[Bug 62389] Add ipv6 loopback address to the default internalProxies

2018-06-04 Thread bugzilla
https://bz.apache.org/bugzilla/show_bug.cgi?id=62389

--- Comment #3 from Konstantin Kolinko  ---
::1 should be added to the list as well, like we do for RemoteAddrValve.

When Tomcat runs with APR connector, request.getRemoteAddr() returns "::1" when
accessed from localhost. This value can be seen in access logs.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



buildbot success in on tomcat-7-trunk

2018-06-04 Thread buildbot
The Buildbot has detected a restored build on builder tomcat-7-trunk while 
building . Full details are available at:
https://ci.apache.org/builders/tomcat-7-trunk/builds/1113

Buildbot URL: https://ci.apache.org/

Buildslave for this Build: silvanus_ubuntu

Build Reason: The AnyBranchScheduler scheduler named 'on-tomcat-7-commit' 
triggered this build
Build Source Stamp: [branch tomcat/tc7.0.x/trunk] 1832895
Blamelist: markt

Build succeeded!

Sincerely,
 -The Buildbot




-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



svn commit: r1832895 - in /tomcat/tc7.0.x/trunk: ./ java/org/apache/catalina/valves/RemoteIpValve.java test/org/apache/catalina/valves/TestRemoteIpValve.java

2018-06-04 Thread markt
Author: markt
Date: Mon Jun  4 21:00:34 2018
New Revision: 1832895

URL: http://svn.apache.org/viewvc?rev=1832895=rev
Log:
Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=57926
Restore the original X-Forwarded-By and X-Forwarded-For headers after 
processing along with the other original values.

Modified:
tomcat/tc7.0.x/trunk/   (props changed)
tomcat/tc7.0.x/trunk/java/org/apache/catalina/valves/RemoteIpValve.java
tomcat/tc7.0.x/trunk/test/org/apache/catalina/valves/TestRemoteIpValve.java

Propchange: tomcat/tc7.0.x/trunk/
--
--- svn:mergeinfo (original)
+++ svn:mergeinfo Mon Jun  4 21:00:34 2018
@@ -1,3 +1,3 @@
 
/tomcat/tc8.0.x/trunk:1636525,1637336,1637685,1637709,1638726,1640089,1640276,1640349,1640363,1640366,1640642,1640672,1640674,1640689,1640884,1641001,1641065,1641067,1641375,1641638,1641723,1641726,1641729-1641730,1641736,1641988,1642669-1642670,1642698,1642701,1643205,1643215,1643217,1643230,1643232,1643273,1643285,1643329-1643330,1643511,1643513,1643521,1643539,1643571,1643581-1643582,1643635,1643655,1643738,1643964,1644018,1644333,1644525,1644954,1644992,1645014,1645360,1645456,1645627,1645642,1645686,1645903-1645904,1645908-1645909,1645913,1645920,1646458,1646460-1646462,1646735,1646738-1646741,1646744,1646746,1646748-1646755,1646757,1646759-1646760,1647043,1648816,1651420-1651422,1651844,1652926,1652939-1652940,1652973,1653798,1653817,1653841,1654042,1654161,1654736,1654767,1654787,1656592,1659907,1662986,1663265,1663278,1663325,1663535,1663567,1663679,1663997,1664175,1664321,1664872,1665061,1665086,1666027,1666395,1666503,1666506,1666560,1666570,1666581,1666759,1666967,1666988
 
,1667553-1667555,1667558,1667617,1667633,1667637,1667747,1667767,1667873,1668028,1668137,1668634,1669432,1669801,1669840,1669895-1669896,1670398,1670435,1670592,1670605-1670607,1670609,1670632,1670720,1670725,1670727,1670731,1671114,1672273,1672285,1673759,1674220,1674295,1675469,1675488,1675595,1675831,1676232,1676367-1676369,1676382,1676394,1676483,1676556,1676635,1678178,1679536,1679988,1680256,1681124,1681182,1681703,1681730,1681840,1681864,1681869,1682010,1682034,1682047,1682052-1682053,1682062,1682064,1682070,1682312,1682325,1682331,1682386,1684367,1684385,1685759,1685774,1685827,1685892,1687341,1688904,1689358,1689657,1689921,1692850,1693093,1693108,1693324,1694060,1694115,1694291,1694427,1694431,1694503,1694549,1694789,1694873,1694881,1695356,1695372,1695823-1695825,1696200,1696281,1696379,1696468,1700608,1700871,1700897,1700978,1701094,1701124,1701608,1701668,1701676,1701766,1701944,1702248,1702252,1702314,1702390,1702723,1702725,1702728,1702730,1702733,1702735,1702737,1702
 
739,1702742,1702744,1702748,1702751,1702754,1702758,1702760,1702763,1702766,1708779,1708782,1708806,1709314,1709670,1710347,1710442,1710448,1710490,1710574,1710578,1712226,1712229,1712235,1712255,1712618,1712649,1712655,1712860,1712899,1712903,1712906,1712913,1712926,1712975,1713185,1713262,1713287,1713613,1713621,1713872,1713976,1713994,1713998,1714004,1714013,1714059,1714538,1714580,1715189,1715207,1715544,1715549,1715637,1715639-1715645,1715667,1715683,1715866,1715978,1715981,1716216-1716217,1716355,1716414,1716421,1717208-1717209,1717257,1717283,1717288,1717291,1717421,1717517,1717529,1718797,1718840-1718843,1719348,1719357-1719358,1719400,1719491,1719737,1720235,1720396,1720442,1720446,1720450,1720463,1720658-1720660,1720756,1720816,1721813,1721818,1721831,1721861,1721867,1721882,1722523,1722527,1722800,1722926,1722941,1722997,1723130,1723440,1723488,1723890,1724434,1724674,1724792,1724803,1724902,1725128,1725131,1725154,1725167,1725911,1725921,1725929,1725963-1725965,1725970,1
 
725974,1726171-1726173,1726175,1726179-1726182,1726190-1726191,1726195-1726200,1726203,1726226,1726576,1726630,1726992,1727029,1727037,1727671,1727676,1727900,1728028,1728092,1728439,1728449,1729186,1729362,1731009,1731303,1731867,1731872,1731874,1731876,1731885,1731947,1731955,1731959,1731977,1731984,1732360,1732490,1732672,1732902,1733166,1733603,1733619,1733735,1733752,1733764,1733915,1733941,1733964,1734115,1734133,1734261,1734421,1734531,1736286,1737967,1738173,1738182,1738992,1739039,1739089-1739091,1739294,1739777,1739821,1739981,1740513,1740726,1741019,1741162,1741217,1743647,1743681,1744152,1744272,1746732,1746750,1752739,1754615,1755886,1756018,1758563,1759565,1761686,1762173,1762206,1766280,1767507-1767508,1767653,1767656,1769267,1772949,1773521,1773527,1774104,1777015,1777213,1779330,1783151,1784188,1784966,1785670,1786846,1788260,1788999,1789140,1789402,1791529,1791559,1795291,1796906,1797523,1799214,1800998-1800999,1801003,1801007-1801008,1801017,1801020,1802808,180281
 

buildbot failure in on tomcat-7-trunk

2018-06-04 Thread buildbot
The Buildbot has detected a new failure on builder tomcat-7-trunk while 
building . Full details are available at:
https://ci.apache.org/builders/tomcat-7-trunk/builds/1112

Buildbot URL: https://ci.apache.org/

Buildslave for this Build: silvanus_ubuntu

Build Reason: The AnyBranchScheduler scheduler named 'on-tomcat-7-commit' 
triggered this build
Build Source Stamp: [branch tomcat/tc7.0.x/trunk] 1832885
Blamelist: markt

BUILD FAILED: failed compile_1

Sincerely,
 -The Buildbot




-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



svn commit: r1832885 - in /tomcat/tc7.0.x/trunk: ./ java/org/apache/catalina/filters/ java/org/apache/catalina/valves/ test/org/apache/catalina/filters/ test/org/apache/catalina/valves/ webapps/docs/

2018-06-04 Thread markt
Author: markt
Date: Mon Jun  4 19:02:26 2018
New Revision: 1832885

URL: http://svn.apache.org/viewvc?rev=1832885=rev
Log:
Correctly handle the case when the request passes through one or more 
trustedProxies but no internalProxies.
Based on a patch by zhanhb

Modified:
tomcat/tc7.0.x/trunk/   (props changed)
tomcat/tc7.0.x/trunk/java/org/apache/catalina/filters/RemoteIpFilter.java
tomcat/tc7.0.x/trunk/java/org/apache/catalina/valves/RemoteIpValve.java

tomcat/tc7.0.x/trunk/test/org/apache/catalina/filters/TestRemoteIpFilter.java
tomcat/tc7.0.x/trunk/test/org/apache/catalina/valves/TestRemoteIpValve.java
tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml

Propchange: tomcat/tc7.0.x/trunk/
--
--- svn:mergeinfo (original)
+++ svn:mergeinfo Mon Jun  4 19:02:26 2018
@@ -1,3 +1,3 @@
 
/tomcat/tc8.0.x/trunk:1636525,1637336,1637685,1637709,1638726,1640089,1640276,1640349,1640363,1640366,1640642,1640672,1640674,1640689,1640884,1641001,1641065,1641067,1641375,1641638,1641723,1641726,1641729-1641730,1641736,1641988,1642669-1642670,1642698,1642701,1643205,1643215,1643217,1643230,1643232,1643273,1643285,1643329-1643330,1643511,1643513,1643521,1643539,1643571,1643581-1643582,1643635,1643655,1643738,1643964,1644018,1644333,1644525,1644954,1644992,1645014,1645360,1645456,1645627,1645642,1645686,1645903-1645904,1645908-1645909,1645913,1645920,1646458,1646460-1646462,1646735,1646738-1646741,1646744,1646746,1646748-1646755,1646757,1646759-1646760,1647043,1648816,1651420-1651422,1651844,1652926,1652939-1652940,1652973,1653798,1653817,1653841,1654042,1654161,1654736,1654767,1654787,1656592,1659907,1662986,1663265,1663278,1663325,1663535,1663567,1663679,1663997,1664175,1664321,1664872,1665061,1665086,1666027,1666395,1666503,1666506,1666560,1666570,1666581,1666759,1666967,1666988
 
