[VOTE] Release Apache Tomcat 8.0.32

classic Classic list List threaded Threaded
23 messages Options
12
Reply | Threaded
Open this post in threaded view
|

[VOTE] Release Apache Tomcat 8.0.32

Mark Thomas-2
The proposed Apache Tomcat 8.0.32 release is now available for voting.

The main changes since 8.0.30 are:

- Restore the default for mapperContextRootRedirectEnabled to true

- Update the packaged version of the Tomcat Native Library to 1.2.4
  to pick up the Windows binaries that are based on OpenSSL 1.0.2e

- Expand session attribute filtering on load/unload to all managers

It can be obtained from:
https://dist.apache.org/repos/dist/dev/tomcat/tomcat-8/v8.0.32/
The Maven staging repo is:
https://repository.apache.org/content/repositories/orgapachetomcat-1063/
The svn tag is:
http://svn.apache.org/repos/asf/tomcat/tc8.0.x/tags/TOMCAT_8_0_32/

The proposed 8.0.32 release is:
[ ] Broken - do not release
[ ] Stable - go ahead and release as 8.0.32

---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: [VOTE] Release Apache Tomcat 8.0.32

Mark Thomas-2
On 03/02/2016 09:05, Mark Thomas wrote:

> The proposed Apache Tomcat 8.0.32 release is now available for voting.
>
> The main changes since 8.0.30 are:
>
> - Restore the default for mapperContextRootRedirectEnabled to true
>
> - Update the packaged version of the Tomcat Native Library to 1.2.4
>   to pick up the Windows binaries that are based on OpenSSL 1.0.2e
>
> - Expand session attribute filtering on load/unload to all managers
>
> It can be obtained from:
> https://dist.apache.org/repos/dist/dev/tomcat/tomcat-8/v8.0.32/
> The Maven staging repo is:
> https://repository.apache.org/content/repositories/orgapachetomcat-1063/
> The svn tag is:
> http://svn.apache.org/repos/asf/tomcat/tc8.0.x/tags/TOMCAT_8_0_32/
>
> The proposed 8.0.32 release is:
> [ ] Broken - do not release
> [X] Stable - go ahead and release as 8.0.32

Unit tests pass on OSX, Linux and Windows with 64-bit Java. Tested BIO,
NIO, NIO2 and APR/native

Mark


---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: [VOTE] Release Apache Tomcat 8.0.32

Christopher Schultz-2
In reply to this post by Mark Thomas-2
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Mark,

On 2/3/16 4:05 AM, Mark Thomas wrote:

> The proposed Apache Tomcat 8.0.32 release is now available for
> voting.
>
> The main changes since 8.0.30 are:
>
> - Restore the default for mapperContextRootRedirectEnabled to true
>
> - Update the packaged version of the Tomcat Native Library to
> 1.2.4 to pick up the Windows binaries that are based on OpenSSL
> 1.0.2e
>
> - Expand session attribute filtering on load/unload to all
> managers
>
> It can be obtained from:
> https://dist.apache.org/repos/dist/dev/tomcat/tomcat-8/v8.0.32/ The
> Maven staging repo is:
> https://repository.apache.org/content/repositories/orgapachetomcat-106
3/
>
>
The svn tag is:
> http://svn.apache.org/repos/asf/tomcat/tc8.0.x/tags/TOMCAT_8_0_32/
>
> The proposed 8.0.32 release is: [ ] Broken - do not release [ ]
> Stable - go ahead and release as 8.0.32

tcnative bundled with 8.0.32 fails to compile on my system against
OpenSSL 1.0.1e (Debian). It looks like they may not have back-ported
some expected changes from 1.0.1[latest]:

src/sslcontext.c: In function
'Java_org_apache_tomcat_jni_SSLContext_setCertificateRaw':
src/sslcontext.c:1079:5: error: 'eckey' undeclared (first use in this
function)
src/sslcontext.c:1079:5: note: each undeclared identifier is reported
only once for each function it appears in
make[1]: *** [src/sslcontext.lo] Error 1

I'm going to have a look at this.

- -chris
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iEYEARECAAYFAlayIs4ACgkQ9CaO5/Lv0PCWvACfTzJRtL1uawniy2J+wkyhT/xw
Sv0AoKr7OHzogpcZ9LhV2dHY+IOr7GRz
=C4ZZ
-----END PGP SIGNATURE-----

---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: [VOTE] Release Apache Tomcat 8.0.32

Christopher Schultz-2
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

All,

On 2/3/16 10:54 AM, Christopher Schultz wrote:

> Mark,
>
> On 2/3/16 4:05 AM, Mark Thomas wrote:
>> The proposed Apache Tomcat 8.0.32 release is now available for
>> voting.
>
>> The main changes since 8.0.30 are:
>
>> - Restore the default for mapperContextRootRedirectEnabled to
>> true
>
>> - Update the packaged version of the Tomcat Native Library to
>> 1.2.4 to pick up the Windows binaries that are based on OpenSSL
>> 1.0.2e
>
>> - Expand session attribute filtering on load/unload to all
>> managers
>
>> It can be obtained from:
>> https://dist.apache.org/repos/dist/dev/tomcat/tomcat-8/v8.0.32/
>> The Maven staging repo is:
>> https://repository.apache.org/content/repositories/orgapachetomcat-10
6
>
>>
3/

>
>
> The svn tag is:
>> http://svn.apache.org/repos/asf/tomcat/tc8.0.x/tags/TOMCAT_8_0_32/
>
>>  The proposed 8.0.32 release is: [ ] Broken - do not release [ ]
>> Stable - go ahead and release as 8.0.32
>
> tcnative bundled with 8.0.32 fails to compile on my system against
> OpenSSL 1.0.1e (Debian). It looks like they may not have
> back-ported some expected changes from 1.0.1[latest]:
>
> src/sslcontext.c: In function
> 'Java_org_apache_tomcat_jni_SSLContext_setCertificateRaw':
> src/sslcontext.c:1079:5: error: 'eckey' undeclared (first use in
> this function) src/sslcontext.c:1079:5: note: each undeclared
> identifier is reported only once for each function it appears in
> make[1]: *** [src/sslcontext.lo] Error 1
>
> I'm going to have a look at this.

This looks like a bug.

- From sslcontext.c, starting at line 977:

TCN_IMPLEMENT_CALL(jboolean, SSLContext,
setCertificateRaw)(TCN_STDARGS, jlong ctx,
                                                         jbyteArray
javaCert, jbyteArray javaKey, jint idx)
{
#ifdef HAVE_ECC
#if defined(SSL_CTX_set_ecdh_auto)
    EC_KEY *eckey = NULL;
#endif
#endif


[...]

#ifdef HAVE_ECC
    /*
     * TODO try to read the ECDH curve name from somewhere...
     */
#if defined(SSL_CTX_set_ecdh_auto)
    SSL_CTX_set_ecdh_auto(c->ctx, 1);
#else
    eckey = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);
    SSL_CTX_set_tmp_ecdh(c->ctx, eckey);
    EC_KEY_free(eckey);
#endif
#endif

The local variable 'eckey' is defined only if both HAVE_ECC and
SSL_CTX_set_ecdh_auto are defined, but in the lower usage, eckey is
ignored when SSL_CTX_set_ecdh_auto is set and used when it is not set.

I suspect the intended implementation was to have the upper #ifdef
SSL_CTX_set_ecdh_auto actually be "#ifndef" instead.

I think we have to re-roll the release since tcnative is broken.

