[Bug 56780] IBM Java: server.startup gives error java.lang.IllegalArgumentException: Only TLS1.2 protocol can be enabl ed in SP800_131 strict mode
https://issues.apache.org/bugzilla/show_bug.cgi?id=56780 --- Comment #6 from Hariharan, R cloakcaval...@gmail.com --- @Mark Thomas: I am able to see the bug fix in 7.0.56. @Karl Freburger: Can you mail a 64-bit IBM JRE for Windows to cloakcaval...@gmail.com? -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 53952] Add support for TLS 1.1 and 1.2
https://issues.apache.org/bugzilla/show_bug.cgi?id=53952 --- Comment #43 from Ralf Hauser hau...@acm.org --- I guess comment 30 ff. refers to https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566 ? -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r6809 - in /dev/tomcat/tomcat-connectors/native/1.1.32: ./ binaries/ source/
Author: markt Date: Tue Oct 21 08:57:53 2014 New Revision: 6809 Log: Upload Tomcat native 1.1.32 for voting Added: dev/tomcat/tomcat-connectors/native/1.1.32/ dev/tomcat/tomcat-connectors/native/1.1.32/binaries/ dev/tomcat/tomcat-connectors/native/1.1.32/binaries/tomcat-native-1.1.32-ocsp-win32-bin.zip (with props) dev/tomcat/tomcat-connectors/native/1.1.32/binaries/tomcat-native-1.1.32-ocsp-win32-bin.zip.asc dev/tomcat/tomcat-connectors/native/1.1.32/binaries/tomcat-native-1.1.32-oscp-win32-bin.zip.md5 dev/tomcat/tomcat-connectors/native/1.1.32/binaries/tomcat-native-1.1.32-oscp-win32-bin.zip.sha1 dev/tomcat/tomcat-connectors/native/1.1.32/binaries/tomcat-native-1.1.32-win32-bin.zip (with props) dev/tomcat/tomcat-connectors/native/1.1.32/binaries/tomcat-native-1.1.32-win32-bin.zip.asc dev/tomcat/tomcat-connectors/native/1.1.32/binaries/tomcat-native-1.1.32-win32-bin.zip.md5 dev/tomcat/tomcat-connectors/native/1.1.32/binaries/tomcat-native-1.1.32-win32-bin.zip.sha1 dev/tomcat/tomcat-connectors/native/1.1.32/source/ dev/tomcat/tomcat-connectors/native/1.1.32/source/tomcat-native-1.1.32-src.tar.gz (with props) dev/tomcat/tomcat-connectors/native/1.1.32/source/tomcat-native-1.1.32-src.tar.gz.asc dev/tomcat/tomcat-connectors/native/1.1.32/source/tomcat-native-1.1.32-src.tar.gz.md5 dev/tomcat/tomcat-connectors/native/1.1.32/source/tomcat-native-1.1.32-src.tar.gz.sha1 dev/tomcat/tomcat-connectors/native/1.1.32/source/tomcat-native-1.1.32-win32-src.zip (with props) dev/tomcat/tomcat-connectors/native/1.1.32/source/tomcat-native-1.1.32-win32-src.zip.asc dev/tomcat/tomcat-connectors/native/1.1.32/source/tomcat-native-1.1.32-win32-src.zip.md5 dev/tomcat/tomcat-connectors/native/1.1.32/source/tomcat-native-1.1.32-win32-src.zip.sha1 Added: dev/tomcat/tomcat-connectors/native/1.1.32/binaries/tomcat-native-1.1.32-ocsp-win32-bin.zip == Binary file - no diff available. Propchange: dev/tomcat/tomcat-connectors/native/1.1.32/binaries/tomcat-native-1.1.32-ocsp-win32-bin.zip -- svn:mime-type = application/octet-stream Added: dev/tomcat/tomcat-connectors/native/1.1.32/binaries/tomcat-native-1.1.32-ocsp-win32-bin.zip.asc == --- dev/tomcat/tomcat-connectors/native/1.1.32/binaries/tomcat-native-1.1.32-ocsp-win32-bin.zip.asc (added) +++ dev/tomcat/tomcat-connectors/native/1.1.32/binaries/tomcat-native-1.1.32-ocsp-win32-bin.zip.asc Tue Oct 21 08:57:53 2014 @@ -0,0 +1,17 @@ +-BEGIN PGP SIGNATURE- +Version: GnuPG v1.4.9 (MingW32) + +iQIcBAABAgAGBQJURhrBAAoJEBDAHFovYFnn684P+wdp8tGePyaNFDKGsSUH93Cc +ww4NTaWLmJs6BZzfwBW46x09BhnEyE4YUWj4SrX6ll7D3KRzTlKNzTPF978LuBXC +BbJX8jt2XYAmcgcQ6pDNik4hlYFiIwRQGvVwDIdrm1PyZMoCt/fL1i8rDLqLIRov +0yHDttR87JlI9smOgBEa1VlX1GaS9qSij/q2Kw3pgnWMvylaPVj3b+1i9lkOzIgS +A4X7JGHpP1i1fgQZ5OT2HO+k/K0ItxcBKdVOcx+JaWafZfPyyyxTyNTu01AL95By +Z/HsvRZ8EwUVJRYH9D3E9BRE7lskwBbuFQ/9e5Bt8XT16BFx+62fGurgoTngZvzJ +p/0XqEHhv7r1d6L02Q5nhHFyE/t8s94sDRk/3/NNrTeW+ERnqml5pMjcuOphfw0t +fKpafSyNiPcnh590y8+fNVXjmCua/XoRCrBvv2EYemBY4xrULtLRGCLXTc3ZHuLq +NTVC60unuR94I8mBH8cc9NFSps/Lx9sskfNJhEg6GUKClIOFCBUm7h1GLas2Jb8f +vqaWpnQPPXiDKucwq20A4UkWgvKAAqb96iMUwsY9JawFfPcX0Z8hfdqR4EeqXzWb +Wo6KcBADBr0rpt2C8V1gwysMue6PAvNM6fGL3hE6R+5fuG9b2cyzsz4GqcSt89S3 +rjZJwdpoGqKhx5EzILWd +=O/m2 +-END PGP SIGNATURE- Added: dev/tomcat/tomcat-connectors/native/1.1.32/binaries/tomcat-native-1.1.32-oscp-win32-bin.zip.md5 == --- dev/tomcat/tomcat-connectors/native/1.1.32/binaries/tomcat-native-1.1.32-oscp-win32-bin.zip.md5 (added) +++ dev/tomcat/tomcat-connectors/native/1.1.32/binaries/tomcat-native-1.1.32-oscp-win32-bin.zip.md5 Tue Oct 21 08:57:53 2014 @@ -0,0 +1 @@ +0b0e1e4c77b9b7051fc2c751b70d2880 *tomcat-native-1.1.32-oscp-win32-bin.zip \ No newline at end of file Added: dev/tomcat/tomcat-connectors/native/1.1.32/binaries/tomcat-native-1.1.32-oscp-win32-bin.zip.sha1 == --- dev/tomcat/tomcat-connectors/native/1.1.32/binaries/tomcat-native-1.1.32-oscp-win32-bin.zip.sha1 (added) +++ dev/tomcat/tomcat-connectors/native/1.1.32/binaries/tomcat-native-1.1.32-oscp-win32-bin.zip.sha1 Tue Oct 21 08:57:53 2014 @@ -0,0 +1 @@ +b47f96dd3153d002a529e881b6b8f524cd6e321c *tomcat-native-1.1.32-oscp-win32-bin.zip \ No newline at end of file Added: dev/tomcat/tomcat-connectors/native/1.1.32/binaries/tomcat-native-1.1.32-win32-bin.zip == Binary file - no diff available. Propchange: dev/tomcat/tomcat-connectors/native/1.1.32/binaries/tomcat-native-1.1.32-win32-bin.zip
[VOTE] Release Apache Tomcat Native 1.1.32
Version 1.1.32 includes the following changes: - Add support for TLS v1.1 and TLS v1.2 - Windows binaries built with APR 1.5.1 and OpenSSL 1.0.1j The proposed release artefacts can be found at [1], and the build was done using tag [2]. Since this release is primarily to address security issues, I may end the vote earlier than 72 hours to speed up the process of getting Tomcat releases out that address CVE-2014-3566. The Apache Tomcat Native 1.1.31 is [ ] Stable, go ahead and release [ ] Broken because of ... [1] https://dist.apache.org/repos/dist/dev/tomcat/tomcat-connectors/native/1.1.32/ [2] https://svn.apache.org/repos/asf/tomcat/native/tags/TOMCAT_NATIVE_1_1_32 - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: [VOTE] Release Apache Tomcat Native 1.1.32
On 21/10/2014 10:05, Mark Thomas wrote: Version 1.1.32 includes the following changes: - Add support for TLS v1.1 and TLS v1.2 - Windows binaries built with APR 1.5.1 and OpenSSL 1.0.1j The proposed release artefacts can be found at [1], and the build was done using tag [2]. Since this release is primarily to address security issues, I may end the vote earlier than 72 hours to speed up the process of getting Tomcat releases out that address CVE-2014-3566. The Apache Tomcat Native 1.1.31 is [X] Stable, go ahead and release [ ] Broken because of ... Tested on OSX and 64-bit Windows. Configured an APR/native HTTPS connector - confirmed the OpenSSL and APR versions - used the OpenSSl client to confirm TLS 1.1 and 1.2 were supported Mark - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1633342 - in /tomcat/trunk: java/org/apache/tomcat/websocket/WsRemoteEndpointImplBase.java test/org/apache/tomcat/websocket/pojo/TestEncodingDecoding.java webapps/docs/changelog.xml
Author: markt Date: Tue Oct 21 11:16:17 2014 New Revision: 1633342 URL: http://svn.apache.org/r1633342 Log: Ensure that that an EncodeException is thrown by RemoteEndpoint.Basic.sendObject(Object) rather than an IOException when no suitable Encoder is configured for the given Object. Modified: tomcat/trunk/java/org/apache/tomcat/websocket/WsRemoteEndpointImplBase.java tomcat/trunk/test/org/apache/tomcat/websocket/pojo/TestEncodingDecoding.java tomcat/trunk/webapps/docs/changelog.xml Modified: tomcat/trunk/java/org/apache/tomcat/websocket/WsRemoteEndpointImplBase.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/websocket/WsRemoteEndpointImplBase.java?rev=1633342r1=1633341r2=1633342view=diff == --- tomcat/trunk/java/org/apache/tomcat/websocket/WsRemoteEndpointImplBase.java (original) +++ tomcat/trunk/java/org/apache/tomcat/websocket/WsRemoteEndpointImplBase.java Tue Oct 21 11:16:17 2014 @@ -509,12 +509,21 @@ public abstract class WsRemoteEndpointIm } -public void sendObject(Object obj) throws IOException { +public void sendObject(Object obj) throws IOException, EncodeException { FutureVoid f = sendObjectByFuture(obj); try { f.get(); -} catch (InterruptedException | ExecutionException e) { +} catch (InterruptedException e) { throw new IOException(e); +} catch (ExecutionException e) { +Throwable cause = e.getCause(); +if (cause instanceof IOException) { +throw (IOException) cause; +} else if (cause instanceof EncodeException) { +throw (EncodeException) cause; +} else { +throw new IOException(e); +} } } Modified: tomcat/trunk/test/org/apache/tomcat/websocket/pojo/TestEncodingDecoding.java URL: http://svn.apache.org/viewvc/tomcat/trunk/test/org/apache/tomcat/websocket/pojo/TestEncodingDecoding.java?rev=1633342r1=1633341r2=1633342view=diff == --- tomcat/trunk/test/org/apache/tomcat/websocket/pojo/TestEncodingDecoding.java (original) +++ tomcat/trunk/test/org/apache/tomcat/websocket/pojo/TestEncodingDecoding.java Tue Oct 21 11:16:17 2014 @@ -598,4 +598,36 @@ public class TestEncodingDecoding extend } } } + + +@Test +public void testUnsupportedObject() throws Exception{ +Tomcat tomcat = getTomcatInstance(); +// Must have a real docBase - just use temp +Context ctx = tomcat.addContext(, System.getProperty(java.io.tmpdir)); + ctx.addApplicationListener(ProgramaticServerEndpointConfig.class.getName()); +Tomcat.addServlet(ctx, default, new DefaultServlet()); +ctx.addServletMapping(/, default); + +WebSocketContainer wsContainer = ContainerProvider.getWebSocketContainer(); + +tomcat.start(); + +Client client = new Client(); +URI uri = new URI(ws://localhost: + getPort() + PATH_PROGRAMMATIC_EP); +Session session = wsContainer.connectToServer(client, uri); + +// This should fail +Object msg1 = new Object(); +try { +session.getBasicRemote().sendObject(msg1); +Assert.fail(No exception thrown ); +} catch (EncodeException e) { +// Expected +} catch (Throwable t) { +Assert.fail(Wrong exception type); +} finally { +session.close(); +} +} } Modified: tomcat/trunk/webapps/docs/changelog.xml URL: http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1633342r1=1633341r2=1633342view=diff == --- tomcat/trunk/webapps/docs/changelog.xml (original) +++ tomcat/trunk/webapps/docs/changelog.xml Tue Oct 21 11:16:17 2014 @@ -220,6 +220,12 @@ fix Add null checks for arguments in remote endpoint. (remm/kkolinko) /fix + fix +bug57118/bug: Ensure that that an codeEncodeException/code is +thrown by codeRemoteEndpoint.Basic.sendObject(Object)/code rather +than an codeIOException/code when no suitable codeEncoder/code +is configured for the given Object. (markt) + /fix /changelog /subsection subsection name=Web applications - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1633346 - /tomcat/trunk/webapps/docs/changelog.xml
