Re: [Bug 60030] Run away CPU with JSSE / OpenSSL with IE8

2020-10-15 Thread Felix Schumacher
Account locked, spam reverted

Felix

Am 15.10.20 um 09:37 schrieb bugzi...@apache.org:
> https://bz.apache.org/bugzilla/show_bug.cgi?id=60030
>
> --- Comment #5 from ayumega  ---

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Re: [VOTE] Release Apache Tomcat 7.0.106

2020-09-18 Thread Felix Schumacher


Am 16.09.20 um 13:26 schrieb Violeta Georgieva:
> The proposed Apache Tomcat 7.0.106 release is now available for voting.
>
> It can be obtained from:
> https://dist.apache.org/repos/dist/dev/tomcat/tomcat-7/v7.0.106/
> The Maven staging repo is:
> https://repository.apache.org/content/repositories/orgapachetomcat-1279/
> The git tag is:
> https://github.com/apache/tomcat/tree/7.0.106
> c5d9010a75e99a69f59ba11cc1116d039a113979
>
> The proposed 7.0.106 release is:
> [ ] Broken - do not release
> [x] Stable - go ahead and release as 7.0.106 Stable
Felix
>
> Regards,
> Violeta
>

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Re: Deprecated JDBCRealm

2020-09-14 Thread Felix Schumacher



Am 14. September 2020 20:53:15 MESZ schrieb Mark Thomas :
>All,
>
>I'd like to proposed the following:
>- Deprecated the JDBCRealm in 7.0.x, 8.5.x and 9.0.x
>- Remove the JDBCRealm in 10.0.x
>
>The reasons for this are:
>- The JDBCRealm is single threaded
>- The DataSourceRealm is a better solution
>
>Thoughts?

Good idea

Felix 
>
>Mark
>
>-
>To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
>For additional commands, e-mail: dev-h...@tomcat.apache.org

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Re: [VOTE] Release Apache Tomcat Native 1.2.25

2020-09-02 Thread Felix Schumacher


Am 21.08.20 um 20:22 schrieb Mark Thomas:
> Version 1.2.25 includes the following changes compared to 1.2.24
>
> - Improvements to LibreSSL support
>
> - Improvements to HP_UX support
>
> Various other fixes and improvements. See the changelog for details.
>
> The proposed release artefacts can be found at [1],
> and the build was done using tag [2].
>
> The Apache Tomcat Native 1.2.25 release is
>  [x] Stable, go ahead and release
>  [ ] Broken because of ...

Unit tests ran OK with openssl 1.1.1g ( a few failures with libressl 3.1.4)

Felix

> Thanks,
>
> Mark
>
>
> [1]
> https://dist.apache.org/repos/dist/dev/tomcat/tomcat-connectors/native/1.2.25
> [2]
> https://gitbox.apache.org/repos/asf?p=tomcat-native.git;a=commit;h=a94590ec2a5e40b168a9494144125a52f41ed0b2
>
> -
> To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: dev-h...@tomcat.apache.org
>

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Re: [Bug 60030] Run away CPU with JSSE / OpenSSL with IE8

2020-09-01 Thread Felix Schumacher


Am 01.09.20 um 10:59 schrieb bugzi...@apache.org:
> https://bz.apache.org/bugzilla/show_bug.cgi?id=60030

Spam reverted and the account has been disabled.

 Felix


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Re: [Bug 64686] New: Gurilaz

2020-08-24 Thread Felix Schumacher
Am 24.08.20 um 18:42 schrieb bugzi...@apache.org:
> https://bz.apache.org/bugzilla/show_bug.cgi?id=64686

Spam reverted and the account has been disabled.

 Felix


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Re: [Bug 64672] New: I have done this only to get backlink. please dont remove it

2020-08-18 Thread Felix Schumacher
Am 18.08.20 um 02:41 schrieb bugzi...@apache.org:

> https://bz.apache.org/bugzilla/show_bug.cgi?id=64672

Spam reverted and the account has been disabled.

 Felix



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Re: [Bug 60030] Run away CPU with JSSE / OpenSSL with IE8

2020-08-14 Thread Felix Schumacher
Am 14.08.20 um 18:48 schrieb bugzi...@apache.org:

> https://bz.apache.org/bugzilla/show_bug.cgi?id=60030
>
> MoNs  changed:

Spam reverted and the account has been disabled.

 Felix


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Re: [Bug 56492] Avoid eclipse debugger pausing on uncaught exceptions when tomcat renews its threads

2020-08-12 Thread Felix Schumacher
Am 12.08.20 um 22:13 schrieb bugzi...@apache.org:
> https://bz.apache.org/bugzilla/show_bug.cgi?id=56492
>
> --- Comment #7 from ganjilgenap  ---
>
Spam reverted and the account has been disabled.

 Felix


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Re: [Bug 60030] Run away CPU with JSSE / OpenSSL with IE8

2020-08-10 Thread Felix Schumacher
Am 10.08.20 um 06:05 schrieb bugzi...@apache.org:
> https://bz.apache.org/bugzilla/show_bug.cgi?id=60030
>
> --- Comment #5 from aflaputrirohani  ---

Spam reverted and the account has been disabled.

 Felix


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Re: [Bug 60030] Run away CPU with JSSE / OpenSSL with IE8

2020-08-10 Thread Felix Schumacher
Am 10.08.20 um 09:55 schrieb bugzi...@apache.org:
> https://bz.apache.org/bugzilla/show_bug.cgi?id=60030
>
> --- Comment #7 from martina eye  ---

Spam reverted and the account has been disabled.

 Felix


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Re: First impressions from OpenSSL 3.0.0 and TC 10.0.0-M7 plus tcnative 1.2.24

2020-08-03 Thread Felix Schumacher
Chris,

Am 03.08.20 um 18:26 schrieb Christopher Schultz:
> Rainer,
>
> On 8/3/20 07:03, Rainer Jung wrote:
> > Hi Chris, hi all,
>
> > I ran build and tests for TC 10.0.0-M7 plus tcnative 1.2.24 and
> > compared them between OpenSSL 3.0.0alpha5 and 1.1.1g plus patches.
> > APR was always 1.7.0.
>
> Thanks for trying this out. What is "OpenSSL 1.1.1 + patches?" Which
> patches are you applying?
>
> > - build warnings for tcnative using OpenSSL 3.0.0alpha5:
>
> > src/ssl.c:422:5: warning: 'ENGINE_by_id' is deprecated
> > [-Wdeprecated-declarations] src/ssl.c:424:9: warning:
> > 'ENGINE_ctrl_cmd_string' is deprecated [-Wdeprecated-declarations]
> > src/ssl.c:425:13: warning: 'ENGINE_ctrl_cmd_string' is deprecated
> > [-Wdeprecated-declarations] src/ssl.c:426:13: warning:
> > 'ENGINE_free' is deprecated [-Wdeprecated-declarations]
> > src/ssl.c:806:13: warning: 'ENGINE_register_all_complete' is
> > deprecated [-Wdeprecated-declarations] src/ssl.c:809:13: warning:
> > 'ENGINE_by_id' is deprecated [-Wdeprecated-declarations]
> > src/ssl.c:815:21: warning: 'ENGINE_ctrl' is deprecated
> > [-Wdeprecated-declarations] src/ssl.c:817:17: warning:
> > 'ENGINE_set_default' is deprecated [-Wdeprecated-declarations]
> > src/ssl.c:822:17: warning: 'ENGINE_free' is deprecated
> > [-Wdeprecated-declarations] src/ssl.c:422: warning: 'ENGINE_by_id'
> > is deprecated (declared at /path/to/include/openssl/engine.h:327)
> > src/ssl.c:424: warning: 'ENGINE_ctrl_cmd_string' is deprecated
> > (declared at /path/to/include/openssl/engine.h:462) src/ssl.c:425:
> > warning: 'ENGINE_ctrl_cmd_string' is deprecated (declared at
> > /path/to/include/openssl/engine.h:462) src/ssl.c:426: warning:
> > 'ENGINE_free' is deprecated (declared at
> > /path/to/include/openssl/engine.h:474) src/ssl.c:806: warning:
> > 'ENGINE_register_all_complete' is deprecated (declared at
> > /path/to/include/openssl/engine.h:407) src/ssl.c:809: warning:
> > 'ENGINE_by_id' is deprecated (declared at
> > /path/to/include/openssl/engine.h:327) src/ssl.c:815: warning:
> > 'ENGINE_ctrl' is deprecated (declared at
> > /path/to/include/openssl/engine.h:419) src/ssl.c:817: warning:
> > 'ENGINE_set_default' is deprecated (declared at
> > /path/to/include/openssl/engine.h:652) src/ssl.c:822: warning:
> > 'ENGINE_free' is deprecated (declared at
> > /path/to/include/openssl/engine.h:474)
>
> I spot-checked ENGINE_ctrl_cmd_string and I can't seem to find any
> indication of what replacement exists for this function. It seems that
> a huge number of functions have been deprecated in 3.0.x with very
> little explanation for how to update client code to be 3.0-compliant.
Have you seen the design document for 3.0

https://www.openssl.org/docs/OpenSSL300Design.html#the-engine-api

Looks like they want to explain later how to upgrade old code

Felix



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Re: [VOTE] Release Apache Tomcat 7.0.105

2020-07-06 Thread Felix Schumacher


Am 02.07.20 um 15:08 schrieb Violeta Georgieva:
> The proposed Apache Tomcat 7.0.105 release is now available for voting.
>
> It can be obtained from:
> https://dist.apache.org/repos/dist/dev/tomcat/tomcat-7/v7.0.105/
> The Maven staging repo is:
> https://repository.apache.org/content/repositories/orgapachetomcat-1275/
> The git tag is:
> https://github.com/apache/tomcat/tree/7.0.105
> f95f4e146e7eb463abdd8d7e2c47095d50075d97
>
> The proposed 7.0.105 release is:
> [ ] Broken - do not release
> [x] Stable - go ahead and release as 7.0.105 Stable

Felix
>
> Regards,
> Violeta

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Re: [ANN] New committer: Raymond Augé

2020-07-03 Thread Felix Schumacher
Congrats and welcome!

Am 02.07.20 um 16:40 schrieb Mark Thomas:
> On behalf of the Tomcat committers I am pleased to announce that
> Raymond Augé (rotty3000) has been voted in as a new Tomcat committer.
>
> Please join me in welcoming him.
>
> Kind regards,
>
> Mark
>
> -
> To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: dev-h...@tomcat.apache.org
>

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Re: [tomcat] branch pr309-recursion deleted (was 7f1b56e)

2020-06-26 Thread Felix Schumacher
Sorry for the noise.

I wanted to work on the github branch pr/309 and accidently added a new
branch.

Felix

Am 26.06.20 um 17:02 schrieb fschumac...@apache.org:
> This is an automated email from the ASF dual-hosted git repository.
>
> fschumacher pushed a change to branch pr309-recursion
> in repository https://gitbox.apache.org/repos/asf/tomcat.git.
>
>
>  was 7f1b56e  Use method local counter for recurstion
>
> This change permanently discards the following revisions:
>
>  discard 7f1b56e  Use method local counter for recurstion
>  discard 57e83d7  Add a iterationCount limited to 20 to prevent 
> StackOverflowError.
>  discard 4f1ae64  Allow recursive substitution of properties.
>
>
> -
> To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: dev-h...@tomcat.apache.org
>

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Re: [VOTE] Release Apache Tomcat 8.5.56

2020-06-04 Thread Felix Schumacher


Am 03.06.20 um 22:51 schrieb Mark Thomas:
> The proposed Apache Tomcat 8.5.56 release is now available for voting.
>
> The notable changes compared to the 8.5.55 release are:
>
> - Add support for ALPN on recent OpenJDK 8 releases.
>
> - Add support for the CATALINA_OUT_CMD environment variable that defines
>   a command to which captured stdout and stderr will be redirected. For
>   use with, for example, rotatelogs. Patch provided by Harald Dunkel.
>
> - Be more flexible with respect to the ordering of groups, roles and
>   users in the tomcat-users.xml file
>
> Along with lots of other bug fixes and improvements.
>
> For full details, see the changelog:
> https://ci.apache.org/projects/tomcat/tomcat85/docs/changelog.html
>
> It can be obtained from:
> https://dist.apache.org/repos/dist/dev/tomcat/tomcat-8/v8.5.56/
>
> The Maven staging repo is:
> https://repository.apache.org/content/repositories/orgapachetomcat-1271/
>
> The tag is:
> https://github.com/apache/tomcat/tree/8.5.56
> 4560d2f5a49965f73ed07cb879f17d9c096c9d13
>
> The proposed 8.5.56 release is:
> [ ] Broken - do not release
> [x] Stable - go ahead and release as 8.5.56

Regards

 Felix

>
> -
> To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: dev-h...@tomcat.apache.org
>

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Re: [VOTE] Release Apache Tomcat 9.0.36

2020-06-04 Thread Felix Schumacher


Am 03.06.20 um 20:06 schrieb Mark Thomas:
> The proposed Apache Tomcat 9.0.36 release is now available for voting.
>
> The notable changes compared to the 9.0.35 release are:
>
> - Add support for ALPN on recent OpenJDK 8 releases.
>
> - Add support for the CATALINA_OUT_CMD environment variable that defines
>   a command to which captured stdout and stderr will be redirected. For
>   use with, for example, rotatelogs. Patch provided by Harald Dunkel.
>
> - Be more flexible with respect to the ordering of groups, roles and
>   users in the tomcat-users.xml file
>
> Along with lots of other bug fixes and improvements.
>
> For full details, see the changelog:
> https://ci.apache.org/projects/tomcat/tomcat9/docs/changelog.html
>
> It can be obtained from:
> https://dist.apache.org/repos/dist/dev/tomcat/tomcat-9/v9.0.36/
> The Maven staging repo is:
> https://repository.apache.org/content/repositories/orgapachetomcat-1270/
> The tag is:
> https://github.com/apache/tomcat/tree/9.0.36
> 247c8e5ad08cdcd829a0bfc6374ecb3da0e5838e
>
> The proposed 9.0.36 release is:
> [ ] Broken - do not release
> [x] Stable - go ahead and release as 9.0.36

Regards

Felix

>
> -
> To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: dev-h...@tomcat.apache.org
>

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Re: svn commit: r1874468 - in /tomcat/site/trunk: docs/security-8.html xdocs/security-8.xml

2020-02-25 Thread Felix Schumacher



Am 25. Februar 2020 19:22:39 MEZ schrieb Konstantin Kolinko 
:
>вт, 25 февр. 2020 г. в 18:26, Felix Schumacher
>:
>>
>>
>> Am 25.02.20 um 10:22 schrieb Felix Schumacher:
>>
>> Index: xdocs/stylesheets/tomcat-site.xsl
>> ===
>> --- xdocs/stylesheets/tomcat-site.xsl(Revision 1874497)
>> +++ xdocs/stylesheets/tomcat-site.xsl(Arbeitskopie)
>> @@ -359,7 +359,7 @@
>>
>>
>>> select="$hashlink"/>
>> -  
>> +  
>>
>>
>>
>>
>> would take care of using the substring for the text.
>
>The XPath documentation for substring function [1] says that character
>positions in that function start with 1 (but any value less than 1 is
>treated as 1, so 0 works as well).

Good to know. Hadn't checked the docs on this, as it did what I wanted. 

Will correct it, if course. 

Regards 
 Felix 
>
>[1] https://www.w3.org/TR/1999/REC-xpath-19991116/#function-substring
>
>Best regards,
>Konstantin Kolinko
>
>-
>To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
>For additional commands, e-mail: dev-h...@tomcat.apache.org

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Re: Enabling http to https redirects for tomcat.apache.org

2020-02-25 Thread Felix Schumacher


Am 25.02.20 um 16:57 schrieb Christopher Schultz:
> Felix,
>
> On 2/25/20 10:53, Felix Schumacher wrote:
> > as more and more browsers are marking http as unsecure, we should
> > redirect all http requests to tomcat.apache.org to https.
>
> > We can enable that by adding a rewrite rule to the .htaccess file
> > in the xdocs folder of our site repo.
>
> > For JMeter we used the following fragment:
>
> > RewriteEngine On
>
> > # Redirect http to https # From Cordova PMC Member raphinesse #
> > https://s.apache.org/An8s
>
> > # If we receive a forwarded http request from a proxy...
> > RewriteCond %{HTTP:X-Forwarded-Proto} =http [OR]
>
> > # ...or just a plain old http request directly from the client
> > RewriteCond %{HTTP:X-Forwarded-Proto} ="" RewriteCond %{HTTPS}
> > !=on
>
> > # Redirect to https version RewriteRule ^
> > https://%{HTTP_HOST}%{REQUEST_URI} [L]
>
> Query string? Or is that part of REQUEST_URI?

If I read the documentation for REQUEST_URI right, that QUERY_STRING is
not part of it.

Hm, another way to do this would probably be

RewriteRule ^/?(.*) https://%{HTTP_HOST}/$1 [L]

Taken partly from
https://cwiki.apache.org/confluence/display/HTTPD/RewriteHTTPToHTTPS

Do you think that would be better?

Felix

>
> > Anything against adding this to our .htaccess file?
>
> +1
>
> -chris
>
> -
> To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: dev-h...@tomcat.apache.org
>


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Enabling http to https redirects for tomcat.apache.org

2020-02-25 Thread Felix Schumacher
Hi all,

as more and more browsers are marking http as unsecure, we should
redirect all http requests to tomcat.apache.org to https.

We can enable that by adding a rewrite rule to the .htaccess file in the
xdocs folder of our site repo.

For JMeter we used the following fragment:

RewriteEngine On

# Redirect http to https
# From Cordova PMC Member raphinesse
# https://s.apache.org/An8s

# If we receive a forwarded http request from a proxy...
RewriteCond %{HTTP:X-Forwarded-Proto} =http [OR]

# ...or just a plain old http request directly from the client
RewriteCond %{HTTP:X-Forwarded-Proto} =""
RewriteCond %{HTTPS} !=on

# Redirect to https version
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L]

Anything against adding this to our .htaccess file?

Felix


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Re: svn commit: r1874468 - in /tomcat/site/trunk: docs/security-8.html xdocs/security-8.xml

2020-02-25 Thread Felix Schumacher


Am 25.02.20 um 16:27 schrieb Felix Schumacher:
> Am 25.02.20 um 16:24 schrieb Christopher Schultz:
>> Felix,
>>
>> On 2/25/20 04:22, Felix Schumacher wrote:
>>> Am 24.02.2020 22:13, schrieb Christopher Schultz: Mark,
>>> On 2/24/20 15:46, Mark Thomas wrote:
>>>>>> On 24/02/2020 20:31, Christopher Schultz wrote:
>>>>>>> Mark,
>>>>>>> Why not use the full commit id instead of a prefix?
>>>>>>> Couldn't some future commit conflict with some arbitrary
>>>>>>> prefix? Or do I not know what the hell I'm talking about?
>>>>>> No, you are spot on. The reason I used the prefix is that I
>>>>>> was transcribing the commit IDs by hand so the prefixes were
>>>>>> easier. We probably should use the full ID or at least a
>>>>>> longer prefix.
>>> I wonder if we could script this: grab a prefix, find the (one and
>>> only one) commit in the repo and expand it. If there is a conflict
>>> (or more than one match), emit an error and continue without
>>> changing the commit id.
>>> When I do this kind of thing for $work, I like to write scripts
>>> that emit sed scripts. So you process e.g. security-8.html as
>>> input, but emit something like this as output:
>>> s/(\b)69c5608(\b)/\169c56080fb3355507e1b55d014ec0ee6767a6150\2/g
>>> ...
>>> You get a script that can be inspected, re-used and, even better,
>>> it doesn't directly modify the input files. So you can even do
>>> something like this:
>>> $ expand-git-commit-ids.pl security-*.xml > expand.sed
>>> $ sed -i .bak -f expand.sed security-*.xml
>>> And then if you find other files where the same kind of thing needs
>>> to be done, you can re-use the expand.sed script, or even (pun
>>> intended) expand the sed script if necessary.
>>>> I would use the full hash in the xml and use a substring-function
>>>> in the xsl to shorten the hash for readability.
>>>> No need for sed here :)
>> This was to initially fetch the full hashes. In the XML, now, they are
>> already shortened.
> See my other mail :)

Changed with r1874502.

