svn commit: r1667331 - /tomcat/tc6.0.x/trunk/STATUS.txt
Author: violetagg Date: Tue Mar 17 15:23:34 2015 New Revision: 1667331 URL: http://svn.apache.org/r1667331 Log: vote Modified: tomcat/tc6.0.x/trunk/STATUS.txt Modified: tomcat/tc6.0.x/trunk/STATUS.txt URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/STATUS.txt?rev=1667331r1=1667330r2=1667331view=diff == --- tomcat/tc6.0.x/trunk/STATUS.txt (original) +++ tomcat/tc6.0.x/trunk/STATUS.txt Tue Mar 17 15:23:34 2015 @@ -65,7 +65,7 @@ PATCHES PROPOSED TO BACKPORT: * Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=57675 Correctly quote strings when using the extended access log http://svn.apache.org/r1665087 - +1: markt, schultz + +1: markt, schultz, violetagg -1: * Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=57570 @@ -78,7 +78,7 @@ PATCHES PROPOSED TO BACKPORT: * Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=57703 Update http-method definition as per Servlet 2.5 MR6 http://svn.apache.org/r1666989 - +1: markt, schultz + +1: markt, schultz, violetagg -1: - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1667437 - in /tomcat/site/trunk: docs/index.html docs/security-taglibs.html docs/security.html xdocs/index.xml xdocs/security-taglibs.xml xdocs/security.xml
Author: jboynes Date: Wed Mar 18 03:32:00 2015 New Revision: 1667437 URL: http://svn.apache.org/r1667437 Log: Add security page for Taglibs Added: tomcat/site/trunk/docs/security-taglibs.html tomcat/site/trunk/xdocs/security-taglibs.xml (with props) Modified: tomcat/site/trunk/docs/index.html tomcat/site/trunk/docs/security.html tomcat/site/trunk/xdocs/index.xml tomcat/site/trunk/xdocs/security.xml Modified: tomcat/site/trunk/docs/index.html URL: http://svn.apache.org/viewvc/tomcat/site/trunk/docs/index.html?rev=1667437r1=1667436r2=1667437view=diff == --- tomcat/site/trunk/docs/index.html (original) +++ tomcat/site/trunk/docs/index.html Wed Mar 18 03:32:00 2015 @@ -238,7 +238,7 @@ of the JSTL 1.2 specification. p Version 1.2.3 is a security and bug fix release. It fixes a few bugs found in Standard Taglib 1.2.1 and provides protection against -a href=https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0254;CVE-2015-0254/a +a href=http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0254; rel=nofollowCVE-2015-0254/a vulnerability (XXE and RCE via XSL extension in JSTL XML tags). /p Added: tomcat/site/trunk/docs/security-taglibs.html URL: http://svn.apache.org/viewvc/tomcat/site/trunk/docs/security-taglibs.html?rev=1667437view=auto == --- tomcat/site/trunk/docs/security-taglibs.html (added) +++ tomcat/site/trunk/docs/security-taglibs.html Wed Mar 18 03:32:00 2015 @@ -0,0 +1,265 @@ +!DOCTYPE html SYSTEM about:legacy-compat +html lang=en +head +META http-equiv=Content-Type content=text/html; charset=UTF-8 +link href=stylesheets/tomcat.css rel=stylesheet type=text/css +titleApache Tomcat - Apache Taglibs vulnerabilities/title +meta name=author content=Apache Tomcat Project +/head +body +div id=wrapper +header +div id=header +div +div +div class=logo noPrint +a href=http://tomcat.apache.org/;img alt=Tomcat Home src=./images/tomcat.png/a +/div +div style=height: 1px;/div +div class=asfLogo noPrint +a href=http://www.apache.org/; target=_blankimg src=//www.apache.org/images/feather.png alt=The Apache Software Foundation style=width: 266px; height: 83px;/a +/div +h1 style=margin-top: 35px;Apache Tomcat/h1 +div style=clear: right;/div +div class=searchbox noPrint +form action=https://www.google.com/search; method=get +input value=tomcat.apache.org name=sitesearch type=hiddeninput placeholder=Search the Sitehellip; required=required size=25 name=q id=query type=searchbuttonSearch/button +/form +/div +div style=height: 1px;/div +div style=clear: left;/div +/div +/div +/div +/header +div id=middle +div +div id=mainLeft class=noprint +div +nav +div +h2Apache Tomcat/h2 +ul +li +a href=./index.htmlHome/a +/li +li +a href=./taglibs/Taglibs/a +/li +li +a href=./maven-plugin.htmlMaven Plugin/a +/li +/ul +/div +div +h2Download/h2 +ul +li +a href=./whichversion.htmlWhich version?/a +/li +li +a href=./download-80.cgiTomcat 8.0/a +/li +li +a href=./download-70.cgiTomcat 7.0/a +/li +li +a href=./download-60.cgiTomcat 6.0/a +/li +li +a href=./download-connectors.cgiTomcat Connectors/a +/li +li +a href=./download-native.cgiTomcat Native/a +/li +li +a href=http://archive.apache.org/dist/tomcat/;Archives/a +/li +/ul +/div +div +h2Documentation/h2 +ul +li +a href=./tomcat-8.0-doc/index.htmlTomcat 8.0/a +/li +li +a href=./tomcat-7.0-doc/index.htmlTomcat 7.0/a +/li +li +a href=./tomcat-6.0-doc/index.htmlTomcat 6.0/a +/li +li +a href=./connectors-doc/Tomcat Connectors/a +/li +li +a href=./native-doc/Tomcat Native/a +/li +li +a href=http://wiki.apache.org/tomcat/FrontPage;Wiki/a +/li +li +a href=./migration.htmlMigration Guide/a +/li +/ul +/div +div +h2Problems?/h2 +ul +li +a href=./security.htmlSecurity Reports/a +/li +li +a href=./findhelp.htmlFind help/a +/li +li +a href=http://wiki.apache.org/tomcat/FAQ;FAQ/a +/li +li +a href=./lists.htmlMailing Lists/a +/li +li +a href=./bugreport.htmlBug Database/a +/li +li +a href=./irc.htmlIRC/a +/li +/ul +/div +div +h2Get Involved/h2 +ul +li +a href=./getinvolved.htmlOverview/a +/li +li +a href=./svn.htmlSVN Repositories/a +/li +li +a href=./ci.htmlBuildbot/a +/li +li +a href=https://reviews.apache.org/groups/tomcat/;Reviewboard/a +/li +li +a href=./tools.htmlTools/a +/li +/ul +/div +div +h2Media/h2 +ul +li +a href=http://blogs.apache.org/tomcat/;Blog/a +/li +li +a href=http://twitter.com/theapachetomcat;Twitter/a +/li +/ul +/div +div +h2Misc/h2 +ul +li +a href=./whoweare.htmlWho We Are/a +/li +li +a href=./heritage.htmlHeritage/a +/li +li +a href=http://www.apache.org;Apache Home/a +/li +li +a href=./resources.htmlResources/a +/li +li +a href=./contact.htmlContact/a +/li +li +a href=./legal.htmlLegal/a +/li +li +a href=http://www.apache.org/foundation/sponsorship.html;Sponsorship/a +/li +li +a href=http://www.apache.org/foundation/thanks.html;Thanks/a +/li +/ul +/div +/nav +/div +/div +div
svn commit: r1667455 - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/
Author: jboynes Date: Wed Mar 18 05:07:57 2015 New Revision: 1667455 URL: http://svn.apache.org/r1667455 Log: Integrate Taglibs with main site Added: tomcat/site/trunk/docs/taglibs.html tomcat/site/trunk/xdocs/taglibs.xml (with props) Modified: tomcat/site/trunk/docs/bugreport.html tomcat/site/trunk/docs/ci.html tomcat/site/trunk/docs/contact.html tomcat/site/trunk/docs/download-60.html tomcat/site/trunk/docs/download-70.html tomcat/site/trunk/docs/download-80.html tomcat/site/trunk/docs/download-connectors.html tomcat/site/trunk/docs/download-native.html tomcat/site/trunk/docs/download-taglibs.html tomcat/site/trunk/docs/findhelp.html tomcat/site/trunk/docs/getinvolved.html tomcat/site/trunk/docs/heritage.html tomcat/site/trunk/docs/index.html tomcat/site/trunk/docs/irc.html tomcat/site/trunk/docs/legal.html tomcat/site/trunk/docs/lists.html tomcat/site/trunk/docs/maven-plugin.html tomcat/site/trunk/docs/migration-6.html tomcat/site/trunk/docs/migration-7.html tomcat/site/trunk/docs/migration-8.html tomcat/site/trunk/docs/migration.html tomcat/site/trunk/docs/oldnews-2010.html tomcat/site/trunk/docs/oldnews-2011.html tomcat/site/trunk/docs/oldnews-2012.html tomcat/site/trunk/docs/oldnews-2013.html tomcat/site/trunk/docs/oldnews-2014.html tomcat/site/trunk/docs/oldnews.html tomcat/site/trunk/docs/presentations.html tomcat/site/trunk/docs/resources.html tomcat/site/trunk/docs/security-3.html tomcat/site/trunk/docs/security-4.html tomcat/site/trunk/docs/security-5.html tomcat/site/trunk/docs/security-6.html tomcat/site/trunk/docs/security-7.html tomcat/site/trunk/docs/security-8.html tomcat/site/trunk/docs/security-impact.html tomcat/site/trunk/docs/security-jk.html tomcat/site/trunk/docs/security-native.html tomcat/site/trunk/docs/security-taglibs.html tomcat/site/trunk/docs/security.html tomcat/site/trunk/docs/svn.html tomcat/site/trunk/docs/tomcat-55-eol.html tomcat/site/trunk/docs/tools.html tomcat/site/trunk/docs/whichversion.html tomcat/site/trunk/docs/whoweare.html tomcat/site/trunk/xdocs/index.xml tomcat/site/trunk/xdocs/stylesheets/project.xml Modified: tomcat/site/trunk/docs/bugreport.html URL: http://svn.apache.org/viewvc/tomcat/site/trunk/docs/bugreport.html?rev=1667455r1=1667454r2=1667455view=diff == --- tomcat/site/trunk/docs/bugreport.html (original) +++ tomcat/site/trunk/docs/bugreport.html Wed Mar 18 05:07:57 2015 @@ -44,7 +44,7 @@ a href=./index.htmlHome/a /li li -a href=./taglibs/Taglibs/a +a href=./taglibs.htmlTaglibs/a /li li a href=./maven-plugin.htmlMaven Plugin/a @@ -73,6 +73,9 @@ a href=./download-native.cgiTomcat Native/a /li li +a href=./download-taglibs.cgiTaglibs/a +/li +li a href=http://archive.apache.org/dist/tomcat/;Archives/a /li /ul Modified: tomcat/site/trunk/docs/ci.html URL: http://svn.apache.org/viewvc/tomcat/site/trunk/docs/ci.html?rev=1667455r1=1667454r2=1667455view=diff == --- tomcat/site/trunk/docs/ci.html (original) +++ tomcat/site/trunk/docs/ci.html Wed Mar 18 05:07:57 2015 @@ -43,7 +43,7 @@ a href=./index.htmlHome/a /li li -a href=./taglibs/Taglibs/a +a href=./taglibs.htmlTaglibs/a /li li a href=./maven-plugin.htmlMaven Plugin/a @@ -72,6 +72,9 @@ a href=./download-native.cgiTomcat Native/a /li li +a href=./download-taglibs.cgiTaglibs/a +/li +li a href=http://archive.apache.org/dist/tomcat/;Archives/a /li /ul Modified: tomcat/site/trunk/docs/contact.html URL: http://svn.apache.org/viewvc/tomcat/site/trunk/docs/contact.html?rev=1667455r1=1667454r2=1667455view=diff == --- tomcat/site/trunk/docs/contact.html (original) +++ tomcat/site/trunk/docs/contact.html Wed Mar 18 05:07:57 2015 @@ -43,7 +43,7 @@ a href=./index.htmlHome/a /li li -a href=./taglibs/Taglibs/a +a href=./taglibs.htmlTaglibs/a /li li a href=./maven-plugin.htmlMaven Plugin/a @@ -72,6 +72,9 @@ a href=./download-native.cgiTomcat Native/a /li li +a href=./download-taglibs.cgiTaglibs/a +/li +li a href=http://archive.apache.org/dist/tomcat/;Archives/a /li /ul Modified: tomcat/site/trunk/docs/download-60.html URL: http://svn.apache.org/viewvc/tomcat/site/trunk/docs/download-60.html?rev=1667455r1=1667454r2=1667455view=diff == --- tomcat/site/trunk/docs/download-60.html (original) +++ tomcat/site/trunk/docs/download-60.html Wed Mar 18 05:07:57 2015 @@ -43,7 +43,7 @@ a href=./index.htmlHome/a /li li -a href=./taglibs/Taglibs/a +a href=./taglibs.htmlTaglibs/a /li li a href=./maven-plugin.htmlMaven Plugin/a @@ -72,6 +72,9 @@ a href=./download-native.cgiTomcat Native/a
[GUMP@vmgump]: Project tomcat-tc8.0.x-validate (in module tomcat-8.0.x) failed
