[jira] [Comment Edited] (MTOMCAT-237) Maven variables not evaluated/resolved inside systemProperties
[ https://issues.apache.org/jira/browse/MTOMCAT-237?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13759813#comment-13759813 ] Olivier Lamy (*$^¨%`£) edited comment on MTOMCAT-237 at 9/6/13 3:16 AM: ?? I missed you here. Can I have a sample? I can use something like that without issues {code} org.apache.tomcat.maven tomcat7-maven-plugin ${archivaAppServerBase} ${archivaAppServerBase} ${archivaAppServerBase}/logs ${project.build.directory} {code} was (Author: olamy): ?? I missed you here. Can I have a sample? I can use something like that without issues org.apache.tomcat.maven tomcat7-maven-plugin ${archivaAppServerBase} ${archivaAppServerBase} ${archivaAppServerBase}/logs ${project.build.directory} > Maven variables not evaluated/resolved inside systemProperties > -- > > Key: MTOMCAT-237 > URL: https://issues.apache.org/jira/browse/MTOMCAT-237 > Project: Apache Tomcat Maven Plugin > Issue Type: Bug > Components: tomcat6, tomcat7 >Affects Versions: 2.1 >Reporter: Andreas Christoforides >Assignee: Olivier Lamy (*$^¨%`£) > > Maven properties/variables are not evaluated/resolved when used inside > systemProperties. Instead the string is used as is. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[jira] [Commented] (MTOMCAT-237) Maven variables not evaluated/resolved inside systemProperties
[ https://issues.apache.org/jira/browse/MTOMCAT-237?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13759813#comment-13759813 ] Olivier Lamy (*$^¨%`£) commented on MTOMCAT-237: ?? I missed you here. Can I have a sample? I can use something like that without issues org.apache.tomcat.maven tomcat7-maven-plugin ${archivaAppServerBase} ${archivaAppServerBase} ${archivaAppServerBase}/logs ${project.build.directory} > Maven variables not evaluated/resolved inside systemProperties > -- > > Key: MTOMCAT-237 > URL: https://issues.apache.org/jira/browse/MTOMCAT-237 > Project: Apache Tomcat Maven Plugin > Issue Type: Bug > Components: tomcat6, tomcat7 >Affects Versions: 2.1 >Reporter: Andreas Christoforides >Assignee: Olivier Lamy (*$^¨%`£) > > Maven properties/variables are not evaluated/resolved when used inside > systemProperties. Instead the string is used as is. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 55524] Deadlock produced during Websocket write operation (org.apache.catalina.websocket.WsOutbound)
https://issues.apache.org/bugzilla/show_bug.cgi?id=55524 confile changed: What|Removed |Added Version|7.0.42 |trunk -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 55524] Deadlock produced during Websocket write operation (org.apache.catalina.websocket.WsOutbound)
https://issues.apache.org/bugzilla/show_bug.cgi?id=55524 --- Comment #7 from confile --- I tried to use the trunc version of Tomcat but this is even worse. I only get this message: Sep 06, 2013 3:52:14 AM org.apache.coyote.http11.AbstractHttp11Processor process INFO: Error parsing HTTP request header Note: further occurrences of HTTP header parsing errors will be logged at DEBUG level. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 55524] Deadlock produced during Websocket write operation (org.apache.catalina.websocket.WsOutbound)
https://issues.apache.org/bugzilla/show_bug.cgi?id=55524 confile changed: What|Removed |Added Status|RESOLVED|REOPENED Resolution|FIXED |--- -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 55529] error while building the source
https://issues.apache.org/bugzilla/show_bug.cgi?id=55529 --- Comment #1 from confile --- At the end there is this: build: [javac] Compiling 31 source files to /root/trunk/output/jdbc-pool/classes [jar] Building jar: /root/trunk/output/jdbc-pool/tomcat-jdbc.jar [copy] Copying 1 file to /root/trunk/output/build/lib BUILD SUCCESSFUL But I am not sure if the build was sucessfull. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 55529] New: error while building the source
https://issues.apache.org/bugzilla/show_bug.cgi?id=55529 Bug ID: 55529 Summary: error while building the source Product: Tomcat 7 Version: trunk Hardware: PC OS: Linux Status: NEW Severity: blocker Priority: P2 Component: Servlet & JSP API Assignee: dev@tomcat.apache.org Reporter: confi...@googlemail.com I tried to build the soure with ant but I get the following message in the console: validate: compile-java7: compile: [javac] Compiling 1309 source files to /root/trunk/output/classes [javac] /root/trunk/java/javax/el/ResourceBundleELResolver.java:109: warning: getFeatureDescriptors(javax.el.ELContext,java.lang.Object) in javax.el.ResourceBundleELResolver overrides getFeatureDescriptors(javax.el.ELContext,java.lang.Object) in javax.el.ELResolver; return type requires unchecked conversion [javac] found : java.util.Iterator [javac] required: java.util.Iterator [javac] public Iterator getFeatureDescriptors( [javac] ^ [javac] Note: Some input files use or override a deprecated API. [javac] Note: Recompile with -Xlint:deprecation for details. [javac] 1 warning [javac] Creating empty /root/trunk/output/classes/org/apache/tomcat/util/http/fileupload/disk/package-info.class [javac] Creating empty /root/trunk/output/classes/org/apache/tomcat/util/http/fileupload/util/package-info.class [javac] Creating empty /root/trunk/output/classes/org/apache/tomcat/util/http/fileupload/util/mime/package-info.class [javac] Creating empty /root/trunk/output/classes/org/apache/tomcat/util/http/fileupload/package-info.class [javac] Creating empty /root/trunk/output/classes/org/apache/tomcat/util/http/fileupload/servlet/package-info.class [copy] Copying 189 files to /root/trunk/output/classes build-manifests: [copy] Copying 19 files to /root/trunk/output/manifests -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1520349 - in /tomcat/trunk/java/org/apache/catalina: ha/session/DeltaSession.java session/StandardSession.java
Author: markt Date: Thu Sep 5 15:42:48 2013 New Revision: 1520349 URL: http://svn.apache.org/r1520349 Log: Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=55521 Ensure that session.expire() doesn't return until the session has been invalidated. Ensure that the return valid of session.isValid() is consistent the current state. Modified: tomcat/trunk/java/org/apache/catalina/ha/session/DeltaSession.java tomcat/trunk/java/org/apache/catalina/session/StandardSession.java Modified: tomcat/trunk/java/org/apache/catalina/ha/session/DeltaSession.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/ha/session/DeltaSession.java?rev=1520349&r1=1520348&r2=1520349&view=diff == --- tomcat/trunk/java/org/apache/catalina/ha/session/DeltaSession.java (original) +++ tomcat/trunk/java/org/apache/catalina/ha/session/DeltaSession.java Thu Sep 5 15:42:48 2013 @@ -385,12 +385,12 @@ public class DeltaSession extends Standa */ @Override public boolean isValid() { -if (this.expiring) { -return true; -} if (!this.isValid) { return false; } +if (this.expiring) { +return true; +} if (ACTIVITY_CHECK && accessCount.get() > 0) { return true; } @@ -445,30 +445,49 @@ public class DeltaSession extends Standa } public void expire(boolean notify, boolean notifyCluster) { -if (expiring) + +// Check to see if session has already been invalidated. +// Do not check expiring at this point as expire should not return until +// isValid is false +if (!isValid) return; -String expiredId = getIdInternal(); -if(notifyCluster && expiredId != null && manager != null && - manager instanceof DeltaManager) { -DeltaManager dmanager = (DeltaManager)manager; -CatalinaCluster cluster = dmanager.getCluster(); -ClusterMessage msg = dmanager.requestCompleted(expiredId, true); -if (msg != null) { -cluster.send(msg); +synchronized (this) { +// Check again, now we are inside the sync so this code only runs once +// Double check locking - isValid needs to be volatile +if (!isValid) +return; + +if (manager == null) +return; + +// Mark this session as "being expired". The flag will be unset in +// the call to super.expire(notify) +expiring = true; + +String expiredId = getIdInternal(); + +if(notifyCluster && expiredId != null && +manager instanceof DeltaManager) { +DeltaManager dmanager = (DeltaManager)manager; +CatalinaCluster cluster = dmanager.getCluster(); +ClusterMessage msg = dmanager.requestCompleted(expiredId, true); +if (msg != null) { +cluster.send(msg); +} } -} -super.expire(notify); +super.expire(notify); -if (notifyCluster) { -if (log.isDebugEnabled()) -log.debug(sm.getString("deltaSession.notifying", - ((ClusterManager)manager).getName(), - Boolean.valueOf(isPrimarySession()), - expiredId)); -if ( manager instanceof DeltaManager ) { -( (DeltaManager) manager).sessionExpired(expiredId); +if (notifyCluster) { +if (log.isDebugEnabled()) +log.debug(sm.getString("deltaSession.notifying", + ((ClusterManager)manager).getName(), + Boolean.valueOf(isPrimarySession()), + expiredId)); +if ( manager instanceof DeltaManager ) { +( (DeltaManager) manager).sessionExpired(expiredId); +} } } } Modified: tomcat/trunk/java/org/apache/catalina/session/StandardSession.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/session/StandardSession.java?rev=1520349&r1=1520348&r2=1520349&view=diff == --- tomcat/trunk/java/org/apache/catalina/session/StandardSession.java (original) +++ tomcat/trunk/java/org/apache/catalina/session/StandardSession.java Thu Sep 5 15:42:48 2013 @@ -658,14 +658,14 @@ public class StandardSession implements @Override public boolean isValid() { -if (this.expiring) { -return true; -} - if (!this.isValid) { return false; } +if (this.ex
