[GitHub] [tomcat] Sumithkr commented on pull request #381: Create Documentation installing tomcat on ibm cloud

2020-12-01 Thread GitBox 


Sumithkr commented on pull request #381:
URL: https://github.com/apache/tomcat/pull/381#issuecomment-736342539


   it has instructions that how to install tomcat on ibm cloud
   
   
   On Mon, 30 Nov 2020 at 17:43, Martin Grigorov 
   wrote:
   
   > IMO this document should be part of IBM Cloud documentation. We cannot
   > maintain it.
   >
   > —
   > You are receiving this because you authored the thread.
   > Reply to this email directly, view it on GitHub
   > , or
   > unsubscribe
   > 

   > .
   >
   



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 64762] CoyoteInputStream getInputStream() read (wait after premature end and the rest comes)

2020-12-01 Thread bugzilla 
https://bz.apache.org/bugzilla/show_bug.cgi?id=64762

--- Comment #10 from Mark Thomas  ---
Another month has passed and we still don't have a minimal WAR that reproduces
this issue. I'll leave this open another month but without a test case to
investigate this will get closed.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 64771] Windows CPU processor always running by a thread reading request body from https connection

2020-12-01 Thread bugzilla 
https://bz.apache.org/bugzilla/show_bug.cgi?id=64771

--- Comment #5 from Mark Thomas  ---
Two months have passed and we still don't have a minimal WAR that reproduces
this issue. I'll leave this open another month but without a test case to
investigate this will get closed.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Releases

2020-12-01 Thread Mark Thomas 
Hi all,

It is the start of the month so I am going to start another round of
releases shortly.

I do want to deprecate the APR connector in 10.0.x as previously
discussed first. If anyone has anything else they want to get in to the
next set of releases, now would be the time to add it :)

Mark

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[GitHub] [tomcat] martin-g commented on pull request #381: Create Documentation installing tomcat on ibm cloud

2020-12-01 Thread GitBox 


martin-g commented on pull request #381:
URL: https://github.com/apache/tomcat/pull/381#issuecomment-736353788


   Tomcat cannot maintain documentation for all the cloud providers out there. 
It is their responsibility to explain what they did differently than the 
official Tomcat documentation.



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[GitHub] [tomcat] martin-g closed pull request #381: Create Documentation installing tomcat on ibm cloud

2020-12-01 Thread GitBox 


martin-g closed pull request #381:
URL: https://github.com/apache/tomcat/pull/381


   



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[GitHub] [tomcat] rmaucher commented on pull request #381: Create Documentation installing tomcat on ibm cloud

2020-12-01 Thread GitBox 


rmaucher commented on pull request #381:
URL: https://github.com/apache/tomcat/pull/381#issuecomment-736367100


   The wiki can still be a good spot for this kind of thing, as long as it is 
organized properly and maintained.



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch master updated: Deprecate the APR/Native AJP and HTTP connectors

2020-12-01 Thread markt 
This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/master by this push:
 new 72323cb  Deprecate the APR/Native AJP and HTTP connectors
72323cb is described below

commit 72323cb76307698b66b0253a34bfbb4a9ea034fe
Author: Mark Thomas 
AuthorDate: Tue Dec 1 10:27:16 2020 +

Deprecate the APR/Native AJP and HTTP connectors

Removal is planned for 10.1.x
---
 conf/server.xml| 23 ++
 java/org/apache/coyote/ajp/AjpAprProtocol.java |  4 
 .../apache/coyote/http11/Http11AprProtocol.java|  4 
 java/org/apache/tomcat/util/net/AprEndpoint.java   |  4 
 java/org/apache/tomcat/util/net/AprSSLSupport.java |  4 
 webapps/docs/aio.xml   |  5 ++---
 webapps/docs/apr.xml   |  3 +++
 webapps/docs/changelog.xml |  4 
 webapps/docs/config/ajp.xml| 10 --
 webapps/docs/config/http.xml   | 10 --
 webapps/docs/index.xml |  3 +--
 webapps/docs/ssl-howto.xml | 12 +--
 12 files changed, 50 insertions(+), 36 deletions(-)

diff --git a/conf/server.xml b/conf/server.xml
index 91bd415..dd4a73b 100644
--- a/conf/server.xml
+++ b/conf/server.xml
@@ -61,9 +61,8 @@
 
 
 
 
 -->
-
-
 
 
 
 ]]>


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Objection to the deprecation of the tomcat-native/APR connector

2020-12-01 Thread Graham Leggett 
Hi all,

I object to the deprecation of the tomcat-native/APR connector.

Most specifically, I am -1 on the following:

https://marc.info/?l=tomcat-dev&m=160681846808019&w=2

Looking at past discussion on this, the justification has been:

"It is inherently less stable. If we get the NIO code wrong, you might
see a NullPointerException. If we get the APR code wrong you might see a
JVM crash.”

Both a NullPointerException and a crash result in the same outcome - a non 
working server. Tomcat-native has releases in the 
https://archive.apache.org/dist/tomcat/tomcat-connectors/native/ going back 15 
years to 2005, a claim of a lack of stability needs to be quantifiable.

I also object to the removal of OpenSSL code, for the same reason.

We are in the middle of a global pandemic. Our users do not have the resources 
to suddenly divert to reengineering what is to them a perfectly working system, 
to replace what exists with something else that just works differently.

Regards,
Graham
—


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: Objection to the deprecation of the tomcat-native/APR connector

2020-12-01 Thread Rémy Maucherat 
On Tue, Dec 1, 2020 at 12:05 PM Graham Leggett 
wrote:

> Hi all,
>
> I object to the deprecation of the tomcat-native/APR connector.
>
> Most specifically, I am -1 on the following:
>
> https://marc.info/?l=tomcat-dev&m=160681846808019&w=2
>
> Looking at past discussion on this, the justification has been:
>
> "It is inherently less stable. If we get the NIO code wrong, you might
> see a NullPointerException. If we get the APR code wrong you might see a
> JVM crash.”
>
> Both a NullPointerException and a crash result in the same outcome - a non
> working server. Tomcat-native has releases in the
> https://archive.apache.org/dist/tomcat/tomcat-connectors/native/ going
> back 15 years to 2005, a claim of a lack of stability needs to be
> quantifiable.
>
> I also object to the removal of OpenSSL code, for the same reason.
>
> We are in the middle of a global pandemic. Our users do not have the
> resources to suddenly divert to reengineering what is to them a perfectly
> working system, to replace what exists with something else that just works
> differently.
>

You still have years to plan a migration off the APR connector as it will
only be removed in 10.1 and Tomcat 9.0 continues to be supported.

This eventual removal or APR has been discussed for years. BTW, so that you
know, there are also discussions about AJP. However, the OpenSSL support as
used by NIO/NIO2 is not under consideration for removal. Its wrapper could
however be replaced by using some Java code rather than C code (Panama).

Yes, there's an overall plan to remove our native code ...

Rémy


> Regards,
> Graham
> —
>
>
> -
> To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: dev-h...@tomcat.apache.org
>
>

Re: Objection to the deprecation of the tomcat-native/APR connector

2020-12-01 Thread Mark Thomas 
On 01/12/2020 11:05, Graham Leggett wrote:
> Hi all,
> 
> I object to the deprecation of the tomcat-native/APR connector.
> 
> Most specifically, I am -1 on the following:
> 
> https://marc.info/?l=tomcat-dev&m=160681846808019&w=2
> 
> Looking at past discussion on this, the justification has been:
> 
> "It is inherently less stable. If we get the NIO code wrong, you might
> see a NullPointerException. If we get the APR code wrong you might see a
> JVM crash.”
> 
> Both a NullPointerException and a crash result in the same outcome - a non 
> working server.

No it isn't. The difference is a single failed request compared to the
entire server failing.

> Tomcat-native has releases in the 
> https://archive.apache.org/dist/tomcat/tomcat-connectors/native/ going back 
> 15 years to 2005, a claim of a lack of stability needs to be quantifiable.

See the long list of bugs raised against Tomcat and the Tomcat Native
Connector that reported a JVM crash. The reports have slowly been
getting less frequent over the years and are at a much lower level now
than they were but the risk remains.

> I also object to the removal of OpenSSL code, for the same reason.

It isn't being removed. The APR/Native library will be retained along
with OpenSSL support for the NIO and NIO2.

I expect the scope of the APR/Native library for Tomcat 10.1.x onwards
will be reduced to just those native methods required to interact with
OpenSSL which may mean removal of the APR dependency. If we can use
OpenSSL without any native code of our own (e.g. via project Panama or
similar) then better still.

> We are in the middle of a global pandemic. Our users do not have the 
> resources to suddenly divert to reengineering what is to them a perfectly 
> working system, to replace what exists with something else that just works 
> differently.

Upgrading to Tomcat 10 already requires significant re-engineering work
due to the java package change for all the specification APIs.

Switching an HTTP or AJP connector from APR/Native to NIO or NIO2 with
OpenSSL requires a change of three/four characters in one configuration
file. We have deliberately made it very easy to switch between connectors.

No-one is being forced to upgrade. Tomcat 8.5.x and 9.0.x will continue
to support the APR/Native connector for AJP and HTTP. Based on the
typical 10 year support lifetime of a major Tomcat release users have at
least five to six years before they would be forced to migrate away from
using an APR/Native HTTP or AJP connector.

I'll note that Tomcat supports at least 3 major versions in parallel
with each major version being supported for ~10 years. That is a very
generous support offering.

Regards,

Mark

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[GitHub] [tomcat] minfrin commented on a change in pull request #382: Add support for unix domain sockets.

2020-12-01 Thread GitBox 


minfrin commented on a change in pull request #382:
URL: https://github.com/apache/tomcat/pull/382#discussion_r533367239



##
File path: java/org/apache/tomcat/util/net/AprEndpoint.java
##
@@ -292,52 +295,79 @@ public void bind() throws Exception {
 
 // Create the pool for the server socket
 serverSockPool = Pool.create(rootPool);
+
 // Create the APR address that will be bound
-String addressStr = null;
-if (getAddress() != null) {
-addressStr = getAddress().getHostAddress();
-}
-int family = Socket.APR_INET;
-if (Library.APR_HAVE_IPV6) {
-if (addressStr == null) {
-if (!OS.IS_BSD) {
+if (getPath() != null) {
+if (Library.APR_HAVE_UNIX) {
+hostname = getPath().toString();
+family = Socket.APR_UNIX;
+}
+else {
+throw new 
Exception(sm.getString("endpoint.init.unixnotavail"));
+}
+}
+else {
+
+if (getAddress() != null) {
+hostname = getAddress().getHostAddress();
+}
+family = Socket.APR_INET;
+if (Library.APR_HAVE_IPV6) {
+if (hostname == null) {
+if (!OS.IS_BSD) {
+family = Socket.APR_UNSPEC;
+}
+} else if (hostname.indexOf(':') >= 0) {
 family = Socket.APR_UNSPEC;
 }
-} else if (addressStr.indexOf(':') >= 0) {
-family = Socket.APR_UNSPEC;
 }
- }
+}
+
+long sockAddress = Address.info(hostname, family, getPortWithOffset(), 
0, rootPool);
 
-long inetAddress = Address.info(addressStr, family, 
getPortWithOffset(), 0, rootPool);
 // Create the APR server socket
-serverSock = Socket.create(Address.getInfo(inetAddress).family,
+if (family == Socket.APR_UNIX) {
+serverSock = Socket.create(family, Socket.SOCK_STREAM, 0, 
rootPool);
+}
+else {
+serverSock = Socket.create(Address.getInfo(sockAddress).family,
 Socket.SOCK_STREAM,
 Socket.APR_PROTO_TCP, rootPool);
-if (OS.IS_UNIX) {
-Socket.optSet(serverSock, Socket.APR_SO_REUSEADDR, 1);
-}
-if (Library.APR_HAVE_IPV6) {
-if (getIpv6v6only()) {
-Socket.optSet(serverSock, Socket.APR_IPV6_V6ONLY, 1);
-} else {
-Socket.optSet(serverSock, Socket.APR_IPV6_V6ONLY, 0);
+if (OS.IS_UNIX) {
+Socket.optSet(serverSock, Socket.APR_SO_REUSEADDR, 1);
+}
+if (Library.APR_HAVE_IPV6) {
+if (getIpv6v6only()) {
+Socket.optSet(serverSock, Socket.APR_IPV6_V6ONLY, 1);
+} else {
+Socket.optSet(serverSock, Socket.APR_IPV6_V6ONLY, 0);
+}
 }
+// Deal with the firewalls that tend to drop the inactive sockets
+Socket.optSet(serverSock, Socket.APR_SO_KEEPALIVE, 1);
 }
-// Deal with the firewalls that tend to drop the inactive sockets
-Socket.optSet(serverSock, Socket.APR_SO_KEEPALIVE, 1);
+
 // Bind the server socket
-int ret = Socket.bind(serverSock, inetAddress);
+int ret = Socket.bind(serverSock, sockAddress);
 if (ret != 0) {
 throw new Exception(sm.getString("endpoint.init.bind", "" + ret, 
Error.strerror(ret)));
 }
+
 // Start listening on the server socket
 ret = Socket.listen(serverSock, getAcceptCount());
 if (ret != 0) {
 throw new Exception(sm.getString("endpoint.init.listen", "" + ret, 
Error.strerror(ret)));
 }
-if (OS.IS_WIN32 || OS.IS_WIN64) {
-// On Windows set the reuseaddr flag after the bind/listen
-Socket.optSet(serverSock, Socket.APR_SO_REUSEADDR, 1);
+
+if (family == Socket.APR_UNIX) {

