[Bug 56618] Can not set Hostname property to IPv6 address using JK Status Manager
https://issues.apache.org/bugzilla/show_bug.cgi?id=56618 --- Comment #1 from Konstantin Kolinko knst.koli...@gmail.com --- Thread on @users: I can not set Hostname property to IPv6 address using JK Status Manager http://tomcat.markmail.org/thread/5z54blmnrttwytr6 The problem is that url-encoded parameter value (2001%3Ac0a8%3A%3A1) is passed as is to the jk_resolve method. Looking at the code, jk_status.c has its own HTTP query parameters parsing (status_parse_uri() in native/common/jk_status.c), implemented by splitting the query string. The url-decoding of parameters is not performed. There is a comment that it had been planned, but has not been implemented yet. /* XXX Depending on the params values, we might need to trim and decode */ -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1602378 - in /tomcat/tc7.0.x/trunk: ./ java/org/apache/coyote/AbstractProcessor.java java/org/apache/coyote/ajp/AbstractAjpProcessor.java java/org/apache/coyote/http11/AbstractHttp11Proce
Author: markt Date: Fri Jun 13 11:23:42 2014 New Revision: 1602378 URL: http://svn.apache.org/r1602378 Log: Pull up error flag Modified: tomcat/tc7.0.x/trunk/ (props changed) tomcat/tc7.0.x/trunk/java/org/apache/coyote/AbstractProcessor.java tomcat/tc7.0.x/trunk/java/org/apache/coyote/ajp/AbstractAjpProcessor.java tomcat/tc7.0.x/trunk/java/org/apache/coyote/http11/AbstractHttp11Processor.java Propchange: tomcat/tc7.0.x/trunk/ -- Merged /tomcat/trunk:r1599460 Modified: tomcat/tc7.0.x/trunk/java/org/apache/coyote/AbstractProcessor.java URL: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/coyote/AbstractProcessor.java?rev=1602378r1=1602377r2=1602378view=diff == --- tomcat/tc7.0.x/trunk/java/org/apache/coyote/AbstractProcessor.java (original) +++ tomcat/tc7.0.x/trunk/java/org/apache/coyote/AbstractProcessor.java Fri Jun 13 11:23:42 2014 @@ -37,7 +37,12 @@ public abstract class AbstractProcessor protected Response response; protected SocketWrapperS socketWrapper = null; - +/** + * Error flag. + */ +protected boolean error; + + /** * Intended for use by the Upgrade sub-classes that have no need to * initialise the request, response, etc. Modified: tomcat/tc7.0.x/trunk/java/org/apache/coyote/ajp/AbstractAjpProcessor.java URL: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/coyote/ajp/AbstractAjpProcessor.java?rev=1602378r1=1602377r2=1602378view=diff == --- tomcat/tc7.0.x/trunk/java/org/apache/coyote/ajp/AbstractAjpProcessor.java (original) +++ tomcat/tc7.0.x/trunk/java/org/apache/coyote/ajp/AbstractAjpProcessor.java Fri Jun 13 11:23:42 2014 @@ -169,12 +169,6 @@ public abstract class AbstractAjpProcess /** - * Error flag. - */ -protected boolean error = false; - - -/** * Host name (used to avoid useless B2C conversion on the host name). */ protected char[] hostNameC = new char[0]; Modified: tomcat/tc7.0.x/trunk/java/org/apache/coyote/http11/AbstractHttp11Processor.java URL: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/coyote/http11/AbstractHttp11Processor.java?rev=1602378r1=1602377r2=1602378view=diff == --- tomcat/tc7.0.x/trunk/java/org/apache/coyote/http11/AbstractHttp11Processor.java (original) +++ tomcat/tc7.0.x/trunk/java/org/apache/coyote/http11/AbstractHttp11Processor.java Fri Jun 13 11:23:42 2014 @@ -71,12 +71,6 @@ public abstract class AbstractHttp11Proc /** - * Error flag. - */ -protected boolean error = false; - - -/** * Keep-alive. */ protected boolean keepAlive = true; - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1602380 - in /tomcat/tc7.0.x/trunk: ./ java/org/apache/coyote/http11/AbstractHttp11Processor.java
Author: markt Date: Fri Jun 13 11:25:42 2014 New Revision: 1602380 URL: http://svn.apache.org/r1602380 Log: Tweak comments Modified: tomcat/tc7.0.x/trunk/ (props changed) tomcat/tc7.0.x/trunk/java/org/apache/coyote/http11/AbstractHttp11Processor.java Propchange: tomcat/tc7.0.x/trunk/ -- Merged /tomcat/trunk:r1599479 Modified: tomcat/tc7.0.x/trunk/java/org/apache/coyote/http11/AbstractHttp11Processor.java URL: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/coyote/http11/AbstractHttp11Processor.java?rev=1602380r1=1602379r2=1602380view=diff == --- tomcat/tc7.0.x/trunk/java/org/apache/coyote/http11/AbstractHttp11Processor.java (original) +++ tomcat/tc7.0.x/trunk/java/org/apache/coyote/http11/AbstractHttp11Processor.java Fri Jun 13 11:25:42 2014 @@ -1109,8 +1109,8 @@ public abstract class AbstractHttp11Proc } else if (expectation (response.getStatus() 200 || response.getStatus() 299)) { // Client sent Expect: 100-continue but received a -// non-2xx response. Disable keep-alive (if enabled) to -// ensure the connection is closed. Some clients may +// non-2xx final response. Disable keep-alive (if enabled) +// to ensure that the connection is closed. Some clients may // still send the body, some may send the next request. // No way to differentiate, so close the connection to // force the client to send the next request. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1602381 - in /tomcat/tc7.0.x/trunk: ./ java/org/apache/coyote/http11/AbstractHttp11Processor.java test/org/apache/catalina/startup/SimpleHttpClient.java test/org/apache/coyote/http11/Test
Author: markt Date: Fri Jun 13 11:26:36 2014 New Revision: 1602381 URL: http://svn.apache.org/r1602381 Log: As per RFC2616, an unknown expect header should result in a 417 response. Modified: tomcat/tc7.0.x/trunk/ (props changed) tomcat/tc7.0.x/trunk/java/org/apache/coyote/http11/AbstractHttp11Processor.java tomcat/tc7.0.x/trunk/test/org/apache/catalina/startup/SimpleHttpClient.java tomcat/tc7.0.x/trunk/test/org/apache/coyote/http11/TestAbstractHttp11Processor.java Propchange: tomcat/tc7.0.x/trunk/ -- Merged /tomcat/trunk:r1599500 Modified: tomcat/tc7.0.x/trunk/java/org/apache/coyote/http11/AbstractHttp11Processor.java URL: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/coyote/http11/AbstractHttp11Processor.java?rev=1602381r1=1602380r2=1602381view=diff == --- tomcat/tc7.0.x/trunk/java/org/apache/coyote/http11/AbstractHttp11Processor.java (original) +++ tomcat/tc7.0.x/trunk/java/org/apache/coyote/http11/AbstractHttp11Processor.java Fri Jun 13 11:26:36 2014 @@ -1242,10 +1242,14 @@ public abstract class AbstractHttp11Proc if (http11) { expectMB = headers.getValue(expect); } -if ((expectMB != null) - (expectMB.indexOfIgnoreCase(100-continue, 0) != -1)) { -getInputBuffer().setSwallowInput(false); -expectation = true; +if (expectMB != null) { +if (expectMB.indexOfIgnoreCase(100-continue, 0) != -1) { +getInputBuffer().setSwallowInput(false); +expectation = true; +} else { +error = true; +response.setStatus(HttpServletResponse.SC_EXPECTATION_FAILED); +} } // Check user-agent header Modified: tomcat/tc7.0.x/trunk/test/org/apache/catalina/startup/SimpleHttpClient.java URL: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/test/org/apache/catalina/startup/SimpleHttpClient.java?rev=1602381r1=1602380r2=1602381view=diff == --- tomcat/tc7.0.x/trunk/test/org/apache/catalina/startup/SimpleHttpClient.java (original) +++ tomcat/tc7.0.x/trunk/test/org/apache/catalina/startup/SimpleHttpClient.java Fri Jun 13 11:26:36 2014 @@ -53,6 +53,7 @@ public abstract class SimpleHttpClient { public static final String FAIL_404 = HTTP/1.1 404; public static final String TIMEOUT_408 = HTTP/1.1 408; public static final String FAIL_413 = HTTP/1.1 413; +public static final String FAIL_417 = HTTP/1.1 417; public static final String FAIL_50X = HTTP/1.1 50; public static final String FAIL_500 = HTTP/1.1 500; public static final String FAIL_501 = HTTP/1.1 501; @@ -416,6 +417,10 @@ public abstract class SimpleHttpClient { return getResponseLine().startsWith(FAIL_413); } +public boolean isResponse417() { +return getResponseLine().startsWith(FAIL_417); +} + public boolean isResponse50x() { return getResponseLine().startsWith(FAIL_50X); } Modified: tomcat/tc7.0.x/trunk/test/org/apache/coyote/http11/TestAbstractHttp11Processor.java URL: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/test/org/apache/coyote/http11/TestAbstractHttp11Processor.java?rev=1602381r1=1602380r2=1602381view=diff == --- tomcat/tc7.0.x/trunk/test/org/apache/coyote/http11/TestAbstractHttp11Processor.java (original) +++ tomcat/tc7.0.x/trunk/test/org/apache/coyote/http11/TestAbstractHttp11Processor.java Fri Jun 13 11:26:36 2014 @@ -53,6 +53,31 @@ import org.apache.tomcat.util.buf.ByteCh public class TestAbstractHttp11Processor extends TomcatBaseTest { @Test +public void testWithUnknownExpectation() throws Exception { +Tomcat tomcat = getTomcatInstance(); + +// Use the normal Tomcat ROOT context +File root = new File(test/webapp); +tomcat.addWebapp(, root.getAbsolutePath()); + +tomcat.start(); + +String request = +POST /echo-params.jsp HTTP/1.1 + SimpleHttpClient.CRLF + +Host: any + SimpleHttpClient.CRLF + +Expect: unknoen + SimpleHttpClient.CRLF + +SimpleHttpClient.CRLF; + +Client client = new Client(tomcat.getConnector().getLocalPort()); +client.setRequest(new String[] {request}); + +client.connect(); +client.processRequest(); +assertTrue(client.isResponse417()); +} + + +@Test public void testWithTEVoid() throws Exception { Tomcat tomcat = getTomcatInstance(); - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1602382 - in /tomcat/tc7.0.x/trunk: ./ java/org/apache/coyote/http11/AbstractHttp11Processor.java
Author: markt Date: Fri Jun 13 11:28:00 2014 New Revision: 1602382 URL: http://svn.apache.org/r1602382 Log: Align code with comment and use a 500 response (internal server error) as per the comment rather than a 400 response. Modified: tomcat/tc7.0.x/trunk/ (props changed) tomcat/tc7.0.x/trunk/java/org/apache/coyote/http11/AbstractHttp11Processor.java Propchange: tomcat/tc7.0.x/trunk/ -- Merged /tomcat/trunk:r1599558 Modified: tomcat/tc7.0.x/trunk/java/org/apache/coyote/http11/AbstractHttp11Processor.java URL: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/coyote/http11/AbstractHttp11Processor.java?rev=1602382r1=1602381r2=1602382view=diff == --- tomcat/tc7.0.x/trunk/java/org/apache/coyote/http11/AbstractHttp11Processor.java (original) +++ tomcat/tc7.0.x/trunk/java/org/apache/coyote/http11/AbstractHttp11Processor.java Fri Jun 13 11:28:00 2014 @@ -1045,8 +1045,8 @@ public abstract class AbstractHttp11Proc getLog().debug(sm.getString( http11processor.request.prepare), t); } -// 400 - Internal Server Error -response.setStatus(400); +// 500 - Internal Server Error +response.setStatus(500); adapter.log(request, response, 0); error = true; } - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1602384 - /tomcat/tc7.0.x/trunk/java/org/apache/coyote/http11/AbstractHttp11Processor.java
Author: markt Date: Fri Jun 13 11:32:18 2014 New Revision: 1602384 URL: http://svn.apache.org/r1602384 Log: Fix merge error Modified: tomcat/tc7.0.x/trunk/java/org/apache/coyote/http11/AbstractHttp11Processor.java Modified: tomcat/tc7.0.x/trunk/java/org/apache/coyote/http11/AbstractHttp11Processor.java URL: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/coyote/http11/AbstractHttp11Processor.java?rev=1602384r1=1602383r2=1602384view=diff == --- tomcat/tc7.0.x/trunk/java/org/apache/coyote/http11/AbstractHttp11Processor.java (original) +++ tomcat/tc7.0.x/trunk/java/org/apache/coyote/http11/AbstractHttp11Processor.java Fri Jun 13 11:32:18 2014 @@ -23,6 +23,8 @@ import java.util.StringTokenizer; import java.util.concurrent.atomic.AtomicBoolean; import java.util.regex.Pattern; +import javax.servlet.http.HttpServletResponse; + import org.apache.coyote.AbstractProcessor; import org.apache.coyote.ActionCode; import org.apache.coyote.AsyncContextCallback; - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1602383 - in /tomcat/tc7.0.x/trunk: ./ java/org/apache/coyote/http11/AbstractHttp11Processor.java
