Am 2019-10-11 um 15:10 schrieb Rémy Maucherat:
On Fri, Oct 11, 2019 at 1:51 PM Michael Osipov wrote:
Am 2019-10-11 um 11:32 schrieb Rémy Maucherat:
On Fri, Oct 11, 2019 at 10:43 AM Mark Thomas wrote:
On 11/10/2019 09:30, micha...@apache.org wrote:
This is an automated email from the ASF
Am 2019-10-11 um 14:35 schrieb Rémy Maucherat:
On Fri, Oct 11, 2019 at 1:49 PM Michael Osipov wrote:
Am 2019-10-11 um 11:51 schrieb Rémy Maucherat:
On Fri, Oct 11, 2019 at 10:30 AM wrote:
This is an automated email from the ASF dual-hosted git repository.
michaelo pushed a commit
Folks,
while working on BZ-63835 I have noticed an odd thing and I'd like
someone to review whether my code/understanding is wrong or the one
already present in Tomcat.
Note: The same code path in HTTPd behaves corectly.
Consider this output received by curl:
HTTP/1.1 302
Am 2019-10-11 um 11:32 schrieb Rémy Maucherat:
On Fri, Oct 11, 2019 at 10:43 AM Mark Thomas wrote:
On 11/10/2019 09:30, micha...@apache.org wrote:
This is an automated email from the ASF dual-hosted git repository.
michaelo pushed a change to branch BZ-63835/8.5.x
New features should be
6ff2233cbbd27c9c2c649208a21931e5f3e132a6
Author: Michael Osipov
AuthorDate: Fri Oct 11 10:30:08 2019 +0200
First draft
+if (keepAliveTimeout > 0) {
+String value = "timeout=" +
TimeUnit.MILLISECONDS.toSeconds(kee
Am 2019-10-09 um 23:46 schrieb Michael Osipov:
Am 2019-10-09 um 23:23 schrieb Mark Thomas:
On 09/10/2019 22:03, Michael Osipov wrote:
Am 2019-10-09 um 19:08 schrieb Mark Thomas:
On 09/10/2019 16:58, Michael Osipov wrote:
Folks,
while working on an improvement for Http11Processor I have
Am 2019-10-09 um 23:23 schrieb Mark Thomas:
On 09/10/2019 22:03, Michael Osipov wrote:
Am 2019-10-09 um 19:08 schrieb Mark Thomas:
On 09/10/2019 16:58, Michael Osipov wrote:
Folks,
while working on an improvement for Http11Processor I have noticed there
constructs:
if ((contentEncodingMB
Am 2019-10-09 um 19:08 schrieb Mark Thomas:
On 09/10/2019 16:58, Michael Osipov wrote:
Folks,
while working on an improvement for Http11Processor I have noticed there
constructs:
if ((contentEncodingMB != null)
(contentEncodingMB.indexOf("gzip") != -1))
The parsing of th
Am 2019-10-09 um 21:35 schrieb Christopher Schultz:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Michael,
On 10/9/19 11:36, Michael Osipov wrote:
Am 2019-10-07 um 16:54 schrieb Christopher Schultz:
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256
Or, since svn is HTTP, you can just use
Am 2019-10-09 um 18:55 schrieb Mark Thomas:
On 09/10/2019 16:48, Michael Osipov wrote:
and
Testcase: testMultipleHostHeaders took 1,385 sec
FAILED
expected:<...content-length]-[112[7]
1-Header-[date]-[Wed, 11 Nov 2015 19:18:42 GMT]
1-HeadersEnd
1-Body-1127]
1-EndOfStr
Am 2019-10-09 um 19:14 schrieb Mark Thomas:
On 09/10/2019 17:36, Michael Osipov wrote:
I have been wondering recently why are we bundling
commons-daemon-native.tar.gz and tomcat-native.tar.gz every time with a
new release at all?
Because users find it convenient to have the latest versions
Just found another bug:
private static boolean isConnectionClose(MimeHeaders headers) {
MessageBytes connection = headers.getValue(Constants.CONNECTION);
if (connection == null) {
return false;
}
return connection.equals(Constants.CLOSE);
}
Guys,
I have been wondering recently why are we bundling
commons-daemon-native.tar.gz and tomcat-native.tar.gz every time with a
new release at all?
