You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by Mark Thomas <ma...@apache.org> on 2020/12/03 14:49:53 UTC
[VOTE] Release Apache Tomcat 8.5.61
The proposed Apache Tomcat 8.5.61 release is now available for voting.
The notable changes compared to the 8.5.60 release are:
- Align the behaviour of ServletContext.getRealPath(String path) with
the recent clarification from the Servlet specification project. If
the path parameter does not start with / then Tomcat processes the
call as if / is appended to the beginning of the provided path.
- Fix a potential file descriptor leak when WebSocket connections are
attempted and fail. Patch provided by Maurizio Adami.
- Ensure that the LoadBalancerDrainingValve uses the correct setting
for the secure attribute for any session cookies it creates. Based on
a pull request by Andreas Kurth.
Along with lots of other bug fixes and improvements.
For full details, see the changelog:
https://ci.apache.org/projects/tomcat/tomcat85/docs/changelog.html
It can be obtained from:
https://dist.apache.org/repos/dist/dev/tomcat/tomcat-8/v8.5.61/
The Maven staging repo is:
https://repository.apache.org/content/repositories/orgapachetomcat-1290/
The tag is:
https://github.com/apache/tomcat/tree/8.5.61
77d330abea52e4aeb039ca7eb8a766e0e1c56a71
The proposed 8.5.61 release is:
[ ] Broken - do not release
[ ] Stable - go ahead and release as 8.5.61
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
Re: [VOTE] Release Apache Tomcat 8.5.61
Posted by Mladen Turk <mt...@apache.org>.
On 03/12/2020 15:49, Mark Thomas wrote:
> The proposed Apache Tomcat 8.5.61 release is now available for voting.
>
>
The proposed 8.5.61 release is:
[ ] Broken - do not release
[x] Stable - go ahead and release as 8.5.61
Tested on few Windows VM's
Regards
--
^TM
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
[VOTE][RESULT] Release Apache Tomcat 8.5.61
Posted by Mark Thomas <ma...@apache.org>.
The following votes were cast:
Binding:
+1: remm, isapir, schultz, mturk, mgrigorov, markt
The vote therefore passes.
Thank you to everyone who contributed to this release.
Mark
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
Re: [VOTE] Release Apache Tomcat 8.5.61
Posted by Mark Thomas <ma...@apache.org>.
On 03/12/2020 14:49, Mark Thomas wrote:
> The proposed 8.5.61 release is:
> [ ] Broken - do not release
> [X] Stable - go ahead and release as 8.5.61
Unit tests pass for NIO, NIO2 and APR/Native on Windows, Linux and MacOs.
Mark
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
Re: [VOTE] Release Apache Tomcat 8.5.61
Posted by Christopher Schultz <ch...@christopherschultz.net>.
Mark,
Thanks for RMing.
On 12/3/20 09:49, Mark Thomas wrote:
> The proposed Apache Tomcat 8.5.61 release is now available for voting.
>
> The notable changes compared to the 8.5.60 release are:
>
> - Align the behaviour of ServletContext.getRealPath(String path) with
> the recent clarification from the Servlet specification project. If
> the path parameter does not start with / then Tomcat processes the
> call as if / is appended to the beginning of the provided path.
>
> - Fix a potential file descriptor leak when WebSocket connections are
> attempted and fail. Patch provided by Maurizio Adami.
>
> - Ensure that the LoadBalancerDrainingValve uses the correct setting
> for the secure attribute for any session cookies it creates. Based on
> a pull request by Andreas Kurth.
>
> Along with lots of other bug fixes and improvements.
>
> For full details, see the changelog:
> https://ci.apache.org/projects/tomcat/tomcat85/docs/changelog.html
>
> It can be obtained from:
> https://dist.apache.org/repos/dist/dev/tomcat/tomcat-8/v8.5.61/
>
> The Maven staging repo is:
> https://repository.apache.org/content/repositories/orgapachetomcat-1290/
>
> The tag is:
> https://github.com/apache/tomcat/tree/8.5.61
> 77d330abea52e4aeb039ca7eb8a766e0e1c56a71
>
> The proposed 8.5.61 release is:
> [ ] Broken - do not release
> [X] Stable - go ahead and release as 8.5.61
+1 for stable release
Tested with a standard servlet-based web application. Noting fancy like
Websocket or h2.
Failing unit tests are very likely to be related to my OpenSSL version
and support for various ciphers. I still have to nail these down so they
pass in my environment.
