[tomcat] branch 9.0.x updated: Ensure the overhead check runs after every frame
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch 9.0.x in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/9.0.x by this push: new f69662e Ensure the overhead check runs after every frame f69662e is described below commit f69662e539fde0a94ab36933676ac58c07911672 Author: Mark Thomas AuthorDate: Tue Sep 8 22:29:07 2020 +0100 Ensure the overhead check runs after every frame --- .../apache/coyote/http2/Http2UpgradeHandler.java | 11 + test/org/apache/coyote/http2/TestHttp2Limits.java | 27 ++ webapps/docs/changelog.xml | 4 3 files changed, 37 insertions(+), 5 deletions(-) diff --git a/java/org/apache/coyote/http2/Http2UpgradeHandler.java b/java/org/apache/coyote/http2/Http2UpgradeHandler.java index e63f174..a1434bf 100644 --- a/java/org/apache/coyote/http2/Http2UpgradeHandler.java +++ b/java/org/apache/coyote/http2/Http2UpgradeHandler.java @@ -340,11 +340,12 @@ class Http2UpgradeHandler extends AbstractStream implements InternalHttpUpgradeH } else { stream.close(se); } -} -if (overheadCount.get() > 0) { -throw new ConnectionException( - sm.getString("upgradeHandler.tooMuchOverhead", connectionId), -Http2Error.ENHANCE_YOUR_CALM); +} finally { +if (overheadCount.get() > 0) { +throw new ConnectionException( + sm.getString("upgradeHandler.tooMuchOverhead", connectionId), +Http2Error.ENHANCE_YOUR_CALM); +} } } diff --git a/test/org/apache/coyote/http2/TestHttp2Limits.java b/test/org/apache/coyote/http2/TestHttp2Limits.java index 97345a4..2fa0686 100644 --- a/test/org/apache/coyote/http2/TestHttp2Limits.java +++ b/test/org/apache/coyote/http2/TestHttp2Limits.java @@ -38,6 +38,33 @@ public class TestHttp2Limits extends Http2TestBase { private static final StringManager sm = StringManager.getManager(TestHttp2Limits.class); + +@Test +public void testSettingsOverheadLimits() throws Exception { +http2Connect(false); + +for (int i = 0; i < 100; i++) { +sendSettings(0, false); +parser.readFrame(true); +String trace = output.getTrace(); +if (trace.equals("0-Settings-Ack\n")) { +// Test continues +output.clearTrace(); +} else if (trace.startsWith("0-Goaway-[1]-[11]-[Connection [")) { +// Test passed +return; +} else { +// Test failed +Assert.fail("Unexpected output: " + output.getTrace()); +} +Thread.sleep(100); +} + +// Test failed +Assert.fail("Connection not closed down"); +} + + @Test public void testHeaderLimits1x128() throws Exception { // Well within limits diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml index 9c123f5..ecce19f 100644 --- a/webapps/docs/changelog.xml +++ b/webapps/docs/changelog.xml @@ -183,6 +183,10 @@ closed HTTP/2 streams as they triggered multiple regressions in the form of NullPointerExceptions. (markt) + +Ensure that the HTTP/2 overhead protection check is performed after +each HTTP/2 frame is processed. (markt) + - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 8.5.x updated: Ensure the overhead check runs after every frame
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch 8.5.x in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/8.5.x by this push: new 60b3683 Ensure the overhead check runs after every frame 60b3683 is described below commit 60b3683848c5d7eec8117eaf7dcadd7dae0182ed Author: Mark Thomas AuthorDate: Tue Sep 8 22:29:07 2020 +0100 Ensure the overhead check runs after every frame --- .../apache/coyote/http2/Http2UpgradeHandler.java | 11 + test/org/apache/coyote/http2/TestHttp2Limits.java | 27 ++ webapps/docs/changelog.xml | 4 3 files changed, 37 insertions(+), 5 deletions(-) diff --git a/java/org/apache/coyote/http2/Http2UpgradeHandler.java b/java/org/apache/coyote/http2/Http2UpgradeHandler.java index 2d1957a..7b95592 100644 --- a/java/org/apache/coyote/http2/Http2UpgradeHandler.java +++ b/java/org/apache/coyote/http2/Http2UpgradeHandler.java @@ -336,11 +336,12 @@ public class Http2UpgradeHandler extends AbstractStream implements InternalHttpU } else { stream.close(se); } -} -if (overheadCount.get() > 0) { -throw new ConnectionException( - sm.getString("upgradeHandler.tooMuchOverhead", connectionId), -Http2Error.ENHANCE_YOUR_CALM); +} finally { +if (overheadCount.get() > 0) { +throw new ConnectionException( + sm.getString("upgradeHandler.tooMuchOverhead", connectionId), +Http2Error.ENHANCE_YOUR_CALM); +} } } diff --git a/test/org/apache/coyote/http2/TestHttp2Limits.java b/test/org/apache/coyote/http2/TestHttp2Limits.java index 97345a4..2fa0686 100644 --- a/test/org/apache/coyote/http2/TestHttp2Limits.java +++ b/test/org/apache/coyote/http2/TestHttp2Limits.java @@ -38,6 +38,33 @@ public class TestHttp2Limits extends Http2TestBase { private static final StringManager sm = StringManager.getManager(TestHttp2Limits.class); + +@Test +public void testSettingsOverheadLimits() throws Exception { +http2Connect(false); + +for (int i = 0; i < 100; i++) { +sendSettings(0, false); +parser.readFrame(true); +String trace = output.getTrace(); +if (trace.equals("0-Settings-Ack\n")) { +// Test continues +output.clearTrace(); +} else if (trace.startsWith("0-Goaway-[1]-[11]-[Connection [")) { +// Test passed +return; +} else { +// Test failed +Assert.fail("Unexpected output: " + output.getTrace()); +} +Thread.sleep(100); +} + +// Test failed +Assert.fail("Connection not closed down"); +} + + @Test public void testHeaderLimits1x128() throws Exception { // Well within limits diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml index f9fd67d..c10e4ea 100644 --- a/webapps/docs/changelog.xml +++ b/webapps/docs/changelog.xml @@ -168,6 +168,10 @@ closed HTTP/2 streams as they triggered multiple regressions in the form of NullPointerExceptions. (markt) + +Ensure that the HTTP/2 overhead protection check is performed after +each HTTP/2 frame is processed. (markt) + - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch master updated: Ensure the overhead check runs after every frame
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/master by this push: new 85e0a18 Ensure the overhead check runs after every frame 85e0a18 is described below commit 85e0a1875c08d40945fe4aeda6da0a3401328567 Author: Mark Thomas AuthorDate: Tue Sep 8 22:29:07 2020 +0100 Ensure the overhead check runs after every frame --- .../apache/coyote/http2/Http2UpgradeHandler.java | 11 + test/org/apache/coyote/http2/TestHttp2Limits.java | 27 ++ webapps/docs/changelog.xml | 4 3 files changed, 37 insertions(+), 5 deletions(-) diff --git a/java/org/apache/coyote/http2/Http2UpgradeHandler.java b/java/org/apache/coyote/http2/Http2UpgradeHandler.java index 99792dc..b4b6fda 100644 --- a/java/org/apache/coyote/http2/Http2UpgradeHandler.java +++ b/java/org/apache/coyote/http2/Http2UpgradeHandler.java @@ -340,11 +340,12 @@ class Http2UpgradeHandler extends AbstractStream implements InternalHttpUpgradeH } else { stream.close(se); } -} -if (overheadCount.get() > 0) { -throw new ConnectionException( - sm.getString("upgradeHandler.tooMuchOverhead", connectionId), -Http2Error.ENHANCE_YOUR_CALM); +} finally { +if (overheadCount.get() > 0) { +throw new ConnectionException( + sm.getString("upgradeHandler.tooMuchOverhead", connectionId), +Http2Error.ENHANCE_YOUR_CALM); +} } } diff --git a/test/org/apache/coyote/http2/TestHttp2Limits.java b/test/org/apache/coyote/http2/TestHttp2Limits.java index e4fcec0..32bad19 100644 --- a/test/org/apache/coyote/http2/TestHttp2Limits.java +++ b/test/org/apache/coyote/http2/TestHttp2Limits.java @@ -39,6 +39,33 @@ public class TestHttp2Limits extends Http2TestBase { private static final StringManager sm = StringManager.getManager(TestHttp2Limits.class); + +@Test +public void testSettingsOverheadLimits() throws Exception { +http2Connect(false); + +for (int i = 0; i < 100; i++) { +sendSettings(0, false); +parser.readFrame(true); +String trace = output.getTrace(); +if (trace.equals("0-Settings-Ack\n")) { +// Test continues +output.clearTrace(); +} else if (trace.startsWith("0-Goaway-[1]-[11]-[Connection [")) { +// Test passed +return; +} else { +// Test failed +Assert.fail("Unexpected output: " + output.getTrace()); +} +Thread.sleep(100); +} + +// Test failed +Assert.fail("Connection not closed down"); +} + + @Test public void testHeaderLimits1x128() throws Exception { // Well within limits diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml index 3a37a26..e209416 100644 --- a/webapps/docs/changelog.xml +++ b/webapps/docs/changelog.xml @@ -187,6 +187,10 @@ closed HTTP/2 streams as they triggered multiple regressions in the form of NullPointerExceptions. (markt) + +Ensure that the HTTP/2 overhead protection check is performed after +each HTTP/2 frame is processed. (markt) + - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[GitHub] [tomcat] kamnani commented on pull request #331: Remove White Spaces and extra lines from the JSP files
kamnani commented on pull request #331: URL: https://github.com/apache/tomcat/pull/331#issuecomment-689149953 #351 Opened after re-work. Closing this PR. This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[GitHub] [tomcat] kamnani closed pull request #331: Remove White Spaces and extra lines from the JSP files
kamnani closed pull request #331: URL: https://github.com/apache/tomcat/pull/331 This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
buildbot exception in on tomcat-7-trunk
The Buildbot has detected a build exception on builder tomcat-7-trunk while building tomcat. Full details are available at: https://ci.apache.org/builders/tomcat-7-trunk/builds/1766 Buildbot URL: https://ci.apache.org/ Buildslave for this Build: asf946_ubuntu Build Reason: The AnyBranchScheduler scheduler named 'on-tomcat-7-commit' triggered this build Build Source Stamp: [branch 7.0.x] d83e3720dc510bbf0b9ad1c79f3be96135dbd9ee Blamelist: Mark Thomas BUILD FAILED: exception compile upload_2 Sincerely, -The Buildbot - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
buildbot success in on tomcat-9-trunk
The Buildbot has detected a restored build on builder tomcat-9-trunk while building tomcat. Full details are available at: https://ci.apache.org/builders/tomcat-9-trunk/builds/415 Buildbot URL: https://ci.apache.org/ Buildslave for this Build: asf946_ubuntu Build Reason: The AnyBranchScheduler scheduler named 'on-tomcat-9-commit' triggered this build Build Source Stamp: [branch 9.0.x] 729b55e5935e16b80bd48697e453ef9646bdfded Blamelist: Mark Thomas Build succeeded! Sincerely, -The Buildbot - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[GitHub] [tomcat] kamnani commented on a change in pull request #354: Optimize Server startup time using multi-threading for annotation scanning
kamnani commented on a change in pull request #354: URL: https://github.com/apache/tomcat/pull/354#discussion_r485129011 ## File path: java/org/apache/catalina/mbeans/MBeanFactory.java ## @@ -490,6 +491,7 @@ public String createStandardContext(String parent, public String createStandardHost(String parent, String name, String appBase, boolean autoDeploy, + boolean parallelAnnotationScanning, Review comment: Alright. I have removed these changes. Resolved with the latest commit. Thanks This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 7.0.x updated: Improve debugging
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch 7.0.x in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/7.0.x by this push: new d83e372 Improve debugging d83e372 is described below commit d83e3720dc510bbf0b9ad1c79f3be96135dbd9ee Author: Mark Thomas AuthorDate: Tue Sep 8 19:49:00 2020 +0100 Improve debugging --- test/org/apache/catalina/servlets/ServletOptionsBaseTest.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/org/apache/catalina/servlets/ServletOptionsBaseTest.java b/test/org/apache/catalina/servlets/ServletOptionsBaseTest.java index ff87482..86e4b26 100644 --- a/test/org/apache/catalina/servlets/ServletOptionsBaseTest.java +++ b/test/org/apache/catalina/servlets/ServletOptionsBaseTest.java @@ -99,7 +99,7 @@ public abstract class ServletOptionsBaseTest extends TomcatBaseTest { client.connect(); client.processRequest(); -Assert.assertTrue(client.isResponse200()); +Assert.assertTrue(client.getResponseLine(), client.isResponse200()); Set allowed = client.getAllowedMethods(); client.disconnect(); - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 8.5.x updated: Improve debugging
