[GUMP@vmgump]: Project tomcat-trunk-test-apr (in module tomcat-trunk) failed

2015-05-06 Thread Bill Barker 
To whom it may engage...

This is an automated request, but not an unsolicited one. For 
more information please visit http://gump.apache.org/nagged.html, 
and/or contact the folk at gene...@gump.apache.org.

Project tomcat-trunk-test-apr has an issue affecting its community integration.
This issue affects 1 projects,
 and has been outstanding for 31 runs.
The current state of this project is 'Failed', with reason 'Build Failed'.
For reference only, the following projects are affected by this:
- tomcat-trunk-test-apr :  Tomcat 9.x, a web server implementing the Java 
Servlet 4.0,
...


Full details are available at:

http://vmgump.apache.org/gump/public/tomcat-trunk/tomcat-trunk-test-apr/index.html

That said, some information snippets are provided here.

The following annotations (debug/informational/warning/error messages) were 
provided:
 -DEBUG- Dependency on commons-daemon exists, no need to add for property 
commons-daemon.native.src.tgz.
 -DEBUG- Dependency on commons-daemon exists, no need to add for property 
tomcat-native.tar.gz.
 -INFO- Failed with reason build failed
 -INFO- Project Reports in: 
/srv/gump/public/workspace/tomcat-trunk/output/logs-APR
 -INFO- Project Reports in: 
/srv/gump/public/workspace/tomcat-trunk/output/test-tmp-APR/logs



The following work was performed:
http://vmgump.apache.org/gump/public/tomcat-trunk/tomcat-trunk-test-apr/gump_work/build_tomcat-trunk_tomcat-trunk-test-apr.html
Work Name: build_tomcat-trunk_tomcat-trunk-test-apr (Type: Build)
Work ended in a state of : Failed
Elapsed: 35 mins 57 secs
Command Line: /usr/lib/jvm/java-8-oracle/bin/java -Djava.awt.headless=true 
-Dbuild.sysclasspath=only org.apache.tools.ant.Main 
-Dgump.merge=/srv/gump/public/gump/work/merge.xml 
-Djunit.jar=/srv/gump/public/workspace/junit/target/junit-4.13-SNAPSHOT.jar 
-Dobjenesis.jar=/srv/gump/public/workspace/objenesis/main/target/objenesis-2.2-SNAPSHOT.jar
 -Dtest.reports=output/logs-APR 
-Dtomcat-native.tar.gz=/srv/gump/public/workspace/apache-commons/daemon/dist/bin/commons-daemon-20150506-native-src.tar.gz
 -Dexamples.sources.skip=true 
-Djdt.jar=/srv/gump/packages/eclipse/plugins/R-4.4-201406061215/ecj-4.4.jar 
-Dtest.apr.loc=/srv/gump/public/workspace/tomcat-native-trunk/dest-20150506/lib 
-Dcommons-daemon.jar=/srv/gump/public/workspace/apache-commons/daemon/dist/commons-daemon-20150506.jar
 
-Dcommons-daemon.native.src.tgz=/srv/gump/public/workspace/apache-commons/daemon/dist/bin/commons-daemon-20150506-native-src.tar.gz
 -Dtest.temp=output/test-tmp-APR -Dtest.accesslog=true -Dexecute.test.nio=false 
 
-Dtest.openssl.path=/srv/gump/public/workspace/openssl-master/dest-20150506/bin/openssl
 -Dexecute.test.apr=true -Dtest.excludePerformance=true 
-Dexecute.test.nio2=false 
-Deasymock.jar=/srv/gump/public/workspace/easymock/easymock/target/easymock-3.4-SNAPSHOT.jar
 -Dhamcrest.jar=/srv/gump/packages/hamcrest/hamcrest-core-1.3.jar 
-Dcglib.jar=/srv/gump/packages/cglib/cglib-nodep-2.2.jar test 
[Working Directory: /srv/gump/public/workspace/tomcat-trunk]
CLASSPATH: 
/usr/lib/jvm/java-8-oracle/lib/tools.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/webapps/examples/WEB-INF/classes:/srv/gump/public/workspace/tomcat-trunk/output/testclasses:/srv/gump/public/workspace/ant/dist/lib/ant.jar:/srv/gump/public/workspace/ant/dist/lib/ant-launcher.jar:/srv/gump/public/workspace/ant/dist/lib/ant-jmf.jar:/srv/gump/public/workspace/ant/dist/lib/ant-junit.jar:/srv/gump/public/workspace/ant/dist/lib/ant-junit4.jar:/srv/gump/public/workspace/ant/dist/lib/ant-swing.jar:/srv/gump/public/workspace/ant/dist/lib/ant-apache-resolver.jar:/srv/gump/public/workspace/ant/dist/lib/ant-apache-xalan2.jar:/srv/gump/public/workspace/xml-commons/java/build/resolver.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/bin/bootstrap.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/bin/tomcat-juli.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/annotations-api.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/servlet-api.ja
 
r:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/jsp-api.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/el-api.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/websocket-api.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/catalina.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/catalina-ant.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/catalina-storeconfig.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/tomcat-coyote.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/jasper.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/jasper-el.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/catalina-tribes.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/catalina-ha.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/tomcat-api.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/tomcat

svn commit: r1677930 - /tomcat/trunk/webapps/docs/config/ajp.xml

2015-05-06 Thread markt 
Author: markt
Date: Wed May  6 06:22:14 2015
New Revision: 1677930

URL: http://svn.apache.org/r1677930
Log:
Remove another socketWrapperCache identified in a kkolinko review

Modified:
tomcat/trunk/webapps/docs/config/ajp.xml

Modified: tomcat/trunk/webapps/docs/config/ajp.xml
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/config/ajp.xml?rev=1677930r1=1677929r2=1677930view=diff
==
--- tomcat/trunk/webapps/docs/config/ajp.xml (original)
+++ tomcat/trunk/webapps/docs/config/ajp.xml Wed May  6 06:22:14 2015
@@ -689,13 +689,6 @@
 code-1/code for unlimited cache and code0/code for no 
cache./p
   /attribute
 
-  attribute name=socket.socketWrapperCache required=false
-p(int)Tomcat will cache SocketWrapper objects to reduce garbage
-collection. The integer value specifies how many objects to keep in the
-cache at most. The default is code500/code. Other values are
-code-1/code for unlimited cache and code0/code for no 
cache./p
-  /attribute
-
 /attributes
   /subsection
 



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: svn commit: r1677840 - in /tomcat/trunk: java/org/apache/tomcat/util/net/SocketProperties.java webapps/docs/config/http.xml

2015-05-06 Thread Mark Thomas 
On 06/05/2015 03:03, Konstantin Kolinko wrote:
 2015-05-05 18:36 GMT+03:00  ma...@apache.org:
 Author: markt
 Date: Tue May  5 15:36:31 2015
 New Revision: 1677840

 URL: http://svn.apache.org/r1677840
 Log:
 Remove unused property (SocketWrappers are no longer reused)

 Modified:
 tomcat/trunk/java/org/apache/tomcat/util/net/SocketProperties.java
 tomcat/trunk/webapps/docs/config/http.xml
 
 Searching for socketWrapperCache, it is also mentioned in config/ajp.xml

Removed. Thanks.

Mark

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 57892] Log once a warning if a symbolic link is ignored (e.g. to web.xml )

2015-05-06 Thread bugzilla 
https://bz.apache.org/bugzilla/show_bug.cgi?id=57892

Ralf Hauser hau...@acm.org changed:

   What|Removed |Added

Summary|Log a warning if web.xml is |Log once a warning if a
   |a symbolic link that is |symbolic link is ignored
   |ignored |(e.g. to web.xml )

-- 
You are receiving this mail because:
You are the assignee for the bug.

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

buildbot exception in ASF Buildbot on tomcat-trunk

2015-05-06 Thread buildbot 
The Buildbot has detected a build exception on builder tomcat-trunk while 
building ASF Buildbot. Full details are available at:
http://ci.apache.org/builders/tomcat-trunk/builds/1191

Buildbot URL: http://ci.apache.org/

Buildslave for this Build: silvanus_ubuntu

Build Reason: The AnyBranchScheduler scheduler named 'on-tomcat-commit' 
triggered this build
Build Source Stamp: [branch tomcat/trunk] 1677930
Blamelist: markt

BUILD FAILED: exception upload_2

Sincerely,
 -The Buildbot




-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

svn commit: r1677967 - in /tomcat/tc8.0.x/trunk: ./ java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java webapps/docs/changelog.xml

2015-05-06 Thread markt 
Author: markt
Date: Wed May  6 12:34:05 2015
New Revision: 1677967

URL: http://svn.apache.org/r1677967
Log:
Use the truststoreProvider rather than the keystoreProvider for the trust 
manager

Modified:
tomcat/tc8.0.x/trunk/   (props changed)

tomcat/tc8.0.x/trunk/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java
tomcat/tc8.0.x/trunk/webapps/docs/changelog.xml

Propchange: tomcat/tc8.0.x/trunk/
--
--- svn:mergeinfo (original)
+++ svn:mergeinfo Wed May  6 12:34:05 2015
@@ -1 +1 @@
-/tomcat/trunk:1636524,1637156,1637176,1637188,1637331,1637684,1637695,1638720-1638725,1639653,1640010,1640083-1640084,1640088,1640275,1640322,1640347,1640361,1640365,1640403,1640410,1640652,1640655-1640658,1640688,1640700-1640883,1640903,1640976,1640978,1641000,1641026,1641038-1641039,1641051-1641052,1641058,1641064,1641300,1641369,1641374,1641380,1641486,1641634,1641656-1641692,1641704,1641707-1641718,1641720-1641722,1641735,1641981,1642233,1642280,1642554,1642564,1642595,1642606,1642668,1642679,1642697,1642699,1642766,1643002,1643045,1643054-1643055,1643066,1643121,1643128,1643206,1643209-1643210,1643216,1643249,1643270,1643283,1643309-1643310,1643323,1643365-1643366,1643370-1643371,1643465,1643474,1643536,1643570,1643634,1643649,1643651,1643654,1643675,1643731,1643733-1643734,1643761,1643766,1643814,1643937,1643963,1644017,1644169,1644201-1644203,1644321,1644323,1644516,1644523,1644529,1644535,1644730,1644768,1644784-1644785,1644790,1644793,1644815,1644884,1644886,1644890,1644892
 
,1644910,1644924,1644929-1644930,1644935,1644989,1645011,1645247,1645355,1645357-1645358,1645455,1645465,1645469,1645471,1645473,1645475,1645486-1645488,1645626,1645641,1645685,1645743,1645763,1645951-1645953,1645955,1645993,1646098-1646106,1646178,1646220,1646302,1646304,1646420,1646470-1646471,1646476,1646559,1646717-1646723,1646773,1647026,1647042,1647530,1647655,1648304,1648815,1648907,1650081,1650365,1651116,1651120,1651280,1651470,1652938,1652970,1653041,1653471,1653550,1653574,1653797,1653815-1653816,1653819,1653840,1653857,1653888,1653972,1654013,1654030,1654050,1654123,1654148,1654159,1654513,1654515,1654517,1654522,1654524,1654725,1654735,1654766,1654785,1654851-1654852,1654978,1655122-1655124,1655126-1655127,1655129-1655130,1655132-1655133,1655312,1655438,1655441,1655454,168,1656087,1656299,1656319,1656331,1656345,1656350,1656590,1656648-1656650,1656657,1657041,1657054,1657374,1657492,1657510,1657565,1657580,1657584,1657586,1657589,1657592,1657607,1657609,1657682,1657
 
907,1658207,1658734,1658781,1658790,1658799,1658802,1658804,1658833,1658840,1658966,1659043,1659053,1659059,1659188-1659189,1659216,1659263,1659293,1659304,1659306-1659307,1659382,1659384,1659428,1659471,1659486,1659505,1659516,1659521,1659524,1659559,1659562,1659803,1659806,1659814,1659833,1659862,1659905,1659919,1659948,1659967,1659983-1659984,1660060,1660074,1660077,1660133,1660168,1660331-1660332,1660353,1660358,1660924,1661386,1661867,1661972,1661990,1662200,1662308-1662309,1662548,1662614,1662736,1662985,1662988-1662989,1663264,1663277,1663298,1663534,1663562,1663676,1663715,1663754,1663768,1663772,1663781,1663893,1663995,1664143,1664163,1664174,1664301,1664317,1664347,1664657,1664659,1664710,1664863-1664864,1664866,1665085,1665292,1665559,1665653,1665661,1665672,1665694,1665697,1665736,1665779,1665976-1665977,1665980-1665981,1665985-1665986,1665989,1665998,1666004,1666008,1666013,1666017,1666024,1666116,1666386-1666387,1666494,1666496,1666552,1666569,1666579,137,149,1
 