Details:
* Environment
* Java (build): openjdk version "1.8.0_272" OpenJDK Runtime
Environment (build 1.8.0_272-8u272-b10-0+deb9u1-b10) OpenJDK 64-Bit
Server VM (build 25.272-b10, mixed mode)
* Java (test): openjdk version "1.8.0_272" OpenJDK Runtime
Environment (build 1.8.0_272-8u272-b10-0+deb9u1-b10) OpenJDK 64-Bit
Server VM (build 25.272-b10, mixed mode)
* OS: Linux 4.9.0-9-amd64 x86_64
* cc: cc (Debian 6.3.0-18+deb9u1) 6.3.0 20170516
* make: GNU Make 4.1
* OpenSSL: OpenSSL 1.1.1 11 Sep 2018
* APR: 1.5.2
*
* Valid SHA-512 signature for apache-tomcat-8.5.61.zip
* Valid GPG signature for apache-tomcat-8.5.61.zip
* Valid SHA-512 signature for apache-tomcat-8.5.61.tar.gz
* Valid GPG signature for apache-tomcat-8.5.61.tar.gz
* Valid SHA-512 signature for apache-tomcat-8.5.61.exe
* Valid GPG signature for apache-tomcat-8.5.61.exe
* Valid SHA512 signature for apache-tomcat-8.5.61-src.zip
* Valid GPG signature for apache-tomcat-8.5.61-src.zip
* Valid SHA512 signature for apache-tomcat-8.5.61-src.tar.gz
* Valid GPG signature for apache-tomcat-8.5.61-src.tar.gz
*
* Binary Zip and tarball: Same
* Source Zip and tarball: Same
*
* Building dependencies returned: 0
* tcnative builds cleanly
* Tomcat builds cleanly
* Junit Tests: FAILED
*
* Tests that failed:
* org.apache.tomcat.util.net.openssl.ciphers.TestCipher.APR.txt
* org.apache.tomcat.util.net.openssl.ciphers.TestCipher.NIO.txt
* org.apache.tomcat.util.net.openssl.ciphers.TestCipher.NIO2.txt
*
org.apache.tomcat.util.net.openssl.ciphers.TestOpenSSLCipherConfigurationParser.APR.txt
*
org.apache.tomcat.util.net.openssl.ciphers.TestOpenSSLCipherConfigurationParser.NIO.txt
*
org.apache.tomcat.util.net.openssl.ciphers.TestOpenSSLCipherConfigurationParser.NIO2.txt
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
Re: [VOTE] Release Apache Tomcat 8.5.61
Posted by Mark Thomas <ma...@apache.org>.
On 06/12/2020 21:49, Rainer Jung wrote:
<snip/>
> I don't know, whether this is new, but I observe a loop when running
> at
> java.util.concurrent.CountDownLatch.await(CountDownLatch.java:236)
> at org.apache.tomcat.util.net.TestSsl.testPost(TestSsl.java:153)
<snip/>
> The loop happens in
>
> "Thread-8" prio=3 tid=0x00692800 nid=0x43 runnable [0xe5bff000]
> java.lang.Thread.State: RUNNABLE
> at sun.security.ssl.AppInputStream.read(AppInputStream.java:92)
> - locked <0xed614d38> (a sun.security.ssl.AppInputStream)
> at sun.security.ssl.AppInputStream.read(AppInputStream.java:69)
> - locked <0xed614d38> (a sun.security.ssl.AppInputStream)
> at org.apache.tomcat.util.net.TestSsl$1.run(TestSsl.java:128)
>
> "Thread-8" prio=3 tid=0x00692800 nid=0x43 runnable [0xe5bff000]
> java.lang.Thread.State: RUNNABLE
> at org.apache.tomcat.util.net.TestSsl$1.run(TestSsl.java:128)
>
>
> Another stack I captured was:
>
> Thread t@67: (state = IN_JAVA)
> - java.lang.StringBuilder.append(java.lang.String) @bci=2, line=132
> (Compiled frame; information may be imprecise)
> - sun.security.ssl.SSLSocketImpl.checkEOF() @bci=96, line=1496
> (Compiled frame)
> - sun.security.ssl.AppInputStream.read(byte[], int, int) @bci=46,
> line=92 (Compiled frame)
> - sun.security.ssl.AppInputStream.read() @bci=7, line=69 (Compiled frame)
> - org.apache.tomcat.util.net.TestSsl$1.run() @bci=151, line=128
> (Compiled frame)
>
> The test loops using a lot of CPU, it is not just a hang.
<snip/>
The code in question is:
while (found != endOfHeaders.length) {
if (is.read() == endOfHeaders[found]) {
found++;
} else {
found = 0;
}
}
If the read receives EOF before it reaches the end of the headers that
is going to trigger an infinite loop.
I see references to EOF in the thread dump so I am guess something went
wrong that truncated the response and triggered the infinite loop.
I'll look at fixing the test.
