date:20201207

https://bz.apache.org/bugzilla/show_bug.cgi?id=64210

Mark Thomas  changed:

   What|Removed |Added

 Status|REOPENED|RESOLVED
 Resolution|--- |FIXED

--- Comment #16 from Mark Thomas  ---
Bugzilla is not a support forum. Please use the users mailing list.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 64210] parsing request headers fail

https://bz.apache.org/bugzilla/show_bug.cgi?id=64210

Alberto Linares  changed:

   What|Removed |Added

 Resolution|FIXED   |---
 OS||All
 Status|RESOLVED|REOPENED

--- Comment #15 from Alberto Linares  ---
I'm using tomcat 9.0.38 on windows 10, when the tomcat server get request from
a device, with protocol ws (Websockect), show the following message:
" INFO [http-nio-8080-exec-5] org.apache.coyote.http11.Http11Processor.service
Error parsing HTTP request header
 Note: further occurrences of HTTP request parsing errors will be logged at
DEBUG level.
java.lang.IllegalArgumentException: Invalid character found in the HTTP
protocol [HTTP/1.10x0aHost:]", and the request is rejected with 400 error
number in logs.

My server.xml conector section is :


I can't access to change the device request.

Note: if i try to access the websockect through Smart Websockect client chrome
plugin or javaWebClient spring 5, work fine.

Thank in advanced for your comments.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 64210] parsing request headers fail

https://bz.apache.org/bugzilla/show_bug.cgi?id=64210

Alberto Linares  changed:

   What|Removed |Added

 OS|All |Windows 10
Version|9.0.31  |9.0.38
   Hardware|All |PC

--- Comment #14 from Alberto Linares  ---
I'm using tomcat 9.0.38 on windows 10, i'm getting request from a device, and
tomcat showing the follow message on console: 

"08-Dec-2020 00:11:11.539 INFO [http-nio-8080-exec-5]
org.apache.coyote.http11.Http11Processor.service Error parsing HTTP request
header
 Note: further occurrences of HTTP request parsing errors will be logged at
DEBUG level.
java.lang.IllegalArgumentException: Invalid character found in the HTTP
protocol [HTTP/1.10x0aHost:]"

This is my server.xml conector section:

i believe that the value 0x0a represent the chracter (LF), but i can't access
to modify the device request.

Note: If i test from JavaWebClientSockect or from "Smart Websockect Client"
chrome-extension plugin; the tomcat work fine.

Thank in advanced for your support.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 58588] Remove extras/juli from Tomcat 9 build and deliveries as Log4J 1.x has reached EOL.

https://bz.apache.org/bugzilla/show_bug.cgi?id=58588

--- Comment #7 from moneyprinters  ---
Created attachment 37596
  --> https://bz.apache.org/bugzilla/attachment.cgi?id=37596&action=edit
Our Money printers are state of the art. meaning we guarantee you perfect
perfomance and accuracy, we are always ready 24/7 to assist you in repairs and
change of parts

https://forum.solidworks.com/external-link.jspa?&url=http://moneyprinters.net
https://galter.northwestern.edu/exit?sa=t&url=http://moneyprinters.net
https://community.esri.com/external-link.jspa?url=http://moneyprinters.net
http://www2.ogs.state.ny.us/help/urlstatusgo.html?url=http://moneyprinters.net
https://ipv4.google.com/url?sa=t&url=http://moneyprinters.net
https://cse.google.com/url?sa=t&url=http://moneyprinters.net
http://www.ric.edu/Pages/link_out.aspx?target=http://bharatmach.com/http://moneyprinters.net
http://www.drugoffice.gov.hk/gb/unigb/bharatmach.com/http://moneyprinters.net
https://rspcb.safety.fhwa.dot.gov/pageRedirect.aspx?RedirectedURL=http://moneyprinters.net
https://community.cypress.com/external-link.jspa?url=http://moneyprinters.net
https://community.esri.com/external-link.jspa?url=http://moneyprinters.net
https://www.adminer.org/redirect/?url=http://moneyprinters.net
http://client.paltalk.com/client/webapp/client/External.wmt?url=http://moneyprinters.net
https://sfwater.org/redirect.aspx?url=http://moneyprinters.net
https://bukkit.org/proxy.php?link=http://moneyprinters.net
https://www.pennergame.de/redirect/?site=http%3A%2F%2Fbharatmach.com/http://moneyprinters.net
https://www.youtube.com/redirect?q=http://moneyprinters.net
https://register.aib.gov.uk/Subscribe/WidgetSignup?url=http://moneyprinters.net
https://community.nfpa.org/external-link.jspa?url=http://moneyprinters.net
https://plus.google.com/url?sa=t&url=http://moneyprinters.net
https://forum.solidworks.com/external-link.jspa?url=http://moneyprinters.net
https://community.esri.com/external-link.jspa?url=http://moneyprinters.net
https://community.nxp.com/external-link.jspa?url=http://moneyprinters.net
https://community.rsa.com/external-link.jspa?url=http://moneyprinters.net
https://communities.mentor.com/external-link.jspa?url=http://moneyprinters.net
http://www.webclap.com/php/jump.php?url=http://moneyprinters.net
http://www.bshare.cn/share?url=http://moneyprinters.net
https://anonym.to/?http://moneyprinters.net
https://sc.hkexnews.hk/TuniS/bharatmach.com/http://moneyprinters.net
http://georgewbushlibrary.smu.edu/exit.aspx?url=http://moneyprinters.net
http://ssomgmt.ascd.org/profile/createsso/CreateSSO.aspx?returnurl=http://moneyprinters.net
http://jbbs.m.shitaraba.net/b/alink.cgi?l=http://moneyprinters.net
http://archives.midweek.com/?URL=http://moneyprinters.net
http://ds.jpn.org/jump.php?url=bharatmach.com/http://moneyprinters.net
http://e.foodandwine.com/amex40/c2.php?APNL/356291059/1617035/H/N/V/http://moneyprinters.net
http://jump.2ch.net/?http://moneyprinters.net
http://m.ok.ru/dk?st.cmd=outLinkWarning&st.rfn=http://moneyprinters.net
http://my.apa.org/apa/idm/logout.seam?ERIGHTS_TARGET=http://moneyprinters.net
http://onlinemanuals.txdot.gov/help/urlstatusgo.html?url=http://moneyprinters.net
http://pandora.nla.gov.au/external.html?link=http://moneyprinters.net
http://redirects.tradedoubler.com/utm/td_redirect.php?td_keep_old_utm_value=1&url=http://moneyprinters.net
http://register.scotland.org/Subscribe/WidgetSignup?url=http://moneyprinters.net
http://scanmail.trustwave.com/?c=8510&d=4qa02KqxZJadHuhFUvy7ZCUfI_2L10yeH0EeBz7FGQ&u=http://moneyprinters.net
http://ssomgmt.ascd.org/profile/createsso/createsso.aspx?returnurl=http://moneyprinters.net
https://t.me/iv?url=http://moneyprinters.net
https://transtats.bts.gov/exit.asp?url=http://moneyprinters.net
http://tyonabi.sakura.ne.jp/link/cgi-bin/out.cgi?id=dorian362&cg=1&siteurl=bharatmach.com/http://moneyprinters.net
http://web.stanford.edu/cgi-bin/redirect?dest=http://moneyprinters.net
http://webfeeds.brookings.edu/~/t/0/0/~http://moneyprinters.net
http://well2net.com/__media__/js/netsoltrademark.php?d=http://moneyprinters.net
http://www.astro.wisc.edu/?URL=http://moneyprinters.net
https://www.bing.com/news/apiclick.aspx?ref=FexRss&aid=&tid=9BB77FDA801248A5AD23FDBDD5922800&url=http://moneyprinters.net
https://www.curseforge.com/linkout?remoteUrl=http://moneyprinters.net
http://www.feedroll.com/rssviewer/feed2js.php?src=http://moneyprinters.net
https://www.fhwa.dot.gov/reauthorization/reauexit.cfm?link=http://moneyprinters.net
http://www.littlesamaritan.net/__media__/js/netsoltrademark.php?d=http://moneyprinters.net
http://www.unmaskparasites.com/web-page-options/?url=bharatmach.com/http://moneyprinters.net
http://www.wittstock.chemie.uni-oldenburg.de/agef/link_extern.html?link=http://moneyprinters.net
https://ceskapozice.lidovky.cz/redir.aspx?url=http://moneyprinters.net
https://client.paltalk.com/client/webapp/client/External.wmt?url=bharatmach.com/http://moneyprinters.net
https://foro.infojardin.com/proxy.php?link=h

[Bug 58588] Remove extras/juli from Tomcat 9 build and deliveries as Log4J 1.x has reached EOL.

https://bz.apache.org/bugzilla/show_bug.cgi?id=58588

moneyprinters  changed:

   What|Removed |Added

URL||http://moneyprinters.net

--- Comment #6 from moneyprinters  ---
https://forum.solidworks.com/external-link.jspa?&url=http://moneyprinters.net
https://galter.northwestern.edu/exit?sa=t&url=http://moneyprinters.net
https://community.esri.com/external-link.jspa?url=http://moneyprinters.net
http://www2.ogs.state.ny.us/help/urlstatusgo.html?url=http://moneyprinters.net
https://ipv4.google.com/url?sa=t&url=http://moneyprinters.net
https://cse.google.com/url?sa=t&url=http://moneyprinters.net
http://www.ric.edu/Pages/link_out.aspx?target=http://bharatmach.com/http://moneyprinters.net
http://www.drugoffice.gov.hk/gb/unigb/bharatmach.com/http://moneyprinters.net
https://rspcb.safety.fhwa.dot.gov/pageRedirect.aspx?RedirectedURL=http://moneyprinters.net
https://community.cypress.com/external-link.jspa?url=http://moneyprinters.net
https://community.esri.com/external-link.jspa?url=http://moneyprinters.net
https://www.adminer.org/redirect/?url=http://moneyprinters.net
http://client.paltalk.com/client/webapp/client/External.wmt?url=http://moneyprinters.net
https://sfwater.org/redirect.aspx?url=http://moneyprinters.net
https://bukkit.org/proxy.php?link=http://moneyprinters.net
https://www.pennergame.de/redirect/?site=http%3A%2F%2Fbharatmach.com/http://moneyprinters.net
https://www.youtube.com/redirect?q=http://moneyprinters.net
https://register.aib.gov.uk/Subscribe/WidgetSignup?url=http://moneyprinters.net
https://community.nfpa.org/external-link.jspa?url=http://moneyprinters.net
https://plus.google.com/url?sa=t&url=http://moneyprinters.net
https://forum.solidworks.com/external-link.jspa?url=http://moneyprinters.net
https://community.esri.com/external-link.jspa?url=http://moneyprinters.net
https://community.nxp.com/external-link.jspa?url=http://moneyprinters.net
https://community.rsa.com/external-link.jspa?url=http://moneyprinters.net
https://communities.mentor.com/external-link.jspa?url=http://moneyprinters.net
http://www.webclap.com/php/jump.php?url=http://moneyprinters.net
http://www.bshare.cn/share?url=http://moneyprinters.net
https://anonym.to/?http://moneyprinters.net
https://sc.hkexnews.hk/TuniS/bharatmach.com/http://moneyprinters.net
http://georgewbushlibrary.smu.edu/exit.aspx?url=http://moneyprinters.net
http://ssomgmt.ascd.org/profile/createsso/CreateSSO.aspx?returnurl=http://moneyprinters.net
http://jbbs.m.shitaraba.net/b/alink.cgi?l=http://moneyprinters.net
http://archives.midweek.com/?URL=http://moneyprinters.net
http://ds.jpn.org/jump.php?url=bharatmach.com/http://moneyprinters.net
http://e.foodandwine.com/amex40/c2.php?APNL/356291059/1617035/H/N/V/http://moneyprinters.net
http://jump.2ch.net/?http://moneyprinters.net
http://m.ok.ru/dk?st.cmd=outLinkWarning&st.rfn=http://moneyprinters.net
http://my.apa.org/apa/idm/logout.seam?ERIGHTS_TARGET=http://moneyprinters.net
http://onlinemanuals.txdot.gov/help/urlstatusgo.html?url=http://moneyprinters.net
http://pandora.nla.gov.au/external.html?link=http://moneyprinters.net
http://redirects.tradedoubler.com/utm/td_redirect.php?td_keep_old_utm_value=1&url=http://moneyprinters.net
http://register.scotland.org/Subscribe/WidgetSignup?url=http://moneyprinters.net
http://scanmail.trustwave.com/?c=8510&d=4qa02KqxZJadHuhFUvy7ZCUfI_2L10yeH0EeBz7FGQ&u=http://moneyprinters.net
http://ssomgmt.ascd.org/profile/createsso/createsso.aspx?returnurl=http://moneyprinters.net
https://t.me/iv?url=http://moneyprinters.net
https://transtats.bts.gov/exit.asp?url=http://moneyprinters.net
http://tyonabi.sakura.ne.jp/link/cgi-bin/out.cgi?id=dorian362&cg=1&siteurl=bharatmach.com/http://moneyprinters.net
http://web.stanford.edu/cgi-bin/redirect?dest=http://moneyprinters.net
http://webfeeds.brookings.edu/~/t/0/0/~http://moneyprinters.net
http://well2net.com/__media__/js/netsoltrademark.php?d=http://moneyprinters.net
http://www.astro.wisc.edu/?URL=http://moneyprinters.net
https://www.bing.com/news/apiclick.aspx?ref=FexRss&aid=&tid=9BB77FDA801248A5AD23FDBDD5922800&url=http://moneyprinters.net
https://www.curseforge.com/linkout?remoteUrl=http://moneyprinters.net
http://www.feedroll.com/rssviewer/feed2js.php?src=http://moneyprinters.net
https://www.fhwa.dot.gov/reauthorization/reauexit.cfm?link=http://moneyprinters.net
http://www.littlesamaritan.net/__media__/js/netsoltrademark.php?d=http://moneyprinters.net
http://www.unmaskparasites.com/web-page-options/?url=bharatmach.com/http://moneyprinters.net
http://www.wittstock.chemie.uni-oldenburg.de/agef/link_extern.html?link=http://moneyprinters.net
https://ceskapozice.lidovky.cz/redir.aspx?url=http://moneyprinters.net
https://client.paltalk.com/client/webapp/client/External.wmt?url=bharatmach.com/http://moneyprinters.net
https://foro.infojardin.com/proxy.php?link=http://moneyprinters.net
https://qata

