[tomcat] branch 8.5.x updated: Added test properties test.openssl.unimplemented to skip unimpl ciphers
This is an automated email from the ASF dual-hosted git repository. isapir pushed a commit to branch 8.5.x in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/8.5.x by this push: new 7918a06 Added test properties test.openssl.unimplemented to skip unimpl ciphers 7918a06 is described below commit 7918a065253b7a1bd4628b8be117c443d8e2d188 Author: Igal Sapir AuthorDate: Sat Mar 23 10:20:48 2019 -0700 Added test properties test.openssl.unimplemented to skip unimpl ciphers Some distributions do not include all of the ciphers, resulting in false positives in unit tests. For example, the ciphers ARIA and IDEA are disabled in Debian. The newly added property allows to skip them by specifying: test.openssl.unimplemented=ARIA,IDEA --- build.xml | 1 + .../tomcat/util/net/openssl/ciphers/TesterOpenSSL.java | 13 - 2 files changed, 13 insertions(+), 1 deletion(-) diff --git a/build.xml b/build.xml index aa2da3a..179802b 100644 --- a/build.xml +++ b/build.xml @@ -1474,6 +1474,7 @@ + diff --git a/test/org/apache/tomcat/util/net/openssl/ciphers/TesterOpenSSL.java b/test/org/apache/tomcat/util/net/openssl/ciphers/TesterOpenSSL.java index fc2514d..91ac42e 100644 --- a/test/org/apache/tomcat/util/net/openssl/ciphers/TesterOpenSSL.java +++ b/test/org/apache/tomcat/util/net/openssl/ciphers/TesterOpenSSL.java @@ -307,6 +307,18 @@ public class TesterOpenSSL { unimplemented.add(Cipher.TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384); } +String skipCiphers = System.getProperty("tomcat.test.openssl.unimplemented", ""); +if (!skipCiphers.isEmpty()) { +String[] skip = skipCiphers.split(","); +for (Cipher c : Cipher.values()) { +for (String s : skip) { +if (c.toString().contains(s)) { +unimplemented.add(c); +} +} +} +} + OPENSSL_UNIMPLEMENTED_CIPHERS = Collections.unmodifiableSet(unimplemented); Map renamed = new HashMap<>(); @@ -346,7 +358,6 @@ public class TesterOpenSSL { result.add(cipher); } return result; - } - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 63281] New: Hacker
https://bz.apache.org/bugzilla/show_bug.cgi?id=63281 Bug ID: 63281 Summary: Hacker Product: Taglibs Version: nightly Hardware: Other OS: OpenVMS Status: NEW Severity: major Priority: P2 Component: DateTime Taglib Assignee: dev@tomcat.apache.org Reporter: jeffreymbra...@gmail.com CC: b...@httpd.apache.org Depends on: 63280 Target Milestone: --- +++ This bug was initially created as a clone of Bug #63280 +++ Referenced Bugs: https://bz.apache.org/bugzilla/show_bug.cgi?id=63280 [Bug 63280] Hacker -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: Is it possible to modify the commit email template?
On Fri, Mar 22, 2019 at 10:07 AM Mark Thomas wrote: > You'll need to talk to infra. If you provide a patch I suspect it would > be accepted gratefully. > Awesome! Very efficient process, and they are very responsive on Slack. This [1] should be available in the next notification email. Thanks, Igal [1] https://github.com/apache/infrastructure-puppet/pull/1489/files https://ci.apache.org/builders/infrastructure-puppet-deployment/builds/4228 > > Mark > > > On 22/03/2019 16:40, Igal Sapir wrote: > > Is it possible to add a URL to the commit email templates so that it's > > easier to see the diff? > > > > For example, the email titled "[tomcat] branch 7.0.x updated: Generics: > > BasicDataSource" has a commit hash of 153757518621f906d3a223836b8d80 > > > > If we could prefix it as below it can become a link to a colorful diff > > which is much easier to read than the one in the email: > > > > > https://gitbox.apache.org/repos/asf?p=tomcat.git;a=commitdiff;h=153757518621f906d3a223836b8d80 > > > > Thanks, > > > > Igal > > > > > - > To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org > For additional commands, e-mail: dev-h...@tomcat.apache.org > >
[Bug 63279] Tomcat 8.5 freezes in j_security_check with JDBCRealm
