Re: Adding CredentialHandler to ServletContext so applications can get to it

2015-11-23 Thread Christopher Schultz 
Konstantin,

On 11/23/15 7:19 AM, Konstantin Kolinko wrote:
> 2015-11-22 22:26 GMT+03:00 Christopher Schultz :
>> Konstantin,
>>
>> On 11/21/15 10:07 AM, Konstantin Kolinko wrote:
>>> 2015-11-20 15:47 GMT+03:00 Christopher Schultz 
>>> :
 All,

 I thought there was a BZ issue for this, but I didn't find one. It's
 been suggested (and I agree completely) that an application ought to be
 able to fetch the CredentialHandler for the context's realm so that it
 could mutate user credentials in the same way that the Realm expects to
 do. That allows applications to change user's passwords, for instance.

>>>
>>> In review of r1715434
>>>
>>> 1. I think this has to be an opt-in feature.
>>>
>>> I do not see high risk though.  In theory, if stored credentials are
>>> known then CredentialHandler allows untrusted applications to test
>>> potential passwords without triggering a lock-out timer.
>>
>> Hmm, I hadn't thought of that. I could pretty easily make this a setting
>> for the context.
>>
>>> I am OK with this being a StandardContext feature, though there is an
>>> alternative way: to implement publishing the attribute with a
>>> Listener.
>>
>> But then if you don't trust the application, how do you trust the
>> context's settings?
>>
> 
> 1) When SecurityManager is enabled then the value of "deployXML"
> attribute of a StandatdHost by default is "false".
> 
> It means that an administrator has to explicitly configure a
> conf/Catalina/localhost/appname.xml context file for an application,
> if it needs one.  The META-INF/context.xml file in a web application
> is not trusted.  (Moreover, Tomcat will refuse to start an application
> if META-INF/context.xml is present, but explicit context file in conf/
> is not configured).
> 
> 2) In case of "user" applications deployed by
> org.apache.catalina.startup.UserConfig listener:
> 
> A Context is created programmatically, with default settings (the
> value for StandardContext.configFile is null). The
> META-INF/context.xml file in a web application is not read.

Sounds good. Thanks for the clarification.

>> What kind of listener do you think would be appropriate to use, here?
>>
> 
> I just say that it is another possible way to implement this feature.
> A LifecycleListener that reacts on "after_start" or "configure_start"
> event of a Context.

I'm comfortable with a StandardContext feature for the moment. If others
feel strongly about a different strategy, please speak up and I'll move
this into a Listener.

On the other hand, a Listener requires (arguably) less configuration and
can be enabled either on a per-context basis or at the global level.

I'll have to think about this a bit more.

>>> 2. A web application is not allowed to access classes in 
>>> org.apache.catalina.
>>>
>>> Interfaces exposed to web applications (InstanceManager etc.) are in
>>> org.apache.tomcat package
>>> and access to them is granted with the following lines in catalina.policy:
>>>
>>> // All JSPs need to be able to read this package
>>> permission java.lang.RuntimePermission
>>> "accessClassInPackage.org.apache.tomcat";
>>
>> Hmm... I didn't test with a SecurityManager enabled; didn't think about
>> that.
>>
>> I think Mark committed the original work for CredentialHandler based
>> upon my ideas... Mark, is there any objection to moving
>> CredentialHandler to org.apache.tomcat? It would be an API change, but
>> we could leave org.apache.catalina.CredentialHandler as a sub-interface
>> of the new one in org.apache.tomcat.
>>
>> Another idea would be continue to use the existing CredentialHandler
>> internally, and put the "SafeCredentialHandler" for access through the
>> ServletContext into org.apache.tomcat.
> 
> Your web application that uses CredentialHandler class, does it also
> use other internal classes?

No, not right now.

> Do you need access to a Realm?  Or you are accessing a database / LDAP
> directory directly, behind a Realm's back?

For writing new credentials (e.g. password-change, registration, etc.),
I write directly to the database, as Tomcat has no facilities for this
kind of thing. I have no need to access the Realm when its primary
purpose is authentication and authorization. That can already be
accomplished using HttpServletRequest.login if necessary.

> E.g. LockOutRealm has a cache of locked-out users. You may want to
> call LockOutRealm.unlock(username) if user's password is being reset
> by an administrator.

That exposes another opportunity to interact with Tomcat's
authentication mechanisms. I wonder how most people are actually working
with Tomcat's authentication due to it's non-portable nature. For $work,
we use securityfilter which is somewhat more portable (though it binds
us to sf, of course). The lack of standard interfaces for this kind of
stuff makes this type of work awkward.

I found myself writing code using reflection to make the calls to

svn commit: r1715765 - /tomcat/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLUtil.java

2015-11-23 Thread markt 
Author: markt
Date: Mon Nov 23 11:16:10 2015
New Revision: 1715765

URL: http://svn.apache.org/viewvc?rev=1715765=rev
Log:
Checkstyle police

Modified:
tomcat/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLUtil.java

Modified: tomcat/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLUtil.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLUtil.java?rev=1715765=1715764=1715765=diff
==
--- tomcat/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLUtil.java 
(original)
+++ tomcat/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLUtil.java Mon 
Nov 23 11:16:10 2015
@@ -61,37 +61,37 @@ public class OpenSSLUtil implements SSLU
 /* In fact we can use the JSSE one for the moment */
 @Override
 public TrustManager[] getTrustManagers() throws Exception {
-   String storefile = System.getProperty("java.home") + 
"/lib/security/cacerts";
+String storefile = System.getProperty("java.home") + 
"/lib/security/cacerts";
 String password = "changeit";
 String type = "jks";
 String provider = null;
 if (sslHostConfig.getTruststoreFile() != null) {
-   storefile = sslHostConfig.getTruststoreFile();
+storefile = sslHostConfig.getTruststoreFile();
 }
 if (sslHostConfig.getTruststorePassword() != null) {
-   password = sslHostConfig.getTruststorePassword();
+password = sslHostConfig.getTruststorePassword();
 }
 if (sslHostConfig.getTruststoreType() != null) {
-   type = sslHostConfig.getTruststoreType();
+type = sslHostConfig.getTruststoreType();
 }
 if (sslHostConfig.getTruststoreProvider() != null) {
-   provider = sslHostConfig.getTruststoreProvider();
+provider = sslHostConfig.getTruststoreProvider();
 }
 
 TrustManagerFactory factory;
 if (provider == null)
-   factory = 
TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
+factory = 
TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
 else
-   factory = TrustManagerFactory.getInstance(provider);
-
-   KeyStore keystore = KeyStore.getInstance(type);
-   InputStream stream = new FileInputStream(storefile);
-   keystore.load(stream, password.toCharArray());
-   factory.init(keystore);
-   TrustManager[] managers = factory.getTrustManagers();
+factory = TrustManagerFactory.getInstance(provider);
+
+KeyStore keystore = KeyStore.getInstance(type);
+InputStream stream = new FileInputStream(storefile);
+keystore.load(stream, password.toCharArray());
+factory.init(keystore);
+TrustManager[] managers = factory.getTrustManagers();
 return managers;
 }
-
+
 
 @Override
 public void configureSessionContext(SSLSessionContext sslSessionContext) {



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

buildbot success in ASF Buildbot on tomcat-trunk

2015-11-23 Thread buildbot 
The Buildbot has detected a restored build on builder tomcat-trunk while 
building ASF Buildbot. Full details are available at:
http://ci.apache.org/builders/tomcat-trunk/builds/652

Buildbot URL: http://ci.apache.org/

Buildslave for this Build: silvanus_ubuntu

Build Reason: The AnyBranchScheduler scheduler named 'on-tomcat-commit' 
triggered this build
Build Source Stamp: [branch tomcat/trunk] 1715765
Blamelist: markt

Build succeeded!

Sincerely,
 -The Buildbot




-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 58638] New: tomcat looses asyn-supported when the configuration is split between web.xml and anntotations

2015-11-23 Thread bugzilla 
https://bz.apache.org/bugzilla/show_bug.cgi?id=58638

Bug ID: 58638
   Summary: tomcat looses asyn-supported when the configuration is
split between web.xml and anntotations
   Product: Tomcat 8
   Version: 8.0.26
  Hardware: PC
OS: Linux
Status: NEW
  Severity: normal
  Priority: P2
 Component: Catalina
  Assignee: dev@tomcat.apache.org
  Reporter: i...@toshkov.org

I have an async servlet annotated like this:

@WebServlet(name = "streaming", urlPatterns = {"/streaming/*"})

And I'm trying to add CORS filter to it. Since it's third-party (I tried the
one bundled with tomcat, as well as a couple external filters), I have to add
it using web.xml:


CorsFilter
org.apache.catalina.filters.CorsFilter
true



CorsFilter
/*


But when I run this, I get the following exception:

23-Nov-2015 13:24:02.072 SEVERE [http-nio-8080-exec-2]
org.apache.catalina.core.StandardWrapperValve.invoke Servlet.service() for
servlet [streaming] in context with path [/tuareg_1] threw exception
 java.lang.IllegalStateException: A filter or servlet of the current chain does
not support asynchronous operations.
at org.apache.catalina.connector.Request.startAsync(Request.java:1611)
at org.apache.catalina.connector.Request.startAsync(Request.java:1604)
at
org.apache.catalina.connector.RequestFacade.startAsync(RequestFacade.java:1030)
at ...

(N.B. The startAsync call is from the same thread, so this is not the problem)

I moved the servlet registration in the web.xml file (and removed the
annotation) and the whole thing worked.

I think that maybe tomcat doesn't merge the configration from web.xml and
annotations properly.

-- 
You are receiving this mail because:
You are the assignee for the bug.

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: Adding CredentialHandler to ServletContext so applications can get to it

2015-11-23 Thread Konstantin Kolinko 
2015-11-22 22:26 GMT+03:00 Christopher Schultz :
> Konstantin,
>
> On 11/21/15 10:07 AM, Konstantin Kolinko wrote:
>> 2015-11-20 15:47 GMT+03:00 Christopher Schultz 
>> :
>>> All,
>>>
>>> I thought there was a BZ issue for this, but I didn't find one. It's
>>> been suggested (and I agree completely) that an application ought to be
>>> able to fetch the CredentialHandler for the context's realm so that it
>>> could mutate user credentials in the same way that the Realm expects to
>>> do. That allows applications to change user's passwords, for instance.
>>>
>>
>> In review of r1715434
>>
>> 1. I think this has to be an opt-in feature.
>>
>> I do not see high risk though.  In theory, if stored credentials are
>> known then CredentialHandler allows untrusted applications to test
>> potential passwords without triggering a lock-out timer.
>
> Hmm, I hadn't thought of that. I could pretty easily make this a setting
> for the context.
>
>> I am OK with this being a StandardContext feature, though there is an
>> alternative way: to implement publishing the attribute with a
>> Listener.
>
> But then if you don't trust the application, how do you trust the
> context's settings?
>

1) When SecurityManager is enabled then the value of "deployXML"
attribute of a StandatdHost by default is "false".

It means that an administrator has to explicitly configure a
conf/Catalina/localhost/appname.xml context file for an application,
if it needs one.  The META-INF/context.xml file in a web application
is not trusted.  (Moreover, Tomcat will refuse to start an application
if META-INF/context.xml is present, but explicit context file in conf/
is not configured).

2) In case of "user" applications deployed by
org.apache.catalina.startup.UserConfig listener:

A Context is created programmatically, with default settings (the
value for StandardContext.configFile is null). The
META-INF/context.xml file in a web application is not read.


> What kind of listener do you think would be appropriate to use, here?
>

I just say that it is another possible way to implement this feature.
A LifecycleListener that reacts on "after_start" or "configure_start"
event of a Context.

>> 2. A web application is not allowed to access classes in org.apache.catalina.
>>
>> Interfaces exposed to web applications (InstanceManager etc.) are in
>> org.apache.tomcat package
>> and access to them is granted with the following lines in catalina.policy:
>>
>> // All JSPs need to be able to read this package
>> permission java.lang.RuntimePermission
>> "accessClassInPackage.org.apache.tomcat";
>
> Hmm... I didn't test with a SecurityManager enabled; didn't think about
> that.
>
> I think Mark committed the original work for CredentialHandler based
> upon my ideas... Mark, is there any objection to moving
> CredentialHandler to org.apache.tomcat? It would be an API change, but
> we could leave org.apache.catalina.CredentialHandler as a sub-interface
> of the new one in org.apache.tomcat.
>
> Another idea would be continue to use the existing CredentialHandler
> internally, and put the "SafeCredentialHandler" for access through the
> ServletContext into org.apache.tomcat.

Your web application that uses CredentialHandler class, does it also
use other internal classes?

Do you need access to a Realm?  Or you are accessing a database / LDAP
directory directly, behind a Realm's back?

E.g. LockOutRealm has a cache of locked-out users. You may want to
call LockOutRealm.unlock(username) if user's password is being reset
by an administrator.