To whom it may engage... This is an automated request, but not an unsolicited one. For more information please visit http://gump.apache.org/nagged.html, and/or contact the folk at gene...@gump.apache.org. Project tomcat-tc8.0.x-validate has an issue affecting its community integration. This issue affects 1 projects. The current state of this project is 'Failed', with reason 'Build Failed'. For reference only, the following projects are affected by this: - tomcat-tc8.0.x-validate : Tomcat 8.x, a web server implementing the Java Servlet 3.1, ... Full details are available at: http://vmgump.apache.org/gump/public/tomcat-8.0.x/tomcat-tc8.0.x-validate/index.html That said, some information snippets are provided here. The following annotations (debug/informational/warning/error messages) were provided: -DEBUG- Dependency on checkstyle exists, no need to add for property checkstyle.jar. -INFO- Failed with reason build failed The following work was performed: http://vmgump.apache.org/gump/public/tomcat-8.0.x/tomcat-tc8.0.x-validate/gump_work/build_tomcat-8.0.x_tomcat-tc8.0.x-validate.html Work Name: build_tomcat-8.0.x_tomcat-tc8.0.x-validate (Type: Build) Work ended in a state of : Failed Elapsed: 1 min 47 secs Command Line: /usr/lib/jvm/java-8-oracle/bin/java -Djava.awt.headless=true -Dbuild.sysclasspath=only org.apache.tools.ant.Main -Dgump.merge=/srv/gump/public/gump/work/merge.xml -Dcheckstyle.jar=/srv/gump/public/workspace/checkstyle/target/checkstyle-6.5-SNAPSHOT.jar -Dexecute.validate=true validate [Working Directory: /srv/gump/public/workspace/tomcat-8.0.x] CLASSPATH: /usr/lib/jvm/java-8-oracle/lib/tools.jar:/srv/gump/public/workspace/ant/dist/lib/ant.jar:/srv/gump/public/workspace/ant/dist/lib/ant-launcher.jar:/srv/gump/public/workspace/ant/dist/lib/ant-jmf.jar:/srv/gump/public/workspace/ant/dist/lib/ant-junit.jar:/srv/gump/public/workspace/ant/dist/lib/ant-junit4.jar:/srv/gump/public/workspace/ant/dist/lib/ant-swing.jar:/srv/gump/public/workspace/ant/dist/lib/ant-apache-resolver.jar:/srv/gump/public/workspace/ant/dist/lib/ant-apache-xalan2.jar:/srv/gump/public/workspace/xml-commons/java/build/resolver.jar:/srv/gump/packages/antlr/antlr-3.1.3.jar:/srv/gump/public/workspace/checkstyle/target/checkstyle-6.5-SNAPSHOT.jar:/srv/gump/public/workspace/apache-commons/beanutils/dist/commons-beanutils-20150318.jar:/srv/gump/public/workspace/apache-commons/cli/target/commons-cli-1.3-SNAPSHOT.jar:/srv/gump/packages/commons-collections3/commons-collections-3.2.1.jar:/srv/gump/public/workspace/apache-commons/exec/target/commons-exec-1.3.1-SNAPSHOT.j ar:/srv/gump/public/workspace/apache-commons/logging/target/commons-logging-20150318.jar:/srv/gump/public/workspace/apache-commons/logging/target/commons-logging-api-20150318.jar:/srv/gump/public/workspace/apache-commons/validator/dist/commons-validator-20150318.jar:/srv/gump/packages/guava/guava-18.0.jar - Buildfile: /srv/gump/public/workspace/tomcat-8.0.x/build.xml build-prepare: [delete] Deleting directory /srv/gump/public/workspace/tomcat-8.0.x/output/build/temp [mkdir] Created dir: /srv/gump/public/workspace/tomcat-8.0.x/output/build/temp compile-prepare: download-validate: testexist: [echo] Testing for /srv/gump/public/workspace/checkstyle/target/checkstyle-6.5-SNAPSHOT.jar setproxy: downloadfile: validate: [mkdir] Created dir: /srv/gump/public/workspace/tomcat-8.0.x/output/res/checkstyle [checkstyle] Running Checkstyle 6.5-SNAPSHOT on 2949 files [checkstyle] /srv/gump/public/workspace/tomcat-8.0.x/webapps/docs/changelog.xml:267: error: Line matches the illegal pattern '\s+$'. BUILD FAILED /srv/gump/public/workspace/tomcat-8.0.x/build.xml:550: Got 1 errors and 0 warnings. Total time: 1 minute 46 seconds - To subscribe to this information via syndicated feeds: - RSS: http://vmgump.apache.org/gump/public/tomcat-8.0.x/tomcat-tc8.0.x-validate/rss.xml - Atom: http://vmgump.apache.org/gump/public/tomcat-8.0.x/tomcat-tc8.0.x-validate/atom.xml == Gump Tracking Only === Produced by Apache Gump(TM) version 2.3. Gump Run 2015031805, vmgump.apache.org:vmgump:2015031805 Gump E-mail Identifier (unique within run) #3. -- Apache Gump http://gump.apache.org/ [Instance: vmgump] - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 57723] New: An incomplete fix for invalid context paths in StandardContext.java / JNDI fails
https://bz.apache.org/bugzilla/show_bug.cgi?id=57723
Bug ID: 57723
Summary: An incomplete fix for invalid context paths in
StandardContext.java / JNDI fails
Product: Tomcat 7
Version: 7.0.59
Hardware: PC
Status: NEW
Severity: minor
Priority: P2
Component: Catalina
Assignee: dev@tomcat.apache.org
Reporter: c...@vx4.de
The fix for #57216 is aimed handle invalid context paths, such as /.
When using Tomcat.addWebapp() the (wrong) name for the context is
already set in Line 534.
public Context addWebapp(Host host, String url, String path) {
return addWebapp(host, url, url, path);
}
public Context addWebapp(Host host, String url, String name, String path) {
silence(host, url);
Context ctx = createContext(host, url);
ctx.setName(name);
ctx.setPath(url);
ctx.setDocBase(path);
...
Therefore StandardContext.setPath()#2198 does not set the corrected name for
the
context.
This causes JNDI to fail, i.e. in JSPCompilationContext.getLastModified()#410
and
#421.
if(invalid) should also include setting the new corrected name.
Or fail hard - that would have made it easier to find.
Best regards,
Christian
--
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[GUMP@vmgump]: Project tomcat-tc8.0.x-test-bio (in module tomcat-8.0.x) failed
To whom it may engage... This is an automated request, but not an unsolicited one. For more information please visit http://gump.apache.org/nagged.html, and/or contact the folk at gene...@gump.apache.org. Project tomcat-tc8.0.x-test-bio has an issue affecting its community integration. This issue affects 1 projects. The current state of this project is 'Failed', with reason 'Build Failed'. For reference only, the following projects are affected by this: - tomcat-tc8.0.x-test-bio : Tomcat 8.x, a web server implementing the Java Servlet 3.1, ... Full details are available at: http://vmgump.apache.org/gump/public/tomcat-8.0.x/tomcat-tc8.0.x-test-bio/index.html That said, some information snippets are provided here. The following annotations (debug/informational/warning/error messages) were provided: -DEBUG- Dependency on commons-daemon exists, no need to add for property commons-daemon.native.src.tgz. -DEBUG- Dependency on commons-daemon exists, no need to add for property tomcat-native.tar.gz. -INFO- Failed with reason build failed -INFO- Project Reports in: /srv/gump/public/workspace/tomcat-8.0.x/output/logs-BIO -INFO- Project Reports in: /srv/gump/public/workspace/tomcat-8.0.x/output/test-tmp-BIO/logs The following work was performed: http://vmgump.apache.org/gump/public/tomcat-8.0.x/tomcat-tc8.0.x-test-bio/gump_work/build_tomcat-8.0.x_tomcat-tc8.0.x-test-bio.html Work Name: build_tomcat-8.0.x_tomcat-tc8.0.x-test-bio (Type: Build) Work ended in a state of : Failed Elapsed: 53 mins 36 secs Command Line: /usr/lib/jvm/java-8-oracle/bin/java -Djava.awt.headless=true -Dbuild.sysclasspath=only org.apache.tools.ant.Main -Dgump.merge=/srv/gump/public/gump/work/merge.xml -Djunit.jar=/srv/gump/public/workspace/junit/target/junit-4.13-SNAPSHOT.jar -Dobjenesis.jar=/srv/gump/public/workspace/objenesis/main/target/objenesis-2.2-SNAPSHOT.jar -Dtest.reports=output/logs-BIO -Dtomcat-native.tar.gz=/srv/gump/public/workspace/apache-commons/daemon/dist/bin/commons-daemon-20150318-native-src.tar.gz -Dexamples.sources.skip=true -Djdt.jar=/srv/gump/packages/eclipse/plugins/R-4.4-201406061215/ecj-4.4.jar -Dcommons-daemon.jar=/srv/gump/public/workspace/apache-commons/daemon/dist/commons-daemon-20150318.jar -Dcommons-daemon.native.src.tgz=/srv/gump/public/workspace/apache-commons/daemon/dist/bin/commons-daemon-20150318-native-src.tar.gz -Dtest.temp=output/test-tmp-BIO -Dtest.accesslog=true -Dexecute.test.nio=false -Dtest.openssl.path=/srv/gump/public/workspace/openssl-1.0.2/dest-20150318/bin/o penssl -Dexecute.test.apr=false -Dexecute.test.bio=true -Dexecute.test.nio2=false -Deasymock.jar=/srv/gump/public/workspace/easymock/easymock/target/easymock-3.4-SNAPSHOT.jar -Dhamcrest.jar=/srv/gump/packages/hamcrest/hamcrest-core-1.3.jar -Dcglib.jar=/srv/gump/packages/cglib/cglib-nodep-2.2.jar test [Working Directory: /srv/gump/public/workspace/tomcat-8.0.x] CLASSPATH: /usr/lib/jvm/java-8-oracle/lib/tools.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/webapps/examples/WEB-INF/classes:/srv/gump/public/workspace/tomcat-8.0.x/output/testclasses:/srv/gump/public/workspace/ant/dist/lib/ant.jar:/srv/gump/public/workspace/ant/dist/lib/ant-launcher.jar:/srv/gump/public/workspace/ant/dist/lib/ant-jmf.jar:/srv/gump/public/workspace/ant/dist/lib/ant-junit.jar:/srv/gump/public/workspace/ant/dist/lib/ant-junit4.jar:/srv/gump/public/workspace/ant/dist/lib/ant-swing.jar:/srv/gump/public/workspace/ant/dist/lib/ant-apache-resolver.jar:/srv/gump/public/workspace/ant/dist/lib/ant-apache-xalan2.jar:/srv/gump/public/workspace/xml-commons/java/build/resolver.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/bin/bootstrap.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/bin/tomcat-juli.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/lib/annotations-api.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/lib/servlet-api.ja r:/srv/gump/public/workspace/tomcat-8.0.x/output/build/lib/jsp-api.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/lib/el-api.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/lib/websocket-api.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/lib/catalina.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/lib/catalina-ant.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/lib/catalina-storeconfig.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/lib/tomcat-coyote.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/lib/jasper.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/lib/jasper-el.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/lib/catalina-tribes.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/lib/catalina-ha.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/lib/tomcat-api.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/lib/tomcat-jni.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/bu
[GitHub] tomcat pull request: Add QueryExecutionReportInterceptor and tests...
GitHub user ttddyy opened a pull request:
https://github.com/apache/tomcat/pull/18
Add QueryExecutionReportInterceptor and tests to jdbc-pool
Hello,
I wrote a JDBC interceptor, `QueryExecutionReportInterceptor`, and would
like to contribute it to jdbc-pool module.
