[Bug 60669] Unexpected behavior if tomcat manager user password contains

2017-01-30 Thread bugzilla
https://bz.apache.org/bugzilla/show_bug.cgi?id=60669

Ahmed Wahba  changed:

   What|Removed |Added

 CC||ahmedade...@gmail.com

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



[Bug 60669] New: Unexpected behavior if tomcat manager user password contains

2017-01-30 Thread bugzilla
https://bz.apache.org/bugzilla/show_bug.cgi?id=60669

Bug ID: 60669
   Summary: Unexpected behavior if tomcat manager user password
contains &
   Product: Tomcat 8
   Version: 8.5.9
  Hardware: All
OS: Linux
Status: NEW
  Severity: normal
  Priority: P2
 Component: Manager
  Assignee: dev@tomcat.apache.org
  Reporter: ahmedade...@gmail.com
  Target Milestone: 

Hi,

I added a user to my manager app, with role "manager-gui", and the password
contains & symbol, the user was not logging in!

I checked logs, I found exceptions relates to part of the password after the
"&" symbol

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



[Bug 60667] New: Information disclosure vulnerability leaking files from WEB-INF and META-INF

2017-01-30 Thread bugzilla
https://bz.apache.org/bugzilla/show_bug.cgi?id=60667

Bug ID: 60667
   Summary: Information disclosure vulnerability leaking files
from WEB-INF and META-INF
   Product: Tomcat 7
   Version: 7.0.61
  Hardware: All
Status: NEW
  Severity: minor
  Priority: P2
 Component: Servlet & JSP API
  Assignee: dev@tomcat.apache.org
  Reporter: adarshdin...@gmail.com
  Target Milestone: ---

Request : https://:/META-INf./template.mf
Response : Content of template.mf


Here the tomcat URL filter for restricting access to META-INF and WEB-INF can
be evaded using a "." in the end of the directory-name and one keeping at least
one character lowercase.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



svn commit: r1781002 - /tomcat/native/trunk/native/build/tcnative.m4

2017-01-30 Thread markt
Author: markt
Date: Mon Jan 30 22:17:22 2017
New Revision: 1781002

URL: http://svn.apache.org/viewvc?rev=1781002=rev
Log:
Use ssllibdir rather than libdir to avoid naming clash on Linux

Modified:
tomcat/native/trunk/native/build/tcnative.m4

Modified: tomcat/native/trunk/native/build/tcnative.m4
URL: 
http://svn.apache.org/viewvc/tomcat/native/trunk/native/build/tcnative.m4?rev=1781002=1781001=1781002=diff
==
--- tomcat/native/trunk/native/build/tcnative.m4 (original)
+++ tomcat/native/trunk/native/build/tcnative.m4 Mon Jan 30 22:17:22 2017
@@ -210,19 +210,19 @@ case "$use_openssl" in
 TCN_OPENSSL_LIBS="-lssl -lcrypto"
 else
 TCN_OPENSSL_INC="-I$use_openssl/include"
-test -d $use_openssl/lib64 && libdir=lib64 || libdir=lib
+test -d $use_openssl/lib64 && ssllibdir=lib64 || ssllibdir=lib
 case $host in
 *-solaris*)
-TCN_OPENSSL_LIBS="-L$use_openssl/$libdir 
-R$use_openssl/$libdir -lssl -lcrypto"
+TCN_OPENSSL_LIBS="-L$use_openssl/$ssllibdir 
-R$use_openssl/$ssllibdir -lssl -lcrypto"
 ;;
 *-hp-hpux*)
-TCN_OPENSSL_LIBS="-L$use_openssl/$libdir -Wl,+b: -lssl 
-lcrypto"
+TCN_OPENSSL_LIBS="-L$use_openssl/$ssllibdir -Wl,+b: -lssl 
-lcrypto"
 ;;
 *linux*)
-TCN_OPENSSL_LIBS="-L$use_openssl/$libdir 
-Wl,-rpath,$use_openssl/$libdir -lssl -lcrypto"
+TCN_OPENSSL_LIBS="-L$use_openssl/$ssllibdir 
-Wl,-rpath,$use_openssl/$ssllibdir -lssl -lcrypto"
 ;;
 *)
-TCN_OPENSSL_LIBS="-L$use_openssl/$libdir -lssl -lcrypto"
+TCN_OPENSSL_LIBS="-L$use_openssl/$ssllibdir -lssl -lcrypto"
 ;;
 esac
 fi



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Re: warning message - small issue

2017-01-30 Thread Mark Thomas
On 30/01/2017 19:24, George Stanchev wrote:
> Hello,
> 
> Let me know if you want an official bug report or this not will suffice. The 
> message "jsseUtil.noVerificationDepth" which is defined in
> 
> https://svn.apache.org/repos/asf/tomcat/trunk/java/org/apache/tomcat/util/net/jsse/LocalStrings.properties
> 
> as a one arg string:
> 
> jsseUtil.noVerificationDepth=The truststoreProvider [{0}] does not support 
> the certificateVerificationDepth configuration option
> 
> But the argument is never used when emitting the message. Its only usage is in
> 
> java\org\apache\tomcat\util\net\jsse\JSSEUtil.java
> 
> as follows: log.warn(sm.getString("jsseUtil.noVerificationDepth"));
> 
> I can submit a bug report or any of the devs can just fix the string (or, 
> preferably the warning)

Generally, bug reports are preferred since that ensures the issue
doesn't get forgotten about. For simple stuff like this, an e-mail is
fine but if it does look like it has been forgotten, then a bug report
will ensure it isn't.

Bug reports also give you the opportunity to provide patches and get you
name in the changelog ;)

Thanks for the report. Should be fixed now.

Mark


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Re: svn commit: r1780995 - /tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSEUtil.java

2017-01-30 Thread Violeta Georgieva
2017-01-30 23:31 GMT+02:00 Mark Thomas :
>
> On 30/01/2017 21:28, violet...@apache.org wrote:
> > Author: violetagg
> > Date: Mon Jan 30 21:28:49 2017
> > New Revision: 1780995
> >
> > URL: http://svn.apache.org/viewvc?rev=1780995=rev
> > Log:
> > Fix log message - provide the missing argument
>
> You beat me to it by seconds :)

;)

>
> Mark
>
>
> -
> To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: dev-h...@tomcat.apache.org
>


svn commit: r1780997 - in /tomcat/tc8.5.x/trunk: ./ java/org/apache/tomcat/util/net/jsse/JSSEUtil.java webapps/docs/changelog.xml

2017-01-30 Thread markt
Author: markt
Date: Mon Jan 30 21:31:04 2017
New Revision: 1780997

URL: http://svn.apache.org/viewvc?rev=1780997=rev
Log:
Include the value of SslHostConfig.truststoreAlgorithm when warning that the 
algorithm does not support the certificateVerificationDepth configuration 
option.