- -chris
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iEYEARECAAYFAlayJBsACgkQ9CaO5/Lv0PDbFACdEGOM2OHkM07KwSUcBG+Ip7QV
bXAAoMDKiAxfCN5wIZw1oHNRXNSQmKhs
=XvQw
-----END PGP SIGNATURE-----

---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: [VOTE] Release Apache Tomcat 8.0.32

Mark Thomas-2
On 03/02/2016 16:00, Christopher Schultz wrote:

> All,
>
> On 2/3/16 10:54 AM, Christopher Schultz wrote:
>> Mark,
>
>> On 2/3/16 4:05 AM, Mark Thomas wrote:
>>> The proposed Apache Tomcat 8.0.32 release is now available for
>>> voting.
>
>>> The main changes since 8.0.30 are:
>
>>> - Restore the default for mapperContextRootRedirectEnabled to
>>> true
>
>>> - Update the packaged version of the Tomcat Native Library to
>>> 1.2.4 to pick up the Windows binaries that are based on OpenSSL
>>> 1.0.2e
>
>>> - Expand session attribute filtering on load/unload to all
>>> managers
>
>>> It can be obtained from:
>>> https://dist.apache.org/repos/dist/dev/tomcat/tomcat-8/v8.0.32/
>>> The Maven staging repo is:
>>> https://repository.apache.org/content/repositories/orgapachetomcat-10
> 6
>
>>>
> 3/
>
>
>> The svn tag is:
>>> http://svn.apache.org/repos/asf/tomcat/tc8.0.x/tags/TOMCAT_8_0_32/
>
>>>  The proposed 8.0.32 release is: [ ] Broken - do not release [ ]
>>> Stable - go ahead and release as 8.0.32
>
>> tcnative bundled with 8.0.32 fails to compile on my system against
>> OpenSSL 1.0.1e (Debian). It looks like they may not have
>> back-ported some expected changes from 1.0.1[latest]:
>
>> src/sslcontext.c: In function
>> 'Java_org_apache_tomcat_jni_SSLContext_setCertificateRaw':
>> src/sslcontext.c:1079:5: error: 'eckey' undeclared (first use in
>> this function) src/sslcontext.c:1079:5: note: each undeclared
>> identifier is reported only once for each function it appears in
>> make[1]: *** [src/sslcontext.lo] Error 1
>
>> I'm going to have a look at this.
>
> This looks like a bug.
>
> - From sslcontext.c, starting at line 977:
>
> TCN_IMPLEMENT_CALL(jboolean, SSLContext,
> setCertificateRaw)(TCN_STDARGS, jlong ctx,
>                                                          jbyteArray
> javaCert, jbyteArray javaKey, jint idx)
> {
> #ifdef HAVE_ECC
> #if defined(SSL_CTX_set_ecdh_auto)
>     EC_KEY *eckey = NULL;
> #endif
> #endif
>
>
> [...]
>
> #ifdef HAVE_ECC
>     /*
>      * TODO try to read the ECDH curve name from somewhere...
>      */
> #if defined(SSL_CTX_set_ecdh_auto)
>     SSL_CTX_set_ecdh_auto(c->ctx, 1);
> #else
>     eckey = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);
>     SSL_CTX_set_tmp_ecdh(c->ctx, eckey);
>     EC_KEY_free(eckey);
> #endif
> #endif
>
> The local variable 'eckey' is defined only if both HAVE_ECC and
> SSL_CTX_set_ecdh_auto are defined, but in the lower usage, eckey is
> ignored when SSL_CTX_set_ecdh_auto is set and used when it is not set.
>
> I suspect the intended implementation was to have the upper #ifdef
> SSL_CTX_set_ecdh_auto actually be "#ifndef" instead.
>
> I think we have to re-roll the release since tcnative is broken.

Irrespective of the above, tc-native 1.2.x requires OpenSSL 1.0.2. If
you build with 1.0.2 then you should avoid this bug. It looks like the
change that introduced that was unnecessary.

Mark

---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: [VOTE] Release Apache Tomcat 8.0.32

Christopher Schultz-2
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Mark,

On 2/3/16 1:01 PM, Mark Thomas wrote:

> On 03/02/2016 16:00, Christopher Schultz wrote:
>> All,
>>
>> On 2/3/16 10:54 AM, Christopher Schultz wrote:
>>> Mark,
>>
>>> On 2/3/16 4:05 AM, Mark Thomas wrote:
>>>> The proposed Apache Tomcat 8.0.32 release is now available
>>>> for voting.
>>
>>>> The main changes since 8.0.30 are:
>>
>>>> - Restore the default for mapperContextRootRedirectEnabled
>>>> to true
>>
>>>> - Update the packaged version of the Tomcat Native Library to
>>>>  1.2.4 to pick up the Windows binaries that are based on
>>>> OpenSSL 1.0.2e
>>
>>>> - Expand session attribute filtering on load/unload to all
>>>> managers
>>
>>>> It can be obtained from:
>>>> https://dist.apache.org/repos/dist/dev/tomcat/tomcat-8/v8.0.32/
>>>>
>>>>
The Maven staging repo is:
>>>> https://repository.apache.org/content/repositories/orgapachetomcat-
10
>>
>>>>
6

>>
>>>>
>> 3/
>>
>>
>>> The svn tag is:
>>>> http://svn.apache.org/repos/asf/tomcat/tc8.0.x/tags/TOMCAT_8_0_32/
>>
>>>>
>>>>
The proposed 8.0.32 release is: [ ] Broken - do not release [ ]

>>>> Stable - go ahead and release as 8.0.32
>>
>>> tcnative bundled with 8.0.32 fails to compile on my system
>>> against OpenSSL 1.0.1e (Debian). It looks like they may not
>>> have back-ported some expected changes from 1.0.1[latest]:
>>
>>> src/sslcontext.c: In function
>>> 'Java_org_apache_tomcat_jni_SSLContext_setCertificateRaw':
>>> src/sslcontext.c:1079:5: error: 'eckey' undeclared (first use
>>> in this function) src/sslcontext.c:1079:5: note: each
>>> undeclared identifier is reported only once for each function
>>> it appears in make[1]: *** [src/sslcontext.lo] Error 1
>>
>>> I'm going to have a look at this.
>>
>> This looks like a bug.
>>
>> - From sslcontext.c, starting at line 977:
>>
>> TCN_IMPLEMENT_CALL(jboolean, SSLContext,
>> setCertificateRaw)(TCN_STDARGS, jlong ctx, jbyteArray javaCert,
>> jbyteArray javaKey, jint idx) { #ifdef HAVE_ECC #if
>> defined(SSL_CTX_set_ecdh_auto) EC_KEY *eckey = NULL; #endif
>> #endif
>>
>>
>> [...]
>>
>> #ifdef HAVE_ECC /* * TODO try to read the ECDH curve name from
>> somewhere... */ #if defined(SSL_CTX_set_ecdh_auto)
>> SSL_CTX_set_ecdh_auto(c->ctx, 1); #else eckey =
>> EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);
>> SSL_CTX_set_tmp_ecdh(c->ctx, eckey); EC_KEY_free(eckey); #endif
>> #endif
>>
>> The local variable 'eckey' is defined only if both HAVE_ECC and
>> SSL_CTX_set_ecdh_auto are defined, but in the lower usage, eckey
>> is ignored when SSL_CTX_set_ecdh_auto is set and used when it is
>> not set.
>>
>> I suspect the intended implementation was to have the upper
>> #ifdef SSL_CTX_set_ecdh_auto actually be "#ifndef" instead.
>>
>> I think we have to re-roll the release since tcnative is broken.
>
> Irrespective of the above, tc-native 1.2.x requires OpenSSL 1.0.2.
> If you build with 1.0.2 then you should avoid this bug. It looks
> like the change that introduced that was unnecessary.

Oh, grumble, I forgot we the a whole-point upgrade of tcnative in a
stable Tomcat release. :( We probably shouldn't have done that.

I'll see about using OpenSSL 1.0.2 and re-test.

