Am 2. Dezember 2015 00:02:08 MEZ, schrieb Mark Thomas :
>The proposed Apache Tomcat 8.0.30 release is now available for voting.
>
>The main changes since 8.0.29 are:
>
>- Location headers for redirects now use relative URIs. This can
> be controlled by Context with the
Give the recent OpenSSL vulnerability announcements [1], I was planning
on starting a tomcat-native 1.2.3 release to provide an updated Windows
binary.
There are a few fixes in trunk since 1.2.2. I'll get the changelog updated.
I'm currently planning on tagging this on Tuesday 8th Dec. We can
I've been spending some time looking at the JASPIC implementation that
was started as part of GSoC.
To recap the history to save folks digging through the archives:
- JASPIC provides a standard API for pluggable authentication modules
- The most obvious use case is integration with one of the
Author: markt
Date: Fri Dec 4 11:51:10 2015
New Revision: 1717937
URL: http://svn.apache.org/viewvc?rev=1717937=rev
Log:
Update the changelog with additional fixes since 1.2.2
Modified:
tomcat/native/trunk/xdocs/miscellaneous/changelog.xml
Modified:
Hi,
i am using Tomcat based on APR/OpenSSL and have observed that shutdown behavior
in bad case is not clean. For example if OpenSSL verify callback verify the
peer certificate(s) and verification is failed e.g. unknown_certificate,
revoked etc. OpenSSL sets a handshake error with an alert
Hi,
i am using Tomcat based on APR/OpenSSL and have observed that shutdown behavior
in bad case is not clean. For example if OpenSSL verify callback verify the
peer certificate(s) and verification is failed e.g. unknown_certificate,
revoked etc. OpenSSL sets a handshake error with an alert
Author: markt
Date: Fri Dec 4 15:13:17 2015
New Revision: 1717979
URL: http://svn.apache.org/viewvc?rev=1717979=rev
Log:
Fix a TODO (add explanatory comment as to why the test is correct)
Modified:
tomcat/trunk/test/org/apache/tomcat/websocket/server/TestClose.java
Modified:
Author: remm
Date: Fri Dec 4 15:32:16 2015
New Revision: 1717984
URL: http://svn.apache.org/viewvc?rev=1717984=rev
Log:
Some small cleanups.
Modified:
tomcat/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLEngine.java
Modified:
https://bz.apache.org/bugzilla/show_bug.cgi?id=58691
Bug ID: 58691
Summary: org.apache.naming.ResourceEnvRef missing factory
Product: Tomcat 8
Version: 8.0.29
Hardware: All
OS: All
Status: NEW
Severity:
2015-12-04 14:41 GMT+01:00 Mark Thomas :
> On 04/12/2015 12:38, Rémy Maucherat wrote:
> > 2015-12-04 12:42 GMT+01:00 Mark Thomas :
> >
> >> Give the recent OpenSSL vulnerability announcements [1], I was planning
> >> on starting a tomcat-native 1.2.3 release to
2015-12-02 2:02 GMT+03:00 Mark Thomas :
> The proposed Apache Tomcat 8.0.30 release is now available for voting.
>
>
> The proposed 8.0.30 release is:
> [ ] Broken - do not release
> [x] Stable - go ahead and release as 8.0.30
Units tests pass - all 4 connectors (BIO, NIO, NIO2,
Author: markt
Date: Fri Dec 4 14:05:49 2015
New Revision: 1717965
URL: http://svn.apache.org/viewvc?rev=1717965=rev
Log:
Add test cases, currently disabled because they don't all pass, for various
issues around WebSocket closing.
Patch by Barry Coughlan
Added:
Author: markt
Date: Fri Dec 4 14:06:33 2015
New Revision: 1717967
URL: http://svn.apache.org/viewvc?rev=1717967=rev
Log:
Static works for me for these test cases.
Modified:
tomcat/trunk/test/org/apache/tomcat/websocket/server/TestClose.java
Modified:
https://bz.apache.org/bugzilla/show_bug.cgi?id=57489
Mark Thomas changed:
What|Removed |Added
Status|NEEDINFO|NEW
--- Comment #21
2015-12-04 12:42 GMT+01:00 Mark Thomas :
> I've been spending some time looking at the JASPIC implementation that
> was started as part of GSoC.
>
> To recap the history to save folks digging through the archives:
>
> - JASPIC provides a standard API for pluggable authentication
2015-12-04 12:42 GMT+01:00 Mark Thomas :
> Give the recent OpenSSL vulnerability announcements [1], I was planning
> on starting a tomcat-native 1.2.3 release to provide an updated Windows
> binary.
>
> There are a few fixes in trunk since 1.2.2. I'll get the changelog updated.
