[Bug 57665] support x-forwarded-host
https://bz.apache.org/bugzilla/show_bug.cgi?id=57665 Michael Osipov changed: What|Removed |Added CC||micha...@apache.org --- Comment #19 from Michael Osipov --- Is there a reason why we don't have this in place already? One has to add "ProxyPreserveHost On" to make this work. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 63196] New: Add sane default value for RemoteIpValue#protocolHeader
https://bz.apache.org/bugzilla/show_bug.cgi?id=63196 Bug ID: 63196 Summary: Add sane default value for RemoteIpValue#protocolHeader Product: Tomcat 8 Version: 8.5.34 Hardware: All OS: All Status: NEW Severity: enhancement Priority: P2 Component: Catalina Assignee: dev@tomcat.apache.org Reporter: micha...@apache.org Target Milestone: protocolHeader field does not have a default value while it often talks about "X-Forwarded-Proto" and this is very popuplar one, like "X-Forwarded-By" or X-Forwaded-For". We should set it as default value to reduce use configuration for most cases. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 63196] Add sane default value for RemoteIpValue#protocolHeader
https://bz.apache.org/bugzilla/show_bug.cgi?id=63196 Michael Osipov changed: What|Removed |Added CC||micha...@apache.org -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: [VOTE] Release Apache Tomcat 7.0.93
На сб, 16.02.2019 г. в 19:41 ч. Violeta Georgieva написа: > > The proposed Apache Tomcat 7.0.93 release is now available for voting. > > It can be obtained from: > https://dist.apache.org/repos/dist/dev/tomcat/tomcat-7/v7.0.93/ > The Maven staging repo is: > https://repository.apache.org/content/repositories/orgapachetomcat-1204/ > The svn tag is: > http://svn.apache.org/repos/asf/tomcat/tc7.0.x/tags/TOMCAT_7_0_93/ > > The proposed 7.0.93 release is: > [ ] Broken - do not release > [X] Stable - go ahead and release as 7.0.93 Stable Regards, Violeta >
svn commit: r32578 - /dev/tomcat/tomcat-7/v7.0.93/ /release/tomcat/tomcat-7/v7.0.93/
Author: violetagg Date: Thu Feb 21 15:22:10 2019 New Revision: 32578 Log: Release Tomcat 7.0.93 Added: release/tomcat/tomcat-7/v7.0.93/ - copied from r32577, dev/tomcat/tomcat-7/v7.0.93/ Removed: dev/tomcat/tomcat-7/v7.0.93/ - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 63195] New: Add easy way to test RemoteIpValve works properly
https://bz.apache.org/bugzilla/show_bug.cgi?id=63195
Bug ID: 63195
Summary: Add easy way to test RemoteIpValve works properly
Product: Tomcat 8
Version: 8.5.34
Hardware: All
OS: All
Status: NEW
Severity: enhancement
Priority: P2
Component: Catalina
Assignee: dev@tomcat.apache.org
Reporter: micha...@apache.org
Target Milestone:
Sometimes you don't know whether the valve is properly working. You always need
to write custom code to check that, e.g., I did this:
> public class RemoteIpTesterServlet extends HttpServlet {
>
> private static final long serialVersionUID = 1L;
>
> @Override
> protected void doGet(HttpServletRequest req, HttpServletResponse resp)
> throws ServletException, IOException {
> PrintWriter pw = resp.getWriter();
> pw.print("request.remoteAddr: ");
> pw.println(req.getRemoteAddr());
> pw.print("request.remotePort: ");
> pw.println(req.getRemotePort());
> pw.print("request.header['x-forwarded-for']: ");
> pw.println(req.getHeader("X-Forwarded-For"));
> pw.print("request.header['x-forwarded-host']: ");
> pw.println(req.getHeader("X-Forwarded-Host"));
> pw.print("request.header['x-forwarded-proto']: ");
> pw.println(req.getHeader("X-Forwarded-Proto"));
> pw.print("request.scheme: ");
> pw.println(req.getScheme());
> pw.print("request.secure: ");
> pw.println(req.isSecure());
> pw.print("request.serverName: ");
> pw.println(req.getServerName());
> pw.print("request.serverPort: ");
> pw.println(req.getServerPort());
> }
> }
>
People are over and over reinventing the wheel. We could solve this in two
ways:
By adding a org.apache.catalina.servlets: RemoteIpTesterServlet or some status
mountpoint to RemoveIpValve which will instead of invoking getNext().invoke()
print this information to the response.
--
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 63195] Add easy way to test RemoteIpValve works properly
https://bz.apache.org/bugzilla/show_bug.cgi?id=63195 Michael Osipov changed: What|Removed |Added CC||micha...@apache.org -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 63195] Add easy way to test RemoteIpValve works properly
https://bz.apache.org/bugzilla/show_bug.cgi?id=63195 Christopher Schultz changed: What|Removed |Added Status|NEW |NEEDINFO --- Comment #1 from Christopher Schultz --- What about webapps/examples/jsp/snp/snoop.jsp? I don't even understand what this enhancement request is. Why is it up to Tomcat to verify that the user's configuration is "[working] properly"? -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1854054 - in /tomcat/trunk/test/org/apache/tomcat/util/net: TestSSLHostConfigCompat.java TesterSupport.java
Author: markt
Date: Thu Feb 21 14:44:58 2019
New Revision: 1854054
URL: http://svn.apache.org/viewvc?rev=1854054=rev
Log:
Expand the TLS tests to cover RSA and/or EC certificates on the server with
clients specifying RSA and/or EC cipher suites
Modified:
tomcat/trunk/test/org/apache/tomcat/util/net/TestSSLHostConfigCompat.java
tomcat/trunk/test/org/apache/tomcat/util/net/TesterSupport.java
Modified:
tomcat/trunk/test/org/apache/tomcat/util/net/TestSSLHostConfigCompat.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/test/org/apache/tomcat/util/net/TestSSLHostConfigCompat.java?rev=1854054=1854053=1854054=diff
==
--- tomcat/trunk/test/org/apache/tomcat/util/net/TestSSLHostConfigCompat.java
(original)
+++ tomcat/trunk/test/org/apache/tomcat/util/net/TestSSLHostConfigCompat.java
Thu Feb 21 14:44:58 2019
@@ -38,6 +38,7 @@ import org.apache.catalina.startup.Tomca
import org.apache.catalina.startup.TomcatBaseTest;
import org.apache.tomcat.util.buf.ByteChunk;
import org.apache.tomcat.util.net.SSLHostConfigCertificate.Type;
+import org.apache.tomcat.util.net.TesterSupport.ClientSSLSocketFactory;
/*
* Tests compatibility of JSSE and OpenSSL settings.
@@ -75,31 +76,141 @@ public class TestSSLHostConfigCompat ext
@Test
public void testHostECPEM() throws Exception {
-
sslHostConfig.setCertificateFile(getPath(TesterSupport.LOCALHOST_EC_CERT_PEM));
-
sslHostConfig.setCertificateKeyFile(getPath(TesterSupport.LOCALHOST_EC_KEY_PEM));
+configureHostECPEM();
doTest();
}
@Test
public void testHostRSAPEM() throws Exception {
-
sslHostConfig.setCertificateFile(getPath(TesterSupport.LOCALHOST_RSA_CERT_PEM));
-
sslHostConfig.setCertificateKeyFile(getPath(TesterSupport.LOCALHOST_RSA_KEY_PEM));
+configureHostRSAPEM();
doTest();
}
@Test
-public void testHostRSAandECPEM() throws Exception {
+public void testHostRSAandECPEMwithDefaultClient() throws Exception {
+configureHostRSAPEM();
+configureHostECPEM();
+doTest();
+}
+
+
+@Test
+public void testHostRSAandECPEMwithRSAClient() throws Exception {
+configureHostRSAPEM();
+configureHostECPEM();
+
+// Configure cipher suite that requires an RSA certificate on the
server
+ClientSSLSocketFactory clientSSLSocketFactory =
TesterSupport.configureClientSsl();
+clientSSLSocketFactory.setCipher(new String[]
{"TLS_DHE_RSA_WITH_AES_256_GCM_SHA384"});
+
+doTest(false);
+}
+
+
+@Test
+public void testHostRSAandECPEMwithECClient() throws Exception {
+configureHostRSAPEM();
+configureHostECPEM();
+
+// Configure cipher suite that requires an EC certificate on the server
+ClientSSLSocketFactory clientSSLSocketFactory =
TesterSupport.configureClientSsl();
+clientSSLSocketFactory.setCipher(new String[]
{"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384"});
+
+doTest(false);
+}
+
+
+@Test
+public void testHostRSAwithRSAClient() throws Exception {
+configureHostRSAPEM();
+
+// Configure cipher suite that requires an RSA certificate on the
server
+ClientSSLSocketFactory clientSSLSocketFactory =
TesterSupport.configureClientSsl();
+clientSSLSocketFactory.setCipher(new String[]
{"TLS_DHE_RSA_WITH_AES_256_GCM_SHA384"});
+
+doTest(false);
+}
+
+
+@Test(expected=javax.net.ssl.SSLHandshakeException.class)
+public void testHostRSAwithECClient() throws Exception {
+configureHostRSAPEM();
+
+// Configure cipher suite that requires an EC certificate on the server
+ClientSSLSocketFactory clientSSLSocketFactory =
TesterSupport.configureClientSsl();
+clientSSLSocketFactory.setCipher(new String[]
{"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384"});
+
+doTest(false);
+}
+
+
+@Test
+public void testHostRSAwithRSAandECClient() throws Exception {
+configureHostRSAPEM();
+
+// Configure cipher suite that requires an EC certificate on the server
+ClientSSLSocketFactory clientSSLSocketFactory =
TesterSupport.configureClientSsl();
+clientSSLSocketFactory.setCipher(new String[] {
+"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384",
+"TLS_DHE_RSA_WITH_AES_256_GCM_SHA384"});
+
+doTest(false);
+}
+
+
+@Test(expected=javax.net.ssl.SSLHandshakeException.class)
+public void testHostECPEMwithRSAClient() throws Exception {
+configureHostECPEM();
+
+// Configure cipher suite that requires an RSA certificate on the
server
+ClientSSLSocketFactory clientSSLSocketFactory =
TesterSupport.configureClientSsl();
+clientSSLSocketFactory.setCipher(new String[]
{"TLS_DHE_RSA_WITH_AES_256_GCM_SHA384"});
+
+doTest(false);
+}
+
+
+@Test
+public void
svn commit: r1854056 - in /tomcat/tc8.5.x/trunk: ./ test/org/apache/tomcat/util/net/TestSSLHostConfigCompat.java test/org/apache/tomcat/util/net/TesterSupport.java
Author: markt Date: Thu Feb 21 14:59:25 2019 New Revision: 1854056 URL: http://svn.apache.org/viewvc?rev=1854056=rev Log: Expand the TLS tests to cover RSA and/or EC certificates on the server with clients specifying RSA and/or EC cipher suites. (Requires Java 8) Modified: tomcat/tc8.5.x/trunk/ (props changed) tomcat/tc8.5.x/trunk/test/org/apache/tomcat/util/net/TestSSLHostConfigCompat.java tomcat/tc8.5.x/trunk/test/org/apache/tomcat/util/net/TesterSupport.java Propchange: tomcat/tc8.5.x/trunk/ -- --- svn:mergeinfo (original) +++ svn:mergeinfo Thu Feb 21 14:59:25 2019 @@ -1,2 +1,2 @@ /tomcat/tc8.0.x/trunk:1809644 -/tomcat/trunk:1734785,1734799,1734845,1734928,1735041,1735044,1735480,1735577,1735597,1735599-1735600,1735615,1736145,1736162,1736209,1736280,1736297,1736299,1736489,1736646,1736703,1736836,1736849,1737104-1737105,1737112,1737117,1737119-1737120,1737155,1737157,1737192,1737280,1737339,1737632,1737664,1737715,1737748,1737785,1737834,1737860,1737903,1737959,1738005,1738007,1738014-1738015,1738018,1738022,1738039,1738043,1738059-1738060,1738147,1738149,1738174-1738175,1738261,1738589,1738623-1738625,1738643,1738816,1738850,1738855,1738946-1738948,1738953-1738954,1738979,1738982,1739079-1739081,1739087,1739113,1739153,1739172,1739176,1739191,1739474,1739492,1739726,1739762,1739775,1739814,1739817-1739818,1739975,1740131,1740324,1740465,1740495,1740508-1740509,1740520,1740535,1740707,1740803,1740810,1740969,1740980,1740991,1740997,1741015,1741033,1741036,1741058,1741060,1741080,1741147,1741159,1741164,1741173,1741181,1741190,1741197,1741202,1741208,1741213,1741221,1741225,1741232,1741409 ,1741501,1741677,1741892,1741896,1741984,1742023,1742042,1742071,1742090,1742093,1742101,1742105,1742111,1742139,1742146,1742148,1742166,1742181,1742184,1742187,1742246,1742248-1742251,1742263-1742264,1742268,1742276,1742369,1742387,1742448,1742509-1742512,1742917,1742919,1742933,1742975-1742976,1742984,1742986,1743019,1743115,1743117,1743124-1743125,1743134,1743425,1743554,1743679,1743696-1743698,1743700-1743701,1744058,1744064-1744065,1744125,1744149,1744194,1744229,1744270,1744323,1744432,1744684,1744697,1744705,1744713,1744760,1744786,1745083,1745142-1745143,1745145,1745177,1745179-1745180,1745227,1745248,1745254,1745337,1745467,1745473,1745535,1745576,1745735,1745744,1746304,1746306-1746307,1746319,1746327,1746338,1746340-1746341,1746344,1746427,1746441,1746473,1746490,1746492,1746495-1746496,1746499-1746501,1746503-1746507,1746509,1746549,1746551,1746554,1746556,1746558,1746584,1746620,1746649,1746724,1746939,1746989,1747014,1747028,1747035,1747210,1747225,1747234,1747253,1747 404,1747506,1747536,1747924,1747980,1747993,1748001,1748253,1748452,1748547,1748629,1748676,1748715,1749287,1749296,1749328,1749373,1749465,1749506,1749508,1749665-1749666,1749763,1749865-1749866,1749898,1749978,1749980,1750011,1750015,1750056,1750480,1750617,1750634,1750692,1750697,1750700,1750703,1750707,1750714,1750718,1750723,1750774,1750899,1750975,1750995,1751061,1751097,1751173,1751438,1751447,1751463,1751702,1752212,1752737,1752745,1753078,1753080,1753358,1753363,1754111,1754140-1754141,1754281,1754310,1754445,1754467,1754494,1754496,1754528,1754532-1754533,1754613,1754714,1754874,1754941,1754944,1754950-1754951,1755005,1755007,1755009,1755132,1755180-1755181,1755185,1755190,1755204-1755206,1755208,1755214,1755224,1755227,1755230,1755629,1755646-1755647,1755650,1755653,1755675,1755680,1755683,1755693,1755717,1755731-1755737,1755812,1755828,1755884,1755890,1755918-1755919,1755942,1755958,1755960,1755970,1755993,1756013,1756019,1756039,1756056,1756083-1756114,1756175,1756288-1 756289,1756408-1756410,1756778,1756798,1756878,1756898,1756939,1757123-1757124,1757126,1757128,1757132-1757133,1757136,1757145,1757167-1757168,1757175,1757180,1757182,1757195,1757271,1757278,1757347,1757353-1757354,1757363,1757374,1757399,1757406,1757408,1757485,1757495,1757499,1757527,1757578,1757684,1757722,1757727,1757790,1757799,1757813,1757853,1757883,1757903,1757976,1757997,1758000,1758058,1758072-1758075,1758078-1758079,1758223,1758257,1758261,1758276,1758292,1758369,1758378-1758383,1758421,1758423,1758425-1758427,1758430,1758443,1758448,1758459,1758483,1758486-1758487,1758499,1758525,1758556,1758580,1758582,1758584,1758588,1758842,1759019,1759212,1759224,1759227,1759252,1759274,1759513-1759516,1759611,1759757,1759785-1759790,1760005,1760022,1760109-1760110,1760135,1760200-1760201,1760227,1760300,1760397,1760446,1760454,1760640,1760648,1761057,1761422,1761491,1761498,1761500-1761501,1761550,1761553,1761572,1761574,1761625-1761626,1761628,1761682,1761740,1761752,1762051-176205
