Implications of stopping a connector

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 All, If I stop a Connector (e.g. using JMX), I know that the listen port will be unbound and new connections will fail. But what about in-process requests? My testing shows that with a simple JSP like this: <% Thread.sleep(10 * 1000); %>This is a

Re: Host header validation

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Mark, On 3/19/17 4:55 PM, Mark Thomas wrote: > Hi, > > r1787662 adds Host header validation along with a fair number of > unit tests. > > It includes a performance test which indicates - on my machine at > least - that the performance impact is in

Re: svn commit: r1792957 - in /tomcat/trunk: java/org/apache/coyote/AbstractProtocol.java webapps/docs/changelog.xml

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Mark, On 4/27/17 4:49 PM, ma...@apache.org wrote: > Author: markt Date: Thu Apr 27 20:49:32 2017 New Revision: 1792957 > > URL: http://svn.apache.org/viewvc?rev=1792957&view=rev Log: > Wildcard host names need quoting since '*' is a reserved chara

Had trouble building libtcnative [openssl]

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 All, I'm trying to do a complete test of 8.5.15 (candidate) and I can't seem to build tcnative because of the OpenSSL dependency. On my system, I've got OpensSSL 1.0.1t installed globally, but I have openssl 1.0.2f installed locally for the purpose

Re: Had trouble building libtcnative [openssl]

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 All, On 5/8/17 2:23 PM, Christopher Schultz wrote: > All, > > I'm trying to do a complete test of 8.5.15 (candidate) and I can't > seem to build tcnative because of the OpenSSL dependency. > > On my system, I'

Re: Had trouble building libtcnative [openssl]

Rainer, On 5/8/17 5:00 PM, Rainer Jung wrote: > Hi Chris, > > Am 08.05.2017 um 20:23 schrieb Christopher Schultz: >> I'm trying to do a complete test of 8.5.15 (candidate) and I can't >> seem to build tcnative because of the OpenSSL dependency. >> >

Re: [VOTE] Release Apache Tomcat 8.5.15

Mark, On 5/5/17 7:38 AM, Mark Thomas wrote: > The proposed Apache Tomcat 8.5.15 release is now available for voting. > > The major changes compared to the 8.5.13 release are: > > - Various improvements to the handling of static custom error pages > > - Update to Eclipse JDT Compiler 4.6.3 > >

Re: Timescale for 8.0.x EOL

ixed. There are one or two things that could be changed in Tomcat 8.5.x to improve the current situation. 3. A migration guide pointing-out those items which can lead to Tomcat 8.5.x not being a drop-in replacement for Tomcat 8.0.x would be greatly appreciated. Chris Schultz has graciously been vol

Proposal to remove AjpApr connector

All, At ApacheCon, a few of us were talking about things that could be removed in upcoming versions of Tomcat. The issue of connectors came up, and I was thinking that there doesn't seem to be a reason to have an AjpApr connector any more. The APR flavor of the AJP connector was only useful when

Need a BZ keyword for "this bug can be done by a newbie"

All, I thought there was a BZ keyword for this, but there isn't. I've just created an enhancement in BZ[1] that should be left for someone looking to submit a small patch, and I'd like to attach such a keyword to this bug. Could someone with BZ karma add an appropriate keyword to BZ and, possibly

Re: svn commit: r1765995 - /tomcat/trunk/test/org/apache/catalina/nonblocking/TestNonBlockingAPI.java

Violeta, On 10/27/16 7:28 AM, Violeta Georgieva wrote: > Hi, > > 2016-10-27 13:53 GMT+03:00 Rémy Maucherat : >> >> 2016-10-23 8:22 GMT+02:00 Violeta Georgieva : >> >>> Hi Remy, >>> >>> 2016-10-21 15:11 GMT+03:00 Rémy Maucherat : 2016-10-21 13:21 GMT+02:00 : > Author: violetagg

Re: [VOTE] Release Apache Tomcat 8.5.7

Mark, On 11/2/16 10:15 AM, Mark Thomas wrote: > The proposed Apache Tomcat 8.5.7 release is now available for voting. > > The major changes compared to the 8.5.6 release are: > > > - Implement header limits for HTTP/2 > > - Improve handling of I/O errors with async processing > > - Fail earli

Re: svn commit: r1767903 - /tomcat/trunk/java/org/apache/catalina/connector/OutputBuffer.java

Violetta, On 11/3/16 11:11 AM, violet...@apache.org wrote: > Author: violetagg > Date: Thu Nov 3 15:11:18 2016 > New Revision: 1767903 > > URL: http://svn.apache.org/viewvc?rev=1767903&view=rev > Log: > Set the buffer size if it is above the one specified when OutputBuffer object > was created.

