[tomcat] branch main updated: Use final to clarify intent
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/main by this push: new afe824100b Use final to clarify intent afe824100b is described below commit afe824100b8d0e012104b35f15f99633e7df1a50 Author: Mark Thomas AuthorDate: Mon Sep 25 08:05:50 2023 +0100 Use final to clarify intent --- java/org/apache/catalina/ha/session/DeltaRequest.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/java/org/apache/catalina/ha/session/DeltaRequest.java b/java/org/apache/catalina/ha/session/DeltaRequest.java index db26be78ef..6f21d7f8b2 100644 --- a/java/org/apache/catalina/ha/session/DeltaRequest.java +++ b/java/org/apache/catalina/ha/session/DeltaRequest.java @@ -63,7 +63,7 @@ public class DeltaRequest implements Externalizable { public static final String NAME_LISTENER = "__SET__LISTENER__"; private String sessionId; -private Deque actions = new ArrayDeque<>(); +private final Deque actions = new ArrayDeque<>(); private final Deque actionPool = new ArrayDeque<>(); private boolean recordAllActions = false; - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 10.1.x updated: Use final to clarify intent
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch 10.1.x in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/10.1.x by this push: new c0ba8ce1aa Use final to clarify intent c0ba8ce1aa is described below commit c0ba8ce1aa6836eca1b24873c16bbe1d9cb1320a Author: Mark Thomas AuthorDate: Mon Sep 25 08:05:50 2023 +0100 Use final to clarify intent --- java/org/apache/catalina/ha/session/DeltaRequest.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/java/org/apache/catalina/ha/session/DeltaRequest.java b/java/org/apache/catalina/ha/session/DeltaRequest.java index db26be78ef..6f21d7f8b2 100644 --- a/java/org/apache/catalina/ha/session/DeltaRequest.java +++ b/java/org/apache/catalina/ha/session/DeltaRequest.java @@ -63,7 +63,7 @@ public class DeltaRequest implements Externalizable { public static final String NAME_LISTENER = "__SET__LISTENER__"; private String sessionId; -private Deque actions = new ArrayDeque<>(); +private final Deque actions = new ArrayDeque<>(); private final Deque actionPool = new ArrayDeque<>(); private boolean recordAllActions = false; - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 9.0.x updated: Use final to clarify intent
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch 9.0.x in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/9.0.x by this push: new 7695dda6ae Use final to clarify intent 7695dda6ae is described below commit 7695dda6ae514445bae168b1d827de16ea1818a3 Author: Mark Thomas AuthorDate: Mon Sep 25 08:05:50 2023 +0100 Use final to clarify intent --- java/org/apache/catalina/ha/session/DeltaRequest.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/java/org/apache/catalina/ha/session/DeltaRequest.java b/java/org/apache/catalina/ha/session/DeltaRequest.java index db26be78ef..6f21d7f8b2 100644 --- a/java/org/apache/catalina/ha/session/DeltaRequest.java +++ b/java/org/apache/catalina/ha/session/DeltaRequest.java @@ -63,7 +63,7 @@ public class DeltaRequest implements Externalizable { public static final String NAME_LISTENER = "__SET__LISTENER__"; private String sessionId; -private Deque actions = new ArrayDeque<>(); +private final Deque actions = new ArrayDeque<>(); private final Deque actionPool = new ArrayDeque<>(); private boolean recordAllActions = false; - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 8.5.x updated: Use final to clarify intent
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch 8.5.x in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/8.5.x by this push: new 176fc9096f Use final to clarify intent 176fc9096f is described below commit 176fc9096f42b4651235f3e7cc74abb60dbc2556 Author: Mark Thomas AuthorDate: Mon Sep 25 08:05:50 2023 +0100 Use final to clarify intent --- java/org/apache/catalina/ha/session/DeltaRequest.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/java/org/apache/catalina/ha/session/DeltaRequest.java b/java/org/apache/catalina/ha/session/DeltaRequest.java index db26be78ef..6f21d7f8b2 100644 --- a/java/org/apache/catalina/ha/session/DeltaRequest.java +++ b/java/org/apache/catalina/ha/session/DeltaRequest.java @@ -63,7 +63,7 @@ public class DeltaRequest implements Externalizable { public static final String NAME_LISTENER = "__SET__LISTENER__"; private String sessionId; -private Deque actions = new ArrayDeque<>(); +private final Deque actions = new ArrayDeque<>(); private final Deque actionPool = new ArrayDeque<>(); private boolean recordAllActions = false; - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Buildbot success in on tomcat-9.0.x
Build status: Build succeeded! Worker used: bb_worker2_ubuntu URL: https://ci2.apache.org/#builders/37/builds/702 Blamelist: Christopher Schultz , Mark Thomas Build Text: build successful Status Detected: restored build Build Source Stamp: [branch 9.0.x] 7695dda6ae514445bae168b1d827de16ea1818a3 Steps: worker_preparation: 0 git: 0 shell: 0 shell_1: 0 shell_2: 0 shell_3: 0 shell_4: 0 shell_5: 0 compile: 1 shell_6: 0 shell_7: 0 shell_8: 0 shell_9: 0 Rsync docs to nightlies.apache.org: 0 shell_10: 0 Rsync RAT to nightlies.apache.org: 0 compile_1: 1 shell_11: 0 Rsync Logs to nightlies.apache.org: 0 -- ASF Buildbot - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch main updated: Fix bad use of some remove while iterating
