remm 2005/08/26 05:31:05 Modified: jk/java/org/apache/coyote/ajp AjpAprProcessor.java AjpAprProtocol.java webapps/docs changelog.xml Log: - Now I know what secret is used for. Revision Changes Path 1.18 +26 -0 jakarta-tomcat-connectors/jk/java/org/apache/coyote/ajp/AjpAprProcessor.java Index: AjpAprProcessor.java =================================================================== RCS file: /home/cvs/jakarta-tomcat-connectors/jk/java/org/apache/coyote/ajp/AjpAprProcessor.java,v retrieving revision 1.17 retrieving revision 1.18 diff -u -r1.17 -r1.18 --- AjpAprProcessor.java 4 Aug 2005 07:07:57 -0000 1.17 +++ AjpAprProcessor.java 26 Aug 2005 12:31:05 -0000 1.18 @@ -32,6 +32,7 @@ import org.apache.coyote.Request; import org.apache.coyote.RequestInfo; import org.apache.coyote.Response; +import org.apache.jk.common.AjpConstants; import org.apache.tomcat.jni.Socket; import org.apache.tomcat.jni.Status; import org.apache.tomcat.util.buf.ByteChunk; @@ -311,6 +312,13 @@ public void setTomcatAuthentication(boolean tomcatAuthentication) { this.tomcatAuthentication = tomcatAuthentication; } + /** + * Required secret. + */ + protected String requiredSecret = null; + public void setRequiredSecret(String requiredSecret) { this.requiredSecret = requiredSecret; } + + // --------------------------------------------------------- Public Methods @@ -677,6 +685,7 @@ } // Decode extra attributes + boolean secret = false; byte attributeCode; while ((attributeCode = requestHeaderMessage.getByte()) != Constants.SC_A_ARE_DONE) { @@ -756,6 +765,17 @@ requestHeaderMessage.getBytes(request.method()); break; + case AjpConstants.SC_A_SECRET: + requestHeaderMessage.getBytes(tmpMB); + if (requiredSecret != null) { + secret = true; + if (!tmpMB.equals(requiredSecret)) { + response.setStatus(403); + error = true; + } + } + break; + default: // Ignore unknown attribute for backward compatibility break; @@ -764,6 +784,12 @@ } + // Check if secret was submitted if required + if ((requiredSecret != null) && !secret) { + response.setStatus(403); + error = true; + } + // Check for a full URI (including protocol://host:port/) ByteChunk uriBC = request.requestURI().getByteChunk(); if (uriBC.startsWithIgnoreCase("http", 0)) { 1.8 +12 -0 jakarta-tomcat-connectors/jk/java/org/apache/coyote/ajp/AjpAprProtocol.java Index: AjpAprProtocol.java =================================================================== RCS file: /home/cvs/jakarta-tomcat-connectors/jk/java/org/apache/coyote/ajp/AjpAprProtocol.java,v retrieving revision 1.7 retrieving revision 1.8 diff -u -r1.7 -r1.8 --- AjpAprProtocol.java 1 Aug 2005 10:00:59 -0000 1.7 +++ AjpAprProtocol.java 26 Aug 2005 12:31:05 -0000 1.8 @@ -100,6 +100,12 @@ /** + * Required secret. + */ + protected String requiredSecret = null; + + + /** * Adapter which will process the requests recieved by this endpoint. */ private Adapter adapter; @@ -394,6 +400,11 @@ } + public void setRequiredSecret(String requiredSecret) { + this.requiredSecret = requiredSecret; + } + + // -------------------------------------- AjpConnectionHandler Inner Class @@ -415,6 +426,7 @@ processor = new AjpAprProcessor(proto.ep); processor.setAdapter(proto.adapter); processor.setTomcatAuthentication(proto.tomcatAuthentication); + processor.setRequiredSecret(proto.requiredSecret); localProcessor.set(processor); if (proto.getDomain() != null) { synchronized (this) { 1.363 +6 -0 jakarta-tomcat-catalina/webapps/docs/changelog.xml Index: changelog.xml =================================================================== RCS file: /home/cvs/jakarta-tomcat-catalina/webapps/docs/changelog.xml,v retrieving revision 1.362 retrieving revision 1.363 diff -u -r1.362 -r1.363 --- changelog.xml 25 Aug 2005 12:30:14 -0000 1.362 +++ changelog.xml 26 Aug 2005 12:31:05 -0000 1.363 @@ -42,6 +42,9 @@ <subsection name="Coyote"> <changelog> + <update> + Add support for secret for AJP APR (remm) + </update> </changelog> </subsection> @@ -63,6 +66,9 @@ <docs> <bug>36319</bug>: Fix broken link to DBCP docs, submitted by Xavier Poinsard (remm) </docs> + <docs> + Brand new deployer specs, submitted by Allistair Crossley (remm) + </docs> </changelog> </subsection> </section>
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]