2015-12-02 1:02 GMT+02:00 Mark Thomas :
>
> The proposed Apache Tomcat 8.0.30 release is now available for voting.
>
> The main changes since 8.0.29 are:
>
> - Location headers for redirects now use relative URIs. This can
> be controlled by Context with the
Hi,
See you guys are making good progress with the JASPIC implementation in
Tomcat.
One commit that I noticed is the following:
https://github.com/apache/tomcat/commit/3e1b4931867a12a74e9e9fe7ff86484cc65a21e6
It says: "Remove the programmatic login/logout override, as I don't see how
JASPIC can
On 04/12/2015 12:38, Rémy Maucherat wrote:
> 2015-12-04 12:42 GMT+01:00 Mark Thomas :
>
>> Give the recent OpenSSL vulnerability announcements [1], I was planning
>> on starting a tomcat-native 1.2.3 release to provide an updated Windows
>> binary.
>>
>> There are a few fixes in
On 04/12/2015 12:29, Rémy Maucherat wrote:
> 2015-12-04 12:42 GMT+01:00 Mark Thomas :
>> The DIGEST module does not disable the default
>> caching of the authenticated Principal in the session which renders the
>> security benefits of digest over http largely useless.
>
>
Author: markt
Date: Fri Dec 4 14:11:31 2015
New Revision: 1717968
URL: http://svn.apache.org/viewvc?rev=1717968=rev
Log:
Use a Log since that gives timestamps and thread info with minimal effort on my
part
Modified:
tomcat/trunk/test/org/apache/tomcat/websocket/server/TestClose.java
2015-12-04 16:08 GMT+01:00 Rashid Mahmood :
> For my application a clean shutdown is a critical requirement. Is there
> anything already in discussion about this issue or should i report as a bug?
>
> You can add an enhancement but it looks difficult to do.
Rémy
2015-12-04 14:50 GMT+01:00 Mark Thomas :
> On 04/12/2015 12:29, Rémy Maucherat wrote:
> > 2015-12-04 12:42 GMT+01:00 Mark Thomas :
>
> >> The DIGEST module does not disable the default
> >> caching of the authenticated Principal in the session which renders the
The Buildbot has detected a new failure on builder tomcat-8-trunk while
building ASF Buildbot. Full details are available at:
http://ci.apache.org/builders/tomcat-8-trunk/builds/318
Buildbot URL: http://ci.apache.org/
Buildslave for this Build: silvanus_ubuntu
Build Reason: The
Author: violetagg
Date: Fri Dec 4 20:23:44 2015
New Revision: 1718022
URL: http://svn.apache.org/viewvc?rev=1718022=rev
Log:
Stream may not be closed in all branches. Findbugs report.
Modified:
tomcat/trunk/java/org/apache/catalina/startup/Catalina.java
Author: violetagg
Date: Fri Dec 4 20:52:35 2015
New Revision: 1718030
URL: http://svn.apache.org/viewvc?rev=1718030=rev
Log:
Merged revision 1718022 from tomcat/trunk:
Stream may not be closed in all branches. Findbugs report.
Modified:
tomcat/tc7.0.x/trunk/ (props changed)
Author: violetagg
Date: Fri Dec 4 20:31:10 2015
New Revision: 1718024
URL: http://svn.apache.org/viewvc?rev=1718024=rev
Log:
Merged revision 1718022 from tomcat/trunk:
Stream may not be closed in all branches. Findbugs report.
Modified:
tomcat/tc8.0.x/trunk/ (props changed)
https://bz.apache.org/bugzilla/show_bug.cgi?id=58692
--- Comment #1 from Derek Abdine ---
Here's the stack trace from the attached test case / unit test:
java.lang.IllegalArgumentException: URI scheme is not "file"
at java.io.File.(File.java:421)
at
https://bz.apache.org/bugzilla/show_bug.cgi?id=58692
--- Comment #2 from Derek Abdine ---
Just a slight correction: I mentioned in the description
"There is no way to prevent this issue with a JarScanFilter"
Just to clarify, there is no way to prevent this with the
https://bz.apache.org/bugzilla/show_bug.cgi?id=58692
Bug ID: 58692
Summary: Odd classpath URLs cause Tomcat to abort loading
webapps
Product: Tomcat 8
Version: trunk
Hardware: All
OS: All
On 2.12.2015 0:02, Mark Thomas wrote:
The proposed 8.0.30 release is:
[ ] Broken - do not release
[X] Stable - go ahead and release as 8.0.30
Tested .zip distribution on Windows 7 64-bit, Oracle JDK 1.8.0_60 and
APR/native 1.2.2:
- Tested TLS connectivity for BIO, NIO, NIO2 and APR
31 matches
Mail list logo