,1667553-1667555,1667558,1667617,1667633,1667637,1667747,1667767,1667873,1668028,1668137,1668634,1669432,1669801,1669840,1669895-1669896,1670398,1670435,1670592,1670605-1670607,1670609,1670632,1670720,1670725,1670727,1670731,1671114,1672273,1672285,1673759,1674220,1674295,1675469,1675488,1675595,1675831,1676232,1676367-1676369,1676382,1676394,1676483,1676556,1676635,1678178,1679536,1679988,1680256,1681124,1681182,1681703,1681730,1681840,1681864,1681869,1682010,1682034,1682047,1682052-1682053,1682062,1682064,1682070,1682312,1682325,1682331,1682386,1684367,1684385,1685759,1685774,1685827,1685892,1687341,1688904,1689358,1689657,1689921,1692850,1693093,1693108,1693324,1694060,1694115,1694291,1694427,1694431,1694503,1694549,1694789,1694873,1694881,1695356,1695372,1695823-1695825,1696200,1696281,1696379,1696468,1700608,1700871,1700897,1700978,1701094,1701124,1701608,1701668,1701676,1701766,1701944,1702248,1702252,1702314,1702390,1702723,1702725,1702728,1702730,1702733,1702735,1702737,1702
 
739,1702742,1702744,1702748,1702751,1702754,1702758,1702760,1702763,1702766,1708779,1708782,1708806,1709314,1709670,1710347,1710442,1710448,1710490,1710574,1710578,1712226,1712229,1712235,1712255,1712618,1712649,1712655,1712860,1712899,1712903,1712906,1712913,1712926,1712975,1713185,1713262,1713287,1713613,1713621,1713872,1713976,1713994,1713998,1714004,1714013,1714059,1714538,1714580,1715189,1715207,1715544,1715549,1715637,1715639-1715645,1715667,1715683,1715866,1715978,1715981,1716216-1716217,1716355,1716414,1716421,1717208-1717209,1717257,1717283,1717288,1717291,1717421,1717517,1717529,1718797,1718840-1718843,1719348,1719357-1719358,1719400,1719491,1719737,1720235,1720396,1720442,1720446,1720450,1720463,1720658-1720660,1720756,1720816,1721813,1721818,1721831,1721861,1721867,1721882,1722523,1722527,1722800,1722926,1722941,1722997,1723130,1723440,1723488,1723890,1724434,1724674,1724792,1724803,1724902,1725128,1725131,1725154,1725167,1725911,1725921,1725929,1725963-1725965,1725970,1
 
725974,1726171-1726173,1726175,1726179-1726182,1726190-1726191,1726195-1726200,1726203,1726226,1726576,1726630,1726992,1727029,1727037,1727671,1727676,1727900,1728028,1728092,1728439,1728449,1729186,1729362,1731009,1731303,1731867,1731872,1731874,1731876,1731885,1731947,1731955,1731959,1731977,1731984,1732360,1732490,1732672,1732902,1733166,1733603,1733619,1733735,1733752,1733764,1733915,1733941,1733964,1734115,1734133,1734261,1734421,1734531,1736286,1737967,1738173,1738182,1738992,1739039,1739089-1739091,1739294,1739777,1739821,1739981,1740513,1740726,1741019,1741162,1741217,1743647,1743681,1744152,1744272,1746732,1746750,1752739,1754615,1755886,1756018,1758563,1759565,1761686,1762173,1762206,1766280,1767507-1767508,1767653,1767656,1769267,1772949,1773521,1773527,1774104,1777015,1777213,1779330,1783151,1784188,1784966,1785670,1786846,1788260,1788999,1789140,1789402,1791529,1791559,1795291,1796906,1797523,1799214,1800998-1800999,1801003,1801007-1801008,1801017,1801020,1802808,180281
 

svn commit: r1832884 - in /tomcat/tc8.0.x/trunk: ./ java/org/apache/catalina/filters/ java/org/apache/catalina/valves/ test/org/apache/catalina/filters/ test/org/apache/catalina/valves/ webapps/docs/

2018-06-04 Thread markt
Author: markt
Date: Mon Jun  4 19:01:26 2018
New Revision: 1832884

URL: http://svn.apache.org/viewvc?rev=1832884=rev
Log:
Correctly handle the case when the request passes through one or more 
trustedProxies but no internalProxies.
Based on a patch by zhanhb

Modified:
tomcat/tc8.0.x/trunk/   (props changed)
tomcat/tc8.0.x/trunk/java/org/apache/catalina/filters/RemoteIpFilter.java
tomcat/tc8.0.x/trunk/java/org/apache/catalina/valves/RemoteIpValve.java

tomcat/tc8.0.x/trunk/test/org/apache/catalina/filters/TestRemoteIpFilter.java
tomcat/tc8.0.x/trunk/test/org/apache/catalina/valves/TestRemoteIpValve.java
tomcat/tc8.0.x/trunk/webapps/docs/changelog.xml

Propchange: tomcat/tc8.0.x/trunk/
--
--- svn:mergeinfo (original)
+++ svn:mergeinfo Mon Jun  4 19:01:26 2018
@@ -1,2 +1,2 @@
 
/tomcat/tc8.5.x/trunk:1735042,1737966,1743139-1743140,1744151,1747537,1747925,1748002,1754614,1754643,1762124,1762183,1762203,1763792,1772948,1777014,1779719,1779898,1782037,1782240,1782386-1782387,1785669,1786845,1788249,1788324,1788905,1789216,1789335,1791528,1791558,1796697-1796698,1797521,1798543,1799162,1800143,1801693,1802805,1806799,1807079-1807080,1808880,1809831,1812093,1812143,1812145,1812319,1814975,1815945,1815956,1820207,1822186,1823164,1823497,1824960,1826872-1826873,1827862,1829310,1829777,1829796,1829935,1830215,1830991,1831042,1831557,1831569,1832269,1832271,1832693
-/tomcat/trunk:1636524,1637156,1637176,1637188,1637331,1637684,1637695,1637890,1637892,1638720-1638725,1639653,1640010,1640083-1640084,1640088,1640275,1640322,1640347,1640361,1640365,1640403,1640410,1640652,1640655-1640658,1640688,1640700-1640883,1640903,1640976,1640978,1641000,1641026,1641038-1641039,1641051-1641052,1641058,1641064,1641300,1641369,1641374,1641380,1641486,1641634,1641656-1641692,1641704,1641707-1641718,1641720-1641722,1641735,1641981,1642233,1642280,1642554,1642564,1642595,1642606,1642668,1642679,1642697,1642699,1642766,1643002,1643045,1643054-1643055,1643066,1643121,1643128,1643206,1643209-1643210,1643216,1643249,1643270,1643283,1643309-1643310,1643323,1643365-1643366,1643370-1643371,1643465,1643474,1643536,1643570,1643634,1643649,1643651,1643654,1643675,1643731,1643733-1643734,1643761,1643766,1643814,1643937,1643963,1644017,1644169,1644201-1644203,1644321,1644323,1644516,1644523,1644529,1644535,1644730,1644768,1644784-1644785,1644790,1644793,1644815,1644884,1644886
 
,1644890,1644892,1644910,1644924,1644929-1644930,1644935,1644989,1645011,1645247,1645355,1645357-1645358,1645455,1645465,1645469,1645471,1645473,1645475,1645486-1645488,1645626,1645641,1645685,1645743,1645763,1645951-1645953,1645955,1645993,1646098-1646106,1646178,1646220,1646302,1646304,1646420,1646470-1646471,1646476,1646559,1646717-1646723,1646773,1647026,1647042,1647530,1647655,1648304,1648815,1648907,1649973,1650081,1650365,1651116,1651120,1651280,1651470,1652938,1652970,1653041,1653471,1653550,1653574,1653797,1653815-1653816,1653819,1653840,1653857,1653888,1653972,1654013,1654030,1654050,1654123,1654148,1654159,1654513,1654515,1654517,1654522,1654524,1654725,1654735,1654766,1654785,1654851-1654852,1654978,1655122-1655124,1655126-1655127,1655129-1655130,1655132-1655133,1655312,1655351,1655438,1655441,1655454,168,1656087,1656299,1656319,1656331,1656345,1656350,1656590,1656648-1656650,1656657,1657041,1657054,1657374,1657492,1657510,1657565,1657580,1657584,1657586,1657589,1657
 
592,1657607,1657609,1657682,1657907,1658207,1658734,1658781,1658790,1658799,1658802,1658804,1658833,1658840,1658966,1659043,1659053,1659059,1659174,1659184,1659188-1659189,1659216,1659263,1659293,1659304,1659306-1659307,1659382,1659384,1659428,1659471,1659486,1659505,1659516,1659521,1659524,1659559,1659562,1659803,1659806,1659814,1659833,1659862,1659905,1659919,1659948,1659967,1659983-1659984,1660060,1660074,1660077,1660133,1660168,1660331-1660332,1660353,1660358,1660924,1661386,1661770,1661867,1661972,1661990,1662200,1662308-1662309,1662548,1662614,1662696,1662736,1662985,1662988-1662989,1663264,1663277,1663298,1663534,1663562,1663676,1663715,1663754,1663768,1663772,1663781,1663893,1663995,1664143,1664163,1664174,1664301,1664317,1664347,1664657,1664659,1664710,1664863-1664864,1664866,1665085,1665292,1665559,1665653,1665661,1665672,1665694,1665697,1665736,1665779,1665976-1665977,1665980-1665981,1665985-1665986,1665989,1665998,1666004,1666008,1666013,1666017,1666024,1666116,1666386-1
 

svn commit: r1832883 - in /tomcat/tc8.5.x/trunk: ./ java/org/apache/catalina/filters/ java/org/apache/catalina/valves/ test/org/apache/catalina/filters/ test/org/apache/catalina/valves/ webapps/docs/

2018-06-04 Thread markt
Author: markt
Date: Mon Jun  4 18:59:46 2018
New Revision: 1832883

URL: http://svn.apache.org/viewvc?rev=1832883=rev
Log:
Correctly handle the case when the request passes through one or more 
trustedProxies but no internalProxies.
Based on a patch by zhanhb

Modified:
tomcat/tc8.5.x/trunk/   (props changed)
tomcat/tc8.5.x/trunk/java/org/apache/catalina/filters/RemoteIpFilter.java
tomcat/tc8.5.x/trunk/java/org/apache/catalina/valves/RemoteIpValve.java

tomcat/tc8.5.x/trunk/test/org/apache/catalina/filters/TestRemoteIpFilter.java
tomcat/tc8.5.x/trunk/test/org/apache/catalina/valves/TestRemoteIpValve.java
tomcat/tc8.5.x/trunk/webapps/docs/changelog.xml