This is an automated email from the ASF dual-hosted git repository. remm pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/main by this push: new d54915ea20 Fix bad use of some remove while iterating d54915ea20 is described below commit d54915ea205659f76108d4cd11808a9f31892ca3 Author: remm AuthorDate: Mon Sep 25 14:19:00 2023 +0200 Fix bad use of some remove while iterating FairBlockingQueue was always handling it properly though. Also add a few missing syncs. Fix a couple of possible rare NPEs. Found by coverity. --- .../org/apache/tomcat/jdbc/pool/ConnectionPool.java | 20 +--- .../apache/tomcat/jdbc/pool/FairBlockingQueue.java | 8 +++- 2 files changed, 20 insertions(+), 8 deletions(-) diff --git a/modules/jdbc-pool/src/main/java/org/apache/tomcat/jdbc/pool/ConnectionPool.java b/modules/jdbc-pool/src/main/java/org/apache/tomcat/jdbc/pool/ConnectionPool.java index 9ea1757952..6cc23a7e7b 100644 --- a/modules/jdbc-pool/src/main/java/org/apache/tomcat/jdbc/pool/ConnectionPool.java +++ b/modules/jdbc-pool/src/main/java/org/apache/tomcat/jdbc/pool/ConnectionPool.java @@ -1090,7 +1090,7 @@ public class ConnectionPool { long time = con.getTimestamp(); long now = System.currentTimeMillis(); if (shouldAbandon() && (now - time) > con.getAbandonTimeout()) { -busy.remove(con); +locked.remove(); abandon(con); setToNull = true; } else if (sto > 0 && (now - time) > (sto * 1000L)) { @@ -1141,7 +1141,7 @@ public class ConnectionPool { if (shouldReleaseIdle(now, con, time)) { releasedIdleCount.incrementAndGet(); release(con); -idle.remove(con); +unlocked.remove(); setToNull = true; } else { //do nothing @@ -1205,7 +1205,7 @@ public class ConnectionPool { } if (release) { releasedIdleCount.incrementAndGet(); -idle.remove(con); +unlocked.remove(); release(con); } } finally { @@ -1460,7 +1460,9 @@ public class ConnectionPool { if (configured.compareAndSet(false, true)) { try { pc = borrowConnection(System.currentTimeMillis(),pc, null, null); -result = ConnectionPool.this.setupConnection(pc); +if (pc != null) { +result = ConnectionPool.this.setupConnection(pc); +} } catch (SQLException x) { cause = x; } finally { @@ -1502,7 +1504,9 @@ public class ConnectionPool { public void run() { try { Connection con = get(); //complete this future -con.close(); //return to the pool +if (con != null) { +con.close(); //return to the pool +} }catch (ExecutionException ex) { //we can ignore this }catch (Exception x) { @@ -1551,7 +1555,8 @@ public class ConnectionPool { } } -public static Set getPoolCleaners() { +// Testing use only +public static synchronized Set getPoolCleaners() { return Collections.unmodifiableSet(cleaners); } @@ -1559,7 +1564,8 @@ public class ConnectionPool { return poolVersion.get(); } -public static Timer getPoolTimer() { +// Testing use only +public static synchronized Timer getPoolTimer() { return poolCleanTimer; } diff --git a/modules/jdbc-pool/src/main/java/org/apache/tomcat/jdbc/pool/FairBlockingQueue.java b/modules/jdbc-pool/src/main/java/org/apache/tomcat/jdbc/pool/FairBlockingQueue.java index 80d90c2b69..6b23c1abe3 100644 --- a/modules/jdbc-pool/src/main/java/org/apache/tomcat/jdbc/pool/FairBlockingQueue.java +++ b/modules/jdbc-pool/src/main/java/org/apache/tomcat/jdbc/pool/FairBlockingQueue.java @@ -232,7 +232,13 @@ public class FairBlockingQueue implements BlockingQueue { @Override public int size() { -return items.size(); +final ReentrantLock lock = this.lock; +lock.lock(); +try { +return items.size(); +} finally { +lock.unlock(); +} } @Override - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 10.1.x updated: Fix bad use of some remove while iterating
This is an automated email from the ASF dual-hosted git repository. remm pushed a commit to branch 10.1.x in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/10.1.x by this push: new cf2c5f9762 Fix bad use of some remove while iterating cf2c5f9762 is described below commit cf2c5f9762883eccbfc926c5d858a99cecc77c03 Author: remm AuthorDate: Mon Sep 25 14:19:00 2023 +0200 Fix bad use of some remove while iterating FairBlockingQueue was always handling it properly though. Also add a few missing syncs. Fix a couple of possible rare NPEs. Found by coverity. --- .../org/apache/tomcat/jdbc/pool/ConnectionPool.java | 20 +--- .../apache/tomcat/jdbc/pool/FairBlockingQueue.java | 8 +++- 2 files changed, 20 insertions(+), 8 deletions(-) diff --git a/modules/jdbc-pool/src/main/java/org/apache/tomcat/jdbc/pool/ConnectionPool.java b/modules/jdbc-pool/src/main/java/org/apache/tomcat/jdbc/pool/ConnectionPool.java index 5e8adbbd03..30492c3971 100644 --- a/modules/jdbc-pool/src/main/java/org/apache/tomcat/jdbc/pool/ConnectionPool.java +++ b/modules/jdbc-pool/src/main/java/org/apache/tomcat/jdbc/pool/ConnectionPool.java @@ -1092,7 +1092,7 @@ public class ConnectionPool { long time = con.getTimestamp(); long now = System.currentTimeMillis(); if (shouldAbandon() && (now - time) > con.getAbandonTimeout()) { -busy.remove(con); +locked.remove(); abandon(con); setToNull = true; } else if (sto > 0 && (now - time) > (sto * 1000L)) { @@ -1143,7 +1143,7 @@ public class ConnectionPool { if (shouldReleaseIdle(now, con, time)) { releasedIdleCount.incrementAndGet(); release(con); -idle.remove(con); +unlocked.remove(); setToNull = true; } else { //do nothing @@ -1207,7 +1207,7 @@ public class ConnectionPool { } if (release) { releasedIdleCount.incrementAndGet(); -idle.remove(con); +unlocked.remove(); release(con); } } finally { @@ -1462,7 +1462,9 @@ public class ConnectionPool { if (configured.compareAndSet(false, true)) { try { pc = borrowConnection(System.currentTimeMillis(),pc, null, null); -result = ConnectionPool.this.setupConnection(pc); +if (pc != null) { +result = ConnectionPool.this.setupConnection(pc); +} } catch (SQLException x) { cause = x; } finally { @@ -1504,7 +1506,9 @@ public class ConnectionPool { public void run() { try { Connection con = get(); //complete this future -con.close(); //return to the pool +if (con != null) { +con.close(); //return to the pool +} }catch (ExecutionException ex) { //we can ignore this }catch (Exception x) { @@ -1560,7 +1564,8 @@ public class ConnectionPool { } } -public static Set getPoolCleaners() { +// Testing use only +public static synchronized Set getPoolCleaners() { return Collections.unmodifiableSet(cleaners); } @@ -1568,7 +1573,8 @@ public class ConnectionPool { return poolVersion.get(); } -public static Timer getPoolTimer() { +// Testing use only +public static synchronized Timer getPoolTimer() { return poolCleanTimer; } diff --git a/modules/jdbc-pool/src/main/java/org/apache/tomcat/jdbc/pool/FairBlockingQueue.java b/modules/jdbc-pool/src/main/java/org/apache/tomcat/jdbc/pool/FairBlockingQueue.java index 80d90c2b69..6b23c1abe3 100644 --- a/modules/jdbc-pool/src/main/java/org/apache/tomcat/jdbc/pool/FairBlockingQueue.java +++ b/modules/jdbc-pool/src/main/java/org/apache/tomcat/jdbc/pool/FairBlockingQueue.java @@ -232,7 +232,13 @@ public class FairBlockingQueue implements BlockingQueue { @Override public int size() { -return items.size(); +final ReentrantLock lock = this.lock; +lock.lock(); +try { +return items.size(); +} finally { +lock.unlock(); +} } @Override - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 9.0.x updated: Fix bad use of some remove while iterating