Re: svn commit: r1767903 - /tomcat/trunk/java/org/apache/catalina/connector/OutputBuffer.java

Violeta, On 11/3/16 12:43 PM, Violeta Georgieva wrote: > 2016-11-03 18:37 GMT+02:00 Christopher Schultz > : >> >> Violetta, >> >> On 11/3/16 11:11 AM, violet...@apache.org wrote: >>> Author: violetagg >>> Date: Thu Nov 3 15:11:18 2016 >>>

Re: [VOTE] Release Apache Tomcat 8.5.7

Felix, On 11/3/16 10:43 AM, Felix Schumacher wrote: > Hi all, > > change r1767357 broke ajp connector with an executor. > > Tomcat fails to set the thread priority, since the ajp connector > reports a default priority of -1 and Thread#setPriority will throw an > IAE in line 583 of AbstractProtoc

Re: Incoming refactoring

Mark, On 12/13/16 6:24 AM, Mark Thomas wrote: > Hi, > > Just a heads up that - assuming the currently running tests pass - I'll > be committing a batch of connector refactoring changes. The general aim > of these changes is: > > - Reduce the duplication of configuration between Protocol and Proc

Tomcat can report that a request-processing thread was started by an application?

All, I was browsing the Tomcat-related questions on SO and I noticed this one: http://stackoverflow.com/questions/41223141/threads-in-tomcat-memory-leaks The poster shows a snip of his error log which says this: дек 19, 2016 12:25:10 AM org.apache.catalina.loader.WebappClassLoaderBase clearRefe

Re: Wrong type of the value of javax.servlet.error.exception_type

Martin, On 1/6/17 8:23 AM, Martin Grigorov wrote: > I've just upgraded my local/development Tomcat to 8.5.10 and I've hit a > problem in Apache Wicket: > > java.lang.ClassCastException: java.lang.String cannot be cast to > java.lang.Class > at > org.apache.wicket.protocol.http.servlet.ErrorAttrib

Re: Need to consider a replacement for */ in WAR URLs

Mark, On 1/16/17 6:24 AM, Mark Thomas wrote: > For the background see: > https://github.com/spring-projects/spring-boot/issues/7949 > > The short version is: > > * is seen as a wild card in some environments. > > The options are: > $ & ' ( ) * , - . : ; @ _ ~ > (all followed by /) Obviously yo

Re: Dynamic reloading of SSL certificates

Mark and Emmanuel, On 1/23/17 5:01 AM, Mark Thomas wrote: > On 23/01/2017 09:36, Emmanuel Bourg wrote: >> Hi all, >> >> With the fast adoption of Let's Encrypt many people are interested in >> integrating it with Tomcat. A first step was to ensure that Tomcat can >> directly use the PEM certificat

Re: Publish snapshots from the Buidlbot

Mark, On 1/23/17 5:53 AM, Mark Thomas wrote: > I think it would be useful if we configured buildbot to publish > snapshots (probably as part of the daily build) to repository.a.o. > Therefore I have requested the appropriate credentials from infra and > when I have them I'll make the necessary cha

HTTP response reason phrases

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 All, I'm cross-posting dev@ and users@, but please only reply to dev@ if you'd like to get involved in this discussion. I'd like to openly-discuss r1702765 [1]. There have been some complaints on both users@ and dev@ and some BZ issues filed agains

Re: Publish snapshots from the Buidlbot

Mark, On 1/24/17 12:36 PM, Mark Thomas wrote: > On 24/01/2017 16:31, Christopher Schultz wrote: >> Mark, >> >> On 1/23/17 5:53 AM, Mark Thomas wrote: >>> I think it would be useful if we configured buildbot to publish >>> snapshots (probably as par

Re: HTTP response reason phrases

Romain, On 1/25/17 5:30 AM, Romain Manni-Bucau wrote: > 8.5 just being almost a N-1 spec version of tomcat 9 I think they should > stay aligned as much as possible. Yes, but 8.5 is a N+0 spec version of Tomcat 8.0. I think since Tomcat 8.5 is being pushed as the hurry-up upgrade for Tomcat 8.0, i

Re: [POLL] Will you be at ApacheCon NA 2017?