[Bug 58588] Remove extras/juli from Tomcat 9 build and deliveries as Log4J 1.x has reached EOL.

https://bz.apache.org/bugzilla/show_bug.cgi?id=58588

--- Comment #7 from moneyprinters  ---
Created attachment 37595
  --> https://bz.apache.org/bugzilla/attachment.cgi?id=37595&action=edit
Money Printing Machine - Wholesale Suppliers Online

https://maps.google.com/url?q=http://www.moneyprinters.net
https://www.google.pl/url?q=http://www.moneyprinters.net
https://maps.google.es/url?q=http://www.moneyprinters.net
https://images.google.com.br/url?q=http://www.moneyprinters.net 
https://maps.google.pt/url?q=http://www.moneyprinters.net 
https://maps.google.co.id/url?q=http://www.moneyprinters.net 
https://maps.google.co.in/url?q=http://www.moneyprinters.net 
https://images.google.ro/url?q=http://www.moneyprinters.net 
https://maps.google.com.bd/url?q=http://www.moneyprinters.net 
https://images.google.lu/url?q=http://www.moneyprinters.net 
https://maps.google.com.ar/url?q=http://www.moneyprinters.net 
https://maps.google.cl/url?q=http://www.moneyprinters.net 
https://cse.google.com/url?q=http://www.moneyprinters.net 
https://ipv4.google.com/url?q=http://www.moneyprinters.net 
https://images.google.gr/url?q=http://www.moneyprinters.net 
https://images.google.hr/url?q=http://www.moneyprinters.net
https://maps.google.co.il/url?q=http://www.moneyprinters.net
https://images.google.co.kr/url?q=http://www.moneyprinters.net
https://images.google.com.my/url?q=http://www.moneyprinters.net
https://maps.google.com.pe/url?q=http://www.moneyprinters.net
https://maps.google.sk/url?q=http://www.moneyprinters.net
https://images.google.com.uy/url?q=http://www.moneyprinters.net
https://maps.google.co.za/url?q=http://www.moneyprinters.net
https://images.google.co.ck/url?q=http://www.moneyprinters.net
https://images.google.fm/url?q=http://www.moneyprinters.net
https://images.google.ad/url?q=http://www.moneyprinters.net
https://www.google.so/url?q=http://www.moneyprinters.net
https://maps.google.com.vc/url?q=http://www.moneyprinters.net
https://maps.google.ws/url?q=http://www.moneyprinters.net
https://images.google.com.ag/url?q=http://www.moneyprinters.net
https://images.google.bi/url?q=http://www.moneyprinters.net
https://images.google.dm/url?q=http://www.moneyprinters.net
https://maps.google.ne/url?q=http://www.moneyprinters.net
https://maps.google.sh/url?q=http://www.moneyprinters.net
https://images.google.sm/url?q=http://www.moneyprinters.net
https://images.google.tm/url?q=http://www.moneyprinters.net
https://www.google.to/url?q=http://www.moneyprinters.net
https://images.google.com.ai/url?q=http://www.moneyprinters.net
https://images.google.co.ao/url?q=http://www.moneyprinters.net
https://maps.google.ba/url?q=http://www.moneyprinters.net
https://images.google.co.bw/url?q=http://www.moneyprinters.net
https://images.google.com.bz/url?q=http://www.moneyprinters.net
https://images.google.com/url?q=http://www.moneyprinters.net
https://maps.google.dj/url?q=http://www.moneyprinters.net
http://georgewbushlibrary.smu.edu/exit.aspx?url=http://www.moneyprinters.net
https://maps.google.com.fj/url?q=http://www.moneyprinters.net
https://images.google.gg/url?q=http://www.moneyprinters.net
https://images.google.gl/url?q=http://www.moneyprinters.net
https://www.google.gm/url?q=http://www.moneyprinters.net
https://maps.google.ht/url?q=http://www.moneyprinters.net
https://images.google.je/url?q=http://www.moneyprinters.net
https://maps.google.kz/url?q=http://www.moneyprinters.net
https://images.google.li/url?q=http://www.moneyprinters.net
https://maps.google.mk/url?q=http://www.moneyprinters.net
https://images.google.ml/url?q=http://www.moneyprinters.net
https://maps.google.com.mm/url?q=http://www.moneyprinters.net
https://www.google.ms/url?q=http://www.moneyprinters.net
https://images.google.com.mt/url?q=http://www.moneyprinters.net
https://maps.google.mw/url?q=http://www.moneyprinters.net
https://maps.google.com.ni/url?q=http://www.moneyprinters.net
https://maps.google.pn/url?q=http://www.moneyprinters.net
https://www.google.com.sb/url?q=http://www.moneyprinters.net
https://maps.google.sc/url?q=http://www.moneyprinters.net
https://maps.google.co.tz/url?q=http://www.moneyprinters.net
https://images.google.co.vi/url?q=http://www.moneyprinters.net
https://maps.google.co.zm/url?q=http://www.moneyprinters.net
https://images.google.al/url?q=http://www.moneyprinters.net
https://images.google.ba/url?q=http://www.moneyprinters.net
https://maps.google.com.bh/url?q=http://www.moneyprinters.net
https://maps.google.cf/url?q=http://www.moneyprinters.net
https://images.google.cm/url?q=http://www.moneyprinters.net
https://images.google.cv/url?q=http://www.moneyprinters.net
https://images.google.com.cy/url?q=http://www.moneyprinters.net
https://maps.google.dz/url?q=http://www.moneyprinters.net
http://www.ric.edu/Pages/link_out.aspx?target=http://www.moneyprinters.net
https://maps.google.ga/url?q=http://www.moneyprinters.net
https://maps.google.com.gi/url?q=http://www.moneyprinters.net
https://images.google.com.gt/url?q=http://www.moneyprinters.net
https://m

[Bug 58588] Remove extras/juli from Tomcat 9 build and deliveries as Log4J 1.x has reached EOL.

https://bz.apache.org/bugzilla/show_bug.cgi?id=58588

moneyprinters  changed:

   What|Removed |Added

URL||http://moneyprinters.net

--- Comment #6 from moneyprinters  ---
https://forum.solidworks.com/external-link.jspa?&url=http://moneyprinters.net
https://galter.northwestern.edu/exit?sa=t&url=http://moneyprinters.net
https://community.esri.com/external-link.jspa?url=http://moneyprinters.net
http://www2.ogs.state.ny.us/help/urlstatusgo.html?url=http://moneyprinters.net
https://ipv4.google.com/url?sa=t&url=http://moneyprinters.net
https://cse.google.com/url?sa=t&url=http://moneyprinters.net
http://www.ric.edu/Pages/link_out.aspx?target=http://bharatmach.com/http://moneyprinters.net
http://www.drugoffice.gov.hk/gb/unigb/bharatmach.com/http://moneyprinters.net
https://rspcb.safety.fhwa.dot.gov/pageRedirect.aspx?RedirectedURL=http://moneyprinters.net
https://community.cypress.com/external-link.jspa?url=http://moneyprinters.net
https://community.esri.com/external-link.jspa?url=http://moneyprinters.net
https://www.adminer.org/redirect/?url=http://moneyprinters.net
http://client.paltalk.com/client/webapp/client/External.wmt?url=http://moneyprinters.net
https://sfwater.org/redirect.aspx?url=http://moneyprinters.net
https://bukkit.org/proxy.php?link=http://moneyprinters.net
https://www.pennergame.de/redirect/?site=http%3A%2F%2Fbharatmach.com/http://moneyprinters.net
https://www.youtube.com/redirect?q=http://moneyprinters.net
https://register.aib.gov.uk/Subscribe/WidgetSignup?url=http://moneyprinters.net
https://community.nfpa.org/external-link.jspa?url=http://moneyprinters.net
https://plus.google.com/url?sa=t&url=http://moneyprinters.net
https://forum.solidworks.com/external-link.jspa?url=http://moneyprinters.net
https://community.esri.com/external-link.jspa?url=http://moneyprinters.net
https://community.nxp.com/external-link.jspa?url=http://moneyprinters.net
https://community.rsa.com/external-link.jspa?url=http://moneyprinters.net
https://communities.mentor.com/external-link.jspa?url=http://moneyprinters.net
http://www.webclap.com/php/jump.php?url=http://moneyprinters.net
http://www.bshare.cn/share?url=http://moneyprinters.net
https://anonym.to/?http://moneyprinters.net
https://sc.hkexnews.hk/TuniS/bharatmach.com/http://moneyprinters.net
http://georgewbushlibrary.smu.edu/exit.aspx?url=http://moneyprinters.net
http://ssomgmt.ascd.org/profile/createsso/CreateSSO.aspx?returnurl=http://moneyprinters.net
http://jbbs.m.shitaraba.net/b/alink.cgi?l=http://moneyprinters.net
http://archives.midweek.com/?URL=http://moneyprinters.net
http://ds.jpn.org/jump.php?url=bharatmach.com/http://moneyprinters.net
http://e.foodandwine.com/amex40/c2.php?APNL/356291059/1617035/H/N/V/http://moneyprinters.net
http://jump.2ch.net/?http://moneyprinters.net
http://m.ok.ru/dk?st.cmd=outLinkWarning&st.rfn=http://moneyprinters.net
http://my.apa.org/apa/idm/logout.seam?ERIGHTS_TARGET=http://moneyprinters.net
http://onlinemanuals.txdot.gov/help/urlstatusgo.html?url=http://moneyprinters.net
http://pandora.nla.gov.au/external.html?link=http://moneyprinters.net
http://redirects.tradedoubler.com/utm/td_redirect.php?td_keep_old_utm_value=1&url=http://moneyprinters.net
http://register.scotland.org/Subscribe/WidgetSignup?url=http://moneyprinters.net
http://scanmail.trustwave.com/?c=8510&d=4qa02KqxZJadHuhFUvy7ZCUfI_2L10yeH0EeBz7FGQ&u=http://moneyprinters.net
http://ssomgmt.ascd.org/profile/createsso/createsso.aspx?returnurl=http://moneyprinters.net
https://t.me/iv?url=http://moneyprinters.net
https://transtats.bts.gov/exit.asp?url=http://moneyprinters.net
http://tyonabi.sakura.ne.jp/link/cgi-bin/out.cgi?id=dorian362&cg=1&siteurl=bharatmach.com/http://moneyprinters.net
http://web.stanford.edu/cgi-bin/redirect?dest=http://moneyprinters.net
http://webfeeds.brookings.edu/~/t/0/0/~http://moneyprinters.net
http://well2net.com/__media__/js/netsoltrademark.php?d=http://moneyprinters.net
http://www.astro.wisc.edu/?URL=http://moneyprinters.net
https://www.bing.com/news/apiclick.aspx?ref=FexRss&aid=&tid=9BB77FDA801248A5AD23FDBDD5922800&url=http://moneyprinters.net
https://www.curseforge.com/linkout?remoteUrl=http://moneyprinters.net
http://www.feedroll.com/rssviewer/feed2js.php?src=http://moneyprinters.net
https://www.fhwa.dot.gov/reauthorization/reauexit.cfm?link=http://moneyprinters.net
http://www.littlesamaritan.net/__media__/js/netsoltrademark.php?d=http://moneyprinters.net
http://www.unmaskparasites.com/web-page-options/?url=bharatmach.com/http://moneyprinters.net
http://www.wittstock.chemie.uni-oldenburg.de/agef/link_extern.html?link=http://moneyprinters.net
https://ceskapozice.lidovky.cz/redir.aspx?url=http://moneyprinters.net
https://client.paltalk.com/client/webapp/client/External.wmt?url=bharatmach.com/http://moneyprinters.net
https://foro.infojardin.com/proxy.php?link=http://moneyprinters.net
https://qata

Re: [Bug 58588] Remove extras/juli from Tomcat 9 build and deliveries as Log4J 1.x has reached EOL.