666757,1666966,1666972,1666985,1666995,1666997,1667292,1667402,1667406,1667546,1667615,1667630,1667636,1667688,1667764,1667871,1668026,1668135,1668193,1668593,1668596,1668630,1668639,1668843,1669353,1669370,1669451,1669800,1669838,1669876,1669882,1670394,1670433,1670591,1670598-1670600,1670610,1670631,1670719,1670724,1670726,1670730,1670940,1671112,1672272,1672284,1673754,1674294,1675461,1675486,1675594,1675830,1676231,1676250-1676251,1676364,1676381,1676393,1676479,1676525,1676552,1676615,1676630,1676634,1676721,1676926,1676943,1677140,1677802

svn commit: r1677976 - /tomcat/tc6.0.x/trunk/STATUS.txt

2015-05-06 Thread markt 
Author: markt
Date: Wed May  6 12:39:18 2015
New Revision: 1677976

URL: http://svn.apache.org/r1677976
Log:
Vote

Modified:
tomcat/tc6.0.x/trunk/STATUS.txt

Modified: tomcat/tc6.0.x/trunk/STATUS.txt
URL: 
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/STATUS.txt?rev=1677976r1=1677975r2=1677976view=diff
==
--- tomcat/tc6.0.x/trunk/STATUS.txt (original)
+++ tomcat/tc6.0.x/trunk/STATUS.txt Wed May  6 12:39:18 2015
@@ -66,7 +66,7 @@ PATCHES PROPOSED TO BACKPORT:
  http://svn.apache.org/r1672285
   tc7  : http://svn.apache.org/r1672274
  http://svn.apache.org/r1672286
-  +1: rjung, kkolinko
+  +1: rjung, kkolinko, markt
   -1:
 
 



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: svn commit: r1675198 - in /tomcat/trunk: java/org/apache/tomcat/util/net/AprEndpoint.java java/org/apache/tomcat/util/net/SSLHostConfig.java webapps/docs/config/http.xml

2015-05-06 Thread Mark Thomas 
On 06/05/2015 02:24, Konstantin Kolinko wrote:
 2015-04-21 23:56 GMT+03:00  ma...@apache.org:
 Author: markt
 Date: Tue Apr 21 20:56:14 2015
 New Revision: 1675198

 URL: http://svn.apache.org/r1675198
 Log:
 Document the protocols attribute for SSLHostConfig and align the 
 implementation with it.

 Modified:
 tomcat/trunk/java/org/apache/tomcat/util/net/AprEndpoint.java
 tomcat/trunk/java/org/apache/tomcat/util/net/SSLHostConfig.java
 tomcat/trunk/webapps/docs/config/http.xml

 
 (...)
 
 Modified: tomcat/trunk/webapps/docs/config/http.xml
 URL: 
 http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/config/http.xml?rev=1675198r1=1675197r2=1675198view=diff
 ==
 --- tomcat/trunk/webapps/docs/config/http.xml (original)
 +++ tomcat/trunk/webapps/docs/config/http.xml Tue Apr 21 20:56:14 2015
 @@ -1050,7 +1050,7 @@

attributes

 -attribute name=hostName required=true
 +attribute name=hostName required=false
pThe name of the SSL Host. This should either be the fully qualified
domain name (e.g. codetomcat.apache.org/code) or a wild card 
 domain
name (e.g. code*.apache.org/code). If not specified, the default 
 value
 @@ -1058,7 +1058,20 @@
  /attribute

  attribute name=protocols required=false
 -  p/p
 +  pThe names of the protocols to support when communicating with 
 clients.
 +  This should be a comma separated list of any combination of the 
 following:
 +  /p
 +  ulliSSLv2Hello/liliSSLv2/liliSSLv3/liliTLSv1/li
 +  liTLSv1.1/liliTLSv1.2/liliall/li/ul
 +  pNote that OpenSSL based secure connectors will always support
 +  codeSSLv2Hello/code regardless of whether or not it is included 
 in the
 +  value for this attribute./p
 +  pNote that codeall/code is an alias for
 +  codeTLSv1,TLSv1.1,TLSv1.2/code./p
 +  pNote that codeSSLv2/code and codeSSLv3/code are inherently
 +  unsafe./p
 +  pIf not specified, the default value of codeall/code will be
 +  used./p
  /attribute
 
 
 
 
 As far as I remember from reading the source code, the above phrase
 Note that OpenSSL based secure connectors will always support
 SSLv2Hello regardless of whether or not it is included in the value
 for this attribute. about protocols attribute is not true.
 
 
 I think that it works as following:
 
 1) If protocols includes several protocols (like in
 TLSv1,TLSv1.1,TLSv1.2) then OpenSSL configures a generic handshake
 method that supports SSLv2Hello.
 
 2) If protocols includes only one protocol (e.g. TLSv1 or
 TLSv1.2), it configures a handshake method for that specific
 protocol,  and SSLv2Hello is not enabled.
 
 In our sslcontext.c of Tomcat-Native 1.1.x:
 
 The case of 1) uses
 ctx = SSL_CTX_new(SSLv23_server_method());
 
 The case of 2) uses
 ctx = SSL_CTX_new(TLSv1_2_server_method());
 ctx = SSL_CTX_new(TLSv1_1_server_method());
 ctx = SSL_CTX_new(TLSv1_server_method());
 etc.

Interesting. I should be able to change things so both JSSE and OpenSSL
based connectors work the same way. I'll take a look.

Mark


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 57802] Compatibility with ICEfaces 1.8 over JSF 1.1 apps

2015-05-06 Thread bugzilla 
https://bz.apache.org/bugzilla/show_bug.cgi?id=57802

--- Comment #19 from Patrick WENDJI wlpa2...@gmail.com ---
(In reply to Mark Thomas from comment #18)
 Thanks for the test case.
 
 Your analysis was heading in the right direction but missed the real root
 cause. The problem was the incorrect default implementation of
 ELResolver.convertToType(). It failed to call
 context.setPropertyResolved(false). This meant older ELResolver
 implementations that inherited this method would return null and if
 ELContext.getPropertyResolved() was true, that null was treated as a valid
 conversion triggering the NPE.
 
 This has been fixed in trunk and 8.0.x for 8.0.23 onwards.

I hope I helped. When will Tomcat 8.0.23 be released?

-- 
You are receiving this mail because:
You are the assignee for the bug.

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

svn commit: r1677974 - /tomcat/tc6.0.x/trunk/STATUS.txt

2015-05-06 Thread markt 
Author: markt
Date: Wed May  6 12:38:16 2015
New Revision: 1677974

URL: http://svn.apache.org/r1677974
Log:
Proposal

Modified:
tomcat/tc6.0.x/trunk/STATUS.txt

Modified: tomcat/tc6.0.x/trunk/STATUS.txt
URL: 
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/STATUS.txt?rev=1677974r1=1677973r2=1677974view=diff
==
--- tomcat/tc6.0.x/trunk/STATUS.txt (original)
+++ tomcat/tc6.0.x/trunk/STATUS.txt Wed May  6 12:38:16 2015
@@ -69,6 +69,14 @@ PATCHES PROPOSED TO BACKPORT:
   +1: rjung, kkolinko
   -1:
 
+
+* Use the truststoreProvider rather than the keystoreProvider for the trust
+  manager
+  http://svn.apache.org/r1677971
+  +1: markt
+  -1:
+
+
 PATCHES/ISSUES THAT ARE STALLED:
 
 * Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=44312



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: svn commit: r1677884 - in /tomcat/trunk: java/org/apache/coyote/http11/ java/org/apache/tomcat/util/net/ java/org/apache/tomcat/util/net/jsse/ webapps/docs/config/

2015-05-06 Thread Mark Thomas 
On 06/05/2015 02:55, Konstantin Kolinko wrote:
 2015-05-05 22:48 GMT+03:00  ma...@apache.org:
 Author: markt
 Date: Tue May  5 19:48:53 2015
 New Revision: 1677884

 URL: http://svn.apache.org/r1677884
 Log:
 Move alias, keystoreType and keystoreProvider to SSlHostConfig

 Modified:
 
 tomcat/trunk/java/org/apache/coyote/http11/AbstractHttp11JsseProtocol.java
 tomcat/trunk/java/org/apache/coyote/http11/AbstractHttp11Protocol.java
 tomcat/trunk/java/org/apache/tomcat/util/net/AbstractEndpoint.java
 tomcat/trunk/java/org/apache/tomcat/util/net/AbstractJsseEndpoint.java
 tomcat/trunk/java/org/apache/tomcat/util/net/SSLHostConfig.java
 tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java
 tomcat/trunk/webapps/docs/config/http.xml

 
 Modified: 
 tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java
 URL: 
 http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java?rev=1677884r1=1677883r2=1677884view=diff
 ==
 --- tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java 
 (original)
 +++ tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java 
 Tue May  5 19:48:53 2015
 @@ -337,13 +337,14 @@ public class JSSESocketFactory implement

  @Override
  public KeyManager[] getKeyManagers() throws Exception {
 -String keystoreType = endpoint.getKeystoreType();
 +String keystoreType = sslHostConfig.getCertificateKeystoreType();
  if (keystoreType == null) {
  keystoreType = defaultKeystoreType;
  }

 -return getKeyManagers(keystoreType, endpoint.getKeystoreProvider(),
 -sslHostConfig.getKeyManagerAlgorithm(), 
 endpoint.getKeyAlias());
 +return getKeyManagers(keystoreType, 
 sslHostConfig.getCertificateKeystoreProvider(),
 +sslHostConfig.getKeyManagerAlgorithm(),
 +sslHostConfig.getCertificateKeyAlias());
  }

  @Override
 @@ -353,7 +354,7 @@ public class JSSESocketFactory implement
  truststoreType = 
 System.getProperty(javax.net.ssl.trustStoreType);
  }
  if (truststoreType == null) {
 -truststoreType = endpoint.getKeystoreType();
 +truststoreType = sslHostConfig.getCertificateKeystoreType();
  }
  if (truststoreType == null) {
  truststoreType = defaultKeystoreType;
 @@ -364,7 +365,7 @@ public class JSSESocketFactory implement
  algorithm = TrustManagerFactory.getDefaultAlgorithm();
  }

 -return getTrustManagers(truststoreType, 
 endpoint.getKeystoreProvider(),
 +return getTrustManagers(truststoreType, 
 sslHostConfig.getCertificateKeystoreProvider(),
  algorithm);
  }
 
 Noted when reviewing the above change. It was not introduced by this
 commit, but existed before it.
 
 About the above return getTrustManagers(truststoreType,  line:
 
 Reading documentation (config/http.html), there exists configuration
 attribute truststoreProvider.   It is odd that the call uses
 keystore Provider option instead of truststoreProvider as the second
 argument to getTrustManagers().

I noticed that while I was working on the patch. Looking at it some more
was on my TODO list.

As far as I can tell, it is a bug in r1079387 that no-one has tripped
over so far. This isn't really surprising as keyStoreProvider !=
trustStoreProvider is going to be rare.

I'll get it fixed and back-ported.