- -chris
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iEYEARECAAYFAlayYNoACgkQ9CaO5/Lv0PCn5wCfUeJBtw9MKdaeV1rlC1WDsbJi
vg0AoKsZ7trE5RB5GBw9N0cdjoM5HLTk
=PWmb
-----END PGP SIGNATURE-----

---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: [VOTE] Release Apache Tomcat 8.0.32

Violeta Georgieva-2
In reply to this post by Mark Thomas-2
Hi,

2016-02-03 11:05 GMT+02:00 Mark Thomas <[hidden email]>:

>
> The proposed Apache Tomcat 8.0.32 release is now available for voting.
>
> The main changes since 8.0.30 are:
>
> - Restore the default for mapperContextRootRedirectEnabled to true
>
> - Update the packaged version of the Tomcat Native Library to 1.2.4
>   to pick up the Windows binaries that are based on OpenSSL 1.0.2e
>
> - Expand session attribute filtering on load/unload to all managers
>
> It can be obtained from:
> https://dist.apache.org/repos/dist/dev/tomcat/tomcat-8/v8.0.32/
> The Maven staging repo is:
> https://repository.apache.org/content/repositories/orgapachetomcat-1063/
> The svn tag is:
> http://svn.apache.org/repos/asf/tomcat/tc8.0.x/tags/TOMCAT_8_0_32/
>
> The proposed 8.0.32 release is:
> [ ] Broken - do not release
> [X] Stable - go ahead and release as 8.0.32

Checked with applications that use the specification's features -
successful.
Tested Tomcat in OSGi environment - successful.

Regards,
Violeta

> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [hidden email]
> For additional commands, e-mail: [hidden email]
>
Reply | Threaded
Open this post in threaded view
|

Re: [VOTE] Release Apache Tomcat 8.0.32

Christopher Schultz-2
In reply to this post by Christopher Schultz-2
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Mark,

On 2/3/16 3:19 PM, Christopher Schultz wrote:

> Mark,
>
> On 2/3/16 1:01 PM, Mark Thomas wrote:
>> On 03/02/2016 16:00, Christopher Schultz wrote:
>>> All,
>>>
>>> On 2/3/16 10:54 AM, Christopher Schultz wrote:
>>>> Mark,
>>>
>>>> On 2/3/16 4:05 AM, Mark Thomas wrote:
>>>>> The proposed Apache Tomcat 8.0.32 release is now available
>>>>> for voting.
>>>
>>>>> The main changes since 8.0.30 are:
>>>
>>>>> - Restore the default for mapperContextRootRedirectEnabled
>>>>> to true
>>>
>>>>> - Update the packaged version of the Tomcat Native Library
>>>>> to 1.2.4 to pick up the Windows binaries that are based on
>>>>> OpenSSL 1.0.2e
>>>
>>>>> - Expand session attribute filtering on load/unload to all
>>>>>  managers
>>>
>>>>> It can be obtained from:
>>>>> https://dist.apache.org/repos/dist/dev/tomcat/tomcat-8/v8.0.32/
>>>>>
>>>>>
>
>>>>>
The Maven staging repo is:
>>>>> https://repository.apache.org/content/repositories/orgapachetomcat
- -
>
>>>>>
10

>>>
>>>>>
> 6
>>>
>>>>>
>>> 3/
>>>
>>>
>>>> The svn tag is:
>>>>> http://svn.apache.org/repos/asf/tomcat/tc8.0.x/tags/TOMCAT_8_0_32/
>>>
>>>>>
>>>>>
>
>>>>>
The proposed 8.0.32 release is: [ ] Broken - do not release [ ]

>>>>> Stable - go ahead and release as 8.0.32
>>>
>>>> tcnative bundled with 8.0.32 fails to compile on my system
>>>> against OpenSSL 1.0.1e (Debian). It looks like they may not
>>>> have back-ported some expected changes from 1.0.1[latest]:
>>>
>>>> src/sslcontext.c: In function
>>>> 'Java_org_apache_tomcat_jni_SSLContext_setCertificateRaw':
>>>> src/sslcontext.c:1079:5: error: 'eckey' undeclared (first
>>>> use in this function) src/sslcontext.c:1079:5: note: each
>>>> undeclared identifier is reported only once for each
>>>> function it appears in make[1]: *** [src/sslcontext.lo] Error
>>>> 1
>>>
>>>> I'm going to have a look at this.
>>>
>>> This looks like a bug.
>>>
>>> - From sslcontext.c, starting at line 977:
>>>
>>> TCN_IMPLEMENT_CALL(jboolean, SSLContext,
>>> setCertificateRaw)(TCN_STDARGS, jlong ctx, jbyteArray
>>> javaCert, jbyteArray javaKey, jint idx) { #ifdef HAVE_ECC #if
>>> defined(SSL_CTX_set_ecdh_auto) EC_KEY *eckey = NULL; #endif
>>> #endif
>>>
>>>
>>> [...]
>>>
>>> #ifdef HAVE_ECC /* * TODO try to read the ECDH curve name from
>>> somewhere... */ #if defined(SSL_CTX_set_ecdh_auto)
>>> SSL_CTX_set_ecdh_auto(c->ctx, 1); #else eckey =
>>> EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);
>>> SSL_CTX_set_tmp_ecdh(c->ctx, eckey); EC_KEY_free(eckey); #endif
>>>  #endif
>>>
>>> The local variable 'eckey' is defined only if both HAVE_ECC and
>>>  SSL_CTX_set_ecdh_auto are defined, but in the lower usage,
>>> eckey is ignored when SSL_CTX_set_ecdh_auto is set and used
>>> when it is not set.
>>>
>>> I suspect the intended implementation was to have the upper
>>> #ifdef SSL_CTX_set_ecdh_auto actually be "#ifndef" instead.
>>>
>>> I think we have to re-roll the release since tcnative is
>>> broken.
>
>> Irrespective of the above, tc-native 1.2.x requires OpenSSL
>> 1.0.2. If you build with 1.0.2 then you should avoid this bug. It
>> looks like the change that introduced that was unnecessary.
>
> Oh, grumble, I forgot we the a whole-point upgrade of tcnative in
> a stable Tomcat release. :( We probably shouldn't have done that.
>
> I'll see about using OpenSSL 1.0.2 and re-test.

If tcnative requires OpenSSL 1.0.2 or later, then the configure script
should complain when it's not available. I've never been able to
figure out how to do anything with GNU-style configure scripts, m4,
etc. so I can't unfortunately do anything about it.

Looks like I get to build OpenSSL from source. Thanks, Debian. At
least it's easy on *NIX. Building it on Windows is a bloody nightmare.

- -chris
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iEYEARECAAYFAlayaegACgkQ9CaO5/Lv0PA+NwCfcqIe29tfa7Xcp09XeaVGgXdG
jOMAoMOhGA/MCXlnSN3EvLQCPNEAmO6a
=ULQ5
-----END PGP SIGNATURE-----

---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: [VOTE] Release Apache Tomcat 8.0.32

kfujino
In reply to this post by Mark Thomas-2
2016-02-03 18:05 GMT+09:00 Mark Thomas <[hidden email]>:

> The proposed Apache Tomcat 8.0.32 release is now available for voting.
>
> The main changes since 8.0.30 are:
>
> - Restore the default for mapperContextRootRedirectEnabled to true
>
> - Update the packaged version of the Tomcat Native Library to 1.2.4
>   to pick up the Windows binaries that are based on OpenSSL 1.0.2e
>
> - Expand session attribute filtering on load/unload to all managers
>
> It can be obtained from:
> https://dist.apache.org/repos/dist/dev/tomcat/tomcat-8/v8.0.32/
> The Maven staging repo is:
> https://repository.apache.org/content/repositories/orgapachetomcat-1063/
> The svn tag is:
> http://svn.apache.org/repos/asf/tomcat/tc8.0.x/tags/TOMCAT_8_0_32/
>
> The proposed 8.0.32 release is:
> [ ] Broken - do not release
> [X] Stable - go ahead and release as 8.0.32
>
>
+1
Tested on sample test applications (use DeltaManager and BackupManager).
Works fine.



> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [hidden email]
> For additional commands, e-mail: [hidden email]
>
> --
> Keiichi.Fujino
> <[hidden email]>

<[hidden email]>
Reply | Threaded
Open this post in threaded view
|

Re: [VOTE] Release Apache Tomcat 8.0.32

Rémy Maucherat
In reply to this post by Mark Thomas-2
2016-02-03 10:05 GMT+01:00 Mark Thomas <[hidden email]>:

> The proposed 8.0.32 release is:
> [ ] Broken - do not release
> [X] Stable - go ahead and release as 8.0.32
>
> Rémy
Reply | Threaded
Open this post in threaded view
|

Re: [VOTE] Release Apache Tomcat 8.0.32

Felix Schumacher
In reply to this post by Mark Thomas-2
Am 03.02.2016 um 10:05 schrieb Mark Thomas:

> The proposed Apache Tomcat 8.0.32 release is now available for voting.
>
> The main changes since 8.0.30 are:
>
> - Restore the default for mapperContextRootRedirectEnabled to true
>
> - Update the packaged version of the Tomcat Native Library to 1.2.4
>    to pick up the Windows binaries that are based on OpenSSL 1.0.2e
>
> - Expand session attribute filtering on load/unload to all managers
>
> It can be obtained from:
> https://dist.apache.org/repos/dist/dev/tomcat/tomcat-8/v8.0.32/
> The Maven staging repo is:
> https://repository.apache.org/content/repositories/orgapachetomcat-1063/
> The svn tag is:
> http://svn.apache.org/repos/asf/tomcat/tc8.0.x/tags/TOMCAT_8_0_32/
>
> The proposed 8.0.32 release is:
> [ ] Broken - do not release
> [x] Stable - go ahead and release as 8.0.32

Regards,
  Felix
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [hidden email]
> For additional commands, e-mail: [hidden email]
>


---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: [VOTE] Release Apache Tomcat 8.0.32

Martin Grigorov
In reply to this post by Mark Thomas-2
On Wed, Feb 3, 2016 at 10:05 AM, Mark Thomas <[hidden email]> wrote:

> The proposed Apache Tomcat 8.0.32 release is now available for voting.
>
> The main changes since 8.0.30 are:
>
> - Restore the default for mapperContextRootRedirectEnabled to true
>
> - Update the packaged version of the Tomcat Native Library to 1.2.4
>   to pick up the Windows binaries that are based on OpenSSL 1.0.2e
>
> - Expand session attribute filtering on load/unload to all managers
>
> It can be obtained from:
> https://dist.apache.org/repos/dist/dev/tomcat/tomcat-8/v8.0.32/
> The Maven staging repo is:
> https://repository.apache.org/content/repositories/orgapachetomcat-1063/
> The svn tag is:
> http://svn.apache.org/repos/asf/tomcat/tc8.0.x/tags/TOMCAT_8_0_32/
>
> The proposed 8.0.32 release is:
> [ ] Broken - do not release
> [ X ] Stable - go ahead and release as 8.0.32
>
>
Regards,
Martin


> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [hidden email]
> For additional commands, e-mail: [hidden email]
>
>
Reply | Threaded
Open this post in threaded view
|

Re: [VOTE] Release Apache Tomcat 8.0.32

Rainer Jung-3
In reply to this post by Mark Thomas-2
Am 03.02.2016 um 10:05 schrieb Mark Thomas:

> The proposed Apache Tomcat 8.0.32 release is now available for voting.
>
> The main changes since 8.0.30 are:
>
> - Restore the default for mapperContextRootRedirectEnabled to true
>
> - Update the packaged version of the Tomcat Native Library to 1.2.4
>    to pick up the Windows binaries that are based on OpenSSL 1.0.2e
>
> - Expand session attribute filtering on load/unload to all managers
>
> It can be obtained from:
> https://dist.apache.org/repos/dist/dev/tomcat/tomcat-8/v8.0.32/
> The Maven staging repo is:
> https://repository.apache.org/content/repositories/orgapachetomcat-1063/
> The svn tag is:
> http://svn.apache.org/repos/asf/tomcat/tc8.0.x/tags/TOMCAT_8_0_32/
>
> The proposed 8.0.32 release is:
> [ ] Broken - do not release
> [ ] Stable - go ahead and release as 8.0.32

Preliminary result: I see a hang in org.apache.tomcat.util.net.TestSsl
for NIO2. It hangs now since about 4 hours. Stack:

     [junit] "main" prio=3 tid=0x0002a800 nid=0x2 runnable [0xfdf7d000]
     [junit]    java.lang.Thread.State: RUNNABLE
     [junit]     at java.net.SocketInputStream.socketRead0(Native Method)
     [junit]     at
java.net.SocketInputStream.read(SocketInputStream.java:152)
     [junit]     at
java.net.SocketInputStream.read(SocketInputStream.java:122)
     [junit]     at
sun.security.ssl.InputRecord.readFully(InputRecord.java:442)
     [junit]     at sun.security.ssl.InputRecord.read(InputRecord.java:480)
     [junit]     at
sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:934)
     [junit]     - locked <0xe6b5b818> (a java.lang.Object)
     [junit]     at
sun.security.ssl.SSLSocketImpl.readDataRecord(SSLSocketImpl.java:891)
     [junit]     at
sun.security.ssl.AppInputStream.read(AppInputStream.java:102)
     [junit]     - locked <0xe6b75ee0> (a sun.security.ssl.AppInputStream)
     [junit]     at
sun.nio.cs.StreamDecoder.readBytes(StreamDecoder.java:283)
     [junit]     at
sun.nio.cs.StreamDecoder.implRead(StreamDecoder.java:325)
     [junit]     at sun.nio.cs.StreamDecoder.read(StreamDecoder.java:177)
     [junit]     - locked <0xe6b76748> (a java.io.InputStreamReader)
     [junit]     at sun.nio.cs.StreamDecoder.read0(StreamDecoder.java:126)
     [junit]     - locked <0xe6b76748> (a java.io.InputStreamReader)
     [junit]     at sun.nio.cs.StreamDecoder.read(StreamDecoder.java:112)
     [junit]     at
java.io.InputStreamReader.read(InputStreamReader.java:168)
     [junit]     at
org.apache.tomcat.util.net.TestSsl.doRequest(TestSsl.java:159)
     [junit]     at
org.apache.tomcat.util.net.TestSsl.testRenegotiateWorks(TestSsl.java:133)


Due to truss the thread reads from the following connection

127.0.0.1.47878      127.0.0.1.47877      49152      0 49152      0
ESTABLISHED
127.0.0.1.47877      127.0.0.1.47878      49152      0 49306      0
ESTABLISHED

The thread dump does not contain any frames that belong to the client
(as far as I can judge).

I don't know yet, whether I can reproduce. I killed that test and let
the rest run until end first.

Regards,

Rainer


---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: [VOTE] Release Apache Tomcat 8.0.32

Rainer Jung-3
In reply to this post by Christopher Schultz-2
Am 03.02.2016 um 21:58 schrieb Christopher Schultz:
>> Oh, grumble, I forgot we the a whole-point upgrade of tcnative in
>> a stable Tomcat release. :( We probably shouldn't have done that.
>>
>> I'll see about using OpenSSL 1.0.2 and re-test.
>
> If tcnative requires OpenSSL 1.0.2 or later, then the configure script
> should complain when it's not available. I've never been able to
> figure out how to do anything with GNU-style configure scripts, m4,
> etc. so I can't unfortunately do anything about it.

There was a version check already in place since long ago, but it was
actually disabled by default. I turned it on in r1728566.