This is an automated email from the ASF dual-hosted git repository. remm pushed a commit to branch 9.0.x in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/9.0.x by this push: new 90d2b082f7 Fix bad use of some remove while iterating 90d2b082f7 is described below commit 90d2b082f74c664137844a13a1bea8892d2ab4e7 Author: remm AuthorDate: Mon Sep 25 14:19:00 2023 +0200 Fix bad use of some remove while iterating FairBlockingQueue was always handling it properly though. Also add a few missing syncs. Fix a couple of possible rare NPEs. Found by coverity. --- .../org/apache/tomcat/jdbc/pool/ConnectionPool.java | 20 +--- .../apache/tomcat/jdbc/pool/FairBlockingQueue.java | 8 +++- 2 files changed, 20 insertions(+), 8 deletions(-) diff --git a/modules/jdbc-pool/src/main/java/org/apache/tomcat/jdbc/pool/ConnectionPool.java b/modules/jdbc-pool/src/main/java/org/apache/tomcat/jdbc/pool/ConnectionPool.java index bb263c115c..479650c89c 100644 --- a/modules/jdbc-pool/src/main/java/org/apache/tomcat/jdbc/pool/ConnectionPool.java +++ b/modules/jdbc-pool/src/main/java/org/apache/tomcat/jdbc/pool/ConnectionPool.java @@ -1085,7 +1085,7 @@ public class ConnectionPool { long time = con.getTimestamp(); long now = System.currentTimeMillis(); if (shouldAbandon() && (now - time) > con.getAbandonTimeout()) { -busy.remove(con); +locked.remove(); abandon(con); setToNull = true; } else if (sto > 0 && (now - time) > (sto * 1000L)) { @@ -1136,7 +1136,7 @@ public class ConnectionPool { if (shouldReleaseIdle(now, con, time)) { releasedIdleCount.incrementAndGet(); release(con); -idle.remove(con); +unlocked.remove(); setToNull = true; } else { //do nothing @@ -1200,7 +1200,7 @@ public class ConnectionPool { } if (release) { releasedIdleCount.incrementAndGet(); -idle.remove(con); +unlocked.remove(); release(con); } } finally { @@ -1455,7 +1455,9 @@ public class ConnectionPool { if (configured.compareAndSet(false, true)) { try { pc = borrowConnection(System.currentTimeMillis(),pc, null, null); -result = ConnectionPool.this.setupConnection(pc); +if (pc != null) { +result = ConnectionPool.this.setupConnection(pc); +} } catch (SQLException x) { cause = x; } finally { @@ -1497,7 +1499,9 @@ public class ConnectionPool { public void run() { try { Connection con = get(); //complete this future -con.close(); //return to the pool +if (con != null) { +con.close(); //return to the pool +} }catch (ExecutionException ex) { //we can ignore this }catch (Exception x) { @@ -1553,7 +1557,8 @@ public class ConnectionPool { } } -public static Set getPoolCleaners() { +// Testing use only +public static synchronized Set getPoolCleaners() { return Collections.unmodifiableSet(cleaners); } @@ -1561,7 +1566,8 @@ public class ConnectionPool { return poolVersion.get(); } -public static Timer getPoolTimer() { +// Testing use only +public static synchronized Timer getPoolTimer() { return poolCleanTimer; } diff --git a/modules/jdbc-pool/src/main/java/org/apache/tomcat/jdbc/pool/FairBlockingQueue.java b/modules/jdbc-pool/src/main/java/org/apache/tomcat/jdbc/pool/FairBlockingQueue.java index 80d90c2b69..6b23c1abe3 100644 --- a/modules/jdbc-pool/src/main/java/org/apache/tomcat/jdbc/pool/FairBlockingQueue.java +++ b/modules/jdbc-pool/src/main/java/org/apache/tomcat/jdbc/pool/FairBlockingQueue.java @@ -232,7 +232,13 @@ public class FairBlockingQueue implements BlockingQueue { @Override public int size() { -return items.size(); +final ReentrantLock lock = this.lock; +lock.lock(); +try { +return items.size(); +} finally { +lock.unlock(); +} } @Override - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 8.5.x updated: Fix bad use of some remove while iterating
This is an automated email from the ASF dual-hosted git repository. remm pushed a commit to branch 8.5.x in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/8.5.x by this push: new b887891f77 Fix bad use of some remove while iterating b887891f77 is described below commit b887891f77c616b0dcd1f43f9cf886381b45013f Author: remm AuthorDate: Mon Sep 25 14:19:00 2023 +0200 Fix bad use of some remove while iterating FairBlockingQueue was always handling it properly though. Also add a few missing syncs. Fix a couple of possible rare NPEs. Found by coverity. --- .../org/apache/tomcat/jdbc/pool/ConnectionPool.java | 20 +--- .../apache/tomcat/jdbc/pool/FairBlockingQueue.java | 8 +++- 2 files changed, 20 insertions(+), 8 deletions(-) diff --git a/modules/jdbc-pool/src/main/java/org/apache/tomcat/jdbc/pool/ConnectionPool.java b/modules/jdbc-pool/src/main/java/org/apache/tomcat/jdbc/pool/ConnectionPool.java index acfa1f191e..8b59d84d1a 100644 --- a/modules/jdbc-pool/src/main/java/org/apache/tomcat/jdbc/pool/ConnectionPool.java +++ b/modules/jdbc-pool/src/main/java/org/apache/tomcat/jdbc/pool/ConnectionPool.java @@ -1046,7 +1046,7 @@ public class ConnectionPool { long time = con.getTimestamp(); long now = System.currentTimeMillis(); if (shouldAbandon() && (now - time) > con.getAbandonTimeout()) { -busy.remove(con); +locked.remove(); abandon(con); setToNull = true; } else if (sto > 0 && (now - time) > (sto * 1000L)) { @@ -1097,7 +1097,7 @@ public class ConnectionPool { if (shouldReleaseIdle(now, con, time)) { releasedIdleCount.incrementAndGet(); release(con); -idle.remove(con); +unlocked.remove(); setToNull = true; } else { //do nothing @@ -1145,7 +1145,7 @@ public class ConnectionPool { } if (!con.validate(PooledConnection.VALIDATE_IDLE)) { releasedIdleCount.incrementAndGet(); -idle.remove(con); +unlocked.remove(); release(con); } } finally { @@ -1400,7 +1400,9 @@ public class ConnectionPool { if (configured.compareAndSet(false, true)) { try { pc = borrowConnection(System.currentTimeMillis(),pc, null, null); -result = ConnectionPool.this.setupConnection(pc); +if (pc != null) { +result = ConnectionPool.this.setupConnection(pc); +} } catch (SQLException x) { cause = x; } finally { @@ -1442,7 +1444,9 @@ public class ConnectionPool { public void run() { try { Connection con = get(); //complete this future -con.close(); //return to the pool +if (con != null) { +con.close(); //return to the pool +} }catch (ExecutionException ex) { //we can ignore this }catch (Exception x) { @@ -1498,7 +1502,8 @@ public class ConnectionPool { } } -public static Set getPoolCleaners() { +// Testing use only +public static synchronized Set getPoolCleaners() { return Collections.unmodifiableSet(cleaners); } @@ -1506,7 +1511,8 @@ public class ConnectionPool { return poolVersion.get(); } -public static Timer getPoolTimer() { +// Testing use only +public static synchronized Timer getPoolTimer() { return poolCleanTimer; } diff --git a/modules/jdbc-pool/src/main/java/org/apache/tomcat/jdbc/pool/FairBlockingQueue.java b/modules/jdbc-pool/src/main/java/org/apache/tomcat/jdbc/pool/FairBlockingQueue.java index 80d90c2b69..6b23c1abe3 100644 --- a/modules/jdbc-pool/src/main/java/org/apache/tomcat/jdbc/pool/FairBlockingQueue.java +++ b/modules/jdbc-pool/src/main/java/org/apache/tomcat/jdbc/pool/FairBlockingQueue.java @@ -232,7 +232,13 @@ public class FairBlockingQueue implements BlockingQueue { @Override public int size() { -return items.size(); +final ReentrantLock lock = this.lock; +lock.lock(); +try { +return items.size(); +} finally { +lock.unlock(); +} } @Override - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h..
[Bug 66875] Handling async error after spring already handled error
https://bz.apache.org/bugzilla/show_bug.cgi?id=66875 Nils Kohrs changed: What|Removed |Added Status|RESOLVED|REOPENED Resolution|DUPLICATE |--- --- Comment #2 from Nils Kohrs --- With the exact same code I do still run into the same issue as before. You might have not included org.jetbrains.kotlinx:kotlinx-coroutines-reactor as dependency. If that dependency is not added then tomcat calls are not executed in async mode. Here is the log output for Spring Boot v3.1.3 and Tomcat 10.1.12 for the aforementioned code. . ___ _ _ /\\ / ___'_ __ _ _(_)_ __ __ _ \ \ \ \ ( ( )\___ | '_ | '_| | '_ \/ _` | \ \ \ \ \\/ ___)| |_)| | | | | || (_| | ) ) ) ) ' || .__|_| |_|_| |_\__, | / / / / =|_|==|___/=/_/_/_/ :: Spring Boot ::(v3.1.3) 2023-09-25T14:28:52.231+02:00 INFO 41884 --- [ main] com.example.demo.DemoApplicationKt : Starting DemoApplicationKt using Java 18.0.2.1 with PID 41884 (...) 2023-09-25T14:28:52.233+02:00 INFO 41884 --- [ main] com.example.demo.DemoApplicationKt : No active profile set, falling back to 1 default profile: "default" 2023-09-25T14:28:52.848+02:00 INFO 41884 --- [ main] o.s.b.w.embedded.tomcat.TomcatWebServer : Tomcat initialized with port(s): 8080 (http) 2023-09-25T14:28:52.854+02:00 INFO 41884 --- [ main] o.apache.catalina.core.StandardService : Starting service [Tomcat] 2023-09-25T14:28:52.855+02:00 INFO 41884 --- [ main] o.apache.catalina.core.StandardEngine: Starting Servlet engine: [Apache Tomcat/10.1.12] 2023-09-25T14:28:52.917+02:00 INFO 41884 --- [ main] o.a.c.c.C.[Tomcat].[localhost].[/] : Initializing Spring embedded WebApplicationContext 2023-09-25T14:28:52.918+02:00 INFO 41884 --- [ main] w.s.c.ServletWebServerApplicationContext : Root WebApplicationContext: initialization completed in 649 ms 2023-09-25T14:28:53.190+02:00 INFO 41884 --- [ main] o.s.b.w.embedded.tomcat.TomcatWebServer : Tomcat started on port(s): 8080 (http) with context path '' 2023-09-25T14:28:53.194+02:00 INFO 41884 --- [ main] com.example.demo.DemoApplicationKt : Started DemoApplicationKt in 1.251 seconds (process running for 1.71) 2023-09-25T14:28:54.564+02:00 INFO 41884 --- [nio-8080-exec-1] o.a.c.c.C.[Tomcat].[localhost].[/] : Initializing Spring DispatcherServlet 'dispatcherServlet' 2023-09-25T14:28:54.564+02:00 INFO 41884 --- [nio-8080-exec-1] o.s.web.servlet.DispatcherServlet: Initializing Servlet 'dispatcherServlet' 2023-09-25T14:28:54.564+02:00 INFO 41884 --- [nio-8080-exec-1] o.s.web.servlet.DispatcherServlet: Completed initialization in 0 ms 2023-09-25T14:28:54.821+02:00 ERROR 41884 --- [nio-8080-exec-1] s.e.ErrorMvcAutoConfiguration$StaticView : Cannot render error page for request [/suspend] as the response has already been committed. As a result, the response may have the wrong status code. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch main updated: Avoid possible NPEs
This is an automated email from the ASF dual-hosted git repository. remm pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/main by this push: new bee52614f3 Avoid possible NPEs bee52614f3 is described below commit bee52614f3d694b169c2682b539d98ced93eb1a8 Author: remm AuthorDate: Mon Sep 25 14:42:36 2023 +0200 Avoid possible NPEs --- .../src/main/java/org/apache/tomcat/jdbc/pool/ProxyConnection.java | 2 +- .../org/apache/tomcat/jdbc/pool/interceptor/StatementCache.java | 6 +- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/modules/jdbc-pool/src/main/java/org/apache/tomcat/jdbc/pool/ProxyConnection.java b/modules/jdbc-pool/src/main/java/org/apache/tomcat/jdbc/pool/ProxyConnection.java index d91cc0861f..04fc32fc35 100644 --- a/modules/jdbc-pool/src/main/java/org/apache/tomcat/jdbc/pool/ProxyConnection.java +++ b/modules/jdbc-pool/src/main/java/org/apache/tomcat/jdbc/pool/ProxyConnection.java @@ -106,7 +106,7 @@ public class ProxyConnection extends JdbcInterceptor { return this.toString(); } else if (compare(GETCONNECTION_VAL,method) && connection!