Re: svn commit: r962531 [2/2] - in /tomcat/jk/trunk: native/apache-1.3/ native/apache-2.0/ native/iis/ native/iis/pcre/ native/jni/ native/netscape/ native/nt_service/ xdocs/miscellaneous/
On 09.07.2010 17:14, Mladen Turk wrote: On 07/09/2010 03:56 PM, rj...@apache.org wrote: Modified: tomcat/jk/trunk/xdocs/miscellaneous/changelog.xml URL: http://svn.apache.org/viewvc/tomcat/jk/trunk/xdocs/miscellaneous/changelog.xml?rev=962531r1=962530r2=962531view=diff == --- tomcat/jk/trunk/xdocs/miscellaneous/changelog.xml (original) +++ tomcat/jk/trunk/xdocs/miscellaneous/changelog.xml Fri Jul 9 13:56:09 2010 @@ -45,6 +45,10 @@ subsection name=Native changelog fix + Windows: Fix end of line setting for MSVC build files. + Patch provided by sebb. (rjung) +/fix This is just not true. Each .zip source had a correct DOS line endings since, well, forever! Cited from your other reply: WTF? We have changed that to native few years back, and now again we have the line endings mess! I know, that this is not a question about the files we distribute as part of a zip release. Nevertheless I needed to do conversions a coupe of times myself and was always annoyed. Yes partially because I had the tarball at hand not the zip, partially because my Cgwin subversion used non-Windows line ends. I didn't change for a long time because well it seemed to be my fault. But frankly: what's wrong about having those in CRLF? Is there a reasonabe way of using them with Unix line end format? I really don't care a bit how other projects are accustomed of doing things and distributions, but we had a decent one that served well for years, and I really see no reason for a sudden change. Explained above, it served not bad, but I think not especially well either (at least not for me). Please revert that to the original state and open an discussion on @dev list. This is not a bug (although filled in the BZ). I'll revert, discussion opened. Regards, Rainer - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r962825 [2/2] - in /tomcat/jk/trunk: native/apache-1.3/ native/apache-2.0/ native/iis/ native/iis/pcre/ native/jni/ native/netscape/ native/nt_service/ xdocs/miscellaneous/
Modified: tomcat/jk/trunk/native/jni/jni_connect.dsp URL: http://svn.apache.org/viewvc/tomcat/jk/trunk/native/jni/jni_connect.dsp?rev=962825r1=962824r2=962825view=diff == --- tomcat/jk/trunk/native/jni/jni_connect.dsp (original) +++ tomcat/jk/trunk/native/jni/jni_connect.dsp Sat Jul 10 12:07:38 2010 @@ -1,151 +1,151 @@ -# Microsoft Developer Studio Project File - Name=jni_connect - Package Owner=4 -# Microsoft Developer Studio Generated Build File, Format Version 6.00 -# ** DO NOT EDIT ** - -# TARGTYPE Win32 (x86) Dynamic-Link Library 0x0102 - -CFG=jni_connect - Win32 Debug -!MESSAGE This is not a valid makefile. To build this project using NMAKE, -!MESSAGE use the Export Makefile command and run -!MESSAGE -!MESSAGE NMAKE /f jni_connect.mak. -!MESSAGE -!MESSAGE You can specify a configuration when running NMAKE -!MESSAGE by defining the macro CFG on the command line. For example: -!MESSAGE -!MESSAGE NMAKE /f jni_connect.mak CFG=jni_connect - Win32 Debug -!MESSAGE -!MESSAGE Possible choices for configuration are: -!MESSAGE -!MESSAGE jni_connect - Win32 Release (based on Win32 (x86) Dynamic-Link Library) -!MESSAGE jni_connect - Win32 Debug (based on Win32 (x86) Dynamic-Link Library) -!MESSAGE - -# Begin Project -# PROP AllowPerConfigDependencies 0 -# PROP Scc_ProjName -# PROP Scc_LocalPath -CPP=cl.exe -MTL=midl.exe -RSC=rc.exe - -!IF $(CFG) == jni_connect - Win32 Release - -# PROP BASE Use_MFC 0 -# PROP BASE Use_Debug_Libraries 0 -# PROP BASE Output_Dir Release -# PROP BASE Intermediate_Dir Release -# PROP BASE Target_Dir -# PROP Use_MFC 0 -# PROP Use_Debug_Libraries 0 -# PROP Output_Dir release -# PROP Intermediate_Dir release -# PROP Ignore_Export_Lib 0 -# PROP Target_Dir -# ADD BASE CPP /nologo /MD /W3 /GX /Zi /O2 /D WIN32 /D NDEBUG /D _WINDOWS /D _MBCS /D _USRDLL /D JNI_CONNECT_EXPORTS /FD /c -# ADD CPP /nologo /MD /W3 /GX /Zi /O2 /I $(JAVA_HOME)\include /I $(JAVA_HOME)\include\win32 /I ..\common /D WIN32 /D NDEBUG /D _WINDOWS /D _MBCS /D _USRDLL /D JNI_CONNECT_EXPORTS /FdRelease/jni_connect_src /FD /c -# ADD BASE MTL /nologo /D NDEBUG /mktyplib203 /win32 -# ADD MTL /nologo /D NDEBUG /mktyplib203 /win32 -# ADD BASE RSC /l 0x409 /d NDEBUG -# ADD RSC /l 0x409 /d NDEBUG -BSC32=bscmake.exe -# ADD BASE BSC32 /nologo -# ADD BSC32 /nologo -LINK32=link.exe -# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /dll /machine:I386 -# ADD LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /base:0x6A6E /subsystem:windows /dll /incremental:no /debug /machine:I386 /opt:ref - -!ELSEIF $(CFG) == jni_connect - Win32 Debug - -# PROP BASE Use_MFC 0 -# PROP BASE Use_Debug_Libraries 1 -# PROP BASE Output_Dir Debug -# PROP BASE Intermediate_Dir Debug -# PROP BASE Target_Dir -# PROP Use_MFC 0 -# PROP Use_Debug_Libraries 1 -# PROP Output_Dir debug -# PROP Intermediate_Dir debug -# PROP Ignore_Export_Lib 0 -# PROP Target_Dir -# ADD BASE CPP /nologo /MDd /W3 /Gm /GX /Zi /Od /D WIN32 /D _DEBUG /D _WINDOWS /D _MBCS /D _USRDLL /D JNI_CONNECT_EXPORTS /FD /c -# ADD CPP /nologo /MDd /W3 /Gm /GX /Zi /Od /I $(JAVA_HOME)\include /I $(JAVA_HOME)\include\win32 /I ..\common /D WIN32 /D _DEBUG /D _WINDOWS /D _MBCS /D _USRDLL /D JNI_CONNECT_EXPORTS /FdDebug/jni_connect_src /FD /c -# ADD BASE MTL /nologo /D _DEBUG /mktyplib203 /win32 -# ADD MTL /nologo /D _DEBUG /mktyplib203 /win32 -# ADD BASE RSC /l 0x409 /d _DEBUG -# ADD RSC /l 0x409 /d _DEBUG -BSC32=bscmake.exe -# ADD BASE BSC32 /nologo -# ADD BSC32 /nologo -LINK32=link.exe -# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /dll /debug /machine:I386 /pdbtype:sept -# ADD LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /base:0x6A6E /subsystem:windows /dll /incremental:no /debug /machine:I386 - -!ENDIF - -# Begin Target - -# Name jni_connect - Win32 Release -# Name jni_connect - Win32 Debug -# Begin Group Source Files - -# PROP Default_Filter cpp;c;cxx;rc;def;r;odl;idl;hpj;bat -# Begin Source File - -SOURCE=.\jk_jnicb.c -# End Source File -# Begin Source File - -SOURCE=..\common\jk_map.c -# End Source File -# Begin Source File - -SOURCE=..\common\jk_pool.c -# End Source File -# Begin Source File - -SOURCE=..\common\jk_util.c -# End Source File -# End Group -# Begin Group Header Files - -# PROP Default_Filter h;hpp;hxx;hm;inl -# Begin Source File - -SOURCE=..\common\jk_ajp12_worker.h -# End Source File -# Begin Source File - -SOURCE=..\common\jk_global.h -# End Source File -# Begin Source File - -SOURCE=.\jk_jnicb.h -# End Source File -#
DO NOT REPLY [Bug 48891] Missing EOL-style settings in tomcat/jk/trunk
https://issues.apache.org/bugzilla/show_bug.cgi?id=48891 Rainer Jung rainer.j...@kippdata.de changed: What|Removed |Added Status|RESOLVED|REOPENED Resolution|FIXED | --- Comment #4 from Rainer Jung rainer.j...@kippdata.de 2010-07-10 08:08:26 EDT --- Change reverted in r962825 due to Mladen's -1. Will be discussed on dev list. -- Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r962855 - /tomcat/tc5.5.x/trunk/container/webapps/docs/changelog.xml
