[Bug 60669] Unexpected behavior if tomcat manager user password contains

2017-01-30 Thread bugzilla
https://bz.apache.org/bugzilla/show_bug.cgi?id=60669 Ahmed Wahba changed: What|Removed |Added CC|

[Bug 60669] New: Unexpected behavior if tomcat manager user password contains

2017-01-30 Thread bugzilla
https://bz.apache.org/bugzilla/show_bug.cgi?id=60669 Bug ID: 60669 Summary: Unexpected behavior if tomcat manager user password contains & Product: Tomcat 8 Version: 8.5.9 Hardware: All OS: Linux

[Bug 60667] New: Information disclosure vulnerability leaking files from WEB-INF and META-INF

2017-01-30 Thread bugzilla
https://bz.apache.org/bugzilla/show_bug.cgi?id=60667 Bug ID: 60667 Summary: Information disclosure vulnerability leaking files from WEB-INF and META-INF Product: Tomcat 7 Version: 7.0.61 Hardware: All Status:

svn commit: r1781002 - /tomcat/native/trunk/native/build/tcnative.m4

2017-01-30 Thread markt
Author: markt Date: Mon Jan 30 22:17:22 2017 New Revision: 1781002 URL: http://svn.apache.org/viewvc?rev=1781002=rev Log: Use ssllibdir rather than libdir to avoid naming clash on Linux Modified: tomcat/native/trunk/native/build/tcnative.m4 Modified:

Re: warning message - small issue

2017-01-30 Thread Mark Thomas
On 30/01/2017 19:24, George Stanchev wrote: > Hello, > > Let me know if you want an official bug report or this not will suffice. The > message "jsseUtil.noVerificationDepth" which is defined in > >

Re: svn commit: r1780995 - /tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSEUtil.java

2017-01-30 Thread Violeta Georgieva
2017-01-30 23:31 GMT+02:00 Mark Thomas : > > On 30/01/2017 21:28, violet...@apache.org wrote: > > Author: violetagg > > Date: Mon Jan 30 21:28:49 2017 > > New Revision: 1780995 > > > > URL: http://svn.apache.org/viewvc?rev=1780995=rev > > Log: > > Fix log message - provide the

svn commit: r1780997 - in /tomcat/tc8.5.x/trunk: ./ java/org/apache/tomcat/util/net/jsse/JSSEUtil.java webapps/docs/changelog.xml

2017-01-30 Thread markt
Author: markt Date: Mon Jan 30 21:31:04 2017 New Revision: 1780997 URL: http://svn.apache.org/viewvc?rev=1780997=rev Log: Include the value of SslHostConfig.truststoreAlgorithm when warning that the algorithm does not support the certificateVerificationDepth configuration option. Modified:

Re: svn commit: r1780995 - /tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSEUtil.java

2017-01-30 Thread Mark Thomas
On 30/01/2017 21:28, violet...@apache.org wrote: > Author: violetagg > Date: Mon Jan 30 21:28:49 2017 > New Revision: 1780995 > > URL: http://svn.apache.org/viewvc?rev=1780995=rev > Log: > Fix log message - provide the missing argument You beat me to it by seconds :) Mark

svn commit: r1780996 - /tomcat/trunk/webapps/docs/changelog.xml

2017-01-30 Thread markt
Author: markt Date: Mon Jan 30 21:29:58 2017 New Revision: 1780996 URL: http://svn.apache.org/viewvc?rev=1780996=rev Log: Changelog entry for 1780995 Modified: tomcat/trunk/webapps/docs/changelog.xml Modified: tomcat/trunk/webapps/docs/changelog.xml URL:

svn commit: r1780995 - /tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSEUtil.java

2017-01-30 Thread violetagg
Author: violetagg Date: Mon Jan 30 21:28:49 2017 New Revision: 1780995 URL: http://svn.apache.org/viewvc?rev=1780995=rev Log: Fix log message - provide the missing argument Modified: tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSEUtil.java Modified:

svn commit: r1780994 - /tomcat/trunk/test/org/apache/tomcat/jni/TestSocketServerAnyLocalAddress.java

2017-01-30 Thread markt
Author: markt Date: Mon Jan 30 21:27:37 2017 New Revision: 1780994 URL: http://svn.apache.org/viewvc?rev=1780994=rev Log: Checkstyle fix Modified: tomcat/trunk/test/org/apache/tomcat/jni/TestSocketServerAnyLocalAddress.java Modified:

svn commit: r1780992 - in /tomcat/tc8.5.x/trunk: ./ java/org/apache/tomcat/util/http/parser/Cookie.java

