Re: [PR] Simplify usage of custom ssl configuration [tomcat]

2024-04-11 Thread via GitHub 


rmaucher commented on PR #706:
URL: https://github.com/apache/tomcat/pull/706#issuecomment-2049093782

   Your previous PR, which was integrated, unfortunately caused a very high 
number of regressions that had to be fixed over multiple Tomcat releases. This 
PR similarly seems uninteresting to me, so as a result I will not integrate it.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: [PR] Simplify usage of custom ssl configuration [tomcat]

2024-04-11 Thread via GitHub 


Hakky54 closed pull request #706: Simplify usage of custom ssl configuration
URL: https://github.com/apache/tomcat/pull/706


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: [PR] Simplify usage of custom ssl configuration [tomcat]

2024-04-11 Thread via GitHub 


Hakky54 commented on PR #706:
URL: https://github.com/apache/tomcat/pull/706#issuecomment-2049130432

   Ah so your feeling is that this also might cause some regression while this 
wrapper does not add that much value to the project itself. I can understand 
that. Okay, thank you for your time for reviewing this PR. Let's close it then.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: [PR] Simplify usage of custom ssl configuration [tomcat]

2024-04-11 Thread via GitHub 


rmaucher commented on PR #706:
URL: https://github.com/apache/tomcat/pull/706#issuecomment-2049169784

   I had left the PR open since others could have been willing to go through 
with it (or not, I don't know).


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

(tomcat) branch 10.1.x updated: Fix bnd packaging for the tomcat-coyote jar

2024-04-11 Thread remm 
This is an automated email from the ASF dual-hosted git repository.

remm pushed a commit to branch 10.1.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/10.1.x by this push:
 new cfb055095d Fix bnd packaging for the tomcat-coyote jar
cfb055095d is described below

commit cfb055095dc8b4f7b982253cd6449646f4e829d1
Author: remm 
AuthorDate: Thu Apr 11 11:16:05 2024 +0200

Fix bnd packaging for the tomcat-coyote jar
---
 res/bnd/tomcat-coyote.jar.tmp.bnd |  4 +++-
 webapps/docs/changelog.xml| 13 -
 2 files changed, 15 insertions(+), 2 deletions(-)

diff --git a/res/bnd/tomcat-coyote.jar.tmp.bnd 
b/res/bnd/tomcat-coyote.jar.tmp.bnd
index 0f9314adf3..9900a31ccc 100644
--- a/res/bnd/tomcat-coyote.jar.tmp.bnd
+++ b/res/bnd/tomcat-coyote.jar.tmp.bnd
@@ -37,7 +37,9 @@ Export-Package: \
 org.apache.tomcat.util.net,\
 org.apache.tomcat.util.net.jsse,\
 org.apache.tomcat.util.net.openssl,\
-org.apache.tomcat.util.net.openssl.ciphers
+org.apache.tomcat.util.net.openssl.ciphers,\
+org.apache.tomcat.util.net.openssl.panama,\
+org.apache.tomcat.util.openssl
 
 -includepackage: \
 org.apache.tomcat.util.bcel,\
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 269ca46299..53ead63848 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -104,7 +104,18 @@
   They eventually become mixed with the numbered issues (i.e., numbered
   issues do not "pop up" wrt. others).
 -->
-
+
+  
+
+  
+Fix bnd jar descriptor to include the OpenSSL FFM support. (remm)
+  
+
+  
+
+
+
+
   
 
   


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: [VOTE] Release Apache Tomcat 10.1.22

2024-04-11 Thread Rémy Maucherat 
On Wed, Apr 10, 2024 at 8:52 PM Christopher Schultz
 wrote:
>
> The proposed Apache Tomcat 10.1.22 release is now available for
> voting. Apache Tomcat 10.1.21 was canceled due to a release-build
> mistake. There are no source-level changes between 10.1.21 and 10.1.22.
>
> The notable changes compared to 10.1.20 are:
>
> - Add OpenSSL support when FFM is available
>
> - Improve locking strategies in Catalina core
>
> - Updates to Apache Commons dependencies
>
> For full details, see the change log:
> https://nightlies.apache.org/tomcat/tomcat-10.1.x/docs/changelog.html
>
> Applications that run on Tomcat 9 and earlier will not run on Tomcat 10
> without changes. Java EE applications designed for Tomcat 9 and earlier
> may be placed in the $CATALINA_BASE/webapps-javaee directory and Tomcat
> will automatically convert them to Jakarta EE and copy them to the
> webapps directory.
>
> It can be obtained from:
> https://dist.apache.org/repos/dist/dev/tomcat/tomcat-10/v10.1.22/
>
> The Maven staging repo is:
> https://repository.apache.org/content/repositories/orgapachetomcat-1491
>
> The tag is:
> https://github.com/apache/tomcat/tree/10.1.22
> fd9c0bb1f0a7e586daabfda625ef50827bcfddf3
>
> Please reply with a +1 for release or -0/-1 with an explanation.
>
> The proposed 10.1.22 release is:
> [ ] Broken - do not release
> [X] Stable - go ahead and release as 10.1.22

+1 because it's good, but let's skip advertising FFM support for this
one (due to my mistake, as I had only verified FFM support earlier
using the testsuite).

Rémy

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

(tomcat) branch main updated: Add OpenSSL FFM classes to tomcat-embed-core

2024-04-11 Thread remm 
This is an automated email from the ASF dual-hosted git repository.

remm pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/main by this push:
 new b33f4d4f8f Add OpenSSL FFM classes to tomcat-embed-core
b33f4d4f8f is described below

commit b33f4d4f8f9b4151c8d2fbe416368ba7ec4ee889
Author: remm 
AuthorDate: Thu Apr 11 11:53:49 2024 +0200

Add OpenSSL FFM classes to tomcat-embed-core
---
 res/bnd/tomcat-embed-core.jar.tmp.bnd | 2 ++
 webapps/docs/changelog.xml| 7 +++
 2 files changed, 9 insertions(+)

diff --git a/res/bnd/tomcat-embed-core.jar.tmp.bnd 
b/res/bnd/tomcat-embed-core.jar.tmp.bnd
index e3cce68d88..4dc0cda772 100644
--- a/res/bnd/tomcat-embed-core.jar.tmp.bnd
+++ b/res/bnd/tomcat-embed-core.jar.tmp.bnd
@@ -82,6 +82,8 @@ Export-Package: \
 org.apache.tomcat.util.net,\
 org.apache.tomcat.util.net.openssl,\
 org.apache.tomcat.util.net.openssl.ciphers,\
+org.apache.tomcat.util.net.openssl.panama,\
+org.apache.tomcat.util.openssl,\
 org.apache.tomcat.util.res,\
 org.apache.tomcat.util.scan,\
 org.apache.tomcat.util.security,\
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index b380cb21e5..b28c567093 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -105,6 +105,13 @@
   issues do not "pop up" wrt. others).
 -->
 
+  
+
+  
+Add OpenSSL FFM classes to tomcat-embed-core.jar. (remm)
+  
+
+  
 
 
   


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

(tomcat) branch 10.1.x updated: Add OpenSSL FFM classes to tomcat-embed-core

2024-04-11 Thread remm 
This is an automated email from the ASF dual-hosted git repository.

remm pushed a commit to branch 10.1.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/10.1.x by this push:
 new 844ec7f9f6 Add OpenSSL FFM classes to tomcat-embed-core
844ec7f9f6 is described below

commit 844ec7f9f6fb4d0af8e2df296932c594ae6f784a
Author: remm 
AuthorDate: Thu Apr 11 11:53:49 2024 +0200

Add OpenSSL FFM classes to tomcat-embed-core
---
 res/bnd/tomcat-embed-core.jar.tmp.bnd | 2 ++
 webapps/docs/changelog.xml| 3 +++
 2 files changed, 5 insertions(+)

diff --git a/res/bnd/tomcat-embed-core.jar.tmp.bnd 
b/res/bnd/tomcat-embed-core.jar.tmp.bnd
index bf5f844e2f..067a86fd6f 100644
--- a/res/bnd/tomcat-embed-core.jar.tmp.bnd
+++ b/res/bnd/tomcat-embed-core.jar.tmp.bnd
@@ -82,6 +82,8 @@ Export-Package: \
 org.apache.tomcat.util.net,\
 org.apache.tomcat.util.net.openssl,\
 org.apache.tomcat.util.net.openssl.ciphers,\
+org.apache.tomcat.util.net.openssl.panama,\
+org.apache.tomcat.util.openssl,\
 org.apache.tomcat.util.res,\
 org.apache.tomcat.util.scan,\
 org.apache.tomcat.util.security,\
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 53ead63848..efef5c49bd 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -110,6 +110,9 @@
   
 Fix bnd jar descriptor to include the OpenSSL FFM support. (remm)
   
+  
+Add OpenSSL FFM classes to tomcat-embed-core.jar. (remm)
+  
 
   
 


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: [VOTE] Release Apache Tomcat 10.1.22

2024-04-11 Thread Christopher Schultz 

Rémy,

On 4/11/24 05:18, Rémy Maucherat wrote:

On Wed, Apr 10, 2024 at 8:52 PM Christopher Schultz
 wrote:


The proposed Apache Tomcat 10.1.22 release is now available for
voting. Apache Tomcat 10.1.21 was canceled due to a release-build
mistake. There are no source-level changes between 10.1.21 and 10.1.22.