Author: kkolinko Date: Sat Jul 10 15:05:58 2010 New Revision: 962855 URL: http://svn.apache.org/viewvc?rev=962855view=rev Log: Add release date Modified: tomcat/tc5.5.x/trunk/container/webapps/docs/changelog.xml Modified: tomcat/tc5.5.x/trunk/container/webapps/docs/changelog.xml URL: http://svn.apache.org/viewvc/tomcat/tc5.5.x/trunk/container/webapps/docs/changelog.xml?rev=962855r1=962854r2=962855view=diff == --- tomcat/tc5.5.x/trunk/container/webapps/docs/changelog.xml (original) +++ tomcat/tc5.5.x/trunk/container/webapps/docs/changelog.xml Sat Jul 10 15:05:58 2010 @@ -38,7 +38,7 @@ !-- Section names: General, Catalina, Coyote, Jasper, Cluster, Webapps -- -section name=Tomcat 5.5.30 (jim) +section name=Tomcat 5.5.30 (jim) rtext=released 2010-07-09 subsection name=General changelog updateUpdate to Commons Daemon 1.0.2. Use service launcher (procrun) - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r962856 - /tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml
Author: kkolinko Date: Sat Jul 10 15:08:09 2010 New Revision: 962856 URL: http://svn.apache.org/viewvc?rev=962856view=rev Log: Add release date Modified: tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml Modified: tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml?rev=962856r1=962855r2=962856view=diff == --- tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml (original) +++ tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml Sat Jul 10 15:08:09 2010 @@ -39,7 +39,7 @@ !-- Section names: General, Catalina, Coyote, Jasper, Cluster, Webapps, Other -- -section name=Tomcat 6.0.28 (jfclere) +section name=Tomcat 6.0.28 (jfclere) rtext=released 2010-07-09 subsection name=Catalina changelog fixArrange filter logic. (jfclere) @@ -96,7 +96,7 @@ /changelog /subsection /section -section name=Tomcat 6.0.27 (Not released) +section name=Tomcat 6.0.27 (jfclere) rtext=not released subsection name=General changelog update - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r962857 - /tomcat/trunk/webapps/docs/changelog.xml
Author: kkolinko Date: Sat Jul 10 15:12:24 2010 New Revision: 962857 URL: http://svn.apache.org/viewvc?rev=962857view=rev Log: Add release date Modified: tomcat/trunk/webapps/docs/changelog.xml Modified: tomcat/trunk/webapps/docs/changelog.xml URL: http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=962857r1=962856r2=962857view=diff == --- tomcat/trunk/webapps/docs/changelog.xml (original) +++ tomcat/trunk/webapps/docs/changelog.xml Sat Jul 10 15:12:24 2010 @@ -212,7 +212,7 @@ /changelog /subsection /section -section name=Tomcat 7.0.0 (markt) +section name=Tomcat 7.0.0 (markt) rtext=beta, 2010-06-29 subsection name=Catalina changelog update - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: svn commit: r962531 [2/2] - in /tomcat/jk/trunk: native/apache-1.3/ native/apache-2.0/ native/iis/ native/iis/pcre/ native/jni/ native/netscape/ native/nt_service/ xdocs/miscellaneous/
On 07/10/2010 01:56 PM, Rainer Jung wrote: On 09.07.2010 17:14, Mladen Turk wrote: Nevertheless I needed to do conversions a coupe of times myself and was always annoyed. Yes partially because I had the tarball at hand not the zip, partially because my Cgwin subversion used non-Windows line ends. I didn't change for a long time because well it seemed to be my fault. But frankly: what's wrong about having those in CRLF? Is there a reasonabe way of using them with Unix line end format? Just to close the discussion and hopefully we don't open it again in few years :) ... 1. diff and patch doesn't work well with CRLF on unix. 2. copy/paste automatically converts between CRLF and LF on unix in majority of editors. 3. Mailing patches will also wrongly translate line endings 4. some patch utils works with CRLF only by using brute force option. Even then, they can convert the CRLF to LF from hunks, in which case patched file is a mixture of CRLF-LF 5. We have a solution that unix2dos *.dsp and *.dsw as part of release process. Finally .dsp and .dsw files should go away. Thus (not only for mod_jk) all text files in svn repo should always have native line endings. period. Regards -- ^TM - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r962864 - /tomcat/trunk/webapps/docs/logging.xml
Author: markt Date: Sat Jul 10 16:05:52 2010 New Revision: 962864 URL: http://svn.apache.org/viewvc?rev=962864view=rev Log: Align docs with reality Modified: tomcat/trunk/webapps/docs/logging.xml Modified: tomcat/trunk/webapps/docs/logging.xml URL: http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/logging.xml?rev=962864r1=962863r2=962864view=diff == --- tomcat/trunk/webapps/docs/logging.xml (original) +++ tomcat/trunk/webapps/docs/logging.xml Sat Jul 10 16:05:52 2010 @@ -197,11 +197,9 @@ org.apache.catalina.core.ContainerBase.[ org.apache.catalina.core.ContainerBase.[Catalina].[localhost].[/admin].handlers = \ 4admin.org.apache.juli.FileHandler -# For example, set the com.xyz.foo logger to only log SEVERE -# messages: -#org.apache.catalina.startup.ContextConfig.level = FINE -#org.apache.catalina.startup.HostConfig.level = FINE -#org.apache.catalina.session.ManagerBase.level = FINE +# For example, set the org.apache.catalina.util.LifecycleBase logger to log +# each component that extends LifecycleBase changing state: +#org.apache.catalina.util.LifecycleBase.level = FINE /source /p - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r962865 - in /tomcat/trunk: java/org/apache/catalina/filters/CsrfPreventionFilter.java webapps/docs/changelog.xml
Author: markt Date: Sat Jul 10 16:10:33 2010 New Revision: 962865 URL: http://svn.apache.org/viewvc?rev=962865view=rev Log: Improve CSRF protection filter by using SecureRandom rather than Random Modified: tomcat/trunk/java/org/apache/catalina/filters/CsrfPreventionFilter.java tomcat/trunk/webapps/docs/changelog.xml Modified: tomcat/trunk/java/org/apache/catalina/filters/CsrfPreventionFilter.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/filters/CsrfPreventionFilter.java?rev=962865r1=962864r2=962865view=diff == --- tomcat/trunk/java/org/apache/catalina/filters/CsrfPreventionFilter.java (original) +++ tomcat/trunk/java/org/apache/catalina/filters/CsrfPreventionFilter.java Sat Jul 10 16:10:33 2010 @@ -18,6 +18,7 @@ package org.apache.catalina.filters; import java.io.IOException; +import java.security.SecureRandom; import java.util.HashSet; import java.util.LinkedHashMap; import java.util.Map; @@ -50,7 +51,7 @@ public class CsrfPreventionFilter extend private static final Log log = LogFactory.getLog(CsrfPreventionFilter.class); -private final Random randomSource = new Random(); +private final Random randomSource = new SecureRandom(); private final SetString entryPoints = new HashSetString(); Modified: tomcat/trunk/webapps/docs/changelog.xml URL: http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=962865r1=962864r2=962865view=diff == --- tomcat/trunk/webapps/docs/changelog.xml (original) +++ tomcat/trunk/webapps/docs/changelog.xml Sat Jul 10 16:10:33 2010 @@ -130,6 +130,10 @@ Include session ID in error message logged when trying to set an attribute on an invalid session. (markt) /add + fix +Improve the CSRF protection filter by using SecureRandom rather than +Random to generate nonces. (markt) + /fix /changelog /subsection subsection name=Jasper - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r962871 - /tomcat/trunk/test/org/apache/coyote/http11/TestAbstractHttp11Processor.java
