Re: [VOTE] Release Apache Tomcat 11.0.0-M6
On 03/05/2023 19:38, Mark Thomas wrote: The proposed 11.0.0-M6 release is: [ ] Broken - do not release [X] Alpha - go ahead and release as 11.0.0-M6 Test pass on Windows, Linux and MacOS (Intel and M1). Mark - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: [tomcat] 02/02: Move management of utility executor from init/destroy to start/stop
On 05/05/2023 04:21, Han Li wrote:
On May 4, 2023, at 21:41, ma...@apache.org wrote:
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git
commit 4b097bf2e9075e9e2949ec5aa410cba3c2b85374
Author: Mark Thomas
AuthorDate: Thu May 4 14:41:01 2023 +0100
Move management of utility executor from init/destroy to start/stop
---
java/org/apache/catalina/connector/Connector.java | 13 +++---
java/org/apache/catalina/core/ContainerBase.java | 20 +++-
java/org/apache/catalina/core/StandardServer.java | 28 +++---
.../apache/catalina/ha/tcp/SimpleTcpCluster.java | 5 +++-
webapps/docs/changelog.xml | 5
5 files changed, 41 insertions(+), 30 deletions(-)
diff --git a/java/org/apache/catalina/connector/Connector.java
b/java/org/apache/catalina/connector/Connector.java
index c9200e20ca..dac7fdd642 100644
--- a/java/org/apache/catalina/connector/Connector.java
+++ b/java/org/apache/catalina/connector/Connector.java
@@ -992,9 +992,6 @@ public class Connector extends LifecycleMBeanBase {
// Initialize adapter
adapter = new CoyoteAdapter(this);
protocolHandler.setAdapter(adapter);
-if (service != null) {
-
protocolHandler.setUtilityExecutor(service.getServer().getUtilityExecutor());
-}
// Make sure parseBodyMethodsSet has a default
if (null == parseBodyMethodsSet) {
@@ -1035,6 +1032,11 @@ public class Connector extends LifecycleMBeanBase {
setState(LifecycleState.STARTING);
+// Configure the utility executor before starting the protocol handler
+if (service != null) {
+
protocolHandler.setUtilityExecutor(service.getServer().getUtilityExecutor());
According to check logic at line 1027, the protocalHandler may be null, so
need NPE check.
I'm not convinced that check is necessary given the call to
protocalHandler.start() just below. I need to look into this more to see
why the null check is there.
+}
+
try {
protocolHandler.start();
} catch (Exception e) {
@@ -1060,6 +1062,11 @@ public class Connector extends LifecycleMBeanBase {
} catch (Exception e) {
throw new
LifecycleException(sm.getString("coyoteConnector.protocolHandlerStopFailed"),
e);
}
+
+// Remove the utility executor once the protocol handler has been
stopped
+if (service != null) {
+protocolHandler.setUtilityExecutor(null);
Same as above.
I agree on this one.
Mark
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: [tomcat] 02/02: Move management of utility executor from init/destroy to start/stop
Hi Team ,
Management of start and stop might be arrested
Regards
Koti
On Thu, 4 May 2023, 19:12 , wrote:
> This is an automated email from the ASF dual-hosted git repository.
>
> markt pushed a commit to branch main
> in repository https://gitbox.apache.org/repos/asf/tomcat.git
>
> commit 4b097bf2e9075e9e2949ec5aa410cba3c2b85374
> Author: Mark Thomas
> AuthorDate: Thu May 4 14:41:01 2023 +0100
>
> Move management of utility executor from init/destroy to start/stop
> ---
> java/org/apache/catalina/connector/Connector.java | 13 +++---
> java/org/apache/catalina/core/ContainerBase.java | 20 +++-
> java/org/apache/catalina/core/StandardServer.java | 28
> +++---
> .../apache/catalina/ha/tcp/SimpleTcpCluster.java | 5 +++-
> webapps/docs/changelog.xml | 5
> 5 files changed, 41 insertions(+), 30 deletions(-)
>
> diff --git a/java/org/apache/catalina/connector/Connector.java
> b/java/org/apache/catalina/connector/Connector.java
> index c9200e20ca..dac7fdd642 100644
> --- a/java/org/apache/catalina/connector/Connector.java
> +++ b/java/org/apache/catalina/connector/Connector.java
> @@ -992,9 +992,6 @@ public class Connector extends LifecycleMBeanBase {
> // Initialize adapter
> adapter = new CoyoteAdapter(this);
> protocolHandler.setAdapter(adapter);
> -if (service != null) {
> -
> protocolHandler.setUtilityExecutor(service.getServer().getUtilityExecutor());
> -}
>
> // Make sure parseBodyMethodsSet has a default
> if (null == parseBodyMethodsSet) {
> @@ -1035,6 +1032,11 @@ public class Connector extends LifecycleMBeanBase {
>
> setState(LifecycleState.STARTING);
>
> +// Configure the utility executor before starting the protocol
> handler
> +if (service != null) {
> +
> protocolHandler.setUtilityExecutor(service.getServer().getUtilityExecutor());
> +}
> +
> try {
> protocolHandler.start();
> } catch (Exception e) {
> @@ -1060,6 +1062,11 @@ public class Connector extends LifecycleMBeanBase {
> } catch (Exception e) {
> throw new
> LifecycleException(sm.getString("coyoteConnector.protocolHandlerStopFailed"),
> e);
> }
> +
> +// Remove the utility executor once the protocol handler has been
> stopped
> +if (service != null) {
> +protocolHandler.setUtilityExecutor(null);
> +}
> }
>
>
> diff --git a/java/org/apache/catalina/core/ContainerBase.java
> b/java/org/apache/catalina/core/ContainerBase.java
> index 784c9032ef..a7e7c69a4a 100644
> --- a/java/org/apache/catalina/core/ContainerBase.java
> +++ b/java/org/apache/catalina/core/ContainerBase.java
> @@ -787,13 +787,6 @@ public abstract class ContainerBase extends
> LifecycleMBeanBase implements Contai
> }
>
>
> -@Override
> -protected void initInternal() throws LifecycleException {
> -reconfigureStartStopExecutor(getStartStopThreads());
> -super.initInternal();
> -}
> -
> -
> private void reconfigureStartStopExecutor(int threads) {
> if (threads == 1) {
> // Use a fake executor
> @@ -819,6 +812,8 @@ public abstract class ContainerBase extends
> LifecycleMBeanBase implements Contai
> @Override
> protected synchronized void startInternal() throws LifecycleException
> {
>
> +reconfigureStartStopExecutor(getStartStopThreads());
> +
> // Start our subordinate components, if any
> logger = null;
> getLogger();
> @@ -925,6 +920,12 @@ public abstract class ContainerBase extends
> LifecycleMBeanBase implements Contai
> if (cluster instanceof Lifecycle) {
> ((Lifecycle) cluster).stop();
> }
> +
> +// If init fails, this may be null
> +if (startStopExecutor != null) {
> +startStopExecutor.shutdownNow();
> +startStopExecutor = null;
> +}
> }
>
> @Override
> @@ -954,11 +955,6 @@ public abstract class ContainerBase extends
> LifecycleMBeanBase implements Contai
> parent.removeChild(this);
> }
>
> -// If init fails, this may be null
> -if (startStopExecutor != null) {
> -startStopExecutor.shutdownNow();
> -}
> -
> super.destroyInternal();
> }
>
> diff --git a/java/org/apache/catalina/core/StandardServer.java
> b/java/org/apache/catalina/core/StandardServer.java
> index 80b5026fed..a4383f2503 100644
> --- a/java/org/apache/catalina/core/StandardServer.java
> +++ b/java/org/apache/catalina/core/StandardServer.java
> @@ -901,6 +901,12 @@ public final class StandardServer extends
> LifecycleMBeanBase implements Server {
> fireLifecycleEvent(CONFIGURE_START_EVENT, null);
> setState(LifecycleState.STARTING);
>
> +// Initialize utility executor
> +synchronized (utilityExecutorLock) {
> +
> reconfigureUtilityExecutor(g
[Bug 66593] Connector attribute allowHostHeaderMismatch=false fails to reject host header injection attacks
https://bz.apache.org/bugzilla/show_bug.cgi?id=66593 --- Comment #3 from alvaro --- thanks, this makes sense now. cheers, Alvaro -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: [tomcat] 02/02: Move management of utility executor from init/destroy to start/stop
> On May 5, 2023, at 18:42, Mark Thomas wrote:
>
> On 05/05/2023 04:21, Han Li wrote:
>>> On May 4, 2023, at 21:41, ma...@apache.org wrote:
>>>
>>> This is an automated email from the ASF dual-hosted git repository.
>>>
>>> markt pushed a commit to branch main
>>> in repository https://gitbox.apache.org/repos/asf/tomcat.git
>>>
>>> commit 4b097bf2e9075e9e2949ec5aa410cba3c2b85374
>>> Author: Mark Thomas
>>> AuthorDate: Thu May 4 14:41:01 2023 +0100
>>>
>>> Move management of utility executor from init/destroy to start/stop
>>> ---
>>> java/org/apache/catalina/connector/Connector.java | 13 +++---
>>> java/org/apache/catalina/core/ContainerBase.java | 20 +++-
>>> java/org/apache/catalina/core/StandardServer.java | 28
>>> +++---
>>> .../apache/catalina/ha/tcp/SimpleTcpCluster.java | 5 +++-
>>> webapps/docs/changelog.xml | 5
>>> 5 files changed, 41 insertions(+), 30 deletions(-)
>>>
>>> diff --git a/java/org/apache/catalina/connector/Connector.java
>>> b/java/org/apache/catalina/connector/Connector.java
>>> index c9200e20ca..dac7fdd642 100644
>>> --- a/java/org/apache/catalina/connector/Connector.java
>>> +++ b/java/org/apache/catalina/connector/Connector.java
>>> @@ -992,9 +992,6 @@ public class Connector extends LifecycleMBeanBase {
>>> // Initialize adapter
>>> adapter = new CoyoteAdapter(this);
>>> protocolHandler.setAdapter(adapter);
>>> - if (service != null) {
>>> -
>>> protocolHandler.setUtilityExecutor(service.getServer().getUtilityExecutor());
>>> - }
>>>
>>> // Make sure parseBodyMethodsSet has a default
>>> if (null == parseBodyMethodsSet) {
>>> @@ -1035,6 +1032,11 @@ public class Connector extends LifecycleMBeanBase {
>>>
>>> setState(LifecycleState.STARTING);
>>>
>>> + // Configure the utility executor before starting the protocol handler
>>> + if (service != null) {
>>> +
>>> protocolHandler.setUtilityExecutor(service.getServer().getUtilityExecutor());
>> According to check logic at line 1027, the protocalHandler may be null, so
>> need NPE check.
