Mark,
On 11/10/15 6:55 AM, ma...@apache.org wrote:
> Author: markt
> Date: Tue Nov 10 11:55:45 2015
> New Revision: 1713618
>
> URL: http://svn.apache.org/viewvc?rev=1713618&view=rev
> Log:
> Add a new Context option, enabled by default, that enables an additional
> check that a client provided
Mark,
On 11/11/15 10:39 AM, Mark Thomas wrote:
> All,
>
> I think we have reached the point where it makes sense to roll a
> 9.0.0.RC1 release. To summarise:
>
> - Tomcat Native is available with ALPN, SNI and OpenSSL BIO
> - HTTP/2 is implemented
> - Servlet API is up to date with latest 4.0. d
Mark,
On 11/12/15 7:12 PM, Mark Thomas wrote:
> The proposed Apache Tomcat 9.0.0.M1 release is now available for voting.
>
> This is the first milestone release for the 9.0.x branch. It should be
> noted that, as a milestone release:
> - Servlet 4.0 is not finalised
> - The EGs have not started w
Ognjen,
On 11/14/15 7:29 PM, Ognjen Blagojevic wrote:
> * SSLTest also reports that APR/native does not serve full certificate
> chain; instead, it serves only server certificate. The same APR config
> serves full chain with Tomcat 8.0.28 + Native 1.2.2, so it seems to be a
> regression. Not ser
Huxing,
On 11/16/15 3:14 AM, Huxing Zhang wrote:
> Following is a step by step guide for those who are interested in trying out
> the HTTP/2 feature in tomcat9,
> Please correct me if anything is wrong.
>
> Prerequisite:
> * JDK8: suppose you've already installed
> * tomcat 9.0.0.M1:
> Please d
Mark,
On 11/17/15 3:24 PM, Mark Thomas wrote:
> The votes cast were as follows:
>
> Binding:
> +1: remm, markt, mgrigorov
Also +1 : schultz, not that it really matters.
> Non-binding:
> +1: ognjen
>
> The vote therefore passes. 9.0.0.M1 will be released with an al
Mark,
On 11/17/15 3:44 PM, Mark Thomas wrote:
> On 17/11/2015 20:34, Christopher Schultz wrote:
>> Mark,
>>
>> On 11/17/15 3:24 PM, Mark Thomas wrote:
>>> The votes cast were as follows:
>>>
>>> Binding:
>>> +1: remm, markt, mgri
All,
I thought there was a BZ issue for this, but I didn't find one. It's
been suggested (and I agree completely) that an application ought to be
able to fetch the CredentialHandler for the context's realm so that it
could mutate user credentials in the same way that the Realm expects to
do. That
Rémy,
On 11/20/15 8:07 AM, Rémy Maucherat wrote:
> 2015-11-20 13:47 GMT+01:00 Christopher Schultz > :
>
>> All,
>>
>> I thought there was a BZ issue for this, but I didn't find one. It's
>> been suggested (and I agree completely) that an a
Mark,
On 11/20/15 9:23 AM, Mark Thomas wrote:
> On 20/11/2015 13:07, Rémy Maucherat wrote:
>> 2015-11-20 13:47 GMT+01:00 Christopher Schultz >> :
>>
>>> All,
>>>
>>> I thought there was a BZ issue for this, but I didn't find one. It&
Mark,
On 11/20/15 9:26 AM, Mark Thomas wrote:
> On 20/11/2015 14:23, Mark Thomas wrote:
>>> 2015-11-20 13:47 GMT+01:00 Christopher Schultz
>
>
>>>> why does StandardContext.startInternal call
>>>> getRealmInternal().start() when ContainerBa
Rémy,
On 11/20/15 11:11 AM, r...@apache.org wrote:
> Author: remm
> Date: Fri Nov 20 16:11:59 2015
> New Revision: 1715382
>
> URL: http://svn.apache.org/viewvc?rev=1715382&view=rev
> Log:
> Remove duplication for the appContext.
>
> Modified:
>
> tomcat/trunk/java/org/apache/catalina/authe
Romain,
On 11/20/15 2:44 PM, Romain Manni-Bucau wrote:
> any reason the AccessLogValve doesnt rely on JULI -
> https://github.com/apache/tomcat/blob/trunk/java/org/apache/catalina/valves/AccessLogValve.java#L515
> ?
