On 2.12.2015 0:02, Mark Thomas wrote:
The proposed 8.0.30 release is:
[ ] Broken - do not release
[X] Stable - go ahead and release as 8.0.30
Tested .zip distribution on Windows 7 64-bit, Oracle JDK 1.8.0_60 and
APR/native 1.2.2:
- Tested TLS connectivity for BIO, NIO, NIO2 and APR connector
https://bz.apache.org/bugzilla/show_bug.cgi?id=58692
--- Comment #2 from Derek Abdine ---
Just a slight correction: I mentioned in the description
"There is no way to prevent this issue with a JarScanFilter"
Just to clarify, there is no way to prevent this with the built in
StandardJarScanFi
https://bz.apache.org/bugzilla/show_bug.cgi?id=58692
--- Comment #1 from Derek Abdine ---
Here's the stack trace from the attached test case / unit test:
java.lang.IllegalArgumentException: URI scheme is not "file"
at java.io.File.(File.java:421)
at
org.apache.tomcat.util.scan.StandardJar
https://bz.apache.org/bugzilla/show_bug.cgi?id=58692
Bug ID: 58692
Summary: Odd classpath URLs cause Tomcat to abort loading
webapps
Product: Tomcat 8
Version: trunk
Hardware: All
OS: All
Status:
The Buildbot has detected a new failure on builder tomcat-8-trunk while
building ASF Buildbot. Full details are available at:
http://ci.apache.org/builders/tomcat-8-trunk/builds/318
Buildbot URL: http://ci.apache.org/
Buildslave for this Build: silvanus_ubuntu
Build Reason: The AnyBranchSch
2015-12-04 14:50 GMT+01:00 Mark Thomas :
> On 04/12/2015 12:29, Rémy Maucherat wrote:
> > 2015-12-04 12:42 GMT+01:00 Mark Thomas :
>
> >> The DIGEST module does not disable the default
> >> caching of the authenticated Principal in the session which renders the
> >> security benefits of digest ove
Author: violetagg
Date: Fri Dec 4 20:52:35 2015
New Revision: 1718030
URL: http://svn.apache.org/viewvc?rev=1718030&view=rev
Log:
Merged revision 1718022 from tomcat/trunk:
Stream may not be closed in all branches. Findbugs report.
Modified:
tomcat/tc7.0.x/trunk/ (props changed)
tomcat
Author: violetagg
Date: Fri Dec 4 20:31:10 2015
New Revision: 1718024
URL: http://svn.apache.org/viewvc?rev=1718024&view=rev
Log:
Merged revision 1718022 from tomcat/trunk:
Stream may not be closed in all branches. Findbugs report.
Modified:
tomcat/tc8.0.x/trunk/ (props changed)
tomcat
Author: violetagg
Date: Fri Dec 4 20:23:44 2015
New Revision: 1718022
URL: http://svn.apache.org/viewvc?rev=1718022&view=rev
Log:
Stream may not be closed in all branches. Findbugs report.
Modified:
tomcat/trunk/java/org/apache/catalina/startup/Catalina.java
tomcat/trunk/java/org/apache/
2015-12-04 16:08 GMT+01:00 Rashid Mahmood :
> For my application a clean shutdown is a critical requirement. Is there
> anything already in discussion about this issue or should i report as a bug?
>
> You can add an enhancement but it looks difficult to do.
Rémy
Author: remm
Date: Fri Dec 4 15:32:16 2015
New Revision: 1717984
URL: http://svn.apache.org/viewvc?rev=1717984&view=rev
Log:
Some small cleanups.
Modified:
tomcat/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLEngine.java
Modified:
tomcat/trunk/java/org/apache/tomcat/util/net/openssl
https://bz.apache.org/bugzilla/show_bug.cgi?id=58691
Bug ID: 58691
Summary: org.apache.naming.ResourceEnvRef missing factory
Product: Tomcat 8
Version: 8.0.29
Hardware: All
OS: All
Status: NEW
Severity: no
Author: markt
Date: Fri Dec 4 15:13:17 2015
New Revision: 1717979
URL: http://svn.apache.org/viewvc?rev=1717979&view=rev
Log:
Fix a TODO (add explanatory comment as to why the test is correct)
Modified:
tomcat/trunk/test/org/apache/tomcat/websocket/server/TestClose.java
Modified: tomcat/tru
Hi,
i am using Tomcat based on APR/OpenSSL and have observed that shutdown behavior
in bad case is not clean. For example if OpenSSL verify callback verify the
peer certificate(s) and verification is failed e.g. unknown_certificate,
revoked etc. OpenSSL sets a handshake error with an alert mess
Hi,
i am using Tomcat based on APR/OpenSSL and have observed that shutdown behavior
in bad case is not clean. For example if OpenSSL verify callback verify the
peer certificate(s) and verification is failed e.g. unknown_certificate,
revoked etc. OpenSSL sets a handshake error with an alert messa
2015-12-04 14:41 GMT+01:00 Mark Thomas :
> On 04/12/2015 12:38, Rémy Maucherat wrote:
> > 2015-12-04 12:42 GMT+01:00 Mark Thomas :
> >
> >> Give the recent OpenSSL vulnerability announcements [1], I was planning
> >> on starting a tomcat-native 1.2.3 release to provide an updated Windows
> >> bina
Author: markt
Date: Fri Dec 4 14:11:31 2015
New Revision: 1717968
URL: http://svn.apache.org/viewvc?rev=1717968&view=rev
Log:
Use a Log since that gives timestamps and thread info with minimal effort on my
part
Modified:
tomcat/trunk/test/org/apache/tomcat/websocket/server/TestClose.java
M
Author: markt
Date: Fri Dec 4 14:06:33 2015
New Revision: 1717967
URL: http://svn.apache.org/viewvc?rev=1717967&view=rev
Log:
Static works for me for these test cases.
