svn commit: r1038021 - /tomcat/tc6.0.x/trunk/STATUS.txt
Author: mturk Date: Tue Nov 23 09:17:45 2010 New Revision: 1038021 URL: http://svn.apache.org/viewvc?rev=1038021view=rev Log: Propose AprEndpoint patch fixing shutdwon JVM crash Modified: tomcat/tc6.0.x/trunk/STATUS.txt Modified: tomcat/tc6.0.x/trunk/STATUS.txt URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/STATUS.txt?rev=1038021r1=1038020r2=1038021view=diff == --- tomcat/tc6.0.x/trunk/STATUS.txt (original) +++ tomcat/tc6.0.x/trunk/STATUS.txt Tue Nov 23 09:17:45 2010 @@ -161,7 +161,7 @@ PATCHES PROPOSED TO BACKPORT: -1: * Backport Windows installer improvements from Tomcat 7.0.5. - + - Add default --PidFile (new with daemon 1.0.3) (r982157, mturk) - Use *modern* types of nsis install/uninstall icons (r76, mturk) @@ -238,7 +238,7 @@ PATCHES PROPOSED TO BACKPORT: is doing. Should be less overhead with less contention. http://people.apache.org/~markt/patches/2010-11-18-session-rate-stats.patch +1: markt - -1: + -1: * Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=50273 Provide a workaround for an HP-UX issue that can result in large numbers of @@ -263,3 +263,8 @@ PATCHES PROPOSED TO BACKPORT: http://svn.apache.org/viewvc?rev=1037887view=rev +1: kkolinko -1: + +* Backport AprEndpoint shutdown patch (BZ49795 and similar). + http://people.apache.org/~mturk/tomcat/patches/tomcat-6.0.x-aprshutdown.patch + +1: mturk + -1: - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[ANN] Apache Tomcat Twitter feed
Hi, We have launched the official Apache Tomcat project Twitter feed at: http://twitter.com/TheApacheTomcat We will regularly post there announce and other relevant news, and we are welcoming all new followers to our new Twitter feed. For those interested in ASF in general, there is also official ASF Twitter feed which can be accessed at: http://twitter.com/TheASF/ Regards -- The Apache Tomcat Team - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: [SECURITY] CVE-2010-4172: Apache Tomcat Manager application XSS vulnerability
On 22/11/2010 19:52, Konstantin Kolinko wrote: 2010/11/22 Mark Thomas ma...@apache.org: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 CVE-2010-4172: Apache Tomcat Manager application XSS vulnerability (...) FYI: The patches included in the announcement are hardly readable, because the mailing software replaced '-' with '- -' and the start of lines, and wrapped long lines as well. That is as a result of the e-mail being digitally signed. E-mail clients capable of processing the signature will remove the double '- -' and unwrap any wrapped lines. The mirrors have now picked up the patches so I'll post a quick follow up to the users and dev list with links to the patches. Mark - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: [SECURITY] CVE-2010-4172: Apache Tomcat Manager application XSS vulnerability
The processing of applying the digital signature to the original e-mail made the patches hard to read. E-mail clients that can process digital signatures should undo this formatting. For those folks with an e-mail client that can't process OpenGPG signed e-mail, the patches have been placed on the download mirrors as part of the 6.0.29 and 7.0.4 distributions. To obtain the patches: For Tomcat 6 - Open http://tomcat.apache.org/download-60.cgi - Select 'Browse' from the Quick Navigation section - Select the patches directory For Tomcat 7 - Open http://tomcat.apache.org/download-70.cgi - Select 'Browse' from the Quick Navigation section - Select the patches directory The Apache Tomcat Security Team - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1038041 - in /tomcat/trunk: java/org/apache/catalina/loader/LocalStrings.properties java/org/apache/catalina/loader/WebappClassLoader.java webapps/docs/changelog.xml