Mark


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

svn commit: r1677971 - in /tomcat/tc7.0.x/trunk: ./ java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java webapps/docs/changelog.xml

2015-05-06 Thread markt 
Author: markt
Date: Wed May  6 12:36:50 2015
New Revision: 1677971

URL: http://svn.apache.org/r1677971
Log:
Use the truststoreProvider rather than the keystoreProvider for the trust 
manager

Modified:
tomcat/tc7.0.x/trunk/   (props changed)

tomcat/tc7.0.x/trunk/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java
tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml

Propchange: tomcat/tc7.0.x/trunk/
--
--- svn:mergeinfo (original)
+++ svn:mergeinfo Wed May  6 12:36:50 2015
@@ -1,2 +1,2 @@
-/tomcat/tc8.0.x/trunk:1636525,1637336,1637685,1637709,1638726,1640089,1640276,1640349,1640363,1640366,1640642,1640672,1640674,1640689,1640884,1641001,1641065,1641067,1641375,1641638,1641723,1641726,1641729-1641730,1641736,1641988,1642669-1642670,1642698,1642701,1643205,1643215,1643217,1643230,1643232,1643273,1643285,1643329-1643330,1643511,1643513,1643521,1643539,1643571,1643581-1643582,1643635,1643655,1643738,1643964,1644018,1644333,1644954,1644992,1645014,1645360,1645456,1645627,1645642,1645686,1645903-1645904,1645908-1645909,1645913,1645920,1646458,1646460-1646462,1646735,1646738-1646741,1646744,1646746,1646748-1646755,1646757,1646759-1646760,1647043,1648816,1651420-1651422,1651844,1652926,1652939-1652940,1652973,1653798,1653817,1653841,1654042,1654161,1654736,1654767,1654787,1656592,1662986,1663265,1663278,1663325,1663535,1663567,1663679,1663997,1664175,1664321,1664872,1665061,1665086,1666027,1666395,1666503,1666506,1666560,1666570,1666581,1666759,1666967,1666988,1667553-1667555
 
,1667558,1667617,1667633,1667637,1667747,1667767,1667873,1668028,1668137,1668634,1669432,1669801,1669840,1669895-1669896,1670398,1670435,1670592,1670605-1670607,1670609,1670632,1670720,1670725,1670727,1670731,1671114,1672273,1672285,1673759,1674220,1674295,1675469,1675488,1675595,1675831,1676232,1676367-1676369,1676382,1676394,1676483,1676556,1676635
-/tomcat/trunk:1156115-1157160,1157162-1157859,1157862-1157942,1157945-1160347,1160349-1163716,1163718-1166689,1166691-1174340,1174342-1175596,1175598-1175611,1175613-1175932,1175934-1177783,1177785-1177980,1178006-1180720,1180722-1183094,1183096-1187753,1187755,1187775,1187801,1187806,1187809,1187826-1188312,1188314-1188401,1188646-1188840,1188842-1190176,1190178-1195223,1195225-1195953,1195955,1195957-1201238,1201240-1203345,1203347-1206623,1206625-1208046,1208073,1208096,1208114,1208145,1208772,1209194-1212125,1212127-1220291,1220293,1220295-1221321,1221323-1222329,1222332-1222401,1222405-1222795,1222850-1222950,1222969-1225326,1225328-1225463,1225465,1225627,1225629-1226534,1226536-1228908,1228911-1228923,1228927-1229532,1229534-1230766,1230768-1231625,1231627-1233414,1233419-1235207,1235209-1237425,1237427,1237429-1237977,1237981,1237985,1237995,1238070,1238073,1239024-1239048,1239050-1239062,1239135,1239256,1239258-1239485,1239785-1240046,1240101,1240106,1240109,1240112,1240114
 
,1240116,1240118,1240121,1240329,1240474-1240850,1240857,1241087,1241160,1241408-1241822,1241908-1241909,1241912-1242110,1242371-1292130,1292134-1292458,1292464-1292670,1292672-1292776,1292780-1293392,1293397-1297017,1297019-1297963,1297965-1299820,1300108,1300111-1300460,1300520-1300948,1300997,1301006,1301280,1302332,1302348,1302608-1302610,1302649,1302837,1303138,1303163,1303338,1303521,1303587,1303698,1303803,1303852,1304011,1304035,1304037,1304135,1304249,1304253,1304260,1304271,1304275,1304468,1304895,1304930-1304932,1305194,1305943,1305965,1306556,1306579-1306580,1307084,1307310,1307511-1307512,1307579,1307591,1307597,1310636,1310639-1310640,1310642,1310701,1311212,1311995,1327617,1327670,1331766,1333161,1333173,1333827,1334787,1335026,1335257,1335547,1335692,1335711,1335731,1336515,1336813,1336864,1336868,1336884,1337419,1337426,1337546,1337572,1337591-1337595,1337643,1337707,1337719,1337734,1337741,1337745,1338151-1338154,1338178,1342027,1342029,1342315,1342320,1342476,1342
 
498,1342503,1342717,1342795,1342805,1343044-1343046,1343335,1343394,1343400,1343629,1343708,1343718,1343895,1344063,1344068,1344250,1344266,1344515,1344528,1344612,1344629,1344725,1344868,1344890,1344893,1344896,1344901,1345020,1345029,1345039,1345287-1345290,1345294,1345309,1345325,1345357,1345367,1345579-1345580,1345582,1345688,1345699,1345704,1345731-1345732,1345737,1345744,1345752,1345754,1345779,1345781,1345846,1346107,1346365,1346376,1346404,1346510,1346514,1346519,1346581,1346635,1346644,1346683,1346794,1346885,1346932,1347034,1347047,1347087,1347108-1347109,1347583,1347737,1348105,1348357,1348398,1348425,1348461-1348495,1348498,1348752,1348762,1348772,1348776,1348859,1348968,1348973,1348989,1349007,1349237,1349298,1349317,1349410,1349473,1349539,1349879,1349887,1349893,1349922,1349984,1350124,1350241,1350243,1350294-1350295,1350299,1350864,1350900,1351010,1351054,1351056,1351068,1351134-1351135,1351148,1351259,1351604,1351636-1351640,1351991,1351993,1352011,1352056,1352059,1

Re: Tomcat Grid

2015-05-06 Thread Andrew Carr 
I can see security of this tool being paramount.  What if you had a large
cluster and someone else was able to manipulate it using this tool?

On Tue, May 5, 2015 at 4:50 PM, Christopher Schultz 
ch...@christopherschultz.net wrote:

 Chris,

 On 5/5/15 4:39 PM, Chris Aguirre wrote:
  I actually use Windows Powershell to execute commands on remote machines,
  including stopping/starting Tomcat (and other Windows Services).
 
  This works well for me - but in this case, I have complete control of all
  the VMs - and they are not Production Servers.
 
  I used the following articles as reference for creating the Powershell
  scripts:
 
 
 http://www.howtogeek.com/117192/how-to-run-powershell-commands-on-remote-computers/
 
 
 http://stackoverflow.com/questions/6239647/using-powershell-credentials-without-being-prompted-for-a-password

 That's great. *NIX also has ssh which can be used to execute remote
 commands, but that's not the hard part.

 The hard part is planning a regular configuration that can be deployed
 to possibly hundreds of separate machines (virtual or physical) and then
 controlled in a sane way.

 For instance, let's say that I have 12 machines in two separate
 clusters. If I want to shutdown 3 machines in each cluster, I have to
 execute a flurry of commands like these:

 $ ssh -c user@server1 /path/to/tomcat/shutdown.sh
 $ ssh -c user@server2 /path/to/tomcat/shutdown.sh
 $ ssh -c user@server3 /path/to/tomcat/shutdown.sh

 $ ssh -c user@server7 /path/to/tomcat/shutdown.sh
 $ ssh -c user@server8 /path/to/tomcat/shutdown.sh
 $ ssh -c user@server9 /path/to/tomcat/shutdown.sh

 If I had a tool that understood my deployment configuration, I could do
 something like this:

 $ cluster shutdown 1 2 3 7 8 9

 If the tool was *really* nice, it might inform my load-balancer that the
 nodes would be coming down as well.

 If it was super-nice, a tool would allow me to schedule a shutdown of
 nodes in the near future. For example, say I want to take those same
 nodes offline, but I want to disable them at the lb, then wait for their
 sticky sessions to drain folly before stopping each Tomcat instance. And
 since I don't want to watch the tool while it waits, I want to get an
 email or SMS confirmation when each node goes down.

 Maybe I can get integration into monitoring tools as well, so when I
 intentionally take a node offline, I don't get a bunch of text messages
 telling me that a server has gone down.

 These are the kinds of things that a grid tool could do to help.

 Being able to execute remote commands is just one of the primitive
 operations of this kind of thing.

 -chris




-- 
With Regards,
Andrew Carr

e. andrewlanec...@gmail.com
w. andrew.c...@openlogic.com
h. 4235255668
c. 4239489852
a. 101 Francis Drive, Greeneville, TN, 37743

svn commit: r1678001 - /tomcat/tc6.0.x/trunk/STATUS.txt

2015-05-06 Thread kkolinko 
Author: kkolinko
Date: Wed May  6 14:12:25 2015
New Revision: 1678001

URL: http://svn.apache.org/r1678001
Log:
vote

Modified:
tomcat/tc6.0.x/trunk/STATUS.txt

Modified: tomcat/tc6.0.x/trunk/STATUS.txt
URL: 
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/STATUS.txt?rev=1678001r1=1678000r2=1678001view=diff
==
--- tomcat/tc6.0.x/trunk/STATUS.txt (original)
+++ tomcat/tc6.0.x/trunk/STATUS.txt Wed May  6 14:12:25 2015
@@ -73,7 +73,7 @@ PATCHES PROPOSED TO BACKPORT:
 * Use the truststoreProvider rather than the keystoreProvider for the trust
   manager
   http://svn.apache.org/r1677971
-  +1: markt
+  +1: markt, kkolinko
   -1:
 
 



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: Tomcat Grid

2015-05-06 Thread Christopher Schultz 
Andrew,

On 5/6/15 9:21 AM, Andrew Carr wrote:
 I can see security of this tool being paramount.  What if you had a large
 cluster and someone else was able to manipulate it using this tool?

If it's built on secure building blocks, such as public-key-based ssh
authentication, or TLS client certificates, then I think it would be
reasonably secure.

Another option is a VPN or VLAN, or a separate physical network.

We use the latter technique to communicate between our application
servers and database servers to avoid the overhead of encryption.

-chris

 On Tue, May 5, 2015 at 4:50 PM, Christopher Schultz 
 ch...@christopherschultz.net wrote:
 
 Chris,

 On 5/5/15 4:39 PM, Chris Aguirre wrote:
 I actually use Windows Powershell to execute commands on remote machines,
 including stopping/starting Tomcat (and other Windows Services).

 This works well for me - but in this case, I have complete control of all
 the VMs - and they are not Production Servers.

 I used the following articles as reference for creating the Powershell
 scripts:


 http://www.howtogeek.com/117192/how-to-run-powershell-commands-on-remote-computers/


 http://stackoverflow.com/questions/6239647/using-powershell-credentials-without-being-prompted-for-a-password

 That's great. *NIX also has ssh which can be used to execute remote
 commands, but that's not the hard part.

 The hard part is planning a regular configuration that can be deployed
 to possibly hundreds of separate machines (virtual or physical) and then
 controlled in a sane way.

 For instance, let's say that I have 12 machines in two separate
 clusters. If I want to shutdown 3 machines in each cluster, I have to
 execute a flurry of commands like these:

 $ ssh -c user@server1 /path/to/tomcat/shutdown.sh
 $ ssh -c user@server2 /path/to/tomcat/shutdown.sh
 $ ssh -c user@server3 /path/to/tomcat/shutdown.sh

 $ ssh -c user@server7 /path/to/tomcat/shutdown.sh
 $ ssh -c user@server8 /path/to/tomcat/shutdown.sh
 $ ssh -c user@server9 /path/to/tomcat/shutdown.sh

 If I had a tool that understood my deployment configuration, I could do
 something like this:

 $ cluster shutdown 1 2 3 7 8 9

 If the tool was *really* nice, it might inform my load-balancer that the
 nodes would be coming down as well.

 If it was super-nice, a tool would allow me to schedule a shutdown of
 nodes in the near future. For example, say I want to take those same
 nodes offline, but I want to disable them at the lb, then wait for their
 sticky sessions to drain folly before stopping each Tomcat instance. And
 since I don't want to watch the tool while it waits, I want to get an
 email or SMS confirmation when each node goes down.

 Maybe I can get integration into monitoring tools as well, so when I
 intentionally take a node offline, I don't get a bunch of text messages
 telling me that a server has gone down.

 These are the kinds of things that a grid tool could do to help.

 Being able to execute remote commands is just one of the primitive
 operations of this kind of thing.

 -chris


 
 



signature.asc
Description: OpenPGP digital signature

buildbot success in ASF Buildbot on tomcat-trunk

2015-05-06 Thread buildbot 
The Buildbot has detected a restored build on builder tomcat-trunk while 
building ASF Buildbot. Full details are available at:
http://ci.apache.org/builders/tomcat-trunk/builds/1192

Buildbot URL: http://ci.apache.org/

Buildslave for this Build: silvanus_ubuntu

Build Reason: The AnyBranchScheduler scheduler named 'on-tomcat-commit' 
triggered this build
Build Source Stamp: [branch tomcat/trunk] 1677966
Blamelist: markt

Build succeeded!