Because JULI is slow, and we want logging to be fast.
Logging frameworks are sup
All,
IF I'm going to commit to trunk (Tomcat 9) and then back-port something,
shall I add it to both the Tomcat 9 changelog as well as the Tomcat 8
(etc.) changelogs?
Since Tomcat 9's build is really a pre-release, I can see an argument
for ignoring the changelog for now and only mentioning chang
Konstantin,
On 11/21/15 10:07 AM, Konstantin Kolinko wrote:
> 2015-11-20 15:47 GMT+03:00 Christopher Schultz :
>> All,
>>
>> I thought there was a BZ issue for this, but I didn't find one. It's
>> been suggested (and I agree completely) that an applica
Konstantin,
On 11/23/15 7:19 AM, Konstantin Kolinko wrote:
> 2015-11-22 22:26 GMT+03:00 Christopher Schultz :
>> Konstantin,
>>
>> On 11/21/15 10:07 AM, Konstantin Kolinko wrote:
>>> 2015-11-20 15:47 GMT+03:00 Christopher Schultz
>>> :
>>>> All
Benjamin,
On 11/20/15 2:52 AM, Benjamin Gandon wrote:
> Don’t hesitate to share the link to this channel as soon as it is available,
> so that people can subscribe to it!
+1
Mark, do we have a link we can share with colleagues who can't attend
today's presentation? Just a public link for seeing
Felix,
On 11/24/15 3:47 PM, Felix Schumacher wrote:
> Am 23.11.2015 um 03:19 schrieb Huxing Zhang:
>> Hi fschumacher,
>>
>> Just a friendly reminder that I had a discussion with kkolinko about
>> this before.
>> I seems that it is better to explicitly define the default value
>> rather than the Bo
Mark,
On 12/1/15 6:02 PM, Mark Thomas wrote:
> The proposed Apache Tomcat 8.0.30 release is now available for voting.
>
> The main changes since 8.0.29 are:
>
> - Location headers for redirects now use relative URIs. This can
> be controlled by Context with the useRelativeRedirects attribute.
Violeta,
On 12/7/15 10:15 AM, Violeta Georgieva wrote:
> The proposed Apache Tomcat 7.0.67 release is now available for voting.
>
> It can be obtained from:
> https://dist.apache.org/repos/dist/dev/tomcat/tomcat-7/v7.0.67/
> The Maven staging repo is:
> https://repository.apache.org/content/repos
Mark,
On 12/11/15 6:01 AM, Mark Thomas wrote:
> On 11/12/2015 10:54, Rémy Maucherat wrote:
>> Hi,
>>
>> In Tomcat 9, using the Apr listener could mean that the user want to use
>> the OpenSSL crypto and not the full APR connector. Since Mark doesn't seem
>> to like that connector very much and sin
William,
On 6/20/18 9:21 PM, William L. Thomson Jr. wrote:
> Turns out my issues were due to resources ending up in a sub-directory,
> prefixed with java/org, like find out in sources. One aspect I would
> like to see done if possible. Tomcat mixes a lot of stuff into the same
> directories. Its l
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Romain,
On 6/27/18 11:50 AM, Romain Manni-Bucau wrote:
> up? any hope we have live reloading of certs in tomcat?
Yup. Recent versions allow you to reload the SSLHostConfigs.
I was getting ready to update my presentation on Let's Encrypt,
actually,
Mark,
On 6/27/18 4:59 PM, Mark Thomas wrote:
> On 27/06/18 17:21, Christopher Schultz wrote:
>> Romain,
>>
>> On 6/27/18 11:50 AM, Romain Manni-Bucau wrote:
>>> up? any hope we have live reloading of certs in tomcat?