Author: markt Date: Tue Nov 23 10:38:40 2010 New Revision: 1038041 URL: http://svn.apache.org/viewvc?rev=1038041view=rev Log: Make memory leak prevention code that clears ThreadLocal instances more robust against objects with toString() methods that throw exceptions. Modified: tomcat/trunk/java/org/apache/catalina/loader/LocalStrings.properties tomcat/trunk/java/org/apache/catalina/loader/WebappClassLoader.java tomcat/trunk/webapps/docs/changelog.xml Modified: tomcat/trunk/java/org/apache/catalina/loader/LocalStrings.properties URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/loader/LocalStrings.properties?rev=1038041r1=1038040r2=1038041view=diff == --- tomcat/trunk/java/org/apache/catalina/loader/LocalStrings.properties (original) +++ tomcat/trunk/java/org/apache/catalina/loader/LocalStrings.properties Tue Nov 23 10:38:40 2010 @@ -49,6 +49,9 @@ webappClassLoader.clearThreadLocal=The w webappClassLoader.clearThreadLocalDebugClear=To simplify the process of tracing memory leaks, the key has been forcibly removed. webappClassLoader.clearThreadLocalClear=To prevent a memory leak, the ThreadLocal has been forcibly removed. webappClassLoader.clearThreadLocalFail=Failed to clear ThreadLocal references for web application [{0}] +webappClassLoader.clearThreadLocal.badKey=Unable to determine string representation of key of type [{0}] +webappClassLoader.clearThreadLocal.badValue=Unable to determine string representation of value of type [{0}] +webappClassLoader.clearThreadLocal.unknown=Unknown webappClassLoader.stopThreadFail=Failed to terminate thread named [{0}] for web application [{1}] webappClassLoader.stopTimerThreadFail=Failed to terminate TimerThread named [{0}] for web application [{1}] webappClassLoader.validationErrorJarPath=Unable to validate JAR entry with name {0} Modified: tomcat/trunk/java/org/apache/catalina/loader/WebappClassLoader.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/loader/WebappClassLoader.java?rev=1038041r1=1038040r2=1038041view=diff == --- tomcat/trunk/java/org/apache/catalina/loader/WebappClassLoader.java (original) +++ tomcat/trunk/java/org/apache/catalina/loader/WebappClassLoader.java Tue Nov 23 10:38:40 2010 @@ -2442,11 +2442,27 @@ public class WebappClassLoader args[0] = contextName; if (key != null) { args[1] = key.getClass().getCanonicalName(); -args[2] = key.toString(); +try { +args[2] = key.toString(); +} catch (Exception e) { +log.error(sm.getString( + webappClassLoader.clearThreadLocal.badKey, +args[1]), e); +args[2] = sm.getString( + webappClassLoader.clearThreadLocal.unknown); +} } if (value != null) { args[3] = value.getClass().getCanonicalName(); -args[4] = value.toString(); +try { +args[4] = value.toString(); +} catch (Exception e) { +log.error(sm.getString( + webappClassLoader.clearThreadLocal.badValue, +args[3]), e); +args[4] = sm.getString( + webappClassLoader.clearThreadLocal.unknown); +} } if (value == null) { if (log.isDebugEnabled()) { Modified: tomcat/trunk/webapps/docs/changelog.xml URL: http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1038041r1=1038040r2=1038041view=diff == --- tomcat/trunk/webapps/docs/changelog.xml (original) +++ tomcat/trunk/webapps/docs/changelog.xml Tue Nov 23 10:38:40 2010 @@ -159,6 +159,11 @@ codeAsyncContext.dispatch()/code once the asynchronous request has timed out. (markt) /fix + add +Make memory leak prevention code that clears ThreadLocal instances more +robust against objects with toString() methods that throw exceptions. +(markt) + /add /changelog /subsection subsection name=Coyote
svn commit: r1038042 - /tomcat/tc6.0.x/trunk/STATUS.txt
Author: markt Date: Tue Nov 23 10:40:01 2010 New Revision: 1038042 URL: http://svn.apache.org/viewvc?rev=1038042view=rev Log: Proposal Modified: tomcat/tc6.0.x/trunk/STATUS.txt Modified: tomcat/tc6.0.x/trunk/STATUS.txt URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/STATUS.txt?rev=1038042r1=1038041r2=1038042view=diff == --- tomcat/tc6.0.x/trunk/STATUS.txt (original) +++ tomcat/tc6.0.x/trunk/STATUS.txt Tue Nov 23 10:40:01 2010 @@ -268,3 +268,9 @@ PATCHES PROPOSED TO BACKPORT: http://people.apache.org/~mturk/tomcat/patches/tomcat-6.0.x-aprshutdown.patch +1: mturk -1: + +* Make memory leak prevention code that clears ThreadLocal instances more robust + against objects with toString() methods that throw exceptions. + http://svn.apache.org/viewvc?rev=1038041view=rev + +1: markt + -1: - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1038044 - /tomcat/tc6.0.x/trunk/STATUS.txt
