date:20230503

[GitHub] [tomcat] isapir commented on a diff in pull request #607: Added RateLimitFilter

2023-05-03 Thread via GitHub



isapir commented on code in PR #607:
URL: https://github.com/apache/tomcat/pull/607#discussion_r1184526447


##
java/org/apache/catalina/util/TimeBucketCounter.java:
##
@@ -0,0 +1,217 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.catalina.util;
+
+import java.util.concurrent.ConcurrentHashMap;
+import java.util.concurrent.atomic.AtomicInteger;
+
+/**
+ * this class maintains a thread safe hash map that has timestamp-based buckets
+ * followed by a string for a key, and a counter for a value. each time the
+ * increment() method is called it adds the key if it does not exist, 
increments
+ * its value and returns it.
+ *
+ * a maintenance thread cleans up keys that are prefixed by previous timestamp
+ * buckets.
+ */
+public class TimeBucketCounter {
+
+/**
+ * Map to hold the buckets
+ */
+private final ConcurrentHashMap map = new 
ConcurrentHashMap<>();
+
+/**
+ * Milliseconds bucket size as a Power of 2 for bit shift math, e.g.
+ * 16 for 65_536ms which is about 1:05 minute
+ */
+private final int numBits;
+
+/**
+ * ratio of actual duration to config duration
+ */
+private final double ratio;
+
+/**
+ * flag for the maintenance thread
+ */
+volatile boolean isRunning = false;
+
+/**
+ *
+ * @param bucketDuration duration in seconds, e.g. for 1 minute pass 60
+ */
+public TimeBucketCounter(int bucketDuration) {
+
+int durationMillis = bucketDuration * 1000;
+
+int bits = 0;
+int pof2 = nextPowerOf2(durationMillis);
+int bitCheck = pof2;
+while (bitCheck > 1) {
+bitCheck = pof2 >> ++bits;
+}
+
+this.numBits = bits;
+
+this.ratio = ratioToPowerOf2(durationMillis);
+
+int cleanupsPerBucketDuration = (durationMillis >= 60_000) ? 6 : 3;
+Thread mt = new MaintenanceThread(durationMillis / 
cleanupsPerBucketDuration);
+mt.start();
+}
+
+/**
+ * increments the counter for the passed identifier in the current time
+ * bucket and returns the new value
+ *
+ * @param identifier an identifier for which we want to maintain count, 
e.g. IP Address
+ * @return the count within the current time bucket
+ */
+public final int increment(String identifier) {
+String key = getCurrentBucketPrefix() + "-" + identifier;
+AtomicInteger ai = map.computeIfAbsent(key, v -> new AtomicInteger());
+return ai.incrementAndGet();

Review Comment:
   To exceed Integer.MAX_VALUE (2,147,483,647) in a day, for example, one would 
need to hit the server at the rate of almost 25,000 Requests per Second.  
Handling configurations that would allow 25,000 Requests per Second in a time 
window of a full day is not a use case for this filter, and such configuration 
should be strongly discouraged.



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[GitHub] [tomcat] isapir commented on a diff in pull request #607: Added RateLimitFilter

2023-05-03 Thread via GitHub



isapir commented on code in PR #607:
URL: https://github.com/apache/tomcat/pull/607#discussion_r1184526447


##
java/org/apache/catalina/util/TimeBucketCounter.java:
##
@@ -0,0 +1,217 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.catalina.util;
+
+import java.util.concurrent.ConcurrentHashMap;
+import java.util.concurrent.atomic.AtomicInteger;
+
+/**
+ * this class maintains a thread safe hash map that has timestamp-based buckets
+ * followed by a string for a key, and a counter for a value. each time the
+ * increment() method is called it adds the key if it does not exist, 
increments
+ * its value and returns it.
+ *
+ * a maintenance thread cleans up keys that are prefixed by previous timestamp
+ * buckets.
+ */
+public class TimeBucketCounter {
+
+/**
+ * Map to hold the buckets
+ */
+private final ConcurrentHashMap map = new 
ConcurrentHashMap<>();
+
+/**
+ * Milliseconds bucket size as a Power of 2 for bit shift math, e.g.
+ * 16 for 65_536ms which is about 1:05 minute
+ */
+private final int numBits;
+
+/**
+ * ratio of actual duration to config duration
+ */
+private final double ratio;
+
+/**
+ * flag for the maintenance thread
+ */
+volatile boolean isRunning = false;
+
+/**
+ *
+ * @param bucketDuration duration in seconds, e.g. for 1 minute pass 60
+ */
+public TimeBucketCounter(int bucketDuration) {
+
+int durationMillis = bucketDuration * 1000;
+
+int bits = 0;
+int pof2 = nextPowerOf2(durationMillis);
+int bitCheck = pof2;
+while (bitCheck > 1) {
+bitCheck = pof2 >> ++bits;
+}
+
+this.numBits = bits;
+
+this.ratio = ratioToPowerOf2(durationMillis);
+
+int cleanupsPerBucketDuration = (durationMillis >= 60_000) ? 6 : 3;
+Thread mt = new MaintenanceThread(durationMillis / 
cleanupsPerBucketDuration);
+mt.start();
+}
+
+/**
+ * increments the counter for the passed identifier in the current time
+ * bucket and returns the new value
+ *
+ * @param identifier an identifier for which we want to maintain count, 
e.g. IP Address
+ * @return the count within the current time bucket
+ */
+public final int increment(String identifier) {
+String key = getCurrentBucketPrefix() + "-" + identifier;
+AtomicInteger ai = map.computeIfAbsent(key, v -> new AtomicInteger());
+return ai.incrementAndGet();

Review Comment:
   To exceed Integer.MAX_VALUE (2,147,483,647) in a day, for example, one would 
need to hit the server at the rate of almost 25,000 Requests per Second.  
Handling cases like that are not a use case for this filter.



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch ratelimit-filter updated (14db569d9c -> a69c081677)

2023-05-03 Thread isapir

This is an automated email from the ASF dual-hosted git repository.

isapir pushed a change to branch ratelimit-filter
in repository https://gitbox.apache.org/repos/asf/tomcat.git


from 14db569d9c Updated RateLimitFilter Javadoc comment to address feedback
 add a69c081677 Addressed PR feedback and fixed Javadoc for RateLimitFilter

No new revisions were added by this update.

Summary of changes:
 java/org/apache/catalina/filters/RateLimitFilter.java | 2 +-
 java/org/apache/catalina/util/TimeBucketCounter.java  | 8 ++--
 2 files changed, 3 insertions(+), 7 deletions(-)


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: Workaround for misbehaving ClassLoader

2023-05-03 Thread koteswara Rao Gundapaneni

Dear chris,

I will take care about it and update it accordingly


Regards,
Koti

On Wed, May 3, 2023 at 12:02 PM Christopher Schultz <
ch...@christopherschultz.net> wrote:

> All,
>
> Please check this thread for full details:
> https://lists.apache.org/thread/of5ozg43zyk729cg311dktjcv3swct26
>
> Briefly, a user reported this NPE:
>
> Apr 29, 2023 5:41:32 PM org.apache.catalina.core.StandardContext
> listenerStart
> SEVERE: Exception sending context initialized event to listener instance
> of class [org.springframework.web.context.ContextLoaderListener]
> java.lang.NullPointerException
>  at
>
> org.apache.catalina.loader.WebappClassLoaderBase$CombinedEnumeration.inc(WebappClassLoaderBase.java:2775)
>  at
>
> org.apache.catalina.loader.WebappClassLoaderBase$CombinedEnumeration.hasMoreElements(WebappClassLoaderBase.java:2760)
>  at
>
> org.apache.commons.logging.LogFactory.getConfigurationFile(LogFactory.java:1366)
>  at
> org.apache.commons.logging.LogFactory.getFactory(LogFactory.java:453)
>  at org.apache.commons.logging.LogFactory.getLog(LogFactory.java:655)
>
> Mark introduced the CombinedEnumeration in
>
> https://github.com/apache/tomcat/commit/fdd35009ead6365cbae84008e63356d6ab88ed40
> to merge the resources from the parent ClassLoader with the
> WebappClassLoader(Base). His code looks sound to me, but it can expose
> what I think of as a bug in the ClassLoader being used as the parent.
>
> ClassLoader.getResources is documented to return an empty Enumeration if
> there are no matching resources, but in this case, the ClassLoader is
> returning null.
>
> WebappClassLoaderBase assumes that the parent ClassLoader is following
> the rules and so grabs the resources from both itself and the parent and
> combines them using CombinedEnumeration.
>
> Here is a patch that will fix that:
>
> diff --git a/java/org/apache/catalina/loader/WebappClassLoaderBase.java
> b/java/org/apache/catalina/loader/WebappClassLoaderBase.java
> index aa747a5873..6f98f6e413 100644
> --- a/java/org/apache/catalina/loader/WebappClassLoaderBase.java
> +++ b/java/org/apache/catalina/loader/WebappClassLoaderBase.java
> @@ -1121,7 +1121,9 @@ public abstract class WebappClassLoaderBase
> extends URLClassLoader
>   // Enumerations are combined depends on how delegation is
> configured
>   boolean delegateFirst = delegate || filter(name, false);
>
> -if (delegateFirst) {
> +if(null == parentResources) {
> +return localResources;
> +} else if (delegateFirst) {
>   return new CombinedEnumeration(parentResources,
> localResources);
>   } else {
>   return new CombinedEnumeration(localResources,
> parentResources);
>
> But my question is whether or not this is something that Tomcat should
> be working-around. IMO the parent ClassLoader is buggy and should be
> fixed, but it may be difficult or impossible to fix the parent, so it
> may be worth it.
>
> We could even log it including the class name of the offending ClassLoader.
>
> WDYT?
>
> -chris
>
> -
> To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: dev-h...@tomcat.apache.org
>
>