>>
>> Yup. Recent versions allow you
Mark,
On 6/29/18 5:06 PM, Mark Thomas wrote:
> On 29/06/18 21:58, Christopher Schultz wrote:
>> On 6/27/18 4:59 PM, Mark Thomas wrote:
>>> On 27/06/18 17:21, Christopher Schultz wrote:
>
>
>
>>>> any objection to taking this code and putting it into the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Rainer,
On 6/27/18 12:50 PM, Rainer Jung wrote:
> Hi there,
>
> BZ56402 is an AJP feature request and Remy postet
>
> "IMO, with each day that passes, this enhancement becomes more
> unrealistic and less useful. I think the decision must now be m
Rory,
On 7/2/18 5:33 AM, Rory O'Donnell wrote:
> Since our last email the following JEPs have been targeted to JDK 11 :
>
> * [...]
> * 332: Transport Layer Security (TLS) 1.3
/me claps enthusiastically!
I'll be very happy to start playing around with this.
-chris
signature.asc
Descriptio
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Huxing,
On 7/25/18 11:28 AM, Huxing Zhang wrote:
> Hi,
>
> Recently I am working on implementing a feature that can
> automatically register a ServletContextListerner instance, say A,
> to servletContext programmatically during startup.
>
> I use
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Mark,
On 7/26/18 5:21 AM, Mark Thomas wrote:
> On 26/07/2018 04:29, Huxing Zhang wrote:
>> Hi,
>>
>> On Thu, Jul 26, 2018 at 2:57 AM, Christopher Schultz
>> wrote:
>
>
>
>>> Can you thin
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Mark,
On 7/31/18 8:03 AM, ma...@apache.org wrote:
> Author: markt Date: Tue Jul 31 12:03:26 2018 New Revision: 1837133
>
> URL: http://svn.apache.org/viewvc?rev=1837133&view=rev Log:
> Introduce a new class - MultiThrowable - to report exceptions
Mark,
On 8/1/18 11:21 AM, Mark Thomas wrote:
> On 01/08/18 16:03, Emmanuel Bourg wrote:
>> Le 01/08/2018 à 16:34, Mark Thomas a écrit :
>>
>>> I think there is a little more work to be done. Currently the files are
>>> corrupted when I look at them in an IDE. I've tried playing with
>>> svn:mimety
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
All,
A presentation at DEFCON[1] last week showed how many Android
applications were improperly using shared external storage on Android
devices and could be vulnerable due to improper handling of temporary
files.
This was your basic:
1. Download
All,
Can someone take a quick look at my analysis of the tcnative crash
described here:
https://bz.apache.org/bugzilla/show_bug.cgi?id=62626
Without a debugger in Windows, I don't think I'll be able to find the
line of code where the problem is. There is an offset into the DLL where
the error is
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Mark,
On 8/27/18 16:42, Mark Thomas wrote:
> We refer to svn in various places. Main web site, docs,
> BUILDING.txt etc.
>
> The issue is when do we update the various docs. The main website
> we can update whenever, but the version specific docs n
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
All,
Bump. Does anyone have any comments on this?
Thanks,
- -chris
On 8/17/18 10:34, Christopher Schultz wrote:
> All,
>
> A presentation at DEFCON[1] last week showed how many Android
> applications were improperly using sha
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Konstantin,
On 9/6/18 12:18, Konstantin Kolinko wrote:
> пт, 17 авг. 2018 г. в 17:34, Christopher Schultz
> :
>>
>> All,
>>
>> A presentation at DEFCON[1] last week showed how many Android
>> applications w
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Michael,
On 9/11/18 3:33 PM, Michael Osipov wrote:
> in bug 62670 [1] -- contrary to my statement -- Mark pointed out
> that is it pefectly legal to have a JDBC driver in WEB-INF/lib.
> While I was living for years with the assumption that this is
>
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Mark,
On 9/12/18 7:12 AM, Mark Thomas wrote:
> OpenSSL currently has the following four active development
> branches: Master (a.k.a. 1.1.2-dev) 1.1.1 (LTS supported until at
> least 2018-09-11
A slight correction:
1.1.1 was *initially* released
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Mark,
On 9/12/18 7:12 AM, Mark Thomas wrote:
> All,
>
> Gump currently tests 7.0.x, 8.5.x and 9.0.x
>
> Support for OpenSSL cipher names is available in 8.5.x onwards and
> we have various unit tests to ensure that our parsing code remains
> in sy
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
All,
This page is ... seriously out of date and probably need editing to
make it useful.
