
---
  build.properties.default   | 14 +++---
  webapps/docs/changelog.xml |  9 +
  2 files changed, 16 insertions(+), 7 deletions(-)

diff --git a/build.properties.default b/build.properties.default
index be2c5e4851..d0c86a291a 100644
--- a/build.properties.default
+++ b/build.properties.default

...


@@ -298,7 +298,7 @@ bnd.version=6.3.1
  # checksums for biz.aQute.bnd-6.3.1.jar
  bnd.checksum.enabled=true
  bnd.checksum.algorithm=MD5|SHA-1
-bnd.checksum.value=06bb0a51c208fc2f24c8cd54216b4b6f|c00993c55ccee432dd43f540e6f7c194fe946d20
+bnd.checksum.value=a812b31a81f05767ea11896a81cd8eab|8a359edbb02aad9138b7824a0d7bbe22f02cf990
  
  bnd.home=${base.path}/bnd-${bnd.version}

  bnd.jar=${bnd.home}/biz.aQute.bnd-${bnd.version}.jar


this commit and its backports seems to have broken the build. The 
checksums for BND have been updated from the ones for 6.3.1 to the ones 
for 6.4.0, but the version itself has not changed (bnd is also not 
mentioned in the changelog snippet). So we still use bnd 6.3.1 but test 
the download against the checksums for 6.4.0, which fails - unless you 
already have 6.3.1 in place from earlier builds.


Not sure what was intended, a version update to 6.4.0 or staying at 
6.3.1 including checksums.


Thanks and regards,

Rainer


diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 268b2cb7d7..6a80447ebf 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -209,6 +209,15 @@

  Update to the Eclipse JDT compiler 4.26. (markt)

+  
+Update Checkstyle to 10.6.0. (markt)
+  
+  
+Update Unboundid to 6.0.7. (markt)
+  
+  
+Update SpotBugs to 4.7.3. (markt)
+  
  

  


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: [VOTE] Release Apache Tomcat 11.0.0-M2

2023-01-11 Thread Rainer Jung

This tag and the ones in the other branches can't be cleanly build from 
scratch due to a inconsistency in build.properties.default. See details 
in "Re: [tomcat] branch main updated: Update testing/validation 
libraries". The fix is not complicated though.


Thanks and regards,

Rainer

Am 09.01.23 um 19:20 schrieb Mark Thomas:

The proposed Apache Tomcat 11.0.0-M2 release is now available for
voting.

Apache Tomcat 11.0.0-M2 is a milestone release of the 11.0.x branch and 
has been made to provide users with early access to the new features in 
Apache Tomcat 11.0.x so that they may provide feedback. The notable 
changes compared to the previous milestone include:


- Add ByteBuffer support to ServletInputStream and ServletOutputStream

- Update Cookie parsing and handling to treat the quotes in a quoted
   cookie value as part of the value as required by RFC 6265 and
   explicitly clarified in RFC 6265bis.

- When resetting an HTTP/2 stream because the final response has been
   generated before the request has been fully read, use the HTTP/2 error
   code NO_ERROR so that client does not discard the response. Based on a
   suggestion by Lorenzo Dalla Vecchia.

For full details, see the change log:
https://nightlies.apache.org/tomcat/tomcat-11.0.x/docs/changelog.html

Applications that run on Tomcat 9 and earlier will not run on Tomcat 11 
without changes. Java EE applications designed for Tomcat 9 and earlier 
may be placed in the $CATALINA_BASE/webapps-javaee directory and Tomcat 
will automatically convert them to Jakarta EE and copy them to the 
webapps directory. Applications using deprecated APIs may require 
further changes.


It can be obtained from:
https://dist.apache.org/repos/dist/dev/tomcat/tomcat-11/v11.0.0-M2/
4b03c23ad60e678c1d1a85df815fb6cd8d14ca67

The Maven staging repo is:
https://repository.apache.org/content/repositories/orgapachetomcat-1413

The tag is:
https://github.com/apache/tomcat/tree/11.0.0-M2


The proposed 11.0.0-M2 release is:
[ ] Broken - do not release
[ ] Stable - go ahead and release as 11.0.0-M2


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: [tomcat] branch main updated: Update testing/validation libraries

2023-01-11 Thread Mark Thomas


On 11/01/2023 13:37, Rainer Jung wrote:



this commit and its backports seems to have broken the build. The 
checksums for BND have been updated from the ones for 6.3.1 to the ones 
for 6.4.0, but the version itself has not changed (bnd is also not 
mentioned in the changelog snippet). So we still use bnd 6.3.1 but test 
the download against the checksums for 6.4.0, which fails - unless you 
already have 6.3.1 in place from earlier builds.


Not sure what was intended, a version update to 6.4.0 or staying at 
6.3.1 including checksums.


Thanks for picking this up. I intended up update BND as well. Not sure 
how I ended up with a partial update.


I'll get this fixed now.

Mark




Thanks and regards,

Rainer


diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 268b2cb7d7..6a80447ebf 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -209,6 +209,15 @@
    
  Update to the Eclipse JDT compiler 4.26. (markt)
    
+  
+    Update Checkstyle to 10.6.0. (markt)
+  
+  
+    Update Unboundid to 6.0.7. (markt)
+  
+  
+    Update SpotBugs to 4.7.3. (markt)
+  
  
    
  


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] 01/02: Update now Jakarta EE 11 plans are clearer

2023-01-11 Thread markt

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git

commit dc6d71755c22e5ff0e5c4adaea2ef0806d531915
Author: Mark Thomas 
AuthorDate: Wed Jan 11 12:47:20 2023 +

Update now Jakarta EE 11 plans are clearer
---
 TOMCAT-NEXT.txt | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/TOMCAT-NEXT.txt b/TOMCAT-NEXT.txt
index 007c80995d..2968daa1bf 100644
--- a/TOMCAT-NEXT.txt
+++ b/TOMCAT-NEXT.txt
@@ -26,9 +26,9 @@ Notes of things to consider for the next major Tomcat release 
(11.x)
 
  3. Add QUIC support using OpenSSL and Panama.
 
- 4. Remove SecurityManager (assuming Jakarta EE 11 does so).
+ 4. Remove SecurityManager.
 
- 5. Update minimum Java version to 17 (assuming Jakarta EE 11 does so).
+ 5. Update minimum Java version to 21 (or maybe 17).
 
  6. Implement an optional Loom module that provides
 o.a.c.http11.Http11BioLoomProtocol


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] 02/02: Complete partial update of BND dependency to 6.4.0

2023-01-11 Thread markt

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git

commit 3dc3b15cd520534ba372d3bf029722c522d290eb
Author: Mark Thomas 
AuthorDate: Wed Jan 11 13:46:20 2023 +

Complete partial update of BND dependency to 6.4.0
---
 build.properties.default   | 4 ++--
 webapps/docs/changelog.xml | 7 +++
 2 files changed, 9 insertions(+), 2 deletions(-)

diff --git a/build.properties.default b/build.properties.default
index 28e58a83ab..b2fc1cf57f 100644
--- a/build.properties.default
+++ b/build.properties.default
@@ -275,9 +275,9 @@ 
spotbugs.loc=${base-maven.loc}/com/github/spotbugs/spotbugs/${spotbugs.version}/
 
 # - bnd, version 6.3.0 or later  -
 # - provides OSGI metadata for JARs   -
-bnd.version=6.3.1
+bnd.version=6.4.0
 
-# checksums for biz.aQute.bnd-6.3.1.jar
+# checksums for biz.aQute.bnd-6.4.0.jar
 bnd.checksum.enabled=true
 bnd.checksum.algorithm=MD5|SHA-1
 
bnd.checksum.value=a812b31a81f05767ea11896a81cd8eab|8a359edbb02aad9138b7824a0d7bbe22f02cf990
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 9742afd28a..d9efa22b56 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -105,6 +105,13 @@
   issues do not "pop up" wrt. others).
 -->
 
+  
+
+  
+Update BND to 6.4.0. (markt)
+  
+
+  
 
 
   


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch main updated (2b5eb533c6 -> 3dc3b15cd5)

2023-01-11 Thread markt

This is an automated email from the ASF dual-hosted git repository.

markt pushed a change to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git


from 2b5eb533c6 Remove unnecessary semicolon
 new dc6d71755c Update now Jakarta EE 11 plans are clearer
 new 3dc3b15cd5 Complete partial update of BND dependency to 6.4.0

The 2 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails.  The revisions
listed as "add" were already present in the repository and have only
been added to this reference.


Summary of changes:
 TOMCAT-NEXT.txt| 4 ++--
 build.properties.default   | 4 ++--
 webapps/docs/changelog.xml | 7 +++
 3 files changed, 11 insertions(+), 4 deletions(-)


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch main updated: Update IDE configs for BND update

2023-01-11 Thread markt

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/main by this push:
 new 9e485cd2a0 Update IDE configs for BND update
9e485cd2a0 is described below

commit 9e485cd2a0605351376779d78ec88f1e1f5368fd
Author: Mark Thomas 
AuthorDate: Wed Jan 11 13:47:41 2023 +

Update IDE configs for BND update
---
 res/ide-support/eclipse/eclipse.classpath | 2 +-
 res/ide-support/idea/tomcat.iml   | 2 +-
 res/ide-support/netbeans/project.xml  | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/res/ide-support/eclipse/eclipse.classpath 
b/res/ide-support/eclipse/eclipse.classpath
index 73d3959c3d..a30fee8e29 100644
--- a/res/ide-support/eclipse/eclipse.classpath
+++ b/res/ide-support/eclipse/eclipse.classpath
@@ -27,7 +27,7 @@
 
 
 
-
+
 
 
 
diff --git a/res/ide-support/idea/tomcat.iml b/res/ide-support/idea/tomcat.iml
index dbb1ab35c1..940a9ecf27 100644
--- a/res/ide-support/idea/tomcat.iml
+++ b/res/ide-support/idea/tomcat.iml
@@ -95,7 +95,7 @@
 
   
 
-  
+  
 
 
 
diff --git a/res/ide-support/netbeans/project.xml 
b/res/ide-support/netbeans/project.xml
index 5d593c7cf3..db92ccd862 100644
--- a/res/ide-support/netbeans/project.xml
+++ b/res/ide-support/netbeans/project.xml
@@ -178,7 +178,7 @@
 -->
 
 java
-${base.path}/ecj-4.26/ecj-4.26.jar:${base.path}/bnd-6.3.1/biz.aQute.bnd-6.3.1.jar:${base.path}/migration-1.0.6/jakartaee-migration-1.0.6-shaded.jar:${ant.includes}/
+${base.path}/ecj-4.26/ecj-4.26.jar:${base.path}/bnd-6.4.0/biz.aQute.bnd-6.4.0.jar:${base.path}/migration-1.0.6/jakartaee-migration-1.0.6-shaded.jar:${ant.includes}/
 1.7
 
 


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch 10.1.x updated: Complete partial update of BND dependency to 6.4.0

2023-01-11 Thread markt

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 10.1.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/10.1.x by this push:
 new 683831d907 Complete partial update of BND dependency to 6.4.0
683831d907 is described below

commit 683831d90782b4003147a6da080007ee749ca95b
Author: Mark Thomas 
AuthorDate: Wed Jan 11 13:46:20 2023 +

Complete partial update of BND dependency to 6.4.0
---
 build.properties.default  | 4 ++--
 res/ide-support/eclipse/eclipse.classpath | 2 +-
 res/ide-support/idea/tomcat.iml   | 2 +-
 res/ide-support/netbeans/project.xml  | 2 +-
 webapps/docs/changelog.xml| 7 +++
 5 files changed, 12 insertions(+), 5 deletions(-)

diff --git a/build.properties.default b/build.properties.default
index b7fe9ec3e4..37ec79f403 100644
--- a/build.properties.default
+++ b/build.properties.default
@@ -293,9 +293,9 @@ 
spotbugs.loc=${base-maven.loc}/com/github/spotbugs/spotbugs/${spotbugs.version}/
 
 # - bnd, version 6.3.0 or later  -
 # - provides OSGI metadata for JARs   -
-bnd.version=6.3.1
+bnd.version=6.4.0
 
-# checksums for biz.aQute.bnd-6.3.1.jar
+# checksums for biz.aQute.bnd-6.4.0.jar
 bnd.checksum.enabled=true
 bnd.checksum.algorithm=MD5|SHA-1
 
bnd.checksum.value=a812b31a81f05767ea11896a81cd8eab|8a359edbb02aad9138b7824a0d7bbe22f02cf990
diff --git a/res/ide-support/eclipse/eclipse.classpath 
b/res/ide-support/eclipse/eclipse.classpath
index 3cf7620958..9c3c3f0008 100644
--- a/res/ide-support/eclipse/eclipse.classpath
+++ b/res/ide-support/eclipse/eclipse.classpath
@@ -29,7 +29,7 @@
 
 
 
-
+
 
 
 
diff --git a/res/ide-support/idea/tomcat.iml b/res/ide-support/idea/tomcat.iml
index fc552adafc..1c3b45f85c 100644
--- a/res/ide-support/idea/tomcat.iml
+++ b/res/ide-support/idea/tomcat.iml
@@ -113,7 +113,7 @@
 
   
 
-  
+  
 
 
 
diff --git a/res/ide-support/netbeans/project.xml 
b/res/ide-support/netbeans/project.xml
index 5ea2a822d0..e616540021 100644
--- a/res/ide-support/netbeans/project.xml
+++ b/res/ide-support/netbeans/project.xml
@@ -178,7 +178,7 @@
 -->
 
 java
-${base.path}/jaxrpc-1.1-rc4/geronimo-spec-jaxrpc-1.1-rc4.jar:${base.path}/wsdl4j-1.6.3/wsdl4j-1.6.3.jar:${base.path}/ecj-4.26/ecj-4.26.jar:${base.path}/bnd-6.3.1/biz.aQute.bnd-6.3.1.jar:${base.path}/migration-1.0.6/jakartaee-migration-1.0.6-shaded.jar:${ant.includes}/
+${base.path}/jaxrpc-1.1-rc4/geronimo-spec-jaxrpc-1.1-rc4.jar:${base.path}/wsdl4j-1.6.3/wsdl4j-1.6.3.jar:${base.path}/ecj-4.26/ecj-4.26.jar:${base.path}/bnd-6.4.0/biz.aQute.bnd-6.4.0.jar:${base.path}/migration-1.0.6/jakartaee-migration-1.0.6-shaded.jar:${ant.includes}/
 1.7
 
 
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 505a0fb8bd..6fd543f5aa 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -105,6 +105,13 @@
   issues do not "pop up" wrt. others).
 -->
 
+  
+
+  
+Update BND to 6.4.0. (markt)
+  
+
+  
 
 
   


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: Tomcat 11 - minimum Java version

2023-01-11 Thread Rémy Maucherat

On Wed, Jan 11, 2023 at 12:44 PM Mark Thomas  wrote:
>
> On 11/01/2023 11:38, Rémy Maucherat wrote:
> > On Wed, Jan 11, 2023 at 12:23 PM Mark Thomas  wrote:
>
> 
>
> >> The target date for Jakarta EE 11 is Q1 2024. Given that there are no
> >> Java 21 features we want to use in Tomcat 11 right now I suggest we wait
> >> until we need to build Tomcat 11 with Java 21 to decide what to do.
> >> Worst case, we'll need to build most branches with Java 21 and 8.5.x
> >> with Java 17 until 8.5.x reaches EOL (31 March 2024).
> >
> > If Java 21 is the baseline, I would like to propose to drop
> > tomcat-native from Tomcat 11 and replace it with Panama. This is of
> > course assuming Panama is non preview in 21, and this also needs to
> > wait for some time (probably until June).
>
> Just playing devils advocate for a second, is Java 21 going to be too
> big a leap for the majority of users? Might the Tomcat community be
> better with Java 17 as the minimum version for Tomcat 11?
>
> Personally, I am in favour of Java 21 for Tomcat 11. There is always
> Tomcat 10.1x for those that don't want to / can't move to Java 21. But I
> did at least want to ask the question in case my views are in the minority.