[tomcat] branch ratelimit-filter updated (fa0c65bed1 -> 14db569d9c)

2023-05-03 Thread isapir

This is an automated email from the ASF dual-hosted git repository.

isapir pushed a change to branch ratelimit-filter
in repository https://gitbox.apache.org/repos/asf/tomcat.git


from fa0c65bed1 Added RateLimitFilter
 add 14db569d9c Updated RateLimitFilter Javadoc comment to address feedback

No new revisions were added by this update.

Summary of changes:
 .../apache/catalina/filters/RateLimitFilter.java   | 107 ++---
 webapps/docs/config/filter.xml |  14 +--
 2 files changed, 59 insertions(+), 62 deletions(-)


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: [VOTE] Release Apache Tomcat 11.0.0-M6

2023-05-03 Thread Han Li




> On May 4, 2023, at 02:38, Mark Thomas  wrote:
> 
> The proposed Apache Tomcat 11.0.0-M6 release is now available for
> voting.
> 
> Apache Tomcat 11.0.0-M6 is a milestone release of the 11.0.x branch and has 
> been made to provide users with early access to the new features in Apache 
> Tomcat 11.0.x so that they may provide feedback. The notable changes compared 
> to the previous milestone include:
> 
> - Various improvements to access logging.
> 
> - Remove support for the HTTP Connector settings rejectIllegalHeader and
>  allowHostHeaderMismatch. These are now hard-coded to the previous
>  defaults.
> 
> - Update the packaged version of the Tomcat Migration Tool for Jakarta
>  EE to 1.0.7.
> 
> 
> For full details, see the change log:
> https://nightlies.apache.org/tomcat/tomcat-11.0.x/docs/changelog.html
> 
> Applications that run on Tomcat 9 and earlier will not run on Tomcat 11 
> without changes. Java EE applications designed for Tomcat 9 and earlier may 
> be placed in the $CATALINA_BASE/webapps-javaee directory and Tomcat will 
> automatically convert them to Jakarta EE and copy them to the webapps 
> directory. Applications using deprecated APIs may require further changes.
> 
> It can be obtained from:
> https://dist.apache.org/repos/dist/dev/tomcat/tomcat-11/v11.0.0-M6/
> 
> The Maven staging repo is:
> https://repository.apache.org/content/repositories/orgapachetomcat-1432
> 
> The tag is:
> https://github.com/apache/tomcat/tree/11.0.0-M6
> 9ce010463a93138d596c54c67b11cdb35fc8244a
> 
> 
> The proposed 11.0.0-M6 release is:
> [ ] Broken - do not release
> [X] Alpha  - go ahead and release as 11.0.0-M6
+1

Tests pass with tc-native2.0.2 and OpenSSL3.0.7 on macOS 12.3.1

Han
> 
> -
> To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: dev-h...@tomcat.apache.org
> 


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Buildbot success in on tomcat-9.0.x

2023-05-03 Thread buildbot

Build status: Build succeeded!
Worker used: bb_worker2_ubuntu
URL: https://ci2.apache.org/#builders/37/builds/542
Blamelist: Mark Thomas 
Build Text: build successful
Status Detected: restored build
Build Source Stamp: [branch 9.0.x] 4d63c77b0276facc52a2eb794e5616d90204fcf7


Steps:

  worker_preparation: 0

  git: 0

  shell: 0

  shell_1: 0

  shell_2: 0

  shell_3: 0

  shell_4: 0

  shell_5: 0

  compile: 1

  shell_6: 0

  shell_7: 0

  shell_8: 0

  shell_9: 0

  Rsync docs to nightlies.apache.org: 0

  shell_10: 0

  Rsync RAT to nightlies.apache.org: 0

  compile_1: 1

  shell_11: 0

  Rsync Logs to nightlies.apache.org: 0


-- ASF Buildbot


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: Workaround for misbehaving ClassLoader

2023-05-03 Thread Romain Manni-Bucau

Hi Chris,

Fixing the parent in this project is quite easy, if the OSGi
bundle.getResources returns null then return emptyEnumeration instead of
the direct result of the call but generally speaking this is a valid
statement but I guess Tomcat can await some other hit of this issue to push
forward a fix it since this one is very trivial to do in the failing
project ([1]).

[1]
https://github.com/CodeGerm/osgi-server/blob/master/plugins/org.cg.dao.webcontainer/src/org/cg/dao/webcontainer/tomcat/DaoClassLoader.java#L132

Romain Manni-Bucau
@rmannibucau  |  Blog
 | Old Blog
 | Github  |
LinkedIn  | Book



Le mer. 3 mai 2023 à 21:02, Christopher Schultz <
ch...@christopherschultz.net> a écrit :

> All,
>
> Please check this thread for full details:
> https://lists.apache.org/thread/of5ozg43zyk729cg311dktjcv3swct26
>
> Briefly, a user reported this NPE:
>
> Apr 29, 2023 5:41:32 PM org.apache.catalina.core.StandardContext
> listenerStart
> SEVERE: Exception sending context initialized event to listener instance
> of class [org.springframework.web.context.ContextLoaderListener]
> java.lang.NullPointerException
>  at
>
> org.apache.catalina.loader.WebappClassLoaderBase$CombinedEnumeration.inc(WebappClassLoaderBase.java:2775)
>  at
>
> org.apache.catalina.loader.WebappClassLoaderBase$CombinedEnumeration.hasMoreElements(WebappClassLoaderBase.java:2760)
>  at
>
> org.apache.commons.logging.LogFactory.getConfigurationFile(LogFactory.java:1366)
>  at
> org.apache.commons.logging.LogFactory.getFactory(LogFactory.java:453)
>  at org.apache.commons.logging.LogFactory.getLog(LogFactory.java:655)
>
> Mark introduced the CombinedEnumeration in
>
> https://github.com/apache/tomcat/commit/fdd35009ead6365cbae84008e63356d6ab88ed40
> to merge the resources from the parent ClassLoader with the
> WebappClassLoader(Base). His code looks sound to me, but it can expose
> what I think of as a bug in the ClassLoader being used as the parent.
>
> ClassLoader.getResources is documented to return an empty Enumeration if
> there are no matching resources, but in this case, the ClassLoader is
> returning null.
>
> WebappClassLoaderBase assumes that the parent ClassLoader is following
> the rules and so grabs the resources from both itself and the parent and
> combines them using CombinedEnumeration.
>
> Here is a patch that will fix that:
>
> diff --git a/java/org/apache/catalina/loader/WebappClassLoaderBase.java
> b/java/org/apache/catalina/loader/WebappClassLoaderBase.java
> index aa747a5873..6f98f6e413 100644
> --- a/java/org/apache/catalina/loader/WebappClassLoaderBase.java
> +++ b/java/org/apache/catalina/loader/WebappClassLoaderBase.java
> @@ -1121,7 +1121,9 @@ public abstract class WebappClassLoaderBase
> extends URLClassLoader
>   // Enumerations are combined depends on how delegation is
> configured
>   boolean delegateFirst = delegate || filter(name, false);
>
> -if (delegateFirst) {
> +if(null == parentResources) {
> +return localResources;
> +} else if (delegateFirst) {
>   return new CombinedEnumeration(parentResources,
> localResources);
>   } else {
>   return new CombinedEnumeration(localResources,
> parentResources);
>
> But my question is whether or not this is something that Tomcat should
> be working-around. IMO the parent ClassLoader is buggy and should be
> fixed, but it may be difficult or impossible to fix the parent, so it
> may be worth it.
>
> We could even log it including the class name of the offending ClassLoader.
>
> WDYT?
>
> -chris
>
> -
> To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: dev-h...@tomcat.apache.org
>
>