Review comment:
   Specifically, this  is done:
   
   ```
   
   ```
   





This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch master updated: First pass at deprecation in org.apache.tomcat.jni

2020-12-01 Thread markt 
This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/master by this push:
 new 9406b85  First pass at deprecation in org.apache.tomcat.jni
9406b85 is described below

commit 9406b8501abd6caf507f10aecbcdcc2fca110f81
Author: Mark Thomas 
AuthorDate: Tue Dec 1 12:56:46 2020 +

First pass at deprecation in org.apache.tomcat.jni

The intention is to deprecate everything that is not used by the
NIO/NIO2 OpenSSL support. There may still be individual methods within
the remaining classes that are not used.
---
 java/org/apache/tomcat/jni/Address.java|  5 +++
 java/org/apache/tomcat/jni/Directory.java  |  5 +++
 java/org/apache/tomcat/jni/File.java   |  5 +++
 java/org/apache/tomcat/jni/FileInfo.java   |  5 +++
 java/org/apache/tomcat/jni/Global.java |  5 +++
 java/org/apache/tomcat/jni/Local.java  |  5 +++
 java/org/apache/tomcat/jni/Lock.java   |  5 +++
 java/org/apache/tomcat/jni/Mmap.java   |  5 +++
 java/org/apache/tomcat/jni/Multicast.java  |  5 +++
 java/org/apache/tomcat/jni/OS.java |  5 +++
 java/org/apache/tomcat/jni/Poll.java   |  5 +++
 java/org/apache/tomcat/jni/PoolCallback.java   |  5 +++
 java/org/apache/tomcat/jni/Proc.java   |  5 +++
 java/org/apache/tomcat/jni/ProcErrorCallback.java  |  5 +++
 java/org/apache/tomcat/jni/Procattr.java   |  5 +++
 java/org/apache/tomcat/jni/Registry.java   |  5 +++
 java/org/apache/tomcat/jni/SSLSocket.java  |  5 +++
 java/org/apache/tomcat/jni/Shm.java|  5 +++
 java/org/apache/tomcat/jni/Sockaddr.java   |  5 +++
 java/org/apache/tomcat/jni/Socket.java |  5 +++
 java/org/apache/tomcat/jni/Status.java |  5 +++
 java/org/apache/tomcat/jni/Stdlib.java |  5 +++
 java/org/apache/tomcat/jni/Thread.java |  5 +++
 java/org/apache/tomcat/jni/Time.java   |  5 +++
 java/org/apache/tomcat/jni/User.java   |  5 +++
 test/org/apache/tomcat/jni/TestFile.java   |  7 +++-
 test/org/apache/tomcat/jni/TestSocketServer.java   |  5 +++
 .../jni/TestSocketServerAnyLocalAddress.java   |  5 +++
 .../apache/tomcat/util/net/TestXxxEndpoint.java| 45 ++
 29 files changed, 169 insertions(+), 18 deletions(-)

diff --git a/java/org/apache/tomcat/jni/Address.java 
b/java/org/apache/tomcat/jni/Address.java
index 2310367..cabaabc 100644
--- a/java/org/apache/tomcat/jni/Address.java
+++ b/java/org/apache/tomcat/jni/Address.java
@@ -19,7 +19,12 @@ package org.apache.tomcat.jni;
 /** Address
  *
  * @author Mladen Turk
+ *
+ * @deprecated  The scope of the APR/Native Library will be reduced in Tomcat
+ *  10.1.x onwards to only those components required to provide
+ *  OpenSSL integration with the NIO and NIO2 connectors.
  */
+@Deprecated
 public class Address {
 
 public static final String APR_ANYADDR = "0.0.0.0";
diff --git a/java/org/apache/tomcat/jni/Directory.java 
b/java/org/apache/tomcat/jni/Directory.java
index 8a94972..8eb6087 100644
--- a/java/org/apache/tomcat/jni/Directory.java
+++ b/java/org/apache/tomcat/jni/Directory.java
@@ -20,7 +20,12 @@ package org.apache.tomcat.jni;
 /** Directory
  *
  * @author Mladen Turk
+ *
+ * @deprecated  The scope of the APR/Native Library will be reduced in Tomcat
+ *  10.1.x onwards to only those components required to provide
+ *  OpenSSL integration with the NIO and NIO2 connectors.
  */
+@Deprecated
 public class Directory {
 
 /**
diff --git a/java/org/apache/tomcat/jni/File.java 
b/java/org/apache/tomcat/jni/File.java
index 4ae5523..9128b62 100644
--- a/java/org/apache/tomcat/jni/File.java
+++ b/java/org/apache/tomcat/jni/File.java
@@ -22,7 +22,12 @@ import java.nio.ByteBuffer;
 /** File
  *
  * @author Mladen Turk
+ *
+ * @deprecated  The scope of the APR/Native Library will be reduced in Tomcat
+ *  10.1.x onwards to only those components required to provide
+ *  OpenSSL integration with the NIO and NIO2 connectors.
  */
+@Deprecated
 public class File {
 
 /** Open the file for reading */
diff --git a/java/org/apache/tomcat/jni/FileInfo.java 
b/java/org/apache/tomcat/jni/FileInfo.java
index 9fb6bd3..9eeba1a 100644
--- a/java/org/apache/tomcat/jni/FileInfo.java
+++ b/java/org/apache/tomcat/jni/FileInfo.java
@@ -20,7 +20,12 @@ package org.apache.tomcat.jni;
 /** Fileinfo
  *
  * @author Mladen Turk
+ *
+ * @deprecated  The scope of the APR/Native Library will be reduced in Tomcat
+ *  10.1.x onwards to only those components required to provide
+ *  OpenSSL integration with the NIO and NIO2 connectors.
  */
+@Deprecated
 public class FileInfo {
 
 /** Alloca

[tomcat-jakartaee-migration] branch master updated: Update BCEL to 6.5.0

2020-12-01 Thread markt 
This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/tomcat-jakartaee-migration.git


The following commit(s) were added to refs/heads/master by this push:
 new c52b23c  Update BCEL to 6.5.0
c52b23c is described below

commit c52b23c49f97173ea78e8bcbaab85d7eb5eefe94
Author: Mark Thomas 
AuthorDate: Tue Dec 1 14:54:02 2020 +

Update BCEL to 6.5.0
---
 pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pom.xml b/pom.xml
index 804ba7d..70f6096 100644
--- a/pom.xml
+++ b/pom.xml
@@ -69,7 +69,7 @@
 
   org.apache.bcel
   bcel
-  6.4.1
+  6.5.0
 
 
   commons-io


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[GitHub] [tomcat] michael-o commented on a change in pull request #382: Add support for unix domain sockets.

2020-12-01 Thread GitBox 


michael-o commented on a change in pull request #382:
URL: https://github.com/apache/tomcat/pull/382#discussion_r533484404



##
File path: java/org/apache/tomcat/util/net/AprEndpoint.java
##
@@ -292,52 +295,79 @@ public void bind() throws Exception {
 
 // Create the pool for the server socket
 serverSockPool = Pool.create(rootPool);
+
 // Create the APR address that will be bound
-String addressStr = null;
-if (getAddress() != null) {
-addressStr = getAddress().getHostAddress();
-}
-int family = Socket.APR_INET;
-if (Library.APR_HAVE_IPV6) {
-if (addressStr == null) {
-if (!OS.IS_BSD) {
+if (getPath() != null) {
+if (Library.APR_HAVE_UNIX) {
+hostname = getPath().toString();
+family = Socket.APR_UNIX;
+}
+else {
+throw new 
Exception(sm.getString("endpoint.init.unixnotavail"));
+}
+}
+else {
+
+if (getAddress() != null) {
+hostname = getAddress().getHostAddress();
+}
+family = Socket.APR_INET;
+if (Library.APR_HAVE_IPV6) {
+if (hostname == null) {
+if (!OS.IS_BSD) {
+family = Socket.APR_UNSPEC;
+}
+} else if (hostname.indexOf(':') >= 0) {
 family = Socket.APR_UNSPEC;
 }
-} else if (addressStr.indexOf(':') >= 0) {
-family = Socket.APR_UNSPEC;
 }
- }
+}
+
+long sockAddress = Address.info(hostname, family, getPortWithOffset(), 
0, rootPool);
 
-long inetAddress = Address.info(addressStr, family, 
getPortWithOffset(), 0, rootPool);
 // Create the APR server socket
-serverSock = Socket.create(Address.getInfo(inetAddress).family,
+if (family == Socket.APR_UNIX) {
+serverSock = Socket.create(family, Socket.SOCK_STREAM, 0, 
rootPool);
+}
+else {
+serverSock = Socket.create(Address.getInfo(sockAddress).family,
 Socket.SOCK_STREAM,
 Socket.APR_PROTO_TCP, rootPool);
-if (OS.IS_UNIX) {
-Socket.optSet(serverSock, Socket.APR_SO_REUSEADDR, 1);
-}
-if (Library.APR_HAVE_IPV6) {
-if (getIpv6v6only()) {
-Socket.optSet(serverSock, Socket.APR_IPV6_V6ONLY, 1);
-} else {
-Socket.optSet(serverSock, Socket.APR_IPV6_V6ONLY, 0);
+if (OS.IS_UNIX) {
+Socket.optSet(serverSock, Socket.APR_SO_REUSEADDR, 1);
+}
+if (Library.APR_HAVE_IPV6) {
+if (getIpv6v6only()) {
+Socket.optSet(serverSock, Socket.APR_IPV6_V6ONLY, 1);
+} else {
+Socket.optSet(serverSock, Socket.APR_IPV6_V6ONLY, 0);
+}
 }
+// Deal with the firewalls that tend to drop the inactive sockets
+Socket.optSet(serverSock, Socket.APR_SO_KEEPALIVE, 1);
 }
-// Deal with the firewalls that tend to drop the inactive sockets
-Socket.optSet(serverSock, Socket.APR_SO_KEEPALIVE, 1);
+
 // Bind the server socket
-int ret = Socket.bind(serverSock, inetAddress);
+int ret = Socket.bind(serverSock, sockAddress);
 if (ret != 0) {
 throw new Exception(sm.getString("endpoint.init.bind", "" + ret, 
Error.strerror(ret)));
 }
+
 // Start listening on the server socket
 ret = Socket.listen(serverSock, getAcceptCount());
 if (ret != 0) {
 throw new Exception(sm.getString("endpoint.init.listen", "" + ret, 
Error.strerror(ret)));
 }
-if (OS.IS_WIN32 || OS.IS_WIN64) {
-// On Windows set the reuseaddr flag after the bind/listen
-Socket.optSet(serverSock, Socket.APR_SO_REUSEADDR, 1);
+
+if (family == Socket.APR_UNIX) {

Review comment:
   Very nice. It's a pity that we cannot set the umask, but that's good too.





This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[GitHub] [tomcat-native] michael-o commented on a change in pull request #8: Expose support for Unix Domain Sockets in APR v1.6 and up.

2020-12-01 Thread GitBox 


michael-o commented on a change in pull request #8:
URL: https://github.com/apache/tomcat-native/pull/8#discussion_r533486240



##
File path: xdocs/index.xml
##
@@ -174,6 +175,14 @@ list of changes.
 
   Please see the Apache Tomcat documentation for configuration specifics.
 
+
+
+  When using unix domain sockets a cleanup is registered to delete the

Review comment:
   Last nit, use Unix Domain Sockets (uppercase) consistently.





This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[GitHub] [tomcat] michael-o commented on a change in pull request #382: Add support for unix domain sockets.

2020-12-01 Thread GitBox 


michael-o commented on a change in pull request #382:
URL: https://github.com/apache/tomcat/pull/382#discussion_r533488953



##
File path: java/org/apache/tomcat/util/net/LocalStrings.properties
##
@@ -88,6 +88,7 @@ endpoint.init.bind=Socket bind failed: [{0}] [{1}]
 endpoint.init.bind.inherited=No inherited channel while the connector was 
configured to use one
 endpoint.init.listen=Socket listen failed: [{0}] [{1}]
 endpoint.init.notavail=APR not available
+endpoint.init.unixnotavail=Unix domain socket support not available

Review comment:
   Same here

##
File path: webapps/docs/config/http.xml
##
@@ -208,6 +208,24 @@
   The default is POST
 
 
+
+  Where supported, the path to a unix domain socket that this

Review comment:
   Here

##
File path: java/org/apache/catalina/core/LocalStrings.properties
##
@@ -74,7 +74,7 @@ aprListener.aprInitDebug=The Apache Tomcat Native library 
could not be found usi
 aprListener.aprInitError=The Apache Tomcat Native library failed to load. The 
error reported was [{0}]
 aprListener.currentFIPSMode=Current FIPS mode: [{0}]
 aprListener.enterAlreadyInFIPSMode=AprLifecycleListener is configured to force 
entering FIPS mode, but library is already in FIPS mode [{0}]
-aprListener.flags=APR capabilities: IPv6 [{0}], sendfile [{1}], accept filters 
[{2}], random [{3}].
+aprListener.flags=APR capabilities: IPv6 [{0}], sendfile [{1}], accept filters 
[{2}], random [{3}], uds [{4}].

