[Bug 56148] support (multiple) ocsp stapling

2019-06-18 Thread bugzilla
https://bz.apache.org/bugzilla/show_bug.cgi?id=56148

--- Comment #7 from Christopher Schultz  ---
(In reply to Mark Thomas from comment #4)
> -Djdk.tls.server.enableStatusRequestExtension=true

Is this something that is possible via Tomcat configuration? Or is it only
possible via a system property, which may be required to be set quite early-on
in the JVM initialization?

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



[Bug 63514] Tomcat 8.0.23 crash (tcnative-1.dll+0x7e75)

2019-06-18 Thread bugzilla
https://bz.apache.org/bugzilla/show_bug.cgi?id=63514

Mark Thomas  changed:

   What|Removed |Added

 OS||All
 Resolution|--- |WONTFIX
 Status|NEW |RESOLVED

--- Comment #1 from Mark Thomas  ---
Both Apache Tomcat Native 1.1.x and Apache Tomcat 8.0.x are no longer
supported. You need to upgrade to supported versions of both.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



[Bug 63514] New: Tomcat 8.0.23 crash (tcnative-1.dll+0x7e75)

2019-06-18 Thread bugzilla
https://bz.apache.org/bugzilla/show_bug.cgi?id=63514

Bug ID: 63514
   Summary: Tomcat 8.0.23 crash (tcnative-1.dll+0x7e75)
   Product: Tomcat Native
   Version: 1.1.33
  Hardware: PC
Status: NEW
  Severity: critical
  Priority: P2
 Component: Library
  Assignee: dev@tomcat.apache.org
  Reporter: in_small_wo...@yahoo.com.tw
  Target Milestone: ---

#
# A fatal error has been detected by the Java Runtime Environment:
#
#  EXCEPTION_ACCESS_VIOLATION (0xc005) at pc=0x000180007e75, pid=2516,
tid=0x09bc
#
# JRE version: OpenJDK Runtime Environment (8.0_121-b13) (build
1.8.0_121-2-ojdkbuild-b13)
# Java VM: OpenJDK 64-Bit Server VM (25.121-b13 mixed mode windows-amd64
compressed oops)
# Problematic frame:
# C  [tcnative-1.dll+0x7e75]
#
# Core dump written. Default location: D:\Tomcat\Tomcat 8.0\hs_err_pid2516.mdmp
#
# If you would like to submit a bug report, please visit:
#   http://bugreport.java.com/bugreport/crash.jsp
# The crash happened outside the Java Virtual Machine in native code.
# See problematic frame for where to report the bug.
#

---  T H R E A D  ---

Current thread (0x1ed6e000):  JavaThread "http-apr--Poller" daemon
[_thread_in_native, id=2492, stack(0x254d,0x255d)]

siginfo: ExceptionCode=0xc005, writing address 0x704c

Registers:
RAX=0x2bdf4740, RBX=0x26186300, RCX=0x704c,
RDX=0x2bdf4678
RSP=0x255cf5a0, RBP=0x, RSI=0x,
RDI=0x18ff5948
R8 =0x, R9 =0x18fde918, R10=0x4000,
R11=0x2bdf4740
R12=0x0008, R13=0x18ff5990, R14=0x00058b76ff696805,
R15=0x0001
RIP=0x000180007e75, EFLAGS=0x00010246

Top of Stack: (sp=0x255cf5a0)
0x255cf5a0:    18ff5948
0x255cf5b0:   255cf618 255cf620
0x255cf5c0:   e050 037f41e0
0x255cf5d0:   1ed6e000 255cf670
0x255cf5e0:   20065ffd 
0x255cf5f0:   0001 255cf680
0x255cf600:   e8404e38 02877da8
0x255cf610:   1ed6e1e0 0002
0x255cf620:   18fed948 2c23
0x255cf630:   255cf650 0001
0x255cf640:   d96e8c38 00010001
0x255cf650:   e8404e38 
0x255cf660:   01d52484cf5c4214 e7708dc0
0x255cf670:   e7708dc0 0202
0x255cf680:   2bd20650 03a334b8
0x255cf690:   01d52484cf5c4214 01a910b5 

Instructions: (pc=0x000180007e75)
0x000180007e55:   48 8b 94 24 80 00 00 00 48 8b 4f 10 e8 2a 57 01
0x000180007e65:   00 4c 8b 5b 38 49 8b 13 48 8b 43 38 48 8b 48 08
0x000180007e75:   48 89 11 48 8b 43 38 48 8b 50 08 48 8b 43 38 48
0x000180007e85:   8b 08 48 89 51 08 48 8b 43 38 4c 89 28 48 8b 4f 


Register to memory mapping:

RAX=0x2bdf4740 is an unknown value
RBX=0x26186300 is an unknown value
RCX=0x704c is an unknown value
RDX=0x2bdf4678 is an unknown value
RSP=0x255cf5a0 is pointing into the stack for thread:
0x1ed6e000
RBP=0x is an unknown value
RSI=0x is an unknown value
RDI=0x18ff5948 is an unknown value
R8 =0x is an unknown value
R9 =0x18fde918 is an unknown value
R10=0x4000 is an unknown value
R11=0x2bdf4740 is an unknown value
R12=0x0008 is an unknown value
R13=0x18ff5990 is an unknown value
R14=0x00058b76ff696805 is an unknown value
R15=0x0001 is an unknown value


Stack: [0x254d,0x255d],  sp=0x255cf5a0,  free
space=1021k
Native frames: (J=compiled Java code, j=interpreted, Vv=VM code, C=native code)

Java frames: (J=compiled Java code, j=interpreted, Vv=VM code)
J 4302  org.apache.tomcat.jni.Poll.poll(JJ[JZ)I (0 bytes) @ 0x02877d22
[0x02877cc0+0x62]
J 10700% C2 org.apache.tomcat.util.net.AprEndpoint$Poller.run()V (2340 bytes) @
0x03a334b8 [0x03a32b00+0x9b8]
j  java.lang.Thread.run()V+11
v  ~StubRoutines::call_stub

---  P R O C E S S  ---

Java Threads: ( => current thread )
  0x238ac800 JavaThread "http-apr--exec-445" daemon [_thread_blocked,
id=13228, stack(0x2d54,0x2d64)]
  0x238ac000 JavaThread "http-apr--exec-444" daemon [_thread_blocked,
id=13224, stack(0x2d44,0x2d54)]
  0x238ab000 JavaThread "http-apr--exec-443" daemon [_thread_blocked,
id=13220, stack(0x2d34,0x2d44)]
  0x238aa800 JavaThread "http-

[Bug 50025] getConnection method in class DataSourceProxy is ignoring credentials

2019-06-18 Thread bugzilla
https://bz.apache.org/bugzilla/show_bug.cgi?id=50025

--- Comment #8 from Randy Bonnette  ---
Here're the parameters:
https://arcgis.env.nm.gov/docs/api/index.html?org/apache/tomcat/jdbc/pool/DataSourceProxy.html
https://writemyessaytoday.net/write-my-essay-in-2-hours I used Spring Boot
1.5.4 and had this error: "SQLException: The url cannot be null". Found the
solution on stackoverflow.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



[Bug 63505] enhancement - support of stored procedures for DataSourceRealm authentication

2019-06-17 Thread bugzilla
https://bz.apache.org/bugzilla/show_bug.cgi?id=63505

--- Comment #3 from Eugène Adell  ---
The first one retrieves the user's password, the second the user's roles.

Better ideas to names these attributes are of course welcome.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



[Bug 63505] enhancement - support of stored procedures for DataSourceRealm authentication

2019-06-17 Thread bugzilla
https://bz.apache.org/bugzilla/show_bug.cgi?id=63505

--- Comment #2 from Christopher Schultz  ---
What are userProcStoc and roleProcStoc abbreviations for? Those names look
weird.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



[Bug 63500] Core dump using APR tomcat native with certificateRevocationListFile

2019-06-17 Thread bugzilla
https://bz.apache.org/bugzilla/show_bug.cgi?id=63500

--- Comment #6 from Mark Thomas  ---
The stack trace suggests the fix for bug 62094 was incorrect.

Looking at the trace, the proposed patch and the commit, I think the patch was
not applied correctly.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



[Bug 56148] support (multiple) ocsp stapling

2019-06-17 Thread bugzilla
https://bz.apache.org/bugzilla/show_bug.cgi?id=56148

--- Comment #6 from Mark Thomas  ---
This will need code changes in Tomcat Native. A rough outline of what is
required is provided by:
https://www.openssl.org/docs/man1.1.0/man3/SSL_CTX_set_tlsext_status_arg.html

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



[Bug 56148] support (multiple) ocsp stapling

2019-06-17 Thread bugzilla
https://bz.apache.org/bugzilla/show_bug.cgi?id=56148

--- Comment #5 from Mark Thomas  ---
Just switching implementations (no config changes)

NIO-OpenSSL - no stapling
APR-OpenSSL - no stapling

Next step is to look at OpenSSL config and API to see a) if this can be enabled
and b) what the options are for doing so.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



[Bug 56148] support (multiple) ocsp stapling

2019-06-17 Thread bugzilla
https://bz.apache.org/bugzilla/show_bug.cgi?id=56148

--- Comment #4 from Mark Thomas  ---
I can confirm this "just works" if you have a suitably configured certificate
(LetsEncrypt in my test), a Java version that supports it (JDK 11.0.3+7 in my
test), are using a JSSE based connector (NIO with JSSE in my test) and have set
the appropriate system property
(-Djdk.tls.server.enableStatusRequestExtension=true).

Confirmed with SSLLabs.

Next up is testing with an OpenSSL based connector.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



[Bug 63510] No

2019-06-16 Thread bugzilla
https://bz.apache.org/bugzilla/show_bug.cgi?id=63510

--- Comment #2 from Rainer Jung  ---
Bugzilla is not a playground.
Stop this immediately or you will get blocked.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



[Bug 63510] No

2019-06-16 Thread bugzilla
https://bz.apache.org/bugzilla/show_bug.cgi?id=63510

Rainer Jung  changed:

   What|Removed |Added

  Alias|Alias, No   |

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



[Bug 63214] Using JkAutoAlias, Filenames with Spaces Cannot be found

2019-06-16 Thread bugzilla
https://bz.apache.org/bugzilla/show_bug.cgi?id=63214

Rainer Jung  changed:

   What|Removed |Added

 Status|RESOLVED|REOPENED
 Resolution|INVALID |---

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



[Bug 57402] Provide correlation ID between mod_jk log and access log

2019-06-16 Thread bugzilla
https://bz.apache.org/bugzilla/show_bug.cgi?id=57402

Rainer Jung  changed:

   What|Removed |Added

  Alias|Forst, Gr   |

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



[Bug 57790] Check worker names for typos

2019-06-16 Thread bugzilla
https://bz.apache.org/bugzilla/show_bug.cgi?id=57790

Rainer Jung  changed:

   What|Removed |Added

  Alias|Ranier  |

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



[Bug 57402] Provide correlation ID between mod_jk log and access log

2019-06-16 Thread bugzilla
https://bz.apache.org/bugzilla/show_bug.cgi?id=57402

Hazem Hosny  changed:

   What|Removed |Added

  Alias||Gr, Forst

--- Comment #1 from Hazem Hosny  ---
No comment

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



[Bug 56489] Include a directory for configuration files

2019-06-16 Thread bugzilla
https://bz.apache.org/bugzilla/show_bug.cgi?id=56489

Hazem Hosny  changed:

   What|Removed |Added

  Alias||Po

--- Comment #2 from Hazem Hosny  ---
No comment

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



[Bug 52483] Print JkOptions's options in log file and jkstatus page

2019-06-16 Thread bugzilla
https://bz.apache.org/bugzilla/show_bug.cgi?id=52483

Hazem Hosny  changed:

   What|Removed |Added

  Alias||Svn

--- Comment #5 from Hazem Hosny  ---
No comment

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



[Bug 61621] Content-Type is forced to lowercase when it goes through mod_jk

2019-06-16 Thread bugzilla
https://bz.apache.org/bugzilla/show_bug.cgi?id=61621

Hazem Hosny  changed:

   What|Removed |Added

  Alias||Mark, dony

--- Comment #2 from Hazem Hosny  ---
No comment

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



[Bug 46767] mod_jk to send DECLINED in case no fail-over tomcats available/configured

2019-06-16 Thread bugzilla
https://bz.apache.org/bugzilla/show_bug.cgi?id=46767

Hazem Hosny  changed:

   What|Removed |Added

  Alias||Denich

--- Comment #3 from Hazem Hosny  ---
No comment

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



[Bug 57790] Check worker names for typos

2019-06-16 Thread bugzilla
https://bz.apache.org/bugzilla/show_bug.cgi?id=57790

Hazem Hosny  changed:

   What|Removed |Added

  Alias||Ranier

--- Comment #1 from Hazem Hosny  ---
No comment

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



[Bug 56576] Websocket support

2019-06-16 Thread bugzilla
https://bz.apache.org/bugzilla/show_bug.cgi?id=56576

Hazem Hosny  changed:

   What|Removed |Added

  Alias||Thank, you

--- Comment #2 from Hazem Hosny  ---
No comment

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



[Bug 54621] [PATCH] custom mod_jk availability checks

2019-06-16 Thread bugzilla
https://bz.apache.org/bugzilla/show_bug.cgi?id=54621

Hazem Hosny  changed:

   What|Removed |Added

  Alias||Who

--- Comment #4 from Hazem Hosny  ---
No comment

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



[Bug 62093] Allow use_server_errors to apply to specific status code only

2019-06-16 Thread bugzilla
https://bz.apache.org/bugzilla/show_bug.cgi?id=62093

Hazem Hosny  changed:

   What|Removed |Added

  Alias||Guest

--- Comment #1 from Hazem Hosny  ---
No comment

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



[Bug 47327] Return tomcat authenticated user back to mod_jk (AJP improvement)

2019-06-16 Thread bugzilla
https://bz.apache.org/bugzilla/show_bug.cgi?id=47327

Hazem Hosny  changed:

   What|Removed |Added

  Alias||Please, be, impolite

--- Comment #2 from Hazem Hosny  ---
No comment

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



[Bug 61476] Allow reset of an individual worker stat value

2019-06-16 Thread bugzilla
https://bz.apache.org/bugzilla/show_bug.cgi?id=61476

Hazem Hosny  changed:

   What|Removed |Added

  Alias||I, say

--- Comment #1 from Hazem Hosny  ---
No comment

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



[Bug 63214] Using JkAutoAlias, Filenames with Spaces Cannot be found

2019-06-16 Thread bugzilla
https://bz.apache.org/bugzilla/show_bug.cgi?id=63214

Hazem Hosny  changed:

   What|Removed |Added

 Resolution|--- |INVALID
 Status|NEW |RESOLVED

--- Comment #1 from Hazem Hosny  ---
No comment ken

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



[Bug 63510] No

2019-06-16 Thread bugzilla
https://bz.apache.org/bugzilla/show_bug.cgi?id=63510

Hazem Hosny  changed:

   What|Removed |Added

 Resolution|--- |FIXED
  Alias||No, Alias
 Status|NEW |RESOLVED

--- Comment #1 from Hazem Hosny  ---
No comment

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



[Bug 63510] New: No

2019-06-16 Thread bugzilla
https://bz.apache.org/bugzilla/show_bug.cgi?id=63510

Bug ID: 63510
   Summary: No
   Product: Tomcat Connectors
   Version: unspecified
  Hardware: HP
OS: Linux
Status: NEW
  Severity: normal
  Priority: P2
 Component: mod_jk
  Assignee: dev@tomcat.apache.org
  Reporter: mazik...@yahoo.com
  Target Milestone: ---

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



[Bug 63507] Tomcat not responding (in browser) after undeploying docs and examples application.

2019-06-16 Thread bugzilla
https://bz.apache.org/bugzilla/show_bug.cgi?id=63507

Konstantin Kolinko  changed:

   What|Removed |Added

 Resolution|--- |INVALID
 Status|NEW |RESOLVED

--- Comment #1 from Konstantin Kolinko  ---
http://tomcat.apache.org/bugreport.html#Bugzilla_is_not_a_support_forum

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Bug report for Tomcat Native [2019/06/16]

2019-06-16 Thread bugzilla
+---+
| Bugzilla Bug ID   |
| +-+
| | Status: UNC=Unconfirmed NEW=New ASS=Assigned|
| | OPN=ReopenedVER=Verified(Skipped Closed/Resolved)   |
| |   +-+
| |   | Severity: BLK=Blocker CRI=Critical  REG=Regression  MAJ=Major   |
| |   |   MIN=Minor   NOR=NormalENH=Enhancement TRV=Trivial |
| |   |   +-+
| |   |   | Date Posted |
| |   |   |  +--+
| |   |   |  | Description  |
| |   |   |  |  |
|53940|New|Enh|2012-09-27|Added support for new CRL loading after expiration|
|57815|New|Enh|2015-04-15|Improve error message when OpenSSL does not suppor|
|59286|New|Nor|2016-04-07|Socket binding failures when using APR|
|62626|Inf|Nor|2018-08-15|Tomcat 9.0.10 APR/Native crashes  |
|62911|New|Enh|2018-11-15|Add support for proxying ocsp  requests via ProxyH|
|63159|New|Nor|2019-02-08|Problem with native/Makefile.in introduced with na|
|63199|New|Nor|2019-02-22|sslsocket handshake JVM crash |
|63356|Opn|Maj|2019-04-16|OCSP_parse_url error while parsing Authority Infor|
|63405|New|Nor|2019-05-06|Tomcat 7.0.91.0 EXCEPTION_ACCESS_VIOLATION - Probl|
+-+---+---+--+--+
| Total9 bugs   |
+---+

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Bug report for Tomcat 9 [2019/06/16]