2017-01-30 Thread markt
Author: markt Date: Mon Jan 30 21:19:25 2017 New Revision: 1780992 URL: http://svn.apache.org/viewvc?rev=1780992=rev Log: Make intended behavior clearer Modified: tomcat/tc8.5.x/trunk/ (props changed) tomcat/tc8.5.x/trunk/java/org/apache/tomcat/util/http/parser/Cookie.java Propchange:

svn commit: r1780991 - /tomcat/trunk/java/org/apache/tomcat/util/http/parser/Cookie.java

2017-01-30 Thread markt
Author: markt Date: Mon Jan 30 21:14:16 2017 New Revision: 1780991 URL: http://svn.apache.org/viewvc?rev=1780991=rev Log: Make intended behavior clearer Modified: tomcat/trunk/java/org/apache/tomcat/util/http/parser/Cookie.java Modified:

Re: svn commit: r1780609 - in /tomcat/trunk: java/org/apache/tomcat/util/http/parser/Cookie.java test/org/apache/tomcat/util/http/TestCookies.java

2017-01-30 Thread Mark Thomas
On 30/01/2017 19:49, Christopher Schultz wrote: > Mark, > > On 1/27/17 4:02 PM, ma...@apache.org wrote: >> Author: markt >> Date: Fri Jan 27 21:02:08 2017 >> New Revision: 1780609 >> >> URL: http://svn.apache.org/viewvc?rev=1780609=rev >> Log: >> Follow-up to r1780606 >> Ensure RFC2109 cookie is

svn commit: r1780990 - /tomcat/trunk/test/org/apache/tomcat/jni/TestSocketServerAnyLocalAddress.java

2017-01-30 Thread markt
Author: markt Date: Mon Jan 30 21:12:33 2017 New Revision: 1780990 URL: http://svn.apache.org/viewvc?rev=1780990=rev Log: Port unit test from tc-native - update to JUnit 4 - copy Endpoint code to identify correct address for client to use when server listens on any port Added:

[Bug 60362] Missing reason phrase in response

2017-01-30 Thread bugzilla
https://bz.apache.org/bugzilla/show_bug.cgi?id=60362 --- Comment #20 from Christopher Schultz --- (In reply to Michael Osipov from comment #16) > (In reply to Remy Maucherat from comment #15) > > The only good place to put all these non upgradeable IoT devices is

Re: svn commit: r1780609 - in /tomcat/trunk: java/org/apache/tomcat/util/http/parser/Cookie.java test/org/apache/tomcat/util/http/TestCookies.java

2017-01-30 Thread Christopher Schultz
Mark, On 1/27/17 4:02 PM, ma...@apache.org wrote: > Author: markt > Date: Fri Jan 27 21:02:08 2017 > New Revision: 1780609 > > URL: http://svn.apache.org/viewvc?rev=1780609=rev > Log: > Follow-up to r1780606 > Ensure RFC2109 cookie is created with correct version > > Modified: >

warning message - small issue

2017-01-30 Thread George Stanchev
Hello, Let me know if you want an official bug report or this not will suffice. The message "jsseUtil.noVerificationDepth" which is defined in https://svn.apache.org/repos/asf/tomcat/trunk/java/org/apache/tomcat/util/net/jsse/LocalStrings.properties as a one arg string:

[GUMP@vmgump-vm3]: Project tomcat-native-trunk-make (in module tomcat-native-trunk) failed

2017-01-30 Thread Bill Barker
] - make[1]: Entering directory `/srv/gump/public/workspace/tomcat-native-trunk/native' /bin/bash /srv/gump/public/workspace/apr-1/dest-20170130/build-1/libtool --silent --mode=compile gcc -g -O2 -pthread -DHAVE_CONFIG_H -DLINUX -D_REENTRANT -D_GNU_SOURCE -g -O2 -DHAVE_OPENSSL

[GUMP@vmgump-vm3]: Project tomcat-native-12-make (in module tomcat-native-12) failed

2017-01-30 Thread Bill Barker
/tomcat-native-12/native] - make[1]: Entering directory `/srv/gump/public/workspace/tomcat-native-12/native' /bin/bash /srv/gump/public/workspace/apr-1/dest-20170130/build-1/libtool --silent --mode=compile gcc -g -O2 -pthread -DHAVE_CONFIG_H -DLINUX

[Tomcat Wiki] Update of "ServletProxy" by WoonsanKo

2017-01-30 Thread Apache Wiki
Dear Wiki user, You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change notification. The "ServletProxy" page has been changed by WoonsanKo: https://wiki.apache.org/tomcat/ServletProxy?action=diff=8=9 [2] http://noodle.tigris.org/, “home page – noodle”. [3]

[Tomcat Wiki] Update of "ServletProxy" by WoonsanKo

2017-01-30 Thread Apache Wiki
Dear Wiki user, You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change notification. The "ServletProxy" page has been changed by WoonsanKo: https://wiki.apache.org/tomcat/ServletProxy?action=diff=7=8 Link: http://edwardstx.net/wiki/Wiki.jsp?page=HttpProxyServlet