If CredentialHandler is not the only class you need access to then
moving it alone does not solve your issue.
To allow access to other classes there has to be an explicit grant in
catalina.policy file, like there is one for Tomcat Manager
application.


I think it is OK to leave CredentialHandler as is as long as it is not
exposed by default.

Best regards,
Konstantin Kolinko

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

svn commit: r1715783 - in /tomcat/trunk/java/org/apache/coyote/http2: HpackEncoder.java Http2UpgradeHandler.java LocalStrings.properties Stream.java

2015-11-23 Thread markt 
Author: markt
Date: Mon Nov 23 12:28:59 2015
New Revision: 1715783

URL: http://svn.apache.org/viewvc?rev=1715783=rev
Log:
HTTP/2 debug logging improvements for Server push

Modified:
tomcat/trunk/java/org/apache/coyote/http2/HpackEncoder.java
tomcat/trunk/java/org/apache/coyote/http2/Http2UpgradeHandler.java
tomcat/trunk/java/org/apache/coyote/http2/LocalStrings.properties
tomcat/trunk/java/org/apache/coyote/http2/Stream.java

Modified: tomcat/trunk/java/org/apache/coyote/http2/HpackEncoder.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/coyote/http2/HpackEncoder.java?rev=1715783=1715782=1715783=diff
==
--- tomcat/trunk/java/org/apache/coyote/http2/HpackEncoder.java (original)
+++ tomcat/trunk/java/org/apache/coyote/http2/HpackEncoder.java Mon Nov 23 
12:28:59 2015
@@ -26,13 +26,19 @@ import java.util.List;
 import java.util.Locale;
 import java.util.Map;
 
+import org.apache.juli.logging.Log;
+import org.apache.juli.logging.LogFactory;
 import org.apache.tomcat.util.http.MimeHeaders;
+import org.apache.tomcat.util.res.StringManager;
 
 /**
  * Encoder for HPACK frames.
  */
 public class HpackEncoder {
 
+private static final Log log = LogFactory.getLog(HpackEncoder.class);
+private static final StringManager sm = 
StringManager.getManager(HpackEncoder.class);
+
 public static final HpackHeaderFunction DEFAULT_HEADER_FUNCTION = new 
HpackHeaderFunction() {
 @Override
 public boolean shouldUseIndexing(String headerName, String value) {
@@ -141,19 +147,24 @@ public class HpackEncoder {
 }
 }
 if (!skip) {
-
-int required = 11 + headerName.length(); //we use 11 to 
make sure we have enough room for the variable length integers
-
 String val = headers.getValue(it).toString();
+
+if (log.isDebugEnabled()) {
+log.debug(sm.getString("hpackEncoder.encodeHeader", 
headerName, val));
+}
 TableEntry tableEntry = findInTable(headerName, val);
 
-required += (1 + val.length());
+// We use 11 to make sure we have enough room for the
+// variable length integers
+int required = 11 + headerName.length() + 1 + val.length();
 
 if (target.remaining() < required) {
 this.headersIterator = it;
 return State.UNDERFLOW;
 }
-boolean canIndex = 
hpackHeaderFunction.shouldUseIndexing(headerName, val) && (headerName.length() 
+ val.length() + 32) < maxTableSize; //only index if it will fit
+// Only index if it will fit
+boolean canIndex = 
hpackHeaderFunction.shouldUseIndexing(headerName, val) &&
+(headerName.length() + val.length() + 32) < 
maxTableSize;
 if (tableEntry == null && canIndex) {
 //add the entry to the dynamic table
 target.put((byte) (1 << 6));

Modified: tomcat/trunk/java/org/apache/coyote/http2/Http2UpgradeHandler.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/coyote/http2/Http2UpgradeHandler.java?rev=1715783=1715782=1715783=diff
==
--- tomcat/trunk/java/org/apache/coyote/http2/Http2UpgradeHandler.java 
(original)
+++ tomcat/trunk/java/org/apache/coyote/http2/Http2UpgradeHandler.java Mon Nov 
23 12:28:59 2015
@@ -551,7 +551,7 @@ public class Http2UpgradeHandler extends
 throws IOException {
 if (log.isDebugEnabled()) {
 log.debug(sm.getString("upgradeHandler.writePushHeaders", 
connectionId,
-stream.getIdentifier()));
+stream.getIdentifier(), Integer.toString(pushedStreamId)));
 }
 // This ensures the Stream processing thread has control of the socket.
 synchronized (socketWrapper) {

Modified: tomcat/trunk/java/org/apache/coyote/http2/LocalStrings.properties
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/coyote/http2/LocalStrings.properties?rev=1715783=1715782=1715783=diff
==
--- tomcat/trunk/java/org/apache/coyote/http2/LocalStrings.properties (original)
+++ tomcat/trunk/java/org/apache/coyote/http2/LocalStrings.properties Mon Nov 
23 12:28:59 2015
@@ -35,6 +35,8 @@ hpack.integerEncodedOverTooManyOctets=HP
 
 hpackdecoder.zeroNotValidHeaderTableIndex=Zero is not a valid header table 
index
 
+hpackEncoder.encodeHeader=Encoding header [{0}] with value [{1}]
+
 hpackhuffman.huffmanEncodedHpackValueDidNotEndWithEOS=Huffman encoded value in 
HPACK headers did not end with EOS padding

[Bug 58638] tomcat looses asyn-supported when the configuration is split between web.xml and anntotations

2015-11-23 Thread bugzilla 
https://bz.apache.org/bugzilla/show_bug.cgi?id=58638

--- Comment #2 from Ivan Toshkov  ---
Thank for the quick find and sorry for the noise. I accidentally removed the
flag from the annotation during a "minor" refactoring.

-- 
You are receiving this mail because:
You are the assignee for the bug.

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 58638] tomcat looses asyn-supported when the configuration is split between web.xml and anntotations

2015-11-23 Thread bugzilla 
https://bz.apache.org/bugzilla/show_bug.cgi?id=58638

Mark Thomas  changed:

   What|Removed |Added

 Status|NEW |RESOLVED
 Resolution|--- |INVALID

--- Comment #1 from Mark Thomas  ---
Your annotation doesn't specify that async is supported.

If required, further assistance is available from the users' mailing list.

-- 
You are receiving this mail because:
You are the assignee for the bug.

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: svn commit: r1715732 - /tomcat/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLUtil.java

2015-11-23 Thread Konstantin Kolinko 
2015-11-23 9:43 GMT+03:00  :
> Author: jfclere
> Date: Mon Nov 23 06:43:01 2015
> New Revision: 1715732
>
> URL: http://svn.apache.org/viewvc?rev=1715732=rev
> Log:
> Add the JSSE one.
>
> Modified:
> tomcat/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLUtil.java
>
> Modified: 
> tomcat/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLUtil.java
> URL: 
> http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLUtil.java?rev=1715732=1715731=1715732=diff
> ==
> --- tomcat/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLUtil.java 
> (original)
> +++ tomcat/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLUtil.java Mon 
> Nov 23 06:43:01 2015
> @@ -16,11 +16,15 @@
>   */
>  package org.apache.tomcat.util.net.openssl;
>
> +import java.io.FileInputStream;
> +import java.io.InputStream;
> +import java.security.KeyStore;
>  import java.util.List;
>
>  import javax.net.ssl.KeyManager;
>  import javax.net.ssl.SSLSessionContext;
>  import javax.net.ssl.TrustManager;
> +import javax.net.ssl.TrustManagerFactory;
>
>  import org.apache.tomcat.util.net.SSLContext;
>  import org.apache.tomcat.util.net.SSLHostConfig;
> @@ -54,10 +58,40 @@ public class OpenSSLUtil implements SSLU
>  return managers;
>  }
>
> +/* In fact we can use the JSSE one for the moment */
>  @Override
>  public TrustManager[] getTrustManagers() throws Exception {
> -return null;
> +   String storefile = System.getProperty("java.home") + 
> "/lib/security/cacerts";
> +String password = "changeit";
> +String type = "jks";
> +String provider = null;
> +if (sslHostConfig.getTruststoreFile() != null) {
> +   storefile = sslHostConfig.getTruststoreFile();
> +}
> +if (sslHostConfig.getTruststorePassword() != null) {
> +   password = sslHostConfig.getTruststorePassword();
> +}
> +if (sslHostConfig.getTruststoreType() != null) {
> +   type = sslHostConfig.getTruststoreType();
> +}
> +if (sslHostConfig.getTruststoreProvider() != null) {
> +   provider = sslHostConfig.getTruststoreProvider();
> +}
> +
> +TrustManagerFactory factory;
> +if (provider == null)
> +   factory = 
> TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
> +else
> +   factory = TrustManagerFactory.getInstance(provider);

Why "provider" on the above line?
I guess it should be sslHostConfig.getTruststoreAlgorithm()
For example: JSSESocketFactory.getTrustManagers()


> +   KeyStore keystore = KeyStore.getInstance(type);
> +   InputStream stream = new FileInputStream(storefile);

There is a new feature to allow random URLs as storefile.
The code will be

stream = ConfigFileLoader.getInputStream(storefile);

For example: JSSESocketFactory.getStore(...)

> +   keystore.load(stream, password.toCharArray());

It also needs finally {  if (stream != null) stream.close() }.


> +   factory.init(keystore);
> +   TrustManager[] managers = factory.getTrustManagers();
> +return managers;
>  }
> +
>
>  @Override
>  public void configureSessionContext(SSLSessionContext sslSessionContext) 
> {


BTW, a changelog, documentation =?

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

svn commit: r1715809 - in /tomcat/trunk: java/org/apache/tomcat/util/net/AbstractJsseEndpoint.java java/org/apache/tomcat/util/net/SSLHostConfig.java webapps/docs/changelog.xml

2015-11-23 Thread remm 
Author: remm
Date: Mon Nov 23 13:46:38 2015
New Revision: 1715809

URL: http://svn.apache.org/viewvc?rev=1715809=rev
Log:
Allow the OpenSSL implementation to use either the OpenSSL or JSSE type without 
a warning. If trying to use both, it might work, but IMO a warning is needed.

Modified:
tomcat/trunk/java/org/apache/tomcat/util/net/AbstractJsseEndpoint.java
tomcat/trunk/java/org/apache/tomcat/util/net/SSLHostConfig.java
tomcat/trunk/webapps/docs/changelog.xml

Modified: tomcat/trunk/java/org/apache/tomcat/util/net/AbstractJsseEndpoint.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/net/AbstractJsseEndpoint.java?rev=1715809=1715808=1715809=diff
==
--- tomcat/trunk/java/org/apache/tomcat/util/net/AbstractJsseEndpoint.java 
(original)
+++ tomcat/trunk/java/org/apache/tomcat/util/net/AbstractJsseEndpoint.java Mon 
Nov 23 13:46:38 2015
@@ -68,7 +68,7 @@ public abstract class AbstractJsseEndpoi
 // TODO: Add configuration to allow the OpenSSLImplementation to 
optionally use the JSSE configuration
 // (it should still default to OpenSSL style since it is the most 
logical and straightforward)
 if 
(OpenSSLImplementation.IMPLEMENTATION_NAME.equals(sslImplementationName)) {
-return SSLHostConfig.Type.OPENSSL;
+return SSLHostConfig.Type.EITHER;
 } else {
 return SSLHostConfig.Type.JSSE;
 }

Modified: tomcat/trunk/java/org/apache/tomcat/util/net/SSLHostConfig.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/net/SSLHostConfig.java?rev=1715809=1715808=1715809=diff
==
--- tomcat/trunk/java/org/apache/tomcat/util/net/SSLHostConfig.java (original)
+++ tomcat/trunk/java/org/apache/tomcat/util/net/SSLHostConfig.java Mon Nov 23 
13:46:38 2015
@@ -58,6 +58,7 @@ public class SSLHostConfig {
 }
 
 private Type configType = null;
+private Type currentConfigType = null;
 private Map configuredProperties = new HashMap<>();
 
 private String hostName = DEFAULT_SSL_HOST_NAME;
@@ -119,7 +120,13 @@ public class SSLHostConfig {
 
 public void setConfigType(Type configType) {
 this.configType = configType;
-configuredProperties.remove(configType);
+if (configType == Type.EITHER) {
+if (configuredProperties.remove(Type.JSSE) == null) {
+configuredProperties.remove(Type.OPENSSL);
+}
+} else {
+configuredProperties.remove(configType);
+}
 for (Map.Entry entry : 
configuredProperties.entrySet()) {
 for (String property : entry.getValue()) {
 log.warn(sm.getString("sslHostConfig.mismatch",
@@ -137,6 +144,13 @@ public class SSLHostConfig {
 configuredProperties.put(configType, properties);
 }
 properties.add(name);
+} else if (this.configType == Type.EITHER) {
+if (currentConfigType == null) {
+currentConfigType = configType;
+} else if (currentConfigType != configType) {
+log.warn(sm.getString("sslHostConfig.mismatch",
+name, getHostName(), configType, currentConfigType));
+}
 } else {
 if (configType != this.configType) {
 log.warn(sm.getString("sslHostConfig.mismatch",
@@ -635,7 +649,8 @@ public class SSLHostConfig {
 
 public static enum Type {
 JSSE,
-OPENSSL
+OPENSSL,
+EITHER
 }
 
 