=null) { return connection.getConnection(); -} else if (method.getDeclaringClass().isAssignableFrom(XAConnection.class)) { +} else if (method.getDeclaringClass().isAssignableFrom(XAConnection.class) && connection != null) { try { return method.invoke(connection.getXAConnection(),args); }catch (Throwable t) { diff --git a/modules/jdbc-pool/src/main/java/org/apache/tomcat/jdbc/pool/interceptor/StatementCache.java b/modules/jdbc-pool/src/main/java/org/apache/tomcat/jdbc/pool/interceptor/StatementCache.java index 9ce39c089f..8b74b64bcc 100644 --- a/modules/jdbc-pool/src/main/java/org/apache/tomcat/jdbc/pool/interceptor/StatementCache.java +++ b/modules/jdbc-pool/src/main/java/org/apache/tomcat/jdbc/pool/interceptor/StatementCache.java @@ -218,7 +218,11 @@ public class StatementCache extends StatementDecoratorInterceptor implements Sta if (cache == null) { return null; } -return cache.get(createCacheKey(method, args)); +CacheKey key = createCacheKey(method, args); +if (key == null) { +throw new IllegalArgumentException("Null key"); +} +return cache.get(key); } public boolean cacheStatement(CachedStatement proxy) { - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 10.1.x updated: Avoid possible NPEs
This is an automated email from the ASF dual-hosted git repository. remm pushed a commit to branch 10.1.x in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/10.1.x by this push: new 203b1bc93c Avoid possible NPEs 203b1bc93c is described below commit 203b1bc93ce816fec6debae36ea8d907dab32ce8 Author: remm AuthorDate: Mon Sep 25 14:42:36 2023 +0200 Avoid possible NPEs --- .../src/main/java/org/apache/tomcat/jdbc/pool/ProxyConnection.java | 2 +- .../org/apache/tomcat/jdbc/pool/interceptor/StatementCache.java | 6 +- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/modules/jdbc-pool/src/main/java/org/apache/tomcat/jdbc/pool/ProxyConnection.java b/modules/jdbc-pool/src/main/java/org/apache/tomcat/jdbc/pool/ProxyConnection.java index d91cc0861f..04fc32fc35 100644 --- a/modules/jdbc-pool/src/main/java/org/apache/tomcat/jdbc/pool/ProxyConnection.java +++ b/modules/jdbc-pool/src/main/java/org/apache/tomcat/jdbc/pool/ProxyConnection.java @@ -106,7 +106,7 @@ public class ProxyConnection extends JdbcInterceptor { return this.toString(); } else if (compare(GETCONNECTION_VAL,method) && connection!=null) { return connection.getConnection(); -} else if (method.getDeclaringClass().isAssignableFrom(XAConnection.class)) { +} else if (method.getDeclaringClass().isAssignableFrom(XAConnection.class) && connection != null) { try { return method.invoke(connection.getXAConnection(),args); }catch (Throwable t) { diff --git a/modules/jdbc-pool/src/main/java/org/apache/tomcat/jdbc/pool/interceptor/StatementCache.java b/modules/jdbc-pool/src/main/java/org/apache/tomcat/jdbc/pool/interceptor/StatementCache.java index 9ce39c089f..8b74b64bcc 100644 --- a/modules/jdbc-pool/src/main/java/org/apache/tomcat/jdbc/pool/interceptor/StatementCache.java +++ b/modules/jdbc-pool/src/main/java/org/apache/tomcat/jdbc/pool/interceptor/StatementCache.java @@ -218,7 +218,11 @@ public class StatementCache extends StatementDecoratorInterceptor implements Sta if (cache == null) { return null; } -return cache.get(createCacheKey(method, args)); +CacheKey key = createCacheKey(method, args); +if (key == null) { +throw new IllegalArgumentException("Null key"); +} +return cache.get(key); } public boolean cacheStatement(CachedStatement proxy) { - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 9.0.x updated: Avoid possible NPEs
This is an automated email from the ASF dual-hosted git repository. remm pushed a commit to branch 9.0.x in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/9.0.x by this push: new ec48807ac4 Avoid possible NPEs ec48807ac4 is described below commit ec48807ac455d0da1aac4d53b74fd9cff0c2bc76 Author: remm AuthorDate: Mon Sep 25 14:42:36 2023 +0200 Avoid possible NPEs --- .../src/main/java/org/apache/tomcat/jdbc/pool/ProxyConnection.java | 2 +- .../org/apache/tomcat/jdbc/pool/interceptor/StatementCache.java | 6 +- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/modules/jdbc-pool/src/main/java/org/apache/tomcat/jdbc/pool/ProxyConnection.java b/modules/jdbc-pool/src/main/java/org/apache/tomcat/jdbc/pool/ProxyConnection.java index d91cc0861f..04fc32fc35 100644 --- a/modules/jdbc-pool/src/main/java/org/apache/tomcat/jdbc/pool/ProxyConnection.java +++ b/modules/jdbc-pool/src/main/java/org/apache/tomcat/jdbc/pool/ProxyConnection.java @@ -106,7 +106,7 @@ public class ProxyConnection extends JdbcInterceptor { return this.toString(); } else if (compare(GETCONNECTION_VAL,method) && connection!=null) { return connection.getConnection(); -} else if (method.getDeclaringClass().isAssignableFrom(XAConnection.class)) { +} else if (method.getDeclaringClass().isAssignableFrom(XAConnection.class) && connection != null) { try { return method.invoke(connection.getXAConnection(),args); }catch (Throwable t) { diff --git a/modules/jdbc-pool/src/main/java/org/apache/tomcat/jdbc/pool/interceptor/StatementCache.java b/modules/jdbc-pool/src/main/java/org/apache/tomcat/jdbc/pool/interceptor/StatementCache.java index 9ce39c089f..8b74b64bcc 100644 --- a/modules/jdbc-pool/src/main/java/org/apache/tomcat/jdbc/pool/interceptor/StatementCache.java +++ b/modules/jdbc-pool/src/main/java/org/apache/tomcat/jdbc/pool/interceptor/StatementCache.java @@ -218,7 +218,11 @@ public class StatementCache extends StatementDecoratorInterceptor implements Sta if (cache == null) { return null; } -return cache.get(createCacheKey(method, args)); +CacheKey key = createCacheKey(method, args); +if (key == null) { +throw new IllegalArgumentException("Null key"); +} +return cache.get(key); } public boolean cacheStatement(CachedStatement proxy) { - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 8.5.x updated: Avoid possible NPEs