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch 8.5.x in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/8.5.x by this push: new b383cb4 Improve debugging b383cb4 is described below commit b383cb4a8532ffccfae6813a05e5c66fec64f54b Author: Mark Thomas AuthorDate: Tue Sep 8 19:49:00 2020 +0100 Improve debugging --- test/org/apache/catalina/servlets/ServletOptionsBaseTest.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/org/apache/catalina/servlets/ServletOptionsBaseTest.java b/test/org/apache/catalina/servlets/ServletOptionsBaseTest.java index ab20e42..2deb727 100644 --- a/test/org/apache/catalina/servlets/ServletOptionsBaseTest.java +++ b/test/org/apache/catalina/servlets/ServletOptionsBaseTest.java @@ -99,7 +99,7 @@ public abstract class ServletOptionsBaseTest extends TomcatBaseTest { client.connect(); client.processRequest(); -Assert.assertTrue(client.isResponse200()); +Assert.assertTrue(client.getResponseLine(), client.isResponse200()); Set allowed = client.getAllowedMethods(); client.disconnect(); - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 9.0.x updated: Improve debugging
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch 9.0.x in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/9.0.x by this push: new b31bc60 Improve debugging b31bc60 is described below commit b31bc60af8255d32a542ce3098efb7ef6848 Author: Mark Thomas AuthorDate: Tue Sep 8 19:49:00 2020 +0100 Improve debugging --- test/org/apache/catalina/servlets/ServletOptionsBaseTest.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/org/apache/catalina/servlets/ServletOptionsBaseTest.java b/test/org/apache/catalina/servlets/ServletOptionsBaseTest.java index ab20e42..2deb727 100644 --- a/test/org/apache/catalina/servlets/ServletOptionsBaseTest.java +++ b/test/org/apache/catalina/servlets/ServletOptionsBaseTest.java @@ -99,7 +99,7 @@ public abstract class ServletOptionsBaseTest extends TomcatBaseTest { client.connect(); client.processRequest(); -Assert.assertTrue(client.isResponse200()); +Assert.assertTrue(client.getResponseLine(), client.isResponse200()); Set allowed = client.getAllowedMethods(); client.disconnect(); - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch master updated (d409a5d -> f0d6a1e)
This is an automated email from the ASF dual-hosted git repository. markt pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/tomcat.git. from d409a5d Fix CI failure observed in BuildBot add f0d6a1e Improve debugging No new revisions were added by this update. Summary of changes: test/org/apache/catalina/servlets/ServletOptionsBaseTest.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[GitHub] [tomcat] rmaucher commented on a change in pull request #354: Optimize Server startup time using multi-threading for annotation scanning
rmaucher commented on a change in pull request #354: URL: https://github.com/apache/tomcat/pull/354#discussion_r485121593 ## File path: java/org/apache/catalina/mbeans/MBeanFactory.java ## @@ -490,6 +491,7 @@ public String createStandardContext(String parent, public String createStandardHost(String parent, String name, String appBase, boolean autoDeploy, + boolean parallelAnnotationScanning, Review comment: This is not enough to justify changing this API. You can create the host, then set the flag just after. Good enough. This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 8.5.x updated: Fix CI failure observed in BuildBot
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch 8.5.x in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/8.5.x by this push: new 2bb2d14 Fix CI failure observed in BuildBot 2bb2d14 is described below commit 2bb2d148457b44de0e7f18e24c4d1531c905edf4 Author: Mark Thomas AuthorDate: Tue Sep 8 19:14:19 2020 +0100 Fix CI failure observed in BuildBot Make sure we avoid concurrent access to the same write object. --- test/org/apache/coyote/http2/TestAsyncTimeout.java | 12 +++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/test/org/apache/coyote/http2/TestAsyncTimeout.java b/test/org/apache/coyote/http2/TestAsyncTimeout.java index 8560229..0d827d7 100644 --- a/test/org/apache/coyote/http2/TestAsyncTimeout.java +++ b/test/org/apache/coyote/http2/TestAsyncTimeout.java @@ -147,7 +147,7 @@ public class TestAsyncTimeout extends Http2TestBase { PrintWriter pw = asyncContext.getResponse().getWriter(); int counter = 0; -// If the test works running will be set too false before +// If the test works running will be set to false before // counter reaches 50. while (running && counter < 50) { Thread.sleep(100); @@ -183,6 +183,16 @@ public class TestAsyncTimeout extends Http2TestBase { @Override public void onTimeout(AsyncEvent event) throws IOException { ticker.end(); +// Wait for the ticker to exit to avoid concurrent access to the +// response and associated writer. +// Excessively long timeout just in case things so wrong so test +// does not lock up. +try { +ticker.join(10 * 1000); +} catch (InterruptedException e) { +throw new IOException(e); +} + if (ended.compareAndSet(false, true)) { PrintWriter pw = event.getAsyncContext().getResponse().getWriter(); pw.write("PASS"); - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 9.0.x updated: Fix CI failure observed in BuildBot
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch 9.0.x in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/9.0.x by this push: new 729b55e Fix CI failure observed in BuildBot 729b55e is described below commit 729b55e5935e16b80bd48697e453ef9646bdfded Author: Mark Thomas AuthorDate: Tue Sep 8 19:14:19 2020 +0100 Fix CI failure observed in BuildBot Make sure we avoid concurrent access to the same write object. --- test/org/apache/coyote/http2/TestAsyncTimeout.java | 12 +++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/test/org/apache/coyote/http2/TestAsyncTimeout.java b/test/org/apache/coyote/http2/TestAsyncTimeout.java index 8560229..0d827d7 100644 --- a/test/org/apache/coyote/http2/TestAsyncTimeout.java +++ b/test/org/apache/coyote/http2/TestAsyncTimeout.java @@ -147,7 +147,7 @@ public class TestAsyncTimeout extends Http2TestBase { PrintWriter pw = asyncContext.getResponse().getWriter(); int counter = 0; -// If the test works running will be set too false before +// If the test works running will be set to false before // counter reaches 50. while (running && counter < 50) { Thread.sleep(100); @@ -183,6 +183,16 @@ public class TestAsyncTimeout extends Http2TestBase { @Override public void onTimeout(AsyncEvent event) throws IOException { ticker.end(); +// Wait for the ticker to exit to avoid concurrent access to the +// response and associated writer. +// Excessively long timeout just in case things so wrong so test +// does not lock up. +try { +ticker.join(10 * 1000); +} catch (InterruptedException e) { +throw new IOException(e); +} + if (ended.compareAndSet(false, true)) { PrintWriter pw = event.getAsyncContext().getResponse().getWriter(); pw.write("PASS"); - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch master updated (7054b7b -> d409a5d)
This is an automated email from the ASF dual-hosted git repository. markt pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/tomcat.git. from 7054b7b Expand WebDocket client debug logging add d409a5d Fix CI failure observed in BuildBot No new revisions were added by this update. Summary of changes: test/org/apache/coyote/http2/TestAsyncTimeout.java | 12 +++- 1 file changed, 11 insertions(+), 1 deletion(-) - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[GitHub] [tomcat] kamnani edited a comment on pull request #354: Optimize Server startup time using multi-threading for annotation scanning
kamnani edited a comment on pull request #354: URL: https://github.com/apache/tomcat/pull/354#issuecomment-689023592 @rmaucher I actually tested the optimization with the flag in a large application having 1000's of Jar in the classpath and the server startup gains are significant and the stats are as follows : 2816 jars - 33% improvement 1800 jars - 30% improvement 1000 jars - 30% improvement The default tomcat app shows an improvement of 6% with the flag. This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: Next release
On 03/09/2020 16:18, Filip Hanik wrote: > On Thu, Sep 3, 2020 at 07:44 Mark Thomas Commons Daemon may not be ready in time (there was a delay due an issue > > with the signing system). I'm currently planning to start tagging early > > next week. If Daemon is ready by then great. If not, we can pick up the > > update next month. > > > +1 FYI: It doesn't look like Commons Daemon will release in time (one vote short). I'm also seeing a handful of test failures on Windows. They look like timing issues. I suspect a VM performance issue after a Host OS upgrade. I want to look into that in a little more detail before I tag. Mark - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[GitHub] [tomcat] kamnani commented on a change in pull request #354: Optimize Server startup time using multi-threading for annotation scanning
kamnani commented on a change in pull request #354: URL: https://github.com/apache/tomcat/pull/354#discussion_r485091168 ## File path: java/org/apache/catalina/mbeans/MBeanFactory.java ## @@ -490,6 +491,7 @@ public String createStandardContext(String parent, public String createStandardHost(String parent, String name, String appBase, boolean autoDeploy, + boolean parallelAnnotationScanning, Review comment: Thanks @rmaucher for the comment. I have little experience working on Tomcat so if you can you explain how this becomes irrelevant that would be great. Also, do we not want the API's to be able to pass this flag when the optimizations are quite significant? This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
buildbot failure in on tomcat-9-trunk
The Buildbot has detected a new failure on builder tomcat-9-trunk while building tomcat. Full details are available at: https://ci.apache.org/builders/tomcat-9-trunk/builds/414 Buildbot URL: https://ci.apache.org/ Buildslave for this Build: asf946_ubuntu Build Reason: The AnyBranchScheduler scheduler named 'on-tomcat-9-commit' triggered this build Build Source Stamp: [branch 9.0.x] 0b82e0d5e4aec45976e671d97dacad3f52ad89aa Blamelist: Mark Thomas BUILD FAILED: failed compile_1 Sincerely, -The Buildbot - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[GitHub] [tomcat] kamnani edited a comment on pull request #354: Optimize Server startup time using multi-threading for annotation scanning
kamnani edited a comment on pull request #354: URL: https://github.com/apache/tomcat/pull/354#issuecomment-689023592 @rmaucher I actually tested the optimization with the flag in a large application having 1000's of Jar in the classpath and the server startup gains are significant and the stats are as follows : 2816 jars - 44% improvement 1800 jars - 40% improvement 1000 jars - 40% improvement The default tomcat app shows an improvement of 6% with the flag. This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[GitHub] [tomcat] kamnani commented on pull request #354: Optimize Server startup time using multi-threading for annotation scanning