Author: kkolinko Date: Tue Oct 21 11:35:35 2014 New Revision: 1633346 URL: http://svn.apache.org/r1633346 Log: Update changelog for BZ 47919 per r1630407 It logs not just key env vars, but all of them, and logs command line arguments. I am emphasizing CATALINA_OPTS, JAVA_OPTS, as that may be a security concern for somebody. Modified: tomcat/trunk/webapps/docs/changelog.xml Modified: tomcat/trunk/webapps/docs/changelog.xml URL: http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1633346r1=1633345r2=1633346view=diff == --- tomcat/trunk/webapps/docs/changelog.xml (original) +++ tomcat/trunk/webapps/docs/changelog.xml Tue Oct 21 11:35:35 2014 @@ -60,8 +60,10 @@ /add add bug47919/bug: Extend the information logged when Tomcat starts to -optionally include (disabled by default) the values of key environment -variables. (markt) +optionally log the values of command line arguments (enabled by +default) and environment variables (disabled by default). Note that +the values added to CATALINA_OPTS and JAVA_OPTS environment variables +will be logged, as they are used to build up the command line. (markt) /add add bug49939/bug: Expose the method that clears the static resource - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Early Access builds for JDK 9 b35 and JDK 8u40 b10 are available on java.net
Hi Mladen/Mark, Early Access build for JDK 9 b35 https://jdk9.java.net/download/ is available on java.net, summary of changes are listed here http://www.java.net/download/jdk9/changes/jdk9-b35.html Early Access build for JDK 8u40 b10 http://jdk8.java.net/download.html is available on java.net, summary of changes are listed here. http://www.java.net/download/jdk8u40/changes/jdk8u40-b10.html Rgds,Rory -- Rgds,Rory O'Donnell Quality Engineering Manager Oracle EMEA , Dublin, Ireland
[Bug 57122] New: class loading during remote deployment not working (NoClassDefFoundError)
https://issues.apache.org/bugzilla/show_bug.cgi?id=57122 Bug ID: 57122 Summary: class loading during remote deployment not working (NoClassDefFoundError) Product: Tomcat 7 Version: 7.0.53 Hardware: PC OS: Linux Status: NEW Severity: normal Priority: P2 Component: Catalina Assignee: dev@tomcat.apache.org Reporter: michael.baul...@knipp.de I have a Tomcat running a web application, which I then want to update remotely. During this deployment a ServletContextListener instance (called InitListener and configured in the web.xml) executes the contextDestroyed method. In this method some java classes cannot be loaded. In the tomcat's error log I see errors like: SEVERE: Exception sending context destroyed event to listener instance of class x.y.z.InitListener java.lang.NoClassDefFoundError: org/jboss/netty/util/internal/ConcurrentHashMap$Values However, if I access the same class (in this example the ConcurrentHashMap$Values) at some previous point before the shutdown starts, everything works fine. It seems that Tomcat is not able to (newly) load the necessary classes when doing the shutdown part of the remote deployment. To my knowledge at this point arbitrary java code should still be executable. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 57122] class loading during remote deployment not working (NoClassDefFoundError)
https://issues.apache.org/bugzilla/show_bug.cgi?id=57122 --- Comment #1 from Konstantin Kolinko knst.koli...@gmail.com --- (In reply to michael.bauland from comment #0) SEVERE: Exception sending context destroyed event to listener instance of class x.y.z.InitListener java.lang.NoClassDefFoundError: org/jboss/netty/util/internal/ConcurrentHashMap$Values 1. The full stack trace of the above error = ? (Was Exception sending context destroyed event produced by Tomcat? Was there a root cause of the above exception? What class loader was trying to load the class? Any other preceding error in the logs?) 2. Are jboss classes in your web application's WEB-INF/lib and absent from Tomcat's lib directory? 3. Can you provide simple sample web application to reproduce this behaviour? -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 57122] class loading during remote deployment not working (NoClassDefFoundError)
https://issues.apache.org/bugzilla/show_bug.cgi?id=57122 --- Comment #2 from michael.baul...@knipp.de --- Created attachment 32132 -- https://issues.apache.org/bugzilla/attachment.cgi?id=32132action=edit error log -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 57122] class loading during remote deployment not working (NoClassDefFoundError)
https://issues.apache.org/bugzilla/show_bug.cgi?id=57122 --- Comment #3 from michael.baul...@knipp.de --- Thanks for the quick response. 1. I have attached the full stack trace. There have been no preceding errors in the log, as you can see. 2. No, we do not use jBoss (just richfaces) and have no jBoss classes present. 3. Sorry, the classes that cannot be loaded seem to be arbitrary, one self-written utility class and one from the netty framework (org/jboss/netty/util/internal/ConcurrentHashMap$Values), but I can't reproduce with a simple sample. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1633359 - in /tomcat/tc7.0.x/trunk: ./ java/org/apache/tomcat/websocket/WsRemoteEndpointImplBase.java test/org/apache/tomcat/websocket/pojo/TestEncodingDecoding.java webapps/docs/changelo
Author: markt Date: Tue Oct 21 12:36:06 2014 New Revision: 1633359 URL: http://svn.apache.org/r1633359 Log: Ensure that that an EncodeException is thrown by RemoteEndpoint.Basic.sendObject(Object) rather than an IOException when no suitable Encoder is configured for the given Object. Modified: tomcat/tc7.0.x/trunk/ (props changed) tomcat/tc7.0.x/trunk/java/org/apache/tomcat/websocket/WsRemoteEndpointImplBase.java tomcat/tc7.0.x/trunk/test/org/apache/tomcat/websocket/pojo/TestEncodingDecoding.java tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml Propchange: tomcat/tc7.0.x/trunk/ -- Merged /tomcat/trunk:r1633342 Modified: tomcat/tc7.0.x/trunk/java/org/apache/tomcat/websocket/WsRemoteEndpointImplBase.java URL: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/tomcat/websocket/WsRemoteEndpointImplBase.java?rev=1633359r1=1633358r2=1633359view=diff == --- tomcat/tc7.0.x/trunk/java/org/apache/tomcat/websocket/WsRemoteEndpointImplBase.java (original) +++ tomcat/tc7.0.x/trunk/java/org/apache/tomcat/websocket/WsRemoteEndpointImplBase.java Tue Oct 21 12:36:06 2014 @@ -512,14 +512,21 @@ public abstract class WsRemoteEndpointIm } -public void sendObject(Object obj) throws IOException { +public void sendObject(Object obj) throws IOException, EncodeException { FutureVoid f = sendObjectByFuture(obj); try { f.get(); } catch (InterruptedException e) { throw new IOException(e); } catch (ExecutionException e) { -throw new IOException(e); +Throwable cause = e.getCause(); +if (cause instanceof IOException) { +throw (IOException) cause; +} else if (cause instanceof EncodeException) { +throw (EncodeException) cause; +} else { +throw new IOException(e); +} } } Modified: tomcat/tc7.0.x/trunk/test/org/apache/tomcat/websocket/pojo/TestEncodingDecoding.java URL: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/test/org/apache/tomcat/websocket/pojo/TestEncodingDecoding.java?rev=1633359r1=1633358r2=1633359view=diff == --- tomcat/tc7.0.x/trunk/test/org/apache/tomcat/websocket/pojo/TestEncodingDecoding.java (original) +++ tomcat/tc7.0.x/trunk/test/org/apache/tomcat/websocket/pojo/TestEncodingDecoding.java Tue Oct 21 12:36:06 2014 @@ -603,4 +603,36 @@ public class TestEncodingDecoding extend } } } + + +@Test +public void testUnsupportedObject() throws Exception{ +Tomcat tomcat = getTomcatInstance(); +// Must have a real docBase - just use temp +Context ctx = tomcat.addContext(, System.getProperty(java.io.tmpdir)); + ctx.addApplicationListener(ProgramaticServerEndpointConfig.class.getName()); +Tomcat.addServlet(ctx, default, new DefaultServlet()); +ctx.addServletMapping(/, default); + +WebSocketContainer wsContainer = ContainerProvider.getWebSocketContainer(); + +tomcat.start(); + +Client client = new Client(); +URI uri = new URI(ws://localhost: + getPort() + PATH_PROGRAMMATIC_EP); +Session session = wsContainer.connectToServer(client, uri); + +// This should fail +Object msg1 = new Object(); +try { +session.getBasicRemote().sendObject(msg1); +Assert.fail(No exception thrown ); +} catch (EncodeException e) { +// Expected +} catch (Throwable t) { +Assert.fail(Wrong exception type); +} finally { +session.close(); +} +} } Modified: tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml URL: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml?rev=1633359r1=1633358r2=1633359view=diff == --- tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml (original) +++ tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml Tue Oct 21 12:36:06 2014 @@ -138,6 +138,12 @@ fix Add null checks for arguments in remote endpoint. (remm/kkolinko) /fix + fix +bug57118/bug: Ensure that that an codeEncodeException/code is +thrown by codeRemoteEndpoint.Basic.sendObject(Object)/code rather +than an codeIOException/code when no suitable codeEncoder/code +is configured for the given Object. (markt) + /fix /changelog /subsection subsection name=Web applications - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 57118] Throw EncodeException from RemoteEndpoint.Basic.sendObject()
https://issues.apache.org/bugzilla/show_bug.cgi?id=57118 Mark Thomas ma...@apache.org changed: What|Removed |Added Status|NEW |RESOLVED Resolution|--- |FIXED OS||All --- Comment #1 from Mark Thomas ma...@apache.org --- This has been fixed in 8.0.x for 8.0.15 onwards and in 7.0.x for 7.0.57 onwards. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 57122] class loading during remote deployment not working (NoClassDefFoundError)
https://issues.apache.org/bugzilla/show_bug.cgi?id=57122 --- Comment #4 from Mark Thomas ma...@apache.org --- (In reply to michael.bauland from comment #3) Thanks for the quick response. 1. I have attached the full stack trace. There have been no preceding errors in the log, as you can see. 2. No, we do not use jBoss (just richfaces) and have no jBoss classes present. 3. Sorry, the classes that cannot be loaded seem to be arbitrary, one self-written utility class and one from the netty framework (org/jboss/netty/util/internal/ConcurrentHashMap$Values), but I can't reproduce with a simple sample. Again, where are the classes that can't be loaded located? -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 57122] class loading during remote deployment not working (NoClassDefFoundError)
https://issues.apache.org/bugzilla/show_bug.cgi?id=57122 Konstantin Kolinko knst.koli...@gmail.com changed: What|Removed |Added Status|NEW |RESOLVED Resolution|--- |DUPLICATE --- Comment #5 from Konstantin Kolinko knst.koli...@gmail.com --- See bug 56321. Update to 7.0.54 or later. *** This bug has been marked as a duplicate of bug 56321 *** -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 56321] ServletContextListener.contextDestroyed not completely executed when updating war
https://issues.apache.org/bugzilla/show_bug.cgi?id=56321 Konstantin Kolinko knst.koli...@gmail.com changed: What|Removed |Added CC||michael.baul...@knipp.de --- Comment #8 from Konstantin Kolinko knst.koli...@gmail.com --- *** Bug 57122 has been marked as a duplicate of this bug. *** -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 57122] class loading during remote deployment not working (NoClassDefFoundError)
https://issues.apache.org/bugzilla/show_bug.cgi?id=57122 --- Comment #6 from Mark Thomas ma...@apache.org --- Looks like the classes are located in the web application. I was just about to mark this as a duplicate as well but Konstantin beat me to it. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: [VOTE] Release Apache Tomcat Native 1.1.32