Author: markt Date: Sat Jul 10 16:14:42 2010 New Revision: 962871 URL: http://svn.apache.org/viewvc?rev=962871view=rev Log: Add CVE-2010-2227 test case Added: tomcat/trunk/test/org/apache/coyote/http11/TestAbstractHttp11Processor.java (with props) Added: tomcat/trunk/test/org/apache/coyote/http11/TestAbstractHttp11Processor.java URL: http://svn.apache.org/viewvc/tomcat/trunk/test/org/apache/coyote/http11/TestAbstractHttp11Processor.java?rev=962871view=auto == --- tomcat/trunk/test/org/apache/coyote/http11/TestAbstractHttp11Processor.java (added) +++ tomcat/trunk/test/org/apache/coyote/http11/TestAbstractHttp11Processor.java Sat Jul 10 16:14:42 2010 @@ -0,0 +1,163 @@ +package org.apache.coyote.http11; + +import java.io.File; + +import org.apache.catalina.startup.SimpleHttpClient; +import org.apache.catalina.startup.Tomcat; +import org.apache.catalina.startup.TomcatBaseTest; + +public class TestAbstractHttp11Processor extends TomcatBaseTest { + +public void testWithTEVoid() throws Exception { +Tomcat tomcat = getTomcatInstance(); + +// Use the normal Tomcat ROOT context +File root = new File(test/webapp-3.0); +tomcat.addWebapp(, root.getAbsolutePath()); + +tomcat.start(); + +String request = +POST /echo-params.jsp HTTP/1.1 + SimpleHttpClient.CRLF + +Host: any + SimpleHttpClient.CRLF + +Transfer-encoding: void + SimpleHttpClient.CRLF + +Content-Length: 9 + SimpleHttpClient.CRLF + +Content-Type: application/x-www-form-urlencoded + +SimpleHttpClient.CRLF + +SimpleHttpClient.CRLF + +test=data; + +Client client = new Client(); +client.setPort(getPort()); +client.setRequest(new String[] {request}); + +client.connect(); +client.processRequest(); +assertTrue(client.isResponse501()); +} + +public void testWithTEBuffered() throws Exception { +Tomcat tomcat = getTomcatInstance(); + +// Use the normal Tomcat ROOT context +File root = new File(test/webapp-3.0); +tomcat.addWebapp(, root.getAbsolutePath()); + +tomcat.start(); + +String request = +POST /echo-params.jsp HTTP/1.1 + SimpleHttpClient.CRLF + +Host: any + SimpleHttpClient.CRLF + +Transfer-encoding: buffered + SimpleHttpClient.CRLF + +Content-Length: 9 + SimpleHttpClient.CRLF + +Content-Type: application/x-www-form-urlencoded + +SimpleHttpClient.CRLF + +SimpleHttpClient.CRLF + +test=data; + +Client client = new Client(); +client.setPort(getPort()); +client.setRequest(new String[] {request}); + +client.connect(); +client.processRequest(); +assertTrue(client.isResponse501()); +} + + +public void testWithTEIdentity() throws Exception { +Tomcat tomcat = getTomcatInstance(); + +// Use the normal Tomcat ROOT context +File root = new File(test/webapp-3.0); +tomcat.addWebapp(, root.getAbsolutePath()); + +tomcat.start(); + +String request = +POST /echo-params.jsp HTTP/1.1 + SimpleHttpClient.CRLF + +Host: any + SimpleHttpClient.CRLF + +Transfer-encoding: identity + SimpleHttpClient.CRLF + +Content-Length: 9 + SimpleHttpClient.CRLF + +Content-Type: application/x-www-form-urlencoded + +SimpleHttpClient.CRLF + +Connection: close + SimpleHttpClient.CRLF + +SimpleHttpClient.CRLF + +test=data; + +Client client = new Client(); +client.setPort(getPort()); +client.setRequest(new String[] {request}); + +client.connect(); +client.processRequest(); +assertTrue(client.isResponse200()); +assertTrue(client.getResponseBody().contains(test - data)); +} + + +public void testWithTESavedRequest() throws Exception { +Tomcat tomcat = getTomcatInstance(); + +// Use the normal Tomcat ROOT context +File root = new File(test/webapp-3.0); +tomcat.addWebapp(, root.getAbsolutePath()); + +tomcat.start(); + +String request = +POST /echo-params.jsp HTTP/1.1 + SimpleHttpClient.CRLF + +Host: any + SimpleHttpClient.CRLF + +Transfer-encoding: savedrequest + SimpleHttpClient.CRLF + +Content-Length: 9 + SimpleHttpClient.CRLF + +Content-Type: application/x-www-form-urlencoded + +SimpleHttpClient.CRLF + +SimpleHttpClient.CRLF + +test=data; + +Client client = new Client(); +client.setPort(getPort()); +client.setRequest(new
svn commit: r962872 - /tomcat/trunk/java/org/apache/catalina/filters/CsrfPreventionFilter.java
Author: markt Date: Sat Jul 10 16:19:26 2010 New Revision: 962872 URL: http://svn.apache.org/viewvc?rev=962872view=rev Log: Align implementation with docs. nonceCacheSize should be configurable Modified: tomcat/trunk/java/org/apache/catalina/filters/CsrfPreventionFilter.java Modified: tomcat/trunk/java/org/apache/catalina/filters/CsrfPreventionFilter.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/filters/CsrfPreventionFilter.java?rev=962872r1=962871r2=962872view=diff == --- tomcat/trunk/java/org/apache/catalina/filters/CsrfPreventionFilter.java (original) +++ tomcat/trunk/java/org/apache/catalina/filters/CsrfPreventionFilter.java Sat Jul 10 16:19:26 2010 @@ -55,7 +55,7 @@ public class CsrfPreventionFilter extend private final SetString entryPoints = new HashSetString(); -private final int nonceCacheSize = 5; +private int nonceCacheSize = 5; @Override protected Log getLogger() { @@ -79,6 +79,19 @@ public class CsrfPreventionFilter extend } } +/** + * Sets the number of previously issued nonces that will be cached on a LRU + * basis to support parallel requests, limited use of the refresh and back + * in the browser and similar behaviors that may result in the submission + * of a previous nonce rather than the current one. If not set, the default + * value of 5 will be used. + * + * @param nonceCacheSizeThe number of nonces to cache + */ +public void setNonceCacheSize(int nonceCacheSize) { +this.nonceCacheSize = nonceCacheSize; +} + public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r962881 - in /tomcat/trunk: java/org/apache/catalina/filters/CsrfPreventionFilter.java java/org/apache/catalina/filters/LocalStrings.properties webapps/docs/changelog.xml webapps/docs/conf
Author: markt Date: Sat Jul 10 16:41:59 2010 New Revision: 962881 URL: http://svn.apache.org/viewvc?rev=962881view=rev Log: Make the random source used for nonces user configurable Modified: tomcat/trunk/java/org/apache/catalina/filters/CsrfPreventionFilter.java tomcat/trunk/java/org/apache/catalina/filters/LocalStrings.properties tomcat/trunk/webapps/docs/changelog.xml tomcat/trunk/webapps/docs/config/filter.xml Modified: tomcat/trunk/java/org/apache/catalina/filters/CsrfPreventionFilter.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/filters/CsrfPreventionFilter.java?rev=962881r1=962880r2=962881view=diff == --- tomcat/trunk/java/org/apache/catalina/filters/CsrfPreventionFilter.java (original) +++ tomcat/trunk/java/org/apache/catalina/filters/CsrfPreventionFilter.java Sat Jul 10 16:41:59 2010 @@ -26,6 +26,7 @@ import java.util.Random; import java.util.Set; import javax.servlet.FilterChain; +import javax.servlet.FilterConfig; import javax.servlet.ServletException; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; @@ -51,7 +52,9 @@ public class CsrfPreventionFilter extend private static final Log log = LogFactory.getLog(CsrfPreventionFilter.class); -private final Random randomSource = new SecureRandom(); +private String randomClass = SecureRandom.class.getName(); + +private Random randomSource; private final SetString entryPoints = new HashSetString(); @@ -92,6 +95,39 @@ public class CsrfPreventionFilter extend this.nonceCacheSize = nonceCacheSize; } +/** + * Specify the class to use to generate the nonces. Must be in instance of + * {...