Re: (tomcat) 02/02: Add checking for the age of the Tomcat version running and warn if it's getting old.

2024-03-12 Thread Mark Thomas

On 11/03/2024 21:38, schu...@apache.org wrote:

This is an automated email from the ASF dual-hosted git repository.

schultz pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git

commit 3ab883aa746a5c577efa39d9080858e53ca77da6
Author: Christopher Schultz 
AuthorDate: Mon Mar 11 17:38:01 2024 -0400

 Add checking for the age of the Tomcat version running and warn if it's 
getting old.


How do I disable this check if I don't want to use it? I'd expect 
something like set it to "-1".


Mark

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Re: [VOTE] Release Apache Tomcat 9.0.87

2024-03-12 Thread Dimitris Soumis
+1 All tests pass on Fedora 38 with Java 17, tcnative-1.2.39, apr-1.7.4,
openssl-3.0.13.

On Mon, Mar 11, 2024 at 1:16 PM Rémy Maucherat  wrote:

> The proposed Apache Tomcat 9.0.87 release is now available for voting.
>
> The notable changes compared to 9.0.86 are:
>
> - When restoring a saved POST request after a successful FORM
>authentication, ensure that neither the URI, the query string nor
>the protocol are corrupted when restoring the request body.
>
> - Align error handling for Writer and OutputStream. Ensure use of either
>once the response has been recycled triggers a NullPointerException
>provided that discardFacades is configured with the default value of
>true.
>
> - The standard thread pool implementations that are
>configured using the Executor element now implement
>ExecutorService for better support of NIO2 or others.
>
> For full details, see the changelog:
> https://nightlies.apache.org/tomcat/tomcat-9.0.x/docs/changelog.html
>
> It can be obtained from:
> https://dist.apache.org/repos/dist/dev/tomcat/tomcat-9/v9.0.87/
> The Maven staging repo is:
> https://repository.apache.org/content/repositories/orgapachetomcat-1485
> The tag is:
> https://github.com/apache/tomcat/tree/9.0.87
> 4c4c166c3d7fd2d00801657c7a78fc7d46c8ec32
>
> The proposed 9.0.87 release is:
> [ ] -1, Broken - do not release
> [X ] +1, Stable - go ahead and release as 9.0.87
>
> Rémy
>
> -
> To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: dev-h...@tomcat.apache.org
>
>


Re: [VOTE] Release Apache Tomcat 11.0.0-M18

2024-03-12 Thread Rémy Maucherat
On Sat, Mar 9, 2024 at 7:53 PM Mark Thomas  wrote:
>
> The proposed Apache Tomcat 11.0.0-M18 release is now available for
> voting.
>
> Apache Tomcat 11.0.0-M18 is a milestone release of the 11.0.x branch and
> has been made to provide users with early access to the new features in
> Apache Tomcat 11.0.x so that they may provide feedback. The notable
> changes compared to the previous milestone include:
>
> - Reduce minimum Java version to Java 17
>
> - When restoring a saved POST request after a successful FORM
>authentication, ensure that neither the URI, the query string no
>the protocol are corrupted when restoring the request body.
>
> - Align error handling for Writer and OutputStream. Ensure use of either
>once the response has been recycled triggers a NullPointerException
>provided that discardFacades is configured with the default value of
>true.
>
> For full details, see the change log:
> https://nightlies.apache.org/tomcat/tomcat-11.0.x/docs/changelog.html
>
> Applications that run on Tomcat 9 and earlier will not run on Tomcat 11
> without changes. Java EE applications designed for Tomcat 9 and earlier
> may be placed in the $CATALINA_BASE/webapps-javaee directory and Tomcat
> will automatically convert them to Jakarta EE and copy them to the
> webapps directory. Applications using deprecated APIs may require
> further changes.
>
> It can be obtained from:
> https://dist.apache.org/repos/dist/dev/tomcat/tomcat-11/v11.0.0-M18/
>
> The Maven staging repo is:
> https://repository.apache.org/content/repositories/orgapachetomcat-1484
>
> The tag is:
> https://github.com/apache/tomcat/tree/11.0.0-M18
> eee0dbb29048a60ee2c85ebcb9abb1750046c0bf
>
> The proposed 11.0.0-M18 release is:
> [ ] -1 Broken - do not release
> [X] +1 Alpha  - go ahead and release as 11.0.0-M18

Rémy

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Re: [VOTE] Release Apache Tomcat 11.0.0-M18

2024-03-12 Thread Dimitris Soumis
+1 All tests pass on Fedora 38 with Java 21, tcnative-2.0.7, openssl-3.0.13.

On Sat, Mar 9, 2024 at 8:59 PM Mark Thomas  wrote:

> The proposed Apache Tomcat 11.0.0-M18 release is now available for
> voting.
>
> Apache Tomcat 11.0.0-M18 is a milestone release of the 11.0.x branch and
> has been made to provide users with early access to the new features in
> Apache Tomcat 11.0.x so that they may provide feedback. The notable
> changes compared to the previous milestone include:
>
> - Reduce minimum Java version to Java 17
>
> - When restoring a saved POST request after a successful FORM
>authentication, ensure that neither the URI, the query string no
>the protocol are corrupted when restoring the request body.
>
> - Align error handling for Writer and OutputStream. Ensure use of either
>once the response has been recycled triggers a NullPointerException
>provided that discardFacades is configured with the default value of
>true.
>
> For full details, see the change log:
> https://nightlies.apache.org/tomcat/tomcat-11.0.x/docs/changelog.html
>
> Applications that run on Tomcat 9 and earlier will not run on Tomcat 11
> without changes. Java EE applications designed for Tomcat 9 and earlier
> may be placed in the $CATALINA_BASE/webapps-javaee directory and Tomcat
> will automatically convert them to Jakarta EE and copy them to the
> webapps directory. Applications using deprecated APIs may require
> further changes.
>
> It can be obtained from:
> https://dist.apache.org/repos/dist/dev/tomcat/tomcat-11/v11.0.0-M18/
>
> The Maven staging repo is:
> https://repository.apache.org/content/repositories/orgapachetomcat-1484
>
> The tag is:
> https://github.com/apache/tomcat/tree/11.0.0-M18
> eee0dbb29048a60ee2c85ebcb9abb1750046c0bf
>
> The proposed 11.0.0-M18 release is:
> [ ] -1 Broken - do not release
> [X ] +1 Alpha  - go ahead and release as 11.0.0-M18
>
> -
> To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: dev-h...@tomcat.apache.org
>
>


(tomcat) branch main updated: Fix IDE warnings

2024-03-12 Thread markt
This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/main by this push:
 new 3fab83693b Fix IDE warnings
3fab83693b is described below

commit 3fab83693bb868a46eba20474631d80c93c05e7c
Author: Mark Thomas 
AuthorDate: Tue Mar 12 11:37:15 2024 +

Fix IDE warnings
---
 java/org/apache/catalina/realm/RealmBase.java   | 2 ++
 java/org/apache/catalina/security/SecurityListener.java | 4 ++--
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/java/org/apache/catalina/realm/RealmBase.java 
b/java/org/apache/catalina/realm/RealmBase.java
index daca9d6746..8f12552ee7 100644
--- a/java/org/apache/catalina/realm/RealmBase.java
+++ b/java/org/apache/catalina/realm/RealmBase.java
@@ -1288,6 +1288,8 @@ public abstract class RealmBase extends 
LifecycleMBeanBase implements Realm {
  * 
  *
  * @param args The parameters passed on the command line
+ *
+ * @throws IOException If an error occurs reading the password file
  */
 public static void main(String args[]) throws IOException {
 
diff --git a/java/org/apache/catalina/security/SecurityListener.java 
b/java/org/apache/catalina/security/SecurityListener.java
index adececd631..e92f7fbbc4 100644
--- a/java/org/apache/catalina/security/SecurityListener.java
+++ b/java/org/apache/catalina/security/SecurityListener.java
@@ -151,7 +151,7 @@ public class SecurityListener implements LifecycleListener {
 } catch (NumberFormatException nfe) {
 // Just use the default and warn the user
 log.warn(sm.getString("SecurityListener.buildDateAgeUnreadable",
-ageDays, DEFAULT_BUILD_DATE_WARNING_AGE_DAYS));
+ageDays, 
String.valueOf(DEFAULT_BUILD_DATE_WARNING_AGE_DAYS)));
 }
 }
 
@@ -235,7 +235,7 @@ public class SecurityListener implements LifecycleListener {
 old.add(Calendar.DATE, -allowedAgeDays); // Subtract X days 
from today
 
 if (buildDate.before(old.getTime())) {
-log.warn(sm.getString("SecurityListener.buildDateIsOld", 
allowedAgeDays));
+log.warn(sm.getString("SecurityListener.buildDateIsOld", 
String.valueOf(allowedAgeDays)));
 }
 } catch (ParseException pe) {
 log.warn(sm.getString("SecurityListener.buildDateUnreadable", 
buildDateString));


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



(tomcat) branch 10.1.x updated: Fix IDE warnings

2024-03-12 Thread markt
This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 10.1.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/10.1.x by this push:
 new f04df5a8f6 Fix IDE warnings
f04df5a8f6 is described below

commit f04df5a8f66a08b39b50ef38f3207dc87b1bb9f6
Author: Mark Thomas 
AuthorDate: Tue Mar 12 11:37:15 2024 +

Fix IDE warnings
---
 java/org/apache/catalina/realm/RealmBase.java   | 2 ++
 java/org/apache/catalina/security/SecurityListener.java | 4 ++--
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/java/org/apache/catalina/realm/RealmBase.java 
b/java/org/apache/catalina/realm/RealmBase.java
index 6668eb14ee..a71a4cdab9 100644
--- a/java/org/apache/catalina/realm/RealmBase.java
+++ b/java/org/apache/catalina/realm/RealmBase.java
@@ -1312,6 +1312,8 @@ public abstract class RealmBase extends 
LifecycleMBeanBase implements Realm {
  * 
  *
  * @param args The parameters passed on the command line
+ *
+ * @throws IOException If an error occurs reading the password file
  */
 public static void main(String args[]) throws IOException {
 
diff --git a/java/org/apache/catalina/security/SecurityListener.java 
b/java/org/apache/catalina/security/SecurityListener.java
index adececd631..e92f7fbbc4 100644
--- a/java/org/apache/catalina/security/SecurityListener.java
+++ b/java/org/apache/catalina/security/SecurityListener.java
@@ -151,7 +151,7 @@ public class SecurityListener implements LifecycleListener {
 } catch (NumberFormatException nfe) {
 // Just use the default and warn the user
 log.warn(sm.getString("SecurityListener.buildDateAgeUnreadable",
-ageDays, DEFAULT_BUILD_DATE_WARNING_AGE_DAYS));
+ageDays, 
String.valueOf(DEFAULT_BUILD_DATE_WARNING_AGE_DAYS)));
 }
 }
 