2014-10-21 13:05 GMT+04:00 Mark Thomas ma...@apache.org: Version 1.1.32 includes the following changes: - Add support for TLS v1.1 and TLS v1.2 - Windows binaries built with APR 1.5.1 and OpenSSL 1.0.1j The proposed release artefacts can be found at [1], and the build was done using tag [2]. Since this release is primarily to address security issues, I may end the vote earlier than 72 hours to speed up the process of getting Tomcat releases out that address CVE-2014-3566. The Apache Tomcat Native 1.1.31 is [x] Stable, go ahead and release [ ] Broken because of ... Tested 32-bit OCSP and non-OCSP binaries with 32-bit JDK 7 on Windows 7 using APR connector tests in Tomcat 8 testsuite. All tests passed successfully. Best regards, Konstantin Kolinko - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1633365 - in /tomcat/tc7.0.x/trunk: ./ webapps/docs/changelog.xml
Author: kkolinko Date: Tue Oct 21 12:59:35 2014 New Revision: 1633365 URL: http://svn.apache.org/r1633365 Log: Update changelog for BZ 47919 per r1630407 It logs not just key env vars, but all of them, and logs command line arguments. I am emphasizing CATALINA_OPTS, JAVA_OPTS, as that may be a security concern for somebody. (It is not a real security concern, as those are expected to be visible in ps command output as well) Modified: tomcat/tc7.0.x/trunk/ (props changed) tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml Propchange: tomcat/tc7.0.x/trunk/ -- Merged /tomcat/trunk:r1633346 Modified: tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml URL: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml?rev=1633365r1=1633364r2=1633365view=diff == --- tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml (original) +++ tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml Tue Oct 21 12:59:35 2014 @@ -60,8 +60,10 @@ changelog add bug47919/bug: Extend the information logged when Tomcat starts to -optionally include (disabled by default) the values of key environment -variables. (markt) +optionally log the values of command line arguments (enabled by +default) and environment variables (disabled by default). Note that +the values added to CATALINA_OPTS and JAVA_OPTS environment variables +will be logged, as they are used to build up the command line. (markt) /add add bug56401/bug: Log version information when Tomcat starts. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1633369 - in /tomcat/trunk/java/org/apache/tomcat/util/net/jsse: JSSESocketFactory.java res/LocalStrings.properties
Author: markt Date: Tue Oct 21 13:07:55 2014 New Revision: 1633369 URL: http://svn.apache.org/r1633369 Log: Add some debug logging for excluded protocols Modified: tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java tomcat/trunk/java/org/apache/tomcat/util/net/jsse/res/LocalStrings.properties Modified: tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java?rev=1633369r1=1633368r2=1633369view=diff == --- tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java (original) +++ tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java Tue Oct 21 13:07:55 2014 @@ -134,6 +134,7 @@ public class JSSESocketFactory implement ListString filteredProtocols = new ArrayList(); for (String protocol : socket.getEnabledProtocols()) { if (protocol.contains(SSL)) { +log.debug(sm.getString(jsse.excludeDefaultProtocol, protocol)); continue; } filteredProtocols.add(protocol); Modified: tomcat/trunk/java/org/apache/tomcat/util/net/jsse/res/LocalStrings.properties URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/net/jsse/res/LocalStrings.properties?rev=1633369r1=1633368r2=1633369view=diff == --- tomcat/trunk/java/org/apache/tomcat/util/net/jsse/res/LocalStrings.properties (original) +++ tomcat/trunk/java/org/apache/tomcat/util/net/jsse/res/LocalStrings.properties Tue Oct 21 13:07:55 2014 @@ -24,6 +24,7 @@ jsse.unsupported_ciphers=Some specified jsse.requested_protocols_not_supported=None of the SSL protocols specified are supported by the SSL engine : {0} jsse.enableable_protocols=Specified SSL protocols that are supported and enableable are : {0} jsse.unsupported_protocols=Some specified SSL protocols are not supported by the SSL engine : {0} +jsse.excludeDefaultProtocol=The SSL protocol [{0}] which is enabled by default in this JRE was excluded from the defaults used by Tomcat jsseSupport.clientCertError=Error trying to obtain a certificate from the client jseeSupport.certTranslationError=Error translating certificate [{0}] jsseSupport.noCertWant=No client certificate sent for want - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1633370 - in /tomcat/tc7.0.x/trunk: ./ java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java java/org/apache/tomcat/util/net/jsse/res/LocalStrings.properties
Author: markt Date: Tue Oct 21 13:08:28 2014 New Revision: 1633370 URL: http://svn.apache.org/r1633370 Log: Add some debug logging for excluded protocols Modified: tomcat/tc7.0.x/trunk/ (props changed) tomcat/tc7.0.x/trunk/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java tomcat/tc7.0.x/trunk/java/org/apache/tomcat/util/net/jsse/res/LocalStrings.properties Propchange: tomcat/tc7.0.x/trunk/ -- Merged /tomcat/trunk:r1633369 Modified: tomcat/tc7.0.x/trunk/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java URL: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java?rev=1633370r1=1633369r2=1633370view=diff == --- tomcat/tc7.0.x/trunk/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java (original) +++ tomcat/tc7.0.x/trunk/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java Tue Oct 21 13:08:28 2014 @@ -134,6 +134,7 @@ public class JSSESocketFactory implement ListString filteredProtocols = new ArrayListString(); for (String protocol : socket.getEnabledProtocols()) { if (protocol.contains(SSL)) { +log.debug(sm.getString(jsse.excludeDefaultProtocol, protocol)); continue; } filteredProtocols.add(protocol); Modified: tomcat/tc7.0.x/trunk/java/org/apache/tomcat/util/net/jsse/res/LocalStrings.properties URL: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/tomcat/util/net/jsse/res/LocalStrings.properties?rev=1633370r1=1633369r2=1633370view=diff == --- tomcat/tc7.0.x/trunk/java/org/apache/tomcat/util/net/jsse/res/LocalStrings.properties (original) +++ tomcat/tc7.0.x/trunk/java/org/apache/tomcat/util/net/jsse/res/LocalStrings.properties Tue Oct 21 13:08:28 2014 @@ -24,6 +24,7 @@ jsse.unsupported_ciphers=Some specified jsse.requested_protocols_not_supported=None of the SSL protocols specified are supported by the SSL engine : {0} jsse.enableable_protocols=Specified SSL protocols that are supported and enableable are : {0} jsse.unsupported_protocols=Some specified SSL protocols are not supported by the SSL engine : {0} +jsse.excludeDefaultProtocol=The SSL protocol [{0}] which is enabled by default in this JRE was excluded from the defaults used by Tomcat jsseSupport.clientCertError=Error trying to obtain a certificate from the client jseeSupport.certTranslationError=Error translating certificate [{0}] jsseSupport.noCertWant=No client certificate sent for want - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 57122] class loading during remote deployment not working (NoClassDefFoundError)
https://issues.apache.org/bugzilla/show_bug.cgi?id=57122 --- Comment #7 from michael.baul...@knipp.de --- Yes, sorry, didn't see you question about the location of the classes. They are located in the WEB-INF/lib folder. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1633386 - /tomcat/tc6.0.x/trunk/STATUS.txt
Author: markt Date: Tue Oct 21 14:20:49 2014 New Revision: 1633386 URL: http://svn.apache.org/r1633386 Log: Update proposal Modified: tomcat/tc6.0.x/trunk/STATUS.txt Modified: tomcat/tc6.0.x/trunk/STATUS.txt URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/STATUS.txt?rev=1633386r1=1633385r2=1633386view=diff == --- tomcat/tc6.0.x/trunk/STATUS.txt (original) +++ tomcat/tc6.0.x/trunk/STATUS.txt Tue Oct 21 14:20:49 2014 @@ -58,7 +58,7 @@ PATCHES PROPOSED TO BACKPORT: -1: * Mitigate POODLE by disabling SSLv3 by default for JSSE - http://people.apache.org/~markt/patches/2014-10-17-poodle-tc6-v1.patch + http://people.apache.org/~markt/patches/2014-10-21-poodle-tc6-v2.patch +1: markt -1: -0: kkolinko: I think that JSSESocketFactory.getEnabledProtocols() shall @@ -70,12 +70,13 @@ PATCHES PROPOSED TO BACKPORT: I wish there were some debug logging to see what protocols are being filtered out by if (protocol.contains(SSL)). + markt: Addressed in v2 patch -0: schultz; I agree with Konstantin's critique. Small adjustments to the proposal are in order. Additionally, the code for filtering protocols should probably be factored-out into a separte method to ensure the filtering stays consistent between the two methods that currently do it. - + markt: Addressed in v2 patch * Mitigate POODLE by disabling SSLv3 by default for APR/native http://svn.apache.org/r1632586 @@ -97,7 +98,6 @@ PATCHES PROPOSED TO BACKPORT: Add support for TLSv1.1 and TLSv1.2 to APR connector. Back-port r1632606 from Tomcat 7. http://people.apache.org/~schultz/patches/53952.tc6.patch - +1: schultz -1: - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 57116] Bio connector: Do not fallback to default protocol list if sslEnabledProtocols has no matches
https://issues.apache.org/bugzilla/show_bug.cgi?id=57116 --- Comment #2 from Mark Thomas ma...@apache.org --- Updated patch proposed for 6.0.x to address this. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: [VOTE] Release Apache Tomcat Native 1.1.32
All, On 10/21/14 5:05 AM, Mark Thomas wrote: Version 1.1.32 includes the following changes: - Add support for TLS v1.1 and TLS v1.2 - Windows binaries built with APR 1.5.1 and OpenSSL 1.0.1j The proposed release artifacts can be found at [1], and the build was done using tag [2]. Since this release is primarily to address security issues, I may end the vote earlier than 72 hours to speed up the process of getting Tomcat releases out that address CVE-2014-3566. The Apache Tomcat Native 1.1.31 is [ ] Stable, go ahead and release [ ] Broken because of ... Note that in order to test TLSv1.1 and TLSv1.2 with tcnative, you'll have to be running Tomcat from subversion. No release version will allow you to specify TLSv1.2 for instance in SSLProtocol. Using SSLProtocol=all will still enable SSLv3, and using TLSv1 also enables SSLv3, so you can't properly test protocol support unless you pull Tomcat from subversion. -chris signature.asc Description: OpenPGP digital signature
Re: [VOTE] Release Apache Tomcat Native 1.1.32