Felix

>> -chris
>>
>> -
>> To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
>> For additional commands, e-mail: dev-h...@tomcat.apache.org
>>
>
> -
> To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: dev-h...@tomcat.apache.org
>

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Re: svn commit: r1874468 - in /tomcat/site/trunk: docs/security-8.html xdocs/security-8.xml

2020-02-25 Thread Felix Schumacher


Am 25.02.20 um 16:24 schrieb Christopher Schultz:
> Felix,
>
> On 2/25/20 04:22, Felix Schumacher wrote:
> > Am 24.02.2020 22:13, schrieb Christopher Schultz: Mark,
>
> > On 2/24/20 15:46, Mark Thomas wrote:
> >>>> On 24/02/2020 20:31, Christopher Schultz wrote:
> >>>>> Mark,
> >>>>
> >>>>> Why not use the full commit id instead of a prefix?
> >>>>> Couldn't some future commit conflict with some arbitrary
> >>>>> prefix? Or do I not know what the hell I'm talking about?
> >>>>
> >>>> No, you are spot on. The reason I used the prefix is that I
> >>>> was transcribing the commit IDs by hand so the prefixes were
> >>>> easier. We probably should use the full ID or at least a
> >>>> longer prefix.
>
> > I wonder if we could script this: grab a prefix, find the (one and
> > only one) commit in the repo and expand it. If there is a conflict
> > (or more than one match), emit an error and continue without
> > changing the commit id.
>
> > When I do this kind of thing for $work, I like to write scripts
> > that emit sed scripts. So you process e.g. security-8.html as
> > input, but emit something like this as output:
>
> > s/(\b)69c5608(\b)/\169c56080fb3355507e1b55d014ec0ee6767a6150\2/g
> > ...
>
> > You get a script that can be inspected, re-used and, even better,
> > it doesn't directly modify the input files. So you can even do
> > something like this:
>
> > $ expand-git-commit-ids.pl security-*.xml > expand.sed
>
> > $ sed -i .bak -f expand.sed security-*.xml
>
> > And then if you find other files where the same kind of thing needs
> > to be done, you can re-use the expand.sed script, or even (pun
> > intended) expand the sed script if necessary.
>
> >> I would use the full hash in the xml and use a substring-function
> >> in the xsl to shorten the hash for readability.
>
> >> No need for sed here :)
>
> This was to initially fetch the full hashes. In the XML, now, they are
> already shortened.
See my other mail :)
>
> -chris
>
> -
> To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: dev-h...@tomcat.apache.org
>


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Re: svn commit: r1874468 - in /tomcat/site/trunk: docs/security-8.html xdocs/security-8.xml

2020-02-25 Thread Felix Schumacher


Am 25.02.20 um 10:22 schrieb Felix Schumacher:
> Am 24.02.2020 22:13, schrieb Christopher Schultz:
> Mark,
>
> On 2/24/20 15:46, Mark Thomas wrote:
> >>> On 24/02/2020 20:31, Christopher Schultz wrote:
> >>>> Mark,
> >>>
> >>>> Why not use the full commit id instead of a prefix? Couldn't
> >>>> some future commit conflict with some arbitrary prefix? Or do I
> >>>> not know what the hell I'm talking about?
> >>>
> >>> No, you are spot on. The reason I used the prefix is that I was
> >>> transcribing the commit IDs by hand so the prefixes were easier.
> >>> We probably should use the full ID or at least a longer prefix.
>
> I wonder if we could script this: grab a prefix, find the (one and
> only one) commit in the repo and expand it. If there is a conflict (or
> more than one match), emit an error and continue without changing the
> commit id.
>
> When I do this kind of thing for $work, I like to write scripts that
> emit sed scripts. So you process e.g. security-8.html as input, but
> emit something like this as output:
>
> s/(\b)69c5608(\b)/\169c56080fb3355507e1b55d014ec0ee6767a6150\2/g
> ...
>
> You get a script that can be inspected, re-used and, even better, it
> doesn't directly modify the input files. So you can even do something
> like this:
>
> $ expand-git-commit-ids.pl security-*.xml > expand.sed
>
> $ sed -i .bak -f expand.sed security-*.xml
>
> And then if you find other files where the same kind of thing needs to
> be done, you can re-use the expand.sed script, or even (pun intended)
> expand the sed script if necessary.
>
> > I would use the full hash in the xml and use a substring-function in
> the xsl to shorten the hash for readability.
>
> > No need for sed here :)

Now - that I re-read Chris answer - I see what he had in mind.

I think we can combine the two things. First use a script to convert the
hashes to the full version and second, adapt the xslt to emit a shorter
version for the text of the link.

perl -M5.020 -ne 'say $1 if /hashlink hash="(\w+)"/'
../tomcat-site-trunk/xdocs/security-9.xml | while read i; do git log 
--pretty="s/\\b$i\\b/%H/g" -l 1 $i^1..$i | cat; done

That would generate the sed script for security-9.xml

And

Index: xdocs/stylesheets/tomcat-site.xsl
===
--- xdocs/stylesheets/tomcat-site.xsl    (Revision 1874497)
+++ xdocs/stylesheets/tomcat-site.xsl    (Arbeitskopie)
@@ -359,7 +359,7 @@
   
   
   
-  
+  
   
 
   

would take care of using the substring for the text.

We would loose the ability to use arbitrary text in the link, but it
wasn't used anyway.

Felix

>
> > Felix
>
>
> -chris
>>
>> -
>> To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
>> For additional commands, e-mail: dev-h...@tomcat.apache.org
>
> -
> To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: dev-h...@tomcat.apache.org
>


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Re: svn commit: r1874468 - in /tomcat/site/trunk: docs/security-8.html xdocs/security-8.xml

2020-02-25 Thread Felix Schumacher

Am 24.02.2020 22:13, schrieb Christopher Schultz:

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Mark,

On 2/24/20 15:46, Mark Thomas wrote:

On 24/02/2020 20:31, Christopher Schultz wrote:

Mark,



Why not use the full commit id instead of a prefix? Couldn't
some future commit conflict with some arbitrary prefix? Or do I
not know what the hell I'm talking about?


No, you are spot on. The reason I used the prefix is that I was
transcribing the commit IDs by hand so the prefixes were easier.
We probably should use the full ID or at least a longer prefix.


I wonder if we could script this: grab a prefix, find the (one and
only one) commit in the repo and expand it. If there is a conflict (or
more than one match), emit an error and continue without changing the
commit id.

When I do this kind of thing for $work, I like to write scripts that
emit sed scripts. So you process e.g. security-8.html as input, but
emit something like this as output:

s/(\b)69c5608(\b)/\169c56080fb3355507e1b55d014ec0ee6767a6150\2/g
...

You get a script that can be inspected, re-used and, even better, it
doesn't directly modify the input files. So you can even do something
like this:

$ expand-git-commit-ids.pl security-*.xml > expand.sed

$ sed -i .bak -f expand.sed security-*.xml

And then if you find other files where the same kind of thing needs to
be done, you can re-use the expand.sed script, or even (pun intended)
expand the sed script if necessary.


I would use the full hash in the xml and use a substring-function in the 
xsl to shorten the hash for readability.


No need for sed here :)

Felix



- -chris
-BEGIN PGP SIGNATURE-
Comment: Using GnuPG with Thunderbird - https://www.enigmail.net/

iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAl5UPJMACgkQHPApP6U8
pFieGBAAmLLPqCvkLguhEr0aXmDfNmjYsiO6FssEHV2zjmqjM1zzDfgjI+WDwogs
ctGkcCvITq1BYCVlGxMrkMyYkTI9a8i6lILMpAOIUwNvTVKDF3AGKaMB+EMNqyY9
8qiCrWaDbVLqpsSuGn5OhRqPui7yv8diik1cWnUKABqC/unkJqbRSEmkY9gVW8DJ
P+rdC6PUK9osqNRttnJ7AKSuQJFBV4RGnQKDfVWFB7pnFAf9Dxy3W9xoy21NJAc5
GHB+AA/9PiNi1TUYClGI4LQnp/kMlGSeRGdtn0xRhVky/DqJehfHkZmUr8ec2Y1t
eOBTLa7aP+Y19aaYiXZco3mXrbvsGGAJaeM+gX5CKpZHjFNAJV122FbP9smv+l/T
Jdk10J2LJe3WtSR/ScKCPE4/ZXFG8pnEcNf3clT0nd8y2nuIdX6uOGPwyHMX5Cwr
/IDFnuJDzy2/O5pfojFUGAfaVN+gzKRv7N2TaYXJt42FBKWfto1BFGvCxqmIIJCu
xJDw+mLcGMfG6lximvc0mrmtOmd2CRjWfo6w12vp0/4pKyj39ZShgIT3lEg05hrC
bLcYn+sHkoFgN8uiGjbDgpPZCsYn74HR/eoqZBgSfF0rBpOkNYfkfW4Yy8aUo8m3
ilpJrf/Oqn54ilkD4/v18rCIju+jd4XEiQdhjKao+Bj4zP6dGbg=
=GeOn
-END PGP SIGNATURE-

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Re: [VOTE] Tomcat 7.0.x EOL as 31 March 2021

2020-02-21 Thread Felix Schumacher


Am 21.02.20 um 10:52 schrieb Mark Thomas:
> All,
>
> This has been mentioned in various threads and I don't recall any
> objections. I think it is time for a vote so we can formally announce this.
>
> Announce the EOL date for 7.0.x as 31 March 2021
>
> [x] Yes


Felix


> [ ] No, because...
>
> Thanks,
>
> Mark
>
> -
> To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: dev-h...@tomcat.apache.org
>

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Re: [tomcat-jakartaee-migration] branch master updated: Drop cryptographic signatures from converted JAR files

2020-02-09 Thread Felix Schumacher


Am 09.02.20 um 12:49 schrieb Mark Thomas:
> On 09/02/2020 11:00, fschumac...@apache.org wrote:
>
> 
>
>> All dropped signatures and signature files will be logged at leve FINE.
>> Maybe we should log a warning at the end of the conversion, if signatures
>> where dropped, to raise more awareness for these kind of modification.
> +1 for a warning.

Implemented the warnings as log entries.

I think it would be nicer to show them at the end of the run, but that
would mean a lot of changes, as I  don't want to use global variables to
convey those warnings and the current return values are booleans
(indicating success/error, only).

Felix

>
> Mark
>
> P.S. It is great to see this tool evolving as other start to use it.
>
> -
> To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: dev-h...@tomcat.apache.org
>

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Re: RewriteMap parsing

2019-11-01 Thread Felix Schumacher

Am 01.11.19 um 14:24 schrieb Romain Manni-Bucau:
>
>
> Le ven. 1 nov. 2019 à 11:26, Felix Schumacher
>  <mailto:felix.schumac...@internetallee.de>> a écrit :
>
>
> Am 01.11.19 um 11:11 schrieb Romain Manni-Bucau:
>> Through the spi IMHO and if it can be ambiguous use an ordinal or
>> priority to let it be overriden maybe?
>
> Do we want users to be able to overwrite our functions? Is the
> "int:" namespace free for everyone?
>
> I think so, like enabling to enrich it (often implemented as a delegation)
>
>
>
> Should we break the context startup in case of duplicate functions
> in the registry?
>
>
> If they have the same priority I think so.


I have submitted a PR that tries to implement the discussed features:
https://github.com/apache/tomcat/pull/221

Felix

>
>
> Felix
>
>>
>> Le ven. 1 nov. 2019 à 10:46, Felix Schumacher
>> > <mailto:felix.schumac...@internetallee.de>> a écrit :
>>
>>
>> Am 28.10.19 um 23:06 schrieb Romain Manni-Bucau:
>>> +1 for quotes
>>>
>>> Can the "function" support be pluggable either with an
>>> explicit registry or a SPI? Would be awesome to enrich it in
>>> "super tomcat" instances (thinking to meecrowave, tomee and
>>> maybe spring boot).
>>
>> The function support is already pluggable (by the
>> configuration file :), but I thought about adding SPI.
>>
>> It is unclear to me, how to determine the namespace ("int:"
>> in the httpd example), should it be given by the Service
>> Provider? Would "int" be reserved for our own functions? How
>> could we achieve such a reservation mechnism?
>>
>> Felix
>>
>>>
>>> Le lun. 28 oct. 2019 à 21:43, Mark Thomas >> <mailto:ma...@apache.org>> a écrit :
>>>
>>>
>>>
>>> On 27/10/2019 11:27, Felix Schumacher wrote:
>>> > Hi all,
>>> >
>>> > while looking at the RewriteMap configuration, I
>>> noticed, that parsing
>>> > of the RewriteMap directive is a bit minimal.
>>> Parameters are split at
>>> > whitespace (no quotes will be recognized) and only the
>>> first of the
>>> > optional parameters will be used.
>>> >
>>> > Should this be changed? If so, should we introduce
>>> quoting capabilities
>>> > to gather the "one" optional parameter, or allow
>>> multiple parameters?
>>> >
>>> > Version "quote":
>>> >
>>> > RewriteMap m1 example.MyMap "some params"
>>> >
>>> > Version "multiple"
>>> >
>>> > RewriteMap m2 example.OtherMap one two three
>>> >
>>> > Or should it be a combination?
>>>
>>> That is probably the most flexible option. I'd lean
>>> towards this option
>>> but would be happy to support the majority view if
>>> different.
>>>
>>> > "quote" would be sort of compatible with the current
>>> interface, as we
>>> > still have only one parameter. "multiple" would be a
>>> nicer interface for
>>> > the implementer of the map.
>>> >
>>> > Another thing I noticed, is that the httpd rewrite map
>>> feature has a few
>>> > builtin maps, that could be useful to supply with our
>>> implementation.
>>> > Any thoughts on supplying those? (I thought about the maps
>>> > int:[toupper,tolower,escape,unescape], txt:, rnd: and
>>> possibly a new one
>>> > called jdbc:{jndi-connection}:{sql statement with
>>> placeholder}. For
>>> > these elements a quote detection would be a must)
>>>
>>> I don't recall any requests for these on the users list
>>> but maybe that
>>> is because the feature isn't that well known.
>>>
>>> Mark
>>>
>>>
>>> 
>>> -
>>> To unsubscribe, e-mail:
>>> dev-unsubscr...@tomcat.apache.org
>>> <mailto:dev-unsubscr...@tomcat.apache.org>
>>> For additional commands, e-mail:
>>> dev-h...@tomcat.apache.org
>>> <mailto:dev-h...@tomcat.apache.org>
>>>


Re: RewriteMap parsing

2019-11-01 Thread Felix Schumacher

Am 01.11.19 um 11:11 schrieb Romain Manni-Bucau:
> Through the spi IMHO and if it can be ambiguous use an ordinal or
> priority to let it be overriden maybe?

Do we want users to be able to overwrite our functions? Is the "int:"
namespace free for everyone?

Should we break the context startup in case of duplicate functions in
the registry?

Felix

>
> Le ven. 1 nov. 2019 à 10:46, Felix Schumacher
>  <mailto:felix.schumac...@internetallee.de>> a écrit :
>
>
> Am 28.10.19 um 23:06 schrieb Romain Manni-Bucau:
>> +1 for quotes
>>
>> Can the "function" support be pluggable either with an explicit
>> registry or a SPI? Would be awesome to enrich it in "super
>> tomcat" instances (thinking to meecrowave, tomee and maybe spring
>> boot).
>
> The function support is already pluggable (by the configuration
> file :), but I thought about adding SPI.
>
> It is unclear to me, how to determine the namespace ("int:" in the
> httpd example), should it be given by the Service Provider? Would
> "int" be reserved for our own functions? How could we achieve such
> a reservation mechnism?
>
> Felix
>
>>
>> Le lun. 28 oct. 2019 à 21:43, Mark Thomas > <mailto:ma...@apache.org>> a écrit :
>>
>>
>>
>> On 27/10/2019 11:27, Felix Schumacher wrote:
>> > Hi all,
>> >
>> > while looking at the RewriteMap configuration, I noticed,
>> that parsing
>> > of the RewriteMap directive is a bit minimal. Parameters
>> are split at
>> > whitespace (no quotes will be recognized) and only the
>> first of the
>> > optional parameters will be used.
>> >
>> > Should this be changed? If so, should we introduce quoting
>> capabilities
>> > to gather the "one" optional parameter, or allow multiple
>> parameters?
>> >
>> > Version "quote":
>> >
>> > RewriteMap m1 example.MyMap "some params"
>> >
>> > Version "multiple"
>> >
>> > RewriteMap m2 example.OtherMap one two three
>> >
>> > Or should it be a combination?
>>
>> That is probably the most flexible option. I'd lean towards
>> this option
>> but would be happy to support the majority view if different.
>>
>> > "quote" would be sort of compatible with the current
>> interface, as we
>> > still have only one parameter. "multiple" would be a nicer
>> interface for
>> > the implementer of the map.
>> >
>> > Another thing I noticed, is that the httpd rewrite map
>> feature has a few
>> > builtin maps, that could be useful to supply with our
>> implementation.
>> > Any thoughts on supplying those? (I thought about the maps
>> > int:[toupper,tolower,escape,unescape], txt:, rnd: and
>> possibly a new one
>> > called jdbc:{jndi-connection}:{sql statement with
>> placeholder}. For
>> > these elements a quote detection would be a must)
>>
>> I don't recall any requests for these on the users list but
>> maybe that
>> is because the feature isn't that well known.
>>
>> Mark
>>
>>
>> -
>> To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
>> <mailto:dev-unsubscr...@tomcat.apache.org>
>> For additional commands, e-mail: dev-h...@tomcat.apache.org
>> <mailto:dev-h...@tomcat.apache.org>
>>


Re: RewriteMap parsing

2019-11-01 Thread Felix Schumacher

Am 28.10.19 um 23:06 schrieb Romain Manni-Bucau:
> +1 for quotes
>
> Can the "function" support be pluggable either with an explicit
> registry or a SPI? Would be awesome to enrich it in "super tomcat"
> instances (thinking to meecrowave, tomee and maybe spring boot).

The function support is already pluggable (by the configuration file :),
but I thought about adding SPI.

It is unclear to me, how to determine the namespace ("int:" in the httpd
example), should it be given by the Service Provider? Would "int" be
reserved for our own functions? How could we achieve such a reservation
mechnism?

Felix

>
> Le lun. 28 oct. 2019 à 21:43, Mark Thomas  <mailto:ma...@apache.org>> a écrit :
>
>
>
> On 27/10/2019 11:27, Felix Schumacher wrote:
> > Hi all,
> >
> > while looking at the RewriteMap configuration, I noticed, that
> parsing
> > of the RewriteMap directive is a bit minimal. Parameters are
> split at
> > whitespace (no quotes will be recognized) and only the first of the
> > optional parameters will be used.
> >
> > Should this be changed? If so, should we introduce quoting
> capabilities
> > to gather the "one" optional parameter, or allow multiple
> parameters?
> >
> > Version "quote":
> >
> > RewriteMap m1 example.MyMap "some params"
> >
> > Version "multiple"
> >
> > RewriteMap m2 example.OtherMap one two three
> >
> > Or should it be a combination?
>
> That is probably the most flexible option. I'd lean towards this
> option
> but would be happy to support the majority view if different.
>
> > "quote" would be sort of compatible with the current interface,
> as we
> > still have only one parameter. "multiple" would be a nicer
> interface for
> > the implementer of the map.
> >
> > Another thing I noticed, is that the httpd rewrite map feature
> has a few
> > builtin maps, that could be useful to supply with our
> implementation.
> > Any thoughts on supplying those? (I thought about the maps
> > int:[toupper,tolower,escape,unescape], txt:, rnd: and possibly a
> new one
> > called jdbc:{jndi-connection}:{sql statement with placeholder}. For
> > these elements a quote detection would be a must)
>
> I don't recall any requests for these on the users list but maybe that
> is because the feature isn't that well known.
>
> Mark
>
>
> -
> To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
> <mailto:dev-unsubscr...@tomcat.apache.org>
> For additional commands, e-mail: dev-h...@tomcat.apache.org
> <mailto:dev-h...@tomcat.apache.org>
>


RewriteMap parsing

2019-10-27 Thread Felix Schumacher
Hi all,

while looking at the RewriteMap configuration, I noticed, that parsing
of the RewriteMap directive is a bit minimal. Parameters are split at
whitespace (no quotes will be recognized) and only the first of the
optional parameters will be used.

Should this be changed? If so, should we introduce quoting capabilities
to gather the "one" optional parameter, or allow multiple parameters?

Version "quote":

RewriteMap m1 example.MyMap "some params"

Version "multiple"

RewriteMap m2 example.OtherMap one two three

Or should it be a combination?

"quote" would be sort of compatible with the current interface, as we
still have only one parameter. "multiple" would be a nicer interface for
the implementer of the map.


Another thing I noticed, is that the httpd rewrite map feature has a few
builtin maps, that could be useful to supply with our implementation.
Any thoughts on supplying those? (I thought about the maps
int:[toupper,tolower,escape,unescape], txt:, rnd: and possibly a new one
called jdbc:{jndi-connection}:{sql statement with placeholder}. For
these elements a quote detection would be a must)

Felix


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Re: [VOTE] Private branches in the official Tomcat git repository

2019-10-12 Thread Felix Schumacher

Am 11.10.19 um 16:43 schrieb Rémy Maucherat:
> On Fri, Oct 11, 2019 at 4:30 PM Michael Osipov  > wrote:
>
> Am 2019-10-11 um 16:20 schrieb Rémy Maucherat:
> > Hi,
> >
> > This vote is to regulate the use of branches in the official Tomcat
> > repository beyond branches that are approved by the community
> such as 8.5.x
> > and 7.0.x. It is possible to do development in private branches
> directly in
> > the official Tomcat repository, as an alternative to using forks
> and pull
> > requests.
> >
> > Should private branches be allowed in the official Tomcat git
> repository ?
> > [ ] Yes
> > [ ] No
>
> I don't like the term 'private' because everytihing I add to the
> canonical repo is intended to merged into upstream sooner or later.
> Purely private stuff must be in a fork anyway.
>
> Please redefine.
>
>
> Well, it's already in the text of the vote ("This vote is to regulate
> the use of branches in the official Tomcat repository beyond branches
> that are approved by the community such as 8.5.x and 7.0.x"): Private
> branches are defined here as any branches whose creation is not
> approved and voted on by the community.
>
> = I feel like creating branch "remm", is it allowed ?
> So I say no, because this is the Tomcat repo, not remm's repo, even
> though commits could possibly be interesting this is a bit too much.

In that sense, I would say "no", too. There is no need for a private
only branch with git.

For feature branches - which I understand are out of scope for this - I
would be tending towards a "yes".

Felix

>
> Rémy
>  
>
>
> In that case as depicted by me:
> Yes!
>


Re: [Bug 61441] daemon.sh's auto-detection fails on linux system's where java is installed via an RPM

2019-09-25 Thread Felix Schumacher


Am 19.09.19 um 10:02 schrieb Mark Thomas:
> On 19/09/2019 08:07, Felix Schumacher wrote:
>> That is obviously spam.
> When discussing spam please don't quote the material - particularly any
> links - as getting the links published as many times as possible is the
> aim of the spam.
Will try to remember it.
>
>> My question here is, what is the official way to
>> get rid of such entries?
> Officially, the process is email bugzilla-admin@a.o and ask them to:
> - disable the account
> - delete the spam comment
>
> Since that email lands in my inbox I tend to skip the sending the email
> bit ;)
>
> If you want to help out - help is always appreciated - I can give you
> the BZ karma necessary to disable accounts. You usually need to do a
> little poking around to see if they have created any other comments as
> they tend to spread them over several projects.
>
> Deleting the comments requires executing SQL directly on the database.

That sounds almost like fun. I can try to help.

Felix

>
> Mark
>
> -
> To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: dev-h...@tomcat.apache.org
>

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Re: [Bug 61441] daemon.sh's auto-detection fails on linux system's where java is installed via an RPM

2019-09-19 Thread Felix Schumacher
That is obviously spam. My question here is, what is the official way to get 
rid of such entries?