Review comment:
   Please uppercase uds in all properties files

##
File path: webapps/docs/config/http.xml
##
@@ -208,6 +208,24 @@
   The default is POST
 
 
+
+  Where supported, the path to a unix domain socket that this
+  Connector will create and await incoming connections.
+  Tomcat will automatically remove the socket on server shutdown. If the
+  socket already exists, care must be taken by the administrator to remove
+  the socket after verifying that the socket isn't already being used by an
+  existing Tomcat process.
+
+
+
+  Where supported, the posix permissions that will be applied to the
+  to the unix domain socket specified with path above. The

Review comment:
   Here

##
File path: webapps/docs/config/http.xml
##
@@ -208,6 +208,24 @@
   The default is POST
 
 
+
+  Where supported, the path to a unix domain socket that this
+  Connector will create and await incoming connections.
+  Tomcat will automatically remove the socket on server shutdown. If the
+  socket already exists, care must be taken by the administrator to remove
+  the socket after verifying that the socket isn't already being used by an
+  existing Tomcat process.
+
+
+
+  Where supported, the posix permissions that will be applied to the
+  to the unix domain socket specified with path above. The
+  permissions are specified as a string of nine characters, in three sets
+  of three: (r)ead, (w)rite and e(x)ecute for owner, group and everyone
+  else respectively. If a permission is not granted, a dash is used. If

Review comment:
   dash => hyphen

##
File path: webapps/docs/changelog.xml
##
@@ -124,6 +124,11 @@
 uses the correct setting for the secure attribute for any session
 cookies it creates. Based on a pull request by Andreas Kurth. (markt)
   
+  
+64943: Add support for unix domain sockets to

Review comment:
   And here

##
File path: webapps/docs/config/http.xml
##
@@ -1130,6 +1148,38 @@
   
 
 
+  
+
+  When the path attribute is used, connectors that support
+  unix domain sockets will bind to the socket at the given path. The first

Review comment:
   Upper

##
File path: webapps/docs/config/http.xml
##
@@ -208,6 +208,24 @@
   The default is POST
 
 
+
+  Where supported, the path to a unix domain socket that this
+  Connector will create and await incoming connections.
+  Tomcat will automatically remove the socket on server shutdown. If the
+  socket already exists, care must be taken by the administrator to remove
+  the socket after verifying that the socket isn't already being used by an
+  existing Tomcat process.
+
+
+
+  Where supported, the posix permissions that will be applied to the
+  to the unix domain socket specified with path above. The
+  permissions are specified as a string of nine characters, in three sets
+  of three: (r)ead, (w)rite and e(x)ecute for owner, group and everyone

Review comment:
   everyone is Windows, Unix is others.

##
File path: webapps/docs/config/http.xml
##
@@ -1130,6 +1148,38 @@
   
 
 
+  
+
+  When the path attribute is used, connectors that support
+  unix domain sockets will bind to the socket at the given path. The first
+  connector to support this is

[Bug 64947] New: NPE in UpgradeProcessorExternal constructor

2020-12-01 Thread bugzilla 
https://bz.apache.org/bugzilla/show_bug.cgi?id=64947

Bug ID: 64947
   Summary: NPE in UpgradeProcessorExternal constructor
   Product: Tomcat 9
   Version: 9.0.40
  Hardware: PC
OS: Mac OS X 10.4
Status: NEW
  Severity: normal
  Priority: P2
 Component: Connectors
  Assignee: dev@tomcat.apache.org
  Reporter: majorpe...@gmail.com
  Target Milestone: -

When implementing a custom HttpUpgradeHandler implementation, the connection
upgrade can fail with an NPE and the following stacktrace:

java.lang.NullPointerException
at
org.apache.coyote.http11.upgrade.UpgradeProcessorExternal.(UpgradeProcessorExternal.java:46)
at
org.apache.coyote.http11.AbstractHttp11Protocol.createUpgradeProcessor(AbstractHttp11Protocol.java:1102)
at
org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:912)
at
org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1601)
at
org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
at
java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)
at
java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)
at
org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
at java.base/java.lang.Thread.run(Thread.java:834)

The custom http upgrade handler attempts to customize websocket connection
upgrade, but this upgrade processing is terminated by the NPE caused by the
null upgradeGroupInfo object in UpgradeProcessorExternal constructor.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 64947] NPE in UpgradeProcessorExternal constructor

2020-12-01 Thread bugzilla 
https://bz.apache.org/bugzilla/show_bug.cgi?id=64947

--- Comment #1 from Remy Maucherat  ---
Ok, this is new code that allows collecting stats.

I cannot immediately see why the UpgradeGroupInfo ends up null so more research
could be useful [example code maybe ?], but there is a null check for that in
UpgradeProcessorInternal (the one used most of the time), so adding it in
UpgradeProcessorExternal would likely be a good plan.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 64947] NPE in UpgradeProcessorExternal constructor

2020-12-01 Thread bugzilla 
https://bz.apache.org/bugzilla/show_bug.cgi?id=64947

--- Comment #2 from Peter Major  ---
Sadly I don't have access to the source code (found it when setting up a third
party reverse proxy product). The reason why upgradeGroupInfo is null, is
because AbstractHttp11Protocol#getUpgradeGroupInfo is called with a null
upgradeProtocol.
The reason why upgradeProtocol is null is that Request#upgrade populates it
with response.getHeader("upgrade"), and that is being null. Was that meant to
be request.getHeader instead?

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 64947] NPE in UpgradeProcessorExternal constructor

2020-12-01 Thread bugzilla 
https://bz.apache.org/bugzilla/show_bug.cgi?id=64947

--- Comment #3 from Remy Maucherat  ---
(In reply to Peter Major from comment #2)
> Sadly I don't have access to the source code (found it when setting up a
> third party reverse proxy product). The reason why upgradeGroupInfo is null,
> is because AbstractHttp11Protocol#getUpgradeGroupInfo is called with a null
> upgradeProtocol.
> The reason why upgradeProtocol is null is that Request#upgrade populates it
> with response.getHeader("upgrade"), and that is being null. Was that meant
> to be request.getHeader instead?

Ok, so that makes sense, there is supposed to be a header "upgrade" in the
response, it's mandatory in the 101 response [I suppose the client never checks
it and just checks the 101 status]. But nothing checks for that missing header
in Tomcat, and something has to be improved to avoid the NPE in that case.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat-jakartaee-migration] branch master updated (c52b23c -> 621db72)

2020-12-01 Thread markt 
This is an automated email from the ASF dual-hosted git repository.

markt pushed a change to branch master
in repository 
https://gitbox.apache.org/repos/asf/tomcat-jakartaee-migration.git.


from c52b23c  Update BCEL to 6.5.0
 new c4dc0ca  Add ALv2 header and schema. Simplify.
 new fd3284f  Add src distro. Generate bin and src distro when building.
 new 5dadb63  Add generation of a sources JAR.
 new 621db72  Add Javadoc jar

The 4 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails.  The revisions
listed as "add" were already present in the repository and have only
been added to this reference.


Summary of changes:
 pom.xml  | 36 
 src/assembly/bin.xml | 18 --
 src/assembly/src.xml | 39 +++
 3 files changed, 91 insertions(+), 2 deletions(-)
 create mode 100644 src/assembly/src.xml


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat-jakartaee-migration] 03/04: Add generation of a sources JAR.

2020-12-01 Thread markt 
This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/tomcat-jakartaee-migration.git

commit 5dadb63961504044c2e029857f79e04cadf0c6bc
Author: Mark Thomas 
AuthorDate: Tue Dec 1 16:10:44 2020 +

Add generation of a sources JAR.
---
 pom.xml | 14 ++
 1 file changed, 14 insertions(+)

diff --git a/pom.xml b/pom.xml
index 6109b28..aae118e 100644
--- a/pom.xml
+++ b/pom.xml
@@ -181,6 +181,20 @@
 
   
   
+org.apache.maven.plugins
+maven-source-plugin
+3.2.0
+
+  
+attach-sources
+verify
+
+  jar-no-fork
+
+  
+
+  
+  
 


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat-jakartaee-migration] 04/04: Add Javadoc jar

2020-12-01 Thread markt 
This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/tomcat-jakartaee-migration.git

commit 621db72875777b2575f765a0a1b16b8e6b5c0c22
Author: Mark Thomas 
AuthorDate: Tue Dec 1 16:18:45 2020 +

Add Javadoc jar
---
 pom.xml | 12 
 1 file changed, 12 insertions(+)

diff --git a/pom.xml b/pom.xml
index aae118e..5a177e5 100644
--- a/pom.xml
+++ b/pom.xml
@@ -195,6 +195,18 @@
 
   
   
+org.apache.maven.plugins
+maven-javadoc-plugin
+
+  
+attach-javadocs
+
+  jar
+
+  
+
+  
+  
 


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat-jakartaee-migration] 01/04: Add ALv2 header and schema. Simplify.

2020-12-01 Thread markt 
This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/tomcat-jakartaee-migration.git

commit c4dc0cad8da462321f321f189be6cac47ef6217f
Author: Mark Thomas 
AuthorDate: Tue Dec 1 16:07:33 2020 +

Add ALv2 header and schema. Simplify.
---
 src/assembly/bin.xml | 18 --
 1 file changed, 16 insertions(+), 2 deletions(-)

diff --git a/src/assembly/bin.xml b/src/assembly/bin.xml
index 9ce5462..b59c192 100644
--- a/src/assembly/bin.xml
+++ b/src/assembly/bin.xml
@@ -1,3 +1,19 @@
+
 http://maven.apache.org/ASSEMBLY/2.0.0";
   xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
   xsi:schemaLocation="http://maven.apache.org/ASSEMBLY/2.0.0 
http://maven.apache.org/xsd/assembly-2.0.0.xsd";>
@@ -8,8 +24,6 @@
   
   
 
-  ${project.basedir}
-  
   
 README*
 LICENSE*


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat-jakartaee-migration] 02/04: Add src distro. Generate bin and src distro when building.

2020-12-01 Thread markt 
This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/tomcat-jakartaee-migration.git

commit fd3284f2b7bc303174aed40556cf72acbfe16318
Author: Mark Thomas 
AuthorDate: Tue Dec 1 16:07:56 2020 +

Add src distro. Generate bin and src distro when building.
---
 pom.xml  | 10 ++
 src/assembly/src.xml | 39 +++
 2 files changed, 49 insertions(+)

diff --git a/pom.xml b/pom.xml
index 70f6096..6109b28 100644
--- a/pom.xml
+++ b/pom.xml
@@ -189,8 +189,18 @@
 
   
 src/assembly/bin.xml
+src/assembly/src.xml
   
 
+
+  
+make-assembly
+package
+
+  single
+
+  
+
   
   
 maven-shade-plugin
diff --git a/src/assembly/src.xml b/src/assembly/src.xml
new file mode 100644
index 000..2c66d86
--- /dev/null
+++ b/src/assembly/src.xml
@@ -0,0 +1,39 @@
+
+http://maven.apache.org/ASSEMBLY/2.0.0";
+  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
+  xsi:schemaLocation="http://maven.apache.org/ASSEMBLY/2.0.0 
http://maven.apache.org/xsd/assembly-2.0.0.xsd";>
+  src
+  
+tar.gz
+zip
+  
+  
+
+  
+LICENSE*
+NOTICE*
+pom.xml
+README*
+mvnw*
+  
+
+
+  src
+
+  
+


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat-jakartaee-migration] branch master updated: Update JUnit

2020-12-01 Thread markt 
This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/tomcat-jakartaee-migration.git


The following commit(s) were added to refs/heads/master by this push:
 new 9a3e8a7  Update JUnit
9a3e8a7 is described below

commit 9a3e8a76fdcb2d459d335e151446cf71df13
Author: Mark Thomas 
AuthorDate: Tue Dec 1 16:21:44 2020 +

Update JUnit
---
 pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pom.xml b/pom.xml
index 5a177e5..7845271 100644
--- a/pom.xml
+++ b/pom.xml
@@ -87,7 +87,7 @@
 
   junit
   junit
-  4.13
+  4.13.1
   test
 
   


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat-jakartaee-migration] branch master updated: Increment version to 0.1.0-SNAPSHOT in preparation for a 0.1 release

2020-12-01 Thread markt 
This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/tomcat-jakartaee-migration.git


The following commit(s) were added to refs/heads/master by this push:
 new fd0a785  Increment version to 0.1.0-SNAPSHOT in preparation for a 0.1 
release
fd0a785 is described below

commit fd0a7858779fcdfc942457082bfd293b34c5c4a5
Author: Mark Thomas 
AuthorDate: Tue Dec 1 16:30:39 2020 +

Increment version to 0.1.0-SNAPSHOT in preparation for a 0.1 release
---
 pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pom.xml b/pom.xml
index 7845271..7cf9554 100644
--- a/pom.xml
+++ b/pom.xml
@@ -27,7 +27,7 @@
 
   org.apache.tomcat
   jakartaee-migration
-  0.0.2
+  0.1.0-SNAPSHOT
  
   
 This tool is a work in progress.