All, On 10/21/14 5:05 AM, Mark Thomas wrote: Version 1.1.32 includes the following changes: - Add support for TLS v1.1 and TLS v1.2 - Windows binaries built with APR 1.5.1 and OpenSSL 1.0.1j The proposed release artefacts can be found at [1], and the build was done using tag [2]. Since this release is primarily to address security issues, I may end the vote earlier than 72 hours to speed up the process of getting Tomcat releases out that address CVE-2014-3566. The Apache Tomcat Native 1.1.31 is [X] Stable, go ahead and release [ ] Broken because of ... Tested combinations of SSLv3, TLSv1, TLSv1.1, TLSv1.2 with Tomcat 8-trunk and all configured and responded as expected. For instance, when using SSLProtocol=TLSv1+TLSv1.2, I can connect with these protocol and cipher combinations from Java 7: Supported Protocol Cipher Suite AcceptedTLSv1 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA AcceptedTLSv1 TLS_RSA_WITH_AES_128_CBC_SHA AcceptedTLSv1 TLS_DHE_RSA_WITH_AES_128_CBC_SHA AcceptedTLSv1 TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA AcceptedTLSv1 SSL_RSA_WITH_3DES_EDE_CBC_SHA AcceptedTLSv1 SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA Accepted TLSv1.1 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA Accepted TLSv1.1 TLS_RSA_WITH_AES_128_CBC_SHA Accepted TLSv1.1 TLS_DHE_RSA_WITH_AES_128_CBC_SHA Accepted TLSv1.1 TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA Accepted TLSv1.1 SSL_RSA_WITH_3DES_EDE_CBC_SHA Accepted TLSv1.1 SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA Accepted TLSv1.2 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 Accepted TLSv1.2 TLS_RSA_WITH_AES_128_CBC_SHA256 Accepted TLSv1.2 TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 Accepted TLSv1.2 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA Accepted TLSv1.2 TLS_RSA_WITH_AES_128_CBC_SHA Accepted TLSv1.2 TLS_DHE_RSA_WITH_AES_128_CBC_SHA Accepted TLSv1.2 TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA Accepted TLSv1.2 SSL_RSA_WITH_3DES_EDE_CBC_SHA Accepted TLSv1.2 SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA No other protocol (SSLv2, SSLv3, TLSv1.1) were accepted and no other cipher suites were accepted for either TLSv1 or TLSv1.2. (I'm surprised there's not more overlap in the number of cipher suites that Java 7 and OpenSSL support given those two protocols.) Lightly tested AjpAprProtocol and HttpAprProtocol for regressions... all seems well. -chris signature.asc Description: OpenPGP digital signature
svn commit: r1633393 - /tomcat/tc6.0.x/trunk/STATUS.txt
Author: schultz Date: Tue Oct 21 15:12:27 2014 New Revision: 1633393 URL: http://svn.apache.org/r1633393 Log: Revise vote Modified: tomcat/tc6.0.x/trunk/STATUS.txt Modified: tomcat/tc6.0.x/trunk/STATUS.txt URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/STATUS.txt?rev=1633393r1=1633392r2=1633393view=diff == --- tomcat/tc6.0.x/trunk/STATUS.txt (original) +++ tomcat/tc6.0.x/trunk/STATUS.txt Tue Oct 21 15:12:27 2014 @@ -59,7 +59,7 @@ PATCHES PROPOSED TO BACKPORT: * Mitigate POODLE by disabling SSLv3 by default for JSSE http://people.apache.org/~markt/patches/2014-10-21-poodle-tc6-v2.patch - +1: markt + +1: markt, schultz -1: -0: kkolinko: I think that JSSESocketFactory.getEnabledProtocols() shall not return DEFAULT_SERVER_PROTOCOLS list in case if there are no @@ -71,12 +71,12 @@ PATCHES PROPOSED TO BACKPORT: I wish there were some debug logging to see what protocols are being filtered out by if (protocol.contains(SSL)). markt: Addressed in v2 patch - -0: schultz; I agree with Konstantin's critique. Small adjustments to the -proposal are in order. Additionally, the code for filtering protocols -should probably be factored-out into a separte method to ensure -the filtering stays consistent between the two methods that currently -do it. - markt: Addressed in v2 patch + + schultz: it's not clear from the code what will happen if + DEFAULT_SERVER_PROTOCOLS remains null. Would it be more clear + to use an empty string array instead of null? I seem to recall + slightly different null behavior in Oracle/OpenJDK versus + IBM JVMs. * Mitigate POODLE by disabling SSLv3 by default for APR/native http://svn.apache.org/r1632586 - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[GUMP@vmgump]: Project tomcat-trunk-test-apr (in module tomcat-trunk) failed
To whom it may engage... This is an automated request, but not an unsolicited one. For more information please visit http://gump.apache.org/nagged.html, and/or contact the folk at gene...@gump.apache.org. Project tomcat-trunk-test-apr has an issue affecting its community integration. This issue affects 1 projects. The current state of this project is 'Failed', with reason 'Build Failed'. For reference only, the following projects are affected by this: - tomcat-trunk-test-apr : Tomcat 8.x, a web server implementing the Java Servlet 3.1, ... Full details are available at: http://vmgump.apache.org/gump/public/tomcat-trunk/tomcat-trunk-test-apr/index.html That said, some information snippets are provided here. The following annotations (debug/informational/warning/error messages) were provided: -DEBUG- Dependency on commons-daemon exists, no need to add for property commons-daemon.native.src.tgz. -DEBUG- Dependency on commons-daemon exists, no need to add for property tomcat-native.tar.gz. -INFO- Failed with reason build failed -INFO- Project Reports in: /srv/gump/public/workspace/tomcat-trunk/output/logs-APR -INFO- Project Reports in: /srv/gump/public/workspace/tomcat-trunk/output/test-tmp-APR/logs The following work was performed: http://vmgump.apache.org/gump/public/tomcat-trunk/tomcat-trunk-test-apr/gump_work/build_tomcat-trunk_tomcat-trunk-test-apr.html Work Name: build_tomcat-trunk_tomcat-trunk-test-apr (Type: Build) Work ended in a state of : Failed Elapsed: 26 mins 3 secs Command Line: /usr/lib/jvm/java-7-oracle/bin/java -Djava.awt.headless=true -Dbuild.sysclasspath=only org.apache.tools.ant.Main -Dgump.merge=/srv/gump/public/gump/work/merge.xml -Djunit.jar=/srv/gump/public/workspace/junit/target/junit-4.12-SNAPSHOT.jar -Dobjenesis.jar=/srv/gump/public/workspace/objenesis/main/target/objenesis-2.2-SNAPSHOT.jar -Dtest.reports=output/logs-APR -Dtomcat-native.tar.gz=/srv/gump/public/workspace/apache-commons/daemon/dist/bin/commons-daemon-20141021-native-src.tar.gz -Dexamples.sources.skip=true -Djdt.jar=/srv/gump/packages/eclipse/plugins/P20140317-1600/ecj-P20140317-1600.jar -Dtest.apr.loc=/srv/gump/public/workspace/tomcat-native/dest-20141021/lib -Dcommons-daemon.jar=/srv/gump/public/workspace/apache-commons/daemon/dist/commons-daemon-20141021.jar -Dcommons-daemon.native.src.tgz=/srv/gump/public/workspace/apache-commons/daemon/dist/bin/commons-daemon-20141021-native-src.tar.gz -Dtest.temp=output/test-tmp-APR -Dtest.accesslog=true -Dexecute.test.nio=false -Dtest.openssl.path=/srv/gump/public/workspace/openssl/dest-20141021/bin/openssl -Dexecute.test.apr=true -Dexecute.test.bio=false -Dexecute.test.nio2=false -Deasymock.jar=/srv/gump/public/workspace/easymock/easymock/target/easymock-3.3-SNAPSHOT.jar -Dhamcrest.jar=/srv/gump/public/workspace/hamcrest/build/hamcrest-all-20141021.jar -Dcglib.jar=/srv/gump/packages/cglib/cglib-nodep-2.2.jar test [Working Directory: /srv/gump/public/workspace/tomcat-trunk] CLASSPATH: /usr/lib/jvm/java-7-oracle/lib/tools.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/webapps/examples/WEB-INF/classes:/srv/gump/public/workspace/tomcat-trunk/output/testclasses:/srv/gump/public/workspace/ant/dist/lib/ant.jar:/srv/gump/public/workspace/ant/dist/lib/ant-launcher.jar:/srv/gump/public/workspace/ant/dist/lib/ant-jmf.jar:/srv/gump/public/workspace/ant/dist/lib/ant-junit.jar:/srv/gump/public/workspace/ant/dist/lib/ant-junit4.jar:/srv/gump/public/workspace/ant/dist/lib/ant-swing.jar:/srv/gump/public/workspace/ant/dist/lib/ant-apache-resolver.jar:/srv/gump/public/workspace/ant/dist/lib/ant-apache-xalan2.jar:/srv/gump/public/workspace/xml-commons/java/build/resolver.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/bin/bootstrap.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/bin/tomcat-juli.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/annotations-api.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/servlet-api.ja r:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/jsp-api.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/el-api.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/websocket-api.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/catalina.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/catalina-ant.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/catalina-storeconfig.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/tomcat-coyote.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/jasper.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/jasper-el.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/catalina-tribes.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/catalina-ha.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/tomcat-api.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/tomcat-jni.jar:/srv/gump/public/workspace
[Bug 57123] New: Update to Eclipse ECJ 4.4.1
https://issues.apache.org/bugzilla/show_bug.cgi?id=57123 Bug ID: 57123 Summary: Update to Eclipse ECJ 4.4.1 Product: Tomcat 8 Version: 8.0.14 Hardware: PC Status: NEW Severity: enhancement Priority: P2 Component: Jasper Assignee: dev@tomcat.apache.org Reporter: knst.koli...@gmail.com Eclipse 4.4.1 has been released. It is possible to update ECJ compiler from current version 4.4 to 4.4.1. Download page: http://download.eclipse.org/eclipse/downloads/drops4/R-4.4.1-201409250400/ - JDT Core Batch Compiler (There have been a report about JSP compilation issue (crash) with the ECJ 4.4. Unfortunately, updating to ecj-4.4.1 nor to a nightly does not fix that particial issue. I filed a bug report upstream to Eclipse project: https://bugs.eclipse.org/bugs/show_bug.cgi?id=448112 Thread at tomcat-users mailing list: http://tomcat.markmail.org/thread/jblxumvub6o7nusr ) (A warning: Regarding Eclipse IDE itself I would recommend against using version 4.4.1 aka Luna SR1 as a development environment, because of known regression that broke many components of the IDE, https://bugs.eclipse.org/bugs/show_bug.cgi?id=445122#c7 This does not concern the ECJ compiler. ) -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 57123] Update to Eclipse ECJ 4.4.1
https://issues.apache.org/bugzilla/show_bug.cgi?id=57123 --- Comment #1 from Konstantin Kolinko knst.koli...@gmail.com --- Created attachment 32133 -- https://issues.apache.org/bugzilla/attachment.cgi?id=32133action=edit 2014-10-21_tc8_57123_ecj441.patch Patch to update Tomcat 8 (trunk) to ECJ 4.4.1 -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Testing server SSL/TLS protocol and cipher support