svn commit: r1520458 - in /tomcat/trunk: java/org/apache/coyote/ajp/AbstractAjpProcessor.java test/org/apache/catalina/nonblocking/TesterAjpNonBlockingClient.java
Author: markt Date: Thu Sep 5 23:42:00 2013 New Revision: 1520458 URL: http://svn.apache.org/r1520458 Log: Fix some issues with Servlet 3.1 non-blocking writes and APR identified by the 'unit' test. Modified: tomcat/trunk/java/org/apache/coyote/ajp/AbstractAjpProcessor.java tomcat/trunk/test/org/apache/catalina/nonblocking/TesterAjpNonBlockingClient.java Modified: tomcat/trunk/java/org/apache/coyote/ajp/AbstractAjpProcessor.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/coyote/ajp/AbstractAjpProcessor.java?rev=1520458&r1=1520457&r2=1520458&view=diff == --- tomcat/trunk/java/org/apache/coyote/ajp/AbstractAjpProcessor.java (original) +++ tomcat/trunk/java/org/apache/coyote/ajp/AbstractAjpProcessor.java Thu Sep 5 23:42:00 2013 @@ -28,6 +28,7 @@ import java.util.Iterator; import java.util.concurrent.LinkedBlockingDeque; import java.util.concurrent.atomic.AtomicBoolean; +import javax.servlet.RequestDispatcher; import javax.servlet.http.HttpUpgradeHandler; import org.apache.coyote.AbstractProcessor; @@ -587,20 +588,10 @@ public abstract class AbstractAjpProcess sm.getString("ajpprocessor.comet.notsupported")); } else if (actionCode == ActionCode.AVAILABLE) { -if (!endOfStream) { -if (empty) { -try { -refillReadBuffer(false); -} catch (IOException e) { -error = true; -return; -} -} -if (empty) { -request.setAvailable(0); -} else { -request.setAvailable(1); -} +if (available()) { +request.setAvailable(1); +} else { +request.setAvailable(0); } } else if (actionCode == ActionCode.NB_READ_INTEREST) { @@ -609,11 +600,12 @@ public abstract class AbstractAjpProcess } } else if (actionCode == ActionCode.NB_WRITE_INTEREST) { -// TODO -// Until 'true' non-blocking IO is implemented, assume it is always -// possible write data. AtomicBoolean isReady = (AtomicBoolean)param; -isReady.set(true); +boolean result = bufferedWrites.size() == 0 && responseMsgPos == -1; +isReady.set(result); +if (!result) { +registerForEvent(false, true); +} } else if (actionCode == ActionCode.REQUEST_BODY_FULLY_READ) { AtomicBoolean result = (AtomicBoolean) param; @@ -631,6 +623,40 @@ public abstract class AbstractAjpProcess @Override public SocketState asyncDispatch(SocketStatus status) { +if (status == SocketStatus.OPEN_WRITE) { +try { +asyncStateMachine.asyncOperation(); +try { +if (hasDataToWrite()) { +flushBufferedData(); +if (hasDataToWrite()) { +// There is data to write but go via Response to +// maintain a consistent view of non-blocking state +response.checkRegisterForWrite(true); +return SocketState.LONG; +} +} +} catch (IOException x) { +if (getLog().isDebugEnabled()) { +getLog().debug("Unable to write async data.",x); +} +status = SocketStatus.ASYNC_WRITE_ERROR; +request.setAttribute(RequestDispatcher.ERROR_EXCEPTION, x); +} +} catch (IllegalStateException x) { +registerForEvent(false, true); +} +} else if (status == SocketStatus.OPEN_READ && +request.getReadListener() != null) { +try { +if (available()) { +asyncStateMachine.asyncOperation(); +} +} catch (IllegalStateException x) { +registerForEvent(true, false); +} +} + RequestInfo rp = request.getRequestProcessor(); try { rp.setStage(org.apache.coyote.Constants.STAGE_SERVICE); @@ -1491,6 +1517,25 @@ public abstract class AbstractAjpProcess } } + +private boolean available() { +if (endOfStream) { +return false; +} +if (empty) { +try { +refillReadBuffer(false); +} catch (IOException e) { +// Not ideal. This will indicate that data is available +// which should trigger a read which in turn will trigger +// another IOException and that one can be thrown. +
[Bug 55521] Race Condition in HttpSession#invalidate() / HttpServletRequest#getSession(boolean)
https://issues.apache.org/bugzilla/show_bug.cgi?id=55521 Mark Thomas changed: What|Removed |Added Status|NEW |RESOLVED Resolution|--- |FIXED --- Comment #3 from Mark Thomas --- Thsi has been fixed in trunk and 7.0.x and will be included in 8.0.0-RC2 and 7.0.43 onwards. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1520447 - /tomcat/trunk/test/org/apache/catalina/nonblocking/TesterAjpNonBlockingClient.java
Author: markt Date: Thu Sep 5 22:40:50 2013 New Revision: 1520447 URL: http://svn.apache.org/r1520447 Log: Add a simple non-blocking write test that currently fails. This won't impact the CI systems since the class is excluded from the unit tests. Modified: tomcat/trunk/test/org/apache/catalina/nonblocking/TesterAjpNonBlockingClient.java Modified: tomcat/trunk/test/org/apache/catalina/nonblocking/TesterAjpNonBlockingClient.java URL: http://svn.apache.org/viewvc/tomcat/trunk/test/org/apache/catalina/nonblocking/TesterAjpNonBlockingClient.java?rev=1520447&r1=1520446&r2=1520447&view=diff == --- tomcat/trunk/test/org/apache/catalina/nonblocking/TesterAjpNonBlockingClient.java (original) +++ tomcat/trunk/test/org/apache/catalina/nonblocking/TesterAjpNonBlockingClient.java Thu Sep 5 22:40:50 2013 @@ -16,10 +16,15 @@ */ package org.apache.catalina.nonblocking; +import java.io.InputStream; +import java.io.OutputStream; +import java.net.Socket; +import java.nio.charset.StandardCharsets; import java.util.HashMap; import java.util.List; import java.util.Map; +import javax.net.SocketFactory; import javax.servlet.http.HttpServletResponse; import org.junit.Assert; @@ -29,14 +34,14 @@ import org.apache.catalina.nonblocking.T import org.apache.catalina.startup.TomcatBaseTest; import org.apache.tomcat.util.buf.ByteChunk; +/** + * This is not a standard set of unit tests. This is a set of test clients for + * AJP support of Servlet 3.1 non-blocking IO. It assumes that there is an httpd + * instance listening on localhost:80 that is redirecting all traffic to a + * default Tomcat 8 instance that includes the examples web application. + */ public class TesterAjpNonBlockingClient extends TomcatBaseTest { -/** - * This is not a standard unit test. This is a test client for AJP - * non-blocking reads. It assumes that there is an httpd instance listening - * on localhost:80 that is redirecting all traffic to a default Tomcat 8 - * instance that includes the examples web application. - */ @Test public void doTestAJPNonBlockingRead() throws Exception { @@ -50,4 +55,47 @@ public class TesterAjpNonBlockingClient Assert.assertEquals(HttpServletResponse.SC_OK, rc); } + + +@Test +public void testNonBlockingWrite() throws Exception { + +SocketFactory factory = SocketFactory.getDefault(); +Socket s = factory.createSocket("localhost", 80); + +ByteChunk result = new ByteChunk(); +OutputStream os = s.getOutputStream(); +os.write(("GET /examples/servlets/nonblocking/numberwriter HTTP/1.1\r\n" + +"Host: localhost\r\n" + +"Connection: close\r\n" + +"\r\n").getBytes(StandardCharsets.ISO_8859_1)); +os.flush(); + +InputStream is = s.getInputStream(); +byte[] buffer = new byte[8192]; + +int read = 0; +int readSinceLastPause = 0; +while (read != -1) { +read = is.read(buffer); +if (read > 0) { +result.append(buffer, 0, read); +} +readSinceLastPause += read; +if (readSinceLastPause > 4) { +readSinceLastPause = 0; +Thread.sleep(500); +} +} + +os.close(); +is.close(); +s.close(); + +// Validate the result +String resultString = result.toString(); +log.info("Client read " + resultString.length() + " bytes"); + +Assert.assertTrue(resultString.contains("0001")); +} } - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1520446 - /tomcat/trunk/webapps/examples/WEB-INF/classes/nonblocking/NumberWriter.java