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[GitHub] [tomcat-native] minfrin commented on a change in pull request #8: Expose support for Unix Domain Sockets in APR v1.6 and up.

2020-12-01 Thread GitBox 


minfrin commented on a change in pull request #8:
URL: https://github.com/apache/tomcat-native/pull/8#discussion_r533553364



##
File path: xdocs/index.xml
##
@@ -174,6 +175,14 @@ list of changes.
 
   Please see the Apache Tomcat documentation for configuration specifics.
 
+
+
+  When using unix domain sockets a cleanup is registered to delete the

Review comment:
   It's fixed.





This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[GitHub] [tomcat-native] michael-o commented on a change in pull request #8: Expose support for Unix Domain Sockets in APR v1.6 and up.

2020-12-01 Thread GitBox 


michael-o commented on a change in pull request #8:
URL: https://github.com/apache/tomcat-native/pull/8#discussion_r533555103



##
File path: java/org/apache/tomcat/jni/Address.java
##
@@ -40,8 +40,9 @@
 
 /**
  * Create apr_sockaddr_t from hostname, address family, and port.
- * @param hostname The hostname or numeric address string to 
resolve/parse, or
- *   NULL to build an address that corresponds to 0.0.0.0 or ::
+ * @param hostname The hostname or numeric address string to 
resolve/parse, the
+ * path of the unix domain socket, or NULL to build an 
address

Review comment:
   Darn, I missed that one.





This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[GitHub] [tomcat] minfrin commented on pull request #382: Add support for unix domain sockets.

2020-12-01 Thread GitBox 


minfrin commented on pull request #382:
URL: https://github.com/apache/tomcat/pull/382#issuecomment-736674567


   > * A few nits in docs.
   > * I wonder whether we should set default permissions at all and rely on 
the umask.
   > * Tomcat has a umask check (startup listener) which these default 
permissions we basically break that promise...
   
   Relying on the umask makes no practical sense, unfortunately.
   
   The typical umask is 0027, meaning full access for tomcat itself, read 
access for members of the tomcat group (so that logfiles can be read but not 
changed), and no access for anyone else.
   
   The unix domain socket is useless if you can't write to it. What that means 
is that only the tomcat user can send requests to tomcat, and members of the 
tomcat group can't send requests at all, which is completely pointless.
   
   To be in any way useful the socket must be writable, and to do that it 
either needs to default to being writable, or needs to explicitly set as 
writable with at least `pathPermissions="rw-rw"`.



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat-jakartaee-migration] branch master updated: Add scm definition

2020-12-01 Thread markt 
This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/tomcat-jakartaee-migration.git


The following commit(s) were added to refs/heads/master by this push:
 new fda85c2  Add scm definition
fda85c2 is described below

commit fda85c25ecc3326f24e3566411a7d96e4602fa3d
Author: Mark Thomas 
AuthorDate: Tue Dec 1 16:49:43 2020 +

Add scm definition
---
 pom.xml | 20 ++--
 1 file changed, 14 insertions(+), 6 deletions(-)

diff --git a/pom.xml b/pom.xml
index 7cf9554..15dea66 100644
--- a/pom.xml
+++ b/pom.xml
@@ -63,6 +63,8 @@
   
 8
 8
+
+src
   
 
   
@@ -92,6 +94,12 @@
 
   
 
+  
+
scm:git:https://gitbox.apache.org/repos/asf/tomcat-jakartaee-migration.git
+
scm:git:https://gitbox.apache.org/repos/asf/tomcat-jakartaee-migration.git
+
https://gitbox.apache.org/repos/asf?p=tomcat-jakartaee-migration.git
+  
+
   
 
   
@@ -212,12 +220,6 @@
  -->
 maven-assembly-plugin
 3.2.0
-
-  
-src/assembly/bin.xml
-src/assembly/src.xml
-  
-
 
   
 make-assembly
@@ -225,6 +227,12 @@
 
   single
 
+
+  
+src/assembly/bin.xml
+src/assembly/src.xml
+  
+
   
 
   


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[GitHub] [tomcat] minfrin commented on a change in pull request #382: Add support for unix domain sockets.

2020-12-01 Thread GitBox 


minfrin commented on a change in pull request #382:
URL: https://github.com/apache/tomcat/pull/382#discussion_r533567922



##
File path: java/org/apache/catalina/core/LocalStrings.properties
##
@@ -74,7 +74,7 @@ aprListener.aprInitDebug=The Apache Tomcat Native library 
could not be found usi
 aprListener.aprInitError=The Apache Tomcat Native library failed to load. The 
error reported was [{0}]
 aprListener.currentFIPSMode=Current FIPS mode: [{0}]
 aprListener.enterAlreadyInFIPSMode=AprLifecycleListener is configured to force 
entering FIPS mode, but library is already in FIPS mode [{0}]
-aprListener.flags=APR capabilities: IPv6 [{0}], sendfile [{1}], accept filters 
[{2}], random [{3}].
+aprListener.flags=APR capabilities: IPv6 [{0}], sendfile [{1}], accept filters 
[{2}], random [{3}], uds [{4}].

Review comment:
   Done.





This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat-jakartaee-migration] branch master updated: Minimise diff with release:prepare

2020-12-01 Thread markt 
This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/tomcat-jakartaee-migration.git


The following commit(s) were added to refs/heads/master by this push:
 new 8a7568c  Minimise diff with release:prepare
8a7568c is described below

commit 8a7568c427c4aa4dda1dfe788fd1b7546b38d424
Author: Mark Thomas 
AuthorDate: Tue Dec 1 16:54:17 2020 +

Minimise diff with release:prepare
---
 pom.xml | 21 ++---
 1 file changed, 10 insertions(+), 11 deletions(-)

diff --git a/pom.xml b/pom.xml
index 15dea66..a74206d 100644
--- a/pom.xml
+++ b/pom.xml
@@ -15,8 +15,7 @@
   See the License for the specific language governing permissions and
   limitations under the License.
 -->
-http://maven.apache.org/POM/4.0.0"; 
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
-  xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 
http://maven.apache.org/xsd/maven-4.0.0.xsd";>
+http://maven.apache.org/POM/4.0.0"; 
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; 
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 
http://maven.apache.org/xsd/maven-4.0.0.xsd";>
   4.0.0
  
   
@@ -115,7 +114,7 @@
   cobertura-maven-plugin
   2.7
   
-
+
 
   html
   xml
@@ -138,10 +137,10 @@
 
 
   
-
+
 
   
-
+
   
 
 
@@ -154,16 +153,16 @@
 -->
 
   
-
-
+
+
   
   
-
-
+
+
   
   
-
-
+
+
   
 
   


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat-jakartaee-migration] branch master updated: One more diff with release:prepare

2020-12-01 Thread markt 
This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/tomcat-jakartaee-migration.git


The following commit(s) were added to refs/heads/master by this push:
 new 780a940  One more diff with release:prepare
780a940 is described below

commit 780a9405bf976b0337e795a10c31372ed5832cc9
Author: Mark Thomas 
AuthorDate: Tue Dec 1 16:56:25 2020 +

One more diff with release:prepare
---
 pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pom.xml b/pom.xml
index a74206d..9ac2429 100644
--- a/pom.xml
+++ b/pom.xml
@@ -162,7 +162,7 @@
   
   
 
-
+
   
 
   


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[GitHub] [tomcat] minfrin commented on a change in pull request #382: Add support for unix domain sockets.

2020-12-01 Thread GitBox 


minfrin commented on a change in pull request #382:
URL: https://github.com/apache/tomcat/pull/382#discussion_r533571858



##
File path: webapps/docs/config/http.xml
##
@@ -208,6 +208,24 @@
   The default is POST
 
 
+
+  Where supported, the path to a unix domain socket that this
+  Connector will create and await incoming connections.
+  Tomcat will automatically remove the socket on server shutdown. If the
+  socket already exists, care must be taken by the administrator to remove
+  the socket after verifying that the socket isn't already being used by an
+  existing Tomcat process.
+
+
+
+  Where supported, the posix permissions that will be applied to the
+  to the unix domain socket specified with path above. The
+  permissions are specified as a string of nine characters, in three sets
+  of three: (r)ead, (w)rite and e(x)ecute for owner, group and everyone
+  else respectively. If a permission is not granted, a dash is used. If

Review comment:
   Done.

##
File path: webapps/docs/config/http.xml
##
@@ -1130,6 +1148,38 @@
   
 
 
+  
+
+  When the path attribute is used, connectors that support
+  unix domain sockets will bind to the socket at the given path. The first
+  connector to support this is the
+  org.apache.coyote.http11.Http11AprProtocol connector when
+  used with the Apache Tomcat Native library v1.2.26 and up, along with
+  Apache Portable Runtime v1.6 and higher.
+  
+
+  The socket path is created with read and write permissions for all
+  users. To protect this socket, place it in a directory with suitable
+  permissions appropriately configured to restrict access as required.
+  Alternatively, on platforms that support posix permissions, the
+  permissions on the socket can be set directly with the
+  pathPermissions option.
+  
+
+  Tomcat will automatically remove the socket on server shutdown. If the
+  socket already exists startup will fail. Care must be taken by the
+  administrator to remove the socket after verifying that the socket isn't
+  already being used by an existing Tomcat process.
+
+  The unix domain socket can be accessed using the

Review comment:
   Done.

##
File path: webapps/docs/config/http.xml
##
@@ -1130,6 +1148,38 @@
   
 
 
+  
+
+  When the path attribute is used, connectors that support
+  unix domain sockets will bind to the socket at the given path. The first

Review comment:
   Done.

##
File path: webapps/docs/config/http.xml
##
@@ -208,6 +208,24 @@
   The default is POST
 
 
+
+  Where supported, the path to a unix domain socket that this
+  Connector will create and await incoming connections.
+  Tomcat will automatically remove the socket on server shutdown. If the
+  socket already exists, care must be taken by the administrator to remove
+  the socket after verifying that the socket isn't already being used by an
+  existing Tomcat process.
+
+
+
+  Where supported, the posix permissions that will be applied to the
+  to the unix domain socket specified with path above. The
+  permissions are specified as a string of nine characters, in three sets
+  of three: (r)ead, (w)rite and e(x)ecute for owner, group and everyone

Review comment:
   Done.

##
File path: webapps/docs/config/http.xml
##
@@ -208,6 +208,24 @@
   The default is POST
 
 
+
+  Where supported, the path to a unix domain socket that this
+  Connector will create and await incoming connections.
+  Tomcat will automatically remove the socket on server shutdown. If the
+  socket already exists, care must be taken by the administrator to remove
+  the socket after verifying that the socket isn't already being used by an
+  existing Tomcat process.
+
+
+
+  Where supported, the posix permissions that will be applied to the
+  to the unix domain socket specified with path above. The

Review comment:
   Done.

##
File path: webapps/docs/config/http.xml
##
@@ -208,6 +208,24 @@
   The default is POST
 
 
+
+  Where supported, the path to a unix domain socket that this

Review comment:
   Done.

##
File path: webapps/docs/changelog.xml
##
@@ -124,6 +124,11 @@
 uses the correct setting for the secure attribute for any session
 cookies it creates. Based on a pull request by Andreas Kurth. (markt)
   
+  
+64943: Add support for unix domain sockets to

Review comment:
   Done.

##
File path: java/org/apache/tomcat/util/net/LocalStrings.properties
##
@@ -88,6 +88,7 @@ endpoint.init.bind=Socket bind failed: [{0}] [{1}]
 endpoint.init.bind.inherited=No inherited channel while the connector was 
configured to use one
 endpoint.init.listen=Socket listen failed: [{0}] [{1}]
 endpoint.init.notavail=APR not available
+e

[GitHub] [tomcat] michael-o commented on pull request #382: Add support for unix domain sockets.

2020-12-01 Thread GitBox 


michael-o commented on pull request #382:
URL: https://github.com/apache/tomcat/pull/382#issuecomment-736684033


   > The typical umask is 0027, meaning full access for tomcat itself, read 
access for members of the tomcat group (so that logfiles can be read but not 
changed), and no access for anyone else.
   >
   > The unix domain socket is useless if you can't write to it. What that 
means is that only the tomcat user can send requests to tomcat, and members of 
the tomcat group can't send requests at all, which is completely pointless.
   
   Exactly, that's the whole problem.
   
   > To be in any way useful the socket must be writable, and to do that it 
either needs to default to being writable, or needs to explicitly set as 
writable with at least `pathPermissions="rw-rw"`.
   
   So not to undermine the default umask, are we good to take your 
`pathPermissions="rw-rw"` proposal?