Workaround for misbehaving ClassLoader

2023-05-03 Thread Christopher Schultz


All,

Please check this thread for full details: 
https://lists.apache.org/thread/of5ozg43zyk729cg311dktjcv3swct26


Briefly, a user reported this NPE:

Apr 29, 2023 5:41:32 PM org.apache.catalina.core.StandardContext 
listenerStart
SEVERE: Exception sending context initialized event to listener instance 
of class [org.springframework.web.context.ContextLoaderListener]

java.lang.NullPointerException
at 
org.apache.catalina.loader.WebappClassLoaderBase$CombinedEnumeration.inc(WebappClassLoaderBase.java:2775)
at 
org.apache.catalina.loader.WebappClassLoaderBase$CombinedEnumeration.hasMoreElements(WebappClassLoaderBase.java:2760)
at 
org.apache.commons.logging.LogFactory.getConfigurationFile(LogFactory.java:1366)
at 
org.apache.commons.logging.LogFactory.getFactory(LogFactory.java:453)

at org.apache.commons.logging.LogFactory.getLog(LogFactory.java:655)

Mark introduced the CombinedEnumeration in 
https://github.com/apache/tomcat/commit/fdd35009ead6365cbae84008e63356d6ab88ed40 
to merge the resources from the parent ClassLoader with the 
WebappClassLoader(Base). His code looks sound to me, but it can expose 
what I think of as a bug in the ClassLoader being used as the parent.


ClassLoader.getResources is documented to return an empty Enumeration if 
there are no matching resources, but in this case, the ClassLoader is 
returning null.


WebappClassLoaderBase assumes that the parent ClassLoader is following 
the rules and so grabs the resources from both itself and the parent and 
combines them using CombinedEnumeration.


Here is a patch that will fix that:

diff --git a/java/org/apache/catalina/loader/WebappClassLoaderBase.java 
b/java/org/apache/catalina/loader/WebappClassLoaderBase.java

index aa747a5873..6f98f6e413 100644
--- a/java/org/apache/catalina/loader/WebappClassLoaderBase.java
+++ b/java/org/apache/catalina/loader/WebappClassLoaderBase.java
@@ -1121,7 +1121,9 @@ public abstract class WebappClassLoaderBase 
extends URLClassLoader
 // Enumerations are combined depends on how delegation is 
configured

 boolean delegateFirst = delegate || filter(name, false);

-if (delegateFirst) {
+if(null == parentResources) {
+return localResources;
+} else if (delegateFirst) {
 return new CombinedEnumeration(parentResources, 
localResources);

 } else {
 return new CombinedEnumeration(localResources, 
parentResources);


But my question is whether or not this is something that Tomcat should 
be working-around. IMO the parent ClassLoader is buggy and should be 
fixed, but it may be difficult or impossible to fix the parent, so it 
may be worth it.


We could even log it including the class name of the offending ClassLoader.

WDYT?

-chris

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch 8.5.x updated: Fix typo

2023-05-03 Thread markt

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/8.5.x by this push:
 new cfc7e2b33c Fix typo
cfc7e2b33c is described below

commit cfc7e2b33cc8eee8a668db42dea5be1e79a28c8c
Author: Mark Thomas 
AuthorDate: Wed May 3 19:55:20 2023 +0100

Fix typo
---
 webapps/docs/changelog.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 0b18883d98..bfd094a21f 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -131,7 +131,7 @@
   
   
 613: Fix possible partial corrupted file copies when using
-file lockig protection or the manager servlet. Submitted
+file locking protection or the manager servlet. Submitted
 by Jack Shirazi. (remm)
   
 


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch 9.0.x updated: Fix typo

2023-05-03 Thread markt

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/9.0.x by this push:
 new 4d63c77b02 Fix typo
4d63c77b02 is described below

commit 4d63c77b0276facc52a2eb794e5616d90204fcf7
Author: Mark Thomas 
AuthorDate: Wed May 3 19:55:20 2023 +0100

Fix typo
---
 webapps/docs/changelog.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 95dd009e08..0898219add 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -131,7 +131,7 @@
   
   
 613: Fix possible partial corrupted file copies when using
-file lockig protection or the manager servlet. Submitted
+file locking protection or the manager servlet. Submitted
 by Jack Shirazi. (remm)
   
 


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch main updated: Fix typo

2023-05-03 Thread markt

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/main by this push:
 new 029e8be1d2 Fix typo
029e8be1d2 is described below

commit 029e8be1d2123ed0c52032e781227ace7465ad1c
Author: Mark Thomas 
AuthorDate: Wed May 3 19:55:20 2023 +0100

Fix typo
---
 webapps/docs/changelog.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 89d263c6cf..131799a300 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -131,7 +131,7 @@
   
   
 613: Fix possible partial corrupted file copies when using
-file lockig protection or the manager servlet. Submitted
+file locking protection or the manager servlet. Submitted
 by Jack Shirazi. (remm)
   
 


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch 10.1.x updated: Fix typo

2023-05-03 Thread markt

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 10.1.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/10.1.x by this push:
 new 43ef7f0356 Fix typo
43ef7f0356 is described below

commit 43ef7f035642bc52ba740fad28f9988bd8806d20
Author: Mark Thomas 
AuthorDate: Wed May 3 19:55:20 2023 +0100

Fix typo
---
 webapps/docs/changelog.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 94e45405fe..a7c63af0ee 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -131,7 +131,7 @@
   
   
 613: Fix possible partial corrupted file copies when using
-file lockig protection or the manager servlet. Submitted
+file locking protection or the manager servlet. Submitted
 by Jack Shirazi. (remm)
   
 


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[VOTE] Release Apache Tomcat 11.0.0-M6

2023-05-03 Thread Mark Thomas


The proposed Apache Tomcat 11.0.0-M6 release is now available for
voting.

Apache Tomcat 11.0.0-M6 is a milestone release of the 11.0.x branch and 
has been made to provide users with early access to the new features in 
Apache Tomcat 11.0.x so that they may provide feedback. The notable 
changes compared to the previous milestone include:


- Various improvements to access logging.

- Remove support for the HTTP Connector settings rejectIllegalHeader and
  allowHostHeaderMismatch. These are now hard-coded to the previous
  defaults.

- Update the packaged version of the Tomcat Migration Tool for Jakarta
  EE to 1.0.7.


For full details, see the change log:
https://nightlies.apache.org/tomcat/tomcat-11.0.x/docs/changelog.html

Applications that run on Tomcat 9 and earlier will not run on Tomcat 11 
without changes. Java EE applications designed for Tomcat 9 and earlier 
may be placed in the $CATALINA_BASE/webapps-javaee directory and Tomcat 
will automatically convert them to Jakarta EE and copy them to the 
webapps directory. Applications using deprecated APIs may require 
further changes.


It can be obtained from:
https://dist.apache.org/repos/dist/dev/tomcat/tomcat-11/v11.0.0-M6/

The Maven staging repo is:
https://repository.apache.org/content/repositories/orgapachetomcat-1432

The tag is:
https://github.com/apache/tomcat/tree/11.0.0-M6
9ce010463a93138d596c54c67b11cdb35fc8244a


The proposed 11.0.0-M6 release is:
[ ] Broken - do not release
[ ] Alpha  - go ahead and release as 11.0.0-M6

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Buildbot failure in on tomcat-9.0.x

2023-05-03 Thread buildbot

Build status: BUILD FAILED: failed compile (failure)
Worker used: bb_worker2_ubuntu
URL: https://ci2.apache.org/#builders/37/builds/541
Blamelist: Mark Thomas 
Build Text: failed compile (failure)
Status Detected: new failure
Build Source Stamp: [branch 9.0.x] 2f0ca2378415f4cf0748f4bc8fa955f41f803fa5


Steps:

  worker_preparation: 0

  git: 0

  shell: 0

  shell_1: 0

  shell_2: 0

  shell_3: 0

  shell_4: 0

  shell_5: 0

  compile: 1

  shell_6: 0

  shell_7: 0

  shell_8: 0

  shell_9: 0

  Rsync docs to nightlies.apache.org: 0

  shell_10: 0

  Rsync RAT to nightlies.apache.org: 0

  compile_1: 2

  shell_11: 0

  Rsync Logs to nightlies.apache.org: 0


-- ASF Buildbot


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

svn commit: r61624 - in /dev/tomcat/tomcat-11/v11.0.0-M6: ./ bin/ bin/embed/ src/