@@ -235,7 +235,7 @@ public class SecurityListener implements LifecycleListener {
 old.add(Calendar.DATE, -allowedAgeDays); // Subtract X days 
from today
 
 if (buildDate.before(old.getTime())) {
-log.warn(sm.getString("SecurityListener.buildDateIsOld", 
allowedAgeDays));
+log.warn(sm.getString("SecurityListener.buildDateIsOld", 
String.valueOf(allowedAgeDays)));
 }
 } catch (ParseException pe) {
 log.warn(sm.getString("SecurityListener.buildDateUnreadable", 
buildDateString));


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



(tomcat) branch 9.0.x updated: Fix IDE warnings

2024-03-12 Thread markt
This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/9.0.x by this push:
 new f13afa93ac Fix IDE warnings
f13afa93ac is described below

commit f13afa93ace1ce16e8e2512c19c89cd6b8cd80c3
Author: Mark Thomas 
AuthorDate: Tue Mar 12 11:37:15 2024 +

Fix IDE warnings
---
 java/org/apache/catalina/realm/RealmBase.java   | 2 ++
 java/org/apache/catalina/security/SecurityListener.java | 4 ++--
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/java/org/apache/catalina/realm/RealmBase.java 
b/java/org/apache/catalina/realm/RealmBase.java
index 39bb5cb006..7959c3ea0b 100644
--- a/java/org/apache/catalina/realm/RealmBase.java
+++ b/java/org/apache/catalina/realm/RealmBase.java
@@ -1334,6 +1334,8 @@ public abstract class RealmBase extends 
LifecycleMBeanBase implements Realm {
  * 
  *
  * @param args The parameters passed on the command line
+ *
+ * @throws IOException If an error occurs reading the password file
  */
 public static void main(String args[]) throws IOException {
 
diff --git a/java/org/apache/catalina/security/SecurityListener.java 
b/java/org/apache/catalina/security/SecurityListener.java
index adececd631..e92f7fbbc4 100644
--- a/java/org/apache/catalina/security/SecurityListener.java
+++ b/java/org/apache/catalina/security/SecurityListener.java
@@ -151,7 +151,7 @@ public class SecurityListener implements LifecycleListener {
 } catch (NumberFormatException nfe) {
 // Just use the default and warn the user
 log.warn(sm.getString("SecurityListener.buildDateAgeUnreadable",
-ageDays, DEFAULT_BUILD_DATE_WARNING_AGE_DAYS));
+ageDays, 
String.valueOf(DEFAULT_BUILD_DATE_WARNING_AGE_DAYS)));
 }
 }
 
@@ -235,7 +235,7 @@ public class SecurityListener implements LifecycleListener {
 old.add(Calendar.DATE, -allowedAgeDays); // Subtract X days 
from today
 
 if (buildDate.before(old.getTime())) {
-log.warn(sm.getString("SecurityListener.buildDateIsOld", 
allowedAgeDays));
+log.warn(sm.getString("SecurityListener.buildDateIsOld", 
String.valueOf(allowedAgeDays)));
 }
 } catch (ParseException pe) {
 log.warn(sm.getString("SecurityListener.buildDateUnreadable", 
buildDateString));


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Re: [VOTE] Release Apache Tomcat 9.0.87

2024-03-12 Thread Tim Funk
No issues noticed via internal testing.

-Tim

On Mon, Mar 11, 2024 at 7:10 AM Rémy Maucherat  wrote:

>
> The proposed 9.0.87 release is:
> [ ] -1, Broken - do not release
> [X] +1, Stable - go ahead and release as 9.0.87
>
>


(tomcat) branch 8.5.x updated: Fix IDE warnings

2024-03-12 Thread markt
This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/8.5.x by this push:
 new d81e4480e6 Fix IDE warnings
d81e4480e6 is described below

commit d81e4480e6c269190499e6e47a4293e753e0d003
Author: Mark Thomas 
AuthorDate: Tue Mar 12 11:37:15 2024 +

Fix IDE warnings
---
 java/org/apache/catalina/realm/RealmBase.java   | 2 ++
 java/org/apache/catalina/security/SecurityListener.java | 4 ++--
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/java/org/apache/catalina/realm/RealmBase.java 
b/java/org/apache/catalina/realm/RealmBase.java
index b558106fd5..5a82b43667 100644
--- a/java/org/apache/catalina/realm/RealmBase.java
+++ b/java/org/apache/catalina/realm/RealmBase.java
@@ -1385,6 +1385,8 @@ public abstract class RealmBase extends 
LifecycleMBeanBase implements org.apache
  * 
  *
  * @param args The parameters passed on the command line
+ *
+ * @throws IOException If an error occurs reading the password file
  */
 public static void main(String args[]) throws IOException {
 
diff --git a/java/org/apache/catalina/security/SecurityListener.java 
b/java/org/apache/catalina/security/SecurityListener.java
index adececd631..e92f7fbbc4 100644
--- a/java/org/apache/catalina/security/SecurityListener.java
+++ b/java/org/apache/catalina/security/SecurityListener.java
@@ -151,7 +151,7 @@ public class SecurityListener implements LifecycleListener {
 } catch (NumberFormatException nfe) {
 // Just use the default and warn the user
 log.warn(sm.getString("SecurityListener.buildDateAgeUnreadable",
-ageDays, DEFAULT_BUILD_DATE_WARNING_AGE_DAYS));
+ageDays, 
String.valueOf(DEFAULT_BUILD_DATE_WARNING_AGE_DAYS)));
 }
 }
 
@@ -235,7 +235,7 @@ public class SecurityListener implements LifecycleListener {
 old.add(Calendar.DATE, -allowedAgeDays); // Subtract X days 
from today
 
 if (buildDate.before(old.getTime())) {
-log.warn(sm.getString("SecurityListener.buildDateIsOld", 
allowedAgeDays));
+log.warn(sm.getString("SecurityListener.buildDateIsOld", 
String.valueOf(allowedAgeDays)));
 }
 } catch (ParseException pe) {
 log.warn(sm.getString("SecurityListener.buildDateUnreadable", 
buildDateString));


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



[PR] Simplify usage of custom ssl configuration [tomcat]

2024-03-12 Thread via GitHub


Hakky54 opened a new pull request, #706:
URL: https://github.com/apache/tomcat/pull/706

   This PR is a followup of the following earlier PR 
https://github.com/apache/tomcat/pull/673 Although that pull request didn't get 
merged, the code changes has been comitted to the main branch by the main 
developer, see here for the specific commit: 
https://github.com/apache/tomcat/commit/b0df9819c8d130adab0490b89dce1ab4ca6a3448
   
   **Context**
   With the earlier commit it is now possible to programatically configure the 
ssl configuration of tomcat instead of using properties and delegating to 
tomcat to construct the ssl configuration. This opens the possibility of 
reloading the ssl configuration or other sorts of customizations.
   
   I want to provide an example with my own code to give a better 
understanding, the project is also available here: [Instant SSL Reloading with 
Tomcat](https://github.com/Hakky54/java-tutorials/tree/main/instant-ssl-reloading-with-spring-tomcat)
   
   **SSLContext wrapper**
   ```java
   import nl.altindag.ssl.SSLFactory;
   import org.apache.tomcat.util.net.SSLContext;
   
   import javax.net.ssl.KeyManager;
   import javax.net.ssl.SSLEngine;
   import javax.net.ssl.SSLParameters;
   import javax.net.ssl.SSLServerSocketFactory;
   import javax.net.ssl.SSLSessionContext;
   import javax.net.ssl.TrustManager;
   import java.security.SecureRandom;
   import java.security.cert.X509Certificate;
   
   public final class TomcatSSLContext implements SSLContext {
   
   private final SSLFactory sslFactory;
   
   public TomcatSSLContext(SSLFactory sslFactory) {
   this.sslFactory = sslFactory;
   }
   
   @Override
   public void init(KeyManager[] kms, TrustManager[] tms, SecureRandom sr) {
   // not needed to initialize as it is already initialized
   }
   
   @Override
   public void destroy() {
   
   }
   
   @Override
   public SSLSessionContext getServerSessionContext() {
   return sslFactory.getSslContext().getServerSessionContext();
   }
   
   @Override
   public SSLEngine createSSLEngine() {
   return sslFactory.getSSLEngine();
   }
   
   @Override
   public SSLServerSocketFactory getServerSocketFactory() {
   return sslFactory.getSslServerSocketFactory();
   }
   
   @Override
   public SSLParameters getSupportedSSLParameters() {
   return sslFactory.getSslParameters();
   }
   
   @Override
   public X509Certificate[] getCertificateChain(String alias) {
   return sslFactory.getKeyManager()
   .map(keyManager -> keyManager.getCertificateChain(alias))
   .orElseThrow();
   }
   
   @Override
   public X509Certificate[] getAcceptedIssuers() {
   return sslFactory.getTrustedCertificates().toArray(new 
X509Certificate[0]);
   }
   
   }
   ```
   
   ```java
   import nl.altindag.ssl.SSLFactory;
   import org.apache.catalina.connector.Connector;
   import org.apache.coyote.http11.AbstractHttp11Protocol;
   import org.apache.tomcat.util.net.SSLHostConfig;
   import org.apache.tomcat.util.net.SSLHostConfigCertificate;
   import org.apache.tomcat.util.net.SSLHostConfigCertificate.Type;
   import org.springframework.beans.factory.annotation.Value;
   import 
org.springframework.boot.web.embedded.tomcat.TomcatConnectorCustomizer;
   import org.springframework.context.annotation.Configuration;
   
   @Configuration
   public class SSLConnectorCustomizer implements TomcatConnectorCustomizer {
   
   private final SSLFactory sslFactory;
   private final int port;
   
   public SSLConnectorCustomizer(SSLFactory sslFactory, 
@Value("${server.port}") int port) {
   this.sslFactory = sslFactory;
   this.port = port;
   }
   
   @Override
   public void customize(Connector connector) {
   connector.setScheme("https");
   connector.setSecure(true);
   connector.setPort(port);
   
   AbstractHttp11Protocol protocol = (AbstractHttp11Protocol) 
connector.getProtocolHandler();
   protocol.setSSLEnabled(true);
   
   SSLHostConfig sslHostConfig = new SSLHostConfig();
   SSLHostConfigCertificate certificate = new 
SSLHostConfigCertificate(sslHostConfig, Type.UNDEFINED);
   certificate.setSslContext(new TomcatSSLContext(sslFactory));
   sslHostConfig.addCertificate(certificate);
   protocol.addSslHostConfig(sslHostConfig);
   }
   
   }
   ```
   
   **Problem statement**
   Boilerplate code is needed by the end-user to provide a custom ssl 
configuration. Tomcat takes a custom SSLContext, the full name is 
`org.apache.tomcat.util.net.SSLContext` while the end-user has 
`javax.net.ssl.SSLContext`. So the end-user is required to create an 
implementation of `org.apache.tomcat.util.net.SSLContext` which acts as a 
wrapper. This sslcontext needs to be passed to `SSLHostCo

(tomcat) branch main updated: Fix a TCK failure for JSP include then forward

2024-03-12 Thread markt
This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/main by this push:
 new 8d7a0102c4 Fix a TCK failure for JSP include then forward
8d7a0102c4 is described below

commit 8d7a0102c4953a62728b3a45443902b975272af9
Author: Mark Thomas 
AuthorDate: Tue Mar 12 12:26:56 2024 +

Fix a TCK failure for JSP include then forward

Handle the case where the JSP engine forwards a request/response to a
Servlet that uses an OutputStream rather than a Writer. This was
triggering an IllegalStateException on code paths where there was a
subsequent attempt to obtain a Writer.

