Re: [VOTE] Release Apache Tomcat 8.5.82

[Han Li]

> 2022年8月9日 06:15，Christopher Schultz  写道：
> 
> The proposed Apache Tomcat 8.5.82 release is now available for voting.
> 
> The notable changes compared to 8.5.81 are:
> 
> - Update the packaged version of the Tomcat Native Library to 1.2.35 to
>   pick up Windows binaries built with OpenSSL 1.1.1q.
> 
> - Enable the use of the FIPS provider for TLS enabled Connectors when
>   using Tomcat Native 1.2.34 onwards built with OpenSSL 3.0.x onwards.
> 
> - Improvements to HTTP/2 header handling.
> 
> - Fix CVE-2022-34305, a low severity XSS vulnerability in the
>   Form authentication example.
> 
> Along with lots of other bug fixes and improvements.
> 
> For full details, see the changelog:
> https://nightlies.apache.org/tomcat/tomcat-8.5.x/docs/changelog.html
> 
> It can be obtained from:
> https://dist.apache.org/repos/dist/dev/tomcat/tomcat-8/v8.5.82/
> The Maven staging repo is:
> https://repository.apache.org/content/repositories/orgapachetomcat-1385
> The tag is:
> https://github.com/apache/tomcat/tree/8.5.82/
> 237076605ea6b44ec7b97ee1158d5aa7f2f0b53c
> 
> The proposed 8.5.82 release is:
> [ ] Broken - do not release
> [x ] Stable - go ahead and release as 8.5.82 (stable)

All unit tests pass with Tomcat Native 1.2.35 built with OpenSSL 3.0.5 on MacOS 
12.3.1.

Han.

> 
> -chris
> 
> -
> To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: dev-h...@tomcat.apache.org
> 
> -
> To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: dev-h...@tomcat.apache.org
> 


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[GitHub] [tomcat-jakartaee-migration] aooohan commented on pull request #30: Exception in thread "main" java.util.zip.ZipException: Bad CRC checksum for entry

[GitBox]

aooohan commented on PR #30:
URL: 
https://github.com/apache/tomcat-jakartaee-migration/pull/30#issuecomment-1208932186

   > If I am reading this correctly, a side-effect of this change is that 
entries that were previously `STORED` will now be `DEFLATED`.
   
   Yes, I now don't think that's very elegant, so I tried another way to handle 
the case where the archive entries is `STORED`. Although there is some 
performance loss in doing this, it will only affect archive entries that are 
`STORED`, but it is still faster than processing in memory.
   
   @markt-asf  Please review the new changes, thanks.
   
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[VOTE] Release Apache Tomcat 8.5.82

[Christopher Schultz]

The proposed Apache Tomcat 8.5.82 release is now available for voting.

The notable changes compared to 8.5.81 are:

 - Update the packaged version of the Tomcat Native Library to 1.2.35 to
   pick up Windows binaries built with OpenSSL 1.1.1q.

 - Enable the use of the FIPS provider for TLS enabled Connectors when
   using Tomcat Native 1.2.34 onwards built with OpenSSL 3.0.x onwards.

 - Improvements to HTTP/2 header handling.

 - Fix CVE-2022-34305, a low severity XSS vulnerability in the
   Form authentication example.

Along with lots of other bug fixes and improvements.

For full details, see the changelog:
https://nightlies.apache.org/tomcat/tomcat-8.5.x/docs/changelog.html

It can be obtained from:
https://dist.apache.org/repos/dist/dev/tomcat/tomcat-8/v8.5.82/
The Maven staging repo is:
https://repository.apache.org/content/repositories/orgapachetomcat-1385
The tag is:
https://github.com/apache/tomcat/tree/8.5.82/
237076605ea6b44ec7b97ee1158d5aa7f2f0b53c

The proposed 8.5.82 release is:
[ ] Broken - do not release
[ ] Stable - go ahead and release as 8.5.82 (stable)

-chris

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

svn commit: r56190 [2/2] - in /dev/tomcat/tomcat-8/v8.5.82: ./ bin/ bin/embed/ bin/extras/ src/

[schultz]

Added: dev/tomcat/tomcat-8/v8.5.82/bin/extras/catalina-ws.jar.asc
==
--- dev/tomcat/tomcat-8/v8.5.82/bin/extras/catalina-ws.jar.asc (added)
+++ dev/tomcat/tomcat-8/v8.5.82/bin/extras/catalina-ws.jar.asc Mon Aug  8 
22:00:21 2022
@@ -0,0 +1,16 @@
+-BEGIN PGP SIGNATURE-
+
+iQIzBAABCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAmLxhj8ACgkQHPApP6U8
+pFglAA/+JQEKmfTPuz5BUaHuIzFoKoghdkAnjTOCyQb1nPqe6+uq5Y4uMSdKDUck
+sBves7VX+6qyGQrFTsEmV0MoNrEMd53wHc85ow1jbTQvLIJoifzk2aEEfz1Qvuqg
+i02Ubx0komrtmLWDd/p6/95HQeEq4io8elv/CJKqFHc/VQTvFLcYrj8Ym8zVPtZ5
+rj3m0M7Rk4VMAnkRZs0fFZZo8kquO7qHaFE9KV/YrQdvOQyANoLRBazG1JOYqvpp
+Wn/sCCNJn+bySTLqNydGcuLj8JF6dBX8mCwvbRajCuFLHJfQPduURYItXFh6daiG
+brkob2L6vA08VlmA3/t5BYf1bU6FQg3KM6h0pwcIB1Yfm2dQYH3JZEc431Ebenfn
+cuPmNHyr91lOOi0g0XuZtF4WCw1V7KMftmJ9RwaqdPvO7PJr95f4Br4KFdP7c1MF
+PKkdEnlsm/lvQvUy9Pan7iRlggXlsyvhC+j9GZEZ6hYaUbP6mATbXObsiMOj88DS
+VOjk2PC96cmITCdb0EFDrb5DQQBJ+WaV5eAlQ8xSUzU2EpUpopS9D0NSBnPKGmu5
+Jfykn1ksaawoNWUYxB2K8HXUMt+VkKKe5Rp0kLjQeLDEStsmMw+VctHTmpALsLFD
+h3jMew7moZ3mCboMF8WGKMJ2B+P/NMtOQqNES3mBt9Nsw8BaQCE=
+=NUNQ
+-END PGP SIGNATURE-

Added: dev/tomcat/tomcat-8/v8.5.82/bin/extras/catalina-ws.jar.sha512
==
--- dev/tomcat/tomcat-8/v8.5.82/bin/extras/catalina-ws.jar.sha512 (added)
+++ dev/tomcat/tomcat-8/v8.5.82/bin/extras/catalina-ws.jar.sha512 Mon Aug  8 
22:00:21 2022
@@ -0,0 +1 @@
+ce755e456952829dca01aa7b6cf7cb62c619d126e16fc03538531816b319f039e2a554e1df70e5e42aa37a1308ef0f05b9dc10a9761f32ba9355ae8413cab62e
 *catalina-ws.jar
\ No newline at end of file

Added: dev/tomcat/tomcat-8/v8.5.82/src/apache-tomcat-8.5.82-src.tar.gz
==
Binary file - no diff available.

Propchange: dev/tomcat/tomcat-8/v8.5.82/src/apache-tomcat-8.5.82-src.tar.gz
--
svn:mime-type = application/octet-stream

Added: dev/tomcat/tomcat-8/v8.5.82/src/apache-tomcat-8.5.82-src.tar.gz.asc
==
--- dev/tomcat/tomcat-8/v8.5.82/src/apache-tomcat-8.5.82-src.tar.gz.asc (added)
+++ dev/tomcat/tomcat-8/v8.5.82/src/apache-tomcat-8.5.82-src.tar.gz.asc Mon Aug 
 8 22:00:21 2022
@@ -0,0 +1,16 @@
+-BEGIN PGP SIGNATURE-
+
+iQIzBAABCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAmLxhwMACgkQHPApP6U8
+pFgsOw/+KrqhHLLQHcHTk6NIoCWCPzdYqmEZPporS1B4cF+aZkBxs9lrx9Eev/vT
+NzPaZhB2z14ML2X8ZEGlsGy8yahzDgIxMDEyTMb0rMWrjRpfSmOwQSTrVrBTwjAN
+XxVCxtwXix+/kWpxSylp5fGQ98AOs2I7USr1Vjoq5pdmno76hovvAFJRMv5sGTSI
+OEB2haYTgEzJJrSSifT/5tzVH7zOPbgpQ5eRxFJ40j2HqP7PwCOQJ2cE+UiolHlV
+zkPn9Ge5tBLEqnL3KxkS9knljWX15/eJEkvc/7N+YqCrLboD8HY723+BFMvNcAEf
+dGRPVbiIscDH5OBvQ4MtSzfRuNkGjrJ276rfPJg9S+i0PGbkBLtPgHAzvt1kO/q1
+uzCefjro4Zf8s2+cRaaSASPA/uVxYB2c6ffLF5lKyblKNIgp419thyttbzA40ufP
+aYiJxvCUYssiVzLrHKm00QXQyAK4F/LLTFoA+v4p5gmUhPf2N7WPQMd/l9kLAOk1
+9aKrzaDwO8RntA5oJuB5+OID8qYS6dSaOBYZdoQYTy6reKpviadBdCGTIZCJXEt4
+l7SAkJ4LgRYVfSSleXc6P6uU4pqxtQjQUyFXIxShnL8Yd/xUUeQfS57b81rNQYMo
+BXJ0vpn661UrWr64IftTGtc0xywdd9Hz3fqZ36qcapyJEjggIM8=
+=cEPm
+-END PGP SIGNATURE-

Added: dev/tomcat/tomcat-8/v8.5.82/src/apache-tomcat-8.5.82-src.tar.gz.sha512
==
--- dev/tomcat/tomcat-8/v8.5.82/src/apache-tomcat-8.5.82-src.tar.gz.sha512 
(added)
+++ dev/tomcat/tomcat-8/v8.5.82/src/apache-tomcat-8.5.82-src.tar.gz.sha512 Mon 
Aug  8 22:00:21 2022
@@ -0,0 +1 @@
+3e0a0a808fb78493930ce8832731eba4ab3cc440387c3b5226ff6e4ac2faf5fd70eff1560d840d34f14a8acfd7e60fc8b7f638f3dbe0c0ed4569dc4271a9c3f2
 *apache-tomcat-8.5.82-src.tar.gz
\ No newline at end of file

Added: dev/tomcat/tomcat-8/v8.5.82/src/apache-tomcat-8.5.82-src.zip
==
Binary file - no diff available.

Propchange: dev/tomcat/tomcat-8/v8.5.82/src/apache-tomcat-8.5.82-src.zip
--
svn:mime-type = application/octet-stream

Added: dev/tomcat/tomcat-8/v8.5.82/src/apache-tomcat-8.5.82-src.zip.asc
==
--- dev/tomcat/tomcat-8/v8.5.82/src/apache-tomcat-8.5.82-src.zip.asc (added)
+++ dev/tomcat/tomcat-8/v8.5.82/src/apache-tomcat-8.5.82-src.zip.asc Mon Aug  8 
22:00:21 2022
@@ -0,0 +1,16 @@
+-BEGIN PGP SIGNATURE-
+
+iQIzBAABCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAmLxhvEACgkQHPApP6U8
+pFjWQxAAleZg4WnJxrQFOJ07VtbEO+CetPPbXupFWMQ9Dct9sumJb3clPs9xWJaq
+rPCPpYnnNqFxQkvvP3xWaPACPec92VQyc8OKqOfX0uQIPavGWNWjYvdNK82zT/kv
+q5pOEUslvQIPi4du8BmOF3m538MH64+xLVxDSb1n3WOZaBeTtjAI0NhPss1qcT//
+KBv6MKVowrv1NZtCC+sYsXUQcQOnDG/53m/FPqS8Zp98MUqqCSkM0r6nmvG4289l
+2oMKVJJb2bHjReETV0TnGm2JlDHVikUxfOAZMXDsrKw34ie/hTZYeI831qsWz6am
+K4H7RwvGaVAIhUHcihGeZByUmnJpduzZKxGG1M8s

svn commit: r56190 [1/2] - in /dev/tomcat/tomcat-8/v8.5.82: ./ bin/ bin/embed/ bin/extras/ src/

[schultz]

Author: schultz
Date: Mon Aug  8 22:00:21 2022
New Revision: 56190

Log:
Upload v8.5.82 for voting

Added:
dev/tomcat/tomcat-8/v8.5.82/
dev/tomcat/tomcat-8/v8.5.82/KEYS
dev/tomcat/tomcat-8/v8.5.82/README.html
dev/tomcat/tomcat-8/v8.5.82/RELEASE-NOTES
dev/tomcat/tomcat-8/v8.5.82/bin/
dev/tomcat/tomcat-8/v8.5.82/bin/README.html
dev/tomcat/tomcat-8/v8.5.82/bin/apache-tomcat-8.5.82-deployer.tar.gz   
(with props)
dev/tomcat/tomcat-8/v8.5.82/bin/apache-tomcat-8.5.82-deployer.tar.gz.asc
dev/tomcat/tomcat-8/v8.5.82/bin/apache-tomcat-8.5.82-deployer.tar.gz.sha512
dev/tomcat/tomcat-8/v8.5.82/bin/apache-tomcat-8.5.82-deployer.zip   (with 
props)
dev/tomcat/tomcat-8/v8.5.82/bin/apache-tomcat-8.5.82-deployer.zip.asc
dev/tomcat/tomcat-8/v8.5.82/bin/apache-tomcat-8.5.82-deployer.zip.sha512
dev/tomcat/tomcat-8/v8.5.82/bin/apache-tomcat-8.5.82-fulldocs.tar.gz   
(with props)
dev/tomcat/tomcat-8/v8.5.82/bin/apache-tomcat-8.5.82-fulldocs.tar.gz.asc
dev/tomcat/tomcat-8/v8.5.82/bin/apache-tomcat-8.5.82-fulldocs.tar.gz.sha512
dev/tomcat/tomcat-8/v8.5.82/bin/apache-tomcat-8.5.82-windows-x64.zip   
(with props)
dev/tomcat/tomcat-8/v8.5.82/bin/apache-tomcat-8.5.82-windows-x64.zip.asc
dev/tomcat/tomcat-8/v8.5.82/bin/apache-tomcat-8.5.82-windows-x64.zip.sha512
dev/tomcat/tomcat-8/v8.5.82/bin/apache-tomcat-8.5.82-windows-x86.zip   
(with props)
dev/tomcat/tomcat-8/v8.5.82/bin/apache-tomcat-8.5.82-windows-x86.zip.asc
dev/tomcat/tomcat-8/v8.5.82/bin/apache-tomcat-8.5.82-windows-x86.zip.sha512
dev/tomcat/tomcat-8/v8.5.82/bin/apache-tomcat-8.5.82.exe   (with props)
dev/tomcat/tomcat-8/v8.5.82/bin/apache-tomcat-8.5.82.exe.asc
dev/tomcat/tomcat-8/v8.5.82/bin/apache-tomcat-8.5.82.exe.sha512
dev/tomcat/tomcat-8/v8.5.82/bin/apache-tomcat-8.5.82.tar.gz   (with props)
dev/tomcat/tomcat-8/v8.5.82/bin/apache-tomcat-8.5.82.tar.gz.asc
dev/tomcat/tomcat-8/v8.5.82/bin/apache-tomcat-8.5.82.tar.gz.sha512
dev/tomcat/tomcat-8/v8.5.82/bin/apache-tomcat-8.5.82.zip   (with props)
dev/tomcat/tomcat-8/v8.5.82/bin/apache-tomcat-8.5.82.zip.asc
dev/tomcat/tomcat-8/v8.5.82/bin/apache-tomcat-8.5.82.zip.sha512
dev/tomcat/tomcat-8/v8.5.82/bin/embed/
dev/tomcat/tomcat-8/v8.5.82/bin/embed/apache-tomcat-8.5.82-embed.tar.gz   
(with props)
dev/tomcat/tomcat-8/v8.5.82/bin/embed/apache-tomcat-8.5.82-embed.tar.gz.asc

dev/tomcat/tomcat-8/v8.5.82/bin/embed/apache-tomcat-8.5.82-embed.tar.gz.sha512
dev/tomcat/tomcat-8/v8.5.82/bin/embed/apache-tomcat-8.5.82-embed.zip   
(with props)
dev/tomcat/tomcat-8/v8.5.82/bin/embed/apache-tomcat-8.5.82-embed.zip.asc
dev/tomcat/tomcat-8/v8.5.82/bin/embed/apache-tomcat-8.5.82-embed.zip.sha512
dev/tomcat/tomcat-8/v8.5.82/bin/extras/
dev/tomcat/tomcat-8/v8.5.82/bin/extras/catalina-ws.jar   (with props)
dev/tomcat/tomcat-8/v8.5.82/bin/extras/catalina-ws.jar.asc
dev/tomcat/tomcat-8/v8.5.82/bin/extras/catalina-ws.jar.sha512
dev/tomcat/tomcat-8/v8.5.82/src/
dev/tomcat/tomcat-8/v8.5.82/src/apache-tomcat-8.5.82-src.tar.gz   (with 
props)
dev/tomcat/tomcat-8/v8.5.82/src/apache-tomcat-8.5.82-src.tar.gz.asc
dev/tomcat/tomcat-8/v8.5.82/src/apache-tomcat-8.5.82-src.tar.gz.sha512
dev/tomcat/tomcat-8/v8.5.82/src/apache-tomcat-8.5.82-src.zip   (with props)
dev/tomcat/tomcat-8/v8.5.82/src/apache-tomcat-8.5.82-src.zip.asc
dev/tomcat/tomcat-8/v8.5.82/src/apache-tomcat-8.5.82-src.zip.sha512

Added: dev/tomcat/tomcat-8/v8.5.82/KEYS
==
--- dev/tomcat/tomcat-8/v8.5.82/KEYS (added)
+++ dev/tomcat/tomcat-8/v8.5.82/KEYS Mon Aug  8 22:00:21 2022
@@ -0,0 +1,785 @@
+This file contains the PGP&GPG keys of various Apache developers.
+Please don't use them for email unless you have to. Their main
+purpose is code signing.
+
+Apache users: pgp < KEYS
+Apache developers:
+(pgpk -ll  && pgpk -xa ) >> this file.
+  or
+(gpg --fingerprint --list-sigs 
+ && gpg --armor --export ) >> this file.
+
+Apache developers: please ensure that your key is also available via the
+PGP keyservers (such as pgpkeys.mit.edu).
+
+
+Type Bits/KeyIDDate   User ID
+pub  2048/F22C4FED 2001/07/02 Andy Armstrong 
+
+-BEGIN PGP PUBLIC KEY BLOCK-
+Version: PGPfreeware 7.0.3 for non-commercial use 
+
+mQGiBDtAWuURBADZ0KUEyUkSUiTA09e7tvEbX25STsjxrR+DNTainCls+XlkVOij
+gBv216lqge9tIsS0L6hCP4OQbFf/64qVtJssX4QXdyiZGb5wpmcj0Mz602Ew8r+N
+I0S5NvmogoYWW7BlP4r61jNxO5zrr03KaijM5r4ipJdLUxyOmM6P2jRPUwCg/5gm
+bpqiYl7pXX5FgDeB36tmD+UD/06iLqOnoiKO0vMbOk7URclhCObMNrHqxTxozMTS
+B9soYURbIeArei+plYo2n+1qB12ayybjhVu3uksXRdT9bEkyxMfslvLbIpDAG8Cz
+gNftTbKx/MVS7cQU0II8BKo2Akr+1FZah+sD4ovK8SfkMXUQUbTeefTntsAQKyyU
+9M9tA/9on9tBiHFl0qVJht6N4GiJ2G689v7rS2giLgKjetjiCduxBXEgvUSuyQID
+nF9ATrpXjITwsRlGKFmpZiFm5oCeCXihIVH0u6q066xNW2AXkLVoJ1l1Rs2Z0lsb
+0cq3xEAcwAmYLKQvCtgDV8CYgWKVmPi+49rSuQn7Lo9l02OUbLQgQW

