+1 from me.
David Jencks wrote: > I'd like to apply the patch > http://issues.apache.org/jira/secure/attachment/12334350/GERONIMO-2006.patch > > > from http://issues.apache.org/jira/browse/GERONIMO-2006 > > It fixes a buffer overflow problem in tomcat (which presumably doesn't > need a vote since it's a bug fix) and does some simple checks on the > plan you supply to upgrade the plan if it is clearly a 1.0 plan. > > here's my +1. I'd like to know if it counts, see my separate post > asking about this. > > here's the text of the patch: again I'd like to know if this is required > or if the link to the jira issue is sufficient. > > Thanks > david jencks > > > Index: applications/console-standard/project.xml > =================================================================== > --- applications/console-standard/project.xml (revision 407792) > +++ applications/console-standard/project.xml (working copy) > @@ -92,6 +92,11 @@ > </dependency> > <dependency> > <groupId>geronimo</groupId> > + <artifactId>geronimo-upgrade</artifactId> > + <version>${pom.currentVersion}</version> > + </dependency> > + <dependency> > + <groupId>geronimo</groupId> > <artifactId>geronimo-deploy-jsr88</artifactId> > <version>${pom.currentVersion}</version> > </dependency> > Index: > applications/console-standard/src/java/org/apache/geronimo/console/configmanager/PlanExportServlet.java > > =================================================================== > --- > applications/console-standard/src/java/org/apache/geronimo/console/configmanager/PlanExportServlet.java > > (revision 0) > +++ > applications/console-standard/src/java/org/apache/geronimo/console/configmanager/PlanExportServlet.java > > (revision 0) > @@ -0,0 +1,41 @@ > +/** > +* > +* Copyright 2006 The Apache Software Foundation > +* > +* Licensed under the Apache License, Version 2.0 (the "License"); > +* you may not use this file except in compliance with the License. > +* You may obtain a copy of the License at > +* > +* http://www.apache.org/licenses/LICENSE-2.0 > +* > +* Unless required by applicable law or agreed to in writing, software > +* distributed under the License is distributed on an "AS IS" BASIS, > +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or > implied. > +* See the License for the specific language governing permissions and > +* limitations under the License. > +*/ > +package org.apache.geronimo.console.configmanager; > + > +import javax.servlet.ServletException; > +import javax.servlet.http.HttpServlet; > +import javax.servlet.http.HttpServletRequest; > +import javax.servlet.http.HttpServletResponse; > +import java.io.IOException; > + > +/** > +* Servlet that lets you download a migrated plan > +* > +* @version $Rev$ $Date$ > +*/ > +public class PlanExportServlet extends HttpServlet { > + protected void doPost(HttpServletRequest request, > HttpServletResponse response) throws ServletException, IOException { > + String migratedPlan = request.getParameter("migratedPlan"); > + if (migratedPlan == null) { > + response.sendError(HttpServletResponse.SC_BAD_REQUEST); > + } else { > + response.setContentType("application/x-unknown"); > + response.addHeader("Content-Disposition", "attachment; > filename=migrated-plan.xml"); > + response.getOutputStream().write(migratedPlan.getBytes()); > + } > + } > +} > > Property changes on: > applications/console-standard/src/java/org/apache/geronimo/console/configmanager/PlanExportServlet.java > > ___________________________________________________________________ > Name: svn:mime-type > + text/plain > Name: svn:keywords > + Date Author Id Revision HeadURL > Name: svn:eol-style > + native > > Index: > applications/console-standard/src/java/org/apache/geronimo/console/configmanager/DeploymentPortlet.java > > =================================================================== > --- > applications/console-standard/src/java/org/apache/geronimo/console/configmanager/DeploymentPortlet.java > > (revision 407792) > +++ > applications/console-standard/src/java/org/apache/geronimo/console/configmanager/DeploymentPortlet.java > > (working copy) > @@ -17,8 +17,11 @@ > package org.apache.geronimo.console.configmanager; > +import java.io.ByteArrayInputStream; > import java.io.File; > +import java.io.FileInputStream; > import java.io.IOException; > +import java.io.StringWriter; > import java.util.Iterator; > import java.util.List; > import java.util.ArrayList; > @@ -34,6 +37,9 @@ > import javax.portlet.PortletRequestDispatcher; > import javax.portlet.RenderRequest; > import javax.portlet.RenderResponse; > +import