Modified: tomcat/trunk/webapps/docs/changelog.xml
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1715809=1715808=1715809=diff
==
--- tomcat/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/trunk/webapps/docs/changelog.xml Mon Nov 23 13:46:38 2015
@@ -93,6 +93,11 @@
 58621: The certificate chain cannot be set using the main
 certificate attribute, so restore the certificate chain property. 
(remm)
   
+  
+Allow a new SSL config type where a connector can use either JSSE or
+OpenSSL. Both could be allowed, but it would likely create support
+issues. This type is used by the OpenSSL implementation for NIOx. 
(remm)
+  
 
   
   



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

svn commit: r1715822 - /tomcat/trunk/java/org/apache/coyote/http2/Stream.java

2015-11-23 Thread markt 
Author: markt
Date: Mon Nov 23 13:59:37 2015
New Revision: 1715822

URL: http://svn.apache.org/viewvc?rev=1715822=rev
Log:
Fix an HTTP/2 TODO
Only include port in :authority header for HTTP/2 push if non-standard ports 
are being used

Modified:
tomcat/trunk/java/org/apache/coyote/http2/Stream.java

Modified: tomcat/trunk/java/org/apache/coyote/http2/Stream.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/coyote/http2/Stream.java?rev=1715822=1715821=1715822=diff
==
--- tomcat/trunk/java/org/apache/coyote/http2/Stream.java (original)
+++ tomcat/trunk/java/org/apache/coyote/http2/Stream.java Mon Nov 23 13:59:37 
2015
@@ -388,9 +388,17 @@ public class Stream extends AbstractStre
 
request.getMimeHeaders().addValue(":scheme").duplicate(request.scheme());
 // TODO: Query string
 
request.getMimeHeaders().addValue(":path").duplicate(request.decodedURI());
-// TODO: Handle default ports
-request.getMimeHeaders().addValue(":authority").setString(
-request.serverName().getString() + ":" + 
request.getServerPort());
+
+// Authority needs to include the port only if a non-standard port is
+// being used.
+if (!(request.scheme().equals("http") && request.getServerPort() == 
80) &&
+!(request.scheme().equals("https") && request.getServerPort() 
== 443)) {
+request.getMimeHeaders().addValue(":authority").setString(
+request.serverName().getString() + ":" + 
request.getServerPort());
+} else {
+
request.getMimeHeaders().addValue(":authority").duplicate(request.serverName());
+}
+
 push(handler, request, this);
 }
 



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: svn commit: r1715732 - /tomcat/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLUtil.java

2015-11-23 Thread jean-frederic clere 
On 11/23/2015 01:56 PM, Konstantin Kolinko wrote:
> TW, a changelog, documentation =?

Here I have a small question. In fact it possible to mix open pem and
jsse keystore, is it something we want to support?

I try it but removed it because I found it very confusing.

Thanks for the review I will fix the code later today.

Cheers

Jean-Frederic

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: svn commit: r1715732 - /tomcat/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLUtil.java

2015-11-23 Thread Rémy Maucherat 
2015-11-23 15:31 GMT+01:00 jean-frederic clere :

> On 11/23/2015 01:56 PM, Konstantin Kolinko wrote:
> > TW, a changelog, documentation =?
>
> Here I have a small question. In fact it possible to mix open pem and
> jsse keystore, is it something we want to support?
>
> I try it but removed it because I found it very confusing.
>
> Thanks for the review I will fix the code later today.
>

IMO you don't need to actively break it if it happens to work, but I would
keep the configuration warning.

Rémy

Re: svn commit: r1715732 - /tomcat/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLUtil.java

2015-11-23 Thread jean-frederic clere 
On 11/23/2015 03:35 PM, Rémy Maucherat wrote:
> 2015-11-23 15:31 GMT+01:00 jean-frederic clere :
> 
>> On 11/23/2015 01:56 PM, Konstantin Kolinko wrote:
>>> TW, a changelog, documentation =?
>>
>> Here I have a small question. In fact it possible to mix open pem and
>> jsse keystore, is it something we want to support?
>>
>> I try it but removed it because I found it very confusing.
>>
>> Thanks for the review I will fix the code later today.
>>
> 
> IMO you don't need to actively break it if it happens to work, but I would
> keep the configuration warning.

OK I will add some tests to check the mix to prevent nasty things.

Cheers

Jean-Frederic

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

svn commit: r1715978 - in /tomcat/tc8.0.x/trunk: ./ java/org/apache/tomcat/websocket/ test/org/apache/tomcat/websocket/ webapps/docs/

2015-11-23 Thread markt 
Author: markt
Date: Mon Nov 23 22:09:35 2015
New Revision: 1715978

URL: http://svn.apache.org/viewvc?rev=1715978=rev
Log:
Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=55006
Add ProxySelector support to the WebSocket client
Based on a patch by Niki Dokovski.

Added:

tomcat/tc8.0.x/trunk/test/org/apache/tomcat/websocket/TestWsWebSocketContainerWithProxy.java
  - copied unchanged from r1715965, 
tomcat/trunk/test/org/apache/tomcat/websocket/TestWsWebSocketContainerWithProxy.java
Modified:
tomcat/tc8.0.x/trunk/   (props changed)

tomcat/tc8.0.x/trunk/java/org/apache/tomcat/websocket/LocalStrings.properties

tomcat/tc8.0.x/trunk/java/org/apache/tomcat/websocket/WsWebSocketContainer.java

tomcat/tc8.0.x/trunk/test/org/apache/tomcat/websocket/TestWsWebSocketContainer.java
tomcat/tc8.0.x/trunk/webapps/docs/changelog.xml

Propchange: tomcat/tc8.0.x/trunk/
--
--- svn:mergeinfo (original)
+++ svn:mergeinfo Mon Nov 23 22:09:35 2015
@@ -1 +1 @@
-/tomcat/trunk:1636524,1637156,1637176,1637188,1637331,1637684,1637695,1638720-1638725,1639653,1640010,1640083-1640084,1640088,1640275,1640322,1640347,1640361,1640365,1640403,1640410,1640652,1640655-1640658,1640688,1640700-1640883,1640903,1640976,1640978,1641000,1641026,1641038-1641039,1641051-1641052,1641058,1641064,1641300,1641369,1641374,1641380,1641486,1641634,1641656-1641692,1641704,1641707-1641718,1641720-1641722,1641735,1641981,1642233,1642280,1642554,1642564,1642595,1642606,1642668,1642679,1642697,1642699,1642766,1643002,1643045,1643054-1643055,1643066,1643121,1643128,1643206,1643209-1643210,1643216,1643249,1643270,1643283,1643309-1643310,1643323,1643365-1643366,1643370-1643371,1643465,1643474,1643536,1643570,1643634,1643649,1643651,1643654,1643675,1643731,1643733-1643734,1643761,1643766,1643814,1643937,1643963,1644017,1644169,1644201-1644203,1644321,1644323,1644516,1644523,1644529,1644535,1644730,1644768,1644784-1644785,1644790,1644793,1644815,1644884,1644886,1644890,1644892
 
,1644910,1644924,1644929-1644930,1644935,1644989,1645011,1645247,1645355,1645357-1645358,1645455,1645465,1645469,1645471,1645473,1645475,1645486-1645488,1645626,1645641,1645685,1645743,1645763,1645951-1645953,1645955,1645993,1646098-1646106,1646178,1646220,1646302,1646304,1646420,1646470-1646471,1646476,1646559,1646717-1646723,1646773,1647026,1647042,1647530,1647655,1648304,1648815,1648907,1649973,1650081,1650365,1651116,1651120,1651280,1651470,1652938,1652970,1653041,1653471,1653550,1653574,1653797,1653815-1653816,1653819,1653840,1653857,1653888,1653972,1654013,1654030,1654050,1654123,1654148,1654159,1654513,1654515,1654517,1654522,1654524,1654725,1654735,1654766,1654785,1654851-1654852,1654978,1655122-1655124,1655126-1655127,1655129-1655130,1655132-1655133,1655312,1655351,1655438,1655441,1655454,168,1656087,1656299,1656319,1656331,1656345,1656350,1656590,1656648-1656650,1656657,1657041,1657054,1657374,1657492,1657510,1657565,1657580,1657584,1657586,1657589,1657592,1657607,1657
 
609,1657682,1657907,1658207,1658734,1658781,1658790,1658799,1658802,1658804,1658833,1658840,1658966,1659043,1659053,1659059,1659174,1659184,1659188-1659189,1659216,1659263,1659293,1659304,1659306-1659307,1659382,1659384,1659428,1659471,1659486,1659505,1659516,1659521,1659524,1659559,1659562,1659803,1659806,1659814,1659833,1659862,1659905,1659919,1659948,1659967,1659983-1659984,1660060,1660074,1660077,1660133,1660168,1660331-1660332,1660353,1660358,1660924,1661386,1661867,1661972,1661990,1662200,1662308-1662309,1662548,1662614,1662736,1662985,1662988-1662989,1663264,1663277,1663298,1663534,1663562,1663676,1663715,1663754,1663768,1663772,1663781,1663893,1663995,1664143,1664163,1664174,1664301,1664317,1664347,1664657,1664659,1664710,1664863-1664864,1664866,1665085,1665292,1665559,1665653,1665661,1665672,1665694,1665697,1665736,1665779,1665976-1665977,1665980-1665981,1665985-1665986,1665989,1665998,1666004,1666008,1666013,1666017,1666024,1666116,1666386-1666387,1666494,1666496,1666552,1

svn commit: r1715983 - in /tomcat/tc7.0.x/trunk: ./ java/org/apache/tomcat/websocket/ test/org/apache/tomcat/websocket/ webapps/docs/

2015-11-23 Thread markt 
Author: markt
Date: Mon Nov 23 22:20:30 2015
New Revision: 1715983

URL: http://svn.apache.org/viewvc?rev=1715983=rev
Log:
Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=55006
Add ProxySelector support to the WebSocket client
Based on a patch by Niki Dokovski.

Added:

tomcat/tc7.0.x/trunk/test/org/apache/tomcat/websocket/TestWsWebSocketContainerWithProxy.java
  - copied unchanged from r1715978, 
tomcat/tc8.0.x/trunk/test/org/apache/tomcat/websocket/TestWsWebSocketContainerWithProxy.java
Modified:
tomcat/tc7.0.x/trunk/   (props changed)

tomcat/tc7.0.x/trunk/java/org/apache/tomcat/websocket/LocalStrings.properties

tomcat/tc7.0.x/trunk/java/org/apache/tomcat/websocket/WsWebSocketContainer.java

tomcat/tc7.0.x/trunk/test/org/apache/tomcat/websocket/TestWsWebSocketContainer.java
tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml

Propchange: tomcat/tc7.0.x/trunk/
--
--- svn:mergeinfo (original)
+++ svn:mergeinfo Mon Nov 23 22:20:30 2015
@@ -1,2 +1,2 @@
-/tomcat/tc8.0.x/trunk:1636525,1637336,1637685,1637709,1638726,1640089,1640276,1640349,1640363,1640366,1640642,1640672,1640674,1640689,1640884,1641001,1641065,1641067,1641375,1641638,1641723,1641726,1641729-1641730,1641736,1641988,1642669-1642670,1642698,1642701,1643205,1643215,1643217,1643230,1643232,1643273,1643285,1643329-1643330,1643511,1643513,1643521,1643539,1643571,1643581-1643582,1643635,1643655,1643738,1643964,1644018,1644333,1644954,1644992,1645014,1645360,1645456,1645627,1645642,1645686,1645903-1645904,1645908-1645909,1645913,1645920,1646458,1646460-1646462,1646735,1646738-1646741,1646744,1646746,1646748-1646755,1646757,1646759-1646760,1647043,1648816,1651420-1651422,1651844,1652926,1652939-1652940,1652973,1653798,1653817,1653841,1654042,1654161,1654736,1654767,1654787,1656592,1659907,1662986,1663265,1663278,1663325,1663535,1663567,1663679,1663997,1664175,1664321,1664872,1665061,1665086,1666027,1666395,1666503,1666506,1666560,1666570,1666581,1666759,1666967,1666988,1667553
 