Mark
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
Re: [VOTE] Release Apache Tomcat 8.5.61
Posted by Rainer Jung <ra...@kippdata.de>.
Am 03.12.2020 um 15:49 schrieb Mark Thomas:
> The proposed Apache Tomcat 8.5.61 release is now available for voting.
>
> The notable changes compared to the 8.5.60 release are:
>
> - Align the behaviour of ServletContext.getRealPath(String path) with
> the recent clarification from the Servlet specification project. If
> the path parameter does not start with / then Tomcat processes the
> call as if / is appended to the beginning of the provided path.
>
> - Fix a potential file descriptor leak when WebSocket connections are
> attempted and fail. Patch provided by Maurizio Adami.
>
> - Ensure that the LoadBalancerDrainingValve uses the correct setting
> for the secure attribute for any session cookies it creates. Based on
> a pull request by Andreas Kurth.
>
> Along with lots of other bug fixes and improvements.
>
> For full details, see the changelog:
> https://ci.apache.org/projects/tomcat/tomcat85/docs/changelog.html
>
> It can be obtained from:
> https://dist.apache.org/repos/dist/dev/tomcat/tomcat-8/v8.5.61/
>
> The Maven staging repo is:
> https://repository.apache.org/content/repositories/orgapachetomcat-1290/
>
> The tag is:
> https://github.com/apache/tomcat/tree/8.5.61
> 77d330abea52e4aeb039ca7eb8a766e0e1c56a71
>
> The proposed 8.5.61 release is:
> [ ] Broken - do not release
> [ ] Stable - go ahead and release as 8.5.61
I don't know, whether this is new, but I observe a loop when running
"main" prio=3 tid=0x0002ac00 nid=0x2 waiting on condition [0xfe37e000]
java.lang.Thread.State: WAITING (parking)
at sun.misc.Unsafe.park(Native Method)
- parking to wait for <0xed612508> (a
java.util.concurrent.CountDownLatch$Sync)
at
java.util.concurrent.locks.LockSupport.park(LockSupport.java:186)
at
java.util.concurrent.locks.AbstractQueuedSynchronizer.parkAndCheckInterrupt(AbstractQueuedSynchronizer.java:834)
at
java.util.concurrent.locks.AbstractQueuedSynchronizer.doAcquireSharedInterruptibly(AbstractQueuedSynchronizer.java:994)
at
java.util.concurrent.locks.AbstractQueuedSynchronizer.acquireSharedInterruptibly(AbstractQueuedSynchronizer.java:1303)
at
java.util.concurrent.CountDownLatch.await(CountDownLatch.java:236)
at org.apache.tomcat.util.net.TestSsl.testPost(TestSsl.java:153)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:606)
at
org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:59)
...
The loop happens in
"Thread-8" prio=3 tid=0x00692800 nid=0x43 runnable [0xe5bff000]
java.lang.Thread.State: RUNNABLE
at sun.security.ssl.AppInputStream.read(AppInputStream.java:92)
- locked <0xed614d38> (a sun.security.ssl.AppInputStream)
at sun.security.ssl.AppInputStream.read(AppInputStream.java:69)
- locked <0xed614d38> (a sun.security.ssl.AppInputStream)
at org.apache.tomcat.util.net.TestSsl$1.run(TestSsl.java:128)
"Thread-8" prio=3 tid=0x00692800 nid=0x43 runnable [0xe5bff000]
java.lang.Thread.State: RUNNABLE
at org.apache.tomcat.util.net.TestSsl$1.run(TestSsl.java:128)
Another stack I captured was:
Thread t@67: (state = IN_JAVA)
- java.lang.StringBuilder.append(java.lang.String) @bci=2, line=132
(Compiled frame; information may be imprecise)
- sun.security.ssl.SSLSocketImpl.checkEOF() @bci=96, line=1496
(Compiled frame)
- sun.security.ssl.AppInputStream.read(byte[], int, int) @bci=46,
line=92 (Compiled frame)
- sun.security.ssl.AppInputStream.read() @bci=7, line=69 (Compiled frame)
- org.apache.tomcat.util.net.TestSsl$1.run() @bci=151, line=128
(Compiled frame)
The test loops using a lot of CPU, it is not just a hang.
This was an Solaris 10 Sparc using java 1.7.0_80.
It might be a test only problem though.
The process is still there in case we have an idea how to get more out
of the running process.
Kind regards,
Rainer
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
Re: [VOTE] Release Apache Tomcat 8.5.61
Posted by Martin Grigorov <mg...@apache.org>.
On Thu, Dec 3, 2020 at 4:50 PM Mark Thomas <ma...@apache.org> wrote:
> The proposed Apache Tomcat 8.5.61 release is now available for voting.
