[GUMP@vmgump-vm3]: Project tomcat-tc8.0.x-test-nio2 (in module tomcat-8.0.x) failed
To whom it may engage... This is an automated request, but not an unsolicited one. For more information please visit http://gump.apache.org/nagged.html, and/or contact the folk at gene...@gump.apache.org. Project tomcat-tc8.0.x-test-nio2 has an issue affecting its community integration. This issue affects 1 projects, and has been outstanding for 14 runs. The current state of this project is 'Failed', with reason 'Build Failed'. For reference only, the following projects are affected by this: - tomcat-tc8.0.x-test-nio2 : Tomcat 8.x, a web server implementing the Java Servlet 3.1, ... Full details are available at: http://vmgump-vm3.apache.org/tomcat-8.0.x/tomcat-tc8.0.x-test-nio2/index.html That said, some information snippets are provided here. The following annotations (debug/informational/warning/error messages) were provided: -DEBUG- Dependency on commons-daemon exists, no need to add for property commons-daemon.native.src.tgz. -DEBUG- Dependency on commons-daemon exists, no need to add for property tomcat-native.tar.gz. -INFO- Failed with reason build failed -INFO- Project Reports in: /srv/gump/public/workspace/tomcat-8.0.x/output/logs-NIO2 -INFO- Project Reports in: /srv/gump/public/workspace/tomcat-8.0.x/output/test-tmp-NIO2/logs -WARNING- No directory [/srv/gump/public/workspace/tomcat-8.0.x/output/test-tmp-NIO2/logs] The following work was performed: http://vmgump-vm3.apache.org/tomcat-8.0.x/tomcat-tc8.0.x-test-nio2/gump_work/build_tomcat-8.0.x_tomcat-tc8.0.x-test-nio2.html Work Name: build_tomcat-8.0.x_tomcat-tc8.0.x-test-nio2 (Type: Build) Work ended in a state of : Failed Elapsed: 19 mins 46 secs Command Line: /usr/lib/jvm/java-8-oracle/bin/java -Djava.awt.headless=true -Dbuild.sysclasspath=only org.apache.tools.ant.Main -Dgump.merge=/srv/gump/public/gump/work/merge.xml -Dbase.path=/srv/gump/public/workspace/tomcat-8.0.x/tomcat-build-libs -Dexecute.test.nio2=true -Dtest.temp=output/test-tmp-NIO2 -Djunit.jar=/srv/gump/public/workspace/junit/target/junit-4.13-SNAPSHOT.jar -Dtest.accesslog=true -Dobjenesis.jar=/srv/gump/public/workspace/objenesis/main/target/objenesis-2.7-SNAPSHOT.jar -Dexamples.sources.skip=true -Dcommons-daemon.jar=/srv/gump/public/workspace/apache-commons/daemon/dist/commons-daemon-20170923.jar -Dtest.openssl.path=/srv/gump/public/workspace/openssl-1.0.2/dest-20170923/bin/openssl -Dexecute.test.nio=false -Dhamcrest.jar=/srv/gump/packages/hamcrest/hamcrest-core-1.3.jar -Dexecute.test.apr=false -Dexecute.test.bio=false -Dcommons-daemon.native.src.tgz=/srv/gump/public/workspace/apache-commons/daemon/dist/bin/commons-daemon-20170923-native-src.tar.gz -Dtest.repor ts=output/logs-NIO2 -Dtomcat-native.tar.gz=/srv/gump/public/workspace/apache-commons/daemon/dist/bin/commons-daemon-20170923-native-src.tar.gz -Djdt.jar=/srv/gump/packages/eclipse/plugins/R-4.5-201506032000/ecj-4.5.jar -Dtest.relaxTiming=true -Dtest.excludePerformance=true -Djava.net.preferIPv4Stack=/srv/gump/public/workspace/tomcat-8.0.x/true -Deasymock.jar=/srv/gump/public/workspace/easymock/core/target/easymock-3.6-SNAPSHOT.jar -Dcglib.jar=/srv/gump/packages/cglib/cglib-nodep-2.2.jar test [Working Directory: /srv/gump/public/workspace/tomcat-8.0.x] CLASSPATH: /usr/lib/jvm/java-8-oracle/lib/tools.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/webapps/examples/WEB-INF/classes:/srv/gump/public/workspace/tomcat-8.0.x/output/testclasses:/srv/gump/public/workspace/ant/dist/lib/ant.jar:/srv/gump/public/workspace/ant/dist/lib/ant-launcher.jar:/srv/gump/public/workspace/ant/dist/lib/ant-jmf.jar:/srv/gump/public/workspace/ant/dist/lib/ant-junit.jar:/srv/gump/public/workspace/ant/dist/lib/ant-junit4.jar:/srv/gump/public/workspace/ant/dist/lib/ant-swing.jar:/srv/gump/public/workspace/ant/dist/lib/ant-apache-resolver.jar:/srv/gump/public/workspace/ant/dist/lib/ant-apache-xalan2.jar:/srv/gump/public/workspace/xml-commons/java/build/resolver.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/bin/bootstrap.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/bin/tomcat-juli.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/lib/annotations-api.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/lib/servlet-api.ja
[GUMP@vmgump-vm3]: Project tomcat-trunk-validate (in module tomcat-trunk) failed
To whom it may engage... This is an automated request, but not an unsolicited one. For more information please visit http://gump.apache.org/nagged.html, and/or contact the folk at gene...@gump.apache.org. Project tomcat-trunk-validate has an issue affecting its community integration. This issue affects 1 projects, and has been outstanding for 7 runs. The current state of this project is 'Failed', with reason 'Build Failed'. For reference only, the following projects are affected by this: - tomcat-trunk-validate : Tomcat 9.x, a web server implementing the Java Servlet 4.0, ... Full details are available at: http://vmgump-vm3.apache.org/tomcat-trunk/tomcat-trunk-validate/index.html That said, some information snippets are provided here. The following annotations (debug/informational/warning/error messages) were provided: -DEBUG- Dependency on checkstyle exists, no need to add for property checkstyle.jar. -INFO- Failed with reason build failed The following work was performed: http://vmgump-vm3.apache.org/tomcat-trunk/tomcat-trunk-validate/gump_work/build_tomcat-trunk_tomcat-trunk-validate.html Work Name: build_tomcat-trunk_tomcat-trunk-validate (Type: Build) Work ended in a state of : Failed Elapsed: 27 secs Command Line: /usr/lib/jvm/java-8-oracle/bin/java -Djava.awt.headless=true -Dbuild.sysclasspath=only org.apache.tools.ant.Main -Dgump.merge=/srv/gump/public/gump/work/merge.xml -Dbase.path=/srv/gump/public/workspace/tomcat-trunk/tomcat-build-libs -Dcheckstyle.jar=/srv/gump/public/workspace/checkstyle/target/checkstyle-8.3-SNAPSHOT.jar -Dexecute.validate=true validate [Working Directory: /srv/gump/public/workspace/tomcat-trunk] CLASSPATH: /usr/lib/jvm/java-8-oracle/lib/tools.jar:/srv/gump/public/workspace/ant/dist/lib/ant.jar:/srv/gump/public/workspace/ant/dist/lib/ant-launcher.jar:/srv/gump/public/workspace/ant/dist/lib/ant-jmf.jar:/srv/gump/public/workspace/ant/dist/lib/ant-junit.jar:/srv/gump/public/workspace/ant/dist/lib/ant-junit4.jar:/srv/gump/public/workspace/ant/dist/lib/ant-swing.jar:/srv/gump/public/workspace/ant/dist/lib/ant-apache-resolver.jar:/srv/gump/public/workspace/ant/dist/lib/ant-apache-xalan2.jar:/srv/gump/public/workspace/xml-commons/java/build/resolver.jar:/srv/gump/public/workspace/checkstyle/target/checkstyle-8.3-SNAPSHOT.jar:/srv/gump/packages/antlr/antlr-3.1.3.jar:/srv/gump/public/workspace/apache-commons/beanutils/dist/commons-beanutils-20170923.jar:/srv/gump/packages/commons-collections3/commons-collections-3.2.1.jar:/srv/gump/public/workspace/commons-cli/target/commons-cli-1.5-SNAPSHOT.jar:/srv/gump/public/workspace/commons-lang-trunk/target/commons-lang3-3.7-SNAPSHOT.jar:/srv/g ump/public/workspace/apache-commons/logging/target/commons-logging-20170923.jar:/srv/gump/public/workspace/apache-commons/logging/target/commons-logging-api-20170923.jar:/srv/gump/public/workspace/google-guava/guava/target/guava-24.0-jre-SNAPSHOT.jar - [checkstyle] [ERROR] /srv/gump/public/workspace/tomcat-trunk/test/org/apache/el/TestValueExpressionImpl.java:34: Extra separation in import group before 'org.junit.Test' [ImportOrder] [checkstyle] [ERROR] /srv/gump/public/workspace/tomcat-trunk/test/org/apache/el/lang/TestELArithmetic.java:26: Extra separation in import group before 'org.junit.Assert' [ImportOrder] [checkstyle] [ERROR] /srv/gump/public/workspace/tomcat-trunk/test/org/apache/el/lang/TestELSupport.java:30: Extra separation in import group before 'org.junit.Assert' [ImportOrder] [checkstyle] [ERROR] /srv/gump/public/workspace/tomcat-trunk/test/org/apache/el/parser/TestELParser.java:30: Extra separation in import group before 'org.junit.Ignore' [ImportOrder] [checkstyle] [ERROR] /srv/gump/public/workspace/tomcat-trunk/test/org/apache/jasper/compiler/TestAttributeParser.java:24: Extra separation in import group before 'org.junit.Test' [ImportOrder] [checkstyle] [ERROR] /srv/gump/public/workspace/tomcat-trunk/test/org/apache/jasper/compiler/TestCompiler.java:29: Extra separation in import group before 'org.junit.Test' [ImportOrder] [checkstyle] [ERROR] /srv/gump/public/workspace/tomcat-trunk/test/org/apache/jasper/compiler/TestGenerator.java:36: Extra separation in import group before 'org.junit.Assert' [ImportOrder] [checkstyle] [ERROR] /srv/gump/public/workspace/tomcat-trunk/test/org/apache/jasper/compiler/TestJspConfig.java:24: Extra separation in import group before 'org.junit.Test' [ImportOrder] [checkstyle] [ERROR] /srv/gump/public/workspace/tomcat-trunk/test/org/apache/jasper/compiler/TestParser.java:25: Extra separation in import group before 'org.junit.Assert' [ImportOrder] [checkstyle] [ERROR] /srv/gump/public/workspace/tomcat-trunk/test/org/apache/jasper/compiler/TestParserNoStrictWhitespace.java:26: Extra separation in import group before 'org.junit.Test' [ImportOrder] [checkstyle] [ERROR]
[GUMP@vmgump-vm3]: Project tomcat-tc8.0.x-validate (in module tomcat-8.0.x) failed
To whom it may engage... This is an automated request, but not an unsolicited one. For more information please visit http://gump.apache.org/nagged.html, and/or contact the folk at gene...@gump.apache.org. Project tomcat-tc8.0.x-validate has an issue affecting its community integration. This issue affects 1 projects, and has been outstanding for 7 runs. The current state of this project is 'Failed', with reason 'Build Failed'. For reference only, the following projects are affected by this: - tomcat-tc8.0.x-validate : Tomcat 8.x, a web server implementing the Java Servlet 3.1, ... Full details are available at: http://vmgump-vm3.apache.org/tomcat-8.0.x/tomcat-tc8.0.x-validate/index.html That said, some information snippets are provided here. The following annotations (debug/informational/warning/error messages) were provided: -DEBUG- Dependency on checkstyle exists, no need to add for property checkstyle.jar. -INFO- Failed with reason build failed The following work was performed: http://vmgump-vm3.apache.org/tomcat-8.0.x/tomcat-tc8.0.x-validate/gump_work/build_tomcat-8.0.x_tomcat-tc8.0.x-validate.html Work Name: build_tomcat-8.0.x_tomcat-tc8.0.x-validate (Type: Build) Work ended in a state of : Failed Elapsed: 35 secs Command Line: /usr/lib/jvm/java-8-oracle/bin/java -Djava.awt.headless=true -Dbuild.sysclasspath=only org.apache.tools.ant.Main -Dgump.merge=/srv/gump/public/gump/work/merge.xml -Dbase.path=/srv/gump/public/workspace/tomcat-8.0.x/tomcat-build-libs -Dcheckstyle.jar=/srv/gump/public/workspace/checkstyle/target/checkstyle-8.3-SNAPSHOT.jar -Dexecute.validate=true validate [Working Directory: /srv/gump/public/workspace/tomcat-8.0.x] CLASSPATH: /usr/lib/jvm/java-8-oracle/lib/tools.jar:/srv/gump/public/workspace/ant/dist/lib/ant.jar:/srv/gump/public/workspace/ant/dist/lib/ant-launcher.jar:/srv/gump/public/workspace/ant/dist/lib/ant-jmf.jar:/srv/gump/public/workspace/ant/dist/lib/ant-junit.jar:/srv/gump/public/workspace/ant/dist/lib/ant-junit4.jar:/srv/gump/public/workspace/ant/dist/lib/ant-swing.jar:/srv/gump/public/workspace/ant/dist/lib/ant-apache-resolver.jar:/srv/gump/public/workspace/ant/dist/lib/ant-apache-xalan2.jar:/srv/gump/public/workspace/xml-commons/java/build/resolver.jar:/srv/gump/public/workspace/checkstyle/target/checkstyle-8.3-SNAPSHOT.jar:/srv/gump/packages/antlr/antlr-3.1.3.jar:/srv/gump/public/workspace/apache-commons/beanutils/dist/commons-beanutils-20170923.jar:/srv/gump/packages/commons-collections3/commons-collections-3.2.1.jar:/srv/gump/public/workspace/commons-cli/target/commons-cli-1.5-SNAPSHOT.jar:/srv/gump/public/workspace/commons-lang-trunk/target/commons-lang3-3.7-SNAPSHOT.jar:/srv/g ump/public/workspace/apache-commons/logging/target/commons-logging-20170923.jar:/srv/gump/public/workspace/apache-commons/logging/target/commons-logging-api-20170923.jar:/srv/gump/public/workspace/google-guava/guava/target/guava-24.0-jre-SNAPSHOT.jar - [checkstyle] [ERROR] /srv/gump/public/workspace/tomcat-8.0.x/test/org/apache/el/TestValueExpressionImpl.java:34: Extra separation in import group before 'org.junit.Test' [ImportOrder] [checkstyle] [ERROR] /srv/gump/public/workspace/tomcat-8.0.x/test/org/apache/el/lang/TestELArithmetic.java:26: Extra separation in import group before 'org.junit.Assert' [ImportOrder] [checkstyle] [ERROR] /srv/gump/public/workspace/tomcat-8.0.x/test/org/apache/el/lang/TestELSupport.java:30: Extra separation in import group before 'org.junit.Assert' [ImportOrder] [checkstyle] [ERROR] /srv/gump/public/workspace/tomcat-8.0.x/test/org/apache/el/parser/TestELParser.java:28: Extra separation in import group before 'org.junit.Test' [ImportOrder] [checkstyle] [ERROR] /srv/gump/public/workspace/tomcat-8.0.x/test/org/apache/jasper/compiler/TestAttributeParser.java:24: Extra separation in import group before 'org.junit.Test' [ImportOrder] [checkstyle] [ERROR] /srv/gump/public/workspace/tomcat-8.0.x/test/org/apache/jasper/compiler/TestCompiler.java:29: Extra separation in import group before 'org.junit.Test' [ImportOrder] [checkstyle] [ERROR] /srv/gump/public/workspace/tomcat-8.0.x/test/org/apache/jasper/compiler/TestGenerator.java:36: Extra separation in import group before 'org.junit.Assert' [ImportOrder] [checkstyle] [ERROR] /srv/gump/public/workspace/tomcat-8.0.x/test/org/apache/jasper/compiler/TestJspConfig.java:24: Extra separation in import group before 'org.junit.Test' [ImportOrder] [checkstyle] [ERROR] /srv/gump/public/workspace/tomcat-8.0.x/test/org/apache/jasper/compiler/TestParser.java:25: Extra separation in import group before 'org.junit.Assert' [ImportOrder] [checkstyle] [ERROR] /srv/gump/public/workspace/tomcat-8.0.x/test/org/apache/jasper/compiler/TestParserNoStrictWhitespace.java:26: Extra separation in import group before 'org.junit.Test' [ImportOrder] [checkstyle] [ERROR]
[GUMP@vmgump-vm3]: Project tomcat-tc7.0.x-validate (in module tomcat-7.0.x) failed
To whom it may engage... This is an automated request, but not an unsolicited one. For more information please visit http://gump.apache.org/nagged.html, and/or contact the folk at gene...@gump.apache.org. Project tomcat-tc7.0.x-validate has an issue affecting its community integration. This issue affects 1 projects, and has been outstanding for 7 runs. The current state of this project is 'Failed', with reason 'Build Failed'. For reference only, the following projects are affected by this: - tomcat-tc7.0.x-validate : Tomcat 7.x, a web server implementing Java Servlet 3.0, ... Full details are available at: http://vmgump-vm3.apache.org/tomcat-7.0.x/tomcat-tc7.0.x-validate/index.html That said, some information snippets are provided here. The following annotations (debug/informational/warning/error messages) were provided: -DEBUG- Dependency on checkstyle exists, no need to add for property checkstyle.jar. -INFO- Failed with reason build failed The following work was performed: http://vmgump-vm3.apache.org/tomcat-7.0.x/tomcat-tc7.0.x-validate/gump_work/build_tomcat-7.0.x_tomcat-tc7.0.x-validate.html Work Name: build_tomcat-7.0.x_tomcat-tc7.0.x-validate (Type: Build) Work ended in a state of : Failed Elapsed: 29 secs Command Line: /usr/lib/jvm/java-8-oracle/bin/java -Djava.awt.headless=true -Dbuild.sysclasspath=only org.apache.tools.ant.Main -Dgump.merge=/srv/gump/public/gump/work/merge.xml -Dbase.path=/srv/gump/public/workspace/tomcat-7.0.x/tomcat-build-libs -Dcheckstyle.jar=/srv/gump/public/workspace/checkstyle/target/checkstyle-8.3-SNAPSHOT.jar -Dexecute.validate=true validate [Working Directory: /srv/gump/public/workspace/tomcat-7.0.x] CLASSPATH: /usr/lib/jvm/java-8-oracle/lib/tools.jar:/srv/gump/public/workspace/ant/dist/lib/ant.jar:/srv/gump/public/workspace/ant/dist/lib/ant-launcher.jar:/srv/gump/public/workspace/ant/dist/lib/ant-jmf.jar:/srv/gump/public/workspace/ant/dist/lib/ant-junit.jar:/srv/gump/public/workspace/ant/dist/lib/ant-junit4.jar:/srv/gump/public/workspace/ant/dist/lib/ant-swing.jar:/srv/gump/public/workspace/ant/dist/lib/ant-apache-resolver.jar:/srv/gump/public/workspace/ant/dist/lib/ant-apache-xalan2.jar:/srv/gump/public/workspace/xml-commons/java/build/resolver.jar:/srv/gump/public/workspace/checkstyle/target/checkstyle-8.3-SNAPSHOT.jar:/srv/gump/packages/antlr/antlr-3.1.3.jar:/srv/gump/public/workspace/apache-commons/beanutils/dist/commons-beanutils-20170923.jar:/srv/gump/packages/commons-collections3/commons-collections-3.2.1.jar:/srv/gump/public/workspace/commons-cli/target/commons-cli-1.5-SNAPSHOT.jar:/srv/gump/public/workspace/commons-lang-trunk/target/commons-lang3-3.7-SNAPSHOT.jar:/srv/g ump/public/workspace/apache-commons/logging/target/commons-logging-20170923.jar:/srv/gump/public/workspace/apache-commons/logging/target/commons-logging-api-20170923.jar:/srv/gump/public/workspace/google-guava/guava/target/guava-24.0-jre-SNAPSHOT.jar - [checkstyle] [ERROR] /srv/gump/public/workspace/tomcat-7.0.x/test/org/apache/el/TestELInJsp.java:23: Extra separation in import group before 'org.junit.Assert' [ImportOrder] [checkstyle] [ERROR] /srv/gump/public/workspace/tomcat-7.0.x/test/org/apache/el/TestMethodExpressionImpl.java:30: Extra separation in import group before 'org.junit.Before' [ImportOrder] [checkstyle] [ERROR] /srv/gump/public/workspace/tomcat-7.0.x/test/org/apache/el/TestValueExpressionImpl.java:34: Extra separation in import group before 'org.junit.Test' [ImportOrder] [checkstyle] [ERROR] /srv/gump/public/workspace/tomcat-7.0.x/test/org/apache/el/lang/TestELArithmetic.java:24: Extra separation in import group before 'org.junit.Test' [ImportOrder] [checkstyle] [ERROR] /srv/gump/public/workspace/tomcat-7.0.x/test/org/apache/el/lang/TestELSupport.java:29: Extra separation in import group before 'org.junit.Assert' [ImportOrder] [checkstyle] [ERROR] /srv/gump/public/workspace/tomcat-7.0.x/test/org/apache/el/parser/TestELParser.java:28: Extra separation in import group before 'org.junit.Test' [ImportOrder] [checkstyle] [ERROR] /srv/gump/public/workspace/tomcat-7.0.x/test/org/apache/jasper/compiler/TestAttributeParser.java:24: Extra separation in import group before 'org.junit.Test' [ImportOrder] [checkstyle] [ERROR] /srv/gump/public/workspace/tomcat-7.0.x/test/org/apache/jasper/compiler/TestCompiler.java:28: Extra separation in import group before 'org.junit.Assert' [ImportOrder] [checkstyle] [ERROR] /srv/gump/public/workspace/tomcat-7.0.x/test/org/apache/jasper/compiler/TestGenerator.java:37: Extra separation in import group before 'org.junit.Assert' [ImportOrder] [checkstyle] [ERROR] /srv/gump/public/workspace/tomcat-7.0.x/test/org/apache/jasper/compiler/TestJspConfig.java:24: Extra separation in import group before 'org.junit.Test' [ImportOrder] [checkstyle] [ERROR] /srv/gump/public/workspace/tomcat-7.0.x/test/org/apache/jasper/compiler/TestParser.java:26: Extra