Sincerely,
 -The Buildbot




-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: svn commit: r1677971 - in /tomcat/tc7.0.x/trunk: ./ java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java webapps/docs/changelog.xml

2015-05-06 Thread Mark Thomas 
On 06/05/2015 15:26, Konstantin Kolinko wrote:
 2015-05-06 15:36 GMT+03:00  ma...@apache.org:
 Author: markt
 Date: Wed May  6 12:36:50 2015
 New Revision: 1677971

 URL: http://svn.apache.org/r1677971
 Log:
 Use the truststoreProvider rather than the keystoreProvider for the trust 
 manager

 Modified:
 tomcat/tc7.0.x/trunk/   (props changed)
 
 tomcat/tc7.0.x/trunk/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java
 tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml
 
 
 Modified: 
 tomcat/tc7.0.x/trunk/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java
 URL: 
 http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java?rev=1677971r1=1677970r2=1677971view=diff
 ==
 --- 
 tomcat/tc7.0.x/trunk/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java
  (original)
 +++ 
 tomcat/tc7.0.x/trunk/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java
  Wed May  6 12:36:50 2015
 @@ -545,8 +545,7 @@ public class JSSESocketFactory implement
  algorithm = TrustManagerFactory.getDefaultAlgorithm();
  }

 -return getTrustManagers(truststoreType, 
 endpoint.getKeystoreProvider(),
 -algorithm);
 +return getTrustManagers(truststoreType, 
 endpoint.getTruststoreProvider(), algorithm);
  }

  @Override

 Modified: tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml
 URL: 
 http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml?rev=1677971r1=1677970r2=1677971view=diff
 ==
 --- tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml (original)
 +++ tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml Wed May  6 12:36:50 2015
 @@ -128,6 +128,12 @@
  bug57837/bug: Add codetext/css/code to the default list of
  compressable MIME types. (markt)
/fix
 +  fix
 +For the JSSE based TLS connectors, use the
 +codetruststoreProvider/code rather than the
 +codekeystoreProvider/code when creating the
 +codeTrustManager/codes. (markt)
 +  /fix
  /changelog
/subsection
subsection name=Jasper
 
 
 Hi!
 
 I voted for TC 6 backport of this revision, but on further review
 there are two problems:
 
 1. In other place that calls endpoint.getTruststoreProvider() --
 JSSESocketFactory.getTrustStore()  -- there is some logic to fallback
 to getKeystoreProvider(). It also consults a system property.
 
 If we call endpoint.getTruststoreProvider() directly then there is no
 such fallback logic.

I'll look at fixing that.

 2. The patch is not applicable to Tomcat 6 as is, as its endpoint
 classes do not have getTruststoreProvider() method.
 
 Searching for truststoreProvider I see that documentation mentions
 such option in config/http.xml, and the code in
 JSSESocketFactory.getTrustStore() does
 
 String truststoreProvider =
 (String)attributes.get(truststoreProvider);
 
 instead of using a getter method.

Once I fix the first issue, I'll put together a specific 6.0.x patch.

Mark


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

svn commit: r1678011 - /tomcat/trunk/java/org/apache/jasper/compiler/TagFileProcessor.java

2015-05-06 Thread markt 
Author: markt
Date: Wed May  6 14:45:02 2015
New Revision: 1678011

URL: http://svn.apache.org/r1678011
Log:
Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=57887
Fix compilation for recursive tag files packaged in a JAR

Modified:
tomcat/trunk/java/org/apache/jasper/compiler/TagFileProcessor.java

Modified: tomcat/trunk/java/org/apache/jasper/compiler/TagFileProcessor.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/jasper/compiler/TagFileProcessor.java?rev=1678011r1=1678010r2=1678011view=diff
==
--- tomcat/trunk/java/org/apache/jasper/compiler/TagFileProcessor.java 
(original)
+++ tomcat/trunk/java/org/apache/jasper/compiler/TagFileProcessor.java Wed May  
6 14:45:02 2015
@@ -517,6 +517,7 @@ class TagFileProcessor {
 TagInfo tagInfo, PageInfo parentPageInfo) throws JasperException {
 
 Jar tagJar = null;
+Jar tagJarOriginal = null;
 try {
 if (tagFilePath.startsWith(/META-INF/)) {
 try {
@@ -537,75 +538,83 @@ class TagFileProcessor {
 JspRuntimeContext rctxt = ctxt.getRuntimeContext();
 
 synchronized (rctxt) {
-JspServletWrapper wrapper = rctxt.getWrapper(wrapperUri);
-if (wrapper == null) {
-wrapper = new JspServletWrapper(ctxt.getServletContext(), 
ctxt
-.getOptions(), tagFilePath, tagInfo, ctxt
-.getRuntimeContext(), tagJar);
-rctxt.addWrapper(wrapperUri, wrapper);
-
-// Use same classloader and classpath for compiling tag 
files
-wrapper.getJspEngineContext().setClassLoader(
-ctxt.getClassLoader());
-
wrapper.getJspEngineContext().setClassPath(ctxt.getClassPath());
-} else {
-// Make sure that JspCompilationContext gets the latest 
TagInfo
-// for the tag file. TagInfo instance was created the last
-// time the tag file was scanned for directives, and the 
tag
-// file may have been modified since then.
-wrapper.getJspEngineContext().setTagInfo(tagInfo);
-// The tagJar passed to to the JspCompilationContext will
-// have been closed (see the finally block at the end of
-// this method) so update the the tagJar to one opened 
above
-wrapper.getJspEngineContext().setTagFileJar(tagJar);
-}
-
-Class? tagClazz;
-int tripCount = wrapper.incTripCount();
+JspServletWrapper wrapper = null;
 try {
-if (tripCount  0) {
-// When tripCount is greater than zero, a circular
-// dependency exists. The circularly dependent tag
-// file is compiled in prototype mode, to avoid 
infinite
-// recursion.
-
-JspServletWrapper tempWrapper = new 
JspServletWrapper(ctxt
-.getServletContext(), ctxt.getOptions(),
-tagFilePath, tagInfo, ctxt.getRuntimeContext(),
-tagJar);
+wrapper = rctxt.getWrapper(wrapperUri);
+if (wrapper == null) {
+wrapper = new 
JspServletWrapper(ctxt.getServletContext(), ctxt
+.getOptions(), tagFilePath, tagInfo, ctxt
+.getRuntimeContext(), tagJar);
+rctxt.addWrapper(wrapperUri, wrapper);
+
 // Use same classloader and classpath for compiling 
tag files
-tempWrapper.getJspEngineContext().setClassLoader(
+wrapper.getJspEngineContext().setClassLoader(
 ctxt.getClassLoader());
-
tempWrapper.getJspEngineContext().setClassPath(ctxt.getClassPath());
-tagClazz = tempWrapper.loadTagFilePrototype();
-tempVector.add(tempWrapper.getJspEngineContext()
-.getCompiler());
+
wrapper.getJspEngineContext().setClassPath(ctxt.getClassPath());
 } else {
-tagClazz = wrapper.loadTagFile();
+// Make sure that JspCompilationContext gets the 
latest TagInfo
+// for the tag file. TagInfo instance was created the 
last
+// time the tag file was scanned for directives, and 
the tag
+// file may have been modified since then.
+wrapper.getJspEngineContext().setTagInfo(tagInfo);
+

buildbot exception in ASF Buildbot on tomcat-8-trunk

2015-05-06 Thread buildbot 
The Buildbot has detected a build exception on builder tomcat-8-trunk while 
building ASF Buildbot. Full details are available at:
http://ci.apache.org/builders/tomcat-8-trunk/builds/241

Buildbot URL: http://ci.apache.org/

Buildslave for this Build: silvanus_ubuntu

Build Reason: The AnyBranchScheduler scheduler named 'on-tomcat-8-commit' 
triggered this build
Build Source Stamp: [branch tomcat/tc8.0.x/trunk] 1678012
Blamelist: markt

BUILD FAILED: exception svn upload_2

Sincerely,
 -The Buildbot




-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

svn commit: r1678006 - /tomcat/tc6.0.x/trunk/STATUS.txt

2015-05-06 Thread jfclere 
Author: jfclere
Date: Wed May  6 14:25:19 2015
New Revision: 1678006

URL: http://svn.apache.org/r1678006
Log:
my vote.

Modified:
tomcat/tc6.0.x/trunk/STATUS.txt

Modified: tomcat/tc6.0.x/trunk/STATUS.txt
URL: 
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/STATUS.txt?rev=1678006r1=1678005r2=1678006view=diff
==
--- tomcat/tc6.0.x/trunk/STATUS.txt (original)
+++ tomcat/tc6.0.x/trunk/STATUS.txt Wed May  6 14:25:19 2015
@@ -73,7 +73,7 @@ PATCHES PROPOSED TO BACKPORT:
 * Use the truststoreProvider rather than the keystoreProvider for the trust
   manager
   http://svn.apache.org/r1677971
-  +1: markt, kkolinko
+  +1: markt, kkolinko, jfclere
   -1:
 
 



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: svn commit: r1677971 - in /tomcat/tc7.0.x/trunk: ./ java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java webapps/docs/changelog.xml

2015-05-06 Thread Konstantin Kolinko 
2015-05-06 15:36 GMT+03:00  ma...@apache.org:
 Author: markt
 Date: Wed May  6 12:36:50 2015
 New Revision: 1677971

 URL: http://svn.apache.org/r1677971
 Log:
 Use the truststoreProvider rather than the keystoreProvider for the trust 
 manager

 Modified:
 tomcat/tc7.0.x/trunk/   (props changed)
 
 tomcat/tc7.0.x/trunk/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java
 tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml


 Modified: 
 tomcat/tc7.0.x/trunk/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java
 URL: 
 http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java?rev=1677971r1=1677970r2=1677971view=diff
 ==
 --- 
 tomcat/tc7.0.x/trunk/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java
  (original)
 +++ 
 tomcat/tc7.0.x/trunk/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java
  Wed May  6 12:36:50 2015
 @@ -545,8 +545,7 @@ public class JSSESocketFactory implement
  algorithm = TrustManagerFactory.getDefaultAlgorithm();
  }

 -return getTrustManagers(truststoreType, 
 endpoint.getKeystoreProvider(),
 -algorithm);
 +return getTrustManagers(truststoreType, 
 endpoint.getTruststoreProvider(), algorithm);
  }

  @Override

 Modified: tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml
 URL: 
 http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml?rev=1677971r1=1677970r2=1677971view=diff
 ==
 --- tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml (original)
 +++ tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml Wed May  6 12:36:50 2015
 @@ -128,6 +128,12 @@
  bug57837/bug: Add codetext/css/code to the default list of
  compressable MIME types. (markt)
/fix
 +  fix
 +For the JSSE based TLS connectors, use the
 +codetruststoreProvider/code rather than the
 +codekeystoreProvider/code when creating the
 +codeTrustManager/codes. (markt)
 +  /fix
  /changelog
/subsection
subsection name=Jasper


Hi!

I voted for TC 6 backport of this revision, but on further review
there are two problems:

1. In other place that calls endpoint.getTruststoreProvider() --
JSSESocketFactory.getTrustStore()  -- there is some logic to fallback
to getKeystoreProvider(). It also consults a system property.

If we call endpoint.getTruststoreProvider() directly then there is no
such fallback logic.


2. The patch is not applicable to Tomcat 6 as is, as its endpoint
classes do not have getTruststoreProvider() method.

Searching for truststoreProvider I see that documentation mentions
such option in config/http.xml, and the code in
JSSESocketFactory.getTrustStore() does

String truststoreProvider =
(String)attributes.get(truststoreProvider);

instead of using a getter method.


Best regards,
Konstantin Kolinko

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

buildbot success in ASF Buildbot on tomcat-7-trunk

2015-05-06 Thread buildbot 
The Buildbot has detected a restored build on builder tomcat-7-trunk while 
building ASF Buildbot. Full details are available at:
http://ci.apache.org/builders/tomcat-7-trunk/builds/641

Buildbot URL: http://ci.apache.org/

Buildslave for this Build: silvanus_ubuntu

Build Reason: The AnyBranchScheduler scheduler named 'on-tomcat-7-commit' 
triggered this build
Build Source Stamp: [branch tomcat/tc7.0.x/trunk] 1677971
Blamelist: markt

Build succeeded!