Author: markt Date: Thu Sep 5 22:38:12 2013 New Revision: 1520446 URL: http://svn.apache.org/r1520446 Log: Increase size of output so a test client has a chance of triggering some buffering in the AJP processor Modified: tomcat/trunk/webapps/examples/WEB-INF/classes/nonblocking/NumberWriter.java Modified: tomcat/trunk/webapps/examples/WEB-INF/classes/nonblocking/NumberWriter.java URL: http://svn.apache.org/viewvc/tomcat/trunk/webapps/examples/WEB-INF/classes/nonblocking/NumberWriter.java?rev=1520446&r1=1520445&r2=1520446&view=diff == --- tomcat/trunk/webapps/examples/WEB-INF/classes/nonblocking/NumberWriter.java (original) +++ tomcat/trunk/webapps/examples/WEB-INF/classes/nonblocking/NumberWriter.java Thu Sep 5 22:38:12 2013 @@ -68,7 +68,7 @@ public class NumberWriter extends HttpSe private static class NumberWriterListener implements ReadListener, WriteListener { -private static final int LIMIT = 1000; +private static final int LIMIT = 1; private final AsyncContext ac; private final ServletInputStream sis; - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1520444 - in /tomcat/trunk/java/org/apache/coyote: ByteBufferHolder.java ajp/AbstractAjpProcessor.java http11/AbstractOutputBuffer.java http11/InternalAprOutputBuffer.java http11/Internal
Author: markt Date: Thu Sep 5 22:27:09 2013 New Revision: 1520444 URL: http://svn.apache.org/r1520444 Log: Refactoring. Extract ByteBufferHolder into a separate class that can be used by HTTP and AJP. Added: tomcat/trunk/java/org/apache/coyote/ByteBufferHolder.java (with props) Modified: tomcat/trunk/java/org/apache/coyote/ajp/AbstractAjpProcessor.java tomcat/trunk/java/org/apache/coyote/http11/AbstractOutputBuffer.java tomcat/trunk/java/org/apache/coyote/http11/InternalAprOutputBuffer.java tomcat/trunk/java/org/apache/coyote/http11/InternalNioOutputBuffer.java Added: tomcat/trunk/java/org/apache/coyote/ByteBufferHolder.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/coyote/ByteBufferHolder.java?rev=1520444&view=auto == --- tomcat/trunk/java/org/apache/coyote/ByteBufferHolder.java (added) +++ tomcat/trunk/java/org/apache/coyote/ByteBufferHolder.java Thu Sep 5 22:27:09 2013 @@ -0,0 +1,64 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.coyote; + +import java.nio.ByteBuffer; +import java.util.concurrent.atomic.AtomicBoolean; + +/** + * Simple wrapper for a {@link ByteBuffer} that remembers if the buffer has been + * flipped or not. + */ +public class ByteBufferHolder { + +private final ByteBuffer buf; +private final AtomicBoolean flipped; + +public ByteBufferHolder(ByteBuffer buf, boolean flipped) { + this.buf = buf; + this.flipped = new AtomicBoolean(flipped); +} + + +public ByteBuffer getBuf() { +return buf; +} + + +public boolean isFlipped() { +return flipped.get(); +} + + +public boolean flip() { +if (flipped.compareAndSet(false, true)) { +buf.flip(); +return true; +} else { +return false; +} +} + + +public boolean hasData() { +if (flipped.get()) { +return buf.remaining()>0; +} else { +return buf.position()>0; +} +} +} \ No newline at end of file Propchange: tomcat/trunk/java/org/apache/coyote/ByteBufferHolder.java -- svn:eol-style = native Modified: tomcat/trunk/java/org/apache/coyote/ajp/AbstractAjpProcessor.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/coyote/ajp/AbstractAjpProcessor.java?rev=1520444&r1=1520443&r2=1520444&view=diff == --- tomcat/trunk/java/org/apache/coyote/ajp/AbstractAjpProcessor.java (original) +++ tomcat/trunk/java/org/apache/coyote/ajp/AbstractAjpProcessor.java Thu Sep 5 22:27:09 2013 @@ -33,6 +33,7 @@ import javax.servlet.http.HttpUpgradeHan import org.apache.coyote.AbstractProcessor; import org.apache.coyote.ActionCode; import org.apache.coyote.AsyncContextCallback; +import org.apache.coyote.ByteBufferHolder; import org.apache.coyote.InputBuffer; import org.apache.coyote.OutputBuffer; import org.apache.coyote.Request; @@ -1669,47 +1670,4 @@ public abstract class AbstractAjpProcess return bytesWritten; } } - - -protected static class ByteBufferHolder { -private final ByteBuffer buf; -private final AtomicBoolean flipped; -public ByteBufferHolder(ByteBuffer buf, boolean flipped) { - this.buf = buf; - this.flipped = new AtomicBoolean(flipped); -} -public ByteBuffer getBuf() { -return buf; -} -public boolean isFlipped() { -return flipped.get(); -} - -public boolean flip() { -if (flipped.compareAndSet(false, true)) { -buf.flip(); -return true; -} else { -return false; -} -} - -public boolean hasData() { -if (flipped.get()) { -return buf.remaining()>0; -} else { -return buf.position()>0; -} -} - -@Override -public String toString() { -StringBuilder builder = new
svn commit: r1520443 - /tomcat/trunk/java/org/apache/coyote/ajp/AbstractAjpProcessor.java
Author: markt Date: Thu Sep 5 22:22:40 2013 New Revision: 1520443 URL: http://svn.apache.org/r1520443 Log: Implement Servlet 3.1 non-blocking writes for AJP. Writes are fully non-blocking, both between and within AJP messages. Modified: tomcat/trunk/java/org/apache/coyote/ajp/AbstractAjpProcessor.java Modified: tomcat/trunk/java/org/apache/coyote/ajp/AbstractAjpProcessor.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/coyote/ajp/AbstractAjpProcessor.java?rev=1520443&r1=1520442&r2=1520443&view=diff == --- tomcat/trunk/java/org/apache/coyote/ajp/AbstractAjpProcessor.java (original) +++ tomcat/trunk/java/org/apache/coyote/ajp/AbstractAjpProcessor.java Thu Sep 5 22:22:40 2013 @@ -20,9 +20,12 @@ import java.io.ByteArrayInputStream; import java.io.IOException; import java.io.InterruptedIOException; import java.net.InetAddress; +import java.nio.ByteBuffer; import java.security.NoSuchProviderException; import java.security.cert.CertificateFactory; import java.security.cert.X509Certificate; +import java.util.Iterator; +import java.util.concurrent.LinkedBlockingDeque; import java.util.concurrent.atomic.AtomicBoolean; import javax.servlet.http.HttpUpgradeHandler; @@ -164,6 +167,7 @@ public abstract class AbstractAjpProcess */ private int responseMsgPos = -1; + /** * Body message. */ @@ -177,6 +181,22 @@ public abstract class AbstractAjpProcess /** + * The max size of the buffered write buffer + */ +private int bufferedWriteSize = 64*1024; //64k default write buffer + + +/** + * For "non-blocking" writes use an external set of buffers. Although the + * API only allows one non-blocking write at a time, due to buffering and + * the possible need to write HTTP headers, there may be more than one write + * to the OutputBuffer. + */ +private final LinkedBlockingDeque bufferedWrites = +new LinkedBlockingDeque<>(); + + +/** * Error flag. */ protected boolean error = false; @@ -1470,6 +1490,94 @@ public abstract class AbstractAjpProcess } } +private void writeData(ByteChunk chunk) throws IOException { +// Prevent timeout +socketWrapper.access(); + +boolean blocking = (response.getWriteListener() == null); +if (!blocking) { +flushBufferedData(); +} + +int len = chunk.getLength(); +int off = 0; + +// Write this chunk +while (responseMsgPos == -1 && len > 0) { +int thisTime = len; +if (thisTime > outputMaxChunkSize) { +thisTime = outputMaxChunkSize; +} +responseMessage.reset(); +responseMessage.appendByte(Constants.JK_AJP13_SEND_BODY_CHUNK); +responseMessage.appendBytes(chunk.getBytes(), chunk.getOffset() + off, thisTime); +responseMessage.end(); +writeResponseMessage(blocking); + +len -= thisTime; +off += thisTime; +} + +bytesWritten += off; + +if (chunk.getLength() > 0) { +// Add this chunk to the buffer +addToBuffers(chunk.getBuffer(), off, len); +} +} + + +private void addToBuffers(byte[] buf, int offset, int length) { +ByteBufferHolder holder = bufferedWrites.peekLast(); +if (holder == null || holder.isFlipped() || holder.getBuf().remaining() < length) { +ByteBuffer buffer = ByteBuffer.allocate(Math.max(bufferedWriteSize,length)); +holder = new ByteBufferHolder(buffer, false); +bufferedWrites.add(holder); +} +holder.getBuf().put(buf, offset, length); +} + + +private void flushBufferedData() throws IOException { + +if (responseMsgPos > -1) { +// Must be using non-blocking IO +// Partially written response message. Try and complete it. +writeResponseMessage(false); +} + +while (responseMsgPos == -1 && bufferedWrites.size() > 0) { +// Try and write any remaining buffer data +Iterator holders = bufferedWrites.iterator(); +ByteBufferHolder holder = holders.next(); +holder.flip(); +ByteBuffer buffer = holder.getBuf(); +int initialBufferSize = buffer.remaining(); +while (responseMsgPos == -1 && buffer.remaining() > 0) { +transferToResponseMsg(buffer); +writeResponseMessage(false); +} +bytesWritten += (initialBufferSize - buffer.remaining()); +if (buffer.remaining() == 0) { +holders.remove(); +} +} +} + + +private void transferToResponseMsg(ByteBuffer buffer) { + +int thisTime = buffer.remaining(); +if (thisTime > outputMaxChunkSize) { +thisTime = out