All, As part of my testing for the recent changes to Tomcat and tcnative, I wanted to use something like sslscan, but that tool does not support anything above TLSv1. One can use OpenSSL s_client but that's fairly tedious. I took the opportunity to write a Java client that mimics the important parts of sslscan's capabilities. I'm posting it in case anyone wants to use it (or improve it). It's also a good (I think) example of how to do a long of SSL-related stuff in Java. I had originally written this using HttpsURLConnection but there are some things you can't get from an HttpsURLConnection (like which protocol was actually used when a connection is made) so I switched to using more basic SSL sockets. If you want to use this code to build something that works with HttpsURLConnection, all you have to do is call SSLUtils.getSSLSocketFactory() and pass the result to HttpsURLConnection.setDefaultSSLSocketFactory(). Enjoy, -chris import java.io.IOException; import java.net.InetSocketAddress; import java.net.Socket; import java.net.SocketTimeoutException; import java.security.NoSuchAlgorithmException; import java.security.SecureRandom; import javax.net.ssl.SSLContext; import javax.net.ssl.SSLSocket; import javax.net.ssl.SSLSocketFactory; import javax.net.ssl.TrustManager; /** * A driver class to test a server's SSL/TLS support. * * Usage: java SSLTest [opts] host[:port] * * Try java SSLTest -h for help. * * This tester will attempts to handshake with the target host with all * available protocols and ciphers and report which ones were accepted and * which were rejected. An HTTP connection is never fully made, so these * connections should not flood the host's access log with entries. * * @author Christopher Schultz */ public class SSLTest { public static void usage() { System.out.println(Usage: java + SSLTest.class + [opts] host[:port]); System.out.println(); System.out.println(-sslprotocol Sets the SSL/TLS protocol to be used (e.g. SSL, TLS, SSLv3, TLSv1.2, etc.)); System.out.println(-enabledprotocols protocols Sets individual SSL/TLS ptotocols that should be enabled); System.out.println(-ciphers cipherspec A comma-separated list of SSL/TLS ciphers); System.out.println(-truststore Sets the trust store for connections); System.out.println(-truststoretype type Sets the type for the trust store); System.out.println(-truststorepassword pass Sets the password for the trust store); System.out.println(-truststorealgorithm alg Sets the algorithm for the trust store); System.out.println(-truststoreprovider provider Sets the crypto provider for the trust store); System.out.println(-no-check-certificateIgnores certificate errors); System.out.println(-no-verify-hostname Ignores hostname mismatches); System.out.println(-h -help --help Shows this help message); } public static void main(String[] args) throws Exception { int connectTimeout = 0; // default = infinite int readTimeout = 1000; boolean disableHostnameVerification = true; boolean disableCertificateChecking = true; String trustStoreFilename = System.getProperty(javax.net.ssl.trustStore); String trustStorePassword = System.getProperty(javax.net.ssl.trustStorePassword); String trustStoreType = System.getProperty(javax.net.ssl.trustStoreType); String trustStoreProvider = System.getProperty(javax.net.ssl.trustStoreProvider); String trustStoreAlgorithm = null; String sslProtocol = TLS; String[] sslEnabledProtocols = new String[] { TLSv1, TLSv1.1, TLSv1.2 }; String[] sslCipherSuites = null; // Default = default for protocol String crlFilename = null; if(args.length 1) { usage(); System.exit(0); } int argIndex; for(argIndex = 0; argIndex args.length; ++argIndex) { String arg = args[argIndex]; if(!arg.startsWith(-)) break; else if(--.equals(arg)) break; else if(-no-check-certificate.equals(arg)) disableCertificateChecking = true; else if(-no-verify-hostname.equals(arg)) disableHostnameVerification = true; else if(-sslprotocol.equals(arg)) sslProtocol = args[++argIndex]; else if(-enabledprotocols.equals(arg)) sslEnabledProtocols = args[++argIndex].split(\\s*,\\s*); else if(-ciphers.equals(arg)) sslCipherSuites = args[++argIndex].split(\\s*,\\s*); else if(-connecttimeout.equals(arg)) connectTimeout = Integer.parseInt(args[++argIndex]); else if(-readtimeout.equals(arg)) readTimeout
[Bug 57123] Update to Eclipse ECJ 4.4.1
https://issues.apache.org/bugzilla/show_bug.cgi?id=57123 Konstantin Kolinko knst.koli...@gmail.com changed: What|Removed |Added OS||All --- Comment #2 from Konstantin Kolinko knst.koli...@gmail.com --- Tomcat 8: - smoke testing: OK - testsuite (Nio connector): OK Thus ecj-4.4.1 can be used. A pending question is update of jasper poms, as ecj-4.4.1.jar is not yet available from Maven Central. https://wiki.apache.org/tomcat/JDTCoreBatchCompiler -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: Testing server SSL/TLS protocol and cipher support
2014-10-21 21:55 GMT+04:00 Christopher Schultz ch...@christopherschultz.net: All, As part of my testing for the recent changes to Tomcat and tcnative, I wanted to use something like sslscan, but that tool does not support anything above TLSv1. One can use OpenSSL s_client but that's fairly tedious. Here is a bash script that uses OpenSSL s_client enumerating all available ciphers that are supported by that particular version of OpenSSL: http://superuser.com/a/224263 Is there a tool that can test what SSL/TLS cipher suites a particular website offers? Best regards, Konstantin Kolinko - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: Testing server SSL/TLS protocol and cipher support
Konstantin, On 10/21/14 2:18 PM, Konstantin Kolinko wrote: 2014-10-21 21:55 GMT+04:00 Christopher Schultz ch...@christopherschultz.net: All, As part of my testing for the recent changes to Tomcat and tcnative, I wanted to use something like sslscan, but that tool does not support anything above TLSv1. One can use OpenSSL s_client but that's fairly tedious. Here is a bash script that uses OpenSSL s_client enumerating all available ciphers that are supported by that particular version of OpenSSL: http://superuser.com/a/224263 Is there a tool that can test what SSL/TLS cipher suites a particular website offers? The script could be improved by trying the ciphers under each supported protocol (e.g. TLSv1 versus TLSv1.1). That script can't distinguish between being able to connect using SSLv3 and TLSv1, only the cipher succeeds. My Java code was written as an exercise also to be shared with the community. Thanks, -chris signature.asc Description: OpenPGP digital signature
svn commit: r1633440 - in /tomcat/trunk: java/javax/el/ImportHandler.java test/javax/el/TestImportHandler.java webapps/docs/changelog.xml
Author: markt Date: Tue Oct 21 19:26:01 2014 New Revision: 1633440 URL: http://svn.apache.org/r1633440 Log: Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=57113 Fix broken package imports in Expression Language when more than one package was imported and the desired class was not in the last package imported. Modified: tomcat/trunk/java/javax/el/ImportHandler.java tomcat/trunk/test/javax/el/TestImportHandler.java tomcat/trunk/webapps/docs/changelog.xml Modified: tomcat/trunk/java/javax/el/ImportHandler.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/javax/el/ImportHandler.java?rev=1633440r1=1633439r2=1633440view=diff == --- tomcat/trunk/java/javax/el/ImportHandler.java (original) +++ tomcat/trunk/java/javax/el/ImportHandler.java Tue Oct 21 19:26:01 2014 @@ -143,7 +143,10 @@ public class ImportHandler { // (which correctly triggers an error) for (String p : packages) { String className = p + '.' + name; -result = findClass(className, true); +Class? clazz = findClass(className, true); +if (clazz != null) { +result = clazz; +} } } Modified: tomcat/trunk/test/javax/el/TestImportHandler.java URL: http://svn.apache.org/viewvc/tomcat/trunk/test/javax/el/TestImportHandler.java?rev=1633440r1=1633439r2=1633440view=diff == --- tomcat/trunk/test/javax/el/TestImportHandler.java (original) +++ tomcat/trunk/test/javax/el/TestImportHandler.java Tue Oct 21 19:26:01 2014 @@ -16,6 +16,8 @@ */ package javax.el; +import java.util.ArrayList; + import org.junit.Assert; import org.junit.Test; @@ -64,6 +66,23 @@ public class TestImportHandler { /** + * Multiple package imports with a single match. + * https://issues.apache.org/bugzilla/show_bug.cgi?id=57113 + */ +@Test +public void testResolveClass04() { +ImportHandler handler = new ImportHandler(); + +handler.importPackage(java.util); +handler.importPackage(java.net); + +Class? clazz = handler.resolveClass(ArrayList); + +Assert.assertEquals(ArrayList.class, clazz); +} + + +/** * Import a valid class. */ @Test Modified: tomcat/trunk/webapps/docs/changelog.xml URL: http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1633440r1=1633439r2=1633440view=diff == --- tomcat/trunk/webapps/docs/changelog.xml (original) +++ tomcat/trunk/webapps/docs/changelog.xml Tue Oct 21 19:26:01 2014 @@ -191,6 +191,11 @@ bug57099/bug: Ensure that semi-colons are not permitted in JSP import page directives. (markt) /fix + fix +bug57113/bug: Fix broken package imports in Expression Language when +more than one package was imported and the desired class was not in the +last package imported. (markt) + /fix /changelog /subsection subsection name=Cluster - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 57113] ImportHandler not returning class properly from resolveClass()
https://issues.apache.org/bugzilla/show_bug.cgi?id=57113 Mark Thomas ma...@apache.org changed: What|Removed |Added Status|NEW |RESOLVED Resolution|--- |FIXED OS||All --- Comment #1 from Mark Thomas ma...@apache.org --- Thanks for the report. This has been fixed in 8.0.x for 8.0.15 onwards. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 53952] Add support for TLS 1.1 and 1.2
https://issues.apache.org/bugzilla/show_bug.cgi?id=53952 --- Comment #44 from Christopher Schultz ch...@christopherschultz.net --- (In reply to Ralf Hauser from comment #43) I guess comment 30 ff. refers to https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566 ? Yes. Patches are available for all supported versions of Tomcat as well as tcnative. Voting is in process for tcnative 1.1.32 and I have voted to release (successfully tested with Tomcat 8-trunk which will be Tomcat 8.0.15). Feedback on the tcnative release candidate is welcome even for non-committers. Please reply to the [VOTE] thread on dev@tomcat.apache.org for tcnative 1.1.32. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1633447 - in /tomcat/trunk: java/org/apache/tomcat/util/descriptor/web/JspPropertyGroup.java webapps/docs/changelog.xml
Author: markt Date: Tue Oct 21 20:21:08 2014 New Revision: 1633447 URL: http://svn.apache.org/r1633447 Log: Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=57105 When parsing web.xml do not limit the buffer element of the jsp-property-group element to integer values as the allowed values are numberkb or none. Modified: tomcat/trunk/java/org/apache/tomcat/util/descriptor/web/JspPropertyGroup.java tomcat/trunk/webapps/docs/changelog.xml Modified: tomcat/trunk/java/org/apache/tomcat/util/descriptor/web/JspPropertyGroup.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/descriptor/web/JspPropertyGroup.java?rev=1633447r1=1633446r2=1633447view=diff == --- tomcat/trunk/java/org/apache/tomcat/util/descriptor/web/JspPropertyGroup.java (original) +++ tomcat/trunk/java/org/apache/tomcat/util/descriptor/web/JspPropertyGroup.java Tue Oct 21 20:21:08 2014 @@ -85,11 +85,11 @@ public class JspPropertyGroup { } public String getDefaultContentType() { return this.defaultContentType; } -private Integer buffer = null; +private String buffer = null; public void setBuffer(String buffer) { -this.buffer = Integer.valueOf(buffer); +this.buffer = buffer; } -public Integer getBuffer() { return this.buffer; } +public String getBuffer() { return this.buffer; } private Boolean errorOnUndeclaredNamespace = null; public void setErrorOnUndeclaredNamespace( Modified: tomcat/trunk/webapps/docs/changelog.xml URL: http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1633447r1=1633446r2=1633447view=diff == --- tomcat/trunk/webapps/docs/changelog.xml (original) +++ tomcat/trunk/webapps/docs/changelog.xml Tue Oct 21 20:21:08 2014 @@ -156,6 +156,11 @@ bug57089/bug: Ensure that configuration of a session ID generator is not lost when a web application is reloaded. (markt) /fix + fix +bug57105/bug: When parsing web.xml do not limit the buffer element +of the jsp-property-group element to integer values as the allowed +values are codelt;numbergt;kb/code or codenone/code. (markt) + /fix /changelog /subsection subsection name=Coyote - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1633448 - /tomcat/trunk/java/org/apache/tomcat/util/descriptor/web/JspPropertyGroupDescriptorImpl.java