http://tomcat.apache.org/tomcat-9.0-doc/appdev/installation.html
First, it implies that a JDK is required to install Tomcat. Not really
/Tomcat/ per se, since
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Mark,
On 9/12/18 17:20, Mark Thomas wrote:
> On 12/09/18 17:25, Christopher Schultz wrote:
>> Mark, On 9/12/18 7:12 AM, Mark Thomas wrote:
>
>
>
>>> Testing all 12 combinations (4 OpenSSL * 3 Tomcat) seems like
&
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Mark,
On 9/14/18 05:21, Mark Thomas wrote:
> On 14/09/18 10:07, Rémy Maucherat wrote:
>> On Fri, Sep 14, 2018 at 10:41 AM wrote:
>>
>>> Author: markt Date: Fri Sep 14 08:41:02 2018 New Revision:
>>> 1840901
>>>
>>> URL: http://svn.apache.org/view
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Mark,
On 9/17/18 08:34, Mark Thomas wrote:
> On 17/09/18 10:50, Konstantin Kolinko wrote:
>
>
>
>> Implementing auto-reloading has a caveat: there is a race
>> condition between an editor (that is used to update the file) and
>> Tomcat. It may be
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
All,
I'd like to make a small change to CallMethodRule. Our version/fork of
Digester is quite old, and the current (commons-digester) version
includes something which works similar to the way this patch will work.
### Eclipse Workspace Patch 1.0
#P
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
All,
I have a proposed patch to MemoryUserDatabase that changes the
behavior when a triggered-reload fails. Recently, markt added code to
allow database reloads, but if there is an error reloading the
database, the database is emptied and perhaps an
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
All,
Does anyone know why these two email addresses are CC'd every time a
BZ message is sent?
kakvi...@yahoo.co.in
usma...@ieml.ru
Thanks,
- -chris
-BEGIN PGP SIGNATURE-
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Thu
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Mark,
On 10/1/18 15:10, Mark Thomas wrote:
> On 01/10/18 20:04, Christopher Schultz wrote:
>> All,
>>
>> Does anyone know why these two email addresses are CC'd every
>> time a BZ message is sent?
>>
&
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Igal,
On 10/2/18 01:58, Igal Sapir wrote:
> When trying to run the unit test cases with `ant clean test` on the
> current trunk [1] I am getting two (per connector) failures:
>
> org.apache.tomcat.util.net.openssl.ciphers.TestCipher FAILED [2]
>
>
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Igal,
On 10/2/18 01:58, Igal Sapir wrote:
> When trying to run the unit test cases with `ant clean test` on the
> current trunk [1] I am getting two (per connector) failures:
>
> org.apache.tomcat.util.net.openssl.ciphers.TestCipher FAILED [2]
>
>
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Igal,
On 10/2/18 18:54, Igal Sapir wrote:
> Rainer pointed out to me the class JrePlatform [1], which has a
> helper field called IS_WINDOWS.
>
> I think that it would make sense to add a constant field OS_NAME,
> as well as IS_LINUX and IS_MACOS,
All,
Running the tests for Tomcat 8.0.33, my automated build script is
failing to build tcnative.
During "configure", I get this output:
"
checking OpenSSL library version >= 1.0.2...
Found OPENSSL_VERSION_NUMBER 0x1000105f (OpenSSL 1.0.1e 11 Feb 2013)
Require OPENSSL_VERSION_NUMBER 0x1000200
Mark,
On 3/18/16 4:55 PM, Mark Thomas wrote:
> The proposed Apache Tomcat 8.0.33 release is now available for voting.
>
> The main changes since 8.0.32 are:
>
> - Correct a false positive warning for ThreadLocal related memory
> leaks when the key class but not the value class has been loaded
Rainer,
On 3/21/16 4:43 PM, Rainer Jung wrote:
> Hi Chris,
>
> do you prefer this:
>
> === quote ===
>
> checking OpenSSL library version >= 1.0.2...