Propchange: tomcat/tc8.5.x/trunk/
--
--- svn:mergeinfo (original)
+++ svn:mergeinfo Mon Jun  4 18:59:46 2018
@@ -1,2 +1,2 @@
 /tomcat/tc8.0.x/trunk:1809644
-/tomcat/trunk:1734785,1734799,1734845,1734928,1735041,1735044,1735480,1735577,1735597,1735599-1735600,1735615,1736145,1736162,1736209,1736280,1736297,1736299,1736489,1736646,1736703,1736836,1736849,1737104-1737105,1737112,1737117,1737119-1737120,1737155,1737157,1737192,1737280,1737339,1737632,1737664,1737715,1737748,1737785,1737834,1737860,1737903,1737959,1738005,1738007,1738014-1738015,1738018,1738022,1738039,1738043,1738059-1738060,1738147,1738149,1738174-1738175,1738261,1738589,1738623-1738625,1738643,1738816,1738850,1738855,1738946-1738948,1738953-1738954,1738979,1738982,1739079-1739081,1739087,1739113,1739153,1739172,1739176,1739191,1739474,1739492,1739726,1739762,1739775,1739814,1739817-1739818,1739975,1740131,1740324,1740465,1740495,1740508-1740509,1740520,1740535,1740707,1740803,1740810,1740969,1740980,1740991,1740997,1741015,1741033,1741036,1741058,1741060,1741080,1741147,1741159,1741164,1741173,1741181,1741190,1741197,1741202,1741208,1741213,1741221,1741225,1741232,1741409
 
,1741501,1741677,1741892,1741896,1741984,1742023,1742042,1742071,1742090,1742093,1742101,1742105,1742111,1742139,1742146,1742148,1742166,1742181,1742184,1742187,1742246,1742248-1742251,1742263-1742264,1742268,1742276,1742369,1742387,1742448,1742509-1742512,1742917,1742919,1742933,1742975-1742976,1742984,1742986,1743019,1743115,1743117,1743124-1743125,1743134,1743425,1743554,1743679,1743696-1743698,1743700-1743701,1744058,1744064-1744065,1744125,1744149,1744194,1744229,1744270,1744323,1744432,1744684,1744697,1744705,1744713,1744760,1744786,1745083,1745142-1745143,1745145,1745177,1745179-1745180,1745227,1745248,1745254,1745337,1745467,1745473,1745535,1745576,1745735,1745744,1746304,1746306-1746307,1746319,1746327,1746338,1746340-1746341,1746344,1746427,1746441,1746473,1746490,1746492,1746495-1746496,1746499-1746501,1746503-1746507,1746509,1746549,1746551,1746554,1746556,1746558,1746584,1746620,1746649,1746724,1746939,1746989,1747014,1747028,1747035,1747210,1747225,1747234,1747253,1747
 
404,1747506,1747536,1747924,1747980,1747993,1748001,1748253,1748452,1748547,1748629,1748676,1748715,1749287,1749296,1749328,1749373,1749465,1749506,1749508,1749665-1749666,1749763,1749865-1749866,1749898,1749978,1749980,1750011,1750015,1750056,1750480,1750617,1750634,1750692,1750697,1750700,1750703,1750707,1750714,1750718,1750723,1750774,1750899,1750975,1750995,1751061,1751097,1751173,1751438,1751447,1751463,1751702,1752212,1752737,1752745,1753078,1753080,1753358,1753363,1754111,1754140-1754141,1754281,1754310,1754445,1754467,1754494,1754496,1754528,1754532-1754533,1754613,1754714,1754874,1754941,1754944,1754950-1754951,1755005,1755007,1755009,1755132,1755180-1755181,1755185,1755190,1755204-1755206,1755208,1755214,1755224,1755227,1755230,1755629,1755646-1755647,1755650,1755653,1755675,1755680,1755683,1755693,1755717,1755731-1755737,1755812,1755828,1755884,1755890,1755918-1755919,1755942,1755958,1755960,1755970,1755993,1756013,1756019,1756039,1756056,1756083-1756114,1756175,1756288-1
 
756289,1756408-1756410,1756778,1756798,1756878,1756898,1756939,1757123-1757124,1757126,1757128,1757132-1757133,1757136,1757145,1757167-1757168,1757175,1757180,1757182,1757195,1757271,1757278,1757347,1757353-1757354,1757363,1757374,1757399,1757406,1757408,1757485,1757495,1757499,1757527,1757578,1757684,1757722,1757727,1757790,1757799,1757813,1757853,1757883,1757903,1757976,1757997,1758000,1758058,1758072-1758075,1758078-1758079,1758223,1758257,1758261,1758276,1758292,1758369,1758378-1758383,1758421,1758423,1758425-1758427,1758430,1758443,1758448,1758459,1758483,1758486-1758487,1758499,1758525,1758556,1758580,1758582,1758584,1758588,1758842,1759019,1759212,1759224,1759227,1759252,1759274,1759513-1759516,1759611,1759757,1759785-1759790,1760005,1760022,1760109-1760110,1760135,1760200-1760201,1760227,1760300,1760397,1760446,1760454,1760640,1760648,1761057,1761422,1761491,1761498,1761500-1761501,1761550,1761553,1761572,1761574,1761625-1761626,1761628,1761682,1761740,1761752,1762051-176205
 

[GitHub] tomcat pull request #45: Update RemoteIpValve.java

2018-06-04 Thread asfgit
Github user asfgit closed the pull request at:

https://github.com/apache/tomcat/pull/45


---

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



svn commit: r1832882 - in /tomcat/trunk: java/org/apache/catalina/filters/ java/org/apache/catalina/valves/ test/org/apache/catalina/filters/ test/org/apache/catalina/valves/ webapps/docs/

2018-06-04 Thread markt
Author: markt
Date: Mon Jun  4 18:57:59 2018
New Revision: 1832882

URL: http://svn.apache.org/viewvc?rev=1832882=rev
Log:
Correctly handle the case when the request passes through one or more 
trustedProxies but no internalProxies.
Based on a patch by zhanhb
This closes #45

Modified:
tomcat/trunk/java/org/apache/catalina/filters/RemoteIpFilter.java
tomcat/trunk/java/org/apache/catalina/valves/RemoteIpValve.java
tomcat/trunk/test/org/apache/catalina/filters/TestRemoteIpFilter.java
tomcat/trunk/test/org/apache/catalina/valves/TestRemoteIpValve.java
tomcat/trunk/webapps/docs/changelog.xml

Modified: tomcat/trunk/java/org/apache/catalina/filters/RemoteIpFilter.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/filters/RemoteIpFilter.java?rev=1832882=1832881=1832882=diff
==
--- tomcat/trunk/java/org/apache/catalina/filters/RemoteIpFilter.java (original)
+++ tomcat/trunk/java/org/apache/catalina/filters/RemoteIpFilter.java Mon Jun  
4 18:57:59 2018
@@ -67,7 +67,8 @@ import org.apache.juli.logging.LogFactor
  * This servlet filter proceeds as follows:
  * 
  * 
- * If the incoming request.getRemoteAddr() matches the servlet 
filter's list of internal proxies :
+ * If the incoming request.getRemoteAddr() matches the servlet
+ * filter's list of internal or trusted proxies:
  * 
  * 
  * Loop on the comma delimited list of IPs and hostnames passed by the 
preceding load balancer or proxy in the given request's Http
@@ -761,8 +762,11 @@ public class RemoteIpFilter extends Gene
 
 public void doFilter(HttpServletRequest request, HttpServletResponse 
response, FilterChain chain) throws IOException, ServletException {
 
-if (internalProxies != null &&
-internalProxies.matcher(request.getRemoteAddr()).matches()) {
+boolean isInternal = internalProxies != null &&
+internalProxies.matcher(request.getRemoteAddr()).matches();
+
+if (isInternal || (trustedProxies != null &&
+trustedProxies.matcher(request.getRemoteAddr()).matches())) {
 String remoteIp = null;
 // In java 6, proxiesHeaderValue should be declared as a 
java.util.Deque
 LinkedList proxiesHeaderValue = new LinkedList<>();
@@ -778,11 +782,14 @@ public class RemoteIpFilter extends Gene
 
 String[] remoteIpHeaderValue = 
commaDelimitedListToStringArray(concatRemoteIpHeaderValue.toString());
 int idx;
+if (!isInternal) {
+proxiesHeaderValue.addFirst(request.getRemoteAddr());
+}
 // loop on remoteIpHeaderValue to find the first trusted remote ip 
and to build the proxies chain
 for (idx = remoteIpHeaderValue.length - 1; idx >= 0; idx--) {
 String currentRemoteIp = remoteIpHeaderValue[idx];
 remoteIp = currentRemoteIp;
-if (internalProxies.matcher(currentRemoteIp).matches()) {
+if (internalProxies !=null && 
internalProxies.matcher(currentRemoteIp).matches()) {
 // do nothing, internalProxies IPs are not appended to the
 } else if (trustedProxies != null &&
 trustedProxies.matcher(currentRemoteIp).matches()) {

Modified: tomcat/trunk/java/org/apache/catalina/valves/RemoteIpValve.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/valves/RemoteIpValve.java?rev=1832882=1832881=1832882=diff
==
--- tomcat/trunk/java/org/apache/catalina/valves/RemoteIpValve.java (original)
+++ tomcat/trunk/java/org/apache/catalina/valves/RemoteIpValve.java Mon Jun  4 
18:57:59 2018
@@ -47,7 +47,8 @@ import org.apache.tomcat.util.http.MimeH
  * This valve proceeds as follows:
  * 
  * 
- * If the incoming request.getRemoteAddr() matches the valve's 
list of internal proxies :
+ * If the incoming request.getRemoteAddr() matches the valve's 
list
+ * of internal or trusted proxies:
  * 
  * 
  * Loop on the comma delimited list of IPs and hostnames passed by the 
preceding load balancer or proxy in the given request's Http
@@ -572,9 +573,11 @@ public class RemoteIpValve extends Valve
 final int originalServerPort = request.getServerPort();
 final String originalProxiesHeader = request.getHeader(proxiesHeader);
 final String originalRemoteIpHeader = 
request.getHeader(remoteIpHeader);
+boolean isInternal = internalProxies != null &&
+internalProxies.matcher(originalRemoteAddr).matches();
 
-if (internalProxies !=null &&
-internalProxies.matcher(originalRemoteAddr).matches()) {
+if (isInternal || (trustedProxies != null &&
+trustedProxies.matcher(originalRemoteAddr).matches())) {
 String remoteIp = null;
 // In java 6, 

[Bug 56148] support (multiple) ocsp stapling

2018-06-04 Thread bugzilla
https://bz.apache.org/bugzilla/show_bug.cgi?id=56148

--- Comment #3 from Christopher Schultz  ---
Looks like Java 9 has OCSP stapling[1]. See slide 47. Looks like you can just
set a system preference and magically you get OCSP stapling.