Author: markt Date: Tue Oct 21 20:21:46 2014 New Revision: 1633448 URL: http://svn.apache.org/r1633448 Log: Simplify. These values are already Strings. Modified: tomcat/trunk/java/org/apache/tomcat/util/descriptor/web/JspPropertyGroupDescriptorImpl.java Modified: tomcat/trunk/java/org/apache/tomcat/util/descriptor/web/JspPropertyGroupDescriptorImpl.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/descriptor/web/JspPropertyGroupDescriptorImpl.java?rev=1633448r1=1633447r2=1633448view=diff == --- tomcat/trunk/java/org/apache/tomcat/util/descriptor/web/JspPropertyGroupDescriptorImpl.java (original) +++ tomcat/trunk/java/org/apache/tomcat/util/descriptor/web/JspPropertyGroupDescriptorImpl.java Tue Oct 21 20:21:46 2014 @@ -37,25 +37,13 @@ public class JspPropertyGroupDescriptorI @Override public String getBuffer() { -String result = null; - -if (jspPropertyGroup.getBuffer() != null) { -result = jspPropertyGroup.getBuffer().toString(); -} - -return result; +return jspPropertyGroup.getBuffer(); } @Override public String getDefaultContentType() { -String result = null; - -if (jspPropertyGroup.getDefaultContentType() != null) { -result = jspPropertyGroup.getDefaultContentType().toString(); -} - -return result; +return jspPropertyGroup.getDefaultContentType(); } @@ -122,13 +110,7 @@ public class JspPropertyGroupDescriptorI @Override public String getPageEncoding() { -String result = null; - -if (jspPropertyGroup.getPageEncoding() != null) { -result = jspPropertyGroup.getPageEncoding().toString(); -} - -return result; +return jspPropertyGroup.getPageEncoding(); } - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1633452 - in /tomcat/tc7.0.x/trunk: ./ java/org/apache/catalina/deploy/JspPropertyGroup.java webapps/docs/changelog.xml
Author: markt Date: Tue Oct 21 20:33:51 2014 New Revision: 1633452 URL: http://svn.apache.org/r1633452 Log: Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=57105 When parsing web.xml do not limit the buffer element of the jsp-property-group element to integer values as the allowed values are numberkb or none. Modified: tomcat/tc7.0.x/trunk/ (props changed) tomcat/tc7.0.x/trunk/java/org/apache/catalina/deploy/JspPropertyGroup.java tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml Propchange: tomcat/tc7.0.x/trunk/ -- Merged /tomcat/trunk:r1633447 Modified: tomcat/tc7.0.x/trunk/java/org/apache/catalina/deploy/JspPropertyGroup.java URL: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/catalina/deploy/JspPropertyGroup.java?rev=1633452r1=1633451r2=1633452view=diff == --- tomcat/tc7.0.x/trunk/java/org/apache/catalina/deploy/JspPropertyGroup.java (original) +++ tomcat/tc7.0.x/trunk/java/org/apache/catalina/deploy/JspPropertyGroup.java Tue Oct 21 20:33:51 2014 @@ -83,11 +83,11 @@ public class JspPropertyGroup { } public String getDefaultContentType() { return this.defaultContentType; } -private Integer buffer = null; +private String buffer = null; public void setBuffer(String buffer) { -this.buffer = Integer.valueOf(buffer); +this.buffer = buffer; } -public Integer getBuffer() { return this.buffer; } +public String getBuffer() { return this.buffer; } private Boolean errorOnUndeclaredNamespace = null; public void setErrorOnUndeclaredNamespace( Modified: tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml URL: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml?rev=1633452r1=1633451r2=1633452view=diff == --- tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml (original) +++ tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml Tue Oct 21 20:33:51 2014 @@ -88,6 +88,11 @@ information in the constructor since it then gets logged at undesirable times such as when using codeStoreConfig/code. (markt) /fix + fix +bug57105/bug: When parsing web.xml do not limit the buffer element +of the jsp-property-group element to integer values as the allowed +values are codelt;numbergt;kb/code or codenone/code. (markt) + /fix /changelog /subsection subsection name=Coyote - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 57105] buffer under jsp-property-group in web.xml only accept integer which doesn't follow spec and cause jsp compile fail
https://issues.apache.org/bugzilla/show_bug.cgi?id=57105 Mark Thomas ma...@apache.org changed: What|Removed |Added Status|NEW |RESOLVED Resolution|--- |FIXED --- Comment #3 from Mark Thomas ma...@apache.org --- Thanks for the report. This has been fixed in 8.0.x for 8.0.15 onwards and in 7.0.x for 7.0.57 onwards. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 57103] Download page should provide details on how to verify the downloads
https://issues.apache.org/bugzilla/show_bug.cgi?id=57103 Mark Thomas ma...@apache.org changed: What|Removed |Added Status|NEW |RESOLVED Resolution|--- |FIXED --- Comment #5 from Mark Thomas ma...@apache.org --- Fixed. Should be live for all download pages by the time you read this. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1633457 - in /tomcat/site/trunk: docs/download-60.html docs/download-70.html docs/download-80.html xdocs/download-60.xml xdocs/download-70.xml xdocs/download-80.xml
Author: markt Date: Tue Oct 21 20:43:00 2014 New Revision: 1633457 URL: http://svn.apache.org/r1633457 Log: Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=57103. Add verification link Modified: tomcat/site/trunk/docs/download-60.html tomcat/site/trunk/docs/download-70.html tomcat/site/trunk/docs/download-80.html tomcat/site/trunk/xdocs/download-60.xml tomcat/site/trunk/xdocs/download-70.xml tomcat/site/trunk/xdocs/download-80.xml Modified: tomcat/site/trunk/docs/download-60.html URL: http://svn.apache.org/viewvc/tomcat/site/trunk/docs/download-60.html?rev=1633457r1=1633456r2=1633457view=diff == --- tomcat/site/trunk/docs/download-60.html (original) +++ tomcat/site/trunk/docs/download-60.html Tue Oct 21 20:43:00 2014 @@ -212,9 +212,10 @@ h3 id=Release_IntegrityRelease Integrity/h3 div class=text -pYou strongmust/strong verify the integrity of the downloaded files. -We provide OpenPGP signatures for every release file. This signature should -be matched against the +pYou strongmust/strong +a href=http://www.apache.org/info/verification.html;verify/a the +integrity of the downloaded files. We provide OpenPGP signatures for every +release file. This signature should be matched against the a href=https://www.apache.org/dist/tomcat/tomcat-6/KEYS;KEYS/a file which contains the OpenPGP keys of Tomcat's Release Managers. We also provide an codeMD5/code checksum for every release file. After you Modified: tomcat/site/trunk/docs/download-70.html URL: http://svn.apache.org/viewvc/tomcat/site/trunk/docs/download-70.html?rev=1633457r1=1633456r2=1633457view=diff == --- tomcat/site/trunk/docs/download-70.html (original) +++ tomcat/site/trunk/docs/download-70.html Tue Oct 21 20:43:00 2014 @@ -212,9 +212,10 @@ h3 id=Release_IntegrityRelease Integrity/h3 div class=text -pYou strongmust/strong verify the integrity of the downloaded files. -We provide OpenPGP signatures for every release file. This signature should -be matched against the +pYou strongmust/strong +a href=http://www.apache.org/info/verification.html;verify/a the +integrity of the downloaded files. We provide OpenPGP signatures for every +release file. This signature should be matched against the a href=https://www.apache.org/dist/tomcat/tomcat-7/KEYS;KEYS/a file which contains the OpenPGP keys of Tomcat's Release Managers. We also provide an codeMD5/code checksum for every release file. After you Modified: tomcat/site/trunk/docs/download-80.html URL: http://svn.apache.org/viewvc/tomcat/site/trunk/docs/download-80.html?rev=1633457r1=1633456r2=1633457view=diff == --- tomcat/site/trunk/docs/download-80.html (original) +++ tomcat/site/trunk/docs/download-80.html Tue Oct 21 20:43:00 2014 @@ -212,9 +212,10 @@ h3 id=Release_IntegrityRelease Integrity/h3 div class=text -pYou strongmust/strong verify the integrity of the downloaded files. -We provide OpenPGP signatures for every release file. This signature should -be matched against the +pYou strongmust/strong +a href=http://www.apache.org/info/verification.html;verify/a the +integrity of the downloaded files. We provide OpenPGP signatures for every +release file. This signature should be matched against the a href=https://www.apache.org/dist/tomcat/tomcat-8/KEYS;KEYS/a file which contains the OpenPGP keys of Tomcat's Release Managers. We also provide an codeMD5/code checksum for every release file. After you Modified: tomcat/site/trunk/xdocs/download-60.xml URL: http://svn.apache.org/viewvc/tomcat/site/trunk/xdocs/download-60.xml?rev=1633457r1=1633456r2=1633457view=diff == --- tomcat/site/trunk/xdocs/download-60.xml (original) +++ tomcat/site/trunk/xdocs/download-60.xml Tue Oct 21 20:43:00 2014 @@ -24,9 +24,10 @@ section name=Release Integrity -pYou strongmust/strong verify the integrity of the downloaded files. -We provide OpenPGP signatures for every release file. This signature should -be matched against the +pYou strongmust/strong +a href=http://www.apache.org/info/verification.html;verify/a the +integrity of the downloaded files. We provide OpenPGP signatures for every +release file. This signature should be matched against the a href=https://www.apache.org/dist/tomcat/tomcat-6/KEYS;KEYS/a file which contains the OpenPGP keys of Tomcat's Release Managers. We also provide an codeMD5/code checksum for every release file. After you Modified: tomcat/site/trunk/xdocs/download-70.xml URL:
svn commit: r1633474 - in /tomcat/site/trunk: docs/ xdocs/