If the upgrade requirement is there for a good reason, then it helps.

OTOH about Panama, branch 10.1 and 9.0 would get support (although
optional, in some way that has yet to be determined), tomcat-native
will be supported there as well anyway, so staying with Java 17 is ok
too. The main difference is that moving to Java 21 faster would likely
shorten the support period for tomcat-native by one release cycle,
which would be nice.

Rémy

>
> Mark
>
>
> -
> To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: dev-h...@tomcat.apache.org
>

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch 9.0.x updated: Complete partial update of BND dependency to 6.4.0

2023-01-11 Thread markt

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/9.0.x by this push:
 new 0e0f8424c3 Complete partial update of BND dependency to 6.4.0
0e0f8424c3 is described below

commit 0e0f8424c31e13f119d1d01ee883e2d6e6e5ca61
Author: Mark Thomas 
AuthorDate: Wed Jan 11 13:46:20 2023 +

Complete partial update of BND dependency to 6.4.0
---
 build.properties.default  | 4 ++--
 res/ide-support/eclipse/eclipse.classpath | 2 +-
 res/ide-support/idea/tomcat.iml   | 2 +-
 res/ide-support/netbeans/project.xml  | 2 +-
 webapps/docs/changelog.xml| 7 +++
 5 files changed, 12 insertions(+), 5 deletions(-)

diff --git a/build.properties.default b/build.properties.default
index 7c9714c521..8fee63c896 100644
--- a/build.properties.default
+++ b/build.properties.default
@@ -298,9 +298,9 @@ 
spotbugs.loc=${base-maven.loc}/com/github/spotbugs/spotbugs/${spotbugs.version}/
 
 # - bnd, version 6.3.0 or later  -
 # - provides OSGI metadata for JARs   -
-bnd.version=6.3.1
+bnd.version=6.4.0
 
-# checksums for biz.aQute.bnd-6.3.1.jar
+# checksums for biz.aQute.bnd-6.4.0.jar
 bnd.checksum.enabled=true
 bnd.checksum.algorithm=MD5|SHA-1
 
bnd.checksum.value=a812b31a81f05767ea11896a81cd8eab|8a359edbb02aad9138b7824a0d7bbe22f02cf990
diff --git a/res/ide-support/eclipse/eclipse.classpath 
b/res/ide-support/eclipse/eclipse.classpath
index 8f20fa8b78..3f28fb2028 100644
--- a/res/ide-support/eclipse/eclipse.classpath
+++ b/res/ide-support/eclipse/eclipse.classpath
@@ -29,7 +29,7 @@
 
 
 
-
+
 
 
 
diff --git a/res/ide-support/idea/tomcat.iml b/res/ide-support/idea/tomcat.iml
index 2bb7991897..1732bf4334 100644
--- a/res/ide-support/idea/tomcat.iml
+++ b/res/ide-support/idea/tomcat.iml
@@ -113,7 +113,7 @@
 
   
 
-  
+  
 
 
 
diff --git a/res/ide-support/netbeans/project.xml 
b/res/ide-support/netbeans/project.xml
index 21cc436305..8f31636305 100644
--- a/res/ide-support/netbeans/project.xml
+++ b/res/ide-support/netbeans/project.xml
@@ -178,7 +178,7 @@
 -->
 
 java
-${base.path}/jaxrpc-1.1-rc4/geronimo-spec-jaxrpc-1.1-rc4.jar:${base.path}/wsdl4j-1.6.3/wsdl4j-1.6.3.jar:${base.path}/ecj-4.20/ecj-4.20.jar:${base.path}/bnd-6.3.1/biz.aQute.bnd-6.3.1.jar:${ant.includes}/
+${base.path}/jaxrpc-1.1-rc4/geronimo-spec-jaxrpc-1.1-rc4.jar:${base.path}/wsdl4j-1.6.3/wsdl4j-1.6.3.jar:${base.path}/ecj-4.20/ecj-4.20.jar:${base.path}/bnd-6.4.0/biz.aQute.bnd-6.4.0.jar:${ant.includes}/
 1.7
 
 
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 0e5469638a..6cd0a45704 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -105,6 +105,13 @@
   issues do not "pop up" wrt. others).
 -->
 
+  
+
+  
+Update BND to 6.4.0. (markt)
+  
+
+  
 
 
   


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: Tomcat 11 - minimum Java version

2023-01-11 Thread Michael Osipov

While I cannot comment on Tomcat 11 requirements and Java 21 is 
unavoidable I'd like to comment on this because I consider it wrong:


We could switch all branches to Java 17 as the the default build JRE now 
as that supports targeting Java 7 onwards. That would allow us to easily 
use some newer Java features in Tomcat 11 whilst still only requiring 
RMs to use a single JDK version. If there are no objections I'll do this 
shortly.


This will basically kill Tomcat 9.x and 10.x for those who:
* Want/need to build from source
* Run tests in their setup
* Provide fixes/patches
where Java 17 is not available for them, e.g. commercial Unix or any 
other circumstance (company policy, etc.). I already dislike the move 
done with Spring Framework 6/Boot 3, this just cuts off a tremendous 
user base.


For as long as 8/11 [1] receive support I wouldn't do this step at all. 
I'd take the baseline the Java EE version requires.


Michael

[1] https://endoflife.date/java

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: Tomcat 11 - minimum Java version

2023-01-11 Thread Mark Thomas


On 11/01/2023 14:13, Michael Osipov wrote:
While I cannot comment on Tomcat 11 requirements and Java 21 is 
unavoidable I'd like to comment on this because I consider it wrong:


We could switch all branches to Java 17 as the the default build JRE 
now as that supports targeting Java 7 onwards. That would allow us to 
easily use some newer Java features in Tomcat 11 whilst still only 
requiring RMs to use a single JDK version. If there are no objections 
I'll do this shortly.


This will basically kill Tomcat 9.x and 10.x for those who:
* Want/need to build from source
* Run tests in their setup
* Provide fixes/patches
where Java 17 is not available for them, e.g. commercial Unix or any 
other circumstance (company policy, etc.). I already dislike the move 
done with Spring Framework 6/Boot 3, this just cuts off a tremendous 
user base.


For as long as 8/11 [1] receive support I wouldn't do this step at all. 
I'd take the baseline the Java EE version requires.


Nothing in the proposed change stops you building with an earlier 
version of Java. This is simply a change to the *default* build JRE.


To confirm, I just updated this locally to 17 for 9.0.x and then happily 
completed both "ant clean deploy" and "ant release" using Java 11.


Mark

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: [VOTE] Release Apache Tomcat 8.5.85

2023-01-11 Thread Christopher Schultz


Mark,

On 1/11/23 04:22, Mark Thomas wrote:

On 11/01/2023 01:47, Christopher Schultz wrote:


The proposed 8.5.85 release is:
[X] Broken - do not release
[ ] Stable - go ahead and release as 8.5.85 (stable)


The signature files required for a reproducible build are missing from 
the tag.


Compare

https://github.com/apache/tomcat/tree/10.1.5/res/install-win

with

https://github.com/apache/tomcat/tree/8.5.85/res/install-win


:(

Let me see how that happened.

-chris

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: [VOTE] Release Apache Tomcat 8.5.85

2023-01-11 Thread Christopher Schultz


Mark,

On 1/11/23 10:39, Christopher Schultz wrote:

Mark,

On 1/11/23 04:22, Mark Thomas wrote:

On 11/01/2023 01:47, Christopher Schultz wrote:


The proposed 8.5.85 release is:
[X] Broken - do not release
[ ] Stable - go ahead and release as 8.5.85 (stable)


The signature files required for a reproducible build are missing from 
the tag.


Compare

https://github.com/apache/tomcat/tree/10.1.5/res/install-win

with

https://github.com/apache/tomcat/tree/8.5.85/res/install-win


:(

Let me see how that happened.


Oh, right. I was thinking I was missing build.properties.release, but 
I'm missing the detached signatures.


That's because I followed the "release process" page and forgot that you 
basically have to do a complete release, push those signatures to the 
tag, and then re-build the release from the tag. Do I have that right?


Should I cancel the vote and re-start, or let the process continue?

-chris

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: Tomcat 11 - minimum Java version

2023-01-11 Thread Christopher Schultz

Mark,

On 1/11/23 06:23, Mark Thomas wrote:
The Jakarta EE platform group has announced that the minimum Java 
version for Jakarta EE 11 will be Java 21. [1]

Given that the Java SecurityManager was deprecated in Java 17 and 
planned for removal I intend to remove all references to the 
SecurityManager from the Tomcat 11 code base. I plan to do this shortly.

+0

This will complicate back-ports, but I suppose we must do it sometime.

We would normally make Java 21 the minimum Java version. Given that Java 
21 is still in EA, I don't plan to do that yet.

We could switch all branches to Java 17 as the the default build JRE now 
as that supports targeting Java 7 onwards. That would allow us to easily 
use some newer Java features in Tomcat 11 whilst still only requiring 
RMs to use a single JDK version. If there are no objections I'll do this 
shortly.

Sure.

Java 21 supports targeting Java 8 onwards which means we won't be able 
to switch to that when available for all branches unless Tomcat 8.5.x 
has already reached EOL.

The target date for Jakarta EE 11 is Q1 2024. Given that there are no 
Java 21 features we want to use in Tomcat 11 right now I suggest we wait 
until we need to build Tomcat 11 with Java 21 to decide what to do. 
Worst case, we'll need to build most branches with Java 21 and 8.5.x 
with Java 17 until 8.5.x reaches EOL (31 March 2024).

On 1/11/23 08:00, Mark Thomas wrote:
> At the moment, I see the drivers for Java 21 as:
> - use new APIs (applications can do this even if the minimum version
>supported is lower)
> - non-preview versions of Panama and Loom (if available)

I agree with Tim: If Jakarta EE 11 "requires" Java 21 (even if there are 
no binary reasons why that is the case), then I think it's appropriate 
to use that for builds and an API baseline. If we got a complaint from a 
user that their application running on Tomcat 11 was failing due to some 
weirdness in the application that was obviously caused by running it on 
Java 11 or whatever, we'd first tell them that they must be using Java 
21, per spec. There is no reason to support Tomcat 11 in a pre-Java-21 
environment, so let's go ahead and use Java 21 for the whole process.

-chris

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: Tomcat 11 - minimum Java version

2023-01-11 Thread Romain Manni-Bucau

Side question from an user standpoint: does it mean tomcat 11 must not be
used today too since it will abruptally switch its baseline (potentially
against the app baseline)? Isnt it against the 11 releases idea? Thinking
out loud and understanding jakarta decision is likely "weird"/inconsistent
but not toncat responsability but think the point is valid for tomcat
community which was happy to get early accesses AFAIK (at least i was in
that camp).

Le mer. 11 janv. 2023 à 17:01, Christopher Schultz <
ch...@christopherschultz.net> a écrit :

> Mark,
>
> On 1/11/23 06:23, Mark Thomas wrote:
> > The Jakarta EE platform group has announced that the minimum Java
> > version for Jakarta EE 11 will be Java 21. [1]
> >
> > Given that the Java SecurityManager was deprecated in Java 17 and
> > planned for removal I intend to remove all references to the
> > SecurityManager from the Tomcat 11 code base. I plan to do this shortly.
>
> +0
>
> This will complicate back-ports, but I suppose we must do it sometime.
>
> > We would normally make Java 21 the minimum Java version. Given that Java
> > 21 is still in EA, I don't plan to do that yet.
> >
> > We could switch all branches to Java 17 as the the default build JRE now
> > as that supports targeting Java 7 onwards. That would allow us to easily
> > use some newer Java features in Tomcat 11 whilst still only requiring
> > RMs to use a single JDK version. If there are no objections I'll do this
> > shortly.
>
> Sure.
>
> > Java 21 supports targeting Java 8 onwards which means we won't be able
> > to switch to that when available for all branches unless Tomcat 8.5.x
> > has already reached EOL.
> >
> > The target date for Jakarta EE 11 is Q1 2024. Given that there are no
> > Java 21 features we want to use in Tomcat 11 right now I suggest we wait
> > until we need to build Tomcat 11 with Java 21 to decide what to do.
> > Worst case, we'll need to build most branches with Java 21 and 8.5.x
> > with Java 17 until 8.5.x reaches EOL (31 March 2024).
>
> On 1/11/23 08:00, Mark Thomas wrote:
>  > At the moment, I see the drivers for Java 21 as:
>  > - use new APIs (applications can do this even if the minimum version
>  >supported is lower)
>  > - non-preview versions of Panama and Loom (if available)
>
> I agree with Tim: If Jakarta EE 11 "requires" Java 21 (even if there are
> no binary reasons why that is the case), then I think it's appropriate
> to use that for builds and an API baseline. If we got a complaint from a
> user that their application running on Tomcat 11 was failing due to some
> weirdness in the application that was obviously caused by running it on
> Java 11 or whatever, we'd first tell them that they must be using Java
> 21, per spec. There is no reason to support Tomcat 11 in a pre-Java-21
> environment, so let's go ahead and use Java 21 for the whole process.
>
> -chris
>
> -
> To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: dev-h...@tomcat.apache.org
>
>

Re: [VOTE] Release Apache Tomcat 8.5.85

2023-01-11 Thread Rémy Maucherat

On Wed, Jan 11, 2023 at 4:49 PM Christopher Schultz
 wrote:
>
> Mark,
>
> On 1/11/23 10:39, Christopher Schultz wrote:
> > Mark,
> >
> > On 1/11/23 04:22, Mark Thomas wrote:
> >> On 11/01/2023 01:47, Christopher Schultz wrote:
> >>
> >>> The proposed 8.5.85 release is:
> >>> [X] Broken - do not release
> >>> [ ] Stable - go ahead and release as 8.5.85 (stable)
> >>
> >> The signature files required for a reproducible build are missing from
> >> the tag.
> >>
> >> Compare
> >>
> >> https://github.com/apache/tomcat/tree/10.1.5/res/install-win
> >>
> >> with
> >>
> >> https://github.com/apache/tomcat/tree/8.5.85/res/install-win
> >
> > :(
> >
> > Let me see how that happened.
>
> Oh, right. I was thinking I was missing build.properties.release, but
> I'm missing the detached signatures.
>
> That's because I followed the "release process" page and forgot that you
> basically have to do a complete release, push those signatures to the
> tag, and then re-build the release from the tag. Do I have that right?