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Snapshot published for Jakarta EE migration tool

2020-12-01 Thread Mark Thomas 
Hi all,

I've just published the following snapshot:

https://repository.apache.org/content/groups/snapshots/org/apache/tomcat/jakartaee-migration/0.1.0-SNAPSHOT/

This isn't a formal RC as I am expecting there to be some issues. Please
take a look and report any issues back to this thread.

I hope to clean things up and be in a position to start a formal release
vote late this week / early next.

Thanks,

Mark

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 64947] NPE in UpgradeProcessorExternal constructor

2020-12-01 Thread bugzilla 
https://bz.apache.org/bugzilla/show_bug.cgi?id=64947

--- Comment #4 from Mark Thomas  ---
To re-phrase what Rémy said, we can fix the NPE but this is still going to fail
because the response header is missing. You'll just get a nicer error message.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 64947] NPE in UpgradeProcessorExternal constructor

2020-12-01 Thread bugzilla 
https://bz.apache.org/bugzilla/show_bug.cgi?id=64947

--- Comment #5 from Peter Major  ---
The Upgrade header does eventually show up in the response, but it looks like
it happens after the call to UpgradeProcessorExternal is made (added by an
async servlet). From the browser's point of view I'm getting back a 101
response with the Upgrade header, but the connection is killed pretty much
immediately after that.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 64947] NPE in UpgradeProcessorExternal constructor

2020-12-01 Thread bugzilla 
https://bz.apache.org/bugzilla/show_bug.cgi?id=64947

--- Comment #6 from Mark Thomas  ---
Hmm. Tomcat's Javadocs for HttpServletRequest.upgrade() have language stating
the headers must be set before the method is called. The Servlet spec API does
not have that language. I wonder where that language originated? I'll dig into
it.

As I reviewed the code, it occurred to me we could probably create an "UNKNOWN"
upgrade protocol to use for the stats. Might tweak that slightly so it can't
possibly clash with a valid upgrade header.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: Objection to the deprecation of the tomcat-native/APR connector

2020-12-01 Thread Graham Leggett 
On 01 Dec 2020, at 13:48, Rémy Maucherat  wrote:

> You still have years to plan a migration off the APR connector as it will
> only be removed in 10.1 and Tomcat 9.0 continues to be supported.
> 
> This eventual removal or APR has been discussed for years. BTW, so that you
> know, there are also discussions about AJP.

I am painfully aware of the discussions on the removal of AJP.

I first encountered this problem when Atlassian arbitrarily announced removal 
of support for AJP (I assume off the back of the discussion), leaving no 
practical way to pass certificates across to Tomcat.

For this reason I developed the RFC compliant secure base64url API here:

https://github.com/apache/apr/blob/trunk/include/apr_encode.h 


Organised the donation of and then brought the RFC compliant JSON API up to the 
required security level here:

https://github.com/apache/apr/blob/trunk/include/apr_json.h 


Added digest support to the crypto API here:

https://github.com/apache/apr-util/blob/1.7.x/include/apr_crypto.h 


Add an RFC compliant JOSE implementation here:

https://github.com/apache/apr-util/blob/1.7.x/include/apr_jose.h 


Then added the two modules mod_auth_bearer and mod_autht_jwt here (outstanding 
for want of docs):

http://apache-http-server.18135.x6.nabble.com/Patch-mod-auth-bearer-mod-autht-jwt-An-alternative-to-AJP-td5051929.html#a5051936
 


Then created the option for Tomcat to read info from JWT here:

https://github.com/minfrin/tomcat7-jwt-authenticator 


While it can be tempting to downplay the arbitrary removal of capabilities from 
tomcat as “a few characters” change, or by telling people they  have “years” to 
make a change, the knock-on effect of these changes are significant and very 
expensive.

I would appreciate the help minimising the impact of these changes before I 
encounter them unexpectedly in an update from a vendor.

Regards,
Graham
—

[Bug 64947] NPE in UpgradeProcessorExternal constructor

2020-12-01 Thread bugzilla 
https://bz.apache.org/bugzilla/show_bug.cgi?id=64947

--- Comment #7 from Mark Thomas  ---
I can't fund any EG discussion to support a requirement that the upgrade header
is set on the response before calling HttpServletRequest.upgrade(). I'll see if
can find a different way to get the protocol name.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[GitHub] [tomcat] Sumithkr commented on pull request #381: Create Documentation installing tomcat on ibm cloud

2020-12-01 Thread GitBox 


Sumithkr commented on pull request #381:
URL: https://github.com/apache/tomcat/pull/381#issuecomment-736727209


   https://mariadb.com/kb/en/installing-mariadb-on-ibm-cloud/
   check this same documentation is for tomcat
   
   On Tue, 1 Dec 2020 at 15:28, Rémy Maucherat 
   wrote:
   
   > The wiki can still be a good spot for this kind of thing, as long as it is
   > organized properly and maintained.
   >
   > —
   > You are receiving this because you authored the thread.
   > Reply to this email directly, view it on GitHub
   > , or
   > unsubscribe
   > 

   > .
   >
   



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[GitHub] [tomcat] minfrin commented on pull request #382: Add support for unix domain sockets.

2020-12-01 Thread GitBox 


minfrin commented on pull request #382:
URL: https://github.com/apache/tomcat/pull/382#issuecomment-736746529


   > > To be in any way useful the socket must be writable, and to do that it 
either needs to default to being writable, or needs to explicitly set as 
writable with at least `pathPermissions="rw-rw"`.
   > 
   > So not to undermine the default umask, are we good to take your 
`pathPermissions="rw-rw"` proposal?
   
   I'm not following - the umask makes no sense, not even as a default, so we 
have to override the umask to make it work at all.
   
   I think a sensible approach is "defaults to the same behaviour as localhost, 
visible to all on the box, while offering posixPermissions to the unix people, 
and a protected parent directory for the windows people."
   
   That's where we stand now.



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[GitHub] [tomcat] michael-o commented on pull request #382: Add support for unix domain sockets.

2020-12-01 Thread GitBox 


michael-o commented on pull request #382:
URL: https://github.com/apache/tomcat/pull/382#issuecomment-736761640


   > 
   > 
   > > > To be in any way useful the socket must be writable, and to do that it 
either needs to default to being writable, or needs to explicitly set as 
writable with at least `pathPermissions="rw-rw"`.
   > > 
   > > 
   > > So not to undermine the default umask, are we good to take your 
`pathPermissions="rw-rw"` proposal?
   > 
   > I'm not following - the umask makes no sense, not even as a default, so we 
have to override the umask to make it work at all.
   > 
   > I think a sensible approach is "defaults to the same behaviour as 
localhost, visible to all on the box, while offering posixPermissions to the 
unix people, and a protected parent directory for the windows people."
   > 
   > That's where we stand now.
   
   OK, my slight counter proposal is not use `rw-rw-rw-` as default, but 
`rw-rw` because this would reflect the default umask of 027, i.e, not to 
create anything world readable. For those who need more permissions, they can 
supply a custom string.
   
   I also do understand that localhost is open for everyone on that box, but 
isn't that the whole point of UDS to have more control of the socket?



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[GitHub] [tomcat] michael-o edited a comment on pull request #382: Add support for unix domain sockets.

2020-12-01 Thread GitBox 


michael-o edited a comment on pull request #382:
URL: https://github.com/apache/tomcat/pull/382#issuecomment-736761640


   > 
   > 
   > > > To be in any way useful the socket must be writable, and to do that it 
either needs to default to being writable, or needs to explicitly set as 
writable with at least `pathPermissions="rw-rw"`.
   > > 
   > > 
   > > So not to undermine the default umask, are we good to take your 
`pathPermissions="rw-rw"` proposal?
   > 
   > I'm not following - the umask makes no sense, not even as a default, so we 
have to override the umask to make it work at all.
   > 
   > I think a sensible approach is "defaults to the same behaviour as 
localhost, visible to all on the box, while offering posixPermissions to the 
unix people, and a protected parent directory for the windows people."
   > 
   > That's where we stand now.
   
   OK, my slight counter proposal is not use `rw-rw-rw-` as default, but 
`rw-rw` because this would reflect the default umask of 027, i.e, not to 
create anything world readable. For those who need more permissions, they can 
supply a custom string.
   
   I also do understand that localhost is open for everyone on that box, but 
isn't that the whole point of UDS to have more control over the socket?



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 64947] NPE in UpgradeProcessorExternal constructor

2020-12-01 Thread bugzilla 
https://bz.apache.org/bugzilla/show_bug.cgi?id=64947

--- Comment #8 from Remy Maucherat  ---
(In reply to Mark Thomas from comment #7)
> I can't fund any EG discussion to support a requirement that the upgrade
> header is set on the response before calling HttpServletRequest.upgrade().
> I'll see if can find a different way to get the protocol name.

The javadoc in Tomcat for HttpServletRequest.upgrade is wrong, most likely
things changed in the spec after it was added.

In section 2.3.3.5, the spec says:
"When an upgrade request is received, the servlet can invoke the
HttpServletRequest.upgrade method, which starts the upgrade process. This
method instantiates the given HttpUpgradeHandler class. The returned
HttpUpgradeHandler instance may be further customized. The application prepares
and sends an appropriate response to the client. After exiting the service
method
of the servlet, the servlet container completes the processing of all filters
and marks
the connection to be handled by the HttpUpgradeHandler . It then calls the
HttpUpgradeHandler 's init method, passing a WebConnection to allow the
protocol
handler access to the data streams."

So the actual upgrade happens when the Servlet is done, and nothing is fully
set until then, no flush or commit happens when upgrade is called.
Overall, the behavior of Tomcat is ok except for that use of the response
header.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 64947] NPE in UpgradeProcessorExternal constructor

2020-12-01 Thread bugzilla 
https://bz.apache.org/bugzilla/show_bug.cgi?id=64947

--- Comment #9 from Mark Thomas  ---
I have a fix for this locally. Just need to test it a little more.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 64947] NPE in UpgradeProcessorExternal constructor

2020-12-01 Thread bugzilla 
https://bz.apache.org/bugzilla/show_bug.cgi?id=64947

--- Comment #10 from Peter Major  ---
FYI if you have a PR/branch for this, I can test the fix locally.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 64947] NPE in UpgradeProcessorExternal constructor

2020-12-01 Thread bugzilla 
https://bz.apache.org/bugzilla/show_bug.cgi?id=64947

--- Comment #11 from Mark Thomas  ---
It is now in 9.0.x. Let us know how you get on.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 64947] NPE in UpgradeProcessorExternal constructor

2020-12-01 Thread bugzilla 
https://bz.apache.org/bugzilla/show_bug.cgi?id=64947

--- Comment #12 from Peter Major  ---
Things are looking good so far, haven't seen my websocket requests interrupted
and catalina.out didn't show the NPE either.

Thank you for the quick turnaround.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] 02/05: Use lambda expressions with AccessController.doPrivileged()

2020-12-01 Thread ebourg 
This is an automated email from the ASF dual-hosted git repository.

ebourg pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/tomcat.git

commit 2728f60e83b9b46b5dd2529d6efed70b29da8929
Author: Emmanuel Bourg 
AuthorDate: Wed Dec 2 00:52:02 2020 +0100

Use lambda expressions with AccessController.doPrivileged()
---
 java/jakarta/el/BeanELResolver.java|  8 +-
 java/jakarta/el/ExpressionFactory.java | 28 +--
 .../auth/message/config/AuthConfigFactory.java | 36 -
 java/jakarta/servlet/http/Cookie.java  | 30 ++-
 .../authenticator/SpnegoAuthenticator.java | 13 +--
 .../catalina/core/ApplicationFilterChain.java  |  6 +-
 .../org/apache/catalina/security/SecurityUtil.java |  7 +-
 .../catalina/startup/ClassLoaderFactory.java   | 26 +++---
 java/org/apache/catalina/util/Introspection.java   | 16 +---
 java/org/apache/el/lang/ELSupport.java |  9 +--
 java/org/apache/el/lang/ExpressionBuilder.java |  8 +-
 java/org/apache/el/util/Validation.java| 10 +--
 .../jasper/runtime/JspApplicationContextImpl.java  |  8 +-
 java/org/apache/jasper/runtime/JspFactoryImpl.java |  7 +-
 java/org/apache/jasper/servlet/JspServlet.java | 11 +--
 java/org/apache/juli/ClassLoaderLogManager.java| 33 +++-
 .../apache/naming/factory/MailSessionFactory.java  | 93 +++---
 .../org/apache/naming/factory/SendMailFactory.java | 62 +++
 .../org/apache/tomcat/util/compat/JrePlatform.java |  8 +-
 19 files changed, 141 insertions(+), 278 deletions(-)