@link Random}. + * + * @param randomClass The name of the class to use + */ +public void setRandomClass(String randomClass) { +this.randomClass = randomClass; +} + +@Override +public void init(FilterConfig filterConfig) throws ServletException { +// Set the parameters +super.init(filterConfig); + +try { +Class? clazz = Class.forName(randomClass); +randomSource = (Random) clazz.newInstance(); +} catch (ClassNotFoundException e) { +ServletException se = new ServletException(sm.getString( +csrfPrevention.invalidRandomClass, randomClass), e); +throw se; +} catch (InstantiationException e) { +ServletException se = new ServletException(sm.getString( +csrfPrevention.invalidRandomClass, randomClass), e); +throw se; +} catch (IllegalAccessException e) { +ServletException se = new ServletException(sm.getString( +csrfPrevention.invalidRandomClass, randomClass), e); +throw se; +} +} + public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { Modified: tomcat/trunk/java/org/apache/catalina/filters/LocalStrings.properties URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/filters/LocalStrings.properties?rev=962881r1=962880r2=962881view=diff == --- tomcat/trunk/java/org/apache/catalina/filters/LocalStrings.properties (original) +++ tomcat/trunk/java/org/apache/catalina/filters/LocalStrings.properties Sat Jul 10 16:41:59 2010 @@ -13,6 +13,7 @@ # See the License for the specific language governing permissions and # limitations under the License. +csrfPrevention.invalidRandomClass=Unable to create Random source using class [{0}] filterbase.noSuchProperty=The property {0} is not defined for filters of type {1} - + http.403=Access to the specified resource ({0}) has been forbidden. Modified: tomcat/trunk/webapps/docs/changelog.xml URL: http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=962881r1=962880r2=962881view=diff == --- tomcat/trunk/webapps/docs/changelog.xml (original) +++ tomcat/trunk/webapps/docs/changelog.xml Sat Jul 10 16:41:59 2010 @@ -132,7 +132,8 @@ /add fix Improve the CSRF protection filter by using SecureRandom rather than -Random to generate nonces. (markt) +Random to generate nonces. Also make the implementation class used user +configurable. (markt) /fix /changelog /subsection Modified: tomcat/trunk/webapps/docs/config/filter.xml URL: http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/config/filter.xml?rev=962881r1=962880r2=962881view=diff == --- tomcat/trunk/webapps/docs/config/filter.xml (original) +++
svn commit: r962883 - /tomcat/tc6.0.x/trunk/STATUS.txt
Author: markt Date: Sat Jul 10 16:43:16 2010 New Revision: 962883 URL: http://svn.apache.org/viewvc?rev=962883view=rev Log: Update proposal. Remove pero's vote due to size of changes Modified: tomcat/tc6.0.x/trunk/STATUS.txt Modified: tomcat/tc6.0.x/trunk/STATUS.txt URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/STATUS.txt?rev=962883r1=962882r2=962883view=diff == --- tomcat/tc6.0.x/trunk/STATUS.txt (original) +++ tomcat/tc6.0.x/trunk/STATUS.txt Sat Jul 10 16:43:16 2010 @@ -140,7 +140,10 @@ PATCHES PROPOSED TO BACKPORT: but using the new roles (manager-gui, admin-gui etc.) will not bypass the CSRF protection. http://people.apache.org/~markt/patches/2010-06-26-crsf-prevention-filter-tc6.patch - +1: markt, pero + http://svn.apache.org/viewvc?rev=962865view=rev + http://svn.apache.org/viewvc?rev=962872view=rev + http://svn.apache.org/viewvc?rev=962881view=rev + +1: markt -1: * Add support for *.jar pattern in VirtualWebappLoader - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
DO NOT REPLY [Bug 49570] The CompressionFilter example should support HTTP proxies to cache gzipped content better by sending Vary: Accept-Encoding header
https://issues.apache.org/bugzilla/show_bug.cgi?id=49570 Mark Thomas ma...@apache.org changed: What|Removed |Added Status|NEW |RESOLVED Resolution||FIXED --- Comment #1 from Mark Thomas ma...@apache.org 2010-07-10 13:21:15 EDT --- The current approach to gzip compression is fundamentally flawed. See bug46538 and bug39727 for an explanation of why. Transfer-Encoding is the correct way to go but browser support is still patchy. That said, the majority of the current botched solutions - Tomcat included - do set the Vary header. The proposed patch isn't quite right - see bug 48660 for details. I have applied a corrected patch to to 7.0.x and it will be included in 7.0.1 onwards. -- Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r962889 - in /tomcat/trunk/webapps: docs/changelog.xml examples/WEB-INF/classes/compressionFilters/CompressionResponseStream.java
Author: markt Date: Sat Jul 10 17:20:41 2010 New Revision: 962889 URL: http://svn.apache.org/viewvc?rev=962889view=rev Log: Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=49570 When using the example compression filter, set the Vary header on compressed responses Modified: tomcat/trunk/webapps/docs/changelog.xml tomcat/trunk/webapps/examples/WEB-INF/classes/compressionFilters/CompressionResponseStream.java Modified: tomcat/trunk/webapps/docs/changelog.xml URL: http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=962889r1=962888r2=962889view=diff == --- tomcat/trunk/webapps/docs/changelog.xml (original) +++ tomcat/trunk/webapps/docs/changelog.xml Sat Jul 10 17:20:41 2010 @@ -214,6 +214,10 @@ naming resources that broke the complete server status page in the manager application. Note these MBeans now have a new name. (markt) /fix + fix +bug49570/bug: When using the example compression filter, set the +Vary header on compressed responses. (markt) + /fix /changelog /subsection /section Modified: tomcat/trunk/webapps/examples/WEB-INF/classes/compressionFilters/CompressionResponseStream.java URL: http://svn.apache.org/viewvc/tomcat/trunk/webapps/examples/WEB-INF/classes/compressionFilters/CompressionResponseStream.java?rev=962889r1=962888r2=962889view=diff == --- tomcat/trunk/webapps/examples/WEB-INF/classes/compressionFilters/CompressionResponseStream.java (original) +++ tomcat/trunk/webapps/examples/WEB-INF/classes/compressionFilters/CompressionResponseStream.java Sat Jul 10 17:20:41 2010 @@ -306,6 +306,16 @@ public class CompressionResponseStream gzipstream = output; } else { response.addHeader(Content-Encoding, gzip); +String vary = response.getHeader(Vary); +if (vary == null) { +// Add a new Vary header +response.setHeader(Vary, Accept-Encoding); +} else if (vary.equals(*)) { +// No action required +} else { +// Merge into current header +response.setHeader(Vary, vary + ,Accept-Encoding); +} gzipstream = new GZIPOutputStream(output); } } - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: svn commit: r962881 - in /tomcat/trunk: java/org/apache/catalina/filters/CsrfPreventionFilter.java java/org/apache/catalina/filters/LocalStrings.properties webapps/docs/changelog.xml webapps/doc
2010/7/10 ma...@apache.org: Author: markt Date: Sat Jul 10 16:41:59 2010 New Revision: 962881 --- tomcat/trunk/webapps/docs/config/filter.xml (original) +++ tomcat/trunk/webapps/docs/config/filter.xml Sat Jul 10 16:41:59 2010 @@ -135,6 +135,12 @@ value of 5 will be used./p /attribute + attribute name=randomClass required=false + pThe name of the class to use to generate nonces. The class must be an + instance of codejava.util.Rnadom/code. If not set, the default value + of codejava.security.SecureRandom/code will be used./p + /attribute + /attributes A typo in the docs patch above. s/Rnadom/Random/ Best regards, Konstantin Kolinko - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: svn commit: r962881 - in /tomcat/trunk: java/org/apache/catalina/filters/CsrfPreventionFilter.java java/org/apache/catalina/filters/LocalStrings.properties webapps/docs/changelog.xml webapps/doc