Yes, but you don't have to rebuild the release from the tag since it
is supposed to be identical thanks to all of Mark's efforts.

Rémy

> Should I cancel the vote and re-start, or let the process continue?
>
> -chris
>
> -
> To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: dev-h...@tomcat.apache.org
>

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: Tomcat 11 - minimum Java version

2023-01-11 Thread Mark Thomas

On 11/01/2023 16:09, Romain Manni-Bucau wrote:

Side question from an user standpoint: does it mean tomcat 11 must not be
used today too since it will abruptally switch its baseline (potentially
against the app baseline)? Isnt it against the 11 releases idea? Thinking
out loud and understanding jakarta decision is likely "weird"/inconsistent
but not toncat responsability but think the point is valid for tomcat
community which was happy to get early accesses AFAIK (at least i was in
that camp).

Tomcat 11 releases are clearly marked as Milestone releases of Alpha 
quality. Changes to the API - including minimum Java versions should be 
expected.

Mark

Le mer. 11 janv. 2023 à 17:01, Christopher Schultz <
ch...@christopherschultz.net> a écrit :

Mark,

On 1/11/23 06:23, Mark Thomas wrote:

The Jakarta EE platform group has announced that the minimum Java
version for Jakarta EE 11 will be Java 21. [1]

Given that the Java SecurityManager was deprecated in Java 17 and
planned for removal I intend to remove all references to the
SecurityManager from the Tomcat 11 code base. I plan to do this shortly.

+0

This will complicate back-ports, but I suppose we must do it sometime.

We would normally make Java 21 the minimum Java version. Given that Java
21 is still in EA, I don't plan to do that yet.

We could switch all branches to Java 17 as the the default build JRE now
as that supports targeting Java 7 onwards. That would allow us to easily
use some newer Java features in Tomcat 11 whilst still only requiring
RMs to use a single JDK version. If there are no objections I'll do this
shortly.

Sure.

Java 21 supports targeting Java 8 onwards which means we won't be able
to switch to that when available for all branches unless Tomcat 8.5.x
has already reached EOL.

The target date for Jakarta EE 11 is Q1 2024. Given that there are no
Java 21 features we want to use in Tomcat 11 right now I suggest we wait
until we need to build Tomcat 11 with Java 21 to decide what to do.
Worst case, we'll need to build most branches with Java 21 and 8.5.x
with Java 17 until 8.5.x reaches EOL (31 March 2024).

On 1/11/23 08:00, Mark Thomas wrote:
  > At the moment, I see the drivers for Java 21 as:
  > - use new APIs (applications can do this even if the minimum version
  >supported is lower)
  > - non-preview versions of Panama and Loom (if available)

I agree with Tim: If Jakarta EE 11 "requires" Java 21 (even if there are
no binary reasons why that is the case), then I think it's appropriate
to use that for builds and an API baseline. If we got a complaint from a
user that their application running on Tomcat 11 was failing due to some
weirdness in the application that was obviously caused by running it on
Java 11 or whatever, we'd first tell them that they must be using Java
21, per spec. There is no reason to support Tomcat 11 in a pre-Java-21
environment, so let's go ahead and use Java 21 for the whole process.

-chris

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

svn commit: r1906609 - in /tomcat/site/trunk: docs/ xdocs/

2023-01-11 Thread markt

Author: markt
Date: Wed Jan 11 18:17:42 2023
New Revision: 1906609

URL: http://svn.apache.org/viewvc?rev=1906609&view=rev
Log:
Add missing word

Modified:
tomcat/site/trunk/docs/migration-10.1.html
tomcat/site/trunk/docs/migration-10.html
tomcat/site/trunk/docs/migration-11.0.html
tomcat/site/trunk/docs/migration-6.html
tomcat/site/trunk/docs/migration-7.html
tomcat/site/trunk/docs/migration-8.html
tomcat/site/trunk/docs/migration-85.html
tomcat/site/trunk/docs/migration-9.html
tomcat/site/trunk/xdocs/migration-10.1.xml
tomcat/site/trunk/xdocs/migration-10.xml
tomcat/site/trunk/xdocs/migration-11.0.xml
tomcat/site/trunk/xdocs/migration-6.xml
tomcat/site/trunk/xdocs/migration-7.xml
tomcat/site/trunk/xdocs/migration-8.xml
tomcat/site/trunk/xdocs/migration-85.xml
tomcat/site/trunk/xdocs/migration-9.xml

Modified: tomcat/site/trunk/docs/migration-10.1.html
URL: 
http://svn.apache.org/viewvc/tomcat/site/trunk/docs/migration-10.1.html?rev=1906609&r1=1906608&r2=1906609&view=diff
==
--- tomcat/site/trunk/docs/migration-10.1.html (original)
+++ tomcat/site/trunk/docs/migration-10.1.html Wed Jan 11 18:17:42 2023
@@ -3,9 +3,9 @@
 GeneralMigrating from 10.0.x to 
10.1.xJava 11 requiredSpecification APIsServlet 6.0 APIServer Pages 3.1Expression Language 5.0WebSocket 2.1Authentication TBDInternal APIsUpgrading 10.1.xTomcat 10.1.x noteable 
changesTomcat 10.1.x 
configuration file differences
 General
 
-Please read general Migration Guide page first,
-for common considerations that apply to migration or upgrade between versions
-of Apache Tomcat.
+Please read the general Migration Guide page
+first, for common considerations that apply to migration or upgrade between
+versions of Apache Tomcat.
 
 Migrating from 10.0.x to 
10.1.x
 

Modified: tomcat/site/trunk/docs/migration-10.html
URL: 
http://svn.apache.org/viewvc/tomcat/site/trunk/docs/migration-10.html?rev=1906609&r1=1906608&r2=1906609&view=diff
==
--- tomcat/site/trunk/docs/migration-10.html (original)
+++ tomcat/site/trunk/docs/migration-10.html Wed Jan 11 18:17:42 2023
@@ -3,9 +3,9 @@
 GeneralMigrating from 9.0.x to 
10.0.xJava 8 requiredSpecification APIsServlet 5.0 APIServer Pages 3.0Expression Language 4.0WebSocket 2.0Authentication 4.0Internal APIsweb.xml defaultsSession managementHTTP/2LoggingAccess Log PatternsUpgrading 10.0.xTomcat 10.0.x noteable changes
 Tomcat 10.0.x 
configuration file differences
 General
 
-Please read general Migration Guide page first,
-for common considerations that apply to migration or upgrade between versions
-of Apache Tomcat.
+Please read the general Migration Guide page
+first, for common considerations that apply to migration or upgrade between
+versions of Apache Tomcat.
 
 Migrating from 9.0.x to 
10.0.x
 

Modified: tomcat/site/trunk/docs/migration-11.0.html
URL: 
http://svn.apache.org/viewvc/tomcat/site/trunk/docs/migration-11.0.html?rev=1906609&r1=1906608&r2=1906609&view=diff
==
--- tomcat/site/trunk/docs/migration-11.0.html (original)
+++ tomcat/site/trunk/docs/migration-11.0.html Wed Jan 11 18:17:42 2023
@@ -3,9 +3,9 @@
 GeneralMigrating from 10.1.x to 
11.0.xSpecification 
APIsServlet 6.1 APIServer Pages 4.0Expression Language 6.0WebSocket TBDAuthentication TBDInternal APIsUpgrading 11.0.xTomcat 11.0.x noteable 
changesTomcat 11.0.x 
configuration file differences
 General
 
-Please read general Migration Guide page first,
-for common considerations that apply to migration or upgrade between versions
-of Apache Tomcat.
+Please read the general Migration Guide page
+first, for common considerations that apply to migration or upgrade between
+versions of Apache Tomcat.
 
 Migrating from 10.1.x to 
11.0.x
 

Modified: tomcat/site/trunk/docs/migration-6.html
URL: 
http://svn.apache.org/viewvc/tomcat/site/trunk/docs/migration-6.html?rev=1906609&r1=1906608&r2=1906609&view=diff
==
--- tomcat/site/trunk/docs/migration-6.html (original)
+++ tomcat/site/trunk/docs/migration-6.html Wed Jan 11 18:17:42 2023
@@ -3,9 +3,9 @@
 GeneralMigrating from 5.5.x to 
6.0.xJava 5 requiredModified directory structureShared librariesEndorsed librariesDefault web 
applicationsModified 
classloadingInternal Logging API package 
renamingcommons-logging.jarSSLEnabled attribute on 
ConnectorConnector thread 
poolsClustering 
configuration changesUpgrading 6.0.xTomcat 6.0.x 
configuration file differences
 General
 
-Please read general Migration Guide page first,
-for common considerations that apply to migration or upgrade between versions
-of Apache Tomcat.
+Please read the general Migration Guide page
+first, for common considerations that apply to migration or upgrade between
+ver

svn commit: r1906610 - in /tomcat/site/trunk: docs/migration-11.0.html xdocs/migration-11.0.xml

2023-01-11 Thread markt

Author: markt
Date: Wed Jan 11 18:22:39 2023
New Revision: 1906610

URL: http://svn.apache.org/viewvc?rev=1906610&view=rev
Log:
Add a migration note regardin the (not yet implemented) removal of the security 
manager

Modified:
tomcat/site/trunk/docs/migration-11.0.html
tomcat/site/trunk/xdocs/migration-11.0.xml

Modified: tomcat/site/trunk/docs/migration-11.0.html
URL: 
http://svn.apache.org/viewvc/tomcat/site/trunk/docs/migration-11.0.html?rev=1906610&r1=1906609&r2=1906610&view=diff
==
--- tomcat/site/trunk/docs/migration-11.0.html (original)
+++ tomcat/site/trunk/docs/migration-11.0.html Wed Jan 11 18:22:39 2023
@@ -1,6 +1,6 @@
 
 Apache Tomcat® - Migration Guide - Tomcat 
11.0.xhttp://tomcat.apache.org/";>Apache 
Tomcat®https://www.apache.org/foundation/contributing.html"; target="_blank" 
class="pull-left">https://www.apache.org/images/SupportApache-small.png"; class="support-asf" 
alt="Support Apache">http://www.apache.org/"; target="_blank" class="pull-left">https://www.google.com/search"; method="get">GOApache 
TomcatHomeTaglibsMaven 
PluginDownloadWhich version?https://tomcat.apache.org/download-11.cgi";>Tomcat 11 
(alpha)https://tomcat.apache.org/download-10.cgi";>Tomcat 
10https://tomcat.apache.or
 g/download-90.cgi">Tomcat 9https://tomcat.apache.org/download-80.cgi";>Tomcat 8https://tomcat.apache.org/download-migration.cgi";>Tomcat Migration Tool 
for Jakarta EEhttps://tomcat.apache.org/download-connectors.cgi";>Tomcat 
Connectorshttps://tomcat.apache.org/download-native.cgi";>Tomcat 
Nativehttps://tomcat.apache.org/download-taglibs.cgi";>Taglibshttps://archive.apache.org/dist/tomcat/";>ArchivesDocumentationTomcat 11.0 (alpha)Tomcat 10.1Tomcat 10.0Tomcat 9.0Tomcat 8.5Tomcat ConnectorsTomcat Native
  2Tomcat Native 1.2https://cwiki.apache.org/confluence/display/TOMCAT";>WikiMigration GuidePresentationshttps://cwiki.apache.org/confluence/x/Bi8lBg";>SpecificationsProblems?Security ReportsFind helphttps://cwiki.apache.org/confluence/display/TOMCAT/FAQ";>FAQMailing ListsBug 
DatabaseIRCGet 
InvolvedOverviewSource codeBuildbothttps://cwiki.apache.org/confluence/x/vIPzBQ";>TranslationsTools
 Mediahttps://twitter.com/theapachetomcat";>Twitterhttps://www.youtube.com/c/ApacheTomcatOfficial";>YouTubehttps://blogs.apache.org/tomcat/";>BlogMiscWho We Arehttps://www.redbubble.com/people/comdev/works/30885254-apache-tomcat";>SwagHeritagehttp://www.apache.org";>Apache HomeResourcesContactLegalhttps://privacy.apache.org/policies/privacy-policy-public.html";>Privacyhttps://www.apache.org/foundation/contributing.html";>Support 
Apachehttps://www.apache.org/foundation/sponsorship.html";>Sponsorshiphttp://www.apache.org/foundation/thanks.html";>Thankshttp://www.apache.org/licenses/";>LicenseContentTable of Contents
-GeneralMigrating from 10.1.x to 
11.0.xSpecification 
APIsServlet 6.1 APIServer Pages 4.0Expression Language 6.0WebSocket TBDAuthentication TBDInternal APIsUpgrading 11.0.xTomcat 11.0.x noteable 
changesTomcat 11.0.x 
configuration file differences
+GeneralMigrating from 10.1.x to 
11.0.xJava 17 requiredSpecification APIsServlet 6.1 APIServer Pages 4.0Expression Language 6.0WebSocket TBDAuthentication TBDInternal APIsUpgrading 11.0.xTomcat 11.0.x noteable 
changesTomcat 11.0.x 
configuration file differences
 General
 
 Please read the general Migration Guide page
@@ -12,6 +12,19 @@ versions of Apache Tomcat.
   This section lists all the known changes between 10.1.x and 11.0.x
   which may cause backwards compatibility problems when upgrading.
 
+  Java 17 required
+
+Apache Tomcat 11.0.x requires Java 17 or later. Apache Tomcat 10.1.x
+required Java 11. (Note this may increase to Java 21 before the first 
stable
+release of Tomcat 11.0.x.)
+
+The SecurityManager has been deprecated in Java 17 onwards
+and support for running under a SecurityManager was removed in
+the Jakarta EE 11 specification projects. Therefore, support for 
configuring
+a SecurityManager has been removed in Tomcat 11.0.x.
+
+  
+
   Specification 
APIs
 
 Apache Tomcat 11.0 supports the Jakarta Servlet 6.1,
@@ -24,7 +37,8 @@ versions of Apache Tomcat.
   
   Servlet 6.1 API
 
-No changes.
+Support for running under a SecurityManager has been
+removed.
 
   
 
@@ -40,6 +54,9 @@ versions of Apache Tomcat.
 All methods and classes marked as deprecated in the 5.0 API have been
 removed.
 