diff --git a/java/jakarta/el/BeanELResolver.java 
b/java/jakarta/el/BeanELResolver.java
index 1487033..7525e06 100644
--- a/java/jakarta/el/BeanELResolver.java
+++ b/java/jakarta/el/BeanELResolver.java
@@ -46,13 +46,7 @@ public class BeanELResolver extends ELResolver {
 cacheSizeStr = System.getProperty(CACHE_SIZE_PROP, "1000");
 } else {
 cacheSizeStr = AccessController.doPrivileged(
-new PrivilegedAction() {
-
-@Override
-public String run() {
-return System.getProperty(CACHE_SIZE_PROP, "1000");
-}
-});
+(PrivilegedAction) () -> 
System.getProperty(CACHE_SIZE_PROP, "1000"));
 }
 CACHE_SIZE = Integer.parseInt(cacheSizeStr);
 }
diff --git a/java/jakarta/el/ExpressionFactory.java 
b/java/jakarta/el/ExpressionFactory.java
index 599a179..0777451 100644
--- a/java/jakarta/el/ExpressionFactory.java
+++ b/java/jakarta/el/ExpressionFactory.java
@@ -58,14 +58,8 @@ public abstract class ExpressionFactory {
 static {
 if (IS_SECURITY_ENABLED) {
 PROPERTY_FILE = AccessController.doPrivileged(
-new PrivilegedAction(){
-@Override
-public String run() {
-return System.getProperty("java.home") + 
File.separator +
-"lib" + File.separator + "el.properties";
-}
-
-}
+(PrivilegedAction) () -> 
System.getProperty("java.home") + File.separator +
+"lib" + File.separator + "el.properties"
 );
 } else {
 PROPERTY_FILE = System.getProperty("java.home") + File.separator + 
"lib" +
@@ -333,14 +327,7 @@ public abstract class ExpressionFactory {
 className = getClassNameServices(tccl);
 if (className == null) {
 if (IS_SECURITY_ENABLED) {
-className = AccessController.doPrivileged(
-new PrivilegedAction() {
-@Override
-public String run() {
-return getClassNameJreDir();
-}
-}
-);
+className = 
AccessController.doPrivileged((PrivilegedAction) 
ExpressionFactory::getClassNameJreDir);
 } else {
 // Second el.properties file
 className = getClassNameJreDir();
@@ -348,14 +335,7 @@ public abstract class ExpressionFactory {
 }
 if (className == null) {
 if (IS_SECURITY_ENABLED) {
-className = AccessController.doPrivileged(
-new PrivilegedAction() {
-@Override
-public String run() {
-return getClassNameSysProp();
-}
-}
-);
+className = 
AccessController.doPrivileged((PrivilegedAction) 
ExpressionFactory::getClassNameSysProp);
 } else {
 // Third system property
 className = getClassNameSysProp();
diff --git a/java/jakarta/security/auth/me

[tomcat] 01/05: Use the valueOf() method of the primitive wrapper classes instead of the deprecated constructors (to be removed as part of JEP 390)

2020-12-01 Thread ebourg 
This is an automated email from the ASF dual-hosted git repository.

ebourg pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/tomcat.git

commit 03cd304b28157cce56fdb82bd328477cd8c563cd
Author: Emmanuel Bourg 
AuthorDate: Tue Dec 1 22:35:49 2020 +0100

Use the valueOf() method of the primitive wrapper classes instead of the 
deprecated constructors (to be removed as part of JEP 390)
---
 java/org/apache/jasper/tagplugins/jstl/core/ForEach.java | 16 
 java/org/apache/jasper/tagplugins/jstl/core/If.java  |  2 +-
 java/org/apache/tomcat/util/json/JSONParser.java |  4 ++--
 java/org/apache/tomcat/util/json/JSONParser.jj   |  4 ++--
 4 files changed, 13 insertions(+), 13 deletions(-)

diff --git a/java/org/apache/jasper/tagplugins/jstl/core/ForEach.java 
b/java/org/apache/jasper/tagplugins/jstl/core/ForEach.java
index 0fa6da6..f60b346 100644
--- a/java/org/apache/jasper/tagplugins/jstl/core/ForEach.java
+++ b/java/org/apache/jasper/tagplugins/jstl/core/ForEach.java
@@ -230,7 +230,7 @@ public final class ForEach implements TagPlugin {
 "public boolean hasNext() {\n" +
 "  return index < a.length;}\n" +
 "public Object next() {\n" +
-"  return new Boolean(a[index++]);}\n" +
+"  return Boolean.valueOf(a[index++]);}\n" +
 "public void remove() {}\n" +
 "  });\n" +
 "}"
@@ -244,7 +244,7 @@ public final class ForEach implements TagPlugin {
 "public boolean hasNext() {\n" +
 "  return index < a.length;}\n" +
 "public Object next() {\n" +
-"  return new Byte(a[index++]);}\n" +
+"  return Byte.valueOf(a[index++]);}\n" +
 "public void remove() {}\n" +
 "  });\n" +
 "}"
@@ -258,7 +258,7 @@ public final class ForEach implements TagPlugin {
 "public boolean hasNext() {\n" +
 "  return index < a.length;}\n" +
 "public Object next() {\n" +
-"  return new Character(a[index++]);}\n" +
+"  return Character.valueOf(a[index++]);}\n" +
 "public void remove() {}\n" +
 "  });\n" +
 "}"
@@ -272,7 +272,7 @@ public final class ForEach implements TagPlugin {
 "public boolean hasNext() {\n" +
 "  return index < a.length;}\n" +
 "public Object next() {\n" +
-"  return new Short(a[index++]);}\n" +
+"  return Short.valueOf(a[index++]);}\n" +
 "public void remove() {}\n" +
 "  });\n" +
 "}"
@@ -286,7 +286,7 @@ public final class ForEach implements TagPlugin {
 "public boolean hasNext() {\n" +
 "  return index < a.length;}\n" +
 "public Object next() {\n" +
-"  return new Integer(a[index++]);}\n" +
+"  return Integer.valueOf(a[index++]);}\n" +
 "public void remove() {}\n" +
 "  });\n" +
 "}"
@@ -300,7 +300,7 @@ public final class ForEach implements TagPlugin {
 "public boolean hasNext() {\n" +
 "  return index < a.length;}\n" +
 "public Object next() {\n" +
-"  return new Long(a[index++]);}\n" +
+"  return Long.valueOf(a[index++]);}\n" +
 "public void remove() {}\n" +
 "  });\n" +
 "}"
@@ -314,7 +314,7 @@ public final class ForEach implements TagPlugin {
 "public boolean hasNext() {\n" +
 "  return index < a.length;}\n" +
 "public Object next() {\n" +
-"  return new Float(a[index++]);}\n" +
+"  return Float.valueOf(a[index++]);}\n" +
 "public void remove() {}\n" +
 "  });\n" +
 "}"
@@ -328,7 +328,7 @@ public final class ForEach implements TagPlugin {
 "public boolean hasNext() {\n" +
 "  return index < a.length;}\n" +
 "public Object next() {\n" +
-"  return new Double(a[index++]);}\n" +
+"  return Double.valueOf(a[index++]);}\n" +
 "public void remove() {}\n" +
 "  });\n" +
 "}"
diff --git a/java/org/apache/jasper/tagplugins/jstl/core/If.java 
b/java/org/apache/jasper/tagplugins/jstl/core/If.java
index 62d64e3..15d7e06 100644
--- a/java/org/apache/jasper/tagplugins/jstl/core/If.java
+++ b/java/org/apache/jasper/tagplugins/jstl/core/If.java
@@ -43,7 +43,7 @@ public final class If

[tomcat] 04/05: Replace ThreadLocal inner classes with ThreadLocal.withInitial() + lambda expression

2020-12-01 Thread ebourg 
This is an automated email from the ASF dual-hosted git repository.

ebourg pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/tomcat.git

commit 9f18abee8cf0d9945e62d9a5cdeb2db3206662ce
Author: Emmanuel Bourg 
AuthorDate: Wed Dec 2 01:07:51 2020 +0100

Replace ThreadLocal inner classes with ThreadLocal.withInitial() + lambda 
expression
---
 java/org/apache/catalina/connector/CoyoteAdapter.java |  9 +
 java/org/apache/catalina/filters/RequestDumperFilter.java |  8 +---
 .../apache/catalina/valves/AbstractAccessLogValve.java| 15 ++-
 .../apache/catalina/valves/ExtendedAccessLogValve.java| 14 ++
 java/org/apache/juli/ClassLoaderLogManager.java   |  7 +--
 java/org/apache/juli/OneLineFormatter.java| 15 +++
 java/org/apache/naming/factory/LookupFactory.java |  8 +---
 java/org/apache/tomcat/util/http/CookieProcessorBase.java | 14 +-
 8 files changed, 16 insertions(+), 74 deletions(-)

diff --git a/java/org/apache/catalina/connector/CoyoteAdapter.java 
b/java/org/apache/catalina/connector/CoyoteAdapter.java
index d93b450..5f1b04f 100644
--- a/java/org/apache/catalina/connector/CoyoteAdapter.java
+++ b/java/org/apache/catalina/connector/CoyoteAdapter.java
@@ -79,14 +79,7 @@ public class CoyoteAdapter implements Adapter {
 
 
 private static final ThreadLocal THREAD_NAME =
-new ThreadLocal() {
-
-@Override
-protected String initialValue() {
-return Thread.currentThread().getName();
-}
-
-};
+ThreadLocal.withInitial(() -> Thread.currentThread().getName());
 
 // --- Constructors
 
diff --git a/java/org/apache/catalina/filters/RequestDumperFilter.java 
b/java/org/apache/catalina/filters/RequestDumperFilter.java
index 7b62951..83adb4c 100644
--- a/java/org/apache/catalina/filters/RequestDumperFilter.java
+++ b/java/org/apache/catalina/filters/RequestDumperFilter.java
@@ -57,13 +57,7 @@ public class RequestDumperFilter extends GenericFilter {
 private static final String NON_HTTP_RES_MSG =
 "Not available. Non-http response.";
 
-private static final ThreadLocal timestamp =
-new ThreadLocal() {
-@Override
-protected Timestamp initialValue() {
-return new Timestamp();
-}
-};
+private static final ThreadLocal timestamp = 
ThreadLocal.withInitial(Timestamp::new);
 
 // Log must be non-static as loggers are created per class-loader and this
 // Filter may be used in multiple class loaders
diff --git a/java/org/apache/catalina/valves/AbstractAccessLogValve.java 
b/java/org/apache/catalina/valves/AbstractAccessLogValve.java
index 41c075b..7421d33 100644
--- a/java/org/apache/catalina/valves/AbstractAccessLogValve.java
+++ b/java/org/apache/catalina/valves/AbstractAccessLogValve.java
@@ -408,25 +408,14 @@ public abstract class AbstractAccessLogValve extends 
ValveBase implements Access
  * Thread local date format cache.
  */
 private static final ThreadLocal localDateCache =
-new ThreadLocal() {
-@Override
-protected DateFormatCache initialValue() {
-return new DateFormatCache(localCacheSize, Locale.getDefault(), 
globalDateCache);
-}
-};
+ThreadLocal.withInitial(() -> new DateFormatCache(localCacheSize, 
Locale.getDefault(), globalDateCache));
 
 
 /**
  * The system time when we last updated the Date that this valve
  * uses for log lines.
  */
-private static final ThreadLocal localDate =
-new ThreadLocal() {
-@Override
-protected Date initialValue() {
-return new Date();
-}
-};
+private static final ThreadLocal localDate = 
ThreadLocal.withInitial(Date::new);
 
 /**
  * Are we doing conditional logging. default null.
diff --git a/java/org/apache/catalina/valves/ExtendedAccessLogValve.java 
b/java/org/apache/catalina/valves/ExtendedAccessLogValve.java
index c791c12..d717bac 100644
--- a/java/org/apache/catalina/valves/ExtendedAccessLogValve.java
+++ b/java/org/apache/catalina/valves/ExtendedAccessLogValve.java
@@ -207,12 +207,7 @@ public class ExtendedAccessLogValve extends AccessLogValve 
{
 private static final long INTERVAL = (1000 * 60 * 60 * 24);
 
 private static final ThreadLocal currentDate =
-new ThreadLocal() {
-@Override
-protected ElementTimestampStruct initialValue() {
-return new ElementTimestampStruct("-MM-dd");
-}
-};
+ThreadLocal.withInitial(() -> new 
ElementTimestampStruct("-MM-dd"));
 
 @Override
 public void addElement(CharArrayWriter buf, Date date, Request request,
@@ -235,12 +230,7 @@ public class ExtendedAccessLogValve extends

[tomcat] branch master updated (98fd8e1 -> f3b75d2)

2020-12-01 Thread ebourg 
This is an automated email from the ASF dual-hosted git repository.

ebourg pushed a change to branch master
in repository https://gitbox.apache.org/repos/asf/tomcat.git.


from 98fd8e1  Fix BZ 64947. NPE on custom HTTP upgrade
 new 03cd304  Use the valueOf() method of the primitive wrapper classes 
instead of the deprecated constructors (to be removed as part of JEP 390)
 new 2728f60  Use lambda expressions with AccessController.doPrivileged()
 new 2475022  Use method references instead of lambda expressions when 
possible
 new 9f18abe  Replace ThreadLocal inner classes with 
ThreadLocal.withInitial() + lambda expression
 new f3b75d2  Replace Runnable inner classes with lambda expressions

The 5 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails.  The revisions
listed as "add" were already present in the repository and have only
been added to this reference.