Author: kkolinko Date: Tue Nov 23 10:44:39 2010 New Revision: 1038044 URL: http://svn.apache.org/viewvc?rev=1038044view=rev Log: vote Modified: tomcat/tc6.0.x/trunk/STATUS.txt Modified: tomcat/tc6.0.x/trunk/STATUS.txt URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/STATUS.txt?rev=1038044r1=1038043r2=1038044view=diff == --- tomcat/tc6.0.x/trunk/STATUS.txt (original) +++ tomcat/tc6.0.x/trunk/STATUS.txt Tue Nov 23 10:44:39 2010 @@ -272,5 +272,5 @@ PATCHES PROPOSED TO BACKPORT: * Make memory leak prevention code that clears ThreadLocal instances more robust against objects with toString() methods that throw exceptions. http://svn.apache.org/viewvc?rev=1038041view=rev - +1: markt + +1: markt, kkolinko -1: - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
buildbot success in ASF Buildbot on tomcat-trunk
The Buildbot has detected a restored build of tomcat-trunk on ASF Buildbot. Full details are available at: http://ci.apache.org/builders/tomcat-trunk/builds/842 Buildbot URL: http://ci.apache.org/ Buildslave for this Build: bb-vm_ubuntu Build Reason: Build Source Stamp: [branch tomcat/trunk] 1038041 Blamelist: markt Build succeeded! sincerely, -The Buildbot - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Tomcat Wiki] Update of FAQ/Troubleshooting_and_Diag nostics by PidSter
Dear Wiki user, You have subscribed to a wiki page or wiki category on Tomcat Wiki for change notification. The FAQ/Troubleshooting_and_Diagnostics page has been changed by PidSter. http://wiki.apache.org/tomcat/FAQ/Troubleshooting_and_Diagnostics?action=diffrev1=8rev2=9 -- Page stub for Troubleshooting and Diagnostics techniques. == Techniques Reference == - * Capturing a thread dump + * [[HowTo#How_do_I_obtain_a_thread_dump_of_my_running_webapp_.3F| How To: Capture a thread dump]] * Capturing a heap dump * Examining a Stacktrace + * [[HowTo#How_do_I_debug_a_Tomcat_application.3F| How To: Configure Tomcat for debugging]] + * [[FAQ/Memory| FAQ: Memory]] + * [[MemoryLeakProtection| Tomcat Memory Leak Protection]] * [[http://java.sun.com/developer/technicalArticles/J2SE/monitoring/| Sun Technical Article: Monitoring and Managing Java SE 6 Platform Applications]] * [[#usingjmxclients|Notes on using JMX clients]] @@ -22, +25 @@ * [[http://download.oracle.com/javase/6/docs/technotes/tools/share/jhat.html| jhat - Heap Analyzer Tool]] === Profilers === - * MAT (Eclipse) - * YourKit Profiler - * JProbe + * [[http://www.eclipse.org/mat/| Eclipse Memory Analyzer (MAT)]] + * [[http://www.yourkit.com/| YourKit Profiler]] + * [[http://www.quest.com/jprobe/| JProbe| ]] * [[http://download.oracle.com/javase/6/docs/technotes/tools/share/jvisualvm.html| VisualVM Docs]] Anchor(usingjmxclients) @@ -33, +36 @@ When running a JMX client (JConsole, VisualVM) on the same machine as the target JVM process it is possible to connect without pre-configuring a JMX port, using the local connector stub. This method relies on being able to create a protected temporary file, accessible only to a user with administrator privileges. Java processes which are accessible via the local connector will automatically appear in the client. - NB On Windows, this means that the temporary directory must be located on an NTFS formatted disk. See the following link for more details. + NB(1) On Windows, this means that the temporary directory must be located on an NTFS formatted disk. See the following link for more details. + + NB(2) On Windows, if Tomcat is started using a service wrapper, this will prevent JConsole VisualVM from using the local JMX connector stub. [[http://download.oracle.com/javase/1.5.0/docs/guide/management/faq.html| JConsole and Remote Management FAQ]] - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1038202 - in /tomcat/trunk: java/org/apache/coyote/http11/Http11NioProtocol.java java/org/apache/tomcat/util/net/NioEndpoint.java webapps/docs/changelog.xml