+Support for running under a SecurityManager has been
+removed.
+
   
 
   WebSocket TBD

Modified: tomcat/site/trunk/xdocs/migration-11.0.xml
URL: 
http://svn.apache.org/viewvc/tomcat/site/trunk/xdocs/migration-11.0.xml?rev=1906610&r1=1906609&r2=1906610&view=diff
==
--- tomcat/site/trunk/xdocs/migration-11.0.xml (original)
+++ tomcat/site/trunk/xdocs/migration-11.0.xml Wed Jan 11 18:22:39 2023
@@ -25,6 +25,19 @@ versions of Apache T

svn commit: r1906611 - in /tomcat/site/trunk: docs/migration-11.0.html xdocs/migration-11.0.xml

2023-01-11 Thread markt

Author: markt
Date: Wed Jan 11 18:41:11 2023
New Revision: 1906611

URL: http://svn.apache.org/viewvc?rev=1906611&view=rev
Log:
Update which APIs actually required changes

Modified:
tomcat/site/trunk/docs/migration-11.0.html
tomcat/site/trunk/xdocs/migration-11.0.xml

Modified: tomcat/site/trunk/docs/migration-11.0.html
URL: 
http://svn.apache.org/viewvc/tomcat/site/trunk/docs/migration-11.0.html?rev=1906611&r1=1906610&r2=1906611&view=diff
==
--- tomcat/site/trunk/docs/migration-11.0.html (original)
+++ tomcat/site/trunk/docs/migration-11.0.html Wed Jan 11 18:41:11 2023
@@ -37,9 +37,8 @@ versions of Apache Tomcat.
   
   Servlet 6.1 API
 
-Support for running under a SecurityManager has been
-removed.
-
+No changes.
+
   
 
   Server Pages 4.0
@@ -61,13 +60,15 @@ versions of Apache Tomcat.
 
   WebSocket TBD
 
-No changes.
-
+Support for running under a SecurityManager has been
+removed.
+
   
 
   Authentication 
TBD
   
-No changes.
+Support for running under a SecurityManager has been
+removed.
 
   
 

Modified: tomcat/site/trunk/xdocs/migration-11.0.xml
URL: 
http://svn.apache.org/viewvc/tomcat/site/trunk/xdocs/migration-11.0.xml?rev=1906611&r1=1906610&r2=1906611&view=diff
==
--- tomcat/site/trunk/xdocs/migration-11.0.xml (original)
+++ tomcat/site/trunk/xdocs/migration-11.0.xml Wed Jan 11 18:41:11 2023
@@ -50,9 +50,8 @@ versions of Apache Tomcat.
   
   
 
-Support for running under a SecurityManager has been
-removed.
-
+No changes.
+
   
 
   
@@ -74,13 +73,15 @@ versions of Apache Tomcat.
 
   
 
-No changes.
-
+Support for running under a SecurityManager has been
+removed.
+
   
 
   
   
-No changes.
+Support for running under a SecurityManager has been
+removed.
 
   
 



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] 02/03: Remove references to the SecurityManager from the WebSocket API

2023-01-11 Thread markt

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git

commit 563ad066a555637dda838e61029408ec1b7ccb39
Author: Mark Thomas 
AuthorDate: Wed Jan 11 18:32:58 2023 +

Remove references to the SecurityManager from the WebSocket API
---
 .../jakarta/websocket/server/ServerEndpointConfig.java | 18 +-
 1 file changed, 1 insertion(+), 17 deletions(-)

diff --git a/java/jakarta/websocket/server/ServerEndpointConfig.java 
b/java/jakarta/websocket/server/ServerEndpointConfig.java
index 036c833621..8de6603669 100644
--- a/java/jakarta/websocket/server/ServerEndpointConfig.java
+++ b/java/jakarta/websocket/server/ServerEndpointConfig.java
@@ -16,8 +16,6 @@
  */
 package jakarta.websocket.server;
 
-import java.security.AccessController;
-import java.security.PrivilegedAction;
 import java.util.Collections;
 import java.util.Iterator;
 import java.util.List;
@@ -163,12 +161,7 @@ public interface ServerEndpointConfig extends 
EndpointConfig {
 if (defaultImpl == null) {
 synchronized (defaultImplLock) {
 if (defaultImpl == null) {
-if (System.getSecurityManager() == null) {
-defaultImpl = loadDefault();
-} else {
-defaultImpl =
-AccessController.doPrivileged(new 
PrivilegedLoadDefault());
-}
+defaultImpl = loadDefault();
 }
 }
 }
@@ -204,15 +197,6 @@ public interface ServerEndpointConfig extends 
EndpointConfig {
 }
 
 
-private static class PrivilegedLoadDefault implements 
PrivilegedAction {
-
-@Override
-public Configurator run() {
-return Configurator.loadDefault();
-}
-}
-
-
 /**
  * Return the platform default configurator.
  *


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] 03/03: Remove SecurityManager support from the Authentication API

2023-01-11 Thread markt

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git

commit a5386cbe7e13a722b3bd4a32ed625aaaea7545c4
Author: Mark Thomas 
AuthorDate: Wed Jan 11 18:39:56 2023 +

Remove SecurityManager support from the Authentication API

Note some deprecated fields remain and will be removed when removed from
the specification project.
---
 .../auth/message/config/AuthConfigFactory.java | 50 +-
 1 file changed, 11 insertions(+), 39 deletions(-)

diff --git a/java/jakarta/security/auth/message/config/AuthConfigFactory.java 
b/java/jakarta/security/auth/message/config/AuthConfigFactory.java
index 68282d6c65..011db630bd 100644
--- a/java/jakarta/security/auth/message/config/AuthConfigFactory.java
+++ b/java/jakarta/security/auth/message/config/AuthConfigFactory.java
@@ -16,11 +16,6 @@
  */
 package jakarta.security.auth.message.config;
 
-import java.security.AccessController;
-import java.security.Permission;
-import java.security.PrivilegedAction;
-import java.security.PrivilegedActionException;
-import java.security.PrivilegedExceptionAction;
 import java.security.Security;
 import java.security.SecurityPermission;
 import java.util.Map;
@@ -64,7 +59,6 @@ public abstract class AuthConfigFactory {
 }
 
 public static AuthConfigFactory getFactory() {
-checkPermission(getFactorySecurityPermission);
 if (factory != null) {
 return factory;
 }
@@ -73,27 +67,18 @@ public abstract class AuthConfigFactory {
 if (factory == null) {
 final String className = getFactoryClassName();
 try {
-factory = AccessController.doPrivileged(
-(PrivilegedExceptionAction) () 
-> {
-// Load this class with the same class loader 
as used for
-// this class. Note that the Thread context 
class loader
-// should not be used since that would trigger 
a memory leak
-// in container environments.
-if 
(className.equals("org.apache.catalina.authenticator.jaspic.AuthConfigFactoryImpl"))
 {
-return new 
org.apache.catalina.authenticator.jaspic.AuthConfigFactoryImpl();
-} else {
-Class clazz = Class.forName(className);
-return (AuthConfigFactory) 
clazz.getConstructor().newInstance();
-}
-});
-} catch (PrivilegedActionException e) {
-Exception inner = e.getException();
-if (inner instanceof InstantiationException) {
-throw new SecurityException("AuthConfigFactory error:" 
+
-inner.getCause().getMessage(), 
inner.getCause());
+// Load this class with the same class loader as used for
+// this class. Note that the Thread context class loader
+// should not be used since that would trigger a memory 
leak
+// in container environments.
+if 
(className.equals("org.apache.catalina.authenticator.jaspic.AuthConfigFactoryImpl"))
 {
+factory =  new 
org.apache.catalina.authenticator.jaspic.AuthConfigFactoryImpl();
 } else {
-throw new SecurityException("AuthConfigFactory error: 
" + inner, inner);
+Class clazz = Class.forName(className);
+factory = (AuthConfigFactory) 
clazz.getConstructor().newInstance();
 }
+} catch (ReflectiveOperationException e) {
+throw new RuntimeException("AuthConfigFactory error:" + 
e.getCause().getMessage(), e.getCause());
 }
 }
 }
@@ -102,7 +87,6 @@ public abstract class AuthConfigFactory {
 }
 
 public static synchronized void setFactory(AuthConfigFactory factory) {
-checkPermission(setFactorySecurityPermission);
 AuthConfigFactory.factory = factory;
 }
 
@@ -153,20 +137,8 @@ public abstract class AuthConfigFactory {
  */
 public abstract void removeServerAuthModule(Object context);
 
-/**
- * @deprecated Following JEP 411
- */
-@Deprecated(forRemoval = true)
-private static void checkPermission(Permission permission) {
-SecurityManager securityManager = System.getSecurityManager();
-if (securityManager != null) {
-securityManager.checkPermission(permission);
-}
-}
-
 private static String getFactoryClassName() {
-String className = AccessController.doPrivileged(
-

[tomcat] 01/03: Remove SecurityManagaer support from the EL API

2023-01-11 Thread markt

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git

commit eab97408969d44a7b38192fe0af461955cde
Author: Mark Thomas 
AuthorDate: Wed Jan 11 18:29:04 2023 +

Remove SecurityManagaer support from the EL API
---
 java/jakarta/el/BeanELResolver.java| 11 +
 java/jakarta/el/ELProcessor.java   |  2 +-
 java/jakarta/el/ExpressionFactory.java | 37 ++--
 java/jakarta/el/ImportHandler.java |  2 +-
 java/jakarta/el/Util.java  | 45 +-
 5 files changed, 11 insertions(+), 86 deletions(-)

diff --git a/java/jakarta/el/BeanELResolver.java 
b/java/jakarta/el/BeanELResolver.java
index c470b92734..9b99ef50db 100644
--- a/java/jakarta/el/BeanELResolver.java
+++ b/java/jakarta/el/BeanELResolver.java
@@ -22,8 +22,6 @@ import java.beans.Introspector;
 import java.beans.PropertyDescriptor;
 import java.lang.reflect.InvocationTargetException;
 import java.lang.reflect.Method;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
 import java.util.HashMap;
 import java.util.Map;
 import java.util.Objects;
@@ -39,14 +37,7 @@ public class BeanELResolver extends ELResolver {
 private static final String CACHE_SIZE_PROP = 
"org.apache.el.BeanELResolver.CACHE_SIZE";
 
 static {
-String cacheSizeStr;
-if (System.getSecurityManager() == null) {
-cacheSizeStr = System.getProperty(CACHE_SIZE_PROP, "1000");
-} else {
-cacheSizeStr = AccessController.doPrivileged(
-(PrivilegedAction) () -> 
System.getProperty(CACHE_SIZE_PROP, "1000"));
-}
-CACHE_SIZE = Integer.parseInt(cacheSizeStr);
+CACHE_SIZE = Integer.parseInt(System.getProperty(CACHE_SIZE_PROP, 
"1000"));
 }
 
 private final boolean readOnly;
diff --git a/java/jakarta/el/ELProcessor.java b/java/jakarta/el/ELProcessor.java
index 736ca9ce09..df2fc0120c 100644
--- a/java/jakarta/el/ELProcessor.java
+++ b/java/jakarta/el/ELProcessor.java
@@ -96,7 +96,7 @@ public class ELProcessor {
 Class clazz = context.getImportHandler().resolveClass(className);
 
 if (clazz == null) {
-clazz = Class.forName(className, true, 
Util.getContextClassLoader());
+clazz = Class.forName(className, true, 
Thread.currentThread().getContextClassLoader());
 }
 
 if (!Modifier.isPublic(clazz.getModifiers())) {
diff --git a/java/jakarta/el/ExpressionFactory.java 
b/java/jakarta/el/ExpressionFactory.java
index aeacc00b8c..2eca6205df 100644
--- a/java/jakarta/el/ExpressionFactory.java
+++ b/java/jakarta/el/ExpressionFactory.java
@@ -25,8 +25,6 @@ import java.lang.ref.WeakReference;
 import java.lang.reflect.Constructor;
 import java.lang.reflect.InvocationTargetException;
 import java.lang.reflect.Method;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
 import java.util.Iterator;
 import java.util.Map;
 import java.util.Properties;
@@ -42,27 +40,14 @@ import java.util.concurrent.locks.ReentrantReadWriteLock;
  */
 public abstract class ExpressionFactory {
 
-private static final boolean IS_SECURITY_ENABLED = 
(System.getSecurityManager() != null);
-
 private static final String PROPERTY_NAME = "jakarta.el.ExpressionFactory";
 
-private static final String PROPERTY_FILE;
+private static final String PROPERTY_FILE =
+System.getProperty("java.home") + File.separator + "lib" + 
File.separator + "el.properties";
 
 private static final CacheValue nullTcclFactory = new CacheValue();
 private static final Map factoryCache = new 
ConcurrentHashMap<>();
 
-static {
-if (IS_SECURITY_ENABLED) {
-PROPERTY_FILE = AccessController.doPrivileged(
-(PrivilegedAction) () -> 
System.getProperty("java.home") + File.separator +
-"lib" + File.separator + "el.properties"
-);
-} else {
-PROPERTY_FILE = System.getProperty("java.home") + File.separator + 
"lib" +
-File.separator + "el.properties";
-}
-}
-
 /**
  * Create a new {@link ExpressionFactory}. The class to use is determined 
by
  * the following search order:
@@ -89,7 +74,7 @@ public abstract class ExpressionFactory {
 public static ExpressionFactory newInstance(Properties properties) {
 ExpressionFactory result = null;
 
-ClassLoader tccl = Util.getContextClassLoader();
+ClassLoader tccl = Thread.currentThread().getContextClassLoader();
 
 CacheValue cacheValue;
 Class clazz;
@@ -323,20 +308,12 @@ public abstract class ExpressionFactory {
 // First services API
 className = getClassNameServices(tccl);
 if (className == null) {
-if (IS_SECURITY_ENABLED) {
-className = 
AccessControlle

[tomcat] branch main updated (9e485cd2a0 -> a5386cbe7e)

2023-01-11 Thread markt

This is an automated email from the ASF dual-hosted git repository.

markt pushed a change to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git


from 9e485cd2a0 Update IDE configs for BND update
 new eab9740896 Remove SecurityManagaer support from the EL API
 new 563ad066a5 Remove references to the SecurityManager from the WebSocket 
API
 new a5386cbe7e Remove SecurityManager support from the Authentication API

The 3 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails.  The revisions
listed as "add" were already present in the repository and have only
been added to this reference.