[tomcat] 01/01: Tag 8.5.82

[schultz]

This is an automated email from the ASF dual-hosted git repository.

schultz pushed a commit to tag 8.5.82
in repository https://gitbox.apache.org/repos/asf/tomcat.git

commit 237076605ea6b44ec7b97ee1158d5aa7f2f0b53c
Author: schultz 
AuthorDate: Mon Aug 8 14:42:31 2022 -0700

Tag 8.5.82
---
 build.properties.release | 43 
 res/maven/mvn.properties.release | 27 +
 webapps/docs/changelog.xml   |  4 ++--
 3 files changed, 72 insertions(+), 2 deletions(-)

diff --git a/build.properties.release b/build.properties.release
new file mode 100644
index 00..e9d55b192d
--- /dev/null
+++ b/build.properties.release
@@ -0,0 +1,43 @@
+# -
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements.  See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License.  You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# -
+
+# This file was auto-generated by the pre-release Ant target
+
+# Set the version-dev to "" (empty string) as this is not a development 
release.
+version.dev=
+
+# Ensure consistent timestamps for reproducible builds
+ant.tstamp.now.iso=2022-08-08T21:26:07Z
+
+# Reproducible builds require the use of the build tools defined below. The
+# vendors (where appropriate) and versions must match exactly for a 
reproducible
+# build since this data is embedded in various files, particularly JAR file
+# manifests, as part of the build process
+#
+# Apache Ant:  Apache Ant(TM) version 1.10.12 compiled on October 13 2021
+#
+# Java Name:   OpenJDK 64-Bit Server VM
+# Java Vendor: Eclipse Adoptium
+# Java Version:11.0.15+10
+
+# The following is provided for information only. Builds will be repeatable
+# whether or not the build ennvironment in consistent with this information
+#
+# OS:  amd64 Windows 10 10.0
+# File encoding:   Cp1252
+#
+# Release Manager: schultz
diff --git a/res/maven/mvn.properties.release b/res/maven/mvn.properties.release
new file mode 100644
index 00..44a154c5ed
--- /dev/null
+++ b/res/maven/mvn.properties.release
@@ -0,0 +1,27 @@
+# -
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements.  See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License.  You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# -
+
+# This file was auto-generated by the pre-release Ant target
+
+# Remove "-dev" from the version since this is not a development release.
+maven.asf.release.deploy.version=8.5.82
+
+# Re-use the same GPG executable
+gpg.exec=C:/Program Files (x86)/gnupg/bin/gpg.exe
+
+# Set the user name to use to upload the artefacts to Nexus
+asf.ldap.username=schultz
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index caf4aeec6e..a1fd778e26 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -104,7 +104,7 @@
   They eventually become mixed with the numbered issues (i.e., numbered
   issues do not "pop up" wrt. others).
 -->
-
+
   
 
   
@@ -208,7 +208,7 @@
 
   
 
-
+
   
 
   


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] tag 8.5.82 created (now 237076605e)

[schultz]

This is an automated email from the ASF dual-hosted git repository.

schultz pushed a change to tag 8.5.82
in repository https://gitbox.apache.org/repos/asf/tomcat.git


  at 237076605e (commit)
This tag includes the following new commits:

 new 237076605e Tag 8.5.82

The 1 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails.  The revisions
listed as "add" were already present in the repository and have only
been added to this reference.



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch 8.5.x updated: Make checkstyle happ...ier

[schultz]

This is an automated email from the ASF dual-hosted git repository.

schultz pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/8.5.x by this push:
 new 597756f26d Make checkstyle happ...ier
597756f26d is described below

commit 597756f26d6fc9fce53d5ba8bbd1740a3f307f09
Author: schultz 
AuthorDate: Mon Aug 8 14:39:37 2022 -0700

Make checkstyle happ...ier
---
 java/org/apache/catalina/users/MemoryUserDatabase.java | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/java/org/apache/catalina/users/MemoryUserDatabase.java 
b/java/org/apache/catalina/users/MemoryUserDatabase.java
index a1b4d57031..97e36ac3b8 100644
--- a/java/org/apache/catalina/users/MemoryUserDatabase.java
+++ b/java/org/apache/catalina/users/MemoryUserDatabase.java
@@ -638,7 +638,7 @@ public class MemoryUserDatabase implements UserDatabase {
 writer.print("\"");
 }
 writer.print(" roles=\"");
-for (Iterator roles=group.getRoles(); 
roles.hasNext(); ) {
+for (Iterator 
roles=group.getRoles();roles.hasNext();) {
 Role role = roles.next();
 writer.print(Escape.xml(role.getRolename()));
 if(roles.hasNext()) {
@@ -662,7 +662,7 @@ public class MemoryUserDatabase implements UserDatabase {
 writer.print("\"");
 }
 writer.print(" groups=\"");
-for (Iterator groups=user.getGroups(); 
groups.hasNext(); ) {
+for (Iterator 
groups=user.getGroups();groups.hasNext();) {
 Group group = groups.next();
 writer.print(Escape.xml(group.getGroupname()));
 if(groups.hasNext()) {
@@ -670,7 +670,7 @@ public class MemoryUserDatabase implements UserDatabase {
 }
 }
 writer.print("\" roles=\"");
-for (Iterator roles=user.getRoles(); 
roles.hasNext(); ) {
+for (Iterator 
roles=user.getRoles();roles.hasNext();) {
 Role role = roles.next();
 writer.print(Escape.xml(role.getRolename()));
 if(roles.hasNext()) {


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch 8.5.x updated: Make checkstyle happy

[schultz]

This is an automated email from the ASF dual-hosted git repository.

schultz pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/8.5.x by this push:
 new afc1f57986 Make checkstyle happy
afc1f57986 is described below

commit afc1f579860698489d2ad4e611408ea4d01dbf55
Author: Christopher Schultz 
AuthorDate: Mon Aug 8 17:36:15 2022 -0400

Make checkstyle happy
---
 java/org/apache/catalina/users/MemoryUserDatabase.java | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/java/org/apache/catalina/users/MemoryUserDatabase.java 
b/java/org/apache/catalina/users/MemoryUserDatabase.java
index 124ed32ca8..a1b4d57031 100644
--- a/java/org/apache/catalina/users/MemoryUserDatabase.java
+++ b/java/org/apache/catalina/users/MemoryUserDatabase.java
@@ -638,7 +638,7 @@ public class MemoryUserDatabase implements UserDatabase {
 writer.print("\"");
 }
 writer.print(" roles=\"");
-for(Iterator roles=group.getRoles(); 
roles.hasNext(); ) {
+for (Iterator roles=group.getRoles(); 
roles.hasNext(); ) {
 Role role = roles.next();
 writer.print(Escape.xml(role.getRolename()));
 if(roles.hasNext()) {
@@ -662,7 +662,7 @@ public class MemoryUserDatabase implements UserDatabase {
 writer.print("\"");
 }
 writer.print(" groups=\"");
-for(Iterator groups=user.getGroups(); 
groups.hasNext(); ) {
+for (Iterator groups=user.getGroups(); 
groups.hasNext(); ) {
 Group group = groups.next();
 writer.print(Escape.xml(group.getGroupname()));
 if(groups.hasNext()) {
@@ -670,7 +670,7 @@ public class MemoryUserDatabase implements UserDatabase {
 }
 }
 writer.print("\" roles=\"");
-for(Iterator roles=user.getRoles(); roles.hasNext(); 
) {
+for (Iterator roles=user.getRoles(); 
roles.hasNext(); ) {
 Role role = roles.next();
 writer.print(Escape.xml(role.getRolename()));
 if(roles.hasNext()) {


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch 8.5.x updated: Fix typo

[schultz]

This is an automated email from the ASF dual-hosted git repository.

schultz pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/8.5.x by this push:
 new de7df4e7c2 Fix typo
de7df4e7c2 is described below

commit de7df4e7c2be38ce16595bc11e59b9496745f7f9
Author: Christopher Schultz 
AuthorDate: Thu Aug 4 13:25:45 2022 -0400

Fix typo
---
 webapps/docs/changelog.xml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 860dfc34c0..caf4aeec6e 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -123,6 +123,7 @@
 Move control of XML-export logic from individual support classes into
 MemoryUserDatabase.save(). Deprecate and discontinue use of MemoryUser,
 MemoryRole, and MemoryGroup classes. (schultz)
+  
 
   
   


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch 8.5.x updated: Move logic to export MemoryUserDatabase to XML to be completely inside MemoryUserDatabase.save().

[schultz]

This is an automated email from the ASF dual-hosted git repository.

schultz pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/8.5.x by this push:
 new 23f60cb671 Move logic to export MemoryUserDatabase to XML to be 
completely inside MemoryUserDatabase.save().
23f60cb671 is described below

commit 23f60cb671038c1ea046aed69eecb43f644d40a0
Author: Christopher Schultz 
AuthorDate: Wed Aug 3 13:30:18 2022 -0400

Move logic to export MemoryUserDatabase to XML to be completely inside 
MemoryUserDatabase.save().

Also deprecate usage of MemoryUser, MemoryRole, and MemoryGroup classes.
---
 java/org/apache/catalina/users/MemoryGroup.java|  2 +
 java/org/apache/catalina/users/MemoryRole.java |  2 +
 java/org/apache/catalina/users/MemoryUser.java |  2 +
 .../apache/catalina/users/MemoryUserDatabase.java  | 72 +++---
 webapps/docs/changelog.xml |  6 +-
 5 files changed, 73 insertions(+), 11 deletions(-)

diff --git a/java/org/apache/catalina/users/MemoryGroup.java 
b/java/org/apache/catalina/users/MemoryGroup.java
index 4b5d74f400..309111ba08 100644
--- a/java/org/apache/catalina/users/MemoryGroup.java
+++ b/java/org/apache/catalina/users/MemoryGroup.java
@@ -35,7 +35,9 @@ import org.apache.tomcat.util.security.Escape;
  *
  * @author Craig R. McClanahan
  * @since 4.1
+ * @deprecated Use {@link AbstractGroup} instead.
  */
+@Deprecated
 public class MemoryGroup extends AbstractGroup {
 
 
diff --git a/java/org/apache/catalina/users/MemoryRole.java 
b/java/org/apache/catalina/users/MemoryRole.java
index af18d2b26e..4d0d13cf24 100644
--- a/java/org/apache/catalina/users/MemoryRole.java
+++ b/java/org/apache/catalina/users/MemoryRole.java
@@ -26,7 +26,9 @@ import org.apache.tomcat.util.security.Escape;
  *
  * @author Craig R. McClanahan
  * @since 4.1
+ * @deprecated Use {@link AbstractRole} instead.
  */
+@Deprecated
 public class MemoryRole extends AbstractRole {
 
 
diff --git a/java/org/apache/catalina/users/MemoryUser.java 
b/java/org/apache/catalina/users/MemoryUser.java
index 723497aa41..0d38f1963a 100644
--- a/java/org/apache/catalina/users/MemoryUser.java
+++ b/java/org/apache/catalina/users/MemoryUser.java
@@ -33,7 +33,9 @@ import org.apache.tomcat.util.security.Escape;
  *
  * @author Craig R. McClanahan
  * @since 4.1
+ * @deprecated Use {@link AbstractUser} instead.
  */
+@Deprecated
 public class MemoryUser extends AbstractUser {
 
 
diff --git a/java/org/apache/catalina/users/MemoryUserDatabase.java 
b/java/org/apache/catalina/users/MemoryUserDatabase.java
index 05b7d5eb2b..124ed32ca8 100644
--- a/java/org/apache/catalina/users/MemoryUserDatabase.java
+++ b/java/org/apache/catalina/users/MemoryUserDatabase.java
@@ -45,6 +45,7 @@ import 
org.apache.tomcat.util.digester.AbstractObjectCreationFactory;
 import org.apache.tomcat.util.digester.Digester;
 import org.apache.tomcat.util.file.ConfigFileLoader;
 import org.apache.tomcat.util.res.StringManager;
+import org.apache.tomcat.util.security.Escape;
 import org.xml.sax.Attributes;
 
 /**
@@ -295,7 +296,7 @@ public class MemoryUserDatabase implements UserDatabase {
 throw new IllegalArgumentException(msg);
 }
 
-MemoryGroup group = new MemoryGroup(this, groupname, description);
+Group group = new MemoryGroup(this, groupname, description);
 readLock.lock();
 try {
 groups.put(group.getGroupname(), group);
@@ -320,7 +321,7 @@ public class MemoryUserDatabase implements UserDatabase {
 throw new IllegalArgumentException(msg);
 }
 
-MemoryRole role = new MemoryRole(this, rolename, description);
+Role role = new MemoryRole(this, rolename, description);
 readLock.lock();
 try {
 roles.put(role.getRolename(), role);
@@ -347,7 +348,7 @@ public class MemoryUserDatabase implements UserDatabase {
 throw new IllegalArgumentException(msg);
 }
 
-MemoryUser user = new MemoryUser(this, username, password, fullName);
+User user = new MemoryUser(this, username, password, fullName);
 readLock.lock();
 try {
 users.put(user.getUsername(), user);
@@ -613,19 +614,70 @@ public class MemoryUserDatabase implements UserDatabase {
 // Print entries for each defined role, group, and user
 Iterator values = null;
 values = getRoles();
-while (values.hasNext()) {
-writer.print("  ");
-writer.println(values.next());
+while(values.hasNext()) {
+Role role = (Role)values.next();
+writer.print("  ");
 }
 values = getGroups();
 while (values.hasNext()) {
-writer.print("  ");
-writer.println(values.nex

Re: [tomcat] branch 10.0.x updated: Fix checkstyle warnings

[Mark Thomas]

On 08/08/2022 21:29, Christopher Schultz wrote:

Mark,

On 8/8/22 15:37, ma...@apache.org wrote:

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 10.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/10.0.x by this push:
  new 5891d62e53 Fix checkstyle warnings
5891d62e53 is described below


Thanks. I was looking at back-porting your existing changes and I got 
caught up on 8.5.x which requires a slightly different solution from the 
other branches.


No worries. I would have left it but I needed to build Tomcat from 
source and it was quicker to back-port the fix than to edit my 
build.properties to disable checkstyle.


Mark



-chris


commit 5891d62e536d526968ab7dbbddc7324b695edfdc
Author: Mark Thomas 
AuthorDate: Mon Aug 8 13:19:08 2022 +0100

 Fix checkstyle warnings
---
  java/org/apache/catalina/users/MemoryGroup.java    |  1 -
  java/org/apache/catalina/users/MemoryUserDatabase.java | 12 
++--

  2 files changed, 6 insertions(+), 7 deletions(-)

diff --git a/java/org/apache/catalina/users/MemoryGroup.java 
b/java/org/apache/catalina/users/MemoryGroup.java

index 9de5b959f9..7f5d90eb2b 100644
--- a/java/org/apache/catalina/users/MemoryGroup.java
+++ b/java/org/apache/catalina/users/MemoryGroup.java
@@ -17,7 +17,6 @@
  package org.apache.catalina.users;
-import org.apache.catalina.Role;
  import org.apache.catalina.UserDatabase;
  import org.apache.tomcat.util.buf.StringUtils;
  import org.apache.tomcat.util.security.Escape;
diff --git a/java/org/apache/catalina/users/MemoryUserDatabase.java 
b/java/org/apache/catalina/users/MemoryUserDatabase.java

index 9c0ce74851..d251bbdbe6 100644
--- a/java/org/apache/catalina/users/MemoryUserDatabase.java
+++ b/java/org/apache/catalina/users/MemoryUserDatabase.java
@@ -296,7 +296,7 @@ public class MemoryUserDatabase implements 
UserDatabase {

  throw new IllegalArgumentException(msg);
  }
-    Group group = new GenericGroup(this, groupname, description, 
null);
+    Group group = new GenericGroup<>(this, groupname, 
description, null);

  readLock.lock();
  try {
  groups.put(group.getGroupname(), group);
@@ -321,7 +321,7 @@ public class MemoryUserDatabase implements 
UserDatabase {

  throw new IllegalArgumentException(msg);
  }
-    Role role = new GenericRole(this, rolename, description);
+    Role role = new GenericRole<>(this, rolename, description);
  readLock.lock();
  try {
  roles.put(role.getRolename(), role);
@@ -348,7 +348,7 @@ public class MemoryUserDatabase implements 
UserDatabase {

  throw new IllegalArgumentException(msg);
  }
-    User user = new GenericUser(this, username, password, 
fullName, null, null);
+    User user = new GenericUser<>(this, username, password, 
fullName, null, null);

  readLock.lock();
  try {
  users.put(user.getUsername(), user);
@@ -622,7 +622,7 @@ public class MemoryUserDatabase implements 
UserDatabase {

  writer.print("\"");
  }
  writer.print(" roles=\"");
-    for(Iterator roles=group.getRoles(); 
roles.hasNext(); ) {
+    for (Iterator roles=group.getRoles(); 
roles.hasNext();) {

  Role role = roles.next();
  writer.print(Escape.xml(role.getRolename()));
  if(roles.hasNext()) {
@@ -646,7 +646,7 @@ public class MemoryUserDatabase implements 
UserDatabase {

  writer.print("\"");
  }
  writer.print(" groups=\"");
-    for(Iterator groups=user.getGroups(); 
groups.hasNext(); ) {
+    for (Iterator groups=user.getGroups(); 
groups.hasNext();) {

  Group group = groups.next();
  writer.print(Escape.xml(group.getGroupname()));
  if(groups.hasNext()) {
@@ -654,7 +654,7 @@ public class MemoryUserDatabase implements 
UserDatabase {

  }
  }
  writer.print("\" roles=\"");
-    for(Iterator roles=user.getRoles(); 
roles.hasNext(); ) {
+    for (Iterator roles=user.getRoles(); 
roles.hasNext();) {

  Role role = roles.next();
  writer.print(Escape.xml(role.getRolename()));
  if(roles.hasNext()) {


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For addit

[tomcat] branch 8.5.x updated: Properly-escape role and group information when writing MemoryUserDatabase to an XML file.