-1667555,1667558,1667617,1667633,1667637,1667747,1667767,1667873,1668028,1668137,1668634,1669432,1669801,1669840,1669895-1669896,1670398,1670435,1670592,1670605-1670607,1670609,1670632,1670720,1670725,1670727,1670731,1671114,1672273,1672285,1673759,1674220,1674295,1675469,1675488,1675595,1675831,1676232,1676367-1676369,1676382,1676394,1676483,1676556,1676635,1678178,1679536,1679988,1680256,1681124,1681182,1681730,1681840,1681864,1681869,1682010,1682034,1682047,1682052-1682053,1682062,1682064,1682070,1682312,1682325,1682331,1682386,1684367,1684385,1685759,1685774,1685827,1685892,1687341,1688904,1689358,1689657,1689921,1692850,1693093,1693108,1693324,1694060,1694115,1694291,1694427,1694431,1694503,1694549,1694789,1694873,1694881,1695356,1695372,1695823-1695825,1696200,1696281,1696379,1696468,1700608,1700871,1700897,1700978,1701094,1701124,1701608,1701668,1701676,1701766,1701944,1702248,1702252,1702314,1702390,1702723,1702725,1702728,1702730,1702733,1702735,1702737,1702739,1702742,1702
 
744,1702748,1702751,1702754,1702758,1702760,1702763,1702766,1708779,1708782,1708806,1709314,1709670,1710347,1710442,1710448,1710490,1710574,1710578,1712226,1712229,1712235,1712255,1712618,1712649,1712655,1712899,1712903,1712906,1712975,1713185,1713262,1713287,1713613,1713621,1713872,1713976,1713994,1713998,1714004,1714013,1714059,1714538,1714580,1715207,1715544,1715549,1715637,1715639-1715645,1715667,1715683
-/tomcat/trunk:1156115-1157160,1157162-1157859,1157862-1157942,1157945-1160347,1160349-1163716,1163718-1166689,1166691-1174340,1174342-1175596,1175598-1175611,1175613-1175932,1175934-1177783,1177785-1177980,1178006-1180720,1180722-1183094,1183096-1187753,1187755,1187775,1187801,1187806,1187809,1187826-1188312,1188314-1188401,1188646-1188840,1188842-1190176,1190178-1195223,1195225-1195953,1195955,1195957-1201238,1201240-1203345,1203347-1206623,1206625-1208046,1208073,1208096,1208114,1208145,1208772,1209194-1212125,1212127-1220291,1220293,1220295-1221321,1221323-1222329,1222332-1222401,1222405-1222795,1222850-1222950,1222969-1225326,1225328-1225463,1225465,1225627,1225629-1226534,1226536-1228908,1228911-1228923,1228927-1229532,1229534-1230766,1230768-1231625,1231627-1233414,1233419-1235207,1235209-1237425,1237427,1237429-1237977,1237981,1237985,1237995,1238070,1238073,1239024-1239048,1239050-1239062,1239135,1239256,1239258-1239485,1239785-1240046,1240101,1240106,1240109,1240112,1240114

svn commit: r1715976 - /tomcat/trunk/java/org/apache/tomcat/ContextBind.java

2015-11-23 Thread markt 
Author: markt
Date: Mon Nov 23 22:04:18 2015
New Revision: 1715976

URL: http://svn.apache.org/viewvc?rev=1715976=rev
Log:
Fix Javadoc errors
Trivial clean-up

Modified:
tomcat/trunk/java/org/apache/tomcat/ContextBind.java

Modified: tomcat/trunk/java/org/apache/tomcat/ContextBind.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/ContextBind.java?rev=1715976=1715975=1715976=diff
==
--- tomcat/trunk/java/org/apache/tomcat/ContextBind.java (original)
+++ tomcat/trunk/java/org/apache/tomcat/ContextBind.java Mon Nov 23 22:04:18 
2015
@@ -23,9 +23,9 @@ public interface ContextBind {
  * class loader. If no web application class loader is defined, or if the
  * current thread is already using the web application class loader then no
  * change will be made. If the class loader is changed and a
- * {@link ThreadBindingListener} is configured then
- * {@link ThreadBindingListener#bind()} will be called after the change has
- * been made.
+ * {@link org.apache.catalina.ThreadBindingListener} is configured then
+ * {@link org.apache.catalina.ThreadBindingListener#bind()} will be called
+ * after the change has been made.
  *
  * @param usePrivilegedAction
  *  Should a {@link java.security.PrivilegedAction} be used when
@@ -39,14 +39,15 @@ public interface ContextBind {
  * the thread context class loader in use when the method was
  * called. If no change was made then this method returns null.
  */
-public ClassLoader bind(boolean usePrivilegedAction, ClassLoader 
originalClassLoader);
+ClassLoader bind(boolean usePrivilegedAction, ClassLoader 
originalClassLoader);
 
 /**
  * Restore the current thread context class loader to the original class
  * loader in used before {@link #bind(boolean, ClassLoader)} was called. If
  * no original class loader is passed to this method then no change will be
- * made. If the class loader is changed and a {@link ThreadBindingListener}
- * is configured then {@link ThreadBindingListener#unbind()} will be called
+ * made. If the class loader is changed and a
+ * {@link org.apache.catalina.ThreadBindingListener} is configured then
+ * {@link org.apache.catalina.ThreadBindingListener#unbind()} will be 
called
  * before the change is made.
  *
  * @param usePrivilegedAction
@@ -55,6 +56,5 @@ public interface ContextBind {
  * @param originalClassLoader
  *  The class loader to restore as the thread context class loader
  */
-public void unbind(boolean usePrivilegedAction, ClassLoader 
originalClassLoader);
-
+void unbind(boolean usePrivilegedAction, ClassLoader originalClassLoader);
 }



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

svn commit: r1715980 - /tomcat/trunk/java/org/apache/tomcat/websocket/WsWebSocketContainer.java

2015-11-23 Thread markt 
Author: markt
Date: Mon Nov 23 22:18:22 2015
New Revision: 1715980

URL: http://svn.apache.org/viewvc?rev=1715980=rev
Log:
Fix warnings

Modified:
tomcat/trunk/java/org/apache/tomcat/websocket/WsWebSocketContainer.java

Modified: 
tomcat/trunk/java/org/apache/tomcat/websocket/WsWebSocketContainer.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/websocket/WsWebSocketContainer.java?rev=1715980=1715979=1715980=diff
==
--- tomcat/trunk/java/org/apache/tomcat/websocket/WsWebSocketContainer.java 
(original)
+++ tomcat/trunk/java/org/apache/tomcat/websocket/WsWebSocketContainer.java Mon 
Nov 23 22:18:22 2015
@@ -186,6 +186,7 @@ public class WsWebSocketContainer implem
 }
 
 
+@SuppressWarnings("resource") // socketChannel is closed
 @Override
 public Session connectToServer(Endpoint endpoint,
 ClientEndpointConfig clientEndpointConfiguration, URI path)
@@ -310,7 +311,9 @@ public class WsWebSocketContainer implem
 }
 } catch (TimeoutException | InterruptedException | 
ExecutionException |
 EOFException e) {
-channel.close();
+if (channel != null) {
+channel.close();
+}
 throw new DeploymentException(
 
sm.getString("wsWebSocketContainer.httpRequestFailed"), e);
 }



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

svn commit: r1715981 - /tomcat/tc8.0.x/trunk/java/org/apache/tomcat/websocket/WsWebSocketContainer.java

2015-11-23 Thread markt 
Author: markt
Date: Mon Nov 23 22:19:30 2015
New Revision: 1715981

URL: http://svn.apache.org/viewvc?rev=1715981=rev
Log:
Fix warnings

Modified:

tomcat/tc8.0.x/trunk/java/org/apache/tomcat/websocket/WsWebSocketContainer.java

Modified: 
tomcat/tc8.0.x/trunk/java/org/apache/tomcat/websocket/WsWebSocketContainer.java
URL: 
http://svn.apache.org/viewvc/tomcat/tc8.0.x/trunk/java/org/apache/tomcat/websocket/WsWebSocketContainer.java?rev=1715981=1715980=1715981=diff
==
--- 
tomcat/tc8.0.x/trunk/java/org/apache/tomcat/websocket/WsWebSocketContainer.java 
(original)
+++ 
tomcat/tc8.0.x/trunk/java/org/apache/tomcat/websocket/WsWebSocketContainer.java 
Mon Nov 23 22:19:30 2015
@@ -342,7 +342,9 @@ public class WsWebSocketContainer
 }
 } catch (TimeoutException | InterruptedException | 
ExecutionException |
 EOFException e) {
-channel.close();
+if (channel != null) {
+channel.close();
+}
 throw new DeploymentException(
 
sm.getString("wsWebSocketContainer.httpRequestFailed"), e);
 }



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 55006] Add http proxy support for ClientEndpoint using system properties [PATCH]

2015-11-23 Thread bugzilla 
https://bz.apache.org/bugzilla/show_bug.cgi?id=55006

Mark Thomas  changed:

   What|Removed |Added

 Resolution|--- |FIXED
 Status|NEW |RESOLVED

--- Comment #5 from Mark Thomas  ---
Thanks for the patch. I used it as a basis for the fix that has been applied to
9.0.x (for 9.0.0.M2 onwards), 8.0.x (for 8.0.30 onwards) and 7.0.x (for 7.0.66
onwards).

-- 
You are receiving this mail because:
You are the assignee for the bug.

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

svn commit: r1715984 - /tomcat/tc7.0.x/trunk/build.xml

2015-11-23 Thread markt 
Author: markt
Date: Mon Nov 23 22:39:06 2015
New Revision: 1715984

URL: http://svn.apache.org/viewvc?rev=1715984=rev
Log:
Classes that require Java 7 can use Java 7 features.

Modified:
tomcat/tc7.0.x/trunk/build.xml

Modified: tomcat/tc7.0.x/trunk/build.xml
URL: 
http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/build.xml?rev=1715984=1715983=1715984=diff
==
--- tomcat/tc7.0.x/trunk/build.xml (original)
+++ tomcat/tc7.0.x/trunk/build.xml Mon Nov 23 22:39:06 2015
@@ -675,8 +675,8 @@

buildbot failure in ASF Buildbot on tomcat-7-trunk

2015-11-23 Thread buildbot 
The Buildbot has detected a new failure on builder tomcat-7-trunk while 
building ASF Buildbot. Full details are available at:
http://ci.apache.org/builders/tomcat-7-trunk/builds/185

Buildbot URL: http://ci.apache.org/

Buildslave for this Build: silvanus_ubuntu

Build Reason: The AnyBranchScheduler scheduler named 'on-tomcat-7-commit' 
triggered this build
Build Source Stamp: [branch tomcat/tc7.0.x/trunk] 1715983
Blamelist: markt

BUILD FAILED: failed compile

Sincerely,
 -The Buildbot




-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

svn commit: r1715975 - /tomcat/trunk/java/org/apache/catalina/session/PersistentManagerBase.java

2015-11-23 Thread markt 
Author: markt
Date: Mon Nov 23 22:02:56 2015
New Revision: 1715975

URL: http://svn.apache.org/viewvc?rev=1715975=rev
Log:
Fix Javadoc errors

Modified:
tomcat/trunk/java/org/apache/catalina/session/PersistentManagerBase.java

Modified: 
tomcat/trunk/java/org/apache/catalina/session/PersistentManagerBase.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/session/PersistentManagerBase.java?rev=1715975=1715974=1715975=diff
==
--- tomcat/trunk/java/org/apache/catalina/session/PersistentManagerBase.java 
(original)
+++ tomcat/trunk/java/org/apache/catalina/session/PersistentManagerBase.java 
Mon Nov 23 22:02:56 2015
@@ -14,8 +14,6 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
-
-
 package org.apache.catalina.session;
 
 import java.io.IOException;
@@ -42,8 +40,8 @@ import org.apache.juli.logging.LogFactor
  * persistence, even if only for  restarts.
  * 
  * IMPLEMENTATION NOTE:  Correct behavior of session storing and
- * reloading depends upon external calls to the {@link LifecycleBase#start() 
start()}
- * and {@link LifecycleBase#stop() stop()} methods of this class
+ * reloading depends upon external calls to the {@link Lifecycle#start() 
start()}
+ * and {@link Lifecycle#stop() stop()} methods of this class
  * at the correct times.
  *
  * @author Craig R. McClanahan
@@ -281,7 +279,7 @@ public abstract class PersistentManagerB
  * it can be swapped out of memory due to maxActiveSession. Set it to 
{@code -1}
  * if it can be swapped out at any time.
  *
- * @param int time in seconds before a possible swap out
+ * @param min time in seconds before a possible swap out
  */
 public void setMinIdleSwap(int min) {
 
@@ -352,7 +350,7 @@ public abstract class PersistentManagerB
 
 /**
  * Indicates whether sessions are saved when the Manager is shut down
- * properly. This requires the {@link Manager#unload() unload()} method to 
be called.
+ * properly. This requires the {@link #unload()} method to be called.
  *
  * @return {@code true}, when sessions should be saved on restart,
  * {code false} otherwise



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: [VOTE] Release Apache Tomcat 8.0.29

2015-11-23 Thread Keiichi Fujino 
2015-11-20 19:00 GMT+09:00 Mark Thomas :

> The proposed Apache Tomcat 8.0.29 release is now available for voting.
>
> The main changes since 8.0.28 are:
>
> - Add an option to control (per context) quoting of EL expressions in
>   JSP attributes
>
> - Correct a regression in the fix for 56777 that added support for
>   URIs in config file locations
>
> - Add a new RestCsrfPreventionFilter that provides basic CSRF
>   protection for REST APIs
>
> -  Use instance manager for WebSocket server endpoint instances
>
>
> It can be obtained from:
> https://dist.apache.org/repos/dist/dev/tomcat/tomcat-8/v8.0.29/
> The Maven staging repo is:
> https://repository.apache.org/content/repositories/orgapachetomcat-1055/
> The svn tag is:
> http://svn.apache.org/repos/asf/tomcat/tc8.0.x/tags/TOMCAT_8_0_29/
>
> The proposed 8.0.29 release is:
> [ ] Broken - do not release
> [X] Stable - go ahead and release as 8.0.29
>
>
+1
Tested on sample apps (enable DeltaManager ).
Works fine.