kamnani commented on pull request #354: URL: https://github.com/apache/tomcat/pull/354#issuecomment-689023592 @rmaucher I actually tested the optimization with the flag in a large application having 1000's of Jar in the classpath and the server startup gains are significant and the stats are as follows : 2816 classes - 44% improvement 1800 classes - 40% improvement 1000 classes - 40% improvement The default tomcat app shows an improvement of 6% with the flag. This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[GitHub] [tomcat] kamnani commented on a change in pull request #354: Optimize Server startup time using multi-threading for annotation scanning
kamnani commented on a change in pull request #354: URL: https://github.com/apache/tomcat/pull/354#discussion_r485073735 ## File path: java/org/apache/catalina/startup/ContextConfig.java ## @@ -1374,7 +1383,19 @@ protected void webConfig() { protected void processClasses(WebXml webXml, Set orderedFragments) { // Step 4. Process /WEB-INF/classes for annotations and // @HandlesTypes matches -Map javaClassCache = new HashMap<>(); + +Map javaClassCache; + +if (context.getParent() instanceof Host) { + Host host = (Host) context.getParent(); +Container container = host.getParent(); +CONCURRENCY_LEVEL = container.getStartStopThreads(); +javaClassCache = new ConcurrentHashMap<>(DEFAULT_CLASS_CACHE_SIZE, DEFAULT_LOAD_FACTOR, +CONCURRENCY_LEVEL); +} else { +javaClassCache = new ConcurrentHashMap<>(DEFAULT_CLASS_CACHE_SIZE, DEFAULT_LOAD_FACTOR, +CONCURRENCY_LEVEL); +} Review comment: Have added the default behavior without the flag in the latest commit. This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[GitHub] [tomcat] kamnani commented on a change in pull request #354: Optimize Server startup time using multi-threading for annotation scanning
kamnani commented on a change in pull request #354: URL: https://github.com/apache/tomcat/pull/354#discussion_r485072258 ## File path: java/org/apache/catalina/startup/ContextConfig.java ## @@ -122,6 +126,11 @@ private static final Log log = LogFactory.getLog(ContextConfig.class); +private static final int DEFAULT_CLASS_CACHE_SIZE = 16384; + +private static final float DEFAULT_LOAD_FACTOR = .75f; + +private static int CONCURRENCY_LEVEL = 1; Review comment: Resolved with latest commit. This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[GitHub] [tomcat] kamnani commented on a change in pull request #354: Optimize Server startup time using multi-threading for annotation scanning
kamnani commented on a change in pull request #354: URL: https://github.com/apache/tomcat/pull/354#discussion_r485071970 ## File path: java/org/apache/catalina/startup/ContextConfig.java ## @@ -2136,26 +2157,98 @@ protected InputSource getWebXmlSource(String filename, boolean global) { } protected void processAnnotations(Set fragments, -boolean handlesTypesOnly, Map javaClassCache) { -for(WebXml fragment : fragments) { -// Only need to scan for @HandlesTypes matches if any of the -// following are true: -// - it has already been determined only @HandlesTypes is required -// (e.g. main web.xml has metadata-complete="true" -// - this fragment is for a container JAR (Servlet 3.1 section 8.1) -// - this fragment has metadata-complete="true" -boolean htOnly = handlesTypesOnly || !fragment.getWebappJar() || -fragment.isMetadataComplete(); - -WebXml annotations = new WebXml(); -// no impact on distributable -annotations.setDistributable(true); -URL url = fragment.getURL(); -processAnnotationsUrl(url, annotations, htOnly, javaClassCache); -Set set = new HashSet<>(); -set.add(annotations); -// Merge annotations into fragment - fragment takes priority -fragment.merge(set); +boolean handlesTypesOnly, Map javaClassCache) { + +if (context.getParent() instanceof Host && ((Host) context.getParent()).isParallelAnnotationScanning()) { +processAnnotationsInParallel(fragments, handlesTypesOnly, javaClassCache); +return; +} + +for (WebXml fragment : fragments) { +scanWebXmlFragment(handlesTypesOnly, fragment, javaClassCache); +} +} + +private void scanWebXmlFragment(boolean handlesTypesOnly, WebXml fragment, Map javaClassCache) { + +// Only need to scan for @HandlesTypes matches if any of the +// following are true: +// - it has already been determined only @HandlesTypes is required +// (e.g. main web.xml has metadata-complete="true" +// - this fragment is for a container JAR (Servlet 3.1 section 8.1) +// - this fragment has metadata-complete="true" +boolean htOnly = handlesTypesOnly || !fragment.getWebappJar() || +fragment.isMetadataComplete(); + +WebXml annotations = new WebXml(); +// no impact on distributable +annotations.setDistributable(true); +URL url = fragment.getURL(); +processAnnotationsUrl(url, annotations, htOnly, javaClassCache); +Set set = new HashSet<>(); +set.add(annotations); +// Merge annotations into fragment - fragment takes priority +fragment.merge(set); +} + +/** + * Executable task to scan a segment for annotations. Each task does the + * same work as the for loop inside processAnnotations(); + * + * @author Engebretson, John + * @author Kamnani, Jatin + */ +private class AnnotationScanTask implements Callable { +private final WebXml fragment; +private final boolean handlesTypesOnly; +private Map javaClassCache; + +private AnnotationScanTask(WebXml fragment, boolean handlesTypesOnly, Map javaClassCache) { +this.fragment = fragment; +this.handlesTypesOnly = handlesTypesOnly; +this.javaClassCache = javaClassCache; +} + +@Override +public Void call() { +scanWebXmlFragment(handlesTypesOnly, fragment, javaClassCache); + +return null; +} + +} + +/** + * Parallelized version of processAnnotationsInParallel(). Constructs tasks, + * submits them as they're created, then waits for completion. + * + * @param fragmentsSet of parallelizable scans + * @param handlesTypesOnly Important parameter for the underlying scan + */ +protected void processAnnotationsInParallel(Set fragments, boolean handlesTypesOnly, +Map javaClassCache) { + + +Server s = getServer(); +ExecutorService pool = null; +try { +pool = s.getUtilityExecutor(); +List> futures = new ArrayList<>(fragments.size()); +for (WebXml fragment : fragments) { +Callable task = new AnnotationScanTask(fragment, handlesTypesOnly, javaClassCache); +futures.add(pool.submit(task)); +} +try { +for (Future future : futures) { +future.get(); +} +} catch (Exception e) { +throw new RuntimeException("Parallel execution failed", e); Review comment: Resolved with the latest changes.
[Bug 64715] PasswordValidationCallback not supported
https://bz.apache.org/bugzilla/show_bug.cgi?id=64715 --- Comment #7 from Mark Thomas --- Users may wish to use a 3rd party custom CallbackHandler that knows nothing about Tomcat internals. A no-arg Constructor needs to be supported. There are multiple class loaders involved and while the default configuration avoids most of the complexities, the non-default configs need to be handled. Some users reconfigure the class loaders so they look like this: http://tomcat.apache.org/tomcat-4.1-doc/class-loader-howto.html and may want to put the custom CallbackHandler in the Catalina loader. This boils down to you need to try and load the specified class first with the web app class loader (TCCL) and then with the class loader that loaded the current class. For adding the Context I'm suggesting something like: if (callbackHandler instanceof Contained) { ((Contained) callbackHandler).setContainer(context); } Tomcat can then do: if (callbackHandler instanceof Contained) { getContainer().getRealm()... } -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 8.5.x updated: Expand WebDocket client debug logging
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch 8.5.x in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/8.5.x by this push: new 2b40f0f Expand WebDocket client debug logging 2b40f0f is described below commit 2b40f0febf0232e9fcf8d09710d518b587dfb3bf Author: Mark Thomas AuthorDate: Tue Sep 8 17:38:45 2020 +0100 Expand WebDocket client debug logging Still trying to get to the bottom of some TestWebSocketFrameClient test failures. Currently logs suggest request is sent by client but not seen by server. --- java/org/apache/tomcat/websocket/LocalStrings.properties | 2 ++ java/org/apache/tomcat/websocket/WsWebSocketContainer.java | 8 test/org/apache/tomcat/websocket/TestWebSocketFrameClient.java | 2 ++ 3 files changed, 12 insertions(+) diff --git a/java/org/apache/tomcat/websocket/LocalStrings.properties b/java/org/apache/tomcat/websocket/LocalStrings.properties index 22e9f17..03b7923 100644 --- a/java/org/apache/tomcat/websocket/LocalStrings.properties +++ b/java/org/apache/tomcat/websocket/LocalStrings.properties @@ -128,6 +128,8 @@ wsSession.unknownHandlerType=Unable to add the message handler [{0}] as it was w wsWebSocketContainer.shutdown=The web application is stopping wsWebSocketContainer.asynchronousSocketChannelFail=Unable to open a connection to the server +wsWebSocketContainer.connect.entry=Connecting endpoint instance of type [{0}] to [{1}] +wsWebSocketContainer.connect.write=Writing the HTTP upgrade request from buffer starting at [{0}] with a limit of [{1}] wsWebSocketContainer.defaultConfiguratorFail=Failed to create the default configurator wsWebSocketContainer.endpointCreateFail=Failed to create a local endpoint of type [{0}] wsWebSocketContainer.failedAuthentication=Failed to handle HTTP response code [{0}]. Authentication header was not accepted by server. diff --git a/java/org/apache/tomcat/websocket/WsWebSocketContainer.java b/java/org/apache/tomcat/websocket/WsWebSocketContainer.java index 98c1a8d..d31a3bb 100644 --- a/java/org/apache/tomcat/websocket/WsWebSocketContainer.java +++ b/java/org/apache/tomcat/websocket/WsWebSocketContainer.java @@ -202,6 +202,10 @@ public class WsWebSocketContainer implements WebSocketContainer, BackgroundProce Set redirectSet) throws DeploymentException { +if (log.isDebugEnabled()) { +log.debug(sm.getString("wsWebSocketContainer.connect.entry", endpoint.getClass().getName(), path)); +} + boolean secure = false; ByteBuffer proxyConnect = null; URI proxyPath; @@ -345,6 +349,10 @@ public class WsWebSocketContainer implements WebSocketContainer, BackgroundProce Future fHandshake = channel.handshake(); fHandshake.get(timeout, TimeUnit.MILLISECONDS); +if (log.isDebugEnabled()) { +log.debug(sm.getString("wsWebSocketContainer.connect.write", +Integer.valueOf(request.position()), Integer.valueOf(request.limit(; +} writeRequest(channel, request, timeout); HttpResponse httpResponse = processResponse(response, channel, timeout); diff --git a/test/org/apache/tomcat/websocket/TestWebSocketFrameClient.java b/test/org/apache/tomcat/websocket/TestWebSocketFrameClient.java index e2c3e4d..c22f2ee 100644 --- a/test/org/apache/tomcat/websocket/TestWebSocketFrameClient.java +++ b/test/org/apache/tomcat/websocket/TestWebSocketFrameClient.java @@ -121,6 +121,7 @@ public class TestWebSocketFrameClient extends WebSocketBaseTest { tomcat.start(); LogManager.getLogManager().getLogger("org.apache.coyote").setLevel(Level.ALL); + LogManager.getLogManager().getLogger("org.apache.tomcat.websocket").setLevel(Level.ALL); LogManager.getLogManager().getLogger("org.apache.tomcat.util.net").setLevel(Level.ALL); try { echoTester("",null); @@ -130,6 +131,7 @@ public class TestWebSocketFrameClient extends WebSocketBaseTest { echoTester("/foo/",null); } finally { LogManager.getLogManager().getLogger("org.apache.coyote").setLevel(Level.INFO); + LogManager.getLogManager().getLogger("org.apache.tomcat.websocket.WsWebSocketContainer").setLevel(Level.INFO); LogManager.getLogManager().getLogger("org.apache.tomcat.util.net").setLevel(Level.INFO); } } - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 9.0.x updated: Expand WebDocket client debug logging