The notable changes compared to 10.1.20 are:

- Add OpenSSL support when FFM is available

- Improve locking strategies in Catalina core

- Updates to Apache Commons dependencies

For full details, see the change log:
https://nightlies.apache.org/tomcat/tomcat-10.1.x/docs/changelog.html

Applications that run on Tomcat 9 and earlier will not run on Tomcat 10
without changes. Java EE applications designed for Tomcat 9 and earlier
may be placed in the $CATALINA_BASE/webapps-javaee directory and Tomcat
will automatically convert them to Jakarta EE and copy them to the
webapps directory.

It can be obtained from:
https://dist.apache.org/repos/dist/dev/tomcat/tomcat-10/v10.1.22/

The Maven staging repo is:
https://repository.apache.org/content/repositories/orgapachetomcat-1491

The tag is:
https://github.com/apache/tomcat/tree/10.1.22
fd9c0bb1f0a7e586daabfda625ef50827bcfddf3

Please reply with a +1 for release or -0/-1 with an explanation.

The proposed 10.1.22 release is:
[ ] Broken - do not release
[X] Stable - go ahead and release as 10.1.22


+1 because it's good, but let's skip advertising FFM support for this
one (due to my mistake, as I had only verified FFM support earlier
using the testsuite).


Okay, when I announce the release, I'll use some other item in-place of 
the FFM highlight.


-chris

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: [VOTE] Release Apache Tomcat 10.1.22

2024-04-11 Thread Han Li 



> On Apr 11, 2024, at 02:51, Christopher Schultz  
> wrote:
> 
> The proposed Apache Tomcat 10.1.22 release is now available for
> voting. Apache Tomcat 10.1.21 was canceled due to a release-build mistake. 
> There are no source-level changes between 10.1.21 and 10.1.22.
> 
> The notable changes compared to 10.1.20 are:
> 
> - Add OpenSSL support when FFM is available
> 
> - Improve locking strategies in Catalina core
> 
> - Updates to Apache Commons dependencies
> 
> For full details, see the change log:
> https://nightlies.apache.org/tomcat/tomcat-10.1.x/docs/changelog.html
> 
> Applications that run on Tomcat 9 and earlier will not run on Tomcat 10 
> without changes. Java EE applications designed for Tomcat 9 and earlier may 
> be placed in the $CATALINA_BASE/webapps-javaee directory and Tomcat will 
> automatically convert them to Jakarta EE and copy them to the webapps 
> directory.
> 
> It can be obtained from:
> https://dist.apache.org/repos/dist/dev/tomcat/tomcat-10/v10.1.22/
> 
> The Maven staging repo is:
> https://repository.apache.org/content/repositories/orgapachetomcat-1491
> 
> The tag is:
> https://github.com/apache/tomcat/tree/10.1.22
> fd9c0bb1f0a7e586daabfda625ef50827bcfddf3
> 
> Please reply with a +1 for release or -0/-1 with an explanation.
> 
> The proposed 10.1.22 release is:
> [ ] Broken - do not release
> [X] Stable - go ahead and release as 10.1.22

+1

Tests pass on macOS 12.3.1.

Han
> 
> -
> To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: dev-h...@tomcat.apache.org
> 


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

svn commit: r1916917 - /tomcat/site/trunk/tools/update-version.sh

2024-04-11 Thread schultz 
Author: schultz
Date: Thu Apr 11 14:00:23 2024
New Revision: 1916917

URL: http://svn.apache.org/viewvc?rev=1916917&view=rev
Log:
Remove URL-encoding of mailto: subject which apparently isn't necessary.

Modified:
tomcat/site/trunk/tools/update-version.sh

Modified: tomcat/site/trunk/tools/update-version.sh
URL: 
http://svn.apache.org/viewvc/tomcat/site/trunk/tools/update-version.sh?rev=1916917&r1=1916916&r2=1916917&view=diff
==
--- tomcat/site/trunk/tools/update-version.sh (original)
+++ tomcat/site/trunk/tools/update-version.sh Thu Apr 11 14:00:23 2024
@@ -94,9 +94,9 @@ if [ "email" = "$5" ] ; then
 # We are on MacOS and have a bunch of useful utilities available.
 
 if [ "" = "$( command -v envsubst )" ] ; then
-  open "mailto:Tomcat Developers List ,Tomcat Users 
List , annou...@tomcat.apache.org, 
annou...@apache.org?subject=%5BANN%5D%20Apache%20Tomcat%20${NEW_RELEASE}%20Available&body=$(
 cat tools/email-template-${MINOR_RELEASE}.txt | sed -e 
"s/\${NEW_RELEASE}/${NEW_RELEASE}/g" -e "s/\${OLD_RELEASE}/${OLD_RELEASE}/g" -e 
"s/\${RELEASE_MANAGER}/${RELEASE_MANAGER}/g" 
)&from=${RELEASE_MANAGER}@apache.org"
+  open "mailto:Tomcat Developers List ,Tomcat Users 
List , annou...@tomcat.apache.org, 
annou...@apache.org?subject=[ANN] Apache Tomcat ${NEW_RELEASE} 
Available&body=$( cat tools/email-template-${MINOR_RELEASE}.txt | sed -e 
"s/\${NEW_RELEASE}/${NEW_RELEASE}/g" -e "s/\${OLD_RELEASE}/${OLD_RELEASE}/g" -e 
"s/\${RELEASE_MANAGER}/${RELEASE_MANAGER}/g" 
)&from=${RELEASE_MANAGER}@apache.org"
 else
-  open "mailto:Tomcat Developers List ,Tomcat Users 
List , annou...@tomcat.apache.org, 
annou...@apache.org?subject=%5BANN%5D%20Apache%20Tomcat%20${NEW_RELEASE}%20Available&body=$(
 cat tools/email-template-${MINOR_RELEASE}.txt | envsubst 
)&from=${RELEASE_MANAGER}@apache.org"
+  open "mailto:Tomcat Developers List ,Tomcat Users 
List , annou...@tomcat.apache.org, 
annou...@apache.org?subject=[ANN] Apache Tomcat ${NEW_RELEASE} 
Available&body=$( cat tools/email-template-${MINOR_RELEASE}.txt | envsubst 
)&from=${RELEASE_MANAGER}@apache.org"
 fi
   else
 echo Email template:



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

svn commit: r1916918 - in /tomcat/site/trunk: docs/whichversion.html xdocs/whichversion.xml

2024-04-11 Thread schultz 
Author: schultz
Date: Thu Apr 11 14:11:30 2024
New Revision: 1916918

URL: http://svn.apache.org/viewvc?rev=1916918&view=rev
Log:
Indicate that Tomcat 8.5.x has actually reached end-of-life.

Modified:
tomcat/site/trunk/docs/whichversion.html
tomcat/site/trunk/xdocs/whichversion.xml

Modified: tomcat/site/trunk/docs/whichversion.html
URL: 
http://svn.apache.org/viewvc/tomcat/site/trunk/docs/whichversion.html?rev=1916918&r1=1916917&r2=1916918&view=diff
==
--- tomcat/site/trunk/docs/whichversion.html (original)
+++ tomcat/site/trunk/docs/whichversion.html Thu Apr 11 14:11:30 2024
@@ -314,9 +314,9 @@ to the Apache Tomcat 8.5 Changelog for d
 end of life. Users of Tomcat 8.0.x should
 upgrade to Tomcat 8.5.x or later.
 
-Users of Tomcat 8.5 should be aware that
-end of life has been announced for Tomcat 8.5.
-Users of Tomcat 8.5.x should plan to upgrade to Tomcat 9.0.x or later.
+Users of Tomcat 8.5 should be aware that Tomcat 8.5 has now reached
+end of life. Users of Tomcat 8.5.x should
+upgrade to Tomcat 9.0.x or later.
 
 Apache Tomcat 7.x
 

Modified: tomcat/site/trunk/xdocs/whichversion.xml
URL: 
http://svn.apache.org/viewvc/tomcat/site/trunk/xdocs/whichversion.xml?rev=1916918&r1=1916917&r2=1916918&view=diff
==
--- tomcat/site/trunk/xdocs/whichversion.xml (original)
+++ tomcat/site/trunk/xdocs/whichversion.xml Thu Apr 11 14:11:30 2024
@@ -343,9 +343,9 @@ to the Apache Tomcat 8.5 Changelog for d
 end of life. Users of Tomcat 8.0.x should
 upgrade to Tomcat 8.5.x or later.
 
-Users of Tomcat 8.5 should be aware that
-end of life has been announced for Tomcat 8.5.
-Users of Tomcat 8.5.x should plan to upgrade to Tomcat 9.0.x or later.
+Users of Tomcat 8.5 should be aware that Tomcat 8.5 has now reached
+end of life. Users of Tomcat 8.5.x should
+upgrade to Tomcat 9.0.x or later.
 