2019-06-16 Thread bugzilla
+---+
| Bugzilla Bug ID   |
| +-+
| | Status: UNC=Unconfirmed NEW=New ASS=Assigned|
| | OPN=ReopenedVER=Verified(Skipped Closed/Resolved)   |
| |   +-+
| |   | Severity: BLK=Blocker CRI=Critical  REG=Regression  MAJ=Major   |
| |   |   MIN=Minor   NOR=NormalENH=Enhancement TRV=Trivial |
| |   |   +-+
| |   |   | Date Posted |
| |   |   |  +--+
| |   |   |  | Description  |
| |   |   |  |  |
|57505|New|Enh|2015-01-27|Add integration tests for JspC|
|57661|New|Enh|2015-03-04|Delay sending of 100 continue response until appli|
|58242|New|Enh|2015-08-13|Scanning jars in classpath to get annotations in p|
|58530|New|Enh|2015-10-23|Proposal for new Manager HTML GUI |
|58548|New|Enh|2015-10-26|support certifcate transparency   |
|58859|New|Enh|2016-01-14|Allow to limit charsets / encodings supported by T|
|59203|New|Enh|2016-03-21|Try to call Thread.interrupt before calling Thread|
|59344|Ver|Enh|2016-04-18|PEM file support for JSSE |
|59750|New|Enh|2016-06-24|Amend "authenticate" method with context by means |
|59901|New|Enh|2016-07-26|Reduce I/O associated with JSP compilation|
|60997|New|Enh|2017-04-17|Enhance SemaphoreValve to support denied status an|
|61971|New|Enh|2018-01-06|documentation for using tomcat with systemd   |
|62048|New|Enh|2018-01-25|Missing logout function in Manager and Host-Manage|
|62072|New|Enh|2018-02-01|Add support for request compression   |
|62140|New|Enh|2018-02-27|catalina.sh should document the verbs it accepts a|
|62312|New|Enh|2018-04-18|Add Proxy Authentication support to websocket clie|
|62405|New|Enh|2018-05-23|Add Rereadable Request Filter |
|62488|New|Enh|2018-06-25|Obtain dependencies from Maven Central where possi|
|62611|New|Enh|2018-08-09|Compress log files after rotation |
|62695|Inf|Nor|2018-09-07|Provide sha512 checksums for Tomcat releases publi|
|62696|New|Enh|2018-09-07|Consider use of sha256 for signing of .exe files o|
|62723|New|Enh|2018-09-14|Clarify "channelSendOptions" value in cluster docu|
|62773|New|Enh|2018-09-28|Change DeltaManager to handle session deserializat|
|62814|New|Enh|2018-10-10|Use readable names for cluster channel/map options|
|62843|New|Enh|2018-10-22|Tomcat Russian localization   |
|62920|New|Enh|2018-11-17|Maven Plugin For Tomcat 9.0.x |
|62964|New|Enh|2018-11-29|Add RFC7807 conformant Problem Details for HTTP st|
|63023|New|Enh|2018-12-20|Provide a way to load SecurityProviders into the s|
|63049|New|Enh|2018-12-31|Add support in system properties override from com|
|63191|Inf|Nor|2019-02-20|RemoteEndpoint.Async#sendText(String, SendHandler)|
|63237|New|Enh|2019-03-06|Consider processing mbeans-descriptors.xml at comp|
|63310|New|Nor|2019-04-02|Update Commons Daemon for improved Java 11 support|
|63362|New|Enh|2019-04-18|GlobalRequestProcessor statistics in MBean does no|
|63389|New|Enh|2019-04-27|Enable Servlet Warmup for Containerization|
|63493|New|Enh|2019-06-10|enhancement - add JMX counters to monitor authenti|
|63500|New|Nor|2019-06-13|Core dump using APR tomcat native with certificate|
|63505|New|Enh|2019-06-14|enhancement - support of stored procedures for Dat|
+-+---+---+--+--+
| Total   37 bugs   |
+---+

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Bug report for Tomcat 8 [2019/06/16]

2019-06-16 Thread bugzilla
+---+
| Bugzilla Bug ID   |
| +-+
| | Status: UNC=Unconfirmed NEW=New ASS=Assigned|
| | OPN=ReopenedVER=Verified(Skipped Closed/Resolved)   |
| |   +-+
| |   | Severity: BLK=Blocker CRI=Critical  REG=Regression  MAJ=Major   |
| |   |   MIN=Minor   NOR=NormalENH=Enhancement TRV=Trivial |
| |   |   +-+
| |   |   | Date Posted |
| |   |   |  +--+
| |   |   |  | Description  |
| |   |   |  |  |
|55243|New|Enh|2013-07-11|Add special search string for nested roles|
|55252|New|Enh|2013-07-12|Separate Ant and command-line wrappers for JspC   |
|55383|New|Enh|2013-08-07|Improve markup and design of Tomcat's HTML pages  |
|9|New|Enh|2013-09-14|UserDatabaseRealm enhacement: may use local JNDI  |
|55675|New|Enh|2013-10-18|Checking and handling invalid configuration option|
|55788|New|Enh|2013-11-16|TagPlugins should key on tag QName rather than imp|
|55969|New|Enh|2014-01-07|Security-related enhancements to the Windows Insta|
|56166|New|Enh|2014-02-20|Suggestions for exception handling (avoid potentia|
|56361|New|Enh|2014-04-08|org.apache.tomcat.websocket.WsWebSocketContainer#b|
|56398|New|Enh|2014-04-11|Support Arquillian-based unit testing |
|56399|New|Enh|2014-04-11|Re-factor request/response recycling so Coyote and|
|56402|New|Enh|2014-04-11|Add support for HTTP Upgrade to AJP components|
|56448|New|Enh|2014-04-23|Implement a robust solution for client initiated S|
|56522|Opn|Enh|2014-05-14|jasper-el 8 does not comply to EL Spec 3.0 regardi|
|56546|New|Enh|2014-05-19|Improve thread trace logging in WebappClassLoader.|
|56713|New|Enh|2014-07-12|Limit time that incoming request waits while webap|
|56724|New|Enh|2014-07-15|Restart Container background thread if it died une|
|56890|Inf|Maj|2014-08-26|getRealPath returns null  |
|56966|New|Enh|2014-09-11|AccessLogValve's elapsed time has 15ms precision o|
|57130|New|Enh|2014-10-22|Allow digest.sh to accept password from a file or |
|57421|New|Enh|2015-01-07|Farming default directories   |
|57486|New|Enh|2015-01-23|Improve reuse of ProtectedFunctionMapper instances|
|57665|New|Enh|2015-03-05|support x-forwarded-host  |
|57701|New|Enh|2015-03-13|Implement "[Redeploy]" button for a web applicatio|
|57830|New|Enh|2015-04-18|Add support for ProxyProtocol |
|58052|Opn|Enh|2015-06-19|RewriteValve: Implement additional RewriteRule dir|
|58072|New|Enh|2015-06-23|ECDH curve selection  |
|58143|Opn|Enh|2015-07-15|The WebppClassLoader doesn't call transformers on |
|58577|New|Enh|2015-11-03|JMX Proxy Servlet can't handle overloaded methods |
|58837|New|Enh|2016-01-12|support "X-Content-Security-Policy" a.k.a as "CSP"|
|58935|Opn|Enh|2016-01-29|Re-deploy from war without deleting context   |
|59232|New|Enh|2016-03-24|Make the context name of an app available via JNDI|
|59423|New|Enh|2016-05-03|amend "No LoginModules configured for ..." with hi|
|59758|New|Enh|2016-06-27|Add http proxy username-password credentials suppo|
|60281|Ver|Nor|2016-10-20|Pathname of uploaded WAR file should not be contai|
|60721|Ver|Nor|2017-02-10|Unable to find key spec if more applications use b|
|60781|New|Nor|2017-02-27|Access Log Valve does not escape the same as mod_l|
|60849|New|Enh|2017-03-13|Tomcat NIO Connector not able to handle SSL renego|
|61668|Ver|Min|2017-10-26|Possible NullPointerException in org.apache.coyote|
|61877|New|Enh|2017-12-08|use web.xml from CATALINA_HOME by default |
|61917|New|Enh|2017-12-19|AddDefaultCharsetFilter only supports text/* respo|
|62150|New|Enh|2018-03-01|Behavior of relative paths with RequestDispatcher |
|62214|New|Enh|2018-03-22|The "userSubtree=true" and "roleSubtree=true" in J|
|62245|New|Enh|2018-04-02|[Documentation] Mention contextXsltFile in Default|
|62496|New|Enh|2018-06-27|Add possibility write remote user/auth type to res|
|62912|New|Enh|2018-11-15|Tomcat adds a space character in the Content-Type |
|63080|New|Enh|2019-01-16|Support rfc7239 Forwarded header  |
|63195|Inf|Enh|2019-02-21|Add easy way to test RemoteIpValve works properly |
|63285|New|Nor|2019-03-25|service.bat does not handle changed "Windows Servi|
|63286|New|Enh|2019-03-25|Inconsistencies between AccessLogValve and mod_log|
|63507|New|

Bug report for Tomcat Modules [2019/06/16]

2019-06-16 Thread bugzilla
+---+
| Bugzilla Bug ID   |
| +-+
| | Status: UNC=Unconfirmed NEW=New ASS=Assigned|
| | OPN=ReopenedVER=Verified(Skipped Closed/Resolved)   |
| |   +-+
| |   | Severity: BLK=Blocker CRI=Critical  REG=Regression  MAJ=Major   |
| |   |   MIN=Minor   NOR=NormalENH=Enhancement TRV=Trivial |
| |   |   +-+
| |   |   | Date Posted |
| |   |   |  +--+
| |   |   |  | Description  |
| |   |   |  |  |
|50571|Inf|Nor|2011-01-11|Tomcat 7 JDBC connection pool exception enhancemen|
|51595|Inf|Nor|2011-08-01|org.apache.tomcat.jdbc.pool.jmx.ConnectionPool sho|
|51879|Inf|Enh|2011-09-22|Improve access to Native Connection Methods   |
|52024|Inf|Enh|2011-10-13|Custom interceptor to support automatic failover o|
|53199|Inf|Enh|2012-05-07|Refactor ConnectionPool to use ScheduledExecutorSe|
|54437|New|Enh|2013-01-16|Update PoolProperties javadoc for ConnectState int|
|54929|Inf|Nor|2013-05-05|jdbc-pool cannot be used with Java 1.5, "java.lang|
|55078|New|Nor|2013-06-07|Configuring a DataSource Resource with dataSourceJ|
|55662|New|Enh|2013-10-17|Add a way to set an instance of java.sql.Driver di|
|56046|New|Enh|2014-01-21|org.apache.tomcat.jdbc.pool.XADataSource InitSQL p|
|56088|New|Maj|2014-01-29|AbstractQueryReport$StatementProxy throws exceptio|
|56310|Inf|Maj|2014-03-25|PooledConnection and XAConnection not handled corr|
|56586|New|Nor|2014-06-02|initSQL should be committed if defaultAutoCommit =|
|56775|New|Nor|2014-07-28|PoolCleanerTime schedule issue|
|56779|New|Nor|2014-07-28|Allow multiple connection initialization statement|
|56790|New|Nor|2014-07-29|Resizing pool.maxActive to a higher value at runti|
|56798|New|Nor|2014-07-31|Idle eviction strategy could perform better (and i|
|56804|New|Nor|2014-08-02|Use a default validationQueryTimeout other than "f|
|56805|New|Nor|2014-08-02|datasource.getConnection() may be unnecessarily bl|
|56837|New|Nor|2014-08-11|if validationQuery have error with timeBetweenEvic|
|56970|New|Nor|2014-09-11|MaxActive vs. MaxTotal for commons-dbcp and tomcat|
|56974|New|Nor|2014-09-12|jdbc-pool validation query defaultAutoCommit statu|
|57460|New|Nor|2015-01-19|[DB2]Connection broken after few hours but not rem|
|57729|New|Enh|2015-03-20|Add QueryExecutionReportInterceptor to log query e|
|58489|Opn|Maj|2015-10-08|QueryStatsComparator throws IllegalArgumentExcepti|
|59077|New|Nor|2016-02-26|DataSourceFactory creates a neutered data source  |
|59569|New|Nor|2016-05-18|isWrapperFor/unwrap implementations incorrect |
|59879|New|Nor|2016-07-18|StatementCache interceptor returns ResultSet objec|
|60195|New|Nor|2016-10-02|No javadoc in Maven Central   |
|60522|New|Nor|2016-12-27|An option for setting if the transaction should be|
|60524|Inf|Nor|2016-12-28|NPE in SlowQueryReport in tomcat-jdbc-7.0.68  |
|60645|New|Nor|2017-01-25|StatementFinalizer is not thread-safe |
|61032|New|Nor|2017-04-24|min pool size is not being respected  |
|61103|New|Nor|2017-05-18|StatementCache potentially caching non-functional |
|61302|New|Enh|2017-07-15|Refactoring of DataSourceProxy|
|61303|New|Enh|2017-07-15|Refactoring of ConnectionPool |
|62432|New|Nor|2018-06-06|Memory Leak in Statement Finalizer?   |
|62598|New|Enh|2018-08-04|support pool with multiple JDBC data sources  |
|62910|Inf|Nor|2018-11-15|tomcat-jdbc global pool transaction problem   |
+-+---+---+--+--+
| Total   39 bugs   |
+---+

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Bug report for Taglibs [2019/06/16]

2019-06-16 Thread bugzilla
+---+
| Bugzilla Bug ID   |
| +-+
| | Status: UNC=Unconfirmed NEW=New ASS=Assigned|
| | OPN=ReopenedVER=Verified(Skipped Closed/Resolved)   |
| |   +-+
| |   | Severity: BLK=Blocker CRI=Critical  REG=Regression  MAJ=Major   |
| |   |   MIN=Minor   NOR=NormalENH=Enhancement TRV=Trivial |
| |   |   +-+
| |   |   | Date Posted |
| |   |   |  +--+
| |   |   |  | Description  |
| |   |   |  |  |
|38193|Ass|Enh|2006-01-09|[RDC] BuiltIn Grammar support for Field   |
|38600|Ass|Enh|2006-02-10|[RDC] Enable RDCs to be used in X+V markup (X+RDC)|
|42413|New|Enh|2007-05-14|[PATCH] Log Taglib enhancements   |
|46052|New|Nor|2008-10-21|SetLocaleSupport is slow to initialize when many l|
|48333|New|Enh|2009-12-02|TLD generator |
|57548|New|Min|2015-02-08|Auto-generate the value for org.apache.taglibs.sta|
|57684|New|Min|2015-03-10|Version info should be taken from project version |
|59359|New|Enh|2016-04-20|(Task) Extend validity period for signing KEY - be|
|59668|New|Nor|2016-06-06|x:forEach retains the incorrect scope when used in|
|61875|New|Nor|2017-12-08|Investigate whether Xalan can be removed  |
+-+---+---+--+--+
| Total   10 bugs   |
+---+

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Bug report for Tomcat Connectors [2019/06/16]

2019-06-16 Thread bugzilla
+---+
| Bugzilla Bug ID   |
| +-+
| | Status: UNC=Unconfirmed NEW=New ASS=Assigned|
| | OPN=ReopenedVER=Verified(Skipped Closed/Resolved)   |
| |   +-+
| |   | Severity: BLK=Blocker CRI=Critical  REG=Regression  MAJ=Major   |
| |   |   MIN=Minor   NOR=NormalENH=Enhancement TRV=Trivial |
| |   |   +-+
| |   |   | Date Posted |
| |   |   |  +--+
| |   |   |  | Description  |
| |   |   |  |  |
|46767|New|Enh|2009-02-25|mod_jk to send DECLINED in case no fail-over tomca|
|47327|New|Enh|2009-06-07|Return tomcat authenticated user back to mod_jk (A|
|47750|New|Maj|2009-08-27|ISAPI: Loss of worker settings when changing via j|
|47795|New|Maj|2009-09-07|service sticky_session not being set correctly wit|
|48830|New|Nor|2010-03-01|IIS shutdown blocked in endpoint service when serv|
|49822|New|Enh|2010-08-25|Add hash lb worker method |
|49903|New|Enh|2010-09-09|Make workers file reloadable  |
|52483|New|Enh|2012-01-18|Print JkOptions's options in log file and jkstatus|
|53883|Inf|Maj|2012-09-17|isapi_redirect v 1.2.37 crashes w3wp.exe  on the p|
|54621|New|Enh|2013-02-28|[PATCH] custom mod_jk availability checks |
|56489|New|Enh|2014-05-05|Include a directory for configuration files   |
|56576|New|Enh|2014-05-29|Websocket support |
|57402|New|Enh|2014-12-30|Provide correlation ID between mod_jk log and acce|
|57403|New|Enh|2014-12-30|Persist configuration changes made via status work|
|57407|New|Enh|2014-12-31|Make session_cookie, session_path and session_cook|
|57790|New|Enh|2015-04-03|Check worker names for typos  |
|61476|New|Enh|2017-09-01|Allow reset of an individual worker stat value|
|61621|New|Enh|2017-10-15|Content-Type is forced to lowercase when it goes t|
|62093|New|Enh|2018-02-09|Allow use_server_errors to apply to specific statu|
|63214|New|Nor|2019-02-27|Using JkAutoAlias, Filenames with Spaces Cannot be|
+-+---+---+--+--+
| Total   20 bugs   |
+---+

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Bug report for Tomcat 7 [2019/06/16]

2019-06-16 Thread bugzilla
+---+
| Bugzilla Bug ID   |
| +-+
| | Status: UNC=Unconfirmed NEW=New ASS=Assigned|
| | OPN=ReopenedVER=Verified(Skipped Closed/Resolved)   |
| |   +-+
| |   | Severity: BLK=Blocker CRI=Critical  REG=Regression  MAJ=Major   |
| |   |   MIN=Minor   NOR=NormalENH=Enhancement TRV=Trivial |
| |   |   +-+
| |   |   | Date Posted |
| |   |   |  +--+
| |   |   |  | Description  |
| |   |   |  |  |
|50944|Ver|Blk|2011-03-18|JSF: java.lang.NullPointerException at com.sun.fac|
|53620|New|Enh|2012-07-30|[juli] delay opening a file until something gets l|
|55104|New|Enh|2013-06-16|Allow passing arguments with spaces to Commons Dae|
|55470|New|Enh|2013-08-23|Help users for ClassNotFoundExceptions during star|
|55477|New|Enh|2013-08-23|Add a solution to map an realm name to a security |
|56148|New|Enh|2014-02-17|support (multiple) ocsp stapling  |
|56181|New|Enh|2014-02-23|RemoteIpValve & RemoteIpFilter: HttpServletRequest|
|56300|New|Enh|2014-03-22|[Tribes] No useful examples, lack of documentation|
|56438|New|Enh|2014-04-21|If jar scan does not find context config or TLD co|
|56614|New|Enh|2014-06-12|Add a switch to ignore annotations detection on ta|
|56787|New|Enh|2014-07-29|Simplified jndi name parsing  |
|57367|New|Enh|2014-12-18|If JAR scan experiences a stack overflow, give the|
|57827|New|Enh|2015-04-17|Enable adding/removing of members via jmx in a sta|
|57872|New|Enh|2015-04-29|Do not auto-switch session cookie to version=1 due|
|57892|New|Enh|2015-05-05|Log once a warning if a symbolic link is ignored (|
|59716|New|Enh|2016-06-17|Allow JNDI configuration of CorsFilter|
|60597|New|Enh|2017-01-17|Add ability to set cipher suites for websocket cli|
|63167|New|Enh|2019-02-12|Network Requirements To Resolve No Members Active |
+-+---+---+--+--+
| Total   18 bugs   |
+---+

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



[Bug 63507] New: Tomcat not responding (in browser) after undeploying docs and examples application.

2019-06-15 Thread bugzilla
https://bz.apache.org/bugzilla/show_bug.cgi?id=63507

Bug ID: 63507
   Summary: Tomcat not responding (in browser) after undeploying
docs and examples application.
   Product: Tomcat 8
   Version: 8.5.37
  Hardware: PC
OS: Linux
Status: NEW
  Severity: critical
  Priority: P2
 Component: Catalina
  Assignee: dev@tomcat.apache.org
  Reporter: nazmus@gmail.com
  Target Milestone: 

For security reasons, I wanted to remove docs and examples application. So, at
first, I deleted both of their directories from the webapps directory. However,
the remaining applications (including manager app) were not responding in
browser (blank pages were being served), although the tomcat service was
running in the server. The logs were not showing anything.