2023-05-03 Thread markt

Author: markt
Date: Wed May  3 18:11:22 2023
New Revision: 61624

Log:
Upload 11.0.0-M6 for voting

Added:
dev/tomcat/tomcat-11/v11.0.0-M6/
dev/tomcat/tomcat-11/v11.0.0-M6/KEYS
dev/tomcat/tomcat-11/v11.0.0-M6/README.html
dev/tomcat/tomcat-11/v11.0.0-M6/RELEASE-NOTES
dev/tomcat/tomcat-11/v11.0.0-M6/bin/
dev/tomcat/tomcat-11/v11.0.0-M6/bin/README.html
dev/tomcat/tomcat-11/v11.0.0-M6/bin/apache-tomcat-11.0.0-M6-deployer.tar.gz 
  (with props)

dev/tomcat/tomcat-11/v11.0.0-M6/bin/apache-tomcat-11.0.0-M6-deployer.tar.gz.asc

dev/tomcat/tomcat-11/v11.0.0-M6/bin/apache-tomcat-11.0.0-M6-deployer.tar.gz.sha512
dev/tomcat/tomcat-11/v11.0.0-M6/bin/apache-tomcat-11.0.0-M6-deployer.zip   
(with props)
dev/tomcat/tomcat-11/v11.0.0-M6/bin/apache-tomcat-11.0.0-M6-deployer.zip.asc

dev/tomcat/tomcat-11/v11.0.0-M6/bin/apache-tomcat-11.0.0-M6-deployer.zip.sha512
dev/tomcat/tomcat-11/v11.0.0-M6/bin/apache-tomcat-11.0.0-M6-fulldocs.tar.gz 
  (with props)

dev/tomcat/tomcat-11/v11.0.0-M6/bin/apache-tomcat-11.0.0-M6-fulldocs.tar.gz.asc

dev/tomcat/tomcat-11/v11.0.0-M6/bin/apache-tomcat-11.0.0-M6-fulldocs.tar.gz.sha512
dev/tomcat/tomcat-11/v11.0.0-M6/bin/apache-tomcat-11.0.0-M6-windows-x64.zip 
  (with props)

dev/tomcat/tomcat-11/v11.0.0-M6/bin/apache-tomcat-11.0.0-M6-windows-x64.zip.asc

dev/tomcat/tomcat-11/v11.0.0-M6/bin/apache-tomcat-11.0.0-M6-windows-x64.zip.sha512
dev/tomcat/tomcat-11/v11.0.0-M6/bin/apache-tomcat-11.0.0-M6-windows-x86.zip 
  (with props)

dev/tomcat/tomcat-11/v11.0.0-M6/bin/apache-tomcat-11.0.0-M6-windows-x86.zip.asc

dev/tomcat/tomcat-11/v11.0.0-M6/bin/apache-tomcat-11.0.0-M6-windows-x86.zip.sha512
dev/tomcat/tomcat-11/v11.0.0-M6/bin/apache-tomcat-11.0.0-M6.exe   (with 
props)
dev/tomcat/tomcat-11/v11.0.0-M6/bin/apache-tomcat-11.0.0-M6.exe.asc
dev/tomcat/tomcat-11/v11.0.0-M6/bin/apache-tomcat-11.0.0-M6.exe.sha512
dev/tomcat/tomcat-11/v11.0.0-M6/bin/apache-tomcat-11.0.0-M6.tar.gz   (with 
props)
dev/tomcat/tomcat-11/v11.0.0-M6/bin/apache-tomcat-11.0.0-M6.tar.gz.asc
dev/tomcat/tomcat-11/v11.0.0-M6/bin/apache-tomcat-11.0.0-M6.tar.gz.sha512
dev/tomcat/tomcat-11/v11.0.0-M6/bin/apache-tomcat-11.0.0-M6.zip   (with 
props)
dev/tomcat/tomcat-11/v11.0.0-M6/bin/apache-tomcat-11.0.0-M6.zip.asc
dev/tomcat/tomcat-11/v11.0.0-M6/bin/apache-tomcat-11.0.0-M6.zip.sha512
dev/tomcat/tomcat-11/v11.0.0-M6/bin/embed/

dev/tomcat/tomcat-11/v11.0.0-M6/bin/embed/apache-tomcat-11.0.0-M6-embed.tar.gz  
 (with props)

dev/tomcat/tomcat-11/v11.0.0-M6/bin/embed/apache-tomcat-11.0.0-M6-embed.tar.gz.asc

dev/tomcat/tomcat-11/v11.0.0-M6/bin/embed/apache-tomcat-11.0.0-M6-embed.tar.gz.sha512
dev/tomcat/tomcat-11/v11.0.0-M6/bin/embed/apache-tomcat-11.0.0-M6-embed.zip 
  (with props)

dev/tomcat/tomcat-11/v11.0.0-M6/bin/embed/apache-tomcat-11.0.0-M6-embed.zip.asc

dev/tomcat/tomcat-11/v11.0.0-M6/bin/embed/apache-tomcat-11.0.0-M6-embed.zip.sha512
dev/tomcat/tomcat-11/v11.0.0-M6/src/
dev/tomcat/tomcat-11/v11.0.0-M6/src/apache-tomcat-11.0.0-M6-src.tar.gz   
(with props)
dev/tomcat/tomcat-11/v11.0.0-M6/src/apache-tomcat-11.0.0-M6-src.tar.gz.asc

dev/tomcat/tomcat-11/v11.0.0-M6/src/apache-tomcat-11.0.0-M6-src.tar.gz.sha512
dev/tomcat/tomcat-11/v11.0.0-M6/src/apache-tomcat-11.0.0-M6-src.zip   (with 
props)
dev/tomcat/tomcat-11/v11.0.0-M6/src/apache-tomcat-11.0.0-M6-src.zip.asc
dev/tomcat/tomcat-11/v11.0.0-M6/src/apache-tomcat-11.0.0-M6-src.zip.sha512

Added: dev/tomcat/tomcat-11/v11.0.0-M6/KEYS
==
--- dev/tomcat/tomcat-11/v11.0.0-M6/KEYS (added)
+++ dev/tomcat/tomcat-11/v11.0.0-M6/KEYS Wed May  3 18:11:22 2023
@@ -0,0 +1,453 @@
+This file contains the PGP keys of various Apache developers.
+Please don't use them for email unless you have to. Their main
+purpose is code signing.
+
+Apache users: pgp < KEYS
+Apache developers:
+(pgpk -ll  && pgpk -xa ) >> this file.
+  or
+(gpg --fingerprint --list-sigs 
+ && gpg --armor --export ) >> this file.
+
+Apache developers: please ensure that your key is also available via the
+PGP keyservers (such as pgpkeys.mit.edu).
+
+
+pub   4096R/2F6059E7 2009-09-18
+  Key fingerprint = A9C5 DF4D 22E9 9998 D987  5A51 10C0 1C5A 2F60 59E7
+uid  Mark E D Thomas 
+sub   4096R/5E763BEC 2009-09-18
+
+-BEGIN PGP PUBLIC KEY BLOCK-
+Comment: GPGTools - http://gpgtools.org
+
+mQINBEq0DukBEAD4jovHOPJDxoD+JnO1Go2kiwpgRULasGlrVKuSUdP6wzcaqWmX
+pqtOJKKwW2MQFQLmg7nQ9RjJwy3QCbKNDJQA/bwbQT1F7WzTCz2S6vxC4zxKck4t
+6RZBq2dJsYKF0CEh6ZfY4dmKvhq+3istSoFRdHYoOPGWZpuRDqfZPdGm/m335/6K
+GH59oysn1NE7a2a+kZzjBSEgv23+l4Z1Rg7+fpz1JcdHSdC2Z+ZRxML25eVatRVz
+4yvDOZItqDURP24zWOodxgboldV6Y88C3v/7KRR+1vklzkuA2FqF8Q4r/2f0su7M
+UVviQcy29y/RlLSDTTYoVlCZ1ni14qFU7Hpw43KJtgXmcUwq31T1+SlXdYjNJ1aF

[tomcat] 01/01: Tag 11.0.0-M6

2023-05-03 Thread markt

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to tag 11.0.0-M6
in repository https://gitbox.apache.org/repos/asf/tomcat.git

commit 9ce010463a93138d596c54c67b11cdb35fc8244a
Author: Mark Thomas 
AuthorDate: Wed May 3 18:47:59 2023 +0100