>
> I'm not convinced that check is necessary given the call to
> protocalHandler.start() just below. I need to look into this more to see why
> the null check is there.
I have also looked into this and found which related to
org.apache.catalina.connector.TestConnector#doTestInvalidProtocol.
The reason that why this has three conditions:
1. The protocol is invalid
2. The thorwOnFailure has been set false
2) lead the null check in initInternal method has invalid and go on to
startInternal.
Han
>
>>> + }
>>> +
>>> try {
>>> protocolHandler.start();
>>> } catch (Exception e) {
>>> @@ -1060,6 +1062,11 @@ public class Connector extends LifecycleMBeanBase {
>>> } catch (Exception e) {
>>> throw new
>>> LifecycleException(sm.getString("coyoteConnector.protocolHandlerStopFailed"),
>>> e);
>>> }
>>> +
>>> + // Remove the utility executor once the protocol handler has been stopped
>>> + if (service != null) {
>>> + protocolHandler.setUtilityExecutor(null);
>> Same as above.
>
> I agree on this one.
>
> Mark
>
> -
> To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
>
> For additional commands, e-mail: dev-h...@tomcat.apache.org
>
Re: [tomcat] 02/02: Move management of utility executor from init/destroy to start/stop
On 05/05/2023 13:17, Han Li wrote:
On May 5, 2023, at 18:42, Mark Thomas wrote:
On 05/05/2023 04:21, Han Li wrote:
On May 4, 2023, at 21:41, ma...@apache.org wrote:
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git
commit 4b097bf2e9075e9e2949ec5aa410cba3c2b85374
Author: Mark Thomas
AuthorDate: Thu May 4 14:41:01 2023 +0100
Move management of utility executor from init/destroy to start/stop
---
java/org/apache/catalina/connector/Connector.java | 13 +++---
java/org/apache/catalina/core/ContainerBase.java | 20 +++-
java/org/apache/catalina/core/StandardServer.java | 28 +++---
.../apache/catalina/ha/tcp/SimpleTcpCluster.java | 5 +++-
webapps/docs/changelog.xml | 5
5 files changed, 41 insertions(+), 30 deletions(-)
diff --git a/java/org/apache/catalina/connector/Connector.java
b/java/org/apache/catalina/connector/Connector.java
index c9200e20ca..dac7fdd642 100644
--- a/java/org/apache/catalina/connector/Connector.java
+++ b/java/org/apache/catalina/connector/Connector.java
@@ -992,9 +992,6 @@ public class Connector extends LifecycleMBeanBase {
// Initialize adapter
adapter = new CoyoteAdapter(this);
protocolHandler.setAdapter(adapter);
- if (service != null) {
- protocolHandler.setUtilityExecutor(service.getServer().getUtilityExecutor());
- }
// Make sure parseBodyMethodsSet has a default
if (null == parseBodyMethodsSet) {
@@ -1035,6 +1032,11 @@ public class Connector extends LifecycleMBeanBase {
setState(LifecycleState.STARTING);
+ // Configure the utility executor before starting the protocol handler
+ if (service != null) {
+ protocolHandler.setUtilityExecutor(service.getServer().getUtilityExecutor());
According to check logic at line 1027, the protocalHandler may be null, so need
NPE check.
I'm not convinced that check is necessary given the call to
protocalHandler.start() just below. I need to look into this more to see why
the null check is there.
I have also looked into this and found which related to
org.apache.catalina.connector.TestConnector#doTestInvalidProtocol.
The reason that why this has three conditions:
1. The protocol is invalid
2. The thorwOnFailure has been set false
2) lead the null check in initInternal method has invalid and go on to
startInternal.
Thanks. That is helpful. I'll add some null checks for the utility
executor calls.
Mark
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch main updated: Avoid possible NPEs - review from lihan
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/main by this push:
new e3ebf33c51 Avoid possible NPEs - review from lihan
e3ebf33c51 is described below
commit e3ebf33c51f02f4c534f3f0a9e125c28fcca8c00
Author: Mark Thomas
AuthorDate: Fri May 5 13:33:29 2023 +0100
Avoid possible NPEs - review from lihan
---
java/org/apache/catalina/connector/Connector.java | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/java/org/apache/catalina/connector/Connector.java
b/java/org/apache/catalina/connector/Connector.java
index dac7fdd642..1c06a724f2 100644
--- a/java/org/apache/catalina/connector/Connector.java
+++ b/java/org/apache/catalina/connector/Connector.java
@@ -1033,13 +1033,14 @@ public class Connector extends LifecycleMBeanBase {
setState(LifecycleState.STARTING);
// Configure the utility executor before starting the protocol handler
-if (service != null) {
+if (protocolHandler != null && service != null) {
protocolHandler.setUtilityExecutor(service.getServer().getUtilityExecutor());
}
try {
protocolHandler.start();
} catch (Exception e) {
+// Includes NPE - protocolHandler will be null for invalid
protocol if throwOnFailure is false
throw new
LifecycleException(sm.getString("coyoteConnector.protocolHandlerStartFailed"),
e);
}
}
@@ -1064,7 +1065,7 @@ public class Connector extends LifecycleMBeanBase {
}
// Remove the utility executor once the protocol handler has been
stopped
-if (service != null) {
+if (protocolHandler != null) {
protocolHandler.setUtilityExecutor(null);
}
}
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: [VOTE] Release Apache Tomcat 9.0.75
Tests pass with tc-natvie 1.2.36 and OpenSSL 3.0.8 on Fedora 36. On Thu, May 4, 2023 at 5:26 PM Rémy Maucherat wrote: > The proposed Apache Tomcat 9.0.75 release is now available for voting. > > The notable changes compared to 9.0.74 are: > > - Many improvements to the json access log valve. > > - Deprecate support for the HTTP Connector settings rejectIllegalHeader and >allowHostHeaderMismatch. > > Along with lots of other bug fixes and improvements. > > For full details, see the changelog: > https://nightlies.apache.org/tomcat/tomcat-9.0.x/docs/changelog.html > > It can be obtained from: > https://dist.apache.org/repos/dist/dev/tomcat/tomcat-9/v9.0.75/ > The Maven staging repo is: > https://repository.apache.org/content/repositories/orgapachetomcat-1433 > The tag is: > https://github.com/apache/tomcat/tree/9.0.75 > 2f528c02a9b54cc210897f75492a2bb6eac326b5 > > The proposed 9.0.75 release is: > [ ] -1, Broken - do not release > [ X] +1, Stable - go ahead and release as 9.0.75 > > Rémy > > - > To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org > For additional commands, e-mail: dev-h...@tomcat.apache.org > >
Re: Java 21 and virtual threads
On Thu, May 4, 2023 at 8:37 AM Mark Thomas wrote: > Hi all, > > The latest Java 21 EA build has moved virtual threads (from project > Loom) out of preview. How do we want to handle this in Tomcat 11? Recall > that Jakarta EE 11 has set Java 21 as the minimum version. > > I think we have the following options: > > 1. Stick with Java 17 as the minimum version and don't provide virtual > thread functionality. > > 2. Stick with Java 17 as the minimum version and provide virtual thread > functionality via the JreCompat module. > > 3. Increase minimum Java version to Java 21 for Tomcat 11 and provide > virtual thread functionality. > > I am currently leaning towards 3 but could live with 2. > > Thoughts? Other options? > +1 for option 3.
[tomcat] branch main updated: Increase wait time - I am seeing test failures on local VMs.
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/main by this push:
new b917f0b2fb Increase wait time - I am seeing test failures on local VMs.
b917f0b2fb is described below
commit b917f0b2fb76967ec2fc74b4a1072b822e5b8de0
Author: Mark Thomas
AuthorDate: Fri May 5 15:44:48 2023 +0100
Increase wait time - I am seeing test failures on local VMs.
---
test/org/apache/catalina/valves/TestAccessLogValve.java | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/test/org/apache/catalina/valves/TestAccessLogValve.java
b/test/org/apache/catalina/valves/TestAccessLogValve.java
index 495f8bdf15..813737cc9a 100644
--- a/test/org/apache/catalina/valves/TestAccessLogValve.java
+++ b/test/org/apache/catalina/valves/TestAccessLogValve.java
@@ -56,7 +56,7 @@ public class TestAccessLogValve extends TomcatBaseTest {
// Requests can return in the client before log() has been called
private static final long SLEEP = 2;
-private static final long SLEEP_MAX = 100;
+private static final long SLEEP_MAX = 1000;
private static final String TEXT_TYPE = "text";
private static final String JSON_TYPE = "json";
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 10.1.x updated: Increase wait time - I am seeing test failures on local VMs.
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 10.1.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/10.1.x by this push:
new 87409a1d7e Increase wait time - I am seeing test failures on local VMs.
87409a1d7e is described below
commit 87409a1d7e12932e0057c0a5ea24b6e47fe98248
Author: Mark Thomas
AuthorDate: Fri May 5 15:44:48 2023 +0100
Increase wait time - I am seeing test failures on local VMs.
---
test/org/apache/catalina/valves/TestAccessLogValve.java | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/test/org/apache/catalina/valves/TestAccessLogValve.java
b/test/org/apache/catalina/valves/TestAccessLogValve.java
index 495f8bdf15..813737cc9a 100644
--- a/test/org/apache/catalina/valves/TestAccessLogValve.java
+++ b/test/org/apache/catalina/valves/TestAccessLogValve.java
@@ -56,7 +56,7 @@ public class TestAccessLogValve extends TomcatBaseTest {
// Requests can return in the client before log() has been called
private static final long SLEEP = 2;
-private static final long SLEEP_MAX = 100;
+private static final long SLEEP_MAX = 1000;
private static final String TEXT_TYPE = "text";
private static final String JSON_TYPE = "json";
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 9.0.x updated: Increase wait time - I am seeing test failures on local VMs.
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/9.0.x by this push:
new ba6bcac2ed Increase wait time - I am seeing test failures on local VMs.
ba6bcac2ed is described below
commit ba6bcac2ed4b78fbdb5263e56fa944aa30ec0475
Author: Mark Thomas
AuthorDate: Fri May 5 15:44:48 2023 +0100
Increase wait time - I am seeing test failures on local VMs.