>
> Found OPENSSL_VERSION_NUMBER 0x1000112f (OpenSSL 1.0.1r 28 Jan 2016)
> Require OPENSSL_VERSION_NUMBER 0x1000200f or greater (1.0.2)
>
>
Mark,
On 3/30/16 3:33 PM, Mark Thomas wrote:
> On 30/03/2016 20:27, ma...@apache.org wrote:
>> Author: markt
>> Date: Wed Mar 30 19:27:29 2016
>> New Revision: 1737154
>>
>> URL: http://svn.apache.org/viewvc?rev=1737154&view=rev
>> Log:
>> Add support for obtaining the certificate chain from a Jav
Chuck,
On 3/30/16 5:10 PM, Caldarale, Charles R wrote:
>> From: Christopher Schultz
>> Subject: RE: svn commit: r1737154 - in /tomcat/native/trunk:
>> native/src/sslcontext.c xdocs/miscellaneous/changelog.xml
>
>> Since bufferPtr is the byte array you want to use, y
Mark,
On 4/1/16 12:38 PM, Mark Thomas wrote:
> I ran the Tomcat 9 unit tests and there are a whole bunch of failures
> (everything passed with the previous ea release). It looks like some of
> our memory leak prevention tricks no longer work.
Can you define "don't work"? Do they actively cause er
All,
Lately, I've found myself re-writing the same code to customize an
SSLSocketFactory for a variety of clients I've been writing. Of course,
I have, at this point, written a re-usable library that I generally use,
but when I want to give-away the code to someone else, it's a little
nicer to hav
Kenneth,
This post belongs on the user's mailing list. Cross-posting this reply
to move it over there.
-chris
On 4/13/16 11:49 AM, King Kenneth wrote:
> We recently install Business Objects Business Intelligence 4.1 SP7 and
> Tomcat 7 is the default web application server which is bundled within
All,
On 4/18/16 12:36 PM, schu...@apache.org wrote:
> Author: schultz
> Date: Mon Apr 18 16:36:35 2016
> New Revision: 1739786
>
> URL: http://svn.apache.org/viewvc?rev=1739786&view=rev
> Log:
> Back-port r1715434 to make a web application's CredentialHandler
Mark,
On 4/18/16 2:38 PM, Mark Thomas wrote:
> On 18/04/2016 18:15, Christopher Schultz wrote:
>> All,
>>
>> On 4/18/16 12:36 PM, schu...@apache.org wrote:
>>> Author: schultz
>>> Date: Mon Apr 18 16:36:35 2016
>>> New Revision: 1739786
>>&g
Konstantin,
On 4/20/16 5:15 AM, Konstantin Kolinko wrote:
> 2016-04-20 8:04 GMT+03:00 :
>> Author: kfujino
>> Date: Wed Apr 20 05:04:19 2016
>> New Revision: 1740047
>>
>> URL: http://svn.apache.org/viewvc?rev=1740047&view=rev
>> Log:
>> Change the channel field to protected.
>>
>> Modified:
>>
All,
Bump
Thanks,
-chris
On 4/10/16 4:08 PM, Christopher Schultz wrote:
> All,
>
> Lately, I've found myself re-writing the same code to customize an
> SSLSocketFactory for a variety of clients I've been writing. Of course,
> I have, at this point, written a re-usable
Romain,
On 4/25/16 11:42 AM, Romain Manni-Bucau wrote:
> Hi guys,
>
> tomcat uses ConcurrentHashMap in few places and doesn't rely on
> ConcurrentMap API (ApplicationContext IIRC for instance was the case I
> encounter). This means if you build tomcat with java 8 and run on java 7 it
> is broken
Romain,
On 4/26/16 5:32 PM, Romain Manni-Bucau wrote:
> Le 26 avr. 2016 22:27, "Christopher Schultz"
> a écrit :
>>
>> Romain,
>>
>> On 4/25/16 11:42 AM, Romain Manni-Bucau wrote:
>>> Hi guys,
>>>
>>> tomcat uses Concur
Konstantin,
On 4/27/16 7:27 AM, Konstantin Kolinko wrote:
> 2016-04-27 14:00 GMT+03:00 Violeta Georgieva :
>> Hi,
>>
>> I have a question about difference in the behaviour of
>> org.apache.catalina.loader.WebappClassLoaderBase.getResource(String).