Tag 11.0.0-M6
---
 build.properties.release |  52 +++
 res/install-win/Uninstall.exe.sig| Bin 0 -> 10247 bytes
 res/install-win/tomcat-installer.exe.sig | Bin 0 -> 10247 bytes
 res/maven/mvn.properties.release |  27 
 webapps/docs/changelog.xml   |   2 +-
 5 files changed, 80 insertions(+), 1 deletion(-)

diff --git a/build.properties.release b/build.properties.release
new file mode 100644
index 00..9c5f5545b7
--- /dev/null
+++ b/build.properties.release
@@ -0,0 +1,52 @@
+# -
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements.  See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License.  You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# -
+
+# This file was auto-generated by the pre-release Ant target.
+
+# Any unwanted settings may be over-ridden in a build.properties file located
+# in the same directory as this file.
+
+# Set the version-dev to "" (empty string) as this is not a development 
release.
+version.dev=
+
+# Ensure consistent timestamps for reproducible builds.
+ant.tstamp.now.iso=2023-05-03T17:28:15Z
+
+# Enable insertion of detached signatures into the Windows installer.
+do.codesigning=true
+
+# Re-use the same GPG executable.
+gpg.exec=C:/Program Files (x86)/GnuPG/bin/gpg.exe
+
+# Reproducible builds require the use of the build tools defined below. The
+# vendors (where appropriate) and versions must match exactly for a 
reproducible
+# build since this data is embedded in various files, particularly JAR file
+# manifests, as part of the build process.
+#
+# Apache Ant:  Apache Ant(TM) version 1.10.12 compiled on October 13 2021
+#
+# Java Name:   OpenJDK 64-Bit Server VM
+# Java Vendor: Eclipse Adoptium
+# Java Version:17.0.6+10
+
+# The following is provided for information only. Builds will be repeatable
+# whether or not the build environment in consistent with this information.
+#
+# OS:  amd64 Windows Server 2022 10.0
+# File encoding:   Cp1252
+#
+# Release Manager: markt
diff --git a/res/install-win/Uninstall.exe.sig 
b/res/install-win/Uninstall.exe.sig
new file mode 100644
index 00..92dec8c18e
Binary files /dev/null and b/res/install-win/Uninstall.exe.sig differ
diff --git a/res/install-win/tomcat-installer.exe.sig 
b/res/install-win/tomcat-installer.exe.sig
new file mode 100644
index 00..05d1fbff64
Binary files /dev/null and b/res/install-win/tomcat-installer.exe.sig differ
diff --git a/res/maven/mvn.properties.release b/res/maven/mvn.properties.release
new file mode 100644
index 00..df89a43a39
--- /dev/null
+++ b/res/maven/mvn.properties.release
@@ -0,0 +1,27 @@
+# -
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements.  See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License.  You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# -
+
+# This file was auto-generated by the pre-release Ant target.
+
+# Remove "-dev" from the version since this is not a development release.
+maven.asf.release.deploy.version=11.0.0-M6
+
+# Re-use the same GPG executable.
+gpg.exec=C:/Program Files (x86)/GnuPG/bin/gpg.exe
+
+# Set

[tomcat] tag 11.0.0-M6 created (now 9ce010463a)

2023-05-03 Thread markt

This is an automated email from the ASF dual-hosted git repository.

markt pushed a change to tag 11.0.0-M6
in repository https://gitbox.apache.org/repos/asf/tomcat.git


  at 9ce010463a (commit)
This tag includes the following new commits:

 new 9ce010463a Tag 11.0.0-M6

The 1 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails.  The revisions
listed as "add" were already present in the repository and have only
been added to this reference.



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Buildbot success in on tomcat-11.0.x

2023-05-03 Thread buildbot

Build status: Build succeeded!
Worker used: bb_worker2_ubuntu
URL: https://ci2.apache.org/#builders/112/builds/346
Blamelist: Mark Thomas 
Build Text: build successful
Status Detected: restored build
Build Source Stamp: [branch main] 739c7381aed22b7636351caf885ddc519ab6b442


Steps:

  worker_preparation: 0

  git: 0

  shell: 0

  shell_1: 0

  shell_2: 0

  shell_3: 0

  shell_4: 0

  shell_5: 0

  compile: 1

  shell_6: 0

  shell_7: 0

  shell_8: 0

  shell_9: 0

  Rsync docs to nightlies.apache.org: 0

  shell_10: 0

  Rsync RAT to nightlies.apache.org: 0

  compile_1: 1

  shell_11: 0

  Rsync Logs to nightlies.apache.org: 0


-- ASF Buildbot


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 66591] HttpResponse without any header generates corrupted AJP messages

2023-05-03 Thread bugzilla

https://bz.apache.org/bugzilla/show_bug.cgi?id=66591

Mark Thomas  changed:

   What|Removed |Added

 Status|NEW |RESOLVED
 Resolution|--- |FIXED

--- Comment #6 from Mark Thomas  ---
Fixed in:
- 11.0.x for 11.0.0-M6 onwards
- 10.1.x for 10.1.9 onwards
-  9.0.x for  9.0.75 onwards
-  8.5.x for  8.5.89 onwards

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch 8.5.x updated: Fix 66591 - Make sure every response includes a Send Headers packet

2023-05-03 Thread markt

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/8.5.x by this push:
 new 2214c80305 Fix 66591 - Make sure every response includes a Send 
Headers packet
2214c80305 is described below

commit 2214c8030522aa9b2a367dfa5d9acff1a03666ae
Author: Mark Thomas 
AuthorDate: Wed May 3 17:05:48 2023 +0100

Fix 66591 - Make sure every response includes a Send Headers packet
---
 java/org/apache/coyote/ajp/AjpProcessor.java   | 102 +++--
 .../coyote/ajp/TestAbstractAjpProcessor.java   |  56 ++-
 webapps/docs/changelog.xml |   5 +
 3 files changed, 113 insertions(+), 50 deletions(-)

diff --git a/java/org/apache/coyote/ajp/AjpProcessor.java 
b/java/org/apache/coyote/ajp/AjpProcessor.java
index 103f90f700..bf2a570d76 100644
--- a/java/org/apache/coyote/ajp/AjpProcessor.java
+++ b/java/org/apache/coyote/ajp/AjpProcessor.java
@@ -1058,59 +1058,63 @@ public class AjpProcessor extends AbstractProcessor {
 responseMsgPos = -1;
 
 int numHeaders = headers.size();
-for (int i = 0; i < numHeaders; i++) {
-if (i == 0) {
-// Write AJP message header
-responseMessage.reset();
-responseMessage.appendByte(Constants.JK_AJP13_SEND_HEADERS);
-
-// Write HTTP response line
-responseMessage.appendInt(statusCode);
-if (sendReasonPhrase) {
-String message = null;
-if 
(org.apache.coyote.Constants.USE_CUSTOM_STATUS_MSG_IN_HEADER &&
-
HttpMessages.isSafeInHttpHeader(response.getMessage())) {
-message = response.getMessage();
-}
-if (message == null) {
-message = 
HttpMessages.getInstance(response.getLocale()).getMessage(response.getStatus());
-}
-if (message == null) {
-// mod_jk + httpd 2.x fails with a null status message 
- bug 45026
-message = Integer.toString(response.getStatus());
-}
-tmpMB.setString(message);
-} else {
-// Reason phrase is optional but mod_jk + httpd 2.x fails 
with a null
-// reason phrase - bug 45026
-tmpMB.setString(Integer.toString(response.getStatus()));
+boolean needAjpMessageHeader = true;
+while (needAjpMessageHeader) {
+// Write AJP message header
+responseMessage.reset();
+responseMessage.appendByte(Constants.JK_AJP13_SEND_HEADERS);
+
+// Write HTTP response line
+responseMessage.appendInt(statusCode);
+if (sendReasonPhrase) {
+String message = null;
+if 
(org.apache.coyote.Constants.USE_CUSTOM_STATUS_MSG_IN_HEADER &&
+
HttpMessages.isSafeInHttpHeader(response.getMessage())) {
+message = response.getMessage();
 }
-responseMessage.appendBytes(tmpMB);
-
-// Start headers
-responseMessage.appendInt(numHeaders);
+if (message == null) {
+message = 
HttpMessages.getInstance(response.getLocale()).getMessage(response.getStatus());
+}
+if (message == null) {
+// mod_jk + httpd 2.x fails with a null status message - 
bug 45026
+message = Integer.toString(response.getStatus());
+}
+tmpMB.setString(message);
+} else {
+// Reason phrase is optional but mod_jk + httpd 2.x fails with 
a null
+// reason phrase - bug 45026
+tmpMB.setString(Integer.toString(response.getStatus()));
 }
+responseMessage.appendBytes(tmpMB);
 