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch 9.0.x in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/9.0.x by this push: new 0b82e0d Expand WebDocket client debug logging 0b82e0d is described below commit 0b82e0d5e4aec45976e671d97dacad3f52ad89aa Author: Mark Thomas AuthorDate: Tue Sep 8 17:38:45 2020 +0100 Expand WebDocket client debug logging Still trying to get to the bottom of some TestWebSocketFrameClient test failures. Currently logs suggest request is sent by client but not seen by server. --- java/org/apache/tomcat/websocket/LocalStrings.properties | 2 ++ java/org/apache/tomcat/websocket/WsWebSocketContainer.java | 8 test/org/apache/tomcat/websocket/TestWebSocketFrameClient.java | 2 ++ 3 files changed, 12 insertions(+) diff --git a/java/org/apache/tomcat/websocket/LocalStrings.properties b/java/org/apache/tomcat/websocket/LocalStrings.properties index 22e9f17..03b7923 100644 --- a/java/org/apache/tomcat/websocket/LocalStrings.properties +++ b/java/org/apache/tomcat/websocket/LocalStrings.properties @@ -128,6 +128,8 @@ wsSession.unknownHandlerType=Unable to add the message handler [{0}] as it was w wsWebSocketContainer.shutdown=The web application is stopping wsWebSocketContainer.asynchronousSocketChannelFail=Unable to open a connection to the server +wsWebSocketContainer.connect.entry=Connecting endpoint instance of type [{0}] to [{1}] +wsWebSocketContainer.connect.write=Writing the HTTP upgrade request from buffer starting at [{0}] with a limit of [{1}] wsWebSocketContainer.defaultConfiguratorFail=Failed to create the default configurator wsWebSocketContainer.endpointCreateFail=Failed to create a local endpoint of type [{0}] wsWebSocketContainer.failedAuthentication=Failed to handle HTTP response code [{0}]. Authentication header was not accepted by server. diff --git a/java/org/apache/tomcat/websocket/WsWebSocketContainer.java b/java/org/apache/tomcat/websocket/WsWebSocketContainer.java index 702c866..4949759 100644 --- a/java/org/apache/tomcat/websocket/WsWebSocketContainer.java +++ b/java/org/apache/tomcat/websocket/WsWebSocketContainer.java @@ -202,6 +202,10 @@ public class WsWebSocketContainer implements WebSocketContainer, BackgroundProce Set redirectSet) throws DeploymentException { +if (log.isDebugEnabled()) { +log.debug(sm.getString("wsWebSocketContainer.connect.entry", endpoint.getClass().getName(), path)); +} + boolean secure = false; ByteBuffer proxyConnect = null; URI proxyPath; @@ -345,6 +349,10 @@ public class WsWebSocketContainer implements WebSocketContainer, BackgroundProce Future fHandshake = channel.handshake(); fHandshake.get(timeout, TimeUnit.MILLISECONDS); +if (log.isDebugEnabled()) { +log.debug(sm.getString("wsWebSocketContainer.connect.write", +Integer.valueOf(request.position()), Integer.valueOf(request.limit(; +} writeRequest(channel, request, timeout); HttpResponse httpResponse = processResponse(response, channel, timeout); diff --git a/test/org/apache/tomcat/websocket/TestWebSocketFrameClient.java b/test/org/apache/tomcat/websocket/TestWebSocketFrameClient.java index 7dc5f4c..73fe483 100644 --- a/test/org/apache/tomcat/websocket/TestWebSocketFrameClient.java +++ b/test/org/apache/tomcat/websocket/TestWebSocketFrameClient.java @@ -118,6 +118,7 @@ public class TestWebSocketFrameClient extends WebSocketBaseTest { tomcat.start(); LogManager.getLogManager().getLogger("org.apache.coyote").setLevel(Level.ALL); + LogManager.getLogManager().getLogger("org.apache.tomcat.websocket").setLevel(Level.ALL); LogManager.getLogManager().getLogger("org.apache.tomcat.util.net").setLevel(Level.ALL); try { echoTester("",null); @@ -127,6 +128,7 @@ public class TestWebSocketFrameClient extends WebSocketBaseTest { echoTester("/foo/",null); } finally { LogManager.getLogManager().getLogger("org.apache.coyote").setLevel(Level.INFO); + LogManager.getLogManager().getLogger("org.apache.tomcat.websocket.WsWebSocketContainer").setLevel(Level.INFO); LogManager.getLogManager().getLogger("org.apache.tomcat.util.net").setLevel(Level.INFO); } } - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch master updated: Expand WebDocket client debug logging
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/master by this push: new 7054b7b Expand WebDocket client debug logging 7054b7b is described below commit 7054b7b205c98262325005bd31d87567e2659dc1 Author: Mark Thomas AuthorDate: Tue Sep 8 17:38:45 2020 +0100 Expand WebDocket client debug logging Still trying to get to the bottom of some TestWebSocketFrameClient test failures. Currently logs suggest request is sent by client but not seen by server. --- java/org/apache/tomcat/websocket/LocalStrings.properties | 2 ++ java/org/apache/tomcat/websocket/WsWebSocketContainer.java | 8 test/org/apache/tomcat/websocket/TestWebSocketFrameClient.java | 2 ++ 3 files changed, 12 insertions(+) diff --git a/java/org/apache/tomcat/websocket/LocalStrings.properties b/java/org/apache/tomcat/websocket/LocalStrings.properties index 22e9f17..03b7923 100644 --- a/java/org/apache/tomcat/websocket/LocalStrings.properties +++ b/java/org/apache/tomcat/websocket/LocalStrings.properties @@ -128,6 +128,8 @@ wsSession.unknownHandlerType=Unable to add the message handler [{0}] as it was w wsWebSocketContainer.shutdown=The web application is stopping wsWebSocketContainer.asynchronousSocketChannelFail=Unable to open a connection to the server +wsWebSocketContainer.connect.entry=Connecting endpoint instance of type [{0}] to [{1}] +wsWebSocketContainer.connect.write=Writing the HTTP upgrade request from buffer starting at [{0}] with a limit of [{1}] wsWebSocketContainer.defaultConfiguratorFail=Failed to create the default configurator wsWebSocketContainer.endpointCreateFail=Failed to create a local endpoint of type [{0}] wsWebSocketContainer.failedAuthentication=Failed to handle HTTP response code [{0}]. Authentication header was not accepted by server. diff --git a/java/org/apache/tomcat/websocket/WsWebSocketContainer.java b/java/org/apache/tomcat/websocket/WsWebSocketContainer.java index c78da3c..2022182 100644 --- a/java/org/apache/tomcat/websocket/WsWebSocketContainer.java +++ b/java/org/apache/tomcat/websocket/WsWebSocketContainer.java @@ -203,6 +203,10 @@ public class WsWebSocketContainer implements WebSocketContainer, BackgroundProce Set redirectSet) throws DeploymentException { +if (log.isDebugEnabled()) { +log.debug(sm.getString("wsWebSocketContainer.connect.entry", endpoint.getClass().getName(), path)); +} + boolean secure = false; ByteBuffer proxyConnect = null; URI proxyPath; @@ -346,6 +350,10 @@ public class WsWebSocketContainer implements WebSocketContainer, BackgroundProce Future fHandshake = channel.handshake(); fHandshake.get(timeout, TimeUnit.MILLISECONDS); +if (log.isDebugEnabled()) { +log.debug(sm.getString("wsWebSocketContainer.connect.write", +Integer.valueOf(request.position()), Integer.valueOf(request.limit(; +} writeRequest(channel, request, timeout); HttpResponse httpResponse = processResponse(response, channel, timeout); diff --git a/test/org/apache/tomcat/websocket/TestWebSocketFrameClient.java b/test/org/apache/tomcat/websocket/TestWebSocketFrameClient.java index 615905c..aa7036a 100644 --- a/test/org/apache/tomcat/websocket/TestWebSocketFrameClient.java +++ b/test/org/apache/tomcat/websocket/TestWebSocketFrameClient.java @@ -118,6 +118,7 @@ public class TestWebSocketFrameClient extends WebSocketBaseTest { tomcat.start(); LogManager.getLogManager().getLogger("org.apache.coyote").setLevel(Level.ALL); + LogManager.getLogManager().getLogger("org.apache.tomcat.websocket").setLevel(Level.ALL); LogManager.getLogManager().getLogger("org.apache.tomcat.util.net").setLevel(Level.ALL); try { echoTester("",null); @@ -127,6 +128,7 @@ public class TestWebSocketFrameClient extends WebSocketBaseTest { echoTester("/foo/",null); } finally { LogManager.getLogManager().getLogger("org.apache.coyote").setLevel(Level.INFO); + LogManager.getLogManager().getLogger("org.apache.tomcat.websocket.WsWebSocketContainer").setLevel(Level.INFO); LogManager.getLogManager().getLogger("org.apache.tomcat.util.net").setLevel(Level.INFO); } } - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[GitHub] [tomcat] kamnani edited a comment on pull request #354: Optimize Server startup time using multi-threading for annotation scanning
kamnani edited a comment on pull request #354: URL: https://github.com/apache/tomcat/pull/354#issuecomment-688967898 > I still don't really like some items, like the explicit flag (but I don't see yet how to do it) or some of the "optimizations". > By default the utility thread count is 2, so not too much parallelism. Yes, You're right with the default value, but that can be changed through the Host Configuration.. right? This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[GitHub] [tomcat] kamnani commented on pull request #354: Optimize Server startup time using multi-threading for annotation scanning
kamnani commented on pull request #354: URL: https://github.com/apache/tomcat/pull/354#issuecomment-688967898 > I still don't really like some items, like the explicit flag (but I don't see yet how to do it) or some of the "optimizations". > By default the utility thread count is 2, so not too much parallelism. Yes, You're right with the default Value, but that can be changed through the Host Configuration.. right? This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 64715] PasswordValidationCallback not supported
https://bz.apache.org/bugzilla/show_bug.cgi?id=64715 --- Comment #6 from Robert Rodewald --- (In reply to Mark Thomas from comment #5) > - It doesn't handle all combinations of > - Constructor with/without Context I don't think a constructor for CallbackHandlerImpl without Context is needed. As this is a Tomcat internal class and AuthenticatorBase can always provide a context with realm (this is stated in the usage constraints of AuthenticatorBase). Or am I misinterpreting you? > - Class defined in web app / in container That's a case I don't seem to understand. Could you please explain? > - The call to the "with Context" constructor will always fail (no Context) Ugh. Missing argument. I'll change this when the other fixes are clear. > - Use of an interface would be cleaner. The Contained interface is a good > fit. Are you suggesting to pass the Realm (which is a Contained) to the CallbackHandler? Wouldn't that break dynamic configuration through JMX? I could use Container though. I also saw that minor modifications to the tests will be necessary too. In addition I would add one or two tests for the Callbacks. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: [tomcat] branch master updated: Add the missing string
On 08/09/2020 12:45, Rémy Maucherat wrote: > On Tue, Sep 8, 2020 at 1:11 PM Mark Thomas wrote: > >> On 08/09/2020 11:55, r...@apache.org wrote: >>> This is an automated email from the ASF dual-hosted git repository. >>> >>> remm pushed a commit to branch master >>> in repository https://gitbox.apache.org/repos/asf/tomcat.git >>> >>> >>> The following commit(s) were added to refs/heads/master by this push: >>> new 6515798 Add the missing string >>> 6515798 is described below >>> >>> commit 6515798cd693636350647f61eadcf80755bd8b11 >>> Author: remm >>> AuthorDate: Tue Sep 8 12:53:23 2020 +0200 >>> >>> Add the missing string >> >> The string isn't missing. It is just not in alphabetic order. >> This commit also reverts the fixes to the message wording that were >> included in the PR. >> >> The new key name is an improvement - it is more consistent with existing >> keys. >> > > Ok, sorry for the problem, I misread the commit message and missed the add, > then I didn't find the string manually. No worries. I should have caught the naming and ordering issues when I reviewed the PR. Mark - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: [tomcat] branch master updated: Add the missing string