Then I put back docs and examples directories in webapps directory, and things
were back again. Then, I tried to undeploy them using tomcat manager. The
undeployment works, but again I got blank screens for remaining applications.

I even tried restricting access to these two apps (docs and examples) using
valve and filters. And unfortunately, again the same issue: I get blank
screens.

Finally, I started with a clean installation. However, I get same result after
undeploying docs and examples.

Permission is not an issue, all contents belong to the tomcat user.

I am using Tomcat 8.5.37.

Operating System: Amazon Linux 4.14.88
Java version: 1.8.0_191-b12

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



[Bug 63505] enhancement - support of stored procedures for DataSourceRealm authentication

2019-06-14 Thread bugzilla
https://bz.apache.org/bugzilla/show_bug.cgi?id=63505

--- Comment #1 from Eugène Adell  ---
Created attachment 36628
  --> https://bz.apache.org/bugzilla/attachment.cgi?id=36628=edit
a new class implementing this enhancement

This class is based on DataSourceRealm source code (copy/paste of this file,
and adding/removing what seemed to be added/removed to me). It uses 2 StoPro
(obviously one for the credentials, one for the roles).

The StoPro names are given in the context file, for example :



The 2 procedures must of course be implemented on the DB, and respectively
return the password and the roles associated to the username sent as an
argument.

My tests are OK (Tomcat 9.0.21, MySQL 5.7.18, mysql-connector 5.1.40). Once the
SELECT grant revoked, the users cannot login anymore when using the
DataSourceRealm, and this new class DataSourceViaSPRealm allows logging in.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



[Bug 63505] enhancement - support of stored procedures for DataSourceRealm authentication

2019-06-14 Thread bugzilla
https://bz.apache.org/bugzilla/show_bug.cgi?id=63505

Eugène Adell  changed:

   What|Removed |Added

 CC||eugene.ad...@gmail.com

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



[Bug 63505] New: enhancement - support of stored procedures for DataSourceRealm authentication

2019-06-14 Thread bugzilla
https://bz.apache.org/bugzilla/show_bug.cgi?id=63505

Bug ID: 63505
   Summary: enhancement - support of stored procedures for
DataSourceRealm authentication
   Product: Tomcat 9
   Version: 9.0.x
  Hardware: All
OS: All
Status: NEW
  Severity: enhancement
  Priority: P2
 Component: Catalina
  Assignee: dev@tomcat.apache.org
  Reporter: eugene.ad...@gmail.com
  Target Milestone: -

hello,

I would like to add a new way to authenticate on a DataSourceRealm, using
stored procedures instead of identifying tables and column names.

I don't want to reopen a new debate about pros/cons on statements vs StoPro but
for any service user being confined to only use StoPro, it's a fact it won't be
able to use the DataSourceRealm as it is implemented now.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



[Bug 63500] Core dump using APR tomcat native with certificateRevocationListFile

2019-06-13 Thread bugzilla
https://bz.apache.org/bugzilla/show_bug.cgi?id=63500

--- Comment #5 from Bruno  ---
Created attachment 36625
  --> https://bz.apache.org/bugzilla/attachment.cgi?id=36625=edit
Native stack trace from core dump of same process with debuginfo

Installed the debug info and retrieved new native trace.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



[Bug 63500] Core dump using APR tomcat native with certificateRevocationListFile

2019-06-13 Thread bugzilla
https://bz.apache.org/bugzilla/show_bug.cgi?id=63500

--- Comment #4 from Bruno  ---
It does fail right at the beginning.

Attached the traces.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



[Bug 63500] Core dump using APR tomcat native with certificateRevocationListFile

2019-06-13 Thread bugzilla
https://bz.apache.org/bugzilla/show_bug.cgi?id=63500

--- Comment #3 from Bruno  ---
Created attachment 36624
  --> https://bz.apache.org/bugzilla/attachment.cgi?id=36624=edit
Native stack trace from core dump of same process

gdb java core
where
bt full

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



[Bug 63500] Core dump using APR tomcat native with certificateRevocationListFile

2019-06-13 Thread bugzilla
https://bz.apache.org/bugzilla/show_bug.cgi?id=63500

--- Comment #2 from Bruno  ---
Created attachment 36623
  --> https://bz.apache.org/bugzilla/attachment.cgi?id=36623=edit
Error report generated by the JVM

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



[Bug 63500] Core dump using APR tomcat native with certificateRevocationListFile

2019-06-13 Thread bugzilla
https://bz.apache.org/bugzilla/show_bug.cgi?id=63500

--- Comment #1 from Christopher Schultz  ---
Looks like this fails on startup. Can you enable core dumps, re-try, and get a
native stack trace of the error?

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



[Bug 63500] New: Core dump using APR tomcat native with certificateRevocationListFile

2019-06-13 Thread bugzilla
https://bz.apache.org/bugzilla/show_bug.cgi?id=63500

Bug ID: 63500
   Summary: Core dump using APR tomcat native with
certificateRevocationListFile
   Product: Tomcat 9
   Version: 9.0.21
  Hardware: PC
OS: Linux
Status: NEW
  Severity: normal
  Priority: P2
 Component: Connectors
  Assignee: dev@tomcat.apache.org
  Reporter: bruno.pmari...@gmail.com
  Target Milestone: -

I'm using tomcat 9.0.21 and tomcat-native 1.2.21 on top of CentOS 7.6.1810.

Current issue is this one from catalina.out:
-
13-Jun-2019 10:43:32.132 INFO [main]
org.apache.catalina.core.AprLifecycleListener.lifecycleEvent Loaded APR based
Apache Tomcat Native library [1.2.21] using APR version [1.4.8].
13-Jun-2019 10:43:32.135 INFO [main]
org.apache.catalina.core.AprLifecycleListener.lifecycleEvent APR capabilities:
IPv6 [true], sendfile [true], accept filters [false], random [true].
13-Jun-2019 10:43:32.135 INFO [main]
org.apache.catalina.core.AprLifecycleListener.lifecycleEvent APR/OpenSSL
configuration: useAprConnector [false], useOpenSSL [true]
13-Jun-2019 10:43:32.141 INFO [main]
org.apache.catalina.core.AprLifecycleListener.initializeSSL OpenSSL
successfully initialized [OpenSSL 1.0.2k-fips  26 Jan 2017]
13-Jun-2019 10:43:32.518 INFO [main] org.apache.coyote.AbstractProtocol.init
Initializing ProtocolHandler ["http-apr-2007"]
13-Jun-2019 10:43:32.545 INFO [main] org.apache.coyote.AbstractProtocol.init
Initializing ProtocolHandler ["https-openssl-apr-2008"]
#
# A fatal error has been detected by the Java Runtime Environment:
#
#  SIGSEGV (0xb) at pc=0x7f989117c860, pid=23986, tid=0x7f9910185700
#
# JRE version: OpenJDK Runtime Environment (8.0_191-b12) (build 1.8.0_191-b12)
# Java VM: OpenJDK 64-Bit Server VM (25.191-b12 mixed mode linux-amd64
compressed oops)
# Problematic frame:
# C  [libcrypto.so.10+0x168860]  X509_STORE_set_flags+0x0
#
# Failed to write core dump. Core dumps have been disabled. To enable core
dumping, try "ulimit -c unlimited" before starting Java again
#
# An error report file with more information is saved as:
# /opt/temp/java_error23986.log
#
# If you would like to submit a bug report, please visit:
#   http://bugreport.java.com/bugreport/crash.jsp
#
-

The crash log shows

-
Java frames: (J=compiled Java code, j=interpreted, Vv=VM code)
j 
org.apache.tomcat.jni.SSLContext.setCARevocation(JLjava/lang/String;Ljava/lang/String;)Z+0
j 
org.apache.tomcat.util.net.openssl.OpenSSLContext.addCertificate(Lorg/apache/tomcat/util/net/SSLHostConfigCertificate;)V+77
j 
org.apache.tomcat.util.net.openssl.OpenSSLContext.init([Ljavax/net/ssl/KeyManager;[Ljavax/net/ssl/TrustManager;Ljava/security/SecureRandom;)V+191
j 
org.apache.tomcat.util.net.SSLUtilBase.createSSLContext(Ljava/util/List;)Lorg/apache/tomcat/util/net/SSLContext;+16
j 
org.apache.tomcat.util.net.AprEndpoint.createSSLContext(Lorg/apache/tomcat/util/net/SSLHostConfig;)V+81
-

Which is the code
https://github.com/apache/tomcat-native/blob/7a20a500587dc92944dee05cee5b388ae8443842/native/src/sslcontext.c#L640

Connector configuration:
-


  

  

-

When I remove the line setting the revogation list,
"certificateRevocationListFile=\"/certs/server/x509_trusted.crl\"", it just
works. Same PEM file works in old tomcat-7.0.69 using also APR and tomcat
native.
Tried versions back until 9.0.17 with same issue. With 9.0.16 and 9.014 I have
different issue.

On tomcat 9.0.14 same setup worked but on shutdown I had a core dump. With
tomcat 9.0.16 same setup worked but on shutdown I had an even weird core dump.
Starting tomcat 9.0.17 it stopped starting. I noticed that tomcat native
changed from 1.2.19 to 1.2.21 when that happen.

Tested also building a tomcat-native with latest openssl and latest apr as
static linked in with same issue. So I assume it's not some weird library issue
but something else.

Happy to provide more data or even do other tests.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



[Bug 63487] WsSessionListener does not implement HttpSessionListener.sessionCreated

2019-06-12 Thread bugzilla
https://bz.apache.org/bugzilla/show_bug.cgi?id=63487

--- Comment #2 from Trevin Beattie  ---
Oh!  Sorry; I forgot about default interface methods.

I’ll need to debug the running application somehow to figure out if there’s a
conflicting API being loaded and how …

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



[Bug 58768] Add Logging to Response.sendRedirect

2019-06-12 Thread bugzilla
https://bz.apache.org/bugzilla/show_bug.cgi?id=58768

--- Comment #2 from david  ---
thanks.


http://www.winmilliongame.com
http://www.gtagame100.com
http://www.subway-game.com
http://www.zumagame100.com

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



[Bug 61120] Tomcat 8.5.15 with HTTP/2: URL path parameters lost

2019-06-12 Thread bugzilla
https://bz.apache.org/bugzilla/show_bug.cgi?id=61120

--- Comment #3 from sam zain  ---
This is CVE-2017-7675.


http://www.winmilliongame.com
http://www.gtagame100.com
http://www.subway-game.com
http://www.zumagame100.com

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



[Bug 58768] Add Logging to Response.sendRedirect

2019-06-12 Thread bugzilla
https://bz.apache.org/bugzilla/show_bug.cgi?id=58768

--- Comment #2 from sam zain  ---
Fixed in trunk for 9.0.0.M3 onwards, 8.0.x for 8.0.32 onwards and 7.0.x for
7.0.68 onwards.


http://www.winmilliongame.com
http://www.gtagame100.com
http://www.subway-game.com
http://www.zumagame100.com

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



[Bug 62343] CORS security: reflecting any origin header value when configured to * is dangerous

2019-06-12 Thread bugzilla
https://bz.apache.org/bugzilla/show_bug.cgi?id=62343

--- Comment #3 from sam zain  ---
this 's really useful. 

http://www.winmilliongame.com
http://www.gtagame100.com
http://www.subway-game.com
http://www.zumagame100.com

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



[Bug 63492] close_time No recovery

2019-06-12 Thread bugzilla
https://bz.apache.org/bugzilla/show_bug.cgi?id=63492

--- Comment #2 from ducklife  ---
The article is very meticulous and profound. It gives me quite a large amount
of knowledge. Great help for my work.

https://vex-3.com

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



[Bug 63492] close_time No recovery

2019-06-11 Thread bugzilla
https://bz.apache.org/bugzilla/show_bug.cgi?id=63492

Mark Thomas  changed:

   What|Removed |Added

 Status|NEW |RESOLVED
 Resolution|--- |INVALID

--- Comment #1 from Mark Thomas  ---
Bugzilla is not a support forum.

This is a topic for the users mailing list. It has also been discussed several
times previously. Those discussions are in the archives.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



[Bug 63493] enhancement - add JMX counters to monitor authentication and authorization

2019-06-10 Thread bugzilla
https://bz.apache.org/bugzilla/show_bug.cgi?id=63493

--- Comment #2 from Eugène Adell  ---
Created attachment 36619
  --> https://bz.apache.org/bugzilla/attachment.cgi?id=36619=edit
adds authentications counters at the Realm level

this is for DataSourceRealm, other realms should probably be modified the same
way

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



[Bug 63493] enhancement - add JMX counters to monitor authentication and authorization

2019-06-10 Thread bugzilla
https://bz.apache.org/bugzilla/show_bug.cgi?id=63493

--- Comment #1 from Eugène Adell  ---
Created attachment 36618
  --> https://bz.apache.org/bugzilla/attachment.cgi?id=36618=edit
adds authorizationDeniedCount at the GlobalRequestProcessor level

denied authorization counter, checks 403 return codes

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



[Bug 63493] enhancement - add JMX counters to monitor authentication and authorization

2019-06-10 Thread bugzilla
https://bz.apache.org/bugzilla/show_bug.cgi?id=63493

Eugène Adell  changed:

   What|Removed |Added

 CC||eugene.ad...@gmail.com

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



[Bug 63493] New: enhancement - add JMX counters to monitor authentication and authorization

2019-06-10 Thread bugzilla
https://bz.apache.org/bugzilla/show_bug.cgi?id=63493

Bug ID: 63493
   Summary: enhancement - add JMX counters to monitor
authentication and authorization
   Product: Tomcat 9
   Version: 9.0.x
  Hardware: All
OS: All
Status: NEW
  Severity: enhancement
  Priority: P2
 Component: Catalina
  Assignee: dev@tomcat.apache.org
  Reporter: eugene.ad...@gmail.com
  Target Milestone: -

As security monitoring becomes more professional (use of SIEM platforms) I
would like to give Tomcat some useful output.

We can easily monitor the authentication (success vs failure), and the
authorization (403 codes for any reason - after several authentication
failures, restricted system permissions, wrong client certificate,..)

This data could be exported as counters through JMX : number of succeeded
authentications, number of failed authentications, number denied
authorizations. It's up to the monitoring tool to compare with the total
traffic if it wants to have percentage values or guess if an attack in ongoing,
and it can achieve this with the help of other counters already implemented
(number of requests).

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Bug report for Tomcat Modules [2019/06/09]

2019-06-09 Thread bugzilla
+---+
| Bugzilla Bug ID   |
| +-+
| | Status: UNC=Unconfirmed NEW=New ASS=Assigned|
| | OPN=ReopenedVER=Verified(Skipped Closed/Resolved)   |
| |   +-+
| |   | Severity: BLK=Blocker CRI=Critical  REG=Regression  MAJ=Major   |
| |   |   MIN=Minor   NOR=NormalENH=Enhancement TRV=Trivial |
| |   |   +-+
| |   |   | Date Posted |
| |   |   |  +--+
| |   |   |  | Description  |
| |   |   |  |  |
|50571|Inf|Nor|2011-01-11|Tomcat 7 JDBC connection pool exception enhancemen|
|51595|Inf|Nor|2011-08-01|org.apache.tomcat.jdbc.pool.jmx.ConnectionPool sho|
|51879|Inf|Enh|2011-09-22|Improve access to Native Connection Methods   |
|52024|Inf|Enh|2011-10-13|Custom interceptor to support automatic failover o|
|53199|Inf|Enh|2012-05-07|Refactor ConnectionPool to use ScheduledExecutorSe|
|54437|New|Enh|2013-01-16|Update PoolProperties javadoc for ConnectState int|
|54929|Inf|Nor|2013-05-05|jdbc-pool cannot be used with Java 1.5, "java.lang|
|55078|New|Nor|2013-06-07|Configuring a DataSource Resource with dataSourceJ|
|55662|New|Enh|2013-10-17|Add a way to set an instance of java.sql.Driver di|
|56046|New|Enh|2014-01-21|org.apache.tomcat.jdbc.pool.XADataSource InitSQL p|
|56088|New|Maj|2014-01-29|AbstractQueryReport$StatementProxy throws exceptio|
|56310|Inf|Maj|2014-03-25|PooledConnection and XAConnection not handled corr|
|56586|New|Nor|2014-06-02|initSQL should be committed if defaultAutoCommit =|
|56775|New|Nor|2014-07-28|PoolCleanerTime schedule issue|
|56779|New|Nor|2014-07-28|Allow multiple connection initialization statement|
|56790|New|Nor|2014-07-29|Resizing pool.maxActive to a higher value at runti|
|56798|New|Nor|2014-07-31|Idle eviction strategy could perform better (and i|
|56804|New|Nor|2014-08-02|Use a default validationQueryTimeout other than "f|
|56805|New|Nor|2014-08-02|datasource.getConnection() may be unnecessarily bl|
|56837|New|Nor|2014-08-11|if validationQuery have error with timeBetweenEvic|
|56970|New|Nor|2014-09-11|MaxActive vs. MaxTotal for commons-dbcp and tomcat|
|56974|New|Nor|2014-09-12|jdbc-pool validation query defaultAutoCommit statu|
|57460|New|Nor|2015-01-19|[DB2]Connection broken after few hours but not rem|
|57729|New|Enh|2015-03-20|Add QueryExecutionReportInterceptor to log query e|
|58489|Opn|Maj|2015-10-08|QueryStatsComparator throws IllegalArgumentExcepti|
|59077|New|Nor|2016-02-26|DataSourceFactory creates a neutered data source  |
|59569|New|Nor|2016-05-18|isWrapperFor/unwrap implementations incorrect |
|59879|New|Nor|2016-07-18|StatementCache interceptor returns ResultSet objec|
|60195|New|Nor|2016-10-02|No javadoc in Maven Central   |
|60522|New|Nor|2016-12-27|An option for setting if the transaction should be|
|60524|Inf|Nor|2016-12-28|NPE in SlowQueryReport in tomcat-jdbc-7.0.68  |
|60645|New|Nor|2017-01-25|StatementFinalizer is not thread-safe |
|61032|New|Nor|2017-04-24|min pool size is not being respected  |
|61103|New|Nor|2017-05-18|StatementCache potentially caching non-functional |
|61302|New|Enh|2017-07-15|Refactoring of DataSourceProxy|
|61303|New|Enh|2017-07-15|Refactoring of ConnectionPool |
|62432|New|Nor|2018-06-06|Memory Leak in Statement Finalizer?   |
|62598|New|Enh|2018-08-04|support pool with multiple JDBC data sources  |
|62910|Inf|Nor|2018-11-15|tomcat-jdbc global pool transaction problem   |
+-+---+---+--+--+
| Total   39 bugs   |
+---+

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Bug report for Tomcat 9 [2019/06/09]