2020-12-07 Thread Mark Thomas

On December 7, 2020 9:56:47 PM UTC, Emmanuel Bourg  wrote:
>The spam comments have been removed but the offending URL and
>attachment
>are still there. I'm not sure to know how to remove them without
>sending
>another mail notification with yet another occurrence of the URL.
>
>Emmanuel Bourg

Sorry. Missed those. I'll remove them directly in the database.

Mark


>
>-
>To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
>For additional commands, e-mail: dev-h...@tomcat.apache.org


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: [Bug 58588] Remove extras/juli from Tomcat 9 build and deliveries as Log4J 1.x has reached EOL.

The spam comments have been removed but the offending URL and attachment
are still there. I'm not sure to know how to remove them without sending
another mail notification with yet another occurrence of the URL.

Emmanuel Bourg

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: [tomcat] branch 9.0.x updated: Fix IDE warning

Le 07/12/2020 à 19:00, ma...@apache.org a écrit :

> commit dcf2044bd4f653154cb60218a3f3667673f746bf
> Author: Mark Thomas 
> AuthorDate: Wed Dec 2 14:21:04 2020 +
> 
> Fix IDE warning
> ---
>  java/javax/servlet/http/Cookie.java | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/java/javax/servlet/http/Cookie.java 
> b/java/javax/servlet/http/Cookie.java
> index e50bebe..bc2dd83 100644
> --- a/java/javax/servlet/http/Cookie.java
> +++ b/java/javax/servlet/http/Cookie.java
> @@ -74,7 +74,7 @@ public class Cookie implements Cloneable, Serializable {
>  } else {
>  strictServletCompliance = AccessController.doPrivileged(
>  (PrivilegedAction) () -> 
> Boolean.valueOf(System.getProperty(
> -
> "org.apache.catalina.STRICT_SERVLET_COMPLIANCE")));
> +
> "org.apache.catalina.STRICT_SERVLET_COMPLIANCE"))).booleanValue();
>  propStrictNaming = AccessController.doPrivileged(
>  (PrivilegedAction) () -> System.getProperty(
>  
> "org.apache.tomcat.util.http.ServerCookie.STRICT_NAMING"));


My IDE (IntelliJ 2020.3) gives the opposite warning and suggests using
auto-boxing instead of explicit boxing/unboxing. Should I avoid using
auto-boxing in Tomcat?

Emmanuel Bourg

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: [VOTE] Release Apache Tomcat 10.0.0

Le 03/12/2020 à 15:16, Rémy Maucherat a écrit :

> Hopefully no surprises ! I think Mark deserves a big round of applause for
> all the extra polishing that was done.

+1 !


> Personally, I want to see the feedback on the Jakarta migration, and if
> people are happy with something like the tool or if they really want
> deploy/classload time scary magic.

Should Tomcat 10 get such a feature I think I'd push to make it the
supported version of Tomcat in Debian 11 (to be released next year).

Emmanuel Bourg

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: [VOTE] Release Apache Tomcat 10.0.0

Le 03/12/2020 à 11:43, Mark Thomas a écrit :

> The proposed 10.0.0 release is:
> [ ] Broken - do not release
> [X] Beta   - go ahead and release as 10.0.0 (beta)
> [ ] Stable - go ahead and release as 10.0.0 (stable)

+1, ok in Debian

Emmanuel Bourg

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch 9.0.x updated: Add empty ApplicationBufferHandler for completeness

2020-12-07 Thread remm

This is an automated email from the ASF dual-hosted git repository.

remm pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/9.0.x by this push:
 new adede5b  Add empty ApplicationBufferHandler for completeness
adede5b is described below

commit adede5b4e21a6466c4c0f3daaf01a34ba4127c5b
Author: remm 
AuthorDate: Mon Dec 7 21:30:01 2020 +0100

Add empty ApplicationBufferHandler for completeness
---
 .../apache/tomcat/util/net/ApplicationBufferHandler.java  | 15 +++
 java/org/apache/tomcat/util/net/Nio2Channel.java  |  4 
 java/org/apache/tomcat/util/net/NioChannel.java   |  9 +
 3 files changed, 24 insertions(+), 4 deletions(-)

diff --git a/java/org/apache/tomcat/util/net/ApplicationBufferHandler.java 
b/java/org/apache/tomcat/util/net/ApplicationBufferHandler.java
index d9a22ed..8362416 100644
--- a/java/org/apache/tomcat/util/net/ApplicationBufferHandler.java
+++ b/java/org/apache/tomcat/util/net/ApplicationBufferHandler.java
@@ -24,6 +24,21 @@ import java.nio.ByteBuffer;
  */
 public interface ApplicationBufferHandler {
 
+static final ByteBuffer EMPTY_BUFFER = ByteBuffer.allocate(0);
+
+static ApplicationBufferHandler EMPTY = new ApplicationBufferHandler() {
+@Override
+public void expand(int newSize) {
+}
+@Override
+public void setByteBuffer(ByteBuffer buffer) {
+}
+@Override
+public ByteBuffer getByteBuffer() {
+return EMPTY_BUFFER;
+}
+};
+
 public void setByteBuffer(ByteBuffer buffer);
 
 public ByteBuffer getByteBuffer();
diff --git a/java/org/apache/tomcat/util/net/Nio2Channel.java 
b/java/org/apache/tomcat/util/net/Nio2Channel.java
index 9c57f02..a2612fd 100644
--- a/java/org/apache/tomcat/util/net/Nio2Channel.java
+++ b/java/org/apache/tomcat/util/net/Nio2Channel.java
@@ -263,6 +263,10 @@ public class Nio2Channel implements 
AsynchronousByteChannel {
 public void free() {
 }
 @Override
+protected ApplicationBufferHandler getAppReadBufHandler() {
+return ApplicationBufferHandler.EMPTY;
+}
+@Override
 public void setAppReadBufHandler(ApplicationBufferHandler handler) {
 }
 @Override
diff --git a/java/org/apache/tomcat/util/net/NioChannel.java 
b/java/org/apache/tomcat/util/net/NioChannel.java
index c1d4576..ac46d76 100644
--- a/java/org/apache/tomcat/util/net/NioChannel.java
+++ b/java/org/apache/tomcat/util/net/NioChannel.java
@@ -31,8 +31,6 @@ import org.apache.tomcat.util.res.StringManager;
  * Base class for a SocketChannel wrapper used by the endpoint.
  * This way, logic for an SSL socket channel remains the same as for
  * a non SSL, making sure we don't need to code for any exception cases.
- *
- * @version 1.0
  */
 public class NioChannel implements ByteChannel, ScatteringByteChannel, 
GatheringByteChannel {
 
@@ -106,7 +104,6 @@ public class NioChannel implements ByteChannel, 
ScatteringByteChannel, Gathering
  * Close the connection.
  *
  * @param force Should the underlying socket be forcibly closed?
- *
  * @throws IOException If closing the secure channel fails.
  */
 public void close(boolean force) throws IOException {
@@ -216,7 +213,6 @@ public class NioChannel implements ByteChannel, 
ScatteringByteChannel, Gathering
  * Return true if the buffer wrote data. NO-OP for non-secure channel.
  *
  * @return Always returns {@code false} for non-secure channel
- *
  * @throws IOException Never for non-secure channel
  */
 public boolean flushOutbound() throws IOException {
@@ -232,6 +228,7 @@ public class NioChannel implements ByteChannel, 
ScatteringByteChannel, Gathering
  * socket is removed from the poller without the socket being selected. 
This
  * results in a connection limit leak for NIO as the endpoint expects the
  * socket to be selected even in error conditions.
+ *
  * @throws IOException If the current thread was interrupted
  */
 protected void checkInterruptStatus() throws IOException {
@@ -263,6 +260,10 @@ public class NioChannel implements ByteChannel, 
ScatteringByteChannel, Gathering
 public void free() {
 }
 @Override
+protected ApplicationBufferHandler getAppReadBufHandler() {
+return ApplicationBufferHandler.EMPTY;
+}
+@Override
 public void setAppReadBufHandler(ApplicationBufferHandler handler) {
 }
 @Override


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch master updated: Add empty ApplicationBufferHandler for completeness

2020-12-07 Thread remm

This is an automated email from the ASF dual-hosted git repository.

remm pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/master by this push:
 new b7d59b2  Add empty ApplicationBufferHandler for completeness
b7d59b2 is described below

commit b7d59b2fb15901807237fd0c608aa04add5db6c4
Author: remm 
AuthorDate: Mon Dec 7 21:30:01 2020 +0100

Add empty ApplicationBufferHandler for completeness
---
 .../apache/tomcat/util/net/ApplicationBufferHandler.java  | 15 +++
 java/org/apache/tomcat/util/net/Nio2Channel.java  |  4 
 java/org/apache/tomcat/util/net/NioChannel.java   |  9 +
 3 files changed, 24 insertions(+), 4 deletions(-)

diff --git a/java/org/apache/tomcat/util/net/ApplicationBufferHandler.java 
b/java/org/apache/tomcat/util/net/ApplicationBufferHandler.java
index d9a22ed..8362416 100644
--- a/java/org/apache/tomcat/util/net/ApplicationBufferHandler.java
+++ b/java/org/apache/tomcat/util/net/ApplicationBufferHandler.java
@@ -24,6 +24,21 @@ import java.nio.ByteBuffer;
  */
 public interface ApplicationBufferHandler {
 
+static final ByteBuffer EMPTY_BUFFER = ByteBuffer.allocate(0);
+
+static ApplicationBufferHandler EMPTY = new ApplicationBufferHandler() {
+@Override
+public void expand(int newSize) {
+}
+@Override
+public void setByteBuffer(ByteBuffer buffer) {
+}
+@Override
+public ByteBuffer getByteBuffer() {
+return EMPTY_BUFFER;
+}
+};
+
 public void setByteBuffer(ByteBuffer buffer);
 
 public ByteBuffer getByteBuffer();
diff --git a/java/org/apache/tomcat/util/net/Nio2Channel.java 
b/java/org/apache/tomcat/util/net/Nio2Channel.java
index 9c57f02..a2612fd 100644
--- a/java/org/apache/tomcat/util/net/Nio2Channel.java
+++ b/java/org/apache/tomcat/util/net/Nio2Channel.java
@@ -263,6 +263,10 @@ public class Nio2Channel implements 
AsynchronousByteChannel {
 public void free() {
 }
 @Override
+protected ApplicationBufferHandler getAppReadBufHandler() {
+return ApplicationBufferHandler.EMPTY;
+}
+@Override
 public void setAppReadBufHandler(ApplicationBufferHandler handler) {
 }
 @Override
diff --git a/java/org/apache/tomcat/util/net/NioChannel.java 
b/java/org/apache/tomcat/util/net/NioChannel.java
index f35794c..9a22906 100644
--- a/java/org/apache/tomcat/util/net/NioChannel.java
+++ b/java/org/apache/tomcat/util/net/NioChannel.java
@@ -30,8 +30,6 @@ import org.apache.tomcat.util.res.StringManager;
  * Base class for a SocketChannel wrapper used by the endpoint.
  * This way, logic for an SSL socket channel remains the same as for
  * a non SSL, making sure we don't need to code for any exception cases.
- *
- * @version 1.0
  */
 public class NioChannel implements ByteChannel, ScatteringByteChannel, 
GatheringByteChannel {
 