> -
> To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: dev-h...@tomcat.apache.org
>
>
> -
> To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: dev-h...@tomcat.apache.org
>
> --
> Keiichi.Fujino
>

svn commit: r1716037 - /tomcat/trunk/webapps/docs/changelog.xml

2015-11-23 Thread kfujino 
Author: kfujino
Date: Tue Nov 24 06:12:17 2015
New Revision: 1716037

URL: http://svn.apache.org/viewvc?rev=1716037=rev
Log:
Add changelog entry of r1714919 and r1714920.

Modified:
tomcat/trunk/webapps/docs/changelog.xml

Modified: tomcat/trunk/webapps/docs/changelog.xml
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1716037=1716036=1716037=diff
==
--- tomcat/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/trunk/webapps/docs/changelog.xml Tue Nov 24 06:12:17 2015
@@ -107,6 +107,10 @@
   
 
   
+Enable an explicit configuration of local member in the static cluster
+membership. (kfujino)
+  
+  
 Fix potential integer overflow in DeltaSession.
 Reported by coverity scan. (fschumacher)
   



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

svn commit: r1716038 - in /tomcat/trunk: java/org/apache/catalina/tribes/group/interceptors/TcpFailureDetector.java webapps/docs/changelog.xml

2015-11-23 Thread kfujino 
Author: kfujino
Date: Tue Nov 24 06:16:54 2015
New Revision: 1716038

URL: http://svn.apache.org/viewvc?rev=1716038=rev
Log:
Ensure that the static member is registered to the add suspect list even If the 
static member that is registered to the remove suspect list has disappeared.

Modified:

tomcat/trunk/java/org/apache/catalina/tribes/group/interceptors/TcpFailureDetector.java
tomcat/trunk/webapps/docs/changelog.xml

Modified: 
tomcat/trunk/java/org/apache/catalina/tribes/group/interceptors/TcpFailureDetector.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/tribes/group/interceptors/TcpFailureDetector.java?rev=1716038=1716037=1716038=diff
==
--- 
tomcat/trunk/java/org/apache/catalina/tribes/group/interceptors/TcpFailureDetector.java
 (original)
+++ 
tomcat/trunk/java/org/apache/catalina/tribes/group/interceptors/TcpFailureDetector.java
 Tue Nov 24 06:16:54 2015
@@ -277,6 +277,9 @@ public class TcpFailureDetector extends
 Member m = keys[i];
 if (membership.getMember(m) != null && (!memberAlive(m))) {
 membership.removeMember(m);
+if (m instanceof StaticMember) {
+addSuspects.put(m, 
Long.valueOf(System.currentTimeMillis()));
+}
 super.memberDisappeared(m);
 removeSuspects.remove(m);
 if(log.isInfoEnabled())

Modified: tomcat/trunk/webapps/docs/changelog.xml
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1716038=1716037=1716038=diff
==
--- tomcat/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/trunk/webapps/docs/changelog.xml Tue Nov 24 06:16:54 2015
@@ -126,6 +126,15 @@
   
 
   
+  
+
+  
+Ensure that the static member is registered to the add suspect list 
even
+if the static member that is registered to the remove suspect list has
+disappeared. (kfujino)
+  
+
+  
   
 
   



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

svn commit: r1716039 - in /tomcat/trunk: java/org/apache/catalina/tribes/group/interceptors/LocalStrings.properties webapps/docs/changelog.xml

2015-11-23 Thread kfujino 
Author: kfujino
Date: Tue Nov 24 06:19:37 2015
New Revision: 1716039

URL: http://svn.apache.org/viewvc?rev=1716039=rev
Log:
Correct the warnnig log of when the member that is not registered in the 
membership is detected.

Modified:

tomcat/trunk/java/org/apache/catalina/tribes/group/interceptors/LocalStrings.properties
tomcat/trunk/webapps/docs/changelog.xml

Modified: 
tomcat/trunk/java/org/apache/catalina/tribes/group/interceptors/LocalStrings.properties
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/tribes/group/interceptors/LocalStrings.properties?rev=1716039=1716038=1716039=diff
==
--- 
tomcat/trunk/java/org/apache/catalina/tribes/group/interceptors/LocalStrings.properties
 (original)
+++ 
tomcat/trunk/java/org/apache/catalina/tribes/group/interceptors/LocalStrings.properties
 Tue Nov 24 06:19:37 2015
@@ -39,7 +39,7 @@ tcpFailureDetector.already.disappeared=V
 tcpFailureDetector.member.disappeared=Verification complete. Member 
disappeared[{0}]
 tcpFailureDetector.still.alive=Verification complete. Member still alive[{0}]
 tcpFailureDetector.heartbeat.failed=Unable to perform heartbeat on the 
TcpFailureDetector.
-tcpFailureDetector.performBasicCheck.memberAdded=Member added, even though we 
werent notified:{0}
+tcpFailureDetector.performBasicCheck.memberAdded=Member added, even though we 
weren''t  notified:{0}
 tcpFailureDetector.suspectMember.dead=Suspect member, confirmed dead.[{0}]
 tcpFailureDetector.suspectMember.alive=Suspect member, confirmed alive.[{0}]
 tcpFailureDetector.failureDetection.failed=Unable to perform failure detection 
check, assuming member down.

Modified: tomcat/trunk/webapps/docs/changelog.xml
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1716039=1716038=1716039=diff
==
--- tomcat/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/trunk/webapps/docs/changelog.xml Tue Nov 24 06:19:37 2015
@@ -133,6 +133,10 @@
 if the static member that is registered to the remove suspect list has
 disappeared. (kfujino)
   
+  
+Correct the warnnig log of when the member that is not registered in 
the
+membership is detected. (kfujino)
+  
 
   
   



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

svn commit: r1716040 - in /tomcat/tc8.0.x/trunk: java/org/apache/catalina/tribes/group/interceptors/LocalStrings.properties java/org/apache/catalina/tribes/group/interceptors/TcpFailureDetector.java w

2015-11-23 Thread kfujino 
Author: kfujino
Date: Tue Nov 24 06:23:31 2015
New Revision: 1716040

URL: http://svn.apache.org/viewvc?rev=1716040=rev
Log:
-Ensure that the static member is registered to the add suspect list even If 
the static member that is registered to the remove suspect list has disappeared.
-Correct the warnnig log of when the member that is not registered in the 
membership is detected.

Modified:

tomcat/tc8.0.x/trunk/java/org/apache/catalina/tribes/group/interceptors/LocalStrings.properties

tomcat/tc8.0.x/trunk/java/org/apache/catalina/tribes/group/interceptors/TcpFailureDetector.java
tomcat/tc8.0.x/trunk/webapps/docs/changelog.xml

Modified: 
tomcat/tc8.0.x/trunk/java/org/apache/catalina/tribes/group/interceptors/LocalStrings.properties
URL: 
http://svn.apache.org/viewvc/tomcat/tc8.0.x/trunk/java/org/apache/catalina/tribes/group/interceptors/LocalStrings.properties?rev=1716040=1716039=1716040=diff
==
--- 
tomcat/tc8.0.x/trunk/java/org/apache/catalina/tribes/group/interceptors/LocalStrings.properties
 (original)
+++ 
tomcat/tc8.0.x/trunk/java/org/apache/catalina/tribes/group/interceptors/LocalStrings.properties
 Tue Nov 24 06:23:31 2015
@@ -39,7 +39,7 @@ tcpFailureDetector.already.disappeared=V
 tcpFailureDetector.member.disappeared=Verification complete. Member 
disappeared[{0}]
 tcpFailureDetector.still.alive=Verification complete. Member still alive[{0}]
 tcpFailureDetector.heartbeat.failed=Unable to perform heartbeat on the 
TcpFailureDetector.
-tcpFailureDetector.performBasicCheck.memberAdded=Member added, even though we 
werent notified:{0}
+tcpFailureDetector.performBasicCheck.memberAdded=Member added, even though we 
weren''t  notified:{0}
 tcpFailureDetector.suspectMember.dead=Suspect member, confirmed dead.[{0}]
 tcpFailureDetector.suspectMember.alive=Suspect member, confirmed alive.[{0}]
 tcpFailureDetector.failureDetection.failed=Unable to perform failure detection 
check, assuming member down.

Modified: 
tomcat/tc8.0.x/trunk/java/org/apache/catalina/tribes/group/interceptors/TcpFailureDetector.java
URL: 
http://svn.apache.org/viewvc/tomcat/tc8.0.x/trunk/java/org/apache/catalina/tribes/group/interceptors/TcpFailureDetector.java?rev=1716040=1716039=1716040=diff
==
--- 
tomcat/tc8.0.x/trunk/java/org/apache/catalina/tribes/group/interceptors/TcpFailureDetector.java
 (original)
+++ 
tomcat/tc8.0.x/trunk/java/org/apache/catalina/tribes/group/interceptors/TcpFailureDetector.java
 Tue Nov 24 06:23:31 2015
@@ -278,6 +278,9 @@ public class TcpFailureDetector extends
 Member m = keys[i];
 if (membership.getMember(m) != null && (!memberAlive(m))) {
 membership.removeMember(m);
+if (m instanceof StaticMember) {
+addSuspects.put(m, 
Long.valueOf(System.currentTimeMillis()));
+}
 super.memberDisappeared(m);
 removeSuspects.remove(m);
 if(log.isInfoEnabled())

Modified: tomcat/tc8.0.x/trunk/webapps/docs/changelog.xml
URL: 
http://svn.apache.org/viewvc/tomcat/tc8.0.x/trunk/webapps/docs/changelog.xml?rev=1716040=1716039=1716040=diff
==
--- tomcat/tc8.0.x/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/tc8.0.x/trunk/webapps/docs/changelog.xml Tue Nov 24 06:23:31 2015
@@ -84,6 +84,19 @@
   
 
   
+  
+
+  
+Ensure that the static member is registered to the add suspect list 
even
+if the static member that is registered to the remove suspect list has
+disappeared. (kfujino)
+  
+  
+Correct the warnnig log of when the member that is not registered in 
the
+membership is detected. (kfujino)
+  
+
+  
   
 
   



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

svn commit: r1716041 - in /tomcat/tc7.0.x/trunk: java/org/apache/catalina/tribes/group/interceptors/TcpFailureDetector.java webapps/docs/changelog.xml

2015-11-23 Thread kfujino 
Author: kfujino
Date: Tue Nov 24 06:25:37 2015
New Revision: 1716041

URL: http://svn.apache.org/viewvc?rev=1716041=rev
Log:
-Ensure that the static member is registered to the add suspect list even If 
the static member that is registered to the remove suspect list has disappeared.
-Correct the warnnig log of when the member that is not registered in the 
membership is detected.