All, For completeness. On 1/24/17 10:46 AM, Mark Thomas wrote: > I will be attending ApacheCon NA: > > [ X ] Yes > > If attending, I would be willing to present a session at TomcatCon: > > [ X ] Yes signature.asc Description: OpenPGP digital signature

Re: svn commit: r1780569 - in /tomcat/site/trunk: docs/conference.html xdocs/conference.xml

Mark, On 1/27/17 10:18 AM, Mark Thomas wrote: > On 27/01/2017 15:13, ma...@apache.org wrote: >> Author: markt >> Date: Fri Jan 27 15:13:26 2017 >> New Revision: 1780569 >> >> URL: http://svn.apache.org/viewvc?rev=1780569&view=rev >> Log: >> Add a page for TomcatCon > > Improvements welcome. I put

Re: svn commit: r1780609 - in /tomcat/trunk: java/org/apache/tomcat/util/http/parser/Cookie.java test/org/apache/tomcat/util/http/TestCookies.java

Mark, On 1/27/17 4:02 PM, ma...@apache.org wrote: > Author: markt > Date: Fri Jan 27 21:02:08 2017 > New Revision: 1780609 > > URL: http://svn.apache.org/viewvc?rev=1780609&view=rev > Log: > Follow-up to r1780606 > Ensure RFC2109 cookie is created with correct version > > Modified: > tomcat/

Fwd: ApacheCon Jwala talk

:ApacheCon Jwala talk Date: Tue, 7 Feb 2017 23:45:46 + From: Ger,Steven To: Christopher Schultz About to submit this but wanted to run it by you first. What do you think? /(We renamed TOC, Tomcat Operations Center, to Jwala in honor of our internal release name … and thought

Re: jdbc pool: validationQuery vs Connection.isValid

Julian, On 1/5/16 9:25 AM, Julian Reschke wrote: > Hi there, > > maybe that's a stupid question, but why do we need a configurable > validationQuery when there's > > Connection.isValid(...) > > Because not

Re: jdbc pool jmx enhancements

Anthony, On 12/23/15 6:16 PM, Anthony Biacco wrote: > I'm testing a move from dbcp2 pooling to tomcat's built in pooling. Note that, technically, Tomcat builds both DBCP2 and tomcat-pool into Tomcat releases. > I'm using tomcat 8.0.30. > > Looking through the jmx mbeans i did not see the Borrowe

Re: jdbc pool: validationQuery vs Connection.isValid

Julian, On 1/6/16 7:42 AM, Julian Reschke wrote: > On 2016-01-06 00:06, Christopher Schultz wrote: >> Julian, >> >> On 1/5/16 9:25 AM, Julian Reschke wrote: >>> Hi there, >>> >>> maybe that's a stupid question, but why do we

Re: [PROPOSAL] Manager behaviour clarification for 9.0.x

Mark, On 1/8/16 7:33 AM, Mark Thomas wrote: > I've been looking at the relationship between a Context and its Manager > and I have identified some inconsistencies in the underlying assumptions > on which the code is based. > > A. Context is always set > In some places the code carefully checks to

Client certificate checking

All, I've been lazily looking at this issue on SO: http://stackoverflow.com/questions/33688020 I haven't independently verified that Tomcat (or the JRE, more likely) validates expired certificates but I can see arguments in favor of both behaviors: 1. If the client cert (not an intermediate) is

Re: dropping windows ia64 in Tomcat6

Jean-Frederic, On 1/11/16 2:03 AM, jean-frederic clere wrote: > I would like to drop Itanium support in the windows binaries, we have > dropped it in native 1.1.34 so we can't have a complete Itanium in > Tomcat 6.0.45. > > Comments? -0 Users can still use earlier versions of tcnative that supp

Re: svn commit: r1724533 - /tomcat/native/trunk/native/src/ssl.c

Bill, On 1/13/16 9:25 PM, billbar...@apache.org wrote: > Author: billbarker > Date: Thu Jan 14 02:25:19 2016 > New Revision: 1724533 > > URL: http://svn.apache.org/viewvc?rev=1724533&view=rev > Log: > CRYPTO_malloc_init has been removed from OpenSSL master > > Modified: > tomcat/native/trunk

Re: svn commit: r1725201 - /tomcat/trunk/java/org/apache/catalina/session/StandardManager.java

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 All, On 1/18/16 5:30 AM, Mark Thomas wrote: > On 18/01/2016 09:24, Rémy Maucherat wrote: >> 2016-01-18 10:17 GMT+01:00 : >> >>> Author: markt Date: Mon Jan 18 09:17:13 2016 New Revision: >>> 1725201 >>> >>> URL: http://svn.apache.org/viewvc?rev=1725