On 10/07/2010 19:31, Konstantin Kolinko wrote: 2010/7/10 ma...@apache.org: Author: markt Date: Sat Jul 10 16:41:59 2010 New Revision: 962881 --- tomcat/trunk/webapps/docs/config/filter.xml (original) +++ tomcat/trunk/webapps/docs/config/filter.xml Sat Jul 10 16:41:59 2010 @@ -135,6 +135,12 @@ value of 5 will be used./p /attribute + attribute name=randomClass required=false +pThe name of the class to use to generate nonces. The class must be an +instance of codejava.util.Rnadom/code. If not set, the default value +of codejava.security.SecureRandom/code will be used./p + /attribute + /attributes A typo in the docs patch above. s/Rnadom/Random/ Thanks. Mark - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r962900 - /tomcat/trunk/webapps/docs/config/filter.xml
Author: markt Date: Sat Jul 10 18:33:14 2010 New Revision: 962900 URL: http://svn.apache.org/viewvc?rev=962900view=rev Log: Typo Modified: tomcat/trunk/webapps/docs/config/filter.xml Modified: tomcat/trunk/webapps/docs/config/filter.xml URL: http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/config/filter.xml?rev=962900r1=962899r2=962900view=diff == --- tomcat/trunk/webapps/docs/config/filter.xml (original) +++ tomcat/trunk/webapps/docs/config/filter.xml Sat Jul 10 18:33:14 2010 @@ -137,7 +137,7 @@ attribute name=randomClass required=false pThe name of the class to use to generate nonces. The class must be an -instance of codejava.util.Rnadom/code. If not set, the default value +instance of codejava.util.Random/code. If not set, the default value of codejava.security.SecureRandom/code will be used./p /attribute - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r962901 - /tomcat/tc6.0.x/trunk/STATUS.txt
Author: markt Date: Sat Jul 10 18:37:23 2010 New Revision: 962901 URL: http://svn.apache.org/viewvc?rev=962901view=rev Log: Add fix for typo Modified: tomcat/tc6.0.x/trunk/STATUS.txt Modified: tomcat/tc6.0.x/trunk/STATUS.txt URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/STATUS.txt?rev=962901r1=962900r2=962901view=diff == --- tomcat/tc6.0.x/trunk/STATUS.txt (original) +++ tomcat/tc6.0.x/trunk/STATUS.txt Sat Jul 10 18:37:23 2010 @@ -143,6 +143,7 @@ PATCHES PROPOSED TO BACKPORT: http://svn.apache.org/viewvc?rev=962865view=rev http://svn.apache.org/viewvc?rev=962872view=rev http://svn.apache.org/viewvc?rev=962881view=rev + http://svn.apache.org/viewvc?rev=962900view=rev +1: markt -1: - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
DO NOT REPLY [Bug 48861] Files without AL headers
https://issues.apache.org/bugzilla/show_bug.cgi?id=48861 --- Comment #2 from dbz tomcat_mail...@yahoo.fr 2010-07-10 16:42:07 EDT --- Created an attachment (id=25747) -- (https://issues.apache.org/bugzilla/attachment.cgi?id=25747) A patch which add the AL header to several classes of the tomcat-lite module This patch adds AL headers to several classes of the tomcat-lite module. This patch has been build from the trunk. The following classes of the tomcat-trunk _rat.dat file haven't been find : modules/tomcat-lite/examples/spring/tomcat-spring.xml modules/tomcat-lite/java/org/apache/tomcat/lite/io/SslConnector.java modules/tomcat-lite/java/org/apache/tomcat/lite/servlet/JspLoader.java modules/tomcat-lite/java/org/apache/tomcat/lite/servlet/ServletApi.java modules/tomcat-lite/java/org/apache/tomcat/lite/servlet/ServletApi25.java modules/tomcat-lite/java/org/apache/tomcat/lite/servlet/ServletApi30.java modules/tomcat-lite/java/org/apache/tomcat/servlets/config/ConfigLoader.java modules/tomcat-lite/java/org/apache/tomcat/servlets/config/ServletContextConfig.java modules/tomcat-lite/java/org/apache/tomcat/servlets/config/deploy/AnnotationsProcessor.java modules/tomcat-lite/java/org/apache/tomcat/servlets/config/deploy/DomUtil.java modules/tomcat-lite/java/org/apache/tomcat/servlets/config/deploy/WarDeploy.java modules/tomcat-lite/java/org/apache/tomcat/servlets/config/deploy/WebXml.java modules/tomcat-lite/java/org/apache/tomcat/servlets/file/Filesystem.java modules/tomcat-lite/java/org/apache/tomcat/servlets/file/LocalFilesystem.java modules/tomcat-lite/java/org/apache/tomcat/servlets/jspc/JasperRuntime.java modules/tomcat-lite/java/org/apache/tomcat/servlets/sec/UserAuthentication.java modules/tomcat-lite/java/org/apache/tomcat/servlets/session/UserSessionManager.java The classes found in the file tomcat-trunk _rat.dat file plus the following classes have been patched : org.apache.tomcat.lite.io.SslProvider org.apache.tomcat.lite.http.HttpServer org.apache.tomcat.lite.http.HttpClient org.apache.tomcat.lite.io.jsse.JsseSslProvider -- Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: [ANN] Apache Tomcat 5.5.30 released
2010/7/10 Jim Jagielski j...@jagunet.com: The Apache Tomcat Team announces the immediate availability of Apache Tomcat 5.5.30 stable. It seems that this announcement was not sent to the following list: annou...@apache.org Archive: http://mail-archives.apache.org/mod_mbox/www-announce/201007.mbox/browser BTW, the only place that I know that lists the mail-lists where the announcements go is in mod_jk, http://svn.apache.org/repos/asf/tomcat/jk/trunk/HOWTO-RELEASE.txt Best regards, Konstantin Kolinko - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r962917 - in /tomcat/trunk: java/org/apache/catalina/filters/ test/org/apache/catalina/filters/ webapps/docs/ webapps/docs/config/
Author: markt Date: Sat Jul 10 21:13:23 2010 New Revision: 962917 URL: http://svn.apache.org/viewvc?rev=962917view=rev Log: Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=49478 Add support for user specified character sets to the AddDefaultCharsetFilter. Based on a patch by Felix Schumacher. Added: tomcat/trunk/test/org/apache/catalina/filters/TestAddCharSetFilter.java (with props) Modified: tomcat/trunk/java/org/apache/catalina/filters/AddDefaultCharsetFilter.java tomcat/trunk/java/org/apache/catalina/filters/LocalStrings.properties tomcat/trunk/webapps/docs/changelog.xml tomcat/trunk/webapps/docs/config/filter.xml Modified: tomcat/trunk/java/org/apache/catalina/filters/AddDefaultCharsetFilter.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/filters/AddDefaultCharsetFilter.java?rev=962917r1=962916r2=962917view=diff == --- tomcat/trunk/java/org/apache/catalina/filters/AddDefaultCharsetFilter.java (original) +++ tomcat/trunk/java/org/apache/catalina/filters/AddDefaultCharsetFilter.java Sat Jul 10 21:13:23 2010 @@ -17,10 +17,9 @@ package org.apache.catalina.filters; - import java.io.IOException; +import java.nio.charset.Charset; -import javax.servlet.Filter; import javax.servlet.FilterChain; import javax.servlet.FilterConfig; import javax.servlet.ServletException; @@ -29,24 +28,54 @@ import javax.servlet.ServletResponse; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpServletResponseWrapper; +import org.apache.juli.logging.Log; +import org.apache.juli.logging.LogFactory; + /** * Filter that explicitly sets the default character set for media subtypes of - * the text type to ISO-8859-1. RFC2616 explicitly states that browsers must - * use ISO-8859-1 in these circumstances. However, browsers may attempt to + * the text type to ISO-8859-1, or another user defined character set. RFC2616 + * explicitly states that browsers must use ISO-8859-1 if no character set is + * defined for media with subtype text. However, browsers may attempt to * auto-detect the character set. This may be exploited by an attacker to * perform an XSS attack. Internet Explorer has this behaviour by default. Other - * browsers have an option to enable it. + * browsers have an option to enable it.br/ * * This filter prevents the attack by explicitly setting a character set. Unless * the provided character set is