@@ -88,7 +86,6 @@ public class NioChannel implements ByteChannel, 
ScatteringByteChannel, Gathering
  * Close the connection.
  *
  * @param force Should the underlying socket be forcibly closed?
- *
  * @throws IOException If closing the secure channel fails.
  */
 public void close(boolean force) throws IOException {
@@ -198,7 +195,6 @@ public class NioChannel implements ByteChannel, 
ScatteringByteChannel, Gathering
  * Return true if the buffer wrote data. NO-OP for non-secure channel.
  *
  * @return Always returns {@code false} for non-secure channel
- *
  * @throws IOException Never for non-secure channel
  */
 public boolean flushOutbound() throws IOException {
@@ -214,6 +210,7 @@ public class NioChannel implements ByteChannel, 
ScatteringByteChannel, Gathering
  * socket is removed from the poller without the socket being selected. 
This
  * results in a connection limit leak for NIO as the endpoint expects the
  * socket to be selected even in error conditions.
+ *
  * @throws IOException If the current thread was interrupted
  */
 protected void checkInterruptStatus() throws IOException {
@@ -245,6 +242,10 @@ public class NioChannel implements ByteChannel, 
ScatteringByteChannel, Gathering
 public void free() {
 }
 @Override
+protected ApplicationBufferHandler getAppReadBufHandler() {
+return ApplicationBufferHandler.EMPTY;
+}
+@Override
 public void setAppReadBufHandler(ApplicationBufferHandler handler) {
 }
 @Override


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 58588] Remove extras/juli from Tomcat 9 build and deliveries as Log4J 1.x has reached EOL.

https://bz.apache.org/bugzilla/show_bug.cgi?id=58588

chris herb  changed:

   What|Removed |Added

URL||https://goowonderland.com
   Keywords||Beginner

--- Comment #7 from chris herb  ---

https://goowonderland.com
https://goowonderland.com/about-us/
https://goowonderland.com/contact/
https://goowonderland.com/blog/
https://goowonderland.com/best-cannabis-stocks/
JUNGLEBOYZ
https://goowonderland.com/product-category/jungle-boys/
https://goowonderland.com/product/citron-cookies-strain/
https://goowonderland.com/product/a_florida-cake/
https://goowonderland.com/product/buy-cherry-do-si-dos-kush/
https://goowonderland.com/product/grape-do-si-dos/
https://goowonderland.com/product/crasher/
https://goowonderland.com/product/strawberry/
https://goowonderland.com/product/orange-cookies/
https://goowonderland.com/product/zkittles/
https://goowonderland.com/product/sunset-sherbet/
https://goowonderland.com/product/durban/
COOKIES
https://goowonderland.com/product-category/cookies/
https://goowonderland.com/product/berry-pie/
https://goowonderland.com/product/butter-og/
https://goowonderland.com/product/gelati/
https://goowonderland.com/product/georgia-pie/
SPACEMONKEY
https://goowonderland.com/product-category/space-monkey/
https://goowonderland.com/product/alien-orange-cookies/
https://goowonderland.com/product/big-smooth/
https://goowonderland.com/product/cement-shoes/
https://goowonderland.com/product/dosidos/
https://goowonderland.com/product/sunset-sherbet-2/
https://goowonderland.com/product/mimosa/
https://goowonderland.com/product/xxx-og/
https://goowonderland.com/product/goji/
https://goowonderland.com/product/monkey-kush/
https://goowonderland.com/product/alien-orange-cookies/
https://goowonderland.com/product/wedding-cake/
MUHA MEDS
https://goowonderland.com/product-category/muha-meds/
https://goowonderland.com/product/orange-bang/
https://goowonderland.com/product/strawberry-cough/
https://goowonderland.com/product/pina-colada/
https://goowonderland.com/product/poundcake/
https://goowonderland.com/product/orange-bang/
https://goowonderland.com/product/orange-bang-2/
https://goowonderland.com/product/strawana/
https://goowonderland.com/product/star-burst/
https://goowonderland.com/product/strawberry-shortcake/
https://goowonderland.com/product/purple-punch/
https://goowonderland.com/product/pinaple-express/
https://goowonderland.com/product/strawberry-shortcake/
PLUG & PLAY
https://goowonderland.com/product-category/plugplay/
https://goowonderland.com/product/aplle-slushie/

https://goowonderland.com/product/plug-and-play-poundcake/
https://goowonderland.com/product/plug-and-play-cartridges/
https://goowonderland.com/product/plugplay-jack-herer/
https://goowonderland.com/product/tko-extracts-northern-lights/
https://goowonderland.com/product/plug-and-play-poundcake/
https://goowonderland.com/product/plugplay-train-wreck/
https://goowonderland.com/product/plug-and-play-strawberry-champagne/
https://goowonderland.com/product/plugplay-grape-ape-soda/
https://goowonderland.com/product/plugplay-pineapple-cooler/
https://goowonderland.com/product/stiiizy-granddaddy-purp/
https://goowonderland.com/product-category/dankwoods/
https://goowonderland.com/product-category/mig-vapor/
https://goowonderland.com/product-category/stiiizy/
https://goowonderland.com/product-category/tko-extracts/

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 58588] Remove extras/juli from Tomcat 9 build and deliveries as Log4J 1.x has reached EOL.

https://bz.apache.org/bugzilla/show_bug.cgi?id=58588

--- Comment #6 from chris herb  ---
Created attachment 37591
  --> https://bz.apache.org/bugzilla/attachment.cgi?id=37591&action=edit
Find the best cannabis stocks recreational & medical marijuana dispensaries
near me

Find the best cannabis stocks recreational & medical marijuana dispensaries
near me with great reviews and affordable prices. Browse store menus and local
deals at Goowonderland.com

https://goowonderland.com

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 64872] Inefficient enum resolution in JSPs

https://bz.apache.org/bugzilla/show_bug.cgi?id=64872

--- Comment #27 from John Engebretson  ---
For planning purposes, approximately when can we expect to see this in Tomcat 9
and 10?

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch 9.0.x updated: Fix IDE warning

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/9.0.x by this push:
 new dcf2044  Fix IDE warning
dcf2044 is described below

commit dcf2044bd4f653154cb60218a3f3667673f746bf
Author: Mark Thomas 
AuthorDate: Wed Dec 2 14:21:04 2020 +

Fix IDE warning
---
 java/javax/servlet/http/Cookie.java | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/java/javax/servlet/http/Cookie.java 
b/java/javax/servlet/http/Cookie.java
index e50bebe..bc2dd83 100644
--- a/java/javax/servlet/http/Cookie.java
+++ b/java/javax/servlet/http/Cookie.java
@@ -74,7 +74,7 @@ public class Cookie implements Cloneable, Serializable {
 } else {
 strictServletCompliance = AccessController.doPrivileged(
 (PrivilegedAction) () -> 
Boolean.valueOf(System.getProperty(
-"org.apache.catalina.STRICT_SERVLET_COMPLIANCE")));
+
"org.apache.catalina.STRICT_SERVLET_COMPLIANCE"))).booleanValue();
 propStrictNaming = AccessController.doPrivileged(
 (PrivilegedAction) () -> System.getProperty(
 
"org.apache.tomcat.util.http.ServerCookie.STRICT_NAMING"));


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch 8.5.x updated: Align with 9.0.m and 10.0.x

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/8.5.x by this push:
 new 2c5e826  Align with 9.0.m and 10.0.x
2c5e826 is described below

commit 2c5e826d33cdd7a97659e1a159688e8abc476579
Author: Mark Thomas 
AuthorDate: Mon Dec 7 17:56:06 2020 +

Align with 9.0.m and 10.0.x

Adds support for skipMemoryLeakChecksOnJvmShutdown to Context
---
 java/org/apache/catalina/core/StandardContext.java | 16 
 java/org/apache/catalina/filters/CorsFilter.java   | 21 +++---
 .../catalina/filters/CsrfPreventionFilter.java |  2 +-
 .../org/apache/catalina/filters/ExpiresFilter.java |  6 +--
 .../catalina/filters/RequestDumperFilter.java  |  3 ++
 .../catalina/filters/RestCsrfPreventionFilter.java |  3 +-
 .../apache/catalina/loader/JdbcLeakPrevention.java |  3 +-
 .../apache/catalina/loader/LocalStrings.properties |  2 +
 .../catalina/loader/LocalStrings_fr.properties |  2 +
 .../catalina/loader/LocalStrings_ja.properties |  2 +
 .../catalina/loader/LocalStrings_ko.properties |  2 +
 .../catalina/loader/LocalStrings_zh_CN.properties  |  2 +
 .../catalina/loader/WebappClassLoaderBase.java | 45 ++
 webapps/docs/changelog.xml |  7 
 webapps/docs/config/context.xml|  7 
 15 files changed, 93 insertions(+), 30 deletions(-)

diff --git a/java/org/apache/catalina/core/StandardContext.java 
b/java/org/apache/catalina/core/StandardContext.java
index db04227..b3673ec 100644
--- a/java/org/apache/catalina/core/StandardContext.java
+++ b/java/org/apache/catalina/core/StandardContext.java
@@ -753,6 +753,12 @@ public class StandardContext extends ContainerBase
 private boolean clearReferencesThreadLocals = true;
 
 /**
+ * Should Tomcat skip the memory leak checks when the web application is
+ * stopped as part of the process of shutting down the JVM?
+ */
+private boolean skipMemoryLeakChecksOnJvmShutdown = false;
+
+/**
  * Should the effective web.xml be logged when the context starts?
  */
 private boolean logEffectiveWebXml = false;
@@ -2739,6 +2745,16 @@ public class StandardContext extends ContainerBase
 }
 
 
+public boolean getSkipMemoryLeakChecksOnJvmShutdown() {
+return skipMemoryLeakChecksOnJvmShutdown;
+}
+
+
+public void setSkipMemoryLeakChecksOnJvmShutdown(boolean 
skipMemoryLeakChecksOnJvmShutdown) {
+this.skipMemoryLeakChecksOnJvmShutdown = 
skipMemoryLeakChecksOnJvmShutdown;
+}
+
+
 public Boolean getFailCtxIfServletStartFails() {
 return failCtxIfServletStartFails;
 }
diff --git a/java/org/apache/catalina/filters/CorsFilter.java 
b/java/org/apache/catalina/filters/CorsFilter.java
index 3a4613a..4f1091a 100644
--- a/java/org/apache/catalina/filters/CorsFilter.java
+++ b/java/org/apache/catalina/filters/CorsFilter.java
@@ -20,6 +20,7 @@ import java.io.IOException;
 import java.net.URI;
 import java.util.Arrays;
 import java.util.Collection;
+import java.util.Collections;
 import java.util.HashSet;
 import java.util.LinkedList;
 import java.util.List;
@@ -155,8 +156,6 @@ public class CorsFilter implements Filter {
 switch (requestType) {
 case SIMPLE:
 // Handles a Simple CORS request.
-this.handleSimpleCORS(request, response, filterChain);
-break;
 case ACTUAL:
 // Handles an Actual CORS request.
 this.handleSimpleCORS(request, response, filterChain);
@@ -516,15 +515,6 @@ public class CorsFilter implements Filter {
 
 switch (corsRequestType) {
 case SIMPLE:
-request.setAttribute(
-CorsFilter.HTTP_REQUEST_ATTRIBUTE_IS_CORS_REQUEST,
-Boolean.TRUE);
-request.setAttribute(CorsFilter.HTTP_REQUEST_ATTRIBUTE_ORIGIN,
-request.getHeader(CorsFilter.REQUEST_HEADER_ORIGIN));
-request.setAttribute(
-CorsFilter.HTTP_REQUEST_ATTRIBUTE_REQUEST_TYPE,
-corsRequestType.name().toLowerCase(Locale.ENGLISH));
-break;
 case ACTUAL:
 request.setAttribute(
 CorsFilter.HTTP_REQUEST_ATTRIBUTE_IS_CORS_REQUEST, 
Boolean.TRUE);
@@ -749,7 +739,7 @@ public class CorsFilter implements Filter {
 this.exposedHeaders.clear();
 this.exposedHeaders.addAll(setExposedHeaders);
 