Felix 

Am 19. September 2019 07:27:43 MESZ schrieb bugzi...@apache.org:
>https://bz.apache.org/bugzilla/show_bug.cgi?id=61441
>
>--- Comment #6 from Hugo Carnegie <0p1lp...@besttempmail.com> ---
>Bug is the error that is produced due to some functional disorder in
>the system
>and the file due to hazards and other situations. The status of the bug
>that is
>mentioned has
>https://www.techentice.com/top-10-practical-blogging-trends-you-need-to-follow-in-2019/
>for practicing the following steps like the products, version, and
>components,
>etc.
>
>-- 
>You are receiving this mail because:
>You are the assignee for the bug.
>-
>To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
>For additional commands, e-mail: dev-h...@tomcat.apache.org


Re: [VOTE] Release Apache Tomcat 9.0.26

2019-09-18 Thread Felix Schumacher


Am 16.09.19 um 18:15 schrieb Mark Thomas:
> The proposed Apache Tomcat 9.0.26 release is now available for voting.
>
> The major changes compared to the 9.0.24 release are:
>
> - Update to Commons Daemon 1.2.1 to pick up fixes for regressions in
>   Commons Daemon 1.2.0, most notably a failure to start when using
>   a 32-bit JVM on Windows.
>
> - Avoid an NPE when accessing an https port using http.
>
> - Correct the invalid automatic module names for the embedded JARs.
>
> - Fix a potential hang when using HTTP/2 with the asynchronous Servlet
>   API.
>
> Along with lots of other bug fixes and improvements.
>
> For full details, see the changelog:
> https://ci.apache.org/projects/tomcat/tomcat9/docs/changelog.html
>
> It can be obtained from:
> https://dist.apache.org/repos/dist/dev/tomcat/tomcat-9/v9.0.26/
> The Maven staging repo is:
> https://repository.apache.org/content/repositories/orgapachetomcat-1230/
> The tag is:
> https://github.com/apache/tomcat/tree/9.0.26
>
>
> The proposed 9.0.26 release is:
> [ ] Broken - do not release
> [x] Stable - go ahead and release as 9.0.26

Felix



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Re: [VOTE] Release Apache Tomcat 8.5.46

2019-09-18 Thread Felix Schumacher


Am 16.09.19 um 20:46 schrieb Mark Thomas:
> The proposed Apache Tomcat 8.5.46 release is now available for voting.
>
> The major changes compared to the 8.5.45 release are:
>
> - Update to Commons Daemon 1.2.1 to pick up fixes for regressions in
>   Commons Daemon 1.2.0, most notably a failure to start when using
>   a 32-bit JVM on Windows.
>
> - Avoid an NPE when accessing an https port using http.
>
> - Fix a potential hang when using HTTP/2 with the asynchronous Servlet
>   API.
>
> Along with lots of other bug fixes and improvements.
>
> For full details, see the changelog:
> https://ci.apache.org/projects/tomcat/tomcat85/docs/changelog.html
>
> It can be obtained from:
> https://dist.apache.org/repos/dist/dev/tomcat/tomcat-8/v8.5.46/
>
> The Maven staging repo is:
> https://repository.apache.org/content/repositories/orgapachetomcat-1231/
>
> The tag is:
> https://github.com/apache/tomcat/tree/8.5.46
> 914f68b45127207170dff894e03ec31732cac898
>
> The proposed 8.5.46 release is:
> [ ] Broken - do not release
> [x] Stable - go ahead and release as 8.5.46

Felix


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Re: [tomcat] 02/02: Additional changes required to enable EnvironmentPropertySource

2019-09-15 Thread Felix Schumacher


Am 15.09.19 um 11:03 schrieb Mark Thomas:
> On 14/09/2019 20:01, Felix Schumacher wrote:
>> Am 12.09.19 um 22:40 schrieb ma...@apache.org:
>>> This is an automated email from the ASF dual-hosted git repository.
>>>
>>> markt pushed a commit to branch master
>>> in repository https://gitbox.apache.org/repos/asf/tomcat.git
>>>
>>> commit cae17a52598393680952aa21cee0e27b13a73455
>>> Author: Mark Thomas 
>>> AuthorDate: Thu Sep 12 15:31:26 2019 +0100
>>>
>>> Additional changes required to enable EnvironmentPropertySource
>>> ---
>>>  .../org/apache/tomcat/util/IntrospectionUtils.java | 49 
>>> --
>>>  java/org/apache/tomcat/util/digester/Digester.java | 33 ++-
>>>  webapps/docs/changelog.xml |  4 +-
>>>  3 files changed, 69 insertions(+), 17 deletions(-)
>>>
>>> diff --git a/java/org/apache/tomcat/util/IntrospectionUtils.java 
>>> b/java/org/apache/tomcat/util/IntrospectionUtils.java
>>> index 3ffa702..f6ac737 100644
>>> --- a/java/org/apache/tomcat/util/IntrospectionUtils.java
>>> +++ b/java/org/apache/tomcat/util/IntrospectionUtils.java
>>> @@ -476,9 +499,27 @@ public final class IntrospectionUtils {
>>>  // This provides a layer of abstraction
>>>  
>>>  public static interface PropertySource {
>>> -
>>>  public String getProperty(String key);
>>> -
>>>  }
>>>  
>>> +
>>> +public static interface PropertySourceSecure extends PropertySource {
>> I think a better name would be SecurePropertySource or
>> ClassloaderAwarePropertySource. The thing that it represents should be
>> at the end of the name IMHO.
> Fair enough. I prefer "SecurePropertySource" so I'll go with that before
> I tag.
>
>> At work I prototyped a similar approach and introduced a
>> NamespaceAwarePropertySource. It is basically an interface that has a
>> getNamespace() method that returns a prefix for the keys. I think that
>> it would be nice if these two approaches.
> Sorry, I'm not quite understanding how this works or the use case it is
> trying to address. Could you provide a simple example?

A namespaced PropertySource would look like this

interface NamespacedPropertySource extends PropertySource {
   String getNamespace(); // or getPrefix()
}

Those PropertySources would be registered by the service loader approach
into a map with their namespace as a key.

If a property is looked up with a key, for example "env.hostname", that
key would be split into the namespace (or prefix) and the actual key for
the source. The SecureProperty from the above map (found by the
namespace) would then be asked to resolve the property.

In this setup, the multiplexer that is looking up the source could check
with the security manager whether access to the key is allowed and thus
freeing the implementer of the NamespacedProperty of doing this work.

class MultiPropertySource implements SecurePropertySource { // not a
good name

  Map sources = findThemByServiceLoader();

  String getProperty(String key, ClassLoader classLoader) {
    String[] nameComponents = key.split(":", 2); // uses a colon for
separation as split uses a regex and a dot is a special char in that context
    String namespace = nameComponents[0];
    String realKey = nameComponents[1];
    if (!checkSecurity(namespace, realKey, classLoader)) { // this would
do the security check
  return null;
    }
   
    SecurePropertySource source = sources.get(namespace);
    return source.getProperty(realKey);
  }
}

Does this make sense to you?

Felix

>
>> My prototype didn't try to
>> call a security manager, but with this commit it would be easy to add.
>>
>> On the other hand it uses a ServiceLoader approach to automatically find
>> all NamespaceAwarePropertySources. Do you think this would be a good
>> addition for Tomcat?
> There is an entry in TOMCAT-NEXT around reducing the use of system
> properties. A ServiceLoader approach may be a good solution for some of
> those.
>
> Mark
>
> -
> To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: dev-h...@tomcat.apache.org
>

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Re: [tomcat] 02/02: Additional changes required to enable EnvironmentPropertySource

2019-09-14 Thread Felix Schumacher


Am 12.09.19 um 22:40 schrieb ma...@apache.org:
> This is an automated email from the ASF dual-hosted git repository.
>
> markt pushed a commit to branch master
> in repository https://gitbox.apache.org/repos/asf/tomcat.git
>
> commit cae17a52598393680952aa21cee0e27b13a73455
> Author: Mark Thomas 
> AuthorDate: Thu Sep 12 15:31:26 2019 +0100
>
> Additional changes required to enable EnvironmentPropertySource
> ---
>  .../org/apache/tomcat/util/IntrospectionUtils.java | 49 
> --
>  java/org/apache/tomcat/util/digester/Digester.java | 33 ++-
>  webapps/docs/changelog.xml |  4 +-
>  3 files changed, 69 insertions(+), 17 deletions(-)
>
> diff --git a/java/org/apache/tomcat/util/IntrospectionUtils.java 
> b/java/org/apache/tomcat/util/IntrospectionUtils.java
> index 3ffa702..f6ac737 100644
> --- a/java/org/apache/tomcat/util/IntrospectionUtils.java
> +++ b/java/org/apache/tomcat/util/IntrospectionUtils.java
> @@ -476,9 +499,27 @@ public final class IntrospectionUtils {
>  // This provides a layer of abstraction
>  
>  public static interface PropertySource {
> -
>  public String getProperty(String key);
> -
>  }
>  
> +
> +public static interface PropertySourceSecure extends PropertySource {

I think a better name would be SecurePropertySource or
ClassloaderAwarePropertySource. The thing that it represents should be
at the end of the name IMHO.

At work I prototyped a similar approach and introduced a
NamespaceAwarePropertySource. It is basically an interface that has a
getNamespace() method that returns a prefix for the keys. I think that
it would be nice if these two approaches. My prototype didn't try to
call a security manager, but with this commit it would be easy to add.

On the other hand it uses a ServiceLoader approach to automatically find
all NamespaceAwarePropertySources. Do you think this would be a good
addition for Tomcat?

Regards

 Felix

> +
> +/**
> + * Obtain a property value, checking that code associated with the
> + * provided class loader has permission to access the property. If 
> the
> + * {@code classLoader} is {@code null} or if {@code classLoader} does
> + * not implement {@link PermissionCheck} then the property value 
> will be
> + * looked up without a call to
> + * {@link PermissionCheck#check(java.security.Permission)}
> + *
> + * @param key   The key of the requested property
> + * @param classLoader   The class loader associated with the code 
> that
> + *  trigger the property lookup
> + * @return The property value or {@code null} if it could not be 
> found
> + * or if {@link 
> PermissionCheck#check(java.security.Permission)}
> + * fails
> + */
> +public String getProperty(String key, ClassLoader classLoader);
> +}

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Re: [VOTE] Release Apache Tomcat 7.0.96

2019-07-29 Thread Felix Schumacher



Am 24. Juli 2019 15:56:53 MESZ schrieb Violeta Georgieva :
>The proposed Apache Tomcat 7.0.96 release is now available for voting.
>
>For full details, see the changelog:
>https://ci.apache.org/projects/tomcat/tomcat7/docs/changelog.html
>
>It can be obtained from:
>https://dist.apache.org/repos/dist/dev/tomcat/tomcat-7/v7.0.96/
>The Maven staging repo is:
>https://repository.apache.org/content/repositories/orgapachetomcat-1224/
>The git tag is:
>https://github.com/apache/tomcat/tree/7.0.96
>5277b175db2e575022672856797240976ad23bcf
>
>The proposed 7.0.96 release is:
>[ ] Broken - do not release
>[x] Stable - go ahead and release as 7.0.96 Stable

Regards
 Felix 

>
>Regards,
>Violeta

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Re: [VOTE] Release Apache Tomcat 7.0.96

2019-07-25 Thread Felix Schumacher



Am 25. Juli 2019 17:00:06 MESZ schrieb Rainer Jung :
>Hi Felix,
>
>could it be you have overwritten objenesis.loc in some
>build.properties?

Could be. I will have a look at my docker file.

Stupid me has looked at the git sources and hasn't thought about my old me 
copying stuff into the extracted dir :) 

Felix 

>
>Commit 9e32afaf34e on 2019-07-05 for TC 7 contains:
>
>-objenesis.loc=https://bintray.com/easymock/distributions/download_file?file_path=objenesis-${objenesis.version}-bin.zip
>+objenesis.loc=${base-maven.loc}/org/objenesis/objenesis/${objenesis.version}/objenesis-${objenesis.version}.jar
>
>in build.properties.default (plus the checksum change), but your ant 
>task still downloads objenesis-1.2-bin.zip instead of
>objenesis-1.2.jar.
>
>It works here.
>
>Regards,
>
>Rainer
>
>Am 25.07.2019 um 15:48 schrieb Felix Schumacher:
>> While building with 'ant test' I currently get:
>> 
>> ,,,
>> 
>> downloadfile:
>>    [get] Getting:
>>
>https://bintray.com/easymock/distributions/download_file?file_path=objenesis-1.2-bin.zip
>>    [get] To: /root/tomcat-build-libs/download-526630409.tmp
>>    [get]
>>
>https://bintray.com/easymock/distributions/download_file?file_path=objenesis-1.2-bin.zip
>> moved to
>https://dl.bintray.com/easymock/distributions/objenesis-1.2-bin.zip
>>    [get]
>> https://dl.bintray.com/easymock/distributions/objenesis-1.2-bin.zip
>> moved to
>>
>https://d29vzk4ow07wi7.cloudfront.net/2359e04aca6f4f171f92ff77489d1669043dd536?response-content-disposition=attachment%3Bfilename%3D%22objenesis-1.2-bin.zip%22=eyJTdGF0ZW1lbnQiOiBbeyJSZXNvdXJjZSI6Imh0dHAqOi8vZDI5dnprNG93MDd3aTcuY2xvdWRmcm9udC5uZXQvMjM1OWUwNGFjYTZmNGYxNzFmOTJmZjc3NDg5ZDE2NjkwNDNkZDUzNj9yZXNwb25zZS1jb250ZW50LWRpc3Bvc2l0aW9uPWF0dGFjaG1lbnQlM0JmaWxlbmFtZSUzRCUyMm9iamVuZXNpcy0xLjItYmluLnppcCUyMiIsIkNvbmRpdGlvbiI6eyJEYXRlTGVzc1RoYW4iOnsiQVdTOkVwb2NoVGltZSI6MTU2NDA2Mjg5NX0sIklwQWRkcmVzcyI6eyJBV1M6U291cmNlSXAiOiIwLjAuMC4wLzAifX19XX0_=IGW4RrDny71UmfjwU2rT~hyMNrU8SBqOQV0wavwC00upzv9ATLZlRGec7c1~-1E~Uh5mE56h1BTmXhdcw8Fi7YTVvTIoP11esCqirEX1NO9qyp7tmur7Y5ihjXkEficCCWKzpXbklCx4ZRiCJ8CpAkVyg9rfExZyCLeAJNSRd8LhWq3j2ecwMzhR9Fb-2U3-ffi5DAJFN7YenKf5-bbVF1yE8pyF3bBo47SlLZl7ocslXm57nF41-oV2c1yrF8XchSG6WlH3DTVHqmRVqAGg4lfMJpPiuOROollmQ6cUiSvKxQ0O~l6FnByHf1D804xMeYha4UahL9clmAbP~54vWA__=APKAIFKFWOMXM2UMTSFA
>> 
>> BUILD FAILED
>> /usr/local/src/tomcat-native/build.xml:2857: The following error
>> occurred while executing this line:
>> /usr/local/src/tomcat-native/build.xml:3138: The following error
>> occurred while executing this line:
>> /usr/local/src/tomcat-native/build.xml:3023: Checksum check failure
>for
>> objenesis-1.2.jar (/root/tomcat-build-libs/download-526630409.tmp).
>>    Algorithm: MD5|SHA-1
>>    Expected value:
>>
>bee117291d50b41b8e8cf0ac5435df1d|bfcb0539a071a4c5a30690388903ac48c0667f2a
>>    Actual values:
>>    SHA-512:
>>
>ede5873de8576f2b330407b17d73bb1fdceb19d8b3b674f9e0c5c7c0461f4f3e13be099bf3503328e6d4643874b7187bb8e0db03f55bdafc99449acbc9896a2b
>>    SHA-256:
>c732f0bc16a5c6e700652d36533f286a84e5fce9932e1da65e16ab0897d6480f
>>    SHA-1: 2359e04aca6f4f171f92ff77489d1669043dd536
>>    MD5: c94eeba0f868c80c50eb0202499479ab
>> 
>> Regards
>> 
>>   Felix
>> 
>> Am 24.07.19 um 15:56 schrieb Violeta Georgieva:
>>> The proposed Apache Tomcat 7.0.96 release is now available for
>voting.
>>>
>>> For full details, see the changelog:
>>> https://ci.apache.org/projects/tomcat/tomcat7/docs/changelog.html
>>>
>>> It can be obtained from:
>>> https://dist.apache.org/repos/dist/dev/tomcat/tomcat-7/v7.0.96/
>>> The Maven staging repo is:
>>>
>https://repository.apache.org/content/repositories/orgapachetomcat-1224/
>>> The git tag is:
>>> https://github.com/apache/tomcat/tree/7.0.96
>>> 5277b175db2e575022672856797240976ad23bcf
>>>
>>> The proposed 7.0.96 release is:
>>> [ ] Broken - do not release
>>> [ ] Stable - go ahead and release as 7.0.96 Stable
>>>
>>> Regards,
>>> Violeta
>
>-
>To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
>For additional commands, e-mail: dev-h...@tomcat.apache.org

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Re: [VOTE] Release Apache Tomcat 7.0.96

2019-07-25 Thread Felix Schumacher
While building with 'ant test' I currently get:

,,,

downloadfile:
  [get] Getting:
https://bintray.com/easymock/distributions/download_file?file_path=objenesis-1.2-bin.zip
  [get] To: /root/tomcat-build-libs/download-526630409.tmp
  [get]
https://bintray.com/easymock/distributions/download_file?file_path=objenesis-1.2-bin.zip
moved to https://dl.bintray.com/easymock/distributions/objenesis-1.2-bin.zip
  [get]
https://dl.bintray.com/easymock/distributions/objenesis-1.2-bin.zip
moved to
https://d29vzk4ow07wi7.cloudfront.net/2359e04aca6f4f171f92ff77489d1669043dd536?response-content-disposition=attachment%3Bfilename%3D%22objenesis-1.2-bin.zip%22=eyJTdGF0ZW1lbnQiOiBbeyJSZXNvdXJjZSI6Imh0dHAqOi8vZDI5dnprNG93MDd3aTcuY2xvdWRmcm9udC5uZXQvMjM1OWUwNGFjYTZmNGYxNzFmOTJmZjc3NDg5ZDE2NjkwNDNkZDUzNj9yZXNwb25zZS1jb250ZW50LWRpc3Bvc2l0aW9uPWF0dGFjaG1lbnQlM0JmaWxlbmFtZSUzRCUyMm9iamVuZXNpcy0xLjItYmluLnppcCUyMiIsIkNvbmRpdGlvbiI6eyJEYXRlTGVzc1RoYW4iOnsiQVdTOkVwb2NoVGltZSI6MTU2NDA2Mjg5NX0sIklwQWRkcmVzcyI6eyJBV1M6U291cmNlSXAiOiIwLjAuMC4wLzAifX19XX0_=IGW4RrDny71UmfjwU2rT~hyMNrU8SBqOQV0wavwC00upzv9ATLZlRGec7c1~-1E~Uh5mE56h1BTmXhdcw8Fi7YTVvTIoP11esCqirEX1NO9qyp7tmur7Y5ihjXkEficCCWKzpXbklCx4ZRiCJ8CpAkVyg9rfExZyCLeAJNSRd8LhWq3j2ecwMzhR9Fb-2U3-ffi5DAJFN7YenKf5-bbVF1yE8pyF3bBo47SlLZl7ocslXm57nF41-oV2c1yrF8XchSG6WlH3DTVHqmRVqAGg4lfMJpPiuOROollmQ6cUiSvKxQ0O~l6FnByHf1D804xMeYha4UahL9clmAbP~54vWA__=APKAIFKFWOMXM2UMTSFA

BUILD FAILED
/usr/local/src/tomcat-native/build.xml:2857: The following error
occurred while executing this line:
/usr/local/src/tomcat-native/build.xml:3138: The following error
occurred while executing this line:
/usr/local/src/tomcat-native/build.xml:3023: Checksum check failure for
objenesis-1.2.jar (/root/tomcat-build-libs/download-526630409.tmp).
  Algorithm: MD5|SHA-1
  Expected value:
bee117291d50b41b8e8cf0ac5435df1d|bfcb0539a071a4c5a30690388903ac48c0667f2a
  Actual values:
  SHA-512:
ede5873de8576f2b330407b17d73bb1fdceb19d8b3b674f9e0c5c7c0461f4f3e13be099bf3503328e6d4643874b7187bb8e0db03f55bdafc99449acbc9896a2b
  SHA-256: c732f0bc16a5c6e700652d36533f286a84e5fce9932e1da65e16ab0897d6480f
  SHA-1: 2359e04aca6f4f171f92ff77489d1669043dd536
  MD5: c94eeba0f868c80c50eb0202499479ab

Regards

 Felix

Am 24.07.19 um 15:56 schrieb Violeta Georgieva:
> The proposed Apache Tomcat 7.0.96 release is now available for voting.
>
> For full details, see the changelog:
> https://ci.apache.org/projects/tomcat/tomcat7/docs/changelog.html
>
> It can be obtained from:
> https://dist.apache.org/repos/dist/dev/tomcat/tomcat-7/v7.0.96/
> The Maven staging repo is:
> https://repository.apache.org/content/repositories/orgapachetomcat-1224/
> The git tag is:
> https://github.com/apache/tomcat/tree/7.0.96
> 5277b175db2e575022672856797240976ad23bcf
>
> The proposed 7.0.96 release is:
> [ ] Broken - do not release
> [ ] Stable - go ahead and release as 7.0.96 Stable
>
> Regards,
> Violeta

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Re: [tomcat-native] branch master updated: Support old shells.

2019-06-28 Thread Felix Schumacher


Am 27.06.19 um 01:03 schrieb rj...@apache.org:
> This is an automated email from the ASF dual-hosted git repository.
>
> rjung pushed a commit to branch master
> in repository https://gitbox.apache.org/repos/asf/tomcat-native.git
>
>
> The following commit(s) were added to refs/heads/master by this push:
>  new edae9b1  Support old shells.
> edae9b1 is described below
>
> commit edae9b16888c1d5e73863877ff27bf129adc2fcd
> Author: Rainer Jung 
> AuthorDate: Thu Jun 27 01:02:02 2019 +0200
>
> Support old shells.


Hi Rainer,

do you still see shells, that don't support the $(...) syntax?