Author: markt Date: Fri Jun 13 11:31:50 2014 New Revision: 1602383 URL: http://svn.apache.org/r1602383 Log: Reduce duplicate by moving error handling into addInputFilter. Also makes error handling consistent. Modified: tomcat/tc7.0.x/trunk/ (props changed) tomcat/tc7.0.x/trunk/java/org/apache/coyote/http11/AbstractHttp11Processor.java Propchange: tomcat/tc7.0.x/trunk/ -- Merged /tomcat/trunk:r1599738 Modified: tomcat/tc7.0.x/trunk/java/org/apache/coyote/http11/AbstractHttp11Processor.java URL: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/coyote/http11/AbstractHttp11Processor.java?rev=1602383r1=1602382r2=1602383view=diff == --- tomcat/tc7.0.x/trunk/java/org/apache/coyote/http11/AbstractHttp11Processor.java (original) +++ tomcat/tc7.0.x/trunk/java/org/apache/coyote/http11/AbstractHttp11Processor.java Fri Jun 13 11:31:50 2014 @@ -708,12 +708,10 @@ public abstract class AbstractHttp11Proc /** - * Add an input filter to the current request. - * - * @return false if the encoding was not found (which would mean it is - * unsupported) + * Add an input filter to the current request. If the encoding is not + * supported, a 501 response will be returned to the client. */ -protected boolean addInputFilter(InputFilter[] inputFilters, +protected void addInputFilter(InputFilter[] inputFilters, String encodingName) { if (encodingName.equals(identity)) { // Skip @@ -723,15 +721,20 @@ public abstract class AbstractHttp11Proc contentDelimitation = true; } else { for (int i = pluggableFilterIndex; i inputFilters.length; i++) { -if (inputFilters[i].getEncodingName() -.toString().equals(encodingName)) { +if (inputFilters[i].getEncodingName().toString().equals(encodingName)) { getInputBuffer().addActiveFilter(inputFilters[i]); -return true; +return; } } -return false; +// Unsupported transfer encoding +// 501 - Unimplemented +response.setStatus(501); +error = true; +if (getLog().isDebugEnabled()) { +getLog().debug(sm.getString(http11processor.request.prepare) + + Unsupported transfer encoding [ + encodingName + ]); +} } -return true; } @@ -1309,29 +1312,15 @@ public abstract class AbstractHttp11Proc int commaPos = transferEncodingValue.indexOf(','); String encodingName = null; while (commaPos != -1) { -encodingName = transferEncodingValue.substring -(startPos, commaPos).toLowerCase(Locale.ENGLISH).trim(); -if (!addInputFilter(inputFilters, encodingName)) { -// Unsupported transfer encoding -error = true; -// 501 - Unimplemented -response.setStatus(501); -} +encodingName = transferEncodingValue.substring( +startPos, commaPos).toLowerCase(Locale.ENGLISH).trim(); +addInputFilter(inputFilters, encodingName); startPos = commaPos + 1; commaPos = transferEncodingValue.indexOf(',', startPos); } -encodingName = transferEncodingValue.substring(startPos) -.toLowerCase(Locale.ENGLISH).trim(); -if (!addInputFilter(inputFilters, encodingName)) { -// Unsupported transfer encoding -error = true; -// 501 - Unimplemented -if (getLog().isDebugEnabled()) { - getLog().debug(sm.getString(http11processor.request.prepare)+ - Unsupported transfer encoding \+encodingName+\); -} -response.setStatus(501); -} +encodingName = transferEncodingValue.substring( +startPos).toLowerCase(Locale.ENGLISH).trim(); +addInputFilter(inputFilters, encodingName); } // Parse content-length header - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1602386 - in /tomcat/tc7.0.x/trunk: ./ java/org/apache/coyote/http11/AbstractHttp11Processor.java
Author: markt Date: Fri Jun 13 11:37:24 2014 New Revision: 1602386 URL: http://svn.apache.org/r1602386 Log: Tiny bit of de-duplication. Add reference to RFC2616 for case insensitivity of transfer encoding names. Modified: tomcat/tc7.0.x/trunk/ (props changed) tomcat/tc7.0.x/trunk/java/org/apache/coyote/http11/AbstractHttp11Processor.java Propchange: tomcat/tc7.0.x/trunk/ -- Merged /tomcat/trunk:r1599739 Modified: tomcat/tc7.0.x/trunk/java/org/apache/coyote/http11/AbstractHttp11Processor.java URL: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/coyote/http11/AbstractHttp11Processor.java?rev=1602386r1=1602385r2=1602386view=diff == --- tomcat/tc7.0.x/trunk/java/org/apache/coyote/http11/AbstractHttp11Processor.java (original) +++ tomcat/tc7.0.x/trunk/java/org/apache/coyote/http11/AbstractHttp11Processor.java Fri Jun 13 11:37:24 2014 @@ -713,8 +713,12 @@ public abstract class AbstractHttp11Proc * Add an input filter to the current request. If the encoding is not * supported, a 501 response will be returned to the client. */ -protected void addInputFilter(InputFilter[] inputFilters, - String encodingName) { +private void addInputFilter(InputFilter[] inputFilters, String encodingName) { + +// Trim provided encoding name and convert to lower case since transfer +// encoding names are case insensitive. (RFC2616, section 3.6) +encodingName = encodingName.trim().toLowerCase(Locale.ENGLISH); + if (encodingName.equals(identity)) { // Skip } else if (encodingName.equals(chunked)) { @@ -1314,14 +1318,12 @@ public abstract class AbstractHttp11Proc int commaPos = transferEncodingValue.indexOf(','); String encodingName = null; while (commaPos != -1) { -encodingName = transferEncodingValue.substring( -startPos, commaPos).toLowerCase(Locale.ENGLISH).trim(); +encodingName = transferEncodingValue.substring(startPos, commaPos); addInputFilter(inputFilters, encodingName); startPos = commaPos + 1; commaPos = transferEncodingValue.indexOf(',', startPos); } -encodingName = transferEncodingValue.substring( -startPos).toLowerCase(Locale.ENGLISH).trim(); +encodingName = transferEncodingValue.substring(startPos); addInputFilter(inputFilters, encodingName); } - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 56620] New: Bogus access log entries with status 503 and date in year 1970 (the epoch) when pausing NIO connector
https://issues.apache.org/bugzilla/show_bug.cgi?id=56620 Bug ID: 56620 Summary: Bogus access log entries with status 503 and date in year 1970 (the epoch) when pausing NIO connector Product: Tomcat 8 Version: 8.0.8 Hardware: PC Status: NEW Severity: normal Priority: P2 Component: Catalina Assignee: dev@tomcat.apache.org Reporter: knst.koli...@gmail.com This issue is reproducible with the current trunk (@1602359), plus I added the following lines to AbstractAccessLogValve.log() after line 630, to help me debug this issue: [[[ long start = request.getCoyoteRequest().getStartTime(); +if (start == -1) { +// Request processing has not started yet +log.warn(Unexpected timestamp, new Throwable()); +} Date date = getDate(start + time); ]]] To reproduce, run org.apache.jasper.compiler.TestGenerator test with access log being enabled. Run it with NIO connector. I use the following configuration in build.properties: [[[ test.accesslog=true test.entry=org.apache.jasper.compiler.TestGenerator ]]] Depending on your luck, there will be one or several of the following lines in access_log.$DATE file produced by the tests: [[[ 127.0.0.1 - - [01/Jan/1970:02:59:59 +0300] - 503 - null 0 ]]] The entry is bogus, as in this particular test there is one request per test asking for a JSP page. Those requests are processed and properly logged. Thanks to the log.warn patch above it logs the following stacktrace: [[[ 13-Jun-2014 15:01:37.441 WARNING [http-nio-127.0.0.1-auto-2-exec-1] org.apache.catalina.valves.AbstractAccessLogValve.log Unexpected timestamp java.lang.Throwable at org.apache.catalina.valves.AbstractAccessLogValve.log(AbstractAccessLogValve.java:633) at org.apache.catalina.core.AccessLogAdapter.log(AccessLogAdapter.java:51) at org.apache.catalina.core.StandardEngine.logAccess(StandardEngine.java:342) at org.apache.catalina.connector.CoyoteAdapter.log(CoyoteAdapter.java:674) at org.apache.coyote.http11.Http11NioProcessor.handleIncompleteRequestLineRead(Http11NioProcessor.java:240) at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:992) at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:655) at org.apache.coyote.http11.Http11NioProtocol$Http11ConnectionHandler.process(Http11NioProtocol.java:222) at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1565) at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1522) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) at java.lang.Thread.run(Thread.java:745) ]]] The issue is that logging is invoked at org.apache.coyote.http11.Http11NioProcessor.handleIncompleteRequestLineRead(Http11NioProcessor.java:240) As that time Tomcat runs a keep-alive loop, and the loop is interrupted because connector is paused. Expected behaviour --- 1. If none characters from the request line have been read, then do not log anything. There was no request coming. 2. If some characters from the request line have been read, then create an access log entry, but one must call req.setStartTime() to initialize the tine value. In 2. the request line will be truncated, but there might be some (though small) worth in logging it. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 56620] Bogus access log entries with status 503 and date in year 1970 (the epoch) when pausing NIO connector
https://issues.apache.org/bugzilla/show_bug.cgi?id=56620 --- Comment #1 from Konstantin Kolinko knst.koli...@gmail.com --- Created attachment 31711 -- https://issues.apache.org/bugzilla/attachment.cgi?id=31711action=edit 2014-06-13_tc8_56620_debug.patch Debug logging statement for AbstractAccessLogValve, as mentioned in description. Not for production. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 56620] Bogus access log entries with status 503 and date in year 1970 (the epoch) when pausing NIO connector
https://issues.apache.org/bugzilla/show_bug.cgi?id=56620 --- Comment #2 from Konstantin Kolinko knst.koli...@gmail.com --- Created attachment 31712 -- https://issues.apache.org/bugzilla/attachment.cgi?id=31712action=edit access_log.2014-06-13 Access log file from the test run, demonstrating the issue -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 56620] Bogus access log entries with status 503 and date in year 1970 (the epoch) when pausing NIO connector
https://issues.apache.org/bugzilla/show_bug.cgi?id=56620 --- Comment #3 from Konstantin Kolinko knst.koli...@gmail.com --- Created attachment 31713 -- https://issues.apache.org/bugzilla/attachment.cgi?id=31713action=edit TEST-org.apache.jasper.compiler.TestGenerator.NIO.txt Test log file from the test run, demonstrating the issue -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Tomcat Wiki] Update of FAQ/Security by KonstantinKolinko
Dear Wiki user, You have subscribed to a wiki page or wiki category on Tomcat Wiki for change notification. The FAQ/Security page has been changed by KonstantinKolinko: https://wiki.apache.org/tomcat/FAQ/Security?action=diffrev1=16rev2=17 Comment: Improve links. Add note on CVE-2009-3548 === Links === * Known vulnerabilities [[http://tomcat.apache.org/security.html]] - * Security considerations (Apache Tomcat 7 documentation) [[http://tomcat.apache.org/tomcat-7.0-doc/security-howto.html]] + * Security considerations (Tomcat documentation) - [[http://tomcat.apache.org/tomcat-8.0-doc/security-howto.html|Tomcat 8]], [[http://tomcat.apache.org/tomcat-7.0-doc/security-howto.html|Tomcat 7]] == Questions == 1. [[#Q1|How do I use OpenSSL to set up my own Certificate Authority (CA)?]] @@ -58, +58 @@ Anchor(Q5) === What is the default login for the manager and admin app? === - The admin and manager application do not provide a default login. Doing so is a security flaw. You need to edit $CATALINA_HOME/conf/tomcat-users.xml if you are using the default install. [[http://tomcat.apache.org/tomcat-7.0-doc/manager-howto.html#Configuring%20Manager%20Application%20Access|Configuring Manager Application Access]] + The admin and manager application do not provide a default login. Doing so would be a security flaw. You need to edit $CATALINA_HOME/conf/tomcat-users.xml file if you are using the default install. See [[http://tomcat.apache.org/tomcat-8.0-doc/manager-howto.html#Configuring_Manager_Application_Access|Configuring Manager Application Access]] for details. + + Note that there exists malware that tries to guess the manager password. + + There was once a bug that blindly clicking-trough the Windows installer configured a manager user with blank password ([[http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.24|CVE-2009-3548]]). This was fixed by April 2010 (Tomcat 5.5.29, 6.0.24 and later are safe). Anchor(Q6) === How do I restrict access by ip address or remote host? === - By using the {{{RemoteHostValve}}} or {{{RemoteAddrValve}}}. Warning, these valves rely on accurate incoming ip addresses or hostnames. So they can fall victim to spoofing! See also {{{RemoteIpValve}}}. [[http://tomcat.apache.org/tomcat-7.0-doc/config/valve.html|Valve Reference Link]] + By using the {{{RemoteHostValve}}} or {{{RemoteAddrValve}}}. Warning, these valves rely on accurate incoming ip addresses or hostnames. So they can fall victim to spoofing! See also {{{RemoteIpValve}}}. [[http://tomcat.apache.org/tomcat-8.0-doc/config/valve.html#Access_Control|Valve Reference Link]] Anchor(Q7) === How do I use jsvc/procrun to run Tomcat on port 80 securely? === - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1602419 - /tomcat/tc7.0.x/trunk/java/org/apache/coyote/http11/AbstractInputBuffer.java