Modified:
tomcat/tc8.5.x/trunk/   (props changed)
tomcat/tc8.5.x/trunk/java/org/apache/tomcat/util/net/jsse/JSSEUtil.java
tomcat/tc8.5.x/trunk/webapps/docs/changelog.xml

Propchange: tomcat/tc8.5.x/trunk/
--
--- svn:mergeinfo (original)
+++ svn:mergeinfo Mon Jan 30 21:31:04 2017
@@ -1 +1 @@
-/tomcat/trunk:1734785,1734799,1734845,1734928,1735041,1735044,1735480,1735577,1735597,1735599-1735600,1735615,1736145,1736162,1736209,1736280,1736297,1736299,1736489,1736646,1736703,1736836,1736849,1737104-1737105,1737112,1737117,1737119-1737120,1737155,1737157,1737192,1737280,1737339,1737632,1737664,1737715,1737748,1737785,1737834,1737860,1737903,1737959,1738005,1738007,1738014-1738015,1738018,1738022,1738039,1738043,1738059-1738060,1738147,1738149,1738174-1738175,1738261,1738589,1738623-1738625,1738643,1738816,1738850,1738855,1738946-1738948,1738953-1738954,1738979,1738982,1739079-1739081,1739087,1739113,1739153,1739172,1739176,1739191,1739474,1739726,1739762,1739775,1739814,1739817-1739818,1739975,1740131,1740324,1740465,1740495,1740508-1740509,1740520,1740535,1740707,1740803,1740810,1740969,1740980,1740991,1740997,1741015,1741033,1741036,1741058,1741060,1741080,1741147,1741159,1741164,1741173,1741181,1741190,1741197,1741202,1741208,1741213,1741221,1741225,1741232,1741409,1741501
 
,1741677,1741892,1741896,1741984,1742023,1742042,1742071,1742090,1742093,1742101,1742105,1742111,1742139,1742146,1742148,1742166,1742181,1742184,1742187,1742246,1742248-1742251,1742263-1742264,1742268,1742276,1742369,1742387,1742448,1742509-1742512,1742917,1742919,1742933,1742975-1742976,1742984,1742986,1743019,1743115,1743117,1743124-1743125,1743134,1743425,1743554,1743679,1743696-1743698,1743700-1743701,1744058,1744064-1744065,1744125,1744194,1744229,1744270,1744323,1744432,1744684,1744697,1744705,1744713,1744760,1744786,1745083,1745142-1745143,1745145,1745177,1745179-1745180,1745227,1745248,1745254,1745337,1745467,1745473,1745576,1745735,1745744,1746304,1746306-1746307,1746319,1746327,1746338,1746340-1746341,1746344,1746427,1746441,1746473,1746490,1746492,1746495-1746496,1746499-1746501,1746503-1746507,1746509,1746549,1746551,1746554,1746556,1746558,1746584,1746620,1746649,1746724,1746939,1746989,1747014,1747028,1747035,1747210,1747225,1747234,1747253,1747404,1747506,1747536,1747
 
924,1747980,1747993,1748001,1748253,1748452,1748547,1748629,1748676,1748715,1749287,1749296,1749328,1749373,1749465,1749506,1749508,1749665-1749666,1749763,1749865-1749866,1749898,1749978,1749980,1750011,1750015,1750056,1750480,1750617,1750634,1750692,1750697,1750700,1750703,1750707,1750714,1750718,1750723,1750774,1750899,1750975,1750995,1751061,1751097,1751173,1751438,1751447,1751463,1751702,1752212,1752737,1752745,1753078,1753080,1753358,1753363,1754111,1754140-1754141,1754281,1754310,1754445,1754467,1754494,1754496,1754528,1754532-1754533,1754613,1754714,1754874,1754941,1754944,1754950-1754951,1755005,1755007,1755009,1755132,1755180-1755181,1755185,1755190,1755204-1755206,1755208,1755214,1755224,1755227,1755230,1755629,1755646-1755647,1755650,1755653,1755675,1755680,1755683,1755693,1755717,1755731-1755737,1755812,1755828,1755884,1755890,1755918-1755919,1755942,1755958,1755960,1755970,1755993,1756013,1756019,1756039,1756056,1756083-1756114,1756175,1756288-1756289,1756408-1756410,1
 
756778,1756798,1756878,1756898,1756939,1757123-1757124,1757126,1757128,1757132-1757133,1757136,1757145,1757167-1757168,1757175,1757180,1757182,1757195,1757271,1757278,1757347,1757353-1757354,1757363,1757374,1757399,1757406,1757408,1757485,1757495,1757499,1757527,1757578,1757684,1757722,1757727,1757790,1757799,1757813,1757853,1757883,1757903,1757976,1757997,1758000,1758058,1758072-1758075,1758078-1758079,1758223,1758257,1758261,1758276,1758292,1758369,1758378-1758383,1758421,1758423,1758425-1758427,1758430,1758443,1758448,1758459,1758483,1758486-1758487,1758499,1758525,1758556,1758580,1758582,1758584,1758588,1758842,1759019,1759212,1759224,1759227,1759252,1759274,1759513-1759516,1759611,1759757,1759785-1759790,1760005,1760022,1760109-1760110,1760135,1760200-1760201,1760227,1760300,1760397,1760446,1760454,1760640,1760648,1761057,1761422,1761491,1761498,1761500-1761501,1761550,1761553,1761572,1761574,1761625-1761626,1761628,1761682,1761740,1761752,1762051-1762053,1762123,1762168,176217
 

Re: svn commit: r1780995 - /tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSEUtil.java

2017-01-30 Thread Mark Thomas
On 30/01/2017 21:28, violet...@apache.org wrote:
> Author: violetagg
> Date: Mon Jan 30 21:28:49 2017
> New Revision: 1780995
> 
> URL: http://svn.apache.org/viewvc?rev=1780995=rev
> Log:
> Fix log message - provide the missing argument

You beat me to it by seconds :)

Mark


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



svn commit: r1780996 - /tomcat/trunk/webapps/docs/changelog.xml

2017-01-30 Thread markt
Author: markt
Date: Mon Jan 30 21:29:58 2017
New Revision: 1780996

URL: http://svn.apache.org/viewvc?rev=1780996=rev
Log:
Changelog entry for 1780995

Modified:
tomcat/trunk/webapps/docs/changelog.xml

Modified: tomcat/trunk/webapps/docs/changelog.xml
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1780996=1780995=1780996=diff
==
--- tomcat/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/trunk/webapps/docs/changelog.xml Mon Jan 30 21:29:58 2017
@@ -92,6 +92,11 @@
 $Version=1, cookies that start with 
$Version=0
 are also parsed as RFC 2109 cookies. (markt)
   
+  
+Include the value of SslHostConfig.truststoreAlgorithm 
when
+warning that the algorithm does not support the
+certificateVerificationDepth configuration option. (markt)
+  
 
   
   



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



svn commit: r1780995 - /tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSEUtil.java

2017-01-30 Thread violetagg
Author: violetagg
Date: Mon Jan 30 21:28:49 2017
New Revision: 1780995

URL: http://svn.apache.org/viewvc?rev=1780995=rev
Log:
Fix log message - provide the missing argument

Modified:
tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSEUtil.java

Modified: tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSEUtil.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSEUtil.java?rev=1780995=1780994=1780995=diff
==
--- tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSEUtil.java (original)
+++ tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSEUtil.java Mon Jan 30 
21:28:49 2017
@@ -272,7 +272,7 @@ public class JSSEUtil extends SSLUtilBas
 if (crlf != null && crlf.length() > 0) {
 throw new 
CRLException(sm.getString("jsseUtil.noCrlSupport", algorithm));
 }
-log.warn(sm.getString("jsseUtil.noVerificationDepth"));
+log.warn(sm.getString("jsseUtil.noVerificationDepth", 
algorithm));
 }
 }
 



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



svn commit: r1780994 - /tomcat/trunk/test/org/apache/tomcat/jni/TestSocketServerAnyLocalAddress.java

2017-01-30 Thread markt
Author: markt
Date: Mon Jan 30 21:27:37 2017
New Revision: 1780994

URL: http://svn.apache.org/viewvc?rev=1780994=rev
Log:
Checkstyle fix

Modified:
tomcat/trunk/test/org/apache/tomcat/jni/TestSocketServerAnyLocalAddress.java

Modified: 
tomcat/trunk/test/org/apache/tomcat/jni/TestSocketServerAnyLocalAddress.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/test/org/apache/tomcat/jni/TestSocketServerAnyLocalAddress.java?rev=1780994=1780993=1780994=diff
==
--- 
tomcat/trunk/test/org/apache/tomcat/jni/TestSocketServerAnyLocalAddress.java 
(original)
+++ 
tomcat/trunk/test/org/apache/tomcat/jni/TestSocketServerAnyLocalAddress.java 
Mon Jan 30 21:27:37 2017
@@ -22,6 +22,7 @@ import java.net.InetAddress;
 import java.net.InetSocketAddress;
 import java.net.NetworkInterface;
 import java.util.Enumeration;
+
 import org.junit.After;
 import org.junit.Assert;
 import org.junit.Assume;