Re: [GUMP@vmgump-vm3]: Project tomcat-tc7.0.x-test-apr (in module tomcat-7.0.x) failed
To the administrator of these automated emails, On 9/22/2017 9:54 PM, Bill Barker wrote: To whom it may engage... This is an automated request, but not an unsolicited one. For more information please visit http://gump.apache.org/nagged.html, and/or contact the folk at gene...@gump.apache.org. I don't mind these automated emails since I willingly and consciously subscribed to this mailing list, but can you please update the time on your machine? The time of these emails is set to several hours in the future and so these emails are always at the top when sorted by "most recent first", making me (and others, I'm sure) miss newer emails because it looks like these are the latest ones. Thank you, Igal Sapir - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
buildbot success in on tomcat-7-trunk
The Buildbot has detected a restored build on builder tomcat-7-trunk while building . Full details are available at: https://ci.apache.org/builders/tomcat-7-trunk/builds/880 Buildbot URL: https://ci.apache.org/ Buildslave for this Build: silvanus_ubuntu Build Reason: The AnyBranchScheduler scheduler named 'on-tomcat-7-commit' triggered this build Build Source Stamp: [branch tomcat/tc7.0.x/trunk] 1809358 Blamelist: markt Build succeeded! Sincerely, -The Buildbot - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[GUMP@vmgump-vm3]: Project tomcat-tc7.0.x-test-apr (in module tomcat-7.0.x) failed
To whom it may engage... This is an automated request, but not an unsolicited one. For more information please visit http://gump.apache.org/nagged.html, and/or contact the folk at gene...@gump.apache.org. Project tomcat-tc7.0.x-test-apr has an issue affecting its community integration. This issue affects 1 projects. The current state of this project is 'Failed', with reason 'Build Failed'. For reference only, the following projects are affected by this: - tomcat-tc7.0.x-test-apr : Tomcat 7.x, a web server implementing Java Servlet 3.0, ... Full details are available at: http://vmgump-vm3.apache.org/tomcat-7.0.x/tomcat-tc7.0.x-test-apr/index.html That said, some information snippets are provided here. The following annotations (debug/informational/warning/error messages) were provided: -DEBUG- Dependency on tomcat-tc7.0.x-dbcp exists, no need to add for property tomcat-dbcp-src.jar. -DEBUG- Dependency on commons-daemon exists, no need to add for property commons-daemon.native.src.tgz. -DEBUG- Dependency on commons-daemon exists, no need to add for property tomcat-native.tar.gz. -DEBUG- Dependency on tomcat-tc7.0.x-dbcp exists, no need to add for property tomcat-dbcp.home. -INFO- Failed with reason build failed -INFO- Project Reports in: /srv/gump/public/workspace/tomcat-7.0.x/output/logs-APR -INFO- Project Reports in: /srv/gump/public/workspace/tomcat-7.0.x/output/test-tmp-APR/logs The following work was performed: http://vmgump-vm3.apache.org/tomcat-7.0.x/tomcat-tc7.0.x-test-apr/gump_work/build_tomcat-7.0.x_tomcat-tc7.0.x-test-apr.html Work Name: build_tomcat-7.0.x_tomcat-tc7.0.x-test-apr (Type: Build) Work ended in a state of : Failed Elapsed: 19 mins 18 secs Command Line: /usr/lib/jvm/java-8-oracle/bin/java -Djava.awt.headless=true -Dbuild.sysclasspath=only org.apache.tools.ant.Main -Dgump.merge=/srv/gump/public/gump/work/merge.xml -Dbase.path=/srv/gump/public/workspace/tomcat-7.0.x/tomcat-build-libs -Dcommons-pool.home=/srv/gump/public/workspace/commons-pool-1.x -Dtest.temp=output/test-tmp-APR -Djunit.jar=/srv/gump/public/workspace/junit/target/junit-4.13-SNAPSHOT.jar -Dobjenesis.jar=/srv/gump/public/workspace/objenesis/main/target/objenesis-2.7-SNAPSHOT.jar -Dexamples.sources.skip=true -Dcommons-daemon.jar=/srv/gump/public/workspace/apache-commons/daemon/dist/commons-daemon-20170922.jar -Dtomcat-dbcp-src.jar=/srv/gump/public/workspace/tomcat-7.0.x/tomcat-deps/tomcat-dbcp-src.jar -Dtomcat-dbcp.home=/srv/gump/public/workspace/tomcat-7.0.x/tomcat-deps -Dtest.excludePerformance=true -Dhamcrest.jar=/srv/gump/packages/hamcrest/hamcrest-core-1.3.jar -Dcommons-dbcp.home=/srv/gump/public/workspace/commons-dbcp-1.x -Dexecute.test.apr=true -Dexec ute.test.bio=false -Dcommons-daemon.native.src.tgz=/srv/gump/public/workspace/apache-commons/daemon/dist/bin/commons-daemon-20170922-native-src.tar.gz -Dtest.reports=output/logs-APR -Dtomcat-native.tar.gz=/srv/gump/public/workspace/apache-commons/daemon/dist/bin/commons-daemon-20170922-native-src.tar.gz -Djdt.jar=/srv/gump/packages/eclipse/plugins/R-4.5-201506032000/ecj-4.5.jar -Dtest.apr.loc=/srv/gump/public/workspace/tomcat-native-12/dest-20170922/lib -Dtest.relaxTiming=true -Dexecute.test.nio=false -Dtest.accesslog=true -Dtomcat-dbcp.jar=/srv/gump/public/workspace/tomcat-7.0.x/tomcat-deps/tomcat-dbcp-20170922.jar -Deasymock.jar=/srv/gump/public/workspace/easymock/core/target/easymock-3.6-SNAPSHOT.jar -Dcglib.jar=/srv/gump/packages/cglib/cglib-nodep-2.2.jar test [Working Directory: /srv/gump/public/workspace/tomcat-7.0.x] CLASSPATH: /usr/lib/jvm/java-8-oracle/lib/tools.jar:/srv/gump/public/workspace/tomcat-7.0.x/output/build/webapps/examples/WEB-INF/classes:/srv/gump/public/workspace/tomcat-7.0.x/output/testclasses:/srv/gump/public/workspace/ant/dist/lib/ant.jar:/srv/gump/public/workspace/ant/dist/lib/ant-launcher.jar:/srv/gump/public/workspace/ant/dist/lib/ant-jmf.jar:/srv/gump/public/workspace/ant/dist/lib/ant-junit.jar:/srv/gump/public/workspace/ant/dist/lib/ant-junit4.jar:/srv/gump/public/workspace/ant/dist/lib/ant-swing.jar:/srv/gump/public/workspace/ant/dist/lib/ant-apache-resolver.jar:/srv/gump/public/workspace/ant/dist/lib/ant-apache-xalan2.jar:/srv/gump/public/workspace/xml-commons/java/build/resolver.jar:/srv/gump/public/workspace/tomcat-7.0.x/output/build/bin/bootstrap.jar:/srv/gump/public/workspace/tomcat-7.0.x/output/build/bin/tomcat-juli.jar:/srv/gump/public/workspace/tomcat-7.0.x/output/build/lib/annotations-api.jar:/srv/gump/public/workspace/tomcat-7.0.x/output/build/lib/servlet-api.ja r:/srv/gump/public/workspace/tomcat-7.0.x/output/build/lib/jsp-api.jar:/srv/gump/public/workspace/tomcat-7.0.x/output/build/lib/el-api.jar:/srv/gump/public/workspace/tomcat-7.0.x/output/build/lib/catalina.jar:/srv/gump/public/workspace/tomcat-7.0.x/output/build/lib/catalina-ant.jar:/srv/gump/public/workspace/tomcat-7.0.x/output/build/lib/tomcat-coyote.jar:/srv/gump/public/workspace/tomcat-7.0
svn commit: r1809358 - /tomcat/tc7.0.x/trunk/java/org/apache/naming/resources/FileDirContext.java
Author: markt Date: Fri Sep 22 21:28:47 2017 New Revision: 1809358 URL: http://svn.apache.org/viewvc?rev=1809358=rev Log: Fix broken tests caused by "" vs "/" when resource is at base of DirContext Modified: tomcat/tc7.0.x/trunk/java/org/apache/naming/resources/FileDirContext.java Modified: tomcat/tc7.0.x/trunk/java/org/apache/naming/resources/FileDirContext.java URL: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/naming/resources/FileDirContext.java?rev=1809358=1809357=1809358=diff == --- tomcat/tc7.0.x/trunk/java/org/apache/naming/resources/FileDirContext.java (original) +++ tomcat/tc7.0.x/trunk/java/org/apache/naming/resources/FileDirContext.java Fri Sep 22 21:28:47 2017 @@ -870,8 +870,9 @@ public class FileDirContext extends Base // // absPath is normalized so canPath needs to be normalized as well // Can't normalize canPath earlier as canonicalBase is not normalized -if (canPath.length() > 0) { -canPath = normalize(canPath); +canPath = normalize(canPath); +if (absPath.length() == 0) { +absPath = "/"; } if (!canPath.equals(absPath)) { return null; - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[VOTE] Release Apache Tomcat 8.5.22
The proposed Apache Tomcat 8.5.22 release is now available for voting. The major changes compared to the 8.5.21 release are: - Fix CVE-2017-12617 - Add ExtractingRoot, a new WebResourceRoot implementation that extracts JARs to the work directory for improved performance when deploying packed WAR files. Along with lots of other bug fixes and improvements. It can be obtained from: https://dist.apache.org/repos/dist/dev/tomcat/tomcat-8/v8.5.22/ The Maven staging repo is: https://repository.apache.org/content/repositories/orgapachetomcat-1155/ The svn tag is: http://svn.apache.org/repos/asf/tomcat/tc8.5.x/tags/TOMCAT_8_5_22/ The proposed 8.5.22 release is: [ ] Broken - do not release [ ] Stable - go ahead and release as 8.5.22 - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[GUMP@vmgump-vm3]: Project tomcat-tc7.0.x-test-nio (in module tomcat-7.0.x) failed
To whom it may engage... This is an automated request, but not an unsolicited one. For more information please visit http://gump.apache.org/nagged.html, and/or contact the folk at gene...@gump.apache.org. Project tomcat-tc7.0.x-test-nio has an issue affecting its community integration. This issue affects 1 projects. The current state of this project is 'Failed', with reason 'Build Failed'. For reference only, the following projects are affected by this: - tomcat-tc7.0.x-test-nio : Tomcat 7.x, a web server implementing Java Servlet 3.0, ... Full details are available at: http://vmgump-vm3.apache.org/tomcat-7.0.x/tomcat-tc7.0.x-test-nio/index.html That said, some information snippets are provided here. The following annotations (debug/informational/warning/error messages) were provided: -DEBUG- Dependency on tomcat-tc7.0.x-dbcp exists, no need to add for property tomcat-dbcp-src.jar. -DEBUG- Dependency on commons-daemon exists, no need to add for property commons-daemon.native.src.tgz. -DEBUG- Dependency on commons-daemon exists, no need to add for property tomcat-native.tar.gz. -DEBUG- Dependency on tomcat-tc7.0.x-dbcp exists, no need to add for property tomcat-dbcp.home. -INFO- Failed with reason build failed -INFO- Project Reports in: /srv/gump/public/workspace/tomcat-7.0.x/output/logs-NIO -INFO- Project Reports in: /srv/gump/public/workspace/tomcat-7.0.x/output/test-tmp-NIO/logs The following work was performed: http://vmgump-vm3.apache.org/tomcat-7.0.x/tomcat-tc7.0.x-test-nio/gump_work/build_tomcat-7.0.x_tomcat-tc7.0.x-test-nio.html Work Name: build_tomcat-7.0.x_tomcat-tc7.0.x-test-nio (Type: Build) Work ended in a state of : Failed Elapsed: 17 mins 10 secs Command Line: /usr/lib/jvm/java-8-oracle/bin/java -Djava.awt.headless=true -Dbuild.sysclasspath=only org.apache.tools.ant.Main -Dgump.merge=/srv/gump/public/gump/work/merge.xml -Dbase.path=/srv/gump/public/workspace/tomcat-7.0.x/tomcat-build-libs -Dcommons-pool.home=/srv/gump/public/workspace/commons-pool-1.x -Dtest.temp=output/test-tmp-NIO -Djunit.jar=/srv/gump/public/workspace/junit/target/junit-4.13-SNAPSHOT.jar -Dobjenesis.jar=/srv/gump/public/workspace/objenesis/main/target/objenesis-2.7-SNAPSHOT.jar -Dexamples.sources.skip=true -Dcommons-daemon.jar=/srv/gump/public/workspace/apache-commons/daemon/dist/commons-daemon-20170922.jar -Dtomcat-dbcp-src.jar=/srv/gump/public/workspace/tomcat-7.0.x/tomcat-deps/tomcat-dbcp-src.jar -Dtomcat-dbcp.home=/srv/gump/public/workspace/tomcat-7.0.x/tomcat-deps -Dtest.excludePerformance=true -Dhamcrest.jar=/srv/gump/packages/hamcrest/hamcrest-core-1.3.jar -Dcommons-dbcp.home=/srv/gump/public/workspace/commons-dbcp-1.x -Dexecute.test.apr=false -Dexe cute.test.bio=false -Dcommons-daemon.native.src.tgz=/srv/gump/public/workspace/apache-commons/daemon/dist/bin/commons-daemon-20170922-native-src.tar.gz -Dtest.reports=output/logs-NIO -Dtomcat-native.tar.gz=/srv/gump/public/workspace/apache-commons/daemon/dist/bin/commons-daemon-20170922-native-src.tar.gz -Djdt.jar=/srv/gump/packages/eclipse/plugins/R-4.5-201506032000/ecj-4.5.jar -Dtest.relaxTiming=true -Dexecute.test.nio=true -Dtest.accesslog=true -Dtomcat-dbcp.jar=/srv/gump/public/workspace/tomcat-7.0.x/tomcat-deps/tomcat-dbcp-20170922.jar -Deasymock.jar=/srv/gump/public/workspace/easymock/core/target/easymock-3.6-SNAPSHOT.jar -Dcglib.jar=/srv/gump/packages/cglib/cglib-nodep-2.2.jar test [Working Directory: /srv/gump/public/workspace/tomcat-7.0.x] CLASSPATH: /usr/lib/jvm/java-8-oracle/lib/tools.jar:/srv/gump/public/workspace/tomcat-7.0.x/output/build/webapps/examples/WEB-INF/classes:/srv/gump/public/workspace/tomcat-7.0.x/output/testclasses:/srv/gump/public/workspace/ant/dist/lib/ant.jar:/srv/gump/public/workspace/ant/dist/lib/ant-launcher.jar:/srv/gump/public/workspace/ant/dist/lib/ant-jmf.jar:/srv/gump/public/workspace/ant/dist/lib/ant-junit.jar:/srv/gump/public/workspace/ant/dist/lib/ant-junit4.jar:/srv/gump/public/workspace/ant/dist/lib/ant-swing.jar:/srv/gump/public/workspace/ant/dist/lib/ant-apache-resolver.jar:/srv/gump/public/workspace/ant/dist/lib/ant-apache-xalan2.jar:/srv/gump/public/workspace/xml-commons/java/build/resolver.jar:/srv/gump/public/workspace/tomcat-7.0.x/output/build/bin/bootstrap.jar:/srv/gump/public/workspace/tomcat-7.0.x/output/build/bin/tomcat-juli.jar:/srv/gump/public/workspace/tomcat-7.0.x/output/build/lib/annotations-api.jar:/srv/gump/public/workspace/tomcat-7.0.x/output/build/lib/servlet-api.ja r:/srv/gump/public/workspace/tomcat-7.0.x/output/build/lib/jsp-api.jar:/srv/gump/public/workspace/tomcat-7.0.x/output/build/lib/el-api.jar:/srv/gump/public/workspace/tomcat-7.0.x/output/build/lib/catalina.jar:/srv/gump/public/workspace/tomcat-7.0.x/output/build/lib/catalina-ant.jar:/srv/gump/public/workspace/tomcat-7.0.x/output/build/lib/tomcat-coyote.jar:/srv/gump/public/workspace/tomcat-7.0.x/output/build/lib/jasper.jar:/srv/gump/public/workspace/tomcat-7.0.x/output
svn commit: r21897 - in /dev/tomcat/tomcat-8/v8.5.22: ./ bin/ bin/embed/ bin/extras/ src/
Author: markt Date: Fri Sep 22 20:24:43 2017 New Revision: 21897 Log: Upload 8.5.22 for voting Added: dev/tomcat/tomcat-8/v8.5.22/ dev/tomcat/tomcat-8/v8.5.22/KEYS dev/tomcat/tomcat-8/v8.5.22/README.html dev/tomcat/tomcat-8/v8.5.22/RELEASE-NOTES dev/tomcat/tomcat-8/v8.5.22/bin/ dev/tomcat/tomcat-8/v8.5.22/bin/README.html dev/tomcat/tomcat-8/v8.5.22/bin/apache-tomcat-8.5.22-deployer.tar.gz (with props) dev/tomcat/tomcat-8/v8.5.22/bin/apache-tomcat-8.5.22-deployer.tar.gz.asc dev/tomcat/tomcat-8/v8.5.22/bin/apache-tomcat-8.5.22-deployer.tar.gz.md5 dev/tomcat/tomcat-8/v8.5.22/bin/apache-tomcat-8.5.22-deployer.tar.gz.sha1 dev/tomcat/tomcat-8/v8.5.22/bin/apache-tomcat-8.5.22-deployer.zip (with props) dev/tomcat/tomcat-8/v8.5.22/bin/apache-tomcat-8.5.22-deployer.zip.asc dev/tomcat/tomcat-8/v8.5.22/bin/apache-tomcat-8.5.22-deployer.zip.md5 dev/tomcat/tomcat-8/v8.5.22/bin/apache-tomcat-8.5.22-deployer.zip.sha1 dev/tomcat/tomcat-8/v8.5.22/bin/apache-tomcat-8.5.22-fulldocs.tar.gz (with props) dev/tomcat/tomcat-8/v8.5.22/bin/apache-tomcat-8.5.22-fulldocs.tar.gz.asc dev/tomcat/tomcat-8/v8.5.22/bin/apache-tomcat-8.5.22-fulldocs.tar.gz.md5 dev/tomcat/tomcat-8/v8.5.22/bin/apache-tomcat-8.5.22-fulldocs.tar.gz.sha1 dev/tomcat/tomcat-8/v8.5.22/bin/apache-tomcat-8.5.22-windows-x64.zip (with props) dev/tomcat/tomcat-8/v8.5.22/bin/apache-tomcat-8.5.22-windows-x64.zip.asc dev/tomcat/tomcat-8/v8.5.22/bin/apache-tomcat-8.5.22-windows-x64.zip.md5 dev/tomcat/tomcat-8/v8.5.22/bin/apache-tomcat-8.5.22-windows-x64.zip.sha1 dev/tomcat/tomcat-8/v8.5.22/bin/apache-tomcat-8.5.22-windows-x86.zip (with props) dev/tomcat/tomcat-8/v8.5.22/bin/apache-tomcat-8.5.22-windows-x86.zip.asc dev/tomcat/tomcat-8/v8.5.22/bin/apache-tomcat-8.5.22-windows-x86.zip.md5 dev/tomcat/tomcat-8/v8.5.22/bin/apache-tomcat-8.5.22-windows-x86.zip.sha1 dev/tomcat/tomcat-8/v8.5.22/bin/apache-tomcat-8.5.22.exe (with props) dev/tomcat/tomcat-8/v8.5.22/bin/apache-tomcat-8.5.22.exe.asc dev/tomcat/tomcat-8/v8.5.22/bin/apache-tomcat-8.5.22.exe.md5 dev/tomcat/tomcat-8/v8.5.22/bin/apache-tomcat-8.5.22.exe.sha1 dev/tomcat/tomcat-8/v8.5.22/bin/apache-tomcat-8.5.22.tar.gz (with props) dev/tomcat/tomcat-8/v8.5.22/bin/apache-tomcat-8.5.22.tar.gz.md5 dev/tomcat/tomcat-8/v8.5.22/bin/apache-tomcat-8.5.22.tar.gz.sha1 dev/tomcat/tomcat-8/v8.5.22/bin/apache-tomcat-8.5.22.zip (with props) dev/tomcat/tomcat-8/v8.5.22/bin/apache-tomcat-8.5.22.zip.md5 dev/tomcat/tomcat-8/v8.5.22/bin/apache-tomcat-8.5.22.zip.sha1 dev/tomcat/tomcat-8/v8.5.22/bin/embed/ dev/tomcat/tomcat-8/v8.5.22/bin/embed/apache-tomcat-8.5.22-embed.tar.gz (with props) dev/tomcat/tomcat-8/v8.5.22/bin/embed/apache-tomcat-8.5.22-embed.tar.gz.asc dev/tomcat/tomcat-8/v8.5.22/bin/embed/apache-tomcat-8.5.22-embed.tar.gz.md5 dev/tomcat/tomcat-8/v8.5.22/bin/embed/apache-tomcat-8.5.22-embed.tar.gz.sha1 dev/tomcat/tomcat-8/v8.5.22/bin/embed/apache-tomcat-8.5.22-embed.zip (with props) dev/tomcat/tomcat-8/v8.5.22/bin/embed/apache-tomcat-8.5.22-embed.zip.asc dev/tomcat/tomcat-8/v8.5.22/bin/embed/apache-tomcat-8.5.22-embed.zip.md5 dev/tomcat/tomcat-8/v8.5.22/bin/embed/apache-tomcat-8.5.22-embed.zip.sha1 dev/tomcat/tomcat-8/v8.5.22/bin/extras/ dev/tomcat/tomcat-8/v8.5.22/bin/extras/catalina-jmx-remote.jar (with props) dev/tomcat/tomcat-8/v8.5.22/bin/extras/catalina-jmx-remote.jar.asc dev/tomcat/tomcat-8/v8.5.22/bin/extras/catalina-jmx-remote.jar.md5 dev/tomcat/tomcat-8/v8.5.22/bin/extras/catalina-jmx-remote.jar.sha1 dev/tomcat/tomcat-8/v8.5.22/bin/extras/catalina-ws.jar (with props) dev/tomcat/tomcat-8/v8.5.22/bin/extras/catalina-ws.jar.asc dev/tomcat/tomcat-8/v8.5.22/bin/extras/catalina-ws.jar.md5 dev/tomcat/tomcat-8/v8.5.22/bin/extras/catalina-ws.jar.sha1 dev/tomcat/tomcat-8/v8.5.22/src/ dev/tomcat/tomcat-8/v8.5.22/src/apache-tomcat-8.5.22-src.tar.gz (with props) dev/tomcat/tomcat-8/v8.5.22/src/apache-tomcat-8.5.22-src.tar.gz.asc dev/tomcat/tomcat-8/v8.5.22/src/apache-tomcat-8.5.22-src.tar.gz.md5 dev/tomcat/tomcat-8/v8.5.22/src/apache-tomcat-8.5.22-src.tar.gz.sha1 dev/tomcat/tomcat-8/v8.5.22/src/apache-tomcat-8.5.22-src.zip (with props) dev/tomcat/tomcat-8/v8.5.22/src/apache-tomcat-8.5.22-src.zip.asc dev/tomcat/tomcat-8/v8.5.22/src/apache-tomcat-8.5.22-src.zip.md5 dev/tomcat/tomcat-8/v8.5.22/src/apache-tomcat-8.5.22-src.zip.sha1 Added: dev/tomcat/tomcat-8/v8.5.22/KEYS == --- dev/tomcat/tomcat-8/v8.5.22/KEYS (added) +++ dev/tomcat/tomcat-8/v8.5.22/KEYS Fri Sep 22 20:24:43 2017 @@ -0,0 +1,616 @@ +This file contains the PGP keys of various Apache developers. +Please don't use them for email unless you have to. Their main +purpose is code signing. + +Apache users: pgp < KEYS +Apache