On Tue, Sep 8, 2020 at 1:11 PM Mark Thomas wrote: > On 08/09/2020 11:55, r...@apache.org wrote: > > This is an automated email from the ASF dual-hosted git repository. > > > > remm pushed a commit to branch master > > in repository https://gitbox.apache.org/repos/asf/tomcat.git > > > > > > The following commit(s) were added to refs/heads/master by this push: > > new 6515798 Add the missing string > > 6515798 is described below > > > > commit 6515798cd693636350647f61eadcf80755bd8b11 > > Author: remm > > AuthorDate: Tue Sep 8 12:53:23 2020 +0200 > > > > Add the missing string > > The string isn't missing. It is just not in alphabetic order. > This commit also reverts the fixes to the message wording that were > included in the PR. > > The new key name is an improvement - it is more consistent with existing > keys. > Ok, sorry for the problem, I misread the commit message and missed the add, then I didn't find the string manually. Rémy
buildbot success in on tomcat-9-trunk
The Buildbot has detected a restored build on builder tomcat-9-trunk while building tomcat. Full details are available at: https://ci.apache.org/builders/tomcat-9-trunk/builds/412 Buildbot URL: https://ci.apache.org/ Buildslave for this Build: asf946_ubuntu Build Reason: The AnyBranchScheduler scheduler named 'on-tomcat-9-commit' triggered this build Build Source Stamp: [branch 9.0.x] 6ebfb5faa9f1fe15668aaf7a65fb398a56109383 Blamelist: Jean-Frederic Clere ,remm Build succeeded! Sincerely, -The Buildbot - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 8.5.x updated: Fix key rename
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch 8.5.x in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/8.5.x by this push: new a88e0a3 Fix key rename a88e0a3 is described below commit a88e0a3db311394798dd760022f58b59a5fbb0e6 Author: Mark Thomas AuthorDate: Tue Sep 8 12:11:07 2020 +0100 Fix key rename --- java/org/apache/tomcat/util/net/LocalStrings.properties | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/java/org/apache/tomcat/util/net/LocalStrings.properties b/java/org/apache/tomcat/util/net/LocalStrings.properties index cf9927e..4cfb76c 100644 --- a/java/org/apache/tomcat/util/net/LocalStrings.properties +++ b/java/org/apache/tomcat/util/net/LocalStrings.properties @@ -147,7 +147,7 @@ sslImplementation.cnfe=Unable to create SSLImplementation for class [{0}] sslUtilBase.active=The [{0}] that are active are : [{1}] sslUtilBase.alias_no_key_entry=Alias name [{0}] does not identify a key entry -sslUtilBase.aliasIgnored=Alias name [{0}] will be ignored when using FIPS mode +sslUtilBase.aliasIgnored=FIPS enabled so alias name [{0}] will be ignored. If there is more than one key in the key store, the key used will depend on the key store implementation sslUtilBase.invalidTrustManagerClassName=The trustManagerClassName provided [{0}] does not implement javax.net.ssl.TrustManager sslUtilBase.keystore_load_failed=Failed to load keystore type [{0}] with path [{1}] due to [{2}] sslUtilBase.noCertFile=SSLHostConfig attribute certificateFile must be defined when using an SSL connector @@ -160,4 +160,3 @@ sslUtilBase.ssl3=SSLv3 has been explicitly enabled. This protocol is known to be sslUtilBase.tls13.auth=The JSSE TLS 1.3 implementation does not support authentication after the initial handshake and is therefore incompatible with optional client authentication sslUtilBase.trustedCertNotChecked=The validity dates of the trusted certificate with alias [{0}] were not checked as the certificate was of an unknown type sslUtilBase.trustedCertNotValid=The trusted certificate with alias [{0}] and DN [{1}] is not valid due to [{2}]. Certificates signed by this trusted certificate WILL be accepted -sslUtilBase.alias_ignored=FIPS enabled so alias name [{0}] will be ignored. If there is more than one key in the key store, the key used will depend on the key store implementation - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 9.0.x updated: Fix key rename
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch 9.0.x in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/9.0.x by this push: new 53421d2 Fix key rename 53421d2 is described below commit 53421d2f2350c5d79a1fdf83eaac14ee3f365e8e Author: Mark Thomas AuthorDate: Tue Sep 8 12:11:07 2020 +0100 Fix key rename --- java/org/apache/tomcat/util/net/LocalStrings.properties | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/java/org/apache/tomcat/util/net/LocalStrings.properties b/java/org/apache/tomcat/util/net/LocalStrings.properties index efd962b..e47c7ca 100644 --- a/java/org/apache/tomcat/util/net/LocalStrings.properties +++ b/java/org/apache/tomcat/util/net/LocalStrings.properties @@ -164,7 +164,7 @@ sslImplementation.cnfe=Unable to create SSLImplementation for class [{0}] sslUtilBase.active=The [{0}] that are active are : [{1}] sslUtilBase.alias_no_key_entry=Alias name [{0}] does not identify a key entry -sslUtilBase.aliasIgnored=Alias name [{0}] will be ignored when using FIPS mode +sslUtilBase.aliasIgnored=FIPS enabled so alias name [{0}] will be ignored. If there is more than one key in the key store, the key used will depend on the key store implementation sslUtilBase.invalidTrustManagerClassName=The trustManagerClassName provided [{0}] does not implement javax.net.ssl.TrustManager sslUtilBase.keystore_load_failed=Failed to load keystore type [{0}] with path [{1}] due to [{2}] sslUtilBase.noCertFile=SSLHostConfig attribute certificateFile must be defined when using an SSL connector @@ -177,4 +177,3 @@ sslUtilBase.ssl3=SSLv3 has been explicitly enabled. This protocol is known to be sslUtilBase.tls13.auth=The JSSE TLS 1.3 implementation does not support authentication after the initial handshake and is therefore incompatible with optional client authentication sslUtilBase.trustedCertNotChecked=The validity dates of the trusted certificate with alias [{0}] were not checked as the certificate was of an unknown type sslUtilBase.trustedCertNotValid=The trusted certificate with alias [{0}] and DN [{1}] is not valid due to [{2}]. Certificates signed by this trusted certificate WILL be accepted -sslUtilBase.alias_ignored=FIPS enabled so alias name [{0}] will be ignored. If there is more than one key in the key store, the key used will depend on the key store implementation - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: [tomcat] branch master updated: Add the missing string
On 08/09/2020 11:55, r...@apache.org wrote: > This is an automated email from the ASF dual-hosted git repository. > > remm pushed a commit to branch master > in repository https://gitbox.apache.org/repos/asf/tomcat.git > > > The following commit(s) were added to refs/heads/master by this push: > new 6515798 Add the missing string > 6515798 is described below > > commit 6515798cd693636350647f61eadcf80755bd8b11 > Author: remm > AuthorDate: Tue Sep 8 12:53:23 2020 +0200 > > Add the missing string The string isn't missing. It is just not in alphabetic order. This commit also reverts the fixes to the message wording that were included in the PR. The new key name is an improvement - it is more consistent with existing keys. Mark > --- > java/org/apache/tomcat/util/net/LocalStrings.properties | 1 + > java/org/apache/tomcat/util/net/SSLUtilBase.java| 2 +- > 2 files changed, 2 insertions(+), 1 deletion(-) > > diff --git a/java/org/apache/tomcat/util/net/LocalStrings.properties > b/java/org/apache/tomcat/util/net/LocalStrings.properties > index e2a16b9..efd962b 100644 > --- a/java/org/apache/tomcat/util/net/LocalStrings.properties > +++ b/java/org/apache/tomcat/util/net/LocalStrings.properties > @@ -164,6 +164,7 @@ sslImplementation.cnfe=Unable to create SSLImplementation > for class [{0}] > > sslUtilBase.active=The [{0}] that are active are : [{1}] > sslUtilBase.alias_no_key_entry=Alias name [{0}] does not identify a key entry > +sslUtilBase.aliasIgnored=Alias name [{0}] will be ignored when using FIPS > mode > sslUtilBase.invalidTrustManagerClassName=The trustManagerClassName provided > [{0}] does not implement javax.net.ssl.TrustManager > sslUtilBase.keystore_load_failed=Failed to load keystore type [{0}] with > path [{1}] due to [{2}] > sslUtilBase.noCertFile=SSLHostConfig attribute certificateFile must be > defined when using an SSL connector > diff --git a/java/org/apache/tomcat/util/net/SSLUtilBase.java > b/java/org/apache/tomcat/util/net/SSLUtilBase.java > index 143b2d2..09e3aa7 100644 > --- a/java/org/apache/tomcat/util/net/SSLUtilBase.java > +++ b/java/org/apache/tomcat/util/net/SSLUtilBase.java > @@ -300,7 +300,7 @@ public abstract class SSLUtilBase implements SSLUtil { > if (kmf.getProvider().getInfo().indexOf("FIPS") != -1) { > // FIPS doesn't like ANY wrapping nor key manipulation. > if (keyAlias != null) { > -log.warn(sm.getString("sslUtilBase.alias_ignored", > keyAlias)); > +log.warn(sm.getString("sslUtilBase.aliasIgnored", keyAlias)); > } > kmf.init(ksUsed, keyPassArray); > return kmf.getKeyManagers(); > > > - > To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org > For additional commands, e-mail: dev-h...@tomcat.apache.org > - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch master updated: Fix key rename
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/master by this push: new aa273c8 Fix key rename aa273c8 is described below commit aa273c8b754c14919e101dae83c9b79d3651fa3b Author: Mark Thomas AuthorDate: Tue Sep 8 12:11:07 2020 +0100 Fix key rename --- java/org/apache/tomcat/util/net/LocalStrings.properties | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/java/org/apache/tomcat/util/net/LocalStrings.properties b/java/org/apache/tomcat/util/net/LocalStrings.properties index efd962b..e47c7ca 100644 --- a/java/org/apache/tomcat/util/net/LocalStrings.properties +++ b/java/org/apache/tomcat/util/net/LocalStrings.properties @@ -164,7 +164,7 @@ sslImplementation.cnfe=Unable to create SSLImplementation for class [{0}] sslUtilBase.active=The [{0}] that are active are : [{1}] sslUtilBase.alias_no_key_entry=Alias name [{0}] does not identify a key entry -sslUtilBase.aliasIgnored=Alias name [{0}] will be ignored when using FIPS mode +sslUtilBase.aliasIgnored=FIPS enabled so alias name [{0}] will be ignored. If there is more than one key in the key store, the key used will depend on the key store implementation sslUtilBase.invalidTrustManagerClassName=The trustManagerClassName provided [{0}] does not implement javax.net.ssl.TrustManager sslUtilBase.keystore_load_failed=Failed to load keystore type [{0}] with path [{1}] due to [{2}] sslUtilBase.noCertFile=SSLHostConfig attribute certificateFile must be defined when using an SSL connector @@ -177,4 +177,3 @@ sslUtilBase.ssl3=SSLv3 has been explicitly enabled. This protocol is known to be sslUtilBase.tls13.auth=The JSSE TLS 1.3 implementation does not support authentication after the initial handshake and is therefore incompatible with optional client authentication sslUtilBase.trustedCertNotChecked=The validity dates of the trusted certificate with alias [{0}] were not checked as the certificate was of an unknown type sslUtilBase.trustedCertNotValid=The trusted certificate with alias [{0}] and DN [{1}] is not valid due to [{2}]. Certificates signed by this trusted certificate WILL be accepted -sslUtilBase.alias_ignored=FIPS enabled so alias name [{0}] will be ignored. If there is more than one key in the key store, the key used will depend on the key store implementation - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 64715] PasswordValidationCallback not supported
https://bz.apache.org/bugzilla/show_bug.cgi?id=64715 --- Comment #5 from Mark Thomas --- Reviewing the patch: - It doesn't handle all combinations of - Constructor with/without Context - Class defined in web app / in container - The call to the "with Context" constructor will always fail (no Context) - Use of an interface would be cleaner. The Contained interface is a good fit. The rest looks good. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 8.5.x updated: Add the missing string