[1]
https://cdn.app.compendium.com/uploads/user/e7c690e8-6ff9-102a-ac6d-e4aebca50425/f4a5b21d-66fa-4885-92bf-c4e81c06d916/File/3c93ea22f64e8a22f67d65c46613c466/j1_2015_con6710.pdf

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



[Bug 62122] undefined symbol: SSL_COMP_free_compression_methods

2018-06-04 Thread bugzilla
https://bz.apache.org/bugzilla/show_bug.cgi?id=62122

Christopher Schultz  changed:

   What|Removed |Added

 Status|RESOLVED|REOPENED
 Resolution|INVALID |---

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



[Bug 62122] undefined symbol: SSL_COMP_free_compression_methods

2018-06-04 Thread bugzilla
https://bz.apache.org/bugzilla/show_bug.cgi?id=62122

--- Comment #3 from Christopher Schultz  ---
Re-opening original BZ issue.

Seems like this needs to be fixed by capping the OpenSSL version number used in
the #ifdef.

jballon, would you mind actually testing your proposed solution?

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



[Bug 62428] undefined symbol: SSL_COMP_free_compression_methods

2018-06-04 Thread bugzilla
https://bz.apache.org/bugzilla/show_bug.cgi?id=62428

Christopher Schultz  changed:

   What|Removed |Added

 Resolution|--- |DUPLICATE
 Status|NEW |RESOLVED

--- Comment #1 from Christopher Schultz  ---


*** This bug has been marked as a duplicate of bug 62122 ***

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



[Bug 62122] undefined symbol: SSL_COMP_free_compression_methods

2018-06-04 Thread bugzilla
https://bz.apache.org/bugzilla/show_bug.cgi?id=62122

--- Comment #2 from Christopher Schultz  ---
*** Bug 62428 has been marked as a duplicate of this bug. ***

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



[Bug 62428] undefined symbol: SSL_COMP_free_compression_methods

2018-06-04 Thread bugzilla
https://bz.apache.org/bugzilla/show_bug.cgi?id=62428

jbal...@akamai.com changed:

   What|Removed |Added

 OS|Mac OS X 10.1   |Linux

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



[Bug 62428] New: undefined symbol: SSL_COMP_free_compression_methods

2018-06-04 Thread bugzilla
https://bz.apache.org/bugzilla/show_bug.cgi?id=62428

Bug ID: 62428
   Summary: undefined symbol: SSL_COMP_free_compression_methods
   Product: Tomcat Native
   Version: 1.2.14
  Hardware: PC
OS: Mac OS X 10.1
Status: NEW
  Severity: normal
  Priority: P2
 Component: Library
  Assignee: dev@tomcat.apache.org
  Reporter: jbal...@akamai.com
  Target Milestone: ---

Refiling ticket since it was "RESOLVED INVALID" which I disagree with.

As per Bug 62122, the SSL_COMP_free_compression_methods was deprecated and the
use of needs to be removed from Tomcat Native or needs to restricted to
specific versions of OpenSSL if it is not going to be removed.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



[Bug 62420] Documents

2018-06-04 Thread bugzilla
https://bz.apache.org/bugzilla/show_bug.cgi?id=62420

Coty Sutherland  changed:

   What|Removed |Added

 Resolution|WORKSFORME  |INVALID

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



[Bug 62420] Documents

2018-06-04 Thread bugzilla
https://bz.apache.org/bugzilla/show_bug.cgi?id=62420

jfclere  changed:

   What|Removed |Added

 Resolution|--- |WORKSFORME
 Status|NEW |RESOLVED

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



[Bug 62122] undefined symbol: SSL_COMP_free_compression_methods

2018-06-04 Thread bugzilla
https://bz.apache.org/bugzilla/show_bug.cgi?id=62122

jfclere  changed:

   What|Removed |Added

 Resolution|--- |INVALID
 Status|NEW |RESOLVED

--- Comment #1 from jfclere  ---
per openssl doc it says it is deprecated and do nothing, so I close the bug.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



[Bug 62094] Certificate verification using CRL with Tomcat APR connector does not work

2018-06-04 Thread bugzilla
https://bz.apache.org/bugzilla/show_bug.cgi?id=62094

--- Comment #2 from jfclere  ---
a diff -u would be more easy to review... I can't find CRL  FIX in the
attachement

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



[Bug 62221] OCSP response processing uses always the first entry in the response

2018-06-04 Thread bugzilla
https://bz.apache.org/bugzilla/show_bug.cgi?id=62221

jfclere  changed:

   What|Removed |Added

 Status|NEW |RESOLVED
 Resolution|--- |FIXED

--- Comment #2 from jfclere  ---
Fixed in trunk will in 1.2.17

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



svn commit: r1832863 - /tomcat/native/trunk/native/src/sslutils.c

2018-06-04 Thread jfclere
Author: jfclere
Date: Mon Jun  4 16:02:26 2018
New Revision: 1832863

URL: http://svn.apache.org/viewvc?rev=1832863=rev
Log:
follow up for r1832832... more mod_ssl arrangements.

Modified:
tomcat/native/trunk/native/src/sslutils.c

Modified: tomcat/native/trunk/native/src/sslutils.c
URL: 
http://svn.apache.org/viewvc/tomcat/native/trunk/native/src/sslutils.c?rev=1832863=1832862=1832863=diff
==
--- tomcat/native/trunk/native/src/sslutils.c (original)
+++ tomcat/native/trunk/native/src/sslutils.c Mon Jun  4 16:02:26 2018
@@ -532,7 +532,7 @@ static int ssl_verify_OCSP(int ok, X509_
 break;
 case OCSP_STATUS_UNKNOWN:
 /* correct error code for application errors? */
-// X509_STORE_CTX_set_error(ctx, 
X509_V_ERR_APPLICATION_VERIFICATION);
+X509_STORE_CTX_set_error(ctx, X509_V_ERR_APPLICATION_VERIFICATION);
 break;
 }
 }
@@ -1010,11 +1010,12 @@ end:
 /* Process the OCSP_RESPONSE and returns the corresponding
answert according to the status.
 */
-static int process_ocsp_response(OCSP_RESPONSE *ocsp_resp)
+static int process_ocsp_response(OCSP_RESPONSE *ocsp_resp, X509 *cert, X509 
*issuer)
 {
 int r, o = V_OCSP_CERTSTATUS_UNKNOWN, i;
 OCSP_BASICRESP *bs;
 OCSP_SINGLERESP *ss;
+OCSP_CERTID *certid;
 
 r = OCSP_response_status(ocsp_resp);
 
@@ -1024,7 +1025,13 @@ static int process_ocsp_response(OCSP_RE
 }
 bs = OCSP_response_get1_basic(ocsp_resp);
 
-ss = OCSP_resp_get0(bs,0); /* we know we have only 1 request */
+certid = OCSP_cert_to_id(NULL, cert, issuer);
+if (certid == NULL) {
+OCSP_RESPONSE_free(ocsp_resp);
+return OCSP_STATUS_UNKNOWN;
+}
+ss = OCSP_resp_get0(bs, OCSP_resp_find(bs, certid, -1)); /* find by serial 
number and get the matching response */
+
 
 i = OCSP_single_get0_status(ss, NULL, NULL, NULL, NULL);
 if (i == V_OCSP_CERTSTATUS_GOOD)
@@ -1035,6 +1042,7 @@ static int process_ocsp_response(OCSP_RE
 o = OCSP_STATUS_UNKNOWN;
 
 /* we clean up */
+OCSP_CERTID_free(certid);
 OCSP_RESPONSE_free(ocsp_resp);
 return o;
 }
@@ -1067,7 +1075,7 @@ static int ssl_ocsp_request(X509 *cert,
approach is to iterate for all the possible ocsp urls */
 resp = get_ocsp_response(cert, issuer, ocsp_urls[0]);
 if (resp != NULL) {
-rv = process_ocsp_response(resp);
+rv = process_ocsp_response(resp, cert, issuer);
 } else {
 /* correct error code for application errors? */
 X509_STORE_CTX_set_error(ctx, X509_V_ERR_APPLICATION_VERIFICATION);



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



svn commit: r1832857 - in /tomcat/tc8.5.x/trunk: ./ java/org/apache/tomcat/util/digester/Digester.java webapps/docs/changelog.xml

2018-06-04 Thread csutherl
Author: csutherl
Date: Mon Jun  4 15:09:26 2018
New Revision: 1832857

URL: http://svn.apache.org/viewvc?rev=1832857=rev
Log:
Fix potential NullPointerException in replaceSystemProperties() seemingly 
caused by changing StringManager sm declaration to static

Modified:
tomcat/tc8.5.x/trunk/   (props changed)
tomcat/tc8.5.x/trunk/java/org/apache/tomcat/util/digester/Digester.java
tomcat/tc8.5.x/trunk/webapps/docs/changelog.xml

Propchange: tomcat/tc8.5.x/trunk/
--
--- svn:mergeinfo (original)
+++ svn:mergeinfo Mon Jun  4 15:09:26 2018
@@ -1,2 +1,2 @@
 /tomcat/tc8.0.x/trunk:1809644
-/tomcat/trunk:1734785,1734799,1734845,1734928,1735041,1735044,1735480,1735577,1735597,1735599-1735600,1735615,1736145,1736162,1736209,1736280,1736297,1736299,1736489,1736646,1736703,1736836,1736849,1737104-1737105,1737112,1737117,1737119-1737120,1737155,1737157,1737192,1737280,1737339,1737632,1737664,1737715,1737748,1737785,1737834,1737860,1737903,1737959,1738005,1738007,1738014-1738015,1738018,1738022,1738039,1738043,1738059-1738060,1738147,1738149,1738174-1738175,1738261,1738589,1738623-1738625,1738643,1738816,1738850,1738855,1738946-1738948,1738953-1738954,1738979,1738982,1739079-1739081,1739087,1739113,1739153,1739172,1739176,1739191,1739474,1739492,1739726,1739762,1739775,1739814,1739817-1739818,1739975,1740131,1740324,1740465,1740495,1740508-1740509,1740520,1740535,1740707,1740803,1740810,1740969,1740980,1740991,1740997,1741015,1741033,1741036,1741058,1741060,1741080,1741147,1741159,1741164,1741173,1741181,1741190,1741197,1741202,1741208,1741213,1741221,1741225,1741232,1741409
 
