date:20190323

[tomcat] branch 8.5.x updated: Added test properties test.openssl.unimplemented to skip unimpl ciphers

2019-03-23 Thread isapir

This is an automated email from the ASF dual-hosted git repository.

isapir pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/8.5.x by this push:
 new 7918a06  Added test properties test.openssl.unimplemented to skip 
unimpl ciphers
7918a06 is described below

commit 7918a065253b7a1bd4628b8be117c443d8e2d188
Author: Igal Sapir 
AuthorDate: Sat Mar 23 10:20:48 2019 -0700

Added test properties test.openssl.unimplemented to skip unimpl ciphers

Some distributions do not include all of the ciphers, resulting in false
positives in unit tests. For example, the ciphers ARIA and IDEA are
disabled in Debian. The newly added property allows to skip them by
specifying:

test.openssl.unimplemented=ARIA,IDEA
---
 build.xml   |  1 +
 .../tomcat/util/net/openssl/ciphers/TesterOpenSSL.java  | 13 -
 2 files changed, 13 insertions(+), 1 deletion(-)

diff --git a/build.xml b/build.xml
index aa2da3a..179802b 100644
--- a/build.xml
+++ b/build.xml
@@ -1474,6 +1474,7 @@
 
 
 
+
 
 
 
diff --git a/test/org/apache/tomcat/util/net/openssl/ciphers/TesterOpenSSL.java 
b/test/org/apache/tomcat/util/net/openssl/ciphers/TesterOpenSSL.java
index fc2514d..91ac42e 100644
--- a/test/org/apache/tomcat/util/net/openssl/ciphers/TesterOpenSSL.java
+++ b/test/org/apache/tomcat/util/net/openssl/ciphers/TesterOpenSSL.java
@@ -307,6 +307,18 @@ public class TesterOpenSSL {
 unimplemented.add(Cipher.TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384);
 }
 
+String skipCiphers = 
System.getProperty("tomcat.test.openssl.unimplemented", "");
+if (!skipCiphers.isEmpty()) {
+String[] skip = skipCiphers.split(",");
+for (Cipher c : Cipher.values()) {
+for (String s : skip) {
+if (c.toString().contains(s)) {
+unimplemented.add(c);
+}
+}
+}
+}
+
 OPENSSL_UNIMPLEMENTED_CIPHERS = 
Collections.unmodifiableSet(unimplemented);
 
 Map renamed = new HashMap<>();
@@ -346,7 +358,6 @@ public class TesterOpenSSL {
 result.add(cipher);
 }
 return result;
-
 }
 
 


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 63281] New: Hacker

2019-03-23 Thread bugzilla

https://bz.apache.org/bugzilla/show_bug.cgi?id=63281

Bug ID: 63281
   Summary: Hacker
   Product: Taglibs
   Version: nightly
  Hardware: Other
OS: OpenVMS
Status: NEW
  Severity: major
  Priority: P2
 Component: DateTime Taglib
  Assignee: dev@tomcat.apache.org
  Reporter: jeffreymbra...@gmail.com
CC: b...@httpd.apache.org
Depends on: 63280
  Target Milestone: ---

+++ This bug was initially created as a clone of Bug #63280 +++


Referenced Bugs:

https://bz.apache.org/bugzilla/show_bug.cgi?id=63280
[Bug 63280] Hacker
-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: Is it possible to modify the commit email template?

2019-03-23 Thread Igal Sapir

On Fri, Mar 22, 2019 at 10:07 AM Mark Thomas  wrote:

> You'll need to talk to infra. If you provide a patch I suspect it would
> be accepted gratefully.
>

Awesome!  Very efficient process, and they are very responsive on Slack.

This [1] should be available in the next notification email.

Thanks,

Igal

[1]
https://github.com/apache/infrastructure-puppet/pull/1489/files
https://ci.apache.org/builders/infrastructure-puppet-deployment/builds/4228



>
> Mark
>
>
> On 22/03/2019 16:40, Igal Sapir wrote:
> > Is it possible to add a URL to the commit email templates so that it's
> > easier to see the diff?
> >
> > For example, the email titled "[tomcat] branch 7.0.x updated: Generics:
> > BasicDataSource" has a commit hash of 153757518621f906d3a223836b8d80
> >
> > If we could prefix it as below it can become a link to a colorful diff
> > which is much easier to read than the one in the email:
> >
> >
> https://gitbox.apache.org/repos/asf?p=tomcat.git;a=commitdiff;h=153757518621f906d3a223836b8d80
> >
> > Thanks,
> >
> > Igal
> >
>
>
> -
> To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: dev-h...@tomcat.apache.org
>
>

[Bug 63279] Tomcat 8.5 freezes in j_security_check with JDBCRealm

2019-03-23 Thread bugzilla

https://bz.apache.org/bugzilla/show_bug.cgi?id=63279

Felix Schumacher  changed:

   What|Removed |Added

 Status|NEW |RESOLVED
 Resolution|--- |INVALID

--- Comment #3 from Felix Schumacher  ---
It looks like you have a problem with your database or the connection to your
database.