Re: [RESULT][VOTE] Release Apache Tomcat 7.0.93
Hi, На сб, 16.02.2019 г. в 19:41 ч. Violeta Georgieva написа: > > The proposed Apache Tomcat 7.0.93 release is now available for voting. > > It can be obtained from: > https://dist.apache.org/repos/dist/dev/tomcat/tomcat-7/v7.0.93/ > The Maven staging repo is: > https://repository.apache.org/content/repositories/orgapachetomcat-1204/ > The svn tag is: > http://svn.apache.org/repos/asf/tomcat/tc7.0.x/tags/TOMCAT_7_0_93/ > > The proposed 7.0.93 release is: > [ ] Broken - do not release > [ ] Stable - go ahead and release as 7.0.93 Stable +1 (binding):huxing, markt, remm, kkolinko, violetagg +1 (non-binding):isapir No other voters were cast. The vote has passed. I'll do the release shortly and announce it once the mirrors catch up. Regards, Violeta
svn commit: r1854025 - in /tomcat/trunk/java/org/apache/tomcat/util/net: AbstractJsseEndpoint.java SSLUtilBase.java jsse/JSSEUtil.java openssl/OpenSSLUtil.java
Author: markt
Date: Thu Feb 21 09:29:29 2019
New Revision: 1854025
URL: http://svn.apache.org/viewvc?rev=1854025=rev
Log:
Refactor creation of SSLContext to include configuration
Modified:
tomcat/trunk/java/org/apache/tomcat/util/net/AbstractJsseEndpoint.java
tomcat/trunk/java/org/apache/tomcat/util/net/SSLUtilBase.java
tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSEUtil.java
tomcat/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLUtil.java
Modified: tomcat/trunk/java/org/apache/tomcat/util/net/AbstractJsseEndpoint.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/net/AbstractJsseEndpoint.java?rev=1854025=1854024=1854025=diff
==
--- tomcat/trunk/java/org/apache/tomcat/util/net/AbstractJsseEndpoint.java
(original)
+++ tomcat/trunk/java/org/apache/tomcat/util/net/AbstractJsseEndpoint.java Thu
Feb 21 09:29:29 2019
@@ -109,7 +109,6 @@ public abstract class AbstractJsseEndpoi
SSLContext sslContext;
try {
sslContext = sslUtil.createSSLContext(negotiableProtocols);
-sslContext.init(sslUtil.getKeyManagers(),
sslUtil.getTrustManagers(), null);
} catch (Exception e) {
throw new IllegalArgumentException(e.getMessage(), e);
}
Modified: tomcat/trunk/java/org/apache/tomcat/util/net/SSLUtilBase.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/net/SSLUtilBase.java?rev=1854025=1854024=1854025=diff
==
--- tomcat/trunk/java/org/apache/tomcat/util/net/SSLUtilBase.java (original)
+++ tomcat/trunk/java/org/apache/tomcat/util/net/SSLUtilBase.java Thu Feb 21
09:29:29 2019
@@ -203,6 +203,14 @@ public abstract class SSLUtilBase implem
@Override
+public final SSLContext createSSLContext(List negotiableProtocols)
throws Exception {
+SSLContext sslContext = createSSLContextInternal(negotiableProtocols);
+sslContext.init(getKeyManagers(), getTrustManagers(), null);
+return sslContext;
+}
+
+
+@Override
public String[] getEnabledProtocols() {
return enabledProtocols;
}
@@ -217,4 +225,5 @@ public abstract class SSLUtilBase implem
protected abstract Log getLog();
protected abstract boolean isTls13Available();
protected abstract boolean isTls13RenegAuthAvailable();
+protected abstract SSLContext createSSLContextInternal(List
negotiableProtocols) throws Exception;
}
Modified: tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSEUtil.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSEUtil.java?rev=1854025=1854024=1854025=diff
==
--- tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSEUtil.java (original)
+++ tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSEUtil.java Thu Feb 21
09:29:29 2019
@@ -184,7 +184,8 @@ public class JSSEUtil extends SSLUtilBas
@Override
-public SSLContext createSSLContext(List negotiableProtocols)
throws NoSuchAlgorithmException {
+public SSLContext createSSLContextInternal(List
negotiableProtocols)
+throws NoSuchAlgorithmException {
return new JSSESSLContext(sslHostConfig.getSslProtocol());
}
Modified: tomcat/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLUtil.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLUtil.java?rev=1854025=1854024=1854025=diff
==
--- tomcat/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLUtil.java
(original)
+++ tomcat/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLUtil.java Thu
Feb 21 09:29:29 2019
@@ -84,10 +84,11 @@ public class OpenSSLUtil extends SSLUtil
@Override
-public SSLContext createSSLContext(List negotiableProtocols)
throws Exception {
+public SSLContext createSSLContextInternal(List
negotiableProtocols) throws Exception {
return new OpenSSLContext(certificate, negotiableProtocols);
}
+
@Override
public KeyManager[] getKeyManagers() throws Exception {
if (jsseUtil != null) {
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1854029 - in /tomcat/tc8.5.x/trunk: ./ java/org/apache/tomcat/util/net/ java/org/apache/tomcat/util/net/jsse/ java/org/apache/tomcat/util/net/openssl/
Author: markt Date: Thu Feb 21 09:54:19 2019 New Revision: 1854029 URL: http://svn.apache.org/viewvc?rev=1854029=rev Log: Refactor creation of SSLContext to include configuration Modified: tomcat/tc8.5.x/trunk/ (props changed) tomcat/tc8.5.x/trunk/java/org/apache/tomcat/util/net/AbstractJsseEndpoint.java tomcat/tc8.5.x/trunk/java/org/apache/tomcat/util/net/SSLUtilBase.java tomcat/tc8.5.x/trunk/java/org/apache/tomcat/util/net/jsse/JSSEUtil.java tomcat/tc8.5.x/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLUtil.java Propchange: tomcat/tc8.5.x/trunk/ -- --- svn:mergeinfo (original) +++ svn:mergeinfo Thu Feb 21 09:54:19 2019 @@ -1,2 +1,2 @@ /tomcat/tc8.0.x/trunk:1809644 -/tomcat/trunk:1734785,1734799,1734845,1734928,1735041,1735044,1735480,1735577,1735597,1735599-1735600,1735615,1736145,1736162,1736209,1736280,1736297,1736299,1736489,1736646,1736703,1736836,1736849,1737104-1737105,1737112,1737117,1737119-1737120,1737155,1737157,1737192,1737280,1737339,1737632,1737664,1737715,1737748,1737785,1737834,1737860,1737903,1737959,1738005,1738007,1738014-1738015,1738018,1738022,1738039,1738043,1738059-1738060,1738147,1738149,1738174-1738175,1738261,1738589,1738623-1738625,1738643,1738816,1738850,1738855,1738946-1738948,1738953-1738954,1738979,1738982,1739079-1739081,1739087,1739113,1739153,1739172,1739176,1739191,1739474,1739492,1739726,1739762,1739775,1739814,1739817-1739818,1739975,1740131,1740324,1740465,1740495,1740508-1740509,1740520,1740535,1740707,1740803,1740810,1740969,1740980,1740991,1740997,1741015,1741033,1741036,1741058,1741060,1741080,1741147,1741159,1741164,1741173,1741181,1741190,1741197,1741202,1741208,1741213,1741221,1741225,1741232,1741409 ,1741501,1741677,1741892,1741896,1741984,1742023,1742042,1742071,1742090,1742093,1742101,1742105,1742111,1742139,1742146,1742148,1742166,1742181,1742184,1742187,1742246,1742248-1742251,1742263-1742264,1742268,1742276,1742369,1742387,1742448,1742509-1742512,1742917,1742919,1742933,1742975-1742976,1742984,1742986,1743019,1743115,1743117,1743124-1743125,1743134,1743425,1743554,1743679,1743696-1743698,1743700-1743701,1744058,1744064-1744065,1744125,1744149,1744194,1744229,1744270,1744323,1744432,1744684,1744697,1744705,1744713,1744760,1744786,1745083,1745142-1745143,1745145,1745177,1745179-1745180,1745227,1745248,1745254,1745337,1745467,1745473,1745535,1745576,1745735,1745744,1746304,1746306-1746307,1746319,1746327,1746338,1746340-1746341,1746344,1746427,1746441,1746473,1746490,1746492,1746495-1746496,1746499-1746501,1746503-1746507,1746509,1746549,1746551,1746554,1746556,1746558,1746584,1746620,1746649,1746724,1746939,1746989,1747014,1747028,1747035,1747210,1747225,1747234,1747253,1747 404,1747506,1747536,1747924,1747980,1747993,1748001,1748253,1748452,1748547,1748629,1748676,1748715,1749287,1749296,1749328,1749373,1749465,1749506,1749508,1749665-1749666,1749763,1749865-1749866,1749898,1749978,1749980,1750011,1750015,1750056,1750480,1750617,1750634,1750692,1750697,1750700,1750703,1750707,1750714,1750718,1750723,1750774,1750899,1750975,1750995,1751061,1751097,1751173,1751438,1751447,1751463,1751702,1752212,1752737,1752745,1753078,1753080,1753358,1753363,1754111,1754140-1754141,1754281,1754310,1754445,1754467,1754494,1754496,1754528,1754532-1754533,1754613,1754714,1754874,1754941,1754944,1754950-1754951,1755005,1755007,1755009,1755132,1755180-1755181,1755185,1755190,1755204-1755206,1755208,1755214,1755224,1755227,1755230,1755629,1755646-1755647,1755650,1755653,1755675,1755680,1755683,1755693,1755717,1755731-1755737,1755812,1755828,1755884,1755890,1755918-1755919,1755942,1755958,1755960,1755970,1755993,1756013,1756019,1756039,1756056,1756083-1756114,1756175,1756288-1 756289,1756408-1756410,1756778,1756798,1756878,1756898,1756939,1757123-1757124,1757126,1757128,1757132-1757133,1757136,1757145,1757167-1757168,1757175,1757180,1757182,1757195,1757271,1757278,1757347,1757353-1757354,1757363,1757374,1757399,1757406,1757408,1757485,1757495,1757499,1757527,1757578,1757684,1757722,1757727,1757790,1757799,1757813,1757853,1757883,1757903,1757976,1757997,1758000,1758058,1758072-1758075,1758078-1758079,1758223,1758257,1758261,1758276,1758292,1758369,1758378-1758383,1758421,1758423,1758425-1758427,1758430,1758443,1758448,1758459,1758483,1758486-1758487,1758499,1758525,1758556,1758580,1758582,1758584,1758588,1758842,1759019,1759212,1759224,1759227,1759252,1759274,1759513-1759516,1759611,1759757,1759785-1759790,1760005,1760022,1760109-1760110,1760135,1760200-1760201,1760227,1760300,1760397,1760446,1760454,1760640,1760648,1761057,1761422,1761491,1761498,1761500-1761501,1761550,1761553,1761572,1761574,1761625-1761626,1761628,1761682,1761740,1761752,1762051-176205
Re: [VOTE] Release Apache Tomcat 7.0.93
сб, 16 февр. 2019 г. в 20:41, Violeta Georgieva : > > The proposed 7.0.93 release is: > [ ] Broken - do not release > [x] Stable - go ahead and release as 7.0.93 Stable > Tested all connectors with Java 6u45, 7u80 (32-bit), 8u202 (64-bit), OpenJDK 11u2 (64-bit) on Windows 10. No test failures with Java 7. The following tests failed with Java 6: * TEST-org.apache.catalina.startup.TestHostConfigAutomaticDeployment x All connectors This is a known and discussed bug of Java6u45 on Windows (failure to rename a file). * TEST-org.apache.tomcat.util.net.TestSsl.APR.txt Could not generate DH keypair. I guess that this is expected. The following tests failed with Java 8 and Java 11: * TEST-org.apache.tomcat.util.net.TestClientCert.BIO.txt * TEST-org.apache.tomcat.util.net.TestCustomSsl.BIO.txt * TEST-org.apache.tomcat.util.net.TestSsl x all connectors. All failed tests use TLS re-negotiation (e.g. with a Client certificate). I guess that this is expected. The following test failed with Java 11 (and is skipped when running on Java 8 and older): * TEST-org.apache.tomcat.util.net.TestClientCertTls13.APR.txt It looks that the test does not initialize Tomcat Native correctly. I filed an issue: https://bz.apache.org/bugzilla/show_bug.cgi?id=63194 Smoke testing with Java 8 and with Java 11 is OK. Best regards, Konstantin Kolinko - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1854042 - in /tomcat/tc8.5.x/trunk: ./ test/org/apache/tomcat/util/net/TestSSLHostConfigCompat.java