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



svn commit: r1780992 - in /tomcat/tc8.5.x/trunk: ./ java/org/apache/tomcat/util/http/parser/Cookie.java

2017-01-30 Thread markt
Author: markt
Date: Mon Jan 30 21:19:25 2017
New Revision: 1780992

URL: http://svn.apache.org/viewvc?rev=1780992=rev
Log:
Make intended behavior clearer

Modified:
tomcat/tc8.5.x/trunk/   (props changed)
tomcat/tc8.5.x/trunk/java/org/apache/tomcat/util/http/parser/Cookie.java

Propchange: tomcat/tc8.5.x/trunk/
--
--- svn:mergeinfo (original)
+++ svn:mergeinfo Mon Jan 30 21:19:25 2017
@@ -1 +1 @@
-/tomcat/trunk:1734785,1734799,1734845,1734928,1735041,1735044,1735480,1735577,1735597,1735599-1735600,1735615,1736145,1736162,1736209,1736280,1736297,1736299,1736489,1736646,1736703,1736836,1736849,1737104-1737105,1737112,1737117,1737119-1737120,1737155,1737157,1737192,1737280,1737339,1737632,1737664,1737715,1737748,1737785,1737834,1737860,1737903,1737959,1738005,1738007,1738014-1738015,1738018,1738022,1738039,1738043,1738059-1738060,1738147,1738149,1738174-1738175,1738261,1738589,1738623-1738625,1738643,1738816,1738850,1738855,1738946-1738948,1738953-1738954,1738979,1738982,1739079-1739081,1739087,1739113,1739153,1739172,1739176,1739191,1739474,1739726,1739762,1739775,1739814,1739817-1739818,1739975,1740131,1740324,1740465,1740495,1740508-1740509,1740520,1740535,1740707,1740803,1740810,1740969,1740980,1740991,1740997,1741015,1741033,1741036,1741058,1741060,1741080,1741147,1741159,1741164,1741173,1741181,1741190,1741197,1741202,1741208,1741213,1741221,1741225,1741232,1741409,1741501
 
,1741677,1741892,1741896,1741984,1742023,1742042,1742071,1742090,1742093,1742101,1742105,1742111,1742139,1742146,1742148,1742166,1742181,1742184,1742187,1742246,1742248-1742251,1742263-1742264,1742268,1742276,1742369,1742387,1742448,1742509-1742512,1742917,1742919,1742933,1742975-1742976,1742984,1742986,1743019,1743115,1743117,1743124-1743125,1743134,1743425,1743554,1743679,1743696-1743698,1743700-1743701,1744058,1744064-1744065,1744125,1744194,1744229,1744270,1744323,1744432,1744684,1744697,1744705,1744713,1744760,1744786,1745083,1745142-1745143,1745145,1745177,1745179-1745180,1745227,1745248,1745254,1745337,1745467,1745473,1745576,1745735,1745744,1746304,1746306-1746307,1746319,1746327,1746338,1746340-1746341,1746344,1746427,1746441,1746473,1746490,1746492,1746495-1746496,1746499-1746501,1746503-1746507,1746509,1746549,1746551,1746554,1746556,1746558,1746584,1746620,1746649,1746724,1746939,1746989,1747014,1747028,1747035,1747210,1747225,1747234,1747253,1747404,1747506,1747536,1747
 
924,1747980,1747993,1748001,1748253,1748452,1748547,1748629,1748676,1748715,1749287,1749296,1749328,1749373,1749465,1749506,1749508,1749665-1749666,1749763,1749865-1749866,1749898,1749978,1749980,1750011,1750015,1750056,1750480,1750617,1750634,1750692,1750697,1750700,1750703,1750707,1750714,1750718,1750723,1750774,1750899,1750975,1750995,1751061,1751097,1751173,1751438,1751447,1751463,1751702,1752212,1752737,1752745,1753078,1753080,1753358,1753363,1754111,1754140-1754141,1754281,1754310,1754445,1754467,1754494,1754496,1754528,1754532-1754533,1754613,1754714,1754874,1754941,1754944,1754950-1754951,1755005,1755007,1755009,1755132,1755180-1755181,1755185,1755190,1755204-1755206,1755208,1755214,1755224,1755227,1755230,1755629,1755646-1755647,1755650,1755653,1755675,1755680,1755683,1755693,1755717,1755731-1755737,1755812,1755828,1755884,1755890,1755918-1755919,1755942,1755958,1755960,1755970,1755993,1756013,1756019,1756039,1756056,1756083-1756114,1756175,1756288-1756289,1756408-1756410,1
 
756778,1756798,1756878,1756898,1756939,1757123-1757124,1757126,1757128,1757132-1757133,1757136,1757145,1757167-1757168,1757175,1757180,1757182,1757195,1757271,1757278,1757347,1757353-1757354,1757363,1757374,1757399,1757406,1757408,1757485,1757495,1757499,1757527,1757578,1757684,1757722,1757727,1757790,1757799,1757813,1757853,1757883,1757903,1757976,1757997,1758000,1758058,1758072-1758075,1758078-1758079,1758223,1758257,1758261,1758276,1758292,1758369,1758378-1758383,1758421,1758423,1758425-1758427,1758430,1758443,1758448,1758459,1758483,1758486-1758487,1758499,1758525,1758556,1758580,1758582,1758584,1758588,1758842,1759019,1759212,1759224,1759227,1759252,1759274,1759513-1759516,1759611,1759757,1759785-1759790,1760005,1760022,1760109-1760110,1760135,1760200-1760201,1760227,1760300,1760397,1760446,1760454,1760640,1760648,1761057,1761422,1761491,1761498,1761500-1761501,1761550,1761553,1761572,1761574,1761625-1761626,1761628,1761682,1761740,1761752,1762051-1762053,1762123,1762168,176217
 

svn commit: r1780991 - /tomcat/trunk/java/org/apache/tomcat/util/http/parser/Cookie.java

2017-01-30 Thread markt
Author: markt
Date: Mon Jan 30 21:14:16 2017
New Revision: 1780991

URL: http://svn.apache.org/viewvc?rev=1780991=rev
Log:
Make intended behavior clearer

Modified:
tomcat/trunk/java/org/apache/tomcat/util/http/parser/Cookie.java

Modified: tomcat/trunk/java/org/apache/tomcat/util/http/parser/Cookie.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/http/parser/Cookie.java?rev=1780991=1780990=1780991=diff
==
--- tomcat/trunk/java/org/apache/tomcat/util/http/parser/Cookie.java (original)
+++ tomcat/trunk/java/org/apache/tomcat/util/http/parser/Cookie.java Mon Jan 30 
21:14:16 2017
@@ -138,14 +138,14 @@ public class Cookie {
 
 ByteBuffer value = readCookieValue(bb);
 if (value != null && value.remaining() == 1) {
-byte version = value.get();
-if (version == (byte) 49 || version == (byte) 48) {
+int version = value.get() - '0';
+if (version == 1 || version == 0) {
 // $Version=1 -> RFC2109
 // $Version=0 -> RFC2109
 skipLWS(bb);
 byte b = bb.get();
 if (b == SEMICOLON_BYTE || b == COMMA_BYTE) {
-parseCookieRfc2109(bb, serverCookies, version - 48);
+parseCookieRfc2109(bb, serverCookies, version);
 }
 return;
 } else {



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Re: svn commit: r1780609 - in /tomcat/trunk: java/org/apache/tomcat/util/http/parser/Cookie.java test/org/apache/tomcat/util/http/TestCookies.java