Re: svn commit: r1725910 - /tomcat/trunk/webapps/docs/changelog.xml

Mark, On 1/21/16 6:40 AM, ma...@apache.org wrote: > Author: markt > Date: Thu Jan 21 11:40:47 2016 > New Revision: 1725910 > > URL: http://svn.apache.org/viewvc?rev=1725910&view=rev > Log: > Update changelog > > Modified: > tomcat/trunk/webapps/docs/changelog.xml > > Modified: tomcat/trunk/

Re: TC WebappClassLoaderBase bottleneck in filter()

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 All, On 1/25/16 5:23 AM, Mark Thomas wrote: > On 25/01/2016 09:32, Rainer Jung wrote: >> Hi Konstantin, >> >> thanks for the feedback. More inline. >> >> Am 25.01.2016 um 03:51 schrieb Konstantin Kolinko: >>> 2016-01-23 15:17 GMT+03:00 Rainer Jung >

Re: [VOTE] Release Apache Tomcat 8.0.32

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Mark, On 2/3/16 4:05 AM, Mark Thomas wrote: > The proposed Apache Tomcat 8.0.32 release is now available for > voting. > > The main changes since 8.0.30 are: > > - Restore the default for mapperContextRootRedirectEnabled to true > > - Update the pa

Re: [VOTE] Release Apache Tomcat 8.0.32

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 All, On 2/3/16 10:54 AM, Christopher Schultz wrote: > Mark, > > On 2/3/16 4:05 AM, Mark Thomas wrote: >> The proposed Apache Tomcat 8.0.32 release is now available for >> voting. > >> The main changes since 8.0.30 ar

Re: svn commit: r1713220 - /tomcat/native/trunk/native/src/sslcontext.c

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Jean-Frederic, On 11/8/15 5:34 AM, jfcl...@apache.org wrote: > Author: jfclere Date: Sun Nov 8 10:34:31 2015 New Revision: > 1713220 > > URL: http://svn.apache.org/viewvc?rev=1713220&view=rev Log: Allow > to use raw (well keystore) certificates and

Re: ELParser fiel of type LookaheadSuccess extends Error

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Rainer, On 2/3/16 10:48 AM, Rainer Jung wrote: > Hi there, > > ELParser has a field named jj_ls of type LookaheadSuccess which > extends Error. It is created during each instantiation of an > ELParser object. Creating an Error is quite slow, because

Re: [VOTE] Release Apache Tomcat 8.0.32

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Mark, On 2/3/16 1:01 PM, Mark Thomas wrote: > On 03/02/2016 16:00, Christopher Schultz wrote: >> All, >> >> On 2/3/16 10:54 AM, Christopher Schultz wrote: >>> Mark, >> >>> On 2/3/16 4:05 AM, Mark Thomas

Re: [VOTE] Release Apache Tomcat 8.0.32

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Mark, On 2/3/16 3:19 PM, Christopher Schultz wrote: > Mark, > > On 2/3/16 1:01 PM, Mark Thomas wrote: >> On 03/02/2016 16:00, Christopher Schultz wrote: >>> All, >>> >>> On 2/3/16 10:54 AM, Christopher Sch

Re: [VOTE] Release Apache Tomcat 8.0.32

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Mark, On 2/3/16 4:05 AM, Mark Thomas wrote: > The proposed Apache Tomcat 8.0.32 release is now available for > voting. > > The main changes since 8.0.30 are: > > - Restore the default for mapperContextRootRedirectEnabled to true > > - Update the pa

Re: [VOTE] Release Apache Tomcat 8.0.32

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Rainer, On 2/5/16 9:38 AM, Rainer Jung wrote: > Am 04.02.2016 um 23:44 schrieb Rainer Jung: >> Am 03.02.2016 um 10:05 schrieb Mark Thomas: >>> The proposed Apache Tomcat 8.0.32 release is now available for >>> voting. >>> >>> The main changes since 8

Re: svn commit: r1728676 - in /tomcat/trunk: java/org/apache/catalina/core/AprLifecycleListener.java webapps/docs/changelog.xml

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Rémy, On 2/5/16 12:54 PM, Rémy Maucherat wrote: > 2016-02-05 18:28 GMT+01:00 Mark Thomas : > >> Ah. Not sure how I managed to get confused on this. The name >> makes perfect sense in that case. >> > It must be a bad name for the flag since you got c