Sincerely,
 -The Buildbot




-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

svn commit: r1678012 - in /tomcat/tc8.0.x/trunk: ./ java/org/apache/jasper/compiler/TagFileProcessor.java webapps/docs/changelog.xml

2015-05-06 Thread markt 
Author: markt
Date: Wed May  6 14:46:37 2015
New Revision: 1678012

URL: http://svn.apache.org/r1678012
Log:
Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=57887
Fix compilation for recursive tag files packaged in a JAR

Modified:
tomcat/tc8.0.x/trunk/   (props changed)
tomcat/tc8.0.x/trunk/java/org/apache/jasper/compiler/TagFileProcessor.java
tomcat/tc8.0.x/trunk/webapps/docs/changelog.xml

Propchange: tomcat/tc8.0.x/trunk/
--
--- svn:mergeinfo (original)
+++ svn:mergeinfo Wed May  6 14:46:37 2015
@@ -1 +1 @@
-/tomcat/trunk:1636524,1637156,1637176,1637188,1637331,1637684,1637695,1638720-1638725,1639653,1640010,1640083-1640084,1640088,1640275,1640322,1640347,1640361,1640365,1640403,1640410,1640652,1640655-1640658,1640688,1640700-1640883,1640903,1640976,1640978,1641000,1641026,1641038-1641039,1641051-1641052,1641058,1641064,1641300,1641369,1641374,1641380,1641486,1641634,1641656-1641692,1641704,1641707-1641718,1641720-1641722,1641735,1641981,1642233,1642280,1642554,1642564,1642595,1642606,1642668,1642679,1642697,1642699,1642766,1643002,1643045,1643054-1643055,1643066,1643121,1643128,1643206,1643209-1643210,1643216,1643249,1643270,1643283,1643309-1643310,1643323,1643365-1643366,1643370-1643371,1643465,1643474,1643536,1643570,1643634,1643649,1643651,1643654,1643675,1643731,1643733-1643734,1643761,1643766,1643814,1643937,1643963,1644017,1644169,1644201-1644203,1644321,1644323,1644516,1644523,1644529,1644535,1644730,1644768,1644784-1644785,1644790,1644793,1644815,1644884,1644886,1644890,1644892
 
,1644910,1644924,1644929-1644930,1644935,1644989,1645011,1645247,1645355,1645357-1645358,1645455,1645465,1645469,1645471,1645473,1645475,1645486-1645488,1645626,1645641,1645685,1645743,1645763,1645951-1645953,1645955,1645993,1646098-1646106,1646178,1646220,1646302,1646304,1646420,1646470-1646471,1646476,1646559,1646717-1646723,1646773,1647026,1647042,1647530,1647655,1648304,1648815,1648907,1650081,1650365,1651116,1651120,1651280,1651470,1652938,1652970,1653041,1653471,1653550,1653574,1653797,1653815-1653816,1653819,1653840,1653857,1653888,1653972,1654013,1654030,1654050,1654123,1654148,1654159,1654513,1654515,1654517,1654522,1654524,1654725,1654735,1654766,1654785,1654851-1654852,1654978,1655122-1655124,1655126-1655127,1655129-1655130,1655132-1655133,1655312,1655438,1655441,1655454,168,1656087,1656299,1656319,1656331,1656345,1656350,1656590,1656648-1656650,1656657,1657041,1657054,1657374,1657492,1657510,1657565,1657580,1657584,1657586,1657589,1657592,1657607,1657609,1657682,1657
 
907,1658207,1658734,1658781,1658790,1658799,1658802,1658804,1658833,1658840,1658966,1659043,1659053,1659059,1659188-1659189,1659216,1659263,1659293,1659304,1659306-1659307,1659382,1659384,1659428,1659471,1659486,1659505,1659516,1659521,1659524,1659559,1659562,1659803,1659806,1659814,1659833,1659862,1659905,1659919,1659948,1659967,1659983-1659984,1660060,1660074,1660077,1660133,1660168,1660331-1660332,1660353,1660358,1660924,1661386,1661867,1661972,1661990,1662200,1662308-1662309,1662548,1662614,1662736,1662985,1662988-1662989,1663264,1663277,1663298,1663534,1663562,1663676,1663715,1663754,1663768,1663772,1663781,1663893,1663995,1664143,1664163,1664174,1664301,1664317,1664347,1664657,1664659,1664710,1664863-1664864,1664866,1665085,1665292,1665559,1665653,1665661,1665672,1665694,1665697,1665736,1665779,1665976-1665977,1665980-1665981,1665985-1665986,1665989,1665998,1666004,1666008,1666013,1666017,1666024,1666116,1666386-1666387,1666494,1666496,1666552,1666569,1666579,137,149,1
 
666757,1666966,1666972,1666985,1666995,1666997,1667292,1667402,1667406,1667546,1667615,1667630,1667636,1667688,1667764,1667871,1668026,1668135,1668193,1668593,1668596,1668630,1668639,1668843,1669353,1669370,1669451,1669800,1669838,1669876,1669882,1670394,1670433,1670591,1670598-1670600,1670610,1670631,1670719,1670724,1670726,1670730,1670940,1671112,1672272,1672284,1673754,1674294,1675461,1675486,1675594,1675830,1676231,1676250-1676251,1676364,1676381,1676393,1676479,1676525,1676552,1676615,1676630,1676634,1676721,1676926,1676943,1677140,1677802,1677966

[Bug 57887] IllegalStateException: zip file closed

2015-05-06 Thread bugzilla 
https://bz.apache.org/bugzilla/show_bug.cgi?id=57887

Mark Thomas ma...@apache.org changed:

   What|Removed |Added

 Status|REOPENED|RESOLVED
 Resolution|--- |FIXED

--- Comment #4 from Mark Thomas ma...@apache.org ---
Thanks for the test case. That made it pretty easy to track down the problem.

This has been fixed in trunk and 8.0.x and will be included in 8.0.23 onwards.

-- 
You are receiving this mail because:
You are the assignee for the bug.

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

buildbot success in ASF Buildbot on tomcat-8-trunk

2015-05-06 Thread buildbot 
The Buildbot has detected a restored build on builder tomcat-8-trunk while 
building ASF Buildbot. Full details are available at:
http://ci.apache.org/builders/tomcat-8-trunk/builds/240

Buildbot URL: http://ci.apache.org/

Buildslave for this Build: silvanus_ubuntu

Build Reason: The AnyBranchScheduler scheduler named 'on-tomcat-8-commit' 
triggered this build
Build Source Stamp: [branch tomcat/tc8.0.x/trunk] 1677967
Blamelist: markt

Build succeeded!

Sincerely,
 -The Buildbot




-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: svn commit: r1675198 - in /tomcat/trunk: java/org/apache/tomcat/util/net/AprEndpoint.java java/org/apache/tomcat/util/net/SSLHostConfig.java webapps/docs/config/http.xml

2015-05-06 Thread Mark Thomas 
On 06/05/2015 13:41, Mark Thomas wrote:
 On 06/05/2015 02:24, Konstantin Kolinko wrote:
 2015-04-21 23:56 GMT+03:00  ma...@apache.org:
 Author: markt
 Date: Tue Apr 21 20:56:14 2015
 New Revision: 1675198

 URL: http://svn.apache.org/r1675198
 Log:
 Document the protocols attribute for SSLHostConfig and align the 
 implementation with it.

 Modified:
 tomcat/trunk/java/org/apache/tomcat/util/net/AprEndpoint.java
 tomcat/trunk/java/org/apache/tomcat/util/net/SSLHostConfig.java
 tomcat/trunk/webapps/docs/config/http.xml


 (...)

 Modified: tomcat/trunk/webapps/docs/config/http.xml
 URL: 
 http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/config/http.xml?rev=1675198r1=1675197r2=1675198view=diff
 ==
 --- tomcat/trunk/webapps/docs/config/http.xml (original)
 +++ tomcat/trunk/webapps/docs/config/http.xml Tue Apr 21 20:56:14 2015
 @@ -1050,7 +1050,7 @@

attributes

 -attribute name=hostName required=true
 +attribute name=hostName required=false
pThe name of the SSL Host. This should either be the fully 
 qualified
domain name (e.g. codetomcat.apache.org/code) or a wild card 
 domain
name (e.g. code*.apache.org/code). If not specified, the default 
 value
 @@ -1058,7 +1058,20 @@
  /attribute

  attribute name=protocols required=false
 -  p/p
 +  pThe names of the protocols to support when communicating with 
 clients.
 +  This should be a comma separated list of any combination of the 
 following:
 +  /p
 +  ulliSSLv2Hello/liliSSLv2/liliSSLv3/liliTLSv1/li
 +  liTLSv1.1/liliTLSv1.2/liliall/li/ul
 +  pNote that OpenSSL based secure connectors will always support
 +  codeSSLv2Hello/code regardless of whether or not it is included 
 in the
 +  value for this attribute./p
 +  pNote that codeall/code is an alias for
 +  codeTLSv1,TLSv1.1,TLSv1.2/code./p
 +  pNote that codeSSLv2/code and codeSSLv3/code are inherently
 +  unsafe./p
 +  pIf not specified, the default value of codeall/code will be
 +  used./p
  /attribute




 As far as I remember from reading the source code, the above phrase
 Note that OpenSSL based secure connectors will always support
 SSLv2Hello regardless of whether or not it is included in the value
 for this attribute. about protocols attribute is not true.


 I think that it works as following:

 1) If protocols includes several protocols (like in
 TLSv1,TLSv1.1,TLSv1.2) then OpenSSL configures a generic handshake
 method that supports SSLv2Hello.

 2) If protocols includes only one protocol (e.g. TLSv1 or
 TLSv1.2), it configures a handshake method for that specific
 protocol,  and SSLv2Hello is not enabled.

 In our sslcontext.c of Tomcat-Native 1.1.x:

 The case of 1) uses
 ctx = SSL_CTX_new(SSLv23_server_method());

 The case of 2) uses
 ctx = SSL_CTX_new(TLSv1_2_server_method());
 ctx = SSL_CTX_new(TLSv1_1_server_method());
 ctx = SSL_CTX_new(TLSv1_server_method());
 etc.
 
 Interesting. I should be able to change things so both JSSE and OpenSSL
 based connectors work the same way. I'll take a look.

Maybe not then. I'll work on some better language for the docs.

Mark


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

svn commit: r1677981 - /tomcat/trunk/webapps/docs/config/http.xml

2015-05-06 Thread markt 
Author: markt
Date: Wed May  6 13:14:08 2015
New Revision: 1677981

URL: http://svn.apache.org/r1677981
Log:
Update docs for protocols. OpenSSL and SSLv2Hello. Review by kkolinko

Modified:
tomcat/trunk/webapps/docs/config/http.xml

Modified: tomcat/trunk/webapps/docs/config/http.xml
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/config/http.xml?rev=1677981r1=1677980r2=1677981view=diff
==
--- tomcat/trunk/webapps/docs/config/http.xml (original)
+++ tomcat/trunk/webapps/docs/config/http.xml Wed May  6 13:14:08 2015
@@ -1173,9 +1173,11 @@
   /p
   ulliSSLv2Hello/liliSSLv2/liliSSLv3/liliTLSv1/li
   liTLSv1.1/liliTLSv1.2/liliall/li/ul
-  pNote that OpenSSL based secure connectors will always support
-  codeSSLv2Hello/code regardless of whether or not it is included in 
the
-  value for this attribute./p
+  pNote that codeSSLv2Hello/code will be ignored for OpenSSL based
+  secure connectors. If more than one protocol is specified for an OpenSSL
+  based secure connector it will support codeSSLv2Hello/code. If a
+  single protocol is specified it will not support
+  codeSSLv2Hello/code./p
   pNote that codeall/code is an alias for
   codeTLSv1,TLSv1.1,TLSv1.2/code./p
   pNote that codeSSLv2/code and codeSSLv3/code are inherently



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

svn commit: r1677966 - /tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java

2015-05-06 Thread markt 
Author: markt
Date: Wed May  6 12:29:48 2015
New Revision: 1677966

URL: http://svn.apache.org/r1677966
Log:
Use the trustStoreProvider rather than the keystoreProvider for the trust 
manager

Modified:
tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java

Modified: 
tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java?rev=1677966r1=1677965r2=1677966view=diff
==
--- tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java 
(original)
+++ tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java 
Wed May  6 12:29:48 2015
@@ -365,8 +365,7 @@ public class JSSESocketFactory implement
 algorithm = TrustManagerFactory.getDefaultAlgorithm();
 }
 
-return getTrustManagers(truststoreType, 
sslHostConfig.getCertificateKeystoreProvider(),
-algorithm);
+return getTrustManagers(truststoreType, 
endpoint.getTruststoreProvider(), algorithm);
 }
 
 @Override



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: Tomcat Grid

2015-05-06 Thread Christopher Schultz 
Alarcón,

On 5/6/15 11:56 AM, Alarcón Vladimir wrote:
 As requested, I will do a write-up of the high-level architecture,
 and a list of features in phases.
 
 In terms of security I think the command-line interface could be
 secured by definition since it will be only available on the prod
 environment (or qa, or test, or dev respectively). In prod I only use
 vlans. The whole set of machines is isolated from other network
 segments all the time. To access them the firewall only allows me to
 get into the machines through a specific port, but this will depend
 on the security on each environment.
 
 The web interface is probably a little bit different. We will
 probably like to allow users to connect remotely, but from a secured
 net segment only available though a vpn or similar. In any case, it
 will be available over HTTPS only and will need to have user/pass
 security at the very least. Other options can be considered.

Were you envisioning a web-based interface to this tool, or are you
talking about some other kind of UI?