This is an automated email from the ASF dual-hosted git repository. remm pushed a commit to branch 8.5.x in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/8.5.x by this push: new 2f64f96 Add the missing string 2f64f96 is described below commit 2f64f965b274a87bb4c27ad84acb2f1936532308 Author: remm AuthorDate: Tue Sep 8 12:53:23 2020 +0200 Add the missing string --- java/org/apache/tomcat/util/net/LocalStrings.properties | 1 + java/org/apache/tomcat/util/net/SSLUtilBase.java| 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/java/org/apache/tomcat/util/net/LocalStrings.properties b/java/org/apache/tomcat/util/net/LocalStrings.properties index 70cad95..cf9927e 100644 --- a/java/org/apache/tomcat/util/net/LocalStrings.properties +++ b/java/org/apache/tomcat/util/net/LocalStrings.properties @@ -147,6 +147,7 @@ sslImplementation.cnfe=Unable to create SSLImplementation for class [{0}] sslUtilBase.active=The [{0}] that are active are : [{1}] sslUtilBase.alias_no_key_entry=Alias name [{0}] does not identify a key entry +sslUtilBase.aliasIgnored=Alias name [{0}] will be ignored when using FIPS mode sslUtilBase.invalidTrustManagerClassName=The trustManagerClassName provided [{0}] does not implement javax.net.ssl.TrustManager sslUtilBase.keystore_load_failed=Failed to load keystore type [{0}] with path [{1}] due to [{2}] sslUtilBase.noCertFile=SSLHostConfig attribute certificateFile must be defined when using an SSL connector diff --git a/java/org/apache/tomcat/util/net/SSLUtilBase.java b/java/org/apache/tomcat/util/net/SSLUtilBase.java index 7433ffe..1c2fefe 100644 --- a/java/org/apache/tomcat/util/net/SSLUtilBase.java +++ b/java/org/apache/tomcat/util/net/SSLUtilBase.java @@ -299,7 +299,7 @@ public abstract class SSLUtilBase implements SSLUtil { if (kmf.getProvider().getInfo().indexOf("FIPS") != -1) { // FIPS doesn't like ANY wrapping nor key manipulation. if (keyAlias != null) { -log.warn(sm.getString("sslUtilBase.alias_ignored", keyAlias)); +log.warn(sm.getString("sslUtilBase.aliasIgnored", keyAlias)); } kmf.init(ksUsed, keyPassArray); return kmf.getKeyManagers(); - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 9.0.x updated: Add the missing string
This is an automated email from the ASF dual-hosted git repository. remm pushed a commit to branch 9.0.x in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/9.0.x by this push: new 6ebfb5f Add the missing string 6ebfb5f is described below commit 6ebfb5faa9f1fe15668aaf7a65fb398a56109383 Author: remm AuthorDate: Tue Sep 8 12:53:23 2020 +0200 Add the missing string --- java/org/apache/tomcat/util/net/LocalStrings.properties | 1 + java/org/apache/tomcat/util/net/SSLUtilBase.java| 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/java/org/apache/tomcat/util/net/LocalStrings.properties b/java/org/apache/tomcat/util/net/LocalStrings.properties index e2a16b9..efd962b 100644 --- a/java/org/apache/tomcat/util/net/LocalStrings.properties +++ b/java/org/apache/tomcat/util/net/LocalStrings.properties @@ -164,6 +164,7 @@ sslImplementation.cnfe=Unable to create SSLImplementation for class [{0}] sslUtilBase.active=The [{0}] that are active are : [{1}] sslUtilBase.alias_no_key_entry=Alias name [{0}] does not identify a key entry +sslUtilBase.aliasIgnored=Alias name [{0}] will be ignored when using FIPS mode sslUtilBase.invalidTrustManagerClassName=The trustManagerClassName provided [{0}] does not implement javax.net.ssl.TrustManager sslUtilBase.keystore_load_failed=Failed to load keystore type [{0}] with path [{1}] due to [{2}] sslUtilBase.noCertFile=SSLHostConfig attribute certificateFile must be defined when using an SSL connector diff --git a/java/org/apache/tomcat/util/net/SSLUtilBase.java b/java/org/apache/tomcat/util/net/SSLUtilBase.java index 143b2d2..09e3aa7 100644 --- a/java/org/apache/tomcat/util/net/SSLUtilBase.java +++ b/java/org/apache/tomcat/util/net/SSLUtilBase.java @@ -300,7 +300,7 @@ public abstract class SSLUtilBase implements SSLUtil { if (kmf.getProvider().getInfo().indexOf("FIPS") != -1) { // FIPS doesn't like ANY wrapping nor key manipulation. if (keyAlias != null) { -log.warn(sm.getString("sslUtilBase.alias_ignored", keyAlias)); +log.warn(sm.getString("sslUtilBase.aliasIgnored", keyAlias)); } kmf.init(ksUsed, keyPassArray); return kmf.getKeyManagers(); - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch master updated: Add the missing string
This is an automated email from the ASF dual-hosted git repository. remm pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/master by this push: new 6515798 Add the missing string 6515798 is described below commit 6515798cd693636350647f61eadcf80755bd8b11 Author: remm AuthorDate: Tue Sep 8 12:53:23 2020 +0200 Add the missing string --- java/org/apache/tomcat/util/net/LocalStrings.properties | 1 + java/org/apache/tomcat/util/net/SSLUtilBase.java| 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/java/org/apache/tomcat/util/net/LocalStrings.properties b/java/org/apache/tomcat/util/net/LocalStrings.properties index e2a16b9..efd962b 100644 --- a/java/org/apache/tomcat/util/net/LocalStrings.properties +++ b/java/org/apache/tomcat/util/net/LocalStrings.properties @@ -164,6 +164,7 @@ sslImplementation.cnfe=Unable to create SSLImplementation for class [{0}] sslUtilBase.active=The [{0}] that are active are : [{1}] sslUtilBase.alias_no_key_entry=Alias name [{0}] does not identify a key entry +sslUtilBase.aliasIgnored=Alias name [{0}] will be ignored when using FIPS mode sslUtilBase.invalidTrustManagerClassName=The trustManagerClassName provided [{0}] does not implement javax.net.ssl.TrustManager sslUtilBase.keystore_load_failed=Failed to load keystore type [{0}] with path [{1}] due to [{2}] sslUtilBase.noCertFile=SSLHostConfig attribute certificateFile must be defined when using an SSL connector diff --git a/java/org/apache/tomcat/util/net/SSLUtilBase.java b/java/org/apache/tomcat/util/net/SSLUtilBase.java index 143b2d2..09e3aa7 100644 --- a/java/org/apache/tomcat/util/net/SSLUtilBase.java +++ b/java/org/apache/tomcat/util/net/SSLUtilBase.java @@ -300,7 +300,7 @@ public abstract class SSLUtilBase implements SSLUtil { if (kmf.getProvider().getInfo().indexOf("FIPS") != -1) { // FIPS doesn't like ANY wrapping nor key manipulation. if (keyAlias != null) { -log.warn(sm.getString("sslUtilBase.alias_ignored", keyAlias)); +log.warn(sm.getString("sslUtilBase.aliasIgnored", keyAlias)); } kmf.init(ksUsed, keyPassArray); return kmf.getKeyManagers(); - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 64715] PasswordValidationCallback not supported
https://bz.apache.org/bugzilla/show_bug.cgi?id=64715 Mark Thomas changed: What|Removed |Added Severity|enhancement |normal --- Comment #4 from Mark Thomas --- Yes, that does make it a bug. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 8.5.x updated: Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=64614
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch 8.5.x in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/8.5.x by this push: new af56ad1 Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=64614 af56ad1 is described below commit af56ad143d92442835fe8c4d1d65a84d83dbcfc5 Author: Jean-Frederic Clere AuthorDate: Thu Aug 6 18:56:21 2020 +0200 Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=64614 Don't wrap FIPS keystores --- java/org/apache/tomcat/util/net/LocalStrings.properties | 1 + java/org/apache/tomcat/util/net/SSLUtilBase.java| 11 ++- webapps/docs/changelog.xml | 6 ++ 3 files changed, 17 insertions(+), 1 deletion(-) diff --git a/java/org/apache/tomcat/util/net/LocalStrings.properties b/java/org/apache/tomcat/util/net/LocalStrings.properties index c3c54f2..70cad95 100644 --- a/java/org/apache/tomcat/util/net/LocalStrings.properties +++ b/java/org/apache/tomcat/util/net/LocalStrings.properties @@ -159,3 +159,4 @@ sslUtilBase.ssl3=SSLv3 has been explicitly enabled. This protocol is known to be sslUtilBase.tls13.auth=The JSSE TLS 1.3 implementation does not support authentication after the initial handshake and is therefore incompatible with optional client authentication sslUtilBase.trustedCertNotChecked=The validity dates of the trusted certificate with alias [{0}] were not checked as the certificate was of an unknown type sslUtilBase.trustedCertNotValid=The trusted certificate with alias [{0}] and DN [{1}] is not valid due to [{2}]. Certificates signed by this trusted certificate WILL be accepted +sslUtilBase.alias_ignored=FIPS enabled so alias name [{0}] will be ignored. If there is more than one key in the key store, the key used will depend on the key store implementation diff --git a/java/org/apache/tomcat/util/net/SSLUtilBase.java b/java/org/apache/tomcat/util/net/SSLUtilBase.java index 0a829f9..7433ffe 100644 --- a/java/org/apache/tomcat/util/net/SSLUtilBase.java +++ b/java/org/apache/tomcat/util/net/SSLUtilBase.java @@ -295,6 +295,16 @@ public abstract class SSLUtilBase implements SSLUtil { char[] keyPassArray = keyPass.toCharArray(); +KeyManagerFactory kmf = KeyManagerFactory.getInstance(algorithm); +if (kmf.getProvider().getInfo().indexOf("FIPS") != -1) { +// FIPS doesn't like ANY wrapping nor key manipulation. +if (keyAlias != null) { +log.warn(sm.getString("sslUtilBase.alias_ignored", keyAlias)); +} +kmf.init(ksUsed, keyPassArray); +return kmf.getKeyManagers(); +} + if (ks == null) { if (certificate.getCertificateFile() == null) { throw new IOException(sm.getString("sslUtilBase.noCertFile")); @@ -358,7 +368,6 @@ public abstract class SSLUtilBase implements SSLUtil { } -KeyManagerFactory kmf = KeyManagerFactory.getInstance(algorithm); kmf.init(ksUsed, keyPassArray); KeyManager[] kms = kmf.getKeyManagers(); diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml index 2337deb..f9fd67d 100644 --- a/webapps/docs/changelog.xml +++ b/webapps/docs/changelog.xml @@ -124,6 +124,12 @@ return value, particularly when end of stream has been reached. (markt) +64614: Improve compatibility with FIPS keystores. When a FIPS +keystore is configured and the keystore contains multiple keys, the +alias attribute will be ignored and the key used will be implementation +dependent. (jfclere) + + 64621: Improve handling HTTP/2 stream reset frames received from clients. (markt) - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 64614] tomcat doesn't work with JSSE FIPS-compliant with NSS
https://bz.apache.org/bugzilla/show_bug.cgi?id=64614 Mark Thomas changed: What|Removed |Added Resolution|--- |FIXED Status|NEW |RESOLVED --- Comment #15 from Mark Thomas --- PR applied. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 9.0.x updated: Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=64614