Felix


> ---
>  jnirelease.sh | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/jnirelease.sh b/jnirelease.sh
> index 0349079..8fe7fe7 100755
> --- a/jnirelease.sh
> +++ b/jnirelease.sh
> @@ -156,7 +156,7 @@ if [ ! -d .git/refs/remotes/9.0.x ]; then
>  git remote add -f 9.0.x ${TCJAVA_GITBASE}
>  fi
>  git remote update 9.0.x
> -diffcount=$(git diff HEAD remotes/9.0.x/master java/org/apache/tomcat/jni | 
> wc -l)
> +diffcount=`git diff HEAD remotes/9.0.x/master java/org/apache/tomcat/jni | 
> wc -l`
>  
>  if [ $diffcount -ne 0 ]; then
>  echo "WARNING: git subtree is not up to date with"
>
>
> -
> To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: dev-h...@tomcat.apache.org
>

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Re: [CONF] Apache Tomcat > Developing

2019-06-10 Thread Felix Schumacher


Am 10.06.19 um 20:17 schrieb Christopher Schultz:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA256
>
> Felix,
>
> How much is the information on cwiki expected to replace and/or mirror
> information available on the Tomcat web site?

Good question. My main motivation was to correct the information that is
available in that wiki, not to think about what should be placed where.

Felix

>
> A lot of this looks like information available elsewhere.
>
> Thanks,
> - -chris
>
> On 6/9/19 06:30, Felix Schumacher (Confluence) wrote:
>> There's *1 new edit* on this page
>>
>> page icon 
>> <https://cwiki.apache.org/confluence/display/TOMCAT/Developing?src=mai
> l=confluence-server=1560076209171
> c.mail.notification=com.atlassian.confluence.plugins.confluence-notifica
> tions-batch-plugin%3Abatching-notification=8aa9809569
> d423cd016a0413306f00db=view>
>>
>>
>> Developing 
>> <https://cwiki.apache.org/confluence/display/TOMCAT/Developing?src=mai
> l=confluence-server=1560076209171
> c.mail.notification=com.atlassian.confluence.plugins.confluence-notifica
> tions-batch-plugin%3Abatching-notification=8aa9809569
> d423cd016a0413306f00db=view>
>>
>>
>>  Felix Schumacher edited this page
>>
>>
>>
>> Here's the version comment
>>
>>  Felix Schumacher edited at 10:28 AM 
>> <https://cwiki.apache.org/confluence/pages/viewpage.action?pageId=1030
> 98864>
>>
>>
>>  Use git instead of svn
>>
>>
>>
>> Here's what changed:
>>
>> ...
>>
>>
>> How do I start hacking Tomcat in Eclipse?
>>
>> Briefly:
>>
>> No Format
>>
>> $ svngit checkoutclone
>> httphttps://svngithub.com/apache.org/repos/asf/tomcat/trunktomcat.git
>>
>>
> (or whatever branch you want: clearly, this would be better
>> to do directly from within Eclipse but it's easier to describe as a
>> command)
>>
>> $ cd trunktomcat
>>
>> $ echo "base.path=/path/to/where/tomcat/can/put/its/3rd-party/libs"
>>> build.properties
>> $ ant ide-eclipse
>>
>> ...
>>
>>
>> How do I remotely debug Tomcat using NetBeans 
>>  ion=true=103098864>?
>>  This answer assumes that you know how to work with a NetBeans
>> Project, and also how to use the NetBeans debugger. If not, please
>> go to http://www.netbeans.org/kb/using-netbeans/40/debug.html and
>> read up on how to use NetBeans and its debugger.
>>
>> ...
>>
>> Go to page history 
>> <https://cwiki.apache.org/confluence/pages/viewpreviousversions.action
> ?pageId=103098864=mail=confluence-server
> imestamp=1560076209171=com.atlassian.confluence.pl
> ugins.confluence-notifications-batch-plugin%3Abatching-notification
> mail.recipient=8aa9809569d423cd016a0413306f00db>
>>
>>
>> View page 
>> <https://cwiki.apache.org/confluence/display/TOMCAT/Developing?src=mai
> l=confluence-server=1560076209171
> c.mail.notification=com.atlassian.confluence.plugins.confluence-notifica
> tions-batch-plugin%3Abatching-notification=8aa9809569
> d423cd016a0413306f00db=view>
>>
>>
>>
>>
>> Stop watching space 
>> <https://cwiki.apache.org/confluence/users/removespacenotification.act
> ion?spaceKey=TOMCAT=mail=confluence-server
> .timestamp=1560076209171=com.atlassian.confluence.
> plugins.confluence-notifications-batch-plugin%3Abatching-notification
> c.mail.recipient=8aa9809569d423cd016a0413306f00db=stop-w
> atching=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJ4c3JmOjhhYTk
> 4MDk1NjlkNDIzY2QwMTZhMDQxMzMwNmYwMGRiIiwicXNoIjoiNTI4MGYyMzZlNDRkMGEzOGE
> zMTVmMTA2MGQwMjU0OWFhYWNkZjcyNGNiNmFiZjllZDUwZTg4ZmVmYTI1MTAzNCIsImlzcyI
> 6ImNvbmZsdWVuY2Vfbm90aWZpY2F0aW9uc0FSRUgtWFVEMS1QT1FHLUNTQU8iLCJleHAiOjE
> 1NjA2ODEwMDksImlhdCI6MTU2MDA3NjIwOX0.2bMiXSO3nQBuZzTYWgFZAOLmyODOfMwwBtM
> adlWflUw>
>>
> •
>> Manage notifications 
>> <https://cwiki.apache.org/confluence/users/editmyemailsettings.action?
> src=mail=confluence-server=156007620
> 9171=com.atlassian.confluence.plugins.confluence-n
> otifications-batch-plugin%3Abatching-notification=8aa
> 9809569d423cd016a0413306f00db=manage>
>>
>>
>>  Confluence logo big
>>
>> This message was sent by Atlassian Confluence 6.15.2
>>
> -BEGIN PGP SIGNATURE-
> Comment: Using GnuPG with Thunderbird - https://www.enigmail.net/
>
> iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAlz+nqgACgkQHPApP6U8
> pFj7ow/+JwpE1CubHh/G/QVhuAcM+uCQq665aON32LVgotnBXwaXpLY

[CONF] Apache Tomcat > OutOfMemory

2019-06-09 Thread Felix Schumacher (Confluence)
Title: Message Title



 
 
 
There's 1 new edit on this page 
 
 
 
 
 
 
  
 
 
 
 
 
 
 
 
 
 
 
 
 
 
OutOfMemory 
 
 
  
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

 
 
 
 
Felix Schumacher edited this page 
 
 
  
 
 

 
 
 
  
 
 
  
 
 
  
 
 
 
 
 
 
 
 
 
 
Here's the version comment 
 
 
 
 
 
 
 
 
 
 
 
 
 
  
 
 
  
 
 
  
 
 
 
 
 
 
 
 
 
 
 
 
 
 

 
 
 
 
Felix Schumacher edited at 10:50 AM 
 
 
  
 
 

 
 
 
 
 
 
 
 
 Note about MetaSpae instead of PermGen  
 
 
  
 
 
  
 
 

 
 
 
  
 
 
  
 
 
  
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Here's what changed: 
 
 
 
 
 
 
 
 
 
 
 ... 
 
A servlet trying to load a several GBytes file into memory will surely kill the server. These kind of errors must be considered a simple bug in our program. 
To compensate for the data your servlet tries to load, you increase the heap size so that there is no room to create the stack size for the threads that need to be created. The memory required by each thread will vary by OS but can be as high as 2M by default and in some OS's (like Debian Sarge) is not reducible with the -Xss parameter. Rule of Thumb, use no more than 1G for heap space in a 32-bit web application. 
Deep recursive algorithms can also lead to Out Of Memory problems. In this case, the only fixes are increasing the thread stack size (-Xss), or refactoring the algorithms to reduce the depth, or the local data size per call. 
  A webapp that uses lots of libraries with many dependencies, or a server maintaining lots of webapps could exhauste the JVM PermGen space. This space is where the VM stores the classes and methods data. In those cases, the fix is to increase this size. The Sun VM has the flag -XX:MaxPermSize that allows to set its size (the default value is 64M)  
 
 
 
 Info 
 
 
 
 
  PermGen has been integrated into a new concept called MetaSpace from Java 8 on. The old setting will generate a warning and will be ignored by newer JVMs.   
 
 
 
Hard references to classes can prevent the garbage collector from reclaiming the memory allocated for them when a ClassLoader is discarded. This will occur on JSP recompilations, and webapps reloads. If these operations are common in a webapp having these kinds of problems, it will be a matter of time, until the PermGen space gets full and an Out Of Memory is thrown. 
 ... Any threads a web application starts, a web application should stop. ServletContextListener is your friend. Note Tomcat 7 will warn you if you do this and will also provide a (highly dangerous - use at your own risk) option to terminate the threads.  DriverManager  If you load a java.sql.Driver in your own classloader (or servlets), the driver should be removed before undeploying. Each driver is registered in DriverManager which is loaded in system classloader and references the local driver. Note Tomcat will do this for you if you forget. 
 
 
 
 No Format 
 
 
 
 
 
Enumeration drivers = DriverManager.getDrivers();
		ArrayList driversToUnload=new ArrayList();
		while (drivers.hasMoreElements()) {
			Driver driver = drivers.nextElement();
			if (driver.getClass().getClassLoader().equals(getClass().getClassLoader())) {
driversToUnload.add(driver);
			}
		}
		for (Driver driver : driversToUnload) {
	DriverManager.deregisterDriver(driver);
}
  
 
 
  ThreadLocal  The lifecycle of a ThreadLocal should match that of a request. There is no guarantee that a thread will ever be used to process a request again so if a ThreadLocal is left on the thread at the end of the request there may be no opportunity for the web application to clean it up. Note Tomcat 7 will do this for you.  ContextClassLoader  There are various parts of the Java API that retain a permanent reference to the context class loader. If this happens to be a web application class loader then a memory leak will occur. Tomcat provides workarounds for these where known but there are undoubtedly others. ...  
 
 
  
 
 
  
 
 
  
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Go to page history 
 
 
  
 
 
  
 
 
  
 
 
  
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
View page 
 
 
  
 
 
  
 
 
  
 
 
  
 
 
 
 
 
 
 
 
 
 
Stop watching space
• 
 
 
 
 
 
 
Manage notifications 
 
 
 
 
 
 
 
 
 
 
  
 
 
This message was sent by Atlassian Confluence 6.15.2  
 
 
  
 
 
 
 
 
 
 
 
 




[CONF] Apache Tomcat > OutOfMemory

2019-06-09 Thread Felix Schumacher (Confluence)
Title: Message Title



 
 
 
There's 1 new edit on this page 
 
 
 
 
 
 
  
 
 
 
 
 
 
 
 
 
 
 
 
 
 
OutOfMemory 
 
 
  
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

 
 
 
 
Felix Schumacher edited this page 
 
 
  
 
 

 
 
 
  
 
 
  
 
 
  
 
 
 
 
 
 
 
 
 
 
Here's the version comment 
 
 
 
 
 
 
 
 
 
 
 
 
 
  
 
 
  
 
 
  
 
 
 
 
 
 
 
 
 
 
 
 
 
 

 
 
 
 
Felix Schumacher edited at 10:41 AM 
 
 
  
 
 

 
 
 
 
 
 
 
 
 Enable code macro to pretty print xml  
 
 
  
 
 
  
 
 

 
 
 
  
 
 
  
 
 
  
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Here's what changed: 
 
 
 
 
 
 
 
 
 
 
 ... 
 
A servlet trying to load a several GBytes file into memory will surely kill the server. These kind of errors must be considered a simple bug in our program. 
To compensate for the data your servlet tries to load, you increase the heap size so that there is no room to create the stack size for the threads that need to be created. The memory required by each thread will vary by OS but can be as high as 2M by default and in some OS's (like Debian Sarge) is not reducible with the -Xss parameter. Rule of Thumb, use no more than 1G for heap space in a 32-bit web application. 
Deep recursive algorithms can also lead to Out Of Memory problems. In this case, the only fixes are increasing the thread stack size (-Xss), or refactoring the algorithms to reduce the depth, or the local data size per call. 
A webapp that uses lots of libraries with many dependencies, or a server maintaining lots of webapps could exhauste the JVM PermGen space. This space is where the VM stores the classes and methods data. In those cases, the fix is to increase this size. The Sun VM has the flag -XX:MaxPermSize that allows to set its size (the default value is 64M) 
Hard references to classes can prevent the garbage collector from reclaiming the memory allocated for them when a ClassLoader is discarded. This will occur on JSP recompilations, and webapps reloads. If these operations are common in a webapp having these kinds of problems, it will be a matter of time, until the PermGen space gets full and an Out Of Memory is thrown. 
 ... Any threads a web application starts, a web application should stop. ServletContextListener is your friend. Note Tomcat 7 will warn you if you do this and will also provide a (highly dangerous - use at your own risk) option to terminate the threads.  DriverManager  If you load a java.sql.Driver in your own classloader (or servlets), the driver should be removed before undeploying. Each driver is registered in DriverManager which is loaded in system classloader and references the local driver. Note Tomcat will do this for you if you forget. 
 
 
 
 No Format 
 
 
 
 
 
Enumeration drivers = DriverManager.getDrivers();
		ArrayList driversToUnload=new ArrayList();
		while (drivers.hasMoreElements()) {
			Driver driver = drivers.nextElement();
			if (driver.getClass().getClassLoader().equals(getClass().getClassLoader())) {
driversToUnload.add(driver);
			}
		}
		for (Driver driver : driversToUnload) {
	DriverManager.deregisterDriver(driver);
}
  
 
 
  ThreadLocal  The lifecycle of a ThreadLocal should match that of a request. There is no guarantee that a thread will ever be used to process a request again so if a ThreadLocal is left on the thread at the end of the request there may be no opportunity for the web application to clean it up. Note Tomcat 7 will do this for you.  ContextClassLoader  There are various parts of the Java API that retain a permanent reference to the context class loader. If this happens to be a web application class loader then a memory leak will occur. Tomcat provides workarounds for these where known but there are undoubtedly others. ... Please remember that a JSP page, even one that simply prints out “OK”, will create a session. This is by design and if you do not want it to create a session you need to explicitly indicate that in your JSP. For example:   
 
 
 
 No Format 
 
 
 
 
 Code Block 
 
 
 
 
 
 
 
 
language 
php 
 
 
  
 
 
 
 
 <%@ page session="false" %>

  
 
 
 This is important in scenarios where you are doing load testing and using custom HTTP clients, because these clients may not be handling sessions correctly and thus end up creating a new session every time they access the page. ... It is also possible to limit the number of active sessions by setting maxActiveSessions attribute on a Manager element, e.g.   
 
 
 
 No Format 
 
 
 
 
 Code Block 
 
 
 
 
 
 
 
 
language 
xml 
 
 
  
 
 
 
 
 
  


  
 
 
 
 
 
  
 
 
  
 
 
  
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Go to page history 
 
 
  
 
 
  
 
 
  
 
 
  
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
View page 
 
 
  
 
 
  
 
 
  
 
 
  
 
 
 
 
 
 
 
 
 
 
Stop watching space
• 
 
 
 
 
 
 
Manage notifications 
 
 
 
 
 
 
 
 
 
 
  
 
 
This message was sent by Atlassian Confluence 6.15.2  
 
 
  
 
 
 
 
 
 
 
 
 




Re: [CONF] Apache Tomcat > Troubleshooting and Diagnostics

2019-06-09 Thread Felix Schumacher

Am 05.06.19 um 22:13 schrieb Eugène Adell:
> Hello,
>
> if I may suggest something, over the years I have found very useful
> jstat and GCViewer for detecting GC suspicious behaviors. Both are of
> course free, the first one giving information on a live JVM, and the
> second being more interesting for an offline analysis (though it can
> be updated automatically). With that you can see an OOM coming, and
> you also can have some clues for the heap settings if you want to tune
> them. You also have a visual proof when you perform a major upgrade
> and want to see if it had an impact on memory, by comparing 2 or 3
> pictures before with 2 or 3 pictures after. They were not very often
> mentionned in the users list, maybe they are underrated ?

I like gc logs a lot, as they give me a quick picture of the used
memory. I have configured all my tomcat instances to log there gc's. And
my first go to when an instance feels slow is to use jstack and look at
the fgc count.

So feel free to add a paragraph about using gc logs and corresponding
tools to the wiki.

Felix

>
> best regards
> E.A.
>
> Le mar. 4 juin 2019 à 21:00, Felix Schumacher (Confluence)
> mailto:no-re...@apache.org>> a écrit :
>
> There's *1 new edit* on this page
>  
> page icon
> 
> <https://cwiki.apache.org/confluence/display/TOMCAT/Troubleshooting+and+Diagnostics?src=mail=confluence-server=1559674809846=com.atlassian.confluence.plugins.confluence-notifications-batch-plugin%3Abatching-notification=8aa9809569d423cd016a0413306f00db=view>
>
>
>   Troubleshooting and Diagnostics
> 
> <https://cwiki.apache.org/confluence/display/TOMCAT/Troubleshooting+and+Diagnostics?src=mail=confluence-server=1559674809846=com.atlassian.confluence.plugins.confluence-notifications-batch-plugin%3Abatching-notification=8aa9809569d423cd016a0413306f00db=view>
>
>
>   
> Felix Schumacher edited this page
>
>
>   
>
> Here's what changed:
>
> ...
>
>   * How To: Capture a thread dump
> 
> <https://cwiki.apache.org/confluence/pages/viewpage.action?pageId=103099265>
>
>   * How To: Capture a heap dump
> 
> <https://cwiki.apache.org/confluence/pages/viewpage.action?pageId=103099265>
>
>   * How To: Examine a Stacktrace
> 
> <https://cwiki.apache.org/confluence/pages/viewpage.action?pageId=103099265>
>
>   * How To: Configure Tomcat for debugging
> 
> <https://cwiki.apache.org/confluence/pages/viewpage.action?pageId=103099265>
>
>   * FAQ: Developing
> 
> <https://cwiki.apache.org/null/pages/createpage.action?spaceKey=TOMCAT=FAQ%2FDeveloping=true=103099080>
>
>   * FAQ: Memory
> 
> <https://cwiki.apache.org/null/pages/createpage.action?spaceKey=TOMCAT=FAQ%2FMemory=true=103099080>
>
>   * Tomcat Memory Leak Protection
> 
> <https://cwiki.apache.org/confluence/pages/viewpage.action?pageId=103099526>
>
>   * Sun Technical Article: Monitoring and Managing Java SE 6
> Platform Applications
> <http://java.sun.com/developer/technicalArticles/J2SE/monitoring/>
>
>   * Notes on using JMX clients
> 
> <https://cwiki.apache.org/confluence/pages/viewpage.action?pageId=103099080>
>
>
> ...
>
>   * jinfo - Prints JVM process info
> 
> <http://download.oracle.com/javase/6/docs/technotes/tools/share/jinfo.html>
>
>   * jstack - Prints thread stack traces
> 
> <http://download.oracle.com/javase/6/docs/technotes/tools/share/jstack.html>
>
>   * jmap - Dumps heap and shows heap status
> 
> <http://download.oracle.com/javase/6/docs/technotes/tools/share/jmap.html>
>
>   * jhat - Heap Analyzer Tool
> 
> <http://download.oracle.com/javase/6/docs/technotes/tools/share/jhat.html>
>
>   * jcmd - Multitool intended to replace the above JDK tools
> 
> <https://docs.oracle.com/javase/8/docs/technotes/tools/windows/jcmd.html>
>
>
>
>   Profilers & Heap Analyzers
>
>   * Eclipse Memory Analyzer (MAT) <http://www.eclipse.org/mat/>
>   * YourKit Profiler <http://www.yourkit.com/>
>  *
>
> VisualVM Docs
> 
> <http://download.oracle.com/javase/6/docs/technotes/tools/share/jvisualvm.html>
>  
>
>
> Anchor
>
>   usingjmxclients
>
>   usingjmxclients
>
> ...
>
>  1. Look into Tomcat access log
> 
> <https://cwiki.apache.org/confluence/pages/viewpage.action?pageId=103099265>
> (the log file generated by AccessLogVa

[CONF] Apache Tomcat > Troubleshooting and Diagnostics

2019-06-09 Thread Felix Schumacher (Confluence)
Title: Message Title



 
 
 
There's 2 new edits on this page 
 
 
 
 
 
 
  
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Troubleshooting and Diagnostics 
 
 
  
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

 
 
 
 
Felix Schumacher edited this page 
 
 
  
 
 

 
 
 
  
 
 
  
 
 
  
 
 
 
 
 
 
 
 
 
 
Here's the version comments 
 
 
 
 
 
 
 
 
 
 
 
 
 
  
 
 
  
 
 
  
 
 
 
 
 
 
 
 
 
 
 
 
 
 

 
 
 
 
Felix Schumacher edited at 10:25 AM 
 
 
  
 
 

 
 
 
 
 
 
 
 
 Correct Typo  
 
 
  
 
 
  
 
 

 
 
 
  
 
 
  
 
 
  
 
 
 
 
 
 
 
 
 
 
 
 
 
 

 
 
 
 
Felix Schumacher edited at 10:24 AM 
 
 
  
 
 

 
 
 
 
 
 
 
 
 Updated Links to FAQs for Memory and Developing  
 
 
  
 
 
  
 
 

 
 
 
  
 
 
  
 
 
  
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Here's what changed: 
 
 
 
 
 
 
 
 
 
 
 ... 
 
 How To: Capture a thread dump  
 How To: Capture a heap dump  
 How To: Examine a Stacktrace  
 How To: Configure Tomcat for debugging  
 FAQ: Developing  
 FAQ: Memory  
 Tomcat Memory Leak Protection  
 Sun Technical Article: Monitoring and Managing Java SE 6 Platform Applications  
 Notes on using JMX clients  
 ... 
 
Look into Tomcat access log (the log file generated by AccessLogValve).  
 
If your request is not listed there, then it has not been processed by Tomcat. You need to look elsewhere (e.g. at your firewall). 
You will see what IP address your client is using, and whether it is using an IPv4 (127.0.0.1) or IPv6 address (0:0:0:0:0:0:0:1). Modern operating systems can use IPv6 addresses for localhost / local network access, while external network is still using IPv4. 2. Take a thread dump. This way you will find out what Tomcat is actually doing. 
If you are troubleshooting some process that takes noticeable time, take several (three) thread dumps with some interval between them. This way you will see if there are any changes, any progress. 3. Try debugging. 
A good place for a breakpoint is org.apache.catalina.connector.CoyoteAdapter.service() method. That is the entry point from Tomcat connectors and into the Servlet engine. At that place your request has already been received and its processing starts. 
  