[schultz]

This is an automated email from the ASF dual-hosted git repository.

schultz pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/8.5.x by this push:
 new 02805df258 Properly-escape role and group information when writing 
MemoryUserDatabase to an XML file.
02805df258 is described below

commit 02805df258843ad6506231091d937b04186941d0
Author: Christopher Schultz 
AuthorDate: Wed Aug 3 13:18:51 2022 -0400

Properly-escape role and group information when writing MemoryUserDatabase 
to an XML file.
---
 java/org/apache/catalina/users/MemoryGroup.java| 10 +++---
 java/org/apache/catalina/users/MemoryRole.java |  6 ++--
 .../catalina/users/MemoryUserDatabaseTests.java| 40 ++
 webapps/docs/changelog.xml |  4 +++
 4 files changed, 53 insertions(+), 7 deletions(-)

diff --git a/java/org/apache/catalina/users/MemoryGroup.java 
b/java/org/apache/catalina/users/MemoryGroup.java
index eafeb80968..4b5d74f400 100644
--- a/java/org/apache/catalina/users/MemoryGroup.java
+++ b/java/org/apache/catalina/users/MemoryGroup.java
@@ -27,7 +27,7 @@ import org.apache.catalina.User;
 import org.apache.catalina.UserDatabase;
 import org.apache.tomcat.util.buf.StringUtils;
 import org.apache.tomcat.util.buf.StringUtils.Function;
-
+import org.apache.tomcat.util.security.Escape;
 
 /**
  * Concrete implementation of {@link org.apache.catalina.Group} for the
@@ -165,16 +165,18 @@ public class MemoryGroup extends AbstractGroup {
 @Override
 public String toString() {
 StringBuilder sb = new StringBuilder("(){
-@Override public String apply(Role t) { return t.getRolename(); 
}}, sb);
+@Override public String apply(Role t) { return 
Escape.xml(t.getRolename()); }}, rsb);
+sb.append(rsb);
 sb.append("\"");
 sb.append("/>");
 return sb.toString();
diff --git a/java/org/apache/catalina/users/MemoryRole.java 
b/java/org/apache/catalina/users/MemoryRole.java
index b8f49702c2..af18d2b26e 100644
--- a/java/org/apache/catalina/users/MemoryRole.java
+++ b/java/org/apache/catalina/users/MemoryRole.java
@@ -18,7 +18,7 @@ package org.apache.catalina.users;
 
 
 import org.apache.catalina.UserDatabase;
-
+import org.apache.tomcat.util.security.Escape;
 
 /**
  * Concrete implementation of {@link org.apache.catalina.Role} for the
@@ -82,11 +82,11 @@ public class MemoryRole extends AbstractRole {
 @Override
 public String toString() {
 StringBuilder sb = new StringBuilder("");
diff --git a/test/org/apache/catalina/users/MemoryUserDatabaseTests.java 
b/test/org/apache/catalina/users/MemoryUserDatabaseTests.java
index 5724ac7829..fa97f93e6b 100644
--- a/test/org/apache/catalina/users/MemoryUserDatabaseTests.java
+++ b/test/org/apache/catalina/users/MemoryUserDatabaseTests.java
@@ -33,6 +33,8 @@ import org.junit.Assert;
 import org.junit.BeforeClass;
 import org.junit.Test;
 
+import org.apache.catalina.Group;
+import org.apache.catalina.Role;
 import org.apache.catalina.User;
 import org.apache.catalina.realm.GenericPrincipal;
 import org.apache.catalina.realm.UserDatabaseRealm;
@@ -216,4 +218,42 @@ public class MemoryUserDatabaseTests {
 
 Assert.assertEquals(expectedNames.length, j);
 }
+
+@Test
+public void testDataEscaping() throws Exception {
+File file = File.createTempFile("tomcat-users", ".xml");
+file.deleteOnExit();
+
+MemoryUserDatabase mud = new MemoryUserDatabase();
+Role role = mud.createRole("role\"name", "descr&iption");
+Group group = mud.createGroup("grou
+  
+Propertly-escape role and group information when writing
+MemoryUserDatabase to an XML file. (schultz)
+  
 
   
   


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: [tomcat] branch 10.0.x updated: Fix checkstyle warnings

[Christopher Schultz]

Mark,

On 8/8/22 15:37, ma...@apache.org wrote:

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 10.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/10.0.x by this push:
  new 5891d62e53 Fix checkstyle warnings
5891d62e53 is described below


Thanks. I was looking at back-porting your existing changes and I got 
caught up on 8.5.x which requires a slightly different solution from the 
other branches.


-chris


commit 5891d62e536d526968ab7dbbddc7324b695edfdc
Author: Mark Thomas 
AuthorDate: Mon Aug 8 13:19:08 2022 +0100

 Fix checkstyle warnings
---
  java/org/apache/catalina/users/MemoryGroup.java|  1 -
  java/org/apache/catalina/users/MemoryUserDatabase.java | 12 ++--
  2 files changed, 6 insertions(+), 7 deletions(-)

diff --git a/java/org/apache/catalina/users/MemoryGroup.java 
b/java/org/apache/catalina/users/MemoryGroup.java
index 9de5b959f9..7f5d90eb2b 100644
--- a/java/org/apache/catalina/users/MemoryGroup.java
+++ b/java/org/apache/catalina/users/MemoryGroup.java
@@ -17,7 +17,6 @@
  package org.apache.catalina.users;
  
  
-import org.apache.catalina.Role;

  import org.apache.catalina.UserDatabase;
  import org.apache.tomcat.util.buf.StringUtils;
  import org.apache.tomcat.util.security.Escape;
diff --git a/java/org/apache/catalina/users/MemoryUserDatabase.java 
b/java/org/apache/catalina/users/MemoryUserDatabase.java
index 9c0ce74851..d251bbdbe6 100644
--- a/java/org/apache/catalina/users/MemoryUserDatabase.java
+++ b/java/org/apache/catalina/users/MemoryUserDatabase.java
@@ -296,7 +296,7 @@ public class MemoryUserDatabase implements UserDatabase {
  throw new IllegalArgumentException(msg);
  }
  
-Group group = new GenericGroup(this, groupname, description, null);

+Group group = new GenericGroup<>(this, groupname, description, null);
  readLock.lock();
  try {
  groups.put(group.getGroupname(), group);
@@ -321,7 +321,7 @@ public class MemoryUserDatabase implements UserDatabase {
  throw new IllegalArgumentException(msg);
  }
  
-Role role = new GenericRole(this, rolename, description);

+Role role = new GenericRole<>(this, rolename, description);
  readLock.lock();
  try {
  roles.put(role.getRolename(), role);
@@ -348,7 +348,7 @@ public class MemoryUserDatabase implements UserDatabase {
  throw new IllegalArgumentException(msg);
  }
  
-User user = new GenericUser(this, username, password, fullName, null, null);

+User user = new GenericUser<>(this, username, password, fullName, 
null, null);
  readLock.lock();
  try {
  users.put(user.getUsername(), user);
@@ -622,7 +622,7 @@ public class MemoryUserDatabase implements UserDatabase {
  writer.print("\"");
  }
  writer.print(" roles=\"");
-for(Iterator roles=group.getRoles(); 
roles.hasNext(); ) {
+for (Iterator roles=group.getRoles(); 
roles.hasNext();) {
  Role role = roles.next();
  writer.print(Escape.xml(role.getRolename()));
  if(roles.hasNext()) {
@@ -646,7 +646,7 @@ public class MemoryUserDatabase implements UserDatabase {
  writer.print("\"");
  }
  writer.print(" groups=\"");
-for(Iterator groups=user.getGroups(); 
groups.hasNext(); ) {
+for (Iterator groups=user.getGroups(); 
groups.hasNext();) {
  Group group = groups.next();
  writer.print(Escape.xml(group.getGroupname()));
  if(groups.hasNext()) {
@@ -654,7 +654,7 @@ public class MemoryUserDatabase implements UserDatabase {
  }
  }
  writer.print("\" roles=\"");
-for(Iterator roles=user.getRoles(); roles.hasNext(); 
) {
+for (Iterator roles=user.getRoles(); 
roles.hasNext();) {
  Role role = roles.next();
  writer.print(Escape.xml(role.getRolename()));
  if(roles.hasNext()) {


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch 9.0.x updated: Fix checkstyle warnings

[markt]

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/9.0.x by this push:
 new fcbcd90ec0 Fix checkstyle warnings
fcbcd90ec0 is described below

commit fcbcd90ec0943a42d12b056c3f1eae87c959b4f8
Author: Mark Thomas 
AuthorDate: Mon Aug 8 13:19:08 2022 +0100

Fix checkstyle warnings
---
 java/org/apache/catalina/users/MemoryGroup.java|  1 -
 java/org/apache/catalina/users/MemoryUserDatabase.java | 12 ++--
 2 files changed, 6 insertions(+), 7 deletions(-)

diff --git a/java/org/apache/catalina/users/MemoryGroup.java 
b/java/org/apache/catalina/users/MemoryGroup.java
index 9de5b959f9..7f5d90eb2b 100644
--- a/java/org/apache/catalina/users/MemoryGroup.java
+++ b/java/org/apache/catalina/users/MemoryGroup.java
@@ -17,7 +17,6 @@
 package org.apache.catalina.users;
 
 
-import org.apache.catalina.Role;
 import org.apache.catalina.UserDatabase;
 import org.apache.tomcat.util.buf.StringUtils;
 import org.apache.tomcat.util.security.Escape;
diff --git a/java/org/apache/catalina/users/MemoryUserDatabase.java 
b/java/org/apache/catalina/users/MemoryUserDatabase.java
index 9c0ce74851..d251bbdbe6 100644
--- a/java/org/apache/catalina/users/MemoryUserDatabase.java
+++ b/java/org/apache/catalina/users/MemoryUserDatabase.java
@@ -296,7 +296,7 @@ public class MemoryUserDatabase implements UserDatabase {
 throw new IllegalArgumentException(msg);
 }
 
-Group group = new GenericGroup(this, groupname, description, null);
+Group group = new GenericGroup<>(this, groupname, description, null);
 readLock.lock();
 try {
 groups.put(group.getGroupname(), group);
@@ -321,7 +321,7 @@ public class MemoryUserDatabase implements UserDatabase {
 throw new IllegalArgumentException(msg);
 }
 
-Role role = new GenericRole(this, rolename, description);
+Role role = new GenericRole<>(this, rolename, description);
 readLock.lock();
 try {
 roles.put(role.getRolename(), role);
@@ -348,7 +348,7 @@ public class MemoryUserDatabase implements UserDatabase {
 throw new IllegalArgumentException(msg);
 }
 
-User user = new GenericUser(this, username, password, fullName, null, 
null);
+User user = new GenericUser<>(this, username, password, fullName, 
null, null);
 readLock.lock();
 try {
 users.put(user.getUsername(), user);
@@ -622,7 +622,7 @@ public class MemoryUserDatabase implements UserDatabase {
 writer.print("\"");
 }
 writer.print(" roles=\"");
-for(Iterator roles=group.getRoles(); 
roles.hasNext(); ) {
+for (Iterator roles=group.getRoles(); 
roles.hasNext();) {
 Role role = roles.next();
 writer.print(Escape.xml(role.getRolename()));
 if(roles.hasNext()) {
@@ -646,7 +646,7 @@ public class MemoryUserDatabase implements UserDatabase {
 writer.print("\"");
 }
 writer.print(" groups=\"");
-for(Iterator groups=user.getGroups(); 
groups.hasNext(); ) {
+for (Iterator groups=user.getGroups(); 
groups.hasNext();) {
 Group group = groups.next();
 writer.print(Escape.xml(group.getGroupname()));
 if(groups.hasNext()) {
@@ -654,7 +654,7 @@ public class MemoryUserDatabase implements UserDatabase {
 }
 }
 writer.print("\" roles=\"");
-for(Iterator roles=user.getRoles(); roles.hasNext(); 
) {
+for (Iterator roles=user.getRoles(); 
roles.hasNext();) {
 Role role = roles.next();
 writer.print(Escape.xml(role.getRolename()));
 if(roles.hasNext()) {


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch 10.0.x updated: Fix checkstyle warnings

[markt]

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 10.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/10.0.x by this push:
 new 5891d62e53 Fix checkstyle warnings
5891d62e53 is described below

commit 5891d62e536d526968ab7dbbddc7324b695edfdc
Author: Mark Thomas 
AuthorDate: Mon Aug 8 13:19:08 2022 +0100

Fix checkstyle warnings
---
 java/org/apache/catalina/users/MemoryGroup.java|  1 -
 java/org/apache/catalina/users/MemoryUserDatabase.java | 12 ++--
 2 files changed, 6 insertions(+), 7 deletions(-)

diff --git a/java/org/apache/catalina/users/MemoryGroup.java 
b/java/org/apache/catalina/users/MemoryGroup.java
index 9de5b959f9..7f5d90eb2b 100644
--- a/java/org/apache/catalina/users/MemoryGroup.java
+++ b/java/org/apache/catalina/users/MemoryGroup.java
@@ -17,7 +17,6 @@
 package org.apache.catalina.users;
 
 
-import org.apache.catalina.Role;
 import org.apache.catalina.UserDatabase;
 import org.apache.tomcat.util.buf.StringUtils;
 import org.apache.tomcat.util.security.Escape;
diff --git a/java/org/apache/catalina/users/MemoryUserDatabase.java 
b/java/org/apache/catalina/users/MemoryUserDatabase.java
index 9c0ce74851..d251bbdbe6 100644
--- a/java/org/apache/catalina/users/MemoryUserDatabase.java
+++ b/java/org/apache/catalina/users/MemoryUserDatabase.java
@@ -296,7 +296,7 @@ public class MemoryUserDatabase implements UserDatabase {
 throw new IllegalArgumentException(msg);
 }
 
-Group group = new GenericGroup(this, groupname, description, null);
+Group group = new GenericGroup<>(this, groupname, description, null);
 readLock.lock();
 try {
 groups.put(group.getGroupname(), group);
@@ -321,7 +321,7 @@ public class MemoryUserDatabase implements UserDatabase {
 throw new IllegalArgumentException(msg);
 }
 
-Role role = new GenericRole(this, rolename, description);
+Role role = new GenericRole<>(this, rolename, description);
 readLock.lock();
 try {
 roles.put(role.getRolename(), role);
@@ -348,7 +348,7 @@ public class MemoryUserDatabase implements UserDatabase {
 throw new IllegalArgumentException(msg);
 }
 
-User user = new GenericUser(this, username, password, fullName, null, 
null);
+User user = new GenericUser<>(this, username, password, fullName, 
null, null);
 readLock.lock();
 try {
 users.put(user.getUsername(), user);
@@ -622,7 +622,7 @@ public class MemoryUserDatabase implements UserDatabase {
 writer.print("\"");
 }
 writer.print(" roles=\"");
-for(Iterator roles=group.getRoles(); 
roles.hasNext(); ) {
+for (Iterator roles=group.getRoles(); 
roles.hasNext();) {
 Role role = roles.next();
 writer.print(Escape.xml(role.getRolename()));
 if(roles.hasNext()) {
@@ -646,7 +646,7 @@ public class MemoryUserDatabase implements UserDatabase {
 writer.print("\"");
 }
 writer.print(" groups=\"");
-for(Iterator groups=user.getGroups(); 
groups.hasNext(); ) {
+for (Iterator groups=user.getGroups(); 
groups.hasNext();) {
 Group group = groups.next();
 writer.print(Escape.xml(group.getGroupname()));
 if(groups.hasNext()) {
@@ -654,7 +654,7 @@ public class MemoryUserDatabase implements UserDatabase {
 }
 }
 writer.print("\" roles=\"");
-for(Iterator roles=user.getRoles(); roles.hasNext(); 
) {
+for (Iterator roles=user.getRoles(); 
roles.hasNext();) {
 Role role = roles.next();
 writer.print(Escape.xml(role.getRolename()));
 if(roles.hasNext()) {


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch 8.5.x updated: Fix tests. Stricter host checking rejected port value of "-1"

[markt]

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/8.5.x by this push:
 new b23c565fc3 Fix tests. Stricter host checking rejected port value of 
"-1"
b23c565fc3 is described below

commit b23c565fc30cd84539fbecce5be4c358fe5615c4
Author: Mark Thomas 
AuthorDate: Mon Aug 8 20:30:50 2022 +0100

Fix tests. Stricter host checking rejected port value of "-1"
---
 test/org/apache/coyote/http2/TestHttp2Section_8_1.java | 6 --
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/test/org/apache/coyote/http2/TestHttp2Section_8_1.java 
b/test/org/apache/coyote/http2/TestHttp2Section_8_1.java
index 9dd15841f9..a935aa1580 100644
--- a/test/org/apache/coyote/http2/TestHttp2Section_8_1.java
+++ b/test/org/apache/coyote/http2/TestHttp2Section_8_1.java
@@ -185,6 +185,8 @@ public class TestHttp2Section_8_1 extends Http2TestBase {
 
 @Test
 public void testUndefinedPseudoHeader() throws Exception {
+http2Connect();
+
 List headers = new ArrayList<>(5);
 headers.add(new Header(":method", "GET"));
 headers.add(new Header(":scheme", "http"));
@@ -198,6 +200,8 @@ public class TestHttp2Section_8_1 extends Http2TestBase {
 
 @Test
 public void testInvalidPseudoHeader() throws Exception {
+http2Connect();
+
 List headers = new ArrayList<>(5);
 headers.add(new Header(":method", "GET"));
 headers.add(new Header(":scheme", "http"));
@@ -406,8 +410,6 @@ public class TestHttp2Section_8_1 extends Http2TestBase {
 
 
 private void doInvalidPseudoHeaderTest(List headers) throws 
Exception {
-http2Connect();
-
 byte[] headersFrameHeader = new byte[9];
 ByteBuffer headersPayload = ByteBuffer.allocate(128);
 


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch 9.0.x updated: Fix tests. Stricter host checking rejected port value of "-1"

[markt]

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/9.0.x by this push:
 new ca6976bc79 Fix tests. Stricter host checking rejected port value of 
"-1"
ca6976bc79 is described below

commit ca6976bc7963e5bf347dba06bc9f9a1cab690295
Author: Mark Thomas 
AuthorDate: Mon Aug 8 20:30:50 2022 +0100

Fix tests. Stricter host checking rejected port value of "-1"
---
 test/org/apache/coyote/http2/TestHttp2Section_8_1.java | 6 --
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/test/org/apache/coyote/http2/TestHttp2Section_8_1.java 
b/test/org/apache/coyote/http2/TestHttp2Section_8_1.java
index 9dd15841f9..a935aa1580 100644
--- a/test/org/apache/coyote/http2/TestHttp2Section_8_1.java
+++ b/test/org/apache/coyote/http2/TestHttp2Section_8_1.java
@@ -185,6 +185,8 @@ public class TestHttp2Section_8_1 extends Http2TestBase {
 
 @Test
 public void testUndefinedPseudoHeader() throws Exception {
+http2Connect();
+
 List headers = new ArrayList<>(5);
 headers.add(new Header(":method", "GET"));
 headers.add(new Header(":scheme", "http"));
@@ -198,6 +200,8 @@ public class TestHttp2Section_8_1 extends Http2TestBase {
 
 @Test
 public void testInvalidPseudoHeader() throws Exception {
+http2Connect();
+
 List headers = new ArrayList<>(5);
 headers.add(new Header(":method", "GET"));
 headers.add(new Header(":scheme", "http"));
@@ -406,8 +410,6 @@ public class TestHttp2Section_8_1 extends Http2TestBase {
 
 
 private void doInvalidPseudoHeaderTest(List headers) throws 
Exception {
-http2Connect();
-
 byte[] headersFrameHeader = new byte[9];
 ByteBuffer headersPayload = ByteBuffer.allocate(128);
 


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch 10.0.x updated: Fix tests. Stricter host checking rejected port value of "-1"

[markt]

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 10.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/10.0.x by this push:
 new 80321a422a Fix tests. Stricter host checking rejected port value of 
"-1"
80321a422a is described below

commit 80321a422a403cc6f810829fd24d0c038abf5d3e
Author: Mark Thomas 
AuthorDate: Mon Aug 8 20:30:50 2022 +0100

Fix tests. Stricter host checking rejected port value of "-1"
---
 test/org/apache/coyote/http2/TestHttp2Section_8_1.java | 6 --
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/test/org/apache/coyote/http2/TestHttp2Section_8_1.java 
b/test/org/apache/coyote/http2/TestHttp2Section_8_1.java
index 4dca8550fe..981bf20c5b 100644
--- a/test/org/apache/coyote/http2/TestHttp2Section_8_1.java
+++ b/test/org/apache/coyote/http2/TestHttp2Section_8_1.java
@@ -186,6 +186,8 @@ public class TestHttp2Section_8_1 extends Http2TestBase {
 