Author: kkolinko Date: Tue Oct 21 21:58:26 2014 New Revision: 1633474 URL: http://svn.apache.org/r1633474 Log: Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=57103 Add verify link to other download pages and use HTTPS for it. (Followup to r1633457) Modified: tomcat/site/trunk/docs/download-60.html tomcat/site/trunk/docs/download-70.html tomcat/site/trunk/docs/download-80.html tomcat/site/trunk/docs/download-connectors.html tomcat/site/trunk/docs/download-native.html tomcat/site/trunk/docs/download-taglibs.html tomcat/site/trunk/xdocs/download-60.xml tomcat/site/trunk/xdocs/download-70.xml tomcat/site/trunk/xdocs/download-80.xml tomcat/site/trunk/xdocs/download-connectors.xml tomcat/site/trunk/xdocs/download-native.xml tomcat/site/trunk/xdocs/download-taglibs.xml Modified: tomcat/site/trunk/docs/download-60.html URL: http://svn.apache.org/viewvc/tomcat/site/trunk/docs/download-60.html?rev=1633474r1=1633473r2=1633474view=diff == --- tomcat/site/trunk/docs/download-60.html (original) +++ tomcat/site/trunk/docs/download-60.html Tue Oct 21 21:58:26 2014 @@ -213,7 +213,7 @@ div class=text pYou strongmust/strong -a href=http://www.apache.org/info/verification.html;verify/a the +a href=https://www.apache.org/info/verification.html;verify/a the integrity of the downloaded files. We provide OpenPGP signatures for every release file. This signature should be matched against the a href=https://www.apache.org/dist/tomcat/tomcat-6/KEYS;KEYS/a file Modified: tomcat/site/trunk/docs/download-70.html URL: http://svn.apache.org/viewvc/tomcat/site/trunk/docs/download-70.html?rev=1633474r1=1633473r2=1633474view=diff == --- tomcat/site/trunk/docs/download-70.html (original) +++ tomcat/site/trunk/docs/download-70.html Tue Oct 21 21:58:26 2014 @@ -213,7 +213,7 @@ div class=text pYou strongmust/strong -a href=http://www.apache.org/info/verification.html;verify/a the +a href=https://www.apache.org/info/verification.html;verify/a the integrity of the downloaded files. We provide OpenPGP signatures for every release file. This signature should be matched against the a href=https://www.apache.org/dist/tomcat/tomcat-7/KEYS;KEYS/a file Modified: tomcat/site/trunk/docs/download-80.html URL: http://svn.apache.org/viewvc/tomcat/site/trunk/docs/download-80.html?rev=1633474r1=1633473r2=1633474view=diff == --- tomcat/site/trunk/docs/download-80.html (original) +++ tomcat/site/trunk/docs/download-80.html Tue Oct 21 21:58:26 2014 @@ -213,7 +213,7 @@ div class=text pYou strongmust/strong -a href=http://www.apache.org/info/verification.html;verify/a the +a href=https://www.apache.org/info/verification.html;verify/a the integrity of the downloaded files. We provide OpenPGP signatures for every release file. This signature should be matched against the a href=https://www.apache.org/dist/tomcat/tomcat-8/KEYS;KEYS/a file Modified: tomcat/site/trunk/docs/download-connectors.html URL: http://svn.apache.org/viewvc/tomcat/site/trunk/docs/download-connectors.html?rev=1633474r1=1633473r2=1633474view=diff == --- tomcat/site/trunk/docs/download-connectors.html (original) +++ tomcat/site/trunk/docs/download-connectors.html Tue Oct 21 21:58:26 2014 @@ -334,9 +334,11 @@ h4 id=Verify_the_Integrity_of_the_FilesVerify the Integrity of the Files/h4 div class=text -pYou strongmust/strong verify the integrity of the downloaded -files. We provide OpenPGP signatures for every release file. This -signature should be matched against the +pYou strongmust/strong +a href=https://www.apache.org/info/verification.html;verify/a +the integrity of the downloaded files. We provide OpenPGP +signatures for every release file. This signature should be matched +against the a href=https://www.apache.org/dist/tomcat/tomcat-connectors/KEYS;KEYS/a file which contains the OpenPGP keys of Tomcat's Release Managers. We also provide codeMD5/code and codeSHA1/code checksums for every release file. After you Modified: tomcat/site/trunk/docs/download-native.html URL: http://svn.apache.org/viewvc/tomcat/site/trunk/docs/download-native.html?rev=1633474r1=1633473r2=1633474view=diff == --- tomcat/site/trunk/docs/download-native.html (original) +++ tomcat/site/trunk/docs/download-native.html Tue Oct 21 21:58:26 2014 @@ -379,9 +379,11 @@ h4 id=Verify_the_Integrity_of_the_FilesVerify the Integrity of the Files/h4 div class=text -pYou strongmust/strong verify the
[Bug 53952] Add support for TLS 1.1 and 1.2
https://issues.apache.org/bugzilla/show_bug.cgi?id=53952 --- Comment #45 from Mark Woon markw...@gmail.com --- In reply to comment #43: yes. I also agree with comment #33 - SSLv2 and SSLv3 should just be removed from the options. So glad to see that this is moving forward. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: [VOTE] Release Apache Tomcat Native 1.1.32
On 21/10/2014 10:05, Mark Thomas wrote: Version 1.1.32 includes the following changes: - Add support for TLS v1.1 and TLS v1.2 - Windows binaries built with APR 1.5.1 and OpenSSL 1.0.1j The proposed release artefacts can be found at [1], and the build was done using tag [2]. Since this release is primarily to address security issues, I may end the vote earlier than 72 hours to speed up the process of getting Tomcat releases out that address CVE-2014-3566. Just to note that we have enough votes to release this now but I am planning on leaving the vote open until I am ready to tag the next 8.0.x release. I have still have a couple of things to do for 8.0.x that I hope to wrap up tomorrow. Mark The Apache Tomcat Native 1.1.31 is [ ] Stable, go ahead and release [ ] Broken because of ... [1] https://dist.apache.org/repos/dist/dev/tomcat/tomcat-connectors/native/1.1.32/ [2] https://svn.apache.org/repos/asf/tomcat/native/tags/TOMCAT_NATIVE_1_1_32 - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1633478 - in /tomcat/tc7.0.x/trunk: ./ build.xml webapps/docs/changelog.xml
Author: kkolinko Date: Tue Oct 21 22:51:35 2014 New Revision: 1633478 URL: http://svn.apache.org/r1633478 Log: Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=57079 Use Tomcat version number for jdbc-pool module when building and shipping the module as part of Tomcat. It is backport of r1632425 from tomcat/trunk. Modified: tomcat/tc7.0.x/trunk/ (props changed) tomcat/tc7.0.x/trunk/build.xml tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml Propchange: tomcat/tc7.0.x/trunk/ -- Merged /tomcat/trunk:r1632425 Modified: tomcat/tc7.0.x/trunk/build.xml URL: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/build.xml?rev=1633478r1=1633477r2=1633478view=diff == --- tomcat/tc7.0.x/trunk/build.xml (original) +++ tomcat/tc7.0.x/trunk/build.xml Tue Oct 21 22:51:35 2014 @@ -1021,6 +1021,9 @@ property name=tomcat.pool value=${tomcat.pool} / property name=tomcat.juli.jar value=${tomcat-juli.jar} / property name=skip.download value=set/ + property name=version value=${version}/ + property name=version.major value=${version.major}/ + property name=version.major.minor value=${version.major.minor}/ /ant copy file=${tomcat-jdbc.jar} todir=${tomcat.build}/lib/ /target Modified: tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml URL: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml?rev=1633478r1=1633477r2=1633478view=diff == --- tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml (original) +++ tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml Tue Oct 21 22:51:35 2014 @@ -170,6 +170,14 @@ /fix /changelog /subsection + subsection name=jdbc-pool +changelog + fix +bug57079/bug: Use Tomcat version number for jdbc-pool module when +building and shipping the module as part of Tomcat. (markt/kkolinko) + /fix +/changelog + /subsection subsection name=Other changelog update - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 57079] Use Tomcat version number in jdbc-pool manifest when building it as part of Tomcat
https://issues.apache.org/bugzilla/show_bug.cgi?id=57079 --- Comment #2 from Konstantin Kolinko knst.koli...@gmail.com --- Backported to Tomcat 7 in r1633478 and will be in 7.0.57 onwards. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1633484 - in /tomcat/tc7.0.x/trunk: ./ build.xml webapps/docs/changelog.xml
Author: kkolinko Date: Tue Oct 21 23:25:17 2014 New Revision: 1633484 URL: http://svn.apache.org/r1633484 Log: Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=57079 When Eclipse Compiler JAR is updated, make sure to delete its old version from Tomcat lib directory. It is backport of r1606114 from tomcat/trunk. Modified: tomcat/tc7.0.x/trunk/ (props changed) tomcat/tc7.0.x/trunk/build.xml tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml Propchange: tomcat/tc7.0.x/trunk/ -- Merged /tomcat/trunk:r1606114 Modified: tomcat/tc7.0.x/trunk/build.xml URL: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/build.xml?rev=1633484r1=1633483r2=1633484view=diff == --- tomcat/tc7.0.x/trunk/build.xml (original) +++ tomcat/tc7.0.x/trunk/build.xml Tue Oct 21 23:25:17 2014 @@ -1007,12 +1007,22 @@ filterset refid=version.filters/ /copy +!-- Delete all other versions of Eclipse JDT Compiler and copy the current one -- +local name=jdt.jar.filename / +basename property=jdt.jar.filename file=${jdt.jar}/ +delete verbose=true + fileset dir=${tomcat.build}/lib +include name=ecj-*.jar/ +exclude name=${jdt.jar.filename}/ + /fileset +/delete +copy file=${jdt.jar} todir=${tomcat.build}/lib/ + !-- Add sources for examples -- antcall target=examples-sources / copy file=${tomcat-dbcp.jar} todir=${tomcat.build}/lib failonerror=false/ -copy file=${jdt.jar} todir=${tomcat.build}/lib / !-- build the jdbc-pool jar and source jar-- echo message=Building Tomcat JDBC pool libraries/ Modified: tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml URL: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml?rev=1633484r1=1633483r2=1633484view=diff == --- tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml (original) +++ tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml Tue Oct 21 23:25:17 2014 @@ -189,6 +189,11 @@ Fix timestamps in Tomcat build and jdbc-pool to use 24-hour format instead of 12-hour one and use UTC timezone. (markt/kkolinko) /fix + update +Improve Tomcat build script to ensure that only one ecj-nn.jar file +is present in Tomcat codelib/code directory when Eclipse JDT +Compiler is updated to a new version. (kkolinko) + /update /changelog /subsection /section - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: [VOTE] Release Apache Tomcat Native 1.1.32
Mark, On 10/21/14 6:11 PM, Mark Thomas wrote: On 21/10/2014 10:05, Mark Thomas wrote: Version 1.1.32 includes the following changes: - Add support for TLS v1.1 and TLS v1.2 - Windows binaries built with APR 1.5.1 and OpenSSL 1.0.1j The proposed release artefacts can be found at [1], and the build was done using tag [2]. Since this release is primarily to address security issues, I may end the vote earlier than 72 hours to speed up the process of getting Tomcat releases out that address CVE-2014-3566. Just to note that we have enough votes to release this now but I am planning on leaving the vote open until I am ready to tag the next 8.0.x release. +1 Since tcnative really requires the update to Tomcat as well, rushing a tcnative release doesn't help if we will have to wait for Tomcat 7/8 releases as well. I have still have a couple of things to do for 8.0.x that I hope to wrap up tomorrow. Great. I'll be ready for a vote whenever you post it. -chris signature.asc Description: OpenPGP digital signature
svn commit: r1633489 - in /tomcat/tc7.0.x/trunk: ./ webapps/docs/changelog.xml webapps/examples/WEB-INF/web.xml webapps/examples/jsp/chat/ webapps/examples/jsp/index.html webapps/examples/servlets/cha