-try {
-// Write headers
-MessageBytes hN = headers.getName(i);
-int hC = Constants.getResponseAjpIndex(hN.toString());
-if (hC > 0) {
-responseMessage.appendInt(hC);
-} else {
-responseMessage.appendBytes(hN);
+// Start headers
+responseMessage.appendInt(numHeaders);
+
+needAjpMessageHeader = false;
+
+for (int i = 0; i < numHeaders; i++) {
+try {
+// Write headers
+MessageBytes hN = headers.getName(i);
+int hC = Constants.getResponseAjpIndex(hN.toString());
+if (hC > 0) {
+responseMessage.appendInt(hC);
+} else {
+

[tomcat] branch 9.0.x updated: Fix 66591 - Make sure every response includes a Send Headers packet

2023-05-03 Thread markt

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/9.0.x by this push:
 new 2f0ca23784 Fix 66591 - Make sure every response includes a Send 
Headers packet
2f0ca23784 is described below

commit 2f0ca2378415f4cf0748f4bc8fa955f41f803fa5
Author: Mark Thomas 
AuthorDate: Wed May 3 17:05:48 2023 +0100

Fix 66591 - Make sure every response includes a Send Headers packet
---
 java/org/apache/coyote/ajp/AjpProcessor.java   | 74 --
 .../coyote/ajp/TestAbstractAjpProcessor.java   | 56 +++-
 webapps/docs/changelog.xml |  5 ++
 3 files changed, 99 insertions(+), 36 deletions(-)

diff --git a/java/org/apache/coyote/ajp/AjpProcessor.java 
b/java/org/apache/coyote/ajp/AjpProcessor.java
index 05c7c9df47..0910855da6 100644
--- a/java/org/apache/coyote/ajp/AjpProcessor.java
+++ b/java/org/apache/coyote/ajp/AjpProcessor.java
@@ -947,43 +947,47 @@ public class AjpProcessor extends AbstractProcessor {
 responseMsgPos = -1;
 
 int numHeaders = headers.size();
-for (int i = 0; i < numHeaders; i++) {
-if (i == 0) {
-// Write AJP message header
-responseMessage.reset();
-responseMessage.appendByte(Constants.JK_AJP13_SEND_HEADERS);
-
-// Write HTTP response line
-responseMessage.appendInt(statusCode);
-// Reason phrase is optional but mod_jk + httpd 2.x fails with 
a null
-// reason phrase - bug 45026
-tmpMB.setString(Integer.toString(response.getStatus()));
-responseMessage.appendBytes(tmpMB);
-
-// Start headers
-responseMessage.appendInt(numHeaders);
-}
+boolean needAjpMessageHeader = true;
+while (needAjpMessageHeader) {
+// Write AJP message header
+responseMessage.reset();
+responseMessage.appendByte(Constants.JK_AJP13_SEND_HEADERS);
 
-try {
-// Write headers
-MessageBytes hN = headers.getName(i);
-int hC = Constants.getResponseAjpIndex(hN.toString());
-if (hC > 0) {
-responseMessage.appendInt(hC);
-} else {
-responseMessage.appendBytes(hN);
+// Write HTTP response line
+responseMessage.appendInt(statusCode);
+// Reason phrase is optional but mod_jk + httpd 2.x fails with a 
null
+// reason phrase - bug 45026
+tmpMB.setString(Integer.toString(response.getStatus()));
+responseMessage.appendBytes(tmpMB);
+
+// Start headers
+responseMessage.appendInt(numHeaders);
+
+needAjpMessageHeader = false;
+
+for (int i = 0; i < numHeaders; i++) {
+try {
+// Write headers
+MessageBytes hN = headers.getName(i);
+int hC = Constants.getResponseAjpIndex(hN.toString());
+if (hC > 0) {
+responseMessage.appendInt(hC);
+} else {
+responseMessage.appendBytes(hN);
+}
+MessageBytes hV = headers.getValue(i);
+responseMessage.appendBytes(hV);
+} catch (IllegalArgumentException iae) {
+// Log the problematic header
+
log.warn(sm.getString("ajpprocessor.response.invalidHeader", 
headers.getName(i), headers.getValue(i)),
+iae);
+// Remove the problematic header
+headers.removeHeader(i);
+numHeaders--;
+// Restart writing of AJP message
+needAjpMessageHeader = true;
+break;
 }
-MessageBytes hV = headers.getValue(i);
-responseMessage.appendBytes(hV);
-} catch (IllegalArgumentException iae) {
-// Log the problematic header
-log.warn(sm.getString("ajpprocessor.response.invalidHeader", 
headers.getName(i), headers.getValue(i)),
-iae);
-// Remove the problematic header
-headers.removeHeader(i);
-numHeaders--;
-// Reset loop and start again
-i = -1;
 }
 }
 
diff --git a/test/org/apache/coyote/ajp/TestAbstractAjpProcessor.java 
b/test/org/apache/coyote/ajp/TestAbstractAjpProcessor.java
index eb1ae12aff..2178a61ea4 100644
--- a/test/org/apache/coyote/ajp/TestAbstractAjpProcessor.java
+++ b/test/org/apache/coyote/ajp/TestAbstractAjpProcessor.java
@@ -885,6 +885,60 @@ public

[tomcat] branch 10.1.x updated: Fix 66591 - Make sure every response includes a Send Headers packet

2023-05-03 Thread markt

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 10.1.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/10.1.x by this push:
 new f0742f47b9 Fix 66591 - Make sure every response includes a Send 
Headers packet
f0742f47b9 is described below

commit f0742f47b98aca943097f7f88e0d1163f57527e3
Author: Mark Thomas 
AuthorDate: Wed May 3 17:05:48 2023 +0100

Fix 66591 - Make sure every response includes a Send Headers packet
---
 java/org/apache/coyote/ajp/AjpProcessor.java   | 74 --
 .../coyote/ajp/TestAbstractAjpProcessor.java   | 56 +++-
 webapps/docs/changelog.xml |  5 ++
 3 files changed, 99 insertions(+), 36 deletions(-)

diff --git a/java/org/apache/coyote/ajp/AjpProcessor.java 
b/java/org/apache/coyote/ajp/AjpProcessor.java
index 93d671cb7f..ccf2e78ba1 100644
--- a/java/org/apache/coyote/ajp/AjpProcessor.java
+++ b/java/org/apache/coyote/ajp/AjpProcessor.java
@@ -956,43 +956,47 @@ public class AjpProcessor extends AbstractProcessor {
 responseMsgPos = -1;
 
 int numHeaders = headers.size();
-for (int i = 0; i < numHeaders; i++) {
-if (i == 0) {
-// Write AJP message header
-responseMessage.reset();
-responseMessage.appendByte(Constants.JK_AJP13_SEND_HEADERS);
-
-// Write HTTP response line
-responseMessage.appendInt(statusCode);
-// Reason phrase is optional but mod_jk + httpd 2.x fails with 
a null
-// reason phrase - bug 45026
-tmpMB.setString(Integer.toString(response.getStatus()));
-responseMessage.appendBytes(tmpMB);
-
-// Start headers
-responseMessage.appendInt(numHeaders);
-}
+boolean needAjpMessageHeader = true;
+while (needAjpMessageHeader) {
+// Write AJP message header
+responseMessage.reset();
+responseMessage.appendByte(Constants.JK_AJP13_SEND_HEADERS);
 
-try {
-// Write headers
-MessageBytes hN = headers.getName(i);
-int hC = Constants.getResponseAjpIndex(hN.toString());
-if (hC > 0) {
-responseMessage.appendInt(hC);
-} else {
-responseMessage.appendBytes(hN);
+// Write HTTP response line
+responseMessage.appendInt(statusCode);
+// Reason phrase is optional but mod_jk + httpd 2.x fails with a 
null
+// reason phrase - bug 45026
+tmpMB.setString(Integer.toString(response.getStatus()));
+responseMessage.appendBytes(tmpMB);
+
+// Start headers
+responseMessage.appendInt(numHeaders);
+
+needAjpMessageHeader = false;
+
+for (int i = 0; i < numHeaders; i++) {
+try {
+// Write headers
+MessageBytes hN = headers.getName(i);
+int hC = Constants.getResponseAjpIndex(hN.toString());
+if (hC > 0) {
+responseMessage.appendInt(hC);
+} else {
+responseMessage.appendBytes(hN);
+}
+MessageBytes hV = headers.getValue(i);
+responseMessage.appendBytes(hV);
+} catch (IllegalArgumentException iae) {
+// Log the problematic header
+
log.warn(sm.getString("ajpprocessor.response.invalidHeader", 
headers.getName(i), headers.getValue(i)),
+iae);
+// Remove the problematic header
+headers.removeHeader(i);
+numHeaders--;
+// Restart writing of AJP message
+needAjpMessageHeader = true;
+break;
 }
-MessageBytes hV = headers.getValue(i);
-responseMessage.appendBytes(hV);
-} catch (IllegalArgumentException iae) {
-// Log the problematic header
-log.warn(sm.getString("ajpprocessor.response.invalidHeader", 
headers.getName(i), headers.getValue(i)),
-iae);
-// Remove the problematic header
-headers.removeHeader(i);
-numHeaders--;
-// Reset loop and start again
-i = -1;
 }
 }
 
diff --git a/test/org/apache/coyote/ajp/TestAbstractAjpProcessor.java 
b/test/org/apache/coyote/ajp/TestAbstractAjpProcessor.java
index 111b033e85..22b0466e6f 100644
--- a/test/org/apache/coyote/ajp/TestAbstractAjpProcessor.java
+++ b/test/org/apache/coyote/ajp/TestAbstractAjpProcessor.java
@@ -883,6 +883,60 @@ public