javax.xml.parsers.DocumentBuilder; > +import javax.xml.parsers.DocumentBuilderFactory; > + > import org.apache.commons.fileupload.FileItem; > import org.apache.commons.fileupload.FileUploadException; > import org.apache.commons.fileupload.disk.DiskFileItemFactory; > @@ -43,17 +49,21 @@ > import org.apache.geronimo.deployment.plugin.ConfigIDExtractor; > import org.apache.geronimo.common.DeploymentException; > import org.apache.geronimo.kernel.repository.Artifact; > +import org.apache.geronimo.upgrade.Upgrade1_0To1_1; > +import org.w3c.dom.Document; > public class DeploymentPortlet extends BasePortlet { > + private static final String DEPLOY_VIEW = > "/WEB-INF/view/configmanager/deploy.jsp"; > + private static final String HELP_VIEW = > "/WEB-INF/view/configmanager/deployHelp.jsp"; > + private static final String MIGRATED_PLAN_PARM = "migratedPlan"; > + private static final String ORIGINAL_PLAN_PARM = "originalPlan"; > + private static final String FULL_STATUS_PARM = > "fullStatusMessage"; > + private static final String ABBR_STATUS_PARM = > "abbrStatusMessage"; > private PortletRequestDispatcher deployView; > - > private PortletRequestDispatcher helpView; > - private boolean messageNotRendered = true; > - > public void processAction(ActionRequest actionRequest, > ActionResponse actionResponse) throws > PortletException, IOException { > - messageNotRendered = true; > if (!PortletFileUpload.isMultipartContent(actionRequest)) { > throw new PortletException("Expected file upload"); > } > @@ -107,6 +117,7 @@ > throw new PortletException(e); > } > DeploymentFactoryManager dfm = > DeploymentFactoryManager.getInstance(); > + FileInputStream fis = null; > try { > DeploymentManager mgr = > dfm.getDeploymentManager("deployer:geronimo:inVM", null, null); > try { > @@ -128,23 +139,58 @@ > while(progress.getDeploymentStatus().isRunning()) { > Thread.sleep(100); > } > - > + > + String abbrStatusMessage; > + String fullStatusMessage = null; > if(progress.getDeploymentStatus().isCompleted()) { > - String message = "The application was successfully > "+(isRedeploy ? "re" : "")+"deployed.<br/>"; > + abbrStatusMessage = "The application was > successfully "+(isRedeploy ? "re" : "")+"deployed.<br/>"; > // start installed app/s > if (!isRedeploy && startApp != null && > !startApp.equals("")) { > progress = > mgr.start(progress.getResultTargetModuleIDs()); > > while(progress.getDeploymentStatus().isRunning()) { > Thread.sleep(100); > } > - message+="The application was successfully > started"; > + abbrStatusMessage+="The application was > successfully started"; > } > - actionResponse.setRenderParameter("outcome",message); > } else { > - actionResponse.setRenderParameter("outcome", > "Deployment failed: "+progress.getDeploymentStatus().getMessage()); > + fullStatusMessage = > progress.getDeploymentStatus().getMessage(); > + // for the abbreviated status message clip off > everything > + // after the first line, which in most cases means > the gnarly stacktrace > + abbrStatusMessage = "Deployment failed:<br/>" > + + fullStatusMessage.substring(0, > fullStatusMessage.indexOf('\n')); > + // try to provide an upgraded version of the plan > + try { > + if (planFile != null && planFile.exists()) { > + byte[] plan = new byte[(int) > planFile.length()]; > + fis = new FileInputStream(planFile); > + fis.read(plan); > + DocumentBuilder documentBuilder = > DocumentBuilderFactory.newInstance().newDocumentBuilder(); > + Document doc = documentBuilder.parse(new > ByteArrayInputStream(plan)); > + // v1.1 switched from configId to moduleId > + String configId = > doc.getDocumentElement().getAttribute("configId"); > + if (configId != null && > !("".equals(configId))) { > + StringWriter sw = new StringWriter(); > + new Upgrade1_0To1_1().upgrade(new > ByteArrayInputStream(plan), sw); > + // have to store the original and > upgraded plans in the session > + // because the buffer size for render > parameters is sometimes not > + // big enough > + > actionRequest.getPortletSession().setAttribute(MIGRATED_PLAN_PARM, > sw.getBuffer()); > + > actionRequest.getPortletSession().setAttribute(ORIGINAL_PLAN_PARM, new > String(plan)); > + } > + } > + } catch (Exception e) { > + // cannot provide a migrated plan in this case, > most likely > + // because the deployment plan would not parse. > a valid > + // status message has already been provided in > this case > + } > } > + // have to store the status messages in the portlet > session > + // because the buffer size for render parameters is > sometimes not big enough > + > actionRequest.getPortletSession().setAttribute(FULL_STATUS_PARM, > fullStatusMessage); > + > actionRequest.getPortletSession().setAttribute(ABBR_STATUS_PARM, > abbrStatusMessage); > } finally { > mgr.release(); > + if (fis!