 @Test
 public void testUndefinedPseudoHeader() throws Exception {
+http2Connect();
+
 List headers = new ArrayList<>(5);
 headers.add(new Header(":method", "GET"));
 headers.add(new Header(":scheme", "http"));
@@ -199,6 +201,8 @@ public class TestHttp2Section_8_1 extends Http2TestBase {
 
 @Test
 public void testInvalidPseudoHeader() throws Exception {
+http2Connect();
+
 List headers = new ArrayList<>(5);
 headers.add(new Header(":method", "GET"));
 headers.add(new Header(":scheme", "http"));
@@ -407,8 +411,6 @@ public class TestHttp2Section_8_1 extends Http2TestBase {
 
 
 private void doInvalidPseudoHeaderTest(List headers) throws 
Exception {
-http2Connect();
-
 byte[] headersFrameHeader = new byte[9];
 ByteBuffer headersPayload = ByteBuffer.allocate(128);
 


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch main updated: Fix tests. Stricter host checking rejected port value of "-1"

[markt]

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/main by this push:
 new f6ce45c3e9 Fix tests. Stricter host checking rejected port value of 
"-1"
f6ce45c3e9 is described below

commit f6ce45c3e9788320f3c1bd164a61ead1452fcad3
Author: Mark Thomas 
AuthorDate: Mon Aug 8 20:30:50 2022 +0100

Fix tests. Stricter host checking rejected port value of "-1"
---
 test/org/apache/coyote/http2/TestHttp2Section_8_1.java | 6 --
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/test/org/apache/coyote/http2/TestHttp2Section_8_1.java 
b/test/org/apache/coyote/http2/TestHttp2Section_8_1.java
index 4dca8550fe..981bf20c5b 100644
--- a/test/org/apache/coyote/http2/TestHttp2Section_8_1.java
+++ b/test/org/apache/coyote/http2/TestHttp2Section_8_1.java
@@ -186,6 +186,8 @@ public class TestHttp2Section_8_1 extends Http2TestBase {
 
 @Test
 public void testUndefinedPseudoHeader() throws Exception {
+http2Connect();
+
 List headers = new ArrayList<>(5);
 headers.add(new Header(":method", "GET"));
 headers.add(new Header(":scheme", "http"));
@@ -199,6 +201,8 @@ public class TestHttp2Section_8_1 extends Http2TestBase {
 
 @Test
 public void testInvalidPseudoHeader() throws Exception {
+http2Connect();
+
 List headers = new ArrayList<>(5);
 headers.add(new Header(":method", "GET"));
 headers.add(new Header(":scheme", "http"));
@@ -407,8 +411,6 @@ public class TestHttp2Section_8_1 extends Http2TestBase {
 
 
 private void doInvalidPseudoHeaderTest(List headers) throws 
Exception {
-http2Connect();
-
 byte[] headersFrameHeader = new byte[9];
 ByteBuffer headersPayload = ByteBuffer.allocate(128);
 


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] 02/03: Move logic to export MemoryUserDatabase to XML to be completely inside MemoryUserDatabase.save().

[schultz]

This is an automated email from the ASF dual-hosted git repository.

schultz pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git

commit a16c60c78e219d44a5b90a7891afe9a7666ec30f
Author: Christopher Schultz 
AuthorDate: Wed Aug 3 13:30:18 2022 -0400

Move logic to export MemoryUserDatabase to XML to be completely inside 
MemoryUserDatabase.save().

Also deprecated and discontinue usage of MemoryUSer, MemoryRole, and 
MemoryGroup classes.
---
 java/org/apache/catalina/users/MemoryGroup.java|  2 +
 java/org/apache/catalina/users/MemoryRole.java |  2 +
 java/org/apache/catalina/users/MemoryUser.java |  2 +
 .../apache/catalina/users/MemoryUserDatabase.java  | 72 +++---
 webapps/docs/changelog.xml |  6 +-
 5 files changed, 73 insertions(+), 11 deletions(-)

diff --git a/java/org/apache/catalina/users/MemoryGroup.java 
b/java/org/apache/catalina/users/MemoryGroup.java
index dfd02c4dcf..9de5b959f9 100644
--- a/java/org/apache/catalina/users/MemoryGroup.java
+++ b/java/org/apache/catalina/users/MemoryGroup.java
@@ -28,7 +28,9 @@ import org.apache.tomcat.util.security.Escape;
  *
  * @author Craig R. McClanahan
  * @since 4.1
+ * @deprecated Use {@link GenericGroup} instead.
  */
+@Deprecated
 public class MemoryGroup extends GenericGroup {
 
 
diff --git a/java/org/apache/catalina/users/MemoryRole.java 
b/java/org/apache/catalina/users/MemoryRole.java
index 3f0f5855c7..08f6cec0bf 100644
--- a/java/org/apache/catalina/users/MemoryRole.java
+++ b/java/org/apache/catalina/users/MemoryRole.java
@@ -26,7 +26,9 @@ import org.apache.tomcat.util.security.Escape;
  *
  * @author Craig R. McClanahan
  * @since 4.1
+ * @deprecated Use {@link GenericRole} instead.
  */
+@Deprecated
 public class MemoryRole extends GenericRole {
 
 
diff --git a/java/org/apache/catalina/users/MemoryUser.java 
b/java/org/apache/catalina/users/MemoryUser.java
index f271fb2b3f..4d241fe6f5 100644
--- a/java/org/apache/catalina/users/MemoryUser.java
+++ b/java/org/apache/catalina/users/MemoryUser.java
@@ -27,7 +27,9 @@ import org.apache.tomcat.util.security.Escape;
  *
  * @author Craig R. McClanahan
  * @since 4.1
+ * @deprecated Use {@link GenericUser} instead.
  */
+@Deprecated
 public class MemoryUser extends GenericUser {
 
 
diff --git a/java/org/apache/catalina/users/MemoryUserDatabase.java 
b/java/org/apache/catalina/users/MemoryUserDatabase.java
index 207dec3010..9c0ce74851 100644
--- a/java/org/apache/catalina/users/MemoryUserDatabase.java
+++ b/java/org/apache/catalina/users/MemoryUserDatabase.java
@@ -45,6 +45,7 @@ import org.apache.tomcat.util.digester.Digester;
 import org.apache.tomcat.util.file.ConfigFileLoader;
 import org.apache.tomcat.util.file.ConfigurationSource;
 import org.apache.tomcat.util.res.StringManager;
+import org.apache.tomcat.util.security.Escape;
 import org.xml.sax.Attributes;
 
 /**
@@ -295,7 +296,7 @@ public class MemoryUserDatabase implements UserDatabase {
 throw new IllegalArgumentException(msg);
 }
 
-MemoryGroup group = new MemoryGroup(this, groupname, description);
+Group group = new GenericGroup(this, groupname, description, null);
 readLock.lock();
 try {
 groups.put(group.getGroupname(), group);
@@ -320,7 +321,7 @@ public class MemoryUserDatabase implements UserDatabase {
 throw new IllegalArgumentException(msg);
 }
 
-MemoryRole role = new MemoryRole(this, rolename, description);
+Role role = new GenericRole(this, rolename, description);
 readLock.lock();
 try {
 roles.put(role.getRolename(), role);
@@ -347,7 +348,7 @@ public class MemoryUserDatabase implements UserDatabase {
 throw new IllegalArgumentException(msg);
 }
 
-MemoryUser user = new MemoryUser(this, username, password, fullName);
+User user = new GenericUser(this, username, password, fullName, null, 
null);
 readLock.lock();
 try {
 users.put(user.getUsername(), user);
@@ -597,19 +598,70 @@ public class MemoryUserDatabase implements UserDatabase {
 // Print entries for each defined role, group, and user
 Iterator values = null;
 values = getRoles();
-while (values.hasNext()) {
-writer.print("  ");
-writer.println(values.next());
+while(values.hasNext()) {
+Role role = (Role)values.next();
+writer.print("  ");
 }
 values = getGroups();
 while (values.hasNext()) {
-writer.print("  ");
-writer.println(values.next());
+Group group = (Group)values.next();
+writer.print("   roles=group.getRoles(); 
roles.hasNext(); ) {
+Role role = roles.next();
+  

[tomcat] 01/03: Propertly-escape role and group information when writing MemoryUserDatabase to an XML file.

[schultz]

This is an automated email from the ASF dual-hosted git repository.

schultz pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git

commit cb536c94ab75f30254b45875f973c7f1b4c56d09
Author: Christopher Schultz 
AuthorDate: Wed Aug 3 13:18:51 2022 -0400

Propertly-escape role and group information when writing MemoryUserDatabase 
to an XML file.
---
 java/org/apache/catalina/users/MemoryGroup.java| 10 +++---
 java/org/apache/catalina/users/MemoryRole.java |  6 ++--
 .../catalina/users/MemoryUserDatabaseTests.java| 40 ++
 webapps/docs/changelog.xml |  4 +++
 4 files changed, 53 insertions(+), 7 deletions(-)

diff --git a/java/org/apache/catalina/users/MemoryGroup.java 
b/java/org/apache/catalina/users/MemoryGroup.java
index f1008ff80c..dfd02c4dcf 100644
--- a/java/org/apache/catalina/users/MemoryGroup.java
+++ b/java/org/apache/catalina/users/MemoryGroup.java
@@ -20,7 +20,7 @@ package org.apache.catalina.users;
 import org.apache.catalina.Role;
 import org.apache.catalina.UserDatabase;
 import org.apache.tomcat.util.buf.StringUtils;
-
+import org.apache.tomcat.util.security.Escape;
 
 /**
  * Concrete implementation of {@link org.apache.catalina.Group} for the
@@ -52,15 +52,17 @@ public class MemoryGroup extends 
GenericGroup {
 @Override
 public String toString() {
 StringBuilder sb = new StringBuilder(" Escape.xml(x.getRolename()), rsb);
+sb.append(rsb);
 sb.append("\"");
 sb.append("/>");
 return sb.toString();
diff --git a/java/org/apache/catalina/users/MemoryRole.java 
b/java/org/apache/catalina/users/MemoryRole.java
index 10f6d22548..3f0f5855c7 100644
--- a/java/org/apache/catalina/users/MemoryRole.java
+++ b/java/org/apache/catalina/users/MemoryRole.java
@@ -18,7 +18,7 @@ package org.apache.catalina.users;
 
 
 import org.apache.catalina.UserDatabase;
-
+import org.apache.tomcat.util.security.Escape;
 
 /**
  * Concrete implementation of {@link org.apache.catalina.Role} for the
@@ -50,11 +50,11 @@ public class MemoryRole extends 
GenericRole {
 @Override
 public String toString() {
 StringBuilder sb = new StringBuilder("");
diff --git a/test/org/apache/catalina/users/MemoryUserDatabaseTests.java 
b/test/org/apache/catalina/users/MemoryUserDatabaseTests.java
index 5724ac7829..fa97f93e6b 100644
--- a/test/org/apache/catalina/users/MemoryUserDatabaseTests.java
+++ b/test/org/apache/catalina/users/MemoryUserDatabaseTests.java
@@ -33,6 +33,8 @@ import org.junit.Assert;
 import org.junit.BeforeClass;
 import org.junit.Test;
 
+import org.apache.catalina.Group;
+import org.apache.catalina.Role;
 import org.apache.catalina.User;
 import org.apache.catalina.realm.GenericPrincipal;
 import org.apache.catalina.realm.UserDatabaseRealm;
@@ -216,4 +218,42 @@ public class MemoryUserDatabaseTests {
 
 Assert.assertEquals(expectedNames.length, j);
 }
+
+@Test
+public void testDataEscaping() throws Exception {
+File file = File.createTempFile("tomcat-users", ".xml");
+file.deleteOnExit();
+
+MemoryUserDatabase mud = new MemoryUserDatabase();
+Role role = mud.createRole("role\"name", "descr&iption");
+Group group = mud.createGroup("grou
+  
+Propertly-escape role and group information when writing
+MemoryUserDatabase to an XML file. (schultz)
+  
 
   
   


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] 03/03: Fix typo

[schultz]

This is an automated email from the ASF dual-hosted git repository.

schultz pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git

commit bc31c45743cc865149443acc51036d09f7344439
Author: Christopher Schultz 
AuthorDate: Thu Aug 4 13:25:45 2022 -0400

Fix typo
---
 webapps/docs/changelog.xml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index b6cdaa34c6..11a73a1017 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -127,6 +127,7 @@
 Move control of XML-export logic from individual support classes into
 MemoryUserDatabase.save(). Deprecate and discontinue use of MemoryUser,
 MemoryRole, and MemoryGroup classes. (schultz)
+  
 
   
   


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch 9.0.x updated (42e6aef54f -> bc31c45743)

[schultz]

This is an automated email from the ASF dual-hosted git repository.

schultz pushed a change to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


from 42e6aef54f Fix another edge case spotted by Han Li
 new cb536c94ab Propertly-escape role and group information when writing 
MemoryUserDatabase to an XML file.
 new a16c60c78e Move logic to export MemoryUserDatabase to XML to be 
completely inside MemoryUserDatabase.save().
 new bc31c45743 Fix typo

The 3 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails.  The revisions
listed as "add" were already present in the repository and have only
been added to this reference.


Summary of changes:
 java/org/apache/catalina/users/MemoryGroup.java| 12 ++--
 java/org/apache/catalina/users/MemoryRole.java |  8 ++-
 java/org/apache/catalina/users/MemoryUser.java |  2 +
 .../apache/catalina/users/MemoryUserDatabase.java  | 72 +++---
 .../catalina/users/MemoryUserDatabaseTests.java| 40 
 webapps/docs/changelog.xml |  9 +++
 6 files changed, 126 insertions(+), 17 deletions(-)


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] 02/03: Move logic to export MemoryUserDatabase to XML to be completely inside MemoryUserDatabase.save().

[schultz]

This is an automated email from the ASF dual-hosted git repository.

schultz pushed a commit to branch 10.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git

commit 6e39b23caeab8c6bffdac6775828f83c311cb128
Author: Christopher Schultz 
AuthorDate: Wed Aug 3 13:30:18 2022 -0400

Move logic to export MemoryUserDatabase to XML to be completely inside 
MemoryUserDatabase.save().

Also deprecated and discontinue usage of MemoryUSer, MemoryRole, and 
MemoryGroup classes.
---
 java/org/apache/catalina/users/MemoryGroup.java|  2 +
 java/org/apache/catalina/users/MemoryRole.java |  2 +
 java/org/apache/catalina/users/MemoryUser.java |  2 +
 .../apache/catalina/users/MemoryUserDatabase.java  | 72 +++---
 webapps/docs/changelog.xml |  6 +-
 5 files changed, 73 insertions(+), 11 deletions(-)

diff --git a/java/org/apache/catalina/users/MemoryGroup.java 
b/java/org/apache/catalina/users/MemoryGroup.java
index dfd02c4dcf..9de5b959f9 100644
--- a/java/org/apache/catalina/users/MemoryGroup.java
+++ b/java/org/apache/catalina/users/MemoryGroup.java
@@ -28,7 +28,9 @@ import org.apache.tomcat.util.security.Escape;
  *
  * @author Craig R. McClanahan
  * @since 4.1
+ * @deprecated Use {@link GenericGroup} instead.
  */
+@Deprecated
 public class MemoryGroup extends GenericGroup {
 
 
diff --git a/java/org/apache/catalina/users/MemoryRole.java 
b/java/org/apache/catalina/users/MemoryRole.java
index 3f0f5855c7..08f6cec0bf 100644
--- a/java/org/apache/catalina/users/MemoryRole.java
+++ b/java/org/apache/catalina/users/MemoryRole.java
@@ -26,7 +26,9 @@ import org.apache.tomcat.util.security.Escape;
  *
  * @author Craig R. McClanahan
  * @since 4.1
+ * @deprecated Use {@link GenericRole} instead.
  */
+@Deprecated
 public class MemoryRole extends GenericRole {
 
 
diff --git a/java/org/apache/catalina/users/MemoryUser.java 
b/java/org/apache/catalina/users/MemoryUser.java
index f271fb2b3f..4d241fe6f5 100644
--- a/java/org/apache/catalina/users/MemoryUser.java
+++ b/java/org/apache/catalina/users/MemoryUser.java
@@ -27,7 +27,9 @@ import org.apache.tomcat.util.security.Escape;
  *
  * @author Craig R. McClanahan
  * @since 4.1
+ * @deprecated Use {@link GenericUser} instead.
  */
+@Deprecated
 public class MemoryUser extends GenericUser {
 
 
diff --git a/java/org/apache/catalina/users/MemoryUserDatabase.java 
b/java/org/apache/catalina/users/MemoryUserDatabase.java
index 207dec3010..9c0ce74851 100644
--- a/java/org/apache/catalina/users/MemoryUserDatabase.java
+++ b/java/org/apache/catalina/users/MemoryUserDatabase.java
@@ -45,6 +45,7 @@ import org.apache.tomcat.util.digester.Digester;
 import org.apache.tomcat.util.file.ConfigFileLoader;
 import org.apache.tomcat.util.file.ConfigurationSource;
 import org.apache.tomcat.util.res.StringManager;
+import org.apache.tomcat.util.security.Escape;
 import org.xml.sax.Attributes;
 
 /**
@@ -295,7 +296,7 @@ public class MemoryUserDatabase implements UserDatabase {
 throw new IllegalArgumentException(msg);
 }
 
-MemoryGroup group = new MemoryGroup(this, groupname, description);
+Group group = new GenericGroup(this, groupname, description, null);
 readLock.lock();
 try {
 groups.put(group.getGroupname(), group);
@@ -320,7 +321,7 @@ public class MemoryUserDatabase implements UserDatabase {
 throw new IllegalArgumentException(msg);
 }
 
-MemoryRole role = new MemoryRole(this, rolename, description);
+Role role = new GenericRole(this, rolename, description);
 readLock.lock();
 try {
 roles.put(role.getRolename(), role);
@@ -347,7 +348,7 @@ public class MemoryUserDatabase implements UserDatabase {
 throw new IllegalArgumentException(msg);
 }
 
-MemoryUser user = new MemoryUser(this, username, password, fullName);
+User user = new GenericUser(this, username, password, fullName, null, 
null);
 readLock.lock();
 try {
 users.put(user.getUsername(), user);
@@ -597,19 +598,70 @@ public class MemoryUserDatabase implements UserDatabase {
 // Print entries for each defined role, group, and user
 Iterator values = null;
 values = getRoles();
-while (values.hasNext()) {
-writer.print("  ");
-writer.println(values.next());
+while(values.hasNext()) {
+Role role = (Role)values.next();
+writer.print("  ");
 }
 values = getGroups();
 while (values.hasNext()) {
-writer.print("  ");
-writer.println(values.next());
+Group group = (Group)values.next();
+writer.print("   roles=group.getRoles(); 
roles.hasNext(); ) {
+Role role = roles.next();
+ 

[tomcat] 03/03: Fix typo

[schultz]

This is an automated email from the ASF dual-hosted git repository.

schultz pushed a commit to branch 10.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git

commit 170331b7c8a30b76c6ab33c2eb738703490be919
Author: Christopher Schultz 
AuthorDate: Thu Aug 4 13:25:45 2022 -0400

Fix typo
---
 webapps/docs/changelog.xml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index e773afde8e..444c8b1de4 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -127,6 +127,7 @@
 Move control of XML-export logic from individual support classes into
 MemoryUserDatabase.save(). Deprecate and discontinue use of MemoryUser,
 MemoryRole, and MemoryGroup classes. (schultz)
+  
 
   
   


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] 01/03: Propertly-escape role and group information when writing MemoryUserDatabase to an XML file.