-// For any value other then 'true' this will be false.
+// For any value other than 'true' this will be false.
 this.supportsCredentials = Boolean.parseBoolean(supportsCredentials);
 
 if (this.supportsCredentials && this.anyOriginAllowed) {
@@ -767,7 +757,7 @@ public class CorsFilter implements Filter {
 sm.getString("corsFilter.invalidPreflightMaxAge

[tomcat] branch 9.0.x updated: Align with 10.0.x and 8.5.x

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/9.0.x by this push:
 new 46ed1da  Align with 10.0.x and 8.5.x
46ed1da is described below

commit 46ed1da52e72bd6d79591128a84a63cf40be49b0
Author: Mark Thomas 
AuthorDate: Mon Dec 7 17:47:41 2020 +

Align with 10.0.x and 8.5.x
---
 java/org/apache/catalina/filters/CsrfPreventionFilter.java|  2 ++
 .../org/apache/catalina/filters/RestCsrfPreventionFilter.java |  3 +--
 java/org/apache/catalina/loader/WebappClassLoaderBase.java| 11 +--
 3 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/java/org/apache/catalina/filters/CsrfPreventionFilter.java 
b/java/org/apache/catalina/filters/CsrfPreventionFilter.java
index 621cd6d..fe7a27f 100644
--- a/java/org/apache/catalina/filters/CsrfPreventionFilter.java
+++ b/java/org/apache/catalina/filters/CsrfPreventionFilter.java
@@ -248,6 +248,8 @@ public class CsrfPreventionFilter extends 
CsrfPreventionFilterBase {
 
 /*
  * Return the specified URL with the nonce added to the query string.
+ *
+ * @param url URL to be modified
  */
 private String addNonce(String url) {
 
diff --git a/java/org/apache/catalina/filters/RestCsrfPreventionFilter.java 
b/java/org/apache/catalina/filters/RestCsrfPreventionFilter.java
index a33b68e..78769ce 100644
--- a/java/org/apache/catalina/filters/RestCsrfPreventionFilter.java
+++ b/java/org/apache/catalina/filters/RestCsrfPreventionFilter.java
@@ -104,8 +104,7 @@ public class RestCsrfPreventionFilter extends 
CsrfPreventionFilterBase {
 public void doFilter(ServletRequest request, ServletResponse response, 
FilterChain chain)
 throws IOException, ServletException {
 
-if (request instanceof HttpServletRequest &&
-response instanceof HttpServletResponse) {
+if (request instanceof HttpServletRequest && response instanceof 
HttpServletResponse) {
 MethodType mType = MethodType.MODIFYING_METHOD;
 if (nonModifyingMethods.test(((HttpServletRequest) 
request).getMethod())) {
 mType = MethodType.NON_MODIFYING_METHOD;
diff --git a/java/org/apache/catalina/loader/WebappClassLoaderBase.java 
b/java/org/apache/catalina/loader/WebappClassLoaderBase.java
index 340f214..3987d89 100644
--- a/java/org/apache/catalina/loader/WebappClassLoaderBase.java
+++ b/java/org/apache/catalina/loader/WebappClassLoaderBase.java
@@ -194,8 +194,7 @@ public abstract class WebappClassLoaderBase extends 
URLClassLoader
 /**
  * The string manager for this package.
  */
-protected static final StringManager sm =
-StringManager.getManager(Constants.Package);
+protected static final StringManager sm = 
StringManager.getManager(WebappClassLoaderBase.class);
 
 
 // --- Constructors
@@ -361,10 +360,10 @@ public abstract class WebappClassLoaderBase extends 
URLClassLoader
 
 /**
  * Should Tomcat call
- * {@link org.apache.juli.logging.LogFactory#release(ClassLoader)}
- * when the class loader is stopped? If not specified, the default value
- * of true is used. Changing the default setting is likely to
- * lead to memory leaks and other issues.
+ * {@link org.apache.juli.logging.LogFactory#release(ClassLoader)} when the
+ * class loader is stopped? If not specified, the default value of
+ * true is used. Changing the default setting is likely to 
lead
+ * to memory leaks and other issues.
  */
 private boolean clearReferencesLogFactoryRelease = true;
 


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch master updated: Align with 9.0.x & 8.5.x

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/master by this push:
 new d615134  Align with 9.0.x & 8.5.x
d615134 is described below

commit d61513411dee4bf2acdee5427384d058ca3a6cb9
Author: Mark Thomas 
AuthorDate: Mon Dec 7 17:46:28 2020 +

Align with 9.0.x & 8.5.x
---
 java/org/apache/catalina/filters/CsrfPreventionFilter.java | 2 ++
 java/org/apache/catalina/loader/WebappClassLoaderBase.java | 8 
 2 files changed, 6 insertions(+), 4 deletions(-)

diff --git a/java/org/apache/catalina/filters/CsrfPreventionFilter.java 
b/java/org/apache/catalina/filters/CsrfPreventionFilter.java
index f71c888..2392a6b 100644
--- a/java/org/apache/catalina/filters/CsrfPreventionFilter.java
+++ b/java/org/apache/catalina/filters/CsrfPreventionFilter.java
@@ -248,6 +248,8 @@ public class CsrfPreventionFilter extends 
CsrfPreventionFilterBase {
 
 /*
  * Return the specified URL with the nonce added to the query string.
+ *
+ * @param url URL to be modified
  */
 private String addNonce(String url) {
 
diff --git a/java/org/apache/catalina/loader/WebappClassLoaderBase.java 
b/java/org/apache/catalina/loader/WebappClassLoaderBase.java
index 597769e..e105452 100644
--- a/java/org/apache/catalina/loader/WebappClassLoaderBase.java
+++ b/java/org/apache/catalina/loader/WebappClassLoaderBase.java
@@ -360,10 +360,10 @@ public abstract class WebappClassLoaderBase extends 
URLClassLoader
 
 /**
  * Should Tomcat call
- * {@link org.apache.juli.logging.LogFactory#release(ClassLoader)}
- * when the class loader is stopped? If not specified, the default value
- * of true is used. Changing the default setting is likely to
- * lead to memory leaks and other issues.
+ * {@link org.apache.juli.logging.LogFactory#release(ClassLoader)} when the
+ * class loader is stopped? If not specified, the default value of
+ * true is used. Changing the default setting is likely to 
lead
+ * to memory leaks and other issues.
  */
 private boolean clearReferencesLogFactoryRelease = true;
 


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 60781] Access Log Valve does not escape the same as mod_log_config

https://bz.apache.org/bugzilla/show_bug.cgi?id=60781

Mark Thomas  changed:

   What|Removed |Added

 Status|NEW |RESOLVED
 Resolution|--- |FIXED

--- Comment #4 from Mark Thomas  ---
Fixed in:
- 10.0.x for 10.0.1 onwards
- 9.0.x for 9.0.42 onwards
- 8.5.x for 8.5.62 onwards

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch 8.5.x updated: Fix BZ 60781 Escape access log output where httpd does (#384)

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/8.5.x by this push:
 new f6e3f90  Fix BZ 60781 Escape access log output where httpd does (#384)
f6e3f90 is described below

commit f6e3f90176777afd8bbe9b2609a3a2abf6db81eb
Author: Mark Thomas 
AuthorDate: Mon Dec 7 17:18:06 2020 +

Fix BZ 60781 Escape access log output where httpd does (#384)

Fix BZ 60781 Escape access log output where httpd does

https://bz.apache.org/bugzilla/show_bug.cgi?id=60781
Isn't quite that simple as httpd and Tomact support slightly
different things and validate at different points. See the
code comments.
---
 .../catalina/valves/AbstractAccessLogValve.java| 118 +++--
 .../valves/TestAbstractAccessLogValveEscape.java   |  66 
 webapps/docs/changelog.xml |   5 +
 webapps/docs/config/valve.xml  |  23 ++--
 4 files changed, 196 insertions(+), 16 deletions(-)

diff --git a/java/org/apache/catalina/valves/AbstractAccessLogValve.java 
b/java/org/apache/catalina/valves/AbstractAccessLogValve.java
index 1d113ed..41c799c 100644
--- a/java/org/apache/catalina/valves/AbstractAccessLogValve.java
+++ b/java/org/apache/catalina/valves/AbstractAccessLogValve.java
@@ -51,6 +51,7 @@ import org.apache.coyote.RequestInfo;
 import org.apache.juli.logging.Log;
 import org.apache.juli.logging.LogFactory;
 import org.apache.tomcat.util.ExceptionUtils;
+import org.apache.tomcat.util.buf.HexUtils;
 import org.apache.tomcat.util.collections.SynchronizedStack;
 import org.apache.tomcat.util.net.IPv6Utils;
 
@@ -980,7 +981,7 @@ public abstract class AbstractAccessLogValve extends 
ValveBase implements Access
 if (request != null) {
 String value = request.getRemoteUser();
 if (value != null) {
-buf.append(value);
+escapeAndAppend(value, buf);
 } else {
 buf.append('-');
 }
@@ -1493,9 +1494,10 @@ public abstract class AbstractAccessLogValve extends 
ValveBase implements Access
 Response response, long time) {
 Enumeration iter = request.getHeaders(header);
 if (iter.hasMoreElements()) {
-buf.append(iter.nextElement());
+escapeAndAppend(iter.nextElement(), buf);
 while (iter.hasMoreElements()) {
-buf.append(',').append(iter.nextElement());
+buf.append(',');
+escapeAndAppend(iter.nextElement(), buf);
 }
 return;
 }
@@ -1526,7 +1528,7 @@ public abstract class AbstractAccessLogValve extends 
ValveBase implements Access
 }
 }
 }
-buf.append(value);
+escapeAndAppend(value, buf);
 }
 }
 
@@ -1546,9 +1548,10 @@ public abstract class AbstractAccessLogValve extends 
ValveBase implements Access
 if (null != response) {
 Iterator iter = response.getHeaders(header).iterator();
 if (iter.hasNext()) {
-buf.append(iter.next());
+escapeAndAppend(iter.next(), buf);
 while (iter.hasNext()) {
-buf.append(',').append(iter.next());
+buf.append(',');
+escapeAndAppend(iter.next(), buf);
 }
 return;
 }
@@ -1578,9 +1581,9 @@ public abstract class AbstractAccessLogValve extends 
ValveBase implements Access
 }
 if (value != null) {
 if (value instanceof String) {
-buf.append((String) value);
+escapeAndAppend((String) value, buf);
 } else {
-buf.append(value.toString());
+escapeAndAppend(value.toString(), buf);
 }
 } else {
 buf.append('-');
@@ -1612,9 +1615,9 @@ public abstract class AbstractAccessLogValve extends 
ValveBase implements Access
 }
 if (value != null) {
 if (value instanceof String) {
-buf.append((String) value);
+escapeAndAppend((String) value, buf);
 } else {
-buf.append(value.toString());
+escapeAndAppend(value.toString(), buf);
 }
 } else {
 buf.append('-');
@@ -1811,4 +1814,99 @@ public abstract class AbstractAccessLogValve extends 
ValveBase implements Access
 return new StringElement("???" + pattern + "???");
 }
 }
+
+
+/*
+ * This method is intended to mimic the escapi

[tomcat] branch 9.0.x updated: Fix BZ 60781 Escape access log output where httpd does (#384)

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/9.0.x by this push:
 new e6047e7  Fix BZ 60781 Escape access log output where httpd does (#384)
e6047e7 is described below

commit e6047e7090e27888ea6678d9462a8b675f4e23f0
Author: Mark Thomas 
AuthorDate: Mon Dec 7 17:18:06 2020 +

Fix BZ 60781 Escape access log output where httpd does (#384)