Author: markt Date: Thu Feb 21 11:45:34 2019 New Revision: 1854042 URL: http://svn.apache.org/viewvc?rev=1854042=rev Log: Add missing configuration Modified: tomcat/tc8.5.x/trunk/ (props changed) tomcat/tc8.5.x/trunk/test/org/apache/tomcat/util/net/TestSSLHostConfigCompat.java Propchange: tomcat/tc8.5.x/trunk/ -- --- svn:mergeinfo (original) +++ svn:mergeinfo Thu Feb 21 11:45:34 2019 @@ -1,2 +1,2 @@ /tomcat/tc8.0.x/trunk:1809644 -/tomcat/trunk:1734785,1734799,1734845,1734928,1735041,1735044,1735480,1735577,1735597,1735599-1735600,1735615,1736145,1736162,1736209,1736280,1736297,1736299,1736489,1736646,1736703,1736836,1736849,1737104-1737105,1737112,1737117,1737119-1737120,1737155,1737157,1737192,1737280,1737339,1737632,1737664,1737715,1737748,1737785,1737834,1737860,1737903,1737959,1738005,1738007,1738014-1738015,1738018,1738022,1738039,1738043,1738059-1738060,1738147,1738149,1738174-1738175,1738261,1738589,1738623-1738625,1738643,1738816,1738850,1738855,1738946-1738948,1738953-1738954,1738979,1738982,1739079-1739081,1739087,1739113,1739153,1739172,1739176,1739191,1739474,1739492,1739726,1739762,1739775,1739814,1739817-1739818,1739975,1740131,1740324,1740465,1740495,1740508-1740509,1740520,1740535,1740707,1740803,1740810,1740969,1740980,1740991,1740997,1741015,1741033,1741036,1741058,1741060,1741080,1741147,1741159,1741164,1741173,1741181,1741190,1741197,1741202,1741208,1741213,1741221,1741225,1741232,1741409 ,1741501,1741677,1741892,1741896,1741984,1742023,1742042,1742071,1742090,1742093,1742101,1742105,1742111,1742139,1742146,1742148,1742166,1742181,1742184,1742187,1742246,1742248-1742251,1742263-1742264,1742268,1742276,1742369,1742387,1742448,1742509-1742512,1742917,1742919,1742933,1742975-1742976,1742984,1742986,1743019,1743115,1743117,1743124-1743125,1743134,1743425,1743554,1743679,1743696-1743698,1743700-1743701,1744058,1744064-1744065,1744125,1744149,1744194,1744229,1744270,1744323,1744432,1744684,1744697,1744705,1744713,1744760,1744786,1745083,1745142-1745143,1745145,1745177,1745179-1745180,1745227,1745248,1745254,1745337,1745467,1745473,1745535,1745576,1745735,1745744,1746304,1746306-1746307,1746319,1746327,1746338,1746340-1746341,1746344,1746427,1746441,1746473,1746490,1746492,1746495-1746496,1746499-1746501,1746503-1746507,1746509,1746549,1746551,1746554,1746556,1746558,1746584,1746620,1746649,1746724,1746939,1746989,1747014,1747028,1747035,1747210,1747225,1747234,1747253,1747 404,1747506,1747536,1747924,1747980,1747993,1748001,1748253,1748452,1748547,1748629,1748676,1748715,1749287,1749296,1749328,1749373,1749465,1749506,1749508,1749665-1749666,1749763,1749865-1749866,1749898,1749978,1749980,1750011,1750015,1750056,1750480,1750617,1750634,1750692,1750697,1750700,1750703,1750707,1750714,1750718,1750723,1750774,1750899,1750975,1750995,1751061,1751097,1751173,1751438,1751447,1751463,1751702,1752212,1752737,1752745,1753078,1753080,1753358,1753363,1754111,1754140-1754141,1754281,1754310,1754445,1754467,1754494,1754496,1754528,1754532-1754533,1754613,1754714,1754874,1754941,1754944,1754950-1754951,1755005,1755007,1755009,1755132,1755180-1755181,1755185,1755190,1755204-1755206,1755208,1755214,1755224,1755227,1755230,1755629,1755646-1755647,1755650,1755653,1755675,1755680,1755683,1755693,1755717,1755731-1755737,1755812,1755828,1755884,1755890,1755918-1755919,1755942,1755958,1755960,1755970,1755993,1756013,1756019,1756039,1756056,1756083-1756114,1756175,1756288-1 756289,1756408-1756410,1756778,1756798,1756878,1756898,1756939,1757123-1757124,1757126,1757128,1757132-1757133,1757136,1757145,1757167-1757168,1757175,1757180,1757182,1757195,1757271,1757278,1757347,1757353-1757354,1757363,1757374,1757399,1757406,1757408,1757485,1757495,1757499,1757527,1757578,1757684,1757722,1757727,1757790,1757799,1757813,1757853,1757883,1757903,1757976,1757997,1758000,1758058,1758072-1758075,1758078-1758079,1758223,1758257,1758261,1758276,1758292,1758369,1758378-1758383,1758421,1758423,1758425-1758427,1758430,1758443,1758448,1758459,1758483,1758486-1758487,1758499,1758525,1758556,1758580,1758582,1758584,1758588,1758842,1759019,1759212,1759224,1759227,1759252,1759274,1759513-1759516,1759611,1759757,1759785-1759790,1760005,1760022,1760109-1760110,1760135,1760200-1760201,1760227,1760300,1760397,1760446,1760454,1760640,1760648,1761057,1761422,1761491,1761498,1761500-1761501,1761550,1761553,1761572,1761574,1761625-1761626,1761628,1761682,1761740,1761752,1762051-176205
svn commit: r1854041 - /tomcat/trunk/test/org/apache/tomcat/util/net/TestSSLHostConfigCompat.java
Author: markt Date: Thu Feb 21 11:45:09 2019 New Revision: 1854041 URL: http://svn.apache.org/viewvc?rev=1854041=rev Log: Add missing configuration Modified: tomcat/trunk/test/org/apache/tomcat/util/net/TestSSLHostConfigCompat.java Modified: tomcat/trunk/test/org/apache/tomcat/util/net/TestSSLHostConfigCompat.java URL: http://svn.apache.org/viewvc/tomcat/trunk/test/org/apache/tomcat/util/net/TestSSLHostConfigCompat.java?rev=1854041=1854040=1854041=diff == --- tomcat/trunk/test/org/apache/tomcat/util/net/TestSSLHostConfigCompat.java (original) +++ tomcat/trunk/test/org/apache/tomcat/util/net/TestSSLHostConfigCompat.java Thu Feb 21 11:45:09 2019 @@ -94,6 +94,7 @@ public class TestSSLHostConfigCompat ext SSLHostConfigCertificate sslHostConfigCertificateRsa = new SSLHostConfigCertificate(sslHostConfig, Type.RSA); sslHostConfigCertificateRsa.setCertificateFile(getPath(TesterSupport.LOCALHOST_RSA_CERT_PEM)); sslHostConfigCertificateRsa.setCertificateKeyFile(getPath(TesterSupport.LOCALHOST_RSA_KEY_PEM)); +sslHostConfig.addCertificate(sslHostConfigCertificateRsa); SSLHostConfigCertificate sslHostConfigCertificateEc = new SSLHostConfigCertificate(sslHostConfig, Type.EC); sslHostConfigCertificateEc.setCertificateFile(getPath(TesterSupport.LOCALHOST_EC_CERT_PEM)); sslHostConfigCertificateEc.setCertificateKeyFile(getPath(TesterSupport.LOCALHOST_EC_KEY_PEM)); - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Better integration of RemoteIpValve, AuthenticatorBase and reverse proxies
Hi folks, I have some improvement ideas for several components where I think others would benefit from too. We intend to run a set of apps on Tomcat 8.5 behind Apache 2.4.x for a possible future load balacing scenario. While evaluating this task I have stumbled on the issue that it isn't that trivial to tell HTTPd that Tomcat is peforming the authentication and here is remoe user + auth type, use that for your access logs too. I have a partially working idea I'd like to get upstream (partially reported as BZ 62496): 1. RemoteIpValve sets requestAttributesEnabled by default in [1], I'd like to add here: > org.apache.coyote.Constants.FORWARDED_REQUEST_ATTRIBUTE: "org.apache.tomcat.forwardedRequest" > request.setAttribute(Constants.FORWARDED_REQUEST_ATTRIBUTE, "true"); 2. AuthenticatorBase would pick this up in [2] by checking this attribute and doing: > response.setHeader(remoteUserHeaderName, request.getRemoteUser()); > response.setHeader(authtTypeHeaderName, request.getAuthType()); where default header names are: X-Remote-User, X-Auth-Type. I am not yet certain whether it should require just FORWARDED_REQUEST_ATTRIBUTE, but also another attribute (e.g., boolean respondAuthInfoOnForwardedRequests) also. FORWARDED_REQUEST_ATTRIBUTE is nice because any internal component will know that this request is not an original request, but a forwarded one. On HTTPd I have: Header note X-Remote-User REMOTE_USER Header note X-Auth-Type AUTH_TYPE Header unset X-Remote-User Header unset Auth-Type LuaHookLog /usr/local/etc/apache24/register_remote_user.lua register_remote_user Access logs now look fine for me on both Tomcat and Apache HTTPd. WDYT? Michael [1] https://github.com/apache/tomcat85/blob/trunk/java/org/apache/catalina/valves/RemoteIpValve.java#L666-L676 [2] https://github.com/apache/tomcat85/blob/trunk/java/org/apache/catalina/authenticator/AuthenticatorBase.java#L999-L1001 - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 63194] New: Tomcat 7.0.93: org.apache.tomcat.util.net.TestClientCertTls13: UnsatisfiedLinkError
https://bz.apache.org/bugzilla/show_bug.cgi?id=63194 Bug ID: 63194 Summary: Tomcat 7.0.93: org.apache.tomcat.util.net.TestClientCertTls13: UnsatisfiedLinkError Product: Tomcat 7 Version: 7.0.93 Hardware: PC Status: NEW Severity: minor Priority: P2 Component: Connectors Assignee: dev@tomcat.apache.org Reporter: knst.koli...@gmail.com Target Milestone: --- Created attachment 36450 --> https://bz.apache.org/bugzilla/attachment.cgi?id=36450=edit TEST-org.apache.tomcat.util.net.TestClientCertTls13.APR.txt Testing Tomcat 7.0.93, when running with APR connector and with Java 11, test org.apache.tomcat.util.net.TestClientCertTls13 fails in a strange way: java.lang.UnsatisfiedLinkError: org.apache.tomcat.jni.SSL.version()I At the same time: 1. Smoke testing with Java 11 is OK, 2. Other TLS tests with java 11 are OK. 3. When running with Java 8 and older all tests in this test class are skipped. So only a single test class is affected. I guess that maybe the test does not initialize tomcat-native library properly (does not call AprLifecycleListener before calling SSL.version() ?) Running the same test with current Tomcat 9 trunk (@r1854030) is OK. So maybe this issue has already been fixed in trunk. Steps to reproduce: 1. Put tcnative-1.dll (64-bit) into bin/native/ 2. set JAVA_HOME=path to java6 home 3. Edit build.properties file to be --- java.7.home= test.entry=org.apache.tomcat.util.net.TestClientCertTls13 --- 4. Run the tests. 5. The exception is logged in TEST-org.apache.tomcat.util.net.TestClientCertTls13.APR.txt file. A copy of this file is attached to this bug report. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[VOTE] Migrate to git
This is a VOTE to migrate the primary source code repository for Apache Tomcat 9.0.x, 8.5.x and 7.0.x from svn to git. The migration will be performed as per: https://cwiki.apache.org/confluence/display/TOMCAT/Git+migration with the following changes: - 8.0.x will not be migrated - the tag name format will be changed from "TOMCAT_9_0_5" to "9.0.5" - the branches will be named master, 8.5.x and 7.0.x The proposed date (subject to Infra agreement) for the migration is 26 Feb 2018. The migration process will be: - Make svn read only for trunk, 8.5.x and 7.0.x - Turn off the svn->git replication for trunk, 8.5.x and 7.0.x - Make git://git.apache.org/tomcat.git read/write for me only - Perform the migration as set out in the wiki with the modifications described above - Check the migration - Make git://git.apache.org/tomcat.git read/write for all committers (Note: This automatically makes https://github.com/apache/tomcat read/write as well) The critical work is done at this point. The following tasks are more clean-up and may end up being spread over several days. - Confirm there are no open PRs for https://github.com/apache/tomcat85 and then delete it and git://git.apache.org/tomcat85.git - Confirm there are no open PRs for https://github.com/apache/tomcat70 and then delete it and git://git.apache.org/tomcat70.git - Update the CI systems to pull the source from git - Create /source.html and replace /svn.html with a redirect to /source.html - Update migration guide to pull diffs from gitweb - Update Tomcat Native to pull in source from git hash - Fix anything else we have forgotten about. If anything goes wrong and we can't fix is easily, the fallback is to make svn read-write and go back to using svn while we clean up the git side of things, figure out what went wrong and come up with a better migration plan. [ ] +1 Go ahead with the migration [ ] -1 Postpone the migration because... The vote will be open for at least 72 hours. Mark - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: [VOTE] Migrate to git
[X] +1 Go ahead with the migration Thanks! Woonsan On Thu, Feb 21, 2019 at 11:13 AM Mark Thomas wrote: > > This is a VOTE to migrate the primary source code repository for Apache > Tomcat 9.0.x, 8.5.x and 7.0.x from svn to git. > > The migration will be performed as per: > https://cwiki.apache.org/confluence/display/TOMCAT/Git+migration > > with the following changes: > - 8.0.x will not be migrated > - the tag name format will be changed from "TOMCAT_9_0_5" to "9.0.5" > - the branches will be named master, 8.5.x and 7.0.x > > The proposed date (subject to Infra agreement) for the migration is 26 > Feb 2018. > > The migration process will be: > - Make svn read only for trunk, 8.5.x and 7.0.x > - Turn off the svn->git replication for trunk, 8.5.x and 7.0.x > - Make git://git.apache.org/tomcat.git read/write for me only > - Perform the migration as set out in the wiki with the modifications > described above > - Check the migration > - Make git://git.apache.org/tomcat.git read/write for all committers > (Note: This automatically makes https://github.com/apache/tomcat >read/write as well) > > The critical work is done at this point. The following tasks are more > clean-up and may end up being spread over several days. > > - Confirm there are no open PRs for https://github.com/apache/tomcat85 > and then delete it and git://git.apache.org/tomcat85.git > - Confirm there are no open PRs for https://github.com/apache/tomcat70 > and then delete it and git://git.apache.org/tomcat70.git > - Update the CI systems to pull the source from git > - Create /source.html and replace /svn.html with a redirect to > /source.html > - Update migration guide to pull diffs from gitweb > - Update Tomcat Native to pull in source from git hash > - Fix anything else we have forgotten about. > > If anything goes wrong and we can't fix is easily, the fallback is to > make svn read-write and go back to using svn while we clean up the git > side of things, figure out what went wrong and come up with a better > migration plan. > > [ ] +1 Go ahead with the migration > [ ] -1 Postpone the migration because... > > The vote will be open for at least 72 hours. > > Mark > > > - > To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org > For additional commands, e-mail: dev-h...@tomcat.apache.org > - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1854068 - in /tomcat/trunk/java/org/apache/tomcat/util/net/openssl: OpenSSLKeyManager.java OpenSSLUtil.java
Author: markt
Date: Thu Feb 21 17:33:52 2019
New Revision: 1854068
URL: http://svn.apache.org/viewvc?rev=1854068=rev
Log:
Remove unused code
Removed:
tomcat/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLKeyManager.java
Modified:
tomcat/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLUtil.java
Modified: tomcat/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLUtil.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLUtil.java?rev=1854068=1854067=1854068=diff
==
--- tomcat/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLUtil.java
(original)
+++ tomcat/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLUtil.java Thu
Feb 21 17:33:52 2019
@@ -27,7 +27,6 @@ import org.apache.juli.logging.Log;
import org.apache.juli.logging.LogFactory;
import org.apache.tomcat.jni.SSL;
import org.apache.tomcat.util.net.SSLContext;
-import org.apache.tomcat.util.net.SSLHostConfig;
import org.apache.tomcat.util.net.SSLHostConfigCertificate;