[GUMP@vmgump-vm3]: Project tomcat-tc7.0.x-test-bio (in module tomcat-7.0.x) failed
To whom it may engage... This is an automated request, but not an unsolicited one. For more information please visit http://gump.apache.org/nagged.html, and/or contact the folk at gene...@gump.apache.org. Project tomcat-tc7.0.x-test-bio has an issue affecting its community integration. This issue affects 1 projects. The current state of this project is 'Failed', with reason 'Build Failed'. For reference only, the following projects are affected by this: - tomcat-tc7.0.x-test-bio : Tomcat 7.x, a web server implementing Java Servlet 3.0, ... Full details are available at: http://vmgump-vm3.apache.org/tomcat-7.0.x/tomcat-tc7.0.x-test-bio/index.html That said, some information snippets are provided here. The following annotations (debug/informational/warning/error messages) were provided: -DEBUG- Dependency on tomcat-tc7.0.x-dbcp exists, no need to add for property tomcat-dbcp-src.jar. -DEBUG- Dependency on commons-daemon exists, no need to add for property commons-daemon.native.src.tgz. -DEBUG- Dependency on commons-daemon exists, no need to add for property tomcat-native.tar.gz. -DEBUG- Dependency on tomcat-tc7.0.x-dbcp exists, no need to add for property tomcat-dbcp.home. -INFO- Failed with reason build failed -INFO- Project Reports in: /srv/gump/public/workspace/tomcat-7.0.x/output/logs-BIO -INFO- Project Reports in: /srv/gump/public/workspace/tomcat-7.0.x/output/test-tmp-BIO/logs The following work was performed: http://vmgump-vm3.apache.org/tomcat-7.0.x/tomcat-tc7.0.x-test-bio/gump_work/build_tomcat-7.0.x_tomcat-tc7.0.x-test-bio.html Work Name: build_tomcat-7.0.x_tomcat-tc7.0.x-test-bio (Type: Build) Work ended in a state of : Failed Elapsed: 16 mins 32 secs Command Line: /usr/lib/jvm/java-8-oracle/bin/java -Djava.awt.headless=true -Dbuild.sysclasspath=only org.apache.tools.ant.Main -Dgump.merge=/srv/gump/public/gump/work/merge.xml -Dbase.path=/srv/gump/public/workspace/tomcat-7.0.x/tomcat-build-libs -Dcommons-pool.home=/srv/gump/public/workspace/commons-pool-1.x -Dtest.temp=output/test-tmp-BIO -Djunit.jar=/srv/gump/public/workspace/junit/target/junit-4.13-SNAPSHOT.jar -Dobjenesis.jar=/srv/gump/public/workspace/objenesis/main/target/objenesis-2.7-SNAPSHOT.jar -Dexamples.sources.skip=true -Dcommons-daemon.jar=/srv/gump/public/workspace/apache-commons/daemon/dist/commons-daemon-20170922.jar -Dtomcat-dbcp-src.jar=/srv/gump/public/workspace/tomcat-7.0.x/tomcat-deps/tomcat-dbcp-src.jar -Dtomcat-dbcp.home=/srv/gump/public/workspace/tomcat-7.0.x/tomcat-deps -Dtest.excludePerformance=true -Dhamcrest.jar=/srv/gump/packages/hamcrest/hamcrest-core-1.3.jar -Dcommons-dbcp.home=/srv/gump/public/workspace/commons-dbcp-1.x -Dexecute.test.apr=false -Dexe cute.test.bio=true -Dcommons-daemon.native.src.tgz=/srv/gump/public/workspace/apache-commons/daemon/dist/bin/commons-daemon-20170922-native-src.tar.gz -Dtest.reports=output/logs-BIO -Dtomcat-native.tar.gz=/srv/gump/public/workspace/apache-commons/daemon/dist/bin/commons-daemon-20170922-native-src.tar.gz -Djdt.jar=/srv/gump/packages/eclipse/plugins/R-4.5-201506032000/ecj-4.5.jar -Dtest.relaxTiming=true -Dexecute.test.nio=false -Dtest.accesslog=true -Dtomcat-dbcp.jar=/srv/gump/public/workspace/tomcat-7.0.x/tomcat-deps/tomcat-dbcp-20170922.jar -Deasymock.jar=/srv/gump/public/workspace/easymock/core/target/easymock-3.6-SNAPSHOT.jar -Dcglib.jar=/srv/gump/packages/cglib/cglib-nodep-2.2.jar test [Working Directory: /srv/gump/public/workspace/tomcat-7.0.x] CLASSPATH: /usr/lib/jvm/java-8-oracle/lib/tools.jar:/srv/gump/public/workspace/tomcat-7.0.x/output/build/webapps/examples/WEB-INF/classes:/srv/gump/public/workspace/tomcat-7.0.x/output/testclasses:/srv/gump/public/workspace/ant/dist/lib/ant.jar:/srv/gump/public/workspace/ant/dist/lib/ant-launcher.jar:/srv/gump/public/workspace/ant/dist/lib/ant-jmf.jar:/srv/gump/public/workspace/ant/dist/lib/ant-junit.jar:/srv/gump/public/workspace/ant/dist/lib/ant-junit4.jar:/srv/gump/public/workspace/ant/dist/lib/ant-swing.jar:/srv/gump/public/workspace/ant/dist/lib/ant-apache-resolver.jar:/srv/gump/public/workspace/ant/dist/lib/ant-apache-xalan2.jar:/srv/gump/public/workspace/xml-commons/java/build/resolver.jar:/srv/gump/public/workspace/tomcat-7.0.x/output/build/bin/bootstrap.jar:/srv/gump/public/workspace/tomcat-7.0.x/output/build/bin/tomcat-juli.jar:/srv/gump/public/workspace/tomcat-7.0.x/output/build/lib/annotations-api.jar:/srv/gump/public/workspace/tomcat-7.0.x/output/build/lib/servlet-api.ja r:/srv/gump/public/workspace/tomcat-7.0.x/output/build/lib/jsp-api.jar:/srv/gump/public/workspace/tomcat-7.0.x/output/build/lib/el-api.jar:/srv/gump/public/workspace/tomcat-7.0.x/output/build/lib/catalina.jar:/srv/gump/public/workspace/tomcat-7.0.x/output/build/lib/catalina-ant.jar:/srv/gump/public/workspace/tomcat-7.0.x/output/build/lib/tomcat-coyote.jar:/srv/gump/public/workspace/tomcat-7.0.x/output/build/lib/jasper.jar:/srv/gump/public/workspace/tomcat-7.0.x/output
svn commit: r1809337 - in /tomcat/tc8.5.x/tags/TOMCAT_8_5_22: ./ build.properties.default webapps/docs/changelog.xml
Author: markt Date: Fri Sep 22 19:07:52 2017 New Revision: 1809337 URL: http://svn.apache.org/viewvc?rev=1809337=rev Log: Tag 8.5.22 Added: tomcat/tc8.5.x/tags/TOMCAT_8_5_22/ (props changed) - copied from r1809336, tomcat/tc8.5.x/trunk/ Modified: tomcat/tc8.5.x/tags/TOMCAT_8_5_22/build.properties.default tomcat/tc8.5.x/tags/TOMCAT_8_5_22/webapps/docs/changelog.xml Propchange: tomcat/tc8.5.x/tags/TOMCAT_8_5_22/ -- bugtraq:append = false Propchange: tomcat/tc8.5.x/tags/TOMCAT_8_5_22/ -- bugtraq:label = Bugzilla ID (optional) Propchange: tomcat/tc8.5.x/tags/TOMCAT_8_5_22/ -- --- bugtraq:logregex (added) +++ bugtraq:logregex Fri Sep 22 19:07:52 2017 @@ -0,0 +1,2 @@ +(https?\://(bz|issues)\.apache\.org/bugzilla/show_bug.cgi\?id=\d+|BZ\s?\d+) +(\d+) Propchange: tomcat/tc8.5.x/tags/TOMCAT_8_5_22/ -- bugtraq:message = Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=%BUGID% Propchange: tomcat/tc8.5.x/tags/TOMCAT_8_5_22/ -- bugtraq:url = https://bz.apache.org/bugzilla/show_bug.cgi?id=%BUGID% Propchange: tomcat/tc8.5.x/tags/TOMCAT_8_5_22/ -- --- svn:ignore (added) +++ svn:ignore Fri Sep 22 19:07:52 2017 @@ -0,0 +1,8 @@ +.* +build.properties +logs +nbproject +output +work +*.iml +temp Propchange: tomcat/tc8.5.x/tags/TOMCAT_8_5_22/ -- --- svn:mergeinfo (added) +++ svn:mergeinfo Fri Sep 22 19:07:52 2017 @@ -0,0 +1 @@ +/tomcat/trunk:1734785,1734799,1734845,1734928,1735041,1735044,1735480,1735577,1735597,1735599-1735600,1735615,1736145,1736162,1736209,1736280,1736297,1736299,1736489,1736646,1736703,1736836,1736849,1737104-1737105,1737112,1737117,1737119-1737120,1737155,1737157,1737192,1737280,1737339,1737632,1737664,1737715,1737748,1737785,1737834,1737860,1737903,1737959,1738005,1738007,1738014-1738015,1738018,1738022,1738039,1738043,1738059-1738060,1738147,1738149,1738174-1738175,1738261,1738589,1738623-1738625,1738643,1738816,1738850,1738855,1738946-1738948,1738953-1738954,1738979,1738982,1739079-1739081,1739087,1739113,1739153,1739172,1739176,1739191,1739474,1739726,1739762,1739775,1739814,1739817-1739818,1739975,1740131,1740324,1740465,1740495,1740508-1740509,1740520,1740535,1740707,1740803,1740810,1740969,1740980,1740991,1740997,1741015,1741033,1741036,1741058,1741060,1741080,1741147,1741159,1741164,1741173,1741181,1741190,1741197,1741202,1741208,1741213,1741221,1741225,1741232,1741409,1741501 ,1741677,1741892,1741896,1741984,1742023,1742042,1742071,1742090,1742093,1742101,1742105,1742111,1742139,1742146,1742148,1742166,1742181,1742184,1742187,1742246,1742248-1742251,1742263-1742264,1742268,1742276,1742369,1742387,1742448,1742509-1742512,1742917,1742919,1742933,1742975-1742976,1742984,1742986,1743019,1743115,1743117,1743124-1743125,1743134,1743425,1743554,1743679,1743696-1743698,1743700-1743701,1744058,1744064-1744065,1744125,1744194,1744229,1744270,1744323,1744432,1744684,1744697,1744705,1744713,1744760,1744786,1745083,1745142-1745143,1745145,1745177,1745179-1745180,1745227,1745248,1745254,1745337,1745467,1745473,1745535,1745576,1745735,1745744,1746304,1746306-1746307,1746319,1746327,1746338,1746340-1746341,1746344,1746427,1746441,1746473,1746490,1746492,1746495-1746496,1746499-1746501,1746503-1746507,1746509,1746549,1746551,1746554,1746556,1746558,1746584,1746620,1746649,1746724,1746939,1746989,1747014,1747028,1747035,1747210,1747225,1747234,1747253,1747404,1747506,1747 536,1747924,1747980,1747993,1748001,1748253,1748452,1748547,1748629,1748676,1748715,1749287,1749296,1749328,1749373,1749465,1749506,1749508,1749665-1749666,1749763,1749865-1749866,1749898,1749978,1749980,1750011,1750015,1750056,1750480,1750617,1750634,1750692,1750697,1750700,1750703,1750707,1750714,1750718,1750723,1750774,1750899,1750975,1750995,1751061,1751097,1751173,1751438,1751447,1751463,1751702,1752212,1752737,1752745,1753078,1753080,1753358,1753363,1754111,1754140-1754141,1754281,1754310,1754445,1754467,1754494,1754496,1754528,1754532-1754533,1754613,1754714,1754874,1754941,1754944,1754950-1754951,1755005,1755007,1755009,1755132,1755180-1755181,1755185,1755190,1755204-1755206,1755208,1755214,1755224,1755227,1755230,1755629,1755646-1755647,1755650,1755653,1755675,1755680,1755683,1755693,1755717,1755731-1755737,1755812,1755828,1755884,1755890,1755918-1755919,1755942,1755958,1755960,1755970,1755993,1756013,1756019,1756039,1756056,1756083-1756114,1756175,1756288-1756289,1756408-1
svn commit: r1809336 - in /tomcat/trunk: build.properties.default res/maven/mvn.properties.default webapps/docs/changelog.xml
Author: markt Date: Fri Sep 22 19:01:55 2017 New Revision: 1809336 URL: http://svn.apache.org/viewvc?rev=1809336=rev Log: Increment version ready for next development cycle Modified: tomcat/trunk/build.properties.default tomcat/trunk/res/maven/mvn.properties.default tomcat/trunk/webapps/docs/changelog.xml Modified: tomcat/trunk/build.properties.default URL: http://svn.apache.org/viewvc/tomcat/trunk/build.properties.default?rev=1809336=1809335=1809336=diff == --- tomcat/trunk/build.properties.default (original) +++ tomcat/trunk/build.properties.default Fri Sep 22 19:01:55 2017 @@ -25,7 +25,7 @@ # - Version Control Flags - version.major=9 version.minor=0 -version.build=0 +version.build=1 version.patch=0 version.suffix=-dev Modified: tomcat/trunk/res/maven/mvn.properties.default URL: http://svn.apache.org/viewvc/tomcat/trunk/res/maven/mvn.properties.default?rev=1809336=1809335=1809336=diff == --- tomcat/trunk/res/maven/mvn.properties.default (original) +++ tomcat/trunk/res/maven/mvn.properties.default Fri Sep 22 19:01:55 2017 @@ -39,7 +39,7 @@ maven.asf.release.repo.url=https://repos maven.asf.release.repo.repositoryId=apache.releases.https # Release version info -maven.asf.release.deploy.version=9.0.0 +maven.asf.release.deploy.version=9.0.1 #Where do we load the libraries from tomcat.lib.path=../../output/build/lib Modified: tomcat/trunk/webapps/docs/changelog.xml URL: http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1809336=1809335=1809336=diff == --- tomcat/trunk/webapps/docs/changelog.xml (original) +++ tomcat/trunk/webapps/docs/changelog.xml Fri Sep 22 19:01:55 2017 @@ -44,7 +44,9 @@ They eventually become mixed with the numbered issues. (I.e., numbered issues do not "pop up" wrt. others). --> - + + + - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[VOTE] Release Apache Tomcat 9.0.0
The proposed Apache Tomcat 9.0.0 release is now available for voting. The major changes compared to the 9.0.0.M27 release are: - Fix CVE-2017-12617 - Servlet 4.0 implementation is complete - Add the ability to reconfigure TLS connectors at runtime without stopping the connector - Stricter validation of the Host header Along with lots of other bug fixes and improvements. For full details, see the changelog: http://svn.apache.org/repos/asf/tomcat/trunk/webapps/docs/changelog.xml It can be obtained from: https://dist.apache.org/repos/dist/dev/tomcat/tomcat-9/v9.0.0/ The Maven staging repo is: https://repository.apache.org/content/repositories/orgapachetomcat-1154/ The svn tag is: http://svn.apache.org/repos/asf/tomcat/tags/TOMCAT_9_0_0/ The proposed 9.0.0 release is: [ ] Broken - do not release [ ] Alpha - go ahead and release as 9.0.0 [ ] Beta - go ahead and release as 9.0.0 [ ] Stable - go ahead and release as 9.0.0 - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r21896 - in /dev/tomcat/tomcat-9/v9.0.0: ./ bin/ bin/embed/ bin/extras/ src/
Author: markt Date: Fri Sep 22 18:53:49 2017 New Revision: 21896 Log: Upload 9.0.0 for a release vote Added: dev/tomcat/tomcat-9/v9.0.0/ dev/tomcat/tomcat-9/v9.0.0/KEYS dev/tomcat/tomcat-9/v9.0.0/README.html dev/tomcat/tomcat-9/v9.0.0/RELEASE-NOTES dev/tomcat/tomcat-9/v9.0.0/bin/ dev/tomcat/tomcat-9/v9.0.0/bin/README.html dev/tomcat/tomcat-9/v9.0.0/bin/apache-tomcat-9.0.0-deployer.tar.gz (with props) dev/tomcat/tomcat-9/v9.0.0/bin/apache-tomcat-9.0.0-deployer.tar.gz.asc dev/tomcat/tomcat-9/v9.0.0/bin/apache-tomcat-9.0.0-deployer.tar.gz.md5 dev/tomcat/tomcat-9/v9.0.0/bin/apache-tomcat-9.0.0-deployer.tar.gz.sha1 dev/tomcat/tomcat-9/v9.0.0/bin/apache-tomcat-9.0.0-deployer.zip (with props) dev/tomcat/tomcat-9/v9.0.0/bin/apache-tomcat-9.0.0-deployer.zip.asc dev/tomcat/tomcat-9/v9.0.0/bin/apache-tomcat-9.0.0-deployer.zip.md5 dev/tomcat/tomcat-9/v9.0.0/bin/apache-tomcat-9.0.0-deployer.zip.sha1 dev/tomcat/tomcat-9/v9.0.0/bin/apache-tomcat-9.0.0-fulldocs.tar.gz (with props) dev/tomcat/tomcat-9/v9.0.0/bin/apache-tomcat-9.0.0-fulldocs.tar.gz.asc dev/tomcat/tomcat-9/v9.0.0/bin/apache-tomcat-9.0.0-fulldocs.tar.gz.md5 dev/tomcat/tomcat-9/v9.0.0/bin/apache-tomcat-9.0.0-fulldocs.tar.gz.sha1 dev/tomcat/tomcat-9/v9.0.0/bin/apache-tomcat-9.0.0-windows-x64.zip (with props) dev/tomcat/tomcat-9/v9.0.0/bin/apache-tomcat-9.0.0-windows-x64.zip.asc dev/tomcat/tomcat-9/v9.0.0/bin/apache-tomcat-9.0.0-windows-x64.zip.md5 dev/tomcat/tomcat-9/v9.0.0/bin/apache-tomcat-9.0.0-windows-x64.zip.sha1 dev/tomcat/tomcat-9/v9.0.0/bin/apache-tomcat-9.0.0-windows-x86.zip (with props) dev/tomcat/tomcat-9/v9.0.0/bin/apache-tomcat-9.0.0-windows-x86.zip.asc dev/tomcat/tomcat-9/v9.0.0/bin/apache-tomcat-9.0.0-windows-x86.zip.md5 dev/tomcat/tomcat-9/v9.0.0/bin/apache-tomcat-9.0.0-windows-x86.zip.sha1 dev/tomcat/tomcat-9/v9.0.0/bin/apache-tomcat-9.0.0.exe (with props) dev/tomcat/tomcat-9/v9.0.0/bin/apache-tomcat-9.0.0.exe.asc dev/tomcat/tomcat-9/v9.0.0/bin/apache-tomcat-9.0.0.exe.md5 dev/tomcat/tomcat-9/v9.0.0/bin/apache-tomcat-9.0.0.exe.sha1 dev/tomcat/tomcat-9/v9.0.0/bin/apache-tomcat-9.0.0.tar.gz (with props) dev/tomcat/tomcat-9/v9.0.0/bin/apache-tomcat-9.0.0.tar.gz.asc dev/tomcat/tomcat-9/v9.0.0/bin/apache-tomcat-9.0.0.tar.gz.md5 dev/tomcat/tomcat-9/v9.0.0/bin/apache-tomcat-9.0.0.tar.gz.sha1 dev/tomcat/tomcat-9/v9.0.0/bin/apache-tomcat-9.0.0.zip (with props) dev/tomcat/tomcat-9/v9.0.0/bin/apache-tomcat-9.0.0.zip.asc dev/tomcat/tomcat-9/v9.0.0/bin/apache-tomcat-9.0.0.zip.md5 dev/tomcat/tomcat-9/v9.0.0/bin/apache-tomcat-9.0.0.zip.sha1 dev/tomcat/tomcat-9/v9.0.0/bin/embed/ dev/tomcat/tomcat-9/v9.0.0/bin/embed/apache-tomcat-9.0.0-embed.tar.gz (with props) dev/tomcat/tomcat-9/v9.0.0/bin/embed/apache-tomcat-9.0.0-embed.tar.gz.asc dev/tomcat/tomcat-9/v9.0.0/bin/embed/apache-tomcat-9.0.0-embed.tar.gz.md5 dev/tomcat/tomcat-9/v9.0.0/bin/embed/apache-tomcat-9.0.0-embed.tar.gz.sha1 dev/tomcat/tomcat-9/v9.0.0/bin/embed/apache-tomcat-9.0.0-embed.zip (with props) dev/tomcat/tomcat-9/v9.0.0/bin/embed/apache-tomcat-9.0.0-embed.zip.asc dev/tomcat/tomcat-9/v9.0.0/bin/embed/apache-tomcat-9.0.0-embed.zip.md5 dev/tomcat/tomcat-9/v9.0.0/bin/embed/apache-tomcat-9.0.0-embed.zip.sha1 dev/tomcat/tomcat-9/v9.0.0/bin/extras/ dev/tomcat/tomcat-9/v9.0.0/bin/extras/catalina-jmx-remote.jar (with props) dev/tomcat/tomcat-9/v9.0.0/bin/extras/catalina-jmx-remote.jar.asc dev/tomcat/tomcat-9/v9.0.0/bin/extras/catalina-jmx-remote.jar.md5 dev/tomcat/tomcat-9/v9.0.0/bin/extras/catalina-jmx-remote.jar.sha1 dev/tomcat/tomcat-9/v9.0.0/bin/extras/catalina-ws.jar (with props) dev/tomcat/tomcat-9/v9.0.0/bin/extras/catalina-ws.jar.asc dev/tomcat/tomcat-9/v9.0.0/bin/extras/catalina-ws.jar.md5 dev/tomcat/tomcat-9/v9.0.0/bin/extras/catalina-ws.jar.sha1 dev/tomcat/tomcat-9/v9.0.0/src/ dev/tomcat/tomcat-9/v9.0.0/src/apache-tomcat-9.0.0-src.tar.gz (with props) dev/tomcat/tomcat-9/v9.0.0/src/apache-tomcat-9.0.0-src.tar.gz.asc dev/tomcat/tomcat-9/v9.0.0/src/apache-tomcat-9.0.0-src.tar.gz.md5 dev/tomcat/tomcat-9/v9.0.0/src/apache-tomcat-9.0.0-src.tar.gz.sha1 dev/tomcat/tomcat-9/v9.0.0/src/apache-tomcat-9.0.0-src.zip (with props) dev/tomcat/tomcat-9/v9.0.0/src/apache-tomcat-9.0.0-src.zip.asc dev/tomcat/tomcat-9/v9.0.0/src/apache-tomcat-9.0.0-src.zip.md5 dev/tomcat/tomcat-9/v9.0.0/src/apache-tomcat-9.0.0-src.zip.sha1 Added: dev/tomcat/tomcat-9/v9.0.0/KEYS == --- dev/tomcat/tomcat-9/v9.0.0/KEYS (added) +++ dev/tomcat/tomcat-9/v9.0.0/KEYS Fri Sep 22 18:53:49 2017 @@ -0,0 +1,616 @@ +This file contains the PGP keys of various Apache developers. +Please don't use them for email unless you have to. Their main +purpose is code signing. + +Apache
svn commit: r1809331 - in /tomcat/tags/TOMCAT_9_0_0: ./ build.properties.default webapps/docs/changelog.xml
Author: markt Date: Fri Sep 22 18:19:57 2017 New Revision: 1809331 URL: http://svn.apache.org/viewvc?rev=1809331=rev Log: Tag 9.0.0 Added: tomcat/tags/TOMCAT_9_0_0/ (props changed) - copied from r1809330, tomcat/trunk/ Modified: tomcat/tags/TOMCAT_9_0_0/build.properties.default tomcat/tags/TOMCAT_9_0_0/webapps/docs/changelog.xml Propchange: tomcat/tags/TOMCAT_9_0_0/ -- bugtraq:append = false Propchange: tomcat/tags/TOMCAT_9_0_0/ -- bugtraq:label = Bugzilla ID (optional) Propchange: tomcat/tags/TOMCAT_9_0_0/ -- --- bugtraq:logregex (added) +++ bugtraq:logregex Fri Sep 22 18:19:57 2017 @@ -0,0 +1,2 @@ +(https?\://(bz|issues)\.apache\.org/bugzilla/show_bug.cgi\?id=\d+|BZ\s?\d+) +(\d+) Propchange: tomcat/tags/TOMCAT_9_0_0/ -- bugtraq:message = Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=%BUGID% Propchange: tomcat/tags/TOMCAT_9_0_0/ -- bugtraq:url = https://bz.apache.org/bugzilla/show_bug.cgi?id=%BUGID% Propchange: tomcat/tags/TOMCAT_9_0_0/ -- --- svn:ignore (added) +++ svn:ignore Fri Sep 22 18:19:57 2017 @@ -0,0 +1,8 @@ +.* +build.properties +logs +nbproject +output +work +*.iml +temp Propchange: tomcat/tags/TOMCAT_9_0_0/ -- svn:mergeinfo = /tomcat/tc8.5.x/trunk:1802799,1808880 Propchange: tomcat/tags/TOMCAT_9_0_0/ -- svnmailer:content-charset = utf-8 Modified: tomcat/tags/TOMCAT_9_0_0/build.properties.default URL: http://svn.apache.org/viewvc/tomcat/tags/TOMCAT_9_0_0/build.properties.default?rev=1809331=1809330=1809331=diff == --- tomcat/tags/TOMCAT_9_0_0/build.properties.default (original) +++ tomcat/tags/TOMCAT_9_0_0/build.properties.default Fri Sep 22 18:19:57 2017 @@ -27,7 +27,7 @@ version.major=9 version.minor=0 version.build=0 version.patch=0 -version.suffix=-dev +version.suffix= # - Build control flags - # Note enabling validation uses Checkstyle which is LGPL licensed Modified: tomcat/tags/TOMCAT_9_0_0/webapps/docs/changelog.xml URL: http://svn.apache.org/viewvc/tomcat/tags/TOMCAT_9_0_0/webapps/docs/changelog.xml?rev=1809331=1809330=1809331=diff == --- tomcat/tags/TOMCAT_9_0_0/webapps/docs/changelog.xml (original) +++ tomcat/tags/TOMCAT_9_0_0/webapps/docs/changelog.xml Fri Sep 22 18:19:57 2017 @@ -44,7 +44,7 @@ They eventually become mixed with the numbered issues. (I.e., numbered issues do not "pop up" wrt. others). --> - + - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: Servlet 4.0 implementation status
