svn commit: r918778 - in /tomcat/tc5.5.x/trunk: ./ connectors/http11/src/java/org/apache/coyote/http11/ connectors/jk/java/org/apache/coyote/ajp/ connectors/jk/java/org/apache/jk/common/ container/webapps/docs/

markt Wed, 03 Mar 2010 15:39:43 -0800

Author: markt
Date: Wed Mar  3 23:39:19 2010
New Revision: 918778

URL: http://svn.apache.org/viewvc?rev=918778&view=rev
Log:
Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=48581
Avoid security exception on first access


Modified:
    tomcat/tc5.5.x/trunk/STATUS.txt
    
tomcat/tc5.5.x/trunk/connectors/http11/src/java/org/apache/coyote/http11/Constants.java
    
tomcat/tc5.5.x/trunk/connectors/http11/src/java/org/apache/coyote/http11/InternalAprOutputBuffer.java
    
tomcat/tc5.5.x/trunk/connectors/http11/src/java/org/apache/coyote/http11/InternalOutputBuffer.java
    
tomcat/tc5.5.x/trunk/connectors/jk/java/org/apache/coyote/ajp/AjpAprProcessor.java
    tomcat/tc5.5.x/trunk/connectors/jk/java/org/apache/coyote/ajp/Constants.java
    
tomcat/tc5.5.x/trunk/connectors/jk/java/org/apache/jk/common/AjpConstants.java
    
tomcat/tc5.5.x/trunk/connectors/jk/java/org/apache/jk/common/JkInputStream.java
    tomcat/tc5.5.x/trunk/container/webapps/docs/changelog.xml

Modified: tomcat/tc5.5.x/trunk/STATUS.txt
URL: 
http://svn.apache.org/viewvc/tomcat/tc5.5.x/trunk/STATUS.txt?rev=918778&r1=918777&r2=918778&view=diff
==============================================================================
--- tomcat/tc5.5.x/trunk/STATUS.txt (original)
+++ tomcat/tc5.5.x/trunk/STATUS.txt Wed Mar  3 23:39:19 2010
@@ -100,12 +100,6 @@
   +1: markt, rjung
   -1: 
 
-* Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=48581
-  Avoid security exception on first access
-  http://people.apache.org/~markt/patches/2010-02-02-bug48581.patch
-  +1: markt, kkolinko, rjung
-  -1: 
-
 * Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=48179
   Improve processing of TLD cache file
   https://issues.apache.org/bugzilla/attachment.cgi?id=24918

Modified: 
tomcat/tc5.5.x/trunk/connectors/http11/src/java/org/apache/coyote/http11/Constants.java
URL: 
http://svn.apache.org/viewvc/tomcat/tc5.5.x/trunk/connectors/http11/src/java/org/apache/coyote/http11/Constants.java?rev=918778&r1=918777&r2=918778&view=diff
==============================================================================
--- 
tomcat/tc5.5.x/trunk/connectors/http11/src/java/org/apache/coyote/http11/Constants.java
 (original)
+++ 
tomcat/tc5.5.x/trunk/connectors/http11/src/java/org/apache/coyote/http11/Constants.java
 Wed Mar  3 23:39:19 2010
@@ -206,4 +206,10 @@
     public static final String POST = "POST";
 
 
+    /**
+     * Should custom status messages be allowed in headers? Replicated to avoid
+     * an exception on first access if running under a security manager.
+     */
+    public static final boolean USE_CUSTOM_STATUS_MSG_IN_HEADER =
+        org.apache.coyote.Constants.USE_CUSTOM_STATUS_MSG_IN_HEADER;
 }