,1741501,1741677,1741892,1741896,1741984,1742023,1742042,1742071,1742090,1742093,1742101,1742105,1742111,1742139,1742146,1742148,1742166,1742181,1742184,1742187,1742246,1742248-1742251,1742263-1742264,1742268,1742276,1742369,1742387,1742448,1742509-1742512,1742917,1742919,1742933,1742975-1742976,1742984,1742986,1743019,1743115,1743117,1743124-1743125,1743134,1743425,1743554,1743679,1743696-1743698,1743700-1743701,1744058,1744064-1744065,1744125,1744149,1744194,1744229,1744270,1744323,1744432,1744684,1744697,1744705,1744713,1744760,1744786,1745083,1745142-1745143,1745145,1745177,1745179-1745180,1745227,1745248,1745254,1745337,1745467,1745473,1745535,1745576,1745735,1745744,1746304,1746306-1746307,1746319,1746327,1746338,1746340-1746341,1746344,1746427,1746441,1746473,1746490,1746492,1746495-1746496,1746499-1746501,1746503-1746507,1746509,1746549,1746551,1746554,1746556,1746558,1746584,1746620,1746649,1746724,1746939,1746989,1747014,1747028,1747035,1747210,1747225,1747234,1747253,1747
 
404,1747506,1747536,1747924,1747980,1747993,1748001,1748253,1748452,1748547,1748629,1748676,1748715,1749287,1749296,1749328,1749373,1749465,1749506,1749508,1749665-1749666,1749763,1749865-1749866,1749898,1749978,1749980,1750011,1750015,1750056,1750480,1750617,1750634,1750692,1750697,1750700,1750703,1750707,1750714,1750718,1750723,1750774,1750899,1750975,1750995,1751061,1751097,1751173,1751438,1751447,1751463,1751702,1752212,1752737,1752745,1753078,1753080,1753358,1753363,1754111,1754140-1754141,1754281,1754310,1754445,1754467,1754494,1754496,1754528,1754532-1754533,1754613,1754714,1754874,1754941,1754944,1754950-1754951,1755005,1755007,1755009,1755132,1755180-1755181,1755185,1755190,1755204-1755206,1755208,1755214,1755224,1755227,1755230,1755629,1755646-1755647,1755650,1755653,1755675,1755680,1755683,1755693,1755717,1755731-1755737,1755812,1755828,1755884,1755890,1755918-1755919,1755942,1755958,1755960,1755970,1755993,1756013,1756019,1756039,1756056,1756083-1756114,1756175,1756288-1
 
756289,1756408-1756410,1756778,1756798,1756878,1756898,1756939,1757123-1757124,1757126,1757128,1757132-1757133,1757136,1757145,1757167-1757168,1757175,1757180,1757182,1757195,1757271,1757278,1757347,1757353-1757354,1757363,1757374,1757399,1757406,1757408,1757485,1757495,1757499,1757527,1757578,1757684,1757722,1757727,1757790,1757799,1757813,1757853,1757883,1757903,1757976,1757997,1758000,1758058,1758072-1758075,1758078-1758079,1758223,1758257,1758261,1758276,1758292,1758369,1758378-1758383,1758421,1758423,1758425-1758427,1758430,1758443,1758448,1758459,1758483,1758486-1758487,1758499,1758525,1758556,1758580,1758582,1758584,1758588,1758842,1759019,1759212,1759224,1759227,1759252,1759274,1759513-1759516,1759611,1759757,1759785-1759790,1760005,1760022,1760109-1760110,1760135,1760200-1760201,1760227,1760300,1760397,1760446,1760454,1760640,1760648,1761057,1761422,1761491,1761498,1761500-1761501,1761550,1761553,1761572,1761574,1761625-1761626,1761628,1761682,1761740,1761752,1762051-176205
 

svn commit: r1832856 - in /tomcat/trunk: java/org/apache/tomcat/util/digester/Digester.java webapps/docs/changelog.xml

2018-06-04 Thread csutherl
Author: csutherl
Date: Mon Jun  4 15:07:57 2018
New Revision: 1832856

URL: http://svn.apache.org/viewvc?rev=1832856=rev
Log:
Fix potential NullPointerException in replaceSystemProperties() seemingly 
caused by changing StringManager sm declaration to static

Modified:
tomcat/trunk/java/org/apache/tomcat/util/digester/Digester.java
tomcat/trunk/webapps/docs/changelog.xml

Modified: tomcat/trunk/java/org/apache/tomcat/util/digester/Digester.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/digester/Digester.java?rev=1832856=1832855=1832856=diff
==
--- tomcat/trunk/java/org/apache/tomcat/util/digester/Digester.java (original)
+++ tomcat/trunk/java/org/apache/tomcat/util/digester/Digester.java Mon Jun  4 
15:07:57 2018
@@ -84,6 +84,7 @@ public class Digester extends DefaultHan
 
 protected static IntrospectionUtils.PropertySource propertySource;
 private static boolean propertySourceSet = false;
+protected static final StringManager sm = 
StringManager.getManager(Digester.class);
 
 static {
 String className = 
System.getProperty("org.apache.tomcat.util.digester.PROPERTY_SOURCE");
@@ -309,7 +310,6 @@ public class Digester extends DefaultHan
  * The Log to which most logging calls will be made.
  */
 protected Log log = LogFactory.getLog(Digester.class);
-protected static final StringManager sm = 
StringManager.getManager(Digester.class);
 
 /**
  * The Log to which all SAX event related logging calls will be made.

Modified: tomcat/trunk/webapps/docs/changelog.xml
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1832856=1832855=1832856=diff
==
--- tomcat/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/trunk/webapps/docs/changelog.xml Mon Jun  4 15:07:57 2018
@@ -191,6 +191,10 @@
 not contain leading zeros in the IPv4 part. Based on a patch by Katya
 Stoycheva. (markt)
   
+  
+Fix NullPointerException thrown from 
+replaceSystemProperties() when trying to log messages. 
(csutherl)
+  
 
   
   



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



[GitHub] tomcat issue #77: Removed findbugs bad practice warnings by making classes f...

2018-06-04 Thread markt-asf
Github user markt-asf commented on the issue:

https://github.com/apache/tomcat/pull/77
  
These have been resolved since this PR was opened.


---

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



[GitHub] tomcat pull request #77: Removed findbugs bad practice warnings by making cl...

2018-06-04 Thread markt-asf
Github user markt-asf closed the pull request at:

https://github.com/apache/tomcat/pull/77


---

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



[GitHub] tomcat issue #49: Fix parser to fail if leading zeros in IPv4 part of IPv6 a...

2018-06-04 Thread markt-asf
Github user markt-asf commented on the issue:

https://github.com/apache/tomcat/pull/49
  
Thanks for the patch. Sorry it took a while to apply it. Due to our delays 
I had to adapt things a little.
Fixed in:
- trunk for 9.0.9 onwards
- 8.5.x for 8.5.32 onwards
- 8.0.x for 8.0.53 onwards
- 7.0.x for 7.0.89 onwards


---

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



[GitHub] tomcat pull request #49: Fix parser to fail if leading zeros in IPv4 part of...

2018-06-04 Thread markt-asf
Github user markt-asf closed the pull request at:

https://github.com/apache/tomcat/pull/49


---

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



svn commit: r1832846 - in /tomcat/tc7.0.x/trunk: ./ java/org/apache/tomcat/util/http/parser/ test/org/apache/tomcat/util/http/parser/ webapps/docs/

2018-06-04 Thread markt
Author: markt
Date: Mon Jun  4 13:20:53 2018
New Revision: 1832846

URL: http://svn.apache.org/viewvc?rev=1832846=rev
Log:
Improve IPv6 validation by ensuring that IPv4-Mapped IPv6 addresses do not 
contain leading zeros in the IPv4 part.
Based on a patch by Katya Stoycheva.

Modified:
tomcat/tc7.0.x/trunk/   (props changed)
tomcat/tc7.0.x/trunk/java/org/apache/tomcat/util/http/parser/HttpParser.java

tomcat/tc7.0.x/trunk/java/org/apache/tomcat/util/http/parser/LocalStrings.properties

tomcat/tc7.0.x/trunk/test/org/apache/tomcat/util/http/parser/TestHttpParserHost.java
tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml

Propchange: tomcat/tc7.0.x/trunk/
--
--- svn:mergeinfo (original)
+++ svn:mergeinfo Mon Jun  4 13:20:53 2018
@@ -1,3 +1,3 @@
 
/tomcat/tc8.0.x/trunk:1636525,1637336,1637685,1637709,1638726,1640089,1640276,1640349,1640363,1640366,1640642,1640672,1640674,1640689,1640884,1641001,1641065,1641067,1641375,1641638,1641723,1641726,1641729-1641730,1641736,1641988,1642669-1642670,1642698,1642701,1643205,1643215,1643217,1643230,1643232,1643273,1643285,1643329-1643330,1643511,1643513,1643521,1643539,1643571,1643581-1643582,1643635,1643655,1643738,1643964,1644018,1644333,1644525,1644954,1644992,1645014,1645360,1645456,1645627,1645642,1645686,1645903-1645904,1645908-1645909,1645913,1645920,1646458,1646460-1646462,1646735,1646738-1646741,1646744,1646746,1646748-1646755,1646757,1646759-1646760,1647043,1648816,1651420-1651422,1651844,1652926,1652939-1652940,1652973,1653798,1653817,1653841,1654042,1654161,1654736,1654767,1654787,1656592,1659907,1662986,1663265,1663278,1663325,1663535,1663567,1663679,1663997,1664175,1664321,1664872,1665061,1665086,1666027,1666395,1666503,1666506,1666560,1666570,1666581,1666759,1666967,1666988
 
,1667553-1667555,1667558,1667617,1667633,1667637,1667747,1667767,1667873,1668028,1668137,1668634,1669432,1669801,1669840,1669895-1669896,1670398,1670435,1670592,1670605-1670607,1670609,1670632,1670720,1670725,1670727,1670731,1671114,1672273,1672285,1673759,1674220,1674295,1675469,1675488,1675595,1675831,1676232,1676367-1676369,1676382,1676394,1676483,1676556,1676635,1678178,1679536,1679988,1680256,1681124,1681182,1681703,1681730,1681840,1681864,1681869,1682010,1682034,1682047,1682052-1682053,1682062,1682064,1682070,1682312,1682325,1682331,1682386,1684367,1684385,1685759,1685774,1685827,1685892,1687341,1688904,1689358,1689657,1689921,1692850,1693093,1693108,1693324,1694060,1694115,1694291,1694427,1694431,1694503,1694549,1694789,1694873,1694881,1695356,1695372,1695823-1695825,1696200,1696281,1696379,1696468,1700608,1700871,1700897,1700978,1701094,1701124,1701608,1701668,1701676,1701766,1701944,1702248,1702252,1702314,1702390,1702723,1702725,1702728,1702730,1702733,1702735,1702737,1702
 