On 22/09/17 15:16, Konstantin Kolinko wrote: > 2017-09-22 0:16 GMT+03:00 Mark Thomas: >> Hi all, >> >> As of a few minutes ago the Servlet 4.0 API implementation in 9.0.x is >> aligned with the 4.0 final release. It is also fully implemented. That >> opens up the possibility of both beta and stable labels for the next >> 9.0.x release. It also means that the next release will be a point >> release, not a milestone release. >> >> I'll update the version number info accordingly shortly. > > Reviewing appendix A.1 "Changes Since Servlet 3.1" of Servlet 4.0 > spec, I noted two points: > > "8. Clarify metadata-complete in Section 8.1, “Annotations and pluggability”." > > Section 8.1. clarifies that the following annotations must be > processed even when metadata-complete="false": > > "Annotations that do not have equivalents in the deployment XSD include > javax.servlet.annotation.HandlesTypes and all of the CDI-related > annotations. These annotations must be processed during annotation scanning, > regardless of the value of “metadata-complete”." I think we are compliant here. We do look for HandlesTypes matches when metadata-complete="true" and we don't provide a CDI implementation. > > The code in DefaultInstanceManager > [[[ > private Object newInstance(Object instance, Class clazz) > throws IllegalAccessException, InvocationTargetException, > NamingException { > if (!ignoreAnnotations) { > Map injections = > assembleInjectionsFromClassHierarchy(clazz); > populateAnnotationsCache(clazz, injections); > processAnnotations(instance, injections); > postConstruct(instance, clazz); > } > return instance; > } > ]]] > > "ignoreAnnotations" flag turns all annotation processing off. I think that is consistent with 8.1 that lists all the annotations that can be ignored with metadata-complete="true". > "13. Remove DTDs and Schemas from binary artifact for Servlet API." > > I do not mind us continuing shipping those resources, > but maybe there was some reason for their removal? Let me check back in the EG archives... we intentionally stopped including the DTDs and XSDs in the javax.servlet:javax.servlet-api JAR, because they are better maintained outside of that jar. In the case of GlassFish, they end up in the dtds and schemas directories, respectively. Looks like a Glassfish packaging decision. I'm not seeing a need to package these elsewhere in Tomcat. Mark - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: Servlet 4.0 implementation status
2017-09-22 0:16 GMT+03:00 Mark Thomas: > Hi all, > > As of a few minutes ago the Servlet 4.0 API implementation in 9.0.x is > aligned with the 4.0 final release. It is also fully implemented. That > opens up the possibility of both beta and stable labels for the next > 9.0.x release. It also means that the next release will be a point > release, not a milestone release. > > I'll update the version number info accordingly shortly. Reviewing appendix A.1 "Changes Since Servlet 3.1" of Servlet 4.0 spec, I noted two points: "8. Clarify metadata-complete in Section 8.1, “Annotations and pluggability”." Section 8.1. clarifies that the following annotations must be processed even when metadata-complete="false": "Annotations that do not have equivalents in the deployment XSD include javax.servlet.annotation.HandlesTypes and all of the CDI-related annotations. These annotations must be processed during annotation scanning, regardless of the value of “metadata-complete”." The code in DefaultInstanceManager [[[ private Object newInstance(Object instance, Class clazz) throws IllegalAccessException, InvocationTargetException, NamingException { if (!ignoreAnnotations) { Map injections = assembleInjectionsFromClassHierarchy(clazz); populateAnnotationsCache(clazz, injections); processAnnotations(instance, injections); postConstruct(instance, clazz); } return instance; } ]]] "ignoreAnnotations" flag turns all annotation processing off. "13. Remove DTDs and Schemas from binary artifact for Servlet API." I do not mind us continuing shipping those resources, but maybe there was some reason for their removal? Best regards, Konstantin Kolinko - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 61542] Apache Tomcat Remote Code Execution via JSP Upload bypass
https://bz.apache.org/bugzilla/show_bug.cgi?id=61542 Mark Thomaschanged: What|Removed |Added Status|NEW |RESOLVED Resolution|--- |FIXED --- Comment #11 from Mark Thomas --- Fixed in: - trunk for 9.0.0 onwards - 8.5.x for 8.5.22 onwards - 8.0.x for 8.0.47 onwards - 7.0.x for 7.0.82 onwards I'm on the fence regarding the suggested documentation change. If a sysadmin doesn't understand what enabling HTTP PUT and/or DELETE means I don't think any realistic amount of documentation is going to result in a correctly secured Tomcat instance. Maybe what we need is a link to the security page from every setting called out in the security page. Something to ponder / discuss on the dev@ list. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1809317 - in /tomcat/trunk: java/org/apache/coyote/http11/AbstractHttp11Protocol.java java/org/apache/coyote/http11/Http11Processor.java webapps/docs/changelog.xml webapps/docs/config/htt
Author: markt Date: Fri Sep 22 14:06:39 2017 New Revision: 1809317 URL: http://svn.apache.org/viewvc?rev=1809317=rev Log: Make host header / request line consistency check configurable since it is a new requirement in RFC 7230 Modified: tomcat/trunk/java/org/apache/coyote/http11/AbstractHttp11Protocol.java tomcat/trunk/java/org/apache/coyote/http11/Http11Processor.java tomcat/trunk/webapps/docs/changelog.xml tomcat/trunk/webapps/docs/config/http.xml Modified: tomcat/trunk/java/org/apache/coyote/http11/AbstractHttp11Protocol.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/coyote/http11/AbstractHttp11Protocol.java?rev=1809317=1809316=1809317=diff == --- tomcat/trunk/java/org/apache/coyote/http11/AbstractHttp11Protocol.java (original) +++ tomcat/trunk/java/org/apache/coyote/http11/AbstractHttp11Protocol.java Fri Sep 22 14:06:39 2017 @@ -91,6 +91,29 @@ public abstract class AbstractHttp11Prot // HTTP specific properties // -- managed in the ProtocolHandler +private boolean allowHostHeaderMismatch = false; +/** + * Will Tomcat accept an HTTP 1.1 request where the host header does not + * agree with the host specified (if any) in the request line? + * + * @return {@code true} if Tomcat will allow such requests, otherwise + * {@code false} + */ +public boolean getAllowHostHeaderMismatch() { +return allowHostHeaderMismatch; +} +/** + * Will Tomcat accept an HTTP 1.1 request where the host header does not + * agree with the host specified (if any) in the request line? + * + * @param allowHostHeaderMismatch {@code true} to allow such requests, + *{@code false} to reject them with a 400 + */ +public void setAllowHostHeaderMismatch(boolean allowHostHeaderMismatch) { +this.allowHostHeaderMismatch = allowHostHeaderMismatch; +} + + private boolean rejectIllegalHeaderName = true; /** * If an HTTP request is received that contains an illegal header name (i.e. Modified: tomcat/trunk/java/org/apache/coyote/http11/Http11Processor.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/coyote/http11/Http11Processor.java?rev=1809317=1809316=1809317=diff == --- tomcat/trunk/java/org/apache/coyote/http11/Http11Processor.java (original) +++ tomcat/trunk/java/org/apache/coyote/http11/Http11Processor.java Fri Sep 22 14:06:39 2017 @@ -782,10 +782,22 @@ public class Http11Processor extends Abs // the Host header if (!hostValueMB.getByteChunk().equals( uriB, uriBCStart + pos, slashPos - pos)) { -response.setStatus(400); -setErrorState(ErrorState.CLOSE_CLEAN, null); -if (log.isDebugEnabled()) { - log.debug(sm.getString("http11processor.request.inconsistentHosts")); +if (protocol.getAllowHostHeaderMismatch()) { +// The requirements of RFC 2616 are being +// applied. If the host header and the request +// line do not agree, the request line takes +// precedence +hostValueMB = headers.setValue("host"); +hostValueMB.setBytes(uriB, uriBCStart + pos, slashPos - pos); +} else { +// The requirements of RFC 7230 are being +// applied. If the host header and the request +// line do not agree, trigger a 400 response. +response.setStatus(400); +setErrorState(ErrorState.CLOSE_CLEAN, null); +if (log.isDebugEnabled()) { + log.debug(sm.getString("http11processor.request.inconsistentHosts")); +} } } } Modified: tomcat/trunk/webapps/docs/changelog.xml URL: http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1809317=1809316=1809317=diff == --- tomcat/trunk/webapps/docs/changelog.xml (original) +++ tomcat/trunk/webapps/docs/changelog.xml Fri Sep 22 14:06:39 2017 @@ -79,7 +79,10 @@ Implement the requirements of RFC 7230 that any HTTP/1.1 request that specifies a host in the request line, must specify the same
buildbot success in on tomcat-trunk
The Buildbot has detected a restored build on builder tomcat-trunk while building . Full details are available at: https://ci.apache.org/builders/tomcat-trunk/builds/2712 Buildbot URL: https://ci.apache.org/ Buildslave for this Build: silvanus_ubuntu Build Reason: The AnyBranchScheduler scheduler named 'on-tomcat-commit' triggered this build Build Source Stamp: [branch tomcat/trunk] 1809300 Blamelist: markt Build succeeded! Sincerely, -The Buildbot - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[GitHub] tomcat pull request #:
Github user vmassol commented on the pull request: https://github.com/apache/tomcat/commit/eb195bebac8239b994fa921aeedb136a93e4ccaf#commitcomment-24486575 In java/org/apache/catalina/Context.java: In java/org/apache/catalina/Context.java on line 1790: Thanks --- - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[GitHub] tomcat pull request #:
Github user efge commented on the pull request: https://github.com/apache/tomcat/commit/eb195bebac8239b994fa921aeedb136a93e4ccaf#commitcomment-24486403 In java/org/apache/catalina/Context.java: In java/org/apache/catalina/Context.java on line 1790: FYI this was backported for 7.0.81 (be895e53fffc092fa0b5eefe49dbad31b4069057) --- - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
buildbot success in on tomcat-8-trunk
The Buildbot has detected a restored build on builder tomcat-8-trunk while building . Full details are available at: https://ci.apache.org/builders/tomcat-8-trunk/builds/1129 Buildbot URL: https://ci.apache.org/ Buildslave for this Build: silvanus_ubuntu Build Reason: The AnyBranchScheduler scheduler named 'on-tomcat-8-commit' triggered this build Build Source Stamp: [branch tomcat/tc8.0.x/trunk] 1809296 Blamelist: markt Build succeeded! Sincerely, -The Buildbot - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
buildbot failure in on tomcat-7-trunk
The Buildbot has detected a new failure on builder tomcat-7-trunk while building . Full details are available at: https://ci.apache.org/builders/tomcat-7-trunk/builds/879 Buildbot URL: https://ci.apache.org/ Buildslave for this Build: silvanus_ubuntu Build Reason: The AnyBranchScheduler scheduler named 'on-tomcat-7-commit' triggered this build Build Source Stamp: [branch tomcat/tc7.0.x/trunk] 1809298 Blamelist: markt BUILD FAILED: failed compile_1 Sincerely, -The Buildbot - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 61542] Apache Tomcat Remote Code Execution via JSP Upload bypass
https://bz.apache.org/bugzilla/show_bug.cgi?id=61542 --- Comment #10 from Peter Stöckli--- Created attachment 35361 --> https://bz.apache.org/bugzilla/attachment.cgi?id=35361=edit proposal to improve doc of the readonly flag First of all: your work is greatly appreciated! And I didn't know that Tomcat is also widely used as WebDAV server. So it makes sense to keep that option. Attached is a patch that could help improve the documentation of the readonly flag. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1809300 - /tomcat/trunk/java/org/apache/catalina/authenticator/SpnegoAuthenticator.java
Author: markt Date: Fri Sep 22 10:59:13 2017 New Revision: 1809300 URL: http://svn.apache.org/viewvc?rev=1809300=rev Log: Trivial clean-up to trigger a CI build Modified: tomcat/trunk/java/org/apache/catalina/authenticator/SpnegoAuthenticator.java Modified: tomcat/trunk/java/org/apache/catalina/authenticator/SpnegoAuthenticator.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/authenticator/SpnegoAuthenticator.java?rev=1809300=1809299=1809300=diff == --- tomcat/trunk/java/org/apache/catalina/authenticator/SpnegoAuthenticator.java (original) +++ tomcat/trunk/java/org/apache/catalina/authenticator/SpnegoAuthenticator.java Fri Sep 22 10:59:13 2017 @@ -45,7 +45,6 @@ import org.ietf.jgss.GSSException; import org.ietf.jgss.GSSManager; import org.ietf.jgss.Oid; - /** * A SPNEGO authenticator that uses the SPNEGO/Kerberos support built in to Java * 6. Successful Kerberos authentication depends on the correct configuration of - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1809298 - /tomcat/tc7.0.x/trunk/java/org/apache/naming/resources/FileDirContext.java
Author: markt Date: Fri Sep 22 10:39:51 2017 New Revision: 1809298 URL: http://svn.apache.org/viewvc?rev=1809298=rev Log: Code clean-up as a result of code reviews - Minor performance optimisation - Simplify code - Additional commentary Modified: tomcat/tc7.0.x/trunk/java/org/apache/naming/resources/FileDirContext.java Modified: tomcat/tc7.0.x/trunk/java/org/apache/naming/resources/FileDirContext.java URL: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/naming/resources/FileDirContext.java?rev=1809298=1809297=1809298=diff == --- tomcat/tc7.0.x/trunk/java/org/apache/naming/resources/FileDirContext.java (original) +++ tomcat/tc7.0.x/trunk/java/org/apache/naming/resources/FileDirContext.java Fri Sep 22 10:39:51 2017 @@ -815,53 +815,69 @@ public class FileDirContext extends Base // If the requested names ends in '/', the Java File API will return a // matching file if one exists. This isn't what we want as it is not // consistent with the Servlet spec rules for request mapping. -if (file.isFile() && name.endsWith("/")) { +if (name.endsWith("/") && file.isFile()) { return null; } -if (!mustExist || file.exists() && file.canRead()) { +// If the file/dir must exist but the identified file/dir can't be read +// then signal that the resource was not found +if (mustExist && !file.canRead()) { +return null; +} -if (allowLinking) -return file; +// If allow linking is enabled, files are not limited to being located +// under the fileBase so all further checks are disabled. +if (allowLinking) +return file; + +// Check that this file is located under the web application root +String canPath = null; +try { +canPath = file.getCanonicalPath(); +} catch (IOException e) { +// Ignore +} +if (canPath == null || !canPath.startsWith(absoluteBase)) { +return null; +} -// Check that this file belongs to our root path -String canPath = null; -try { -canPath = file.getCanonicalPath(); -} catch (IOException e) { -// Ignore -} -if (canPath == null) -return null; - -// Check to see if going outside of the web application root -if (!canPath.startsWith(absoluteBase)) { -return null; -} - -// Case sensitivity check - this is now always done -String fileAbsPath = file.getAbsolutePath(); -if (fileAbsPath.endsWith(".")) -fileAbsPath = fileAbsPath + "/"; -String absPath = normalize(fileAbsPath); -canPath = normalize(canPath); -if ((absoluteBase.length() < absPath.length()) -&& (absoluteBase.length() < canPath.length())) { -absPath = absPath.substring(absoluteBase.length() + 1); -if (absPath.equals("")) -absPath = "/"; -canPath = canPath.substring(absoluteBase.length() + 1); -if (canPath.equals("")) -canPath = "/"; -if (!canPath.equals(absPath)) -return null; -} +// Ensure that the file is not outside the fileBase. This should not be +// possible for standard requests (the request is normalized early in +// the request processing) but might be possible for some access via the +// Servlet API (RequestDispatcher, HTTP/2 push etc.) therefore these +// checks are retained as an additional safety measure +// absoluteBase has been normalized so absPath needs to be normalized as +// well. +String absPath = normalize(file.getAbsolutePath()); +if ((absoluteBase.length() > absPath.length())) { +return null; +} -} else { +// Remove the fileBase location from the start of the paths since that +// was not part of the requested path and the remaining check only +// applies to the request path +absPath = absPath.substring(absoluteBase.length()); +canPath = canPath.substring(absoluteBase.length()); + +// Case sensitivity check +// The normalized requested path should be an exact match the equivalent +// canonical path. If it is not, possible reasons include: +// - case differences on case insensitive file systems +// - Windows removing a trailing ' ' or '.' from the file name +// +// In all cases, a mis-match here results in the resource not being +// found +// +// absPath is normalized so canPath needs to be normalized as well +//
svn commit: r1809296 - in /tomcat/tc8.0.x/trunk: ./ java/org/apache/catalina/webresources/AbstractFileResourceSet.java