Re: [VOTE] Release Apache Tomcat 8.0.32

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Rainer, On 2/5/16 6:59 PM, Rainer Jung wrote: > Hi Chris, > > Am 05.02.2016 um 23:56 schrieb Christopher Schultz: >> -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 >> >> Rainer, >> >> On 2/5/16 9:38 AM, Rainer

Re: Fwd: website design

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Mark, On 2/7/16 1:21 PM, Mark Thomas wrote: > On 07/02/2016 16:37, rahul bhola wrote: >> Hi, I think i can help with this one >> https://helpwanted.apache.org/task.html?AVK1775LQSo5Erc4e4ld, i >> got some free time on me. Where is the code for the s

Re: JASPIC progress

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Mark, On 2/9/16 9:26 AM, Mark Thomas wrote: > On 09/02/2016 14:18, Rémy Maucherat wrote: >> 2016-02-09 15:04 GMT+01:00 Mark Thomas : > > > >>> Thoughts? Comments? >>> >> >> Thanks for the report. However, the more I thought about it, the >> more

Re: svn commit: r1729390 - in /tomcat/trunk: java/org/apache/catalina/authenticator/ webapps/docs/

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Mark, On 2/10/16 6:10 PM, Mark Thomas wrote: > On 09/02/2016 14:22, ma...@apache.org wrote: >> Author: markt Date: Tue Feb 9 14:22:29 2016 New Revision: >> 1729390 >> >> URL: http://svn.apache.org/viewvc?rev=1729390&view=rev Log: >> Refactor Authen

Re: NIO + JSSE + NIO + OpenSSL

Rémy, On 2/14/16 5:36 PM, Rémy Maucherat wrote: > 2016-02-14 22:45 GMT+01:00 Mark Thomas : > >> All, >> >> In preparation for the connector selection webinar next week, I just did >> a quick test of NIO + JSSE and NIO + OpenSSL. >> >> I was working with 9.0.x trunk including my JASPIC patch >> >>

Re: Context path: any technical reason to ignore it?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Romain, On 2/18/16 6:00 AM, Romain Manni-Bucau wrote: > On a personal side i tend to agree and like to have filesystem > aligned with the deployment but I have to admit I saw path usage in > META-INF/context.xml being quite large (in real deployments

Re: Context path: any technical reason to ignore it?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Romain, On 2/18/16 11:36 AM, Romain Manni-Bucau wrote: > 2016-02-18 17:20 GMT+01:00 Christopher Schultz > > : > > Romain, > > On 2/18/16 6:00 AM, Romain Manni-Bucau wrote: >>>> On a personal side i tend to agree

Re: svn commit: r1731953 - in /tomcat/trunk: build.properties.default webapps/docs/changelog.xml

Mark, On 2/23/16 4:41 PM, Mark Thomas wrote: > On 23/02/2016 21:33, Konstantin Kolinko wrote: >> 2016-02-23 23:50 GMT+03:00 : >>> Author: markt >>> Date: Tue Feb 23 20:50:28 2016 >>> New Revision: 1731953 >>> >>> URL: http://svn.apache.org/viewvc?rev=1731953&view=rev >>> Log: >>> Fix https://bz.a

Re: Tomcat 8.next

Rémy, On 2/25/16 8:52 AM, Rémy Maucherat wrote: > This has been hinted at in the past, but is not being discussed anymore. > > Possible options: > a) Release a new 8.x branch that would include the connectors from 9 to > support HTTP/2 [OpenSSL now allows realistic support without having to wait

Re: Tomcat Configuration Hardening

Dylan, This might be a better discussion for the users' list, but I'll keep it on dev for the time being. On 2/28/16 2:28 PM, Dylan Ayrey wrote: > I'm a security analyst at a company named Praetorian. When doing internal > network pentesting it is extremely common to find tomcat instances with >

Re: Tomcat 8.next

Mark, On 3/1/16 5:12 PM, Mark Thomas wrote: > To summarise where I think this discussion is going: > > - Create 8.5.x from 9.0.x with the following changes > - revert all changes to spec APIs I would argue that anything that has been added (in TC9) can stay; only revert the removals and possib

Re: Tomcat Configuration Hardening

Mark, On 3/3/16 3:35 PM, Mark Thomas wrote: > On 03/03/2016 15:36, Christopher Schultz wrote: >> Dylan, >> >> This might be a better discussion for the users' list, but I'll keep it >> on dev for the time being. >> >> On 2/28/16 2:28 PM, Dylan Ayr