There are two scenarios where people don't require to use it from the
tarball:
1. Tomcat Native and Commons Daemon are installed through OS
Folks,
while working on an improvement for Http11Processor I have noticed there
constructs:
if ((contentEncodingMB != null)
(contentEncodingMB.indexOf("gzip") != -1))
if (connectionValue != null)
foundUpgrade =
connectionValue.toLowerCase(Locale.ENGLISH).contains("upgrade");
Am 2019-10-07 um 15:58 schrieb Mark Thomas:
The proposed Apache Tomcat 8.5.47 release is now available for voting.
The major changes compared to the 8.5.46 release are:
- Update to Commons Daemon 1.2.2 to pick up the fix for a regression in
Commons Daemon 1.2.0 and 1.2.1 that triggered a
Am 2019-10-07 um 16:39 schrieb Christopher Schultz:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
All,
I recently gave a presentation on locking-down Apache Tomcat[1] and I
briefly discussed the "sharp edges" present in Tomcat. Some of them
are unnecessarily sharp and may be actually
Am 2019-10-07 um 16:54 schrieb Christopher Schultz:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
All,
I recently gave a presentation on locking-down Apache Tomcat[1] and I
briefly discussed the "sharp edges" present in Tomcat. Some of them
are unnecessarily sharp and may be actually
Am 2019-09-16 um 20:46 schrieb Mark Thomas:
The proposed Apache Tomcat 8.5.46 release is now available for voting.
The major changes compared to the 8.5.45 release are:
- Update to Commons Daemon 1.2.1 to pick up fixes for regressions in
Commons Daemon 1.2.0, most notably a failure to start
Am 2019-08-15 um 00:48 schrieb Mark Thomas:
The proposed Apache Tomcat 8.5.45 release is now available for voting.
The major changes compared to the 8.5.43 release are:
- Expand the HTTP/2 excessive overhead protection to cover various forms
of abusive client behaviour and close the
> Gesendet: Donnerstag, 01. August 2019 um 12:16 Uhr
> Von: ma...@apache.org
> An: "dev@tomcat.apache.org"
> Betreff: [tomcat] branch 7.0.x updated: Fix broken test
>
> This is an automated email from the ASF dual-hosted git repository.
>
> markt pushed a commit to branch 7.0.x
> in repository
Am 2019-07-11 um 20:39 schrieb Violeta Georgieva:
The proposed Apache Tomcat 7.0.95 release is now available for voting.
For full details, see the changelog:
https://ci.apache.org/projects/tomcat/tomcat7/docs/changelog.html
That's confusing. I do not see my entry for BZ 63556 from
Am 2019-04-11 um 21:49 schrieb csuth...@apache.org:
This is an automated email from the ASF dual-hosted git repository.
csutherl pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/master by this push:
https://gitbox.apache.org/repos/asf/tomcat.git
commit 0e1de0d34302cdea6b3c2a47b03dcca4c7e2f9b7 Author: Michael
Osipov AuthorDate: Sun Mar 31 10:03:29 2019
+0200
Fix wrong protocol version usage
When serving a HTTP/2 request the protocol version was set as
"HTTP/2.0" which does not exist
Am 2019-04-01 um 13:42 schrieb Mark Thomas:
On 01/04/2019 12:41, Michael Osipov wrote:
Am 2019-04-01 um 13:10 schrieb ma...@apache.org:
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf
Am 2019-04-01 um 13:10 schrieb ma...@apache.org:
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/master by this push:
Am 2019-04-01 um 09:36 schrieb Rémy Maucherat:
On Sun, Mar 31, 2019 at 7:38 PM Michael Osipov wrote:
Am 2019-03-31 um 14:50 schrieb Konstantin Kolinko:
-1 (veto).
This was discussed several years ago, and the decision was to use
"HTTP/2.0"
https://bz.apache.org/bugzilla/show_
email from the ASF dual-hosted git repository.
michaelo pushed a commit to branch wrong-http2-version
in repository https://gitbox.apache.org/repos/asf/tomcat.git
commit 0e1de0d34302cdea6b3c2a47b03dcca4c7e2f9b7
Author: Michael Osipov
AuthorDate: Sun Mar 31 10:03:29 2019 +0200
Fix wron
Am 2019-03-01 um 21:50 schrieb Mark Thomas:
On 01/03/2019 19:54, Mark Thomas wrote:
On 01/03/2019 19:00, Coty Sutherland wrote:
The email notifications work for when we push commits to the repository,
but it looks like we're missing emails when PRs are opened.