Author: markt Date: Tue Nov 23 16:57:47 2010 New Revision: 1038202 URL: http://svn.apache.org/viewvc?rev=1038202view=rev Log: Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=50207 Modified: tomcat/trunk/java/org/apache/coyote/http11/Http11NioProtocol.java tomcat/trunk/java/org/apache/tomcat/util/net/NioEndpoint.java tomcat/trunk/webapps/docs/changelog.xml Modified: tomcat/trunk/java/org/apache/coyote/http11/Http11NioProtocol.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/coyote/http11/Http11NioProtocol.java?rev=1038202r1=1038201r2=1038202view=diff == --- tomcat/trunk/java/org/apache/coyote/http11/Http11NioProtocol.java (original) +++ tomcat/trunk/java/org/apache/coyote/http11/Http11NioProtocol.java Tue Nov 23 16:57:47 2010 @@ -329,19 +329,23 @@ public class Http11NioProtocol extends A if (processor.isAsync()) { state = processor.asyncPostProcess(); } -if (state != SocketState.LONG state != SocketState.ASYNC_END) { +if (state == SocketState.OPEN || state == SocketState.CLOSED) { release(socket); if (state == SocketState.OPEN) { socket.getPoller().add(socket); } -} else if (state == SocketState.ASYNC_END) { -// No further work required } else if (state == SocketState.LONG) { -att.setAsync(true); // Re-enable timeouts +if (processor.isAsync()) { +att.setAsync(true); // Re-enable timeouts +} else { +// Comet +if (log.isDebugEnabled()) log.debug(Keeping processor[+processor); +//add correct poller events here based on Comet stuff +socket.getPoller().add(socket,att.getCometOps()); +} } else { -if (log.isDebugEnabled()) log.debug(Keeping processor[+processor); -//add correct poller events here based on Comet stuff -socket.getPoller().add(socket,att.getCometOps()); +// state == SocketState.ASYNC_END +// No further work required } } } Modified: tomcat/trunk/java/org/apache/tomcat/util/net/NioEndpoint.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/net/NioEndpoint.java?rev=1038202r1=1038201r2=1038202view=diff == --- tomcat/trunk/java/org/apache/tomcat/util/net/NioEndpoint.java (original) +++ tomcat/trunk/java/org/apache/tomcat/util/net/NioEndpoint.java Tue Nov 23 16:57:47 2010 @@ -1322,7 +1322,7 @@ public class NioEndpoint extends Abstrac reg(key,ka,0);//avoid multiple calls, this gets reregistered after invocation //if (!processSocket(ka.getChannel(), SocketStatus.OPEN_CALLBACK)) processSocket(ka.getChannel(), SocketStatus.DISCONNECT); if (!processSocket(ka.getChannel(), SocketStatus.OPEN, true)) processSocket(ka.getChannel(), SocketStatus.DISCONNECT, true); -}else if ((ka.interestOps()SelectionKey.OP_READ) == SelectionKey.OP_READ || +} else if ((ka.interestOps()SelectionKey.OP_READ) == SelectionKey.OP_READ || (ka.interestOps()SelectionKey.OP_WRITE) == SelectionKey.OP_WRITE) { //only timeout sockets that we are waiting for a read from long delta = now - ka.getLastAccess(); @@ -1340,7 +1340,7 @@ public class NioEndpoint extends Abstrac long nextTime = now+(timeout-delta); nextExpiration = (nextTime nextExpiration)?nextTime:nextExpiration; } -}else if (ka.isAsync()) { +} else if (ka.isAsync() || ka.getComet()) { long delta = now - ka.getLastAccess(); long timeout = (ka.getTimeout()==-1)?((long) socketProperties.getSoTimeout()):(ka.getTimeout()); boolean isTimedout = delta timeout; Modified: tomcat/trunk/webapps/docs/changelog.xml URL: http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1038202r1=1038201r2=1038202view=diff == --- tomcat/trunk/webapps/docs/changelog.xml (original) +++ tomcat/trunk/webapps/docs/changelog.xml Tue Nov 23 16:57:47 2010 @@ -177,6 +177,10 @@ is configurable with
DO NOT REPLY [Bug 50207] CometProcessor async timeout events are not being fired
https://issues.apache.org/bugzilla/show_bug.cgi?id=50207 Mark Thomas ma...@apache.org changed: What|Removed |Added Status|NEW |RESOLVED Resolution||FIXED --- Comment #2 from Mark Thomas ma...@apache.org 2010-11-23 11:59:24 EST --- Thanks for the report. This has been fixed in 7.0.x and will be included in 7.0.5 onwards. -- Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1038235 - in /tomcat/trunk/webapps: docs/changelog.xml manager/WEB-INF/jsp/sessionDetail.jsp
Author: markt Date: Tue Nov 23 17:59:49 2010 New Revision: 1038235 URL: http://svn.apache.org/viewvc?rev=1038235view=rev Log: Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=50318 Avoid NPE when viewing session detail for expired sessions Modified: tomcat/trunk/webapps/docs/changelog.xml tomcat/trunk/webapps/manager/WEB-INF/jsp/sessionDetail.jsp Modified: tomcat/trunk/webapps/docs/changelog.xml URL: http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1038235r1=1038234r2=1038235view=diff == --- tomcat/trunk/webapps/docs/changelog.xml (original) +++ tomcat/trunk/webapps/docs/changelog.xml Tue Nov 23 17:59:49 2010 @@ -290,31 +290,35 @@ Improve Tomcat Logging documentation. (kkolinko) /update fix -bug50303/bug: Update JNDI how-to to reflect new JavaMail