This had been returning the correct body but with a 500 response. The
older TCKs didn't notice the 500 response. The refactored TCK used in
Jakarta EE 11 did.
---
 java/org/apache/jasper/runtime/JspWriterImpl.java | 12 +++-
 .../apache/jasper/runtime/TestPageContextImpl.java| 17 +
 test/webapp/jsp/forward.jsp   | 17 +
 test/webapp/jsp/includeThenForward.jsp| 19 +++
 test/webapp/jsp/ok.html   |  5 +
 webapps/docs/changelog.xml| 11 +++
 6 files changed, 80 insertions(+), 1 deletion(-)

diff --git a/java/org/apache/jasper/runtime/JspWriterImpl.java 
b/java/org/apache/jasper/runtime/JspWriterImpl.java
index a2b1632295..06b14c1b3b 100644
--- a/java/org/apache/jasper/runtime/JspWriterImpl.java
+++ b/java/org/apache/jasper/runtime/JspWriterImpl.java
@@ -17,6 +17,7 @@
 package org.apache.jasper.runtime;
 
 import java.io.IOException;
+import java.io.PrintWriter;
 import java.io.Writer;
 
 import jakarta.servlet.ServletResponse;
@@ -115,7 +116,16 @@ public class JspWriterImpl extends JspWriter {
 
 private void initOut() throws IOException {
 if (out == null) {
-out = response.getWriter();
+try {
+out = response.getWriter();
+} catch (IllegalStateException e) {
+/*
+ * At some point in the processing something (most likely the 
default servlet as the target of a
+ *  action) wrote directly to the 
OutputStream rather than the Writer. Wrap the
+ * OutputStream in a Writer so the JSp engine can use the 
Writer it is expecting to use.
+ */
+out = new PrintWriter(response.getOutputStream());
+}
 }
 }
 
diff --git a/test/org/apache/jasper/runtime/TestPageContextImpl.java 
b/test/org/apache/jasper/runtime/TestPageContextImpl.java
index 4d409f0219..ee326ec3b2 100644
--- a/test/org/apache/jasper/runtime/TestPageContextImpl.java
+++ b/test/org/apache/jasper/runtime/TestPageContextImpl.java
@@ -120,4 +120,21 @@ public class TestPageContextImpl extends TomcatBaseTest {
 }
 
 }
+
+
+@Test
+public void testIncludeThenForward() throws Exception {
+getTomcatInstanceTestWebapp(false, true);
+
+ByteChunk res = new ByteChunk();
+
+int rc = getUrl("http://localhost:"; + getPort() +
+"/test/jsp/includeThenForward.jsp", res, null);
+
+Assert.assertEquals(HttpServletResponse.SC_OK, rc);
+
+String body = res.toString();
+Assert.assertTrue(body.contains("OK"));
+Assert.assertFalse(body.contains("FAIL"));
+}
 }
diff --git a/test/webapp/jsp/forward.jsp b/test/webapp/jsp/forward.jsp
new file mode 100644
index 00..eb87acd5fe
--- /dev/null
+++ b/test/webapp/jsp/forward.jsp
@@ -0,0 +1,17 @@
+<%--
+ Licensed to the Apache Software Foundation (ASF) under one or more
+  contributor license agreements.  See the NOTICE file distributed with
+  this work for additional information regarding copyright ownership.
+  The ASF licenses this file to You under the Apache License, Version 2.0
+  (the "License"); you may not use this file except in compliance with
+  the License.  You may obtain a copy of the License at
+
+  http://www.apache.org/licenses/LICENSE-2.0
+
+  Unless required by applicable law or agreed to in writing, software
+  distributed under the License is distributed on an "AS IS" BASIS,
+  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  See the License for the specific language governing permissions and
+  limitations under the License.
+--%>
+
diff --git a/test/webapp/jsp/includeThenForward.jsp 
b/test/webapp/jsp/includeThenForward.jsp
new file mode 100644
index 00..9c17bcce37
--- /dev/null
+++ b/test/webapp/jsp/includeThenForward.jsp
@@ -0,0 +1,19 @@
+<%--
+ Licensed to the Apache Software Foundation (ASF) under one or more
+  contributor license agreements.  See the NOTICE file distributed with
+  this work for additional information regarding copyright ownership.
+  The ASF license

(tomcat) branch main updated: Fix typo

2024-03-12 Thread markt
This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/main by this push:
 new 708226219e Fix typo
708226219e is described below

commit 708226219e3cbed2a780cc936a9f877d14f1a0af
Author: Mark Thomas 
AuthorDate: Tue Mar 12 12:29:40 2024 +

Fix typo
---
 java/org/apache/jasper/runtime/JspWriterImpl.java | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/java/org/apache/jasper/runtime/JspWriterImpl.java 
b/java/org/apache/jasper/runtime/JspWriterImpl.java
index 06b14c1b3b..f683b99321 100644
--- a/java/org/apache/jasper/runtime/JspWriterImpl.java
+++ b/java/org/apache/jasper/runtime/JspWriterImpl.java
@@ -122,7 +122,7 @@ public class JspWriterImpl extends JspWriter {
 /*
  * At some point in the processing something (most likely the 
default servlet as the target of a
  *  action) wrote directly to the 
OutputStream rather than the Writer. Wrap the
- * OutputStream in a Writer so the JSp engine can use the 
Writer it is expecting to use.
+ * OutputStream in a Writer so the JSP engine can use the 
Writer it is expecting to use.
  */
 out = new PrintWriter(response.getOutputStream());
 }


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



(tomcat) branch 10.1.x updated: Fix a TCK failure for JSP include then forward

2024-03-12 Thread markt
This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 10.1.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/10.1.x by this push:
 new ef8c4a0e6b Fix a TCK failure for JSP include then forward
ef8c4a0e6b is described below

commit ef8c4a0e6bfa26e7e5480c15e6ebc44aa964c38f
Author: Mark Thomas 
AuthorDate: Tue Mar 12 12:26:56 2024 +

Fix a TCK failure for JSP include then forward

Handle the case where the JSP engine forwards a request/response to a
Servlet that uses an OutputStream rather than a Writer. This was
triggering an IllegalStateException on code paths where there was a
subsequent attempt to obtain a Writer.

This had been returning the correct body but with a 500 response. The
older TCKs didn't notice the 500 response. The refactored TCK used in
Jakarta EE 11 did.
---
 java/org/apache/jasper/runtime/JspWriterImpl.java | 12 +++-
 .../apache/jasper/runtime/TestPageContextImpl.java| 17 +
 test/webapp/jsp/forward.jsp   | 17 +
 test/webapp/jsp/includeThenForward.jsp| 19 +++
 test/webapp/jsp/ok.html   |  5 +
 webapps/docs/changelog.xml|  7 +++
 6 files changed, 76 insertions(+), 1 deletion(-)

diff --git a/java/org/apache/jasper/runtime/JspWriterImpl.java 
b/java/org/apache/jasper/runtime/JspWriterImpl.java
index a2b1632295..06b14c1b3b 100644
--- a/java/org/apache/jasper/runtime/JspWriterImpl.java
+++ b/java/org/apache/jasper/runtime/JspWriterImpl.java
@@ -17,6 +17,7 @@
 package org.apache.jasper.runtime;
 
 import java.io.IOException;
+import java.io.PrintWriter;
 import java.io.Writer;
 
 import jakarta.servlet.ServletResponse;
@@ -115,7 +116,16 @@ public class JspWriterImpl extends JspWriter {
 
 private void initOut() throws IOException {
 if (out == null) {
-out = response.getWriter();
+try {
+out = response.getWriter();
+} catch (IllegalStateException e) {
+/*
+ * At some point in the processing something (most likely the 
default servlet as the target of a
+ *  action) wrote directly to the 
OutputStream rather than the Writer. Wrap the
+ * OutputStream in a Writer so the JSp engine can use the 
Writer it is expecting to use.
+ */
+out = new PrintWriter(response.getOutputStream());
+}
 }
 }
 
diff --git a/test/org/apache/jasper/runtime/TestPageContextImpl.java 
b/test/org/apache/jasper/runtime/TestPageContextImpl.java
index 4d409f0219..ee326ec3b2 100644
--- a/test/org/apache/jasper/runtime/TestPageContextImpl.java
+++ b/test/org/apache/jasper/runtime/TestPageContextImpl.java
@@ -120,4 +120,21 @@ public class TestPageContextImpl extends TomcatBaseTest {
 }
 
 }
+
+
+@Test
+public void testIncludeThenForward() throws Exception {
+getTomcatInstanceTestWebapp(false, true);
+
+ByteChunk res = new ByteChunk();
+
+int rc = getUrl("http://localhost:"; + getPort() +
+"/test/jsp/includeThenForward.jsp", res, null);
+
+Assert.assertEquals(HttpServletResponse.SC_OK, rc);
+
+String body = res.toString();
+Assert.assertTrue(body.contains("OK"));
+Assert.assertFalse(body.contains("FAIL"));
+}
 }
diff --git a/test/webapp/jsp/forward.jsp b/test/webapp/jsp/forward.jsp
new file mode 100644
index 00..eb87acd5fe
--- /dev/null
+++ b/test/webapp/jsp/forward.jsp
@@ -0,0 +1,17 @@
+<%--
+ Licensed to the Apache Software Foundation (ASF) under one or more
+  contributor license agreements.  See the NOTICE file distributed with
+  this work for additional information regarding copyright ownership.
+  The ASF licenses this file to You under the Apache License, Version 2.0
+  (the "License"); you may not use this file except in compliance with
+  the License.  You may obtain a copy of the License at
+
+  http://www.apache.org/licenses/LICENSE-2.0
+
+  Unless required by applicable law or agreed to in writing, software
+  distributed under the License is distributed on an "AS IS" BASIS,
+  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  See the License for the specific language governing permissions and
+  limitations under the License.
+--%>
+
diff --git a/test/webapp/jsp/includeThenForward.jsp 
b/test/webapp/jsp/includeThenForward.jsp
new file mode 100644
index 00..9c17bcce37
--- /dev/null
+++ b/test/webapp/jsp/includeThenForward.jsp
@@ -0,0 +1,19 @@
+<%--
+ Licensed to the Apache Software Foundation (ASF) under one or more
+  contributor license agreements.  See the NOTICE file distributed with
+  this work for additional information regarding copyright ownership.
+  The ASF license

(tomcat) branch 9.0.x updated: Fix a TCK failure for JSP include then forward

2024-03-12 Thread markt
This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/9.0.x by this push:
 new ad9b73a992 Fix a TCK failure for JSP include then forward
ad9b73a992 is described below

commit ad9b73a9922f10cf325438dc0449e75dd7fe5f1a
Author: Mark Thomas 
AuthorDate: Tue Mar 12 12:26:56 2024 +

Fix a TCK failure for JSP include then forward

Handle the case where the JSP engine forwards a request/response to a
Servlet that uses an OutputStream rather than a Writer. This was
triggering an IllegalStateException on code paths where there was a
subsequent attempt to obtain a Writer.