Author: markt Date: Fri Jun 13 13:30:26 2014 New Revision: 1602419 URL: http://svn.apache.org/r1602419 Log: Clean-up Modified: tomcat/tc7.0.x/trunk/java/org/apache/coyote/http11/AbstractInputBuffer.java Modified: tomcat/tc7.0.x/trunk/java/org/apache/coyote/http11/AbstractInputBuffer.java URL: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/coyote/http11/AbstractInputBuffer.java?rev=1602419r1=1602418r2=1602419view=diff == --- tomcat/tc7.0.x/trunk/java/org/apache/coyote/http11/AbstractInputBuffer.java (original) +++ tomcat/tc7.0.x/trunk/java/org/apache/coyote/http11/AbstractInputBuffer.java Fri Jun 13 13:30:26 2014 @@ -305,14 +305,12 @@ public abstract class AbstractInputBuffe * * @throws IOException an underlying I/O error occurred */ -public void endRequest() -throws IOException { +public void endRequest() throws IOException { if (swallowInput (lastActiveFilter != -1)) { int extraBytes = (int) activeFilters[lastActiveFilter].end(); pos = pos - extraBytes; } - } - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1602420 - /tomcat/tc7.0.x/trunk/test/org/apache/coyote/http11/TestAbstractHttp11Processor.java
Author: markt Date: Fri Jun 13 13:31:27 2014 New Revision: 1602420 URL: http://svn.apache.org/r1602420 Log: Add a (currently disabled) test for errors with a chunked response after the response has been committed. Modified: tomcat/tc7.0.x/trunk/test/org/apache/coyote/http11/TestAbstractHttp11Processor.java Modified: tomcat/tc7.0.x/trunk/test/org/apache/coyote/http11/TestAbstractHttp11Processor.java URL: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/test/org/apache/coyote/http11/TestAbstractHttp11Processor.java?rev=1602420r1=1602419r2=1602420view=diff == --- tomcat/tc7.0.x/trunk/test/org/apache/coyote/http11/TestAbstractHttp11Processor.java (original) +++ tomcat/tc7.0.x/trunk/test/org/apache/coyote/http11/TestAbstractHttp11Processor.java Fri Jun 13 13:31:27 2014 @@ -40,6 +40,7 @@ import static org.junit.Assert.assertFal import static org.junit.Assert.assertTrue; import org.junit.Assert; +import org.junit.Ignore; import org.junit.Test; import org.apache.catalina.Context; @@ -53,6 +54,75 @@ import org.apache.tomcat.util.buf.ByteCh public class TestAbstractHttp11Processor extends TomcatBaseTest { @Test +@Ignore +public void testResponseWithErrorChunked() throws Exception { +Tomcat tomcat = getTomcatInstance(); + +// Must have a real docBase - just use temp +Context ctxt = tomcat.addContext(, System.getProperty(java.io.tmpdir)); + +// Add protected servlet +Tomcat.addServlet(ctxt, ChunkedResponseWithErrorServlet, +new ResponseWithErrorServlet(true)); +ctxt.addServletMapping(/*, ChunkedResponseWithErrorServlet); + +tomcat.start(); + +String request = +GET /anything HTTP/1.1 + SimpleHttpClient.CRLF + +Host: any + SimpleHttpClient.CRLF + + SimpleHttpClient.CRLF; + +Client client = new Client(tomcat.getConnector().getLocalPort()); +client.setRequest(new String[] {request}); + +client.connect(); +client.processRequest(); + +// Expected response is a 200 response followed by an incomplete chunked +// body. +assertTrue(client.isResponse200()); +// There should not be an end chunk +assertFalse(client.getResponseBody().endsWith(0)); +} + +private static class ResponseWithErrorServlet extends HttpServlet { + +private static final long serialVersionUID = 1L; + +private final boolean useChunks; + +public ResponseWithErrorServlet(boolean useChunks) { +this.useChunks = useChunks; +} + +@Override +protected void doGet(HttpServletRequest req, HttpServletResponse resp) +throws ServletException, IOException { + +resp.setContentType(text/plain); +resp.setCharacterEncoding(UTF-8); +if (!useChunks) { +// Longer than it needs to be because response will fail before +// it is complete +resp.setContentLength(100); +} +PrintWriter pw = resp.getWriter(); +pw.print(line01); +pw.flush(); +resp.flushBuffer(); +pw.print(line02); +pw.flush(); +resp.flushBuffer(); +pw.print(line03); + +// Now throw a RuntimeException to end this request +throw new ServletException(Deliberate failure); +} +} + + +@Test public void testWithUnknownExpectation() throws Exception { Tomcat tomcat = getTomcatInstance(); - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1602429 - in /tomcat/tc7.0.x/trunk: ./ java/org/apache/coyote/ java/org/apache/coyote/ajp/ java/org/apache/coyote/http11/
Author: markt Date: Fri Jun 13 13:57:27 2014 New Revision: 1602429 URL: http://svn.apache.org/r1602429 Log: Refactoring. Switch from a boolean to an Enum for error state so we can differentiate between an error that requires the connection is closed after the current response is completed and an error that requires that the connection is closed immediately. This commit should be a NO-OP. While the different error states are set, the only the presence of an error (or not) is tested - i.e. no change from the implementation prior to this commit. Try to be consistent when an error occurs. Set the status code first (if required), then set the error state and finally log (if required). Added: tomcat/tc7.0.x/trunk/java/org/apache/coyote/ErrorState.java - copied unchanged from r1600109, tomcat/trunk/java/org/apache/coyote/ErrorState.java Modified: tomcat/tc7.0.x/trunk/ (props changed) tomcat/tc7.0.x/trunk/java/org/apache/coyote/AbstractProcessor.java tomcat/tc7.0.x/trunk/java/org/apache/coyote/ajp/AbstractAjpProcessor.java tomcat/tc7.0.x/trunk/java/org/apache/coyote/ajp/AjpAprProcessor.java tomcat/tc7.0.x/trunk/java/org/apache/coyote/ajp/AjpNioProcessor.java tomcat/tc7.0.x/trunk/java/org/apache/coyote/ajp/AjpProcessor.java tomcat/tc7.0.x/trunk/java/org/apache/coyote/http11/AbstractHttp11Processor.java tomcat/tc7.0.x/trunk/java/org/apache/coyote/http11/Http11AprProcessor.java tomcat/tc7.0.x/trunk/java/org/apache/coyote/http11/Http11NioProcessor.java Propchange: tomcat/tc7.0.x/trunk/ -- Merged /tomcat/trunk:r1600109 Modified: tomcat/tc7.0.x/trunk/java/org/apache/coyote/AbstractProcessor.java URL: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/coyote/AbstractProcessor.java?rev=1602429r1=1602428r2=1602429view=diff == --- tomcat/tc7.0.x/trunk/java/org/apache/coyote/AbstractProcessor.java (original) +++ tomcat/tc7.0.x/trunk/java/org/apache/coyote/AbstractProcessor.java Fri Jun 13 13:57:27 2014 @@ -38,9 +38,9 @@ public abstract class AbstractProcessor protected SocketWrapperS socketWrapper = null; /** - * Error flag. + * Error state for the request/response currently being processed. */ -protected boolean error; +private ErrorState errorState; /** @@ -64,6 +64,24 @@ public abstract class AbstractProcessor /** + * Update the current error state to the new error state if the new error + * state is more severe than the current error state. + */ +protected void setErrorState(ErrorState errorState) { +this.errorState = this.errorState.getMostSevere(errorState); +} + + +protected void resetErrorState() { +errorState = ErrorState.NONE; +} + + +protected ErrorState getErrorState() { +return errorState; +} + +/** * The endpoint receiving connections that are handled by this processor. */ protected AbstractEndpoint getEndpoint() { Modified: tomcat/tc7.0.x/trunk/java/org/apache/coyote/ajp/AbstractAjpProcessor.java URL: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/coyote/ajp/AbstractAjpProcessor.java?rev=1602429r1=1602428r2=1602429view=diff == --- tomcat/tc7.0.x/trunk/java/org/apache/coyote/ajp/AbstractAjpProcessor.java (original) +++ tomcat/tc7.0.x/trunk/java/org/apache/coyote/ajp/AbstractAjpProcessor.java Fri Jun 13 13:57:27 2014 @@ -30,6 +30,7 @@ import javax.servlet.http.HttpServletRes import org.apache.coyote.AbstractProcessor; import org.apache.coyote.ActionCode; import org.apache.coyote.AsyncContextCallback; +import org.apache.coyote.ErrorState; import org.apache.coyote.InputBuffer; import org.apache.coyote.OutputBuffer; import org.apache.coyote.Request; @@ -322,15 +323,13 @@ public abstract class AbstractAjpProcess try { prepareResponse(); } catch (IOException e) { -// Set error flag -error = true; +setErrorState(ErrorState.CLOSE_NOW); } try { flush(false); } catch (IOException e) { -// Set error flag -error = true; +setErrorState(ErrorState.CLOSE_NOW); } break; } @@ -340,8 +339,7 @@ public abstract class AbstractAjpProcess try { prepareResponse(); } catch (IOException e) { -// Set error flag -error = true; +setErrorState(ErrorState.CLOSE_NOW); return; } } @@ -349,19 +347,18 @@ public abstract class AbstractAjpProcess try { flush(true);
svn commit: r1602431 - in /tomcat/tc7.0.x/trunk: ./ java/org/apache/coyote/ java/org/apache/coyote/ajp/ java/org/apache/coyote/http11/
Author: markt Date: Fri Jun 13 14:00:54 2014 New Revision: 1602431 URL: http://svn.apache.org/r1602431 Log: Move resetting of error state to the processor's recycle method. Modified: tomcat/tc7.0.x/trunk/ (props changed) tomcat/tc7.0.x/trunk/java/org/apache/coyote/AbstractProcessor.java tomcat/tc7.0.x/trunk/java/org/apache/coyote/ajp/AbstractAjpProcessor.java tomcat/tc7.0.x/trunk/java/org/apache/coyote/ajp/AjpAprProcessor.java tomcat/tc7.0.x/trunk/java/org/apache/coyote/ajp/AjpNioProcessor.java tomcat/tc7.0.x/trunk/java/org/apache/coyote/ajp/AjpProcessor.java tomcat/tc7.0.x/trunk/java/org/apache/coyote/http11/AbstractHttp11Processor.java Propchange: tomcat/tc7.0.x/trunk/ -- Merged /tomcat/trunk:r1600162 Modified: tomcat/tc7.0.x/trunk/java/org/apache/coyote/AbstractProcessor.java URL: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/coyote/AbstractProcessor.java?rev=1602431r1=1602430r2=1602431view=diff == --- tomcat/tc7.0.x/trunk/java/org/apache/coyote/AbstractProcessor.java (original) +++ tomcat/tc7.0.x/trunk/java/org/apache/coyote/AbstractProcessor.java Fri Jun 13 14:00:54 2014 @@ -40,7 +40,7 @@ public abstract class AbstractProcessor /** * Error state for the request/response currently being processed. */ -private ErrorState errorState; +private ErrorState errorState = ErrorState.NONE; /** Modified: tomcat/tc7.0.x/trunk/java/org/apache/coyote/ajp/AbstractAjpProcessor.java URL: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/coyote/ajp/AbstractAjpProcessor.java?rev=1602431r1=1602430r2=1602431view=diff == --- tomcat/tc7.0.x/trunk/java/org/apache/coyote/ajp/AbstractAjpProcessor.java (original) +++ tomcat/tc7.0.x/trunk/java/org/apache/coyote/ajp/AbstractAjpProcessor.java Fri Jun 13 14:00:54 2014 @@ -620,6 +620,7 @@ public abstract class AbstractAjpProcess certificates.recycle(); swallowResponse = false; bytesWritten = 0; +resetErrorState(); } Modified: tomcat/tc7.0.x/trunk/java/org/apache/coyote/ajp/AjpAprProcessor.java URL: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/coyote/ajp/AjpAprProcessor.java?rev=1602431r1=1602430r2=1602431view=diff == --- tomcat/tc7.0.x/trunk/java/org/apache/coyote/ajp/AjpAprProcessor.java (original) +++ tomcat/tc7.0.x/trunk/java/org/apache/coyote/ajp/AjpAprProcessor.java Fri Jun 13 14:00:54 2014 @@ -109,8 +109,6 @@ public class AjpAprProcessor extends Abs Socket.setsbb(socketRef, outputBuffer); boolean cping = false; -resetErrorState(); - boolean keptAlive = false; while (!getErrorState().isError() !endpoint.isPaused()) { Modified: tomcat/tc7.0.x/trunk/java/org/apache/coyote/ajp/AjpNioProcessor.java URL: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/coyote/ajp/AjpNioProcessor.java?rev=1602431r1=1602430r2=1602431view=diff == --- tomcat/tc7.0.x/trunk/java/org/apache/coyote/ajp/AjpNioProcessor.java (original) +++ tomcat/tc7.0.x/trunk/java/org/apache/coyote/ajp/AjpNioProcessor.java Fri Jun 13 14:00:54 2014 @@ -94,8 +94,6 @@ public class AjpNioProcessor extends Abs long soTimeout = endpoint.getSoTimeout(); boolean cping = false; -resetErrorState(); - while (!getErrorState().isError() !endpoint.isPaused()) { // Parsing the request header try { Modified: tomcat/tc7.0.x/trunk/java/org/apache/coyote/ajp/AjpProcessor.java URL: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/coyote/ajp/AjpProcessor.java?rev=1602431r1=1602430r2=1602431view=diff == --- tomcat/tc7.0.x/trunk/java/org/apache/coyote/ajp/AjpProcessor.java (original) +++ tomcat/tc7.0.x/trunk/java/org/apache/coyote/ajp/AjpProcessor.java Fri Jun 13 14:00:54 2014 @@ -107,8 +107,6 @@ public class AjpProcessor extends Abstra } boolean cping = false; -resetErrorState(); - while (!getErrorState().isError() !endpoint.isPaused()) { // Parsing the request header try { Modified: tomcat/tc7.0.x/trunk/java/org/apache/coyote/http11/AbstractHttp11Processor.java URL: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/coyote/http11/AbstractHttp11Processor.java?rev=1602431r1=1602430r2=1602431view=diff == --- tomcat/tc7.0.x/trunk/java/org/apache/coyote/http11/AbstractHttp11Processor.java (original) +++