import org.apache.tomcat.util.net.SSLUtilBase;
import org.apache.tomcat.util.net.jsse.JSSEUtil;
@@ -94,12 +93,7 @@ public class OpenSSLUtil extends SSLUtil
if (jsseUtil != null) {
return jsseUtil.getKeyManagers();
} else {
-// Return something although it is not actually used
-KeyManager[] managers = {
-new
OpenSSLKeyManager(SSLHostConfig.adjustRelativePath(certificate.getCertificateFile()),
-
SSLHostConfig.adjustRelativePath(certificate.getCertificateKeyFile()))
-};
-return managers;
+return null;
}
}
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1854069 - in /tomcat/tc8.5.x/trunk: ./ java/org/apache/tomcat/util/net/openssl/OpenSSLKeyManager.java java/org/apache/tomcat/util/net/openssl/OpenSSLUtil.java
Author: markt Date: Thu Feb 21 17:34:23 2019 New Revision: 1854069 URL: http://svn.apache.org/viewvc?rev=1854069=rev Log: Remove unused code Removed: tomcat/tc8.5.x/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLKeyManager.java Modified: tomcat/tc8.5.x/trunk/ (props changed) tomcat/tc8.5.x/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLUtil.java Propchange: tomcat/tc8.5.x/trunk/ -- --- svn:mergeinfo (original) +++ svn:mergeinfo Thu Feb 21 17:34:23 2019 @@ -1,2 +1,2 @@ /tomcat/tc8.0.x/trunk:1809644 -/tomcat/trunk:1734785,1734799,1734845,1734928,1735041,1735044,1735480,1735577,1735597,1735599-1735600,1735615,1736145,1736162,1736209,1736280,1736297,1736299,1736489,1736646,1736703,1736836,1736849,1737104-1737105,1737112,1737117,1737119-1737120,1737155,1737157,1737192,1737280,1737339,1737632,1737664,1737715,1737748,1737785,1737834,1737860,1737903,1737959,1738005,1738007,1738014-1738015,1738018,1738022,1738039,1738043,1738059-1738060,1738147,1738149,1738174-1738175,1738261,1738589,1738623-1738625,1738643,1738816,1738850,1738855,1738946-1738948,1738953-1738954,1738979,1738982,1739079-1739081,1739087,1739113,1739153,1739172,1739176,1739191,1739474,1739492,1739726,1739762,1739775,1739814,1739817-1739818,1739975,1740131,1740324,1740465,1740495,1740508-1740509,1740520,1740535,1740707,1740803,1740810,1740969,1740980,1740991,1740997,1741015,1741033,1741036,1741058,1741060,1741080,1741147,1741159,1741164,1741173,1741181,1741190,1741197,1741202,1741208,1741213,1741221,1741225,1741232,1741409 ,1741501,1741677,1741892,1741896,1741984,1742023,1742042,1742071,1742090,1742093,1742101,1742105,1742111,1742139,1742146,1742148,1742166,1742181,1742184,1742187,1742246,1742248-1742251,1742263-1742264,1742268,1742276,1742369,1742387,1742448,1742509-1742512,1742917,1742919,1742933,1742975-1742976,1742984,1742986,1743019,1743115,1743117,1743124-1743125,1743134,1743425,1743554,1743679,1743696-1743698,1743700-1743701,1744058,1744064-1744065,1744125,1744149,1744194,1744229,1744270,1744323,1744432,1744684,1744697,1744705,1744713,1744760,1744786,1745083,1745142-1745143,1745145,1745177,1745179-1745180,1745227,1745248,1745254,1745337,1745467,1745473,1745535,1745576,1745735,1745744,1746304,1746306-1746307,1746319,1746327,1746338,1746340-1746341,1746344,1746427,1746441,1746473,1746490,1746492,1746495-1746496,1746499-1746501,1746503-1746507,1746509,1746549,1746551,1746554,1746556,1746558,1746584,1746620,1746649,1746724,1746939,1746989,1747014,1747028,1747035,1747210,1747225,1747234,1747253,1747 404,1747506,1747536,1747924,1747980,1747993,1748001,1748253,1748452,1748547,1748629,1748676,1748715,1749287,1749296,1749328,1749373,1749465,1749506,1749508,1749665-1749666,1749763,1749865-1749866,1749898,1749978,1749980,1750011,1750015,1750056,1750480,1750617,1750634,1750692,1750697,1750700,1750703,1750707,1750714,1750718,1750723,1750774,1750899,1750975,1750995,1751061,1751097,1751173,1751438,1751447,1751463,1751702,1752212,1752737,1752745,1753078,1753080,1753358,1753363,1754111,1754140-1754141,1754281,1754310,1754445,1754467,1754494,1754496,1754528,1754532-1754533,1754613,1754714,1754874,1754941,1754944,1754950-1754951,1755005,1755007,1755009,1755132,1755180-1755181,1755185,1755190,1755204-1755206,1755208,1755214,1755224,1755227,1755230,1755629,1755646-1755647,1755650,1755653,1755675,1755680,1755683,1755693,1755717,1755731-1755737,1755812,1755828,1755884,1755890,1755918-1755919,1755942,1755958,1755960,1755970,1755993,1756013,1756019,1756039,1756056,1756083-1756114,1756175,1756288-1 756289,1756408-1756410,1756778,1756798,1756878,1756898,1756939,1757123-1757124,1757126,1757128,1757132-1757133,1757136,1757145,1757167-1757168,1757175,1757180,1757182,1757195,1757271,1757278,1757347,1757353-1757354,1757363,1757374,1757399,1757406,1757408,1757485,1757495,1757499,1757527,1757578,1757684,1757722,1757727,1757790,1757799,1757813,1757853,1757883,1757903,1757976,1757997,1758000,1758058,1758072-1758075,1758078-1758079,1758223,1758257,1758261,1758276,1758292,1758369,1758378-1758383,1758421,1758423,1758425-1758427,1758430,1758443,1758448,1758459,1758483,1758486-1758487,1758499,1758525,1758556,1758580,1758582,1758584,1758588,1758842,1759019,1759212,1759224,1759227,1759252,1759274,1759513-1759516,1759611,1759757,1759785-1759790,1760005,1760022,1760109-1760110,1760135,1760200-1760201,1760227,1760300,1760397,1760446,1760454,1760640,1760648,1761057,1761422,1761491,1761498,1761500-1761501,1761550,1761553,1761572,1761574,1761625-1761626,1761628,1761682,1761740,1761752,1762051-176205
Re: [VOTE] Migrate to git
Am 2019-02-21 um 17:13 schrieb Mark Thomas: This is a VOTE to migrate the primary source code repository for Apache Tomcat 9.0.x, 8.5.x and 7.0.x from svn to git. The migration will be performed as per: https://cwiki.apache.org/confluence/display/TOMCAT/Git+migration with the following changes: - 8.0.x will not be migrated - the tag name format will be changed from "TOMCAT_9_0_5" to "9.0.5" - the branches will be named master, 8.5.x and 7.0.x The proposed date (subject to Infra agreement) for the migration is 26 Feb 2018. The migration process will be: - Make svn read only for trunk, 8.5.x and 7.0.x - Turn off the svn->git replication for trunk, 8.5.x and 7.0.x - Make git://git.apache.org/tomcat.git read/write for me only - Perform the migration as set out in the wiki with the modifications described above - Check the migration - Make git://git.apache.org/tomcat.git read/write for all committers (Note: This automatically makes https://github.com/apache/tomcat read/write as well) The critical work is done at this point. The following tasks are more clean-up and may end up being spread over several days. - Confirm there are no open PRs for https://github.com/apache/tomcat85 and then delete it and git://git.apache.org/tomcat85.git - Confirm there are no open PRs for https://github.com/apache/tomcat70 and then delete it and git://git.apache.org/tomcat70.git - Update the CI systems to pull the source from git - Create /source.html and replace /svn.html with a redirect to /source.html - Update migration guide to pull diffs from gitweb - Update Tomcat Native to pull in source from git hash - Fix anything else we have forgotten about. If anything goes wrong and we can't fix is easily, the fallback is to make svn read-write and go back to using svn while we clean up the git side of things, figure out what went wrong and come up with a better migration plan. [ ] +1 Go ahead with the migration [ ] -1 Postpone the migration because... +1 I hope we can accommodate the proposed changes, e.g., branches. Michael - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1854066 - in /tomcat/trunk: java/org/apache/coyote/ java/org/apache/coyote/ajp/ java/org/apache/coyote/http11/ java/org/apache/coyote/http11/upgrade/ java/org/apache/coyote/http2/ java/or
Author: remm
Date: Thu Feb 21 16:37:20 2019
New Revision: 1854066
URL: http://svn.apache.org/viewvc?rev=1854066=rev
Log:
Refactor to redo fix for 63182. The root cause is that the pending flag is
released once processing start, and concurrent unsynced access from non
container threads can cause awaitBytes to happen concurrently.
Modified:
tomcat/trunk/java/org/apache/coyote/AbstractProcessor.java
tomcat/trunk/java/org/apache/coyote/AbstractProtocol.java
tomcat/trunk/java/org/apache/coyote/ajp/AjpProcessor.java
tomcat/trunk/java/org/apache/coyote/http11/Http11Processor.java
tomcat/trunk/java/org/apache/coyote/http11/upgrade/UpgradeServletInputStream.java
tomcat/trunk/java/org/apache/coyote/http2/StreamProcessor.java
tomcat/trunk/java/org/apache/tomcat/util/net/AprEndpoint.java
tomcat/trunk/java/org/apache/tomcat/util/net/Nio2Endpoint.java
tomcat/trunk/java/org/apache/tomcat/util/net/NioEndpoint.java
tomcat/trunk/java/org/apache/tomcat/util/net/SocketWrapperBase.java
tomcat/trunk/test/org/apache/catalina/nonblocking/TestNonBlockingAPI.java
Modified: tomcat/trunk/java/org/apache/coyote/AbstractProcessor.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/coyote/AbstractProcessor.java?rev=1854066=1854065=1854066=diff
==
--- tomcat/trunk/java/org/apache/coyote/AbstractProcessor.java (original)
+++ tomcat/trunk/java/org/apache/coyote/AbstractProcessor.java Thu Feb 21
16:37:20 2019
@@ -790,7 +790,7 @@ public abstract class AbstractProcessor
}
if (!isRequestBodyFullyRead()) {
-registerReadInterest();
+registerReadInterest(true);
}
return false;
@@ -800,7 +800,7 @@ public abstract class AbstractProcessor
protected abstract boolean isRequestBodyFullyRead();
-protected abstract void registerReadInterest();
+protected abstract void registerReadInterest(boolean body);
protected abstract boolean isReadyForWrite();
Modified: tomcat/trunk/java/org/apache/coyote/AbstractProtocol.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/coyote/AbstractProtocol.java?rev=1854066=1854065=1854066=diff
==
--- tomcat/trunk/java/org/apache/coyote/AbstractProtocol.java (original)
+++ tomcat/trunk/java/org/apache/coyote/AbstractProtocol.java Thu Feb 21
16:37:20 2019
@@ -903,7 +903,7 @@ public abstract class AbstractProtocolhttp://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/coyote/ajp/AjpProcessor.java?rev=1854066=1854065=1854066=diff
==
--- tomcat/trunk/java/org/apache/coyote/ajp/AjpProcessor.java (original)
+++ tomcat/trunk/java/org/apache/coyote/ajp/AjpProcessor.java Thu Feb 21
16:37:20 2019
@@ -1134,8 +1134,8 @@ public class AjpProcessor extends Abstra
@Override
-protected final void registerReadInterest() {
-socketWrapper.registerReadInterest();
+protected final void registerReadInterest(boolean body) {
+socketWrapper.registerReadInterest(!body);
}
Modified: tomcat/trunk/java/org/apache/coyote/http11/Http11Processor.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/coyote/http11/Http11Processor.java?rev=1854066=1854065=1854066=diff
==
--- tomcat/trunk/java/org/apache/coyote/http11/Http11Processor.java (original)
+++ tomcat/trunk/java/org/apache/coyote/http11/Http11Processor.java Thu Feb 21
16:37:20 2019
@@ -1215,8 +1215,8 @@ public class Http11Processor extends Abs
@Override
-protected final void registerReadInterest() {
-socketWrapper.registerReadInterest();
+protected final void registerReadInterest(boolean body) {
+socketWrapper.registerReadInterest(!body);
}
Modified:
tomcat/trunk/java/org/apache/coyote/http11/upgrade/UpgradeServletInputStream.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/coyote/http11/upgrade/UpgradeServletInputStream.java?rev=1854066=1854065=1854066=diff
==
---
tomcat/trunk/java/org/apache/coyote/http11/upgrade/UpgradeServletInputStream.java
(original)
+++
tomcat/trunk/java/org/apache/coyote/http11/upgrade/UpgradeServletInputStream.java
Thu Feb 21 16:37:20 2019
@@ -107,7 +107,7 @@ public class UpgradeServletInputStream e
if (ContainerThreadMarker.isContainerThread()) {
processor.addDispatch(DispatchType.NON_BLOCKING_READ);
} else {
-socketWrapper.registerReadInterest();
+socketWrapper.registerReadInterest(true);
}
// Switching to non-blocking. Don't know if data is available.
Modified: tomcat/trunk/java/org/apache/coyote/http2/StreamProcessor.java
buildbot failure in on tomcat-trunk
The Buildbot has detected a new failure on builder tomcat-trunk while building . Full details are available at: https://ci.apache.org/builders/tomcat-trunk/builds/4069 Buildbot URL: https://ci.apache.org/ Buildslave for this Build: silvanus_ubuntu Build Reason: The AnyBranchScheduler scheduler named 'on-tomcat-commit' triggered this build Build Source Stamp: [branch tomcat/trunk] 1854066 Blamelist: remm BUILD FAILED: failed compile_1 Sincerely, -The Buildbot - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
buildbot failure in on tomcat-85-trunk
The Buildbot has detected a new failure on builder tomcat-85-trunk while building . Full details are available at: https://ci.apache.org/builders/tomcat-85-trunk/builds/1661 Buildbot URL: https://ci.apache.org/ Buildslave for this Build: silvanus_ubuntu Build Reason: The AnyBranchScheduler scheduler named 'on-tomcat-85-commit' triggered this build Build Source Stamp: [branch tomcat/tc8.5.x/trunk] 1854069 Blamelist: markt BUILD FAILED: failed compile_1 Sincerely, -The Buildbot - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: [VOTE] Migrate to git
Sorry for the double email (sending via my apache account so its official) [X] +1 Go ahead with the migration -Tim >
Re: [VOTE] Migrate to git
[X] +1 Go ahead with the migration A huge thanks to all the time, thought and planning to make this possible. -Tim
svn commit: r1854075 - /tomcat/trunk/test/org/apache/catalina/nonblocking/TestNonBlockingAPI.java
Author: remm
Date: Thu Feb 21 18:27:54 2019
New Revision: 1854075
URL: http://svn.apache.org/viewvc?rev=1854075=rev
Log:
It is unclear if the two need to be strictly equal, so relax check.