download -location and that JAF is now included in Java SE 6. (markt) +bug50303/bug: Update JNDI how-to to reflect the new JavaMail +download location and that JAF is now included in Java SE 6. (markt) /fix fix -Fix ordering functionality on sessions page for HTML Manager +Fix ordering functionality on sessions page for the HTML Manager application. (markt) /fix fix -Fix primary sessions not always being treated as such in HTML Manager -application. (markt) +Fix primary sessions not always being treated as such in the HTML +Manager application. (markt) /fix fix -Fix message not being displayed after session attribute removal in HTML -Manager application. (markt) +Fix message not being displayed after session attribute removal in the +HTML Manager application. (markt) /fix fix -bug50310/bug: Fix display of Servlet information in Manager +bug50310/bug: Fix display of Servlet information in the Manager application. (markt) /fix fix -CVE-2010-4172: Multiple XSS in Manager application. (markt/kkolinko) +CVE-2010-4172: Multiple XSS in the Manager application. (markt/kkolinko) /fix fix -bug50316/bug: Fix display of negative values in Manager application. -(kkolinko) +bug50316/bug: Fix display of negative values in the Manager +application. (kkolinko) + /fix + fix +bug50318/bug: Avoid NPE when trying to view session detail for an +expired session in the Manager application. (markt) /fix /changelog /subsection Modified: tomcat/trunk/webapps/manager/WEB-INF/jsp/sessionDetail.jsp URL: http://svn.apache.org/viewvc/tomcat/trunk/webapps/manager/WEB-INF/jsp/sessionDetail.jsp?rev=1038235r1=1038234r2=1038235view=diff == --- tomcat/trunk/webapps/manager/WEB-INF/jsp/sessionDetail.jsp (original) +++ tomcat/trunk/webapps/manager/WEB-INF/jsp/sessionDetail.jsp Tue Nov 23 17:59:49 2010 @@ -32,8 +32,14 @@ String version = (String) request.getAttribute(version); ContextName cn = new ContextName(path, version); Session currentSession = (Session)request.getAttribute(currentSession); - HttpSession currentHttpSession = currentSession.getSession(); - String currentSessionId = JspHelper.escapeXml(currentSession.getId()); + String currentSessionId = null; + HttpSession currentHttpSession = null; + if (currentSession != null) { + currentHttpSession = currentSession.getSession(); + currentSessionId = JspHelper.escapeXml(currentSession.getId()); + } else { + currentSessionId = Session invalidated; + } String submitUrl = JspHelper.escapeXml(response.encodeURL( ((HttpServletRequest) pageContext.getRequest()).getRequestURI() + ?path= + path + version= + version)); @@ -50,118 +56,122 @@ titleSessions Administration: details for %= currentSessionId %/title /head body -h1Details for Session %= currentSessionId %/h1 - -table style=text-align: left; border=0 - tr -thSession Id/th -td%= currentSessionId %/td - /tr - tr -thGuessed Locale/th -td%= JspHelper.guessDisplayLocaleFromSession(currentSession) %/td - /tr - tr -thGuessed User/th -td%= JspHelper.guessDisplayUserFromSession(currentSession) %/td - /tr - tr -thCreation Time/th -td%= JspHelper.getDisplayCreationTimeForSession(currentSession) %/td - /tr - tr -thLast Accessed Time/th -td%= JspHelper.getDisplayLastAccessedTimeForSession(currentSession) %/td - /tr - tr -thSession Max Inactive Interval/th -td%= JspHelper.secondsToTimeString(currentSession.getMaxInactiveInterval()) %/td - /tr - tr -thUsed Time/th -td%= JspHelper.getDisplayUsedTimeForSession(currentSession) %/td - /tr - tr -thInactive Time/th -td%=
DO NOT REPLY [Bug 50318] NPE when opening Session Details page for an expired session
https://issues.apache.org/bugzilla/show_bug.cgi?id=50318 Mark Thomas ma...@apache.org changed: What|Removed |Added Status|NEW |RESOLVED Resolution||FIXED --- Comment #1 from Mark Thomas ma...@apache.org 2010-11-23 13:01:18 EST --- Fixed in 7.0.x and will be included in 7.0.5 onwards -- Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1038289 - /tomcat/trunk/test/org/apache/catalina/startup/TestTomcat.java