I personally don't need any web-based UI for something like this, but
others may appreciate a point-and-click interface. The good news about
command-line tools is that they are usually trivially scriptable via GUIs.

 On the Informing the LB question, the tool architecture as I see it
 will include hooks (related to events), so custom scripts could be
 added to suit specific needs of each installation/environment. This
 way the end user could the hooks to implement integration points to
 other systems.

Perfect. I happen to use a fleet of httpds with mod_jk as my
load-balancers, but others may use something else.

Providing hooks to listen for various events would be the perfect way to
customize this kind of tool for a particular environment.

-chris



signature.asc
Description: OpenPGP digital signature

buildbot failure in ASF Buildbot on tomcat-trunk

2015-05-06 Thread buildbot 
The Buildbot has detected a new failure on builder tomcat-trunk while building 
ASF Buildbot. Full details are available at:
http://ci.apache.org/builders/tomcat-trunk/builds/1195

Buildbot URL: http://ci.apache.org/

Buildslave for this Build: silvanus_ubuntu

Build Reason: The AnyBranchScheduler scheduler named 'on-tomcat-commit' 
triggered this build
Build Source Stamp: [branch tomcat/trunk] 1678097
Blamelist: markt

BUILD FAILED: failed compile_1

Sincerely,
 -The Buildbot




-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 57773] performance problems when using scopeless optional attributes

2015-05-06 Thread bugzilla 
https://bz.apache.org/bugzilla/show_bug.cgi?id=57773

--- Comment #3 from donnchadh donnch...@gmail.com ---
I'm seeing a dramatic dramatic impact due to this (in conjunction with the
global lock on WebAppClassLoader).

-- 
You are receiving this mail because:
You are the assignee for the bug.

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

svn commit: r1678097 - in /tomcat/trunk: java/org/apache/coyote/http11/ java/org/apache/tomcat/util/net/ java/org/apache/tomcat/util/net/jsse/ webapps/docs/config/

2015-05-06 Thread markt 
Author: markt
Date: Wed May  6 21:30:54 2015
New Revision: 1678097

URL: http://svn.apache.org/r1678097
Log:
Move the truststore attributes to SSLHostConfig
Move as much of the default / fall-back code to SSLHostConfig rather than 
spreading it through JSSESocketFactory. This makes the defaults/fallbacks 
easier to read (in my view) and allowed some clean-up in JSSESocketFactory.

Modified:
tomcat/trunk/java/org/apache/coyote/http11/AbstractHttp11JsseProtocol.java
tomcat/trunk/java/org/apache/coyote/http11/AbstractHttp11Protocol.java
tomcat/trunk/java/org/apache/tomcat/util/net/AbstractEndpoint.java
tomcat/trunk/java/org/apache/tomcat/util/net/SSLHostConfig.java
tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java
tomcat/trunk/webapps/docs/config/http.xml

Modified: 
tomcat/trunk/java/org/apache/coyote/http11/AbstractHttp11JsseProtocol.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/coyote/http11/AbstractHttp11JsseProtocol.java?rev=1678097r1=1678096r2=1678097view=diff
==
--- tomcat/trunk/java/org/apache/coyote/http11/AbstractHttp11JsseProtocol.java 
(original)
+++ tomcat/trunk/java/org/apache/coyote/http11/AbstractHttp11JsseProtocol.java 
Wed May  6 21:30:54 2015
@@ -28,29 +28,6 @@ public abstract class AbstractHttp11Jsse
 public String getSslProtocol() { return getEndpoint().getSslProtocol();}
 public void setSslProtocol(String s) { getEndpoint().setSslProtocol(s);}
 
-public void setTruststoreFile(String f){ 
getEndpoint().setTruststoreFile(f);}
-public String getTruststoreFile(){ return 
getEndpoint().getTruststoreFile();}
-
-public void setTruststorePass(String p){ 
getEndpoint().setTruststorePass(p);}
-public String getTruststorePass(){return 
getEndpoint().getTruststorePass();}
-
-public void setTruststoreType(String t){ 
getEndpoint().setTruststoreType(t);}
-public String getTruststoreType(){ return 
getEndpoint().getTruststoreType();}
-
-public void setTruststoreProvider(String t){
-getEndpoint().setTruststoreProvider(t);
-}
-public String getTruststoreProvider(){
-return getEndpoint().getTruststoreProvider();
-}
-
-public void setTruststoreAlgorithm(String a){
-getEndpoint().setTruststoreAlgorithm(a);
-}
-public String getTruststoreAlgorithm(){
-return getEndpoint().getTruststoreAlgorithm();
-}
-
 public void setSessionCacheSize(String 
s){getEndpoint().setSessionCacheSize(s);}
 public String getSessionCacheSize(){ return 
getEndpoint().getSessionCacheSize();}
 

Modified: tomcat/trunk/java/org/apache/coyote/http11/AbstractHttp11Protocol.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/coyote/http11/AbstractHttp11Protocol.java?rev=1678097r1=1678096r2=1678097view=diff
==
--- tomcat/trunk/java/org/apache/coyote/http11/AbstractHttp11Protocol.java 
(original)
+++ tomcat/trunk/java/org/apache/coyote/http11/AbstractHttp11Protocol.java Wed 
May  6 21:30:54 2015
@@ -476,6 +476,35 @@ public abstract class AbstractHttp11Prot
 defaultSSLHostConfig.setCertificateKeyAlias(certificateKeyAlias);
 }
 
+public void setTruststoreAlgorithm(String truststoreAlgorithm){
+registerDefaultSSLHostConfig();
+defaultSSLHostConfig.setTruststoreAlgorithm(truststoreAlgorithm);
+}
+
+
+public void setTruststoreFile(String truststoreFile){
+registerDefaultSSLHostConfig();
+defaultSSLHostConfig.setTruststoreFile(truststoreFile);
+}
+
+
+public void setTruststorePass(String truststorePassword){
+registerDefaultSSLHostConfig();
+defaultSSLHostConfig.setTruststorePassword(truststorePassword);
+}
+
+
+public void setTruststoreType(String truststoreType){
+registerDefaultSSLHostConfig();
+defaultSSLHostConfig.setTruststoreType(truststoreType);
+}
+
+
+public void setTruststoreProvider(String truststoreProvider){
+registerDefaultSSLHostConfig();
+defaultSSLHostConfig.setTruststoreProvider(truststoreProvider);
+}
+
 
 // - Common 
code
 

Modified: tomcat/trunk/java/org/apache/tomcat/util/net/AbstractEndpoint.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/net/AbstractEndpoint.java?rev=1678097r1=1678096r2=1678097view=diff
==
--- tomcat/trunk/java/org/apache/tomcat/util/net/AbstractEndpoint.java 
(original)
+++ tomcat/trunk/java/org/apache/tomcat/util/net/AbstractEndpoint.java Wed May  
6 21:30:54 2015
@@ -16,7 +16,6 @@
  */
 package org.apache.tomcat.util.net;
 
-import java.io.File;
 import java.io.OutputStreamWriter;
 import java.net.InetAddress;
 import java.net.InetSocketAddress;
@@ -890,24 +889,6

[Bug 57486] Improve reuse of ProtectedFunctionMapper instances in generated JSP

2015-05-06 Thread bugzilla 
https://bz.apache.org/bugzilla/show_bug.cgi?id=57486

donnchadh donnch...@gmail.com changed:

   What|Removed |Added

 CC||donnch...@gmail.com
 OS||All

-- 
You are receiving this mail because:
You are the assignee for the bug.

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

buildbot success in ASF Buildbot on tomcat-8-trunk

2015-05-06 Thread buildbot 
The Buildbot has detected a restored build on builder tomcat-8-trunk while 
building ASF Buildbot. Full details are available at:
http://ci.apache.org/builders/tomcat-8-trunk/builds/242

Buildbot URL: http://ci.apache.org/

Buildslave for this Build: silvanus_ubuntu

Build Reason: The AnyBranchScheduler scheduler named 'on-tomcat-8-commit' 
triggered this build
Build Source Stamp: [branch tomcat/tc8.0.x/trunk] 1678024
Blamelist: markt

Build succeeded!

Sincerely,
 -The Buildbot




-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Tomcat Grid write up

2015-05-06 Thread Alarcón Vladimir 
I guess I got a little bit carried away when writing the architecture and 
description, but I guess it's better to be ambitious. We can decide later on 
what we actually want from this tool.

Please find attached the write up.

Vlad

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[GUMP@vmgump]: Project tomcat-tc8.0.x-test-nio2 (in module tomcat-8.0.x) failed

2015-05-06 Thread Bill Barker 
To whom it may engage...

This is an automated request, but not an unsolicited one. For 
more information please visit http://gump.apache.org/nagged.html, 
and/or contact the folk at gene...@gump.apache.org.

Project tomcat-tc8.0.x-test-nio2 has an issue affecting its community 
integration.
This issue affects 1 projects,
 and has been outstanding for 15 runs.
The current state of this project is 'Failed', with reason 'Build Failed'.
For reference only, the following projects are affected by this:
- tomcat-tc8.0.x-test-nio2 :  Tomcat 8.x, a web server implementing the 
Java Servlet 3.1,
...


Full details are available at:

http://vmgump.apache.org/gump/public/tomcat-8.0.x/tomcat-tc8.0.x-test-nio2/index.html

That said, some information snippets are provided here.

The following annotations (debug/informational/warning/error messages) were 
provided:
 -DEBUG- Dependency on commons-daemon exists, no need to add for property 
commons-daemon.native.src.tgz.
 -DEBUG- Dependency on commons-daemon exists, no need to add for property 
tomcat-native.tar.gz.
 -INFO- Failed with reason build failed
 -INFO- Project Reports in: 
/srv/gump/public/workspace/tomcat-8.0.x/output/logs-NIO2
 -INFO- Project Reports in: 
/srv/gump/public/workspace/tomcat-8.0.x/output/test-tmp-NIO2/logs



The following work was performed:
http://vmgump.apache.org/gump/public/tomcat-8.0.x/tomcat-tc8.0.x-test-nio2/gump_work/build_tomcat-8.0.x_tomcat-tc8.0.x-test-nio2.html
Work Name: build_tomcat-8.0.x_tomcat-tc8.0.x-test-nio2 (Type: Build)
Work ended in a state of : Failed
Elapsed: 36 mins 36 secs
Command Line: /usr/lib/jvm/java-8-oracle/bin/java -Djava.awt.headless=true 
-Dbuild.sysclasspath=only org.apache.tools.ant.Main 
-Dgump.merge=/srv/gump/public/gump/work/merge.xml 
-Djunit.jar=/srv/gump/public/workspace/junit/target/junit-4.13-SNAPSHOT.jar 
-Dobjenesis.jar=/srv/gump/public/workspace/objenesis/main/target/objenesis-2.2-SNAPSHOT.jar
 -Dtest.reports=output/logs-NIO2 
-Dtomcat-native.tar.gz=/srv/gump/public/workspace/apache-commons/daemon/dist/bin/commons-daemon-20150507-native-src.tar.gz
 -Dexamples.sources.skip=true 
-Djdt.jar=/srv/gump/packages/eclipse/plugins/R-4.4-201406061215/ecj-4.4.jar 
-Dcommons-daemon.jar=/srv/gump/public/workspace/apache-commons/daemon/dist/commons-daemon-20150507.jar
 
-Dcommons-daemon.native.src.tgz=/srv/gump/public/workspace/apache-commons/daemon/dist/bin/commons-daemon-20150507-native-src.tar.gz
 -Dtest.temp=output/test-tmp-NIO2 -Dtest.accesslog=true 
-Dexecute.test.nio=false 
-Dtest.openssl.path=/srv/gump/public/workspace/openssl-1.0.2/dest-20150507/bin
 /openssl -Dexecute.test.bio=false -Dexecute.test.apr=false 
-Dtest.excludePerformance=true -Dexecute.test.nio2=true 
-Deasymock.jar=/srv/gump/public/workspace/easymock/easymock/target/easymock-3.4-SNAPSHOT.jar
 -Dhamcrest.jar=/srv/gump/packages/hamcrest/hamcrest-core-1.3.jar 
-Dcglib.jar=/srv/gump/packages/cglib/cglib-nodep-2.2.jar test 
[Working Directory: /srv/gump/public/workspace/tomcat-8.0.x]
CLASSPATH: 
/usr/lib/jvm/java-8-oracle/lib/tools.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/webapps/examples/WEB-INF/classes:/srv/gump/public/workspace/tomcat-8.0.x/output/testclasses:/srv/gump/public/workspace/ant/dist/lib/ant.jar:/srv/gump/public/workspace/ant/dist/lib/ant-launcher.jar:/srv/gump/public/workspace/ant/dist/lib/ant-jmf.jar:/srv/gump/public/workspace/ant/dist/lib/ant-junit.jar:/srv/gump/public/workspace/ant/dist/lib/ant-junit4.jar:/srv/gump/public/workspace/ant/dist/lib/ant-swing.jar:/srv/gump/public/workspace/ant/dist/lib/ant-apache-resolver.jar:/srv/gump/public/workspace/ant/dist/lib/ant-apache-xalan2.jar:/srv/gump/public/workspace/xml-commons/java/build/resolver.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/bin/bootstrap.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/bin/tomcat-juli.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/lib/annotations-api.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/lib/servlet-api.ja