2019-06-09 Thread bugzilla
+---+
| Bugzilla Bug ID   |
| +-+
| | Status: UNC=Unconfirmed NEW=New ASS=Assigned|
| | OPN=ReopenedVER=Verified(Skipped Closed/Resolved)   |
| |   +-+
| |   | Severity: BLK=Blocker CRI=Critical  REG=Regression  MAJ=Major   |
| |   |   MIN=Minor   NOR=NormalENH=Enhancement TRV=Trivial |
| |   |   +-+
| |   |   | Date Posted |
| |   |   |  +--+
| |   |   |  | Description  |
| |   |   |  |  |
|57505|New|Enh|2015-01-27|Add integration tests for JspC|
|57661|New|Enh|2015-03-04|Delay sending of 100 continue response until appli|
|58242|New|Enh|2015-08-13|Scanning jars in classpath to get annotations in p|
|58530|New|Enh|2015-10-23|Proposal for new Manager HTML GUI |
|58548|New|Enh|2015-10-26|support certifcate transparency   |
|58859|New|Enh|2016-01-14|Allow to limit charsets / encodings supported by T|
|59203|New|Enh|2016-03-21|Try to call Thread.interrupt before calling Thread|
|59344|Ver|Enh|2016-04-18|PEM file support for JSSE |
|59750|New|Enh|2016-06-24|Amend "authenticate" method with context by means |
|59901|New|Enh|2016-07-26|Reduce I/O associated with JSP compilation|
|60997|New|Enh|2017-04-17|Enhance SemaphoreValve to support denied status an|
|61971|New|Enh|2018-01-06|documentation for using tomcat with systemd   |
|62048|New|Enh|2018-01-25|Missing logout function in Manager and Host-Manage|
|62072|New|Enh|2018-02-01|Add support for request compression   |
|62140|New|Enh|2018-02-27|catalina.sh should document the verbs it accepts a|
|62312|New|Enh|2018-04-18|Add Proxy Authentication support to websocket clie|
|62405|New|Enh|2018-05-23|Add Rereadable Request Filter |
|62488|New|Enh|2018-06-25|Obtain dependencies from Maven Central where possi|
|62611|New|Enh|2018-08-09|Compress log files after rotation |
|62695|Inf|Nor|2018-09-07|Provide sha512 checksums for Tomcat releases publi|
|62696|New|Enh|2018-09-07|Consider use of sha256 for signing of .exe files o|
|62723|New|Enh|2018-09-14|Clarify "channelSendOptions" value in cluster docu|
|62773|New|Enh|2018-09-28|Change DeltaManager to handle session deserializat|
|62814|New|Enh|2018-10-10|Use readable names for cluster channel/map options|
|62843|New|Enh|2018-10-22|Tomcat Russian localization   |
|62920|New|Enh|2018-11-17|Maven Plugin For Tomcat 9.0.x |
|62964|New|Enh|2018-11-29|Add RFC7807 conformant Problem Details for HTTP st|
|63023|New|Enh|2018-12-20|Provide a way to load SecurityProviders into the s|
|63049|New|Enh|2018-12-31|Add support in system properties override from com|
|63191|Inf|Nor|2019-02-20|RemoteEndpoint.Async#sendText(String, SendHandler)|
|63237|New|Enh|2019-03-06|Consider processing mbeans-descriptors.xml at comp|
|63310|New|Nor|2019-04-02|Update Commons Daemon for improved Java 11 support|
|63362|New|Enh|2019-04-18|GlobalRequestProcessor statistics in MBean does no|
|63389|New|Enh|2019-04-27|Enable Servlet Warmup for Containerization|
+-+---+---+--+--+
| Total   34 bugs   |
+---+

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Bug report for Tomcat 8 [2019/06/09]

2019-06-09 Thread bugzilla
+---+
| Bugzilla Bug ID   |
| +-+
| | Status: UNC=Unconfirmed NEW=New ASS=Assigned|
| | OPN=ReopenedVER=Verified(Skipped Closed/Resolved)   |
| |   +-+
| |   | Severity: BLK=Blocker CRI=Critical  REG=Regression  MAJ=Major   |
| |   |   MIN=Minor   NOR=NormalENH=Enhancement TRV=Trivial |
| |   |   +-+
| |   |   | Date Posted |
| |   |   |  +--+
| |   |   |  | Description  |
| |   |   |  |  |
|55243|New|Enh|2013-07-11|Add special search string for nested roles|
|55252|New|Enh|2013-07-12|Separate Ant and command-line wrappers for JspC   |
|55383|New|Enh|2013-08-07|Improve markup and design of Tomcat's HTML pages  |
|9|New|Enh|2013-09-14|UserDatabaseRealm enhacement: may use local JNDI  |
|55675|New|Enh|2013-10-18|Checking and handling invalid configuration option|
|55788|New|Enh|2013-11-16|TagPlugins should key on tag QName rather than imp|
|55969|New|Enh|2014-01-07|Security-related enhancements to the Windows Insta|
|56166|New|Enh|2014-02-20|Suggestions for exception handling (avoid potentia|
|56361|New|Enh|2014-04-08|org.apache.tomcat.websocket.WsWebSocketContainer#b|
|56398|New|Enh|2014-04-11|Support Arquillian-based unit testing |
|56399|New|Enh|2014-04-11|Re-factor request/response recycling so Coyote and|
|56402|New|Enh|2014-04-11|Add support for HTTP Upgrade to AJP components|
|56448|New|Enh|2014-04-23|Implement a robust solution for client initiated S|
|56522|Opn|Enh|2014-05-14|jasper-el 8 does not comply to EL Spec 3.0 regardi|
|56546|New|Enh|2014-05-19|Improve thread trace logging in WebappClassLoader.|
|56713|New|Enh|2014-07-12|Limit time that incoming request waits while webap|
|56724|New|Enh|2014-07-15|Restart Container background thread if it died une|
|56890|Inf|Maj|2014-08-26|getRealPath returns null  |
|56966|New|Enh|2014-09-11|AccessLogValve's elapsed time has 15ms precision o|
|57130|New|Enh|2014-10-22|Allow digest.sh to accept password from a file or |
|57421|New|Enh|2015-01-07|Farming default directories   |
|57486|New|Enh|2015-01-23|Improve reuse of ProtectedFunctionMapper instances|
|57665|New|Enh|2015-03-05|support x-forwarded-host  |
|57701|New|Enh|2015-03-13|Implement "[Redeploy]" button for a web applicatio|
|57830|New|Enh|2015-04-18|Add support for ProxyProtocol |
|58052|Opn|Enh|2015-06-19|RewriteValve: Implement additional RewriteRule dir|
|58072|New|Enh|2015-06-23|ECDH curve selection  |
|58143|Opn|Enh|2015-07-15|The WebppClassLoader doesn't call transformers on |
|58577|New|Enh|2015-11-03|JMX Proxy Servlet can't handle overloaded methods |
|58837|New|Enh|2016-01-12|support "X-Content-Security-Policy" a.k.a as "CSP"|
|58935|Opn|Enh|2016-01-29|Re-deploy from war without deleting context   |
|59232|New|Enh|2016-03-24|Make the context name of an app available via JNDI|
|59423|New|Enh|2016-05-03|amend "No LoginModules configured for ..." with hi|
|59758|New|Enh|2016-06-27|Add http proxy username-password credentials suppo|
|60281|Ver|Nor|2016-10-20|Pathname of uploaded WAR file should not be contai|
|60721|Ver|Nor|2017-02-10|Unable to find key spec if more applications use b|
|60781|New|Nor|2017-02-27|Access Log Valve does not escape the same as mod_l|
|60849|New|Enh|2017-03-13|Tomcat NIO Connector not able to handle SSL renego|
|61668|Ver|Min|2017-10-26|Possible NullPointerException in org.apache.coyote|
|61877|New|Enh|2017-12-08|use web.xml from CATALINA_HOME by default |
|61917|New|Enh|2017-12-19|AddDefaultCharsetFilter only supports text/* respo|
|62150|New|Enh|2018-03-01|Behavior of relative paths with RequestDispatcher |
|62214|New|Enh|2018-03-22|The "userSubtree=true" and "roleSubtree=true" in J|
|62245|New|Enh|2018-04-02|[Documentation] Mention contextXsltFile in Default|
|62496|New|Enh|2018-06-27|Add possibility write remote user/auth type to res|
|62912|New|Enh|2018-11-15|Tomcat adds a space character in the Content-Type |
|63080|New|Enh|2019-01-16|Support rfc7239 Forwarded header  |
|63195|Inf|Enh|2019-02-21|Add easy way to test RemoteIpValve works properly |
|63285|New|Nor|2019-03-25|service.bat does not handle changed "Windows Servi|
|63286|New|Enh|2019-03-25|Inconsistencies between AccessLogVa

Bug report for Taglibs [2019/06/09]

2019-06-09 Thread bugzilla
+---+
| Bugzilla Bug ID   |
| +-+
| | Status: UNC=Unconfirmed NEW=New ASS=Assigned|
| | OPN=ReopenedVER=Verified(Skipped Closed/Resolved)   |
| |   +-+
| |   | Severity: BLK=Blocker CRI=Critical  REG=Regression  MAJ=Major   |
| |   |   MIN=Minor   NOR=NormalENH=Enhancement TRV=Trivial |
| |   |   +-+
| |   |   | Date Posted |
| |   |   |  +--+
| |   |   |  | Description  |
| |   |   |  |  |
|38193|Ass|Enh|2006-01-09|[RDC] BuiltIn Grammar support for Field   |
|38600|Ass|Enh|2006-02-10|[RDC] Enable RDCs to be used in X+V markup (X+RDC)|
|42413|New|Enh|2007-05-14|[PATCH] Log Taglib enhancements   |
|46052|New|Nor|2008-10-21|SetLocaleSupport is slow to initialize when many l|
|48333|New|Enh|2009-12-02|TLD generator |
|57548|New|Min|2015-02-08|Auto-generate the value for org.apache.taglibs.sta|
|57684|New|Min|2015-03-10|Version info should be taken from project version |
|59359|New|Enh|2016-04-20|(Task) Extend validity period for signing KEY - be|
|59668|New|Nor|2016-06-06|x:forEach retains the incorrect scope when used in|
|61875|New|Nor|2017-12-08|Investigate whether Xalan can be removed  |
+-+---+---+--+--+
| Total   10 bugs   |
+---+

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Bug report for Tomcat 7 [2019/06/09]

2019-06-09 Thread bugzilla
+---+
| Bugzilla Bug ID   |
| +-+
| | Status: UNC=Unconfirmed NEW=New ASS=Assigned|
| | OPN=ReopenedVER=Verified(Skipped Closed/Resolved)   |
| |   +-+
| |   | Severity: BLK=Blocker CRI=Critical  REG=Regression  MAJ=Major   |
| |   |   MIN=Minor   NOR=NormalENH=Enhancement TRV=Trivial |
| |   |   +-+
| |   |   | Date Posted |
| |   |   |  +--+
| |   |   |  | Description  |
| |   |   |  |  |
|50944|Ver|Blk|2011-03-18|JSF: java.lang.NullPointerException at com.sun.fac|
|53620|New|Enh|2012-07-30|[juli] delay opening a file until something gets l|
|55104|New|Enh|2013-06-16|Allow passing arguments with spaces to Commons Dae|
|55470|New|Enh|2013-08-23|Help users for ClassNotFoundExceptions during star|
|55477|New|Enh|2013-08-23|Add a solution to map an realm name to a security |
|56148|New|Enh|2014-02-17|support (multiple) ocsp stapling  |
|56181|New|Enh|2014-02-23|RemoteIpValve & RemoteIpFilter: HttpServletRequest|
|56300|New|Enh|2014-03-22|[Tribes] No useful examples, lack of documentation|
|56438|New|Enh|2014-04-21|If jar scan does not find context config or TLD co|
|56614|New|Enh|2014-06-12|Add a switch to ignore annotations detection on ta|
|56787|New|Enh|2014-07-29|Simplified jndi name parsing  |
|57367|New|Enh|2014-12-18|If JAR scan experiences a stack overflow, give the|
|57827|New|Enh|2015-04-17|Enable adding/removing of members via jmx in a sta|
|57872|New|Enh|2015-04-29|Do not auto-switch session cookie to version=1 due|
|57892|New|Enh|2015-05-05|Log once a warning if a symbolic link is ignored (|
|59716|New|Enh|2016-06-17|Allow JNDI configuration of CorsFilter|
|60597|New|Enh|2017-01-17|Add ability to set cipher suites for websocket cli|
|63167|New|Enh|2019-02-12|Network Requirements To Resolve No Members Active |
+-+---+---+--+--+
| Total   18 bugs   |
+---+

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Bug report for Tomcat Native [2019/06/09]

2019-06-09 Thread bugzilla
+---+
| Bugzilla Bug ID   |
| +-+
| | Status: UNC=Unconfirmed NEW=New ASS=Assigned|
| | OPN=ReopenedVER=Verified(Skipped Closed/Resolved)   |
| |   +-+
| |   | Severity: BLK=Blocker CRI=Critical  REG=Regression  MAJ=Major   |
| |   |   MIN=Minor   NOR=NormalENH=Enhancement TRV=Trivial |
| |   |   +-+
| |   |   | Date Posted |
| |   |   |  +--+
| |   |   |  | Description  |
| |   |   |  |  |
|53940|New|Enh|2012-09-27|Added support for new CRL loading after expiration|
|57815|New|Enh|2015-04-15|Improve error message when OpenSSL does not suppor|
|59286|New|Nor|2016-04-07|Socket binding failures when using APR|
|62626|Inf|Nor|2018-08-15|Tomcat 9.0.10 APR/Native crashes  |
|62911|New|Enh|2018-11-15|Add support for proxying ocsp  requests via ProxyH|
|63159|New|Nor|2019-02-08|Problem with native/Makefile.in introduced with na|
|63199|New|Nor|2019-02-22|sslsocket handshake JVM crash |
|63356|Opn|Maj|2019-04-16|OCSP_parse_url error while parsing Authority Infor|
|63405|New|Nor|2019-05-06|Tomcat 7.0.91.0 EXCEPTION_ACCESS_VIOLATION - Probl|
+-+---+---+--+--+
| Total9 bugs   |
+---+

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Bug report for Tomcat Connectors [2019/06/09]

2019-06-09 Thread bugzilla
+---+
| Bugzilla Bug ID   |
| +-+
| | Status: UNC=Unconfirmed NEW=New ASS=Assigned|
| | OPN=ReopenedVER=Verified(Skipped Closed/Resolved)   |
| |   +-+
| |   | Severity: BLK=Blocker CRI=Critical  REG=Regression  MAJ=Major   |
| |   |   MIN=Minor   NOR=NormalENH=Enhancement TRV=Trivial |
| |   |   +-+
| |   |   | Date Posted |
| |   |   |  +--+
| |   |   |  | Description  |
| |   |   |  |  |
|46767|New|Enh|2009-02-25|mod_jk to send DECLINED in case no fail-over tomca|
|47327|New|Enh|2009-06-07|Return tomcat authenticated user back to mod_jk (A|
|47750|New|Maj|2009-08-27|ISAPI: Loss of worker settings when changing via j|
|47795|New|Maj|2009-09-07|service sticky_session not being set correctly wit|
|48830|New|Nor|2010-03-01|IIS shutdown blocked in endpoint service when serv|
|49822|New|Enh|2010-08-25|Add hash lb worker method |
|49903|New|Enh|2010-09-09|Make workers file reloadable  |
|52483|New|Enh|2012-01-18|Print JkOptions's options in log file and jkstatus|
|53883|Inf|Maj|2012-09-17|isapi_redirect v 1.2.37 crashes w3wp.exe  on the p|
|54621|New|Enh|2013-02-28|[PATCH] custom mod_jk availability checks |
|56489|New|Enh|2014-05-05|Include a directory for configuration files   |
|56576|New|Enh|2014-05-29|Websocket support |
|57402|New|Enh|2014-12-30|Provide correlation ID between mod_jk log and acce|
|57403|New|Enh|2014-12-30|Persist configuration changes made via status work|
|57407|New|Enh|2014-12-31|Make session_cookie, session_path and session_cook|
|57790|New|Enh|2015-04-03|Check worker names for typos  |
|61476|New|Enh|2017-09-01|Allow reset of an individual worker stat value|
|61621|New|Enh|2017-10-15|Content-Type is forced to lowercase when it goes t|
|62093|New|Enh|2018-02-09|Allow use_server_errors to apply to specific statu|
|63214|New|Nor|2019-02-27|Using JkAutoAlias, Filenames with Spaces Cannot be|
+-+---+---+--+--+
| Total   20 bugs   |
+---+

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



[Bug 63492] New: close_time No recovery

2019-06-08 Thread bugzilla
https://bz.apache.org/bugzilla/show_bug.cgi?id=63492

Bug ID: 63492
   Summary: close_time No recovery
   Product: Tomcat 8
   Version: 8.5.41
  Hardware: All
OS: Linux
Status: NEW
  Severity: critical
  Priority: P2
 Component: WebSocket
  Assignee: dev@tomcat.apache.org
  Reporter: 364816...@qq.com
  Target Milestone: 

Created attachment 36614
  --> https://bz.apache.org/bugzilla/attachment.cgi?id=36614=edit
This is a Linux abnormal screenshot

My web service running on the server, appear close_time but over the past few
hours close_time is not recycled, it tried to modify the Linux kernel is
useless, can only restart the tomcat server, please? How to deal with this
problem?(I configure SSL) close_time are at port 443, whether service bug

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



[Bug 63487] WsSessionListener does not implement HttpSessionListener.sessionCreated

2019-06-06 Thread bugzilla
https://bz.apache.org/bugzilla/show_bug.cgi?id=63487

Remy Maucherat  changed:

   What|Removed |Added

 Status|NEW |RESOLVED
 Resolution|--- |INVALID

--- Comment #1 from Remy Maucherat  ---
You have a Servlet API problem. If something is impossible like not failing to
compile, then something is up.

public interface HttpSessionListener extends EventListener {
public default void sessionCreated(HttpSessionEvent se) {
}
public default void sessionDestroyed(HttpSessionEvent se) {
}
}

This is why it now works without the noop sessionCreated in Tomcat 9.0.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



[Bug 63487] New: WsSessionListener does not implement HttpSessionListener.sessionCreated

2019-06-06 Thread bugzilla
https://bz.apache.org/bugzilla/show_bug.cgi?id=63487

Bug ID: 63487
   Summary: WsSessionListener does not implement
HttpSessionListener.sessionCreated
   Product: Tomcat 9
   Version: 9.0.17
  Hardware: PC
OS: Linux
Status: NEW
  Severity: regression
  Priority: P2
 Component: Servlet
  Assignee: dev@tomcat.apache.org
  Reporter: trevin.beat...@gigsternetwork.com
  Target Milestone: -

Our application is logging the following exception repeatedly:

java.lang.AbstractMethodError:
org.apache.tomcat.websocket.server.WsSessionListener.sessionCreated(Ljavax/servlet/http/HttpSessionEvent;)V
 at
org.apache.catalina.session.StandardSession.tellNew(StandardSession.java:388)
 at org.apache.catalina.session.StandardSession.setId(StandardSession.java:360)
 at org.apache.catalina.session.StandardSession.setId(StandardSession.java:341)
 at org.apache.catalina.session.ManagerBase.createSession(ManagerBase.java:686)
 at org.apache.catalina.connector.Request.doGetSession(Request.java:3027)
…

This does not appear to impact the usability of the application, but it is
generating a lot of output to the log file and we are running into issues with
disk space.  I checked the source code, and found that while WsSessionListener
claims to implement javax.servlet.http.HttpSessionListener, it does not
implement the sessionCreated method.