Fix BZ 60781 Escape access log output where httpd does

https://bz.apache.org/bugzilla/show_bug.cgi?id=60781
Isn't quite that simple as httpd and Tomact support slightly
different things and validate at different points. See the
code comments.
---
 .../catalina/valves/AbstractAccessLogValve.java| 118 +++--
 .../valves/TestAbstractAccessLogValveEscape.java   |  66 
 webapps/docs/changelog.xml |   5 +
 webapps/docs/config/valve.xml  |  23 ++--
 4 files changed, 196 insertions(+), 16 deletions(-)

diff --git a/java/org/apache/catalina/valves/AbstractAccessLogValve.java 
b/java/org/apache/catalina/valves/AbstractAccessLogValve.java
index 77ff9b8..b204001 100644
--- a/java/org/apache/catalina/valves/AbstractAccessLogValve.java
+++ b/java/org/apache/catalina/valves/AbstractAccessLogValve.java
@@ -51,6 +51,7 @@ import org.apache.coyote.RequestInfo;
 import org.apache.juli.logging.Log;
 import org.apache.juli.logging.LogFactory;
 import org.apache.tomcat.util.ExceptionUtils;
+import org.apache.tomcat.util.buf.HexUtils;
 import org.apache.tomcat.util.collections.SynchronizedStack;
 import org.apache.tomcat.util.net.IPv6Utils;
 
@@ -969,7 +970,7 @@ public abstract class AbstractAccessLogValve extends 
ValveBase implements Access
 if (request != null) {
 String value = request.getRemoteUser();
 if (value != null) {
-buf.append(value);
+escapeAndAppend(value, buf);
 } else {
 buf.append('-');
 }
@@ -1482,9 +1483,10 @@ public abstract class AbstractAccessLogValve extends 
ValveBase implements Access
 Response response, long time) {
 Enumeration iter = request.getHeaders(header);
 if (iter.hasMoreElements()) {
-buf.append(iter.nextElement());
+escapeAndAppend(iter.nextElement(), buf);
 while (iter.hasMoreElements()) {
-buf.append(',').append(iter.nextElement());
+buf.append(',');
+escapeAndAppend(iter.nextElement(), buf);
 }
 return;
 }
@@ -1515,7 +1517,7 @@ public abstract class AbstractAccessLogValve extends 
ValveBase implements Access
 }
 }
 }
-buf.append(value);
+escapeAndAppend(value, buf);
 }
 }
 
@@ -1535,9 +1537,10 @@ public abstract class AbstractAccessLogValve extends 
ValveBase implements Access
 if (null != response) {
 Iterator iter = response.getHeaders(header).iterator();
 if (iter.hasNext()) {
-buf.append(iter.next());
+escapeAndAppend(iter.next(), buf);
 while (iter.hasNext()) {
-buf.append(',').append(iter.next());
+buf.append(',');
+escapeAndAppend(iter.next(), buf);
 }
 return;
 }
@@ -1567,9 +1570,9 @@ public abstract class AbstractAccessLogValve extends 
ValveBase implements Access
 }
 if (value != null) {
 if (value instanceof String) {
-buf.append((String) value);
+escapeAndAppend((String) value, buf);
 } else {
-buf.append(value.toString());
+escapeAndAppend(value.toString(), buf);
 }
 } else {
 buf.append('-');
@@ -1601,9 +1604,9 @@ public abstract class AbstractAccessLogValve extends 
ValveBase implements Access
 }
 if (value != null) {
 if (value instanceof String) {
-buf.append((String) value);
+escapeAndAppend((String) value, buf);
 } else {
-buf.append(value.toString());
+escapeAndAppend(value.toString(), buf);
 }
 } else {
 buf.append('-');
@@ -1800,4 +1803,99 @@ public abstract class AbstractAccessLogValve extends 
ValveBase implements Access
 return new StringElement("???" + pattern + "???");
 }
 }
+
+
+/*
+ * This method is intended to mimic the escapi

[GitHub] [tomcat] markt-asf merged pull request #384: Fix BZ 60781 Escape access log output where httpd does



markt-asf merged pull request #384:
URL: https://github.com/apache/tomcat/pull/384


   



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch master updated: Fix BZ 60781 Escape access log output where httpd does (#384)

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/master by this push:
 new a9d67fd  Fix BZ 60781 Escape access log output where httpd does (#384)
a9d67fd is described below

commit a9d67fd7c08272c01b870edd24d001740d88e5f6
Author: Mark Thomas 
AuthorDate: Mon Dec 7 17:18:06 2020 +

Fix BZ 60781 Escape access log output where httpd does (#384)

Fix BZ 60781 Escape access log output where httpd does

https://bz.apache.org/bugzilla/show_bug.cgi?id=60781
Isn't quite that simple as httpd and Tomact support slightly
different things and validate at different points. See the
code comments.
---
 .../catalina/valves/AbstractAccessLogValve.java| 118 +++--
 .../valves/TestAbstractAccessLogValveEscape.java   |  66 
 webapps/docs/changelog.xml |   5 +
 webapps/docs/config/valve.xml  |  23 ++--
 4 files changed, 196 insertions(+), 16 deletions(-)

diff --git a/java/org/apache/catalina/valves/AbstractAccessLogValve.java 
b/java/org/apache/catalina/valves/AbstractAccessLogValve.java
index 7421d33..6672370 100644
--- a/java/org/apache/catalina/valves/AbstractAccessLogValve.java
+++ b/java/org/apache/catalina/valves/AbstractAccessLogValve.java
@@ -52,6 +52,7 @@ import org.apache.coyote.RequestInfo;
 import org.apache.juli.logging.Log;
 import org.apache.juli.logging.LogFactory;
 import org.apache.tomcat.util.ExceptionUtils;
+import org.apache.tomcat.util.buf.HexUtils;
 import org.apache.tomcat.util.collections.SynchronizedStack;
 import org.apache.tomcat.util.net.IPv6Utils;
 
@@ -966,7 +967,7 @@ public abstract class AbstractAccessLogValve extends 
ValveBase implements Access
 if (request != null) {
 String value = request.getRemoteUser();
 if (value != null) {
-buf.append(value);
+escapeAndAppend(value, buf);
 } else {
 buf.append('-');
 }
@@ -1478,9 +1479,10 @@ public abstract class AbstractAccessLogValve extends 
ValveBase implements Access
 Response response, long time) {
 Enumeration iter = request.getHeaders(header);
 if (iter.hasMoreElements()) {
-buf.append(iter.nextElement());
+escapeAndAppend(iter.nextElement(), buf);
 while (iter.hasMoreElements()) {
-buf.append(',').append(iter.nextElement());
+buf.append(',');
+escapeAndAppend(iter.nextElement(), buf);
 }
 return;
 }
@@ -1511,7 +1513,7 @@ public abstract class AbstractAccessLogValve extends 
ValveBase implements Access
 }
 }
 }
-buf.append(value);
+escapeAndAppend(value, buf);
 }
 }
 
@@ -1531,9 +1533,10 @@ public abstract class AbstractAccessLogValve extends 
ValveBase implements Access
 if (null != response) {
 Iterator iter = response.getHeaders(header).iterator();
 if (iter.hasNext()) {
-buf.append(iter.next());
+escapeAndAppend(iter.next(), buf);
 while (iter.hasNext()) {
-buf.append(',').append(iter.next());
+buf.append(',');
+escapeAndAppend(iter.next(), buf);
 }
 return;
 }
@@ -1563,9 +1566,9 @@ public abstract class AbstractAccessLogValve extends 
ValveBase implements Access
 }
 if (value != null) {
 if (value instanceof String) {
-buf.append((String) value);
+escapeAndAppend((String) value, buf);
 } else {
-buf.append(value.toString());
+escapeAndAppend(value.toString(), buf);
 }
 } else {
 buf.append('-');
@@ -1597,9 +1600,9 @@ public abstract class AbstractAccessLogValve extends 
ValveBase implements Access
 }
 if (value != null) {
 if (value instanceof String) {
-buf.append((String) value);
+escapeAndAppend((String) value, buf);
 } else {
-buf.append(value.toString());
+escapeAndAppend(value.toString(), buf);
 }
 } else {
 buf.append('-');
@@ -1805,4 +1808,99 @@ public abstract class AbstractAccessLogValve extends 
ValveBase implements Access
 return new StringElement("???" + pattern + "???");
 }
 }
+
+
+/*
+ * This method is intended to mimic the esca

Re: io_uring backend for NIO

2020-12-07 Thread Rémy Maucherat

On Mon, Dec 7, 2020 at 3:12 PM Martin Grigorov  wrote:

> Hi devs,
>
> Maybe you have also noticed some noise in the web about io_uring
>  - the better epoll.
>
> Pros:
> - less syscalls
> - no copying of data between userland and kernel
>
> Cons:
> - it seems rather unstable to me.
> Many articles say that io_uring should be more stable since kernel v5.6.x
> but in my experience there are many changes in each kernel versions
>
>
> https://www.scylladb.com/2020/05/05/how-io_uring-and-ebpf-will-revolutionize-programming-in-linux/
> is a good article explaining the benefits.
>
> Recently Netty project released 0.0.1-SNAPSHOT (
> https://netty.io/news/2020/11/16/io_uring-0-0-1-Final.html) and
> 0.0.2-SNAPSHOT with some nice numbers:
> - epoll
>
> Speed: 80820 request/sec, 80820 response/sec
> Requests: 2424626
> Responses: 2424625
>
> - io_uring
>
> Speed: 267371 request/sec, 267370 response/sec
> Requests: 8021137
> Responses: 8021128
>
> I've tried it with my HTTP2 comparison tests
> (
> https://martin-grigorov.medium.com/comparing-the-performance-of-several-http2-web-servers-fb5f3787532a
> )
>
> and the results were better but not so dramatic:
>
> - epoll
>
> -- x86_64: 24688 reqs/sec
>
> -- aarch64: 25344
>
> - uring
>
> -- x86_64: 26731
>
> -- aarch64: 28443
>
>
> So I thought: What about introducing a Uring Protocol/Connector ?!
> Since Netty uses JNI
>
> to talk to io_uring C APIs it should look something like the AprConnector.
>
> But soon after I realized that it would be much more reusable if
> implemented
>
> as  java.nio.channels.spi.SelectorProvider. This way any project (not
> just Tomcat) can
>
> make use of it.
>
>
> Here I wanted to poll what other devs think about this idea ?
>
> Does that sound interesting to you ? Or we should leave it to the JDK
> developers
>
> to do it for JDK XY (I guess this could be as early as Java 18 since 17
> will
>
> be a LTS and most probably the current epoll based impl won't be replaced
> so
>
> soon).
>
> I don't suggest to put it in Tomcat's code, so the dependency on JNI
>
> should not be considered as a stopper.
>
>
> I have some very early attempts implementing it with Netty's JNI code and
>
> with Java Panama's jextract, but I've faced issues with both.
>
>
> Please encourage/discourage me to continue digging in this! :-)
>

I think I had read something about this, and then kind of forgot about it.
IMO to really help out people it has to happen in OpenJDK. I'm quite sure
it will work out since improvements have started to happen again in NIO
(bugfixes start in 11, actual improvements starting in 14). NIO2 would
obviously benefit as well.

It seems from your numbers there would be some measurable performance
improvements. Not 100% sure about real world though.

Rémy


>
>
> Regards,
>
> Martin
>

io_uring backend for NIO

2020-12-07 Thread Martin Grigorov

Hi devs,

Maybe you have also noticed some noise in the web about io_uring
- the better epoll.

Pros:
- less syscalls
- no copying of data between userland and kernel

Cons:
- it seems rather unstable to me.
Many articles say that io_uring should be more stable since kernel v5.6.x
but in my experience there are many changes in each kernel versions

https://www.scylladb.com/2020/05/05/how-io_uring-and-ebpf-will-revolutionize-programming-in-linux/
is a good article explaining the benefits.

Recently Netty project released 0.0.1-SNAPSHOT (
https://netty.io/news/2020/11/16/io_uring-0-0-1-Final.html) and
0.0.2-SNAPSHOT with some nice numbers:
- epoll

Speed: 80820 request/sec, 80820 response/sec
Requests: 2424626
Responses: 2424625

- io_uring

Speed: 267371 request/sec, 267370 response/sec
Requests: 8021137
Responses: 8021128

I've tried it with my HTTP2 comparison tests
(https://martin-grigorov.medium.com/comparing-the-performance-of-several-http2-web-servers-fb5f3787532a)

and the results were better but not so dramatic:

- epoll

-- x86_64: 24688 reqs/sec

-- aarch64: 25344

- uring

-- x86_64: 26731

-- aarch64: 28443

So I thought: What about introducing a Uring Protocol/Connector ?!
Since Netty uses JNI

to talk to io_uring C APIs it should look something like the AprConnector.