explicitly overridden by the user - in which * case they deserve everything they get - the browser will adhere to an * explicitly set character set, thus preventing the XSS attack. */ -public class AddDefaultCharsetFilter implements Filter { +public class AddDefaultCharsetFilter extends FilterBase { + +private static final Log log = +LogFactory.getLog(AddDefaultCharsetFilter.class); + +private static final String DEFAULT_ENCODING = ISO-8859-1; + +private String encoding; + +public void setEncoding(String encoding) { +this.encoding = encoding; +} + +@Override +protected Log getLogger() { +return log; +} -public void destroy() { -// NOOP +@Override +public void init(FilterConfig filterConfig) throws ServletException { +super.init(filterConfig); +if (encoding == null || encoding.length() == 0 || +encoding.equalsIgnoreCase(default)) { +encoding = DEFAULT_ENCODING; +} else if (encoding.equalsIgnoreCase(system)) { +encoding = Charset.defaultCharset().name(); +} else if (!Charset.isSupported(encoding)) { +throw new IllegalArgumentException(sm.getString( +addDefaultCharset.unsupportedCharset, encoding)); +} } public void doFilter(ServletRequest request, ServletResponse response, @@ -55,40 +84,46 @@ public class AddDefaultCharsetFilter imp // Wrap the response if (response instanceof HttpServletResponse) { ResponseWrapper wrapped = -new ResponseWrapper((HttpServletResponse)response); +new ResponseWrapper((HttpServletResponse)response, encoding); chain.doFilter(request, wrapped); } else { chain.doFilter(request, response); } } -public void init(FilterConfig filterConfig) throws ServletException { -// NOOP -} - /** - * Wrapper that adds the default character set for text media types if no - * character set is specified. + * Wrapper that adds a character set for text media types if no character + * set is specified. */ -public class ResponseWrapper extends HttpServletResponseWrapper { +public static class ResponseWrapper extends HttpServletResponseWrapper { + +private String encoding; + +public ResponseWrapper(HttpServletResponse response, String
DO NOT REPLY [Bug 49478] Add encoding parameter to AddDefaultCharSetFilter
https://issues.apache.org/bugzilla/show_bug.cgi?id=49478 Mark Thomas ma...@apache.org changed: What|Removed |Added Status|NEW |RESOLVED Resolution||FIXED --- Comment #2 from Mark Thomas ma...@apache.org 2010-07-10 17:15:03 EDT --- Thanks for the patch. I applied a slightly modified version (handles a few edge cases, added a test case, i18n support, extended FilterBase) to 7.0.x and it will be included in 7.0.1 onwards. Thanks again. -- Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r962919 - /tomcat/trunk/java/org/apache/tomcat/util/res/StringManager.java
Author: markt Date: Sat Jul 10 21:22:12 2010 New Revision: 962919 URL: http://svn.apache.org/viewvc?rev=962919view=rev Log: Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=49442 Trivial code clean-up. No functional change. Based on a patch provided by Sebb. Modified: tomcat/trunk/java/org/apache/tomcat/util/res/StringManager.java Modified: tomcat/trunk/java/org/apache/tomcat/util/res/StringManager.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/res/StringManager.java?rev=962919r1=962918r2=962919view=diff == --- tomcat/trunk/java/org/apache/tomcat/util/res/StringManager.java (original) +++ tomcat/trunk/java/org/apache/tomcat/util/res/StringManager.java Sat Jul 10 21:22:12 2010 @@ -55,8 +55,8 @@ public class StringManager { /** * The ResourceBundle for this StringManager. */ -private ResourceBundle bundle; -private Locale locale; +private final ResourceBundle bundle; +private final Locale locale; /** * Creates a new StringManager for a given package. This is a @@ -68,8 +68,9 @@ public class StringManager { */ private StringManager(String packageName) { String bundleName = packageName + .LocalStrings; +ResourceBundle bnd = null; try { -bundle = ResourceBundle.getBundle(bundleName, Locale.getDefault()); +bnd = ResourceBundle.getBundle(bundleName, Locale.getDefault()); } catch( MissingResourceException ex ) { // Try from the current loader (that's the case for trusted apps) // Should only be required if using a TC5 style classloader structure @@ -77,16 +78,19 @@ public class StringManager { ClassLoader cl = Thread.currentThread().getContextClassLoader(); if( cl != null ) { try { -bundle = ResourceBundle.getBundle( +bnd = ResourceBundle.getBundle( bundleName, Locale.getDefault(), cl); } catch(MissingResourceException ex2) { // Ignore } } } +bundle = bnd; // Get the actual locale, which may be different from the requested one if (bundle != null) { locale = bundle.getLocale(); +} else { +locale = null; } } @@ -152,7 +156,7 @@ public class StringManager { // STATIC SUPPORT METHODS // -- -private static HashtableString, StringManager managers = +private static final HashtableString, StringManager managers = new HashtableString, StringManager(); /** - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
DO NOT REPLY [Bug 49567] when starting a new thread from a startAsync Runnable, an infinite amount of doPosts is generated
https://issues.apache.org/bugzilla/show_bug.cgi?id=49567 --- Comment #1 from Mark Thomas ma...@apache.org 2010-07-10 17:26:55 EDT --- Looks like you attached the wrong test case to this report. -- Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
DO NOT REPLY [Bug 49442] Make StringManager fields final
https://issues.apache.org/bugzilla/show_bug.cgi?id=49442 Mark Thomas ma...@apache.org changed: What|Removed |Added Status|NEW |RESOLVED Resolution||FIXED --- Comment #1 from Mark Thomas ma...@apache.org 2010-07-10 17:22:56 EDT --- Fixed in 7.0.x. Will be in 7.0.1 onwards. -- Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r962921 - /tomcat/trunk/test/org/apache/catalina/tribes/demos/EchoRpcTest.java
Author: markt Date: Sat Jul 10 21:33:16 2010 New Revision: 962921 URL: http://svn.apache.org/viewvc?rev=962921view=rev Log: Trivial cleanup no functional change Modified: tomcat/trunk/test/org/apache/catalina/tribes/demos/EchoRpcTest.java Modified: tomcat/trunk/test/org/apache/catalina/tribes/demos/EchoRpcTest.java URL: http://svn.apache.org/viewvc/tomcat/trunk/test/org/apache/catalina/tribes/demos/EchoRpcTest.java?rev=962921r1=962920r2=962921view=diff == --- tomcat/trunk/test/org/apache/catalina/tribes/demos/EchoRpcTest.java (original) +++ tomcat/trunk/test/org/apache/catalina/tribes/demos/EchoRpcTest.java Sat Jul 10 21:33:16 2010 @@ -133,8 +133,9 @@ public class EchoRpcTest implements RpcC int options = RpcChannel.ALL_REPLY; long timeout = 15000; String message = EchoRpcMessage; -if ( args.length == 0 ) { -args = new String[] {-help}; +if (args.length == 0) { +usage(); +System.exit(1); } for (int i = 0; i args.length; i++) { if (-threads.equals(args[i])) { @@ -161,8 +162,7 @@ public class EchoRpcTest implements RpcC else if ( majority.equals(args[i]) ) options = RpcChannel.MAJORITY_REPLY; } else if (-debug.equals(args[i])) { // Not used -} else if (-help.equals(args[i])) -{ +} else if (-help.equals(args[i])) { usage(); System.exit(1); } - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r962922 - in /tomcat/trunk/java/javax/mail: Authenticator.java PasswordAuthentication.java Session.java internet/InternetAddress.java internet/MimeMessage.java internet/MimePart.java inter