This had been returning the correct body but with a 500 response. The
older TCKs didn't notice the 500 response. The refactored TCK used in
Jakarta EE 11 did.
---
 java/org/apache/jasper/runtime/JspWriterImpl.java | 12 +++-
 .../apache/jasper/runtime/TestPageContextImpl.java| 17 +
 test/webapp/jsp/forward.jsp   | 17 +
 test/webapp/jsp/includeThenForward.jsp| 19 +++
 test/webapp/jsp/ok.html   |  5 +
 webapps/docs/changelog.xml| 11 +++
 6 files changed, 80 insertions(+), 1 deletion(-)

diff --git a/java/org/apache/jasper/runtime/JspWriterImpl.java 
b/java/org/apache/jasper/runtime/JspWriterImpl.java
index 2b3d34c5c7..263df987dc 100644
--- a/java/org/apache/jasper/runtime/JspWriterImpl.java
+++ b/java/org/apache/jasper/runtime/JspWriterImpl.java
@@ -17,6 +17,7 @@
 package org.apache.jasper.runtime;
 
 import java.io.IOException;
+import java.io.PrintWriter;
 import java.io.Writer;
 
 import javax.servlet.ServletResponse;
@@ -115,7 +116,16 @@ public class JspWriterImpl extends JspWriter {
 
 private void initOut() throws IOException {
 if (out == null) {
-out = response.getWriter();
+try {
+out = response.getWriter();
+} catch (IllegalStateException e) {
+/*
+ * At some point in the processing something (most likely the 
default servlet as the target of a
+ *  action) wrote directly to the 
OutputStream rather than the Writer. Wrap the
+ * OutputStream in a Writer so the JSp engine can use the 
Writer it is expecting to use.
+ */
+out = new PrintWriter(response.getOutputStream());
+}
 }
 }
 
diff --git a/test/org/apache/jasper/runtime/TestPageContextImpl.java 
b/test/org/apache/jasper/runtime/TestPageContextImpl.java
index d385d5263a..7f67009630 100644
--- a/test/org/apache/jasper/runtime/TestPageContextImpl.java
+++ b/test/org/apache/jasper/runtime/TestPageContextImpl.java
@@ -120,4 +120,21 @@ public class TestPageContextImpl extends TomcatBaseTest {
 }
 
 }
+
+
+@Test
+public void testIncludeThenForward() throws Exception {
+getTomcatInstanceTestWebapp(false, true);
+
+ByteChunk res = new ByteChunk();
+
+int rc = getUrl("http://localhost:"; + getPort() +
+"/test/jsp/includeThenForward.jsp", res, null);
+
+Assert.assertEquals(HttpServletResponse.SC_OK, rc);
+
+String body = res.toString();
+Assert.assertTrue(body.contains("OK"));
+Assert.assertFalse(body.contains("FAIL"));
+}
 }
diff --git a/test/webapp/jsp/forward.jsp b/test/webapp/jsp/forward.jsp
new file mode 100644
index 00..eb87acd5fe
--- /dev/null
+++ b/test/webapp/jsp/forward.jsp
@@ -0,0 +1,17 @@
+<%--
+ Licensed to the Apache Software Foundation (ASF) under one or more
+  contributor license agreements.  See the NOTICE file distributed with
+  this work for additional information regarding copyright ownership.
+  The ASF licenses this file to You under the Apache License, Version 2.0
+  (the "License"); you may not use this file except in compliance with
+  the License.  You may obtain a copy of the License at
+
+  http://www.apache.org/licenses/LICENSE-2.0
+
+  Unless required by applicable law or agreed to in writing, software
+  distributed under the License is distributed on an "AS IS" BASIS,
+  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  See the License for the specific language governing permissions and
+  limitations under the License.
+--%>
+
diff --git a/test/webapp/jsp/includeThenForward.jsp 
b/test/webapp/jsp/includeThenForward.jsp
new file mode 100644
index 00..9c17bcce37
--- /dev/null
+++ b/test/webapp/jsp/includeThenForward.jsp
@@ -0,0 +1,19 @@
+<%--
+ Licensed to the Apache Software Foundation (ASF) under one or more
+  contributor license agreements.  See the NOTICE file distributed with
+  this work for additional information regarding copyright ownership.
+  The ASF license

(tomcat) branch 8.5.x updated: Fix a TCK failure for JSP include then forward

2024-03-12 Thread markt
This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/8.5.x by this push:
 new ae91e0b564 Fix a TCK failure for JSP include then forward
ae91e0b564 is described below

commit ae91e0b564ebe3610ab187792605fec0cc65797c
Author: Mark Thomas 
AuthorDate: Tue Mar 12 12:26:56 2024 +

Fix a TCK failure for JSP include then forward

Handle the case where the JSP engine forwards a request/response to a
Servlet that uses an OutputStream rather than a Writer. This was
triggering an IllegalStateException on code paths where there was a
subsequent attempt to obtain a Writer.

This had been returning the correct body but with a 500 response. The
older TCKs didn't notice the 500 response. The refactored TCK used in
Jakarta EE 11 did.
---
 java/org/apache/jasper/runtime/JspWriterImpl.java | 12 +++-
 .../apache/jasper/runtime/TestPageContextImpl.java| 17 +
 test/webapp/jsp/forward.jsp   | 17 +
 test/webapp/jsp/includeThenForward.jsp| 19 +++
 test/webapp/jsp/ok.html   |  5 +
 webapps/docs/changelog.xml|  7 +++
 6 files changed, 76 insertions(+), 1 deletion(-)

diff --git a/java/org/apache/jasper/runtime/JspWriterImpl.java 
b/java/org/apache/jasper/runtime/JspWriterImpl.java
index 2b3d34c5c7..263df987dc 100644
--- a/java/org/apache/jasper/runtime/JspWriterImpl.java
+++ b/java/org/apache/jasper/runtime/JspWriterImpl.java
@@ -17,6 +17,7 @@
 package org.apache.jasper.runtime;
 
 import java.io.IOException;
+import java.io.PrintWriter;
 import java.io.Writer;
 
 import javax.servlet.ServletResponse;
@@ -115,7 +116,16 @@ public class JspWriterImpl extends JspWriter {
 
 private void initOut() throws IOException {
 if (out == null) {
-out = response.getWriter();
+try {
+out = response.getWriter();
+} catch (IllegalStateException e) {
+/*
+ * At some point in the processing something (most likely the 
default servlet as the target of a
+ *  action) wrote directly to the 
OutputStream rather than the Writer. Wrap the
+ * OutputStream in a Writer so the JSp engine can use the 
Writer it is expecting to use.
+ */
+out = new PrintWriter(response.getOutputStream());
+}
 }
 }
 
diff --git a/test/org/apache/jasper/runtime/TestPageContextImpl.java 
b/test/org/apache/jasper/runtime/TestPageContextImpl.java
index d385d5263a..7f67009630 100644
--- a/test/org/apache/jasper/runtime/TestPageContextImpl.java
+++ b/test/org/apache/jasper/runtime/TestPageContextImpl.java
@@ -120,4 +120,21 @@ public class TestPageContextImpl extends TomcatBaseTest {
 }
 
 }
+
+
+@Test
+public void testIncludeThenForward() throws Exception {
+getTomcatInstanceTestWebapp(false, true);
+
+ByteChunk res = new ByteChunk();
+
+int rc = getUrl("http://localhost:"; + getPort() +
+"/test/jsp/includeThenForward.jsp", res, null);
+
+Assert.assertEquals(HttpServletResponse.SC_OK, rc);
+
+String body = res.toString();
+Assert.assertTrue(body.contains("OK"));
+Assert.assertFalse(body.contains("FAIL"));
+}
 }
diff --git a/test/webapp/jsp/forward.jsp b/test/webapp/jsp/forward.jsp
new file mode 100644
index 00..eb87acd5fe
--- /dev/null
+++ b/test/webapp/jsp/forward.jsp
@@ -0,0 +1,17 @@
+<%--
+ Licensed to the Apache Software Foundation (ASF) under one or more
+  contributor license agreements.  See the NOTICE file distributed with
+  this work for additional information regarding copyright ownership.
+  The ASF licenses this file to You under the Apache License, Version 2.0
+  (the "License"); you may not use this file except in compliance with
+  the License.  You may obtain a copy of the License at
+
+  http://www.apache.org/licenses/LICENSE-2.0
+
+  Unless required by applicable law or agreed to in writing, software
+  distributed under the License is distributed on an "AS IS" BASIS,
+  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  See the License for the specific language governing permissions and
+  limitations under the License.
+--%>
+
diff --git a/test/webapp/jsp/includeThenForward.jsp 
b/test/webapp/jsp/includeThenForward.jsp
new file mode 100644
index 00..9c17bcce37
--- /dev/null
+++ b/test/webapp/jsp/includeThenForward.jsp
@@ -0,0 +1,19 @@
+<%--
+ Licensed to the Apache Software Foundation (ASF) under one or more
+  contributor license agreements.  See the NOTICE file distributed with
+  this work for additional information regarding copyright ownership.
+  The ASF licenses th

Buildbot failure in on tomcat-11.0.x

2024-03-12 Thread buildbot
Build status: BUILD FAILED: failed compile (failure)
Worker used: bb_worker2_ubuntu
URL: https://ci2.apache.org/#builders/112/builds/978
Blamelist: Mark Thomas 
Build Text: failed compile (failure)
Status Detected: new failure
Build Source Stamp: [branch main] 708226219e3cbed2a780cc936a9f877d14f1a0af


Steps:

  worker_preparation: 0

  git: 0

  shell: 0

  shell_1: 0

  shell_2: 0

  shell_3: 0

  shell_4: 0

  shell_5: 0

  shell_6: 0

  compile: 1

  shell_7: 0

  shell_8: 0

  shell_9: 0

  shell_10: 0

  Rsync docs to nightlies.apache.org: 0

  shell_11: 0

  Rsync RAT to nightlies.apache.org: 0

  compile_1: 2

  shell_12: 0

  Rsync Logs to nightlies.apache.org: 0


-- ASF Buildbot


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Re: (tomcat) 02/02: Add checking for the age of the Tomcat version running and warn if it's getting old.