Modified:
tomcat/trunk/test/org/apache/catalina/nonblocking/TestNonBlockingAPI.java
Modified:
tomcat/trunk/test/org/apache/catalina/nonblocking/TestNonBlockingAPI.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/test/org/apache/catalina/nonblocking/TestNonBlockingAPI.java?rev=1854075=1854074=1854075=diff
==
--- tomcat/trunk/test/org/apache/catalina/nonblocking/TestNonBlockingAPI.java
(original)
+++ tomcat/trunk/test/org/apache/catalina/nonblocking/TestNonBlockingAPI.java
Thu Feb 21 18:27:54 2019
@@ -125,7 +125,7 @@ public class TestNonBlockingAPI extends
if (async) {
Assert.assertEquals(200 * 8, servlet.listener.body.length());
TestAsyncReadListener listener = (TestAsyncReadListener)
servlet.listener;
-Assert.assertEquals(listener.notReadyCount,
listener.containerThreadCount);
+Assert.assertTrue(Math.abs(listener.containerThreadCount -
listener.notReadyCount) <= 1);
Assert.assertEquals(listener.isReadyCount,
listener.nonContainerThreadCount);
} else {
Assert.assertEquals(5 * 8, servlet.listener.body.length());
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1854059 - /tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml
Author: violetagg Date: Thu Feb 21 15:38:10 2019 New Revision: 1854059 URL: http://svn.apache.org/viewvc?rev=1854059=rev Log: Update the release date for 7.0.93 Modified: tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml Modified: tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml URL: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml?rev=1854059=1854058=1854059=diff == --- tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml (original) +++ tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml Thu Feb 21 15:38:10 2019 @@ -60,7 +60,7 @@ --> - + - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 63195] Add easy way to test RemoteIpValve works properly
https://bz.apache.org/bugzilla/show_bug.cgi?id=63195 --- Comment #2 from Michael Osipov --- The snoop.jsp is a good start. Let's stash this for moment. Tomcat is not supposed to verify, but the user. Properly configuring the valve can be daunting for people. Even after they have configured it, they can't verify it instantly. Namely, a sample JSP with the showed attributes. Look at the Javadoc of the valve, it has before and after example tables. I'd expect a user to run a servlet or a JSP to verify whether he/she configured the valve properly. Lone the fact, that the snoop.jsp hasn't been mentioned as a checker in RemoteIpValve we need to improve docs. Alternatively, such values could be displayed in the manager app. Is that a bit clearer?(In reply to Christopher Schultz from comment #1) > What about webapps/examples/jsp/snp/snoop.jsp? > > I don't even understand what this enhancement request is. Why is it up to > Tomcat to verify that the user's configuration is "[working] properly"? -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: [VOTE] Migrate to git
On Thu, Feb 21, 2019 at 11:13 AM Mark Thomas wrote: > This is a VOTE to migrate the primary source code repository for Apache > Tomcat 9.0.x, 8.5.x and 7.0.x from svn to git. > > The migration will be performed as per: > https://cwiki.apache.org/confluence/display/TOMCAT/Git+migration > > with the following changes: > - 8.0.x will not be migrated > - the tag name format will be changed from "TOMCAT_9_0_5" to "9.0.5" > - the branches will be named master, 8.5.x and 7.0.x > > The proposed date (subject to Infra agreement) for the migration is 26 > Feb 2018. > > The migration process will be: > - Make svn read only for trunk, 8.5.x and 7.0.x > - Turn off the svn->git replication for trunk, 8.5.x and 7.0.x > - Make git://git.apache.org/tomcat.git read/write for me only > - Perform the migration as set out in the wiki with the modifications > described above > - Check the migration > - Make git://git.apache.org/tomcat.git read/write for all committers > (Note: This automatically makes https://github.com/apache/tomcat >read/write as well) > > The critical work is done at this point. The following tasks are more > clean-up and may end up being spread over several days. > > - Confirm there are no open PRs for https://github.com/apache/tomcat85 > and then delete it and git://git.apache.org/tomcat85.git > - Confirm there are no open PRs for https://github.com/apache/tomcat70 > and then delete it and git://git.apache.org/tomcat70.git > - Update the CI systems to pull the source from git > - Create /source.html and replace /svn.html with a redirect to > /source.html > - Update migration guide to pull diffs from gitweb > - Update Tomcat Native to pull in source from git hash > - Fix anything else we have forgotten about. > > If anything goes wrong and we can't fix is easily, the fallback is to > make svn read-write and go back to using svn while we clean up the git > side of things, figure out what went wrong and come up with a better > migration plan. > > [x] +1 Go ahead with the migration > +1 > [ ] -1 Postpone the migration because... > > The vote will be open for at least 72 hours. > > Mark > > > - > To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org > For additional commands, e-mail: dev-h...@tomcat.apache.org > >
svn commit: r1854081 - in /tomcat/tc8.5.x/trunk: ./ java/org/apache/tomcat/util/net/SSLUtilBase.java java/org/apache/tomcat/util/net/jsse/JSSEUtil.java java/org/apache/tomcat/util/net/openssl/OpenSSLU
Author: markt Date: Thu Feb 21 18:48:58 2019 New Revision: 1854081 URL: http://svn.apache.org/viewvc?rev=1854081=rev Log: Refactor with the aim (several commits in the future) of enabling the AprEndpoint to use JSSE style configuration Modified: tomcat/tc8.5.x/trunk/ (props changed) tomcat/tc8.5.x/trunk/java/org/apache/tomcat/util/net/SSLUtilBase.java tomcat/tc8.5.x/trunk/java/org/apache/tomcat/util/net/jsse/JSSEUtil.java tomcat/tc8.5.x/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLUtil.java Propchange: tomcat/tc8.5.x/trunk/ -- --- svn:mergeinfo (original) +++ svn:mergeinfo Thu Feb 21 18:48:58 2019 @@ -1,2 +1,2 @@ /tomcat/tc8.0.x/trunk:1809644 -/tomcat/trunk:1734785,1734799,1734845,1734928,1735041,1735044,1735480,1735577,1735597,1735599-1735600,1735615,1736145,1736162,1736209,1736280,1736297,1736299,1736489,1736646,1736703,1736836,1736849,1737104-1737105,1737112,1737117,1737119-1737120,1737155,1737157,1737192,1737280,1737339,1737632,1737664,1737715,1737748,1737785,1737834,1737860,1737903,1737959,1738005,1738007,1738014-1738015,1738018,1738022,1738039,1738043,1738059-1738060,1738147,1738149,1738174-1738175,1738261,1738589,1738623-1738625,1738643,1738816,1738850,1738855,1738946-1738948,1738953-1738954,1738979,1738982,1739079-1739081,1739087,1739113,1739153,1739172,1739176,1739191,1739474,1739492,1739726,1739762,1739775,1739814,1739817-1739818,1739975,1740131,1740324,1740465,1740495,1740508-1740509,1740520,1740535,1740707,1740803,1740810,1740969,1740980,1740991,1740997,1741015,1741033,1741036,1741058,1741060,1741080,1741147,1741159,1741164,1741173,1741181,1741190,1741197,1741202,1741208,1741213,1741221,1741225,1741232,1741409 ,1741501,1741677,1741892,1741896,1741984,1742023,1742042,1742071,1742090,1742093,1742101,1742105,1742111,1742139,1742146,1742148,1742166,1742181,1742184,1742187,1742246,1742248-1742251,1742263-1742264,1742268,1742276,1742369,1742387,1742448,1742509-1742512,1742917,1742919,1742933,1742975-1742976,1742984,1742986,1743019,1743115,1743117,1743124-1743125,1743134,1743425,1743554,1743679,1743696-1743698,1743700-1743701,1744058,1744064-1744065,1744125,1744149,1744194,1744229,1744270,1744323,1744432,1744684,1744697,1744705,1744713,1744760,1744786,1745083,1745142-1745143,1745145,1745177,1745179-1745180,1745227,1745248,1745254,1745337,1745467,1745473,1745535,1745576,1745735,1745744,1746304,1746306-1746307,1746319,1746327,1746338,1746340-1746341,1746344,1746427,1746441,1746473,1746490,1746492,1746495-1746496,1746499-1746501,1746503-1746507,1746509,1746549,1746551,1746554,1746556,1746558,1746584,1746620,1746649,1746724,1746939,1746989,1747014,1747028,1747035,1747210,1747225,1747234,1747253,1747 404,1747506,1747536,1747924,1747980,1747993,1748001,1748253,1748452,1748547,1748629,1748676,1748715,1749287,1749296,1749328,1749373,1749465,1749506,1749508,1749665-1749666,1749763,1749865-1749866,1749898,1749978,1749980,1750011,1750015,1750056,1750480,1750617,1750634,1750692,1750697,1750700,1750703,1750707,1750714,1750718,1750723,1750774,1750899,1750975,1750995,1751061,1751097,1751173,1751438,1751447,1751463,1751702,1752212,1752737,1752745,1753078,1753080,1753358,1753363,1754111,1754140-1754141,1754281,1754310,1754445,1754467,1754494,1754496,1754528,1754532-1754533,1754613,1754714,1754874,1754941,1754944,1754950-1754951,1755005,1755007,1755009,1755132,1755180-1755181,1755185,1755190,1755204-1755206,1755208,1755214,1755224,1755227,1755230,1755629,1755646-1755647,1755650,1755653,1755675,1755680,1755683,1755693,1755717,1755731-1755737,1755812,1755828,1755884,1755890,1755918-1755919,1755942,1755958,1755960,1755970,1755993,1756013,1756019,1756039,1756056,1756083-1756114,1756175,1756288-1 756289,1756408-1756410,1756778,1756798,1756878,1756898,1756939,1757123-1757124,1757126,1757128,1757132-1757133,1757136,1757145,1757167-1757168,1757175,1757180,1757182,1757195,1757271,1757278,1757347,1757353-1757354,1757363,1757374,1757399,1757406,1757408,1757485,1757495,1757499,1757527,1757578,1757684,1757722,1757727,1757790,1757799,1757813,1757853,1757883,1757903,1757976,1757997,1758000,1758058,1758072-1758075,1758078-1758079,1758223,1758257,1758261,1758276,1758292,1758369,1758378-1758383,1758421,1758423,1758425-1758427,1758430,1758443,1758448,1758459,1758483,1758486-1758487,1758499,1758525,1758556,1758580,1758582,1758584,1758588,1758842,1759019,1759212,1759224,1759227,1759252,1759274,1759513-1759516,1759611,1759757,1759785-1759790,1760005,1760022,1760109-1760110,1760135,1760200-1760201,1760227,1760300,1760397,1760446,1760454,1760640,1760648,1761057,1761422,1761491,1761498,1761500-1761501,1761550,1761553,1761572,1761574,1761625-1761626,1761628,1761682,1761740,1761752,1762051-176205
Re: [VOTE] Migrate to git
On Thu, Feb 21, 2019, 18:13 Mark Thomas wrote: > This is a VOTE to migrate the primary source code repository for Apache > Tomcat 9.0.x, 8.5.x and 7.0.x from svn to git. > > The migration will be performed as per: > https://cwiki.apache.org/confluence/display/TOMCAT/Git+migration > > with the following changes: > - 8.0.x will not be migrated > - the tag name format will be changed from "TOMCAT_9_0_5" to "9.0.5" > - the branches will be named master, 8.5.x and 7.0.x > > The proposed date (subject to Infra agreement) for the migration is 26 > Feb 2018. > > The migration process will be: > - Make svn read only for trunk, 8.5.x and 7.0.x > - Turn off the svn->git replication for trunk, 8.5.x and 7.0.x > - Make git://git.apache.org/tomcat.git read/write for me only > - Perform the migration as set out in the wiki with the modifications > described above > - Check the migration > - Make git://git.apache.org/tomcat.git read/write for all committers > (Note: This automatically makes https://github.com/apache/tomcat >read/write as well) > > The critical work is done at this point. The following tasks are more > clean-up and may end up being spread over several days. > > - Confirm there are no open PRs for https://github.com/apache/tomcat85 > and then delete it and git://git.apache.org/tomcat85.git > - Confirm there are no open PRs for https://github.com/apache/tomcat70 > and then delete it and git://git.apache.org/tomcat70.git > - Update the CI systems to pull the source from git > - Create /source.html and replace /svn.html with a redirect to > /source.html > - Update migration guide to pull diffs from gitweb > - Update Tomcat Native to pull in source from git hash > - Fix anything else we have forgotten about. > > If anything goes wrong and we can't fix is easily, the fallback is to > make svn read-write and go back to using svn while we clean up the git > side of things, figure out what went wrong and come up with a better > migration plan. > > [ X ] +1 Go ahead with the migration > [ ] -1 Postpone the migration because... > Regards, Martin > The vote will be open for at least 72 hours. > > Mark > > > - > To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org > For additional commands, e-mail: dev-h...@tomcat.apache.org > >
svn commit: r1854096 - in /tomcat/tc8.5.x/trunk: ./ java/org/apache/tomcat/util/net/ java/org/apache/tomcat/util/net/jsse/ java/org/apache/tomcat/util/net/openssl/
Author: markt Date: Thu Feb 21 20:41:32 2019 New Revision: 1854096 URL: http://svn.apache.org/viewvc?rev=1854096=rev Log: Refactor setting of sessionCacheSize and sessionTimeout It is a little more convoluted now for NIO[2]+OpenSSL but the end result should be the same and it brings the JSSE and OpenSSL code closer together which will (hopefully) make the work to get AprEndpoint working with JSSE config easier. Modified: tomcat/tc8.5.x/trunk/ (props changed) tomcat/tc8.5.x/trunk/java/org/apache/tomcat/util/net/AbstractJsseEndpoint.java tomcat/tc8.5.x/trunk/java/org/apache/tomcat/util/net/SSLUtilBase.java tomcat/tc8.5.x/trunk/java/org/apache/tomcat/util/net/jsse/JSSEUtil.java tomcat/tc8.5.x/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLContext.java tomcat/tc8.5.x/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLUtil.java Propchange: tomcat/tc8.5.x/trunk/ -- --- svn:mergeinfo (original) +++ svn:mergeinfo Thu Feb 21 20:41:32 2019 @@ -1,2 +1,2 @@ /tomcat/tc8.0.x/trunk:1809644 -/tomcat/trunk:1734785,1734799,1734845,1734928,1735041,1735044,1735480,1735577,1735597,1735599-1735600,1735615,1736145,1736162,1736209,1736280,1736297,1736299,1736489,1736646,1736703,1736836,1736849,1737104-1737105,1737112,1737117,1737119-1737120,1737155,1737157,1737192,1737280,1737339,1737632,1737664,1737715,1737748,1737785,1737834,1737860,1737903,1737959,1738005,1738007,1738014-1738015,1738018,1738022,1738039,1738043,1738059-1738060,1738147,1738149,1738174-1738175,1738261,1738589,1738623-1738625,1738643,1738816,1738850,1738855,1738946-1738948,1738953-1738954,1738979,1738982,1739079-1739081,1739087,1739113,1739153,1739172,1739176,1739191,1739474,1739492,1739726,1739762,1739775,1739814,1739817-1739818,1739975,1740131,1740324,1740465,1740495,1740508-1740509,1740520,1740535,1740707,1740803,1740810,1740969,1740980,1740991,1740997,1741015,1741033,1741036,1741058,1741060,1741080,1741147,1741159,1741164,1741173,1741181,1741190,1741197,1741202,1741208,1741213,1741221,1741225,1741232,1741409 ,1741501,1741677,1741892,1741896,1741984,1742023,1742042,1742071,1742090,1742093,1742101,1742105,1742111,1742139,1742146,1742148,1742166,1742181,1742184,1742187,1742246,1742248-1742251,1742263-1742264,1742268,1742276,1742369,1742387,1742448,1742509-1742512,1742917,1742919,1742933,1742975-1742976,1742984,1742986,1743019,1743115,1743117,1743124-1743125,1743134,1743425,1743554,1743679,1743696-1743698,1743700-1743701,1744058,1744064-1744065,1744125,1744149,1744194,1744229,1744270,1744323,1744432,1744684,1744697,1744705,1744713,1744760,1744786,1745083,1745142-1745143,1745145,1745177,1745179-1745180,1745227,1745248,1745254,1745337,1745467,1745473,1745535,1745576,1745735,1745744,1746304,1746306-1746307,1746319,1746327,1746338,1746340-1746341,1746344,1746427,1746441,1746473,1746490,1746492,1746495-1746496,1746499-1746501,1746503-1746507,1746509,1746549,1746551,1746554,1746556,1746558,1746584,1746620,1746649,1746724,1746939,1746989,1747014,1747028,1747035,1747210,1747225,1747234,1747253,1747 404,1747506,1747536,1747924,1747980,1747993,1748001,1748253,1748452,1748547,1748629,1748676,1748715,1749287,1749296,1749328,1749373,1749465,1749506,1749508,1749665-1749666,1749763,1749865-1749866,1749898,1749978,1749980,1750011,1750015,1750056,1750480,1750617,1750634,1750692,1750697,1750700,1750703,1750707,1750714,1750718,1750723,1750774,1750899,1750975,1750995,1751061,1751097,1751173,1751438,1751447,1751463,1751702,1752212,1752737,1752745,1753078,1753080,1753358,1753363,1754111,1754140-1754141,1754281,1754310,1754445,1754467,1754494,1754496,1754528,1754532-1754533,1754613,1754714,1754874,1754941,1754944,1754950-1754951,1755005,1755007,1755009,1755132,1755180-1755181,1755185,1755190,1755204-1755206,1755208,1755214,1755224,1755227,1755230,1755629,1755646-1755647,1755650,1755653,1755675,1755680,1755683,1755693,1755717,1755731-1755737,1755812,1755828,1755884,1755890,1755918-1755919,1755942,1755958,1755960,1755970,1755993,1756013,1756019,1756039,1756056,1756083-1756114,1756175,1756288-1
svn commit: r1854095 - in /tomcat/trunk/java/org/apache/tomcat/util/net: AbstractJsseEndpoint.java SSLUtilBase.java jsse/JSSEUtil.java openssl/OpenSSLContext.java openssl/OpenSSLUtil.java
Author: markt
Date: Thu Feb 21 20:40:51 2019
New Revision: 1854095
URL: http://svn.apache.org/viewvc?rev=1854095=rev
Log:
Refactor setting of sessionCacheSize and sessionTimeout
It is a little more convoluted now for NIO[2]+OpenSSL but the end result should
be the same and it brings the JSSE and OpenSSL code closer together which will
(hopefully) make the work to get AprEndpoint working with JSSE config easier.