Modified:
tomcat/trunk/test/org/apache/tomcat/websocket/server/TestClose.java
Modified: tomcat/trunk/test/org/apache/tomcat
Author: markt
Date: Fri Dec 4 14:05:49 2015
New Revision: 1717965
URL: http://svn.apache.org/viewvc?rev=1717965&view=rev
Log:
Add test cases, currently disabled because they don't all pass, for various
issues around WebSocket closing.
Patch by Barry Coughlan
Added:
tomcat/trunk/test/org/ap
https://bz.apache.org/bugzilla/show_bug.cgi?id=57489
Mark Thomas changed:
What|Removed |Added
Status|NEEDINFO|NEW
--- Comment #21 from Mark Thomas --
On 04/12/2015 12:29, Rémy Maucherat wrote:
> 2015-12-04 12:42 GMT+01:00 Mark Thomas :
>> The DIGEST module does not disable the default
>> caching of the authenticated Principal in the session which renders the
>> security benefits of digest over http largely useless.
>
> Apologies for missing it
On 04/12/2015 12:38, Rémy Maucherat wrote:
> 2015-12-04 12:42 GMT+01:00 Mark Thomas :
>
>> Give the recent OpenSSL vulnerability announcements [1], I was planning
>> on starting a tomcat-native 1.2.3 release to provide an updated Windows
>> binary.
>>
>> There are a few fixes in trunk since 1.2.2.
Hi,
See you guys are making good progress with the JASPIC implementation in
Tomcat.
One commit that I noticed is the following:
https://github.com/apache/tomcat/commit/3e1b4931867a12a74e9e9fe7ff86484cc65a21e6
It says: "Remove the programmatic login/logout override, as I don't see how
JASPIC can
2015-12-02 1:02 GMT+02:00 Mark Thomas :
>
> The proposed Apache Tomcat 8.0.30 release is now available for voting.
>
> The main changes since 8.0.29 are:
>
> - Location headers for redirects now use relative URIs. This can
> be controlled by Context with the useRelativeRedirects attribute.
>
> -
2015-12-02 2:02 GMT+03:00 Mark Thomas :
> The proposed Apache Tomcat 8.0.30 release is now available for voting.
>
>
> The proposed 8.0.30 release is:
> [ ] Broken - do not release
> [x] Stable - go ahead and release as 8.0.30
Units tests pass - all 4 connectors (BIO, NIO, NIO2, APR) x Java 7u80,
2015-12-04 12:42 GMT+01:00 Mark Thomas :
> Give the recent OpenSSL vulnerability announcements [1], I was planning
> on starting a tomcat-native 1.2.3 release to provide an updated Windows
> binary.
>
> There are a few fixes in trunk since 1.2.2. I'll get the changelog updated.
>
Sorry, I guess e
2015-12-04 12:42 GMT+01:00 Mark Thomas :
> I've been spending some time looking at the JASPIC implementation that
> was started as part of GSoC.
>
> To recap the history to save folks digging through the archives:
>
> - JASPIC provides a standard API for pluggable authentication modules
>
> - The
Author: markt
Date: Fri Dec 4 11:51:10 2015
New Revision: 1717937
URL: http://svn.apache.org/viewvc?rev=1717937&view=rev
Log:
Update the changelog with additional fixes since 1.2.2
Modified:
tomcat/native/trunk/xdocs/miscellaneous/changelog.xml
Modified: tomcat/native/trunk/xdocs/miscellane
I've been spending some time looking at the JASPIC implementation that
was started as part of GSoC.
To recap the history to save folks digging through the archives:
- JASPIC provides a standard API for pluggable authentication modules
- The most obvious use case is integration with one of the ma
Give the recent OpenSSL vulnerability announcements [1], I was planning
on starting a tomcat-native 1.2.3 release to provide an updated Windows
binary.
There are a few fixes in trunk since 1.2.2. I'll get the changelog updated.
I'm currently planning on tagging this on Tuesday 8th Dec. We can
pro
Am 2. Dezember 2015 00:02:08 MEZ, schrieb Mark Thomas :
>The proposed Apache Tomcat 8.0.30 release is now available for voting.
>
>The main changes since 8.0.29 are:
>
>- Location headers for redirects now use relative URIs. This can
> be controlled by Context with the useRelativeRedirects attri
31 matches
Mail list logo