[tomcat] branch main updated: Fix 66591 - Make sure every response includes a Send Headers packet

2023-05-03 Thread markt

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/main by this push:
 new 739c7381ae Fix 66591 - Make sure every response includes a Send 
Headers packet
739c7381ae is described below

commit 739c7381aed22b7636351caf885ddc519ab6b442
Author: Mark Thomas 
AuthorDate: Wed May 3 17:05:48 2023 +0100

Fix 66591 - Make sure every response includes a Send Headers packet
---
 java/org/apache/coyote/ajp/AjpProcessor.java   | 74 --
 .../coyote/ajp/TestAbstractAjpProcessor.java   | 56 +++-
 webapps/docs/changelog.xml |  5 ++
 3 files changed, 99 insertions(+), 36 deletions(-)

diff --git a/java/org/apache/coyote/ajp/AjpProcessor.java 
b/java/org/apache/coyote/ajp/AjpProcessor.java
index 93d671cb7f..ccf2e78ba1 100644
--- a/java/org/apache/coyote/ajp/AjpProcessor.java
+++ b/java/org/apache/coyote/ajp/AjpProcessor.java
@@ -956,43 +956,47 @@ public class AjpProcessor extends AbstractProcessor {
 responseMsgPos = -1;
 
 int numHeaders = headers.size();
-for (int i = 0; i < numHeaders; i++) {
-if (i == 0) {
-// Write AJP message header
-responseMessage.reset();
-responseMessage.appendByte(Constants.JK_AJP13_SEND_HEADERS);
-
-// Write HTTP response line
-responseMessage.appendInt(statusCode);
-// Reason phrase is optional but mod_jk + httpd 2.x fails with 
a null
-// reason phrase - bug 45026
-tmpMB.setString(Integer.toString(response.getStatus()));
-responseMessage.appendBytes(tmpMB);
-
-// Start headers
-responseMessage.appendInt(numHeaders);
-}
+boolean needAjpMessageHeader = true;
+while (needAjpMessageHeader) {
+// Write AJP message header
+responseMessage.reset();
+responseMessage.appendByte(Constants.JK_AJP13_SEND_HEADERS);
 
-try {
-// Write headers
-MessageBytes hN = headers.getName(i);
-int hC = Constants.getResponseAjpIndex(hN.toString());
-if (hC > 0) {
-responseMessage.appendInt(hC);
-} else {
-responseMessage.appendBytes(hN);
+// Write HTTP response line
+responseMessage.appendInt(statusCode);
+// Reason phrase is optional but mod_jk + httpd 2.x fails with a 
null
+// reason phrase - bug 45026
+tmpMB.setString(Integer.toString(response.getStatus()));
+responseMessage.appendBytes(tmpMB);
+
+// Start headers
+responseMessage.appendInt(numHeaders);
+
+needAjpMessageHeader = false;
+
+for (int i = 0; i < numHeaders; i++) {
+try {
+// Write headers
+MessageBytes hN = headers.getName(i);
+int hC = Constants.getResponseAjpIndex(hN.toString());
+if (hC > 0) {
+responseMessage.appendInt(hC);
+} else {
+responseMessage.appendBytes(hN);
+}
+MessageBytes hV = headers.getValue(i);
+responseMessage.appendBytes(hV);
+} catch (IllegalArgumentException iae) {
+// Log the problematic header
+
log.warn(sm.getString("ajpprocessor.response.invalidHeader", 
headers.getName(i), headers.getValue(i)),
+iae);
+// Remove the problematic header
+headers.removeHeader(i);
+numHeaders--;
+// Restart writing of AJP message
+needAjpMessageHeader = true;
+break;
 }
-MessageBytes hV = headers.getValue(i);
-responseMessage.appendBytes(hV);
-} catch (IllegalArgumentException iae) {
-// Log the problematic header
-log.warn(sm.getString("ajpprocessor.response.invalidHeader", 
headers.getName(i), headers.getValue(i)),
-iae);
-// Remove the problematic header
-headers.removeHeader(i);
-numHeaders--;
-// Reset loop and start again
-i = -1;
 }
 }
 
diff --git a/test/org/apache/coyote/ajp/TestAbstractAjpProcessor.java 
b/test/org/apache/coyote/ajp/TestAbstractAjpProcessor.java
index 111b033e85..22b0466e6f 100644
--- a/test/org/apache/coyote/ajp/TestAbstractAjpProcessor.java
+++ b/test/org/apache/coyote/ajp/TestAbstractAjpProcessor.java
@@ -883,6 +883,60 @@ public class

[Bug 66591] HttpResponse without any header generates corrupted AJP messages

2023-05-03 Thread bugzilla

https://bz.apache.org/bugzilla/show_bug.cgi?id=66591

Mark Thomas  changed:

   What|Removed |Added

 Status|NEEDINFO|NEW

--- Comment #5 from Mark Thomas  ---
Thanks - I can recreate it now. I have a test case and the fix looks simple.
Just need to run a few more tests.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Buildbot failure in on tomcat-11.0.x

2023-05-03 Thread buildbot

Build status: BUILD FAILED: failed compile (failure)
Worker used: bb_worker2_ubuntu
URL: https://ci2.apache.org/#builders/112/builds/345
Blamelist: Mark Thomas 
Build Text: failed compile (failure)
Status Detected: new failure
Build Source Stamp: [branch main] a477bb09a4a8fabb0c5d2d4114e2214bbb9cc48e


Steps:

  worker_preparation: 0

  git: 0

  shell: 0

  shell_1: 0

  shell_2: 0

  shell_3: 0

  shell_4: 0

  shell_5: 0

  compile: 1

  shell_6: 0

  shell_7: 0

  shell_8: 0

  shell_9: 0

  Rsync docs to nightlies.apache.org: 0

  shell_10: 0

  Rsync RAT to nightlies.apache.org: 0

  compile_1: 2

  shell_11: 0

  Rsync Logs to nightlies.apache.org: 0


-- ASF Buildbot


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 66591] HttpResponse without any header generates corrupted AJP messages

2023-05-03 Thread bugzilla

https://bz.apache.org/bugzilla/show_bug.cgi?id=66591

--- Comment #4 from Conny Seifert  ---
Created attachment 38551
  --> https://bz.apache.org/bugzilla/attachment.cgi?id=38551=edit
minimal testcase

attached app returns string "test" without any headers.
In case of failure output looks like this
: 0065 7374  .est
At least when using apache http with mod_proxy_ajp

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch 8.5.x updated: Fix off by one issue in tests found while investigating BZ 66591

2023-05-03 Thread markt

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/8.5.x by this push:
 new deab34e93a Fix off by one issue in tests found while investigating BZ 
66591
deab34e93a is described below

commit deab34e93a20c5777bf9a1eb6bcf31e1082753d9
Author: Mark Thomas 
AuthorDate: Wed May 3 12:09:46 2023 +0100

Fix off by one issue in tests found while investigating BZ 66591
---
 test/org/apache/coyote/ajp/TesterAjpMessage.java | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/test/org/apache/coyote/ajp/TesterAjpMessage.java 
b/test/org/apache/coyote/ajp/TesterAjpMessage.java
index 1c411915f4..806713557c 100644
--- a/test/org/apache/coyote/ajp/TesterAjpMessage.java
+++ b/test/org/apache/coyote/ajp/TesterAjpMessage.java
@@ -66,7 +66,7 @@ public class TesterAjpMessage extends AjpMessage {
 byte b = readByte();
 if ((b & 0xFF) == 0xA0) {
 // Coded header
-return Constants.getResponseHeaderForCode(readByte());
+return Constants.getResponseHeaderForCode(readByte() - 1);
 } else {
 int len = (b & 0xFF) << 8;
 len += getByte() & 0xFF;


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch 9.0.x updated: Fix off by one issue in tests found while investigating BZ 66591