In Tomcat 8.5, sessionCreated WAS implemented (as a no-op).

I don’t see how WsSessionListener could have compiled without implementing all
of HttpSessionListener’s methods, but that is what’s causing the
AbstractMethodError.

I checked versions 9.0.20 and 9.0.1 of the source code as well, and it appears
neither HttpSessionListener.java nor WsSessionListener.java have changed in all
those revisions.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



[Bug 59750] Amend "authenticate" method with context by means of HttpServletRequest

2019-06-06 Thread bugzilla
https://bz.apache.org/bugzilla/show_bug.cgi?id=59750

--- Comment #14 from jerry  ---
Technical side of the main subject. For example Tomcat F14 Fighter Jet.
The specification of a Tomcat will be a good reference.
The complication of the machine and material. 
Will come in handle for us to digest in the long run.
Project basic Etc
In term of troubleshooting And Upgrading.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Bug report for Tomcat 8 [2019/06/02]

2019-06-02 Thread bugzilla
+---+
| Bugzilla Bug ID   |
| +-+
| | Status: UNC=Unconfirmed NEW=New ASS=Assigned|
| | OPN=ReopenedVER=Verified(Skipped Closed/Resolved)   |
| |   +-+
| |   | Severity: BLK=Blocker CRI=Critical  REG=Regression  MAJ=Major   |
| |   |   MIN=Minor   NOR=NormalENH=Enhancement TRV=Trivial |
| |   |   +-+
| |   |   | Date Posted |
| |   |   |  +--+
| |   |   |  | Description  |
| |   |   |  |  |
|55243|New|Enh|2013-07-11|Add special search string for nested roles|
|55252|New|Enh|2013-07-12|Separate Ant and command-line wrappers for JspC   |
|55383|New|Enh|2013-08-07|Improve markup and design of Tomcat's HTML pages  |
|9|New|Enh|2013-09-14|UserDatabaseRealm enhacement: may use local JNDI  |
|55675|New|Enh|2013-10-18|Checking and handling invalid configuration option|
|55788|New|Enh|2013-11-16|TagPlugins should key on tag QName rather than imp|
|55969|New|Enh|2014-01-07|Security-related enhancements to the Windows Insta|
|56166|New|Enh|2014-02-20|Suggestions for exception handling (avoid potentia|
|56361|New|Enh|2014-04-08|org.apache.tomcat.websocket.WsWebSocketContainer#b|
|56398|New|Enh|2014-04-11|Support Arquillian-based unit testing |
|56399|New|Enh|2014-04-11|Re-factor request/response recycling so Coyote and|
|56402|New|Enh|2014-04-11|Add support for HTTP Upgrade to AJP components|
|56448|New|Enh|2014-04-23|Implement a robust solution for client initiated S|
|56522|Opn|Enh|2014-05-14|jasper-el 8 does not comply to EL Spec 3.0 regardi|
|56546|New|Enh|2014-05-19|Improve thread trace logging in WebappClassLoader.|
|56713|New|Enh|2014-07-12|Limit time that incoming request waits while webap|
|56724|New|Enh|2014-07-15|Restart Container background thread if it died une|
|56890|Inf|Maj|2014-08-26|getRealPath returns null  |
|56966|New|Enh|2014-09-11|AccessLogValve's elapsed time has 15ms precision o|
|57130|New|Enh|2014-10-22|Allow digest.sh to accept password from a file or |
|57421|New|Enh|2015-01-07|Farming default directories   |
|57486|New|Enh|2015-01-23|Improve reuse of ProtectedFunctionMapper instances|
|57665|New|Enh|2015-03-05|support x-forwarded-host  |
|57701|New|Enh|2015-03-13|Implement "[Redeploy]" button for a web applicatio|
|57830|New|Enh|2015-04-18|Add support for ProxyProtocol |
|58052|Opn|Enh|2015-06-19|RewriteValve: Implement additional RewriteRule dir|
|58072|New|Enh|2015-06-23|ECDH curve selection  |
|58143|Opn|Enh|2015-07-15|The WebppClassLoader doesn't call transformers on |
|58577|New|Enh|2015-11-03|JMX Proxy Servlet can't handle overloaded methods |
|58837|New|Enh|2016-01-12|support "X-Content-Security-Policy" a.k.a as "CSP"|
|58935|Opn|Enh|2016-01-29|Re-deploy from war without deleting context   |
|59232|New|Enh|2016-03-24|Make the context name of an app available via JNDI|
|59423|New|Enh|2016-05-03|amend "No LoginModules configured for ..." with hi|
|59758|New|Enh|2016-06-27|Add http proxy username-password credentials suppo|
|60281|Ver|Nor|2016-10-20|Pathname of uploaded WAR file should not be contai|
|60721|Ver|Nor|2017-02-10|Unable to find key spec if more applications use b|
|60781|New|Nor|2017-02-27|Access Log Valve does not escape the same as mod_l|
|60849|New|Enh|2017-03-13|Tomcat NIO Connector not able to handle SSL renego|
|61668|Ver|Min|2017-10-26|Possible NullPointerException in org.apache.coyote|
|61877|New|Enh|2017-12-08|use web.xml from CATALINA_HOME by default |
|61917|New|Enh|2017-12-19|AddDefaultCharsetFilter only supports text/* respo|
|62150|New|Enh|2018-03-01|Behavior of relative paths with RequestDispatcher |
|62214|New|Enh|2018-03-22|The "userSubtree=true" and "roleSubtree=true" in J|
|62245|New|Enh|2018-04-02|[Documentation] Mention contextXsltFile in Default|
|62496|New|Enh|2018-06-27|Add possibility write remote user/auth type to res|
|62912|New|Enh|2018-11-15|Tomcat adds a space character in the Content-Type |
|63080|New|Enh|2019-01-16|Support rfc7239 Forwarded header  |
|63195|Inf|Enh|2019-02-21|Add easy way to test RemoteIpValve works properly |
|63285|New|Nor|2019-03-25|service.bat does not handle changed "Windows Servi|
|63286|New|

Bug report for Tomcat Connectors [2019/06/02]

2019-06-02 Thread bugzilla
+---+
| Bugzilla Bug ID   |
| +-+
| | Status: UNC=Unconfirmed NEW=New ASS=Assigned|
| | OPN=ReopenedVER=Verified(Skipped Closed/Resolved)   |
| |   +-+
| |   | Severity: BLK=Blocker CRI=Critical  REG=Regression  MAJ=Major   |
| |   |   MIN=Minor   NOR=NormalENH=Enhancement TRV=Trivial |
| |   |   +-+
| |   |   | Date Posted |
| |   |   |  +--+
| |   |   |  | Description  |
| |   |   |  |  |
|46767|New|Enh|2009-02-25|mod_jk to send DECLINED in case no fail-over tomca|
|47327|New|Enh|2009-06-07|Return tomcat authenticated user back to mod_jk (A|
|47750|New|Maj|2009-08-27|ISAPI: Loss of worker settings when changing via j|
|47795|New|Maj|2009-09-07|service sticky_session not being set correctly wit|
|48830|New|Nor|2010-03-01|IIS shutdown blocked in endpoint service when serv|
|49822|New|Enh|2010-08-25|Add hash lb worker method |
|49903|New|Enh|2010-09-09|Make workers file reloadable  |
|52483|New|Enh|2012-01-18|Print JkOptions's options in log file and jkstatus|
|53883|Inf|Maj|2012-09-17|isapi_redirect v 1.2.37 crashes w3wp.exe  on the p|
|54621|New|Enh|2013-02-28|[PATCH] custom mod_jk availability checks |
|56489|New|Enh|2014-05-05|Include a directory for configuration files   |
|56576|New|Enh|2014-05-29|Websocket support |
|57402|New|Enh|2014-12-30|Provide correlation ID between mod_jk log and acce|
|57403|New|Enh|2014-12-30|Persist configuration changes made via status work|
|57407|New|Enh|2014-12-31|Make session_cookie, session_path and session_cook|
|57790|New|Enh|2015-04-03|Check worker names for typos  |
|61476|New|Enh|2017-09-01|Allow reset of an individual worker stat value|
|61621|New|Enh|2017-10-15|Content-Type is forced to lowercase when it goes t|
|62093|New|Enh|2018-02-09|Allow use_server_errors to apply to specific statu|
|63214|New|Nor|2019-02-27|Using JkAutoAlias, Filenames with Spaces Cannot be|
+-+---+---+--+--+
| Total   20 bugs   |
+---+

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Bug report for Taglibs [2019/06/02]

2019-06-02 Thread bugzilla
+---+
| Bugzilla Bug ID   |
| +-+
| | Status: UNC=Unconfirmed NEW=New ASS=Assigned|
| | OPN=ReopenedVER=Verified(Skipped Closed/Resolved)   |
| |   +-+
| |   | Severity: BLK=Blocker CRI=Critical  REG=Regression  MAJ=Major   |
| |   |   MIN=Minor   NOR=NormalENH=Enhancement TRV=Trivial |
| |   |   +-+
| |   |   | Date Posted |
| |   |   |  +--+
| |   |   |  | Description  |
| |   |   |  |  |
|38193|Ass|Enh|2006-01-09|[RDC] BuiltIn Grammar support for Field   |
|38600|Ass|Enh|2006-02-10|[RDC] Enable RDCs to be used in X+V markup (X+RDC)|
|42413|New|Enh|2007-05-14|[PATCH] Log Taglib enhancements   |
|46052|New|Nor|2008-10-21|SetLocaleSupport is slow to initialize when many l|
|48333|New|Enh|2009-12-02|TLD generator |
|57548|New|Min|2015-02-08|Auto-generate the value for org.apache.taglibs.sta|
|57684|New|Min|2015-03-10|Version info should be taken from project version |
|59359|New|Enh|2016-04-20|(Task) Extend validity period for signing KEY - be|
|59668|New|Nor|2016-06-06|x:forEach retains the incorrect scope when used in|
|61875|New|Nor|2017-12-08|Investigate whether Xalan can be removed  |
+-+---+---+--+--+
| Total   10 bugs   |
+---+

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Bug report for Tomcat 7 [2019/06/02]

2019-06-02 Thread bugzilla
+---+
| Bugzilla Bug ID   |
| +-+
| | Status: UNC=Unconfirmed NEW=New ASS=Assigned|
| | OPN=ReopenedVER=Verified(Skipped Closed/Resolved)   |
| |   +-+
| |   | Severity: BLK=Blocker CRI=Critical  REG=Regression  MAJ=Major   |
| |   |   MIN=Minor   NOR=NormalENH=Enhancement TRV=Trivial |
| |   |   +-+
| |   |   | Date Posted |
| |   |   |  +--+
| |   |   |  | Description  |
| |   |   |  |  |
|50944|Ver|Blk|2011-03-18|JSF: java.lang.NullPointerException at com.sun.fac|
|53620|New|Enh|2012-07-30|[juli] delay opening a file until something gets l|
|55104|New|Enh|2013-06-16|Allow passing arguments with spaces to Commons Dae|
|55470|New|Enh|2013-08-23|Help users for ClassNotFoundExceptions during star|
|55477|New|Enh|2013-08-23|Add a solution to map an realm name to a security |
|56148|New|Enh|2014-02-17|support (multiple) ocsp stapling  |
|56181|New|Enh|2014-02-23|RemoteIpValve & RemoteIpFilter: HttpServletRequest|
|56300|New|Enh|2014-03-22|[Tribes] No useful examples, lack of documentation|
|56438|New|Enh|2014-04-21|If jar scan does not find context config or TLD co|
|56614|New|Enh|2014-06-12|Add a switch to ignore annotations detection on ta|
|56787|New|Enh|2014-07-29|Simplified jndi name parsing  |
|57367|New|Enh|2014-12-18|If JAR scan experiences a stack overflow, give the|
|57827|New|Enh|2015-04-17|Enable adding/removing of members via jmx in a sta|
|57872|New|Enh|2015-04-29|Do not auto-switch session cookie to version=1 due|
|57892|New|Enh|2015-05-05|Log once a warning if a symbolic link is ignored (|
|59716|New|Enh|2016-06-17|Allow JNDI configuration of CorsFilter|
|60597|New|Enh|2017-01-17|Add ability to set cipher suites for websocket cli|
|63167|New|Enh|2019-02-12|Network Requirements To Resolve No Members Active |
+-+---+---+--+--+
| Total   18 bugs   |
+---+

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Bug report for Tomcat Modules [2019/06/02]

2019-06-02 Thread bugzilla
+---+
| Bugzilla Bug ID   |
| +-+
| | Status: UNC=Unconfirmed NEW=New ASS=Assigned|
| | OPN=ReopenedVER=Verified(Skipped Closed/Resolved)   |
| |   +-+
| |   | Severity: BLK=Blocker CRI=Critical  REG=Regression  MAJ=Major   |
| |   |   MIN=Minor   NOR=NormalENH=Enhancement TRV=Trivial |
| |   |   +-+
| |   |   | Date Posted |
| |   |   |  +--+
| |   |   |  | Description  |
| |   |   |  |  |
|50571|Inf|Nor|2011-01-11|Tomcat 7 JDBC connection pool exception enhancemen|
|51595|Inf|Nor|2011-08-01|org.apache.tomcat.jdbc.pool.jmx.ConnectionPool sho|
|51879|Inf|Enh|2011-09-22|Improve access to Native Connection Methods   |
|52024|Inf|Enh|2011-10-13|Custom interceptor to support automatic failover o|
|53199|Inf|Enh|2012-05-07|Refactor ConnectionPool to use ScheduledExecutorSe|
|54437|New|Enh|2013-01-16|Update PoolProperties javadoc for ConnectState int|
|54929|Inf|Nor|2013-05-05|jdbc-pool cannot be used with Java 1.5, "java.lang|
|55078|New|Nor|2013-06-07|Configuring a DataSource Resource with dataSourceJ|
|55662|New|Enh|2013-10-17|Add a way to set an instance of java.sql.Driver di|
|56046|New|Enh|2014-01-21|org.apache.tomcat.jdbc.pool.XADataSource InitSQL p|
|56088|New|Maj|2014-01-29|AbstractQueryReport$StatementProxy throws exceptio|
|56310|Inf|Maj|2014-03-25|PooledConnection and XAConnection not handled corr|
|56586|New|Nor|2014-06-02|initSQL should be committed if defaultAutoCommit =|
|56775|New|Nor|2014-07-28|PoolCleanerTime schedule issue|
|56779|New|Nor|2014-07-28|Allow multiple connection initialization statement|
|56790|New|Nor|2014-07-29|Resizing pool.maxActive to a higher value at runti|
|56798|New|Nor|2014-07-31|Idle eviction strategy could perform better (and i|
|56804|New|Nor|2014-08-02|Use a default validationQueryTimeout other than "f|
|56805|New|Nor|2014-08-02|datasource.getConnection() may be unnecessarily bl|
|56837|New|Nor|2014-08-11|if validationQuery have error with timeBetweenEvic|
|56970|New|Nor|2014-09-11|MaxActive vs. MaxTotal for commons-dbcp and tomcat|
|56974|New|Nor|2014-09-12|jdbc-pool validation query defaultAutoCommit statu|
|57460|New|Nor|2015-01-19|[DB2]Connection broken after few hours but not rem|
|57729|New|Enh|2015-03-20|Add QueryExecutionReportInterceptor to log query e|
|58489|Opn|Maj|2015-10-08|QueryStatsComparator throws IllegalArgumentExcepti|
|59077|New|Nor|2016-02-26|DataSourceFactory creates a neutered data source  |
|59569|New|Nor|2016-05-18|isWrapperFor/unwrap implementations incorrect |
|59879|New|Nor|2016-07-18|StatementCache interceptor returns ResultSet objec|
|60195|New|Nor|2016-10-02|No javadoc in Maven Central   |
|60522|New|Nor|2016-12-27|An option for setting if the transaction should be|
|60524|Inf|Nor|2016-12-28|NPE in SlowQueryReport in tomcat-jdbc-7.0.68  |
|60645|New|Nor|2017-01-25|StatementFinalizer is not thread-safe |
|61032|New|Nor|2017-04-24|min pool size is not being respected  |
|61103|New|Nor|2017-05-18|StatementCache potentially caching non-functional |
|61302|New|Enh|2017-07-15|Refactoring of DataSourceProxy|
|61303|New|Enh|2017-07-15|Refactoring of ConnectionPool |
|62432|New|Nor|2018-06-06|Memory Leak in Statement Finalizer?   |
|62598|New|Enh|2018-08-04|support pool with multiple JDBC data sources  |
|62910|Inf|Nor|2018-11-15|tomcat-jdbc global pool transaction problem   |
+-+---+---+--+--+
| Total   39 bugs   |
+---+

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Bug report for Tomcat 9 [2019/06/02]