2017-01-30 Thread Mark Thomas
On 30/01/2017 19:49, Christopher Schultz wrote:
> Mark,
> 
> On 1/27/17 4:02 PM, ma...@apache.org wrote:
>> Author: markt
>> Date: Fri Jan 27 21:02:08 2017
>> New Revision: 1780609
>>
>> URL: http://svn.apache.org/viewvc?rev=1780609=rev
>> Log:
>> Follow-up to r1780606
>> Ensure RFC2109 cookie is created with correct version
>>
>> Modified:
>> tomcat/trunk/java/org/apache/tomcat/util/http/parser/Cookie.java
>> tomcat/trunk/test/org/apache/tomcat/util/http/TestCookies.java
>>
>> Modified: tomcat/trunk/java/org/apache/tomcat/util/http/parser/Cookie.java
>> URL: 
>> http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/http/parser/Cookie.java?rev=1780609=1780608=1780609=diff
>> ==
>> --- tomcat/trunk/java/org/apache/tomcat/util/http/parser/Cookie.java 
>> (original)
>> +++ tomcat/trunk/java/org/apache/tomcat/util/http/parser/Cookie.java Fri Jan 
>> 27 21:02:08 2017
>> @@ -145,7 +145,7 @@ public class Cookie {
>>  skipLWS(bb);
>>  byte b = bb.get();
>>  if (b == SEMICOLON_BYTE || b == COMMA_BYTE) {
>> -parseCookieRfc2109(bb, serverCookies);
>> +parseCookieRfc2109(bb, serverCookies, version - 48);
> 
> Would it be more self-documenting to subtract '0' instead of 48, there?

Probably better still to do the offset when the byte is read.

I'll fix that in a sec.

Mark

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



svn commit: r1780990 - /tomcat/trunk/test/org/apache/tomcat/jni/TestSocketServerAnyLocalAddress.java

2017-01-30 Thread markt
Author: markt
Date: Mon Jan 30 21:12:33 2017
New Revision: 1780990

URL: http://svn.apache.org/viewvc?rev=1780990=rev
Log:
Port unit test from tc-native
- update to JUnit 4
- copy Endpoint code to identify correct address for client to use when server 
listens on any port

Added:

tomcat/trunk/test/org/apache/tomcat/jni/TestSocketServerAnyLocalAddress.java   
(with props)

Added: 
tomcat/trunk/test/org/apache/tomcat/jni/TestSocketServerAnyLocalAddress.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/test/org/apache/tomcat/jni/TestSocketServerAnyLocalAddress.java?rev=1780990=auto
==
--- 
tomcat/trunk/test/org/apache/tomcat/jni/TestSocketServerAnyLocalAddress.java 
(added)
+++ 
tomcat/trunk/test/org/apache/tomcat/jni/TestSocketServerAnyLocalAddress.java 
Mon Jan 30 21:12:33 2017
@@ -0,0 +1,220 @@
+/*
+ *  Licensed to the Apache Software Foundation (ASF) under one or more
+ *  contributor license agreements.  See the NOTICE file distributed with
+ *  this work for additional information regarding copyright ownership.
+ *  The ASF licenses this file to You under the Apache License, Version 2.0
+ *  (the "License"); you may not use this file except in compliance with
+ *  the License.  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+package org.apache.tomcat.jni;
+
+import java.io.InputStream;
+import java.io.OutputStream;
+import java.net.InetAddress;
+import java.net.InetSocketAddress;
+import java.net.NetworkInterface;
+import java.util.Enumeration;
+import org.junit.After;
+import org.junit.Assert;
+import org.junit.Assume;
+import org.junit.Before;
+import org.junit.Test;
+
+/**
+ * Tests for server-side sockets using any local address (0.0.0.0 or ::).
+ */
+public class TestSocketServerAnyLocalAddress {
+
+private boolean nativeLibraryPresent = false;
+private int port = 0;
+private long serverSocket = 0;
+private long clientSocket = 0;
+
+
+@Before
+public void init() throws Exception {
+try {
+Library.initialize(null);
+nativeLibraryPresent = true;
+} catch (LibraryNotFoundError lnfe) {
+nativeLibraryPresent = false;
+}
+Assume.assumeTrue("APR Library not found", nativeLibraryPresent);
+
+long serverPool = Pool.create(0);
+long inetAddress = Address.info(null, Socket.APR_UNSPEC,
+0, 0, serverPool);
+serverSocket = Socket.create(Address.getInfo(inetAddress).family, 
Socket.SOCK_STREAM,
+   Socket.APR_PROTO_TCP, serverPool);
+if (OS.IS_UNIX) {
+Socket.optSet(serverSocket, Socket.APR_SO_REUSEADDR, 1);
+}
+int rc = Socket.bind(serverSocket, inetAddress);
+Assert.assertEquals("Can't bind: " + Error.strerror(rc), 0, rc);
+Socket.listen(serverSocket, 5);
+if (!OS.IS_UNIX) {
+Socket.optSet(serverSocket, Socket.APR_SO_REUSEADDR, 1);
+}
+long localAddress = Address.get(Socket.APR_LOCAL, serverSocket);
+port = Address.getInfo(localAddress).port;
+}
+
+
+@After
+public void destroy() {
+if (clientSocket != 0) {
+Socket.close(clientSocket);
+Socket.destroy(clientSocket);
+}
+if (serverSocket != 0) {
+Socket.close(serverSocket);
+Socket.destroy(serverSocket);
+}
+if (nativeLibraryPresent) {
+Library.terminate();
+}
+}
+
+
+@Test
+public void testWithClient() throws Exception {
+/* Start the client that connects to the server */
+Client client = new Client(serverSocket, port);
+client.start();
+
+boolean running = true;
+while (running) {
+/* Accept the client connection */
+clientSocket = Socket.accept(serverSocket);
+
+/* Configure a 2ms timeout for reading from client */
+Socket.timeoutSet(clientSocket, 1);
+
+byte [] buf = new byte[1];
+while (Socket.recv(clientSocket, buf, 0, 1) == 1) {
+// If 'A' was read, echo back 'Z'
+if (buf[0] == 'A') {
+buf[0] = 'Z';
+Socket.send(clientSocket, buf, 0, 1);
+}
+}
+if (buf[0] == 'E') {
+running = false;
+} else if (buf[0] == 'Z') {
+// NO-OP - connection closing
+} else {
+Assert.fail("Unexpected data");
+

[Bug 60362] Missing reason phrase in response

2017-01-30 Thread bugzilla
https://bz.apache.org/bugzilla/show_bug.cgi?id=60362

--- Comment #20 from Christopher Schultz  ---
(In reply to Michael Osipov from comment #16)
> (In reply to Remy Maucherat from comment #15)
> > The only good place to put all these non upgradeable IoT devices is the
> > trash.
> 
> Therefore, IoT = Internet of Trash

IoT: the 'S' stands for "security"

Please have a look at http://markmail.org/message/pqzvca26hihiysiu

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Re: svn commit: r1780609 - in /tomcat/trunk: java/org/apache/tomcat/util/http/parser/Cookie.java test/org/apache/tomcat/util/http/TestCookies.java

2017-01-30 Thread Christopher Schultz
Mark,

On 1/27/17 4:02 PM, ma...@apache.org wrote:
> Author: markt
> Date: Fri Jan 27 21:02:08 2017
> New Revision: 1780609
> 
> URL: http://svn.apache.org/viewvc?rev=1780609=rev
> Log:
> Follow-up to r1780606
> Ensure RFC2109 cookie is created with correct version
> 
> Modified:
> tomcat/trunk/java/org/apache/tomcat/util/http/parser/Cookie.java
> tomcat/trunk/test/org/apache/tomcat/util/http/TestCookies.java
> 
> Modified: tomcat/trunk/java/org/apache/tomcat/util/http/parser/Cookie.java
> URL: 
> http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/http/parser/Cookie.java?rev=1780609=1780608=1780609=diff
> ==
> --- tomcat/trunk/java/org/apache/tomcat/util/http/parser/Cookie.java 
> (original)
> +++ tomcat/trunk/java/org/apache/tomcat/util/http/parser/Cookie.java Fri Jan 
> 27 21:02:08 2017
> @@ -145,7 +145,7 @@ public class Cookie {
>  skipLWS(bb);
>  byte b = bb.get();
>  if (b == SEMICOLON_BYTE || b == COMMA_BYTE) {
> -parseCookieRfc2109(bb, serverCookies);
> +parseCookieRfc2109(bb, serverCookies, version - 48);

Would it be more self-documenting to subtract '0' instead of 48, there?