svn commit: r1520358 - in /tomcat/tc7.0.x/trunk: ./ java/org/apache/catalina/ha/session/DeltaSession.java java/org/apache/catalina/session/StandardSession.java webapps/docs/changelog.xml
Author: markt Date: Thu Sep 5 16:13:06 2013 New Revision: 1520358 URL: http://svn.apache.org/r1520358 Log: Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=55521 Ensure that session.expire() doesn't return until the session has been invalidated. Ensure that the return valid of session.isValid() is consistent the current state. Modified: tomcat/tc7.0.x/trunk/ (props changed) tomcat/tc7.0.x/trunk/java/org/apache/catalina/ha/session/DeltaSession.java tomcat/tc7.0.x/trunk/java/org/apache/catalina/session/StandardSession.java tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml Propchange: tomcat/tc7.0.x/trunk/ -- Merged /tomcat/trunk:r1520349 Modified: tomcat/tc7.0.x/trunk/java/org/apache/catalina/ha/session/DeltaSession.java URL: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/catalina/ha/session/DeltaSession.java?rev=1520358&r1=1520357&r2=1520358&view=diff == --- tomcat/tc7.0.x/trunk/java/org/apache/catalina/ha/session/DeltaSession.java (original) +++ tomcat/tc7.0.x/trunk/java/org/apache/catalina/ha/session/DeltaSession.java Thu Sep 5 16:13:06 2013 @@ -385,12 +385,12 @@ public class DeltaSession extends Standa */ @Override public boolean isValid() { -if (this.expiring) { -return true; -} if (!this.isValid) { return false; } +if (this.expiring) { +return true; +} if (ACTIVITY_CHECK && accessCount.get() > 0) { return true; } @@ -445,30 +445,49 @@ public class DeltaSession extends Standa } public void expire(boolean notify, boolean notifyCluster) { -if (expiring) + +// Check to see if session has already been invalidated. +// Do not check expiring at this point as expire should not return until +// isValid is false +if (!isValid) return; -String expiredId = getIdInternal(); -if(notifyCluster && expiredId != null && manager != null && - manager instanceof DeltaManager) { -DeltaManager dmanager = (DeltaManager)manager; -CatalinaCluster cluster = dmanager.getCluster(); -ClusterMessage msg = dmanager.requestCompleted(expiredId, true); -if (msg != null) { -cluster.send(msg); +synchronized (this) { +// Check again, now we are inside the sync so this code only runs once +// Double check locking - isValid needs to be volatile +if (!isValid) +return; + +if (manager == null) +return; + +// Mark this session as "being expired". The flag will be unset in +// the call to super.expire(notify) +expiring = true; + +String expiredId = getIdInternal(); + +if(notifyCluster && expiredId != null && +manager instanceof DeltaManager) { +DeltaManager dmanager = (DeltaManager)manager; +CatalinaCluster cluster = dmanager.getCluster(); +ClusterMessage msg = dmanager.requestCompleted(expiredId, true); +if (msg != null) { +cluster.send(msg); +} } -} -super.expire(notify); +super.expire(notify); -if (notifyCluster) { -if (log.isDebugEnabled()) -log.debug(sm.getString("deltaSession.notifying", - ((ClusterManager)manager).getName(), - Boolean.valueOf(isPrimarySession()), - expiredId)); -if ( manager instanceof DeltaManager ) { -( (DeltaManager) manager).sessionExpired(expiredId); +if (notifyCluster) { +if (log.isDebugEnabled()) +log.debug(sm.getString("deltaSession.notifying", + ((ClusterManager)manager).getName(), + Boolean.valueOf(isPrimarySession()), + expiredId)); +if ( manager instanceof DeltaManager ) { +( (DeltaManager) manager).sessionExpired(expiredId); +} } } } Modified: tomcat/tc7.0.x/trunk/java/org/apache/catalina/session/StandardSession.java URL: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/catalina/session/StandardSession.java?rev=1520358&r1=1520357&r2=1520358&view=diff == --- tomcat/tc7.0.x/trunk/java/org/apache/catalina/session/StandardSession.java (original) +++ tomcat/tc7.0.x/trunk/java/org/apache/catalina/
[Bug 55524] Deadlock produced during Websocket write operation (org.apache.catalina.websocket.WsOutbound)
https://issues.apache.org/bugzilla/show_bug.cgi?id=55524 --- Comment #6 from Christopher Schultz --- (In reply to confile from comment #5) > When will you release tomcat 7.0.43 and tomcat 8? When they are ready. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: JK support for IPV6
Mladen, On 9/4/13 11:58 AM, Mladen Turk wrote: > On 09/04/2013 03:30 PM, Konstantin Kolinko wrote: >> >> An ambiguity is only if a hostname is used. Do you propose the prefix >> for hostnames only, not numeric IP addresses? >> > > There is also one other option and that is to always resolve to IPV4 > address if both IPV4 and IPV6 have same hostname entry. > > We can then add directive > worker.foo.prefer-ipv6 = 1 > > This would cause to use first IPV6 address if found. > In case hostname has either IPV4 or IPV6 address only that one would be > used. > This way no prefix would be needed and backward compatibility will be > preserved. +1 I like this solution. -chris signature.asc Description: OpenPGP digital signature
buildbot failure in ASF Buildbot on tomcat-7-trunk
The Buildbot has detected a new failure on builder tomcat-7-trunk while building ASF Buildbot. Full details are available at: http://ci.apache.org/builders/tomcat-7-trunk/builds/1382 Buildbot URL: http://ci.apache.org/ Buildslave for this Build: bb-vm_ubuntu Build Reason: scheduler Build Source Stamp: [branch tomcat/tc7.0.x/trunk] 1520358 Blamelist: markt BUILD FAILED: failed compile_1 sincerely, -The Buildbot
[Bug 55521] Race Condition in HttpSession#invalidate() / HttpServletRequest#getSession(boolean)
https://issues.apache.org/bugzilla/show_bug.cgi?id=55521 --- Comment #4 from Christoph --- Thanks for the very prompt fix! Regards Christoph -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 55521] Race Condition in HttpSession#invalidate() / HttpServletRequest#getSession(boolean)
https://issues.apache.org/bugzilla/show_bug.cgi?id=55521 --- Comment #2 from Christoph --- Mark, it would be great if you'd ask one of your colleagues to take a look at the additional issues in Spring Security you observed. As far as Tomcat is concerned, the race condition I observed would no longer exist if the early check of the expiring field before the synchronized block is entered would be removed. Of course, I don't now whether this check is merely the result of an over-eager optimization or whether it is needed in some situation I am not aware of. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
buildbot success in ASF Buildbot on tomcat-trunk
The Buildbot has detected a restored build on builder tomcat-trunk while building ASF Buildbot. Full details are available at: http://ci.apache.org/builders/tomcat-trunk/builds/4931 Buildbot URL: http://ci.apache.org/ Buildslave for this Build: bb-vm_ubuntu Build Reason: scheduler Build Source Stamp: [branch tomcat/trunk] 1520323 Blamelist: markt Build succeeded! sincerely, -The Buildbot
[Bug 55521] Race Condition in HttpSession#invalidate() / HttpServletRequest#getSession(boolean)
https://issues.apache.org/bugzilla/show_bug.cgi?id=55521 --- Comment #1 from Mark Thomas --- I've taken a look at this and there are some things we can do in Tomcat to ensure that a call to invalidate() doesn't return until the session has been invalidated. However, there may still be an issue that needs fixing in Spring Security. Looking at SessionFixationProtectionStrategy.applySessionFixation() it is possible (although even less likely than the issue you have seen) for concurrent requests to generate a series of invalidate / create / invalidate / create etc. events. It is pretty unlikely but is possible. Since I work for Pivotal, I'll ping one of the developers. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 55383] Improve markup and design of Tomcat's HTML pages