2024-03-12 Thread Christopher Schultz

Mark,

On 3/12/24 05:00, Mark Thomas wrote:

On 11/03/2024 21:38, schu...@apache.org wrote:

This is an automated email from the ASF dual-hosted git repository.

schultz pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git

commit 3ab883aa746a5c577efa39d9080858e53ca77da6
Author: Christopher Schultz 
AuthorDate: Mon Mar 11 17:38:01 2024 -0400

 Add checking for the age of the Tomcat version running and warn 
if it's getting old.


How do I disable this check if I don't want to use it? I'd expect 
something like set it to "-1".


I could add a special case for "disable" or you could set it to a very 
high value.


If your Tomcat installation is still running in 32768 days, you 
certainly won't give a damn if it starts issuing warnings.


-chris

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Buildbot success in on tomcat-9.0.x

2024-03-12 Thread buildbot
Build status: Build succeeded!
Worker used: bb_worker2_ubuntu
URL: https://ci2.apache.org/#builders/37/builds/887
Blamelist: Christopher Schultz , Mark Thomas 

Build Text: build successful
Status Detected: restored build
Build Source Stamp: [branch 9.0.x] ad9b73a9922f10cf325438dc0449e75dd7fe5f1a


Steps:

  worker_preparation: 0

  git: 0

  shell: 0

  shell_1: 0

  shell_2: 0

  shell_3: 0

  shell_4: 0

  shell_5: 0

  compile: 1

  shell_6: 0

  shell_7: 0

  shell_8: 0

  shell_9: 0

  Rsync docs to nightlies.apache.org: 0

  shell_10: 0

  Rsync RAT to nightlies.apache.org: 0

  compile_1: 1

  shell_11: 0

  Rsync Logs to nightlies.apache.org: 0


-- ASF Buildbot


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Re: [VOTE] Release Apache Tomcat 11.0.0-M18

2024-03-12 Thread Christopher Schultz

Mark,

Thanks for RMing

On 3/9/24 1:52 PM, Mark Thomas wrote:

The proposed Apache Tomcat 11.0.0-M18 release is now available for
voting.

Apache Tomcat 11.0.0-M18 is a milestone release of the 11.0.x branch and 
has been made to provide users with early access to the new features in 
Apache Tomcat 11.0.x so that they may provide feedback. The notable 
changes compared to the previous milestone include:


- Reduce minimum Java version to Java 17

- When restoring a saved POST request after a successful FORM
   authentication, ensure that neither the URI, the query string no
   the protocol are corrupted when restoring the request body.

- Align error handling for Writer and OutputStream. Ensure use of either
   once the response has been recycled triggers a NullPointerException
   provided that discardFacades is configured with the default value of
   true.

For full details, see the change log:
https://nightlies.apache.org/tomcat/tomcat-11.0.x/docs/changelog.html

Applications that run on Tomcat 9 and earlier will not run on Tomcat 11 
without changes. Java EE applications designed for Tomcat 9 and earlier 
may be placed in the $CATALINA_BASE/webapps-javaee directory and Tomcat 
will automatically convert them to Jakarta EE and copy them to the 
webapps directory. Applications using deprecated APIs may require 
further changes.


It can be obtained from:
https://dist.apache.org/repos/dist/dev/tomcat/tomcat-11/v11.0.0-M18/

The Maven staging repo is:
https://repository.apache.org/content/repositories/orgapachetomcat-1484

The tag is:
https://github.com/apache/tomcat/tree/11.0.0-M18
eee0dbb29048a60ee2c85ebcb9abb1750046c0bf

The proposed 11.0.0-M18 release is:
[ ] -1 Broken - do not release
[ ] +1 Alpha  - go ahead and release as 11.0.0-M18


+1 for alpha release.

Unit tests pass on x86-64 MacOS. The build is reproducible except for 
the fulldocs package which is missing specific file content due to a JDK 
bug.


Details:

* Environment
*  Java (build):openjdk version "22" 2024-03-19 OpenJDK Runtime 
Environment (build 22+35-2369) OpenJDK 64-Bit Server VM (build 
22+35-2369, mixed mode, sharing)
*  Java (test): openjdk version "22" 2024-03-19 OpenJDK Runtime 
Environment (build 22+35-2369) OpenJDK 64-Bit Server VM (build 
22+35-2369, mixed mode, sharing)

*  OS:  Darwin 21.6.0 x86_64
*  cc:  Apple clang version 12.0.0 (clang-1200.0.31.1)
*  make:GNU Make 3.81
*  OpenSSL:   OpenSSL 3.2.0 23 Nov 2023 (Library: OpenSSL 3.2.0 23 
Nov 2023)

*  APR: 1.7.4
*
* Valid SHA-512 signature for apache-tomcat-11.0.0-M18.zip
* Valid GPG signature for apache-tomcat-11.0.0-M18.zip
* Valid SHA-512 signature for apache-tomcat-11.0.0-M18.tar.gz
* Valid GPG signature for apache-tomcat-11.0.0-M18.tar.gz
* Valid SHA-512 signature for apache-tomcat-11.0.0-M18.exe
* Valid GPG signature for apache-tomcat-11.0.0-M18.exe
* Valid SHA512 signature for apache-tomcat-11.0.0-M18-src.zip
* Valid GPG signature for apache-tomcat-11.0.0-M18-src.zip
* Valid SHA512 signature for apache-tomcat-11.0.0-M18-src.tar.gz
* Valid GPG signature for apache-tomcat-11.0.0-M18-src.tar.gz
*
* Binary Zip and tarball: Same
* Source Zip and tarball: Same
*
* Building dependencies returned: 0
* tcnative builds cleanly
* Tomcat builds cleanly
* Junit Tests: PASSED


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



(tomcat) branch main updated: Update to Checkstyle 10.14.1

2024-03-12 Thread markt
This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/main by this push:
 new a6997ad630 Update to Checkstyle 10.14.1
a6997ad630 is described below

commit a6997ad630d05905e5e1f527ab4411e352e652fc
Author: Mark Thomas 
AuthorDate: Tue Mar 12 15:28:24 2024 +

Update to Checkstyle 10.14.1

Note there is a performance issue with Checkstyle 10.13.0 that means
checks take ~4x longer
---
 build.properties.default   | 4 ++--
 webapps/docs/changelog.xml | 7 +++
 2 files changed, 9 insertions(+), 2 deletions(-)

diff --git a/build.properties.default b/build.properties.default
index 1d43db2afb..0780fd796b 100644
--- a/build.properties.default
+++ b/build.properties.default
@@ -253,10 +253,10 @@ 
unboundid.jar=${unboundid.home}/unboundid-ldapsdk-${unboundid.version}.jar
 
unboundid.loc=${base-maven.loc}/com/unboundid/unboundid-ldapsdk/${unboundid.version}/unboundid-ldapsdk-${unboundid.version}.jar
 
 # - Checkstyle, version 6.16 or later -
-checkstyle.version=10.13.0
+checkstyle.version=10.14.1
 checkstyle.checksum.enabled=true
 checkstyle.checksum.algorithm=SHA-512
-checkstyle.checksum.value=209f015d6d2d1a7fb44e6552e090ab77e78ac7dc8aff1c4fa96ce413a1f9715d0e7896b10213f643b140d376a7861ae51893f878cc27fcefb70d73731e2213a0
+checkstyle.checksum.value=59c734883c7770429ef5f977f4139724da86caa932fb365a186e1bf47b5a6e04c718c1dba8ed383c0979a594586c608af1aa30bbec6f4c444c08c3009473e245
 checkstyle.home=${base.path}/checkstyle-${checkstyle.version}
 checkstyle.jar=${checkstyle.home}/checkstyle-${checkstyle.version}-all.jar
 
checkstyle.loc=${base-gh.loc}/checkstyle/checkstyle/releases/download/checkstyle-${checkstyle.version}/checkstyle-${checkstyle.version}-all.jar
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 59c19636c5..96cd91a95b 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -131,6 +131,13 @@
   
 
   
+  
+
+  
+Update Checkstyle to 10.14.1. (markt)
+  
+
+  
 
 
   


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



(tomcat) branch 10.1.x updated: Update to Checkstyle 10.14.1

2024-03-12 Thread markt
This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 10.1.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/10.1.x by this push:
 new 9341433fcd Update to Checkstyle 10.14.1
9341433fcd is described below

commit 9341433fcd6cf0687a1d926c88dfc5330629c9d6
Author: Mark Thomas 
AuthorDate: Tue Mar 12 15:28:24 2024 +

Update to Checkstyle 10.14.1

Note there is a performance issue with Checkstyle 10.13.0 that means
checks take ~4x longer
---
 build.properties.default   | 4 ++--
 webapps/docs/changelog.xml | 3 +++
 2 files changed, 5 insertions(+), 2 deletions(-)

diff --git a/build.properties.default b/build.properties.default
index 45ef0cd2fd..4a06b0e0da 100644
--- a/build.properties.default
+++ b/build.properties.default
@@ -274,10 +274,10 @@ 
unboundid.jar=${unboundid.home}/unboundid-ldapsdk-${unboundid.version}.jar
 
unboundid.loc=${base-maven.loc}/com/unboundid/unboundid-ldapsdk/${unboundid.version}/unboundid-ldapsdk-${unboundid.version}.jar
 