This is an automated email from the ASF dual-hosted git repository. remm pushed a commit to branch 8.5.x in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/8.5.x by this push: new 1a08b3eaae Avoid possible NPEs 1a08b3eaae is described below commit 1a08b3eaae353431e3021497323b828a6000591f Author: remm AuthorDate: Mon Sep 25 14:42:36 2023 +0200 Avoid possible NPEs --- .../src/main/java/org/apache/tomcat/jdbc/pool/ProxyConnection.java | 2 +- .../org/apache/tomcat/jdbc/pool/interceptor/StatementCache.java | 6 +- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/modules/jdbc-pool/src/main/java/org/apache/tomcat/jdbc/pool/ProxyConnection.java b/modules/jdbc-pool/src/main/java/org/apache/tomcat/jdbc/pool/ProxyConnection.java index 5db8525593..193a08f5c6 100644 --- a/modules/jdbc-pool/src/main/java/org/apache/tomcat/jdbc/pool/ProxyConnection.java +++ b/modules/jdbc-pool/src/main/java/org/apache/tomcat/jdbc/pool/ProxyConnection.java @@ -106,7 +106,7 @@ public class ProxyConnection extends JdbcInterceptor { return this.toString(); } else if (compare(GETCONNECTION_VAL,method) && connection!=null) { return connection.getConnection(); -} else if (method.getDeclaringClass().isAssignableFrom(XAConnection.class)) { +} else if (method.getDeclaringClass().isAssignableFrom(XAConnection.class) && connection != null) { try { return method.invoke(connection.getXAConnection(),args); }catch (Throwable t) { diff --git a/modules/jdbc-pool/src/main/java/org/apache/tomcat/jdbc/pool/interceptor/StatementCache.java b/modules/jdbc-pool/src/main/java/org/apache/tomcat/jdbc/pool/interceptor/StatementCache.java index 505f0e4142..9cf08123a1 100644 --- a/modules/jdbc-pool/src/main/java/org/apache/tomcat/jdbc/pool/interceptor/StatementCache.java +++ b/modules/jdbc-pool/src/main/java/org/apache/tomcat/jdbc/pool/interceptor/StatementCache.java @@ -230,7 +230,11 @@ public class StatementCache extends StatementDecoratorInterceptor implements Sta if (cache == null) { return null; } -return cache.get(createCacheKey(method, args)); +CacheKey key = createCacheKey(method, args); +if (key == null) { +throw new IllegalArgumentException("Null key"); +} +return cache.get(key); } public boolean cacheStatement(CachedStatement proxy) { - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch main updated: Fix BZ 65770 - add a listener to reload TLS certificates
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/main by this push: new bf444e4f1b Fix BZ 65770 - add a listener to reload TLS certificates bf444e4f1b is described below commit bf444e4f1b9cc19d444f22ca157a015a6bc686f1 Author: Mark Thomas AuthorDate: Mon Sep 25 15:46:27 2023 +0100 Fix BZ 65770 - add a listener to reload TLS certificates The listener is intended to be used in environments where a 3rd party component (e.g. certbot) is responsible for regularly renewing the certificate. https://bz.apache.org/bugzilla/show_bug.cgi?id=65770 --- .../catalina/security/LocalStrings.properties | 4 + .../security/TLSCertificateReloadListener.java | 176 + java/org/apache/coyote/ProtocolHandler.java| 13 ++ .../org/apache/coyote/ajp/AbstractAjpProtocol.java | 6 + .../coyote/http11/AbstractHttp11Protocol.java | 6 + java/org/apache/tomcat/util/net/SSLHostConfig.java | 26 +++ webapps/docs/changelog.xml | 6 + webapps/docs/config/listeners.xml | 37 + 8 files changed, 274 insertions(+) diff --git a/java/org/apache/catalina/security/LocalStrings.properties b/java/org/apache/catalina/security/LocalStrings.properties index a058198cfb..49dace925f 100644 --- a/java/org/apache/catalina/security/LocalStrings.properties +++ b/java/org/apache/catalina/security/LocalStrings.properties @@ -20,3 +20,7 @@ SecurityListener.checkUmaskSkip=Unable to determine umask. It appears Tomcat is SecurityListener.checkUserWarning=Start attempted while running as user [{0}]. Running Tomcat as this user has been blocked by the Lifecycle listener org.apache.catalina.security.SecurityListener (usually configured in CATALINA_BASE/conf/server.xml) listener.notServer=This listener must only be nested within Server elements, but is in [{0}]. + +tlsCertRenewalListener.notRenewed=[{0}], TLS virtual host [{1}] with name [{2}] that expires on [{3}] is overdue for renewal +tlsCertRenewalListener.reloadFailed=[{0}], TLS virtual host [{1}] reload of TLS configuration failed +tlsCertRenewalListener.reloadSuccess=[{0}], TLS virtual host [{1}] reloaded TLS configuration \ No newline at end of file diff --git a/java/org/apache/catalina/security/TLSCertificateReloadListener.java b/java/org/apache/catalina/security/TLSCertificateReloadListener.java new file mode 100644 index 00..d9fe20f462 --- /dev/null +++ b/java/org/apache/catalina/security/TLSCertificateReloadListener.java @@ -0,0 +1,176 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.catalina.security; + +import java.security.cert.X509Certificate; +import java.util.Calendar; +import java.util.Set; + +import org.apache.catalina.Lifecycle; +import org.apache.catalina.LifecycleEvent; +import org.apache.catalina.LifecycleListener; +import org.apache.catalina.Server; +import org.apache.catalina.Service; +import org.apache.catalina.connector.Connector; +import org.apache.juli.logging.Log; +import org.apache.juli.logging.LogFactory; +import org.apache.tomcat.util.net.SSLHostConfig; +import org.apache.tomcat.util.res.StringManager; + +/** + * A {@link LifecycleListener} that may be used to monitor the expiration dates of TLS certificates and trigger + * automatic reloading of the TLS configuration a set number of days before the TLS certificate expires. + * + * This listener assumes there is some other process (certbot, cloud infrastructure, etc) that renews the certificate on + * a regular basis and replaces the current certificate with the new one. + * + * This listener does NOT re-read the Tomcat configuration from server.xml. If you make changes to server.xml you + * must restart the Tomcat process to pick up those changes. + * + */ +public class TLSCertificateReloadListener implements LifecycleListener { + +private static final Log log = LogFactory.getLog(TLSCertificateReloadListener.class); +private static final StringManager sm = StringManager.getManager(TLSCertificateReloadListener.class); +
[tomcat] branch 10.1.x updated: Fix BZ 65770 - add a listener to reload TLS certificates