Modified:
tomcat/trunk/java/org/apache/tomcat/util/net/AbstractJsseEndpoint.java
tomcat/trunk/java/org/apache/tomcat/util/net/SSLUtilBase.java
tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSEUtil.java
tomcat/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLContext.java
tomcat/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLUtil.java
Modified: tomcat/trunk/java/org/apache/tomcat/util/net/AbstractJsseEndpoint.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/net/AbstractJsseEndpoint.java?rev=1854095=1854094=1854095=diff
==
--- tomcat/trunk/java/org/apache/tomcat/util/net/AbstractJsseEndpoint.java
(original)
+++ tomcat/trunk/java/org/apache/tomcat/util/net/AbstractJsseEndpoint.java Thu
Feb 21 20:40:51 2019
@@ -27,7 +27,6 @@ import java.util.Set;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLParameters;
-import javax.net.ssl.SSLSessionContext;
import org.apache.tomcat.util.compat.JreCompat;
import org.apache.tomcat.util.net.SSLHostConfig.Type;
@@ -113,10 +112,6 @@ public abstract class AbstractJsseEndpoi
throw new IllegalArgumentException(e.getMessage(), e);
}
-SSLSessionContext sessionContext =
sslContext.getServerSessionContext();
-if (sessionContext != null) {
-sslUtil.configureSessionContext(sessionContext);
-}
certificate.setSslContext(sslContext);
}
}
Modified: tomcat/trunk/java/org/apache/tomcat/util/net/SSLUtilBase.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/net/SSLUtilBase.java?rev=1854095=1854094=1854095=diff
==
--- tomcat/trunk/java/org/apache/tomcat/util/net/SSLUtilBase.java (original)
+++ tomcat/trunk/java/org/apache/tomcat/util/net/SSLUtilBase.java Thu Feb 21
20:40:51 2019
@@ -46,6 +46,7 @@ import java.util.Set;
import javax.net.ssl.CertPathTrustManagerParameters;
import javax.net.ssl.ManagerFactoryParameters;
+import javax.net.ssl.SSLSessionContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
@@ -228,10 +229,27 @@ public abstract class SSLUtilBase implem
public final SSLContext createSSLContext(List negotiableProtocols)
throws Exception {
SSLContext sslContext = createSSLContextInternal(negotiableProtocols);
sslContext.init(getKeyManagers(), getTrustManagers(), null);
+
+SSLSessionContext sessionContext =
sslContext.getServerSessionContext();
+if (sessionContext != null) {
+configureSessionContext(sessionContext);
+}
+
return sslContext;
}
+@Override
+public void configureSessionContext(SSLSessionContext sslSessionContext) {
+if (sslHostConfig.getSessionCacheSize() > 0) {
+
sslSessionContext.setSessionCacheSize(sslHostConfig.getSessionCacheSize());
+}
+if (sslHostConfig.getSessionTimeout() > 0) {
+
sslSessionContext.setSessionTimeout(sslHostConfig.getSessionTimeout());
+}
+}
+
+
@Override
public String[] getEnabledProtocols() {
return enabledProtocols;
Modified: tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSEUtil.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSEUtil.java?rev=1854095=1854094=1854095=diff
==
--- tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSEUtil.java (original)
+++ tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSEUtil.java Thu Feb 21
20:40:51 2019
@@ -33,7 +33,6 @@ import java.util.Set;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
-import javax.net.ssl.SSLSessionContext;
import javax.net.ssl.X509KeyManager;
import org.apache.juli.logging.Log;
@@ -277,11 +276,4 @@ public class JSSEUtil extends SSLUtilBas
return kms;
}
-
-
-@Override
-public void configureSessionContext(SSLSessionContext sslSessionContext) {
-
sslSessionContext.setSessionCacheSize(sslHostConfig.getSessionCacheSize());
-sslSessionContext.setSessionTimeout(sslHostConfig.getSessionTimeout());
-}
}
Modified:
tomcat/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLContext.java
URL:
Re: [VOTE] Migrate to git
Am 21.02.19 um 17:13 schrieb Mark Thomas: This is a VOTE to migrate the primary source code repository for Apache Tomcat 9.0.x, 8.5.x and 7.0.x from svn to git. The migration will be performed as per: https://cwiki.apache.org/confluence/display/TOMCAT/Git+migration with the following changes: - 8.0.x will not be migrated - the tag name format will be changed from "TOMCAT_9_0_5" to "9.0.5" - the branches will be named master, 8.5.x and 7.0.x The proposed date (subject to Infra agreement) for the migration is 26 Feb 2018. The migration process will be: - Make svn read only for trunk, 8.5.x and 7.0.x - Turn off the svn->git replication for trunk, 8.5.x and 7.0.x - Make git://git.apache.org/tomcat.git read/write for me only - Perform the migration as set out in the wiki with the modifications described above - Check the migration - Make git://git.apache.org/tomcat.git read/write for all committers (Note: This automatically makes https://github.com/apache/tomcat read/write as well) The critical work is done at this point. The following tasks are more clean-up and may end up being spread over several days. - Confirm there are no open PRs for https://github.com/apache/tomcat85 and then delete it and git://git.apache.org/tomcat85.git - Confirm there are no open PRs for https://github.com/apache/tomcat70 and then delete it and git://git.apache.org/tomcat70.git - Update the CI systems to pull the source from git - Create /source.html and replace /svn.html with a redirect to /source.html - Update migration guide to pull diffs from gitweb - Update Tomcat Native to pull in source from git hash - Fix anything else we have forgotten about. If anything goes wrong and we can't fix is easily, the fallback is to make svn read-write and go back to using svn while we clean up the git side of things, figure out what went wrong and come up with a better migration plan. [x] +1 Go ahead with the migration [ ] -1 Postpone the migration because... The vote will be open for at least 72 hours. Thanks for the great preparation Felix Mark - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1854093 - in /tomcat/tc8.5.x/trunk: ./ java/org/apache/tomcat/util/net/openssl/OpenSSLContext.java
Author: markt Date: Thu Feb 21 20:25:05 2019 New Revision: 1854093 URL: http://svn.apache.org/viewvc?rev=1854093=rev Log: Remove code that is essentially NO-OP Modified: tomcat/tc8.5.x/trunk/ (props changed) tomcat/tc8.5.x/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLContext.java Propchange: tomcat/tc8.5.x/trunk/ -- --- svn:mergeinfo (original) +++ svn:mergeinfo Thu Feb 21 20:25:05 2019 @@ -1,2 +1,2 @@ /tomcat/tc8.0.x/trunk:1809644 -/tomcat/trunk:1734785,1734799,1734845,1734928,1735041,1735044,1735480,1735577,1735597,1735599-1735600,1735615,1736145,1736162,1736209,1736280,1736297,1736299,1736489,1736646,1736703,1736836,1736849,1737104-1737105,1737112,1737117,1737119-1737120,1737155,1737157,1737192,1737280,1737339,1737632,1737664,1737715,1737748,1737785,1737834,1737860,1737903,1737959,1738005,1738007,1738014-1738015,1738018,1738022,1738039,1738043,1738059-1738060,1738147,1738149,1738174-1738175,1738261,1738589,1738623-1738625,1738643,1738816,1738850,1738855,1738946-1738948,1738953-1738954,1738979,1738982,1739079-1739081,1739087,1739113,1739153,1739172,1739176,1739191,1739474,1739492,1739726,1739762,1739775,1739814,1739817-1739818,1739975,1740131,1740324,1740465,1740495,1740508-1740509,1740520,1740535,1740707,1740803,1740810,1740969,1740980,1740991,1740997,1741015,1741033,1741036,1741058,1741060,1741080,1741147,1741159,1741164,1741173,1741181,1741190,1741197,1741202,1741208,1741213,1741221,1741225,1741232,1741409 ,1741501,1741677,1741892,1741896,1741984,1742023,1742042,1742071,1742090,1742093,1742101,1742105,1742111,1742139,1742146,1742148,1742166,1742181,1742184,1742187,1742246,1742248-1742251,1742263-1742264,1742268,1742276,1742369,1742387,1742448,1742509-1742512,1742917,1742919,1742933,1742975-1742976,1742984,1742986,1743019,1743115,1743117,1743124-1743125,1743134,1743425,1743554,1743679,1743696-1743698,1743700-1743701,1744058,1744064-1744065,1744125,1744149,1744194,1744229,1744270,1744323,1744432,1744684,1744697,1744705,1744713,1744760,1744786,1745083,1745142-1745143,1745145,1745177,1745179-1745180,1745227,1745248,1745254,1745337,1745467,1745473,1745535,1745576,1745735,1745744,1746304,1746306-1746307,1746319,1746327,1746338,1746340-1746341,1746344,1746427,1746441,1746473,1746490,1746492,1746495-1746496,1746499-1746501,1746503-1746507,1746509,1746549,1746551,1746554,1746556,1746558,1746584,1746620,1746649,1746724,1746939,1746989,1747014,1747028,1747035,1747210,1747225,1747234,1747253,1747 404,1747506,1747536,1747924,1747980,1747993,1748001,1748253,1748452,1748547,1748629,1748676,1748715,1749287,1749296,1749328,1749373,1749465,1749506,1749508,1749665-1749666,1749763,1749865-1749866,1749898,1749978,1749980,1750011,1750015,1750056,1750480,1750617,1750634,1750692,1750697,1750700,1750703,1750707,1750714,1750718,1750723,1750774,1750899,1750975,1750995,1751061,1751097,1751173,1751438,1751447,1751463,1751702,1752212,1752737,1752745,1753078,1753080,1753358,1753363,1754111,1754140-1754141,1754281,1754310,1754445,1754467,1754494,1754496,1754528,1754532-1754533,1754613,1754714,1754874,1754941,1754944,1754950-1754951,1755005,1755007,1755009,1755132,1755180-1755181,1755185,1755190,1755204-1755206,1755208,1755214,1755224,1755227,1755230,1755629,1755646-1755647,1755650,1755653,1755675,1755680,1755683,1755693,1755717,1755731-1755737,1755812,1755828,1755884,1755890,1755918-1755919,1755942,1755958,1755960,1755970,1755993,1756013,1756019,1756039,1756056,1756083-1756114,1756175,1756288-1 756289,1756408-1756410,1756778,1756798,1756878,1756898,1756939,1757123-1757124,1757126,1757128,1757132-1757133,1757136,1757145,1757167-1757168,1757175,1757180,1757182,1757195,1757271,1757278,1757347,1757353-1757354,1757363,1757374,1757399,1757406,1757408,1757485,1757495,1757499,1757527,1757578,1757684,1757722,1757727,1757790,1757799,1757813,1757853,1757883,1757903,1757976,1757997,1758000,1758058,1758072-1758075,1758078-1758079,1758223,1758257,1758261,1758276,1758292,1758369,1758378-1758383,1758421,1758423,1758425-1758427,1758430,1758443,1758448,1758459,1758483,1758486-1758487,1758499,1758525,1758556,1758580,1758582,1758584,1758588,1758842,1759019,1759212,1759224,1759227,1759252,1759274,1759513-1759516,1759611,1759757,1759785-1759790,1760005,1760022,1760109-1760110,1760135,1760200-1760201,1760227,1760300,1760397,1760446,1760454,1760640,1760648,1761057,1761422,1761491,1761498,1761500-1761501,1761550,1761553,1761572,1761574,1761625-1761626,1761628,1761682,1761740,1761752,1762051-176205
svn commit: r1854091 - /tomcat/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLContext.java
Author: markt
Date: Thu Feb 21 20:24:25 2019
New Revision: 1854091
URL: http://svn.apache.org/viewvc?rev=1854091=rev
Log:
Remove code that is essentially NO-OP
Modified:
tomcat/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLContext.java
Modified:
tomcat/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLContext.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLContext.java?rev=1854091=1854090=1854091=diff
==
--- tomcat/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLContext.java
(original)
+++ tomcat/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLContext.java
Thu Feb 21 20:24:25 2019
@@ -245,21 +245,11 @@ public class OpenSSLContext implements o
// Set session cache size, if specified
if (sslHostConfig.getSessionCacheSize() > 0) {
SSLContext.setSessionCacheSize(ctx,
sslHostConfig.getSessionCacheSize());
-} else {
-// Get the default session cache size using
SSLContext.setSessionCacheSize()
-long sessionCacheSize = SSLContext.setSessionCacheSize(ctx,
20480);
-// Revert the session cache size to the default value.
-SSLContext.setSessionCacheSize(ctx, sessionCacheSize);
}
// Set session timeout, if specified
if (sslHostConfig.getSessionTimeout() > 0) {
SSLContext.setSessionCacheTimeout(ctx,
sslHostConfig.getSessionTimeout());
-} else {
-// Get the default session timeout using
SSLContext.setSessionCacheTimeout()
-long sessionTimeout = SSLContext.setSessionCacheTimeout(ctx,
300);
-// Revert the session timeout to the default value.
-SSLContext.setSessionCacheTimeout(ctx, sessionTimeout);
}
// List the ciphers that the client is permitted to negotiate
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
buildbot success in on tomcat-85-trunk
The Buildbot has detected a restored build on builder tomcat-85-trunk while building . Full details are available at: https://ci.apache.org/builders/tomcat-85-trunk/builds/1662 Buildbot URL: https://ci.apache.org/ Buildslave for this Build: silvanus_ubuntu Build Reason: The AnyBranchScheduler scheduler named 'on-tomcat-85-commit' triggered this build Build Source Stamp: [branch tomcat/tc8.5.x/trunk] 1854081 Blamelist: markt Build succeeded! Sincerely, -The Buildbot - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1854089 - /tomcat/trunk/java/org/apache/tomcat/util/net/Nio2Endpoint.java
Author: remm
Date: Thu Feb 21 20:18:12 2019
New Revision: 1854089
URL: http://svn.apache.org/viewvc?rev=1854089=rev
Log:
Revert again after CI fail.