Re: svn commit: r1734468 - in /tomcat/tc8.0.x/trunk: ./ java/org/apache/catalina/realm/JAASMemoryLoginModule.java webapps/docs/changelog.xml

Mark, On 3/10/16 5:03 PM, ma...@apache.org wrote: > Author: markt > Date: Thu Mar 10 22:03:44 2016 > New Revision: 1734468 > > URL: http://svn.apache.org/viewvc?rev=1734468&view=rev > Log: > Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=59154 > Fix a NullPointerException in the JASSMemoryLog

Re: Cloud clustering support using Kubernetes

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Rémy, On 10/3/18 09:48, Rémy Maucherat wrote: > Hi, > > As I talked about during the latest TomcatCon (and the previous one > in London actually ...), there's a cloud aware cluster members > provider that can be contributed to Tomcat. > > The curr

Re: Cloud clustering support using Kubernetes

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Rémy, On 10/4/18 05:26, Rémy Maucherat wrote: > On Wed, Oct 3, 2018 at 10:27 PM Christopher Schultz < > ch...@christopherschultz.net> wrote: > >> -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 >> >> Rémy, >&g

Re: Cloud clustering support using Kubernetes

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Rémy, On 10/4/18 13:29, Rémy Maucherat wrote: > On Thu, Oct 4, 2018 at 7:23 PM Christopher Schultz < > ch...@christopherschultz.net> wrote: > >> -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 >> >> Rémy, >&g

Re: svn commit: r1842849 - in /tomcat/trunk: java/org/apache/tomcat/jni/Library.java test/org/apache/tomcat/util/net/TesterSupport.java test/org/apache/tomcat/util/net/openssl/TestOpenSSLConf.java

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Mark, On 10/5/18 06:22, Mark Thomas wrote: > On 05/10/18 10:42, Rémy Maucherat wrote: >> On Fri, Oct 5, 2018 at 11:40 AM Mark Thomas >> wrote: >> >>> On 04/10/18 22:07, isa...@apache.org wrote: Author: isapir Date: Thu Oct 4 21:07:54 2018 Ne

Installed - NSIS vs MSI

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 All, Does anyone know why we are continuing to use Nullsoft's installer[1] to build Tomcat installers for Windows? It looks like Microsoft's MSI[2] is supported down to Windows 7, which is the latest supported version of their own OSs. Is "backward-

Re: TLSv1.3 and 9.0.next

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Mark, On 10/11/18 16:39, Mark Thomas wrote: > Hi, > > As you probably noticed I've been working on TLS 1.3 support, > building on Chris's work in BZ 62748. > > The current status is the Tomcat Native 1.2.x and Tomcat 9.0.x > support TLSv1.3 in any

For review: EncryptInterceptor for Cluster/Tribes

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 All, Can I get a technical review for (a) appropriateness and (b) technical implementation of the attached cluster interceptor? Let's assume for a moment that encryption is something worth adding to clustering and not argue that point. It should be

Re: For review: EncryptInterceptor for Cluster/Tribes

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Filip, On 10/23/18 12:19, Filip Hanik wrote: > On Tue, Oct 23, 2018 at 7:05 AM Christopher Schultz < > ch...@christopherschultz.net> wrote: > > All, > > Can I get a technical review for (a) appropriateness and (b) >

Re: For review: EncryptInterceptor for Cluster/Tribes

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 All, On 10/23/18 10:05, Christopher Schultz wrote: > Can I get a technical review for (a) appropriateness and (b) > technical implementation of the attached cluster interceptor? Let's > assume for a moment that encryption is somethin

Re: For review: EncryptInterceptor for Cluster/Tribes

if it works. Just configure the interceptor into your interceptor chain and set an encryption key (e.g. "cafebabecafebabe"). Thanks, - -chris On 10/23/18 16:14, Christopher Schultz wrote: > All, > > On 10/23/18 10:05, Christopher Schultz wrote: >> Can I get a technical

Re: For review: EncryptInterceptor for Cluster/Tribes

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Rémy, On 10/25/18 11:54, Rémy Maucherat wrote: > On Thu, Oct 25, 2018 at 5:15 PM Christopher Schultz < > ch...@christopherschultz.net> wrote: > >> -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 >> >> All, >&g

Re: For review: EncryptInterceptor for Cluster/Tribes

) method; thanks for clearing that up. I'll definitely add the MBean as well, even though I think it won't be very useful to use via JMX. Thanks, - -chris > 2018年10月26日(金) 1:08 Christopher Schultz > : > > Rémy, > > On 10/25/18 11:54, Rémy Maucherat wrote: >>>&