>> I'm investigating the issue reported here [1].
Mark,
On 4/27/16 7:41 AM, Mark Thomas wrote:
> On 27/04/2016 00:03, Mark Thomas wrote:
>> On 25/04/2016 16:42, Romain Manni-Bucau wrote:
>>> Hi guys,
>>>
>>> tomcat uses ConcurrentHashMap in few places and doesn't rely on
>>> ConcurrentMap API (ApplicationContext IIRC for instance was the case I
All,
I'm trying to drum-up support for a request I've made for the servlet
4.0 spec. You can find the request here:
https://java.net/jira/browse/SERVLET_SPEC-130
In short, I've requested that the spec add a context attribute key for
"TLS protocol". Currently-defined TLS-related information inclu
All,
I haven't looked at anything except the announcement below, and I'm
wondering how much of this overlaps with Tomcat's OpenSSL wrapper. My
understanding is that we have have a JSSE provider that wraps OpenSSL,
and that can be used for e.g. Java NIO-over-OpenSSL so in a sense, we
have wrapped O
Chuck,
On 5/10/16 2:05 PM, Caldarale, Charles R wrote:
>> From: skosoy [mailto:sko...@gmail.com]
>> Subject: 2 Virual Hosts, 2 SSL Cert's, 2 domains
>
>> Any ideas, any solutions?
>
> This belongs on the Tomcat users' mailing list, not the one for Tomcat
> developers.
+1
And skosoy, when pos
Skosoy,
On 5/10/16 2:12 PM, skosoy wrote:
> Ok, guys... Nevertheless as i see there is no good configuration solution.
>
> On 10.05.2016 21:07, Christopher Schultz wrote:
>> Chuck,
>>
>> On 5/10/16 2:05 PM, Caldarale, Charles R wrote:
>>>> From: skosoy [m
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Mark,
On 5/24/16 10:06 AM, Mark Thomas wrote:
> TL;DR If you use remote JMX, you need to update your JVM to address
> CVE-2016-3427
>
> For the longer version, see the blog post I just published on
> this: http://engineering.pivotal.io/post/java-dese
Woonsan,
On 5/25/16 11:29 AM, Woonsan Ko wrote:
> On Wed, May 25, 2016 at 11:12 AM, Christopher Schultz
> wrote:
> Mark,
>
> On 5/24/16 10:06 AM, Mark Thomas wrote:
>>>> TL;DR If you use remote JMX, you need to update your JVM to address
>>>> CVE-2016-342
Mark,
On 5/19/16 7:21 AM, Mark Thomas wrote:
> As you are probably aware, I have been working through the memory leak
> protection / detection code checking that the code is still relevant for
> Tomcat 9. Having reviewed the history of clearReferencesStatic I'd like
> to propose removing it in 9.0
Rémy and Mark,
On 6/3/16 10:11 AM, Mark Thomas wrote:
> On 03/06/2016 14:36, Rémy Maucherat wrote:
>> Hi,
>>
>> With direct connect having been hacked in (err, I mean, "implemented"), it
>> is (a lot) easier to do meaningful performance tests. h2load is a drop in
>> replacement of ab that uses HTT
Martin,
On 6/8/16 3:25 AM, Martin Grigorov wrote:
> On Tue, Jun 7, 2016 at 11:33 AM, Mark Thomas wrote:
>
>> On 07/06/2016 10:17, Martin Grigorov wrote:
>>> Hi devs,
>>>
>>> Recently a colleague of mine asked me what it takes to become an Apache
>>> committer.
>>> I've explained him that he has
Rémy,
On 6/16/16 5:52 AM, Rémy Maucherat wrote:
> 2016-06-16 11:25 GMT+02:00 Andy Wilkinson :
>
>> On Thu, Jun 16, 2016 at 10:21 AM, Rémy Maucherat wrote:
>>
>>> -1, I am against fake improvements.
>>>
>>
>> Do you consider the improvement for applications that do not use HTTP
>> sessions at all
Afaf,
On 6/21/16 8:46 AM, Afaf Zahkya wrote:
> Hello,
>
> I m using tomcat 8.0.21.