Modified:
tomcat/trunk/java/org/apache/tomcat/util/net/Nio2Endpoint.java
Modified: tomcat/trunk/java/org/apache/tomcat/util/net/Nio2Endpoint.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/net/Nio2Endpoint.java?rev=1854089=1854088=1854089=diff
==
--- tomcat/trunk/java/org/apache/tomcat/util/net/Nio2Endpoint.java (original)
+++ tomcat/trunk/java/org/apache/tomcat/util/net/Nio2Endpoint.java Thu Feb 21
20:18:12 2019
@@ -810,7 +810,7 @@ public class Nio2Endpoint extends Abstra
socketBufferHandler.configureReadBufferForRead();
nRead = Math.min(nRead, len);
socketBufferHandler.getReadBuffer().get(b, off, nRead);
-} else if (nRead == 0 && !block) {
+} else if (nRead == 0 && !block &&
ContainerThreadMarker.isContainerThread()) {
readInterest = true;
}
if (log.isDebugEnabled()) {
@@ -873,7 +873,7 @@ public class Nio2Endpoint extends Abstra
// data that was just read
if (nRead > 0) {
nRead = populateReadBuffer(to);
-} else if (nRead == 0 && !block) {
+} else if (nRead == 0 && !block &&
ContainerThreadMarker.isContainerThread()) {
readInterest = true;
}
}
@@ -1476,9 +1476,6 @@ public class Nio2Endpoint extends Abstra
@Override
public void registerReadInterest() {
-if (!ContainerThreadMarker.isContainerThread()) {
-return;
-}
synchronized (readCompletionHandler) {
if (readPending.availablePermits() == 0) {
readInterest = true;
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: [VOTE] Migrate to git
On Thu, Feb 21, 2019 at 5:13 PM Mark Thomas wrote: > This is a VOTE to migrate the primary source code repository for Apache > Tomcat 9.0.x, 8.5.x and 7.0.x from svn to git. > > The migration will be performed as per: > https://cwiki.apache.org/confluence/display/TOMCAT/Git+migration > > with the following changes: > - 8.0.x will not be migrated > - the tag name format will be changed from "TOMCAT_9_0_5" to "9.0.5" > - the branches will be named master, 8.5.x and 7.0.x > > The proposed date (subject to Infra agreement) for the migration is 26 > Feb 2018. > > The migration process will be: > - Make svn read only for trunk, 8.5.x and 7.0.x > - Turn off the svn->git replication for trunk, 8.5.x and 7.0.x > - Make git://git.apache.org/tomcat.git read/write for me only > - Perform the migration as set out in the wiki with the modifications > described above > - Check the migration > - Make git://git.apache.org/tomcat.git read/write for all committers > (Note: This automatically makes https://github.com/apache/tomcat >read/write as well) > > The critical work is done at this point. The following tasks are more > clean-up and may end up being spread over several days. > > - Confirm there are no open PRs for https://github.com/apache/tomcat85 > and then delete it and git://git.apache.org/tomcat85.git > - Confirm there are no open PRs for https://github.com/apache/tomcat70 > and then delete it and git://git.apache.org/tomcat70.git > - Update the CI systems to pull the source from git > - Create /source.html and replace /svn.html with a redirect to > /source.html > - Update migration guide to pull diffs from gitweb > - Update Tomcat Native to pull in source from git hash > - Fix anything else we have forgotten about. > > If anything goes wrong and we can't fix is easily, the fallback is to > make svn read-write and go back to using svn while we clean up the git > side of things, figure out what went wrong and come up with a better > migration plan. > > [X] +1 Go ahead with the migration > [ ] -1 Postpone the migration because... > > The vote will be open for at least 72 hours. > > Rémy
Re: [VOTE] Migrate to git
On 2/21/2019 8:13 AM, Mark Thomas wrote: This is a VOTE to migrate the primary source code repository for Apache Tomcat 9.0.x, 8.5.x and 7.0.x from svn to git. The migration will be performed as per: https://cwiki.apache.org/confluence/display/TOMCAT/Git+migration with the following changes: - 8.0.x will not be migrated - the tag name format will be changed from "TOMCAT_9_0_5" to "9.0.5" - the branches will be named master, 8.5.x and 7.0.x The proposed date (subject to Infra agreement) for the migration is 26 Feb 2018. The migration process will be: - Make svn read only for trunk, 8.5.x and 7.0.x - Turn off the svn->git replication for trunk, 8.5.x and 7.0.x - Make git://git.apache.org/tomcat.git read/write for me only - Perform the migration as set out in the wiki with the modifications described above - Check the migration - Make git://git.apache.org/tomcat.git read/write for all committers (Note: This automatically makes https://github.com/apache/tomcat read/write as well) The critical work is done at this point. The following tasks are more clean-up and may end up being spread over several days. - Confirm there are no open PRs for https://github.com/apache/tomcat85 and then delete it and git://git.apache.org/tomcat85.git - Confirm there are no open PRs for https://github.com/apache/tomcat70 and then delete it and git://git.apache.org/tomcat70.git - Update the CI systems to pull the source from git - Create /source.html and replace /svn.html with a redirect to /source.html - Update migration guide to pull diffs from gitweb - Update Tomcat Native to pull in source from git hash - Fix anything else we have forgotten about. If anything goes wrong and we can't fix is easily, the fallback is to make svn read-write and go back to using svn while we clean up the git side of things, figure out what went wrong and come up with a better migration plan. [X] +1 Go ahead with the migration Thank you, Igal - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
buildbot failure in on tomcat-trunk
The Buildbot has detected a new failure on builder tomcat-trunk while building . Full details are available at: https://ci.apache.org/builders/tomcat-trunk/builds/4075 Buildbot URL: https://ci.apache.org/ Buildslave for this Build: silvanus_ubuntu Build Reason: The AnyBranchScheduler scheduler named 'on-tomcat-commit' triggered this build Build Source Stamp: [branch tomcat/trunk] 1854091 Blamelist: markt BUILD FAILED: failed compile_1 Sincerely, -The Buildbot - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1854084 - in /tomcat/trunk/java/org/apache: coyote/ coyote/ajp/ coyote/http11/ coyote/http11/upgrade/ coyote/http2/ tomcat/util/net/
Author: remm
Date: Thu Feb 21 19:31:22 2019
New Revision: 1854084
URL: http://svn.apache.org/viewvc?rev=1854084=rev
Log:
Revert after CI failure, try something else.
Modified:
tomcat/trunk/java/org/apache/coyote/AbstractProcessor.java
tomcat/trunk/java/org/apache/coyote/AbstractProtocol.java
tomcat/trunk/java/org/apache/coyote/ajp/AjpProcessor.java
tomcat/trunk/java/org/apache/coyote/http11/Http11Processor.java
tomcat/trunk/java/org/apache/coyote/http11/upgrade/UpgradeServletInputStream.java
tomcat/trunk/java/org/apache/coyote/http2/StreamProcessor.java
tomcat/trunk/java/org/apache/tomcat/util/net/AprEndpoint.java
tomcat/trunk/java/org/apache/tomcat/util/net/Nio2Endpoint.java
tomcat/trunk/java/org/apache/tomcat/util/net/NioEndpoint.java
tomcat/trunk/java/org/apache/tomcat/util/net/SocketWrapperBase.java
Modified: tomcat/trunk/java/org/apache/coyote/AbstractProcessor.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/coyote/AbstractProcessor.java?rev=1854084=1854083=1854084=diff
==
--- tomcat/trunk/java/org/apache/coyote/AbstractProcessor.java (original)
+++ tomcat/trunk/java/org/apache/coyote/AbstractProcessor.java Thu Feb 21
19:31:22 2019
@@ -790,7 +790,7 @@ public abstract class AbstractProcessor
}
if (!isRequestBodyFullyRead()) {
-registerReadInterest(true);
+registerReadInterest();
}
return false;
@@ -800,7 +800,7 @@ public abstract class AbstractProcessor
protected abstract boolean isRequestBodyFullyRead();
-protected abstract void registerReadInterest(boolean body);
+protected abstract void registerReadInterest();
protected abstract boolean isReadyForWrite();
Modified: tomcat/trunk/java/org/apache/coyote/AbstractProtocol.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/coyote/AbstractProtocol.java?rev=1854084=1854083=1854084=diff
==
--- tomcat/trunk/java/org/apache/coyote/AbstractProtocol.java (original)
+++ tomcat/trunk/java/org/apache/coyote/AbstractProtocol.java Thu Feb 21
19:31:22 2019
@@ -903,7 +903,7 @@ public abstract class AbstractProtocolhttp://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/coyote/ajp/AjpProcessor.java?rev=1854084=1854083=1854084=diff
==
--- tomcat/trunk/java/org/apache/coyote/ajp/AjpProcessor.java (original)
+++ tomcat/trunk/java/org/apache/coyote/ajp/AjpProcessor.java Thu Feb 21
19:31:22 2019
@@ -1134,8 +1134,8 @@ public class AjpProcessor extends Abstra
@Override
-protected final void registerReadInterest(boolean body) {
-socketWrapper.registerReadInterest(!body);
+protected final void registerReadInterest() {
+socketWrapper.registerReadInterest();
}
Modified: tomcat/trunk/java/org/apache/coyote/http11/Http11Processor.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/coyote/http11/Http11Processor.java?rev=1854084=1854083=1854084=diff
==
--- tomcat/trunk/java/org/apache/coyote/http11/Http11Processor.java (original)
+++ tomcat/trunk/java/org/apache/coyote/http11/Http11Processor.java Thu Feb 21
19:31:22 2019
@@ -1215,8 +1215,8 @@ public class Http11Processor extends Abs
@Override
-protected final void registerReadInterest(boolean body) {
-socketWrapper.registerReadInterest(!body);
+protected final void registerReadInterest() {
+socketWrapper.registerReadInterest();
}
Modified:
tomcat/trunk/java/org/apache/coyote/http11/upgrade/UpgradeServletInputStream.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/coyote/http11/upgrade/UpgradeServletInputStream.java?rev=1854084=1854083=1854084=diff
==
---
tomcat/trunk/java/org/apache/coyote/http11/upgrade/UpgradeServletInputStream.java
(original)
+++
tomcat/trunk/java/org/apache/coyote/http11/upgrade/UpgradeServletInputStream.java
Thu Feb 21 19:31:22 2019
@@ -107,7 +107,7 @@ public class UpgradeServletInputStream e
if (ContainerThreadMarker.isContainerThread()) {
processor.addDispatch(DispatchType.NON_BLOCKING_READ);
} else {
-socketWrapper.registerReadInterest(true);
+socketWrapper.registerReadInterest();
}
// Switching to non-blocking. Don't know if data is available.
Modified: tomcat/trunk/java/org/apache/coyote/http2/StreamProcessor.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/coyote/http2/StreamProcessor.java?rev=1854084=1854083=1854084=diff
==
---
buildbot success in on tomcat-trunk
The Buildbot has detected a restored build on builder tomcat-trunk while building . Full details are available at: https://ci.apache.org/builders/tomcat-trunk/builds/4074 Buildbot URL: https://ci.apache.org/ Buildslave for this Build: silvanus_ubuntu Build Reason: The AnyBranchScheduler scheduler named 'on-tomcat-commit' triggered this build Build Source Stamp: [branch tomcat/trunk] 1854089 Blamelist: remm Build succeeded! Sincerely, -The Buildbot - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: [VOTE] Migrate to git
Le 21/02/2019 à 17:13, Mark Thomas a écrit : > [X] +1 Go ahead with the migration > [ ] -1 Postpone the migration because... Thank you Mark. Emmanuel Bourg - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
buildbot success in on tomcat-trunk
The Buildbot has detected a restored build on builder tomcat-trunk while building . Full details are available at: https://ci.apache.org/builders/tomcat-trunk/builds/4076 Buildbot URL: https://ci.apache.org/ Buildslave for this Build: silvanus_ubuntu Build Reason: The AnyBranchScheduler scheduler named 'on-tomcat-commit' triggered this build Build Source Stamp: [branch tomcat/trunk] 1854097 Blamelist: markt Build succeeded! Sincerely, -The Buildbot - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1854079 - in /tomcat/trunk/java/org/apache/tomcat/util/net: SSLUtilBase.java jsse/JSSEUtil.java openssl/OpenSSLUtil.java
Author: markt
Date: Thu Feb 21 18:44:51 2019
New Revision: 1854079
URL: http://svn.apache.org/viewvc?rev=1854079=rev
Log:
Refactor with the aim (several commits in the future) of enabling the
AprEndpoint to use JSSE style configuration
Modified:
tomcat/trunk/java/org/apache/tomcat/util/net/SSLUtilBase.java
tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSEUtil.java
tomcat/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLUtil.java
Modified: tomcat/trunk/java/org/apache/tomcat/util/net/SSLUtilBase.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/net/SSLUtilBase.java?rev=1854079=1854078=1854079=diff
==
--- tomcat/trunk/java/org/apache/tomcat/util/net/SSLUtilBase.java (original)
+++ tomcat/trunk/java/org/apache/tomcat/util/net/SSLUtilBase.java Thu Feb 21
18:44:51 2019
@@ -22,12 +22,33 @@ import java.io.InputStream;
import java.net.URI;
import java.security.DomainLoadStoreParameter;
import java.security.KeyStore;
+import java.security.cert.CRL;
+import java.security.cert.CRLException;
+import java.security.cert.CertPathParameters;
+import java.security.cert.CertStore;
+import java.security.cert.CertStoreParameters;
+import java.security.cert.Certificate;
+import java.security.cert.CertificateException;
+import java.security.cert.CertificateExpiredException;
+import java.security.cert.CertificateFactory;
+import java.security.cert.CertificateNotYetValidException;
+import java.security.cert.CollectionCertStoreParameters;
+import java.security.cert.PKIXBuilderParameters;
+import java.security.cert.X509CertSelector;
+import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
+import java.util.Date;
+import java.util.Enumeration;
import java.util.List;
import java.util.Set;
+import javax.net.ssl.CertPathTrustManagerParameters;
+import javax.net.ssl.ManagerFactoryParameters;
+import javax.net.ssl.TrustManager;
+import javax.net.ssl.TrustManagerFactory;
+
import org.apache.juli.logging.Log;
import org.apache.juli.logging.LogFactory;
import org.apache.tomcat.util.file.ConfigFileLoader;
@@ -42,6 +63,7 @@ public abstract class SSLUtilBase implem
private static final Log log = LogFactory.getLog(SSLUtilBase.class);
private static final StringManager sm =
StringManager.getManager(SSLUtilBase.class);
+protected final SSLHostConfig sslHostConfig;
protected final SSLHostConfigCertificate certificate;
private final String[] enabledProtocols;
@@ -55,7 +77,7 @@ public abstract class SSLUtilBase implem
protected SSLUtilBase(SSLHostConfigCertificate certificate, boolean
warnTls13) {
this.certificate = certificate;
-SSLHostConfig sslHostConfig = certificate.getSSLHostConfig();
+this.sslHostConfig = certificate.getSSLHostConfig();
// Calculate the enabled protocols
Set configuredProtocols = sslHostConfig.getProtocols();
@@ -215,11 +237,153 @@ public abstract class SSLUtilBase implem
return enabledProtocols;
}
+
@Override
public String[] getEnabledCiphers() {
return enabledCiphers;
}
+
+@Override
+public TrustManager[] getTrustManagers() throws Exception {
+
+String className = sslHostConfig.getTrustManagerClassName();
+if(className != null && className.length() > 0) {
+ ClassLoader classLoader = getClass().getClassLoader();
+ Class clazz = classLoader.loadClass(className);
+ if(!(TrustManager.class.isAssignableFrom(clazz))){
+throw new InstantiationException(sm.getString(
+"jsse.invalidTrustManagerClassName", className));
+ }
+ Object trustManagerObject = clazz.getConstructor().newInstance();
+ TrustManager trustManager = (TrustManager) trustManagerObject;
+ return new TrustManager[]{ trustManager };
+}
+
+TrustManager[] tms = null;
+
+KeyStore trustStore = sslHostConfig.getTruststore();
+if (trustStore != null) {
+checkTrustStoreEntries(trustStore);
+String algorithm = sslHostConfig.getTruststoreAlgorithm();
+String crlf = sslHostConfig.getCertificateRevocationListFile();
+boolean revocationEnabled = sslHostConfig.getRevocationEnabled();
+
+if ("PKIX".equalsIgnoreCase(algorithm)) {
+TrustManagerFactory tmf =
TrustManagerFactory.getInstance(algorithm);
+CertPathParameters params = getParameters(crlf, trustStore,
revocationEnabled);
+ManagerFactoryParameters mfp = new
CertPathTrustManagerParameters(params);
+tmf.init(mfp);
+tms = tmf.getTrustManagers();
+} else {
+TrustManagerFactory tmf =
TrustManagerFactory.getInstance(algorithm);
+
svn commit: r1854097 - in /tomcat/trunk/java/org/apache/tomcat/util/net: SSLUtilBase.java jsse/JSSEUtil.java openssl/OpenSSLUtil.java
Author: markt
Date: Thu Feb 21 20:59:10 2019
New Revision: 1854097
URL: http://svn.apache.org/viewvc?rev=1854097=rev
Log:
More alignment of JSSE and OpenSSL (and a little code reduction)
Modified:
tomcat/trunk/java/org/apache/tomcat/util/net/SSLUtilBase.java
tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSEUtil.java
tomcat/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLUtil.java
Modified: tomcat/trunk/java/org/apache/tomcat/util/net/SSLUtilBase.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/net/SSLUtilBase.java?rev=1854097=1854096=1854097=diff
==
--- tomcat/trunk/java/org/apache/tomcat/util/net/SSLUtilBase.java (original)
+++ tomcat/trunk/java/org/apache/tomcat/util/net/SSLUtilBase.java Thu Feb 21
20:59:10 2019
@@ -21,6 +21,7 @@ import java.io.IOException;
import java.io.InputStream;
import java.net.URI;
import java.security.DomainLoadStoreParameter;
+import java.security.Key;
import java.security.KeyStore;
import java.security.cert.CRL;
import java.security.cert.CRLException;
@@ -42,18 +43,24 @@ import java.util.Collections;
import java.util.Date;
import java.util.Enumeration;
import java.util.List;
+import java.util.Locale;
import java.util.Set;
import javax.net.ssl.CertPathTrustManagerParameters;
+import javax.net.ssl.KeyManager;
+import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.ManagerFactoryParameters;
import javax.net.ssl.SSLSessionContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
+import javax.net.ssl.X509KeyManager;
import org.apache.juli.logging.Log;
import org.apache.juli.logging.LogFactory;
import org.apache.tomcat.util.file.ConfigFileLoader;
import org.apache.tomcat.util.net.SSLHostConfig.CertificateVerification;
+import org.apache.tomcat.util.net.jsse.JSSEKeyManager;
+import org.apache.tomcat.util.net.jsse.PEMFile;
import org.apache.tomcat.util.res.StringManager;
/**
@@ -250,6 +257,120 @@ public abstract class SSLUtilBase implem
}
+@Override
+public KeyManager[] getKeyManagers() throws Exception {
+String keyAlias = certificate.getCertificateKeyAlias();
+String algorithm = sslHostConfig.getKeyManagerAlgorithm();
+String keyPass = certificate.getCertificateKeyPassword();
+// This has to be here as it can't be moved to SSLHostConfig since the
+// defaults vary between JSSE and OpenSSL.