Re: For review: EncryptInterceptor for Cluster/Tribes

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Rémy et al, On 10/25/18 11:54, Rémy Maucherat wrote: > On Thu, Oct 25, 2018 at 5:15 PM Christopher Schultz < > ch...@christopherschultz.net> wrote: > >> -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 >> >> All,

Re: svn commit: r1845162 - /tomcat/trunk/java/org/apache/catalina/tribes/group/interceptors/EncryptInterceptor.java

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Mark, On 10/29/18 14:40, Mark Thomas wrote: > On 29/10/2018 18:40, ma...@apache.org wrote: >> Author: markt Date: Mon Oct 29 18:40:16 2018 New Revision: >> 1845162 >> >> URL: http://svn.apache.org/viewvc?rev=1845162&view=rev Log: Fix >> redundant a

Re: Mime types

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Rémy, On 10/31/18 12:37, Rémy Maucherat wrote: > There are two main contraptions in Tomcat that do (badly ...) > extension to mime type mapping: the shared web.xml and some > hardcoded stuff in startup.Tomcat. It would probably be good to unify all

Release Manager for 8.5.x

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 All, I'd like to volunteer to RM for the 8.5.x series. At ApacheCon in Montréal, markt indicated that he would certainly appreciate someone taking-over the great work that he has been doing as RM since the very first 8.5.x release. It's going to t

Re: Release Manager for 8.5.x

ail ke4qqq nick rbowen sctemme Also, should I create a new subkey of my current key[1] for signing-only, or should I create a completely new key for signing-only? Thanks, - -chris [1] https://pgp.mit.edu/pks/lookup?op=vindex&search=0xF3AD5C94A67F707E On 11/2/18 08:59, Christopher Schult

Re: Release Manager for 8.5.x

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Mark, On 11/2/18 10:04, Mark Thomas wrote: > On 02/11/2018 12:59, Christopher Schultz wrote: >> All, >> >> I'd like to volunteer to RM for the 8.5.x series. > > Excellent. > >> At ApacheCon in Montréal, m

Re: [GitHub] tomcat issue #131: qqq

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Mark, On 11/5/18 09:59, markt-asf wrote: > Github user markt-asf commented on the issue: > > https://github.com/apache/tomcat/pull/131 > > Spam. Reported to GitHub's abuse team. I went in to see if I could kill it myself. My GitHub id is Christop

Re: [VOTE] Release Apache Tomcat 8.5.35

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Mark, On 11/3/18 13:55, Mark Thomas wrote: > The proposed Apache Tomcat 8.5.35 release is now available for > voting. > > The major changes compared to the 8.5.34 release are: > > - support for TLSv1.3 when used with a JRE or OpenSSl version that

libtcnative w/custom OpenSSL on MacOS

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 All, I'm trying to run tests locally (macos mojave) with a custom openssl version. I have OpenSSL (installed via brew) in /usr/local/Cellar/openssl@1.1/1.1.1, and I've copied all these files into my Tomcat's bin/ directory, so this is what I have in

Re: libtcnative w/custom OpenSSL on MacOS

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 11/5/18 13:05, Rainer Jung wrote: > Hi Chris, > > Am 05.11.2018 um 18:44 schrieb Christopher Schultz: >> -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 >> >> All, >> >> I'm trying to run tests loc

Re: libtcnative w/custom OpenSSL on MacOS

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Mark, On 11/5/18 17:32, Mark Thomas wrote: > On 05/11/2018 19:48, Christopher Schultz wrote: >> On 11/5/18 13:05, Rainer Jung wrote: >>> Am 05.11.2018 um 18:44 schrieb Christopher Schultz: > > > >>>> What

Re: [VOTE] Release Apache Tomcat 8.5.35

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Emmanuel, On 11/6/18 09:00, Emmanuel Bourg wrote: > Le 06/11/2018 à 12:44, Mark Thomas a écrit : > >> Should be fixed now. > >> There were some robustness fixes in 9.0.x that had not been >> back-ported. I've just done that. > > I confirm it work

Re: [VOTE] Release Apache Tomcat 8.5.35

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Mark, On 11/6/18 09:22, Mark Thomas wrote: > On 06/11/2018 14:14, Christopher Schultz wrote: >> Emmanuel, >> >> On 11/6/18 09:00, Emmanuel Bourg wrote: >>> Le 06/11/2018 à 12:44, Mark Thomas a écrit : >> >

Building (and running) Tomcat on MacOS

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 All, Periodically, some folks ask how to get Tomcat running on MacOS. In order to fully-test the most recent version of Tomcat 8.5.x being voted on, I built a new environment on my Mac from scratch and documented everything. I put all of my notes i

Re: Threads

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Rémy, On 10/15/18 10:49, Rémy Maucherat wrote: > Hi, > > Looking at threads since there's a proliferation of executors and > loose threads, I notice a possible refactoring: - > start/stopExecutor is an obvious target, but by default is not > there.