Summary of changes:
 java/jakarta/el/BeanELResolver.java| 11 +
 java/jakarta/el/ELProcessor.java   |  2 +-
 java/jakarta/el/ExpressionFactory.java | 37 +++-
 java/jakarta/el/ImportHandler.java |  2 +-
 java/jakarta/el/Util.java  | 45 +--
 .../auth/message/config/AuthConfigFactory.java | 50 +-
 .../websocket/server/ServerEndpointConfig.java | 18 +---
 7 files changed, 23 insertions(+), 142 deletions(-)


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch main updated: Remove the SecurityManager specific tests

2023-01-11 Thread markt

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/main by this push:
 new 6ab5e4540a Remove the SecurityManager specific tests
6ab5e4540a is described below

commit 6ab5e4540ab5ca2fbb783ab3ae47f53db96f651c
Author: Mark Thomas 
AuthorDate: Wed Jan 11 18:44:09 2023 +

Remove the SecurityManager specific tests
---
 build.xml  |  13 --
 ...estApplicationContextFacadeSecurityManager.java | 148 -
 .../util/security/SecurityManagerBaseTest.java |  50 ---
 3 files changed, 211 deletions(-)

diff --git a/build.xml b/build.xml
index 8f3aa69513..dc3c6ce1a8 100644
--- a/build.xml
+++ b/build.xml
@@ -2036,21 +2036,8 @@
   
   
   
-  
-  
 
   
-  
-  
-
-  
 
   
 
diff --git 
a/test/org/apache/catalina/core/TestApplicationContextFacadeSecurityManager.java
 
b/test/org/apache/catalina/core/TestApplicationContextFacadeSecurityManager.java
deleted file mode 100644
index fc5a5d53f1..00
--- 
a/test/org/apache/catalina/core/TestApplicationContextFacadeSecurityManager.java
+++ /dev/null
@@ -1,148 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements.  See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License.  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.catalina.core;
-
-import java.lang.reflect.Array;
-import java.lang.reflect.InvocationTargetException;
-import java.lang.reflect.Method;
-import java.lang.reflect.Modifier;
-import java.util.Arrays;
-import java.util.Collection;
-import java.util.stream.Collectors;
-
-import org.junit.Assert;
-import org.junit.Test;
-import org.junit.runner.RunWith;
-import org.junit.runners.Parameterized;
-import org.junit.runners.Parameterized.Parameter;
-
-import org.apache.catalina.security.SecurityUtil;
-import org.apache.tomcat.util.security.SecurityManagerBaseTest;
-import org.easymock.EasyMock;
-import org.easymock.IExpectationSetters;
-import org.easymock.internal.LastControl;
-
-@RunWith(Parameterized.class)
-public final class TestApplicationContextFacadeSecurityManager extends 
SecurityManagerBaseTest {
-
-/**
- * @return {@link Collection} of non-static, non-object, public {@link
- * Method}s in {@link ApplicationContextFacade} to be run with the the Java
- * 2 {@link SecurityManager} been enabled.
- */
-@Parameterized.Parameters(name = "{index}: method={0}")
-public static Collection publicApplicationContextFacadeMethods() {
-return Arrays.stream(ApplicationContextFacade.class.getMethods())
-.filter(method -> !Modifier.isStatic(method.getModifiers()))
-.filter(method -> {
-try {
-Object.class.getMethod(method.getName(), 
method.getParameterTypes());
-return false;
-} catch (final NoSuchMethodException e) {
-return true;
-}
-})
-.collect(Collectors.toList());
-}
-
-
-private static Object[] getDefaultParams(final Method method) {
-final int paramsCount = method.getParameterCount();
-final Object[] params = new Object[paramsCount];
-final Class[] paramTypes = method.getParameterTypes();
-for (int i = 0; i < params.length; i++) {
-params[i] = getDefaultValue(paramTypes[i]);
-}
-return params;
-}
-
-
-@SuppressWarnings("unchecked")
-private static  T getDefaultValue(final Class clazz) {
-return !isVoid(clazz) ? (T) Array.get(Array.newInstance(clazz, 1), 0) 
: null;
-}
-
-
-private static  boolean isVoid(Class clazz) {
-return void.class.equals(clazz) || Void.class.equals(clazz);
-}
-
-
-@Parameter(0)
-public Method methodToTest;
-
-
-/**
- * Test for
- * https://bz.apache.org/bugzilla/show_bug.cgi?id=64735";>Bug
- * 64735 which confirms that {@link ApplicationContextFacade} behaves
- * correctly when the Java 2 {@link SecurityManager} has been enabled.
- *
-

[tomcat] branch main updated: Remove support for starting Tomcat under a SecurityManager.

2023-01-11 Thread markt

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/main by this push:
 new a0e53eb383 Remove support for starting Tomcat under a SecurityManager.
a0e53eb383 is described below

commit a0e53eb383632d7fd468dc6ef1b8e11bd34ee3d0
Author: Mark Thomas 
AuthorDate: Wed Jan 11 19:08:47 2023 +

Remove support for starting Tomcat under a SecurityManager.
---
 bin/catalina.bat|  25 ---
 bin/catalina.sh |  93 +++
 conf/catalina.policy| 263 
 webapps/docs/changelog.xml  |   3 +
 webapps/docs/class-loader-howto.xml |   9 --
 webapps/docs/index.xml  |   4 -
 webapps/docs/project.xml|  56 ---
 webapps/docs/security-manager-howto.xml | 256 ---
 8 files changed, 50 insertions(+), 659 deletions(-)

diff --git a/bin/catalina.bat b/bin/catalina.bat
index 824773b460..ce73b88044 100755
--- a/bin/catalina.bat
+++ b/bin/catalina.bat
@@ -204,7 +204,6 @@ set "JSSE_OPTS=-Djdk.tls.ephemeralDHKeySize=2048"
 set "JAVA_OPTS=%JAVA_OPTS% %JSSE_OPTS%"
 
 rem Register custom URL handlers
-rem Do this here so custom URL handles (specifically 'war:...') can be used in 
the security policy
 set "JAVA_OPTS=%JAVA_OPTS% 
-Djava.protocol.handler.pkgs=org.apache.catalina.webresources"
 
 if not "%CATALINA_LOGGING_CONFIG%" == "" goto noJuliConfig
@@ -241,7 +240,6 @@ echo Using CATALINA_OPTS:   "%CATALINA_OPTS%"
 set _EXECJAVA=%_RUNJAVA%
 set MAINCLASS=org.apache.catalina.startup.Bootstrap
 set ACTION=start
-set SECURITY_POLICY_FILE=
 set DEBUG_OPTS=
 set JPDA=
 
@@ -272,12 +270,9 @@ if ""%1"" == ""version"" goto doVersion
 echo Usage:  catalina ( commands ... )
 echo commands:
 echo   debug Start Catalina in a debugger
-echo   debug -security   Debug Catalina with a security manager
 echo   jpda startStart Catalina under JPDA debugger
 echo   run   Start Catalina in the current window
-echo   run -security Start in the current window with security manager
 echo   start Start Catalina in a separate window
-echo   start -security   Start in a separate window with security manager
 echo   stop  Stop Catalina
 echo   configtestRun a basic syntax check on server.xml
 echo   version   What version of tomcat are you running?
@@ -287,28 +282,16 @@ goto end
 shift
 set _EXECJAVA=%_RUNJDB%
 set DEBUG_OPTS=-sourcepath "%CATALINA_HOME%\..\..\java"
-if not ""%1"" == ""-security"" goto execCmd
-shift
-echo Using Security Manager
-set "SECURITY_POLICY_FILE=%CATALINA_BASE%\conf\catalina.policy"
 goto execCmd
 
 :doRun
 shift
-if not ""%1"" == ""-security"" goto execCmd
-shift
-echo Using Security Manager
-set "SECURITY_POLICY_FILE=%CATALINA_BASE%\conf\catalina.policy"
 goto execCmd
 
 :doStart
 shift
 if "%TITLE%" == "" set TITLE=Tomcat
 set _EXECJAVA=start "%TITLE%" %_RUNJAVA%
-if not ""%1"" == ""-security"" goto execCmd
-shift
-echo Using Security Manager
-set "SECURITY_POLICY_FILE=%CATALINA_BASE%\conf\catalina.policy"
 goto execCmd
 
 :doStop
@@ -340,18 +323,10 @@ goto setArgs
 
 rem Execute Java with the applicable properties
 if not "%JPDA%" == "" goto doJpda
-if not "%SECURITY_POLICY_FILE%" == "" goto doSecurity
 %_EXECJAVA% %CATALINA_LOGGING_CONFIG% %LOGGING_MANAGER% %JAVA_OPTS% 
%CATALINA_OPTS% %DEBUG_OPTS% -classpath "%CLASSPATH%" 
-Dcatalina.base="%CATALINA_BASE%" -Dcatalina.home="%CATALINA_HOME%" 
-Djava.io.tmpdir="%CATALINA_TMPDIR%" %MAINCLASS% %CMD_LINE_ARGS% %ACTION%
 goto end
-:doSecurity
-%_EXECJAVA% %CATALINA_LOGGING_CONFIG% %LOGGING_MANAGER% %JAVA_OPTS% 
%CATALINA_OPTS% %DEBUG_OPTS% -classpath "%CLASSPATH%" -Djava.security.manager 
-Djava.security.policy=="%SECURITY_POLICY_FILE%" 
-Dcatalina.base="%CATALINA_BASE%" -Dcatalina.home="%CATALINA_HOME%" 
-Djava.io.tmpdir="%CATALINA_TMPDIR%" %MAINCLASS% %CMD_LINE_ARGS% %ACTION%
-goto end
 :doJpda
-if not "%SECURITY_POLICY_FILE%" == "" goto doSecurityJpda
 %_EXECJAVA% %CATALINA_LOGGING_CONFIG% %LOGGING_MANAGER% %JAVA_OPTS% 
%JPDA_OPTS% %CATALINA_OPTS% %DEBUG_OPTS% -classpath "%CLASSPATH%" 
-Dcatalina.base="%CATALINA_BASE%" -Dcatalina.home="%CATALINA_HOME%" 
-Djava.io.tmpdir="%CATALINA_TMPDIR%" %MAINCLASS% %CMD_LINE_ARGS% %ACTION%
 goto end
-:doSecurityJpda
-%_EXECJAVA% %CATALINA_LOGGING_CONFIG% %LOGGING_MANAGER% %JAVA_OPTS% 
%JPDA_OPTS% %CATALINA_OPTS% %DEBUG_OPTS% -classpath "%CLASSPATH%" 
-Djava.security.manager -Djava.security.policy=="%SECURITY_POLICY_FILE%" 
-Dcatalina.base="%CATALINA_BASE%" -Dcatalina.home="%CATALINA_HOME%" 
-Djava.io.tmpdir="%CATALINA_TMPDIR%" %MAINCLASS% %CMD_LINE_ARGS% %ACTION%
-goto end
 
 :end
diff --git a/bin/catalina.sh b/bin/catalina.sh
index a15accbdb5..d987738b27 100755
--- a/bin/catalina.sh
+++ b/bin/catalina.sh
@@ -252,7 +252,6 @@ fi
 JAV

[tomcat] branch main updated: Clean-up some unused references to SecurityManager and related APIs

2023-01-11 Thread markt

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/main by this push:
 new 887324ecd5 Clean-up some unused references to SecurityManager and 
related APIs
887324ecd5 is described below

commit 887324ecd556749814969409bc8dea54ea9e549a
Author: Mark Thomas 
AuthorDate: Wed Jan 11 19:29:03 2023 +

Clean-up some unused references to SecurityManager and related APIs
---
 .../catalina/connector/CoyoteInputStream.java  | 177 +
 .../org/apache/catalina/connector/InputBuffer.java |  41 +--
 .../apache/catalina/connector/OutputBuffer.java|  40 +--
 java/org/apache/catalina/connector/Request.java|  20 --
 .../apache/catalina/connector/RequestFacade.java   | 279 +
 java/org/apache/catalina/connector/Response.java   |  93 +--
 .../apache/catalina/connector/ResponseFacade.java  | 104 +---
 7 files changed, 28 insertions(+), 726 deletions(-)

diff --git a/java/org/apache/catalina/connector/CoyoteInputStream.java 
b/java/org/apache/catalina/connector/CoyoteInputStream.java
index 01cc429903..952261e481 100644
--- a/java/org/apache/catalina/connector/CoyoteInputStream.java
+++ b/java/org/apache/catalina/connector/CoyoteInputStream.java
@@ -18,15 +18,11 @@ package org.apache.catalina.connector;
 
 import java.io.IOException;
 import java.nio.ByteBuffer;
-import java.security.AccessController;
-import java.security.PrivilegedActionException;
-import java.security.PrivilegedExceptionAction;
 import java.util.Objects;
 
 import jakarta.servlet.ReadListener;
 import jakarta.servlet.ServletInputStream;
 
-import org.apache.catalina.security.SecurityUtil;
 import org.apache.tomcat.util.res.StringManager;
 
 /**
@@ -67,43 +63,12 @@ public class CoyoteInputStream extends ServletInputStream {
 @Override
 public int read() throws IOException {
 checkNonBlockingRead();
-
-if (SecurityUtil.isPackageProtectionEnabled()) {
-
-try {
-Integer result = AccessController.doPrivileged(new 
PrivilegedRead(ib));
-return result.intValue();
-} catch (PrivilegedActionException pae) {
-Exception e = pae.getException();
-if (e instanceof IOException) {
-throw (IOException) e;
-} else {
-throw new RuntimeException(e.getMessage(), e);
-}
-}
-} else {
-return ib.readByte();
-}
+return ib.readByte();
 }
 
 @Override
 public int available() throws IOException {
-
-if (SecurityUtil.isPackageProtectionEnabled()) {
-try {
-Integer result = AccessController.doPrivileged(new 
PrivilegedAvailable(ib));
-return result.intValue();
-} catch (PrivilegedActionException pae) {
-Exception e = pae.getException();
-if (e instanceof IOException) {
-throw (IOException) e;
-} else {
-throw new RuntimeException(e.getMessage(), e);
-}
-}
-} else {
-return ib.available();
-}
+return ib.available();
 }
 
 @Override
@@ -115,23 +80,7 @@ public class CoyoteInputStream extends ServletInputStream {
 @Override
 public int read(final byte[] b, final int off, final int len) throws 
IOException {
 checkNonBlockingRead();
-
-if (SecurityUtil.isPackageProtectionEnabled()) {
-try {
-Integer result = AccessController.doPrivileged(
-new PrivilegedReadArray(ib, b, off, len));
-return result.intValue();
-} catch (PrivilegedActionException pae) {
-Exception e = pae.getException();
-if (e instanceof IOException) {
-throw (IOException) e;
-} else {
-throw new RuntimeException(e.getMessage(), e);
-}
-}
-} else {
-return ib.read(b, off, len);
-}
+return ib.read(b, off, len);
 }
 
 
@@ -139,22 +88,7 @@ public class CoyoteInputStream extends ServletInputStream {
 public int read(final ByteBuffer b) throws IOException {
 Objects.requireNonNull(b);
 checkNonBlockingRead();
-
-if (SecurityUtil.isPackageProtectionEnabled()) {
-try {
-Integer result = AccessController.doPrivileged(new 
PrivilegedReadBuffer(ib, b));
-return result.intValue();
-} catch (PrivilegedActionException pae) {
-Exception e = pae.getException();
-if (e instanceof IOException) {
-throw (IOException) e;
-} else {
-throw new Ru