Re: svn commit: r1677971 - in /tomcat/tc7.0.x/trunk: ./ java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java webapps/docs/changelog.xml

2015-05-06 Thread Mark Thomas 
On 06/05/2015 15:48, Mark Thomas wrote:
 On 06/05/2015 15:26, Konstantin Kolinko wrote:
 2015-05-06 15:36 GMT+03:00  ma...@apache.org:
 Author: markt
 Date: Wed May  6 12:36:50 2015
 New Revision: 1677971

 URL: http://svn.apache.org/r1677971
 Log:
 Use the truststoreProvider rather than the keystoreProvider for the trust 
 manager

 Modified:
 tomcat/tc7.0.x/trunk/   (props changed)
 
 tomcat/tc7.0.x/trunk/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java
 tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml


 Modified: 
 tomcat/tc7.0.x/trunk/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java
 URL: 
 http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java?rev=1677971r1=1677970r2=1677971view=diff
 ==
 --- 
 tomcat/tc7.0.x/trunk/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java
  (original)
 +++ 
 tomcat/tc7.0.x/trunk/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java
  Wed May  6 12:36:50 2015
 @@ -545,8 +545,7 @@ public class JSSESocketFactory implement
  algorithm = TrustManagerFactory.getDefaultAlgorithm();
  }

 -return getTrustManagers(truststoreType, 
 endpoint.getKeystoreProvider(),
 -algorithm);
 +return getTrustManagers(truststoreType, 
 endpoint.getTruststoreProvider(), algorithm);
  }

  @Override

 Modified: tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml
 URL: 
 http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml?rev=1677971r1=1677970r2=1677971view=diff
 ==
 --- tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml (original)
 +++ tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml Wed May  6 12:36:50 2015
 @@ -128,6 +128,12 @@
  bug57837/bug: Add codetext/css/code to the default list of
  compressable MIME types. (markt)
/fix
 +  fix
 +For the JSSE based TLS connectors, use the
 +codetruststoreProvider/code rather than the
 +codekeystoreProvider/code when creating the
 +codeTrustManager/codes. (markt)
 +  /fix
  /changelog
/subsection
subsection name=Jasper


 Hi!

 I voted for TC 6 backport of this revision, but on further review
 there are two problems:

 1. In other place that calls endpoint.getTruststoreProvider() --
 JSSESocketFactory.getTrustStore()  -- there is some logic to fallback
 to getKeystoreProvider(). It also consults a system property.

 If we call endpoint.getTruststoreProvider() directly then there is no
 such fallback logic.
 
 I'll look at fixing that.
 
 2. The patch is not applicable to Tomcat 6 as is, as its endpoint
 classes do not have getTruststoreProvider() method.

 Searching for truststoreProvider I see that documentation mentions
 such option in config/http.xml, and the code in
 JSSESocketFactory.getTrustStore() does

 String truststoreProvider =
 (String)attributes.get(truststoreProvider);

 instead of using a getter method.
 
 Once I fix the first issue, I'll put together a specific 6.0.x patch.

Looking at this again, I don't think the original patch was correct. I
need to spend some more time on this.

Mark


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

svn commit: r1678020 - /tomcat/tc6.0.x/trunk/STATUS.txt

2015-05-06 Thread markt 
Author: markt
Date: Wed May  6 15:07:06 2015
New Revision: 1678020

URL: http://svn.apache.org/r1678020
Log:
Withdraw the patch

Modified:
tomcat/tc6.0.x/trunk/STATUS.txt

Modified: tomcat/tc6.0.x/trunk/STATUS.txt
URL: 
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/STATUS.txt?rev=1678020r1=1678019r2=1678020view=diff
==
--- tomcat/tc6.0.x/trunk/STATUS.txt (original)
+++ tomcat/tc6.0.x/trunk/STATUS.txt Wed May  6 15:07:06 2015
@@ -70,13 +70,6 @@ PATCHES PROPOSED TO BACKPORT:
   -1:
 
 
-* Use the truststoreProvider rather than the keystoreProvider for the trust
-  manager
-  http://svn.apache.org/r1677971
-  +1: markt, kkolinko, jfclere
-  -1:
-
-
 PATCHES/ISSUES THAT ARE STALLED:
 
 * Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=44312



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

svn commit: r1678024 - in /tomcat/tc8.0.x/trunk: ./ java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java webapps/docs/changelog.xml

2015-05-06 Thread markt 
Author: markt
Date: Wed May  6 15:11:02 2015
New Revision: 1678024

URL: http://svn.apache.org/r1678024
Log:
Revert r1677967.

Modified:
tomcat/tc8.0.x/trunk/   (props changed)

tomcat/tc8.0.x/trunk/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java
tomcat/tc8.0.x/trunk/webapps/docs/changelog.xml

Propchange: tomcat/tc8.0.x/trunk/
--
--- svn:mergeinfo (original)
+++ svn:mergeinfo Wed May  6 15:11:02 2015
@@ -1 +1 @@
-/tomcat/trunk:1636524,1637156,1637176,1637188,1637331,1637684,1637695,1638720-1638725,1639653,1640010,1640083-1640084,1640088,1640275,1640322,1640347,1640361,1640365,1640403,1640410,1640652,1640655-1640658,1640688,1640700-1640883,1640903,1640976,1640978,1641000,1641026,1641038-1641039,1641051-1641052,1641058,1641064,1641300,1641369,1641374,1641380,1641486,1641634,1641656-1641692,1641704,1641707-1641718,1641720-1641722,1641735,1641981,1642233,1642280,1642554,1642564,1642595,1642606,1642668,1642679,1642697,1642699,1642766,1643002,1643045,1643054-1643055,1643066,1643121,1643128,1643206,1643209-1643210,1643216,1643249,1643270,1643283,1643309-1643310,1643323,1643365-1643366,1643370-1643371,1643465,1643474,1643536,1643570,1643634,1643649,1643651,1643654,1643675,1643731,1643733-1643734,1643761,1643766,1643814,1643937,1643963,1644017,1644169,1644201-1644203,1644321,1644323,1644516,1644523,1644529,1644535,1644730,1644768,1644784-1644785,1644790,1644793,1644815,1644884,1644886,1644890,1644892
 
,1644910,1644924,1644929-1644930,1644935,1644989,1645011,1645247,1645355,1645357-1645358,1645455,1645465,1645469,1645471,1645473,1645475,1645486-1645488,1645626,1645641,1645685,1645743,1645763,1645951-1645953,1645955,1645993,1646098-1646106,1646178,1646220,1646302,1646304,1646420,1646470-1646471,1646476,1646559,1646717-1646723,1646773,1647026,1647042,1647530,1647655,1648304,1648815,1648907,1650081,1650365,1651116,1651120,1651280,1651470,1652938,1652970,1653041,1653471,1653550,1653574,1653797,1653815-1653816,1653819,1653840,1653857,1653888,1653972,1654013,1654030,1654050,1654123,1654148,1654159,1654513,1654515,1654517,1654522,1654524,1654725,1654735,1654766,1654785,1654851-1654852,1654978,1655122-1655124,1655126-1655127,1655129-1655130,1655132-1655133,1655312,1655438,1655441,1655454,168,1656087,1656299,1656319,1656331,1656345,1656350,1656590,1656648-1656650,1656657,1657041,1657054,1657374,1657492,1657510,1657565,1657580,1657584,1657586,1657589,1657592,1657607,1657609,1657682,1657
 
907,1658207,1658734,1658781,1658790,1658799,1658802,1658804,1658833,1658840,1658966,1659043,1659053,1659059,1659188-1659189,1659216,1659263,1659293,1659304,1659306-1659307,1659382,1659384,1659428,1659471,1659486,1659505,1659516,1659521,1659524,1659559,1659562,1659803,1659806,1659814,1659833,1659862,1659905,1659919,1659948,1659967,1659983-1659984,1660060,1660074,1660077,1660133,1660168,1660331-1660332,1660353,1660358,1660924,1661386,1661867,1661972,1661990,1662200,1662308-1662309,1662548,1662614,1662736,1662985,1662988-1662989,1663264,1663277,1663298,1663534,1663562,1663676,1663715,1663754,1663768,1663772,1663781,1663893,1663995,1664143,1664163,1664174,1664301,1664317,1664347,1664657,1664659,1664710,1664863-1664864,1664866,1665085,1665292,1665559,1665653,1665661,1665672,1665694,1665697,1665736,1665779,1665976-1665977,1665980-1665981,1665985-1665986,1665989,1665998,1666004,1666008,1666013,1666017,1666024,1666116,1666386-1666387,1666494,1666496,1666552,1666569,1666579,137,149,1
 
666757,1666966,1666972,1666985,1666995,1666997,1667292,1667402,1667406,1667546,1667615,1667630,1667636,1667688,1667764,1667871,1668026,1668135,1668193,1668593,1668596,1668630,1668639,1668843,1669353,1669370,1669451,1669800,1669838,1669876,1669882,1670394,1670433,1670591,1670598-1670600,1670610,1670631,1670719,1670724,1670726,1670730,1670940,1671112,1672272,1672284,1673754,1674294,1675461,1675486,1675594,1675830,1676231,1676250-1676251,1676364,1676381,1676393,1676479,1676525,1676552,1676615,1676630,1676634,1676721,1676926,1676943,1677140,1677802,1677966,1678011

svn commit: r1678022 - in /tomcat/tc7.0.x/trunk: ./ java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java webapps/docs/changelog.xml

2015-05-06 Thread markt 
Author: markt
Date: Wed May  6 15:09:53 2015
New Revision: 1678022

URL: http://svn.apache.org/r1678022
Log:
Revert r1677971.

Modified:
tomcat/tc7.0.x/trunk/   (props changed)

tomcat/tc7.0.x/trunk/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java
tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml

Propchange: tomcat/tc7.0.x/trunk/
--
--- svn:mergeinfo (original)
+++ svn:mergeinfo Wed May  6 15:09:53 2015
@@ -1,2 +1,2 @@
-/tomcat/tc8.0.x/trunk:1636525,1637336,1637685,1637709,1638726,1640089,1640276,1640349,1640363,1640366,1640642,1640672,1640674,1640689,1640884,1641001,1641065,1641067,1641375,1641638,1641723,1641726,1641729-1641730,1641736,1641988,1642669-1642670,1642698,1642701,1643205,1643215,1643217,1643230,1643232,1643273,1643285,1643329-1643330,1643511,1643513,1643521,1643539,1643571,1643581-1643582,1643635,1643655,1643738,1643964,1644018,1644333,1644954,1644992,1645014,1645360,1645456,1645627,1645642,1645686,1645903-1645904,1645908-1645909,1645913,1645920,1646458,1646460-1646462,1646735,1646738-1646741,1646744,1646746,1646748-1646755,1646757,1646759-1646760,1647043,1648816,1651420-1651422,1651844,1652926,1652939-1652940,1652973,1653798,1653817,1653841,1654042,1654161,1654736,1654767,1654787,1656592,1662986,1663265,1663278,1663325,1663535,1663567,1663679,1663997,1664175,1664321,1664872,1665061,1665086,1666027,1666395,1666503,1666506,1666560,1666570,1666581,1666759,1666967,1666988,1667553-1667555
 
,1667558,1667617,1667633,1667637,1667747,1667767,1667873,1668028,1668137,1668634,1669432,1669801,1669840,1669895-1669896,1670398,1670435,1670592,1670605-1670607,1670609,1670632,1670720,1670725,1670727,1670731,1671114,1672273,1672285,1673759,1674220,1674295,1675469,1675488,1675595,1675831,1676232,1676367-1676369,1676382,1676394,1676483,1676556,1676635,1677967
-/tomcat/trunk:1156115-1157160,1157162-1157859,1157862-1157942,1157945-1160347,1160349-1163716,1163718-1166689,1166691-1174340,1174342-1175596,1175598-1175611,1175613-1175932,1175934-1177783,1177785-1177980,1178006-1180720,1180722-1183094,1183096-1187753,1187755,1187775,1187801,1187806,1187809,1187826-1188312,1188314-1188401,1188646-1188840,1188842-1190176,1190178-1195223,1195225-1195953,1195955,1195957-1201238,1201240-1203345,1203347-1206623,1206625-1208046,1208073,1208096,1208114,1208145,1208772,1209194-1212125,1212127-1220291,1220293,1220295-1221321,1221323-1222329,1222332-1222401,1222405-1222795,1222850-1222950,1222969-1225326,1225328-1225463,1225465,1225627,1225629-1226534,1226536-1228908,1228911-1228923,1228927-1229532,1229534-1230766,1230768-1231625,1231627-1233414,1233419-1235207,1235209-1237425,1237427,1237429-1237977,1237981,1237985,1237995,1238070,1238073,1239024-1239048,1239050-1239062,1239135,1239256,1239258-1239485,1239785-1240046,1240101,1240106,1240109,1240112,1240114
 