The stacktraces show, that the jdbc part is hanging. Tomcat can't do anything
about that.

You should try to use DataSourceRealm instead of JDBCRealm, as the latter uses
only one connection to the database, where the former allows the driver to pool
connections.

This will not help with your flaky db connection, but it will allow the other
requests to try another connection while the broken one is paused.

All in all this seems to be a problem for the users mailing list and not a bug.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: Test Case Ciphers (was: Release Apache Tomcat 8.5.38)

2019-03-23 Thread Igal Sapir

Emmanuel,

On Tue, Feb 5, 2019 at 11:45 AM Igal Sapir  wrote:

> On Tue, Feb 5, 2019 at 11:12 AM Emmanuel Bourg  wrote:
>
>> Le 05/02/2019 à 19:02, Igal Sapir a écrit :
>>
>> > Do you get any "missing ciphers" errors or not even that?  I always get
>> > some test cases fail due to mismatching ciphers, which I accept as false
>> > positives, so I wonder about that.
>>
>> Yes that's normal, some ciphers are disabled in Debian (IDEA and ARIA).
>> There is a patch adjusting the tests accordingly:
>>
>>
>> https://salsa.debian.org/java-team/tomcat8/blob/master/debian/patches/0021-dont-test-unsupported-ciphers.patch
>>
>> Emmanuel Bourg
>>
>
> I see.  That makes sense, thanks.
>
> What do you guys think if I add a system property like
> `test.unimplementedciphers` with an empty default, which can be used, e.g.:
>
> test.unimplementedciphers=ARIA,IDEA
>
> Then any cipher that has in its name the substring ARIA or IDEA will be
> skipped?
>

Please see
https://github.com/apache/tomcat/commit/a9c1a0661198d9ba37c1facd8385fe05d538c4ad
based on your input.

Best,

Igal

[tomcat] branch master updated: Added test properties test.openssl.unimplemented to skip unimpl ciphers

2019-03-23 Thread isapir

This is an automated email from the ASF dual-hosted git repository.

isapir pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/master by this push:
 new a9c1a06  Added test properties test.openssl.unimplemented to skip 
unimpl ciphers
a9c1a06 is described below

commit a9c1a0661198d9ba37c1facd8385fe05d538c4ad
Author: Igal Sapir 
AuthorDate: Sat Mar 23 10:20:48 2019 -0700

Added test properties test.openssl.unimplemented to skip unimpl ciphers

Some distributions do not include all of the ciphers, resulting in false
positives in unit tests. For example, the ciphers ARIA and IDEA are
disabled in Debian. The newly added property allows to skip them by
specifying:

test.openssl.unimplemented=ARIA,IDEA
---
 build.xml   |  1 +
 .../tomcat/util/net/openssl/ciphers/TesterOpenSSL.java  | 13 -
 2 files changed, 13 insertions(+), 1 deletion(-)

diff --git a/build.xml b/build.xml
index 0453191..727c2fc 100644
--- a/build.xml
+++ b/build.xml
@@ -1623,6 +1623,7 @@
 
 
 
+
 
 
 
diff --git a/test/org/apache/tomcat/util/net/openssl/ciphers/TesterOpenSSL.java 
b/test/org/apache/tomcat/util/net/openssl/ciphers/TesterOpenSSL.java
index fc2514d..91ac42e 100644
--- a/test/org/apache/tomcat/util/net/openssl/ciphers/TesterOpenSSL.java
+++ b/test/org/apache/tomcat/util/net/openssl/ciphers/TesterOpenSSL.java
@@ -307,6 +307,18 @@ public class TesterOpenSSL {
 unimplemented.add(Cipher.TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384);
 }
 
+String skipCiphers = 
System.getProperty("tomcat.test.openssl.unimplemented", "");
+if (!skipCiphers.isEmpty()) {
+String[] skip = skipCiphers.split(",");
+for (Cipher c : Cipher.values()) {
+for (String s : skip) {
+if (c.toString().contains(s)) {
+unimplemented.add(c);
+}
+}
+}
+}
+
 OPENSSL_UNIMPLEMENTED_CIPHERS = 
Collections.unmodifiableSet(unimplemented);
 
 Map renamed = new HashMap<>();
@@ -346,7 +358,6 @@ public class TesterOpenSSL {
 result.add(cipher);
 }
 return result;
-
 }
 
 


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 63279] Tomcat 8.5 freezes in j_security_check with JDBCRealm

2019-03-23 Thread bugzilla

https://bz.apache.org/bugzilla/show_bug.cgi?id=63279

--- Comment #2 from Leos Literak  ---
Created attachment 36496
  --> https://bz.apache.org/bugzilla/attachment.cgi?id=36496=edit
relevant parts of catalina logs

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 63279] Tomcat 8.5 freezes in j_security_check with JDBCRealm

2019-03-23 Thread bugzilla

https://bz.apache.org/bugzilla/show_bug.cgi?id=63279

--- Comment #1 from Leos Literak  ---
Created attachment 36495
  --> https://bz.apache.org/bugzilla/attachment.cgi?id=36495=edit
complete thread dump