Author: markt Date: Fri Sep 22 10:29:45 2017 New Revision: 1809296 URL: http://svn.apache.org/viewvc?rev=1809296=rev Log: Additional clean-up Modified: tomcat/tc8.0.x/trunk/ (props changed) tomcat/tc8.0.x/trunk/java/org/apache/catalina/webresources/AbstractFileResourceSet.java Propchange: tomcat/tc8.0.x/trunk/ -- --- svn:mergeinfo (original) +++ svn:mergeinfo Fri Sep 22 10:29:45 2017 @@ -1,2 +1,2 @@ /tomcat/tc8.5.x/trunk:1735042,1737966,1743139-1743140,1744151,1747537,1747925,1748002,1754614,1754643,1762124,1762183,1762203,1763792,1772948,1777014,1779719,1782037,1782240,1782386-1782387,1785669,1786845,1788249,1788324,1788905,1789216,1789335,1791528,1791558,1796697-1796698,1797521,1798543,1799162,1800143,1801693,1802805,1806799,1807079-1807080,1808880 -/tomcat/trunk:1636524,1637156,1637176,1637188,1637331,1637684,1637695,1637890,1637892,1638720-1638725,1639653,1640010,1640083-1640084,1640088,1640275,1640322,1640347,1640361,1640365,1640403,1640410,1640652,1640655-1640658,1640688,1640700-1640883,1640903,1640976,1640978,1641000,1641026,1641038-1641039,1641051-1641052,1641058,1641064,1641300,1641369,1641374,1641380,1641486,1641634,1641656-1641692,1641704,1641707-1641718,1641720-1641722,1641735,1641981,1642233,1642280,1642554,1642564,1642595,1642606,1642668,1642679,1642697,1642699,1642766,1643002,1643045,1643054-1643055,1643066,1643121,1643128,1643206,1643209-1643210,1643216,1643249,1643270,1643283,1643309-1643310,1643323,1643365-1643366,1643370-1643371,1643465,1643474,1643536,1643570,1643634,1643649,1643651,1643654,1643675,1643731,1643733-1643734,1643761,1643766,1643814,1643937,1643963,1644017,1644169,1644201-1644203,1644321,1644323,1644516,1644523,1644529,1644535,1644730,1644768,1644784-1644785,1644790,1644793,1644815,1644884,1644886 ,1644890,1644892,1644910,1644924,1644929-1644930,1644935,1644989,1645011,1645247,1645355,1645357-1645358,1645455,1645465,1645469,1645471,1645473,1645475,1645486-1645488,1645626,1645641,1645685,1645743,1645763,1645951-1645953,1645955,1645993,1646098-1646106,1646178,1646220,1646302,1646304,1646420,1646470-1646471,1646476,1646559,1646717-1646723,1646773,1647026,1647042,1647530,1647655,1648304,1648815,1648907,1649973,1650081,1650365,1651116,1651120,1651280,1651470,1652938,1652970,1653041,1653471,1653550,1653574,1653797,1653815-1653816,1653819,1653840,1653857,1653888,1653972,1654013,1654030,1654050,1654123,1654148,1654159,1654513,1654515,1654517,1654522,1654524,1654725,1654735,1654766,1654785,1654851-1654852,1654978,1655122-1655124,1655126-1655127,1655129-1655130,1655132-1655133,1655312,1655351,1655438,1655441,1655454,168,1656087,1656299,1656319,1656331,1656345,1656350,1656590,1656648-1656650,1656657,1657041,1657054,1657374,1657492,1657510,1657565,1657580,1657584,1657586,1657589,1657 592,1657607,1657609,1657682,1657907,1658207,1658734,1658781,1658790,1658799,1658802,1658804,1658833,1658840,1658966,1659043,1659053,1659059,1659174,1659184,1659188-1659189,1659216,1659263,1659293,1659304,1659306-1659307,1659382,1659384,1659428,1659471,1659486,1659505,1659516,1659521,1659524,1659559,1659562,1659803,1659806,1659814,1659833,1659862,1659905,1659919,1659948,1659967,1659983-1659984,1660060,1660074,1660077,1660133,1660168,1660331-1660332,1660353,1660358,1660924,1661386,1661770,1661867,1661972,1661990,1662200,1662308-1662309,1662548,1662614,1662696,1662736,1662985,1662988-1662989,1663264,1663277,1663298,1663534,1663562,1663676,1663715,1663754,1663768,1663772,1663781,1663893,1663995,1664143,1664163,1664174,1664301,1664317,1664347,1664657,1664659,1664710,1664863-1664864,1664866,1665085,1665292,1665559,1665653,1665661,1665672,1665694,1665697,1665736,1665779,1665976-1665977,1665980-1665981,1665985-1665986,1665989,1665998,1666004,1666008,1666013,1666017,1666024,1666116,1666386-1 666387,1666494,1666496,1666552,1666569,1666579,137,149,1666757,1666966,1666972,1666985,1666995,1666997,1667292,1667402,1667406,1667546,1667615,1667630,1667636,1667688,1667764,1667871,1668026,1668135,1668193,1668593,1668596,1668630,1668639,1668843,1669353,1669370,1669451,1669800,1669838,1669876,1669882,1670394,1670433,1670591,1670598-1670600,1670610,1670631,1670719,1670724,1670726,1670730,1670940,1671112,1672272,1672284,1673754,1674294,1675461,1675486,1675594,1675830,1676231,1676250-1676251,1676364,1676381,1676393,1676479,1676525,1676552,1676615,1676630,1676634,1676721,1676926,1676943,1677140,1677802,1678011,1678162,1678174,1678339,1678426-1678427,1678694,1678701,1679534,1679708,1679710,1679716,1680034,1680246,1681056,1681123,1681138,1681280,1681283,1681286,1681450,1681697,1681699,1681701,1681729,1681770,1681779,1681793,1681807,1681837-1681838,1681854,1681862,1681958,1682028,1682033,1682311,1682315,1682317,1682320,1682324,1682330,1682842,1684172,1684366,1684383,1684526-168452
svn commit: r1809293 - in /tomcat/tc7.0.x/trunk: java/org/apache/naming/resources/FileDirContext.java webapps/docs/changelog.xml
Author: markt Date: Fri Sep 22 10:18:29 2017 New Revision: 1809293 URL: http://svn.apache.org/viewvc?rev=1809293=rev Log: Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=61542 Remainder of fix for CVE-2017-12617 This ensures that a path specified for creation of a file does not end in '/' since that is dropped by the File API. Modified: tomcat/tc7.0.x/trunk/java/org/apache/naming/resources/FileDirContext.java tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml Modified: tomcat/tc7.0.x/trunk/java/org/apache/naming/resources/FileDirContext.java URL: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/naming/resources/FileDirContext.java?rev=1809293=1809292=1809293=diff == --- tomcat/tc7.0.x/trunk/java/org/apache/naming/resources/FileDirContext.java (original) +++ tomcat/tc7.0.x/trunk/java/org/apache/naming/resources/FileDirContext.java Fri Sep 22 10:18:29 2017 @@ -476,11 +476,16 @@ public class FileDirContext extends Base * @exception NamingException if a naming exception is encountered */ @Override -public void bind(String name, Object obj, Attributes attrs) -throws NamingException { +public void bind(String name, Object obj, Attributes attrs) throws NamingException { // Note: No custom attributes allowed +// bind() is meant to create a file so ensure that the path doesn't end +// in '/' +if (name.endsWith("/")) { +throw new NamingException(sm.getString("resources.bindFailed", name)); +} + File file = file(name, false); if (file == null) { throw new NamingException(sm.getString("resources.bindFailed", name)); Modified: tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml URL: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml?rev=1809293=1809292=1809293=diff == --- tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml (original) +++ tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml Fri Sep 22 10:18:29 2017 @@ -90,6 +90,11 @@ DirContext that represented the web application in a ProxyDirContext twice rather than just once. (markt) + +61542: Fix CVE-2017-12617 and prevent JSPs from being +uploaded via a specially crafted request when HTTP PUT was enabled. +(markt) + - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1809288 - in /tomcat/tc7.0.x/trunk: java/org/apache/catalina/servlets/ java/org/apache/naming/resources/ test/org/apache/naming/resources/
Author: markt Date: Fri Sep 22 09:46:02 2017 New Revision: 1809288 URL: http://svn.apache.org/viewvc?rev=1809288=rev Log: Partial fix for CVE-2017-12617 This moves a check from the Default servlet where it applied to GET, POST, HEAD and OPTIONS to the resources implementation where it applies to any method that expects the resource to exist (e.g.DELETE) Still need to address the case where the resource does not exist (e.g. PUT) Added: tomcat/tc7.0.x/trunk/test/org/apache/naming/resources/TestFileDirContext.java (with props) Modified: tomcat/tc7.0.x/trunk/java/org/apache/catalina/servlets/DefaultServlet.java tomcat/tc7.0.x/trunk/java/org/apache/naming/resources/FileDirContext.java tomcat/tc7.0.x/trunk/java/org/apache/naming/resources/VirtualDirContext.java Modified: tomcat/tc7.0.x/trunk/java/org/apache/catalina/servlets/DefaultServlet.java URL: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/catalina/servlets/DefaultServlet.java?rev=1809288=1809287=1809288=diff == --- tomcat/tc7.0.x/trunk/java/org/apache/catalina/servlets/DefaultServlet.java (original) +++ tomcat/tc7.0.x/trunk/java/org/apache/catalina/servlets/DefaultServlet.java Fri Sep 22 09:46:02 2017 @@ -860,23 +860,6 @@ public class DefaultServlet return; } -// If the resource is not a collection, and the resource path -// ends with "/" or "\", return NOT FOUND -if (cacheEntry.context == null) { -if (path.endsWith("/") || (path.endsWith("\\"))) { -// Check if we're included so we can return the appropriate -// missing resource name in the error -String requestUri = (String) request.getAttribute( -RequestDispatcher.INCLUDE_REQUEST_URI); -if (requestUri == null) { -requestUri = request.getRequestURI(); -} -response.sendError(HttpServletResponse.SC_NOT_FOUND, - requestUri); -return; -} -} - // Check if the conditions specified in the optional If headers are // satisfied. if (cacheEntry.context == null) { Modified: tomcat/tc7.0.x/trunk/java/org/apache/naming/resources/FileDirContext.java URL: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/naming/resources/FileDirContext.java?rev=1809288=1809287=1809288=diff == --- tomcat/tc7.0.x/trunk/java/org/apache/naming/resources/FileDirContext.java (original) +++ tomcat/tc7.0.x/trunk/java/org/apache/naming/resources/FileDirContext.java Fri Sep 22 09:46:02 2017 @@ -801,11 +801,18 @@ public class FileDirContext extends Base */ protected File file(String name, boolean mustExist) { File file = new File(base, name); -return validate(file, mustExist, absoluteBase); +return validate(file, name, mustExist, absoluteBase); } -protected File validate(File file, boolean mustExist, String absoluteBase) { +protected File validate(File file, String name, boolean mustExist, String absoluteBase) { + +// If the requested names ends in '/', the Java File API will return a +// matching file if one exists. This isn't what we want as it is not +// consistent with the Servlet spec rules for request mapping. +if (file.isFile() && name.endsWith("/")) { +return null; +} if (!mustExist || file.exists() && file.canRead()) { Modified: tomcat/tc7.0.x/trunk/java/org/apache/naming/resources/VirtualDirContext.java URL: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/naming/resources/VirtualDirContext.java?rev=1809288=1809287=1809288=diff == --- tomcat/tc7.0.x/trunk/java/org/apache/naming/resources/VirtualDirContext.java (original) +++ tomcat/tc7.0.x/trunk/java/org/apache/naming/resources/VirtualDirContext.java Fri Sep 22 09:46:02 2017 @@ -163,7 +163,7 @@ public class VirtualDirContext extends F String resourcesDir = dirList.get(0); if (name.equals(path)) { File f = new File(resourcesDir); -f = validate(f, true, resourcesDir); +f = validate(f, name, true, resourcesDir); if (f != null) { return new FileResourceAttributes(f); } @@ -171,8 +171,8 @@ public class VirtualDirContext extends F path += "/"; if (name.startsWith(path)) { String res = name.substring(path.length()); -File f = new File(resourcesDir + "/" + res); -f = validate(f, true, resourcesDir); +
svn commit: r1809286 - in /tomcat/tc7.0.x/trunk/test/org/apache/naming/resources: TestProxyDirContext.java TestWarDirContext.java
Author: markt Date: Fri Sep 22 09:26:41 2017 New Revision: 1809286 URL: http://svn.apache.org/viewvc?rev=1809286=rev Log: Fix IDE warnings in this package (the comments aren't intended to be used to generate Javadoc) Modified: tomcat/tc7.0.x/trunk/test/org/apache/naming/resources/TestProxyDirContext.java tomcat/tc7.0.x/trunk/test/org/apache/naming/resources/TestWarDirContext.java Modified: tomcat/tc7.0.x/trunk/test/org/apache/naming/resources/TestProxyDirContext.java URL: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/test/org/apache/naming/resources/TestProxyDirContext.java?rev=1809286=1809285=1809286=diff == --- tomcat/tc7.0.x/trunk/test/org/apache/naming/resources/TestProxyDirContext.java (original) +++ tomcat/tc7.0.x/trunk/test/org/apache/naming/resources/TestProxyDirContext.java Fri Sep 22 09:26:41 2017 @@ -32,7 +32,7 @@ import org.apache.catalina.startup.Tomca */ public class TestProxyDirContext extends TomcatBaseTest { -/** +/* * lookup doesn't always throw the same exception. */ @Test Modified: tomcat/tc7.0.x/trunk/test/org/apache/naming/resources/TestWarDirContext.java URL: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/test/org/apache/naming/resources/TestWarDirContext.java?rev=1809286=1809285=1809286=diff == --- tomcat/tc7.0.x/trunk/test/org/apache/naming/resources/TestWarDirContext.java (original) +++ tomcat/tc7.0.x/trunk/test/org/apache/naming/resources/TestWarDirContext.java Fri Sep 22 09:26:41 2017 @@ -44,7 +44,7 @@ public class TestWarDirContext extends T new JreMemoryLeakPreventionListener()); } -/** +/* * Check https://jira.springsource.org/browse/SPR-7350 isn't really an issue */ @Test @@ -64,7 +64,7 @@ public class TestWarDirContext extends T } -/** +/* * Additional test following on from SPR-7350 above to check files that * contain JNDI reserved characters can be served when caching is enabled. */ @@ -94,7 +94,7 @@ public class TestWarDirContext extends T } -/** +/* * Additional test following on from SPR-7350 above to check files that * contain JNDI reserved characters can be served when caching is disabled. */ - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 61542] Apache Tomcat Remote Code Execution via JSP Upload bypass
https://bz.apache.org/bugzilla/show_bug.cgi?id=61542 --- Comment #9 from Mark Thomas--- Indeed. Lots of folks run Tomcat with WebDAV on internal sites. Hard-coding readonly to true is simply not an option. Regarding better documentation, patches welcome. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 61542] Apache Tomcat Remote Code Execution via JSP Upload bypass
https://bz.apache.org/bugzilla/show_bug.cgi?id=61542 --- Comment #8 from Remy Maucherat--- (In reply to Peter Stöckli from comment #7) > Isn't the mere existence of the readonly parameter also part of the problem? > > https://tomcat.apache.org/tomcat-7.0-doc/default-servlet.html > It is currently documented as "Is this context "read only", so HTTP commands > like PUT and DELETE are rejected? [true]" > > But it holds more "surprises". IMHO this parameter should NEVER be set to > false. Maybe it can be removed or the documentation of this parameter can be > improved? Have you ever heard of WebDAV ? Obviously if we were writing Tomcat today, we would never bother implementing it. Also obviously, nobody running a public server should enable it, secured or not. But it's not going to be removed either. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1809285 - in /tomcat/tc8.0.x/trunk: ./ java/org/apache/catalina/webresources/AbstractFileResourceSet.java
Author: markt Date: Fri Sep 22 09:10:11 2017 New Revision: 1809285 URL: http://svn.apache.org/viewvc?rev=1809285=rev Log: Code clean-up as a result of code reviews - Minor performance optimisation - Simplify code - Additional commentary - Correctly convert \ to / on platforms that use \ as a separator (e.g. Windows) Modified: tomcat/tc8.0.x/trunk/ (props changed) tomcat/tc8.0.x/trunk/java/org/apache/catalina/webresources/AbstractFileResourceSet.java Propchange: tomcat/tc8.0.x/trunk/ -- --- svn:mergeinfo (original) +++ svn:mergeinfo Fri Sep 22 09:10:11 2017 @@ -1,2 +1,2 @@ /tomcat/tc8.5.x/trunk:1735042,1737966,1743139-1743140,1744151,1747537,1747925,1748002,1754614,1754643,1762124,1762183,1762203,1763792,1772948,1777014,1779719,1782037,1782240,1782386-1782387,1785669,1786845,1788249,1788324,1788905,1789216,1789335,1791528,1791558,1796697-1796698,1797521,1798543,1799162,1800143,1801693,1802805,1806799,1807079-1807080,1808880 -/tomcat/trunk:1636524,1637156,1637176,1637188,1637331,1637684,1637695,1637890,1637892,1638720-1638725,1639653,1640010,1640083-1640084,1640088,1640275,1640322,1640347,1640361,1640365,1640403,1640410,1640652,1640655-1640658,1640688,1640700-1640883,1640903,1640976,1640978,1641000,1641026,1641038-1641039,1641051-1641052,1641058,1641064,1641300,1641369,1641374,1641380,1641486,1641634,1641656-1641692,1641704,1641707-1641718,1641720-1641722,1641735,1641981,1642233,1642280,1642554,1642564,1642595,1642606,1642668,1642679,1642697,1642699,1642766,1643002,1643045,1643054-1643055,1643066,1643121,1643128,1643206,1643209-1643210,1643216,1643249,1643270,1643283,1643309-1643310,1643323,1643365-1643366,1643370-1643371,1643465,1643474,1643536,1643570,1643634,1643649,1643651,1643654,1643675,1643731,1643733-1643734,1643761,1643766,1643814,1643937,1643963,1644017,1644169,1644201-1644203,1644321,1644323,1644516,1644523,1644529,1644535,1644730,1644768,1644784-1644785,1644790,1644793,1644815,1644884,1644886 ,1644890,1644892,1644910,1644924,1644929-1644930,1644935,1644989,1645011,1645247,1645355,1645357-1645358,1645455,1645465,1645469,1645471,1645473,1645475,1645486-1645488,1645626,1645641,1645685,1645743,1645763,1645951-1645953,1645955,1645993,1646098-1646106,1646178,1646220,1646302,1646304,1646420,1646470-1646471,1646476,1646559,1646717-1646723,1646773,1647026,1647042,1647530,1647655,1648304,1648815,1648907,1649973,1650081,1650365,1651116,1651120,1651280,1651470,1652938,1652970,1653041,1653471,1653550,1653574,1653797,1653815-1653816,1653819,1653840,1653857,1653888,1653972,1654013,1654030,1654050,1654123,1654148,1654159,1654513,1654515,1654517,1654522,1654524,1654725,1654735,1654766,1654785,1654851-1654852,1654978,1655122-1655124,1655126-1655127,1655129-1655130,1655132-1655133,1655312,1655351,1655438,1655441,1655454,168,1656087,1656299,1656319,1656331,1656345,1656350,1656590,1656648-1656650,1656657,1657041,1657054,1657374,1657492,1657510,1657565,1657580,1657584,1657586,1657589,1657 592,1657607,1657609,1657682,1657907,1658207,1658734,1658781,1658790,1658799,1658802,1658804,1658833,1658840,1658966,1659043,1659053,1659059,1659174,1659184,1659188-1659189,1659216,1659263,1659293,1659304,1659306-1659307,1659382,1659384,1659428,1659471,1659486,1659505,1659516,1659521,1659524,1659559,1659562,1659803,1659806,1659814,1659833,1659862,1659905,1659919,1659948,1659967,1659983-1659984,1660060,1660074,1660077,1660133,1660168,1660331-1660332,1660353,1660358,1660924,1661386,1661770,1661867,1661972,1661990,1662200,1662308-1662309,1662548,1662614,1662696,1662736,1662985,1662988-1662989,1663264,1663277,1663298,1663534,1663562,1663676,1663715,1663754,1663768,1663772,1663781,1663893,1663995,1664143,1664163,1664174,1664301,1664317,1664347,1664657,1664659,1664710,1664863-1664864,1664866,1665085,1665292,1665559,1665653,1665661,1665672,1665694,1665697,1665736,1665779,1665976-1665977,1665980-1665981,1665985-1665986,1665989,1665998,1666004,1666008,1666013,1666017,1666024,1666116,1666386-1
svn commit: r1809284 - in /tomcat/tc8.0.x/trunk: ./ java/org/apache/catalina/webresources/DirResourceSet.java test/org/apache/catalina/webresources/AbstractTestResourceSet.java webapps/docs/changelog.