### About
The `QueryExecutionReportInterceptor` outputs all query execution related
information to JULI log or system.out at the time of query(s) execution.
*Feature:*
- Configurable log level or System.out
- Work with batch executions
- Logs actual query parameters
- Turn on/off query parameters logging
- Support JSON output
*The log includes:*
- Query execution status (success/failure)
- Query execution time
- Statement type
- Batch execution
- Num of batch
- Num of query
- Query
- Query parameter values
### Motivation
I wrote a query reporting framework before,
[datasource-proxy](https://github.com/ttddyy/datasource-proxy), which uses
similar mechanism that jdbc-interceptor uses - using proxy to intercept query
execution and do some logic.
The reporting feature is very useful especially in debugging or trouble
shooting.
I think it would be more beneficial for users if this feature comes from
part of tomcat-jdbc-connection-pool library. So, I rewrote my logic to match
with jdbc-interceptor and enhanced a bit of it.
### Sample Output
Statement:
```
success:true, type:STATEMENT, batch:false, time:2, querySize:1,
batchSize:0, query:[(select * from users)], params:[]
```
Statement (Batched):
```
success:true, type:STATEMENT, batch:true, time:1, querySize:2, batchSize:2,
query:[(insert into users values (200, 'FOO')),(insert into users values (201,
'BAR'))], params:[]
```
PreparedStatement:
```
success:true, type:PREPARED, batch:false, time:3, querySize:1, batchSize:0,
query:[(select 1 from users where id = ? and name = ?)], params:[(1=99,2=foo)]
```
PreparedStatement (Batched):
```
success:true, type:PREPARED, batch:true, time:1, querySize:1, batchSize:2,
query:[(insert into users (id, name) values (?, ?))],
params:[(1=100,2=foo),(1=200,2=bar)]
```
PreparedStatement as JSON:
```
{success:true, type:PREPARED, batch:true, timeâ:1,
querySize:1, batchSize:1, query:[insert into users (id, name) values (?,
?)], params:[{1:100,2:bar}]}
```
You can merge this pull request into a Git repository by running:
$ git pull https://github.com/ttddyy/tomcat query-report-interceptor
Alternatively you can review and apply these changes as the patch at:
https://github.com/apache/tomcat/pull/18.patch
To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:
This closes #18
commit 61350dfa67e7f3414223e0988d4e07cdb66ee2f8
Author: Tadaya Tsuyukubo tad...@ttddyy.net
Date: 2015-03-18T05:02:05Z
Add QueryExecutionReportInterceptor and tests to jdbc-pool
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: Taglibs sub-site
On Feb 27, 2015, at 7:57 AM, Jeremy Boynes jboy...@apache.org wrote: On Feb 27, 2015, at 3:38 AM, kkoli...@apache.org wrote: Author: kkolinko Date: Fri Feb 27 11:38:13 2015 New Revision: 1662662 URL: http://svn.apache.org/r1662662 Log: Announcement for Standard Taglib 1.2.3. I do not like the CVE link (goes to announce@a.o mail archive) and CHANGES link (goes to SVN), as I noted in a FIXME comment in index.xml. Any better ideas? We could add a security-taglibs page to the main site and link from the security.html page. I find the frankensite, as Henri called it, a pain in general. I’m thinking about merging it in with the main Tomcat site source and give it an overhaul (including moving away from using Maven to build it). It integrates Taglibs more with the main Tomcat project structure. Does anyone have any concern about that? In r1667455 I updated the main site to integrate Taglibs more closely. Primary changes are: * a menu link to the download page * replace Maven sub-site with a taglibs page * added a page for security issues (linked off security.html) Cheers Jeremy signature.asc Description: Message signed with OpenPGP using GPGMail
[Bug 57718] None of the ciphers specified are supported by the SSL engine
https://bz.apache.org/bugzilla/show_bug.cgi?id=57718 Chandu sheka...@gmail.com changed: What|Removed |Added Severity|critical|blocker Priority|P2 |P1 CC||sheka...@gmail.com -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 57718] New: None of the ciphers specified are supported by the SSL engine
https://bz.apache.org/bugzilla/show_bug.cgi?id=57718
Bug ID: 57718
Summary: None of the ciphers specified are supported by the SSL
engine
Product: Tomcat Connectors
Version: unspecified
Hardware: Other
OS: Linux
Status: NEW
Severity: critical
Priority: P2
Component: Common
Assignee: dev@tomcat.apache.org
Reporter: sheka...@gmail.com
Hi
We are using Tomcat as webserver.
We set the tomcat connector like this
connector = new Connector(HTTP/1.1);
connector.setPort(httpsPort);
connector.setSecure(true);
connector.setProperty(clientAuth, false);
connector.setAllowTrace(false);
connector.setProperty(server, Server Hardware Management Console);
connector.setEnableLookups(true); // -27
connector.setProperty(SSLEnabled, true);
connector.setProperty(backlog, 10);
connector.setProperty(maxThreads, 75);
connector.setProperty(minSpareThreads, 5);
connector.setProperty(maxSpareThreads, 20);
connector.setProperty(soTimeout, 2);
connector.setScheme(https);
connector.setProperty(algorithm, KeyManagerFactory
.getDefaultAlgorithm());
connector.setProperty(keystoreFile, CertUtils
.getConfiguredKeyStoreFileName());
connector.setProperty(keystorePass, password);
connector.setProperty(keystoreType, JKS);
if(nist_sp800_131a.equals(sm.getSecurityMode())){
connector.setProperty(sslProtocol, TLSv1.2);
}else{
connector.setProperty(sslProtocol, TLS);
connector.setProperty(sslEnabledProtocols,TLSv1,TLSv1.1,TLSv1.2);
}
connector.setProperty(ciphers, sm.getCiphers());
--- Here we set the Cipher.
tomcat.getService().addConnector(connector);
commonSystem.setListeningOnHttps(true);
This is the Cipher list we have and we set the below Cipher to Tomcat (
Check the above code.)
availablTLSv11CipherList.add(TLS_RSA_WITH_AES_128_CBC_SHA);
availablTLSv11CipherList.add(TLS_RSA_WITH_3DES_EDE_CBC_SHA);
availablTLSv11CipherList.add(TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA);
availablTLSv11CipherList.add(TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA);
availablTLSv11CipherList.add(TLS_DHE_RSA_WITH_AES_128_CBC_SHA);
availablTLSv12CipherList.add(TLS_RSA_WITH_AES_128_CBC_SHA256);
availablTLSv12CipherList.add(TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
);
availablTLSv12CipherList.add(TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256);
availablTLSv12CipherList.add(TLS_RSA_WITH_AES_128_GCM_SHA256);
availablTLSv12CipherList.add(TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
);
I am using the Cipher list starting with TLS for ex:
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, Earlier everything was
working fine, but after Tomcat update to 7.0.59 from 7.0.29, I see that if I
set the above Cipher
list I am getting below error
WARNING: None of the ciphers specified are supported
by the SSL engine : TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA,TLS_DHE_DS
S_WITH_AES_128_CBC_SHA,TLS_DHE_DSS_WITH_AES_128_CBC_SHA256,TLS_DHE_DSS_W
ITH_AES_128_GCM_SHA256,TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA,TLS_DH
E_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,TLS_DHE_R
SA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SH
A,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_
SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WI
TH_3DES_EDE_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WIT
H_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_
ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA,TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA,TLS
_ECDH_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDH_ECDSA_WITH_AES_128
_GCM_SHA256,TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA,TLS_ECDH_RSA_WITH_AES_128
_CBC_SHA,TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDH_RSA_WITH
_AES_128_GCM_SHA256,TLS_RSA_FIPS_WITH_3DES_EDE_CBC_SHA,TLS_RSA_WITH_3DES
_EDE_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_128_
If I set the Cipher name to SSL it works. I mean to say Instead of
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 to
SSL_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256. I want to know why this
behaviour got changed.
We are using IBM JAVA 6.
--
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: WAR FileSystem for fast nested JAR access?
On Mar 7, 2015, at 10:13 AM, Jeremy Boynes jboy...@apache.org wrote: On Mar 6, 2015, at 7:43 AM, Mark Thomas ma...@apache.org wrote: Interesting. The deciding factor for me will be performance. Keep in mind that we might not need all the API. As long as there is enough to implement WebResourceSet and WebResource, we probably have all we need. I ran a micro-benchmark using the greenhouse WAR associated with the original bug. I instrumented JarWarResource to log all resources opened during startup and record the time. On my system it took ~21,000ms to start the application of which ~16,000ms was spent in getJarInputStreamWrapper(). 2935 resources were opened, primarily class files. I then replayed the log against the sandbox FS. With the current implementation it took ~300ms to open the war, ~350ms to open all the jars, and ~5ms to open all the entries with newInputStream(). I interpret that to mean that there is pretty constant time taken to inflate 15MB of data - the 300ms to scan the archive and the ~350ms to scan each of the jars within (each one that was used at least). The speed up here comes because we only scan each archive once, the downside is the extra memory used to store the inflated data. This is promising enough to me that I’m going to keep exploring. Konstantin’s patch, AIUI, creates an index for each jar which eliminates the need to scan jars on the classpath that don’t contain the class being requested. However, once the classloader has determined the jar file to use we still need to stream through that jar until we reach the desired entry. I think we can avoid that here by digging into the zip file’s internal metadata. Where I am currently streaming the jar to build the directory, with random access I can build an index just by reading the central directory structure. An index entry would contain the name, metadata, and the offset in the archive of the entry’s data. When an entry is opened would we inflate the data so that it could be used to underpin the channel. When the channel is closed the memory would be released. In general, I don’t think there’s a need for the FileSystem to retain inflated data after the channel is closed. This would be particularly true for the leaf resources which are not likely to be reused; for example, once a ClassLoader has used the .class file to define the Class or once a framework has processed a .xml config file then neither will need it again. However, I think the WAR ClassLoader would benefit from keeping the JAR files on the classpath open to avoid re-inflating them. The pattern though would be bursty e.g. lots of class loads during startup followed by quiescence. I can think of two ways to handle that: 1) FileSystem has maintains a cache of inflated entries much like a disk filesystem has buffers The FileSystem would be responsible for evictions, perhaps on a LRU or timed basis. 2) Having the classloader keep the JARs opened/mounted after loading a resource until such time as it thinks quiescence is reached. It would then unmount JARs to free the memory. We could do both as they don’t conflict. Next step will be to look into building the index directly from the archive’s central directory rather than by streaming it. Next step was actually just to verify that we could make a URLClassLoader work with this API. I got this to work by turning the path URIs into collection URLs (ending in ‘/‘) which prevented the classloader from trying to open them as JarFiles. The classloader works but the classpath search is pretty inefficient relying on UrlConnection#getInputStream throwing an Exception to detect if a resource exists. Using it to load the 2935 resources from before took ~1900ms even after the jars had been indexed. getInputStream() was called ~120,000 times as the classpath was scanned, i.e. 15us per check with an average of ~40 checks per resource which seems about right for a classpath that contains 73 jars. An obvious solution to avoid the repeated search would be to union the jars’ directories into a single index. I may try this with a PathClassLoader that operates using a list of Paths rather than URLs. Cheers Jeremy signature.asc Description: Message signed with OpenPGP using GPGMail
[Bug 57718] None of the ciphers specified are supported by the SSL engine
https://bz.apache.org/bugzilla/show_bug.cgi?id=57718 Mark Thomas ma...@apache.org changed: What|Removed |Added Status|NEW |RESOLVED Resolution|--- |INVALID --- Comment #1 from Mark Thomas ma...@apache.org --- See bug 54406. IBM uses SSL_XXX for all it ciphers although it will accept TLS_XXX. When Tomcat compares the available ciphers against the requested ciphers it can't tell that SSL_XXX and TLS_XXX are the same. Bugzilla is not a support forum. If you have any further questions, they belong on the users mailing list. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1667177 - in /tomcat/trunk/java/org/apache/catalina/ha/session: LocalStrings.properties LocalStrings_es.properties
Author: kfujino
Date: Tue Mar 17 06:54:58 2015
New Revision: 1667177
URL: http://svn.apache.org/r1667177
Log:
Remove unused message.