Modified: 
tomcat/tc5.5.x/trunk/connectors/http11/src/java/org/apache/coyote/http11/InternalAprOutputBuffer.java
URL: 
http://svn.apache.org/viewvc/tomcat/tc5.5.x/trunk/connectors/http11/src/java/org/apache/coyote/http11/InternalAprOutputBuffer.java?rev=918778&r1=918777&r2=918778&view=diff
==============================================================================
--- 
tomcat/tc5.5.x/trunk/connectors/http11/src/java/org/apache/coyote/http11/InternalAprOutputBuffer.java
 (original)
+++ 
tomcat/tc5.5.x/trunk/connectors/http11/src/java/org/apache/coyote/http11/InternalAprOutputBuffer.java
 Wed Mar  3 23:39:19 2010
@@ -430,7 +430,7 @@
 
         // Write message
         String message = null;
-        if (org.apache.coyote.Constants.USE_CUSTOM_STATUS_MSG_IN_HEADER &&
+        if (Constants.USE_CUSTOM_STATUS_MSG_IN_HEADER &&
                 HttpMessages.isSafeInHttpHeader(response.getMessage())) {
             message = response.getMessage();
         } 

Modified: 
tomcat/tc5.5.x/trunk/connectors/http11/src/java/org/apache/coyote/http11/InternalOutputBuffer.java
URL: 
http://svn.apache.org/viewvc/tomcat/tc5.5.x/trunk/connectors/http11/src/java/org/apache/coyote/http11/InternalOutputBuffer.java?rev=918778&r1=918777&r2=918778&view=diff
==============================================================================
--- 
tomcat/tc5.5.x/trunk/connectors/http11/src/java/org/apache/coyote/http11/InternalOutputBuffer.java
 (original)
+++ 
tomcat/tc5.5.x/trunk/connectors/http11/src/java/org/apache/coyote/http11/InternalOutputBuffer.java
 Wed Mar  3 23:39:19 2010
@@ -449,7 +449,7 @@
 
         // Write message
         String message = null;
-        if (org.apache.coyote.Constants.USE_CUSTOM_STATUS_MSG_IN_HEADER &&
+        if (Constants.USE_CUSTOM_STATUS_MSG_IN_HEADER &&
                 HttpMessages.isSafeInHttpHeader(response.getMessage())) {
             message = response.getMessage();
         } 

Modified: 
tomcat/tc5.5.x/trunk/connectors/jk/java/org/apache/coyote/ajp/AjpAprProcessor.java
URL: 
http://svn.apache.org/viewvc/tomcat/tc5.5.x/trunk/connectors/jk/java/org/apache/coyote/ajp/AjpAprProcessor.java?rev=918778&r1=918777&r2=918778&view=diff
==============================================================================
--- 
tomcat/tc5.5.x/trunk/connectors/jk/java/org/apache/coyote/ajp/AjpAprProcessor.java
 (original)
+++ 
tomcat/tc5.5.x/trunk/connectors/jk/java/org/apache/coyote/ajp/AjpAprProcessor.java
 Wed Mar  3 23:39:19 2010
@@ -966,7 +966,7 @@
         // HTTP header contents
         responseHeaderMessage.appendInt(response.getStatus());
         String message = null;
-        if (org.apache.coyote.Constants.USE_CUSTOM_STATUS_MSG_IN_HEADER &&
+        if (Constants.USE_CUSTOM_STATUS_MSG_IN_HEADER &&
                 HttpMessages.isSafeInHttpHeader(response.getMessage())) {
             message = response.getMessage();
         } 

Modified: 
tomcat/tc5.5.x/trunk/connectors/jk/java/org/apache/coyote/ajp/Constants.java
URL: 
http://svn.apache.org/viewvc/tomcat/tc5.5.x/trunk/connectors/jk/java/org/apache/coyote/ajp/Constants.java?rev=918778&r1=918777&r2=918778&view=diff
==============================================================================
--- 
tomcat/tc5.5.x/trunk/connectors/jk/java/org/apache/coyote/ajp/Constants.java 
(original)
+++ 
tomcat/tc5.5.x/trunk/connectors/jk/java/org/apache/coyote/ajp/Constants.java 
Wed Mar  3 23:39:19 2010
@@ -339,5 +339,11 @@
      */
     public static final String POST = "POST";
 