-chris



signature.asc
Description: OpenPGP digital signature


warning message - small issue

2017-01-30 Thread George Stanchev
Hello,

Let me know if you want an official bug report or this not will suffice. The 
message "jsseUtil.noVerificationDepth" which is defined in

https://svn.apache.org/repos/asf/tomcat/trunk/java/org/apache/tomcat/util/net/jsse/LocalStrings.properties

as a one arg string:

jsseUtil.noVerificationDepth=The truststoreProvider [{0}] does not support the 
certificateVerificationDepth configuration option

But the argument is never used when emitting the message. Its only usage is in

java\org\apache\tomcat\util\net\jsse\JSSEUtil.java

as follows: log.warn(sm.getString("jsseUtil.noVerificationDepth"));

I can submit a bug report or any of the devs can just fix the string (or, 
preferably the warning)

George


[GUMP@vmgump-vm3]: Project tomcat-native-trunk-make (in module tomcat-native-trunk) failed

2017-01-30 Thread Bill Barker
To whom it may engage...

This is an automated request, but not an unsolicited one. For 
more information please visit http://gump.apache.org/nagged.html, 
and/or contact the folk at gene...@gump.apache.org.

Project tomcat-native-trunk-make has an issue affecting its community 
integration.
This issue affects 3 projects.
The current state of this project is 'Failed', with reason 'Build Failed'.
For reference only, the following projects are affected by this:
- tomcat-native-trunk-make :  Tomcat native library using Apache Portable 
Runtime
- tomcat-native-trunk-make-install :  Tomcat native library using Apache 
Portable Runtime
- tomcat-trunk-test-apr :  Tomcat 9.x, a web server implementing the Java 
Servlet 4.0,
...


Full details are available at:

http://vmgump-vm3.apache.org/tomcat-native-trunk/tomcat-native-trunk-make/index.html

That said, some information snippets are provided here.

The following annotations (debug/informational/warning/error messages) were 
provided:
 -INFO- Failed with reason build failed



The following work was performed:
http://vmgump-vm3.apache.org/tomcat-native-trunk/tomcat-native-trunk-make/gump_work/build_tomcat-native-trunk_tomcat-native-trunk-make.html
Work Name: build_tomcat-native-trunk_tomcat-native-trunk-make (Type: Build)
Work ended in a state of : Failed
Elapsed: 8 secs
Command Line: make 
[Working Directory: /srv/gump/public/workspace/tomcat-native-trunk/native]
-
make[1]: Entering directory 
`/srv/gump/public/workspace/tomcat-native-trunk/native'
/bin/bash /srv/gump/public/workspace/apr-1/dest-20170130/build-1/libtool 
--silent --mode=compile gcc -g -O2 -pthread   -DHAVE_CONFIG_H  -DLINUX 
-D_REENTRANT -D_GNU_SOURCE   -g -O2 -DHAVE_OPENSSL -DHAVE_POLLSET_WAKEUP   
-I/srv/gump/public/workspace/tomcat-native-trunk/native/include 
-I/usr/lib/jvm/java-8-oracle/include -I/usr/lib/jvm/java-8-oracle/include/linux 
-I/srv/gump/public/workspace/openssl-master/dest-20170130/include  
-I/srv/gump/public/workspace/apr-1/dest-20170130/include/apr-1   -o 
src/address.lo -c src/address.c && touch src/address.lo
/bin/bash /srv/gump/public/workspace/apr-1/dest-20170130/build-1/libtool 
--silent --mode=compile gcc -g -O2 -pthread   -DHAVE_CONFIG_H  -DLINUX 
-D_REENTRANT -D_GNU_SOURCE   -g -O2 -DHAVE_OPENSSL -DHAVE_POLLSET_WAKEUP   
-I/srv/gump/public/workspace/tomcat-native-trunk/native/include 
-I/usr/lib/jvm/java-8-oracle/include -I/usr/lib/jvm/java-8-oracle/include/linux 
-I/srv/gump/public/workspace/openssl-master/dest-20170130/include  
-I/srv/gump/public/workspace/apr-1/dest-20170130/include/apr-1   -o src/bb.lo 
-c src/bb.c && touch src/bb.lo
/bin/bash /srv/gump/public/workspace/apr-1/dest-20170130/build-1/libtool 
--silent --mode=compile gcc -g -O2 -pthread   -DHAVE_CONFIG_H  -DLINUX 
-D_REENTRANT -D_GNU_SOURCE   -g -O2 -DHAVE_OPENSSL -DHAVE_POLLSET_WAKEUP   
-I/srv/gump/public/workspace/tomcat-native-trunk/native/include 
-I/usr/lib/jvm/java-8-oracle/include -I/usr/lib/jvm/java-8-oracle/include/linux 
-I/srv/gump/public/workspace/openssl-master/dest-20170130/include  
-I/srv/gump/public/workspace/apr-1/dest-20170130/include/apr-1   -o src/dir.lo 
-c src/dir.c && touch src/dir.lo
/bin/bash /srv/gump/public/workspace/apr-1/dest-20170130/build-1/libtool 
--silent --mode=compile gcc -g -O2 -pthread   -DHAVE_CONFIG_H  -DLINUX 
-D_REENTRANT -D_GNU_SOURCE   -g -O2 -DHAVE_OPENSSL -DHAVE_POLLSET_WAKEUP   
-I/srv/gump/public/workspace/tomcat-native-trunk/native/include 
-I/usr/lib/jvm/java-8-oracle/include -I/usr/lib/jvm/java-8-oracle/include/linux 
-I/srv/gump/public/workspace/openssl-master/dest-20170130/include  
-I/srv/gump/public/workspace/apr-1/dest-20170130/include/apr-1   -o 
src/error.lo -c src/error.c && touch src/error.lo
/bin/bash /srv/gump/public/workspace/apr-1/dest-20170130/build-1/libtool 
--silent --mode=compile gcc -g -O2 -pthread   -DHAVE_CONFIG_H  -DLINUX 
-D_REENTRANT -D_GNU_SOURCE   -g -O2 -DHAVE_OPENSSL -DHAVE_POLLSET_WAKEUP   
-I/srv/gump/public/workspace/tomcat-native-trunk/native/include 
-I/usr/lib/jvm/java-8-oracle/include -I/usr/lib/jvm/java-8-oracle/include/linux 
-I/srv/gump/public/workspace/openssl-master/dest-20170130/include  
-I/srv/gump/public/workspace/apr-1/dest-20170130/include/apr-1   -o src/file.lo 
-c src/file.c && touch src/file.lo
/bin/bash /srv/gump/public/workspace/apr-1/dest-20170130/build-1/libtool 
--silent --mode=compile gcc -g -O2 -pthread   -DHAVE_CONFIG_H  -DLINUX 
-D_REENTRANT -D_GNU_SOURCE   -g -O2 -DHAVE_OPENSSL -DHAVE_POLLSET_WAKEUP   
-I/srv/gump/public/workspace/tomcat-native-trunk/native/include 
-I/usr/lib/jvm/java-8-oracle/include -I/usr/lib/jvm/java-8-oracle/include/linux 
-I/srv/gump/public/workspace/openssl-master/dest-20170130/include  
-I/srv/gump/public/workspace/apr-1/dest-20170130/include/apr-1   -o src/info.lo 
-c src/info.c && touch src/info.lo
/bin/bash /srv/gump/public/workspace/apr-

[GUMP@vmgump-vm3]: Project tomcat-native-12-make (in module tomcat-native-12) failed

2017-01-30 Thread Bill Barker
To whom it may engage...

This is an automated request, but not an unsolicited one. For 
more information please visit http://gump.apache.org/nagged.html, 
and/or contact the folk at gene...@gump.apache.org.