,1240116,1240118,1240121,1240329,1240474-1240850,1240857,1241087,1241160,1241408-1241822,1241908-1241909,1241912-1242110,1242371-1292130,1292134-1292458,1292464-1292670,1292672-1292776,1292780-1293392,1293397-1297017,1297019-1297963,1297965-1299820,1300108,1300111-1300460,1300520-1300948,1300997,1301006,1301280,1302332,1302348,1302608-1302610,1302649,1302837,1303138,1303163,1303338,1303521,1303587,1303698,1303803,1303852,1304011,1304035,1304037,1304135,1304249,1304253,1304260,1304271,1304275,1304468,1304895,1304930-1304932,1305194,1305943,1305965,1306556,1306579-1306580,1307084,1307310,1307511-1307512,1307579,1307591,1307597,1310636,1310639-1310640,1310642,1310701,1311212,1311995,1327617,1327670,1331766,1333161,1333173,1333827,1334787,1335026,1335257,1335547,1335692,1335711,1335731,1336515,1336813,1336864,1336868,1336884,1337419,1337426,1337546,1337572,1337591-1337595,1337643,1337707,1337719,1337734,1337741,1337745,1338151-1338154,1338178,1342027,1342029,1342315,1342320,1342476,1342
 
498,1342503,1342717,1342795,1342805,1343044-1343046,1343335,1343394,1343400,1343629,1343708,1343718,1343895,1344063,1344068,1344250,1344266,1344515,1344528,1344612,1344629,1344725,1344868,1344890,1344893,1344896,1344901,1345020,1345029,1345039,1345287-1345290,1345294,1345309,1345325,1345357,1345367,1345579-1345580,1345582,1345688,1345699,1345704,1345731-1345732,1345737,1345744,1345752,1345754,1345779,1345781,1345846,1346107,1346365,1346376,1346404,1346510,1346514,1346519,1346581,1346635,1346644,1346683,1346794,1346885,1346932,1347034,1347047,1347087,1347108-1347109,1347583,1347737,1348105,1348357,1348398,1348425,1348461-1348495,1348498,1348752,1348762,1348772,1348776,1348859,1348968,1348973,1348989,1349007,1349237,1349298,1349317,1349410,1349473,1349539,1349879,1349887,1349893,1349922,1349984,1350124,1350241,1350243,1350294-1350295,1350299,1350864,1350900,1351010,1351054,1351056,1351068,1351134-1351135,1351148,1351259,1351604,1351636-1351640,1351991,1351993,1352011,1352056,1352059,1

[GUMP@vmgump]: Project tomcat-tc8.0.x-test-apr (in module tomcat-8.0.x) failed

2015-05-06 Thread Bill Barker 
To whom it may engage...

This is an automated request, but not an unsolicited one. For 
more information please visit http://gump.apache.org/nagged.html, 
and/or contact the folk at gene...@gump.apache.org.

Project tomcat-tc8.0.x-test-apr has an issue affecting its community 
integration.
This issue affects 1 projects,
 and has been outstanding for 4 runs.
The current state of this project is 'Failed', with reason 'Build Failed'.
For reference only, the following projects are affected by this:
- tomcat-tc8.0.x-test-apr :  Tomcat 8.x, a web server implementing the Java 
Servlet 3.1,
...


Full details are available at:

http://vmgump.apache.org/gump/public/tomcat-8.0.x/tomcat-tc8.0.x-test-apr/index.html

That said, some information snippets are provided here.

The following annotations (debug/informational/warning/error messages) were 
provided:
 -DEBUG- Dependency on commons-daemon exists, no need to add for property 
commons-daemon.native.src.tgz.
 -DEBUG- Dependency on commons-daemon exists, no need to add for property 
tomcat-native.tar.gz.
 -INFO- Failed with reason build failed
 -INFO- Project Reports in: 
/srv/gump/public/workspace/tomcat-8.0.x/output/logs-APR
 -INFO- Project Reports in: 
/srv/gump/public/workspace/tomcat-8.0.x/output/test-tmp-APR/logs



The following work was performed:
http://vmgump.apache.org/gump/public/tomcat-8.0.x/tomcat-tc8.0.x-test-apr/gump_work/build_tomcat-8.0.x_tomcat-tc8.0.x-test-apr.html
Work Name: build_tomcat-8.0.x_tomcat-tc8.0.x-test-apr (Type: Build)
Work ended in a state of : Failed
Elapsed: 35 mins 53 secs
Command Line: /usr/lib/jvm/java-8-oracle/bin/java -Djava.awt.headless=true 
-Dbuild.sysclasspath=only org.apache.tools.ant.Main 
-Dgump.merge=/srv/gump/public/gump/work/merge.xml 
-Djunit.jar=/srv/gump/public/workspace/junit/target/junit-4.13-SNAPSHOT.jar 
-Dobjenesis.jar=/srv/gump/public/workspace/objenesis/main/target/objenesis-2.2-SNAPSHOT.jar
 -Dtest.reports=output/logs-APR 
-Dtomcat-native.tar.gz=/srv/gump/public/workspace/apache-commons/daemon/dist/bin/commons-daemon-20150507-native-src.tar.gz
 -Dexamples.sources.skip=true 
-Djdt.jar=/srv/gump/packages/eclipse/plugins/R-4.4-201406061215/ecj-4.4.jar 
-Dtest.apr.loc=/srv/gump/public/workspace/tomcat-native/dest-20150507/lib 
-Dcommons-daemon.jar=/srv/gump/public/workspace/apache-commons/daemon/dist/commons-daemon-20150507.jar
 
-Dcommons-daemon.native.src.tgz=/srv/gump/public/workspace/apache-commons/daemon/dist/bin/commons-daemon-20150507-native-src.tar.gz
 -Dtest.temp=output/test-tmp-APR -Dtest.accesslog=true -Dexecute.test.nio=false 
-Dtest
 
.openssl.path=/srv/gump/public/workspace/openssl-1.0.2/dest-20150507/bin/openssl
 -Dexecute.test.bio=false -Dexecute.test.apr=true 
-Dtest.excludePerformance=true -Dexecute.test.nio2=false 
-Deasymock.jar=/srv/gump/public/workspace/easymock/easymock/target/easymock-3.4-SNAPSHOT.jar
 -Dhamcrest.jar=/srv/gump/packages/hamcrest/hamcrest-core-1.3.jar 
-Dcglib.jar=/srv/gump/packages/cglib/cglib-nodep-2.2.jar test 
[Working Directory: /srv/gump/public/workspace/tomcat-8.0.x]
CLASSPATH: 
/usr/lib/jvm/java-8-oracle/lib/tools.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/webapps/examples/WEB-INF/classes:/srv/gump/public/workspace/tomcat-8.0.x/output/testclasses:/srv/gump/public/workspace/ant/dist/lib/ant.jar:/srv/gump/public/workspace/ant/dist/lib/ant-launcher.jar:/srv/gump/public/workspace/ant/dist/lib/ant-jmf.jar:/srv/gump/public/workspace/ant/dist/lib/ant-junit.jar:/srv/gump/public/workspace/ant/dist/lib/ant-junit4.jar:/srv/gump/public/workspace/ant/dist/lib/ant-swing.jar:/srv/gump/public/workspace/ant/dist/lib/ant-apache-resolver.jar:/srv/gump/public/workspace/ant/dist/lib/ant-apache-xalan2.jar:/srv/gump/public/workspace/xml-commons/java/build/resolver.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/bin/bootstrap.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/bin/tomcat-juli.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/lib/annotations-api.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/lib/servlet-api.ja

Re: Tomcat Grid

2015-05-06 Thread Alarcón Vladimir 
As requested, I will do a write-up of the high-level architecture, and a list 
of features in phases.

In terms of security I think the command-line interface could be secured by 
definition since it will be only available on the prod environment (or qa, or 
test, or dev respectively). In prod I only use vlans. The whole set of machines 
is isolated from other network segments all the time. To access them the 
firewall only allows me to get into the machines through a specific port, but 
this will depend on the security on each environment.

The web interface is probably a little bit different. We will probably like to 
allow users to connect remotely, but from a secured net segment only available 
though a vpn or similar. In any case, it will be available over HTTPS only and 
will need to have user/pass security at the very least. Other options can be 
considered.

On the Informing the LB question, the tool architecture as I see it will 
include hooks (related to events), so custom scripts could be added to suit 
specific needs of each installation/environment. This way the end user could 
the hooks to implement integration points to other systems.

Vlad


On Wed, 5/6/15, Christopher Schultz ch...@christopherschultz.net wrote:

 Subject: Re: Tomcat Grid
 To: Tomcat Developers List dev@tomcat.apache.org
 Date: Wednesday, May 6, 2015, 10:11 AM
 
 Andrew,
 
 On 5/6/15 9:21 AM, Andrew Carr wrote:
  I can see security of this tool being paramount. 
 What if you had a large
  cluster and someone else was able to manipulate it
 using this tool?
 
 If it's built on secure building blocks, such as
 public-key-based ssh
 authentication, or TLS client certificates, then I think it
 would be
 reasonably secure.
 
 Another option is a VPN or VLAN, or a separate physical
 network.
 
 We use the latter technique to communicate between our
 application
 servers and database servers to avoid the overhead of
 encryption.
 
 -chris
 
  On Tue, May 5, 2015 at 4:50 PM, Christopher Schultz
 
  ch...@christopherschultz.net
 wrote:
  
  Chris,
 
  On 5/5/15 4:39 PM, Chris Aguirre wrote:
  I actually use Windows Powershell to execute
 commands on remote machines,
  including stopping/starting Tomcat (and other
 Windows Services).
 
  This works well for me - but in this case, I
 have complete control of all
  the VMs - and they are not Production Servers.
 
  I used the following articles as reference for
 creating the Powershell
  scripts:
 
 
  http://www.howtogeek.com/117192/how-to-run-powershell-commands-on-remote-computers/
 
 
  http://stackoverflow.com/questions/6239647/using-powershell-credentials-without-being-prompted-for-a-password
 
  That's great. *NIX also has ssh which can be used
 to execute remote
  commands, but that's not the hard part.
 
  The hard part is planning a regular configuration
 that can be deployed
  to possibly hundreds of separate machines (virtual
 or physical) and then
  controlled in a sane way.
 
  For instance, let's say that I have 12 machines in
 two separate
  clusters. If I want to shutdown 3 machines in each
 cluster, I have to
  execute a flurry of commands like these:
 
  $ ssh -c user@server1
 /path/to/tomcat/shutdown.sh
  $ ssh -c user@server2
 /path/to/tomcat/shutdown.sh
  $ ssh -c user@server3
 /path/to/tomcat/shutdown.sh
 
  $ ssh -c user@server7
 /path/to/tomcat/shutdown.sh
  $ ssh -c user@server8
 /path/to/tomcat/shutdown.sh
  $ ssh -c user@server9
 /path/to/tomcat/shutdown.sh
 
  If I had a tool that understood my deployment
 configuration, I could do
  something like this:
 
  $ cluster shutdown 1 2 3 7 8 9
 
  If the tool was *really* nice, it might inform my
 load-balancer that the
  nodes would be coming down as well.
 
  If it was super-nice, a tool would allow me to
 schedule a shutdown of
  nodes in the near future. For example, say I want
 to take those same
  nodes offline, but I want to disable them at the
 lb, then wait for their
  sticky sessions to drain folly before stopping each
 Tomcat instance. And
  since I don't want to watch the tool while it
 waits, I want to get an
  email or SMS confirmation when each node goes
 down.
 
  Maybe I can get integration into monitoring tools
 as well, so when I
  intentionally take a node offline, I don't get a
 bunch of text messages
  telling me that a server has gone down.
 
  These are the kinds of things that a grid tool
 could do to help.
 
  Being able to execute remote commands is just one
 of the primitive
  operations of this kind of thing.
 
  -chris
 
 
  
  


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org