---
test/org/apache/catalina/valves/TestAccessLogValve.java | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/test/org/apache/catalina/valves/TestAccessLogValve.java
b/test/org/apache/catalina/valves/TestAccessLogValve.java
index 6fcbbebe91..28881a63cc 100644
--- a/test/org/apache/catalina/valves/TestAccessLogValve.java
+++ b/test/org/apache/catalina/valves/TestAccessLogValve.java
@@ -56,7 +56,7 @@ public class TestAccessLogValve extends TomcatBaseTest {
// Requests can return in the client before log() has been called
private static final long SLEEP = 2;
-private static final long SLEEP_MAX = 100;
+private static final long SLEEP_MAX = 1000;
private static final String TEXT_TYPE = "text";
private static final String JSON_TYPE = "json";
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 8.5.x updated: Increase wait time - I am seeing test failures on local VMs.
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/8.5.x by this push:
new b6d3de5d5f Increase wait time - I am seeing test failures on local VMs.
b6d3de5d5f is described below
commit b6d3de5d5f5d7705e4b2b9a58ae3fbd9678b1d08
Author: Mark Thomas
AuthorDate: Fri May 5 15:44:48 2023 +0100
Increase wait time - I am seeing test failures on local VMs.
---
test/org/apache/catalina/valves/TestAccessLogValve.java | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/test/org/apache/catalina/valves/TestAccessLogValve.java
b/test/org/apache/catalina/valves/TestAccessLogValve.java
index f2e6196871..c270544310 100644
--- a/test/org/apache/catalina/valves/TestAccessLogValve.java
+++ b/test/org/apache/catalina/valves/TestAccessLogValve.java
@@ -54,7 +54,7 @@ public class TestAccessLogValve extends TomcatBaseTest {
// Requests can return in the client before log() has been called
private static final long SLEEP = 2;
-private static final long SLEEP_MAX = 100;
+private static final long SLEEP_MAX = 1000;
private static final String TEXT_TYPE = "text";
private static final String JSON_TYPE = "json";
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: [VOTE] Release Apache Tomcat 9.0.75
On 04/05/2023 15:20, Rémy Maucherat wrote: The proposed Apache Tomcat 9.0.75 release is now available for voting. The notable changes compared to 9.0.74 are: - Many improvements to the json access log valve. - Deprecate support for the HTTP Connector settings rejectIllegalHeader and allowHostHeaderMismatch. Along with lots of other bug fixes and improvements. For full details, see the changelog: https://nightlies.apache.org/tomcat/tomcat-9.0.x/docs/changelog.html It can be obtained from: https://dist.apache.org/repos/dist/dev/tomcat/tomcat-9/v9.0.75/ The Maven staging repo is: https://repository.apache.org/content/repositories/orgapachetomcat-1433 The tag is: https://github.com/apache/tomcat/tree/9.0.75 2f528c02a9b54cc210897f75492a2bb6eac326b5 The proposed 9.0.75 release is: [ ] -1, Broken - do not release [X] +1, Stable - go ahead and release as 9.0.75 Tests pass on Linux, Windows and MacOS (Intel and M1). I did see some intermittent test failures on Windows (which unlike the other tests run in a VM). I've increased the wait time to reduce the chances of that happening in the future. Mark - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Java 21, virtual threads and ThreadLocals
Hi all, I've started to review the use of ThreadLocal within the Tomcat code base given that using virtual threads will soon be an option. The first usage I came to raised a few questions. The usage is in ApplicationContext: https://github.com/apache/tomcat/blob/main/java/org/apache/catalina/core/ApplicationContext.java#L418 My first question - mostly for Rémy - is can you remember why this is a ThreadLocal. I admit that is a bit of an ask since the use of ThreadLocal dates back almost 20 years to this commit: https://svn.apache.org/viewvc/tomcat/archive/tc5.5.x/trunk/container/catalina/src/share/org/apache/catalina/core/ApplicationContext.java?r1=301883&r2=301884&; My guess, is that a ThreadLocal was used as a way to cache instances of MappingData and MessageBytes between requests - recycle and reuse rather than GC. Is that right? The second question is what do we want to do about usages such as this. With virtual threads the end result will be, effectively, a new object for every request. Do we: a) Leave the code as-is. It will work as currently with a thread pool and virtual threads will effectively create new objects for each request. b) Drop the ThreadLocal and always create new objects. c) Switch to some other form of caching. My starting point would be SynchropnizedStack. That may see some contention as it will be global rather than per thread. Then again, ThreadLocal some overhead too. Given these optimization decisions were made 20 years ago and JVMs, especially GC, have moved on since then, I'm leaning towards option b) with c) as the fall-back if performance issues are discovered. Thoughts? Mark - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 66593] Connector attribute allowHostHeaderMismatch=false fails to reject host header injection attacks
https://bz.apache.org/bugzilla/show_bug.cgi?id=66593
--- Comment #4 from alvaro ---
Hi,
I have another question...if you don't mind.
So in this scenario, I have the request line using the absolute path with a
conflicting host header. The response is 400 bad request from Tomcat, which
makes sense.
telnet myhostname.company.com 8143
GET http://myhostname.company.com/api/v1/endpoint HTTP/1.1
Host: facebook.com
If I set a valid host header now, then I would expect this to pass, which is
does. So all is good.
telnet myhostname.company.com 8143
GET http://myhostname.company.com/api/v1/endpoint HTTP/1.1
Host: myhostname.company.com
telnet 1.1.1.1 8143
GET http://1.1.1.1/api/v1/endpoint HTTP/1.1
Host: 1.1.1.1
However, as soon as I define a port number in the host header then I get 400
bad requests.
telnet myhostname.company.com 8143
GET http://myhostname.company.com/api/v1/endpoint HTTP/1.1
Host: myhostname.company.com:8143
HTTP/1.1 400
Content-Type: text/html;charset=utf-8
Content-Language: en
Content-Length: 762
Date: Fri, 05 May 2023 15:27:09 GMT
Connection: close
HTTP Status 400 \u2013 Bad
Requestbody
{font-family:Tahoma,Arial,sans-serif;} h1, h2, h3, b
{color:white;background-color:#525D76;} h1 {font-size:22px;} h2
{font-size:16px;} h3 {font-size:14px;} p {font-size:12px;} a {color:black;}
.line
{height:1px;background-color:#525D76;border:none;}HTTP
Status 400 \u2013 Bad RequestType Status
ReportDescription The server cannot or will not process the
request due to something that is perceived to be a client error (e.g.,
malformed request syntax, invalid request message framing, or deceptive request
routing).Apache Tomcat/9.0.73
This looks like it should work, but it is not. Thoughts?
--
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch main updated: Remove unused constant
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/main by this push:
new bd25937d2a Remove unused constant
bd25937d2a is described below
commit bd25937d2a3a76d8044050629a24c1c566652d37
Author: Mark Thomas
AuthorDate: Fri May 5 16:39:52 2023 +0100
Remove unused constant
---
java/org/apache/coyote/http2/Constants.java | 4
1 file changed, 4 deletions(-)
diff --git a/java/org/apache/coyote/http2/Constants.java
b/java/org/apache/coyote/http2/Constants.java
index 26ddba1960..e697e73d52 100644
--- a/java/org/apache/coyote/http2/Constants.java
+++ b/java/org/apache/coyote/http2/Constants.java
@@ -18,10 +18,6 @@ package org.apache.coyote.http2;
public class Constants {
-// Range 0 to 7 inclusive
-public static final int URGENCY_RANGE = 8;
-
-
// Parsing
static final int DEFAULT_HEADER_READ_BUFFER_SIZE = 1024;
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch main updated: Clean-up, formatting. No functional change.
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/main by this push:
new c16e06575b Clean-up, formatting. No functional change.
c16e06575b is described below
commit c16e06575b52d9aa84dfbc63c0c9485c5a3a4a7b
Author: Mark Thomas
AuthorDate: Fri May 5 16:44:03 2023 +0100
Clean-up, formatting. No functional change.
Preparation before back-porting RFC 918 priorities.
---
.../coyote/http2/ConnectionSettingsBase.java | 10 -
.../coyote/http2/ConnectionSettingsLocal.java | 2 +-
java/org/apache/coyote/http2/HpackEncoder.java | 8 +++
java/org/apache/coyote/http2/Http2AsyncParser.java | 6 ++---
.../coyote/http2/Http2AsyncUpgradeHandler.java | 26 +++---
java/org/apache/coyote/http2/Http2Protocol.java| 4 ++--
.../apache/coyote/http2/Http2UpgradeHandler.java | 12 +-
java/org/apache/coyote/http2/Stream.java | 16 ++---
java/org/apache/coyote/http2/StreamProcessor.java | 15 +++--
9 files changed, 50 insertions(+), 49 deletions(-)
diff --git a/java/org/apache/coyote/http2/ConnectionSettingsBase.java
b/java/org/apache/coyote/http2/ConnectionSettingsBase.java
index 2fa4100f20..eea078417c 100644
--- a/java/org/apache/coyote/http2/ConnectionSettingsBase.java
+++ b/java/org/apache/coyote/http2/ConnectionSettingsBase.java
@@ -48,8 +48,8 @@ abstract class ConnectionSettingsBase {
// Defaults (defined by Tomcat)
static final long DEFAULT_NO_RFC7540_PRIORITIES = 1;
-Map current = new ConcurrentHashMap<>();
-Map pending = new ConcurrentHashMap<>();
+Map current = new ConcurrentHashMap<>();
+Map pending = new ConcurrentHashMap<>();
ConnectionSettingsBase(String connectionId) {
@@ -210,9 +210,9 @@ abstract class ConnectionSettingsBase {
private void validateMaxFrameSize(long maxFrameSize) throws T {
if (maxFrameSize < MIN_MAX_FRAME_SIZE || maxFrameSize >
MAX_MAX_FRAME_SIZE) {
-String msg =
sm.getString("connectionSettings.maxFrameSizeInvalid", connectionId,
-Long.toString(maxFrameSize),
Integer.toString(MIN_MAX_FRAME_SIZE),
-Integer.toString(MAX_MAX_FRAME_SIZE));
+String msg =
+sm.getString("connectionSettings.maxFrameSizeInvalid",
connectionId, Long.toString(maxFrameSize),
+Integer.toString(MIN_MAX_FRAME_SIZE),
Integer.toString(MAX_MAX_FRAME_SIZE));
throwException(msg, Http2Error.PROTOCOL_ERROR);
}
}
diff --git a/java/org/apache/coyote/http2/ConnectionSettingsLocal.java
b/java/org/apache/coyote/http2/ConnectionSettingsLocal.java
index 8fecf37136..372be80223 100644
--- a/java/org/apache/coyote/http2/ConnectionSettingsLocal.java
+++ b/java/org/apache/coyote/http2/ConnectionSettingsLocal.java
@@ -61,7 +61,7 @@ class ConnectionSettingsLocal extends
ConnectionSettingsBase setting : pending.entrySet()) {
+for (Map.Entry setting : pending.entrySet()) {
ByteUtil.setTwoBytes(result, pos, setting.getKey().getId());
pos += 2;
ByteUtil.setFourBytes(result, pos, setting.getValue().longValue());
diff --git a/java/org/apache/coyote/http2/HpackEncoder.java
b/java/org/apache/coyote/http2/HpackEncoder.java
index a6e92a97c9..79b2a8a771 100644
--- a/java/org/apache/coyote/http2/HpackEncoder.java
+++ b/java/org/apache/coyote/http2/HpackEncoder.java
@@ -76,14 +76,14 @@ class HpackEncoder {
private int newMaxHeaderSize = -1; // if the max header size has been
changed
private int minNewMaxHeaderSize = -1; // records the smallest value of
newMaxHeaderSize, as per section 4.1
-private static final Map ENCODING_STATIC_TABLE;
+private static final Map ENCODING_STATIC_TABLE;
private final Deque evictionQueue = new ArrayDeque<>();
-private final Map> dynamicTable = new
HashMap<>(); // TODO: use a custom data structure to
-
// reduce allocations
+private final Map> dynamicTable = new HashMap<>();
// TODO: use a custom data structure to
+
// reduce allocations
static {
-Map map = new HashMap<>();
+Map map = new HashMap<>();
for (int i = 1; i < Hpack.STATIC_TABLE.length; ++i) {
Hpack.HeaderField m = Hpack.STATIC_TABLE[i];
TableEntry[] existing = map.get(m.name);
diff --git a/java/org/apache/coyote/http2/Http2AsyncParser.java
b/java/org/apache/coyote/http2/Http2AsyncParser.java
index 57f1cc27c0..1965123bc4 100644
--- a/java/org/apache/coyote/http2/Http2AsyncParser.java
+++ b/java/org/apache/coyote/http2/Http2AsyncParser.java
@@ -52,8 +52,8 @@ class Http2AsyncParser extends Http2Parser {
[tomcat] branch main updated: Clean-up, formatting. No functional change.