Regards,

Rainer


---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: [VOTE] Release Apache Tomcat 8.0.32

ognjen
In reply to this post by Mark Thomas-2
On 3.2.2016 10:05, Mark Thomas wrote:
> The proposed 8.0.32 release is:
> [ ] Broken - do not release
> [X] Stable - go ahead and release as 8.0.32

Tested .zip distribution on Windows 7 64-bit, Oracle JDK 1.8.0_71 and
APR/native 1.2.4:

- Tested TLS connectivity for BIO, NIO, NIO2 and APR connectors.

- Crawled most links (except /manager, /host-manager and
/examples/async* and alike). No broken links found.

- Smoke tests of BIO, NIO, NIO2 and APR, with and without TLS, all passed.

- Tested with several webapps that are in active development.

-Ognjen

---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: [VOTE] Release Apache Tomcat 8.0.32

Rainer Jung-3
In reply to this post by Rainer Jung-3
Am 04.02.2016 um 23:44 schrieb Rainer Jung:

> Am 03.02.2016 um 10:05 schrieb Mark Thomas:
>> The proposed Apache Tomcat 8.0.32 release is now available for voting.
>>
>> The main changes since 8.0.30 are:
>>
>> - Restore the default for mapperContextRootRedirectEnabled to true
>>
>> - Update the packaged version of the Tomcat Native Library to 1.2.4
>>    to pick up the Windows binaries that are based on OpenSSL 1.0.2e
>>
>> - Expand session attribute filtering on load/unload to all managers
>>
>> It can be obtained from:
>> https://dist.apache.org/repos/dist/dev/tomcat/tomcat-8/v8.0.32/
>> The Maven staging repo is:
>> https://repository.apache.org/content/repositories/orgapachetomcat-1063/
>> The svn tag is:
>> http://svn.apache.org/repos/asf/tomcat/tc8.0.x/tags/TOMCAT_8_0_32/
>>
>> The proposed 8.0.32 release is:
>> [ ] Broken - do not release
>> [ ] Stable - go ahead and release as 8.0.32
>
> Preliminary result: I see a hang in org.apache.tomcat.util.net.TestSsl
> for NIO2. It hangs now since about 4 hours. Stack:
>
>      [junit] "main" prio=3 tid=0x0002a800 nid=0x2 runnable [0xfdf7d000]
>      [junit]    java.lang.Thread.State: RUNNABLE
>      [junit]     at java.net.SocketInputStream.socketRead0(Native Method)
>      [junit]     at
> java.net.SocketInputStream.read(SocketInputStream.java:152)
>      [junit]     at
> java.net.SocketInputStream.read(SocketInputStream.java:122)
>      [junit]     at
> sun.security.ssl.InputRecord.readFully(InputRecord.java:442)
>      [junit]     at sun.security.ssl.InputRecord.read(InputRecord.java:480)
>      [junit]     at
> sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:934)
>      [junit]     - locked <0xe6b5b818> (a java.lang.Object)
>      [junit]     at
> sun.security.ssl.SSLSocketImpl.readDataRecord(SSLSocketImpl.java:891)
>      [junit]     at
> sun.security.ssl.AppInputStream.read(AppInputStream.java:102)
>      [junit]     - locked <0xe6b75ee0> (a sun.security.ssl.AppInputStream)
>      [junit]     at
> sun.nio.cs.StreamDecoder.readBytes(StreamDecoder.java:283)
>      [junit]     at
> sun.nio.cs.StreamDecoder.implRead(StreamDecoder.java:325)
>      [junit]     at sun.nio.cs.StreamDecoder.read(StreamDecoder.java:177)
>      [junit]     - locked <0xe6b76748> (a java.io.InputStreamReader)
>      [junit]     at sun.nio.cs.StreamDecoder.read0(StreamDecoder.java:126)
>      [junit]     - locked <0xe6b76748> (a java.io.InputStreamReader)
>      [junit]     at sun.nio.cs.StreamDecoder.read(StreamDecoder.java:112)
>      [junit]     at
> java.io.InputStreamReader.read(InputStreamReader.java:168)
>      [junit]     at
> org.apache.tomcat.util.net.TestSsl.doRequest(TestSsl.java:159)
>      [junit]     at
> org.apache.tomcat.util.net.TestSsl.testRenegotiateWorks(TestSsl.java:133)
>
>
> Due to truss the thread reads from the following connection
>
> 127.0.0.1.47878      127.0.0.1.47877      49152      0 49152      0
> ESTABLISHED
> 127.0.0.1.47877      127.0.0.1.47878      49152      0 49306      0
> ESTABLISHED
>
> The thread dump does not contain any frames that belong to the client
> (as far as I can judge).

This is somewhat reproducible for me using Java 1.7.0_80. It occurred 2
times during 10 iterations of only running TestSsl. With Java 1.0.8_72
it does not happen during 20 runs. So it seems to be a Java 7 SSL reneg
issue.

The stack is always the same as above.

One additional observation, maybe related: the access log for the test
running under Java 8 always contains 13 lines. When running under Java
7, even when the test does not hang, the file sometimes contains 12,
sometimes 13 lines. The "missing" line is one of the first two lines. In
the 13 lines case, these are both lines retrieving
/examples/servlets/servlet/HelloWorldExample. The first one 200-500 ms
duration, the second one much faster. In the 12 lines case, there's only
the slow line, the second fast line is missing.

I have a full log with log level FINE for a good and a bad case. The
first lines until

StandardWrapper.allocate Allocating non-STM instance

are the same.

Then the good case:

Time Thread Message
.296 exec-7 process Socket: Status in: [OPEN_READ], State out: [OPEN]
.341 exec-9 process Socket: Status in: [OPEN_READ], State out: [LONG]
.346 exec-10 parseRequestLine
.370 exec-10 process Socket: Status in: [OPEN_READ], State out: [OPEN]
.386 exec-1 parseRequestLine

and the bad case:

Time Thread Message
.213 exec-7 process Socket: Status in: [OPEN_READ], State out: [OPEN]
.248 exec-9 parseRequestLine
.270 exec-9 process Socket: Status in: [OPEN_READ], State out: [OPEN]
.340 exec-10 process Socket: Status in: [OPEN_READ], State out: [LONG]
hang

Looking at more cases, it seems the occurrence of the LONG state can
vary depending on exact timing and also the order in the log might not
always be the order of thing happening.

Here are more complete log snippets:

Good case:

14:55:38.259 exec-5 AbstractProtocol$AbstractConnectionHandler.process
Socket:
[Nio2Endpoint$Nio2SocketWrapper@1ef2ab4:SecureNio2Channel@19c57c7:sun.nio.ch.UnixAsynchronousSocketChannelImpl[connected
local=/127.0.0.1:56258 remote=/127.0.0.1:56259]], Status in:
[OPEN_READ], State out: [LONG]
14:55:38.264 exec-6 http11.AbstractNioInputBuffer.parseRequestLine
Received [GET /tester HTTP/1.1
]
14:55:38.266 exec-6 AbstractProtocol$AbstractConnectionHandler.process
Socket:
[Nio2Endpoint$Nio2SocketWrapper@1ef2ab4:SecureNio2Channel@19c57c7:sun.nio.ch.UnixAsynchronousSocketChannelImpl[connected
local=/127.0.0.1:56258 remote=/127.0.0.1:56259]], Status in:
[OPEN_READ], State out: [LONG]
14:55:38.288 exec-7
org.apache.tomcat.util.http.Parameters.setQueryStringEncoding Set query
string encoding to UTF-8
14:55:38.289 exec-7 CoyoteAdapter.parsePathParameters The variable
[uriBC] has value [/tester]
14:55:38.290 exec-7 CoyoteAdapter.parsePathParameters The variable
[semicolon] has value [-1]
14:55:38.290 exec-7 CoyoteAdapter.parsePathParameters The variable [enc]
has value [utf-8]
14:55:38.291 exec-7 realm.RealmBase.findSecurityConstraints   No
applicable constraints defined
14:55:38.292 exec-7 core.StandardWrapper.allocate Allocating non-STM
instance
14:55:38.296 exec-7 AbstractProtocol$AbstractConnectionHandler.process
Socket:
[Nio2Endpoint$Nio2SocketWrapper@1ef2ab4:SecureNio2Channel@19c57c7:sun.nio.ch.UnixAsynchronousSocketChannelImpl[connected
local=/127.0.0.1:56258 remote=/127.0.0.1:56259]], Status in:
[OPEN_READ], State out: [OPEN]
14:55:38.341 exec-9 AbstractProtocol$AbstractConnectionHandler.process
Socket:
[Nio2Endpoint$Nio2SocketWrapper@1ef2ab4:SecureNio2Channel@19c57c7:sun.nio.ch.UnixAsynchronousSocketChannelImpl[connected
local=/127.0.0.1:56258 remote=/127.0.0.1:56259]], Status in:
[OPEN_READ], State out: [LONG]
14:55:38.346 exec-10 http11.AbstractNioInputBuffer.parseRequestLine
Received [GET /tester HTTP/1.1
Host: localhost
Connection: Keep-Alive