Project tomcat-native-12-make has an issue affecting its community integration.
This issue affects 4 projects.
The current state of this project is 'Failed', with reason 'Build Failed'.
For reference only, the following projects are affected by this:
- tomcat-native-12-make :  Tomcat native library using Apache Portable 
Runtime
- tomcat-native-12-make-install :  Tomcat native library using Apache 
Portable Runtime
- tomcat-tc7.0.x-test-apr :  Tomcat 7.x, a web server implementing Java 
Servlet 3.0,
...
- tomcat-tc8.0.x-test-apr :  Tomcat 8.x, a web server implementing the Java 
Servlet 3.1,
...


Full details are available at:

http://vmgump-vm3.apache.org/tomcat-native-12/tomcat-native-12-make/index.html

That said, some information snippets are provided here.

The following annotations (debug/informational/warning/error messages) were 
provided:
 -INFO- Failed with reason build failed



The following work was performed:
http://vmgump-vm3.apache.org/tomcat-native-12/tomcat-native-12-make/gump_work/build_tomcat-native-12_tomcat-native-12-make.html
Work Name: build_tomcat-native-12_tomcat-native-12-make (Type: Build)
Work ended in a state of : Failed
Elapsed: 8 secs
Command Line: make 
[Working Directory: /srv/gump/public/workspace/tomcat-native-12/native]
-
make[1]: Entering directory `/srv/gump/public/workspace/tomcat-native-12/native'
/bin/bash /srv/gump/public/workspace/apr-1/dest-20170130/build-1/libtool 
--silent --mode=compile gcc -g -O2 -pthread   -DHAVE_CONFIG_H  -DLINUX 
-D_REENTRANT -D_GNU_SOURCE   -g -O2 -DHAVE_OPENSSL -DHAVE_POLLSET_WAKEUP   
-I/srv/gump/public/workspace/tomcat-native-12/native/include 
-I/usr/lib/jvm/java-8-oracle/include -I/usr/lib/jvm/java-8-oracle/include/linux 
-I/srv/gump/public/workspace/openssl-1.0.2/dest-20170130/include  
-I/srv/gump/public/workspace/apr-1/dest-20170130/include/apr-1   -o 
src/address.lo -c src/address.c && touch src/address.lo
/bin/bash /srv/gump/public/workspace/apr-1/dest-20170130/build-1/libtool 
--silent --mode=compile gcc -g -O2 -pthread   -DHAVE_CONFIG_H  -DLINUX 
-D_REENTRANT -D_GNU_SOURCE   -g -O2 -DHAVE_OPENSSL -DHAVE_POLLSET_WAKEUP   
-I/srv/gump/public/workspace/tomcat-native-12/native/include 
-I/usr/lib/jvm/java-8-oracle/include -I/usr/lib/jvm/java-8-oracle/include/linux 
-I/srv/gump/public/workspace/openssl-1.0.2/dest-20170130/include  
-I/srv/gump/public/workspace/apr-1/dest-20170130/include/apr-1   -o src/bb.lo 
-c src/bb.c && touch src/bb.lo
/bin/bash /srv/gump/public/workspace/apr-1/dest-20170130/build-1/libtool 
--silent --mode=compile gcc -g -O2 -pthread   -DHAVE_CONFIG_H  -DLINUX 
-D_REENTRANT -D_GNU_SOURCE   -g -O2 -DHAVE_OPENSSL -DHAVE_POLLSET_WAKEUP   
-I/srv/gump/public/workspace/tomcat-native-12/native/include 
-I/usr/lib/jvm/java-8-oracle/include -I/usr/lib/jvm/java-8-oracle/include/linux 
-I/srv/gump/public/workspace/openssl-1.0.2/dest-20170130/include  
-I/srv/gump/public/workspace/apr-1/dest-20170130/include/apr-1   -o src/dir.lo 
-c src/dir.c && touch src/dir.lo
/bin/bash /srv/gump/public/workspace/apr-1/dest-20170130/build-1/libtool 
--silent --mode=compile gcc -g -O2 -pthread   -DHAVE_CONFIG_H  -DLINUX 
-D_REENTRANT -D_GNU_SOURCE   -g -O2 -DHAVE_OPENSSL -DHAVE_POLLSET_WAKEUP   
-I/srv/gump/public/workspace/tomcat-native-12/native/include 
-I/usr/lib/jvm/java-8-oracle/include -I/usr/lib/jvm/java-8-oracle/include/linux 
-I/srv/gump/public/workspace/openssl-1.0.2/dest-20170130/include  
-I/srv/gump/public/workspace/apr-1/dest-20170130/include/apr-1   -o 
src/error.lo -c src/error.c && touch src/error.lo
/bin/bash /srv/gump/public/workspace/apr-1/dest-20170130/build-1/libtool 
--silent --mode=compile gcc -g -O2 -pthread   -DHAVE_CONFIG_H  -DLINUX 
-D_REENTRANT -D_GNU_SOURCE   -g -O2 -DHAVE_OPENSSL -DHAVE_POLLSET_WAKEUP   
-I/srv/gump/public/workspace/tomcat-native-12/native/include 
-I/usr/lib/jvm/java-8-oracle/include -I/usr/lib/jvm/java-8-oracle/include/linux 
-I/srv/gump/public/workspace/openssl-1.0.2/dest-20170130/include  
-I/srv/gump/public/workspace/apr-1/dest-20170130/include/apr-1   -o src/file.lo 
-c src/file.c && touch src/file.lo
/bin/bash /srv/gump/public/workspace/apr-1/dest-20170130/build-1/libtool 
--silent --mode=compile gcc -g -O2 -pthread   -DHAVE_CONFIG_H  -DLINUX 
-D_REENTRANT -D_GNU_SOURCE   -g -O2 -DHAVE_OPENSSL -DHAVE_POLLSET_WAKEUP   
-I/srv/gump/public/workspace/tomcat-native-12/native/include 
-I/usr/lib/jvm/java-8-oracle/include -I/usr/lib/jvm/java-8-oracle/include/linux 
-I/srv/gump/public/workspace/openssl-1.0.2/dest-20170130/include  
-I/srv/gump/public/workspace/apr-1/dest-20170130/include/apr-1   -o src/info.lo 
-c src/info.c && touch src/info.lo
/bin/bas

[Tomcat Wiki] Update of "ServletProxy" by WoonsanKo

2017-01-30 Thread Apache Wiki
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change 
notification.

The "ServletProxy" page has been changed by WoonsanKo:
https://wiki.apache.org/tomcat/ServletProxy?action=diff=8=9

  [2] http://noodle.tigris.org/, “home page – noodle”.
  
  [3] http://edwardstx.net/wiki/Wiki.jsp?page=HttpProxyServlet, “ Http proxy 
Servlet –  main page”.
+ 
+ [4] 
http://portals.apache.org/applications/webcontent2/reverse-proxy-module.html, 
“Apache Portals Web Content Application 2 - Http proxy Servlet Reverse Proxy 
Module”.
  
  [[CategoryGSOC|CategoryGSOC]]
  

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



[Tomcat Wiki] Update of "ServletProxy" by WoonsanKo

2017-01-30 Thread Apache Wiki
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change 
notification.