But soon after I realized that it would be much more reusable if implemented

as java.nio.channels.spi.SelectorProvider. This way any project (not
just Tomcat) can

make use of it.

Here I wanted to poll what other devs think about this idea ?

Does that sound interesting to you ? Or we should leave it to the JDK developers

to do it for JDK XY (I guess this could be as early as Java 18 since 17 will

be a LTS and most probably the current epoll based impl won't be replaced so

soon).

I don't suggest to put it in Tomcat's code, so the dependency on JNI

should not be considered as a stopper.

I have some very early attempts implementing it with Netty's JNI code and

with Java Panama's jextract, but I've faced issues with both.

Please encourage/discourage me to continue digging in this! :-)

Regards,

Martin

[GitHub] [tomcat] martin-g commented on a change in pull request #384: Fix BZ 60781 Escape access log output where httpd does



martin-g commented on a change in pull request #384:
URL: https://github.com/apache/tomcat/pull/384#discussion_r537495586



##
File path: java/org/apache/catalina/valves/AbstractAccessLogValve.java
##
@@ -1805,4 +1808,99 @@ protected AccessLogElement createAccessLogElement(char 
pattern) {
 return new StringElement("???" + pattern + "???");
 }
 }
+
+
+/*
+ * This method is intended to mimic the escaping performed by httpd and
+ * mod_log_config. mod_log_config escapes more elements than indicated by 
the
+ * documentation. See:
+ * 
https://github.com/apache/httpd/blob/trunk/modules/loggers/mod_log_config.c
+ *
+ * The following escaped elements are not supported by Tomcat:
+ * - %C   cookie value (see %{}c below)
+ * - %e   environment variable
+ * - %f   filename
+ * - %l   remote logname (always logs "-")
+ * - %n   note
+ * - %R   handler
+ * - %ti  trailer request header
+ * - %to  trailer response header
+ * - %V   server name per UseCanonicalName setting
+ *
+ * The following escaped elements are not escaped in Tomcat because values
+ * that would require escaping are rejected before they reach the
+ * AccessLogValve:
+ * - %h   remote host
+ * - %H   request protocol
+ * - %m   request method
+ * - %q   query string
+ * - %r   request line
+ * - %U   request URI
+ * - %v   canonical server name
+ *
+ * The following escaped elements are supported by Tomcat:
+ * - %{}i request header
+ * - %{}o response header
+ * - %u   remote user
+ *
+ * The following additional Tomcat elements are escaped for consistency:
+ * - %{}c cookie value
+ * - %{}r request attribute
+ * - %{}s session attribute
+ *
+ * giving a total of 6 elements that are escaped in Tomcat.
+ *
+ *  Quoting from the httpd docs:
+ * "...non-printable and other special characters in %r, %i and %o are
+ *  escaped using \xhh sequences, where hh stands for the hexadecimal
+ *  representation of the raw byte. Exceptions from this rule are " and \,
+ *  which are escaped by prepending a backslash, and all whitespace
+ *  characters, which are written in their C-style notation (\n, \t, etc)."
+ *
+ *  Reviewing the httpd code, characters with the high bit set are escaped.
+ *  The httpd is assuming a single byte encoding which may not be true for
+ *  Tomcat so Tomcat uses the Java \\u encoding.
+ */
+protected static void escapeAndAppend(String input, CharArrayWriter dest) {
+if (input == null || input.isEmpty()) {
+dest.append('-');
+return;
+}
+
+for (char c : input.toCharArray()) {
+switch (c) {
+// " and \
+case '\\':
+dest.append("");
+break;
+case '\"':
+dest.append("\\\"");
+break;

Review comment:
   I see there was a new commit that moved left everything but the 
problematic `break` :-)





This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[GitHub] [tomcat] martin-g commented on a change in pull request #384: Fix BZ 60781 Escape access log output where httpd does



martin-g commented on a change in pull request #384:
URL: https://github.com/apache/tomcat/pull/384#discussion_r537494538



##
File path: java/org/apache/catalina/valves/AbstractAccessLogValve.java
##
@@ -1805,4 +1808,99 @@ protected AccessLogElement createAccessLogElement(char 
pattern) {
 return new StringElement("???" + pattern + "???");
 }
 }
+
+
+/*
+ * This method is intended to mimic the escaping performed by httpd and
+ * mod_log_config. mod_log_config escapes more elements than indicated by 
the
+ * documentation. See:
+ * 
https://github.com/apache/httpd/blob/trunk/modules/loggers/mod_log_config.c
+ *
+ * The following escaped elements are not supported by Tomcat:
+ * - %C   cookie value (see %{}c below)
+ * - %e   environment variable
+ * - %f   filename
+ * - %l   remote logname (always logs "-")
+ * - %n   note
+ * - %R   handler
+ * - %ti  trailer request header
+ * - %to  trailer response header
+ * - %V   server name per UseCanonicalName setting
+ *
+ * The following escaped elements are not escaped in Tomcat because values
+ * that would require escaping are rejected before they reach the
+ * AccessLogValve:
+ * - %h   remote host
+ * - %H   request protocol
+ * - %m   request method
+ * - %q   query string
+ * - %r   request line
+ * - %U   request URI
+ * - %v   canonical server name
+ *
+ * The following escaped elements are supported by Tomcat:
+ * - %{}i request header
+ * - %{}o response header
+ * - %u   remote user
+ *
+ * The following additional Tomcat elements are escaped for consistency:
+ * - %{}c cookie value
+ * - %{}r request attribute
+ * - %{}s session attribute
+ *
+ * giving a total of 6 elements that are escaped in Tomcat.
+ *
+ *  Quoting from the httpd docs:
+ * "...non-printable and other special characters in %r, %i and %o are
+ *  escaped using \xhh sequences, where hh stands for the hexadecimal
+ *  representation of the raw byte. Exceptions from this rule are " and \,
+ *  which are escaped by prepending a backslash, and all whitespace
+ *  characters, which are written in their C-style notation (\n, \t, etc)."
+ *
+ *  Reviewing the httpd code, characters with the high bit set are escaped.
+ *  The httpd is assuming a single byte encoding which may not be true for
+ *  Tomcat so Tomcat uses the Java \\u encoding.
+ */
+protected static void escapeAndAppend(String input, CharArrayWriter dest) {
+if (input == null || input.isEmpty()) {
+dest.append('-');
+return;
+}
+
+for (char c : input.toCharArray()) {
+switch (c) {
+// " and \
+case '\\':
+dest.append("");
+break;
+case '\"':
+dest.append("\\\"");
+break;

Review comment:
   I meant the `break` statement. It is not aligned with the other `break`s





This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[GitHub] [tomcat] markt-asf commented on a change in pull request #384: Fix BZ 60781 Escape access log output where httpd does



markt-asf commented on a change in pull request #384:
URL: https://github.com/apache/tomcat/pull/384#discussion_r537472595



##
File path: test/org/apache/catalina/valves/TestAbstractAccessLogValveEscape.java
##
@@ -0,0 +1,65 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.catalina.valves;
+
+import java.io.CharArrayWriter;
+import java.util.ArrayList;
+import java.util.Collection;
+import java.util.List;
+
+import org.junit.Assert;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.junit.runners.Parameterized;
+import org.junit.runners.Parameterized.Parameter;
+import org.junit.runners.Parameterized.Parameters;
+
+
+@RunWith(Parameterized.class)
+public class TestAbstractAccessLogValveEscape {
+
+@Parameters(name = "{index}: [{0}]")
+public static Collection parameters() {
+
+List parameters = new ArrayList<>();
+
+parameters.add(new String[] { null, "-" });
+parameters.add(new String[] { "", "-" });
+parameters.add(new String[] { "ok", "ok" });
+parameters.add(new String[] { "o\tk", "o\\tk" });
+parameters.add(new String[] { "o\u0002k", "o\\u0002k" });
+parameters.add(new String[] { "o\u007fk", "o\\u007fk" });
+parameters.add(new String[] { "o\u0080k", "o\\u0080k" });
+parameters.add(new String[] { "o\u00ffk", "o\\u00ffk" });

Review comment:
   Good point. I'll add one.





This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[GitHub] [tomcat] markt-asf commented on a change in pull request #384: Fix BZ 60781 Escape access log output where httpd does



markt-asf commented on a change in pull request #384:
URL: https://github.com/apache/tomcat/pull/384#discussion_r537472467



##
File path: java/org/apache/catalina/valves/AbstractAccessLogValve.java
##
@@ -1805,4 +1808,99 @@ protected AccessLogElement createAccessLogElement(char 
pattern) {
 return new StringElement("???" + pattern + "???");
 }
 }
+
+
+/*
+ * This method is intended to mimic the escaping performed by httpd and
+ * mod_log_config. mod_log_config escapes more elements than indicated by 
the
+ * documentation. See:
+ * 
https://github.com/apache/httpd/blob/trunk/modules/loggers/mod_log_config.c
+ *
+ * The following escaped elements are not supported by Tomcat:
+ * - %C   cookie value (see %{}c below)
+ * - %e   environment variable
+ * - %f   filename
+ * - %l   remote logname (always logs "-")
+ * - %n   note
+ * - %R   handler
+ * - %ti  trailer request header
+ * - %to  trailer response header
+ * - %V   server name per UseCanonicalName setting
+ *
+ * The following escaped elements are not escaped in Tomcat because values
+ * that would require escaping are rejected before they reach the
+ * AccessLogValve:
+ * - %h   remote host
+ * - %H   request protocol
+ * - %m   request method
+ * - %q   query string
+ * - %r   request line
+ * - %U   request URI
+ * - %v   canonical server name
+ *
+ * The following escaped elements are supported by Tomcat:
+ * - %{}i request header
+ * - %{}o response header
+ * - %u   remote user
+ *
+ * The following additional Tomcat elements are escaped for consistency:
+ * - %{}c cookie value
+ * - %{}r request attribute
+ * - %{}s session attribute
+ *
+ * giving a total of 6 elements that are escaped in Tomcat.
+ *
+ *  Quoting from the httpd docs:
+ * "...non-printable and other special characters in %r, %i and %o are
+ *  escaped using \xhh sequences, where hh stands for the hexadecimal
+ *  representation of the raw byte. Exceptions from this rule are " and \,
+ *  which are escaped by prepending a backslash, and all whitespace
+ *  characters, which are written in their C-style notation (\n, \t, etc)."
+ *
+ *  Reviewing the httpd code, characters with the high bit set are escaped.
+ *  The httpd is assuming a single byte encoding which may not be true for
+ *  Tomcat so Tomcat uses the Java \\u encoding.
+ */
+protected static void escapeAndAppend(String input, CharArrayWriter dest) {
+if (input == null || input.isEmpty()) {
+dest.append('-');
+return;
+}
+
+for (char c : input.toCharArray()) {
+switch (c) {
+// " and \
+case '\\':
+dest.append("");
+break;
+case '\"':
+dest.append("\\\"");
+break;

Review comment:
   Personal style choice (I prefer case statements to be indented from the 
switch). The Tomcat code is inconsistent. Looks like the consensus amongst Java 
developers is for no indents. I don't mind changing this.
   
   We have a commented out check for indentation in checkstyle. Looks like it 
still triggers ~5k errors.