Author: kkolinko Date: Tue Oct 21 23:55:32 2014 New Revision: 1633489 URL: http://svn.apache.org/r1633489 Log: Move Async and Comet examples from JSP examples page to Servlets examples page, like it have already been done in Tomcat 8. Merged r1518578, r1518581, r1518589 from tomcat/trunk. Added: tomcat/tc7.0.x/trunk/webapps/examples/servlets/chat/ - copied from r1518589, tomcat/trunk/webapps/examples/servlets/chat/ Removed: tomcat/tc7.0.x/trunk/webapps/examples/jsp/chat/ Modified: tomcat/tc7.0.x/trunk/ (props changed) tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml tomcat/tc7.0.x/trunk/webapps/examples/WEB-INF/web.xml tomcat/tc7.0.x/trunk/webapps/examples/jsp/index.html tomcat/tc7.0.x/trunk/webapps/examples/servlets/index.html Propchange: tomcat/tc7.0.x/trunk/ -- Merged /tomcat/trunk:r1518578,1518581,1518589 Modified: tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml URL: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml?rev=1633489r1=1633488r2=1633489view=diff == --- tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml (original) +++ tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml Tue Oct 21 23:55:32 2014 @@ -168,6 +168,10 @@ Correct version of Java WebSocket mentioned in documentation (s/1.0/1.1/). (markt/kkolinko) /fix + update +In examples web application move Async and Comet examples from JSP +to Servlet examples page. (kkolinko) + /update /changelog /subsection subsection name=jdbc-pool Modified: tomcat/tc7.0.x/trunk/webapps/examples/WEB-INF/web.xml URL: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/webapps/examples/WEB-INF/web.xml?rev=1633489r1=1633488r2=1633489view=diff == --- tomcat/tc7.0.x/trunk/webapps/examples/WEB-INF/web.xml (original) +++ tomcat/tc7.0.x/trunk/webapps/examples/WEB-INF/web.xml Tue Oct 21 23:55:32 2014 @@ -157,7 +157,7 @@ servlet-mapping servlet-nameChatServlet/servlet-name -url-pattern/jsp/chat/chat/url-pattern +url-pattern/servlets/chat/chat/url-pattern /servlet-mapping servlet-mapping servlet-nameCompressionFilterTestServlet/servlet-name Modified: tomcat/tc7.0.x/trunk/webapps/examples/jsp/index.html URL: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/webapps/examples/jsp/index.html?rev=1633489r1=1633488r2=1633489view=diff == --- tomcat/tc7.0.x/trunk/webapps/examples/jsp/index.html (original) +++ tomcat/tc7.0.x/trunk/webapps/examples/jsp/index.html Tue Oct 21 23:55:32 2014 @@ -392,63 +392,6 @@ ght=24 width=24 align=TOP/a is configured to have these roles./td /tr -tr - td colspan=3Servlet 3.0 Asynchronous processing examplesnbsp;br / -Examples that demonstrate using Servlet 3.0 asynchronous -request processing API./td -/tr -tr VALIGN=TOP - tdasync0nbsp;/td - td VALIGN=TOP WIDTH=30% -a href=../async/async0img SRC=images/execute.gif HSPACE=4 BORDER=0 align=TOP Execute/a - /td - td WIDTH=30%/td -/tr -tr VALIGN=TOP - tdasync1nbsp;/td - td VALIGN=TOP WIDTH=30% -a href=../async/async1img SRC=images/execute.gif HSPACE=4 BORDER=0 align=TOP Execute/a - /td - td WIDTH=30%/td -/tr -tr VALIGN=TOP - tdasync2nbsp;/td - td VALIGN=TOP WIDTH=30% -a href=../async/async2img SRC=images/execute.gif HSPACE=4 BORDER=0 align=TOP Execute/a - /td - td WIDTH=30%/td -/tr -tr VALIGN=TOP - tdasync3nbsp;/td - td VALIGN=TOP WIDTH=30% -a href=../async/async3img SRC=images/execute.gif HSPACE=4 BORDER=0 align=TOP Execute/a - /td - td WIDTH=30%/td -/tr -tr VALIGN=TOP - tdstocktickernbsp;/td - td VALIGN=TOP WIDTH=30% -a href=../async/stocktickerimg SRC=images/execute.gif HSPACE=4 BORDER=0 align=TOP Execute/a - /td - td WIDTH=30%/td -/tr - -tr - td colspan=3Comet processing examplenbsp;br / -Example that demonstrates asynchronous request processing -using Comet API. See strongAdvanced IO/strong chapter in the -User Guide for details. It works only with connectors that support -Comet processing (strongAPR/strong or strongNIO/strong -strongHTTP/strong connectors)./td -/tr -tr VALIGN=TOP - tdComet Chatnbsp;/td - td VALIGN=TOP WIDTH=30% -a href=chat/img SRC=images/execute.gif HSPACE=4 BORDER=0 align=TOP Execute/a - /td - td WIDTH=30%/td -/tr - /table /body /html Modified: tomcat/tc7.0.x/trunk/webapps/examples/servlets/index.html URL: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/webapps/examples/servlets/index.html?rev=1633489r1=1633488r2=1633489view=diff == --- tomcat/tc7.0.x/trunk/webapps/examples/servlets/index.html (original) +++
svn commit: r1633500 - in /tomcat/trunk: build.xml webapps/docs/changelog.xml
Author: kkolinko Date: Wed Oct 22 00:40:56 2014 New Revision: 1633500 URL: http://svn.apache.org/r1633500 Log: Suppress timestamp comment in generated Javadoc. Such as !-- Generated by javadoc (version 1.7.0_65) on Wed Oct 22 09:10:36 EST 2014 -- Those comments result in one changed line per each HTML file, which makes the diff between different versions of documentation unnecessary huge. Documentation: http://docs.oracle.com/javase/7/docs/technotes/tools/solaris/javadoc.html#standard Modified: tomcat/trunk/build.xml tomcat/trunk/webapps/docs/changelog.xml Modified: tomcat/trunk/build.xml URL: http://svn.apache.org/viewvc/tomcat/trunk/build.xml?rev=1633500r1=1633499r2=1633500view=diff == --- tomcat/trunk/build.xml (original) +++ tomcat/trunk/build.xml Wed Oct 22 00:40:56 2014 @@ -1875,7 +1875,7 @@ Apache Tomcat ${version} native binaries header=lt;bgt;Servlet 3.1 - Apache Tomcat ${version}lt;/bgt; bottom=Copyright amp;#169; 2000-${year} Apache Software Foundation. All Rights Reserved. encoding=ISO-8859-1 - additionalparam=-breakiterator + additionalparam=-breakiterator -notimestamp maxmemory=256m classpath path refid=compile.classpath/ @@ -1892,7 +1892,7 @@ Apache Tomcat ${version} native binaries header=lt;bgt;JSP 2.3 - Apache Tomcat ${version}lt;/bgt; bottom=Copyright amp;#169; 2000-${year} Apache Software Foundation. All Rights Reserved. encoding=ISO-8859-1 - additionalparam=-breakiterator + additionalparam=-breakiterator -notimestamp maxmemory=256m classpath path refid=compile.classpath/ @@ -1909,7 +1909,7 @@ Apache Tomcat ${version} native binaries header=lt;bgt;EL 3.0 - Apache Tomcat ${version}lt;/bgt; bottom=Copyright amp;#169; 2000-${year} Apache Software Foundation. All Rights Reserved. encoding=ISO-8859-1 - additionalparam=-breakiterator + additionalparam=-breakiterator -notimestamp maxmemory=256m classpath path refid=compile.classpath/ @@ -1926,7 +1926,7 @@ Apache Tomcat ${version} native binaries header=lt;bgt;WebSocket 1.1 - Apache Tomcat ${version}lt;/bgt; bottom=Copyright amp;#169; 2000-${year} Apache Software Foundation. All Rights Reserved. encoding=ISO-8859-1 - additionalparam=-breakiterator + additionalparam=-breakiterator -notimestamp maxmemory=256m classpath path refid=compile.classpath/ @@ -1942,7 +1942,7 @@ Apache Tomcat ${version} native binaries header=lt;bgt;Apache Tomcat ${version}lt;/bgt; bottom=Copyright amp;#169; 2000-${year} Apache Software Foundation. All Rights Reserved. encoding=ISO-8859-1 - additionalparam=-breakiterator + additionalparam=-breakiterator -notimestamp maxmemory=256m classpath path refid=compile.classpath/ Modified: tomcat/trunk/webapps/docs/changelog.xml URL: http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1633500r1=1633499r2=1633500view=diff == --- tomcat/trunk/webapps/docs/changelog.xml (original) +++ tomcat/trunk/webapps/docs/changelog.xml Wed Oct 22 00:40:56 2014 @@ -258,6 +258,9 @@ Correct version of Java WebSocket mentioned in documentation (s/1.0/1.1/). (markt/kkolinko) /fix + update +Suppress timestamp comments in Javadoc. (kkolinko) + /update /changelog /subsection subsection name=Tribes - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[GUMP@vmgump]: Project tomcat-trunk-validate (in module tomcat-trunk) failed
To whom it may engage... This is an automated request, but not an unsolicited one. For more information please visit http://gump.apache.org/nagged.html, and/or contact the folk at gene...@gump.apache.org. Project tomcat-trunk-validate has an issue affecting its community integration. This issue affects 1 projects, and has been outstanding for 27 runs. The current state of this project is 'Failed', with reason 'Build Failed'. For reference only, the following projects are affected by this: - tomcat-trunk-validate : Tomcat 8.x, a web server implementing the Java Servlet 3.1, ... Full details are available at: http://vmgump.apache.org/gump/public/tomcat-trunk/tomcat-trunk-validate/index.html That said, some information snippets are provided here. The following annotations (debug/informational/warning/error messages) were provided: -DEBUG- Dependency on checkstyle exists, no need to add for property checkstyle.jar. -INFO- Failed with reason build failed The following work was performed: http://vmgump.apache.org/gump/public/tomcat-trunk/tomcat-trunk-validate/gump_work/build_tomcat-trunk_tomcat-trunk-validate.html Work Name: build_tomcat-trunk_tomcat-trunk-validate (Type: Build) Work ended in a state of : Failed Elapsed: 21 secs Command Line: /usr/lib/jvm/java-7-oracle/bin/java -Djava.awt.headless=true -Dbuild.sysclasspath=only org.apache.tools.ant.Main -Dgump.merge=/srv/gump/public/gump/work/merge.xml -Dcheckstyle.jar=/srv/gump/public/workspace/checkstyle/target/checkstyle-6.0-SNAPSHOT.jar -Dexecute.validate=true validate [Working Directory: /srv/gump/public/workspace/tomcat-trunk] CLASSPATH: /usr/lib/jvm/java-7-oracle/lib/tools.jar:/srv/gump/public/workspace/ant/dist/lib/ant.jar:/srv/gump/public/workspace/ant/dist/lib/ant-launcher.jar:/srv/gump/public/workspace/ant/dist/lib/ant-jmf.jar:/srv/gump/public/workspace/ant/dist/lib/ant-junit.jar:/srv/gump/public/workspace/ant/dist/lib/ant-junit4.jar:/srv/gump/public/workspace/ant/dist/lib/ant-swing.jar:/srv/gump/public/workspace/ant/dist/lib/ant-apache-resolver.jar:/srv/gump/public/workspace/ant/dist/lib/ant-apache-xalan2.jar:/srv/gump/public/workspace/xml-commons/java/build/resolver.jar:/srv/gump/packages/antlr/antlr-3.1.3.jar:/srv/gump/public/workspace/checkstyle/target/checkstyle-6.0-SNAPSHOT.jar:/srv/gump/public/workspace/apache-commons/beanutils/dist/commons-beanutils-20141022.jar:/srv/gump/public/workspace/apache-commons/cli/target/commons-cli-1.3-SNAPSHOT.jar:/srv/gump/public/workspace/commons-collections-3.x/target/commons-collections-3.3-SNAPSHOT.jar:/srv/gump/public/workspace/apache-commons/exec/target/comm ons-exec-1.3-SNAPSHOT.jar:/srv/gump/public/workspace/apache-commons/logging/target/commons-logging-20141022.jar:/srv/gump/public/workspace/apache-commons/logging/target/commons-logging-api-20141022.jar:/srv/gump/public/workspace/apache-commons/validator/dist/commons-validator-20141022.jar:/srv/gump/public/workspace/google-guava/guava/target/guava-19.0-SNAPSHOT.jar - Buildfile: /srv/gump/public/workspace/tomcat-trunk/build.xml build-prepare: [delete] Deleting directory /srv/gump/public/workspace/tomcat-trunk/output/build/temp [mkdir] Created dir: /srv/gump/public/workspace/tomcat-trunk/output/build/temp compile-prepare: download-validate: testexist: [echo] Testing for /srv/gump/public/workspace/checkstyle/target/checkstyle-6.0-SNAPSHOT.jar setproxy: downloadzip: validate: [mkdir] Created dir: /srv/gump/public/workspace/tomcat-trunk/output/res/checkstyle [checkstyle] Running Checkstyle 6.0-SNAPSHOT on 2915 files [checkstyle] /srv/gump/public/workspace/tomcat-trunk/webapps/docs/changelog.xml:161: Line matches the illegal pattern '\s+$'. BUILD FAILED /srv/gump/public/workspace/tomcat-trunk/build.xml:542: Got 1 errors and 0 warnings. Total time: 21 seconds - To subscribe to this information via syndicated feeds: - RSS: http://vmgump.apache.org/gump/public/tomcat-trunk/tomcat-trunk-validate/rss.xml - Atom: http://vmgump.apache.org/gump/public/tomcat-trunk/tomcat-trunk-validate/atom.xml == Gump Tracking Only === Produced by Apache Gump(TM) version 2.3. Gump Run 20141022000104, vmgump.apache.org:vmgump:20141022000104 Gump E-mail Identifier (unique within run) #5. -- Apache Gump http://gump.apache.org/ [Instance: vmgump] - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org