 
 



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

(tomcat) branch main updated: Deprecate sessionCounter and duplicates statistics

2024-04-11 Thread remm 
This is an automated email from the ASF dual-hosted git repository.

remm pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/main by this push:
 new f8bb3601e6 Deprecate sessionCounter and duplicates statistics
f8bb3601e6 is described below

commit f8bb3601e610d7c0f5d7c108099f8cb9265224f6
Author: remm 
AuthorDate: Thu Apr 11 16:47:23 2024 +0200

Deprecate sessionCounter and duplicates statistics

Will be removed in Tomcat 11.
Replaced with: sessionCounter = activeSessions + expiredSessions.
Related to PR713 since tracking this statistic does not seem that
worthwhile.
Duplicates is removed since it is supposed to track collisions from the
id generator. If feedback is that this is useful, will be replaced by a
scary log instead when a collision occurs.
---
 java/org/apache/catalina/Manager.java  |  6 +++-
 .../apache/catalina/ha/session/DeltaManager.java   |  6 +---
 java/org/apache/catalina/session/ManagerBase.java  | 40 +++---
 .../apache/catalina/session/StandardManager.java   |  1 -
 webapps/docs/changelog.xml | 11 ++
 5 files changed, 37 insertions(+), 27 deletions(-)

diff --git a/java/org/apache/catalina/Manager.java 
b/java/org/apache/catalina/Manager.java
index 41e3211945..b8438b1150 100644
--- a/java/org/apache/catalina/Manager.java
+++ b/java/org/apache/catalina/Manager.java
@@ -76,7 +76,9 @@ public interface Manager {
 
 
 /**
- * Returns the total number of sessions created by this manager.
+ * Returns the total number of sessions created by this manager, which is
+ * approximated as the number of active sessions plus the number of
+ * expired sessions.
  *
  * @return Total number of sessions created by this manager.
  */
@@ -87,7 +89,9 @@ public interface Manager {
  * Sets the total number of sessions created by this manager.
  *
  * @param sessionCounter Total number of sessions created by this manager.
+ * @deprecated This will be removed in Tomcat 11
  */
+@Deprecated
 void setSessionCounter(long sessionCounter);
 
 
diff --git a/java/org/apache/catalina/ha/session/DeltaManager.java 
b/java/org/apache/catalina/ha/session/DeltaManager.java
index 2bb7439986..3fd0b961e0 100644
--- a/java/org/apache/catalina/ha/session/DeltaManager.java
+++ b/java/org/apache/catalina/ha/session/DeltaManager.java
@@ -572,10 +572,7 @@ public class DeltaManager extends ClusterManagerBase {
 session.setAccessCount(0);
 session.resetDeltaRequest();
 // FIXME How inform other session id cache like SingleSignOn
-// increment sessionCounter to correct stats report
-if (findSession(session.getIdInternal()) == null) {
-sessionCounter++;
-} else {
+if (findSession(session.getIdInternal()) != null) {
 sessionReplaceCounter++;
 // FIXME better is to grap this sessions again !
 if (log.isWarnEnabled()) {
@@ -979,7 +976,6 @@ public class DeltaManager extends ClusterManagerBase {
 sessionReplaceCounter = 0;
 counterNoStateTransferred = 0;
 setMaxActive(getActiveSessions());
-sessionCounter = getActiveSessions();
 counterReceive_EVT_ALL_SESSION_DATA = 0;
 counterReceive_EVT_GET_ALL_SESSIONS = 0;
 counterReceive_EVT_SESSION_ACCESSED = 0;
diff --git a/java/org/apache/catalina/session/ManagerBase.java 
b/java/org/apache/catalina/session/ManagerBase.java
index a0e0d716a4..68bb0195d7 100644
--- a/java/org/apache/catalina/session/ManagerBase.java
+++ b/java/org/apache/catalina/session/ManagerBase.java
@@ -127,7 +127,11 @@ public abstract class ManagerBase extends 
LifecycleMBeanBase implements Manager
  */
 protected Map sessions = new ConcurrentHashMap<>();
 
-// Number of sessions created by this manager
+/**
+ * Number of sessions created by this manager.
+ * @deprecated This will be removed in Tomcat 11
+ */
+@Deprecated
 protected long sessionCounter = 0;
 
 protected volatile int maxActive = 0;
@@ -144,7 +148,11 @@ public abstract class ManagerBase extends 
LifecycleMBeanBase implements Manager
  */
 protected int rejectedSessions = 0;
 
-// number of duplicated session ids - anything >0 means we have problems
+/**
+ * Number of duplicated session ids, anything > 0 means we have problems.
+ * @deprecated This will be removed in Tomcat 11
+ */
+@Deprecated
 protected volatile int duplicates = 0;
 
 /**
@@ -695,7 +703,6 @@ public abstract class ManagerBase extends 
LifecycleMBeanBase implements Manager
 id = generateSessionId();
 }
 session.setId(id);
-sessionCounter++;
 
 SessionTiming timing = new SessionTiming(session

(tomcat) branch 10.1.x updated: Deprecate sessionCounter and duplicates statistics

2024-04-11 Thread remm 
This is an automated email from the ASF dual-hosted git repository.

remm pushed a commit to branch 10.1.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/10.1.x by this push:
 new 0eafa69cb7 Deprecate sessionCounter and duplicates statistics
0eafa69cb7 is described below

commit 0eafa69cb752ccbafb421f1e6e3f23f8b87a1d57
Author: remm 
AuthorDate: Thu Apr 11 16:47:23 2024 +0200

Deprecate sessionCounter and duplicates statistics

Will be removed in Tomcat 11.
Replaced with: sessionCounter = activeSessions + expiredSessions.
Related to PR713 since tracking this statistic does not seem that
worthwhile.
Duplicates is removed since it is supposed to track collisions from the
id generator. If feedback is that this is useful, will be replaced by a
scary log instead when a collision occurs.
---
 java/org/apache/catalina/Manager.java  |  6 +++-
 .../apache/catalina/ha/session/DeltaManager.java   |  6 +---
 java/org/apache/catalina/session/ManagerBase.java  | 40 +++---
 .../apache/catalina/session/StandardManager.java   |  1 -
 webapps/docs/changelog.xml | 11 ++
 5 files changed, 37 insertions(+), 27 deletions(-)

diff --git a/java/org/apache/catalina/Manager.java 
b/java/org/apache/catalina/Manager.java
index 41e3211945..b8438b1150 100644
--- a/java/org/apache/catalina/Manager.java
+++ b/java/org/apache/catalina/Manager.java
@@ -76,7 +76,9 @@ public interface Manager {
 
 
 /**
- * Returns the total number of sessions created by this manager.
+ * Returns the total number of sessions created by this manager, which is
+ * approximated as the number of active sessions plus the number of
+ * expired sessions.
  *
  * @return Total number of sessions created by this manager.
  */
@@ -87,7 +89,9 @@ public interface Manager {
  * Sets the total number of sessions created by this manager.
  *
  * @param sessionCounter Total number of sessions created by this manager.
+ * @deprecated This will be removed in Tomcat 11
  */
+@Deprecated
 void setSessionCounter(long sessionCounter);
 
 
diff --git a/java/org/apache/catalina/ha/session/DeltaManager.java 
b/java/org/apache/catalina/ha/session/DeltaManager.java
index 2bb7439986..3fd0b961e0 100644
--- a/java/org/apache/catalina/ha/session/DeltaManager.java
+++ b/java/org/apache/catalina/ha/session/DeltaManager.java
@@ -572,10 +572,7 @@ public class DeltaManager extends ClusterManagerBase {
 session.setAccessCount(0);
 session.resetDeltaRequest();
 // FIXME How inform other session id cache like SingleSignOn
-// increment sessionCounter to correct stats report
-if (findSession(session.getIdInternal()) == null) {
-sessionCounter++;
-} else {
+if (findSession(session.getIdInternal()) != null) {
 sessionReplaceCounter++;
 // FIXME better is to grap this sessions again !
 if (log.isWarnEnabled()) {
@@ -979,7 +976,6 @@ public class DeltaManager extends ClusterManagerBase {
 sessionReplaceCounter = 0;
 counterNoStateTransferred = 0;
 setMaxActive(getActiveSessions());
-sessionCounter = getActiveSessions();
 counterReceive_EVT_ALL_SESSION_DATA = 0;
 counterReceive_EVT_GET_ALL_SESSIONS = 0;
 counterReceive_EVT_SESSION_ACCESSED = 0;
diff --git a/java/org/apache/catalina/session/ManagerBase.java 
b/java/org/apache/catalina/session/ManagerBase.java
index 405f6762cd..794972045b 100644
--- a/java/org/apache/catalina/session/ManagerBase.java
+++ b/java/org/apache/catalina/session/ManagerBase.java
@@ -127,7 +127,11 @@ public abstract class ManagerBase extends 
LifecycleMBeanBase implements Manager
  */
 protected Map sessions = new ConcurrentHashMap<>();
 
-// Number of sessions created by this manager
+/**
+ * Number of sessions created by this manager.
+ * @deprecated This will be removed in Tomcat 11
+ */
+@Deprecated
 protected long sessionCounter = 0;
 
 protected volatile int maxActive = 0;
@@ -144,7 +148,11 @@ public abstract class ManagerBase extends 
LifecycleMBeanBase implements Manager
  */
 protected int rejectedSessions = 0;
 
-// number of duplicated session ids - anything >0 means we have problems
+/**
+ * Number of duplicated session ids, anything > 0 means we have problems.
+ * @deprecated This will be removed in Tomcat 11
+ */
+@Deprecated
 protected volatile int duplicates = 0;
 
 /**
@@ -710,7 +718,6 @@ public abstract class ManagerBase extends 
LifecycleMBeanBase implements Manager
 id = generateSessionId();
 }
 session.setId(id);
-sessionCounter++;
 
 SessionTiming timing = new SessionTiming(ses

(tomcat) branch 9.0.x updated: Deprecate sessionCounter and duplicates statistics

2024-04-11 Thread remm 
This is an automated email from the ASF dual-hosted git repository.

remm pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/9.0.x by this push:
 new a41afc8e80 Deprecate sessionCounter and duplicates statistics
a41afc8e80 is described below

commit a41afc8e804835e5c20b37d48e4a339e398fdc1c
Author: remm 
AuthorDate: Thu Apr 11 16:47:23 2024 +0200