2019-06-02 Thread bugzilla
+---+
| Bugzilla Bug ID   |
| +-+
| | Status: UNC=Unconfirmed NEW=New ASS=Assigned|
| | OPN=ReopenedVER=Verified(Skipped Closed/Resolved)   |
| |   +-+
| |   | Severity: BLK=Blocker CRI=Critical  REG=Regression  MAJ=Major   |
| |   |   MIN=Minor   NOR=NormalENH=Enhancement TRV=Trivial |
| |   |   +-+
| |   |   | Date Posted |
| |   |   |  +--+
| |   |   |  | Description  |
| |   |   |  |  |
|57505|New|Enh|2015-01-27|Add integration tests for JspC|
|57661|New|Enh|2015-03-04|Delay sending of 100 continue response until appli|
|58242|New|Enh|2015-08-13|Scanning jars in classpath to get annotations in p|
|58530|New|Enh|2015-10-23|Proposal for new Manager HTML GUI |
|58548|New|Enh|2015-10-26|support certifcate transparency   |
|58859|New|Enh|2016-01-14|Allow to limit charsets / encodings supported by T|
|59203|New|Enh|2016-03-21|Try to call Thread.interrupt before calling Thread|
|59344|Ver|Enh|2016-04-18|PEM file support for JSSE |
|59750|New|Enh|2016-06-24|Amend "authenticate" method with context by means |
|59901|New|Enh|2016-07-26|Reduce I/O associated with JSP compilation|
|60997|New|Enh|2017-04-17|Enhance SemaphoreValve to support denied status an|
|61971|New|Enh|2018-01-06|documentation for using tomcat with systemd   |
|62048|New|Enh|2018-01-25|Missing logout function in Manager and Host-Manage|
|62072|New|Enh|2018-02-01|Add support for request compression   |
|62140|New|Enh|2018-02-27|catalina.sh should document the verbs it accepts a|
|62312|New|Enh|2018-04-18|Add Proxy Authentication support to websocket clie|
|62405|New|Enh|2018-05-23|Add Rereadable Request Filter |
|62488|New|Enh|2018-06-25|Obtain dependencies from Maven Central where possi|
|62611|New|Enh|2018-08-09|Compress log files after rotation |
|62695|Inf|Nor|2018-09-07|Provide sha512 checksums for Tomcat releases publi|
|62696|New|Enh|2018-09-07|Consider use of sha256 for signing of .exe files o|
|62723|New|Enh|2018-09-14|Clarify "channelSendOptions" value in cluster docu|
|62773|New|Enh|2018-09-28|Change DeltaManager to handle session deserializat|
|62814|New|Enh|2018-10-10|Use readable names for cluster channel/map options|
|62843|New|Enh|2018-10-22|Tomcat Russian localization   |
|62920|New|Enh|2018-11-17|Maven Plugin For Tomcat 9.0.x |
|62964|New|Enh|2018-11-29|Add RFC7807 conformant Problem Details for HTTP st|
|63023|New|Enh|2018-12-20|Provide a way to load SecurityProviders into the s|
|63049|New|Enh|2018-12-31|Add support in system properties override from com|
|63191|Inf|Nor|2019-02-20|RemoteEndpoint.Async#sendText(String, SendHandler)|
|63237|New|Enh|2019-03-06|Consider processing mbeans-descriptors.xml at comp|
|63310|New|Nor|2019-04-02|Update Commons Daemon for improved Java 11 support|
|63362|New|Enh|2019-04-18|GlobalRequestProcessor statistics in MBean does no|
|63389|New|Enh|2019-04-27|Enable Servlet Warmup for Containerization|
+-+---+---+--+--+
| Total   34 bugs   |
+---+

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Bug report for Tomcat Native [2019/06/02]

2019-06-02 Thread bugzilla
+---+
| Bugzilla Bug ID   |
| +-+
| | Status: UNC=Unconfirmed NEW=New ASS=Assigned|
| | OPN=ReopenedVER=Verified(Skipped Closed/Resolved)   |
| |   +-+
| |   | Severity: BLK=Blocker CRI=Critical  REG=Regression  MAJ=Major   |
| |   |   MIN=Minor   NOR=NormalENH=Enhancement TRV=Trivial |
| |   |   +-+
| |   |   | Date Posted |
| |   |   |  +--+
| |   |   |  | Description  |
| |   |   |  |  |
|53940|New|Enh|2012-09-27|Added support for new CRL loading after expiration|
|57815|New|Enh|2015-04-15|Improve error message when OpenSSL does not suppor|
|59286|New|Nor|2016-04-07|Socket binding failures when using APR|
|62626|Inf|Nor|2018-08-15|Tomcat 9.0.10 APR/Native crashes  |
|62911|New|Enh|2018-11-15|Add support for proxying ocsp  requests via ProxyH|
|63159|New|Nor|2019-02-08|Problem with native/Makefile.in introduced with na|
|63199|New|Nor|2019-02-22|sslsocket handshake JVM crash |
|63356|Opn|Maj|2019-04-16|OCSP_parse_url error while parsing Authority Infor|
|63405|New|Nor|2019-05-06|Tomcat 7.0.91.0 EXCEPTION_ACCESS_VIOLATION - Probl|
+-+---+---+--+--+
| Total9 bugs   |
+---+

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



[Bug 61542] Apache Tomcat Remote Code Execution via JSP Upload bypass

2019-05-29 Thread bugzilla
https://bz.apache.org/bugzilla/show_bug.cgi?id=61542

xing  changed:

   What|Removed |Added

  Component|Catalina|Catalina
Version|9.0.0.M22   |8.5.15
   Target Milestone|-   |
Product|Tomcat 9|Tomcat 8

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Bug report for Tomcat Connectors [2019/05/26]

2019-05-26 Thread bugzilla
+---+
| Bugzilla Bug ID   |
| +-+
| | Status: UNC=Unconfirmed NEW=New ASS=Assigned|
| | OPN=ReopenedVER=Verified(Skipped Closed/Resolved)   |
| |   +-+
| |   | Severity: BLK=Blocker CRI=Critical  REG=Regression  MAJ=Major   |
| |   |   MIN=Minor   NOR=NormalENH=Enhancement TRV=Trivial |
| |   |   +-+
| |   |   | Date Posted |
| |   |   |  +--+
| |   |   |  | Description  |
| |   |   |  |  |
|46767|New|Enh|2009-02-25|mod_jk to send DECLINED in case no fail-over tomca|
|47327|New|Enh|2009-06-07|Return tomcat authenticated user back to mod_jk (A|
|47750|New|Maj|2009-08-27|ISAPI: Loss of worker settings when changing via j|
|47795|New|Maj|2009-09-07|service sticky_session not being set correctly wit|
|48830|New|Nor|2010-03-01|IIS shutdown blocked in endpoint service when serv|
|49822|New|Enh|2010-08-25|Add hash lb worker method |
|49903|New|Enh|2010-09-09|Make workers file reloadable  |
|52483|New|Enh|2012-01-18|Print JkOptions's options in log file and jkstatus|
|53883|Inf|Maj|2012-09-17|isapi_redirect v 1.2.37 crashes w3wp.exe  on the p|
|54621|New|Enh|2013-02-28|[PATCH] custom mod_jk availability checks |
|56489|New|Enh|2014-05-05|Include a directory for configuration files   |
|56576|New|Enh|2014-05-29|Websocket support |
|57402|New|Enh|2014-12-30|Provide correlation ID between mod_jk log and acce|
|57403|New|Enh|2014-12-30|Persist configuration changes made via status work|
|57407|New|Enh|2014-12-31|Make session_cookie, session_path and session_cook|
|57790|New|Enh|2015-04-03|Check worker names for typos  |
|61476|New|Enh|2017-09-01|Allow reset of an individual worker stat value|
|61621|New|Enh|2017-10-15|Content-Type is forced to lowercase when it goes t|
|62093|New|Enh|2018-02-09|Allow use_server_errors to apply to specific statu|
|63214|New|Nor|2019-02-27|Using JkAutoAlias, Filenames with Spaces Cannot be|
+-+---+---+--+--+
| Total   20 bugs   |
+---+

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Bug report for Tomcat Modules [2019/05/26]

2019-05-26 Thread bugzilla
+---+
| Bugzilla Bug ID   |
| +-+
| | Status: UNC=Unconfirmed NEW=New ASS=Assigned|
| | OPN=ReopenedVER=Verified(Skipped Closed/Resolved)   |
| |   +-+
| |   | Severity: BLK=Blocker CRI=Critical  REG=Regression  MAJ=Major   |
| |   |   MIN=Minor   NOR=NormalENH=Enhancement TRV=Trivial |
| |   |   +-+
| |   |   | Date Posted |
| |   |   |  +--+
| |   |   |  | Description  |
| |   |   |  |  |
|50571|Inf|Nor|2011-01-11|Tomcat 7 JDBC connection pool exception enhancemen|
|51595|Inf|Nor|2011-08-01|org.apache.tomcat.jdbc.pool.jmx.ConnectionPool sho|
|51879|Inf|Enh|2011-09-22|Improve access to Native Connection Methods   |
|52024|Inf|Enh|2011-10-13|Custom interceptor to support automatic failover o|
|53199|Inf|Enh|2012-05-07|Refactor ConnectionPool to use ScheduledExecutorSe|
|54437|New|Enh|2013-01-16|Update PoolProperties javadoc for ConnectState int|
|54929|Inf|Nor|2013-05-05|jdbc-pool cannot be used with Java 1.5, "java.lang|
|55078|New|Nor|2013-06-07|Configuring a DataSource Resource with dataSourceJ|
|55662|New|Enh|2013-10-17|Add a way to set an instance of java.sql.Driver di|
|56046|New|Enh|2014-01-21|org.apache.tomcat.jdbc.pool.XADataSource InitSQL p|
|56088|New|Maj|2014-01-29|AbstractQueryReport$StatementProxy throws exceptio|
|56310|Inf|Maj|2014-03-25|PooledConnection and XAConnection not handled corr|
|56586|New|Nor|2014-06-02|initSQL should be committed if defaultAutoCommit =|
|56775|New|Nor|2014-07-28|PoolCleanerTime schedule issue|
|56779|New|Nor|2014-07-28|Allow multiple connection initialization statement|
|56790|New|Nor|2014-07-29|Resizing pool.maxActive to a higher value at runti|
|56798|New|Nor|2014-07-31|Idle eviction strategy could perform better (and i|
|56804|New|Nor|2014-08-02|Use a default validationQueryTimeout other than "f|
|56805|New|Nor|2014-08-02|datasource.getConnection() may be unnecessarily bl|
|56837|New|Nor|2014-08-11|if validationQuery have error with timeBetweenEvic|
|56970|New|Nor|2014-09-11|MaxActive vs. MaxTotal for commons-dbcp and tomcat|
|56974|New|Nor|2014-09-12|jdbc-pool validation query defaultAutoCommit statu|
|57460|New|Nor|2015-01-19|[DB2]Connection broken after few hours but not rem|
|57729|New|Enh|2015-03-20|Add QueryExecutionReportInterceptor to log query e|
|58489|Opn|Maj|2015-10-08|QueryStatsComparator throws IllegalArgumentExcepti|
|59077|New|Nor|2016-02-26|DataSourceFactory creates a neutered data source  |
|59569|New|Nor|2016-05-18|isWrapperFor/unwrap implementations incorrect |
|59879|New|Nor|2016-07-18|StatementCache interceptor returns ResultSet objec|
|60195|New|Nor|2016-10-02|No javadoc in Maven Central   |
|60522|New|Nor|2016-12-27|An option for setting if the transaction should be|
|60524|Inf|Nor|2016-12-28|NPE in SlowQueryReport in tomcat-jdbc-7.0.68  |
|60645|New|Nor|2017-01-25|StatementFinalizer is not thread-safe |
|61032|New|Nor|2017-04-24|min pool size is not being respected  |
|61103|New|Nor|2017-05-18|StatementCache potentially caching non-functional |
|61302|New|Enh|2017-07-15|Refactoring of DataSourceProxy|
|61303|New|Enh|2017-07-15|Refactoring of ConnectionPool |
|62432|New|Nor|2018-06-06|Memory Leak in Statement Finalizer?   |
|62598|New|Enh|2018-08-04|support pool with multiple JDBC data sources  |
|62910|Inf|Nor|2018-11-15|tomcat-jdbc global pool transaction problem   |
+-+---+---+--+--+
| Total   39 bugs   |
+---+

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Bug report for Tomcat Native [2019/05/26]

2019-05-26 Thread bugzilla
+---+
| Bugzilla Bug ID   |
| +-+
| | Status: UNC=Unconfirmed NEW=New ASS=Assigned|
| | OPN=ReopenedVER=Verified(Skipped Closed/Resolved)   |
| |   +-+
| |   | Severity: BLK=Blocker CRI=Critical  REG=Regression  MAJ=Major   |
| |   |   MIN=Minor   NOR=NormalENH=Enhancement TRV=Trivial |
| |   |   +-+
| |   |   | Date Posted |
| |   |   |  +--+
| |   |   |  | Description  |
| |   |   |  |  |
|53940|New|Enh|2012-09-27|Added support for new CRL loading after expiration|
|57815|New|Enh|2015-04-15|Improve error message when OpenSSL does not suppor|
|59286|New|Nor|2016-04-07|Socket binding failures when using APR|
|62626|Inf|Nor|2018-08-15|Tomcat 9.0.10 APR/Native crashes  |
|62911|New|Enh|2018-11-15|Add support for proxying ocsp  requests via ProxyH|
|63159|New|Nor|2019-02-08|Problem with native/Makefile.in introduced with na|
|63199|New|Nor|2019-02-22|sslsocket handshake JVM crash |
|63356|Opn|Maj|2019-04-16|OCSP_parse_url error while parsing Authority Infor|
|63405|New|Nor|2019-05-06|Tomcat 7.0.91.0 EXCEPTION_ACCESS_VIOLATION - Probl|
+-+---+---+--+--+
| Total9 bugs   |
+---+

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Bug report for Tomcat 9 [2019/05/26]

2019-05-26 Thread bugzilla
+---+
| Bugzilla Bug ID   |
| +-+
| | Status: UNC=Unconfirmed NEW=New ASS=Assigned|
| | OPN=ReopenedVER=Verified(Skipped Closed/Resolved)   |
| |   +-+
| |   | Severity: BLK=Blocker CRI=Critical  REG=Regression  MAJ=Major   |
| |   |   MIN=Minor   NOR=NormalENH=Enhancement TRV=Trivial |
| |   |   +-+
| |   |   | Date Posted |
| |   |   |  +--+
| |   |   |  | Description  |
| |   |   |  |  |
|57505|New|Enh|2015-01-27|Add integration tests for JspC|
|57661|New|Enh|2015-03-04|Delay sending of 100 continue response until appli|
|58242|New|Enh|2015-08-13|Scanning jars in classpath to get annotations in p|
|58530|New|Enh|2015-10-23|Proposal for new Manager HTML GUI |
|58548|New|Enh|2015-10-26|support certifcate transparency   |
|58859|New|Enh|2016-01-14|Allow to limit charsets / encodings supported by T|
|59203|New|Enh|2016-03-21|Try to call Thread.interrupt before calling Thread|
|59344|Ver|Enh|2016-04-18|PEM file support for JSSE |
|59750|New|Enh|2016-06-24|Amend "authenticate" method with context by means |
|59901|New|Enh|2016-07-26|Reduce I/O associated with JSP compilation|
|60997|New|Enh|2017-04-17|Enhance SemaphoreValve to support denied status an|
|61971|New|Enh|2018-01-06|documentation for using tomcat with systemd   |
|62048|New|Enh|2018-01-25|Missing logout function in Manager and Host-Manage|
|62072|New|Enh|2018-02-01|Add support for request compression   |
|62140|New|Enh|2018-02-27|catalina.sh should document the verbs it accepts a|
|62312|New|Enh|2018-04-18|Add Proxy Authentication support to websocket clie|
|62405|New|Enh|2018-05-23|Add Rereadable Request Filter |
|62488|New|Enh|2018-06-25|Obtain dependencies from Maven Central where possi|
|62611|New|Enh|2018-08-09|Compress log files after rotation |
|62695|Inf|Nor|2018-09-07|Provide sha512 checksums for Tomcat releases publi|
|62696|New|Enh|2018-09-07|Consider use of sha256 for signing of .exe files o|
|62723|New|Enh|2018-09-14|Clarify "channelSendOptions" value in cluster docu|
|62773|New|Enh|2018-09-28|Change DeltaManager to handle session deserializat|
|62814|New|Enh|2018-10-10|Use readable names for cluster channel/map options|
|62843|New|Enh|2018-10-22|Tomcat Russian localization   |
|62920|New|Enh|2018-11-17|Maven Plugin For Tomcat 9.0.x |
|62964|New|Enh|2018-11-29|Add RFC7807 conformant Problem Details for HTTP st|
|63023|New|Enh|2018-12-20|Provide a way to load SecurityProviders into the s|
|63049|New|Enh|2018-12-31|Add support in system properties override from com|
|63191|Inf|Nor|2019-02-20|RemoteEndpoint.Async#sendText(String, SendHandler)|
|63237|New|Enh|2019-03-06|Consider processing mbeans-descriptors.xml at comp|
|63310|New|Nor|2019-04-02|Update Commons Daemon for improved Java 11 support|
|63362|New|Enh|2019-04-18|GlobalRequestProcessor statistics in MBean does no|
|63389|New|Enh|2019-04-27|Enable Servlet Warmup for Containerization|
+-+---+---+--+--+
| Total   34 bugs   |
+---+

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Bug report for Tomcat 8 [2019/05/26]

2019-05-26 Thread bugzilla
+---+
| Bugzilla Bug ID   |
| +-+
| | Status: UNC=Unconfirmed NEW=New ASS=Assigned|
| | OPN=ReopenedVER=Verified(Skipped Closed/Resolved)   |
| |   +-+
| |   | Severity: BLK=Blocker CRI=Critical  REG=Regression  MAJ=Major   |
| |   |   MIN=Minor   NOR=NormalENH=Enhancement TRV=Trivial |
| |   |   +-+
| |   |   | Date Posted |
| |   |   |  +--+
| |   |   |  | Description  |
| |   |   |  |  |
|55243|New|Enh|2013-07-11|Add special search string for nested roles|
|55252|New|Enh|2013-07-12|Separate Ant and command-line wrappers for JspC   |
|55383|New|Enh|2013-08-07|Improve markup and design of Tomcat's HTML pages  |
|9|New|Enh|2013-09-14|UserDatabaseRealm enhacement: may use local JNDI  |
|55675|New|Enh|2013-10-18|Checking and handling invalid configuration option|
|55788|New|Enh|2013-11-16|TagPlugins should key on tag QName rather than imp|
|55969|New|Enh|2014-01-07|Security-related enhancements to the Windows Insta|
|56166|New|Enh|2014-02-20|Suggestions for exception handling (avoid potentia|
|56361|New|Enh|2014-04-08|org.apache.tomcat.websocket.WsWebSocketContainer#b|
|56398|New|Enh|2014-04-11|Support Arquillian-based unit testing |
|56399|New|Enh|2014-04-11|Re-factor request/response recycling so Coyote and|
|56402|New|Enh|2014-04-11|Add support for HTTP Upgrade to AJP components|
|56448|New|Enh|2014-04-23|Implement a robust solution for client initiated S|
|56522|Opn|Enh|2014-05-14|jasper-el 8 does not comply to EL Spec 3.0 regardi|
|56546|New|Enh|2014-05-19|Improve thread trace logging in WebappClassLoader.|
|56713|New|Enh|2014-07-12|Limit time that incoming request waits while webap|
|56724|New|Enh|2014-07-15|Restart Container background thread if it died une|
|56890|Inf|Maj|2014-08-26|getRealPath returns null  |
|56966|New|Enh|2014-09-11|AccessLogValve's elapsed time has 15ms precision o|
|57130|New|Enh|2014-10-22|Allow digest.sh to accept password from a file or |
|57421|New|Enh|2015-01-07|Farming default directories   |
|57486|New|Enh|2015-01-23|Improve reuse of ProtectedFunctionMapper instances|
|57665|New|Enh|2015-03-05|support x-forwarded-host  |
|57701|New|Enh|2015-03-13|Implement "[Redeploy]" button for a web applicatio|
|57830|New|Enh|2015-04-18|Add support for ProxyProtocol |
|58052|Opn|Enh|2015-06-19|RewriteValve: Implement additional RewriteRule dir|
|58072|New|Enh|2015-06-23|ECDH curve selection  |
|58143|Opn|Enh|2015-07-15|The WebppClassLoader doesn't call transformers on |
|58577|New|Enh|2015-11-03|JMX Proxy Servlet can't handle overloaded methods |
|58837|New|Enh|2016-01-12|support "X-Content-Security-Policy" a.k.a as "CSP"|
|58935|Opn|Enh|2016-01-29|Re-deploy from war without deleting context   |
|59232|New|Enh|2016-03-24|Make the context name of an app available via JNDI|
|59423|New|Enh|2016-05-03|amend "No LoginModules configured for ..." with hi|
|59758|New|Enh|2016-06-27|Add http proxy username-password credentials suppo|
|60281|Ver|Nor|2016-10-20|Pathname of uploaded WAR file should not be contai|
|60721|Ver|Nor|2017-02-10|Unable to find key spec if more applications use b|
|60781|New|Nor|2017-02-27|Access Log Valve does not escape the same as mod_l|
|60849|New|Enh|2017-03-13|Tomcat NIO Connector not able to handle SSL renego|
|61668|Ver|Min|2017-10-26|Possible NullPointerException in org.apache.coyote|
|61877|New|Enh|2017-12-08|use web.xml from CATALINA_HOME by default |
|61917|New|Enh|2017-12-19|AddDefaultCharsetFilter only supports text/* respo|
|62150|New|Enh|2018-03-01|Behavior of relative paths with RequestDispatcher |
|62214|New|Enh|2018-03-22|The "userSubtree=true" and "roleSubtree=true" in J|
|62245|New|Enh|2018-04-02|[Documentation] Mention contextXsltFile in Default|
|62496|New|Enh|2018-06-27|Add possibility write remote user/auth type to res|
|62912|New|Enh|2018-11-15|Tomcat adds a space character in the Content-Type |
|63080|New|Enh|2019-01-16|Support rfc7239 Forwarded header  |
|63195|Inf|Enh|2019-02-21|Add easy way to test RemoteIpValve works properly |
|63285|New|Nor|2019-03-25|service.bat does not handle changed "Windows Servi|
|63286|New|