Modified:

tomcat/tc7.0.x/trunk/java/org/apache/catalina/tribes/group/interceptors/TcpFailureDetector.java
tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml

Modified: 
tomcat/tc7.0.x/trunk/java/org/apache/catalina/tribes/group/interceptors/TcpFailureDetector.java
URL: 
http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/catalina/tribes/group/interceptors/TcpFailureDetector.java?rev=1716041=1716040=1716041=diff
==
--- 
tomcat/tc7.0.x/trunk/java/org/apache/catalina/tribes/group/interceptors/TcpFailureDetector.java
 (original)
+++ 
tomcat/tc7.0.x/trunk/java/org/apache/catalina/tribes/group/interceptors/TcpFailureDetector.java
 Tue Nov 24 06:25:37 2015
@@ -265,7 +265,7 @@ public class TcpFailureDetector extends
 if (membership.memberAlive( (MemberImpl) members[i])) {
 //we don't have this one in our membership, check to see if 
he/she is alive
 if (memberAlive(members[i])) {
-log.warn("Member added, even though we werent notified:" + 
members[i]);
+log.warn("Member added, even though we weren't notified:" 
+ members[i]);
 super.memberAdded(members[i]);
 } else {
 membership.removeMember( (MemberImpl) members[i]);
@@ -280,6 +280,9 @@ public class TcpFailureDetector extends
 MemberImpl m = keys[i];
 if (membership.getMember(m) != null && (!memberAlive(m))) {
 membership.removeMember(m);
+if (m instanceof StaticMember) {
+addSuspects.put(m, 
Long.valueOf(System.currentTimeMillis()));
+}
 super.memberDisappeared(m);
 removeSuspects.remove(m);
 if(log.isInfoEnabled())

Modified: tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml
URL: 
http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml?rev=1716041=1716040=1716041=diff
==
--- tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml Tue Nov 24 06:25:37 2015
@@ -217,6 +217,15 @@
 Interceptors. If the required Interceptor does not exist, it issues
 warning logs. (kfujino)
   
+  
+Ensure that the static member is registered to the add suspect list 
even
+if the static member that is registered to the remove suspect list has
+disappeared. (kfujino)
+  
+  
+Correct the warnnig log of when the member that is not registered in 
the
+membership is detected. (kfujino)
+  
 
   
   



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[GUMP@vmgump]: Project tomcat-trunk-validate (in module tomcat-trunk) failed

2015-11-23 Thread Bill Barker 
To whom it may engage...

This is an automated request, but not an unsolicited one. For 
more information please visit http://gump.apache.org/nagged.html, 
and/or contact the folk at gene...@gump.apache.org.

Project tomcat-trunk-validate has an issue affecting its community integration.
This issue affects 1 projects,
 and has been outstanding for 30 runs.
The current state of this project is 'Failed', with reason 'Build Failed'.
For reference only, the following projects are affected by this:
- tomcat-trunk-validate :  Tomcat 9.x, a web server implementing the Java 
Servlet 4.0,
...


Full details are available at:

http://vmgump.apache.org/gump/public/tomcat-trunk/tomcat-trunk-validate/index.html

That said, some information snippets are provided here.

The following annotations (debug/informational/warning/error messages) were 
provided:
 -DEBUG- Dependency on checkstyle exists, no need to add for property 
checkstyle.jar.
 -INFO- Failed with reason build failed



The following work was performed:
http://vmgump.apache.org/gump/public/tomcat-trunk/tomcat-trunk-validate/gump_work/build_tomcat-trunk_tomcat-trunk-validate.html
Work Name: build_tomcat-trunk_tomcat-trunk-validate (Type: Build)
Work ended in a state of : Failed
Elapsed: 1 min 9 secs
Command Line: /usr/lib/jvm/java-8-oracle/bin/java -Djava.awt.headless=true 
-Dbuild.sysclasspath=only org.apache.tools.ant.Main 
-Dgump.merge=/srv/gump/public/gump/work/merge.xml 
-Dcheckstyle.jar=/srv/gump/public/workspace/checkstyle/target/checkstyle-6.13-SNAPSHOT.jar
 -Dexecute.validate=true validate 
[Working Directory: /srv/gump/public/workspace/tomcat-trunk]
CLASSPATH: 
/usr/lib/jvm/java-8-oracle/lib/tools.jar:/srv/gump/public/workspace/ant/dist/lib/ant.jar:/srv/gump/public/workspace/ant/dist/lib/ant-launcher.jar:/srv/gump/public/workspace/ant/dist/lib/ant-jmf.jar:/srv/gump/public/workspace/ant/dist/lib/ant-junit.jar:/srv/gump/public/workspace/ant/dist/lib/ant-junit4.jar:/srv/gump/public/workspace/ant/dist/lib/ant-swing.jar:/srv/gump/public/workspace/ant/dist/lib/ant-apache-resolver.jar:/srv/gump/public/workspace/ant/dist/lib/ant-apache-xalan2.jar:/srv/gump/public/workspace/xml-commons/java/build/resolver.jar:/srv/gump/public/workspace/checkstyle/target/checkstyle-6.13-SNAPSHOT.jar:/srv/gump/packages/antlr/antlr-3.1.3.jar:/srv/gump/public/workspace/apache-commons/beanutils/dist/commons-beanutils-20151124.jar:/srv/gump/packages/commons-collections3/commons-collections-3.2.1.jar:/srv/gump/public/workspace/apache-commons/cli/target/commons-cli-1.4-SNAPSHOT.jar:/srv/gump/public/workspace/commons-lang-trunk/target/commons-lang3-3.5-SNAPSHOT.ja
 
r:/srv/gump/public/workspace/apache-commons/logging/target/commons-logging-20151124.jar:/srv/gump/public/workspace/apache-commons/logging/target/commons-logging-api-20151124.jar:/srv/gump/packages/guava/guava-18.0.jar
-
Buildfile: /srv/gump/public/workspace/tomcat-trunk/build.xml

build-prepare:
   [delete] Deleting directory 
/srv/gump/public/workspace/tomcat-trunk/output/build/temp
[mkdir] Created dir: 
/srv/gump/public/workspace/tomcat-trunk/output/build/temp

compile-prepare:

download-validate:

testexist:
 [echo] Testing  for 
/srv/gump/public/workspace/checkstyle/target/checkstyle-6.13-SNAPSHOT.jar

setproxy:

downloadfile:

validate:
[mkdir] Created dir: 
/srv/gump/public/workspace/tomcat-trunk/output/res/checkstyle
[checkstyle] Running Checkstyle 6.13-SNAPSHOT on 3072 files
[checkstyle] 
/srv/gump/public/workspace/tomcat-trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLUtil.java:79:9:
 error: File contains tab characters (this is the first instance).
[checkstyle] 
/srv/gump/public/workspace/tomcat-trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLUtil.java:104:
 error: Line matches the illegal pattern '\s+$'.

BUILD FAILED
/srv/gump/public/workspace/tomcat-trunk/build.xml:554: Got 2 errors and 0 
warnings.

Total time: 1 minute 9 seconds
-

To subscribe to this information via syndicated feeds:
- RSS: 
http://vmgump.apache.org/gump/public/tomcat-trunk/tomcat-trunk-validate/rss.xml
- Atom: 
http://vmgump.apache.org/gump/public/tomcat-trunk/tomcat-trunk-validate/atom.xml

== Gump Tracking Only ===
Produced by Apache Gump(TM) version 2.3.
Gump Run 2015112409, vmgump.apache.org:vmgump:2015112409
Gump E-mail Identifier (unique within run) #2.

--
Apache Gump
http://gump.apache.org/ [Instance: vmgump]

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

buildbot success in ASF Buildbot on tomcat-7-trunk

2015-11-23 Thread buildbot 
The Buildbot has detected a restored build on builder tomcat-7-trunk while 
building ASF Buildbot. Full details are available at:
http://ci.apache.org/builders/tomcat-7-trunk/builds/187

Buildbot URL: http://ci.apache.org/

Buildslave for this Build: silvanus_ubuntu

Build Reason: The AnyBranchScheduler scheduler named 'on-tomcat-7-commit' 
triggered this build
Build Source Stamp: [branch tomcat/tc7.0.x/trunk] 1716041
Blamelist: kfujino

Build succeeded!

Sincerely,
 -The Buildbot




-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[jira] [Commented] (MTOMCAT-234) Tomcat8 Maven Plugin

2015-11-23 Thread Girish Mahajan (JIRA) 

[ 
https://issues.apache.org/jira/browse/MTOMCAT-234?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15023938#comment-15023938
 ] 

Girish Mahajan commented on MTOMCAT-234:


Can anyone please answer with what will be the ETA of tomcat8-maven-plugin GA 
release tentatively ? thanks in advance

> Tomcat8 Maven Plugin
> 
>
> Key: MTOMCAT-234
> URL: https://issues.apache.org/jira/browse/MTOMCAT-234
> Project: Apache Tomcat Maven Plugin
>  Issue Type: Dependency upgrade
>Affects Versions: 2.0, 2.1, 2.2
> Environment: Maven 3.1, Tomcat8.0RC1, Oracle JDK7u25
>Reporter: Petr Novak
>Assignee: Olivier Lamy (*$^¨%`£)
>Priority: Blocker
> Fix For: 3.0
>
>
> Please provide initial version of Tomcat8 Maven Plugin. 
> I tried the recommendations in 
> http://tomcat.10.x6.nabble.com/Tomcat-8-Tomcat-Maven-Plugin-2-2-Tomcat8-Maven-Plugin-td4995858.html#none
> but the guideline 
> http://tomcat.apache.org/maven-plugin-trunk/tomcat7-maven-plugin/adjust-embedded-tomcat-version.html
> does not work for Tomcat8 .
> The problem is in changed Tomcat 8 API, the maven throws folloving exception:
>  at 
> org.apache.maven.plugin.DefaultBuildPluginManager.executeMojo(DefaultBuildPluginManager.java:142)
>  ... 20 more
> by: java.lang.NoSuchMethodError: 
> org.apache.catalina.startup.Tomcat.setDefaultRealm(Lorg/apache/catalina/Realm;)V
>  at 
> org.apache.tomcat.maven.plugin.tomcat7.run.AbstractRunMojo.startContainer(AbstractRunMojo.java:999)
>  at 
> org.apache.tomcat.maven.plugin.tomcat7.run.AbstractRunMojo.execute(AbstractRunMojo.java:514)
>  at 
> org.apache.maven.plugin.DefaultBuildPluginManager.executeMojo(DefaultBuildPluginManager.java:106)
>  ... 20 more
>  The method setDefaultRealm is deprecated in Tomcat7 and was removed in 
> Tomcat8 as described in documentation:
> http://tomcat.apache.org/tomcat-7.0-doc/api/org/apache/catalina/startup/Tomcat.html#setDefaultRealm(org.apache.catalina.Realm)



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: [VOTE] Release Apache Tomcat 8.0.29

2015-11-23 Thread Mark Thomas 
On 20/11/2015 10:00, Mark Thomas wrote:
> The proposed Apache Tomcat 8.0.29 release is now available for voting.
> 
> The main changes since 8.0.28 are:
> 
> - Add an option to control (per context) quoting of EL expressions in
>   JSP attributes
> 
> - Correct a regression in the fix for 56777 that added support for
>   URIs in config file locations
> 
> - Add a new RestCsrfPreventionFilter that provides basic CSRF
>   protection for REST APIs
> 
> -  Use instance manager for WebSocket server endpoint instances
> 
> 
> It can be obtained from:
> https://dist.apache.org/repos/dist/dev/tomcat/tomcat-8/v8.0.29/
> The Maven staging repo is:
> https://repository.apache.org/content/repositories/orgapachetomcat-1055/
> The svn tag is:
> http://svn.apache.org/repos/asf/tomcat/tc8.0.x/tags/TOMCAT_8_0_29/
> 
> The proposed 8.0.29 release is:
> [ ] Broken - do not release
> [X] Stable - go ahead and release as 8.0.29

Unit tests pass for BIO, NIO, NIO2 and APR on Windows, OSX and Linux.

Mark


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: [VOTE] Release Apache Tomcat 8.0.29

2015-11-23 Thread Rémy Maucherat 
2015-11-20 11:00 GMT+01:00 Mark Thomas :

> The proposed 8.0.29 release is:
> [ ] Broken - do not release
> [X] Stable - go ahead and release as 8.0.29
>
> Rémy

svn commit: r1715897 - in /tomcat/tc8.0.x/trunk: java/org/apache/catalina/ java/org/apache/catalina/connector/ java/org/apache/coyote/ java/org/apache/tomcat/ webapps/docs/

2015-11-23 Thread remm 
Author: remm
Date: Mon Nov 23 17:23:59 2015
New Revision: 1715897

URL: http://svn.apache.org/viewvc?rev=1715897=rev
Log:
Extract Context.bind and unbind to an interface to make the CL bind cleaner for 
the upgrade code (including using a PA if needed).