>
> The notable changes compared to the 8.5.60 release are:
>
> - Align the behaviour of ServletContext.getRealPath(String path) with
> the recent clarification from the Servlet specification project. If
> the path parameter does not start with / then Tomcat processes the
> call as if / is appended to the beginning of the provided path.
>
> - Fix a potential file descriptor leak when WebSocket connections are
> attempted and fail. Patch provided by Maurizio Adami.
>
> - Ensure that the LoadBalancerDrainingValve uses the correct setting
> for the secure attribute for any session cookies it creates. Based on
> a pull request by Andreas Kurth.
>
> Along with lots of other bug fixes and improvements.
>
> For full details, see the changelog:
> https://ci.apache.org/projects/tomcat/tomcat85/docs/changelog.html
>
> It can be obtained from:
> https://dist.apache.org/repos/dist/dev/tomcat/tomcat-8/v8.5.61/
>
> The Maven staging repo is:
> https://repository.apache.org/content/repositories/orgapachetomcat-1290/
>
> The tag is:
> https://github.com/apache/tomcat/tree/8.5.61
> 77d330abea52e4aeb039ca7eb8a766e0e1c56a71
>
> The proposed 8.5.61 release is:
> [ ] Broken - do not release
> [ X ] Stable - go ahead and release as 8.5.61
>
Regards,
Martin
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: dev-help@tomcat.apache.org
>
>
Re: [VOTE] Release Apache Tomcat 8.5.61
Posted by Igal Sapir <is...@apache.org>.
On Thu, Dec 3, 2020 at 6:49 AM Mark Thomas <ma...@apache.org> wrote:
> The proposed Apache Tomcat 8.5.61 release is now available for voting.
>
> The notable changes compared to the 8.5.60 release are:
>
> - Align the behaviour of ServletContext.getRealPath(String path) with
> the recent clarification from the Servlet specification project. If
> the path parameter does not start with / then Tomcat processes the
> call as if / is appended to the beginning of the provided path.
>
> - Fix a potential file descriptor leak when WebSocket connections are
> attempted and fail. Patch provided by Maurizio Adami.
>
> - Ensure that the LoadBalancerDrainingValve uses the correct setting
> for the secure attribute for any session cookies it creates. Based on
> a pull request by Andreas Kurth.
>
> Along with lots of other bug fixes and improvements.
>
> For full details, see the changelog:
> https://ci.apache.org/projects/tomcat/tomcat85/docs/changelog.html
>
> It can be obtained from:
> https://dist.apache.org/repos/dist/dev/tomcat/tomcat-8/v8.5.61/
>
> The Maven staging repo is:
> https://repository.apache.org/content/repositories/orgapachetomcat-1290/
>
> The tag is:
> https://github.com/apache/tomcat/tree/8.5.61
> 77d330abea52e4aeb039ca7eb8a766e0e1c56a71
>
> The proposed 8.5.61 release is:
> [ ] Broken - do not release
> [X] Stable - go ahead and release as 8.5.61
>
Tested on Ubuntu 20.04 with Java 13.0.4 and TC-Native 1.2.25
Best,
Igal
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: dev-help@tomcat.apache.org
>
>
Re: [VOTE] Release Apache Tomcat 8.5.61
Posted by Rémy Maucherat <re...@apache.org>.
On Thu, Dec 3, 2020 at 3:50 PM Mark Thomas <ma...@apache.org> wrote:
> The proposed Apache Tomcat 8.5.61 release is now available for voting.
>
> The notable changes compared to the 8.5.60 release are:
>
> - Align the behaviour of ServletContext.getRealPath(String path) with
> the recent clarification from the Servlet specification project. If
> the path parameter does not start with / then Tomcat processes the
> call as if / is appended to the beginning of the provided path.
>
> - Fix a potential file descriptor leak when WebSocket connections are
> attempted and fail. Patch provided by Maurizio Adami.
>
> - Ensure that the LoadBalancerDrainingValve uses the correct setting
> for the secure attribute for any session cookies it creates. Based on
> a pull request by Andreas Kurth.
>
> Along with lots of other bug fixes and improvements.
>
> For full details, see the changelog:
> https://ci.apache.org/projects/tomcat/tomcat85/docs/changelog.html
>
> It can be obtained from:
> https://dist.apache.org/repos/dist/dev/tomcat/tomcat-8/v8.5.61/
>
> The Maven staging repo is:
> https://repository.apache.org/content/repositories/orgapachetomcat-1290/
>
> The tag is:
> https://github.com/apache/tomcat/tree/8.5.61
> 77d330abea52e4aeb039ca7eb8a766e0e1c56a71
>
> The proposed 8.5.61 release is:
> [ ] Broken - do not release
> [X] Stable - go ahead and release as 8.5.61
>
> Rémy