 # - Checkstyle, version 6.16 or later -
-checkstyle.version=10.13.0
+checkstyle.version=10.14.1
 checkstyle.checksum.enabled=true
 checkstyle.checksum.algorithm=SHA-512
-checkstyle.checksum.value=209f015d6d2d1a7fb44e6552e090ab77e78ac7dc8aff1c4fa96ce413a1f9715d0e7896b10213f643b140d376a7861ae51893f878cc27fcefb70d73731e2213a0
+checkstyle.checksum.value=59c734883c7770429ef5f977f4139724da86caa932fb365a186e1bf47b5a6e04c718c1dba8ed383c0979a594586c608af1aa30bbec6f4c444c08c3009473e245
 checkstyle.home=${base.path}/checkstyle-${checkstyle.version}
 checkstyle.jar=${checkstyle.home}/checkstyle-${checkstyle.version}-all.jar
 
checkstyle.loc=${base-gh.loc}/checkstyle/checkstyle/releases/download/checkstyle-${checkstyle.version}/checkstyle-${checkstyle.version}-all.jar
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index f854ae6c32..31fae9bdd2 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -210,6 +210,9 @@
 57130: Allow digest.(sh|bat) to accept password from a file
 or stdin. (csutherl/schultz)
   
+  
+Update Checkstyle to 10.14.1. (markt)
+  
 
   
 


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Buildbot success in on tomcat-8.5.x

2024-03-12 Thread buildbot
Build status: Build succeeded!
Worker used: bb_worker2_ubuntu
URL: https://ci2.apache.org/#builders/36/builds/776
Blamelist: Christopher Schultz , Mark Thomas 

Build Text: build successful
Status Detected: restored build
Build Source Stamp: [branch 8.5.x] ae91e0b564ebe3610ab187792605fec0cc65797c


Steps:

  worker_preparation: 0

  git: 0

  shell: 0

  shell_1: 0

  shell_2: 0

  shell_3: 0

  shell_4: 0

  shell_5: 0

  compile: 1

  shell_6: 0

  shell_7: 0

  shell_8: 0

  shell_9: 0

  Rsync docs to nightlies.apache.org: 0

  shell_10: 0

  Rsync RAT to nightlies.apache.org: 0

  compile_1: 1

  shell_11: 0

  Rsync Logs to nightlies.apache.org: 0


-- ASF Buildbot


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



(tomcat) branch 9.0.x updated: Update to Checkstyle 10.14.1

2024-03-12 Thread markt
This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/9.0.x by this push:
 new 6ed7e863f8 Update to Checkstyle 10.14.1
6ed7e863f8 is described below

commit 6ed7e863f8d2b158f441b4d4d0da50aa57814d03
Author: Mark Thomas 
AuthorDate: Tue Mar 12 15:28:24 2024 +

Update to Checkstyle 10.14.1

Note there is a performance issue with Checkstyle 10.13.0 that means
checks take ~4x longer
---
 build.properties.default   | 4 ++--
 webapps/docs/changelog.xml | 7 +++
 2 files changed, 9 insertions(+), 2 deletions(-)

diff --git a/build.properties.default b/build.properties.default
index aa236353de..9033fe4eba 100644
--- a/build.properties.default
+++ b/build.properties.default
@@ -276,10 +276,10 @@ 
unboundid.jar=${unboundid.home}/unboundid-ldapsdk-${unboundid.version}.jar
 
unboundid.loc=${base-maven.loc}/com/unboundid/unboundid-ldapsdk/${unboundid.version}/unboundid-ldapsdk-${unboundid.version}.jar
 
 # - Checkstyle, version 6.16 or later -
-checkstyle.version=10.13.0
+checkstyle.version=10.14.1
 checkstyle.checksum.enabled=true
 checkstyle.checksum.algorithm=SHA-512
-checkstyle.checksum.value=209f015d6d2d1a7fb44e6552e090ab77e78ac7dc8aff1c4fa96ce413a1f9715d0e7896b10213f643b140d376a7861ae51893f878cc27fcefb70d73731e2213a0
+checkstyle.checksum.value=59c734883c7770429ef5f977f4139724da86caa932fb365a186e1bf47b5a6e04c718c1dba8ed383c0979a594586c608af1aa30bbec6f4c444c08c3009473e245
 checkstyle.home=${base.path}/checkstyle-${checkstyle.version}
 checkstyle.jar=${checkstyle.home}/checkstyle-${checkstyle.version}-all.jar
 
checkstyle.loc=${base-gh.loc}/checkstyle/checkstyle/releases/download/checkstyle-${checkstyle.version}/checkstyle-${checkstyle.version}-all.jar
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index f5b2c90c67..825e6634b9 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -131,6 +131,13 @@
   
 
   
+  
+
+  
+Update Checkstyle to 10.14.1. (markt)
+  
+
+  
 
 
   


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



(tomcat) branch 8.5.x updated: Update to Checkstyle 10.14.1

2024-03-12 Thread markt
This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/8.5.x by this push:
 new 234ea47e33 Update to Checkstyle 10.14.1
234ea47e33 is described below

commit 234ea47e332e857769d77e2790ac31ad33f4bd54
Author: Mark Thomas 
AuthorDate: Tue Mar 12 15:28:24 2024 +

Update to Checkstyle 10.14.1

Note there is a performance issue with Checkstyle 10.13.0 that means
checks take ~4x longer
---
 build.properties.default   | 4 ++--
 webapps/docs/changelog.xml | 3 +++
 2 files changed, 5 insertions(+), 2 deletions(-)

diff --git a/build.properties.default b/build.properties.default
index 2c4cd6f702..16252374a7 100644
--- a/build.properties.default
+++ b/build.properties.default
@@ -280,10 +280,10 @@ 
unboundid.jar=${unboundid.home}/unboundid-ldapsdk-${unboundid.version}.jar
 
unboundid.loc=${base-maven.loc}/com/unboundid/unboundid-ldapsdk/${unboundid.version}/unboundid-ldapsdk-${unboundid.version}.jar
 
 # - Checkstyle, version 6.16 or later -
-checkstyle.version=10.13.0
+checkstyle.version=10.14.1
 checkstyle.checksum.enabled=true
 checkstyle.checksum.algorithm=SHA-512
-checkstyle.checksum.value=209f015d6d2d1a7fb44e6552e090ab77e78ac7dc8aff1c4fa96ce413a1f9715d0e7896b10213f643b140d376a7861ae51893f878cc27fcefb70d73731e2213a0
+checkstyle.checksum.value=59c734883c7770429ef5f977f4139724da86caa932fb365a186e1bf47b5a6e04c718c1dba8ed383c0979a594586c608af1aa30bbec6f4c444c08c3009473e245
 checkstyle.home=${base.path}/checkstyle-${checkstyle.version}
 checkstyle.jar=${checkstyle.home}/checkstyle-${checkstyle.version}-all.jar
 
checkstyle.loc=${base-gh.loc}/checkstyle/checkstyle/releases/download/checkstyle-${checkstyle.version}/checkstyle-${checkstyle.version}-all.jar
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 501626ccd7..0737d6d24f 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -181,6 +181,9 @@
 57130: Allow digest.(sh|bat) to accept password from a file
 or stdin. (csutherl/schultz)
   
+  
+Update Checkstyle to 10.14.1. (markt)
+  
 
   
 


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Re: [VOTE] Release Apache Tomcat 9.0.87

2024-03-12 Thread Christopher Schultz

Rémy,

Thank for RMing.

On 3/11/24 07:09, Rémy Maucherat wrote:

The proposed Apache Tomcat 9.0.87 release is now available for voting.

The notable changes compared to 9.0.86 are:

- When restoring a saved POST request after a successful FORM
authentication, ensure that neither the URI, the query string nor
the protocol are corrupted when restoring the request body.

- Align error handling for Writer and OutputStream. Ensure use of either
once the response has been recycled triggers a NullPointerException
provided that discardFacades is configured with the default value of
true.

- The standard thread pool implementations that are
configured using the Executor element now implement
ExecutorService for better support of NIO2 or others.

For full details, see the changelog:
https://nightlies.apache.org/tomcat/tomcat-9.0.x/docs/changelog.html

It can be obtained from:
https://dist.apache.org/repos/dist/dev/tomcat/tomcat-9/v9.0.87/
The Maven staging repo is:
https://repository.apache.org/content/repositories/orgapachetomcat-1485
The tag is:
https://github.com/apache/tomcat/tree/9.0.87
4c4c166c3d7fd2d00801657c7a78fc7d46c8ec32

The proposed 9.0.87 release is:
[ ] -1, Broken - do not release
[ ] +1, Stable - go ahead and release as 9.0.87


+1 for stable release.

Works with a vanilla servlet-based application in a development environment.

Unit tests pass on arm64 MacOS. The build is reproducible except for the 
fulldocs package which is missing specific file content due to a JDK bug.


Details:
* Environment
*  Java (build):openjdk version "17.0.10" 2024-01-16 OpenJDK Runtime 
Environment Temurin-17.0.10+7 (build 17.0.10+7) OpenJDK 64-Bit Server VM 
Temurin-17.0.10+7 (build 17.0.10+7, mixed mode)
*  Java (test): openjdk version "17.0.10" 2024-01-16 OpenJDK Runtime 
Environment Temurin-17.0.10+7 (build 17.0.10+7) OpenJDK 64-Bit Server VM 
Temurin-17.0.10+7 (build 17.0.10+7, mixed mode)
*  Ant: Apache Ant(TM) version 1.10.14 compiled on August 16 
2023

*  OS:  Darwin 23.3.0 arm64
*  cc:  Apple clang version 15.0.0 (clang-1500.1.0.2.5)
*  make:GNU Make 3.81
*  OpenSSL:   OpenSSL 3.2.0 23 Nov 2023 (Library: OpenSSL 3.2.0 23 
Nov 2023)

*  APR: 1.7.4
*
* Valid SHA-512 signature for apache-tomcat-9.0.87.zip
* Valid GPG signature for apache-tomcat-9.0.87.zip
* Valid SHA-512 signature for apache-tomcat-9.0.87.tar.gz
* Valid GPG signature for apache-tomcat-9.0.87.tar.gz
* Valid SHA-512 signature for apache-tomcat-9.0.87.exe
* Valid GPG signature for apache-tomcat-9.0.87.exe
* Valid SHA512 signature for apache-tomcat-9.0.87-src.zip
* Valid GPG signature for apache-tomcat-9.0.87-src.zip
* Valid SHA512 signature for apache-tomcat-9.0.87-src.tar.gz
* Valid GPG signature for apache-tomcat-9.0.87-src.tar.gz
*
* Binary Zip and tarball: Same
* Source Zip and tarball: Same
*
* Building dependencies returned: 0
* tcnative builds cleanly
* Tomcat builds cleanly
* Junit Tests: PASSED

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Re: (tomcat) 02/02: Add checking for the age of the Tomcat version running and warn if it's getting old.