 ... You can also search the archives of the Tomcat users' mailing lists for previous discussions mentioning the RECYCLE_FACADES flag. 2. Read about Java ImageIO issue. Accessing response objects after their lifetime can lead to security issues in your application, such as sending responses to wrong clients, mixing up responses. If you can reproduce the issue and the above diagnostic does not show your own bug, but a bug in Apache Tomcat, ...  
 
 
  
 
 
  
 
 
  
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Go to page history 
 
 
  
 
 
  
 
 
  
 
 
  
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
View page 
 
 
  
 
 
  
 
 
  
 
 
  
 
 
 
 
 
 
 
 
 
 
Stop watching space
• 
 
 
 
 
 
 
Manage notifications 
 
 
 
 
 
 
 
 
 
 
  
 
 
This message was sent by Atlassian Confluence 6.15.2  
 
 
  
 
 
 
 
 
 
 
 
 




[CONF] Apache Tomcat > Developing

2019-06-09 Thread Felix Schumacher (Confluence)
Title: Message Title



 
 
 
There's 1 new edit on this page 
 
 
 
 
 
 
  
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Developing 
 
 
  
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

 
 
 
 
Felix Schumacher edited this page 
 
 
  
 
 

 
 
 
  
 
 
  
 
 
  
 
 
 
 
 
 
 
 
 
 
Here's the version comment 
 
 
 
 
 
 
 
 
 
 
 
 
 
  
 
 
  
 
 
  
 
 
 
 
 
 
 
 
 
 
 
 
 
 

 
 
 
 
Felix Schumacher edited at 10:28 AM 
 
 
  
 
 

 
 
 
 
 
 
 
 
 Use git instead of svn  
 
 
  
 
 
  
 
 

 
 
 
  
 
 
  
 
 
  
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Here's what changed: 
 
 
 
 
 
 
 
 
 
 
 ... How do I start hacking Tomcat in Eclipse? Briefly: 
 
 
 
 No Format 
 
 
 
 
 
$ svngit checkoutclone httphttps://svngithub.com/apache.org/repos/asf/tomcat/trunktomcat.git
  (or whatever branch you want: clearly, this would be better
  to do directly from within Eclipse but it's easier to describe
  as a command)

$ cd trunktomcat

$ echo "base.path=/path/to/where/tomcat/can/put/its/3rd-party/libs" > build.properties

$ ant ide-eclipse
  
 
 
 ... How do I remotely debug Tomcat using NetBeans? This answer assumes that you know how to work with a NetBeans Project, and also how to use the NetBeans debugger. If not, please go to http://www.netbeans.org/kb/using-netbeans/40/debug.html and read up on how to use NetBeans and its debugger. ...  
 
 
  
 
 
  
 
 
  
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Go to page history 
 
 
  
 
 
  
 
 
  
 
 
  
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
View page 
 
 
  
 
 
  
 
 
  
 
 
  
 
 
 
 
 
 
 
 
 
 
Stop watching space
• 
 
 
 
 
 
 
Manage notifications 
 
 
 
 
 
 
 
 
 
 
  
 
 
This message was sent by Atlassian Confluence 6.15.2  
 
 
  
 
 
 
 
 
 
 
 
 




[CONF] Apache Tomcat > Troubleshooting and Diagnostics

2019-06-04 Thread Felix Schumacher (Confluence)
Title: Message Title



 
 
 
There's 1 new edit on this page 
 
 
 
 
 
 
  
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Troubleshooting and Diagnostics 
 
 
  
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

 
 
 
 
Felix Schumacher edited this page 
 
 
  
 
 

 
 
 
  
 
 
  
 
 
  
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Here's what changed: 
 
 
 
 
 
 
 
 
 
 
 ... 
 
 How To: Capture a thread dump  
 How To: Capture a heap dump  
 How To: Examine a Stacktrace  
 How To: Configure Tomcat for debugging  
 FAQ: Developing  
 FAQ: Memory  
 Tomcat Memory Leak Protection  
 Sun Technical Article: Monitoring and Managing Java SE 6 Platform Applications  
 Notes on using JMX clients  
 ... 
 
 jinfo - Prints JVM process info  
 jstack - Prints thread stack traces  
 jmap - Dumps heap and shows heap status  
 jhat - Heap Analyzer Tool  
 jcmd - Multitool intended to replace the above JDK tools  
 Profilers & Heap Analyzers 
 
 Eclipse Memory Analyzer (MAT)  
 YourKit Profiler  
  VisualVM Docs    
  
 
 
 
 Anchor 
 
 
 
 
 
 
 
 
 
usingjmxclients 
 
 
 
usingjmxclients 
 
 
  
 
 
  ... 
 
Look into Tomcat access log (the log file generated by AccessLogValve).  
 
If your request is not listed there, then it has not been processed by Tomcat. You need to look elsewhere (e.g. at your firewall). 
You will see what IP address your client is using, and whether it is using an IPv4 (127.0.0.1) or IPv6 address (0:0:0:0:0:0:0:1). Modern operating systems can use IPv6 addresses for localhost / local network access, while external network is still using IPv4. 2. Take a thread dump. This way you will find out what Tomcat is actually doing. 
If you are troubleshooting some process that takes noticeable time, take several (three) thread dumps with some interval between them. This way you will see if there are any changes, any progress. 3. Try debugging. 
A good place for a breakpoint is org.apache.catalina.connector.CoyoteAdapter.service() method. That is the entry point from Tomcat connectors and into the Servlet engine. At that place your request has already been received and its processing starts. 
  
 ... The main suspect is your own web application keeping a reference to Request / Response objects outside of their life cycle.  The lifetime of the Response object is documented in the Servlet specification. Quoting from section "5.8 Lifetime of the Response Object" of Servlet 4.0 specification:   "Each response object is valid only within the scope of a servlet’s service method, or within the scope of a filter’s doFilter method, unless the associated request object has asynchronous processing enabled for the component. If asynchronous processing on the associated request is started, then the response object remains valid until complete method on AsyncContext is called."   In case of asynchronous processing, when an error occurs Tomcat notifies all registered AsyncListener}}s and then calls {{complete() automatically if none of the listeners have called it yet. (Reference: 61768)   Also see sections "2.3.3.4 Thread Safety" and "3.13 Lifetime of the Request Object" of the same specification. To troubleshoot the issue: ... You can also search the archives of the Tomcat users' mailing lists for previous discussions mentioning the RECYCLE_FACADES flag. 2. Read about Java ImageIO issue. Accessing response objects after their lifetime can lead to security issues in your application, such as sending responses to wrong clients, mixing up responses. If you can reproduce the issue and the above diagnostic does not show your own bug, but a bug in Apache Tomcat, ...  
 
 
  
 
 
  
 
 
  
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Go to page history 
 
 
  
 
 
  
 
 
  
 
 
  
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
View page 
 
 
  
 
 
  
 
 
  
 
 
  
 
 
 
 
 
 
 
 
 
 
Stop watching space
• 
 
 
 
 
 
 
Manage notifications 
 
 
 
 
 
 
 
 
 
 
  
 
 
This message was sent by Atlassian Confluence 6.15.2  
 
 
  
 
 
 
 
 
 
 
 
 




Re: [tomcat] branch master updated: Use https instead of http

2019-05-21 Thread Felix Schumacher


Am 21.05.19 um 14:20 schrieb Mark Thomas:
> On 21/05/2019 13:14, Coty Sutherland wrote:
>> On Tue, May 21, 2019 at 8:10 AM Mark Thomas > > wrote:
>>
>> On 21/05/2019 13:08, Mark Thomas wrote:
>> > On 21/05/2019 13:02, csuth...@apache.org
>>  wrote:
>> >> This is an automated email from the ASF dual-hosted git repository.
>> >>
>> >> csutherl pushed a commit to branch master
>> >> in repository https://gitbox.apache.org/repos/asf/tomcat.git
>> >>
>> >>
>> >> The following commit(s) were added to refs/heads/master by this push:
>> >>      new beb2dca  Use https instead of http
>> >> beb2dca is described below
>> >>
>> >> commit beb2dca83bb4084432fd3b44e06973730ad4dc7d
>> >> Author: Coty Sutherland > >
>> >> AuthorDate: Tue May 21 08:01:53 2019 -0400
>> >>
>> >>     Use https instead of http
>> >
>> > -1. Please revert this. It will break the build if a mirror is
>> selected
>> > that does not support http. It is also unnecessary. Any file
>> downloaded
>>
>> s/does not support http/does not support https/
>>
>>
>> Ack. I checked the URL before pushing and noted that the mirrors I hit
>> redirected to http, but I didn't happen to get one that didn't support
>> it (and it didn't cross my mind). Reverted.
> Thanks.
>
> Some of those links may be safe to switch to https but the mirror link
> definitely isn't.
> From memory there has already been at least one trawl though the Tomcat
> repo changing everything to https that was safe to change. That was a
> while ago. It may be time for another one. Anything that is changed
> needs to be manually checked first to make sure that there is an https
> equivalent.

The eclipse link seems to be safe to switch. My -- rather small --
experiments resulted in no redirects. All downloads were directly served.

Felix

>
> Note that for the website, the recommendation is to use protocol
> relative links so that users retain the choice of using http or https.
>
> Mark
>
>>  
>>
>>
>> Mark
>>
>> > over http is also checked against the known hash.
>> >
>> > Check the history of that file for more details.
>> >
>> > Mark
>> >
>> >
>> >
>> >> ---
>> >>  build.properties.default | 10 +-
>> >>  build.xml                |  2 +-
>> >>  2 files changed, 6 insertions(+), 6 deletions(-)
>> >>
>> >> diff --git a/build.properties.default b/build.properties.default
>> >> index 1bacc19..cc217b6 100644
>> >> --- a/build.properties.default
>> >> +++ b/build.properties.default
>> >> @@ -90,7 +90,7 @@ compile.debug=true
>> >>  # Do not pass -deprecation (-Xlint:deprecation) flag to javac
>> >>  compile.deprecation=false
>> >> 
>> >>
>> 
>> -base-apache.loc.1=http://www.apache.org/dyn/closer.lua?action=download=
>> >>
>> 
>> +base-apache.loc.1=https://www.apache.org/dyn/closer.lua?action=download=
>> >>  base-apache.loc.2=https://archive.apache.org/dist
>> >>  base-commons.loc.1=${base-apache.loc.1}/commons
>> >>  base-commons.loc.2=${base-apache.loc.2}/commons
>> >> @@ -126,8 +126,8 @@
>> 
>> wsdl4j-lib.loc=${base-maven.loc}/wsdl4j/wsdl4j/${wsdl4j-lib.version}/wsdl4j-${ws
>> >>  # See https://wiki.apache.org/tomcat/JDTCoreBatchCompiler before
>> updating
>> >>  #
>> >>  # Checksum is from "SHA512 Checksums for 4.10" link at
>> >> -#
>> http://download.eclipse.org/eclipse/downloads/drops4/R-4.10-201812060815/
>> >> -#
>> 
>> http://download.eclipse.org/eclipse/downloads/drops4/R-4.10-201812060815/checksum/eclipse-4.10-SUMSSHA512
>> >> +#
>> 
>> https://download.eclipse.org/eclipse/downloads/drops4/R-4.10-201812060815/
>> >> +#
>> 
>> https://download.eclipse.org/eclipse/downloads/drops4/R-4.10-201812060815/checksum/eclipse-4.10-SUMSSHA512
>> >>  #
>> >>  jdt.version=4.10
>> >>  jdt.release=R-4.10-201812060815
>> >> @@ -137,8 +137,8 @@
>> 
>> jdt.checksum.value=6528d1933d752f909e61456f1a3cbb3ae3999d263701a459e6f4fc33f97f7
>> >>  jdt.home=${base.path}/ecj-${jdt.version}
>> >>  jdt.jar=${jdt.home}/ecj-${jdt.version}.jar
>> >>  # The download will be moved to the archive area eventually. We
>> are taking care of that in advance.
>> >>
>> 
>> -jdt.loc.1=http://archive.eclipse.org/eclipse/downloads/drops4/${jdt.release}/ecj-${jdt.version}.jar
>> 
>> 
>> >>
>> 
>> -jdt.loc.2=http://download.eclipse.org/eclipse/downloads/drops4/${jdt.release}/ecj-${jdt.version}.jar
>> 
>> 
>> >>
>> 
>> +jdt.loc.1=https://archive.eclipse.org/eclipse/downloads/drops4/${jdt.release}/ecj-${jdt.version}.jar

Re: [VOTE] Release Apache Tomcat 8.5.39

2019-03-16 Thread Felix Schumacher



Am 14.03.19 um 14:43 schrieb Mark Thomas:

The proposed Apache Tomcat 8.5.39 release is now available for voting.

The major changes compared to the 8.5.38 release are:

- The APR/Native connector now supports both OpenSSL and JSSE TLS
   configuration syntax (NIO and NIO2 already support this)

- Various improvements to NIO2

- Various fixes for HTTP/2 push requests

- Refactor error handling so that errors that occur early in request
   processing are handled by the application's error handling where the
   application can be identified


Along with lots of other bug fixes and improvements.

For full details, see the changelog:
https://ci.apache.org/projects/tomcat/tomcat85/docs/changelog.html

It can be obtained from:
https://dist.apache.org/repos/dist/dev/tomcat/tomcat-8/v8.5.39/

The Maven staging repo is:
https://repository.apache.org/content/repositories/orgapachetomcat-1206/

The tag is:
https://github.com/apache/tomcat/tree/8.5.39
f481565d959dc5a5eae1576cc294774c8683b4dc


The proposed 8.5.39 release is:
[ ] Broken - do not release
[x] Stable - go ahead and release as 8.5.39


The file "res/ide-support/idea/tomcat.iml" is missing in the src 
packages compared to the tag in git.


But I don't think that this is a show stopper and has probably been the 
same for the last releases. It is probably because we exclude all *.iml 
files in the target dist-source. (Will submit a fix to trunk)


Regards

 Felix



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Re: [VOTE] Migrate to git

2019-02-21 Thread Felix Schumacher



Am 21.02.19 um 17:13 schrieb Mark Thomas:

This is a VOTE to migrate the primary source code repository for Apache
Tomcat 9.0.x, 8.5.x and 7.0.x from svn to git.

The migration will be performed as per:
https://cwiki.apache.org/confluence/display/TOMCAT/Git+migration

with the following changes:
- 8.0.x will not be migrated
- the tag name format will be changed from "TOMCAT_9_0_5" to "9.0.5"
- the branches will be named master, 8.5.x and 7.0.x

The proposed date (subject to Infra agreement) for the migration is 26
Feb 2018.

The migration process will be:
- Make svn read only for trunk, 8.5.x and 7.0.x
- Turn off the svn->git replication for trunk, 8.5.x and 7.0.x
- Make git://git.apache.org/tomcat.git read/write for me only
- Perform the migration as set out in the wiki with the modifications
   described above
- Check the migration
- Make git://git.apache.org/tomcat.git read/write for all committers
   (Note: This automatically makes https://github.com/apache/tomcat
read/write as well)

The critical work is done at this point. The following tasks are more
clean-up and may end up being spread over several days.

- Confirm there are no open PRs for https://github.com/apache/tomcat85
   and then delete it and git://git.apache.org/tomcat85.git
- Confirm there are no open PRs for https://github.com/apache/tomcat70
   and then delete it and git://git.apache.org/tomcat70.git
- Update the CI systems to pull the source from git
- Create /source.html and replace /svn.html with a redirect to
   /source.html
- Update migration guide to pull diffs from gitweb
- Update Tomcat Native to pull in source from git hash
- Fix anything else we have forgotten about.

If anything goes wrong and we can't fix is easily, the fallback is to
make svn read-write and go back to using svn while we clean up the git
side of things, figure out what went wrong and come up with a better
migration plan.

[x] +1 Go ahead with the migration
[ ] -1 Postpone the migration because...

The vote will be open for at least 72 hours.


Thanks for the great preparation

Felix



Mark


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Re: [VOTE] Release Apache Tomcat 8.5.38

2019-02-07 Thread Felix Schumacher



Am 05.02.19 um 13:22 schrieb Mark Thomas:

The proposed Apache Tomcat 8.5.38 release is now available for voting.

The major changes compared to the 8.5.37 release are:

  - Update the packaged version of the Tomcat Native Library to 1.2.21
to pick up the memory leak fixes when using NIO/NIO2 with OpenSSL.

  - Correct a regression in the fix for 53737 that did not correctly
scan the web application directory structure for JSPs.

  - Improve HTTP/2 timeout handling


Along with lots of other bug fixes and improvements.

It can be obtained from:
https://dist.apache.org/repos/dist/dev/tomcat/tomcat-8/v8.5.38/
The Maven staging repo is:
https://repository.apache.org/content/repositories/orgapachetomcat-1203/
The svn tag is:
http://svn.apache.org/repos/asf/tomcat/tc8.5.x/tags/TOMCAT_8_5_38/

The proposed 8.5.38 release is:
[ ] Broken - do not release
[x] Stable - go ahead and release as 8.5.38


Regards,

 Felix



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Re: [ANN] New committer: Woonsan Ko

2018-12-19 Thread Felix Schumacher
Am Mittwoch, den 19.12.2018, 09:56 + schrieb Mark Thomas:
> On behalf of the Tomcat committers I am pleased to announce that
> Woonsan Ko (woonsan) has been voted in as a new Tomcat committer.
> 
> Please join me in welcoming him.

Congrats,
 Felix

> 
> Kind regards,
> 
> Mark
> 
> -
> To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: dev-h...@tomcat.apache.org
> 


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Re: [VOTE] Release Apache Tomcat 8.5.37

2018-12-16 Thread Felix Schumacher



Am 12.12.18 um 14:22 schrieb Mark Thomas:

The proposed Apache Tomcat 8.5.37 release is now available for voting.

The major changes compared to the 8.5.35 release are:

- Implement the requirements of section 8.2.2 2.c of the Servlet
   specification and prevent a web application from deploying if it has
   fragments with duplicate names and is configured to use relative
   ordering of fragments.

- The default Servlet no longer overrides a previously set content-type.

- Update the packaged version of the Tomcat Native Library to 1.2.19 to
   pick up the latest Windows binaries built with APR 1.6.5 and OpenSSL
   1.1.1a.

Along with lots of other bug fixes and improvements.

It can be obtained from:
https://dist.apache.org/repos/dist/dev/tomcat/tomcat-8/v8.5.37/
The Maven staging repo is:
https://repository.apache.org/content/repositories/orgapachetomcat-1201/
The svn tag is:
http://svn.apache.org/repos/asf/tomcat/tc8.5.x/tags/TOMCAT_8_5_37/

The proposed 8.5.37 release is:
[ ] Broken - do not release
[x] Stable - go ahead and release as 8.5.37


Regards,

 Felix




-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Re: [VOTE] Release Apache Tomcat 8.5.35

2018-11-05 Thread Felix Schumacher



Am 3. November 2018 18:55:11 MEZ schrieb Mark Thomas :
>The proposed Apache Tomcat 8.5.35 release is now available for voting.
>
>The major changes compared to the 8.5.34 release are:
>
>- support for TLSv1.3 when used with a JRE or OpenSSl version that
>  supports it
>
>- multiple improvements to the RewriteValve
>
>- correct several regressions in the JSP compiler
>
>
>Along with lots of other bug fixes and improvements.
>
>It can be obtained from:
>https://dist.apache.org/repos/dist/dev/tomcat/tomcat-8/v8.5.35/
>The Maven staging repo is:
>https://repository.apache.org/content/repositories/orgapachetomcat-1197/
>The svn tag is:
>http://svn.apache.org/repos/asf/tomcat/tc8.5.x/tags/TOMCAT_8_5_35/
>
>The proposed 8.5.35 release is:
>[ ] Broken - do not release
>[x] Stable - go ahead and release as 8.5.35

Regards, 
Felix 

>
>-
>To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
>For additional commands, e-mail: dev-h...@tomcat.apache.org

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Re: [VOTE] Release Apache Tomcat 9.0.13

2018-11-05 Thread Felix Schumacher



Am 2. November 2018 17:11:40 MEZ schrieb Mark Thomas :
>The proposed Apache Tomcat 9.0.13 release is now available for voting.
>
>The major changes compared to the 9.0.13 release are:
>
>- support for TLSv1.3 when used with a JRE or OPenSSl version that
>  supports it
>
>- added support for encrypting cluster traffic
>
>- added automatic reloading of tomcat-users.xml after a change
>
>
>Along with lots of other bug fixes and improvements.
>
>For full details, see the changelog:
>http://svn.apache.org/repos/asf/tomcat/trunk/webapps/docs/changelog.xml
>
>It can be obtained from:
>https://dist.apache.org/repos/dist/dev/tomcat/tomcat-9/v9.0.13/
>The Maven staging repo is:
>https://repository.apache.org/content/repositories/orgapachetomcat-1196/
>The svn tag is:
>http://svn.apache.org/repos/asf/tomcat/tags/TOMCAT_9_0_13/
>
>The proposed 9.0.13 release is:
>[ ] Broken - do not release
>[x] Stable - go ahead and release as 9.0.13

Regards, 
Felix 

>
>-
>To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
>For additional commands, e-mail: dev-h...@tomcat.apache.org

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Re: svn commit: r1843499 - in /tomcat/site/trunk: docs/ xdocs/stylesheets/

2018-10-10 Thread Felix Schumacher

Hi isapir,

I think the plan is, that those banners will be changed (globally) to 
the next apache event and should stay on the page.