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/main by this push:
new f1daf9d05e Clean-up, formatting. No functional change.
f1daf9d05e is described below
commit f1daf9d05e1a64bf5a89fb94743408d62c0899ff
Author: Mark Thomas
AuthorDate: Fri May 5 16:44:34 2023 +0100
Clean-up, formatting. No functional change.
Preparation before back-porting RFC 918 priorities.
---
.../tomcat/util/http/parser/Authorization.java | 21 +--
.../org/apache/tomcat/util/http/parser/Cookie.java | 50 +++--
.../apache/tomcat/util/http/parser/EntityTag.java | 10 +-
java/org/apache/tomcat/util/http/parser/Host.java | 12 +-
.../apache/tomcat/util/http/parser/HttpParser.java | 210 +
.../apache/tomcat/util/http/parser/MediaType.java | 6 +-
.../tomcat/util/http/parser/MediaTypeCache.java| 13 +-
.../tomcat/util/http/parser/StructuredField.java | 7 +-
.../apache/tomcat/util/http/parser/TokenList.java | 22 +--
.../apache/tomcat/util/http/parser/Upgrade.java| 2 +-
10 files changed, 150 insertions(+), 203 deletions(-)
diff --git a/java/org/apache/tomcat/util/http/parser/Authorization.java
b/java/org/apache/tomcat/util/http/parser/Authorization.java
index 8afba9bd1c..bb7b1a16e9 100644
--- a/java/org/apache/tomcat/util/http/parser/Authorization.java
+++ b/java/org/apache/tomcat/util/http/parser/Authorization.java
@@ -32,8 +32,8 @@ public class Authorization {
static {
// Digest field types.
// Note: These are more relaxed than RFC2617. This adheres to the
-// recommendation of RFC2616 that servers are tolerant of buggy
-// clients when they can be so without ambiguity.
+// recommendation of RFC2616 that servers are tolerant of buggy
+// clients when they can be so without ambiguity.
fieldTypes.put("username", FieldType.QUOTED_STRING);
fieldTypes.put("realm", FieldType.QUOTED_STRING);
fieldTypes.put("nonce", FieldType.QUOTED_STRING);
@@ -58,21 +58,18 @@ public class Authorization {
/**
- * Parses an HTTP Authorization header for DIGEST authentication as per RFC
- * 2617 section 3.2.2.
+ * Parses an HTTP Authorization header for DIGEST authentication as per
RFC 2617 section 3.2.2.
*
* @param input The header value to parse
*
- * @return A map of directives and values as {@link String}s or
- * null if a parsing error occurs. Although the
- * values returned are {@link String}s they will have been
- * validated to ensure that they conform to RFC 2617.
+ * @return A map of directives and values as {@link String}s or
null if a parsing error occurs.
+ * Although the values returned are {@link String}s they will
have been validated to ensure that they
+ * conform to RFC 2617.
*
- * @throws IllegalArgumentException If the header does not conform to RFC
- * 2617
- * @throws java.io.IOException If an error occurs while reading the input
+ * @throws IllegalArgumentException If the header does not conform to RFC
2617
+ * @throws java.io.IOException If an error occurs while reading the
input
*/
-public static Map parseAuthorizationDigest (StringReader
input)
+public static Map parseAuthorizationDigest(StringReader
input)
throws IllegalArgumentException, IOException {
Map result = new HashMap<>();
diff --git a/java/org/apache/tomcat/util/http/parser/Cookie.java
b/java/org/apache/tomcat/util/http/parser/Cookie.java
index 8b80543bf9..1a44e9e627 100644
--- a/java/org/apache/tomcat/util/http/parser/Cookie.java
+++ b/java/org/apache/tomcat/util/http/parser/Cookie.java
@@ -27,27 +27,28 @@ import org.apache.tomcat.util.res.StringManager;
/**
- * Cookie header parser based on RFC6265
- * The parsing of cookies using RFC6265 is more relaxed that the
- * specification in the following ways:
+ *
+ * Cookie header parser based on RFC6265
+ *
+ *
+ * The parsing of cookies using RFC6265 is more relaxed that the specification
in the following ways:
+ *
*
- * Values 0x80 to 0xFF are permitted in cookie-octet to support the use
of
- * UTF-8 in cookie values as used by HTML 5.
- * For cookies without a value, the '=' is not required after the name as
- * some browsers do not sent it.
+ * Values 0x80 to 0xFF are permitted in cookie-octet to support the use of
UTF-8 in cookie values as used by HTML
+ * 5.
+ * For cookies without a value, the '=' is not required after the name as
some browsers do not sent it.
*
- *
- * Implementation note:
- * This class has been carefully tuned. Before committing any changes, ensure
- * that the TesterCookiePerformance unit test continues to give
[tomcat] branch 10.1.x updated (87409a1d7e -> 15a1d0e0c4)
This is an automated email from the ASF dual-hosted git repository. markt pushed a change to branch 10.1.x in repository https://gitbox.apache.org/repos/asf/tomcat.git from 87409a1d7e Increase wait time - I am seeing test failures on local VMs. new 0574bf3096 Clean-up, formatting. No functional change. new 15a1d0e0c4 Clean-up, formatting. No functional change. The 2 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "add" were already present in the repository and have only been added to this reference. Summary of changes: .../coyote/http2/ConnectionSettingsBase.java | 10 +- .../coyote/http2/ConnectionSettingsLocal.java | 2 +- java/org/apache/coyote/http2/HpackEncoder.java | 8 +- java/org/apache/coyote/http2/Http2AsyncParser.java | 6 +- .../coyote/http2/Http2AsyncUpgradeHandler.java | 26 +-- java/org/apache/coyote/http2/Http2Protocol.java| 4 +- .../apache/coyote/http2/Http2UpgradeHandler.java | 12 +- java/org/apache/coyote/http2/Stream.java | 16 +- java/org/apache/coyote/http2/StreamProcessor.java | 15 +- .../tomcat/util/http/parser/Authorization.java | 21 +-- .../org/apache/tomcat/util/http/parser/Cookie.java | 48 +++-- .../apache/tomcat/util/http/parser/EntityTag.java | 10 +- java/org/apache/tomcat/util/http/parser/Host.java | 12 +- .../apache/tomcat/util/http/parser/HttpParser.java | 210 + .../apache/tomcat/util/http/parser/MediaType.java | 6 +- .../tomcat/util/http/parser/MediaTypeCache.java| 13 +- .../apache/tomcat/util/http/parser/TokenList.java | 22 +-- .../apache/tomcat/util/http/parser/Upgrade.java| 2 +- 18 files changed, 196 insertions(+), 247 deletions(-) - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] 02/02: Clean-up, formatting. No functional change.
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 10.1.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
commit 15a1d0e0c4fbfb3afe5d3c86f8f1dd8655c38499
Author: Mark Thomas
AuthorDate: Fri May 5 16:45:14 2023 +0100
Clean-up, formatting. No functional change.
Preparation before back-porting RFC 918 priorities.
---
.../tomcat/util/http/parser/Authorization.java | 21 +--
.../org/apache/tomcat/util/http/parser/Cookie.java | 48 +++--
.../apache/tomcat/util/http/parser/EntityTag.java | 10 +-
java/org/apache/tomcat/util/http/parser/Host.java | 12 +-
.../apache/tomcat/util/http/parser/HttpParser.java | 210 +
.../apache/tomcat/util/http/parser/MediaType.java | 6 +-
.../tomcat/util/http/parser/MediaTypeCache.java| 13 +-
.../apache/tomcat/util/http/parser/TokenList.java | 22 +--
.../apache/tomcat/util/http/parser/Upgrade.java| 2 +-
9 files changed, 146 insertions(+), 198 deletions(-)
diff --git a/java/org/apache/tomcat/util/http/parser/Authorization.java
b/java/org/apache/tomcat/util/http/parser/Authorization.java
index 8afba9bd1c..bb7b1a16e9 100644
--- a/java/org/apache/tomcat/util/http/parser/Authorization.java
+++ b/java/org/apache/tomcat/util/http/parser/Authorization.java
@@ -32,8 +32,8 @@ public class Authorization {
static {
// Digest field types.
// Note: These are more relaxed than RFC2617. This adheres to the
-// recommendation of RFC2616 that servers are tolerant of buggy
-// clients when they can be so without ambiguity.
+// recommendation of RFC2616 that servers are tolerant of buggy
+// clients when they can be so without ambiguity.
fieldTypes.put("username", FieldType.QUOTED_STRING);
fieldTypes.put("realm", FieldType.QUOTED_STRING);
fieldTypes.put("nonce", FieldType.QUOTED_STRING);
@@ -58,21 +58,18 @@ public class Authorization {
/**
- * Parses an HTTP Authorization header for DIGEST authentication as per RFC
- * 2617 section 3.2.2.