https://issues.apache.org/bugzilla/show_bug.cgi?id=55383 --- Comment #30 from Mark Thomas --- (In reply to Konstantin Preißer from comment #29) > With this patch, the improvement of HTML markup in the Tomcat 8 docs should > be complete. Applied. Many, many thanks. > I think I can look into applying the new markup/design for the main Tomcat > Site now. Fantastic. Go for it. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1520323 - in /tomcat/trunk/webapps/docs: funcspecs/fs-admin-objects.xml funcspecs/fs-admin-opers.xml funcspecs/fs-default.xml funcspecs/mbean-names.xml tribes/introduction.xml
Author: markt Date: Thu Sep 5 14:17:07 2013 New Revision: 1520323 URL: http://svn.apache.org/r1520323 Log: Final part of https://issues.apache.org/bugzilla/show_bug.cgi?id=55383 for Tomcat 8 Improve markup and design of Tomcat's HTML pages Patch by Konstantin Preißer Modified: tomcat/trunk/webapps/docs/funcspecs/fs-admin-objects.xml tomcat/trunk/webapps/docs/funcspecs/fs-admin-opers.xml tomcat/trunk/webapps/docs/funcspecs/fs-default.xml tomcat/trunk/webapps/docs/funcspecs/mbean-names.xml tomcat/trunk/webapps/docs/tribes/introduction.xml Modified: tomcat/trunk/webapps/docs/funcspecs/fs-admin-objects.xml URL: http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/funcspecs/fs-admin-objects.xml?rev=1520323&r1=1520322&r2=1520323&view=diff == --- tomcat/trunk/webapps/docs/funcspecs/fs-admin-objects.xml (original) +++ tomcat/trunk/webapps/docs/funcspecs/fs-admin-objects.xml Thu Sep 5 14:17:07 2013 @@ -44,19 +44,19 @@ Operations that can be performed whe The following Administered Objects are defined: -Access Logger +Access Logger Connector Context -Default Context -Default Deployment Descriptor +Default Context +Default Deployment Descriptor Engine -Environment Entry +Environment Entry Host -JDBC Resource +JDBC Resource Loader Manager Realm -Request Filter +Request Filter Server Service Modified: tomcat/trunk/webapps/docs/funcspecs/fs-admin-opers.xml URL: http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/funcspecs/fs-admin-opers.xml?rev=1520323&r1=1520322&r2=1520323&view=diff == --- tomcat/trunk/webapps/docs/funcspecs/fs-admin-opers.xml (original) +++ tomcat/trunk/webapps/docs/funcspecs/fs-admin-opers.xml Thu Sep 5 14:17:07 2013 @@ -46,18 +46,18 @@ it should operate consistently with the Supported Operations are described for the following Administered Objects: -Access Logger +Access Logger Connector Context -Default Context +Default Context Engine -Environment Entry +Environment Entry Host -JDBC Resource +JDBC Resource Loader Manager Realm -Request Filter +Request Filter Server Service Modified: tomcat/trunk/webapps/docs/funcspecs/fs-default.xml URL: http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/funcspecs/fs-default.xml?rev=1520323&r1=1520322&r2=1520323&view=diff == --- tomcat/trunk/webapps/docs/funcspecs/fs-default.xml (original) +++ tomcat/trunk/webapps/docs/funcspecs/fs-default.xml Thu Sep 5 14:17:07 2013 @@ -52,12 +52,12 @@ The following external specifications have provisions which partially define the correct behavior of the default servlet: -http://java.sun.com/products/servlet/download.html";> -Servlet Specification (Version 2.3 PFD2) +http://jcp.org/aboutJava/communityprocess/final/jsr340/index.html";> +Servlet Specification (Version 3.1) http://www.rfc-editor.org/rfc/rfc2046.txt";>Multipurpose Internet Mail Extensions (MIME) Part Two: Media Types http://www.rfc-editor.org/rfc/rfc2616.txt";>Hypertext -Transfer Protocol -- HTTP/1.1 +Transfer Protocol – HTTP/1.1 Modified: tomcat/trunk/webapps/docs/funcspecs/mbean-names.xml URL: http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/funcspecs/mbean-names.xml?rev=1520323&r1=1520322&r2=1520323&view=diff == --- tomcat/trunk/webapps/docs/funcspecs/mbean-names.xml (original) +++ tomcat/trunk/webapps/docs/funcspecs/mbean-names.xml Thu Sep 5 14:17:07 2013 @@ -96,145 +96,145 @@ corresponding values: new items can be configured if desired. - + -Pattern -Cardinality -Identifier -MBean ObjectName +Pattern +Cardinality +Identifier +MBean ObjectName Server -1..1 -(none) -type=${SERVER} +1..1 +(none) +type=${SERVER} Server / Listener -0..n -(none) -type=${LISTENER}, sequence=${###} +0..n +(none) +type=${LISTENER}, sequence=${###} Server / Service -1..n -name -type=${SERVICE}, name=${name} +1..n +name +type=${SERVICE}, name=${name} Server / Service / Connector -1..n -address, port -type=${CONNECTOR}, service=${service}, port=${port}, +1..n +address, port +type=${CONNECTOR}, service=${service}, port=${port}, address=${address} Server / Service / Connector / Factory -0..1 -(none) +0..1 +(none) (Only defined explicitly for an SSL connector, but can be treated as part of the connector component) Server / Service / Connector / Listener -0..n -(none) -type=${LISTENER}, sequence=${###}, service=${service}, +0..n +(none)
[Bug 55524] Deadlock produced during Websocket write operation (org.apache.catalina.websocket.WsOutbound)
https://issues.apache.org/bugzilla/show_bug.cgi?id=55524 --- Comment #5 from confile --- When will you release tomcat 7.0.43 and tomcat 8? -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 55524] Deadlock produced during Websocket write operation (org.apache.catalina.websocket.WsOutbound)
https://issues.apache.org/bugzilla/show_bug.cgi?id=55524 --- Comment #4 from Mark Thomas --- The bug was in Tomcat's proprietary WebSocket implementation. That implementation does not exist in Tomcat 8. It has been replaced by the JSR-356 implementation (which will also be in Tomcat 7 from the next release). -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
buildbot failure in ASF Buildbot on tomcat-trunk
The Buildbot has detected a new failure on builder tomcat-trunk while building ASF Buildbot. Full details are available at: http://ci.apache.org/builders/tomcat-trunk/builds/4930 Buildbot URL: http://ci.apache.org/ Buildslave for this Build: bb-vm_ubuntu Build Reason: scheduler Build Source Stamp: [branch tomcat/trunk] 1520273 Blamelist: markt BUILD FAILED: failed compile_1 sincerely, -The Buildbot
[Bug 55524] Deadlock produced during Websocket write operation (org.apache.catalina.websocket.WsOutbound)
https://issues.apache.org/bugzilla/show_bug.cgi?id=55524 --- Comment #3 from confile --- Is this bug fixed in Tomcat8 as well? -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 55524] Deadlock produced during Websocket write operation (org.apache.catalina.websocket.WsOutbound)
https://issues.apache.org/bugzilla/show_bug.cgi?id=55524 Mark Thomas changed: What|Removed |Added Status|NEW |RESOLVED Resolution|--- |FIXED --- Comment #2 from Mark Thomas --- I believe I have fixed this in 7.0.x trunk and it will be included in 7.0.43 onwards. If you are able to build Tomcat from source and confirm the fix that would be helpful. There shouldn't be any need for changes in Atmosphere to fix this although a review of the relevant syncs in that code base as well wouldn't hurt. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1520281 - in /tomcat/tc7.0.x/trunk: java/org/apache/catalina/websocket/WsOutbound.java webapps/docs/changelog.xml
Author: markt Date: Thu Sep 5 11:22:00 2013 New Revision: 1520281 URL: http://svn.apache.org/r1520281 Log: Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=55524 Refactor to avoid a deadlock. Move the exception handling that may execute user code outside of the sync block. Modified: tomcat/tc7.0.x/trunk/java/org/apache/catalina/websocket/WsOutbound.java tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml Modified: tomcat/tc7.0.x/trunk/java/org/apache/catalina/websocket/WsOutbound.java URL: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/catalina/websocket/WsOutbound.java?rev=1520281&r1=1520280&r2=1520281&view=diff == --- tomcat/tc7.0.x/trunk/java/org/apache/catalina/websocket/WsOutbound.java (original) +++ tomcat/tc7.0.x/trunk/java/org/apache/catalina/websocket/WsOutbound.java Thu Sep 5 11:22:00 2013 @@ -41,6 +41,13 @@ public class WsOutbound { StringManager.getManager(Constants.Package); public static final int DEFAULT_BUFFER_SIZE = 8192; +/** + * This state lock is used rather than synchronized methods to allow error + * handling to be managed outside of the synchronization else deadlocks may + * occur such as https://issues.apache.org/bugzilla/show_bug.cgi?id=55524 + */ +private final Object stateLock = new Object(); + private UpgradeOutbound upgradeOutbound; private StreamInbound streamInbound; private ByteBuffer bb; @@ -78,22 +85,34 @@ public class WsOutbound { * @throws IOException If a flush is required and an error occurs writing * the