739,1702742,1702744,1702748,1702751,1702754,1702758,1702760,1702763,1702766,1708779,1708782,1708806,1709314,1709670,1710347,1710442,1710448,1710490,1710574,1710578,1712226,1712229,1712235,1712255,1712618,1712649,1712655,1712860,1712899,1712903,1712906,1712913,1712926,1712975,1713185,1713262,1713287,1713613,1713621,1713872,1713976,1713994,1713998,1714004,1714013,1714059,1714538,1714580,1715189,1715207,1715544,1715549,1715637,1715639-1715645,1715667,1715683,1715866,1715978,1715981,1716216-1716217,1716355,1716414,1716421,1717208-1717209,1717257,1717283,1717288,1717291,1717421,1717517,1717529,1718797,1718840-1718843,1719348,1719357-1719358,1719400,1719491,1719737,1720235,1720396,1720442,1720446,1720450,1720463,1720658-1720660,1720756,1720816,1721813,1721818,1721831,1721861,1721867,1721882,1722523,1722527,1722800,1722926,1722941,1722997,1723130,1723440,1723488,1723890,1724434,1724674,1724792,1724803,1724902,1725128,1725131,1725154,1725167,1725911,1725921,1725929,1725963-1725965,1725970,1
 
725974,1726171-1726173,1726175,1726179-1726182,1726190-1726191,1726195-1726200,1726203,1726226,1726576,1726630,1726992,1727029,1727037,1727671,1727676,1727900,1728028,1728092,1728439,1728449,1729186,1729362,1731009,1731303,1731867,1731872,1731874,1731876,1731885,1731947,1731955,1731959,1731977,1731984,1732360,1732490,1732672,1732902,1733166,1733603,1733619,1733735,1733752,1733764,1733915,1733941,1733964,1734115,1734133,1734261,1734421,1734531,1736286,1737967,1738173,1738182,1738992,1739039,1739089-1739091,1739294,1739777,1739821,1739981,1740513,1740726,1741019,1741162,1741217,1743647,1743681,1744152,1744272,1746732,1746750,1752739,1754615,1755886,1756018,1758563,1759565,1761686,1762173,1762206,1766280,1767507-1767508,1767653,1767656,1769267,1772949,1773521,1773527,1774104,1777015,1777213,1779330,1783151,1784188,1784966,1785670,1786846,1788260,1788999,1789140,1789402,1791529,1791559,1795291,1796906,1797523,1799214,1800998-1800999,1801003,1801007-1801008,1801017,1801020,1802808,180281
 

svn commit: r1832845 - in /tomcat/tc8.0.x/trunk: ./ java/org/apache/tomcat/util/http/parser/ test/org/apache/tomcat/util/http/parser/ webapps/docs/

2018-06-04 Thread markt
Author: markt
Date: Mon Jun  4 13:20:20 2018
New Revision: 1832845

URL: http://svn.apache.org/viewvc?rev=1832845=rev
Log:
Improve IPv6 validation by ensuring that IPv4-Mapped IPv6 addresses do not 
contain leading zeros in the IPv4 part.
Based on a patch by Katya Stoycheva.

Modified:
tomcat/tc8.0.x/trunk/   (props changed)
tomcat/tc8.0.x/trunk/java/org/apache/tomcat/util/http/parser/HttpParser.java

tomcat/tc8.0.x/trunk/java/org/apache/tomcat/util/http/parser/LocalStrings.properties

tomcat/tc8.0.x/trunk/test/org/apache/tomcat/util/http/parser/TestHttpParserHost.java
tomcat/tc8.0.x/trunk/webapps/docs/changelog.xml

Propchange: tomcat/tc8.0.x/trunk/
--
--- svn:mergeinfo (original)
+++ svn:mergeinfo Mon Jun  4 13:20:20 2018
@@ -1,2 +1,2 @@
 
/tomcat/tc8.5.x/trunk:1735042,1737966,1743139-1743140,1744151,1747537,1747925,1748002,1754614,1754643,1762124,1762183,1762203,1763792,1772948,1777014,1779719,1779898,1782037,1782240,1782386-1782387,1785669,1786845,1788249,1788324,1788905,1789216,1789335,1791528,1791558,1796697-1796698,1797521,1798543,1799162,1800143,1801693,1802805,1806799,1807079-1807080,1808880,1809831,1812093,1812143,1812145,1812319,1814975,1815945,1815956,1820207,1822186,1823164,1823497,1824960,1826872-1826873,1827862,1829310,1829777,1829796,1829935,1830215,1830991,1831042,1831557,1831569,1832269,1832271,1832693
-/tomcat/trunk:1636524,1637156,1637176,1637188,1637331,1637684,1637695,1637890,1637892,1638720-1638725,1639653,1640010,1640083-1640084,1640088,1640275,1640322,1640347,1640361,1640365,1640403,1640410,1640652,1640655-1640658,1640688,1640700-1640883,1640903,1640976,1640978,1641000,1641026,1641038-1641039,1641051-1641052,1641058,1641064,1641300,1641369,1641374,1641380,1641486,1641634,1641656-1641692,1641704,1641707-1641718,1641720-1641722,1641735,1641981,1642233,1642280,1642554,1642564,1642595,1642606,1642668,1642679,1642697,1642699,1642766,1643002,1643045,1643054-1643055,1643066,1643121,1643128,1643206,1643209-1643210,1643216,1643249,1643270,1643283,1643309-1643310,1643323,1643365-1643366,1643370-1643371,1643465,1643474,1643536,1643570,1643634,1643649,1643651,1643654,1643675,1643731,1643733-1643734,1643761,1643766,1643814,1643937,1643963,1644017,1644169,1644201-1644203,1644321,1644323,1644516,1644523,1644529,1644535,1644730,1644768,1644784-1644785,1644790,1644793,1644815,1644884,1644886
 
,1644890,1644892,1644910,1644924,1644929-1644930,1644935,1644989,1645011,1645247,1645355,1645357-1645358,1645455,1645465,1645469,1645471,1645473,1645475,1645486-1645488,1645626,1645641,1645685,1645743,1645763,1645951-1645953,1645955,1645993,1646098-1646106,1646178,1646220,1646302,1646304,1646420,1646470-1646471,1646476,1646559,1646717-1646723,1646773,1647026,1647042,1647530,1647655,1648304,1648815,1648907,1649973,1650081,1650365,1651116,1651120,1651280,1651470,1652938,1652970,1653041,1653471,1653550,1653574,1653797,1653815-1653816,1653819,1653840,1653857,1653888,1653972,1654013,1654030,1654050,1654123,1654148,1654159,1654513,1654515,1654517,1654522,1654524,1654725,1654735,1654766,1654785,1654851-1654852,1654978,1655122-1655124,1655126-1655127,1655129-1655130,1655132-1655133,1655312,1655351,1655438,1655441,1655454,168,1656087,1656299,1656319,1656331,1656345,1656350,1656590,1656648-1656650,1656657,1657041,1657054,1657374,1657492,1657510,1657565,1657580,1657584,1657586,1657589,1657
 
592,1657607,1657609,1657682,1657907,1658207,1658734,1658781,1658790,1658799,1658802,1658804,1658833,1658840,1658966,1659043,1659053,1659059,1659174,1659184,1659188-1659189,1659216,1659263,1659293,1659304,1659306-1659307,1659382,1659384,1659428,1659471,1659486,1659505,1659516,1659521,1659524,1659559,1659562,1659803,1659806,1659814,1659833,1659862,1659905,1659919,1659948,1659967,1659983-1659984,1660060,1660074,1660077,1660133,1660168,1660331-1660332,1660353,1660358,1660924,1661386,1661770,1661867,1661972,1661990,1662200,1662308-1662309,1662548,1662614,1662696,1662736,1662985,1662988-1662989,1663264,1663277,1663298,1663534,1663562,1663676,1663715,1663754,1663768,1663772,1663781,1663893,1663995,1664143,1664163,1664174,1664301,1664317,1664347,1664657,1664659,1664710,1664863-1664864,1664866,1665085,1665292,1665559,1665653,1665661,1665672,1665694,1665697,1665736,1665779,1665976-1665977,1665980-1665981,1665985-1665986,1665989,1665998,1666004,1666008,1666013,1666017,1666024,1666116,1666386-1
 

svn commit: r1832844 - in /tomcat/tc8.5.x/trunk: ./ java/org/apache/tomcat/util/http/parser/ test/org/apache/tomcat/util/http/parser/ webapps/docs/

2018-06-04 Thread markt
Author: markt
Date: Mon Jun  4 13:19:52 2018
New Revision: 1832844

URL: http://svn.apache.org/viewvc?rev=1832844=rev
Log:
Improve IPv6 validation by ensuring that IPv4-Mapped IPv6 addresses do not 
contain leading zeros in the IPv4 part.
Based on a patch by Katya Stoycheva.

Modified:
tomcat/tc8.5.x/trunk/   (props changed)
tomcat/tc8.5.x/trunk/java/org/apache/tomcat/util/http/parser/HttpParser.java

tomcat/tc8.5.x/trunk/java/org/apache/tomcat/util/http/parser/LocalStrings.properties

tomcat/tc8.5.x/trunk/test/org/apache/tomcat/util/http/parser/TestHttpParserHost.java
tomcat/tc8.5.x/trunk/webapps/docs/changelog.xml

Propchange: tomcat/tc8.5.x/trunk/
--
--- svn:mergeinfo (original)
+++ svn:mergeinfo Mon Jun  4 13:19:52 2018
@@ -1,2 +1,2 @@
 /tomcat/tc8.0.x/trunk:1809644
-/tomcat/trunk:1734785,1734799,1734845,1734928,1735041,1735044,1735480,1735577,1735597,1735599-1735600,1735615,1736145,1736162,1736209,1736280,1736297,1736299,1736489,1736646,1736703,1736836,1736849,1737104-1737105,1737112,1737117,1737119-1737120,1737155,1737157,1737192,1737280,1737339,1737632,1737664,1737715,1737748,1737785,1737834,1737860,1737903,1737959,1738005,1738007,1738014-1738015,1738018,1738022,1738039,1738043,1738059-1738060,1738147,1738149,1738174-1738175,1738261,1738589,1738623-1738625,1738643,1738816,1738850,1738855,1738946-1738948,1738953-1738954,1738979,1738982,1739079-1739081,1739087,1739113,1739153,1739172,1739176,1739191,1739474,1739492,1739726,1739762,1739775,1739814,1739817-1739818,1739975,1740131,1740324,1740465,1740495,1740508-1740509,1740520,1740535,1740707,1740803,1740810,1740969,1740980,1740991,1740997,1741015,1741033,1741036,1741058,1741060,1741080,1741147,1741159,1741164,1741173,1741181,1741190,1741197,1741202,1741208,1741213,1741221,1741225,1741232,1741409
 