Summary of changes:
 java/jakarta/el/BeanELResolver.java|  8 +-
 java/jakarta/el/ExpressionFactory.java | 28 +--
 .../auth/message/config/AuthConfigFactory.java | 36 -
 java/jakarta/servlet/http/Cookie.java  | 30 ++-
 .../authenticator/SpnegoAuthenticator.java | 13 +--
 .../apache/catalina/connector/CoyoteAdapter.java   |  9 +--
 .../catalina/core/ApplicationFilterChain.java  |  6 +-
 java/org/apache/catalina/core/StandardServer.java  | 14 +---
 .../catalina/filters/RequestDumperFilter.java  |  8 +-
 .../catalina/filters/RestCsrfPreventionFilter.java | 14 ++--
 .../org/apache/catalina/security/SecurityUtil.java |  7 +-
 java/org/apache/catalina/servlets/CGIServlet.java  |  7 +-
 .../catalina/startup/ClassLoaderFactory.java   | 26 +++---
 .../apache/catalina/tribes/group/GroupChannel.java |  8 +-
 .../interceptors/MessageDispatchInterceptor.java   |  8 +-
 .../interceptors/StaticMembershipInterceptor.java  | 11 +--
 .../tribes/membership/McastServiceImpl.java| 91 +
 .../membership/StaticMembershipProvider.java   | 34 
 .../membership/cloud/CloudMembershipProvider.java  | 34 
 .../tribes/transport/nio/NioReplicationTask.java   | 46 +--
 java/org/apache/catalina/users/MemoryGroup.java|  2 +-
 java/org/apache/catalina/util/Introspection.java   | 16 +---
 .../catalina/valves/AbstractAccessLogValve.java| 15 +---
 .../catalina/valves/ExtendedAccessLogValve.java| 14 +---
 java/org/apache/coyote/AbstractProtocol.java   | 20 ++---
 .../apache/coyote/http2/Http2UpgradeHandler.java   |  2 +-
 java/org/apache/el/lang/ELSupport.java |  9 +--
 java/org/apache/el/lang/ExpressionBuilder.java |  8 +-
 java/org/apache/el/util/Validation.java| 10 +--
 .../jasper/runtime/JspApplicationContextImpl.java  |  8 +-
 java/org/apache/jasper/runtime/JspFactoryImpl.java |  7 +-
 java/org/apache/jasper/servlet/JspServlet.java | 11 +--
 .../jasper/tagplugins/jstl/core/ForEach.java   | 16 ++--
 .../org/apache/jasper/tagplugins/jstl/core/If.java |  2 +-
 java/org/apache/juli/ClassLoaderLogManager.java| 40 +++---
 java/org/apache/juli/OneLineFormatter.java | 15 +---
 java/org/apache/naming/factory/LookupFactory.java  |  8 +-
 .../apache/naming/factory/MailSessionFactory.java  | 93 +++---
 .../org/apache/naming/factory/SendMailFactory.java | 62 +++
 .../org/apache/tomcat/util/compat/JrePlatform.java |  8 +-
 .../tomcat/util/http/CookieProcessorBase.java  | 14 ++--
 java/org/apache/tomcat/util/json/JSONParser.java   |  4 +-
 java/org/apache/tomcat/util/json/JSONParser.jj |  4 +-
 .../apache/tomcat/util/modeler/ManagedBean.java|  2 +-
 java/org/apache/tomcat/util/net/Nio2Endpoint.java  | 21 +++--
 .../ObjectReflectionPropertyInspector.java |  2 +-
 46 files changed, 291 insertions(+), 560 deletions(-)


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] 05/05: Replace Runnable inner classes with lambda expressions

2020-12-01 Thread ebourg 
This is an automated email from the ASF dual-hosted git repository.

ebourg pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/tomcat.git

commit f3b75d2eddd5832b2deab423ab7d9b2415ac77f5
Author: Emmanuel Bourg 
AuthorDate: Wed Dec 2 01:16:12 2020 +0100

Replace Runnable inner classes with lambda expressions
---
 java/org/apache/catalina/core/StandardServer.java  | 14 +---
 java/org/apache/catalina/servlets/CGIServlet.java  |  7 +-
 .../apache/catalina/tribes/group/GroupChannel.java |  8 +-
 .../interceptors/MessageDispatchInterceptor.java   |  8 +-
 .../interceptors/StaticMembershipInterceptor.java  | 11 +--
 .../tribes/membership/McastServiceImpl.java| 91 ++
 .../membership/StaticMembershipProvider.java   | 34 
 .../membership/cloud/CloudMembershipProvider.java  | 34 
 .../tribes/transport/nio/NioReplicationTask.java   | 46 +--
 java/org/apache/coyote/AbstractProtocol.java   | 20 ++---
 java/org/apache/tomcat/util/net/Nio2Endpoint.java  | 21 +++--
 11 files changed, 112 insertions(+), 182 deletions(-)

diff --git a/java/org/apache/catalina/core/StandardServer.java 
b/java/org/apache/catalina/core/StandardServer.java
index cfbdc09..1ac8676 100644
--- a/java/org/apache/catalina/core/StandardServer.java
+++ b/java/org/apache/catalina/core/StandardServer.java
@@ -933,12 +933,7 @@ public final class StandardServer extends 
LifecycleMBeanBase implements Server {
 
 if (periodicEventDelay > 0) {
 monitorFuture = getUtilityExecutor().scheduleWithFixedDelay(
-new Runnable() {
-@Override
-public void run() {
-startPeriodicLifecycleEvent();
-}
-}, 0, 60, TimeUnit.SECONDS);
+() -> startPeriodicLifecycleEvent(), 0, 60, 
TimeUnit.SECONDS);
 }
 }
 
@@ -954,12 +949,7 @@ public final class StandardServer extends 
LifecycleMBeanBase implements Server {
 }
 }
 periodicLifecycleEventFuture = 
getUtilityExecutor().scheduleAtFixedRate(
-new Runnable() {
-@Override
-public void run() {
-fireLifecycleEvent(Lifecycle.PERIODIC_EVENT, null);
-}
-}, periodicEventDelay, periodicEventDelay, 
TimeUnit.SECONDS);
+() -> fireLifecycleEvent(Lifecycle.PERIODIC_EVENT, null), 
periodicEventDelay, periodicEventDelay, TimeUnit.SECONDS);
 }
 }
 
diff --git a/java/org/apache/catalina/servlets/CGIServlet.java 
b/java/org/apache/catalina/servlets/CGIServlet.java
index 0dd5412..a9e9c1a 100644
--- a/java/org/apache/catalina/servlets/CGIServlet.java
+++ b/java/org/apache/catalina/servlets/CGIServlet.java
@@ -1666,12 +1666,7 @@ public final class CGIServlet extends HttpServlet {
 (new InputStreamReader(proc.getErrorStream()));
 final BufferedReader stdErrRdr = commandsStdErr ;
 
-errReaderThread = new Thread() {
-@Override
-public void run () {
-sendToLog(stdErrRdr);
-}
-};
+errReaderThread = new Thread(() -> sendToLog(stdErrRdr));
 errReaderThread.start();
 
 InputStream cgiHeaderStream =
diff --git a/java/org/apache/catalina/tribes/group/GroupChannel.java 
b/java/org/apache/catalina/tribes/group/GroupChannel.java
index 1bb558a..abd9303 100644
--- a/java/org/apache/catalina/tribes/group/GroupChannel.java
+++ b/java/org/apache/catalina/tribes/group/GroupChannel.java
@@ -476,13 +476,7 @@ public class GroupChannel extends ChannelInterceptorBase
 ownExecutor = true;
 }
 super.start(svc);
-monitorFuture = utilityExecutor.scheduleWithFixedDelay(
-new Runnable() {
-@Override
-public void run() {
-startHeartbeat();
-}
-}, 0, 60, TimeUnit.SECONDS);
+monitorFuture = 
utilityExecutor.scheduleWithFixedDelay(this::startHeartbeat, 0, 60, 
TimeUnit.SECONDS);
 }
 
 protected void startHeartbeat() {
diff --git 
a/java/org/apache/catalina/tribes/group/interceptors/MessageDispatchInterceptor.java
 
b/java/org/apache/catalina/tribes/group/interceptors/MessageDispatchInterceptor.java
index ef869a6..18b9775 100644
--- 
a/java/org/apache/catalina/tribes/group/interceptors/MessageDispatchInterceptor.java
+++ 
b/java/org/apache/catalina/tribes/group/interceptors/MessageDispatchInterceptor.java
@@ -97,13 +97,7 @@ public class MessageDispatchInterceptor extends 
ChannelInterceptorBase
 
 public boolean addToQueue(final ChannelMessage msg, final Member[] 
destination,
 final InterceptorPayload payload) {
-

[tomcat] 03/05: Use method references instead of lambda expressions when possible

2020-12-01 Thread ebourg 
This is an automated email from the ASF dual-hosted git repository.

ebourg pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/tomcat.git

commit 24750228694b58e7631afeedf651a9f15779bad3
Author: Emmanuel Bourg 
AuthorDate: Wed Dec 2 00:55:34 2020 +0100

Use method references instead of lambda expressions when possible
---
 .../apache/catalina/filters/RestCsrfPreventionFilter.java  | 14 +-
 java/org/apache/catalina/users/MemoryGroup.java|  2 +-
 java/org/apache/coyote/http2/Http2UpgradeHandler.java  |  2 +-
 java/org/apache/tomcat/util/modeler/ManagedBean.java   |  2 +-
 .../xreflection/ObjectReflectionPropertyInspector.java |  2 +-
 5 files changed, 9 insertions(+), 13 deletions(-)

diff --git a/java/org/apache/catalina/filters/RestCsrfPreventionFilter.java 
b/java/org/apache/catalina/filters/RestCsrfPreventionFilter.java
index b557ab8..dd787bc 100644
--- a/java/org/apache/catalina/filters/RestCsrfPreventionFilter.java
+++ b/java/org/apache/catalina/filters/RestCsrfPreventionFilter.java
@@ -129,16 +129,13 @@ public class RestCsrfPreventionFilter extends 
CsrfPreventionFilterBase {
 }
 
 private static interface RestCsrfPreventionStrategy {
-static final NonceSupplier 
nonceFromRequestHeader = (r, k) -> r
-.getHeader(k);
-static final NonceSupplier 
nonceFromRequestParams = (r, k) -> r
-.getParameterValues(k);
+static final NonceSupplier 
nonceFromRequestHeader = HttpServletRequest::getHeader;
+static final NonceSupplier 
nonceFromRequestParams = ServletRequest::getParameterValues;
 static final NonceSupplier nonceFromSession = (s, 
k) -> Objects
 .isNull(s) ? null : (String) s.getAttribute(k);
 
-static final NonceConsumer nonceToResponse = (r, 
k, v) -> r.setHeader(
-k, v);
-static final NonceConsumer nonceToSession = (s, k, v) -> 
s.setAttribute(k, v);
+static final NonceConsumer nonceToResponse = 
HttpServletResponse::setHeader;
+static final NonceConsumer nonceToSession = 
HttpSession::setAttribute;
 
 boolean apply(HttpServletRequest request, HttpServletResponse 
response) throws IOException;
 }
@@ -194,8 +191,7 @@ public class RestCsrfPreventionFilter extends 
CsrfPreventionFilterBase {
 }
 
 private class FetchRequest implements RestCsrfPreventionStrategy {
-private final Predicate fetchRequest = s -> 
Constants.CSRF_REST_NONCE_HEADER_FETCH_VALUE
-.equalsIgnoreCase(s);
+private final Predicate fetchRequest = 
Constants.CSRF_REST_NONCE_HEADER_FETCH_VALUE::equalsIgnoreCase;
 
 @Override
 public boolean apply(HttpServletRequest request, HttpServletResponse 
response) {
diff --git a/java/org/apache/catalina/users/MemoryGroup.java 
b/java/org/apache/catalina/users/MemoryGroup.java
index 2d793e6..5a8a12c 100644
--- a/java/org/apache/catalina/users/MemoryGroup.java
+++ b/java/org/apache/catalina/users/MemoryGroup.java
@@ -187,7 +187,7 @@ public class MemoryGroup extends AbstractGroup {
 synchronized (roles) {
 if (roles.size() > 0) {
 sb.append(" roles=\"");
-StringUtils.join(roles, ',', (x) -> x.getRolename(), sb);
+StringUtils.join(roles, ',', Role::getRolename, sb);
 sb.append("\"");
 }
 }
diff --git a/java/org/apache/coyote/http2/Http2UpgradeHandler.java 
b/java/org/apache/coyote/http2/Http2UpgradeHandler.java
index 0307ece..054f3bc 100644
--- a/java/org/apache/coyote/http2/Http2UpgradeHandler.java
+++ b/java/org/apache/coyote/http2/Http2UpgradeHandler.java
@@ -1839,7 +1839,7 @@ class Http2UpgradeHandler extends AbstractStream 
implements InternalHttpUpgradeH
 }
 
 public long getRoundTripTimeNano() {
-return (long) roundTripTimes.stream().mapToLong(x -> 
x.longValue()).average().orElse(0);
+return (long) 
roundTripTimes.stream().mapToLong(Long::longValue).average().orElse(0);
 }
 }
 
diff --git a/java/org/apache/tomcat/util/modeler/ManagedBean.java 
b/java/org/apache/tomcat/util/modeler/ManagedBean.java
index 6215200..36084ad 100644
--- a/java/org/apache/tomcat/util/modeler/ManagedBean.java
+++ b/java/org/apache/tomcat/util/modeler/ManagedBean.java
@@ -559,7 +559,7 @@ public class ManagedBean implements java.io.Serializable {
 private String createOperationKey(OperationInfo operation) {
 StringBuilder key = new StringBuilder(operation.getName());
 key.append('(');
-StringUtils.join(operation.getSignature(), ',', (x) -> x.getType(), 
key);
+StringUtils.join(operation.getSignature(), ',', FeatureInfo::getType, 
key);
 key.append(')');
 
 return key.toString().intern();
diff --git 
a/java/org/apache/tomcat/util/xreflection/ObjectReflectionPropertyInspector.java
 
b/java/org/apache/tomcat/util/xreflection/ObjectReflectionP

[tomcat] branch master updated (f3b75d2 -> 382dffc)

2020-12-01 Thread ebourg 
This is an automated email from the ASF dual-hosted git repository.

ebourg pushed a change to branch master
in repository https://gitbox.apache.org/repos/asf/tomcat.git.


from f3b75d2  Replace Runnable inner classes with lambda expressions
 new 521b3a3  Replace Collections.sort() with List.sort()
 new 382dffc  Replace loops with Collection.removeIf() when possible

The 2 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails.  The revisions
listed as "add" were already present in the repository and have only
been added to this reference.