Modified:
tomcat/trunk/java/org/apache/catalina/ha/session/LocalStrings.properties
tomcat/trunk/java/org/apache/catalina/ha/session/LocalStrings_es.properties
Modified:
tomcat/trunk/java/org/apache/catalina/ha/session/LocalStrings.properties
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/ha/session/LocalStrings.properties?rev=1667177r1=1667176r2=1667177view=diff
==
--- tomcat/trunk/java/org/apache/catalina/ha/session/LocalStrings.properties
(original)
+++ tomcat/trunk/java/org/apache/catalina/ha/session/LocalStrings.properties
Tue Mar 17 06:54:58 2015
@@ -79,7 +79,6 @@ jvmRoute.set.orignalsessionid=Set Orgina
standardSession.notSerializable=Cannot serialize session attribute {0} for
session {1}
standardSession.removeAttribute.ise=removeAttribute: Session already
invalidated
standardSession.setAttribute.namenull=setAttribute: name parameter cannot be
null
-serializablePrincipal.readPrincipal.cnfe=readPrincipal: Failed to recreate
user Principal
backupManager.noCluster=no cluster associated with this context: [{0}]
backupManager.startUnable=Unable to start BackupManager: [{0}]
backupManager.startFailed=Failed to start BackupManager: [{0}]
Modified:
tomcat/trunk/java/org/apache/catalina/ha/session/LocalStrings_es.properties
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/ha/session/LocalStrings_es.properties?rev=1667177r1=1667176r2=1667177view=diff
==
--- tomcat/trunk/java/org/apache/catalina/ha/session/LocalStrings_es.properties
(original)
+++ tomcat/trunk/java/org/apache/catalina/ha/session/LocalStrings_es.properties
Tue Mar 17 06:54:58 2015
@@ -76,4 +76,3 @@ jvmRoute.set.orignalsessionid = Puesta i
standardSession.notSerializable = No puedo serializar atributo de sesi\u00F3n
{0} para sesi\u00F3n {1}
standardSession.removeAttribute.ise = removeAttribute\: Sesi\u00F3n ya
invalidada
standardSession.setAttribute.namenull = setAttribute\: par\u00E1metro de
nombre no puede ser nulo
-serializablePrincipal.readPrincipal.cnfe = readPrincipal\: No pude volver a
crea el usuario Principal
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: [patch] WsServerContainer.java on trunk
On 16/03/2015 14:50, Raghavendran N wrote: diff --git a/java/org/apache/tomcat /websocket/server/WsServerContainer.java b/java/org/apache/tomcat/websocket/server/WsServerContainer.java index d2c824c..a663e8e 100644 --- a/java/org/apache/tomcat/websocket/server/WsServerContainer.java +++ b/java/org/apache/tomcat/websocket/server/WsServerContainer.java @@ -166,7 +166,7 @@ public class WsServerContainer extends WsWebSocketContainer * must be called before calling this method. * * @param sec The configuration to use when creating endpoint instances - * @throws DeploymentException if the endpoint can not be published as + * @throws DeploymentException if the endpoint cannot be published as * requested */ @Override Both are technically correct. Which to use is a style choice although cannot is certainly the more common. I thought cannot was a more common usage and sent the patch. I also wanted to keep it very small and make a small beginning. There were rather more instances than the one you highlighted. I have no string preference for one over the other so I did a global search and replace for 9.0.x. Thank you for taking it up. I did a git pull and saw your commit :) Also for fixing the other occurrences. I wanted to send a very small patch and I picked this one. I guess I should have picked all the occurrences. Personally, I don't think it is worth back-porting. If someone wants to do that work, got for it. Mark Thank you Mark. -raghav - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1667178 - in /tomcat/tc8.0.x/trunk/java/org/apache/catalina/ha/session: LocalStrings.properties LocalStrings_es.properties
Author: kfujino
Date: Tue Mar 17 06:55:34 2015
New Revision: 1667178
URL: http://svn.apache.org/r1667178
Log:
Remove unused message.
Modified:
tomcat/tc8.0.x/trunk/java/org/apache/catalina/ha/session/LocalStrings.properties
tomcat/tc8.0.x/trunk/java/org/apache/catalina/ha/session/LocalStrings_es.properties
Modified:
tomcat/tc8.0.x/trunk/java/org/apache/catalina/ha/session/LocalStrings.properties
URL:
http://svn.apache.org/viewvc/tomcat/tc8.0.x/trunk/java/org/apache/catalina/ha/session/LocalStrings.properties?rev=1667178r1=1667177r2=1667178view=diff
==
---
tomcat/tc8.0.x/trunk/java/org/apache/catalina/ha/session/LocalStrings.properties
(original)
+++
tomcat/tc8.0.x/trunk/java/org/apache/catalina/ha/session/LocalStrings.properties
Tue Mar 17 06:55:34 2015
@@ -79,7 +79,6 @@ jvmRoute.set.orignalsessionid=Set Orgina
standardSession.notSerializable=Cannot serialize session attribute {0} for
session {1}
standardSession.removeAttribute.ise=removeAttribute: Session already
invalidated
standardSession.setAttribute.namenull=setAttribute: name parameter cannot be
null
-serializablePrincipal.readPrincipal.cnfe=readPrincipal: Failed to recreate
user Principal
backupManager.noCluster=no cluster associated with this context: [{0}]
backupManager.startUnable=Unable to start BackupManager: [{0}]
backupManager.startFailed=Failed to start BackupManager: [{0}]
Modified:
tomcat/tc8.0.x/trunk/java/org/apache/catalina/ha/session/LocalStrings_es.properties
URL:
http://svn.apache.org/viewvc/tomcat/tc8.0.x/trunk/java/org/apache/catalina/ha/session/LocalStrings_es.properties?rev=1667178r1=1667177r2=1667178view=diff
==
---
tomcat/tc8.0.x/trunk/java/org/apache/catalina/ha/session/LocalStrings_es.properties
(original)
+++
tomcat/tc8.0.x/trunk/java/org/apache/catalina/ha/session/LocalStrings_es.properties
Tue Mar 17 06:55:34 2015
@@ -76,4 +76,3 @@ jvmRoute.set.orignalsessionid = Puesta i
standardSession.notSerializable = No puedo serializar atributo de sesi\u00F3n
{0} para sesi\u00F3n {1}
standardSession.removeAttribute.ise = removeAttribute\: Sesi\u00F3n ya
invalidada
standardSession.setAttribute.namenull = setAttribute\: par\u00E1metro de
nombre no puede ser nulo
-serializablePrincipal.readPrincipal.cnfe = readPrincipal\: No pude volver a
crea el usuario Principal
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 57681] Allow parallel class loading in web application class loader by synchronizing on class specific object
https://bz.apache.org/bugzilla/show_bug.cgi?id=57681
--- Comment #8 from Alex Koturanov kotur...@amazon.com ---
Comment on attachment 32554
-- https://bz.apache.org/bugzilla/attachment.cgi?id=32554
Patch to work with JDK1.6
--- WebappClassLoader_r1661811.java2015-03-09 21:53:27.0 +
+++ WebappClassLoader_patch.java2015-03-17 14:21:56.0 +
@@ -1599,7 +1599,25 @@ public class WebappClassLoader
* @exception ClassNotFoundException if the class was not found
*/
@Override
-public synchronized Class? loadClass(String name, boolean resolve)
+public Class? loadClass(String name, boolean resolve)
+throws ClassNotFoundException {
+// check local cache without entering the global synchronized block
and return if the class is found
+if (resourceEntries.containsKey(name)) {
+Class? clazz = findLoadedClass0(name);
+if (clazz != null) {
+if (log.isDebugEnabled())
+log.debug( Returning class from cache);
+if (resolve)
+resolveClass(clazz);
+return (clazz);
+}
+
+}
+// class is not found in local cache - call the original synchronized
method
+return loadClass0(name, resolve);
+}
+
+private synchronized Class? loadClass0(String name, boolean resolve)
throws ClassNotFoundException {
if (log.isDebugEnabled())
--
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 57681] Allow parallel class loading in web application class loader by synchronizing on class specific object
https://bz.apache.org/bugzilla/show_bug.cgi?id=57681 Alex Koturanov kotur...@amazon.com changed: What|Removed |Added Attachment #32554|0 |1 is obsolete|| -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1667402 - /tomcat/trunk/java/org/apache/catalina/authenticator/NonLoginAuthenticator.java
Author: markt
Date: Tue Mar 17 21:01:55 2015
New Revision: 1667402
URL: http://svn.apache.org/r1667402
Log:
Refactor the non-login authenticator to align it with the other authenticators.
There is never any need to create a session and set a Principal for this
authenticator. Either the user principal has been set before this authenticator
is called (in which case no need to set the Principal in the session) or it
can't be set by this authenticator (since it doesn't do authentication).
Modified:
tomcat/trunk/java/org/apache/catalina/authenticator/NonLoginAuthenticator.java
Modified:
tomcat/trunk/java/org/apache/catalina/authenticator/NonLoginAuthenticator.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/authenticator/NonLoginAuthenticator.java?rev=1667402r1=1667401r2=1667402view=diff
==
---
tomcat/trunk/java/org/apache/catalina/authenticator/NonLoginAuthenticator.java
(original)
+++
tomcat/trunk/java/org/apache/catalina/authenticator/NonLoginAuthenticator.java
Tue Mar 17 21:01:55 2015
@@ -17,11 +17,9 @@
package org.apache.catalina.authenticator;
import java.io.IOException;
-import java.security.Principal;
import javax.servlet.http.HttpServletResponse;
-import org.apache.catalina.Session;
import org.apache.catalina.connector.Request;
/**
@@ -79,34 +77,9 @@ public final class NonLoginAuthenticator
public boolean authenticate(Request request, HttpServletResponse response)
throws IOException {
-Principal principal = request.getPrincipal();
-if (principal != null) {
-// excellent... we have already authenticated the client somehow,
-// probably from another container that has a login-config
-if (containerLog.isDebugEnabled())
-containerLog.debug(Already authenticated as '
- + principal.getName() + ');
-
-if (cache) {
-// create a new session (only if necessary)
-Session session = request.getSessionInternal(true);
-
-// save the inherited Principal (if necessary) in this
-// session so it can remain authenticated until it expires
-session.setPrincipal(principal);
-
-// is there an SSO session cookie?
-String ssoId =
-(String) request.getNote(Constants.REQ_SSOID_NOTE);
-if (ssoId != null) {
-if (containerLog.isDebugEnabled())
-containerLog.debug(User authenticated by existing
SSO);
-// Associate session with the existing SSO ID if necessary
-associate(ssoId, session);
-}
-}
-
-// user was already authenticated, with or without a cookie
+// Don't try and use SSO to authenticate since there is no auth
+// configured for this web application
+if (checkForCachedAuthentication(request, true)) {
return true;
}
@@ -115,7 +88,6 @@ public final class NonLoginAuthenticator
// to say the user is now authenticated because access to
// protected resources will only be allowed with a matching role.
// i.e. SC_FORBIDDEN (403 status) will be generated later.
-
if (containerLog.isDebugEnabled())
containerLog.debug(User authenticated without any roles);
return true;
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1667406 - /tomcat/trunk/java/org/apache/catalina/connector/CoyoteAdapter.java
Author: markt
Date: Tue Mar 17 21:14:12 2015
New Revision: 1667406
URL: http://svn.apache.org/r1667406
Log:
Pull out connector authentication calls into a separate method.
Modified:
tomcat/trunk/java/org/apache/catalina/connector/CoyoteAdapter.java
Modified: tomcat/trunk/java/org/apache/catalina/connector/CoyoteAdapter.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/connector/CoyoteAdapter.java?rev=1667406r1=1667405r2=1667406view=diff
==
--- tomcat/trunk/java/org/apache/catalina/connector/CoyoteAdapter.java
(original)
+++ tomcat/trunk/java/org/apache/catalina/connector/CoyoteAdapter.java Tue Mar
17 21:14:12 2015
@@ -681,18 +681,6 @@ public class CoyoteAdapter implements Ad
}
}
-// Set the remote principal
-String principal = req.getRemoteUser().toString();
-if (principal != null) {
-request.setUserPrincipal(new CoyotePrincipal(principal));
-}
-
-// Set the authorization type
-String authtype = req.getAuthType().toString();
-if (authtype != null) {
-request.setAuthType(authtype);
-}
-
// Request mapping.