Regards,

 Felix


Am 10.10.2018 um 21:59 schrieb isa...@apache.org:

Author: isapir
Date: Wed Oct 10 19:59:35 2018
New Revision: 1843499

URL: http://svn.apache.org/viewvc?rev=1843499=rev
Log:
Commented out the now obsolete ApacheCon NA 2018 banner

Modified:
 tomcat/site/trunk/docs/bugreport.html
 tomcat/site/trunk/docs/ci.html
 tomcat/site/trunk/docs/conference.html
 tomcat/site/trunk/docs/contact.html
 tomcat/site/trunk/docs/download-70.html
 tomcat/site/trunk/docs/download-80.html
 tomcat/site/trunk/docs/download-90.html
 tomcat/site/trunk/docs/download-connectors.html
 tomcat/site/trunk/docs/download-native.html
 tomcat/site/trunk/docs/download-taglibs.html
 tomcat/site/trunk/docs/findhelp.html
 tomcat/site/trunk/docs/getinvolved.html
 tomcat/site/trunk/docs/heritage.html
 tomcat/site/trunk/docs/index.html
 tomcat/site/trunk/docs/irc.html
 tomcat/site/trunk/docs/legal.html
 tomcat/site/trunk/docs/lists.html
 tomcat/site/trunk/docs/maven-plugin.html
 tomcat/site/trunk/docs/migration-6.html
 tomcat/site/trunk/docs/migration-7.html
 tomcat/site/trunk/docs/migration-8.html
 tomcat/site/trunk/docs/migration-85.html
 tomcat/site/trunk/docs/migration-9.html
 tomcat/site/trunk/docs/migration.html
 tomcat/site/trunk/docs/oldnews-2010.html
 tomcat/site/trunk/docs/oldnews-2011.html
 tomcat/site/trunk/docs/oldnews-2012.html
 tomcat/site/trunk/docs/oldnews-2013.html
 tomcat/site/trunk/docs/oldnews-2014.html
 tomcat/site/trunk/docs/oldnews-2015.html
 tomcat/site/trunk/docs/oldnews-2016.html
 tomcat/site/trunk/docs/oldnews-2017.html
 tomcat/site/trunk/docs/oldnews.html
 tomcat/site/trunk/docs/presentations.html
 tomcat/site/trunk/docs/resources.html
 tomcat/site/trunk/docs/security-3.html
 tomcat/site/trunk/docs/security-4.html
 tomcat/site/trunk/docs/security-5.html
 tomcat/site/trunk/docs/security-6.html
 tomcat/site/trunk/docs/security-7.html
 tomcat/site/trunk/docs/security-8.html
 tomcat/site/trunk/docs/security-9.html
 tomcat/site/trunk/docs/security-impact.html
 tomcat/site/trunk/docs/security-jk.html
 tomcat/site/trunk/docs/security-native.html
 tomcat/site/trunk/docs/security-taglibs.html
 tomcat/site/trunk/docs/security.html
 tomcat/site/trunk/docs/svn.html
 tomcat/site/trunk/docs/taglibs.html
 tomcat/site/trunk/docs/tomcat-55-eol.html
 tomcat/site/trunk/docs/tomcat-60-eol.html
 tomcat/site/trunk/docs/tomcat-80-eol.html
 tomcat/site/trunk/docs/tools.html
 tomcat/site/trunk/docs/whichversion.html
 tomcat/site/trunk/docs/whoweare.html
 tomcat/site/trunk/xdocs/stylesheets/tomcat-site.xsl

Modified: tomcat/site/trunk/docs/bugreport.html
URL: 
http://svn.apache.org/viewvc/tomcat/site/trunk/docs/bugreport.html?rev=1843499=1843498=1843499=diff
==
--- tomcat/site/trunk/docs/bugreport.html (original)
+++ tomcat/site/trunk/docs/bugreport.html Wed Oct 10 19:59:35 2018
@@ -32,9 +32,6 @@
  GO
  
  
-
-https://www.apache.org/events/current-event.html;>https://www.apache.org/events/current-event-234x60.png;>
-
  
  
  Apache Tomcat

Modified: tomcat/site/trunk/docs/ci.html
URL: 
http://svn.apache.org/viewvc/tomcat/site/trunk/docs/ci.html?rev=1843499=1843498=1843499=diff
==
--- tomcat/site/trunk/docs/ci.html (original)
+++ tomcat/site/trunk/docs/ci.html Wed Oct 10 19:59:35 2018
@@ -31,9 +31,6 @@
  GO
  
  
-
-https://www.apache.org/events/current-event.html;>https://www.apache.org/events/current-event-234x60.png;>
-
  
  
  Apache Tomcat

Modified: tomcat/site/trunk/docs/conference.html
URL: 
http://svn.apache.org/viewvc/tomcat/site/trunk/docs/conference.html?rev=1843499=1843498=1843499=diff
==
--- tomcat/site/trunk/docs/conference.html (original)
+++ tomcat/site/trunk/docs/conference.html Wed Oct 10 19:59:35 2018
@@ -31,9 +31,6 @@
  GO
  
  
-
-https://www.apache.org/events/current-event.html;>https://www.apache.org/events/current-event-234x60.png;>
-
  
  
  Apache Tomcat

Modified: tomcat/site/trunk/docs/contact.html
URL: 
http://svn.apache.org/viewvc/tomcat/site/trunk/docs/contact.html?rev=1843499=1843498=1843499=diff
==
--- tomcat/site/trunk/docs/contact.html (original)
+++ tomcat/site/trunk/docs/contact.html Wed Oct 10 19:59:35 2018
@@ -31,9 +31,6 @@
  GO
  
  
-
-https://www.apache.org/events/current-event.html;>https://www.apache.org/events/current-event-234x60.png;>
-
  
  
  Apache Tomcat

Modified: tomcat/site/trunk/docs/download-70.html
URL: 

docs for web.xml.defaults

2018-09-18 Thread Felix Schumacher

Hi all,

today I looked for documentation about the usage of host specific 
web.xml variations like the one provided by context.xml.default. I found 
no documentation, but it is implemented in all supported versions of 
tomcat.


Is there any reason for not telling our users about that feature?

I think it would fit on the page about virtual hosts (together with a 
remark about the context.xml.default files, which are only mentioned in 
the conf/context page). When there are no objections, I will add it.


Regards,
 Felix


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Re: [VOTE] Release Apache Tomcat 7.0.91

2018-09-18 Thread Felix Schumacher




Am 13.09.2018 um 22:28 schrieb Violeta Georgieva:

The proposed Apache Tomcat 7.0.91 release is now available for voting.

It can be obtained from:
https://dist.apache.org/repos/dist/dev/tomcat/tomcat-7/v7.0.91/
The Maven staging repo is:
https://repository.apache.org/content/repositories/orgapachetomcat-1195/
The svn tag is:
http://svn.apache.org/repos/asf/tomcat/tc7.0.x/tags/TOMCAT_7_0_91/

The proposed 7.0.91 release is:
[ ] Broken - do not release
[x] Stable - go ahead and release as 7.0.91 Stable


Regards,
 Felix



Regards,
Violeta




-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Re: [VOTE] Release Apache Tomcat 9.0.12

2018-09-09 Thread Felix Schumacher




Am 05.09.2018 um 00:32 schrieb Mark Thomas:

The proposed Apache Tomcat 9.0.12 release is now available for voting.

The major changes compared to the 9.0.11 release are:

- Fix multiple issues associated with using the asynchronous Servlet
   API in combination with HTTP/2

- Add recursion to rewrite substitution parsing

- Expand the information in the documentation web application
   regarding the use of CATALINA_HOME and CATALINA_BASE.
   Patch provided by Marek Czernek.


Along with lots of other bug fixes and improvements.

For full details, see the changelog:
http://svn.apache.org/repos/asf/tomcat/trunk/webapps/docs/changelog.xml

It can be obtained from:
https://dist.apache.org/repos/dist/dev/tomcat/tomcat-9/v9.0.12/
The Maven staging repo is:
https://repository.apache.org/content/repositories/orgapachetomcat-1193/
The svn tag is:
http://svn.apache.org/repos/asf/tomcat/tags/TOMCAT_9_0_12/

The proposed 9.0.12 release is:
[ ] Broken - do not release
[x] Stable - go ahead and release as 9.0.12


Regards,
 Felix



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org




-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Re: [VOTE] Release Apache Tomcat 8.5.33

2018-08-15 Thread Felix Schumacher



Am 12. August 2018 09:43:37 GMT+01:00 schrieb Mark Thomas :
>The proposed Apache Tomcat 8.5.33 release is now available for voting.
>
>The major changes compared to the 8.5.32 release are:
>
>- Fix issues with Servlet asynchronous listeners when using the
>  asynchronous Servlet API in conjunction with HTTP/2.
>
>- When pre-compiling with JspC, report all compilation errors rather
>  than stopping after the first error. A new option -failFast can be
>  used to restore the previous behaviour of stopping after the first
>  error.
>  Based on a patch provided by Marc Pompl.
>
>- Make the Jasper (JSP Engine) Java file generation process
>  multi-threaded. By default, one thread will be used per core.
>  Based on a patch by Dan Fabulich.
>
>Along with lots of other bug fixes and improvements.
>
>It can be obtained from:
>https://dist.apache.org/repos/dist/dev/tomcat/tomcat-8/v8.5.33/
>The Maven staging repo is:
>https://repository.apache.org/content/repositories/orgapachetomcat-1192/
>The svn tag is:
>http://svn.apache.org/repos/asf/tomcat/tc8.5.x/tags/TOMCAT_8_5_33/
>
>The proposed 8.5.33 release is:
>[ ] Broken - do not release
>[x] Stable - go ahead and release as 8.5.33

Regards, 
 Felix 

>
>-
>To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
>For additional commands, e-mail: dev-h...@tomcat.apache.org

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Re: [VOTE] Release Apache Tomcat 9.0.11

2018-08-15 Thread Felix Schumacher



Am 11. August 2018 21:32:01 GMT+01:00 schrieb Mark Thomas :
>The proposed Apache Tomcat 9.0.11 release is now available for voting.
>
>The major changes compared to the 9.0.10 release are:
>
>- Fix issues with Servlet asynchronous listeners when using the
>  asynchronous Servlet API in conjunction with HTTP/2.
>
>- Add a default location for the native library: ${catalina.home}/bin
>
>- Make the Jasper (JSP Engine) Java file generation process
>  multi-threaded. By default, one thread will be used per core.
>  Based on a patch by Dan Fabulich.
>
>
>Along with lots of other bug fixes and improvements.
>
>For full details, see the changelog:
>http://svn.apache.org/repos/asf/tomcat/trunk/webapps/docs/changelog.xml
>
>It can be obtained from:
>https://dist.apache.org/repos/dist/dev/tomcat/tomcat-9/v9.0.11/
>The Maven staging repo is:
>https://repository.apache.org/content/repositories/orgapachetomcat-1191/
>The svn tag is:
>http://svn.apache.org/repos/asf/tomcat/tags/TOMCAT_9_0_11/
>
>The proposed 9.0.11 release is:
>[ ] Broken - do not release
>[x] Stable - go ahead and release as 9.0.11

Regards, 
 Felix 

>
>-
>To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
>For additional commands, e-mail: dev-h...@tomcat.apache.org

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



appName for JAASRealm

2018-07-31 Thread Felix Schumacher

Hi all,

while looking into the docs and code for JAASRealm I found that the docs 
say that appName has to be set for the JAASRealm, while the code says 
that it defaults to Catalina (well the Containers name to be exact).


Is there any reason that the doc says it has to be set?

Regards,

 Felix


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Re: Tomcat JDBC Pool memory leak when using StatementFinalizer interceptor

2018-07-19 Thread Felix Schumacher




Am 19.07.2018 um 02:18 schrieb Filip Hanik:

Thanks Martin, I agree, regardless of use case, the pool should not
generate a leak.
What do you think about adding a size test in createStatement and if it 
is bigger than a threshold start a cleanup of the list. If the list is 
after the cleanup still "too big", we could generate a warning, that the 
finalizer might not be helpful.


Regards,
 Felix



let me review your proposal

Filip

On Wed, Jul 18, 2018 at 07:48 Martin Knoblauch  wrote:


On Wed, Jul 18, 2018 at 3:24 PM, Martin Knoblauch 
wrote:


Hi  Filip,

On Fri, Jul 13, 2018 at 4:33 PM, Filip Hanik  wrote:


hi Martin,

On Fri, Jul 13, 2018 at 5:48 AM, Martin Knoblauch 
wrote:


Hi, (moving to developers list)

  any ideas on the problem below? This thing is kind of itching me :-)

So I instrumented the "StatementFinalizer" class with some logging and
learned that over time a few instances of the "StatementFinalizer" are
created, used and destroyed. So far so good. For most of those

instances,

the overall number of statements that are added to the "statements"

list by

"createStatement" and the number of statements removed from the list

by

"closeInvoked" is identical and after "closeInvoked" finishes, the

list

is

empty.

  But only for most instances of "StatementFinalizer". I could find

that

there is one instance that is used (statements are added), but the
invocation of "closednvoked" stops after some minutes into the

application.

As a result the "statements" list starts growing.


​Could it be that your application checks out a connection and uses it

for

the life time of the application?
Meaning Connection.close is never called?



  So in fact some instrumentation and digging deeper showed 3 different
problems in the application:

1) there is one SQL Statement not closed (revealed by
"StatementFinalizer(trace=true)")
2) there is one connection not closed after the "final" SQL statement
(revealed by properly activating the "Abandoned" mechanism)
3) there is one connection that is used heavily over the entire lifetime
of the application, and never closed. This one accumulates the memory

that

made me ask the "leak" question

Need to address all three to the application developers.

Given that 1+2 each only happen once, the best solution to avoid the
"leak" might really be to just not use the "StatementFinalizer".




But then, just for the fun of it, would something like this patch be of
interest? It adds a private method "removeClosed()" to the
"StatementFinalizer code. What it does is to remove all "closed" or "null"
statements from the "statements" list. In order to keep it low in the
performance profile, it only does this every "sweepMinutes" minutes (new
interceptor property). My testing shows it keeps the memory consumption
down.

Martin

---

apache-tomcat-8.0.36-src/modules/jdbc-pool/src/main/java/org/apache/tomcat/jdbc/pool/interceptor/StatementFinalizer.java
2016-06-09 16:00:49.0 +0200
+++

apache-tomcat-8.0.36-src-mkn/modules/jdbc-pool/src/main/java/org/apache/tomcat/jdbc/pool/interceptor/StatementFinalizer.java
2018-07-18 14:53:35.242785369 +0200
@@ -18,7 +18,9 @@

  import java.lang.ref.WeakReference;
  import java.lang.reflect.Method;
+import java.sql.SQLException;
  import java.sql.Statement;
+import java.util.Iterator;
  import java.util.LinkedList;
  import java.util.List;
  import java.util.Map;
@@ -40,15 +42,64 @@
  protected List statements = new LinkedList<>();

  private boolean logCreationStack = false;
+private long sweepMillis = 0;
+private long lastSweep = 0;
+
+private int addedStmts = 0;
+
+/**
+ * Removes closed or "null" statements from the "statements" list. Useful
for connections that are
+ * never closed. Returns without doing anything in the following cases:
+ *  - Interceptor property "sweepMinutes" is 0 (default)
+ *  - First call after "borrow"
+ *  - Time difference between now and last sweep  has not reached yet
+ *  - Only one statement on list (or list is empty)
+ */
+private void removeClosed() {
+
+if (sweepMillis == 0)  // Nothing to do
+return;
+if (lastSweep == 0) {  // First time around. Nothing to do
+lastSweep = System.currentTimeMillis();
+return;
+}
+if ((System.currentTimeMillis() - lastSweep) < sweepMillis) // Age not
reached, nothing to do
+return;
+if (statements.size() < 2) // empty, or exactely one statement (has
just been added), nothing to do
+return;
+
+lastSweep = System.currentTimeMillis();
+Iterator it = statements.iterator();
+int clsdStmts = 0;
+int nullStmts = 0;
+while(it.hasNext()){
+StatementEntry ws = (StatementEntry)it.next();
+Statement st = ws.getStatement();
+try {
+if (st == null) nullStmts++;
+else if (st.isClosed()) clsdStmts++;
+if ((st == null) || st.isClosed()) it.remove();
+} catch (SQLException e) {
+//ignore 

Re: [ANN] New committer: Igal Sapir

2018-05-25 Thread Felix Schumacher
Congrats,
 Felix 

Am 24. Mai 2018 21:09:06 MESZ schrieb Mark Thomas :
>On behalf of the Tomcat committers I am pleased to announce that
>Igal Sapir (isapir) has been voted in as a new Tomcat committer.
>
>Please join me in welcoming him.
>
>Regards,
>
>Mark
>
>-
>To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
>For additional commands, e-mail: dev-h...@tomcat.apache.org


Re: [VOTE] Release Apache Tomcat 7.0.88

2018-05-10 Thread Felix Schumacher


Am 7. Mai 2018 14:06:35 MESZ schrieb Violeta Georgieva :
>The proposed Apache Tomcat 7.0.88 release is now available for voting.
>
>It can be obtained from:
>https://dist.apache.org/repos/dist/dev/tomcat/tomcat-7/v7.0.88/
>The Maven staging repo is:
>https://repository.apache.org/content/repositories/orgapachetomcat-1184/
>The svn tag is:
>http://svn.apache.org/repos/asf/tomcat/tc7.0.x/tags/TOMCAT_7_0_88/
>
>The proposed 7.0.88 release is:
>[ ] Broken - do not release
>[x] Stable - go ahead and release as 7.0.88 Stable

Regards, 
 Felix 

>
>Regards,
>Violeta

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Re: [VOTE] Release Apache Tomcat 8.0.52

2018-05-07 Thread Felix Schumacher

Am 28.04.2018 um 19:22 schrieb Violeta Georgieva:

The proposed Apache Tomcat 8.0.52 release is now available for voting.

It can be obtained from:
https://dist.apache.org/repos/dist/dev/tomcat/tomcat-8/v8.0.52/
The Maven staging repo is:
https://repository.apache.org/content/repositories/orgapachetomcat-1182/
The svn tag is:
http://svn.apache.org/repos/asf/tomcat/tc8.0.x/tags/TOMCAT_8_0_52/

The proposed 8.0.52 release is:
[ ] Broken - do not release
[x] Stable - go ahead and release as 8.0.52


Regards,
 Felix



Regards,
Violeta




-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Re: [VOTE] Release Apache Tomcat 8.5.31

2018-05-03 Thread Felix Schumacher


Am 27. April 2018 22:47:53 MESZ schrieb Mark Thomas :
>The proposed Apache Tomcat 8.5.31 release is now available for voting.
>
>The major changes compared to the 8.5.30 release are:
>
>- Implement configuration options to work-around specification
>  non-compliant user agents (including all the major browsers) that do
>  not correctly %nn encode URI paths and query strings as required by
>  RFC 7230 and RFC 3986
>
>- Enable the CrawlerSessionManagerValve to correctly handle bots that
>  crawl multiple hosts and/or web applications when the Valve is
>  configured on a Host or an Engine.
>
>- Add support for annotation scanning of classes built with Java 11 EA
>
>Along with lots of other bug fixes and improvements.
>
>
>It can be obtained from:
>https://dist.apache.org/repos/dist/dev/tomcat/tomcat-8/v8.5.31/
>The Maven staging repo is:
>https://repository.apache.org/content/repositories/orgapachetomcat-1181/
>The svn tag is:
>http://svn.apache.org/repos/asf/tomcat/tc8.5.x/tags/TOMCAT_8_5_31/
>
>The proposed 8.5.31 release is:
>[ ] Broken - do not release
>[x] Stable - go ahead and release as 8.5.31

Regards, 
 Felix 

>
>-
>To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
>For additional commands, e-mail: dev-h...@tomcat.apache.org

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Re: [VOTE] Release Apache Tomcat 9.0.8

2018-05-02 Thread Felix Schumacher


Am 27. April 2018 22:03:09 MESZ schrieb Mark Thomas :
>The proposed Apache Tomcat 9.0.8 release is now available for voting.
>
>The major changes compared to the 9.0.7 release are:
>
>- Implement configuration options to work-around specification
>  non-compliant user agents (including all the major browsers) that do
>  not correctly %nn encode URI paths and query strings as required by
>  RFC 7230 and RFC 3986
>
>- Enable the CrawlerSessionManagerValve to correctly handle bots that
>  crawl multiple hosts and/or web applications when the Valve is
>  configured on a Host or an Engine.
>
>- Add support for annotation scanning of classes built with Java 11 EA
>
>
>Along with lots of other bug fixes and improvements.
>
>For full details, see the changelog:
>http://svn.apache.org/repos/asf/tomcat/trunk/webapps/docs/changelog.xml
>
>It can be obtained from:
>https://dist.apache.org/repos/dist/dev/tomcat/tomcat-9/v9.0.8/
>The Maven staging repo is:
>https://repository.apache.org/content/repositories/orgapachetomcat-1180/
>The svn tag is:
>http://svn.apache.org/repos/asf/tomcat/tags/TOMCAT_9_0_8/
>
>The proposed 9.0.8 release is:
>[ ] Broken - do not release
>[x] Stable - go ahead and release as 9.0.8

Regards, 
 Felix

>
>-
>To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
>For additional commands, e-mail: dev-h...@tomcat.apache.org

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Re: [VOTE] Release Apache Tomcat 8.0.51

2018-04-12 Thread Felix Schumacher

Am 10.04.2018 um 00:05 schrieb Violeta Georgieva:

The proposed Apache Tomcat 8.0.51 release is now available for voting.

It can be obtained from:
https://dist.apache.org/repos/dist/dev/tomcat/tomcat-8/v8.0.51/
The Maven staging repo is:
https://repository.apache.org/content/repositories/orgapachetomcat-1179/
The svn tag is:
http://svn.apache.org/repos/asf/tomcat/tc8.0.x/tags/TOMCAT_8_0_51/

The proposed 8.0.51 release is:
[ ] Broken - do not release
[x] Stable - go ahead and release as 8.0.51


Regards,
 Felix



Regards,
Violeta




-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Re: [VOTE] Release Apache Tomcat 7.0.86

2018-04-12 Thread Felix Schumacher

Am 09.04.2018 um 23:07 schrieb Violeta Georgieva:

The proposed Apache Tomcat 7.0.86 release is now available for voting.