Author: markt Date: Fri Sep 22 09:08:10 2017 New Revision: 1809284 URL: http://svn.apache.org/viewvc?rev=1809284=rev Log: Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=61542 Remainder of fix for CVE-2017-12617 This ensures that a path specified for creation of a file does not end in '/' since that is dropped by the File API. Modified: tomcat/tc8.0.x/trunk/ (props changed) tomcat/tc8.0.x/trunk/java/org/apache/catalina/webresources/DirResourceSet.java tomcat/tc8.0.x/trunk/test/org/apache/catalina/webresources/AbstractTestResourceSet.java tomcat/tc8.0.x/trunk/webapps/docs/changelog.xml Propchange: tomcat/tc8.0.x/trunk/ -- --- svn:mergeinfo (original) +++ svn:mergeinfo Fri Sep 22 09:08:10 2017 @@ -1,2 +1,2 @@ /tomcat/tc8.5.x/trunk:1735042,1737966,1743139-1743140,1744151,1747537,1747925,1748002,1754614,1754643,1762124,1762183,1762203,1763792,1772948,1777014,1779719,1782037,1782240,1782386-1782387,1785669,1786845,1788249,1788324,1788905,1789216,1789335,1791528,1791558,1796697-1796698,1797521,1798543,1799162,1800143,1801693,1802805,1806799,1807079-1807080,1808880 -/tomcat/trunk:1636524,1637156,1637176,1637188,1637331,1637684,1637695,1637890,1637892,1638720-1638725,1639653,1640010,1640083-1640084,1640088,1640275,1640322,1640347,1640361,1640365,1640403,1640410,1640652,1640655-1640658,1640688,1640700-1640883,1640903,1640976,1640978,1641000,1641026,1641038-1641039,1641051-1641052,1641058,1641064,1641300,1641369,1641374,1641380,1641486,1641634,1641656-1641692,1641704,1641707-1641718,1641720-1641722,1641735,1641981,1642233,1642280,1642554,1642564,1642595,1642606,1642668,1642679,1642697,1642699,1642766,1643002,1643045,1643054-1643055,1643066,1643121,1643128,1643206,1643209-1643210,1643216,1643249,1643270,1643283,1643309-1643310,1643323,1643365-1643366,1643370-1643371,1643465,1643474,1643536,1643570,1643634,1643649,1643651,1643654,1643675,1643731,1643733-1643734,1643761,1643766,1643814,1643937,1643963,1644017,1644169,1644201-1644203,1644321,1644323,1644516,1644523,1644529,1644535,1644730,1644768,1644784-1644785,1644790,1644793,1644815,1644884,1644886 ,1644890,1644892,1644910,1644924,1644929-1644930,1644935,1644989,1645011,1645247,1645355,1645357-1645358,1645455,1645465,1645469,1645471,1645473,1645475,1645486-1645488,1645626,1645641,1645685,1645743,1645763,1645951-1645953,1645955,1645993,1646098-1646106,1646178,1646220,1646302,1646304,1646420,1646470-1646471,1646476,1646559,1646717-1646723,1646773,1647026,1647042,1647530,1647655,1648304,1648815,1648907,1649973,1650081,1650365,1651116,1651120,1651280,1651470,1652938,1652970,1653041,1653471,1653550,1653574,1653797,1653815-1653816,1653819,1653840,1653857,1653888,1653972,1654013,1654030,1654050,1654123,1654148,1654159,1654513,1654515,1654517,1654522,1654524,1654725,1654735,1654766,1654785,1654851-1654852,1654978,1655122-1655124,1655126-1655127,1655129-1655130,1655132-1655133,1655312,1655351,1655438,1655441,1655454,168,1656087,1656299,1656319,1656331,1656345,1656350,1656590,1656648-1656650,1656657,1657041,1657054,1657374,1657492,1657510,1657565,1657580,1657584,1657586,1657589,1657 592,1657607,1657609,1657682,1657907,1658207,1658734,1658781,1658790,1658799,1658802,1658804,1658833,1658840,1658966,1659043,1659053,1659059,1659174,1659184,1659188-1659189,1659216,1659263,1659293,1659304,1659306-1659307,1659382,1659384,1659428,1659471,1659486,1659505,1659516,1659521,1659524,1659559,1659562,1659803,1659806,1659814,1659833,1659862,1659905,1659919,1659948,1659967,1659983-1659984,1660060,1660074,1660077,1660133,1660168,1660331-1660332,1660353,1660358,1660924,1661386,1661770,1661867,1661972,1661990,1662200,1662308-1662309,1662548,1662614,1662696,1662736,1662985,1662988-1662989,1663264,1663277,1663298,1663534,1663562,1663676,1663715,1663754,1663768,1663772,1663781,1663893,1663995,1664143,1664163,1664174,1664301,1664317,1664347,1664657,1664659,1664710,1664863-1664864,1664866,1665085,1665292,1665559,1665653,1665661,1665672,1665694,1665697,1665736,1665779,1665976-1665977,1665980-1665981,1665985-1665986,1665989,1665998,1666004,1666008,1666013,1666017,1666024,1666116,1666386-1
svn commit: r1809283 - in /tomcat/tc8.0.x/trunk: ./ java/org/apache/catalina/servlets/DefaultServlet.java java/org/apache/catalina/webresources/AbstractFileResourceSet.java test/org/apache/catalina/we
Author: markt Date: Fri Sep 22 09:06:38 2017 New Revision: 1809283 URL: http://svn.apache.org/viewvc?rev=1809283=rev Log: Partial fix for CVE-2017-12617 This moves a check from the Default servlet where it applied to GET, POST, HEAD and OPTIONS to the resources implementation where it applies to any method that expects the resource to exist (e.g.DELETE) Still need to address the case where the resource does not exist (e.g. PUT) Modified: tomcat/tc8.0.x/trunk/ (props changed) tomcat/tc8.0.x/trunk/java/org/apache/catalina/servlets/DefaultServlet.java tomcat/tc8.0.x/trunk/java/org/apache/catalina/webresources/AbstractFileResourceSet.java tomcat/tc8.0.x/trunk/test/org/apache/catalina/webresources/AbstractTestResourceSet.java Propchange: tomcat/tc8.0.x/trunk/ -- --- svn:mergeinfo (original) +++ svn:mergeinfo Fri Sep 22 09:06:38 2017 @@ -1,2 +1,2 @@ /tomcat/tc8.5.x/trunk:1735042,1737966,1743139-1743140,1744151,1747537,1747925,1748002,1754614,1754643,1762124,1762183,1762203,1763792,1772948,1777014,1779719,1782037,1782240,1782386-1782387,1785669,1786845,1788249,1788324,1788905,1789216,1789335,1791528,1791558,1796697-1796698,1797521,1798543,1799162,1800143,1801693,1802805,1806799,1807079-1807080,1808880 -/tomcat/trunk:1636524,1637156,1637176,1637188,1637331,1637684,1637695,1637890,1637892,1638720-1638725,1639653,1640010,1640083-1640084,1640088,1640275,1640322,1640347,1640361,1640365,1640403,1640410,1640652,1640655-1640658,1640688,1640700-1640883,1640903,1640976,1640978,1641000,1641026,1641038-1641039,1641051-1641052,1641058,1641064,1641300,1641369,1641374,1641380,1641486,1641634,1641656-1641692,1641704,1641707-1641718,1641720-1641722,1641735,1641981,1642233,1642280,1642554,1642564,1642595,1642606,1642668,1642679,1642697,1642699,1642766,1643002,1643045,1643054-1643055,1643066,1643121,1643128,1643206,1643209-1643210,1643216,1643249,1643270,1643283,1643309-1643310,1643323,1643365-1643366,1643370-1643371,1643465,1643474,1643536,1643570,1643634,1643649,1643651,1643654,1643675,1643731,1643733-1643734,1643761,1643766,1643814,1643937,1643963,1644017,1644169,1644201-1644203,1644321,1644323,1644516,1644523,1644529,1644535,1644730,1644768,1644784-1644785,1644790,1644793,1644815,1644884,1644886 ,1644890,1644892,1644910,1644924,1644929-1644930,1644935,1644989,1645011,1645247,1645355,1645357-1645358,1645455,1645465,1645469,1645471,1645473,1645475,1645486-1645488,1645626,1645641,1645685,1645743,1645763,1645951-1645953,1645955,1645993,1646098-1646106,1646178,1646220,1646302,1646304,1646420,1646470-1646471,1646476,1646559,1646717-1646723,1646773,1647026,1647042,1647530,1647655,1648304,1648815,1648907,1649973,1650081,1650365,1651116,1651120,1651280,1651470,1652938,1652970,1653041,1653471,1653550,1653574,1653797,1653815-1653816,1653819,1653840,1653857,1653888,1653972,1654013,1654030,1654050,1654123,1654148,1654159,1654513,1654515,1654517,1654522,1654524,1654725,1654735,1654766,1654785,1654851-1654852,1654978,1655122-1655124,1655126-1655127,1655129-1655130,1655132-1655133,1655312,1655351,1655438,1655441,1655454,168,1656087,1656299,1656319,1656331,1656345,1656350,1656590,1656648-1656650,1656657,1657041,1657054,1657374,1657492,1657510,1657565,1657580,1657584,1657586,1657589,1657 592,1657607,1657609,1657682,1657907,1658207,1658734,1658781,1658790,1658799,1658802,1658804,1658833,1658840,1658966,1659043,1659053,1659059,1659174,1659184,1659188-1659189,1659216,1659263,1659293,1659304,1659306-1659307,1659382,1659384,1659428,1659471,1659486,1659505,1659516,1659521,1659524,1659559,1659562,1659803,1659806,1659814,1659833,1659862,1659905,1659919,1659948,1659967,1659983-1659984,1660060,1660074,1660077,1660133,1660168,1660331-1660332,1660353,1660358,1660924,1661386,1661770,1661867,1661972,1661990,1662200,1662308-1662309,1662548,1662614,1662696,1662736,1662985,1662988-1662989,1663264,1663277,1663298,1663534,1663562,1663676,1663715,1663754,1663768,1663772,1663781,1663893,1663995,1664143,1664163,1664174,1664301,1664317,1664347,1664657,1664659,1664710,1664863-1664864,1664866,1665085,1665292,1665559,1665653,1665661,1665672,1665694,1665697,1665736,1665779,1665976-1665977,1665980-1665981,1665985-1665986,1665989,1665998,1666004,1666008,1666013,1666017,1666024,1666116,1666386-1
svn commit: r1809275 - in /tomcat/tc8.5.x/trunk: ./ java/org/apache/catalina/webresources/AbstractFileResourceSet.java
Author: markt Date: Fri Sep 22 08:03:54 2017 New Revision: 1809275 URL: http://svn.apache.org/viewvc?rev=1809275=rev Log: Code clean-up as a result of code reviews - Minor performance optimisation - Simplify code - Additional commentary - Correctly convert \ to / on platforms that use \ as a separator (e.g. Windows) Modified: tomcat/tc8.5.x/trunk/ (props changed) tomcat/tc8.5.x/trunk/java/org/apache/catalina/webresources/AbstractFileResourceSet.java Propchange: tomcat/tc8.5.x/trunk/ -- --- svn:mergeinfo (original) +++ svn:mergeinfo Fri Sep 22 08:03:54 2017 @@ -1 +1 @@ -/tomcat/trunk:1734785,1734799,1734845,1734928,1735041,1735044,1735480,1735577,1735597,1735599-1735600,1735615,1736145,1736162,1736209,1736280,1736297,1736299,1736489,1736646,1736703,1736836,1736849,1737104-1737105,1737112,1737117,1737119-1737120,1737155,1737157,1737192,1737280,1737339,1737632,1737664,1737715,1737748,1737785,1737834,1737860,1737903,1737959,1738005,1738007,1738014-1738015,1738018,1738022,1738039,1738043,1738059-1738060,1738147,1738149,1738174-1738175,1738261,1738589,1738623-1738625,1738643,1738816,1738850,1738855,1738946-1738948,1738953-1738954,1738979,1738982,1739079-1739081,1739087,1739113,1739153,1739172,1739176,1739191,1739474,1739726,1739762,1739775,1739814,1739817-1739818,1739975,1740131,1740324,1740465,1740495,1740508-1740509,1740520,1740535,1740707,1740803,1740810,1740969,1740980,1740991,1740997,1741015,1741033,1741036,1741058,1741060,1741080,1741147,1741159,1741164,1741173,1741181,1741190,1741197,1741202,1741208,1741213,1741221,1741225,1741232,1741409,1741501 ,1741677,1741892,1741896,1741984,1742023,1742042,1742071,1742090,1742093,1742101,1742105,1742111,1742139,1742146,1742148,1742166,1742181,1742184,1742187,1742246,1742248-1742251,1742263-1742264,1742268,1742276,1742369,1742387,1742448,1742509-1742512,1742917,1742919,1742933,1742975-1742976,1742984,1742986,1743019,1743115,1743117,1743124-1743125,1743134,1743425,1743554,1743679,1743696-1743698,1743700-1743701,1744058,1744064-1744065,1744125,1744194,1744229,1744270,1744323,1744432,1744684,1744697,1744705,1744713,1744760,1744786,1745083,1745142-1745143,1745145,1745177,1745179-1745180,1745227,1745248,1745254,1745337,1745467,1745473,1745535,1745576,1745735,1745744,1746304,1746306-1746307,1746319,1746327,1746338,1746340-1746341,1746344,1746427,1746441,1746473,1746490,1746492,1746495-1746496,1746499-1746501,1746503-1746507,1746509,1746549,1746551,1746554,1746556,1746558,1746584,1746620,1746649,1746724,1746939,1746989,1747014,1747028,1747035,1747210,1747225,1747234,1747253,1747404,1747506,1747 536,1747924,1747980,1747993,1748001,1748253,1748452,1748547,1748629,1748676,1748715,1749287,1749296,1749328,1749373,1749465,1749506,1749508,1749665-1749666,1749763,1749865-1749866,1749898,1749978,1749980,1750011,1750015,1750056,1750480,1750617,1750634,1750692,1750697,1750700,1750703,1750707,1750714,1750718,1750723,1750774,1750899,1750975,1750995,1751061,1751097,1751173,1751438,1751447,1751463,1751702,1752212,1752737,1752745,1753078,1753080,1753358,1753363,1754111,1754140-1754141,1754281,1754310,1754445,1754467,1754494,1754496,1754528,1754532-1754533,1754613,1754714,1754874,1754941,1754944,1754950-1754951,1755005,1755007,1755009,1755132,1755180-1755181,1755185,1755190,1755204-1755206,1755208,1755214,1755224,1755227,1755230,1755629,1755646-1755647,1755650,1755653,1755675,1755680,1755683,1755693,1755717,1755731-1755737,1755812,1755828,1755884,1755890,1755918-1755919,1755942,1755958,1755960,1755970,1755993,1756013,1756019,1756039,1756056,1756083-1756114,1756175,1756288-1756289,1756408-1 756410,1756778,1756798,1756878,1756898,1756939,1757123-1757124,1757126,1757128,1757132-1757133,1757136,1757145,1757167-1757168,1757175,1757180,1757182,1757195,1757271,1757278,1757347,1757353-1757354,1757363,1757374,1757399,1757406,1757408,1757485,1757495,1757499,1757527,1757578,1757684,1757722,1757727,1757790,1757799,1757813,1757853,1757883,1757903,1757976,1757997,1758000,1758058,1758072-1758075,1758078-1758079,1758223,1758257,1758261,1758276,1758292,1758369,1758378-1758383,1758421,1758423,1758425-1758427,1758430,1758443,1758448,1758459,1758483,1758486-1758487,1758499,1758525,1758556,1758580,1758582,1758584,1758588,1758842,1759019,1759212,1759224,1759227,1759252,1759274,1759513-1759516,1759611,1759757,1759785-1759790,1760005,1760022,1760109-1760110,1760135,1760200-1760201,1760227,1760300,1760397,1760446,1760454,1760640,1760648,1761057,1761422,1761491,1761498,1761500-1761501,1761550,1761553,1761572,1761574,1761625-1761626,1761628,1761682,1761740,1761752,1762051-1762053,1762123,176216
[Bug 61542] Apache Tomcat Remote Code Execution via JSP Upload bypass
https://bz.apache.org/bugzilla/show_bug.cgi?id=61542 --- Comment #7 from Peter Stöckli--- Isn't the mere existence of the readonly parameter also part of the problem? https://tomcat.apache.org/tomcat-7.0-doc/default-servlet.html It is currently documented as "Is this context "read only", so HTTP commands like PUT and DELETE are rejected? [true]" But it holds more "surprises". IMHO this parameter should NEVER be set to false. Maybe it can be removed or the documentation of this parameter can be improved? -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
buildbot failure in on tomcat-8-trunk
The Buildbot has detected a new failure on builder tomcat-8-trunk while building . Full details are available at: https://ci.apache.org/builders/tomcat-8-trunk/builds/1127 Buildbot URL: https://ci.apache.org/ Buildslave for this Build: silvanus_ubuntu Build Reason: The AnyBranchScheduler scheduler named 'on-tomcat-8-commit' triggered this build Build Source Stamp: [branch tomcat/tc8.0.x/trunk] 1809267 Blamelist: markt BUILD FAILED: failed compile_1 Sincerely, -The Buildbot - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1809274 - in /tomcat/tc8.5.x/trunk: ./ java/org/apache/catalina/webresources/DirResourceSet.java test/org/apache/catalina/webresources/AbstractTestResourceSet.java webapps/docs/changelog.