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch 9.0.x in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/9.0.x by this push: new ee9e2e9 Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=64614 ee9e2e9 is described below commit ee9e2e930aedbb1c5ca7ecc89d25b9791af0cfb6 Author: Jean-Frederic Clere AuthorDate: Thu Aug 6 18:56:21 2020 +0200 Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=64614 Don't wrap FIPS keystores --- java/org/apache/tomcat/util/net/LocalStrings.properties | 1 + java/org/apache/tomcat/util/net/SSLUtilBase.java| 11 ++- webapps/docs/changelog.xml | 6 ++ 3 files changed, 17 insertions(+), 1 deletion(-) diff --git a/java/org/apache/tomcat/util/net/LocalStrings.properties b/java/org/apache/tomcat/util/net/LocalStrings.properties index 350d6b0..e2a16b9 100644 --- a/java/org/apache/tomcat/util/net/LocalStrings.properties +++ b/java/org/apache/tomcat/util/net/LocalStrings.properties @@ -176,3 +176,4 @@ sslUtilBase.ssl3=SSLv3 has been explicitly enabled. This protocol is known to be sslUtilBase.tls13.auth=The JSSE TLS 1.3 implementation does not support authentication after the initial handshake and is therefore incompatible with optional client authentication sslUtilBase.trustedCertNotChecked=The validity dates of the trusted certificate with alias [{0}] were not checked as the certificate was of an unknown type sslUtilBase.trustedCertNotValid=The trusted certificate with alias [{0}] and DN [{1}] is not valid due to [{2}]. Certificates signed by this trusted certificate WILL be accepted +sslUtilBase.alias_ignored=FIPS enabled so alias name [{0}] will be ignored. If there is more than one key in the key store, the key used will depend on the key store implementation diff --git a/java/org/apache/tomcat/util/net/SSLUtilBase.java b/java/org/apache/tomcat/util/net/SSLUtilBase.java index dd5f99a..143b2d2 100644 --- a/java/org/apache/tomcat/util/net/SSLUtilBase.java +++ b/java/org/apache/tomcat/util/net/SSLUtilBase.java @@ -296,6 +296,16 @@ public abstract class SSLUtilBase implements SSLUtil { char[] keyPassArray = keyPass.toCharArray(); +KeyManagerFactory kmf = KeyManagerFactory.getInstance(algorithm); +if (kmf.getProvider().getInfo().indexOf("FIPS") != -1) { +// FIPS doesn't like ANY wrapping nor key manipulation. +if (keyAlias != null) { +log.warn(sm.getString("sslUtilBase.alias_ignored", keyAlias)); +} +kmf.init(ksUsed, keyPassArray); +return kmf.getKeyManagers(); +} + if (ks == null) { if (certificate.getCertificateFile() == null) { throw new IOException(sm.getString("sslUtilBase.noCertFile")); @@ -358,7 +368,6 @@ public abstract class SSLUtilBase implements SSLUtil { } -KeyManagerFactory kmf = KeyManagerFactory.getInstance(algorithm); kmf.init(ksUsed, keyPassArray); KeyManager[] kms = kmf.getKeyManagers(); diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml index b835e53..9c123f5 100644 --- a/webapps/docs/changelog.xml +++ b/webapps/docs/changelog.xml @@ -139,6 +139,12 @@ (markt) +64614: Improve compatibility with FIPS keystores. When a FIPS +keystore is configured and the keystore contains multiple keys, the +alias attribute will be ignored and the key used will be implementation +dependent. (jfclere) + + 64621: Improve handling HTTP/2 stream reset frames received from clients. (markt) - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[GitHub] [tomcat] markt-asf closed pull request #334: Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=64614
markt-asf closed pull request #334: URL: https://github.com/apache/tomcat/pull/334 This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[GitHub] [tomcat] markt-asf commented on pull request #334: Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=64614
markt-asf commented on pull request #334: URL: https://github.com/apache/tomcat/pull/334#issuecomment-688775587 I merged manually so i could add a change log entry. This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch master updated: Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=64614
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/master by this push: new 739d2e6 Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=64614 739d2e6 is described below commit 739d2e6a1d81bdc34dd6b3db70b4913f782cdaf2 Author: Jean-Frederic Clere AuthorDate: Thu Aug 6 18:56:21 2020 +0200 Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=64614 Don't wrap FIPS keystores --- java/org/apache/tomcat/util/net/LocalStrings.properties | 1 + java/org/apache/tomcat/util/net/SSLUtilBase.java| 11 ++- webapps/docs/changelog.xml | 6 ++ 3 files changed, 17 insertions(+), 1 deletion(-) diff --git a/java/org/apache/tomcat/util/net/LocalStrings.properties b/java/org/apache/tomcat/util/net/LocalStrings.properties index 350d6b0..e2a16b9 100644 --- a/java/org/apache/tomcat/util/net/LocalStrings.properties +++ b/java/org/apache/tomcat/util/net/LocalStrings.properties @@ -176,3 +176,4 @@ sslUtilBase.ssl3=SSLv3 has been explicitly enabled. This protocol is known to be sslUtilBase.tls13.auth=The JSSE TLS 1.3 implementation does not support authentication after the initial handshake and is therefore incompatible with optional client authentication sslUtilBase.trustedCertNotChecked=The validity dates of the trusted certificate with alias [{0}] were not checked as the certificate was of an unknown type sslUtilBase.trustedCertNotValid=The trusted certificate with alias [{0}] and DN [{1}] is not valid due to [{2}]. Certificates signed by this trusted certificate WILL be accepted +sslUtilBase.alias_ignored=FIPS enabled so alias name [{0}] will be ignored. If there is more than one key in the key store, the key used will depend on the key store implementation diff --git a/java/org/apache/tomcat/util/net/SSLUtilBase.java b/java/org/apache/tomcat/util/net/SSLUtilBase.java index dd5f99a..143b2d2 100644 --- a/java/org/apache/tomcat/util/net/SSLUtilBase.java +++ b/java/org/apache/tomcat/util/net/SSLUtilBase.java @@ -296,6 +296,16 @@ public abstract class SSLUtilBase implements SSLUtil { char[] keyPassArray = keyPass.toCharArray(); +KeyManagerFactory kmf = KeyManagerFactory.getInstance(algorithm); +if (kmf.getProvider().getInfo().indexOf("FIPS") != -1) { +// FIPS doesn't like ANY wrapping nor key manipulation. +if (keyAlias != null) { +log.warn(sm.getString("sslUtilBase.alias_ignored", keyAlias)); +} +kmf.init(ksUsed, keyPassArray); +return kmf.getKeyManagers(); +} + if (ks == null) { if (certificate.getCertificateFile() == null) { throw new IOException(sm.getString("sslUtilBase.noCertFile")); @@ -358,7 +368,6 @@ public abstract class SSLUtilBase implements SSLUtil { } -KeyManagerFactory kmf = KeyManagerFactory.getInstance(algorithm); kmf.init(ksUsed, keyPassArray); KeyManager[] kms = kmf.getKeyManagers(); diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml index f55163a..3a37a26 100644 --- a/webapps/docs/changelog.xml +++ b/webapps/docs/changelog.xml @@ -143,6 +143,12 @@ (markt) +64614: Improve compatibility with FIPS keystores. When a FIPS +keystore is configured and the keystore contains multiple keys, the +alias attribute will be ignored and the key used will be implementation +dependent. (jfclere) + + 64621: Improve handling HTTP/2 stream reset frames received from clients. (markt) - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 64715] PasswordValidationCallback not supported
https://bz.apache.org/bugzilla/show_bug.cgi?id=64715 --- Comment #3 from Robert Rodewald --- Sorry, I got the section number wrong, it's section 3.5 Chapter 3 is Servlet Container Profile. Here is an excerpt from section 3.5: The CallbackHandler passed to ServerAuthModule.initialize is determined by the handler argument passed in the AuthConfigProvider.getServerAuthConfig call that acquired the corresponding authentication context configuration object. The handler argument must not be null, and the argument handler and the CallbackHandler passed to ServerAuthModule.initialize MUST support the following callbacks: • CallerPrincipalCallback • GroupPrincipalCallback • PasswordValidationCallback So it is a bug, if Tomcat claims to be JASPIC 1.1 compatible in my opinion. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
buildbot failure in on tomcat-9-trunk
The Buildbot has detected a new failure on builder tomcat-9-trunk while building tomcat. Full details are available at: https://ci.apache.org/builders/tomcat-9-trunk/builds/411 Buildbot URL: https://ci.apache.org/ Buildslave for this Build: asf946_ubuntu Build Reason: The AnyBranchScheduler scheduler named 'on-tomcat-9-commit' triggered this build Build Source Stamp: [branch 9.0.x] 7e26b575f485413fca9a5491f081f509faf338b1 Blamelist: Mark Thomas BUILD FAILED: failed compile_1 Sincerely, -The Buildbot - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 64715] PasswordValidationCallback not supported
https://bz.apache.org/bugzilla/show_bug.cgi?id=64715 Mark Thomas changed: What|Removed |Added Severity|minor |enhancement --- Comment #2 from Mark Thomas --- Section 4.9.2 is part of the SOAP profile. Tomcat only targets the Servlet Container profile. Looking at the requirements for the SOAP profile, it does not look to be directly implementable in Tomcat. Therefore, I am wondering what is the purpose of this enhancement? -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 64710] NullPointerException in Http2UpgradeHandler.endRequestBodyFrame and BufferOverflowException in SocketBufferHandler
https://bz.apache.org/bugzilla/show_bug.cgi?id=64710 Mark Thomas changed: What|Removed |Added Status|REOPENED|RESOLVED Resolution|--- |FIXED --- Comment #12 from Mark Thomas --- Fixed in: - master for 10.0.0-M8 onwards - 9.0.x for 9.0.38 onwards - 8.5.x for 8.5.58 onwards -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 8.5.x updated: Revert stream memory footprint reduction and incomplete fixes
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch 8.5.x in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/8.5.x by this push: new c3b7372 Revert stream memory footprint reduction and incomplete fixes c3b7372 is described below commit c3b7372b2bd09973222d5d6d5610a5e09d1292bc Author: Mark Thomas AuthorDate: Tue Sep 8 10:16:57 2020 +0100 Revert stream memory footprint reduction and incomplete fixes Revert the changes due to the steady stream of regressions that are being reported and.or found by the CI systems. A more robust solution is required. --- java/org/apache/coyote/http2/Stream.java | 41 +++- webapps/docs/changelog.xml | 5 2 files changed, 19 insertions(+), 27 deletions(-) diff --git a/java/org/apache/coyote/http2/Stream.java b/java/org/apache/coyote/http2/Stream.java index 46719da..813980c 100644 --- a/java/org/apache/coyote/http2/Stream.java +++ b/java/org/apache/coyote/http2/Stream.java @@ -297,19 +297,14 @@ public class Stream extends AbstractStream implements HeaderEmitter { void doStreamCancel(String msg, Http2Error error) throws CloseNowException { -// Avoid NPEs on duplicate cancellations -StreamOutputBuffer streamOutputBuffer = this.streamOutputBuffer; -Response coyoteResponse = this.coyoteResponse; StreamException se = new StreamException(msg, error, getIdAsInt()); -if (streamOutputBuffer != null && coyoteResponse != null) { -// Prevent the application making further writes -streamOutputBuffer.closed = true; -// Prevent Tomcat's error handling trying to write -coyoteResponse.setError(); -coyoteResponse.setErrorReported(); -// Trigger a reset once control returns to Tomcat -streamOutputBuffer.reset = se; -} +// Prevent the application making further writes +streamOutputBuffer.closed = true; +// Prevent Tomcat's error handling trying to write +coyoteResponse.setError(); +coyoteResponse.setErrorReported(); +// Trigger a reset once control returns to Tomcat +streamOutputBuffer.reset = se; throw new CloseNowException(msg, se); } @@ -477,13 +472,7 @@ public class Stream extends AbstractStream implements HeaderEmitter { name), Http2Error.PROTOCOL_ERROR, getIdAsInt()); } -// Avoid NPE if Stream has been closed on Stream specific thread -Request coyoteRequest = this.coyoteRequest; -if (coyoteRequest != null) { -// HTTP/2 headers are already always lower case -// In 8.5.x trailer headers are added to headers collection. -coyoteRequest.getMimeHeaders().addValue(name).setString(value); -} +coyoteRequest.getMimeHeaders().addValue(name).setString(value); } } } @@ -624,14 +613,9 @@ public class Stream extends AbstractStream implements HeaderEmitter { final boolean isContentLengthInconsistent() { -Request coyoteRequest = this.coyoteRequest; -// May be null when processing trailer headers after stream has been -// closed. -if (coyoteRequest != null) { -long contentLengthHeader = coyoteRequest.getContentLengthLong(); -if (contentLengthHeader > -1 && contentLengthReceived != contentLengthHeader) { -return true; -} +long contentLengthHeader = coyoteRequest.getContentLengthLong(); +if (contentLengthHeader > -1 && contentLengthReceived != contentLengthHeader) { +return true; } return false; } @@ -737,12 +721,15 @@ public class Stream extends AbstractStream implements HeaderEmitter { if (log.isDebugEnabled()) { log.debug(sm.getString("stream.recycle", getConnectionId(), getIdentifier())); } +/* + * Temporarily disabled due to multiple regressions (NPEs) coyoteRequest = null; cookieHeader = null; coyoteResponse = null; inputBuffer = null; streamOutputBuffer = null; http2OutputBuffer = null; +*/ } diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml index a7a7430..2337deb 100644 --- a/webapps/docs/changelog.xml +++ b/webapps/docs/changelog.xml @@ -157,6 +157,11 @@ streams to account for DATA frames containing zero-length padding. (markt) + +64710: Revert the changes to reduce the memory footprint of +closed HTTP/2 streams as they triggered multiple regressions in the form +of NullPointerExceptions. (markt) + - To