Deprecate sessionCounter and duplicates statistics

Will be removed in Tomcat 11.
Replaced with: sessionCounter = activeSessions + expiredSessions.
Related to PR713 since tracking this statistic does not seem that
worthwhile.
Duplicates is removed since it is supposed to track collisions from the
id generator. If feedback is that this is useful, will be replaced by a
scary log instead when a collision occurs.
---
 java/org/apache/catalina/Manager.java  |  6 +++-
 .../apache/catalina/ha/session/DeltaManager.java   |  6 +---
 java/org/apache/catalina/session/ManagerBase.java  | 40 +++---
 .../apache/catalina/session/StandardManager.java   |  1 -
 webapps/docs/changelog.xml | 11 ++
 5 files changed, 37 insertions(+), 27 deletions(-)

diff --git a/java/org/apache/catalina/Manager.java 
b/java/org/apache/catalina/Manager.java
index 6ade69155d..ad59ac6a9f 100644
--- a/java/org/apache/catalina/Manager.java
+++ b/java/org/apache/catalina/Manager.java
@@ -76,7 +76,9 @@ public interface Manager {
 
 
 /**
- * Returns the total number of sessions created by this manager.
+ * Returns the total number of sessions created by this manager, which is
+ * approximated as the number of active sessions plus the number of
+ * expired sessions.
  *
  * @return Total number of sessions created by this manager.
  */
@@ -87,7 +89,9 @@ public interface Manager {
  * Sets the total number of sessions created by this manager.
  *
  * @param sessionCounter Total number of sessions created by this manager.
+ * @deprecated This will be removed in Tomcat 11
  */
+@Deprecated
 void setSessionCounter(long sessionCounter);
 
 
diff --git a/java/org/apache/catalina/ha/session/DeltaManager.java 
b/java/org/apache/catalina/ha/session/DeltaManager.java
index 5183025868..a3653c74c9 100644
--- a/java/org/apache/catalina/ha/session/DeltaManager.java
+++ b/java/org/apache/catalina/ha/session/DeltaManager.java
@@ -691,10 +691,7 @@ public class DeltaManager extends ClusterManagerBase {
 session.setAccessCount(0);
 session.resetDeltaRequest();
 // FIXME How inform other session id cache like SingleSignOn
-// increment sessionCounter to correct stats report
-if (findSession(session.getIdInternal()) == null) {
-sessionCounter++;
-} else {
+if (findSession(session.getIdInternal()) != null) {
 sessionReplaceCounter++;
 // FIXME better is to grap this sessions again !
 if (log.isWarnEnabled()) {
@@ -1098,7 +1095,6 @@ public class DeltaManager extends ClusterManagerBase {
 sessionReplaceCounter = 0;
 counterNoStateTransferred = 0;
 setMaxActive(getActiveSessions());
-sessionCounter = getActiveSessions();
 counterReceive_EVT_ALL_SESSION_DATA = 0;
 counterReceive_EVT_GET_ALL_SESSIONS = 0;
 counterReceive_EVT_SESSION_ACCESSED = 0;
diff --git a/java/org/apache/catalina/session/ManagerBase.java 
b/java/org/apache/catalina/session/ManagerBase.java
index cd144bb524..bd31322f79 100644
--- a/java/org/apache/catalina/session/ManagerBase.java
+++ b/java/org/apache/catalina/session/ManagerBase.java
@@ -127,7 +127,11 @@ public abstract class ManagerBase extends 
LifecycleMBeanBase implements Manager
  */
 protected Map sessions = new ConcurrentHashMap<>();
 
-// Number of sessions created by this manager
+/**
+ * Number of sessions created by this manager.
+ * @deprecated This will be removed in Tomcat 11
+ */
+@Deprecated
 protected long sessionCounter = 0;
 
 protected volatile int maxActive = 0;
@@ -144,7 +148,11 @@ public abstract class ManagerBase extends 
LifecycleMBeanBase implements Manager
  */
 protected int rejectedSessions = 0;
 
-// number of duplicated session ids - anything >0 means we have problems
+/**
+ * Number of duplicated session ids, anything > 0 means we have problems.
+ * @deprecated This will be removed in Tomcat 11
+ */
+@Deprecated
 protected volatile int duplicates = 0;
 
 /**
@@ -718,7 +726,6 @@ public abstract class ManagerBase extends 
LifecycleMBeanBase implements Manager
 id = generateSessionId();
 }
 session.setId(id);
-sessionCounter++;
 
 SessionTiming timing = new SessionTiming(ses

(tomcat) branch dependabot/maven/modules/stuffed/org.apache.tomcat-tomcat-websocket-11.0.0-M17 created (now 24b73e3ed1)

2024-04-11 Thread github-bot 
This is an automated email from the ASF dual-hosted git repository.

github-bot pushed a change to branch 
dependabot/maven/modules/stuffed/org.apache.tomcat-tomcat-websocket-11.0.0-M17
in repository https://gitbox.apache.org/repos/asf/tomcat.git


  at 24b73e3ed1 Bump org.apache.tomcat:tomcat-websocket in /modules/stuffed

No new revisions were added by this update.


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[PR] Bump org.apache.tomcat:tomcat-websocket from 11.0.0-M16 to 11.0.0-M17 in /modules/stuffed [tomcat]

2024-04-11 Thread via GitHub 


dependabot[bot] opened a new pull request, #714:
URL: https://github.com/apache/tomcat/pull/714

   Bumps org.apache.tomcat:tomcat-websocket from 11.0.0-M16 to 11.0.0-M17.
   
   
   [![Dependabot compatibility 
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.apache.tomcat:tomcat-websocket&package-manager=maven&previous-version=11.0.0-M16&new-version=11.0.0-M17)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
   
   Dependabot will resolve any conflicts with this PR as long as you don't 
alter it yourself. You can also trigger a rebase manually by commenting 
`@dependabot rebase`.
   
   [//]: # (dependabot-automerge-start)
   [//]: # (dependabot-automerge-end)
   
   ---
   
   
   Dependabot commands and options
   
   
   You can trigger Dependabot actions by commenting on this PR:
   - `@dependabot rebase` will rebase this PR
   - `@dependabot recreate` will recreate this PR, overwriting any edits that 
have been made to it
   - `@dependabot merge` will merge this PR after your CI passes on it
   - `@dependabot squash and merge` will squash and merge this PR after your CI 
passes on it
   - `@dependabot cancel merge` will cancel a previously requested merge and 
block automerging
   - `@dependabot reopen` will reopen this PR if it is closed
   - `@dependabot close` will close this PR and stop Dependabot recreating it. 
You can achieve the same result by closing it manually
   - `@dependabot show  ignore conditions` will show all of 
the ignore conditions of the specified dependency
   - `@dependabot ignore this major version` will close this PR and stop 
Dependabot creating any more for this major version (unless you reopen the PR 
or upgrade to it yourself)
   - `@dependabot ignore this minor version` will close this PR and stop 
Dependabot creating any more for this minor version (unless you reopen the PR 
or upgrade to it yourself)
   - `@dependabot ignore this dependency` will close this PR and stop 
Dependabot creating any more for this dependency (unless you reopen the PR or 
upgrade to it yourself)
   You can disable automated security fix PRs for this repo from the [Security 
Alerts page](https://github.com/apache/tomcat/network/alerts).
   
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

(tomcat) branch dependabot/maven/modules/openssl-java21/org.apache.tomcat-tomcat-coyote-9.0.86 created (now 1879f32982)

2024-04-11 Thread github-bot 
This is an automated email from the ASF dual-hosted git repository.

github-bot pushed a change to branch 
dependabot/maven/modules/openssl-java21/org.apache.tomcat-tomcat-coyote-9.0.86
in repository https://gitbox.apache.org/repos/asf/tomcat.git


  at 1879f32982 Bump org.apache.tomcat:tomcat-coyote in 
/modules/openssl-java21

No new revisions were added by this update.


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

(tomcat) branch dependabot/maven/modules/openssl-java17/org.apache.tomcat-tomcat-coyote-9.0.86 created (now 20771292ee)

2024-04-11 Thread github-bot 
This is an automated email from the ASF dual-hosted git repository.

github-bot pushed a change to branch 
dependabot/maven/modules/openssl-java17/org.apache.tomcat-tomcat-coyote-9.0.86
in repository https://gitbox.apache.org/repos/asf/tomcat.git


  at 20771292ee Bump org.apache.tomcat:tomcat-coyote in 
/modules/openssl-java17

No new revisions were added by this update.


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[PR] Bump org.apache.tomcat:tomcat-coyote from 11.0.0-M14 to 11.0.0-M17 in /modules/openssl-foreign [tomcat]

2024-04-11 Thread via GitHub 


dependabot[bot] opened a new pull request, #715:
URL: https://github.com/apache/tomcat/pull/715

   Bumps org.apache.tomcat:tomcat-coyote from 11.0.0-M14 to 11.0.0-M17.
   
   
   [![Dependabot compatibility 
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.apache.tomcat:tomcat-coyote&package-manager=maven&previous-version=11.0.0-M14&new-version=11.0.0-M17)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
   
   Dependabot will resolve any conflicts with this PR as long as you don't 
alter it yourself. You can also trigger a rebase manually by commenting 
`@dependabot rebase`.
   