[schultz]

This is an automated email from the ASF dual-hosted git repository.

schultz pushed a commit to branch 10.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git

commit cb5052b28443680e2d1b144723cd306f5931df00
Author: Christopher Schultz 
AuthorDate: Wed Aug 3 13:18:51 2022 -0400

Propertly-escape role and group information when writing MemoryUserDatabase 
to an XML file.
---
 java/org/apache/catalina/users/MemoryGroup.java| 10 +++---
 java/org/apache/catalina/users/MemoryRole.java |  6 ++--
 .../catalina/users/MemoryUserDatabaseTests.java| 40 ++
 webapps/docs/changelog.xml |  4 +++
 4 files changed, 53 insertions(+), 7 deletions(-)

diff --git a/java/org/apache/catalina/users/MemoryGroup.java 
b/java/org/apache/catalina/users/MemoryGroup.java
index f1008ff80c..dfd02c4dcf 100644
--- a/java/org/apache/catalina/users/MemoryGroup.java
+++ b/java/org/apache/catalina/users/MemoryGroup.java
@@ -20,7 +20,7 @@ package org.apache.catalina.users;
 import org.apache.catalina.Role;
 import org.apache.catalina.UserDatabase;
 import org.apache.tomcat.util.buf.StringUtils;
-
+import org.apache.tomcat.util.security.Escape;
 
 /**
  * Concrete implementation of {@link org.apache.catalina.Group} for the
@@ -52,15 +52,17 @@ public class MemoryGroup extends 
GenericGroup {
 @Override
 public String toString() {
 StringBuilder sb = new StringBuilder(" Escape.xml(x.getRolename()), rsb);
+sb.append(rsb);
 sb.append("\"");
 sb.append("/>");
 return sb.toString();
diff --git a/java/org/apache/catalina/users/MemoryRole.java 
b/java/org/apache/catalina/users/MemoryRole.java
index 10f6d22548..3f0f5855c7 100644
--- a/java/org/apache/catalina/users/MemoryRole.java
+++ b/java/org/apache/catalina/users/MemoryRole.java
@@ -18,7 +18,7 @@ package org.apache.catalina.users;
 
 
 import org.apache.catalina.UserDatabase;
-
+import org.apache.tomcat.util.security.Escape;
 
 /**
  * Concrete implementation of {@link org.apache.catalina.Role} for the
@@ -50,11 +50,11 @@ public class MemoryRole extends 
GenericRole {
 @Override
 public String toString() {
 StringBuilder sb = new StringBuilder("");
diff --git a/test/org/apache/catalina/users/MemoryUserDatabaseTests.java 
b/test/org/apache/catalina/users/MemoryUserDatabaseTests.java
index 5724ac7829..fa97f93e6b 100644
--- a/test/org/apache/catalina/users/MemoryUserDatabaseTests.java
+++ b/test/org/apache/catalina/users/MemoryUserDatabaseTests.java
@@ -33,6 +33,8 @@ import org.junit.Assert;
 import org.junit.BeforeClass;
 import org.junit.Test;
 
+import org.apache.catalina.Group;
+import org.apache.catalina.Role;
 import org.apache.catalina.User;
 import org.apache.catalina.realm.GenericPrincipal;
 import org.apache.catalina.realm.UserDatabaseRealm;
@@ -216,4 +218,42 @@ public class MemoryUserDatabaseTests {
 
 Assert.assertEquals(expectedNames.length, j);
 }
+
+@Test
+public void testDataEscaping() throws Exception {
+File file = File.createTempFile("tomcat-users", ".xml");
+file.deleteOnExit();
+
+MemoryUserDatabase mud = new MemoryUserDatabase();
+Role role = mud.createRole("role\"name", "descr&iption");
+Group group = mud.createGroup("grou
+  
+Propertly-escape role and group information when writing
+MemoryUserDatabase to an XML file. (schultz)
+  
 
   
   


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch 10.0.x updated (53ba52616d -> 170331b7c8)

[schultz]

This is an automated email from the ASF dual-hosted git repository.

schultz pushed a change to branch 10.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


from 53ba52616d Fix another edge case spotted by Han Li
 new cb5052b284 Propertly-escape role and group information when writing 
MemoryUserDatabase to an XML file.
 new 6e39b23cae Move logic to export MemoryUserDatabase to XML to be 
completely inside MemoryUserDatabase.save().
 new 170331b7c8 Fix typo

The 3 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails.  The revisions
listed as "add" were already present in the repository and have only
been added to this reference.


Summary of changes:
 java/org/apache/catalina/users/MemoryGroup.java| 12 ++--
 java/org/apache/catalina/users/MemoryRole.java |  8 ++-
 java/org/apache/catalina/users/MemoryUser.java |  2 +
 .../apache/catalina/users/MemoryUserDatabase.java  | 72 +++---
 .../catalina/users/MemoryUserDatabaseTests.java| 40 
 webapps/docs/changelog.xml |  9 +++
 6 files changed, 126 insertions(+), 17 deletions(-)


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[GitHub] [tomcat-jakartaee-migration] markt-asf commented on pull request #30: Exception in thread "main" java.util.zip.ZipException: Bad CRC checksum for entry

[GitBox]

markt-asf commented on PR #30:
URL: 
https://github.com/apache/tomcat-jakartaee-migration/pull/30#issuecomment-1208293255

   If I am reading this correctly, a side-effect of this change is that entries 
that were previously `STORED` will now be `DEFLATED`.
   
   The only use case I am aware of that requires archive entries to be `STORED` 
is Spring Boot's fat jar (for performance reasons) and I can't think of any 
reason why such a JAR would need to be converted.
   
   Therefore, unless there are other objections, I intend to merge this PR in 
the next day or so.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch 9.0.x updated: Fix another edge case spotted by Han Li

[markt]

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/9.0.x by this push:
 new 42e6aef54f Fix another edge case spotted by Han Li
42e6aef54f is described below

commit 42e6aef54f9bfbd0c0a6858a95d8ccf487d6a6f3
Author: Mark Thomas 
AuthorDate: Mon Aug 8 16:29:11 2022 +0100

Fix another edge case spotted by Han Li
---
 java/org/apache/coyote/http2/Stream.java   |  2 +-
 .../apache/coyote/http2/TestHttp2Section_8_1.java  | 46 ++
 2 files changed, 30 insertions(+), 18 deletions(-)

diff --git a/java/org/apache/coyote/http2/Stream.java 
b/java/org/apache/coyote/http2/Stream.java
index 3cdcb547e4..8cb4ff0087 100644
--- a/java/org/apache/coyote/http2/Stream.java
+++ b/java/org/apache/coyote/http2/Stream.java
@@ -467,7 +467,7 @@ class Stream extends AbstractNonZeroStream implements 
HeaderEmitter {
 throw new HpackException(sm.getString("stream.header.invalid",
 getConnectionId(), getIdAsString(), "host", value));
 }
-if (i == -1 && !value.equals(coyoteRequest.serverName().getString()) ||
+if (i == -1 && (!value.equals(coyoteRequest.serverName().getString()) 
|| coyoteRequest.getServerPort() != -1) ||
 i > -1 && ((!value.substring(0, 
i).equals(coyoteRequest.serverName().getString()) ||
 Integer.parseInt(value.substring(i + 1)) != 
coyoteRequest.getServerPort( {
 // Host value inconsistent
diff --git a/test/org/apache/coyote/http2/TestHttp2Section_8_1.java 
b/test/org/apache/coyote/http2/TestHttp2Section_8_1.java
index 779d308cd0..9dd15841f9 100644
--- a/test/org/apache/coyote/http2/TestHttp2Section_8_1.java
+++ b/test/org/apache/coyote/http2/TestHttp2Section_8_1.java
@@ -344,40 +344,52 @@ public class TestHttp2Section_8_1 extends Http2TestBase {
 
 
 @Test
-public void testHostHeaderInconsistent() throws Exception {
+public void testHostHeaderInconsistent01() throws Exception {
 http2Connect();
 
-List headers = new ArrayList<>(4);
-headers.add(new Header(":method", "GET"));
-headers.add(new Header(":scheme", "http"));
-headers.add(new Header(":authority", "localhost:" + getPort()));
-headers.add(new Header(":path", "/simple"));
-headers.add(new Header("host", "otherhost:" + getPort()));
+doTestHostHeaderInconsistent("localhost:" + getPort(), "otherhost:" + 
getPort());
+}
 
-byte[] headersFrameHeader = new byte[9];
-ByteBuffer headersPayload = ByteBuffer.allocate(128);
 
-buildGetRequest(headersFrameHeader, headersPayload, null, headers , 3);
+@Test
+public void testHostHeaderInconsistent02() throws Exception {
+http2Connect();
 
-writeFrame(headersFrameHeader, headersPayload);
+doTestHostHeaderInconsistent("localhost", "otherhost");
+}
 
-parser.readFrame(true);
 
-String trace = output.getTrace();
-Assert.assertTrue(trace, trace.contains("0-Goaway-[1]-[9]"));
+@Test
+public void testHostHeaderInconsistent03() throws Exception {
+http2Connect();
+
+doTestHostHeaderInconsistent("localhost:" + getPort(), "localhost");
+}
+
+
+@Test
+public void testHostHeaderInconsistent04() throws Exception {
+http2Connect();
+
+doTestHostHeaderInconsistent("localhost", "localhost:" + getPort());
 }
 
 
 @Test
-public void testHostHeaderInconsistentNoPort() throws Exception {
+public void testHostHeaderInconsistent05() throws Exception {
 http2Connect();
 
+doTestHostHeaderInconsistent("localhost:" + getPort(), "otherhost:" + 
(getPort() + 1));
+}
+
+
+private void doTestHostHeaderInconsistent(String authority, String host) 
throws Exception {
 List headers = new ArrayList<>(4);
 headers.add(new Header(":method", "GET"));
 headers.add(new Header(":scheme", "http"));
-headers.add(new Header(":authority", "localhost"));
+headers.add(new Header(":authority", authority));
 headers.add(new Header(":path", "/simple"));
-headers.add(new Header("host", "otherhost"));
+headers.add(new Header("host", host));
 
 byte[] headersFrameHeader = new byte[9];
 ByteBuffer headersPayload = ByteBuffer.allocate(128);


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch 8.5.x updated: Fix another edge case spotted by Han Li

[markt]

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/8.5.x by this push:
 new 346312afdb Fix another edge case spotted by Han Li
346312afdb is described below

commit 346312afdb176c75b3328926d4f92d817183699b
Author: Mark Thomas 
AuthorDate: Mon Aug 8 16:29:11 2022 +0100

Fix another edge case spotted by Han Li
---
 java/org/apache/coyote/http2/Stream.java   |  2 +-
 .../apache/coyote/http2/TestHttp2Section_8_1.java  | 46 ++
 2 files changed, 30 insertions(+), 18 deletions(-)

diff --git a/java/org/apache/coyote/http2/Stream.java 
b/java/org/apache/coyote/http2/Stream.java
index f8b6d9db84..f426d31672 100644
--- a/java/org/apache/coyote/http2/Stream.java
+++ b/java/org/apache/coyote/http2/Stream.java
@@ -458,7 +458,7 @@ class Stream extends AbstractNonZeroStream implements 
HeaderEmitter {
 throw new HpackException(sm.getString("stream.header.invalid",
 getConnectionId(), getIdAsString(), "host", value));
 }
-if (i == -1 && !value.equals(coyoteRequest.serverName().getString()) ||
+if (i == -1 && (!value.equals(coyoteRequest.serverName().getString()) 
|| coyoteRequest.getServerPort() != -1) ||
 i > -1 && ((!value.substring(0, 
i).equals(coyoteRequest.serverName().getString()) ||
 Integer.parseInt(value.substring(i + 1)) != 
coyoteRequest.getServerPort( {
 // Host value inconsistent
diff --git a/test/org/apache/coyote/http2/TestHttp2Section_8_1.java 
b/test/org/apache/coyote/http2/TestHttp2Section_8_1.java
index 779d308cd0..9dd15841f9 100644
--- a/test/org/apache/coyote/http2/TestHttp2Section_8_1.java
+++ b/test/org/apache/coyote/http2/TestHttp2Section_8_1.java
@@ -344,40 +344,52 @@ public class TestHttp2Section_8_1 extends Http2TestBase {
 
 
 @Test
-public void testHostHeaderInconsistent() throws Exception {
+public void testHostHeaderInconsistent01() throws Exception {
 http2Connect();
 
-List headers = new ArrayList<>(4);
-headers.add(new Header(":method", "GET"));
-headers.add(new Header(":scheme", "http"));
-headers.add(new Header(":authority", "localhost:" + getPort()));
-headers.add(new Header(":path", "/simple"));
-headers.add(new Header("host", "otherhost:" + getPort()));
+doTestHostHeaderInconsistent("localhost:" + getPort(), "otherhost:" + 
getPort());
+}
 
-byte[] headersFrameHeader = new byte[9];
-ByteBuffer headersPayload = ByteBuffer.allocate(128);
 
-buildGetRequest(headersFrameHeader, headersPayload, null, headers , 3);
+@Test
+public void testHostHeaderInconsistent02() throws Exception {
+http2Connect();
 
-writeFrame(headersFrameHeader, headersPayload);
+doTestHostHeaderInconsistent("localhost", "otherhost");
+}
 
-parser.readFrame(true);
 
-String trace = output.getTrace();
-Assert.assertTrue(trace, trace.contains("0-Goaway-[1]-[9]"));
+@Test
+public void testHostHeaderInconsistent03() throws Exception {
+http2Connect();
+
+doTestHostHeaderInconsistent("localhost:" + getPort(), "localhost");
+}
+
+
+@Test
+public void testHostHeaderInconsistent04() throws Exception {
+http2Connect();
+
+doTestHostHeaderInconsistent("localhost", "localhost:" + getPort());
 }
 
 
 @Test
-public void testHostHeaderInconsistentNoPort() throws Exception {
+public void testHostHeaderInconsistent05() throws Exception {
 http2Connect();
 
+doTestHostHeaderInconsistent("localhost:" + getPort(), "otherhost:" + 
(getPort() + 1));
+}
+
+
+private void doTestHostHeaderInconsistent(String authority, String host) 
throws Exception {
 List headers = new ArrayList<>(4);
 headers.add(new Header(":method", "GET"));
 headers.add(new Header(":scheme", "http"));
-headers.add(new Header(":authority", "localhost"));
+headers.add(new Header(":authority", authority));
 headers.add(new Header(":path", "/simple"));
-headers.add(new Header("host", "otherhost"));
+headers.add(new Header("host", host));
 
 byte[] headersFrameHeader = new byte[9];
 ByteBuffer headersPayload = ByteBuffer.allocate(128);


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch 9.0.x updated: "-1" should not be a valid port number

[markt]

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/9.0.x by this push:
 new 178cb6de9c "-1" should not be a valid port number
178cb6de9c is described below

commit 178cb6de9c39f7f17e93ad5d60e0efc5278af363
Author: Mark Thomas 
AuthorDate: Mon Aug 8 16:28:26 2022 +0100

"-1" should not be a valid port number
---
 .../apache/tomcat/util/http/parser/HttpParser.java | 25 ++
 .../util/http/parser/TestHttpParserHost.java   |  9 
 2 files changed, 30 insertions(+), 4 deletions(-)

diff --git a/java/org/apache/tomcat/util/http/parser/HttpParser.java 
b/java/org/apache/tomcat/util/http/parser/HttpParser.java
index 76d79cae5e..2d21f02e68 100644
--- a/java/org/apache/tomcat/util/http/parser/HttpParser.java
+++ b/java/org/apache/tomcat/util/http/parser/HttpParser.java
@@ -785,7 +785,11 @@ public class HttpParser {
 return readHostDomainName(reader);
 }
 
-return pos;
+if (inIPv6) {
+return pos;
+} else {
+return validatePort(reader, pos);
+}
 }
 
 
@@ -877,7 +881,7 @@ public class HttpParser {
 
 c = reader.read();
 if (c == ':') {
-return pos;
+return validatePort(reader, pos);
 } else {
 if(c == -1) {
 return -1;
@@ -902,14 +906,27 @@ public class HttpParser {
 
 if (DomainParseState.COLON == state) {
 // State identifies the state of the previous character
-return pos - 1;
+return validatePort(reader, pos - 1);
 } else {
 return -1;
 }
 }
 
 
-/**
+static int validatePort(Reader reader, int colonPosition) throws 
IOException {
+// Remaining characters should be numeric ...
+readLong(reader);
+// ... followed by EOS
+if (reader.read() == -1) {
+return colonPosition;
+} else {
+// Invalid port
+throw new IllegalArgumentException();
+}
+}
+
+
+ /**
  * Skips all characters until EOF or the specified target is found. 
Normally
  * used to skip invalid input until the next separator.
  */
diff --git a/test/org/apache/tomcat/util/http/parser/TestHttpParserHost.java 
b/test/org/apache/tomcat/util/http/parser/TestHttpParserHost.java
index c146e4af81..e5b9bc0572 100644
--- a/test/org/apache/tomcat/util/http/parser/TestHttpParserHost.java
+++ b/test/org/apache/tomcat/util/http/parser/TestHttpParserHost.java
@@ -217,6 +217,15 @@ public class TestHttpParserHost {
 Integer.valueOf(-1), IAE} );
 result.add(new Object[] { TestType.IPv6, "[::]",
 Integer.valueOf(-1), IAE} );
+// Domain name - invalid port
+result.add(new Object[] { TestType.IPv4, "localhost:x", 
Integer.valueOf(-1), IAE} );
+result.add(new Object[] { TestType.IPv4, "localhost:-1", 
Integer.valueOf(-1), IAE} );
+// IPv4 - invalid port
+result.add(new Object[] { TestType.IPv4, "127.0.0.1:x", 
Integer.valueOf(-1), IAE} );
+result.add(new Object[] { TestType.IPv4, "127.0.0.1:-1", 
Integer.valueOf(-1), IAE} );
+// IPv6 - invalid port
+result.add(new Object[] { TestType.IPv4, "[::1]:x", 
Integer.valueOf(-1), IAE} );
+result.add(new Object[] { TestType.IPv4, "[::1]:-1", 
Integer.valueOf(-1), IAE} );
 return result;
 }
 


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch 10.0.x updated: Fix another edge case spotted by Han Li

[markt]

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 10.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/10.0.x by this push:
 new 53ba52616d Fix another edge case spotted by Han Li
53ba52616d is described below

commit 53ba52616d05df28745d6ece571920face054746
Author: Mark Thomas 
AuthorDate: Mon Aug 8 16:29:11 2022 +0100

Fix another edge case spotted by Han Li
---
 java/org/apache/coyote/http2/Stream.java   |  2 +-
 .../apache/coyote/http2/TestHttp2Section_8_1.java  | 46 ++
 2 files changed, 30 insertions(+), 18 deletions(-)

diff --git a/java/org/apache/coyote/http2/Stream.java 
b/java/org/apache/coyote/http2/Stream.java
index 0deb2d7237..820091e7f3 100644
--- a/java/org/apache/coyote/http2/Stream.java
+++ b/java/org/apache/coyote/http2/Stream.java
@@ -467,7 +467,7 @@ class Stream extends AbstractNonZeroStream implements 
HeaderEmitter {
 throw new HpackException(sm.getString("stream.header.invalid",
 getConnectionId(), getIdAsString(), "host", value));
 }
-if (i == -1 && !value.equals(coyoteRequest.serverName().getString()) ||
+if (i == -1 && (!value.equals(coyoteRequest.serverName().getString()) 
|| coyoteRequest.getServerPort() != -1) ||
 i > -1 && ((!value.substring(0, 
i).equals(coyoteRequest.serverName().getString()) ||
 Integer.parseInt(value.substring(i + 1)) != 
coyoteRequest.getServerPort( {
 // Host value inconsistent
diff --git a/test/org/apache/coyote/http2/TestHttp2Section_8_1.java 
b/test/org/apache/coyote/http2/TestHttp2Section_8_1.java
index eeab280c6b..4dca8550fe 100644
--- a/test/org/apache/coyote/http2/TestHttp2Section_8_1.java
+++ b/test/org/apache/coyote/http2/TestHttp2Section_8_1.java
@@ -345,40 +345,52 @@ public class TestHttp2Section_8_1 extends Http2TestBase {
 