[tomcat] 02/02: Add missing checks for null facade

2023-01-11 Thread markt

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git

commit e1e87ada9207348fc0dbf447d2bdaf903790f328
Author: Mark Thomas 
AuthorDate: Wed Jan 11 19:37:15 2023 +

Add missing checks for null facade
---
 .../apache/catalina/connector/RequestFacade.java   | 36 --
 1 file changed, 26 insertions(+), 10 deletions(-)

diff --git a/java/org/apache/catalina/connector/RequestFacade.java 
b/java/org/apache/catalina/connector/RequestFacade.java
index fa778f6aac..4b8540dc1d 100644
--- a/java/org/apache/catalina/connector/RequestFacade.java
+++ b/java/org/apache/catalina/connector/RequestFacade.java
@@ -475,79 +475,87 @@ public class RequestFacade implements HttpServletRequest {
 
 @Override
 public AsyncContext startAsync() throws IllegalStateException {
+checkFacade();
 return request.startAsync();
 }
 
 
 @Override
-public AsyncContext startAsync(ServletRequest request, ServletResponse 
response)
-throws IllegalStateException {
+public AsyncContext startAsync(ServletRequest request, ServletResponse 
response) throws IllegalStateException {
+checkFacade();
 return this.request.startAsync(request, response);
 }
 
 
 @Override
 public boolean isAsyncStarted() {
+checkFacade();
 return request.isAsyncStarted();
 }
 
 
 @Override
 public boolean isAsyncSupported() {
+checkFacade();
 return request.isAsyncSupported();
 }
 
 
 @Override
 public AsyncContext getAsyncContext() {
+checkFacade();
 return request.getAsyncContext();
 }
 
 
 @Override
 public DispatcherType getDispatcherType() {
+checkFacade();
 return request.getDispatcherType();
 }
 
 
 @Override
-public boolean authenticate(HttpServletResponse response)
-throws IOException, ServletException {
+public boolean authenticate(HttpServletResponse response) throws 
IOException, ServletException {
+checkFacade();
 return request.authenticate(response);
 }
 
 @Override
-public void login(String username, String password)
-throws ServletException {
+public void login(String username, String password) throws 
ServletException {
+checkFacade();
 request.login(username, password);
 }
 
 @Override
 public void logout() throws ServletException {
+checkFacade();
 request.logout();
 }
 
 @Override
-public Collection getParts() throws IllegalStateException,
-IOException, ServletException {
+public Collection getParts() throws IllegalStateException, 
IOException, ServletException {
+checkFacade();
 return request.getParts();
 }
 
 
 @Override
-public Part getPart(String name) throws IllegalStateException, IOException,
-ServletException {
+public Part getPart(String name) throws IllegalStateException, 
IOException, ServletException {
+checkFacade();
 return request.getPart(name);
 }
 
 
 public boolean getAllowTrace() {
+checkFacade();
 return request.getConnector().getAllowTrace();
 }
 
 
 @Override
 public long getContentLengthLong() {
+checkFacade();
 return request.getContentLengthLong();
 }
 
@@ -555,47 +563,55 @@ public class RequestFacade implements HttpServletRequest {
 @Override
 public  T upgrade(
 Class httpUpgradeHandlerClass) throws java.io.IOException, 
ServletException {
+checkFacade();
 return request.upgrade(httpUpgradeHandlerClass);
 }
 
 
 @Override
 public PushBuilder newPushBuilder() {
+checkFacade();
 return request.newPushBuilder();
 }
 
 
 public PushBuilder newPushBuilder(HttpServletRequest request) {
+checkFacade();
 return this.request.newPushBuilder(request);
 }
 
 
 @Override
 public boolean isTrailerFieldsReady() {
+checkFacade();
 return request.isTrailerFieldsReady();
 }
 
 
 @Override
 public Map getTrailerFields() {
+checkFacade();
 return request.getTrailerFields();
 }
 
 
 @Override
 public String getRequestId() {
+checkFacade();
 return request.getRequestId();
 }
 
 
 @Override
 public String getProtocolRequestId() {
+checkFacade();
 return request.getProtocolRequestId();
 }
 
 
 @Override
 public ServletConnection getServletConnection() {
+checkFacade();
 return request.getServletConnection();
 }
 


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] 01/02: Reduce duplication

2023-01-11 Thread markt

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git

commit 2019ffa36fd0b3db76e59f132a77fd30bf47dc24
Author: Mark Thomas 
AuthorDate: Wed Jan 11 19:35:45 2023 +

Reduce duplication
---
 .../apache/catalina/connector/RequestFacade.java   | 421 -
 1 file changed, 70 insertions(+), 351 deletions(-)

diff --git a/java/org/apache/catalina/connector/RequestFacade.java 
b/java/org/apache/catalina/connector/RequestFacade.java
index 9c7b138be1..fa778f6aac 100644
--- a/java/org/apache/catalina/connector/RequestFacade.java
+++ b/java/org/apache/catalina/connector/RequestFacade.java
@@ -53,21 +53,8 @@ import org.apache.tomcat.util.res.StringManager;
 public class RequestFacade implements HttpServletRequest {
 
 
-// --- Constructors
+private static final StringManager sm = 
StringManager.getManager(RequestFacade.class);
 
-/**
- * Construct a wrapper for the specified request.
- *
- * @param request The request to be wrapped
- */
-public RequestFacade(Request request) {
-
-this.request = request;
-
-}
-
-
-// - Instance Variables
 
 /**
  * The wrapped request.
@@ -76,12 +63,13 @@ public class RequestFacade implements HttpServletRequest {
 
 
 /**
- * The string manager for this package.
+ * Construct a wrapper for the specified request.
+ *
+ * @param request The request to be wrapped
  */
-protected static final StringManager sm = 
StringManager.getManager(RequestFacade.class);
-
-
-// - Public Methods
+public RequestFacade(Request request) {
+this.request = request;
+}
 
 
 /**
@@ -104,659 +92,383 @@ public class RequestFacade implements HttpServletRequest 
{
 
 // - ServletRequest Methods
 
-
 @Override
 public Object getAttribute(String name) {
-
-if (request == null) {
-throw new IllegalStateException(
-sm.getString("requestFacade.nullRequest"));
-}
-
+checkFacade();
 return request.getAttribute(name);
 }
 
 
 @Override
 public Enumeration getAttributeNames() {
-
-if (request == null) {
-throw new IllegalStateException(
-sm.getString("requestFacade.nullRequest"));
-}
-
+checkFacade();
 return request.getAttributeNames();
 }
 
 
 @Override
 public String getCharacterEncoding() {
-
-if (request == null) {
-throw new IllegalStateException(
-sm.getString("requestFacade.nullRequest"));
-}
-
+checkFacade();
 return request.getCharacterEncoding();
 }
 
 
 @Override
-public void setCharacterEncoding(String env)
-throws java.io.UnsupportedEncodingException {
-
-if (request == null) {
-throw new IllegalStateException(
-sm.getString("requestFacade.nullRequest"));
-}
-
+public void setCharacterEncoding(String env) throws 
java.io.UnsupportedEncodingException {
+checkFacade();
 request.setCharacterEncoding(env);
 }
 
 
 @Override
 public int getContentLength() {
-
-if (request == null) {
-throw new IllegalStateException(
-sm.getString("requestFacade.nullRequest"));
-}
-
+checkFacade();
 return request.getContentLength();
 }
 
 
 @Override
 public String getContentType() {
-
-if (request == null) {
-throw new IllegalStateException(
-sm.getString("requestFacade.nullRequest"));
-}
-
+checkFacade();
 return request.getContentType();
 }
 
 
 @Override
 public ServletInputStream getInputStream() throws IOException {
-
-if (request == null) {
-throw new IllegalStateException(
-sm.getString("requestFacade.nullRequest"));
-}
-
+checkFacade();
 return request.getInputStream();
 }
 
 
 @Override
 public String getParameter(String name) {
-
-if (request == null) {
-throw new IllegalStateException(
-sm.getString("requestFacade.nullRequest"));
-}
-
+checkFacade();
 return request.getParameter(name);
 }
 
 
 @Override
 public Enumeration getParameterNames() {
-
-if (request == null) {
-throw new IllegalStateException(
-sm.getString("requestFacade.nullRequest"));
-}
-
+checkFacade();
 return request.getParameterNames();
 }

[tomcat] branch main updated (887324ecd5 -> e1e87ada92)

2023-01-11 Thread markt

This is an automated email from the ASF dual-hosted git repository.

markt pushed a change to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git


from 887324ecd5 Clean-up some unused references to SecurityManager and 
related APIs
 new 2019ffa36f Reduce duplication
 new e1e87ada92 Add missing checks for null facade

The 2 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails.  The revisions
listed as "add" were already present in the repository and have only
been added to this reference.


Summary of changes:
 .../apache/catalina/connector/RequestFacade.java   | 457 +
 1 file changed, 96 insertions(+), 361 deletions(-)


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch 10.1.x updated (683831d907 -> 2cedead7f1)

2023-01-11 Thread markt

This is an automated email from the ASF dual-hosted git repository.

markt pushed a change to branch 10.1.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


from 683831d907 Complete partial update of BND dependency to 6.4.0
 new ee257473af Reduce duplication
 new 2cedead7f1 Add missing checks for null facade

The 2 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails.  The revisions
listed as "add" were already present in the repository and have only
been added to this reference.


Summary of changes:
 .../apache/catalina/connector/RequestFacade.java   | 446 +
 1 file changed, 96 insertions(+), 350 deletions(-)


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] 01/02: Reduce duplication

2023-01-11 Thread markt

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 10.1.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git

commit ee257473af307eec93968d617b600bc6748d096e
Author: Mark Thomas 
AuthorDate: Wed Jan 11 19:35:45 2023 +

Reduce duplication
---
 .../apache/catalina/connector/RequestFacade.java   | 410 -
 1 file changed, 70 insertions(+), 340 deletions(-)

diff --git a/java/org/apache/catalina/connector/RequestFacade.java 
b/java/org/apache/catalina/connector/RequestFacade.java
index 5696183984..799cde4c88 100644
--- a/java/org/apache/catalina/connector/RequestFacade.java
+++ b/java/org/apache/catalina/connector/RequestFacade.java
@@ -57,8 +57,6 @@ import org.apache.tomcat.util.res.StringManager;
 public class RequestFacade implements HttpServletRequest {
 
 
-// --- DoPrivileged
-
 private final class GetAttributePrivilegedAction
 implements PrivilegedAction> {
 
@@ -217,22 +215,9 @@ public class RequestFacade implements HttpServletRequest {
 }
 }
 
-// --- Constructors
 
+private static final StringManager sm = 
StringManager.getManager(RequestFacade.class);
 
-/**
- * Construct a wrapper for the specified request.
- *
- * @param request The request to be wrapped
- */
-public RequestFacade(Request request) {
-
-this.request = request;
-
-}
-
-
-// - Instance Variables
 
 
 /**
@@ -242,12 +227,13 @@ public class RequestFacade implements HttpServletRequest {
 
 
 /**
- * The string manager for this package.
+ * Construct a wrapper for the specified request.
+ *
+ * @param request The request to be wrapped
  */
-protected static final StringManager sm = 
StringManager.getManager(RequestFacade.class);
-
-
-// - Public Methods
+public RequestFacade(Request request) {
+this.request = request;
+}
 
 
 /**
@@ -270,26 +256,16 @@ public class RequestFacade implements HttpServletRequest {
 
 // - ServletRequest Methods
 
-
 @Override
 public Object getAttribute(String name) {
-
-if (request == null) {
-throw new IllegalStateException(
-sm.getString("requestFacade.nullRequest"));
-}
-
+checkFacade();
 return request.getAttribute(name);
 }
 
 
 @Override
 public Enumeration getAttributeNames() {
-
-if (request == null) {
-throw new IllegalStateException(
-sm.getString("requestFacade.nullRequest"));
-}
+checkFacade();
 
 if (Globals.IS_SECURITY_ENABLED){
 return AccessController.doPrivileged(
@@ -302,11 +278,7 @@ public class RequestFacade implements HttpServletRequest {
 
 @Override
 public String getCharacterEncoding() {
-
-if (request == null) {
-throw new IllegalStateException(
-sm.getString("requestFacade.nullRequest"));
-}
+checkFacade();
 
 if (Globals.IS_SECURITY_ENABLED){
 return AccessController.doPrivileged(
@@ -318,61 +290,36 @@ public class RequestFacade implements HttpServletRequest {
 
 
 @Override
-public void setCharacterEncoding(String env)
-throws java.io.UnsupportedEncodingException {
-
-if (request == null) {
-throw new IllegalStateException(
-sm.getString("requestFacade.nullRequest"));
-}
-
+public void setCharacterEncoding(String env) throws 
java.io.UnsupportedEncodingException {
+checkFacade();
 request.setCharacterEncoding(env);
 }
 
 
 @Override
 public int getContentLength() {
-
-if (request == null) {
-throw new IllegalStateException(
-sm.getString("requestFacade.nullRequest"));
-}
-
+checkFacade();
 return request.getContentLength();
 }
 
 
 @Override
 public String getContentType() {
-
-if (request == null) {
-throw new IllegalStateException(
-sm.getString("requestFacade.nullRequest"));
-}
-
+checkFacade();
 return request.getContentType();
 }
 
 
 @Override
 public ServletInputStream getInputStream() throws IOException {
-
-if (request == null) {
-throw new IllegalStateException(
-sm.getString("requestFacade.nullRequest"));
-}
-
+checkFacade();
 return request.getInputStream();
 }
 
 
 @Override
 public String getParameter(String name) {
-
-if (request == null) {
-thro

[tomcat] 02/02: Add missing checks for null facade

2023-01-11 Thread markt

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 10.1.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git

commit 2cedead7f122fd2c4f8ac4fc9a7aa3c877a32c6d
Author: Mark Thomas 
AuthorDate: Wed Jan 11 19:37:15 2023 +

Add missing checks for null facade
---
 .../apache/catalina/connector/RequestFacade.java   | 36 --
 1 file changed, 26 insertions(+), 10 deletions(-)

diff --git a/java/org/apache/catalina/connector/RequestFacade.java 
b/java/org/apache/catalina/connector/RequestFacade.java
index 799cde4c88..442a6f15b0 100644
--- a/java/org/apache/catalina/connector/RequestFacade.java
+++ b/java/org/apache/catalina/connector/RequestFacade.java
@@ -739,79 +739,87 @@ public class RequestFacade implements HttpServletRequest {
 
 @Override
 public AsyncContext startAsync() throws IllegalStateException {
+checkFacade();
 return request.startAsync();
 }
 
 
 @Override
-public AsyncContext startAsync(ServletRequest request, ServletResponse 
response)
-throws IllegalStateException {
+public AsyncContext startAsync(ServletRequest request, ServletResponse 
response) throws IllegalStateException {
+checkFacade();
 return this.request.startAsync(request, response);
 }
 