ACK. I'll talk to infra.
Am 2019-02-26 um 13:33 schrieb Mark Thomas:
All,
https://github.com/apache/tomcat
is now ready for testing.
It should contain:
branches
- master (9.0.x)
- 8.5.x
- 7.0.x
Tags:
- one for each 7.0.x, 8.5.x and 9.0.x release
Tags have all been renamed to follow a a.b.c-MODIFIERn format for
Am 2019-02-26 um 14:54 schrieb Rémy Maucherat:
On Tue, Feb 26, 2019 at 1:33 PM Mark Thomas wrote:
All,
https://github.com/apache/tomcat
is now ready for testing.
It should contain:
branches
- master (9.0.x)
- 8.5.x
- 7.0.x
Tags:
- one for each 7.0.x, 8.5.x and 9.0.x release
Tags have all
Am 2019-02-21 um 17:13 schrieb Mark Thomas:
This is a VOTE to migrate the primary source code repository for Apache
Tomcat 9.0.x, 8.5.x and 7.0.x from svn to git.
The migration will be performed as per:
https://cwiki.apache.org/confluence/display/TOMCAT/Git+migration
with the following
Hi folks,
I have some improvement ideas for several components where I think
others would benefit from too.
We intend to run a set of apps on Tomcat 8.5 behind Apache 2.4.x for a
possible future load balacing scenario. While evaluating this task I
have stumbled on the issue that it isn't
Am 2019-02-20 um 17:44 schrieb Mark Thomas:
On 20/02/2019 16:14, Igal Sapir wrote:
Michael,
On Mon, Feb 18, 2019 at 11:53 AM Michael Osipov wrote:
Am 2019-02-18 um 15:19 schrieb Igal Sapir:
I actually prefer "tc8.5" and "tc7.0" for the branches (over "8.5.
Am 2019-02-18 um 15:19 schrieb Igal Sapir:
On Mon, Feb 18, 2019 at 2:03 AM Mark Thomas wrote:
On 18/02/2019 09:13, Rémy Maucherat wrote:
On Sat, Feb 16, 2019 at 4:09 PM Michael Osipov
wrote:
Folks,
given that we are currently in the process of migrating to Git I'd like
to propose
Am 2019-02-18 um 11:03 schrieb Mark Thomas:
On 18/02/2019 09:13, Rémy Maucherat wrote:
On Sat, Feb 16, 2019 at 4:09 PM Michael Osipov wrote:
Folks,
given that we are currently in the process of migrating to Git I'd like
to propose a more readible and with the branch names consistent tag
Folks,
most of you know that there is a common convention of how to write
decent Git commit messages. The scheme is: \n\n".
Where as title (proposed) is: BZ #:
If there is no corresponding BZ issue (which almost always should be),
just an abtract.
The abstract shouldn't contain more
Folks,
given that we are currently in the process of migrating to Git I'd like
to propose a more readible and with the branch names consistent tag
naming scheme.
The given approach, for whatsoever reason, performs an uppercase and
replaces dots with underscores. This reduces readability,
Am 2019-02-16 um 14:46 schrieb Mark Thomas:
On 16/02/2019 13:39, Michael Osipov wrote:
Am 2019-02-11 um 15:51 schrieb Mark Thomas:
All,
I'd like to propose that we make the move from svn to git for Tomcat
7.0.x, 8.5.x and 9.0.x as soon as the next 7.0.x release is complete.
The proposed
Am 2019-02-11 um 15:51 schrieb Mark Thomas:
All,
I'd like to propose that we make the move from svn to git for Tomcat
7.0.x, 8.5.x and 9.0.x as soon as the next 7.0.x release is complete.
The proposed approach is documented here:
https://cwiki.apache.org/confluence/display/TOMCAT/Git+migration
> On 11/02/2019 19:57, Michael Osipov wrote:
> >> All,
> >>
> >> I'd like to propose that we make the move from svn to git for Tomcat
> >> 7.0.x, 8.5.x and 9.0.x as soon as the next 7.0.x release is complete.
> >>
> >> The proposed a
> All,
>
> I'd like to propose that we make the move from svn to git for Tomcat
> 7.0.x, 8.5.x and 9.0.x as soon as the next 7.0.x release is complete.