+ * Parses an HTTP Authorization header for DIGEST authentication as per
RFC 2617 section 3.2.2.
*
* @param input The header value to parse
*
- * @return A map of directives and values as {@link String}s or
- * null if a parsing error occurs. Although the
- * values returned are {@link String}s they will have been
- * validated to ensure that they conform to RFC 2617.
+ * @return A map of directives and values as {@link String}s or
null if a parsing error occurs.
+ * Although the values returned are {@link String}s they will
have been validated to ensure that they
+ * conform to RFC 2617.
*
- * @throws IllegalArgumentException If the header does not conform to RFC
- * 2617
- * @throws java.io.IOException If an error occurs while reading the input
+ * @throws IllegalArgumentException If the header does not conform to RFC
2617
+ * @throws java.io.IOException If an error occurs while reading the
input
*/
-public static Map parseAuthorizationDigest (StringReader
input)
+public static Map parseAuthorizationDigest(StringReader
input)
throws IllegalArgumentException, IOException {
Map result = new HashMap<>();
diff --git a/java/org/apache/tomcat/util/http/parser/Cookie.java
b/java/org/apache/tomcat/util/http/parser/Cookie.java
index 7a0310ceaf..63b30d76c7 100644
--- a/java/org/apache/tomcat/util/http/parser/Cookie.java
+++ b/java/org/apache/tomcat/util/http/parser/Cookie.java
@@ -27,27 +27,28 @@ import org.apache.tomcat.util.res.StringManager;
/**
- * Cookie header parser based on RFC6265
- * The parsing of cookies using RFC6265 is more relaxed that the
- * specification in the following ways:
+ *
+ * Cookie header parser based on RFC6265
+ *
+ *
+ * The parsing of cookies using RFC6265 is more relaxed that the specification
in the following ways:
+ *
*
- * Values 0x80 to 0xFF are permitted in cookie-octet to support the use
of
- * UTF-8 in cookie values as used by HTML 5.
- * For cookies without a value, the '=' is not required after the name as
- * some browsers do not sent it.
+ * Values 0x80 to 0xFF are permitted in cookie-octet to support the use of
UTF-8 in cookie values as used by HTML
+ * 5.
+ * For cookies without a value, the '=' is not required after the name as
some browsers do not sent it.
*
- *
- * Implementation note:
- * This class has been carefully tuned. Before committing any changes, ensure
- * that the TesterCookiePerformance unit test continues to give results within
- * 1% for the old and new parsers.
+ *
+ * Implementation note:
+ * This class has been carefully tuned. Before committing any changes, ensure
that the TesterCookiePerformance unit test
+ * continues to giv
[tomcat] 01/02: Clean-up, formatting. No functional change.
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 10.1.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
commit 0574bf30963e2ff582694e006ca598a9bb15512c
Author: Mark Thomas
AuthorDate: Fri May 5 16:44:52 2023 +0100
Clean-up, formatting. No functional change.
Preparation before back-porting RFC 918 priorities.
---
.../coyote/http2/ConnectionSettingsBase.java | 10 -
.../coyote/http2/ConnectionSettingsLocal.java | 2 +-
java/org/apache/coyote/http2/HpackEncoder.java | 8 +++
java/org/apache/coyote/http2/Http2AsyncParser.java | 6 ++---
.../coyote/http2/Http2AsyncUpgradeHandler.java | 26 +++---
java/org/apache/coyote/http2/Http2Protocol.java| 4 ++--
.../apache/coyote/http2/Http2UpgradeHandler.java | 12 +-
java/org/apache/coyote/http2/Stream.java | 16 ++---
java/org/apache/coyote/http2/StreamProcessor.java | 15 +++--
9 files changed, 50 insertions(+), 49 deletions(-)
diff --git a/java/org/apache/coyote/http2/ConnectionSettingsBase.java
b/java/org/apache/coyote/http2/ConnectionSettingsBase.java
index a8e9879a46..8d894b1992 100644
--- a/java/org/apache/coyote/http2/ConnectionSettingsBase.java
+++ b/java/org/apache/coyote/http2/ConnectionSettingsBase.java
@@ -45,8 +45,8 @@ abstract class ConnectionSettingsBase {
static final int DEFAULT_MAX_FRAME_SIZE = MIN_MAX_FRAME_SIZE;
static final long DEFAULT_MAX_HEADER_LIST_SIZE = 1 << 15;
-Map current = new ConcurrentHashMap<>();
-Map pending = new ConcurrentHashMap<>();
+Map current = new ConcurrentHashMap<>();
+Map pending = new ConcurrentHashMap<>();
ConnectionSettingsBase(String connectionId) {
@@ -203,9 +203,9 @@ abstract class ConnectionSettingsBase {
private void validateMaxFrameSize(long maxFrameSize) throws T {
if (maxFrameSize < MIN_MAX_FRAME_SIZE || maxFrameSize >
MAX_MAX_FRAME_SIZE) {
-String msg =
sm.getString("connectionSettings.maxFrameSizeInvalid", connectionId,
-Long.toString(maxFrameSize),
Integer.toString(MIN_MAX_FRAME_SIZE),
-Integer.toString(MAX_MAX_FRAME_SIZE));
+String msg =
+sm.getString("connectionSettings.maxFrameSizeInvalid",
connectionId, Long.toString(maxFrameSize),
+Integer.toString(MIN_MAX_FRAME_SIZE),
Integer.toString(MAX_MAX_FRAME_SIZE));
throwException(msg, Http2Error.PROTOCOL_ERROR);
}
}
diff --git a/java/org/apache/coyote/http2/ConnectionSettingsLocal.java
b/java/org/apache/coyote/http2/ConnectionSettingsLocal.java
index 8fecf37136..372be80223 100644
--- a/java/org/apache/coyote/http2/ConnectionSettingsLocal.java
+++ b/java/org/apache/coyote/http2/ConnectionSettingsLocal.java
@@ -61,7 +61,7 @@ class ConnectionSettingsLocal extends
ConnectionSettingsBase setting : pending.entrySet()) {
+for (Map.Entry setting : pending.entrySet()) {
ByteUtil.setTwoBytes(result, pos, setting.getKey().getId());
pos += 2;
ByteUtil.setFourBytes(result, pos, setting.getValue().longValue());
diff --git a/java/org/apache/coyote/http2/HpackEncoder.java
b/java/org/apache/coyote/http2/HpackEncoder.java
index a6e92a97c9..79b2a8a771 100644
--- a/java/org/apache/coyote/http2/HpackEncoder.java
+++ b/java/org/apache/coyote/http2/HpackEncoder.java
@@ -76,14 +76,14 @@ class HpackEncoder {
private int newMaxHeaderSize = -1; // if the max header size has been
changed
private int minNewMaxHeaderSize = -1; // records the smallest value of
newMaxHeaderSize, as per section 4.1
-private static final Map ENCODING_STATIC_TABLE;
+private static final Map ENCODING_STATIC_TABLE;
private final Deque evictionQueue = new ArrayDeque<>();
-private final Map> dynamicTable = new
HashMap<>(); // TODO: use a custom data structure to
-
// reduce allocations
+private final Map> dynamicTable = new HashMap<>();
// TODO: use a custom data structure to
+
// reduce allocations
static {
-Map map = new HashMap<>();
+Map map = new HashMap<>();
for (int i = 1; i < Hpack.STATIC_TABLE.length; ++i) {
Hpack.HeaderField m = Hpack.STATIC_TABLE[i];
TableEntry[] existing = map.get(m.name);
diff --git a/java/org/apache/coyote/http2/Http2AsyncParser.java
b/java/org/apache/coyote/http2/Http2AsyncParser.java
index ec59e19833..23e5cf9d99 100644
--- a/java/org/apache/coyote/http2/Http2AsyncParser.java
+++ b/java/org/apache/coyote/http2/Http2AsyncParser.java
@@ -52,8 +52,8 @@ class Http2AsyncParser extends Http2Parser {
ByteBuffer preface = ByteBuffer.wrap(prefaceData);
ByteBuffer header = ByteBuffer.allocate(9);
ByteBu
[tomcat] branch 9.0.x updated: Clean-up, formatting. No functional change.
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/9.0.x by this push:
new b3370f5e29 Clean-up, formatting. No functional change.
b3370f5e29 is described below
commit b3370f5e29083d1cfa00cfdc9b206eec35508d99
Author: Mark Thomas
AuthorDate: Fri May 5 16:45:36 2023 +0100
Clean-up, formatting. No functional change.
Preparation before back-porting RFC 918 priorities.