   [//]: # (dependabot-automerge-start)
   [//]: # (dependabot-automerge-end)
   
   ---
   
   
   Dependabot commands and options
   
   
   You can trigger Dependabot actions by commenting on this PR:
   - `@dependabot rebase` will rebase this PR
   - `@dependabot recreate` will recreate this PR, overwriting any edits that 
have been made to it
   - `@dependabot merge` will merge this PR after your CI passes on it
   - `@dependabot squash and merge` will squash and merge this PR after your CI 
passes on it
   - `@dependabot cancel merge` will cancel a previously requested merge and 
block automerging
   - `@dependabot reopen` will reopen this PR if it is closed
   - `@dependabot close` will close this PR and stop Dependabot recreating it. 
You can achieve the same result by closing it manually
   - `@dependabot show  ignore conditions` will show all of 
the ignore conditions of the specified dependency
   - `@dependabot ignore this major version` will close this PR and stop 
Dependabot creating any more for this major version (unless you reopen the PR 
or upgrade to it yourself)
   - `@dependabot ignore this minor version` will close this PR and stop 
Dependabot creating any more for this minor version (unless you reopen the PR 
or upgrade to it yourself)
   - `@dependabot ignore this dependency` will close this PR and stop 
Dependabot creating any more for this dependency (unless you reopen the PR or 
upgrade to it yourself)
   You can disable automated security fix PRs for this repo from the [Security 
Alerts page](https://github.com/apache/tomcat/network/alerts).
   
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

(tomcat) branch dependabot/maven/modules/openssl-foreign/org.apache.tomcat-tomcat-coyote-11.0.0-M17 created (now 4dcea8621f)

2024-04-11 Thread github-bot 
This is an automated email from the ASF dual-hosted git repository.

github-bot pushed a change to branch 
dependabot/maven/modules/openssl-foreign/org.apache.tomcat-tomcat-coyote-11.0.0-M17
in repository https://gitbox.apache.org/repos/asf/tomcat.git


  at 4dcea8621f Bump org.apache.tomcat:tomcat-coyote in 
/modules/openssl-foreign

No new revisions were added by this update.


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[PR] Bump org.apache.tomcat:tomcat-coyote from 9.0.83 to 9.0.86 in /modules/openssl-java21 [tomcat]

2024-04-11 Thread via GitHub 


dependabot[bot] opened a new pull request, #716:
URL: https://github.com/apache/tomcat/pull/716

   Bumps org.apache.tomcat:tomcat-coyote from 9.0.83 to 9.0.86.
   
   
   [![Dependabot compatibility 
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.apache.tomcat:tomcat-coyote&package-manager=maven&previous-version=9.0.83&new-version=9.0.86)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
   
   Dependabot will resolve any conflicts with this PR as long as you don't 
alter it yourself. You can also trigger a rebase manually by commenting 
`@dependabot rebase`.
   
   [//]: # (dependabot-automerge-start)
   [//]: # (dependabot-automerge-end)
   
   ---
   
   
   Dependabot commands and options
   
   
   You can trigger Dependabot actions by commenting on this PR:
   - `@dependabot rebase` will rebase this PR
   - `@dependabot recreate` will recreate this PR, overwriting any edits that 
have been made to it
   - `@dependabot merge` will merge this PR after your CI passes on it
   - `@dependabot squash and merge` will squash and merge this PR after your CI 
passes on it
   - `@dependabot cancel merge` will cancel a previously requested merge and 
block automerging
   - `@dependabot reopen` will reopen this PR if it is closed
   - `@dependabot close` will close this PR and stop Dependabot recreating it. 
You can achieve the same result by closing it manually
   - `@dependabot show  ignore conditions` will show all of 
the ignore conditions of the specified dependency
   - `@dependabot ignore this major version` will close this PR and stop 
Dependabot creating any more for this major version (unless you reopen the PR 
or upgrade to it yourself)
   - `@dependabot ignore this minor version` will close this PR and stop 
Dependabot creating any more for this minor version (unless you reopen the PR 
or upgrade to it yourself)
   - `@dependabot ignore this dependency` will close this PR and stop 
Dependabot creating any more for this dependency (unless you reopen the PR or 
upgrade to it yourself)
   You can disable automated security fix PRs for this repo from the [Security 
Alerts page](https://github.com/apache/tomcat/network/alerts).
   
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[PR] Bump org.apache.tomcat:tomcat-coyote from 9.0.83 to 9.0.86 in /modules/openssl-java17 [tomcat]

2024-04-11 Thread via GitHub 


dependabot[bot] opened a new pull request, #717:
URL: https://github.com/apache/tomcat/pull/717

   Bumps org.apache.tomcat:tomcat-coyote from 9.0.83 to 9.0.86.
   
   
   [![Dependabot compatibility 
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.apache.tomcat:tomcat-coyote&package-manager=maven&previous-version=9.0.83&new-version=9.0.86)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
   
   Dependabot will resolve any conflicts with this PR as long as you don't 
alter it yourself. You can also trigger a rebase manually by commenting 
`@dependabot rebase`.
   
   [//]: # (dependabot-automerge-start)
   [//]: # (dependabot-automerge-end)
   
   ---
   
   
   Dependabot commands and options
   
   
   You can trigger Dependabot actions by commenting on this PR:
   - `@dependabot rebase` will rebase this PR
   - `@dependabot recreate` will recreate this PR, overwriting any edits that 
have been made to it
   - `@dependabot merge` will merge this PR after your CI passes on it
   - `@dependabot squash and merge` will squash and merge this PR after your CI 
passes on it
   - `@dependabot cancel merge` will cancel a previously requested merge and 
block automerging
   - `@dependabot reopen` will reopen this PR if it is closed
   - `@dependabot close` will close this PR and stop Dependabot recreating it. 
You can achieve the same result by closing it manually
   - `@dependabot show  ignore conditions` will show all of 
the ignore conditions of the specified dependency
   - `@dependabot ignore this major version` will close this PR and stop 
Dependabot creating any more for this major version (unless you reopen the PR 
or upgrade to it yourself)
   - `@dependabot ignore this minor version` will close this PR and stop 
Dependabot creating any more for this minor version (unless you reopen the PR 
or upgrade to it yourself)
   - `@dependabot ignore this dependency` will close this PR and stop 
Dependabot creating any more for this dependency (unless you reopen the PR or 
upgrade to it yourself)
   You can disable automated security fix PRs for this repo from the [Security 
Alerts page](https://github.com/apache/tomcat/network/alerts).
   
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: (tomcat) branch 10.1.x updated: Add native access to the scripts

2024-04-11 Thread Rainer Jung 

Hi Rémy,

I think this breaks 10.1 on Java 11, since --enable-native-access was 
introduced later.


Best regards,

Rainer

Am 22.03.24 um 14:13 schrieb r...@apache.org:

This is an automated email from the ASF dual-hosted git repository.

remm pushed a commit to branch 10.1.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/10.1.x by this push:
  new 6550e203a8 Add native access to the scripts
6550e203a8 is described below

commit 6550e203a8119683f38c182cbfbb9b56587c54a0
Author: remm 
AuthorDate: Fri Mar 22 13:33:27 2024 +0100

 Add native access to the scripts
---
  bin/catalina.bat | 1 +
  bin/catalina.sh  | 1 +
  2 files changed, 2 insertions(+)

diff --git a/bin/catalina.bat b/bin/catalina.bat
index 9c55ae940e..9a30371013 100755
--- a/bin/catalina.bat
+++ b/bin/catalina.bat
@@ -223,6 +223,7 @@ set "JAVA_OPTS=%JAVA_OPTS% 
--add-opens=java.base/java.io=ALL-UNNAMED"
  set "JAVA_OPTS=%JAVA_OPTS% --add-opens=java.base/java.util=ALL-UNNAMED"
  set "JAVA_OPTS=%JAVA_OPTS% 
--add-opens=java.base/java.util.concurrent=ALL-UNNAMED"
  set "JAVA_OPTS=%JAVA_OPTS% --add-opens=java.rmi/sun.rmi.transport=ALL-UNNAMED"
+set "JAVA_OPTS=%JAVA_OPTS% --enable-native-access=ALL-UNNAMED"
  
  rem - Execute The Requested Command ---
  
diff --git a/bin/catalina.sh b/bin/catalina.sh

index 32f87ffb6f..ed647a2dea 100755
--- a/bin/catalina.sh
+++ b/bin/catalina.sh
@@ -296,6 +296,7 @@ JAVA_OPTS="$JAVA_OPTS 
--add-opens=java.base/java.io=ALL-UNNAMED"
  JAVA_OPTS="$JAVA_OPTS --add-opens=java.base/java.util=ALL-UNNAMED"
  JAVA_OPTS="$JAVA_OPTS --add-opens=java.base/java.util.concurrent=ALL-UNNAMED"
  JAVA_OPTS="$JAVA_OPTS --add-opens=java.rmi/sun.rmi.transport=ALL-UNNAMED"
+JAVA_OPTS="$JAVA_OPTS --enable-native-access=ALL-UNNAMED"
  
  # - Execute The Requested Command -


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: [VOTE] Release Apache Tomcat 10.1.22

2024-04-11 Thread Rainer Jung 

Am 10.04.24 um 20:51 schrieb Christopher Schultz:

The proposed Apache Tomcat 10.1.22 release is now available for
voting. Apache Tomcat 10.1.21 was canceled due to a release-build 
mistake. There are no source-level changes between 10.1.21 and 10.1.22.


The notable changes compared to 10.1.20 are:

- Add OpenSSL support when FFM is available

- Improve locking strategies in Catalina core

- Updates to Apache Commons dependencies

For full details, see the change log:
https://nightlies.apache.org/tomcat/tomcat-10.1.x/docs/changelog.html

Applications that run on Tomcat 9 and earlier will not run on Tomcat 10 
without changes. Java EE applications designed for Tomcat 9 and earlier 
may be placed in the $CATALINA_BASE/webapps-javaee directory and Tomcat 
will automatically convert them to Jakarta EE and copy them to the 
webapps directory.