svn commit: r1602432 - in /tomcat/tc7.0.x/trunk: ./ java/org/apache/coyote/AbstractProcessor.java
Author: markt Date: Fri Jun 13 14:03:50 2014 New Revision: 1602432 URL: http://svn.apache.org/r1602432 Log: Trivial formatting change Modified: tomcat/tc7.0.x/trunk/ (props changed) tomcat/tc7.0.x/trunk/java/org/apache/coyote/AbstractProcessor.java Propchange: tomcat/tc7.0.x/trunk/ -- Merged /tomcat/trunk:r1600408 Modified: tomcat/tc7.0.x/trunk/java/org/apache/coyote/AbstractProcessor.java URL: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/coyote/AbstractProcessor.java?rev=1602432r1=1602431r2=1602432view=diff == --- tomcat/tc7.0.x/trunk/java/org/apache/coyote/AbstractProcessor.java (original) +++ tomcat/tc7.0.x/trunk/java/org/apache/coyote/AbstractProcessor.java Fri Jun 13 14:03:50 2014 @@ -54,9 +54,7 @@ public abstract class AbstractProcessor public AbstractProcessor(AbstractEndpoint endpoint) { this.endpoint = endpoint; asyncStateMachine = new AsyncStateMachineS(this); - request = new Request(); - response = new Response(); response.setHook(this); request.setResponse(response); @@ -165,8 +163,7 @@ public abstract class AbstractProcessor * with although they may change type during processing. */ @Override -public abstract SocketState process(SocketWrapperS socket) -throws IOException; +public abstract SocketState process(SocketWrapperS socket) throws IOException; /** * Process in-progress Comet requests. These will start as HTTP requests. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1602443 - in /tomcat/tc7.0.x/trunk: ./ java/org/apache/catalina/connector/ java/org/apache/catalina/core/ java/org/apache/catalina/valves/ java/org/apache/coyote/ java/org/apache/coyote/a
Author: markt Date: Fri Jun 13 14:27:50 2014 New Revision: 1602443 URL: http://svn.apache.org/r1602443 Log: When an error occurs after the response has been committed close the connection immediately rather than attempting to finish the response to make it easier for the client to differentiate between a complete response and one that failed part way though. Modified: tomcat/tc7.0.x/trunk/ (props changed) tomcat/tc7.0.x/trunk/java/org/apache/catalina/connector/Response.java tomcat/tc7.0.x/trunk/java/org/apache/catalina/core/StandardHostValve.java tomcat/tc7.0.x/trunk/java/org/apache/catalina/core/StandardWrapperValve.java tomcat/tc7.0.x/trunk/java/org/apache/catalina/valves/ErrorReportValve.java tomcat/tc7.0.x/trunk/java/org/apache/coyote/ActionCode.java tomcat/tc7.0.x/trunk/java/org/apache/coyote/ajp/AbstractAjpProcessor.java tomcat/tc7.0.x/trunk/java/org/apache/coyote/ajp/AjpAprProcessor.java tomcat/tc7.0.x/trunk/java/org/apache/coyote/ajp/AjpNioProcessor.java tomcat/tc7.0.x/trunk/java/org/apache/coyote/ajp/AjpProcessor.java tomcat/tc7.0.x/trunk/java/org/apache/coyote/http11/AbstractHttp11Processor.java tomcat/tc7.0.x/trunk/test/org/apache/coyote/http11/TestAbstractHttp11Processor.java tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml Propchange: tomcat/tc7.0.x/trunk/ -- Merged /tomcat/trunk:r1600449,1600495,1600501,1600579-1600580,1600862,1600965 Modified: tomcat/tc7.0.x/trunk/java/org/apache/catalina/connector/Response.java URL: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/catalina/connector/Response.java?rev=1602443r1=1602442r2=1602443view=diff == --- tomcat/tc7.0.x/trunk/java/org/apache/catalina/connector/Response.java (original) +++ tomcat/tc7.0.x/trunk/java/org/apache/catalina/connector/Response.java Fri Jun 13 14:27:50 2014 @@ -238,6 +238,7 @@ public class Response * The error flag. */ protected boolean error = false; +private boolean errorAfterCommit = false; /** @@ -279,6 +280,7 @@ public class Response appCommitted = false; included = false; error = false; +errorAfterCommit = false; isCharacterEncodingSet = false; if (Globals.IS_SECURITY_ENABLED || Connector.RECYCLE_FACADES) { @@ -469,7 +471,14 @@ public class Response * Set the error flag. */ public void setError() { -error = true; +if (!error) { +error = true; +errorAfterCommit = coyoteResponse.isCommitted(); +Wrapper wrapper = getRequest().getWrapper(); +if (wrapper != null) { +wrapper.incrementErrorCount(); +} +} } @@ -481,6 +490,11 @@ public class Response } +public boolean isErrorAfterCommit() { +return errorAfterCommit; +} + + /** * Create and return a ServletOutputStream to write the content * associated with this Response. @@ -1311,11 +1325,6 @@ public class Response return; } -Wrapper wrapper = getRequest().getWrapper(); -if (wrapper != null) { -wrapper.incrementErrorCount(); -} - setError(); coyoteResponse.setStatus(status); @@ -1884,7 +1893,4 @@ public class Response return (sb.toString()); } - - } - Modified: tomcat/tc7.0.x/trunk/java/org/apache/catalina/core/StandardHostValve.java URL: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/catalina/core/StandardHostValve.java?rev=1602443r1=1602442r2=1602443view=diff == --- tomcat/tc7.0.x/trunk/java/org/apache/catalina/core/StandardHostValve.java (original) +++ tomcat/tc7.0.x/trunk/java/org/apache/catalina/core/StandardHostValve.java Fri Jun 13 14:27:50 2014 @@ -337,7 +337,7 @@ final class StandardHostValve extends Va request.getRequestURI()); if (custom(request, response, errorPage)) { try { -response.flushBuffer(); +response.finishResponse(); } catch (ClientAbortException e) { // Ignore } catch (IOException e) { @@ -411,7 +411,7 @@ final class StandardHostValve extends Va realError.getClass()); if (custom(request, response, errorPage)) { try { -response.flushBuffer(); +response.finishResponse(); } catch (IOException e) { container.getLogger().warn(Exception Processing + errorPage, e); } Modified: tomcat/tc7.0.x/trunk/java/org/apache/catalina/core/StandardWrapperValve.java URL:
svn commit: r1602452 - /tomcat/trunk/webapps/docs/changelog.xml
Author: kkolinko Date: Fri Jun 13 14:56:58 2014 New Revision: 1602452 URL: http://svn.apache.org/r1602452 Log: Changelog entry for r1599500 Modified: tomcat/trunk/webapps/docs/changelog.xml Modified: tomcat/trunk/webapps/docs/changelog.xml URL: http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1602452r1=1602451r2=1602452view=diff == --- tomcat/trunk/webapps/docs/changelog.xml (original) +++ tomcat/trunk/webapps/docs/changelog.xml Fri Jun 13 14:56:58 2014 @@ -175,6 +175,10 @@ connectors. (kkolinko) /fix fix +If request contains an unrecognized Expect header, respond with error +417 (Expectation Failed), according to RFC2616 chapter 14.20. (markt) + /fix + fix When an error occurs after the response has been committed close the connection immediately rather than attempting to finish the response to make it easier for the client to differentiate between a complete - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1602455 - in /tomcat/tc7.0.x/trunk: ./ webapps/docs/changelog.xml
Author: kkolinko Date: Fri Jun 13 14:59:49 2014 New Revision: 1602455 URL: http://svn.apache.org/r1602455 Log: Changelog entry for r1602381 Modified: tomcat/tc7.0.x/trunk/ (props changed) tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml Propchange: tomcat/tc7.0.x/trunk/ -- Merged /tomcat/trunk:r1602452 Modified: tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml URL: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml?rev=1602455r1=1602454r2=1602455view=diff == --- tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml (original) +++ tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml Fri Jun 13 14:59:49 2014 @@ -117,6 +117,10 @@ chain of elseifs. (kkolinko) /scode fix +If request contains an unrecognized Expect header, respond with error +417 (Expectation Failed), according to RFC2616 chapter 14.20. (markt) + /fix + fix When an error occurs after the response has been committed close the connection immediately rather than attempting to finish the response to make it easier for the client to differentiate between a complete - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1602458 - /tomcat/trunk/webapps/docs/changelog.xml
Author: kkolinko Date: Fri Jun 13 15:11:22 2014 New Revision: 1602458 URL: http://svn.apache.org/r1602458 Log: Amend changelog entry for r1597982 and move it into Coyote section (instead of Jasper one). Modified: tomcat/trunk/webapps/docs/changelog.xml Modified: tomcat/trunk/webapps/docs/changelog.xml URL: http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1602458r1=1602457r2=1602458view=diff == --- tomcat/trunk/webapps/docs/changelog.xml (original) +++ tomcat/trunk/webapps/docs/changelog.xml Fri Jun 13 15:11:22 2014 @@ -166,6 +166,11 @@ fix Fix input concurrency issue in NIO2 upgrade. (remm) /fix + fix +Correct a copy/paste error and return a 500 response rather than a 400 +response when an internal server error occurs on early stages of +request processing. (markt) + /fix scode bug56582/bug: Use switch(actionCode) in processors instead of a chain of elseifs. (kkolinko) @@ -211,10 +216,6 @@ by Greg Wilkins. (markt) /add fix -Correct a copy/paste error and return a 500 response rather than a 400 -response when an internal server error occurs. (markt) - /fix - fix bug56568/bug: Allow any HTTP method when a JSP is being used as an error page. (markt) /fix - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1602459 - /tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml
Author: kkolinko Date: Fri Jun 13 15:13:53 2014 New Revision: 1602459 URL: http://svn.apache.org/r1602459 Log: Add changelog entry for r1602243 and similar earlier changes. That change was a backport of r1597982. Modified: tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml Modified: tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml URL: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml?rev=1602459r1=1602458r2=1602459view=diff == --- tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml (original) +++ tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml Fri Jun 13 15:13:53 2014 @@ -112,6 +112,11 @@ buffer when the buffer is only partially written on a subsequent write. (markt) /fix + fix +Correct a copy/paste error and return a 500 response rather than a 400 +response when an internal server error occurs on early stages of +request processing. (markt) + /fix scode bug56582/bug: Use switch(actionCode) in processors instead of a chain of elseifs. (kkolinko) - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
RE: svn commit: r1602381 - in /tomcat/tc7.0.x/trunk: ./ java/org/apache/coyote/http11/AbstractHttp11Processor.java test/org/apache/catalina/startup/SimpleHttpClient.java test/org/apache/coyote/http11/
Hi, -Original Message- From: ma...@apache.org [mailto:ma...@apache.org] Sent: Friday, June 13, 2014 1:27 PM Author: markt Date: Fri Jun 13 11:26:36 2014 New Revision: 1602381 URL: http://svn.apache.org/r1602381 Log: As per RFC2616, an unknown expect header should result in a 417 response. JFYI, according to Mark Notthingham from IETF [1], RFC2616 should not be used any more: Don’t use RFC2616. Delete it from your hard drives, bookmarks, and burn (or responsibly recycle) any copies that are printed out. New RFCs have been released that clarify HTTP/1.1: RFC7230 - HTTP/1.1: Message Syntax and Routing RFC7231 - HTTP/1.1: Semantics and Content RFC7232 - HTTP/1.1: Conditional Requests RFC7233 - HTTP/1.1: Range Requests RFC7234 - HTTP/1.1: Caching RFC7235 - HTTP/1.1: Authentication Regards, Konstantin Preißer [1] https://www.mnot.net/blog/2014/06/07/rfc2616_is_dead - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: svn commit: r1602386 - in /tomcat/tc7.0.x/trunk: ./ java/org/apache/coyote/http11/AbstractHttp11Processor.java