---
.../coyote/http2/ConnectionSettingsBase.java | 10 -
.../coyote/http2/ConnectionSettingsLocal.java | 2 +-
java/org/apache/coyote/http2/HpackEncoder.java | 8 +++
java/org/apache/coyote/http2/Http2AsyncParser.java | 6 ++---
.../coyote/http2/Http2AsyncUpgradeHandler.java | 26 +++---
java/org/apache/coyote/http2/Http2Protocol.java| 4 ++--
.../apache/coyote/http2/Http2UpgradeHandler.java | 12 +-
java/org/apache/coyote/http2/Stream.java | 16 ++---
java/org/apache/coyote/http2/StreamProcessor.java | 15 +++--
9 files changed, 50 insertions(+), 49 deletions(-)
diff --git a/java/org/apache/coyote/http2/ConnectionSettingsBase.java
b/java/org/apache/coyote/http2/ConnectionSettingsBase.java
index a8e9879a46..8d894b1992 100644
--- a/java/org/apache/coyote/http2/ConnectionSettingsBase.java
+++ b/java/org/apache/coyote/http2/ConnectionSettingsBase.java
@@ -45,8 +45,8 @@ abstract class ConnectionSettingsBase {
static final int DEFAULT_MAX_FRAME_SIZE = MIN_MAX_FRAME_SIZE;
static final long DEFAULT_MAX_HEADER_LIST_SIZE = 1 << 15;
-Map current = new ConcurrentHashMap<>();
-Map pending = new ConcurrentHashMap<>();
+Map current = new ConcurrentHashMap<>();
+Map pending = new ConcurrentHashMap<>();
ConnectionSettingsBase(String connectionId) {
@@ -203,9 +203,9 @@ abstract class ConnectionSettingsBase {
private void validateMaxFrameSize(long maxFrameSize) throws T {
if (maxFrameSize < MIN_MAX_FRAME_SIZE || maxFrameSize >
MAX_MAX_FRAME_SIZE) {
-String msg =
sm.getString("connectionSettings.maxFrameSizeInvalid", connectionId,
-Long.toString(maxFrameSize),
Integer.toString(MIN_MAX_FRAME_SIZE),
-Integer.toString(MAX_MAX_FRAME_SIZE));
+String msg =
+sm.getString("connectionSettings.maxFrameSizeInvalid",
connectionId, Long.toString(maxFrameSize),
+Integer.toString(MIN_MAX_FRAME_SIZE),
Integer.toString(MAX_MAX_FRAME_SIZE));
throwException(msg, Http2Error.PROTOCOL_ERROR);
}
}
diff --git a/java/org/apache/coyote/http2/ConnectionSettingsLocal.java
b/java/org/apache/coyote/http2/ConnectionSettingsLocal.java
index 8fecf37136..372be80223 100644
--- a/java/org/apache/coyote/http2/ConnectionSettingsLocal.java
+++ b/java/org/apache/coyote/http2/ConnectionSettingsLocal.java
@@ -61,7 +61,7 @@ class ConnectionSettingsLocal extends
ConnectionSettingsBase setting : pending.entrySet()) {
+for (Map.Entry setting : pending.entrySet()) {
ByteUtil.setTwoBytes(result, pos, setting.getKey().getId());
pos += 2;
ByteUtil.setFourBytes(result, pos, setting.getValue().longValue());
diff --git a/java/org/apache/coyote/http2/HpackEncoder.java
b/java/org/apache/coyote/http2/HpackEncoder.java
index a6e92a97c9..79b2a8a771 100644
--- a/java/org/apache/coyote/http2/HpackEncoder.java
+++ b/java/org/apache/coyote/http2/HpackEncoder.java
@@ -76,14 +76,14 @@ class HpackEncoder {
private int newMaxHeaderSize = -1; // if the max header size has been
changed
private int minNewMaxHeaderSize = -1; // records the smallest value of
newMaxHeaderSize, as per section 4.1
-private static final Map ENCODING_STATIC_TABLE;
+private static final Map ENCODING_STATIC_TABLE;
private final Deque evictionQueue = new ArrayDeque<>();
-private final Map> dynamicTable = new
HashMap<>(); // TODO: use a custom data structure to
-
// reduce allocations
+private final Map> dynamicTable = new HashMap<>();
// TODO: use a custom data structure to
+
// reduce allocations
static {
-Map map = new HashMap<>();
+Map map = new HashMap<>();
for (int i = 1; i < Hpack.STATIC_TABLE.length; ++i) {
Hpack.HeaderField m = Hpack.STATIC_TABLE[i];
TableEntry[] existing = map.get(m.name);
diff --git a/java/org/apache/coyote/http2/Http2AsyncParser.java
b/java/org/apache/coyote/http2/Http2AsyncParser.java
index c4c3834e89..67179bc672 100644
--- a/java/org/apache/coyote/http2/Http2AsyncParser.java
+++ b/java/org/apache/coyote/http2/Http2AsyncParser.java
@@ -52,8 +52,8 @@ class Htt
[tomcat] branch 9.0.x updated: Clean-up, formatting. No functional change.
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/9.0.x by this push:
new 832cf68fa8 Clean-up, formatting. No functional change.
832cf68fa8 is described below
commit 832cf68fa8afaa65007c3035d012d3c8f234a20a
Author: Mark Thomas
AuthorDate: Fri May 5 16:45:54 2023 +0100
Clean-up, formatting. No functional change.
Preparation before back-porting RFC 918 priorities.
---
.../tomcat/util/http/parser/Authorization.java | 21 +--
.../org/apache/tomcat/util/http/parser/Cookie.java | 75
.../apache/tomcat/util/http/parser/EntityTag.java | 10 +-
java/org/apache/tomcat/util/http/parser/Host.java | 12 +-
.../apache/tomcat/util/http/parser/HttpParser.java | 210 +
.../apache/tomcat/util/http/parser/MediaType.java | 6 +-
.../tomcat/util/http/parser/MediaTypeCache.java| 13 +-
.../apache/tomcat/util/http/parser/TokenList.java | 22 +--
.../apache/tomcat/util/http/parser/Upgrade.java| 2 +-
java/org/apache/tomcat/util/http/parser/Vary.java | 2 +-
10 files changed, 160 insertions(+), 213 deletions(-)
diff --git a/java/org/apache/tomcat/util/http/parser/Authorization.java
b/java/org/apache/tomcat/util/http/parser/Authorization.java
index 8afba9bd1c..bb7b1a16e9 100644
--- a/java/org/apache/tomcat/util/http/parser/Authorization.java
+++ b/java/org/apache/tomcat/util/http/parser/Authorization.java
@@ -32,8 +32,8 @@ public class Authorization {
static {
// Digest field types.
// Note: These are more relaxed than RFC2617. This adheres to the
-// recommendation of RFC2616 that servers are tolerant of buggy
-// clients when they can be so without ambiguity.
+// recommendation of RFC2616 that servers are tolerant of buggy
+// clients when they can be so without ambiguity.
fieldTypes.put("username", FieldType.QUOTED_STRING);
fieldTypes.put("realm", FieldType.QUOTED_STRING);
fieldTypes.put("nonce", FieldType.QUOTED_STRING);
@@ -58,21 +58,18 @@ public class Authorization {
/**
- * Parses an HTTP Authorization header for DIGEST authentication as per RFC
- * 2617 section 3.2.2.
+ * Parses an HTTP Authorization header for DIGEST authentication as per
RFC 2617 section 3.2.2.
*
* @param input The header value to parse
*
- * @return A map of directives and values as {@link String}s or
- * null if a parsing error occurs. Although the
- * values returned are {@link String}s they will have been
- * validated to ensure that they conform to RFC 2617.
+ * @return A map of directives and values as {@link String}s or
null if a parsing error occurs.
+ * Although the values returned are {@link String}s they will
have been validated to ensure that they
+ * conform to RFC 2617.
*
- * @throws IllegalArgumentException If the header does not conform to RFC
- * 2617
- * @throws java.io.IOException If an error occurs while reading the input
+ * @throws IllegalArgumentException If the header does not conform to RFC
2617
+ * @throws java.io.IOException If an error occurs while reading the
input
*/
-public static Map parseAuthorizationDigest (StringReader
input)
+public static Map parseAuthorizationDigest(StringReader
input)
throws IllegalArgumentException, IOException {
Map result = new HashMap<>();
diff --git a/java/org/apache/tomcat/util/http/parser/Cookie.java
b/java/org/apache/tomcat/util/http/parser/Cookie.java
index a8689423c9..932698823a 100644
--- a/java/org/apache/tomcat/util/http/parser/Cookie.java
+++ b/java/org/apache/tomcat/util/http/parser/Cookie.java
@@ -27,35 +27,37 @@ import org.apache.tomcat.util.res.StringManager;
/**
- * Cookie header parser based on RFC6265 and RFC2109.
- * The parsing of cookies using RFC6265 is more relaxed that the
- * specification in the following ways:
+ *
+ * Cookie header parser based on RFC6265 and RFC2109.
+ *
+ *
+ * The parsing of cookies using RFC6265 is more relaxed that the specification
in the following ways:
+ *
*
- * Values 0x80 to 0xFF are permitted in cookie-octet to support the use
of
- * UTF-8 in cookie values as used by HTML 5.
- * For cookies without a value, the '=' is not required after the name as
- * some browsers do not sent it.
+ * Values 0x80 to 0xFF are permitted in cookie-octet to support the use of
UTF-8 in cookie values as used by HTML
+ * 5.
+ * For cookies without a value, the '=' is not required after the name as
some browsers do not sent it.
*
- * The parsing of cookies using RFC2109 is more relaxed that the
- * specification in the following ways:
+ *
+ * The parsing of cookies usi
[tomcat] branch 8.5.x updated: Clean-up, formatting. No functional change.
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/8.5.x by this push:
new db76f15c93 Clean-up, formatting. No functional change.
db76f15c93 is described below
commit db76f15c93c6fcdfa86bcc3f70c14177967e9f01
Author: Mark Thomas
AuthorDate: Fri May 5 16:46:12 2023 +0100
Clean-up, formatting. No functional change.
Preparation before back-porting RFC 918 priorities.
---
java/org/apache/coyote/http2/AbstractStream.java | 4 ++--
java/org/apache/coyote/http2/ConnectionSettingsBase.java | 10 +-
.../org/apache/coyote/http2/ConnectionSettingsLocal.java | 2 +-
java/org/apache/coyote/http2/HpackEncoder.java | 8
java/org/apache/coyote/http2/Http2Protocol.java | 2 +-
java/org/apache/coyote/http2/Http2UpgradeHandler.java| 16
java/org/apache/coyote/http2/Stream.java | 10 +-
java/org/apache/coyote/http2/StreamProcessor.java| 6 +++---
8 files changed, 29 insertions(+), 29 deletions(-)
diff --git a/java/org/apache/coyote/http2/AbstractStream.java
b/java/org/apache/coyote/http2/AbstractStream.java
index 2da3a63fb5..0cc5dc3e2a 100644
--- a/java/org/apache/coyote/http2/AbstractStream.java
+++ b/java/org/apache/coyote/http2/AbstractStream.java
@@ -37,8 +37,8 @@ abstract class AbstractStream {
private final String idAsString;
private volatile AbstractStream parentStream = null;
-private final Set childStreams = Collections
-.newSetFromMap(new ConcurrentHashMap());
+private final Set childStreams =
+Collections.newSetFromMap(new
ConcurrentHashMap());
private long windowSize =
ConnectionSettingsBase.DEFAULT_INITIAL_WINDOW_SIZE;
private volatile int connectionAllocationRequested = 0;
diff --git a/java/org/apache/coyote/http2/ConnectionSettingsBase.java
b/java/org/apache/coyote/http2/ConnectionSettingsBase.java
index 8860a1fead..af1128be2b 100644
--- a/java/org/apache/coyote/http2/ConnectionSettingsBase.java
+++ b/java/org/apache/coyote/http2/ConnectionSettingsBase.java
@@ -45,8 +45,8 @@ abstract class ConnectionSettingsBase {
static final int DEFAULT_MAX_FRAME_SIZE = MIN_MAX_FRAME_SIZE;
static final long DEFAULT_MAX_HEADER_LIST_SIZE = 1 << 15;
-Map current = new ConcurrentHashMap<>();
-Map pending = new ConcurrentHashMap<>();
+Map current = new ConcurrentHashMap<>();
+Map pending = new ConcurrentHashMap<>();
ConnectionSettingsBase(String connectionId) {
@@ -203,9 +203,9 @@ abstract class ConnectionSettingsBase {
private void validateMaxFrameSize(long maxFrameSize) throws T {
if (maxFrameSize < MIN_MAX_FRAME_SIZE || maxFrameSize >
MAX_MAX_FRAME_SIZE) {
-String msg =
sm.getString("connectionSettings.maxFrameSizeInvalid", connectionId,
-Long.toString(maxFrameSize),
Integer.toString(MIN_MAX_FRAME_SIZE),
-Integer.toString(MAX_MAX_FRAME_SIZE));
+String msg =
+sm.getString("connectionSettings.maxFrameSizeInvalid",
connectionId, Long.toString(maxFrameSize),
+Integer.toString(MIN_MAX_FRAME_SIZE),
Integer.toString(MAX_MAX_FRAME_SIZE));
throwException(msg, Http2Error.PROTOCOL_ERROR);
}
}
diff --git a/java/org/apache/coyote/http2/ConnectionSettingsLocal.java
b/java/org/apache/coyote/http2/ConnectionSettingsLocal.java
index 8fecf37136..372be80223 100644
--- a/java/org/apache/coyote/http2/ConnectionSettingsLocal.java
+++ b/java/org/apache/coyote/http2/ConnectionSettingsLocal.java
@@ -61,7 +61,7 @@ class ConnectionSettingsLocal extends
ConnectionSettingsBase setting : pending.entrySet()) {
+for (Map.Entry setting : pending.entrySet()) {
ByteUtil.setTwoBytes(result, pos, setting.getKey().getId());
pos += 2;
ByteUtil.setFourBytes(result, pos, setting.getValue().longValue());
diff --git a/java/org/apache/coyote/http2/HpackEncoder.java
b/java/org/apache/coyote/http2/HpackEncoder.java
index 4b51fbe8a6..34f90e70f9 100644
--- a/java/org/apache/coyote/http2/HpackEncoder.java
+++ b/java/org/apache/coyote/http2/HpackEncoder.java
@@ -76,14 +76,14 @@ class HpackEncoder {
private int newMaxHeaderSize = -1; // if the max header size has been
changed
private int minNewMaxHeaderSize = -1; // records the smallest value of
newMaxHeaderSize, as per section 4.1
-private static final Map ENCODING_STATIC_TABLE;
+private static final Map ENCODING_STATIC_TABLE;
private final Deque evictionQueue = new ArrayDeque<>();
-private final Map> dynamicTable = new
HashMap<>(); // TODO: use a custom data structure to
-
// reduce allocations
+private final Map> dynamicT
[tomcat] branch 8.5.x updated: Clean-up, formatting. No functional change.