2023-05-03 Thread markt

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/9.0.x by this push:
 new c7230e10ac Fix off by one issue in tests found while investigating BZ 
66591
c7230e10ac is described below

commit c7230e10ac64eb9851e4073d7492370ba899adea
Author: Mark Thomas 
AuthorDate: Wed May 3 12:09:46 2023 +0100

Fix off by one issue in tests found while investigating BZ 66591
---
 test/org/apache/coyote/ajp/TesterAjpMessage.java | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/test/org/apache/coyote/ajp/TesterAjpMessage.java 
b/test/org/apache/coyote/ajp/TesterAjpMessage.java
index 1c411915f4..806713557c 100644
--- a/test/org/apache/coyote/ajp/TesterAjpMessage.java
+++ b/test/org/apache/coyote/ajp/TesterAjpMessage.java
@@ -66,7 +66,7 @@ public class TesterAjpMessage extends AjpMessage {
 byte b = readByte();
 if ((b & 0xFF) == 0xA0) {
 // Coded header
-return Constants.getResponseHeaderForCode(readByte());
+return Constants.getResponseHeaderForCode(readByte() - 1);
 } else {
 int len = (b & 0xFF) << 8;
 len += getByte() & 0xFF;


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch 10.1.x updated: Fix off by one issue in tests found while investigating BZ 66591

2023-05-03 Thread markt

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 10.1.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/10.1.x by this push:
 new a3423dc649 Fix off by one issue in tests found while investigating BZ 
66591
a3423dc649 is described below

commit a3423dc6496ff2055edcc2f0be26d831d31f6a06
Author: Mark Thomas 
AuthorDate: Wed May 3 12:09:46 2023 +0100

Fix off by one issue in tests found while investigating BZ 66591
---
 test/org/apache/coyote/ajp/TesterAjpMessage.java | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/test/org/apache/coyote/ajp/TesterAjpMessage.java 
b/test/org/apache/coyote/ajp/TesterAjpMessage.java
index 1c411915f4..806713557c 100644
--- a/test/org/apache/coyote/ajp/TesterAjpMessage.java
+++ b/test/org/apache/coyote/ajp/TesterAjpMessage.java
@@ -66,7 +66,7 @@ public class TesterAjpMessage extends AjpMessage {
 byte b = readByte();
 if ((b & 0xFF) == 0xA0) {
 // Coded header
-return Constants.getResponseHeaderForCode(readByte());
+return Constants.getResponseHeaderForCode(readByte() - 1);
 } else {
 int len = (b & 0xFF) << 8;
 len += getByte() & 0xFF;


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch main updated: Fix off by one issue in tests found while investigating BZ 66591

2023-05-03 Thread markt

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/main by this push:
 new a477bb09a4 Fix off by one issue in tests found while investigating BZ 
66591
a477bb09a4 is described below

commit a477bb09a4a8fabb0c5d2d4114e2214bbb9cc48e
Author: Mark Thomas 
AuthorDate: Wed May 3 12:09:46 2023 +0100

Fix off by one issue in tests found while investigating BZ 66591
---
 test/org/apache/coyote/ajp/TesterAjpMessage.java | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/test/org/apache/coyote/ajp/TesterAjpMessage.java 
b/test/org/apache/coyote/ajp/TesterAjpMessage.java
index 1c411915f4..806713557c 100644
--- a/test/org/apache/coyote/ajp/TesterAjpMessage.java
+++ b/test/org/apache/coyote/ajp/TesterAjpMessage.java
@@ -66,7 +66,7 @@ public class TesterAjpMessage extends AjpMessage {
 byte b = readByte();
 if ((b & 0xFF) == 0xA0) {
 // Coded header
-return Constants.getResponseHeaderForCode(readByte());
+return Constants.getResponseHeaderForCode(readByte() - 1);
 } else {
 int len = (b & 0xFF) << 8;
 len += getByte() & 0xFF;


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: [Bug 66591] HttpResponse without any header generates corrupted AJP messages

2023-05-03 Thread koteswara Rao Gundapaneni

Dear team,

Server might  sends message headers for the request done by client


Here the response might be empty atheist I considered it a servlet


Regards
Koti



On Wed, 3 May 2023, 14:43 ,  wrote:

> https://bz.apache.org/bugzilla/show_bug.cgi?id=66591
>
> --- Comment #1 from Mark Thomas  ---
> Thanks for the report.
>
> My reading of RFC 9110 (section 3.4) is that responses do not require
> headers.
> I am a little curious how the fix for bug 66512 triggered this but it does
> look
> like a bug.
>
> I'm working on this now.
>
> --
> You are receiving this mail because:
> You are the assignee for the bug.
> -
> To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: dev-h...@tomcat.apache.org
>
>

[Bug 66591] HttpResponse without any header generates corrupted AJP messages

2023-05-03 Thread bugzilla

https://bz.apache.org/bugzilla/show_bug.cgi?id=66591

--- Comment #3 from Conny Seifert  ---
If I understood the code correctly, the "header-loop" beginning in line 950 is
not entered at all in case of 0 headers. So no https status code is appended to
AJP response and also the number of headers is missing then.

https://github.com/apache/tomcat/blob/9.0.x/java/org/apache/coyote/ajp/AjpProcessor.java

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 66591] HttpResponse without any header generates corrupted AJP messages

2023-05-03 Thread bugzilla

https://bz.apache.org/bugzilla/show_bug.cgi?id=66591

Mark Thomas  changed:

   What|Removed |Added

 Status|NEW |NEEDINFO

--- Comment #2 from Mark Thomas  ---
I've tried to recreate this locally but am unable to. Specifically, I have not
been able to write a Servlet that causes Tomcat to send an AJP response with no
headers.

Please provide the simplest test case that recreates this issue from a clean
install of the latest release of any supported version of Tomcat (8.5.x, 9.0.x,
10.1.x or 11.0.x as I write this).

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 66591] HttpResponse without any header generates corrupted AJP messages

2023-05-03 Thread bugzilla

https://bz.apache.org/bugzilla/show_bug.cgi?id=66591

--- Comment #1 from Mark Thomas  ---
Thanks for the report.

My reading of RFC 9110 (section 3.4) is that responses do not require headers.
I am a little curious how the fix for bug 66512 triggered this but it does look
like a bug.

I'm working on this now.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: [Bug 66589] Data frame included in response for 200 OK status with no body (content-length=0)

2023-05-03 Thread Mark Thomas


Please do not hijack threads.

If you want to ask a new question, DO NOT reply to an existing message. 
Create a new message, set an appropriate subject and send it to the 
correct list.


Mark


On 03/05/2023 08:46, koteswara Rao Gundapaneni wrote:

Hi
I have my code established at my local for tomcat but struggling alott that
how can I assigned with the PR and Bugs that the software has indeed

Regards,
Koti

On Tue, May 2, 2023 at 1:35 PM  wrote:


https://bz.apache.org/bugzilla/show_bug.cgi?id=66589

--- Comment #4 from hypn...@donarproject.org ---
OK clear. Will check on the gRPC side then.

--
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org






-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: [Bug 66589] Data frame included in response for 200 OK status with no body (content-length=0)

2023-05-03 Thread koteswara Rao Gundapaneni

Hi
I have my code established at my local for tomcat but struggling alott that
how can I assigned with the PR and Bugs that the software has indeed

Regards,
Koti

On Tue, May 2, 2023 at 1:35 PM  wrote:

> https://bz.apache.org/bugzilla/show_bug.cgi?id=66589
>
> --- Comment #4 from hypn...@donarproject.org ---
> OK clear. Will check on the gRPC side then.
>
> --
> You are receiving this mail because:
> You are the assignee for the bug.
> -
> To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: dev-h...@tomcat.apache.org
>
>

[Bug 66591] New: HttpResponse without any header generates corrupted AJP messages

2023-05-03 Thread bugzilla

https://bz.apache.org/bugzilla/show_bug.cgi?id=66591

Bug ID: 66591
   Summary: HttpResponse without any header generates corrupted
AJP messages
   Product: Tomcat 9
   Version: 9.0.74
  Hardware: All
OS: Linux
Status: NEW
  Severity: normal
  Priority: P2
 Component: Connectors
  Assignee: dev@tomcat.apache.org
  Reporter: conny.mar...@t-systems.com
  Target Milestone: -

Fix for bug 66512 caused an issue in one of our applications, which does not
set any response header at all. At a first glance no RFC defines that one MUST
set some http header. But we definitely "should". 

So this "Bug" is only to bring this to your attention. At least there should be
an appropriate error message instead of generating corrupted AJP messages.

KR Conny

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

38 matches

Mail list logo