 
 @Test
-public void testHostHeaderInconsistent() throws Exception {
+public void testHostHeaderInconsistent01() throws Exception {
 http2Connect();
 
-List headers = new ArrayList<>(4);
-headers.add(new Header(":method", "GET"));
-headers.add(new Header(":scheme", "http"));
-headers.add(new Header(":authority", "localhost:" + getPort()));
-headers.add(new Header(":path", "/simple"));
-headers.add(new Header("host", "otherhost:" + getPort()));
+doTestHostHeaderInconsistent("localhost:" + getPort(), "otherhost:" + 
getPort());
+}
 
-byte[] headersFrameHeader = new byte[9];
-ByteBuffer headersPayload = ByteBuffer.allocate(128);
 
-buildGetRequest(headersFrameHeader, headersPayload, null, headers , 3);
+@Test
+public void testHostHeaderInconsistent02() throws Exception {
+http2Connect();
 
-writeFrame(headersFrameHeader, headersPayload);
+doTestHostHeaderInconsistent("localhost", "otherhost");
+}
 
-parser.readFrame(true);
 
-String trace = output.getTrace();
-Assert.assertTrue(trace, trace.contains("0-Goaway-[1]-[9]"));
+@Test
+public void testHostHeaderInconsistent03() throws Exception {
+http2Connect();
+
+doTestHostHeaderInconsistent("localhost:" + getPort(), "localhost");
+}
+
+
+@Test
+public void testHostHeaderInconsistent04() throws Exception {
+http2Connect();
+
+doTestHostHeaderInconsistent("localhost", "localhost:" + getPort());
 }
 
 
 @Test
-public void testHostHeaderInconsistentNoPort() throws Exception {
+public void testHostHeaderInconsistent05() throws Exception {
 http2Connect();
 
+doTestHostHeaderInconsistent("localhost:" + getPort(), "otherhost:" + 
(getPort() + 1));
+}
+
+
+private void doTestHostHeaderInconsistent(String authority, String host) 
throws Exception {
 List headers = new ArrayList<>(4);
 headers.add(new Header(":method", "GET"));
 headers.add(new Header(":scheme", "http"));
-headers.add(new Header(":authority", "localhost"));
+headers.add(new Header(":authority", authority));
 headers.add(new Header(":path", "/simple"));
-headers.add(new Header("host", "otherhost"));
+headers.add(new Header("host", host));
 
 byte[] headersFrameHeader = new byte[9];
 ByteBuffer headersPayload = ByteBuffer.allocate(128);


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch main updated: Fix another edge case spotted by Han Li

[markt]

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/main by this push:
 new 353a2780b1 Fix another edge case spotted by Han Li
353a2780b1 is described below

commit 353a2780b161b65da32044e54e03a3461c9cb472
Author: Mark Thomas 
AuthorDate: Mon Aug 8 16:29:11 2022 +0100

Fix another edge case spotted by Han Li
---
 java/org/apache/coyote/http2/Stream.java   |  2 +-
 .../apache/coyote/http2/TestHttp2Section_8_1.java  | 46 ++
 2 files changed, 30 insertions(+), 18 deletions(-)

diff --git a/java/org/apache/coyote/http2/Stream.java 
b/java/org/apache/coyote/http2/Stream.java
index 538ed0ba4d..0bfc076d9f 100644
--- a/java/org/apache/coyote/http2/Stream.java
+++ b/java/org/apache/coyote/http2/Stream.java
@@ -472,7 +472,7 @@ class Stream extends AbstractNonZeroStream implements 
HeaderEmitter {
 throw new HpackException(sm.getString("stream.header.invalid",
 getConnectionId(), getIdAsString(), "host", value));
 }
-if (i == -1 && !value.equals(coyoteRequest.serverName().getString()) ||
+if (i == -1 && (!value.equals(coyoteRequest.serverName().getString()) 
|| coyoteRequest.getServerPort() != -1) ||
 i > -1 && ((!value.substring(0, 
i).equals(coyoteRequest.serverName().getString()) ||
 Integer.parseInt(value.substring(i + 1)) != 
coyoteRequest.getServerPort( {
 // Host value inconsistent
diff --git a/test/org/apache/coyote/http2/TestHttp2Section_8_1.java 
b/test/org/apache/coyote/http2/TestHttp2Section_8_1.java
index eeab280c6b..4dca8550fe 100644
--- a/test/org/apache/coyote/http2/TestHttp2Section_8_1.java
+++ b/test/org/apache/coyote/http2/TestHttp2Section_8_1.java
@@ -345,40 +345,52 @@ public class TestHttp2Section_8_1 extends Http2TestBase {
 
 
 @Test
-public void testHostHeaderInconsistent() throws Exception {
+public void testHostHeaderInconsistent01() throws Exception {
 http2Connect();
 
-List headers = new ArrayList<>(4);
-headers.add(new Header(":method", "GET"));
-headers.add(new Header(":scheme", "http"));
-headers.add(new Header(":authority", "localhost:" + getPort()));
-headers.add(new Header(":path", "/simple"));
-headers.add(new Header("host", "otherhost:" + getPort()));
+doTestHostHeaderInconsistent("localhost:" + getPort(), "otherhost:" + 
getPort());
+}
 
-byte[] headersFrameHeader = new byte[9];
-ByteBuffer headersPayload = ByteBuffer.allocate(128);
 
-buildGetRequest(headersFrameHeader, headersPayload, null, headers , 3);
+@Test
+public void testHostHeaderInconsistent02() throws Exception {
+http2Connect();
 
-writeFrame(headersFrameHeader, headersPayload);
+doTestHostHeaderInconsistent("localhost", "otherhost");
+}
 
-parser.readFrame(true);
 
-String trace = output.getTrace();
-Assert.assertTrue(trace, trace.contains("0-Goaway-[1]-[9]"));
+@Test
+public void testHostHeaderInconsistent03() throws Exception {
+http2Connect();
+
+doTestHostHeaderInconsistent("localhost:" + getPort(), "localhost");
+}
+
+
+@Test
+public void testHostHeaderInconsistent04() throws Exception {
+http2Connect();
+
+doTestHostHeaderInconsistent("localhost", "localhost:" + getPort());
 }
 
 
 @Test
-public void testHostHeaderInconsistentNoPort() throws Exception {
+public void testHostHeaderInconsistent05() throws Exception {
 http2Connect();
 
+doTestHostHeaderInconsistent("localhost:" + getPort(), "otherhost:" + 
(getPort() + 1));
+}
+
+
+private void doTestHostHeaderInconsistent(String authority, String host) 
throws Exception {
 List headers = new ArrayList<>(4);
 headers.add(new Header(":method", "GET"));
 headers.add(new Header(":scheme", "http"));
-headers.add(new Header(":authority", "localhost"));
+headers.add(new Header(":authority", authority));
 headers.add(new Header(":path", "/simple"));
-headers.add(new Header("host", "otherhost"));
+headers.add(new Header("host", host));
 
 byte[] headersFrameHeader = new byte[9];
 ByteBuffer headersPayload = ByteBuffer.allocate(128);


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch main updated: "-1" should not be a valid port number

[markt]

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/main by this push:
 new 20724bd1eb "-1" should not be a valid port number
20724bd1eb is described below

commit 20724bd1eb8631bc7532730b267e8269f0bc78d5
Author: Mark Thomas 
AuthorDate: Mon Aug 8 16:28:26 2022 +0100

"-1" should not be a valid port number
---
 .../apache/tomcat/util/http/parser/HttpParser.java | 25 ++
 .../util/http/parser/TestHttpParserHost.java   |  9 
 2 files changed, 30 insertions(+), 4 deletions(-)

diff --git a/java/org/apache/tomcat/util/http/parser/HttpParser.java 
b/java/org/apache/tomcat/util/http/parser/HttpParser.java
index 76d79cae5e..2d21f02e68 100644
--- a/java/org/apache/tomcat/util/http/parser/HttpParser.java
+++ b/java/org/apache/tomcat/util/http/parser/HttpParser.java
@@ -785,7 +785,11 @@ public class HttpParser {
 return readHostDomainName(reader);
 }
 
-return pos;
+if (inIPv6) {
+return pos;
+} else {
+return validatePort(reader, pos);
+}
 }
 
 
@@ -877,7 +881,7 @@ public class HttpParser {
 
 c = reader.read();
 if (c == ':') {
-return pos;
+return validatePort(reader, pos);
 } else {
 if(c == -1) {
 return -1;
@@ -902,14 +906,27 @@ public class HttpParser {
 
 if (DomainParseState.COLON == state) {
 // State identifies the state of the previous character
-return pos - 1;
+return validatePort(reader, pos - 1);
 } else {
 return -1;
 }
 }
 
 
-/**
+static int validatePort(Reader reader, int colonPosition) throws 
IOException {
+// Remaining characters should be numeric ...
+readLong(reader);
+// ... followed by EOS
+if (reader.read() == -1) {
+return colonPosition;
+} else {
+// Invalid port
+throw new IllegalArgumentException();
+}
+}
+
+
+ /**
  * Skips all characters until EOF or the specified target is found. 
Normally
  * used to skip invalid input until the next separator.
  */
diff --git a/test/org/apache/tomcat/util/http/parser/TestHttpParserHost.java 
b/test/org/apache/tomcat/util/http/parser/TestHttpParserHost.java
index c146e4af81..e5b9bc0572 100644
--- a/test/org/apache/tomcat/util/http/parser/TestHttpParserHost.java
+++ b/test/org/apache/tomcat/util/http/parser/TestHttpParserHost.java
@@ -217,6 +217,15 @@ public class TestHttpParserHost {
 Integer.valueOf(-1), IAE} );
 result.add(new Object[] { TestType.IPv6, "[::]",
 Integer.valueOf(-1), IAE} );
+// Domain name - invalid port
+result.add(new Object[] { TestType.IPv4, "localhost:x", 
Integer.valueOf(-1), IAE} );
+result.add(new Object[] { TestType.IPv4, "localhost:-1", 
Integer.valueOf(-1), IAE} );
+// IPv4 - invalid port
+result.add(new Object[] { TestType.IPv4, "127.0.0.1:x", 
Integer.valueOf(-1), IAE} );
+result.add(new Object[] { TestType.IPv4, "127.0.0.1:-1", 
Integer.valueOf(-1), IAE} );
+// IPv6 - invalid port
+result.add(new Object[] { TestType.IPv4, "[::1]:x", 
Integer.valueOf(-1), IAE} );
+result.add(new Object[] { TestType.IPv4, "[::1]:-1", 
Integer.valueOf(-1), IAE} );
 return result;
 }
 


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch 8.5.x updated: "-1" should not be a valid port number

[markt]

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/8.5.x by this push:
 new 55976791a2 "-1" should not be a valid port number
55976791a2 is described below

commit 55976791a23b6b4d166d0358ba18c1ee3b648845
Author: Mark Thomas 
AuthorDate: Mon Aug 8 16:28:26 2022 +0100

"-1" should not be a valid port number
---
 .../apache/tomcat/util/http/parser/HttpParser.java | 25 ++
 .../util/http/parser/TestHttpParserHost.java   |  9 
 2 files changed, 30 insertions(+), 4 deletions(-)

diff --git a/java/org/apache/tomcat/util/http/parser/HttpParser.java 
b/java/org/apache/tomcat/util/http/parser/HttpParser.java
index 5d70f61f57..3dbd935d2a 100644
--- a/java/org/apache/tomcat/util/http/parser/HttpParser.java
+++ b/java/org/apache/tomcat/util/http/parser/HttpParser.java
@@ -805,7 +805,11 @@ public class HttpParser {
 return readHostDomainName(reader);
 }
 
-return pos;
+if (inIPv6) {
+return pos;
+} else {
+return validatePort(reader, pos);
+}
 }
 
 
@@ -897,7 +901,7 @@ public class HttpParser {
 
 c = reader.read();
 if (c == ':') {
-return pos;
+return validatePort(reader, pos);
 } else {
 if(c == -1) {
 return -1;
@@ -922,14 +926,27 @@ public class HttpParser {
 
 if (DomainParseState.COLON == state) {
 // State identifies the state of the previous character
-return pos - 1;
+return validatePort(reader, pos - 1);
 } else {
 return -1;
 }
 }
 
 
-/**
+static int validatePort(Reader reader, int colonPosition) throws 
IOException {
+// Remaining characters should be numeric ...
+readLong(reader);
+// ... followed by EOS
+if (reader.read() == -1) {
+return colonPosition;
+} else {
+// Invalid port
+throw new IllegalArgumentException();
+}
+}
+
+
+ /**
  * Skips all characters until EOF or the specified target is found. 
Normally
  * used to skip invalid input until the next separator.
  */
diff --git a/test/org/apache/tomcat/util/http/parser/TestHttpParserHost.java 
b/test/org/apache/tomcat/util/http/parser/TestHttpParserHost.java
index bd8a55e16e..a162472551 100644
--- a/test/org/apache/tomcat/util/http/parser/TestHttpParserHost.java
+++ b/test/org/apache/tomcat/util/http/parser/TestHttpParserHost.java
@@ -216,6 +216,15 @@ public class TestHttpParserHost {
 Integer.valueOf(-1), IAE} );
 result.add(new Object[] { TestType.IPv6, "[::]",
 Integer.valueOf(-1), IAE} );
+// Domain name - invalid port
+result.add(new Object[] { TestType.IPv4, "localhost:x", 
Integer.valueOf(-1), IAE} );
+result.add(new Object[] { TestType.IPv4, "localhost:-1", 
Integer.valueOf(-1), IAE} );
+// IPv4 - invalid port
+result.add(new Object[] { TestType.IPv4, "127.0.0.1:x", 
Integer.valueOf(-1), IAE} );
+result.add(new Object[] { TestType.IPv4, "127.0.0.1:-1", 
Integer.valueOf(-1), IAE} );
+// IPv6 - invalid port
+result.add(new Object[] { TestType.IPv4, "[::1]:x", 
Integer.valueOf(-1), IAE} );
+result.add(new Object[] { TestType.IPv4, "[::1]:-1", 
Integer.valueOf(-1), IAE} );
 return result;
 }
 


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch 10.0.x updated: "-1" should not be a valid port number

[markt]

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 10.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/10.0.x by this push:
 new b1689e067b "-1" should not be a valid port number
b1689e067b is described below

commit b1689e067b911bcebc0b54640abdb2ff444fd866
Author: Mark Thomas 
AuthorDate: Mon Aug 8 16:28:26 2022 +0100

"-1" should not be a valid port number
---
 .../apache/tomcat/util/http/parser/HttpParser.java | 25 ++
 .../util/http/parser/TestHttpParserHost.java   |  9 
 2 files changed, 30 insertions(+), 4 deletions(-)

diff --git a/java/org/apache/tomcat/util/http/parser/HttpParser.java 
b/java/org/apache/tomcat/util/http/parser/HttpParser.java
index 76d79cae5e..2d21f02e68 100644
--- a/java/org/apache/tomcat/util/http/parser/HttpParser.java
+++ b/java/org/apache/tomcat/util/http/parser/HttpParser.java
@@ -785,7 +785,11 @@ public class HttpParser {
 return readHostDomainName(reader);
 }
 
-return pos;
+if (inIPv6) {
+return pos;
+} else {
+return validatePort(reader, pos);
+}
 }
 
 
@@ -877,7 +881,7 @@ public class HttpParser {
 
 c = reader.read();
 if (c == ':') {
-return pos;
+return validatePort(reader, pos);
 } else {
 if(c == -1) {
 return -1;
@@ -902,14 +906,27 @@ public class HttpParser {
 
 if (DomainParseState.COLON == state) {
 // State identifies the state of the previous character
-return pos - 1;
+return validatePort(reader, pos - 1);
 } else {
 return -1;
 }
 }
 
 
-/**
+static int validatePort(Reader reader, int colonPosition) throws 
IOException {
+// Remaining characters should be numeric ...
+readLong(reader);
+// ... followed by EOS
+if (reader.read() == -1) {
+return colonPosition;
+} else {
+// Invalid port
+throw new IllegalArgumentException();
+}
+}
+
+
+ /**
  * Skips all characters until EOF or the specified target is found. 
Normally
  * used to skip invalid input until the next separator.
  */
diff --git a/test/org/apache/tomcat/util/http/parser/TestHttpParserHost.java 
b/test/org/apache/tomcat/util/http/parser/TestHttpParserHost.java
index c146e4af81..e5b9bc0572 100644
--- a/test/org/apache/tomcat/util/http/parser/TestHttpParserHost.java
+++ b/test/org/apache/tomcat/util/http/parser/TestHttpParserHost.java
@@ -217,6 +217,15 @@ public class TestHttpParserHost {
 Integer.valueOf(-1), IAE} );
 result.add(new Object[] { TestType.IPv6, "[::]",
 Integer.valueOf(-1), IAE} );
+// Domain name - invalid port
+result.add(new Object[] { TestType.IPv4, "localhost:x", 
Integer.valueOf(-1), IAE} );
+result.add(new Object[] { TestType.IPv4, "localhost:-1", 
Integer.valueOf(-1), IAE} );
+// IPv4 - invalid port
+result.add(new Object[] { TestType.IPv4, "127.0.0.1:x", 
Integer.valueOf(-1), IAE} );
+result.add(new Object[] { TestType.IPv4, "127.0.0.1:-1", 
Integer.valueOf(-1), IAE} );
+// IPv6 - invalid port
+result.add(new Object[] { TestType.IPv4, "[::1]:x", 
Integer.valueOf(-1), IAE} );
+result.add(new Object[] { TestType.IPv4, "[::1]:-1", 
Integer.valueOf(-1), IAE} );
 return result;
 }
 


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch 8.5.x updated: Correct logic of check- thanks to Han Li

[markt]

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/8.5.x by this push:
 new f341f65faf Correct logic of check- thanks to Han Li
f341f65faf is described below

commit f341f65faf10fe664163162a6bec7174d4d4150f
Author: Mark Thomas 
AuthorDate: Mon Aug 8 15:03:09 2022 +0100

Correct logic of check- thanks to Han Li
---
 java/org/apache/coyote/http2/Stream.java   |  2 +-
 .../apache/coyote/http2/TestHttp2Section_8_1.java  | 50 ++
 2 files changed, 51 insertions(+), 1 deletion(-)

diff --git a/java/org/apache/coyote/http2/Stream.java 
b/java/org/apache/coyote/http2/Stream.java
index 8349d204e7..f8b6d9db84 100644
--- a/java/org/apache/coyote/http2/Stream.java
+++ b/java/org/apache/coyote/http2/Stream.java
@@ -458,7 +458,7 @@ class Stream extends AbstractNonZeroStream implements 
HeaderEmitter {
 throw new HpackException(sm.getString("stream.header.invalid",
 getConnectionId(), getIdAsString(), "host", value));
 }
-if (i == -1 && value.equals(coyoteRequest.serverName().getString()) ||
+if (i == -1 && !value.equals(coyoteRequest.serverName().getString()) ||
 i > -1 && ((!value.substring(0, 
i).equals(coyoteRequest.serverName().getString()) ||
 Integer.parseInt(value.substring(i + 1)) != 
coyoteRequest.getServerPort( {
 // Host value inconsistent
diff --git a/test/org/apache/coyote/http2/TestHttp2Section_8_1.java 
b/test/org/apache/coyote/http2/TestHttp2Section_8_1.java
index ef57e98cef..779d308cd0 100644
--- a/test/org/apache/coyote/http2/TestHttp2Section_8_1.java
+++ b/test/org/apache/coyote/http2/TestHttp2Section_8_1.java
@@ -318,6 +318,31 @@ public class TestHttp2Section_8_1 extends Http2TestBase {
 }
 