MessageBytes serverName;
if (connector.getUseIPVHosts()) {
@@ -853,10 +841,27 @@ public class CoyoteAdapter implements Ad
return false;
}
+doConnectorAuthentication(req, request);
+
return true;
}
+private void doConnectorAuthentication(org.apache.coyote.Request req,
Request request) {
+// Set the remote principal
+String principal = req.getRemoteUser().toString();
+if (principal != null) {
+request.setUserPrincipal(new CoyotePrincipal(principal));
+}
+
+// Set the authorization type
+String authtype = req.getAuthType().toString();
+if (authtype != null) {
+request.setAuthType(authtype);
+}
+}
+
+
/**
* Extract the path parameters from the request. This assumes parameters
are
* of the form /path;name=value;name2=value2/ etc. Currently only really
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 57681] Allow parallel class loading in web application class loader by synchronizing on class specific object
https://bz.apache.org/bugzilla/show_bug.cgi?id=57681 --- Comment #9 from Alex Koturanov kotur...@amazon.com --- Created attachment 32584 -- https://bz.apache.org/bugzilla/attachment.cgi?id=32584action=edit Lock free read for already loaded/cached classes -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 57681] Allow parallel class loading in web application class loader by synchronizing on class specific object
https://bz.apache.org/bugzilla/show_bug.cgi?id=57681 --- Comment #10 from Mark Thomas ma...@apache.org --- (In reply to Alex Koturanov from comment #8) Comment on attachment 32554 [details] Patch to work with JDK1.6 Doesn't implement parallel loading. Creates significant risk of a ConcurrentModificationException during the lock free read. Ignores the discussion in bug 56530. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1667243 - /tomcat/native/branches/1.1.x/native/src/poll.c
Author: markt
Date: Tue Mar 17 10:28:05 2015
New Revision: 1667243
URL: http://svn.apache.org/r1667243
Log:
Follow-up to r1665888. Review by kkolinko. else clause should not depend on
s-pe
Modified:
tomcat/native/branches/1.1.x/native/src/poll.c
Modified: tomcat/native/branches/1.1.x/native/src/poll.c
URL:
http://svn.apache.org/viewvc/tomcat/native/branches/1.1.x/native/src/poll.c?rev=1667243r1=1667242r2=1667243view=diff
==
--- tomcat/native/branches/1.1.x/native/src/poll.c (original)
+++ tomcat/native/branches/1.1.x/native/src/poll.c Tue Mar 17 10:28:05 2015
@@ -366,15 +366,17 @@ TCN_IMPLEMENT_CALL(jint, Poll, poll)(TCN
least, multiple pairs have been observed. In this case do not
try
and remove socket from the pollset for a second time else a
crash
will result. */
-if (remove s-pe) {
-apr_pollset_remove(p-pollset, fd);
-APR_RING_REMOVE(s-pe, link);
-APR_RING_INSERT_TAIL(p-dead_ring, s-pe, tcn_pfde_t, link);
-s-pe = NULL;
-p-nelts--;
+if (remove) {
+if (s-pe) {
+apr_pollset_remove(p-pollset, fd);
+APR_RING_REMOVE(s-pe, link);
+APR_RING_INSERT_TAIL(p-dead_ring, s-pe, tcn_pfde_t,
link);
+s-pe = NULL;
+p-nelts--;
#ifdef TCN_DO_STATISTICS
-p-sp_removed++;
+p-sp_removed++;
#endif
+}
}
else {
/* Update last active with the current time
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: svn commit: r1665888 - /tomcat/native/branches/1.1.x/native/src/poll.c
On 17/03/2015 10:28, Mark Thomas wrote: On 16/03/2015 21:40, Konstantin Kolinko wrote: snip/ Also, there is a question of porting this fix to Native trunk. I'll take a look. Based on my understanding of the trunk code, this is not an issue in trunk. Mark - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: svn commit: r1665888 - /tomcat/native/branches/1.1.x/native/src/poll.c
On 16/03/2015 21:40, Konstantin Kolinko wrote:
2015-03-11 17:44 GMT+03:00 ma...@apache.org:
Author: markt
Date: Wed Mar 11 14:44:23 2015
New Revision: 1665888
URL: http://svn.apache.org/r1665888
Log:
Fix 57653. Crash when multiple events for same socket are returned via
separate apr_pollfd_t structures
Modified:
tomcat/native/branches/1.1.x/native/src/poll.c
Modified: tomcat/native/branches/1.1.x/native/src/poll.c
URL:
http://svn.apache.org/viewvc/tomcat/native/branches/1.1.x/native/src/poll.c?rev=1665888r1=1665887r2=1665888view=diff
==
--- tomcat/native/branches/1.1.x/native/src/poll.c (original)
+++ tomcat/native/branches/1.1.x/native/src/poll.c Wed Mar 11 14:44:23 2015
@@ -360,7 +360,13 @@ TCN_IMPLEMENT_CALL(jint, Poll, poll)(TCN
tcn_socket_t *s = (tcn_socket_t *)fd-client_data;
p-set[i*2+0] = (jlong)(fd-rtnevents);
p-set[i*2+1] = P2J(s);
-if (remove) {
+/* If a socket is registered for multiple events and the poller
has
+ multiple events to return it may do as a single pair in this
+ array or as multiple pairs depending on implementation. On
OSX at
+ least, multiple pairs have been observed. In this case do
not try
+ and remove socket from the pollset for a second time else a
crash
+ will result. */
+if (remove s-pe) {
apr_pollset_remove(p-pollset, fd);
APR_RING_REMOVE(s-pe, link);
APR_RING_INSERT_TAIL(p-dead_ring, s-pe, tcn_pfde_t,
link);
There shall be a separate nested if (s-pe) block instead of
combined condition. This if is followed by an else branch, which
is now executed in an unexpected way.
Lines 357-356 before the changed code:
if (!remove)
now = apr_time_now();
Line 379-385 the else branch:
else {
/* Update last active with the current time
* after the poll call.
*/
s-last_active = now;
}
Note how now is uninitialized when remove flag is false.
Thanks. Fixed.
Also, there is a question of porting this fix to Native trunk.
I'll take a look.
Mark
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[GUMP@vmgump]: Project tomcat-tc8.0.x-test-nio (in module tomcat-8.0.x) failed
To whom it may engage... This is an automated request, but not an unsolicited one. For more information please visit http://gump.apache.org/nagged.html, and/or contact the folk at gene...@gump.apache.org. Project tomcat-tc8.0.x-test-nio has an issue affecting its community integration. This issue affects 1 projects. The current state of this project is 'Failed', with reason 'Build Failed'. For reference only, the following projects are affected by this: - tomcat-tc8.0.x-test-nio : Tomcat 8.x, a web server implementing the Java Servlet 3.1, ... Full details are available at: http://vmgump.apache.org/gump/public/tomcat-8.0.x/tomcat-tc8.0.x-test-nio/index.html That said, some information snippets are provided here. The following annotations (debug/informational/warning/error messages) were provided: -DEBUG- Dependency on commons-daemon exists, no need to add for property commons-daemon.native.src.tgz. -DEBUG- Dependency on commons-daemon exists, no need to add for property tomcat-native.tar.gz. -INFO- Failed with reason build failed -INFO- Project Reports in: /srv/gump/public/workspace/tomcat-8.0.x/output/logs-NIO -INFO- Project Reports in: /srv/gump/public/workspace/tomcat-8.0.x/output/test-tmp-NIO/logs The following work was performed: http://vmgump.apache.org/gump/public/tomcat-8.0.x/tomcat-tc8.0.x-test-nio/gump_work/build_tomcat-8.0.x_tomcat-tc8.0.x-test-nio.html Work Name: build_tomcat-8.0.x_tomcat-tc8.0.x-test-nio (Type: Build) Work ended in a state of : Failed Elapsed: 56 mins 10 secs Command Line: /usr/lib/jvm/java-8-oracle/bin/java -Djava.awt.headless=true -Dbuild.sysclasspath=only org.apache.tools.ant.Main -Dgump.merge=/srv/gump/public/gump/work/merge.xml -Djunit.jar=/srv/gump/public/workspace/junit/target/junit-4.13-SNAPSHOT.jar -Dobjenesis.jar=/srv/gump/public/workspace/objenesis/main/target/objenesis-2.2-SNAPSHOT.jar -Dtest.reports=output/logs-NIO -Dtomcat-native.tar.gz=/srv/gump/public/workspace/apache-commons/daemon/dist/bin/commons-daemon-20150317-native-src.tar.gz -Dexamples.sources.skip=true -Djdt.jar=/srv/gump/packages/eclipse/plugins/R-4.4-201406061215/ecj-4.4.jar -Dcommons-daemon.jar=/srv/gump/public/workspace/apache-commons/daemon/dist/commons-daemon-20150317.jar -Dcommons-daemon.native.src.tgz=/srv/gump/public/workspace/apache-commons/daemon/dist/bin/commons-daemon-20150317-native-src.tar.gz -Dtest.temp=output/test-tmp-NIO -Dtest.accesslog=true -Dexecute.test.nio=true -Dtest.openssl.path=/srv/gump/public/workspace/openssl-1.0.2/dest-20150317/bin/op enssl -Dexecute.test.apr=false -Dexecute.test.bio=false -Dexecute.test.nio2=false -Deasymock.jar=/srv/gump/public/workspace/easymock/easymock/target/easymock-3.4-SNAPSHOT.jar -Dhamcrest.jar=/srv/gump/packages/hamcrest/hamcrest-core-1.3.jar -Dcglib.jar=/srv/gump/packages/cglib/cglib-nodep-2.2.jar test [Working Directory: /srv/gump/public/workspace/tomcat-8.0.x] CLASSPATH: /usr/lib/jvm/java-8-oracle/lib/tools.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/webapps/examples/WEB-INF/classes:/srv/gump/public/workspace/tomcat-8.0.x/output/testclasses:/srv/gump/public/workspace/ant/dist/lib/ant.jar:/srv/gump/public/workspace/ant/dist/lib/ant-launcher.jar:/srv/gump/public/workspace/ant/dist/lib/ant-jmf.jar:/srv/gump/public/workspace/ant/dist/lib/ant-junit.jar:/srv/gump/public/workspace/ant/dist/lib/ant-junit4.jar:/srv/gump/public/workspace/ant/dist/lib/ant-swing.jar:/srv/gump/public/workspace/ant/dist/lib/ant-apache-resolver.jar:/srv/gump/public/workspace/ant/dist/lib/ant-apache-xalan2.jar:/srv/gump/public/workspace/xml-commons/java/build/resolver.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/bin/bootstrap.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/bin/tomcat-juli.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/lib/annotations-api.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/lib/servlet-api.ja r:/srv/gump/public/workspace/tomcat-8.0.x/output/build/lib/jsp-api.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/lib/el-api.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/lib/websocket-api.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/lib/catalina.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/lib/catalina-ant.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/lib/catalina-storeconfig.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/lib/tomcat-coyote.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/lib/jasper.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/lib/jasper-el.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/lib/catalina-tribes.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/lib/catalina-ha.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/lib/tomcat-api.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/lib/tomcat-jni.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/bu ild/lib/tomcat-spdy.jar:/srv/gump/public/workspace/tomcat
Re: Impossible branch in o.a.t.websocket.server.WsServerContainer.addEndpoint
On 17/03/2015 14:45, Christopher Schultz wrote:
Ping
Sorry. This dropped off my radar while I was trying to figure out the
APR crash.
I'll take a look later today.
Mark
On 3/9/15 12:19 PM, Christopher Schultz wrote:
All,
I was looking at https://bz.apache.org/bugzilla/show_bug.cgi?id=57676 (a
simple proposed patch to improve an error message) and I was trying to
figure out what to do with a bit of code in addEndpoint. Reading the
code, I think I've spotted a problem:
[187] UriTemplate uriTemplate = new UriTemplate(path);
if (uriTemplate.hasParameters()) {
Integer key = Integer.valueOf(uriTemplate.getSegmentCount());
SortedSetTemplatePathMatch templateMatches =
configTemplateMatchMap.get(key);
if (templateMatches == null) {
// Ensure that if concurrent threads execute this block they
// both end up using the same TreeSet instance
templateMatches = new TreeSet(
TemplatePathMatchComparator.getInstance());
configTemplateMatchMap.putIfAbsent(key, templateMatches);
templateMatches = configTemplateMatchMap.get(key);
}
[200] if (!templateMatches.add(new TemplatePathMatch(sec,
uriTemplate))) {
// Duplicate uriTemplate;
throw new DeploymentException(
sm.getString(serverContainer.duplicatePaths, path,
sec.getEndpointClass(),
sec.getEndpointClass()));
}
}
The problem is on line 200, where we check to see if
templateMatches.add() returns false (meaning that the object we added to
the set replaced one that was already there).