Author: markt Date: Tue Nov 23 19:20:42 2010 New Revision: 1038289 URL: http://svn.apache.org/viewvc?rev=1038289view=rev Log: Roles are supported Modified: tomcat/trunk/test/org/apache/catalina/startup/TestTomcat.java Modified: tomcat/trunk/test/org/apache/catalina/startup/TestTomcat.java URL: http://svn.apache.org/viewvc/tomcat/trunk/test/org/apache/catalina/startup/TestTomcat.java?rev=1038289r1=1038288r2=1038289view=diff == --- tomcat/trunk/test/org/apache/catalina/startup/TestTomcat.java (original) +++ tomcat/trunk/test/org/apache/catalina/startup/TestTomcat.java Tue Nov 23 19:20:42 2010 @@ -133,7 +133,7 @@ public class TestTomcat extends TomcatBa /** * Simple Realm that uses a configurable {...@link Map} to link user names and - * passwords. No roles are supported at this stage. + * passwords. */ public static final class MapRealm extends RealmBase { private MapString,String users = new HashMapString,String(); - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1038290 - /tomcat/trunk/test/org/apache/catalina/core/TestStandardContext.java
Author: markt Date: Tue Nov 23 19:21:09 2010 New Revision: 1038290 URL: http://svn.apache.org/viewvc?rev=1038290view=rev Log: Add a test case for bug50015 Modified: tomcat/trunk/test/org/apache/catalina/core/TestStandardContext.java Modified: tomcat/trunk/test/org/apache/catalina/core/TestStandardContext.java URL: http://svn.apache.org/viewvc/tomcat/trunk/test/org/apache/catalina/core/TestStandardContext.java?rev=1038290r1=1038289r2=1038290view=diff == --- tomcat/trunk/test/org/apache/catalina/core/TestStandardContext.java (original) +++ tomcat/trunk/test/org/apache/catalina/core/TestStandardContext.java Tue Nov 23 19:21:09 2010 @@ -19,21 +19,32 @@ package org.apache.catalina.core; import java.io.File; import java.io.IOException; +import java.util.Set; import javax.servlet.Filter; import javax.servlet.FilterChain; import javax.servlet.FilterConfig; +import javax.servlet.HttpConstraintElement; +import javax.servlet.Servlet; +import javax.servlet.ServletContainerInitializer; +import javax.servlet.ServletContext; import javax.servlet.ServletException; +import javax.servlet.ServletRegistration; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; +import javax.servlet.ServletSecurityElement; +import javax.servlet.annotation.ServletSecurity.TransportGuarantee; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import org.apache.catalina.Context; +import org.apache.catalina.authenticator.BasicAuthenticator; import org.apache.catalina.deploy.FilterDef; import org.apache.catalina.deploy.FilterMap; +import org.apache.catalina.deploy.LoginConfig; import org.apache.catalina.startup.SimpleHttpClient; +import org.apache.catalina.startup.TestTomcat.MapRealm; import org.apache.catalina.startup.Tomcat; import org.apache.catalina.startup.TomcatBaseTest; import org.apache.tomcat.util.buf.ByteChunk; @@ -120,8 +131,6 @@ public class TestStandardContext extends // Set up a container Tomcat tomcat = getTomcatInstance(); -// Must have a real docBase - just use temp -// Use the normal Tomcat ROOT context File root = new File(test/webapp-3.0); tomcat.addWebapp(, root.getAbsolutePath()); @@ -238,4 +247,73 @@ public class TestStandardContext extends } } + +public void testBug50015() throws Exception { +// Set up a container +Tomcat tomcat = getTomcatInstance(); + +// Must have a real docBase - just use temp +File docBase = new File(System.getProperty(java.io.tmpdir)); +Context ctx = tomcat.addContext(, docBase.getAbsolutePath()); + +// Setup realm +MapRealm realm = new MapRealm(); +realm.addUser(tomcat, tomcat); +realm.addUserRole(tomcat, tomcat); +ctx.setRealm(realm); + +// Configure app for BASIC auth +LoginConfig lc = new LoginConfig(); +lc.setAuthMethod(BASIC); +ctx.setLoginConfig(lc); +ctx.getPipeline().addValve(new BasicAuthenticator()); + +// Add ServletContainerInitializer +ServletContainerInitializer sci = new Bug50015SCI(); +ctx.addServletContainerInitializer(sci, null); + +// Start the context +tomcat.start(); + +// Request the first servlet +ByteChunk bc = new ByteChunk(); +int rc = getUrl(http://localhost:; + getPort() + /bug50015, +bc, null); + +// Check for a 401 +assertNotSame(OK, bc.toString()); +assertEquals(401, rc); +} + +public static final class Bug50015SCI +implements ServletContainerInitializer { + +@Override +public void onStartup(SetClass? c, ServletContext ctx) +throws ServletException { +// Register and map servlet +Servlet s = new Bug50015Servlet(); +ServletRegistration.Dynamic sr = ctx.addServlet(bug50015, s); +sr.addMapping(/bug50015); + +// Limit access to users in the Tomcat role +HttpConstraintElement hce = new HttpConstraintElement( +TransportGuarantee.NONE, tomcat); +ServletSecurityElement sse = new ServletSecurityElement(hce); +sr.setServletSecurity(sse); +} +} + +public static final class Bug50015Servlet extends HttpServlet { + +private static final long serialVersionUID = 1L; + +@Override +protected void doGet(HttpServletRequest req, HttpServletResponse resp) +throws ServletException, IOException { +resp.setContentType(text/plain); +resp.getWriter().write(OK); +} + +} } - To