It can be obtained from:
https://dist.apache.org/repos/dist/dev/tomcat/tomcat-10/v10.1.22/

The Maven staging repo is:
https://repository.apache.org/content/repositories/orgapachetomcat-1491

The tag is:
https://github.com/apache/tomcat/tree/10.1.22
fd9c0bb1f0a7e586daabfda625ef50827bcfddf3

Please reply with a +1 for release or -0/-1 with an explanation.

The proposed 10.1.22 release is:
[X] Broken - do not release
[ ] Stable - go ahead and release as 10.1.22


Unfortunately it seems broken.

Commit 6550e203a8119683f38c182cbfbb9b56587c54a0 introduced the use of 
--enable-native-access to the catalina script, which I think breaks 10.1 
on Java 11, since the flag was introduced later.


Best regards,

Rainer

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: [VOTE] Release Apache Tomcat 10.1.22

2024-04-11 Thread Romain Manni-Bucau 
+1 (non binding), mainly tested downstream tomcat embedded cases (but using
plain artifacts not embed ones).

Romain Manni-Bucau
@rmannibucau  |  Blog
 | Old Blog
 | Github  |
LinkedIn  | Book



Le jeu. 11 avr. 2024 à 19:21, Rainer Jung  a
écrit :

> Am 10.04.24 um 20:51 schrieb Christopher Schultz:
> > The proposed Apache Tomcat 10.1.22 release is now available for
> > voting. Apache Tomcat 10.1.21 was canceled due to a release-build
> > mistake. There are no source-level changes between 10.1.21 and 10.1.22.
> >
> > The notable changes compared to 10.1.20 are:
> >
> > - Add OpenSSL support when FFM is available
> >
> > - Improve locking strategies in Catalina core
> >
> > - Updates to Apache Commons dependencies
> >
> > For full details, see the change log:
> > https://nightlies.apache.org/tomcat/tomcat-10.1.x/docs/changelog.html
> >
> > Applications that run on Tomcat 9 and earlier will not run on Tomcat 10
> > without changes. Java EE applications designed for Tomcat 9 and earlier
> > may be placed in the $CATALINA_BASE/webapps-javaee directory and Tomcat
> > will automatically convert them to Jakarta EE and copy them to the
> > webapps directory.
> >
> > It can be obtained from:
> > https://dist.apache.org/repos/dist/dev/tomcat/tomcat-10/v10.1.22/
> >
> > The Maven staging repo is:
> > https://repository.apache.org/content/repositories/orgapachetomcat-1491
> >
> > The tag is:
> > https://github.com/apache/tomcat/tree/10.1.22
> > fd9c0bb1f0a7e586daabfda625ef50827bcfddf3
> >
> > Please reply with a +1 for release or -0/-1 with an explanation.
> >
> > The proposed 10.1.22 release is:
> > [X] Broken - do not release
> > [ ] Stable - go ahead and release as 10.1.22
>
> Unfortunately it seems broken.
>
> Commit 6550e203a8119683f38c182cbfbb9b56587c54a0 introduced the use of
> --enable-native-access to the catalina script, which I think breaks 10.1
> on Java 11, since the flag was introduced later.
>
> Best regards,
>
> Rainer
>
> -
> To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: dev-h...@tomcat.apache.org
>
>

Re: (tomcat) branch 10.1.x updated: Add native access to the scripts

2024-04-11 Thread Rémy Maucherat 
On Thu, Apr 11, 2024 at 7:21 PM Rainer Jung  wrote:
>
> Hi Rémy,
>
> I think this breaks 10.1 on Java 11, since --enable-native-access was
> introduced later.

I was certain I tested it properly with 11, it worked and I thought it
was added as a noop to a later build. Actually, it seems I made a dumb
mistake somewhere while testing, so I will simply remove the patch.

Rémy

> Best regards,
>
> Rainer
>
> Am 22.03.24 um 14:13 schrieb r...@apache.org:
> > This is an automated email from the ASF dual-hosted git repository.
> >
> > remm pushed a commit to branch 10.1.x
> > in repository https://gitbox.apache.org/repos/asf/tomcat.git
> >
> >
> > The following commit(s) were added to refs/heads/10.1.x by this push:
> >   new 6550e203a8 Add native access to the scripts
> > 6550e203a8 is described below
> >
> > commit 6550e203a8119683f38c182cbfbb9b56587c54a0
> > Author: remm 
> > AuthorDate: Fri Mar 22 13:33:27 2024 +0100
> >
> >  Add native access to the scripts
> > ---
> >   bin/catalina.bat | 1 +
> >   bin/catalina.sh  | 1 +
> >   2 files changed, 2 insertions(+)
> >
> > diff --git a/bin/catalina.bat b/bin/catalina.bat
> > index 9c55ae940e..9a30371013 100755
> > --- a/bin/catalina.bat
> > +++ b/bin/catalina.bat
> > @@ -223,6 +223,7 @@ set "JAVA_OPTS=%JAVA_OPTS% 
> > --add-opens=java.base/java.io=ALL-UNNAMED"
> >   set "JAVA_OPTS=%JAVA_OPTS% --add-opens=java.base/java.util=ALL-UNNAMED"
> >   set "JAVA_OPTS=%JAVA_OPTS% 
> > --add-opens=java.base/java.util.concurrent=ALL-UNNAMED"
> >   set "JAVA_OPTS=%JAVA_OPTS% 
> > --add-opens=java.rmi/sun.rmi.transport=ALL-UNNAMED"
> > +set "JAVA_OPTS=%JAVA_OPTS% --enable-native-access=ALL-UNNAMED"
> >
> >   rem - Execute The Requested Command 
> > ---
> >
> > diff --git a/bin/catalina.sh b/bin/catalina.sh
> > index 32f87ffb6f..ed647a2dea 100755
> > --- a/bin/catalina.sh
> > +++ b/bin/catalina.sh
> > @@ -296,6 +296,7 @@ JAVA_OPTS="$JAVA_OPTS 
> > --add-opens=java.base/java.io=ALL-UNNAMED"
> >   JAVA_OPTS="$JAVA_OPTS --add-opens=java.base/java.util=ALL-UNNAMED"
> >   JAVA_OPTS="$JAVA_OPTS 
> > --add-opens=java.base/java.util.concurrent=ALL-UNNAMED"
> >   JAVA_OPTS="$JAVA_OPTS --add-opens=java.rmi/sun.rmi.transport=ALL-UNNAMED"
> > +JAVA_OPTS="$JAVA_OPTS --enable-native-access=ALL-UNNAMED"
> >
> >   # - Execute The Requested Command 
> > -
>
> -
> To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: dev-h...@tomcat.apache.org
>

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

(tomcat) branch 10.1.x updated: Revert option that breaks on Java 11

2024-04-11 Thread remm 
This is an automated email from the ASF dual-hosted git repository.

remm pushed a commit to branch 10.1.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/10.1.x by this push:
 new 86b7beeb8e Revert option that breaks on Java 11
86b7beeb8e is described below

commit 86b7beeb8eb52ef8854fe4dacaf639279075e0ed
Author: remm 
AuthorDate: Thu Apr 11 20:55:00 2024 +0200

Revert option that breaks on Java 11

Caused by a testing error.
---
 bin/catalina.bat | 1 -
 bin/catalina.sh  | 1 -
 2 files changed, 2 deletions(-)

diff --git a/bin/catalina.bat b/bin/catalina.bat
index 9a30371013..9c55ae940e 100755
--- a/bin/catalina.bat
+++ b/bin/catalina.bat
@@ -223,7 +223,6 @@ set "JAVA_OPTS=%JAVA_OPTS% 
--add-opens=java.base/java.io=ALL-UNNAMED"
 set "JAVA_OPTS=%JAVA_OPTS% --add-opens=java.base/java.util=ALL-UNNAMED"
 set "JAVA_OPTS=%JAVA_OPTS% 
--add-opens=java.base/java.util.concurrent=ALL-UNNAMED"
 set "JAVA_OPTS=%JAVA_OPTS% --add-opens=java.rmi/sun.rmi.transport=ALL-UNNAMED"
-set "JAVA_OPTS=%JAVA_OPTS% --enable-native-access=ALL-UNNAMED"
 
 rem - Execute The Requested Command ---
 
diff --git a/bin/catalina.sh b/bin/catalina.sh
index ed647a2dea..32f87ffb6f 100755
--- a/bin/catalina.sh
+++ b/bin/catalina.sh
@@ -296,7 +296,6 @@ JAVA_OPTS="$JAVA_OPTS 
--add-opens=java.base/java.io=ALL-UNNAMED"
 JAVA_OPTS="$JAVA_OPTS --add-opens=java.base/java.util=ALL-UNNAMED"
 JAVA_OPTS="$JAVA_OPTS --add-opens=java.base/java.util.concurrent=ALL-UNNAMED"
 JAVA_OPTS="$JAVA_OPTS --add-opens=java.rmi/sun.rmi.transport=ALL-UNNAMED"
-JAVA_OPTS="$JAVA_OPTS --enable-native-access=ALL-UNNAMED"
 
 # - Execute The Requested Command -
 


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

(tomcat) branch main updated: Bump version numbers

2024-04-11 Thread remm 
This is an automated email from the ASF dual-hosted git repository.