This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[GitHub] [tomcat] martin-g commented on a change in pull request #384: Fix BZ 60781 Escape access log output where httpd does



martin-g commented on a change in pull request #384:
URL: https://github.com/apache/tomcat/pull/384#discussion_r537456849



##
File path: java/org/apache/catalina/valves/AbstractAccessLogValve.java
##
@@ -1805,4 +1808,99 @@ protected AccessLogElement createAccessLogElement(char 
pattern) {
 return new StringElement("???" + pattern + "???");
 }
 }
+
+
+/*
+ * This method is intended to mimic the escaping performed by httpd and
+ * mod_log_config. mod_log_config escapes more elements than indicated by 
the
+ * documentation. See:
+ * 
https://github.com/apache/httpd/blob/trunk/modules/loggers/mod_log_config.c
+ *
+ * The following escaped elements are not supported by Tomcat:
+ * - %C   cookie value (see %{}c below)
+ * - %e   environment variable
+ * - %f   filename
+ * - %l   remote logname (always logs "-")
+ * - %n   note
+ * - %R   handler
+ * - %ti  trailer request header
+ * - %to  trailer response header
+ * - %V   server name per UseCanonicalName setting
+ *
+ * The following escaped elements are not escaped in Tomcat because values
+ * that would require escaping are rejected before they reach the
+ * AccessLogValve:
+ * - %h   remote host
+ * - %H   request protocol
+ * - %m   request method
+ * - %q   query string
+ * - %r   request line
+ * - %U   request URI
+ * - %v   canonical server name
+ *
+ * The following escaped elements are supported by Tomcat:
+ * - %{}i request header
+ * - %{}o response header
+ * - %u   remote user
+ *
+ * The following additional Tomcat elements are escaped for consistency:
+ * - %{}c cookie value
+ * - %{}r request attribute
+ * - %{}s session attribute
+ *
+ * giving a total of 6 elements that are escaped in Tomcat.
+ *
+ *  Quoting from the httpd docs:
+ * "...non-printable and other special characters in %r, %i and %o are
+ *  escaped using \xhh sequences, where hh stands for the hexadecimal
+ *  representation of the raw byte. Exceptions from this rule are " and \,
+ *  which are escaped by prepending a backslash, and all whitespace
+ *  characters, which are written in their C-style notation (\n, \t, etc)."
+ *
+ *  Reviewing the httpd code, characters with the high bit set are escaped.
+ *  The httpd is assuming a single byte encoding which may not be true for
+ *  Tomcat so Tomcat uses the Java \\u encoding.
+ */
+protected static void escapeAndAppend(String input, CharArrayWriter dest) {
+if (input == null || input.isEmpty()) {
+dest.append('-');
+return;
+}
+
+for (char c : input.toCharArray()) {
+switch (c) {
+// " and \
+case '\\':
+dest.append("");
+break;
+case '\"':
+dest.append("\\\"");
+break;

Review comment:
   indentation is off

##
File path: test/org/apache/catalina/valves/TestAbstractAccessLogValveEscape.java
##
@@ -0,0 +1,65 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.catalina.valves;
+
+import java.io.CharArrayWriter;
+import java.util.ArrayList;
+import java.util.Collection;
+import java.util.List;
+
+import org.junit.Assert;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.junit.runners.Parameterized;
+import org.junit.runners.Parameterized.Parameter;
+import org.junit.runners.Parameterized.Parameters;
+
+
+@RunWith(Parameterized.class)
+public class TestAbstractAccessLogValveEscape {
+
+@Parameters(name = "{index}: [{0}]")
+public static Collection parameters() {
+
+List parameters = new ArrayList<>();
+
+parameters.add(new String[] { null, "-" });
+parameters.add(new String[] { "", "-" });
+parameters.add(new String[] { "ok", "ok" });
+parameters.add(new String[] { "o\tk", "o\\tk" });
+parameters.add(new String[] { "o\u0002k", "o\\u0002k" });
+parameters.add(new String[] { "o\u007fk", "o\\u007fk" });
+parame

Re: [VOTE] Release Apache Tomcat 9.0.41

2020-12-07 Thread Konstantin Kolinko

чт, 3 дек. 2020 г. в 16:12, Mark Thomas :

>
> The proposed Apache Tomcat 9.0.41 release is now available for voting.
> ...
> The proposed 9.0.41 release is:
> [ ] Broken - do not release
> [x] Stable - go ahead and release as 9.0.41

Smoke testing OK (OpenJDK 15.0.1)
Unit tests OK (AdoptOpenJDK 8u275 and 11.0.9, OpenJDK 15.0.1)
on Windows 10 20H2.

Best regards,
Konstantin Kolinko

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[GitHub] [tomcat] rainerjung commented on a change in pull request #385: Add peerAddress to coyote request



rainerjung commented on a change in pull request #385:
URL: https://github.com/apache/tomcat/pull/385#discussion_r537434611



##
File path: java/org/apache/coyote/Constants.java
##
@@ -96,4 +96,11 @@
  * the X-Forwarded-For HTTP header.
  */
 public static final String REMOTE_ADDR_ATTRIBUTE = 
"org.apache.tomcat.remoteAddr";
+
+/**
+ * The request attribute set by the RemoteIpFilter, RemoteIpValve (and may
+ * be set by other similar components) that identifies for the connector 
the
+ * conection peer IP address.

Review comment:
   Thanks.





This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[GitHub] [tomcat] rainerjung commented on a change in pull request #385: Add peerAddress to coyote request



rainerjung commented on a change in pull request #385:
URL: https://github.com/apache/tomcat/pull/385#discussion_r537434443



##
File path: java/org/apache/catalina/valves/AbstractAccessLogValve.java
##
@@ -861,19 +868,50 @@ public void addElement(CharArrayWriter buf, Date date, 
Request request,
  * write remote IP address - %a
  */
 protected class RemoteAddrElement implements AccessLogElement, 
CachedElement {
+/**
+ * Type of address to log
+ */
+private static final String remoteAddress = "remote";

Review comment:
   AbstractAccessLogValve consistently uses camel case for static Strings. 
I sticked to the local concentions in ther file. I would prefer to change the 
static string nameing conventions in an independent commit.





This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[GitHub] [tomcat] martin-g commented on a change in pull request #385: Add peerAddress to coyote request



martin-g commented on a change in pull request #385:
URL: https://github.com/apache/tomcat/pull/385#discussion_r537343964



##
File path: webapps/docs/changelog.xml
##
@@ -117,6 +117,22 @@
 Especially add support for connector specific configuration
 using addConnectorPort. (rjung)
   
+  
+Add peerAddress to coyote request, which contains
+the IP address of the direct connection peer. If a reverse proxy
+sits in front of Tomcat and the protocol used is AJP or HTTP
+in combination with the RemoteIp(Valve|Filter),
+the peer address might differ from the remoteAddress.
+The latter then contains the address of the client in front of the
+reverse proxy, not the address of the proxy itself.
+Support for the peer address has been added to the
+RemoteAddrValve and RemoteCIDRValve with the new attribute
+usePeerAddress. This can be used to restrict access
+to Tomcat bsed on the reverse proxy IP address, which is especially

Review comment:
   s/bsed/based/

##
File path: java/org/apache/catalina/valves/AbstractAccessLogValve.java
##
@@ -861,19 +868,50 @@ public void addElement(CharArrayWriter buf, Date date, 
Request request,
  * write remote IP address - %a
  */
 protected class RemoteAddrElement implements AccessLogElement, 
CachedElement {
+/**
+ * Type of address to log
+ */
+private static final String remoteAddress = "remote";

Review comment:
   s/remoteAddress/REMOTE_ADDRESS/, to follow Java conventions ?! Same for 
`peerAddress` below.

##
File path: java/org/apache/coyote/Request.java
##
@@ -95,6 +95,7 @@ public Request() {
 
 // remote address/host
 private final MessageBytes remoteAddrMB = MessageBytes.newInstance();
+private final MessageBytes peerAddrMB = MessageBytes.newInstance();

Review comment:
   Do we care that it is either `remote` or `peer`? So one of them wastes 
memory. Or it is negligible ?

##
File path: java/org/apache/coyote/Constants.java
##
@@ -96,4 +96,11 @@
  * the X-Forwarded-For HTTP header.
  */
 public static final String REMOTE_ADDR_ATTRIBUTE = 
"org.apache.tomcat.remoteAddr";
+
+/**
+ * The request attribute set by the RemoteIpFilter, RemoteIpValve (and may
+ * be set by other similar components) that identifies for the connector 
the
+ * conection peer IP address.

Review comment:
   con`n`ection

##
File path: webapps/docs/changelog.xml
##
@@ -117,6 +117,22 @@
 Especially add support for connector specific configuration
 using addConnectorPort. (rjung)
   
+  
+Add peerAddress to coyote request, which contains
+the IP address of the direct connection peer. If a reverse proxy
+sits in front of Tomcat and the protocol used is AJP or HTTP
+in combination with the RemoteIp(Valve|Filter),
+the peer address might differ from the remoteAddress.
+The latter then contains the address of the client in front of the
+reverse proxy, not the address of the proxy itself.
+Support for the peer address has been added to the
+RemoteAddrValve and RemoteCIDRValve with the new attribute
+usePeerAddress. This can be used to restrict access
+to Tomcat bsed on the reverse proxy IP address, which is especially
+useful to harden access to AJP connecrtors. The peer address can also

Review comment:
   s/connecrtors/connectors/





This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch 8.5.x updated: Fix potential infinite loop in SSL tests

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/8.5.x by this push:
 new 5d27ddf  Fix potential infinite loop in SSL tests
5d27ddf is described below

commit 5d27ddf24f819f028f82fbaf4e9e27c0ca56623f
Author: Mark Thomas 
AuthorDate: Mon Dec 7 08:58:00 2020 +

Fix potential infinite loop in SSL tests
---
 test/org/apache/tomcat/util/net/TestSsl.java | 14 --
 1 file changed, 12 insertions(+), 2 deletions(-)

diff --git a/test/org/apache/tomcat/util/net/TestSsl.java 
b/test/org/apache/tomcat/util/net/TestSsl.java
index 6d8bc2b..d489537 100644
--- a/test/org/apache/tomcat/util/net/TestSsl.java
+++ b/test/org/apache/tomcat/util/net/TestSsl.java
@@ -125,7 +125,13 @@ public class TestSsl extends TomcatBaseTest {
 byte[] endOfHeaders = "\r\n\r\n".getBytes();
 int found = 0;
 while (found != endOfHeaders.length) {
-if (is.read() == endOfHeaders[found]) {
+int c = is.read();
+if (c == -1) {
+// EOF
+System.err.println("Unexpected EOF");
+errorCount.incrementAndGet();
+break;
+} else if (c == endOfHeaders[found]) {
 found++;
 } else {
 found = 0;
@@ -252,7 +258,11 @@ public class TestSsl extends TomcatBaseTest {
 char[] endOfHeaders ="\r\n\r\n".toCharArray();
 int found = 0;
 while (found != endOfHeaders.length) {
-if (r.read() == endOfHeaders[found]) {
+int c = r.read();
+if (c == -1) {
+// EOF
+Assert.fail("Unexpected EOF");
+} else if (c == endOfHeaders[found]) {
 found++;
 } else {
 found = 0;


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch 9.0.x updated: Fix potential infinite loop in SSL tests

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/9.0.x by this push:
 new ea548ea  Fix potential infinite loop in SSL tests
ea548ea is described below

commit ea548eaa15a549fd3ea3d7e0f953597c55fc144b
Author: Mark Thomas 
AuthorDate: Mon Dec 7 08:58:00 2020 +

Fix potential infinite loop in SSL tests
---
 test/org/apache/tomcat/util/net/TestSsl.java | 14 --
 1 file changed, 12 insertions(+), 2 deletions(-)

diff --git a/test/org/apache/tomcat/util/net/TestSsl.java 
b/test/org/apache/tomcat/util/net/TestSsl.java
index df70006..ce42f55 100644
--- a/test/org/apache/tomcat/util/net/TestSsl.java
+++ b/test/org/apache/tomcat/util/net/TestSsl.java
@@ -125,7 +125,13 @@ public class TestSsl extends TomcatBaseTest {
 byte[] endOfHeaders = "\r\n\r\n".getBytes();
 int found = 0;
 while (found != endOfHeaders.length) {
-if (is.read() == endOfHeaders[found]) {
+int c = is.read();
+if (c == -1) {
+// EOF
+System.err.println("Unexpected EOF");
+errorCount.incrementAndGet();
+break;
+} else if (c == endOfHeaders[found]) {
 found++;
 } else {
 found = 0;
@@ -252,7 +258,11 @@ public class TestSsl extends TomcatBaseTest {
 char[] endOfHeaders ="\r\n\r\n".toCharArray();
 int found = 0;
 while (found != endOfHeaders.length) {
-if (r.read() == endOfHeaders[found]) {
+int c = r.read();
+if (c == -1) {
+// EOF
+Assert.fail("Unexpected EOF");
+} else if (c == endOfHeaders[found]) {
 found++;
 } else {
 found = 0;


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch master updated: Fix potential infinite loop in SSL tests