2014-06-13 15:37 GMT+04:00 ma...@apache.org: Author: markt Date: Fri Jun 13 11:37:24 2014 New Revision: 1602386 URL: http://svn.apache.org/r1602386 Log: Tiny bit of de-duplication. Add reference to RFC2616 for case insensitivity of transfer encoding names. Modified: tomcat/tc7.0.x/trunk/ (props changed) tomcat/tc7.0.x/trunk/java/org/apache/coyote/http11/AbstractHttp11Processor.java Propchange: tomcat/tc7.0.x/trunk/ -- Merged /tomcat/trunk:r1599739 Modified: tomcat/tc7.0.x/trunk/java/org/apache/coyote/http11/AbstractHttp11Processor.java URL: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/coyote/http11/AbstractHttp11Processor.java?rev=1602386r1=1602385r2=1602386view=diff == --- tomcat/tc7.0.x/trunk/java/org/apache/coyote/http11/AbstractHttp11Processor.java (original) +++ tomcat/tc7.0.x/trunk/java/org/apache/coyote/http11/AbstractHttp11Processor.java Fri Jun 13 11:37:24 2014 @@ -713,8 +713,12 @@ public abstract class AbstractHttp11Proc * Add an input filter to the current request. If the encoding is not * supported, a 501 response will be returned to the client. */ -protected void addInputFilter(InputFilter[] inputFilters, - String encodingName) { +private void addInputFilter(InputFilter[] inputFilters, String encodingName) { + +// Trim provided encoding name and convert to lower case since transfer +// encoding names are case insensitive. (RFC2616, section 3.6) +encodingName = encodingName.trim().toLowerCase(Locale.ENGLISH); + if (encodingName.equals(identity)) { // Skip } else if (encodingName.equals(chunked)) { @@ -1314,14 +1318,12 @@ public abstract class AbstractHttp11Proc int commaPos = transferEncodingValue.indexOf(','); String encodingName = null; while (commaPos != -1) { -encodingName = transferEncodingValue.substring( -startPos, commaPos).toLowerCase(Locale.ENGLISH).trim(); +encodingName = transferEncodingValue.substring(startPos, commaPos); The new code needs trim() in the above line. Conversion to lowercase can be done once, but trimming must be done for each encodingName in the loop there. [quote] #rule A construct # is defined, similar to *, for defining lists of elements. The full form is n#melement indicating at least n and at most m elements, each separated by one or more commas (,) and OPTIONAL linear white space (LWS). This makes the usual form of lists very easy; a rule such as ( *LWS element *( *LWS , *LWS element )) [/quote] Thus LWS is allowed between list elements. Transfer-Encoding = Transfer-Encoding : 1#transfer-coding addInputFilter(inputFilters, encodingName); startPos = commaPos + 1; commaPos = transferEncodingValue.indexOf(',', startPos); } -encodingName = transferEncodingValue.substring( -startPos).toLowerCase(Locale.ENGLISH).trim(); +encodingName = transferEncodingValue.substring(startPos); addInputFilter(inputFilters, encodingName); } - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: svn commit: r1602381 - in /tomcat/tc7.0.x/trunk: ./ java/org/apache/coyote/http11/AbstractHttp11Processor.java test/org/apache/catalina/startup/SimpleHttpClient.java test/org/apache/coyote/http11/
2014-06-13 19:16 GMT+04:00 Konstantin Preißer kpreis...@apache.org: Hi, -Original Message- From: ma...@apache.org [mailto:ma...@apache.org] Sent: Friday, June 13, 2014 1:27 PM Author: markt Date: Fri Jun 13 11:26:36 2014 New Revision: 1602381 URL: http://svn.apache.org/r1602381 Log: As per RFC2616, an unknown expect header should result in a 417 response. JFYI, according to Mark Notthingham from IETF [1], RFC2616 should not be used any more: Don’t use RFC2616. Delete it from your hard drives, bookmarks, and burn (or responsibly recycle) any copies that are printed out. New RFCs have been released that clarify HTTP/1.1: RFC7230 - HTTP/1.1: Message Syntax and Routing RFC7231 - HTTP/1.1: Semantics and Content RFC7232 - HTTP/1.1: Conditional Requests RFC7233 - HTTP/1.1: Range Requests RFC7234 - HTTP/1.1: Caching RFC7235 - HTTP/1.1: Authentication Regards, Konstantin Preißer [1] https://www.mnot.net/blog/2014/06/07/rfc2616_is_dead Thank you for head-ups. In this particular case the new reference is RFC7231 Section. The differences that I note are that a) Only 100-continue is allowed as the value. The syntax is no more extensible. b) MUST respond with a 417 was replaced with MAY respond with a 417. So the code is OK. [2] http://tools.ietf.org/html/rfc7231#section-5.1.1 Best regards, Konstantin Kolinko - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[jira] [Created] (MTOMCAT-271) My MyStuff
Mark Barton created MTOMCAT-271: --- Summary: My MyStuff Key: MTOMCAT-271 URL: https://issues.apache.org/jira/browse/MTOMCAT-271 Project: Apache Tomcat Maven Plugin Issue Type: Test Components: tomcat6 Affects Versions: 2.2 Environment: Tomcat 7 Reporter: Mark Barton Assignee: Olivier Lamy (*$^¨%`£) Fix For: 3.0 This is all about the rig -- This message was sent by Atlassian JIRA (v6.2#6252) - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
buildbot success in ASF Buildbot on tomcat-7-trunk
The Buildbot has detected a restored build on builder tomcat-7-trunk while building ASF Buildbot. Full details are available at: http://ci.apache.org/builders/tomcat-7-trunk/builds/118 Buildbot URL: http://ci.apache.org/ Buildslave for this Build: bb-vm_ubuntu Build Reason: scheduler Build Source Stamp: [branch tomcat/tc7.0.x/trunk] 1602459 Blamelist: kkolinko,markt Build succeeded! sincerely, -The Buildbot - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1602483 - in /tomcat/tc7.0.x/trunk: ./ java/org/apache/coyote/Adapter.java
Author: markt Date: Fri Jun 13 17:28:54 2014 New Revision: 1602483 URL: http://svn.apache.org/r1602483 Log: (empty) Modified: tomcat/tc7.0.x/trunk/ (props changed) tomcat/tc7.0.x/trunk/java/org/apache/coyote/Adapter.java Propchange: tomcat/tc7.0.x/trunk/ -- Merged /tomcat/trunk:r1601977 Modified: tomcat/tc7.0.x/trunk/java/org/apache/coyote/Adapter.java URL: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/coyote/Adapter.java?rev=1602483r1=1602482r2=1602483view=diff == --- tomcat/tc7.0.x/trunk/java/org/apache/coyote/Adapter.java (original) +++ tomcat/tc7.0.x/trunk/java/org/apache/coyote/Adapter.java Fri Jun 13 17:28:54 2014 @@ -14,12 +14,10 @@ * See the License for the specific language governing permissions and * limitations under the License. */ - package org.apache.coyote; import org.apache.tomcat.util.net.SocketStatus; - /** * Adapter. This represents the entry point in a coyote-based servlet container. * @@ -69,7 +67,7 @@ public interface Adapter { public void checkRecycled(Request req, Response res); /** - * Provide the name of the domain to use to register MBeans for conponents + * Provide the name of the domain to use to register MBeans for components * associated with the connector. * * @return The MBean domain name - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: [jira] [Created] (MTOMCAT-271) My MyStuff
On 13/06/2014 17:51, Mark Barton (JIRA) wrote: Mark Barton created MTOMCAT-271: --- Summary: My MyStuff Key: MTOMCAT-271 URL: https://issues.apache.org/jira/browse/MTOMCAT-271 Project: Apache Tomcat Maven Plugin Issue Type: Test Components: tomcat6 Affects Versions: 2.2 Environment: Tomcat 7 Reporter: Mark Barton Assignee: Olivier Lamy (*$^¨%`£) Fix For: 3.0 This is all about the rig Issue deleted. User locked out of Jira. Mark - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[jira] [Deleted] (MTOMCAT-271) My MyStuff
[ https://issues.apache.org/jira/browse/MTOMCAT-271?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Mark Thomas deleted MTOMCAT-271: My MyStuff -- Key: MTOMCAT-271 URL: https://issues.apache.org/jira/browse/MTOMCAT-271 Project: Apache Tomcat Maven Plugin Issue Type: Test Environment: Tomcat 7 Reporter: Mark Barton Assignee: Olivier Lamy (*$^¨%`£) This is all about the rig -- This message was sent by Atlassian JIRA (v6.2#6252) - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: svn commit: r1602386 - in /tomcat/tc7.0.x/trunk: ./ java/org/apache/coyote/http11/AbstractHttp11Processor.java
On 13/06/2014 16:23, Konstantin Kolinko wrote: 2014-06-13 15:37 GMT+04:00 ma...@apache.org: Author: markt Date: Fri Jun 13 11:37:24 2014 New Revision: 1602386 URL: http://svn.apache.org/r1602386 Log: Tiny bit of de-duplication. Add reference to RFC2616 for case insensitivity of transfer encoding names. Modified: tomcat/tc7.0.x/trunk/ (props changed) tomcat/tc7.0.x/trunk/java/org/apache/coyote/http11/AbstractHttp11Processor.java Propchange: tomcat/tc7.0.x/trunk/ -- Merged /tomcat/trunk:r1599739 Modified: tomcat/tc7.0.x/trunk/java/org/apache/coyote/http11/AbstractHttp11Processor.java URL: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/coyote/http11/AbstractHttp11Processor.java?rev=1602386r1=1602385r2=1602386view=diff == --- tomcat/tc7.0.x/trunk/java/org/apache/coyote/http11/AbstractHttp11Processor.java (original) +++ tomcat/tc7.0.x/trunk/java/org/apache/coyote/http11/AbstractHttp11Processor.java Fri Jun 13 11:37:24 2014 @@ -713,8 +713,12 @@ public abstract class AbstractHttp11Proc * Add an input filter to the current request. If the encoding is not * supported, a 501 response will be returned to the client. */ -protected void addInputFilter(InputFilter[] inputFilters, - String encodingName) { +private void addInputFilter(InputFilter[] inputFilters, String encodingName) { + +// Trim provided encoding name and convert to lower case since transfer +// encoding names are case insensitive. (RFC2616, section 3.6) +encodingName = encodingName.trim().toLowerCase(Locale.ENGLISH); + if (encodingName.equals(identity)) { // Skip } else if (encodingName.equals(chunked)) { @@ -1314,14 +1318,12 @@ public abstract class AbstractHttp11Proc int commaPos = transferEncodingValue.indexOf(','); String encodingName = null; while (commaPos != -1) { -encodingName = transferEncodingValue.substring( -startPos, commaPos).toLowerCase(Locale.ENGLISH).trim(); +encodingName = transferEncodingValue.substring(startPos, commaPos); The new code needs trim() in the above line. Conversion to lowercase can be done once, but trimming must be done for each encodingName in the loop there. Why? The possibly mixed-case, possibly non-trimmed value is passed to addInputFilter() where it is trimmed and converted to lower case. What am I missing? Mark - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1602489 - in /tomcat/tc7.0.x/trunk: ./ java/org/apache/coyote/AbstractProcessor.java java/org/apache/coyote/ajp/AbstractAjpProcessor.java java/org/apache/coyote/http11/AbstractHttp11Proce