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 63279] New: Tomcat 8.5 freezes in j_security_check with JDBCRealm

2019-03-23 Thread bugzilla

https://bz.apache.org/bugzilla/show_bug.cgi?id=63279

Bug ID: 63279
   Summary: Tomcat 8.5 freezes in j_security_check with JDBCRealm
   Product: Tomcat 8
   Version: 8.5.34
  Hardware: PC
OS: Linux
Status: NEW
  Severity: normal
  Priority: P2
 Component: Catalina
  Assignee: dev@tomcat.apache.org
  Reporter: liter...@centrum.cz
  Target Milestone: 

It happens irregularly but almost every day a user submitting his credentials
must wait many minutes to finish the authentication. The browser is waiting for
a response. Restarting the tomcat will help for some time. Postgresql is
running fine and it has enough capacity to handle new connections. We fight
with it for the second week and we tried virtually everything.

*Environment:*

Tomcat 8.5.34
postgresql-42.2.5
1.8.0_162-b12 on Linux

*Configuration*

 

 

*Threads*

"https-jsse-nio-9443-exec-22" #149 daemon prio=5 os_prio=0
tid=0x7f7e4802d000 nid=0x257c runnable [0x7f7e29ea]
java.lang.Thread.State: RUNNABLE
at java.net.SocketInputStream.socketRead0(Native Method)
at java.net.SocketInputStream.socketRead(SocketInputStream.java:116)
at java.net.SocketInputStream.read(SocketInputStream.java:171)
at sun.security.ssl.InputRecord.readFully(InputRecord.java:465)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:983)
- locked <0xe5190b70> (a java.lang.Object)
at sun.security.ssl.SSLSocketImpl.readDataRecord(SSLSocketImpl.java:940)
at sun.security.ssl.AppInputStream.read(AppInputStream.java:105)
- locked <0xe5191c38> (a sun.security.ssl.AppInputStream)
at
org.postgresql.core.VisibleBufferedInputStream.readMore(VisibleBufferedInputStream.java:140)
at
org.postgresql.core.VisibleBufferedInputStream.ensureBytes(VisibleBufferedInputStream.java:109)
at
org.postgresql.core.VisibleBufferedInputStream.read(VisibleBufferedInputStream.java:67)
at org.postgresql.core.PGStream.receiveChar(PGStream.java:306)
at
org.postgresql.core.v3.QueryExecutorImpl.processResults(QueryExecutorImpl.java:1952)
at org.postgresql.core.v3.QueryExecutorImpl.execute(QueryExecutorImpl.java:308)
- locked <0xe5192a40> (a org.postgresql.core.v3.QueryExecutorImpl)
at org.postgresql.jdbc.PgStatement.executeInternal(PgStatement.java:441)
at org.postgresql.jdbc.PgStatement.execute(PgStatement.java:365)
at
org.postgresql.jdbc.PgPreparedStatement.executeWithFlags(PgPreparedStatement.java:143)
at
org.postgresql.jdbc.PgPreparedStatement.executeQuery(PgPreparedStatement.java:106)
at org.apache.catalina.realm.JDBCRealm.getPassword(JDBCRealm.java:538)
- locked <0xe00351f0> (a org.apache.catalina.realm.JDBCRealm)
at org.apache.catalina.realm.JDBCRealm.authenticate(JDBCRealm.java:385)
- locked <0xe00351f0> (a org.apache.catalina.realm.JDBCRealm)
at org.apache.catalina.realm.JDBCRealm.authenticate(JDBCRealm.java:328)
- locked <0xe00351f0> (a org.apache.catalina.realm.JDBCRealm)
at
org.apache.catalina.authenticator.FormAuthenticator.doAuthenticate(FormAuthenticator.java:264)


*Logs*

Mar 07, 2019 2:53:54 PM org.apache.catalina.realm.JDBCRealm getPassword
SEVERE: Exception performing authentication
org.postgresql.util.PSQLException: An I/O error occurred while sending to the
backend.
at org.postgresql.core.v3.QueryExecutorImpl.execute(QueryExecutorImpl.java:335)
at org.postgresql.jdbc.PgStatement.executeInternal(PgStatement.java:441)

Caused by: java.net.SocketException: Connection timed out (Read failed)
at java.net.SocketInputStream.socketRead0(Native Method)

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch 8.5.x updated: Added test properties test.openssl.unimplemented to skip unimpl ciphers

[Bug 63281] New: Hacker

Re: Is it possible to modify the commit email template?

[Bug 63279] Tomcat 8.5 freezes in j_security_check with JDBCRealm

Re: Test Case Ciphers (was: Release Apache Tomcat 8.5.38)

[tomcat] branch master updated: Added test properties test.openssl.unimplemented to skip unimpl ciphers

[Bug 63279] Tomcat 8.5 freezes in j_security_check with JDBCRealm

[Bug 63279] Tomcat 8.5 freezes in j_security_check with JDBCRealm

[Bug 63279] New: Tomcat 8.5 freezes in j_security_check with JDBCRealm

9 matches

Site Navigation

Mail list logo

Footer information