>
> I want to send *up* to 4 MB of text messages through a websocket connection
> to my tomcat server. I set the MaxTextMessageBufferSize to 4 MB.Now as a
> result, every time I open a websocket connection and I
Mark,
On 6/22/16 9:06 AM, Mark Thomas wrote:
> On 22/06/2016 14:01, Rainer Jung wrote:
>> Hi Mark,
>>
>> Am 22.06.2016 um 13:20 schrieb Mark Thomas:
>>> A while ago I observed unexpected APR_EGENERAL errors being returned
>>> when performing SSL reads. I was unable to identify the root cause but I
Nate,
On 6/24/16 10:40 AM, therealnewo...@gmail.com wrote:
> On Fri, Jun 24, 2016 at 6:17 AM, Rémy Maucherat wrote:
>> 2016-06-24 12:08 GMT+02:00 Mark Thomas :
>>
>>> Thanks.
>>>
>>> I'm going to start some local performance testing to confirm I see
>>> similar results and, assuming I do, I'll st
Mark,
On 7/1/16 4:34 PM, Mark Thomas wrote:
> [1] has highlighted that the removal of JULI+log4j from 9.0.x has been
> partially back-ported to 8.5.x. I originally stated in [2] that I had no
> plans to back-port the removal of JULI+log4j support. I'd like to change
> that decision.
>
> Any objec
Mark,
On 7/3/16 4:24 PM, ma...@apache.org wrote:
> Author: markt
> Date: Sun Jul 3 20:24:18 2016
> New Revision: 1751173
>
> URL: http://svn.apache.org/viewvc?rev=1751173&view=rev
> Log:
> The original request for regular expression support would be too expensive to
> implement.
> This commit a
Mark,
On 7/7/16 11:53 AM, Mark Thomas wrote:
> On 06/07/2016 22:55, Christopher Schultz wrote:
>> Mark,
>>
>> On 7/3/16 4:24 PM, ma...@apache.org wrote:
>>> Author: markt
>>> Date: Sun Jul 3 20:24:18 2016
>>> New Revision: 1751173
>>>
&
Mark,
On 7/11/16 4:40 PM, Mark Thomas wrote:
> This was triggered by a thread on the users list. [1]
>
> Tomcat does not, and hasn't as far back as at least 4.1.x, decoded the
> path provided in the call to getRequestDispatcher(path).
>
> I think this might be incorrect. My logic for this is as
All,
Michael Deiner found a buffer overflow in the call to FD_SET macro on
line 291 of jk_connect.c:
280> do {
281>rc = connect(sd, (const struct sockaddr *)&addr->sa.sin,
addr->salen);
282>} while (rc == -1 && errno == EINTR);
283>
284>if ((rc == -1) && (errno == EINPROGRESS ||
Rainer,
On 7/18/16 5:48 PM, Rainer Jung wrote:
> Hi Chris,
>
> thanks for picking this topic.
>
> Am 18.07.2016 um 17:02 schrieb Christopher Schultz:
>> All,
>>
>> Michael Deiner found a buffer overflow in the call to FD_SET macro on
>> line 291 of
All,
On a new computer, I checked-out trunk from svn and it won't build. Did
I miss something?
$ svn info
Path: .
Working Copy Root Path: /Users/chris/Documents/Eclipse/tomcat-trunk
URL: https://svn.apache.org/repos/asf/tomcat/trunk
Relative URL: ^/tomcat/trunk
Repository Root: https://svn.apache
All,
I committed a change to xdocs/presentations.xml and
docs/presentations.html (and then markt made some additional changes),
and the README suggests that those updates will auto-propagate to the
public web site.
I'm not seeing the changes, yet, and it's been about 15 hours. Am I just
being too
Violeta,
On 9/15/16 11:00 AM, Violeta Georgieva wrote:
> Hi Chris,
>
> 2016-09-15 17:51 GMT+03:00 Christopher Schultz > :
>>
>> All,
>>
>> I committed a change to xdocs/presentations.xml and
>> docs/presentations.html (and then markt made some additional
Mark,
On 9/15/16 7:39 AM, Mark Thomas wrote:
> We haven't had any webinars for a while.