=null) fis.close(); > } > } catch (Exception e) { > throw new PortletException(e); > @@ -184,14 +230,24 @@ > protected void doView(RenderRequest renderRequest, > RenderResponse renderResponse) throws > PortletException, IOException { > - if (messageNotRendered) { > - renderRequest.setAttribute("outcome", renderRequest > - .getParameter("outcome")); > - messageNotRendered = false; > - } > + // The deployment plans and messages from the deployers > sometime exceeds > + // the buffer size for render attributes. To avoid the buffer > + // overrun the render attributes are temporarily stored in the > portlet > + // session during the processAction phase and then copied into > render > + // attributes here so the JSP has easier access to them. This > seems > + // to only be an issue on tomcat. > + copyRenderAttribute(renderRequest, FULL_STATUS_PARM); > + copyRenderAttribute(renderRequest, ABBR_STATUS_PARM); > + copyRenderAttribute(renderRequest, MIGRATED_PLAN_PARM); > + copyRenderAttribute(renderRequest, ORIGINAL_PLAN_PARM); > deployView.include(renderRequest, renderResponse); > - // clear previous message for next rendering > } > + > + private void copyRenderAttribute(RenderRequest renderRequest, > String attr) { > + Object value = > renderRequest.getPortletSession().getAttribute(attr); > + renderRequest.getPortletSession().removeAttribute(attr); > + renderRequest.setAttribute(attr, value); > + } > protected void doHelp(RenderRequest renderRequest, > RenderResponse renderResponse) throws > PortletException, IOException { > @@ -200,8 +256,8 @@ > public void init(PortletConfig portletConfig) throws > PortletException { > super.init(portletConfig); > - deployView = > portletConfig.getPortletContext().getRequestDispatcher("/WEB-INF/view/configmanager/deploy.jsp"); > > - helpView = > portletConfig.getPortletContext().getRequestDispatcher("/WEB-INF/view/configmanager/deployHelp.jsp"); > > + deployView = > portletConfig.getPortletContext().getRequestDispatcher(DEPLOY_VIEW); > + helpView = > portletConfig.getPortletContext().getRequestDispatcher(HELP_VIEW); > } > public void destroy() { > Index: > applications/console-standard/src/webapp/WEB-INF/view/configmanager/deploy.jsp > > =================================================================== > --- > applications/console-standard/src/webapp/WEB-INF/view/configmanager/deploy.jsp > > (revision 407792) > +++ > applications/console-standard/src/webapp/WEB-INF/view/configmanager/deploy.jsp > > (working copy) > @@ -1,9 +1,67 @@ > -<%@ page import="java.io.PrintWriter"%> > <%@ taglib uri="http://java.sun.com/jsp/jstl/core"; prefix="c" %> > <%@ taglib uri="http://java.sun.com/portlet"; prefix="portlet"%> > <portlet:defineObjects/> > -<c:if test="${! outcome}"><pre>${outcome}</pre></c:if> > +<script> > +// toggle the display state of an element > +function <portlet:namespace/>toggleDisplay(id) { > + var element = document.getElementById("<portlet:namespace/>"+id); > + if (element.style.display == 'inline') { > + element.style.display='none'; > + } else { > + element.style.display='inline'; > + } > +} > +</script> > + > +<!-- Abbreviated status message --> > +<c:if test="${!(empty abbrStatusMessage)}"> > + <div id="<portlet:namespace/>abbrStatusMessage" > style="display:inline"> > + ${abbrStatusMessage}<br/> > + <c:if test="${!(empty fullStatusMessage)}"> > + <button > onclick="<portlet:namespace/>toggleDisplay('fullStatusMessage');<portlet:namespace/>toggleDisplay('abbrStatusMessage');return > false;">Show full details</button> > + </c:if> > + </div> > +</c:if> > +<!-- Full status message --> > +<c:if test="${!(empty fullStatusMessage)}"> > + <div id="<portlet:namespace/>fullStatusMessage" style="display:none"> > + <pre> > +<c:out escapeXml="true" value="${fullStatusMessage}"/> > + </pre> > + </div> > +</c:if> > + > +<P/> > + > +<!-- Migrated Plan --> > +<c:if test="${!