2024-03-12 Thread Rémy Maucherat
On Tue, Mar 12, 2024 at 3:02 PM Christopher Schultz
 wrote:
>
> Mark,
>
> On 3/12/24 05:00, Mark Thomas wrote:
> > On 11/03/2024 21:38, schu...@apache.org wrote:
> >> This is an automated email from the ASF dual-hosted git repository.
> >>
> >> schultz pushed a commit to branch main
> >> in repository https://gitbox.apache.org/repos/asf/tomcat.git
> >>
> >> commit 3ab883aa746a5c577efa39d9080858e53ca77da6
> >> Author: Christopher Schultz 
> >> AuthorDate: Mon Mar 11 17:38:01 2024 -0400
> >>
> >>  Add checking for the age of the Tomcat version running and warn
> >> if it's getting old.
> >
> > How do I disable this check if I don't want to use it? I'd expect
> > something like set it to "-1".
>
> I could add a special case for "disable" or you could set it to a very
> high value.
>
> If your Tomcat installation is still running in 32768 days, you
> certainly won't give a damn if it starts issuing warnings.

I don't like this either. It might get me into real trouble with my
downstream, actually.

Unless there's a security issue, I think people don't really really
have to upgrade working production systems that often. For example,
between 9.0.62 and 9.0.71, no CVEs above low. And even if there was
most often a user will not be affected. Upgrading costs testing and
resources, so ...

I'm not advocating that users should never upgrade, but building in a
nag by default is not great. Esp 6 months. By the time things are
upgraded they will start nagging again the next day pretty much. Then
a warn log about security often cannot be simply ignored.

Rémy

> -chris
>
> -
> To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: dev-h...@tomcat.apache.org
>

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



(tomcat) branch main updated: Add thread idle time configuration

2024-03-12 Thread remm
This is an automated email from the ASF dual-hosted git repository.

remm pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/main by this push:
 new 5d8fb49d2d Add thread idle time configuration
5d8fb49d2d is described below

commit 5d8fb49d2db63f37e3bb322f1c08a98ae287a8e7
Author: remm 
AuthorDate: Tue Mar 12 20:38:11 2024 +0100

Add thread idle time configuration

The default remains 60s.
---
 .../apache/tomcat/util/net/AbstractEndpoint.java   | 24 ++
 webapps/docs/changelog.xml | 10 +
 webapps/docs/config/http.xml   | 13 
 3 files changed, 47 insertions(+)

diff --git a/java/org/apache/tomcat/util/net/AbstractEndpoint.java 
b/java/org/apache/tomcat/util/net/AbstractEndpoint.java
index 4c9942a3b4..006e8925ef 100644
--- a/java/org/apache/tomcat/util/net/AbstractEndpoint.java
+++ b/java/org/apache/tomcat/util/net/AbstractEndpoint.java
@@ -975,6 +975,30 @@ public abstract class AbstractEndpoint {
 }
 
 
+/**
+ * Amount of time in milliseconds before the internal thread pool stops 
any idle threads
+ * if the amount of thread is greater than the minimum amount of spare 
threads.
+ */
+private int threadsMaxIdleTime = 6;
+public void setThreadsMaxIdleTime(int threadsMaxIdleTime) {
+this.threadsMaxIdleTime = threadsMaxIdleTime;
+Executor executor = this.executor;
+if (internalExecutor && executor instanceof ThreadPoolExecutor) {
+// The internal executor should always be an instance of
+// org.apache.tomcat.util.threads.ThreadPoolExecutor but it may be
+// null if the endpoint is not running.
+// This check also avoids various threading issues.
+((ThreadPoolExecutor) 
executor).setKeepAliveTime(threadsMaxIdleTime, TimeUnit.MILLISECONDS);
+}
+}
+public int getThreadsMaxIdleTime() {
+if (internalExecutor) {
+return threadsMaxIdleTime;
+} else {
+return -1;
+}
+}
+
 /**
  * Priority of the worker threads.
  */
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 96cd91a95b..4f3e7a605d 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -120,6 +120,16 @@
   
 
   
+  
+
+  
+Add threadsMaxIdleTime attribute to the endpoint,
+to allow configuring the amount of time before an internal executor
+will scale back to the configured minSpareThreads size.
+(remm)
+  
+
+  
   
 
   
diff --git a/webapps/docs/config/http.xml b/webapps/docs/config/http.xml
index 1311af1eb5..c0636f5559 100644
--- a/webapps/docs/config/http.xml
+++ b/webapps/docs/config/http.xml
@@ -682,6 +682,19 @@
   -1 to make clear that it is not used.
 
 
+
+  The amount of time in milliseconds that threads will be kept alive by
+  the thread pool, if there are more than minSpareThreads
+  threads in the executor. If not specified, the default of
+  6 milliseconds is used. If an executor is associated
+  with this connector, this attribute
+  is ignored as the connector will execute tasks using the executor rather
+  than an internal thread pool. Note that if an executor is configured any
+  value set for this attribute will be recorded correctly but it will be
+  reported (e.g. via JMX) as -1 to make clear that it is not
+  used.
+
+
 
   If the Connector experiences an Exception during a Lifecycle 
transition
   should the Exception be rethrown or logged? If not specified, the default


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



(tomcat) branch main updated: Update createExecutor with the new attribute

2024-03-12 Thread remm
This is an automated email from the ASF dual-hosted git repository.

remm pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/main by this push:
 new 05543c8ae5 Update createExecutor with the new attribute
05543c8ae5 is described below

commit 05543c8ae5286ba0582c0374c8ebb6ea7f402d9f
Author: remm 
AuthorDate: Tue Mar 12 20:41:06 2024 +0100

Update createExecutor with the new attribute
---
 java/org/apache/tomcat/util/net/AbstractEndpoint.java | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/java/org/apache/tomcat/util/net/AbstractEndpoint.java 
b/java/org/apache/tomcat/util/net/AbstractEndpoint.java
index 006e8925ef..31969af460 100644
--- a/java/org/apache/tomcat/util/net/AbstractEndpoint.java
+++ b/java/org/apache/tomcat/util/net/AbstractEndpoint.java
@@ -1222,8 +1222,9 @@ public abstract class AbstractEndpoint {
 } else {
 TaskQueue taskqueue = new TaskQueue();
 TaskThreadFactory tf = new TaskThreadFactory(getName() + "-exec-", 
daemon, getThreadPriority());
-executor = new ThreadPoolExecutor(getMinSpareThreads(), 
getMaxThreads(), 60, TimeUnit.SECONDS,taskqueue, tf);
-taskqueue.setParent( (ThreadPoolExecutor) executor);
+executor = new ThreadPoolExecutor(getMinSpareThreads(), 
getMaxThreads(), getThreadsMaxIdleTime(),
+TimeUnit.MILLISECONDS, taskqueue, tf);
+taskqueue.setParent((ThreadPoolExecutor) executor);
 }
 }
 


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Buildbot success in on tomcat-11.0.x

2024-03-12 Thread buildbot
Build status: Build succeeded!
Worker used: bb_worker2_ubuntu
URL: https://ci2.apache.org/#builders/112/builds/980
Blamelist: Mark Thomas , remm 
Build Text: build successful
Status Detected: restored build
Build Source Stamp: [branch main] 05543c8ae5286ba0582c0374c8ebb6ea7f402d9f


Steps:

  worker_preparation: 0

  git: 0

  shell: 0

  shell_1: 0

  shell_2: 0

  shell_3: 0

  shell_4: 0

  shell_5: 0

  shell_6: 0

  compile: 1

  shell_7: 0

  shell_8: 0

  shell_9: 0

  shell_10: 0

  Rsync docs to nightlies.apache.org: 0

  shell_11: 0

  Rsync RAT to nightlies.apache.org: 0

  compile_1: 1

  shell_12: 0

  Rsync Logs to nightlies.apache.org: 0


-- ASF Buildbot


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



(tomcat) branch 10.1.x updated: Add thread idle time configuration

2024-03-12 Thread remm
This is an automated email from the ASF dual-hosted git repository.

remm pushed a commit to branch 10.1.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/10.1.x by this push:
 new 7f223b1eb3 Add thread idle time configuration
7f223b1eb3 is described below

commit 7f223b1eb38762fc72a5db35658a00c1aad8186e
Author: remm 
AuthorDate: Tue Mar 12 20:38:11 2024 +0100

Add thread idle time configuration

The default remains 60s.
---
 .../apache/tomcat/util/net/AbstractEndpoint.java   | 29 --
 webapps/docs/changelog.xml |  6 +
 webapps/docs/config/http.xml   | 13 ++
 3 files changed, 46 insertions(+), 2 deletions(-)

diff --git a/java/org/apache/tomcat/util/net/AbstractEndpoint.java 
b/java/org/apache/tomcat/util/net/AbstractEndpoint.java
index bcc2b9ecb9..bfb90b0127 100644
--- a/java/org/apache/tomcat/util/net/AbstractEndpoint.java
+++ b/java/org/apache/tomcat/util/net/AbstractEndpoint.java
@@ -813,6 +813,30 @@ public abstract class AbstractEndpoint {
 }
 
 
+/**
+ * Amount of time in milliseconds before the internal thread pool stops 
any idle threads
+ * if the amount of thread is greater than the minimum amount of spare 
threads.
+ */
+private int threadsMaxIdleTime = 6;
+public void setThreadsMaxIdleTime(int threadsMaxIdleTime) {
+this.threadsMaxIdleTime = threadsMaxIdleTime;
+Executor executor = this.executor;
+if (internalExecutor && executor instanceof ThreadPoolExecutor) {
+// The internal executor should always be an instance of
+// org.apache.tomcat.util.threads.ThreadPoolExecutor but it may be
+// null if the endpoint is not running.
+// This check also avoids various threading issues.
+((ThreadPoolExecutor) 
executor).setKeepAliveTime(threadsMaxIdleTime, TimeUnit.MILLISECONDS);
+}
+}
+public int getThreadsMaxIdleTime() {
+if (internalExecutor) {
+return threadsMaxIdleTime;
+} else {
+return -1;
+}
+}
+
 /**
  * Priority of the worker threads.
  */
@@ -1049,8 +1073,9 @@ public abstract class AbstractEndpoint {
 } else {
 TaskQueue taskqueue = new TaskQueue();
 TaskThreadFactory tf = new TaskThreadFactory(getName() + "-exec-", 
daemon, getThreadPriority());
-executor = new ThreadPoolExecutor(getMinSpareThreads(), 
getMaxThreads(), 60, TimeUnit.SECONDS,taskqueue, tf);
-taskqueue.setParent( (ThreadPoolExecutor) executor);
+executor = new ThreadPoolExecutor(getMinSpareThreads(), 
getMaxThreads(), getThreadsMaxIdleTime(),
+TimeUnit.MILLISECONDS, taskqueue, tf);
+taskqueue.setParent((ThreadPoolExecutor) executor);
 }
 }
 
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 31fae9bdd2..a5290dd74c 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -171,6 +171,12 @@
 added to the backlog immediately rather than waiting until the write
 attempt for the remaining content. (markt)
   
+  
+Add threadsMaxIdleTime attribute to the endpoint,
+to allow configuring the amount of time before an internal executor
+will scale back to the configured minSpareThreads size.
+(remm)
+  
 
   
   
diff --git a/webapps/docs/config/http.xml b/webapps/docs/config/http.xml
index 2ddefad711..010f40372c 100644
--- a/webapps/docs/config/http.xml
+++ b/webapps/docs/config/http.xml
@@ -707,6 +707,19 @@
   -1 to make clear that it is not used.
 