I don't believe this branch can /ever/ be reached because the
TemplatePathMatch class doesn't override Object.equals(), thus no two
objects of that type will ever equal each other. Therefore, a new
TemplatePathMatch object will always be added to the set.
I'm not sure what the implications are of multiple TemplatePathMatch
objects being in that set, but it looks like it's bad (we throw an
exception in that case), so someone with a better understanding of such
things might want to take a look.
(Also, if anyone would care to comment on how to get the pre-existing
match for the error message -- which is different than current-trunk as
it's what I'm working on -- I'd love some insight.)
Thanks,
-chris
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[RESULT] [VOTE] Release Apache Standard Taglib 1.2.5
On Mar 10, 2015, at 9:22 AM, Jeremy Boynes jboy...@apache.org wrote: The proposed Apache Standard Taglib 1.2.5 release is now available for voting. This release contains two minor bug fixes: 57673 AccessControlException accessing org.apache.taglibs.standard.xml.accessExternalEntity 37466 Reverted changes that overrode HTTP method when importing local resources. It can be obtained from: https://dist.apache.org/repos/dist/dev/tomcat/taglibs/taglibs-standard-1.2.5/ The Maven staging repo is: https://repository.apache.org/content/repositories/orgapachetomcat-1038/ The SVN tag is: http://svn.apache.org/repos/asf/tomcat/taglibs/standard/tags/taglibs-standard-1.2.5/ The proposed 1.2.5 release is: [ ] Broken - do not release [ ] Stable - go ahead and release as 1.2.5 Stable The following votes were cast: Binding: +1: jboynes, kkolinko, violetagg The vote thereby passes. Thank you, Jeremy signature.asc Description: Message signed with OpenPGP using GPGMail
svn commit: r8313 - /dev/tomcat/taglibs/taglibs-standard-1.2.5/ /release/tomcat/taglibs/taglibs-standard-1.2.5/
Author: jboynes Date: Wed Mar 18 02:26:25 2015 New Revision: 8313 Log: Release Apache Standard Taglib 1.2.5 Added: release/tomcat/taglibs/taglibs-standard-1.2.5/ - copied from r8312, dev/tomcat/taglibs/taglibs-standard-1.2.5/ Removed: dev/tomcat/taglibs/taglibs-standard-1.2.5/ - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1667436 - in /tomcat/site/trunk: docs/index.html xdocs/index.xml
Author: jboynes Date: Wed Mar 18 03:06:46 2015 New Revision: 1667436 URL: http://svn.apache.org/r1667436 Log: Update news item to refer to cve.mitre.org Modified: tomcat/site/trunk/docs/index.html tomcat/site/trunk/xdocs/index.xml Modified: tomcat/site/trunk/docs/index.html URL: http://svn.apache.org/viewvc/tomcat/site/trunk/docs/index.html?rev=1667436r1=1667435r2=1667436view=diff == --- tomcat/site/trunk/docs/index.html (original) +++ tomcat/site/trunk/docs/index.html Wed Mar 18 03:06:46 2015 @@ -238,7 +238,7 @@ of the JSTL 1.2 specification. p Version 1.2.3 is a security and bug fix release. It fixes a few bugs found in Standard Taglib 1.2.1 and provides protection against -a href=http://mail-archives.apache.org/mod_mbox/www-announce/201502.mbox/%3C82207A16-6348-4DEE-877E-F7B87292576A%40apache.org%3E;CVE-2015-0254/a +a href=https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0254;CVE-2015-0254/a vulnerability (XXE and RCE via XSL extension in JSTL XML tags). /p Modified: tomcat/site/trunk/xdocs/index.xml URL: http://svn.apache.org/viewvc/tomcat/site/trunk/xdocs/index.xml?rev=1667436r1=1667435r2=1667436view=diff == --- tomcat/site/trunk/xdocs/index.xml (original) +++ tomcat/site/trunk/xdocs/index.xml Wed Mar 18 03:06:46 2015 @@ -40,13 +40,10 @@ project logo are trademarks of the Apach section name=Apache Standard Taglib 1.2.3 Released rtext=2015-02-20 !-- FIXME: - 1. CVE link goes to accounce@a.o mail archive. - It cannot go to cve.mitre.org, as they have not published this CVE number. - It cannot go to announce@tomcat.a.o archive, as announcement is not there. Stuck in moderation? - There is no taglibs page at http://tomcat.apache.org/security.html + 1. There is no taglibs page at http://tomcat.apache.org/security.html 2. Changelog link goes to SVN repository. Is the CHANGES file published on the site? - Maybe upload it to the download ares? + Maybe upload it to the download area? -- p The Apache Tomcat Project is proud to announce the release of version 1.2.3 of @@ -56,7 +53,7 @@ of the JSTL 1.2 specification. p Version 1.2.3 is a security and bug fix release. It fixes a few bugs found in Standard Taglib 1.2.1 and provides protection against -a href=http://mail-archives.apache.org/mod_mbox/www-announce/201502.mbox/%3C82207A16-6348-4DEE-877E-F7B87292576A%40apache.org%3E;CVE-2015-0254/a +a href=https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0254;CVE-2015-0254/a vulnerability (XXE and RCE via XSL extension in JSTL XML tags). /p p - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: Impossible branch in o.a.t.websocket.server.WsServerContainer.addEndpoint
On 3/9/15 12:19 PM, Christopher Schultz wrote:
All,
I was looking at https://bz.apache.org/bugzilla/show_bug.cgi?id=57676 (a
simple proposed patch to improve an error message) and I was trying to
figure out what to do with a bit of code in addEndpoint. Reading the
code, I think I've spotted a problem:
[187] UriTemplate uriTemplate = new UriTemplate(path);
if (uriTemplate.hasParameters()) {
Integer key = Integer.valueOf(uriTemplate.getSegmentCount());
SortedSetTemplatePathMatch templateMatches =
configTemplateMatchMap.get(key);
if (templateMatches == null) {
// Ensure that if concurrent threads execute this block they
// both end up using the same TreeSet instance
templateMatches = new TreeSet(
TemplatePathMatchComparator.getInstance());
configTemplateMatchMap.putIfAbsent(key, templateMatches);
templateMatches = configTemplateMatchMap.get(key);
}
[200] if (!templateMatches.add(new TemplatePathMatch(sec,
uriTemplate))) {
// Duplicate uriTemplate;
throw new DeploymentException(
sm.getString(serverContainer.duplicatePaths, path,
sec.getEndpointClass(),
sec.getEndpointClass()));
}
}
The problem is on line 200, where we check to see if
templateMatches.add() returns false (meaning that the object we added to
the set replaced one that was already there).
I don't believe this branch can /ever/ be reached because the
TemplatePathMatch class doesn't override Object.equals(), thus no two
objects of that type will ever equal each other. Therefore, a new
TemplatePathMatch object will always be added to the set.
Your analysis is flawed.
The only place values are added to configTemplateMatchMap is on line
197. The value object is always the TreeSet constructed on the previous
line with a TemplatePathMatchComparator.
That TemplatePathMatch doesn't override equals is therefore irrelevant.
The Comparator will always be used.
Mark
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 57707] Execute failed: java.io.IOException: Cannot run program wine
https://bz.apache.org/bugzilla/show_bug.cgi?id=57707 --- Comment #8 from Konstantin Kolinko knst.koli...@gmail.com --- (In reply to Graham Leggett from comment #6) Come on guys, the big exception you get screams this is broken. No it is not. Learn how to read the message. It is in plain English. It says exactly what is broken and what was tried, referencing the exact place (build.xml line 2082). -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1667292 - in /tomcat/trunk/java/org/apache/catalina/authenticator: AuthenticatorBase.java BasicAuthenticator.java DigestAuthenticator.java FormAuthenticator.java SSLAuthenticator.java Spn
Author: markt
Date: Tue Mar 17 12:39:04 2015
New Revision: 1667292
URL: http://svn.apache.org/r1667292
Log:
Pull up common code from the authenticate() method to reduce duplication.
Modified:
tomcat/trunk/java/org/apache/catalina/authenticator/AuthenticatorBase.java
tomcat/trunk/java/org/apache/catalina/authenticator/BasicAuthenticator.java
tomcat/trunk/java/org/apache/catalina/authenticator/DigestAuthenticator.java
tomcat/trunk/java/org/apache/catalina/authenticator/FormAuthenticator.java
tomcat/trunk/java/org/apache/catalina/authenticator/SSLAuthenticator.java
tomcat/trunk/java/org/apache/catalina/authenticator/SpnegoAuthenticator.java
Modified:
tomcat/trunk/java/org/apache/catalina/authenticator/AuthenticatorBase.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/authenticator/AuthenticatorBase.java?rev=1667292r1=1667291r2=1667292view=diff
==
--- tomcat/trunk/java/org/apache/catalina/authenticator/AuthenticatorBase.java
(original)
+++ tomcat/trunk/java/org/apache/catalina/authenticator/AuthenticatorBase.java
Tue Mar 17 12:39:04 2015
@@ -686,6 +686,57 @@ public abstract class AuthenticatorBase
/**
+ * Check to see if the user has already been authenticated earlier in the
+ * processing chain or if there is enough information available to
+ * authenticate the user without requiring further user interaction.
+ *
+ * @param request The current request
+ * @param useSSO Should information available from SSO be used to attempt
+ *to authenticate the current user?
+ *
+ * @return codetrue/code if the user was authenticated via the cache,
+ * otherwise codefalse/code
+ */
+protected boolean checkForCachedAuthentication(Request request, boolean
useSSO) {
+
+// Has the user already been authenticated?
+Principal principal = request.getUserPrincipal();
+String ssoId = (String) request.getNote(Constants.REQ_SSOID_NOTE);
+if (principal != null) {
+if (log.isDebugEnabled()) {
+log.debug(Already authenticated ' + principal.getName() +
');
+}
+// Associate the session with any existing SSO session. Even if
+// useSSO is false, this will ensure coordinated session
+// invalidation at log out.
+if (ssoId != null) {
+associate(ssoId, request.getSessionInternal(true));
+}
+return true;
+}
+
+// Is there an SSO session against which we can try to reauthenticate?
+if (useSSO ssoId != null) {
+if (log.isDebugEnabled()) {
+log.debug(SSO Id + ssoId + set; attempting +
+ reauthentication);
+}
+/* Try to reauthenticate using data cached by SSO. If this fails,
+ either the original SSO logon was of DIGEST or SSL (which
+ we can't reauthenticate ourselves because there is no
+ cached username and password), or the realm denied
+ the user's reauthentication for some reason.
+ In either case we have to prompt the user for a logon */
+if (reauthenticateFromSSO(ssoId, request)) {
+return true;
+}
+}
+
+return false;
+}
+
+
+/**
* Attempts reauthentication to the codeRealm/code using
* the credentials included in argument codeentry/code.
*
Modified:
tomcat/trunk/java/org/apache/catalina/authenticator/BasicAuthenticator.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/authenticator/BasicAuthenticator.java?rev=1667292r1=1667291r2=1667292view=diff
==
--- tomcat/trunk/java/org/apache/catalina/authenticator/BasicAuthenticator.java
(original)
+++ tomcat/trunk/java/org/apache/catalina/authenticator/BasicAuthenticator.java
Tue Mar 17 12:39:04 2015
@@ -63,35 +63,8 @@ public class BasicAuthenticator extends
public boolean authenticate(Request request, HttpServletResponse response)
throws IOException {
-// Have we already authenticated someone?
-Principal principal = request.getUserPrincipal();
-String ssoId = (String) request.getNote(Constants.REQ_SSOID_NOTE);
-if (principal != null) {
-if (log.isDebugEnabled()) {
-log.debug(Already authenticated ' + principal.getName() +
');
-}
-// Associate the session with any existing SSO session
-if (ssoId != null) {
-associate(ssoId, request.getSessionInternal(true));
-}
-return (true);
-}
-
-// Is there an SSO session against which we can try to reauthenticate?