+if (keyPass == null) {
+keyPass = certificate.getCertificateKeystorePassword();
+}
+
+KeyStore ks = certificate.getCertificateKeystore();
+KeyStore ksUsed = ks;
+
+/*
+ * Use an in memory key store where possible.
+ * For PEM format keys and certificates, it allows them to be imported
+ * into the expected format.
+ * For Java key stores with PKCS8 encoded keys (e.g. JKS files), it
+ * enables Tomcat to handle the case where multiple keys exist in the
+ * key store, each with a different password. The KeyManagerFactory
+ * can't handle that so using an in memory key store with just the
+ * required key works around that.
+ * Other keys stores (hardware, MS, etc.) will be used as is.
+ */
+
+char[] keyPassArray = keyPass.toCharArray();
+
+if (ks == null) {
+if (certificate.getCertificateFile() == null) {
+throw new IOException(sm.getString("jsse.noCertFile"));
+}
+
+PEMFile privateKeyFile = new PEMFile(
+certificate.getCertificateKeyFile() != null ?
certificate.getCertificateKeyFile() : certificate.getCertificateFile(),
+keyPass);
+PEMFile certificateFile = new
PEMFile(certificate.getCertificateFile());
+
+Collection chain = new ArrayList<>();
+chain.addAll(certificateFile.getCertificates());
+if (certificate.getCertificateChainFile() != null) {
+PEMFile certificateChainFile = new
PEMFile(certificate.getCertificateChainFile());
+chain.addAll(certificateChainFile.getCertificates());
+}
+
+if (keyAlias == null) {
+keyAlias = "tomcat";
+}
+
+// Switch to in-memory key store
+ksUsed = KeyStore.getInstance("JKS");
+ksUsed.load(null, null);
+ksUsed.setKeyEntry(keyAlias, privateKeyFile.getPrivateKey(),
keyPass.toCharArray(),
+chain.toArray(new Certificate[chain.size()]));
+} else {
+if (keyAlias != null && !ks.isKeyEntry(keyAlias)) {
+throw new IOException(sm.getString("jsse.alias_no_key_entry",
keyAlias));
+} else if (keyAlias == null) {
+Enumeration aliases = ks.aliases();
+if (!aliases.hasMoreElements()) {
+throw new
[GUMP@vmgump-vm3]: Project tomcat-tc7.0.x-test-bio (in module tomcat-7.0.x) failed
To whom it may engage... This is an automated request, but not an unsolicited one. For more information please visit http://gump.apache.org/nagged.html, and/or contact the folk at gene...@gump.apache.org. Project tomcat-tc7.0.x-test-bio has an issue affecting its community integration. This issue affects 1 projects, and has been outstanding for 43 runs. The current state of this project is 'Failed', with reason 'Build Failed'. For reference only, the following projects are affected by this: - tomcat-tc7.0.x-test-bio : Tomcat 7.x, a web server implementing Java Servlet 3.0, ... Full details are available at: http://vmgump-vm3.apache.org/tomcat-7.0.x/tomcat-tc7.0.x-test-bio/index.html That said, some information snippets are provided here. The following annotations (debug/informational/warning/error messages) were provided: -DEBUG- Dependency on tomcat-tc7.0.x-dbcp exists, no need to add for property tomcat-dbcp-src.jar. -DEBUG- Dependency on tomcat-tc7.0.x-dbcp exists, no need to add for property tomcat-dbcp.home. -INFO- Failed with reason build failed -INFO- Project Reports in: /srv/gump/public/workspace/tomcat-7.0.x/output/logs-BIO -INFO- Project Reports in: /srv/gump/public/workspace/tomcat-7.0.x/output/test-tmp-BIO/logs The following work was performed: http://vmgump-vm3.apache.org/tomcat-7.0.x/tomcat-tc7.0.x-test-bio/gump_work/build_tomcat-7.0.x_tomcat-tc7.0.x-test-bio.html Work Name: build_tomcat-7.0.x_tomcat-tc7.0.x-test-bio (Type: Build) Work ended in a state of : Failed Elapsed: 16 mins 42 secs Command Line: /usr/lib/jvm/java-8-oracle/bin/java -Djava.awt.headless=true -Dbuild.sysclasspath=only -Dsun.zip.disableMemoryMapping=true org.apache.tools.ant.Main -Dgump.merge=/srv/gump/public/gump/work/merge.xml -Dbase.path=/srv/gump/public/workspace/tomcat-7.0.x/tomcat-build-libs -Dcommons-pool.home=/srv/gump/public/workspace/commons-pool-1.x -Dtest.temp=output/test-tmp-BIO -Djunit.jar=/srv/gump/public/workspace/junit/target/junit-4.13-SNAPSHOT.jar -Dobjenesis.jar=/srv/gump/public/workspace/objenesis/main/target/objenesis-3.1-SNAPSHOT.jar -Dexamples.sources.skip=true -Dcommons-daemon.jar=/srv/gump/public/workspace/apache-commons/daemon/target/commons-daemon-1.1.1-SNAPSHOT.jar -Dtomcat-dbcp-src.jar=/srv/gump/public/workspace/tomcat-7.0.x/tomcat-deps/tomcat-dbcp-src.jar -Dtomcat-dbcp.home=/srv/gump/public/workspace/tomcat-7.0.x/tomcat-deps -Dtest.exclude=**/TestFlushableGZIPOutputStream.java -Dtest.excludePerformance=true -Dhamcrest.jar=/srv/gump/packages/hamcrest/hamcrest-core-1.3.j ar -Dcommons-dbcp.home=/srv/gump/public/workspace/commons-dbcp-1.x -Dexecute.test.apr=false -Dexecute.test.bio=true -Dtest.reports=output/logs-BIO -Djdt.jar=/srv/gump/packages/eclipse/plugins/R-4.7.3a-201803300640/ecj-4.7.3a.jar -Dtest.relaxTiming=true -Dexecute.test.nio=false -Dtest.accesslog=true -Dtomcat-dbcp.jar=/srv/gump/public/workspace/tomcat-7.0.x/tomcat-deps/tomcat-dbcp-20190222.jar -Deasymock.jar=/srv/gump/packages/easymock3/easymock-3.6.jar -Dcglib.jar=/srv/gump/packages/cglib/cglib-nodep-2.2.jar test [Working Directory: /srv/gump/public/workspace/tomcat-7.0.x] CLASSPATH: /usr/lib/jvm/java-8-oracle/lib/tools.jar:/srv/gump/public/workspace/tomcat-7.0.x/output/build/webapps/examples/WEB-INF/classes:/srv/gump/public/workspace/tomcat-7.0.x/output/testclasses:/srv/gump/public/workspace/ant/dist/lib/ant.jar:/srv/gump/public/workspace/ant/dist/lib/ant-launcher.jar:/srv/gump/public/workspace/ant/dist/lib/ant-jmf.jar:/srv/gump/public/workspace/ant/dist/lib/ant-junit.jar:/srv/gump/public/workspace/ant/dist/lib/ant-junit4.jar:/srv/gump/public/workspace/ant/dist/lib/ant-swing.jar:/srv/gump/public/workspace/ant/dist/lib/ant-apache-resolver.jar:/srv/gump/public/workspace/ant/dist/lib/ant-apache-xalan2.jar:/srv/gump/public/workspace/xml-commons/java/build/resolver.jar:/srv/gump/public/workspace/tomcat-7.0.x/output/build/bin/bootstrap.jar:/srv/gump/public/workspace/tomcat-7.0.x/output/build/bin/tomcat-juli.jar:/srv/gump/public/workspace/tomcat-7.0.x/output/build/lib/annotations-api.jar:/srv/gump/public/workspace/tomcat-7.0.x/output/build/lib/servlet-api.ja
[GUMP@vmgump-vm3]: Project tomcat-trunk-test-nio2 (in module tomcat-trunk) failed
To whom it may engage... This is an automated request, but not an unsolicited one. For more information please visit http://gump.apache.org/nagged.html, and/or contact the folk at gene...@gump.apache.org. Project tomcat-trunk-test-nio2 has an issue affecting its community integration. This issue affects 1 projects. The current state of this project is 'Failed', with reason 'Build Failed'. For reference only, the following projects are affected by this: - tomcat-trunk-test-nio2 : Tomcat 9.x, a web server implementing the Java Servlet 4.0, ... Full details are available at: http://vmgump-vm3.apache.org/tomcat-trunk/tomcat-trunk-test-nio2/index.html That said, some information snippets are provided here. The following annotations (debug/informational/warning/error messages) were provided: -DEBUG- Dependency on bnd exists, no need to add for property bndlib.jar. -INFO- Failed with reason build failed -INFO- Project Reports in: /srv/gump/public/workspace/tomcat-trunk/output/logs-NIO2 -INFO- Project Reports in: /srv/gump/public/workspace/tomcat-trunk/output/test-tmp-NIO2/logs -WARNING- No directory [/srv/gump/public/workspace/tomcat-trunk/output/test-tmp-NIO2/logs] The following work was performed: http://vmgump-vm3.apache.org/tomcat-trunk/tomcat-trunk-test-nio2/gump_work/build_tomcat-trunk_tomcat-trunk-test-nio2.html Work Name: build_tomcat-trunk_tomcat-trunk-test-nio2 (Type: Build) Work ended in a state of : Failed Elapsed: 24 mins 24 secs Command Line: /usr/lib/jvm/java-8-oracle/bin/java -Djava.awt.headless=true -Dbuild.sysclasspath=only -Dsun.zip.disableMemoryMapping=true org.apache.tools.ant.Main -Dgump.merge=/srv/gump/public/gump/work/merge.xml -Dbase.path=/srv/gump/public/workspace/tomcat-trunk/tomcat-build-libs -Dbnd.jar=/srv/gump/packages/bnd/bnd-4.0.0/biz.aQute.bnd-4.0.0.jar -Dsaaj-api.jar=/srv/gump/packages/saaj-api/saaj-api-1.3.5.jar -Djaxrpc-lib.jar=/srv/gump/packages/jaxrpc/geronimo-spec-jaxrpc-1.1-rc4.jar -Dtest.temp=output/test-tmp-NIO2 -Djunit.jar=/srv/gump/public/workspace/junit/target/junit-4.13-SNAPSHOT.jar -Djava.net.preferIPv4Stack=/srv/gump/public/workspace/tomcat-trunk/true -Dobjenesis.jar=/srv/gump/public/workspace/objenesis/main/target/objenesis-3.1-SNAPSHOT.jar -Dexamples.sources.skip=true -Dcommons-daemon.jar=/srv/gump/public/workspace/apache-commons/daemon/target/commons-daemon-1.1.1-SNAPSHOT.jar -Dtest.openssl.path=/srv/gump/public/workspace/openssl-master/dest-20190222/bin/openssl -Dexecute .test.nio=false -Dhamcrest.jar=/srv/gump/packages/hamcrest/hamcrest-core-1.3.jar -Dbndlib.jar=/srv/gump/packages/bnd/bndlib-4.0.0/biz.aQute.bndlib-4.0.0.jar -Dexecute.test.apr=false -Dwsdl4j-lib.jar=/srv/gump/packages/wsdl4j/wsdl4j-1.6.3.jar -Dtest.reports=output/logs-NIO2 -Dexecute.test.nio2=true -Djdt.jar=/srv/gump/packages/eclipse/plugins/R-4.7.3a-201803300640/ecj-4.7.3a.jar -Dtest.relaxTiming=true -Dtest.excludePerformance=true -Dtest.accesslog=true -Deasymock.jar=/srv/gump/public/workspace/easymock/core/target/easymock-4.1-SNAPSHOT.jar -Dcglib.jar=/srv/gump/packages/cglib/cglib-nodep-2.2.jar test [Working Directory: /srv/gump/public/workspace/tomcat-trunk] CLASSPATH: /usr/lib/jvm/java-8-oracle/lib/tools.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/webapps/examples/WEB-INF/classes:/srv/gump/public/workspace/tomcat-trunk/output/testclasses:/srv/gump/public/workspace/ant/dist/lib/ant.jar:/srv/gump/public/workspace/ant/dist/lib/ant-launcher.jar:/srv/gump/public/workspace/ant/dist/lib/ant-jmf.jar:/srv/gump/public/workspace/ant/dist/lib/ant-junit.jar:/srv/gump/public/workspace/ant/dist/lib/ant-junit4.jar:/srv/gump/public/workspace/ant/dist/lib/ant-swing.jar:/srv/gump/public/workspace/ant/dist/lib/ant-apache-resolver.jar:/srv/gump/public/workspace/ant/dist/lib/ant-apache-xalan2.jar:/srv/gump/public/workspace/xml-commons/java/build/resolver.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/bin/bootstrap.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/bin/tomcat-juli.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/annotations-api.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/servlet-api.ja