Author: markt Date: Fri Jun 13 18:53:38 2014 New Revision: 1602489 URL: http://svn.apache.org/r1602489 Log: Pull up getLog() and add some supporting plumbing Modified: tomcat/tc7.0.x/trunk/ (props changed) tomcat/tc7.0.x/trunk/java/org/apache/coyote/AbstractProcessor.java tomcat/tc7.0.x/trunk/java/org/apache/coyote/ajp/AbstractAjpProcessor.java tomcat/tc7.0.x/trunk/java/org/apache/coyote/http11/AbstractHttp11Processor.java Propchange: tomcat/tc7.0.x/trunk/ -- Merged /tomcat/trunk:r1602189 Modified: tomcat/tc7.0.x/trunk/java/org/apache/coyote/AbstractProcessor.java URL: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/coyote/AbstractProcessor.java?rev=1602489r1=1602488r2=1602489view=diff == --- tomcat/tc7.0.x/trunk/java/org/apache/coyote/AbstractProcessor.java (original) +++ tomcat/tc7.0.x/trunk/java/org/apache/coyote/AbstractProcessor.java Fri Jun 13 18:53:38 2014 @@ -19,10 +19,12 @@ package org.apache.coyote; import java.io.IOException; import java.util.concurrent.Executor; +import org.apache.juli.logging.Log; import org.apache.tomcat.util.net.AbstractEndpoint; import org.apache.tomcat.util.net.AbstractEndpoint.Handler.SocketState; import org.apache.tomcat.util.net.SocketStatus; import org.apache.tomcat.util.net.SocketWrapper; +import org.apache.tomcat.util.res.StringManager; /** * Provides functionality and attributes common to all supported protocols @@ -30,6 +32,8 @@ import org.apache.tomcat.util.net.Socket */ public abstract class AbstractProcessorS implements ActionHook, ProcessorS { +protected static final StringManager sm = StringManager.getManager(Constants.Package); + protected Adapter adapter; protected AsyncStateMachineS asyncStateMachine; protected AbstractEndpoint endpoint; @@ -191,4 +195,6 @@ public abstract class AbstractProcessor @Deprecated @Override public abstract org.apache.coyote.http11.upgrade.UpgradeInbound getUpgradeInbound(); + +protected abstract Log getLog(); } Modified: tomcat/tc7.0.x/trunk/java/org/apache/coyote/ajp/AbstractAjpProcessor.java URL: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/coyote/ajp/AbstractAjpProcessor.java?rev=1602489r1=1602488r2=1602489view=diff == --- tomcat/tc7.0.x/trunk/java/org/apache/coyote/ajp/AbstractAjpProcessor.java (original) +++ tomcat/tc7.0.x/trunk/java/org/apache/coyote/ajp/AbstractAjpProcessor.java Fri Jun 13 18:53:38 2014 @@ -37,7 +37,6 @@ import org.apache.coyote.Request; import org.apache.coyote.RequestInfo; import org.apache.coyote.Response; import org.apache.coyote.http11.upgrade.servlet31.HttpUpgradeHandler; -import org.apache.juli.logging.Log; import org.apache.tomcat.util.ExceptionUtils; import org.apache.tomcat.util.buf.ByteChunk; import org.apache.tomcat.util.buf.HexUtils; @@ -55,9 +54,6 @@ import org.apache.tomcat.util.res.String */ public abstract class AbstractAjpProcessorS extends AbstractProcessorS { -protected abstract Log getLog(); - - /** * The string manager for this package. */ Modified: tomcat/tc7.0.x/trunk/java/org/apache/coyote/http11/AbstractHttp11Processor.java URL: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/coyote/http11/AbstractHttp11Processor.java?rev=1602489r1=1602488r2=1602489view=diff == --- tomcat/tc7.0.x/trunk/java/org/apache/coyote/http11/AbstractHttp11Processor.java (original) +++ tomcat/tc7.0.x/trunk/java/org/apache/coyote/http11/AbstractHttp11Processor.java Fri Jun 13 18:53:38 2014 @@ -40,7 +40,6 @@ import org.apache.coyote.http11.filters. import org.apache.coyote.http11.filters.VoidInputFilter; import org.apache.coyote.http11.filters.VoidOutputFilter; import org.apache.coyote.http11.upgrade.servlet31.HttpUpgradeHandler; -import org.apache.juli.logging.Log; import org.apache.tomcat.util.ExceptionUtils; import org.apache.tomcat.util.buf.Ascii; import org.apache.tomcat.util.buf.ByteChunk; @@ -57,7 +56,6 @@ import org.apache.tomcat.util.res.String public abstract class AbstractHttp11ProcessorS extends AbstractProcessorS { -protected abstract Log getLog(); private final UserDataHelper userDataHelper; /** - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1602501 - in /tomcat/tc7.0.x/trunk: ./ java/org/apache/coyote/ java/org/apache/coyote/ajp/ java/org/apache/coyote/http11/ java/org/apache/tomcat/util/net/ java/org/apache/tomcat/util/net/
Author: markt Date: Fri Jun 13 19:25:23 2014 New Revision: 1602501 URL: http://svn.apache.org/r1602501 Log: Backport change that added generics to Endpoint (needed for a backport to follow) The original commit message was: Create AbstractEndpoint.processSocketAsync() which will enable some further refactoring in the AJP processors. This requires adding generics to the endpoint so this patch also deals with the side effects of adding generics. Modified: tomcat/tc7.0.x/trunk/ (props changed) tomcat/tc7.0.x/trunk/java/org/apache/coyote/AbstractProcessor.java tomcat/tc7.0.x/trunk/java/org/apache/coyote/ajp/AbstractAjpProcessor.java tomcat/tc7.0.x/trunk/java/org/apache/coyote/http11/AbstractHttp11Processor.java tomcat/tc7.0.x/trunk/java/org/apache/coyote/http11/AbstractInputBuffer.java tomcat/tc7.0.x/trunk/java/org/apache/coyote/http11/AbstractOutputBuffer.java tomcat/tc7.0.x/trunk/java/org/apache/coyote/http11/InternalAprInputBuffer.java tomcat/tc7.0.x/trunk/java/org/apache/coyote/http11/InternalAprOutputBuffer.java tomcat/tc7.0.x/trunk/java/org/apache/coyote/http11/InternalInputBuffer.java tomcat/tc7.0.x/trunk/java/org/apache/coyote/http11/InternalNioInputBuffer.java tomcat/tc7.0.x/trunk/java/org/apache/coyote/http11/InternalNioOutputBuffer.java tomcat/tc7.0.x/trunk/java/org/apache/coyote/http11/InternalOutputBuffer.java tomcat/tc7.0.x/trunk/java/org/apache/tomcat/util/net/AbstractEndpoint.java tomcat/tc7.0.x/trunk/java/org/apache/tomcat/util/net/AprEndpoint.java tomcat/tc7.0.x/trunk/java/org/apache/tomcat/util/net/DefaultServerSocketFactory.java tomcat/tc7.0.x/trunk/java/org/apache/tomcat/util/net/JIoEndpoint.java tomcat/tc7.0.x/trunk/java/org/apache/tomcat/util/net/NioEndpoint.java tomcat/tc7.0.x/trunk/java/org/apache/tomcat/util/net/SSLImplementation.java tomcat/tc7.0.x/trunk/java/org/apache/tomcat/util/net/jsse/JSSEImplementation.java tomcat/tc7.0.x/trunk/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java tomcat/tc7.0.x/trunk/test/org/apache/tomcat/util/net/jsse/TesterBug50640SslImpl.java Propchange: tomcat/tc7.0.x/trunk/ -- Merged /tomcat/trunk:r1519623 Modified: tomcat/tc7.0.x/trunk/java/org/apache/coyote/AbstractProcessor.java URL: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/coyote/AbstractProcessor.java?rev=1602501r1=1602500r2=1602501view=diff == --- tomcat/tc7.0.x/trunk/java/org/apache/coyote/AbstractProcessor.java (original) +++ tomcat/tc7.0.x/trunk/java/org/apache/coyote/AbstractProcessor.java Fri Jun 13 19:25:23 2014 @@ -36,7 +36,7 @@ public abstract class AbstractProcessor protected Adapter adapter; protected AsyncStateMachineS asyncStateMachine; -protected AbstractEndpoint endpoint; +protected AbstractEndpointS endpoint; protected Request request; protected Response response; protected SocketWrapperS socketWrapper = null; @@ -55,7 +55,7 @@ public abstract class AbstractProcessor // NOOP } -public AbstractProcessor(AbstractEndpoint endpoint) { +public AbstractProcessor(AbstractEndpointS endpoint) { this.endpoint = endpoint; asyncStateMachine = new AsyncStateMachineS(this); request = new Request(); @@ -86,7 +86,7 @@ public abstract class AbstractProcessor /** * The endpoint receiving connections that are handled by this processor. */ -protected AbstractEndpoint getEndpoint() { +protected AbstractEndpointS getEndpoint() { return endpoint; } Modified: tomcat/tc7.0.x/trunk/java/org/apache/coyote/ajp/AbstractAjpProcessor.java URL: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/coyote/ajp/AbstractAjpProcessor.java?rev=1602501r1=1602500r2=1602501view=diff == --- tomcat/tc7.0.x/trunk/java/org/apache/coyote/ajp/AbstractAjpProcessor.java (original) +++ tomcat/tc7.0.x/trunk/java/org/apache/coyote/ajp/AbstractAjpProcessor.java Fri Jun 13 19:25:23 2014 @@ -227,7 +227,7 @@ public abstract class AbstractAjpProcess // Constructor -public AbstractAjpProcessor(int packetSize, AbstractEndpoint endpoint) { +public AbstractAjpProcessor(int packetSize, AbstractEndpointS endpoint) { super(endpoint); Modified: tomcat/tc7.0.x/trunk/java/org/apache/coyote/http11/AbstractHttp11Processor.java URL: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/coyote/http11/AbstractHttp11Processor.java?rev=1602501r1=1602500r2=1602501view=diff == --- tomcat/tc7.0.x/trunk/java/org/apache/coyote/http11/AbstractHttp11Processor.java (original) +++
svn commit: r1602507 - in /tomcat/tc7.0.x/trunk: ./ java/org/apache/coyote/ java/org/apache/coyote/ajp/ java/org/apache/coyote/http11/ test/org/apache/tomcat/util/net/
Author: markt Date: Fri Jun 13 19:33:43 2014 New Revision: 1602507 URL: http://svn.apache.org/r1602507 Log: Another Endpoint generics related backport. Original message: More side-effects from making endpoints generic Modified: tomcat/tc7.0.x/trunk/ (props changed) tomcat/tc7.0.x/trunk/java/org/apache/coyote/AbstractProtocol.java tomcat/tc7.0.x/trunk/java/org/apache/coyote/ajp/AbstractAjpProtocol.java tomcat/tc7.0.x/trunk/java/org/apache/coyote/ajp/AjpAprProtocol.java tomcat/tc7.0.x/trunk/java/org/apache/coyote/ajp/AjpNioProtocol.java tomcat/tc7.0.x/trunk/java/org/apache/coyote/ajp/AjpProtocol.java tomcat/tc7.0.x/trunk/java/org/apache/coyote/http11/AbstractHttp11JsseProtocol.java tomcat/tc7.0.x/trunk/java/org/apache/coyote/http11/AbstractHttp11Protocol.java tomcat/tc7.0.x/trunk/java/org/apache/coyote/http11/Http11AprProtocol.java tomcat/tc7.0.x/trunk/java/org/apache/coyote/http11/Http11NioProtocol.java tomcat/tc7.0.x/trunk/java/org/apache/coyote/http11/Http11Protocol.java tomcat/tc7.0.x/trunk/java/org/apache/coyote/http11/InternalAprOutputBuffer.java tomcat/tc7.0.x/trunk/test/org/apache/tomcat/util/net/TestCustomSsl.java Propchange: tomcat/tc7.0.x/trunk/ -- Merged /tomcat/trunk:r1519627 Modified: tomcat/tc7.0.x/trunk/java/org/apache/coyote/AbstractProtocol.java URL: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/coyote/AbstractProtocol.java?rev=1602507r1=1602506r2=1602507view=diff == --- tomcat/tc7.0.x/trunk/java/org/apache/coyote/AbstractProtocol.java (original) +++ tomcat/tc7.0.x/trunk/java/org/apache/coyote/AbstractProtocol.java Fri Jun 13 19:33:43 2014 @@ -40,7 +40,7 @@ import org.apache.tomcat.util.net.Socket import org.apache.tomcat.util.net.SocketWrapper; import org.apache.tomcat.util.res.StringManager; -public abstract class AbstractProtocol implements ProtocolHandler, +public abstract class AbstractProtocolS implements ProtocolHandler, MBeanRegistration { /** @@ -82,7 +82,7 @@ public abstract class AbstractProtocol i * ProtocolHandler implementation (ProtocolHandler using BIO, requires BIO * Endpoint etc.). */ -protected AbstractEndpoint endpoint = null; +protected AbstractEndpointS endpoint = null; // --- Generic property handling @@ -540,7 +540,7 @@ public abstract class AbstractProtocol i new RecycledProcessorsP,S(this); -protected abstract AbstractProtocol getProtocol(); +protected abstract AbstractProtocolS getProtocol(); @Override Modified: tomcat/tc7.0.x/trunk/java/org/apache/coyote/ajp/AbstractAjpProtocol.java URL: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/coyote/ajp/AbstractAjpProtocol.java?rev=1602507r1=1602506r2=1602507view=diff == --- tomcat/tc7.0.x/trunk/java/org/apache/coyote/ajp/AbstractAjpProtocol.java (original) +++ tomcat/tc7.0.x/trunk/java/org/apache/coyote/ajp/AbstractAjpProtocol.java Fri Jun 13 19:33:43 2014 @@ -22,7 +22,7 @@ import org.apache.coyote.http11.upgrade. import org.apache.tomcat.util.net.SocketWrapper; import org.apache.tomcat.util.res.StringManager; -public abstract class AbstractAjpProtocol extends AbstractProtocol { +public abstract class AbstractAjpProtocolS extends AbstractProtocolS { /** * The string manager for this package. Modified: tomcat/tc7.0.x/trunk/java/org/apache/coyote/ajp/AjpAprProtocol.java URL: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/coyote/ajp/AjpAprProtocol.java?rev=1602507r1=1602506r2=1602507view=diff == --- tomcat/tc7.0.x/trunk/java/org/apache/coyote/ajp/AjpAprProtocol.java (original) +++ tomcat/tc7.0.x/trunk/java/org/apache/coyote/ajp/AjpAprProtocol.java Fri Jun 13 19:33:43 2014 @@ -34,7 +34,7 @@ import org.apache.tomcat.util.net.Socket * @author Remy Maucherat * @author Costin Manolache */ -public class AjpAprProtocol extends AbstractAjpProtocol { +public class AjpAprProtocol extends AbstractAjpProtocolLong { private static final Log log = LogFactory.getLog(AjpAprProtocol.class); @@ -113,7 +113,7 @@ public class AjpAprProtocol extends Abst } @Override -protected AbstractProtocol getProtocol() { +protected AbstractProtocolLong getProtocol() { return proto; } Modified: tomcat/tc7.0.x/trunk/java/org/apache/coyote/ajp/AjpNioProtocol.java URL: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/coyote/ajp/AjpNioProtocol.java?rev=1602507r1=1602506r2=1602507view=diff
svn commit: r1602508 - in /tomcat/tc7.0.x/trunk: ./ java/org/apache/coyote/AbstractProtocol.java java/org/apache/coyote/ContainerThreadMarker.java