WebSocket frame to the client */ -public synchronized void writeBinaryData(int b) throws IOException { -if (closed) { -throw new IOException(sm.getString("outbound.closed")); -} - -if (bb.position() == bb.capacity()) { -doFlush(false); -} -if (text == null) { -text = Boolean.FALSE; -} else if (text == Boolean.TRUE) { -// Flush the character data -flush(); -text = Boolean.FALSE; +public void writeBinaryData(int b) throws IOException { +try { +synchronized (stateLock) { +if (closed) { +throw new IOException(sm.getString("outbound.closed")); +} + +if (bb.position() == bb.capacity()) { +doFlush(false); +} +if (text == null) { +text = Boolean.FALSE; +} else if (text == Boolean.TRUE) { +// Flush the character data +flush(); +text = Boolean.FALSE; +} +bb.put((byte) (b & 0xFF)); +} +} catch (IOException ioe) { +// Any IOException is terminal. Make sure the inbound side knows +// that something went wrong. +// The exception handling needs to be outside of the sync to avoid +// possible deadlocks (e.g. BZ55524) when triggering the inbound +// close as that will execute user code +streamInbound.doOnClose(Constants.STATUS_CLOSED_UNEXPECTEDLY); +throw ioe; } -bb.put((byte) (b & 0xFF)); } @@ -108,23 +127,35 @@ public class WsOutbound { * @throws IOException If a flush is required and an error occurs writing * the WebSocket frame to the client */ -public synchronized void writeTextData(char c) throws IOException { -if (closed) { -throw new IOException(sm.getString("outbound.closed")); -} - -if (cb.position() == cb.capacity()) { -doFlush(false); -} - -if (text == null) { -text = Boolean.TRUE; -} else if (text == Boolean.FALSE) { -// Flush the binary data -flush(); -text = Boolean.TRUE; +public void writeTextData(char c) throws IOException { +try { +synchronized (stateLock) { +if (closed) { +throw new IOException(sm.getString("outbound.closed")); +} + +if (cb.position() == cb.capacity()) { +doFlush(false); +} + +if (text == null) { +text = Boolean.TRUE; +} else if (text == Boolean.FALSE) { +// Flush the binary data +flush(); +text = Boolean.TRUE; +} +cb.append(c); +} +} catch (IOException ioe) { +// Any IOException is terminal. Make sure the Inbound side knows +// that something went wrong. +// The exception handling needs to be outside of the sync
[Bug 55524] Deadlock produced during Websocket write operation (org.apache.catalina.websocket.WsOutbound)
https://issues.apache.org/bugzilla/show_bug.cgi?id=55524 --- Comment #1 from Mark Thomas --- I've only taken a quick look at this. So far, it appears that one lock is in Tomcat and one in Atmosphere so it is possible that changes will be required in both to fully fix this. I'll see what I can to do narrow / remove the sync in Tomcat. I suspect narrowing is the more likely outcome. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1520273 - /tomcat/trunk/webapps/ROOT/index.jsp
Author: markt Date: Thu Sep 5 10:40:43 2013 New Revision: 1520273 URL: http://svn.apache.org/r1520273 Log: Reduce the version specific references and update the remaining onces to Tomcat 8. Modified: tomcat/trunk/webapps/ROOT/index.jsp Modified: tomcat/trunk/webapps/ROOT/index.jsp URL: http://svn.apache.org/viewvc/tomcat/trunk/webapps/ROOT/index.jsp?rev=1520273&r1=1520272&r2=1520273&view=diff == --- tomcat/trunk/webapps/ROOT/index.jsp (original) +++ tomcat/trunk/webapps/ROOT/index.jsp Thu Sep 5 10:40:43 2013 @@ -19,9 +19,9 @@ limitations under the License. <% java.text.SimpleDateFormat sdf = new java.text.SimpleDateFormat(""); request.setAttribute("year", sdf.format(new java.util.Date())); -request.setAttribute("tomcat7Url", "http://tomcat.apache.org/";); -request.setAttribute("tomcat7DocUrl", "/docs/"); -request.setAttribute("tomcat7ExamplesUrl", "/examples/"); +request.setAttribute("tomcatUrl", "http://tomcat.apache.org/";); +request.setAttribute("tomcatDocUrl", "/docs/"); +request.setAttribute("tomcatExamplesUrl", "/examples/"); %> @@ -34,13 +34,13 @@ request.setAttribute("tomcat7ExamplesUrl -Home -Documentation -Configuration -Examples +Home +Documentation +Configuration +Examples http://wiki.apache.org/tomcat/FrontPage";>Wiki -Mailing Lists -Find Help +Mailing Lists +Find Help @@ -54,9 +54,9 @@ request.setAttribute("tomcat7ExamplesUrl Recommended Reading: -Security Considerations HOW-TO -Manager Application HOW-TO -Clustering/Session Replication HOW-TO +Security Considerations HOW-TO +Manager Application HOW-TO +Clustering/Session Replication HOW-TO @@ -79,19 +79,19 @@ request.setAttribute("tomcat7ExamplesUrl Developer Quick Start -Tomcat Setup -First Web Application +Tomcat Setup +First Web Application -Realms & AAA -JDBC DataSources +Realms & AAA +JDBC DataSources -Examples +Examples @@ -109,35 +109,35 @@ request.setAttribute("tomcat7ExamplesUrl For security, access to the manager webapp is restricted. Users are defined in: $CATALINA_HOME/conf/tomcat-users.xml -In Tomcat 7.0 access to the manager application is split between - different users. Read more... +In Tomcat 8.0 access to the manager application is split between + different users. Read more... -Release Notes -Changelog -Migration Guide -Security Notices +Release Notes +Changelog +Migration Guide +Security Notices Documentation -Tomcat 7.0 Documentation -Tomcat 7.0 Configuration +Tomcat 8.0 Documentation +Tomcat 8.0 Configuration http://wiki.apache.org/tomcat/FrontPage";>Tomcat Wiki Find additional important configuration information in: $CATALINA_HOME/RUNNING.txt Developers may be interested in: -http://tomcat.apache.org/bugreport.html";>Tomcat 7.0 Bug Database -Tomcat 7.0 JavaDocs -http://svn.apache.org/repos/asf/tomcat/tc7.0.x/";>Tomcat 7.0 SVN Repository +http://tomcat.apache.org/bugreport.html";>Tomcat 8.0 Bug Database +Tomcat 8.0 JavaDocs +http://svn.apache.org/repos/asf/tomcat/tc
svn commit: r1520270 - /tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java
Author: markt Date: Thu Sep 5 10:36:34 2013 New Revision: 1520270 URL: http://svn.apache.org/r1520270 Log: Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=55527 Modified: tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java Modified: tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java?rev=1520270&r1=1520269&r2=1520270&view=diff == --- tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java (original) +++ tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java Thu Sep 5 10:36:34 2013 @@ -566,7 +566,7 @@ public class JSSESocketFactory implement kms = kmf.getKeyManagers(); if (keyAlias != null) { String alias = keyAlias; -if (JSSESocketFactory.defaultKeystoreType.equals(keystoreType)) { +if ("JKS".equals(keystoreType)) { alias = alias.toLowerCase(Locale.ENGLISH); } for(int i=0; i
[Bug 55527] JSSESocketFactory conditionally converts alias to lower case; condition is unwise
https://issues.apache.org/bugzilla/show_bug.cgi?id=55527 Mark Thomas changed: What|Removed |Added Status|NEW |RESOLVED Component|Catalina|Catalina Version|unspecified |8.0.0-RC1 Resolution|--- |FIXED Product|Tomcat 7|Tomcat 8 Target Milestone|--- | --- Comment #1 from Mark Thomas --- Fixed in 8. No need to backport as the defaults aren't going to change. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1520264 - in /tomcat/site/trunk: docs/migration-7.html xdocs/migration-7.xml
Author: markt Date: Thu Sep 5 09:54:36 2013 New Revision: 1520264 URL: http://svn.apache.org/r1520264 Log: Add section on TLD changes. Modified: tomcat/site/trunk/docs/migration-7.html tomcat/site/trunk/xdocs/migration-7.xml Modified: tomcat/site/trunk/docs/migration-7.html URL: http://svn.apache.org/viewvc/tomcat/site/trunk/docs/migration-7.html?rev=1520264&r1=1520263&r2=1520264&view=diff == --- tomcat/site/trunk/docs/migration-7.html (original) +++ tomcat/site/trunk/docs/migration-7.html Thu Sep 5 09:54:36 2013 @@ -249,6 +249,9 @@ Annotation scanning +TLD processing + + Internal APIs @@ -1103,6 +1106,41 @@ of Apache Tomcat. + +TLD processing + + + + + +There have been a number of improvements to TLD processing. In addition +to some internal refactoring to improve consistency and reduce duplication, +there are a number of functional improvements. These are: + + + +EL processing within tag files is now consistent with the JSP version + declared for the tag file. + +The requirements of section JSP.7.3.1 of the JSP specification are + now enforced and TLD files are not permitted to be placed in + WEB-INF/lib or WEB-INF/classes. + + + + + + + + + + + + + + + + Internal APIs Modified: tomcat/site/trunk/xdocs/migration-7.xml URL: http://svn.apache.org/viewvc/tomcat/site/trunk/xdocs/migration-7.xml?rev=1520264&r1=1520263&r2=1520264&view=diff == --- tomcat/site/trunk/xdocs/migration-7.xml (original) +++ tomcat/site/trunk/xdocs/migration-7.xml Thu Sep 5 09:54:36 2013 @@ -418,6 +418,19 @@ of Apache Tomcat. + +There have been a number of improvements to TLD processing. In addition +to some internal refactoring to improve consistency and reduce duplication, +there are a number of functional improvements. These are: + + EL processing within tag files is now consistent with the JSP version + declared for the tag file. + The requirements of section JSP.7.3.1 of the JSP specification are + now enforced and TLD files are not permitted to be placed in + WEB-INF/lib or WEB-INF/classes. + + + Whilst the Tomcat 7 internal API is broadly compatible with Tomcat 6 - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1520263 - in /tomcat/tc7.0.x/trunk: modules/jdbc-pool/src/main/java/org/apache/tomcat/jdbc/pool/mbeans-descriptors.xml webapps/docs/changelog.xml