,1741501,1741677,1741892,1741896,1741984,1742023,1742042,1742071,1742090,1742093,1742101,1742105,1742111,1742139,1742146,1742148,1742166,1742181,1742184,1742187,1742246,1742248-1742251,1742263-1742264,1742268,1742276,1742369,1742387,1742448,1742509-1742512,1742917,1742919,1742933,1742975-1742976,1742984,1742986,1743019,1743115,1743117,1743124-1743125,1743134,1743425,1743554,1743679,1743696-1743698,1743700-1743701,1744058,1744064-1744065,1744125,1744149,1744194,1744229,1744270,1744323,1744432,1744684,1744697,1744705,1744713,1744760,1744786,1745083,1745142-1745143,1745145,1745177,1745179-1745180,1745227,1745248,1745254,1745337,1745467,1745473,1745535,1745576,1745735,1745744,1746304,1746306-1746307,1746319,1746327,1746338,1746340-1746341,1746344,1746427,1746441,1746473,1746490,1746492,1746495-1746496,1746499-1746501,1746503-1746507,1746509,1746549,1746551,1746554,1746556,1746558,1746584,1746620,1746649,1746724,1746939,1746989,1747014,1747028,1747035,1747210,1747225,1747234,1747253,1747
 
404,1747506,1747536,1747924,1747980,1747993,1748001,1748253,1748452,1748547,1748629,1748676,1748715,1749287,1749296,1749328,1749373,1749465,1749506,1749508,1749665-1749666,1749763,1749865-1749866,1749898,1749978,1749980,1750011,1750015,1750056,1750480,1750617,1750634,1750692,1750697,1750700,1750703,1750707,1750714,1750718,1750723,1750774,1750899,1750975,1750995,1751061,1751097,1751173,1751438,1751447,1751463,1751702,1752212,1752737,1752745,1753078,1753080,1753358,1753363,1754111,1754140-1754141,1754281,1754310,1754445,1754467,1754494,1754496,1754528,1754532-1754533,1754613,1754714,1754874,1754941,1754944,1754950-1754951,1755005,1755007,1755009,1755132,1755180-1755181,1755185,1755190,1755204-1755206,1755208,1755214,1755224,1755227,1755230,1755629,1755646-1755647,1755650,1755653,1755675,1755680,1755683,1755693,1755717,1755731-1755737,1755812,1755828,1755884,1755890,1755918-1755919,1755942,1755958,1755960,1755970,1755993,1756013,1756019,1756039,1756056,1756083-1756114,1756175,1756288-1
 
756289,1756408-1756410,1756778,1756798,1756878,1756898,1756939,1757123-1757124,1757126,1757128,1757132-1757133,1757136,1757145,1757167-1757168,1757175,1757180,1757182,1757195,1757271,1757278,1757347,1757353-1757354,1757363,1757374,1757399,1757406,1757408,1757485,1757495,1757499,1757527,1757578,1757684,1757722,1757727,1757790,1757799,1757813,1757853,1757883,1757903,1757976,1757997,1758000,1758058,1758072-1758075,1758078-1758079,1758223,1758257,1758261,1758276,1758292,1758369,1758378-1758383,1758421,1758423,1758425-1758427,1758430,1758443,1758448,1758459,1758483,1758486-1758487,1758499,1758525,1758556,1758580,1758582,1758584,1758588,1758842,1759019,1759212,1759224,1759227,1759252,1759274,1759513-1759516,1759611,1759757,1759785-1759790,1760005,1760022,1760109-1760110,1760135,1760200-1760201,1760227,1760300,1760397,1760446,1760454,1760640,1760648,1761057,1761422,1761491,1761498,1761500-1761501,1761550,1761553,1761572,1761574,1761625-1761626,1761628,1761682,1761740,1761752,1762051-176205
 

svn commit: r1832843 - in /tomcat/trunk: java/org/apache/tomcat/util/http/parser/HttpParser.java java/org/apache/tomcat/util/http/parser/LocalStrings.properties test/org/apache/tomcat/util/http/parser

2018-06-04 Thread markt
Author: markt
Date: Mon Jun  4 13:18:54 2018
New Revision: 1832843

URL: http://svn.apache.org/viewvc?rev=1832843=rev
Log:
Improve IPv6 validation by ensuring that IPv4-Mapped IPv6 addresses do not 
contain leading zeros in the IPv4 part.
Based on a patch by Katya Stoycheva.

Modified:
tomcat/trunk/java/org/apache/tomcat/util/http/parser/HttpParser.java
tomcat/trunk/java/org/apache/tomcat/util/http/parser/LocalStrings.properties
tomcat/trunk/test/org/apache/tomcat/util/http/parser/TestHttpParserHost.java
tomcat/trunk/webapps/docs/changelog.xml

Modified: tomcat/trunk/java/org/apache/tomcat/util/http/parser/HttpParser.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/http/parser/HttpParser.java?rev=1832843=1832842=1832843=diff
==
--- tomcat/trunk/java/org/apache/tomcat/util/http/parser/HttpParser.java 
(original)
+++ tomcat/trunk/java/org/apache/tomcat/util/http/parser/HttpParser.java Mon 
Jun  4 13:18:54 2018
@@ -661,6 +661,15 @@ public class HttpParser {
 } else if (isNumeric(c)) {
 if (octet == -1) {
 octet = c - '0';
+} else if (octet == 0) {
+// Leading zero in non-zero octet. Not valid (ambiguous).
+if (inIPv6) {
+throw new 
IllegalArgumentException(sm.getString("http.invalidLeadingZero"));
+} else {
+// Could be a host/FQDN
+reader.reset();
+return readHostDomainName(reader);
+}
 } else {
 octet = octet * 10 + c - '0';
 }

Modified: 
tomcat/trunk/java/org/apache/tomcat/util/http/parser/LocalStrings.properties
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/http/parser/LocalStrings.properties?rev=1832843=1832842=1832843=diff
==
--- 
tomcat/trunk/java/org/apache/tomcat/util/http/parser/LocalStrings.properties 
(original)
+++ 
tomcat/trunk/java/org/apache/tomcat/util/http/parser/LocalStrings.properties 
Mon Jun  4 13:18:54 2018
@@ -26,6 +26,7 @@ http.illegalCharacterIpv6=The character
 http.invalidCharacterDomain=The character [{0}] is not valid{1} a domain name.
 http.invalidHextet=Invalid hextet. A hextet must consist of 4 or less hex 
characters.
 http.invalidIpv4Location=The IPv6 address contains an embedded IPv4 address at 
an invalid location.
+http.invalidLeadingZero=An non-zero IPv4 octet may not contain a leading zero.
 http.invalidOctet=Invalid octet [{0}]. The valid range for IPv4 octets is 0 to 
255.
 http.invalidSegmentEndState=The state [{0}] is not valid for the end of a 
segment.
 http.noClosingBracket=The IPv6 address is missing a closing bracket.

Modified: 
tomcat/trunk/test/org/apache/tomcat/util/http/parser/TestHttpParserHost.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/test/org/apache/tomcat/util/http/parser/TestHttpParserHost.java?rev=1832843=1832842=1832843=diff
==
--- 
tomcat/trunk/test/org/apache/tomcat/util/http/parser/TestHttpParserHost.java 
(original)
+++ 
tomcat/trunk/test/org/apache/tomcat/util/http/parser/TestHttpParserHost.java 
Mon Jun  4 13:18:54 2018
@@ -54,17 +54,19 @@ public class TestHttpParserHost {
 result.add(new Object[] { TestType.IPv4, "127.0.0.1:8080", 
Integer.valueOf(9), null} );
 result.add(new Object[] { TestType.IPv4, "0.0.0.0", 
Integer.valueOf(-1), null} );
 result.add(new Object[] { TestType.IPv4, "0.0.0.0:8080", 
Integer.valueOf(7), null} );
-result.add(new Object[] { TestType.IPv4, "0", Integer.valueOf(-1), 
null} );
 // IPv4 - invalid
 result.add(new Object[] { TestType.IPv4, ".0.0.0", 
Integer.valueOf(-1), IAE} );
 result.add(new Object[] { TestType.IPv4, "0.0.0.", 
Integer.valueOf(-1), IAE} );
 result.add(new Object[] { TestType.IPv4, "0..0.0", 
Integer.valueOf(-1), IAE} );
 result.add(new Object[] { TestType.IPv4, "0]", Integer.valueOf(-1), 
IAE} );
 // Domain Name - valid
+result.add(new Object[] { TestType.IPv4, "0", Integer.valueOf(-1), 
null} );
 result.add(new Object[] { TestType.IPv4, "0.0", Integer.valueOf(-1), 
null} );
 result.add(new Object[] { TestType.IPv4, "0.0:8080", 
Integer.valueOf(3), null} );
 result.add(new Object[] { TestType.IPv4, "0.0.0", Integer.valueOf(-1), 
null} );
 result.add(new Object[] { TestType.IPv4, "0.0.0:8080", 
Integer.valueOf(5), null} );
+result.add(new Object[] { TestType.IPv4, "0.00.0.0", 
Integer.valueOf(-1), null} );
+result.add(new Object[] { TestType.IPv4, "0.00.0.0:8080", 
Integer.valueOf(8), null} );
 result.add(new Object[] { TestType.IPv4, "256.0.0.0", 

svn commit: r1832832 - /tomcat/native/trunk/native/src/sslutils.c

2018-06-04 Thread jfclere
Author: jfclere
Date: Mon Jun  4 12:47:18 2018
New Revision: 1832832

URL: http://svn.apache.org/viewvc?rev=1832832=rev
Log:
adjust the X509_STORE_CTX_get1_issuer() to X509_STORE_CTX_get0_current_issuer()
like in mod_ssl httpd.