https://bz.apache.org/bugzilla/show_bug.cgi?id=63279 Felix Schumacher changed: What|Removed |Added Status|NEW |RESOLVED Resolution|--- |INVALID --- Comment #3 from Felix Schumacher --- It looks like you have a problem with your database or the connection to your database. The stacktraces show, that the jdbc part is hanging. Tomcat can't do anything about that. You should try to use DataSourceRealm instead of JDBCRealm, as the latter uses only one connection to the database, where the former allows the driver to pool connections. This will not help with your flaky db connection, but it will allow the other requests to try another connection while the broken one is paused. All in all this seems to be a problem for the users mailing list and not a bug. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: Test Case Ciphers (was: Release Apache Tomcat 8.5.38)
Emmanuel, On Tue, Feb 5, 2019 at 11:45 AM Igal Sapir wrote: > On Tue, Feb 5, 2019 at 11:12 AM Emmanuel Bourg wrote: > >> Le 05/02/2019 à 19:02, Igal Sapir a écrit : >> >> > Do you get any "missing ciphers" errors or not even that? I always get >> > some test cases fail due to mismatching ciphers, which I accept as false >> > positives, so I wonder about that. >> >> Yes that's normal, some ciphers are disabled in Debian (IDEA and ARIA). >> There is a patch adjusting the tests accordingly: >> >> >> https://salsa.debian.org/java-team/tomcat8/blob/master/debian/patches/0021-dont-test-unsupported-ciphers.patch >> >> Emmanuel Bourg >> > > I see. That makes sense, thanks. > > What do you guys think if I add a system property like > `test.unimplementedciphers` with an empty default, which can be used, e.g.: > > test.unimplementedciphers=ARIA,IDEA > > Then any cipher that has in its name the substring ARIA or IDEA will be > skipped? > Please see https://github.com/apache/tomcat/commit/a9c1a0661198d9ba37c1facd8385fe05d538c4ad based on your input. Best, Igal
[tomcat] branch master updated: Added test properties test.openssl.unimplemented to skip unimpl ciphers
This is an automated email from the ASF dual-hosted git repository. isapir pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/master by this push: new a9c1a06 Added test properties test.openssl.unimplemented to skip unimpl ciphers a9c1a06 is described below commit a9c1a0661198d9ba37c1facd8385fe05d538c4ad Author: Igal Sapir AuthorDate: Sat Mar 23 10:20:48 2019 -0700 Added test properties test.openssl.unimplemented to skip unimpl ciphers Some distributions do not include all of the ciphers, resulting in false positives in unit tests. For example, the ciphers ARIA and IDEA are disabled in Debian. The newly added property allows to skip them by specifying: test.openssl.unimplemented=ARIA,IDEA --- build.xml | 1 + .../tomcat/util/net/openssl/ciphers/TesterOpenSSL.java | 13 - 2 files changed, 13 insertions(+), 1 deletion(-) diff --git a/build.xml b/build.xml index 0453191..727c2fc 100644 --- a/build.xml +++ b/build.xml @@ -1623,6 +1623,7 @@ + diff --git a/test/org/apache/tomcat/util/net/openssl/ciphers/TesterOpenSSL.java b/test/org/apache/tomcat/util/net/openssl/ciphers/TesterOpenSSL.java index fc2514d..91ac42e 100644 --- a/test/org/apache/tomcat/util/net/openssl/ciphers/TesterOpenSSL.java +++ b/test/org/apache/tomcat/util/net/openssl/ciphers/TesterOpenSSL.java @@ -307,6 +307,18 @@ public class TesterOpenSSL { unimplemented.add(Cipher.TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384); } +String skipCiphers = System.getProperty("tomcat.test.openssl.unimplemented", ""); +if (!skipCiphers.isEmpty()) { +String[] skip = skipCiphers.split(","); +for (Cipher c : Cipher.values()) { +for (String s : skip) { +if (c.toString().contains(s)) { +unimplemented.add(c); +} +} +} +} + OPENSSL_UNIMPLEMENTED_CIPHERS = Collections.unmodifiableSet(unimplemented); Map renamed = new HashMap<>(); @@ -346,7 +358,6 @@ public class TesterOpenSSL { result.add(cipher); } return result; - } - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 63279] Tomcat 8.5 freezes in j_security_check with JDBCRealm