remm pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/main by this push:
 new 3972a030b4 Bump version numbers
3972a030b4 is described below

commit 3972a030b4db63c08bd1de99659a481c6c5aae9d
Author: remm 
AuthorDate: Thu Apr 11 20:58:18 2024 +0200

Bump version numbers
---
 modules/openssl-foreign/pom.xml | 2 +-
 modules/openssl-java17/pom.xml  | 2 +-
 modules/openssl-java21/pom.xml  | 2 +-
 modules/stuffed/pom.xml | 2 +-
 4 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/modules/openssl-foreign/pom.xml b/modules/openssl-foreign/pom.xml
index 5a926d3d23..a484633961 100644
--- a/modules/openssl-foreign/pom.xml
+++ b/modules/openssl-foreign/pom.xml
@@ -31,7 +31,7 @@
 0.1-SNAPSHOT
 
 
-11.0.0-M14
+11.0.0-M18
 
2021-12-02T12:00:00Z
 
 
diff --git a/modules/openssl-java17/pom.xml b/modules/openssl-java17/pom.xml
index 6ea18cba54..ed7a336e4b 100644
--- a/modules/openssl-java17/pom.xml
+++ b/modules/openssl-java17/pom.xml
@@ -31,7 +31,7 @@
 0.1-SNAPSHOT
 
 
-9.0.83
+9.0.87
 
2021-12-02T12:00:00Z
 
 
diff --git a/modules/openssl-java21/pom.xml b/modules/openssl-java21/pom.xml
index 0bea4f06bf..a06e972e8e 100644
--- a/modules/openssl-java21/pom.xml
+++ b/modules/openssl-java21/pom.xml
@@ -31,7 +31,7 @@
 0.1-SNAPSHOT
 
 
-9.0.83
+9.0.87
 
2021-12-02T12:00:00Z
 
 
diff --git a/modules/stuffed/pom.xml b/modules/stuffed/pom.xml
index a45c58b901..b8ce011bd9 100644
--- a/modules/stuffed/pom.xml
+++ b/modules/stuffed/pom.xml
@@ -29,7 +29,7 @@
 
 UTF-8
 org.apache.catalina.startup.Tomcat
-11.0.0-M16
+11.0.0-M18
 
 
 


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: [PR] Bump org.apache.tomcat:tomcat-websocket from 11.0.0-M16 to 11.0.0-M17 in /modules/stuffed [tomcat]

2024-04-11 Thread via GitHub 


dependabot[bot] commented on PR #714:
URL: https://github.com/apache/tomcat/pull/714#issuecomment-2050326037

   Looks like org.apache.tomcat:tomcat-websocket is up-to-date now, so this is 
no longer needed.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: [PR] Bump org.apache.tomcat:tomcat-websocket from 11.0.0-M16 to 11.0.0-M17 in /modules/stuffed [tomcat]

2024-04-11 Thread via GitHub 


dependabot[bot] closed pull request #714: Bump 
org.apache.tomcat:tomcat-websocket from 11.0.0-M16 to 11.0.0-M17 in 
/modules/stuffed
URL: https://github.com/apache/tomcat/pull/714


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: [PR] Bump org.apache.tomcat:tomcat-coyote from 9.0.83 to 9.0.86 in /modules/openssl-java17 [tomcat]

2024-04-11 Thread via GitHub 


dependabot[bot] closed pull request #717: Bump org.apache.tomcat:tomcat-coyote 
from 9.0.83 to 9.0.86 in /modules/openssl-java17
URL: https://github.com/apache/tomcat/pull/717


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: [PR] Bump org.apache.tomcat:tomcat-coyote from 11.0.0-M14 to 11.0.0-M17 in /modules/openssl-foreign [tomcat]

2024-04-11 Thread via GitHub 


dependabot[bot] commented on PR #715:
URL: https://github.com/apache/tomcat/pull/715#issuecomment-2050326108

   Looks like org.apache.tomcat:tomcat-coyote is up-to-date now, so this is no 
longer needed.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

(tomcat) branch dependabot/maven/modules/stuffed/org.apache.tomcat-tomcat-websocket-11.0.0-M17 deleted (was 24b73e3ed1)

2024-04-11 Thread github-bot 
This is an automated email from the ASF dual-hosted git repository.

github-bot pushed a change to branch 
dependabot/maven/modules/stuffed/org.apache.tomcat-tomcat-websocket-11.0.0-M17
in repository https://gitbox.apache.org/repos/asf/tomcat.git


 was 24b73e3ed1 Bump org.apache.tomcat:tomcat-websocket in /modules/stuffed

The revisions that were on this branch are still contained in
other references; therefore, this change does not discard any commits
from the repository.


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: [PR] Bump org.apache.tomcat:tomcat-coyote from 9.0.83 to 9.0.86 in /modules/openssl-java21 [tomcat]

2024-04-11 Thread via GitHub 


dependabot[bot] commented on PR #716:
URL: https://github.com/apache/tomcat/pull/716#issuecomment-2050326279

   Looks like org.apache.tomcat:tomcat-coyote is up-to-date now, so this is no 
longer needed.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: [PR] Bump org.apache.tomcat:tomcat-coyote from 9.0.83 to 9.0.86 in /modules/openssl-java21 [tomcat]

2024-04-11 Thread via GitHub 


dependabot[bot] closed pull request #716: Bump org.apache.tomcat:tomcat-coyote 
from 9.0.83 to 9.0.86 in /modules/openssl-java21
URL: https://github.com/apache/tomcat/pull/716


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

(tomcat) branch dependabot/maven/modules/openssl-foreign/org.apache.tomcat-tomcat-coyote-11.0.0-M17 deleted (was 4dcea8621f)

2024-04-11 Thread github-bot 
This is an automated email from the ASF dual-hosted git repository.

github-bot pushed a change to branch 
dependabot/maven/modules/openssl-foreign/org.apache.tomcat-tomcat-coyote-11.0.0-M17
in repository https://gitbox.apache.org/repos/asf/tomcat.git


 was 4dcea8621f Bump org.apache.tomcat:tomcat-coyote in 
/modules/openssl-foreign

The revisions that were on this branch are still contained in
other references; therefore, this change does not discard any commits
from the repository.


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

(tomcat) branch dependabot/maven/modules/openssl-java17/org.apache.tomcat-tomcat-coyote-9.0.86 deleted (was 20771292ee)

2024-04-11 Thread github-bot 
This is an automated email from the ASF dual-hosted git repository.

github-bot pushed a change to branch 
dependabot/maven/modules/openssl-java17/org.apache.tomcat-tomcat-coyote-9.0.86
in repository https://gitbox.apache.org/repos/asf/tomcat.git


 was 20771292ee Bump org.apache.tomcat:tomcat-coyote in 
/modules/openssl-java17

The revisions that were on this branch are still contained in
other references; therefore, this change does not discard any commits
from the repository.


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: [PR] Bump org.apache.tomcat:tomcat-coyote from 9.0.83 to 9.0.86 in /modules/openssl-java17 [tomcat]

2024-04-11 Thread via GitHub 


dependabot[bot] commented on PR #717:
URL: https://github.com/apache/tomcat/pull/717#issuecomment-2050326077

   Looks like org.apache.tomcat:tomcat-coyote is up-to-date now, so this is no 
longer needed.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: [PR] Bump org.apache.tomcat:tomcat-coyote from 11.0.0-M14 to 11.0.0-M17 in /modules/openssl-foreign [tomcat]

2024-04-11 Thread via GitHub 


dependabot[bot] closed pull request #715: Bump org.apache.tomcat:tomcat-coyote 
from 11.0.0-M14 to 11.0.0-M17 in /modules/openssl-foreign
URL: https://github.com/apache/tomcat/pull/715


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

(tomcat) branch dependabot/maven/modules/openssl-java21/org.apache.tomcat-tomcat-coyote-9.0.86 deleted (was 1879f32982)

2024-04-11 Thread github-bot 
This is an automated email from the ASF dual-hosted git repository.

github-bot pushed a change to branch 
dependabot/maven/modules/openssl-java21/org.apache.tomcat-tomcat-coyote-9.0.86
in repository https://gitbox.apache.org/repos/asf/tomcat.git


 was 1879f32982 Bump org.apache.tomcat:tomcat-coyote in 
/modules/openssl-java21

The revisions that were on this branch are still contained in
other references; therefore, this change does not discard any commits
from the repository.


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: (tomcat) branch 10.1.x updated: Add native access to the scripts

2024-04-11 Thread Rainer Jung 

Thanks Rémy. Things happen, at least we found it before it hit the street.

Am 11.04.24 um 20:52 schrieb Rémy Maucherat:

On Thu, Apr 11, 2024 at 7:21 PM Rainer Jung  wrote:


Hi Rémy,

I think this breaks 10.1 on Java 11, since --enable-native-access was
introduced later.


I was certain I tested it properly with 11, it worked and I thought it
was added as a noop to a later build. Actually, it seems I made a dumb
mistake somewhere while testing, so I will simply remove the patch.