Author: markt Date: Fri Sep 22 07:54:31 2017 New Revision: 1809274 URL: http://svn.apache.org/viewvc?rev=1809274=rev Log: Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=61542 Remainder of fix for CVE-2017-12617 This ensures that a path specified for creation of a file does not end in '/' since that is dropped by the File API. Modified: tomcat/tc8.5.x/trunk/ (props changed) tomcat/tc8.5.x/trunk/java/org/apache/catalina/webresources/DirResourceSet.java tomcat/tc8.5.x/trunk/test/org/apache/catalina/webresources/AbstractTestResourceSet.java tomcat/tc8.5.x/trunk/webapps/docs/changelog.xml Propchange: tomcat/tc8.5.x/trunk/ -- --- svn:mergeinfo (original) +++ svn:mergeinfo Fri Sep 22 07:54:31 2017 @@ -1 +1 @@ -/tomcat/trunk:1734785,1734799,1734845,1734928,1735041,1735044,1735480,1735577,1735597,1735599-1735600,1735615,1736145,1736162,1736209,1736280,1736297,1736299,1736489,1736646,1736703,1736836,1736849,1737104-1737105,1737112,1737117,1737119-1737120,1737155,1737157,1737192,1737280,1737339,1737632,1737664,1737715,1737748,1737785,1737834,1737860,1737903,1737959,1738005,1738007,1738014-1738015,1738018,1738022,1738039,1738043,1738059-1738060,1738147,1738149,1738174-1738175,1738261,1738589,1738623-1738625,1738643,1738816,1738850,1738855,1738946-1738948,1738953-1738954,1738979,1738982,1739079-1739081,1739087,1739113,1739153,1739172,1739176,1739191,1739474,1739726,1739762,1739775,1739814,1739817-1739818,1739975,1740131,1740324,1740465,1740495,1740508-1740509,1740520,1740535,1740707,1740803,1740810,1740969,1740980,1740991,1740997,1741015,1741033,1741036,1741058,1741060,1741080,1741147,1741159,1741164,1741173,1741181,1741190,1741197,1741202,1741208,1741213,1741221,1741225,1741232,1741409,1741501 ,1741677,1741892,1741896,1741984,1742023,1742042,1742071,1742090,1742093,1742101,1742105,1742111,1742139,1742146,1742148,1742166,1742181,1742184,1742187,1742246,1742248-1742251,1742263-1742264,1742268,1742276,1742369,1742387,1742448,1742509-1742512,1742917,1742919,1742933,1742975-1742976,1742984,1742986,1743019,1743115,1743117,1743124-1743125,1743134,1743425,1743554,1743679,1743696-1743698,1743700-1743701,1744058,1744064-1744065,1744125,1744194,1744229,1744270,1744323,1744432,1744684,1744697,1744705,1744713,1744760,1744786,1745083,1745142-1745143,1745145,1745177,1745179-1745180,1745227,1745248,1745254,1745337,1745467,1745473,1745535,1745576,1745735,1745744,1746304,1746306-1746307,1746319,1746327,1746338,1746340-1746341,1746344,1746427,1746441,1746473,1746490,1746492,1746495-1746496,1746499-1746501,1746503-1746507,1746509,1746549,1746551,1746554,1746556,1746558,1746584,1746620,1746649,1746724,1746939,1746989,1747014,1747028,1747035,1747210,1747225,1747234,1747253,1747404,1747506,1747 536,1747924,1747980,1747993,1748001,1748253,1748452,1748547,1748629,1748676,1748715,1749287,1749296,1749328,1749373,1749465,1749506,1749508,1749665-1749666,1749763,1749865-1749866,1749898,1749978,1749980,1750011,1750015,1750056,1750480,1750617,1750634,1750692,1750697,1750700,1750703,1750707,1750714,1750718,1750723,1750774,1750899,1750975,1750995,1751061,1751097,1751173,1751438,1751447,1751463,1751702,1752212,1752737,1752745,1753078,1753080,1753358,1753363,1754111,1754140-1754141,1754281,1754310,1754445,1754467,1754494,1754496,1754528,1754532-1754533,1754613,1754714,1754874,1754941,1754944,1754950-1754951,1755005,1755007,1755009,1755132,1755180-1755181,1755185,1755190,1755204-1755206,1755208,1755214,1755224,1755227,1755230,1755629,1755646-1755647,1755650,1755653,1755675,1755680,1755683,1755693,1755717,1755731-1755737,1755812,1755828,1755884,1755890,1755918-1755919,1755942,1755958,1755960,1755970,1755993,1756013,1756019,1756039,1756056,1756083-1756114,1756175,1756288-1756289,1756408-1 756410,1756778,1756798,1756878,1756898,1756939,1757123-1757124,1757126,1757128,1757132-1757133,1757136,1757145,1757167-1757168,1757175,1757180,1757182,1757195,1757271,1757278,1757347,1757353-1757354,1757363,1757374,1757399,1757406,1757408,1757485,1757495,1757499,1757527,1757578,1757684,1757722,1757727,1757790,1757799,1757813,1757853,1757883,1757903,1757976,1757997,1758000,1758058,1758072-1758075,1758078-1758079,1758223,1758257,1758261,1758276,1758292,1758369,1758378-1758383,1758421,1758423,1758425-1758427,1758430,1758443,1758448,1758459,1758483,1758486-1758487,1758499,1758525,1758556,1758580,1758582,1758584,1758588,1758842,1759019,1759212,1759224,1759227,1759252,1759274,1759513-1759516,1759611,1759757,1759785-1759790,1760005,1760022,1760109-1760110,1760135,1760200-1760201,1760227,1760300,1760397,1760446,1760454,1760640,1760648,1761057,1761422,1761491,1761498,1761500-1761501,1761550,1761553,1761572,1761574,1761625-1761626,1761628,1761682,1761740,1761752,1762051-1762053,1762123,176216
svn commit: r1809272 - in /tomcat/tc8.5.x/trunk: ./ java/org/apache/catalina/servlets/DefaultServlet.java java/org/apache/catalina/webresources/AbstractFileResourceSet.java test/org/apache/catalina/we
Author: markt Date: Fri Sep 22 07:50:26 2017 New Revision: 1809272 URL: http://svn.apache.org/viewvc?rev=1809272=rev Log: Partial fix for CVE-2017-12617 This moves a check from the Default servlet where it applied to GET, POST, HEAD and OPTIONS to the resources implementation where it applies to any method that expects the resource to exist (e.g.DELETE) Still need to address the case where the resource does not exist (e.g. PUT) Modified: tomcat/tc8.5.x/trunk/ (props changed) tomcat/tc8.5.x/trunk/java/org/apache/catalina/servlets/DefaultServlet.java tomcat/tc8.5.x/trunk/java/org/apache/catalina/webresources/AbstractFileResourceSet.java tomcat/tc8.5.x/trunk/test/org/apache/catalina/webresources/AbstractTestResourceSet.java Propchange: tomcat/tc8.5.x/trunk/ -- --- svn:mergeinfo (original) +++ svn:mergeinfo Fri Sep 22 07:50:26 2017 @@ -1 +1 @@ -/tomcat/trunk:1734785,1734799,1734845,1734928,1735041,1735044,1735480,1735577,1735597,1735599-1735600,1735615,1736145,1736162,1736209,1736280,1736297,1736299,1736489,1736646,1736703,1736836,1736849,1737104-1737105,1737112,1737117,1737119-1737120,1737155,1737157,1737192,1737280,1737339,1737632,1737664,1737715,1737748,1737785,1737834,1737860,1737903,1737959,1738005,1738007,1738014-1738015,1738018,1738022,1738039,1738043,1738059-1738060,1738147,1738149,1738174-1738175,1738261,1738589,1738623-1738625,1738643,1738816,1738850,1738855,1738946-1738948,1738953-1738954,1738979,1738982,1739079-1739081,1739087,1739113,1739153,1739172,1739176,1739191,1739474,1739726,1739762,1739775,1739814,1739817-1739818,1739975,1740131,1740324,1740465,1740495,1740508-1740509,1740520,1740535,1740707,1740803,1740810,1740969,1740980,1740991,1740997,1741015,1741033,1741036,1741058,1741060,1741080,1741147,1741159,1741164,1741173,1741181,1741190,1741197,1741202,1741208,1741213,1741221,1741225,1741232,1741409,1741501 ,1741677,1741892,1741896,1741984,1742023,1742042,1742071,1742090,1742093,1742101,1742105,1742111,1742139,1742146,1742148,1742166,1742181,1742184,1742187,1742246,1742248-1742251,1742263-1742264,1742268,1742276,1742369,1742387,1742448,1742509-1742512,1742917,1742919,1742933,1742975-1742976,1742984,1742986,1743019,1743115,1743117,1743124-1743125,1743134,1743425,1743554,1743679,1743696-1743698,1743700-1743701,1744058,1744064-1744065,1744125,1744194,1744229,1744270,1744323,1744432,1744684,1744697,1744705,1744713,1744760,1744786,1745083,1745142-1745143,1745145,1745177,1745179-1745180,1745227,1745248,1745254,1745337,1745467,1745473,1745535,1745576,1745735,1745744,1746304,1746306-1746307,1746319,1746327,1746338,1746340-1746341,1746344,1746427,1746441,1746473,1746490,1746492,1746495-1746496,1746499-1746501,1746503-1746507,1746509,1746549,1746551,1746554,1746556,1746558,1746584,1746620,1746649,1746724,1746939,1746989,1747014,1747028,1747035,1747210,1747225,1747234,1747253,1747404,1747506,1747 536,1747924,1747980,1747993,1748001,1748253,1748452,1748547,1748629,1748676,1748715,1749287,1749296,1749328,1749373,1749465,1749506,1749508,1749665-1749666,1749763,1749865-1749866,1749898,1749978,1749980,1750011,1750015,1750056,1750480,1750617,1750634,1750692,1750697,1750700,1750703,1750707,1750714,1750718,1750723,1750774,1750899,1750975,1750995,1751061,1751097,1751173,1751438,1751447,1751463,1751702,1752212,1752737,1752745,1753078,1753080,1753358,1753363,1754111,1754140-1754141,1754281,1754310,1754445,1754467,1754494,1754496,1754528,1754532-1754533,1754613,1754714,1754874,1754941,1754944,1754950-1754951,1755005,1755007,1755009,1755132,1755180-1755181,1755185,1755190,1755204-1755206,1755208,1755214,1755224,1755227,1755230,1755629,1755646-1755647,1755650,1755653,1755675,1755680,1755683,1755693,1755717,1755731-1755737,1755812,1755828,1755884,1755890,1755918-1755919,1755942,1755958,1755960,1755970,1755993,1756013,1756019,1756039,1756056,1756083-1756114,1756175,1756288-1756289,1756408-1 756410,1756778,1756798,1756878,1756898,1756939,1757123-1757124,1757126,1757128,1757132-1757133,1757136,1757145,1757167-1757168,1757175,1757180,1757182,1757195,1757271,1757278,1757347,1757353-1757354,1757363,1757374,1757399,1757406,1757408,1757485,1757495,1757499,1757527,1757578,1757684,1757722,1757727,1757790,1757799,1757813,1757853,1757883,1757903,1757976,1757997,1758000,1758058,1758072-1758075,1758078-1758079,1758223,1758257,1758261,1758276,1758292,1758369,1758378-1758383,1758421,1758423,1758425-1758427,1758430,1758443,1758448,1758459,1758483,1758486-1758487,1758499,1758525,1758556,1758580,1758582,1758584,1758588,1758842,1759019,1759212,1759224,1759227,1759252,1759274,1759513-1759516,1759611,1759757,1759785-1759790,1760005,1760022,1760109-1760110,1760135,1760200-1760201,1760227,1760300,1760397,1760446,1760454,1760640,1760648,1761057,1761422,1761491,1761498,1761500-1761501,1761550,1761553,1761572,1761574,1761625-1761626,1761628,1761682,1761740,1761752,1762051-1762053,1762123,176216
buildbot failure in on tomcat-trunk
The Buildbot has detected a new failure on builder tomcat-trunk while building . Full details are available at: https://ci.apache.org/builders/tomcat-trunk/builds/2711 Buildbot URL: https://ci.apache.org/ Buildslave for this Build: silvanus_ubuntu Build Reason: The AnyBranchScheduler scheduler named 'on-tomcat-commit' triggered this build Build Source Stamp: [branch tomcat/trunk] 1809265 Blamelist: markt BUILD FAILED: failed compile_1 Sincerely, -The Buildbot - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 61545] ProxyConnection.invoke() does not handle javax.sql.PooledConnection method calls
https://bz.apache.org/bugzilla/show_bug.cgi?id=61545 --- Comment #2 from Nils Winkler--- Thanks for the quick fix! Happy to help! -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 61545] ProxyConnection.invoke() does not handle javax.sql.PooledConnection method calls
https://bz.apache.org/bugzilla/show_bug.cgi?id=61545 Mark Thomaschanged: What|Removed |Added Resolution|--- |FIXED Status|NEW |RESOLVED --- Comment #1 from Mark Thomas --- Thanks for the report, detailed explanation and fix. Fixed in: - trunk for 9.0.0 onwards - 8.5.x for 8.5.22 onwards - 8.0.x for 8.0.47 onwards - 7.0.x for 7.0.82 onwards -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1809268 - in /tomcat/tc7.0.x/trunk: ./ modules/jdbc-pool/src/main/java/org/apache/tomcat/jdbc/pool/ProxyConnection.java webapps/docs/changelog.xml
Author: markt Date: Fri Sep 22 07:23:18 2017 New Revision: 1809268 URL: http://svn.apache.org/viewvc?rev=1809268=rev Log: Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=61545 Correctly handle invocations of methods defined in the PooledConnection interface when using pooled XA connections. Patch provided by Nils Winkler. Modified: tomcat/tc7.0.x/trunk/ (props changed) tomcat/tc7.0.x/trunk/modules/jdbc-pool/src/main/java/org/apache/tomcat/jdbc/pool/ProxyConnection.java tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml Propchange: tomcat/tc7.0.x/trunk/ -- --- svn:mergeinfo (original) +++ svn:mergeinfo Fri Sep 22 07:23:18 2017 @@ -1,3 +1,3 @@ -/tomcat/tc8.0.x/trunk:1636525,1637336,1637685,1637709,1638726,1640089,1640276,1640349,1640363,1640366,1640642,1640672,1640674,1640689,1640884,1641001,1641065,1641067,1641375,1641638,1641723,1641726,1641729-1641730,1641736,1641988,1642669-1642670,1642698,1642701,1643205,1643215,1643217,1643230,1643232,1643273,1643285,1643329-1643330,1643511,1643513,1643521,1643539,1643571,1643581-1643582,1643635,1643655,1643738,1643964,1644018,1644333,1644525,1644954,1644992,1645014,1645360,1645456,1645627,1645642,1645686,1645903-1645904,1645908-1645909,1645913,1645920,1646458,1646460-1646462,1646735,1646738-1646741,1646744,1646746,1646748-1646755,1646757,1646759-1646760,1647043,1648816,1651420-1651422,1651844,1652926,1652939-1652940,1652973,1653798,1653817,1653841,1654042,1654161,1654736,1654767,1654787,1656592,1659907,1662986,1663265,1663278,1663325,1663535,1663567,1663679,1663997,1664175,1664321,1664872,1665061,1665086,1666027,1666395,1666503,1666506,1666560,1666570,1666581,1666759,1666967,1666988 ,1667553-1667555,1667558,1667617,1667633,1667637,1667747,1667767,1667873,1668028,1668137,1668634,1669432,1669801,1669840,1669895-1669896,1670398,1670435,1670592,1670605-1670607,1670609,1670632,1670720,1670725,1670727,1670731,1671114,1672273,1672285,1673759,1674220,1674295,1675469,1675488,1675595,1675831,1676232,1676367-1676369,1676382,1676394,1676483,1676556,1676635,1678178,1679536,1679988,1680256,1681124,1681182,1681703,1681730,1681840,1681864,1681869,1682010,1682034,1682047,1682052-1682053,1682062,1682064,1682070,1682312,1682325,1682331,1682386,1684367,1684385,1685759,1685774,1685827,1685892,1687341,1688904,1689358,1689657,1689921,1692850,1693093,1693108,1693324,1694060,1694115,1694291,1694427,1694431,1694503,1694549,1694789,1694873,1694881,1695356,1695372,1695823-1695825,1696200,1696281,1696379,1696468,1700608,1700871,1700897,1700978,1701094,1701124,1701608,1701668,1701676,1701766,1701944,1702248,1702252,1702314,1702390,1702723,1702725,1702728,1702730,1702733,1702735,1702737,1702 739,1702742,1702744,1702748,1702751,1702754,1702758,1702760,1702763,1702766,1708779,1708782,1708806,1709314,1709670,1710347,1710442,1710448,1710490,1710574,1710578,1712226,1712229,1712235,1712255,1712618,1712649,1712655,1712860,1712899,1712903,1712906,1712913,1712926,1712975,1713185,1713262,1713287,1713613,1713621,1713872,1713976,1713994,1713998,1714004,1714013,1714059,1714538,1714580,1715189,1715207,1715544,1715549,1715637,1715639-1715645,1715667,1715683,1715866,1715978,1715981,1716216-1716217,1716355,1716414,1716421,1717208-1717209,1717257,1717283,1717288,1717291,1717421,1717517,1717529,1718797,1718840-1718843,1719348,1719357-1719358,1719400,1719491,1719737,1720235,1720396,1720442,1720446,1720450,1720463,1720658-1720660,1720756,1720816,1721813,1721818,1721831,1721861,1721867,1721882,1722523,1722527,1722800,1722926,1722941,1722997,1723130,1723440,1723488,1723890,1724434,1724674,1724792,1724803,1724902,1725128,1725131,1725154,1725167,1725911,1725921,1725929,1725963-1725965,1725970,1 725974,1726171-1726173,1726175,1726179-1726182,1726190-1726191,1726195-1726200,1726203,1726226,1726576,1726630,1726992,1727029,1727037,1727671,1727676,1727900,1728028,1728092,1728439,1728449,1729186,1729362,1731009,1731303,1731867,1731872,1731874,1731876,1731885,1731947,1731955,1731959,1731977,1731984,1732360,1732490,1732672,1732902,1733166,1733603,1733619,1733735,1733752,1733764,1733915,1733941,1733964,1734115,1734133,1734261,1734421,1734531,1736286,1737967,1738173,1738182,1738992,1739039,1739089-1739091,1739294,1739777,1739821,1739981,1740513,1740726,1741019,1741162,1741217,1743647,1743681,1744152,1744272,1746732,1746750,1752739,1754615,1755886,1756018,1759565,1761686,1762173,1762206,1766280,1767507-1767508,1767653,1767656,1769267,1772949,1773521,1773527,1774104,1777015,1777213,1779330,1783151,1784188,1784966,1785670,1786846,1788260,1788999,1789140,1789402,1791529,1791559,1795291,1796906,1797523,1799214,1800998-1800999,1801003,1801007-1801008,1801017,1801020,1802808,1802814,180361 8,1806107,1806733,1807082-1807083,1808707,1808884
svn commit: r1809267 - in /tomcat/tc8.0.x/trunk: ./ modules/jdbc-pool/src/main/java/org/apache/tomcat/jdbc/pool/ProxyConnection.java webapps/docs/changelog.xml
Author: markt Date: Fri Sep 22 07:22:12 2017 New Revision: 1809267 URL: http://svn.apache.org/viewvc?rev=1809267=rev Log: Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=61545 Correctly handle invocations of methods defined in the PooledConnection interface when using pooled XA connections. Patch provided by Nils Winkler. Modified: tomcat/tc8.0.x/trunk/ (props changed) tomcat/tc8.0.x/trunk/modules/jdbc-pool/src/main/java/org/apache/tomcat/jdbc/pool/ProxyConnection.java tomcat/tc8.0.x/trunk/webapps/docs/changelog.xml Propchange: tomcat/tc8.0.x/trunk/ -- --- svn:mergeinfo (original) +++ svn:mergeinfo Fri Sep 22 07:22:12 2017 @@ -1,2 +1,2 @@ /tomcat/tc8.5.x/trunk:1735042,1737966,1743139-1743140,1744151,1747537,1747925,1748002,1754614,1754643,1762124,1762183,1762203,1763792,1772948,1777014,1779719,1782037,1782240,1782386-1782387,1785669,1786845,1788249,1788324,1788905,1789216,1789335,1791528,1791558,1796697-1796698,1797521,1798543,1799162,1800143,1801693,1802805,1806799,1807079-1807080,1808880 -/tomcat/trunk:1636524,1637156,1637176,1637188,1637331,1637684,1637695,1637890,1637892,1638720-1638725,1639653,1640010,1640083-1640084,1640088,1640275,1640322,1640347,1640361,1640365,1640403,1640410,1640652,1640655-1640658,1640688,1640700-1640883,1640903,1640976,1640978,1641000,1641026,1641038-1641039,1641051-1641052,1641058,1641064,1641300,1641369,1641374,1641380,1641486,1641634,1641656-1641692,1641704,1641707-1641718,1641720-1641722,1641735,1641981,1642233,1642280,1642554,1642564,1642595,1642606,1642668,1642679,1642697,1642699,1642766,1643002,1643045,1643054-1643055,1643066,1643121,1643128,1643206,1643209-1643210,1643216,1643249,1643270,1643283,1643309-1643310,1643323,1643365-1643366,1643370-1643371,1643465,1643474,1643536,1643570,1643634,1643649,1643651,1643654,1643675,1643731,1643733-1643734,1643761,1643766,1643814,1643937,1643963,1644017,1644169,1644201-1644203,1644321,1644323,1644516,1644523,1644529,1644535,1644730,1644768,1644784-1644785,1644790,1644793,1644815,1644884,1644886 ,1644890,1644892,1644910,1644924,1644929-1644930,1644935,1644989,1645011,1645247,1645355,1645357-1645358,1645455,1645465,1645469,1645471,1645473,1645475,1645486-1645488,1645626,1645641,1645685,1645743,1645763,1645951-1645953,1645955,1645993,1646098-1646106,1646178,1646220,1646302,1646304,1646420,1646470-1646471,1646476,1646559,1646717-1646723,1646773,1647026,1647042,1647530,1647655,1648304,1648815,1648907,1649973,1650081,1650365,1651116,1651120,1651280,1651470,1652938,1652970,1653041,1653471,1653550,1653574,1653797,1653815-1653816,1653819,1653840,1653857,1653888,1653972,1654013,1654030,1654050,1654123,1654148,1654159,1654513,1654515,1654517,1654522,1654524,1654725,1654735,1654766,1654785,1654851-1654852,1654978,1655122-1655124,1655126-1655127,1655129-1655130,1655132-1655133,1655312,1655351,1655438,1655441,1655454,168,1656087,1656299,1656319,1656331,1656345,1656350,1656590,1656648-1656650,1656657,1657041,1657054,1657374,1657492,1657510,1657565,1657580,1657584,1657586,1657589,1657 592,1657607,1657609,1657682,1657907,1658207,1658734,1658781,1658790,1658799,1658802,1658804,1658833,1658840,1658966,1659043,1659053,1659059,1659174,1659184,1659188-1659189,1659216,1659263,1659293,1659304,1659306-1659307,1659382,1659384,1659428,1659471,1659486,1659505,1659516,1659521,1659524,1659559,1659562,1659803,1659806,1659814,1659833,1659862,1659905,1659919,1659948,1659967,1659983-1659984,1660060,1660074,1660077,1660133,1660168,1660331-1660332,1660353,1660358,1660924,1661386,1661770,1661867,1661972,1661990,1662200,1662308-1662309,1662548,1662614,1662696,1662736,1662985,1662988-1662989,1663264,1663277,1663298,1663534,1663562,1663676,1663715,1663754,1663768,1663772,1663781,1663893,1663995,1664143,1664163,1664174,1664301,1664317,1664347,1664657,1664659,1664710,1664863-1664864,1664866,1665085,1665292,1665559,1665653,1665661,1665672,1665694,1665697,1665736,1665779,1665976-1665977,1665980-1665981,1665985-1665986,1665989,1665998,1666004,1666008,1666013,1666017,1666024,1666116,1666386-1