Author: markt Date: Sat Jul 10 21:39:58 2010 New Revision: 962922 URL: http://svn.apache.org/viewvc?rev=962922view=rev Log: javax.mail is a dummy implementation - mark it as such to stop Eclipse complaining about empty methods and unused parameters Modified: tomcat/trunk/java/javax/mail/Authenticator.java tomcat/trunk/java/javax/mail/PasswordAuthentication.java tomcat/trunk/java/javax/mail/Session.java tomcat/trunk/java/javax/mail/internet/InternetAddress.java tomcat/trunk/java/javax/mail/internet/MimeMessage.java tomcat/trunk/java/javax/mail/internet/MimePart.java tomcat/trunk/java/javax/mail/internet/MimePartDataSource.java Modified: tomcat/trunk/java/javax/mail/Authenticator.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/javax/mail/Authenticator.java?rev=962922r1=962921r2=962922view=diff == --- tomcat/trunk/java/javax/mail/Authenticator.java (original) +++ tomcat/trunk/java/javax/mail/Authenticator.java Sat Jul 10 21:39:58 2010 @@ -17,5 +17,5 @@ package javax.mail; public class Authenticator { - +// Dummy implementation } Modified: tomcat/trunk/java/javax/mail/PasswordAuthentication.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/javax/mail/PasswordAuthentication.java?rev=962922r1=962921r2=962922view=diff == --- tomcat/trunk/java/javax/mail/PasswordAuthentication.java (original) +++ tomcat/trunk/java/javax/mail/PasswordAuthentication.java Sat Jul 10 21:39:58 2010 @@ -16,7 +16,9 @@ */ package javax.mail; +...@suppresswarnings(unused) // Dummy implementation public class PasswordAuthentication { public PasswordAuthentication(String user, String password) { +// Dummy implementation } } Modified: tomcat/trunk/java/javax/mail/Session.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/javax/mail/Session.java?rev=962922r1=962921r2=962922view=diff == --- tomcat/trunk/java/javax/mail/Session.java (original) +++ tomcat/trunk/java/javax/mail/Session.java Sat Jul 10 21:39:58 2010 @@ -18,6 +18,7 @@ package javax.mail; import java.util.Properties; +...@suppresswarnings(unused) // Dummy implementation public class Session { public static Session getInstance(Properties props, Authenticator auth) { return null; Modified: tomcat/trunk/java/javax/mail/internet/InternetAddress.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/javax/mail/internet/InternetAddress.java?rev=962922r1=962921r2=962922view=diff == --- tomcat/trunk/java/javax/mail/internet/InternetAddress.java (original) +++ tomcat/trunk/java/javax/mail/internet/InternetAddress.java Sat Jul 10 21:39:58 2010 @@ -16,7 +16,9 @@ */ package javax.mail.internet; +...@suppresswarnings(unused) // Dummy implementation public class InternetAddress { public InternetAddress(String from) { +// Dummy implementation } } Modified: tomcat/trunk/java/javax/mail/internet/MimeMessage.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/javax/mail/internet/MimeMessage.java?rev=962922r1=962921r2=962922view=diff == --- tomcat/trunk/java/javax/mail/internet/MimeMessage.java (original) +++ tomcat/trunk/java/javax/mail/internet/MimeMessage.java Sat Jul 10 21:39:58 2010 @@ -18,11 +18,15 @@ package javax.mail.internet; import javax.mail.Session; +...@suppresswarnings(unused) // Dummy implementation public class MimeMessage implements MimePart { public MimeMessage(Session session) { +// Dummy implementation } public void setFrom(InternetAddress from) { +// Dummy implementation } public void setSubject(String subject) { +// Dummy implementation } } Modified: tomcat/trunk/java/javax/mail/internet/MimePart.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/javax/mail/internet/MimePart.java?rev=962922r1=962921r2=962922view=diff == --- tomcat/trunk/java/javax/mail/internet/MimePart.java (original) +++ tomcat/trunk/java/javax/mail/internet/MimePart.java Sat Jul 10 21:39:58 2010 @@ -17,4 +17,5 @@ package javax.mail.internet; public interface MimePart { +// Dummy implementation } Modified: tomcat/trunk/java/javax/mail/internet/MimePartDataSource.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/javax/mail/internet/MimePartDataSource.java?rev=962922r1=962921r2=962922view=diff == --- tomcat/trunk/java/javax/mail/internet/MimePartDataSource.java (original) +++ tomcat/trunk/java/javax/mail/internet/MimePartDataSource.java Sat Jul 10
svn commit: r962923 - in /tomcat/trunk/java/javax/annotation: PostConstruct.java PreDestroy.java security/DenyAll.java security/PermitAll.java
Author: markt Date: Sat Jul 10 21:43:02 2010 New Revision: 962923 URL: http://svn.apache.org/viewvc?rev=962923view=rev Log: Eclipse warnings for annotations Modified: tomcat/trunk/java/javax/annotation/PostConstruct.java tomcat/trunk/java/javax/annotation/PreDestroy.java tomcat/trunk/java/javax/annotation/security/DenyAll.java tomcat/trunk/java/javax/annotation/security/PermitAll.java Modified: tomcat/trunk/java/javax/annotation/PostConstruct.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/javax/annotation/PostConstruct.java?rev=962923r1=962922r2=962923view=diff == --- tomcat/trunk/java/javax/annotation/PostConstruct.java (original) +++ tomcat/trunk/java/javax/annotation/PostConstruct.java Sat Jul 10 21:43:02 2010 @@ -27,4 +27,5 @@ import java.lang.annotation.Target; @Retention(RetentionPolicy.RUNTIME) public @interface PostConstruct { +// No attributes } Modified: tomcat/trunk/java/javax/annotation/PreDestroy.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/javax/annotation/PreDestroy.java?rev=962923r1=962922r2=962923view=diff == --- tomcat/trunk/java/javax/annotation/PreDestroy.java (original) +++ tomcat/trunk/java/javax/annotation/PreDestroy.java Sat Jul 10 21:43:02 2010 @@ -27,4 +27,5 @@ import java.lang.annotation.Target; @Retention(RetentionPolicy.RUNTIME) public @interface PreDestroy { +// No attributes } Modified: tomcat/trunk/java/javax/annotation/security/DenyAll.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/javax/annotation/security/DenyAll.java?rev=962923r1=962922r2=962923view=diff == --- tomcat/trunk/java/javax/annotation/security/DenyAll.java (original) +++ tomcat/trunk/java/javax/annotation/security/DenyAll.java Sat Jul 10 21:43:02 2010 @@ -27,4 +27,5 @@ import java.lang.annotation.Target; @Retention(RetentionPolicy.RUNTIME) public @interface DenyAll { +// No attributes } Modified: tomcat/trunk/java/javax/annotation/security/PermitAll.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/javax/annotation/security/PermitAll.java?rev=962923r1=962922r2=962923view=diff == --- tomcat/trunk/java/javax/annotation/security/PermitAll.java (original) +++ tomcat/trunk/java/javax/annotation/security/PermitAll.java Sat Jul 10 21:43:02 2010 @@ -27,4 +27,5 @@ import java.lang.annotation.Target; @Retention(RetentionPolicy.RUNTIME) public @interface PermitAll { +// No attributes } - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
DO NOT REPLY [Bug 49268] Use checkstyle to enforce common code style
https://issues.apache.org/bugzilla/show_bug.cgi?id=49268 --- Comment #2 from Konstantin Kolinko knst.koli...@gmail.com 2010-07-10 20:23:02 EDT --- Thank you for the effort. I won't comment on the project policies - that is to be discussed and decided on d...@. Several comments on the patch itself: 1) Checkstyle version should not be hard-coded in build.xml. style=${checkstyle.home}/checkstyle-5.1/contrib/checkstyle-noframes.xsl/ 2) What is the origin of the res/checkstyle.xml file? There is no copyright or license notice there. 3) Contrary to the written - activates only check for tabs, there are more checks that are enabled in the proposed checkstyle file. -- Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: [VOTE] Add Checkstyle ruleset and make code cleanups!