 
+@Test
+public void testHostHeaderConsistentNoPort() throws Exception {
+http2Connect();
+
+List headers = new ArrayList<>(4);
+headers.add(new Header(":method", "GET"));
+headers.add(new Header(":scheme", "http"));
+headers.add(new Header(":authority", "localhost"));
+headers.add(new Header(":path", "/simple"));
+headers.add(new Header("host", "localhost"));
+
+byte[] headersFrameHeader = new byte[9];
+ByteBuffer headersPayload = ByteBuffer.allocate(128);
+
+buildGetRequest(headersFrameHeader, headersPayload, null, headers , 3);
+
+writeFrame(headersFrameHeader, headersPayload);
+
+parser.readFrame(true);
+
+String trace = output.getTrace();
+Assert.assertTrue(trace, trace.contains("3-Header-[:status]-[200]"));
+}
+
+
 @Test
 public void testHostHeaderInconsistent() throws Exception {
 http2Connect();
@@ -343,6 +368,31 @@ public class TestHttp2Section_8_1 extends Http2TestBase {
 }
 
 
+@Test
+public void testHostHeaderInconsistentNoPort() throws Exception {
+http2Connect();
+
+List headers = new ArrayList<>(4);
+headers.add(new Header(":method", "GET"));
+headers.add(new Header(":scheme", "http"));
+headers.add(new Header(":authority", "localhost"));
+headers.add(new Header(":path", "/simple"));
+headers.add(new Header("host", "otherhost"));
+
+byte[] headersFrameHeader = new byte[9];
+ByteBuffer headersPayload = ByteBuffer.allocate(128);
+
+buildGetRequest(headersFrameHeader, headersPayload, null, headers , 3);
+
+writeFrame(headersFrameHeader, headersPayload);
+
+parser.readFrame(true);
+
+String trace = output.getTrace();
+Assert.assertTrue(trace, trace.contains("0-Goaway-[1]-[9]"));
+}
+
+
 private void doInvalidPseudoHeaderTest(List headers) throws 
Exception {
 http2Connect();
 


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch 9.0.x updated: Correct logic of check- thanks to Han Li

[markt]

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/9.0.x by this push:
 new f88c2e13b4 Correct logic of check- thanks to Han Li
f88c2e13b4 is described below

commit f88c2e13b484c4bd7a2667a31f41a74adfa3d25d
Author: Mark Thomas 
AuthorDate: Mon Aug 8 15:03:09 2022 +0100

Correct logic of check- thanks to Han Li
---
 java/org/apache/coyote/http2/Stream.java   |  2 +-
 .../apache/coyote/http2/TestHttp2Section_8_1.java  | 50 ++
 2 files changed, 51 insertions(+), 1 deletion(-)

diff --git a/java/org/apache/coyote/http2/Stream.java 
b/java/org/apache/coyote/http2/Stream.java
index b9a2f77f12..3cdcb547e4 100644
--- a/java/org/apache/coyote/http2/Stream.java
+++ b/java/org/apache/coyote/http2/Stream.java
@@ -467,7 +467,7 @@ class Stream extends AbstractNonZeroStream implements 
HeaderEmitter {
 throw new HpackException(sm.getString("stream.header.invalid",
 getConnectionId(), getIdAsString(), "host", value));
 }
-if (i == -1 && value.equals(coyoteRequest.serverName().getString()) ||
+if (i == -1 && !value.equals(coyoteRequest.serverName().getString()) ||
 i > -1 && ((!value.substring(0, 
i).equals(coyoteRequest.serverName().getString()) ||
 Integer.parseInt(value.substring(i + 1)) != 
coyoteRequest.getServerPort( {
 // Host value inconsistent
diff --git a/test/org/apache/coyote/http2/TestHttp2Section_8_1.java 
b/test/org/apache/coyote/http2/TestHttp2Section_8_1.java
index ef57e98cef..779d308cd0 100644
--- a/test/org/apache/coyote/http2/TestHttp2Section_8_1.java
+++ b/test/org/apache/coyote/http2/TestHttp2Section_8_1.java
@@ -318,6 +318,31 @@ public class TestHttp2Section_8_1 extends Http2TestBase {
 }
 
 
+@Test
+public void testHostHeaderConsistentNoPort() throws Exception {
+http2Connect();
+
+List headers = new ArrayList<>(4);
+headers.add(new Header(":method", "GET"));
+headers.add(new Header(":scheme", "http"));
+headers.add(new Header(":authority", "localhost"));
+headers.add(new Header(":path", "/simple"));
+headers.add(new Header("host", "localhost"));
+
+byte[] headersFrameHeader = new byte[9];
+ByteBuffer headersPayload = ByteBuffer.allocate(128);
+
+buildGetRequest(headersFrameHeader, headersPayload, null, headers , 3);
+
+writeFrame(headersFrameHeader, headersPayload);
+
+parser.readFrame(true);
+
+String trace = output.getTrace();
+Assert.assertTrue(trace, trace.contains("3-Header-[:status]-[200]"));
+}
+
+
 @Test
 public void testHostHeaderInconsistent() throws Exception {
 http2Connect();
@@ -343,6 +368,31 @@ public class TestHttp2Section_8_1 extends Http2TestBase {
 }
 
 
+@Test
+public void testHostHeaderInconsistentNoPort() throws Exception {
+http2Connect();
+
+List headers = new ArrayList<>(4);
+headers.add(new Header(":method", "GET"));
+headers.add(new Header(":scheme", "http"));
+headers.add(new Header(":authority", "localhost"));
+headers.add(new Header(":path", "/simple"));
+headers.add(new Header("host", "otherhost"));
+
+byte[] headersFrameHeader = new byte[9];
+ByteBuffer headersPayload = ByteBuffer.allocate(128);
+
+buildGetRequest(headersFrameHeader, headersPayload, null, headers , 3);
+
+writeFrame(headersFrameHeader, headersPayload);
+
+parser.readFrame(true);
+
+String trace = output.getTrace();
+Assert.assertTrue(trace, trace.contains("0-Goaway-[1]-[9]"));
+}
+
+
 private void doInvalidPseudoHeaderTest(List headers) throws 
Exception {
 http2Connect();
 


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch main updated: Correct logic of check- thanks to Han Li

[markt]

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/main by this push:
 new 712854ff03 Correct logic of check- thanks to Han Li
712854ff03 is described below

commit 712854ff0341f94792c7448953780268c7a575e7
Author: Mark Thomas 
AuthorDate: Mon Aug 8 15:03:09 2022 +0100

Correct logic of check- thanks to Han Li
---
 java/org/apache/coyote/http2/Stream.java   |  2 +-
 .../apache/coyote/http2/TestHttp2Section_8_1.java  | 50 ++
 2 files changed, 51 insertions(+), 1 deletion(-)

diff --git a/java/org/apache/coyote/http2/Stream.java 
b/java/org/apache/coyote/http2/Stream.java
index 24f68c7e24..538ed0ba4d 100644
--- a/java/org/apache/coyote/http2/Stream.java
+++ b/java/org/apache/coyote/http2/Stream.java
@@ -472,7 +472,7 @@ class Stream extends AbstractNonZeroStream implements 
HeaderEmitter {
 throw new HpackException(sm.getString("stream.header.invalid",
 getConnectionId(), getIdAsString(), "host", value));
 }
-if (i == -1 && value.equals(coyoteRequest.serverName().getString()) ||
+if (i == -1 && !value.equals(coyoteRequest.serverName().getString()) ||
 i > -1 && ((!value.substring(0, 
i).equals(coyoteRequest.serverName().getString()) ||
 Integer.parseInt(value.substring(i + 1)) != 
coyoteRequest.getServerPort( {
 // Host value inconsistent
diff --git a/test/org/apache/coyote/http2/TestHttp2Section_8_1.java 
b/test/org/apache/coyote/http2/TestHttp2Section_8_1.java
index 3b47dc13ae..eeab280c6b 100644
--- a/test/org/apache/coyote/http2/TestHttp2Section_8_1.java
+++ b/test/org/apache/coyote/http2/TestHttp2Section_8_1.java
@@ -319,6 +319,31 @@ public class TestHttp2Section_8_1 extends Http2TestBase {
 }
 
 
+@Test
+public void testHostHeaderConsistentNoPort() throws Exception {
+http2Connect();
+
+List headers = new ArrayList<>(4);
+headers.add(new Header(":method", "GET"));
+headers.add(new Header(":scheme", "http"));
+headers.add(new Header(":authority", "localhost"));
+headers.add(new Header(":path", "/simple"));
+headers.add(new Header("host", "localhost"));
+
+byte[] headersFrameHeader = new byte[9];
+ByteBuffer headersPayload = ByteBuffer.allocate(128);
+
+buildGetRequest(headersFrameHeader, headersPayload, null, headers , 3);
+
+writeFrame(headersFrameHeader, headersPayload);
+
+parser.readFrame(true);
+
+String trace = output.getTrace();
+Assert.assertTrue(trace, trace.contains("3-Header-[:status]-[200]"));
+}
+
+
 @Test
 public void testHostHeaderInconsistent() throws Exception {
 http2Connect();
@@ -344,6 +369,31 @@ public class TestHttp2Section_8_1 extends Http2TestBase {
 }
 
 
+@Test
+public void testHostHeaderInconsistentNoPort() throws Exception {
+http2Connect();
+
+List headers = new ArrayList<>(4);
+headers.add(new Header(":method", "GET"));
+headers.add(new Header(":scheme", "http"));
+headers.add(new Header(":authority", "localhost"));
+headers.add(new Header(":path", "/simple"));
+headers.add(new Header("host", "otherhost"));
+
+byte[] headersFrameHeader = new byte[9];
+ByteBuffer headersPayload = ByteBuffer.allocate(128);
+
+buildGetRequest(headersFrameHeader, headersPayload, null, headers , 3);
+
+writeFrame(headersFrameHeader, headersPayload);
+
+parser.readFrame(true);
+
+String trace = output.getTrace();
+Assert.assertTrue(trace, trace.contains("0-Goaway-[1]-[9]"));
+}
+
+
 private void doInvalidPseudoHeaderTest(List headers) throws 
Exception {
 http2Connect();
 


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch 10.0.x updated: Correct logic of check- thanks to Han Li

[markt]

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 10.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/10.0.x by this push:
 new 77683f2e47 Correct logic of check- thanks to Han Li
77683f2e47 is described below

commit 77683f2e4778b84dbaf08f51bb6d4a6c6e63f2a4
Author: Mark Thomas 
AuthorDate: Mon Aug 8 15:03:09 2022 +0100

Correct logic of check- thanks to Han Li
---
 java/org/apache/coyote/http2/Stream.java   |  2 +-
 .../apache/coyote/http2/TestHttp2Section_8_1.java  | 50 ++
 2 files changed, 51 insertions(+), 1 deletion(-)

diff --git a/java/org/apache/coyote/http2/Stream.java 
b/java/org/apache/coyote/http2/Stream.java
index 13cc3a36f1..0deb2d7237 100644
--- a/java/org/apache/coyote/http2/Stream.java
+++ b/java/org/apache/coyote/http2/Stream.java
@@ -467,7 +467,7 @@ class Stream extends AbstractNonZeroStream implements 
HeaderEmitter {
 throw new HpackException(sm.getString("stream.header.invalid",
 getConnectionId(), getIdAsString(), "host", value));
 }
-if (i == -1 && value.equals(coyoteRequest.serverName().getString()) ||
+if (i == -1 && !value.equals(coyoteRequest.serverName().getString()) ||
 i > -1 && ((!value.substring(0, 
i).equals(coyoteRequest.serverName().getString()) ||
 Integer.parseInt(value.substring(i + 1)) != 
coyoteRequest.getServerPort( {
 // Host value inconsistent
diff --git a/test/org/apache/coyote/http2/TestHttp2Section_8_1.java 
b/test/org/apache/coyote/http2/TestHttp2Section_8_1.java
index 3b47dc13ae..eeab280c6b 100644
--- a/test/org/apache/coyote/http2/TestHttp2Section_8_1.java
+++ b/test/org/apache/coyote/http2/TestHttp2Section_8_1.java
@@ -319,6 +319,31 @@ public class TestHttp2Section_8_1 extends Http2TestBase {
 }
 
 
+@Test
+public void testHostHeaderConsistentNoPort() throws Exception {
+http2Connect();
+
+List headers = new ArrayList<>(4);
+headers.add(new Header(":method", "GET"));
+headers.add(new Header(":scheme", "http"));
+headers.add(new Header(":authority", "localhost"));
+headers.add(new Header(":path", "/simple"));
+headers.add(new Header("host", "localhost"));
+
+byte[] headersFrameHeader = new byte[9];
+ByteBuffer headersPayload = ByteBuffer.allocate(128);
+
+buildGetRequest(headersFrameHeader, headersPayload, null, headers , 3);
+
+writeFrame(headersFrameHeader, headersPayload);
+
+parser.readFrame(true);
+
+String trace = output.getTrace();
+Assert.assertTrue(trace, trace.contains("3-Header-[:status]-[200]"));
+}
+
+
 @Test
 public void testHostHeaderInconsistent() throws Exception {
 http2Connect();
@@ -344,6 +369,31 @@ public class TestHttp2Section_8_1 extends Http2TestBase {
 }
 
 
+@Test
+public void testHostHeaderInconsistentNoPort() throws Exception {
+http2Connect();
+
+List headers = new ArrayList<>(4);
+headers.add(new Header(":method", "GET"));
+headers.add(new Header(":scheme", "http"));
+headers.add(new Header(":authority", "localhost"));
+headers.add(new Header(":path", "/simple"));
+headers.add(new Header("host", "otherhost"));
+
+byte[] headersFrameHeader = new byte[9];
+ByteBuffer headersPayload = ByteBuffer.allocate(128);
+
+buildGetRequest(headersFrameHeader, headersPayload, null, headers , 3);
+
+writeFrame(headersFrameHeader, headersPayload);
+
+parser.readFrame(true);
+
+String trace = output.getTrace();
+Assert.assertTrue(trace, trace.contains("0-Goaway-[1]-[9]"));
+}
+
+
 private void doInvalidPseudoHeaderTest(List headers) throws 
Exception {
 http2Connect();
 


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: Updated HTTP specifications

[Mark Thomas]

Thanks for this Konstantin. I hadn't seen that these were progress.

I've reviewed the changes sections of each spec and have updated the 
tests and the HTTP parsing code to reflect these changes/clarifications. 
I also fixed a few edge cases I spotted along the way.


Mark


On 21/07/2022 19:46, Konstantin Kolinko wrote:

Hi!

I updated the list of specifications in our wiki with new versions of
HTTP specifications.
Those were published in June 2022, along with HTTP./3.

https://cwiki.apache.org/confluence/display/TOMCAT/Specifications#Specifications-HTTP,HTTP/2

RFC 9110 (June 2022) - HTTP Semantics
RFC 9111 (June 2022) - HTTP Caching
RFC 9112 (June 2022) - HTTP/1.1
RFC 9113 (June 2022) - HTTP/2
RFC 9114 (June 2022) - HTTP/3

Best regards,
Konstantin Kolinko

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch 8.5.x updated: Align host header processing with RFC 9113

[markt]

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/8.5.x by this push:
 new 287c4d5b49 Align host header processing with RFC 9113
287c4d5b49 is described below

commit 287c4d5b49b7eab3b6020229ee599dfa10572b60
Author: Mark Thomas 
AuthorDate: Mon Aug 8 13:05:53 2022 +0100

Align host header processing with RFC 9113
---
 .../apache/coyote/http2/LocalStrings.properties|  1 +
 java/org/apache/coyote/http2/Stream.java   | 71 +---
 .../apache/coyote/http2/TestHttp2Section_8_1.java  | 99 ++
 webapps/docs/changelog.xml | 13 +++
 4 files changed, 170 insertions(+), 14 deletions(-)

diff --git a/java/org/apache/coyote/http2/LocalStrings.properties 
b/java/org/apache/coyote/http2/LocalStrings.properties
index fee201c467..c0b192b80f 100644
--- a/java/org/apache/coyote/http2/LocalStrings.properties
+++ b/java/org/apache/coyote/http2/LocalStrings.properties
@@ -96,6 +96,7 @@ stream.header.required=Connection [{0}], Stream [{1}], One or 
more required head
 stream.header.te=Connection [{0}], Stream [{1}], HTTP header [te] is not 
permitted to have the value [{2}] in an HTTP/2 request
 stream.header.unexpectedPseudoHeader=Connection [{0}], Stream [{1}], Pseudo 
header [{2}] received after a regular header
 stream.header.unknownPseudoHeader=Connection [{0}], Stream [{1}], Unknown 
pseudo header [{2}] received
+stream.host.inconsistent=Connection [{0}], Stream [{1}], The header host 
header [{2}] is inconsistent with previously provided values for host [{3}] 
and/or port [{4}]
 stream.inputBuffer.copy=Copying [{0}] bytes from inBuffer to outBuffer
 stream.inputBuffer.dispatch=Data added to inBuffer when read interest is 
registered. Triggering a read dispatch
 stream.inputBuffer.empty=The Stream input buffer is empty. Waiting for more 
data
diff --git a/java/org/apache/coyote/http2/Stream.java 
b/java/org/apache/coyote/http2/Stream.java
index 979c7369d8..8349d204e7 100644
--- a/java/org/apache/coyote/http2/Stream.java
+++ b/java/org/apache/coyote/http2/Stream.java
@@ -89,6 +89,7 @@ class Stream extends AbstractNonZeroStream implements 
HeaderEmitter {
 private StreamException headerException = null;
 
 private volatile StringBuilder cookieHeader = null;
+private volatile boolean hostHeaderSeen = false;
 
 private Object pendingWindowUpdateForStreamLock = new Object();
 private int pendingWindowUpdateForStream = 0;
@@ -377,20 +378,7 @@ class Stream extends AbstractNonZeroStream implements 
HeaderEmitter {
 }
 case ":authority": {
 if (coyoteRequest.serverName().isNull()) {
-int i;
-try {
-i = Host.parse(value);
-} catch (IllegalArgumentException iae) {
-// Host value invalid
-throw new 
HpackException(sm.getString("stream.header.invalid",
-getConnectionId(), getIdAsString(), ":authority", 
value));
-}
-if (i > -1) {
-coyoteRequest.serverName().setString(value.substring(0, 
i));
-
coyoteRequest.setServerPort(Integer.parseInt(value.substring(i + 1)));
-} else {
-coyoteRequest.serverName().setString(value);
-}
+parseAuthority(value, false);
 } else {
 throw new 
HpackException(sm.getString("stream.header.duplicate",
 getConnectionId(), getIdAsString(), ":authority" ));
@@ -408,6 +396,22 @@ class Stream extends AbstractNonZeroStream implements 
HeaderEmitter {
 cookieHeader.append(value);
 break;
 }
+case "host": {
+if (coyoteRequest.serverName().isNull()) {
+// No :authority header. This is first host header. Use it.
+hostHeaderSeen = true;
+parseAuthority(value, true);
+} else if (!hostHeaderSeen) {
+// First host header - must be consistent with :authority
+hostHeaderSeen = true;
+compareAuthority(value);
+} else {
+// Multiple hosts headers - illegal
+throw new 
HpackException(sm.getString("stream.header.duplicate",
+getConnectionId(), getIdAsString(), "host" ));
+}
+break;
+}
 default: {
 if (headerState == HEADER_STATE_TRAILER && 
!handler.isTrailerHeaderAllowed(name)) {
 break;
@@ -427,6 +431,45 @@ class Stream extends AbstractNonZeroStream implements 
HeaderEmitter {
 }
 