Re: svn commit: r1780929 - in /tomcat/trunk/test/org/apache/tomcat/jni: ./ TestSocketServer.java

2017-01-30 Thread Mark Thomas
On 30/01/2017 16:09, ma...@apache.org wrote: > Author: markt > Date: Mon Jan 30 16:09:38 2017 > New Revision: 1780929 > > URL: http://svn.apache.org/viewvc?rev=1780929=rev > Log: > Port unit test from tc-native: This is the first part of my plan to address [1]. Next steps are: - review and

svn commit: r1780929 - in /tomcat/trunk/test/org/apache/tomcat/jni: ./ TestSocketServer.java

2017-01-30 Thread markt
Author: markt Date: Mon Jan 30 16:09:38 2017 New Revision: 1780929 URL: http://svn.apache.org/viewvc?rev=1780929=rev Log: Port unit test from tc-native: - update to JUnit 4 - split into multiple tests - remove broken test for accept with timeout (APR does not support this) - don't used a

[Bug 60594] RFC 7230/3986 url requirement that prevents unencoded curly braces should be optional, since it breaks existing sites

2017-01-30 Thread bugzilla
https://bz.apache.org/bugzilla/show_bug.cgi?id=60594 --- Comment #9 from Coty Sutherland --- Created attachment 34694 --> https://bz.apache.org/bugzilla/attachment.cgi?id=34694=edit whitelist proposal limiting characters with docs OK, here's an updated whitelist patch

Re: svn commit: r1779674 - /tomcat/native/trunk/native/configure.in

2017-01-30 Thread Emmanuel Bourg
Le 24/01/2017 à 12:12, Konstantin Kolinko a écrit : > There is a bug number for this change, 60388. It is better to mention > it as 60388: Thanks I didn't notice the syntax to specify a bug number. I added it. > The code and use of ${enableval} is OK. I mean the help string that >

svn commit: r1780903 - in /tomcat/native/trunk: build.xml test/org/apache/tomcat/jni/FileTestSuite.java

2017-01-30 Thread markt
Author: markt Date: Mon Jan 30 11:48:21 2017 New Revision: 1780903 URL: http://svn.apache.org/viewvc?rev=1780903=rev Log: Remove dummy test case that was never replaced with an implementation. Removed: tomcat/native/trunk/test/org/apache/tomcat/jni/FileTestSuite.java Modified:

svn commit: r1780900 - /tomcat/native/trunk/native/configure.in

2017-01-30 Thread ebourg
Author: ebourg Date: Mon Jan 30 11:38:29 2017 New Revision: 1780900 URL: http://svn.apache.org/viewvc?rev=1780900=rev Log: Use the AS_HELP_STRING macro to format the help message of the maintainer-mode option Modified: tomcat/native/trunk/native/configure.in Modified:

[Bug 59996] tcnative.m4 always refers to lib directory

2017-01-30 Thread bugzilla
https://bz.apache.org/bugzilla/show_bug.cgi?id=59996 Mark Thomas changed: What|Removed |Added Status|NEW |RESOLVED

svn commit: r1780899 - in /tomcat/native/trunk: native/build/tcnative.m4 xdocs/miscellaneous/changelog.xml

2017-01-30 Thread markt
Author: markt Date: Mon Jan 30 11:38:11 2017 New Revision: 1780899 URL: http://svn.apache.org/viewvc?rev=1780899=rev Log: Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=59996 Correctly handle building tc-native on a 64-bit system when using an OpenSSL distribution that is not in /usr.

svn commit: r1780897 - /tomcat/native/trunk/xdocs/miscellaneous/changelog.xml

2017-01-30 Thread ebourg
Author: ebourg Date: Mon Jan 30 11:32:39 2017 New Revision: 1780897 URL: http://svn.apache.org/viewvc?rev=1780897=rev Log: Mention bug 60388 in the changelog Modified: tomcat/native/trunk/xdocs/miscellaneous/changelog.xml Modified: tomcat/native/trunk/xdocs/miscellaneous/changelog.xml URL:

Time for a tc-native release

2017-01-30 Thread Mark Thomas
Hi, OpenSSL has announced some vulnerabilities [1] so I plan to roll a new tc-native release to be picked up by the next set of Tomcat releases. I'm going to take some time to work through some of the open tc-native issues first. My outline plan is to tag 1.2.11 in a few days. Mark [1]

[Tomcat Wiki] Update of "ContributorsGroup" by markt

2017-01-30 Thread Apache Wiki
Dear Wiki user, You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change notification. The "ContributorsGroup" page has been changed by markt: https://wiki.apache.org/tomcat/ContributorsGroup?action=diff=30=31 Comment: += WoonsanKo * StevenHeckler *