 
+
+  The amount of time in milliseconds that threads will be kept alive by
+  the thread pool, if there are more than minSpareThreads
+  threads in the executor. If not specified, the default of
+  6 milliseconds is used. If an executor is associated
+  with this connector, this attribute
+  is ignored as the connector will execute tasks using the executor rather
+  than an internal thread pool. Note that if an executor is configured any
+  value set for this attribute will be recorded correctly but it will be
+  reported (e.g. via JMX) as -1 to make clear that it is not
+  used.
+
+
 
   If the Connector experiences an Exception during a Lifecycle 
transition
   should the Exception be rethrown or logged? If not specified, the default


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



(tomcat) 01/02: Add thread idle time configuration

2024-03-12 Thread remm
This is an automated email from the ASF dual-hosted git repository.

remm pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git

commit bc5425ef8788cb52fe31ef040c07fb8efff12e7f
Author: remm 
AuthorDate: Tue Mar 12 20:38:11 2024 +0100

Add thread idle time configuration

The default remains 60s.
---
 .../apache/tomcat/util/net/AbstractEndpoint.java   | 24 ++
 webapps/docs/changelog.xml | 10 +
 webapps/docs/config/http.xml   | 13 
 3 files changed, 47 insertions(+)

diff --git a/java/org/apache/tomcat/util/net/AbstractEndpoint.java 
b/java/org/apache/tomcat/util/net/AbstractEndpoint.java
index 05a1ede2ec..7396154b53 100644
--- a/java/org/apache/tomcat/util/net/AbstractEndpoint.java
+++ b/java/org/apache/tomcat/util/net/AbstractEndpoint.java
@@ -875,6 +875,30 @@ public abstract class AbstractEndpoint {
 }
 
 
+/**
+ * Amount of time in milliseconds before the internal thread pool stops 
any idle threads
+ * if the amount of thread is greater than the minimum amount of spare 
threads.
+ */
+private int threadsMaxIdleTime = 6;
+public void setThreadsMaxIdleTime(int threadsMaxIdleTime) {
+this.threadsMaxIdleTime = threadsMaxIdleTime;
+Executor executor = this.executor;
+if (internalExecutor && executor instanceof ThreadPoolExecutor) {
+// The internal executor should always be an instance of
+// org.apache.tomcat.util.threads.ThreadPoolExecutor but it may be
+// null if the endpoint is not running.
+// This check also avoids various threading issues.
+((ThreadPoolExecutor) 
executor).setKeepAliveTime(threadsMaxIdleTime, TimeUnit.MILLISECONDS);
+}
+}
+public int getThreadsMaxIdleTime() {
+if (internalExecutor) {
+return threadsMaxIdleTime;
+} else {
+return -1;
+}
+}
+
 /**
  * Priority of the worker threads.
  */
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 825e6634b9..b49bdc64fe 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -120,6 +120,16 @@
   
 
   
+  
+
+  
+Add threadsMaxIdleTime attribute to the endpoint,
+to allow configuring the amount of time before an internal executor
+will scale back to the configured minSpareThreads size.
+(remm)
+  
+
+  
   
 
   
diff --git a/webapps/docs/config/http.xml b/webapps/docs/config/http.xml
index 415aef54a3..253fed0314 100644
--- a/webapps/docs/config/http.xml
+++ b/webapps/docs/config/http.xml
@@ -726,6 +726,19 @@
   -1 to make clear that it is not used.
 
 
+
+  The amount of time in milliseconds that threads will be kept alive by
+  the thread pool, if there are more than minSpareThreads
+  threads in the executor. If not specified, the default of
+  6 milliseconds is used. If an executor is associated
+  with this connector, this attribute
+  is ignored as the connector will execute tasks using the executor rather
+  than an internal thread pool. Note that if an executor is configured any
+  value set for this attribute will be recorded correctly but it will be
+  reported (e.g. via JMX) as -1 to make clear that it is not
+  used.
+
+
 
   If the Connector experiences an Exception during a Lifecycle 
transition
   should the Exception be rethrown or logged? If not specified, the default


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



(tomcat) 02/02: Update createExecutor with the new attribute

2024-03-12 Thread remm
This is an automated email from the ASF dual-hosted git repository.

remm pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git

commit 087ef472cefa81c53649b423468708e3550c99c2
Author: remm 
AuthorDate: Tue Mar 12 20:41:06 2024 +0100

Update createExecutor with the new attribute
---
 java/org/apache/tomcat/util/net/AbstractEndpoint.java | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/java/org/apache/tomcat/util/net/AbstractEndpoint.java 
b/java/org/apache/tomcat/util/net/AbstractEndpoint.java
index 7396154b53..53a0b807b3 100644
--- a/java/org/apache/tomcat/util/net/AbstractEndpoint.java
+++ b/java/org/apache/tomcat/util/net/AbstractEndpoint.java
@@ -1125,8 +1125,9 @@ public abstract class AbstractEndpoint {
 } else {
 TaskQueue taskqueue = new TaskQueue();
 TaskThreadFactory tf = new TaskThreadFactory(getName() + "-exec-", 
daemon, getThreadPriority());
-executor = new ThreadPoolExecutor(getMinSpareThreads(), 
getMaxThreads(), 60, TimeUnit.SECONDS,taskqueue, tf);
-taskqueue.setParent( (ThreadPoolExecutor) executor);
+executor = new ThreadPoolExecutor(getMinSpareThreads(), 
getMaxThreads(), getThreadsMaxIdleTime(),
+TimeUnit.MILLISECONDS, taskqueue, tf);
+taskqueue.setParent((ThreadPoolExecutor) executor);
 }
 }
 


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



(tomcat) branch 9.0.x updated (6ed7e863f8 -> 087ef472ce)

2024-03-12 Thread remm
This is an automated email from the ASF dual-hosted git repository.

remm pushed a change to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


from 6ed7e863f8 Update to Checkstyle 10.14.1
 new bc5425ef87 Add thread idle time configuration
 new 087ef472ce Update createExecutor with the new attribute

The 2 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails.  The revisions
listed as "add" were already present in the repository and have only
been added to this reference.


Summary of changes:
 .../apache/tomcat/util/net/AbstractEndpoint.java   | 29 --
 webapps/docs/changelog.xml | 10 
 webapps/docs/config/http.xml   | 13 ++
 3 files changed, 50 insertions(+), 2 deletions(-)


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Re: [VOTE] Release Apache Tomcat 11.0.0-M18

2024-03-12 Thread Han Li



> On Mar 10, 2024, at 02:52, Mark Thomas  wrote:
> 
> The proposed Apache Tomcat 11.0.0-M18 release is now available for
> voting.
> 
> Apache Tomcat 11.0.0-M18 is a milestone release of the 11.0.x branch and has 
> been made to provide users with early access to the new features in Apache 
> Tomcat 11.0.x so that they may provide feedback. The notable changes compared 
> to the previous milestone include:
> 
> - Reduce minimum Java version to Java 17
> 
> - When restoring a saved POST request after a successful FORM
>  authentication, ensure that neither the URI, the query string no
>  the protocol are corrupted when restoring the request body.
> 
> - Align error handling for Writer and OutputStream. Ensure use of either
>  once the response has been recycled triggers a NullPointerException
>  provided that discardFacades is configured with the default value of
>  true.
> 
> For full details, see the change log:
> https://nightlies.apache.org/tomcat/tomcat-11.0.x/docs/changelog.html
> 
> Applications that run on Tomcat 9 and earlier will not run on Tomcat 11 
> without changes. Java EE applications designed for Tomcat 9 and earlier may 
> be placed in the $CATALINA_BASE/webapps-javaee directory and Tomcat will 
> automatically convert them to Jakarta EE and copy them to the webapps 
> directory. Applications using deprecated APIs may require further changes.
> 
> It can be obtained from:
> https://dist.apache.org/repos/dist/dev/tomcat/tomcat-11/v11.0.0-M18/
> 
> The Maven staging repo is:
> https://repository.apache.org/content/repositories/orgapachetomcat-1484
> 
> The tag is:
> https://github.com/apache/tomcat/tree/11.0.0-M18
> eee0dbb29048a60ee2c85ebcb9abb1750046c0bf
> 
> The proposed 11.0.0-M18 release is:
> [ ] -1 Broken - do not release
> [X] +1 Alpha  - go ahead and release as 11.0.0-M18

Tests pass.

Han
> 
> -
> To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: dev-h...@tomcat.apache.org
> 


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Re: [VOTE] Release Apache Tomcat 9.0.87

2024-03-12 Thread Han Li



> On Mar 11, 2024, at 19:09, Rémy Maucherat  wrote:
> 
> The proposed Apache Tomcat 9.0.87 release is now available for voting.
> 
> The notable changes compared to 9.0.86 are:
> 
> - When restoring a saved POST request after a successful FORM
>   authentication, ensure that neither the URI, the query string nor
>   the protocol are corrupted when restoring the request body.
> 
> - Align error handling for Writer and OutputStream. Ensure use of either
>   once the response has been recycled triggers a NullPointerException
>   provided that discardFacades is configured with the default value of
>   true.
> 
> - The standard thread pool implementations that are
>   configured using the Executor element now implement
>   ExecutorService for better support of NIO2 or others.
> 
> For full details, see the changelog:
> https://nightlies.apache.org/tomcat/tomcat-9.0.x/docs/changelog.html
> 
> It can be obtained from:
> https://dist.apache.org/repos/dist/dev/tomcat/tomcat-9/v9.0.87/
> The Maven staging repo is:
> https://repository.apache.org/content/repositories/orgapachetomcat-1485
> The tag is:
> https://github.com/apache/tomcat/tree/9.0.87
> 4c4c166c3d7fd2d00801657c7a78fc7d46c8ec32
> 
> The proposed 9.0.87 release is:
> [ ] -1, Broken - do not release
> [X] +1, Stable - go ahead and release as 9.0.87
Tests pass.

Han
> 
> Rémy
> 
> -
> To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: dev-h...@tomcat.apache.org
> 


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org