It can be obtained from:
https://dist.apache.org/repos/dist/dev/tomcat/tomcat-7/v7.0.86/
The Maven staging repo is:
https://repository.apache.org/content/repositories/orgapachetomcat-1178/
The svn tag is:
http://svn.apache.org/repos/asf/tomcat/tc7.0.x/tags/TOMCAT_7_0_86/

The proposed 7.0.86 release is:
[ ] Broken - do not release
[x] Stable - go ahead and release as 7.0.86 Stable


Regards,
 Felix



Regards,
Violeta




-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Re: [VOTE] Release Apache Tomcat 9.0.7

2018-04-05 Thread Felix Schumacher


Am 3. April 2018 22:25:54 MESZ schrieb Mark Thomas :
>The proposed Apache Tomcat 9.0.7 release is now available for voting.
>
>The major changes compared to the 9.0.6 release are:
>
>- Add support for the maxDays attribute to the AccessLogValve and
>  ExtendedAccessLogValve. This allows the maximum number of days for
>  which rotated access logs should be retained before deletion to be
>  defined.
>
>- Avoid infinite recursion, when trying to validate a session while
>  loading it with PersistentManager.
>
>- Correct two protocol errors with HTTP/2 PUSH_PROMISE frames.
>
>- The OpenSSL engine SSL session will now ignore invalid accesses.
>
>
>Along with lots of other bug fixes and improvements.
>
>For full details, see the changelog:
>http://svn.apache.org/repos/asf/tomcat/trunk/webapps/docs/changelog.xml
>
>It can be obtained from:
>https://dist.apache.org/repos/dist/dev/tomcat/tomcat-9/v9.0.7/
>The Maven staging repo is:
>https://repository.apache.org/content/repositories/orgapachetomcat-1176/
>The svn tag is:
>http://svn.apache.org/repos/asf/tomcat/tags/TOMCAT_9_0_7/
>
>The proposed 9.0.7 release is:
>[ ] Broken - do not release
>[x] Stable - go ahead and release as 9.0.7

Regards, 
 Felix 

>
>-
>To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
>For additional commands, e-mail: dev-h...@tomcat.apache.org

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Re: [VOTE] Release Apache Tomcat 8.5.30

2018-04-05 Thread Felix Schumacher


Am 3. April 2018 22:36:45 MESZ schrieb Mark Thomas :
>The proposed Apache Tomcat 8.5.30 release is now available for voting.
>
>The major changes compared to the 8.5.29 release are:
>
>- Add support for the maxDays attribute to the AccessLogValve and
>  ExtendedAccessLogValve. This allows the maximum number of days for
>  which rotated access logs should be retained before deletion to be
>  defined.
>
>- Avoid infinite recursion, when trying to validate a session while
>  loading it with PersistentManager.
>
>- Correct two protocol errors with HTTP/2 PUSH_PROMISE frames.
>
>- The OpenSSL engine SSL session will now ignore invalid accesses.
>
>Along with lots of other bug fixes and improvements.
>
>
>It can be obtained from:
>https://dist.apache.org/repos/dist/dev/tomcat/tomcat-8/v8.5.30/
>The Maven staging repo is:
>https://repository.apache.org/content/repositories/orgapachetomcat-1177/
>The svn tag is:
>http://svn.apache.org/repos/asf/tomcat/tc8.5.x/tags/TOMCAT_8_5_30/
>
>The proposed 8.5.30 release is:
>[ ] Broken - do not release
>[x] Stable - go ahead and release as 8.5.30

Regards, 
 Felix 

>
>-
>To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
>For additional commands, e-mail: dev-h...@tomcat.apache.org

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Re: [VOTE] Release Apache Tomcat 8.0.50

2018-02-12 Thread Felix Schumacher

Am 07.02.2018 um 21:56 schrieb Violeta Georgieva:

The proposed Apache Tomcat 8.0.50 release is now available for voting.

It can be obtained from:
https://dist.apache.org/repos/dist/dev/tomcat/tomcat-8/v8.0.50/
The Maven staging repo is:
https://repository.apache.org/content/repositories/orgapachetomcat-1173/
The svn tag is:
http://svn.apache.org/repos/asf/tomcat/tc8.0.x/tags/TOMCAT_8_0_50/

The proposed 8.0.50 release is:
[ ] Broken - do not release
[x] Stable - go ahead and release as 8.0.50

Felix


Regards,
Violeta




-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Re: [VOTE] Release Apache Tomcat 7.0.85

2018-02-12 Thread Felix Schumacher

Am 07.02.2018 um 20:42 schrieb Violeta Georgieva:

The proposed Apache Tomcat 7.0.85 release is now available for voting.

It can be obtained from:
https://dist.apache.org/repos/dist/dev/tomcat/tomcat-7/v7.0.85/
The Maven staging repo is:
https://repository.apache.org/content/repositories/orgapachetomcat-1172/
The svn tag is:
http://svn.apache.org/repos/asf/tomcat/tc7.0.x/tags/TOMCAT_7_0_85/

The proposed 7.0.85 release is:
[ ] Broken - do not release
[x] Stable - go ahead and release as 7.0.85 Stable

Felix


Regards,
Violeta




-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Re: [VOTE] Release Apache Tomcat 9.0.5

2018-02-08 Thread Felix Schumacher

Am 06.02.2018 um 23:08 schrieb Mark Thomas:

The proposed Apache Tomcat 9.0.5 release is now available for voting.

The major changes compared to the 9.0.4 release are:

- Refactor error handling to enable errors that occur before processing
   is passed to the application to be handled by the application provided
   error handling and/or the container provided error handling
   (ErrorReportValve) as appropriate.

- Enable strict validation of the provided host name and port for all
   connectors. Requests with invalid host names and/or ports will be
   rejected with a 400 response.

- Enhance the JMX support for jdbc-pool in order to expose
   PooledConnection and JdbcInterceptors.

Along with lots of other bug fixes and improvements.

For full details, see the changelog:
http://svn.apache.org/repos/asf/tomcat/trunk/webapps/docs/changelog.xml

It can be obtained from:
https://dist.apache.org/repos/dist/dev/tomcat/tomcat-9/v9.0.5/
The Maven staging repo is:
https://repository.apache.org/content/repositories/orgapachetomcat-1170/
The svn tag is:
http://svn.apache.org/repos/asf/tomcat/tags/TOMCAT_9_0_5/

The proposed 9.0.5 release is:
[ ] Broken - do not release
[x] Stable - go ahead and release as 9.0.5


Regards,
 Felix



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org




-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Re: [VOTE] Release Apache Tomcat 8.5.28

2018-02-08 Thread Felix Schumacher

Am 07.02.2018 um 00:33 schrieb Mark Thomas:

The proposed Apache Tomcat 8.5.28 release is now available for voting.

The major changes compared to the 8.5.27 release are:

- Fix truncated request input streams when using NIO2 with TLS.

- Improved error handling and reporting for TLS configuration.

- Enhance the JMX support for jdbc-pool in order to expose
   PooledConnection and JdbcInterceptors.

Along with lots of other bug fixes and improvements.


It can be obtained from:
https://dist.apache.org/repos/dist/dev/tomcat/tomcat-8/v8.5.28/
The Maven staging repo is:
https://repository.apache.org/content/repositories/orgapachetomcat-1171/
The svn tag is:
http://svn.apache.org/repos/asf/tomcat/tc8.5.x/tags/TOMCAT_8_5_28/

The proposed 8.5.28 release is:
[ ] Broken - do not release
[x] Stable - go ahead and release as 8.5.28


Regards,
 Felix


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org




-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Re: [VOTE] Release Apache Tomcat 8.0.48

2017-12-04 Thread Felix Schumacher


Am 30. November 2017 18:19:14 MEZ schrieb Violeta Georgieva 
:
>The proposed Apache Tomcat 8.0.48 release is now available for voting.
>
>It can be obtained from:
>https://dist.apache.org/repos/dist/dev/tomcat/tomcat-8/v8.0.48/
>The Maven staging repo is:
>https://repository.apache.org/content/repositories/orgapachetomcat-1162/
>The svn tag is:
>http://svn.apache.org/repos/asf/tomcat/tc8.0.x/tags/TOMCAT_8_0_48/
>
>The proposed 8.0.48 release is:
>[ ] Broken - do not release
>[x] Stable - go ahead and release as 8.0.48

Felix

>
>Regards,
>Violeta

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Re: [VOTE] Release Apache Tomcat 7.0.83

2017-12-04 Thread Felix Schumacher


Am 30. November 2017 20:37:12 MEZ schrieb Violeta Georgieva 
:
>The proposed Apache Tomcat 7.0.83 release is now available for voting.
>
>It can be obtained from:
>https://dist.apache.org/repos/dist/dev/tomcat/tomcat-7/v7.0.83/
>The Maven staging repo is:
>https://repository.apache.org/content/repositories/orgapachetomcat-1163/
>The svn tag is:
>http://svn.apache.org/repos/asf/tomcat/tc7.0.x/tags/TOMCAT_7_0_83/
>
>The proposed 7.0.83 release is:
>[ ] Broken - do not release
>[x] Stable - go ahead and release as 7.0.83 Stable

Felix

>
>Regards,
>Violeta

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Re: [VOTE] Release Apache Tomcat 9.0.1

2017-09-28 Thread Felix Schumacher


Am 28. September 2017 20:29:19 MESZ schrieb Rainer Jung 
:
>Am 27.09.2017 um 20:43 schrieb Mark Thomas:
>> The proposed Apache Tomcat 9.0.1 release is now available for voting.
>> 
>> The major changes compared to the 9.0.0.M27 release are:
>> 
>> - Fix CVE-2017-12617
>> 
>> - Servlet 4.0 implementation is complete
>> 
>> - Add the ability to reconfigure TLS connectors at runtime without
>>stopping the connector
>> 
>> - Stricter validation of the Host header
>> 
>> Along with lots of other bug fixes and improvements.
>> 
>> 
>> For full details, see the changelog:
>>
>http://svn.apache.org/repos/asf/tomcat/trunk/webapps/docs/changelog.xml
>> 
>> It can be obtained from:
>> https://dist.apache.org/repos/dist/dev/tomcat/tomcat-9/v9.0.1/
>> The Maven staging repo is:
>>
>https://repository.apache.org/content/repositories/orgapachetomcat-1156/
>> The svn tag is:
>> http://svn.apache.org/repos/asf/tomcat/tags/TOMCAT_9_0_1/
>> 
>> The proposed 9.0.1 release is:
>> [ ] Broken - do not release
>> [ ] Alpha  - go ahead and release as 9.0.1
>> [X] Beta   - go ahead and release as 9.0.1
>> [ ] Stable - go ahead and release as 9.0.1
>
>+1 to release as alpha.

Did you mean alpha? Why did you check beta above? 

Regards, 
 Felix 
>
>Details
>===
>
>- SHA1 and MD5 OK
>- signatures OK
>- key in KEYS file
>- gz and zip for src and bin consistent
>- src consistent with svn tag
>   - except bin shell scripts are not executable in src tarball
> (not critical)
>- builds fine
>- build result looks consistent with binaries
>- no checkstyle complaints
>- no Javadoc warnings
>
>- JMX MBean Comparison with 9.0.0: no change
>
>- Unit tests: No failures
>
>Build and tests were done using Java 1.8.0_144. OS was Solaris 10
>Sparc, 
>tcnative was 1.2.14 based on APR 1.6.2 and OpenSSL 1.0.2l plus patches.
>
>Thanks for RM and regards,
>
>Rainer
>
>-
>To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
>For additional commands, e-mail: dev-h...@tomcat.apache.org

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Re: [VOTE] Release Apache Tomcat 9.0.0.M27

2017-09-18 Thread Felix Schumacher

Am 13.09.2017 um 20:49 schrieb Mark Thomas:

The proposed Apache Tomcat 9.0.0.M27 release is now available for voting.

This is a milestone release for the 9.0.x branch. It should be
noted that, as a milestone release:
- Servlet 4.0 is not finalised
- It is not known if there will be a minor maintenance release for
   JSP 2.4, EL 3.1 or WebSocket 1.2

The major changes compared to the 9.0.0.M26 release are:

- Additional capabilities for the CGI Servlet. Based on patches provided
   by jm009.

- Added support for the OpenSSL SSL_CONF API. To support this the
   minimum required Tomcat Native version is 1.2.14.

Along with lots of other bug fixes and improvements.


For full details, see the changelog:
http://svn.apache.org/repos/asf/tomcat/trunk/webapps/docs/changelog.xml

It can be obtained from:
https://dist.apache.org/repos/dist/dev/tomcat/tomcat-9/v9.0.0.M27/
The Maven staging repo is:
https://repository.apache.org/content/repositories/orgapachetomcat-1152/
The svn tag is:
http://svn.apache.org/repos/asf/tomcat/tags/TOMCAT_9_0_0_M27/

The proposed 9.0.0.M27 release is:
[ ] Broken - do not release
[x] Alpha - go ahead and release as 9.0.0.M27


Felix



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org




-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Re: [VOTE] Release Apache Tomcat 8.5.21

2017-09-18 Thread Felix Schumacher

Am 13.09.2017 um 23:02 schrieb Mark Thomas:

The proposed Apache Tomcat 8.5.21 release is now available for voting.

The major changes compared to the 8.5.20 release are:

- Additional capabilities for the CGI Servlet. Based on patches provided
   by jm009.

- Added support for the OpenSSL SSL_CONF API. To support this the
   minimum required Tomcat Native version is 1.2.14.

Along with lots of other bug fixes and improvements.


It can be obtained from:
https://dist.apache.org/repos/dist/dev/tomcat/tomcat-8/v8.5.21/
The Maven staging repo is:
https://repository.apache.org/content/repositories/orgapachetomcat-1153/
The svn tag is:
http://svn.apache.org/repos/asf/tomcat/tc8.5.x/tags/TOMCAT_8_5_21/

The proposed 8.5.21 release is:
[ ] Broken - do not release
[x] Stable - go ahead and release as 8.5.21


Felix


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org




-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Re: [VOTE] Release Apache Tomcat 8.5.20

2017-08-08 Thread Felix Schumacher


Am 3. August 2017 00:10:05 MESZ schrieb Mark Thomas :
>The proposed Apache Tomcat 8.5.20 release is now available for voting.
>
>The major changes compared to the 8.5.16 release are:
>
>- Enable TLS connectors to use Java key stores that contain multiple
> keys where each key has a separate password. Based on a patch by Frank
>  Taffelt.
>
>- Make asynchronous error handling more robust. In particular ensure
>  that onError() is called for any registered AsyncListeners after an
>  I/O error on a non-container thread.
>
>- Sync SSL session access for the APR connector to prevent errors when
>  accessing the session.
>
>
>Along with lots of other bug fixes and improvements.
>
>
>It can be obtained from:
>https://dist.apache.org/repos/dist/dev/tomcat/tomcat-8/v8.5.20/
>The Maven staging repo is:
>https://repository.apache.org/content/repositories/orgapachetomcat-1148/
>The svn tag is:
>http://svn.apache.org/repos/asf/tomcat/tc8.5.x/tags/TOMCAT_8_5_20/
>
>The proposed 8.5.20 release is:
>[ ] Broken - do not release
>[x] Stable - go ahead and release as 8.5.20

Felix 

>
>-
>To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
>For additional commands, e-mail: dev-h...@tomcat.apache.org

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Re: [VOTE] Release Apache Tomcat 9.0.0.M26

2017-08-08 Thread Felix Schumacher


Am 2. August 2017 23:30:23 MESZ schrieb Mark Thomas :
>The proposed Apache Tomcat 9.0.0.M26 release is now available for
>voting.
>
>This is a milestone release for the 9.0.x branch. It should be
>noted that, as a milestone release:
>- Servlet 4.0 is not finalised
>- The EGs have not started work on JSP 2.4, EL 3.1 or WebSocket 1.2/2.0
>
>Note that the 9.0.0.M23 and 9.0.0.M24 release votes were cancelled due
>to regressions. The 9.0.0.M25 vote passed but a regression was found
>shortly afterwards.
>
>The major changes compared to the 9.0.0.M22 release are:
>
>- Correct a regression in 9.0.0.M22 that prevented Tomcat from shutting
>  down cleanly.
>
>- Add LoadBalancerDrainingValve, a Valve designed to reduce the amount
>  of time required for a node to drain its authenticated users.
>
>- When generating JSP runtime error messages that quote the relevant
>JSP
>  source code, switch from using the results of the JSP page parsing
>  process to using the JSR 045 source map data to identify the correct
>  part of the JSP source from the stack trace. This significantly
> reduces the memory footprint of Jasper in development mode, provides a
>  small performance improvement for error page generation and enables
>  source quotes to continue to be provided after a Tomcat restart.
>
>- Add support for a Tomcat specific deployment descriptor,
>  /WEB-INF/tomcat-web.xml
>
>- Add ExtractingRoot, a new WebResourceRoot implementation that
>extracts
>  JARs to the work directory for improved performance when deploying
>  packed WAR files.
>
>Along with lots of other bug fixes and improvements.
>
>
>For full details, see the changelog:
>http://svn.apache.org/repos/asf/tomcat/trunk/webapps/docs/changelog.xml
>
>It can be obtained from:
>https://dist.apache.org/repos/dist/dev/tomcat/tomcat-9/v9.0.0.M26/
>The Maven staging repo is:
>https://repository.apache.org/content/repositories/orgapachetomcat-1147/
>The svn tag is:
>http://svn.apache.org/repos/asf/tomcat/tags/TOMCAT_9_0_0_M26/
>
>The proposed 9.0.0.M26 release is:
>[ ] Broken - do not release
>[x] Alpha - go ahead and release as 9.0.0.M26

Felix

>
>-
>To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
>For additional commands, e-mail: dev-h...@tomcat.apache.org

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Re: svn commit: r1803183 - in /tomcat/site/trunk: docs/whichversion.html xdocs/whichversion.xml

2017-07-27 Thread Felix Schumacher
Shouldn't we redirect the users of eol versions to a supported version instead 
of another eol version? 

Felix


Am 27. Juli 2017 15:38:49 MESZ schrieb csuth...@apache.org:
>Author: csutherl
>Date: Thu Jul 27 13:38:49 2017
>New Revision: 1803183
>
>URL: http://svn.apache.org/viewvc?rev=1803183=rev
>Log:
>Add EOL statements for all versions to whichversion. Thanks to peetaur2
>from #tomcat for pointing out that EOL statements were missing for
>older versions.
>
>Modified:
>tomcat/site/trunk/docs/whichversion.html
>tomcat/site/trunk/xdocs/whichversion.xml
>
>Modified: tomcat/site/trunk/docs/whichversion.html
>URL:
>http://svn.apache.org/viewvc/tomcat/site/trunk/docs/whichversion.html?rev=1803183=1803182=1803183=diff
>==
>--- tomcat/site/trunk/docs/whichversion.html (original)
>+++ tomcat/site/trunk/docs/whichversion.html Thu Jul 27 13:38:49 2017
>@@ -601,6 +601,11 @@ it in production
> 
> 
> 
>+Users of Tomcat 5 should be aware that Tomcat 5 has now reached
>+end of life. Users of Tomcat 5.x
>should
>+upgrade to Tomcat 6.x or later.
>+
>+
> 
> Apache Tomcat 4.x
> 
>@@ -653,6 +658,11 @@ also supports web applications built for
> specifications with no changes.
> 
> 
>+Users of Tomcat 4 should be aware that Tomcat 4 has now reached
>+end of life. Users of Tomcat 4.x should upgrade to Tomcat 5.x or
>+later.
>+
>+
> 
> Apache Tomcat 3.x
> 
>@@ -722,6 +732,11 @@ strongly encouraged to migrate to the cu
>Apache Tomcat 3.0.x. Initial Apache Tomcat
>release.
> 
> 
>+Users of Tomcat 3 should be aware that Tomcat 3 has now reached
>+end of life. Users of Tomcat 3.x should upgrade to Tomcat 4.x or
>+later.
>+
>+
> 
> 
> 
>
>Modified: tomcat/site/trunk/xdocs/whichversion.xml
>URL:
>http://svn.apache.org/viewvc/tomcat/site/trunk/xdocs/whichversion.xml?rev=1803183=1803182=1803183=diff
>==
>--- tomcat/site/trunk/xdocs/whichversion.xml (original)
>+++ tomcat/site/trunk/xdocs/whichversion.xml Thu Jul 27 13:38:49 2017
>@@ -299,6 +299,10 @@ it in production
> Expanded documentation
> 
> 
>+Users of Tomcat 5 should be aware that Tomcat 5 has now reached
>+end of life. Users of Tomcat 5.x
>should
>+upgrade to Tomcat 6.x or later.
>+
> 
> 
> 
>@@ -333,6 +337,10 @@ performance.  Version 4.0 implements the
> also supports web applications built for the Servlet 2.2 and JSP 1.1
> specifications with no changes.
> 
>+Users of Tomcat 4 should be aware that Tomcat 4 has now reached
>+end of life. Users of Tomcat 4.x should upgrade to Tomcat 5.x or
>+later.
>+
> 
> 
> 
>@@ -385,6 +393,10 @@ strongly encouraged to migrate to the cu
> 
>Apache Tomcat 3.0.x. Initial Apache Tomcat
>release.
> 
>+Users of Tomcat 3 should be aware that Tomcat 3 has now reached
>+end of life. Users of Tomcat 3.x should upgrade to Tomcat 4.x or
>+later.
>+
> 
> 
> 
>
>
>
>-
>To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
>For additional commands, e-mail: dev-h...@tomcat.apache.org


Re: [VOTE] Release Apache Tomcat 9.0.0.M25

2017-07-27 Thread Felix Schumacher


Am 25. Juli 2017 01:19:20 MESZ schrieb Mark Thomas :
>The proposed Apache Tomcat 9.0.0.M25 release is now available for
>voting.
>
>This is a milestone release for the 9.0.x branch. It should be
>noted that, as a milestone release:
>- Servlet 4.0 is not finalised
>- The EGs have not started work on JSP 2.4, EL 3.1 or WebSocket 1.2/2.0
>
>Note that the 9.0.0.M23 and 9.0.0.M24 release votes were cancelled due
>to regressions.
>
>The major changes compared to the 9.0.0.M22 release are:
>
>- Correct a regression in 9.0.0.M22 that prevented Tomcat from shutting
>  down cleanly.
>
>- Add LoadBalancerDrainingValve, a Valve designed to reduce the amount
>  of time required for a node to drain its authenticated users.
>
>- When generating JSP runtime error messages that quote the relevant
>JSP
>  source code, switch from using the results of the JSP page parsing
>  process to using the JSR 045 source map data to identify the correct
>  part of the JSP source from the stack trace. This significantly
> reduces the memory footprint of Jasper in development mode, provides a
>  small performance improvement for error page generation and enables
>  source quotes to continue to be provided after a Tomcat restart.
>
>- Add support for a Tomcat specific deployment descriptor,
>  /WEB-INF/tomcat-web.xml
>
>- Add ExtractingRoot, a new WebResourceRoot implementation that
>extracts
>  JARs to the work directory for improved performance when deploying
>  packed WAR files.
>
>Along with lots of other bug fixes and improvements.
>
>
>For full details, see the changelog:
>http://svn.apache.org/repos/asf/tomcat/trunk/webapps/docs/changelog.xml
>
>It can be obtained from:
>https://dist.apache.org/repos/dist/dev/tomcat/tomcat-9/v9.0.0.M25/
>The Maven staging repo is:
>https://repository.apache.org/content/repositories/orgapachetomcat-1145/
>The svn tag is:
>http://svn.apache.org/repos/asf/tomcat/tags/TOMCAT_9_0_0_M25/
>
>The proposed 9.0.0.M25 release is:
>[ ] Broken - do not release
>[x] Alpha - go ahead and release as 9.0.0.M25

Felix 

>
>-
>To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
>For additional commands, e-mail: dev-h...@tomcat.apache.org

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Re: [VOTE] Release Apache Tomcat 8.5.19

2017-07-27 Thread Felix Schumacher


Am 25. Juli 2017 01:22:04 MESZ schrieb Mark Thomas :
>The proposed Apache Tomcat 8.5.19 release is now available for voting.
>
>The major changes compared to the 8.5.16 release are:
>
>- Enable TLS connectors to use Java key stores that contain multiple
> keys where each key has a separate password. Based on a patch by Frank
>  Taffelt.
>
>- Make asynchronous error handling more robust. In particular ensure
>  that onError() is called for any registered AsyncListeners after an
>  I/O error on a non-container thread.
>
>- Sync SSL session access for the APR connector to prevent errors when
>  accessing the session.
>
>
>Along with lots of other bug fixes and improvements.
>
>
>It can be obtained from:
>https://dist.apache.org/repos/dist/dev/tomcat/tomcat-8/v8.5.19/
>The Maven staging repo is:
>https://repository.apache.org/content/repositories/orgapachetomcat-1146/
>The svn tag is:
>http://svn.apache.org/repos/asf/tomcat/tc8.5.x/tags/TOMCAT_8_5_19/
>
>The proposed 8.5.19 release is:
>[ ] Broken - do not release
>[x] Stable - go ahead and release as 8.5.19

Felix 

>
>-
>To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
>For additional commands, e-mail: dev-h...@tomcat.apache.org

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Re: [VOTE] Release Apache Tomcat 9.0.0.M24

2017-07-20 Thread Felix Schumacher

Am 18.07.2017 um 13:43 schrieb Mark Thomas:

The proposed Apache Tomcat 9.0.0.M24 release is now available for voting.