Summary of changes:
 java/org/apache/catalina/core/ApplicationPushBuilder.java  |  9 +
 java/org/apache/catalina/manager/HTMLManagerServlet.java   |  2 +-
 java/org/apache/catalina/ssi/SSIMediator.java  |  9 +
 java/org/apache/catalina/startup/WebappServiceLoader.java  |  8 +---
 java/org/apache/catalina/tribes/group/AbsoluteOrder.java   |  2 +-
 java/org/apache/el/stream/Stream.java  |  2 +-
 .../tomcat/buildutil/translate/BackportTranslations.java   | 10 +-
 java/org/apache/tomcat/util/descriptor/web/WebXml.java |  8 +---
 .../tomcat/util/modeler/BaseNotificationBroadcaster.java   |  9 +
 9 files changed, 9 insertions(+), 50 deletions(-)


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] 01/02: Replace Collections.sort() with List.sort()

2020-12-01 Thread ebourg 
This is an automated email from the ASF dual-hosted git repository.

ebourg pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/tomcat.git

commit 521b3a3e481ae121d5006124611a89a4c4a1302e
Author: Emmanuel Bourg 
AuthorDate: Wed Dec 2 01:28:25 2020 +0100

Replace Collections.sort() with List.sort()
---
 java/org/apache/catalina/manager/HTMLManagerServlet.java | 2 +-
 java/org/apache/catalina/tribes/group/AbsoluteOrder.java | 2 +-
 java/org/apache/el/stream/Stream.java| 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/java/org/apache/catalina/manager/HTMLManagerServlet.java 
b/java/org/apache/catalina/manager/HTMLManagerServlet.java
index 53e1ebc..c2e5179 100644
--- a/java/org/apache/catalina/manager/HTMLManagerServlet.java
+++ b/java/org/apache/catalina/manager/HTMLManagerServlet.java
@@ -957,7 +957,7 @@ public final class HTMLManagerServlet extends 
ManagerServlet {
 orderBy = "DESC";
 }
 try {
-Collections.sort(sessions, comparator);
+sessions.sort(comparator);
 } catch (IllegalStateException ise) {
 // at least 1 of the sessions is invalidated
 req.setAttribute(APPLICATION_ERROR, "Can't sort session 
list: one session is invalidated");
diff --git a/java/org/apache/catalina/tribes/group/AbsoluteOrder.java 
b/java/org/apache/catalina/tribes/group/AbsoluteOrder.java
index 974c606..20e8b43 100644
--- a/java/org/apache/catalina/tribes/group/AbsoluteOrder.java
+++ b/java/org/apache/catalina/tribes/group/AbsoluteOrder.java
@@ -58,7 +58,7 @@ public class AbsoluteOrder {
 
 public static void absoluteOrder(List members) {
 if ( members == null || members.size() <= 1 ) return;
-java.util.Collections.sort(members, comp);
+members.sort(comp);
 }
 
 public static class AbsoluteComparator implements Comparator,
diff --git a/java/org/apache/el/stream/Stream.java 
b/java/org/apache/el/stream/Stream.java
index 274369f..c2ac84a 100644
--- a/java/org/apache/el/stream/Stream.java
+++ b/java/org/apache/el/stream/Stream.java
@@ -175,7 +175,7 @@ public class Stream {
 while (iterator.hasNext()) {
 list.add(iterator.next());
 }
-Collections.sort(list, c);
+list.sort(c);
 sorted = list.iterator();
 }
 };


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] 02/02: Replace loops with Collection.removeIf() when possible

2020-12-01 Thread ebourg 
This is an automated email from the ASF dual-hosted git repository.

ebourg pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/tomcat.git

commit 382dffc41f4f84e6d775739f73c4a1aac1711bb8
Author: Emmanuel Bourg 
AuthorDate: Wed Dec 2 01:34:34 2020 +0100

Replace loops with Collection.removeIf() when possible
---
 java/org/apache/catalina/core/ApplicationPushBuilder.java  |  9 +
 java/org/apache/catalina/ssi/SSIMediator.java  |  9 +
 java/org/apache/catalina/startup/WebappServiceLoader.java  |  8 +---
 .../tomcat/buildutil/translate/BackportTranslations.java   | 10 +-
 java/org/apache/tomcat/util/descriptor/web/WebXml.java |  8 +---
 .../tomcat/util/modeler/BaseNotificationBroadcaster.java   |  9 +
 6 files changed, 6 insertions(+), 47 deletions(-)

diff --git a/java/org/apache/catalina/core/ApplicationPushBuilder.java 
b/java/org/apache/catalina/core/ApplicationPushBuilder.java
index be03176..0b5679b 100644
--- a/java/org/apache/catalina/core/ApplicationPushBuilder.java
+++ b/java/org/apache/catalina/core/ApplicationPushBuilder.java
@@ -22,7 +22,6 @@ import java.util.Arrays;
 import java.util.Collections;
 import java.util.Enumeration;
 import java.util.HashSet;
-import java.util.Iterator;
 import java.util.List;
 import java.util.Locale;
 import java.util.Map;
@@ -147,13 +146,7 @@ public class ApplicationPushBuilder implements PushBuilder 
{
 if (responseCookie.getMaxAge() < 0) {
 // Path information not available so can only remove based on
 // name.
-Iterator cookieIterator = cookies.iterator();
-while (cookieIterator.hasNext()) {
-Cookie cookie = cookieIterator.next();
-if (cookie.getName().equals(responseCookie.getName())) {
-cookieIterator.remove();
-}
-}
+cookies.removeIf(cookie -> 
cookie.getName().equals(responseCookie.getName()));
 } else {
 cookies.add(new Cookie(responseCookie.getName(), 
responseCookie.getValue()));
 }
diff --git a/java/org/apache/catalina/ssi/SSIMediator.java 
b/java/org/apache/catalina/ssi/SSIMediator.java
index 1a1c892..3de7bd5 100644
--- a/java/org/apache/catalina/ssi/SSIMediator.java
+++ b/java/org/apache/catalina/ssi/SSIMediator.java
@@ -21,7 +21,6 @@ import java.nio.charset.StandardCharsets;
 import java.util.Collection;
 import java.util.Date;
 import java.util.HashSet;
-import java.util.Iterator;
 import java.util.Locale;
 import java.util.Set;
 import java.util.TimeZone;
@@ -127,13 +126,7 @@ public class SSIMediator {
 variableNames.add("LAST_MODIFIED");
 ssiExternalResolver.addVariableNames(variableNames);
 //Remove any variables that are reserved by this class
-Iterator iter = variableNames.iterator();
-while (iter.hasNext()) {
-String name = iter.next();
-if (isNameReserved(name)) {
-iter.remove();
-}
-}
+variableNames.removeIf(this::isNameReserved);
 return variableNames;
 }
 
diff --git a/java/org/apache/catalina/startup/WebappServiceLoader.java 
b/java/org/apache/catalina/startup/WebappServiceLoader.java
index e222940..3c0415a 100644
--- a/java/org/apache/catalina/startup/WebappServiceLoader.java
+++ b/java/org/apache/catalina/startup/WebappServiceLoader.java
@@ -27,7 +27,6 @@ import java.util.ArrayList;
 import java.util.Collections;
 import java.util.Enumeration;
 import java.util.HashSet;
-import java.util.Iterator;
 import java.util.LinkedHashSet;
 import java.util.List;
 import java.util.Set;
@@ -124,12 +123,7 @@ public class WebappServiceLoader {
 
 // Filter the discovered container SCIs if required
 if (containerSciFilterPattern != null) {
-Iterator iter = containerServiceClassNames.iterator();
-while (iter.hasNext()) {
-if (containerSciFilterPattern.matcher(iter.next()).find()) {
-iter.remove();
-}
-}
+containerServiceClassNames.removeIf(s -> 
containerSciFilterPattern.matcher(s).find());
 }
 
 // Obtaining the application provided configuration files is a little
diff --git 
a/java/org/apache/tomcat/buildutil/translate/BackportTranslations.java 
b/java/org/apache/tomcat/buildutil/translate/BackportTranslations.java
index 1da15de..cb20a01 100644
--- a/java/org/apache/tomcat/buildutil/translate/BackportTranslations.java
+++ b/java/org/apache/tomcat/buildutil/translate/BackportTranslations.java
@@ -17,8 +17,6 @@
 package org.apache.tomcat.buildutil.translate;
 
 import java.io.IOException;
-import java.util.Iterator;
-import java.util.Map;
 import java.util.Properties;
 
 /**
@@ -63,13 +61,7 @@ public class BackportTranslations extends BackportBase {
 }

Re: Objection to the deprecation of the tomcat-native/APR connector

2020-12-01 Thread Martin Grigorov 
Hi Graham,

On Tue, Dec 1, 2020 at 7:43 PM Graham Leggett 
wrote:

> On 01 Dec 2020, at 13:48, Rémy Maucherat  wrote:
>
> > You still have years to plan a migration off the APR connector as it will
> > only be removed in 10.1 and Tomcat 9.0 continues to be supported.
> >
> > This eventual removal or APR has been discussed for years. BTW, so that
> you
> > know, there are also discussions about AJP.
>
> I am painfully aware of the discussions on the removal of AJP.
>
> I first encountered this problem when Atlassian arbitrarily announced
> removal of support for AJP (I assume off the back of the discussion),
> leaving no practical way to pass certificates across to Tomcat.
>
> For this reason I developed the RFC compliant secure base64url API here:
>
> https://github.com/apache/apr/blob/trunk/include/apr_encode.h <
> https://github.com/apache/apr/blob/trunk/include/apr_encode.h>
>
> Organised the donation of and then brought the RFC compliant JSON API up
> to the required security level here:
>
> https://github.com/apache/apr/blob/trunk/include/apr_json.h <
> https://github.com/apache/apr/blob/trunk/include/apr_json.h>
>
> Added digest support to the crypto API here:
>
> https://github.com/apache/apr-util/blob/1.7.x/include/apr_crypto.h <
> https://github.com/apache/apr-util/blob/1.7.x/include/apr_crypto.h>
>
> Add an RFC compliant JOSE implementation here:
>
> https://github.com/apache/apr-util/blob/1.7.x/include/apr_jose.h <
> https://github.com/apache/apr-util/blob/1.7.x/include/apr_jose.h>
>
> Then added the two modules mod_auth_bearer and mod_autht_jwt here
> (outstanding for want of docs):
>
>
> http://apache-http-server.18135.x6.nabble.com/Patch-mod-auth-bearer-mod-autht-jwt-An-alternative-to-AJP-td5051929.html#a5051936
> <
> http://apache-http-server.18135.x6.nabble.com/Patch-mod-auth-bearer-mod-autht-jwt-An-alternative-to-AJP-td5051929.html#a5051936
> >
>
> Then created the option for Tomcat to read info from JWT here:
>
> https://github.com/minfrin/tomcat7-jwt-authenticator <
> https://github.com/minfrin/tomcat7-jwt-authenticator>
>
> While it can be tempting to downplay the arbitrary removal of capabilities
> from tomcat as “a few characters” change, or by telling people they  have
> “years” to make a change, the knock-on effect of these changes are
> significant and very expensive.
>
> I would appreciate the help minimising the impact of these changes before
> I encounter them unexpectedly in an update from a vendor.
>

As I suggested in your PR about Unix Domain Sockets support - what about
extracting the APR (and AJP ?!) code into its own project!
The main work has been done over the years. Now it just needs someone to
maintain it.

Regards,
Martin


>
> Regards,
> Graham
> —
>
>