+    /**
+     * Should custom status messages be allowed in headers? Replicated to avoid
+     * an exception on first access if running under a security manager.
+     */
+    public static final boolean USE_CUSTOM_STATUS_MSG_IN_HEADER =
+        org.apache.coyote.Constants.USE_CUSTOM_STATUS_MSG_IN_HEADER;
 
 }

Modified: 
tomcat/tc5.5.x/trunk/connectors/jk/java/org/apache/jk/common/AjpConstants.java
URL: 
http://svn.apache.org/viewvc/tomcat/tc5.5.x/trunk/connectors/jk/java/org/apache/jk/common/AjpConstants.java?rev=918778&r1=918777&r2=918778&view=diff
==============================================================================
--- 
tomcat/tc5.5.x/trunk/connectors/jk/java/org/apache/jk/common/AjpConstants.java 
(original)
+++ 
tomcat/tc5.5.x/trunk/connectors/jk/java/org/apache/jk/common/AjpConstants.java 
Wed Mar  3 23:39:19 2010
@@ -195,4 +195,11 @@
      */
     public static final int  MAX_READ_SIZE = MAX_PACKET_SIZE - H_SIZE - 2;
 
+    /**
+     * Should custom status messages be allowed in headers? Replicated to avoid
+     * an exception on first access if running under a security manager.
+     */
+    public static final boolean USE_CUSTOM_STATUS_MSG_IN_HEADER =
+        org.apache.coyote.Constants.USE_CUSTOM_STATUS_MSG_IN_HEADER;
+
 }

Modified: 
tomcat/tc5.5.x/trunk/connectors/jk/java/org/apache/jk/common/JkInputStream.java
URL: 
http://svn.apache.org/viewvc/tomcat/tc5.5.x/trunk/connectors/jk/java/org/apache/jk/common/JkInputStream.java?rev=918778&r1=918777&r2=918778&view=diff
==============================================================================
--- 
tomcat/tc5.5.x/trunk/connectors/jk/java/org/apache/jk/common/JkInputStream.java 
(original)
+++ 
tomcat/tc5.5.x/trunk/connectors/jk/java/org/apache/jk/common/JkInputStream.java 
Wed Mar  3 23:39:19 2010
@@ -280,7 +280,7 @@
         outputMsg.appendInt( res.getStatus() );
         
         String message = null;
-        if (org.apache.coyote.Constants.USE_CUSTOM_STATUS_MSG_IN_HEADER &&
+        if (AjpConstants.USE_CUSTOM_STATUS_MSG_IN_HEADER &&
                 HttpMessages.isSafeInHttpHeader(res.getMessage())) {
             message = res.getMessage();
         } 

Modified: tomcat/tc5.5.x/trunk/container/webapps/docs/changelog.xml
URL: 
http://svn.apache.org/viewvc/tomcat/tc5.5.x/trunk/container/webapps/docs/changelog.xml?rev=918778&r1=918777&r2=918778&view=diff
==============================================================================
--- tomcat/tc5.5.x/trunk/container/webapps/docs/changelog.xml (original)
+++ tomcat/tc5.5.x/trunk/container/webapps/docs/changelog.xml Wed Mar  3 
23:39:19 2010
@@ -187,6 +187,9 @@
         listener is not enabled. (markt)
       </fix>
       <fix>
+        <bug>48581</bug>: Avoid security exception on first access. (markt)
+      </fix>
+      <fix>
         CVE-2009-3555. Provide option to disable legacy SSL renegotiation.
         (markt/costin) 
       </fix>



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

svn commit: r918778 - in /tomcat/tc5.5.x/trunk: ./ connectors/http11/src/java/org/apache/coyote/http11/ connectors/jk/java/org/apache/coyote/ajp/ connectors/jk/java/org/apache/jk/common/ container/webapps/docs/

Reply via email to