 
 @Override
 public boolean isAsyncStarted() {
+checkFacade();
 return request.isAsyncStarted();
 }
 
 
 @Override
 public boolean isAsyncSupported() {
+checkFacade();
 return request.isAsyncSupported();
 }
 
 
 @Override
 public AsyncContext getAsyncContext() {
+checkFacade();
 return request.getAsyncContext();
 }
 
 
 @Override
 public DispatcherType getDispatcherType() {
+checkFacade();
 return request.getDispatcherType();
 }
 
 
 @Override
-public boolean authenticate(HttpServletResponse response)
-throws IOException, ServletException {
+public boolean authenticate(HttpServletResponse response) throws 
IOException, ServletException {
+checkFacade();
 return request.authenticate(response);
 }
 
 @Override
-public void login(String username, String password)
-throws ServletException {
+public void login(String username, String password) throws 
ServletException {
+checkFacade();
 request.login(username, password);
 }
 
 @Override
 public void logout() throws ServletException {
+checkFacade();
 request.logout();
 }
 
 @Override
-public Collection getParts() throws IllegalStateException,
-IOException, ServletException {
+public Collection getParts() throws IllegalStateException, 
IOException, ServletException {
+checkFacade();
 return request.getParts();
 }
 
 
 @Override
-public Part getPart(String name) throws IllegalStateException, IOException,
-ServletException {
+public Part getPart(String name) throws IllegalStateException, 
IOException, ServletException {
+checkFacade();
 return request.getPart(name);
 }
 
 
 public boolean getAllowTrace() {
+checkFacade();
 return request.getConnector().getAllowTrace();
 }
 
 
 @Override
 public long getContentLengthLong() {
+checkFacade();
 return request.getContentLengthLong();
 }
 
@@ -819,47 +827,55 @@ public class RequestFacade implements HttpServletRequest {
 @Override
 public  T upgrade(
 Class httpUpgradeHandlerClass) throws java.io.IOException, 
ServletException {
+checkFacade();
 return request.upgrade(httpUpgradeHandlerClass);
 }
 
 
 @Override
 public PushBuilder newPushBuilder() {
+checkFacade();
 return request.newPushBuilder();
 }
 
 
 public PushBuilder newPushBuilder(HttpServletRequest request) {
+checkFacade();
 return this.request.newPushBuilder(request);
 }
 
 
 @Override
 public boolean isTrailerFieldsReady() {
+checkFacade();
 return request.isTrailerFieldsReady();
 }
 
 
 @Override
 public Map getTrailerFields() {
+checkFacade();
 return request.getTrailerFields();
 }
 
 
 @Override
 public String getRequestId() {
+checkFacade();
 return request.getRequestId();
 }
 
 
 @Override
 public String getProtocolRequestId() {
+checkFacade();
 return request.getProtocolRequestId();
 }
 
 
 @Override
 public ServletConnection getServletConnection() {
+checkFacade();
 return request.getServletConnection();
 }
 


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch 9.0.x updated (0e0f8424c3 -> 844d2cc3c7)

2023-01-11 Thread markt

This is an automated email from the ASF dual-hosted git repository.

markt pushed a change to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


from 0e0f8424c3 Complete partial update of BND dependency to 6.4.0
 new 08f39a0c1b Reduce duplication
 new 844d2cc3c7 Add missing checks for null facade

The 2 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails.  The revisions
listed as "add" were already present in the repository and have only
been added to this reference.


Summary of changes:
 .../apache/catalina/connector/RequestFacade.java   | 443 +
 1 file changed, 93 insertions(+), 350 deletions(-)


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] 01/02: Reduce duplication

2023-01-11 Thread markt

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git

commit 08f39a0c1b45522e92d3ddcffb6f71735943c5d5
Author: Mark Thomas 
AuthorDate: Wed Jan 11 19:35:45 2023 +

Reduce duplication
---
 .../apache/catalina/connector/RequestFacade.java   | 410 -
 1 file changed, 70 insertions(+), 340 deletions(-)

diff --git a/java/org/apache/catalina/connector/RequestFacade.java 
b/java/org/apache/catalina/connector/RequestFacade.java
index 11ad088491..2c9a23db5a 100644
--- a/java/org/apache/catalina/connector/RequestFacade.java
+++ b/java/org/apache/catalina/connector/RequestFacade.java
@@ -57,8 +57,6 @@ import org.apache.tomcat.util.res.StringManager;
 public class RequestFacade implements HttpServletRequest {
 
 
-// --- DoPrivileged
-
 private final class GetAttributePrivilegedAction
 implements PrivilegedAction> {
 
@@ -217,22 +215,9 @@ public class RequestFacade implements HttpServletRequest {
 }
 }
 
-// --- Constructors
-
-
-/**
- * Construct a wrapper for the specified request.
- *
- * @param request The request to be wrapped
- */
-public RequestFacade(Request request) {
-
-this.request = request;
-
-}
 
+private static final StringManager sm = 
StringManager.getManager(RequestFacade.class);
 
-// - Instance Variables
 
 
 /**
@@ -242,12 +227,13 @@ public class RequestFacade implements HttpServletRequest {
 
 
 /**
- * The string manager for this package.
+ * Construct a wrapper for the specified request.
+ *
+ * @param request The request to be wrapped
  */
-protected static final StringManager sm = 
StringManager.getManager(RequestFacade.class);
-
-
-// - Public Methods
+public RequestFacade(Request request) {
+this.request = request;
+}
 
 
 /**
@@ -270,26 +256,16 @@ public class RequestFacade implements HttpServletRequest {
 
 // - ServletRequest Methods
 
-
 @Override
 public Object getAttribute(String name) {
-
-if (request == null) {
-throw new IllegalStateException(
-sm.getString("requestFacade.nullRequest"));
-}
-
+checkFacade();
 return request.getAttribute(name);
 }
 
 
 @Override
 public Enumeration getAttributeNames() {
-
-if (request == null) {
-throw new IllegalStateException(
-sm.getString("requestFacade.nullRequest"));
-}
+checkFacade();
 
 if (Globals.IS_SECURITY_ENABLED){
 return AccessController.doPrivileged(
@@ -302,11 +278,7 @@ public class RequestFacade implements HttpServletRequest {
 
 @Override
 public String getCharacterEncoding() {
-
-if (request == null) {
-throw new IllegalStateException(
-sm.getString("requestFacade.nullRequest"));
-}
+checkFacade();
 
 if (Globals.IS_SECURITY_ENABLED){
 return AccessController.doPrivileged(
@@ -318,61 +290,36 @@ public class RequestFacade implements HttpServletRequest {
 
 
 @Override
-public void setCharacterEncoding(String env)
-throws java.io.UnsupportedEncodingException {
-
-if (request == null) {
-throw new IllegalStateException(
-sm.getString("requestFacade.nullRequest"));
-}
-
+public void setCharacterEncoding(String env) throws 
java.io.UnsupportedEncodingException {
+checkFacade();
 request.setCharacterEncoding(env);
 }
 
 
 @Override
 public int getContentLength() {
-
-if (request == null) {
-throw new IllegalStateException(
-sm.getString("requestFacade.nullRequest"));
-}
-
+checkFacade();
 return request.getContentLength();
 }
 
 
 @Override
 public String getContentType() {
-
-if (request == null) {
-throw new IllegalStateException(
-sm.getString("requestFacade.nullRequest"));
-}
-
+checkFacade();
 return request.getContentType();
 }
 
 
 @Override
 public ServletInputStream getInputStream() throws IOException {
-
-if (request == null) {
-throw new IllegalStateException(
-sm.getString("requestFacade.nullRequest"));
-}
-
+checkFacade();
 return request.getInputStream();
 }
 
 
 @Override
 public String getParameter(String name) {
-
-if (request == null) {
-throw

[tomcat] 02/02: Add missing checks for null facade

2023-01-11 Thread markt

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git

commit 844d2cc3c71767bcbba2fcf8a7e9c246f0ba276a
Author: Mark Thomas 
AuthorDate: Wed Jan 11 19:37:15 2023 +

Add missing checks for null facade
---
 .../apache/catalina/connector/RequestFacade.java   | 33 +++---
 1 file changed, 23 insertions(+), 10 deletions(-)

diff --git a/java/org/apache/catalina/connector/RequestFacade.java 
b/java/org/apache/catalina/connector/RequestFacade.java
index 2c9a23db5a..d64a8160f9 100644
--- a/java/org/apache/catalina/connector/RequestFacade.java
+++ b/java/org/apache/catalina/connector/RequestFacade.java
@@ -763,79 +763,87 @@ public class RequestFacade implements HttpServletRequest {
 
 @Override
 public AsyncContext startAsync() throws IllegalStateException {
+checkFacade();
 return request.startAsync();
 }
 
 
 @Override
-public AsyncContext startAsync(ServletRequest request, ServletResponse 
response)
-throws IllegalStateException {
+public AsyncContext startAsync(ServletRequest request, ServletResponse 
response) throws IllegalStateException {
+checkFacade();
 return this.request.startAsync(request, response);
 }
 
 
 @Override
 public boolean isAsyncStarted() {
+checkFacade();
 return request.isAsyncStarted();
 }
 
 
 @Override
 public boolean isAsyncSupported() {
+checkFacade();
 return request.isAsyncSupported();
 }
 
 
 @Override
 public AsyncContext getAsyncContext() {
+checkFacade();
 return request.getAsyncContext();
 }
 
 
 @Override
 public DispatcherType getDispatcherType() {
+checkFacade();
 return request.getDispatcherType();
 }
 
 
 @Override
-public boolean authenticate(HttpServletResponse response)
-throws IOException, ServletException {
+public boolean authenticate(HttpServletResponse response) throws 
IOException, ServletException {
+checkFacade();
 return request.authenticate(response);
 }
 
 @Override
-public void login(String username, String password)
-throws ServletException {
+public void login(String username, String password) throws 
ServletException {
+checkFacade();
 request.login(username, password);
 }
 
 @Override
 public void logout() throws ServletException {
+checkFacade();
 request.logout();
 }
 
 @Override
-public Collection getParts() throws IllegalStateException,
-IOException, ServletException {
+public Collection getParts() throws IllegalStateException, 
IOException, ServletException {
+checkFacade();
 return request.getParts();
 }
 
 
 @Override
-public Part getPart(String name) throws IllegalStateException, IOException,
-ServletException {
+public Part getPart(String name) throws IllegalStateException, 
IOException, ServletException {
+checkFacade();
 return request.getPart(name);
 }
 
 
 public boolean getAllowTrace() {
+checkFacade();
 return request.getConnector().getAllowTrace();
 }
 
 
 @Override
 public long getContentLengthLong() {
+checkFacade();
 return request.getContentLengthLong();
 }
 
@@ -843,29 +851,34 @@ public class RequestFacade implements HttpServletRequest {
 @Override
 public  T upgrade(
 Class httpUpgradeHandlerClass) throws java.io.IOException, 
ServletException {
+checkFacade();
 return request.upgrade(httpUpgradeHandlerClass);
 }
 
 
 @Override
 public PushBuilder newPushBuilder() {
+checkFacade();
 return request.newPushBuilder();
 }
 
 
 public PushBuilder newPushBuilder(HttpServletRequest request) {
+checkFacade();
 return this.request.newPushBuilder(request);
 }
 
 
 @Override
 public boolean isTrailerFieldsReady() {
+checkFacade();
 return request.isTrailerFieldsReady();
 }
 
 
 @Override
 public Map getTrailerFields() {
+checkFacade();
 return request.getTrailerFields();
 }
 


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: [VOTE] Release Apache Tomcat 8.5.85

2023-01-11 Thread Mark Thomas


On 11/01/2023 15:49, Christopher Schultz wrote:

Mark,

On 1/11/23 10:39, Christopher Schultz wrote:

Mark,

On 1/11/23 04:22, Mark Thomas wrote:

On 11/01/2023 01:47, Christopher Schultz wrote:


The proposed 8.5.85 release is:
[X] Broken - do not release
[ ] Stable - go ahead and release as 8.5.85 (stable)


The signature files required for a reproducible build are missing 
from the tag.


Compare

https://github.com/apache/tomcat/tree/10.1.5/res/install-win

with

https://github.com/apache/tomcat/tree/8.5.85/res/install-win


:(

Let me see how that happened.


Oh, right. I was thinking I was missing build.properties.release, but 
I'm missing the detached signatures.


That's because I followed the "release process" page and forgot that you 
basically have to do a complete release, push those signatures to the 
tag, and then re-build the release from the tag. Do I have that right?


Should I cancel the vote and re-start, or let the process continue?


In theory, if you still have the sig files you should be able to re-tag 
without changing the binaries. If that works, I'd restart the VOTE with 
an updated tag hash.