[tomcat] branch 9.0.x updated: Revert stream memory footprint reduction and incomplete fixes
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch 9.0.x in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/9.0.x by this push: new 7e26b57 Revert stream memory footprint reduction and incomplete fixes 7e26b57 is described below commit 7e26b575f485413fca9a5491f081f509faf338b1 Author: Mark Thomas AuthorDate: Tue Sep 8 10:16:57 2020 +0100 Revert stream memory footprint reduction and incomplete fixes Revert the changes due to the steady stream of regressions that are being reported and.or found by the CI systems. A more robust solution is required. --- java/org/apache/coyote/http2/Stream.java | 41 webapps/docs/changelog.xml | 5 2 files changed, 20 insertions(+), 26 deletions(-) diff --git a/java/org/apache/coyote/http2/Stream.java b/java/org/apache/coyote/http2/Stream.java index b01ca01..c3139ab 100644 --- a/java/org/apache/coyote/http2/Stream.java +++ b/java/org/apache/coyote/http2/Stream.java @@ -300,19 +300,14 @@ class Stream extends AbstractStream implements HeaderEmitter { void doStreamCancel(String msg, Http2Error error) throws CloseNowException { -// Avoid NPEs on duplicate cancellations -StreamOutputBuffer streamOutputBuffer = this.streamOutputBuffer; -Response coyoteResponse = this.coyoteResponse; StreamException se = new StreamException(msg, error, getIdAsInt()); -if (streamOutputBuffer != null && coyoteResponse != null) { -// Prevent the application making further writes -streamOutputBuffer.closed = true; -// Prevent Tomcat's error handling trying to write -coyoteResponse.setError(); -coyoteResponse.setErrorReported(); -// Trigger a reset once control returns to Tomcat -streamOutputBuffer.reset = se; -} +// Prevent the application making further writes +streamOutputBuffer.closed = true; +// Prevent Tomcat's error handling trying to write +coyoteResponse.setError(); +coyoteResponse.setErrorReported(); +// Trigger a reset once control returns to Tomcat +streamOutputBuffer.reset = se; throw new CloseNowException(msg, se); } @@ -475,12 +470,8 @@ class Stream extends AbstractStream implements HeaderEmitter { } if (headerState == HEADER_STATE_TRAILER) { -// Avoid NPE if Stream has been closed on Stream specific thread -Request coyoteRequest = this.coyoteRequest; -if (coyoteRequest != null) { -// HTTP/2 headers are already always lower case -coyoteRequest.getTrailerFields().put(name, value); -} +// HTTP/2 headers are already always lower case +coyoteRequest.getTrailerFields().put(name, value); } else { coyoteRequest.getMimeHeaders().addValue(name).setString(value); } @@ -656,14 +647,9 @@ class Stream extends AbstractStream implements HeaderEmitter { final boolean isContentLengthInconsistent() { -Request coyoteRequest = this.coyoteRequest; -// May be null when processing trailer headers after stream has been -// closed. -if (coyoteRequest != null) { -long contentLengthHeader = coyoteRequest.getContentLengthLong(); -if (contentLengthHeader > -1 && contentLengthReceived != contentLengthHeader) { -return true; -} +long contentLengthHeader = coyoteRequest.getContentLengthLong(); +if (contentLengthHeader > -1 && contentLengthReceived != contentLengthHeader) { +return true; } return false; } @@ -765,12 +751,15 @@ class Stream extends AbstractStream implements HeaderEmitter { if (log.isDebugEnabled()) { log.debug(sm.getString("stream.recycle", getConnectionId(), getIdentifier())); } +/* + * Temporarily disabled due to multiple regressions (NPEs) coyoteRequest = null; cookieHeader = null; coyoteResponse = null; inputBuffer = null; streamOutputBuffer = null; http2OutputBuffer = null; +*/ } diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml index f9bcfd5..b835e53 100644 --- a/webapps/docs/changelog.xml +++ b/webapps/docs/changelog.xml @@ -172,6 +172,11 @@ streams to account for DATA frames containing zero-length padding. (markt) + +64710: Revert the changes to reduce the memory footprint of +closed HTTP/2 streams as they triggered multiple regressions in the form +of NullPointerExceptions. (markt) +
[tomcat] branch master updated: Revert stream memory footprint reduction and incomplete fixes
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/master by this push: new ad6c5db Revert stream memory footprint reduction and incomplete fixes ad6c5db is described below commit ad6c5db660f644751c6cded22d0f94b7ad193541 Author: Mark Thomas AuthorDate: Tue Sep 8 10:16:57 2020 +0100 Revert stream memory footprint reduction and incomplete fixes Revert the changes due to the steady stream of regressions that are being reported and.or found by the CI systems. A more robust solution is required. --- java/org/apache/coyote/http2/Stream.java | 41 webapps/docs/changelog.xml | 5 2 files changed, 20 insertions(+), 26 deletions(-) diff --git a/java/org/apache/coyote/http2/Stream.java b/java/org/apache/coyote/http2/Stream.java index ea87346..5089456 100644 --- a/java/org/apache/coyote/http2/Stream.java +++ b/java/org/apache/coyote/http2/Stream.java @@ -300,19 +300,14 @@ class Stream extends AbstractStream implements HeaderEmitter { void doStreamCancel(String msg, Http2Error error) throws CloseNowException { -// Avoid NPEs on duplicate cancellations -StreamOutputBuffer streamOutputBuffer = this.streamOutputBuffer; -Response coyoteResponse = this.coyoteResponse; StreamException se = new StreamException(msg, error, getIdAsInt()); -if (streamOutputBuffer != null && coyoteResponse != null) { -// Prevent the application making further writes -streamOutputBuffer.closed = true; -// Prevent Tomcat's error handling trying to write -coyoteResponse.setError(); -coyoteResponse.setErrorReported(); -// Trigger a reset once control returns to Tomcat -streamOutputBuffer.reset = se; -} +// Prevent the application making further writes +streamOutputBuffer.closed = true; +// Prevent Tomcat's error handling trying to write +coyoteResponse.setError(); +coyoteResponse.setErrorReported(); +// Trigger a reset once control returns to Tomcat +streamOutputBuffer.reset = se; throw new CloseNowException(msg, se); } @@ -475,12 +470,8 @@ class Stream extends AbstractStream implements HeaderEmitter { } if (headerState == HEADER_STATE_TRAILER) { -// Avoid NPE if Stream has been closed on Stream specific thread -Request coyoteRequest = this.coyoteRequest; -if (coyoteRequest != null) { -// HTTP/2 headers are already always lower case -coyoteRequest.getTrailerFields().put(name, value); -} +// HTTP/2 headers are already always lower case +coyoteRequest.getTrailerFields().put(name, value); } else { coyoteRequest.getMimeHeaders().addValue(name).setString(value); } @@ -656,14 +647,9 @@ class Stream extends AbstractStream implements HeaderEmitter { final boolean isContentLengthInconsistent() { -Request coyoteRequest = this.coyoteRequest; -// May be null when processing trailer headers after stream has been -// closed. -if (coyoteRequest != null) { -long contentLengthHeader = coyoteRequest.getContentLengthLong(); -if (contentLengthHeader > -1 && contentLengthReceived != contentLengthHeader) { -return true; -} +long contentLengthHeader = coyoteRequest.getContentLengthLong(); +if (contentLengthHeader > -1 && contentLengthReceived != contentLengthHeader) { +return true; } return false; } @@ -765,12 +751,15 @@ class Stream extends AbstractStream implements HeaderEmitter { if (log.isDebugEnabled()) { log.debug(sm.getString("stream.recycle", getConnectionId(), getIdentifier())); } +/* + * Temporarily disabled due to multiple regressions (NPEs) coyoteRequest = null; cookieHeader = null; coyoteResponse = null; inputBuffer = null; streamOutputBuffer = null; http2OutputBuffer = null; +*/ } diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml index ad9e1d2..f55163a 100644 --- a/webapps/docs/changelog.xml +++ b/webapps/docs/changelog.xml @@ -176,6 +176,11 @@ streams to account for DATA frames containing zero-length padding. (markt) + +64710: Revert the changes to reduce the memory footprint of +closed HTTP/2 streams as they triggered multiple regressions in the form +of NullPointerExceptions. (markt) +
[Bug 64720] Please Help me to about this Log
https://bz.apache.org/bugzilla/show_bug.cgi?id=64720 Mark Thomas changed: What|Removed |Added Resolution|--- |INVALID OS||All Status|NEW |RESOLVED --- Comment #1 from Mark Thomas --- Bugzilla is not a support forum. Please use the users mailing list. http://tomcat.apache.org/lists.html#tomcat-users -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 64715] PasswordValidationCallback not supported
https://bz.apache.org/bugzilla/show_bug.cgi?id=64715 Robert Rodewald changed: What|Removed |Added Attachment #37434|Proposed patch for bug |Proposed patch for bug description||64715 -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 64715] PasswordValidationCallback not supported
https://bz.apache.org/bugzilla/show_bug.cgi?id=64715 --- Comment #1 from Robert Rodewald --- Created attachment 37434 --> https://bz.apache.org/bugzilla/attachment.cgi?id=37434=edit Proposed patch for bug - CallbackHandlerImpl changed from singleton to regular class - added parameter context in constructor of CallbackHandlerImpl - implemented PasswordValidationCallback in CallbackHandlerImpl - updated initialization code for the callbackHandler in AuthenticatorBase - removed direct initialization of CallbackHandlerImpl -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 64720] New: Please Help me to about this Log
https://bz.apache.org/bugzilla/show_bug.cgi?id=64720 Bug ID: 64720 Summary: Please Help me to about this Log Product: Tomcat 8 Version: 8.5.x-trunk Hardware: PC Status: NEW Severity: major Priority: P2 Component: Catalina Assignee: dev@tomcat.apache.org Reporter: s484r@gmail.com Target Milestone: 2020-09-08 13:28:02 Commons Daemon procrun stdout initialized registerDriver: oracle.jdbc.OracleDriver@2f813bc9 DriverManager.getDriver("jdbc:oracle:thin:@//123.64.34.11:1521/ORCL") getDriver returning oracle.jdbc.OracleDriver java.sql.SQLException: This pooled Connection was explicitly close()ed by a client, not invalidated due to an error. at com.mchange.v2.c3p0.impl.NewPooledConnection.(NewPooledConnection.java:42) at com.mchange.v2.c3p0.WrapperConnectionPoolDataSource.getPooledConnection(WrapperConnectionPoolDataSource.java:198) at com.mchange.v2.c3p0.WrapperConnectionPoolDataSource.getPooledConnection(WrapperConnectionPoolDataSource.java:171) at com.mchange.v2.c3p0.impl.C3P0PooledConnectionPool$1PooledConnectionResourcePoolManager.acquireResource(C3P0PooledConnectionPool.java:137) at com.mchange.v2.resourcepool.BasicResourcePool.doAcquire(BasicResourcePool.java:1014) at com.mchange.v2.resourcepool.BasicResourcePool.access$800(BasicResourcePool.java:32) at com.mchange.v2.resourcepool.BasicResourcePool$AcquireTask.run(BasicResourcePool.java:1810) at com.mchange.v2.async.ThreadPoolAsynchronousRunner$PoolThread.run(ThreadPoolAsynchronousRunner.java:547) SQLState(23000) vendor code(1) -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 64717] gurilaz
https://bz.apache.org/bugzilla/show_bug.cgi?id=64717 Julian Reschke changed: What|Removed |Added Resolution|--- |INVALID Status|NEW |RESOLVED -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org