https://bz.apache.org/bugzilla/show_bug.cgi?id=63279 --- Comment #2 from Leos Literak --- Created attachment 36496 --> https://bz.apache.org/bugzilla/attachment.cgi?id=36496=edit relevant parts of catalina logs -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 63279] Tomcat 8.5 freezes in j_security_check with JDBCRealm
https://bz.apache.org/bugzilla/show_bug.cgi?id=63279 --- Comment #1 from Leos Literak --- Created attachment 36495 --> https://bz.apache.org/bugzilla/attachment.cgi?id=36495=edit complete thread dump -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 63279] New: Tomcat 8.5 freezes in j_security_check with JDBCRealm
https://bz.apache.org/bugzilla/show_bug.cgi?id=63279 Bug ID: 63279 Summary: Tomcat 8.5 freezes in j_security_check with JDBCRealm Product: Tomcat 8 Version: 8.5.34 Hardware: PC OS: Linux Status: NEW Severity: normal Priority: P2 Component: Catalina Assignee: dev@tomcat.apache.org Reporter: liter...@centrum.cz Target Milestone: It happens irregularly but almost every day a user submitting his credentials must wait many minutes to finish the authentication. The browser is waiting for a response. Restarting the tomcat will help for some time. Postgresql is running fine and it has enough capacity to handle new connections. We fight with it for the second week and we tried virtually everything. *Environment:* Tomcat 8.5.34 postgresql-42.2.5 1.8.0_162-b12 on Linux *Configuration* *Threads* "https-jsse-nio-9443-exec-22" #149 daemon prio=5 os_prio=0 tid=0x7f7e4802d000 nid=0x257c runnable [0x7f7e29ea] java.lang.Thread.State: RUNNABLE at java.net.SocketInputStream.socketRead0(Native Method) at java.net.SocketInputStream.socketRead(SocketInputStream.java:116) at java.net.SocketInputStream.read(SocketInputStream.java:171) at sun.security.ssl.InputRecord.readFully(InputRecord.java:465) at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:983) - locked <0xe5190b70> (a java.lang.Object) at sun.security.ssl.SSLSocketImpl.readDataRecord(SSLSocketImpl.java:940) at sun.security.ssl.AppInputStream.read(AppInputStream.java:105) - locked <0xe5191c38> (a sun.security.ssl.AppInputStream) at org.postgresql.core.VisibleBufferedInputStream.readMore(VisibleBufferedInputStream.java:140) at org.postgresql.core.VisibleBufferedInputStream.ensureBytes(VisibleBufferedInputStream.java:109) at org.postgresql.core.VisibleBufferedInputStream.read(VisibleBufferedInputStream.java:67) at org.postgresql.core.PGStream.receiveChar(PGStream.java:306) at org.postgresql.core.v3.QueryExecutorImpl.processResults(QueryExecutorImpl.java:1952) at org.postgresql.core.v3.QueryExecutorImpl.execute(QueryExecutorImpl.java:308) - locked <0xe5192a40> (a org.postgresql.core.v3.QueryExecutorImpl) at org.postgresql.jdbc.PgStatement.executeInternal(PgStatement.java:441) at org.postgresql.jdbc.PgStatement.execute(PgStatement.java:365) at org.postgresql.jdbc.PgPreparedStatement.executeWithFlags(PgPreparedStatement.java:143) at org.postgresql.jdbc.PgPreparedStatement.executeQuery(PgPreparedStatement.java:106) at org.apache.catalina.realm.JDBCRealm.getPassword(JDBCRealm.java:538) - locked <0xe00351f0> (a org.apache.catalina.realm.JDBCRealm) at org.apache.catalina.realm.JDBCRealm.authenticate(JDBCRealm.java:385) - locked <0xe00351f0> (a org.apache.catalina.realm.JDBCRealm) at org.apache.catalina.realm.JDBCRealm.authenticate(JDBCRealm.java:328) - locked <0xe00351f0> (a org.apache.catalina.realm.JDBCRealm) at org.apache.catalina.authenticator.FormAuthenticator.doAuthenticate(FormAuthenticator.java:264) *Logs* Mar 07, 2019 2:53:54 PM org.apache.catalina.realm.JDBCRealm getPassword SEVERE: Exception performing authentication org.postgresql.util.PSQLException: An I/O error occurred while sending to the backend. at org.postgresql.core.v3.QueryExecutorImpl.execute(QueryExecutorImpl.java:335) at org.postgresql.jdbc.PgStatement.executeInternal(PgStatement.java:441) Caused by: java.net.SocketException: Connection timed out (Read failed) at java.net.SocketInputStream.socketRead0(Native Method) -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org