Mark

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] 01/02: Reduce duplication

2023-01-11 Thread markt

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git

commit 49ee1732fe751e6af5d89a06634ae3a129357eba
Author: Mark Thomas 
AuthorDate: Wed Jan 11 19:35:45 2023 +

Reduce duplication
---
 .../apache/catalina/connector/RequestFacade.java   | 403 -
 1 file changed, 69 insertions(+), 334 deletions(-)

diff --git a/java/org/apache/catalina/connector/RequestFacade.java 
b/java/org/apache/catalina/connector/RequestFacade.java
index e5241735f0..31b39e0fa7 100644
--- a/java/org/apache/catalina/connector/RequestFacade.java
+++ b/java/org/apache/catalina/connector/RequestFacade.java
@@ -57,8 +57,6 @@ import org.apache.tomcat.util.res.StringManager;
 public class RequestFacade implements HttpServletRequest {
 
 
-// --- DoPrivileged
-
 private final class GetAttributePrivilegedAction
 implements PrivilegedAction> {
 
@@ -217,22 +215,9 @@ public class RequestFacade implements HttpServletRequest {
 }
 }
 
-// --- Constructors
-
-
-/**
- * Construct a wrapper for the specified request.
- *
- * @param request The request to be wrapped
- */
-public RequestFacade(Request request) {
-
-this.request = request;
-
-}
 
+private static final StringManager sm = 
StringManager.getManager(RequestFacade.class);
 
-// - Instance Variables
 
 
 /**
@@ -242,12 +227,13 @@ public class RequestFacade implements HttpServletRequest {
 
 
 /**
- * The string manager for this package.
+ * Construct a wrapper for the specified request.
+ *
+ * @param request The request to be wrapped
  */
-protected static final StringManager sm = 
StringManager.getManager(RequestFacade.class);
-
-
-// - Public Methods
+public RequestFacade(Request request) {
+this.request = request;
+}
 
 
 /**
@@ -270,26 +256,16 @@ public class RequestFacade implements HttpServletRequest {
 
 // - ServletRequest Methods
 
-
 @Override
 public Object getAttribute(String name) {
-
-if (request == null) {
-throw new IllegalStateException(
-sm.getString("requestFacade.nullRequest"));
-}
-
+checkFacade();
 return request.getAttribute(name);
 }
 
 
 @Override
 public Enumeration getAttributeNames() {
-
-if (request == null) {
-throw new IllegalStateException(
-sm.getString("requestFacade.nullRequest"));
-}
+checkFacade();
 
 if (Globals.IS_SECURITY_ENABLED){
 return AccessController.doPrivileged(
@@ -302,11 +278,7 @@ public class RequestFacade implements HttpServletRequest {
 
 @Override
 public String getCharacterEncoding() {
-
-if (request == null) {
-throw new IllegalStateException(
-sm.getString("requestFacade.nullRequest"));
-}
+checkFacade();
 
 if (Globals.IS_SECURITY_ENABLED){
 return AccessController.doPrivileged(
@@ -318,61 +290,36 @@ public class RequestFacade implements HttpServletRequest {
 
 
 @Override
-public void setCharacterEncoding(String env)
-throws java.io.UnsupportedEncodingException {
-
-if (request == null) {
-throw new IllegalStateException(
-sm.getString("requestFacade.nullRequest"));
-}
-
+public void setCharacterEncoding(String env) throws 
java.io.UnsupportedEncodingException {
+checkFacade();
 request.setCharacterEncoding(env);
 }
 
 
 @Override
 public int getContentLength() {
-
-if (request == null) {
-throw new IllegalStateException(
-sm.getString("requestFacade.nullRequest"));
-}
-
+checkFacade();
 return request.getContentLength();
 }
 
 
 @Override
 public String getContentType() {
-
-if (request == null) {
-throw new IllegalStateException(
-sm.getString("requestFacade.nullRequest"));
-}
-
+checkFacade();
 return request.getContentType();
 }
 
 
 @Override
 public ServletInputStream getInputStream() throws IOException {
-
-if (request == null) {
-throw new IllegalStateException(
-sm.getString("requestFacade.nullRequest"));
-}
-
+checkFacade();
 return request.getInputStream();
 }
 
 
 @Override
 public String getParameter(String name) {
-
-if (request == null) {
-throw

[tomcat] 02/02: Add missing checks for null facade

2023-01-11 Thread markt

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git

commit bf680cab291e5874ae5161aa2234c3204ac683f0
Author: Mark Thomas 
AuthorDate: Wed Jan 11 19:37:15 2023 +

Add missing checks for null facade
---
 .../apache/catalina/connector/RequestFacade.java   | 32 +++---
 1 file changed, 22 insertions(+), 10 deletions(-)

diff --git a/java/org/apache/catalina/connector/RequestFacade.java 
b/java/org/apache/catalina/connector/RequestFacade.java
index 31b39e0fa7..44b78d4a16 100644
--- a/java/org/apache/catalina/connector/RequestFacade.java
+++ b/java/org/apache/catalina/connector/RequestFacade.java
@@ -756,79 +756,87 @@ public class RequestFacade implements HttpServletRequest {
 
 @Override
 public AsyncContext startAsync() throws IllegalStateException {
+checkFacade();
 return request.startAsync();
 }
 
 
 @Override
-public AsyncContext startAsync(ServletRequest request, ServletResponse 
response)
-throws IllegalStateException {
+public AsyncContext startAsync(ServletRequest request, ServletResponse 
response) throws IllegalStateException {
+checkFacade();
 return this.request.startAsync(request, response);
 }
 
 
 @Override
 public boolean isAsyncStarted() {
+checkFacade();
 return request.isAsyncStarted();
 }
 
 
 @Override
 public boolean isAsyncSupported() {
+checkFacade();
 return request.isAsyncSupported();
 }
 
 
 @Override
 public AsyncContext getAsyncContext() {
+checkFacade();
 return request.getAsyncContext();
 }
 
 
 @Override
 public DispatcherType getDispatcherType() {
+checkFacade();
 return request.getDispatcherType();
 }
 
 
 @Override
-public boolean authenticate(HttpServletResponse response)
-throws IOException, ServletException {
+public boolean authenticate(HttpServletResponse response) throws 
IOException, ServletException {
+checkFacade();
 return request.authenticate(response);
 }
 
 @Override
-public void login(String username, String password)
-throws ServletException {
+public void login(String username, String password) throws 
ServletException {
+checkFacade();
 request.login(username, password);
 }
 
 @Override
 public void logout() throws ServletException {
+checkFacade();
 request.logout();
 }
 
 @Override
-public Collection getParts() throws IllegalStateException,
-IOException, ServletException {
+public Collection getParts() throws IllegalStateException, 
IOException, ServletException {
+checkFacade();
 return request.getParts();
 }
 
 
 @Override
-public Part getPart(String name) throws IllegalStateException, IOException,
-ServletException {
+public Part getPart(String name) throws IllegalStateException, 
IOException, ServletException {
+checkFacade();
 return request.getPart(name);
 }
 
 
 public boolean getAllowTrace() {
+checkFacade();
 return request.getConnector().getAllowTrace();
 }
 
 
 @Override
 public long getContentLengthLong() {
+checkFacade();
 return request.getContentLengthLong();
 }
 
@@ -836,21 +844,25 @@ public class RequestFacade implements HttpServletRequest {
 @Override
 public  T upgrade(
 Class httpUpgradeHandlerClass) throws java.io.IOException, 
ServletException {
+checkFacade();
 return request.upgrade(httpUpgradeHandlerClass);
 }
 
 
 public ApplicationMappingImpl getHttpServletMapping() {
+checkFacade();
 return request.getHttpServletMapping();
 }
 
 
 public ApplicationPushBuilder 
newPushBuilder(javax.servlet.http.HttpServletRequest request) {
+checkFacade();
 return this.request.newPushBuilder(request);
 }
 
 
 public ApplicationPushBuilder newPushBuilder() {
+checkFacade();
 return request.newPushBuilder();
 }
 


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch 8.5.x updated (02b02132aa -> bf680cab29)

2023-01-11 Thread markt

This is an automated email from the ASF dual-hosted git repository.

markt pushed a change to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


from 02b02132aa Revert "Tag for r8.5.85." This should have been in a branch.
 new 49ee1732fe Reduce duplication
 new bf680cab29 Add missing checks for null facade

The 2 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails.  The revisions
listed as "add" were already present in the repository and have only
been added to this reference.


Summary of changes:
 .../apache/catalina/connector/RequestFacade.java   | 435 +
 1 file changed, 91 insertions(+), 344 deletions(-)


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: Tomcat 11 - minimum Java version

2023-01-11 Thread Michael Osipov


On 11/01/2023 14:13, Michael Osipov wrote:
While I cannot comment on Tomcat 11 requirements and Java 21 is 
unavoidable I'd like to comment on this because I consider it wrong:


We could switch all branches to Java 17 as the the default build JRE 
now as that supports targeting Java 7 onwards. That would allow us to 
easily use some newer Java features in Tomcat 11 whilst still only 
requiring RMs to use a single JDK version. If there are no objections 
I'll do this shortly.


This will basically kill Tomcat 9.x and 10.x for those who:
* Want/need to build from source
* Run tests in their setup
* Provide fixes/patches
where Java 17 is not available for them, e.g. commercial Unix or any 
other circumstance (company policy, etc.). I already dislike the move 
done with Spring Framework 6/Boot 3, this just cuts off a tremendous 
user base.


For as long as 8/11 [1] receive support I wouldn't do this step at all. 
I'd take the baseline the Java EE version requires.


Nothing in the proposed change stops you building with an earlier 
version of Java. This is simply a change to the *default* build JRE.


To confirm, I just updated this locally to 17 for 9.0.x and then happily 
completed both "ant clean deploy" and "ant release" using Java 11.


That wasn't really clear from your first mail. I understood that you 
want to enfore to build with Java 17 although --release is 8.


Even if not, there is another problem with that: When you build with 
Java 17, that build cannot be reproduced on Java 11 or 8 because class 
file content will be different. At Maven we verify release votes with 
the same OS class (Windows or POSIX-like) and Java 8. Having everything 
produced with 17, well...still limits others.


M

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: Tomcat 11 - minimum Java version

2023-01-11 Thread Mark Thomas


On 11/01/2023 20:15, Michael Osipov wrote:
Even if not, there is another problem with that: When you build with 
Java 17, that build cannot be reproduced on Java 11 or 8 because class 
file content will be different.


Experience in the Tomcat project says otherwise.

We can already reproduce builds across platforms. The current Tomcat 
builds are reproducible across Windows and Linux (and I suspect MacOS 
although I haven't tested that recently).


We also know the only blocker to cross-Java version builds is the 
MANIFEST.MF content. The class files are identical.


Mark

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Buildbot failure in on tomcat-11.0.x

2023-01-11 Thread buildbot

Build status: BUILD FAILED: failed compile (failure)
Worker used: bb2_worker2_ubuntu
URL: https://ci2.apache.org/#builders/112/builds/111
Blamelist: Mark Thomas 
Build Text: failed compile (failure)
Status Detected: new failure
Build Source Stamp: [branch main] e1e87ada9207348fc0dbf447d2bdaf903790f328


Steps:

  worker_preparation: 0

  git: 0

  shell: 0

  shell_1: 0

  shell_2: 0

  shell_3: 0

  shell_4: 0

  shell_5: 0

  compile: 1

  shell_6: 0

  shell_7: 0

  shell_8: 0

  shell_9: 0

  Rsync docs to nightlies.apache.org: 0

  shell_10: 0

  Rsync RAT to nightlies.apache.org: 0

  compile_1: 2

  shell_11: 0

  Rsync Logs to nightlies.apache.org: 0


-- ASF Buildbot


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Buildbot failure in on tomcat-9.0.x

2023-01-11 Thread buildbot

Build status: BUILD FAILED: failed compile (failure)
Worker used: bb2_worker2_ubuntu
URL: https://ci2.apache.org/#builders/37/builds/414
Blamelist: Mark Thomas 
Build Text: failed compile (failure)
Status Detected: new failure
Build Source Stamp: [branch 9.0.x] 844d2cc3c71767bcbba2fcf8a7e9c246f0ba276a


Steps:

  worker_preparation: 0

  git: 0

  shell: 0

  shell_1: 0

  shell_2: 0

  shell_3: 0

  shell_4: 0

  shell_5: 0

  compile: 2


-- ASF Buildbot


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Buildbot failure in on tomcat-8.5.x

2023-01-11 Thread buildbot

Build status: BUILD FAILED: failed compile (failure)
Worker used: bb2_worker2_ubuntu
URL: https://ci2.apache.org/#builders/36/builds/359
Blamelist: Mark Thomas 
Build Text: failed compile (failure)
Status Detected: new failure
Build Source Stamp: [branch 8.5.x] bf680cab291e5874ae5161aa2234c3204ac683f0


Steps:

  worker_preparation: 0

  git: 0

  shell: 0

  shell_1: 0

  shell_2: 0

  shell_3: 0

  shell_4: 0

  shell_5: 0

  compile: 2


-- ASF Buildbot


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: Tomcat 11 - minimum Java version

2023-01-11 Thread Romain Manni-Bucau

Guess it was more about default java for linux distro, build is only
reproducible if target --release flag is <= java distro version which will
not be the case for java 21 soon enough probably, not really a build issue
by itself more an ecosystem one - distro consumming sources.

Le mer. 11 janv. 2023 à 21:41, Mark Thomas  a écrit :

> On 11/01/2023 20:15, Michael Osipov wrote:
> > Even if not, there is another problem with that: When you build with
> > Java 17, that build cannot be reproduced on Java 11 or 8 because class
> > file content will be different.
>
> Experience in the Tomcat project says otherwise.
>
> We can already reproduce builds across platforms. The current Tomcat
> builds are reproducible across Windows and Linux (and I suspect MacOS
> although I haven't tested that recently).
>
> We also know the only blocker to cross-Java version builds is the
> MANIFEST.MF content. The class files are identical.
>
> Mark
>
> -
> To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: dev-h...@tomcat.apache.org
>
>

Re: [VOTE] Release Apache Tomcat 9.0.71

2023-01-11 Thread Han Li




> On Jan 10, 2023, at 06:53, Rémy Maucherat  wrote:
> 
> The proposed Apache Tomcat 9.0.71 release is now available for voting.
> 
> The notable changes compared to 9.0.70 are:
> 
> - Correct a regression in the refactoring that replaced the use of the
>   URL constructors. The regression broke lookups for resources that
>   contained one or more characters in their name that required escaping
>   when used in a URI path.
> 
> - When resetting an HTTP/2 stream because the final response has been
>   generated before the request has been fully read, use the HTTP/2 error
>   code NO_ERROR so that client does not discard the response. Based on a
>   suggestion by Lorenzo Dalla Vecchia.
> 
> - Change the default of the org.apache.el.GET_CLASSLOADER_USE_PRIVILEGED
>   system property to true unless the EL library is running on Tomcat in
>   which case the default remains false as the EL library is already
>   called from within a privileged block and skipping the unnecessary
>   privileged block improves performance.
> 
> Along with lots of other bug fixes and improvements.
> 
> For full details, see the changelog:
> https://nightlies.apache.org/tomcat/tomcat-9.0.x/docs/changelog.html
> 
> It can be obtained from:
> https://dist.apache.org/repos/dist/dev/tomcat/tomcat-9/v9.0.71/
> The Maven staging repo is:
> https://repository.apache.org/content/repositories/orgapachetomcat-1415
> The tag is:
> https://github.com/apache/tomcat/tree/9.0.71
> 83ff421c4725bccfd7bec1a16b8ca3cb61bedd2a
> 
> The proposed 9.0.71 release is:
> [ ] Broken - do not release
> [ X] Stable - go ahead and release as 9.0.71

Han
> 
> Rémy
> 
> -
> To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: dev-h...@tomcat.apache.org
> 


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 65635] Methods to return auth errors

2023-01-11 Thread bugzilla

https://bz.apache.org/bugzilla/show_bug.cgi?id=65635

Werner Daehn  changed:

   What|Removed |Added

   Severity|enhancement |critical

--- Comment #1 from Werner Daehn  ---
I'd like to raise the priority on this as I feel it is a issue for almost all
web applications. People either accept it grudgingly or write their own
Filter/Valve bypassing all Tomcat security features and the flexibility they
provide.

Upon further digging, it seems you have faced the same problem. 
In the JAASRealm you catch all the different exceptions and swallow the
information.
https://github.com/apache/tomcat/blob/main/java/org/apache/catalina/realm/JAASRealm.java#L441

If I am not mistaken, an easy and backward compatible solution would be to
allow all the version of `authenticate()` to throw exceptions. Best would be a
hierarchy of exceptions: LoginException --> LoginWithWarningException

These Exceptions are then used in the RealmBase to do different things.
Redirect to the error page with the exception details being attached. Redirect
to the target page but with the login warning information attached.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

58 matches

Mail list logo