Added:
tomcat/tc8.0.x/trunk/java/org/apache/tomcat/ContextBind.java
  - copied unchanged from r1715866, 
tomcat/trunk/java/org/apache/tomcat/ContextBind.java
Modified:
tomcat/tc8.0.x/trunk/java/org/apache/catalina/Context.java
tomcat/tc8.0.x/trunk/java/org/apache/catalina/connector/Request.java
tomcat/tc8.0.x/trunk/java/org/apache/coyote/AbstractProtocol.java
tomcat/tc8.0.x/trunk/java/org/apache/coyote/UpgradeToken.java
tomcat/tc8.0.x/trunk/webapps/docs/changelog.xml

Modified: tomcat/tc8.0.x/trunk/java/org/apache/catalina/Context.java
URL: 
http://svn.apache.org/viewvc/tomcat/tc8.0.x/trunk/java/org/apache/catalina/Context.java?rev=1715897=1715896=1715897=diff
==
--- tomcat/tc8.0.x/trunk/java/org/apache/catalina/Context.java (original)
+++ tomcat/tc8.0.x/trunk/java/org/apache/catalina/Context.java Mon Nov 23 
17:23:59 2015
@@ -29,6 +29,7 @@ import javax.servlet.ServletSecurityElem
 import javax.servlet.descriptor.JspConfigDescriptor;
 
 import org.apache.catalina.deploy.NamingResourcesImpl;
+import org.apache.tomcat.ContextBind;
 import org.apache.tomcat.InstanceManager;
 import org.apache.tomcat.JarScanner;
 import org.apache.tomcat.util.descriptor.web.ApplicationParameter;
@@ -57,7 +58,7 @@ import org.apache.tomcat.util.http.Cooki
  *
  * @author Craig R. McClanahan
  */
-public interface Context extends Container {
+public interface Context extends Container, ContextBind {
 
 
 // - Manifest Constants
@@ -1610,45 +1611,6 @@ public interface Context extends Contain
 public Map findPreDestroyMethods();
 
 /**
- * Change the current thread context class loader to the web application
- * class loader. If no web application class loader is defined, or if the
- * current thread is already using the web application class loader then no
- * change will be made. If the class loader is changed and a
- * {@link ThreadBindingListener} is configured then
- * {@link ThreadBindingListener#bind()} will be called after the change has
- * been made.
- *
- * @param usePrivilegedAction
- *  Should a {@link java.security.PrivilegedAction} be used when
- *  obtaining the current thread context class loader and setting
- *  the new one?
- * @param originalClassLoader
- *  The current class loader if known to save this method having to
- *  look it up
- *
- * @return If the class loader has been changed by the method it will 
return
- * the thread context class loader in use when the method was
- * called. If no change was made then this method returns null.
- */
-public ClassLoader bind(boolean usePrivilegedAction, ClassLoader 
originalClassLoader);
-
-/**
- * Restore the current thread context class loader to the original class
- * loader in used before {@link #bind(boolean, ClassLoader)} was called. If
- * no original class loader is passed to this method then no change will be
- * made. If the class loader is changed and a {@link ThreadBindingListener}
- * is configured then {@link ThreadBindingListener#unbind()} will be called
- * before the change is made.
- *
- * @param usePrivilegedAction
- *  Should a {@link java.security.PrivilegedAction} be used when
- *  setting the current thread context class loader?
- * @param originalClassLoader
- *  The class loader to restore as the thread context class loader
- */
-public void unbind(boolean usePrivilegedAction, ClassLoader 
originalClassLoader);
-
-/**
  * Obtain the token necessary for operations on the associated JNDI naming
  * context.
  */

Modified: tomcat/tc8.0.x/trunk/java/org/apache/catalina/connector/Request.java
URL: 
http://svn.apache.org/viewvc/tomcat/tc8.0.x/trunk/java/org/apache/catalina/connector/Request.java?rev=1715897=1715896=1715897=diff
==
--- tomcat/tc8.0.x/trunk/java/org/apache/catalina/connector/Request.java 
(original)
+++ tomcat/tc8.0.x/trunk/java/org/apache/catalina/connector/Request.java Mon 
Nov 23 17:23:59 2015
@@ -1892,7 +1892,7 @@ public class Request
 throw new ServletException(e);
 }
 UpgradeToken upgradeToken = new UpgradeToken(handler,
-getContext().getLoader().getClassLoader(), instanceManager);
+getContext(), instanceManager);
 
 coyoteRequest.action(ActionCode.UPGRADE, upgradeToken);
 

Modified:

[GUMP@vmgump]: Project tomcat-trunk-test-nio (in module tomcat-trunk) failed

2015-11-23 Thread Bill Barker 
To whom it may engage...

This is an automated request, but not an unsolicited one. For 
more information please visit http://gump.apache.org/nagged.html, 
and/or contact the folk at gene...@gump.apache.org.

Project tomcat-trunk-test-nio has an issue affecting its community integration.
This issue affects 1 projects.
The current state of this project is 'Failed', with reason 'Build Failed'.
For reference only, the following projects are affected by this:
- tomcat-trunk-test-nio :  Tomcat 9.x, a web server implementing the Java 
Servlet 4.0,
...


Full details are available at:

http://vmgump.apache.org/gump/public/tomcat-trunk/tomcat-trunk-test-nio/index.html

That said, some information snippets are provided here.

The following annotations (debug/informational/warning/error messages) were 
provided:
 -DEBUG- Dependency on commons-daemon exists, no need to add for property 
commons-daemon.native.src.tgz.
 -DEBUG- Dependency on commons-daemon exists, no need to add for property 
tomcat-native.tar.gz.
 -INFO- Failed with reason build failed
 -INFO- Project Reports in: 
/srv/gump/public/workspace/tomcat-trunk/output/logs-NIO
 -INFO- Project Reports in: 
/srv/gump/public/workspace/tomcat-trunk/output/test-tmp-NIO/logs
 -WARNING- No directory 
[/srv/gump/public/workspace/tomcat-trunk/output/test-tmp-NIO/logs]



The following work was performed:
http://vmgump.apache.org/gump/public/tomcat-trunk/tomcat-trunk-test-nio/gump_work/build_tomcat-trunk_tomcat-trunk-test-nio.html
Work Name: build_tomcat-trunk_tomcat-trunk-test-nio (Type: Build)
Work ended in a state of : Failed
Elapsed: 45 mins 53 secs
Command Line: /usr/lib/jvm/java-8-oracle/bin/java -Djava.awt.headless=true 
-Dbuild.sysclasspath=only org.apache.tools.ant.Main 
-Dgump.merge=/srv/gump/public/gump/work/merge.xml 
-Djunit.jar=/srv/gump/public/workspace/junit/target/junit-4.13-SNAPSHOT.jar 
-Dobjenesis.jar=/srv/gump/public/workspace/objenesis/main/target/objenesis-2.3-SNAPSHOT.jar
 -Dtest.reports=output/logs-NIO 
-Dtomcat-native.tar.gz=/srv/gump/public/workspace/apache-commons/daemon/dist/bin/commons-daemon-20151123-native-src.tar.gz
 -Dexamples.sources.skip=true 
-Djdt.jar=/srv/gump/packages/eclipse/plugins/R-4.5-201506032000/ecj-4.5.jar 
-Dtest.relaxTiming=true 
-Dcommons-daemon.jar=/srv/gump/public/workspace/apache-commons/daemon/dist/commons-daemon-20151123.jar
 
-Dcommons-daemon.native.src.tgz=/srv/gump/public/workspace/apache-commons/daemon/dist/bin/commons-daemon-20151123-native-src.tar.gz
 -Dtest.temp=output/test-tmp-NIO -Dtest.accesslog=true -Dexecute.test.nio=true 
-Dtest.openssl.path=/srv/gump/public/workspace/openssl-ma
 ster/dest-20151123/bin/openssl -Dexecute.test.apr=false 
-Dtest.excludePerformance=true -Dexecute.test.nio2=false 
-Deasymock.jar=/srv/gump/public/workspace/easymock/core/target/easymock-3.5-SNAPSHOT.jar
 -Dhamcrest.jar=/srv/gump/packages/hamcrest/hamcrest-core-1.3.jar 
-Dcglib.jar=/srv/gump/packages/cglib/cglib-nodep-2.2.jar test 
[Working Directory: /srv/gump/public/workspace/tomcat-trunk]
CLASSPATH: 
/usr/lib/jvm/java-8-oracle/lib/tools.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/webapps/examples/WEB-INF/classes:/srv/gump/public/workspace/tomcat-trunk/output/testclasses:/srv/gump/public/workspace/ant/dist/lib/ant.jar:/srv/gump/public/workspace/ant/dist/lib/ant-launcher.jar:/srv/gump/public/workspace/ant/dist/lib/ant-jmf.jar:/srv/gump/public/workspace/ant/dist/lib/ant-junit.jar:/srv/gump/public/workspace/ant/dist/lib/ant-junit4.jar:/srv/gump/public/workspace/ant/dist/lib/ant-swing.jar:/srv/gump/public/workspace/ant/dist/lib/ant-apache-resolver.jar:/srv/gump/public/workspace/ant/dist/lib/ant-apache-xalan2.jar:/srv/gump/public/workspace/xml-commons/java/build/resolver.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/bin/bootstrap.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/bin/tomcat-juli.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/annotations-api.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/servlet-api.ja
 
r:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/jsp-api.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/el-api.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/websocket-api.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/jaspic-api.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/catalina.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/catalina-ant.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/catalina-storeconfig.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/tomcat-coyote.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/jasper.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/jasper-el.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/catalina-tribes.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/catalina-ha.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/tomcat-api.jar:/srv

Re: [VOTE] Release Apache Tomcat 8.0.29

2015-11-23 Thread Felix Schumacher 

Am 20.11.2015 um 11:00 schrieb Mark Thomas:

The proposed Apache Tomcat 8.0.29 release is now available for voting.

The main changes since 8.0.28 are:

- Add an option to control (per context) quoting of EL expressions in
   JSP attributes

- Correct a regression in the fix for 56777 that added support for
   URIs in config file locations

- Add a new RestCsrfPreventionFilter that provides basic CSRF
   protection for REST APIs

-  Use instance manager for WebSocket server endpoint instances


It can be obtained from:
https://dist.apache.org/repos/dist/dev/tomcat/tomcat-8/v8.0.29/
The Maven staging repo is:
https://repository.apache.org/content/repositories/orgapachetomcat-1055/
The svn tag is:
http://svn.apache.org/repos/asf/tomcat/tc8.0.x/tags/TOMCAT_8_0_29/

The proposed 8.0.29 release is:
[ ] Broken - do not release
[x] Stable - go ahead and release as 8.0.29


Tested on ubuntu 14.04.3 with OpenJDK Runtime Environment (IcedTea 
2.6.1) (7u85-2.6.1-5ubuntu0.14.04.1).


Reported broken tests with ssl, since ubuntu has an old version of openssl.
The other broken tests, can be explained with a quite new jre and are 
really broken tests, rather than broken code.


sha1, md5 and pgp sums are valid.

Regards,
 Felix


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org




-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

svn commit: r1715866 - in /tomcat/trunk: java/org/apache/catalina/ java/org/apache/catalina/connector/ java/org/apache/coyote/ java/org/apache/coyote/http11/ java/org/apache/coyote/http11/upgrade/ jav

2015-11-23 Thread remm 
Author: remm
Date: Mon Nov 23 16:19:33 2015
New Revision: 1715866

URL: http://svn.apache.org/viewvc?rev=1715866=rev
Log:
Extract Context.bind and unbind to an interface to make the CL bind cleaner for 
the upgrade code (including using a PA if needed).

Added:
tomcat/trunk/java/org/apache/tomcat/ContextBind.java   (with props)
Modified:
tomcat/trunk/java/org/apache/catalina/Context.java
tomcat/trunk/java/org/apache/catalina/connector/Request.java
tomcat/trunk/java/org/apache/coyote/AbstractProtocol.java
tomcat/trunk/java/org/apache/coyote/UpgradeToken.java
tomcat/trunk/java/org/apache/coyote/http11/Http11Processor.java

tomcat/trunk/java/org/apache/coyote/http11/upgrade/UpgradeServletInputStream.java

tomcat/trunk/java/org/apache/coyote/http11/upgrade/UpgradeServletOutputStream.java
tomcat/trunk/java/org/apache/coyote/http2/Http2Protocol.java
tomcat/trunk/webapps/docs/changelog.xml

Modified: tomcat/trunk/java/org/apache/catalina/Context.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/Context.java?rev=1715866=1715865=1715866=diff
==
--- tomcat/trunk/java/org/apache/catalina/Context.java (original)
+++ tomcat/trunk/java/org/apache/catalina/Context.java Mon Nov 23 16:19:33 2015
@@ -29,6 +29,7 @@ import javax.servlet.ServletSecurityElem
 import javax.servlet.descriptor.JspConfigDescriptor;
 
 import org.apache.catalina.deploy.NamingResourcesImpl;
+import org.apache.tomcat.ContextBind;
 import org.apache.tomcat.InstanceManager;
 import org.apache.tomcat.JarScanner;
 import org.apache.tomcat.util.descriptor.web.ApplicationParameter;
@@ -57,7 +58,7 @@ import org.apache.tomcat.util.http.Cooki
  *
  * @author Craig R. McClanahan
  */
-public interface Context extends Container {
+public interface Context extends Container, ContextBind {
 
 
 // - Manifest Constants
@@ -1626,45 +1627,6 @@ public interface Context extends Contain
 public Map findPreDestroyMethods();
 