Author: kfujino Date: Thu Sep 5 09:47:32 2013 New Revision: 1520263 URL: http://svn.apache.org/r1520263 Log: Fix mbeans-descriptors.xml of DataSource. Add undefined attributes and operations to mbeans-descriptor. Modified: tomcat/tc7.0.x/trunk/modules/jdbc-pool/src/main/java/org/apache/tomcat/jdbc/pool/mbeans-descriptors.xml tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml Modified: tomcat/tc7.0.x/trunk/modules/jdbc-pool/src/main/java/org/apache/tomcat/jdbc/pool/mbeans-descriptors.xml URL: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/modules/jdbc-pool/src/main/java/org/apache/tomcat/jdbc/pool/mbeans-descriptors.xml?rev=1520263&r1=1520262&r2=1520263&view=diff == --- tomcat/tc7.0.x/trunk/modules/jdbc-pool/src/main/java/org/apache/tomcat/jdbc/pool/mbeans-descriptors.xml (original) +++ tomcat/tc7.0.x/trunk/modules/jdbc-pool/src/main/java/org/apache/tomcat/jdbc/pool/mbeans-descriptors.xml Thu Sep 5 09:47:32 2013 @@ -224,6 +224,107 @@ type="java.lang.String" writeable="false"/> + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + Modified: tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml URL: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml?rev=1520263&r1=1520262&r2=1520263&view=diff == --- tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml (original) +++ tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml Thu Sep 5 09:47:32 2013 @@ -334,6 +334,9 @@ 55343: Add flag to ignore exceptions of connection creation while initializing the pool. (kfujino) + +Add undefined attributes and operations to mbeans-descriptor. (kfujino) + - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1520262 - /tomcat/trunk/modules/jdbc-pool/src/main/java/org/apache/tomcat/jdbc/pool/mbeans-descriptors.xml
Author: kfujino Date: Thu Sep 5 09:44:05 2013 New Revision: 1520262 URL: http://svn.apache.org/r1520262 Log: Fix mbeans-descriptors.xml of DataSource. Add undefined attributes and operations to mbeans-descriptor. Modified: tomcat/trunk/modules/jdbc-pool/src/main/java/org/apache/tomcat/jdbc/pool/mbeans-descriptors.xml Modified: tomcat/trunk/modules/jdbc-pool/src/main/java/org/apache/tomcat/jdbc/pool/mbeans-descriptors.xml URL: http://svn.apache.org/viewvc/tomcat/trunk/modules/jdbc-pool/src/main/java/org/apache/tomcat/jdbc/pool/mbeans-descriptors.xml?rev=1520262&r1=1520261&r2=1520262&view=diff == --- tomcat/trunk/modules/jdbc-pool/src/main/java/org/apache/tomcat/jdbc/pool/mbeans-descriptors.xml (original) +++ tomcat/trunk/modules/jdbc-pool/src/main/java/org/apache/tomcat/jdbc/pool/mbeans-descriptors.xml Thu Sep 5 09:44:05 2013 @@ -224,6 +224,107 @@ type="java.lang.String" writeable="false"/> + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1520261 - in /tomcat/jk/trunk/native/common: jk_ajp12_worker.c jk_ajp_common.c jk_ajp_common.h jk_connect.c jk_connect.h jk_global.h jk_status.c jk_util.c jk_util.h
Author: mturk Date: Thu Sep 5 09:43:12 2013 New Revision: 1520261 URL: http://svn.apache.org/r1520261 Log: First step in IPV6 support - use new jk_sockaddr_t structure wrapping sockaddr_in. Beside that there are no funtional changes Modified: tomcat/jk/trunk/native/common/jk_ajp12_worker.c tomcat/jk/trunk/native/common/jk_ajp_common.c tomcat/jk/trunk/native/common/jk_ajp_common.h tomcat/jk/trunk/native/common/jk_connect.c tomcat/jk/trunk/native/common/jk_connect.h tomcat/jk/trunk/native/common/jk_global.h tomcat/jk/trunk/native/common/jk_status.c tomcat/jk/trunk/native/common/jk_util.c tomcat/jk/trunk/native/common/jk_util.h Modified: tomcat/jk/trunk/native/common/jk_ajp12_worker.c URL: http://svn.apache.org/viewvc/tomcat/jk/trunk/native/common/jk_ajp12_worker.c?rev=1520261&r1=1520260&r2=1520261&view=diff == --- tomcat/jk/trunk/native/common/jk_ajp12_worker.c (original) +++ tomcat/jk/trunk/native/common/jk_ajp12_worker.c Thu Sep 5 09:43:12 2013 @@ -40,7 +40,7 @@ struct ajp12_worker { -struct sockaddr_in worker_inet_addr; +jk_sockaddr_t worker_inet_addr; unsigned connect_retry_attempts; char *name; jk_worker_t worker; @@ -192,7 +192,7 @@ static int JK_METHOD validate(jk_worker_ p->name, host, port); if (host) { -if (jk_resolve(host, port, &p->worker_inet_addr, we->pool, l)) { +if (jk_resolve(host, port, &p->worker_inet_addr, we->pool, 0, l)) { return JK_TRUE; } jk_log(l, JK_LOG_ERROR, Modified: tomcat/jk/trunk/native/common/jk_ajp_common.c URL: http://svn.apache.org/viewvc/tomcat/jk/trunk/native/common/jk_ajp_common.c?rev=1520261&r1=1520260&r2=1520261&view=diff == --- tomcat/jk/trunk/native/common/jk_ajp_common.c (original) +++ tomcat/jk/trunk/native/common/jk_ajp_common.c Thu Sep 5 09:43:12 2013 @@ -1062,7 +1062,7 @@ void jk_ajp_pull(ajp_worker_t * aw, int int address_change = JK_FALSE; int port = 0; char host[JK_SHM_STR_SIZ+1]; -struct sockaddr_in inet_addr; +jk_sockaddr_t inet_addr; JK_TRACE_ENTER(l); if (JK_IS_DEBUG_LEVEL(l)) @@ -1095,7 +1095,7 @@ void jk_ajp_pull(ajp_worker_t * aw, int aw->port = port; strncpy(aw->host, host, JK_SHM_STR_SIZ); if (!jk_resolve(host, port, &inet_addr, -aw->worker.we->pool, l)) { +aw->worker.we->pool, aw->prefer_ipv6, l)) { jk_log(l, JK_LOG_ERROR, "Failed resolving address '%s:%d' for worker '%s'.", host, port, aw->name); @@ -2734,6 +2734,7 @@ int ajp_validate(jk_worker_t *pThis, host = "undefined"; } strncpy(p->host, jk_get_worker_host(props, p->name, host), JK_SHM_STR_SIZ); +p->prefer_ipv6 = jk_get_worker_prefer_ipv6(props, p->name, 0); if (p->s->h.sequence == 0) { /* Initial setup. */ @@ -2742,7 +2743,8 @@ int ajp_validate(jk_worker_t *pThis, "worker %s contact is '%s:%d'", p->name, p->host, p->port); if (p->port > 0) { -if (!jk_resolve(p->host, p->port, &p->worker_inet_addr, we->pool, l)) { +if (!jk_resolve(p->host, p->port, &p->worker_inet_addr, +we->pool, p->prefer_ipv6, l)) { jk_log(l, JK_LOG_ERROR, "worker %s can't resolve tomcat address %s", p->name, p->host); Modified: tomcat/jk/trunk/native/common/jk_ajp_common.h URL: http://svn.apache.org/viewvc/tomcat/jk/trunk/native/common/jk_ajp_common.h?rev=1520261&r1=1520260&r2=1520261&view=diff == --- tomcat/jk/trunk/native/common/jk_ajp_common.h (original) +++ tomcat/jk/trunk/native/common/jk_ajp_common.h Thu Sep 5 09:43:12 2013 @@ -294,12 +294,14 @@ struct ajp_worker JK_CRIT_SEC cs; -struct sockaddr_in worker_inet_addr;/* Contains host and port */ +jk_sockaddr_t worker_inet_addr;/* Contains host and port */ unsigned connect_retry_attempts; char host[JK_SHM_STR_SIZ+1]; int port; int addr_sequence; /* Whether the address is resolved */ int maintain_time; +int prefer_ipv6; + /* * Open connections cache... * Modified: tomcat/jk/trunk/native/common/jk_connect.c URL: http://svn.apache.org/viewvc/tomcat/jk/trunk/native/common/jk_connect.c?rev=1520261&r1=1520260&r2=1520261&view=diff == --- tomcat/jk/trunk/native/common/jk_connect.c (original) +++ tomcat/jk/trunk/native/common/jk_connect.c Thu Sep 5 09:43:12 2013 @@ -148,14 +148,14 @@ static int sononbloc
svn commit: r1520260 - in /tomcat/site/trunk: docs/security-4.html docs/security-5.html docs/security-6.html xdocs/security-4.xml xdocs/security-5.xml xdocs/security-6.xml