]
14:55:38.348 exec-10 CoyoteAdapter.parsePathParameters The variable
[uriBC] has value [/tester]
14:55:38.348 exec-10 CoyoteAdapter.parsePathParameters The variable
[semicolon] has value [-1]
14:55:38.348 exec-10 CoyoteAdapter.parsePathParameters The variable
[enc] has value [utf-8]
14:55:38.349 exec-10 realm.RealmBase.findSecurityConstraints   No
applicable constraints defined
14:55:38.370 exec-10 AbstractProtocol$AbstractConnectionHandler.process
Socket:
[Nio2Endpoint$Nio2SocketWrapper@1ef2ab4:SecureNio2Channel@19c57c7:sun.nio.ch.UnixAsynchronousSocketChannelImpl[connected
local=/127.0.0.1:56258 remote=/127.0.0.1:56259]], Status in:
[OPEN_READ], State out: [OPEN]
14:55:38.386 exec-1 http11.AbstractNioInputBuffer.parseRequestLine
Received [GET /tester HTTP/1.1
Host: localhost
Connection: Keep-Alive

]
14:55:38.387 exec-1 CoyoteAdapter.parsePathParameters The variable
[uriBC] has value [/tester]
14:55:38.387 exec-1 CoyoteAdapter.parsePathParameters The variable
[semicolon] has value [-1]
14:55:38.388 exec-1 CoyoteAdapter.parsePathParameters The variable [enc]
has value [utf-8]
14:55:38.388 exec-1 realm.RealmBase.findSecurityConstraints   No
applicable constraints defined


Bad case:

14:48:35.193 exec-5 AbstractProtocol$AbstractConnectionHandler.process
Socket:
[Nio2Endpoint$Nio2SocketWrapper@90b907:SecureNio2Channel@11ae512:sun.nio.ch.UnixAsynchronousSocketChannelImpl[connected
local=/127.0.0.1:56236 remote=/127.0.0.1:56237]], Status in:
[OPEN_READ], State out: [LONG]
14:48:35.197 exec-6 http11.AbstractNioInputBuffer.parseRequestLine
Received [GET /tester HTTP/1.1
]
14:48:35.198 exec-6 AbstractProtocol$AbstractConnectionHandler.process
Socket:
[Nio2Endpoint$Nio2SocketWrapper@90b907:SecureNio2Channel@11ae512:sun.nio.ch.UnixAsynchronousSocketChannelImpl[connected
local=/127.0.0.1:56236 remote=/127.0.0.1:56237]], Status in:
[OPEN_READ], State out: [LONG]
14:48:35.205 exec-7
org.apache.tomcat.util.http.Parameters.setQueryStringEncoding Set query
string encoding to UTF-8
14:48:35.206 exec-7 CoyoteAdapter.parsePathParameters The variable
[uriBC] has value [/tester]
14:48:35.206 exec-7 CoyoteAdapter.parsePathParameters The variable
[semicolon] has value [-1]
14:48:35.206 exec-7 CoyoteAdapter.parsePathParameters The variable [enc]
has value [utf-8]
14:48:35.208 exec-7 realm.RealmBase.findSecurityConstraints   No
applicable constraints defined
14:48:35.208 exec-7 core.StandardWrapper.allocate Allocating non-STM
instance
14:48:35.213 exec-7 AbstractProtocol$AbstractConnectionHandler.process
Socket:
[Nio2Endpoint$Nio2SocketWrapper@90b907:SecureNio2Channel@11ae512:sun.nio.ch.UnixAsynchronousSocketChannelImpl[connected
local=/127.0.0.1:56236 remote=/127.0.0.1:56237]], Status in:
[OPEN_READ], State out: [OPEN]
14:48:35.248 exec-9 http11.AbstractNioInputBuffer.parseRequestLine
Received [GET /tester HTTP/1.1
Host: localhost
Connection: Keep-Alive

]
14:48:35.249 exec-9 CoyoteAdapter.parsePathParameters The variable
[uriBC] has value [/tester]
14:48:35.250 exec-9 CoyoteAdapter.parsePathParameters The variable
[semicolon] has value [-1]
14:48:35.250 exec-9 CoyoteAdapter.parsePathParameters The variable [enc]
has value [utf-8]
14:48:35.251 exec-9 realm.RealmBase.findSecurityConstraints   No
applicable constraints defined
14:48:35.270 exec-9 AbstractProtocol$AbstractConnectionHandler.process
Socket:
[Nio2Endpoint$Nio2SocketWrapper@90b907:SecureNio2Channel@11ae512:sun.nio.ch.UnixAsynchronousSocketChannelImpl[connected
local=/127.0.0.1:56236 remote=/127.0.0.1:56237]], Status in:
[OPEN_READ], State out: [OPEN]
14:48:35.340 exec-10 AbstractProtocol$AbstractConnectionHandler.process
Socket:
[Nio2Endpoint$Nio2SocketWrapper@90b907:SecureNio2Channel@11ae512:sun.nio.ch.UnixAsynchronousSocketChannelImpl[connected
local=/127.0.0.1:56236 remote=/127.0.0.1:56237]], Status in:
[OPEN_READ], State out: [LONG]

then hangs.

Regards,

Rainer

---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: [VOTE] Release Apache Tomcat 8.0.32

Christopher Schultz-2
In reply to this post by Mark Thomas-2
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Mark,

On 2/3/16 4:05 AM, Mark Thomas wrote:

> The proposed Apache Tomcat 8.0.32 release is now available for
> voting.
>
> The main changes since 8.0.30 are:
>
> - Restore the default for mapperContextRootRedirectEnabled to true
>
> - Update the packaged version of the Tomcat Native Library to
> 1.2.4 to pick up the Windows binaries that are based on OpenSSL
> 1.0.2e
>
> - Expand session attribute filtering on load/unload to all
> managers
>
> It can be obtained from:
> https://dist.apache.org/repos/dist/dev/tomcat/tomcat-8/v8.0.32/ The
> Maven staging repo is:
> https://repository.apache.org/content/repositories/orgapachetomcat-106
3/
>
>
The svn tag is:
> http://svn.apache.org/repos/asf/tomcat/tc8.0.x/tags/TOMCAT_8_0_32/
>
> The proposed 8.0.32 release is: [ ] Broken - do not release [X]
> Stable - go ahead and release as 8.0.32

Tested in development environment at $work.