>
> The proposed approach is documented here:
> https://cwiki.apache.org/confluence/display/TOMCAT/Git+migration
>
> I anticipate that the
Am 2018-12-04 um 23:22 schrieb Woonsan Ko:
On Wed, Dec 5, 2018 at 5:36 AM Michael Osipov wrote:
Am 2018-12-03 um 20:30 schrieb Mark Thomas:
Hi,
I have been looking at [1]. This is a request to be able to specify a
URL for a WAR, including a URL that points to a WAR file packaged inside
Am 2018-12-03 um 20:30 schrieb Mark Thomas:
Hi,
I have been looking at [1]. This is a request to be able to specify a
URL for a WAR, including a URL that points to a WAR file packaged inside
a JAR. This request is in the context of embedded Tomcat.
The embedded aspects are just part of this.
Am 2018-09-11 um 23:53 schrieb Christopher Schultz:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Michael,
On 9/11/18 3:33 PM, Michael Osipov wrote:
in bug 62670 [1] -- contrary to my statement -- Mark pointed out
that is it pefectly legal to have a JDBC driver in WEB-INF/lib.
While I
Hi folks,
in bug 62670 [1] -- contrary to my statement -- Mark pointed out that is
it pefectly legal to have a JDBC driver in WEB-INF/lib. While I was
living for years with the assumption that this is discouraged because
the DriverManager is VM wide and not classloader-wide, plus numerous SO
Am 2018-09-11 um 14:53 schrieb Mark Thomas:
The Apache Tomcat team announces the immediate availability of Apache
Tomcat 8.5.34.
Apache Tomcat 8 is an open source software implementation of the Java
Servlet, JavaServer Pages, Java Unified Expression Language, Java
WebSocket and Java
Am 2018-09-10 um 22:18 schrieb Mark Thomas:
The following voters were cast:
Binding:
+1: remm, markt, michaelo, csutherl, ebourg
My vote is binding? I am solely a committer at moment, not a PMC member.
Michael
-
To
Am 2018-09-05 um 00:52 schrieb Mark Thomas:
The proposed Apache Tomcat 8.5.34 release is now available for voting.
The major changes compared to the 8.5.33 release are:
- Fix multiple issues associated with using the asynchronous Servlet
API in combination with HTTP/2
- Add recursion to
Am 2018-08-06 um 20:24 schrieb Emmanuel Bourg:
Hi all,
We have 4 timestamps in the manifest of our jar files:
DSTAMP: 20180806
TSTAMP: 1443
TODAY: August 6 2018
Bnd-LastModified: 1533578685288
Are they really necessary? This doesn't help making the generated files
reproducible [1]. Any
Am 2018-07-26 um 00:55 schrieb Konstantin Kolinko:
2018-07-25 22:33 GMT+03:00 Michael Osipov :
Folks,
we need to inquire this with INFRA:
PS D:\Entwicklung\Projekte\tomcat-8.5.x> ant
Buildfile: D:\Entwicklung\Projekte\tomcat-8.5.x\build.xml
download-compile:
testexist:
[echo] Test
Folks,
we need to inquire this with INFRA:
PS D:\Entwicklung\Projekte\tomcat-8.5.x> ant
Buildfile: D:\Entwicklung\Projekte\tomcat-8.5.x\build.xml
download-compile:
testexist:
[echo] Testing for
C:\Users\mosipov/tomcat-build-libs/commons-daemon-1.1.0/commons-daemon-1.1.0.jar
Am 2018-07-03 um 22:37 schrieb Igal Sapir:
On 7/3/2018 1:15 PM, Michael Osipov wrote:
Am 2018-07-03 um 22:12 schrieb Mark Thomas:
On 03/07/18 21:10, Michael Osipov wrote:
Am 2018-07-03 um 22:07 schrieb Mark Thomas:
On 03/07/18 21:02, Michael Osipov wrote:
Am 2018-07-03 um 18:27 schrieb Mark
Am 2018-07-03 um 22:12 schrieb Mark Thomas:
On 03/07/18 21:10, Michael Osipov wrote:
Am 2018-07-03 um 22:07 schrieb Mark Thomas:
On 03/07/18 21:02, Michael Osipov wrote:
Am 2018-07-03 um 18:27 schrieb Mark Thomas:
Hi,
I've been looking at the makebase script and thinking about potential
use
Am 2018-07-03 um 22:07 schrieb Mark Thomas:
On 03/07/18 21:02, Michael Osipov wrote:
Am 2018-07-03 um 18:27 schrieb Mark Thomas:
Hi,
I've been looking at the makebase script and thinking about potential
use cases.