Re: Threads

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Rémy, On 11/6/18 11:06 AM, Rémy Maucherat wrote: > On Tue, Nov 6, 2018 at 4:18 PM Christopher Schultz < > ch...@christopherschultz.net> wrote: > >> This reply is quite late, I'm sorry for that. >> >> I&

Does there exist a download URL that will redirect me to a mirror?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 All, Does ASF host a web service that I can hit that requests a download of a particular resource, but first to redirect to a mirror? If I go to e.g. https://tomcat.apache.org/download-90.cgi, I'll get a bunch of links that point to a randomly-chos

Release script for Tomcat 8.5.x

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 All, I've been working this afternoon on a Powershell script to do pretty much everything for a release. I chose Powershell because (a) I will have to operate on Windows for releases until I get NSIS working elsewhere and (b) batch scripts are The W

Re: Release script for Tomcat 8.5.x

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Konstantin, On 11/7/18 04:28, Konstantin Kolinko wrote: > ср, 7 нояб. 2018 г. в 1:50, Christopher Schultz > : >> All, >> >> I've been working this afternoon on a Powershell script to do >> pretty much everythin

Re: Release script for Tomcat 8.5.x

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Chuck, On 11/6/18 22:40, Caldarale, Charles R wrote: >> From: Christopher Schultz [mailto:ch...@christopherschultz.net] >> Subject: Release script for Tomcat 8.5.x > >> It's downloading everything it needs (ex

Re: Release script for Tomcat 8.5.x

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Emmanuel, On 11/7/18 08:09, Emmanuel Bourg wrote: > Le 07/11/2018 à 10:28, Konstantin Kolinko a écrit : > >> If I cannot do something with a batch script, I write a shell >> (bash) script and run it with git-bash from Git for Windows. > > There is

Re: Release script for Tomcat 8.5.x

e job. If so, I'm pretty happy with the results :) Thanks, - -chris On 11/6/18 5:50 PM, Christopher Schultz wrote: > All, > > I've been working this afternoon on a Powershell script to do > pretty much everything for a release. I chose Powershell because > (a) I will

L10n / I18n

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Mark, (Looks like this message wasn't delivered the first time) On 11/7/18 5:36 PM, Mark Thomas wrote: > Hi, > > After looking at bug 62843, I got thinking about tools to help > manage translations from contributors. Something that would show >

Re: L10n / I18n

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Mark, On 11/7/18 5:36 PM, Mark Thomas wrote: > Hi, > > After looking at bug 62843, I got thinking about tools to help > manage translations from contributors. Something that would show > the key, the original value and the translated value side by

Re: [OT] L10n / I18n

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 All, I've tried to post to this thread a few times, but I never see the messages arriving on the list. Moderated? They do include a two HTTP URLs, but that hasn't seemed to stop messages in the past... Thanks, - -chris On 11/8/18 17:30, Emmanuel B

Re: JDK 12 , JDK 8u202 & Project Panama Early-Access builds available

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 All, On 11/9/18 07:38, Mark Thomas wrote: > On 09/11/2018 10:57, Rory O'Donnell wrote: > > > >> *Project Panama Early-Access build 0 ***is available at : - >> http://jdk.java.net/panama/ > > This looks interesting. If I am reading the informati

Re: AccessLogValve using STDOUT

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Romain, On 11/11/18 05:57, Romain Manni-Bucau wrote: > I think the perf point is likely wrong. Default JUL handlers are > "slow" (the hypothesis being you log a lot but this is more > comparatively to others frameworks) but if you switch the handler

Security of cluster's EncryptInterceptor

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 All, I'd like a sanity-check on something I've done for the EncryptIntercepto r. I'm using CBC mode because any other mode makes no sense. Using ECB mode isn't evasive enough and the more elaborate ones require that both sides (encrypt/decrypt) agr

<    14   15   16   17   18   19   20   21   22   23   >