>
> Looking at the YouTube stats for the recordings we have had 5k+ views
> across 5 webinars which in reality means more like 2.5k people watching
> one for more than a few seconds and around 1k watching one
Martin,
On 9/20/16 2:56 PM, Martin Grigorov wrote:
> Hi Michael,
>
> On Tue, Sep 20, 2016 at 3:10 PM, Michael Hall wrote:
>
>> Hi Coty,
>>
>> Have you had an opportunity to try this yet? If you need help please let
>> me know, or you could find help on #snappy on Freenode or
>> https://gitter.i
Martin,
On 9/20/16 3:28 PM, Martin Grigorov wrote:
> Hi Michael,
>
> On Tue, Sep 20, 2016 at 9:11 PM, Michael Hall wrote:
>
>> Hi Martin,
>>
>>
>> On 09/20/2016 02:56 PM, Martin Grigorov wrote:
>>> Hi Michael,
>>>
>>> On Tue, Sep 20, 2016 at 3:10 PM, Michael Hall
>> wrote:
>>>
Hi Coty,
>>
Martin,
On 9/20/16 5:44 PM, Martin Grigorov wrote:
> Hi Chris,
>
> On Tue, Sep 20, 2016 at 10:51 PM, Christopher Schultz <
> ch...@christopherschultz.net> wrote:
>
>> Martin,
>>
>> On 9/20/16 3:28 PM, Martin Grigorov wrote:
>>> Hi Michael,
>&
Gavin,
On 9/22/16 1:03 AM, Gavin McDonald wrote:
> Please find attached 3 patches for tweaks to the rat-excludes file in trunk
> and the 8.0 and 8.5 branches.
>
> RAT tests are currently producing invalid xml reports due to files that
> should be excluded
> (and therefore xml parser cant convert
All,
In the past few years, jfclere has been dong some performance testing
with JSSE-based crypto versus OpenSSL-based crypto, and it had always
been clear that the pure-Java crypto was slower by orders of magnitude.
There was some concern that the hw-accelerated crypto wasn't actually
working as
Rémy,
> On Sep 30, 2016, at 09:50, Rémy Maucherat wrote:
>
> 2016-09-30 15:26 GMT+02:00 jean-frederic clere :
>
>>> On 09/29/2016 08:35 PM, Christopher Schultz wrote:
>>> All,
>>>
>>> In the past few years, jfclere has been dong some perfo
Mark,
On 10/6/16 4:33 PM, Mark Thomas wrote:
> The proposed Apache Tomcat 8.5.6 release is now available for voting.
>
> The major changes compared to the 8.5.5 release are:
>
> - Refactoring the non-container thread Async complete()/dispatch()
> handling to remove the possibility of deadlock
Mark,
On 10/8/16 3:35 PM, Christopher Schultz wrote:
> Mark,
>
> On 10/6/16 4:33 PM, Mark Thomas wrote:
>> The proposed Apache Tomcat 8.5.6 release is now available for voting.
>>
>> The major changes compared to the 8.5.5 release are:
>>
>> - Refactoring
Violeta,
On 2/14/17 4:43 PM, Violeta Georgieva wrote:
> Hi,
>
> 2017-02-10 11:07 GMT+02:00 Mark Thomas :
>>
>> On 09/02/17 22:08, Violeta Georgieva wrote:
>>>
>>> 2017-02-08 11:25 GMT+02:00 Violeta Georgieva :
2017-02-08 1:51 GMT+02:00 Mark Thomas :
>>
>>
>>
>>
> I guess that makes
Violeta,
On 2/15/17 1:14 PM, Violeta Georgieva wrote:
> 2017-02-15 19:46 GMT+02:00 Christopher Schultz > I think we need to come to an agreement about what it's okay to change
>> in a non-backward-compatible way in terms of internal APIs. It's become
>> clear late
Jean-Frederic,
It's not very easy to read the "REGISTER NOW!" message on the TomcatCon
icon. Can we change the color to something more high-contrast?
-chris
On 2/16/17 12:06 PM, jfcl...@apache.org wrote:
> Author: jfclere
> Date: Thu Feb 16 17:06:55 2017
> New Revision: 1783251
>
> URL: http://
1701 - 1800 of 3815 matches
Mail list logo