Author: markt Date: Thu Sep 5 09:39:32 2013 New Revision: 1520260 URL: http://svn.apache.org/r1520260 Log: Fix typo Modified: tomcat/site/trunk/docs/security-4.html tomcat/site/trunk/docs/security-5.html tomcat/site/trunk/docs/security-6.html tomcat/site/trunk/xdocs/security-4.xml tomcat/site/trunk/xdocs/security-5.xml tomcat/site/trunk/xdocs/security-6.xml Modified: tomcat/site/trunk/docs/security-4.html URL: http://svn.apache.org/viewvc/tomcat/site/trunk/docs/security-4.html?rev=1520260&r1=1520259&r2=1520260&view=diff == --- tomcat/site/trunk/docs/security-4.html (original) +++ tomcat/site/trunk/docs/security-4.html Thu Sep 5 09:39:32 2013 @@ -717,7 +717,7 @@ process a sequence of requests where one or more requests contain multiple content-length headers and several components do not reject the request and make different decisions as to which - content-length leader to use an attacker can poision a web-cache, perform + content-length leader to use an attacker can poison a web-cache, perform an XSS attack and obtain senstive information from requests other then their own. Tomcat now returns 400 for requests with multiple content-length headers. Modified: tomcat/site/trunk/docs/security-5.html URL: http://svn.apache.org/viewvc/tomcat/site/trunk/docs/security-5.html?rev=1520260&r1=1520259&r2=1520260&view=diff == --- tomcat/site/trunk/docs/security-5.html (original) +++ tomcat/site/trunk/docs/security-5.html Thu Sep 5 09:39:32 2013 @@ -1425,7 +1425,7 @@ process a sequence of requests where one or more requests contain multiple content-length headers and several components do not reject the request and make different decisions as to which - content-length leader to use an attacker can poision a web-cache, perform + content-length leader to use an attacker can poison a web-cache, perform an XSS attack and obtain senstive information from requests other then their own. Tomcat now returns 400 for requests with multiple content-length headers. Modified: tomcat/site/trunk/docs/security-6.html URL: http://svn.apache.org/viewvc/tomcat/site/trunk/docs/security-6.html?rev=1520260&r1=1520259&r2=1520260&view=diff == --- tomcat/site/trunk/docs/security-6.html (original) +++ tomcat/site/trunk/docs/security-6.html Thu Sep 5 09:39:32 2013 @@ -1706,7 +1706,7 @@ process a sequence of requests where one or more requests contain multiple content-length headers and several components do not reject the request and make different decisions as to which - content-length leader to use an attacker can poision a web-cache, perform + content-length leader to use an attacker can poison a web-cache, perform an XSS attack and obtain senstive information from requests other then their own. Tomcat now returns 400 for requests with multiple content-length headers. Modified: tomcat/site/trunk/xdocs/security-4.xml URL: http://svn.apache.org/viewvc/tomcat/site/trunk/xdocs/security-4.xml?rev=1520260&r1=1520259&r2=1520260&view=diff == --- tomcat/site/trunk/xdocs/security-4.xml (original) +++ tomcat/site/trunk/xdocs/security-4.xml Thu Sep 5 09:39:32 2013 @@ -272,7 +272,7 @@ process a sequence of requests where one or more requests contain multiple content-length headers and several components do not reject the request and make different decisions as to which - content-length leader to use an attacker can poision a web-cache, perform + content-length leader to use an attacker can poison a web-cache, perform an XSS attack and obtain senstive information from requests other then their own. Tomcat now returns 400 for requests with multiple content-length headers. Modified: tomcat/site/trunk/xdocs/security-5.xml URL: http://svn.apache.org/viewvc/tomcat/site/trunk/xdocs/security-5.xml?rev=1520260&r1=1520259&r2=1520260&view=diff == --- tomcat/site/trunk/xdocs/security-5.xml (original) +++ tomcat/site/trunk/xdocs/security-5.xml Thu Sep 5 09:39:32 2013 @@ -696,7 +696,7 @@ process a sequence of requests where one or more requests contain multiple content-length headers and several components do not reject the request and make different decisions as to which - content-length leader to use an attacker can poision a web-cache, perform + content-length leader to use an attacker can poison a web-cache, perform an XSS attack and obtain senstive information from requ
[Bug 55526] Overly eager CSRF protection in manager app
https://issues.apache.org/bugzilla/show_bug.cgi?id=55526 Mark Thomas changed: What|Removed |Added Status|NEW |RESOLVED Resolution|--- |INVALID --- Comment #1 from Mark Thomas --- This is working as intended and as designed. The behaviour is controllable via configuration. Further assistance is available from the Tomcat users mailing list. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 55527] New: JSSESocketFactory conditionally converts alias to lower case; condition is unwise
https://issues.apache.org/bugzilla/show_bug.cgi?id=55527 Bug ID: 55527 Summary: JSSESocketFactory conditionally converts alias to lower case; condition is unwise Product: Tomcat 7 Version: unspecified Hardware: PC OS: Windows XP Status: NEW Severity: minor Priority: P2 Component: Catalina Assignee: dev@tomcat.apache.org Reporter: s...@apache.org JSSESocketFactory conditionally converts the alias to lower case. The condition is coded as follows: private static final String defaultKeystoreType = "JKS"; ... if (JSSESocketFactory.defaultKeystoreType.equals(keystoreType)) { alias = alias.toLowerCase(Locale.ENGLISH); } If the intention is to downcase only JKS store aliases, then the comparison should be made with "JKS", not a constant that happens to contain "JKS" at present. Using a specific comparator would both clarify the code and protect against a possible change to the default (albeit very unlikely). -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 55526] New: Overly eager CSRF protection in manager app
https://issues.apache.org/bugzilla/show_bug.cgi?id=55526 Bug ID: 55526 Summary: Overly eager CSRF protection in manager app Product: Tomcat 7 Version: 7.0.28 Hardware: PC OS: Linux Status: NEW Severity: normal Priority: P2 Component: Manager Assignee: dev@tomcat.apache.org Reporter: fh+apa...@hars.de Using browser tabs or the back button in the manager app will occasionally result in incorrect forbidden errors. Steps to reproduce: 1. Open the Session list for a webapp 2. Click on a session id 3. Click the back-button 4. Click on a session id 5. Click the back-button 6. Click on a session id 7. Click the back-button Expected result: The browser displays the session list Observed result: 403 Forbidden. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1520252 - /tomcat/trunk/java/org/apache/coyote/ajp/AbstractAjpProcessor.java
Author: markt Date: Thu Sep 5 08:35:58 2013 New Revision: 1520252 URL: http://svn.apache.org/r1520252 Log: When using non-blocking IO need to ensure that end of stream is correctly identified so that the onAllDataRead event is correctly fired. Modified: tomcat/trunk/java/org/apache/coyote/ajp/AbstractAjpProcessor.java Modified: tomcat/trunk/java/org/apache/coyote/ajp/AbstractAjpProcessor.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/coyote/ajp/AbstractAjpProcessor.java?rev=1520252&r1=1520251&r2=1520252&view=diff == --- tomcat/trunk/java/org/apache/coyote/ajp/AbstractAjpProcessor.java (original) +++ tomcat/trunk/java/org/apache/coyote/ajp/AbstractAjpProcessor.java Thu Sep 5 08:35:58 2013 @@ -219,6 +219,13 @@ public abstract class AbstractAjpProcess /** + * Is a body present for the current request? This is determined by the + * presence of the content-length header with a non-zero value. + */ +private boolean bodyPresent = false; + + +/** * Indicates that a 'get body chunk' message has been sent but the body * chunk has not yet been received. */ @@ -842,6 +849,7 @@ public abstract class AbstractAjpProcess // Recycle Request object first = true; endOfStream = false; +bodyPresent = false; waitingForBodyMessage = false; empty = true; replay = false; @@ -1017,7 +1025,7 @@ public abstract class AbstractAjpProcess } boolean moreData = receive(block); -if (!first && !waitingForBodyMessage && !moreData) { +if (!moreData && ((first && !bodyPresent) || (!first && !waitingForBodyMessage))) { endOfStream = true; } return moreData; @@ -1090,7 +1098,11 @@ public abstract class AbstractAjpProcess if (hId == Constants.SC_REQ_CONTENT_LENGTH || (hId == -1 && tmpMB.equalsIgnoreCase("Content-Length"))) { // just read the content-length header, so set it -request.setContentLength(vMB.getLong()); +long cl = vMB.getLong(); +request.setContentLength(cl); +if (cl != 0) { +bodyPresent = true; +} } else if (hId == Constants.SC_REQ_CONTENT_TYPE || (hId == -1 && tmpMB.equalsIgnoreCase("Content-Type"))) { // just read the content-type header, so set it - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org