Bug report for Tomcat 7 [2019/05/26]

2019-05-26 Thread bugzilla
+---+
| Bugzilla Bug ID   |
| +-+
| | Status: UNC=Unconfirmed NEW=New ASS=Assigned|
| | OPN=ReopenedVER=Verified(Skipped Closed/Resolved)   |
| |   +-+
| |   | Severity: BLK=Blocker CRI=Critical  REG=Regression  MAJ=Major   |
| |   |   MIN=Minor   NOR=NormalENH=Enhancement TRV=Trivial |
| |   |   +-+
| |   |   | Date Posted |
| |   |   |  +--+
| |   |   |  | Description  |
| |   |   |  |  |
|50944|Ver|Blk|2011-03-18|JSF: java.lang.NullPointerException at com.sun.fac|
|53620|New|Enh|2012-07-30|[juli] delay opening a file until something gets l|
|55104|New|Enh|2013-06-16|Allow passing arguments with spaces to Commons Dae|
|55470|New|Enh|2013-08-23|Help users for ClassNotFoundExceptions during star|
|55477|New|Enh|2013-08-23|Add a solution to map an realm name to a security |
|56148|New|Enh|2014-02-17|support (multiple) ocsp stapling  |
|56181|New|Enh|2014-02-23|RemoteIpValve & RemoteIpFilter: HttpServletRequest|
|56300|New|Enh|2014-03-22|[Tribes] No useful examples, lack of documentation|
|56438|New|Enh|2014-04-21|If jar scan does not find context config or TLD co|
|56614|New|Enh|2014-06-12|Add a switch to ignore annotations detection on ta|
|56787|New|Enh|2014-07-29|Simplified jndi name parsing  |
|57367|New|Enh|2014-12-18|If JAR scan experiences a stack overflow, give the|
|57827|New|Enh|2015-04-17|Enable adding/removing of members via jmx in a sta|
|57872|New|Enh|2015-04-29|Do not auto-switch session cookie to version=1 due|
|57892|New|Enh|2015-05-05|Log once a warning if a symbolic link is ignored (|
|59716|New|Enh|2016-06-17|Allow JNDI configuration of CorsFilter|
|60597|New|Enh|2017-01-17|Add ability to set cipher suites for websocket cli|
|63167|New|Enh|2019-02-12|Network Requirements To Resolve No Members Active |
+-+---+---+--+--+
| Total   18 bugs   |
+---+

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Bug report for Taglibs [2019/05/26]

2019-05-26 Thread bugzilla
+---+
| Bugzilla Bug ID   |
| +-+
| | Status: UNC=Unconfirmed NEW=New ASS=Assigned|
| | OPN=ReopenedVER=Verified(Skipped Closed/Resolved)   |
| |   +-+
| |   | Severity: BLK=Blocker CRI=Critical  REG=Regression  MAJ=Major   |
| |   |   MIN=Minor   NOR=NormalENH=Enhancement TRV=Trivial |
| |   |   +-+
| |   |   | Date Posted |
| |   |   |  +--+
| |   |   |  | Description  |
| |   |   |  |  |
|38193|Ass|Enh|2006-01-09|[RDC] BuiltIn Grammar support for Field   |
|38600|Ass|Enh|2006-02-10|[RDC] Enable RDCs to be used in X+V markup (X+RDC)|
|42413|New|Enh|2007-05-14|[PATCH] Log Taglib enhancements   |
|46052|New|Nor|2008-10-21|SetLocaleSupport is slow to initialize when many l|
|48333|New|Enh|2009-12-02|TLD generator |
|57548|New|Min|2015-02-08|Auto-generate the value for org.apache.taglibs.sta|
|57684|New|Min|2015-03-10|Version info should be taken from project version |
|59359|New|Enh|2016-04-20|(Task) Extend validity period for signing KEY - be|
|59668|New|Nor|2016-06-06|x:forEach retains the incorrect scope when used in|
|61875|New|Nor|2017-12-08|Investigate whether Xalan can be removed  |
+-+---+---+--+--+
| Total   10 bugs   |
+---+

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



[Bug 61441] daemon.sh's auto-detection fails on linux system's where java is installed via an RPM

2019-05-24 Thread bugzilla
https://bz.apache.org/bugzilla/show_bug.cgi?id=61441

--- Comment #6 from martin garix  ---
Play the cool math games junction,such a great and amazing free online video
game http://coolmathgamesjunction.net i hope you enjoy,then if you want to more
about info,so just click here this site.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



[Bug 43548] xml schema for tomcat-users.xml

2019-05-23 Thread bugzilla
https://bz.apache.org/bugzilla/show_bug.cgi?id=43548

--- Comment #11 from Mark Thomas  ---
Five years on and I changed my mind. I've added this to 7.0.x for 7.0.95
onwards.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



[Bug 55969] Security-related enhancements to the Windows Installer

2019-05-23 Thread bugzilla
https://bz.apache.org/bugzilla/show_bug.cgi?id=55969

--- Comment #1 from Mark Thomas  ---
Just a note to say that I am working on this. I have updated Commons Daemon to
offer LocalService and NetworkService in the UI. Note it will need a Commons
Daemon release to make this available to Tomcat and there are still some open
issues to fix in Daemon.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



[Bug 63445] “Too many open files” after migrating from Tomcat 7 to Tomcat 9

2019-05-21 Thread bugzilla
https://bz.apache.org/bugzilla/show_bug.cgi?id=63445

Mark Thomas  changed:

   What|Removed |Added

 Resolution|--- |INVALID
 Status|REOPENED|RESOLVED

--- Comment #3 from Mark Thomas  ---
The users mailing list is the place to seek assistance with this issue.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Bug report for Tomcat 9 [2019/05/19]

2019-05-19 Thread bugzilla
+---+
| Bugzilla Bug ID   |
| +-+
| | Status: UNC=Unconfirmed NEW=New ASS=Assigned|
| | OPN=ReopenedVER=Verified(Skipped Closed/Resolved)   |
| |   +-+
| |   | Severity: BLK=Blocker CRI=Critical  REG=Regression  MAJ=Major   |
| |   |   MIN=Minor   NOR=NormalENH=Enhancement TRV=Trivial |
| |   |   +-+
| |   |   | Date Posted |
| |   |   |  +--+
| |   |   |  | Description  |
| |   |   |  |  |
|57505|New|Enh|2015-01-27|Add integration tests for JspC|
|57661|New|Enh|2015-03-04|Delay sending of 100 continue response until appli|
|58242|New|Enh|2015-08-13|Scanning jars in classpath to get annotations in p|
|58530|New|Enh|2015-10-23|Proposal for new Manager HTML GUI |
|58548|New|Enh|2015-10-26|support certifcate transparency   |
|58859|New|Enh|2016-01-14|Allow to limit charsets / encodings supported by T|
|59203|New|Enh|2016-03-21|Try to call Thread.interrupt before calling Thread|
|59344|Ver|Enh|2016-04-18|PEM file support for JSSE |
|59750|New|Enh|2016-06-24|Amend "authenticate" method with context by means |
|59901|New|Enh|2016-07-26|Reduce I/O associated with JSP compilation|
|60997|New|Enh|2017-04-17|Enhance SemaphoreValve to support denied status an|
|61971|New|Enh|2018-01-06|documentation for using tomcat with systemd   |
|62048|New|Enh|2018-01-25|Missing logout function in Manager and Host-Manage|
|62072|New|Enh|2018-02-01|Add support for request compression   |
|62140|New|Enh|2018-02-27|catalina.sh should document the verbs it accepts a|
|62312|New|Enh|2018-04-18|Add Proxy Authentication support to websocket clie|
|62405|New|Enh|2018-05-23|Add Rereadable Request Filter |
|62488|New|Enh|2018-06-25|Obtain dependencies from Maven Central where possi|
|62611|New|Enh|2018-08-09|Compress log files after rotation |
|62695|Inf|Nor|2018-09-07|Provide sha512 checksums for Tomcat releases publi|
|62696|New|Enh|2018-09-07|Consider use of sha256 for signing of .exe files o|
|62723|New|Enh|2018-09-14|Clarify "channelSendOptions" value in cluster docu|
|62773|New|Enh|2018-09-28|Change DeltaManager to handle session deserializat|
|62814|New|Enh|2018-10-10|Use readable names for cluster channel/map options|
|62843|New|Enh|2018-10-22|Tomcat Russian localization   |
|62920|New|Enh|2018-11-17|Maven Plugin For Tomcat 9.0.x |
|62964|New|Enh|2018-11-29|Add RFC7807 conformant Problem Details for HTTP st|
|63023|New|Enh|2018-12-20|Provide a way to load SecurityProviders into the s|
|63049|New|Enh|2018-12-31|Add support in system properties override from com|
|63191|Inf|Nor|2019-02-20|RemoteEndpoint.Async#sendText(String, SendHandler)|
|63237|New|Enh|2019-03-06|Consider processing mbeans-descriptors.xml at comp|
|63310|New|Nor|2019-04-02|Update Commons Daemon for improved Java 11 support|
|63362|New|Enh|2019-04-18|GlobalRequestProcessor statistics in MBean does no|
|63389|New|Enh|2019-04-27|Enable Servlet Warmup for Containerization|
|63445|Opn|Cri|2019-05-17|“Too many open files” after migrating from Tom|
+-+---+---+--+--+
| Total   35 bugs   |
+---+

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Bug report for Taglibs [2019/05/19]

2019-05-19 Thread bugzilla
+---+
| Bugzilla Bug ID   |
| +-+
| | Status: UNC=Unconfirmed NEW=New ASS=Assigned|
| | OPN=ReopenedVER=Verified(Skipped Closed/Resolved)   |
| |   +-+
| |   | Severity: BLK=Blocker CRI=Critical  REG=Regression  MAJ=Major   |
| |   |   MIN=Minor   NOR=NormalENH=Enhancement TRV=Trivial |
| |   |   +-+
| |   |   | Date Posted |
| |   |   |  +--+
| |   |   |  | Description  |
| |   |   |  |  |
|38193|Ass|Enh|2006-01-09|[RDC] BuiltIn Grammar support for Field   |
|38600|Ass|Enh|2006-02-10|[RDC] Enable RDCs to be used in X+V markup (X+RDC)|
|42413|New|Enh|2007-05-14|[PATCH] Log Taglib enhancements   |
|46052|New|Nor|2008-10-21|SetLocaleSupport is slow to initialize when many l|
|48333|New|Enh|2009-12-02|TLD generator |
|57548|New|Min|2015-02-08|Auto-generate the value for org.apache.taglibs.sta|
|57684|New|Min|2015-03-10|Version info should be taken from project version |
|59359|New|Enh|2016-04-20|(Task) Extend validity period for signing KEY - be|
|59668|New|Nor|2016-06-06|x:forEach retains the incorrect scope when used in|
|61875|New|Nor|2017-12-08|Investigate whether Xalan can be removed  |
+-+---+---+--+--+
| Total   10 bugs   |
+---+

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Bug report for Tomcat Modules [2019/05/19]

2019-05-19 Thread bugzilla
+---+
| Bugzilla Bug ID   |
| +-+
| | Status: UNC=Unconfirmed NEW=New ASS=Assigned|
| | OPN=ReopenedVER=Verified(Skipped Closed/Resolved)   |
| |   +-+
| |   | Severity: BLK=Blocker CRI=Critical  REG=Regression  MAJ=Major   |
| |   |   MIN=Minor   NOR=NormalENH=Enhancement TRV=Trivial |
| |   |   +-+
| |   |   | Date Posted |
| |   |   |  +--+
| |   |   |  | Description  |
| |   |   |  |  |
|50571|Inf|Nor|2011-01-11|Tomcat 7 JDBC connection pool exception enhancemen|
|51595|Inf|Nor|2011-08-01|org.apache.tomcat.jdbc.pool.jmx.ConnectionPool sho|
|51879|Inf|Enh|2011-09-22|Improve access to Native Connection Methods   |
|52024|Inf|Enh|2011-10-13|Custom interceptor to support automatic failover o|
|53199|Inf|Enh|2012-05-07|Refactor ConnectionPool to use ScheduledExecutorSe|
|54437|New|Enh|2013-01-16|Update PoolProperties javadoc for ConnectState int|
|54929|Inf|Nor|2013-05-05|jdbc-pool cannot be used with Java 1.5, "java.lang|
|55078|New|Nor|2013-06-07|Configuring a DataSource Resource with dataSourceJ|
|55662|New|Enh|2013-10-17|Add a way to set an instance of java.sql.Driver di|
|56046|New|Enh|2014-01-21|org.apache.tomcat.jdbc.pool.XADataSource InitSQL p|
|56088|New|Maj|2014-01-29|AbstractQueryReport$StatementProxy throws exceptio|
|56310|Inf|Maj|2014-03-25|PooledConnection and XAConnection not handled corr|
|56586|New|Nor|2014-06-02|initSQL should be committed if defaultAutoCommit =|
|56775|New|Nor|2014-07-28|PoolCleanerTime schedule issue|
|56779|New|Nor|2014-07-28|Allow multiple connection initialization statement|
|56790|New|Nor|2014-07-29|Resizing pool.maxActive to a higher value at runti|
|56798|New|Nor|2014-07-31|Idle eviction strategy could perform better (and i|
|56804|New|Nor|2014-08-02|Use a default validationQueryTimeout other than "f|
|56805|New|Nor|2014-08-02|datasource.getConnection() may be unnecessarily bl|
|56837|New|Nor|2014-08-11|if validationQuery have error with timeBetweenEvic|
|56970|New|Nor|2014-09-11|MaxActive vs. MaxTotal for commons-dbcp and tomcat|
|56974|New|Nor|2014-09-12|jdbc-pool validation query defaultAutoCommit statu|
|57460|New|Nor|2015-01-19|[DB2]Connection broken after few hours but not rem|
|57729|New|Enh|2015-03-20|Add QueryExecutionReportInterceptor to log query e|
|58489|Opn|Maj|2015-10-08|QueryStatsComparator throws IllegalArgumentExcepti|
|59077|New|Nor|2016-02-26|DataSourceFactory creates a neutered data source  |
|59569|New|Nor|2016-05-18|isWrapperFor/unwrap implementations incorrect |
|59879|New|Nor|2016-07-18|StatementCache interceptor returns ResultSet objec|
|60195|New|Nor|2016-10-02|No javadoc in Maven Central   |
|60522|New|Nor|2016-12-27|An option for setting if the transaction should be|
|60524|Inf|Nor|2016-12-28|NPE in SlowQueryReport in tomcat-jdbc-7.0.68  |
|60645|New|Nor|2017-01-25|StatementFinalizer is not thread-safe |
|61032|New|Nor|2017-04-24|min pool size is not being respected  |
|61103|New|Nor|2017-05-18|StatementCache potentially caching non-functional |
|61302|New|Enh|2017-07-15|Refactoring of DataSourceProxy|
|61303|New|Enh|2017-07-15|Refactoring of ConnectionPool |
|62432|New|Nor|2018-06-06|Memory Leak in Statement Finalizer?   |
|62598|New|Enh|2018-08-04|support pool with multiple JDBC data sources  |
|62910|Inf|Nor|2018-11-15|tomcat-jdbc global pool transaction problem   |
+-+---+---+--+--+
| Total   39 bugs   |
+---+

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Bug report for Tomcat Native [2019/05/19]

2019-05-19 Thread bugzilla
+---+
| Bugzilla Bug ID   |
| +-+
| | Status: UNC=Unconfirmed NEW=New ASS=Assigned|
| | OPN=ReopenedVER=Verified(Skipped Closed/Resolved)   |
| |   +-+
| |   | Severity: BLK=Blocker CRI=Critical  REG=Regression  MAJ=Major   |
| |   |   MIN=Minor   NOR=NormalENH=Enhancement TRV=Trivial |
| |   |   +-+
| |   |   | Date Posted |
| |   |   |  +--+
| |   |   |  | Description  |
| |   |   |  |  |
|53940|New|Enh|2012-09-27|Added support for new CRL loading after expiration|
|57815|New|Enh|2015-04-15|Improve error message when OpenSSL does not suppor|
|59286|New|Nor|2016-04-07|Socket binding failures when using APR|
|62626|Inf|Nor|2018-08-15|Tomcat 9.0.10 APR/Native crashes  |
|62911|New|Enh|2018-11-15|Add support for proxying ocsp  requests via ProxyH|
|63159|New|Nor|2019-02-08|Problem with native/Makefile.in introduced with na|
|63199|New|Nor|2019-02-22|sslsocket handshake JVM crash |
|63356|Opn|Maj|2019-04-16|OCSP_parse_url error while parsing Authority Infor|
|63405|New|Nor|2019-05-06|Tomcat 7.0.91.0 EXCEPTION_ACCESS_VIOLATION - Probl|
+-+---+---+--+--+
| Total9 bugs   |
+---+

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Bug report for Tomcat 8 [2019/05/19]