The "ServletProxy" page has been changed by WoonsanKo:
https://wiki.apache.org/tomcat/ServletProxy?action=diff=7=8

  
  Link: http://edwardstx.net/wiki/Wiki.jsp?page=HttpProxyServlet
  
+ ' 4)  Apache Portals WebContent-2 Reverse Proxy Module '  :   
 The Reverse Proxy Module provides the features of Reverse Proxy, and it 
consists of HTTP Client builder components (using HttpClient-4), Reverse Proxy 
Command/Chain components (using Apache Commons Chain), and built-in or 
extensible Reverse Proxy Servlets and Filters.
+ With this Reverse Proxy Module, you can configure proxy mappings with 
YAML configuration, you can rewrite content using built-in or custom content 
rewriting components, and you can even customize the processing commands in the 
chain easily.
+ This module is part of WebContent-2 portlet web application project, but 
the reverse proxy jar module has been designed and working in normal servlet 
(non-portlet) environments independently as well. For details, see 
http://portals.apache.org/applications/webcontent2/modules-overview.html.
+ 
+ Link:  
http://portals.apache.org/applications/webcontent2/reverse-proxy-module.html
+ 
  __ ''' These are only some of the existing proxies. ''' __
  
  === References : ===

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Re: svn commit: r1780929 - in /tomcat/trunk/test/org/apache/tomcat/jni: ./ TestSocketServer.java

2017-01-30 Thread Mark Thomas
On 30/01/2017 16:09, ma...@apache.org wrote:
> Author: markt
> Date: Mon Jan 30 16:09:38 2017
> New Revision: 1780929
> 
> URL: http://svn.apache.org/viewvc?rev=1780929=rev
> Log:
> Port unit test from tc-native:

This is the first part of my plan to address [1]. Next steps are:
- review and migrate the other unit test
- switch tc-native to use an external to pull in the tests in the same
  way it pulls in the code
- update the tc-native build to run the (external) JUnit 4 tests

Mark


[1] https://bz.apache.org/bugzilla/show_bug.cgi?id=58082

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



svn commit: r1780929 - in /tomcat/trunk/test/org/apache/tomcat/jni: ./ TestSocketServer.java

2017-01-30 Thread markt
Author: markt
Date: Mon Jan 30 16:09:38 2017
New Revision: 1780929

URL: http://svn.apache.org/viewvc?rev=1780929=rev
Log:
Port unit test from tc-native:
- update to JUnit 4
- split into multiple tests
- remove broken test for accept with timeout (APR does not support this)
- don't used a hard-coded port
- use latch rather than sleep to control timing

Added:
tomcat/trunk/test/org/apache/tomcat/jni/
tomcat/trunk/test/org/apache/tomcat/jni/TestSocketServer.java   (with props)

Added: tomcat/trunk/test/org/apache/tomcat/jni/TestSocketServer.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/test/org/apache/tomcat/jni/TestSocketServer.java?rev=1780929=auto
==
--- tomcat/trunk/test/org/apache/tomcat/jni/TestSocketServer.java (added)
+++ tomcat/trunk/test/org/apache/tomcat/jni/TestSocketServer.java Mon Jan 30 
16:09:38 2017
@@ -0,0 +1,232 @@
+/*
+ *  Licensed to the Apache Software Foundation (ASF) under one or more
+ *  contributor license agreements.  See the NOTICE file distributed with
+ *  this work for additional information regarding copyright ownership.
+ *  The ASF licenses this file to You under the Apache License, Version 2.0
+ *  (the "License"); you may not use this file except in compliance with
+ *  the License.  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+package org.apache.tomcat.jni;
+
+import java.io.OutputStream;
+import java.util.concurrent.CountDownLatch;
+
+import org.junit.After;
+import org.junit.Assert;
+import org.junit.Assume;
+import org.junit.Before;
+import org.junit.Test;
+
+/**
+ * Tests for server-side sockets.
+ */
+public class TestSocketServer {
+
+private static final String HOST = "localhost";
+
+private boolean nativeLibraryPresent = false;
+private int port = 0;
+private long serverSocket = 0;
+private long clientSocket = 0;
+
+
+@Before
+public void init() throws Exception {
+try {
+Library.initialize(null);
+nativeLibraryPresent = true;
+} catch (LibraryNotFoundError lnfe) {
+nativeLibraryPresent = false;
+}
+Assume.assumeTrue("APR Library not found", nativeLibraryPresent);
+
+long serverPool = Pool.create(0);
+long inetAddress = Address.info(HOST, Socket.APR_INET,
+0, 0, serverPool);
+serverSocket = Socket.create(Socket.APR_INET, Socket.SOCK_STREAM,
+   Socket.APR_PROTO_TCP, serverPool);
+if (OS.IS_UNIX) {
+Socket.optSet(serverSocket, Socket.APR_SO_REUSEADDR, 1);
+}
+int rc = Socket.bind(serverSocket, inetAddress);
+Assert.assertEquals("Can't bind: " + Error.strerror(rc), 0, rc);
+Socket.listen(serverSocket, 5);
+if (!OS.IS_UNIX) {
+Socket.optSet(serverSocket, Socket.APR_SO_REUSEADDR, 1);
+}
+
+long localAddress = Address.get(Socket.APR_LOCAL, serverSocket);
+port = Address.getInfo(localAddress).port;
+}
+
+
+@After
+public void destroy() {
+if (clientSocket != 0) {
+Socket.close(clientSocket);
+Socket.destroy(clientSocket);
+}
+if (serverSocket != 0) {
+Socket.close(serverSocket);
+Socket.destroy(serverSocket);
+}
+if (nativeLibraryPresent) {
+Library.terminate();
+}
+}
+
+
+@Test
+public void testPort() {
+Assert.assertTrue(port > 0);
+}
+
+
+@Test
+public void testBlockingReadFromClientWithTimeout() throws Exception {
+/* Start the client that connects to the server */
+Client client = new Client(port);
+client.start();
+
+/* Accept the client connection */
+clientSocket = Socket.accept(serverSocket);
+
+/* Configure a 2ms timeout for reading from client */
+Socket.timeoutSet(clientSocket, 2000);
+long timeout = Socket.timeoutGet(clientSocket);
+Assert.assertEquals("Socket.timeoutGet clientSocket failed", 2000, 
timeout);
+
+byte [] buf = new byte[1];
+long start = System.nanoTime();
+while (Socket.recv(clientSocket, buf, 0, 1) == 1) {
+}
+long wait = System.nanoTime() - start;
+Assert.assertFalse("Socket.timeoutSet failed (<1.5ms)", wait < 
150);
+Assert.assertFalse("Socket.timeoutSet failed (>5.0ms)", wait > 
500);
+
+client.countDown();
+client.join();
+}
+
+
+@Test
+public void 

[Bug 60594] RFC 7230/3986 url requirement that prevents unencoded curly braces should be optional, since it breaks existing sites

2017-01-30 Thread bugzilla
https://bz.apache.org/bugzilla/show_bug.cgi?id=60594

--- Comment #9 from Coty Sutherland  ---
Created attachment 34694
  --> https://bz.apache.org/bugzilla/attachment.cgi?id=34694=edit
whitelist proposal limiting characters with docs

OK, here's an updated whitelist patch restricting the characters that are
accepted to '{', '}', and '|'. I also included documentation for the property.

Let me know if that works better for you :)

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Re: svn commit: r1779674 - /tomcat/native/trunk/native/configure.in

2017-01-30 Thread Emmanuel Bourg
Le 24/01/2017 à 12:12, Konstantin Kolinko a écrit :

> There is a bug number for this change, 60388.  It is better to mention
> it as 60388:

Thanks I didn't notice the syntax to specify a bug number. I added it.


> The code and use of ${enableval} is OK.  I mean the help string that
> accompanies this option.
> 
> In other cases the help is formatted with AS_HELP_STRING() . In this
> case it is just plain text formatted with sequences of whitespace
> characters.

Good point, I added the AS_HELP_STRING macro for the maintainer-mode option.


> Thanks. But you did not run Apache Ant (that performs XSLT and
> generates the files in /docs directory).
> 
> Once you run it and commit the changed  /docs/whoweare.html  file, in
> a few minutes it will be visible on the live site:
> 
> http://tomcat.apache.org/whoweare.html

Ok I'll look into that.

Emmanuel Bourg


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



svn commit: r1780903 - in /tomcat/native/trunk: build.xml test/org/apache/tomcat/jni/FileTestSuite.java

2017-01-30 Thread markt
Author: markt
Date: Mon Jan 30 11:48:21 2017
New Revision: 1780903

URL: http://svn.apache.org/viewvc?rev=1780903=rev
Log:
Remove dummy test case that was never replaced with an implementation.