 /**
- * Change the current thread context class loader to the web application
- * class loader. If no web application class loader is defined, or if the
- * current thread is already using the web application class loader then no
- * change will be made. If the class loader is changed and a
- * {@link ThreadBindingListener} is configured then
- * {@link ThreadBindingListener#bind()} will be called after the change has
- * been made.
- *
- * @param usePrivilegedAction
- *  Should a {@link java.security.PrivilegedAction} be used when
- *  obtaining the current thread context class loader and setting
- *  the new one?
- * @param originalClassLoader
- *  The current class loader if known to save this method having to
- *  look it up
- *
- * @return If the class loader has been changed by the method it will 
return
- * the thread context class loader in use when the method was
- * called. If no change was made then this method returns null.
- */
-public ClassLoader bind(boolean usePrivilegedAction, ClassLoader 
originalClassLoader);
-
-/**
- * Restore the current thread context class loader to the original class
- * loader in used before {@link #bind(boolean, ClassLoader)} was called. If
- * no original class loader is passed to this method then no change will be
- * made. If the class loader is changed and a {@link ThreadBindingListener}
- * is configured then {@link ThreadBindingListener#unbind()} will be called
- * before the change is made.
- *
- * @param usePrivilegedAction
- *  Should a {@link java.security.PrivilegedAction} be used when
- *  setting the current thread context class loader?
- * @param originalClassLoader
- *  The class loader to restore as the thread context class loader
- */
-public void unbind(boolean usePrivilegedAction, ClassLoader 
originalClassLoader);
-
-/**
  * Obtain the token necessary for operations on the associated JNDI naming
  * context.
  */

Modified: tomcat/trunk/java/org/apache/catalina/connector/Request.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/connector/Request.java?rev=1715866=1715865=1715866=diff
==
--- tomcat/trunk/java/org/apache/catalina/connector/Request.java (original)
+++ tomcat/trunk/java/org/apache/catalina/connector/Request.java Mon Nov 23 
16:19:33 2015
@@ -1865,7 +1865,7 @@ public class Request implements HttpServ
 throw new ServletException(e);
 }
 UpgradeToken upgradeToken = new UpgradeToken(handler,
-getContext().getLoader().getClassLoader(), instanceManager);
+

Re: [VOTE] Release Apache Tomcat 8.0.29

2015-11-23 Thread Martin Grigorov 
On Fri, Nov 20, 2015 at 11:00 AM, Mark Thomas  wrote:

> The proposed Apache Tomcat 8.0.29 release is now available for voting.
>
> The main changes since 8.0.28 are:
>
> - Add an option to control (per context) quoting of EL expressions in
>   JSP attributes
>
> - Correct a regression in the fix for 56777 that added support for
>   URIs in config file locations
>
> - Add a new RestCsrfPreventionFilter that provides basic CSRF
>   protection for REST APIs
>
> -  Use instance manager for WebSocket server endpoint instances
>
>
> It can be obtained from:
> https://dist.apache.org/repos/dist/dev/tomcat/tomcat-8/v8.0.29/
> The Maven staging repo is:
> https://repository.apache.org/content/repositories/orgapachetomcat-1055/
> The svn tag is:
> http://svn.apache.org/repos/asf/tomcat/tc8.0.x/tags/TOMCAT_8_0_29/
>
> The proposed 8.0.29 release is:
> [ ] Broken - do not release
> [ X ] Stable - go ahead and release as 8.0.29
>

Tested our main application and Apache Wicket's examples app


>
> -
> To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: dev-h...@tomcat.apache.org
>
>
> -
> To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: dev-h...@tomcat.apache.org
>
>

Re: [VOTE] Release Apache Tomcat 8.0.29

2015-11-23 Thread Violeta Georgieva 
Hi,

2015-11-20 12:00 GMT+02:00 Mark Thomas :
>
> The proposed Apache Tomcat 8.0.29 release is now available for voting.
>
> The main changes since 8.0.28 are:
>
> - Add an option to control (per context) quoting of EL expressions in
>   JSP attributes
>
> - Correct a regression in the fix for 56777 that added support for
>   URIs in config file locations
>
> - Add a new RestCsrfPreventionFilter that provides basic CSRF
>   protection for REST APIs
>
> -  Use instance manager for WebSocket server endpoint instances
>
>
> It can be obtained from:
> https://dist.apache.org/repos/dist/dev/tomcat/tomcat-8/v8.0.29/
> The Maven staging repo is:
> https://repository.apache.org/content/repositories/orgapachetomcat-1055/
> The svn tag is:
> http://svn.apache.org/repos/asf/tomcat/tc8.0.x/tags/TOMCAT_8_0_29/
>
> The proposed 8.0.29 release is:
> [ ] Broken - do not release
> [X] Stable - go ahead and release as 8.0.29

Checked with applications that use the new specifications features -
successful.
Tested Tomcat in OSGi environment - successful.

Regards,
Violeta

> -
> To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: dev-h...@tomcat.apache.org
>
>
> -
> To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: dev-h...@tomcat.apache.org
>

svn commit: r1715965 - in /tomcat/trunk: java/org/apache/tomcat/websocket/ test/org/apache/tomcat/websocket/ webapps/docs/

2015-11-23 Thread markt 
Author: markt
Date: Mon Nov 23 21:34:06 2015
New Revision: 1715965

URL: http://svn.apache.org/viewvc?rev=1715965=rev
Log:
Add ProxySelector support to the WebSocket client
Based on a patch by Niki Dokovski.

Added:

tomcat/trunk/test/org/apache/tomcat/websocket/TestWsWebSocketContainerWithProxy.java
   (with props)
Modified:
tomcat/trunk/java/org/apache/tomcat/websocket/LocalStrings.properties
tomcat/trunk/java/org/apache/tomcat/websocket/WsWebSocketContainer.java
tomcat/trunk/test/org/apache/tomcat/websocket/TestWsWebSocketContainer.java
tomcat/trunk/webapps/docs/changelog.xml

Modified: tomcat/trunk/java/org/apache/tomcat/websocket/LocalStrings.properties
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/websocket/LocalStrings.properties?rev=1715965=1715964=1715965=diff
==
--- tomcat/trunk/java/org/apache/tomcat/websocket/LocalStrings.properties 
(original)
+++ tomcat/trunk/java/org/apache/tomcat/websocket/LocalStrings.properties Mon 
Nov 23 21:34:06 2015
@@ -114,12 +114,12 @@ wsWebSocketContainer.endpointCreateFail=
 wsWebSocketContainer.httpRequestFailed=The HTTP request to initiate the 
WebSocket connection failed
 wsWebSocketContainer.invalidExtensionParameters=The server responded with 
extension parameters the client is unable to support
 wsWebSocketContainer.invalidHeader=Unable to parse HTTP header as no colon is 
present to delimit header name and header value in [{0}]. The header has been 
skipped.
-wsWebSocketContainer.invalidScheme=The requested scheme, [{0}], is not 
supported. The supported schemes are ws and wss
 wsWebSocketContainer.invalidStatus=The HTTP response from the server [{0}] did 
not permit the HTTP upgrade to WebSocket
 wsWebSocketContainer.invalidSubProtocol=The WebSocket server returned multiple 
values for the Sec-WebSocket-Protocol header
 wsWebSocketContainer.maxBuffer=This implementation limits the maximum size of 
a buffer to Integer.MAX_VALUE
 wsWebSocketContainer.missingAnnotation=Cannot use POJO class [{0}] as it is 
not annotated with @ClientEndpoint
 wsWebSocketContainer.pathNoHost=No host was specified in URI
-wsWebSocketContainer.pathWrongScheme=The scheme [{0}] is not supported
+wsWebSocketContainer.pathWrongScheme=The scheme [{0}] is not supported. The 
supported schemes are ws and wss
+wsWebSocketContainer.proxyConnectFail=Failed to connect to the configured 
Proxy [{0}]. The HTTP response code was [{1}]
 wsWebSocketContainer.sessionCloseFail=Session with ID [{0}] did not close 
cleanly
 wsWebSocketContainer.sslEngineFail=Unable to create SSLEngine to support 
SSL/TLS connections

Modified: 
tomcat/trunk/java/org/apache/tomcat/websocket/WsWebSocketContainer.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/websocket/WsWebSocketContainer.java?rev=1715965=1715964=1715965=diff
==
--- tomcat/trunk/java/org/apache/tomcat/websocket/WsWebSocketContainer.java 
(original)
+++ tomcat/trunk/java/org/apache/tomcat/websocket/WsWebSocketContainer.java Mon 
Nov 23 21:34:06 2015
@@ -22,6 +22,8 @@ import java.io.FileInputStream;
 import java.io.IOException;
 import java.io.InputStream;
 import java.net.InetSocketAddress;
+import java.net.Proxy;
+import java.net.ProxySelector;
 import java.net.SocketAddress;
 import java.net.URI;
 import java.nio.ByteBuffer;
@@ -190,51 +192,80 @@ public class WsWebSocketContainer implem
 throws DeploymentException {
 
 boolean secure = false;
+ByteBuffer proxyConnect = null;
+URI proxyPath;
 
+// Validate scheme (and build proxyPath)
 String scheme = path.getScheme();
-if (!("ws".equalsIgnoreCase(scheme) ||
-"wss".equalsIgnoreCase(scheme))) {
+if ("ws".equalsIgnoreCase(scheme)) {
+proxyPath = URI.create("http" + path.toString().substring(2));
+} else if ("wss".equalsIgnoreCase(scheme)) {
+proxyPath = URI.create("https" + path.toString().substring(3));
+} else {
 throw new DeploymentException(sm.getString(
 "wsWebSocketContainer.pathWrongScheme", scheme));
 }
+
+// Validate host
 String host = path.getHost();
 if (host == null) {
 throw new DeploymentException(
 sm.getString("wsWebSocketContainer.pathNoHost"));
 }
 int port = path.getPort();
-Map reqHeaders = createRequestHeaders(host, port,
-clientEndpointConfiguration.getPreferredSubprotocols(),
-clientEndpointConfiguration.getExtensions());
-clientEndpointConfiguration.getConfigurator().
-beforeRequest(reqHeaders);
 
-SocketAddress sa;
-if (port == -1) {
-if ("ws".equalsIgnoreCase(scheme)) {
-sa = new InetSocketAddress(host,

svn commit: r1715967 - /tomcat/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLUtil.java

2015-11-23 Thread jfclere 
Author: jfclere
Date: Mon Nov 23 21:34:37 2015
New Revision: 1715967

URL: http://svn.apache.org/viewvc?rev=1715967=rev
Log:
Arrange provider to algorithm.
make sure the file is closed.

Modified:
tomcat/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLUtil.java

Modified: tomcat/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLUtil.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLUtil.java?rev=1715967=1715966=1715967=diff
==
--- tomcat/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLUtil.java 
(original)
+++ tomcat/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLUtil.java Mon 
Nov 23 21:34:37 2015
@@ -16,7 +16,7 @@
  */
 package org.apache.tomcat.util.net.openssl;
 
-import java.io.FileInputStream;
+import java.io.IOException;
 import java.io.InputStream;
 import java.security.KeyStore;
 import java.util.List;
@@ -26,6 +26,7 @@ import javax.net.ssl.SSLSessionContext;
 import javax.net.ssl.TrustManager;
 import javax.net.ssl.TrustManagerFactory;
 
+import org.apache.tomcat.util.file.ConfigFileLoader;
 import org.apache.tomcat.util.net.SSLContext;
 import org.apache.tomcat.util.net.SSLHostConfig;
 import org.apache.tomcat.util.net.SSLHostConfigCertificate;
@@ -64,7 +65,7 @@ public class OpenSSLUtil implements SSLU
 String storefile = System.getProperty("java.home") + 
"/lib/security/cacerts";
 String password = "changeit";
 String type = "jks";
-String provider = null;
+String algorithm = null;
 if (sslHostConfig.getTruststoreFile() != null) {
 storefile = sslHostConfig.getTruststoreFile();
 }
@@ -74,19 +75,33 @@ public class OpenSSLUtil implements SSLU
 if (sslHostConfig.getTruststoreType() != null) {
 type = sslHostConfig.getTruststoreType();
 }
-if (sslHostConfig.getTruststoreProvider() != null) {
-provider = sslHostConfig.getTruststoreProvider();
+if (sslHostConfig.getTruststoreAlgorithm() != null) {
+   algorithm = sslHostConfig.getTruststoreAlgorithm();
 }
 
 TrustManagerFactory factory;
-if (provider == null)
+if (algorithm == null)
 factory = 
TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
 else
-factory = TrustManagerFactory.getInstance(provider);
+factory = TrustManagerFactory.getInstance(algorithm);
 
 KeyStore keystore = KeyStore.getInstance(type);
-InputStream stream = new FileInputStream(storefile);
-keystore.load(stream, password.toCharArray());
+InputStream stream = null;
+try {
+   stream = ConfigFileLoader.getInputStream(storefile);
+   keystore.load(stream, password.toCharArray());
+} catch (Exception ex) {
+   throw ex;
+} finally {
+if (stream != null) {
+try {
+stream.close();
+} catch (IOException ioe) {
+// Do nothing
+}
+}
+}
+
 factory.init(keystore);
 TrustManager[] managers = factory.getTrustManagers();
 return managers;



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org