-if (ssoId != null) {
-if
[Bug 57108] Implement multiple sslcontext SNI (server name indication) dispatch
https://bz.apache.org/bugzilla/show_bug.cgi?id=57108 --- Comment #7 from Unlogic unlo...@unlogic.se --- I think that sounds like a very good approach which would be easy to add to existing server configurations. Since a single certificate can contain multiple subject alternative names (http://en.wikipedia.org/wiki/SubjectAltName) which may be very different from each other I would propose to use an approach similar to the way aliases are added to hosts. Connector ... truststoreFile=... (and other truststore attributes) keystoreFile=... (and other keystore attributes) TLSAlias hostname=alternate.hostname truststoreFile=... (and other truststore attributes) keystoreFile=... (and other keystore attributes) [other allowed configuration attributes] Aliassomehost.com/Alias Aliasanotherhost.com/Alias Aliasaverydifferenthost.org/Alias /TLSAlias TLSAlias hostname=alternate.hostname truststoreFile=... (and other truststore attributes) keystoreFile=... (and other keystore attributes) [other allowed configuration attributes] / /Connector -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: Impossible branch in o.a.t.websocket.server.WsServerContainer.addEndpoint
Ping
On 3/9/15 12:19 PM, Christopher Schultz wrote:
All,
I was looking at https://bz.apache.org/bugzilla/show_bug.cgi?id=57676 (a
simple proposed patch to improve an error message) and I was trying to
figure out what to do with a bit of code in addEndpoint. Reading the
code, I think I've spotted a problem:
[187] UriTemplate uriTemplate = new UriTemplate(path);
if (uriTemplate.hasParameters()) {
Integer key = Integer.valueOf(uriTemplate.getSegmentCount());
SortedSetTemplatePathMatch templateMatches =
configTemplateMatchMap.get(key);
if (templateMatches == null) {
// Ensure that if concurrent threads execute this block they
// both end up using the same TreeSet instance
templateMatches = new TreeSet(
TemplatePathMatchComparator.getInstance());
configTemplateMatchMap.putIfAbsent(key, templateMatches);
templateMatches = configTemplateMatchMap.get(key);
}
[200] if (!templateMatches.add(new TemplatePathMatch(sec,
uriTemplate))) {
// Duplicate uriTemplate;
throw new DeploymentException(
sm.getString(serverContainer.duplicatePaths, path,
sec.getEndpointClass(),
sec.getEndpointClass()));
}
}
The problem is on line 200, where we check to see if
templateMatches.add() returns false (meaning that the object we added to
the set replaced one that was already there).
I don't believe this branch can /ever/ be reached because the
TemplatePathMatch class doesn't override Object.equals(), thus no two
objects of that type will ever equal each other. Therefore, a new
TemplatePathMatch object will always be added to the set.
I'm not sure what the implications are of multiple TemplatePathMatch
objects being in that set, but it looks like it's bad (we throw an
exception in that case), so someone with a better understanding of such
things might want to take a look.
(Also, if anyone would care to comment on how to get the pre-existing
match for the error message -- which is different than current-trunk as
it's what I'm working on -- I'd love some insight.)
Thanks,
-chris
signature.asc
Description: OpenPGP digital signature
svn commit: r1667314 - in /tomcat/trunk/java/org/apache/catalina/authenticator: AuthenticatorBase.java BasicAuthenticator.java DigestAuthenticator.java FormAuthenticator.java SSLAuthenticator.java Spn
Author: markt
Date: Tue Mar 17 14:20:59 2015
New Revision: 1667314
URL: http://svn.apache.org/r1667314
Log:
Refactoring (with an eye on 57708)
Don't pass authentication method around unnecessarily.
Remove unnecessary ()
Modified:
tomcat/trunk/java/org/apache/catalina/authenticator/AuthenticatorBase.java
tomcat/trunk/java/org/apache/catalina/authenticator/BasicAuthenticator.java
tomcat/trunk/java/org/apache/catalina/authenticator/DigestAuthenticator.java
tomcat/trunk/java/org/apache/catalina/authenticator/FormAuthenticator.java
tomcat/trunk/java/org/apache/catalina/authenticator/SSLAuthenticator.java
tomcat/trunk/java/org/apache/catalina/authenticator/SpnegoAuthenticator.java
Modified:
tomcat/trunk/java/org/apache/catalina/authenticator/AuthenticatorBase.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/authenticator/AuthenticatorBase.java?rev=1667314r1=1667313r2=1667314view=diff
==
--- tomcat/trunk/java/org/apache/catalina/authenticator/AuthenticatorBase.java
(original)
+++ tomcat/trunk/java/org/apache/catalina/authenticator/AuthenticatorBase.java
Tue Mar 17 14:20:59 2015
@@ -783,22 +783,20 @@ public abstract class AuthenticatorBase
* @param request The servlet request we are processing
* @param response The servlet response we are generating
* @param principal The authenticated Principal to be registered
- * @param authType The authentication type to be registered
* @param username Username used to authenticate (if any)
* @param password Password used to authenticate (if any)
*/
-public void register(Request request, HttpServletResponse response,
-Principal principal, String authType,
+public void register(Request request, HttpServletResponse response,
Principal principal,
String username, String password) {
if (log.isDebugEnabled()) {
String name = (principal == null) ? none : principal.getName();
-log.debug(Authenticated ' + name + ' with type ' + authType +
+log.debug(Authenticated ' + name + ' with type ' +
getAuthMethod() +
');
}
// Cache the authentication information in our request
-request.setAuthType(authType);
+request.setAuthType(getAuthMethod());
request.setUserPrincipal(principal);
Session session = request.getSessionInternal(false);
@@ -824,7 +822,7 @@ public abstract class AuthenticatorBase
// Cache the authentication information in our session, if any
if (cache) {
if (session != null) {
-session.setAuthType(authType);
+session.setAuthType(getAuthMethod());
session.setPrincipal(principal);
if (username != null) {
session.setNote(Constants.SESS_USERNAME_NOTE, username);
@@ -873,7 +871,7 @@ public abstract class AuthenticatorBase
response.addCookie(cookie);
// Register this principal with our SSO valve
-sso.register(ssoId, principal, authType, username, password);
+sso.register(ssoId, principal, getAuthMethod(), username,
password);
request.setNote(Constants.REQ_SSOID_NOTE, ssoId);
} else {
@@ -884,7 +882,7 @@ public abstract class AuthenticatorBase
return;
} else {
// Update the SSO session with the latest authentication data
-sso.update(ssoId, principal, authType, username, password);
+sso.update(ssoId, principal, getAuthMethod(), username,
password);
}
}
@@ -905,8 +903,7 @@ public abstract class AuthenticatorBase
public void login(String username, String password, Request request)
throws ServletException {
Principal principal = doLogin(request, username, password);
-register(request, request.getResponse(), principal,
-getAuthMethod(), username, password);
+register(request, request.getResponse(), principal, username,
password);
}
protected abstract String getAuthMethod();
@@ -931,9 +928,7 @@ public abstract class AuthenticatorBase
@Override
public void logout(Request request) {
-register(request, request.getResponse(), null,
-null, null, null);
-
+register(request, request.getResponse(), null, null, null);
}
/**
Modified:
tomcat/trunk/java/org/apache/catalina/authenticator/BasicAuthenticator.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/authenticator/BasicAuthenticator.java?rev=1667314r1=1667313r2=1667314view=diff
==
--- tomcat/trunk/java/org/apache/catalina/authenticator/BasicAuthenticator.java
Re: [VOTE] Release Apache Standard Taglib 1.2.5
2015-03-10 18:22 GMT+02:00 Jeremy Boynes jboy...@apache.org: The proposed Apache Standard Taglib 1.2.5 release is now available for voting. This release contains two minor bug fixes: 57673 AccessControlException accessing org.apache.taglibs.standard.xml.accessExternalEntity 37466 Reverted changes that overrode HTTP method when importing local resources. It can be obtained from: https://dist.apache.org/repos/dist/dev/tomcat/taglibs/taglibs-standard-1.2.5/ The Maven staging repo is: https://repository.apache.org/content/repositories/orgapachetomcat-1038/ The SVN tag is: http://svn.apache.org/repos/asf/tomcat/taglibs/standard/tags/taglibs-standard-1.2.5/ The proposed 1.2.5 release is: [ ] Broken - do not release [X] Stable - go ahead and release as 1.2.5 Stable Regards, Violeta Thanks Jeremy
Re: WAR FileSystem for fast nested JAR access?
Jeremy, On 3/17/15 2:39 AM, Jeremy Boynes wrote: On Mar 7, 2015, at 10:13 AM, Jeremy Boynes jboy...@apache.org wrote: On Mar 6, 2015, at 7:43 AM, Mark Thomas ma...@apache.org wrote: Interesting. The deciding factor for me will be performance. Keep in mind that we might not need all the API. As long as there is enough to implement WebResourceSet and WebResource, we probably have all we need. I ran a micro-benchmark using the greenhouse WAR associated with the original bug. I instrumented JarWarResource to log all resources opened during startup and record the time. On my system it took ~21,000ms to start the application of which ~16,000ms was spent in getJarInputStreamWrapper(). 2935 resources were opened, primarily class files. I then replayed the log against the sandbox FS. With the current implementation it took ~300ms to open the war, ~350ms to open all the jars, and ~5ms to open all the entries with newInputStream(). I interpret that to mean that there is pretty constant time taken to inflate 15MB of data - the 300ms to scan the archive and the ~350ms to scan each of the jars within (each one that was used at least). The speed up here comes because we only scan each archive once, the downside is the extra memory used to store the inflated data. This is promising enough to me that I’m going to keep exploring. Konstantin’s patch, AIUI, creates an index for each jar which eliminates the need to scan jars on the classpath that don’t contain the class being requested. However, once the classloader has determined the jar file to use we still need to stream through that jar until we reach the desired entry. I think we can avoid that here by digging into the zip file’s internal metadata. Where I am currently streaming the jar to build the directory, with random access I can build an index just by reading the central directory structure. An index entry would contain the name, metadata, and the offset in the archive of the entry’s data. When an entry is opened would we inflate the data so that it could be used to underpin the channel. When the channel is closed the memory would be released. In general, I don’t think there’s a need for the FileSystem to retain inflated data after the channel is closed. This would be particularly true for the leaf resources which are not likely to be reused; for example, once a ClassLoader has used the .class file to define the Class or once a framework has processed a .xml config file then neither will need it again. However, I think the WAR ClassLoader would benefit from keeping the JAR files on the classpath open to avoid re-inflating them. The pattern though would be bursty e.g. lots of class loads during startup followed by quiescence. I can think of two ways to handle that: 1) FileSystem has maintains a cache of inflated entries much like a disk filesystem has buffers The FileSystem would be responsible for evictions, perhaps on a LRU or timed basis. 2) Having the classloader keep the JARs opened/mounted after loading a resource until such time as it thinks quiescence is reached. It would then unmount JARs to free the memory. We could do both as they don’t conflict. Next step will be to look into building the index directly from the archive’s central directory rather than by streaming it. Next step was actually just to verify that we could make a URLClassLoader work with this API. I got this to work by turning the path URIs into collection URLs (ending in ‘/‘) which prevented the classloader from trying to open them as JarFiles. The classloader works but the classpath search is pretty inefficient relying on UrlConnection#getInputStream throwing an Exception to detect if a resource exists. Using it to load the 2935 resources from before took ~1900ms even after the jars had been indexed. getInputStream() was called ~120,000 times as the classpath was scanned, i.e. 15us per check with an average of ~40 checks per resource which seems about right for a classpath that contains 73 jars. An obvious solution to avoid the repeated search would be to union the jars’ directories into a single index. I may try this with a PathClassLoader that operates using a list of Paths rather than URLs. I just wanted to let you know that I'm reading these with interest. I'm anxious to find out if this is going to pan-out. -chris signature.asc Description: OpenPGP digital signature