Details:

* Environment
*  Java (build):     java version "1.8.0_60" Java(TM) SE Runtime
Environment (build 1.8.0_60-b27) Java HotSpot(TM) 64-Bit Server VM
(build 25.60-b23, mixed mode)
*  Java (test):     java version "1.8.0_60" Java(TM) SE Runtime
Environment (build 1.8.0_60-b27) Java HotSpot(TM) 64-Bit Server VM
(build 25.60-b23, mixed mode)
*  OS:       Linux 2.6.32-312-ec2 x86_64
*  cc:       cc (Debian 4.7.2-5) 4.7.2
*  make:     GNU Make 3.81
*  OpenSSL:  OpenSSL 1.0.2f 28 Jan 2016 (Library: OpenSSL 1.0.1e 11
Feb 2013)
*  APR:      1.4.6
*
* Valid MD5 signature for apache-tomcat-8.0.32.zip
* Valid GPG signature for apache-tomcat-8.0.32.zip
* Valid MD5 signature for apache-tomcat-8.0.32.tar.gz
* Valid GPG signature for apache-tomcat-8.0.32.tar.gz
* Valid MD5 signature for apache-tomcat-8.0.32.exe
* Valid GPG signature for apache-tomcat-8.0.32.exe
* Valid MD5 signature for apache-tomcat-8.0.32-src.zip
* Valid GPG signature for apache-tomcat-8.0.32-src.zip
* Valid MD5 signature for apache-tomcat-8.0.32-src.tar.gz
* Valid GPG signature for apache-tomcat-8.0.32-src.tar.gz
*
* Binary Zip and tarball: Same
* Source Zip and tarball: Same
*
* Building dependencies returned: 0
* tcnative builds cleanly
* Tomcat builds cleanly

The following unit tests are known to fail in my environment, and do
not represent any concerns.

* Junit Tests: FAILED
*
* Tests that failed:
* org.apache.catalina.session.TestStandardSessionIntegration.APR.txt
* org.apache.catalina.session.TestStandardSessionIntegration.BIO.txt
* org.apache.catalina.session.TestStandardSessionIntegration.NIO.txt
* org.apache.catalina.session.TestStandardSessionIntegration.NIO2.txt
* org.apache.catalina.tribes.group.TestGroupChannelMemberArrival.APR.txt
* org.apache.catalina.tribes.group.TestGroupChannelMemberArrival.BIO.txt
* org.apache.catalina.tribes.group.TestGroupChannelMemberArrival.NIO.txt
* org.apache.catalina.tribes.group.TestGroupChannelMemberArrival.NIO2.tx
t
*
org.apache.catalina.tribes.group.TestGroupChannelSenderConnections.APR.t
xt
*
org.apache.catalina.tribes.group.TestGroupChannelSenderConnections.BIO.t
xt
*
org.apache.catalina.tribes.group.TestGroupChannelSenderConnections.NIO.t
xt
*
org.apache.catalina.tribes.group.TestGroupChannelSenderConnections.NIO2.
txt
* org.apache.catalina.tribes.group.TestGroupChannelStartStop.APR.txt
* org.apache.catalina.tribes.group.TestGroupChannelStartStop.BIO.txt
* org.apache.catalina.tribes.group.TestGroupChannelStartStop.NIO.txt
* org.apache.catalina.tribes.group.TestGroupChannelStartStop.NIO2.txt
*
org.apache.catalina.tribes.group.interceptors.TestNonBlockingCoordinator
.APR.txt
*
org.apache.catalina.tribes.group.interceptors.TestNonBlockingCoordinator
.BIO.txt
*
org.apache.catalina.tribes.group.interceptors.TestNonBlockingCoordinator
.NIO.txt
*
org.apache.catalina.tribes.group.interceptors.TestNonBlockingCoordinator
.NIO2.txt
*
org.apache.catalina.tribes.group.interceptors.TestOrderInterceptor.APR.t
xt
*
org.apache.catalina.tribes.group.interceptors.TestOrderInterceptor.BIO.t
xt
*
org.apache.catalina.tribes.group.interceptors.TestOrderInterceptor.NIO.t
xt
*
org.apache.catalina.tribes.group.interceptors.TestOrderInterceptor.NIO2.
txt
*
org.apache.catalina.tribes.group.interceptors.TestTcpFailureDetector.APR
.txt
*
org.apache.catalina.tribes.group.interceptors.TestTcpFailureDetector.BIO
.txt
*
org.apache.catalina.tribes.group.interceptors.TestTcpFailureDetector.NIO
.txt
*
org.apache.catalina.tribes.group.interceptors.TestTcpFailureDetector.NIO
2.txt
* org.apache.tomcat.util.net.jsse.openssl.TestCipher.APR.txt
* org.apache.tomcat.util.net.jsse.openssl.TestCipher.BIO.txt
* org.apache.tomcat.util.net.jsse.openssl.TestCipher.NIO.txt
* org.apache.tomcat.util.net.jsse.openssl.TestCipher.NIO2.txt
*
org.apache.tomcat.util.net.jsse.openssl.TestOpenSSLCipherConfigurationPa
rser.APR.txt
*
org.apache.tomcat.util.net.jsse.openssl.TestOpenSSLCipherConfigurationPa
rser.BIO.txt
*
org.apache.tomcat.util.net.jsse.openssl.TestOpenSSLCipherConfigurationPa
rser.NIO.txt
*
org.apache.tomcat.util.net.jsse.openssl.TestOpenSSLCipherConfigurationPa
rser.NIO2.txt
* org.apache.tomcat.websocket.server.TestClose.BIO.txt
* org.apache.tomcat.websocket.server.TestClose.NIO.txt

-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iEYEARECAAYFAla1J44ACgkQ9CaO5/Lv0PDpEQCfYAOUiI/oJRSkjl6euBk/i9PE
uV0AoLY/zcHIM/6T3R0uL0++KZLa1OWo
=pFHz
-----END PGP SIGNATURE-----

---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: [VOTE] Release Apache Tomcat 8.0.32

Christopher Schultz-2
In reply to this post by Rainer Jung-3
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Rainer,

On 2/5/16 9:38 AM, Rainer Jung wrote:

> Am 04.02.2016 um 23:44 schrieb Rainer Jung:
>> Am 03.02.2016 um 10:05 schrieb Mark Thomas:
>>> The proposed Apache Tomcat 8.0.32 release is now available for
>>> voting.
>>>
>>> The main changes since 8.0.30 are:
>>>
>>> - Restore the default for mapperContextRootRedirectEnabled to
>>> true
>>>
>>> - Update the packaged version of the Tomcat Native Library to
>>> 1.2.4 to pick up the Windows binaries that are based on OpenSSL
>>> 1.0.2e
>>>
>>> - Expand session attribute filtering on load/unload to all
>>> managers
>>>
>>> It can be obtained from:
>>> https://dist.apache.org/repos/dist/dev/tomcat/tomcat-8/v8.0.32/
>>>
>>>
The Maven staging repo is:
>>> https://repository.apache.org/content/repositories/orgapachetomcat-1
063/
>>>
>>>
The svn tag is:
>>> http://svn.apache.org/repos/asf/tomcat/tc8.0.x/tags/TOMCAT_8_0_32/
>>>
>>>
>>>
The proposed 8.0.32 release is:

>>> [ ] Broken - do not release [ ] Stable - go ahead and release
>>> as 8.0.32
>>
>> Preliminary result: I see a hang in
>> org.apache.tomcat.util.net.TestSsl for NIO2. It hangs now since
>> about 4 hours. Stack:
>>
>> [junit] "main" prio=3 tid=0x0002a800 nid=0x2 runnable
>> [0xfdf7d000] [junit]    java.lang.Thread.State: RUNNABLE [junit]
>> at java.net.SocketInputStream.socketRead0(Native Method) [junit]
>> at java.net.SocketInputStream.read(SocketInputStream.java:152)
>> [junit]     at
>> java.net.SocketInputStream.read(SocketInputStream.java:122)
>> [junit]     at
>> sun.security.ssl.InputRecord.readFully(InputRecord.java:442)
>> [junit]     at
>> sun.security.ssl.InputRecord.read(InputRecord.java:480) [junit]
>> at
>> sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:934)
>>
>>
[junit]     - locked <0xe6b5b818> (a java.lang.Object)
>> [junit]     at
>> sun.security.ssl.SSLSocketImpl.readDataRecord(SSLSocketImpl.java:891)
>>
>>
[junit]     at