(empty migratedPlan)}"> > +<hr/><br/> > +The deployment plan you provided appears to be for a previous version of > +the application server. > +A migrated version of your plan is provided below for your > convenience. Not all > +deployment plans can be fully migrated so some manual editing may be > required > +before the migrated plan can be deployed. > +<p/> > +<div id="<portlet:namespace/>migratedPlan" style="display:inline"> > +Migrated plan: > +<form method="POST" action="/console/plan-export"> > + <textarea name="migratedPlan" rows=10 cols=80><c:out > escapeXml="true" value="${migratedPlan}"/></textarea> > + <br/> > + <button > onclick="<portlet:namespace/>toggleDisplay('originalPlan');<portlet:namespace/>toggleDisplay('migratedPlan');return > false;">Show original plan</button> > + <input type="submit" value="Save this plan locally"/> > +</form> > +</div> > +<div id="<portlet:namespace/>originalPlan" style="display:none"> > +Original plan: > +<form> > + <textarea rows=10 cols=80><c:out escapeXml="true" > value="${originalPlan}"/></textarea><br/> > + <button > onclick="<portlet:namespace/>toggleDisplay('migratedPlan');<portlet:namespace/>toggleDisplay('originalPlan');return > false;">Show Migrated plan</button> > +</form> > +</div> > +<br/><hr/><br/> > +</c:if> > + > <form enctype="multipart/form-data" method="POST" > action="<portlet:actionURL><portlet:param name="action" > value="deploy"/></portlet:actionURL>"> > <table> > <tr><th align="right">Archive: </th><td><input type="file" > name="module" /></td></tr> > Index: applications/console-standard/src/webapp/WEB-INF/web.xml > =================================================================== > --- applications/console-standard/src/webapp/WEB-INF/web.xml > (revision 407792) > +++ applications/console-standard/src/webapp/WEB-INF/web.xml (working > copy) > @@ -763,6 +763,11 @@ > <servlet-name>maven-repo</servlet-name> > > <servlet-class>org.apache.geronimo.console.car.GeronimoAsMavenServlet</servlet-class> > > </servlet> > +<servlet> > + <display-name>Plan Export Servlet</display-name> > + <servlet-name>plan-export</servlet-name> > + > <servlet-class>org.apache.geronimo.console.configmanager.PlanExportServlet</servlet-class> > > +</servlet> > <servlet-mapping> > <servlet-name>dwr-invoker</servlet-name> > @@ -776,6 +781,10 @@ > <servlet-name>maven-repo</servlet-name> > <url-pattern>/maven-repo/*</url-pattern> > </servlet-mapping> > +<servlet-mapping> > + <servlet-name>plan-export</servlet-name> > + <url-pattern>/plan-export</url-pattern> > +</servlet-mapping> > Index: applications/console-framework/src/webapp/WEB-INF/web.xml > =================================================================== > --- applications/console-framework/src/webapp/WEB-INF/web.xml > (revision 407792) > +++ applications/console-framework/src/webapp/WEB-INF/web.xml > (working copy) > @@ -71,6 +71,20 @@ > <param-value>/graphs</param-value> > </init-param> > </servlet> > + > + <servlet> > + <display-name>Plan Export Forward Servlet</display-name> > + <servlet-name>plan-export-forward</servlet-name> > + > <servlet-class>org.apache.geronimo.console.servlet.ContextForwardServlet</servlet-class> > > + <init-param> > + <param-name>context-path</param-name> > + <param-value>/console-standard</param-value> > + </init-param> > + <init-param> > + <param-name>servlet-path</param-name> > + <param-value>/plan-export</param-value> > + </init-param> > + </servlet> > <servlet-mapping> > <servlet-name>se-console</servlet-name> > @@ -92,6 +106,10 @@ > <servlet-name>svg-forward</servlet-name> > <url-pattern>/graphs/*</url-pattern> > </servlet-mapping> > + <servlet-mapping> > + <servlet-name>plan-export-forward</servlet-name> > + <url-pattern>/plan-export</url-pattern> > + </servlet-mapping> > <security-constraint> > <web-resource-collection> > Index: configs/console-tomcat/project.xml > =================================================================== > --- configs/console-tomcat/project.xml (revision 407792) > +++ configs/console-tomcat/project.xml (working copy) > @@ -146,6 +146,14 @@ > </dependency> > <dependency> > <groupId>geronimo</groupId> > + <artifactId>geronimo-upgrade</artifactId> > + <version>${geronimo_version}</version> > + <properties> > + <geronimo.dependency>true</geronimo.dependency> > + </properties> > + </dependency> > + <dependency> > + <groupId>geronimo</groupId> > <artifactId>geronimo-management</artifactId> > <version>${geronimo_version}</version> > <properties> > Index: configs/console-jetty/project.xml > =================================================================== > --- configs/console-jetty/project.xml (revision 407792) > +++ configs/console-jetty/project.xml (working copy) > @@ -146,6 +146,14 @@ > </dependency> > <dependency> > <groupId>geronimo</groupId> > + <artifactId>geronimo-upgrade</artifactId> > + <version>${geronimo_version}</version> > + <properties> > + <geronimo.dependency>true</geronimo.dependency> > + </properties> > + </dependency> > + <dependency> > + <groupId>geronimo</groupId> > <artifactId>geronimo-management</artifactId> > <version>${geronimo_version}</version> > <properties>