This is a milestone release for the 9.0.x branch. It should be
noted that, as a milestone release:
- Servlet 4.0 is not finalised
- The EGs have not started work on JSP 2.4, EL 3.1 or WebSocket 1.2/2.0

Note that the 9.0.0.M23 release vote was cancelled due to a regression.

The major changes compared to the 9.0.0.M22 release are:

- Correct a regression in 9.0.0.M22 that prevented Tomcat from shutting
   down cleanly.

- Add LoadBalancerDrainingValve, a Valve designed to reduce the amount
   of time required for a node to drain its authenticated users.

- When generating JSP runtime error messages that quote the relevant JSP
   source code, switch from using the results of the JSP page parsing
   process to using the JSR 045 source map data to identify the correct
   part of the JSP source from the stack trace. This significantly
   reduces the memory footprint of Jasper in development mode, provides a
   small performance improvement for error page generation and enables
   source quotes to continue to be provided after a Tomcat restart.

- Add support for a Tomcat specific deployment descriptor,
   /WEB-INF/tomcat-web.xml

Along with lots of other bug fixes and improvements.


For full details, see the changelog:
http://svn.apache.org/repos/asf/tomcat/trunk/webapps/docs/changelog.xml

It can be obtained from:
https://dist.apache.org/repos/dist/dev/tomcat/tomcat-9/v9.0.0.M24/
The Maven staging repo is:
https://repository.apache.org/content/repositories/orgapachetomcat-1143/
The svn tag is:
http://svn.apache.org/repos/asf/tomcat/tags/TOMCAT_9_0_0_M24/

The proposed 9.0.0.M24 release is:
[ ] Broken - do not release
[x] Alpha - go ahead and release as 9.0.0.M24


Felix



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org




-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Re: [VOTE] Release Apache Tomcat 8.5.18

2017-07-20 Thread Felix Schumacher

Am 18.07.2017 um 15:58 schrieb Mark Thomas:

The proposed Apache Tomcat 8.5.18 release is now available for voting.

The major changes compared to the 8.5.16 release are:

- Enable TLS connectors to use Java key stores that contain multiple
   keys where each key has a separate password. Based on a patch by Frank
   Taffelt.

- Make asynchronous error handling more robust. In particular ensure
   that onError() is called for any registered AsyncListeners after an
   I/O error on a non-container thread.

- Sync SSL session access for the APR connector to prevent errors when
   accessing the session.


Along with lots of other bug fixes and improvements.


It can be obtained from:
https://dist.apache.org/repos/dist/dev/tomcat/tomcat-8/v8.5.18/
The Maven staging repo is:
https://repository.apache.org/content/repositories/orgapachetomcat-1144/
The svn tag is:
http://svn.apache.org/repos/asf/tomcat/tc8.5.x/tags/TOMCAT_8_5_18/

The proposed 8.5.18 release is:
[ ] Broken - do not release
[x] Stable - go ahead and release as 8.5.18


Felix


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org




-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Re: [VOTE] Release Apache Tomcat 9.0.0.M23

2017-07-05 Thread Felix Schumacher


Am 4. Juli 2017 10:19:05 MESZ schrieb Mark Thomas :
>The proposed Apache Tomcat 9.0.0.M23 release is now available for
>voting.
>
>This is a milestone release for the 9.0.x branch. It should be
>noted that, as a milestone release:
>- Servlet 4.0 is not finalised
>- The EGs have not started work on JSP 2.4, EL 3.1 or WebSocket 1.2/2.0
>
>The major changes compared to the 9.0.0.M22 release are:
>
>- Correct a regression in 9.0.0.M22 that prevented Tomcat from shutting
>  down cleanly.
>
>- Add LoadBalancerDrainingValve, a Valve designed to reduce the amount
>  of time required for a node to drain its authenticated users.
>
>- When generating JSP runtime error messages that quote the relevant
>JSP
>  source code, switch from using the results of the JSP page parsing
>  process to using the JSR 045 source map data to identify the correct
>  part of the JSP source from the stack trace. This significantly
> reduces the memory footprint of Jasper in development mode, provides a
>  small performance improvement for error page generation and enables
>  source quotes to continue to be provided after a Tomcat restart.
>
>Along with lots of other bug fixes and improvements.
>
>
>For full details, see the changelog:
>http://svn.apache.org/repos/asf/tomcat/trunk/webapps/docs/changelog.xml
>
>It can be obtained from:
>https://dist.apache.org/repos/dist/dev/tomcat/tomcat-9/v9.0.0.M23/
>The Maven staging repo is:
>https://repository.apache.org/content/repositories/orgapachetomcat-1141/
>The svn tag is:
>http://svn.apache.org/repos/asf/tomcat/tags/TOMCAT_9_0_0_M23/
>
>The proposed 9.0.0.M23 release is:
>[ ] Broken - do not release
>[x] Alpha - go ahead and release as 9.0.0.M23

Felix

>
>-
>To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
>For additional commands, e-mail: dev-h...@tomcat.apache.org

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Re: [VOTE] Release Apache Tomcat 8.5.17

2017-07-05 Thread Felix Schumacher


Am 4. Juli 2017 10:40:41 MESZ schrieb Mark Thomas :
>The proposed Apache Tomcat 8.5.17 release is now available for voting.
>
>The major changes compared to the 8.5.17 release are:
>
>- Make asynchronous error handling more robust. In particular ensure
>  that onError() is called for any registered AsyncListeners after an
>  I/O error on a non-container thread.
>
>- Correct a regression in 9.0.0.M22 that prevented Tomcat from shutting
>  down cleanly.
>
>- Sync SSL session access for the APR connector to prevent errors when
>  accessing the session.
>
>
>Along with lots of other bug fixes and improvements.
>
>
>It can be obtained from:
>https://dist.apache.org/repos/dist/dev/tomcat/tomcat-8/v8.5.17/
>The Maven staging repo is:
>https://repository.apache.org/content/repositories/orgapachetomcat-1142/
>The svn tag is:
>http://svn.apache.org/repos/asf/tomcat/tc8.5.x/tags/TOMCAT_8_5_17/
>
>The proposed 8.5.17 release is:
>[ ] Broken - do not release
>[x] Stable - go ahead and release as 8.5.17

Felix

>
>-
>To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
>For additional commands, e-mail: dev-h...@tomcat.apache.org

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Re: [VOTE] Release Apache Tomcat 8.0.45

2017-06-29 Thread Felix Schumacher


Am 26. Juni 2017 23:05:11 MESZ schrieb Violeta Georgieva :
>The proposed Apache Tomcat 8.0.45 release is now available for voting.
>
>It can be obtained from:
>https://dist.apache.org/repos/dist/dev/tomcat/tomcat-8/v8.0.45/
>The Maven staging repo is:
>https://repository.apache.org/content/repositories/orgapachetomcat-1140/
>The svn tag is:
>http://svn.apache.org/repos/asf/tomcat/tc8.0.x/tags/TOMCAT_8_0_45/
>
>The proposed 8.0.45 release is:
>[ ] Broken - do not release
>[x] Stable - go ahead and release as 8.0.45

Felix

>
>Regards,
>Violeta

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Re: [VOTE] Release Apache Tomcat 7.0.79

2017-06-27 Thread Felix Schumacher


Am 26. Juni 2017 19:22:05 MESZ schrieb Violeta Georgieva :
>The proposed Apache Tomcat 7.0.79 release is now available for voting.
>
>It can be obtained from:
>https://dist.apache.org/repos/dist/dev/tomcat/tomcat-7/v7.0.79/
>The Maven staging repo is:
>https://repository.apache.org/content/repositories/orgapachetomcat-1139/
>The svn tag is:
>http://svn.apache.org/repos/asf/tomcat/tc7.0.x/tags/TOMCAT_7_0_79/
>
>The proposed 7.0.79 release is:
>[ ] Broken - do not release
>[x] Stable - go ahead and release as 7.0.79 Stable

Felix

>
>Regards,
>Violeta

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Re: [VOTE] Release Apache Tomcat 8.5.16

2017-06-24 Thread Felix Schumacher


Am 21. Juni 2017 23:37:31 MESZ schrieb Mark Thomas :
>The proposed Apache Tomcat 8.5.16 release is now available for voting.
>
>The major changes compared to the 8.5.16 release are:
>
>- Add a new JULI FileHandler configuration for specifying the maximum
> number of days to keep the log files. By default the log files will be
>  kept 90 days.
>
>- Improvements to enable the Manager and HostManager to work in the
>  default configuration when working under a security manager
>
>- Introduce new API o.a.tomcat.websocket.WsSession#suspend/
>  o.a.tomcat.websocket.WsSession#resume that can be used to
>  suspend/resume reading of the incoming messages.
>
>
>It can be obtained from:
>https://dist.apache.org/repos/dist/dev/tomcat/tomcat-8/v8.5.16/
>The Maven staging repo is:
>https://repository.apache.org/content/repositories/orgapachetomcat-1138/
>The svn tag is:
>http://svn.apache.org/repos/asf/tomcat/tc8.5.x/tags/TOMCAT_8_5_16/
>
>The proposed 8.5.16 release is:
>[ ] Broken - do not release
>[x] Stable - go ahead and release as 8.5.16

Felix

>
>-
>To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
>For additional commands, e-mail: dev-h...@tomcat.apache.org

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Re: [VOTE] Release Apache Tomcat 9.0.0.M22

2017-06-24 Thread Felix Schumacher


Am 21. Juni 2017 16:18:39 MESZ schrieb Mark Thomas :
>The proposed Apache Tomcat 9.0.0.M22 release is now available for
>voting.
>
>This is a milestone release for the 9.0.x branch. It should be
>noted that, as a milestone release:
>- Servlet 4.0 is not finalised
>- The EGs have not started work on JSP 2.4, EL 3.1 or WebSocket 1.2/2.0
>
>The major changes compared to the 9.0.0.M21 release are:
>
>- Add a new JULI FileHandler configuration for specifying the maximum
> number of days to keep the log files. By default the log files will be
>  kept 90 days.
>
>- Update the Servlet 4.0 implementation to add support for setting
>  trailer fields for HTTP responses.
>
>- When pre-compiling with JspC, report all compilation errors rather
>  than stopping after the first error.
>
>Along with lots of other bug fixes and improvements
>
>For full details, see the changelog:
>http://svn.apache.org/repos/asf/tomcat/trunk/webapps/docs/changelog.xml
>
>It can be obtained from:
>https://dist.apache.org/repos/dist/dev/tomcat/tomcat-9/v9.0.0.M22/
>The Maven staging repo is:
>https://repository.apache.org/content/repositories/orgapachetomcat-1137/
>The svn tag is:
>http://svn.apache.org/repos/asf/tomcat/tags/TOMCAT_9_0_0_M22/
>
>The proposed 9.0.0.M22 release is:
>[ ] Broken - do not release
>[x] Alpha - go ahead and release as 9.0.0.M22

Felix

>
>-
>To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
>For additional commands, e-mail: dev-h...@tomcat.apache.org

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Re: [VOTE] 8.0.x EOL - 30 June 2018

2017-06-22 Thread Felix Schumacher


Am 22. Juni 2017 17:18:14 MESZ schrieb Mark Thomas :
>We had a couple of threads discussing this. I think it is time for a
>vote.
>
>[x] +1 We should announce 8.0.x EOL for 30 June 2018
>[ ] -1 We should announce 8.0.x EOL for [insert date here]
>[ ] -1 We should not announce 8.0.x EOL at this time
>

Felix

>Thanks,
>
>Mark
>
>-
>To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
>For additional commands, e-mail: dev-h...@tomcat.apache.org

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Re: Timescale for 8.0.x EOL

2017-06-06 Thread Felix Schumacher


Am 6. Juni 2017 20:39:44 MESZ schrieb Violeta Georgieva :
>Hi,
>
>2017-06-05 16:51 GMT+03:00 Mark Thomas :
>>
>> On 19/05/17 23:19, Christopher Schultz wrote:
>>
>> 
>>
>> > My proposal, adapted from the thread before discussion ceased last
>summer:
>> >
>> > 1. Set Tomcat 8.0.x EOL date for 31 May 2018
>> > 2. Discontinue monthly release cadence for Tomcat 8.0.x after
>8.0.45
>> > 3. Make these announcements as soon as we have agreed to the
>details for
>> > #1 and #2
>>
>> Yet again I managed to respond to the sender rather than the list...
>>
>> +1, for #1 and #3 assuming that we make this 30 June 2018.
>>
>> I'm neutral on #2 since it is unlikely to be me doing the releases.
>I've
>> no objection to monthly releases if someone wants to take that on. I
>> suspect every 2 to 3 months would be sufficient.
>
>In case there are enough people that can test the releases and vote I
>can
>do the releases for example every 2 months.

I will try to test and vote.

Felix

>
>Regards,
>Violeta
>
>>
>> Mark
>>
>> -
>> To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
>> For additional commands, e-mail: dev-h...@tomcat.apache.org
>>

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Re: [VOTE] Release Apache Tomcat 8.5.15

2017-05-09 Thread Felix Schumacher


Am 5. Mai 2017 13:38:24 MESZ schrieb Mark Thomas :
>The proposed Apache Tomcat 8.5.15 release is now available for voting.
>
>The major changes compared to the 8.5.13 release are:
>
>- Various improvements to the handling of static custom error pages
>
>- Update to Eclipse JDT Compiler 4.6.3
>
>- Review those places where Tomcat re-encodes a URI or URI component
>  and ensure that that correct encoding is consistently applied.
>
>It can be obtained from:
>https://dist.apache.org/repos/dist/dev/tomcat/tomcat-8/v8.5.15/
>The Maven staging repo is:
>https://repository.apache.org/content/repositories/orgapachetomcat-1134/
>The svn tag is:
>http://svn.apache.org/repos/asf/tomcat/tc8.5.x/tags/TOMCAT_8_5_15/
>
>The proposed 8.5.15 release is:
>[ ] Broken - do not release
>[x] Stable - go ahead and release as 8.5.15

Felix

>
>-
>To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
>For additional commands, e-mail: dev-h...@tomcat.apache.org

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Re: [VOTE] Release Apache Tomcat 9.0.0.M21

2017-05-08 Thread Felix Schumacher

Am 05.05.2017 um 11:03 schrieb Mark Thomas:

The proposed Apache Tomcat 9.0.0.M21 release is now available for voting.

This is a milestone release for the 9.0.x branch. It should be
noted that, as a milestone release:
- Servlet 4.0 is not finalised
- The EGs have not started work on JSP 2.4, EL 3.1 or WebSocket 1.2/2.0

The major changes compared to the 9.0.0.M20 release are:

- Update the default URIEncoding for a Connector to UTF-8 as required
   by the Servlet 4.0 specification.

- Various improvements to the handling of static custom error pages

- Update to Eclipse JDT Compiler 4.6.3

Along with lots of other bug fixes and improvements

For full details, see the changelog:
http://svn.apache.org/repos/asf/tomcat/trunk/webapps/docs/changelog.xml

It can be obtained from:
https://dist.apache.org/repos/dist/dev/tomcat/tomcat-9/v9.0.0.M21/
The Maven staging repo is:
https://repository.apache.org/content/repositories/orgapachetomcat-1133/
The svn tag is:
http://svn.apache.org/repos/asf/tomcat/tags/TOMCAT_9_0_0_M21/

The proposed 9.0.0.M21 release is:
[ ] Broken - do not release
[x] Alpha - go ahead and release as 9.0.0.M21


Some failures about missing ciphers in 
org.apache.tomcat.util.net.openssl.ciphers.TestOpenSSLCipherConfigurationParser 
for APR, NIO and NIO2,  but those are probably expected:


junit.framework.AssertionFailedError: Expected 36 ciphers but got 24 for 
the specification 'TLSv1' 
expected:<[TLS_DHE_PSK_WITH_AES_128_CBC_SHA256, TLS
_DHE_PSK_WITH_AES_256_CBC_SHA384, 
TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, 
TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, TLS_DHE_PSK_WITH_NULL_SHA256, TL
S_DHE_PSK_WITH_NULL_SHA384, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, 
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_ECDSA_WITH_NULL_SHA, 
TLS_ECDHE_PSK_W
ITH_AES_128_CBC_SHA, TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256, 
TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA, 
TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384, TLS_ECDHE_PSK_W
ITH_CAMELLIA_128_CBC_SHA256, TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, 
TLS_ECDHE_PSK_WITH_NULL_SHA, TLS_ECDHE_PSK_WITH_NULL_SHA256, 
TLS_ECDHE_PSK_WI
TH_NULL_SHA384, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, 
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_RSA_WITH_NULL_SHA, 
TLS_ECDH_anon_WITH_AES_128_CBC_SH
A, TLS_ECDH_anon_WITH_AES_256_CBC_SHA, TLS_ECDH_anon_WITH_NULL_SHA, 
TLS_PSK_WITH_AES_128_CBC_SHA256, TLS_PSK_WITH_AES_256_CBC_SHA384, 
TLS_PSK_WITH_CAM
ELLIA_128_CBC_SHA256, TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384, 
TLS_PSK_WITH_NULL_SHA256, TLS_PSK_WITH_NULL_SHA384, 
TLS_RSA_PSK_WITH_AES_128_CBC_SHA256, T
LS_RSA_PSK_WITH_AES_256_CBC_SHA384, 
TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256, 
TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384, TLS_RSA_PSK_WITH_NULL_SHA256,
TLS_RSA_PSK_WITH_NULL_SHA384]> but 
was:<[TLS_DHE_PSK_WITH_AES_128_CBC_SHA256, 
TLS_DHE_PSK_WITH_AES_256_CBC_SHA384, TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_S
HA256, TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, 
TLS_DHE_PSK_WITH_NULL_SHA256, TLS_DHE_PSK_WITH_NULL_SHA384, 
TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256, TL
S_ECDHE_PSK_WITH_AES_256_CBC_SHA384, 
TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, 
TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, TLS_ECDHE_PSK_WITH_NULL_S
HA256, TLS_ECDHE_PSK_WITH_NULL_SHA384, TLS_PSK_WITH_AES_128_CBC_SHA256, 
TLS_PSK_WITH_AES_256_CBC_SHA384, TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256, 
TLS_PSK
_WITH_CAMELLIA_256_CBC_SHA384, TLS_PSK_WITH_NULL_SHA256, 
TLS_PSK_WITH_NULL_SHA384, TLS_RSA_PSK_WITH_AES_128_CBC_SHA256, 
TLS_RSA_PSK_WITH_AES_256_CBC_S
HA384, TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256, 
TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384, TLS_RSA_PSK_WITH_NULL_SHA256, 
TLS_RSA_PSK_WITH_NULL_SHA384]

>
at 
org.apache.tomcat.util.net.openssl.ciphers.TestOpenSSLCipherConfigurationParser.testSpecification(TestOpenSSLCipherConfigurationParser.java

:570)
at 
org.apache.tomcat.util.net.openssl.ciphers.TestOpenSSLCipherConfigurationParser.testTLSv1(TestOpenSSLCipherConfigurationParser.java:296)


Felix


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org




-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Re: [ANN] New committer: Michael Osipov

2017-05-08 Thread Felix Schumacher
Welcome.

Regards,
 Felix


Am 8. Mai 2017 10:08:45 MESZ schrieb Mark Thomas :
>On behalf of the Tomcat committers I am pleased to announce that
>Michael Osipov (michaelo) has been voted in as a new Tomcat committer.
>
>Please join me in welcoming him.
>
>Regards,
>
>Mark
>
>-
>To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
>For additional commands, e-mail: dev-h...@tomcat.apache.org


  1   2   3   >