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch 10.1.x in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/10.1.x by this push: new fa17aed463 Fix BZ 65770 - add a listener to reload TLS certificates fa17aed463 is described below commit fa17aed4638e99c3a0f736b0aa7e61b50300988c Author: Mark Thomas AuthorDate: Mon Sep 25 15:46:27 2023 +0100 Fix BZ 65770 - add a listener to reload TLS certificates The listener is intended to be used in environments where a 3rd party component (e.g. certbot) is responsible for regularly renewing the certificate. https://bz.apache.org/bugzilla/show_bug.cgi?id=65770 --- .../catalina/security/LocalStrings.properties | 4 + .../security/TLSCertificateReloadListener.java | 176 + java/org/apache/coyote/ProtocolHandler.java| 13 ++ .../org/apache/coyote/ajp/AbstractAjpProtocol.java | 6 + .../coyote/http11/AbstractHttp11Protocol.java | 6 + java/org/apache/tomcat/util/net/SSLHostConfig.java | 26 +++ webapps/docs/changelog.xml | 6 + webapps/docs/config/listeners.xml | 37 + 8 files changed, 274 insertions(+) diff --git a/java/org/apache/catalina/security/LocalStrings.properties b/java/org/apache/catalina/security/LocalStrings.properties index f1e1aa689c..b2f6cdf023 100644 --- a/java/org/apache/catalina/security/LocalStrings.properties +++ b/java/org/apache/catalina/security/LocalStrings.properties @@ -22,3 +22,7 @@ SecurityListener.checkUserWarning=Start attempted while running as user [{0}]. R SecurityUtil.doAsPrivilege=An exception occurs when running the PrivilegedExceptionAction block. listener.notServer=This listener must only be nested within Server elements, but is in [{0}]. + +tlsCertRenewalListener.notRenewed=[{0}], TLS virtual host [{1}] with name [{2}] that expires on [{3}] is overdue for renewal +tlsCertRenewalListener.reloadFailed=[{0}], TLS virtual host [{1}] reload of TLS configuration failed +tlsCertRenewalListener.reloadSuccess=[{0}], TLS virtual host [{1}] reloaded TLS configuration \ No newline at end of file diff --git a/java/org/apache/catalina/security/TLSCertificateReloadListener.java b/java/org/apache/catalina/security/TLSCertificateReloadListener.java new file mode 100644 index 00..d9fe20f462 --- /dev/null +++ b/java/org/apache/catalina/security/TLSCertificateReloadListener.java @@ -0,0 +1,176 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.catalina.security; + +import java.security.cert.X509Certificate; +import java.util.Calendar; +import java.util.Set; + +import org.apache.catalina.Lifecycle; +import org.apache.catalina.LifecycleEvent; +import org.apache.catalina.LifecycleListener; +import org.apache.catalina.Server; +import org.apache.catalina.Service; +import org.apache.catalina.connector.Connector; +import org.apache.juli.logging.Log; +import org.apache.juli.logging.LogFactory; +import org.apache.tomcat.util.net.SSLHostConfig; +import org.apache.tomcat.util.res.StringManager; + +/** + * A {@link LifecycleListener} that may be used to monitor the expiration dates of TLS certificates and trigger + * automatic reloading of the TLS configuration a set number of days before the TLS certificate expires. + * + * This listener assumes there is some other process (certbot, cloud infrastructure, etc) that renews the certificate on + * a regular basis and replaces the current certificate with the new one. + * + * This listener does NOT re-read the Tomcat configuration from server.xml. If you make changes to server.xml you + * must restart the Tomcat process to pick up those changes. + * + */ +public class TLSCertificateReloadListener implements LifecycleListener { + +private static final Log log = LogFactory.getLog(TLSCertificateReloadListener.class); +private static final StringManager sm = StringManager.getManager(TLSCertificateReloadListener.class); + +// Configuration +private int checkPeriod = 24 * 60 * 60; +private int daysBefore = 14; + +// State +private Calendar nextCheck
[tomcat] branch 9.0.x updated: Fix BZ 65770 - add a listener to reload TLS certificates
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch 9.0.x in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/9.0.x by this push: new 7d388dbd3e Fix BZ 65770 - add a listener to reload TLS certificates 7d388dbd3e is described below commit 7d388dbd3e43fd9c1406a464505449c0b770b12f Author: Mark Thomas AuthorDate: Mon Sep 25 15:46:27 2023 +0100 Fix BZ 65770 - add a listener to reload TLS certificates The listener is intended to be used in environments where a 3rd party component (e.g. certbot) is responsible for regularly renewing the certificate. https://bz.apache.org/bugzilla/show_bug.cgi?id=65770 --- .../catalina/security/LocalStrings.properties | 4 + .../security/TLSCertificateReloadListener.java | 176 + java/org/apache/coyote/ProtocolHandler.java| 13 ++ .../org/apache/coyote/ajp/AbstractAjpProtocol.java | 6 + .../coyote/http11/AbstractHttp11Protocol.java | 6 + java/org/apache/tomcat/util/net/SSLHostConfig.java | 26 +++ webapps/docs/changelog.xml | 6 + webapps/docs/config/listeners.xml | 37 + 8 files changed, 274 insertions(+) diff --git a/java/org/apache/catalina/security/LocalStrings.properties b/java/org/apache/catalina/security/LocalStrings.properties index f1e1aa689c..b2f6cdf023 100644 --- a/java/org/apache/catalina/security/LocalStrings.properties +++ b/java/org/apache/catalina/security/LocalStrings.properties @@ -22,3 +22,7 @@ SecurityListener.checkUserWarning=Start attempted while running as user [{0}]. R SecurityUtil.doAsPrivilege=An exception occurs when running the PrivilegedExceptionAction block. listener.notServer=This listener must only be nested within Server elements, but is in [{0}]. + +tlsCertRenewalListener.notRenewed=[{0}], TLS virtual host [{1}] with name [{2}] that expires on [{3}] is overdue for renewal +tlsCertRenewalListener.reloadFailed=[{0}], TLS virtual host [{1}] reload of TLS configuration failed +tlsCertRenewalListener.reloadSuccess=[{0}], TLS virtual host [{1}] reloaded TLS configuration \ No newline at end of file diff --git a/java/org/apache/catalina/security/TLSCertificateReloadListener.java b/java/org/apache/catalina/security/TLSCertificateReloadListener.java new file mode 100644 index 00..d9fe20f462 --- /dev/null +++ b/java/org/apache/catalina/security/TLSCertificateReloadListener.java @@ -0,0 +1,176 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.catalina.security; + +import java.security.cert.X509Certificate; +import java.util.Calendar; +import java.util.Set; + +import org.apache.catalina.Lifecycle; +import org.apache.catalina.LifecycleEvent; +import org.apache.catalina.LifecycleListener; +import org.apache.catalina.Server; +import org.apache.catalina.Service; +import org.apache.catalina.connector.Connector; +import org.apache.juli.logging.Log; +import org.apache.juli.logging.LogFactory; +import org.apache.tomcat.util.net.SSLHostConfig; +import org.apache.tomcat.util.res.StringManager; + +/** + * A {@link LifecycleListener} that may be used to monitor the expiration dates of TLS certificates and trigger + * automatic reloading of the TLS configuration a set number of days before the TLS certificate expires. + * + * This listener assumes there is some other process (certbot, cloud infrastructure, etc) that renews the certificate on + * a regular basis and replaces the current certificate with the new one. + * + * This listener does NOT re-read the Tomcat configuration from server.xml. If you make changes to server.xml you + * must restart the Tomcat process to pick up those changes. + * + */ +public class TLSCertificateReloadListener implements LifecycleListener { + +private static final Log log = LogFactory.getLog(TLSCertificateReloadListener.class); +private static final StringManager sm = StringManager.getManager(TLSCertificateReloadListener.class); + +// Configuration +private int checkPeriod = 24 * 60 * 60; +private int daysBefore = 14; + +// State +private Calendar nextCheck =
[tomcat] branch 8.5.x updated: Fix BZ 65770 - add a listener to reload TLS certificates
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch 8.5.x in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/8.5.x by this push: new b8342720e8 Fix BZ 65770 - add a listener to reload TLS certificates b8342720e8 is described below commit b8342720e8c0e6c7622323dffb989a0bd6bc0719 Author: Mark Thomas AuthorDate: Mon Sep 25 15:46:27 2023 +0100 Fix BZ 65770 - add a listener to reload TLS certificates The listener is intended to be used in environments where a 3rd party component (e.g. certbot) is responsible for regularly renewing the certificate. https://bz.apache.org/bugzilla/show_bug.cgi?id=65770 --- .../catalina/security/LocalStrings.properties | 4 + .../security/TLSCertificateReloadListener.java | 176 + java/org/apache/coyote/ProtocolHandler.java| 13 ++ .../org/apache/coyote/ajp/AbstractAjpProtocol.java | 6 + .../coyote/http11/AbstractHttp11Protocol.java | 6 + java/org/apache/tomcat/util/net/SSLHostConfig.java | 26 +++ webapps/docs/changelog.xml | 6 + webapps/docs/config/listeners.xml | 37 + 8 files changed, 274 insertions(+) diff --git a/java/org/apache/catalina/security/LocalStrings.properties b/java/org/apache/catalina/security/LocalStrings.properties index f1e1aa689c..b2f6cdf023 100644 --- a/java/org/apache/catalina/security/LocalStrings.properties +++ b/java/org/apache/catalina/security/LocalStrings.properties @@ -22,3 +22,7 @@ SecurityListener.checkUserWarning=Start attempted while running as user [{0}]. R SecurityUtil.doAsPrivilege=An exception occurs when running the PrivilegedExceptionAction block. listener.notServer=This listener must only be nested within Server elements, but is in [{0}]. + +tlsCertRenewalListener.notRenewed=[{0}], TLS virtual host [{1}] with name [{2}] that expires on [{3}] is overdue for renewal +tlsCertRenewalListener.reloadFailed=[{0}], TLS virtual host [{1}] reload of TLS configuration failed +tlsCertRenewalListener.reloadSuccess=[{0}], TLS virtual host [{1}] reloaded TLS configuration \ No newline at end of file diff --git a/java/org/apache/catalina/security/TLSCertificateReloadListener.java b/java/org/apache/catalina/security/TLSCertificateReloadListener.java new file mode 100644 index 00..d9fe20f462 --- /dev/null +++ b/java/org/apache/catalina/security/TLSCertificateReloadListener.java @@ -0,0 +1,176 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.catalina.security; + +import java.security.cert.X509Certificate; +import java.util.Calendar; +import java.util.Set; + +import org.apache.catalina.Lifecycle; +import org.apache.catalina.LifecycleEvent; +import org.apache.catalina.LifecycleListener; +import org.apache.catalina.Server; +import org.apache.catalina.Service; +import org.apache.catalina.connector.Connector; +import org.apache.juli.logging.Log; +import org.apache.juli.logging.LogFactory; +import org.apache.tomcat.util.net.SSLHostConfig; +import org.apache.tomcat.util.res.StringManager; + +/** + * A {@link LifecycleListener} that may be used to monitor the expiration dates of TLS certificates and trigger + * automatic reloading of the TLS configuration a set number of days before the TLS certificate expires. + * + * This listener assumes there is some other process (certbot, cloud infrastructure, etc) that renews the certificate on + * a regular basis and replaces the current certificate with the new one. + * + * This listener does NOT re-read the Tomcat configuration from server.xml. If you make changes to server.xml you + * must restart the Tomcat process to pick up those changes. + * + */ +public class TLSCertificateReloadListener implements LifecycleListener { + +private static final Log log = LogFactory.getLog(TLSCertificateReloadListener.class); +private static final StringManager sm = StringManager.getManager(TLSCertificateReloadListener.class); + +// Configuration +private int checkPeriod = 24 * 60 * 60; +private int daysBefore = 14; + +// State +private Calendar nextCheck =
[Bug 65770] Make keys reload automatically
https://bz.apache.org/bugzilla/show_bug.cgi?id=65770 Mark Thomas changed: What|Removed |Added Status|NEW |RESOLVED Resolution|--- |FIXED --- Comment #14 from Mark Thomas --- Fixed in: - 11.0.x for 11.0.0-M12 onwards - 10.1.x for 10.1.14 onwards - 9.0.x for 9.0.81 onwards - 8.5.x for 8.5.94 onwards -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org