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/8.5.x by this push:
new 686b81d849 Clean-up, formatting. No functional change.
686b81d849 is described below
commit 686b81d84933d85cf7be5676e0828c0554c0b9c8
Author: Mark Thomas
AuthorDate: Fri May 5 16:46:36 2023 +0100
Clean-up, formatting. No functional change.
Preparation before back-porting RFC 9218 priorities.
---
.../tomcat/util/http/parser/Authorization.java | 21 +-
.../org/apache/tomcat/util/http/parser/Cookie.java | 75
.../apache/tomcat/util/http/parser/EntityTag.java | 10 +-
java/org/apache/tomcat/util/http/parser/Host.java | 12 +-
.../apache/tomcat/util/http/parser/HttpParser.java | 213 +
.../apache/tomcat/util/http/parser/MediaType.java | 6 +-
.../tomcat/util/http/parser/MediaTypeCache.java| 13 +-
.../apache/tomcat/util/http/parser/TokenList.java | 22 +--
.../apache/tomcat/util/http/parser/Upgrade.java| 2 +-
java/org/apache/tomcat/util/http/parser/Vary.java | 2 +-
10 files changed, 161 insertions(+), 215 deletions(-)
diff --git a/java/org/apache/tomcat/util/http/parser/Authorization.java
b/java/org/apache/tomcat/util/http/parser/Authorization.java
index 8afba9bd1c..bb7b1a16e9 100644
--- a/java/org/apache/tomcat/util/http/parser/Authorization.java
+++ b/java/org/apache/tomcat/util/http/parser/Authorization.java
@@ -32,8 +32,8 @@ public class Authorization {
static {
// Digest field types.
// Note: These are more relaxed than RFC2617. This adheres to the
-// recommendation of RFC2616 that servers are tolerant of buggy
-// clients when they can be so without ambiguity.
+// recommendation of RFC2616 that servers are tolerant of buggy
+// clients when they can be so without ambiguity.
fieldTypes.put("username", FieldType.QUOTED_STRING);
fieldTypes.put("realm", FieldType.QUOTED_STRING);
fieldTypes.put("nonce", FieldType.QUOTED_STRING);
@@ -58,21 +58,18 @@ public class Authorization {
/**
- * Parses an HTTP Authorization header for DIGEST authentication as per RFC
- * 2617 section 3.2.2.
+ * Parses an HTTP Authorization header for DIGEST authentication as per
RFC 2617 section 3.2.2.
*
* @param input The header value to parse
*
- * @return A map of directives and values as {@link String}s or
- * null if a parsing error occurs. Although the
- * values returned are {@link String}s they will have been
- * validated to ensure that they conform to RFC 2617.
+ * @return A map of directives and values as {@link String}s or
null if a parsing error occurs.
+ * Although the values returned are {@link String}s they will
have been validated to ensure that they
+ * conform to RFC 2617.
*
- * @throws IllegalArgumentException If the header does not conform to RFC
- * 2617
- * @throws java.io.IOException If an error occurs while reading the input
+ * @throws IllegalArgumentException If the header does not conform to RFC
2617
+ * @throws java.io.IOException If an error occurs while reading the
input
*/
-public static Map parseAuthorizationDigest (StringReader
input)
+public static Map parseAuthorizationDigest(StringReader
input)
throws IllegalArgumentException, IOException {
Map result = new HashMap<>();
diff --git a/java/org/apache/tomcat/util/http/parser/Cookie.java
b/java/org/apache/tomcat/util/http/parser/Cookie.java
index 0ed7a7a3dc..33809739ed 100644
--- a/java/org/apache/tomcat/util/http/parser/Cookie.java
+++ b/java/org/apache/tomcat/util/http/parser/Cookie.java
@@ -27,35 +27,37 @@ import org.apache.tomcat.util.res.StringManager;
/**
- * Cookie header parser based on RFC6265 and RFC2109.
- * The parsing of cookies using RFC6265 is more relaxed that the
- * specification in the following ways:
+ *
+ * Cookie header parser based on RFC6265 and RFC2109.
+ *
+ *
+ * The parsing of cookies using RFC6265 is more relaxed that the specification
in the following ways:
+ *
*
- * Values 0x80 to 0xFF are permitted in cookie-octet to support the use
of
- * UTF-8 in cookie values as used by HTML 5.
- * For cookies without a value, the '=' is not required after the name as
- * some browsers do not sent it.
+ * Values 0x80 to 0xFF are permitted in cookie-octet to support the use of
UTF-8 in cookie values as used by HTML
+ * 5.
+ * For cookies without a value, the '=' is not required after the name as
some browsers do not sent it.
*
- * The parsing of cookies using RFC2109 is more relaxed that the
- * specification in the following ways:
+ *
+ * The parsing of cookies usi
[Bug 66593] Connector attribute allowHostHeaderMismatch=false fails to reject host header injection attacks
https://bz.apache.org/bugzilla/show_bug.cgi?id=66593 --- Comment #5 from Mark Thomas --- Bugzilla is NOT a support forum. Please do as you have been asked and post to the users mailing list. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch main updated: Fix typo
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/main by this push:
new d7411fb2a8 Fix typo
d7411fb2a8 is described below
commit d7411fb2a8448e09ae702946800535775870379f
Author: Mark Thomas
AuthorDate: Fri May 5 16:54:41 2023 +0100
Fix typo
---
.../org/apache/tomcat/util/http/parser/TesterHttpWgStructuredField.java | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git
a/test/org/apache/tomcat/util/http/parser/TesterHttpWgStructuredField.java
b/test/org/apache/tomcat/util/http/parser/TesterHttpWgStructuredField.java
index 794d180934..1c86dd51cb 100644
--- a/test/org/apache/tomcat/util/http/parser/TesterHttpWgStructuredField.java
+++ b/test/org/apache/tomcat/util/http/parser/TesterHttpWgStructuredField.java
@@ -30,7 +30,7 @@ import org.apache.tomcat.util.buf.StringUtils;
import org.apache.tomcat.util.json.JSONParser;
/*
- * Not run automatically (due to name) as if requires a local git clone of
+ * Not run automatically (due to name) as it requires a local git clone of
* https://github.com/httpwg/structured-field-tests
*/
public class TesterHttpWgStructuredField {
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: Workaround for misbehaving ClassLoader
Mark,
On 5/4/23 04:09, Mark Thomas wrote:
On 03/05/2023 20:02, Christopher Schultz wrote:
But my question is whether or not this is something that Tomcat should
be working-around. IMO the parent ClassLoader is buggy and should be
fixed, but it may be difficult or impossible to fix the parent, so it
may be worth it.
We could even log it including the class name of the offending
ClassLoader.
WDYT?
The general approach we have taken is that we don't work-around bugs in
third-party products unless:
- the third-party vendor is (known to be) slow to respond to bugs
- there is no other viable workaround (including switching vendors)
- the bug impacts a reasonable proportion of Tomcat users
The complexity of the workaround in Tomcat vs the severity of the issue
is also a consideration.
We also want to encourage adherence to the relevant specifications.
All of the above is subjective.
For commercial software, the general idea is to encourage users to put
pressure on vendors to fix the bugs rather than expect us to - just
because we are more responsive. This is especially true for commercial
organizations using commercial software where there should be a support
contract in place.
For open source software, the general idea is to encourage users to
engage with the project concerned. Open a bug, provide a PR, contribute
and support that project.
The GitHub project in question hasn't had any activity since 2017 and
the GitHub organization hasn't had any activity since 2019. There are no
forks of the project.
It looks like the code has never been released so I am assuming the OP
has compiled it locally.
The fix in Tomcat is simple, but so is the fix in the problematic library.
I think the initial position is that the OP needs to try and get this
fixed. Whether that means creating a fork (it is ALv2 so that is easy),
seeing if the CodeGerm team can be persuaded to accept a PR, finding an
alternative library or something else is up to the OP.
Given the options the OP has for addressing this - including a (private)
fork, I don't think this is something that should be fixed in Tomcat.
Fair enough.
I do think there is scope for slight optimization in this area as well.
My proposed patch was something like:
if(null == parentResources) {
return childResouces;
} else if(parentFirst) {
return new CombinedEnumeration(parentResources, childResources);
} else {
return new CombinedEnumeration(childResources, parentResources);
}
A simple change of:
if(null == parentResources || !parentResources.hasMoreElements()) {
return childResouces;
} ...
means fewer wrapper objects and code executing in the common case (the
webapp probably provides most of the interesting resources to itself,
and not from the parent classloader).