Adjusted the thread subject. Was: Vote: Add Checkstyle roleset and make code cleanups! 2010/7/8 Peter Roßbach p...@objektpark.de: Hi, after the discussion about code style (http://tomcat.markmail.org/thread/2c7lkzmpcuxqpgjj), I think that we must vote for this fix: https://issues.apache.org/bugzilla/show_bug.cgi?id=49268 It includes a starting point for a very limited checkstyle ruleset. +1: progressively introduce checkstyle with checks for which a consensus exists (first TabSpacePolicy, @Version format) 0 : More discussion needed -1: no checkstyle integration. Tomcat shoudn't have code style rules 1. What is TabSpacePolicy? It is not listed at: http://checkstyle.sourceforge.net/availablechecks.html There is FileTabCharacter though. http://checkstyle.sourceforge.net/config_whitespace.html#FileTabCharacter 2. There is NO consensus on @Version format. Last time when it was discussed, about a year ago, there was slight agreement to get rid of those tags at all. http://marc.info/?t=12469253133r=1w=2 Though, when I actually was performing the change recently I went for a more safe route of just replacing $Date$ with $Id$. One caveat with $Id$ that I noted in the last several months: when filename is long, @version $Id$ can occupy more than 80 characters and is wrapped when reformatting the file in IDE, thus breaking this keyword. In several such cases I replaced $Id$ with $Revision$. 3. From message in Re: r960104 thread: http://markmail.org/message/rkznrp2cnfkd4eob: FileTabCharacter - currently 146 failures In what packages are those files? Fixing them can be discussed and done first, before enabling any checkstyle nags in the project. 4. Is it possible to exclude some packages from checkstyle checks? E.g., org.apache.tomcat.util.bcel ? 5. Is there experience whether checkstyle checks run fast, or there are noticeable delays? The Re: r960104 thread was about preventing commits that have wrong whitespace. It probably means that checkstyle is run automatically by IDE, or by the buildbot. Do others have positive experience with such configurations? Based on the above [x] 0 : More discussion needed I am +1 if someone else wants to add a separate checkstyle target to build.xml. I do not mind against checks that already succeed for the existing code. Though if they always succeed they are not really useful. Regarding the checks that fail -- before enabling the check I would like to discuss whether we can fix the code in TC7, and whether we can backport the fix. At least the affected files have to be listed. Best regards, Konstantin Kolinko - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: svn commit: r961948 - in /tomcat/trunk: java/org/apache/jasper/compiler/ELFunctionMapper.java webapps/docs/changelog.xml
2010/7/9 ma...@apache.org: Author: markt Date: Thu Jul 8 21:29:12 2010 New Revision: 961948 URL: http://svn.apache.org/viewvc?rev=961948view=rev Log: Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=49555 Correctly handle tag libraries that use functions defined in static inner classes --- tomcat/trunk/java/org/apache/jasper/compiler/ELFunctionMapper.java (original) +++ tomcat/trunk/java/org/apache/jasper/compiler/ELFunctionMapper.java Thu Jul 8 21:29:12 2010 @@ -212,8 +212,8 @@ public class ELFunctionMapper { FunctionInfo funcInfo = f.getFunctionInfo(); String key = f.getPrefix()+ : + f.getName(); ds.append(funcMethod + (\ + key + \, + - funcInfo.getFunctionClass() + .class, + - '\' + f.getMethodName() + \, + + getCanonicalName(funcInfo.getFunctionClass()) + + .class, + '\' + f.getMethodName() + \, + new Class[] {); String params[] = f.getParameters(); for (int k = 0; k params.length; k++) { @@ -286,6 +286,17 @@ public class ELFunctionMapper { private String getMapName() { return _jspx_fnmap_ + currFunc++; } + + /** + * Convert a binary class name into a canonical one that can be used + * when generating Java source code. + * + * @param className Binary class name + * @return Canonical equivalent + */ + private String getCanonicalName(String className) { + return className.replace('$', '.'); + } } } I wonder why funcInfo.getFunctionClass().getCanonicalName() cannot be used. And there is also o.a.jasper.compiler.JspUtil.getCanonicalName(Class) with a JavaDoc comment that simple replacement of '$' with '.' does not work. Best regards, Konstantin Kolinko - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: [g...@vmgump]: Project tomcat-taglibs-standard (in module tomcat-taglibs) failed
On 2010-07-09, Jeremy Boynes wrote: The cactifywar goal is attached to package so that may not help. I've reattached it to pre-integration-test as that seems more logical (assuming it runs before jetty run-war). At least it has fixed Gump - both for the package and install goals. Neither of both runs the cactifywar goal anymore, many thanks. I don't know whether it still works for your integration tests, though. On Jul 9, 2010, at 9:17 AM, Stefan Bodewig wrote: On 2010-07-09, Jeremy Boynes wrote: Is there a way to have Gump run with a profile (e.g. -P gump) so that we could disable the tests there but still have them run in a normal build? Not yet, but I may be able to make it do that over the weekend. Gump's trunk, which serves http://gump.zones.apache.org/gump/test/ now supports mvn profiles by an optional profile attribute on the mvn/ element - like the ones you see in https://svn.apache.org/repos/asf/gump/metadata/project/tomcat-taglibs.xml. [1] The live branch that powers the official vmgump.apache.org machine will gain that tomorrow unless I've broken anything. Right now we have two taglibs-standard projects, one running package and one running install. I could imagine we keep one without integration tests for other projects to depend on and one running the tests - which would work once the Cactus situation has been fixed. Stefan [1] I should point out that all ASF committers have write access to Gump's metadata. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
DO NOT REPLY [Bug 27717] x:forEach very slow in JSTL 1.1
https://issues.apache.org/bugzilla/show_bug.cgi?id=27717 --- Comment #19 from Jeremy Boynes jboy...@apache.org 2010-07-11 01:18:30 EDT --- Created an attachment (id=25749) -- (https://issues.apache.org/bugzilla/attachment.cgi?id=25749) Update ExprSupport to use JAXP -- Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
DO NOT REPLY [Bug 27717] x:forEach very slow in JSTL 1.1
https://issues.apache.org/bugzilla/show_bug.cgi?id=27717 --- Comment #20 from Jeremy Boynes jboy...@apache.org 2010-07-11 01:19:20 EDT --- Created an attachment (id=25750) -- (https://issues.apache.org/bugzilla/attachment.cgi?id=25750) Supporting variable resolver -- Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
DO NOT REPLY [Bug 27717] x:forEach very slow in JSTL 1.1
https://issues.apache.org/bugzilla/show_bug.cgi?id=27717 Jeremy Boynes jboy...@apache.org changed: What|Removed |Added Attachment #25749|application/octet-stream|text/plain mime type|| -- Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: [taglibs] XPath support
I've added two attachments to bug 27717 https://issues.apache.org/bugzilla/show_bug.cgi?id=27717 that show ExprSupport updated to use the JAXP XPath API to precompile expressions and an implementation of an XPathVariableResolver that handles the JSTL variable resolution scheme. There are very few tests for the XML tags so I want to add more to check for regressions and that may take a while. Comments on the approach would be appreciated before I start on the other tags. I'll post some performance numbers once I've updated x:forEach Cheers Jeremy On Jul 9, 2010, at 9:56 PM, Henri Yandell wrote: On Fri, Jul 9, 2010 at 12:51 PM, Jeremy Boynes jboy...@apache.org wrote: In light of the performance issues logged against the XML taglib and functional issues like #49578, I was looking at refactor the XML tags to use the JAXP XPath API to pre-compile expressions and dynamically resolve variables. I think this can be done fairly easily and will eliminate a lot of the integration code in XPathUtil. However, I could not see how to expose the full iteration context described in the spec for x:forEach: * the context position is the iteration 'count' (with the same meaning as in c:forEach) * the context size is equal to the number of nodes in the node-set over which x:forEach is iterating It looks like the current implementation does not support this: https://issues.apache.org/bugzilla/show_bug.cgi?id=22765 and in testing these functions always return -1 and 0 respectively. Presumably these should be returned by the XPath core functions position() and last() respectively. However, the JAXP API only allows a single Node to be passed in for evaluation and I could not see a way to provide the context needed by these functions. I think this might be a limitation of JAXP. I plan to go ahead with the refactor as I think by simplifying our implementation we will address the current performance issues and fix some of the functional edge cases. It will also remove the hard dependency on the Xalan implementation.The iteration context functions will remain broken consistent with the current implementation. It might be possible to make this work using the low-level internal Xalan APIs as this functionality is supported in Xalan's XSLT processing. To support this in the future, I'll try to make the XPath usage pluggable so we can drop in a Xalan-specific version in the future. Thoughts? +1. Resolving the speed and some of the issues is worth making it harder to resolve the other issues imo. Hen - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
DO NOT REPLY [Bug 27717] x:forEach very slow in JSTL 1.1
https://issues.apache.org/bugzilla/show_bug.cgi?id=27717 Jeremy Boynes jboy...@apache.org changed: What|Removed |Added Attachment #25750|application/octet-stream|text/plain mime type|| -- Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org