2019-05-19 Thread bugzilla
+---+
| Bugzilla Bug ID   |
| +-+
| | Status: UNC=Unconfirmed NEW=New ASS=Assigned|
| | OPN=ReopenedVER=Verified(Skipped Closed/Resolved)   |
| |   +-+
| |   | Severity: BLK=Blocker CRI=Critical  REG=Regression  MAJ=Major   |
| |   |   MIN=Minor   NOR=NormalENH=Enhancement TRV=Trivial |
| |   |   +-+
| |   |   | Date Posted |
| |   |   |  +--+
| |   |   |  | Description  |
| |   |   |  |  |
|55243|New|Enh|2013-07-11|Add special search string for nested roles|
|55252|New|Enh|2013-07-12|Separate Ant and command-line wrappers for JspC   |
|55383|New|Enh|2013-08-07|Improve markup and design of Tomcat's HTML pages  |
|9|New|Enh|2013-09-14|UserDatabaseRealm enhacement: may use local JNDI  |
|55675|New|Enh|2013-10-18|Checking and handling invalid configuration option|
|55788|New|Enh|2013-11-16|TagPlugins should key on tag QName rather than imp|
|55969|New|Enh|2014-01-07|Security-related enhancements to the Windows Insta|
|56166|New|Enh|2014-02-20|Suggestions for exception handling (avoid potentia|
|56361|New|Enh|2014-04-08|org.apache.tomcat.websocket.WsWebSocketContainer#b|
|56398|New|Enh|2014-04-11|Support Arquillian-based unit testing |
|56399|New|Enh|2014-04-11|Re-factor request/response recycling so Coyote and|
|56402|New|Enh|2014-04-11|Add support for HTTP Upgrade to AJP components|
|56448|New|Enh|2014-04-23|Implement a robust solution for client initiated S|
|56522|Opn|Enh|2014-05-14|jasper-el 8 does not comply to EL Spec 3.0 regardi|
|56546|New|Enh|2014-05-19|Improve thread trace logging in WebappClassLoader.|
|56713|New|Enh|2014-07-12|Limit time that incoming request waits while webap|
|56724|New|Enh|2014-07-15|Restart Container background thread if it died une|
|56890|Inf|Maj|2014-08-26|getRealPath returns null  |
|56966|New|Enh|2014-09-11|AccessLogValve's elapsed time has 15ms precision o|
|57130|New|Enh|2014-10-22|Allow digest.sh to accept password from a file or |
|57421|New|Enh|2015-01-07|Farming default directories   |
|57486|New|Enh|2015-01-23|Improve reuse of ProtectedFunctionMapper instances|
|57665|New|Enh|2015-03-05|support x-forwarded-host  |
|57701|New|Enh|2015-03-13|Implement "[Redeploy]" button for a web applicatio|
|57830|New|Enh|2015-04-18|Add support for ProxyProtocol |
|58052|Opn|Enh|2015-06-19|RewriteValve: Implement additional RewriteRule dir|
|58072|New|Enh|2015-06-23|ECDH curve selection  |
|58143|Opn|Enh|2015-07-15|The WebppClassLoader doesn't call transformers on |
|58577|New|Enh|2015-11-03|JMX Proxy Servlet can't handle overloaded methods |
|58837|New|Enh|2016-01-12|support "X-Content-Security-Policy" a.k.a as "CSP"|
|58935|Opn|Enh|2016-01-29|Re-deploy from war without deleting context   |
|59232|New|Enh|2016-03-24|Make the context name of an app available via JNDI|
|59423|New|Enh|2016-05-03|amend "No LoginModules configured for ..." with hi|
|59758|New|Enh|2016-06-27|Add http proxy username-password credentials suppo|
|60281|Ver|Nor|2016-10-20|Pathname of uploaded WAR file should not be contai|
|60721|Ver|Nor|2017-02-10|Unable to find key spec if more applications use b|
|60781|New|Nor|2017-02-27|Access Log Valve does not escape the same as mod_l|
|60849|New|Enh|2017-03-13|Tomcat NIO Connector not able to handle SSL renego|
|61668|Ver|Min|2017-10-26|Possible NullPointerException in org.apache.coyote|
|61877|New|Enh|2017-12-08|use web.xml from CATALINA_HOME by default |
|61917|New|Enh|2017-12-19|AddDefaultCharsetFilter only supports text/* respo|
|62150|New|Enh|2018-03-01|Behavior of relative paths with RequestDispatcher |
|62214|New|Enh|2018-03-22|The "userSubtree=true" and "roleSubtree=true" in J|
|62245|New|Enh|2018-04-02|[Documentation] Mention contextXsltFile in Default|
|62496|New|Enh|2018-06-27|Add possibility write remote user/auth type to res|
|62912|New|Enh|2018-11-15|Tomcat adds a space character in the Content-Type |
|63080|New|Enh|2019-01-16|Support rfc7239 Forwarded header  |
|63195|Inf|Enh|2019-02-21|Add easy way to test RemoteIpValve works properly |
|63285|New|Nor|2019-03-25|service.bat does not handle changed "Windows Servi|
|63286|New|

Bug report for Tomcat Connectors [2019/05/19]

2019-05-19 Thread bugzilla
+---+
| Bugzilla Bug ID   |
| +-+
| | Status: UNC=Unconfirmed NEW=New ASS=Assigned|
| | OPN=ReopenedVER=Verified(Skipped Closed/Resolved)   |
| |   +-+
| |   | Severity: BLK=Blocker CRI=Critical  REG=Regression  MAJ=Major   |
| |   |   MIN=Minor   NOR=NormalENH=Enhancement TRV=Trivial |
| |   |   +-+
| |   |   | Date Posted |
| |   |   |  +--+
| |   |   |  | Description  |
| |   |   |  |  |
|46767|New|Enh|2009-02-25|mod_jk to send DECLINED in case no fail-over tomca|
|47327|New|Enh|2009-06-07|Return tomcat authenticated user back to mod_jk (A|
|47750|New|Maj|2009-08-27|ISAPI: Loss of worker settings when changing via j|
|47795|New|Maj|2009-09-07|service sticky_session not being set correctly wit|
|48830|New|Nor|2010-03-01|IIS shutdown blocked in endpoint service when serv|
|49822|New|Enh|2010-08-25|Add hash lb worker method |
|49903|New|Enh|2010-09-09|Make workers file reloadable  |
|52483|New|Enh|2012-01-18|Print JkOptions's options in log file and jkstatus|
|53883|Inf|Maj|2012-09-17|isapi_redirect v 1.2.37 crashes w3wp.exe  on the p|
|54621|New|Enh|2013-02-28|[PATCH] custom mod_jk availability checks |
|56489|New|Enh|2014-05-05|Include a directory for configuration files   |
|56576|New|Enh|2014-05-29|Websocket support |
|57402|New|Enh|2014-12-30|Provide correlation ID between mod_jk log and acce|
|57403|New|Enh|2014-12-30|Persist configuration changes made via status work|
|57407|New|Enh|2014-12-31|Make session_cookie, session_path and session_cook|
|57790|New|Enh|2015-04-03|Check worker names for typos  |
|61476|New|Enh|2017-09-01|Allow reset of an individual worker stat value|
|61621|New|Enh|2017-10-15|Content-Type is forced to lowercase when it goes t|
|62093|New|Enh|2018-02-09|Allow use_server_errors to apply to specific statu|
|63214|New|Nor|2019-02-27|Using JkAutoAlias, Filenames with Spaces Cannot be|
+-+---+---+--+--+
| Total   20 bugs   |
+---+

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



Bug report for Tomcat 7 [2019/05/19]

2019-05-19 Thread bugzilla
+---+
| Bugzilla Bug ID   |
| +-+
| | Status: UNC=Unconfirmed NEW=New ASS=Assigned|
| | OPN=ReopenedVER=Verified(Skipped Closed/Resolved)   |
| |   +-+
| |   | Severity: BLK=Blocker CRI=Critical  REG=Regression  MAJ=Major   |
| |   |   MIN=Minor   NOR=NormalENH=Enhancement TRV=Trivial |
| |   |   +-+
| |   |   | Date Posted |
| |   |   |  +--+
| |   |   |  | Description  |
| |   |   |  |  |
|50944|Ver|Blk|2011-03-18|JSF: java.lang.NullPointerException at com.sun.fac|
|53620|New|Enh|2012-07-30|[juli] delay opening a file until something gets l|
|55104|New|Enh|2013-06-16|Allow passing arguments with spaces to Commons Dae|
|55470|New|Enh|2013-08-23|Help users for ClassNotFoundExceptions during star|
|55477|New|Enh|2013-08-23|Add a solution to map an realm name to a security |
|56148|New|Enh|2014-02-17|support (multiple) ocsp stapling  |
|56181|New|Enh|2014-02-23|RemoteIpValve & RemoteIpFilter: HttpServletRequest|
|56300|New|Enh|2014-03-22|[Tribes] No useful examples, lack of documentation|
|56438|New|Enh|2014-04-21|If jar scan does not find context config or TLD co|
|56614|New|Enh|2014-06-12|Add a switch to ignore annotations detection on ta|
|56787|New|Enh|2014-07-29|Simplified jndi name parsing  |
|57367|New|Enh|2014-12-18|If JAR scan experiences a stack overflow, give the|
|57827|New|Enh|2015-04-17|Enable adding/removing of members via jmx in a sta|
|57872|New|Enh|2015-04-29|Do not auto-switch session cookie to version=1 due|
|57892|New|Enh|2015-05-05|Log once a warning if a symbolic link is ignored (|
|59716|New|Enh|2016-06-17|Allow JNDI configuration of CorsFilter|
|60597|New|Enh|2017-01-17|Add ability to set cipher suites for websocket cli|
|63167|New|Enh|2019-02-12|Network Requirements To Resolve No Members Active |
+-+---+---+--+--+
| Total   18 bugs   |
+---+

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



[Bug 63445] “Too many open files” after migrating from Tomcat 7 to Tomcat 9

2019-05-17 Thread bugzilla
https://bz.apache.org/bugzilla/show_bug.cgi?id=63445

Gerald Spitzer  changed:

   What|Removed |Added

 Resolution|INVALID |---
 Status|RESOLVED|REOPENED

--- Comment #2 from Gerald Spitzer  ---
But it is exactly the same application, the ONLY difference is the Tomcat
version - so it must be something Tomcat related.

Increasing the fd limit is not an option for our customer which hosts the
application.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



[Bug 63445] “Too many open files” after migrating from Tomcat 7 to Tomcat 9

2019-05-17 Thread bugzilla
https://bz.apache.org/bugzilla/show_bug.cgi?id=63445

Mark Thomas  changed:

   What|Removed |Added

 Status|NEW |RESOLVED
 Resolution|--- |INVALID

--- Comment #1 from Mark Thomas  ---
Only a descriptor leak would be considered a bug. There is no evidence of such
a leak in this report.

That there are multiple  descriptors for the same file is unexpected. It maybe
the result of how JSF2 is accessing those resources. It appears you need to
increase the fd limit.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



[Bug 63445] New: “Too many open files” after migrating from Tomcat 7 to Tomcat 9

2019-05-17 Thread bugzilla
https://bz.apache.org/bugzilla/show_bug.cgi?id=63445

Bug ID: 63445
   Summary: “Too many open files” after migrating from Tomcat 7 to
Tomcat 9
   Product: Tomcat 9
   Version: 9.0.20
  Hardware: PC
OS: Linux
Status: NEW
  Severity: critical
  Priority: P2
 Component: Catalina
  Assignee: dev@tomcat.apache.org
  Reporter: gerald.spit...@fab4minds.com
  Target Milestone: -

After migrating from Tomact 7 to Tomcat 9.0.20 (running with same Java Version
1.8.0_25) we have a problem with our JSF2 web application on Linux RHEL 7.
After some time we get Exceptions like this:

java.io.FileNotFoundException:
/f4m/tomcat/tomcat_f4mbs/webapps/ACM/WEB-INF/acm-config.xml (Too many open
files)
at java.io.FileInputStream.open0(Native Method)
at java.io.FileInputStream.open(FileInputStream.java:195)
at java.io.FileInputStream.(FileInputStream.java:138)
at java.io.FileInputStream.(FileInputStream.java:93)


After searching around a while, I have found out that there are many open file
descriptors to xhtml files, by executing this command (where 4025 is the Tomcat
process ID):

ls -l /proc/4025/fd


lr-x--. 1 f4mHttp f4mHttp 64 May 16 08:58 238 ->
/usr/java/jdk1.8.0_25/jre/lib/resources.jar
lr-x--. 1 f4mHttp f4mHttp 64 May 16 09:01 239 -> pipe:[3661823]
lr-x--. 1 f4mHttp f4mHttp 64 May 16 08:58 24 ->
/f4m/tomcat/tomcat_f4mbscrm/lib/websocket-api.jar
l-wx--. 1 f4mHttp f4mHttp 64 May 16 09:01 240 -> pipe:[3661823]
lrwx--. 1 f4mHttp f4mHttp 64 May 16 09:01 241 -> anon_inode:[eventpoll]
lr-x--. 1 f4mHttp f4mHttp 64 May 16 09:01 243 -> pipe:[3661824]
l-wx--. 1 f4mHttp f4mHttp 64 May 16 09:01 244 -> pipe:[3661824]
lrwx--. 1 f4mHttp f4mHttp 64 May 16 09:01 245 -> anon_inode:[eventpoll]
lr-x--. 1 f4mHttp f4mHttp 64 May 16 09:01 246 ->
/f4m/tomcat/tomcat_f4mbscrm/webapps/ACM/resources/components/msgBox.xhtml
lr-x--. 1 f4mHttp f4mHttp 64 May 16 09:01 247 ->
/f4m/tomcat/tomcat_f4mbscrm/webapps/ACM/resources/components/msgBox.xhtml
lrwx--. 1 f4mHttp f4mHttp 64 May 16 09:01 248 -> socket:[3667364]
lr-x--. 1 f4mHttp f4mHttp 64 May 16 09:02 249 ->
/f4m/tomcat/tomcat_f4mbscrm/webapps/ACM/form/searchpage.xhtml
lr-x--. 1 f4mHttp f4mHttp 64 May 16 08:58 25 ->
/f4m/tomcat/tomcat_f4mbscrm/lib/jasper.jar
lr-x--. 1 f4mHttp f4mHttp 64 May 16 09:01 250 ->
/f4m/tomcat/tomcat_f4mbscrm/webapps/ACM/form/searchpage.xhtml
lr-x--. 1 f4mHttp f4mHttp 64 May 16 09:01 251 ->
/f4m/tomcat/tomcat_f4mbscrm/webapps/ACM/form/portal/nav/portalheader.xhtml
lr-x--. 1 f4mHttp f4mHttp 64 May 16 09:02 252 ->
/f4m/tomcat/tomcat_f4mbscrm/webapps/ACM/form/portal/customizing/nav/menu.xhtml
lr-x--. 1 f4mHttp f4mHttp 64 May 16 09:01 253 ->
/f4m/tomcat/tomcat_f4mbscrm/webapps/ACM/resources/components/calendar.xhtml
lr-x--. 1 f4mHttp f4mHttp 64 May 16 09:01 254 ->
/f4m/tomcat/tomcat_f4mbscrm/webapps/ACM/form/nav/bottomPanel.xhtml
lr-x--. 1 f4mHttp f4mHttp 64 May 16 09:01 255 ->
/f4m/tomcat/tomcat_f4mbscrm/webapps/ACM/form/nav/bottomPanel.xhtml
lr-x--. 1 f4mHttp f4mHttp 64 May 16 09:01 256 ->
/f4m/tomcat/tomcat_f4mbscrm/webapps/ACM/resources/components/msgBox.xhtml
lr-x--. 1 f4mHttp f4mHttp 64 May 16 09:01 257 ->
/f4m/tomcat/tomcat_f4mbscrm/webapps/ACM/resources/components/calendar.xhtml
lr-x--. 1 f4mHttp f4mHttp 64 May 16 09:02 258 ->
/f4m/tomcat/tomcat_f4mbscrm/webapps/ACM/resources/components/calendar.xhtml
lr-x--. 1 f4mHttp f4mHttp 64 May 16 09:02 259 ->
/f4m/tomcat/tomcat_f4mbscrm/webapps/ACM/resources/components/calendar.xhtml
lr-x--. 1 f4mHttp f4mHttp 64 May 16 08:58 26 ->
/f4m/tomcat/tomcat_f4mbscrm/lib/ecj-4.9.jar
lr-x--. 1 f4mHttp f4mHttp 64 May 16 09:02 260 ->
/f4m/tomcat/tomcat_f4mbscrm/webapps/ACM/resources/components/calendar.xhtml
lr-x--. 1 f4mHttp f4mHttp 64 May 16 09:02 261 ->
/f4m/tomcat/tomcat_f4mbscrm/webapps/ACM/resources/components/calendar.xhtml
lr-x--. 1 f4mHttp f4mHttp 64 May 16 09:02 262 ->
/f4m/tomcat/tomcat_f4mbscrm/webapps/ACM/form/common/barcodefunction_incl.xhtml
lr-x--. 1 f4mHttp f4mHttp 64 May 16 09:02 263 ->
/f4m/tomcat/tomcat_f4mbscrm/webapps/ACM/form/portal/nav/portalfooterAll.xhtml
lr-x--. 1 f4mHttp f4mHttp 64 May 16 09:02 264 ->
/f4m/tomcat/tomcat_f4mbscrm/webapps/ACM/form/partner/crmpartner.xhtml
lr-x--. 1 f4mHttp f4mHttp 64 May 16 09:02 266 ->
/f4m/tomcat/tomcat_f4mbscrm/webapps/ACM/form/partner/crmpartner.xhtml
lr-x--. 1 f4mHttp f4mHttp 64 May 16 09:02 267 ->
/f4m/tomcat/tomcat_f4mbscrm/webapps/ACM/form/portal/nav/portalheader.xhtml
lr-x--. 1 f4mHttp f4mHttp 64 May 16 09:02 268 ->
/f4m/tomcat/tomcat_f4mbscrm/webapps/ACM/form/portal/customizing/nav/menu.xhtml
lr-x--. 1 f4mHttp f4mHttp 64 May 16 08:58 27 ->
/f4m/tomcat/tomcat_f4mbscrm/lib/catalina-ha.jar
lr-x--

[Bug 63441] Changes made to newly created session not replicated

2019-05-16 Thread bugzilla
https://bz.apache.org/bugzilla/show_bug.cgi?id=63441

Mark Thomas  changed:

   What|Removed |Added

 Status|NEW |RESOLVED
 Resolution|--- |FIXED

--- Comment #3 from Mark Thomas  ---
Fixed in:
- master for 9.0.21 onwards
- 8.5.x for 8.5.42 onwards
- 7.0.x for 7.0.95 onwards

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



[Bug 62841] Refactor DeltaSession locking

2019-05-16 Thread bugzilla
https://bz.apache.org/bugzilla/show_bug.cgi?id=62841

Mark Thomas  changed:

   What|Removed |Added

 Resolution|--- |FIXED
 Status|NEW |RESOLVED

--- Comment #1 from Mark Thomas  ---
Fixed in:
- master for 9.0.21 onwards
- 8.5.x for 8.5.42 onwards
- 7.0.x for 7.0.95 onwards

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



  1   2   3   4   5   6   7   8   9   10   >