Modified:
tomcat/native/trunk/native/src/sslutils.c

Modified: tomcat/native/trunk/native/src/sslutils.c
URL: 
http://svn.apache.org/viewvc/tomcat/native/trunk/native/src/sslutils.c?rev=1832832=1832831=1832832=diff
==
--- tomcat/native/trunk/native/src/sslutils.c (original)
+++ tomcat/native/trunk/native/src/sslutils.c Mon Jun  4 12:47:18 2018
@@ -35,7 +35,7 @@ extern int WIN32_SSL_password_prompt(tcn
 #define ASN1_OID  0x06
 #define ASN1_STRING   0x86
 static int ssl_verify_OCSP(int ok, X509_STORE_CTX *ctx);
-static int ssl_ocsp_request(X509 *cert, X509 *issuer);
+static int ssl_ocsp_request(X509 *cert, X509 *issuer, X509_STORE_CTX *ctx);
 #endif
 
 /*  _
@@ -519,21 +519,22 @@ static int ssl_verify_OCSP(int ok, X509_
 }
 
 /* if we can't get the issuer, we cannot perform OCSP verification */
-if (X509_STORE_CTX_get1_issuer(, ctx, cert) == 1 ) {
-r = ssl_ocsp_request(cert, issuer);
-if (r == OCSP_STATUS_REVOKED) {
+issuer = X509_STORE_CTX_get0_current_issuer(ctx);
+if (issuer != NULL) {
+r = ssl_ocsp_request(cert, issuer, ctx);
+switch (r) {
+case OCSP_STATUS_OK:
+X509_STORE_CTX_set_error(ctx, X509_V_OK);
+break;
+case OCSP_STATUS_REVOKED:
 /* we set the error if we know that it is revoked */
 X509_STORE_CTX_set_error(ctx, X509_V_ERR_CERT_REVOKED);
+break;
+case OCSP_STATUS_UNKNOWN:
+/* correct error code for application errors? */
+// X509_STORE_CTX_set_error(ctx, 
X509_V_ERR_APPLICATION_VERIFICATION);
+break;
 }
-else {
-/* else we return unknown */
-r = OCSP_STATUS_UNKNOWN;
-}
-X509_free(issuer); /* It appears that we  should free issuer since
-* X509_STORE_CTX_get1_issuer() calls 
X509_OBJECT_up_ref_count()
-* on the issuer object (unline 
X509_STORE_CTX_get_current_cert()
-* that just returns the pointer
-*/
 }
 return r;
 }
@@ -1038,7 +1039,7 @@ static int process_ocsp_response(OCSP_RE
 return o;
 }
 
-static int ssl_ocsp_request(X509 *cert, X509 *issuer)
+static int ssl_ocsp_request(X509 *cert, X509 *issuer, X509_STORE_CTX *ctx)
 {
 char **ocsp_urls = NULL;
 int nid;
@@ -1061,13 +1062,20 @@ static int ssl_ocsp_request(X509 *cert,
the ocsp status. Otherwise, return OCSP_STATUS_UNKNOWN */
 if (ocsp_urls != NULL) {
 OCSP_RESPONSE *resp;
+int rv = OCSP_STATUS_UNKNOWN;
 /* for the time being just check for the fist response .. a better
approach is to iterate for all the possible ocsp urls */
 resp = get_ocsp_response(cert, issuer, ocsp_urls[0]);
+if (resp != NULL) {
+rv = process_ocsp_response(resp);
+} else {
+/* correct error code for application errors? */
+X509_STORE_CTX_set_error(ctx, X509_V_ERR_APPLICATION_VERIFICATION);
+}
 
 if (resp != NULL) {
 apr_pool_destroy(p);
-return process_ocsp_response(resp);
+return rv;
 }
 }
 apr_pool_destroy(p);



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



[Bug 62146] Support to add customized KeyManager like "trustManagerClassName" did.

2018-06-04 Thread bugzilla
https://bz.apache.org/bugzilla/show_bug.cgi?id=62146

Mark Thomas  changed:

   What|Removed |Added

 Resolution|--- |WONTFIX
 Status|NEW |RESOLVED

--- Comment #7 from Mark Thomas  ---
The patch looks OK. I don't see any reason why it wouldn't be safe to use in
production.

One minor comment is that it refers to local String
"jsse.invalidKeyManagerClassName" that doesn't exist.

Back-porting the reloading from 8.5.x isn't an option as it depends on some
major factoring that took place in 8.5.x.

I don't think we should add this feature to 7.0.x.
Adding the feature to 7.0.x would create the expectation that the feature would
also exist in 8.5.x onwards and there is - currently - no use case for this
feature in 8.5.x onwards.

I am therefore resolving this as WONTFIX.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Re: [GUMP@vmgump-vm3]: Project tomcat-trunk-test-nio (in module tomcat-trunk) failed

2018-06-04 Thread Mark Thomas
On 04/06/18 10:06, Mark Thomas wrote:



> Rather than just apply the fix, I'm going to take another look at how
> bnd is integrated into the build process. I want to see if there is a
> better way to do it.

What I was looking for was a way to generate the manifest independently
of re-packaging the JAR. That option doesn't seem to exist.

We could:
- build a temporary JAR
- generate the manifest
- remove the temporary JAR
- build the real JAR

but that doesn't seem any better than the current approach.

Therefore, I have added the system property to vmgump. We should see if
it has worked on the next run.

Mark

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Re: [GUMP@vmgump-vm3]: Project tomcat-trunk-test-nio (in module tomcat-trunk) failed

2018-06-04 Thread Mark Thomas
On 04/06/18 04:06, Bill Barker wrote:
> To whom it may engage...
> 
> This is an automated request, but not an unsolicited one. For 
> more information please visit http://gump.apache.org/nagged.html, 
> and/or contact the folk at gene...@gump.apache.org.
> 
> Project tomcat-trunk-test-nio has an issue affecting its community 
> integration.
> This issue affects 1 projects,
>  and has been outstanding for 5 runs.
> The current state of this project is 'Failed', with reason 'Build Failed'.
> For reference only, the following projects are affected by this:
> - tomcat-trunk-test-nio :  Tomcat 9.x, a web server implementing the Java 
> Servlet 4.0,
> ...

Got to the bottom of this JvM crash thanks to [1]. It is a know bug in
Java [2], fixed in Java 9. The fix is to
use-Dsun.zip.disableMemoryMapping=true

Rather than just apply the fix, I'm going to take another look at how
bnd is integrated into the build process. I want to see if there is a
better way to do it.

Mark


[1]
https://stackoverflow.com/questions/38326183/jvm-crashed-in-java-util-zip-zipfile-getentry
[2] https://bugs.openjdk.java.net/browse/JDK-8142508

> 
> Full details are available at:
> http://vmgump-vm3.apache.org/tomcat-trunk/tomcat-trunk-test-nio/index.html
> 
> That said, some information snippets are provided here.
> 
> The following annotations (debug/informational/warning/error messages) were 
> provided:
>  -DEBUG- Dependency on bnd exists, no need to add for property bndlib.jar.
>  -INFO- Failed with reason build failed
>  -INFO- Project Reports in: 
> /srv/gump/public/workspace/tomcat-trunk/output/logs-NIO
>  -WARNING- No directory 
> [/srv/gump/public/workspace/tomcat-trunk/output/logs-NIO]
>  -INFO- Project Reports in: 
> /srv/gump/public/workspace/tomcat-trunk/output/test-tmp-NIO/logs
>  -WARNING- No directory 
> [/srv/gump/public/workspace/tomcat-trunk/output/test-tmp-NIO/logs]
> 
> 
> 
> The following work was performed:
> http://vmgump-vm3.apache.org/tomcat-trunk/tomcat-trunk-test-nio/gump_work/build_tomcat-trunk_tomcat-trunk-test-nio.html
> Work Name: build_tomcat-trunk_tomcat-trunk-test-nio (Type: Build)
> Work ended in a state of : Failed
> Elapsed: 12 secs
> Command Line: /usr/lib/jvm/java-8-oracle/bin/java -Djava.awt.headless=true 
> -Dbuild.sysclasspath=only org.apache.tools.ant.Main 
> -Dgump.merge=/srv/gump/public/gump/work/merge.xml 
> -Djunit.jar=/srv/gump/public/workspace/junit/target/junit-4.13-SNAPSHOT.jar 
> -Djava.net.preferIPv4Stack=/srv/gump/public/workspace/tomcat-trunk/true 
> -Dobjenesis.jar=/srv/gump/public/workspace/objenesis/main/target/objenesis-2.7-SNAPSHOT.jar
>  -Dtest.reports=output/logs-NIO -Dexecute.test.nio2=false 
> -Dexamples.sources.skip=true 
> -Dbase.path=/srv/gump/public/workspace/tomcat-trunk/tomcat-build-libs 
> -Djdt.jar=/srv/gump/packages/eclipse/plugins/R-4.7.3a-201803300640/ecj-4.7.3a.jar
>  -Dbndlib.jar=/srv/gump/packages/bnd/bndlib-4.0.0/biz.aQute.bndlib-4.0.0.jar 
> -Dcommons-daemon.jar=/srv/gump/public/workspace/apache-commons/daemon/target/commons-daemon-1.1.1-SNAPSHOT.jar
>  
> -Dtest.openssl.path=/srv/gump/public/workspace/openssl-master/dest-20180604/bin/openssl
>  -Dtest.temp=output/test-tmp-NIO -Dtest.accesslog=true -Dexecute.test
>  .nio=true -Dbnd.jar=/srv/gump/packages/bnd/bnd-4.0.0/biz.aQute.bnd-4.0.0.jar 
> -Dexecute.test.apr=false -Dtest.excludePerformance=true 
> -Dtest.relaxTiming=true 
> -Deasymock.jar=/srv/gump/public/workspace/easymock/core/target/easymock-3.7-SNAPSHOT.jar
>  -Dhamcrest.jar=/srv/gump/packages/hamcrest/hamcrest-core-1.3.jar 
> -Dcglib.jar=/srv/gump/packages/cglib/cglib-nodep-2.2.jar test 
> [Working Directory: /srv/gump/public/workspace/tomcat-trunk]
> CLASSPATH: 
> /usr/lib/jvm/java-8-oracle/lib/tools.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/webapps/examples/WEB-INF/classes:/srv/gump/public/workspace/tomcat-trunk/output/testclasses:/srv/gump/public/workspace/ant/dist/lib/ant.jar:/srv/gump/public/workspace/ant/dist/lib/ant-launcher.jar:/srv/gump/public/workspace/ant/dist/lib/ant-jmf.jar:/srv/gump/public/workspace/ant/dist/lib/ant-junit.jar:/srv/gump/public/workspace/ant/dist/lib/ant-junit4.jar:/srv/gump/public/workspace/ant/dist/lib/ant-swing.jar:/srv/gump/public/workspace/ant/dist/lib/ant-apache-resolver.jar:/srv/gump/public/workspace/ant/dist/lib/ant-apache-xalan2.jar:/srv/gump/public/workspace/xml-commons/java/build/resolver.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/bin/bootstrap.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/bin/tomcat-juli.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/annotations-api.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/servlet-api.ja
>  
> r:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/jsp-api.jar:/srv/gump/public/worksp