>> sun.security.ssl.AppInputStream.read(AppInputStream.java:102)
>> [junit]     - locked <0xe6b75ee0> (a
>> sun.security.ssl.AppInputStream) [junit]     at
>> sun.nio.cs.StreamDecoder.readBytes(StreamDecoder.java:283)
>> [junit]     at
>> sun.nio.cs.StreamDecoder.implRead(StreamDecoder.java:325) [junit]
>> at sun.nio.cs.StreamDecoder.read(StreamDecoder.java:177) [junit]
>> - locked <0xe6b76748> (a java.io.InputStreamReader) [junit]
>> at sun.nio.cs.StreamDecoder.read0(StreamDecoder.java:126) [junit]
>> - locked <0xe6b76748> (a java.io.InputStreamReader) [junit]
>> at sun.nio.cs.StreamDecoder.read(StreamDecoder.java:112) [junit]
>> at java.io.InputStreamReader.read(InputStreamReader.java:168)
>> [junit]     at
>> org.apache.tomcat.util.net.TestSsl.doRequest(TestSsl.java:159)
>> [junit]     at
>> org.apache.tomcat.util.net.TestSsl.testRenegotiateWorks(TestSsl.java:
133)
>>
>>
>>
>>
Due to truss the thread reads from the following connection

>>
>> 127.0.0.1.47878      127.0.0.1.47877      49152      0 49152
>> 0 ESTABLISHED 127.0.0.1.47877      127.0.0.1.47878      49152
>> 0 49306      0 ESTABLISHED
>>
>> The thread dump does not contain any frames that belong to the
>> client (as far as I can judge).
>
> This is somewhat reproducible for me using Java 1.7.0_80. It
> occurred 2 times during 10 iterations of only running TestSsl. With
> Java 1.0.8_72 it does not happen during 20 runs. So it seems to be
> a Java 7 SSL reneg issue.

Is TestSsl a part of the stock unit tests, or is this your own test?
I'd be happy to test in my environment(s) as well.

- -chris
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iEYEARECAAYFAla1KJ0ACgkQ9CaO5/Lv0PD4CwCgq9P0hzIwrYhCcEnmW65KIu9E
AD0An3u1PZQ/l5JiFkshapECZoxEdPyY
=oQ6i
-----END PGP SIGNATURE-----

---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: [VOTE] Release Apache Tomcat 8.0.32

Rainer Jung-3
Hi Chris,

Am 05.02.2016 um 23:56 schrieb Christopher Schultz:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Rainer,
>
> On 2/5/16 9:38 AM, Rainer Jung wrote:
>> Am 04.02.2016 um 23:44 schrieb Rainer Jung:
>>> Am 03.02.2016 um 10:05 schrieb Mark Thomas:
>>>> The proposed Apache Tomcat 8.0.32 release is now available for
>>>> voting.
>>>>
>>>> The main changes since 8.0.30 are:
>>>>
>>>> - Restore the default for mapperContextRootRedirectEnabled to
>>>> true
>>>>
>>>> - Update the packaged version of the Tomcat Native Library to
>>>> 1.2.4 to pick up the Windows binaries that are based on OpenSSL
>>>> 1.0.2e
>>>>
>>>> - Expand session attribute filtering on load/unload to all
>>>> managers
>>>>
>>>> It can be obtained from:
>>>> https://dist.apache.org/repos/dist/dev/tomcat/tomcat-8/v8.0.32/
>>>>
>>>>
> The Maven staging repo is:
>>>> https://repository.apache.org/content/repositories/orgapachetomcat-1
> 063/
>>>>
>>>>
> The svn tag is:
>>>> http://svn.apache.org/repos/asf/tomcat/tc8.0.x/tags/TOMCAT_8_0_32/
>>>>
>>>>
>>>>
> The proposed 8.0.32 release is:
>>>> [ ] Broken - do not release [ ] Stable - go ahead and release
>>>> as 8.0.32
>>>
>>> Preliminary result: I see a hang in
>>> org.apache.tomcat.util.net.TestSsl for NIO2. It hangs now since
>>> about 4 hours. Stack:
>>>
>>> [junit] "main" prio=3 tid=0x0002a800 nid=0x2 runnable
>>> [0xfdf7d000] [junit]    java.lang.Thread.State: RUNNABLE [junit]
>>> at java.net.SocketInputStream.socketRead0(Native Method) [junit]
>>> at java.net.SocketInputStream.read(SocketInputStream.java:152)
>>> [junit]     at
>>> java.net.SocketInputStream.read(SocketInputStream.java:122)
>>> [junit]     at
>>> sun.security.ssl.InputRecord.readFully(InputRecord.java:442)
>>> [junit]     at
>>> sun.security.ssl.InputRecord.read(InputRecord.java:480) [junit]
>>> at
>>> sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:934)
>>>
>>>
> [junit]     - locked <0xe6b5b818> (a java.lang.Object)
>>> [junit]     at
>>> sun.security.ssl.SSLSocketImpl.readDataRecord(SSLSocketImpl.java:891)
>>>
>>>
> [junit]     at
>>> sun.security.ssl.AppInputStream.read(AppInputStream.java:102)
>>> [junit]     - locked <0xe6b75ee0> (a
>>> sun.security.ssl.AppInputStream) [junit]     at
>>> sun.nio.cs.StreamDecoder.readBytes(StreamDecoder.java:283)
>>> [junit]     at
>>> sun.nio.cs.StreamDecoder.implRead(StreamDecoder.java:325) [junit]
>>> at sun.nio.cs.StreamDecoder.read(StreamDecoder.java:177) [junit]
>>> - locked <0xe6b76748> (a java.io.InputStreamReader) [junit]
>>> at sun.nio.cs.StreamDecoder.read0(StreamDecoder.java:126) [junit]
>>> - locked <0xe6b76748> (a java.io.InputStreamReader) [junit]
>>> at sun.nio.cs.StreamDecoder.read(StreamDecoder.java:112) [junit]
>>> at java.io.InputStreamReader.read(InputStreamReader.java:168)
>>> [junit]     at
>>> org.apache.tomcat.util.net.TestSsl.doRequest(TestSsl.java:159)
>>> [junit]     at
>>> org.apache.tomcat.util.net.TestSsl.testRenegotiateWorks(TestSsl.java:
> 133)
>>>
>>>
>>>
>>>
> Due to truss the thread reads from the following connection
>>>
>>> 127.0.0.1.47878      127.0.0.1.47877      49152      0 49152
>>> 0 ESTABLISHED 127.0.0.1.47877      127.0.0.1.47878      49152
>>> 0 49306      0 ESTABLISHED
>>>
>>> The thread dump does not contain any frames that belong to the
>>> client (as far as I can judge).
>>
>> This is somewhat reproducible for me using Java 1.7.0_80. It
>> occurred 2 times during 10 iterations of only running TestSsl. With
>> Java 1.0.8_72 it does not happen during 20 runs. So it seems to be
>> a Java 7 SSL reneg issue.
>
> Is TestSsl a part of the stock unit tests, or is this your own test?
> I'd be happy to test in my environment(s) as well.

It is test/org/apache/tomcat/util/net/TestSsl.java one of our standard
unit tests.

Regards,

Rainer

---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

[RESULT][VOTE] Release Apache Tomcat 8.0.32

Mark Thomas-2
In reply to this post by Mark Thomas-2
The following votes were cast:

Binding:
+1: markt, violetagg, kfujino, remm, fschumacher, mgrigorov, schultz

Non-binding:
+1: ognjen


This vote therefore passes. Thanks to every one who tested and/or voted.
I'll start the final release steps shortly.

Mark

---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

12