[Bug 57707] Execute failed: java.io.IOException: Cannot run program wine
https://bz.apache.org/bugzilla/show_bug.cgi?id=57707 --- Comment #7 from Christopher Schultz ch...@christopherschultz.net --- (In reply to Graham Leggett from comment #6) Come on guys, the big exception you get screams this is broken. Throw the end user a bone and give them a message of some kind, even if that message is this is intentional. +0 The idea that you have to go off and read some obscure document before you can build something is totally unreasonable. In the automake world I just run make dist and I have a release. In the maven world I run mvn release:prepare release:perform and I have a release. I think you misunderstand what release means, here. When you do an ant release for Tomcat, you are building a complete release for voting and ultimately, publication. If you aren't a Tomcat committer, there's really no reason to be running ant release unless a) you intend to actually build a set of release-quality artifacts for Tomcat and b) you know what you are doing. Using ant -projecthelp has this to say about the release target: release Create a Tomcat packaged distribution The default target is deploy, which says this: deploy Default. Builds a working Tomcat instance I'm pretty sure that's what you are looking for. Obviously the release is incomplete if you've added a skip option, that's not a justification for wasting the end user's time. Why is an end user trying to do a release build, anyway? -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 57108] Implement multiple sslcontext SNI (server name indication) dispatch
https://bz.apache.org/bugzilla/show_bug.cgi?id=57108 --- Comment #8 from Christopher Schultz ch...@christopherschultz.net --- That sounds reasonable to me. Since the configuration for each hostname would need to be maintained separately, being able to tie several hostnames together would be beneficial. On the other hand, if regular expressions are used for hostnames, the complxity can be handled there instead of in a slightly larger look-up table with aliases, etc. Honestly, even though I mentioned it as a possibility, I think that the use of regular expressions for hostname matching is probably more overhead than anyone wants to perform for every TLS request that comes through the door. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[GUMP@vmgump]: Project tomcat-tc7.0.x-test-bio (in module tomcat-7.0.x) failed
To whom it may engage... This is an automated request, but not an unsolicited one. For more information please visit http://gump.apache.org/nagged.html, and/or contact the folk at gene...@gump.apache.org. Project tomcat-tc7.0.x-test-bio has an issue affecting its community integration. This issue affects 1 projects. The current state of this project is 'Failed', with reason 'Build Failed'. For reference only, the following projects are affected by this: - tomcat-tc7.0.x-test-bio : Tomcat 7.x, a web server implementing Java Servlet 3.0, ... Full details are available at: http://vmgump.apache.org/gump/public/tomcat-7.0.x/tomcat-tc7.0.x-test-bio/index.html That said, some information snippets are provided here. The following annotations (debug/informational/warning/error messages) were provided: -DEBUG- Dependency on tomcat-tc7.0.x-dbcp exists, no need to add for property tomcat-dbcp-src.jar. -DEBUG- Dependency on commons-daemon exists, no need to add for property commons-daemon.native.src.tgz. -DEBUG- Dependency on commons-daemon exists, no need to add for property tomcat-native.tar.gz. -DEBUG- Dependency on tomcat-tc7.0.x-dbcp exists, no need to add for property tomcat-dbcp.home. -INFO- Failed with reason build failed -INFO- Project Reports in: /srv/gump/public/workspace/tomcat-7.0.x/output/logs-BIO -INFO- Project Reports in: /srv/gump/public/workspace/tomcat-7.0.x/output/test-tmp-BIO/logs The following work was performed: http://vmgump.apache.org/gump/public/tomcat-7.0.x/tomcat-tc7.0.x-test-bio/gump_work/build_tomcat-7.0.x_tomcat-tc7.0.x-test-bio.html Work Name: build_tomcat-7.0.x_tomcat-tc7.0.x-test-bio (Type: Build) Work ended in a state of : Failed Elapsed: 43 mins 57 secs Command Line: /usr/lib/jvm/java-8-oracle/bin/java -Djava.awt.headless=true -Dbuild.sysclasspath=only org.apache.tools.ant.Main -Dgump.merge=/srv/gump/public/gump/work/merge.xml -Djunit.jar=/srv/gump/public/workspace/junit/target/junit-4.13-SNAPSHOT.jar -Dcommons-daemon.native.src.tgz=/srv/gump/public/workspace/apache-commons/daemon/dist/bin/commons-daemon-20150317-native-src.tar.gz -Dtest.reports=output/logs-BIO -Dtomcat-native.tar.gz=/srv/gump/public/workspace/apache-commons/daemon/dist/bin/commons-daemon-20150317-native-src.tar.gz -Dexamples.sources.skip=true -Dtomcat-dbcp.home=/srv/gump/public/workspace/tomcat-7.0.x/tomcat-deps -Djdt.jar=/srv/gump/packages/eclipse/plugins/R-4.4-201406061215/ecj-4.4.jar -Dcommons-daemon.jar=/srv/gump/public/workspace/apache-commons/daemon/dist/commons-daemon-20150317.jar -Dtomcat-dbcp-src.jar=/srv/gump/public/workspace/tomcat-7.0.x/tomcat-deps/tomcat-dbcp-src.jar -Dexecute.test.nio=false -Dtest.accesslog=true -Dcommons-pool.home=/srv/gump/public/wo rkspace/commons-pool-1.x -Dcommons-dbcp.home=/srv/gump/public/workspace/commons-dbcp-1.x -Dexecute.test.apr=false -Dexecute.test.bio=true -Dtomcat-dbcp.jar=/srv/gump/public/workspace/tomcat-7.0.x/tomcat-deps/tomcat-dbcp-20150317.jar -Dtest.temp=output/test-tmp-BIO -Dhamcrest.jar=/srv/gump/packages/hamcrest/hamcrest-core-1.3.jar test [Working Directory: /srv/gump/public/workspace/tomcat-7.0.x] CLASSPATH: /usr/lib/jvm/java-8-oracle/lib/tools.jar:/srv/gump/public/workspace/tomcat-7.0.x/output/build/webapps/examples/WEB-INF/classes:/srv/gump/public/workspace/tomcat-7.0.x/output/testclasses:/srv/gump/public/workspace/ant/dist/lib/ant.jar:/srv/gump/public/workspace/ant/dist/lib/ant-launcher.jar:/srv/gump/public/workspace/ant/dist/lib/ant-jmf.jar:/srv/gump/public/workspace/ant/dist/lib/ant-junit.jar:/srv/gump/public/workspace/ant/dist/lib/ant-junit4.jar:/srv/gump/public/workspace/ant/dist/lib/ant-swing.jar:/srv/gump/public/workspace/ant/dist/lib/ant-apache-resolver.jar:/srv/gump/public/workspace/ant/dist/lib/ant-apache-xalan2.jar:/srv/gump/public/workspace/xml-commons/java/build/resolver.jar:/srv/gump/public/workspace/tomcat-7.0.x/output/build/bin/bootstrap.jar:/srv/gump/public/workspace/tomcat-7.0.x/output/build/bin/tomcat-juli.jar:/srv/gump/public/workspace/tomcat-7.0.x/output/build/lib/annotations-api.jar:/srv/gump/public/workspace/tomcat-7.0.x/output/build/lib/servlet-api.ja r:/srv/gump/public/workspace/tomcat-7.0.x/output/build/lib/jsp-api.jar:/srv/gump/public/workspace/tomcat-7.0.x/output/build/lib/el-api.jar:/srv/gump/public/workspace/tomcat-7.0.x/output/build/lib/catalina.jar:/srv/gump/public/workspace/tomcat-7.0.x/output/build/lib/catalina-ant.jar:/srv/gump/public/workspace/tomcat-7.0.x/output/build/lib/tomcat-coyote.jar:/srv/gump/public/workspace/tomcat-7.0.x/output/build/lib/jasper.jar:/srv/gump/public/workspace/tomcat-7.0.x/output/build/lib/jasper-el.jar:/srv/gump/public/workspace/tomcat-7.0.x/output/build/lib/catalina-tribes.jar:/srv/gump/public/workspace/tomcat-7.0.x/output/build/lib/catalina-ha.jar:/srv/gump/public/workspace/tomcat-7.0.x/output/build/lib/tomcat-api.jar:/srv/gump/public/workspace/tomcat-7.0.x/output/build/lib/tomcat-util.jar:/srv/gump/public/workspace/tomcat
[GUMP@vmgump]: Project tomcat-tc8.0.x-test-nio2 (in module tomcat-8.0.x) failed
To whom it may engage... This is an automated request, but not an unsolicited one. For more information please visit http://gump.apache.org/nagged.html, and/or contact the folk at gene...@gump.apache.org. Project tomcat-tc8.0.x-test-nio2 has an issue affecting its community integration. This issue affects 1 projects. The current state of this project is 'Failed', with reason 'Build Failed'. For reference only, the following projects are affected by this: - tomcat-tc8.0.x-test-nio2 : Tomcat 8.x, a web server implementing the Java Servlet 3.1, ... Full details are available at: http://vmgump.apache.org/gump/public/tomcat-8.0.x/tomcat-tc8.0.x-test-nio2/index.html That said, some information snippets are provided here. The following annotations (debug/informational/warning/error messages) were provided: -DEBUG- Dependency on commons-daemon exists, no need to add for property commons-daemon.native.src.tgz. -DEBUG- Dependency on commons-daemon exists, no need to add for property tomcat-native.tar.gz. -INFO- Failed with reason build failed -INFO- Project Reports in: /srv/gump/public/workspace/tomcat-8.0.x/output/logs-NIO2 -INFO- Project Reports in: /srv/gump/public/workspace/tomcat-8.0.x/output/test-tmp-NIO2/logs The following work was performed: http://vmgump.apache.org/gump/public/tomcat-8.0.x/tomcat-tc8.0.x-test-nio2/gump_work/build_tomcat-8.0.x_tomcat-tc8.0.x-test-nio2.html Work Name: build_tomcat-8.0.x_tomcat-tc8.0.x-test-nio2 (Type: Build) Work ended in a state of : Failed Elapsed: 54 mins 5 secs Command Line: /usr/lib/jvm/java-8-oracle/bin/java -Djava.awt.headless=true -Dbuild.sysclasspath=only org.apache.tools.ant.Main -Dgump.merge=/srv/gump/public/gump/work/merge.xml -Djunit.jar=/srv/gump/public/workspace/junit/target/junit-4.13-SNAPSHOT.jar -Dobjenesis.jar=/srv/gump/public/workspace/objenesis/main/target/objenesis-2.2-SNAPSHOT.jar -Dtest.reports=output/logs-NIO2 -Dtomcat-native.tar.gz=/srv/gump/public/workspace/apache-commons/daemon/dist/bin/commons-daemon-20150318-native-src.tar.gz -Dexamples.sources.skip=true -Djdt.jar=/srv/gump/packages/eclipse/plugins/R-4.4-201406061215/ecj-4.4.jar -Dcommons-daemon.jar=/srv/gump/public/workspace/apache-commons/daemon/dist/commons-daemon-20150318.jar -Dcommons-daemon.native.src.tgz=/srv/gump/public/workspace/apache-commons/daemon/dist/bin/commons-daemon-20150318-native-src.tar.gz -Dtest.temp=output/test-tmp-NIO2 -Dtest.accesslog=true -Dexecute.test.nio=false -Dtest.openssl.path=/srv/gump/public/workspace/openssl-1.0.2/dest-20150318/bin /openssl -Dexecute.test.apr=false -Dexecute.test.bio=false -Dexecute.test.nio2=true -Deasymock.jar=/srv/gump/public/workspace/easymock/easymock/target/easymock-3.4-SNAPSHOT.jar -Dhamcrest.jar=/srv/gump/packages/hamcrest/hamcrest-core-1.3.jar -Dcglib.jar=/srv/gump/packages/cglib/cglib-nodep-2.2.jar test [Working Directory: /srv/gump/public/workspace/tomcat-8.0.x] CLASSPATH: /usr/lib/jvm/java-8-oracle/lib/tools.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/webapps/examples/WEB-INF/classes:/srv/gump/public/workspace/tomcat-8.0.x/output/testclasses:/srv/gump/public/workspace/ant/dist/lib/ant.jar:/srv/gump/public/workspace/ant/dist/lib/ant-launcher.jar:/srv/gump/public/workspace/ant/dist/lib/ant-jmf.jar:/srv/gump/public/workspace/ant/dist/lib/ant-junit.jar:/srv/gump/public/workspace/ant/dist/lib/ant-junit4.jar:/srv/gump/public/workspace/ant/dist/lib/ant-swing.jar:/srv/gump/public/workspace/ant/dist/lib/ant-apache-resolver.jar:/srv/gump/public/workspace/ant/dist/lib/ant-apache-xalan2.jar:/srv/gump/public/workspace/xml-commons/java/build/resolver.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/bin/bootstrap.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/bin/tomcat-juli.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/lib/annotations-api.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/lib/servlet-api.ja r:/srv/gump/public/workspace/tomcat-8.0.x/output/build/lib/jsp-api.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/lib/el-api.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/lib/websocket-api.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/lib/catalina.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/lib/catalina-ant.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/lib/catalina-storeconfig.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/lib/tomcat-coyote.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/lib/jasper.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/lib/jasper-el.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/lib/catalina-tribes.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/lib/catalina-ha.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/lib/tomcat-api.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/lib/tomcat-jni.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/bu