Author: markt Date: Fri Jun 13 19:45:10 2014 New Revision: 1602508 URL: http://svn.apache.org/r1602508 Log: Backport change that added ContainerThreadMarker (needed for a backport to follow) Added: tomcat/tc7.0.x/trunk/java/org/apache/coyote/ContainerThreadMarker.java - copied, changed from r1563206, tomcat/trunk/java/org/apache/coyote/ContainerThreadMarker.java Modified: tomcat/tc7.0.x/trunk/ (props changed) tomcat/tc7.0.x/trunk/java/org/apache/coyote/AbstractProtocol.java Propchange: tomcat/tc7.0.x/trunk/ -- Merged /tomcat/trunk:r1563206 Modified: tomcat/tc7.0.x/trunk/java/org/apache/coyote/AbstractProtocol.java URL: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/coyote/AbstractProtocol.java?rev=1602508r1=1602507r2=1602508view=diff == --- tomcat/tc7.0.x/trunk/java/org/apache/coyote/AbstractProtocol.java (original) +++ tomcat/tc7.0.x/trunk/java/org/apache/coyote/AbstractProtocol.java Fri Jun 13 19:45:10 2014 @@ -576,6 +576,7 @@ public abstract class AbstractProtocolS } wrapper.setAsync(false); +ContainerThreadMarker.markAsContainerThread(); try { if (processor == null) { Copied: tomcat/tc7.0.x/trunk/java/org/apache/coyote/ContainerThreadMarker.java (from r1563206, tomcat/trunk/java/org/apache/coyote/ContainerThreadMarker.java) URL: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/coyote/ContainerThreadMarker.java?p2=tomcat/tc7.0.x/trunk/java/org/apache/coyote/ContainerThreadMarker.javap1=tomcat/trunk/java/org/apache/coyote/ContainerThreadMarker.javar1=1563206r2=1602508rev=1602508view=diff == --- tomcat/trunk/java/org/apache/coyote/ContainerThreadMarker.java (original) +++ tomcat/tc7.0.x/trunk/java/org/apache/coyote/ContainerThreadMarker.java Fri Jun 13 19:45:10 2014 @@ -18,7 +18,7 @@ package org.apache.coyote; public class ContainerThreadMarker { -private static final ThreadLocalBoolean marker = new ThreadLocal(); +private static final ThreadLocalBoolean marker = new ThreadLocalBoolean(); public static boolean isContainerThread() { Boolean flag = marker.get(); - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1602510 - in /tomcat/tc7.0.x/trunk: ./ java/org/apache/catalina/connector/ java/org/apache/coyote/ java/org/apache/coyote/ajp/ java/org/apache/coyote/http11/ java/org/apache/coyote/http11
Author: markt Date: Fri Jun 13 20:21:32 2014 New Revision: 1602510 URL: http://svn.apache.org/r1602510 Log: Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=56518 Do not attempt an NIO write if a thread has been interrupted as it can lead to a connection limit leak Modified: tomcat/tc7.0.x/trunk/ (props changed) tomcat/tc7.0.x/trunk/java/org/apache/catalina/connector/CoyoteAdapter.java tomcat/tc7.0.x/trunk/java/org/apache/coyote/AbstractProcessor.java tomcat/tc7.0.x/trunk/java/org/apache/coyote/Adapter.java tomcat/tc7.0.x/trunk/java/org/apache/coyote/LocalStrings.properties tomcat/tc7.0.x/trunk/java/org/apache/coyote/Processor.java tomcat/tc7.0.x/trunk/java/org/apache/coyote/ajp/AbstractAjpProcessor.java tomcat/tc7.0.x/trunk/java/org/apache/coyote/ajp/AjpAprProcessor.java tomcat/tc7.0.x/trunk/java/org/apache/coyote/ajp/AjpNioProcessor.java tomcat/tc7.0.x/trunk/java/org/apache/coyote/ajp/AjpProcessor.java tomcat/tc7.0.x/trunk/java/org/apache/coyote/http11/AbstractHttp11Processor.java tomcat/tc7.0.x/trunk/java/org/apache/coyote/http11/Http11AprProcessor.java tomcat/tc7.0.x/trunk/java/org/apache/coyote/http11/Http11NioProcessor.java tomcat/tc7.0.x/trunk/java/org/apache/coyote/http11/upgrade/AbstractProcessor.java tomcat/tc7.0.x/trunk/java/org/apache/coyote/http11/upgrade/UpgradeProcessor.java tomcat/tc7.0.x/trunk/java/org/apache/tomcat/util/net/AbstractEndpoint.java tomcat/tc7.0.x/trunk/java/org/apache/tomcat/util/net/NioChannel.java tomcat/tc7.0.x/trunk/java/org/apache/tomcat/util/net/NioEndpoint.java tomcat/tc7.0.x/trunk/java/org/apache/tomcat/util/net/SecureNioChannel.java tomcat/tc7.0.x/trunk/java/org/apache/tomcat/util/net/SocketStatus.java tomcat/tc7.0.x/trunk/java/org/apache/tomcat/util/net/res/LocalStrings.properties tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml Propchange: tomcat/tc7.0.x/trunk/ -- Merged /tomcat/trunk:r1602198 Modified: tomcat/tc7.0.x/trunk/java/org/apache/catalina/connector/CoyoteAdapter.java URL: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/catalina/connector/CoyoteAdapter.java?rev=1602510r1=1602509r2=1602510view=diff == --- tomcat/tc7.0.x/trunk/java/org/apache/catalina/connector/CoyoteAdapter.java (original) +++ tomcat/tc7.0.x/trunk/java/org/apache/catalina/connector/CoyoteAdapter.java Fri Jun 13 20:21:32 2014 @@ -469,6 +469,34 @@ public class CoyoteAdapter implements Ad @Override +public void errorDispatch(org.apache.coyote.Request req, +org.apache.coyote.Response res) { +Request request = (Request) req.getNote(ADAPTER_NOTES); +Response response = (Response) res.getNote(ADAPTER_NOTES); + +if (request != null request.getMappingData().context != null) { +((Context) request.getMappingData().context).logAccess( +request, response, +System.currentTimeMillis() - req.getStartTime(), +false); +} else { +log(req, res, System.currentTimeMillis() - req.getStartTime()); +} + +if (request != null) { +request.recycle(); +} + +if (response != null) { +response.recycle(); +} + +res.recycle(); +res.recycle(); +} + + +@Override public void log(org.apache.coyote.Request req, org.apache.coyote.Response res, long time) { Modified: tomcat/tc7.0.x/trunk/java/org/apache/coyote/AbstractProcessor.java URL: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/coyote/AbstractProcessor.java?rev=1602510r1=1602509r2=1602510view=diff == --- tomcat/tc7.0.x/trunk/java/org/apache/coyote/AbstractProcessor.java (original) +++ tomcat/tc7.0.x/trunk/java/org/apache/coyote/AbstractProcessor.java Fri Jun 13 20:21:32 2014 @@ -69,8 +69,20 @@ public abstract class AbstractProcessor * Update the current error state to the new error state if the new error * state is more severe than the current error state. */ -protected void setErrorState(ErrorState errorState) { +protected void setErrorState(ErrorState errorState, Throwable t) { +boolean blockIo = this.errorState.isIoAllowed() !errorState.isIoAllowed(); this.errorState = this.errorState.getMostSevere(errorState); +if (blockIo !ContainerThreadMarker.isContainerThread()) { +// The error occurred on a non-container thread which means not all +// of the necessary clean-up will have been completed. Dispatch to +// a container thread to do the clean-up. Need to do it this way to +// ensure that all the necessary clean-up is performed. +if
svn commit: r1602521 - in /tomcat/trunk/webapps: docs/changelog.xml examples/WEB-INF/classes/CookieExample.java
Author: markt Date: Fri Jun 13 21:04:05 2014 New Revision: 1602521 URL: http://svn.apache.org/r1602521 Log: Set the path for cookies created by the examples web app This reduces the opportunity for using such cookies for malicious purposes should the advice to remove the examples web application from security sensitive systems be ignored. Modified: tomcat/trunk/webapps/docs/changelog.xml tomcat/trunk/webapps/examples/WEB-INF/classes/CookieExample.java Modified: tomcat/trunk/webapps/docs/changelog.xml URL: http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1602521r1=1602520r2=1602521view=diff == --- tomcat/trunk/webapps/docs/changelog.xml (original) +++ tomcat/trunk/webapps/docs/changelog.xml Fri Jun 13 21:04:05 2014 @@ -256,6 +256,17 @@ /fix /changelog /subsection + subsection name=Web applications +changelog + fix +Set the path for cookies created by the examples web application so they +only returned to the examples application. This reduces the opportunity +for using such cookies for malicious purposes should the advice to +remove the examples web application from security sensitive systems be +ignored. (markt) + /fix +/changelog + /subsection subsection name=Other changelog update Modified: tomcat/trunk/webapps/examples/WEB-INF/classes/CookieExample.java URL: http://svn.apache.org/viewvc/tomcat/trunk/webapps/examples/WEB-INF/classes/CookieExample.java?rev=1602521r1=1602520r2=1602521view=diff == --- tomcat/trunk/webapps/examples/WEB-INF/classes/CookieExample.java (original) +++ tomcat/trunk/webapps/examples/WEB-INF/classes/CookieExample.java Fri Jun 13 21:04:05 2014 @@ -50,6 +50,7 @@ public class CookieExample extends HttpS Cookie aCookie = null; if (cookieName != null cookieValue != null) { aCookie = new Cookie(cookieName, cookieValue); +aCookie.setPath(request.getServletContext().getContextPath()); response.addCookie(aCookie); } - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1602522 - in /tomcat/tc7.0.x/trunk: ./ webapps/docs/changelog.xml webapps/examples/WEB-INF/classes/CookieExample.java
Author: markt Date: Fri Jun 13 21:05:53 2014 New Revision: 1602522 URL: http://svn.apache.org/r1602522 Log: Set the path for cookies created by the examples web app This reduces the opportunity for using such cookies for malicious purposes should the advice to remove the examples web application from security sensitive systems be ignored. Modified: tomcat/tc7.0.x/trunk/ (props changed) tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml tomcat/tc7.0.x/trunk/webapps/examples/WEB-INF/classes/CookieExample.java Propchange: tomcat/tc7.0.x/trunk/ -- Merged /tomcat/trunk:r1602521 Modified: tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml URL: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml?rev=1602522r1=1602521r2=1602522view=diff == --- tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml (original) +++ tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml Fri Jun 13 21:05:53 2014 @@ -164,6 +164,17 @@ /fix /changelog /subsection + subsection name=Web applications +changelog + fix +Set the path for cookies created by the examples web application so they +only returned to the examples application. This reduces the opportunity +for using such cookies for malicious purposes should the advice to +remove the examples web application from security sensitive systems be +ignored. (markt) + /fix +/changelog + /subsection /section section name=Tomcat 7.0.54 (violetagg) rtext=released 2014-05-22 subsection name=Catalina Modified: tomcat/tc7.0.x/trunk/webapps/examples/WEB-INF/classes/CookieExample.java URL: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/webapps/examples/WEB-INF/classes/CookieExample.java?rev=1602522r1=1602521r2=1602522view=diff == --- tomcat/tc7.0.x/trunk/webapps/examples/WEB-INF/classes/CookieExample.java (original) +++ tomcat/tc7.0.x/trunk/webapps/examples/WEB-INF/classes/CookieExample.java Fri Jun 13 21:05:53 2014 @@ -50,6 +50,7 @@ public class CookieExample extends HttpS Cookie aCookie = null; if (cookieName != null cookieValue != null) { aCookie = new Cookie(cookieName, cookieValue); +aCookie.setPath(request.getServletContext().getContextPath()); response.addCookie(aCookie); } - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Building tcnative on win32
All, I've spent some time trying to script a soup-to-nuts repeatable build of tcnative on win32. I've made some progress but I'm hitting a few snags that perhaps some folks could help with. First, I want the script to fetch as much stuff as possible for the user instead of relying on a great deal of previously-installed software. My current requirements -- other than MSVC++ -- are for wget.exe and 7za.exe to be available. If anyone knows how to script an HTTP download or a ZIP-decompress from a Windows command-line without either of those tools, I'd greatly appreciate some insight. (This is where I mention that, really, getting anything done on Windows that doesn't involve Microsoft Excel and nothing else is absolutely excruciating. Running Windows 8 in a VM means that even editing my batch script is a challenge, as the meta keys from Mac - Windows don't match up and I feel like I'm learning to type all over again. Sign.) We need to patch both openssl and libapr before building them, so we need patch. There's a GNU win32 ports project where I can get patch.exe, but its got two problems: 1. It needs to be patched (ha!) to *not* require administrator access. Why does patch.exe need administrator access to run? Your guess is as good as mine. 2. It seems to be crashing when I try to actually patch something: C:\Users\IEUser\AppData\Local\Temp\build-tcnative\build\openssl-1.0.1h\Users\IEUser\Desktop\tools\patch.exe -i ..\tomcat-native-1.1.30-win32-src\jni\native\srclib\openssl\openssl-msvcrt.patch -p 0 --dry-run patching file util/pl/VC-32.pl Assertion failed: hunk, file ../patch-2.5.9-src/patch.c, line 354 This application has requested the Runtime to terminate it in an unusual way. Please contact the application's support team for more information. If anyone knows of a good patch program for win32, I'd really appreciate that, too. I've gotten some help from the apr folks with building APR on win32 as well. Their instructions on the web site are outright lies, but it seems that instructions that can be found elsewhere (like in the source distro) that are significantly less complicated (e.g. run nmake) and seem to work. I have to get apr building against OpenSSL but that is apparently fairly trivial. Once I get get those beasts built, I can follow Mladen's instructions for building tcnative which are fairly straightforward. Ultimately, my goal is to get a script that can be maintained that does the following: 1. Obtains all sources necessary (openssl, apr, tcnative) 2. Patches all sources as necessary 3. Builds each component 4. Produces a statically-linked binary for distribution Does anyone know why we bother with a statically-linked tcnative.dll rather than just shipping a regular DLL and have users provide their own apr.dll and openssl.dll? It seems like it might be easier if we didn't have to build everything ourselves. Also, for things like upgrading OpenSSL, it would often be a drop-in replacement instead of having to re-build everything from scratch. Thanks, -chris signature.asc Description: OpenPGP digital signature