Removed:
tomcat/native/trunk/test/org/apache/tomcat/jni/FileTestSuite.java
Modified:
tomcat/native/trunk/build.xml

Modified: tomcat/native/trunk/build.xml
URL: 
http://svn.apache.org/viewvc/tomcat/native/trunk/build.xml?rev=1780903=1780902=1780903=diff
==
--- tomcat/native/trunk/build.xml (original)
+++ tomcat/native/trunk/build.xml Mon Jan 30 11:48:21 2017
@@ -298,13 +298,6 @@ limitations under the License.--">
 
 
 
-
-
-
-
-
-
-
 
 
 



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



svn commit: r1780900 - /tomcat/native/trunk/native/configure.in

2017-01-30 Thread ebourg
Author: ebourg
Date: Mon Jan 30 11:38:29 2017
New Revision: 1780900

URL: http://svn.apache.org/viewvc?rev=1780900=rev
Log:
Use the AS_HELP_STRING macro to format the help message of the maintainer-mode 
option

Modified:
tomcat/native/trunk/native/configure.in

Modified: tomcat/native/trunk/native/configure.in
URL: 
http://svn.apache.org/viewvc/tomcat/native/trunk/native/configure.in?rev=1780900=1780899=1780900=diff
==
--- tomcat/native/trunk/native/configure.in (original)
+++ tomcat/native/trunk/native/configure.in Mon Jan 30 11:38:29 2017
@@ -194,9 +194,8 @@ AC_SUBST(EXTRA_OS_LINK)
 dnl CFLAGS for maintainer mode
 dnl it also allows the CFLAGS environment variable.
 CFLAGS="${CFLAGS}"
-AC_ARG_ENABLE(
-maintainer-mode,
-[  --enable-maintainer-mode   Turn on debugging and compile time warnings],
+AC_ARG_ENABLE(maintainer-mode,
+[AS_HELP_STRING([--enable-maintainer-mode],[Turn on debugging and compile time 
warnings])],
 [
   case "${enableval}" in
 yes )



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



[Bug 59996] tcnative.m4 always refers to lib directory

2017-01-30 Thread bugzilla
https://bz.apache.org/bugzilla/show_bug.cgi?id=59996

Mark Thomas  changed:

   What|Removed |Added

 Status|NEW |RESOLVED
 Resolution|--- |FIXED

--- Comment #2 from Mark Thomas  ---
Fixed for 1.2.11 onwards.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



svn commit: r1780899 - in /tomcat/native/trunk: native/build/tcnative.m4 xdocs/miscellaneous/changelog.xml

2017-01-30 Thread markt
Author: markt
Date: Mon Jan 30 11:38:11 2017
New Revision: 1780899

URL: http://svn.apache.org/viewvc?rev=1780899=rev
Log:
Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=59996
Correctly handle building tc-native on a 64-bit system when using an OpenSSL 
distribution that is not in /usr. (csutherl)

Modified:
tomcat/native/trunk/native/build/tcnative.m4
tomcat/native/trunk/xdocs/miscellaneous/changelog.xml

Modified: tomcat/native/trunk/native/build/tcnative.m4
URL: 
http://svn.apache.org/viewvc/tomcat/native/trunk/native/build/tcnative.m4?rev=1780899=1780898=1780899=diff
==
--- tomcat/native/trunk/native/build/tcnative.m4 (original)
+++ tomcat/native/trunk/native/build/tcnative.m4 Mon Jan 30 11:38:11 2017
@@ -210,22 +210,23 @@ case "$use_openssl" in
 TCN_OPENSSL_LIBS="-lssl -lcrypto"
 else
 TCN_OPENSSL_INC="-I$use_openssl/include"
+test -d $use_openssl/lib64 && libdir=lib64 || libdir=lib
 case $host in
 *-solaris*)
-TCN_OPENSSL_LIBS="-L$use_openssl/lib -R$use_openssl/lib -lssl 
-lcrypto"
+TCN_OPENSSL_LIBS="-L$use_openssl/$libdir 
-R$use_openssl/$libdir -lssl -lcrypto"
 ;;
 *-hp-hpux*)
-TCN_OPENSSL_LIBS="-L$use_openssl/lib -Wl,+b: -lssl -lcrypto"
+TCN_OPENSSL_LIBS="-L$use_openssl/$libdir -Wl,+b: -lssl 
-lcrypto"
 ;;
 *linux*)
-TCN_OPENSSL_LIBS="-L$use_openssl/lib 
-Wl,-rpath,$use_openssl/lib -lssl -lcrypto"
+TCN_OPENSSL_LIBS="-L$use_openssl/$libdir 
-Wl,-rpath,$use_openssl/$libdir -lssl -lcrypto"
 ;;
 *)
-TCN_OPENSSL_LIBS="-L$use_openssl/lib -lssl -lcrypto"
+TCN_OPENSSL_LIBS="-L$use_openssl/$libdir -lssl -lcrypto"
 ;;
 esac
 fi
-AC_MSG_RESULT(using openssl from $use_openssl/lib and 
$use_openssl/include)
+AC_MSG_RESULT(using openssl from $use_openssl/$libdir and 
$use_openssl/include)
 
 saved_cflags="$CFLAGS"
 saved_libs="$LIBS"

Modified: tomcat/native/trunk/xdocs/miscellaneous/changelog.xml
URL: 
http://svn.apache.org/viewvc/tomcat/native/trunk/xdocs/miscellaneous/changelog.xml?rev=1780899=1780898=1780899=diff
==
--- tomcat/native/trunk/xdocs/miscellaneous/changelog.xml (original)
+++ tomcat/native/trunk/xdocs/miscellaneous/changelog.xml Mon Jan 30 11:38:11 
2017
@@ -37,6 +37,11 @@
 
   
 
+  59996: Correctly handle building tc-native on a 64-bit system
+  when using an OpenSSL distribution that is not in /usr.
+  (csutherl)
+
+
   60388: The --disable-maintainer-mode option of the configure
   script no longer enables the maintainer mode. (ebourg)
 



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



svn commit: r1780897 - /tomcat/native/trunk/xdocs/miscellaneous/changelog.xml

2017-01-30 Thread ebourg
Author: ebourg
Date: Mon Jan 30 11:32:39 2017
New Revision: 1780897

URL: http://svn.apache.org/viewvc?rev=1780897=rev
Log:
Mention bug 60388 in the changelog

Modified:
tomcat/native/trunk/xdocs/miscellaneous/changelog.xml

Modified: tomcat/native/trunk/xdocs/miscellaneous/changelog.xml
URL: 
http://svn.apache.org/viewvc/tomcat/native/trunk/xdocs/miscellaneous/changelog.xml?rev=1780897=1780896=1780897=diff
==
--- tomcat/native/trunk/xdocs/miscellaneous/changelog.xml (original)
+++ tomcat/native/trunk/xdocs/miscellaneous/changelog.xml Mon Jan 30 11:32:39 
2017
@@ -37,8 +37,8 @@
 
   
 
-  The --disable-maintainer-mode option of the configure script no longer
-  enables the maintainer mode. (ebourg)
+  60388: The --disable-maintainer-mode option of the configure
+  script no longer enables the maintainer mode. (ebourg)
 
   
 



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Time for a tc-native release

2017-01-30 Thread Mark Thomas
Hi,

OpenSSL has announced some vulnerabilities [1] so I plan to roll a new
tc-native release to be picked up by the next set of Tomcat releases.

I'm going to take some time to work through some of the open tc-native
issues first. My outline plan is to tag 1.2.11 in a few days.

Mark


[1] https://www.openssl.org/news/vulnerabilities.html#y2017

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



[Tomcat Wiki] Update of "ContributorsGroup" by markt

2017-01-30 Thread Apache Wiki
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change 
notification.

The "ContributorsGroup" page has been changed by markt:
https://wiki.apache.org/tomcat/ContributorsGroup?action=diff=30=31

Comment:
+= WoonsanKo

   * StevenHeckler
   * SiegfriedGoeschl
   * theimpaler
+  * WoonsanKo
  
- 

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org