In the cases where we construct a new CombinedEnumeration, I would even
say that we should check to see if either enumeration is empty and try
not to create a new object unless it's even necessary.
-chris
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: Java 21, virtual threads and ThreadLocals
On Fri, May 5, 2023 at 5:28 PM Mark Thomas wrote: > > Hi all, > > I've started to review the use of ThreadLocal within the Tomcat code > base given that using virtual threads will soon be an option. > > The first usage I came to raised a few questions. The usage is in > ApplicationContext: > > https://github.com/apache/tomcat/blob/main/java/org/apache/catalina/core/ApplicationContext.java#L418 > > My first question - mostly for Rémy - is can you remember why this is a > ThreadLocal. I admit that is a bit of an ask since the use of > ThreadLocal dates back almost 20 years to this commit: > > https://svn.apache.org/viewvc/tomcat/archive/tc5.5.x/trunk/container/catalina/src/share/org/apache/catalina/core/ApplicationContext.java?r1=301883&r2=301884&; > > My guess, is that a ThreadLocal was used as a way to cache instances of > MappingData and MessageBytes between requests - recycle and reuse rather > than GC. Is that right? Yes, that's it. > The second question is what do we want to do about usages such as this. > With virtual threads the end result will be, effectively, a new object > for every request. Do we: > > a) Leave the code as-is. It will work as currently with a thread pool > and virtual threads will effectively create new objects for each request. > > b) Drop the ThreadLocal and always create new objects. > > c) Switch to some other form of caching. My starting point would be > SynchropnizedStack. That may see some contention as it will be global > rather than per thread. Then again, ThreadLocal some overhead too. > > Given these optimization decisions were made 20 years ago and JVMs, > especially GC, have moved on since then, I'm leaning towards option b) > with c) as the fall-back if performance issues are discovered. Usually, it's now a lot better to do b) if you want to drop a), and I would say c) is the worst. Rémy > > Thoughts? > > Mark > > - > To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org > For additional commands, e-mail: dev-h...@tomcat.apache.org > - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[GitHub] [tomcat] isapir merged pull request #607: Added RateLimitFilter
isapir merged PR #607: URL: https://github.com/apache/tomcat/pull/607 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] 01/01: Merge pull request #607 from apache/ratelimit-filter
This is an automated email from the ASF dual-hosted git repository. isapir pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/tomcat.git commit e2dd77b6d8d5c3f4ce6ec319873287e210793f46 Merge: d7411fb2a8 a69c081677 Author: Igal Sapir AuthorDate: Sat May 6 05:04:44 2023 +0300 Merge pull request #607 from apache/ratelimit-filter Added RateLimitFilter .../catalina/filters/LocalStrings.properties | 3 + .../apache/catalina/filters/RateLimitFilter.java | 227 + .../apache/catalina/util/TimeBucketCounter.java| 213 +++ .../catalina/filters/TestRateLimitFilter.java | 198 ++ .../catalina/util/TestTimeBucketCounter.java | 78 +++ webapps/docs/config/filter.xml | 126 6 files changed, 845 insertions(+) - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch main updated (d7411fb2a8 -> e2dd77b6d8)
This is an automated email from the ASF dual-hosted git repository. isapir pushed a change to branch main in repository https://gitbox.apache.org/repos/asf/tomcat.git from d7411fb2a8 Fix typo add fa0c65bed1 Added RateLimitFilter add 14db569d9c Updated RateLimitFilter Javadoc comment to address feedback add a69c081677 Addressed PR feedback and fixed Javadoc for RateLimitFilter new e2dd77b6d8 Merge pull request #607 from apache/ratelimit-filter The 1 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "add" were already present in the repository and have only been added to this reference. Summary of changes: .../catalina/filters/LocalStrings.properties | 3 + .../apache/catalina/filters/RateLimitFilter.java | 227 + .../apache/catalina/util/TimeBucketCounter.java| 213 +++ .../catalina/filters/TestRateLimitFilter.java | 198 ++ .../catalina/util/TestTimeBucketCounter.java | 78 +++ webapps/docs/config/filter.xml | 126 6 files changed, 845 insertions(+) create mode 100644 java/org/apache/catalina/filters/RateLimitFilter.java create mode 100644 java/org/apache/catalina/util/TimeBucketCounter.java create mode 100644 test/org/apache/catalina/filters/TestRateLimitFilter.java create mode 100644 test/org/apache/catalina/util/TestTimeBucketCounter.java - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: Java 21, virtual threads and ThreadLocals
Hi When it becomes virtual threads and Threadlocal to select with Virtual threads is great option To clarify more Cluster is no message between the nodes but synchronized the cluster Regards Koti On Fri, 5 May 2023, 20:58 Mark Thomas, wrote: > Hi all, > > I've started to review the use of ThreadLocal within the Tomcat code > base given that using virtual threads will soon be an option. > > The first usage I came to raised a few questions. The usage is in > ApplicationContext: > > > https://github.com/apache/tomcat/blob/main/java/org/apache/catalina/core/ApplicationContext.java#L418 > > My first question - mostly for Rémy - is can you remember why this is a > ThreadLocal. I admit that is a bit of an ask since the use of > ThreadLocal dates back almost 20 years to this commit: > > > https://svn.apache.org/viewvc/tomcat/archive/tc5.5.x/trunk/container/catalina/src/share/org/apache/catalina/core/ApplicationContext.java?r1=301883&r2=301884&; > > My guess, is that a ThreadLocal was used as a way to cache instances of > MappingData and MessageBytes between requests - recycle and reuse rather > than GC. Is that right? > > The second question is what do we want to do about usages such as this. > With virtual threads the end result will be, effectively, a new object > for every request. Do we: > > a) Leave the code as-is. It will work as currently with a thread pool > and virtual threads will effectively create new objects for each request. > > b) Drop the ThreadLocal and always create new objects. > > c) Switch to some other form of caching. My starting point would be > SynchropnizedStack. That may see some contention as it will be global > rather than per thread. Then again, ThreadLocal some overhead too. > > Given these optimization decisions were made 20 years ago and JVMs, > especially GC, have moved on since then, I'm leaning towards option b) > with c) as the fall-back if performance issues are discovered. > > Thoughts? > > Mark > > - > To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org > For additional commands, e-mail: dev-h...@tomcat.apache.org > >
[tomcat] branch 10.1.x updated: Added RateLimitFilter
This is an automated email from the ASF dual-hosted git repository.
isapir pushed a commit to branch 10.1.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/10.1.x by this push:
new e7fdd91265 Added RateLimitFilter
e7fdd91265 is described below
commit e7fdd91265e3d11000c6fe564024bfd345036085
Author: Igal Sapir
AuthorDate: Fri May 5 19:57:51 2023 -0700
Added RateLimitFilter
---
.../catalina/filters/LocalStrings.properties | 3 +
.../apache/catalina/filters/RateLimitFilter.java | 227 +
.../apache/catalina/util/TimeBucketCounter.java| 213 +++
.../catalina/filters/TestRateLimitFilter.java | 198 ++
.../catalina/util/TestTimeBucketCounter.java | 78 +++
webapps/docs/config/filter.xml | 126
6 files changed, 845 insertions(+)
diff --git a/java/org/apache/catalina/filters/LocalStrings.properties
b/java/org/apache/catalina/filters/LocalStrings.properties
index 31f7bd0acd..cd5a52366e 100644
--- a/java/org/apache/catalina/filters/LocalStrings.properties
+++ b/java/org/apache/catalina/filters/LocalStrings.properties
@@ -52,6 +52,9 @@ http.403=Access to the specified resource [{0}] has been
forbidden.
httpHeaderSecurityFilter.clickjack.invalid=An invalid value [{0}] was
specified for the anti click-jacking header
httpHeaderSecurityFilter.committed=Unable to add HTTP headers since response
is already committed on entry to the HTTP header security Filter
+rateLimitFilter.initialized=RateLimitFilter [{0}] initialized with [{1}]
requests per [{2}] seconds. Actual is [{3}] per [{4}] milliseconds. {5}.
+rateLimitFilter.maxRequestsExceeded=[{0}] [{1}] Requests from [{2}] have
exceeded the maximum allowed of [{3}] in a [{4}] second window.
+
remoteCidrFilter.invalid=Invalid configuration provided for [{0}]. See
previous messages for details.
remoteCidrFilter.noRemoteIp=Client does not have an IP address. Request denied.
diff --git a/java/org/apache/catalina/filters/RateLimitFilter.java
b/java/org/apache/catalina/filters/RateLimitFilter.java
new file mode 100644
index 00..2c2433f157
--- /dev/null
+++ b/java/org/apache/catalina/filters/RateLimitFilter.java
@@ -0,0 +1,227 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.catalina.filters;
+
+import jakarta.servlet.FilterChain;
+import jakarta.servlet.FilterConfig;
+import jakarta.servlet.GenericFilter;
+import jakarta.servlet.ServletException;
+import jakarta.servlet.ServletRequest;
+import jakarta.servlet.ServletResponse;
+import jakarta.servlet.http.HttpServletResponse;
+import org.apache.catalina.util.TimeBucketCounter;
+import org.apache.juli.logging.Log;
+import org.apache.juli.logging.LogFactory;
+import org.apache.tomcat.util.res.StringManager;
+
+import java.io.IOException;
+
+/**
+ * Servlet filter that can help mitigate Denial of Service
+ * (DoS) and Brute Force attacks by limiting the number of a requests that are
+ * allowed from a single IP address within a time window (also referred
+ * to as a time bucket), e.g. 300 Requests per 60 seconds.
+ *
+ * The filter works by incrementing a counter in a time bucket for each IP
+ * address, and if the counter exceeds the allowed limit then further requests
+ * from that IP are dropped with a "429 Too many requests" response
+ * until the bucket time ends and a new bucket starts.
+ *
+ * The filter is optimized for efficiency and low overhead, so it converts
+ * some configured values to more efficient values. For example, a
configuration
+ * of a 60 seconds time bucket is converted to 65.536 seconds. That allows
+ * for very fast bucket calculation using bit shift arithmetic. In order to
remain
+ * true to the user intent, the configured number of requests is then
multiplied
+ * by the same ratio, so a configuration of 100 Requests per 60 seconds, has
the
+ * real values of 109 Requests per 65 seconds.
+ *
+ * It is common to set up different restrictions for different URIs.
+ * For example, a login page or authentication script is typically expected
+ * to get far less requests than the rest of the application, so you