Re: Building tcnative on win32
2014-06-14 1:36 GMT+04:00 Christopher Schultz ch...@christopherschultz.net: All, I've spent some time trying to script a soup-to-nuts repeatable build of tcnative on win32. I've made some progress but I'm hitting a few snags that perhaps some folks could help with. First, I want the script to fetch as much stuff as possible for the user instead of relying on a great deal of previously-installed software. My current requirements -- other than MSVC++ -- are for wget.exe and 7za.exe to be available. If anyone knows how to script an HTTP download or a ZIP-decompress from a Windows command-line without either of those tools, I'd greatly appreciate some insight. Maybe Java + Apache Ant? Or maybe NAnt has some tasks for that http://nant.sourceforge.net/ (This is where I mention that, really, getting anything done on Windows that doesn't involve Microsoft Excel and nothing else is absolutely excruciating. Running Windows 8 in a VM means that even editing my batch script is a challenge, as the meta keys from Mac - Windows don't match up and I feel like I'm learning to type all over again. Sign.) For simple editing I use FAR Manager built-in editor. http://www.farmanager.com/screenshots.php?l=en We need to patch both openssl and libapr before building them, so we need patch. There's a GNU win32 ports project where I can get patch.exe, but its got two problems: () This package? How did you install it? (Interactive installer, or zip). http://gnuwin32.sourceforge.net/packages/patch.htm [quote] from Installation, Usage and Help of the above page On MS-Windows, the patchfile must be a text file, i.e. CR-LF must be used as line endings. A file with LF may give the error: Assertion failed, hunk, file patch.c, line 343, unless the option '--binary' is given. [/quote] Best regards, Konstantin Kolinko - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: svn commit: r1602386 - in /tomcat/tc7.0.x/trunk: ./ java/org/apache/coyote/http11/AbstractHttp11Processor.java
2014-06-13 22:01 GMT+04:00 Mark Thomas ma...@apache.org: On 13/06/2014 16:23, Konstantin Kolinko wrote: 2014-06-13 15:37 GMT+04:00 ma...@apache.org: Author: markt Date: Fri Jun 13 11:37:24 2014 New Revision: 1602386 URL: http://svn.apache.org/r1602386 Log: Tiny bit of de-duplication. Add reference to RFC2616 for case insensitivity of transfer encoding names. Modified: tomcat/tc7.0.x/trunk/ (props changed) tomcat/tc7.0.x/trunk/java/org/apache/coyote/http11/AbstractHttp11Processor.java Propchange: tomcat/tc7.0.x/trunk/ -- Merged /tomcat/trunk:r1599739 Modified: tomcat/tc7.0.x/trunk/java/org/apache/coyote/http11/AbstractHttp11Processor.java URL: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/coyote/http11/AbstractHttp11Processor.java?rev=1602386r1=1602385r2=1602386view=diff == --- tomcat/tc7.0.x/trunk/java/org/apache/coyote/http11/AbstractHttp11Processor.java (original) +++ tomcat/tc7.0.x/trunk/java/org/apache/coyote/http11/AbstractHttp11Processor.java Fri Jun 13 11:37:24 2014 @@ -713,8 +713,12 @@ public abstract class AbstractHttp11Proc * Add an input filter to the current request. If the encoding is not * supported, a 501 response will be returned to the client. */ -protected void addInputFilter(InputFilter[] inputFilters, - String encodingName) { +private void addInputFilter(InputFilter[] inputFilters, String encodingName) { + +// Trim provided encoding name and convert to lower case since transfer +// encoding names are case insensitive. (RFC2616, section 3.6) +encodingName = encodingName.trim().toLowerCase(Locale.ENGLISH); + if (encodingName.equals(identity)) { // Skip } else if (encodingName.equals(chunked)) { @@ -1314,14 +1318,12 @@ public abstract class AbstractHttp11Proc int commaPos = transferEncodingValue.indexOf(','); String encodingName = null; while (commaPos != -1) { -encodingName = transferEncodingValue.substring( -startPos, commaPos).toLowerCase(Locale.ENGLISH).trim(); +encodingName = transferEncodingValue.substring(startPos, commaPos); The new code needs trim() in the above line. Conversion to lowercase can be done once, but trimming must be done for each encodingName in the loop there. Why? The possibly mixed-case, possibly non-trimmed value is passed to addInputFilter() where it is trimmed and converted to lower case. What am I missing? Ack. You are correct. (My bad sight. I looked at diff without its context and somehow though that both parts of the change were in the same block of code. They are actually in different methods, 600 lines apart). Best regards, Konstantin Kolinko - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
RE: Building tcnative on win32
Hi Christopher, -Original Message- From: Christopher Schultz [mailto:ch...@christopherschultz.net] Sent: Friday, June 13, 2014 11:36 PM To: dev@tomcat.apache.org Subject: Building tcnative on win32 All, I've spent some time trying to script a soup-to-nuts repeatable build of tcnative on win32. I've made some progress but I'm hitting a few snags that perhaps some folks could help with. First, I want the script to fetch as much stuff as possible for the user instead of relying on a great deal of previously-installed software. My current requirements -- other than MSVC++ -- are for wget.exe and 7za.exe to be available. If anyone knows how to script an HTTP download or a ZIP-decompress from a Windows command-line without either of those tools, I'd greatly appreciate some insight. If you look for a more powerful scripting environment included in Windows than cmd.exe, you can take a look at Windows Powershell [1] which has been introduced with Vista. I haven't worked much with Powershell yet so I can't comment on how useful it is, but I know that is based on .Net so you should be able to do anything that you could do in C#/.Net. For example, to download a file you should be able to use System.Web.WebClient like it is described at [2]. For extracting a ZIP file, you could use System.IO.Compression.ZipFile.ExtractToDirectory() as described at [3]. Regards, Konstantin Preißer [1] http://en.wikipedia.org/wiki/Windows_PowerShell [2] http://answers.oreilly.com/topic/2006-how-to-download-a-file-from-the-internet-with-windows-powershell/ [3] http://serverfault.com/a/461812 (This is where I mention that, really, getting anything done on Windows that doesn't involve Microsoft Excel and nothing else is absolutely excruciating. Running Windows 8 in a VM means that even editing my batch script is a challenge, as the meta keys from Mac - Windows don't match up and I feel like I'm learning to type all over again. Sign.) We need to patch both openssl and libapr before building them, so we need patch. There's a GNU win32 ports project where I can get patch.exe, but its got two problems: 1. It needs to be patched (ha!) to *not* require administrator access. Why does patch.exe need administrator access to run? Your guess is as good as mine. 2. It seems to be crashing when I try to actually patch something: C:\Users\IEUser\AppData\Local\Temp\build-tcnative\build\openssl- 1.0.1h\Users\IEUser\Desktop\tools\patch.exe -i ..\tomcat-native-1.1.30-win32-src\jni\native\srclib\openssl\openssl- msvcrt.patch -p 0 --dry-run patching file util/pl/VC-32.pl Assertion failed: hunk, file ../patch-2.5.9-src/patch.c, line 354 This application has requested the Runtime to terminate it in an unusual way. Please contact the application's support team for more information. If anyone knows of a good patch program for win32, I'd really appreciate that, too. I've gotten some help from the apr folks with building APR on win32 as well. Their instructions on the web site are outright lies, but it seems that instructions that can be found elsewhere (like in the source distro) that are significantly less complicated (e.g. run nmake) and seem to work. I have to get apr building against OpenSSL but that is apparently fairly trivial. Once I get get those beasts built, I can follow Mladen's instructions for building tcnative which are fairly straightforward. Ultimately, my goal is to get a script that can be maintained that does the following: 1. Obtains all sources necessary (openssl, apr, tcnative) 2. Patches all sources as necessary 3. Builds each component 4. Produces a statically-linked binary for distribution Does anyone know why we bother with a statically-linked tcnative.dll rather than just shipping a regular DLL and have users provide their own apr.dll and openssl.dll? It seems like it might be easier if we didn't have to build everything ourselves. Also, for things like upgrading OpenSSL, it would often be a drop-in replacement instead of having to re-build everything from scratch. Thanks, -chris - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Tomcat Wiki] Update of Specifications by KonstantinKolinko
Dear Wiki user, You have subscribed to a wiki page or wiki category on Tomcat Wiki for change notification. The Specifications page has been changed by KonstantinKolinko: https://wiki.apache.org/tomcat/Specifications?action=diffrev1=32rev2=33 Comment: Add links to new HTTP/1.1 specifications || HTTP 0.9 || [[http://www.w3.org/Protocols/HTTP/AsImplemented.html|The Original HTTP as defined in 1991]] at W3.org|| || HTTP/1.0 || [[http://tools.ietf.org/html/rfc1945|RFC 1945]] || - || HTTP/1.1 || [[http://tools.ietf.org/html/rfc2616|RFC 2616]] || + || HTTP/1.1 || [[http://tools.ietf.org/html/rfc2068|RFC 2068]] (January 1997) - obsolete, replaced by 2616BR[[http://tools.ietf.org/html/rfc2616|RFC 2616]] (June 1999) - obsolete, replaced by 7230...7235BR[[http://tools.ietf.org/html/rfc7230|RFC 7230]] (June 2014) - Message Syntax and RoutingBR[[http://tools.ietf.org/html/rfc7231|RFC 7231]] (June 2014) - Semantics and ContentBR[[http://tools.ietf.org/html/rfc7232|RFC 7232]] (June 2014) - Conditional RequestsBR[[http://tools.ietf.org/html/rfc7233|RFC 7233]] (June 2014) - Range RequestsBR[[http://tools.ietf.org/html/rfc7234|RFC 7234]] (June 2014) - CachingBR[[http://tools.ietf.org/html/rfc7235|RFC 7235]] (June 2014) - Authentication || === Related Specifications === - || [[http://tools.ietf.org/html/rfc2617|RFC 2617]] || HTTP Authentication: Basic and Digest Access AuthenticationBRCovers BASIC and DIGEST authentication methods || + || [[http://tools.ietf.org/html/rfc2617|RFC 2617]] || HTTP Authentication: Basic and Digest Access AuthenticationBRIt covers BASIC and DIGEST authentication methodsBRIt was updated by [[http://tools.ietf.org/html/rfc7235|RFC 7235]]. || == AJP == - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
buildbot success in ASF Buildbot on tomcat-trunk
The Buildbot has detected a restored build on builder tomcat-trunk while building ASF Buildbot. Full details are available at: http://ci.apache.org/builders/tomcat-trunk/builds/173 Buildbot URL: http://ci.apache.org/ Buildslave for this Build: bb-vm_ubuntu Build Reason: scheduler Build Source Stamp: [branch tomcat/trunk] 1602521 Blamelist: markt Build succeeded! sincerely, -The Buildbot - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org