svn commit: r1038351 - in /tomcat/trunk: java/org/apache/coyote/ java/org/apache/coyote/http11/ java/org/apache/coyote/http11/filters/ test/org/apache/coyote/http11/filters/ webapps/docs/config/
Author: markt Date: Tue Nov 23 21:45:56 2010 New Revision: 1038351 URL: http://svn.apache.org/viewvc?rev=1038351view=rev Log: Move configuration of trailer header size limit to the connector Modified: tomcat/trunk/java/org/apache/coyote/Constants.java tomcat/trunk/java/org/apache/coyote/http11/AbstractHttp11Processor.java tomcat/trunk/java/org/apache/coyote/http11/AbstractHttp11Protocol.java tomcat/trunk/java/org/apache/coyote/http11/Http11AprProcessor.java tomcat/trunk/java/org/apache/coyote/http11/Http11AprProtocol.java tomcat/trunk/java/org/apache/coyote/http11/Http11NioProcessor.java tomcat/trunk/java/org/apache/coyote/http11/Http11NioProtocol.java tomcat/trunk/java/org/apache/coyote/http11/Http11Processor.java tomcat/trunk/java/org/apache/coyote/http11/Http11Protocol.java tomcat/trunk/java/org/apache/coyote/http11/filters/ChunkedInputFilter.java tomcat/trunk/test/org/apache/coyote/http11/filters/TestChunkedInputFilter.java tomcat/trunk/webapps/docs/config/http.xml tomcat/trunk/webapps/docs/config/systemprops.xml Modified: tomcat/trunk/java/org/apache/coyote/Constants.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/coyote/Constants.java?rev=1038351r1=1038350r2=1038351view=diff == --- tomcat/trunk/java/org/apache/coyote/Constants.java (original) +++ tomcat/trunk/java/org/apache/coyote/Constants.java Tue Nov 23 21:45:56 2010 @@ -67,14 +67,5 @@ public final class Constants { public static final boolean USE_CUSTOM_STATUS_MSG_IN_HEADER = Boolean.valueOf(System.getProperty( org.apache.coyote.USE_CUSTOM_STATUS_MSG_IN_HEADER, -false)).booleanValue(); - -/** - * Limit on the total length of the trailer headers in - * a chunked HTTP request. - */ -public static final int MAX_TRAILER_SIZE = -Integer.parseInt(System.getProperty( -org.apache.coyote.MAX_TRAILER_SIZE, -8192)); +false)).booleanValue(); } Modified: tomcat/trunk/java/org/apache/coyote/http11/AbstractHttp11Processor.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/coyote/http11/AbstractHttp11Processor.java?rev=1038351r1=1038350r2=1038351view=diff == --- tomcat/trunk/java/org/apache/coyote/http11/AbstractHttp11Processor.java (original) +++ tomcat/trunk/java/org/apache/coyote/http11/AbstractHttp11Processor.java Tue Nov 23 21:45:56 2010 @@ -771,13 +771,13 @@ public abstract class AbstractHttp11Proc /** * Initialize standard input and output filters. */ -protected void initializeFilters() { +protected void initializeFilters(int maxTrailerSize) { // Create and add the identity filters. getInputBuffer().addFilter(new IdentityInputFilter()); getOutputBuffer().addFilter(new IdentityOutputFilter()); // Create and add the chunked filters. -getInputBuffer().addFilter(new ChunkedInputFilter()); +getInputBuffer().addFilter(new ChunkedInputFilter(maxTrailerSize)); getOutputBuffer().addFilter(new ChunkedOutputFilter()); // Create and add the void filters. Modified: tomcat/trunk/java/org/apache/coyote/http11/AbstractHttp11Protocol.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/coyote/http11/AbstractHttp11Protocol.java?rev=1038351r1=1038350r2=1038351view=diff == --- tomcat/trunk/java/org/apache/coyote/http11/AbstractHttp11Protocol.java (original) +++ tomcat/trunk/java/org/apache/coyote/http11/AbstractHttp11Protocol.java Tue Nov 23 21:45:56 2010 @@ -332,6 +332,16 @@ public abstract class AbstractHttp11Prot public void setServer( String server ) { this.server = server; } public String getServer() { return server; } +// HTTP +/** + * Maximum size of trailing headers in bytes + */ +private int maxTrailerSize = 8192; +public int getMaxTrailerSize() { return maxTrailerSize; } +public void setMaxTrailerSize(int maxTrailerSize) { +this.maxTrailerSize = maxTrailerSize; +} + @Override public Executor getExecutor() { return endpoint.getExecutor(); } public void setExecutor(Executor executor) { endpoint.setExecutor(executor); } Modified: tomcat/trunk/java/org/apache/coyote/http11/Http11AprProcessor.