svn commit: r1809266 - in /tomcat/tc8.5.x/trunk: ./ modules/jdbc-pool/src/main/java/org/apache/tomcat/jdbc/pool/ProxyConnection.java webapps/docs/changelog.xml
Author: markt Date: Fri Sep 22 07:20:39 2017 New Revision: 1809266 URL: http://svn.apache.org/viewvc?rev=1809266=rev Log: Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=61545 Correctly handle invocations of methods defined in the PooledConnection interface when using pooled XA connections. Patch provided by Nils Winkler. Modified: tomcat/tc8.5.x/trunk/ (props changed) tomcat/tc8.5.x/trunk/modules/jdbc-pool/src/main/java/org/apache/tomcat/jdbc/pool/ProxyConnection.java tomcat/tc8.5.x/trunk/webapps/docs/changelog.xml Propchange: tomcat/tc8.5.x/trunk/ -- --- svn:mergeinfo (original) +++ svn:mergeinfo Fri Sep 22 07:20:39 2017 @@ -1 +1 @@ -/tomcat/trunk:1734785,1734799,1734845,1734928,1735041,1735044,1735480,1735577,1735597,1735599-1735600,1735615,1736145,1736162,1736209,1736280,1736297,1736299,1736489,1736646,1736703,1736836,1736849,1737104-1737105,1737112,1737117,1737119-1737120,1737155,1737157,1737192,1737280,1737339,1737632,1737664,1737715,1737748,1737785,1737834,1737860,1737903,1737959,1738005,1738007,1738014-1738015,1738018,1738022,1738039,1738043,1738059-1738060,1738147,1738149,1738174-1738175,1738261,1738589,1738623-1738625,1738643,1738816,1738850,1738855,1738946-1738948,1738953-1738954,1738979,1738982,1739079-1739081,1739087,1739113,1739153,1739172,1739176,1739191,1739474,1739726,1739762,1739775,1739814,1739817-1739818,1739975,1740131,1740324,1740465,1740495,1740508-1740509,1740520,1740535,1740707,1740803,1740810,1740969,1740980,1740991,1740997,1741015,1741033,1741036,1741058,1741060,1741080,1741147,1741159,1741164,1741173,1741181,1741190,1741197,1741202,1741208,1741213,1741221,1741225,1741232,1741409,1741501 ,1741677,1741892,1741896,1741984,1742023,1742042,1742071,1742090,1742093,1742101,1742105,1742111,1742139,1742146,1742148,1742166,1742181,1742184,1742187,1742246,1742248-1742251,1742263-1742264,1742268,1742276,1742369,1742387,1742448,1742509-1742512,1742917,1742919,1742933,1742975-1742976,1742984,1742986,1743019,1743115,1743117,1743124-1743125,1743134,1743425,1743554,1743679,1743696-1743698,1743700-1743701,1744058,1744064-1744065,1744125,1744194,1744229,1744270,1744323,1744432,1744684,1744697,1744705,1744713,1744760,1744786,1745083,1745142-1745143,1745145,1745177,1745179-1745180,1745227,1745248,1745254,1745337,1745467,1745473,1745535,1745576,1745735,1745744,1746304,1746306-1746307,1746319,1746327,1746338,1746340-1746341,1746344,1746427,1746441,1746473,1746490,1746492,1746495-1746496,1746499-1746501,1746503-1746507,1746509,1746549,1746551,1746554,1746556,1746558,1746584,1746620,1746649,1746724,1746939,1746989,1747014,1747028,1747035,1747210,1747225,1747234,1747253,1747404,1747506,1747 536,1747924,1747980,1747993,1748001,1748253,1748452,1748547,1748629,1748676,1748715,1749287,1749296,1749328,1749373,1749465,1749506,1749508,1749665-1749666,1749763,1749865-1749866,1749898,1749978,1749980,1750011,1750015,1750056,1750480,1750617,1750634,1750692,1750697,1750700,1750703,1750707,1750714,1750718,1750723,1750774,1750899,1750975,1750995,1751061,1751097,1751173,1751438,1751447,1751463,1751702,1752212,1752737,1752745,1753078,1753080,1753358,1753363,1754111,1754140-1754141,1754281,1754310,1754445,1754467,1754494,1754496,1754528,1754532-1754533,1754613,1754714,1754874,1754941,1754944,1754950-1754951,1755005,1755007,1755009,1755132,1755180-1755181,1755185,1755190,1755204-1755206,1755208,1755214,1755224,1755227,1755230,1755629,1755646-1755647,1755650,1755653,1755675,1755680,1755683,1755693,1755717,1755731-1755737,1755812,1755828,1755884,1755890,1755918-1755919,1755942,1755958,1755960,1755970,1755993,1756013,1756019,1756039,1756056,1756083-1756114,1756175,1756288-1756289,1756408-1 756410,1756778,1756798,1756878,1756898,1756939,1757123-1757124,1757126,1757128,1757132-1757133,1757136,1757145,1757167-1757168,1757175,1757180,1757182,1757195,1757271,1757278,1757347,1757353-1757354,1757363,1757374,1757399,1757406,1757408,1757485,1757495,1757499,1757527,1757578,1757684,1757722,1757727,1757790,1757799,1757813,1757853,1757883,1757903,1757976,1757997,1758000,1758058,1758072-1758075,1758078-1758079,1758223,1758257,1758261,1758276,1758292,1758369,1758378-1758383,1758421,1758423,1758425-1758427,1758430,1758443,1758448,1758459,1758483,1758486-1758487,1758499,1758525,1758556,1758580,1758582,1758584,1758588,1758842,1759019,1759212,1759224,1759227,1759252,1759274,1759513-1759516,1759611,1759757,1759785-1759790,1760005,1760022,1760109-1760110,1760135,1760200-1760201,1760227,1760300,1760397,1760446,1760454,1760640,1760648,1761057,1761422,1761491,1761498,1761500-1761501,1761550,1761553,1761572,1761574,1761625-1761626,1761628,1761682,1761740,1761752,1762051-1762053,1762123,176216
svn commit: r1809265 - in /tomcat/trunk: modules/jdbc-pool/src/main/java/org/apache/tomcat/jdbc/pool/ProxyConnection.java webapps/docs/changelog.xml
Author: markt Date: Fri Sep 22 07:20:04 2017 New Revision: 1809265 URL: http://svn.apache.org/viewvc?rev=1809265=rev Log: Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=61545 Correctly handle invocations of methods defined in the PooledConnection interface when using pooled XA connections. Patch provided by Nils Winkler. Modified: tomcat/trunk/modules/jdbc-pool/src/main/java/org/apache/tomcat/jdbc/pool/ProxyConnection.java tomcat/trunk/webapps/docs/changelog.xml Modified: tomcat/trunk/modules/jdbc-pool/src/main/java/org/apache/tomcat/jdbc/pool/ProxyConnection.java URL: http://svn.apache.org/viewvc/tomcat/trunk/modules/jdbc-pool/src/main/java/org/apache/tomcat/jdbc/pool/ProxyConnection.java?rev=1809265=1809264=1809265=diff == --- tomcat/trunk/modules/jdbc-pool/src/main/java/org/apache/tomcat/jdbc/pool/ProxyConnection.java (original) +++ tomcat/trunk/modules/jdbc-pool/src/main/java/org/apache/tomcat/jdbc/pool/ProxyConnection.java Fri Sep 22 07:20:04 2017 @@ -103,7 +103,7 @@ public class ProxyConnection extends Jdb return this.toString(); } else if (compare(GETCONNECTION_VAL,method) && connection!=null) { return connection.getConnection(); -} else if (method.getDeclaringClass().equals(XAConnection.class)) { +} else if (method.getDeclaringClass().isAssignableFrom(XAConnection.class)) { try { return method.invoke(connection.getXAConnection(),args); }catch (Throwable t) { Modified: tomcat/trunk/webapps/docs/changelog.xml URL: http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1809265=1809264=1809265=diff == --- tomcat/trunk/webapps/docs/changelog.xml (original) +++ tomcat/trunk/webapps/docs/changelog.xml Fri Sep 22 07:20:04 2017 @@ -97,6 +97,15 @@ + + + +61545: Correctly handle invocations of methods defined in the +PooledConnection interface when using pooled XA +connections. Patch provided by Nils Winkler. (markt) + + + - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 61557] KeyStoreException make Tomcat could not startup successfully
https://bz.apache.org/bugzilla/show_bug.cgi?id=61557 Mark Thomaschanged: What|Removed |Added Resolution|--- |FIXED Status|REOPENED|RESOLVED --- Comment #5 from Mark Thomas --- Thanks for testing and confirming the fix. Fixed in - trunk for 9.0.0 onwards - 8.5.x for 8.5.22 onwards -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1809264 - in /tomcat/tc8.5.x/trunk: ./ java/org/apache/tomcat/util/net/jsse/JSSEUtil.java webapps/docs/changelog.xml
Author: markt Date: Fri Sep 22 07:10:46 2017 New Revision: 1809264 URL: http://svn.apache.org/viewvc?rev=1809264=rev Log: Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=61557 Correct a further regression in the fix to enable the use of Java key stores that contain multiple keys that do not all have the same password. The regression broke support for some FIPS compliant key stores. Modified: tomcat/tc8.5.x/trunk/ (props changed) tomcat/tc8.5.x/trunk/java/org/apache/tomcat/util/net/jsse/JSSEUtil.java tomcat/tc8.5.x/trunk/webapps/docs/changelog.xml Propchange: tomcat/tc8.5.x/trunk/ -- --- svn:mergeinfo (original) +++ svn:mergeinfo Fri Sep 22 07:10:46 2017 @@ -1 +1 @@ -/tomcat/trunk:1734785,1734799,1734845,1734928,1735041,1735044,1735480,1735577,1735597,1735599-1735600,1735615,1736145,1736162,1736209,1736280,1736297,1736299,1736489,1736646,1736703,1736836,1736849,1737104-1737105,1737112,1737117,1737119-1737120,1737155,1737157,1737192,1737280,1737339,1737632,1737664,1737715,1737748,1737785,1737834,1737860,1737903,1737959,1738005,1738007,1738014-1738015,1738018,1738022,1738039,1738043,1738059-1738060,1738147,1738149,1738174-1738175,1738261,1738589,1738623-1738625,1738643,1738816,1738850,1738855,1738946-1738948,1738953-1738954,1738979,1738982,1739079-1739081,1739087,1739113,1739153,1739172,1739176,1739191,1739474,1739726,1739762,1739775,1739814,1739817-1739818,1739975,1740131,1740324,1740465,1740495,1740508-1740509,1740520,1740535,1740707,1740803,1740810,1740969,1740980,1740991,1740997,1741015,1741033,1741036,1741058,1741060,1741080,1741147,1741159,1741164,1741173,1741181,1741190,1741197,1741202,1741208,1741213,1741221,1741225,1741232,1741409,1741501 ,1741677,1741892,1741896,1741984,1742023,1742042,1742071,1742090,1742093,1742101,1742105,1742111,1742139,1742146,1742148,1742166,1742181,1742184,1742187,1742246,1742248-1742251,1742263-1742264,1742268,1742276,1742369,1742387,1742448,1742509-1742512,1742917,1742919,1742933,1742975-1742976,1742984,1742986,1743019,1743115,1743117,1743124-1743125,1743134,1743425,1743554,1743679,1743696-1743698,1743700-1743701,1744058,1744064-1744065,1744125,1744194,1744229,1744270,1744323,1744432,1744684,1744697,1744705,1744713,1744760,1744786,1745083,1745142-1745143,1745145,1745177,1745179-1745180,1745227,1745248,1745254,1745337,1745467,1745473,1745535,1745576,1745735,1745744,1746304,1746306-1746307,1746319,1746327,1746338,1746340-1746341,1746344,1746427,1746441,1746473,1746490,1746492,1746495-1746496,1746499-1746501,1746503-1746507,1746509,1746549,1746551,1746554,1746556,1746558,1746584,1746620,1746649,1746724,1746939,1746989,1747014,1747028,1747035,1747210,1747225,1747234,1747253,1747404,1747506,1747 536,1747924,1747980,1747993,1748001,1748253,1748452,1748547,1748629,1748676,1748715,1749287,1749296,1749328,1749373,1749465,1749506,1749508,1749665-1749666,1749763,1749865-1749866,1749898,1749978,1749980,1750011,1750015,1750056,1750480,1750617,1750634,1750692,1750697,1750700,1750703,1750707,1750714,1750718,1750723,1750774,1750899,1750975,1750995,1751061,1751097,1751173,1751438,1751447,1751463,1751702,1752212,1752737,1752745,1753078,1753080,1753358,1753363,1754111,1754140-1754141,1754281,1754310,1754445,1754467,1754494,1754496,1754528,1754532-1754533,1754613,1754714,1754874,1754941,1754944,1754950-1754951,1755005,1755007,1755009,1755132,1755180-1755181,1755185,1755190,1755204-1755206,1755208,1755214,1755224,1755227,1755230,1755629,1755646-1755647,1755650,1755653,1755675,1755680,1755683,1755693,1755717,1755731-1755737,1755812,1755828,1755884,1755890,1755918-1755919,1755942,1755958,1755960,1755970,1755993,1756013,1756019,1756039,1756056,1756083-1756114,1756175,1756288-1756289,1756408-1 756410,1756778,1756798,1756878,1756898,1756939,1757123-1757124,1757126,1757128,1757132-1757133,1757136,1757145,1757167-1757168,1757175,1757180,1757182,1757195,1757271,1757278,1757347,1757353-1757354,1757363,1757374,1757399,1757406,1757408,1757485,1757495,1757499,1757527,1757578,1757684,1757722,1757727,1757790,1757799,1757813,1757853,1757883,1757903,1757976,1757997,1758000,1758058,1758072-1758075,1758078-1758079,1758223,1758257,1758261,1758276,1758292,1758369,1758378-1758383,1758421,1758423,1758425-1758427,1758430,1758443,1758448,1758459,1758483,1758486-1758487,1758499,1758525,1758556,1758580,1758582,1758584,1758588,1758842,1759019,1759212,1759224,1759227,1759252,1759274,1759513-1759516,1759611,1759757,1759785-1759790,1760005,1760022,1760109-1760110,1760135,1760200-1760201,1760227,1760300,1760397,1760446,1760454,1760640,1760648,1761057,1761422,1761491,1761498,1761500-1761501,1761550,1761553,1761572,1761574,1761625-1761626,1761628,1761682,1761740,1761752,1762051-1762053,1762123,176216
svn commit: r1809263 - in /tomcat/trunk: java/org/apache/tomcat/util/net/jsse/JSSEUtil.java webapps/docs/changelog.xml
Author: markt Date: Fri Sep 22 07:09:59 2017 New Revision: 1809263 URL: http://svn.apache.org/viewvc?rev=1809263=rev Log: Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=61557 Correct a further regression in the fix to enable the use of Java key stores that contain multiple keys that do not all have the same password. The regression broke support for some FIPS compliant key stores. Modified: tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSEUtil.java tomcat/trunk/webapps/docs/changelog.xml Modified: tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSEUtil.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSEUtil.java?rev=1809263=1809262=1809263=diff == --- tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSEUtil.java (original) +++ tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSEUtil.java Fri Sep 22 07:09:59 2017 @@ -241,7 +241,13 @@ public class JSSEUtil extends SSLUtilBas Key k = ks.getKey(keyAlias, keyPassArray); if (k != null && "PKCS#8".equalsIgnoreCase(k.getFormat())) { // Switch to in-memory key store -ksUsed = KeyStore.getInstance("JKS"); +String provider = certificate.getCertificateKeystoreProvider(); +if (provider == null) { +ksUsed = KeyStore.getInstance(certificate.getCertificateKeystoreType()); +} else { +ksUsed = KeyStore.getInstance(certificate.getCertificateKeystoreType(), +provider); +} ksUsed.load(null, null); ksUsed.setKeyEntry(keyAlias, k, keyPassArray, ks.getCertificateChain(keyAlias)); } Modified: tomcat/trunk/webapps/docs/changelog.xml URL: http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1809263=1809262=1809263=diff == --- tomcat/trunk/webapps/docs/changelog.xml (original) +++ tomcat/trunk/webapps/docs/changelog.xml Fri Sep 22 07:09:59 2017 @@ -89,6 +89,12 @@ Add a way to set the property source in embedded mode. (remm) + +61557: Correct a further regression in the fix to enable the +use of Java key stores that contain multiple keys that do not all have +the same password. The regression broke support for some FIPS compliant +key stores. (markt) + - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: svn commit: r1809248 - /tomcat/trunk/java/org/apache/catalina/webresources/AbstractFileResourceSet.java
On 22/09/17 01:29, kkoli...@apache.org wrote: > Author: kkolinko > Date: Fri Sep 22 00:29:54 2017 > New Revision: 1809248 > > URL: http://svn.apache.org/viewvc?rev=1809248=rev > Log: > Remove condition that is always false, thanks to > "canPath.startsWith(canonicalBase)" check a few lines earlier. Thanks for catching this. I've been trying to think if there are any circumstances under which the absoluteBase.length() > absPath.length() test could fail. I can't think of any but I'm not confident enough of that at this point to remove the check. Mark > > Modified: > > tomcat/trunk/java/org/apache/catalina/webresources/AbstractFileResourceSet.java > > Modified: > tomcat/trunk/java/org/apache/catalina/webresources/AbstractFileResourceSet.java > URL: > http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/webresources/AbstractFileResourceSet.java?rev=1809248=1809247=1809248=diff > == > --- > tomcat/trunk/java/org/apache/catalina/webresources/AbstractFileResourceSet.java > (original) > +++ > tomcat/trunk/java/org/apache/catalina/webresources/AbstractFileResourceSet.java > Fri Sep 22 00:29:54 2017 > @@ -93,11 +93,10 @@ public abstract class AbstractFileResour > // the request processing) but might be possible for some access via > the > // Servlet API (RequestDispatcher, HTTP/2 push etc.) therefore these > // checks are retained as an additional safety measure > -// absoluteBase has been normalized so absPath needs to normalized as > +// absoluteBase has been normalized so absPath needs to be > normalized as > // well. > String absPath = normalize(file.getAbsolutePath()); > -if (absoluteBase.length() > absPath.length() || > -canonicalBase.length() > canPath.length()) { > +if (absoluteBase.length() > absPath.length()) { > return null; > } > > > > > - > To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org > For additional commands, e-mail: dev-h...@tomcat.apache.org > - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 61557] KeyStoreException make Tomcat could not startup successfully
https://bz.apache.org/bugzilla/show_bug.cgi?id=61557 --- Comment #4 from Jerry--- (In reply to Mark Thomas from comment #3) > Created attachment 35359 [details] > Proposed patch for 9.0.x > > Does this patch fix the issue? It is for 9.0.x but should apply to 8.5.x as > well. I pull 8.5 source code in local and apply the same patch. And it solved the issue! The tomcat could startup successfully. [Log] Sep 22, 2017 10:13:57 AM org.apache.coyote.AbstractProtocol init INFO: Initializing ProtocolHandler ["https-jsse-nio-8443"] Sep 22, 2017 10:13:58 AM org.apache.tomcat.util.net.SSLUtilBase getEnabled WARNING: Some of the specified [protocols] are not supported by the SSL engine and have been skipped: [[SSLv2Hello]] Sep 22, 2017 10:13:58 AM org.apache.tomcat.util.net.NioSelectorPool getSharedSelector INFO: Using a shared selector for servlet write/read Sep 22, 2017 10:13:58 AM org.apache.coyote.AbstractProtocol init INFO: Initializing ProtocolHandler ["ajp-nio-8009"] Sep 22, 2017 10:13:58 AM org.apache.tomcat.util.net.NioSelectorPool getSharedSelector INFO: Using a shared selector for servlet write/read Sep 22, 2017 10:13:58 AM org.apache.catalina.startup.Catalina load INFO: Initialization processed in 3715 ms Sep 22, 2017 10:13:58 AM org.apache.catalina.core.StandardService startInternal INFO: Starting service [Catalina] Sep 22, 2017 10:13:58 AM org.apache.catalina.core.StandardEngine startInternal INFO: Starting Servlet Engine: Apache Tomcat/8.5.22-dev -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org