Currently, we copy conf recursively but create an empty webapps
Am 2018-07-03 um 18:27 schrieb Mark Thomas:
Hi,
I've been looking at the makebase script and thinking about potential
use cases.
Currently, we copy conf recursively but create an empty webapps. This is
inconsistent as any directories under conf will (nearly always) be web
application specific
Friends,
I still see some inconsistencies and portability issues:
1. Some expressions, some are not. It should be consistently quoted to
avoid whitespace issues or similar.
2. "cp -a" is not portable. Some platforms don't have it, e.g., HP-UX
which I use for approx 10 years with Tomcat.
3.
Am 2018-07-03 um 17:31 schrieb ma...@apache.org:
Author: markt
Date: Tue Jul 3 15:31:37 2018
New Revision: 1834989
URL: http://svn.apache.org/viewvc?rev=1834989=rev
Log:
Fix line-endings
Modified:
tomcat/trunk/bin/makebase.bat (props changed)
tomcat/trunk/bin/makebase.sh (props
Am 2018-07-01 um 21:51 schrieb isa...@apache.org:
Author: isapir
Date: Sun Jul 1 19:51:28 2018
New Revision: 1834801
Modified: tomcat/trunk/bin/makebase.sh
URL:
http://svn.apache.org/viewvc/tomcat/trunk/bin/makebase.sh?rev=1834801=1834800=1834801=diff
Am 2018-07-01 um 21:33 schrieb Igal Sapir:
On 7/1/2018 12:18 PM, Michael Osipov wrote:
Am 2018-07-01 um 20:44 schrieb isa...@apache.org:
Author: isapir
Date: Sun Jul 1 18:44:38 2018
New Revision: 1834798
URL: http://svn.apache.org/viewvc?rev=1834798=rev
Log:
Fix https://bz.apache.org
Am 2018-07-01 um 20:44 schrieb isa...@apache.org:
Author: isapir
Date: Sun Jul 1 18:44:38 2018
New Revision: 1834798
URL: http://svn.apache.org/viewvc?rev=1834798=rev
Log:
Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=62500
Added scripts to create CATALINA_BASE directory
Added:
[
https://issues.apache.org/jira/browse/MTOMCAT-84?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Michael Osipov reopened MTOMCAT-84:
---
[~olamy], I don't think so.
[~kkolinko], I have reuploaded the patch. I have signed ASF license
[
https://issues.apache.org/jira/browse/MTOMCAT-84?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Michael Osipov updated MTOMCAT-84:
--
Attachment: MTOMCAT-84.patch
tomcat:reload logs the wrong message
[
https://issues.apache.org/jira/browse/MTOMCAT-79?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=13813809#comment-13813809
]
Michael Osipov commented on MTOMCAT-79:
---
Why was that closed as Not a Problem
[
https://issues.apache.org/jira/browse/MTOMCAT-32?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=13126855#comment-13126855
]
Michael Osipov commented on MTOMCAT-32:
---
Steve, what is the benefit? If I look
[
https://issues.apache.org/jira/browse/MTOMCAT-79?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Michael Osipov resolved MTOMCAT-79.
---
Resolution: Not A Problem
Fix Version/s: 1.1
I did not notice the deploy-only mojo
Versions: 1.1
Reporter: Michael Osipov
Redeploy is the same as deploy but has the update flag set to true. redeploy
does not fork a package phase, deploy does. The behavior is diffrent. It should
be:
deploy = redeploy
deploy-only = redeploy-only
--
This message is automatically generated
Mark Thomas wrote:
Jim Manico wrote:
The Fortify Opensource project automatically scans the Tomcat codebase
on a regular basis.
This probably only gives you 10% security coverage at best, but it's a
free report form a $50k tool.
http://opensource.fortifysoftware.com
A great example of
Hi devs,
I've been investigating Apache Tomcat within my Bachelor's thesis
Application
of security test tools in open source at the Free University of Berlin
(FU Berlin) [1].
Basically, I am looking for security measures which have been taken to
prevent security leaks/vulnerabilities especially
Mark Thomas wrote:
Michael Osipov wrote:
Security advisories are taken up by a security team [3]. Does this team
or any other group/person take any measures to assure security with
testing tools,
with a special test plan or functional requirements?
Hello Mark,
I did not expect such a quick
201 - 269 of 269 matches
Mail list logo