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/coyote/http11/Http11AprProcessor.java?rev=1038351r1=1038350r2=1038351view=diff == --- tomcat/trunk/java/org/apache/coyote/http11/Http11AprProcessor.java (original) +++ tomcat/trunk/java/org/apache/coyote/http11/Http11AprProcessor.java Tue Nov 23 21:45:56 2010 @@ -66,7 +66,8 @@ public class
DO NOT REPLY [Bug 49860] getParameters() fails on chunked POST requests with trailers
https://issues.apache.org/bugzilla/show_bug.cgi?id=49860 --- Comment #2 from Mark Thomas ma...@apache.org 2010-11-23 16:58:56 EST --- The 7.0.x fix has been updated and will be included in 7.0.5 onwards. A port of the fix has been proposed for 6.0.x -- Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1038369 - in /tomcat/trunk/java/org/apache/catalina/core: ContainerBase.java StandardEngine.java
Author: markt Date: Tue Nov 23 22:48:21 2010 New Revision: 1038369 URL: http://svn.apache.org/viewvc?rev=1038369view=rev Log: NoOp logger is only used in StandardEngine so move it there Only log to containers that are available Modified: tomcat/trunk/java/org/apache/catalina/core/ContainerBase.java tomcat/trunk/java/org/apache/catalina/core/StandardEngine.java Modified: tomcat/trunk/java/org/apache/catalina/core/ContainerBase.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/core/ContainerBase.java?rev=1038369r1=1038368r2=1038369view=diff == --- tomcat/trunk/java/org/apache/catalina/core/ContainerBase.java (original) +++ tomcat/trunk/java/org/apache/catalina/core/ContainerBase.java Tue Nov 23 22:48:21 2010 @@ -1404,14 +1404,5 @@ public abstract class ContainerBase exte } } } - -} - -protected static final class NoopAccessLog implements AccessLog { - -@Override -public void log(Request request, Response response, long time) { -// NOOP -} } } Modified: tomcat/trunk/java/org/apache/catalina/core/StandardEngine.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/core/StandardEngine.java?rev=1038369r1=1038368r2=1038369view=diff == --- tomcat/trunk/java/org/apache/catalina/core/StandardEngine.java (original) +++ tomcat/trunk/java/org/apache/catalina/core/StandardEngine.java Tue Nov 23 22:48:21 2010 @@ -317,13 +317,14 @@ public class StandardEngine extends Cont // If we reached this point, this Engine can't have an AccessLog // Look in the defaultHost Host host = (Host) findChild(getDefaultHost()); -if (host != null) { +if (host != null host.getState().isAvailable()) { defaultAccessLog = host.getAccessLog(); if (defaultAccessLog == null) { // Try the ROOT context of default host Context context = (Context) host.findChild(); -if (context != null) { +if (context != null +context.getState().isAvailable()) { defaultAccessLog = context.getAccessLog(); } } @@ -359,4 +360,12 @@ public class StandardEngine extends Cont return type=Engine; } +// --- Inner classes +protected static final class NoopAccessLog implements AccessLog { + +@Override +public void log(Request request, Response response, long time) { +// NOOP +} +} } - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: [ANN] New Tomcat committer: Christopher Schultz (schultz)
2010/11/23 Mark Thomas ma...@apache.org: On behalf of the Tomcat committers I am pleased to announce that Christopher Schultz (schultz) has been voted in as a new Tomcat committer. Please join me in welcoming him. Congratulations! -- Keiichi.Fujino - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: [ANN] New Tomcat committer: Christopher Schultz (schultz)
Congrats Chris. On Nov 23, 2010 7:01 PM, Keiichi Fujino kfuj...@apache.org wrote: 2010/11/23 Mark Thomas ma...@apache.org: On behalf of the Tomcat committers I am pleased to announce that Christopher Schultz (schultz) has been voted in as a new Tomcat committer. Please join me in welcoming him. Congratulations! -- Keiichi.Fujino - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org