 
+private void parseAuthority(String value, boolean host) throws 
HpackException {
+int i;
+try {
+i = Host.parse(va

[tomcat] branch 9.0.x updated: Align host header processing with RFC 9113

[markt]

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/9.0.x by this push:
 new 205289b10e Align host header processing with RFC 9113
205289b10e is described below

commit 205289b10e998df0e0fd21c3ad8fb6fbcbc8ec2e
Author: Mark Thomas 
AuthorDate: Mon Aug 8 13:05:53 2022 +0100

Align host header processing with RFC 9113
---
 .../apache/coyote/http2/LocalStrings.properties|  1 +
 java/org/apache/coyote/http2/Stream.java   | 71 +---
 .../apache/coyote/http2/TestHttp2Section_8_1.java  | 99 ++
 webapps/docs/changelog.xml | 13 +++
 4 files changed, 170 insertions(+), 14 deletions(-)

diff --git a/java/org/apache/coyote/http2/LocalStrings.properties 
b/java/org/apache/coyote/http2/LocalStrings.properties
index 823ea18a7c..62f3f189bb 100644
--- a/java/org/apache/coyote/http2/LocalStrings.properties
+++ b/java/org/apache/coyote/http2/LocalStrings.properties
@@ -97,6 +97,7 @@ stream.header.required=Connection [{0}], Stream [{1}], One or 
more required head
 stream.header.te=Connection [{0}], Stream [{1}], HTTP header [te] is not 
permitted to have the value [{2}] in an HTTP/2 request
 stream.header.unexpectedPseudoHeader=Connection [{0}], Stream [{1}], Pseudo 
header [{2}] received after a regular header
 stream.header.unknownPseudoHeader=Connection [{0}], Stream [{1}], Unknown 
pseudo header [{2}] received
+stream.host.inconsistent=Connection [{0}], Stream [{1}], The header host 
header [{2}] is inconsistent with previously provided values for host [{3}] 
and/or port [{4}]
 stream.inputBuffer.copy=Copying [{0}] bytes from inBuffer to outBuffer
 stream.inputBuffer.dispatch=Data added to inBuffer when read interest is 
registered. Triggering a read dispatch
 stream.inputBuffer.empty=The Stream input buffer is empty. Waiting for more 
data
diff --git a/java/org/apache/coyote/http2/Stream.java 
b/java/org/apache/coyote/http2/Stream.java
index 1ac42135f7..b9a2f77f12 100644
--- a/java/org/apache/coyote/http2/Stream.java
+++ b/java/org/apache/coyote/http2/Stream.java
@@ -92,6 +92,7 @@ class Stream extends AbstractNonZeroStream implements 
HeaderEmitter {
 private StreamException headerException = null;
 
 private volatile StringBuilder cookieHeader = null;
+private volatile boolean hostHeaderSeen = false;
 
 private Object pendingWindowUpdateForStreamLock = new Object();
 private int pendingWindowUpdateForStream = 0;
@@ -380,20 +381,7 @@ class Stream extends AbstractNonZeroStream implements 
HeaderEmitter {
 }
 case ":authority": {
 if (coyoteRequest.serverName().isNull()) {
-int i;
-try {
-i = Host.parse(value);
-} catch (IllegalArgumentException iae) {
-// Host value invalid
-throw new 
HpackException(sm.getString("stream.header.invalid",
-getConnectionId(), getIdAsString(), ":authority", 
value));
-}
-if (i > -1) {
-coyoteRequest.serverName().setString(value.substring(0, 
i));
-
coyoteRequest.setServerPort(Integer.parseInt(value.substring(i + 1)));
-} else {
-coyoteRequest.serverName().setString(value);
-}
+parseAuthority(value, false);
 } else {
 throw new 
HpackException(sm.getString("stream.header.duplicate",
 getConnectionId(), getIdAsString(), ":authority" ));
@@ -411,6 +399,22 @@ class Stream extends AbstractNonZeroStream implements 
HeaderEmitter {
 cookieHeader.append(value);
 break;
 }
+case "host": {
+if (coyoteRequest.serverName().isNull()) {
+// No :authority header. This is first host header. Use it.
+hostHeaderSeen = true;
+parseAuthority(value, true);
+} else if (!hostHeaderSeen) {
+// First host header - must be consistent with :authority
+hostHeaderSeen = true;
+compareAuthority(value);
+} else {
+// Multiple hosts headers - illegal
+throw new 
HpackException(sm.getString("stream.header.duplicate",
+getConnectionId(), getIdAsString(), "host" ));
+}
+break;
+}
 default: {
 if (headerState == HEADER_STATE_TRAILER &&
 !handler.getProtocol().isTrailerHeaderAllowed(name)) {
@@ -436,6 +440,45 @@ class Stream extends AbstractNonZeroStream implements 
HeaderEmitter {
 }
 
 
+private void parseAuthority(String value, boolean host) throws 
HpackException {
+int i;
+try {
+i = Hos

[tomcat] branch 10.0.x updated: Align host header processing with RFC 9113

[markt]

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 10.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/10.0.x by this push:
 new 177e25e67a Align host header processing with RFC 9113
177e25e67a is described below

commit 177e25e67af4f070add1c72e9cf42a6c9de1cbac
Author: Mark Thomas 
AuthorDate: Mon Aug 8 13:05:53 2022 +0100

Align host header processing with RFC 9113
---
 .../apache/coyote/http2/LocalStrings.properties|  1 +
 java/org/apache/coyote/http2/Stream.java   | 71 +---
 .../apache/coyote/http2/TestHttp2Section_8_1.java  | 99 ++
 webapps/docs/changelog.xml | 13 +++
 4 files changed, 170 insertions(+), 14 deletions(-)

diff --git a/java/org/apache/coyote/http2/LocalStrings.properties 
b/java/org/apache/coyote/http2/LocalStrings.properties
index 823ea18a7c..62f3f189bb 100644
--- a/java/org/apache/coyote/http2/LocalStrings.properties
+++ b/java/org/apache/coyote/http2/LocalStrings.properties
@@ -97,6 +97,7 @@ stream.header.required=Connection [{0}], Stream [{1}], One or 
more required head
 stream.header.te=Connection [{0}], Stream [{1}], HTTP header [te] is not 
permitted to have the value [{2}] in an HTTP/2 request
 stream.header.unexpectedPseudoHeader=Connection [{0}], Stream [{1}], Pseudo 
header [{2}] received after a regular header
 stream.header.unknownPseudoHeader=Connection [{0}], Stream [{1}], Unknown 
pseudo header [{2}] received
+stream.host.inconsistent=Connection [{0}], Stream [{1}], The header host 
header [{2}] is inconsistent with previously provided values for host [{3}] 
and/or port [{4}]
 stream.inputBuffer.copy=Copying [{0}] bytes from inBuffer to outBuffer
 stream.inputBuffer.dispatch=Data added to inBuffer when read interest is 
registered. Triggering a read dispatch
 stream.inputBuffer.empty=The Stream input buffer is empty. Waiting for more 
data
diff --git a/java/org/apache/coyote/http2/Stream.java 
b/java/org/apache/coyote/http2/Stream.java
index 44dc56d105..13cc3a36f1 100644
--- a/java/org/apache/coyote/http2/Stream.java
+++ b/java/org/apache/coyote/http2/Stream.java
@@ -92,6 +92,7 @@ class Stream extends AbstractNonZeroStream implements 
HeaderEmitter {
 private StreamException headerException = null;
 
 private volatile StringBuilder cookieHeader = null;
+private volatile boolean hostHeaderSeen = false;
 
 private Object pendingWindowUpdateForStreamLock = new Object();
 private int pendingWindowUpdateForStream = 0;
@@ -380,20 +381,7 @@ class Stream extends AbstractNonZeroStream implements 
HeaderEmitter {
 }
 case ":authority": {
 if (coyoteRequest.serverName().isNull()) {
-int i;
-try {
-i = Host.parse(value);
-} catch (IllegalArgumentException iae) {
-// Host value invalid
-throw new 
HpackException(sm.getString("stream.header.invalid",
-getConnectionId(), getIdAsString(), ":authority", 
value));
-}
-if (i > -1) {
-coyoteRequest.serverName().setString(value.substring(0, 
i));
-
coyoteRequest.setServerPort(Integer.parseInt(value.substring(i + 1)));
-} else {
-coyoteRequest.serverName().setString(value);
-}
+parseAuthority(value, false);
 } else {
 throw new 
HpackException(sm.getString("stream.header.duplicate",
 getConnectionId(), getIdAsString(), ":authority" ));
@@ -411,6 +399,22 @@ class Stream extends AbstractNonZeroStream implements 
HeaderEmitter {
 cookieHeader.append(value);
 break;
 }
+case "host": {
+if (coyoteRequest.serverName().isNull()) {
+// No :authority header. This is first host header. Use it.
+hostHeaderSeen = true;
+parseAuthority(value, true);
+} else if (!hostHeaderSeen) {
+// First host header - must be consistent with :authority
+hostHeaderSeen = true;
+compareAuthority(value);
+} else {
+// Multiple hosts headers - illegal
+throw new 
HpackException(sm.getString("stream.header.duplicate",
+getConnectionId(), getIdAsString(), "host" ));
+}
+break;
+}
 default: {
 if (headerState == HEADER_STATE_TRAILER &&
 !handler.getProtocol().isTrailerHeaderAllowed(name)) {
@@ -436,6 +440,45 @@ class Stream extends AbstractNonZeroStream implements 
HeaderEmitter {
 }
 
 
+private void parseAuthority(String value, boolean host) throws 
HpackException {
+int i;
+try {
+i = H

[tomcat] 02/02: Fix checkstyle warnings

[markt]

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git

commit 40b5497016a0fc79fc25d2e112b72ba11a9ac6b6
Author: Mark Thomas 
AuthorDate: Mon Aug 8 13:19:08 2022 +0100

Fix checkstyle warnings
---
 java/org/apache/catalina/users/MemoryGroup.java|  1 -
 java/org/apache/catalina/users/MemoryUserDatabase.java | 12 ++--
 2 files changed, 6 insertions(+), 7 deletions(-)

diff --git a/java/org/apache/catalina/users/MemoryGroup.java 
b/java/org/apache/catalina/users/MemoryGroup.java
index 9de5b959f9..7f5d90eb2b 100644
--- a/java/org/apache/catalina/users/MemoryGroup.java
+++ b/java/org/apache/catalina/users/MemoryGroup.java
@@ -17,7 +17,6 @@
 package org.apache.catalina.users;
 
 
-import org.apache.catalina.Role;
 import org.apache.catalina.UserDatabase;
 import org.apache.tomcat.util.buf.StringUtils;
 import org.apache.tomcat.util.security.Escape;
diff --git a/java/org/apache/catalina/users/MemoryUserDatabase.java 
b/java/org/apache/catalina/users/MemoryUserDatabase.java
index b0aff0fdf8..614d855c5f 100644
--- a/java/org/apache/catalina/users/MemoryUserDatabase.java
+++ b/java/org/apache/catalina/users/MemoryUserDatabase.java
@@ -296,7 +296,7 @@ public class MemoryUserDatabase implements UserDatabase {
 throw new IllegalArgumentException(msg);
 }
 
-Group group = new GenericGroup(this, groupname, description, null);
+Group group = new GenericGroup<>(this, groupname, description, null);
 readLock.lock();
 try {
 groups.put(group.getGroupname(), group);
@@ -321,7 +321,7 @@ public class MemoryUserDatabase implements UserDatabase {
 throw new IllegalArgumentException(msg);
 }
 
-Role role = new GenericRole(this, rolename, description);
+Role role = new GenericRole<>(this, rolename, description);
 readLock.lock();
 try {
 roles.put(role.getRolename(), role);
@@ -348,7 +348,7 @@ public class MemoryUserDatabase implements UserDatabase {
 throw new IllegalArgumentException(msg);
 }
 
-User user = new GenericUser(this, username, password, fullName, null, 
null);
+User user = new GenericUser<>(this, username, password, fullName, 
null, null);
 readLock.lock();
 try {
 users.put(user.getUsername(), user);
@@ -607,7 +607,7 @@ public class MemoryUserDatabase implements UserDatabase {
 writer.print("\"");
 }
 writer.print(" roles=\"");
-for(Iterator roles=group.getRoles(); 
roles.hasNext(); ) {
+for (Iterator roles=group.getRoles(); 
roles.hasNext();) {
 Role role = roles.next();
 writer.print(Escape.xml(role.getRolename()));
 if(roles.hasNext()) {
@@ -631,7 +631,7 @@ public class MemoryUserDatabase implements UserDatabase {
 writer.print("\"");
 }
 writer.print(" groups=\"");
-for(Iterator groups=user.getGroups(); 
groups.hasNext(); ) {
+for (Iterator groups=user.getGroups(); 
groups.hasNext();) {
 Group group = groups.next();
 writer.print(Escape.xml(group.getGroupname()));
 if(groups.hasNext()) {
@@ -639,7 +639,7 @@ public class MemoryUserDatabase implements UserDatabase {
 }
 }
 writer.print("\" roles=\"");
-for(Iterator roles=user.getRoles(); roles.hasNext(); 
) {
+for (Iterator roles=user.getRoles(); 
roles.hasNext();) {
 Role role = roles.next();
 writer.print(Escape.xml(role.getRolename()));
 if(roles.hasNext()) {


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] 01/02: Align host header processing with RFC 9113

[markt]

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git

commit 1a93cf89321e7a86aedcd39206b52cf605fe0806
Author: Mark Thomas 
AuthorDate: Mon Aug 8 13:05:53 2022 +0100

Align host header processing with RFC 9113
---
 .../apache/coyote/http2/LocalStrings.properties|  1 +
 java/org/apache/coyote/http2/Stream.java   | 71 +---
 .../apache/coyote/http2/TestHttp2Section_8_1.java  | 99 ++
 webapps/docs/changelog.xml | 13 +++
 4 files changed, 170 insertions(+), 14 deletions(-)

diff --git a/java/org/apache/coyote/http2/LocalStrings.properties 
b/java/org/apache/coyote/http2/LocalStrings.properties
index 823ea18a7c..62f3f189bb 100644
--- a/java/org/apache/coyote/http2/LocalStrings.properties
+++ b/java/org/apache/coyote/http2/LocalStrings.properties
@@ -97,6 +97,7 @@ stream.header.required=Connection [{0}], Stream [{1}], One or 
more required head
 stream.header.te=Connection [{0}], Stream [{1}], HTTP header [te] is not 
permitted to have the value [{2}] in an HTTP/2 request
 stream.header.unexpectedPseudoHeader=Connection [{0}], Stream [{1}], Pseudo 
header [{2}] received after a regular header
 stream.header.unknownPseudoHeader=Connection [{0}], Stream [{1}], Unknown 
pseudo header [{2}] received
+stream.host.inconsistent=Connection [{0}], Stream [{1}], The header host 
header [{2}] is inconsistent with previously provided values for host [{3}] 
and/or port [{4}]
 stream.inputBuffer.copy=Copying [{0}] bytes from inBuffer to outBuffer
 stream.inputBuffer.dispatch=Data added to inBuffer when read interest is 
registered. Triggering a read dispatch
 stream.inputBuffer.empty=The Stream input buffer is empty. Waiting for more 
data
diff --git a/java/org/apache/coyote/http2/Stream.java 
b/java/org/apache/coyote/http2/Stream.java
index cd15cb0f49..24f68c7e24 100644
--- a/java/org/apache/coyote/http2/Stream.java
+++ b/java/org/apache/coyote/http2/Stream.java
@@ -93,6 +93,7 @@ class Stream extends AbstractNonZeroStream implements 
HeaderEmitter {
 private StreamException headerException = null;
 
 private volatile StringBuilder cookieHeader = null;
+private volatile boolean hostHeaderSeen = false;
 
 private Object pendingWindowUpdateForStreamLock = new Object();
 private int pendingWindowUpdateForStream = 0;
@@ -385,20 +386,7 @@ class Stream extends AbstractNonZeroStream implements 
HeaderEmitter {
 }
 case ":authority": {
 if (coyoteRequest.serverName().isNull()) {
-int i;
-try {
-i = Host.parse(value);
-} catch (IllegalArgumentException iae) {
-// Host value invalid
-throw new 
HpackException(sm.getString("stream.header.invalid",
-getConnectionId(), getIdAsString(), ":authority", 
value));
-}
-if (i > -1) {
-coyoteRequest.serverName().setString(value.substring(0, 
i));
-
coyoteRequest.setServerPort(Integer.parseInt(value.substring(i + 1)));
-} else {
-coyoteRequest.serverName().setString(value);
-}
+parseAuthority(value, false);
 } else {
 throw new 
HpackException(sm.getString("stream.header.duplicate",
 getConnectionId(), getIdAsString(), ":authority" ));
@@ -416,6 +404,22 @@ class Stream extends AbstractNonZeroStream implements 
HeaderEmitter {
 cookieHeader.append(value);
 break;
 }
+case "host": {
+if (coyoteRequest.serverName().isNull()) {
+// No :authority header. This is first host header. Use it.
+hostHeaderSeen = true;
+parseAuthority(value, true);
+} else if (!hostHeaderSeen) {
+// First host header - must be consistent with :authority
+hostHeaderSeen = true;
+compareAuthority(value);
+} else {
+// Multiple hosts headers - illegal
+throw new 
HpackException(sm.getString("stream.header.duplicate",
+getConnectionId(), getIdAsString(), "host" ));
+}
+break;
+}
 default: {
 if (headerState == HEADER_STATE_TRAILER &&
 !handler.getProtocol().isTrailerHeaderAllowed(name)) {
@@ -441,6 +445,45 @@ class Stream extends AbstractNonZeroStream implements 
HeaderEmitter {
 }
 
 
+private void parseAuthority(String value, boolean host) throws 
HpackException {
+int i;
+try {
+i = Host.parse(value);
+} catch (IllegalArgumentException iae) {
+// Host value invalid
+throw new HpackException(sm.getString("stream.heade

[tomcat] branch main updated (9547412dc8 -> 40b5497016)

[markt]

This is an automated email from the ASF dual-hosted git repository.

markt pushed a change to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git


from 9547412dc8 Fix typo
 new 1a93cf8932 Align host header processing with RFC 9113
 new 40b5497016 Fix checkstyle warnings

The 2 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails.  The revisions
listed as "add" were already present in the repository and have only
been added to this reference.


Summary of changes:
 java/org/apache/catalina/users/MemoryGroup.java|  1 -
 .../apache/catalina/users/MemoryUserDatabase.java  | 12 +--
 .../apache/coyote/http2/LocalStrings.properties|  1 +
 java/org/apache/coyote/http2/Stream.java   | 71 +---
 .../apache/coyote/http2/TestHttp2Section_8_1.java  | 99 ++
 webapps/docs/changelog.xml | 13 +++
 6 files changed, 176 insertions(+), 21 deletions(-)


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org