Rémy


Best regards,

Rainer

Am 22.03.24 um 14:13 schrieb r...@apache.org:

This is an automated email from the ASF dual-hosted git repository.

remm pushed a commit to branch 10.1.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/10.1.x by this push:
   new 6550e203a8 Add native access to the scripts
6550e203a8 is described below

commit 6550e203a8119683f38c182cbfbb9b56587c54a0
Author: remm 
AuthorDate: Fri Mar 22 13:33:27 2024 +0100

  Add native access to the scripts
---
   bin/catalina.bat | 1 +
   bin/catalina.sh  | 1 +
   2 files changed, 2 insertions(+)

diff --git a/bin/catalina.bat b/bin/catalina.bat
index 9c55ae940e..9a30371013 100755
--- a/bin/catalina.bat
+++ b/bin/catalina.bat
@@ -223,6 +223,7 @@ set "JAVA_OPTS=%JAVA_OPTS% 
--add-opens=java.base/java.io=ALL-UNNAMED"
   set "JAVA_OPTS=%JAVA_OPTS% --add-opens=java.base/java.util=ALL-UNNAMED"
   set "JAVA_OPTS=%JAVA_OPTS% 
--add-opens=java.base/java.util.concurrent=ALL-UNNAMED"
   set "JAVA_OPTS=%JAVA_OPTS% 
--add-opens=java.rmi/sun.rmi.transport=ALL-UNNAMED"
+set "JAVA_OPTS=%JAVA_OPTS% --enable-native-access=ALL-UNNAMED"

   rem - Execute The Requested Command 
---

diff --git a/bin/catalina.sh b/bin/catalina.sh
index 32f87ffb6f..ed647a2dea 100755
--- a/bin/catalina.sh
+++ b/bin/catalina.sh
@@ -296,6 +296,7 @@ JAVA_OPTS="$JAVA_OPTS 
--add-opens=java.base/java.io=ALL-UNNAMED"
   JAVA_OPTS="$JAVA_OPTS --add-opens=java.base/java.util=ALL-UNNAMED"
   JAVA_OPTS="$JAVA_OPTS --add-opens=java.base/java.util.concurrent=ALL-UNNAMED"
   JAVA_OPTS="$JAVA_OPTS --add-opens=java.rmi/sun.rmi.transport=ALL-UNNAMED"
+JAVA_OPTS="$JAVA_OPTS --enable-native-access=ALL-UNNAMED"

   # - Execute The Requested Command 
-


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 68884] New: Delayed HTTP Traffic Processing After Mass Websocket Disconnect/Reconnect

2024-04-11 Thread bugzilla 
https://bz.apache.org/bugzilla/show_bug.cgi?id=68884

Bug ID: 68884
   Summary: Delayed HTTP Traffic Processing After Mass Websocket
Disconnect/Reconnect
   Product: Tomcat 9
   Version: 9.0.75
  Hardware: All
OS: Linux
Status: NEW
  Severity: normal
  Priority: P2
 Component: WebSocket
  Assignee: dev@tomcat.apache.org
  Reporter: inconceiva...@gmail.com
  Target Milestone: -

Apache Tomcat Bug Report
Delayed HTTP Traffic Processing After Mass Websocket Disconnect/Reconnect

Description:

A significant delay of 10+ minutes occurs in resuming normal HTTP traffic
processing after a mass websocket disconnect/reconnect event. This issue arises
when a network interruption or stop-the-world garbage collection event exceeds
the maxIdleTimeout (35 seconds), leading to numerous websocket session
closures. 

With several thousand websocket sessions closing simultaneously, all available
nio2 threads (maxThreads=50) become occupied with the closure process. These
threads enter a continuous loop, repeatedly calling Thread.yield while waiting
to acquire the WsRemoteEndpointImplBase messagePartInProgress semaphore. This
behavior, introduced as part of the fix for BZ66508, allows closing threads to
relinquish CPU time while waiting for the send semaphore (up to the default
20-second timeout).

java. base@11.0.21/java.lang.Thread.yield(Native Method)
org.apache.tomcat.websocket.server.WsRemoteEndpointImplServer.acquireMessagePartInProgressSemaphore(WsRemoteEndpointImplServer.java:130)
org.apache.tomcat.websocket.WsRemoteEndpointImplBase.sendMessageBlock(WsRemoteEndpointImplBase-java:
292)
org.apache.tomcat.websocket.WsRemoteEndpointImplBase.sendMessageBlock(WsRemoteEndpointImplBase.
java: 256)
org.apache.tomcat.websocket.WsSession.sendCloseMessage(WsSession.java:801)
org.apache.tomcat.websocket.WsSession.onClose(WsSession.java:711)

Observations indicate that on Linux, Thread.yield places the thread at a lower
priority in the CPU scheduling queue, resulting in a prolonged series of yield
calls until the timeout is reached and a SocketTimeoutException is triggered.
HTTP traffic processing remains stalled until all session closures are
completed.

We have implemented a temporary solution by introducing a property to limit the
time spent in the on-close yield loop. Reducing this value from the default
significantly improves recovery time. Additionally, decreasing maxThreads
appears to further extend the recovery time, although the exact relationship
requires further investigation.

Reproducing the Issue:

The issue, initially identified in a scenario with 50 threads and 5000 maximum
websocket connections, can also be reproduced at a smaller scale with varying
thread and session counts.

1. Establish several thousand websocket connections that periodically
send/receive data to simulate traffic.
2. Induce a JVM pause or network interruption lasting 40 seconds or more.
3. Restore client-side connectivity.
4. Start a timer and attempt to obtain a 200 response from the server.
5. Stop the timer once a successful response is received.

Test Configurations and Results:

5 nio2 threads, 300 websocket connections:

Close Timeout   Recovery Times (seconds)
10s 218, 300, 159, 168, 312
 5s 60, 42, 102, 199, 160
 2s 27, 30, 42, 19, 18
 1s 13, 15, 15

15 nio2 threads, 300 websocket connections:

Close Timeout   Recovery Time (seconds)
2s  11, 8, 7, 6, 7, 12

Observations:

The issue was initially observed with Tomcat 9.0.75 (embedded) and remains
reproducible with versions up to 9.0.82 (embedded), even with the 9.0.86 fix
for reentrant lock on close handling applied. While the 9.0.86 fix resolved a
memory leak, it did not alleviate the extended recovery times.

Proposed Solution:

Introducing a separate property specifically for the on-close send timeout
would allow for finer-grained control and optimization of session closure
behavior, particularly for servers operating with fixed thread pool sizes.

Additional Notes:

While BZ66508 removed the fixed timeout for on-close acquisition, the potential
for a 20-second wait during semaphore acquisition persists, leading to
prolonged session closure times and increased overhead on the OS scheduler due
to the repeated yield calls.

We are investigating the precise relationship between thread count and recovery
time and will provide additional data as it becomes available.

We believe that implementing the proposed solution would significantly improve
Tomcat's performance under these conditions and provide administrators with
greater control over resource utilization during mass websocket disconnect
events.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.

[Bug 68884] Delayed HTTP Traffic Processing After Mass Websocket Disconnect/Reconnect

2024-04-11 Thread bugzilla 
https://bz.apache.org/bugzilla/show_bug.cgi?id=68884

Matt M  changed:

   What|Removed |Added

 CC||inconceiva...@gmail.com

--- Comment #1 from Matt M  ---
Created attachment 39658
  --> https://bz.apache.org/bugzilla/attachment.cgi?id=39658&action=edit
Proposed patch

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 68884] Delayed HTTP Traffic Processing After Mass Websocket Disconnect/Reconnect

2024-04-11 Thread bugzilla 
https://bz.apache.org/bugzilla/show_bug.cgi?id=68884

Oded Brilon  changed:

   What|Removed |Added

 CC||oded.bri...@servicenow.com

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[PR] fix CVE-2024-23672 [tomcat]

2024-04-11 Thread via GitHub 


achibear opened a new pull request, #718:
URL: https://github.com/apache/tomcat/pull/718

   Tomcat 8 fixed the CVE-2024-23672 vulnerability through commit 
[3631adb1](https://github.com/apache/tomcat/commit/3631adb1342d8bbd8598802a12b63ad02c37d591).
 However, we have discovered similar unpatched code in Tomcat 7. Should we 
apply similar code changes to fix the vulnerability in this branch?


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: [PR] fix CVE-2024-23672 [tomcat]

2024-04-11 Thread via GitHub 


hazendaz commented on PR #718:
URL: https://github.com/apache/tomcat/pull/718#issuecomment-2050846843

   Not speaking for team but as onlooker, Tomcat 7 is end of life since March 
2021.  There are no further updates.  So it wouldn't make sense to patch it.  
It wouldn't be released anyways.  Only tomcat 8.5 (note not 8.0) and above are 
supported with 10.0 also being end of life.  Only supported versions would get 
patched with issues.
   
   See https://tomcat.apache.org/whichversion.html


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: [PR] fix CVE-2024-23672 [tomcat]

2024-04-11 Thread via GitHub 


aooohan closed pull request #718: fix CVE-2024-23672
URL: https://github.com/apache/tomcat/pull/718


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: [PR] fix CVE-2024-23672 [tomcat]

2024-04-11 Thread via GitHub 


aooohan commented on PR #718:
URL: https://github.com/apache/tomcat/pull/718#issuecomment-2050851432

   Tomcat 7 is end of life since March 2021, so we won't merge this change, 
thanks.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: [PR] fix CVE-2024-23672 [tomcat]

2024-04-11 Thread Chuck Caldarale 


> On Apr 11, 2024, at 21:18, hazendaz (via GitHub)  wrote:
> 
> hazendaz commented on PR #718:
> URL: https://github.com/apache/tomcat/pull/718#issuecomment-2050846843
> 
>   Not speaking for team but as onlooker, Tomcat 7 is end of life since March 
> 2021.  There are no further updates.  So it wouldn't make sense to patch it.  
> It wouldn't be released anyways.  Only tomcat 8.5 (note not 8.0) and above 
> are supported with 10.0 also being end of life.


Just to clarify, 8.5 has also reached EOL; 8.5.100 was the last release for 
that leg.

  - Chuck


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org